检测SSL连接并将套接字转换为SSLSocket [英] Detecting SSL connection and converting socket to SSLSocket
问题描述
更新(此问题已解决):我已更新此问题中的代码以包含现在正在运行的代码,请随意在自己的作品中使用它(代码示例已模式为为了简单起见,你需要付出代价。
UPDATE (This Question Have been Solved): I have updated the code in this question to contain the now working code, feel free to use it in your own works (Code samples have been mode to pastbins for simplicity)
下午好StackOverflow,
Good afternoon StackOverflow,
所以过去一天或我一直在努力一个具有Web界面的服务器软件,我一直在尝试设置HTTPS连接的处理。我让它工作得很好但是现在我只想在一个TCP端口上处理HTTP和HTTPS连接。
So for the past day or to I have been working on a server software that has a web interface and I have been trying to setup handling for HTTPS connections. I got it to work fine and every thing but now I am trying to handle both HTTP and HTTPS connections on the one TCP port.
我有能够检测到SSL的代码/ TLS ClientHello消息,问题是在检测到消息后尝试将痛苦文本套接字转换为SSLSocket,在我正在使用的代码中如下。
I have code that can detect a SSL/TLS ClientHello message, the problem is trying to convert the pain text socket to a SSLSocket once the message has been detected, bellow in the code I am using.
WebServer.java - > http://pastebin.com/JSjNpC2Y
SecurityTools.java - > http://pastebin.com/Q8yVLNp7
BufferedSocket.java - > http://pastebin.com/SuWB8P7r
BufferedSocketServer.java - > http://pastebin.com/Nr7MrhEH
当我连接HTTP时什么都没发生,甚至没有错误或异常行和当我使用HTTPS连接时,我得到以下一组异常(我链接到一个粘贴bin以节省此帖子中的空间)
When I connect with HTTP nothing at all happens, not even a error or exception is throw and when I connect with HTTPS I get the following set of exceptions (I am linking to a paste bin to save space in this post)
任何和所有的帮助和建议都是欢迎。
Any and all help and suggestions are welcome.
感谢您的帮助!
推荐答案
重置您自己的输入流对底层套接字没有影响。您需要为Socket类创建自己的包装器,它返回一个可标记的输入流。然后,如果它是SSL,则需要重置该流,并将您的包装器传递给SSLSocketFactory。否则它将看不到您看到的客户端问候。
Resetting your own input stream has no effect on the underlying socket. You need to create your own wrapper for the Socket class, that returns a markable input stream. Then you need to reset that stream if it's SSL and pass your wrapper to the SSLSocketFactory. Otherwise it won't see the client hello that you saw.
这篇关于检测SSL连接并将套接字转换为SSLSocket的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
