Android-FTPS会话重用-无字段sessionHostPortCache [英] Android - FTPS Session Reuse - No field sessionHostPortCache
问题描述
我正在使用Android Studio在Android上开发应用程序,我想使用FTP将文件发送到服务器.我需要支持会话重用,因为服务器由托管服务提供商托管,并且显然他们已启用了会话重用.
I'm developing an application on Android with Android Studio and I want to use FTP to send files to a server. I need to support session reuse since the server is hosted by an hosting service provider and they obviously have session reuse enabled.
我在这篇文章中找到了这种反射黑客被许多人用来使之成为可能:
I found this reflection hack in this post used by many to make make this possible:
// adapted from:
// https://trac.cyberduck.io/browser/trunk/ftp/src/main/java/ch/cyberduck/core/ftp/FTPClient.java
@Override
protected void _prepareDataSocket_(final Socket socket) throws IOException {
if (socket instanceof SSLSocket) {
// Control socket is SSL
final SSLSession session = ((SSLSocket) _socket_).getSession();
if (session.isValid()) {
final SSLSessionContext context = session.getSessionContext();
try {
final Field sessionHostPortCache = context.getClass().getDeclaredField("sessionHostPortCache");
sessionHostPortCache.setAccessible(true);
final Object cache = sessionHostPortCache.get(context);
final Method method = cache.getClass().getDeclaredMethod("put", Object.class, Object.class);
method.setAccessible(true);
method.invoke(cache, String
.format("%s:%s", socket.getInetAddress().getHostName(), String.valueOf(socket.getPort()))
.toLowerCase(Locale.ROOT), session);
method.invoke(cache, String
.format("%s:%s", socket.getInetAddress().getHostAddress(), String.valueOf(socket.getPort()))
.toLowerCase(Locale.ROOT), session);
} catch (NoSuchFieldException e) {
throw new IOException(e);
} catch (Exception e) {
throw new IOException(e);
}
} else {
throw new IOException("Invalid SSL Session");
}
}
}
以下是使用SSLSessionReuseFTPSClient的代码:
Here's the code that uses SSLSessionReuseFTPSClient:
System.setProperty("jdk.tls.useExtendedMasterSecret", "false");
String host = "xxxxxxxx";
String user = "xxxxxxxx";
String password = "xxxxxxxx";
String directory = "xxxxxxxx";
ProtocolCommandListener listener = new MyProtocolCommandListener(host);
SSLSessionReuseFTPSClient client = new SSLSessionReuseFTPSClient("TLS", false);
client.addProtocolCommandListener(listener);
try {
client.connect(host);
client.execPBSZ(0);
client.execPROT("P");
if (client.login(user, password)) {
Log.w("myApp", "Logged in as " + user + " on " + host + ".");
}
if (client.changeWorkingDirectory(directory)) {
Log.w("myApp", "Working directory changed to " + directory + ".");
}
client.enterLocalPassiveMode();
InputStream input = new FileInputStream(file);
if (client.storeFile(file.getName(), input)) {
Log.w("myApp", "File " + file.getName() + " sent to " + host + ".");
} else {
Log.w("myApp", "Couldn't send file " + file.getName() + " to " + host + ".");
Log.w("myApp", "Reply: " + client.getReplyString());
}
client.logout();
client.disconnect();
} catch (Exception e) {
e.printStackTrace();
}
我首先在Eclipse中尝试过,并且有效.然后我尝试在我的Android应用程序中实现它,但出现此错误:
I first tried in Eclipse, and it worked. Then I tried to implement it in my Android application, but I get this error:
java.io.IOException: java.lang.NoSuchFieldException: No field sessionHostPortCache in class Lcom/android/org/conscrypt/ClientSessionContext; (declaration of 'com.android.org.conscrypt.ClientSessionContext' appears in /system/framework/conscrypt.jar)
我注意到,当我在Eclipse中执行代码并打印 context 类名时,得到的是: sun.security.ssl.SSLSessionContextImpl ,但是在Android中Studio,我得到: com.android.org.conscrypt.ClientSessionContext .
I noticed that, when I execute the code in Eclipse and print the context class name, I get this: sun.security.ssl.SSLSessionContextImpl, but in Android Studio, I get: com.android.org.conscrypt.ClientSessionContext.
我已经连续搜索了将近两天,但我还没有足够的经验来知道发生了什么.为什么使用 com.android.org.conscrypt.ClientSessionContext 代替 sun.security.ssl.SSLSessionContextImpl ?我检查了java.security文件,从我看到的结果来看,应该使用 sun.security.ssl.SSLSessionContextImpl .
I've been searching for almost two days straight and I'm just not experienced enough to know what is up. Why is com.android.org.conscrypt.ClientSessionContext use instead of sun.security.ssl.SSLSessionContextImpl ? I check the java.security file and from what I see, sun.security.ssl.SSLSessionContextImpl should be used.
如果有人可以帮助我,我将非常感激.
If someone could help me with this, I would be insanely grateful.
最后,这是一些有用的信息:
Finally, here's some information that could be useful :
Android Studio 3.6.2
commons-net-3.6
openjdk version "1.8.0_212-release"
OpenJDK Runtime Environment (build 1.8.0_212-release-1586-b04)
OpenJDK 64-Bit Server VM (build 25.212-b04, mixed mode)
谢谢!
推荐答案
基于对Java cyberduck解决方案的相同想法,我重写了FTPSClient的" prepareDataSocket "方法,使其能够正常运行安卓.我在Android 9.0和Android 5.1.1中对其进行了测试,并且工作正常.代码是:
Based on the same idea of the Java cyberduck's solution, I overrided the "prepareDataSocket" method of the FTPSClient to make it works on Android. I test it in Android 9.0 and in Android 5.1.1 and it works fine. The code was:
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSessionContext;
import javax.net.ssl.SSLSocket;
import org.apache.commons.net.ftp.FTPSClient;
public class TLSAndroidFTPSClient extends FTPSClient
{
@Override
protected void _prepareDataSocket_(final Socket socket) throws IOException
{
if (socket instanceof SSLSocket)
{
final SSLSession sessionAux = ((SSLSocket) _socket_).getSession();
if(sessionAux.isValid())
{
final SSLSessionContext sessionsContext = sessionAux.getSessionContext();
try
{
// lets find the sessions in the context' cache
final Field fieldSessionsInContext =sessionsContext.getClass().getDeclaredField("sessionsByHostAndPort");
fieldSessionsInContext.setAccessible(true);
final Object sessionsInContext = fieldSessionsInContext.get(sessionsContext);
// lets find the session of our conexion
int portNumb=sessionAux.getPeerPort();
Set keys=((HashMap)sessionsInContext).keySet();
if(keys.size()==0)
throw new IOException("Invalid SSL Session");
final Field fieldPort=((keys.toArray())[0]).getClass().getDeclaredField("port");
fieldPort.setAccessible(true);
int i=0;
while(i<keys.size() && ((int)fieldPort.get((keys.toArray())[i]))!=portNumb)
i++;
if(i<keys.size()) // it was found
{
Object ourKey=(keys.toArray())[i];
// building two objects like our key but with the new port and the host Name and host address
final Constructor construc =ourKey.getClass().getDeclaredConstructor(String.class, int.class);
construc.setAccessible(true);
Object copy1Key=construc.newInstance(socket.getInetAddress().getHostName(),socket.getPort());
Object copy2Key=construc.newInstance(socket.getInetAddress().getHostAddress(),socket.getPort());
// getting our session
Object ourSession=((HashMap)sessionsInContext).get(ourKey);
// Lets add the pairs copy1Key-ourSession & copy2Key-ourSession to the context'cache
final Method method = sessionsInContext.getClass().getDeclaredMethod("put", Object.class, Object.class);
method.setAccessible(true);
method.invoke(sessionsInContext,copy1Key,ourSession);
method.invoke(sessionsInContext,copy2Key,ourSession);
}
else
throw new IOException("Invalid SSL Session");
} catch (NoSuchFieldException e) {
throw new IOException(e);
} catch (Exception e) {
throw new IOException(e);
}
} else {
throw new IOException("Invalid SSL Session");
}
}
}
}
这篇关于Android-FTPS会话重用-无字段sessionHostPortCache的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
