自定义SSL处理停止工作的Android 2.2 Froyo [英] Custom SSL handling stopped working on Android 2.2 FroYo
问题描述
有关我的应用程序,Transdroid,我通过HTTP通过HTTPS连接到远程服务器和可选的安全。对于HttpClient的这些HTTPS连接我使用的是自定义的SSL套接字工厂实现,以确保自签名证书的工作。基本上,我接受一切,无视任何证书的每个检查。
For my app, Transdroid, I am connecting to remote servers via HTTP and optionally securely via HTTPS. For these HTTPS connections with the HttpClient I am using a custom SSL socket factory implementation to make sure self-signed certificates are working. Basically, I accept everything and ignore every checking of any certificate.
这是工作的罚款有一段时间了,但它不再是工作的Android 2.2 Froyo。当尝试连接,它会返回一个例外:
This has been working fine for some time now, but it no longer work for Android 2.2 FroYo. When trying to connect, it will return an exception:
java.io.IOException: SSL handshake failure: I/O error during system call, Broken pipe
下面是我的初始化HttpClient的:
Here is how I initialize the HttpClient:
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", new PlainSocketFactory(), 80));
registry.register(new Scheme("https", (trustAll ? new FakeSocketFactory() : SSLSocketFactory.getSocketFactory()), 443));
client = new DefaultHttpClient(new ThreadSafeClientConnManager(httpParams, registry), httpParams);
我利用一个FakeSocketFactory和FakeTrustManager,它的来源可以在这里找到的:<一href="http://$c$c.google.com/p/transdroid/source/browse/#svn/trunk/src/org/transdroid/util">http://$c$c.google.com/p/transdroid/source/browse/#svn/trunk/src/org/transdroid/util
此外,我不明白为什么它突然停止工作,甚至什么样的错误断管的意思。我看到的微博消息的Seesmic和Twidroid失败,SSL的升级Froyo启用为好,但我不能确定它是否有关。
Again, I don't understand why it suddenly stopped work, or even what the error 'Broken pipe' means. I have seen messages on Twitter that Seesmic and Twidroid fail with SSL enabled on FroYo as well, but am unsure if it's related.
感谢您的任何指示/帮助!
Thanks for any directions/help!
推荐答案
下面就是答案,有很多很多的感谢一个有用的Seesmic的开发商愿意分享此修复程序:
Here is the answer, with many, many thanks to a helpful Seesmic developer willing to share the fix:
在自定义套接字工厂,插座创造(与中的createSocket )显然已经专门修改了 SSLSocketFactory的实现。因此,旧的:
In the custom socket factory, the socket creation (with createSocket) has apparently been changed specifically for the SSLSocketFactory implementation. So the old:
@Override
public Socket createSocket(Socket socket, String host, int port, boolean autoClose)
throws IOException, UnknownHostException {
return getSSLContext().getSocketFactory().createSocket();
}
需要更改为:
Needs to be changed to:
@Override
public Socket createSocket(Socket socket, String host, int port, boolean autoClose)
throws IOException, UnknownHostException {
return getSSLContext().getSocketFactory().createSocket(socket, host, port, autoClose);
}
,然后重新为我工作!
And then it worked again for me!
更新:由于这仍然是一个受欢迎的回答,让我更新我的链接工作code。 <一href="https://github.com/erickok/transdroid/blob/master/app/src/main/java/org/transdroid/daemon/util/TlsSniSocketFactory.java"相对=nofollow>支持现代协议(TLS 1.1+),SNI和可选此启用SSL套接字工厂允许<一个href="https://github.com/erickok/transdroid/blob/master/app/src/main/java/org/transdroid/daemon/util/IgnoreSSLTrustManager.java"相对=nofollow>接受所有证书(不安全,忽略所有SSL证书)或者<一href="https://github.com/erickok/transdroid/blob/master/app/src/main/java/org/transdroid/daemon/util/SelfSignedTrustManager.java"相对=nofollow>自签名证书(由SHA-1散列)。
UPDATE: As this is still a popular answer, let me update my link to working code. This SSl-enabled socket factory that support modern protocols (TLS 1.1+), SNI and optionally allows to accept all certificates (insecure, ignores all SSL certificates) or a self-signed certificates (by SHA-1 hash).
这篇关于自定义SSL处理停止工作的Android 2.2 Froyo的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
