From 883f336885b1f2f177fffea4ad4f9a327d86749c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=94=B0=E9=A2=86?= Date: Tue, 23 Oct 2018 20:54:20 +0800 Subject: [PATCH] fix hostname was not verified below on android5.* --- .../src/main/java/com/rnfs/Downloader.java | 70 +++++++++++++++++-- 1 file changed, 63 insertions(+), 7 deletions(-) diff --git a/android/src/main/java/com/rnfs/Downloader.java b/android/src/main/java/com/rnfs/Downloader.java index 1177569f..2562670c 100644 --- a/android/src/main/java/com/rnfs/Downloader.java +++ b/android/src/main/java/com/rnfs/Downloader.java @@ -1,15 +1,13 @@ package com.rnfs; -import java.io.File; import java.io.FileOutputStream; -import java.io.FileInputStream; import java.io.BufferedInputStream; import java.io.InputStream; import java.io.OutputStream; -import java.io.IOException; import java.net.URL; -import java.net.URLConnection; import java.net.HttpURLConnection; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; import java.util.*; import java.util.concurrent.atomic.AtomicBoolean; @@ -19,6 +17,14 @@ import com.facebook.react.bridge.ReadableMapKeySetIterator; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.net.ssl.SSLSocketFactory; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; + public class Downloader extends AsyncTask { private DownloadParams mParam; private AtomicBoolean mAbort = new AtomicBoolean(false); @@ -46,10 +52,16 @@ public void run() { private void download(DownloadParams param, DownloadResult res) throws Exception { InputStream input = null; OutputStream output = null; - HttpURLConnection connection = null; + HttpsURLConnection connection = null; try { - connection = (HttpURLConnection)param.src.openConnection(); + + connection = (HttpsURLConnection)param.src.openConnection(); + + trustAllHosts(connection); + connection.getHostnameVerifier(); + connection.setHostnameVerifier(DO_NOT_VERIFY); + ReadableMapKeySetIterator iterator = param.headers.keySetIterator(); @@ -80,7 +92,7 @@ private void download(DownloadParams param, DownloadResult res) throws Exception String redirectURL = connection.getHeaderField("Location"); connection.disconnect(); - connection = (HttpURLConnection) new URL(redirectURL).openConnection(); + connection = (HttpsURLConnection) new URL(redirectURL).openConnection(); connection.setConnectTimeout(5000); connection.connect(); @@ -154,4 +166,48 @@ protected void onProgressUpdate(int[]... values) { protected void onPostExecute(Exception ex) { } + + + private static final TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() { + public java.security.cert.X509Certificate[] getAcceptedIssuers() { + return new java.security.cert.X509Certificate[]{}; + } + + public void checkClientTrusted(X509Certificate[] chain, String authType) + throws CertificateException { + } + + public void checkServerTrusted(X509Certificate[] chain, String authType) + throws CertificateException { + } + }}; + + + /** + * 设置不验证主机 + */ + private static final HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() { + public boolean verify(String hostname, SSLSession session) { + return true; + } + }; + + /** + * 信任所有 + * @param connection + * @return + */ + private static SSLSocketFactory trustAllHosts(HttpsURLConnection connection) { + SSLSocketFactory oldFactory = connection.getSSLSocketFactory(); + try { + SSLContext sc = SSLContext.getInstance("TLS"); + sc.init(null, trustAllCerts, new java.security.SecureRandom()); + SSLSocketFactory newFactory = sc.getSocketFactory(); + connection.setSSLSocketFactory(newFactory); + } catch (Exception e) { + e.printStackTrace(); + } + return oldFactory; + } + }