1
0
mirror of https://github.com/moparisthebest/SSLDroid synced 2024-11-23 17:32:15 -05:00

Implemented basics of multiple tunnel handling

Also implemented accepting all server certs as my subject server had
an expired certificate.

Signed-off-by: Balint Kovacs <blint@blint.hu>
This commit is contained in:
Balint Kovacs 2011-04-18 07:30:03 +02:00
parent 9d44957132
commit 4d724fb37d
4 changed files with 27 additions and 7 deletions

Binary file not shown.

Binary file not shown.

View File

@ -12,7 +12,7 @@ public class SSLDroid extends Service {
final String TAG = "SSLDroid"; final String TAG = "SSLDroid";
public static final String PREFS_NAME = "MyPrefsFile"; public static final String PREFS_NAME = "MyPrefsFile";
TcpProxy tp; TcpProxy tp[];
@Override @Override
public void onCreate() { public void onCreate() {
@ -63,11 +63,14 @@ public class SSLDroid extends Service {
//createNotification("test", "This is a test of the emergency broadcast system"); //createNotification("test", "This is a test of the emergency broadcast system");
tp = new TcpProxy(); tp = new TcpProxy[2];
try { try {
tp.serve(listenPort, targetHost, targetPort, keyFile, keyPass); tp[0] = new TcpProxy();
tp[0].serve(listenPort, targetHost, targetPort, keyFile, keyPass);
tp[1] = new TcpProxy();
tp[1].serve(9998, "imaps.balabit.hu", 993, keyFile, keyPass);
} catch (Exception e) { } catch (Exception e) {
Log.d(TAG, "Error" + e.toString()); Log.d(TAG, "Error:" + e.toString());
} }
} }
@ -84,7 +87,9 @@ public class SSLDroid extends Service {
@Override @Override
public void onDestroy() { public void onDestroy() {
try { try {
tp.stop(); for (TcpProxy proxy : tp) {
proxy.stop();
}
removeNotification(0); removeNotification(0);
Log.d(TAG, "SSLDroid Service Stopped"); Log.d(TAG, "SSLDroid Service Stopped");
} catch (Exception e) { } catch (Exception e) {

View File

@ -23,6 +23,8 @@ import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext; import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory; import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import android.util.Log; import android.util.Log;
@ -53,7 +55,20 @@ public class TcpProxyServerThread extends Thread {
} }
}*/ }*/
// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
}
}
};
private static SSLSocketFactory sslSocketFactory; private static SSLSocketFactory sslSocketFactory;
@ -66,7 +81,7 @@ public class TcpProxyServerThread extends Thread {
keyStore.load(new FileInputStream(pkcsFile), pwd.toCharArray()); keyStore.load(new FileInputStream(pkcsFile), pwd.toCharArray());
keyManagerFactory.init(keyStore, pwd.toCharArray()); keyManagerFactory.init(keyStore, pwd.toCharArray());
SSLContext context = SSLContext.getInstance("TLS"); SSLContext context = SSLContext.getInstance("TLS");
context.init(keyManagerFactory.getKeyManagers(), null, context.init(keyManagerFactory.getKeyManagers(), trustAllCerts,
new SecureRandom()); new SecureRandom());
sslSocketFactory = (SSLSocketFactory) context.getSocketFactory(); sslSocketFactory = (SSLSocketFactory) context.getSocketFactory();