moparisthebest/SSLDroid
1
0
Fork 0
mirror of https://github.com/moparisthebest/SSLDroid synced 2025-02-19 20:41:49 -05:00
Code Issues Releases Wiki Activity

Add support for SNI

Browse Source 
Signed-off-by: Balint Kovacs <blint@blint.hu>
This commit is contained in:
Balint Kovacs 2015-05-13 20:20:43 +02:00
parent d9675e64b9
commit 60429d1750
1 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/hu/blint/ssldroid/TcpProxyServerThread.java
View File

@ -16,10 +16,11 @@ import java.security.UnrecoverableKeyException;
import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext; import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager; import javax.net.ssl.X509TrustManager;
import android.net.SSLCertificateSocketFactory;
import android.os.Build;
import android.util.Log; import android.util.Log;
public class TcpProxyServerThread extends Thread { public class TcpProxyServerThread extends Thread {
@ -32,7 +33,7 @@ public class TcpProxyServerThread extends Thread {
Relay inRelay, outRelay; Relay inRelay, outRelay;
ServerSocket ss = null; ServerSocket ss = null;
int sessionid = 0; int sessionid = 0;
private SSLSocketFactory sslSocketFactory; private SSLCertificateSocketFactory sslSocketFactory;
public TcpProxyServerThread(ServerSocket ss,String tunnelName, int listenPort, String tunnelHost, int tunnelPort, String keyFile, String keyPass) { public TcpProxyServerThread(ServerSocket ss,String tunnelName, int listenPort, String tunnelHost, int tunnelPort, String keyFile, String keyPass) {
this.tunnelName = tunnelName; this.tunnelName = tunnelName;
@ -61,7 +62,7 @@ public class TcpProxyServerThread extends Thread {
} }
}; };
public final SSLSocketFactory getSocketFactory(String pkcsFile, public final SSLCertificateSocketFactory getSocketFactory(String pkcsFile,
String pwd, int sessionid) { String pwd, int sessionid) {
if (sslSocketFactory == null) { if (sslSocketFactory == null) {
try { try {
@ -72,8 +73,7 @@ public class TcpProxyServerThread extends Thread {
SSLContext context = SSLContext.getInstance("TLS"); SSLContext context = SSLContext.getInstance("TLS");
context.init(keyManagerFactory.getKeyManagers(), trustAllCerts, context.init(keyManagerFactory.getKeyManagers(), trustAllCerts,
new SecureRandom()); new SecureRandom());
sslSocketFactory = (SSLSocketFactory) context.getSocketFactory(); sslSocketFactory = (SSLCertificateSocketFactory) context.getSocketFactory();
} catch (FileNotFoundException e) { } catch (FileNotFoundException e) {
Log.d("SSLDroid", tunnelName+"/"+sessionid+": Error loading the client certificate file:" Log.d("SSLDroid", tunnelName+"/"+sessionid+": Error loading the client certificate file:"
+ e.toString()); + e.toString());
@ -115,8 +115,13 @@ public class TcpProxyServerThread extends Thread {
} }
Socket st = null; Socket st = null;
SSLCertificateSocketFactory sf = null;
try { try {
st = (SSLSocket) getSocketFactory(this.keyFile, this.keyPass, this.sessionid).createSocket(this.tunnelHost, this.tunnelPort); sf = (SSLCertificateSocketFactory) getSocketFactory(this.keyFile, this.keyPass, this.sessionid);
st = (SSLSocket) sf.createSocket(this.tunnelHost, this.tunnelPort);
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN_MR1) {
sf.setHostname(st, this.tunnelHost);
}
((SSLSocket) st).startHandshake(); ((SSLSocket) st).startHandshake();
} catch (IOException e) { } catch (IOException e) {
Log.d("SSLDroid", tunnelName+"/"+sessionid+": SSL failure: " + e.toString()); Log.d("SSLDroid", tunnelName+"/"+sessionid+": SSL failure: " + e.toString());