2019-07-17 反射修改OkhttpClient的SLL

以七牛文件上传为例

mUpLoadManager为七牛上传管理类com.qiniu.android.storage.UploadManager

public final class UploadManager {
    private final Configuration config;
    private final Client client;
    ....
    ...
}

我们需要找到UploadManager里面的Client对象,因为OkHttpClient在他里面

package com.qiniu.android.http;
...
public final class Client {
     ...
    private OkHttpClient httpClient;
    ...
}

以下是反射代码

   try {
        Field field1 = mUpLoadManager.getClass().getDeclaredField("client");
        field1.setAccessible(true);
        Client clientQN = (Client) field1.get(mUpLoadManager);
        Field field2 = clientQN.getClass().getDeclaredField("httpClient");
        field2.setAccessible(true);
        OkHttpClient okhttpClient = (OkHttpClient) field2.get(clientQN);
        Field field3 = okhttpClient.getClass().getDeclaredField("sslSocketFactory");
        Field field4 = okhttpClient.getClass().getDeclaredField("certificateChainCleaner");
        Field field5 = okhttpClient.getClass().getDeclaredField("hostnameVerifier");
        field3.setAccessible(true);
        field4.setAccessible(true);
        field5.setAccessible(true);
        SSLSocketFactory sslSocketFactory = SSLManager.createSSLSocketFactory();
        HostnameVerifier hostnameVerifier = (s, sslSession) -> true;
        field3.set(okhttpClient, sslSocketFactory);
        field4.set(okhttpClient, Platform.get().buildCertificateChainCleaner(sslSocketFactory));
        field5.set(okhttpClient, hostnameVerifier);
      } catch (Exception e) {
        e.printStackTrace();
        LogUtils.e("反射修改debug包SSL认证失败");
      }

import android.annotation.SuppressLint;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

public class SSLManager {
  /**
   * 创建SSLSocket的工厂类
   *
   * @return 返回一个SSLSocket的工厂类
   */
  public static SSLSocketFactory createSSLSocketFactory() {
    SSLSocketFactory ssfFactory = null;
    try {
      SSLContext sc = SSLContext.getInstance("SSL");
      sc.init(null, new TrustManager[] { new TrustAllCerts() }, new SecureRandom());
      ssfFactory = sc.getSocketFactory();
    } catch (Exception e) {
      e.printStackTrace();
    }
    return ssfFactory;
  }

  /**
   * description: X509证书信任管理器类
   */
  private static class TrustAllCerts implements X509TrustManager {
    @SuppressLint("TrustAllX509TrustManager")
    @Override
    public void checkClientTrusted(X509Certificate[] chain, String authType) {
    }

    @SuppressLint("TrustAllX509TrustManager")
    @Override
    public void checkServerTrusted(X509Certificate[] chain, String authType) {
    }

    @Override
    public X509Certificate[] getAcceptedIssuers() {
      return new X509Certificate[0];
    }
  }
}
©著作权归作者所有,转载或内容合作请联系作者
平台声明:文章内容(如有图片或视频亦包括在内)由作者上传并发布,文章内容仅代表作者本人观点,简书系信息发布平台,仅提供信息存储服务。

推荐阅读更多精彩内容

  • OKHttp
    参考:https://blog.csdn.net/fightingxia/article/details/7094...
    文强小弟阅读 1,219评论 0 1
  • FastDFS源码解析
    概念: FastDFS是余庆(前阿里巴巴架构师,现易到用车架构师)开发的一个开源的轻量级分布式文件系统,对于小文件...
    yingyingguigui阅读 5,864评论 0 2
  • UDP
    好文推荐# 【Java TCP/IP Socket】UDP Socket(含代码)黑马程序员——UDP发送数据,接...
    CalvinNing阅读 213评论 0 0
  • 吴中
    我喜欢“吴中”这样的地名。 这也许是我第5次来阳澄湖过周末。依旧下雨。这里是所谓“中湖”半岛上的澜廷度假酒店。凭栏...
    海上一客阅读 159评论 0 0
  • 我的高中宣誓
    我有良知无愧于父母的养育, 我有智慧无愧于老师的教诲, 我有骨气绝不甘于平庸人生, 我有无穷潜力信诚立人敏学至精自...
    陌上初安为君倾心阅读 784评论 0 1