增加了信任所有证书的Okhttp策略

ef1af831 · pye52 · 8cf426a8 · ef1af831 · ef1af831 · ef1af831
Commit ef1af831 authored Mar 16, 2020 by pye52
5 changed files
--- a/app/src/main/java/com/bgycc/smartcanteen/api/SCRetrofit.java
+++ b/app/src/main/java/com/bgycc/smartcanteen/api/SCRetrofit.java
 package com.bgycc.smartcanteen.api;
 import com.bgycc.smartcanteen.BuildConfig;
+import com.bgycc.smartcanteen.utils.TrustAllCerts;
 import java.util.concurrent.TimeUnit;
@@ -20,7 +21,7 @@ public class SCRetrofit {
        return retrofit.create(SCApi.class);
    }
-    public static OkHttpClient.Builder createOkHttpClient() {
+    public static OkHttpClient.Builder createOkHttpClientBuilder() {
        OkHttpClient.Builder builder = new OkHttpClient.Builder()
                .connectTimeout(TIMEOUT, TimeUnit.SECONDS)
                .readTimeout(TIMEOUT, TimeUnit.SECONDS)
@@ -34,6 +35,12 @@ public class SCRetrofit {
        return builder;
    }
+    public static OkHttpClient.Builder createUnsafeOkHttpClientBuilder() {
+        return createOkHttpClientBuilder()
+                .hostnameVerifier(new TrustAllCerts.TrustAllHostnameVerifier())
+                .sslSocketFactory(TrustAllCerts.createSSLSocketFactory(), new TrustAllCerts());
+    }
    private static Retrofit createRetrofit(OkHttpClient client) {
        return new Retrofit.Builder()
                .client(client)

--- a/app/src/main/java/com/bgycc/smartcanteen/command/LogCommandHandler.java
+++ b/app/src/main/java/com/bgycc/smartcanteen/command/LogCommandHandler.java
@@ -179,7 +179,7 @@ public class LogCommandHandler extends CommandHandler {
    }
    private void upload(File zip) {
-        OkHttpClient client = SCRetrofit.createOkHttpClient().build();
+        OkHttpClient client = SCRetrofit.createOkHttpClientBuilder().build();
        SCApi api = SCRetrofit.createApi(client);
        CommandLog.CommandLogData data = commandLog.getData();
        String fileNameForServer = data.getLogType()

--- a/app/src/main/java/com/bgycc/smartcanteen/command/UpdateCommandHandler.java
+++ b/app/src/main/java/com/bgycc/smartcanteen/command/UpdateCommandHandler.java
@@ -66,7 +66,7 @@ public class UpdateCommandHandler extends CommandHandler {
    private UpdateCommandHandler(Command command, Gson gson, CommandProgressCallback callback) {
        super(command, gson, callback);
-        this.httpClient = SCRetrofit.createOkHttpClient()
+        this.httpClient = SCRetrofit.createUnsafeOkHttpClientBuilder()
                .addNetworkInterceptor(chain -> {
                    Response originalResponse = chain.proceed(chain.request());
                    return originalResponse.newBuilder()
@@ -128,7 +128,7 @@ public class UpdateCommandHandler extends CommandHandler {
                timeoutFuture.cancel(true);
                timeoutFuture = null;
            }
-            LogUtils.e(TAG, "下载失败: " + e.getMessage());
+            LogUtils.e(TAG, "下载失败: " + e.getMessage(), e);
            failed("下载失败", 0);
            try {
                Thread.sleep(DEFAULT_DELAY);

--- a/app/src/main/java/com/bgycc/smartcanteen/utils/InstallManager.java
+++ b/app/src/main/java/com/bgycc/smartcanteen/utils/InstallManager.java
@@ -12,18 +12,18 @@ import static com.bgycc.smartcanteen.utils.SmartCanteenUtils.TAG;
 public class InstallManager {
    public static boolean install(File updateApk) {
        String model = Build.MODEL;
-        if (model.contains(DeviceProxy.DEVICE_MODEL_TPS)) {
+        if (Build.VERSION.SDK_INT <= Build.VERSION_CODES.M) {
-            if (Build.VERSION.SDK_INT <= Build.VERSION_CODES.M) {
+            // 6.0以下安装包需要修改权限才能安装
-                // 6.0以下安装包需要修改权限才能安装
+            try {
-                try {
+                Process p = Runtime.getRuntime().exec("chmod 755 " + updateApk);
-                    Process p = Runtime.getRuntime().exec("chmod 755 " + updateApk);
+                p.waitFor();
-                    p.waitFor();
+                LogUtils.d(TAG, "开始安装");
-                    LogUtils.d(TAG, "开始安装");
+            } catch (Exception e) {
-                } catch (Exception e) {
+                LogUtils.e(TAG, "安装文件权限修改失败");
-                    LogUtils.e(TAG, "安装文件权限修改失败");
+                return false;
-                    return false;
-                }
            }
+        }
+        if (model.contains(DeviceProxy.DEVICE_MODEL_TPS)) {
            return DangerousUtils.installAppSilent(updateApk);
        } else if (model.contains(DeviceProxy.DEVICE_MODEL_QUAD)) {
            AppUtils.installApp(updateApk);

--- a/app/src/main/java/com/bgycc/smartcanteen/utils/TrustAllCerts.java
+++ b/app/src/main/java/com/bgycc/smartcanteen/utils/TrustAllCerts.java
+package com.bgycc.smartcanteen.utils;
+import android.annotation.SuppressLint;
+import java.security.SecureRandom;
+import java.security.cert.X509Certificate;
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+@SuppressLint("TrustAllX509TrustManager")
+public class TrustAllCerts implements X509TrustManager {
+    @Override
+    public void checkClientTrusted(X509Certificate[] chain, String authType) {}
+    @Override
+    public void checkServerTrusted(X509Certificate[] chain, String authType) {}
+    @Override
+    public X509Certificate[] getAcceptedIssuers() {return new X509Certificate[0];}
+    public static SSLSocketFactory createSSLSocketFactory() {
+        SSLSocketFactory ssfFactory = null;
+        try {
+            SSLContext sc = SSLContext.getInstance("TLS");
+            sc.init(null,  new TrustManager[] { new TrustAllCerts() }, new SecureRandom());
+            ssfFactory = sc.getSocketFactory();
+        } catch (Exception ignored) {
+        }
+        return ssfFactory;
+    }
+    public static class TrustAllHostnameVerifier implements HostnameVerifier {
+        @SuppressLint("BadHostnameVerifier")
+        @Override
+        public boolean verify(String hostname, SSLSession session) {
+            return true;
+        }
+    }
+}