android - Android 处理 SSL 的代理服务器

标签 android ssl proxy

我正在编写自己的代理服务器。我有最简单的实现。第一个代码 fragment 是设置服务器监听端口 8080(请求将通过 WiFi 设置重定向):

public class MyProxyServer {

private ServerSocket proxyServer;

public void init() throws Exception {
    proxyServer = new ServerSocket(8080);

    new Thread(new Runnable() {
        @Override
        public void run() {
            while (true) {
                try {
                    Socket proxySocket = proxyServer.accept();
                    ProxyConnectionHandler proxyConnectionHandler = new ProxyConnectionHandler(proxySocket);
                    new Thread(proxyConnectionHandler).start();
                } catch (IOException e) {
                    e.printStackTrace();
                }

            }
        }
    }).start();
}

其次是通过套接字传递请求和响应数据:

public class ProxyConnectionHandler implements Runnable {

private static final int BUFFER_SIZE = 8192;

Socket mProxySocket;
Socket mOutsideSocket;

public ProxyConnectionHandler(Socket proxySocket) {
    mProxySocket = proxySocket;
}

@Override
public void run() {
    try {
        long startTimestamp = System.currentTimeMillis();

        InputStream proxyInputStream = mProxySocket.getInputStream();


        byte[] bytes = new byte[BUFFER_SIZE];
        int bytesRead = proxyInputStream.read(bytes, 0, BUFFER_SIZE);
        String request = new String(bytes);

        Log.d("ACHTUNG", "Request: " + request);

        String host = extractHost(request);

        int port = request.startsWith("CONNECT") ? 443 : 80;
        mOutsideSocket = new Socket(host, port);
        OutputStream outsideOutputStream = mOutsideSocket.getOutputStream();
        outsideOutputStream.write(bytes, 0, bytesRead);
        outsideOutputStream.flush();

        InputStream outsideSocketInputStream = mOutsideSocket.getInputStream();
        OutputStream proxyOutputStream = mProxySocket.getOutputStream();
        byte[] responseArray = new byte[BUFFER_SIZE];

        do
        {
            bytesRead = outsideSocketInputStream.read(responseArray, 0, BUFFER_SIZE);
            if (bytesRead > 0)
            {
                proxyOutputStream.write(responseArray, 0, bytesRead);
                String response = new String(bytes, 0, bytesRead);
                Log.d("ACHTUNG", "Response: " + response);
            }
        } while (bytesRead > 0);

        proxyOutputStream.flush();
        mOutsideSocket.close();
        mProxySocket.close();

        Log.d("ACHTUNG", "Cycle: " + (System.currentTimeMillis() - startTimestamp));

    } catch (Exception e) {
        e.printStackTrace();
    }
}

private String extractHost(String request) {
    int hStart = request.indexOf("Host: ") + 6;
    int hEnd = request.indexOf('\n', hStart);
    return request.substring(hStart, hEnd - 1);
}

当我进入浏览器时,它适用于 HTTP 页面,但不适用于 HTTPS。还有更多的东西可以处理 SSL。我不想阅读 SSL 包,我只想让它们通过。怎么做?

最佳答案

我找到了解决方案。

如果来自客户端的 SSL 请求被修改为 HTTP“CONNECT”方法。但是,该请求不能发送到外部服务器。代理服务器必须通过以下方式响应客户端:

"HTTP/1.1 200 Connection established\r\n\r\n"

下一步是允许客户端和服务器之间的双向套接字连接。它应该看起来像这样:

public class Https443RequestHandler implements RequestHandler {

    private static final int BUFFER_SIZE = 8192;
    private static final String CRLF = "\r\n";

    Socket mProxySocket;
    Socket mOutsideSocket;

    public Https443RequestHandler(Socket proxySocket) {
        this.mProxySocket = proxySocket;
    }

    @Override
    public void handle(String request) throws Exception {
        byte[] bytes = request.getBytes();
        int bytesRead = bytes.length;

        String host = extractHost(request);
        int port = 443;

        mOutsideSocket = new Socket();
        mOutsideSocket.setKeepAlive(true);
        mOutsideSocket.connect(new InetSocketAddress(host, port));

        OutputStream proxyOutputStream = mProxySocket.getOutputStream();
        proxyOutputStream.write(("HTTP/1.1 200 Connection established" + CRLF + CRLF).getBytes());
        proxyOutputStream.flush();

        DirectionalConnectionHandler client = new DirectionalConnectionHandler(mProxySocket, mOutsideSocket);
        client.start();
        DirectionalConnectionHandler server = new DirectionalConnectionHandler(mOutsideSocket, mProxySocket);
        server.start();

        client.join();
        server.join();

        mOutsideSocket.close();
        mProxySocket.close();
    }

    private String extractHost(String request) {
        int hStart = request.indexOf("Host: ") + 6;
        int hEnd = request.indexOf('\n', hStart);
        return request.substring(hStart, hEnd - 1);
    }
}

.

public class DirectionalConnectionHandler extends Thread
{
    private final InputStream in;
    private final OutputStream out;

    DirectionalConnectionHandler(final Socket sin, final Socket sout) throws IOException
    {
        in = sin.getInputStream();
        out = sout.getOutputStream();
    }

    @Override
    public void run()
    {
        final byte[] buf = new byte[4096];
        int count;

        try
    {
        while ((count = in.read(buf, 0, buf.length)) != -1)
        {
            String stream = new String(buf);
            out.write(buf, 0, count);
        }
        out.flush();
    }
    catch (final IOException e)
    {
        // Just swallow as we can't recover from this
    }
}

关于android - Android 处理 SSL 的代理服务器,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/33143677/

上一篇:android - 在设备上的 Google 搜索中显示我的应用程序内容

下一篇:android - AppBarLayout 在以编程方式滚动期间不折叠

相关文章:

ajax - 浏览器是否使用 CA 为 CORS Ajax 请求验证 SSL key ?

重新生成 key 操作后 Azure SSL 证书不同步

wcf - 创建动态代理对象

caching - Node.js HTTP 代理缓存 : any guidelines and best practices?

android - api高于21的应用程序未安装错误

Android 如何重置 SCREEN_ALWAYS_ON?

android - listview 和 recyclerview 不会用计数包装内容

java - 引用 Dalvik 或 Java 虚拟机?

ssl - Websphere 应用程序服务器 6.1 中的 j2ee 客户端身份验证支持

python - 使用 ssl 模块的 HTTPS 代理隧道

©2024 IT工具网  联系我们