我可以使用 openssl 来使用(OpenVAS 的)xml API,例如:
openssl s_client -connect localhost:9390
...certificate info...
<get_version/>
<get_version_response status="200" status_text="OK"><version>7.0</version></get_version_response>
DONE
我试图在java
代码中实现同样的事情:
@Test
public void tryOpenVasGetVersion() throws InterruptedException,
ExecutionException {
WebSocketClient webSocketClient = new StandardWebSocketClient();
WebSocketSession webSocketSession = webSocketClient.doHandshake(new TextWebSocketHandler() {
@Override
public void handleTextMessage(WebSocketSession session, TextMessage message) {
System.out.println("received message - " + message.getPayload());
}
@Override
public void afterConnectionEstablished(WebSocketSession session) throws InterruptedException {
TimeUnit.SECONDS.sleep(1);
System.out.println("established connection - " + session);
}
}, new WebSocketHttpHeaders(), URI.create("wss://127.0.0.1:9390")).get();
Executors.newSingleThreadScheduledExecutor().scheduleAtFixedRate(() -> {
try {
TextMessage message = new TextMessage("<get_version/>");
webSocketSession.sendMessage(message);
System.out.println("sent message - " + message.getPayload());
} catch (Exception e) {
System.out.println("Exception while sending a message "+ e);
}
}, 1, 10, TimeUnit.SECONDS);
}
但我得到的是:
java.util.concurrent.ExecutionException: javax.websocket.DeploymentException: The HTTP request to initiate the WebSocket connection failed
at java.util.concurrent.FutureTask.report(FutureTask.java:122) at java.util.concurrent.FutureTask.get(FutureTask.java:192) at pl.corpnet.mixer.plugins.codescan.fortify.apiclient.SocketTest.connect(SocketTest.java:51) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50) at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12) at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47) at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17) at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57) at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290) at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71) at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288) at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58) at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268) at org.junit.runners.ParentRunner.run(ParentRunner.java:363) at org.junit.runner.JUnitCore.run(JUnitCore.java:137) at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:68) at com.intellij.rt.execution.junit.IdeaTestRunner$Repeater.startRunnerWithArgs(IdeaTestRunner.java:47) at com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:242) at com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:70) Caused by: javax.websocket.DeploymentException: The HTTP request to initiate the WebSocket connection failed at org.apache.tomcat.websocket.WsWebSocketContainer.connectToServerRecursive(WsWebSocketContainer.java:484) at org.apache.tomcat.websocket.WsWebSocketContainer.connectToServer(WsWebSocketContainer.java:194) at org.springframework.web.socket.client.standard.StandardWebSocketClient.lambda$doHandshakeInternal$0(StandardWebSocketClient.java:150) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.lang.Thread.run(Thread.java:748) Caused by: java.util.concurrent.ExecutionException: java.lang.IllegalStateException: Unexpected Status of SSLEngineResult after an unwrap() operation at org.apache.tomcat.websocket.AsyncChannelWrapperSecure$WrapperFuture.get(AsyncChannelWrapperSecure.java:512) at org.apache.tomcat.websocket.WsWebSocketContainer.processResponse(WsWebSocketContainer.java:783) at org.apache.tomcat.websocket.WsWebSocketContainer.connectToServerRecursive(WsWebSocketContainer.java:347) ... 4 more Caused by: java.lang.IllegalStateException: Unexpected Status of SSLEngineResult after an unwrap() operation at org.apache.tomcat.websocket.AsyncChannelWrapperSecure$ReadTask.run(AsyncChannelWrapperSecure.java:314) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) ... 1 more
任何人都可以给我一个提示,如果我可以使用 WebSocketClient
实现与使用 openssl s_cllient -connect 相同的效果吗?
最佳答案
您可以尝试通过创建 SSLSocket 进行连接。
SSLContext context = SSLContextBuilder.create().setProtocol("TLS1.2").setKeyStoreType("JKS").loadKeyMaterial(...).build();
SSLFactory factory = context.getSocketFactory();
SSLSocket socket = factory.createSocket(host, port);
去年它在 kali linux 上使用 openvas 对我有用。
关于java - 使用套接字与 XML API openssl s_client -connect with Java 进行通信,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/59040027/