HTTPS post: bypass SSL security check and trust all the hosts
2013-10-25 18:01
393 查看
import com.eviware.soapui.model.testsuite.TestRunContext; import javax.net.ssl.* import java.net.URL import java.net.URLEncoder import java.net.CookieHandler; import java.net.CookieManager; import java.io.BufferedReader; import java.io.DataOutputStream; import java.io.InputStreamReader; class AUTHttps { def dataDir = null def conn = null def sc = null def weguid = null def String weguidPrefix = "weguid" /* I have to set Cookie manually, so the device can receives weguid correctly.*/ /* If ACCEPT_ALL, the device will receives weguid likes "79ffb31f54dbe461" $Path="/" $Domain="10.68.6.127" */ def cookieManager = new CookieManager( null, CookiePolicy.ACCEPT_NONE ) public AUTHttps(String dir) { initHttps(dir) } public AUTHttps(TestRunContext context) { dataDir = AUTProject.getDataDir(context) initHttps(dataDir) } private initHttps(String dir) { def nullTrustManager = [ checkClientTrusted: { chain, authType -> }, checkServerTrusted: { chain, authType -> }, getAcceptedIssuers: { null } ] sc = SSLContext.getInstance("SSL") sc.init(null, [nullTrustManager as X509TrustManager] as TrustManager[], null) // make sure cookies is turn on CookieHandler.setDefault(cookieManager) //System.setProperty("http.keepAlive", "true") } public HttpsURLConnection getHttpsURLConnection() { return conn } public String getResponseMessage() { if (null == conn) { return "null" } return conn.getResponseMessage() } public int post(String url, Map params) { def nullHostnameVerifier = [ verify: { hostname, session -> true } ] def postParams = "" if (null != params) { params.each{ if ("" == postParams) { postParams += it.key + "=" + URLEncoder.encode(it.value, "UTF-8") } else { postParams += '&' + it.key + "=" + URLEncoder.encode(it.value, "UTF-8") } } } def oldConn = conn def urlObj = new URL(url) conn = (HttpsURLConnection)(urlObj.openConnection()) System.setProperty("javax.net.ssl.trustStore", "${dataDir}/keystore") System.setProperty("javax.net.ssl.trustStorePassword", "cert123456") conn.setDefaultSSLSocketFactory(new FixedSSLSocketFactory(sc.getSocketFactory())) //conn.setDefaultSSLSocketFactory(sc.getSocketFactory()) conn.setDefaultHostnameVerifier(nullHostnameVerifier as HostnameVerifier) conn.setRequestMethod("POST") conn.setRequestProperty("Host", urlObj.getHost()) conn.setRequestProperty("User-Agent", "Mozilla/5.0") conn.setRequestProperty("DNT", "1") conn.setRequestProperty("Accept", "*/*") conn.setRequestProperty("Accept-Language", "en-US,en;q=0.5") conn.setRequestProperty("Accept-Encoding", "gzip, deflate") // conn.setRequestProperty("Connection", "Keep-Alive") this is default for https // conn.setRequestProperty("Connection", "Close") conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8") conn.setRequestProperty("Referer", "https://${urlObj.getHost()}/") conn.setRequestProperty("Content-Length", Integer.toString(postParams.length())) println("\nSending 'POST' request to URL : ${url}") println "http.keepAlive = " + System.getProperty("http.keepAlive").toString() if (null != weguid) { println "set cookies: ${weguidPrefix}=${weguid}" conn.setRequestProperty("Cookie", "${weguidPrefix}=${weguid}") } conn.setDoOutput(true) conn.setDoInput(true) for (item in conn.getRequestProperties()) { println "${item.key}: ${item.value}" } println("Post parameters : " + postParams) // Send post request def wr = new DataOutputStream(conn.getOutputStream()) wr.writeBytes(postParams) wr.flush() wr.close() def responseCode = conn.getResponseCode() println("\nRespose code: ${conn.getResponseMessage()}") for (item in conn.getHeaderFields()) { println "${item.key}: ${item.value}" if (item.key == "Set-Cookie") { def String propStr = item.value.toString().substring(1, item.value.toString().size() - 2) for (String str : propStr.split(";[ \t]*")) { //println str if (str.startsWith(weguidPrefix + "=")) { weguid = str.substring(str.indexOf(weguidPrefix + "=") + weguidPrefix.size() + 1) //println "${weguidPrefix}=${weguid}" } } } } return responseCode } }
import javax.net.ssl.SSLSocket import javax.net.ssl.SSLSocketFactory /* * http://stackoverflow.com/questions/6851461/java-why-does-ssl-handshake-give-could-not-generate-dh-keypair-exception */ class FixedSSLSocketFactory extends javax.net.ssl.SSLSocketFactory { def SSLSocketFactory sf = null def enabledCiphers = null public FixedSSLSocketFactory(SSLSocketFactory sf, String[] enabledCiphers) { super() this.sf = sf; this.enabledCiphers = enabledCiphers } public FixedSSLSocketFactory(SSLSocketFactory sf) { super() this.sf = sf; def excludes = ["_DHE_","_DH_"] def ciphers = [] for (s in sf.getDefaultCipherSuites()) { def excluded = false for (subStr in excludes) { if (s.indexOf(subStr) >= 0) { excluded = true } } if (excluded == false) { ciphers.add(s) } } //println ciphers this.enabledCiphers = new String[ciphers.size()] ciphers.toArray(this.enabledCiphers) } private Socket getSocketWithEnabledCiphers(Socket socket) { if (enabledCiphers != null && socket != null && socket instanceof SSLSocket) ((SSLSocket)socket).setEnabledCipherSuites(enabledCiphers) return socket; } @Override public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException { return getSocketWithEnabledCiphers(sf.createSocket(s, host, port, autoClose)) } @Override public String[] getDefaultCipherSuites() { return sf.getDefaultCipherSuites() } @Override public String[] getSupportedCipherSuites() { if (enabledCiphers == null) return sf.getSupportedCipherSuites() else return enabledCiphers; } @Override public Socket createSocket(String host, int port) throws IOException, UnknownHostException { return getSocketWithEnabledCiphers(sf.createSocket(host, port)); } @Override public Socket createSocket(InetAddress address, int port) throws IOException { return getSocketWithEnabledCiphers(sf.createSocket(address, port)); } @Override public Socket createSocket(String host, int port, InetAddress localAddress, int localPort) throws IOException, UnknownHostException { return getSocketWithEnabledCiphers(sf.createSocket(host, port, localAddress, localPort)); } @Override public Socket createSocket(InetAddress address, int port, InetAddress localaddress, int localport) throws IOException { return getSocketWithEnabledCiphers(sf.createSocket(address, port, localaddress, localport)); } }
相关文章推荐
- What is the difference between SSL, TLS, and HTTPS?
- https请求时出错:Could not establish trust relationship for the SSL/TLS secure channel
- 微信证书 javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
- the introduction of https and tls(ssl)
- Android:Security with HTTPS and SSL
- Connection to localhost:5432 refused. Check that the hostname and port are correct and that the post
- 提交到app store遇到checksum validation failed和an ssl error has occurred and a secure connection to the se
- How to collect TrustZone debug logs and check the meaning of error code in the logs
- disable-the-loopback-check-for-specific-host-names-on-all-sharepoint-web-and-application-servers/
- MyEclipse中frame引起的“the file XXX can not be found.Please check the location and try agai问题
- MS SQL错误:SQL Server failed with error code 0xc0000000 to spawn a thread to process a new login or connection. Check the SQL Server error log and the Windows event logs for information about possible related problems
- Blackjacking: Security Threats to BlackBerry Devices, PDAs, and Cell Phones in the Enterprise
- Testing and the Role of ALL MEMBER
- Initialization failed for 'https://start.spring.io' Please check URL, network and proxy settings.
- javascript Check All, Uncheck All and check one at least
- "To use this device with Xcode, unlock the device and choose "Trust".
- WCF分布式开发常见错误(24):Could not establish trust relationship for the SSL/TLS secure channel with authority
- Security Software MegaPost (Firewalls and Anti-Viruses)
- TLS, SSL, and HTTPS 升级