Clean code

2 years ago · 728e055471
parent 3f1f3c3de6
commit 728e055471
4 changed files with 45 additions and 124 deletions
--- a/app/build.gradle
+++ b/app/build.gradle
@ -119,6 +119,7 @@ dependencies {
    implementation 'com.guolindev.permissionx:permissionx:1.7.1'
    implementation 'com.hierynomus:smbj:0.11.5'
    implementation 'org.chromium.net:cronet-embedded:76.3809.111'
+    implementation 'org.conscrypt:conscrypt-android:2.5.2'
    implementation 'org.eclipse.jetty:jetty-client:8.1.21.v20160908'
    implementation 'org.eclipse.jetty:jetty-server:8.1.21.v20160908'
    implementation 'org.eclipse.jetty:jetty-servlet:8.1.21.v20160908'
--- a/app/src/main/java/com/fongmi/android/tv/App.java
+++ b/app/src/main/java/com/fongmi/android/tv/App.java
@ -25,6 +25,9 @@ import com.orhanobut.logger.LogAdapter;
 import com.orhanobut.logger.Logger;
 import com.orhanobut.logger.PrettyFormatStrategy;

+import org.conscrypt.Conscrypt;
+
+import java.security.Security;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Executors;

@ -98,6 +101,7 @@ public class App extends Application {

    @Override
    protected void attachBaseContext(Context base) {
+        Security.insertProviderAt(Conscrypt.newProvider(), 1);
        super.attachBaseContext(base);
        Init.set(base);
    }
--- a/catvod/src/main/java/com/github/catvod/net/OkHttp.java
+++ b/catvod/src/main/java/com/github/catvod/net/OkHttp.java
@ -8,10 +8,19 @@ import com.github.catvod.utils.Path;
 import com.github.catvod.utils.Util;
 import com.google.common.net.HttpHeaders;

+import java.security.SecureRandom;
+import java.security.cert.X509Certificate;
 import java.util.Map;
 import java.util.Objects;
 import java.util.concurrent.TimeUnit;

+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+
 import okhttp3.Cache;
 import okhttp3.Call;
 import okhttp3.Dns;
@ -45,8 +54,8 @@ public class OkHttp {
    }

    public void setDoh(Doh doh) {
-        OkHttpClient dohClient = new OkHttpClient.Builder().cache(new Cache(Path.doh(), CACHE)).hostnameVerifier(SSLCompat.VERIFIER).sslSocketFactory(new SSLCompat(), SSLCompat.TM).build();
-        dns = doh.getUrl().isEmpty() ? null : new DnsOverHttps.Builder().client(dohClient).url(HttpUrl.get(doh.getUrl())).bootstrapDnsHosts(doh.getHosts()).build();
+        OkHttpClient dohClient = new OkHttpClient.Builder().cache(new Cache(Path.doh(), CACHE)).build();
+        dns = doh.getUrl().isEmpty() ? null : new DnsOverHttps.Builder().client(new OkHttpClient.Builder().cache(new Cache(Path.doh(), CACHE)).build()).url(HttpUrl.get(doh.getUrl())).bootstrapDnsHosts(doh.getHosts()).build();
        client = null;
    }

@ -129,8 +138,36 @@ public class OkHttp {
    }

    private static OkHttpClient.Builder getBuilder() {
-        OkHttpClient.Builder builder = new OkHttpClient.Builder().addInterceptor(new OkhttpInterceptor()).connectTimeout(TIMEOUT, TimeUnit.MILLISECONDS).readTimeout(TIMEOUT, TimeUnit.MILLISECONDS).writeTimeout(TIMEOUT, TimeUnit.MILLISECONDS).dns(dns()).hostnameVerifier(SSLCompat.VERIFIER).sslSocketFactory(new SSLCompat(), SSLCompat.TM);
+        OkHttpClient.Builder builder = new OkHttpClient.Builder().addInterceptor(new OkhttpInterceptor()).connectTimeout(TIMEOUT, TimeUnit.MILLISECONDS).readTimeout(TIMEOUT, TimeUnit.MILLISECONDS).writeTimeout(TIMEOUT, TimeUnit.MILLISECONDS).dns(dns());
        builder.proxySelector(selector());
+        ignoreSSLErrors(builder);
        return builder;
    }
+
+    private static void ignoreSSLErrors(OkHttpClient.Builder builder) {
+        try {
+            SSLContext context = SSLContext.getInstance("SSL");
+            context.init(null, TM, new SecureRandom());
+            HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
+            builder.sslSocketFactory(context.getSocketFactory(), (X509TrustManager) TM[0]);
+            builder.hostnameVerifier((hostname, session) -> true);
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+    }
+
+    private static final TrustManager[] TM = new TrustManager[]{new X509TrustManager() {
+        @Override
+        public void checkClientTrusted(X509Certificate[] chain, String authType) {
+        }
+
+        @Override
+        public void checkServerTrusted(X509Certificate[] chain, String authType) {
+        }
+
+        @Override
+        public X509Certificate[] getAcceptedIssuers() {
+            return new X509Certificate[]{};
+        }
+    }};
 }
--- a/catvod/src/main/java/com/github/catvod/net/SSLCompat.java
+++ b/catvod/src/main/java/com/github/catvod/net/SSLCompat.java
@ -1,121 +0,0 @@
-package com.github.catvod.net;
-
-import android.annotation.SuppressLint;
-
-import java.io.IOException;
-import java.net.InetAddress;
-import java.net.Socket;
-import java.security.cert.X509Certificate;
-import java.util.Arrays;
-import java.util.HashSet;
-import java.util.LinkedList;
-import java.util.List;
-
-import javax.net.ssl.HostnameVerifier;
-import javax.net.ssl.HttpsURLConnection;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLSocket;
-import javax.net.ssl.SSLSocketFactory;
-import javax.net.ssl.X509TrustManager;
-
-public class SSLCompat extends SSLSocketFactory {
-
-    public static final HostnameVerifier VERIFIER = (hostname, session) -> true;
-    private static String[] cipherSuites;
-    private static String[] protocols;
-    private SSLSocketFactory factory;
-
-    static {
-        try {
-            SSLSocket socket = (SSLSocket) SSLSocketFactory.getDefault().createSocket();
-            List<String> protocols = new LinkedList<>();
-            for (String protocol : socket.getSupportedProtocols()) if (!protocol.toUpperCase().contains("SSL")) protocols.add(protocol);
-            SSLCompat.protocols = protocols.toArray(new String[protocols.size()]);
-            List<String> allowedCiphers = Arrays.asList("TLS_RSA_WITH_AES_256_GCM_SHA384", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECHDE_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA");
-            List<String> availableCiphers = Arrays.asList(socket.getSupportedCipherSuites());
-            HashSet<String> preferredCiphers = new HashSet<>(allowedCiphers);
-            preferredCiphers.retainAll(availableCiphers);
-            preferredCiphers.addAll(new HashSet<>(Arrays.asList(socket.getEnabledCipherSuites())));
-            SSLCompat.cipherSuites = preferredCiphers.toArray(new String[preferredCiphers.size()]);
-        } catch (IOException e) {
-            e.printStackTrace();
-        }
-    }
-
-    public SSLCompat() {
-        try {
-            SSLContext context = SSLContext.getInstance("TLS");
-            context.init(null, new X509TrustManager[]{TM}, null);
-            HttpsURLConnection.setDefaultSSLSocketFactory(factory = context.getSocketFactory());
-        } catch (Exception e) {
-            e.printStackTrace();
-        }
-    }
-
-    @Override
-    public String[] getDefaultCipherSuites() {
-        return cipherSuites;
-    }
-
-    @Override
-    public String[] getSupportedCipherSuites() {
-        return cipherSuites;
-    }
-
-    @Override
-    public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {
-        Socket ssl = factory.createSocket(s, host, port, autoClose);
-        if (ssl instanceof SSLSocket) upgradeTLS((SSLSocket) ssl);
-        return ssl;
-    }
-
-    @Override
-    public Socket createSocket(String host, int port) throws IOException {
-        Socket ssl = factory.createSocket(host, port);
-        if (ssl instanceof SSLSocket) upgradeTLS((SSLSocket) ssl);
-        return ssl;
-    }
-
-    @Override
-    public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException {
-        Socket ssl = factory.createSocket(host, port, localHost, localPort);
-        if (ssl instanceof SSLSocket) upgradeTLS((SSLSocket) ssl);
-        return ssl;
-    }
-
-    @Override
-    public Socket createSocket(InetAddress host, int port) throws IOException {
-        Socket ssl = factory.createSocket(host, port);
-        if (ssl instanceof SSLSocket) upgradeTLS((SSLSocket) ssl);
-        return ssl;
-    }
-
-    @Override
-    public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {
-        Socket ssl = factory.createSocket(address, port, localAddress, localPort);
-        if (ssl instanceof SSLSocket) upgradeTLS((SSLSocket) ssl);
-        return ssl;
-    }
-
-    private void upgradeTLS(SSLSocket ssl) {
-        if (protocols != null) ssl.setEnabledProtocols(protocols);
-        if (cipherSuites != null) ssl.setEnabledCipherSuites(cipherSuites);
-    }
-
-    @SuppressLint({"TrustAllX509TrustManager", "CustomX509TrustManager"})
-    public static final X509TrustManager TM = new X509TrustManager() {
-
-        @Override
-        public void checkClientTrusted(X509Certificate[] chain, String authType) {
-        }
-
-        @Override
-        public void checkServerTrusted(X509Certificate[] chain, String authType) {
-        }
-
-        @Override
-        public X509Certificate[] getAcceptedIssuers() {
-            return new X509Certificate[]{};
-        }
-    };
-}