Android (23) - Smack (4.1.8) - XMPP - “SSL23_GET_SERVER_HELLO:unknown protocol”错误
Posted
技术标签:
【中文标题】Android (23) - Smack (4.1.8) - XMPP - “SSL23_GET_SERVER_HELLO:unknown protocol”错误【英文标题】:Android (23) - Smack (4.1.8) - XMPP - "SSL23_GET_SERVER_HELLO:unknown protocol" error 【发布时间】:2016-08-12 19:58:35 【问题描述】:我正在尝试使用 Smack 4.1.8 库通过 XMPP 在 android (23) 中构建一个聊天应用程序。我直接在手机(Galaxy S6 和 Galaxy E7)上进行测试。我正在尝试连接到 xmpp.jp。尝试连接时出现此异常:
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: javax.net.ssl.SSLHandshakeException: Handshake failed
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: at com.google.android.gms.org.conscrypt.OpenSSLSocketImpl.startHandshake(:com.google.android.gms:405)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: at com.google.android.gms.org.conscrypt.OpenSSLSocketImpl.waitForHandshake(:com.google.android.gms:638)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: at com.google.android.gms.org.conscrypt.OpenSSLSocketImpl.getInputStream(:com.google.android.gms:600)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: at org.jivesoftware.smack.tcp.XMPPTCPConnection.initReaderAndWriter(XMPPTCPConnection.java:659)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: at org.jivesoftware.smack.tcp.XMPPTCPConnection.initConnection(XMPPTCPConnection.java:629)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: at org.jivesoftware.smack.tcp.XMPPTCPConnection.connectInternal(XMPPTCPConnection.java:855)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: at org.jivesoftware.smack.AbstractXMPPConnection.connect(AbstractXMPPConnection.java:364)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: at com.example.android.proximitychat.Utility.MyXMPP$2.doInBackground(MyXMPP.java:247)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: at com.example.android.proximitychat.Utility.MyXMPP$2.doInBackground(MyXMPP.java:227)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: at android.os.AsyncTask$2.call(AsyncTask.java:292)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: at java.util.concurrent.FutureTask.run(FutureTask.java:237)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:231)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: at java.lang.Thread.run(Thread.java:818)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb88c5e50: Failure in SSL library, usually a protocol error
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol (third_party/java/android_libs/gcore/migration_libs/packages/external/openssl/ssl/s23_clnt.c:795 0x9c5f2dcc:0x00000000)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: at com.google.android.gms.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: at com.google.android.gms.org.conscrypt.OpenSSLSocketImpl.startHandshake(:com.google.android.gms:333)
使用这个tutorial。我已经尝试过DummySSLSocketFactory、[NoSSLFactory] 和 [TLSFactory] 解决方案(无法发布超过 2 个链接:|)。它们都不适合我。
我的连接代码是:
private void initialiseConnection()
XMPPTCPConnectionConfiguration.Builder config = XMPPTCPConnectionConfiguration
.builder();
//config.setSecurityMode(ConnectionConfiguration.SecurityMode.disabled);
config.setSecurityMode(ConnectionConfiguration.SecurityMode.required);
config.setServiceName(serverAddress);
config.setHost(serverAddress);
//config.setPort(5222);
config.setPort(5222);
config.setDebuggerEnabled(true);
SSLContext sslContext = null;
try
sslContext = createSSLContext(context);
//sslContext.getSupportedSSLParameters();
catch (KeyStoreException e)
e.printStackTrace();
catch (KeyManagementException e)
e.printStackTrace();
catch (IOException e)
e.printStackTrace();
catch (CertificateException e)
e.printStackTrace();
catch (NoSuchAlgorithmException e)
e.printStackTrace();
// catch(NoSuchProviderException e)
// e.printStackTrace();
//config.setSocketFactory(new DummySSLSocketFactory());
//config.setSocketFactory(SSLSocketFactory.getDefault());
config.setCustomSSLContext(sslContext);
//SSLSocketFactory socketFactory = sslContext.getSocketFactory();
//NoSSLv3SocketFactory socketFactory = new NoSSLv3SocketFactory(sslContext.getSocketFactory());
TLSSocketFactory socketFactory = new TLSSocketFactory(sslContext);
//SSLSocketFactory noSSLv3Factory = new TlsOnlySocketFactory(sslContext.getSocketFactory());
config.setSocketFactory(socketFactory);
config.setEnabledSSLProtocols(new String[]"TLSv1", "TLSv1.1", "TLSv1.2");
XMPPTCPConnection.setUseStreamManagementResumptiodDefault(true);
XMPPTCPConnection.setUseStreamManagementDefault(true);
connection = new XMPPTCPConnection(config.build());
XMPPConnectionListener connectionListener = new XMPPConnectionListener();
connection.addConnectionListener(connectionListener);
private SSLContext createSSLContext(Context context) throws KeyStoreException,
NoSuchAlgorithmException, KeyManagementException, IOException, CertificateException
KeyStore trustStore;
InputStream in = null;
trustStore = KeyStore.getInstance("BKS");
in = context.getResources().openRawResource(R.raw.keystore1);
trustStore.load(in, "MY_STORE_PASSWORD".toCharArray());
TrustManagerFactory trustManagerFactory = TrustManagerFactory
.getInstance(KeyManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trustStore);
//SSLContext sslContext = SSLContext.getInstance("TLS");
SSLContext sslContext = null;
try
//sslContext = SSLContext.getInstance("TLSv1", "AndroidOpenSSL");
sslContext = SSLContext.getInstance("TLS");
catch(Exception e)
e.printStackTrace();
sslContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());
Log.d("SSL Protocol: ", sslContext.getProtocol());
Log.d("SSL Provider: ", sslContext.getProvider().toString());
String[] protocols = sslContext.getDefaultSSLParameters().getProtocols();
sslContext.getDefaultSSLParameters().setProtocols(protocols);
return sslContext;
TLSFactory 代码为:
public class TLSSocketFactory extends SSLSocketFactory
private SSLSocketFactory internalSSLSocketFactory;
public TLSSocketFactory() throws KeyManagementException, NoSuchAlgorithmException
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, null, null);
internalSSLSocketFactory = context.getSocketFactory();
public TLSSocketFactory(SSLContext sslContext)
internalSSLSocketFactory = sslContext.getSocketFactory();
@Override
public String[] getDefaultCipherSuites()
return internalSSLSocketFactory.getDefaultCipherSuites();
@Override
public String[] getSupportedCipherSuites()
return internalSSLSocketFactory.getSupportedCipherSuites();
@Override
public Socket createSocket() throws IOException
return enableTLSOnSocket(internalSSLSocketFactory.createSocket());
@Override
public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException
return enableTLSOnSocket(internalSSLSocketFactory.createSocket(s, host, port, autoClose));
@Override
public Socket createSocket(String host, int port) throws IOException, UnknownHostException
return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port));
@Override
public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException, UnknownHostException
return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port, localHost, localPort));
@Override
public Socket createSocket(InetAddress host, int port) throws IOException
return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port));
@Override
public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException
return enableTLSOnSocket(internalSSLSocketFactory.createSocket(address, port, localAddress, localPort));
private Socket enableTLSOnSocket(Socket socket)
if(socket != null && (socket instanceof SSLSocket))
//((SSLSocket)socket).setEnabledProtocols(new String[] "SSLv3","TLSv1", "TLSv1.1", "TLSv1.2");
((SSLSocket)socket).setEnabledProtocols(new String[] "TLSv1", "TLSv1.1", "TLSv1.2");
Log.d("TLSSocketFactory: ", "setting TLS list");
if(socket!= null)
Log.d("TLSSocketFactory: ", "socket class: " +socket.getClass());
Log.d("TLSSocketFactory: ","Returning TLS Enabled Socket");
return socket;
我已经尝试了所有我能找到的解决方案,但仍然无法连接到 xmpp 服务器。我还尝试了 wtfismyip.com 上的 jabber 服务器,结果相似。卡在这一点上已经超过 2 周了。希望能帮助您克服这一障碍。
【问题讨论】:
【参考方案1】:回答比较晚,但仍然......我想问题是因为您使用 5222 作为端口。如果您检查服务器设置,您可能会发现 5223 作为服务器中设置的客户端 SSL 端口。如果是这样,只需更改它即可解决此问题。
【讨论】:
以上是关于Android (23) - Smack (4.1.8) - XMPP - “SSL23_GET_SERVER_HELLO:unknown protocol”错误的主要内容,如果未能解决你的问题,请参考以下文章
Smack 4.1 所需的最低 Android API 级别是多少?
无法使用 Smack 4.1 从 Android 连接 apache vysper XMPP 服务器