{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 做个烂人 的问题《Since Android Lollipop 5.0 I am not able to commun》','https://www.manongdao.com/q-547427.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I hope someone can help me here. Since Android Lollipop 5.0 I am not able to communicate to server (X509TrustManager) via SSL. It seems like the app is entering in a infinity loop trying to establish handshake. Here is my code:
SSLContext sc;
SSLSocket sslsock;
Socket sock;
// Constructor
RfbProto(String h, int p) throws IOException{
host = h;
port = p;
TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType){}
public void checkServerTrusted(X509Certificate[] certs, String authType){}
}
};
try {
sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
} catch (Exception e) { }
sock = new Socket();
sock.connect(new InetSocketAddress(host, port), 5000);
sock.setSoTimeout(10000);
SSLSocketFactory factory = (SSLSocketFactory)sc.getSocketFactory();
sslsock = (SSLSocket)factory.createSocket(sock, null, 0, false);
is = new DataInputStream(new BufferedInputStream(sock.getInputStream(), 16384));
os = sock.getOutputStream();
timing = false;
timeWaitedIn100us = 5;
timedKbits = 0;
}
public void enableSSL() throws IOException{
this.sslEnabled = true;
final SSLSocket fSock = sslsock;
sslsock.addHandshakeCompletedListener(new HandshakeCompletedListener() {
@Override
public void handshakeCompleted(HandshakeCompletedEvent event) {
try {
Certificate[] peerCertificates = event.getPeerCertificates();
if (peerCertificates.length > 0) {
serverCertificate = (X509Certificate)peerCertificates[0];
}
is = new DataInputStream(new BufferedInputStream(fSock.getInputStream(), 16384));
os = fSock.getOutputStream();
} catch (SSLPeerUnverifiedException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
});
try {
fSock.startHandshake();
} catch (IOException e) {
e.printStackTrace();
}
}
Looking at the Android 5.0 changes, there are some changes at the TLS/SSL default configuration, but I'm not sure where to start. Any help would be appreciated
Trie out to force TLSv1 handhsake. Since end of last yeat SSL is assumed as vulnerable (POODLE) and in a lots of servers apps was disabled (eg, all payment organisations like Visa / MasterCard).