我在一遍又一遍地尝试使用它之后发布了这个问题,没有成功。 我试图在Android中使用apache commons库实现FTP文件传输。通信必须通过显式TLS身份验证完成。 我可以成功登录,连接到服务器和列表文件,但每当我尝试获取或存储文件时,我总是会得到超时异常,即使对于2Kb的txt文件,也会有非常大的超时值。 这是我的代码:
FTPSClient ftpClient = new FTPSClient("TLS", false);
ftpClient.addProtocolCommandListener(new PrintCommandListener(new PrintWriter(System.out)));
KeyManagerFactory kmf = getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(null, null);
KeyManager km = kmf.getKeyManagers()[0];
ftpClient.setKeyManager(km);
ftpClient.setBufferSize(1024 * 1024);
ftpClient.setConnectTimeout(900000);
ftpClient.connect(InetAddress.getByName("server ip address"), 990);
// Set protection buffer size
ftpClient.execPBSZ(0);
// // Set data channel protection to private
ftpClient.execPROT("P");
ftpClient.login("user", "password");
ftpClient.changeWorkingDirectory("/");
ftpClient.setSoTimeout(900000);
ftpClient.setFileType(FTP.BINARY_FILE_TYPE);
ftpClient.enterLocalPassiveMode();
buffIn = new BufferedInputStream(new FileInputStream(file.getAbsolutePath()));
//this works
FTPFile[] files = ftpClient.listFiles();
final OutputStream os = new FileOutputStream(finalStoragePath + "/OK.txt");
//this returns immediatly with false result
boolean getResult=ftpClient.retrieveFile("OK.txt", os);
//this always fail for timeout
boolean result = ftpClient.storeFile( picture.getName(), buffIn );
我找不到这个具体情况的例子,那里的所有例子都是关于普通的FTP连接,我可以毫无问题地实现。你们中间有没有类似的问题?我真的需要一个解决方案,我必须尽快交付项目。
感谢。
答案 0 :(得分:4)
我终于找到了解决方案,解决方案是将信任管理器设置为接受所有证书。这里是那些遇到类似问题的代码,maby可以改进和/或优化,但它可以工作:
FTPSClient ftpClient = new FTPSClient("TLS", false);
try {
TrustManager[] trustManager = new TrustManager[] { new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
} };
ftpClient.setTrustManager(trustManager[0]);
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(null, null);
KeyManager km = kmf.getKeyManagers()[0];
ftpClient.setKeyManager(km);
ftpClient.setBufferSize(1024 * 1024);
ftpClient.setConnectTimeout(100000);
ftpClient.connect(InetAddress.getByName("ipaddress"), 990);
ftpClient.setSoTimeout(100000);
if (ftpClient.login("user", "password")) {
ftpClient.execPBSZ(0);
ftpClient.execPROT("P");
ftpClient.changeWorkingDirectory("/");
// 250 = directory succesfully changed
if (ftpClient.getReplyString().contains("250")) {
ftpClient.setFileType(FTP.BINARY_FILE_TYPE);
ftpClient.enterLocalPassiveMode();
BufferedInputStream buffIn = null;
for (File picture : pictures) {
buffIn = new BufferedInputStream(new FileInputStream(picture.getAbsolutePath()));
boolean result = ftpClient.storeFile(picture.getName(), buffIn);
try {
buffIn.close();
} catch (Exception e) {
}
if (result)
picture.delete();
}
}
}
} catch (SocketException e) {
Log.e("APPTAG", e.getStackTrace().toString());
} catch (UnknownHostException e) {
Log.e("APPTAG", e.getStackTrace().toString());
} catch (IOException e) {
Log.e("APPTAG", e.getStackTrace().toString());
} catch (Exception e) {
Log.e("APPTAG", e.getStackTrace().toString());
} finally {
try {
ftpClient.logout();
} catch (Exception e2) {
}
try {
ftpClient.disconnect();
} catch (Exception e2) {
}
}
答案 1 :(得分:1)
您可以添加接受所有证书的库信任管理器,而不是创建一个。
FTPSClient mFtps = new FTPSClient();
mFtps.setTrustManager(TrustManagerUtils.getAcceptAllTrustManager());
答案 2 :(得分:1)
getAcceptAllTrustManager()表示未对证书的有效性进行检查。如果您控制所涉及站点的端到端,则可能没问题。请参阅:Trusting all certificates using HttpClient over HTTPS