SSLv3协议不安全,在我阅读some articles后,我使用this solution删除此协议。
方法删除sslv3:
@Override
public void setEnabledProtocols(String[] protocols) {
if (protocols != null && protocols.length == 1 && "SSLv3".equals(protocols[0])) {
// no way jose
// see issue https://code.google.com/p/android/issues/detail?id=78187
List<String> enabledProtocols = new ArrayList<String>(Arrays.asList(delegate.getEnabledProtocols()));
for (String pro : enabledProtocols) {
VolleyLog.d(pro);
}
if (enabledProtocols.size() > 1) {
enabledProtocols.remove("SSLv3");
VolleyLog.d("Removed SSLv3 from enabled protocols");
} else {
VolleyLog.d("SSL stuck with protocol available for " + String.valueOf(enabledProtocols));
}
protocols = enabledProtocols.toArray(new String[enabledProtocols.size()]);
}
super.setEnabledProtocols(protocols);
}
我使用Volley作为http客户端,这是我的代码来初始化请求队列:
HttpStack stack;
if (Build.VERSION.SDK_INT >= 9) {
// Use a socket factory that removes sslv3
// https://code.google.com/p/android/issues/detail?id=78187
stack = new HurlStack(null, new NoSSLv3Compat.NoSSLv3Factory());
} else {
// Prior to Gingerbread, HttpUrlConnection was unreliable.
// See: http://android-developers.blogspot.com/2011/09/androids-http-clients.html
stack = new HttpClientStack(AndroidHttpClient.newInstance(userAgent));
}
我正在使用小米M3和MIUI ROM,它基于Android 4.4.4。
调用setEnabledProtocols方法时,我打印一些日志:
D/Volley: [1444] NoSSLv3SSLSocket.setEnabledProtocols: SSLv3
D/Volley: [1444] NoSSLv3SSLSocket.setEnabledProtocols: TLSv1
D/Volley: [1444] NoSSLv3SSLSocket.setEnabledProtocols: Removed SSLv3 from enabled protocols
当我尝试加载此image时,失败,输出:
NoConnectionError:javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException:SSL握手终止: ssl = 0x77f49768:SSL库失败,通常是协议错误
E / CachedHttp:错误:1409443E:SSL例程:SSL3_READ_BYTES:tlsv1 alert 不适当的后备(外部/ openssl / ssl / s3_pkt.c:1256 0x77f4c280:0x00000003)
此映像服务器支持以下协议:
TLS 1.2,TLS 1.1,TLS 1.0,SSL 3
你能帮我解决一下吗?
答案 0 :(得分:0)
您是否检查过按键的大小。启用调试日志以查看确切问题。可能是由于您尝试连接的后端密钥大小不足而造成的。
