stackoom
  简体   繁体   中英

Android (23) - Smack (4.1.8) - XMPP - “SSL23_GET_SERVER_HELLO:unknown protocol” error

 原文  2016-08-12 19:58:35       android/ ssl/ xmpp

Question

I am trying to build a chat application in Android (23), over XMPP, using Smack 4.1.8 libraries. I'm testing this directly on mobile phones (Galaxy S6 and Galaxy E7). I am trying to connect to xmpp.jp. I am getting this exception when trying to connect: 

08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: javax.net.ssl.SSLHandshakeException: Handshake failed
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err:     at com.google.android.gms.org.conscrypt.OpenSSLSocketImpl.startHandshake(:com.google.android.gms:405)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err:     at com.google.android.gms.org.conscrypt.OpenSSLSocketImpl.waitForHandshake(:com.google.android.gms:638)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err:     at com.google.android.gms.org.conscrypt.OpenSSLSocketImpl.getInputStream(:com.google.android.gms:600)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err:     at org.jivesoftware.smack.tcp.XMPPTCPConnection.initReaderAndWriter(XMPPTCPConnection.java:659)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err:     at org.jivesoftware.smack.tcp.XMPPTCPConnection.initConnection(XMPPTCPConnection.java:629)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err:     at org.jivesoftware.smack.tcp.XMPPTCPConnection.connectInternal(XMPPTCPConnection.java:855)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err:     at org.jivesoftware.smack.AbstractXMPPConnection.connect(AbstractXMPPConnection.java:364)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err:     at com.example.android.proximitychat.Utility.MyXMPP$2.doInBackground(MyXMPP.java:247)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err:     at com.example.android.proximitychat.Utility.MyXMPP$2.doInBackground(MyXMPP.java:227)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err:     at android.os.AsyncTask$2.call(AsyncTask.java:292)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err:     at java.util.concurrent.FutureTask.run(FutureTask.java:237)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err:     at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:231)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err:     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err:     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err:     at java.lang.Thread.run(Thread.java:818)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb88c5e50: Failure in SSL library, usually a protocol error
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol (third_party/java/android_libs/gcore/migration_libs/packages/external/openssl/ssl/s23_clnt.c:795 0x9c5f2dcc:0x00000000)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err:     at com.google.android.gms.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
08-13 00:49:49.017 15912-16034/com.example.android.proximitychat W/System.err:     at com.google.android.gms.org.conscrypt.OpenSSLSocketImpl.startHandshake(:com.google.android.gms:333)

Using this tutorial . I have tried the DummySSLSocketFactory , [NoSSLFactory] and [TLSFactory] solutions (Unable to post more than 2 links :|). None of them has worked for me.

My connection code is: 

private void initialiseConnection() {

    XMPPTCPConnectionConfiguration.Builder config = XMPPTCPConnectionConfiguration
            .builder();
    //config.setSecurityMode(ConnectionConfiguration.SecurityMode.disabled);
    config.setSecurityMode(ConnectionConfiguration.SecurityMode.required);
    config.setServiceName(serverAddress);
    config.setHost(serverAddress);
    //config.setPort(5222);
    config.setPort(5222);
    config.setDebuggerEnabled(true);

    SSLContext sslContext = null;
    try {
        sslContext = createSSLContext(context);
        //sslContext.getSupportedSSLParameters();

    } catch (KeyStoreException e) {
        e.printStackTrace();
    } catch (KeyManagementException e){
        e.printStackTrace();
    } catch (IOException e) {
        e.printStackTrace();
    } catch (CertificateException e) {
        e.printStackTrace();
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();

    //} catch(NoSuchProviderException e){
    //    e.printStackTrace();
    }

    //config.setSocketFactory(new DummySSLSocketFactory());
    //config.setSocketFactory(SSLSocketFactory.getDefault());
    config.setCustomSSLContext(sslContext);
    //SSLSocketFactory socketFactory = sslContext.getSocketFactory();
    //NoSSLv3SocketFactory socketFactory = new NoSSLv3SocketFactory(sslContext.getSocketFactory());
    TLSSocketFactory socketFactory = new TLSSocketFactory(sslContext);
    //SSLSocketFactory noSSLv3Factory = new TlsOnlySocketFactory(sslContext.getSocketFactory());

    config.setSocketFactory(socketFactory);
    config.setEnabledSSLProtocols(new String[]{"TLSv1", "TLSv1.1", "TLSv1.2"});


    XMPPTCPConnection.setUseStreamManagementResumptiodDefault(true);
    XMPPTCPConnection.setUseStreamManagementDefault(true);
    connection = new XMPPTCPConnection(config.build());

    XMPPConnectionListener connectionListener = new XMPPConnectionListener();
    connection.addConnectionListener(connectionListener);
}

private SSLContext createSSLContext(Context context) throws KeyStoreException,
        NoSuchAlgorithmException, KeyManagementException, IOException, CertificateException {

    KeyStore trustStore;
    InputStream in = null;
    trustStore = KeyStore.getInstance("BKS");

    in = context.getResources().openRawResource(R.raw.keystore1);

    trustStore.load(in, "MY_STORE_PASSWORD".toCharArray());

    TrustManagerFactory trustManagerFactory = TrustManagerFactory
            .getInstance(KeyManagerFactory.getDefaultAlgorithm());
    trustManagerFactory.init(trustStore);
    //SSLContext sslContext = SSLContext.getInstance("TLS");
    SSLContext sslContext = null;
    try {
        //sslContext = SSLContext.getInstance("TLSv1", "AndroidOpenSSL");
        sslContext = SSLContext.getInstance("TLS");
    }
    catch(Exception e){
        e.printStackTrace();
    }

    sslContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());


    Log.d("SSL Protocol: ", sslContext.getProtocol());
    Log.d("SSL Provider: ", sslContext.getProvider().toString());
    String[] protocols = sslContext.getDefaultSSLParameters().getProtocols();
    sslContext.getDefaultSSLParameters().setProtocols(protocols);

    return sslContext;
}

The TLSFactory code is: 

public class TLSSocketFactory extends SSLSocketFactory {

    private SSLSocketFactory internalSSLSocketFactory;

    public TLSSocketFactory() throws KeyManagementException, NoSuchAlgorithmException {
        SSLContext context = SSLContext.getInstance("TLS");
        context.init(null, null, null);
        internalSSLSocketFactory = context.getSocketFactory();
    }

    public TLSSocketFactory(SSLContext sslContext){
        internalSSLSocketFactory = sslContext.getSocketFactory();
    }

    @Override
    public String[] getDefaultCipherSuites() {
        return internalSSLSocketFactory.getDefaultCipherSuites();
    }

    @Override
    public String[] getSupportedCipherSuites() {
        return internalSSLSocketFactory.getSupportedCipherSuites();
    }

    @Override
    public Socket createSocket() throws IOException {
        return enableTLSOnSocket(internalSSLSocketFactory.createSocket());
    }

    @Override
    public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {
        return enableTLSOnSocket(internalSSLSocketFactory.createSocket(s, host, port, autoClose));
    }

    @Override
    public Socket createSocket(String host, int port) throws IOException, UnknownHostException {
        return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port));
    }

    @Override
    public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException, UnknownHostException {
        return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port, localHost, localPort));
    }

    @Override
    public Socket createSocket(InetAddress host, int port) throws IOException {
        return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port));
    }

    @Override
    public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {
        return enableTLSOnSocket(internalSSLSocketFactory.createSocket(address, port, localAddress, localPort));
    }

    private Socket enableTLSOnSocket(Socket socket) {
        if(socket != null && (socket instanceof SSLSocket)) {
            //((SSLSocket)socket).setEnabledProtocols(new String[] {"SSLv3","TLSv1", "TLSv1.1", "TLSv1.2"});
            ((SSLSocket)socket).setEnabledProtocols(new String[] {"TLSv1", "TLSv1.1", "TLSv1.2"});
            Log.d("TLSSocketFactory: ", "setting TLS list");
        }
        if(socket!= null) {
            Log.d("TLSSocketFactory: ", "socket class: " +socket.getClass());
        }
        Log.d("TLSSocketFactory: ","Returning TLS Enabled Socket");

        return socket;
    }
}

I have tried every solution I could find for this and am still unable to connect to the xmpp server. I have also tried the jabber server at wtfismyip.com with similar results. Stuck at this point for over 2 weeks now. Would appreciate help in getting past this roadblock.

1 answers

solution1
 0  2016-12-24 19:19:26

Rather late to answer, but still.. I guess the issue is because you are using 5222 as the port. If you check your server settings, you might find 5223 as the Client SSL Port set in your server. If so, just changing that will fix this issue.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Android 5.1.1 SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure ssl23_get_server_hello:tlsv1 alert handshake failure android 4.4 Firebase Firestore Backend Failure in SSL library, usually a protocol error error:140740B5:SSL routines:SSL23_CLIENT_HELLO:no ciphers Android Smack SSL/TLS connection to XMPP Ejabberd server with CA Certificate How to get all user on openfire xmpp server using smack on android? How to get server time in XMPP SMACK library android api 23 startActivity error Android 23 API IllegalArgumentException error Android XMPP using smack: No response from server Cordova Android 6.2.1 + Crosswalk 23 => SSL error: net::ERR_INSECURE_RESPONSE
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM