From 8a880a13df643a7b23eb1e0987cead6a7c014367 Mon Sep 17 00:00:00 2001 From: UnfamiliarLegacy <74633542+UnfamiliarLegacy@users.noreply.github.com> Date: Mon, 13 Feb 2023 05:03:56 +0100 Subject: [PATCH] Allow untrusted SSL certificates for Nitro --- .../nitro/websocket/NitroWebsocketServer.java | 55 +++++++++++++++++-- 1 file changed, 51 insertions(+), 4 deletions(-) diff --git a/G-Earth/src/main/java/gearth/protocol/connection/proxy/nitro/websocket/NitroWebsocketServer.java b/G-Earth/src/main/java/gearth/protocol/connection/proxy/nitro/websocket/NitroWebsocketServer.java index 5ed19c1..37ca63d 100644 --- a/G-Earth/src/main/java/gearth/protocol/connection/proxy/nitro/websocket/NitroWebsocketServer.java +++ b/G-Earth/src/main/java/gearth/protocol/connection/proxy/nitro/websocket/NitroWebsocketServer.java @@ -5,6 +5,8 @@ import gearth.protocol.HMessage; import gearth.protocol.connection.proxy.nitro.NitroConstants; import gearth.protocol.packethandler.PacketHandler; import gearth.protocol.packethandler.nitro.NitroPacketHandler; +import org.eclipse.jetty.client.HttpClient; +import org.eclipse.jetty.util.ssl.SslContextFactory; import org.eclipse.jetty.websocket.api.Session; import org.eclipse.jetty.websocket.api.WebSocketListener; import org.eclipse.jetty.websocket.client.ClientUpgradeRequest; @@ -12,8 +14,13 @@ import org.eclipse.jetty.websocket.client.WebSocketClient; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import javax.net.ssl.SSLContext; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; import java.io.IOException; import java.net.URI; +import java.security.SecureRandom; +import java.security.cert.X509Certificate; import java.util.Arrays; import java.util.HashSet; import java.util.List; @@ -45,10 +52,7 @@ public class NitroWebsocketServer implements WebSocketListener, NitroSession { try { logger.info("Building origin websocket connection ({})", websocketUrl); - final WebSocketClient client = new WebSocketClient(); - - client.setMaxBinaryMessageBufferSize(NitroConstants.WEBSOCKET_BUFFER_SIZE); - client.setMaxTextMessageBufferSize(NitroConstants.WEBSOCKET_BUFFER_SIZE); + final WebSocketClient client = createWebSocketClient(); final ClientUpgradeRequest request = new ClientUpgradeRequest(); @@ -129,4 +133,47 @@ public class NitroWebsocketServer implements WebSocketListener, NitroSession { // Shutdown. client.shutdownProxy(); } + + private SSLContext createSSLContext() { + final TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() { + public X509Certificate[] getAcceptedIssuers() { + return new X509Certificate[0]; + } + + @Override + public void checkClientTrusted(X509Certificate[] certs, String authType) { + } + + @Override + public void checkServerTrusted(X509Certificate[] certs, String authType) { + } + }}; + + try { + final SSLContext sslContext = SSLContext.getInstance("TLS"); + + sslContext.init(null, trustAllCerts, new SecureRandom()); + + return sslContext; + } catch (Exception e) { + throw new RuntimeException("Failed to setup ssl context", e); + } + } + + private HttpClient createHttpClient() { + final SslContextFactory.Client factory = new SslContextFactory.Client(); + + factory.setSslContext(createSSLContext()); + + return new HttpClient(factory); + } + + private WebSocketClient createWebSocketClient() { + final WebSocketClient client = new WebSocketClient(createHttpClient()); + + client.setMaxBinaryMessageBufferSize(NitroConstants.WEBSOCKET_BUFFER_SIZE); + client.setMaxTextMessageBufferSize(NitroConstants.WEBSOCKET_BUFFER_SIZE); + + return client; + } }