gpt4 book ai didi

java - 如何在 Java 中覆盖 HTTP 连接中的 DNS

转载 作者:塔克拉玛干 更新时间:2023-11-03 04:13:36 28 4
gpt4 key购买 nike

Curl 具有手动指定将主机解析到哪个 IP 的功能。例如:

curl https://google.com --resolve "google.com:443:173.194.72.113"

这在使用 HTTPS 时特别有用。如果它只是一个 HTTP 请求,我可以通过直接指定 IP 地址并添加主机 header 来实现相同的目的。但在 HTTPS 中,这会中断连接,因为 SSL 证书主机将与 IP 地址而不是主机 header 进行比较。

我的问题是,如何在 Java 中实现相同的目的?

最佳答案

如果使用 Apache 的 HttpClient ,您可以创建一个自定义 DNS 解析器来检测您要重定向的主机,然后提供一个替代 IP 地址。

Note: Just changing the Host header for HTTPS requests doesn't work. It will throw "javax.net.ssl.SSLPeerUnverifiedException", forcing you to trust bad certificates, stop SNI from working, etc., so really not an option. A custom DnsResolver is the only clean way I've found to get these requests to work with HTTPS in Java.

例子:

/* Custom DNS resolver */
DnsResolver dnsResolver = new SystemDefaultDnsResolver() {
@Override
public InetAddress[] resolve(final String host) throws UnknownHostException {
if (host.equalsIgnoreCase("my.host.com")) {
/* If we match the host we're trying to talk to,
return the IP address we want, not what is in DNS */
return new InetAddress[] { InetAddress.getByName("127.0.0.1") };
} else {
/* Else, resolve it as we would normally */
return super.resolve(host);
}
}
};

/* HttpClientConnectionManager allows us to use custom DnsResolver */
BasicHttpClientConnectionManager connManager = new BasicHttpClientConnectionManager(
/* We're forced to create a SocketFactory Registry. Passing null
doesn't force a default Registry, so we re-invent the wheel. */
RegistryBuilder.<ConnectionSocketFactory>create()
.register("http", PlainConnectionSocketFactory.getSocketFactory())
.register("https", SSLConnectionSocketFactory.getSocketFactory())
.build(),
null, /* Default ConnectionFactory */
null, /* Default SchemePortResolver */
dnsResolver /* Our DnsResolver */
);

/* build HttpClient that will use our DnsResolver */
HttpClient httpClient = HttpClientBuilder.create()
.setConnectionManager(connManager)
.build();

/* build our request */
HttpGet httpRequest = new HttpGet("https://my.host.com/page?and=stuff");

/* Executing our request should now hit 127.0.0.1, regardless of DNS */
HttpResponse httpResponse = httpClient.execute(httpRequest);

关于java - 如何在 Java 中覆盖 HTTP 连接中的 DNS,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/24350150/

28 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com