Has anyone had any success getting an android device to participate in a two-way SSL hanshake? ie with a client cert involved on the device? After installing the client cert from the sd card - i cannot connect to the URL that requires a two way ssl handshake in either the browser or the mail app. (we secure our mail server behind a hardware appliance that establishes the SSL connection).
The Device just throws an SSL handshake error. Our setup works on all desktop browsers, iphones and WinMo devices with the client cert installed.
This is the error log from the device (HTC Desire with 2.1):
D/EAS_AppSvc( 422): 06021143 > testServer()
D/EAS_AppSvc( 422): 06021143 > initEASService()
V/EAS DeviceInfo( 422): GetDeviceID: 4020b869
D/EAS_AppSvc( 422): 06021143 (1)connect to > https://serverxxx.com.au/Microsoft-Server-ActiveSync?User=u415434&DeviceId=HTCAnd4020b869&DeviceType=htcbravo
I/AlertDialog( 422): [onCreate] auto launch SIP.
D/EASProgressDialog( 422): 06021143 onStart()
D/EAS_AppSvc( 422): 06021143 onServiceStateChanged :serviceState = 0 home Telstra Mobile (N/A) 50501 HSDPA CSS not supported -1 -1RoamInd: -1DefRoamInd: -1EriInd: -1EriMode: -1RadioPowerSv: false
I/LockUtil( 422): 06021143 - acquire PowerLock - PARTIAL_WAKE_LOCK: EAS_NETWORK_CHANGE
D/EAS_AppSvc( 422): 06021143 isWifiNetwork: false
D/EAS_AppSvc( 422): 06021143 isWifiNetwork: false
D/EAS_AppSvc( 422): 06021143 isMobileNetwork: true
D/EAS_AppSvc( 422): 06021143 NETWORK_STATE_CHANGED: isWifi:false, isMobile:true
D/EAS_AppSvc( 422): 06021143 SvcHandler - Account not configured
I/LockUtil( 422): 06021143 - release PowerLock: EAS_NETWORK_CHANGE
D/TelephonyRegistry( 81): notifyDataConnection() state=2isDataConnectivityPossible()true, reason=null
D/TelephonyRegistry( 81): broadcastDataConnectionStateChanged() state=CONNECTEDtypes=default,supl, interfaceName=rmnet0
D/NetworkLocationProvider( 81): onDataConnectionStateChanged 8
D/MobileDataStateTracker( 81): replacing old mInterfaceName (rmnet0) with rmnet0 for supl
D/PhoneApp( 145): mReceiver: ACTION_ANY_DATA_CONNECTION_STATE_CHANGED
D/PhoneApp( 145): - state: CONNECTED
D/PhoneApp( 145): - reason: null
D/PendingMsgSendReceiverRegister( 372): onReceive, start to send QueuedMessage
D/PendingMsgSendReceiverRegister( 372): SmsReceiverService_handleServiceStateChanged() sendFirstQueuedMessage >>
D/PendingMsgSendReceiverRegister( 372): SmsReceiverService_handleServiceStateChanged() sendFirstQueuedMessage <<
V/MmsSystemEventReceiver( 372): Intent received: Intent { act=android.intent.action.ANY_DATA_STATE cmp=com.android.mms/.transaction.MmsSystemEventReceiver (has extras) }
E/OpenSSLSocketImpl( 422): Unknown error 1 during connect
W/System.err( 422): java.io.IOException: SSL handshake failure: Failure in SSL library, usually a protocol error
W/System.err( 422): error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure (external/openssl/ssl/s3_pkt.c:1053 0x4b1778:0x00000003)
W/System.err( 422): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.nativeconnect(Native Method)
W/System.err( 422): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:305)
W/System.err( 422): at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:92)
W/System.err( 422): at com.htc.android.mail.eassvc.common.EASHostnameVerifier.verify(EASHostnameVerifier.java:34)
W/System.err( 422): at com.htc.android.mail.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:242)
W/System.err( 422): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:129)
W/System.err( 422): at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164)
W/System.err( 422): at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119)
W/System.err( 422): at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:348)
W/System.err( 422): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555)
W/System.err( 422): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487)
W/System.err( 422): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465)
W/System.err( 422): at android.net.http.AndroidHttpClient.execute(AndroidHttpClient.java:283)
W/System.err( 422): at com.htc.android.mail.eassvc.EASAppSvc.testServer(EASAppSvc.java:3999)
W/System.err( 422): at com.htc.android.mail.eassvc.EASAppSvc$2.testServer(EASAppSvc.java:600)
W/System.err( 422): at com.htc.android.mail.easclient.ExchangeSvrSetting$TestServerThread.run(ExchangeSvrSetting.java:1188)
I/EAS_AppSvc( 422): 06021143 testServer(), IOException(1): SSL handshake failure: Failure in SSL library, usually a protocol error
I/EAS_AppSvc( 422): error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure (external/openssl/ssl/s3_pkt.c:1053 0x4b1778:0x00000003)
V/EAS DeviceInfo( 422): GetDeviceID: 4020b869
D/EAS_AppSvc( 422): 06021143 (2)connect to > https://serverxxx.com.au/Microsoft-Server-ActiveSync?User=u415434&DeviceId=HTCAnd4020b869&DeviceType=htcbravo
E/OpenSSLSocketImpl( 422): Unknown error 1 during connect
W/System.err( 422): java.io.IOException: SSL handshake failure: Failure in SSL library, usually a protocol error
W/System.err( 422): error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure (external/openssl/ssl/s3_pkt.c:1053 0x3f9e10:0x00000003)
W/System.err( 422): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.nativeconnect(Native Method)
W/System.err( 422): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:305)
W/System.err( 422): at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:92)
W/System.err( 422): at com.htc.android.mail.eassvc.common.EASHostnameVerifier.verify(EASHostnameVerifier.java:34)
W/System.err( 422): at com.htc.android.mail.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:242)
W/System.err( 422): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:129)
W/System.err( 422): at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164)
W/System.err( 422): at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119)
W/System.err( 422): at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:348)
W/System.err( 422): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555)
W/System.err( 422): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487)
W/System.err( 422): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465)
W/System.err( 422): at android.net.http.AndroidHttpClient.execute(AndroidHttpClient.java:283)
W/System.err( 422): at com.htc.android.mail.eassvc.EASAppSvc.testServer(EASAppSvc.java:3999)
W/System.err( 422): at com.htc.android.mail.eassvc.EASAppSvc$2.testServer(EASAppSvc.java:600)
W/System.err( 422): at com.htc.android.mail.easclient.ExchangeSvrSetting$TestServerThread.run(ExchangeSvrSetting.java:1188)
I/EAS_AppSvc( 422): 06021143 testServer(), IOException(2): SSL handshake failure: Failure in SSL library, usually a protocol error
I/EAS_AppSvc( 422): error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure (external/openssl/ssl/s3_pkt.c:1053 0x3f9e10:0x00000003)
D/EASProgressDialog( 422): 06021143 onStop()
V/HtcAlertDialog( 422): onStop
I/HtcAlertDialog( 422): deinitSensor
Installing the cert really is making it available for VPN and WiFi, not generally to all applications.
An application can use client certificates by creating their own SSLContext and initializing it with a KeyManager as shown in this Java example: SSLContext and KeyManager example The SSLSocketFactory returned by SSLContext.getSocketFactory will provide the client certificate from the keystore during handshake.
From your stack trace, it seems like you are using an email app from HTC, I'm not sure if they support client certificates, if so, they probably need to be configured within the application. I do know that the third party app Nitrodesk Touchdown available on the Android Market supports client certificates but that the Android builtin Exchange support in Froyo does not.
Related
Facing this problem while trying to implement JaCoCo Offline Instrumentation.
W/System.err( 1733): java.io.FileNotFoundException: /jacoco.exec: open failed: EROFS (Read-only file system)
W/System.err( 1733): at libcore.io.IoBridge.open(IoBridge.java:456)
W/System.err( 1733): at java.io.FileOutputStream.<init>(FileOutputStream.java:89)
--
W/System.err( 1733): at libcore.io.IoBridge.open(IoBridge.java:456)
W/System.err( 1733): at java.io.FileOutputStream.<init>(FileOutputStream.java:89)
W/System.err( 1733): at org.jacoco.agent.rt.internal_14f7ee5.output.FileOutput.openFile(FileOutput.java:67)
W/System.err( 1733): at org.jacoco.agent.rt.internal_14f7ee5.output.FileOutput.startup(FileOutput.java:49)
W/System.err( 1733): at org.jacoco.agent.rt.internal_14f7ee5.Agent.startup(Agent.java:122)
W/System.err( 1733): at org.jacoco.agent.rt.internal_14f7ee5.Agent.getInstance(Agent.java:50)
W/System.err( 1733): at org.jacoco.agent.rt.internal_14f7ee5.Offline.<clinit>(Offline.java:31)
The solution is well-documented in jacoco but for Android people, what you need is to add the file in /src/androidTest/resources/jacoco-agent.properties with the contents output=none so jacoco can startup without failing, and coverage will be written as normal and transferred correctly later by the android gradle plugin coverage implementation.
I think it's safe to ignore that offline instrumentation warning, because the path should be something alike: executionData = files("${project.buildDir}/jacoco/${testTaskName}.exec") (on the PC - so there is no need to save it on the device and then pull the file).
On Android this will add the JaCoCo agent into the APK:
buildTypes {
debug {
testCoverageEnabled = true
}
}
Cordova App breaks on Android lollipop, During app installation this is what i see in the logcat, though i am not sure if these are the actual cause of the error. (app installs/works fine on versions < 5.0)
using cordova v-5.1.1 & cordova-android#4.0.2
I/PersonaManagerService( 3485): PersonaId don't exist
I/ActivityManager( 3485): do not start freezing screen for locked container getKeyguardshowstate = false
E/Parcel ( 3485): Class not found when unmarshalling: com.android.packageinstaller.InstallFlowAnalytics
E/Parcel ( 3485): java.lang.ClassNotFoundException: com.android.packageinstaller.InstallFlowAnalytics
further downword in the logs i see this
D/ApplicationPolicy( 3485): isStatusBarNotificationAllowedAsUser: packageName = com.android.providers.downloads,userId = 0
V/ApplicationPolicy( 3485): isApplicationStateBlocked userId 0 pkgname com.android.providers.downloads
W/NotificationService( 3485): Pray mode not found android.content.pm.PackageManager$NameNotFoundException: Application package com.sec.android.settings.praymodewidget not found
I/PackageManager( 3485): do mInstaller.dexopt : 0
D/PackageManager( 3485): Time to dexopt: 1.389 seconds
W/System.err( 3485): java.io.FileNotFoundException: /data/app/com.TestApp.Test-1: open failed: EISDIR (Is a directory)
W/System.err( 3485): at libcore.io.IoBridge.open(IoBridge.java:456)
W/System.err( 3485): at java.io.FileInputStream.<init>(FileInputStream.java:76)
W/System.err( 3485): at android.content.pm.PackageParser.getHashValueOfPackage(PackageParser.java:5170)
W/System.err( 3485): at com.android.server.pm.PackageManagerService.saveHash(PackageManagerService.java:19974)
W/System.err( 3485): at com.android.server.pm.PackageManagerService.access$5800(PackageManagerService.java:352)
W/System.err( 3485): at com.android.server.pm.PackageManagerService$21.run(PackageManagerService.java:19959)
W/System.err( 3485): Caused by: android.system.ErrnoException: open failed: EISDIR (Is a directory)
W/System.err( 3485): at libcore.io.IoBridge.open(IoBridge.java:446)
W/System.err( 3485): ... 5 more
W/System.err( 3485): remove failed: ENOENT (No such file or directory) : /data/system/packages.xml.bak
W/System.err( 3485): remove failed: ENOENT (No such file or directory) : /data/system/users/0/package-restrictions.xml.bak
D/PackageManager( 3485): New package installed
Though the application then installs successfully but there are rendering issue's when i start the app.
In-case you need some other information on the error let me know.
I am new to android and I am trying to explore the AccessibilityService. I have extended the AccessibilityService class, which gets the AccessibilityEvents and I am able to use the events.
I see a problem when I run "uiautomator dump". My AccessibilityService gets destroyed and I do not get any Accessibility Events. Is there a way to work around this problem?
Any help or suggestion appreciated. Thank you very much in advance.
The stack trace is attached below:
W/System.err( 3832): at com.example.myservice.MyAccessibilityService.onUnbind(MyAccessibilityService.java:185)
W/System.err( 3832): at android.app.ActivityThread.handleUnbindService(ActivityThread.java:2629)
W/System.err( 3832): at android.app.ActivityThread.access$1800(ActivityThread.java:141)
W/System.err( 3832): at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1348)
W/System.err( 3832): at android.os.Handler.dispatchMessage(Handler.java:99)
W/System.err( 3832): at android.os.Looper.loop(Looper.java:137)
W/System.err( 3832): at android.app.ActivityThread.main(ActivityThread.java:5103)
W/System.err( 3832): at java.lang.reflect.Method.invokeNative(Native Method)
W/System.err( 3832): at java.lang.reflect.Method.invoke(Method.java:525)
W/System.err( 3832): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:737)
W/System.err( 3832): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:553)
W/System.err( 3832): at dalvik.system.NativeStart.main(Native Method)
UiAutomator can't be used along with an AccessibilityService. When you turn on the service the uiAutomator will crash.
However, as UiAutomator 2.0 is based on instrumentation you will probably be able to access the information you need without the service.
I faced the same problem & just found out the solution from here.
The answer was written in Kotlin so I modified mine here as I am writing in Java:
int flags = UiAutomation.FLAG_DONT_SUPPRESS_ACCESSIBILITY_SERVICES;
Configurator.getInstance().setUiAutomationFlags(flags);
mDevice = UiDevice.getInstance(getInstrumentation());
Please try with uiautomator2 having version above 18 and make disable supress accessibility service flag as true, which ll run accessibility service as well as driver seamlessly without terminating.
You could switch to UiAutmator2 with following code from appium-uiautomator2-server:
private void setAccessibilityServiceState() {
if (Build.VERSION.SDK_INT < Build.VERSION_CODES.N) {
return;
}
Configurator.getInstance().setUiAutomationFlags(
UiAutomation.FLAG_DONT_SUPPRESS_ACCESSIBILITY_SERVICES);
} else {
// We can disable UiAutomation.FLAG_DONT_SUPPRESS_ACCESSIBILITY_SERVICES
// only when we set the value as zero
Configurator.getInstance().setUiAutomationFlags(0);
}
}
I was getting this failure on a ICS device with latest Google Play Services when trying to call GoogleAuthUtil.getToken(args). The issue was resolved by removing and adding Google account to the phone. I wasn't able to reproduce the error. Google searching stack trace provided no insights. Any ideas on how this issue could be prevented and what it means are appreciated!
W/System.err( 3145): java.lang.SecurityException: Permission Denial: reading com.google.android.gsf.gservices.GservicesProvider uri content://com.google.android.gsf.gservices/prefix from pid=3145, uid=10055 requires com.google.android.providers.gsf.permission.READ_GSERVICES
W/System.err( 3145): at android.os.Parcel.readException(Parcel.java:1327)
W/System.err( 3145): at android.os.Parcel.readException(Parcel.java:1281)
W/System.err( 3145): at com.google.android.gms.internal.a$a$a.a(Unknown Source)
W/System.err( 3145): at com.google.android.gms.auth.GoogleAuthUtil.getToken(Unknown Source)
W/System.err( 3145): at com.google.android.gms.auth.GoogleAuthUtil.getToken(Unknown Source)
W/System.err( 3145): at com.xxxxx.Backend.obtainSheetKeyAndInitService(Backend.java:112)
W/System.err( 3145): at com.xxxxx.Backend.fetchColumns(Backend.java:103)
W/System.err( 3145): at com.xxxxx.ProgressActivity$DummySectionFragment$3.doInBackground(ProgressActivity.java:288)
W/System.err( 3145): at com.xxxxx.ProgressActivity$DummySectionFragment$3.doInBackground(ProgressActivity.java:1)
W/System.err( 3145): at android.os.AsyncTask$2.call(AsyncTask.java:264)
W/System.err( 3145): at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:305)
W/System.err( 3145): at java.util.concurrent.FutureTask.run(FutureTask.java:137)
W/System.err( 3145): at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:208)
W/System.err( 3145): at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1076)
W/System.err( 3145): at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:569)
W/System.err( 3145): at java.lang.Thread.run(Thread.java:856)
EDIT
As of time of reporting the bug:
google_play_services-lib android:versionName="3.2.65 (834000-30)"
Google Play Services version on device 4.0.31
Updated library to 4.0.30 and added requested permission to Manifest which seems to have worked. Waiting for Google to confirm that new library version fixes this issue because adding a new permission is a highly undesirable fix.
Bug report: http://code.google.com/p/android/issues/detail?id=61934
You should add
<uses-permission android:name="com.google.android.providers.gsf.permission.READ_GSERVICES" />
to the AndroidManifest.xml file. Thats all.
Today 2013-11-14 there has been a large drop in the number of error reports we have received due to this exception. Also I see Google Play Services version 4.0.33 is out, I didn't notice exactly when that released but it looks like yesterday.
Perhaps Google released a fix in 4.0.33? That would be great!
If anyone has been able to reproduce this bug, please let us know if 4.0.33 fixes it for you. (We have never been able to reproduce the bug on a dev device, although we have have zillions of traces from our installed base.)
[UPDATE] Google has definitely pushed a fix, we had only a handful of reports on 11/15 and zero on 11/16
It must be some idiotic thing that I am doing but I could not get it what is the problem...
My code snippet
try {
HttpClient client = new DefaultHttpClient();
HttpGet request = new HttpGet("http://somehost/WS2/Upload.aspx?one=valueGoesHere");
client.execute(request);//it fails at this line
} catch (Exception e) {
and in my manifest I have internet access permission
from console
W/System.err( 4210): java.net.UnknownHostException: somehost
W/System.err( 4210): at java.net.InetAddress.lookupHostByName(InetAddress.java:513)
W/System.err( 4210): at java.net.InetAddress.getAllByNameImpl(InetAddress.java:278)
W/System.err( 4210): at java.net.InetAddress.getAllByName(InetAddress.java:242)
W/System.err( 4210): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:136)
W/System.err( 4210): at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164)
W/System.err( 4210): at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119)
W/System.err( 4210): at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:348)
W/System.err( 4210): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555)
W/System.err( 4210): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487)
W/System.err( 4210): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465)
W/System.err( 4210): at com.temp.services.httpclient.HttpGetDemo.onCreate(HttpGetDemo.java:29)
W/System.err( 4210): at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1069)
W/System.err( 4210): at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2751)
W/System.err( 4210): at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2803)
W/System.err( 4210): at android.app.ActivityThread.access$2300(ActivityThread.java:135)
W/System.err( 4210): at android.app.ActivityThread$H.handleMessage(ActivityThread.java:2136)
W/System.err( 4210): at android.os.Handler.dispatchMessage(Handler.java:99)
W/System.err( 4210): at android.os.Looper.loop(Looper.java:144)
W/System.err( 4210): at android.app.ActivityThread.main(ActivityThread.java:4937)
W/System.err( 4210): at java.lang.reflect.Method.invokeNative(Native Method)
W/System.err( 4210): at java.lang.reflect.Method.invoke(Method.java:521)
W/System.err( 4210): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:868)
W/System.err( 4210): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:626)
W/System.err( 4210): at dalvik.system.NativeStart.main(Native Method)
I/ActivityManager( 120): Displayed activity com.temp.services/.httpclient.HttpGetDemo: 119 ms (total 304 ms)
Try to add the following before your http request code
StrictMode.ThreadPolicy policy = new StrictMode.ThreadPolicy.Builder().permitAll().build();
StrictMode.setThreadPolicy(policy);
Don't forget to declare the INTERNET permission in the Android manifest:
<uses-permission android:name="android.permission.INTERNET"/>
You should make sure your are not running on your main thread, check if you get this exception:
android.os.NetworkOnMainThreadException
ok, What about trying this :
URL uri = new URL(rootUri);
HttpURLConnection connection = (HttpURLConnection) uri.openConnection();
connection.setRequestMethod("GET");
connection.setDoInput(true);
connection.connect();
Do you execute this request in the emulator or on an android device ?
if it's on the emulator, maybe the internet connection is not shared with it.
If it's on an android device, seems you don't have internet access ( not the permission, just the access )
Assuming that the URL is a valid one, I suggest that you should call :
try {
InetAddress address = InetAddress.getByName(url);
} catch (UnknownHostException e) {
e.printStackTrace();
}
This is DNS pre-fetching so that your device can resolve it URl to an IP address.
Although this isn't enough for it to guarantee to work. What actually worked for me is a retrying mechanism. Give it some good old F5 F5 F5 F5 till the website responds :D
The Problem is with URL.As it shows in Log Exception is
java.net.UnknownHostException: somehost
Try with your true URL.
& BTW www.google.com works fine