apps-android-commons
apps-android-commons copied to clipboard
commons-app
SSLHandshakeException while logging in on device with API level 19
Summary:
Getting SSLHandshakeException while logging in on a device with API level 19.
Steps to reproduce:
Try to log in on a device with API level 19.
System logs:
2022-01-19 09:22:23.503 3680-3680/fr.free.nrw.commons.beta E/LoginActivity: javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb9146450: Failure in SSL library, usually a protocol error
error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version (external/openssl/ssl/s23_clnt.c:741 0x8d9aa990:0x00000000)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:448)
at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.java:319)
at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.java:283)
at okhttp3.internal.connection.RealConnection.connect(RealConnection.java:168)
at okhttp3.internal.connection.StreamAllocation.findConnection(StreamAllocation.java:257)
at okhttp3.internal.connection.StreamAllocation.findHealthyConnection(StreamAllocation.java:135)
at okhttp3.internal.connection.StreamAllocation.newStream(StreamAllocation.java:114)
at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:42)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:93)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:126)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
at fr.free.nrw.commons.OkHttpConnectionFactory$CommonHeaderRequestInterceptor.intercept(OkHttpConnectionFactory.java:67)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
at fr.free.nrw.commons.OkHttpConnectionFactory$UnsuccessfulResponseInterceptor.intercept(OkHttpConnectionFactory.java:80)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
at okhttp3.logging.HttpLoggingInterceptor.intercept(HttpLoggingInterceptor.java:225)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:254)
at okhttp3.RealCall$AsyncCall.execute(RealCall.java:200)
at okhttp3.internal.NamedRunnable.run(NamedRunnable.java:32)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)
at java.lang.Thread.run(Thread.java:841)
Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb9146450: Failure in SSL library, usually a protocol error
error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version (external/openssl/ssl/s23_clnt.c:741 0x8d9aa990:0x00000000)
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:405)
... 32 more
Device and Android version:
Nexus 5x API level 19
Commons app version:
lastest master prodDebug
Screen-shots:
Would you like to work on the issue?
NO
Similar/related issue on API19:
2022-01-19 10:05:47.365 4856-4856/fr.free.nrw.commons E/LoginActivity: java.net.ConnectException: Failed to connect to commons.wikimedia.org/2620:0:862:ed1a::1:443
at okhttp3.internal.connection.RealConnection.connectSocket(RealConnection.java:248)
at okhttp3.internal.connection.RealConnection.connect(RealConnection.java:166)
at okhttp3.internal.connection.StreamAllocation.findConnection(StreamAllocation.java:257)
at okhttp3.internal.connection.StreamAllocation.findHealthyConnection(StreamAllocation.java:135)
at okhttp3.internal.connection.StreamAllocation.newStream(StreamAllocation.java:114)
at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:42)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:93)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:126)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
at fr.free.nrw.commons.OkHttpConnectionFactory$CommonHeaderRequestInterceptor.intercept(OkHttpConnectionFactory.java:67)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
at fr.free.nrw.commons.OkHttpConnectionFactory$UnsuccessfulResponseInterceptor.intercept(OkHttpConnectionFactory.java:80)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
at okhttp3.logging.HttpLoggingInterceptor.intercept(HttpLoggingInterceptor.java:225)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:254)
Anyone investigating this, could you please check from what API level it starts working correctly? Thanks!
I tested on a API 22 device and it works fine.
I think this issue is related to WMF wikis requiring TLS 1.2 these days. See [ ref 1 ], [ ref 2 ]. They do indicate that 4.3+ (that includes API 19) should be supported. I wouldn't be surprised if some 4.4 (API 19) devices also became a victim of the requirement, though.
If this is a serious one, we might try and work around it. Some related resources [ SO Q&A ], [ plausibly related GitHub issue in another repo ]
@madhurgupta10 @sivaraam I have tested it on API level 19. Unfortunately, it's still occuring.
Hey @Ayan-10, did you read my comment abovethat hints at a possible reason for this ?
One possible way to check if this is an app specific issue or not, is to check if it is possible to access https://commons.wikimedia.org/ through the browser preferably Chrome since I'm guessing it piggy back on the certificates installed in the device.
@sivaraam Yes, I can access https://commons.wikimedia.org/ from the browser of the device. The device doesn't have google chrome or Playstore so I was not able to test it with chrome.
I have also tested it on an API 21 device and It's not occurring anymore.
Yes, I can access https://commons.wikimedia.org/ from the browser of the device.
Interesting. Then there might really be something curious going on. I'm out of ideas on what might be possible causes for this issue. Let's see if others are able to shed any light upon this.