Louvorg/ReaderForSelfoss-multiplatform
Louvorg/ReaderForSelfoss-multiplatform
3
2
Fork 2
Code Issues 8 Pull Requests 1 Actions Releases 81 Wiki Activity

Login fails on APIs below 25 #139

New Issue
Closed
opened 2023-04-12 17:59:23 +00:00 by davidoskky · 2 comments
davidoskky commented 2023-04-12 17:59:23 +00:00
Contributor
Copy Link

Prerequisites

  • Are you running the latest version?
  • Did you check for an existing issue ?
  • Are you reporting to the correct repository?
  • Did you perform a cursory search?
  • Did you read the CONTRIBUTING guide ?

Description

Login fails if the API version is too low. I believe this is due to the networkSecurityConfig only supporting API version 24 and above.

Logs

2023-04-12 17:55:44.067  3852-3852  HttpSend                bou...ps.readerforselfossv2.android  I  Will login
2023-04-12 17:55:44.067  3852-3852  HttpSend                bou...ps.readerforselfossv2.android  I  Did login
2023-04-12 17:55:44.317  3852-3852  LogApiCalls             bou...ps.readerforselfossv2.android  D  REQUEST https://domain.com//items?username=&password=&type=all&items=1 failed with exception: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
2023-04-12 17:55:44.318  3852-3852  Repository...ssInstance bou...ps.readerforselfossv2.android  E  javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
                                                                                                    	at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:322)
                                                                                                    	at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.kt:379)
                                                                                                    	at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.kt:337)
                                                                                                    	at okhttp3.internal.connection.RealConnection.connect(RealConnection.kt:209)
                                                                                                    	at okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.kt:226)
                                                                                                    	at okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.kt:106)
                                                                                                    	at okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.kt:74)
                                                                                                    	at okhttp3.internal.connection.RealCall.initExchange$okhttp(RealCall.kt:255)
                                                                                                    	at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.kt:32)
                                                                                                    	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
                                                                                                    	at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.kt:95)
                                                                                                    	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
                                                                                                    	at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.kt:83)
                                                                                                    	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
                                                                                                    	at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.kt:76)
                                                                                                    	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
                                                                                                    	at okhttp3.internal.connection.RealCall.getResponseWithInterceptorChain$okhttp(RealCall.kt:201)
                                                                                                    	at okhttp3.internal.connection.RealCall$AsyncCall.run(RealCall.kt:517)
                                                                                                    	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)
                                                                                                    	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)
                                                                                                    	at java.lang.Thread.run(Thread.java:818)
                                                                                                    Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
                                                                                                    	at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:318)
                                                                                                    	at com.android.org.conscrypt.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:219)
                                                                                                    	at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:114)
                                                                                                    	at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:550)
                                                                                                    	at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
                                                                                                    	at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:318)
                                                                                                    	at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.kt:379) 
                                                                                                    	at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.kt:337) 
                                                                                                    	at okhttp3.internal.connection.RealConnection.connect(RealConnection.kt:209) 
                                                                                                    	at okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.kt:226) 
                                                                                                    	at okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.kt:106) 
                                                                                                    	at okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.kt:74) 
                                                                                                    	at okhttp3.internal.connection.RealCall.initExchange$okhttp(RealCall.kt:255) 
                                                                                                    	at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.kt:32) 
                                                                                                    	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) 
                                                                                                    	at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.kt:95) 
                                                                                                    	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) 
                                                                                                    	at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.kt:83) 
                                                                                                    	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) 
                                                                                                    	at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.kt:76) 
                                                                                                    	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) 
                                                                                                    	at okhttp3.internal.connection.RealCall.getResponseWithInterceptorChain$okhttp(RealCall.kt:201) 
                                                                                                    	at okhttp3.internal.connection.RealCall$AsyncCall.run(RealCall.kt:517) 
                                                                                                    	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112) 
                                                                                                    	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587) 
                                                                                                    	at java.lang.Thread.run(Thread.java:818) 
                                                                                                    Caused by: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
                                                                                                    	at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:318) 
                                                                                                    	at com.android.org.conscrypt.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:219) 
                                                                                                    	at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:114) 
                                                                                                    	at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:550) 
                                                                                                    	at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method) 
                                                                                                    	at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:318) 
                                                                                                    	at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.kt:379) 
                                                                                                    	at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.kt:337) 
                                                                                                    	at okhttp3.internal.connection.RealConnection.connect(RealConnection.kt:209) 
                                                                                                    	at okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.kt:226) 
                                                                                                    	at okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.kt:106) 
                                                                                                    	at okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.kt:74) 
                                                                                                    	at okhttp3.internal.connection.RealCall.initExchange$okhttp(RealCall.kt:255) 
                                                                                                    	at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.kt:32) 
                                                                                                    	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) 
                                                                                                    	at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.kt:95) 
                                                                                                    	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) 
                                                                                                    	at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.kt:83) 
                                                                                                    	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) 
                                                                                                    	at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.kt:76) 
                                                                                                    	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) 
                                                                                                    	at okhttp3.internal.connection.RealCall.getResponseWithInterceptorChain$okhttp(RealCall.kt:201) 
                                                                                                    	at okhttp3.internal.connection.RealCall$AsyncCall.run(RealCall.kt:517) 
                                                                                                    	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112) 
                                                                                                    	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587) 
                                                                                                    	at java.lang.Thread.run(Thread.java:818) 
### Prerequisites * [x] Are you running the latest version? * [x] Did you check for an existing issue ? * [x] Are you reporting to the correct repository? * [x] Did you perform a cursory search? * [x] Did you read the `CONTRIBUTING` guide ? ### Description Login fails if the API version is too low. I believe this is due to the networkSecurityConfig only supporting API version 24 and above. ### Logs ``` 2023-04-12 17:55:44.067 3852-3852 HttpSend bou...ps.readerforselfossv2.android I Will login 2023-04-12 17:55:44.067 3852-3852 HttpSend bou...ps.readerforselfossv2.android I Did login 2023-04-12 17:55:44.317 3852-3852 LogApiCalls bou...ps.readerforselfossv2.android D REQUEST https://domain.com//items?username=&password=&type=all&items=1 failed with exception: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. 2023-04-12 17:55:44.318 3852-3852 Repository...ssInstance bou...ps.readerforselfossv2.android E javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:322) at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.kt:379) at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.kt:337) at okhttp3.internal.connection.RealConnection.connect(RealConnection.kt:209) at okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.kt:226) at okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.kt:106) at okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.kt:74) at okhttp3.internal.connection.RealCall.initExchange$okhttp(RealCall.kt:255) at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.kt:32) at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.kt:95) at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.kt:83) at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.kt:76) at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) at okhttp3.internal.connection.RealCall.getResponseWithInterceptorChain$okhttp(RealCall.kt:201) at okhttp3.internal.connection.RealCall$AsyncCall.run(RealCall.kt:517) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587) at java.lang.Thread.run(Thread.java:818) Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:318) at com.android.org.conscrypt.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:219) at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:114) at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:550) at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method) at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:318) at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.kt:379)  at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.kt:337)  at okhttp3.internal.connection.RealConnection.connect(RealConnection.kt:209)  at okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.kt:226)  at okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.kt:106)  at okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.kt:74)  at okhttp3.internal.connection.RealCall.initExchange$okhttp(RealCall.kt:255)  at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.kt:32)  at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)  at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.kt:95)  at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)  at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.kt:83)  at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)  at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.kt:76)  at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)  at okhttp3.internal.connection.RealCall.getResponseWithInterceptorChain$okhttp(RealCall.kt:201)  at okhttp3.internal.connection.RealCall$AsyncCall.run(RealCall.kt:517)  at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)  at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)  at java.lang.Thread.run(Thread.java:818)  Caused by: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:318)  at com.android.org.conscrypt.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:219)  at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:114)  at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:550)  at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)  at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:318)  at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.kt:379)  at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.kt:337)  at okhttp3.internal.connection.RealConnection.connect(RealConnection.kt:209)  at okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.kt:226)  at okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.kt:106)  at okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.kt:74)  at okhttp3.internal.connection.RealCall.initExchange$okhttp(RealCall.kt:255)  at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.kt:32)  at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)  at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.kt:95)  at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)  at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.kt:83)  at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)  at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.kt:76)  at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)  at okhttp3.internal.connection.RealCall.getResponseWithInterceptorChain$okhttp(RealCall.kt:201)  at okhttp3.internal.connection.RealCall$AsyncCall.run(RealCall.kt:517)  at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)  at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)  at java.lang.Thread.run(Thread.java:818)  ```
davidoskky commented 2023-04-15 15:55:53 +00:00
Author
Contributor
Copy Link

The issue seems to be related to the fact that trusted certificate authorities are hard coded in Android and thus older versions don't know of newer certificate authorities. https://community.letsencrypt.org/t/certificate-is-not-trusted-on-android/120061

I guess this will be solved when implementing #42.

The issue seems to be related to the fact that trusted certificate authorities are hard coded in Android and thus older versions don't know of newer certificate authorities. https://community.letsencrypt.org/t/certificate-is-not-trusted-on-android/120061 I guess this will be solved when implementing #42.
AmineB added this to the (deleted) project 2023-04-16 18:06:33 +00:00
AmineB added the
Type = Bug
 label 2023-04-16 18:06:46 +00:00
AmineB commented 2024-12-30 22:26:55 +00:00
Owner
Copy Link

Min sdk was updated. Not relevant anymore.

Min sdk was updated. Not relevant anymore.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Difficulty - Beginner friendly
Difficulty = Easy
Difficulty = Hard
Difficulty = Medium
Priority = CRITICAL
Priority = High
Priority = Low
Priority = Normal
Priority = Some day
Status - Fixed somewhere else
Status - No details provided
Status = Can't fix
Status = Duplicate
Status = Help wanted
Status = Invalid
Status = Need more details
Status = Taken
Status = Wontfix
Type - Selfoss works like this
Type = Bug
Type = Chore
Type = Enhancement
Type = Feature
Type = Question
Type = SELFOSS API ISSUE
Type = Tools
Type = UX/Design
Up For Grabs
No Label
Type = Bug
Milestone
No items
No Milestone
Assignees
Clear assignees
AmineB giteadrone
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Louvorg/ReaderForSelfoss-multiplatform#139
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?