cordova-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CB-12551) File-Transfer download/upload fails in Android 4.4 or older using TLS 1.2
Date Thu, 07 Jun 2018 12:27:00 GMT

    [ https://issues.apache.org/jira/browse/CB-12551?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16504599#comment-16504599
] 

ASF GitHub Bot commented on CB-12551:
-------------------------------------

macdonst commented on a change in pull request #197: CB-12551: (android) Patch Security Provider
to support TLS 1.2
URL: https://github.com/apache/cordova-plugin-file-transfer/pull/197#discussion_r193725018
 
 

 ##########
 File path: src/android/FileTransfer.java
 ##########
 @@ -168,6 +173,17 @@ public boolean execute(String action, JSONArray args, final CallbackContext
call
             String source = args.getString(0);
             String target = args.getString(1);
 
+            // Patch the Security Provider via Google Play Services to improve support for
newer TLS/SSL standards in
+            // older versions of Android (@jira:CB-12551). More info here:
+            // https://developer.android.com/training/articles/security-gms-provider.html
+            try {
+                ProviderInstaller.installIfNeeded(this.cordova.getActivity().getApplicationContext());
+            } catch (GooglePlayServicesRepairableException e) {
+                Log.e(LOG_TAG, "Google Play Services is out of date. Unable to patch security
provider");
 
 Review comment:
   @davidofwatkins besides logging the error we should probably tell the user to update Play
Services. Failing silently doesn't really help.
   
   ```
   // Prompt the user to install/update/enable Google Play services.
   GoogleApiAvailability.getInstance()
                 .showErrorNotification(context, e.connectionStatusCode)
   ```

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


> File-Transfer download/upload fails in Android 4.4 or older using TLS 1.2
> -------------------------------------------------------------------------
>
>                 Key: CB-12551
>                 URL: https://issues.apache.org/jira/browse/CB-12551
>             Project: Apache Cordova
>          Issue Type: Bug
>          Components: cordova-plugin-file-transfer (DEPRECATED)
>            Reporter: Dani Palou
>            Priority: Major
>
> FileTransfer's download function fails when trying to download a file from a site using
TLS 1.2. This works fine in Android 5 or higher, but it fails in Android 4.x.
> I searched a bit and I found that Android 4.4 should support TLS1.2 but it is disabled
by default. I applied the solution proposed in this post and it worked for me:
> http://stackoverflow.com/a/33567745
> That is, I created the _MySSLSocketFactory_ class in the FileTransfer project, and I
used it in the _trustAllHosts_ function (line 636 of _FileTransfer.java_):
> {noformat}
> SSLSocketFactory newFactory = new MySSLSocketFactory(sc.getSocketFactory());
> {noformat}
> I'm not sure if this can cause problems with other certificates, I don't know much about
this. It would be nice if the Cordova team could take a look at this and check if it can be
solved.
> This is the stacktrace:
> {noformat}
> Error getting HTTP status code from connection.
> javax.net.ssl.SSLException: Connection closed by peer
>  at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
>  at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:405)
>  at com.android.okhttp.Connection.upgradeToTls(Connection.java:146)
>  at com.android.okhttp.Connection.connect(Connection.java:107)
>  at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:294)
>  at com.android.okhttp.internal.http.HttpEngine.sendSocketRequest(HttpEngine.java:255)
>  at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:206)
>  at com.android.okhttp.internal.http.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:345)
>  at com.android.okhttp.internal.http.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:89)
>  at com.android.okhttp.internal.http.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:161)
>  at org.apache.cordova.filetransfer.FileTransfer$4.run(FileTransfer.java:869)
>  at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)
>  at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)
>  at java.lang.Thread.run(Thread.java:841)
> {noformat}
> It can be tested with this code:
> {noformat}
> var ft = new FileTransfer(),
>     path = 'squirrel.jpg',
>     uri = 'https://prototype.moodle.net/mobile/moodle32/webservice/pluginfile.php/314/mod_resource/content/3/squirrel.jpg?forcedownload=1&token=616455be9f363cc9631cab89cfcfa1cd';
> ft.download(uri, path, success, error, true);
> function success() {
>     console.log('Success');
> }
> function error(data) {
>     console.log('Error', data);
> }
> {noformat}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org


Mime
View raw message