GoogleCodeExporter
commented
9 years ago Also, for whatever reason, aLogcat doesn't show anything in my logs.Original comment by soga...@gmail.com on 20 Mar 2013 at 4:22
Closed GoogleCodeExporter closed 9 years ago
GoogleCodeExporter
commented
9 years ago Also, for whatever reason, aLogcat doesn't show anything in my logs.Original comment by soga...@gmail.com on 20 Mar 2013 at 4:22
GoogleCodeExporter
commented
9 years ago Same here. aLogCat has a bunch of:
I/ttrss (28123) {"op":login":"user":"myusername"}
w/ttrss (28123) InterruptedIOException in doRequest(): Connection timed outOriginal comment by seth.t.w...@gmail.com on 20 Mar 2013 at 5:21
GoogleCodeExporter
commented
9 years ago Retracted... it just started working.Original comment by seth.t.w...@gmail.com on 20 Mar 2013 at 5:45
GoogleCodeExporter
commented
9 years ago As for logcat, have you tried installing it to /system/app? I run CM10.1 and it
was always blank, started working after I moved it.
I modified the source a bit to give more specific information, could you please
try this again with the attached build? If that doesn't give any hints it would
be helpful if you could acquire logs from the device by using aLocgat or ADB
(see http://code.google.com/p/ttrss-reader-fork/wiki/Troubleshooting).Original comment by nils.braden on 21 Mar 2013 at 5:37
Attachments:
GoogleCodeExporter
commented
9 years ago Sorry for taking so long to respond; things have been fairly hectic.
I haven't actually rooted my device, so installing anything to /system/app's a
little difficult. :p
From desktop "adb logcat *:d ttrss":
I/ttrss ( 1892): {"op":"login","user":"me"}
W/ttrss ( 1892): InterruptedIOException in doRequest(): Read timed out
I/ttrss ( 1892): {"op":"login","user":"me"}
W/ttrss ( 1892): InterruptedIOException in doRequest(): Read timed out
I/ttrss ( 1892): {"op":"login","user":"me"}
W/ttrss ( 1892): InterruptedIOException in doRequest(): Read timed out
I/ttrss ( 1892): {"op":"login","user":"me"}
W/ttrss ( 1892): InterruptedIOException in doRequest(): Read timed out
I/ttrss ( 1892): {"op":"login","user":"me"}
W/ttrss ( 1892): InterruptedIOException in doRequest(): Read timed out
I/ttrss ( 1892): {"op":"login","user":"me"}
... repeat ad infinitum ...
Error details: "Couldn't login to your account, please check your credentials."
Preferences:
Connection URL: https://tt-rss.foo.net
Username: (me)
Password: (password)
SSL Settings:
SSL: Checked (I'm using a StartSSL certificate that matches the connection URL)
Trust all host: Unchecked (but checking it doesn't change the behaviour here)Original comment by soga...@gmail.com on 30 Mar 2013 at 9:50
GoogleCodeExporter
commented
9 years ago With the latest version it should at least not run in circles anymore. I also
added a preference to switch to the old connector which was used before 1.4,
this can be found below SSL-Preferences -> Use old connector. Can you try this
again with the attached build?Original comment by nils.braden on 31 Mar 2013 at 4:40
Attachments:
GoogleCodeExporter
commented
9 years ago From desktop "adb logcat *:d ttrss":
I/ttrss (23202): {"op":"login","user":"me"}
I/ttrss (23202): {"op":"login","user":"me"}
I/ttrss (23202): {"op":"login","user":"me"}
I/ttrss (23202): {"op":"login","user":"me"}
I/ttrss (23202): {"op":"login","user":"me"}
I/ttrss (23202): {"op":"login","user":"me"}
I/ttrss (23202): {"op":"login","user":"me"}
Error details: SSLException in doRequest():
java.security.cert.CertPathValidatorException: Trust anchor for certification
path not found.(java.security.cert.CertificateException:
java.security.cert.CertPathValidatorException: Trust anchor for certification
path not found.)
Same error whether or not I set the "Trust all Hosts" checkbox.
According to Firefox, the Certificate Hierarchy is:
* StartCom Certification Authority
* StartCom Class 1 Primary Intermediate Server CA
* tt-rss.foo.netOriginal comment by soga...@gmail.com on 31 Mar 2013 at 5:58
GoogleCodeExporter
commented
9 years ago Also: I have no issues connecting to the HTTPS mobile version (i.e. the Android
browser doesn't raise any issues about authenticating the certificate), so it
does accept the CA with the default CA store.Original comment by soga...@gmail.com on 31 Mar 2013 at 6:01
GoogleCodeExporter
commented
9 years ago Hmm... I wonder if the program isn't seeing the intermediate CA cert for some
reason?*digs around*Original comment by soga...@gmail.com on 31 Mar 2013 at 6:03
GoogleCodeExporter
commented
9 years ago Nope. Following the instructions on Google's Android/SSL page
(https://developer.android.com/training/articles/security-ssl.html):
~> openssl s_client -connect tt-rss.foo.net:443
CONNECTED(00000003)
depth=2 C = IL, O = StartCom Ltd., OU = Secure Digital Certificate Signing, CN
= StartCom Certification Authority
verify return:1
depth=1 C = IL, O = StartCom Ltd., OU = Secure Digital Certificate Signing, CN
= StartCom Class 1 Primary Intermediate Server CA
verify return:1
depth=0 description = n8VqKP9jpC5huJ50, C = US, CN = tt-rss.foo.net,
emailAddress = soga...@gmail.com
verify return:1
---
Certificate chain
0 s:/description=n8VqKP9jpC5huJ50/C=US/CN=tt-rss.foo.net/emailAddress=soga...@gmail.com
i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
1 s:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Certification Authority
2 s:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Certification Authority
i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Certification Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
subject=/description=n8VqKP9jpC5huJ50/C=US/CN=tt-rss.foo.net/emailAddress=soga..
.@gmail.com
issuer=/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom
Class 1 Primary Intermediate Server CA
---
No client certificate CA names sent
---
SSL handshake has read 6077 bytes and written 310 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA
Session-ID: 7BE2D0736189D1FE23AE13D3ADEE717B878B43201EF274E519D2235B0CE289FD
Session-ID-ctx:
Master-Key: 70740E3B819B922983DCA9C7AEED4E8879D9D582E6F92343718A4326ECDA35EE1AF09E18DFD999482A3A6EA0ACFC7E1B
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
TLS session ticket:
0000 - 6c 43 ed b1 60 64 3a f8-1c 69 13 8b 05 e6 2b 8d lC..`d:..i....+.
0010 - 25 fe 00 88 fa 38 88 aa-cf fd 6c 48 e1 1b de 63 %....8....lH...c
0020 - 29 dd 34 d0 ea 2d c9 1a-5d 45 0d bc 63 05 bc 56 ).4..-..]E..c..V
0030 - e2 18 5a 77 3c d3 3c b0-b6 5b c7 79 38 a9 dd 6b ..Zw<.<..[.y8..k
0040 - 7f 65 04 ef 67 88 29 fd-ee 99 b9 80 f4 3d 8c 60 .e..g.)......=.`
0050 - 11 08 e0 c9 cd b7 44 b0-f4 a5 bb 9e 16 9e 74 d0 ......D.......t.
0060 - a6 15 3f c4 f4 1d ce 3e-89 48 e0 39 51 57 b6 e4 ..?....>.H.9QW..
0070 - 3c ff 4f ef 1e e5 e2 d6-de 35 db d4 63 34 8d e4 <.O......5..c4..
0080 - 9e c0 30 79 0c 70 4a ca-bc ae e4 64 1b e4 ff 7c ..0y.pJ....d...|
0090 - c8 3f b5 77 2d fa 95 5b-87 a7 d9 7d c6 71 0e aa .?.w-..[...}.q..
Start Time: 1364753321
Timeout : 300 (sec)
Verify return code: 0 (ok)
So... according to the documentation I can find, this looks okay.Original comment by soga...@gmail.com on 31 Mar 2013 at 6:09
GoogleCodeExporter
commented
9 years ago Also: as I mentioned, the official tt-rss app works with HTTPS without an
issue, leaving me even more confused. :(Original comment by soga...@gmail.com on 31 Mar 2013 at 6:15
GoogleCodeExporter
commented
9 years ago Should be fixed with the new update. If not please open a new issue since the
problem as described here should be fixed.Original comment by nils.braden on 2 Apr 2013 at 6:31
Original issue reported on code.google.com by
soga...@gmail.comon 20 Mar 2013 at 4:16