Closed fcduarte closed 6 years ago
On the same topic:
Caused by: java.lang.ArithmeticException: divide by zero
at com.datatheorem.android.trustkit.pinning.OkHostnameVerifier.getSubjectAltNames(SourceFile:128)
at com.datatheorem.android.trustkit.pinning.OkHostnameVerifier.verifyHostname(SourceFile:80)
at com.datatheorem.android.trustkit.pinning.OkHostnameVerifier.verify(SourceFile:62)
at com.datatheorem.android.trustkit.pinning.PinningTrustManager.checkServerTrusted(SourceFile:99)
at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:182)
at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:617)
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(NativeCrypto.java:-2)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:364)
at okhttp3.internal.connection.RealConnection.connectTls(SourceFile:281)
at okhttp3.internal.connection.RealConnection.establishProtocol(SourceFile:251)
at okhttp3.internal.connection.RealConnection.connect(SourceFile:151)
at okhttp3.internal.connection.StreamAllocation.findConnection(SourceFile:192)
at okhttp3.internal.connection.StreamAllocation.findHealthyConnection(SourceFile:121)
at okhttp3.internal.connection.StreamAllocation.newStream(SourceFile:100)
at okhttp3.internal.connection.ConnectInterceptor.intercept(SourceFile:42)
at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:92)
at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:67)
at okhttp3.internal.cache.CacheInterceptor.intercept(SourceFile:93)
at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:92)
at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:67)
at okhttp3.internal.http.BridgeInterceptor.intercept(SourceFile:93)
at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:92)
at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(SourceFile:120)
at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:92)
at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:67)
More on OkHostnameVerifier:
Caused by: java.lang.NullPointerException: Null pointer exception during instruction 'invoke-super {v1}, int java.lang.Object.hashCode() // method@41'
at com.datatheorem.android.trustkit.pinning.OkHostnameVerifier.verify(SourceFile:62)
at com.datatheorem.android.trustkit.pinning.PinningTrustManager.checkServerTrusted(SourceFile:99)
at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:182)
at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:617)
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(NativeCrypto.java:-2)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:364)
at okhttp3.internal.connection.RealConnection.connectTls(SourceFile:281)
at okhttp3.internal.connection.RealConnection.establishProtocol(SourceFile:251)
at okhttp3.internal.connection.RealConnection.connect(SourceFile:151)
at okhttp3.internal.connection.StreamAllocation.findConnection(SourceFile:192)
at okhttp3.internal.connection.StreamAllocation.findHealthyConnection(SourceFile:121)
at okhttp3.internal.connection.StreamAllocation.newStream(SourceFile:100)
at okhttp3.internal.connection.ConnectInterceptor.intercept(SourceFile:42)
at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:92)
at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:67)
at okhttp3.internal.cache.CacheInterceptor.intercept(SourceFile:93)
at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:92)
at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:67)
at okhttp3.internal.http.BridgeInterceptor.intercept(SourceFile:93)
at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:92)
at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(SourceFile:120)
at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:92)
at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:67)
Hey @fcduarte sorry for the delay of the response. I have not been able to reproduce the bug yet and still looking why that is happening. I agree it looks more a problem from the OkHostnameVerifier
. Have you more inputs about the setup when this bug is happening?
@jobot0 unfortunately I don't have the steps but I can say it's a very common error since we have more than a 100k events on our bug tracking system.
As a side note is there any particular reason to not use OkHttp's class? https://github.com/square/okhttp/blob/master/okhttp/src/main/java/okhttp3/internal/tls/OkHostnameVerifier.java
Hello, It seems to be a problem with the content of the SubjAltName of a certificate. Any idea which domain is triggering this issue (or which certificate even)? TrustKit does not embed/require OkHttp 3.x so we can’t really use this HostnameVerifier directly if this is what you mean? But we might need to update the OkHostnameVerifier we have in TrustKit.
@nabla-c0d3 yeah I saw a few differences with latest OkHostnameVerifier from OkHttp, as you said, maybe it's worth to update.
For the errors I can't understand why I don't see those type of messages on the original OkHttp class (since we use it) so is it worth a few protection checks on OkHostnameVerifier?
@fcduarte @nabla-c0d3 I know we've removed some of the features of the OkHostnameVerifier
for some reasons. I'll create a PR with all the files needed to support all of those, let's see if it fixes your problems.
@jobot0 cool thanks! You can close this for now. Is version 1.0.2 already published? I don't see it at Bintray.
@fcduarte Thanks ! It should be but I'm fixing a bug we have with TravisCI if it's not fixed tomorrow I'll publish it manually !
@fcduarte Should be good now!
Hi team,
I've seen this exception on our bug tracking for a while:
Unfortunately I don't have the steps to reproduce. We're using OkHttp 3.8.0 and TrustKit 1.0.1.
Thanks,