search

kenyee / android-ddp-client

Android DDP Client library to implement native client for Meteor.js server
Other
139 stars 23 forks source link

SSL Stack Overflow Crash on Android 4.x #28

Closed stephen-workpop closed 7 years ago

stephen-workpop commented 7 years ago

If SSL is enabled, there is a stack overflow crash on Android 4.x devices.

05-02 16:30:12.372 25945-26349/com.workpop.app.debug E/AndroidRuntime: FATAL EXCEPTION: Thread-1547 java.lang.StackOverflowError at org.apache.harmony.xnet.provider.jsse.OpenSSLCipher.getOutputSize(OpenSSLCipher.java:197) at org.apache.harmony.xnet.provider.jsse.OpenSSLCipher.engineGetOutputSize(OpenSSLCipher.java:209) at javax.crypto.Cipher.getOutputSize(Cipher.java:402) at org.apache.harmony.xnet.provider.jsse.ConnectionState.getMinFragmentSize(ConnectionState.java:69) at org.apache.harmony.xnet.provider.jsse.SSLRecordProtocol.getMinRecordSize(SSLRecordProtocol.java:134) at org.apache.harmony.xnet.provider.jsse.SSLEngineImpl.unwrap(SSLEngineImpl.java:435) at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:383) at org.java_websocket.SSLSocketChannel2.unwrap(SSLSocketChannel2.java:150) at org.java_websocket.SSLSocketChannel2.readRemaining(SSLSocketChannel2.java:254) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:220) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel2.java:241) at org.java_websocket.SSLSocketChannel2.read(SSLSocketChannel

The crash happens in the java-websocket 1.3.0 dependency. It looks like this may be fixed in the latest version, 1.3.3 (see: https://github.com/TooTallNate/Java-WebSocket/issues/190 ). I tried forcing a dependency substitution in order to pick up any fixes as follows: 

configurations.all {
    resolutionStrategy {
        resolutionStrategy.dependencySubstitution {
            substitute module("org.java-websocket:Java-WebSocket:1.3.0") with module("org.java-websocket:java-websocket:1.3.3")
       }
    }
}

Unfortunately, the newest version of the java-websocket library has a breaking API change and removes a class that DDPClient relies on. That means the dependency substitution will not work.

One solution would be to update android-ddp-client to use a new version of java-ddp-client that uses the latest version of java-websocket. This would also require a one line change to DDPClient so that it no longer uses the removed class. It is an easy one line change to update DDPClient so it no longer relies on the class. See https://github.com/TooTallNate/Java-WebSocket/issues/425 and the example code the last post references to see how https://github.com/TooTallNate/Java-WebSocket/blob/master/src/main/example/SSLClientExample.java

kenyee commented 7 years ago

really an issue w/ java-ddp-client...fixing that should fix it here