Open Pitel opened 7 years ago
same problem here, that is currently breaking a lot of things on android 4 for our users.
We were able to fix it by downgrading ION from 2.1.9 --> 2.1.7
How have you verified that it works fine without ProGuard?
I'm having the same issue even with minifyEnabled set to false.
At this point, I'm not sure my issue is also related to ProGuard, but I found a pair of host names that might be useful in reproducing it (links might be slightly nsfw):
https://danbooru.donmai.us/
: AndroidAsync (ion) gets a X509Certificate
for safebooru.donmai.us, hostname check fails.https://safebooru.donmai.us/
: AndroidAsync (ion) gets a X509Certificate
for safebooru.donmai.us, hostname check passes.https://danbooru.donmai.us/
: engine.getSession().getPeerCertificates()
in AsyncSSLSocketWrapper.java
returns OpenSSLX509Certificate
instead of X509Certificate
, hostname check passes.So it seems that the bug occurs only when using the Bouncy Castle crypto in older versions of Android and conscrypt (OpenSSL) works fine.
Downgrading ion to 2.1.7 does indeed fix the issue.
I have the following code:
It works fine without ProGuard, I can even remove the custom verifier.
But when I build it with ProGuard (or new minifier), it ends with following exception:
and this, without the verifier:
My custom ProGuard rules are empty. And even adding the following line doesn't make any difference.