Android SSL connection error

Question

Android SSL connection error

I have an Android app that runs on my home network and does not have these handshakes. However, when I send this application to my client and test it over a Wi-Fi network, I get these logs.

E/chromium(15135): external/chromium/net/socket/ssl_client_socket_openssl.cc:792: [1211/175912:ERROR:ssl_client_socket_openssl.cc(792)] handshake failed; returned 0, SSL error code 5, net_error -107
W/chromium(15135): external/chromium/net/http/http_stream_factory_impl_job.cc:865: [1211/175912:WARNING:http_stream_factory_impl_job.cc(865)] Falling back to SSLv3 because host is TLS intolerant:

I have https urls loaded in android web browser in my application. I have no other information besides these errors. You guys don’t know why this is happening on a certain network, I’m really out of ideas right now.

+4

android ssl ssl-certificate

bman Dec 11 '13 at 19:11

source share

1 answer

W marlon · Answer 1 · 2017-03-25T07:41:26+0000

Recently, during my test, a similar error occurred while connecting a certain server: a handshake failed; returns -1, SSL error code 1, net_error -103

, ret.Maybe .

SSL 5:

//SRC/THIRD_PARTY/boringssl/SRC//OpenSSL/ssl.h

/* SSL_ERROR_SYSCALL , . . | errno | - , | BIO |. , EOF, . */

define SSL_ERROR_SYSCALL 5

net_error -107

// SSL.

NET_ERROR(SSL_PROTOCOL_ERROR, -107)

, , , :

//SRC///ssl_server_socket_impl.cc

    int SSLServerSocketImpl::DoHandshake() {
      crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
      int net_error = OK;
      int rv = SSL_do_handshake(ssl_.get());

      if (rv == 1) {
        completed_handshake_ = true;
      // The results of SSL_get_peer_certificate() must be explicitly freed.
      bssl::UniquePtr<X509> cert(SSL_get_peer_certificate(ssl_.get()));
      if (cert) {
      // The caller does not take ownership of SSL_get_peer_cert_chain's
      // results.
      STACK_OF(X509)* chain = SSL_get_peer_cert_chain(ssl_.get());
      client_cert_ = CreateX509Certificate(cert.get(), chain);
      if (!client_cert_.get())
        return ERR_SSL_CLIENT_AUTH_CERT_BAD_FORMAT;
    }
  } else {
    int ssl_error = SSL_get_error(ssl_.get(), rv);
    OpenSSLErrorInfo error_info;
    net_error = MapOpenSSLErrorWithDetails(ssl_error, err_tracer, 
&error_info);

    // SSL_R_CERTIFICATE_VERIFY_FAILED mapping is different between client and
    // server.
    if (ERR_GET_LIB(error_info.error_code) == ERR_LIB_SSL &&
        ERR_GET_REASON(error_info.error_code) ==
        SSL_R_CERTIFICATE_VERIFY_FAILED) {
      net_error = ERR_BAD_SSL_CLIENT_AUTH_CERT;
    }

    // If not done, stay in this state
    if (net_error == ERR_IO_PENDING) {
      GotoState(STATE_HANDSHAKE);
    } else {
      LOG(ERROR) << "handshake failed; returned " << rv << ", SSL error code "
                 << ssl_error << ", net_error " << net_error;
      net_log_.AddEvent(
          NetLogEventType::SSL_HANDSHAKE_ERROR,
          CreateNetLogOpenSSLErrorCallback(net_error, ssl_error, 
error_info));
    }
  }
  return net_error;
}

Android SSL connection error

More articles: