HTTPS proxies not supported; sends https:// data unencrypted!
-
Using DAVDroid 0.5.12-alpha the connection to my DAV server is impossible.
What happens on the DAVDdroid side :
I/davdroid.QueryServerDialogFragment( 7393): onCreateLoader D/ch.boye.httpclientandroidlib.wire( 7393): http-outgoing-3 >> "CONNECT dav.anonym.org:443 HTTP/1.1[\r][\n]" D/ch.boye.httpclientandroidlib.wire( 7393): http-outgoing-3 >> "Host: dav.anonym.org[\r][\n]" D/ch.boye.httpclientandroidlib.wire( 7393): http-outgoing-3 >> "Proxy-Connection: Keep-Alive[\r][\n]" D/ch.boye.httpclientandroidlib.wire( 7393): http-outgoing-3 >> "[\r][\n]" E/EnterpriseContainerManager( 691): ContainerPolicy Service is not yet ready!!! D/ch.boye.httpclientandroidlib.wire( 7393): http-outgoing-3 << "HTTP/1.1 200 Connection established[\r][\n]" D/ch.boye.httpclientandroidlib.wire( 7393): http-outgoing-3 << "[\r][\n]" F/davdroid.SNISocketFactory( 7393): createLayeredSocket should never be called D/ch.boye.httpclientandroidlib.wire( 7393): http-outgoing-3 >> "OPTIONS /card.php/ HTTP/1.1[\r][\n]" D/ch.boye.httpclientandroidlib.wire( 7393): http-outgoing-3 >> "Host: dav.anonym.org[\r][\n]" D/ch.boye.httpclientandroidlib.wire( 7393): http-outgoing-3 >> "Connection: Keep-Alive[\r][\n]" D/ch.boye.httpclientandroidlib.wire( 7393): http-outgoing-3 >> "User-Agent: DAVdroid/0.5.12-alpha[\r][\n]" D/ch.boye.httpclientandroidlib.wire( 7393): http-outgoing-3 >> "Accept-Encoding: gzip,deflate[\r][\n]" D/ch.boye.httpclientandroidlib.wire( 7393): http-outgoing-3 >> "[\r][\n]"There are no logs on the server that the OPTIONS http request was ever made.
Using the DAV server is still ok from Gnome Evolution. I have also checked that no firewall rules was forbiding ma phone to connect.
It seems, but I am not sure, related to the upgrade of OpenSSL to 1.0.1e-2+deb7u6
-
This seems to be related to a HTTP proxy. You're using a HTTP proxy, right?
-
Yes indeed I have Adblock proxy configured on my Wifi connection. It seems that disabling it seems to fix the problem.
Next question is why was it ok before ? I have been using this proxy since day one on this phone and DAVDroid too. There was a time when the combinasion of the two was ok.
-
Next question is why was it ok before ? I have been using this proxy since day one on this phone and DAVDroid too. There was a time when the combinasion of the two was ok.
It's because of a change in the TLS/SNI connection factory class and how it's used by the new HttpClient version, so this behaviour should be since 0.5.10.
So please disable the proxy, and I'll see whether I can fix it somewhen.
-
I have implemented layered SSL/TLS connections, but unfortunately, the benefits of
TlsSniConnectionFactory, namely support for SNI and TLSv1.2 on Android <= 4.4 is not available for HTTP-proxied SSL/TLS connections at the moment.Implementing this would require to use
SSLCertificateSocketFactory.getInsecure()and custom certification management.