sorry for delay.
apache SSL is:
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
davdroid works flawlessly … still on Android 4.3(.0) … strange but good (using davdroid 0.8.1)
But: you can reproduce this issue by simply deny any valid SSL methods:
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 -TLSv1.2
or simply
SSLProtocol -All
Then goto android account manager, davdroid and force “sync” in the menu.
expected: davDroid will prompt for this error
got: nothing, but the logcat log is full of errors:
I/ActivityManager( 857): No longer want at.bitfire.davdroid:sync (pid 20205): empty for 3787s
I/ActivityManager( 857): Killing 20205:at.bitfire.davdroid:sync/u0a10218: remove task
I/WindowState( 857): WIN DEATH: Window{42ac0788 u0 at.bitfire.davdroid/at.bitfire.davdroid.ui.MainActivity}
I/ActivityManager( 857): Start proc at.bitfire.davdroid:sync for service at.bitfire.davdroid/.syncadapter.ContactsSyncAdapterService: pid=7670 uid=10218 gids={50218, 3003, 1028}
I/davdroid.DavSyncAdapter( 7670): Performing sync for authority com.android.contacts
D/davdroid.DavSyncAdapter( 7670): Creating new DavHttpClient
V/davdroid.TLS_SNI( 7670): Setting allowed TLS protocols: TLSv1, TLSv1.1, TLSv1.2
V/davdroid.TLS_SNI( 7670): Setting allowed TLS ciphers: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA
V/davdroid.URIUtils( 7670): Normalized URI https://owncloud.childno.de/remote.php/carddav/addressbooks/marcel/kontakte/ -> https://owncloud.childno.de/remote.php/carddav/addressbooks/marcel/kontakte/ assuming that it was an URI or path name
D/davdroid.WebDavResource( 7670): Using preemptive authentication (not compatible with Digest auth)
I/davdroid.SyncManager( 7670): Remotely removing 0 deleted resource(s) (if not changed)
I/davdroid.SyncManager( 7670): Uploading 0 new resource(s) (if not existing)
I/davdroid.SyncManager( 7670): Uploading 0 modified resource(s) (if not changed)
E/davdroid.DavSyncAdapter( 7670): I/O error (Android will try again later)
E/davdroid.DavSyncAdapter( 7670): org.apache.http.conn.HttpHostConnectException: Connection to https://owncloud.childno.de:443 refused
E/davdroid.DavSyncAdapter( 7670): at org.apache.http.impl.conn.HttpClientConnectionOperator.connect(HttpClientConnectionOperator.java:146)
E/davdroid.DavSyncAdapter( 7670): at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:318)
E/davdroid.DavSyncAdapter( 7670): at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:373)
E/davdroid.DavSyncAdapter( 7670): at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:225)
E/davdroid.DavSyncAdapter( 7670): at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:195)
E/davdroid.DavSyncAdapter( 7670): at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:86)
E/davdroid.DavSyncAdapter( 7670): at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:108)
E/davdroid.DavSyncAdapter( 7670): at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:178)
E/davdroid.DavSyncAdapter( 7670): at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
E/davdroid.DavSyncAdapter( 7670): at at.bitfire.davdroid.webdav.WebDavResource.propfind(WebDavResource.java:273)
E/davdroid.DavSyncAdapter( 7670): at at.bitfire.davdroid.resource.RemoteCollection.getCTag(RemoteCollection.java:64)
E/davdroid.DavSyncAdapter( 7670): at at.bitfire.davdroid.syncadapter.SyncManager.synchronize(SyncManager.java:58)
E/davdroid.DavSyncAdapter( 7670): at at.bitfire.davdroid.syncadapter.DavSyncAdapter.onPerformSync(DavSyncAdapter.java:137)
E/davdroid.DavSyncAdapter( 7670): at android.content.AbstractThreadedSyncAdapter$SyncThread.run(AbstractThreadedSyncAdapter.java:261)
E/davdroid.DavSyncAdapter( 7670): Caused by: java.net.ConnectException: failed to connect to owncloud.childno.de/2a01:488:66:1000:57e6:11d5:0:1 (port 443) after 20000ms: isConnected failed: ECONNREFUSED (Connection refused)
E/davdroid.DavSyncAdapter( 7670): at libcore.io.IoBridge.isConnected(IoBridge.java:227)
E/davdroid.DavSyncAdapter( 7670): at libcore.io.IoBridge.connectErrno(IoBridge.java:165)
E/davdroid.DavSyncAdapter( 7670): at libcore.io.IoBridge.connect(IoBridge.java:116)
E/davdroid.DavSyncAdapter( 7670): at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:192)
E/davdroid.DavSyncAdapter( 7670): at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:460)
E/davdroid.DavSyncAdapter( 7670): at java.net.Socket.connect(Socket.java:837)
E/davdroid.DavSyncAdapter( 7670): at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:263)
E/davdroid.DavSyncAdapter( 7670): at org.apache.http.impl.conn.HttpClientConnectionOperator.connect(HttpClientConnectionOperator.java:124)
E/davdroid.DavSyncAdapter( 7670): ... 13 more
E/davdroid.DavSyncAdapter( 7670): Caused by: libcore.io.ErrnoException: isConnected failed: ECONNREFUSED (Connection refused)
E/davdroid.DavSyncAdapter( 7670): at libcore.io.IoBridge.isConnected(IoBridge.java:212)
E/davdroid.DavSyncAdapter( 7670): ... 20 more
I/davdroid.DavSyncAdapter( 7670): Sync complete for com.android.contacts
D/davdroid.DavSyncAdapter( 7670): Closing httpClient
to reproduce the Handshake error, I just enable old SSL and disable TLS while davdroid tells us:
Setting allowed TLS protocols: TLSv1, TLSv1.1, TLSv1.2
=>
SSLProtocol -all +SSLv3
but for this, you are right: the error is (now?!) displayed.
So I think my original “bug” nowadays invalid.
But please add some errorhandling for unavailable / misconfigured servers as mentioned above. Or is this “works as designed?” so users are not bugged by errors if the “sysadmin” is rebooting or doing some stuff? Isn’t it possible to then return a “failed” errorcode so the sync is not marked as “completed” in android?