No calendars/contacts found on HTTPS/Radicale server

tonioparis2000

Hello,

I try desperately to make DAVdroid work on a HTTPS/Radicale server.
This server is the personal server of a friend with Apache + TLSv1/TLSv1.1/TLSv1.2 + SHA256 certificate.
On my side, I have Android 4.4.4 and the last release of DAVdroid.

Here is the log file (anonymised) :
http://pastebin.com/wppARQ8U

Thanks in advance for your help.

rfc2822

[debug] PROPFIND on user-given URL failed - EXCEPTION:
javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x799fb950: Failure in SSL library, usually a protocol error
error:1407743E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert inappropriate fallback (external/openssl/ssl/s23_clnt.c:744 0x744a2f1c:0x00000000)

There’s a problem with the TLS handshake. Please check your server configuration.

tonioparis2000

Hello rdf2822,

Thank you for your help !

But I did the ssllabs test and the server seems to be perfect !! (look at the result :
0_1455284476335_test-SSL.png)

Do you have an another idea for me ?

Thanks again.

rfc2822

@tonioparis2000 said:

But I did the ssllabs test and the server seems to be perfect !! (look at the result :
0_1455284476335_test-SSL.png)

When looking at the result, I see numerous red lines “Protocol or cipher suite mismatch” in the “Handshake simulation” section. These are the cause of your problem.

tonioparis2000

Hello rfc2822,

@rfc2822 said:

When looking at the result, I see numerous red lines “Protocol or cipher suite mismatch” in the “Handshake simulation” section. These are the cause of your problem.

Indeed, but it’s quite normal that an up-to-date server doesn’t accept connections from old OS/softwares/browsers.

In the test result, I see that Android 4.4.2 is suitable by the server, therefore I assume Android 4.4.4 (mine) as well.

I have two follow-up questions :
Does DAVdroid use the same cipher as Android or its own ?
Is DAVdroid suitable with the cipher of the test (TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) ?

Thanks.

rfc2822

@tonioparis2000 Of course, DAVdroid uses the Android crypto system (and thus it ciphers). However, for Android < 5.0, the allowed ciphers are set explicitly according to NIST SP.800-52r1 to

1. allow some ciphers which are by default available, but disabled on these Android versions,
2. disallow some insecure ciphers (which where used with SSLv3, for instance).

You can see a list of allowed ciphers in the linked source code.

Note that this applies only to Android < 5. Since Android 5.0, only SSLv3 is removed from the allowed protocols, but ciphers are not changed.

tonioparis2000

Hello rfc2822 !

I’m back after a time of silence. Thanks for your reply about a month ago !

My friend (the server owner) sent me the ssl_ciphers configuration line in its server :

‘ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK:!SHA1’;

If I’m reading correctly, no one starts with “TLS_” as in the code you gave (SSLSocketFactoryCompat.java).

However, the server seems to be perfect according to ssllabs.

I don’t understand… If you have again an idea for me…

Thanks !

tonioparis2000

Another possibility would not be an error in the DAVdroid code ?

Indeed, line 66, I read : “TLS_ECHDE_RSA_WITH_AES_128_GCM_SHA256”,
Unlike the other lines, where I read ciphers names with “ECDHE” inside.

But I’m not a developer. Sorry if it’s a wrong path.

rfc2822

@tonioparis2000 said:

Indeed, line 66, I read : “TLS_ECHDE_RSA_WITH_AES_128_GCM_SHA256”,
Unlike the other lines, where I read ciphers names with “ECDHE” inside.

Of course it has to be ECDHE (elliptic-curve Diffie-Hellman ephemeral) and not ECHDE. Will be fixed in future versions (although it only applies to Android 4.x devices). In the meanwhile, I suggest to allow CBC (and not only GCM).