On Sat, 2019-10-12 at 16:24 -0700, Roy Hashimoto wrote: > I have implemented a simple HTTPS server using HttpCore 5.0 beta9 on > Android with its default JSSE: > > https://github.com/rhashimoto/Android-HttpCore-Protocol-Bug/blob/master/app/src/main/java/com/example/httpcore/WebServer.kt > > When running on Android 8.1 (Oreo), requests to the server fail with > a TLS protocol error in the middle of transferring the response body. > When I look at a packet dump (sample attached) the problem is that > the server properly sends some TLS-encrypted data but then sends some > plaintext data. > > This seems like it might be caused by the Conscrypt bug fixed here: > > https://github.com/google/conscrypt/pull/189 > > I don't entirely understand the description of the bug and fix, but I > do not see the bad behavior when running on Android 10 and the time > frame seems about right. > > My guess is that this is not an HttpCore bug but I thought I would > document it here in case someone else encounters it or can suggest a > workaround.workaround. > > Roy
Hi Roy I am presently working on building JSSE provider integration tests for the latest Conscrypt, Bouncy Castle and various versions of Oracle JSSE providers. At this point Conscrypt appears to be the only stable TLSv1.3 implementation. JSSE provider shipped with JRE 11.0.2 still appears buggy and I cannot get Bouncy Castle to work for me at all. If you can reproduce your issue using our integration test framework I will make sure this condition is properly covered in our integration tests https://github.com/apache/httpcomponents-core/tree/jsse-provider-tests https://github.com/apache/httpcomponents-core/blob/jsse-provider-tests/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/nio/JSSEProviderIntegrationTest.java Oleg --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
