Hello,
it's not entirely clear to me how you're going to fix the issue, so just
to make it clear - it's ok to temporarily disable strict SSL for testing
and debugging purposes, but it must be enabled by default, or you're
opening a big security hole in your products.
The proper way to fix this is to install the CA certificates so that the
library that implements SSL is able to find them.
Regards,
Alex
On 09/26/2014 04:28 PM, BINDU CHAITANYA TUMMALA wrote:
Hi Alexander,
Thanks for your reply. You are right about cerfificate issue, becuase when
we built with strict-ssl as false in soup session of plugin, it worked.
We will check with certificates available.
best regards
BinduChaitanya
------- Original Message -------
Sender : Kanavin, Alexander<[email protected]>
Date : Sep 26, 2014 01:19 (GMT+05:30)
Title : RE: [Dev] gsignond oauth plugin issue for mobiles
The issue seems to be that the http client library (libsoup) can't verify the
server's certificate during SSL handshake - most likely because the SSL library
that libsoup is using cannot find the CA certificate that the server's cert was
signed with.
Can you provide more information about your setup? What is the system and OS
stack you are running this on? Does it have anything in /etc/ssl/certs?
Regards,
Alex
-----Original Message-----
From: Dev [mailto:[email protected]] On Behalf Of BINDU CHAITANYA
TUMMALA
Sent: Wednesday, September 24, 2014 4:36 PM
To: Valluri, Amarnath
Cc: [email protected]
Subject: Re: [Dev] gsignond oauth plugin issue for mobiles
Hello Amarnath,
following logs are observed when http://localhost is used for redirect URI.
we are using webkit-efl for signonui.
** Message: on_web_url_load_finished
deviceScaleFactor -> 1.500000** Message: FOUND URL :
https://localhost:8080/?state=F/XXX/XXX%3D&code=4/XXXX.XXXX
** Message: on_web_url_load_error, error Cannot connect to Network
** (gsso-example:2669): WARNING **: auth_session_process_cb:
GDBus.Error:com.google.code.AccountsSSO.gSingleSignOn.Error.NotAuthorized:
Token endpoint returned an error: 6 SSL handshake failed
best regards
BinduChaitnaya
------- Original Message -------
Sender : Amarnath Valluri
Date : Sep 24, 2014 17:54 (GMT+05:30)
Title : Re: [Dev] gsignond oauth plugin issue for mobiles
Hello,
We are using gSSO-example for mobile taken from upstream.
while using gsignond oauth mechanism, we found following issue.
As per google developer doc
(https://developers.google.com/accounts/docs/OAuth2InstalledApp#choosi
ngredirecturi), there can be two types of redirect uri for oauth 2.0:
1) http://localhost
2) urn:ietf:wg:oauth:2.0:oob
- Issue with http://localhost
The upstream gsso-example uses http://localhost:9999 as redirect
uri. And if we use as it then it is giving SSL handshake error while
calling authentication (gsso-example --get-google-token option).
'http://localhost:<>' is the right redirect URI to use, The 'port_number' is
only relevant if you build signonui-efl without webkit support(configure
--with/out-webkit2), in that case UI daemon launches browser to do the
authentication. Both the cases should work. Can you please share the logs by running:
G_MESSAGES_DEBUG=all /usr/libexec/signonui-efl -k
- Amarnath
---------------------------------------------------------------------
Intel Finland Oy
Registered Address: PL 281, 00181 Helsinki Business Identity Code: 0357606 - 4
Domiciled in Helsinki
This e-mail and any attachments may contain confidential material for the sole
use of the intended recipient(s). Any review or distribution by others is
strictly prohibited. If you are not the intended recipient, please contact the
sender and delete all copies.
_______________________________________________
Dev mailing list
[email protected]
https://lists.tizen.org/listinfo/dev
_______________________________________________
Dev mailing list
[email protected]
https://lists.tizen.org/listinfo/dev
