New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

An error has occurred with Pandora. [Try Again] - Internal Pandora error #340

Closed
cybiant opened this Issue Aug 8, 2018 · 26 comments

Comments

Projects
None yet
@cybiant

cybiant commented Aug 8, 2018

I've not used the app since last Friday and starting today when I try to launch it I get the error message above. I've tried reinstalling, but that doesn't correct the issue.

@jbone1210

This comment has been minimized.

Show comment
Hide comment
@jbone1210

jbone1210 Aug 8, 2018

I have the same issue and have tried reinstalling as well.

Did Pandora shut it down?

jbone1210 commented Aug 8, 2018

I have the same issue and have tried reinstalling as well.

Did Pandora shut it down?

@jeffpasch

This comment has been minimized.

Show comment
Hide comment
@jeffpasch

jeffpasch Aug 9, 2018

same here.

jeffpasch commented Aug 9, 2018

same here.

@charleshimmer

This comment has been minimized.

Show comment
Hide comment
@charleshimmer

charleshimmer Aug 10, 2018

Used it everyday and then on Wednesday it just stopped working. It feels like maybe Pandora somehow blocked it.

charleshimmer commented Aug 10, 2018

Used it everyday and then on Wednesday it just stopped working. It feels like maybe Pandora somehow blocked it.

@RocketGS

This comment has been minimized.

Show comment
Hide comment
@RocketGS

RocketGS Aug 10, 2018

Just downloaded this app and I'm getting this same issue. Bummer!

RocketGS commented Aug 10, 2018

Just downloaded this app and I'm getting this same issue. Bummer!

@inieves

This comment has been minimized.

Show comment
Hide comment
@inieves

inieves Aug 10, 2018

Im getting the same issue.

i have contacts over at Pandora... should I contact them?

Log attached:

HermesAppDelegate.m:195 -[HermesAppDelegate applicationDidFinishLaunching:] Starting in debug mode. Log file: /Users/inieves/Library/Logs/Hermes/HermesLog_2018-08-10_12:49:11_-0400.log
Pandora.m:290 -[Pandora doPartnerLogin:] Getting partner ID...
Pandora.m:823 -[Pandora sendRequest:] https://tuner.pandora.com/services/json/?method=auth.partnerLogin&partner_id=&auth_token=&user_id=
Pandora.m:823 -[Pandora sendRequest:] https://tuner.pandora.com/services/json/?method=auth.userLogin&partner_id=42&auth_token=VADEjNzUq9Ew9%2BIlY%2BmhA%2BN08yGZjtcuma&user_id=
Pandora.m:270 -[Pandora doUserLogin:password:callback:]_block_invoke Subscriber status: 1
Pandora.m:275 -[Pandora doUserLogin:password:callback:]_block_invoke Subscriber detected, re-logging-in...
Pandora.m:290 -[Pandora doPartnerLogin:] Getting partner ID...
Pandora.m:823 -[Pandora sendRequest:] https://internal-tuner.pandora.com/services/json/?method=auth.partnerLogin&partner_id=&auth_token=&user_id=
HermesAppDelegate.m:713 -[HermesAppDelegate handlePandoraError:] error received {
error = "The operation couldn\U2019t be completed. (OSStatus error -9807.)";
request = "<PandoraRequest 0x60400029e410 auth.partnerLogin>";
}

inieves commented Aug 10, 2018

Im getting the same issue.

i have contacts over at Pandora... should I contact them?

Log attached:

HermesAppDelegate.m:195 -[HermesAppDelegate applicationDidFinishLaunching:] Starting in debug mode. Log file: /Users/inieves/Library/Logs/Hermes/HermesLog_2018-08-10_12:49:11_-0400.log
Pandora.m:290 -[Pandora doPartnerLogin:] Getting partner ID...
Pandora.m:823 -[Pandora sendRequest:] https://tuner.pandora.com/services/json/?method=auth.partnerLogin&partner_id=&auth_token=&user_id=
Pandora.m:823 -[Pandora sendRequest:] https://tuner.pandora.com/services/json/?method=auth.userLogin&partner_id=42&auth_token=VADEjNzUq9Ew9%2BIlY%2BmhA%2BN08yGZjtcuma&user_id=
Pandora.m:270 -[Pandora doUserLogin:password:callback:]_block_invoke Subscriber status: 1
Pandora.m:275 -[Pandora doUserLogin:password:callback:]_block_invoke Subscriber detected, re-logging-in...
Pandora.m:290 -[Pandora doPartnerLogin:] Getting partner ID...
Pandora.m:823 -[Pandora sendRequest:] https://internal-tuner.pandora.com/services/json/?method=auth.partnerLogin&partner_id=&auth_token=&user_id=
HermesAppDelegate.m:713 -[HermesAppDelegate handlePandoraError:] error received {
error = "The operation couldn\U2019t be completed. (OSStatus error -9807.)";
request = "<PandoraRequest 0x60400029e410 auth.partnerLogin>";
}

@RGerboth

This comment has been minimized.

Show comment
Hide comment
@RGerboth

RGerboth Aug 10, 2018

Looks like maybe Pandora locked Hermes out. Same issue on brand-new install.

RGerboth commented Aug 10, 2018

Looks like maybe Pandora locked Hermes out. Same issue on brand-new install.

@ryanbeymer

This comment has been minimized.

Show comment
Hide comment
@ryanbeymer

ryanbeymer Aug 10, 2018

I was poking around.... looks like their wildcard cert is busted.

ryanbeymer commented Aug 10, 2018

I was poking around.... looks like their wildcard cert is busted.

@nobecutan

This comment has been minimized.

Show comment
Hide comment
@nobecutan

nobecutan Aug 11, 2018

nobecutan commented Aug 11, 2018

@nobecutan

This comment has been minimized.

Show comment
Hide comment
@nobecutan

nobecutan Aug 11, 2018

nobecutan commented Aug 11, 2018

@ryanbeymer

This comment has been minimized.

Show comment
Hide comment
@ryanbeymer

ryanbeymer Aug 11, 2018

Yep walked through it, works for me. Thx @nobecutan #337 (comment)

ryanbeymer commented Aug 11, 2018

Yep walked through it, works for me. Thx @nobecutan #337 (comment)

@inieves

This comment has been minimized.

Show comment
Hide comment
@inieves

inieves Aug 11, 2018

Also worked for me, thanks! Does this need to become part of usage instructions or some FAQ? Or a popup? Thanks @nobecutan #337 (comment)

inieves commented Aug 11, 2018

Also worked for me, thanks! Does this need to become part of usage instructions or some FAQ? Or a popup? Thanks @nobecutan #337 (comment)

@charleshimmer

This comment has been minimized.

Show comment
Hide comment
@charleshimmer

charleshimmer Aug 11, 2018

Worked for me! Thanks @nobecutan!

charleshimmer commented Aug 11, 2018

Worked for me! Thanks @nobecutan!

@ZevEisenberg

This comment has been minimized.

Show comment
Hide comment
@ZevEisenberg

ZevEisenberg Aug 13, 2018

How wise is it to manually trust certs that have been marked as untrusted by Apple and Google? Can we trust them only for pandora.com URLs?

ZevEisenberg commented Aug 13, 2018

How wise is it to manually trust certs that have been marked as untrusted by Apple and Google? Can we trust them only for pandora.com URLs?

@nriley

This comment has been minimized.

Show comment
Hide comment
@nriley

nriley Aug 13, 2018

Contributor
Contributor

nriley commented Aug 13, 2018

DanielStormApps pushed a commit to DanielStormApps/Hermes that referenced this issue Aug 17, 2018

Daniel Storm
HermesApp#340, Add tuner.pandora.com to `NSExceptionDomains`. Set `He…
…rmesMainWindow` `titlebarAppearsTransparent` to `YES.

HermesApp#340, Resolve Xcode `self` warnings.

HermesApp#340, Update to recommended project settings.
@DanielStormApps

This comment has been minimized.

Show comment
Hide comment
@DanielStormApps

DanielStormApps Aug 17, 2018

Created a PR if anyone would like to help test #341

DanielStormApps commented Aug 17, 2018

Created a PR if anyone would like to help test #341

@HashRocketSyntax

This comment has been minimized.

Show comment
Hide comment
@HashRocketSyntax

HashRocketSyntax Aug 25, 2018

sounds like a change in the auth pattern

HashRocketSyntax commented Aug 25, 2018

sounds like a change in the auth pattern

@nriley

This comment has been minimized.

Show comment
Hide comment
@nriley

nriley Aug 26, 2018

Contributor

I can just turn things off completely (30497ad) which does work, but want to do a better job. SecureTransport has defeated me today with its inscrutable documentation. If anyone can help with pinning the cert or CA, that'd be awesome.

Contributor

nriley commented Aug 26, 2018

I can just turn things off completely (30497ad) which does work, but want to do a better job. SecureTransport has defeated me today with its inscrutable documentation. If anyone can help with pinning the cert or CA, that'd be awesome.

@foliovision

This comment has been minimized.

Show comment
Hide comment
@foliovision

foliovision Aug 27, 2018

In the meantime, what makes Hermes work with no fussing around with certificates is to open the normal Pandora app (2.0.10 on my computer) and pause it. If you have Hermes open it will start to work once Pandora's native app starts working once. You must leave the Pandora app open and paused though.

I prefer Hermes not only for the efficient interface but for the LastFM scrobbling. Last.FM has been kind of a favourites list of last resort for awhile when listening across Deezer, Tidal, Pandora, Soma FM and any other service I try. Thanks to Soundiiz (annual subscription for full feature set, free one off migrations), it's possible to convert and amalgamate favourite track, artist and album listings across services with relatively minimal hassle (you have to be a bit of a geek to get along with Soundiiz still).

This works even when running Pandora over a site specific VPN for Hermes. My guide for the site specific VPN, still works, I had to re-use the guide myself today as I've been listening to a lot of SomaFM (West Coast 70's and Lush are awesome free channels, donated there too though). With Clementine app (GPL) you get an easy to use and fast to start interface for digital channels (outside the browser), along with Last.fm scrobbling. I mention Clementine as many of those who admire Hermes like I do might like Clementine too.

foliovision commented Aug 27, 2018

In the meantime, what makes Hermes work with no fussing around with certificates is to open the normal Pandora app (2.0.10 on my computer) and pause it. If you have Hermes open it will start to work once Pandora's native app starts working once. You must leave the Pandora app open and paused though.

I prefer Hermes not only for the efficient interface but for the LastFM scrobbling. Last.FM has been kind of a favourites list of last resort for awhile when listening across Deezer, Tidal, Pandora, Soma FM and any other service I try. Thanks to Soundiiz (annual subscription for full feature set, free one off migrations), it's possible to convert and amalgamate favourite track, artist and album listings across services with relatively minimal hassle (you have to be a bit of a geek to get along with Soundiiz still).

This works even when running Pandora over a site specific VPN for Hermes. My guide for the site specific VPN, still works, I had to re-use the guide myself today as I've been listening to a lot of SomaFM (West Coast 70's and Lush are awesome free channels, donated there too though). With Clementine app (GPL) you get an easy to use and fast to start interface for digital channels (outside the browser), along with Last.fm scrobbling. I mention Clementine as many of those who admire Hermes like I do might like Clementine too.

@nriley

This comment has been minimized.

Show comment
Hide comment
@nriley

nriley Sep 1, 2018

Contributor

More digging this weekend — I found a post that suggests SSLSetCertificate can be used to replace/add a root cert, but this isn't working (and it really looks like it's more designed for client certificate-based authentication). I still get "CFNetwork SSLHandshake failed (-9807)".

Another option (which I'm pretty sure would work) is replacing cert validation via kSSLSessionOptionBreakOnServerAuth but I don't think I can intercept the SSLHandshake because it's called from the guts of CFNetwork:

* thread #1, queue = 'com.apple.main-thread', stop reason = breakpoint 1.1
  * frame #0: 0x00007fff5237d266 Security`SSLHandshake
    frame #1: 0x00007fff45894c20 CFNetwork`SocketStream::_PerformSecurityHandshake_NoLock() + 732
    frame #2: 0x00007fff458943fe CFNetwork`SocketStream::socketCallback(__CFSocket*, unsigned long, __CFData const*, void const*) + 272
    frame #3: 0x00007fff458942b2 CFNetwork`SocketStream::_SocketCallBack_stream(__CFSocket*, unsigned long, __CFData const*, void const*, void*) + 70
    frame #4: 0x00007fff469de54c CoreFoundation`__CFSocketPerformV0 + 1080
    frame #5: 0x00007fff46942405 CoreFoundation`__CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
    frame #6: 0x00007fff469423ab CoreFoundation`__CFRunLoopDoSource0 + 108
    frame #7: 0x00007fff46925e51 CoreFoundation`__CFRunLoopDoSources0 + 195
    frame #8: 0x00007fff469253fa CoreFoundation`__CFRunLoopRun + 1219
    frame #9: 0x00007fff46924ce4 CoreFoundation`CFRunLoopRunSpecific + 463
    frame #10: 0x00007fff45bbe895 HIToolbox`RunCurrentEventLoopInMode + 293
    frame #11: 0x00007fff45bbe5cb HIToolbox`ReceiveNextEventCommon + 618
    frame #12: 0x00007fff45bbe348 HIToolbox`_BlockUntilNextEventMatchingListInModeWithFilter + 64
    frame #13: 0x00007fff43e7b8df AppKit`_DPSNextEvent + 997
    frame #14: 0x00007fff43e7a67e AppKit`-[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 1362
    frame #15: 0x00007fff43e746e1 AppKit`-[NSApplication run] + 699
    frame #16: 0x00007fff43e63e1b AppKit`NSApplicationMain + 780
    frame #17: 0x0000000100005c22 Hermes`main(argc=3, argv=0x00007ffeefbff4b8) at main.m:9
    frame #18: 0x00007fff738fa0a1 libdyld.dylib`start + 1
    frame #19: 0x00007fff738fa0a1 libdyld.dylib`start + 1

The most appropriate solution seems to be to migrate URLConnection to wrap NSURLSession rather than CFHTTP (which is deprecated). Another option would be to use SSLRead/SSLWrite but that seems like the wrong way to go.

Contributor

nriley commented Sep 1, 2018

More digging this weekend — I found a post that suggests SSLSetCertificate can be used to replace/add a root cert, but this isn't working (and it really looks like it's more designed for client certificate-based authentication). I still get "CFNetwork SSLHandshake failed (-9807)".

Another option (which I'm pretty sure would work) is replacing cert validation via kSSLSessionOptionBreakOnServerAuth but I don't think I can intercept the SSLHandshake because it's called from the guts of CFNetwork:

* thread #1, queue = 'com.apple.main-thread', stop reason = breakpoint 1.1
  * frame #0: 0x00007fff5237d266 Security`SSLHandshake
    frame #1: 0x00007fff45894c20 CFNetwork`SocketStream::_PerformSecurityHandshake_NoLock() + 732
    frame #2: 0x00007fff458943fe CFNetwork`SocketStream::socketCallback(__CFSocket*, unsigned long, __CFData const*, void const*) + 272
    frame #3: 0x00007fff458942b2 CFNetwork`SocketStream::_SocketCallBack_stream(__CFSocket*, unsigned long, __CFData const*, void const*, void*) + 70
    frame #4: 0x00007fff469de54c CoreFoundation`__CFSocketPerformV0 + 1080
    frame #5: 0x00007fff46942405 CoreFoundation`__CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
    frame #6: 0x00007fff469423ab CoreFoundation`__CFRunLoopDoSource0 + 108
    frame #7: 0x00007fff46925e51 CoreFoundation`__CFRunLoopDoSources0 + 195
    frame #8: 0x00007fff469253fa CoreFoundation`__CFRunLoopRun + 1219
    frame #9: 0x00007fff46924ce4 CoreFoundation`CFRunLoopRunSpecific + 463
    frame #10: 0x00007fff45bbe895 HIToolbox`RunCurrentEventLoopInMode + 293
    frame #11: 0x00007fff45bbe5cb HIToolbox`ReceiveNextEventCommon + 618
    frame #12: 0x00007fff45bbe348 HIToolbox`_BlockUntilNextEventMatchingListInModeWithFilter + 64
    frame #13: 0x00007fff43e7b8df AppKit`_DPSNextEvent + 997
    frame #14: 0x00007fff43e7a67e AppKit`-[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 1362
    frame #15: 0x00007fff43e746e1 AppKit`-[NSApplication run] + 699
    frame #16: 0x00007fff43e63e1b AppKit`NSApplicationMain + 780
    frame #17: 0x0000000100005c22 Hermes`main(argc=3, argv=0x00007ffeefbff4b8) at main.m:9
    frame #18: 0x00007fff738fa0a1 libdyld.dylib`start + 1
    frame #19: 0x00007fff738fa0a1 libdyld.dylib`start + 1

The most appropriate solution seems to be to migrate URLConnection to wrap NSURLSession rather than CFHTTP (which is deprecated). Another option would be to use SSLRead/SSLWrite but that seems like the wrong way to go.

@sandinak

This comment has been minimized.

Show comment
Hide comment
@sandinak

sandinak Sep 5, 2018

imported the cert as noted in #337 and still getting internal error. After doing some digging I found it's failing because the intermediate is also marked as not trusted. I imported the cert and intermediate from internal-tuner.pandora.com, I marked it as trusted temporarily and that resolved the issue; however not happy with having to do that. I know it's pandora's issue .. but meh .. it's dirty.

sandinak commented Sep 5, 2018

imported the cert as noted in #337 and still getting internal error. After doing some digging I found it's failing because the intermediate is also marked as not trusted. I imported the cert and intermediate from internal-tuner.pandora.com, I marked it as trusted temporarily and that resolved the issue; however not happy with having to do that. I know it's pandora's issue .. but meh .. it's dirty.

@nriley

This comment has been minimized.

Show comment
Hide comment
@nriley

nriley Sep 5, 2018

Contributor
Contributor

nriley commented Sep 5, 2018

@inieves

This comment has been minimized.

Show comment
Hide comment
@inieves

inieves Sep 5, 2018

inieves commented Sep 5, 2018

@haozhang96

This comment has been minimized.

Show comment
Hide comment
@haozhang96

haozhang96 Sep 23, 2018

imported the cert as noted in #337 and still getting internal error. After doing some digging I found it's failing because the intermediate is also marked as not trusted. I imported the cert and intermediate from internal-tuner.pandora.com, I marked it as trusted temporarily and that resolved the issue; however not happy with having to do that. I know it's pandora's issue .. but meh .. it's dirty.

This did it for me. Thanks!

haozhang96 commented Sep 23, 2018

imported the cert as noted in #337 and still getting internal error. After doing some digging I found it's failing because the intermediate is also marked as not trusted. I imported the cert and intermediate from internal-tuner.pandora.com, I marked it as trusted temporarily and that resolved the issue; however not happy with having to do that. I know it's pandora's issue .. but meh .. it's dirty.

This did it for me. Thanks!

@tomlogic

This comment has been minimized.

Show comment
Hide comment
@tomlogic

tomlogic Sep 23, 2018

I was able to do it by importing and trusting just the cert from https://internal-tuner.pandora.com/ which I had not realized was a different cert from https://tuner.pandora.com/ (which I had previously imported). They're both wildcard certs, but with different expiration times.

tomlogic commented Sep 23, 2018

I was able to do it by importing and trusting just the cert from https://internal-tuner.pandora.com/ which I had not realized was a different cert from https://tuner.pandora.com/ (which I had previously imported). They're both wildcard certs, but with different expiration times.

@andrewrphillips

This comment has been minimized.

Show comment
Hide comment
@andrewrphillips

andrewrphillips Sep 24, 2018

@tomlogic This did it for me!

andrewrphillips commented Sep 24, 2018

@tomlogic This did it for me!

@nriley

This comment has been minimized.

Show comment
Hide comment
@nriley

nriley Sep 29, 2018

Contributor

Merging this with #337 as it's the same issue.

Contributor

nriley commented Sep 29, 2018

Merging this with #337 as it's the same issue.

@nriley nriley closed this Sep 29, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment