Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fileTransfer.download from https return error code 3 (SSL handshake) in android #203

Closed
stackmanoj opened this issue Aug 28, 2018 · 32 comments
Closed

fileTransfer.download from https return error code 3 (SSL handshake) in android #203

stackmanoj opened this issue Aug 28, 2018 · 32 comments
Labels
platform: android support

Comments

@stackmanoj
Copy link

I am downloading file using this
fileTransfer.download(sourecUrl, destinationPath,successCallback,errorCallback,true,{});

In error callback I am receiving error code 3 (SSL handshake)

untitled

TLS1.2 is used in my server.
Android version is 4.4.3
@stackmanoj stackmanoj changed the title fileTransfer.download from https return error code 3 in android fileTransfer.download from https return error code 3 (SSL handshake) in android Aug 28, 2018
@pallaviMN
Copy link

@stackmanoj did you resolve this issue? even i am facing it

@senjoeson
Copy link

senjoeson commented Jan 17, 2019
edited

i had faced the problem at last time, at that time ,i used the version is v1.5.1. Now i switch the lastest version ,v 1.7.1, but i can't solve the problem . So i change the android source code like this:

  • Firstly:
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSession;
  • Secondly: (the code must add to the method of "download" and "upload" from the class "FileTransfer")

image

  • Finally:

image

All the above changed are from the class ''FileTransfer.java"

That can fix the bug to solve the problem that can't run on Android P !

@pallaviMN

@pallaviMN
Copy link

@senjoeson , i tested in samsung device marshmellow, still getting SSL issue

@senjoeson
Copy link

@pallaviMN thanks for your reply.Now can you tell me how to cause the error ? "upload" or "download"?
i had mentioned that all the methods need add that settings.

@pallaviMN
Copy link

pallaviMN commented Jan 23, 2019
edited

download is causing the error, can you please upload your file. It will be useful @senjoeson

@pallaviMN
Copy link

Actually, its not entering that override method itself @senjoeson

@senjoeson
Copy link

FileTransfer.txt
@pallaviMN please copy that,and change .txt to .java .

@pallaviMN
Copy link

@senjoeson , will add & let you know. Thanks a lot

@pallaviMN
Copy link

@senjoeson , i am using cordova 7.0.0, will it cause this issue? Because even your code didnt work for me

@pallaviMN
Copy link

@senjoeson , its not calling "private static HostnameVerifier hostnameVerifier = new HostnameVerifier "
method at all

@senjoeson
Copy link

my means is add to .... sorry.it's my mistakes.

@pallaviMN
Copy link

sorry i didnt understand @senjoeson

@senjoeson
Copy link

@pallaviMN ,i have corrent my word. Please revisit the instructions I wrote above. Thx.

@senjoeson
Copy link

@pallaviMN If you have not solved the problem, please provide your contact information, I will talk to you privately.

@raulbht
Copy link

raulbht commented May 22, 2019

I am having problems when downloading files by https since I get error 3 and I have seen in the documentation that you can use the following option "trustAllHosts" but it is not valid for production ... someone could tell me how I could solve it for the production version? Since I have not found anything about it.
Thank you.

@wynngd
Copy link

wynngd commented Jun 11, 2019

i had faced the problem at last time, at that time ,i used the version is v1.5.1. Now i switch the lastest version ,v 1.7.1, but i can't solve the problem . So i change the android source code like this:

  • Firstly:
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSession;
  • Secondly: (the code must add to the method of "download" and "upload" from the class "FileTransfer")

image

  • Finally:

image

All the above changed are from the class ''FileTransfer.java"

That can fix the bug to solve the problem that can't run on Android P !

@pallaviMN

I tried this but it is not working. I need to download a file from a server with self-signed cert but the app needs to by pass the SSL Cert check. Is there another way?

@wynngd
Copy link

wynngd commented Jun 11, 2019

I already fixed my issue. I followed the way the amazon source (FileTransfer.java) implemented the DO_NOT_VERIFY host name verifier and create anew sslsocket factory.

@uldcra
Copy link

uldcra commented Aug 9, 2019

Hello everybody.
My english is very poor, but wich/what are files modified?
Thanks

@uldcra
Copy link

uldcra commented Aug 12, 2019

Hello everybody.
My english is very poor.
But there are any posibility for disable https , protocol.
I follow this instructions and continue break the application to/with problem .

@curthusting
Copy link

curthusting commented Aug 13, 2019
edited

@wynngd

I followed the way the amazon source (FileTransfer.java) implemented the DO_NOT_VERIFY host name verifier and create anew sslsocket factory.

You mention that you have fixed this issue by following Amazon, can you elaborate on what you did to fix this?

@wynngd
Copy link

wynngd commented Aug 14, 2019

Sorry @uldcra for the late reply. I am pretty busy the past few days...

In the FileTransfer.java under Android Source, include this function:

private static final HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() {
    public boolean verify(String hostname, SSLSession session) {
        return true;
    }
};

and then in the function, insert this between line 760 and 761

                    // Setup the HTTPS connection class to trust everyone
                    HttpsURLConnection https = (HttpsURLConnection)connection;
                    oldSocketFactory = trustAllHosts(https);
                    // Save the current hostnameVerifier
                    oldHostnameVerifier = https.getHostnameVerifier();
                    // Setup the connection not to verify hostnames
                    https.setHostnameVerifier(DO_NOT_VERIFY);

This will skip the HTTPS SSL Cert verification.

I attached my code. (just change it back to .java)
FileTransfer.txt

Again sorry for the delay...

@uldcra
Copy link

uldcra commented Aug 18, 2019

Hello wynngd.
My english is very poor. but a lot of thanks, i apprecite your helpful, thanks for solve my problem.

@anujparmar545
Copy link

This is the code:

image

and this is the error:
image

I am getting source and target but not body ,http status and exception. FiletransferError code 2.....Plz help

@codafish-gmbh
Copy link

We use file-transfer with Ionic and Capacitor:

    "cordova-plugin-file-transfer": "^1.7.1",
    "@ionic-native/file-transfer": "^5.26.0",

Unfortunately, the method download() on Android devices always results in the exception FileTransferError.CONNECTION_ERR:

            const timeStamp = (Date.now() / 1000).toString();
            url = url + '&cacheBuster=' + timeStamp;
            url = encodeURI(url);
            const transfer = this.transfer.create();
            transfer.download(url, localPath).then(entry => {
                const localUrl = entry.toURL();
                this.openFile(localUrl);
                this.pageDataService.setLoadingStatus(false);
            }, (err) => {
                const error = JSON.stringify(err);
                console.log(url);
                this.pageDataService.setLoadingStatus(false);
                mobiscroll.snackbar({
                    color: 'danger',
                    message: error
                });
            });

We also tried to apply the patch of @wynngd without any success. On iOS devices, the plugin works like a charm.

Is there any chance, that this issue gets fixed?

@breautek
Copy link
Contributor

breautek commented Jun 1, 2020

Is there any chance, that this issue gets fixed?

No, this plugin is deprecated

The issue is older android devices don't have TLS enabled by default, but most devices do support it. I have a fork that solves this problem, but you also need to use a custom cordova-android fork as well.

If you want to fix this in your own forks, you can look at the following commits:

cordova-android: totalpave/cordova-android@b6e5504
cordova-plugin-file-transfer: totalpave@7f9b3ba

These changesets will make the older android devices (tested as far back as android 4.1) use TLS 1.1 & TLS 1.2.

If you want to change this, see totalpave/cordova-android@b6e5504#diff-1a0a158bbbc267048975894bb6ce2217R66

The commits are consolidated enough that you should be able to fork the repos, and add my fork as a remote, to git cherry-pick the commit.

If the requested TLS is not available on the device, I'm assuming the app will crash, but I've never seen that in our crash analytics.

Note: I would refrain from using the totalpave fork's, I'm no longer maintaining them as we have moved on. So both the cordova-android fork & the cordova-plugin-file-transfer fork will probably disappear in the future.

@codafish-gmbh
Copy link

Hi @breautek,

thanks for your fast reply. Referring to the depricated message: does it mean that the further development of this plugin has been discontinued?

Thanks, Timo

@breautek
Copy link
Contributor

breautek commented Jun 1, 2020
edited

Referring to the depricated message: does it mean that the further development of this plugin has been discontinued?

Yes. The deprecation message provides links that explains how to migrate away from this plugin.

@codafish-gmbh
Copy link

Thanks @breautek !

@nazmisyazwan90
Copy link

anyone else have any other solution for this issue? tried @wynngd solution but with no success on Android

@breautek
Copy link
Contributor

Using wynngd's solution, which bypasses SSL validation is never a good idea.

First, I'd recommend moving away from this plugin altogether, because this is plugin is deprecated. Read this to learn how

If for some reason you cannot, then #203 (comment) may help you.

@wynngd
Copy link

wynngd commented Jun 23, 2020 via email

@timbru31
Copy link
Member

Closing this issue, as we won't support Android <5.1 (API level <22) in future releases of plugins and cordova-android already dropped support for it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
platform: android support
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests