This repository has been archived by the owner. It is now read-only.

Mozilla_sync and Firefox for Android #826

Closed
HiBit opened this Issue Mar 20, 2013 · 29 comments

Comments

Projects
None yet
@HiBit
Copy link

HiBit commented Mar 20, 2013

Hello Everyone,

i'm running Owncloud: 5.0 and using the mozilla_sync app. I can sync various Firefox installations on differently Computers and everything ist working fine for me.

But now i've tried to sync Firefox for Android 19.0.2 with my Owncloud but it doesnt work.
I configure the Android client like all my other clients but at the final Screen where I have confirm my settings the wizzard just stop and didn't take an effect.

Does anyone know about this problem?

@beyerservice

This comment has been minimized.

Copy link

beyerservice commented Mar 20, 2013

Maybe something with SSL cert? Did you use one ? Selfsigned?

@HiBit

This comment has been minimized.

Copy link

HiBit commented Mar 20, 2013

hi,
ive tried it with both. one self signed an one signed from a ca. same issue with both:/

@beyerservice

This comment has been minimized.

Copy link

beyerservice commented Mar 28, 2013

try to access sync URL without http. i think Firefox on Android has some problems with ssl-certs. did you buy that cert or did you use cacert.org?
if you found some working root-cert to import in android, than this might work. my firefox always crashed trying that :-(

@HLFH

This comment has been minimized.

Copy link

HLFH commented Apr 2, 2013

Same problem. Self-signed certificate. I'm usign CaCert certificates. My Firefox always crashed too after trying installation of .PEM certificates.

@ldidry

This comment has been minimized.

Copy link
Contributor

ldidry commented Apr 2, 2013

Could you try a nightly version of Firefox for android (http://nightly.mozilla.org/) ? I had the same crash problem with cacert pem root keys and certificates and it's solved now with nightly.

@HLFH

This comment has been minimized.

Copy link

HLFH commented Apr 2, 2013

No more crash problem with nightly version but still no sync :(
EDIT : My CaCert certificate is not entirely good because it applies to a domain, no to a subdomain. CaCert website is quite down, so I must wait : http://blog.cacert.org/2013/03/591.html

EDIT 2 : My CaCert certificate is now ok with a Wildcard certificate, I flashed again my phone and there is always this problem.

@HiBit

This comment has been minimized.

Copy link

HiBit commented Apr 3, 2013

okay ill test it today with a nightly build of ff.

@HiBit

This comment has been minimized.

Copy link

HiBit commented Apr 4, 2013

ive tested it. still same problem:/

@j-ed

This comment has been minimized.

Copy link
Contributor

j-ed commented Apr 7, 2013

@HiBit First make sure that you the website certificate can be verified without any problem by your browser. If you bought an official certificate for your server this shouldn't be a problem but if you're using a self-signed certificate you have to import the root certificate to your browsers certificate cache to get it verified without a problem.
Afaik the CAcert root certificate is not part of the certificate cache of Android devices and it need to be installed manually. Check the CAcert Wiki for further details: http://wiki.cacert.org/FAQ/ImportRootCert

Additionally you can enter "about:sync-log" in the Firefox address line and check if any error log file has been created which might give you an idea of the root cause of the problem.

@HiBit

This comment has been minimized.

Copy link

HiBit commented Apr 8, 2013

@j-ed
[x] Verification of certificate in browser without problems
[x] Importing the CAcert root certificate in Android device

Still same problem: No syncing.

If I enter about:sync-log in my Firefox on the Android Device I got an error. Site is not avaiable.

Any other suggestions?

@HLFH

This comment has been minimized.

Copy link

HLFH commented Apr 8, 2013

Still same problem: No syncing. Same for me...

@j-ed

This comment has been minimized.

Copy link
Contributor

j-ed commented Apr 8, 2013

@HiBit Please make also sure that you are using the exact server URL, which is given in the certificate, to prevent certificate verification problems. If the URL in the certificate is e.g. "server.domain.lan" you have to access the server using that domain and not e.g. the ip address of the server.

@HLFH

This comment has been minimized.

Copy link

HLFH commented Apr 8, 2013

With a Wildcard certificate, for CN : Common Name (e.g. server FQDN or YOUR name) []:*.servername.net
So the problem is Mozilla_Sync on Android with HTTPS but not directly CaCert.

@HiBit

This comment has been minimized.

Copy link

HiBit commented Apr 9, 2013

@HLFH
what do you mean?

@j-ed:
I've a wildcard certificate *.url.tld. I connect with owncloud.url.tld.

@ldidry

This comment has been minimized.

Copy link
Contributor

ldidry commented Apr 11, 2013

Could you make sure you have imported the cacert (or the problematic CA) root keys in Android ? Firefox will import them into Firefox, so you'll need to use an other web browser to do it.
I did it and the synchronization was OK.
The only thing that still not works is the tabs synchronization, but my bookmarks and password are now in sync.

This problem is due to the fact that Firefox Sync is not run inside Firefox, so it does'nt use the Firefox CA keys.

@HiBit

This comment has been minimized.

Copy link

HiBit commented Apr 11, 2013

@ldidry
can you tell me exactly witch of the certificates do you import and how? it would be great if you can tell me this=)

@HLFH

This comment has been minimized.

Copy link

HLFH commented Apr 11, 2013

@ldidry

Thanks for details Mister Arsall but it's already done.

Smartphone : Samsung Galaxy S GT-I9000
Operating System : CyanogenMod 10 (based on Android 4.2.2)
Firefox : every last version in the Firefox channels (Aurora, Nightly, Beta, Final)

I use Nginx not Apache (Netcraft is loving it > http://news.netcraft.com/archives/2013/04/02/april-2013-web-server-survey.html). I think that is the heart of the problem.

I have installed these root certificates and only these root certificates : http://www.cacert.org/?id=3, .PEM format, class 1 and 3 PKI keys.

For testing, I have reflashed all my smartphone first with Odin 3.07 using repartition, secondly with the Open Source app Heimdall without repartition (bug on 1.3.2 Suite, compilation errors for next GitHub versions on OS X)

Security > Trusted Certificates > User > Cacert Inc. (Cacert Class 3 Root) & Root CA (CaCert Signing Authority).
So, it's done.

I'm using the advanced modes during the Firefox Sync setup.
And Firefox Sync on Android was saying to me : "please enter valid server url".

So, I used this for SSL in Nginx owncloud.conf :

ssl_certificate /etc/nginx/ssl/cacert/surfnote_crt.pem;
ssl_certificate_key /etc/nginx/ssl/cacert/surfnote_privatekey.pem;
ssl_protocols SSLv3 TLSv1; #added after, did nothing
ssl_ciphers AES128-SHA; #added after, did nothing

Must I add other things than root CaCert certificates ? Privatekey, server certificate...?

Thanks in advance :p

@ldidry

This comment has been minimized.

Copy link
Contributor

ldidry commented Apr 11, 2013

@HiBit : I have installed these root certificates and only these root certificates : http://www.cacert.org/?id=3, .PEM format, class 1 and 3 PKI keys, just as @HLFH

@HLFH : did you install them in Firefox too ? I don't know if there is a point to this, but just in case… Did you go to your owncloud with firefox and eventually accepted the certificate security exception ?

Here's my nginx conf :

    ssl                  on;
    ssl_certificate      /etc/ssl/private/universal.chained.crt;
    ssl_certificate_key  /etc/ssl/private/privkey.key;

    ssl_session_timeout 5m; 
    ssl_session_cache shared:SSL:5m;

Did you see anything in your logs ? I didn't saw anything from my Android before adding the cacert root keys.

Plus, I didn't use the advanced sync setting, but use the add a device from my computer. Maybe it will be the job ?

@HLFH

This comment has been minimized.

Copy link

HLFH commented Apr 11, 2013

@ldidry

did you install them in Firefox too ?

Yes also ;)

Did you go to your owncloud with firefox and eventually accepted the certificate security exception ?

Yes also, I tested that.

Plus, I didn't use the advanced sync setting, but use the add a device from my computer. Maybe it will be the job ?

I tested both. Add a device from my computer did the trick but there is no real syncing at the end (no bookmarks & no synced passwords, etc.) Advanced mode said "please enter a valid server url". In fact, with advanced mode, I have great feel that it will be ok but after 20 seconds maybe - I repeat - I have please enter a valid server url, so it's maybe the timeout issue for me.

Did you see anything in your logs ?

I will retry adb logcat but I think it wouldn't help...
And thanks for Nginx conf, I will retry (@^^@)

@ldidry

This comment has been minimized.

Copy link
Contributor

ldidry commented Apr 11, 2013

@HLFH
The tabs didn't work for me at all, but the passwords and bookmarks took a loooooooong time to really sync.
In fact, I saw that the passwords and bookmarks worked one or two days later. Could you try to add the device from your computer, then wait a day or two ?

And by your logs, I meant your nginx logs (sorry for the confusion). The sync agent will appear with a user-agent like Java (1.5)

@HiBit

This comment has been minimized.

Copy link

HiBit commented Apr 11, 2013

sooo, ive installed the same root certificates as you guys but it didnt work:(
if i try to add the certificates also to my firefox it crashes. did anyone know in which logfile
apache writes the connetion attempts?

@HLFH

This comment has been minimized.

Copy link

HLFH commented Apr 11, 2013

@HiBit

For small crash Firefox, please install Firefox Nightly or Firefox Aurora : http://www.mozilla.org/en-US/firefox/channel/#aurora

. did anyone know in which logfile
apache writes the connetion attempts?

/var/log/apache/access.log ?

@pzy

This comment has been minimized.

Copy link

pzy commented Jun 5, 2013

Hey there i guess i'm facing the same problem...i first thought that the error might be the self-signed certificate (and i got one error regarding that), now after getting a cert from startssl.com i still cannot sync with my own server..i added serveral new desktop firefox instances.
Now i get the following error from logcat
E/FxSync (18888): firefox :: SyncAdapter :: Credentials attached to account, but missing syncKey. Aborting sync.

@thomasysliu

This comment has been minimized.

Copy link

thomasysliu commented Jun 13, 2013

According to

https://bugzilla.mozilla.org/show_bug.cgi?id=847178

We found some issue for the owncloud storage server: both https://docs.services.mozilla.com/storage/apis-1.0.html and https://docs.services.mozilla.com/storage/apis-1.1.html are clear that the "modified" field must be present and should be a number (float, 2 decimal places) and not a string.

This may fix the sync issue on Firefox mobile.

@thomasysliu

This comment has been minimized.

Copy link

thomasysliu commented Jun 19, 2013

Here is my patch #1163

@hurr1c4ne

This comment has been minimized.

Copy link

hurr1c4ne commented Jul 23, 2013

Hi, I'm experiencing the same issue HLFH has. I have applied patch #1163, but sync still does not work on Android Firefox. Desktop Firefox Sync works pretty good. Considering to implement http://docs.services.mozilla.com/howtos/run-sync.html, now...

@Salzi

This comment has been minimized.

Copy link

Salzi commented Jul 24, 2013

Same problem here. Add patch #1163 without success on Android Firefox :-(

This was referenced Jul 28, 2013

@ogasser

This comment has been minimized.

Copy link
Contributor

ogasser commented Jul 28, 2013

If you get the "Invalid server URL" message, check your server's SSL settings. Firefox mobile uses the RC4-SHA cipher suite.

If you use nginx you can add the following to your nginx.conf:

ssl_ciphers HIGH:RC4-SHA:!aNULL:!MD5;

ogasser added a commit to owncloudarchive/mozilla_sync that referenced this issue Oct 3, 2013

numRows() returns int
numRows() returns an int [1] and should thus be compared to an int and
not a string.

This is important for Sync to find the user account on Firefox Mobile
for Android, see owncloud/apps#826

Fixes owncloud/apps#1261

[1] http://pear.php.net/package/MDB2/docs/latest/MDB2/MDB2_Result_Common.html#methodnumRows

ogasser added a commit to owncloudarchive/mozilla_sync that referenced this issue Oct 3, 2013

Cast modified data to float
Numeric datatypes are returned as string from database.
Cast modified data to float to make sure they are returned according to
the specification [1].
This is important for strict parsers such as Firefox Mobile on Android, see owncloud/apps#826

Fixes owncloud/apps#1263

[1] http://docs.services.mozilla.com/storage/apis-1.1.html#id2
@apg1980

This comment has been minimized.

Copy link

apg1980 commented Mar 24, 2015

Hello,

i am using sophos utm 9.3 webserver protection.
my owncloud server is published via a valid trusted ssl cert from startssl.com and is proxied to the internal http port 80 of the apache webserver (bitnami owncloud appliance).
i am unable to get the ff sync working. Desktop firefox is working.
Are there any known settings i have to check to get the sync working on my android ff devices?
Thanks for your reply.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.