{ "id": "162354", "key": "TIMOB-24004", "fields": { "issuetype": { "id": "1", "description": "A problem which impairs or prevents the functions of the product.", "name": "Bug", "subtask": false }, "project": { "id": "10153", "key": "TIMOB", "name": "Titanium SDK/CLI", "projectCategory": { "id": "10100", "description": "Titanium and related SDKs used in application development", "name": "Client" } }, "fixVersions": [], "resolution": { "id": "7", "description": "", "name": "Invalid" }, "resolutiondate": "2016-10-12T10:19:55.000+0000", "created": "2016-08-03T09:28:36.000+0000", "priority": { "name": "High", "id": "2" }, "labels": [], "versions": [], "issuelinks": [ { "id": "57504", "type": { "id": "10003", "name": "Relates", "inward": "relates to", "outward": "relates to" }, "outwardIssue": { "id": "173491", "key": "TIMOB-26992", "fields": { "summary": "Android: HTTPClient may use SSLv3 by default on Android 4.x when it shouldn't", "status": { "description": "The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.", "name": "Closed", "id": "6", "statusCategory": { "id": 3, "key": "done", "colorName": "green", "name": "Done" } }, "priority": { "name": "None", "id": "6" }, "issuetype": { "id": "1", "description": "A problem which impairs or prevents the functions of the product.", "name": "Bug", "subtask": false } } } } ], "assignee": { "name": "gmathews", "key": "gmathews", "displayName": "Gary Mathews", "active": true, "timeZone": "America/Los_Angeles" }, "updated": "2019-04-24T04:57:27.000+0000", "status": { "description": "The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.", "name": "Closed", "id": "6", "statusCategory": { "id": 3, "key": "done", "colorName": "green", "name": "Done" } }, "components": [ { "id": "10202", "name": "Android", "description": "Android Platform" } ], "attachment": [], "flagged": false, "summary": "Android: Parameter tlsVersion has no effect in version< 5.0", "creator": { "name": "mBahl", "key": "mbahl", "displayName": "Michael Bahl", "active": true, "timeZone": "America/Los_Angeles" }, "subtasks": [], "reporter": { "name": "mBahl", "key": "mbahl", "displayName": "Michael Bahl", "active": true, "timeZone": "America/Los_Angeles" }, "environment": "MAC OS Elcapitan\r\nTitanium SDK 5.3.1\r\nAndroid 4.4.4. / 4.1 / 5.0.0", "closedSprints": [ { "id": 733, "state": "closed", "name": "2016 Sprint 21 SDK", "startDate": "2016-10-08T00:53:00.000Z", "endDate": "2016-10-22T00:53:00.000Z", "completeDate": "2016-10-24T03:58:08.547Z", "originBoardId": 114 } ], "comment": { "comments": [ { "id": "392329", "author": { "name": "sdarda", "key": "sdarda", "displayName": "Sharif AbuDarda", "active": false, "timeZone": "Asia/Dhaka" }, "body": "Hello, I Can't reproduce the issue with the code provided below. I am testing on ANdroid 4.4.4 with SDK 5.3.1.GA.\r\n\r\n{code}\r\nvar httpclient = Titanium.Network.createHTTPClient({\r\n\r\n validatesSecureCertificate: true,\r\n\r\n tlsVersion : Ti.Network.TLS_VERSION_1_2,\r\n\r\n onload : function(response) {\r\n\r\n Ti.API.info(\"Received text: \" + this.responseText);\r\n\r\n \r\n\r\n },\r\n\r\n onerror : function(response) {\r\n\r\n Ti.API.debug(response.error);\r\n\r\n }\r\n\r\n \r\n\r\n});\r\n\r\nhttpclient.open(\"GET\",\"https://appservices.anvilgroup.com/help\");\r\n\r\nhttpclient.send();\r\n{code}\r\n\r\nI am getting no such error. \r\n{code}\r\n[INFO] : Received text: \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : ANVIL App Service API\r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] :
\r\n[INFO] :
\r\n[INFO] :
\r\n[INFO] :

ANVIL App Service API

\r\n[INFO] :
\r\n[INFO] :
\r\n[INFO] :
\r\n[INFO] :
\r\n[INFO] :
\r\n[INFO] :
\r\n[INFO] :

Introduction

\r\n[INFO] :

\r\n[INFO] : This API is intended for ANVIL apps\r\n[INFO] :

\r\n[INFO] :
\r\n[INFO] :
\r\n[INFO] :
\r\n[INFO] : \r\n[INFO] : \r\n[INFO] :

Assistance

\r\n[INFO] :

Supplies / accepts information for assistance

\r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] :
APIDescription
GET api/{ext}/Assistance/Lines/{id}\r\n[INFO] :

Gets Assistance lines configured for a specific client

\r\n[INFO] :
GET api/{ext}/Assistance/LinesV1/{id}\r\n[INFO] :

Gets Assistance lines configured for a specific client (using EnterpriseSetup V1 Client Id)

\r\n[INFO] :
\r\n[INFO] : \r\n[INFO] :

InfoTree

\r\n[INFO] :

Supply Info Tree items

\r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] :
APIDescription
GET api/{ext}/InfoTree/{id}/{type}/{countryId}\r\n[INFO] :

Get Info Tree data items (by type) for a defined client

\r\n[INFO] :
GET api/{ext}/InfoTree/{id}/{type}/{countryId}/{language}\r\n[INFO] :

Get resourced Info Tree data items (by type) for a defined client including a country Id filter

\r\n[INFO] :
\r\n[INFO] :

Get resourced Info Tree data items (by type) for a defined client

\r\n[INFO] :
\r\n[INFO] : \r\n[INFO] :

Area

\r\n[INFO] :

Supplies information on areas (towns, cities etc)

\r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] :
APIDescription
GET api/{ext}/Area/{id}\r\n[INFO] :

Get Area record by Id

\r\n[INFO] :
GET api/{ext}/Area/all\r\n[INFO] :

Returns all Area records

\r\n[INFO] :
GET api/{ext}/Area/Lookup/all\r\n[INFO] :

Returns a lookup list of ALL Area records

\r\n[INFO] :
GET api/{ext}/Area/ByCountryId/{id}<\r\n{code}\r\n\r\nThanks.\r\n\r\n", "updateAuthor": { "name": "sdarda", "key": "sdarda", "displayName": "Sharif AbuDarda", "active": false, "timeZone": "Asia/Dhaka" }, "created": "2016-08-03T17:38:46.000+0000", "updated": "2016-08-03T17:38:46.000+0000" }, { "id": "392333", "author": { "name": "mBahl", "key": "mbahl", "displayName": "Michael Bahl", "active": true, "timeZone": "America/Los_Angeles" }, "body": "Of cause your example works because https://appservices.anvilgroup.com support both tls1.1 and tls1.2,\r\nbut your example wouldn't work if https://appservices.anvilgroup.com only supports tls1.2.\r\n\r\nFor example both commands below will work for https://appservices.anvilgroup.com:\r\ncurl https://appservices.anvilgroup.com/help --tlsv1.1\r\ncurl https://appservices.anvilgroup.com/help --tlsv1.2\r\n\r\nif we try to connect to a server which onyl supports tls1.2 for instance https://elster.de:\r\ncurl https://elster.de --tlsv1.1 //This will fail\r\ncurl https://elster.de --tlsv1.2 //This one will work \r\n\r\nIf we try to connect to a server which only supports tls1.2 your titanium sample will fail\r\non android < 5.0.\r\n\r\nCheck it out and let me know your results.", "updateAuthor": { "name": "mBahl", "key": "mbahl", "displayName": "Michael Bahl", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2016-08-03T18:10:37.000+0000", "updated": "2016-08-03T18:11:53.000+0000" }, { "id": "394681", "author": { "name": "mBahl", "key": "mbahl", "displayName": "Michael Bahl", "active": true, "timeZone": "America/Los_Angeles" }, "body": "I have creted a sample project for you --> https://github.com/MichelBahl/tls-AC-4323.\r\nPlease reopen this ticket.", "updateAuthor": { "name": "mBahl", "key": "mbahl", "displayName": "Michael Bahl", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2016-08-29T19:35:36.000+0000", "updated": "2016-08-29T19:35:36.000+0000" }, { "id": "394687", "author": { "name": "mBahl", "key": "mbahl", "displayName": "Michael Bahl", "active": true, "timeZone": "America/Los_Angeles" }, "body": "Here is a video showing the bug https://www.youtube.com/watch?v=B8c0cBGIevs&feature=youtu.be", "updateAuthor": { "name": "mBahl", "key": "mbahl", "displayName": "Michael Bahl", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2016-08-29T20:02:31.000+0000", "updated": "2016-08-29T20:02:31.000+0000" }, { "id": "397561", "author": { "name": "sdarda", "key": "sdarda", "displayName": "Sharif AbuDarda", "active": false, "timeZone": "Asia/Dhaka" }, "body": "Hello, Can you try in latest SDK 5.5.0.GA?", "updateAuthor": { "name": "sdarda", "key": "sdarda", "displayName": "Sharif AbuDarda", "active": false, "timeZone": "Asia/Dhaka" }, "created": "2016-09-28T20:45:50.000+0000", "updated": "2016-09-28T20:45:50.000+0000" }, { "id": "397724", "author": { "name": "mBahl", "key": "mbahl", "displayName": "Michael Bahl", "active": true, "timeZone": "America/Los_Angeles" }, "body": "I am gonna check this, this weekend", "updateAuthor": { "name": "mBahl", "key": "mbahl", "displayName": "Michael Bahl", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2016-09-30T08:29:37.000+0000", "updated": "2016-09-30T08:29:37.000+0000" }, { "id": "397871", "author": { "name": "mBahl", "key": "mbahl", "displayName": "Michael Bahl", "active": true, "timeZone": "America/Los_Angeles" }, "body": "It's still not working.\r\nif you have problems to repdroduce the issue,\r\ncontact me via e-mail to exchange skype name/number.", "updateAuthor": { "name": "mBahl", "key": "mbahl", "displayName": "Michael Bahl", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2016-10-03T09:50:56.000+0000", "updated": "2016-10-03T09:50:56.000+0000" }, { "id": "398056", "author": { "name": "sdarda", "key": "sdarda", "displayName": "Sharif AbuDarda", "active": false, "timeZone": "Asia/Dhaka" }, "body": "Hello, I tried your test project, For me, the app works for both case, I watched your video, I see you are getting the error and for me, I am getting the below log in Android 5.0.0. Make sure you are using the latest SDK 5.5.1.GA. Thanks.\r\n{code}\r\n[INFO] : Received text: \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : ELSTER - Die elektronische Steuererklärung\r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] : \r\n[INFO] :
\r\n[INFO] : \r\n[INFO] :
\r\n[INFO] :
\r\n[INFO] : \r\n[INFO] :

Elster Landing Page

\r\n[INFO] : \"ElsterOnline\"\r\n[INFO] :
\r\n[INFO] : \r\n[INFO] : \r\n[INFO] :
\r\n[INFO] :
\r\n[INFO] :
\r\n{code}\r\n", "updateAuthor": { "name": "sdarda", "key": "sdarda", "displayName": "Sharif AbuDarda", "active": false, "timeZone": "Asia/Dhaka" }, "created": "2016-10-04T14:57:44.000+0000", "updated": "2016-10-07T19:29:21.000+0000" }, { "id": "398057", "author": { "name": "mBahl", "key": "mbahl", "displayName": "Michael Bahl", "active": true, "timeZone": "America/Los_Angeles" }, "body": "I am using the latest SDK and it fails.\r\n\r\nAre you using Android 4.4.4 ?", "updateAuthor": { "name": "mBahl", "key": "mbahl", "displayName": "Michael Bahl", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2016-10-04T15:01:47.000+0000", "updated": "2016-10-04T15:01:47.000+0000" }, { "id": "398602", "author": { "name": "gmathews", "key": "gmathews", "displayName": "Gary Mathews", "active": true, "timeZone": "America/Los_Angeles" }, "body": "[~mBahl] [~sdarda] It appears the issue isn't with Titanium, Android 4.1+ does support TLSv1.2. However, the ciphers used by {{https://elster.de}} are not supported in Android 4.1+.\r\n\r\nYou can view the ciphers supported by Android 4.1+ here: https://developer.android.com/reference/javax/net/ssl/SSLSocket.html\r\n\r\n*TEST CASE FOR TLSv1.2*\r\n{code:js}\r\nvar http = Titanium.Network.createHTTPClient(\r\n {\r\n validatesSecureCertificate: true,\r\n tlsVersion: Ti.Network.TLS_VERSION_1_2,\r\n onload: function (response) {\r\n var tls = /TLS\\s\\d\\.\\d/g.exec(this.responseText);\r\n if (tls) {\r\n Ti.API.info('Android API: ' + Ti.Platform.Android.API_LEVEL);\r\n Ti.API.info(tls[0]);\r\n }\r\n },\r\n onerror: function (response) {\r\n Ti.API.info(response.error);\r\n }\r\n }\r\n);\r\nhttp.open('GET', 'www.howsmyssl.com');\r\nhttp.send();\r\n{code}\r\n{code}\r\nAndroid API: 16\r\nTLS 1.2\r\n{code}", "updateAuthor": { "name": "gmathews", "key": "gmathews", "displayName": "Gary Mathews", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2016-10-11T17:31:59.000+0000", "updated": "2016-10-11T17:31:59.000+0000" }, { "id": "398810", "author": { "name": "mBahl", "key": "mbahl", "displayName": "Michael Bahl", "active": true, "timeZone": "America/Los_Angeles" }, "body": "www.howsmyssl.com is *not* a valid test case.\r\n\r\nYou have to test against an URL which only supports 1.2\r\nbut not 1.1.", "updateAuthor": { "name": "mBahl", "key": "mbahl", "displayName": "Michael Bahl", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2016-10-13T07:34:24.000+0000", "updated": "2016-10-13T07:34:24.000+0000" }, { "id": "398813", "author": { "name": "gmathews", "key": "gmathews", "displayName": "Gary Mathews", "active": true, "timeZone": "America/Los_Angeles" }, "body": "[~mBahl] I did, I tested against {{https://elster.de/}}. My test case above is to prove TLSv1.2 is working on Android 4.1 and that the issue is due to the host using ciphers that are not compatible with < Android 5.0.\r\n\r\nThe host I tested with {{https://elster.de/}} *only* allows the following ciphers to be used:\r\n{code}\r\nTLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384\r\nTLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384\r\nTLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\r\nTLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256\r\nTLS_DHE_RSA_WITH_AES_128_GCM_SHA256\r\nTLS_DHE_RSA_WITH_AES_128_CBC_SHA256\r\nTLS_DHE_RSA_WITH_AES_256_GCM_SHA384\r\nTLS_DHE_RSA_WITH_AES_256_CBC_SHA256\r\n{code}\r\n\r\nCompatibility for these ciphers was introduced in Android 5.0 (https://developer.android.com/reference/javax/net/ssl/SSLSocket.html)", "updateAuthor": { "name": "gmathews", "key": "gmathews", "displayName": "Gary Mathews", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2016-10-13T08:23:22.000+0000", "updated": "2016-10-13T08:24:03.000+0000" }, { "id": "415602", "author": { "name": "lmorris", "key": "lmorris", "displayName": "Lee Morris", "active": false, "timeZone": "America/Los_Angeles" }, "body": "Closing ticket as invalid with reference to the above comments.", "updateAuthor": { "name": "lmorris", "key": "lmorris", "displayName": "Lee Morris", "active": false, "timeZone": "America/Los_Angeles" }, "created": "2017-03-24T17:59:09.000+0000", "updated": "2017-03-24T17:59:09.000+0000" } ], "maxResults": 14, "total": 14, "startAt": 0 } } }