appmattus/certificatetransparency

Crash on Android 6

Closed this issue · 1 comments

ccodega commented

I've updated the CT library to the latest version 2.2.1 with desugaring enabled (required since version 2.0.0). Btw the app is crashing on a Android 6 device with:
java.lang.NoClassDefFoundError: Failed resolution of: Ljavax/naming/ldap/LdapName

Any suggestion or workaround?

Cose that installs CT:
installCertificateTransparencyProvider { logger = object : CTLogger { override fun log(host: String, result: VerificationResult) { ... } } diskCache = AndroidDiskCache(context) }

Full stacktrace:
java.lang.NoClassDefFoundError: Failed resolution of: Ljavax/naming/ldap/LdapName; at com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyTrustManager.checkServerTrusted(CertificateTransparencyTrustManager.kt:84) at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:117) at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:643) at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method) at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:353) at com.android.okhttp.internal.http.SocketConnector.connectTls(SocketConnector.java:212) at com.android.okhttp.Connection.connect(Connection.java:1324) at com.android.okhttp.Connection.connectAndSetOwner(Connection.java:1412) at com.android.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:131) at com.android.okhttp.internal.http.HttpEngine.nextConnection(HttpEngine.java:485) at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:466) at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:372) at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:476) at com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:118) at com.android.okhttp.internal.huc.HttpURLConnectionImpl.getOutputStream(HttpURLConnectionImpl.java:249) at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.getOutputStream(DelegatingHttpsURLConnection.java:218) at com.android.okhttp.internal.huc.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:25) at com.google.android.datatransport.cct.CctTransportBackend.doSend(CctTransportBackend.java:303) at com.google.android.datatransport.cct.CctTransportBackend.$r8$lambda$bLAzIpNF4NtapXlUpPVGhzxyNT8(CctTransportBackend.java) at com.google.android.datatransport.cct.CctTransportBackend$$ExternalSyntheticLambda0.apply(D8$$SyntheticClass) at com.google.android.datatransport.runtime.retries.Retries.retry(Retries.java:54) at com.google.android.datatransport.cct.CctTransportBackend.send(CctTransportBackend.java:372) at com.google.android.datatransport.runtime.scheduling.jobscheduling.Uploader.logAndUpdateState(Uploader.java:146) at com.google.android.datatransport.runtime.scheduling.jobscheduling.Uploader.lambda$upload$1$com-google-android-datatransport-runtime-scheduling-jobscheduling-Uploader(Uploader.java:105) at com.google.android.datatransport.runtime.scheduling.jobscheduling.Uploader$$ExternalSyntheticLambda2.run(D8$$SyntheticClass) at com.google.android.datatransport.runtime.SafeLoggingExecutor$SafeLoggingRunnable.run(SafeLoggingExecutor.java:47) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1113) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:588) at java.lang.Thread.run(Thread.java:818) Caused by: java.lang.ClassNotFoundException: Didn't find class "javax.naming.ldap.LdapName" on path: DexPathList[[zip file "/data/app/com.funambol.zefiro-2/base.apk"],nativeLibraryDirectories=[/data/app/com.funambol.zefiro-2/lib/arm, /data/app/com.funambol.zefiro-2/base.apk!/lib/armeabi-v7a, /vendor/lib, /system/lib]] at dalvik.system.BaseDexClassLoader.findClass(BaseDexClassLoader.java:56) at java.lang.ClassLoader.loadClass(ClassLoader.java:511) at java.lang.ClassLoader.loadClass(ClassLoader.java:469) at com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyTrustManager.checkServerTrusted(CertificateTransparencyTrustManager.kt:84)  at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:117)  at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:643)  at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)  at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:353)  at com.android.okhttp.internal.http.SocketConnector.connectTls(SocketConnector.java:212)  at com.android.okhttp.Connection.connect(Connection.java:1324)  at com.android.okhttp.Connection.connectAndSetOwner(Connection.java:1412)  at com.android.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:131)  at com.android.okhttp.internal.http.HttpEngine.nextConnection(HttpEngine.java:485)  at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:466)  at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:372)  at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:476)  at com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:118)  at com.android.okhttp.internal.huc.HttpURLConnectionImpl.getOutputStream(HttpURLConnectionImpl.java:249)  at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.getOutputStream(DelegatingHttpsURLConnection.java:218)  at com.android.okhttp.internal.huc.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:25)  at com.google.android.datatransport.cct.CctTransportBackend.doSend(CctTransportBackend.java:303)  at com.google.android.datatransport.cct.CctTransportBackend.$r8$lambda$bLAzIpNF4NtapXlUpPVGhzxyNT8(CctTransportBackend.java)  at com.google.android.datatransport.cct.CctTransportBackend$$ExternalSyntheticLambda0.apply(D8$$SyntheticClass)  at com.google.android.datatransport.runtime.retries.Retries.retry(Retries.java:54)  at com.google.android.datatransport.cct.CctTransportBackend.send(CctTransportBackend.java:372)  at com.google.android.datatransport.runtime.scheduling.jobscheduling.Uploader.logAndUpdateState(Uploader.java:146)  at com.google.android.datatransport.runtime.scheduling.jobscheduling.Uploader.lambda$upload$1$com-google-android-datatransport-runtime-scheduling-jobscheduling-Uploader(Uploader.java:105)  at com.google.android.datatransport.runtime.scheduling.jobscheduling.Uploader$$ExternalSyntheticLambda2.run(D8$$SyntheticClass)  at com.google.android.datatransport.runtime.SafeLoggingExecutor$SafeLoggingRunnable.run(SafeLoggingExecutor.java:47)  at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1113)  at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:588)  at java.lang.Thread.run(Thread.java:818)  Suppressed: java.lang.ClassNotFoundException: javax.naming.ldap.LdapName at java.lang.Class.classForName(Native Method) at java.lang.BootClassLoader.findClass(ClassLoader.java:781) at java.lang.BootClassLoader.loadClass(ClassLoader.java:841) at java.lang.ClassLoader.loadClass(ClassLoader.java:504) ... 30 more Caused by: java.lang.NoClassDefFoundError: Class not found using the boot class loader; no stack trace available

mattmook commented

That's not great, apologies about that, I think I saw it was part of Java 1.5 so assumed it worked on most versions of Android.

Frustratingly I didn't spot this in testing as my device and emulator is running a later version of Android that doesn't go through that code branch. I'll update to ensure I've got a test that does run through it and try and get a fix out promptly