Exception: Handshake has already been started on Android 5+ #4718
Description
With https://github.com/ganskef/LittleProxy-mitm I use SSL on all Java platforms. Android devices up to 4.4 are supported well since #3904 is fixed. With Android 5.0 it's been better since #4116 is fixed, but there is still one concern with Android 5+. All connection attempts are interrupted with this:
java.lang.IllegalStateException: Handshake has already been started
at com.android.org.conscrypt.OpenSSLEngineImpl.beginHandshake(OpenSSLEngineImpl.java:139) ~[na:0.0]
at io.netty.handler.ssl.SslHandler.handshake(SslHandler.java:1350) ~[na:0.0]
at io.netty.handler.ssl.SslHandler.channelActive(SslHandler.java:1389) ~[na:0.0]
at io.netty.channel.ChannelHandlerInvokerUtil.invokeChannelActiveNow(ChannelHandlerInvokerUtil.java:48) ~[na:0.0]
at io.netty.channel.DefaultChannelHandlerInvoker.invokeChannelActive(DefaultChannelHandlerInvoker.java:79) ~[na:0.0]
at io.netty.channel.AbstractChannelHandlerContext.fireChannelActive(AbstractChannelHandlerContext.java:125) ~[na:0.0]
at io.netty.channel.DefaultChannelPipeline.fireChannelActive(DefaultChannelPipeline.java:884) ~[na:0.0]
at io.netty.channel.nio.AbstractNioChannel$AbstractNioUnsafe.fulfillConnectPromise(AbstractNioChannel.java:260) ~[na:0.0]
at io.netty.channel.nio.AbstractNioChannel$AbstractNioUnsafe.finishConnect(AbstractNioChannel.java:290) ~[na:0.0]
This hint is figured out by @MediumOne: After commenting out this line it's mostly working, but not perfect:
https://github.com/netty/netty/blob/4.1/handler/src/main/java/io/netty/handler/ssl/SslHandler.java#L1266
diff --git a/handler/src/main/java/io/netty/handler/ssl/SslHandler.java b/handler/src/main/java/io/netty/handler/ssl/SslHandler.java
index 7dde9d0..5f4939d 100644
--- a/handler/src/main/java/io/netty/handler/ssl/SslHandler.java
+++ b/handler/src/main/java/io/netty/handler/ssl/SslHandler.java
@@ -1263,7 +1263,7 @@
// Begin the initial handshake.
// channelActive() event has been fired already, which means this.channelActive() will
// not be invoked. We have to initialize here instead.
- handshake(null);
+// handshake(null);
} else {
// channelActive() event has not been fired yet. this.channelOpen() will be invoked
// and initialization will occur there.
On Mac OS X it looks good (Windows is not been tested), but on Linux and Android 5+ it's not totally stable, so it's not a fix. Some connections are cancelled, and sometimes blocking occurs, mostly at the first connection.
I can reproduce this behavior on emulators, with Android 5.0, 5.1 and 6.0. This code was been introduced with this commit: 50fafdc on 06/07/2012 by Trustin. Do you have any suggestions please?