iosswiftalamofirespotifyboringssl

SSL_ERROR_SSL(1): operation failed within the library


I am getting some SSL Errors (which are causing my project to stop/hang with no crash as I have a DispatchGroup waiting for the request), which I don't know how they are caused, what they are, or what to do about it.

I have read numerous pages roughly about this problem, but there are not much documentation or people having the same problem. I have tried changing the info.plist but that doesn't seem to have helped. Both plist's look like this: (accounts.spotify.com is the domain for the URL of the access token request)

enter image description here

I can see that my code is failing when I make a request to the server. (This is in my framework). As mentioned earlier, I have a DispatchGroup waiting for this request but the code stops.

self.currentToken = try self.spotifyRequest("https://accounts.spotify.com/api/token", method: .post, parameters: parameters)

My request method:

private func spotifyRequest(_ url: URLConvertible, method: HTTPMethod, parameters: Parameters? = nil, headers: HTTPHeaders? = nil) throws -> JSONStandard {
    // Create a dispatch group to handle threads
    let group = DispatchGroup()
    group.enter()

    // Status of the request (starts as nil)
    var status: JSONStandard?


    DispatchQueue.global(qos: .userInitiated).async {
        Alamofire.request(url, method: method, parameters: parameters, headers: headers).responseJSON(completionHandler: { response in
            // Check if response is valid
            if let requestResponse = response.result.value as? JSONStandard {
                status = requestResponse
            } else {
                status = nil
            }

            // Let the next tasks be completed, it has finished waiting for the request
            group.leave()
        })
    }


    // Wait for a result
    group.wait()

    // Return value or throw an error
    if let safeStatus = status {
        return safeStatus
    } else {
        getAccessToken()
        throw SpotifyError.failedToCompleteRequest
    }
}

I'm not exactly sure what caused the problem, because all I did was slightly edit and archive the framework again.

However, earlier it worked on both (as I am using this universal framework script)

Here is my crash log (which I can't understand any of!):

2018-08-18 21:36:45.747984+0100 Songvote[4854:1517160] [BoringSSL] boringssl_session_errorlog(224) [C2.1:2][0x107d7c600] [boringssl_session_read] SSL_ERROR_SSL(1): operation failed within the library

2018-08-18 21:36:45.748123+0100 Songvote[4854:1517160] [BoringSSL] boringssl_session_handshake_error_print(205) [C2.1:2][0x107d7c600] 4427428040:error:100000d7:SSL routines:OPENSSL_internal:SSL_HANDSHAKE_FAILURE:/BuildRoot/Library/Caches/com.apple.xbs/Sources/boringssl/boringssl-109.200.32/ssl/ssl_lib.cc:1081:

2018-08-18 21:36:45.748238+0100 Songvote[4854:1517160] [BoringSSL] boringssl_session_errorlog(224) [C2.1:2][0x107d7c600] [boringssl_session_read] SSL_ERROR_SSL(1): operation failed within the library

2018-08-18 21:36:45.748432+0100 Songvote[4854:1517160] [BoringSSL] boringssl_session_handshake_error_print(205) [C2.1:2][0x107d7c600] 4427428040:error:100000d7:SSL routines:OPENSSL_internal:SSL_HANDSHAKE_FAILURE:/BuildRoot/Library/Caches/com.apple.xbs/Sources/boringssl/boringssl-109.200.32/ssl/ssl_lib.cc:1081:

2018-08-18 21:36:45.754554+0100 Songvote[4854:1517160] [BoringSSL] boringssl_session_errorlog(224) [C2.1:2][0x107d7c600] [boringssl_session_read] SSL_ERROR_SSL(1): operation failed within the library

2018-08-18 21:36:45.754640+0100 Songvote[4854:1517160] [BoringSSL] boringssl_session_handshake_error_print(205) [C2.1:2][0x107d7c600] 4427428040:error:100000d7:SSL routines:OPENSSL_internal:SSL_HANDSHAKE_FAILURE:/BuildRoot/Library/Caches/com.apple.xbs/Sources/boringssl/boringssl-109.200.32/ssl/ssl_lib.cc:1081:

2018-08-18 21:36:45.754717+0100 Songvote[4854:1517160] [BoringSSL] boringssl_session_errorlog(224) [C2.1:2][0x107d7c600] [boringssl_session_read] SSL_ERROR_SSL(1): operation failed within the library

2018-08-18 21:36:45.754796+0100 Songvote[4854:1517160] [BoringSSL] boringssl_session_handshake_error_print(205) [C2.1:2][0x107d7c600] 4427428040:error:100000d7:SSL routines:OPENSSL_internal:SSL_HANDSHAKE_FAILURE:/BuildRoot/Library/Caches/com.apple.xbs/Sources/boringssl/boringssl-109.200.32/ssl/ssl_lib.cc:1081:

2018-08-18 21:38:43.427156+0100 Songvote[4854:1517503] [BoringSSL] nw_protocol_boringssl_get_output_frames(1301) [C1.1:2][0x107e1b4c0] get output frames failed, state 8196

2018-08-18 21:38:43.427656+0100 Songvote[4854:1517503] [BoringSSL] nw_protocol_boringssl_get_output_frames(1301) [C1.1:2][0x107e1b4c0] get output frames failed, state 8196

2018-08-18 21:38:43.429723+0100 Songvote[4854:1517503] TIC Read Status [1:0x0]: 1:57

2018-08-18 21:38:43.429976+0100 Songvote[4854:1517503] TIC Read Status [1:0x0]: 1:57

2018-08-18 21:38:46.008365+0100 Songvote[4854:1517503] [BoringSSL] nw_protocol_boringssl_get_output_frames(1301) [C2.1:2][0x107d7c600] get output frames failed, state 8196

2018-08-18 21:38:46.008664+0100 Songvote[4854:1517503] [BoringSSL] nw_protocol_boringssl_get_output_frames(1301) [C2.1:2][0x107d7c600] get output frames failed, state 8196

2018-08-18 21:38:46.010037+0100 Songvote[4854:1517503] TIC Read Status [2:0x0]: 1:57

2018-08-18 21:38:46.010215+0100 Songvote[4854:1517503] TIC Read Status [2:0x0]: 1:57

enter image description here

This is all for a Spotify request through Alamofire which previously worked and now mysteriously doesn't. It does not work on my device OR the simulator.

Is this a problem relating to secure internet connections? Or is this another problem?

Some links to what I have looked at:

Edits:

Is this a problem on Spotify's servers? Or a bug in Xcode 10? I moved my framework .swift files to my project, and still get the logs.

I also get these errors before my request, strange 🤔.

This is what a handshake error is, but I don't do any configuring of this:

The SSL handshake is initiated when your browser issues a secure connection request to a Web server. The server sends a public key to your computer, and your computer checks the certificate against a known list of certificate authorities. ... Test your SSL functionality by intentionally causing the handshake to fail.

I even tried checkout on an earlier version to reverse all changes (which definitely worked completely fine in earlier versions) using git, which had no affect on this.


Edit: The temporary solution:

It appears as though iOS 12 no longer works with these network requests. I sent a bug report to Apple 2 days ago, so hopefully they will fix this soon. So what did I do?

Well, for now, my iPhone 7 is useless as I am on iOS 12 beta. So the only option for now is to run my project on the simulator. To do this (as if you are in Xcode 10 beta because the simulators are iOS 12), go to Xcode -> Preferences -> Components -> iOS 11.4 Simulator and then download it. Now, when you select a simulator, select the ones that say iOS 11.4.


What causes this?

Although this error should not effect anything, it is caused when you run your project in iOS 12. As far as I know, this is NOT a security issue. However, my problem of my code not running was caused by a deadlock instead of what I thought to be was because of this error.

Update: What Apple has done about my bug report

Well, although I didn't receive a message or anything from Apple, the report is marked as a 'duplicate' as someone else had reported this before me. If I get any information about when it will be fixed, I will update it here.


If you have any questions, tips or pointers, please let me know! Thanks in advance!


Solution

  • Deadlock

    I assume spotifyRequest will be called on the main thread.

    So if the main thread reaches the line

    group.wait()
    

    and this line of responseJSON completionHandler was not called yet:

    group.leave()
    

    then the main thread is blocked due to the call of group.wait() above. Due to the blocked main thread group.leave() can't be called. Classical deadlock.

    Verfication

    Setting a breakpoint to the line

    if let safeStatus = status {
    

    shows that this line is never called.

    Minimal Example that is running

    As a starting point here the code for a minimal example that delivers a result.

    import UIKit
    import Alamofire
    
    class ViewController: UIViewController {
    
        override func viewDidLoad() {
            super.viewDidLoad()
    
            self.contactSpotify {
                print ("result: \(String(describing: $0)) error: \(String(describing: $1))")
            }
        }
    
        func contactSpotify(completion: @escaping ([String: Any]?, Error?) -> Void) {
            let url = URL(string: "https://accounts.spotify.com/api/token")!
            Alamofire.request(url,
                              method: .post,
                              parameters: ["grant_type": "refresh_token",
                                           "client_id": "<someClientId>",
                                           "refresh_token": "<someRefreshToken>",
                                           "client_secret": "<someClientSecret>"])
                .validate()
                .responseJSON { response in
                    guard response.result.isSuccess else {
                        completion(nil, response.result.error)
                        return
                    }
    
                    completion(response.result.value as? [String: Any], nil)
            }
        }
    
    }
    

    This gives as output in the console:

    result: Optional(["access_token": XXX, "scope": user-read-email user-read-private, "token_type": Bearer, "expires_in": 3600]) error: nil
    

    see Screenshot: console output

    ATS Settings in info.plist

    Spotify offers a valid TLS certificate chain on their server. So there is no need for ATS settings in info.plist.

    SSL Warnings in Console

    I get the same SSL warnings in the console when I run the application on an iOS 12 simulator like you. Nonetheless the connection is established and the request delivers data. Perhaps this is gone in one of the next betas.