Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

An error has occurred with Pandora. [Try Again] - Internal Pandora error #340

Closed
ljcatlin opened this issue Aug 8, 2018 · 26 comments
Closed

An error has occurred with Pandora. [Try Again] - Internal Pandora error #340

ljcatlin opened this issue Aug 8, 2018 · 26 comments

Comments

@ljcatlin
Copy link

ljcatlin commented Aug 8, 2018

I've not used the app since last Friday and starting today when I try to launch it I get the error message above. I've tried reinstalling, but that doesn't correct the issue.
@jbone1210
Copy link

I have the same issue and have tried reinstalling as well.

Did Pandora shut it down?

@jeffpasch
Copy link

same here.

@charleshimmer
Copy link

Used it everyday and then on Wednesday it just stopped working. It feels like maybe Pandora somehow blocked it.

@RocketGS
Copy link

Just downloaded this app and I'm getting this same issue. Bummer!

@inieves
Copy link

inieves commented Aug 10, 2018

Im getting the same issue.

i have contacts over at Pandora... should I contact them?

Log attached:

HermesAppDelegate.m:195 -[HermesAppDelegate applicationDidFinishLaunching:] Starting in debug mode. Log file: /Users/inieves/Library/Logs/Hermes/HermesLog_2018-08-10_12:49:11_-0400.log
Pandora.m:290 -[Pandora doPartnerLogin:] Getting partner ID...
Pandora.m:823 -[Pandora sendRequest:] https://tuner.pandora.com/services/json/?method=auth.partnerLogin&partner_id=&auth_token=&user_id=
Pandora.m:823 -[Pandora sendRequest:] https://tuner.pandora.com/services/json/?method=auth.userLogin&partner_id=42&auth_token=VADEjNzUq9Ew9%2BIlY%2BmhA%2BN08yGZjtcuma&user_id=
Pandora.m:270 -[Pandora doUserLogin:password:callback:]_block_invoke Subscriber status: 1
Pandora.m:275 -[Pandora doUserLogin:password:callback:]_block_invoke Subscriber detected, re-logging-in...
Pandora.m:290 -[Pandora doPartnerLogin:] Getting partner ID...
Pandora.m:823 -[Pandora sendRequest:] https://internal-tuner.pandora.com/services/json/?method=auth.partnerLogin&partner_id=&auth_token=&user_id=
HermesAppDelegate.m:713 -[HermesAppDelegate handlePandoraError:] error received {
error = "The operation couldn\U2019t be completed. (OSStatus error -9807.)";
request = "<PandoraRequest 0x60400029e410 auth.partnerLogin>";
}

@RGerboth
Copy link

Looks like maybe Pandora locked Hermes out. Same issue on brand-new install.

@ryanbeymer
Copy link

I was poking around.... looks like their wildcard cert is busted.

@nobecutan
Copy link

nobecutan commented Aug 11, 2018 via email

@nobecutan
Copy link

nobecutan commented Aug 11, 2018 via email

@ryanbeymer
Copy link

Yep walked through it, works for me. Thx @nobecutan #337 (comment)

@inieves
Copy link

inieves commented Aug 11, 2018

Also worked for me, thanks! Does this need to become part of usage instructions or some FAQ? Or a popup? Thanks @nobecutan #337 (comment)

@charleshimmer
Copy link

charleshimmer commented Aug 11, 2018
edited
Loading

Worked for me! Thanks @nobecutan!

@ZevEisenberg
Copy link

How wise is it to manually trust certs that have been marked as untrusted by Apple and Google? Can we trust them only for pandora.com URLs?

@nriley
Copy link
Contributor

nriley commented Aug 13, 2018 via email

@DanielStormApps DanielStormApps mentioned this issue Aug 17, 2018
Closed
@DanielStormApps
Copy link

Created a PR if anyone would like to help test #341

@ghost
Copy link

ghost commented Aug 25, 2018

sounds like a change in the auth pattern

@nriley
Copy link
Contributor

nriley commented Aug 26, 2018
edited
Loading

I can just turn things off completely (30497ad) which does work, but want to do a better job. SecureTransport has defeated me today with its inscrutable documentation. If anyone can help with pinning the cert or CA, that'd be awesome.

@foliovision
Copy link

foliovision commented Aug 27, 2018
edited
Loading

In the meantime, what makes Hermes work with no fussing around with certificates is to open the normal Pandora app (2.0.10 on my computer) and pause it. If you have Hermes open it will start to work once Pandora's native app starts working once. You must leave the Pandora app open and paused though.

I prefer Hermes not only for the efficient interface but for the LastFM scrobbling. Last.FM has been kind of a favourites list of last resort for awhile when listening across Deezer, Tidal, Pandora, Soma FM and any other service I try. Thanks to Soundiiz (annual subscription for full feature set, free one off migrations), it's possible to convert and amalgamate favourite track, artist and album listings across services with relatively minimal hassle (you have to be a bit of a geek to get along with Soundiiz still).

This works even when running Pandora over a site specific VPN for Hermes. My guide for the site specific VPN, still works, I had to re-use the guide myself today as I've been listening to a lot of SomaFM (West Coast 70's and Lush are awesome free channels, donated there too though). With Clementine app (GPL) you get an easy to use and fast to start interface for digital channels (outside the browser), along with Last.fm scrobbling. I mention Clementine as many of those who admire Hermes like I do might like Clementine too.

@nriley
Copy link
Contributor

nriley commented Sep 1, 2018
edited
Loading

More digging this weekend — I found a post that suggests SSLSetCertificate can be used to replace/add a root cert, but this isn't working (and it really looks like it's more designed for client certificate-based authentication). I still get "CFNetwork SSLHandshake failed (-9807)".

Another option (which I'm pretty sure would work) is replacing cert validation via kSSLSessionOptionBreakOnServerAuth but I don't think I can intercept the SSLHandshake because it's called from the guts of CFNetwork:

* thread #1, queue = 'com.apple.main-thread', stop reason = breakpoint 1.1
  * frame #0: 0x00007fff5237d266 Security`SSLHandshake
    frame #1: 0x00007fff45894c20 CFNetwork`SocketStream::_PerformSecurityHandshake_NoLock() + 732
    frame #2: 0x00007fff458943fe CFNetwork`SocketStream::socketCallback(__CFSocket*, unsigned long, __CFData const*, void const*) + 272
    frame #3: 0x00007fff458942b2 CFNetwork`SocketStream::_SocketCallBack_stream(__CFSocket*, unsigned long, __CFData const*, void const*, void*) + 70
    frame #4: 0x00007fff469de54c CoreFoundation`__CFSocketPerformV0 + 1080
    frame #5: 0x00007fff46942405 CoreFoundation`__CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
    frame #6: 0x00007fff469423ab CoreFoundation`__CFRunLoopDoSource0 + 108
    frame #7: 0x00007fff46925e51 CoreFoundation`__CFRunLoopDoSources0 + 195
    frame #8: 0x00007fff469253fa CoreFoundation`__CFRunLoopRun + 1219
    frame #9: 0x00007fff46924ce4 CoreFoundation`CFRunLoopRunSpecific + 463
    frame #10: 0x00007fff45bbe895 HIToolbox`RunCurrentEventLoopInMode + 293
    frame #11: 0x00007fff45bbe5cb HIToolbox`ReceiveNextEventCommon + 618
    frame #12: 0x00007fff45bbe348 HIToolbox`_BlockUntilNextEventMatchingListInModeWithFilter + 64
    frame #13: 0x00007fff43e7b8df AppKit`_DPSNextEvent + 997
    frame #14: 0x00007fff43e7a67e AppKit`-[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 1362
    frame #15: 0x00007fff43e746e1 AppKit`-[NSApplication run] + 699
    frame #16: 0x00007fff43e63e1b AppKit`NSApplicationMain + 780
    frame #17: 0x0000000100005c22 Hermes`main(argc=3, argv=0x00007ffeefbff4b8) at main.m:9
    frame #18: 0x00007fff738fa0a1 libdyld.dylib`start + 1
    frame #19: 0x00007fff738fa0a1 libdyld.dylib`start + 1

The most appropriate solution seems to be to migrate URLConnection to wrap NSURLSession rather than CFHTTP (which is deprecated). Another option would be to use SSLRead/SSLWrite but that seems like the wrong way to go.

@sandinak
Copy link

sandinak commented Sep 5, 2018
edited
Loading

imported the cert as noted in #337 and still getting internal error. After doing some digging I found it's failing because the intermediate is also marked as not trusted. I imported the cert and intermediate from internal-tuner.pandora.com, I marked it as trusted temporarily and that resolved the issue; however not happy with having to do that. I know it's pandora's issue .. but meh .. it's dirty.

@nriley
Copy link
Contributor

nriley commented Sep 5, 2018 via email
edited
Loading

@inieves
Copy link

inieves commented Sep 5, 2018 via email

@tomlogic tomlogic mentioned this issue Sep 14, 2018
Closed
@haozhang96 haozhang96 mentioned this issue Sep 23, 2018
Open
@haozhang96
Copy link

imported the cert as noted in #337 and still getting internal error. After doing some digging I found it's failing because the intermediate is also marked as not trusted. I imported the cert and intermediate from internal-tuner.pandora.com, I marked it as trusted temporarily and that resolved the issue; however not happy with having to do that. I know it's pandora's issue .. but meh .. it's dirty.

This did it for me. Thanks!

@tomlogic
Copy link

I was able to do it by importing and trusting just the cert from https://internal-tuner.pandora.com/ which I had not realized was a different cert from https://tuner.pandora.com/ (which I had previously imported). They're both wildcard certs, but with different expiration times.

@andrewrphillips
Copy link

@tomlogic This did it for me!

@nriley
Copy link
Contributor

nriley commented Sep 29, 2018

Merging this with #337 as it's the same issue.

@nriley nriley closed this as completed Sep 29, 2018
@tomlogic tomlogic mentioned this issue Jun 15, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests