Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[androidtv] Upgrade Bouncy Castle to 1.78 #16781

Merged
merged 1 commit into from
May 25, 2024
Merged

[androidtv] Upgrade Bouncy Castle to 1.78 #16781

merged 1 commit into from
May 25, 2024

Conversation

jlaur
Copy link
Contributor

@jlaur jlaur commented May 20, 2024
edited
Loading

@jlaur
Upgrade bouncycastle to 1.78
c66d7c9 
Signed-off-by: Jacob Laursen <jacob-github@vindvejr.dk>
@jlaur jlaur added security additional testing preferred The change works for the pull request author. A test from someone else is preferred though. labels May 20, 2024
@jlaur jlaur requested a review from morph166955 as a code owner May 20, 2024 21:51
@jlaur jlaur changed the title [androidtv] Upgrade bouncycastle to 1.78 [androidtv] Upgrade Bouncy Castle to 1.78 May 20, 2024
morph166955
morph166955 approved these changes May 21, 2024
View reviewed changes
Copy link
Contributor

@morph166955 morph166955 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@jlaur
Copy link
Contributor Author

jlaur commented May 21, 2024

@morph166955 - are you able to test this? I just tried, but I cannot get the binding to work for the time being with or without the upgrade:

Trace logs 
2024-05-21 20:42:16.863 [INFO ] [el.core.internal.ModelRepositoryImpl] - Loading model 'androidtv.things'
2024-05-21 20:42:16.897 [TRACE] [l.googletv.GoogleTVConnectionManager] - office - Initializing SSL Context
2024-05-21 20:42:16.900 [DEBUG] [l.googletv.GoogleTVConnectionManager] - office - Opening GoogleTV SSL connection to 192.168.0.72:6466 NORMAL
2024-05-21 20:42:16.988 [DEBUG] [l.googletv.GoogleTVConnectionManager] - Assuming server certificate is valid
2024-05-21 20:42:16.989 [TRACE] [l.googletv.GoogleTVConnectionManager] - Subject DN: CN=atvremote/sabrina_prod_stable/sabrina/Chromecast/00:00:00:00:00:00
2024-05-21 20:42:16.989 [TRACE] [l.googletv.GoogleTVConnectionManager] - Issuer DN: CN=atvremote/sabrina_prod_stable/sabrina/Chromecast/00:00:00:00:00:00
2024-05-21 20:42:16.989 [TRACE] [l.googletv.GoogleTVConnectionManager] - Serial number: xxx
2024-05-21 20:42:16.989 [DEBUG] [l.googletv.GoogleTVConnectionManager] - Returning empty certificate for getAcceptedIssuers
2024-05-21 20:42:16.997 [DEBUG] [l.googletv.GoogleTVConnectionManager] - office - Connection to 192.168.0.72:6466 NORMAL successful
2024-05-21 20:42:16.997 [TRACE] [nternal.AndroidTVTranslationProvider] - Translated: offline.initializing as Initializing
2024-05-21 20:42:16.997 [TRACE] [l.googletv.GoogleTVConnectionManager] - office - Starting Reader Thread for 192.168.0.72:6466
2024-05-21 20:42:16.998 [TRACE] [l.googletv.GoogleTVConnectionManager] - office - Starting Sender Thread for 192.168.0.72:6466
2024-05-21 20:42:16.998 [TRACE] [l.googletv.GoogleTVConnectionManager] - office - Checking for PIN MODE for 192.168.0.72:6466 NORMAL
2024-05-21 20:42:16.998 [TRACE] [l.googletv.GoogleTVConnectionManager] - office - Not PIN Mode 192.168.0.72:6466 NORMAL
2024-05-21 20:42:17.002 [DEBUG] [l.googletv.GoogleTVConnectionManager] - office - Message reader thread started 6466
2024-05-21 20:42:17.003 [DEBUG] [l.googletv.GoogleTVConnectionManager] - office - Command sender thread started 6466
2024-05-21 20:42:17.010 [TRACE] [nternal.AndroidTVTranslationProvider] - Translated: offline.pin-process-incomplete as PIN Process Incomplete
2024-05-21 20:42:17.010 [DEBUG] [l.googletv.GoogleTVConnectionManager] - office - GoogleTV PIN Process Incomplete
2024-05-21 20:42:17.010 [DEBUG] [l.googletv.GoogleTVConnectionManager] - office - startChildConnectionManager parent config: 6466 NORMAL false
2024-05-21 20:42:17.010 [DEBUG] [l.googletv.GoogleTVConnectionManager] - office - startChildConnectionManager child config: 6467 PIN false
2024-05-21 20:42:17.012 [TRACE] [l.googletv.GoogleTVConnectionManager] - office - Initializing SSL Context
2024-05-21 20:42:17.013 [DEBUG] [l.googletv.GoogleTVConnectionManager] - office - Message reader thread exiting 6466
2024-05-21 20:42:17.015 [DEBUG] [l.googletv.GoogleTVConnectionManager] - office - Opening GoogleTV SSL connection to 192.168.0.72:6467 PIN
2024-05-21 20:42:21.897 [DEBUG] [l.googletv.GoogleTVConnectionManager] - office - Device Health - Online: true - Logged In: false - Mode: NORMAL
2024-05-21 20:42:26.899 [DEBUG] [l.googletv.GoogleTVConnectionManager] - office - Device Health - Online: true - Logged In: false - Mode: NORMAL
2024-05-21 20:42:31.902 [DEBUG] [l.googletv.GoogleTVConnectionManager] - office - Device Health - Online: true - Logged In: false - Mode: NORMAL
2024-05-21 20:42:36.906 [DEBUG] [l.googletv.GoogleTVConnectionManager] - office - Device Health - Online: true - Logged In: false - Mode: NORMAL
2024-05-21 20:42:38.071 [TRACE] [nternal.AndroidTVTranslationProvider] - Translated: offline.error-opening-ssl-connection-check-log as Error opening SSL connection. Check log.
2024-05-21 20:42:38.071 [INFO ] [l.googletv.GoogleTVConnectionManager] - office - Error opening SSL connection to 192.168.0.72:6467 Connection timed out: connect
2024-05-21 20:42:38.071 [DEBUG] [l.googletv.GoogleTVConnectionManager] - office - Disconnecting GoogleTV
2024-05-21 20:42:38.072 [TRACE] [l.googletv.GoogleTVConnectionManager] - office - Scheduling GoogleTV connection retry in 60 seconds
2024-05-21 20:42:41.909 [DEBUG] [l.googletv.GoogleTVConnectionManager] - office - Device Health - Online: true - Logged In: false - Mode: NORMAL
2024-05-21 20:42:46.912 [DEBUG] [l.googletv.GoogleTVConnectionManager] - office - Device Health - Online: true - Logged In: false - Mode: NORMAL
2024-05-21 20:42:47.320 [TRACE] [al.console.AndroidTVCommandExtension] - Received CLI Command: androidtv:googletv:office pincode |||REQUEST|||
2024-05-21 20:42:47.321 [DEBUG] [al.console.AndroidTVCommandExtension] - Sending CLI Command to Handler: androidtv:googletv:office:pincode |||REQUEST|||
2024-05-21 20:42:47.321 [TRACE] [.androidtv.internal.AndroidTVHandler] - office - Command received at handler: pincode REQUEST
2024-05-21 20:42:47.321 [DEBUG] [l.googletv.GoogleTVConnectionManager] - office - Command received: pincode
2024-05-21 20:42:47.321 [DEBUG] [l.googletv.GoogleTVConnectionManager] - office - Command received: pincode

@morph166955
Copy link
Contributor

Did you do anything to reset your device or remove any of the files related to the PIN when updating the binding? I'm recompiling to double check right now.

@morph166955
Copy link
Contributor

My two nvidia shieldtv's came right up

2024-05-21 14:00:09.854 [DEBUG] [l.googletv.GoogleTVConnectionManager] - theater - Opening GoogleTV SSL connection to 10.255.0.21:6466 NORMAL
2024-05-21 14:00:09.887 [DEBUG] [l.googletv.GoogleTVConnectionManager] - Assuming server certificate is valid
2024-05-21 14:00:09.887 [DEBUG] [l.googletv.GoogleTVConnectionManager] - Returning empty certificate for getAcceptedIssuers
2024-05-21 14:00:09.892 [DEBUG] [l.googletv.GoogleTVConnectionManager] - theater - Connection to 10.255.0.21:6466 NORMAL successful
2024-05-21 14:00:09.895 [DEBUG] [l.googletv.GoogleTVConnectionManager] - theater - Message reader thread started 6466
2024-05-21 14:00:09.897 [DEBUG] [l.googletv.GoogleTVConnectionManager] - theater - Command sender thread started 6466
2024-05-21 14:00:09.906 [DEBUG] [l.shieldtv.ShieldTVConnectionManager] - theater - Opening ShieldTV SSL connection to 10.255.0.21:8987
2024-05-21 14:00:09.936 [DEBUG] [l.shieldtv.ShieldTVConnectionManager] - Assuming server certificate is valid
2024-05-21 14:00:09.939 [DEBUG] [l.googletv.GoogleTVConnectionManager] - livingroom - Opening GoogleTV SSL connection to 10.255.0.20:6466 NORMAL
2024-05-21 14:00:09.944 [DEBUG] [l.shieldtv.ShieldTVConnectionManager] - livingroom - Opening ShieldTV SSL connection to 10.255.0.20:8987
2024-05-21 14:00:09.963 [DEBUG] [l.shieldtv.ShieldTVConnectionManager] - Assuming server certificate is valid
2024-05-21 14:00:09.964 [DEBUG] [tocol.googletv.GoogleTVMessageParser] - theater - 0a5b08ff041256 "SHIELD Android TV" "NVIDIA" 11 com.google.android.tv.remote.service 5.2.473254133
2024-05-21 14:00:09.966 [DEBUG] [l.shieldtv.ShieldTVConnectionManager] - theater - Message reader thread started
2024-05-21 14:00:09.966 [DEBUG] [l.shieldtv.ShieldTVConnectionManager] - theater - Starting ShieldTV keepalive job with interval 5
2024-05-21 14:00:09.967 [DEBUG] [l.shieldtv.ShieldTVConnectionManager] - livingroom - Message reader thread started
2024-05-21 14:00:09.967 [DEBUG] [l.shieldtv.ShieldTVConnectionManager] - theater - Command sender thread started
2024-05-21 14:00:09.967 [DEBUG] [l.shieldtv.ShieldTVConnectionManager] - livingroom - Starting ShieldTV keepalive job with interval 5
2024-05-21 14:00:09.968 [INFO ] [tocol.googletv.GoogleTVMessageParser] - theater - Login Successful
2024-05-21 14:00:09.969 [DEBUG] [l.shieldtv.ShieldTVConnectionManager] - livingroom - Command sender thread started
2024-05-21 14:00:09.971 [DEBUG] [l.googletv.GoogleTVConnectionManager] - theater - Setting power to false
2024-05-21 14:00:09.973 [DEBUG] [l.googletv.GoogleTVConnectionManager] - Assuming server certificate is valid
2024-05-21 14:00:09.973 [DEBUG] [l.googletv.GoogleTVConnectionManager] - Returning empty certificate for getAcceptedIssuers
2024-05-21 14:00:09.975 [DEBUG] [l.googletv.GoogleTVConnectionManager] - livingroom - Connection to 10.255.0.20:6466 NORMAL successful
2024-05-21 14:00:09.976 [DEBUG] [l.googletv.GoogleTVConnectionManager] - livingroom - Message reader thread started 6466
2024-05-21 14:00:09.976 [DEBUG] [l.googletv.GoogleTVConnectionManager] - livingroom - Command sender thread started 6466
2024-05-21 14:00:09.990 [DEBUG] [tocol.shieldtv.ShieldTVMessageParser] - theater - Shield Hostname Encoded: [SHIELD] Theater
2024-05-21 14:00:10.016 [DEBUG] [tocol.googletv.GoogleTVMessageParser] - theater - Device Update: 92032108021002 "SHIELD Android TV" 02 0f 0e 00
2024-05-21 14:00:10.019 [DEBUG] [tocol.shieldtv.ShieldTVMessageParser] - livingroom - Shield Hostname Encoded: SHIELD Android TV
2024-05-21 14:00:10.019 [DEBUG] [tocol.googletv.GoogleTVMessageParser] - livingroom - 0a5b08ff041256 "SHIELD Android TV" "NVIDIA" 11 com.google.android.tv.remote.service 5.2.473254133
2024-05-21 14:00:10.021 [INFO ] [tocol.googletv.GoogleTVMessageParser] - livingroom - Login Successful
2024-05-21 14:00:10.028 [DEBUG] [tocol.googletv.GoogleTVMessageParser] - livingroom - Device Update: 92032108021002 "SHIELD Android TV" 02 0f 0c 00
2024-05-21 14:00:10.028 [DEBUG] [l.googletv.GoogleTVConnectionManager] - livingroom - Setting power to false
2024-05-21 14:00:10.036 [INFO ] [tocol.shieldtv.ShieldTVMessageParser] - theater - Login Successful to [SHIELD] Theater
2024-05-21 14:00:10.038 [DEBUG] [tocol.shieldtv.ShieldTVMessageParser] - theater - Hostname: [SHIELD] Theater - ipAddress: 10.255.0.21 - deviceId: a71adc7e2c16bfdc - arch: arm64-v8a,armeabi-v7a,armeabi
2024-05-21 14:00:10.060 [INFO ] [tocol.shieldtv.ShieldTVMessageParser] - livingroom - Login Successful to SHIELD Android TV
2024-05-21 14:00:10.061 [DEBUG] [tocol.shieldtv.ShieldTVMessageParser] - livingroom - Hostname: SHIELD Android TV - ipAddress:  - deviceId: c9f6a7db4d21dcf5 - arch: arm64-v8a,armeabi-v7a,armeabi

@morph166955
Copy link
Contributor

For transparancy, this is what I did:

git clone -b androidtv-bouncycastle https://github.com/jlaur/openhab-addons.git
cd openhab-addons/
mvn spotless:apply -pl :org.openhab.binding.androidtv && mvn -T 4 -Dspotless.check.skip=true clean install -pl :org.openhab.binding.androidtv
cp bundles/org.openhab.binding.androidtv/target/org.openhab.binding.androidtv-4.2.0-SNAPSHOT.jar /usr/share/openhab/addons/org.openhab.binding.androidtv-4.2.0-SNAPSHOT-16781.jar

@jlaur
Copy link
Contributor Author

jlaur commented May 21, 2024

Did you do anything to reset your device or remove any of the files related to the PIN when updating the binding? I'm recompiling to double check right now.

With a version compiled without the upgraded dependencies, I finally managed to get through the PIN process after disabling an Android TV Thing on my production system. I'm not sure if directly related or random - do you know if it's normal not being able to have more than one connection/authenticated client at a time? However, after going back to the version with upgraded dependencies, I have so far not managed to get the PIN code to display during the pairing process, but it might be rather random.

@morph166955
Copy link
Contributor

Sort of yes and sort of no. You can have two systems connect to the same device if you copy the certificates from one to the other after you finish the PIN process. That's how I'm setup here. I have my production OH connected for regular use and a second test system for dev. If you were to initiate the PIN process on a device it wipes the previous one out. This can cause issues both at the client and device side. The other thing that can break is if you have multiple things for the same device. We especially see this if someone for example configures a googletv and shieldtv or philipstv thing for the same device. I've also seen device side issues where it gets all locked up and the device needs to be rebooted. Also also, OH inside of docker can cause weird issues as well (although most of those are fixed I think).

@jlaur
Copy link
Contributor Author

jlaur commented May 21, 2024

@morph166955 - I finally tried to do all these three things at the same time:

  • Restart Google TV
  • Restart binding
  • Delete directory userdata/androidtv

After this I was able to successfully complete the pairing again. So indeed it works, maybe the binding or the Google TV got too confused with everything I was doing. 🙂

@jlaur jlaur removed the additional testing preferred The change works for the pull request author. A test from someone else is preferred though. label May 21, 2024
@jlaur jlaur requested a review from a team May 21, 2024 19:17
@morph166955
Copy link
Contributor

morph166955 commented May 21, 2024
edited
Loading

Awesome. Yeah rebooting the device probably was the kicker there. I've had to do that many times in the dev process. They absolutely crash. The code on the device side is actually really flaky since it's really only meant to be used by someone who wants to connect a phone to their device for remote control purposes. We WAY over drive the intended use of the protocol stack with this binding (although it seems mostly stable).

This was referenced May 21, 2024
Closed
Closed
@lsiepel lsiepel merged commit 848667e into openhab:main May 25, 2024
5 checks passed
@lsiepel lsiepel added this to the 4.2 milestone May 25, 2024
LeeC77 pushed a commit to LeeC77/openhab-addons that referenced this pull request May 27, 2024
@jlaur @LeeC77
Upgrade bouncycastle to 1.78 (openhab#16781)
9b57357 
Signed-off-by: Jacob Laursen <jacob-github@vindvejr.dk>
Signed-off-by: LeeC77 <lee.charlton00@gmail.com>
@jlaur jlaur mentioned this pull request Jun 9, 2024
Merged
@jlaur jlaur added the regression Regression that happened during the development of a release. Not shown on final release notes. label Jun 10, 2024
@jlaur jlaur mentioned this pull request Jun 10, 2024
Merged
@jlaur jlaur deleted the androidtv-bouncycastle branch June 15, 2024 19:54
psmedley pushed a commit to psmedley/openhab-addons that referenced this pull request Jun 15, 2024
@jlaur @psmedley
Upgrade bouncycastle to 1.78 (openhab#16781)
16e5779 
Signed-off-by: Jacob Laursen <jacob-github@vindvejr.dk>
Signed-off-by: Paul Smedley <paul@smedley.id.au>
pgfeller pushed a commit to pgfeller/openhab-addons that referenced this pull request Sep 29, 2024
@jlaur @pgfeller
Upgrade bouncycastle to 1.78 (openhab#16781)
9922e5e 
Signed-off-by: Jacob Laursen <jacob-github@vindvejr.dk>
Signed-off-by: Patrik Gfeller <patrik.gfeller@proton.me>
joni1993 pushed a commit to joni1993/openhab-addons that referenced this pull request Oct 15, 2024
@jlaur @joni1993
Upgrade bouncycastle to 1.78 (openhab#16781)
a9d9f98 
Signed-off-by: Jacob Laursen <jacob-github@vindvejr.dk>
matchews pushed a commit to matchews/openhab-addons that referenced this pull request Oct 18, 2024
@jlaur @matchews
Upgrade bouncycastle to 1.78 (openhab#16781)
59a0ee3 
Signed-off-by: Jacob Laursen <jacob-github@vindvejr.dk>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lsiepel lsiepel lsiepel approved these changes

@morph166955 morph166955 morph166955 approved these changes

Assignees
No one assigned
Labels
regression Regression that happened during the development of a release. Not shown on final release notes. security
Projects
None yet
Milestone
4.2
Development

Successfully merging this pull request may close these issues.
3 participants
@jlaur @morph166955 @lsiepel