Android dev Android dev - 21 days ago 5
Android Question

SSLException due uploading item for Amazon service

I upload my file to aws service from android. I configured it like this:

AwsMetadata awsMetadata = resultData.getParcelable(Params.CommandMessage.EXTRA_MESSAGE);
AWSCredentials awsCredentials = new BasicAWSCredentials(
awsMetadata.getAccountId(),
awsMetadata.getSecretKey()
);
// set up region
TransferManager transferManager = new TransferManager(awsCredentials);
Region region = Region.getRegion(Regions.fromName(awsMetadata.getRegionEndpoint()));
transferManager.getAmazonS3Client().setRegion(region);


final MediaItem mediaItem = datasource.get(0);
Log.d(App.TAG, "File is exists: "
+ mediaItem.getContentUri() + " "
+ new File(mediaItem.getContentUri()).exists());

// prepare file for upload
PutObjectRequest putObjectRequest = new PutObjectRequest(
awsMetadata.getBucketName(),
awsMetadata.getSecretKey(),
new File(mediaItem.getContentUri())
);


Log.d(App.TAG, "Total data: " + mediaItem.getSize());
Upload upload = transferManager.upload(putObjectRequest, new S3ProgressListener() {

private int totalTransfered = 0;

@Override
public void onPersistableTransfer(PersistableTransfer persistableTransfer) {
}

@Override
public void progressChanged(ProgressEvent progressEvent) {

Log.d(App.TAG, "Bytes are transferred: " + progressEvent.getBytesTransferred());
totalTransfered += progressEvent.getBytesTransferred();
long totalSize = mediaItem.getSize();
Log.d(App.TAG, "Total transferred: " + ((totalTransfered / totalSize) * 100) + " percent");
}
});
}


And I got SSLException:

06-01 11:45:00.712 5182-5768/com.home I/AmazonHttpClient´╣Ľ Unable to execute HTTP request: Write error: ssl=0xb4bb3600: I/O error during system call, Connection reset by peer
javax.net.ssl.SSLException: Write error: ssl=0xb4bb3600: I/O error during system call, Connection reset by peer
at com.android.org.conscrypt.NativeCrypto.SSL_write(Native Method)
at com.android.org.conscrypt.OpenSSLSocketImpl$SSLOutputStream.write(OpenSSLSocketImpl.java:765)
at com.android.okio.Okio$1.write(Okio.java:70)
at com.android.okio.RealBufferedSink.emitCompleteSegments(RealBufferedSink.java:116)
at com.android.okio.RealBufferedSink.write(RealBufferedSink.java:44)
at com.android.okhttp.internal.http.HttpConnection$FixedLengthSink.write(HttpConnection.java:291)
at com.android.okio.RealBufferedSink.emitCompleteSegments(RealBufferedSink.java:116)
at com.android.okio.RealBufferedSink$1.write(RealBufferedSink.java:131)
at com.amazonaws.http.UrlHttpClient.write(UrlHttpClient.java:155)
at com.amazonaws.http.UrlHttpClient.createConnection(UrlHttpClient.java:143)
at com.amazonaws.http.UrlHttpClient.execute(UrlHttpClient.java:60)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:353)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:196)
at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:4234)
at com.amazonaws.services.s3.AmazonS3Client.putObject(AmazonS3Client.java:1644)
at com.amazonaws.mobileconnectors.s3.transfermanager.internal.UploadCallable.uploadInOneChunk(UploadCallable.java:134)
at com.amazonaws.mobileconnectors.s3.transfermanager.internal.UploadCallable.call(UploadCallable.java:126)
at com.amazonaws.mobileconnectors.s3.transfermanager.internal.UploadMonitor.upload(UploadMonitor.java:182)
at com.amazonaws.mobileconnectors.s3.transfermanager.internal.UploadMonitor.call(UploadMonitor.java:140)
at com.amazonaws.mobileconnectors.s3.transfermanager.internal.UploadMonitor.call(UploadMonitor.java:54)
at java.util.concurrent.FutureTask.run(FutureTask.java:237)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)
at java.lang.Thread.run(Thread.java:818)


Happens on Android 4.3 and 4.4

com.amazonaws.services.s3.model.AmazonS3Exception: There were headers present in the request which were not signed (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: 06CAF94ADEFE242E), S3 Extended Request ID: ouMiu+15fshPnT9uz95T3Drj+Gea3gI1c+Rj34BhcSCzbIH2ypOeK9yvIlNCxbxt


Amazon SDK uses it's own client and it should be configured properly from the box.

What is the reason for this beahaviour?

Answer

There is a bug in the SDK where certain headers aren't signed. It will affect S3 in some regions, e.g. Frankfurt (eu-central-1) and China (cn-north-1), where sigv4 is required.

AWS SDK for Android v2.2.2 is out http://aws.amazon.com/releasenotes/4067314458888112. This release addresses the sigv4 signing issue with S3. Check it out at http://aws.amazon.com/mobile/sdk/.