BoringSSL Error when I compile my App in Xcode 9

Question

Created Sep ’17

Replies 4

Boosts 0

Views 9.3k

Participants 2

I made an App with "Google Firebase" as my back-end.

I want my App to be able to send push notifications, and actually, I have all setted up, however, when I compile my App, it builds perfectly and without errors and warnings, but in the console, this error appears:

[BoringSSL] Function boringssl_context_get_peer_sct_list: line 1754 received sct extension length is less than sct data length

And then, I send a push notification from "Google Firebase" to my app, but it never recieves it. I don't know how to handle this error. Has anyone had the same issue?

I'm using Xcode 9 GM Seed / Build: 9A235. My device is an iPhone 6 with iOS 11.

Here I leave the complete sentence that appears in the console, appart from the error:

2017-09-14 09:39:17.042434+0200 pushApp[288:15360] [Firebase/Analytics][I-ACS023007] Firebase Analytics v.40003000 started
2017-09-14 09:39:17.111 pushApp[288] <Notice> [Firebase/Analytics][I-ACS023007] Firebase Analytics v.40003000 started 2
017-09-14 09:39:17.111336+0200 pushApp[288:15360] [Firebase/Analytics][I-ACS023008] To enable debug logging set the following application argument: -FIRAnalyticsDebugEnabled (see http:/ 2017-09-14 09:39:17.113 pushApp[288] <Notice> [Firebase/Analytics][I-ACS023008] To enable debug logging set the following application argument: -FIRAnalyticsDebugEnabled (see http:/
2017-09-14 09:39:17.249119+0200 pushApp[288:15366] [BoringSSL] Function boringssl_context_get_peer_sct_list: line 1754 received sct extension length is less than sct data length
Token: diArDpk_ugc:APA91bEEhAnZJlSr8nGUyGqGn8bSbxD3VpGAbIMoCLREBqeD2bkQcOVlpZJecc5g0ptosLtxpVOqboeIKiX7odWf28p551f0m1G_no-sAmNzXKAgSIM4nOtkNJJCMWJO1LJ6ItsYlgX2 2017-09-14 09:39:17.287687+0200 pushApp[288:15271] refreshPreferences: HangTracerEnabled: 1
2017-09-14 09:39:17.287784+0200 pushApp[288:15271] refreshPreferences: HangTracerDuration: 500 2017-09-14 09:39:17.287825+0200 pushApp[288:15271] refreshPreferences: ActivationLoggingEnabled: 0 ActivationLoggingTaskedOffByDA:0 2017-09-14 09:39:17.393859+0200 pushApp[28
8:15371] TIC Read Status [1:0x0]: 1:57 2017-09-14 09:39:17.394711+0200 pushApp[288:15371] TIC Read Status [1:0x0]: 1:57
2017-09-14 09:40:40.132473+0200 pushApp[288:15751] TIC Read Status [2:0x0]: 1:57
2017-09-14 09:40:40.132573+0200 pushApp[288:15751] TIC Read Status [2:0x0]: 1:57

Best Regards,

Gerard Riera Puig.

Boost

Answer 1

DTS Engineer OP

Apple

Sep ’17

I’d like to clarify the overall flow of your app. It seems that you have two things in play:

Someone is making an outgoing TLS connection, which is what’s generated the
```
boringssl_context_get_peer_sct_list
```
log message you’re worried about.
You’re having problems sending push notifications to your app.

How are these related? You wrote:

And then, I send a push notification from "Google Firebase" to my app, but it never recieves it.

Are you sending the push from within your app? Or from a management console? If it’s the latter than your app’s inability to make outgoing TLS connections doesn’t seem like it’d be related.

Regardless, if you want to find out what’s going on with the

boringssl_context_get_peer_sct_list

log message you’ll need to track down the code that’s making the outgoing TLS connection that’s logging that message.

Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

0

Answer 2

Gerard Riera Puig OP

Sep ’17

Well met Eskimo,

About your points:

Someone is making an outgoing TLS connection, which is what’s generated the

boringssl_context_get_peer_sct_list
log message you’re worried about.

Yes, I'm doing a TLS connection using Google's Firebase Cloud Messaging tool.

I got everything setted up. I have all of the certificates both in back-end and front-end well configured, and if I go to my App in Xcode and I go to "Capabilities", I have the "Notifications" Switch turned to "ON" and all of those two steps are correctly checked:

✅Add the Push Notifications feature to your App ID.

✅Add the Push Notifications entitlement to your entitlements file.

And this is the code I have on my "AppDelegate.swift" file:

import UIKit
import Firebase
import UserNotifications


@UIApplicationMain
class AppDelegate: UIResponder, UIApplicationDelegate, UNUserNotificationCenterDelegate {


    var window: UIWindow?


    func application(_ application: UIApplication, didFinishLaunchingWithOptions launchOptions:[UIApplicationLaunchOptionsKey: Any]?) -> Bool {
     
        // Override point for customization after application launch.
        FirebaseApp.configure()
     
        // For iOS 11 display notification (sent via APNS)
        UNUserNotificationCenter.current().delegate = self
     
        let authOptions: UNAuthorizationOptions = [.alert, .badge, .sound]
        UNUserNotificationCenter.current().requestAuthorization(
            options: authOptions,
            completionHandler: {_, _ in })
     
        application.registerForRemoteNotifications()
     
        if let token = InstanceID.instanceID().token() {
            print ("Token: \(token)")
        }
     
        return true
    }

Sincerely, I don't know what I'm missing.

Are you sending the push from within your app? Or from a management console? If it’s the latter than your app’s inability to make outgoing TLS connections doesn’t seem like it’d be related.

I'm sending a push notification from my Google's Firebase console.

Regardless, if you want to find out what’s going on with the

boringssl_context_get_peer_sct_list
log message you’ll need to track down the code that’s making the outgoing TLS connection that’s logging that message.

How can I do that backtracking? To be sincere, I'm a completely novice with Xcode 9 & Swift 4.

Best Regards,

Gerard Riera Puig.

0

Answer 3

DTS Engineer OP

Apple

Sep ’17

How can I do that backtracking?

One option would be to set a symbolic breakpoint on

boringssl_context_get_peer_sct_list

. If you then look at the thread’s backtrace in the Debug navigation you should see that this routine was called via a long chain of goo that includes the

com.apple.CFNetwork.Connection

thread. That indicates that this message is the result of some sort of CFNetwork operation, most probably an HTTPS request being run via NSURLSession (or the legacy NSURLConnection).

At that point it’s a ‘simple’ matter of tracking down who issued that request. If this were your own code it’d be pretty obvious:

Look for the code issuing the request
Set a breakpoint on the completion handler (or completion delegate callback)
If that indicates an error, you have something concrete to investigate

However, it’s most likely that this is Firebase code. I’m not familiar with that, so I don’t have any specific suggestions here.

Finally, I should stress that the message you’re seeing could be a complete red herring. The TLS client is having problems parsing the SCT (Signed Certificate Timestamps) extension, which is a part of the Certificate Transparency feature. That failure does not necessarily mean that the entire TLS connection is going to fail. Right now Certificate Transparency is an opt-in feature.

Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

0

Answer 4

Gerard Riera Puig OP

Sep ’17

Well met Eskimo,

With the newest release of Xcode 9, this error (BoringSSL), doesn't appear anymore, and I still can't recieve push notifications, therefore you were right. That BoringSSL error had nothing to do with my app being unable to recieve push notifications.

I will look back to my code and configuration.

Thank you very much for you help and support.

I consider this post closed.

Best Regards,

Gerard Riera Puig.

0