This is what I call efficient.
A check for system updates looks like this:
POST /checkin HTTP/1.1
Content-type: application/x-protobuffer
Content-Length: 2
Host: android.clients.google.com
User-Agent: Android-Checkin/2.0 (maguro ICL53F); gzip
Connection: close
The request body (for me) is only two bytes: 0x22 0x00
The reponse is quite concise too:
HTTP/1.1 200 OK
Content-Type: application/x-protobuffer; charset=UTF-8
Date: Mon, 23 Apr 2012 23:29:46 GMT
Expires: Mon, 23 Apr 2012 23:29:46 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 9
Server: GSE
Connection: close
And the reply body is something like this: 0x08 0x01 0x18 0xd8 0xa3 0x8c 0xee 0x26
Of course it's entirely possible that the above is not a "real" conversation. I used ProxyDroid + Charles Debugging Proxy to sniff on the communication between my Nexus and Google's servers.
Update: now I know for sure that the above traffic stands for a failed checkin.
If you enter the
following number (secret checkin code? ) in Android dialer, it'll force a checkin:
*#*#checkin#*#*
(ie. *#*#2432546#*#*). Normally it'll create a notification in the status bar that "checkin succeeded". If I start up ProxyDroid, enable the global proxy and force a checkin, it'll display "checkin failed". So obviously the Checkin client won't accept a bogus/spoofed SSL certificate from Charles Debugging Proxy. Maybe I should just overwrite the certificate of android.clients.google.com (or google.com) with the one generated by Charles.
Probably checkin would work then and I could watch requests come and go.
The certificate of android.clients.google.com is issued to "*.google.com" by a CA called "Google Internet Authority" ... which was issued by the CA "Equifax Secure CA". On my phone (Galaxy Nexus) I can see 4 CAs for Equifax (namely: "Equifax", "Equifax Secure" and "Equifax Secure Inc." twice!
). I guess if I create an SSL certificate for "*.google.com", set it up in Charles and import it on my phone, everything should work as expected. I might even try this some other time (when it's not 2:06am
).
Recent comments
2 years 19 weeks ago
3 years 41 weeks ago
3 years 41 weeks ago
3 years 43 weeks ago
3 years 44 weeks ago
3 years 51 weeks ago
3 years 51 weeks ago
3 years 51 weeks ago
3 years 51 weeks ago
3 years 51 weeks ago