I'm having some problems with Libstrophe. I was able to make it work in linux (fedora) but seems that Windows is not going to be so easy.
Running basic.exe I have the following output (server was dukgo.com):
TLSS DEBUG QuerySecurityPackageInfo() success
TLSS DEBUG AcquireCredentialsHandle() success
conn DEBUG SENT: <starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
xmpp DEBUG RECV: <proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
xmpp DEBUG handle proceedtls called for proceed
xmpp DEBUG proceeding with TLS
TLSS DEBUG QuerySecurityPackageInfo() success
TLSS DEBUG AcquireCredentialsHandle() success
xmpp DEBUG Couldn't start TLS! error -2146893018
conn DEBUG SENT: </stream:stream>
xmpp DEBUG Socket closed by remote host.
xmpp DEBUG Closing socket.
DEBUG: disconnected
event DEBUG Stopping event loop.
event DEBUG Event loop completed.
The problem seems to be located in src\tls_schannel.c:331
ret = tls->sft->InitializeSecurityContextA(&(tls->hcred), &(tls->hctxt), name,
ctxtreq, 0, 0, &sbdin, 0,
&(tls->hctxt), &sbdout,
&ctxtattr, NULL);
}
if (ret == SEC_E_OK) {
ret value is -2146893018 instead of SEC_E_OK. I see some post about this problem and I changed to OpenSLL but has no use, still not working. Also in those cases DecryptMessage() was mentioned, I never reach that line in of code so far. DecryptMessage returning SEC_E_UNSUPPORTED_FUNCTION
If anyone have an idea about this I would be really thankful, I had trying to fix this for over a week and still nothing.
thanks, federico.
pd.: I have warnings like "warning LNK4006: __NULL_IMPORT_DESCRIPTOR already defined in libeay32MTd.lib(LIBEAY32.dll); second definition ignored" I assume that openssl is working anyways
Related
I am using Lwip 2.1.2 with FreeRtos v10.0.0 and the Netconn API.
I am trying to find a way to gracefully close a Netconn connection and try to reconnect in case of a communication issue.
Currently, to identify a communication issue, I try to do a
netconn_write()
and in case this method returns an error I try to
netconn_close()
and
netconn_delete()
the netconn connection.
To simulate a TCP connection I use Netcat in Linux (Running on my host PC) and my Embedded Device is connected with an Ethernet cable to my PC.
By the time I have a connection and receive data on the PC, I try to simulate a communication interruption by just killing the Netcat connection (Ctrl+c). However, I get the following errors:
netconn_close(netconn) returns error: -11 (ERR_CONN = Not connected)
netconn_delete(netconn) returns error: -5 (ERR_INPROGRESS = Operation in progress)
A simplified version of my code:
void FooMethod()
{
netconn* tcpListenNetconn;
netconn* connection;
tcpListenNetconn = netconn_new(NETCONN_TCP);
netconn_bind(tcpListenNetconn, IP4_ADDR_ANY, TCP_PORT);
netconn_listen(tcpListenNetconn);
netconn_accept(tcpListenNetconn, &connection);
uint8_t buffer = 0x65;
while(1)
{
err_t error = netconn_write(connection , &buffer , 1, NETCONN_COPY);
if (error != ERR_OK)
{
netconn_close(connection);
netconn_delete(connection);
break;
}
}
}
Update
I realized that if I kill netcat on the host machine, the TCP connection will be closed in the background, that's why I get the error messages from
netconn_close()
and
netconn_delete()
While I could ignore the closing errors, my next problem was when I was trying to re-connect I was getting an error from
netconn_bind(): -8 (ERR_USE, Address in use)
But this is because I try to reconnect to the same port. Apparently Netconn API doesn't provide options for reusing an IP Address or a Port, so the probably the Socket API has to be used.
While trying to call Acquire dbus api from our application , the bluez stack gets the fd, imtu, omtu successfully, and sends it over dbus using g_dbus_send_reply. But when we call dbus_connection_send_with_reply_and_block from our application, we are unable to get the reply,and unable to get the fd, imtu and omtu.The dbus is returning org.freedesktop.DBus.Error.NoReply.
dbus version used is 1.10.10.
Bluez version - 5.37
Dbus error seen is ,
method call time=1493814994.072004 sender=:1.50 -> destination=org.bluez serial=50 path=/org/bluez/hci0/dev_A4_70_D6_7A_74_7F/fd2; interface=org.bluez.MediaTransport1; member=Acquire
error time=1493814994.074396 sender=org.freedesktop.DBus -> destination=:1.50 error_name=org.freedesktop.DBus.Error.NoReply reply_serial=50
string "Message recipient disconnected from message bus without replying"
Bluetoothd error seen is,
State changed /org/bluez/hci0/dev_88_79_7E_84_2C_54/fd2: TRANSPORT_STATE_PENDING -> TRANSPORT_STATE_ACTIVE
bluetoothd[7523]: Disconnected from D-Bus. Exiting.
Any inputs will be of great help. Awaiting for the reply.
This issue is resolved by applying Smack patch for bluetooth.
This patch allows kernel sockets to be used by applications.
Patches are,
0001-Smack-File-receive-for-sockets.patch
0002-smack-fix-cache-of-access-labels.patch
0003-Smack-ignore-null-signal-in-smack_task_kill.patch
0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch
Gerrit link -
https://gerrit.automotivelinux.org/gerrit/#/c/6995/
I'm using libwebsockets 2.0 and I'm having a few issues trying to connect to a server using it as a client.
According to the libwebsockets log, this is what happens when my fairly simple client tries to connect to echo.websocket.org:
[2016/09/25 19:22:56:9033] INFO: lws_header_table_attach: wsi 0x7fe32402a680: ah (nil) (tsi 0, count = 0) in
[2016/09/25 19:22:56:9034] INFO: lws_header_table_attach: wsi 0x7fe32402a680: ah 0x7fe3240078f0: count 1 (on exit)
[2016/09/25 19:22:56:9034] CLIENT: lws_client_connect: direct conn
[2016/09/25 19:22:56:9034] CLIENT: lws_client_connect_2
[2016/09/25 19:22:56:9034] CLIENT: lws_client_connect_2: address
[2016/09/25 19:22:56:9044] ERR: getaddrinfo failed
Callback LWS_CALLBACK_CLIENT_CONNECTION_ERROR (1)
Connection error: (25) getaddrinfo (ipv4) failed
According to this log, it appears to say that getaddrinfo failed, but the line above it (which is supposed to output the address which libwebsockets is connecting to) is returning an empty string.
Even weirder, when I run my test code through Valgrind, everything appears to work fine:
[2016/09/25 19:46:17:7566] INFO: lws_header_table_attach: wsi 0x6714970: ah (nil) (tsi 0, count = 0) in
[2016/09/25 19:46:17:7598] INFO: lws_header_table_attach: wsi 0x6714970: ah 0x65b35c0: count 1 (on exit)
[2016/09/25 19:46:17:7665] CLIENT: lws_client_connect: direct conn
[2016/09/25 19:46:17:7670] CLIENT: lws_client_connect_2
[2016/09/25 19:46:17:7680] CLIENT: lws_client_connect_2: address echo.websocket.org
[2016/09/25 19:46:17:9511] DEBUG: insert_wsi_socket_into_fds: 0x6714970: tsi=0, sock=6, pos-in-fds=1
All of the included examples/tests work just fine, so I'm really not sure where my problem is.
The code at fault is here - I'm not sure whether the issue is within my code or whether it's a library issue.
I was pondering over my code today, trying random things to see if it would fix the issue. Turns out a free in my code was causing issues with libwebsockets:
char* address_internal = malloc(strlen(address) + 1);
memcpy(address_internal, address, strlen(address));
/*...*/
free(address_internal);
Removing free(address_internal); allows the code to work correctly outside of Valgrind.
I'm guessing the problem is that lws_parse_uri doesn't create its own internal copy, which the docs don't clearly mention. What's weird is that Valgrind didn't pick up on this, and somehow allowed the memory to still be used.
I'm using OpenSSL in order to encrypt some emails, that a piece of hardware sends. But, whenever I try to call SSL_connect(), I get :
SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
After sending "EHLO" and "STARTTLS" I call the following function:
SSL_CTX *ctx = NULL;
SSL *ssl = NULL;
void CreateTLSSession(int sockfd)
{
printf("///////////////creating TLS Session/////////////////////\n");
SSL_library_init();
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
ctx = SSL_CTX_new(SSLv23_client_method());
if (ctx == NULL)
{
printf("failed to initialize context\n");
return;
}
SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);
ssl = SSL_new(ctx);
if (!SSL_set_fd(ssl, sockfd))
{
printf("failed to bind to socket fd\n");
return;
}
if (SSL_connect(ssl) < 1)
{
ERR_print_errors_fp(stdout);
fflush(stdout);
printf("SSL_connect failed\n");
return;
}
}
I've tried connecting to :
smtp.live.com : 587 --> SSL routines:SSL23_GET_SERVER_HELLO:unknown
protocol s23_clnt.c:787:
smtp.live.com : 25 --> SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol s23_clnt.c:787:
smtp.gmail.com : 587 --> SSL routines:SSL23_GET_SERVER_HELLO:unknown
protocol s23_clnt.c:787:
smtp.gmail.com : 465 --> no response from server at all!
smtp.gmail.com : 25 --> SSL routines:SSL23_GET_SERVER_HELLO:unknown
protocol s23_clnt.c:787:
I've tried different ports, since some similar questions on this SO suggested, that such error is usually related to using the wrong port for SSL.
Am I missing something here?
UPDATE:
All other methods (i.e. TLSv1_1_method(), SSLv3_method() ...) lead to SSL3_GET_RECORD:wrong version number
UPDATE:
I was able to observe the following on wireshark:
"EHLO"
"at your service"
"STARTTLS"
"Ready to starttls"
-->now I call the above function
unreadable request (encrypted)
unreadable reply (encrypted)
--> ERROR
SMTP servers on ports 587 and 25 are usually plain text and will switch to TLS only after the initial SMTP dialog and a STARTTLS command from the client. And trying SSL_connect on the plain text socket will fail.
Another way to solve this problem may be to run your C program under Scott Gifford's sslclient (see http://www.superscript.com/ucspi-ssl/sslclient.html). sslclient will spawn your program and open an tcp connection to the server, and pipe your program's stdout to the server, and pipe output from the server to your program's stdin. He has a patched version for TLS that will start the connection off in plain text, then once the two sides have agreed on STARTTLS, your program can signal to sslcient to enable SSL encryption on the connection by writing a command to a file descriptor for this purpose. The nice thing about doing it this way is that you can let sslclient to all the heavy lifting as far as setting up the sockets and ssl, etc., and you can focus on the core function of your program.
The underlying socked was non-blocking. The problem was solved, by using select and waiting till the TLS handshake completes.
My app uses libssh2 to communicate over SSH, and generally works fine. One problem I have is when the remote host dies unexpectedly -- the remote host in this case is an embedded device that can lose power at any time, so this isn't uncommon.
When that happens, my app detects that the remote computer has stopped responding to pings, and tears down the local end of the SSH connection like this:
void SSHSession :: CleanupSession()
{
if (_uploadFileChannel)
{
libssh2_channel_free(_uploadFileChannel);
_uploadFileChannel = NULL;
}
if (_sendCommandsChannel)
{
libssh2_channel_free(_sendCommandsChannel);
_sendCommandsChannel = NULL;
}
if (_session)
{
libssh2_session_disconnect(_session, "bye bye");
libssh2_session_free(_session);
_session = NULL;
}
}
Pretty straightforward, but the problem is that the libssh2_channel_free() calls can block for a long time waiting for the remote end to respond to the "I'm going away now" message, which it will never do because it's powered off... but in the meantime, my app is frozen (blocked in the cleanup-routine), which isn't good.
Is there any way (short of hacking libssh2) to avoid this? I'd like to just tear down the local SSH data structures, and never block during this tear-down. (I suppose I could simply leak the SSH session memory, or delegate it to a different thread, but those seem like ugly hacks rather than proper solutions)
I'm not experienced with libssh2, but perhaps we can get different behavior out of libssh2 by using libssh2_session_disconnect_ex and a different disconnect reason: SSH_DISCONNECT_CONNECTION_LOST.
libssh2_session_disconnect is equivalent to using libssh2_session_disconnect_ex with the reason SSH_DISCONNECT_BY_APPLICATION. If libssh2 knows that the connection is lost, maybe it won't try to talk to the other side.
http://libssh2.sourceforge.net/doc/#libssh2sessiondisconnectex
http://libssh2.sourceforge.net/doc/#sshdisconnectcodes
Set to non-blocking mode and take the control of reading data from the socket to your hand by setting callback function to read data from the soket using libssh2_session_callback_set with LIBSSH2_CALLBACK_RECV for cbtype
void *libssh2_session_callback_set(LIBSSH2_SESSION *session, int cbtype, void *callback);
If you can't read data from the socket due to error ENOTCONN that means remote end has closed the socket or connection failed, then return -ENOTCONN in your callback function