For example, a client hello is malformed and cannot be parsed. At the same time, the protocol version in it is not supported by the server. In this case, should the server respond with decode error alert or protocol version alert? Does it depend on the implementation or is there a requirement on the priorities of the alerts?
Related
I'm trying to determine how the heartbeat is negotiated, if at all. It is, after all, called the "requested" heartbeat. For example, if the server heartbeat is set lower than the client heartbeat, the client library should use the minimum, right? Otherwise, all connections will be closed by the server.
The connection documentation doesn't really make it clear and I'm not finding much by searching the code (no conclusive usages of ConnectionConfiguration.RequestedHeartbeat).
The server documentation says
This value is negotiated between the client and RabbitMQ server at the time of connection. The client must be configured to request heartbeats... (although the client can still veto them).
The "official" .NET client library uses the minimum of the client or server heartbeat.
Math.Min(clientValue, serverValue);
I need to send SMS via smpp protocol.
I’m sending an MT message from an emse server to an esme client
My question is about the SMPP traffic and this error "vendor specific error" ... if it's due to a malformed packet smpp or I must refer to my SMPP provider? any explanation please ?
I attached a dump traffic on Wireshark for more details.link to pcap file
The packet is well formed and has no issue. Usually in these types of errors i would go and ask the provider for the exact meaning of the error since the error codes differ from a vendor to another.
However i did notice something odd in the trace, the IP: 10.10.32.66 did not send any enquire link through out the whole wireshark session.
Consider this scenario:
[wanting to write] [sent token success]
Application -------> SSL ----------->
| *peer drops*
[waiting to read] |
***blocked***<------------
In other words, your application wants to write something, but the SSL internal state is WANT_READ. On the other end, the peer connection has dropped.
Can SSL detect this through some keep-alive check of it's own? What can you do in this case?
SSL usually leaves detection of connection problems to the underlying transport layer, i.e. TCP. This means that by using TCP keep alive it can be detected if the peer vanishes without proper connection close. Apart from that there is also the heartbeat extension at the TLS level but contrary to TCP keep alive it is not universally supported.
If SSL detects a connection that hasn't been correctly terminated from SSL's point of view via an SSL close_notify message, it will regard it as a truncation attack, and will give you an error message or an exception, depending on which API you are using.
your application wants to write something, but the SSL internal state is WANT_READ. On the other end, the peer connection has dropped.
What it wants you to read is either the close_notify or the error message or exception. Whatever the case, when it says WANT_READ, you have to read.
I'm going to implement Java VoiP server to work with WebRtc. Implementation of browser p2p connection is really straightforward. Server to client connection is slightly more tricky.
After a quick look at RFC I wrote down what should be done to make Java server as browser. Kindly help me to complete list below.
Implement STUN server. Server should be abke to respond binding
request and keep-alive pings.
Implement DTLS protocol along with DTLS handshake. After the DTLS
handshake shared secret will be used as keying material within SRTP
and SRTCP.
Support multiplexing of SRTP and SRTCP stream. SRTP and SRTCP use
same port to adress NAT issue.
Not sure whether should I implement SRTCP. I believe connection will
not be broken, if server does not send SRTCP reports to client.
Decode SRTP stream to RTP.
Questions:
Is there anything else which should be done on server-side ?
How webRtc handles SRTCP reports ? Does it adjust sample rate/bit
rate depends on SRTCP report?
WebRtc claims that following issues will be addressed:
packet loss concealment
echo cancellation
bandwidth adaptivity
dynamic jitter buffering
automatic gain control
noise reduction and suppression
Is is webRtc internals or codec(Opus) internals? Do I need to do anything on server side to handle this issues, for example variable bitrate etc ?
The first step would be to implement Interactive Connectivity Establishement (RFC 5245). Whether you make use of a STUN/TURN server or not is irrelevant, your code needs to issue connectivity checks (which use STUN messages) to the browser and respond to the brower's connectivity checks. ICE is a fairly complex state machine, but it's doable.
You don't have to reinvent the wheel. STUN / TURN servers are external components. Use as they are. WebRTC source code is available which you can use in your application code and call the related methods.
Pls. refer to similar post - Server as WebRTC data channel peer
I am new to TLS/SSL. I am facing an issue with SSL/TLS connectivity.
I could see in tcpdump traces that the handshake is done succefully(clienthello,serverhello,certificate,certifcate request,server hello done, client certificate, client key exchange,certificate verify,change cipher suite exchange and finished message from both server and client side). My understanding is that if finished message exchnaged means handshake is completed. Is it correct?
After 'finished' message, Client sending application data which is http get request. There is no response from server for ~2 minutes and client is sending an alert close_notify after that.
"11905 14:51:54.122049 10.62.73.221 10.62.68.4 TLSv1 105 Alert (Level: Warning, Description: Close Notify)"
Alert message 21 is received by server.
could any one please explain why the alert message has been received by server.?
Thanks for support.
Well, with the details in your question, it could be that the GET request is not properly formed or the TLS Record is not proper - perhaps there is a discrepancy in the payload specified and what it is. Are you constructing the TLS Record on your own or using an established library? It seems, that since you are new to SSL, an established library is being used. In this case, please make sure that the GET Request is formatted as per the HTTP spec with the necessary HTTP headers.
close_notify is normal. Nothing to be alarmed about. It is just the TLS version of close().