We Keep Coding

.NET does not want to connect to OpenLDAP over LDAPS

I am currently very much stuck on trying to connect to an OpenLDAP Server using the .NET Framework 3.0.
I am using the following code:
Dim ldapDirectoryIdentifier As New System.DirectoryServices.Protocols.LdapDirectoryIdentifier("ldap.example.de", 636, True, False)
connection = New LdapConnection(ldapDirectoryIdentifier)
connection.AuthType = 2 '//Negotiate
connection.SessionOptions.ProtocolVersion = 3
connection.SessionOptions.SecureSocketLayer = True
'//This is set to true temporarily for test purposes
connection.SessionOptions.VerifyServerCertificate = true
connection.Credential = New System.Net.NetworkCredential("cn=LDAP_user,ou=Funktion-User,o=Comp", "******")
connection.Bind()
The output is "The supplied credentials are invalid", but entering the very same credentials into any other tool works quite fine.
I have also tried:
Username: "LDAP_user"
Username:
"cn=LDAP_user,ou=Funktion-User,o=Comp,dc=example,dc=de"
AuthType:
1-7
A different user altogether
ProcotolVersion = 2
a non-fully qualified hostname
I have tried every variable, and I am out of ideas.

S3 presigned URL: Generate on server, use from client?

Is it possible to generate an S3 presigned URL in a Lambda function and return that URL to a client, so the client can use it to do an unauthenticated HTTP PUT?
I'm finding that S3 is unexpectedly closing my HTTPS connection when I try to PUT to the URL I get from the lambda function, and I don't know if it's because the server and client are different entities.
Can I do what I want to do? Is there a secret step I'm missing here?
EDIT: per Anon Coward's request, the server-side code is:
presigned_upload_parts = []
for part in range(num_parts):
resp = s3.generate_presigned_url(
ClientMethod = 'upload_part',
Params = {
'Bucket': os.environ['USER_UPLOADS_BUCKET'],
'Key': asset_id,
'UploadId': s3_upload_id,
'PartNumber': part
}
)
presigned_upload_parts.append({"part": part, "url": resp})
return custom_http_response_wrapper(presigned_upload_parts)
The client-side code is:
for idx, part in enumerate(urls):
startByte = idx * bytes_per_part
endByte = min(filesize, ((idx + 1) * bytes_per_part))
f.seek(startByte, 0)
bytesBuf = f.read(endByte - startByte)
print(f"Buffer is type {type(bytesBuf)} with length {len(bytesBuf):,}")
print(f"Part {str(idx)}: bytes {startByte:,} to {endByte:,} as {part['url']}")
#resp = requests.post(part['url'], data = bytesBuf, headers = self.get_standard_headers())
resp = requests.put(
url = part['url'],
data = bytesBuf
)
The error I'm getting is:
ConnectionResetError: [WinError 10054] An existing connection was forcibly closed by the remote host
The presigned URL looks like:
https://my-bucket-name.s3.amazonaws.com/my/item/key?uploadId=yT2W....iuiggs-&partNumber=0&AWSAccessKeyId=ASIAR...MY&Signature=i6duc...Mmpc%3D&x-amz-security-token=IQoJ...%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F...SWHC&Expires=1657135314

There was a bug in my code somewhere. I ran the code under WSL as a test, and in the Linux environment got a more friendly error that helped me find and fix a minor bug, and now it's running as expected in the Windows environment. Whether that's because of the bugfix or some other environmental change I'll never know.

javax.mail: Sending without authentication hangs inside Transport.send()

I am trying to send error reports from an application using a local send-only Postfix server. The server works fine (I have tested it using both telnet and mail) but I can't get the code below to work:
Properties props = new Properties();
props.put("mail.smtp.host",host); // "localhost"
props.put("mail.smtp.port",port); // "25"
props.put("mail.smtp.auth",auth); // false
props.put("mail.smtp.starttls.enable",tls); // false
props.put("mail.smtp.ssl.enable",ssl); // false
props.put("mail.smtp.sendpartial",true);
Session session = Session.getDefaultInstance(props);
Message msg = new MimeMessage(session);
msg.setFrom(new InternetAddress(from));
msg.setRecipient(Message.RecipientType.TO,new InternetAddress(to));
msg.setSubject(subject);
msg.setContent(content,"text/plain");
Transport.send(msg);
I have traced it up to the final call to send(), and it just hangs at that point -- it never returns from the call.
If I set "mail.smtp.auth" to true and replace the call to Transport.send() with this code:
Transport transport = s.getTransport("smtp");
transport.connect(host,Integer.parseInt(port,10),"foo","bar");
transport.sendMessage(msg,msg.getRecipients(Message.RecipientType.TO));
transport.close();
then it hangs inside the call to connect(). The same as true if I set "mail.smtp.auth" to false and set the username and password to null in the call to connect().
In /var/log/mail.log I see this:
connect from localhost[127.0.0.1]
and after I kill the hung process:
lost connection after CONNECT from localhost[127.0.0.1]
disconnect from localhost[127.0.0.1] commands=0/0
Can anyone see what I've done wrong here?

The problem turned out to be that the user "postfix" was being blocked by iptables. Adding an ACCEPT rule for postfix solved the problem.

socket http lua to set timeout

I am trying to create a function that can call REST with the http socket lua.
And I tried to set the timeout this way. But, when I run this function, the timeout is not running. How should I set the timeout?
local http = require "socket.http"
local socket = require "socket"
local respbody = {}
http.request {
method = req_method,
url = req_url,
source = ltn12.source.string(req_body),
headers =
{
["Content-Type"] = req_content_type,
["content-length"] = string.len(req_body),
["Host"] = host,
},
sink = ltn12.sink.table(respbody),
create = function()
local req_sock = socket.tcp()
req_sock:settimeout(3, 't')
return req_sock
end,
}

You may want to check lua-http. I use it to call REST and works like a charm. I am not an expert but, as far as I can tell, it is a good LUA http implementation.
You can set a two seconds timeout as simple as:
local http_client = require "http.client"
local myconnection = http_client.connect {
host = "myrestserver.domain.com";
timeout = 2;
}
Full documentation in here.

if I implement the example with my requirements, will it be like this? cmiiw
local http_client = require "http.client"
local req_body = "key1=value1&key2=value2"
local myconnection = http_client.connect {
method = "POST";
url = "myrestserver.domain.com/api/example";
host = "myrestserver.domain.com";
source = req_body
headers = {
["Content-Type"] = "application/x-www-form-urlencoded",
["content-length"] = string.len(req_body),
},
timeout = 2;
}

LuaSocket implicitly set http.TIMEOUT to the socket object.
Also you have to remember that socket timeout is not the same as request timeout.
Socket timeout means timeout for each operation independently. For simple case you can wait connection up to timeout seconds and then each read operation can take up to timeout seconds. And because of HTTP client read response line by line you get timeout seconds for each header plus for each body chunk. Also, there may be redirecions where each redirection is a separate HTTP request/response. If you use TLS there also will be hendshake after connection which also took several send/receive operation.
I did not use lua-http module and do not know how timeout implemented there.
But I prefer use modules like cURL if I really need to restrict request timeout.

jax-ws with intermediate https proxy and https endpoint does not work

Problem Description
- We are having problems with a JAX-WS Webservice that wants to connect to
a server using HTTPS in combination with a proxy server.
The setups is as follows:
- WebSphere 6.0.1.47 running on AIX Version: 5300-10-07-1119
- A JAX-WS Webservice application
What happens is as follows:
JAX-WS application in WAS tries to connect to
'https://target.example.domain/url' while using a proxy server
- When the transport chain is started, the following error appears (i have
included the corresponding ffdc's as attachments to this mail) :
java.io.IOException: Async IO operation failed, reason: RC: 76 A socket
must be already connected.;
When we:
1) Use a HTTP destination and DO NOT use a Proxy Server then the
application works
2) Use a HTTPS destination and DO NOT use a Proxy Server then the
application works
3) Use a HTTP destination and USE a Proxy Server then the
application works
4) Use a HTTPS destination and USE a Proxy Server then the application
displays the error described above.
ffdc logs
" ------Start of DE processing------ = [1/14/15 13:04:39:913 CET] , key = java.io.IOException com.ibm.ws.websvcs.transport.http.HTTPConnection.connect 213
Exception = java.io.IOException
Source = com.ibm.ws.websvcs.transport.http.HTTPConnection.connect
probeid = 213
Stack Dump = java.io.IOException: Async IO operation failed, reason: RC: 76 A socket must be already connected.
at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:679)
at com.ibm.io.async.ResultHandler$CompletionProcessingRunnable.run(ResultHandler.ja va:910)
at java.lang.Thread.run(Thread.java:813)
Dump of callerThis =
Object type = com.ibm.ws.websvcs.transport.http.HTTPConnection
com.ibm.ws.websvcs.transport.http.HTTPConnection#db30db3
Exception = java.io.IOException
Source = com.ibm.ws.websvcs.transport.http.HTTPConnection.connect
probeid = 213
Dump of callerThis =
Object type = com.ibm.ws.websvcs.transport.http.HTTPConnection
_tc =
defaultMessageFile = com.ibm.ejs.resources.seriousMessages
EXTENSION_NAME_DPID = DiagnosticProvider
ivDumpEnabled = false
ivResourceBundleName = com.ibm.ws.websvcs.resources.websvcsMessages
ivLogger = null
ivDiagnosticProviderID = null
anyTracingEnabled = true
ivLevel = 1
ivName = com.ibm.ws.websvcs.transport.http.HTTPConnection
ivDebugEnabled = true
ivEventEnabled = true
ivEntryEnabled = true
ivDetailEnabled = true
ivConfigEnabled = true
ivInfoEnabled = true
ivServiceEnabled = true
ivWarningEnabled = true
ivErrorEnabled = true
ivFatalEnabled = true
chainname = HttpsOutboundChain:xx-proxy- xxxxx.xxx.xxxx.com:8080:1665256594:10.21.197.161:9443
............."
We have tried setting the properties (https.proxyHost, https.proxyPort) at System level and also in the SOAP header, nothing works.
We are using BindingProv
Any help is much appreciated