I have developed a ssl client using the code shown in this website
http://www.chesterproductions.net.nz/blogs/it/c/an-ssl-client-using-openssl/245/
But after calling r = BIO_free(bio); the connection still does not get closed. Only after closing my client application does the connection close.
I am verifying this using CurrPorts software, which shows which all ports are in connected state.
I have tried BIO_ssl_shutdown(bio); but it didnt work either.
Ok I found the fault. It was the server not clearing its FD_SET which was creating an issue. Though I am not sure why it happened so :(
Related
I have a mail server working ok with Postfix+Courirer+MySql (virtual users), and SquirrelMail, I could never configure SqMail properly for message characters sets, so I would like to give a try to Roundcube, I have installed it, I did some configs, but at login screen I always get:
IMAP Error in /usr/share/roundcube/program/lib/Roundcube/rcube_imap.php (196): Login failed for user#domain.tls from AA.BBB.CC.DDD. Could not connect to ssl://domail.tls:993: Conection refused
I've been searching around and testing changes on config but no success, can anybody advice me on how to proceed to achieve the functioning of Roundcube.
My current system still works...
What info is suitable for you to have an idea of what could be wrong?
I am prototyping a message queue solution developed using CodeIgniter. The code is hosted on a GoDaddy basic shared hosting plan and connects to a trial instance of RabbitMQ on CloudAMQP. I use the videlalvaro/php-amqplib library.
The solution worked fine for a few days and yesterday I started getting a connection refused error. No changes to the code, in fact the same code running on my local machine works fine and connects to CloudAMQP.
This leads me to believe that the problem could be with GoDaddy hosting. Have spent about 48 hours trying to work around this and my project is now stalled.
Does anyone have any ideas? My only option now is to move to a different hosting service and try but that's a major step and I wanted to be sure I'm not missing something small.
The relevant part of the code below:
$url = parse_url("amqp://yyyyyyyy:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx#moose.rmq.cloudamqp.com/yyyyyyyy");
//Masking the user name and password for here
$conn = new AMQPStreamConnection(
$url['host'], //host - CloudAMQP_URL
5672, //port - port number of the service, 5672 is the default
$url['user'], //user - username to connect to server
$url['pass'], //password - password to connect to the server
substr($url['path'], 1) //vhost
);
For those who may face a similar problem, this could have been because of hosting on GoDaddy (could apply to any hosting service) where presumably access to post 5672 is not allowed. I moved to AWS and everything is working fine.
This question can be closed (not sure how that happens).
Thank you zaq178miami, your inputs helped.
I am using apache.net.ftp api to download from and upload to ftp server. Its working fine in normal scenarios.
But the issue starts when there is some latency or connection is closed by the server for some reasons.
Here comes the time-out. I found a parameter 'SO_TIMEOUT' which is considered when reading from socket. So, I used ftpClient.setSoTimeout(time in millis) method to set it which will be used while downloading a file. It worked fine.
I am not getting how to set time-out while uploading the file to the ftp-server.
Thanks in advance.
Check the following things to make sure everything is running fine,and then try again::
Check the Firewall setting,if any which might be blocking the incoming connections and the connection timeout.
I am trying to monitor https traffic with Fiddler, using current newest version:2.4.4.5
I've successfully set up https, certificates and I can see the full https encrypted traffic for example browsing my bank's web site.
...however...
When I trying to monitor an other server I got this error message in the response window:
"Failed to secure existing connection for 77.87.178.160. A call to SSPI failed, see inner exception. InnerException: System.ComponentModel.Win32Exception: The client and server cannot communicate, because they do not possess a common algorithm"
For full Fiddler window see:
The client is not a in this case browser, but a custom client program, which communicates with its own server.
My question: Is this exception misleading and in reality some other error prevents the secure channel to set up?
...or...
We have still chance to monitor this https communication?
Thx in advance
What is the client program?
This error typically indicates that that client application is only offering certain HTTPS ciphers, and those ciphers are not supported by Fiddler.
However, in this case, the specific problem here is almost certainly this: http://blogs.msdn.com/b/ieinternals/archive/2009/12/08/aes-is-not-a-valid-cipher-for-sslv3.aspx
The client is trying to use AES with SSLv3, but that isn't one of the valid ciphers for SSL3. As a consequence, the connection fails.
You might be able to workaround this by clicking Rules > Customize Rules. Scroll down to the Main() function and add the following line within the function:
CONFIG.oAcceptedServerHTTPSProtocols =
System.Security.Authentication.SslProtocols.Ssl3;
Please let me know if this works.
NOTE Current versions of Fiddler offer a UI link for this: Look at the lis of enabled protocols on the HTTPS tab.
Unbelievably this issue is still present some 6 years later.
Just installed the latest version of Fiddle (v5.0.20194.41348), and sure enough on Win7 using Chrome or IE it keeps failing with the dreaded error:
"fiddler.network.https> HTTPS handshake to google.com (for #1) failed. System.ComponentModel.Win32Exception The client and server cannot communicate, because they do not possess a common algorithm"
After some hours of testing, I found a middle ground solution which seems to work with virtually all websites. The aim was to get the highest possible security with no errors in the log. Without needing to add any code, simply changing this line under Tools > Options > HTTPS > Protocols is what worked for me (just copy and paste it):
<client>;ssl3;tls1.1;tls1.2
Basically removed the ssl2 and tls1.0 protocols which leaves us with some pretty decent security and no errors so far. Having spent hours of frustration with this error, hope someone out there might find this useful, and a big thanks to EricLaw who discovered the root of the problem.
Yes I too have seen this error when working outside of fiddler and it was connected with AuthenticateAsServer but only went wrong when using IE10 and not Chrome as the browser.
Odd thing is that it did not break all the time for IE10 using SslProtocols.Tls for the protocol so I will add a bit of code to switch the protocol if one fails
The protocol that can be used also seems to change on if you are using a proxy server like Fiddler or using an invisible server by hijacking the DNS via the hosts file to divert traffic to the server
I would like to test the logging that happens in our app (an embedded ftp server) when a 'connection reset by peer' error occurs. This post explains the source of the error pretty well, but doesn't really explain how to cause one. Does anybody know a way to trigger this error for a TCP connection?
tcpkill seems to do the job well.