On 5/3/21 2:20 PM, Jan Just Keijser wrote:
Just for the record:
On 26/03/21 09:51, Embedded Devel wrote:
i now have a second developer looking at this, so hoping he can sort
it all out.
[...]
I was that second developer and even though 'Embedded Devel' listed
this as "paid" work and even though he made repeated promises about
following up on payment, I never did receive payment.
I checked the email address and IP addresses used for this job and
found nothing terribly wrong. My conclusion is that either someone
hijacked an email address - meaning that Optimcloud is not a very
*safe* company to do business with - or that 'Embedded Devel' at
Optimcloud simply thinks he can get away with this - meaning that
Optimcloud is not a very *trustworthy* company to do business with.
no actually, neither is the case. I submitted the work for payment,
accounting inquired of the developer if it was all working and he stated
it wasnt. So where it is, and its more i think we dont understand is
when the client registers and is authorized it should generate a new xml
config for the client, and right now there appears to be some mismatch,
basically we have no idea how you had this working. so we are a month in
from the work you did and i submitted payment for, and still have had 0
reproducability. Ive even reviewed the document you sent, as has he, and
we are missing something.
the database says
(6,'archer.optimcloud.com','0.0.0.0','60:32:b1:f8:9b:3a','mips','12345678','19.07.2','1.0.3','/etc/apconfig/CA/ac_ca_cert.pem','/etc/apconfig/CA/ac_client_cert.pem','/etc/apconfig/CA/ac_client_key.pem','none','2021-04-29
07:28:53',1,1)
the ac_server logs says..... so is it a mismatched certificate ?
5]: DEBUG: generic blocked db query: SELECT * FROM blocked_systems WHERE
mac="60:32:b1:f8:9b:3a";
May 4 07:07:22 portaladmin ac_server[24675]: DEBUG: generic new systems
db query: SELECT * FROM new_systems WHERE mac="60:32:b1:f8:9b:3a";
May 4 07:07:22 portaladmin ac_server[24675]: DEBUG: generic systems db
query: SELECT * FROM systems WHERE mac="60:32:b1:f8:9b:3a";
May 4 07:07:22 portaladmin ac_server[24675]: INFO: Device Registration
Process
May 4 07:07:22 portaladmin ac_server[24675]: DEBUG: db query: SELECT id
FROM systems WHERE hostname="client.xi-group.com" and active='1' ORDER
BY ID DESC LIMIT 1;
May 4 07:07:22 portaladmin ac_server[24675]:
ac_gen_db_generate_conf_xml(): No such hostname: client.xi-group.com
May 4 07:07:22 portaladmin ac_server[24675]: DEBUG: Sending ACK reply
(INIT+XML config)
May 4 07:07:22 portaladmin ac_server[24675]: DEBUG: generic update last
seen db query: UPDATE systems SET last_seen=NOW() WHERE
hostname="client.xi-group.com";
May 4 07:07:22 portaladmin ac_server[24675]: DEBUG: generic update log
db query: INSERT INTO logs(time, actor, action) VALUES (NOW(),
'ac_server', 'AC_INIT from client: client.xi-group.com; XML Reply.');
the db says your hostname is archer
(6,'archer.optimcloud.com','0.0.0.0','60:32:b1:f8:9b:3a','mips','12345678','19.07.2','1.0.3','/etc/apconfig/CA/ac_ca_cert.pem','/etc/apconfig/CA/ac_client_cert.pem','/etc/apconfig/CA/ac_client_key.pem','none','2021-04-29
07:28:53',1,1)
You have been warned.
JJK
On 26/03/21 09:51, Embedded Devel wrote:
i believe this was all from back in the 0.9x days, the code in
question is close to 10+/- years old
if everyone would look at the email thread re: "ssl client write /
server accept seems broken"
some might see more of the issue i am facing, i have has 1 person
look at this and he believes
quote "
This looks like using *very* outdated OpenSSL API. Hence the SSL
client (and server) code needs to ported to work with more recent
versions OpenSSL and make use of TLS methods instead of SSL methods.
For testing you could try to build OpenSSL with the old SSL3 support
enabled (we don't even support that at all in OpenWrt any longer, but
should work to build manually).
Because ssl_undefined_function is most likely a result of:
Disabled features:
...
ssl3 [default] OPENSSL_NO_SSL3
ssl3-method [default] OPENSSL_NO_SSL3_METHOD
...
If you find someone very familiar with OpenSSLs API (I've used it, more
than once, but it's not what I'm doing every day), this can be done in
a few days. I'd probably need a week for this and I'm not particularly
keen on it, there are things I'm better with which are waiting as well."
i now have a second developer looking at this, so hoping he can sort
it all out.
