Where can I find a definition of the Windows Schannel fatal alerts codes that show up in Event Viewer? For instance:
A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.
A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.
The alert codes are defined at:
https://learn.microsoft.com/en-us/windows/win32/secauthn/schannel-error-codes-for-tls-and-ssl-alerts
40 = SSL3_ALERT_HANDSHAKE_FAILURE
42 = TLS1_ALERT_BAD_CERTIFICATE
43 = TLS1_ALERT_UNSUPPORTED_CERT
44 = TLS1_ALERT_CERTIFICATE_REVOKED
45 = TLS1_ALERT_CERTIFICATE_EXPIRED
46 = TLS1_ALERT_CERTIFICATE_UNKNOWN
48 = TLS1_ALERT_UNKNOWN_CA
70 = TLS1_ALERT_PROTOCOL_VERSION
Related
I cloned the gorilla websocket chat example and updated it to use multiple rooms. However, I am getting the error:
Error during WebSocket handshake: Unexpected response code: 404
In chrome whenever I try to make the connection. My source code is available on github. It is very similar to the original example, and was only changed slightly. I don't know why it is not working.
EDIT:
The problem is occuring in this line of code:
for _, name := range []string{"arduino", "java", "go", "scala"} {
room := newRoom("go")
http.Handle("/chat/go", room)
go room.run()
}
Looping over a slice is causing an issue with the httphandle function. If instead, I declare them individually:
room := newRoom("go")
http.Handle("/chat/go", room)
go room.run()
...
It works. How can I fix this?
So actually from your index.html file, you connect to wrong url
<!-- index.html -->
<script>
var serviceLocation = "ws://0.0.0.0:8080/chat/";
.....
function connectToChatserver() {
room = $('#chatroom option:selected').val();
wsocket = new WebSocket(serviceLocation + room);
// it connect to /chat/<room>, it has slash after chat
This is your url from main.go
http.Handle("/chat"+name, room)
It will make url like this: http://localhost:8080/chatgo, rather than what you want: http://localhost:8080/chat/go
Fyi, it will error because you don't properly handle the channel, so after I send 1 message, it will be automatically closed. But this is another topic.
2020/08/04 06:42:10 running chat room java
2020/08/04 06:42:10 running chat room go
2020/08/04 06:42:10 running chat room arduino
2020/08/04 06:42:10 running chat room scala
2020/08/04 06:42:15 new client in room arduino
2020/08/04 06:42:15 client leaving room arduino
2020/08/04 06:42:15 client leaving room arduino
panic: close of closed channel
goroutine 6 [running]:
main.(*Room).run(0xc00007ac90)
/home/fahim/Projects/Golang/go-chat/room.go:70 +0x3b5
created by main.main
/home/fahim/Projects/Golang/go-chat/main.go:17 +0x2bd
exit status 2
I am using service account to list the message in my gmail box, however I am getting below error while calling this API service.users().messages().list(userId='me').execute()
HttpError Traceback (most recent call last)
<ipython-input-44-da1dc3cccc81> in <module>
27
28 apiservice = build('gmail', 'v1', credentials=service_cred)
---> 29 response = apiservice.users().messages().list(userId='me').execute()
~/opt/anaconda3/lib/python3.7/site-packages/googleapiclient/_helpers.py in positional_wrapper(*args, **kwargs)
128 elif positional_parameters_enforcement == POSITIONAL_WARNING:
129 logger.warning(message)
--> 130 return wrapped(*args, **kwargs)
131 return positional_wrapper
132
~/opt/anaconda3/lib/python3.7/site-packages/googleapiclient/http.py in execute(self, http, num_retries)
849 callback(resp)
850 if resp.status >= 300:
--> 851 raise HttpError(resp, content, uri=self.uri)
852 return self.postproc(resp, content)
853
HttpError: <HttpError 400 when requesting https://www.googleapis.com/gmail/v1/users/me/messages?alt=json returned "Precondition check failed.">
code:
scopes = [
"https://mail.google.com/",
"https://www.googleapis.com/auth/gmail.modify",
"https://www.googleapis.com/auth/gmail.readonly",
"https://www.googleapis.com/auth/gmail.labels",
"https://www.googleapis.com/auth/gmail.metadata",
'https://www.googleapis.com/auth/userinfo.email',
'https://www.googleapis.com/auth/userinfo.profile',
]
service_cred = service_account.Credentials.from_service_account_info(
credentials, scopes=scopes)
service = build('gmail', 'v1', credentials=service_cred)
response = service.users().messages().list(userId='me').execute()
I ran in to this as well when trying to list emails from my personal email. The Google dashboard set me up with service account credentials when enabling the Gmail API, so I assumed that was what I should use.
To make that 400 error go away, I had to add:
delegated_credentials = credentials.with_subject('my-email#gmail.com')
See https://developers.google.com/identity/protocols/oauth2/service-account#authorizingrequests.
However, I then got an error that my service account was unauthorized to make requests on behalf of my personal email. And if you're not using G Suite, I don't think there's a way to use a service account on behalf of a user.
So the ultimate solution to my problem was to use the OAuth authentication like in the Python Quickstart.
I am fairly new to SNMP and i have created a SNMP Agent in java using the snmp4j library.
In my code, i have added localhost as a trap destination. I therefore receive the notifications on the port 162 :
targetMIB.addTargetAddress(new OctetString("notification"),
TransportDomains.transportDomainUdpIpv4,
new OctetString(new UdpAddress("127.0.0.1/162").getValue()),
200, 1,
new OctetString("notify"),
new OctetString("v2c"),
StorageType.permanent);
What i am trying to do now is to receive traps from another ip address using a snmp browser such as iReasoning MIB Browser. But there i cannot manage to add an entry to the target mib.
Am i missing something ?
Thank you.
EDIT :
I want to add an entry using the mib browser to the target Address table. With iReasoning Mib browser i don't have the create row button and with ManageEngine's tool i have an add button but it does not seem to do anything.
I am therefore only trying here to change the row i have created with the code :
Here is a screen shot of the mib browser :
When i try to change the ip address i get an error :
I have tried to set the value using an OctetString with :
127.0.0.1:162
127.0.0.1/162
0700000100A2
0x0700000100A2
but nothing works
For further info, i solved my problem using the NET-SNMP tools.
What i did was :
Download net-snmp binaries
Make sure the mibs are located in the default folder (see readme)
Try a snmpwalk :
snmpwalk -v2c -c [READ_COMMUNITY] 127.0.0.1 targetaddrtable
SNMP-TARGET-MIB::snmpTargetAddrTDomain.'test' = OID: SNMPv2-TM::snmpUDPDomain
SNMP-TARGET-MIB::snmpTargetAddrTAddress.'test' = Hex-STRING: 00 00 00 00 00 A1
SNMP-TARGET-MIB::snmpTargetAddrTimeout.'test' = INTEGER: 1500
SNMP-TARGET-MIB::snmpTargetAddrRetryCount.'test' = INTEGER: 3
SNMP-TARGET-MIB::snmpTargetAddrTagList.'test' = STRING: v2c
SNMP-TARGET-MIB::snmpTargetAddrParams.'test' = STRING:
SNMP-TARGET-MIB::snmpTargetAddrStorageType.'test' = INTEGER: nonVolatile(3)
4) Do a set :
snmpset -v2c -c [COMMUNITY_WRITE] 127.0.0.1 snmpTargetAddrTAddress.'test' x 0000000000A1 snmpTargetAddrTDomain.'test' o 1.3.6.1.6.1.1 snmpTargetAddrTagList.'test' s notify snmpTargetAddrParams.'test' s v2c
snmpTargetAddrRowStatus.'test' i 4
SNMP-TARGET-MIB::snmpTargetAddrTAddress.'test' = Hex-STRING: 00 00 00 00 00 A1
SNMP-TARGET-MIB::snmpTargetAddrTDomain.'test' = OID: SNMPv2-TM::snmpUDPDomain
SNMP-TARGET-MIB::snmpTargetAddrTagList.'test' = STRING: notify
SNMP-TARGET-MIB::snmpTargetAddrParams.'test' = STRING: v2c
SNMP-TARGET-MIB::snmpTargetAddrRowStatus.'test' = INTEGER: createAndGo(4)
the snmpTargetAddrTAddress is a test
I'm attempting to hack together a Ruby-based (1.9.1) syslog server, and am running into a pretty basic issue right from the get-go.
Here's my (very basic) code:
#!/usr/bin/env ruby
require 'socket'
require 'io/wait'
require 'syslog'
class Server
def initialize
#listener = UDPSocket.new
#listener.bind("192.168.253.5", "514")
getdata
end
def getdata
while true
#text, #sender = #listener.recvfrom(9000)
p #listener
p #text
p #sender
end
end
end
x = Server.new
It all works fine, except that this does not display either the facility or the severity of the message:
#<UDPSocket:fd 5>
"<189>49: *Mar 1 00:24:37.862: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to down"
["AF_INET", 56970, "192.168.253.10", "192.168.253.10"]
Tcpdump shows this info just fine ("local7" facility, "notice" severity):
15:18:01.987542 IP 192.168.253.10.56970 > 192.168.253.5.514: SYSLOG local7.notice, length: 115
How can I inspect the UDP packet that was sent to me so I can glean both facility and severity of the syslog message?
Whenever you are implementing a well-defined network protocol, always look at the RFC:
https://www.rfc-editor.org/rfc/rfc5424
The Priority value is calculated by first multiplying the Facility
number by 8 and then adding the numerical value of the Severity.
so "local7" is 23 according to the RFC. 23 * 8 = 184
the severity of "notice" is 5: 184 + 5 = 189.
And there's 189 right at the beginning of your message - that's the "priority" number referenced by the RFC.
So you'll need to encode the mapping from the RFC between numeric values and the textual description into your program and compute it yourself.
To get the severify and facility:
Severity = Priority % 8
Facility = Priority / 8
In my web application there is a form which can contain a huge amount of data (this depends on the result of a previous query). When the form reaches a certain size, the servlet cannot cope and an exception is thrown. It seems that the first attempt to fetch a request parameter causes the problem.
I have tried to reproduce the problem on my test server but do not get a problem even when the data size is greater than on the production server.
As a result, I am now wondering if there is a server setting which restricts the size of data which can be passed in a request. I can only assume that there is a difference in the way the 2 servers are configured.
The application server is Websphere 7. I have tried the application using IE9, current FF and current Chrome - all produce the same result.
The exception is
java.lang.IllegalArgumentException
com.ibm.wsspi.webcontainer.util.RequestUtils.parseQueryString 196
com.ibm.ws.webcontainer.servlet.RequestUtils.parsePostData 356
com.ibm.ws.webcontainer.srt.SRTServletRequest.parseParameters 2051
com.ibm.ws.webcontainer.srt.SRTServletRequest.getParameter 1651
com.acme.Servlet.getNDC 126
com.acme.Servlet.doPost 96
javax.servlet.http.HttpServlet.service 738
javax.servlet.http.HttpServlet.service 831
com.ibm.ws.webcontainer.servlet.ServletWrapper.service 1658
com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest 940
com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest 503
com.ibm.ws.webcontainer.servlet.ServletWrapperImpl.handleRequest 181
com.ibm.ws.webcontainer.servlet.CacheServletWrapper.handleRequest 91
com.ibm.ws.webcontainer.WebContainer.handleRequest 875
com.ibm.ws.webcontainer.WSWebContainer.handleRequest 1592
com.ibm.ws.webcontainer.channel.WCChannelLink.ready 186
com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination 453
com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewRequest 515
com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.processRequest 306
com.ibm.ws.http.channel.inbound.impl.HttpICLReadCallback.complete 83
com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted 165
com.ibm.io.async.AbstractAsyncFuture.invokeCallback 217
com.ibm.io.async.AsyncChannelFuture.fireCompletionActions 161
com.ibm.io.async.AsyncFuture.completed 138
com.ibm.io.async.ResultHandler.complete 204
com.ibm.io.async.ResultHandler.runEventProcessingLoop 775
com.ibm.io.async.ResultHandler$2.run 905
com.ibm.ws.util.ThreadPool$Worker.run 1646
The code
protected String getNDC(HttpServletRequest request)
{
String user = request.getHeader("iv-user");
if (user == null)
user = "";
HttpSession session = request.getSession(false);
String sessionString = session == null ? "" : session.getId();
String action = request.getParameter(Constant.ACTION); <=== ERROR HERE
if(action == null)
action = "";
....
POST data size may be limited by a setting in the HTTP channel configuration:
http://pic.dhe.ibm.com/infocenter/wasinfo/v7r0/topic/com.ibm.websphere.express.doc/info/exp/ae/urun_chain_typehttp.html
If there is a Web server in front of the WAS, then you should also check the PostSizeLimit property in the plug-in configuration:
http://www-01.ibm.com/support/docview.wss?uid=swg21460889
Seems there is a restriction - at least in Websphere App Server. Here is the response from IBM...
I reviewed your problem description. You are right, WAS 7 has number
of maximum number of parameters allowed in inbound requests, but the
number is very high, it is 10000 in both GET and POST requests. If you
do not want to limit the number of parameters that can be included in
a request you have to set "com.ibm.ws.webcontainer.maxParamPerRequest"
webcontainer custom property to -1, for details see "Web container
custom properties" -
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=compass&product=was-nd-dist&topic=rweb_custom_props