When I use transport API of Net::SFTP::Foreign to connect to remote server on windows, It reports error
"Invalid option 'host' or bad combination of options" after
Net::SFTP::Foreign->new is invoked
code is below:
pipe $pR,$pW;
$sftp = Net::SFTP::Foreign->new("$user\#$ip",transport=>[$pR,$pW]) or
$rdyTCE{$city1} = 1;
According to module documentation available on CPAN: http://search.cpan.org/~salva/Net-SFTP-Foreign-1.81/lib/Net/SFTP/Foreign.pm#API
transport => [$in_fh, $out_fh, $pid]
allows one to use an already open pipe or socket as the transport for the SFTP protocol.
So you don't need host. Pipes will be used.
Related
I have created a simple HTML page to control the movement of a simulated Gazebo Turtlebot using roslaunch rosbridge_server rosbridge_websocket.launch following this tutorial.
However, in the Web Console of the HTML page (F12) it shows the error "Firefox cant establish a connection to the server at ws://localhost:9090/." I am using the default rosbridge for the websocket(9090). In the Terminal I am also receiving the errors:
[-] failing WebSocket opening handshake ('WebSocket connection denied: origin 'null' not allowed')
[-] dropping connection to peer tcp4:127.0.0.1:41290 with abort=False: WebSocket connection denied: origin 'null' not allowed.
Does anyone have any suggestions on how I can fix this?
Given that you have followed the ROS tutorial and have created an HTML file as shown in Ros Bridge tutorial then you have to run:
runcore
rosrun rospy_tutorials add_two_ints_server
roslaunch rosbridge_server rosbridge_websocket.launch
Now that you have these up and running, you need to serve the html/javascript file (e.g. simple.html) and start the services etc. For example, you can serve the simple.html by using a SimpleHTTPServer, see below an example (e.g. simplehttpserver_test.py):
#!/usr/bin/env python
import SimpleHTTPServer
import SocketServer
class MyRequestHandler(SimpleHTTPServer.SimpleHTTPRequestHandler):
def do_GET(self):
if self.path == '/':
self.path = '/simple.html'
return SimpleHTTPServer.SimpleHTTPRequestHandler.do_GET(self)
Handler = MyRequestHandler
server = SocketServer.TCPServer(('127.0.0.1', 9089), Handler)
server.serve_forever()
Once you run the simplehttpserver_test.py you can open the browser on 127.0.0.1:9089 and you should be able to have it working.
Note that SimpleHTTPServer serves files from the current directory and below, directly mapping the directory structure to HTTP requests, which means that the simple.html should be in the same (or below) directory as the simplehttpserver_test.py. Last, the port for the simplehttpserver_test.py should differ from the one used for the Rosbridge WebSocket server (e.g. default is 9090).
I have the following code:
#!C:\Perl\bin\perl.exe -w
use strict;
use warnings;
use Mail::Sendmail;
sendmail(
From => 'xxxxxx#hotmail.com',
To => 'xxxxxx#hotmail.com',
Subject => 'test email',
Message => "body of the message",
);
I get the following error:
Connect to localhost failed (An attempt was made to access a socket in a way forbidden by its access permissions.) no (more) retries!
I'm not sure how to correct it, any idea? I'm using Windows 10.
Your local system isn't offering an SMTP service
You need to specify an SMTP server by specifying the host name in the smtp parameter of your call to sendmail
I found many questions quite similiar to my problem, but they didn't solve it, so here I am asking for your help.
I am trying to get data from web page with Perl LWP using https.
I can get data from almost every site I have tried, except the one I really need to use.
I am using Perl version v5.18.2 under Windows x64.
This is my basic dummy example:
use strict;
use LWP::UserAgent;
use HTTP::Request;
use IO::Socket::SSL qw(debug3);
my $ua = LWP::UserAgent->new;
my $url = 'https://www.domainx.com:443';
my $req = HTTP::Request->new( GET => $url);
my $response = $ua->request($req);
print $response->status_line . "\n";
And result for the response->status_line:
500 Can't connect to www.domainx.com:443
Debug for SSL:
DEBUG: .../IO/Socket/SSL.pm:1890: new ctx 48125200
DEBUG: .../IO/Socket/SSL.pm:393: socket not yet connected
DEBUG: .../IO/Socket/SSL.pm:395: socket connected
DEBUG: .../IO/Socket/SSL.pm:413: ssl handshake not started
DEBUG: .../IO/Socket/SSL.pm:443: using SNI with hostname www.domainx.com
DEBUG: .../IO/Socket/SSL.pm:466: set socket to non-blocking to enforce timeout=180
DEBUG: .../IO/Socket/SSL.pm:479: Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:489: ssl handshake in progress
DEBUG: .../IO/Socket/SSL.pm:499: waiting for fd to become ready: SSL wants a read first
DEBUG: .../IO/Socket/SSL.pm:519: socket ready, retrying connect
DEBUG: .../IO/Socket/SSL.pm:479: Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:1359: SSL connect attempt failed with unknown error
DEBUG: .../IO/Socket/SSL.pm:485: fatal SSL error: SSL connect attempt failed with unknown error error:14092105:SSL routines:SSL3_GET_SERVER_HELLO:wrong cipher returned
DEBUG: .../IO/Socket/SSL.pm:1924: free ctx 48125200 open=48125200
DEBUG: .../IO/Socket/SSL.pm:1932: OK free ctx 48125200
From checking the previous posts I tried to apply: ssl_opts => { verify_hostname => 0 }, but that didn’t help.
If I try to connect to that same site with browser (IE or Chrome) it works just fine.
Is this some certificate based error or what is going wrong here?
The actual site is www.firstcard.fi
The server is heavily broken as can also be seen from the report by SSLLabs. To get a connection to the server one must work around these problems by only using the single good cipher the server offers:
my $ua = LWP::UserAgent->new;
$ua->ssl_opts(SSL_cipher_list => 'DES-CBC3-SHA');
Interestingly, this cipher is included in the cipher list used by default in IO::Socket::SSL but the server is too broken to properly deal with the correct ClientHello.
I have been looking at options to ship logs from Windows, I have already got logstash set up, and I currently ship logs from Linux (CentOS) servers to my ELK stack using the logstash-forwarder and ssl encryption.
For compliance reasons encryption is pretty much essential in this environment.
I was hoping to use logstash-forwarder in Windows as well, but after compiling with Go I ran in to issues shipping Event Logs, and I found some people saying that it wasn't possible because of file locking issues, which the logstash-forwarder people appear to be working on, but I can't really wait.
Anyway, eventually I found out that nxlog seems to be able to ship logs in an encrypted format using ssl, I've found a few posts about similar topics and while I've learned quite a bit about how to ship the logs across and how to set up nxlog, I am still at a loss with how to set up logstash to accept the logs so I can process them.
I've asked in the #nxlog and #logstash irc channels, and got some confirmation in #nxlog that it is possible, no further information on how it should be configured.
Anyway, I have taken the crt file created for use with my logstash-forwarder (I will create a new one if needed when I am happy that this will work) and renamed it with a pem extension, which I believe should work as it is readable in ASCII format. I have created the environment variable for %CERTDIR% and put my file in there, I have written the following config file for nxlog from the other articles I have read, I think it is right, but I am not 100% sure:
## This is a sample configuration file. See the nxlog reference manual about the
## configuration options. It should be installed locally and is also available
## online at http://nxlog.org/nxlog-docs/en/nxlog-reference-manual.html
## Please set the ROOT to the folder your nxlog was installed into,
## otherwise it will not start.
#define ROOT C:\Program Files\nxlog
define ROOT C:\Program Files (x86)\nxlog
Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
LogFile %ROOT%\data\nxlog.log
# Enable json extension
<Extension json>
Module xm_json
</Extension>
# Nxlog internal logs
<Input internal>
Module im_internal
Exec $EventReceivedTime = integer($EventReceivedTime) / 1000000; to_json();
</Input>
# Windows Event Log
<Input eventlog>
# Uncomment im_msvistalog for Windows Vista/2008 and later
Module im_msvistalog
# Uncomment im_mseventlog for Windows XP/2000/2003
# Module im_mseventlog
Exec $EventReceivedTime = integer($EventReceivedTime) / 1000000; to_json();
</Input>
<Output sslout>
Module om_ssl
Host lumberjack.domain.com
Port 5000
CertFile %CERTDIR%/logstash-forwarder.crt
AllowUntrusted TRUE
OutputType Binary
</Output>
<Route 1>
Path eventlog, internal => sslout
</Route>
What I want to know is what input format to use in logstash I have tried shipping logs in to a lumberjack input type (using the same config as my logstash-forwarders use) with the following config:
input {
lumberjack {
port => 5000
type => "logs"
ssl_certificate => "/etc/pki/tls/certs/logstash-forwarder.crt"
ssl_key => "/etc/pki/tls/private/logstash-forwarder.key"
}
}
But when the service started I get the following in the nxlog logfiles:
2014-11-06 21:16:20 INFO connecting to lumberjack.domain.com:5000
2014-11-06 21:16:20 INFO nxlog-ce-2.8.1248 started
2014-11-06 21:16:21 INFO successfully connected to lumberjack.domain.com:5000
2014-11-06 21:16:22 INFO remote closed SSL socket
2014-11-06 21:16:22 INFO reconnecting in 1 seconds
2014-11-06 21:16:23 INFO connecting to lumberjack.domain.com:5000
2014-11-06 21:16:24 INFO reconnecting in 2 seconds
2014-11-06 21:16:24 ERROR couldn't connect to ssl socket on lumberjack.antmarketing.com:5000; No connection could be made because the target machine actively refused it.
When I turned the logging up to DEBUG I see a massive amount of logs flying through, but I think the key part is:
2014-11-06 21:20:18 ERROR Exception was caused by "rv" at om_ssl.c:532/io_err_handler(); [om_ssl.c:532/io_err_handler()] -; [om_ssl.c:501/om_ssl_connect()] couldn't connect to ssl socket on lumberjack.domain.com:5000; No connection could be made because the target machine actively refused it.
I assume this points to me using the wrong input method on logstash, but I guess it could also be an issue with my ssl certs or the way it is configured. I don't appear to be getting any logs on the logstash server being generated at the time I make the connection from my Windows machine.
Thanks to b0ti for the help, there were a number of issues, my logstash config was crashing the service, but I also had issues with my nxlog setup as well as my ssl certs being set up in the correct way.
I found this post about creating ssl certs, which covers the way they are set up really nicely for self signed certs for use as a web service.
The main thing wrong with nxlog was as b0ti pointed out I was trying to ship in binary when that will only work when shipping to nxlog server. I also noticed in the docs that the default for AllowUntrusted is false, so I just had to delete it once I was happy ssl was working.
<Output sslout>
Module om_ssl
Host lumberjack.domain.com
Port 5001
CAFile %CERTDIR%\nxlog-ca.crt
OutputType LineBased
</Output>
Creating the CA key, and secure it as this needs to be kept secret (cd to /etc/pki/tls):
certtool --generate-privkey --bits 2048 --outfile private/nxlog-ca.key
chown logstash:logstash private/nxlog-ca.key
chmod 600 private/nxlog-ca.key
And then Self Signed CA Cert, which will need to be transferred to your clients:
certtool --generate-self-signed --load-privkey private/nxlog-ca.key --bits 2048 --template nxlog-ca-rules.cnf --outfile certs/nxlog-ca.crt
The cnf file is standard only with this option modified:
# Whether this is a CA certificate or not
ca
The logstash input method:
input {
tcp {
port => 5001
type => "nxlogs"
ssl_cacert => "/etc/pki/tls/certs/nxlog-ca.crt"
ssl_cert => "/etc/pki/tls/certs/nxlog.crt"
ssl_key => "/etc/pki/tls/private/nxlog.key"
ssl_enable => true
format => 'json'
}
}
Generate the private key:
certtool --generate-privkey --bits 2048 --outfile private/nxlog.key
chown logstash:logstash private private/nxlog.key
chmod 600 private/nxlog.key
Generate the CSR (Certificate Signing Request):
certtool --generate-request --bits 2048 --load-privkey private/nxlog.key --outfile private/nxlog.csr
Sign the Cert with the CA private key
certtool --generate-certificate --bits 2048 --load-request private/nxlog.csr --outfile certs/nxlog.crt --load-ca-certificate certs/nxlog-ca.crt --load-ca-privkey private/nxlog-ca.key --template nxlog-rules.cnf
Again the only important part over the standard inputs for the cnf file will be:
# Whether this certificate will be used to encrypt data (needed
# in TLS RSA ciphersuites). Note that it is preferred to use different
# keys for encryption and signing.
encryption_key
# Whether this certificate will be used for a TLS client
tls_www_client
I've tested this and it works well, I just need to get the filters set up now
The binary data format is nxlog specific, you should only use it if you send to nxlog.
OutputType Binary
If this doesn't help, check the logstash logs since it's the remote end (logstash) which closes the connection.
OK, I know there has been a lot of discussion regarding APNS connection failures. Most of the discussion recommends checking the outgoing server port 2195 to be sure it will allow the connection. This is not my problem, although I am experiencing the 'connection refused' error (111).
I have validated communication between my server and the sandbox server be receiving a 200 response from the Apple Gateway. I know my certificates are good because I have tested the connection using openssl from a Mac. I have also been able to connect with the gateway once from my server but cannot get a consistent connection.
The test code I am using is as follows:
$ctx = stream_context_create();
stream_context_set_option($ctx,'ssl', 'local_cert', $pem);
stream_context_set_option($ctx, 'ssl', 'passphrase', $key);
$gateway = 'gateway.sandbox.push.apple.com';
$port = '2195';
$remote_socket = 'ssl://'.$gateway.':'.$port;
$fp = stream_socket_client($remote_socket, $err, $errstr, 60,STREAM_CLIENT_CONNECT, $ctx);
if (!$fp){
echo $err.'<br>';
echo $errstr.'</br>';
echo 'error=apple failed to connect';
} else {
fclose($fp);
echo 'success';
}
I have placed the .pem file in the same directory as the script file, removed the use of the passphrase, specified verify_peer, used the STREAM_CLIENT_ASYNC_CONNECT and the STREAM_CLIENT_PERSISTENT flags without success.
Is this an issue with something that I am doing, an issue with the apns sandbox server or is this what I should expect from the apns? Any insights or help you can provide is greatly appreciated -- my hair is getting pretty thin!
Regards.
PS -- If I remove the passphrase I get a 115 error saying the key cannot be accessed.
Despite being able to connect at least once, it turns out that you cannot get access to the APNS gateway without, at least, a virtual dedicated server on GoDaddy. At a minimum of $80 per month, paid upfront, that is too expensive. On to other means.
Some other things to try :
Use STREAM_CLIENT_CONNECT|STREAM_CLIENT_PERSISTENT in the stream_socket_client call
Don't use verify_peer
Check that the owner of the PHP script has enough rights to read the pem file and connect to a port located elsewhere (ie/ not just localhost)