otmonitor linked to old ssl/crypto libraries

This Forum is about the Opentherm gateway (OTG) from Schelte

Moderator: hvxl

otmonitor linked to old ssl/crypto libraries

Postby algol » Mon Jan 01, 2018 3:11 pm

Hi, happy new new year to all of you!

I control my Hoval boiler using an OTGW and would like to activate the alerts when by boiler goes into fault through SMS messaging. I'm connecting to the OTGW with a RaspberryPi 2 running Raspbian Stretch.

it appears that otmonitor 4.3 is calling the libssl1.0.0 and libcrypto1.0.0 and gives an error when triggering an alert. These libraries have been replaced by 1.0.2.

I have tried creating linux soft links from 1.0.0 to 1.0.2, but that also fails as the OpenSSL version also differs. I have also tried adding the older 1.0.0 libraries, but that also fails with a 302 error.

UPDATE: adding the old libraries in /usr/bin actually allows to send e-mails again. Only the SMS seems to fail with an error 302 and this seems to be linked to the provider I'm using VoipCheap. I rapidly went through t^source and didn't see anything wrong.

Does OTMonitor have a log (aside from the OTGW log)?


Anyone found a solution to this? Is there a more recent tclkit for arm that uses updated libraries?

Thanks for any help!

Arnaud
algol
Starting Member
Starting Member
 
Posts: 10
Joined: July 2013

Re: otmonitor linked to old ssl/crypto libraries

Postby hvxl » Wed Jan 24, 2018 5:40 pm

algol wrote:Only the SMS seems to fail with an error 302 and this seems to be linked to the provider I'm using VoipCheap. I rapidly went through t^source and didn't see anything wrong.

A http 302 response is usually not an error, just a redirect. OTMonitor doesn't follow the redirect because it doesn't have the possibility to display a web page anyway. So it just reports the return code 302.

Trying to send an SMS via voipcheap without an account gives me a redirect to a page that says that my session has expired (https://www.voipcheap.com/warning.html).

To get more details of what happened with your SMS attempt, switch on the otmonitor web server (if necessary) and point your browser to http://localhost:8080/alertlog.txt (adjust the host:port part as necessary).
Schelte
hvxl
Senior Member
Senior Member
 
Posts: 1212
Joined: June 2010

Re: otmonitor linked to old ssl/crypto libraries

Postby algol » Sat Mar 17, 2018 12:38 pm

Hello,

Still haven't figured it out. Has anyone succeeded in using VoipCheam with otmonitor?

Here is the log:

12:08:50.428: 12:08:50.427844 Generating a test message
12:08:50.428: Sending SMS via VoipCheap
12:08:50.428: username=zzzzzz
12:08:50.428: password=********
12:08:50.429: from=+nnnnnn
12:08:50.429: to=+nnnnnn
12:08:50.429: text=Opentherm gateway test message
12:08:50.430: Query:
12:08:50.430: username=zzzzzz&password=zzzzzz&from=%2Bnnnnnn&to=%2Bnnnnnn&text=Opentherm%20gateway%20test%20message
12:08:50.431: Contacting https://www.voipcheap.com/myaccount/sendsms.php
12:08:50.896: Status: ok
12:08:50.897: Code: 302
12:08:50.897: Headers:
12:08:50.897: Server: nginx
12:08:50.897: Date: Sat, 17 Mar 2018 11:08:50 GMT
12:08:50.898: Content-Type: text/html
12:08:50.898: Transfer-Encoding: chunked
12:08:50.898: Connection: close
12:08:50.898: P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
12:08:50.898: Set-Cookie: PHPSESSID=hcclbt7h4umhraqtosteleaff1; path=/; secure; HttpOnly
12:08:50.899: Expires: Thu, 19 Nov 1981 08:52:00 GMT
12:08:50.899: Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
12:08:50.899: Pragma: no-cache
12:08:50.899: Set-Cookie: 784ea045a46879011784356462319196=147; path=/; domain=.voipcheap.com; secure; httponly
12:08:50.899: Set-Cookie: 784ea045a46879011784356462319196=147; path=/; domain=.voipcheap.com; secure; httponly
12:08:50.900: Set-Cookie: 784ea045a46879011784356462319196=147; path=/; domain=.voipcheap.com; secure; httponly
12:08:50.900: Set-Cookie: language=en; expires=Mon, 25-Jun-2018 11:08:50 GMT; path=/; domain=.voipcheap.com; secure; httponly
12:08:50.900: Set-Cookie: 784ea045a46879011784356462319196=147; path=/; domain=.voipcheap.com; secure; httponly
12:08:50.900: Set-Cookie: 784ea045a46879011784356462319196=147; path=/; domain=.voipcheap.com; secure; httponly
12:08:50.900: Set-Cookie: language=en; expires=Mon, 25-Jun-2018 11:08:50 GMT; path=/; domain=.voipcheap.com; secure; httponly
12:08:50.901: Location: https://www.voipcheap.com/warning.html
12:08:50.901: Data:
12:08:50.901:
12:08:50.901: Failed: 302


I have used the exact string in the log with a browser and even with a shell wget "" with success.

Any idea ?

Cheers!

Arnaud
algol
Starting Member
Starting Member
 
Posts: 10
Joined: July 2013

Re: otmonitor linked to old ssl/crypto libraries

Postby hvxl » Sat Mar 17, 2018 4:14 pm

Too bad you didn't show how you did your wget. Was it:
  1. wget 'https://www.voipcheap.com/myaccount/sendsms.php?username=zzzzzz&password=zzzzzz&from=%2Bnnnnnn&to=%2Bnnnnnn&text=Opentherm%20gateway%20test%20message'
  2. wget --post-data='username=zzzzzz&password=zzzzzz&from=%2Bnnnnnn&to=%2Bnnnnnn&text=Opentherm%20gateway%20test%20message' https://www.voipcheap.com/myaccount/sendsms.php
For VoipCheap, otmonitor currently does the equivalent of #2. If you tested #1, please also try #2. If that doesn't work, you will need to add "method GET" to the VoipCheap definition in alerts.tcl.
Schelte
hvxl
Senior Member
Senior Member
 
Posts: 1212
Joined: June 2010

Re: otmonitor linked to old ssl/crypto libraries

Postby algol » Sat Sep 28, 2019 7:38 pm

Hello All

Heating season is back ans so am I :)

I have updated by Roi to buster and am now facing somme issues. I guess, OTmonitor appears to be bound with libraries that are too old.

I'm no longer able to send e-mails alerts; I'm getting the following error message:

Can't find package tls

Has anyone found a workaround?

Can OTmonitor be recompiled to bond with latest libraries!

Cheers, Arnaud
algol
Starting Member
Starting Member
 
Posts: 10
Joined: July 2013

Re: otmonitor linked to old ssl/crypto libraries

Postby hvxl » Tue Oct 01, 2019 11:59 am

algol wrote:I guess, OTmonitor appears to be bound with libraries that are too old.

No. The error means that the entire library for doing encrypted communication could not be found.

Which OS are you using? How are you running otmonitor?

And where did you get the executable file from? The binaries I posted on the otgw web site should all contain the tls library.
Schelte
hvxl
Senior Member
Senior Member
 
Posts: 1212
Joined: June 2010

Re: otmonitor linked to old ssl/crypto libraries

Postby algol » Wed Oct 09, 2019 11:49 am

I am using otmonitor on a Raspberry using Raspbian GNU/Linux 10 (buster). otmonitor is coming from the otgw site.

Arnaud
algol
Starting Member
Starting Member
 
Posts: 10
Joined: July 2013

Re: otmonitor linked to old ssl/crypto libraries

Postby hvxl » Fri Oct 11, 2019 11:35 am

Indeed, the published otmonitor and tclkit-ahf binaries for Linux-armhf are not the intended versions and they are missing the tls library. However, the binaries I thought I had posted have a tls library that only works on Raspbian 8 (jessie). They don't work on Raspbian 9 (stretch). I don't yet have a raspberry pi running Raspbian 10, but I'm quite certain they wouldn't work there either.

I'm hopeful that a tls library built on 9 will also work on 10. But I will have to set up a Raspbian 10 system to check. That will take a bit of time.
Schelte
hvxl
Senior Member
Senior Member
 
Posts: 1212
Joined: June 2010

Re: otmonitor linked to old ssl/crypto libraries

Postby hvxl » Fri Oct 11, 2019 4:56 pm

I have created new otmonitor and tclkit binaries for linux-ahf and posted them on the web site. These have the tls library included and should work on both stretch and buster. Let me know if that fixes your issue with sending emails.
Schelte
hvxl
Senior Member
Senior Member
 
Posts: 1212
Joined: June 2010

Re: otmonitor linked to old ssl/crypto libraries

Postby algol » Sun Oct 13, 2019 11:05 am

The update fixed the problem. E-mail authentification through TLS is working again.

Thanks, Arnaud
algol
Starting Member
Starting Member
 
Posts: 10
Joined: July 2013


Return to Opentherm Gateway Forum

Who is online

Users browsing this forum: No registered users and 1 guest