Re: [dev] [Bug] [cloud] [client] aircon_controlee fails to connect to OCF servers with TLS

Wed, 15 Nov 2017 18:29:34 -0800

Hi!

 

I forgot two more steps which I did before starting the OCF servers - 

1. Place "CLOUD_CERT_FILE(iotivitycloud.crt)", "CLOUD_KEY_FILE(iotivitycloud.key)" and ROOT_CERT_FILE(rootca.crt) files in the "target" folder for all cloud servers (resouceDirectory, account, messagequeue, interface).

2. Run Kafka with the server.properties file in `cloud/messageQueue` folder.

 

@mkou...@iti.gr - Using the build command you mentioned still results in the exact same situation with same logs from aircon_controlee.

 

The strangest things is that the client seems to successfully reads the root ca certificate and add it to persistant storage (via a call to the function `SRPSaveTrustCertChain()` in `OIC_SRPAPI`).
Later when connecting to the servers however, the client's mbedTLS complaints that it does not have any root CA configured (`"got no CA chain"`).

 

Thanks and Regards,
Akhil Kedia

 

--------- Original Message ---------

Sender : Maria Koutli <mkou...@iti.gr>

Date : 2017-11-15 22:18 (GMT+9)

Title : Re: [dev] [Bug] [cloud] [client] aircon_controlee fails to connect to OCF servers with TLS

 

Hello,

Did you also place "CLOUD_CERT_FILE(iotivitycloud.crt)", "CLOUD_KEY_FILE(iotivitycloud.key)" and ROOT_CERT_FILE(rootca.crt) files in the "target" folder as it is described here https://github.com/iotivity/iotivity/tree/master/cloud/interface? I haven't tried it, but this step seems to be missing from procedure.

Also concerning scons I use this command to build the client

scons cloud/samples WITH_TCP=yes TARGET_TRANSPORT=IP WITH_CLOUD=yes WITH_MQ=PUB,SUB SECURED=1 or 0

Best Regards,

Maria

 

On 15-Nov-17 2:33 PM, Akhil Kedia wrote:

I have a bug report for Iotivity - should I ask for help here? Or perhaps post this on the JIRA?

 

# Possible Bug in Iotivity Cloud Client

 

## The problem

Iotivity cloud sample client `aircon_controlee` fails to connect to the OCF servers in TLS mode. Client aborts with a core dump.

Following the steps roughly from here - https://wiki.iotivity.org/iotivity_cloud_-_programming_guide

 

 

## System information -

 

* OS - Ubuntu 16.04 LTS 64bit

* GCC Version - (Ubuntu 5.4.0-6ubuntu1~16.04.5) 5.4.0 20160609

* git remote - https://gerrit.iotivity.org/gerrit/p/iotivity.git

* git branch - 1.3-rel

* git commit md5 - 630bb71 Prepare for scons3: change prints and more

* Mongodb is installed and running with default settings.

* Zookeeper service is running with default settings.

 

## Steps to reproduce -

 

### Step 1. Build the servers

 

```bash

cd cloud/

cd ./stack/

mvn install -Dmaven.test.skip=true

cd ../resourcedirectory/

mvn install -Dmaven.test.skip=true

cd ../account/

mvn install -Dmaven.test.skip=true

cd ../messagequeue/

mvn install -Dmaven.test.skip=true

cd ../interface/

mvn install -Dmaven.test.skip=true

```

 

### Step 2. Start background servers

 

1. Mongodb is installed and running on all defaults.

1. Zookeeper is installed and running on all defaults.

1. Kafka is running with the `server.properties` file in `cloud/messagequeue/`

 

### Step 3. Start all the cloud servers

 

```bash

cd ./resourcedirectory

java -jar ./target/CloudResourceDirectory-0.0.1-SNAPSHOT.jar 5684 127.0.0.1 27017 1

cd ../

cd ./account

java -jar  -Xms2G -Xmx2G  ./target/CloudAccount-0.0.1-SNAPSHOT.jar 5685 127.0.0.1 27017 1

cd ../

cd ./messagequeue

java -jar ./target/CloudMessageQueue-0.0.1-SNAPSHOT.jar 5686 127.0.1 2181 127.0.0.1 9092 1

cd ../

cd ./interface

sudo java -Xms2G -Xmx2G -jar ./target/CloudInterface-0.0.1-SNAPSHOT.jar 5683 127.0.0.1 5684 127.0.0.1 5685 127.0.0.1 5686 80 8000 1

cd ../

```

 

### Step 4 Build the client

 

Build client with this

 

```bash

scons --config=force WITH_TCP=yes RELEASE=yes TARGET_TRANSPORT=IP WITH_CLOUD=yes WITH_SAMPLES=YES WITH_MQ=PUB,SUB SECURED=1 LOGGING=true LOG_LEVEL=DEBUG

```

 

(building this instead of `scons cloud` as `scons cloud` does not seem to build the `aircon_controlee` binary. )

 

### Step 5 Run the client

 

```bash

cd out/linux/x86_64/release/cloud/samples/client/

./aircon_controlee 127.0.0.1:5683 github <github oauth token>`

```

 

## Expected Output

 

Client connects to the OCF servers.

 

## Actual Output

 

Client fails to connect to the servers and is aborted (core dumped).

 

Logs show the TLS handshake failed, with client's mbedTLS reporting an error `"got no CA chain"` (See the attached "aircon_controlee.log").

 

Interface server's logs show the client connects, and instantly disconnects.

All other servers'  logs show no activity. All logs are attached.

 

_______________________________________________

iotivity-dev mailing list

 

iotivity-dev@lists.iotivity.org

 

https://lists.iotivity.org/mailman/listinfo/iotivity-dev

 

 

_______________________________________________

iotivity-dev mailing list

iotivity-dev@lists.iotivity.org

https://lists.iotivity.org/mailman/listinfo/iotivity-dev

 

_______________________________________________
iotivity-dev mailing list
iotivity-dev@lists.iotivity.org
https://lists.iotivity.org/mailman/listinfo/iotivity-dev

Reply via email to