Page 1 of 1

otmonitor linked to old ssl/crypto libraries

Posted: Mon Jan 01, 2018 4:11 pm
by algol
Hi, happy new new year to all of you!

I control my Hoval boiler using an OTGW and would like to activate the alerts when by boiler goes into fault through SMS messaging. I'm connecting to the OTGW with a RaspberryPi 2 running Raspbian Stretch.

it appears that otmonitor 4.3 is calling the libssl1.0.0 and libcrypto1.0.0 and gives an error when triggering an alert. These libraries have been replaced by 1.0.2.

I have tried creating linux soft links from 1.0.0 to 1.0.2, but that also fails as the OpenSSL version also differs. I have also tried adding the older 1.0.0 libraries, but that also fails with a 302 error.

UPDATE: adding the old libraries in /usr/bin actually allows to send e-mails again. Only the SMS seems to fail with an error 302 and this seems to be linked to the provider I'm using VoipCheap. I rapidly went through t^source and didn't see anything wrong.

Does OTMonitor have a log (aside from the OTGW log)?


Anyone found a solution to this? Is there a more recent tclkit for arm that uses updated libraries?

Thanks for any help!

Arnaud

Re: otmonitor linked to old ssl/crypto libraries

Posted: Wed Jan 24, 2018 6:40 pm
by hvxl
algol wrote:Only the SMS seems to fail with an error 302 and this seems to be linked to the provider I'm using VoipCheap. I rapidly went through t^source and didn't see anything wrong.
A http 302 response is usually not an error, just a redirect. OTMonitor doesn't follow the redirect because it doesn't have the possibility to display a web page anyway. So it just reports the return code 302.

Trying to send an SMS via voipcheap without an account gives me a redirect to a page that says that my session has expired (https://www.voipcheap.com/warning.html).

To get more details of what happened with your SMS attempt, switch on the otmonitor web server (if necessary) and point your browser to http://localhost:8080/alertlog.txt (adjust the host:port part as necessary).

Re: otmonitor linked to old ssl/crypto libraries

Posted: Sat Mar 17, 2018 1:38 pm
by algol
Hello,

Still haven't figured it out. Has anyone succeeded in using VoipCheam with otmonitor?

Here is the log:
12:08:50.428: 12:08:50.427844 Generating a test message
12:08:50.428: Sending SMS via VoipCheap
12:08:50.428: username=zzzzzz
12:08:50.428: password=********
12:08:50.429: from=+nnnnnn
12:08:50.429: to=+nnnnnn
12:08:50.429: text=Opentherm gateway test message
12:08:50.430: Query:
12:08:50.430: username=zzzzzz&password=zzzzzz&from=%2Bnnnnnn&to=%2Bnnnnnn&text=Opentherm%20gateway%20test%20message
12:08:50.431: Contacting https://www.voipcheap.com/myaccount/sendsms.php
12:08:50.896: Status: ok
12:08:50.897: Code: 302
12:08:50.897: Headers:
12:08:50.897: Server: nginx
12:08:50.897: Date: Sat, 17 Mar 2018 11:08:50 GMT
12:08:50.898: Content-Type: text/html
12:08:50.898: Transfer-Encoding: chunked
12:08:50.898: Connection: close
12:08:50.898: P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
12:08:50.898: Set-Cookie: PHPSESSID=hcclbt7h4umhraqtosteleaff1; path=/; secure; HttpOnly
12:08:50.899: Expires: Thu, 19 Nov 1981 08:52:00 GMT
12:08:50.899: Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
12:08:50.899: Pragma: no-cache
12:08:50.899: Set-Cookie: 784ea045a46879011784356462319196=147; path=/; domain=.voipcheap.com; secure; httponly
12:08:50.899: Set-Cookie: 784ea045a46879011784356462319196=147; path=/; domain=.voipcheap.com; secure; httponly
12:08:50.900: Set-Cookie: 784ea045a46879011784356462319196=147; path=/; domain=.voipcheap.com; secure; httponly
12:08:50.900: Set-Cookie: language=en; expires=Mon, 25-Jun-2018 11:08:50 GMT; path=/; domain=.voipcheap.com; secure; httponly
12:08:50.900: Set-Cookie: 784ea045a46879011784356462319196=147; path=/; domain=.voipcheap.com; secure; httponly
12:08:50.900: Set-Cookie: 784ea045a46879011784356462319196=147; path=/; domain=.voipcheap.com; secure; httponly
12:08:50.900: Set-Cookie: language=en; expires=Mon, 25-Jun-2018 11:08:50 GMT; path=/; domain=.voipcheap.com; secure; httponly
12:08:50.901: Location: https://www.voipcheap.com/warning.html
12:08:50.901: Data:
12:08:50.901:
12:08:50.901: Failed: 302
I have used the exact string in the log with a browser and even with a shell wget "" with success.

Any idea ?

Cheers!

Arnaud

Re: otmonitor linked to old ssl/crypto libraries

Posted: Sat Mar 17, 2018 5:14 pm
by hvxl
Too bad you didn't show how you did your wget. Was it:
  1. wget 'https://www.voipcheap.com/myaccount/sendsms.php?username=zzzzzz&password=zzzzzz&from=%2Bnnnnnn&to=%2Bnnnnnn&text=Opentherm%20gateway%20test%20message'
  2. wget --post-data='username=zzzzzz&password=zzzzzz&from=%2Bnnnnnn&to=%2Bnnnnnn&text=Opentherm%20gateway%20test%20message' https://www.voipcheap.com/myaccount/sendsms.php
For VoipCheap, otmonitor currently does the equivalent of #2. If you tested #1, please also try #2. If that doesn't work, you will need to add "method GET" to the VoipCheap definition in alerts.tcl.

Re: otmonitor linked to old ssl/crypto libraries

Posted: Sat Sep 28, 2019 8:38 pm
by algol
Hello All

Heating season is back ans so am I :)

I have updated by Roi to buster and am now facing somme issues. I guess, OTmonitor appears to be bound with libraries that are too old.

I'm no longer able to send e-mails alerts; I'm getting the following error message:

Can't find package tls

Has anyone found a workaround?

Can OTmonitor be recompiled to bond with latest libraries!

Cheers, Arnaud

Re: otmonitor linked to old ssl/crypto libraries

Posted: Tue Oct 01, 2019 12:59 pm
by hvxl
algol wrote:I guess, OTmonitor appears to be bound with libraries that are too old.
No. The error means that the entire library for doing encrypted communication could not be found.

Which OS are you using? How are you running otmonitor?

And where did you get the executable file from? The binaries I posted on the otgw web site should all contain the tls library.

Re: otmonitor linked to old ssl/crypto libraries

Posted: Wed Oct 09, 2019 12:49 pm
by algol
I am using otmonitor on a Raspberry using Raspbian GNU/Linux 10 (buster). otmonitor is coming from the otgw site.

Arnaud

Re: otmonitor linked to old ssl/crypto libraries

Posted: Fri Oct 11, 2019 12:35 pm
by hvxl
Indeed, the published otmonitor and tclkit-ahf binaries for Linux-armhf are not the intended versions and they are missing the tls library. However, the binaries I thought I had posted have a tls library that only works on Raspbian 8 (jessie). They don't work on Raspbian 9 (stretch). I don't yet have a raspberry pi running Raspbian 10, but I'm quite certain they wouldn't work there either.

I'm hopeful that a tls library built on 9 will also work on 10. But I will have to set up a Raspbian 10 system to check. That will take a bit of time.

Re: otmonitor linked to old ssl/crypto libraries

Posted: Fri Oct 11, 2019 5:56 pm
by hvxl
I have created new otmonitor and tclkit binaries for linux-ahf and posted them on the web site. These have the tls library included and should work on both stretch and buster. Let me know if that fixes your issue with sending emails.

Re: otmonitor linked to old ssl/crypto libraries

Posted: Sun Oct 13, 2019 12:05 pm
by algol
The update fixed the problem. E-mail authentification through TLS is working again.

Thanks, Arnaud