I'm calling the MailServer.Authenticate(string, string) method on an ImapClient and using ä (lowercase a-umlaut) as a password. This fails with the protocol log below. Using Authenticate(encoding, string, string) with UTF-8 encoding fails in the same way (I've also tried UTF-7 and iso-8859-1 without success).
S: * OK IMAPrev1
C: A00000000 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 CHILDREN IDLE QUOTA SORT ACL NAMESPACE RIGHTS=texk
S: A00000000 OK CAPABILITY completed
C: A00000001 LOGIN tester2#test.com {2}
S: + Ready for additional command text.
C: ä
S: A00000001 NO Invalid user name or password.
C: A00000002 LOGOUT
S: * BYE Have a nice day
S: A00000002 OK Logout completed
The server is hMailServer, which I'm able to contact and retrieve messages from using Thunderbird. Below is hMailServer's log for the failed attempt from my MailKit application, followed by the successful authentication at the start of a Thunderbird session. Is there any way I can authenticate with a password which contains accented charaters?
"DEBUG" 14744 "2021-02-04 09:40:59.274" "TCP connection started for session 2"
"IMAPD" 14744 2 "2021-02-04 09:40:59.275" "127.0.0.1" "SENT: * OK IMAPrev1"
"IMAPD" 21360 2 "2021-02-04 09:40:59.302" "127.0.0.1" "RECEIVED: A00000000 CAPABILITY"
"IMAPD" 21360 2 "2021-02-04 09:40:59.303" "127.0.0.1" "SENT: * CAPABILITY IMAP4 IMAP4rev1 CHILDREN IDLE QUOTA SORT ACL NAMESPACE RIGHTS=texk[nl]A00000000 OK CAPABILITY completed"
"IMAPD" 11636 2 "2021-02-04 09:40:59.324" "127.0.0.1" "RECEIVED: A00000001 LOGIN tester2#test.com ***"
"IMAPD" 11636 2 "2021-02-04 09:40:59.325" "127.0.0.1" "SENT: + Ready for additional command text."
"IMAPD" 21360 2 "2021-02-04 09:40:59.327" "127.0.0.1" "RECEIVED: ***"
"IMAPD" 21360 2 "2021-02-04 09:40:59.331" "127.0.0.1" "SENT: A00000001 NO Invalid user name or password."
"IMAPD" 11636 2 "2021-02-04 09:40:59.379" "127.0.0.1" "RECEIVED: A00000002 LOGOUT"
"IMAPD" 11636 2 "2021-02-04 09:40:59.380" "127.0.0.1" "SENT: * BYE Have a nice day[nl]A00000002 OK Logout completed"
"DEBUG" 21360 "2021-02-04 09:40:59.381" "Ending session 2"
"DEBUG" 14744 "2021-02-04 09:41:43.613" "TCP connection started for session 5"
"IMAPD" 14744 5 "2021-02-04 09:41:43.614" "127.0.0.1" "SENT: * OK IMAPrev1"
"IMAPD" 21360 5 "2021-02-04 09:41:43.616" "127.0.0.1" "RECEIVED: 1 capability"
"IMAPD" 21360 5 "2021-02-04 09:41:43.616" "127.0.0.1" "SENT: * CAPABILITY IMAP4 IMAP4rev1 CHILDREN IDLE QUOTA SORT ACL NAMESPACE RIGHTS=texk[nl]1 OK CAPABILITY completed"
"IMAPD" 11636 5 "2021-02-04 09:41:43.618" "127.0.0.1" "RECEIVED: 3 login "tester2#test.com" ***"
"IMAPD" 11636 5 "2021-02-04 09:41:43.620" "127.0.0.1" "SENT: 3 OK LOGIN completed"
"IMAPD" 11636 5 "2021-02-04 09:41:43.625" "127.0.0.1" "RECEIVED: 4 capability"
"IMAPD" 11636 5 "2021-02-04 09:41:43.626" "127.0.0.1" "SENT: * CAPABILITY IMAP4 IMAP4rev1 CHILDREN IDLE QUOTA SORT ACL NAMESPACE RIGHTS=texk[nl]4 OK CAPABILITY completed"
"IMAPD" 21360 5 "2021-02-04 09:41:43.628" "127.0.0.1" "RECEIVED: 5 select "INBOX""
"DEBUG" 21360 "2021-02-04 09:41:43.629" "Reading messages from database."
"IMAPD" 21360 5 "2021-02-04 09:41:43.630" "127.0.0.1" "SENT: * 6 EXISTS[nl]* 2 RECENT[nl]* FLAGS (\Deleted \Seen \Draft \Answered \Flagged)[nl]* OK [UIDVALIDITY 1612370073] current uidvalidity[nl]* OK [UIDNEXT 7] next uid[nl]* OK [PERMANENTFLAGS (\Deleted \Seen \Draft \Answered \Flagged)] limited[nl]5 OK [READ-WRITE] SELECT completed"
Related
We have a Grandstream UCM6204 PBX connecting to a registered SIP elastic trunk through Twilio. Our trunk originating calls drop after about 60 seconds. Twilio is blaming Grandstream but Grandstream is blaming Twilio. Each is saying the other is not properly formatting or not reading the packet correctly. Pcap log with single 200 ACK packet in question exported.
According to Twilio, the packet should have an acknowledge something like this:
ACK sip:172.18.23.153:5060 SIP/2.0
Grandstream says they (their unit) won't send it to the private IP address and should be sent to the record-route IP address where it will be forwarded to the private IP based on header info. I'm too much of a newbie here to know what's right and what's wrong so any suggestions would be great.
No. Time Source Destination Protocol Length Info
3 0.119432 96.10.11.12 54.172.60.2 SIP/SDP 1217 Status: 200 OK |
Frame 3: 1217 bytes on wire (9736 bits), 1217 bytes captured (9736 bits)
Encapsulation type: Linux cooked-mode capture (25)
Arrival Time: Dec 19, 2018 13:51:32.749232000 Eastern Standard Time
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1545245492.749232000 seconds
[Time delta from previous captured frame: 0.050481000 seconds]
[Time delta from previous displayed frame: 0.050481000 seconds]
[Time since reference or first frame: 0.119432000 seconds]
Frame Number: 3
Frame Length: 1217 bytes (9736 bits)
Capture Length: 1217 bytes (9736 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: sll:ethertype:ip:udp:sip:sdp]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Linux cooked capture
Packet type: Unicast to us (0)
Link-layer address type: 1
Link-layer address length: 6
Source: 0e:d7:c3:5c:55:24 (0e:d7:c3:5c:55:24)
Unused: 0000
Protocol: IPv4 (0x0800)
Internet Protocol Version 4, Src: 96.10.11.12, Dst: 54.172.60.2
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
0000 00.. = Differentiated Services Codepoint: Default (0)
.... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
Total Length: 1201
Identification: 0x0000 (0)
Flags: 0x4000, Don't fragment
0... .... .... .... = Reserved bit: Not set
.1.. .... .... .... = Don't fragment: Set
..0. .... .... .... = More fragments: Not set
...0 0000 0000 0000 = Fragment offset: 0
Time to live: 39
Protocol: UDP (17)
Header checksum: 0x3257 [validation disabled]
[Header checksum status: Unverified]
Source: 96.10.11.12
Destination: 54.172.60.2
User Datagram Protocol, Src Port: 5060, Dst Port: 5060
Source Port: 5060
Destination Port: 5060
Length: 1181
Checksum: 0xfa57 [unverified]
[Checksum Status: Unverified]
[Stream index: 0]
Session Initiation Protocol (200)
Status-Line: SIP/2.0 200 OK
Status-Code: 200
[Resent Packet: False]
[Request Frame: 1]
[Response Time (ms): 119]
Message Header
Via: SIP/2.0/UDP 54.172.60.2:5060;rport=5060;received=54.172.60.2;branch=z9hG4bK0d03.870e90c7.0
Transport: UDP
Sent-by Address: 54.172.60.2
Sent-by port: 5060
RPort: 5060
Received: 54.172.60.2
Branch: z9hG4bK0d03.870e90c7.0
Via: SIP/2.0/UDP 172.18.15.132:5060;rport=5060;received=172.18.15.132;branch=z9hG4bK5d21b0af-3104-4e32-96a7-7e89edd39a93_6772d868_310-9499633517006747707
Transport: UDP
Sent-by Address: 172.18.15.132
Sent-by port: 5060
RPort: 5060
Received: 172.18.15.132
Branch: z9hG4bK5d21b0af-3104-4e32-96a7-7e89edd39a93_6772d868_310-9499633517006747707
Record-Route: <sip:54.172.60.2:5060;lr;ftag=90419967_6772d868_5d21b0af-3104-4e32-96a7-7e89edd39a93>
Record-Route URI: sip:54.172.60.2:5060;lr;ftag=90419967_6772d868_5d21b0af-3104-4e32-96a7-7e89edd39a93
Record-Route Host Part: 54.172.60.2
Record-Route Host Port: 5060
Record-Route URI parameter: lr
Record-Route URI parameter: ftag=90419967_6772d868_5d21b0af-3104-4e32-96a7-7e89edd39a93
Call-ID: 937861cfda42d874af27d391663108b1#0.0.0.0
From: <sip:+12485551212#somebody.pstn.twilio.com>;tag=90419967_6772d868_5d21b0af-3104-4e32-96a7-7e89edd39a93
SIP from address: sip:+12485551212#somebody.pstn.twilio.com
SIP from address User Part: +12485551212
E.164 number (MSISDN): 12485551212
Country Code: Americas (1)
SIP from address Host Part: somebody.pstn.twilio.com
SIP from tag: 90419967_6772d868_5d21b0af-3104-4e32-96a7-7e89edd39a93
To: <sip:+12486661212#96.10.11.12>;tag=68625bc3-5cb5-4bd4-a255-ce12744a3514
SIP to address: sip:+12486661212#96.10.11.12
SIP to address User Part: +12486661212
E.164 number (MSISDN): 12486661212
Country Code: Americas (1)
SIP to address Host Part: 96.10.11.12
SIP to tag: 68625bc3-5cb5-4bd4-a255-ce12744a3514
CSeq: 28344 INVITE
Sequence Number: 28344
Method: INVITE
Server: Grandstream UCM6204V1.5A 1.0.18.12
Contact: <sip:+12485551212#192.168.4.10:5060>
Contact URI: sip:+12485551212#192.168.4.10:5060
Contact URI User Part: +12485551212
E.164 number (MSISDN): 12485551212
Country Code: Americas (1)
Contact URI Host Part: 192.168.4.10
Contact URI Host Port: 5060
Allow: OPTIONS, INFO, SUBSCRIBE, NOTIFY, PUBLISH, INVITE, ACK, BYE, CANCEL, UPDATE, PRACK, REFER, MESSAGE, REGISTER
Supported: 100rel, timer, replaces, norefersub
Content-Type: application/sdp
Content-Length: 237
Message Body
Session Description Protocol
Session Description Protocol Version (v): 0
Owner/Creator, Session Id (o): - 1796373137 1796373139 IN IP4 192.168.4.10
Owner Username: -
Session ID: 1796373137
Session Version: 1796373139
Owner Network Type: IN
Owner Address Type: IP4
Owner Address: 192.168.4.10
Session Name (s): Asterisk
Connection Information (c): IN IP4 192.168.4.10
Connection Network Type: IN
Connection Address Type: IP4
Connection Address: 192.168.4.10
Time Description, active time (t): 0 0
Session Start Time: 0
Session Stop Time: 0
Media Description, name and address (m): audio 13894 RTP/AVP 0 101
Media Type: audio
Media Port: 13894
Media Protocol: RTP/AVP
Media Format: ITU-T G.711 PCMU
Media Format: DynamicRTP-Type-101
Media Attribute (a): rtpmap:0 PCMU/8000
Media Attribute Fieldname: rtpmap
Media Format: 0
MIME Type: PCMU
Sample Rate: 8000
Media Attribute (a): rtpmap:101 telephone-event/8000
Media Attribute Fieldname: rtpmap
Media Format: 101
MIME Type: telephone-event
Sample Rate: 8000
Media Attribute (a): fmtp:101 0-16
Media Attribute Fieldname: fmtp
Media Format: 101 [telephone-event]
Media format specific parameters: 0-16
Media Attribute (a): ptime:20
Media Attribute Fieldname: ptime
Media Attribute Value: 20
Media Attribute (a): maxptime:150
Media Attribute Fieldname: maxptime
Media Attribute Value: 150
Media Attribute (a): sendrecv
I'm having some trouble to make work my app on iOS safari device, I have the following error :
init session description failed Error: Failed to set remote offer sdp: Session error code: ERROR_CONTENT. Session error description: Failed to set remote video description send parameters..
Anyone can guide me to the right direction to search ?
sdp: 'v=0
o=- 4807079491250423534 2 IN IP4 127.0.0.1
s=-
t=0 0
a=group:BUNDLE video
a=msid-semantic: WMS c6019f45-93ae-4c21-8b7d-9e86226974c7
m=video 9 UDP/TLS/RTP/SAVPF 96 98 99 97 100
c=IN IP4 0.0.0.0
a=rtcp:9 IN IP4 0.0.0.0
a=ice-ufrag:hGyK
a=ice-pwd:9awwQzT0KDyam9kMCu/ts+l6
a=ice-options:trickle
a=fingerprint:sha-256 6B:EF:72:0B:CE:FC:20:4E:2E:28:1B:F9:8C:69:9A:BA:04:ED:33:7C:5D:E5:06:C1:F9:4F:CE:1F:A2:7B:A7:59
a=setup:actpass
a=mid:video
a=extmap:2 urn:ietf:params:rtp-hdrext:toffset
a=extmap:3 http://www.webrtc.org/experiments/rtp-hdrext/abs-send-time
a=extmap:4 urn:3gpp:video-orientation
a=extmap:5 http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
a=extmap:6 http://www.webrtc.org/experiments/rtp-hdrext/playout-delay
a=sendrecv
a=rtcp-mux
a=rtcp-rsize
a=rtpmap:96 red/90000
a=rtpmap:98 ulpfec/90000
a=rtpmap:99 H264/90000
a=rtcp-fb:99 ccm fir
a=rtcp-fb:99 nack
a=rtcp-fb:99 nack pli
a=rtcp-fb:99 goog-remb
a=rtcp-fb:99 transport-cc
a=fmtp:99 level-asymmetry-allowed=1;packetization-mode=1;profile-level-id=42e01f
a=rtpmap:97 rtx/90000
a=fmtp:97 apt=96
a=rtpmap:100 rtx/90000
a=fmtp:100 apt=99
a=ssrc-group:FID 3772044424 341840637
a=ssrc:3772044424 cname:y4SFSKh8F8nuyJIO
a=ssrc:3772044424 msid:c6019f45-93ae-4c21-8b7d-9e86226974c7 8d5d3c4d-f373-4968-821a-0fa8e9a161a0
a=ssrc:3772044424 mslabel:c6019f45-93ae-4c21-8b7d-9e86226974c7
a=ssrc:3772044424 label:8d5d3c4d-f373-4968-821a-0fa8e9a161a0
a=ssrc:341840637 cname:y4SFSKh8F8nuyJIO
a=ssrc:341840637 msid:c6019f45-93ae-4c21-8b7d-9e86226974c7 8d5d3c4d-f373-4968-821a-0fa8e9a161a0
a=ssrc:341840637 mslabel:c6019f45-93ae-4c21-8b7d-9e86226974c7
a=ssrc:341840637 label:8d5d3c4d-f373-4968-821a-0fa8e9a161a0
Here the details of the sdp I receive on my server from the safari iOS browser
my code:
def ws_receive(message):
text = message.content['text']
request = json.loads(text)
cmd = request['cmd']
results = run(cmd)
print(cmd)
for result in results:
Group(GROUP_NAME).send({'text':result.decode('utf-8')})
print(result)
cmd is like ping -c 4 www.google.com;
the terminal results is:
[2017/09/24 07:24:44] WebSocket HANDSHAKING / [127.0.0.1:59285]
[2017/09/24 07:24:44] WebSocket CONNECT / [127.0.0.1:59285]
[2017/09/24 07:24:44] HTTP GET /api/hosts/?status=used 200 [0.07, 127.0.0.1:59247]
ping -c 4 www.google.com
2017-09-24 07:24:58.512885 b'PING www.google.com (74.125.23.103): 56 data bytes\n'
2017-09-24 07:24:58.513127 b'64 bytes from 74.125.23.103: icmp_seq=0 ttl=45 time=138.542 ms\n'
2017-09-24 07:24:59.517881 b'64 bytes from 74.125.23.103: icmp_seq=1 ttl=45 time=142.954 ms\n'
2017-09-24 07:25:00.522698 b'64 bytes from 74.125.23.103: icmp_seq=2 ttl=45 time=144.568 ms\n'
2017-09-24 07:25:01.562285 b'64 bytes from 74.125.23.103: icmp_seq=3 ttl=45 time=180.163 ms\n'
2017-09-24 07:25:01.562400 b'\n'
2017-09-24 07:25:01.562459 b'--- www.google.com ping statistics ---\n'
2017-09-24 07:25:01.562517 b'4 packets transmitted, 4 packets received, 0.0% packet loss\n'
2017-09-24 07:25:01.562586 b'round-trip min/avg/max/stddev = 138.542/151.557/180.163/16.662 ms\n'
but,The browser's websocket debugging information is:
so, I‘am sure the channels is execute the command until the end sent the message,but i want real-time send the message.
Try sending immediately:
Group(GROUP_NAME).send({'text':result.decode('utf-8')}, immediately=True)
The reason behind this is that you are inside the websocket consumer function. While you are inside it, the Group.send calls are not executed, but only collected and executed in batch once you leave the function. Using immediately=True overrides this behaviour.
I want send IMAP command so that I can receive IMAP response.
So a short code that easy for undertanding but save space to prevent type all code and faster for the Overflow reader:
SSL_write("a0001 login user pass")
SSL_read = "* CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN X-GM-EXT-1 UIDPLUS COMPRESS=DEFLATE ENABLE MOVE CONDSTORE ESEARCH UTF8=ACCEPT
a0001 OK mrtallpuducherry#gmail.com authenticated (Success)
OK, now everything ok, but here is where problem that is small start:
SSL_write("a0002 select inbox\r\n\r\n")
SSL_read = * BAD [CLIENTBUG] Invalid tag
* FLAGS (\Answered \Flagged \Draft \Deleted \Seen $Phishing $NotPhishing)
* OK [PERMANENTFLAGS (\Answered \Flagged \Draft \Deleted \Seen $Phishing $NotPhishing \*)] Flags permitted.
* OK [UIDVALIDITY 1] UIDs valid.
* 7958 EXISTS
* 0 RECENT
* OK [UIDNEXT 22979] Predicted next UID.
* OK [HIGHESTMODSEQ 2553479]
a0002 OK [READ-WRITE] inbox selected. (Success)
Any time after login when I send the IMAP command to get the IMAP response, always the first thing I receive is
* BAD [CLIENTBUG] Invalid tag
After it tell me BAD it then give me proper response and tell me (Success).
Is very confusing to me because I give correct tag. I use OpenSSL on linux platform.
This example with gmail server but happen on all IMAP server tested. Login is perfect and everything else start with "Invalid tag" then give me correct response.
Do you know what I do wrong and how to prevent this? Thanks you very much. My kindest regard.
The problem is here:
SSL_write("a0002 select inbox\r\n\r\n")
Only write one CRLF:
SSL_write("a0002 select inbox\r\n")
You've unintentionally sent two commands. One is the command you wanted, one was the empty command, which has no (an invalid) tag.
i just installed freeradius 1.1.7 from tarbal.
Actually i don't get any error in compile and installation process.
first,when i try to running on debug mode everything looked running well
stantiated acct_unique (acct_unique)
Module: Loaded detail
detail: detailfile = "/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename = "/usr/local/var/log/radius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: case_sensitive = yes
radutmp: check_with_nas = yes
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
Then i try to test user with following command, but i got reject packet from freeradius
radtest user 1111 127.0.0.1 1812 testing123
Sending Access-Request of id 19 to 127.0.0.1 port 1812
User-Name = "user"
User-Password = "1111"
NAS-IP-Address = 255.255.255.255
NAS-Port = 1812
rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=19, length=20
on debug mode i got message like bellow :
rad_recv: Access-Request packet from host 127.0.0.1:50886, id=90, length=56
User-Name = "user"
User-Password = "1111"
NAS-IP-Address = 255.255.255.255
NAS-Port = 1812
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
rlm_realm: No '#' in User-Name = "user", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 0
users: Matched entry DEFAULT at line 153
modcall[authorize]: module "files" returns ok for request 0
radius_xlat: 'user'
rlm_sql (sql): sql_set_user escaped user --> 'user'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = 'user' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 4
radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'user' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: MYSQL check_error: 1146 received
rlm_sql_getvpdata: database query error
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radreply WHERE Username = 'user' ORDER BY id'
radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'user' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: MYSQL check_error: 1146 received
rlm_sql_getvpdata: database query error
rlm_sql (sql): Released sql socket id: 4
modcall[authorize]: module "sql" returns ok for request 0
rlm_pap: Found existing Auth-Type, not changing it.
modcall[authorize]: module "pap" returns noop for request 0
modcall: leaving group authorize (returns ok) for request 0
rad_check_password: Found Auth-Type System
auth: type "System"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
modcall[authenticate]: module "unix" returns notfound for request 0
modcall: leaving group authenticate (returns notfound) for request 0
auth: Failed to validate the user.
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 90 to 127.0.0.1 port 50886
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 90 with timestamp 5130196a
Nothing to do. Sleeping until we see a request.
what should i do to solve this problem ?
Thanks
May be you should check your clients.conf file.
I think you didn't mention 127.0.0.1 as ipaddr in client localhost{}.