EasyCwmp

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0000095easycwmp[All Projects] Bugpublic2015-11-13 07:492015-12-17 10:06
Reporterswcims 
Assigned Tomohamed.kallel 
PriorityurgentSeverityblockReproducibilityalways
StatusresolvedResolutionno change required 
PlatformOSOS Version
Summary0000095: This is http_digest_auth_fail_response issue on easycwmp 1.2.1
DescriptionWe use private ACS tool to test easycwmp. This ACS tool will first send connection request, then send informrpc to CPE; and then CPE will send inform to ACS.

Now on easycwmp version 1.2.1, easycwmp will show http_digest_auth_fail_response after receive ACS send connection request.

I debug the source and found two places cause this issue:
1.First,this issue is caused by " *end != '\0'".
    I can check:nc=00000001, nci=1, but I don't know why the "end" value is wrong.
    nci = strtoul(nc, &end, 16);
        if (('\0' != *end) || ((LONG_MAX == nci) && (ERANGE == errno)))
        {
            DD("Authentication failed, invalid format.");
            return MHD_NO; /* invalid nonce format */
        }

2. I comment the adjustment of "*end",and go on, but digest auth is still failed on comparing "response" and "respexp":
    return (0 == strcmp(response, respexp)) ? MHD_YES : MHD_NO;

I am not sure whether it is related to libcurl and openssl, here is the information about curl, it seems that curl is compiled with openssl:
   curl -V
   curl 7.29.0 (arm-openwrt-linux-gnu) libcurl/7.29.0 OpenSSL/1.0.1e zlib/1.2.7
   Protocols: file ftp ftps http https imap imaps pop3 pop3s rtsp smtp smtps tftp
   Features: IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP
   Any suggestion is highly appreciated! Thanks!
TagsNo tags attached.
Attached Files? file icon Unauthorized.pcapng [^] (9,244 bytes) 2015-11-19 10:58

- Relationships

-  Notes
(0000322)
mohamed.kallel (manager)
2015-11-16 17:46

This is not reproduced for us. May be the problem cause is your private ACS tool. Or may be you configured your private ACS tool with a wrong login/password of Connection Request

Could you please send traffic capture.
(0000323)
swcims (reporter)
2015-11-19 11:00
edited on: 2015-11-19 11:01

Hi Manager, thanks!
Please check the packets. The CPE's IP is 10.128.32.162, the ACS tool's IP is 10.128.32.58. You can see that ACS tool first sent connection requestion, then CPE responsed by seding "Unauthorized" packet;and then ACS tool continue to sent connection requestion, but CPE sent "FIN ACK" packet. Then the connection was failed.

(0000324)
mohamed.kallel (manager)
2015-11-19 12:09
edited on: 2015-11-19 12:09

I have a doubt that your cnonce in the http get (from your ACS tool) is not good.

Could you please make Connection Request with your web browser to your equipment and check if the digest works. Just in your browser type:

http://<equipment_ip_address>:7547 [^]

and then enter the right username/passworf of the Connection request.

The username/password of the connection request are saved in the config under:
easycwmp.@local[0].username
easycwmp.@local[0].password

(0000325)
swcims (reporter)
2015-11-25 08:25

Hi manager, from equipment's wan side, I typed this hyperlink in browser, but could not open this GUI at all. Then I flushed iptables and typed the link, browser displayed blank page,there was no any content. Would you please provide advice? Thanks!
(0000326)
mohamed.kallel (manager)
2015-11-25 09:21
edited on: 2015-11-25 09:22

You should not get any GUI. your browser send Connection request and the equipment accepts the request by sending http 1.1 200 OK without content.

So after you make the Connection request from your web browser you should see easycwmpd starting tr-069 session

what's your login/password of connection request? could you send your easycwmpd config.
What's the config of your ACS tool? could you send it? what is the login/passsword that your ACS tool use in the Connection Request?

(0000335)
swcims (reporter)
2015-12-02 11:34

Hi Manager, please help check, thanks!

Here is the easycwmpd config

config local
        option interface 'eth0'
        option port '7547'
        option ubus_socket '/var/run/ubus.sock'
        option date_format '%FT%T%z'
        option username 'root'
        option password 'admin'
        option logging_level '3'

config acs
        option url 'http://10.128.32.58:9999' [^]
        option username 'admin'
        option password 'admin'
        option periodic_enable '1'
        option periodic_interval '100'
        option periodic_time '0001-01-01T00:00:00Z'

config device
        option manufacturer 'Test-device'
        option oui 'FFFFFF'
        option product_class 'easycwmp'
        option serial_number 'ABC123456'
        option hardware_version 'hw_ver-1.0'
        option software_version 'sw_ver-2.0'

Here is the config of acs tool:
disableAuth=false
xmlValidation=true
license=51745e0a18351d48456666e1e015b49554e515b5a4b797a6b7a636477
needConnRequest=true
cwmpComplianceSOAPArray=false
cwmpOldStyleCookie=true

# The host name or IP address of the ACS server.
acsHost=10.128.32.58

# The port number the ACS server is listening on.
acsPort=9999

# The port number the HTTP file server is listening on.
fileServerPort=9797

# The uri of the ACS server.
uri=/acs

cpeUsername=admin

cpePassword=admin

cpeHost=10.128.32.101

cpePort=7547

# username for the connection request.
connectionReqUsername=root

# passwd for the connection request.
connectionReqPassword=admin

#the time delay of CPE messages.
socketTimeout=60
(0000336)
mohamed.kallel (manager)
2015-12-02 13:11

Your configs look good. Since the connection request works with your web browser then it s a quite difficult to find out the cause without your acts tool.
Could u please provide us your acts tool or a remote access to reproduce the issue?

- Issue History
Date Modified Username Field Change
2015-11-13 07:49 swcims New Issue
2015-11-16 17:46 mohamed.kallel Note Added: 0000322
2015-11-19 10:58 swcims File Added: Unauthorized.pcapng
2015-11-19 11:00 swcims Note Added: 0000323
2015-11-19 11:01 swcims Note Edited: 0000323 View Revisions
2015-11-19 12:09 mohamed.kallel Note Added: 0000324
2015-11-19 12:09 mohamed.kallel Note Edited: 0000324 View Revisions
2015-11-25 08:25 swcims Note Added: 0000325
2015-11-25 09:21 mohamed.kallel Note Added: 0000326
2015-11-25 09:22 mohamed.kallel Note Edited: 0000326 View Revisions
2015-12-02 11:34 swcims Note Added: 0000335
2015-12-02 13:11 mohamed.kallel Note Added: 0000336
2015-12-17 10:06 mohamed.kallel Status new => resolved
2015-12-17 10:06 mohamed.kallel Resolution open => no change required
2015-12-17 10:06 mohamed.kallel Assigned To => mohamed.kallel


Copyright © 2000 - 2017 MantisBT Team
Powered by Mantis Bugtracker