Centos/ Sssd & Ldap TLS Encryption and Different Problems - centos7
I have 389 directory ldap server. I have debian and redhat based servers on my infrastructure.
I have no problems with Ubuntu versions 14-16 and Centos 6 servers. But I am having problems with sssd and ldap services in Centos 7.x versions.
all my changes are listed below step by step. I can not find what is missing or wrong. I'm going crazy.
Dear community, I need your help. I know it was too long.
[root#ldap-test-client]$ cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core)
[root#ldap-test-client]$ uname -a
Linux ldap-test-client 3.10.0-862.el7.x86_64 #1 SMP Fri Apr 20 16:44:24 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
package information;
[root#ldap-test-client]$ yum list installed |grep sssd
Failed to set locale, defaulting to C
python-sssdconfig.noarch 1.16.0-19.el7_5.5 #updates
sssd.x86_64 1.16.0-19.el7_5.5 #updates
sssd-ad.x86_64 1.16.0-19.el7_5.5 #updates
sssd-client.x86_64 1.16.0-19.el7_5.5 #updates
sssd-common.x86_64 1.16.0-19.el7_5.5 #updates
sssd-common-pac.x86_64 1.16.0-19.el7_5.5 #updates
sssd-ipa.x86_64 1.16.0-19.el7_5.5 #updates
sssd-krb5.x86_64 1.16.0-19.el7_5.5 #updates
sssd-krb5-common.x86_64 1.16.0-19.el7_5.5 #updates
sssd-ldap.x86_64 1.16.0-19.el7_5.5 #updates
sssd-proxy.x86_64 1.16.0-19.el7_5.5 #updates
[root#ldap-test-client]$ ps aux |grep sssd
root 697 0.0 0.5 282124 6036 ? Ss 11:09 0:00 /usr/sbin/sssd -i --logger=files
root 709 0.0 0.9 306216 9636 ? S 11:09 0:00 /usr/libexec/sssd/sssd_be --domain LDAP --uid 0 --gid 0 --logger=files
root 715 0.0 2.9 289932 29996 ? S 11:09 0:00 /usr/libexec/sssd/sssd_nss --uid 0 --gid 0 --logger=files
root 716 0.0 0.5 269592 5520 ? S 11:09 0:00 /usr/libexec/sssd/sssd_pam --uid 0 --gid 0 --logger=files
testuser+ 1391 0.0 0.0 112676 728 pts/0 R+ 11:17 0:00 grep --color=auto sssd
sssd and ldap configs,
[root#ldap-test-client]$ pwd
/etc/sssd
[root#ldap-test-client]$ ll
total 8
drwx--x--x. 2 sssd sssd 23 Aug 6 11:19 conf.d
-rw------- 1 root root 933 Aug 6 11:31 sssd.conf
[root#ldap-test-client]$ cat sssd.conf
[domain/LDAP]
autofs_provider = ldap
cache_credentials = true
ldap_search_base = dc=domain,dc=com
ldap_user_search_base = ou=People,dc=domain,dc=com
ldap_group_search_base = ou=groups,dc=domain,dc=com
ldap_sudo_search_base = ou=sudoers,dc=domain,dc=com
id_provider = ldap
auth_provider = ldap
chpass_provider = ldap
ldap_uri = ldap://ldapserver.domain.com:389
ldap_id_use_start_tls = true
#ldap_tls_cacertdir = /etc/openldap/cacerts
#ldap_schema = rfc2307bis
#ldap_auth_disable_tls_never_use_in_production = true
#use_fully_qualified_names = True
#enumeration = False
debug_level = 9
[sssd]
config_file_version = 2
reconnection_retries = 3
sbus_timeout = 30
services = nss, pam
domains = ldap
[nss]
filter_groups = root
filter_users = root
reconnection_retries = 3
#entry_cache_timeout = 300
entry_cache_nowait_percentage = 75
[pam]
reconnection_retries = 3
offline_credentials_expiration = 2
offline_failed_login_attempts = 3
offline_failed_login_delay = 5
[autofs]
[root#ldap-test-client]$ cat /etc/openldap/ldap.conf /etc/ldap.conf /etc/ssh/ldap.conf
#TLS_CACERTDIR /etc/openldap/cacerts
#TLS_CACERTDIR /etc/openldap/certs
TLS_REQCERT never
TLS never
URI ldap://ldapserver.domain.com:389
BASE ou=People,dc=domain,dc=com
ssh and nsswitch configs,
[root#ldap-test-client]$ pwd
/etc/ssh
[root#ldap-test-client]$ cat sshd_config-edit
Port 22
Protocol 2
SyslogFacility AUTHPRIV
LogLevel INFO
LoginGraceTime 15
PermitRootLogin no
MaxAuthTries 6
HostbasedAuthentication no
IgnoreRhosts yes
PermitEmptyPasswords no
PasswordAuthentication yes
ChallengeResponseAuthentication no
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes
UsePAM yes
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
AcceptEnv XMODIFIERS
Ciphers aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512,hmac-sha2-256
X11Forwarding no
PermitUserEnvironment no
ClientAliveInterval 1800
ClientAliveCountMax 1
Subsystem sftp /usr/libexec/openssh/sftp-server
[root#ldap-test-client]$ cat ssh_config
Host *
GSSAPIAuthentication yes
SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE
SendEnv XMODIFIERS
[root#ldap-test-client]$ cat /etc/nsswitch.conf
passwd: files sss
shadow: files sss
group: files sss
hosts: files dns
bootparams: nisplus [NOTFOUND=return] files
ethers: files sss
netmasks: files sss
networks: files sss
protocols: files sss
rpc: files sss
services: files sss
netgroup: files sss
publickey: nisplus
automount: files sss
aliases: files nisplus
sudoers: files sss
sudoers: files sss
[root#ldap-test-client]$ telnet ldapserver.domain.com 389
Trying 192.168.0.165...
Connected to 192.168.0.165.
Escape character is '^]'.
pam.d system-auth and password-auth configs
[root#ldap-test-client]$ pwd
/etc/pam.d
[root#ldap-test-client]$ cat system-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth required pam_faildelay.so delay=2000000
auth sufficient pam_fprintd.so
auth [default=1 ignore=ignore success=ok] pam_succeed_if.so uid >= 1000 quiet
auth [default=1 ignore=ignore success=ok] pam_localuser.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 1000 quiet_success
auth sufficient pam_sss.so forward_pass
auth required pam_deny.so
account required pam_unix.so
account sufficient pam_localuser.so
account sufficient pam_succeed_if.so uid < 1000 quiet
account [default=bad success=ok user_unknown=ignore] pam_sss.so
account required pam_permit.so
password requisite pam_pwquality.so try_first_pass retry=3 type=
password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok
password sufficient pam_sss.so use_authtok
password required pam_deny.so
session optional pam_keyinit.so revoke
session required pam_limits.so
-session optional pam_systemd.so
session optional pam_mkhomedir.so umask=0077
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.so
session optional pam_sss.so
[root#ldap-test-client]$ cat password-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth required pam_faildelay.so delay=2000000
auth [default=1 ignore=ignore success=ok] pam_succeed_if.so uid >= 1000 quiet
auth [default=1 ignore=ignore success=ok] pam_localuser.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 1000 quiet_success
auth sufficient pam_sss.so forward_pass
auth required pam_deny.so
account required pam_unix.so
account sufficient pam_localuser.so
account sufficient pam_succeed_if.so uid < 1000 quiet
account [default=bad success=ok user_unknown=ignore] pam_sss.so
account required pam_permit.so
password requisite pam_pwquality.so try_first_pass retry=3 type=
password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok
password sufficient pam_sss.so use_authtok
password required pam_deny.so
session optional pam_keyinit.so revoke
session required pam_limits.so
-session optional pam_systemd.so
session optional pam_mkhomedir.so umask=0077
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.so
session optional pam_sss.so
sssd and audit service logs
[root#ldap-test-client]$ tail -f /var/log/sssd/*
==> /var/log/sssd/ldap_child.log <==
==> /var/log/sssd/sssd_LDAP.log <==
(Mon Aug 6 15:34:41 2018) [sssd[be[LDAP]]] [sbus_get_sender_id_send] (0x2000): Not a sysbus message, quit
(Mon Aug 6 15:34:41 2018) [sssd[be[LDAP]]] [dp_get_account_info_handler] (0x0200): Got request for [0x1][BE_REQ_USER][name=testuser#ldap]
(Mon Aug 6 15:34:41 2018) [sssd[be[LDAP]]] [dp_attach_req] (0x0400): DP Request [Account #2]: New request. Flags [0x0001].
(Mon Aug 6 15:34:41 2018) [sssd[be[LDAP]]] [dp_attach_req] (0x0400): Number of active DP request: 1
(Mon Aug 6 15:34:41 2018) [sssd[be[LDAP]]] [sss_domain_get_state] (0x1000): Domain LDAP is Active
(Mon Aug 6 15:34:41 2018) [sssd[be[LDAP]]] [_dp_req_recv] (0x0400): DP Request [Account #2]: Receiving request data.
(Mon Aug 6 15:34:41 2018) [sssd[be[LDAP]]] [dp_req_reply_gen_error] (0x0080): DP Request [Account #2]: Finished. Backend is currently offline.
(Mon Aug 6 15:34:41 2018) [sssd[be[LDAP]]] [dp_table_value_destructor] (0x0400): Removing [0:1:0x0001:1::LDAP:name=testuser#ldap] from reply table
(Mon Aug 6 15:34:41 2018) [sssd[be[LDAP]]] [dp_req_destructor] (0x0400): DP Request [Account #2]: Request removed.
(Mon Aug 6 15:34:41 2018) [sssd[be[LDAP]]] [dp_req_destructor] (0x0400): Number of active DP request: 0
==> /var/log/sssd/sssd.log <==
==> /var/log/sssd/sssd_nss.log <==
(Mon Aug 6 15:34:41 2018) [sssd[nss]] [sss_dp_get_reply] (0x0010): The Data Provider returned an error [org.freedesktop.sssd.Error.DataProvider.Offline]
==> /var/log/sssd/sssd_pam.log <==
==> /var/log/sssd/sssd_LDAP.log <==
(Mon Aug 6 15:34:48 2018) [sssd[be[LDAP]]] [sbus_dispatch] (0x4000): dbus conn: 0x56174ff78030
(Mon Aug 6 15:34:48 2018) [sssd[be[LDAP]]] [sbus_dispatch] (0x4000): Dispatching.
(Mon Aug 6 15:34:48 2018) [sssd[be[LDAP]]] [sbus_message_handler] (0x2000): Received SBUS method org.freedesktop.sssd.dataprovider.getAccountInfo on path /org/freedesktop/sssd/dataprovider
(Mon Aug 6 15:34:48 2018) [sssd[be[LDAP]]] [sbus_get_sender_id_send] (0x2000): Not a sysbus message, quit
(Mon Aug 6 15:34:48 2018) [sssd[be[LDAP]]] [dp_get_account_info_handler] (0x0200): Got request for [0x1][BE_REQ_USER][name=testuser#ldap]
(Mon Aug 6 15:34:48 2018) [sssd[be[LDAP]]] [dp_attach_req] (0x0400): DP Request [Account #3]: New request. Flags [0x0001].
(Mon Aug 6 15:34:48 2018) [sssd[be[LDAP]]] [dp_attach_req] (0x0400): Number of active DP request: 1
(Mon Aug 6 15:34:48 2018) [sssd[be[LDAP]]] [sss_domain_get_state] (0x1000): Domain LDAP is Active
(Mon Aug 6 15:34:48 2018) [sssd[be[LDAP]]] [_dp_req_recv] (0x0400): DP Request [Account #3]: Receiving request data.
(Mon Aug 6 15:34:48 2018) [sssd[be[LDAP]]] [dp_req_reply_gen_error] (0x0080): DP Request [Account #3]: Finished. Backend is currently offline.
(Mon Aug 6 15:34:48 2018) [sssd[be[LDAP]]] [dp_table_value_destructor] (0x0400): Removing [0:1:0x0001:1::LDAP:name=testuser#ldap] from reply table
(Mon Aug 6 15:34:48 2018) [sssd[be[LDAP]]] [dp_req_destructor] (0x0400): DP Request [Account #3]: Request removed.
(Mon Aug 6 15:34:48 2018) [sssd[be[LDAP]]] [dp_req_destructor] (0x0400): Number of active DP request: 0
==> /var/log/sssd/sssd_nss.log <==
(Mon Aug 6 15:34:48 2018) [sssd[nss]] [sss_dp_get_reply] (0x0010): The Data Provider returned an error [org.freedesktop.sssd.Error.DataProvider.Offline]
==> /var/log/sssd/sssd_LDAP.log <==
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [sbus_dispatch] (0x4000): dbus conn: 0x56174ff78030
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [sbus_dispatch] (0x4000): Dispatching.
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [sbus_message_handler] (0x2000): Received SBUS method org.freedesktop.sssd.dataprovider.getAccountInfo on path /org/freedesktop/sssd/dataprovider
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [sbus_get_sender_id_send] (0x2000): Not a sysbus message, quit
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_get_account_info_handler] (0x0200): Got request for [0x1][BE_REQ_USER][name=testuser#ldap]
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_attach_req] (0x0400): DP Request [Account #4]: New request. Flags [0x0001].
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_attach_req] (0x0400): Number of active DP request: 1
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [sss_domain_get_state] (0x1000): Domain LDAP is Active
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [_dp_req_recv] (0x0400): DP Request [Account #4]: Receiving request data.
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_req_reply_gen_error] (0x0080): DP Request [Account #4]: Finished. Backend is currently offline.
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_table_value_destructor] (0x0400): Removing [0:1:0x0001:1::LDAP:name=testuser#ldap] from reply table
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_req_destructor] (0x0400): DP Request [Account #4]: Request removed.
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_req_destructor] (0x0400): Number of active DP request: 0
==> /var/log/sssd/sssd_nss.log <==
(Mon Aug 6 15:34:49 2018) [sssd[nss]] [sss_dp_get_reply] (0x0010): The Data Provider returned an error [org.freedesktop.sssd.Error.DataProvider.Offline]
==> /var/log/sssd/sssd_LDAP.log <==
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [sbus_dispatch] (0x4000): dbus conn: 0x56174ff78030
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [sbus_dispatch] (0x4000): Dispatching.
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [sbus_message_handler] (0x2000): Received SBUS method org.freedesktop.sssd.dataprovider.getAccountInfo on path /org/freedesktop/sssd/dataprovider
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [sbus_get_sender_id_send] (0x2000): Not a sysbus message, quit
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_get_account_info_handler] (0x0200): Got request for [0x1][BE_REQ_USER][name=testuser#ldap]
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_attach_req] (0x0400): DP Request [Account #5]: New request. Flags [0x0001].
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_attach_req] (0x0400): Number of active DP request: 1
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [sss_domain_get_state] (0x1000): Domain LDAP is Active
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [_dp_req_recv] (0x0400): DP Request [Account #5]: Receiving request data.
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_req_reply_gen_error] (0x0080): DP Request [Account #5]: Finished. Backend is currently offline.
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_table_value_destructor] (0x0400): Removing [0:1:0x0001:1::LDAP:name=testuser#ldap] from reply table
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_req_destructor] (0x0400): DP Request [Account #5]: Request removed.
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_req_destructor] (0x0400): Number of active DP request: 0
==> /var/log/sssd/sssd_nss.log <==
(Mon Aug 6 15:34:49 2018) [sssd[nss]] [sss_dp_get_reply] (0x0010): The Data Provider returned an error [org.freedesktop.sssd.Error.DataProvider.Offline]
==> /var/log/sssd/sssd_LDAP.log <==
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [sbus_dispatch] (0x4000): dbus conn: 0x56174ff78030
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [sbus_dispatch] (0x4000): Dispatching.
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [sbus_message_handler] (0x2000): Received SBUS method org.freedesktop.sssd.dataprovider.getAccountInfo on path /org/freedesktop/sssd/dataprovider
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [sbus_get_sender_id_send] (0x2000): Not a sysbus message, quit
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_get_account_info_handler] (0x0200): Got request for [0x1][BE_REQ_USER][name=testuser#ldap]
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_attach_req] (0x0400): DP Request [Account #6]: New request. Flags [0x0001].
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_attach_req] (0x0400): Number of active DP request: 1
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [sss_domain_get_state] (0x1000): Domain LDAP is Active
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [_dp_req_recv] (0x0400): DP Request [Account #6]: Receiving request data.
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_req_reply_gen_error] (0x0080): DP Request [Account #6]: Finished. Backend is currently offline.
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_table_value_destructor] (0x0400): Removing [0:1:0x0001:1::LDAP:name=testuser#ldap] from reply table
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_req_destructor] (0x0400): DP Request [Account #6]: Request removed.
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_req_destructor] (0x0400): Number of active DP request: 0
==> /var/log/sssd/sssd_nss.log <==
(Mon Aug 6 15:34:49 2018) [sssd[nss]] [sss_dp_get_reply] (0x0010): The Data Provider returned an error [org.freedesktop.sssd.Error.DataProvider.Offline]
==> /var/log/sssd/sssd_LDAP.log <==
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [sbus_dispatch] (0x4000): dbus conn: 0x56174ff78030
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [sbus_dispatch] (0x4000): Dispatching.
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [sbus_message_handler] (0x2000): Received SBUS method org.freedesktop.sssd.dataprovider.getAccountInfo on path /org/freedesktop/sssd/dataprovider
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [sbus_get_sender_id_send] (0x2000): Not a sysbus message, quit
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_get_account_info_handler] (0x0200): Got request for [0x1][BE_REQ_USER][name=testuser#ldap]
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_attach_req] (0x0400): DP Request [Account #7]: New request. Flags [0x0001].
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_attach_req] (0x0400): Number of active DP request: 1
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [sss_domain_get_state] (0x1000): Domain LDAP is Active
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [_dp_req_recv] (0x0400): DP Request [Account #7]: Receiving request data.
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_req_reply_gen_error] (0x0080): DP Request [Account #7]: Finished. Backend is currently offline.
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_table_value_destructor] (0x0400): Removing [0:1:0x0001:1::LDAP:name=testuser#ldap] from reply table
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_req_destructor] (0x0400): DP Request [Account #7]: Request removed.
(Mon Aug 6 15:34:49 2018) [sssd[be[LDAP]]] [dp_req_destructor] (0x0400): Number of active DP request: 0
==> /var/log/sssd/sssd_nss.log <==
(Mon Aug 6 15:34:49 2018) [sssd[nss]] [sss_dp_get_reply] (0x0010): The Data Provider returned an error [org.freedesktop.sssd.Error.DataProvider.Offline]
I'm trying ssh connection with "ssh testuser # ldap-test-client" command. The ssh request comes in the audit log of the server.
[root#ldap-test-client]$ tail -f audit.log
type=CRYPTO_KEY_USER msg=audit(1533557907.241:533): pid=2043 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=SHA256:13:c9:73:32:4e:40:e6:23:fa:01:94:01:1d:06:75:ee:40:cb:36:a8:4a:b2:b8:15:5c:d1:a5:bb:eb:80:d8:03 direction=? spid=2043 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1533557907.241:534): pid=2043 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=SHA256:39:21:b3:e2:23:1d:49:5a:d9:b9:b2:c5:6a:24:01:df:45:89:fb:91:c5:19:61:43:ff:71:29:6f:1e:a7:32:fd direction=? spid=2043 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1533557907.241:535): pid=2043 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=SHA256:4a:94:74:27:67:91:8a:07:15:8f:d3:af:f7:2c:92:b4:25:4a:bd:5b:ae:78:82:5a:71:01:03:2c:0a:15:e2:c6 direction=? spid=2043 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1533557907.305:536): pid=2042 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=chacha20-poly1305#openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2043 suid=74 rport=53218 laddr=192.168.0.220 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.212.134.201 terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1533557907.305:537): pid=2042 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=chacha20-poly1305#openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2043 suid=74 rport=53218 laddr=192.168.0.220 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.212.134.201 terminal=? res=success'
**The following lines appear after entering the password.**
type=USER_AUTH msg=audit(1533557924.276:538): pid=2042 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:authentication grantors=? acct="?" exe="/usr/sbin/sshd" hostname=10.212.134.201 addr=10.212.134.201 terminal=ssh res=failed'
type=USER_AUTH msg=audit(1533557926.436:539): pid=2042 uid=0 auid=4294967295 ses=4294967295 msg='op=password acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=10.212.134.201 terminal=ssh res=failed'
My ldap connection test;
[root#ldap-test-client]$ id testuser
uid=11000(testuser) gid=10010(sysmaster) groups=10010(sysmaster)
[root#ldap-test-client]$ ldapsearch -x -H ldap://ldapserver.domain.com:389 -b uid=testuser,ou=People,dc=domain,dc=com -s base -W
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <uid=testuser,ou=People,dc=domain,dc=com> with scope baseObject
# filter: (objectclass=*)
# requesting: ALL
#
# testuser, People, domain.com
dn: uid=testuser,ou=People,dc=domain,dc=com
givenName: Test
sn: User
loginShell: /bin/bash
gidNumber: 10010
uidNumber: 11000
mail: testuser#domain.com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetorgperson
objectClass: posixAccount
objectClass: ldappublickey
objectClass: hostobject
objectClass: sudoers
objectClass: sudorole
uid: testuser
cn: Test User
homeDirectory: /home/testuser
host: ALL
sudoHost: ALL
sudoCommand: ALL
sudoOption: !aunthenticate
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
Related
Response Header has 2 set-cookie (AWSALB and AWSALBCORS)
In my application, I added secure cookies and I deployed it to the remote server. However, when I do a request, I can see that there are 2 identical cookies (1 is AWSALB unsecure, 2 is AWSALBCORS secure): set-cookie AWSALB=J8Hw07Jy8ein8Hei2SOME_NUMBERSMiRhCvCtL+1psSOME_NUMBERS84qI2vb/lmSOME_NUMBERS61i/LWSOME_NUMBERSLK2/itJs7pSOME_NUMBERSqcE8Y2/D3C55sSOME_NUMBERSGQUzxBh; Expires=Fri, 15 Jan 2021 07:19:43 GMT; Path=/ set-cookie AWSALBCORS=J8Hw07Jy8ein8Hei2SOME_NUMBERSMiRhCvCtL+1psSOME_NUMBERS84qI2vb/lmSOME_NUMBERS61i/LWSOME_NUMBERSLK2/itJs7pSOME_NUMBERSqcE8Y2/D3C55sSOME_NUMBERSGQUzxBh; Expires=Fri, 15 Jan 2021 07:19:43 GMT; Path=/; SameSite=None; Secure I investigated it and found out that it is related to AWS Load balancer, but I am unable to further investigate. I do not want to see unsecure cookie in response header. How can I remove it? Where should I look into?
libvirtd Error: Could not access KVM kernel module: Is a directory
Has anyone else come across this error before?
Google yields no results and I'm baffled by the error message telling me the KVM kernel module is a directory.
virt-install output in debug mode:
[Wed, 26 Oct 2016 16:12:37 virt-install 6220] DEBUG (cli:246) Launched with command line: /usr/share/virt-manager/virt-install --name test --ram 4096 --disk path=/kvms/test.img,size=20 --vcpus 2 --os-type linux --os-variant rhel7 --network bridge=br0 --graphics none --console pty,target_type=serial --cdrom /isos/CentOS-7-x86_64-NetInstall-1511.iso --graphics vnc,listen=0.0.0.0,password=pass123 --noautoconsole --debug
[Wed, 26 Oct 2016 16:12:37 virt-install 6220] DEBUG (cli:256) Requesting libvirt URI default
[Wed, 26 Oct 2016 16:12:37 virt-install 6220] DEBUG (cli:260) Received libvirt URI qemu:///system
[Wed, 26 Oct 2016 16:12:37 virt-install 6220] DEBUG (virt-install:357) Requesting virt method 'default', hv type 'default'.
[Wed, 26 Oct 2016 16:12:37 virt-install 6220] DEBUG (virt-install:591) Received virt method 'kvm'
[Wed, 26 Oct 2016 16:12:37 virt-install 6220] DEBUG (virt-install:592) Hypervisor name is 'hvm'
[Wed, 26 Oct 2016 16:12:37 virt-install 6220] DEBUG (virt-install:269) Distilled --network options: ['bridge=br0']
[Wed, 26 Oct 2016 16:12:37 virt-install 6220] DEBUG (virt-install:182) Distilled --disk options: ['path=/kvms/test.img,size=20']
[Wed, 26 Oct 2016 16:12:38 virt-install 6220] DEBUG (devicedisk:425) Creating volume 'test.img' on pool 'kvms'
[Wed, 26 Oct 2016 16:12:38 virt-install 6220] DEBUG (devicedisk:546) disk.set_vol_install: name=test.img poolxml=
<pool type='dir'>
<name>kvms</name>
<uuid>ea30045f-1970-4da1-bbf4-6bf739bc2cc7</uuid>
<capacity unit='bytes'>2927812804608</capacity>
<allocation unit='bytes'>469499904</allocation>
<available unit='bytes'>2927343304704</available>
<source>
</source>
<target>
<path>/kvms</path>
<permissions>
<mode>0755</mode>
<owner>107</owner>
<group>107</group>
<label>system_u:object_r:fusefs_t:s0</label>
</permissions>
</target>
</pool>
[Wed, 26 Oct 2016 16:12:38 virt-install 6220] DEBUG (guest:238) Setting Guest.os_variant to 'rhel7'
[Wed, 26 Oct 2016 16:12:38 virt-install 6220] DEBUG (virt-install:746) Guest.has_install_phase: True
Starting install...
[Wed, 26 Oct 2016 16:12:38 virt-install 6220] DEBUG (storage:765) Creating storage volume 'test.img' with xml:
<volume>
<name>test.img</name>
<capacity>21474836480</capacity>
<allocation>21474836480</allocation>
<target>
<format type="qcow2"/>
<features>
<lazy_refcounts/>
</features>
</target>
</volume>
[Wed, 26 Oct 2016 16:12:38 virt-install 6220] DEBUG (storage:798) Using vol create flags=1
Allocating 'test.img' | 20 GB 00:00:00
[Wed, 26 Oct 2016 16:12:39 virt-install 6220] DEBUG (storage:805) Storage volume 'test.img' install complete.
[Wed, 26 Oct 2016 16:12:39 virt-install 6220] DEBUG (guest:463) Generated install XML:
<domain type="kvm">
<name>test</name>
<uuid>05e708e1-4d0b-44b6-8ab8-52e5f0ed937b</uuid>
<memory>4194304</memory>
<currentMemory>4194304</currentMemory>
<vcpu>2</vcpu>
<os>
<type arch="x86_64">hvm</type>
<boot dev="cdrom"/>
<boot dev="hd"/>
</os>
<features>
<acpi/>
<apic/>
</features>
<cpu mode="custom" match="exact">
<model>Haswell-noTSX</model>
</cpu>
<clock offset="utc">
<timer name="rtc" tickpolicy="catchup"/>
<timer name="pit" tickpolicy="delay"/>
<timer name="hpet" present="no"/>
</clock>
<on_poweroff>destroy</on_poweroff>
<on_reboot>destroy</on_reboot>
<on_crash>destroy</on_crash>
<pm>
<suspend-to-mem enabled="no"/>
<suspend-to-disk enabled="no"/>
</pm>
<devices>
<emulator>/usr/libexec/qemu-kvm</emulator>
<disk type="file" device="disk">
<driver name="qemu" type="qcow2"/>
<source file="/kvms/test.img"/>
<target dev="vda" bus="virtio"/>
</disk>
<disk type="file" device="cdrom">
<driver name="qemu" type="raw"/>
<source file="/isos/CentOS-7-x86_64-NetInstall-1511.iso"/>
<target dev="hda" bus="ide"/>
<readonly/>
</disk>
<controller type="usb" index="0" model="ich9-ehci1"/>
<controller type="usb" index="0" model="ich9-uhci1">
<master startport="0"/>
</controller>
<controller type="usb" index="0" model="ich9-uhci2">
<master startport="2"/>
</controller>
<controller type="usb" index="0" model="ich9-uhci3">
<master startport="4"/>
</controller>
<interface type="bridge">
<source bridge="br0"/>
<mac address="52:54:00:de:72:85"/>
<model type="virtio"/>
</interface>
<input type="tablet" bus="usb"/>
<graphics type="vnc" port="-1" listen="0.0.0.0" passwd="RibEymtU"/>
<console type="pty">
<target type="serial"/>
</console>
<channel type="unix">
<source mode="bind"/>
<target type="virtio" name="org.qemu.guest_agent.0"/>
</channel>
</devices>
</domain>
[Wed, 26 Oct 2016 16:12:39 virt-install 6220] DEBUG (guest:464) Generated boot XML:
<domain type="kvm">
<name>test</name>
<uuid>05e708e1-4d0b-44b6-8ab8-52e5f0ed937b</uuid>
<memory>4194304</memory>
<currentMemory>4194304</currentMemory>
<vcpu>2</vcpu>
<os>
<type arch="x86_64">hvm</type>
<boot dev="hd"/>
</os>
<features>
<acpi/>
<apic/>
</features>
<cpu mode="custom" match="exact">
<model>Haswell-noTSX</model>
</cpu>
<clock offset="utc">
<timer name="rtc" tickpolicy="catchup"/>
<timer name="pit" tickpolicy="delay"/>
<timer name="hpet" present="no"/>
</clock>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>restart</on_crash>
<pm>
<suspend-to-mem enabled="no"/>
<suspend-to-disk enabled="no"/>
</pm>
<devices>
<emulator>/usr/libexec/qemu-kvm</emulator>
<disk type="file" device="disk">
<driver name="qemu" type="qcow2"/>
<source file="/kvms/test.img"/>
<target dev="vda" bus="virtio"/>
</disk>
<disk type="block" device="cdrom">
<target dev="hda" bus="ide"/>
<readonly/>
</disk>
<controller type="usb" index="0" model="ich9-ehci1"/>
<controller type="usb" index="0" model="ich9-uhci1">
<master startport="0"/>
</controller>
<controller type="usb" index="0" model="ich9-uhci2">
<master startport="2"/>
</controller>
<controller type="usb" index="0" model="ich9-uhci3">
<master startport="4"/>
</controller>
<interface type="bridge">
<source bridge="br0"/>
<mac address="52:54:00:de:72:85"/>
<model type="virtio"/>
</interface>
<input type="tablet" bus="usb"/>
<graphics type="vnc" port="-1" listen="0.0.0.0" passwd="RibEymtU"/>
<console type="pty">
<target type="serial"/>
</console>
<channel type="unix">
<source mode="bind"/>
<target type="virtio" name="org.qemu.guest_agent.0"/>
</channel>
</devices>
</domain>
[Wed, 26 Oct 2016 16:12:40 virt-install 6220] DEBUG (cli:295) File "/usr/share/virt-manager/virt-install", line 1084, in <module>
sys.exit(main())
File "/usr/share/virt-manager/virt-install", line 1078, in main
start_install(guest, continue_inst, options)
File "/usr/share/virt-manager/virt-install", line 784, in start_install
fail(e, do_exit=False)
File "/usr/share/virt-manager/virtinst/cli.py", line 295, in fail
logging.debug("".join(traceback.format_stack()))
[Wed, 26 Oct 2016 16:12:40 virt-install 6220] ERROR (cli:296) internal error: process exited while connecting to monitor: Could not access KVM kernel module: Is a directory
failed to initialize KVM: Is a directory
[Wed, 26 Oct 2016 16:12:40 virt-install 6220] DEBUG (cli:298)
Traceback (most recent call last):
File "/usr/share/virt-manager/virt-install", line 755, in start_install
dom = guest.start_install(meter=meter, noboot=options.noreboot)
File "/usr/share/virt-manager/virtinst/guest.py", line 417, in start_install
noboot)
File "/usr/share/virt-manager/virtinst/guest.py", line 481, in _create_guest
dom = self.conn.createLinux(start_xml or final_xml, 0)
File "/usr/lib64/python2.7/site-packages/libvirt.py", line 3585, in createLinux
if ret is None:raise libvirtError('virDomainCreateLinux() failed', conn=self)
libvirtError: internal error: process exited while connecting to monitor: Could not access KVM kernel module: Is a directory
failed to initialize KVM: Is a directory
[Wed, 26 Oct 2016 16:12:40 virt-install 6220] DEBUG (cli:309) Domain installation does not appear to have been successful.
If it was, you can restart your domain by running:
virsh --connect qemu:///system start test
otherwise, please restart your installation.
Domain installation does not appear to have been successful.
If it was, you can restart your domain by running:
virsh --connect qemu:///system start test
otherwise, please restart your installation.
/var/log/libvirtd/qemu/template-01a.img output:
2016-10-26 15:08:35.182+0000: starting up libvirt version: 1.2.17, package: 13.el7_2.5 (CentOS BuildSystem <http://bugs.centos.org>, 2016-06-23-14:23:27, worker1.bsys.centos.org), qemu version: 1.5.3 (qemu-kvm-1.5.3-105.el7_2.7)
LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin QEMU_AUDIO_DRV=none /usr/libexec/qemu-kvm -name template-01 -S -machine pc-i440fx-rhel7.0.0,accel=kvm,usb=off -cpu Haswell,-rtm,-hle -m 4096 -realtime mlock=off -smp 4,sockets=4,cores=1,threads=1 -uuid d98fb7e2-9c58-43f3-b94b-f73c76d9714b -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/domain-template-01/monitor.sock,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc,driftfix=slew -global kvm-pit.lost_tick_policy=discard -no-hpet -no-reboot -global PIIX4_PM.disable_s3=1 -global PIIX4_PM.disable_s4=1 -boot strict=on -kernel /var/lib/libvirt/boot/virtinst-vmlinuz.clUcR1 -initrd /var/lib/libvirt/boot/virtinst-initrd.img.rJ2aiS -device ich9-usb-ehci1,id=usb,bus=pci.0,addr=0x5.0x7 -device ich9-usb-uhci1,masterbus=usb.0,firstport=0,bus=pci.0,multifunction=on,addr=0x5 -device ich9-usb-uhci2,masterbus=usb.0,firstport=2,bus=pci.0,addr=0x5.0x1 -device ich9-usb-uhci3,masterbus=usb.0,firstport=4,bus=pci.0,addr=0x5.0x2 -device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x4 -drive file=/kvms/template-01a.img,if=none,id=drive-virtio-disk0,format=qcow2 -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x6,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 -drive file=/isos/CentOS-7-x86_64-NetInstall-1511.iso,if=none,id=drive-ide0-0-0,readonly=on,format=raw -device ide-cd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -netdev tap,fd=23,id=hostnet0,vhost=on,vhostfd=24 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:00:ac:34:39,bus=pci.0,addr=0x3 -chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=serial0 -chardev socket,id=charchannel0,path=/var/lib/libvirt/qemu/channel/target/domain-template-01/org.qemu.guest_agent.0,server,nowait -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=org.qemu.guest_agent.0 -device usb-tablet,id=input0 -vnc 0.0.0.0:0,password -vga cirrus -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x7 -msg timestamp=on
char device redirected to /dev/pts/1 (label charserial0)
Could not access KVM kernel module: Is a directory
failed to initialize KVM: Is a directory
2016-10-26 15:08:35.469+0000: shutting down
OS Info:
root ~ $ cat /etc/centos-release
CentOS Linux release 7.2.1511 (Core)
root ~ $ uname -r
3.10.0-327.36.3.el7.x86_64
root ~ $ lsmod | grep kvm
kvm_intel 162153 0
kvm 525409 1 kvm_intel
The issue was caused be naming my server's volume groups 'kvm'. The following command fixed this: vgrename kvm kvms
CORS - cookie doesn't get sent or even set
I have set withCredentials = true, and I get the following headers from the server Access-Control-Allow-Credentials:true Access-Control-Allow-Headers:DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept,Origin,Referer Access-Control-Allow-Methods:GET, POST, OPTIONS Access-Control-Allow-Origin:.mydomain.com Connection:keep-alive Content-Type:application/json Date:Tue, 06 Aug 2013 12:37:47 GMT Server:nginx/1.1.19 Set-Cookie:sessionid=zjn8naedymjj6mm0aqjgxljbs3u1njzf; expires=Tue, 20-Aug-2013 12:37:47 GMT; httponly; Max-Age=1209600; Path=/ Transfer-Encoding:chunked Vary:Cookie but the cookie doesn't get set or transmitted on next request.
It turned out that I can't just use .domain.com (wildcard) with Access-Control-Allow-Origin, and I have to use `http://exact.subdomain.example.com'
call application libjingle, user automatically removed from roster. why?
Okay, Tried running the compiled "call" program in libjingle-0.6.14, on 2 laptops with ubuntu 11.10, When i log in from the first laptop, and logged in again (with different account) from the other lappy.. The user coming online is immediately removed from roster and im left with no one to call... Here is the Output.. <stream:stream from="gmail.com" id="1D65B8B570251398" version="1.0"xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client"> XmppLoginTask::Advance - LOGINSTATE_STREAMSTART_SENT RECV <<<<<<<<<<<<<<<< : Tue Aug 21 18:37:51 2012 <stream:features> <mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"> <mechanism> PLAIN </mechanism> <mechanism> X-GOOGLE-TOKEN </mechanism> <mechanism> X-OAUTH2 </mechanism> </mechanisms> </stream:features> XmppLoginTask::Advance - LOGINSTATE_STARTED_XMPP XmppLoginTask::Advance - LOGINSTATE_AUTH_INIT XmppLoginTask::Advance - LOGINSTATE_SASL_RUNNING SEND >>>>>>>>>>>>>>>> : Tue Aug 21 18:37:51 2012 <auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="PLAIN" auth:allow- non-google- login="true" auth:client-uses-full-bind-result="true" xmlns:auth="http://www.google.com/talk/protocol/auth"> ## TEXT REMOVED ## </auth> RECV <<<<<<<<<<<<<<<< : Tue Aug 21 18:37:51 2012 <success xmlns="urn:ietf:params:xml:ns:xmpp-sasl"/> XmppLoginTask::Advance - LOGINSTATE_SASL_RUNNING XmppLoginTask::Advance - No error XmppLoginTask::Advance - LOGINSTATE_STREAMSTART_SENT SEND >>>>>>>>>>>>>>>> : Tue Aug 21 18:37:51 2012 <stream:stream to="gmail.com" xml:lang="*" version="1.0" xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client"> RECV <<<<<<<<<<<<<<<< : Tue Aug 21 18:37:51 2012 <stream:stream from="gmail.com" id="2B727FCA62E71E0F" version="1.0" xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client"> XmppLoginTask::Advance - LOGINSTATE_STREAMSTART_SENT RECV <<<<<<<<<<<<<<<< : Tue Aug 21 18:37:51 2012 <stream:features> <bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"/> <session xmlns="urn:ietf:params:xml:ns:xmpp-session"/> </stream:features> XmppLoginTask::Advance - LOGINSTATE_STARTED_XMPP XmppLoginTask::Advance - LOGINSTATE_BIND_INIT XmppLoginTask::Advance - LOGINSTATE_BIND_REQUESTED SEND >>>>>>>>>>>>>>>> : Tue Aug 21 18:37:51 2012 <iq type="set" id="0"> <bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"> <resource> call </resource> </bind> </iq> RECV <<<<<<<<<<<<<<<< : Tue Aug 21 18:37:51 2012 <iq id="0" type="result"> <bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"> <jid> tejeshsmith#gmail.com/call6183138F </jid> </bind> </iq> XmppLoginTask::Advance - LOGINSTATE_BIND_REQUESTED XmppLoginTask::Advance - LOGINSTATE_SESSION_REQUESTED SEND >>>>>>>>>>>>>>>> : Tue Aug 21 18:37:51 2012 <iq type="set" id="1"> <session xmlns="urn:ietf:params:xml:ns:xmpp-session"/> </iq> RECV <<<<<<<<<<<<<<<< : Tue Aug 21 18:37:51 2012 RECV <<<<<<<<<<<<<<<< : Tue Aug 21 18:37:51 2012 <iq type="result" id="1"/> XmppLoginTask::Advance - LOGINSTATE_SESSION_REQUESTED logged in... Creating default VideoCapturer Enumerating V4L2 devices V4L2 device metadata found at /sys/class/video4linux/ Found V4L2 capture device /dev/video0 Trying /sys/class/video4linux/video0/name Name for video0 is HP Webcam Total V4L2 devices found : 1 Creating default VideoCapturer Enumerating V4L2 devices V4L2 device metadata found at /sys/class/video4linux/ Found V4L2 capture device /dev/video0 Trying /sys/class/video4linux/video0/name Name for video0 is HP Webcam Total V4L2 devices found : 1 Selected PulseAudio sound system Number of references: 1 <pre><code>Number of references: 0 Selected PulseAudio sound system Number of references: 1 Number of references: 0 Enumerating V4L2 devices V4L2 device metadata found at /sys/class/video4linux/ Found V4L2 capture device /dev/video0 Trying /sys/class/video4linux/video0/name Name for video0 is HP Webcam Total V4L2 devices found : 1 SEND >>>>>>>>>>>>>>>> : Tue Aug 21 18:37:51 2012 <presence> <status/> <priority> 0 </priority> <c xmlns="http://jabber.org/protocol/caps" node="http://code.google.com/p/libjingle /call" ver="0.6" ext=" pmuc-v1"/> <x xmlns="jabber:x:delay" stamp="20120821T13:07:51"/> </presence> RECV <<<<<<<<<<<<<<<< : Tue Aug 21 18:37:52 2012 <presence from="smithtejesh#gmail.com/callAB04C4D8" to="tejeshsmith#gmail.com/call6183138F"> <status/> <priority> 0 </priority> <c node="http://code.google.com/p/libjingle/call" ver="0.6" ext=" pmuc-v1" xmlns="http://jabber.org/protocol/caps"/> <x stamp="20120821T12:58:59" xmlns="jabber:x:delay"/> <x xmlns="vcard-temp:x:update"/> Removing from roster: smithtejesh#gmail.com/callAB04C4D8 smithtejesh#gmail.com is REMOVED from roster..automatically... what could be wrong here?
It is likely that the arguments for calling the "call" example are incomplete. The example, without modification, that ships with the libjingle source does not capture video/audio from the computer's hardware. It will play rtp dump files that contain audio/video. The source files do come with sample rtp dump files that can be used to play audio/video to a browser client, or can be "transfered" to another "call" example client and saved locally to a rtcp dump file on the second client. The proper way to use the call example program is along the lines of (if on linux): ./call --videoinput ./test.rtpdump --voiceinput ./voice.rtpdump --videooutput ./vidoutput.rtpdump --voiceoutput ./voioutput.rtpdump There are a few issues on the libjingle Google code website that talk about this, I am struggling to find them at the moment. If I do, I will edit this post or add a comment with the links.
LibJingle pcp_main.cc 503 Error
I have been trying to get the PCP LibJingle example to work for several days now. After working out all of the compilation and running errors, I have now run into an error that I have no previous experience with.
When running the program either as the sender or receiver the program gets a 503 "service-unavailable" error and terminates the program, but running as the server works just fine. I know that the standard is that 5xx means a server side error, so I looked at the program output line by line (provided at the end). From my near zero experience with servers and LibJingle, the best that I can figure is that either (or both) of the following are causing the 503:
Google has disabled the necessary services for the LibJingle pcp example.
The priority status = -1 (from what I could figure, means client unavailable).
I have logged into both of the Google accounts so that they are not offline/unavailable, and the LibJingle programs reflect this. However, as soon as the PCP example runs, the priority is set back to -1. I have also noticed that most, if not all, of the Google links in the program output are 404.
My questions:
Are these theories anywhere close to what maybe/is happening?
What do I need to do to fix this?
I have heard that it is possible to use a server (other than Google's servers) to run the program through. Is this true? If so, where would I go to look into this?
Thank you, in advance, for the help.
--KMC
P.S. In the provided program output, I am attempting to send a file from forge...1#gmail.com to forge...2#gmail.com. I have censored some things and tried to cut down on other bits. But, not knowing for sure what may or may not be relevant, I did not do much cutting. If a mod or someone else that knows what maybe relevant and wants to edit it down, please feel free to do so.
forgefour#forgefour-ubuntu:~/Desktop$ ./LibJingle_Install/libjingle-0.6.13/talk/build/dbg/staging/pcp forge..1#gmail.com call_main.pdf forge..2#gmail.com/pcp8B13E6B8:outputmainadobe.pdf
Directory: /home/forgefour/Desktop
Password:
connecting...
[002:406] OpenSSLAdapter::OnConnectEvent
[002:406] SEND >>>>>>>>>>>>>>>>>>>>>>>>> : Mon Jun 25 17:09:17 2012
[002:406] <stream:stream to="gmail.com" xml:lang="*" version="1.0" xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client">
logging in...
[002:446] RECV <<<<<<<<<<<<<<<<<<<<<<<<< : Mon Jun 25 17:09:17 2012
[002:446] <stream:stream from="gmail.com" id="00B7404A40B94AA0" version="1.0" xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client">
[002:447] RECV <<<<<<<<<<<<<<<<<<<<<<<<< : Mon Jun 25 17:09:17 2012
[002:447] <stream:features>
[002:447] <starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls">
[002:447] <required/>
[002:447] </starttls>
[002:447] <mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl">
[002:447] <mechanism>
[002:447] X-GOOGLE-TOKEN
[002:447] </mechanism>
[002:447] <mechanism>
[002:447] X-OAUTH2
[002:447] </mechanism>
[002:447] </mechanisms>
[002:447] </stream:features>
[002:447] SEND >>>>>>>>>>>>>>>>>>>>>>>>> : Mon Jun 25 17:09:17 2012
[002:447] <starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
[002:488] RECV <<<<<<<<<<<<<<<<<<<<<<<<< : Mon Jun 25 17:09:17 2012
[002:488] <proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
[002:488] BeginSSL: gmail.com
[002:488] ContinueSSL
[002:488] SSL_connect:before/connect initialization
[002:489] SSL_connect:SSLv3 write client hello A
[002:489] SSL_connect:error in SSLv3 read server hello A
[002:489] -- error want read
[002:489] SEND >>>>>>>>>>>>>>>>>>>>>>>>> : Mon Jun 25 17:09:17 2012
[002:489] <stream:stream to="gmail.com" xml:lang="*" version="1.0" xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client">
[002:530] ContinueSSL
[002:530] SSL_connect:error in SSLv3 read server hello A
[002:530] -- error want read
[002:531] ContinueSSL
[002:531] SSL_connect:SSLv3 read server hello A
[002:531] SSL_connect:SSLv3 read server certificate A
[002:531] SSL_connect:SSLv3 read server done A
[002:531] SSL_connect:SSLv3 write client key exchange A
[002:532] SSL_connect:SSLv3 write change cipher spec A
[002:532] SSL_connect:SSLv3 write finished A
[002:532] SSL_connect:SSLv3 flush data
[002:532] SSL_connect:error in SSLv3 read finished A
[002:532] -- error want read
[002:575] ContinueSSL
[002:575] SSL_connect:SSLv3 read finished A
[002:575] -- success
[002:575] Certificate from server:
[002:575] Version: 3 (0x2)
Serial Number:31:fa:c7:51:00:00:00:00:5b:30
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, O=Google Inc, CN=Google Internet Authority
Validity
Not Before: Jun 5 00:52:14 2012 GMT
Not After : Jun 5 01:02:14 2013 GMT
Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=gmail.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:...
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Subject Key Identifier:
E1:73:4D:BB:F5:22:C3:57:06:EA:BF:18:73:1F:91:29:EE:54:2A:17
X509v3 Authority Key Identifier:
keyid:BF:C0:30:EB:F5:43:11:3E:67:BA:9E:91:FB:FC:6A:DA:E3:6B:12:24
X509v3 CRL Distribution Points:
Full Name:URI:http://www.gstatic.com/GoogleInternetAuthority/GoogleInternetAuthority.crl
Authority Information Access:
CA Issuers - URI:http://www.gstatic.com/GoogleInternetAuthority/GoogleInternetAuthority.crt
X509v3 Subject Alternative Name: DNS:gmail.com
Signature Algorithm: sha1WithRSAEncryption...
[002:575] Cipher: AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1
[002:616] RECV <<<<<<<<<<<<<<<<<<<<<<<<< : Mon Jun 25 17:09:18 2012
[002:616] <stream:stream from="gmail.com" id="F585A9BF4936FE0D" version="1.0" xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client">
[002:616] RECV <<<<<<<<<<<<<<<<<<<<<<<<< : Mon Jun 25 17:09:18 2012
[002:616] <stream:features>
[002:616] <mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl">
[002:616] <mechanism>
[002:616] PLAIN
[002:616] </mechanism>
[002:616] <mechanism>
[002:616] X-GOOGLE-TOKEN
[002:616] </mechanism>
[002:616] <mechanism>
[002:616] X-OAUTH2
[002:616] </mechanism>
[002:616] </mechanisms>
[002:616] </stream:features>
[002:617] SEND >>>>>>>>>>>>>>>>>>>>>>>>> : Mon Jun 25 17:09:18 2012
[002:617] <auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="PLAIN" auth:allow-non-google-login="true" auth:client-uses-full-bind-result="true" xmlns:auth="http://www.google.com/talk/protocol/auth">
[002:617] ## TEXT REMOVED ##
[002:617] </auth>
[002:696] RECV <<<<<<<<<<<<<<<<<<<<<<<<< : Mon Jun 25 17:09:18 2012
[002:696] <success xmlns="urn:ietf:params:xml:ns:xmpp-sasl"/>
[002:697] SEND >>>>>>>>>>>>>>>>>>>>>>>>> : Mon Jun 25 17:09:18 2012
[002:697] <stream:stream to="gmail.com" xml:lang="*" version="1.0" xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client">
[002:737] RECV <<<<<<<<<<<<<<<<<<<<<<<<< : Mon Jun 25 17:09:18 2012
[002:737] <stream:stream from="gmail.com" id="A554FE81E66DED32" version="1.0" xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client">
[002:737] RECV <<<<<<<<<<<<<<<<<<<<<<<<< : Mon Jun 25 17:09:18 2012
[002:737] <stream:features>
[002:737] <bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"/>
[002:737] <session xmlns="urn:ietf:params:xml:ns:xmpp-session"/>
[002:737] </stream:features>
[002:737] SEND >>>>>>>>>>>>>>>>>>>>>>>>> : Mon Jun 25 17:09:18 2012
[002:737] <iq type="set" id="0">
[002:737] <bind xmlns="urn:ietf:params:xml:ns:xmpp-bind">
[002:737] <resource>
[002:737] pcp
[002:737] </resource>
[002:737] </bind>
[002:737] </iq>
[002:777] RECV <<<<<<<<<<<<<<<<<<<<<<<<< : Mon Jun 25 17:09:18 2012
[002:777] <iq id="0" type="result">
[002:777] <bind xmlns="urn:ietf:params:xml:ns:xmpp-bind">
[002:777] <jid>
[002:777] forge...1#gmail.com/pcp7B23909E
[002:777] </jid>
[002:777] </bind>
[002:777] </iq>
[002:777] SEND >>>>>>>>>>>>>>>>>>>>>>>>> : Mon Jun 25 17:09:18 2012
[002:777] <iq type="set" id="1">
[002:777] <session xmlns="urn:ietf:params:xml:ns:xmpp-session"/>
[002:777] </iq>
[002:778] RECV <<<<<<<<<<<<<<<<<<<<<<<<< : Mon Jun 25 17:09:18 2012
[002:817] RECV <<<<<<<<<<<<<<<<<<<<<<<<< : Mon Jun 25 17:09:18 2012
[002:817] <iq type="result" id="1"/>
logged in...
[002:817] SEND >>>>>>>>>>>>>>>>>>>>>>>>> : Mon Jun 25 17:09:18 2012
[002:817] <presence>
[002:817] <priority>
[002:817] -1
[002:817] </priority>
[002:817] </presence>
Logged in as forge...1#gmail.com/pcp7B23909E
[002:817] Making key pair
[002:822] Returning key pair
[002:822] Making certificate for forge...1#gmail.com/pcp7B23909E
[002:823] Returning certificate
[002:823] TunnelSessionClientBase::OnSessionCreate: received=0
[002:823] Session:2481285798 Old state:STATE_INIT New state:STATE_SENTINITIATE Type:http://www.google.com/talk/securetunnel Transport:http://www.google.com/transport/p2p
[002:823] TunnelSession::OnSessionState(Session::STATE_SENTINITIATE)
[002:823] SEND >>>>>>>>>>>>>>>>>>>>>>>>> : Mon Jun 25 17:09:18 2012
[002:823] <iq type="get" id="3">
[002:823] <query xmlns="google:jingleinfo"/>
[002:823] </iq>
[002:823] SEND >>>>>>>>>>>>>>>>>>>>>>>>> : Mon Jun 25 17:09:18 2012
[002:823] <iq to="forge...2#gmail.com/pcp8B13E6B8" type="set" id="5">
[002:823] <jingle xmlns="urn:xmpp:jingle:1" action="session-initiate" sid="2481285798" initiator="forge...1#gmail.com/pcp7B23909E">
[002:823] <content name="securetunnel" creator="initiator">
[002:823] <description xmlns="http://www.google.com/talk/securetunnel">
[002:823] <type>
[002:823] recv:outputmainadobe.pdf
[002:823] </type>
[002:823] <client-cert>
[002:823] -----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----
[002:823] </client-cert>
[002:823] </description>
[002:823] <transport xmlns="http://www.google.com/transport/p2p"/>
[002:823] </content>
[002:823] </jingle>
[002:823] <session xmlns="http://www.google.com/session" type="initiate" id="2481285798" initiator="forge...1#gmail.com/pcp7B23909E">
[002:823] <description xmlns="http://www.google.com/talk/securetunnel">
[002:823] <type>
[002:823] recv:outputmainadobe.pdf
[002:823] </type>
[002:823] <client-cert>
[002:823] -----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----
[002:823] </client-cert>
[002:823] </description>
[002:823] </session>
[002:823] </iq>
[002:867] RECV <<<<<<<<<<<<<<<<<<<<<<<<< : Mon Jun 25 17:09:18 2012
[002:867] <iq to="forge...1#gmail.com/pcp7B23909E" id="3" type="result">
[002:867] <query xmlns="google:jingleinfo">
[002:867] <stun>
[002:867] <server host="stun.l.google.com" udp="19302"/>
[002:867] <server host="alt3.stun.l.google.com" udp="19302"/>
[002:867] <server host="alt2.stun.l.google.com" udp="19302"/>
[002:867] <server host="alt4.stun.l.google.com" udp="19302"/>
[002:867] <server host="alt1.stun.l.google.com" udp="19302"/>
[002:867] </stun>
[002:867] <relay>
[002:867] <token>
[002:867] CAESHgoVZm9yZ2Vjb21tczFAZ21haWwuY29tEJXfqb2CJxoQy4rGyFRtv1QQGHf8AQWC0A==
[002:867] </token>
[002:867] <server host="relay.google.com" udp="19295" tcp="19294" tcpssl="443"/>
[002:867] </relay>
[002:867] </query>
[002:867] </iq>
[002:880] RECV <<<<<<<<<<<<<<<<<<<<<<<<< : Mon Jun 25 17:09:18 2012
[002:880] <presence from="forge...1#gmail.com/pcp0C32AC91" to="forge...1#gmail.com/pcp7B23909E">
[002:880] <priority>
[002:880] -1
[002:880] </priority>
[002:880] <x xmlns="vcard-temp:x:update"/>
[002:880] </presence>
[002:880] RECV <<<<<<<<<<<<<<<<<<<<<<<<< : Mon Jun 25 17:09:18 2012
[002:882] RECV <<<<<<<<<<<<<<<<<<<<<<<<< : Mon Jun 25 17:09:18 2012
[002:882] <presence from="cu...#gmail.com/gmail.17841843" to="forge...1#gmail.com/pcp7B23909E">
[002:882] <status/>
[002:882] <priority>
[002:882] 24
[002:882] </priority>
[002:882] <caps:c node="http://mail.google.com/xmpp/client/caps" ver="1.1" ext="pmuc-v1 sms-v1 camera-v1 video-v1 voice-v1" xmlns:caps="http://jabber.org/protocol/caps"/>
[002:882] <x xmlns="vcard-temp:x:update">
[002:882] <photo>
[002:882] c632207e8c5c202147ccbd6c431334234750f966
[002:882] </photo>
[002:882] </x>
[002:882] </presence>
[002:956] RECV <<<<<<<<<<<<<<<<<<<<<<<<< : Mon Jun 25 17:09:18 2012
[002:956] <iq to="forge...1#gmail.com/pcp7B23909E" type="error" id="5" from="forge...2#gmail.com/pcp8B13E6B8">
[002:956] <jingle action="session-initiate" sid="2481285798" initiator="forge...1#gmail.com/pcp7B23909E" xmlns="urn:xmpp:jingle:1">
[002:956] <content name="securetunnel" creator="initiator">
[002:956] <description xmlns="http://www.google.com/talk/securetunnel">
[002:956] <type>
[002:956] recv:outputmainadobe.pdf
[002:956] </type>
[002:956] <client-cert>
[002:956] RECV <<<<<<<<<<<<<<<<<<<<<<<<< : Mon Jun 25 17:09:18 2012
[002:956] -----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----
[002:956] </client-cert>
[002:956] </description>
[002:956] <transport xmlns="http://www.google.com/transport/p2p"/>
[002:956] </content>
[002:956] </jingle>
[002:956] <session type="initiate" id="2481285798" initiator="forge...1#gmail.com/pcp7B23909E" xmlns="http://www.google.com/session">
[002:956] <description xmlns="http://www.google.com/talk/securetunnel">
[002:956] <type>
[002:956] recv:outputmainadobe.pdf
[002:956] </type>
[002:956] <client-cert>
[002:956] RECV <<<<<<<<<<<<<<<<<<<<<<<<< : Mon Jun 25 17:09:18 2012
[002:956] -----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----
[002:956] </client-cert>
[002:956] </description>
[002:956] </session>
[002:956] <error code="503" type="cancel">
[002:956] <service-unavailable xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/>
[002:956] </error>
[002:956] </iq>
[002:957] Error(session.cc:858): Session error:
<cli:error code="503" type="cancel" xmlns:cli="jabber:client"><service-unavailable xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/></cli:error>
in response to:
<cli:iq to="forge...2#gmail.com/pcp8B13E6B8" type="set" id="5" xmlns:cli="jabber:client"><jingle xmlns="urn:xmpp:jingle:1" action="session-initiate" sid="2481285798" initiator="forge.1#gmail.com/pcp7B23909E"><content name="securetunnel" creator="initiator"><description xmlns="http://www.google.com/talk/securetunnel"><type>recv:outputmainadobe.pdf</type><client-cert>-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----
</client-cert></description><transport xmlns="http://www.google.com/transport/p2p"/></content></jingle><session xmlns="http://www.google.com/session" type="initiate" id="2481285798" initiator="forge...1#gmail.com/pcp7B23909E"><description xmlns="http://www.google.com/talk/securetunnel"><type>recv:outputmainadobe.pdf</type><client-cert>-----BEGIN CERTIFICATE-----...----END CERTIFICATE-----
</client-cert></description></session></cli:iq>
[002:957] Session:2481285798 Old state:STATE_SENTINITIATE New state:STATE_SENTTERMINATE Type:http://www.google.com/talk/securetunnel Transport:http://www.google.com/transport/p2p
[002:957] TunnelSession::OnSessionState(Session::STATE_SENTTERMINATE)
[002:957] Destroying unconnected PseudoTcpChannel
[002:957] SEND >>>>>>>>>>>>>>>>>>>>>>>>> : Mon Jun 25 17:09:18 2012
[002:957] <iq to="forge...2#gmail.com/pcp8B13E6B8" type="set" id="6">
[002:957] <jingle xmlns="urn:xmpp:jingle:1" action="session-terminate" sid="2481285798">
[002:957] <reason>
[002:957] <general-error/>
[002:957] </reason>
[002:957] </jingle>
[002:957] <session xmlns="http://www.google.com/session" type="terminate" id="2481285798" initiator="forge...1#gmail.com/pcp7B23909E">
[002:957] <general-error/>
[002:957] </session>
[002:957] </iq>
[002:957] OpenSSLStreamAdapter::OnEvent(SE_CLOSE, -1)
[002:957] Cleanup
Tunnel closed with error: -1
[002:957] Cleanup
[002:957] TunnelSessionClientBase::OnSessionDestroy
[002:957] Session:2481285798 Old state:STATE_SENTTERMINATE New state:STATE_DEINIT Type:http://www.google.com/talk/securetunnel Transport:http://www.google.com/transport/p2p
[002:957] virtual void cricket::PseudoTcpChannel::OnMessage(talk_base::Message*): (MSG_SI_DESTROY)
[002:957] SEND >>>>>>>>>>>>>>>>>>>>>>>>> : Mon Jun 25 17:09:18 2012
[002:957] </stream:stream>
logged out...
[002:957] Cleanup
EDIT: As requested I am including some of the code (I would include all of it, but the main file is 723 lines). I am still directly using Google's LibJingle code, unmodified, as I have not yet been able to get this working. The full code for this file can be found here.
int main(int argc, char **argv) {
talk_base::LogMessage::LogThreads();
talk_base::LogMessage::LogTimestamps();
// Parse the arguments.
int index = 1;
while (index < argc) {
std::string name, value;
if (!ParseArg(argv[index], &name, &value))
break;
if (name == "help") {
Usage();
} else if (name == "verbose") {
talk_base::LogMessage::LogToDebug(talk_base::LS_VERBOSE);
} else if (name == "xmpp-host") {
gXmppHost = value;
} else if (name == "xmpp-port") {
gXmppPort = ParseIntArg(name, value);
} else if (name == "xmpp-use-tls") {
gXmppUseTls = ParseBoolArg(name, value)?
buzz::TLS_REQUIRED : buzz::TLS_DISABLED;
} else {
Error(std::string("unknown option: ") + name);
}
index += 1;
}
if (index >= argc)
Error("bad arguments");
gUserJid = buzz::Jid(argv[index++]);
if (!gUserJid.IsValid())
Error("bad arguments");
char path[MAX_PATH];
#if WIN32
GetCurrentDirectoryA(MAX_PATH, path);
#else
if (NULL == getcwd(path, MAX_PATH))
Error("Unable to get current path");
#endif
std::cout << "Directory: " << std::string(path) << std::endl;
buzz::Jid gSrcJid;
buzz::Jid gDstJid;
std::string gSrcFile;
std::string gDstFile;
bool as_server = true;
if (index + 2 == argc) {
ParseFileArg(argv[index], &gSrcJid, &gSrcFile);
ParseFileArg(argv[index+1], &gDstJid, &gDstFile);
if(gSrcJid.Str().empty() == gDstJid.Str().empty())
Error("Exactly one of source JID or destination JID must be empty.");
as_server = false;
} else if (index != argc) {
Error("bad arguments");
}
std::cout << "Password: ";
SetConsoleEcho(false);
std::cin >> gUserPass.password();
SetConsoleEcho(true);
std::cout << std::endl;
talk_base::InitializeSSL();
CustomXmppPump pump;// Log in.
pump.client()->SignalLogInput.connect(&debug_log_, &DebugLog::Input);
pump.client()->SignalLogOutput.connect(&debug_log_, &DebugLog::Output);
pump.DoLogin(LoginSettings(), new XmppSocket(gXmppUseTls), 0);
// Wait until login succeeds.
std::vector<uint32> ids;
ids.push_back(MSG_LOGIN_COMPLETE);
ids.push_back(MSG_LOGIN_FAILED);
if (MSG_LOGIN_FAILED == Loop(ids))
FatalError("Failed to connect");{
talk_base::scoped_ptr<buzz::XmlElement> presence(
new buzz::XmlElement(buzz::QN_PRESENCE));
presence->AddElement(new buzz::XmlElement(buzz::QN_PRIORITY));
presence->AddText("-1", 1);
pump.SendStanza(presence.get());
}
std::string user_jid_str = pump.client()->jid().Str();
std::cout << "Logged in as " << user_jid_str << std::endl;
// Prepare the random number generator.
talk_base::InitRandom(user_jid_str.c_str(), user_jid_str.size());
// Create the P2P session manager.
talk_base::BasicNetworkManager network_manager;
AutoPortAllocator allocator(&network_manager, "pcp_agent");
allocator.SetXmppClient(pump.client());
cricket::SessionManager session_manager(&allocator);
#ifdef USE_SSL_TUNNEL
cricket::SecureTunnelSessionClient session_client(pump.client()->jid(),
&session_manager);
if (!session_client.GenerateIdentity())
FatalError("Failed to generate SSL identity");
#else // !USE_SSL_TUNNEL
cricket::TunnelSessionClient session_client(pump.client()->jid(),
&session_manager);
#endif // USE_SSL_TUNNEL
cricket::SessionManagerTask *receiver =
new cricket::SessionManagerTask(pump.client(), &session_manager);
receiver->EnableOutgoingMessages();
receiver->Start();
bool success = true;
if (as_server) {// Establish the appropriate connection.
pump.Serve(&session_client);
} else {
talk_base::StreamInterface* stream = NULL;
std::string filename;
bool sending;
if (gSrcJid.Str().empty()) {
std::string message("recv:");
message.append(gDstFile);
stream = session_client.CreateTunnel(gDstJid, message);
filename = gSrcFile;
sending = true;
} else {
std::string message("send:");
message.append(gSrcFile);
stream = session_client.CreateTunnel(gSrcJid, message);
filename = gDstFile;
sending = false;
}
success = pump.ProcessStream(stream, filename, sending);
}
if (success) {
// Wait until the copy is done.
ids.clear();
ids.push_back(MSG_DONE);
ids.push_back(MSG_LOGIN_FAILED);
Loop(ids);
}
pump.DoDisconnect();// Log out.
return 0;
}
Okay, so this error was because of the wrong full JID and wrong code execution. PCP should be run following the provided sequence: Run "./pcp receiveruser#host.com" and provide account password. Read the resulting full JID of receiveruser#host.com account provided in the code output. Easiest way, if possible, is to search for: "logged in as" in the output. Take the everything after the ".com/" in the user's account informaiton. Run "./pcp senderuser#host.com send_file_name.extension receiveruser#host.com/(full JID):received_file_name.extension" This error was occurring because the method of code execution being used was preventing the account from being seen as available. It was nothing to do with a server error or a lack of Google service (sorry to have doubted you, Google). As for the priority being -1, this also had nothing to do with the error (as learned after reading up on XMPP).