We Keep Coding

pjsip TLS connect() error: [code=70006]: Not found (PJ_ENOTFOUND) on Mac but no reason specified

Getting TLS connect() error: [code=70006]: Not found (PJ_ENOTFOUND) with pjsua(2) with my program and pjsip integrated. The error does not seem to describe what is actually wrong. What's actually going on?? What's not found?
The following is true:
Same code works on Windows
Same program will work on the Mac developed (both El Capitan and Mojave dev machines)
Same program throws the full error below on another Mac when packaged in single .app
Server (songbird.sip.server, not actual server name) is reachable, Asterisk PBX, does not show any connexion attempts in the SIP debug, can ping from device
No firewall is active on the Mac devices
2019-09-26, 13:59:38.184699: <debug> (0x0000700002164000) [PJSIP] pjsua_acc.c Acc 0: setting registration..
2019-09-26, 13:59:38.186322: <debug> (0x0000700002164000) [PJSIP] tlsc0x7f90d706d428 TLS client transport created
2019-09-26, 13:59:38.186473: <debug> (0x0000700002164000) [PJSIP] tlsc0x7f90d706d428 TLS transport 192.168.86.95:62615 is connecting to songbird.sip.server:5061...
2019-09-26, 13:59:38.186550: <debug> (0x0000700002164000) [PJSIP] pjsua_acc.c Contact for acc 0 updated: <sip:2e8f04b6-dc64-4fdf-8e8b-5e034246df4d#192.168.86.95:62615;transport=TLS;ob>;reg-id=1;+sip.instance="<urn:uuid:00000000-0000-0000-0000-000062a2dee5>"
2019-09-26, 13:59:38.188984: <debug> (0x0000700002164000) [PJSIP] pjsua_core.c TX 774 bytes Request msg REGISTER/cseq=36644 (tdta0x7f90d58018a8) to TLS www.xxx.yyy.zzz:5061:
REGISTER sip:songbird.sip.server SIP/2.0
Via: SIP/2.0/TLS 192.168.86.95:62615;rport;branch=z9hG4bKPjB75FE879-DFF6-4FC2-AA8A-C1A89D5E2496;alias
Route: <sip:songbird.sip.server;transport=tls;lr>
Max-Forwards: 70
From: <sip:2e8f04b6-dc64-4fdf-8e8b-5e034246df4d#songbird.sip.server>;tag=9FBBCCE5-7560-4737-B33E-4FFEE66BEC8C
To: <sip:2e8f04b6-dc64-4fdf-8e8b-5e034246df4d#songbird.sip.server>
Call-ID: C8D621A4-E35F-4D18-9373-9BC10CE1DC02
CSeq: 36644 REGISTER
Supported: outbound, path
Contact: <sip:2e8f04b6-dc64-4fdf-8e8b-5e034246df4d#192.168.86.95:62615;transport=TLS;ob>;reg-id=1;+sip.instance="<urn:uuid:00000000-0000-0000-0000-000062a2dee5>"
Expires: 300
Allow: PRACK, INVITE, ACK, BYE, CANCEL, UPDATE, INFO, SUBSCRIBE, NOTIFY, REFER, MESSAGE, OPTIONS
Content-Length: 0
--end msg--
2019-09-26, 13:59:38.189086: <debug> (0x0000700002164000) [PJSIP] pjsua_acc.c Acc 0: Registration sent
2019-09-26, 13:59:38.201446: <info> (0x0000700002164000) [PJSIP] tlsc0x7f90d706d428 TLS connect() error: [code=70006]: Not found (PJ_ENOTFOUND)
2019-09-26, 13:59:38.201536: <info> (0x0000700002164000) [PJSIP] tsx0x7f90d78038a8 Temporary failure in sending Request msg REGISTER/cseq=36644 (tdta0x7f90d58018a8), will try next server: Not found (PJ_ENOTFOUND)
2019-09-26, 13:59:38.201614: <debug> (0x0000700002164000) [PJSIP] pjsua_core.c TX 774 bytes Request msg REGISTER/cseq=36644 (tdta0x7f90d58018a8) to TLS www.xxx.yyy.zzz:5061:
REGISTER sip:songbird.sip.server SIP/2.0
Via: SIP/2.0/TLS 192.168.86.95:62615;rport;branch=z9hG4bKPjB75FE879-DFF6-4FC2-AA8A-C1A89D5E2496;alias
Route: <sip:songbird.sip.server;transport=tls;lr>
Max-Forwards: 70
From: <sip:2e8f04b6-dc64-4fdf-8e8b-5e034246df4d#songbird.sip.server>;tag=9FBBCCE5-7560-4737-B33E-4FFEE66BEC8C
To: <sip:2e8f04b6-dc64-4fdf-8e8b-5e034246df4d#songbird.sip.server>
Call-ID: C8D621A4-E35F-4D18-9373-9BC10CE1DC02
CSeq: 36644 REGISTER
Supported: outbound, path
Contact: <sip:2e8f04b6-dc64-4fdf-8e8b-5e034246df4d#192.168.86.95:62615;transport=TLS;ob>;reg-id=1;+sip.instance="<urn:uuid:00000000-0000-0000-0000-000062a2dee5>"
Expires: 300
Allow: PRACK, INVITE, ACK, BYE, CANCEL, UPDATE, INFO, SUBSCRIBE, NOTIFY, REFER, MESSAGE, OPTIONS
Content-Length: 0
--end msg--
2019-09-26, 13:59:38.201729: <debug> (0x0000700002164000) [PJSIP] pjsua_acc.c Disconnected notification for transport tlsc0x7f90d706d428
2019-09-26, 13:59:38.201781: <debug> (0x0000700002164000) [PJSIP] sip_transport.c Transport tlsc0x7f90d706d428 shutting down, force=0
2019-09-26, 13:59:38.201839: <debug> (0x0000700002164000) [PJSIP] pjsua_acc.c Scheduling re-registration retry for acc 0 in 309 seconds..
2019-09-26, 13:59:38.201891: <info> (0x0000700002164000) [PJSIP] tsx0x7f90d78038a8 Failed to send Request msg REGISTER/cseq=36644 (tdta0x7f90d58018a8)! err=70006 (Not found (PJ_ENOTFOUND))
2019-09-26, 13:59:38.201928: <warn> (0x0000700002164000) [PJSIP] pjsua_acc.c SIP registration failed, status=503 (Not found (PJ_ENOTFOUND))
2019-09-26, 13:59:38.201957: <debug> (0x0000700002164000) [PJSIP] pjsua_acc.c Scheduling re-registration retry for acc 0 in 306 seconds..
2019-09-26, 13:59:38.202053: <debug> (0x0000700002164000) [PJSIP] tlsc0x7f90d706d428 TLS transport destroyed with reason 70006: Not found (PJ_ENOTFOUND)

Are you using gnuTLS for your TLS backend? If so, the error correspond to GNUTLS_E_NO_CERTIFICATE_FOUND. Perhaps you could check your cerificate setup?

how to capture the Cookies in HttpQueryInfo using wininet c++

Currently I'm facing an issue in capturing the Cookies which is coming as part of response. I'm using WinInet for my connection.
After sending the request using HttpSendRequest, I'm using HttpQueryInfo to query the response in the below order
HTTP_QUERY_STATUS_CODE
HTTP_QUERY_SET_COOKIE
HTTP_QUERY_CONTENT_TYPE
HTTP_QUERY_CONTENT_LENGTH
Finally I'm reading body content using InternetReadFile.
Server has the loadbalance installed. all the response sent from LB has "Set-Cookies" enabled.
If I get any response without "Set-Cookies" in header then my code is reading the content successfully.
When there is "Set-Cookies" field in header then the issue comes. It is resulting out in "Header Not Found" when I query for "HTTP_QUERY_CONTENT_TYPE"
Below is the sample response header which is success
HTTP/1.1 200 OK
Cache-Control: private
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 17 Dec 2015 10:05:00 GMT
Content-Length: 107
Content-Type: text/html; Charset=utf-8
Via: 1.1 TestServer:80 (Cisco-WSA/8.8.0-085)
Connection: keep-alive
Below is the sample response header which is error out.
HTTP/1.1 200 OK
Cache-Control: private
Server: Microsoft-IIS/8.5
Set-Cookie: MYID=B3C5D2B2%2D0426%2D473F%2DACF6%2DF19BAC3F5A6C%3A%3A88757401; path=/
X-Powered-By: ASP.NET
Date: Thu, 17 Dec 2015 10:07:20 GMT
Content-Length: 277
Content-Type: text/html; Charset=utf-8
Via: 1.1 TestServer:80 (Cisco-WSA/8.8.0-085)
Connection: keep-alive
Work around found,
While querying the response header, if I add HTTP_QUERY_COOKIE in the sequence then the issue is getting resolved but I'm not sure on this is correct or not.
Can any one help me?
Why SET_COOKIE is not able to catch the "set-cookies"
What is the difference between HTTP_QUERY_SET_COOKIE and HTTP_QUERY_COOKIE?
What will be the impact if I use HTTP_QUERY_COOKIE to overcome this issue?
Thanks
Vijay

Amazon GetAuthToken c#

I am trying to call GetAuthToken from Amazon Web Services:
http://docs.developer.amazonservices.com/en_US/auth_token/AuthToken_GetAuthToken.html
I checked the C# client library and I cannot find GetAuthToken as a method. Has this been implemented? I tried to do a POST request without the library and it fails. Here is my request and response that I wrote manually:
Request
POST https://mws.amazonservices.com/ HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: mws.amazonservices.com
Content-Length: 238
Expect: 100-continue
Connection: Keep-Alive
AWSAccessKeyId=XX&Action=GetAuthToken&SellerId=XX&SignatureMethod=HmacSHA256&SignatureVersion=2&Timestamp=2014-09-01T16%3A41%3A16Z&Version=2011-07-01&Signature=vRBxMEXAMPLES2y0FGPufG4u7WY2HqhcsYUW6IVI9%2BQ%3D
Response:
HTTP/1.1 404 Not Found
Date: Fri, 03 Oct 2014 17:14:53 GMT
Server: AmazonMWS
x-mws-request-id: 1a0bd189-d3e9-40b8-a55d-a420c9ed4805
x-mws-timestamp: 2014-10-03T17:14:54.195Z
x-mws-response-context: VaGpX6JmTb+cM7WqwM6Fs8/E4oExbxl5c7li/EU0ho2j0/WpcYuG1XZSQzkuyrlr+kVTKBdKeG6F 3nwhM5s2gg==
Content-Type: text/xml
Content-Length: 368
Vary: User-Agent
<?xml version="1.0"?>
<ErrorResponse xmlns="https://mws.amazonservices.com/">
<Error>
<Type>Sender</Type>
<Code>InvalidAddress</Code>
<Message>Resource / is not found on this server. API Section is missing or you have provided an invalid operation name.</Message>
</Error>
<RequestID>1a0bd189-d3e9-40b8-a55d-a420c9ed4805</RequestID>
</ErrorResponse>

You have wrong ServiceURL setting. You can not have it as "mws.amazonservices.com", you have to specify proper ServiceURL according to the shop location. Use one of the following settings (taken from Amazon library samples) or check out more complete Developer Guide:
// North America:
$serviceUrl = "https://mws.amazonservices.com/Products/2011-10-01";
// Europe
$serviceUrl = "https://mws-eu.amazonservices.com/Products/2011-10-01";
// Japan
$serviceUrl = "https://mws.amazonservices.jp/Products/2011-10-01";
// China
$serviceUrl = "https://mws.amazonservices.com.cn/Products/2011-10-01";

determining HTTP version using raw sockets in C

I am trying to create raw sockets in C/C++, then create a request message and then send that message to a target server. If the port I specify happens to be 80 I want to send a HTTP request to determine the HTTP version that the target server is using. For e.g I send GET HTTP/1.0 to www.google.com.
For some servers it returns HTTP/1.1 400 bad request. While in some cases it responds with an XML message. I know the GET command is wrong since I am not specifying any object to actually GET. So is there a generic way to do this?

Try:
HEAD / HTTP/1.0\r\n
\r\n
Or:
GET / HTTP/1.0\r\n
\r\n
The first line of the servers response should contain the HTTP version. Note that some servers will return 400 Bad Request if the Host: <hostname> is omitted from the header (which is not required in 1.0, but in 1.1). I would do:
Try:
HEAD / HTTP/1.0\r\n
Host: <hostname>\r\n
\r\n
Or:
GET / HTTP/1.0\r\n
Host: <hostname>\r\n
\r\n
If you don't require the message body, you should use HEAD as it will require less data to receive.

You will have to progressively try each version of HTTP. For example, if I query google.com with HTTP 1.0, it will respond with HTTP 1.0:
$ printf "HEAD / HTTP/1.0\nHost: google.com\n\n" | nc google.com 80
HTTP/1.0 301 Moved Permanently
Location: http://www.google.com/
Content-Type: text/html; charset=UTF-8
Date: Tue, 26 Nov 2013 19:44:42 GMT
Expires: Thu, 26 Dec 2013 19:44:42 GMT
Cache-Control: public, max-age=2592000
Server: gws
Content-Length: 219
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alternate-Protocol: 80:quic
If I query it with HTTP 1.1, it will respond with HTTP 1.1:
$ printf "HEAD / HTTP/1.1\nHost: google.com\n\n" | nc google.com 80
HTTP/1.1 301 Moved Permanently
Location: http://www.google.com/
Content-Type: text/html; charset=UTF-8
Date: Tue, 26 Nov 2013 19:44:47 GMT
Expires: Thu, 26 Dec 2013 19:44:47 GMT
Cache-Control: public, max-age=2592000
Server: gws
Content-Length: 219
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alternate-Protocol: 80:quic

GET / HTTP/1.0\r\n
Host: www.google.com\r\n
\r\n
This is a basic HTTP request. Alternatively, you can use HEAD instead of GET, sinse you only want the headers, but some basic servers don't recognize HEAD as a valid method.
Not every server will support HTTP/1.0, they will most likely ignore this and answer as HTTP/1.1, others will just ape the version in your request and not really mean it.
It can be frustrating to try to determine the HTTP version in a random server. Perhaps you should instead use 1.1 in the request and see if the server answers with 1.0, I believe it may be the safest way to know if the server is at least giving a damn.

How to connect a socket to an http server through proxy?

Recently I wrote a program using sockets in C, to connect to an HTTP server running locally and thereby to do requests to that.
That worked fine for me. After that I tried the same code to connect to another server on the web (e.g. www.google.com), but I was not able to connect and was getting another html response from the proxy server in my network.
My local IP is: 10.0.2.58
The proxy IP is: 10.0.0.1
This is the response I got :
HTTP/1.1 302 Found
Expires: Fri, 10 Feb 2012 12:47:35 GMT
Expires: 0
Cache-Control: max-age=180000
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Location: http://10.0.0.1:8000/index.php?redirurl=http%3A%2F%2F10.0.2.58%2F
Content-type: text/html
Content-Length: 0
Date: Wed, 08 Feb 2012 10:47:35 GMT
Server: lighttpd/1.4.29
How can I bypass this proxy to connect to external servers?
Response got when tried with CONNECT
HTTP/1.1 302 Found
Expires: Fri, 10 Feb 2012 13:37:58 GMT
Expires: 0
Cache-Control: max-age=180000
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Location: http://10.0.0.1:8000/index.php?redirurl=http%3A%2F%2F10.0.2.58http%3A%2F%2Fwww.google.com%2F
Content-type: text/html
Content-Length: 0
Date: Wed, 08 Feb 2012 11:37:58 GMT
Server: lighttpd/1.4.29
Working code which connect's to my local apache
#include<unistd.h>
#include<stdio.h>
#include<sys/types.h>
#include<sys/socket.h>
#include<netinet/in.h>
#include<arpa/inet.h>
#include<netdb.h>
#include<string.h>
#define MAX_BUFFER_SIZE 1024
int main(int argc,char *argv[])
{
int clsd,ssd,status;
char buffer[1024];
char request[]="GET / HTTP/1.1\r\nHost:10.0.2.58\r\n\r\n";
struct sockaddr_in srvr_addr;
struct addrinfo hints,*res;
srvr_addr.sin_family=AF_INET;
srvr_addr.sin_port=htons(80);
srvr_addr.sin_addr.s_addr=inet_addr("10.0.2.58");//Local server
clsd =socket(AF_INET,SOCK_STREAM,IPPROTO_TCP);
if(clsd<=0)
{
perror("Socket init failed..\n");return 1;
}
ssd=connect(clsd,(struct sockaddr *)&srvr_addr,(socklen_t)(sizeof srvr_addr));
if(clsd<=0)
{
perror("Socket connect failed..\n");return 1;
}
write(clsd,request,strlen(request));
memset((void *)&request,0x00,strlen(request));
memset(&buffer,0x00,MAX_BUFFER_SIZE);
do
{
status=read(clsd,&buffer,MAX_BUFFER_SIZE);
write(1,&buffer,status);
memset((void *)&request,0x00,strlen(request));
memset(&buffer,0x00,MAX_BUFFER_SIZE);
do
{
status=read(clsd,&buffer,MAX_BUFFER_SIZE);
write(1,&buffer,status);
}while(status>0);
close(clsd);
return 0;
}

To use connections via proxy (or if they are implicitly proxy-fied), first you should connect to proxy, send a 'CONNECT' message with target host; proxy will establish connection and return you data.
Here is in steps:
open socket to proxy host
send 'CONNECT http://www.google.com:80 HTTP/1.0\r\n\r\n' string
wait for recv
You must specify protocol (in our case is HTTP 1.0, non-chunked) with ending newline characters, so proxy knows how to communicate with end point.
You can find details about CONNECT method at http://www.ietf.org/rfc/rfc2817.txt

If you're specifically trying to bypass the proxy, you should talk to whoever administers your network to find out if that's even possible. If your first block of output is an attempt to connect to Google then it appears to me that there's some kind of transparent proxy on your network that you'll have to take special (and network-specific) steps to bypass.
Of course, if you're just interested in getting data, you could try following the redirect...