Comments (14)
inode-
commented on June 29, 2024
I can confirm, just build 13.4.0 and work correctly, on 14.x it's not working anymore
from tasmota.
s-hadinger
commented on June 29, 2024
I'm not familiar with the time it normally makes, but it seems the two log lines are very close to each other:
20:28:07.833 TGM: sendMessage
20:28:07.834 WIF: DNS resolved 'api.telegram.org' (149.154.167.220) in 0 ms
20:28:07.968 RSL: RESULT = {"TmSend":"Failed"}
It's maybe linked to #21442
The timeout value changed from seconds to milliseconds in the Core3 API. This could explain why the "Failed" messages happens only 134ms after the actual command (which is shorter than a full TLS handshake)
from tasmota.
arendst
commented on June 29, 2024
It consistently replies:
23:08:44.996 TGM: getUpdates
connect(api.telegram.org,443)
connect(149.154.167.220,443)
_connectSSL: start connection
_wait_for_handshake: failed
Couldn't connect. Error = 1
23:08:45.101 TGM: Response ''
even with a timeout of 10000 ms (being default in code)
from tasmota.
s-hadinger
commented on June 29, 2024
I'm still surprised how quickly it returns the error, 105 ms including the logging
from tasmota.
arendst
commented on June 29, 2024
From what I see above it doesn't connect at all as _wait_for_handshake: failed returns immediatly.
and no heap usage either:
23:27:31.958 TGM: getUpdates
connect(api.telegram.org,443)
connect(149.154.167.220,443)
> Heap Before calling _connectSSL = 3712
> Heap _connectSSL.start = 3712
> Heap Thunk allocated = 3712
_connectSSL: start connection
> Heap _connectSSL before DecoderContext allocation = 3712
> Heap _connectSSL after DecoderContext allocation = 3712
> Heap _connectSSL before PrivKey allocation = 3712
_wait_for_handshake: failed
Couldn't connect. Error = 1
> Heap _connectSSL.end = 3712
> Heap _connectSSL after release of Priv Key = 3712
23:27:32.103 TGM: Response ''
from tasmota.
s-hadinger
commented on June 29, 2024
Unrelated issue:
GoDaddy Daddy Secure Certificate Authority - G2, RSA 2048 bits SHA 256, valid until 20220523
It seems that the GoDaddy Authority is long expired. Although I understand you don't use it and use fingerprint instead
from tasmota.
arendst
commented on June 29, 2024
Yep. That was the reason we had to use SO132 1 for fingerprint.
from tasmota.
arendst
commented on June 29, 2024
I'm still looking into the Telegram issue. As a test I started to reuse an ESP8266 but it fails there too. So for now we can rule out core3.
How about the fingerprint? Where can I see if the fingerprint is still valid?
from tasmota.
s-hadinger
commented on June 29, 2024
Invalid fingerprint would generate a TLS error. It's not the case here.
You can also reset the fingerprint with all zeroes to accept any value
from tasmota.
arendst
commented on June 29, 2024
Adding some more debug info doesn't ring my bells:
17:50:08.675-014 CMD: tmsend hello
17:50:08.677-014 SRC: Serial
17:50:08.680-014 CMD: Grp 0, Cmd 'TMSEND', Idx 1, Len 5, Pld -99, Data 'hello'
17:50:08.683-014 TGM: Connect start 'bot1179906608:AAE-3UfPJt3u8d-gbGXslnFO96o3DahG6EM/sendMessage?chat_id=139920293&text=hello'
connect(api.telegram.org,443)
connect(149.154.167.220,443)
_connectSSL: start connection
_run_until: BR_SSL_CLOSED
_wait_for_handshake: failed
Couldn't connect. Error = 1
17:50:08.812-014 TGM: Connect failed
17:50:08.814-014 TGM: Response
17:50:08.818-011 MQT: stat/wemos4/RESULT = {"TmSend":"Failed"}
I'm lost for now.
from tasmota.
s-hadinger
commented on June 29, 2024
Ah, it is a TLS connection error after all. Let me first update the CA.
from tasmota.
s-hadinger
commented on June 29, 2024
I updated the CA from Telegram, but now I get error 49: BR_ERR_X509_UNSUPPORTED - certificate contains unsupported features that cannot be ignored.
This would be a lot of work to allow unsupported features, hence I'm in favor of removing CA verification in Telegram (which wasn't working anyways).
The Fingerprint seems to have changed, it is now:
4E 7F F5 6D 1E 29 40 58 AB 84 DE 63 69 7B CD DF 44 2E D2 F6
from tasmota.
arendst
commented on June 29, 2024
With latest change in CA and SO132 1 (and fingerprint set 0's):
22:10:45.362-017 TGM: Connect start 'bot1179906608:AAE-3UfPJt3u8d-gbGXslnFO96o3DahG6EM/getUpdates?offset=0'
connect(api.telegram.org,443)
connect(149.154.167.220,443)
_connectSSL: start connection
_run_until: BR_SSL_CLOSED
_wait_for_handshake: failed
Couldn't connect. Error = 1
22:10:45.487-015 TGM: Connect failed
with SO132 0:
22:11:03.340-017 TGM: Connect start 'bot1179906608:AAE-3UfPJt3u8d-gbGXslnFO96o3DahG6EM/getUpdates?offset=0'
connect(api.telegram.org,443)
connect(149.154.167.220,443)
_connectSSL: start connection
_run_until: BR_SSL_CLOSED
_wait_for_handshake: failed
Couldn't connect. Error = 49
22:11:03.993-015 TGM: Connect failed
from tasmota.
arendst
commented on June 29, 2024
Yep! Succes. The changed fingerprint workx.
from tasmota.
Related Issues (20)
- Guru Mediation on using ufsserve inside autoexe.be HOT 1
- ESP32 device hang / lagging with emulation enabled after upgrade to 14.0.0 HOT 9
- SD Card access causes crash in development branch, but not in release branch (CAUSED BY WATCHDOG - see below) HOT 6
- No sound after SetOption111 switching HOT 2
- Send JSON to MQTT with Tasmota not working HOT 1
- Going to "Configure Wifi" causes main loop hang and watchdog trigger
- Latest code compilation error HOT 3
- SonOff MiniR4 looses MQTT subscription domoticz/out HOT 3
- And again: The documentation page does not show the most current version 14.0
- DisplayModel cannot be changed in Tasmota Display 14.0.0
- Tasmota on the rainpoint device does not retain the state at which the power was lost
- Add TM1638 switches and relays to display build
- Update EZSP firmware repository for (old) Sonoff Zigbee Bridge to support EZSP v13 HOT 2
- Timer doesn't show the ON/OFF on the configuration timer for version 14.1 HOT 1
- 14.1.0 scripting: buttons bu(...) defined in >W appears corrupted on the web-page HOT 2
- IrReceived generates a lot of unnecessary mqtt messages
- Sends wrong mqtt? HOT 1
- Cannot upgrade from 14.1.0 minimal on a NOUS A1T HOT 1
- 14.x: doesnt respect negative values on tuya device
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tasmota.