Comments (18)
Hacksore
commented on June 18, 2024
1
Woot woot!
Maybe once they update the cert this won't be an issue like you said π .
Closing for now as we have a workaround, thanks for digging into this.
from bluelinky.
Hacksore
commented on June 18, 2024
1
related got issue sindresorhus/got#2271
We could switch to fetch which has a workaround. However, that's a considerable amount of work and something is probably bound to break.
import crypto from 'crypto';
import { Agent } from 'undici';
fetch('https://kiaconnect.ca', {
dispatcher: new Agent({
connect: {
rejectUnauthorized: false,
secureOptions: crypto.constants.SSL_OP_LEGACY_SERVER_CONNECT,
},
}),
}).then((res) => console.log(res.status));If anyone wants to ship a PR π
from bluelinky.
Hacksore
commented on June 18, 2024
since it's a TLS issue it could be an issue with your machine and or dependencies.
I'd try in another machine or even in a docker container to troubleshoot.
from bluelinky.
djensenius
commented on June 18, 2024
Tried with a linux machine and node 20.4.0 with the same error :(
I think both are using openssl@3
from bluelinky.
djensenius
commented on June 18, 2024
Just tried on a GitHub Codespace
@djensenius β /workspaces/bluelinky (master) $ npm run debug
> [email protected] debug
> cross-env LOG_LEVEL=debug ts-node debug.ts
? What Region are you in? CA
? Which brand are you using? kia
{ region: 'CA', brand: 'kia' }
Logging in...
[2023-07-12 01:20:21] debug: CA Controller created
[2023-07-12 01:20:21] debug: Bluelinky is logging in automatically, to disable use autoLogin: false
[2023-07-12 01:20:21] info: Begin login request
[2023-07-12 01:20:21] debug: [https://kiaconnect.ca/tods/api/lgn] {} {"loginId":"hiding_this","password":"hiding_this"}
[2023-07-12 01:20:21] info: Begin getVehicleList request
[2023-07-12 01:20:21] debug: [https://kiaconnect.ca/tods/api/vhcllst] {} {}
[2023-07-12 01:20:22] debug: write EPROTO 00483CBC0B7F0000:error:0A000172:SSL routines:tls12_check_peer_sigalg:wrong signature type:../deps/openssl/openssl/ssl/t1_lib.c:1572:
[2023-07-12 01:20:22] debug: Found 0 on the account```
from bluelinky.
Hacksore
commented on June 18, 2024
can you try curl -vvv https://kiaconnect.ca/tods/api/vhcllst and see if you get errors that relate to TLS?
from bluelinky.
djensenius
commented on June 18, 2024
Hmm, nope:
β― curl -vvv https://kiaconnect.ca/tods/api/vhcllst
* Trying 209.198.184.19:443...
* Connected to kiaconnect.ca (209.198.184.19) port 443 (#0)
* ALPN: offers h2,http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
* CAfile: /etc/ssl/cert.pem
* CApath: none
* (304) (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN: server did not agree on a protocol. Uses default.
* Server certificate:
* subject: C=US; ST=California; O=Kia Motors America Inc; CN=www.kiaconnect.ca
* start date: Sep 13 00:00:00 2022 GMT
* expire date: Oct 6 23:59:59 2023 GMT
* subjectAltName: host "kiaconnect.ca" matched cert's "kiaconnect.ca"
* issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Organization Validation Secure Server CA
* SSL certificate verify ok.
* using HTTP/1.x
> GET /tods/api/vhcllst HTTP/1.1
> Host: kiaconnect.ca
> User-Agent: curl/7.88.1
> Accept: */*
>
< HTTP/1.1 500 Internal Server Error
< Date: Wed, 12 Jul 2023 01:27:40 GMT
< Server: Oracle-Application-Server-11g
< Access-Control-Allow-Methods: POST, GET
< Access-Control-Max-Age: 1000
< Access-Control-Allow-Headers: language, offset, UCID, From, x-requested-with, Content-Type, origin, authorization, accept, client-security-token, accesstoken, clientId, clientSecret
< Access-Control-Allow-Credentials: true
< Allow: POST
< Set-Cookie: JSESSIONID=2AD79C7CD36EE3A300DDEC91582646B5; Path=/; HttpOnly
< Content-Length: 358
< Access-Control-Allow-Origin: *
< Connection: close
< Content-Type: text/html;charset=UTF-8
< Content-Language: en
< ```
from bluelinky.
Hacksore
commented on June 18, 2024
I just ran debug with CA and i got the same issue π.
> [email protected] debug
> cross-env LOG_LEVEL=debug ts-node debug.ts
? What Region are you in? CA
? Which brand are you using? kia
{ region: 'CA', brand: 'kia' }
Logging in...
[2023-07-11 20:29:55] debug: CA Controller created
[2023-07-11 20:29:55] debug: Bluelinky is logging in automatically, to disable use autoLogin: false
[2023-07-11 20:29:55] info: Begin login request
[2023-07-11 20:29:55] debug: [https://kiaconnect.ca/tods/api/lgn] {} {"loginId":"[email protected]","password":"<REEEEEEEEEEEEEEEEDACTED>"}
[2023-07-11 20:29:56] info: Begin getVehicleList request
[2023-07-11 20:29:56] debug: [https://kiaconnect.ca/tods/api/vhcllst] {} {}
[2023-07-11 20:29:56] debug: write EPROTO 005ED0EE01000000:error:0A000172:SSL routines:tls12_check_peer_sigalg:wrong signature type:../deps/openssl/openssl/ssl/t1_lib.c:1572:
[2023-07-11 20:29:56] debug: Found 0 on the account
from bluelinky.
djensenius
commented on June 18, 2024
Same thing is happening with the login method, it's just not logging the response by default.
I looked at upgrading got thinking that might have something to do with it. But the new version has a lot of breaking changes. π€·
from bluelinky.
Hacksore
commented on June 18, 2024
Hmmm I tried without got and native fetch in node v18 and got a similar issue with the CA endpoint.
I have to assume the TLS settings were changed on their server causing this issue π€.
Code:
fetch('https://kiaconnect.ca/test')
.then(res => res.json())
.then(console.log)
.catch(console.error);Error:
TypeError: fetch failed
at Object.fetch (node:internal/deps/undici/undici:11457:11)
at processTicksAndRejections (node:internal/process/task_queues:95:5) {
cause: [Error: 005ED0EE01000000:error:0A000172:SSL routines:tls12_check_peer_sigalg:wrong signature type:../deps/openssl/openssl/ssl/t1_lib.c:1572:
] {
library: 'SSL routines',
reason: 'wrong signature type',
code: 'ERR_SSL_WRONG_SIGNATURE_TYPE'
}
}
from bluelinky.
djensenius
commented on June 18, 2024
Looks like OpenSSL 3, which newer versions of node are compiled against, does not like the certificate. Canβt get a workaround working unfortunately.
Guess we wait for the cert to expire, which is luckily not a terribly long wait.
from bluelinky.
Hacksore
commented on June 18, 2024
Could you downgrade node and try to see if that's a workaround for now?
from bluelinky.
djensenius
commented on June 18, 2024
@Hacksore Yep, downgrading to node 16 is MUCH happier:
Logging in...
[2023-07-14 10:31:05] debug: CA Controller created
[2023-07-14 10:31:05] debug: Bluelinky is logging in automatically, to disable use autoLogin: false
[2023-07-14 10:31:05] info: Begin login request
[2023-07-14 10:31:05] debug: [https://kiaconnect.ca/tods/api/lgn] {} {"loginId":"<nope>","password":"<nope>"}
[2023-07-14 10:31:06] debug: {
"accessToken": "<nope>",
"scope": [
"profile"
],
"tokenType": "bearer",
"expireIn": 86400,
"refreshToken": "<nope>",
"signature": ""
}
[2023-07-14 10:31:06] info: Begin getVehicleList request
[2023-07-14 10:31:06] debug: [https://kiaconnect.ca/tods/api/vhcllst] {} {}
[2023-07-14 10:31:07] debug: CA Vehicle <nope> created
[2023-07-14 10:31:07] debug: Found 1 on the account
from bluelinky.
carlosgamezvillegas
commented on June 18, 2024
Hello @Hacksore and team,
Have we found a solutions for issue? The workaround provided is not going to work for much longer since node.js 16 has been deprecated.
Kind regards,
from bluelinky.
gruijter
commented on June 18, 2024
A fix is indeed needed. The new Homey Home automation platform only runs on node 18. So Bluelinky is broken there :(
See details here: https://community.homey.app/t/app-pro-kia-and-hyundai/32487/560
Someone here that can do a PR? π
from bluelinky.
glenviewjeff
commented on June 18, 2024
Why is this closed?
from bluelinky.
Hacksore
commented on June 18, 2024
Why is this closed?
I don't have bandwidth to fix it, PRs are welcomed tho!
from bluelinky.
glenviewjeff
commented on June 18, 2024
FYI I ran into this with a US Hyundai. I can't remember right now if it was an old version of Bluelinky that I was trying when I added this comment or the current version.
from bluelinky.
Related Issues (20)
- cant start clima fΓΌr kia ev6
- Client Error GotError HOT 4
- AppID's changed again? HOT 7
- Node red problem
- Info about battery charging status and amount of kwh charged in last session HOT 4
- Return status if on error HOT 5
- npm run debug fails with type script error HOT 4
- "Invalid request body - Invalid deviceId" after a write command HOT 2
- genesis implementation HOT 5
- Node Red shows ERROR HOT 2
- No EV-Information in Status HOT 6
- Vehicle not found HOT 1
- Strange behavior w/Docker build HOT 1
- Documentation link points to obsolete V7.0 API HOT 1
- Status fetch error SyntaxError: Unexpected token < in JSON at position 0 at JSON.parse HOT 24
- remote start fails using bluelinky HOT 3
- Battery drain despite of refresh=false HOT 2
- Problems executing the given JS example HOT 2
- Total energy consumption reported by driveHistory seems underestimated
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bluelinky.