I have problem with interaction with Unistream service by SOAP-client and by curl too.
My environment: Ubuntu 15.04, php 5.64
Some history: unistream's support asked us generate certifiate:
makecert.exe -n "CN=some_name" -ss My -r -m 120 -pe -sky exchange -a sha1, then export by mmc end send certificate to them. Ok, we do this and got certificate generated on their side.
I convert their certificate to pem-format and try use is php SoapClient:
$soap = new SoapClient("http://test2.unistream.com:82/wcflib-tc/service.svc?wsdl", [
'encoding' => 'UTF-8',
'trace' => true,
'local_cert' => $cert_path,
'soap_version' => SOAP_1_2,
'connection_timeout' => 180,
'cache_wsdl' => WSDL_CACHE_NONE
]);
$data = $soap->GetCountriesChanges(['requestMessage'=>[
'AuthenticationHeader'=>[
'AppKey'=>'*',
'Password'=>'*',
'Username'=>'*',
],
'UpdateCount'=>1000
]]);
And i got nothing. I try the same with python soap library, with soapui and got nothing too, timeout.
Ok, i look it with wireshark, and saw that soap client recieve all xsd schemas and etc and then connection interrupt after post request to url: http://test2.unistream.com:82/wcflib-tc/service.svc, just timeout. And i saw only plain http with xml, no packets with ssl.
Ok, i try send post-request on this url:
ini_set('default_socket_timeout', 30);
$request_string =
'<?xml version="1.0" encoding="UTF-8"?>
<env:Envelope xmlns:env="http://www.w3.org/2003/05/soap-envelope"
xmlns:ns1="http://schemas.datacontract.org/2004/07/WcfServiceLib"
xmlns:ns2="http://schemas.datacontract.org/2004/07/WcfServiceLib.Utils"
xmlns:ns3="http://schemas.datacontract.org/2004/07/WcfServiceLib.Dictionaries.Country"
xmlns:ns4="http://test.unistream.com/wcflib/">
<env:Body>
<ns4:GetCountriesChanges>
<ns4:requestMessage>
<ns2:AuthenticationHeader>
<ns1:AppKey>*</ns1:AppKey>
<ns1:Password>*</ns1:Password>
<ns1:Username>*</ns1:Username>
</ns2:AuthenticationHeader>
<ns3:UpdateCount>1000</ns3:UpdateCount>
</ns4:requestMessage>
</ns4:GetCountriesChanges>
</env:Body>
</env:Envelope>
';
$url = 'http://test2.unistream.com:82/wcflib-tc/service.svc';
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/soap+xml;', 'Charset=utf-8']);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_CAPATH, "/path");
//my cert
curl_setopt($ch, CURLOPT_SSLCERT, "/path/local_cert.pem");
//my private key
curl_setopt($ch, CURLOPT_SSLKEY, "/path/local_key.pem");
curl_setopt($ch, CURLOPT_SSLKEYPASSWD, 'passwd');
//api's cert
curl_setopt($ch, CURLOPT_CAINFO, '/path/api_cert.cer');
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch, CURLOPT_POSTFIELDS, $request_string);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_CERTINFO, true);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_URL, $url);
$result = curl_exec($ch);
print_r($result);
echo "\n";
$error = curl_error($ch);
print_r($error);
echo "\n";
And i get xml with error: "An error occurred when verifying security for the message."
If i try send request to url: https://test2.unistream.com:82/wcflib-tc/service.svc i got plain html with error 400 and curl error: "error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol"
Support can't help me. They said "we have 10000 working clients, we consult only about high-level api problems and bussines-logic".
Can somebody give me right direction?
I don't have docs for unistream.
I do know that certificates are transport layer. That means that they occur before anything else. But you're connecting to an HTTP URL, not an HTTPS URL and that means you're not using encryption.
Certificates and encryption are not your problem.
However, the URL you pasted is simply not listening for connections on that port.
$ curl -v http://test2.unistream.com:82/wcflib-tc/service.svc?wsdl
* Trying 94.127.155.67...
* Connection timed out after 60001 milliseconds
* Closing connection 0 curl: (28) Connection timed out after 60001 milliseconds
You're not using the right address/port number at all.
Next
Get the right url endpoint
don't bother with the client certificate unless the endpoint is using HTTPS
Related
I run an Apache webserver with mod_dav/mod_dav_fs on a windows server.
Users can edit certain files via WebDAV.
WebDAV is set up and running correctly so far...
The question is, how can I find out if and which files are currently opened via WebDAV?
Apache writes this info into its "DavLockDB".
Is there a way to read that file or to find out which files are currently locked?
I already tried it with via php:
$fp = fopen($file, 'c');
if (!flock($fp, LOCK_EX|LOCK_NB, $wouldblock)) {
// lock not obtained
echo 'file maybe open';
}
else {
// lock obtained
echo 'file is free';
}
This gives me a correct result if the file is opened locally on the server, but not if the file is opened via WebDAV.
Has anyone ever had a similar problem?
Kind regards
Thomas
I've been tied to and frustrated by WebDAV for some years, and I often had a need to be able to identify locked files and occasionally unlock them. I recently wrote a small tool in PHP to achieve this that you can see on Github.
Most of my answers were found in the RFC document & on the webdav.org site.I didn't encounter a solution using the DavLockDB and went the official route sending cURL requests to the DAV server as a real application would with HTTP verbs to get the info that I needed about files or directories.
In short you choose a file or directory as an endpoint and send PROPFIND request. If the endpoint is a directory you'll get a list of resources (files/directories) & their properties that are in that directory (and possibly under it depending on your DEPTH setting). If the endpoint is a file you'll get the file properties. In both cases the information is returned as XML and if any resource is locked the properties will include a LockToken.
Here's a PHP function that you could use based on a method in the repository noted above:
function propfind() {
$location = 'https://example.com:8000' // ROUTE TO SERVER
$endpoint = '/webdav/'; // FINAL DESTINATION
$auth = 'user:pass'; // BASE64 ENCODED USERNAME:PASSWORD
$url = $location.$endpoint;
$host = parse_url($location, PHP_URL_HOST);
$ch = curl_init();
// FIX LOCALHOST SSL CERTIFICATE ISSUES
if ($_SERVER['SERVER_NAME'] == 'localhost') curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_VERBOSE, true);
$verbose = fopen('php://temp', 'w+'); // CREATE A STREAM TO SAVE THE VERBOSE CONNECTION DATA
curl_setopt($ch, CURLOPT_STDERR, $verbose);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'PROPFIND');
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: text/xml; charset="utf-8"',
'Host: '.$host,
'Authorization: Basic '.$auth,
'Depth: 1',
));
/*
// OPTIONALLY LIMIT THE RESPONSE TO SPECIFIC PROPERTIES
$xml = '<?xml version="1.0" encoding="utf-8" ?><D:propfind xmlns:D="DAV:"><D:prop><D:creationdate/><D:getlastmodified/><D:getcontentlength/></D:prop></D:propfind>';
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
*/
$response = curl_exec($ch);
$curlInfo = curl_getinfo($ch);
rewind($verbose);
$verboseLog = stream_get_contents($verbose);
if(curl_error($ch)) {
return array('error'=>curl_errno($ch).': '.curl_error($ch), 'response'=>print_r($curlInfo,1), 'verbose'=>$verboseLog);
}
curl_close($ch);
return array($response, $verboseLog);
}
A sample response might be:
<?xml version="1.0" encoding="utf-8"?>
<D:multistatus xmlns:D="DAV:">
<D:response xmlns:lp1="DAV:" xmlns:lp2="http://apache.org/dav/props/">
<D:href>/webdav/test.xlsx</D:href>
<D:propstat>
<D:prop>
<lp1:resourcetype/>
<lp1:creationdate>2020-04-11T20:30:58Z</lp1:creationdate>
<lp1:getcontentlength>9853</lp1:getcontentlength>
<lp1:getlastmodified>Thu, 06 Aug 2020 16:17:05 GMT</lp1:getlastmodified>
<lp1:getetag>"123456-789b-ab12345cd67e89"</lp1:getetag>
<lp2:executable>T</lp2:executable>
<D:supportedlock>
<D:lockentry>
<D:lockscope><D:exclusive/></D:lockscope>
<D:locktype><D:write/></D:locktype>
</D:lockentry>
<D:lockentry>
<D:lockscope><D:shared/></D:lockscope>
<D:locktype><D:write/></D:locktype>
</D:lockentry>
</D:supportedlock>
<D:lockdiscovery>
<D:activelock>
<D:locktype><D:write/></D:locktype>
<D:lockscope><D:exclusive/></D:lockscope>
<D:depth>infinity</D:depth>
<ns0:owner xmlns:ns0="DAV:"><ns0:href>Username</ns0:href></ns0:owner>
<D:timeout>Second-896</D:timeout>
<D:locktoken>
<D:href>opaquelocktoken:a12bc34d-567e-8901-23d4-5ab6cd7e8f90</D:href>
</D:locktoken>
</D:activelock>
</D:lockdiscovery>
<D:getcontenttype>application/vnd.openxmlformats-officedocument.spreadsheetml.sheet</D:getcontenttype>
</D:prop>
<D:status>HTTP/1.1 200 OK</D:status>
</D:propstat>
</D:response>
</D:multistatus>
Note the <D:locktoken> entry which indicates that the file is locked. In theory you could use the function recursively to map out the whole resource and highlight any locked files.
To unlock a file you need the credentials of the user that created the lock. Then send the request using UNLOCK as the HTTP verb:
function unlock () {
$lockToken = 'opaquelocktoken:a12bc34d-567e-8901-23d4-5ab6cd7e8f90';
$location = 'https://example.com:8000' // ROUTE TO SERVER
$endpoint = '/webdav/'; // FINAL DESTINATION
$auth = 'user:pass'; // BASE64 ENCODED USERNAME:PASSWORD
$url = $location.$endpoint;
$host = parse_url($location, PHP_URL_HOST);
$ch = curl_init();
// FIX LOCALHOST SSL CERTIFICATE ISSUES
if ($_SERVER['SERVER_NAME'] == 'localhost') curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'UNLOCK');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Host: '.$host,
'Authorization: Basic '.$auth,
'Lock-Token: <'.$lockToken.'>',
));
$response = curl_exec($ch);
$curlInfo = curl_getinfo($ch);
if(curl_error($ch)) {
$unlockStatus = 'ERROR: '.curl_error($ch).print_r($curlInfo,1);
}
else {
$unlockStatus = array(
'status' => ($curlInfo['http_code'] == '204' ? 'ok' : 'Fail'),
'response' => htmlentities($response),
'curlInfo' => $curlInfo,
);
}
curl_close($ch);
return $unlockStatus;
}
NB: In a more manual way you can get properties and unlock files from the command line with 2 cURL commands:
// GET RESOURCE PROPERTIES
curl -X PROPFIND '{path-to-resource}' -H 'Authorization:Basic {base64 encoded username:password}' -H 'Depth:1'
// UNLOCK A LOCKED FILE
curl -X UNLOCK '{path-to-resource}' -H 'Authorization: Basic {base64 encoded username:password}' -H 'Lock-Token: <{lock-token-from-first-request}>'
I have a Flask app, with a basic function, where I have exposed app.run() to a public ip, so that it is accessible from an external server;[ using Flask - Externally Visible Dev Server ]
#app.route('/')
def hello_world():
return 'Hello World!'
if __name__ == '__main__':
app.run(host = '0.0.0.0', port = 8080)
The curl request I have written in my php code is:
$signed_url = "http://my-ip-address:8080/";
$ch = curl_init($signed_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, 0);
$data= curl_exec($ch);
echo $data;
I can do a curl request :
curl http://my-ip-address:8080/
from command line. However, when the curl request is embedded within my PHP code, it gives me an error "Connection refused".
Kindly help!
If the PHP code is on another server, but your command line cURL request is on the same server, then you aren't comparing apples to apples.
Two things that might be wrong:
Your Flask server has a firewall that doesn't allow external connections.
You are connecting using an private network IP address rather than a public IP address.
For now your PHP code looks correct, so I would narrow down the problem a little bit. Ignore that PHP code and try to connect using cURL on the command line from the same server you are running your PHP code on.
try to set your port with curl options like this:
curl_setopt($ch, CURLOPT_PORT, 8080);
so your signed url will be:
$signed_url = "http://my-ip-address";
I use this code for my work and worked :)
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://localhost:5000/spmi/api/1');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "{\"teks_analysis\":\"tidak ada skor nol\"}");
curl_setopt($ch, CURLOPT_POST, 1);
$headers = array();
$headers[] = 'Content-Type: application/json';
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
$result = curl_exec($ch);
if (curl_errno($ch)) {
echo 'Error:' . curl_error($ch);
}
curl_close($ch);
the key is CURLOPT_POSTFIELDS
I've made web-service to send push notifications to ios using curl,
i have the ck.pem file for development which contain both cert & RSA private key, and referring to it correctly.
but every time i call the web-service i get the same error
Curl failed: unable to use client certificate (no key found or wrong pass phrase?)
All related solutions not working, except alternatives using "stream_context_create", But I want to do it with curl and idk where's the problem is.
find below my code :
function test_push_to_ios() {
$url = 'https://gateway.sandbox.push.apple.com:2195';
$cert = base_url() . 'backend_includes/ios_cert/ck.pem';
$gcm_ids = array("xxxxxx");
$passphrase = "passphrase";
$message = 'nbad_notification';
$aps = array('alert' => $message, 'sound' => 'default');
$fields = array('device_tokens' => $gcm_ids, 'data' => $message, 'aps' => $aps);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/json"));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_SSLCERT, $cert);
//curl_setopt($ch, CURLOPT_SSLCERTPASSWD, $passphrase);
curl_setopt($ch, CURLOPT_SSLKEY, $cert);
curl_setopt($ch, CURLOPT_SSLKEYPASSWD, $passphrase);
curl_setopt($ch, CURLOPT_CERTINFO, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($fields));
$result = curl_exec($ch);
if ($result === FALSE) {
die('Curl failed: ' . curl_error($ch));
}
curl_close($ch);
echo json_encode($result);
}
I didn't read your question carefully.
You are trying to send push notifications to Apple via an HTTPS request. That can't work. Apple Push Notifications only work with a specific binary format over TCP protocol.
As a provider you communicate with Apple Push Notification service over a binary interface. This interface is a high-speed, high-capacity interface for providers; it uses a streaming TCP socket design in conjunction with binary content. The binary interface is asynchronous.
There are many problems with your code :
You seem to mix GCM code with APNS code.
$fields = array('device_tokens' => $gcm_ids, 'data' => $message, 'aps' => $aps); looks similar to what you would do when sending a message to Google Cloud Messaging server. But GCM is completely different than APNS, so why did you think that would work?
You are sending a JSON body, which is what works with GCM, but APNS use a binary format. While the payload within the binary message to APNS contains an encoded JSON String (which looks similar to your $aps JSON), you can't package it within another JSON and expect it to work.
And adding https:// in front of the APNS server can't make it support HTTPS, since it wasn't implemented to support HTTPS (nor HTTP).
I suggest you use stream_context, which works.
I've seen several posts about how to send GCM messages from my PHP server, but I can't get it working. This is my code:
public function test_gcm($id_user){
// Search user's RegIds and stores them in $regids
if(count($regids) == 0){
echo "This user has no registered device.";
return;
}
$ch = curl_init();
$data = array(
'data' => array('message'=>'my message', 'title'=>'message title'),
'registration_ids' => $regids
);
curl_setopt($ch, CURLOPT_URL, 'https://android.googleapis.com/gcm/send');
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($data));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// WRITE JSON HEADERS
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'Authorization:key=' . $apiKey)
);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$result = curl_exec($ch);
curl_close($ch);
echo $result;
}
I'm using the browser key. I tried the server key too, but none of them work, the curl_exec always return false. Does anybody know why is it?
EDIT: I just used 'netstat -tuanc | grep 173' on my server and performed the server call. I'm using grep 173 because if I ping android.googleapis.com I ping this ip address. The netstat didn't show any connection to that ip address when I use the curl_exec. Does that mean I'm not connecting to android.googleapis.com? Or what I'm doing is wrong?
Thanks!
Check the "message" content are same or not in android code. 'message'=>'my message' should match with the message from IntentService class in android.
I've managed to fix it. It was a firewall issue, my firewall was blocking the connection. I've added the rules to accept these messages and now it works.
Thanks to all the people that tried to help :)
Try to change it from https to http
curl_setopt($ch, CURLOPT_URL, 'https://android.googleapis.com/gcm/send');
to
curl_setopt($ch, CURLOPT_URL, 'http://android.googleapis.com/gcm/send');
try this http://2mecode.blogspot.hk/2013/01/google-cloud-messaging-php.html
hope it can help you
I've been reading all the questions/answers I could find but none have solved my problem..
here's the connection to the same url using cURL and a certificate($pem = absolute path to .pem file)
this works
$ch = curl_init($wsdl);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1);
curl_setopt($ch, CURLOPT_SSLCERT, $pem);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
$response = curl_exec($ch);
End here is the code I tried to connect to the wsdl through SOAP
$client = new SoapClient($wsdl, array('local_cert' => $pem));
Even tried loading the contents of the certificate in 'local_cert'
$client = new SoapClient($wsdl, array('local_cert' => file_get_contents($pem)));
In both lines of soap code I get an error from the server saying that I'm not authorised...
do I need to enable something before the certificate is being sent?
There might be some username and password which you need to pass, try this:
curl –k –u user:password –d #myRequestFile.xml uri