Re: [Sstp-client-devel] Unrecoverable SSL error
Brought to you by:
eivnaes
From: Eivind N. <ei...@ya...> - 2012-05-14 15:11:42
|
Hi Elie, That's great news on your progress of making SSTP work on the OpenWRT software. Thank you for working on that! :) It sounds to me that you might run into an issue with the MPPE keys not being successfully provided to establish the HLAK (higher layer authentication token) to bind the PPP session with the SSL session. Without saying for certain, there is a SSTP_CONNECTED message being sent to the server after the IPCP layer have been established. And if the info provided in that message is wrong, you would have the server close this connection on you imediately. sstp-client works in two ways, 1) you pass credentials on command line (no pppd plugin needed, but limited to MSCHAP-V2 authentication), or 2) use of pon / poff style of scripts where sstp-client is either being started by pppd (pty mode, pass: --nolaunchpppd) or sstp-client starts pppd. The pppd plugin will pass the MPPE keys to sstp-client after IP-UP succeeds, and sstp-client will then send the SSTP_CONNECTED message to the server using these MPPE keys to calculate the correct hash. To be certain, I like you to describe the setup on the OpenWRT software you are trying to configure. Example, 1) Software version, (sstp-client v1.0.7?) 2) Are you trying pon / poff, or passing credentials per command line automatically? 3) The output of the sstp-client and the pppd from syslog (/var/log/syslog), please run sstp-client with --log-level 4, and specify 'debug' in the pppd configuration. Regards, - Eivind ________________________________ From: Elie Zedeck <kok...@ya...> To: "sst...@li..." <sst...@li...> Sent: Sunday, May 13, 2012 10:37 PM Subject: [Sstp-client-devel] Unrecoverable SSL error Hey guys, I'm new to SSTP, and I'm having trouble making it work, and last as long as it should. My goal is to make this SSTP work on OpenWrt, and it is half-way there. I've already created a package, and packaged in the sstpc binary, the SSTP API library, and the PPPD plugin. They all working fine, but I just don't know why is it not working right. The problem that I get, is that as soon as it has finished negotiating IP address with the SSTP Server, it disconnects right-away with an "Unrecoverable SSL error". And it if it is not ending with that error, it will end with something like "Invalid info attribute", or "Unknown Attribute". I'd like to know, what is the cause of these error, and how to fix it. Connection is working fine on Windows 7. Thanks ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Sstp-client-devel mailing list Sst...@li... https://lists.sourceforge.net/lists/listinfo/sstp-client-devel |