Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OpenSSL3 config option not allowing unsafe legacy renegotiation #316

Closed
Alazoral opened this issue May 25, 2023 · 8 comments
Closed

OpenSSL3 config option not allowing unsafe legacy renegotiation #316

Alazoral opened this issue May 25, 2023 · 8 comments
Labels
bug Something isn't working due to a problem in the CODE

Comments

@Alazoral
Copy link

After upgrading Node.js (via upgrading the Homebridge docker image) the plugin can't seem to connect to the AC any more. Adding OpenSSL3 in to the config hasn't helped. This is my config:

        {
            "name": "Daikin",
            "apiroute": "https://192.168.20.10",
            "temperature_unit": "C",
            "uuid": "my-uuid-here",
            "system": "Default",
            "swingMode": "1",
            "disableFan": false,
            "fanMode": "FAN",
            "fanPowerMode": "FAN only",
            "fanName": "Daikin Fan",
            "defaultMode": "1",
            "enableHumiditySensor": false,
            "enableTemperatureSensor": true,
            "response": 2000,
            "deadline": 60000,
            "retries": 5,
            "accessory": "Daikin-Local",
            "OpenSSL3": true
        }

Error:

_doSendGetRequest: ERROR: API request to https://192.168.20.10/aircon/get_control_info returned error Error: write EPROTO C0B71504FD7E0000:error:0A000152:SSL routines:final_renegotiate:unsafe legacy renegotiation disabled:../deps/openssl/openssl/ssl/statem/extensions.c:922:

    at WriteWrap.onWriteComplete [as oncomplete] (node:internal/stream_base_commons:94:16) {
  errno: -71,
  code: 'EPROTO',
  syscall: 'write',
  response: undefined,
  retries: 0
}

Thanks so much for your assistance, when it was working this plugin was incredibly useful and I hugely admire the work you folks do.
@Alazoral Alazoral added the bug Something isn't working due to a problem in the CODE label May 25, 2023
@cbrandlehner
Copy link
Owner

Responding to let you know that I have no device to test this. So I have no way to debug or test this issue.

I am hoping someone in the community will take the lead and submit a proposed solution, as we successfully did with the initial OpenSSL patch.

@woodgieboodgie woodgieboodgie mentioned this issue May 29, 2023
Closed
@woodgieboodgie
Copy link

is there anything I can do to assist? happy to co-ordinate remote access if needed, or logs..

@Alazoral
Copy link
Author

I found a workaround, by downgrading to Node 16. I opened a bash shell in the container, then ran

hb-service update-node 16.20.1 --allow-root

and that seems to have done the trick, for now.

@cbrandlehner
Copy link
Owner

I opened the console in Homebridge and updated to NodeJS v18.17.1 using
hb-service update-node

This is my config

        {
            "name": "Daikin Büro",
            "apiroute": "http://192.168.1.135",
            "temperature_unit": "C",
            "system": "Default",
            "OpenSSL3": true,
            "swingMode": "3",
            "disableFan": true,
            "fanMode": "FAN",
            "fanPowerMode": "FAN only",
            "fanName": "Büro FAN",
            "defaultMode": "3",
            "enableHumiditySensor": false,
            "enableTemperatureSensor": true,
            "response": 2000,
            "deadline": 60000,
            "retries": 5,
            "_bridge": {
                "username": "0E:D1:55:36:A0:49",
                "port": 33541
            },
            "accessory": "Daikin-Local"
        },

Using this config I can not reproduce the problem with my device and NodeJS v18.17.1.

@woodgieboodgie
Copy link

Still presenting the error for me with NodeJS v18.17.1:

_doSendGetRequest: ERROR: API request to https://192.168.0.141/aircon/get_sensor_info returned error Error: write EPROTO 001AF4B6:error:0A000152:SSL routines:final_renegotiate:unsafe legacy renegotiation disabled:../deps/openssl/openssl/ssl/statem/extensions.c:922:

at WriteWrap.onWriteComplete [as oncomplete] (node:internal/stream_base_commons:94:16) {

errno: -71,
code: 'EPROTO',
syscall: 'write',
response: undefined,
retries: 0
}

@woodgieboodgie
Copy link

My config:

{
"name": "Daikin Aircon",
"apiroute": "https://192.168.0.141",
"temperature_unit": "C",
"uuid": "xyz123",
"system": "Default",
"swingMode": "1",
"disableFan": false,
"fanMode": "FAN",
"fanPowerMode": "Complete Device",
"fanName": "Kitchen FAN",
"defaultMode": "3",
"enableHumiditySensor": false,
"enableTemperatureSensor": true,
"response": 2000,
"deadline": 60000,
"retries": 5,
"_bridge": {
"username": "0E:44:1E:F3:FD:79",
"port": 36946
},
"accessory": "Daikin-Local"
}

@cbrandlehner
Copy link
Owner

@woodgieboodgie Have you tried the "OpenSSL3": true option?

@cbrandlehner
Copy link
Owner

Closing this issue due to inactivity and the reported problem seems to be a configuration issue only.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working due to a problem in the CODE
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Alazoral @cbrandlehner @woodgieboodgie