Develop Reference

BlueZ BLE Ecrypted Characteristic Read fails after bonding and connecting

I am using Raspberry Pi as a BLE Peripheral and nRF Connect tool as BLE Client. In Raspberry Pi, I'm running Simple Agent Test Program, Advertisement Program and Gatt Server Program given in the Bluez Test Folder.
From the nRF Connect Tool, I, first bonded the devices and connected the devices. I have attached the dbus logs for the process.
While bonding, the log shows the following
signal time=1595076323.849939 sender=:1.15 -> destination=(null destination) serial=863 path=/org/bluez/hci0/dev_04_C8_07_BC_23_7A; interface=org.freedesktop.DBus.Properties; member=PropertiesChanged
string "org.bluez.Device1"
array [
dict entry(
string "Connected"
variant boolean true
)
]
array [
]
method call time=1595076324.986873 sender=:1.15 -> destination=:1.79 serial=864 path=/test/agent; interface=org.bluez.Agent1; member=RequestConfirmation
object path "/org/bluez/hci0/dev_04_C8_07_BC_23_7A"
uint32 243301
While connecting, the log shows the following:
signal time=1595076345.854856 sender=:1.15 -> destination=(null destination) serial=868 path=/; interface=org.freedesktop.DBus.ObjectManager; member=InterfacesAdded
object path "/org/bluez/hci0/dev_7A_5D_49_4F_ED_08"
array [
dict entry(
string "org.freedesktop.DBus.Introspectable"
array [
]
)
dict entry(
string "org.bluez.Device1"
array [
dict entry(
string "Address"
variant string "7A:5D:49:4F:ED:08"
)
dict entry(
string "AddressType"
variant string "random"
)
dict entry(
string "Alias"
variant string "7A-5D-49-4F-ED-08"
)
dict entry(
string "Paired"
variant boolean false
)
dict entry(
string "Trusted"
variant boolean false
)
dict entry(
string "Blocked"
variant boolean false
)
dict entry(
string "LegacyPairing"
variant boolean false
)
dict entry(
string "Connected"
variant boolean true
)
dict entry(
string "UUIDs"
variant array [
]
)
dict entry(
string "Adapter"
variant object path "/org/bluez/hci0"
)
dict entry(
string "ServicesResolved"
variant boolean false
)
]
)
dict entry(
string "org.freedesktop.DBus.Properties"
array [
]
)
]
I am confused with the following:
While bonding and connecting the paths are different: /org/bluez/hci0/dev_04_C8_07_BC_23_7A and /org/bluez/hci0/dev_7A_5D_49_4F_ED_08. Does it mean, to the Rasperry Pi, the device appears different while bonding and connecting?
If it is bonded, then shouldn't the Paired and Trusted fields be True while connecting (which is not, from the log)?
While trying to read an encrypted characteristic, the bond is deleted and connection is also disconnected.

So, after many hours of trial and error, I have been able to reproduce the failure case and successful case consistently.
Failure Case:
Boot up the Pi.
Start the agent, advertisement and gatt server.
Bond the device. Connect it.
Try to read the encrypted characteristic. It fails.
Success Case:
Boot up the Pi.
Restart bluetooth service.
Start the agent, advertisement and gatt server.
Bond the device. Connect it.
Try to read the encrypted characteristic. It succeeds.
So, for the time being, the workaround seems to be restarting the bluetooth service after boot up before starting the agents and advertisements.
Fixing the root cause:
The solution to this problem is given in this Github link.
After much digging, I noticed that this problem is caused by the state
the bluetooth chip is in at the time BlueZ is fired up (you can check
the state with hciconfig hci0). If it's in "UP RUNNING" state or in
"UP RUNNING PSCAN ISCAN" state, BlueZ complains with one or more of
these:
Failed to set mode: Rejected (0x0b) Failed to set mode: Rejected
(0x0b) Failed to set privacy: Rejected (0x0b)
But if it's in "DOWN" state, BlueZ starts with no issues. So, you
first have to do hciconfig hci0 down before the bluetooth service
starts up. But before you can use hciconfig, you also need to ensure
the sys-subsystem-bluetooth-devices-hci0.device service has started!
Solution 1:
I ended up disabling the automatic boot sequence, and run this script instead:
systemctl start sys-subsystem-bluetooth-devices-hci0.device; hciconfig hci0 down; systemctl start bluetooth
Solution 2:
Delaying the running of bthelper by a couple of seconds fixed this issue for me, without me having to disable the automatic boot sequence and run any manual commands.
I added an ExecStartPre line to /lib/systemd/system/bthelper#.service
such that the Service section now looks like this:
[Service]
Type=simple
ExecStartPre=/bin/sleep 2
ExecStart=/usr/bin/bthelper %I
I tried Solution 2 and it worked.

How to allow inbound calls in pjsip and Asterisk 13?

I have configured Asterisk 13.13.1 with PJProject 2.5.5 and enable PJSIP as SIP driver (without compiling chan_sip).
I have the fully configured system and it's working but I have some problems with incoming calls. I have few numbers connected with my host and when I calling from any public number I noticed this info on asterisk remote console:
[Feb 24 14:27:16] NOTICE[5291]: res_pjsip/pjsip_distributor.c:525 log_failed_request: Request 'INVITE' from '"zzzzz" <sip:zzzzz#192.168.34.1>' failed for '192.168.34.1:5062' (callid: 0e07e7607f8f62dd225347363173bb9f#192.168.34.1:5062) - No matching endpoint found
And if I add the number which is calling to my Asterisk to endpoints then it's working - I can pick up this call.
How to add the possibility to allow all inbound calls?

You need to create an anonymous endpoint to accept inbound calls from unknown endpoints.
Be aware that adding an anonymous endpoint opens the system to extension scanning attacks where scanners try to find out which extensions you have configured in your system. They do this either to spam you with advertising calls, or exploit call transferring to call long distance numbers, or for some other ulterior motive.
After creating an anonymous endpoint, associate it with a context different from that used by your extensions. This prevents them from dialing long-distance through your trunks.
To add an anonymous endpoint in pjsip.conf, add the following lines:
[anonymous]
type=endpoint
context=anonymous
disallow=all
allow=speex,g726,g722,ilbc,gsm,alaw
In the dialplan extensions.conf:
[anonymous]
exten => _XXXXX,1,GotoIf(${DIALPLAN_EXISTS(local-extensions,${EXTEN},1)}?local-extensions,${EXTEN},1)
same => n,Hangup(1)
local-extensions is the context listing your local extensions.

It looks like your missing something from you pjsip config. My basic config is as follows and is based on a sipgate setup with an internal extension. This config has been extracted from a running box (though usernames & passwords have been removed);
pjsip.conf
[transport-udp]
type = transport
protocol = udp
bind = 0.0.0.0
[reg_sipgate_premium]
type = registration
retry_interval = 20
max_retries = 10
contact_user = 0000000
expiration = 120
transport = transport-udp
outbound_auth = auth_sipgate_premium
client_uri = sip:0000000#sipgate.co.uk:5060
server_uri = sip:sipgate.co.uk:5060
[auth_sipgate_premium]
type = auth
username = 0000000
password = password
[sipgate_aor_premium]
type = aor
contact = sip:0000000#sipgate.co.uk
[sipgate-preimum]
type = endpoint
context = incomingsipgate
dtmf_mode = rfc4733
disallow = all
allow = alaw
rtp_symmetric = yes
force_rport = yes
rewrite_contact = yes
timers = yes
from_user = 0000000
from_domain = sipgate.co.uk
language = en
outbound_auth = auth_sipgate_premium
aors = sipgate_aor_premium
extensions.conf
[incomingsipgate]
exten => 0000000,1,Goto(sipgate-in-premium,0000000,1)
[sipgate-in-premium]
exten => 0000000,1,Verbose(Incoming call from Sipgate line CallerID=${CALLERID(all)})
exten => 0000000,2,Goto(internal-ext,120,1)
[internal-ext]
exten => 120,1,Dial(SCCP/120,20,o,CallerID=${CALLERID(all)})
This line is used to catch any free phone (0500) number and route it via sipgate when a user internally dials 90500xxxxxxx;
exten => _90500.,1,Dial(PJSIP/${EXTEN:1}#sipgate-preimum)

For sure, the problem is in your incoming line operator context. The problem is not in pjsip - it is in dialplan. Please check your trunk (or registration context value to understand proper dialplan section:
[outer]
exten=>_1234567,1,NoOp(Incoming call to public number 1234567)
exten=>_1234567,n,GoTo(outer,3333,1)
exten=>_1234567,n,Hangup()
exten=>_3333,1,NoOp(Transfered from public context to local extension 3333)
exten=>_3333,n,Dial(PJSIP/${EXTEN},180)
exten=>_3333,n,Hangup()
Change 1234567 to your public number and 3333 to the local number that has to receive this incoming call. And of course, set outer as context for incoming calls number provider registration (trunk).

What does 'No such name' mean in DNS?

So i'm currently using Wireshark to investigate DNS traffic. In the command prompt, i am running the query nslookup to lookup a domain. In wireshark i am getting the following response:
Flags: 0x8183 Standard query response, No such name
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server
.... .... ...0 .... = Non-authenticated data: Unacceptable
.... .... .... 0011 = Reply code: No such name (3)
What exactly does 'No such name' mean and why is it being displayed?

Look at the description of NXDOMAIN in RFC 1035 section 4.1.1:
https://www.rfc-editor.org/rfc/rfc1035#section-4.1.1
3 Name Error - Meaningful only for
responses from an authoritative name
server, this code signifies that the
domain name referenced in the query does
not exist.

openstack swift: The server has waited too long for the request to be sent by the client

we get few of these now and then:
Caused by: javax.ejb.EJBException: org.jclouds.http.HttpResponseException:
command: PUT {{PUT_URL}}
HTTP/1.1 failed with response: HTTP/1.1 408 Request Timeout;
content: [<html><h1>Request Timeout</h1><p>The server has waited too long for the request to be sent by the client.</p></html>]
retrying later usually works. what causes this exception? is there a way to increase the timeout on swift?

jclouds 1.7.2 includes a fix for this issue:
https://issues.apache.org/jira/browse/JCLOUDS-342

Your question does not have the proper info in detail.
if you are a developer you can use something like:
import static org.jclouds.Constants.*;
Properties overrides = new Properties();
overrides.setProperty(PROPERTY_MAX_CONNECTIONS_PER_CONTEXT, 20 + "");
overrides.setProperty(PROPERTY_MAX_CONNECTIONS_PER_HOST, 0 + "");
overrides.setProperty(PROPERTY_CONNECTION_TIMEOUT, 5000 + "");
overrides.setProperty(PROPERTY_SO_TIMEOUT, 5000 + "");
overrides.setProperty(PROPERTY_IO_WORKER_THREADS, 20 + "");
// unlimited user threads
overrides.setProperty(PROPERTY_USER_THREADS, 0 + "");
Set<Module> wiring = ImmutableSet.of(new EnterpriseConfigurationModule(), new Log4JLoggingModule());
// same properties and wiring can be used for many services, although the limits are per context
blobStoreContext = ContextBuilder.newBuilder("s3")
.credentials(account, key)
.modules(wiring)
.overrides(overrides)
.buildView(BlobStoreContext.class);
computeContext = ContextBuilder.newBuilder("ec2")
.credentials(account, key)
.modules(wiring)
.overrides(overrides)
.buildView(ComputeServiceContext.class);
Following is the quote from JClouds Configuration docs:
Timeout:
Aggregate commands will take as long as necessary to complete, as controlled by FutureIterables.awaitCompletion.
If you need to increase or decrease this, you will need to adjust the property jclouds.request-timeout or Constants.PROPERTY_REQUEST_TIMEOUT.
This is described in the Advanced Configuration section.
If you are dealing with your own cluster then you can go with some possible configuration options present in swift proxy-server-configuration.

Send all traffic over VPN connection

i want write a mac vpn client,now ,in the system network ,it has a setting named "Send all traffic over VPN connection",how to set it by code?i think it is not in SCNetworkConfiguration

here's a method i used before. it illustrates pretty straight forwardly how to get the current ipv4 dictionary to then change it and set it back. change the CFSTR("1") to a 0 or 1 depending on your needs
#define GetCasted(value, type) ((value) && (CFGetTypeID(value) == type##GetTypeID()) ? ((type##Ref)value) : NULL)
-(void)setIPv4Stuff:(SCNetworkServiceRef)service{
SCNetworkProtocolRef protoR = SCNetworkServiceCopyProtocol(service, kSCNetworkProtocolTypeIPv4);
CFDictionaryRef proxyDictR = SCNetworkProtocolGetConfiguration(protoR);
const void *configMethodP = proxyDictR ? CFDictionaryGetValue(proxyDictR, kSCPropNetIPv4ConfigMethod) : NULL;
CFStringRef configMethod = GetCasted(configMethodP, CFString);
CFMutableDictionaryRef newProxyDictR;
newProxyDictR = CFDictionaryCreateMutable(NULL, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
CFDictionarySetValue(newProxyDictR, kSCPropNetIPv4ConfigMethod, configMethod);
CFDictionarySetValue(newProxyDictR, kSCPropNetOverridePrimary, CFSTR("1"));
SCNetworkProtocolSetConfiguration(protoR, newProxyDictR);
CFRelease(newProxyDictR);
}

kSCPropNetOverridePrimary to 0 should disable this (you can look up that key in the ipv4 dictionary).
You need to set protocol configuration for the ipv4 protocol with that key set to 0 or 1 to disable or enable that flag respectively.