1

I asked this question last week but feel i didn't give enough information and fully explain what it is i am doing. so i am opening a new, better documented question that hopefully will be easier to understand.

I am developing a python module/library that will allow a connection to a hivemq broker with a custom version of the file authentication plugin on hivemq's website(www.hivemq.com/plugins). this plugin uses http authentication instead of the file authentication.

This python module is being used to connect a raspberry-pi2 to the hivemq broker but I am having problems with the authentication. The pi will connect in the absence of the plugin. displaying these messages from the on_log an on_message functions:

16 Received CONNACK (0, 0)
connected with the result code 0

However, as soon as I add the authentication plugin to the broker it then gives me these messages:

16 Received CONNACK (0, 5)
connected with the result code 5

to my understanding, result code 5 means refused due to not being authorised.

I also get this message from the broker: 

ERROR- Could not get valid results from the webservice
org.apache.http.NoHttpResponseException: The targer server failed to respond 
at org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpRespoonseParser.hava:143)

I was told in the previous question that this was due to the broker not finding the http server. but i only get this message when the raspberry-pi connects so i dont understand why it can find with other devices but not the pi.

My code for the module is as follows:

import paho.mqtt.client as mqtt
#import base64

#create a client instance
client = mqtt.Client()


#The callback for when the client recieves a CONNACK response from the server
def on_connect(client, userdata, flags, rc):
   print("connected with the result code "+str(rc))
   #print("usrData: "+str(userdata))
   #print("client: " +str(client))
   #print("flags: " +str(flags))

   #Define any topics you would like the pi to
   #automatically subscribe to here

#The callback for when this client publishes to the server.
def on_publish(client, userdata, mid):
  print("message published")


#The callback for when a PUBLISH message is recieve from the server.
def on_message(client, userdata, msg):
    print(msg.topic+" "+str(msg.payload))


def on_log(client, userdata, level, buf):
    print(str(level)+" "+str(buf))


#set callbacks
def setup():
    client.on_connect = on_connect
    client.on_message = on_message
    client.on_publish = on_publish
    client.on_log = on_log



#setup connection to broker
def connect(username, password):
    client.username_pw_set(username, password)
    #client.connect("mqtt.owly.uk")
    client.connect("10.19.110.73")

#publish to a topic
def publish(topic, message):
    client.publish(topic, message)


def loop():
    client.loop()

I think the problem is with how the paho client formats the request to the broker. i cant really think of what else it could be. i have arduinos connected to it, mqtt.fx clients connect, the only problem is with the raspberry pi.

Sorry for the lengthy question and thanks for the help in advance.

EDIT: ADDED tcpdump with packet details

pi@raspberrypi ~ $ sudo tcpdump -nnXSs 0 port 1883
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
10:36:12.626081 IP 10.19.8.61.60353 > 52.30.179.227.1883: Flags [S], seq 1221863 198, win 29200, options [mss 1460,sackOK,TS val 227462 ecr 0,nop,wscale 7], leng                                                                                        th 0
    0x0000:  4500 003c 5f98 4000 4006 e0d2 0a13 083d  E..<_.@.@......=
    0x0010:  341e b3e3 ebc1 075b 48d4 271e 0000 0000  4......[H.'.....
    0x0020:  a002 7210 fa7f 0000 0204 05b4 0402 080a  ..r.............
    0x0030:  0003 7886 0000 0000 0103 0307            ..x.........
10:36:12.638249 IP 52.30.179.227.1883 > 10.19.8.61.60353: Flags [S.], seq 104987                                                                                        220, ack 1221863199, win 17898, options [mss 8961,sackOK,TS val 1882686450 ecr 2                                                                                        27462,nop,wscale 7], length 0
    0x0000:  4500 003c 0000 4000 3106 4f6b 341e b3e3  E..<..@.1.Ok4...
    0x0010:  0a13 083d 075b ebc1 0641 fa54 48d4 271f  ...=.[...A.TH.'.
    0x0020:  a012 45ea 1a0e 0000 0204 2301 0402 080a  ..E.......#.....
    0x0030:  7037 83f2 0003 7886 0103 0307            p7....x.....
10:36:12.638365 IP 10.19.8.61.60353 > 52.30.179.227.1883: Flags [.], ack 1049872                                                                                        21, win 229, options [nop,nop,TS val 227464 ecr 1882686450], length 0
    0x0000:  4500 0034 5f99 4000 4006 e0d9 0a13 083d  E..4_.@.@......=
    0x0010:  341e b3e3 ebc1 075b 48d4 271f 0641 fa55  4......[H.'..A.U
    0x0020:  8010 00e5 fa77 0000 0101 080a 0003 7888  .....w........x.
    0x0030:  7037 83f2                                p7..
10:36:12.639260 IP 10.19.8.61.60353 > 52.30.179.227.1883: Flags [P.], seq 122186                                                                                        3199:1221863304, ack 104987221, win 229, options [nop,nop,TS val 227464 ecr 1882                                                                                        686450], length 105
    0x0000:  4500 009d 5f9a 4000 4006 e06f 0a13 083d  E..._.@.@..o...=
    0x0010:  341e b3e3 ebc1 075b 48d4 271f 0641 fa55  4......[H.'..A.U
    0x0020:  8018 00e5 fae0 0000 0101 080a 0003 7888  ..............x.
    0x0030:  7037 83f2 1067 0006 4d51 4973 6470 03c2  p7...g..MQIsdp..
    0x0040:  003c 0017 7061 686f 2f43 3844 3032 3037  .<..paho/C8D0207
    0x0050:  4432 3344 3935 4636 3437 4600 1f39 6136  D23D95F647F..9a6
    0x0060:  3632 6235 3934 6566 6632 3237 6661 6131  62b594eff227faa1
    0x0070:  6435 6365 6436 3937 3065 6665 001f 3039  d5ced6970efe..09
    0x0080:  6630 3865 3762 3432 3336 3266 6661 6435  f08e7b42362ffad5
    0x0090:  6430 6664 3237 3836 3561 6231 37         d0fd27865ab17
10:36:12.651185 IP 52.30.179.227.1883 > 10.19.8.61.60353: Flags [.], ack 1221863                                                                                        304, win 140, options [nop,nop,TS val 1882686463 ecr 227464], length 0
    0x0000:  4500 0034 79aa 4000 3106 d5c8 341e b3e3  E..4y.@.1...4...
    0x0010:  0a13 083d 075b ebc1 0641 fa55 48d4 2788  ...=.[...A.UH.'.
    0x0020:  8010 008c ab0d 0000 0101 080a 7037 83ff  ............p7..
    0x0030:  0003 7888                                ..x.
10:36:12.654912 IP 52.30.179.227.1883 > 10.19.8.61.60353: Flags [P.], seq 104987                                                                                        221:104987225, ack 1221863304, win 140, options [nop,nop,TS val 1882686467 ecr 2                                                                                        27464], length 4
    0x0000:  4500 0038 79ab 4000 3106 d5c3 341e b3e3  E..8y.@.1...4...
    0x0010:  0a13 083d 075b ebc1 0641 fa55 48d4 2788  ...=.[...A.UH.'.
    0x0020:  8018 008c 8af6 0000 0101 080a 7037 8403  ............p7..
    0x0030:  0003 7888 2002 0005                      ..x.....
10:36:12.654954 IP 10.19.8.61.60353 > 52.30.179.227.1883: Flags [.], ack 1049872                                                                                        25, win 229, options [nop,nop,TS val 227465 ecr 1882686467], length 0
    0x0000:  4500 0034 5f9b 4000 4006 e0d7 0a13 083d  E..4_.@.@......=
    0x0010:  341e b3e3 ebc1 075b 48d4 2788 0641 fa59  4......[H.'..A.Y
    0x0020:  8010 00e5 fa77 0000 0101 080a 0003 7889  .....w........x.
    0x0030:  7037 8403                                p7..
10:36:12.654915 IP 52.30.179.227.1883 > 10.19.8.61.60353: Flags [F.], seq 104987                                                                                        225, ack 1221863304, win 140, options [nop,nop,TS val 1882686467 ecr 227464], le                                                                                        ngth 0
    0x0000:  4500 0034 79ac 4000 3106 d5c6 341e b3e3  E..4y.@.1...4...
    0x0010:  0a13 083d 075b ebc1 0641 fa59 48d4 2788  ...=.[...A.YH.'.
    0x0020:  8011 008c ab04 0000 0101 080a 7037 8403  ............p7..
    0x0030:  0003 7888                                ..x.
10:36:12.655687 IP 10.19.8.61.60353 > 52.30.179.227.1883: Flags [F.], seq 122186                                                                                        3304, ack 104987226, win 229, options [nop,nop,TS val 227465 ecr 1882686467], le                                                                                        ngth 0
    0x0000:  4500 0034 5f9c 4000 4006 e0d6 0a13 083d  E..4_.@.@......=
    0x0010:  341e b3e3 ebc1 075b 48d4 2788 0641 fa5a  4......[H.'..A.Z
    0x0020:  8011 00e5 fa77 0000 0101 080a 0003 7889  .....w........x.
    0x0030:  7037 8403                                p7..
10:36:12.667605 IP 52.30.179.227.1883 > 10.19.8.61.60353: Flags [.], ack 1221863                                                                                        305, win 140, options [nop,nop,TS val 1882686480 ecr 227465], length 0
    0x0000:  4500 0034 79ad 4000 3106 d5c5 341e b3e3  E..4y.@.1...4...
    0x0010:  0a13 083d 075b ebc1 0641 fa5a 48d4 2789  ...=.[...A.ZH.'.
    0x0020:  8010 008c aaf5 0000 0101 080a 7037 8410  ............p7..
    0x0030:  0003 7889                                ..x.
^C
10 packets captured
10 packets received by filter
0 packets dropped by kernel
Community
  • 1
  • 1
Jensen
  • 43
  • 1
  • 3
  • 11
  • The best way to help here would be to attach a tcpdump, so we can see what's going on (please don't use your real username / password when doing this!) – Dominik Obermaier Dec 01 '15 at 15:28
  • @DominikObermaier how would i go about doing this? is it just a simple follow the instructions at: https://pypi.python.org/pypi/pypcap ? this module seems to not be installing on my pi is there another? – Jensen Dec 02 '15 at 12:28
  • Best would be to just ssh to your raspberry pi and use tcpdump from the command line. When the record starts, start the python script from another ssh session. – Dominik Obermaier Dec 02 '15 at 13:04
  • @DominikObermaier ive updated with a tcpdump let me know if i should add the full one instead as i dont know exactly what youre looking for and i dont think any delicate information can be exposed by me. – Jensen Dec 02 '15 at 13:49
  • In order to help, I would be interested in the exact CONNECT and CONNACK messages, especially the raw bytes sent. Do you think you could upload the whole tcpdump somewhere so people can analyze it? – Dominik Obermaier Dec 02 '15 at 20:22
  • @DominikObermaier I have included a full tcpdump. I started the the program twice in this tcpdump so hopefully you will be able to see very clearly what parts relate to the issue – Jensen Dec 03 '15 at 10:48
  • @DominikObermaier im still having trouble with this! ive changed the tcpdump to one with full packet details – Jensen Dec 08 '15 at 10:50

0 Answers0