1

I am trying to authenticate myself via a Go client. Here is what i have done so far

func main() {
    servAddr := "192.168.7.13:443"
    tcpAddr, err := net.ResolveTCPAddr("tcp", servAddr)
    if err != nil {
        fmt.Println("ResolveTCPAddr failed:", err.Error())
        os.Exit(1)
    }

    conn, err := net.DialTCP("tcp", nil, tcpAddr)
    if err != nil {
        fmt.Println("Dial failed:", err.Error())
        os.Exit(1)
    }

    _, err = conn.Write([]byte(postReq))
    if err != nil {
        fmt.Println("Write to server failed:", err.Error())
        os.Exit(1)
    }

    fmt.Println(postReq)

    reply := make([]byte, 1024)
    _, err = conn.Read(reply)
    if err != nil {
        fmt.Println("Write to server failed:", err.Error())
        os.Exit(1)
    }

    fmt.Println("reply from server=", string(reply))

    conn.Close()
}

This is the message which i am writing to the connection:

POST /ManagementServer/ServerCommandService.svc HTTP/1.1 Host: 192.xxx.xx.xx Content-Type: text/xml; charset=utf-8 Authorization: Basic {username:password in base64} Content-Length: 405 SOAPAction:"http://videoos.net/2/XProtectCSServerCommand/IServerCommandService/Login" Connection: Keep-Alive 190fc316-6412-41c4-8a9c-d468cc7bee9d

After this, I am expecting to get an authentication token, but instead i am getting a 

> Write to server failed: read tcp server-ip:port->server-ip:443:
> read: connection reset by peer

What am I doing wrong? FYI, I am using the same message in python and with sockets I am able to get the token. Can someone help me do the same in Go lang? Thanks

shahidammer
  • 1,026
  • 2
  • 10
  • 24

1 Answers1

2

Judging from the fact, that your server uses the port 443, I assume the server expects a TLS connection. To get such a connection, you can use tls.Dial:

conn, err := tls.Dial("tcp", servAddr, nil) // servAddr not tcpAddr

This connection will handle the underlying steps required for the encryption of TLS, like the TLS handshake and allow you to Write the bytes you want to send, instead of having to do the encryption yourself.

As you mentioned an error with the certificate validation, using

conn, err := tls.Dial("tcp", servAddr, &tls.Config{InsecureSkipVerify: true})

will disable this validation. Be aware that this removes most of the security TLS provides.

One note, I would suggest you use net/http to send simple HTTP requests. To disable the certificate validation here, you can use 

http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true}

but again, be aware that this removes most of the security TLS provides. You can check this answer for more details on disabling this for request send using net.http.

Leon
  • 2,926
  • 1
  • 25
  • 34
  • conn, err := tls.Dial("tcp", "192.168.x.xx:443", nil) I used this but i am getting `Dial failed: x509: cannot validate certificate for 192.168.x.xx because it doesn't contain any IP SANs` – shahidammer Oct 20 '18 at 10:45