How do I open a secure WSS websocket in KDB? - kdb

I'm trying to figure out how to connect to a data feed.
The data feed is at
wss: ":wss://stream.data.alpaca.markets/v2/iex"
.z.ws:{0N!x;}
r:(`$wss)""
I have set up TLS in KDB and can access https endpoints just fine. This says OS reports: No route to host.
The documentation refers to using stunnel, but doesn't clarify whether that's for securing KDB as a server (which is what stunnel looks like it's mainly for), or decrypting a feed as a client.
https://code.kx.com/q/kb/websockets/#simple-websocket-client-example
What am I doing wrong?

Stunnel can be used to encrypt or decrypt any TCP SSL connection, including websockets.
To get KDB to connect to a secure websocket, you need to use stunnel in client mode.
This is the config that worked for me. You can then open the decrypted websocket on your localhost at ws://localhost:80
foreground = yes
debug = 7
[alpaca websocket]
accept = 80
client = yes
connect = stream.data.alpaca.markets:443
CApath = /etc/ssl/certs/
checkHost = stream.data.alpaca.markets
OCSPaia = no
verifyChain=yes

Related

Fiddler can't track the traffic but httpAnalyzer can (connection looks like websockets)

I need to explore the traffic from one program.
The program makes something like a connection through the WebSockets.
Fiddler displays this:
Request Headers: CONNECT 144.***:443 HTTP/1.0
Response: HTTP/1.0 200 Connection Established
End empty body.
But the HTTP analyzer displays full information after that response, and that information continues flowing. Very likely like WebSockets (one connection and receive more answers).
And fiddler display zero traffic.
How can I explore such traffic through the fiddler?
A CONNECT call is always the first command a client sends if it uses a Proxy. Translated CONNECT just means: Please start a connection to the following server and that port. Through that connection the real HTP calls are then transmitted. Therefore CONNECT is not a real HTTP
request.
Fiddler does not show the content of CONNECT requests/responses to port 443 endpoints because those connections are HTTPS/TLS protected (hence the shown data would be useless). You need to enable HTTPS decryption and install the Fiddler root CA certificate into the client app/OS to see the decrypted content of those connections.

How to send HTTP Commands through Port 80

Breif Description of what I am trying to accomplish. So I am working with Crestrons Simpl+ software. My job is to create a module for a sound masking system called QT Pro. Now, QT Pro has an API where you can control it via HTTP. I need a way to establish a connection with the QT Pro via HTTP( I have everything I need, IP, Username, Password).
Whats the problem? I have just started working with this language. Unfortunately there isn't as much documentation as I would like, otherwise I wouldn't be here. I know I need to create a socket connection via TCP on port 80. I just don't know what I'm supposed to send through it.
Here is an example:
http://username:password#address/cmd.htm?cmd=setOneZoneData&ZN=Value&mD=Value
&mN=Value&auxA=Value&auxB=Value&autoR=Value
If I were to put this into the URL box, and fill it in correctly. then it would change the values that I specify. Am I supposed to send the entire thing? Or just after cmd.htm? Or is there some other way I'm supposed to send data? I'd like to stay away from the TCP/IP Module so I can keep this all within the same module.
Thanks.
You send
GET /cmd.htm?cmd=setOneZoneData&ZN=Value&mD=Value&mN=Value&auxA=Value&auxB=Value&autoR=Value HTTP/1.1
Host: address
Connection: close
(End with a couple of newlines.)
If you need to use HTTP basic authentication, then also include a header like
Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
where the gibberish is the base64-encoded version of username:password.
But surely there is some mechanism for opening HTTP connections already there for you? Just blindly throwing out headers like this and hoping the response is what you expect is not robust, to say the least.
To see what is going on with your requests and responses, a great tool is netcat (or telnet, for that matter.)
Do nc address 80 to connect to server address on port 80, then paste your HTTP request:
GET /cmd.htm HTTP/1.1
Host: address
Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
Connection: close
and see what comes back. SOMETHING should come back. (Remember to terminate with two newlines.)
To see what requests your browser is sending when you do something that works, you can listen like this: nc -l -p 8080.
Then direct your browser to localhost:8080 with the rest of the URL as before, and you'll see the request that was sent. (Then you can type back to see how the browser handles the response.)

getting SocketTimeoutException while using smack 4.1.2 in android to connect to my ejabberd server

I am trying to connect to ejabberd server using smack API 4.1.2 (no asmack) on android device. while running smackClient program , I am getting below error
java.net.SocketTimeOutException:Failed to connect to abc.example.com/182.*.*.* (on port 5222) after 30000ms,'abc.example.com:5222' failed because java.net.ConnectionException: Failed to connect to abc.example.com/182.*.*.* (on port 5222) after 30000ms
Connection to same ejabberd server using same android device is working fine using xmpp clients like xabber. so Issue is surely with client code I have written. Below is the snippet of my code
XMPPTCPConnectionConfiguration config = XMPPTCPConnectionConfiguration.builder()
.setUsernameAndPassword(userName, password)
.setServiceName("abc.example.com")
.setSecurityMode(ConnectionConfiguration.SecurityMode.disabled)
.setSendPresence(true)
.build();
connection = new XMPPTCPConnection(config);
connection.connect();
connection.login(userName, password);
I am missing something in my client code that xabber is having so xabber connection is working from same device using same credential.
Please help
Hard to tell without real IP and names in your example. However, my best guess would be about how the address to your IP server is resolved.
There seems to be discrepancy in your example with server (example.com) and service name in your code (abc.example.com).
My guess it that your client is attempting to connect to another machine that the one the XMPP server is running on.
So, here are the things to check when you have issues with a server not replying:
Check how the address of the domain is resolved. You may need to specify another machine name that the domain. If this is a test domain, there is possibly not a DNS setup, so you may even need to specify server IP (while still configuring the client to use an XMPP domain, that's two different things).
In client, log the IP you are trying to connect to, to make sure this is the one where the server is running.
If server is not on the main domain server, you may even need to do DNS SRV record queries for XMPP C2S service.
For me , it took hours to find the solution.
I forget to turnoff the VPN application(Express VPN) .Network tunneling was the root cause .
And change the Network protocol version properties as below ,
Choose the 1st option (Obtain DNS server address automatically).
My experience: I used following code
DomainBareJid xmppServiceDomain = JidCreate.domainBareFrom("desktop-urvfr83");
//DomainBareJid xmppServiceDomain = JidCreate.domainBareFrom("192.168.1.3");
InetAddress addr = InetAddress.getByName("192.168.1.3");
XMPPTCPConnectionConfiguration config = XMPPTCPConnectionConfiguration.builder()
.setUsernameAndPassword("alir", "111111")
.setHostAddress(addr)
.setResource("phonn")
.setXmppDomain(xmppServiceDomain)
.setSecurityMode(ConnectionConfiguration.SecurityMode.disabled)
.setPort(5222)
.build();
but it could not connect and produced timeout connection exception. When I disabled windows firewall it worked correctly and connected.

How to connect to a heroku rendezvous url from a tcp socket?

I am creating a new on-off dyno with the Heroku Platform API and getting back an url with the format rendezvous://rendezvous.runtime.heroku.com:5000/{rendezvous-id}.
Now I want to establish a connection to this url with the chrome.socket.tcp API.
chrome.sockets.tcp.create({}, function(createInfo) {
chrome.sockets.tcp.connect(createInfo.socketId, IP, PORT, onConnectedCallback);
});
where IP is 'rendezvous.runtime.heroku.com' and PORT is 5000, but how could i specify the rendezvous-id or do I need to do this?
I found a Ruby implementation of this: https://github.com/heroku/heroku/blob/master/lib/heroku/client/rendezvous.rb
Is it possible to do this in a chrome app?
Edit
I read the Ruby implementation. It uses a ssl_socket instance from a OpenSSL library and then just sends the rendezvous-id. Can I just use chrome.socket.tcp.secure to get an openssl secure socket?

What kind of proxy server is this?

I want to use this as a proxy server to connect many different clients with servers. Here is what I'm looking to do:
The server software on a user's computer would connect to a proxy server that is running on a VPS. It would pass in some kind of Key or authentication info to identify itself and then would maintain a persistent TCP connection to the proxy server.
A client application running on a mobile device or other computer would connect to the proxy server and pass in some kind of Key or authentication info. The proxy server would match the connection between the client and server based on their authentication info, and then forward all data back and fourth between the connections.
The proxy server would need to be able to handle multiple clients and servers connecting to it at once and use the authentication info to pair them up. There could be multiple clients connecting to the same server at the same time too. The connection from the client and server would both be outbound so that they are not blocked by firewalls. I wrote the client and server software, so I can make them work with any specific proxy.
What is the name of this kind of proxy server? And can anyone recommend any?
Thanks!