Closed nikvostro closed 4 months ago
I can confirm, just build 13.4.0 and work correctly, on 14.x it's not working anymore
I'm not familiar with the time it normally makes, but it seems the two log lines are very close to each other:
20:28:07.833 TGM: sendMessage
20:28:07.834 WIF: DNS resolved 'api.telegram.org' (149.154.167.220) in 0 ms
20:28:07.968 RSL: RESULT = {"TmSend":"Failed"}
It's maybe linked to https://github.com/arendst/Tasmota/pull/21442
The timeout value changed from seconds to milliseconds in the Core3 API. This could explain why the "Failed" messages happens only 134ms after the actual command (which is shorter than a full TLS handshake)
It consistently replies:
23:08:44.996 TGM: getUpdates
connect(api.telegram.org,443)
connect(149.154.167.220,443)
_connectSSL: start connection
_wait_for_handshake: failed
Couldn't connect. Error = 1
23:08:45.101 TGM: Response ''
even with a timeout of 10000 ms (being default in code)
I'm still surprised how quickly it returns the error, 105 ms including the logging
From what I see above it doesn't connect at all as _wait_for_handshake: failed
returns immediatly.
and no heap usage either:
23:27:31.958 TGM: getUpdates
connect(api.telegram.org,443)
connect(149.154.167.220,443)
> Heap Before calling _connectSSL = 3712
> Heap _connectSSL.start = 3712
> Heap Thunk allocated = 3712
_connectSSL: start connection
> Heap _connectSSL before DecoderContext allocation = 3712
> Heap _connectSSL after DecoderContext allocation = 3712
> Heap _connectSSL before PrivKey allocation = 3712
_wait_for_handshake: failed
Couldn't connect. Error = 1
> Heap _connectSSL.end = 3712
> Heap _connectSSL after release of Priv Key = 3712
23:27:32.103 TGM: Response ''
Unrelated issue:
GoDaddy Daddy Secure Certificate Authority - G2, RSA 2048 bits SHA 256, valid until 20220523
It seems that the GoDaddy Authority is long expired. Although I understand you don't use it and use fingerprint instead
Yep. That was the reason we had to use SO132 1
for fingerprint.
I'm still looking into the Telegram issue. As a test I started to reuse an ESP8266 but it fails there too. So for now we can rule out core3.
How about the fingerprint? Where can I see if the fingerprint is still valid?
Invalid fingerprint would generate a TLS error. It's not the case here. You can also reset the fingerprint with all zeroes to accept any value
Adding some more debug info doesn't ring my bells:
17:50:08.675-014 CMD: tmsend hello
17:50:08.677-014 SRC: Serial
17:50:08.680-014 CMD: Grp 0, Cmd 'TMSEND', Idx 1, Len 5, Pld -99, Data 'hello'
17:50:08.683-014 TGM: Connect start 'bot1179906608:AAE-3UfPJt3u8d-gbGXslnFO96o3DahG6EM/sendMessage?chat_id=139920293&text=hello'
connect(api.telegram.org,443)
connect(149.154.167.220,443)
_connectSSL: start connection
_run_until: BR_SSL_CLOSED
_wait_for_handshake: failed
Couldn't connect. Error = 1
17:50:08.812-014 TGM: Connect failed
17:50:08.814-014 TGM: Response
17:50:08.818-011 MQT: stat/wemos4/RESULT = {"TmSend":"Failed"}
I'm lost for now.
Ah, it is a TLS connection error after all. Let me first update the CA.
I updated the CA from Telegram, but now I get error 49: BR_ERR_X509_UNSUPPORTED
- certificate contains unsupported features that cannot be ignored.
This would be a lot of work to allow unsupported features, hence I'm in favor of removing CA verification in Telegram (which wasn't working anyways).
The Fingerprint seems to have changed, it is now:
4E 7F F5 6D 1E 29 40 58 AB 84 DE 63 69 7B CD DF 44 2E D2 F6
With latest change in CA and SO132 1
(and fingerprint set 0's):
22:10:45.362-017 TGM: Connect start 'bot1179906608:AAE-3UfPJt3u8d-gbGXslnFO96o3DahG6EM/getUpdates?offset=0'
connect(api.telegram.org,443)
connect(149.154.167.220,443)
_connectSSL: start connection
_run_until: BR_SSL_CLOSED
_wait_for_handshake: failed
Couldn't connect. Error = 1
22:10:45.487-015 TGM: Connect failed
with SO132 0
:
22:11:03.340-017 TGM: Connect start 'bot1179906608:AAE-3UfPJt3u8d-gbGXslnFO96o3DahG6EM/getUpdates?offset=0'
connect(api.telegram.org,443)
connect(149.154.167.220,443)
_connectSSL: start connection
_run_until: BR_SSL_CLOSED
_wait_for_handshake: failed
Couldn't connect. Error = 49
22:11:03.993-015 TGM: Connect failed
Yep! Succes. The changed fingerprint workx.
PROBLEM DESCRIPTION
Telegram returns error when sending message on 14.0.0.1 (and master 14.0.0 also). Sending via Telegram API using
webquery
works for master 14.0.0 build (which I've initially compiled and updated one of my tasmotas) but don't work for dev.REQUESTED INFORMATION
- [ ] Pre-compiledBacklog Template; Module; GPIO 255
:- [ ] If using rules, provide the output of this command:Backlog Rule1; Rule2; Rule3
:Status 0
:weblog
to 4 and then, when you experience your issue, provide the output of the Console log:20:28:07.829 CMD: tmsend "test" 20:28:07.830 SRC: WebConsole from 192.168.11.80 20:28:07.831 CMD: Grp 0, Cmd 'TMSEND', Idx 1, Len 6, Pld -99, Data '"test"' 20:28:07.833 TGM: sendMessage 20:28:07.834 WIF: DNS resolved 'api.telegram.org' (149.154.167.220) in 0 ms 20:28:07.968 RSL: RESULT = {"TmSend":"Failed"}
After "Done" nothing comes to the telegram chat. At the same time this query works on another tasmotas and PC. (Please, remember to close the issue when the problem has been addressed)