not working anymore, tls errors

[lcorsini]

Hi, I've tried building the bridge with the latest code, receiving this error regarding tls

2021/07/19 09:16:52 Failed to connect to 192.168.1.208:2878 : remote error: tls: handshake failure. Sleeping...

Now, I've previously built the bridge and is currently working, see https://community.home-assistant.io/t/climate-ip-climatedevice-for-ip-based-units-not-only-samsung-ac/106510/207

and stupid me, deleted the source so I don't have a way to check if I changed the code for the previous binary, any hint?

[lcorsini]

it seems that a cypher is probably missing, I tried adding all the supported ones to: hvac/base/connections.go and it worked, here the full list

tls.TLS_RSA_WITH_RC4_128_SHA,
tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA,
tls.TLS_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_RSA_WITH_AES_128_CBC_SHA256,
tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA,
tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,

now is just a matter of trial and error to check what is the cypher needed but if you want I can send you a pr with this to keep it working EDIT 1: This seems the correct cypher for my ACs tls.TLS_RSA_WITH_AES_256_CBC_SHA,

EDIT 2: with the new version sending messages from homeassistant is a lot slower the AC receive the first command then the subsequent are processed after minutes, and I see a lot of

Not connected to 192.168.1.208:2878 while trying to send message. Dropping. and Error reading from tls socket: %d, %s 0 read tcp 192.168.1.236:47684->192.168.1.208:2878: i/o timeout

it seems like it has a problem processing subsequent messages sent to the topic

[gsasha]

There’s a got repo in GitHub. Chances are, however, that the problem is in golang.

What is happening that the ac uses tls 1, which is getting increasingly deprecated everywhere :(

On Mon, Jul 19, 2021 at 11:26 AM Luca Corsini @.***> wrote:

Hi, I've tried building the bridge with the latest code, receiving this error regarding tls

2021/07/19 09:16:52 Failed to connect to 192.168.1.208:2878 : remote error: tls: handshake failure. Sleeping...

Now, I've previously built the bridge and is currently working, see https://community.home-assistant.io/t/climate-ip-climatedevice-for-ip-based-units-not-only-samsung-ac/106510/207

and stupid me, deleted the source so I don't have a way to check if I changed the code for the previous binary, any hint?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/gsasha/hvac_ip_mqtt_bridge/issues/4, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAOFMENT7KISEKGQMK6RQ3TYPORZANCNFSM5ATGRCWA .

[lcorsini]

Yeah, I'm aware of the deprecation :( setting the cypher seems to work (I did that also in the previous version probably) but for that slowness I don't know if is cause by some golang dependency or is just an error dealing with the tls.TLS_RSA_WITH_AES_256_CBC_SHA cypher Do you have any idea what I could try to check?

[gsasha]

Slowness could be caused by extreme volume of logging, please check

On Sat, Aug 21, 2021 at 11:41 AM Luca Corsini @.***> wrote:

Yeah, I'm aware of the deprecation :( setting the cypher seems to work (I did that also in the previous version probably) but for that slowness I don't know if is cause by some golang dependency or is just an error dealing with the tls.TLS_RSA_WITH_AES_256_CBC_SHA cypher Do you have any idea what I could try to check?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/gsasha/hvac_ip_mqtt_bridge/issues/4#issuecomment-903083617, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAOFMC4N6BB3BQ2R6J64ZLT55RFJANCNFSM5ATGRCWA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&utm_campaign=notification-email .

[gsasha]

Did you get it to work?

Personally I don't think that maintaining stuff based on an old version is a strategy, but feel free to disagree.

On Sun, Dec 12, 2021 at 7:55 AM Yedidia Klein @.***> wrote:

You could get an old golang docker to fix that in a unsecure way.. simple edit the Dockerfile and change golang:latest to golang:1.13.2 (probably newer versions will also work.. the issue is in openssl)

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/gsasha/hvac_ip_mqtt_bridge/issues/4#issuecomment-991839814, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAOFMF2W7NGSGNNQGUSYMLUQQ2OZANCNFSM5ATGRCWA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

[yedidiaklein]

No.. I'm still working on it.. that's why I deleted.. will update...

[gsasha]

cool, thx

On Sun, Dec 12, 2021 at 12:21 PM Yedidia Klein @.***> wrote:

no.. I'm still working on it.. will updae...

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/gsasha/hvac_ip_mqtt_bridge/issues/4#issuecomment-991871351, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAOFMDUMJAVWT6MQHCCGSLUQRZSFANCNFSM5ATGRCWA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

[lcorsini]

btw, I forgot, I've been able to get it to work fine for sometime actually, with my modification above, so it was some weird go dependency that caused the timeout, if interested I could send a PR, I'm also trying to add a couple of new commands (to turn on the purify light in 2878 for example)

[gsasha]

Nice, let's keep it updated. Send me the PR, I'll integrate it.

On Wed, Jul 27, 2022 at 6:29 PM Luca Corsini @.***> wrote:

btw, I forgot, I've been able to get it to work fine for sometime actually, with my modification above, so it was some weird go dependency that caused the timeout, if interested I could send a PR, I'm also trying to add a couple of new commands (to turn on the purify light in 2878 for example)

— Reply to this email directly, view it on GitHub https://github.com/gsasha/hvac_ip_mqtt_bridge/issues/4#issuecomment-1196911944, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAOFMFTZNOGNN7X6PADUO3VWFIWHANCNFSM5ATGRCWA . You are receiving this because you commented.Message ID: @.***>

[lcorsini]

I opened the PR there is the only cypher that I found to be working on raspbian (untested on other OS/Arch combinations) and I added a couple of new commands that I found of my interest (if it's ok for you I can easily update the PR to also add AUTOCLEAN and SLEEP commands) I also update the readme, since accordingly to https://www.home-assistant.io/integrations/climate.mqtt/ documentation is possible to override modes directly in homeassistant config instead of code (so, probably the translations in samsung.go are not needed anymore, need to test that too)