NetTalk Central

Author Topic: hanging on [NETDLL] SimpleClientOpen() :SSL. Getting settings via SSLCertificate  (Read 9273 times)

useless

  • Jr. Member
  • **
  • Posts: 84
    • View Profile
    • Email
My email service is hanging on the first thread that sends email ie using the NetEmailSend class, in debugview the last entry reads:
[NETDLL] [4] SimpleClientOpen() :SSL. Getting settings via SSLCertificateGroupPointer

Its working on my XP dev machine, but doesnt work on a domain server. Libeay32.dll & LibSSL32.dll are included in the program files, and as this is running as a service I copied these files into the windows\system32 folder as well still no joy.
I'm not actually using any security at this stage but appreciate the nettalk class might still want to loadlibrary(ex) these files. I also copied over Msvcr71.dll, Ssleay32.dll, as these are used in the webserver classes but not mentioned in the docs for the NetEmailSend class.

It hangs at the same place when running the service as a desktop app so not sure its a service path issue here but did it to tick it off the list.

I'm not actually using any security to send email at the moment, so what is happening at the "Getting settings via SSLCertificateGroupPointer", is this a missing file issue or something else?


useless

  • Jr. Member
  • **
  • Posts: 84
    • View Profile
    • Email
PS. AV is switched off and I've tried sending this through the ISP's SMTP as well as through the local Exchange server.

bshields

  • Sr. Member
  • ****
  • Posts: 392
    • View Profile
    • Inhabit
    • Email
FWIW - you will get immediate crash if you have the wrong c60netx.dll when sending emails.

Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11250
    • View Profile
Hi Richard,

let's cover a few bases;

>>  Libeay32.dll & LibSSL32.dll are included in the program files, and as this is running as a service I copied these files into the windows\system32 folder as well still no joy.

there's no need to put them in the system folder. Indeed I do not recommend that, as there may be other versions of those files there already.

>> I also copied over Msvcr71.dll, Ssleay32.dll, as these are used in the webserver classes but not mentioned in the docs for the NetEmailSend class.

SSL uses all 4 DLL's, so yeah, deploy all 4 when using SSL (into the application folder).

>> I'm not actually using any security at this stage but appreciate the nettalk class might still want to loadlibrary(ex) these files

It definitely only loads them if some part of your app is using SSL. For most apps they're not shipped at all.

>> Getting settings via SSLCertificateGroupPointer

For the 6.47 build (out soon) I've added a couple things to the DLL. Firstly, a minor tweak to the 4 occurrences of that message, to better determine which one is actually being called, and secondly a log message when the SimpleClientOpen procedure completes. In that way we'll better be able to tell if the problem is really on that line, or if that log message is merely the last one it gets to sometime before it has a problem.

in the meantime...

>> Its working on my XP dev machine, but doesn't work on a domain server.

You don't mention the actual OS that the server is running, but it's probably worth checking the windows firewall on the machine to make sure your program is listed as an "exception". In windows XP the firewall pops up when a program wants to be a server, or do something else, whereas on the server versions of windows it doesn't (by default.) - Since servers are also stricter when it comes to client apps etc it's probably that the program needs to be added manually, even if it's just being a client.

cheers
Bruce

useless

  • Jr. Member
  • **
  • Posts: 84
    • View Profile
    • Email
Ok have tested it on a win7 machine as well but get the same problem where it hangs on the error above. The server was 2003, I've got the security settings all switched off which can be seen in the debugoutput in debugview, AV & Firewall switched off still hangs, av firewall switched on but with a firewall rule still hangs.

I've copied the two extra dlls (Msvcr71.dll, Ssleay32.dll) into the installation software so its included in the program files but yet to do a certificate assuming the email send class needs exactly the same security setup as a web server?

I had to get rid of the global queues earlier, as a Q delete wrapped in a critical section was taking place at the same time another thread was looping through it. I thought CriticalSections are supposed to stop different threads from accessing a global object at the same time when all Q manipulation is wrapped in the CS? If a CS should stop different threads then I have a debug view log which shows a Delete removing two queue entries at the same time something I didnt think was possible.

Re " Since servers are also stricter when it comes to client apps etc it's probably that the program needs to be added manually, even if it's just being a client." I'm the network administrator here as well and whilst I have beefed up the security, I'm confident the security permissions & port access are all ok. I need to rule the cert out tomorrow and get it checked on a different XP workstation to see if the problem occurs on XP as well.

Re "6.47 is soon" is that in the next few weeks time scales or months?

Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11250
    • View Profile
>> as a Q delete wrapped in a critical section was taking place at the same time another thread was looping through it.

Remember that the criticalSection variable itself has to be Global and unthreaded. It's the use of the same CriticalSection that prevents contention, not just "any" criticalSection. If you're using it right then they work - if they didn't work then pretty much everything would be failing all the time.

>> Re "6.47 is soon" is that in the next few weeks time scales or months?

I typically do a build a week - 6.47 was due up yesterday, but I paused the build because I wanted to add something in. So it should be up today.

cheers
Bruce

useless

  • Jr. Member
  • **
  • Posts: 84
    • View Profile
    • Email
Re Certs:
Using the webserver instructions for using SSL, I've pulled their cert from IIS, followed the instructions, made the 3 security files which now reside in the certificate folder, tried running the service again but still hangs at this simpleclientopen() in debug view. Tried it on one of their XP workstations, copied certs across etc, same problem.

The only security related difference with the my XP dev machine and theirs, is theirs is on a domain, mine is not, although TBH I was expecting it to work on their XP when I tested it a short while earlier and that was two the ISP smtp server as well as their local exchange server. Their workstations are using NT4 (iirc) in their >5yrs old desktop app to send emails to the local exchange server but the NT6 service cant send to the local exchange server.

At the moment I'm using the ABC free NT service because when I try the latest version of SelfService (3.37) it hangs when I try to stop the service and the disable selfservice template code is still missing although I have been modifying the template myself with the workaround I posted to get that bit of selfservice working. Is there anything in SelfService which might communicate something to Nettalk which the ABC free NT service wont? What I'm thinking here, is how does NT know its running as a service and not look in the Windows\System32 folder if anything in NT relies on the program path changing from where ever its installed eg program files\xyz to the program path of C:\windows\system32 when a program is run as service. In particular, I suspect (havent looked) the SSL stuff is loaded on the fly so if NT6 believes its running in C:\Windows\System32 could it be looking in this folder for the SSL dll's & certs folder possibly? These are only guesses mind.

Re Criticial Sections.

I had been calling them like so:
TypicalThreadedProcedureName  Procedure()

GlobalLocks    CriticialSection

  code

  GlobalLocks.Wait()
  do something to nonthreaded global Q
  GlobalLocks.Release()

If thats not right I need to go through the docs & code again, but examples I have seen in use in some other 3rdparty templates (not capesofts) are using the above approach so these templates might be wrong as well and will need changing.


Re 6.47
Hopefully the extra debugoutput will shed more light on the situ.




Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11250
    • View Profile
couple quick answers - I'm running out of time, but hopefully this'll help before I get a chance to write a longer answer;

a) 6.47 is up, so try with that DLL, and give me some feedback there.

b) regarding the critical sections;

yeah, your code is wrong. You don't declare the critical section inside the procedure. You need to declare it once, globally, and then use it everywhere.

ie
Global embed point;
GlobalLocks    CriticialSection

Then In each procedure
globalLocks.wait()
and
GlobalLocks.release()

by declaring it in each procedure you negate what they do - ie they won't work - so hence the problem with your queue.
Incidentally the Memory driver _is_ thread safe, so is a lot easier for inter-thread communications if you have it.

>> examples I have seen in use in some other 3rdparty templates (not capesofts) are using the above approach so these templates might be wrong as well and will need changing.

yes, if they are declaring the critical procedure at the procedure level they are almost certainly doing it wrong. (There are templates that try and make the whole procedure cooperatively threaded, and I think they rely on a local critical section, or perhaps it's a semaphore, I haven't looked at that in a long time.)

>>  it hangs when I try to stop the service

I presume you're stopping it via the Windows Service Manager (services.msc?) Does the service manager return an error when you try and stop it? Is WinEvent in the app? (lots of questions - sorry).

>> What I'm thinking here, is how does NT know its running as a service and not look in the Windows\System32 folder if anything in NT relies on the program path changing from where ever its installed eg program files\xyz to the program path of C:\windows\system32 when a program is run as service. In particular, I suspect (havent looked) the SSL stuff is loaded on the fly so if NT6 believes its running in C:\Windows\System32 could it be looking in this folder for the SSL dll's & certs folder possibly?

SelfService sets the path correctly on startup (by default anyway), so it's not likely to be that. And indeed if it was failing to load the DLL's you'd get a clear log to that point of view, and indeed probably a popup MESSAGE window as well. (Hmm - that's a thought - make sure "suppress errors" for the nettalk object is ticked on. Messages "appearing" in a service would cause it to "hang").
also if the function call to do the SSL stuff failed, you'd likely see an error for that.

Cheers
Bruce


useless

  • Jr. Member
  • **
  • Posts: 84
    • View Profile
    • Email
The problem was the old Nettalk 4 Dll had not copied across into the installer and thus not onto the machines, I suspected this when I was getting a wrong version for the FileExplorer today. Checked the installer and its not copied any of the 3rd party dll's across for some reason so need to investigate why. Should Nettalk throw a message if the wrong DLL is trying to be used, in this instance the NT 4.4.9 dll was the rogue dll.

Re:Critical Sections, thats where I was going wrong, each was called from the procedure and not singularly from the global embed point, but the IMMD is working nicely having put that in to use here now.

bshields

  • Sr. Member
  • ****
  • Posts: 392
    • View Profile
    • Inhabit
    • Email
You're welcome :)