connect ECONNREFUSED about xmpp-bot HOT 23 CLOSED

I re-read the README and was able to send a curl POST to the webhook and send a message to myself and to the MUC.. Some progress at least :)

from xmpp-bot.

Could you send the xmppServer.service configuration from the file you use (https://github.com/nioc/xmpp-bot/blob/master/lib/config/config.json.dist#L44)?
It seems you run some sort of virtualized Debian inside a Window host, may be a network issue?

from xmpp-bot.

I was told in prosody support MUC that:

port 5223 is not used by default in prosody, that's likely the kernel telling you there's nothing listening on the port

and to try on port 5222 but I get an error

[ERROR] default - XMPP client encountered following error: C007400B207F0000:error:0A00010B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:355:

I'm running the bot only on WSL. My prosody server runs in a VPS, no network issues.

from xmpp-bot.

Ok it was a port mistake.

In my use, both Prosody and bot are on the same host which I called on the fake config below fakedomain.com, as you can see I use the standard XMPP 5222 port (not using TLS): xmppServer.service: "xmpp://fakedomain.com:5222", because I do not need encrypted traffic on the same host.

If you're plan to use a TLS connection between bot and Prosody, you should use a service starting with xmpps like this one: xmppServer.service: "xmpps://yourprosodyhostname:5223", where 5223 is the "XMPP Direct TLS connections" port set in ssl_ports.

I made a typo on the README, the bot is using @xmpp/client, so you can check their doc for declaring client configuration.

Also check that the xmppServer.service is the one declared in your Prosody configuration.

{
    "logger": {
        "level": "debug",
        "file": {
            "active": false,
            "pattern": "%d %p %m%n",
            "path": "/var/log/xmpp-bot/",
            "filename": "xmpp-bot.log"
        },
        "console": {
            "active": false,
            "coloured": true
        },
        "stdout": {
            "active": true,
            "pattern": "%p %m"
        }
    },
    "webhooksListener": {
        "path": "/webhooks",
        "port": 8000,
        "ssl": {
            "port": null,
            "certPath": "/etc/letsencrypt/live/fakedomain.com/fullchain.pem",
            "keyPath": "/etc/letsencrypt/live/fakedomain.com/privkey.pem"
        },
        "users": [
            {
                "login": "dom",
                "password": "pwd"
            }
        ],
        "accessLog": {
            "active": true,
            "path": "/var/log/xmpp-bot/",
            "filename": "webhook.log"
        }
    },
    "xmppServer": {
        "service": "xmpp://fakedomain.com:5222",
        "domain": "fakedomain.com",
        "username": "bot",
        "password": "pwd2",
        "resource": "botservice",
        "errorReply": "Oops, something went wrong :(",
        "rooms": [
            {
                "id": "[email protected]",
                "password": null
            }
        ]
    },
    "incomingWebhooks": [
        {
            "path": "/webhooks/dom",
            "action": "send_xmpp_message"
        }
    ],
    "xmppHooks": [
        {
            "room": "[email protected]",
            "action": "outgoing_webhook",
            "args": ["send_to_dom"]
        }
    ],
    "outgoingWebhooks": [
        {
            "code": "send_to_dom",
            "url": "https://192.168.1.15:8081/plugins/Webhook/core/php/jeeWebhook.php?serverId=60",
            "timeout": 2000,
            "strictSSL": false,
            "contentType": "application/json",
            "authMethod": "basic",
            "user": "xmpp-bot",
            "password": "pwd3",
            "bearer": null
        }
    ]
}

from xmpp-bot.

Hi,
after your post I managed to connect in plain. Direct TLS isn't enabled in my prosody server but STARTLS should be.. can you tell what "service" do I have to use to make it work over STARTTLS?

Also I have no idea how webhooks work, so I copied your config for incoming and xmppHooks and tried browsing "http://localhost:8000/webhooks/roughnecks" but I get "Invalid authorization". I guess there should be a way to craft the url by using my login and password I specified in the config, but I am really lost.

And finally, is there a rather simple way to strip all of the webhooks stuff just to have a working bot capable of connecting, so maybe I can find a way to code some other stuff for it?

Thanks

from xmpp-bot.

Me again, I used Macrodroid on my phone to receive an outgoing hook but would like to know which are the use cases like in the example you posted. What does it do for you and why any message to the bot triggers the outgoing hook?
Also, can the message I type in chat be sent over to the outgoing hook?

Sorry for the questions but I never used webhooks before.

from xmpp-bot.

My use case was to setup bidirectional communication with home automation solution I used.
So when event happened, it triggered a webhook to the bot and it notify me or the room configured.
And I can sent back reply to the home automation through XMPP > bot > exposed home automation webhook.
I also had a notification webhook sent from Grafana for alerting on some metrics max or min values.

from xmpp-bot.

And yes the message you sent to room or bot is transmitted in outgoing webhook in message attribute.

from xmpp-bot.

I see, thanks.

Got another question if you can help.
I'm setting up IFTTT applets with RSS Feeds => Webhooks and my body looks like this now:

<<<{"destination":"[email protected]", "message":"<<<{{EntryTitle}}>>> by <<<{{EntryAuthor}}>>> : 
<<<{{EntryUrl}}>>>"}>>>

I tried a lot of different combos with and without the escaping "<<< >>>" but it always fails.
Last error message is this: SyntaxError: Unexpected token \ in JSON at position 1
but I don't see any backslash in the body.

Do you have any experience with IFTTT? Can you help?

from xmpp-bot.

<<<{"destination":"[email protected]", "message":"<<<{{EntryTitle}}>>> by <<<{{EntryAuthor}}>>> : 
<<<{{EntryUrl}}>>>"}>>>

I tried a lot of different combos with and without the escaping "<<< >>>" but it always fails. Last error message is this: SyntaxError: Unexpected token \ in JSON at position 1 but I don't see any backslash in the body.

https://help.ifttt.com/hc/en-us/articles/1260803042229#Escapeanytextcontent

from xmpp-bot.

Sorry I do not know about IFTTT.
May be you can try basic values without escaping ,if it works, then find a way to escape it?

from xmpp-bot.

At least try to debug with a Node-RED http-in

from xmpp-bot.

Hi,
after your post I managed to connect in plain. Direct TLS isn't enabled in my prosody server but STARTLS should be.. can you tell what "service" do I have to use to make it work over STARTTLS?

I know you closed this, but could you answer this question I posted earlier?
Thanks

from xmpp-bot.

I closed because there is no issue, but no problem for helping you as much as I can.

I'm not very expert in the SSL/TLS stuff but I understood the @xmpp/client that if you try to connect to a XMPP with xmpp:// scheme it will try to upgrade thought STARTTLS.

from xmpp-bot.

Nice! Thanks again, maybe I will pester you some other time :)

from xmpp-bot.

Hi, it's me again.

I was using the bot for quite some time with xmpps on port 5223 (I had set up SRV records) and everything was fine.
Yesterday I enabled IPv6 on prosody and added some more SRV records for another virtualhost and for the MUC component...
Now when I try to start the bot I'm receiving this error:

[ERROR] default - XMPP client encountered following error: self-signed certificate

I know my certs are not self signed, 1) because they worked before and 2) because I copied them again straight from /etc/letsencrypt/live/mydomain

So I just don't know what's happening.
Anther thing I had to modify in bot's code is adding these two lines of code to make my nodejs version prefer IPv4 over IPv6:

// prefer IPv4 connections               
//const dns = require('node:dns');       
//dns.setDefaultResultOrder('ipv4first');

This ^ in lib/xmpp/index.js

I know it's a lot of stuff going on but if you have any idea... Thanks

from xmpp-bot.

Hi, no idea but can you confirm:

• your xmpp server works with other client?
• you want to access a virtual host handled by the certificate?

The only thing that can help you from the code view is updating xmpp/client, may be you can copy the app and run a npm update?

from xmpp-bot.

Hi,
my xmpp server works with any other client.
I thought xmpp-bot was using the cert to start a webhook listener on ssl, not to connect to the xmpp server, right?

from xmpp-bot.

The error message you posted is from xmpp module, it happens because something is wrong between this app and your XMPP server (and its certificate).

from xmpp-bot.

I see but I'm quite sure my certificates are ok.

Now I completely disabled IPv6 in prosody, restarted it and tried to connect the bot; here's what I'm getting:

[2023-04-17T20:03:44.863] [ERROR] default - XMPP client encountered following error: Hostname/IP does not match certificate's altnames: Host: woodpeckersnest.space. is not in the cert's altnames: DNS:meet.woodpeckersnest.space

I have a second virtualhost in prosody for Jitsi Meet but I don't understand what it has to do with the bot's connection to the main host.

    "xmppServer": {                                      
        "service": "xmpps://woodpeckersnest.space:5223", 
        "domain": "woodpeckersnest.space",               
        "username": "bot",                               
        "password": "hackme",                      
        "resource": "xmpp-bot",                          
        "errorReply": "Oops, something went wrong :(",   
        "rooms": [                                       
            {                                            
                "id": "[email protected]",
                "password": null                         
            }                                            
        ]                                                
    },                                                   

Also I found out that passing this variable before launching node, the bot connects, but I guess it's not safe and shouldn't happen:

NODE_TLS_REJECT_UNAUTHORIZED=0

from xmpp-bot.

Found this, maybe worth asking there too?

xmppjs/xmpp.js#533

from xmpp-bot.

It was a good call but not enough: app is using @xmpp/client 0.13.1 and the issue you found was fixed in 0.5.2.
May be playing with client options which is read from your config file in xmppServer attribute.

But I think you have a certificate/Prosody configuration issue with your 2 certificates (one for each domain wood... and meet.wood...):
You gave in config an XMPP domain wood... which does match the altnames meet.wood... of the certificate used by Prosody, I assume Prosody use the certificate for the Jitsi meet domain?

➡️ If you can use the same certificate for both domains (using --expand), your life will be easier 😉

And yes, using NODE_TLS_REJECT_UNAUTHORIZED=0 will fix hide the issue but is not safe, as your cert will not be checked (and you may have a man-in-the-middle vulnerability)

from xmpp-bot.

It was a good call but not enough: app is using @xmpp/client 0.13.1 and the issue you found was fixed in 0.5.2.

yeah, I was aware of that, just thought there might be a regression of some sort.

May be playing with client options which is read from your config file in xmppServer attribute.

okay, I am able to connect to secure websocket (wss), so that's a start.

I assume Prosody use the certificate for the Jitsi meet domain?

That's correct.

➡️ If you can use the same certificate for both domains (using --expand), your life will be easier 😉

I will take a look, thanks!

from xmpp-bot.