Mailing List Archive

Wots happening
I mostly use mythweb, but was fooling around

Secure Connection Failed

An error occurred during a connection to sandypit.home:6544. SSL received a record that exceeded the maximum permissible length.

Error code: SSL_ERROR_RX_RECORD_TOO_LONG

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.



[sandypit] /home/jam [1001]% mythbackend --version
Please attach all output as a file in bug reports.
MythTV Version : v31.0-85-gd3088629de
MythTV Branch : fixes/31
Network Protocol : 91
Library API : 31.20200101-1
QT Version : 5.12.7
Options compiled in:
linux profile use_hidesyms using_alsa using_oss using_backend using_bindings_perl using_bindings_python using_bindings_php using_dvb using_frontend using_hdhomerun using_vbox using_ceton using_hdpvr using_ivtv using_joystick_menu using_libcec using_libcrypto using_libdns_sd using_libfftw3 using_libxml2 using_lirc using_mheg using_opengl using_egl using_qtwebkit using_qtscript using_qtdbus using_taglib using_v4l2 using_v4l2prime using_x11 using_libbluray_external using_xrandr using_profiletype using_systemd_notify using_systemd_journal using_drm using_bindings_perl using_bindings_python using_bindings_php using_freetype2 using_mythtranscode using_opengl using_egl using_drm using_vaapi using_nvdec using_vdpau using_ffmpeg_threads using_mheg using_libass using_libxml2

James
_______________________________________________
mythtv-users mailing list
mythtv-users@mythtv.org
http://lists.mythtv.org/mailman/listinfo/mythtv-users
http://wiki.mythtv.org/Mailing_List_etiquette
MythTV Forums: https://forum.mythtv.org
Re: Wots happening [ In reply to ]
On Sat, 20 Mar 2021 09:50:54 +0800, you wrote:

>I mostly use mythweb, but was fooling around
>
>Secure Connection Failed
>
>An error occurred during a connection to sandypit.home:6544. SSL received a record that exceeded the maximum permissible length.
>
>Error code: SSL_ERROR_RX_RECORD_TOO_LONG
>
> The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
> Please contact the website owners to inform them of this problem.
>

What browser are you using? I have had that sort of problem with
other software such as Home Assistant when I used an older browser
that did not have the latest SSL code. When I changed to using a
fully up to date Firefox, it worked. So it may be that the Apache
setup on your mythweb server has had an update and is only now using a
later SSL version rather than the older versions that are not fully
secure any more.
_______________________________________________
mythtv-users mailing list
mythtv-users@mythtv.org
http://lists.mythtv.org/mailman/listinfo/mythtv-users
http://wiki.mythtv.org/Mailing_List_etiquette
MythTV Forums: https://forum.mythtv.org
Re: Wots happening [ In reply to ]
> On 20 Mar 2021, at 9:53 pm, Stephen Worthington <stephen_agent@jsw.gen.nz> wrote:
>
> On Sat, 20 Mar 2021 09:50:54 +0800, you wrote:
>
>> I mostly use mythweb, but was fooling around
>>
>> Secure Connection Failed
>>
>> An error occurred during a connection to sandypit.home:6544. SSL received a record that exceeded the maximum permissible length.
>>
>> Error code: SSL_ERROR_RX_RECORD_TOO_LONG
>>
>> The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
>> Please contact the website owners to inform them of this problem.
>>
>
> What browser are you using? I have had that sort of problem with
> other software such as Home Assistant when I used an older browser
> that did not have the latest SSL code. When I changed to using a
> fully up to date Firefox, it worked. So it may be that the Apache
> setup on your mythweb server has had an update and is only now using a
> later SSL version rather than the older versions that are not fully
> secure any more.

What I was (am) using is an uptodate firefox.
I tried chrome which was identical

BUT

at that time (no doubt why I was playing with :6544) I had no internet (but a fully funtional local network with DHCP and DNS)
Now the internet is restored all is well ??

James

_______________________________________________
mythtv-users mailing list
mythtv-users@mythtv.org
http://lists.mythtv.org/mailman/listinfo/mythtv-users
http://wiki.mythtv.org/Mailing_List_etiquette
MythTV Forums: https://forum.mythtv.org
Re: Wots happening [ In reply to ]
On 20/03/2021 01:50, James Linder wrote:
> I mostly use mythweb, but was fooling around
>
> Secure Connection Failed
>
> An error occurred during a connection to sandypit.home:6544. SSL received a record that exceeded the maximum permissible length.
>
> Error code: SSL_ERROR_RX_RECORD_TOO_LONG
>
> The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
> Please contact the website owners to inform them of this problem.
That's often a symptom of attempting to do HTTPS to a non-encrypted
server. Instead of connecting to https://sandypit.home:6544, try
http://sandypit.home:6544.
>
>
>
> [sandypit] /home/jam [1001]% mythbackend --version
> Please attach all output as a file in bug reports.
> MythTV Version : v31.0-85-gd3088629de
> MythTV Branch : fixes/31
> Network Protocol : 91
> Library API : 31.20200101-1
> QT Version : 5.12.7
> Options compiled in:
> linux profile use_hidesyms using_alsa using_oss using_backend using_bindings_perl using_bindings_python using_bindings_php using_dvb using_frontend using_hdhomerun using_vbox using_ceton using_hdpvr using_ivtv using_joystick_menu using_libcec using_libcrypto using_libdns_sd using_libfftw3 using_libxml2 using_lirc using_mheg using_opengl using_egl using_qtwebkit using_qtscript using_qtdbus using_taglib using_v4l2 using_v4l2prime using_x11 using_libbluray_external using_xrandr using_profiletype using_systemd_notify using_systemd_journal using_drm using_bindings_perl using_bindings_python using_bindings_php using_freetype2 using_mythtranscode using_opengl using_egl using_drm using_vaapi using_nvdec using_vdpau using_ffmpeg_threads using_mheg using_libass using_libxml2
>
> James
> _______________________________________________
> mythtv-users mailing list
> mythtv-users@mythtv.org
> http://lists.mythtv.org/mailman/listinfo/mythtv-users
> http://wiki.mythtv.org/Mailing_List_etiquette
> MythTV Forums: https://forum.mythtv.org
Re: Wots happening [ In reply to ]
On 20/03/2021 01:50, James Linder wrote:
> I mostly use mythweb, but was fooling around
>
> Secure Connection Failed
>
> An error occurred during a connection to sandypit.home:6544. SSL received a record that exceeded the maximum permissible length.
>


Port 6544 is the default backend port, and is not an SSL port.

Are you trying to make an https connection to the backend on that port?

If so, I would not expect this to work


Regards
Stuart
_______________________________________________
mythtv-users mailing list
mythtv-users@mythtv.org
http://lists.mythtv.org/mailman/listinfo/mythtv-users
http://wiki.mythtv.org/Mailing_List_etiquette
MythTV Forums: https://forum.mythtv.org
Re: Wots happening [ In reply to ]
> On 22 Mar 2021, at 5:55 pm, Stuart Auchterlonie <stuarta@squashedfrog.net> wrote:
>
> On 20/03/2021 01:50, James Linder wrote:
>> I mostly use mythweb, but was fooling around
>> Secure Connection Failed
>> An error occurred during a connection to sandypit.home:6544. SSL received a record that exceeded the maximum permissible length.
>
>
> Port 6544 is the default backend port, and is not an SSL port.
>
> Are you trying to make an https connection to the backend on that port?
>
> If so, I would not expect this to work

Stuart no, normal bookmark access to http://
What I found most interesting was that as soon as internet service resumed all returned to normal.
My local network has DNS and DHCP server. I just queried lest we tried to access http://somewhere.strange <http://somewhere.strange/>
Since all is working nah wurries, but oneday we might depreciate mythweb in favour of the backend server and a heads up in advance might be useful

James
Re: Wots happening [ In reply to ]
On 22/03/2021 13:08, James wrote:
>
>
>> On 22 Mar 2021, at 5:55 pm, Stuart Auchterlonie <stuarta@squashedfrog.net> wrote:
>>
>> On 20/03/2021 01:50, James Linder wrote:
>>> I mostly use mythweb, but was fooling around
>>> Secure Connection Failed
>>> An error occurred during a connection to sandypit.home:6544. SSL received a record that exceeded the maximum permissible length.
>>
>>
>> Port 6544 is the default backend port, and is not an SSL port.
>>
>> Are you trying to make an https connection to the backend on that port?
>>
>> If so, I would not expect this to work
>
> Stuart no, normal bookmark access to http://
> What I found most interesting was that as soon as internet service resumed all returned to normal.
> My local network has DNS and DHCP server. I just queried lest we tried to access http://somewhere.strange <http://somewhere.strange/>
> Since all is working nah wurries, but oneday we might depreciate mythweb in favour of the backend server and a heads up in advance might be useful
>
And with modern versions of Firefox (a) "assuming" that you really meant https instead of http, and
therefore that all sites using port 80[1] are by definition cesspits of malware (even when they are
under the same domain as the user!); and (b) automatically encoding your DNS enquiries and sending
them off to Google/Cloudflare/Microsoft/whatever[2] instead of following standards, life in future
is about to get more interesting.

[1] Replace with any port other than 443, at your choice.
[2] Unless you can find the obscure about:config entry to turn that off.

--

Mike Perkins

_______________________________________________
mythtv-users mailing list
mythtv-users@mythtv.org
http://lists.mythtv.org/mailman/listinfo/mythtv-users
http://wiki.mythtv.org/Mailing_List_etiquette
MythTV Forums: https://forum.mythtv.org
Re: Wots happening [ In reply to ]
James <jam@tigger.ws> wrote:

> What I found most interesting was that as soon as internet service resumed all returned to normal.
> My local network has DNS and DHCP server. I just queried lest we tried to access http://somewhere.strange

What's doing your DNS, where is .home defined ?

I've seen some routers do "interesting"* stuff when the internet is down - basically intercepting everything and directing you to a router page to tell you the internet is down with a big button to click to "re-connect".

* The usual phrase I use for these brain dead ideas is not suitable for a family friendly environment !

Simon
_______________________________________________
mythtv-users mailing list
mythtv-users@mythtv.org
http://lists.mythtv.org/mailman/listinfo/mythtv-users
http://wiki.mythtv.org/Mailing_List_etiquette
MythTV Forums: https://forum.mythtv.org
Re: Wots happening [ In reply to ]
> On 23 Mar 2021, at 4:30 am, Simon Hobson <linux@thehobsons.co.uk> wrote:
>
> James <jam@tigger.ws> wrote:
>
>> What I found most interesting was that as soon as internet service resumed all returned to normal.
>> My local network has DNS and DHCP server. I just queried lest we tried to access http://somewhere.strange
>
> What's doing your DNS, where is .home defined ?
>
> I've seen some routers do "interesting"* stuff when the internet is down - basically intercepting everything and directing you to a router page to tell you the internet is down with a big button to click to "re-connect".
>
> * The usual phrase I use for these brain dead ideas is not suitable for a family friendly environment !

To answer an earlier question: no https is involved in ANY of my stuff.

I use dnsmasq for dns, which is where all my .home stuff is

I use Internet Systems Consortium DHCP Server because dnsmasq does it wrong. (Does not say the right things for most clients to get the dns server - linux clients do not get the 'correct'' dns server, mac clients DO ??
'Twas easier to use the distro (suse) package than to go spelunking with wireshark)

The router is not playing silly games (it's too dumb, heaping scorn on telstra's nbn router (National Broardband Network in Australia) but firefox gives me utter shonets:
I type
192.168.5.33
in the address bar and get a google page on 192.168.5.33 (There are lots of entries including many correcting my misspeling of "1" as "33"

James
Re: Wots happening [ In reply to ]
On 22/03/2021 13:08, James wrote:

> Since all is working nah wurries, but oneday we might depreciate mythweb
> in favour of the backend server and a heads up in advance might be useful
>

Currently being worked on ;-)

Regards
Stuart

_______________________________________________
mythtv-users mailing list
mythtv-users@mythtv.org
http://lists.mythtv.org/mailman/listinfo/mythtv-users
http://wiki.mythtv.org/Mailing_List_etiquette
MythTV Forums: https://forum.mythtv.org
Re: Wots happening [ In reply to ]
James <jam@tigger.ws> wrote:

>>> What I found most interesting was that as soon as internet service resumed all returned to normal.
>>> My local network has DNS and DHCP server. I just queried lest we tried to access http://somewhere.strange
>>
>> What's doing your DNS, where is .home defined ?
>>
>> I've seen some routers do "interesting"* stuff when the internet is down - basically intercepting everything and directing you to a router page to tell you the internet is down with a big button to click to "re-connect".
>>
>> * The usual phrase I use for these brain dead ideas is not suitable for a family friendly environment !
>
> To answer an earlier question: no https is involved in ANY of my stuff.
>
> I use dnsmasq for dns, which is where all my .home stuff is
>
> I use Internet Systems Consortium DHCP Server because dnsmasq does it wrong. (Does not say the right things for most clients to get the dns server - linux clients do not get the 'correct'' dns server, mac clients DO ??
> 'Twas easier to use the distro (suse) package than to go spelunking with wireshark)

Hmm, that's odd.
I've never used dnsmasq. The only thing I can think of that would cause your problems would be if dnsmasq didn't work properly if it couldn't talk to the root servers. But given .home is (sort of) reserved (RFC 6762) and has not root level entries, I can't see why that might be.

So short answer "I dunno" !

Simon

_______________________________________________
mythtv-users mailing list
mythtv-users@mythtv.org
http://lists.mythtv.org/mailman/listinfo/mythtv-users
http://wiki.mythtv.org/Mailing_List_etiquette
MythTV Forums: https://forum.mythtv.org
Re: Wots happening [ In reply to ]
> On 26 Mar 2021, at 5:22 am, Simon Hobson <linux@thehobsons.co.uk> wrote:
>
>> I use Internet Systems Consortium DHCP Server because dnsmasq does it wrong. (Does not say the right things for most clients to get the dns server - linux clients do not get the 'correct'' dns server, mac clients DO ??
>> 'Twas easier to use the distro (suse) package than to go spelunking with wireshark)
>
> Hmm, that's odd.
> I've never used dnsmasq. The only thing I can think of that would cause your problems would be if dnsmasq didn't work properly if it couldn't talk to the root servers. But given .home is (sort of) reserved (RFC 6762) and has not root level entries, I can't see why that might be.
>
> So short answer "I dunno" !

dnsmasq does everything 'right' except (I cant remember syntax) but I tell dnsmasq that 192.168.6.33 is the DNS but it says the router 192.168.5.1 is to linux clients where I need the .33 and .33 to mac clients where I don't :-(

[plasma] /Users/jam [188]% dig donkey.home

; <<>> DiG 9.10.6 <<>> donkey.home
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 548
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;donkey.home. IN A

;; ANSWER SECTION:
donkey.home. 0 IN A 192.168.5.188

;; Query time: 1 msec
;; SERVER: 192.168.5.33#53(192.168.5.33)
;; WHEN: Fri Mar 26 06:58:28 AWST 2021
;; MSG SIZE rcvd: 56

James

_______________________________________________
mythtv-users mailing list
mythtv-users@mythtv.org
http://lists.mythtv.org/mailman/listinfo/mythtv-users
http://wiki.mythtv.org/Mailing_List_etiquette
MythTV Forums: https://forum.mythtv.org