TCP connection error , port 443 N: Connect failed errno=13

zaielavrupa · June 29, 2020, 6:33am

I am getting the following error in the logread when my Legato application is trying to connect to another server application on the device (which is not in the legato system) via port 443. My adef file has sandboxed: false and the application is being started by an init script. Only this script is kept in the package. When I run my application outside the legato system i.e without starting from legato - I don’t face an issues to connect via port 443 to the server application.

device is FX30s
legato version : 16.10.1
Application: Legacy C application ported for this device

adef file:

sandboxed: false

bundles:
{
file:
{
[xr] Init.sh /bin/

}

}

requires:
{
file:
{
/bin/sh /bin/sh
/etc/hosts /etc/
}

}

processes:
{
envVars:
{
LD_LIBRARY_PATH=/path/to/required/Libs/for_my_Legacy_application
}

run:
{
(Init.sh)
}

maxCoreDumpFileBytes: 100K
maxFileBytes: 20480K
//faultAction: restart

}

maxMemoryBytes: 90440K

start: auto

ERROR:
fx30s user.err Legato: =ERR= |Init.sh[26707] | [2020/06/29 06:22:06:7588] N: Connect failed errno=13

I read from this post that, USB interface does not have much restrictions regarding iptable rules, since sandboxed is set to false I am assuming my app is getting root privileges as well, so I am out of ideas as to why the connection is not working inside the legato system and works properly outside.

jyijyi · June 29, 2020, 7:45am

you can shut down the firewall by the following command and see if the problem still exists.
iptables -I INPUT -j ACCEPT

Also you can put your script in /tmp, and then using system(“sh /tmp/Init.sh”); in the code and see if the problem still exists.

zaielavrupa · June 29, 2020, 9:26am

@jyijyi Thanks for the reply. Shutting down the firewall did not help.
And I did not understand what you meant by putting the init script in the /tmp - do you mean in the legato package?

My scenario is I am using an Init script to start my C application. When I run the script outside legato I have no issues, when i run the script from legato - I am facing the issues. I am only using the script so that I can start my applications from legato, but keep all the required files and stuff in other locations. Also the app is not sandboxed.

I ran into another post that seem to have had a similar scenario: THIS But their issue was solved by changing from ipv6 to ipv4.

In my case, if i do netstat -ent , I am getting the following output:
tcp 0 1 127.0.0.1:36211 127.0.0.1:443 SYN_SENT
But then the app gets killed after some time
Is this due to some setting/permission issue that I have missed. I am very new to Legato.

jyijyi · June 29, 2020, 9:39am

no, /tmp is the real path in the module as a result, your legato application can run the shell script in /tmp/Init.sh by system() API.

zaielavrupa · June 29, 2020, 10:08am

moving the script to /tmp did not help. Im still getting the error
Jun 29 10:01:30 fx30s user.err Legato: =ERR= | startapp[18601] | [2020/06/29 10:01:30:6562] N: Connect failed errno=13

jyijyi · June 29, 2020, 10:38am

Please attach your script here

zaielavrupa · June 29, 2020, 10:53am

Below given is my init script

#!/bin/sh
 cd /home/root/MYLEGACYAPP
./mylegacyapp

I also tested with this example, where I added the url to /etc/hosts as:
192.168.2.2 www.hp.com

Here also, it is having the same behaviour, will connect to the server when run outisde legato, and would not connect when run from legato.

jyijyi · June 29, 2020, 11:11am

I will make a try tomorrow, my first thought is similar issue to this one

Btw, if you change the line ./mylegacyapp to use curl command, does it work?

jyijyi · June 30, 2020, 2:32am

I don’t see problem with the latest FW R17:

https://source.sierrawireless.com/resources/airlink/software_downloads/fx30-firmware/fx30-firmware-3g/#sthash.cEmNgXK3.2jGjhTZT.dpbs

Here is my binary of sslconnect_arm.

sslconnect_arm (14.7 KB)
And also I used the following in the unsandboxed legato application:
system(“/home/root/sslconnect_arm”);

I can see the following legato log:

Jun 30 02:27:36 | hello6[1870] | | Successfully made the TCP connection to: https://www.sierrawireless.com. Successfully enabled SSL/TLS session to: https://www.sierrawireless.com. Retrieved the server’s certificate from: https://www.sierr
Jun 30 02:27:36 | hello6[1870] | | ta: CN=ssl425269.cloudflaressl.com Finished SSL/TLS connection with server: https://www.sierrawireless.com.

zaielavrupa · July 6, 2020, 4:59am

Updating to latest firmware solved the tcp issue. Thank you for your time @jyijyi

Topic		Replies	Views
Connection Manager Legato Application Framework	6	1180	September 11, 2018
I can´t connect to a port that is listening Legato Application Framework	3	798	July 19, 2017
Socket connection fail Legato Linux distribution (Yocto project)	13	2335	April 6, 2019
Using sockets as IPC with localhost Legato Application Framework	1	1742	December 3, 2018
Application group for tcp/ip communication permission Legato Application Framework	3	1050	December 13, 2017

TCP connection error , port 443 N: Connect failed errno=13

Related topics