KSMPPD SSL

[fubarov]

Hi, i have a working ksmppd server that is serving clients. One new client wants to use ssl, so he set his kannel smsc connection to "use-ssl=1" as he has done with other providers he works with. Problem is when he tries to connect he gets:

==> /var/log/kannel/xxxxxx.log <==
2019-07-24 11:34:16 [10755] [9] DEBUG: Connecting to <xxx.xxx.xxx.xxx>
2019-07-24 11:34:16 [10755] [9] DEBUG: SMPP[xxxxxx]: Sending PDU:
2019-07-24 11:34:16 [10755] [9] DEBUG: SMPP PDU 0x7f9d24000a10 dump:
2019-07-24 11:34:16 [10755] [9] DEBUG: type_name: bind_transmitter
2019-07-24 11:34:16 [10755] [9] DEBUG: command_id: 2 = 0x00000002
2019-07-24 11:34:16 [10755] [9] DEBUG: command_status: 0 = 0x00000000
2019-07-24 11:34:16 [10755] [9] DEBUG: sequence_number: 4 = 0x00000004
2019-07-24 11:34:16 [10755] [9] DEBUG: system_id: "xxxxxx"
2019-07-24 11:34:16 [10755] [9] DEBUG: password: "xxxxxx"
2019-07-24 11:34:16 [10755] [9] DEBUG: system_type: "XXXXX"
2019-07-24 11:34:16 [10755] [9] DEBUG: interface_version: 52 = 0x00000034
2019-07-24 11:34:16 [10755] [9] DEBUG: addr_ton: 1 = 0x00000001
2019-07-24 11:34:16 [10755] [9] DEBUG: addr_npi: 1 = 0x00000001
2019-07-24 11:34:16 [10755] [9] DEBUG: address_range: NULL
2019-07-24 11:34:16 [10755] [9] DEBUG: SMPP PDU dump ends.
==> /var/log/kannel/xxxxxx.log <==
2019-07-24 11:34:37 [10755] [9] ERROR: SSL read failed: OpenSSL error 1: error:00000001:lib(0):func(0):reason(1)
2019-07-24 11:34:37 [10755] [9] ERROR: SMPP[xxxxxx]: I/O error or other error. Re-connecting.
2019-07-24 11:34:37 [10755] [9] ERROR: SSL write failed: OpenSSL error 1: error:00000001:lib(0):func(0):reason(1)
2019-07-24 11:34:37 [10755] [9] ERROR: SMPP[xxxxxx]: Couldn't connect to SMS center (retrying in 10 seconds).

On the other hand, the log @ our ksmppd server is:
2019-07-24 11:34:16 [10845] [0] DEBUG: Got connection from xxx.xxx.xxx.xxx
2019-07-24 11:34:16 [10845] [0] DEBUG: Got a read event for SMPP esme connection 0 0
2019-07-24 11:34:16 [10845] [0] ERROR: SMPP: PDU length was too large (369295617, maximum is 7424).
2019-07-24 11:34:16 [10845] [0] ERROR: SMPP[(null):0]: Client sent garbage, ignored.
2019-07-24 11:34:16 [10845] [0] ERROR: Could not read PDU from (null) status was -2

He also sent us his logs of how a successful ssl connection looks like in his logs so we can investigate:
==> /var/log/kannel/xxxxxxx.log <==
2019-07-24 11:42:59 [10917] [6] DEBUG: Connecting to <xxx.xxx.xxx.xxx>
2019-07-24 11:42:59 [10917] [6] DEBUG: SMPP[xxxxx]: Sending PDU:
2019-07-24 11:42:59 [10917] [6] DEBUG: SMPP PDU 0x7f412c0034b0 dump:
2019-07-24 11:42:59 [10917] [6] DEBUG: type_name: bind_transmitter
2019-07-24 11:42:59 [10917] [6] DEBUG: command_id: 2 = 0x00000002
2019-07-24 11:42:59 [10917] [6] DEBUG: command_status: 0 = 0x00000000
2019-07-24 11:42:59 [10917] [6] DEBUG: sequence_number: 1 = 0x00000001
2019-07-24 11:42:59 [10917] [6] DEBUG: system_id: "xxxx"
2019-07-24 11:42:59 [10917] [6] DEBUG: password: "xxxxx"
2019-07-24 11:42:59 [10917] [6] DEBUG: system_type: "xxxx"
2019-07-24 11:42:59 [10917] [6] DEBUG: interface_version: 52 = 0x00000034
2019-07-24 11:42:59 [10917] [6] DEBUG: addr_ton: 1 = 0x00000001
2019-07-24 11:42:59 [10917] [6] DEBUG: addr_npi: 1 = 0x00000001
2019-07-24 11:42:59 [10917] [6] DEBUG: address_range: NULL
2019-07-24 11:42:59 [10917] [6] DEBUG: SMPP PDU dump ends.
2019-07-24 11:42:59 [10917] [6] INFO: Accepting certificate for "/O=xxxx/CN=xxxx" signed by "/O=xxxxxx/CN=xxxx"
2019-07-24 11:42:59 [10917] [6] INFO: Accepting certificate for "/C=US/O=xxxxx/CN=xxxxxx" signed by "/O=xxxxxx/CN=xxxxx"
2019-07-24 11:42:59 [10917] [6] INFO: Accepting certificate for "/CN=xxxxx" signed by "/C=xxx/O=xxxx/CN=xxxxxxx"
2019-07-24 11:43:00 [10917] [6] DEBUG: SMPP[xxxxxx]: Got PDU:
2019-07-24 11:43:00 [10917] [6] DEBUG: SMPP PDU 0x7f412c014840 dump:
2019-07-24 11:43:00 [10917] [6] DEBUG: type_name: bind_transmitter_resp
2019-07-24 11:43:00 [10917] [6] DEBUG: command_id: 2147483650 = 0x80000002
2019-07-24 11:43:00 [10917] [6] DEBUG: command_status: 0 = 0x00000000
2019-07-24 11:43:00 [10917] [6] DEBUG: sequence_number: 1 = 0x00000001
2019-07-24 11:43:00 [10917] [6] DEBUG: system_id: NULL
2019-07-24 11:43:00 [10917] [6] DEBUG: SMPP PDU dump ends.
2019-07-24 11:43:00 [10917] [6] DEBUG: SMPP[xxxxxx]: throughput (0.00,50.00)

his kannel smsc config, same as his working configs that use ssl:
-#SMSC xxxx
group = smsc
smsc = smpp
smsc-id = xxxxx
allowed-smsc-id = "xxxxx"
log-file = "/var/log/kannel/xxxxxx.log"
host = xxx.xxx.xxx.xxx
port = xxxxx
smsc-username = xxxxx
smsc-password = xxxxx
use-ssl = 1
system-type = xxxxxx
source-addr-autodetect = no
source-addr-npi = 1
source-addr-ton = 2
dest-addr-npi = 1
dest-addr-ton = 1
bind-addr-ton = 1
bind-addr-npi = 1
enquire-link-interval = 30
keepalive = 30
throughput = 5

also ksmppd is configured with enable-ssl:
ldd smpp/ksmppd
libssl.so.1.0.2 => /usr/lib/x86_64-linux-gnu/libssl.so.1.0.2 (0x00007fa2237ad000)
libcrypto.so.1.0.2 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.2 (0x00007fa222434000)

is ksmppd capable to accept ssl connections from clients (not to connect to bearerbox with ssl, which works just fine) ?

[donald-jackson]

This feature is not currently supported, but will add to to do.

In the mean while please use https://www.stunnel.org/