mersenneforum.org  

Go Back   mersenneforum.org > Great Internet Mersenne Prime Search > PrimeNet > MISFIT

Reply
 
Thread Tools
Old 2021-07-09, 05:53   #12
De Wandelaar
 
De Wandelaar's Avatar
 
"Yves"
Jul 2017
Belgium

2×3×13 Posts
Default

Same problem, Windows update not yet done.

Problem started a few hours after PrimeNet server Maintenance.
De Wandelaar is offline   Reply With Quote
Old 2021-07-09, 15:41   #13
Madpoo
Serpentine Vermin Jar
 
Madpoo's Avatar
 
Jul 2014

31·107 Posts
Default

Quote:
Originally Posted by srow7 View Post
same. stopped working after server reboot a few days ago.
Unfortunately I know zero about Misfit and how it communicates - is it just automating the process of sending results to the manual upload page? It's not using the API, is it?

One thing that I can think of is that the maintenance and server reboot may have finally deprecated some of the old, insecure security protocols (TLS 1.0 and 1.1). If Misfit is using some old libraries that don't support TLS 1.2, I could see that being an issue.
Madpoo is offline   Reply With Quote
Old 2021-07-09, 16:55   #14
Flaukrotist
 
Sep 2020
Germany

2916 Posts
Default

Quote:
Originally Posted by Madpoo View Post
[...] is it just automating the process of sending results to the manual upload page? It's not using the API, is it?
[...] If Misfit is using some old libraries that don't support TLS 1.2, I could see that being an issue.
Of course, it is up to Scott to properly answer this. I don't know about the support of TLS 1.2 by Misfit, but a quick look into the source code of version 2.11 (the latest afaik) reveals that this endpoint is called with POST:

Quote:
Originally Posted by MISFIT v2.11
string url = "https://www.mersenne.org/manual_result/misfit.php?uid=" + userID;
and the file contents are sent to that as multipart/form-data. I hope that this at least helps in checking if the problem is related to the server side.

(I hope, I am allowed to post these details here (without asking Scott for permission) as the source code is publicly available. If not, please tell me, correct me and delete this post if necessary.)
Flaukrotist is online now   Reply With Quote
Old 2021-07-09, 17:19   #15
Madpoo
Serpentine Vermin Jar
 
Madpoo's Avatar
 
Jul 2014

31·107 Posts
Default

Quote:
Originally Posted by Flaukrotist View Post
Of course, it is up to Scott to properly answer this. I don't know about the support of TLS 1.2 by Misfit, but a quick look into the source code of version 2.11 (the latest afaik) reveals that this endpoint is called with POST:

and the file contents are sent to that as multipart/form-data. I hope that this at least helps in checking if the problem is related to the server side.

(I hope, I am allowed to post these details here (without asking Scott for permission) as the source code is publicly available. If not, please tell me, correct me and delete this post if necessary.)
Well, that's just posting form data to the web side of things - that's a specialized version of the manual result page, in essence, just for misfit usage.

It's calling https which is great and all, but the error message indicates it's some problem misfit itself is encountering during the connection. so it probably does come down to how exactly it's making that https request, like what web library is it using and does it support TLS 1.2.

I don't know if the server logs would show the failed connection attempts but I'll see. Okay, just checked, and I see a bunch of successful (200) POST connections to /manual_result/misfit.php - so that tells me it's connecting okay but then if the app is still encountering something else unexpected, I couldn't say what exactly. The logs don't capture the form data being POSTed, just the URL info.
Madpoo is offline   Reply With Quote
Old 2021-07-09, 17:39   #16
Flaukrotist
 
Sep 2020
Germany

518 Posts
Default

Misfit is using the C# library HttpWebRequest for the request. A quick search revealed https://stackoverflow.com/questions/...-4-0-framework that (maybe dependent on the .NET version) TLS 1.2 must be explicitely enabled in the code and I cannot find any such line in the source code. So maybe (grasping straws) this is the path to the solution but needs action from Scott to fix it. I don't know what else would be affected by such a change. Also, maybe I am completely wrong here as I am relying on crude C# knowledge.
Flaukrotist is online now   Reply With Quote
Old 2021-07-09, 18:45   #17
Madpoo
Serpentine Vermin Jar
 
Madpoo's Avatar
 
Jul 2014

31×107 Posts
Default

Quote:
Originally Posted by Flaukrotist View Post
Misfit is using the C# library HttpWebRequest for the request. A quick search revealed https://stackoverflow.com/questions/...-4-0-framework that (maybe dependent on the .NET version) TLS 1.2 must be explicitely enabled in the code and I cannot find any such line in the source code. So maybe (grasping straws) this is the path to the solution but needs action from Scott to fix it. I don't know what else would be affected by such a change. Also, maybe I am completely wrong here as I am relying on crude C# knowledge.
That would be unfortunate. On the server side, I could re-enable at least TLS 1.1 (definitely not 1.0 though) and it would require a server reboot.

Ideally someone familiar with misfit and its creation could look at the TLS 1.2 possibility and do a test to see if that's even the issue, and then people would have some window of time in which to upgrade their misfit before we purposefully disable TLS 1.1.

And I don't even know if that's the issue, but besides the typical Microsoft patches, that is something that changed. We actually changed the TLS 1.0/1.1 support a long time back but had to revert in order to make sure PHP and SQL were talking to each other okay. We got that fixed and I probably just forgot that I'd made the registry changes to re-disable (is that a thing?) those old protocols, which took effect when it finally rebooted.

That's what happens when we go 6 months between reboots - I forget things like that.
Madpoo is offline   Reply With Quote
Old 2021-07-10, 05:04   #18
Madpoo
Serpentine Vermin Jar
 
Madpoo's Avatar
 
Jul 2014

31×107 Posts
Default

Quote:
Originally Posted by Flaukrotist View Post
Misfit is using the C# library HttpWebRequest for the request. A quick search revealed https://stackoverflow.com/questions/...-4-0-framework that (maybe dependent on the .NET version) TLS 1.2 must be explicitely enabled in the code and I cannot find any such line in the source code. So maybe (grasping straws) this is the path to the solution but needs action from Scott to fix it. I don't know what else would be affected by such a change. Also, maybe I am completely wrong here as I am relying on crude C# knowledge.
Reading more through that thread, and following up, it sure does seem like .NET Framework 4.0 does not support TLS 1.1 even. If that's how misfit is compiled, then we have a problem. (EDIT: the fix is to up it to 4.5 at least)

That would mean Misfit required TLS 1.0 on the server in order to work, and due to the many security implications of TLS 1.0, I would be very hesitant to add that back in.

But maybe it's not using .net framework calls? I didn't really look at misfit's source code even though I downloaded it and did a cursory look (which meant searching for "tls", which were all related to smtp, so hey, it has that at least).

Last fiddled with by Madpoo on 2021-07-10 at 05:06
Madpoo is offline   Reply With Quote
Old 2021-07-10, 09:02   #19
Flaukrotist
 
Sep 2020
Germany

4110 Posts
Default

Quote:
Originally Posted by Madpoo View Post
Reading more through that thread, and following up, it sure does seem like .NET Framework 4.0 does not support TLS 1.1 even. If that's how misfit is compiled, then we have a problem. (EDIT: the fix is to up it to 4.5 at least)
A small update: From the .csproj file in the source code, I read the TargetFrameworkVersion is .NET Framework 4.0 which would support your fear.

I separated the file uploading function into a new C# project using .NET 5.0 and feeding it one of the staged files from my Misfit folder. It worked like a charm with the endpoint. No connection abortions, no errors, but just the result text from the manual upload page that one can see in the communication logs of Misfit when it succeeded. So for this extracted scenario, a compilation using .NET 5.0 might do the trick, also with TLS 1.2 which I suspect was still enabled when I tested at 9/7/21, 9 pm UTC. Unfortunately, I couldn't try the same function using .NET framework 4.0 to see if it fails there. And I will most likely not have time for that during the weekend.

I don't know if that recompilation would be the solution or if it breaks other things then.
(If you are looking for the function I talk about: It is in WebIO.cs, UploadResultsFileToGIMPS() )
Flaukrotist is online now   Reply With Quote
Old 2021-07-10, 15:55   #20
Madpoo
Serpentine Vermin Jar
 
Madpoo's Avatar
 
Jul 2014

31·107 Posts
Default

Quote:
Originally Posted by Flaukrotist View Post
A small update: From the .csproj file in the source code, I read the TargetFrameworkVersion is .NET Framework 4.0 which would support your fear.

I separated the file uploading function into a new C# project using .NET 5.0 and feeding it one of the staged files from my Misfit folder. It worked like a charm with the endpoint. No connection abortions, no errors, but just the result text from the manual upload page that one can see in the communication logs of Misfit when it succeeded. So for this extracted scenario, a compilation using .NET 5.0 might do the trick, also with TLS 1.2 which I suspect was still enabled when I tested at 9/7/21, 9 pm UTC. Unfortunately, I couldn't try the same function using .NET framework 4.0 to see if it fails there. And I will most likely not have time for that during the weekend.

I don't know if that recompilation would be the solution or if it breaks other things then.
(If you are looking for the function I talk about: It is in WebIO.cs, UploadResultsFileToGIMPS() )
That's a great test. I'd suggest that .NET 4.5 be targeted, if this were rolled up into a new compiled build. Reason being, most people are (probably?) going to have 4.5 installed on their Win10 boxes already, but 5.0+ would be an additional download & install. 5.0 is available for other OS's though so I guess that could play into it, making it possible to port it easily to Linux/Mac or whatever.

But that is definitely interesting. I did see that there's a way to make it work with Framework 4.0 by specifying the protocol # directly or something like that. LOL
EDIT: From here: TLS 1.2 in Framework 4.0

The server is still setup with just TLS 1.2 enabled - I was waiting 'til the weekend here to check with George and see if re-enabling 1.1 (and maybe 1.0 if Misfit needs it?) is something we'd want or need to do for the sake of the users. But most likely with a drop-dead date in the future of getting Misfit working with 1.2 and enough time for people to update.

Last fiddled with by Madpoo on 2021-07-10 at 16:03
Madpoo is offline   Reply With Quote
Old 2021-07-10, 16:47   #21
Madpoo
Serpentine Vermin Jar
 
Madpoo's Avatar
 
Jul 2014

31·107 Posts
Default Possible fix, with just some registry keys added?

I was reading more about this issue with Framework 4.0 apps and TLS 1.2 support.

If the machine has Framework 4.5+ installed, then it sounds like you can tell it to use TLS 1.2 by default with the addition/modification of a couple of registry keys. This avoids having to recompile an old app, since you're just telling your framework to use a stronger crypto by default.

If someone wants to try this out - just make sure your system does already have 4.5 installed. Windows 10 does, by default, so that should be fine. For older systems (Win7/8/8.1) just be sure to check.

From an admin command prompt (or add the keys to the registry yourself if you're so inclined):
Code:
reg add HKLM\SOFTWARE\Microsoft\.NETFramework\v4.0.30319 /v SchUseStrongCrypto /t REG_DWORD /d 1 /f
reg add HKLM\SOFTWARE\Microsoft\.NETFramework\v4.0.30319 /v SystemDefaultTlsVersions /t REG_DWORD /d 1 /f
Those commands add the reg entries that will tell .NET Framework 4.x targeted apps to use stronger crypto by default. I saw conflicting info about whether you actually need Framework 4.6+ installed, or if 4.5 is good enough.

If getting 4.6+ installed and adding some reg keys does the trick, I'd be on board with just recommending that for any misfit users, over the downside of re-enabling the older protocol versions.
Madpoo is offline   Reply With Quote
Old 2021-07-11, 05:23   #22
1997rj7
 
1997rj7's Avatar
 
Sep 2003

1011000002 Posts
Default

The registry entries seem to have fixed it for me.
1997rj7 is offline   Reply With Quote
Reply

Thread Tools


Similar Threads
Thread Thread Starter Forum Replies Last Post
Stop receiving new tasks gromphedyret Information & Answers 4 2018-01-18 17:21
Completed 29M work not showing as completed in GPU72 Chuck GPU to 72 2 2013-02-02 03:25
How do I get computer to do lots of little tasks? jasong Information & Answers 4 2007-10-04 20:40
Can I manually add tasks BEFORE the current one? If not, how do I add after anyway? Nazo Software 7 2005-09-13 23:00
So what tasks should I be doing? PadainFain Software 8 2002-11-24 01:10

All times are UTC. The time now is 08:25.


Fri Dec 3 08:25:55 UTC 2021 up 133 days, 2:54, 0 users, load averages: 1.32, 2.35, 2.17

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.

This forum has received and complied with 0 (zero) government requests for information.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation.
A copy of the license is included in the FAQ.