Develop Bugs

[Q] OpenVPN: routing/bridged network and [semi]stock kernel

Hello to everybody,
I'm trying to run open VPN in my rooted stock Galaxy Nexus, with ICS 4.0.3.
My goal is to create a bridged interface to get an ip directly from the same DHCP server that serve to all the pcs at my work network instead of assign a special pool by using a tap interface, but i'm not even able to bring up a tun interface to check if openvpn is working.
I keep getting some error when it's trying to bring up the tun0 interface; openvpn quit with value exit with "Linux ifconfig failed: external program fork failed".
If I try to bring up the tun0 from shell, I get "ifconfig: tun0: error fetching interface information: Device not found".
Then I check if the kernel is running with support for tunneling and i found that CONFIG_TUN is correctly set.
Did I miss something? Did I had to set other kernel modules? Also, somewhere in this forum is said that "tun is possible, tap no due to system limitations": someone knows what this limitations are and how can i pass them?
Also, is this a right place to ask or i'm posting to the wrong forum?
Thank you and sorry for my english
R.
Here is a part of logcat showing the errror (whit location masked at line 4)
Code:
D/OpenVPN-DaemonMonitor[/sdcard/openvpn/Nexus.ovpn]-mgmt( 1959): =============> 0 == 4 resetting dns, leaving dns alone
D/OpenVPN-DaemonMonitor[/sdcard/openvpn/Nexus.ovpn]-mgmt( 1959): SUCCESS: bytecount interval changed
D/OpenVPNDaemonEnabler( 1959): Received OpenVPN network state changed from Auth to Get Config
D/OpenVPN-DaemonMonitor[/sdcard/openvpn/Nexus.ovpn]-daemon-stdout( 1959): Wed Nov 14 15:14:43 2012 SENT CONTROL [xx.xx.xx.it]: 'PUSH_REQUEST' (status=1)
D/OpenVPN-DaemonMonitor[/sdcard/openvpn/Nexus.ovpn]-daemon-stdout( 1959): Wed Nov 14 15:14:44 2012 PUSH: Received control message: 'PUSH_REPLY,route 192.168.11.0 255.255.255.0,dhcp-option DNS 10.8.0.1,dhcp-option WINS 192.168.11.2,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.74 10.8.0.73'
D/OpenVPN-DaemonMonitor[/sdcard/openvpn/Nexus.ovpn]-daemon-stdout( 1959): Wed Nov 14 15:14:44 2012 OPTIONS IMPORT: timers and/or timeouts modified
D/OpenVPN-DaemonMonitor[/sdcard/openvpn/Nexus.ovpn]-daemon-stdout( 1959): Wed Nov 14 15:14:44 2012 OPTIONS IMPORT: --ifconfig/up options modified
D/OpenVPN-DaemonMonitor[/sdcard/openvpn/Nexus.ovpn]-daemon-stdout( 1959): Wed Nov 14 15:14:44 2012 OPTIONS IMPORT: route options modified
D/OpenVPN-DaemonMonitor[/sdcard/openvpn/Nexus.ovpn]-daemon-stdout( 1959): Wed Nov 14 15:14:44 2012 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
D/OpenVPN-DaemonMonitor[/sdcard/openvpn/Nexus.ovpn]-daemon-stdout( 1959): Wed Nov 14 15:14:44 2012 ROUTE default_gateway=2.195.48.1
D/OpenVPN-DaemonMonitor[/sdcard/openvpn/Nexus.ovpn]-daemon-stdout( 1959): Wed Nov 14 15:14:44 2012 TUN/TAP device tun0 opened
D/OpenVPN-DaemonMonitor[/sdcard/openvpn/Nexus.ovpn]-daemon-stdout( 1959): Wed Nov 14 15:14:44 2012 TUN/TAP TX queue length set to 100
D/OpenVPN-DaemonMonitor[/sdcard/openvpn/Nexus.ovpn]-daemon-stdout( 1959): Wed Nov 14 15:14:44 2012 MANAGEMENT: >STATE:1352902484,ASSIGN_IP,,10.8.0.74,
D/OpenVPN-DaemonMonitor[/sdcard/openvpn/Nexus.ovpn]-daemon-stdout( 1959): Wed Nov 14 15:14:44 2012 /system/xbin/busybox ifconfig tun0 10.8.0.74 pointopoint 10.8.0.73 mtu 1500
V/OpenVPN-DaemonMonitor[/sdcard/openvpn/Nexus.ovpn]-mgmt( 1959): onState(">STATE:1352902484,ASSIGN_IP,,10.8.0.74,")
D/OpenVPN-DaemonMonitor[/sdcard/openvpn/Nexus.ovpn]-daemon-stdout( 1959): Wed Nov 14 15:14:44 2012 MANAGEMENT: Client disconnected
D/OpenVPN-DaemonMonitor[/sdcard/openvpn/Nexus.ovpn]-daemon-stdout( 1959): Wed Nov 14 15:14:44 2012 Linux ifconfig failed: external program fork failed
D/OpenVPN-DaemonMonitor[/sdcard/openvpn/Nexus.ovpn]-daemon-stdout( 1959): Wed Nov 14 15:14:44 2012 Exiting

[Q] Webcam and side-loading Skype?

A couple of questions:
1 . Has anyone had any success hooking up a webcam? If so what model? So far I have tried an HP webcam 3100 and a Logitech C270 and neither seems to be detected.
2. Any success in side-loading Skype? The apk installed however since my webcams were not detected there was no mic/cam picked up. Doesn't look like I'll be doing much in its current state.
I ran "adb bugreport" in case it contains anything useful. Attaching to the post 7zipped.
Pertinent info:
Build: bueller-user 4.2.2 JDQ39 51.1.5.0_user_515030720 test-keys
Build fingerprint: 'qcom/bueller/bueller:4.2.2/JDQ39/51.1.5.0_user_515030720:user/release-keys'
Bootloader: unknown
Radio: apq
Network: (unknown)
Kernel: Linux version 3.4.0-perf-gf191309 ([email protected]) (gcc version 4.6.x-google 20120106 (prerelease) (GCC) ) #1 SMP PREEMPT Thu Apr 2 18:55:49 PDT 2015
Command line: androidboot.hardware=qcom user_debug=31 msm_rtb.filter=0x3F ehci-hcd.park=3 maxcpus=2 androidboot.emmc=true androidboot.serialno=70900114511706N2 androidboot.baseband=apq
Didn't find anything useful doing a google search. No mention of using webcams at all with Fire TV.
Thanks all.

Wow your post is from today!
Todo for today was to check that out.
I am on root with the 51.1.5.0_515020820.
I try later this day Skype app from amazon store, from gp-store and perhaps the xda-mod version. But of course at first my Microsoft Studio HD Webcam should work
Greetings by I_did_it_just_tmrrow

I tried once mine, I think it is a Microsoft one, the model that is sold for Sony TVs, but I am on an older firetv firmware and Skype didn't even recognised the camera. So, out of the box, in the past it didn't work. Let us know how it is now.

Did I just understand that right:
The FireTV OS (FireOS) is based on the linux kernel Monolithic.
Does the kernel Monolithic support webcams?
Did I just understand that right that under linux there where no driver-files like in win-os, so if the kernel does not suport the device you have to update/change the kernel?
Code:
[email protected]:/ # cat /proc/version
cat /proc/version
Linux version 3.4.0-perf-gf191309 ([email protected]) (gcc version 4.6.x-g
oogle 20120106 (prerelease) (GCC) ) #1 SMP PREEMPT Thu Mar 12 21:58:15 PDT 2015
[email protected]:/ #
the same output with or without connected MS Studio HD Wecam , see here:
Code:
lsmod
adsprpc 6735 0 - Live 0x00000000
wlan 450113 0 - Live 0x00000000 (O
eth 66936 0 - Live 0x00000000 (O)
Greetings by I_did_it_just_tmrrow
EDIT:
SUCCESS!
Got a picture with this app called "
Externe USB SnapExWebcam" and enabled super-User request.

Hi
Could you explain how you got this to work? Just sideload Skype & Externe USB SnapExWebcam and it will work? or is there more to do? I am rooted.
Thanks
I_did_it_just_tmrrow said:
Did I just understand that right:
The FireTV OS (FireOS) is based on the linux kernel Monolithic.
Does the kernel Monolithic support webcams?
Did I just understand that right that under linux there where no driver-files like in win-os, so if the kernel does not suport the device you have to update/change the kernel?
Code:
[email protected]:/ # cat /proc/version
cat /proc/version
Linux version 3.4.0-perf-gf191309 ([email protected]) (gcc version 4.6.x-g
oogle 20120106 (prerelease) (GCC) ) #1 SMP PREEMPT Thu Mar 12 21:58:15 PDT 2015
[email protected]:/ #
the same output with or without connected MS Studio HD Wecam , see here:
Code:
lsmod
adsprpc 6735 0 - Live 0x00000000
wlan 450113 0 - Live 0x00000000 (O
eth 66936 0 - Live 0x00000000 (O)
Greetings by I_did_it_just_tmrrow
EDIT:
SUCCESS!
Got a picture with this app called "
Externe USB SnapExWebcam" and enabled super-User request.
Click to expand...
Click to collapse

Hill16 said:
Hi
Could you explain how you got this to work? Just sideload Skype & Externe USB SnapExWebcam and it will work? or is there more to do? I am rooted.
Thanks
Click to expand...
Click to collapse
At first: Skype did not work correctly. Perhaps because he had no mic&video but I think there is more to do then enable the webcam for skype.
At the moment I use the mod version v4.7, here from xda. But when I open the exdended menu he told me that there is no webcam device found. I think it has something todo with the rights (chmod) of /dev/video0 because SnapExWebcam bring it to work and change it to 666 with chmod.
Anybody knows a solution?
Is there a way to give the Skype app More rights if they dont ask for More rights?
Greetings by Idijt

The new 4k Fire TV with OS 5 - anything change that we can now get Skype and USB webcam to work?
thanks

usb web camera app and dashcam connected at fire tv.works.but not with sk
I_did_it_just_tmrrow said:
At first: Skype did not work correctly. Perhaps because he had no mic&video but I think there is more to do then enable the webcam for skype.
At the moment I use the mod version v4.7, here from xda. But when I open the exdended menu he told me that there is no webcam device found. I think it has something todo with the rights (chmod) of /dev/video0 because SnapExWebcam bring it to work and change it to 666 with chmod.
Anybody knows a solution?
Is there a way to give the Skype app More rights if they dont ask for More rights?
Greetings by Idijt
Click to expand...
Click to collapse
usb web camera app and dashcam connected at the usb of fire tv..works.but not with skipe.
any app video chat can works.now that you can use a usb cam?

[AFTV2] OpenVPN Installer will not work

hi
OpenVPN Installer will not install Binaries. the logfile tell me system are not rw.
The System is rw.
adb shell tell me
/dev/block/platform/mtk-msdc.0/by-name/system /system ext4 rw,seclabel,noatime,commit=1,data=ordered 0 0
The openvpn installer say no.
erledigt !

Logfile
Thu May 5 15:51:48 2016 us=858896 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Thu May 5 15:51:48 2016 us=859110 Re-using SSL/TLS context
Thu May 5 15:51:48 2016 us=859292 LZO compression initialized
Thu May 5 15:51:48 2016 us=859574 Control Channel MTU parms [ L:1554 D:138 EF:38 EB:0 ET:0 EL:0 ]
Thu May 5 15:51:49 2016 us=17836 RESOLVE: NOTE: 1-ch.cg-dialup.net resolves to 10 addresses, choosing one by random
Thu May 5 15:51:49 2016 us=17940 Data Channel MTU parms [ L:1554 D:1450 EF:54 EB:135 ET:0 EL:0 AF:3/1 ]
Thu May 5 15:51:49 2016 us=18028 Local Options String: 'V4,dev-type tun,link-mtu 1554,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth MD5,keysize 256,key-method 2,tls-client'
Thu May 5 15:51:49 2016 us=18063 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1554,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth MD5,keysize 256,key-method 2,tls-server'
Thu May 5 15:51:49 2016 us=18121 Local Options hash (VER=V4): '4d1bd89e'
Thu May 5 15:51:49 2016 us=18175 Expected Remote Options hash (VER=V4): '4e0f8044'
Thu May 5 15:51:49 2016 us=18231 Socket Buffers: R=[212992->131072] S=[212992->131072]
Thu May 5 15:51:49 2016 us=18273 UDPv4 link local: [undef]
Thu May 5 15:51:49 2016 us=18315 UDPv4 link remote: 185.32.222.15:443
Thu May 5 15:51:49 2016 us=53970 TLS: Initial packet from 185.32.222.15:443, sid=172cc2ce 4ea31aac
Thu May 5 15:51:49 2016 us=54538 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Thu May 5 15:51:49 2016 us=109247 VERIFY OK: depth=1, /C=DE/O=CyberGhost_VPN/OU=CyberGhost/CN=CyberGhost
Thu May 5 15:51:49 2016 us=111061 VERIFY ERROR: depth=0, error=certificate signature failure: /C=RO/ST=RO/L=Bucharest/O=CyberGhost_VPN/OU=CyberGhost/CN=CyberGhost/name=CyberGhost_VPN/[email protected]
Thu May 5 15:51:49 2016 us=111645 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Thu May 5 15:51:49 2016 us=111842 TLS Error: TLS object -> incoming plaintext read error
Thu May 5 15:51:49 2016 us=112114 TLS Error: TLS handshake failed
Thu May 5 15:51:49 2016 us=112638 TCP/UDP: Closing socket
Thu May 5 15:51:49 2016 us=112978 SIGUSR1[soft,tls-error] received, process restarting
Thu May 5 15:51:49 2016 us=113172 Restart pause, 2 second(s)
what is the problem ? can everyboudy help me ?
here die config
client
remote 1-ch.cg-dialup.net 443
dev tun
proto udp
auth-user-pass /sdcard/openvpn/pas.key
resolv-retry infinite
redirect-gateway def1
persist-key
persist-tun
nobind
cipher AES-256-CBC
auth MD5
ping 15
ping-exit 90
ping-timer-rem
script-security 2
remote-cert-tls server
route-delay 5
verb 4
comp-lzo
ca /sdcard/openvpn/ca.crt
cert /sdcard/openvpn/client.crt
key /sdcard/openvpn/client.key

Hoggels said:
hi
OpenVPN Installer will not install Binaries. the logfile tell me system are not rw.
The System is rw.
adb shell tell me
/dev/block/platform/mtk-msdc.0/by-name/system /system ext4 rw,seclabel,noatime,commit=1,data=ordered 0 0
The openvpn installer say no.
erledigt !
Click to expand...
Click to collapse
You might want to include the basics. Like if your Rooted, What device version & on what FW are you trying this on.

I had some luck with OpenVPN Installer discussed in second thread here: http://forum.xda-developers.com/fire-tv/help/vpn-rooted-fire-tv-t3370488
However, OpenVPN Settings still wouldn't work properly (even with correct binaries installed). Then tried Open VPN for Android with much more success (without need of root). Discussed here: http://forum.xda-developers.com/fire-tv/help/openvpn-android-rooted-fire-tv-t3373088

[REQ] Forum HTTPS support

Dear administrators, why do you force users to use the insecure HTTP protocol while this forum has a valid SSL certificate (used for login) ?
For example, when I try https://forum.xda-developers.com/all, I am being redirected to http://forum.xda-developers.com/all
Code:
HTTP/1.1 301 Moved Permanently
Date: Wed, 14 Dec 2016 17:05:08 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://forum.xda-developers.com/all
...
Please allow us to use a secure HTTPS protocol.

HTTPS will consume more server resources ...

Question Cannot connect Wifi Enterprise EAP/TLS with Xperia 10 III Android 12 Update July 2022 BN 62.1.A.0.617

Hello,
I am trying to connect my smartphone Xperia 10 III Android 12 Update July 2022 BN 62.1.A.0.617
to Enterprise WIFI using certificates CORPORATE-WIFI-WPA_EAPIEEE8021X_TLS_NULL
with following setting pushed by azure intune :
Scep Cert policy to android:
Subject name format CN={{AAD_Device_ID}}
Subject alternative name User principal name (UPN) = {{AAD_Device_ID}}@domain.com
Certificate validity period 1 Years
Key usage Key encipherment, Digital signature
Key size (bits) 2048
Hash algorithm SHA-2
Root Certificate "YOUR ROOT CERT"
Extended key usage Client Authentication enter what you cert template says
Renewal threshold (%) 20
SCEP Server URLs "NDES URL"
WIFI Settings policy to android:
SSID "SSID"
Connect automatically Disable
Hidden network Disable
EAP type EAP - TLS
Radius server name "All Ise Nodes"
Root cert for server valid "Your Root Cert"
Authentication method Certificates
Certificates "Scep Cert From earlier"
Identity privacy anonymous this seems to be important
Unfortunately, Cisco ISE do not see my Smartphone MAC Addr and phone does not connect.
We investigated a lot of about this connection issue but do not find the root cause.
Re-enrolled my phone to Intune more than once, resync'ed mgmt policies,
reinstalled certificated, ... does not seem to help.
Also removed Norton 360 security just in case of but no change.
Any idea about the root cause or where the issue can be ?
Situation was the same with March 2022 Android 12 update
Thanks for your ideas
Th

If You using private MAC, You may try to disable it for this wifi connection.

Hello,
Thanks for reply. Gave a try with Device MAC or Randomized MAC but not change. Is this what you mean ?
Thanks
TH