400 bad request

So today I decided to work on a pet project of mine, where a Raspberry Pi is controlling a LED light. The Pi is controlled by a website.

Cool.

Except…

When the Pi tries to connect to my local running iis express server, the response is 400 bad request.

Why ohhh why.

IP address… Yes, the servers ip has changed, but I did change the connection url on the Pi, so what then?

A little digging with fiddler didnt show anything. I mean that literally, the connection attempts didnt show on the server, at all.

It turns out it was the %userprofile%\My Documents\IISExpress\config\applicationhost.config that needed a small update to reflect the new ip address.

old:

<binding protocol=”http” bindingInformation=”*:52591:localhost” />
<binding protocol=”http” bindingInformation=”*:52591:192.168.1.222″ />

new:

<binding protocol=”http” bindingInformation=”*:52591:*” />

wohooo, no ip address needed, asterix for the win 😀

More on http://max-it.dk/wp/2014/06/12/iis-express-enable-external-request/

iis express enable external request

Shameless ripping of info from http://stackoverflow.com/questions/3313616/iis-express-enable-external-request

Add <binding protocol=”http” bindingInformation=”*:52591:*” />

to the <bindings> section of

%userprofile%\My Documents\IISExpress\config\applicationhost.config

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
  <system.applicationHost>
    <sites>
      <site name="iCentral" id="1580449741">
        <bindings>
          <binding protocol="http" bindingInformation="*:52591:*" />
        </bindings>
      </site>
    </sites>
  </system.applicationHost>
</configuration>

Note:
The snippet above is not a nearly a complete applicationhost.config, it just shows where the binding line is supposed to be in the hierarchy!

Hearthbleed (Raspberry Pi)

The affected versions of OpenSSL are OpenSSL 1.0.1 through 1.0.1f (inclusive). Later versions (1.0.1g and ulterior[60]) and previous versions (1.0.0 branch and older) are not vulnerable. Installations of the affected versions are vulnerable unless OpenSSL was compiled with OPENSSL_NO_HEARTBEATS.

http://en.wikipedia.org/wiki/Heartbleed#Affected_OpenSSL_installations

Check openssl version:

$> openssl version -a
OpenSSL 1.0.1e 11 Feb 2013
built on: Sun Mar 24 12:44:00 UTC 2013

That’s bad, update needed!

$> sudo apt-get update
$> sudo apt-get install -y libssl1.0.0 openssl

Check version again:

$> openssl version -a
OpenSSL 1.0.1e 11 Feb 2013
built on: Sun Apr 20 11:41:41 UTC 2014

Version is still one of the affected versions, but build-date indicates a patch.

According to http://www.raspberrypi.org/forums/viewtopic.php?t=74133 debian backported a patch to 1.0.1e-2+rvt+deb7u5

$> sudo apt-cache show openssl
Package: openssl
Version: 1.0.1e-2+rvt+deb7u7

We are good, just reboot now:

$> sudo reboot

Oh, also replace any and all certificates and make all users replace their passwords, you know the drill.

Linux services add/remove

Beaglebone:

add the service to autostart:
update-rc.d <servicename> defaults

remove the service:
update-rc.d -f <servicename> remove

 

Raspberry Pi:

as beaglebone, but with sudo in front of the rest, like:

add the service to autostart:
sudo update-rc.d <servicename> defaults

remove the service:
sudo update-rc.d -f <servicename> remove

-max