2017-02-27 - Re: [GRASE-Hotspot] Re: issues with https login with Facebook

Header Data

From: Hotspotuser <jo***s@algardata.pt>
Message Hash: 6a4b60366cbb923fad6cc9d9be0430ea7ac678f4db2e98af77d56d0e570c6f7b
Message ID: <55cf84f5-9e00-4283-9793-ada807725d31@grasehotspot.org>
Reply To: <00c101d290f6$e86826a0$b93873e0$@gmail.com>
UTC Datetime: 2017-02-27 05:46:03 UTC
Raw Date: Mon, 27 Feb 2017 04:46:03 -0800

Raw message 

Daniel,

Seems like a expiring session issue... if it happens again try to check 
that.

segunda-feira, 27 de Fevereiro de 2017 às 12:42:10 UTC, Daniel Crusoe 
escreveu:
>
> Hey Tim,
>
>  
>
> I haven’t a clue what happened, last night I ran all the updates to the 
> bleeding edge (apt-get upgrade and apt-get dist-upgrade) and rebooted the 
> system like three times (was an issue I created with the login time out 
> that needed fixing) and now the issue has gone away… go figure… I can 
> access facebook from within my network again… I suspect it was a 
> certification error with the squid.. what ever it was, I have run a backup 
> of my working system  And will continue to work with it as is.. hoping 
> against hope that I don’t need to reload the backup to “fix” any future 
> problems. 
>
>  
>
> *From:* Timothy White [mailto:ti***.@gmail.com <javascript:>] 
> *Sent:* 27 February 2017 13:36
> *To:* Grase Hotspot
> *Subject:* Re: [GRASE-Hotspot] Re: issues with https login with Facebook
>
>  
>
> Hi Daniel
>
>  
>
> It's really odd the error you are getting. The first part suggests that 
> your browser attempted to access http://www.facebook.com, and due to HSTS 
> Firefox is forcing you to HTTPS. However, the certificate for HTTPS fails. 
> Except, that's where I get confused. There shouldn't be a HTTPS service 
> running on the hotspot to give a certificate, it should be a redirect on 
> the HTTP level, and if firefox upgrades to HTTPS, it should timeout. Do you 
> have any services on the Grase server running on port 443?
>
>  
>
> Unfortunately, (or fortunately, depending on your POV), with the move 
> towards SSL and HSTS, captive portals are becoming harder to make work. 
> However, the good news is that modern OS's are aware of this, and are 
> working to better support them. This includes Android, iOS and Windows (8 
> and newer I think) sending out probe requests to first detect a captive 
> portal, when a new network connection is made. This just means clients on 
> older OS's don't always get a good experience, as the sites they often load 
> are HTTPS only (HSTS), and so the captive portal redirection just doesn't 
> work properly.
>
>  
>
> I actively look at captive portal detection methods, to ensure that the 
> Grase Hotspot is using as many as possible, but if you find ones that we 
> aren't using, let me know and I'll do my best to implement them.
>
>  
>
> Regards
>
>
> Tim
>
>  
>
> On Mon, Feb 27, 2017 at 5:23 AM, Daniel Crusoe <di***.@gmail.com 
> <javascript:>> wrote:
>
>
> <https://lh3.googleusercontent.com/-zQHQ3GTHEZw/WLMq4i6kV1I/AAAAAAAAgpY/fJBjDUDtv1UIBIJopE626FbxPnfK0E65wCLcB/s1600/internet%2Bfault.jpg>
>
>
> <https://lh3.googleusercontent.com/-zQHQ3GTHEZw/WLMq4i6kV1I/AAAAAAAAgpY/fJBjDUDtv1UIBIJopE626FbxPnfK0E65wCLcB/s1600/internet%2Bfault.jpg>
>
> sigh... so it worked fine for a day, then the whole network just stopped 
> working.. so i uninstalled grase, updated the server to the latest 14.04 
> stuff and then re-installed grase (most of the settings remained yay) but 
> when i tried to connect to facebook from inside the grase network i got 
> this error again (cant believe i didnt post it the first time)
>
>
> -- 
> This mailing list is for the Grase Hotspot Project http://grasehotspot.org
> --- 
> You received this message because you are subscribed to the Google Groups 
> "Grase Hotspot" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to gr***.@grasehotspot.org <javascript:>.
> To post to this group, send email to gr***.@grasehotspot.org 
> <javascript:>.
> Visit this group at 
> https://groups.google.com/a/grasehotspot.org/group/grase-hotspot/.
> To view this discussion on the web visit 
> https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/ff5b60e8-5357-4d6e-af17-786ed1af5f76%40grasehotspot.org 
> <https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/ff5b60e8-5357-4d6e-af17-786ed1af5f76%40grasehotspot.org?utm_medium=email&utm_source=footer>
> .
>
>  
>
> -- 
> This mailing list is for the Grase Hotspot Project http://grasehotspot.org
> --- 
> You received this message because you are subscribed to the Google Groups 
> "Grase Hotspot" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to gr***.@grasehotspot.org <javascript:>.
> To post to this group, send email to gr***.@grasehotspot.org 
> <javascript:>.
> Visit this group at 
> https://groups.google.com/a/grasehotspot.org/group/grase-hotspot/.
> To view this discussion on the web visit 
> https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/CAESLx0JsrT98K8EtsBafwTcgByYU_jyUMz1TzENhPGmdtRTUDA%40mail.gmail.com 
> <https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/CAESLx0JsrT98K8EtsBafwTcgByYU_jyUMz1TzENhPGmdtRTUDA%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
>
>
> ------------------------------
> [image: Avast logo] <https://www.avast.com/antivirus> 
>
> This email has been checked for viruses by Avast antivirus software. 
> www.avast.com <https://www.avast.com/antivirus> 
>
>

Thread