[Tsung] Tsung testing: TLS + ejabberd + Test Certificate

Pablo Polvorin ppolv at yahoo.com.ar
Thu Jul 5 18:18:32 CEST 2012


Hello,
is ejabberd listening for ssl connections on port 5222?,   the default
port for that is 5223  ,
being 5222 for plain tcp connections (that might be encrypted latter
on with <starttls/> command).



On 2 July 2012 19:29, Zach Calvert <zachcalvert at hemerasoftware.com> wrote:
> Hello,
> I’m new to tsung, so bear with me.  I’m trying to simply get my first
> basic jabber tsung script going.  I am running
>
> <?xml version="1.0"?>
> <!DOCTYPE tsung SYSTEM "/usr/local/share/tsung/tsung-1.0.dtd">
> <tsung loglevel="notice" version="1.0">
>
>   <clients>
>     <client host="localhost" use_controller_vm="true"></client>
>   </clients>
>
> <servers>
>   <server host="192.168.1.2" port="5222" type="ssl"></server>
> </servers>
>
>   <load>
>    <arrivalphase phase="1" duration="3" unit="minute">
>     <users interarrival="1" unit="second"></users>
>    </arrivalphase>
>   </load>
>
> <options>
>   <option type="ts_jabber" name="global_number" value="100"></option>
>   <option type="ts_jabber" name="userid_max" value="10000"></option>
>   <option type="ts_jabber" name="domain" value="centora"></option>
>   <option type="ts_jabber" name="username" value="zach"></option>
>   <option type="ts_jabber" name="passwd" value="zach"></option>
> </options>
>
>   <sessions>
>    <session probability="100" name="xmpp-connection" type="ts_jabber">
>
>     <request>
>        <jabber type="connect" ack="no_ack"></jabber>
>     </request>
>
>     <thinktime value="2"></thinktime>
>
>     <transaction name="authenticate">
>       <request> <jabber type="auth_get" ack="local"></jabber> </request>
>       <request> <jabber type="auth_set_plain" ack="local"></jabber> </request>
>     </transaction>
>
>
>     <thinktime value="30"></thinktime>
>
>     <transaction name="close">
>       <request> <jabber type="close" ack="no_ack"></jabber> </request>
>     </transaction>
>
>   </session>
> </sessions>
> </tsung>
>
>
> I have created users zach1…zach10000 with password zach1…zach10000
> respectively.  In the TSung logs, I have
>
> =ERROR REPORT==== 2-Jul-2012::17:13:50 ===
> ** State machine <0.108.0> terminating
> ** Last message in was {timeout,#Ref<0.0.0.542>,end_thinktime}
> ** When State == think
> **      Data  == {state_rcv,none,
>                      {{0,0,0,0},0},
>                      undefined,0,10000,"192.168.1.2",5222,ssl,
>                      {proto_opts,negociate,10,600000,32768,32768,undefined,
>                          undefined},
>                      false,1,undefined,true,undefined,
>                      {1341,267230,186726},
>                      23,23,false,undefined,0,[],<<>>,
>                      {jabber,undefined,undefined,undefined,undefined,
>                          undefined,undefined,undefined,0,undefined,undefined,
>                          undefined,undefined,undefined,undefined,undefined,
>                          undefined,undefined,undefined,undefined,undefined,
>                          undefined,undefined,undefined},
>                      0,9,524288,524288,
>                      {dyndata,
>                          [{tsung_userid,"9"}],
>                          {jabber_dyndata,undefined,undefined}},
>                     ts_jabber,[],undefined,none}
> ** Reason for termination =
> ** {badarg,[{erlang,atom_to_list,["record overflow"],[]},
>             {ts_client,reconnect,5,
>                        [{file,"src/tsung/ts_client.erl"},{line,871}]},
>             {ts_client,handle_next_request,2,
>                        [{file,"src/tsung/ts_client.erl"},{line,691}]},
>             {gen_fsm,handle_msg,7,[{file,"gen_fsm.erl"},{line,494}]},
>             {proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,227}]}]}
>
> =INFO REPORT==== 2-Jul-2012::17:13:53 ===
>            ts_client:(5:<0.110.0>) Stop in state think, reason= {badarg,
>                                                                  [{erlang,
>                                                                    atom_to_list,
>
> ["record overflow"],
>                                                                    []},
>                                                                   {ts_client,
>                                                                    reconnect,
>                                                                    5,
>                                                                    [{file,
>
> "src/tsung/ts_client.erl"},
>                                                                     {line,
>                                                                      871}]},
>                                                                   {ts_client,
>
> handle_next_request,
>                                                                    2,
>                                                                    [{file,
>
> "src/tsung/ts_client.erl"},
>                                                                     {line,
>                                                                      691}]},
>                                                                   {gen_fsm,
>                                                                    handle_msg,
>
> When running ./ejabberdctl connected_users
> None of the tsung users “zach#” ever connect, so I’m not even getting
> passed auth.  On ejabberd, my 5222 port is configured with
> {listen,
> [
>
>   {5222, ejabberd_c2s, [
>                         {certfile,
> "/opt/ecs/ejabberd-2.1.8/conf/server.pem"}, starttls_required,
>                         {access, c2s},
>                         {shaper, c2s_shaper},
>                         {max_stanza_size, 65536}
>                        ]},
>
> And I am using the default ejabberd SSL certificate, which I believe
> is self signed and certainly not a trusted certificate for the remote
> Tsung load tester.
>
> Also, I see port connections of 5222 on my ejabberd server (a la
> netstat –an | grep 5222), and most of which immediately bounce into
> TIME_WAIT, so I know I’m actually hitting my sever.
>
> Am I correct that this is an SSL problem?  If so, can you turn off SSL
> validation checking for Tsung?  If not, can you incorporate a
> self-signed cert into the Tsung trusts (is this openssl trust store
> being used)?
>
>
>
>
> Thank you,
> Zach Calvert
> _______________________________________________
> Tsung-users mailing list
> Tsung-users at lists.process-one.net
> https://lists.process-one.net/mailman/listinfo/tsung-users



-- 
Pablo Polvorin
ProcessOne


More information about the Tsung-users mailing list