Reply
Thread Tools
peterleinchen's Avatar
Posts: 4,117 | Thanked: 8,901 times | Joined on Aug 2010 @ Ruhrgebiet, Germany
#111
Yeah, sure!
__________________
SIM-Switcher, automated SIM switching with a Double (Dual) SIM adapter
--
Thank you all for voting me into the Community Council 2014-2016!

Please consider your membership / supporting Maemo e.V. and help to spread this by following/copying this link to your TMO signature:
[MC eV] Maemo Community eV membership application, http://talk.maemo.org/showthread.php?t=94257

editsignature, http://talk.maemo.org/profile.php?do=editsignature
 
joerg_rw's Avatar
Posts: 2,222 | Thanked: 12,651 times | Joined on Mar 2010 @ SOL 3
#112
Originally Posted by peterleinchen View Post
I know that (and openssl returns also error when not pointed to /etc/certs/common-ca).
But why on earth does cmcli return an error even when pointed explicitly to common-ca???
That made me thinking of hard-coded certs in GPS blob.

And why supl.nokia.com returns result for N900 when using proxy?
caveat: afaik supl.nokia.com is geo-ip, and just _some_ (most?) of the boxen are broken. You however may pick a good one at random
Code:
jr@saturn:~> host supl.nokia.com
supl.nokia.com is an alias for nokia.supl.svc.ovi.com.
nokia.supl.svc.ovi.com is an alias for nokia.supl.geo.geodns.fi.
nokia.supl.geo.geodns.fi is an alias for de.nokia.supl.geodns.fi.
de.nokia.supl.geodns.fi has address 213.157.72.147
jr@saturn:~>

/j
__________________
Maemo Community Council member [2012-10, 2013-05, 2013-11, 2014-06 terms]
Hildon Foundation Council inaugural member.
MCe.V. foundation member

EX Hildon Foundation approved
Maemo Administration Coordinator (stepped down due to bullying 2014-04-05)
aka "techstaff" - the guys who keep your infra running - Devotion to Duty http://xkcd.com/705/

IRC(freenode): DocScrutinizer*
First USB hostmode fanatic, father of H-E-N

Last edited by joerg_rw; 2013-08-28 at 12:56.
 

The Following 8 Users Say Thank You to joerg_rw For This Useful Post:
Guest | Posts: n/a | Thanked: 0 times | Joined on
#113
May I add:
# host supl.nokia.com
supl.nokia.com is an alias for nokia.supl.svc.ovi.com.
nokia.supl.svc.ovi.com is an alias for nokia.supl.geo.geodns.fi.
nokia.supl.geo.geodns.fi is an alias for dk.nokia.supl.geodns.fi.
dk.nokia.supl.geodns.fi has address 83.150.75.211
 

The Following 6 Users Say Thank You to For This Useful Post:
Posts: 46 | Thanked: 160 times | Joined on Jun 2010 @ Germany, Berlin
#114
Originally Posted by handaxe View Post
Could and should maemo.org run supl-proxy for us?
I was thinking of this too (okay, more have it running on my dyndns linux box). Main issue is: supl-proxy stops after each request/session.
Someone would have to extend the code to a forked mode or sth ...

Originally Posted by handaxe View Post
How much traffic (kb/mb) in an exchange?
See my logfiles. About 3kB for sirf, nokia and vodafone (with result) . 40-50kB for google and sonyericsson (no usable result). Of course double each at proxy server.

Originally Posted by handaxe View Post
Was it easy to build? (for linux?).
For the ones still interested:
Installation of supl-* from tajuma.com is fairly easy linux standard. The software package has pretty good documentation i.e. a README which is definitely worth the name.
I didn't try building it for N900, I wouldn't know where to start for that.
I recommend installing it on a linux machine in your local network with
Code:
./configure --precompiled-asn1 --prefix=/usr/ && make && sudo make install
Generate the required certificates with included supl-cert prog. Instead of a fqdn as the first param just give the ipaddress of your linux machine. Then scp the file ca-cert.pem to your N900 and install it as a common certification authority with (as root)
Code:
cmcli -c common-ca -a /path/to/ca-cert.pem
Then do the preceeding steps from my previous post, setting location server in N900 to your linux box ip address.
 

The Following 7 Users Say Thank You to Ulle For This Useful Post:
Posts: 46 | Thanked: 160 times | Joined on Jun 2010 @ Germany, Berlin
#115
Originally Posted by joerg_rw View Post
Code:
nokia.supl.geo.geodns.fi is an alias for de.nokia.supl.geodns.fi.
de.nokia.supl.geodns.fi has address 213.157.72.147
Originally Posted by nieldk View Post
Code:
nokia.supl.geo.geodns.fi is an alias for dk.nokia.supl.geodns.fi.
dk.nokia.supl.geodns.fi has address 83.150.75.211
Thats interesting!
So we need to find a working nokia.supl box (maybe from nokiabot in india?) and put that ip into /etc/hosts on our N900 ...

Edit: That probably doesn't solve the cert issues
Edit2: There seem to be just 4 ip addresses around for supl.nokia.com:
211.151.53.216
213.157.72.147
213.157.79.103
83.150.75.211

Last edited by Ulle; 2013-08-28 at 15:57.
 

The Following 8 Users Say Thank You to Ulle For This Useful Post:
Posts: 1,378 | Thanked: 1,604 times | Joined on Jun 2010 @ Göteborg, Sweden
#116
Whilst there is yet no solution, this thread has expanded knowledge!

If supl.nokia is geo variable yet actually works for some (does it? Nokiabot did not report back on a reboot scenario with ACWP) then certs may not be a critical factor.
 
pichlo's Avatar
Posts: 6,445 | Thanked: 20,981 times | Joined on Sep 2012 @ UK
#117
Originally Posted by Ulle View Post
There seem to be just 4 ip addresses around for supl.nokia.com:
211.151.53.216
213.157.72.147
213.157.79.103
83.150.75.211
That may well be so.
This is from my machine at work:
Code:
$ host supl.nokia.com
supl.nokia.com is an alias for nokia.supl.svc.ovi.com.
nokia.supl.svc.ovi.com is an alias for nokia.supl.geo.geodns.fi.
nokia.supl.geo.geodns.fi is an alias for us.nokia.supl.geodns.fi.
us.nokia.supl.geodns.fi has address 213.157.72.147
$
...and this is from home:
Code:
$ host supl.nokia.com
supl.nokia.com is an alias for nokia.supl.svc.ovi.com.
nokia.supl.svc.ovi.com is an alias for nokia.supl.geo.geodns.fi.
nokia.supl.geo.geodns.fi is an alias for uk.nokia.supl.geodns.fi.
uk.nokia.supl.geodns.fi has address 213.157.72.147
$
Note the us versus uk but the IP addresses are the same.

FWIW, none of the 5 URLs from post #101 nor the nieldk's IP address (83 etc) worked for me. I am in the UK, tested with ACWP on a home WiFi network. My last lock was one reboot and about a week ago and about 100 km away so caching is out of the equasion.
 

The Following 6 Users Say Thank You to pichlo For This Useful Post:
Posts: 3,074 | Thanked: 12,960 times | Joined on Mar 2010 @ Sofia,Bulgaria
#118
Hmm, this is getting more weird:

Code:
Nokia-N900:~# cmcli -T common-ca -v cert.pem -e
 trust chain:
   7fd365a7c2ddecbbf03009f34339fa02af333133 VeriSign Class 3 Public Primary Certification Authority - G5
   +->0d445c165344c1827e1d20ab25f40163d8be79a5 VeriSign Class 3 Secure Server CA - G3
      +->1ad16dd494e161abd39bd94ed94bf8eafe4ede28 supl.nokia.com
Verified OK
Nokia-N900:~# cmcli -T common-ca -v supl.nokia.com:7275 -e
1ad16dd494e161abd39bd94ed94bf8eafe4ede28 supl.nokia.com
 Verification failed: self signed certificate
__________________
Never fear. I is here.

720p video support on N900,SmartReflex on N900,Keyboard and mouse support on N900
Nothing is impossible - Stable thumb2 on n900

Community SSU developer
kernel-power developer and maintainer

 

The Following 9 Users Say Thank You to freemangordon For This Useful Post:
Posts: 3,074 | Thanked: 12,960 times | Joined on Mar 2010 @ Sofia,Bulgaria
#119
Code:
Nokia-N900:~# cmcli -T common-ca -v supl.nokia.com:7275
1ad16dd494e161abd39bd94ed94bf8eafe4ede28 supl.nokia.com
 trust chain(1):
   00d85a4c25c122e58b31ef6dbaf3cc5f29f10d61 Class 3 Public Primary Certification Authority/VeriSign, Inc./US
Verified OK
Code:
Aug 29 00:41:53 Nokia-N900 [1412]: GLIB DEBUG default - location-sb: fix status changed: 0->1
Aug 29 00:41:53 Nokia-N900 location-daemon[22482]: GLIB DEBUG default - :1.65 now having 1 connections
Aug 29 00:41:53 Nokia-N900 location-daemon[22482]: GLIB DEBUG default - Starting a new LAS session with method = 0xa, interval = 0x0, reason = 0
Aug 29 00:41:53 Nokia-N900 location-daemon[22482]: GLIB DEBUG default - Tracking ongoing, status: 1, npe_id: 9
Aug 29 00:41:53 Nokia-N900 location-proxy[22480]: GLIB DEBUG default - Socket to supl.nokia.com opened, fd=10, verify_res=0
Aug 29 00:41:53 Nokia-N900 location-proxy[22480]: GLIB DEBUG default - Socket fd=10 closed on request
Aug 29 00:41:54 Nokia-N900 location-daemon[22482]: GLIB DEBUG default - GPS STATE: search
Aug 29 00:41:54 Nokia-N900 camera-ui[1415]: GLIB WARNING ** default - got fix
Aug 29 00:42:14 Nokia-N900 location-daemon[22482]: GLIB DEBUG default - GPS STATE: fix
:P

(Seems we have a broken .pem/invalid certificate in /etc/certs/common-ca)
__________________
Never fear. I is here.

720p video support on N900,SmartReflex on N900,Keyboard and mouse support on N900
Nothing is impossible - Stable thumb2 on n900

Community SSU developer
kernel-power developer and maintainer

 

The Following 11 Users Say Thank You to freemangordon For This Useful Post:
joerg_rw's Avatar
Posts: 2,222 | Thanked: 12,651 times | Joined on Mar 2010 @ SOL 3
#120
hmm, could you please explain to me what I see in post above, and what I conclude from that. I'm probably not into this cert stuff enough to even interprete the cmcli commands and their diagnostic output, the less I see how we're going to fix this stuff now.

/j
__________________
Maemo Community Council member [2012-10, 2013-05, 2013-11, 2014-06 terms]
Hildon Foundation Council inaugural member.
MCe.V. foundation member

EX Hildon Foundation approved
Maemo Administration Coordinator (stepped down due to bullying 2014-04-05)
aka "techstaff" - the guys who keep your infra running - Devotion to Duty http://xkcd.com/705/

IRC(freenode): DocScrutinizer*
First USB hostmode fanatic, father of H-E-N
 

The Following 3 Users Say Thank You to joerg_rw For This Useful Post:
Reply

Tags
a-gps, nokia n900

Thread Tools

 
Forum Jump


All times are GMT. The time now is 20:59.