Project

General

Profile

Bug #3

fiducia.de HBCI Endpoint stopped working

Added by eesen over 3 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
Normal
Category:
-
Start date:
03/19/2018
Due date:
Betriebssystem:
AqBanking-Version:
Anwendung:
Version der Anwendung:

Description

AqBanking Version: 5.7.6
Gwenhywfar: 4.18.0

HBCI URL setup command: aqhbci-tool4 adduser -s https://hbci11.fiducia.de/cgi-bin/hbciservlet -b 67230000 -u [MY_CUSTOMER_NUMBER] -N [MY_BANK_ACCOUNTNUMBER] -t pintan --hbciversion=300
Second setup command: aqhbci-tool4 adduserflags -f forceSsl3 -c [MY_CUSTOMER_NUMBER]

Now running getsysid with: aqhbci-tool4 -A -P pinfile getsysid -c [MY_CUSTOMER_NUMBER]

this fails since a few weeks with following error:

Locking users
Locking user [MY_CUSTOMER_NUMBER]
Executing HBCI jobs
AqHBCI started
There are no tan method descriptions (yet), trying One-Step TAN.
Encoding queue
Sending queue
Connecting to server...
Resolving hostname "hbci11.fiducia.de" ...
IP address is "195.200.35.18" 
Connecting to "hbci11.fiducia.de" 
Connected to "hbci11.fiducia.de" 
Using GnuTLS default ciphers.
TLS: SSL-Ciphers negotiated: TLS1.2:ECDHE-RSA-AES-256-GCM:AEAD
5:2018/03/19 19-47-39:aqbanking(2366):abgui.c:  165: Automatically accepting certificate [D8:CD:2B:25:0B:6E:97:7A:B2:F3:0D:52:1D:25:BF:A9]
Connected.
Sending message...
Message sent.
Waiting for response
Receiving response...
3:2018/03/19 19-47-39:gwen(2366):syncio_tls.c: 1336: gnutls_record_recv: -110 (The TLS connection was non-properly terminated.)
3:2018/03/19 19-47-39:gwen(2366):syncio_tls.c: 1354: Detected premature disconnect by server (violates specs!)
No message received
Error receiving response (-110)
AqHBCI finished.
3:2018/03/19 19-47-39:aqhbci(2366):provider.c: 1464: Job has no system id and no iTAN results
3:2018/03/19 19-47-39:(null)(2366):getsysid.c:  157: Error getting system id (-1)

For other bank accounts running against other banks it is running fine, but only this bank account it doesn't work. Any idea? I also contacted my bank, even the IT guys over there checked my case, they said, it must be the software, they didn't find any problem on their side.

This suddenly stopped working, i also tried reinstalling everything with latest, no luck.

History

#1 Updated by martin over 3 years ago

  • Status changed from New to In Progress
  • Assignee set to martin

Hi,

it is in fact a problem of the server. It prematurely hangs up a connection without performing the necessary TLS handshake for closing a connection. This is a violation of the specifications, and that's what AqBanking says in the logs.

However, newer versions of AqBanking have a way around this bug. Just execute this:

aqhbci-tool4 adduserflags -b BLZ -f tlsIgnPrematureClose 

and after that AqBanking will ignore this violation.

Could you please report back whether that solves your problem?

Regards
Martin

#2 Updated by eesen over 3 years ago

Hey cool. Just added the flag, now it is working.

Does this affect my connection in any negative way or can i keep using the flag?

Thanks a lot.

#3 Updated by martin over 3 years ago

  • Status changed from In Progress to Closed

Hi,

nope, it just accepts when a server cuts the connection prematurely, no ill side effects known.

Regards
Martin

#4 Updated by martin over 3 years ago

  • % Done changed from 0 to 100

Also available in: Atom PDF