[Libwebsockets] SSL_accept failed SSL_ERROR_WANT_READ

Thomas Spitz thomas.spitz at hestia-france.com
Wed Jan 29 21:04:16 CET 2014


Dear everyone,

Using simple libwebsockets-test-server with SSL, I always have the
following debug message :

lwsts[662]: SSL_accept failed 2 / error:00000002:lib(0):func(0):system lib
lwsts[662]: SSL_ERROR_WANT_READ

whereas my certificate are correctly set in the browser and it is
recognized by it. Moreover, the connection seems completly OK.

Here below the complete trace :


# ./libwebsockets-test-server -d 31 -ssl
> ./libwebsockets-test-server: invalid option -- l
> lwsts[662]: libwebsockets test server - (C) Copyright 2010-2013 Andy Green
> <andy at warmcat.com> - licensed under LGPL2.1
> lwsts[662]: Initial logging level 31
> lwsts[662]: Library version: 1.3 a638d5a
> lwsts[662]:  LWS_MAX_HEADER_LEN: 1024
> lwsts[662]:  LWS_MAX_PROTOCOLS: 5
> lwsts[662]:  LWS_MAX_EXTENSIONS_ACTIVE: 3
> lwsts[662]:  SPEC_LATEST_SUPPORTED: 13
> lwsts[662]:  AWAITING_TIMEOUT: 5
> lwsts[662]:  SYSTEM_RANDOM_FILEPATH: '/dev/urandom'
> lwsts[662]:  LWS_MAX_ZLIB_CONN_BUFFER: 65536
> lwsts[662]:  static allocation: 4452 + (12 x 1024 fds) = 16740 bytes
> lwsts[662]:  canonical_hostname =myProduct
> lwsts[662]:  Compiled with OpenSSL support
> lwsts[662]:  Using SSL mode
> lwsts[662]:  per-conn mem: 124 + 1554 headers + protocol rx buf
> lwsts[662]: insert_wsi_socket_into_fds: wsi=0x82fca0, sock=5, fds pos=0
> lwsts[662]:  Listening on port 7681
> lwsts[662]: insert_wsi_socket_into_fds: wsi=0x830000, sock=6, fds pos=1
> lwsts[662]: inserted SSL accept into fds, trying SSL_accept
> lwsts[662]: SSL_accept failed 2 / error:00000002:lib(0):func(0):system lib
> lwsts[662]: SSL_ERROR_WANT_READ
> lwsts[662]: accepted new SSL conn
> lwsts[662]: HTTP GET request for '/'
>     GET URI = /
>     Host = 192.168.1.5:7681
>     Connection = keep-alive
>     Accept: =
> text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
>     Accept-Encoding: = gzip,deflate,sdch
>     Accept-Language: = fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4
>     Cache-Control: = max-age=0
>     Cookie: = test=LWS_1322044_360921_COOKIE
> lwsts[662]: LWS_CALLBACK_HTTP closing
> lwsts[662]: closing connection at libwebsocket_read bail:
> lwsts[662]: closing http fd 7
> lwsts[662]: close: just_kill_connection
> lwsts[662]: remove_wsi_socket_from_fds: wsi=0x830000, sock=6, fds pos=1
> lwsts[662]: calling back CLOSED_HTTP
> lwsts[662]: insert_wsi_socket_into_fds: wsi=0x842728, sock=6, fds pos=1
> lwsts[662]: inserted SSL accept into fds, trying SSL_accept
> lwsts[662]: SSL_accept failed 2 / error:00000002:lib(0):func(0):system lib
> lwsts[662]: SSL_ERROR_WANT_READ
> lwsts[662]: insert_wsi_socket_into_fds: wsi=0x842478, sock=7, fds pos=2
> lwsts[662]: inserted SSL accept into fds, trying SSL_accept
> lwsts[662]: SSL_accept failed 2 / error:00000002:lib(0):func(0):system lib
> lwsts[662]: SSL_ERROR_WANT_READ
> lwsts[662]: accepted new SSL conn
> lwsts[662]: HTTP GET request for '/libwebsockets.org-logo.png'
>     GET URI = /libwebsockets.org-logo.png
>     Host = 192.168.1.5:7681
>     Connection = keep-alive
>     Accept: = image/webp,*/*;q=0.8
>     Accept-Encoding: = gzip,deflate,sdch
>     Accept-Language: = fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4
>     Cache-Control: = max-age=0
>     Cookie: = test=LWS_1322044_360921_COOKIE
>     Referer: = https://192.168.1.5:7681/
> lwsts[662]: LWS_CALLBACK_HTTP closing
> lwsts[662]: closing connection at libwebsocket_read bail:
> lwsts[662]: closing http fd 8
> lwsts[662]: close: just_kill_connection
> lwsts[662]: remove_wsi_socket_from_fds: wsi=0x842728, sock=6, fds pos=1
> lwsts[662]: calling back CLOSED_HTTP
> lwsts[662]: accepted new SSL conn
> lwsts[662]: insert_wsi_socket_into_fds: wsi=0x842728, sock=6, fds pos=2
> lwsts[662]: inserted SSL accept into fds, trying SSL_accept
> lwsts[662]: SSL_accept failed 2 / error:00000002:lib(0):func(0):system lib
> lwsts[662]: SSL_ERROR_WANT_READ
>     GET URI = /xxx
>     Host = 192.168.1.5:7681
>     Connection = Upgrade
>     Protocol = dumb-increment-protocol
>     Upgrade = websocket
>     Origin = https://192.168.1.5:7681
>     Key = C6VIbVBhaimYeXV0uI6pMQ==
>     Version = 13
>     Extensions = permessage-deflate; client_max_window_bits,
> x-webkit-deflate-frame
>     Pragma: = no-cache
>     Cache-Control: = no-cache
>     Cookie: = test=LWS_1322044_360921_COOKIE
> lwsts[662]: callback_dumb_increment: LWS_CALLBACK_ESTABLISHED
> lwsts[662]: Allocating RX buffer 32
> lwsts[662]: accepted new SSL conn
> lwsts[662]: insert_wsi_socket_into_fds: wsi=0x83faf8, sock=8, fds pos=3
> lwsts[662]: inserted SSL accept into fds, trying SSL_accept
> lwsts[662]: SSL_accept failed 2 / error:00000002:lib(0):func(0):system lib
> lwsts[662]: SSL_ERROR_WANT_READ
> lwsts[662]: HTTP GET request for '/favicon.ico'
>     GET URI = /favicon.ico
>     Host = 192.168.1.5:7681
>     Connection = keep-alive
>     Accept: = */*
>     Accept-Encoding: = gzip,deflate,sdch
>     Accept-Language: = fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4
>     Cookie: = test=LWS_1322044_360921_COOKIE
> lwsts[662]: LWS_CALLBACK_HTTP closing
> lwsts[662]: closing connection at libwebsocket_read bail:
> lwsts[662]: closing http fd 9
> lwsts[662]: close: just_kill_connection
> lwsts[662]: remove_wsi_socket_from_fds: wsi=0x842728, sock=6, fds pos=2
> lwsts[662]: calling back CLOSED_HTTP
> lwsts[662]: deflate-frame ext TX did realloc to 4
> lwsts[662]: deflate-frame ext TX did realloc to 4
> lwsts[662]: deflate-frame ext TX did realloc to 4
> lwsts[662]: accepted new SSL conn
>     GET URI = /xxx
>     Host = 192.168.1.5:7681
>     Connection = Upgrade
>     Protocol = lws-mirror-protocol
>     Upgrade = websocket
>     Origin = https://192.168.1.5:7681
>     Key = 4KS2kzukHEgwOhJVd9IxMg==
>     Version = 13
>     Extensions = permessage-deflate; client_max_window_bits,
> x-webkit-deflate-frame
>     Pragma: = no-cache
>     Cache-Control: = no-cache
>     Cookie: = test=LWS_1322044_360921_COOKIE
> lwsts[662]: callback_lws_mirror: LWS_CALLBACK_ESTABLISHED
> lwsts[662]: Allocating RX buffer 150



Using libwebsocket in my own program (multi threaded app on embedded linux
arm), I also have those kind of error but with slightly different code
number. In this app, I namely added the following code to
libwebsocket-test-server:

case LWS_CALLBACK_FILTER_NETWORK_CONNECTION:
libwebsockets_get_peer_addresses(context, wsi, (int) (long) in,
client_name, sizeof(client_name), client_ip, sizeof(client_ip));
 /* if we returned non-zero from here, we kill the connection */
break;
I also wonder why I sometimes get "gethostbyaddr: Resource temporarily
unavailable" message. Besides, my app on LAN or WAN with a default route
gateway (egg: route add default gw 192.168.1.1), it works not too bad but
as soon as I do the following :
 - Remove access to the gateway from the LAN : An other computer on the
same LAN as the server cannot have webpage served by the server although
they both can reach each other using ping. (Moreover, using the default
libwebsocket-test-server it works).
 - Use an other computer to upload a very big file to an external server
(using filezila)
It either doesn't work at all or take 50 times more time than usual.

Notes:
- My webpage is linked to several external files (css, js, img)
- In this test I do use only HTTP (no websocket)

gethostbyaddr: Success
> lwsts[622]: insert_wsi_socket_into_fds: wsi=0x10b2a0, sock=10, fds pos=1
> lwsts[622]: inserted SSL accept into fds, trying SSL_accept
> lwsts[622]: SSL_accept failed 2 / error:00000002:lib(0):func(0):system lib
> lwsts[622]: SSL_ERROR_WANT_READ
> lwsts[622]: accepted new SSL conn
> lwsts[622]: HTTP GET request for '/index.html'
>     GET URI = /index.html
>     Host = 192.168.1.5
>     Connection = keep-alive
>     Accept: =
> text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
>     Accept-Encoding: = gzip,deflate,sdch
>     Accept-Language: = fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4
>     Cache-Control: = max-age=0
> lwsts[622]: LWS_CALLBACK_HTTP closing
> lwsts[622]: closing connection at libwebsocket_read bail:
> lwsts[622]: closing http fd 11
> lwsts[622]: close: just_kill_connection
> lwsts[622]: remove_wsi_socket_from_fds: wsi=0x10b2a0, sock=10, fds pos=1
> lwsts[622]: calling back CLOSED_HTTP
> gethostbyaddr: Success
> lwsts[622]: insert_wsi_socket_into_fds: wsi=0x10b2a0, sock=10, fds pos=1
> lwsts[622]: inserted SSL accept into fds, trying SSL_accept
> lwsts[622]: SSL_accept failed 2 / error:00000002:lib(0):func(0):system lib
> lwsts[622]: SSL_ERROR_WANT_READ
> gethostbyaddr: Resource temporarily unavailable
> lwsts[622]: insert_wsi_socket_into_fds: wsi=0x11bf78, sock=11, fds pos=2
> lwsts[622]: inserted SSL accept into fds, trying SSL_accept
> lwsts[622]: SSL_accept failed 5 / error:00000005:lib(0):func(0):DH lib
> lwsts[622]: SSL_accept failed skt 9: error:00000005:lib(0):func(0):DH lib
> lwsts[622]: close: just_kill_connection
> lwsts[622]: remove_wsi_socket_from_fds: wsi=0x11bf78, sock=11, fds pos=2
> lwsts[622]: not calling back closed
> lwsts[622]: TIMEDOUT WAITING
> lwsts[622]: close: just_kill_connection
> lwsts[622]: remove_wsi_socket_from_fds: wsi=0x10b2a0, sock=10, fds pos=1
> lwsts[622]: not calling back closed
> gethostbyaddr: Success
> lwsts[622]: insert_wsi_socket_into_fds: wsi=0x10b2a0, sock=10, fds pos=1
> lwsts[622]: inserted SSL accept into fds, trying SSL_accept
> lwsts[622]: SSL_accept failed 5 / error:00000005:lib(0):func(0):DH lib
> lwsts[622]: SSL_accept failed skt 9: error:00000005:lib(0):func(0):DH lib
> lwsts[622]: close: just_kill_connection
> lwsts[622]: remove_wsi_socket_from_fds: wsi=0x10b2a0, sock=10, fds pos=1
> lwsts[622]: not calling back closed


Hope someone has advices to share :-)

 Thanks in advance
BR,
Thomas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://libwebsockets.org/pipermail/libwebsockets/attachments/20140129/c7f558b5/attachment.html>


More information about the Libwebsockets mailing list