[Libwebsockets] libwebsockets-test-server and OpenSSL

Andy Green andy at warmcat.com
Fri Mar 20 23:04:40 CET 2015



On 21 March 2015 04:06:48 GMT+08:00, Derald Woods <woods.technical at gmail.com> wrote:
>Hello,
>
>I am encountering an OpenSSL issue, on my ARM system, when connecting
>with
>a browser. I was able to 'curl --insecure' the 'test.html' from the
>system,
>but the test server bails as shown below, when I try to connect with
>Firefox 36.0.1. The test server works as expected without SSL. Any
>suggestions? Is OpenSSL 1.0.2 being used by anyone?
>
>libwebsockets:
>Git 1677ca52ca92f749364bca95d72c32f81ef4e823
>
>OpenSSL> version
>OpenSSL 1.0.2 22 Jan 2015

Oh... that was the subject of an openssl security update a couple of days ago.

>~ # libwebsockets-test-server --ssl -d 32767
>lwsts[156]: libwebsockets test server - (C) Copyright 2010-2014 Andy
>Green <
>andy at warmcat.com> - licensed under LGPL2.1
>Using resource path "/usr/share/libwebsockets-test-server"
>lwsts[156]: Initial logging level 32767
>lwsts[156]: Library version: 1.3 1677ca5
>lwsts[156]: IPV6 not compiled in
>lwsts[156]: libev support not compiled in
>lwsts[156]:  LWS_MAX_HEADER_LEN: 1024
>lwsts[156]:  LWS_MAX_PROTOCOLS: 5
>lwsts[156]:  SPEC_LATEST_SUPPORTED: 13
>lwsts[156]:  AWAITING_TIMEOUT: 5
>lwsts[156]:  SYSTEM_RANDOM_FILEPATH: '/dev/urandom'
>lwsts[156]:  LWS_MAX_ZLIB_CONN_BUFFER: 65536
>lwsts[156]:  static allocation: 4480 + (12 x 1024 fds) = 16768 bytes
>lwsts[156]:  LWS_MAX_EXTENSIONS_ACTIVE: 3
>lwsts[156]:  canonical_hostname = 1813M00352
>lwsts[156]:  per-conn mem: 308 + 2140 headers + protocol rx buf
>lwsts[156]:  Compiled with OpenSSL support
>lwsts[156]:  Using SSL mode
>lwsts[156]:  HTTP2 / ALPN enabled
>lwsts[156]: insert_wsi_socket_into_fds: wsi=0x397b0, sock=7, fds pos=1
>lwsts[156]:  Listening on port 7681
>lwsts[156]:   Protocol: http-only
>lwsts[156]:   Protocol: dumb-increment-protocol
>lwsts[156]:   Protocol: lws-mirror-protocol
>lwsts[156]: insert_wsi_socket_into_fds: wsi=0x39fc0, sock=8, fds pos=2
>lwsts[156]: inserted SSL accept into fds, trying SSL_accept
>lwsts[156]: SSL_accept failed 1 /
>error:00000001:lib(0):func(0):reason(1)
>lwsts[156]: SSL_accept failed skt 7:
>error:00000001:lib(0):func(0):reason(1)
>lwsts[156]: close: just_kill_connection
>lwsts[156]: remove_wsi_socket_from_fds: wsi=0x39fc0, sock=8, fds pos=2
>lwsts[156]: not calling back closed
>lwsts[156]: insert_wsi_socket_into_fds: wsi=0x49e70, sock=8, fds pos=2
>lwsts[156]: inserted SSL accept into fds, trying SSL_accept
>lwsts[156]: SSL_accept failed 2 / error:00000002:lib(0):func(0):system
>lib
>lwsts[156]: SSL_ERROR_WANT_READ
>lwsts[156]: negotiated h2-14▒?@ using alpn

The problem seems around http2 upgrade, you can avoid it by disable http2 in cmake if you don't care about http2.

-Andy

>lwsts[156]: accepted new SSL conn
>lwsts[156]: service_fd: closing due to 0 length read
>lwsts[156]: Close and handled
>lwsts[156]: close: just_kill_connection
>lwsts[156]: remove_wsi_socket_from_fds: wsi=0x49e70, sock=8, fds pos=2
>lwsts[156]: not calling back closed




More information about the Libwebsockets mailing list