[Libwebsockets] error when ssl enabled

satya gowtham kudupudi satyagowtham.k at gmail.com
Mon Dec 5 13:06:47 CET 2016


libwebsockets-test-server --ssl ran exceptionally well
libwebsockets-test-server.pem and libwebsockets-test-server.key.pem
With my custom server are working. I have changed port form 80 to 443. Now https://ubuntu.local <https://ubuntu.local/> is loading. But however for resources referred with in index.html, like .css,.png,.js etc. browser says 
Failed to load resource: cannot parse response. Below is the log from my custom server after using the libwebsockets' pem files.

[2016/12/05 17:34:06:1347] NOTICE: Built to support server operations
lwsts[28492]: libwebsockets test server - license LGPL2.1+SLE
lwsts[28492]: (C) Copyright 2010-2016 Andy Green <andy at warmcat.com>
lwsts[28492]: Running in server mode
lwsts[28492]: Initial logging level 7
lwsts[28492]: Libwebsockets version: 2.1.0 gowtham at ubuntu-v2.0.0-170-g7355750
lwsts[28492]: IPV6 not compiled in
lwsts[28492]: libev support not compiled in
lwsts[28492]: libuv support not compiled in
lwsts[28492]:  Threads: 1 each 1024 fds
lwsts[28492]:  mem: platform fd map:  8192 bytes
lwsts[28492]:  Compiled with OpenSSL support
[2016-12-05 17:34:06 NTC run]: waiting for a connection on 9271 ...
lwsts[28492]: Creating Vhost 'default' port 443, 2 protocols, IPv6 off
lwsts[28492]:  SSL ciphers: 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4:!HMAC_SHA1:!SHA1:!DHE-RSA-AES128-GCM-SHA256:!DHE-RSA-AES128-SHA256:!AES128-GCM-SHA25
lwsts[28492]:  Using SSL mode
lwsts[28492]:  SSL ECDH curve 'prime256v1'
lwsts[28492]:  Listening on port 443
lwsts[28492]:  mem: per-conn:          512 bytes + protocol rx buf
lwsts[28492]:  canonical_hostname = ubuntu
lwsts[28492]: lws_protocol_init
lwsts[28492]: SNI: Unknown ServerName: ubuntu.local
    GET URI /
    Host ubuntu.local
    Connection keep-alive
    Extensions HTTP/1.1
    Nonce text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
    Accept-Encoding: gzip, deflate
    Accept-Language: en-us
    Cache-Control: max-age=0
    Cookie: session_id=1
    GET URI /css/app.css
    Host ubuntu.local
    Connection keep-alive
    Extensions HTTP/1.1
    Nonce text/css,*/*;q=0.1
    Accept-Encoding: gzip, deflate
    Accept-Language: en-us
    Cache-Control: max-age=0
    Cookie: session_id=1; session_id=1
    Referer: https://ubuntu.local/
lwsts[28492]: SNI: Unknown ServerName: ubuntu.local
    GET URI /js/main.js
    Host ubuntu.local
    Connection keep-alive
    Extensions HTTP/1.1
    Nonce */*
    Accept-Encoding: gzip, deflate
    Accept-Language: en-us
    Cache-Control: max-age=0
    Cookie: session_id=1; session_id=1
    Referer: https://ubuntu.local/

> On 05-Dec-2016, at 4:11 PM, Andy Green <andy at warmcat.com> wrote:
> 
> On Mon, 2016-12-05 at 16:04 +0530, satya gowtham kudupudi wrote:
>> I could able to help only one guy; and did it till he got through it.
> 
> Did you read my email?
> 
>> Here is the complete log. Please help get me through this. I will
>> definitely spare time for the community.
> 
> Yeah, right.
> 
>> [2016/12/05 14:35:50:6828] NOTICE: Built to support server operations
>> [2016-12-05 14:35:50 NTC run]: waiting for a connection on 9271 ...
> 
> Just run the unchanged lws test server and repeat the steps I listed.
> 
> What does it do?
> 
> -Andy
> 
>> lwsts[27892]: libwebsockets test server - license LGPL2.1+SLE
>> lwsts[27892]: (C) Copyright 2010-2016 Andy Green <andy at warmcat.com>
>> lwsts[27892]: Running in server mode
>> lwsts[27892]: Initial logging level 65535
>> lwsts[27892]: Libwebsockets version: 2.1.0 gowtham at ubuntu-v2.0.0-170-
>> g7355750
>> lwsts[27892]: IPV6 not compiled in
>> lwsts[27892]: libev support not compiled in
>> lwsts[27892]: libuv support not compiled in
>> lwsts[27892]:  LWS_DEF_HEADER_LEN    : 4096
>> lwsts[27892]:  LWS_MAX_PROTOCOLS     : 5
>> lwsts[27892]:  LWS_MAX_SMP           : 32
>> lwsts[27892]:  SPEC_LATEST_SUPPORTED : 13
>> lwsts[27892]:  sizeof (*info)        : 320
>> lwsts[27892]:  SYSTEM_RANDOM_FILEPATH: '/dev/urandom'
>> lwsts[27892]:  default timeout (secs): 5
>> lwsts[27892]:  Threads: 1 each 1024 fds
>> lwsts[27892]:  mem: context:          9272 bytes (5176 ctx + (1 thr x
>> 4096))
>> lwsts[27892]:  mem: http hdr rsvd:   122880 bytes (1 thr x (4096 +
>> 3584) x 16))
>> lwsts[27892]:  mem: pollfd map:       8192
>> lwsts[27892]:  mem: platform fd map:  8192 bytes
>> lwsts[27892]:  Compiled with OpenSSL support
>> lwsts[27892]: Creating Vhost 'default' port 80, 2 protocols, IPv6 off
>> lwsts[27892]:  SSL ciphers: 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-
>> AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-
>> SHA384:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4:!HMAC_SHA1:!SHA
>> 1:!DHE-RSA-AES128-GCM-SHA256:!DHE-RSA-AES128-SHA256:!AES128-GCM-SHA25
>> lwsts[27892]:  Using SSL mode
>> lwsts[27892]:  SSL ECDH curve 'prime256v1'
>> lwsts[27892]:  SSL options 0x35A0004
>> lwsts[27892]: insert_wsi_socket_into_fds: 0x7f9ffc0451b0: tsi=0,
>> sock=9, pos-in-fds=1
>> lwsts[27892]:  Listening on port 80
>> lwsts[27892]:  LWS_MAX_EXTENSIONS_ACTIVE: 2
>> lwsts[27892]:  mem: per-conn:          512 bytes + protocol rx buf
>> lwsts[27892]:  canonical_hostname = ubuntu
>> lwsts[27892]: lws_protocol_init
>> lwsts[27892]: fd=9, revents=1
>> lwsts[27892]: accepted new conn  port 59792 on fd=10
>> lwsts[27892]: Accepted 0x7f9ffc047030 to tsi 0
>> lwsts[27892]: lws_set_timeout: 0x7f9ffc047030: 5 secs
>> lwsts[27892]: insert_wsi_socket_into_fds: 0x7f9ffc047030: tsi=0,
>> sock=10, pos-in-fds=2
>> lwsts[27892]: lws_set_timeout: 0x7f9ffc047030: 5 secs
>> lwsts[27892]: inserted SSL accept into fds, trying SSL_accept
>> lwsts[27892]: SSL_accept failed 2 /
>> error:00000002:lib(0):func(0):system lib
>> lwsts[27892]: SSL_ERROR_WANT_READ
>> lwsts[27892]: lws_header_table_attach: wsi 0x7f9ffc047030: ah (nil)
>> (tsi 0, count = 0) in
>> lwsts[27892]: lws_header_table_attach: wsi 0x7f9ffc047030: ah
>> 0x7f9ffc012d20: count 1 (on exit)
>> lwsts[27892]: Attached ah immediately
>> lwsts[27892]: fd=10, revents=1
>> lwsts[27892]: SNI: Unknown ServerName: ubuntu.local
>> lwsts[27892]: SSL_accept failed 2 /
>> error:00000002:lib(0):func(0):system lib
>> lwsts[27892]: SSL_ERROR_WANT_READ
>> lwsts[27892]: fd=10, revents=1
>> lwsts[27892]: SSL_accept failed 1 /
>> error:00000001:lib(0):func(0):reason(1)
>> lwsts[27892]: SSL_accept failed skt 10:
>> error:00000001:lib(0):func(0):reason(1)
>> lwsts[27892]: *** error:14094418:SSL routines:ssl3_read_bytes:tlsv1
>> alert unknown ca
>> lwsts[27892]: lws_close_free_wsi: shutting down connection:
>> 0x7f9ffc047030 (sock 10, state 0)
>> lwsts[27892]: lws_set_timeout: 0x7f9ffc047030: 5 secs
>> lwsts[27892]: fd=10, revents=17
>> lwsts[27892]: SSL_accept failed 6 / error:00000006:lib(0):func(0):EVP
>> lib
>> lwsts[27892]: SSL_accept failed skt 10:
>> error:00000006:lib(0):func(0):EVP lib
>> lwsts[27892]: lws_close_free_wsi: real just_kill_connection:
>> 0x7f9ffc047030 (sockfd 10)
>> lwsts[27892]: remove_wsi_socket_from_fds: removing same prot wsi
>> 0x7f9ffc047030
>> lwsts[27892]: remove_wsi_socket_from_fds: wsi=0x7f9ffc047030,
>> sock=10, fds pos=2, end guy pos=3, endfd=0
>> lwsts[27892]: not calling back closed mode=6 state=0
>> lwsts[27892]: ah det due to close
>> lwsts[27892]: lws_header_table_detach: wsi 0x7f9ffc047030: ah
>> 0x7f9ffc012d20 (tsi=0, count = 1)
>> lwsts[27892]: lws_header_table_detach: wsi 0x7f9ffc047030: ah
>> 0x7f9ffc012d20 (tsi=0, count = 0)
>> lwsts[27892]: lws_free_wsi: 0x7f9ffc047030, remaining wsi 1
>> 
>>> On 05-Dec-2016, at 3:43 PM, Andy Green <andy at warmcat.com> wrote:
>>> 
>>> On Mon, 2016-12-05 at 14:39 +0530, satya gowtham kudupudi wrote:
>>> 
>>>> When I try to visit https://ubuntu.local:80 server prints
>>> 
>>> Ah who knows... you snipped the log that says how it's set up.
>>> 
>>> It's pointless anyway, nobody has your changed sources except you.
>>>  And
>>> it's true for each person with changed sources only they have:
>>> *nobody
>>> else cares about whether they work or are broken except you*.  Just
>>> like you didn't care about the last guy using lws with some problem
>>> he
>>> had caused himself.  (I know.. when it's your problem it's
>>> different. 
>>> But it isn't.)
>>> 
>>> If lws is broken or should do something better... it's up to you to
>>> show that's the case, usually using the test server or client as a
>>> reference we both have.  If it's not the case then your problem
>>> exists
>>> inbetween my working example apps you started with and the
>>> modifications that you did to them.  That's *your* problem (unless
>>> you
>>> can show it is my problem, in lws, in which case I will fix it).
>>> 
>>> Just use the plain test server that's provided with lws.  I just
>>> did it
>>> here, you should get the same result.
>>> 
>>> 1) $ libwebsockets-test-server --ssl
>>> 
>>> 2) In a browser
>>> 
>>> https://localhost:7681
>>> 
>>> 3) Browser says "Not secure, self signed Cert".  Lws creates some
>>> unique selfsigned certs for testing purposes when you run cmake.
>>> 
>>> 4) You click advanced or override and / or add security exception
>>> whatever, to say the selfsigned cert is OK
>>> 
>>> 5) Test server content appears in browser
>>> 
>>> Put your code on one side and try to repeat that using the test
>>> server
>>> + certs.
>>> 
>>> Here is the logging from when I ran it for reference:
>>> 
>>> ```
>>> $ libwebsockets-test-server --ssl
>>> lwsts[8423]: libwebsockets test server - license LGPL2.1+SLE
>>> lwsts[8423]: (C) Copyright 2010-2016 Andy Green <andy at warmcat.com>
>>> Using resource path "/usr/share/libwebsockets-test-server"
>>> lwsts[8423]: Initial logging level 7
>>> lwsts[8423]: Libwebsockets version: 2.1.0 agreen at build-v2.0.0-196-g
>>> fdab
>>> d95
>>> lwsts[8423]: IPV6 not compiled in
>>> lwsts[8423]: libev support not compiled in
>>> lwsts[8423]: libuv support compiled in but disabled
>>> lwsts[8423]:  Threads: 1 each 1024 fds
>>> lwsts[8423]:  mem: platform fd map:  8192 bytes
>>> lwsts[8423]:  Compiled with OpenSSL support
>>> lwsts[8423]: Creating Vhost 'default' port 7681, 5 protocols, IPv6
>>> off
>>> lwsts[8423]:  SSL ciphers: 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-
>>> RSA-
>>> AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-
>>> SHA384:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4:!HMAC_SHA1:!S
>>> HA1:
>>> !DHE-RSA-AES128-GCM-SHA256:!DHE-RSA-AES128-SHA256:!AES128-GCM-SHA25
>>> lwsts[8423]:  Using SSL mode
>>> lwsts[8423]:  SSL ECDH curve 'prime256v1'
>>> lwsts[8423]:  Listening on port 7681
>>> lwsts[8423]:  mem: per-conn:          720 bytes + protocol rx buf
>>> lwsts[8423]:  canonical_hostname = build
>>> lwsts[8423]: lws_protocol_init
>>> lwsts[8423]: Accepted wsi 0xed9a70 to context 0xe896f0, tsi 0
>>> lwsts[8423]: SNI: Unknown ServerName: localhost
>>> lwsts[8423]: lws_server_socket_service: wsi 0xed9a70 read -1
>>> lwsts[8423]: Accepted wsi 0xeed610 to context 0xe896f0, tsi 0
>>> lwsts[8423]: SNI: Unknown ServerName: localhost
>>> lwsts[8423]: 127.0.0.1 - - [05/Dec/2016:18:03:36 +0800] "GET /
>>> http/1.1" 200 20886 Mozilla/5.0 (X11; Fedora; Linux x86_64;
>>> rv:50.0)
>>> Gecko/20100101 Firefox/50.0
>>> lwsts[8423]: 127.0.0.1 - - [05/Dec/2016:18:03:36 +0800] "GET /lws-
>>> common.js http/1.1" 200 3336 Mozilla/5.0 (X11; Fedora; Linux
>>> x86_64;
>>> rv:50.0) Gecko/20100101 Firefox/50.0
>>> lwsts[8423]: 127.0.0.1 - - [05/Dec/2016:18:03:36 +0800] "GET
>>> /libwebsockets.org-logo.png http/1.1" 200 7232 Mozilla/5.0 (X11;
>>> Fedora; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0
>>> lwsts[8423]: 127.0.0.1 - - [05/Dec/2016:18:03:37 +0800] "GET
>>> /favicon.ico http/1.1" 200 1612 Mozilla/5.0 (X11; Fedora; Linux
>>> x86_64;
>>> rv:50.0) Gecko/20100101 Firefox/50.0
>>> lwsts[8423]: Accepted wsi 0xeda330 to context 0xe896f0, tsi 0
>>> lwsts[8423]: SNI: Unknown ServerName: localhost
>>>     get  = /xxx
>>>     host: = localhost:7681
>>>     connection: = keep-alive, Upgrade
>>>     upgrade: = websocket
>>>     origin: = https://localhost:7681
>>>     sec-websocket-extensions: = permessage-deflate
>>>     sec-websocket-protocol: = dumb-increment-protocol
>>>     http/1.1  = HTTP/1.1
>>>     accept: =
>>> text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
>>>     accept-encoding: = gzip, deflate, br
>>>     accept-language: = en-US,en;q=0.5
>>>     pragma: = no-cache
>>>     cache-control: = no-cache
>>>     cookie: = test=LWS_1480932216_877788_COOKIE
>>>     sec-websocket-key: = 5DUsn/Y+0qH7uJTlU0EEIQ==
>>>     sec-websocket-version: = 13
>>>     user-agent: = Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:50.0)
>>> Gecko/20100101 Firefox/50.0
>>> lwsts[8423]:  permessage-deflate requires the protocol (dumb-
>>> increment-
>>> protocol) to have an RX buffer >= 128
>>> lwsts[8423]: ext permessage-deflate failed construction
>>> lwsts[8423]: 0xeda330 new partial sent 30 from 178 total
>>> lwsts[8423]: 127.0.0.1 - - [05/Dec/2016:18:03:37 +0800] "GET
>>> /favicon.ico http/1.1" 200 1612 Mozilla/5.0 (X11; Fedora; Linux
>>> x86_64;
>>> rv:50.0) Gecko/20100101 Firefox/50.0
>>> lwsts[8423]: Accepted wsi 0xef73d0 to context 0xe896f0, tsi 0
>>> lwsts[8423]: SNI: Unknown ServerName: localhost
>>> lwsts[8423]:  Capping pmd rx to 128
>>> lwsts[8423]: 0xef73d0 new partial sent 148 from 211 total
>>> lwsts[8423]: cache_len 243
>>> lwsts[8423]: 0xef73d0 new partial sent 148 from 207 total
>>> lwsts[8423]: Accepted wsi 0xee1390 to context 0xe896f0, tsi 0
>>> lwsts[8423]: SNI: Unknown ServerName: localhost
>>>     get  = /xxx
>>>     host: = localhost:7681
>>>     connection: = keep-alive, Upgrade
>>>     upgrade: = websocket
>>>     origin: = https://localhost:7681
>>>     sec-websocket-extensions: = permessage-deflate
>>>     sec-websocket-protocol: = lws-mirror-protocol
>>>     http/1.1  = HTTP/1.1
>>>     accept: =
>>> text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
>>>     accept-encoding: = gzip, deflate, br
>>>     accept-language: = en-US,en;q=0.5
>>>     pragma: = no-cache
>>>     cache-control: = no-cache
>>>     cookie: = test=LWS_1480932216_877788_COOKIE
>>>     sec-websocket-key: = u1dBJJLVlfeCMijDZ2pvIQ==
>>>     sec-websocket-version: = 13
>>>     user-agent: = Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:50.0)
>>> Gecko/20100101 Firefox/50.0
>>> lwsts[8423]:  Capping pmd rx to 128
>>> lwsts[8423]: 0xee1390 new partial sent 148 from 220 total
>>> ```
>>> 
>>> -Andy
>>> 
>>> 
>>>> lwsts[27892]: fd=9, revents=1
>>>> lwsts[27892]: accepted new conn  port 59792 on fd=10
>>>> lwsts[27892]: Accepted 0x7f9ffc047030 to tsi 0
>>>> lwsts[27892]: lws_set_timeout: 0x7f9ffc047030: 5 secs
>>>> lwsts[27892]: insert_wsi_socket_into_fds: 0x7f9ffc047030: tsi=0,
>>>> sock=10, pos-in-fds=2
>>>> lwsts[27892]: lws_set_timeout: 0x7f9ffc047030: 5 secs
>>>> lwsts[27892]: inserted SSL accept into fds, trying SSL_accept
>>>> lwsts[27892]: SSL_accept failed 2 /
>>>> error:00000002:lib(0):func(0):system lib
>>>> lwsts[27892]: SSL_ERROR_WANT_READ
>>>> lwsts[27892]: lws_header_table_attach: wsi 0x7f9ffc047030: ah
>>>> (nil)
>>>> (tsi 0, count = 0) in
>>>> lwsts[27892]: lws_header_table_attach: wsi 0x7f9ffc047030: ah
>>>> 0x7f9ffc012d20: count 1 (on exit)
>>>> lwsts[27892]: Attached ah immediately
>>>> lwsts[27892]: fd=10, revents=1
>>>> lwsts[27892]: SNI: Unknown ServerName: ubuntu.local
>>>> lwsts[27892]: SSL_accept failed 2 /
>>>> error:00000002:lib(0):func(0):system lib
>>>> lwsts[27892]: SSL_ERROR_WANT_READ
>>>> lwsts[27892]: fd=10, revents=1
>>>> lwsts[27892]: SSL_accept failed 1 /
>>>> error:00000001:lib(0):func(0):reason(1)
>>>> lwsts[27892]: SSL_accept failed skt 10:
>>>> error:00000001:lib(0):func(0):reason(1)
>>>> lwsts[27892]: *** error:14094418:SSL
>>>> routines:ssl3_read_bytes:tlsv1
>>>> alert unknown ca
>>>> lwsts[27892]: lws_close_free_wsi: shutting down connection:
>>>> 0x7f9ffc047030 (sock 10, state 0)
>>>> lwsts[27892]: lws_set_timeout: 0x7f9ffc047030: 5 secs
>>>> lwsts[27892]: fd=10, revents=17
>>>> lwsts[27892]: SSL_accept failed 6 /
>>>> error:00000006:lib(0):func(0):EVP
>>>> lib
>>>> lwsts[27892]: SSL_accept failed skt 10:
>>>> error:00000006:lib(0):func(0):EVP lib
>>>> lwsts[27892]: lws_close_free_wsi: real just_kill_connection:
>>>> 0x7f9ffc047030 (sockfd 10)
>>>> lwsts[27892]: remove_wsi_socket_from_fds: removing same prot wsi
>>>> 0x7f9ffc047030
>>>> lwsts[27892]: remove_wsi_socket_from_fds: wsi=0x7f9ffc047030,
>>>> sock=10, fds pos=2, end guy pos=3, endfd=0
>>>> lwsts[27892]: not calling back closed mode=6 state=0
>>>> lwsts[27892]: ah det due to close
>>>> lwsts[27892]: lws_header_table_detach: wsi 0x7f9ffc047030: ah
>>>> 0x7f9ffc012d20 (tsi=0, count = 1)
>>>> lwsts[27892]: lws_header_table_detach: wsi 0x7f9ffc047030: ah
>>>> 0x7f9ffc012d20 (tsi=0, count = 0)
>>>> lwsts[27892]: lws_free_wsi: 0x7f9ffc047030, remaining wsi 1
>>>> 
>>>> --
>>>> Gowtham
>>>>> On 05-Dec-2016, at 2:20 PM, Andy Green <andy at warmcat.com>
>>>>> wrote:
>>>>> 
>>>>> On Mon, 2016-12-05 at 13:57 +0530, satya gowtham kudupudi
>>>>> wrote:
>>>>>> when I try to visit with SSL HTTPS protocol, nothing happens.
>>>>>> Page
>>>>>> doesn't load at browser and server prints nothing on the
>>>>>> screen.
>>>>> 
>>>>> Mmm
>>>>> 
>>>>>> lwsts[27731]:  Listening on port 80
>>>>> 
>>>>> Are you telling it to listen on 443?  If you are still
>>>>> listening on
>>>>> port 80, just with SSL, you must visit https://ubuntu.local:80
>>>>> 
>>>>>> When I try to visit with non-SSL HTTP protocol, I expect to
>>>>>> redirect
>>>>> to HTTPS.
>>>>> 
>>>>> Yeah.
>>>>> 
>>>>> Well you need to set that up if that's what you want.  You tell
>>>>> lws
>>>>> to
>>>>> listen on one port or another and it does that.  That's it.
>>>>>  Apache
>>>>> is
>>>>> the same.
>>>>> 
>>>>> You need to add a second vhost listening on 80 to do that, and
>>>>> mount a
>>>>> redirect to https://whatever there.  Your main SSL vhost should
>>>>> be
>>>>> listening on 443.
>>>>> 
>>>>> -Andy
>>>>> 
>>>>> 
>>>>>> On Mon, Dec 5, 2016 at 12:17 PM, Andy Green <andy at warmcat.com
>>>>>>> 
>>>>>> wrote:
>>>>>>> On Mon, 2016-12-05 at 12:05 +0530, satya gowtham kudupudi
>>>>>>> wrote:
>>>>>>>> Hi,
>>>>>>>> 
>>>>>>>> I have enabled ssl using -ssl option on my server that
>>>>>>>> inherits
>>>>>>> test-
>>>>>>>> server. server is running at ubuntu.local. https://ubuntu
>>>>>>>> .loc
>>>>>>>> al
>>>>>>> don't
>>>>>>>> generate any kind of log at the server but http://ubuntu.
>>>>>>>> loca
>>>>>>>> l
>>>>>>> has
>>>>>>>> generates below log
>>>>>>> 
>>>>>>> Ehhh if I understand it, you have started an SSL server and
>>>>>>> then
>>>>>>> visit
>>>>>>> it using non-SSL http protocol?
>>>>>>> 
>>>>>>> What exactly were you expecting to happen?
>>>>>>> 
>>>>>>> -Andy
>>>>>>> 
>>>>>>> 
>>>>>>>> lwsts[27731]: libwebsockets test server - license
>>>>>>>> LGPL2.1+SLE
>>>>>>>> lwsts[27731]: (C) Copyright 2010-2016 Andy Green <andy at wa
>>>>>>>> rmca
>>>>>>>> t.co
>>>>>>> m>
>>>>>>>> lwsts[27731]: Running in server mode
>>>>>>>> lwsts[27731]: Initial logging level 65535
>>>>>>>> lwsts[27731]: Libwebsockets version: 2.1.0 gowtham at ubuntu
>>>>>>>> -v2.
>>>>>>>> 0.0-
>>>>>>> 170-
>>>>>>>> g7355750
>>>>>>>> lwsts[27731]: IPV6 not compiled in
>>>>>>>> lwsts[27731]: libev support not compiled in
>>>>>>>> lwsts[27731]: libuv support not compiled in
>>>>>>>> lwsts[27731]:  LWS_DEF_HEADER_LEN    : 4096
>>>>>>>> lwsts[27731]:  LWS_MAX_PROTOCOLS     : 5
>>>>>>>> lwsts[27731]:  LWS_MAX_SMP           : 32
>>>>>>>> lwsts[27731]:  SPEC_LATEST_SUPPORTED : 13
>>>>>>>> lwsts[27731]:  sizeof (*info)        : 320
>>>>>>>> lwsts[27731]:  SYSTEM_RANDOM_FILEPATH: '/dev/urandom'
>>>>>>>> lwsts[27731]:  default timeout (secs): 5
>>>>>>>> lwsts[27731]:  Threads: 1 each 1024 fds
>>>>>>>> lwsts[27731]:  mem: context:          9272 bytes (5176
>>>>>>>> ctx +
>>>>>>>> (1
>>>>>>> thr x
>>>>>>>> 4096))
>>>>>>>> lwsts[27731]:  mem: http hdr rsvd:   122880 bytes (1 thr
>>>>>>>> x
>>>>>>>> (4096
>>>>>>> +
>>>>>>>> 3584) x 16))
>>>>>>>> lwsts[27731]:  mem: pollfd map:       8192
>>>>>>>> lwsts[27731]:  mem: platform fd map:  8192 bytes
>>>>>>>> lwsts[27731]:  Compiled with OpenSSL support
>>>>>>>> lwsts[27731]: Creating Vhost 'default' port 80, 2
>>>>>>>> protocols,
>>>>>>>> IPv6
>>>>>>> off
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>>> lwsts[27731]:  SSL ciphers: 'ECDHE-ECDSA-AES256-GCM-
>>>>>>>> SHA384:ECDHE-
>>>>>>> RSA-
>>>>>>>> AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-
>>>>>>>> AES256-
>>>>>>>> 
>>>>>>> SHA384:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4:!HMAC
>>>>>>> _SHA
>>>>>>> 1:!S
>>>>>>> HA
>>>>>>>> 1:!DHE-RSA-AES128-GCM-SHA256:!DHE-RSA-AES128-
>>>>>>>> SHA256:!AES128-
>>>>>>>> GCM-
>>>>>>> SHA25
>>>>>>>> lwsts[27731]:  Using SSL mode
>>>>>>>> lwsts[27731]:  SSL ECDH curve 'prime256v1'
>>>>>>>> lwsts[27731]:  SSL options 0x35A0004
>>>>>>>> lwsts[27731]: insert_wsi_socket_into_fds: 0x7f33500451b0:
>>>>>>>> tsi=0,
>>>>>>>> sock=9, pos-in-fds=1
>>>>>>>> lwsts[27731]:  Listening on port 80
>>>>>>>> lwsts[27731]:  LWS_MAX_EXTENSIONS_ACTIVE: 2
>>>>>>>> lwsts[27731]:  mem: per-conn:          512 bytes +
>>>>>>>> protocol
>>>>>>>> rx
>>>>>>> buf
>>>>>>>> lwsts[27731]:  canonical_hostname = ubuntu
>>>>>>>> lwsts[27731]: lws_protocol_init
>>>>>>>> lwsts[27731]: fd=9, revents=1
>>>>>>>> lwsts[27731]: accepted new conn  port 55677 on fd=10
>>>>>>>> lwsts[27731]: Accepted 0x7f3350047030 to tsi 0
>>>>>>>> lwsts[27731]: lws_set_timeout: 0x7f3350047030: 5 secs
>>>>>>>> lwsts[27731]: insert_wsi_socket_into_fds: 0x7f3350047030:
>>>>>>>> tsi=0,
>>>>>>>> sock=10, pos-in-fds=2
>>>>>>>> lwsts[27731]: lws_set_timeout: 0x7f3350047030: 5 secs
>>>>>>>> lwsts[27731]: inserted SSL accept into fds, trying
>>>>>>>> SSL_accept
>>>>>>>> lwsts[27731]: SSL_accept failed 1 /
>>>>>>>> error:00000001:lib(0):func(0):reason(1)
>>>>>>>> lwsts[27731]: SSL_accept failed skt 10:
>>>>>>>> error:00000001:lib(0):func(0):reason(1)
>>>>>>>> lwsts[27731]: *** error:1407609C:SSL
>>>>>>>> 
>>>>>>> routines:SSL23_GET_CLIENT_HELLO:httproutines:SSL23_GET_CLIE
>>>>>>> NT_H
>>>>>>> ELLO
>>>>>>> :h
>>>>>>>> ttp request
>>>>>>>> lwsts[27731]: lws_adopt_socket_vhost: fail ssl
>>>>>>>> negotiation
>>>>>>>> lwsts[27731]: lws_close_free_wsi: shutting down
>>>>>>>> connection:
>>>>>>>> 0x7f3350047030 (sock 10, state 0)
>>>>>>>> lwsts[27731]: lws_set_timeout: 0x7f3350047030: 5 secs
>>>>>>>> lwsts[27731]: fd=10, revents=17
>>>>>>>> lwsts[27731]: SSL_accept failed 1 /
>>>>>>>> error:00000001:lib(0):func(0):reason(1)
>>>>>>>> lwsts[27731]: SSL_accept failed skt 10:
>>>>>>>> error:00000001:lib(0):func(0):reason(1)
>>>>>>>> lwsts[27731]: *** error:1407609C:SSL
>>>>>>>> routines:SSL23_GET_CLIENT_HELLO:http request
>>>>>>>> lwsts[27731]: lws_close_free_wsi: real
>>>>>>>> just_kill_connection:
>>>>>>>> 0x7f3350047030 (sockfd 10)
>>>>>>>> lwsts[27731]: remove_wsi_socket_from_fds: removing same
>>>>>>>> prot
>>>>>>>> wsi
>>>>>>>> 0x7f3350047030
>>>>>>>> lwsts[27731]: remove_wsi_socket_from_fds:
>>>>>>>> wsi=0x7f3350047030,
>>>>>>>> sock=10, fds pos=2, end guy pos=3, endfd=0
>>>>>>>> lwsts[27731]: not calling back closed mode=6 state=0
>>>>>>>> lwsts[27731]: ah det due to close
>>>>>>>> lwsts[27731]: lws_header_table_detach: wsi
>>>>>>>> 0x7f3350047030: ah
>>>>>>> (nil)
>>>>>>>> (tsi=0, count = 0)
>>>>>>>> lwsts[27731]: lws_header_table_detach: wsi
>>>>>>>> 0x7f3350047030: ah
>>>>>>> (nil)
>>>>>>>> (tsi=0, count = 0)
>>>>>>>> lwsts[27731]: lws_free_wsi: 0x7f3350047030, remaining wsi
>>>>>>>> 1
>>>>>>>> lwsts[27731]: fd=9, revents=1
>>>>>>>> lwsts[27731]: accepted new conn  port 55680 on fd=10
>>>>>>>> lwsts[27731]: Accepted 0x7f3350047030 to tsi 0
>>>>>>>> lwsts[27731]: lws_set_timeout: 0x7f3350047030: 5 secs
>>>>>>>> lwsts[27731]: insert_wsi_socket_into_fds: 0x7f3350047030:
>>>>>>>> tsi=0,
>>>>>>>> sock=10, pos-in-fds=2
>>>>>>>> lwsts[27731]: lws_set_timeout: 0x7f3350047030: 5 secs
>>>>>>>> lwsts[27731]: inserted SSL accept into fds, trying
>>>>>>>> SSL_accept
>>>>>>>> lwsts[27731]: SSL_accept failed 1 /
>>>>>>>> error:00000001:lib(0):func(0):reason(1)
>>>>>>>> lwsts[27731]: SSL_accept failed skt 10:
>>>>>>>> error:00000001:lib(0):func(0):reason(1)
>>>>>>>> lwsts[27731]: *** error:1407609C:SSL
>>>>>>>> routines:SSL23_GET_CLIENT_HELLO:http request
>>>>>>>> lwsts[27731]: lws_adopt_socket_vhost: fail ssl
>>>>>>>> negotiation
>>>>>>>> lwsts[27731]: lws_close_free_wsi: shutting down
>>>>>>>> connection:
>>>>>>>> 0x7f3350047030 (sock 10, state 0)
>>>>>>>> lwsts[27731]: lws_set_timeout: 0x7f3350047030: 5 secs
>>>>>>>> lwsts[27731]: fd=10, revents=17
>>>>>>>> lwsts[27731]: SSL_accept failed 1 /
>>>>>>>> error:00000001:lib(0):func(0):reason(1)
>>>>>>>> lwsts[27731]: SSL_accept failed skt 10:
>>>>>>>> error:00000001:lib(0):func(0):reason(1)
>>>>>>>> lwsts[27731]: *** error:1407609C:SSL
>>>>>>>> routines:SSL23_GET_CLIENT_HELLO:http request
>>>>>>>> lwsts[27731]: lws_close_free_wsi: real
>>>>>>>> just_kill_connection:
>>>>>>>> 0x7f3350047030 (sockfd 10)
>>>>>>>> lwsts[27731]: remove_wsi_socket_from_fds: removing same
>>>>>>>> prot
>>>>>>>> wsi
>>>>>>>> 0x7f3350047030
>>>>>>>> lwsts[27731]: remove_wsi_socket_from_fds:
>>>>>>>> wsi=0x7f3350047030,
>>>>>>>> sock=10, fds pos=2, end guy pos=3, endfd=0
>>>>>>>> lwsts[27731]: not calling back closed mode=6 state=0
>>>>>>>> lwsts[27731]: ah det due to close
>>>>>>>> lwsts[27731]: lws_header_table_detach: wsi
>>>>>>>> 0x7f3350047030: ah
>>>>>>> (nil)
>>>>>>>> (tsi=0, count = 0)
>>>>>>>> lwsts[27731]: lws_header_table_detach: wsi
>>>>>>>> 0x7f3350047030: ah
>>>>>>> (nil)
>>>>>>>> (tsi=0, count = 0)
>>>>>>>> lwsts[27731]: lws_free_wsi: 0x7f3350047030, remaining wsi
>>>>>>>> 1
>>>>>>>> lwsts[27731]: fd=9, revents=1
>>>>>>>> lwsts[27731]: accepted new conn  port 55683 on fd=10
>>>>>>>> lwsts[27731]: Accepted 0x7f3350047030 to tsi 0
>>>>>>>> lwsts[27731]: lws_set_timeout: 0x7f3350047030: 5 secs
>>>>>>>> lwsts[27731]: insert_wsi_socket_into_fds: 0x7f3350047030:
>>>>>>>> tsi=0,
>>>>>>>> sock=10, pos-in-fds=2
>>>>>>>> lwsts[27731]: lws_set_timeout: 0x7f3350047030: 5 secs
>>>>>>>> lwsts[27731]: inserted SSL accept into fds, trying
>>>>>>>> SSL_accept
>>>>>>>> lwsts[27731]: SSL_accept failed 2 /
>>>>>>>> error:00000002:lib(0):func(0):system lib
>>>>>>>> lwsts[27731]: SSL_ERROR_WANT_READ
>>>>>>>> lwsts[27731]: lws_header_table_attach: wsi
>>>>>>>> 0x7f3350047030: ah
>>>>>>> (nil)
>>>>>>>> (tsi 0, count = 0) in
>>>>>>>> lwsts[27731]: lws_header_table_attach: wsi
>>>>>>>> 0x7f3350047030: ah
>>>>>>>> 0x7f3350012d20: count 1 (on exit)
>>>>>>>> lwsts[27731]: Attached ah immediately
>>>>>>>> lwsts[27731]: fd=10, revents=1
>>>>>>>> lwsts[27731]: SSL_accept failed 1 /
>>>>>>>> error:00000001:lib(0):func(0):reason(1)
>>>>>>>> lwsts[27731]: SSL_accept failed skt 10:
>>>>>>>> error:00000001:lib(0):func(0):reason(1)
>>>>>>>> lwsts[27731]: *** error:1407609C:SSL
>>>>>>>> routines:SSL23_GET_CLIENT_HELLO:http request
>>>>>>>> lwsts[27731]: lws_close_free_wsi: shutting down
>>>>>>>> connection:
>>>>>>>> 0x7f3350047030 (sock 10, state 0)
>>>>>>>> lwsts[27731]: lws_set_timeout: 0x7f3350047030: 5 secs
>>>>>>>> lwsts[27731]: fd=10, revents=1
>>>>>>>> lwsts[27731]: SSL_accept failed 1 /
>>>>>>>> error:00000001:lib(0):func(0):reason(1)
>>>>>>>> lwsts[27731]: SSL_accept failed skt 10:
>>>>>>>> error:00000001:lib(0):func(0):reason(1)
>>>>>>>> lwsts[27731]: *** error:1407609C:SSL
>>>>>>>> routines:SSL23_GET_CLIENT_HELLO:http request
>>>>>>>> lwsts[27731]: lws_close_free_wsi: real
>>>>>>>> just_kill_connection:
>>>>>>>> 0x7f3350047030 (sockfd 10)
>>>>>>>> lwsts[27731]: remove_wsi_socket_from_fds: removing same
>>>>>>>> prot
>>>>>>>> wsi
>>>>>>>> 0x7f3350047030
>>>>>>>> lwsts[27731]: remove_wsi_socket_from_fds:
>>>>>>>> wsi=0x7f3350047030,
>>>>>>>> sock=10, fds pos=2, end guy pos=3, endfd=0
>>>>>>>> lwsts[27731]: not calling back closed mode=6 state=0
>>>>>>>> lwsts[27731]: ah det due to close
>>>>>>>> lwsts[27731]: lws_header_table_detach: wsi
>>>>>>>> 0x7f3350047030: ah
>>>>>>>> 0x7f3350012d20 (tsi=0, count = 1)
>>>>>>>> lwsts[27731]: lws_header_table_detach: wsi
>>>>>>>> 0x7f3350047030: ah
>>>>>>>> 0x7f3350012d20 (tsi=0, count = 0)
>>>>>>>> lwsts[27731]: lws_free_wsi: 0x7f3350047030, remaining wsi
>>>>>>>> 1
>>>>>>>> 
>>>>>>>> I have no clue whats going on. Any hint is very much
>>>>>>>> helpful.
>>>>>>>> 
>>>>>>>> Thank you.
>>>>>>>> 
>>>>>>>> --
>>>>>>>> Gowtham
>>>>>>>> _______________________________________________
>>>>>>>> Libwebsockets mailing list
>>>>>>>> Libwebsockets at ml.libwebsockets.org
>>>>>>>> http://libwebsockets.org/mailman/listinfo/libwebsockets
>> 
>> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://libwebsockets.org/pipermail/libwebsockets/attachments/20161205/ae819e9b/attachment-0001.html>


More information about the Libwebsockets mailing list