[Libwebsockets] client connect in lwsws

Joel Winarske joel.winarske at gmail.com
Sun Feb 12 03:45:43 CET 2017


This all makes sense, and helps tremendously.

I'm seeing an SSL connection error.  I
have lws_client_connect_info.ssl_connection set to:
  LCCSCF_USE_SSL |
  LCCSCF_ALLOW_SELFSIGNED |
  LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK;

Yet it's complaining:
[2017/02/11 18:33:40:3076] ERR: SSL error: unable to get local issuer
certificate (preverify_ok=0;err=20;depth=2)
[2017/02/11 18:33:40:3076] NOTICE: lws_ssl_client_connect2: SSL_connect
says -1
[2017/02/11 18:33:40:3076] ERR: SSL connect error 337047686:
error:1416F086:SSL routines:tls_process_server_certificate:certificate
verify failed
[2017/02/11 18:33:40:3076] INFO: closing conn at LWS_CONNMODE...SERVER_REPLY


Complete log snippet:
[2017/02/11 18:33:40:0992] INFO: Method: POST request for '/rest/send'
[2017/02/11 18:33:40:0992] DEBUG: lws_set_timeout: 0145B278: 20 secs
[2017/02/11 18:33:40:0992] INFO: lws_ensure_user_space: 0145B278 protocol
0153EAE8
[2017/02/11 18:33:40:0992] DEBUG: lws_read: thinks we have used 171
[2017/02/11 18:33:40:0997] NOTICE: lws_spa_create: Created SPA 034EF588
[2017/02/11 18:33:40:0997] DEBUG: lws_set_timeout: 0145B278: 0 secs
[2017/02/11 18:33:40:0997] NOTICE: di: **
LWS_CALLBACK_HTTP_BODY_COMPLETION: v=031F3DE8, ctx=01487020
[2017/02/11 18:33:40:0997] NOTICE: Send Request:
[2017/02/11 18:33:40:0997] NOTICE:      url:
https://api.npr.org/listening/v2/recommendations?channel=shows
[2017/02/11 18:33:40:0997] NOTICE:      method: GET
[2017/02/11 18:33:40:0997] NOTICE:      sendheaders: Authorization:Bearer
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
[2017/02/11 18:33:40:0997] NOTICE:  Using SSL
[2017/02/11 18:33:40:0997] NOTICE:  Selfsigned certs allowed
[2017/02/11 18:33:40:0997] NOTICE:  Skipping peer cert hostname check
[2017/02/11 18:33:40:0997] NOTICE: using https mode (non-ws)
[2017/02/11 18:33:40:0997] NOTICE: http client: connecting
[2017/02/11 18:33:40:0997] DEBUG: lws_union_transition: 01545190: mode 32
[2017/02/11 18:33:40:1002] INFO: lws_ensure_user_space: 01545190 protocol
0153EAD0
[2017/02/11 18:33:40:1002] INFO: lws_ensure_user_space: 01545190 protocol
pss 0, user_space=00000000
[2017/02/11 18:33:40:1002] INFO: lws_header_table_attach: wsi 01545190: ah
00000000 (tsi 0, count = 4) in
[2017/02/11 18:33:40:1002] INFO: lws_header_table_attach: wsi 01545190: ah
0149C0D0: count 5 (on exit)
[2017/02/11 18:33:40:1002] CLIENT: lws_client_connect: direct conn
[2017/02/11 18:33:40:1002] CLIENT: lws_client_connect_2
[2017/02/11 18:33:40:1002] CLIENT: lws_client_connect_2: address api.npr.org
[2017/02/11 18:33:40:1526] ERR: getaddrinfo api.npr.org -> 216.35.221.71
[2017/02/11 18:33:40:1531] DEBUG: lws_libuv_accept: new wsi 01545190
[2017/02/11 18:33:40:1531] DEBUG: insert_wsi_socket_into_fds: 01545190:
tsi=0, sock=632, pos-in-fds=13
[2017/02/11 18:33:40:1531] DEBUG: lws_set_timeout: 01545190: 20 secs
[2017/02/11 18:33:40:1536] CLIENT: nonblocking connect retry (errno = 10035)
[2017/02/11 18:33:40:1536] NOTICE: lws_client_connect_via_info sucessful
wsi=22303120
[2017/02/11 18:33:40:1541] INFO: lws_read: read_ok, used 710
[2017/02/11 18:33:40:1541] DEBUG: lws_server_socket_service: wsi 0145B278:
ah read rxpos 710, rxlen 710
[2017/02/11 18:33:40:1546] DEBUG: lws_uv_idle
[2017/02/11 18:33:40:1546] DEBUG: lws_uv_idle: done stop
[2017/02/11 18:33:40:1546] DEBUG: fd=564, revents=9
[2017/02/11 18:33:40:1546] DEBUG: lws_read: incoming len 22  state 5
[2017/02/11 18:33:40:1546] PARSER: lws_interpret_incoming_packet: received
22 byte packet
[2017/02/11 18:33:40:1546] PARSER: spill on activation-protocol
[2017/02/11 18:33:40:1551] EXTENSION: lws_rx_sm: passing 16 to ext
[2017/02/11 18:33:40:1551] EXTENSION:  lws_extension_callback_pm_deflate:
LWS_EXT_CB_PAYLOAD_RX: in 16, existing in 0
[2017/02/11 18:33:40:1551] EXTENSION: inflate ret 0, avi 0, avo 894,
wsifinal 1
[2017/02/11 18:33:40:1551] EXTENSION: RX APPEND_TRAILER-DO
[2017/02/11 18:33:40:1551] EXTENSION: RX trailer inf returned 0, avi 0, avo
894
[2017/02/11 18:33:40:1551] EXTENSION:   lws_extension_callback_pm_deflate:
RX leaving with new effbuff len 130, ret 0, rx.avail_in=0, TOTAL RX since
FIN 130
[2017/02/11 18:33:40:1551] NOTICE: activate: LWS_CALLBACK_RECEIVE
[2017/02/11 18:33:40:1556] DEBUG: _lws_rx_flow_control: no pending change
[2017/02/11 18:33:40:1556] PARSER: lws_interpret_incoming_packet: exit with
0 unused
[2017/02/11 18:33:40:1556] INFO: lws_read: read_ok, used 22
[2017/02/11 18:33:40:1556] DEBUG: lws_uv_idle
[2017/02/11 18:33:40:1556] DEBUG: lws_uv_idle: done stop
[2017/02/11 18:33:40:1556] DEBUG: fd=564, revents=2
[2017/02/11 18:33:40:1556] DEBUG: lws_calllback_as_writeable: 01547DC0
(user=0146DAE0)
[2017/02/11 18:33:40:1556] NOTICE: activate: LWS_CALLBACK_SERVER_WRITEABLE
[2017/02/11 18:33:40:1556] EXTENSION: lws_extension_callback_pm_deflate:
TX: eff_buf length 74
[2017/02/11 18:33:40:1561] EXTENSION: tx held 4
[2017/02/11 18:33:40:1561] EXTENSION:   TX rewritten with new effbuff len
8, ret 0
[2017/02/11 18:33:40:1561] EXTENSION: lws_extension_callback_pm_deflate: tx
opcode 0xC1
[2017/02/11 18:33:40:1561] PARSER: written 10 bytes to client
[2017/02/11 18:33:40:1561] DEBUG: _lws_rx_flow_control: no pending change
[2017/02/11 18:33:40:1561] DEBUG: lws_uv_idle
[2017/02/11 18:33:40:1561] DEBUG: lws_uv_idle: done stop
[2017/02/11 18:33:40:2276] DEBUG: fd=632, revents=2
[2017/02/11 18:33:40:2276] CLIENT: lws_client_connect_2
[2017/02/11 18:33:40:2276] CLIENT: lws_client_connect_2: address api.npr.org
[2017/02/11 18:33:40:2286] ERR: getaddrinfo api.npr.org -> 216.35.221.71
[2017/02/11 18:33:40:2286] CLIENT: connected
[2017/02/11 18:33:40:2286] DEBUG: lws_set_timeout: 01545190: 20 secs
[2017/02/11 18:33:40:2286] DEBUG: fd=632, revents=9
[2017/02/11 18:33:40:2291] DEBUG: lws_uv_idle
[2017/02/11 18:33:40:2291] DEBUG: lws_uv_idle: done stop
[2017/02/11 18:33:40:3056] DEBUG: fd=632, revents=9
[2017/02/11 18:33:40:3061] NOTICE: lws_ssl_client_connect2: SSL_connect
says -1
[2017/02/11 18:33:40:3066] INFO: SSL_connect WANT_READ... retrying
[2017/02/11 18:33:40:3066] DEBUG: lws_uv_idle
[2017/02/11 18:33:40:3066] DEBUG: lws_uv_idle: done stop
[2017/02/11 18:33:40:3066] DEBUG: fd=632, revents=9
[2017/02/11 18:33:40:3076] ERR: SSL error: unable to get local issuer
certificate (preverify_ok=0;err=20;depth=2)
[2017/02/11 18:33:40:3076] NOTICE: lws_ssl_client_connect2: SSL_connect
says -1
[2017/02/11 18:33:40:3076] ERR: SSL connect error 337047686:
error:1416F086:SSL routines:tls_process_server_certificate:certificate
verify failed
[2017/02/11 18:33:40:3076] INFO: closing conn at LWS_CONNMODE...SERVER_REPLY
[2017/02/11 18:33:40:3076] INFO: lws_close_free_wsi: real
just_kill_connection: 01545190 (sockfd 632)
[2017/02/11 18:33:40:3081] INFO: remove_wsi_socket_from_fds: removing same
prot wsi 01545190
[2017/02/11 18:33:40:3081] DEBUG: remove_wsi_socket_from_fds: wsi=01545190,
sock=632, fds pos=13, end guy pos=14, endfd=0
[2017/02/11 18:33:40:3081] DEBUG: not calling back closed mode=39 state=7
[2017/02/11 18:33:40:3081] DEBUG: lws_close_free_wsi:
lws_libuv_closehandle: wsi 01545190
[2017/02/11 18:33:40:3081] DEBUG: lws_uv_idle
[2017/02/11 18:33:40:3081] DEBUG: lws_uv_idle: done stop
[2017/02/11 18:33:40:3081] INFO: ah det due to close
[2017/02/11 18:33:40:3086] INFO: lws_header_table_detach: wsi 01545190: ah
0149C0D0 (tsi=0, count = 5)
[2017/02/11 18:33:40:3086] INFO: lws_header_table_detach: wsi 01545190: ah
0149C0D0 (tsi=0, count = 4)
[2017/02/11 18:33:40:3086] DEBUG: lws_free_wsi: 01545190, remaining wsi 13
[2017/02/11 18:33:40:7005] DEBUG: lws_uv_timeout_cb
[2017/02/11 18:33:41:7009] DEBUG: lws_uv_timeout_cb
[2017/02/11 18:33:42:7018] DEBUG: lws_uv_timeout_cb
[2017/02/11 18:33:43:7022] DEBUG: lws_uv_timeout_cb
[2017/02/11 18:33:43:7024] INFO: lws_close_free_wsi: real
just_kill_connection: 0145C890 (sockfd 556)
[2017/02/11 18:33:43:7029] INFO: remove_wsi_socket_from_fds: removing same
prot wsi 0145C890
[2017/02/11 18:33:43:7034] DEBUG: remove_wsi_socket_from_fds: wsi=0145C890,
sock=556, fds pos=5, end guy pos=13, endfd=632
[2017/02/11 18:33:43:7036] DEBUG: not calling back closed mode=0 state=0
[2017/02/11 18:33:43:7036] DEBUG: lws_close_free_wsi:
lws_libuv_closehandle: wsi 0145C890
[2017/02/11 18:33:43:7042] INFO: ah det due to close
[2017/02/11 18:33:43:7042] INFO: lws_header_table_detach: wsi 0145C890: ah
00000000 (tsi=0, count = 4)
[2017/02/11 18:33:43:7047] INFO: lws_header_table_detach: wsi 0145C890: ah
00000000 (tsi=0, count = 4)
[2017/02/11 18:33:43:7047] DEBUG: lws_free_wsi: 0145C890, remaining wsi 12
[2017/02/11 18:33:44:7022] DEBUG: lws_uv_timeout_cb
[2017/02/11 18:33:45:7027] DEBUG: lws_uv_timeout_cb
[2017/02/11 18:33:45:7027] INFO: lws_close_free_wsi: real
just_kill_connection: 0145B8C8 (sockfd 512)
[2017/02/11 18:33:45:7037] INFO: remove_wsi_socket_from_fds: removing same
prot wsi 0145B8C8
[2017/02/11 18:33:45:7042] DEBUG: remove_wsi_socket_from_fds: wsi=0145B8C8,
sock=512, fds pos=3, end guy pos=12, endfd=576
[2017/02/11 18:33:45:7042] DEBUG: not calling back closed mode=0 state=0
[2017/02/11 18:33:45:7042] DEBUG: lws_close_free_wsi:
lws_libuv_closehandle: wsi 0145B8C8
[2017/02/11 18:33:45:7047] INFO: lws_close_free_wsi: real
just_kill_connection: 0145CBB8 (sockfd 560)
[2017/02/11 18:33:45:7047] INFO: remove_wsi_socket_from_fds: removing same
prot wsi 0145CBB8
[2017/02/11 18:33:45:7047] DEBUG: remove_wsi_socket_from_fds: wsi=0145CBB8,
sock=560, fds pos=6, end guy pos=11, endfd=612
[2017/02/11 18:33:45:7052] DEBUG: not calling back closed mode=0 state=0
[2017/02/11 18:33:45:7052] DEBUG: lws_close_free_wsi:
lws_libuv_closehandle: wsi 0145CBB8
[2017/02/11 18:33:45:7057] INFO: ah det due to close
[2017/02/11 18:33:45:7057] INFO: lws_header_table_detach: wsi 0145CBB8: ah
014988B0 (tsi=0, count = 4)
[2017/02/11 18:33:45:7062] NOTICE: lws_header_table_detach: wsi 0145CBB8:
ah held 6s, ah.rxpos 0, ah.rxlen 0, mode/state 0 4,wsi->more_rx_waiting 0
[2017/02/11 18:33:45:7062] INFO: lws_header_table_detach: wsi 0145CBB8: ah
014988B0 (tsi=0, count = 3)
[2017/02/11 18:33:45:7062] DEBUG: lws_free_wsi: 0145CBB8, remaining wsi 11
[2017/02/11 18:33:45:7067] INFO: ah det due to close
[2017/02/11 18:33:45:7067] INFO: lws_header_table_detach: wsi 0145B8C8: ah
00000000 (tsi=0, count = 3)
[2017/02/11 18:33:45:7067] INFO: lws_header_table_detach: wsi 0145B8C8: ah
00000000 (tsi=0, count = 3)
[2017/02/11 18:33:45:7072] DEBUG: lws_free_wsi: 0145B8C8, remaining wsi 10
[2017/02/11 18:33:46:7023] DEBUG: lws_uv_timeout_cb
[2017/02/11 18:33:47:7024] DEBUG: lws_uv_timeout_cb
[2017/02/11 18:33:48:7034] DEBUG: lws_uv_timeout_cb


On Sat, Feb 11, 2017 at 5:14 PM, Andy Green <andy at warmcat.com> wrote:

>
>
> On 12 February 2017 07:21:55 GMT+08:00, Joel Winarske <
> joel.winarske at gmail.com> wrote:
> >Hi Andy,
> >
> >I want to client connect to https site from within
> >LWS_CALLBACK_HTTP_BODY_COMPLETION, in a running instance of lwsws.
> >lwsws
> >is running in non-SSL
> >
> >Due to SSL, I was figuring lws_client_connect_via_info(), similar to
>
> Yes this is the way.
>
> >test-client.c.  I'm not clear where context and wsi should come from in
> >the
> >case of running within lwsws.
>
> All wsi are under the same context, and a context may mix client and
> server wsi ok.
>
> So you can get the context from the callback wsi with lws_get_context(wsi).
>
> When you call lws_client_connect_via_info(), he will try to start the
> logical client connection process and return either a new wsi representing
> the client connection if it got started, or NULL if it failed.  However
> because the connection attempt may generate callbacks before
> lws_client_connect_via_info() returned and told you the new wsi, the info
> struct also contains a *pwsi member that lws_client_connect_via_info() sets
> to the new wsi before it returns.
>
> In that way you can recognize in the callback who the wsi is, even during
> these early callbackS.  That's particularly useful if the connection fails,
> since you get a callback with a descriptive reason string, beimg able to
> know that's your wsi failed lets you respond to it.
>
> >I figure it would get serviced by the server loop, so no need to
> >call lws_service().  Correct?
>
> Yeah no need for that, lwsws context is using libuv event loop, when you
> make the client connection it joins in with that.
>
> Notice in lwsws you must mark a vhost as wanting to / being able to make
> ssl client connections
>
>  - "enable-client-ssl": "1" enables the vhost's client SSL context, you
> will need this if you plan to create client conections on the vhost that
> will use SSL. You don't need it if you only want http / ws client
> connections.
>
> This causes the vhost to additionally init client ssl context.
>
> -Andy
>
> >Thanks,
> >Joel
>
> --
> Sent from my Android device with K-9 Mail. Please excuse my brevity.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://libwebsockets.org/pipermail/libwebsockets/attachments/20170211/7760d34b/attachment-0002.html>


More information about the Libwebsockets mailing list