[Libwebsockets] SegFault for Websocket Server on Multiple Network Interface

techi eth techieth at gmail.com
Wed Jul 12 08:45:15 CEST 2017


Thanks for confirmation.
I can see from test also it will be two socket lws_get_socket_fd(wsi) will
confirm the same.
If it will two listen socket which means two websocket server. Is their any
way i can force stop once server listening or both due to application need ?



On Wed, Jul 12, 2017 at 11:41 AM, Andy Green <andy at warmcat.com> wrote:

>
>
> On July 12, 2017 2:05:02 PM GMT+08:00, techi eth <techieth at gmail.com>
> wrote:
> >Sorry but I am bit confuse from your single socket statement.
> >
> >Here I have two IP address (Due to two different network interface) so
> >I
> >think there should be two socket however if vhost concept is based on
> >single socket working on port sharing then I think this may work.
>
> I think it will indeed be two listen sockets then, each bound to one ip or
> interface.
>
> Typically vhosts are all piled on the same listen socket + port.
>
> >I am not sure how it will behave when concurrent read/write happen on
> >single socket by the multiple client from multiple network at same
> >time.
>
> There is no problem with it.  By default lws binds to all interfaces at
> the port (with one socket), this appears as 0.0.0.0 listen address in
> netstat.  So it is easy to confirm.
>
> >
> >If network connection go down (I have rejected connection & callback
> >closed
> >) & up again shall i need to create vhost again ?
>
> No.
>
> -Andy
>
> >
> >Thanks
> >
> >On Tue, Jul 11, 2017 at 4:48 PM, Andy Green <andy at warmcat.com> wrote:
> >
> >>
> >>
> >> On 07/11/2017 07:05 PM, techi eth wrote:
> >>
> >>> Thanks for your input.
> >>>
> >>> On rejecting connection in callback will cleanup all the resources &
> >>> close listening socket ?
> >>>
> >>
> >> No.  It will close the connection.
> >>
> >> If you want to add the capability to dynamically remove vhosts, by
> >all
> >> means, send me a patch.
> >>
> >> Is there any function available in lws  like
> >_/context/_destroy(),which
> >>> will call from application to do the job ?
> >>>
> >>
> >> You seem a bit confused about this listen socket business.
> >>
> >> If both vhosts listen on :443, there is only ONE listen socket open
> >on
> >> :443.  If both vhosts opened their own listen socket, how would the
> >tcp
> >> layer know which vhost socket should get the connection?  It would
> >have to
> >> decide before we could fetch headers or whatever.  It couldn't work.
> >>
> >> If you close the single shared listen socket, no vhost can receive
> >> anything.
> >>
> >> When the secure connection comes, it uses a TLS trick called SNI to
> >get
> >> the hostname the client was using to connect before the secure tunnel
> >is
> >> set up.  From that, it decides which vhost he was trying to connect
> >to,
> >> sets up the TLS tunnel using the correct vhost's certificates, and
> >binds
> >> the connection to the right vhost.
> >>
> >> If you want one of the vhosts to start rejecting connections, you can
> >use
> >> lws_get_vhost(wsi) once the wsi has bound to a particular vhost and
> >act
> >> differently if it is the 'down' vhost the wsi is bound to.
> >>
> >> -Andy
> >>
> >> On Tue, Jul 11, 2017 at 3:02 PM, Andy Green <andy at warmcat.com
> ><mailto:
> >>> andy at warmcat.com>> wrote:
> >>>
> >>>
> >>>
> >>>     On 07/11/2017 05:25 PM, techi eth wrote:
> >>>
> >>>         Hi,
> >>>
> >>>         Now i am able to run both the SSL server. Thanks for input.
> >>>         Could you please check attached file & let me know i am
> >right in
> >>>         using libwebsocket.
> >>>
> >>>
> >>>     I don't have time to look at users' code.  Unless I feel I owe
> >them
> >>>     for contributions, mowing my lawn or whatever.
> >>>
> >>>         I would just like to know how to stop one server listening
> >on
> >>> vhost.
> >>>
> >>>
> >>>     I assume you want to do it dynamically... the closest you can do
> >>>     easily is reject the connection in an early callback.
> >>>
> >>>     If you handle the http callback, you can also have it decide to
> >>>     respond with a redirect or a 500 page or whatever.
> >>>
> >>>     -Andy
> >>>
> >>>         Thanks
> >>>
> >>>         On Mon, Jul 10, 2017 at 3:27 PM, techi eth
> ><techieth at gmail.com
> >>>         <mailto:techieth at gmail.com> <mailto:techieth at gmail.com
> >>>         <mailto:techieth at gmail.com>>> wrote:
> >>>
> >>>              I have tried test as suggested by you now I don’t see
> >>> segfault
> >>>              anymore however I am not able to connect over server.
> >>>
> >>>              Could you please check attached test code & detaild lws
> >log
> >>>         & give
> >>>              me hint what is wrong in code.
> >>>
> >>>              Thanks for your input.
> >>>
> >>>              On Sat, Jul 8, 2017 at 4:28 PM, Andy Green
> >>>         <andy at warmcat.com <mailto:andy at warmcat.com>
> >>>              <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
> >wrote:
> >>>
> >>>
> >>>
> >>>                  On 07/08/2017 06:51 PM, techi eth wrote:
> >>>
> >>>                      Thanks for your input.
> >>>                      Having two context is not right or technically
> >>>         complex ?
> >>>
> >>>                      I was running two server without SSL mode from
> >past
> >>>         1 month
> >>>                      & it is working fine with two context.
> >>>
> >>>
> >>>                  Well... if you want two contexts you better fix
> >your
> >>>         segfault.         You're always free to do what you prefer
> >(and
> >>>         I am free to
> >>>                  ignore your problems with it).
> >>>
> >>>                  From:
> >>>
> >>>                    - the POV SNI won't work sharing port 443,
> >because
> >>>         the two
> >>>                  vhosts you created by having two contexts don't
> >know
> >>>         about each
> >>>                  other
> >>>
> >>>                    - the POV you only have one set of fds in your
> >>>         process, the
> >>>                  context holds a lookup table for all of them
> >>>
> >>>                    - the POV you only need to service (ie, wait in
> >poll
> >>>         or epoll)
> >>>                  for one set of fds, not have an idle context
> >increase
> >>> your
> >>>                  service latency on handling service for an active
> >>>         context every time
> >>>
> >>>                  ...you should have one context and two vhosts.
> >>>
> >>>                  That's literally what the vhosts are for.  It's
> >easy to
> >>>         do, and
> >>>                  from lws perspective "the right thing".
> >>>
> >>>                  -Andy
> >>>
> >>>                      On Sat, Jul 8, 2017 at 3:59 PM, Andy Green
> >>>         <andy at warmcat.com <mailto:andy at warmcat.com>
> >>>                      <mailto:andy at warmcat.com
> ><mailto:andy at warmcat.com>>
> >>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
> >>>                      <mailto:andy at warmcat.com
> >>>         <mailto:andy at warmcat.com>>>> wrote:
> >>>
> >>>
> >>>
> >>>                           On 07/08/2017 06:12 PM, techi eth wrote:
> >>>
> >>>                               It is with two context.One context
> >each
> >>>         for one
> >>>                      network interface.
> >>>
> >>>
> >>>                           I can suggest you don't do that.
> >>>
> >>>                           Let's leave aside how I am supposed to
> >guess
> >>>         what you
> >>>                      have done to
> >>>                           service both.
> >>>
> >>>                           The network interface to bind to is an
> >>>         attribute of the
> >>>                      vhost, not
> >>>                           the context.
> >>>
> >>>                           By default, for compatibility lws creates
> >you
> >>>         one vhost
> >>>                      called
> >>>                           "default" when you create the context.
> >>>
> >>>                           If you set the option bit
> >>>                      LWS_SERVER_OPTION_EXPLICIT_VHOSTS when you
> >>>                           create the context, creating the context
> >does
> >>> not
> >>>                      create any vhosts.
> >>>
> >>>                           Instead you can use the same
> >>>         lws_context_creation_info
> >>>                      struct to
> >>>                           create as many vhosts as you want and
> >attach
> >>>         them to
> >>>                      the context
> >>>                           yourself, using
> >>>
> >>>                           LWS_EXTERN LWS_VISIBLE struct lws_vhost *
> >>>                           lws_create_vhost(struct lws_context
> >*context,
> >>>                                             struct
> >>>         lws_context_creation_info *info);
> >>>
> >>>                           You can mostly re-use your existing info
> >struct
> >>>                      contents, changing
> >>>                           .iface and .name to reflect the vhost
> >hostname
> >>>         (ie,
> >>>                      "warmcat.com <http://warmcat.com> <
> >>> http://warmcat.com>
> >>>                           <http://warmcat.com>" if people reached it
> >by
> >>>         typing
> >>>                      "warmcat.com <http://warmcat.com> <
> >>> http://warmcat.com>
> >>>                           <http://warmcat.com>" in their browser).
> >And
> >>>         changing the
> >>>                           protocols, mounts etc according to what
> >you
> >>>         want to be
> >>>                      available.
> >>>
> >>>                           Both can be on port 443, lws will use SNI
> >to
> >>>         match the
> >>>                      hostname the
> >>>                           client had used to reach it to decide
> >which
> >>>         vhost to
> >>>                      give them.
> >>>
> >>>                           Each vhost can be told to use different
> >SSL
> >>>         certs and
> >>>                      keys.  Lws
> >>>                           will sort it out.
> >>>
> >>>                           So... one context.  Two vhosts.
> >>>
> >>>         https://warmcat.com and https://libwebsockets.org are two
> >>>                      vhosts on
> >>>                           the same lws server using this method.
> >>>
> >>>                           -Andy
> >>>
> >>>
> >>>
> >>>                               On Sat, Jul 8, 2017 at 3:31 PM, Andy
> >Green
> >>>                      <andy at warmcat.com <mailto:andy at warmcat.com>
> >>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
> >>>                               <mailto:andy at warmcat.com
> >>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
> >>>         <mailto:andy at warmcat.com>>>
> >>>                      <mailto:andy at warmcat.com
> ><mailto:andy at warmcat.com>
> >>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
> >>>                               <mailto:andy at warmcat.com
> >>>         <mailto:andy at warmcat.com>
> >>>                      <mailto:andy at warmcat.com
> >>>         <mailto:andy at warmcat.com>>>>> wrote:
> >>>
> >>>
> >>>
> >>>                                    On 07/08/2017 05:44 PM, techi eth
> >>> wrote:
> >>>
> >>>                                        OpenSSL version : 1.0.2h
> >>>
> >>>
> >>>                                    Supposedly the new OpenSSL init /
> >>>         destroy api
> >>>                      was introduced in
> >>>                                    1.0.2g, so it shouldn't be the
> >problem.
> >>>
> >>>                                        I have tried libwebsocket
> >from
> >>>         master & i
> >>>                      am getting same
> >>>                                        error.I will do the setup to
> >get
> >>>         the trace.
> >>>                                        Do you confirm libwebsokcet
> >works
> >>>         in above
> >>>                      mentioned
> >>>                               use case ?
> >>>
> >>>
> >>>                                    I have no idea what your use case
> >>>         looks like.
> >>>
> >>>                                    Two contexts?  One context?
> >>>
> >>>                                        Is their any running sample
> >then
> >>>         it would
> >>>                      be good for
> >>>                               me to test ?
> >>>
> >>>
> >>>                                    Find out the line of source and
> >>>         reason for the
> >>>                      segfault.  "A
> >>>                                    segfault" by itself is like
> >saying
> >>>         "an error"
> >>>                      or "a
> >>>                               problem", it can
> >>>                                    mean anything.  Related to lws,
> >>>         related to
> >>>                      your code,
> >>>                               something else...
> >>>
> >>>                                    -Andy
> >>>
> >>>
> >>>                                        On Sat, Jul 8, 2017 at 2:51
> >PM,
> >>>         Andy Green
> >>>                               <andy at warmcat.com
> >>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
> >>>         <mailto:andy at warmcat.com>>
> >>>                      <mailto:andy at warmcat.com
> ><mailto:andy at warmcat.com>
> >>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
> >>>                                        <mailto:andy at warmcat.com
> >>>         <mailto:andy at warmcat.com>
> >>>                      <mailto:andy at warmcat.com
> ><mailto:andy at warmcat.com>>
> >>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
> >>>                      <mailto:andy at warmcat.com
> ><mailto:andy at warmcat.com
> >>> >>>>
> >>>                               <mailto:andy at warmcat.com
> >>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
> >>>         <mailto:andy at warmcat.com>>
> >>>                      <mailto:andy at warmcat.com
> ><mailto:andy at warmcat.com>
> >>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
> >>>
> >>>                                        <mailto:andy at warmcat.com
> >>>         <mailto:andy at warmcat.com>
> >>>                      <mailto:andy at warmcat.com
> ><mailto:andy at warmcat.com>>
> >>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
> >>>                      <mailto:andy at warmcat.com
> ><mailto:andy at warmcat.com
> >>> >>>>>>
> >>>
> >>>
> >>>                               wrote:
> >>>
> >>>
> >>>
> >>>                                             On 07/08/2017 05:16 PM,
> >>>         techi eth wrote:
> >>>
> >>>                                                 I was facing
> >segfault
> >>>         over below
> >>>                      use case with
> >>>                                        libwebsocket.
> >>>
> >>>
> >>>                                             It's usually of zero use
> >to
> >>> hear
> >>>                      there is a segfault
> >>>                                        without getting
> >>>                                             a backtrace.
> >>>
> >>>                                                 I have two network
> >>>         interface & i
> >>>                      am trying to
> >>>                               run SSL
> >>>                                        server on
> >>>                                                 port 443 for each
> >network
> >>>                      interface.When i run
> >>>                                        independently
> >>>                                                 each server by
> >separate
> >>>         programme
> >>>                      for each it
> >>>                               works
> >>>                                        great but
> >>>                                                 when i run both in
> >same
> >>>         programme
> >>>                      one is
> >>>                               giving segfault.
> >>>
> >>>
> >>>                                             Is this by any remote
> >chance
> >>>         with two
> >>>                      contexts?
> >>>
> >>>                                             What version is your
> >OpenSSL?
> >>>
> >>>                                             -Andy
> >>>
> >>>                                                 Last line i am
> >getting is
> >>>                      (inserted SSL accept
> >>>                               into
> >>>                                        fds, trying
> >>>                                                 SSL_accept).
> >>>
> >>>                                                 Note : Same
> >programme
> >>>         when i run
> >>>                      without SSL
> >>>                               it works
> >>>                                        great.
> >>>
> >>>
> >>>
> >>>
> >>>
> >>> _______________________________________________
> >>>                                                 Libwebsockets
> >mailing list
> >>>         Libwebsockets at ml.libwebsockets.org
> >>>         <mailto:Libwebsockets at ml.libwebsockets.org>
> >>>                      <mailto:Libwebsockets at ml.libwebsockets.org
> >>>         <mailto:Libwebsockets at ml.libwebsockets.org>>
> >>>
> ><mailto:Libwebsockets at ml.libwebsockets.org
> >>>         <mailto:Libwebsockets at ml.libwebsockets.org>
> >>>                      <mailto:Libwebsockets at ml.libwebsockets.org
> >>>         <mailto:Libwebsockets at ml.libwebsockets.org>>>
> >>>                                               <mailto:
> >>> Libwebsockets at ml.libwebsockets.org
> >>>         <mailto:Libwebsockets at ml.libwebsockets.org>
> >>>                      <mailto:Libwebsockets at ml.libwebsockets.org
> >>>         <mailto:Libwebsockets at ml.libwebsockets.org>>
> >>>
> ><mailto:Libwebsockets at ml.libwebsockets.org
> >>>         <mailto:Libwebsockets at ml.libwebsockets.org>
> >>>                      <mailto:Libwebsockets at ml.libwebsockets.org
> >>>         <mailto:Libwebsockets at ml.libwebsockets.org>>>>
> >>>
> ><mailto:
> >>> Libwebsockets at ml.libwebsockets.org
> >>>         <mailto:Libwebsockets at ml.libwebsockets.org>
> >>>                      <mailto:Libwebsockets at ml.libwebsockets.org
> >>>         <mailto:Libwebsockets at ml.libwebsockets.org>>
> >>>
> ><mailto:Libwebsockets at ml.libwebsockets.org
> >>>         <mailto:Libwebsockets at ml.libwebsockets.org>
> >>>                      <mailto:Libwebsockets at ml.libwebsockets.org
> >>>         <mailto:Libwebsockets at ml.libwebsockets.org>>>
> >>>                                               <mailto:
> >>> Libwebsockets at ml.libwebsockets.org
> >>>         <mailto:Libwebsockets at ml.libwebsockets.org>
> >>>                      <mailto:Libwebsockets at ml.libwebsockets.org
> >>>         <mailto:Libwebsockets at ml.libwebsockets.org>>
> >>>
> ><mailto:Libwebsockets at ml.libwebsockets.org
> >>>         <mailto:Libwebsockets at ml.libwebsockets.org>
> >>>                      <mailto:Libwebsockets at ml.libwebsockets.org
> >>>         <mailto:Libwebsockets at ml.libwebsockets.org>>>>>
> >>>         https://libwebsockets.org/mailman/listinfo/libwebsockets
> >>>         <https://libwebsockets.org/mailman/listinfo/libwebsockets>
> >>>                             <https://libwebsockets.org/mai
> >>> lman/listinfo/libwebsockets
> >>>         <https://libwebsockets.org/mailman/listinfo/libwebsockets>>
> >>>                                                 <
> >>> https://libwebsockets.org/mailman/listinfo/libwebsockets
> >>>         <https://libwebsockets.org/mailman/listinfo/libwebsockets>
> >>>                             <https://libwebsockets.org/mai
> >>> lman/listinfo/libwebsockets
> >>>         <https://libwebsockets.org/mailman/listinfo/libwebsockets>>>
> >>>                                                                 <
> >>> https://libwebsockets.org/mailman/listinfo/libwebsockets
> >>>         <https://libwebsockets.org/mailman/listinfo/libwebsockets>
> >>>                             <https://libwebsockets.org/mai
> >>> lman/listinfo/libwebsockets
> >>>         <https://libwebsockets.org/mailman/listinfo/libwebsockets>>
> >>>                                                 <
> >>> https://libwebsockets.org/mailman/listinfo/libwebsockets
> >>>         <https://libwebsockets.org/mailman/listinfo/libwebsockets>
> >>>                             <https://libwebsockets.org/mai
> >>> lman/listinfo/libwebsockets
> >>>
> ><https://libwebsockets.org/mailman/listinfo/libwebsockets>>>>
> >>>
> >>>       <https://libwebsockets.org/mailman/listinfo/libwebsockets
> >>>         <https://libwebsockets.org/mailman/listinfo/libwebsockets>
> >>>                             <https://libwebsockets.org/mai
> >>> lman/listinfo/libwebsockets
> >>>         <https://libwebsockets.org/mailman/listinfo/libwebsockets>>
> >>>                                                 <
> >>> https://libwebsockets.org/mailman/listinfo/libwebsockets
> >>>         <https://libwebsockets.org/mailman/listinfo/libwebsockets>
> >>>                             <https://libwebsockets.org/mai
> >>> lman/listinfo/libwebsockets
> >>>         <https://libwebsockets.org/mailman/listinfo/libwebsockets>>>
> >>>                                                                 <
> >>> https://libwebsockets.org/mailman/listinfo/libwebsockets
> >>>         <https://libwebsockets.org/mailman/listinfo/libwebsockets>
> >>>                             <https://libwebsockets.org/mai
> >>> lman/listinfo/libwebsockets
> >>>         <https://libwebsockets.org/mailman/listinfo/libwebsockets>>
> >>>                                                 <
> >>> https://libwebsockets.org/mailman/listinfo/libwebsockets
> >>>         <https://libwebsockets.org/mailman/listinfo/libwebsockets>
> >>>                             <https://libwebsockets.org/mai
> >>> lman/listinfo/libwebsockets
> >>>
> ><https://libwebsockets.org/mailman/listinfo/libwebsockets>>>>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>> _______________________________________________
> >>> Libwebsockets mailing list
> >>> Libwebsockets at ml.libwebsockets.org
> >>> https://libwebsockets.org/mailman/listinfo/libwebsockets
> >>>
> >>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://libwebsockets.org/pipermail/libwebsockets/attachments/20170712/45481fe2/attachment-0002.html>


More information about the Libwebsockets mailing list