[Libwebsockets] SegFault for Websocket Server on Multiple Network Interface

Andy Green andy at warmcat.com
Wed Jul 19 11:09:32 CEST 2017



On 07/19/2017 05:04 PM, techi eth wrote:
> Sorry but it is not working as you said.
> 
> 1.If you want to create SSL vhost than you need to have 
> LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT option set in *context*.

Yeah it's in the test servers and docs as such...

> 2.Now if you set any vhost which is not SSL than it is not going to work.

Yeah?  What happens?

> Or what option we need to set in context for SSL or Non SSL Vhost 
> combination.
> 
> Any of test from test suit i can test which will prove your stated point.

Why don't you adapt the test-server and try that?

It feels like you think it's my job to support you and "prove" things. 
After 65 emails that I can count still in IMAP, I think it's YOUR job to 
contribute something and provide tests simple for me to use.

-Andy


> On Wed, Jul 19, 2017 at 12:45 PM, Andy Green <andy at warmcat.com 
> <mailto:andy at warmcat.com>> wrote:
> 
> 
> 
>     On 07/19/2017 03:08 PM, techi eth wrote:
> 
>         Sorry may be i was not clear in stating point.Please find below
>         steps.
> 
>         1.Context created with below option.
> 
>         _LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT__|
>         LWS_SERVER_OPTION_EXPLICIT_VHOSTS_
> 
>         2.Created many Vhost working on SSL (Client/Server)
> 
>         3. *Now creating one of Vhost which required to be working on
>         NonSSL mode (Could be TRUE for Server or Client).*
>         *        Is point 3 is supported by lws ?*
> 
> 
>     For server, you must decide when you create the vhost if he will use
>     SSL or not.  If he has a cert he will require every incoming
>     connection uses SSL (ie, it's an https vhost).  If you declare the
>     vhost without certs, he cannot use SSL, ie, it's an http vhost for
>     incoming connections.
> 
>     You can create an SSL vhost on :443 and a non-SSL vhost on :80 for
>     example (they can even be given the same protocols[] array when
>     created).
> 
>     For client, you can always make a non-SSL client connection from any
>     vhost.  If you called lws_init_vhost_client_ssl() on the vhost your
>     client connection is attached to, with appropriate SSL CA etc, then
>     that vhost can also make SSL client connections.  You can decide
>     client connection by client connection if it should use SSL or not.
> 
>     -Andy
> 
>         *
> 
>         On Wed, Jul 19, 2017 at 12:20 PM, Andy Green <andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>> wrote:
> 
> 
> 
>              On 07/19/2017 02:47 PM, techi eth wrote:
> 
>                  *Below option required to be set in context as well as
>         vhost.*
> 
>                  *unsigned**int*options;
> 
>                  /**< VHOST + CONTEXT: 0, or LWS_SERVER_OPTION_...
>         _bitfields_ */
> 
>                  *If I set context with SSL option than can I use one of
>         vhost
>                  working on non SSL mode (vhost will be created
>         accordingly so
>                  that it will work as non SSL mode)*
> 
> 
>              Sorry can you explain a bit more clearly?
> 
>              -Andy
> 
> 
>                  On Tue, Jul 18, 2017 at 11:53 AM, Andy Green
>         <andy at warmcat.com <mailto:andy at warmcat.com>
>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>         wrote:
> 
> 
> 
>                       On 07/18/2017 01:58 PM, techi eth wrote:
> 
>                           Thanks for hint.
> 
>                           After adding explicit vhost option while vhost
>                  creation, stuff
>                           is working fine. What all mandatory info we
>         need to set
>                  while
>                           creating context when setting up
>                           _LWS_SERVER_OPTION_EXPLICIT_VHOSTS__._
> 
> 
>                       There's a patch on master that removes that
>         requirement, just
>                       setting it on context creation is all that is needed.
> 
> 
>                           _I found when you are using SSL server you
>         need to set SSL
>                           option & cert,key & ca path to be set._
> 
> 
>                       The test app sources demonstrate what you need to
>         take care
>                  of.     Each member in libwebsockets.h definition is
>         commented
>                  starting with
>                       VHOST or CONTEXT to show who consumes the data in
>         the member.
> 
>                           _One more input needed :_
> 
>                           _Can we make client connection on different
>         context ?_
> 
> 
>                       You should keep everything in one context,
>         especially when
>                  OpenSSL
>                       is involved.
> 
>                       You can mix as many client connections with as
>         many vhosts
>                  as you
>                       want in one context (and each vhost may have
>         different SSL
>                  certs).
> 
>                       If you will use client stuff on a vhost with SSL,
>         you must
>                  call this
>                       on the vhost after creation to init its client SSL
>         context.
> 
>                       /**
>                         * lws_init_vhost_client_ssl() - also enable
>         client SSL on an
>                       existing vhost
>                         *
>                         * \param info: client ssl related info
>                         * \param vhost: which vhost to initialize client ssl
>                  operations on
>                         *
>                         * You only need to call this if you plan on
>         using SSL client
>                       connections on
>                         * the vhost.  For non-SSL client connections,
>         it's not
>                  necessary
>                       to call this.
>                         *
>                         * The following members of info are used during
>         the call
>                         *
>                         *       - options must have
>                  LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT set,
>                         *           otherwise the call does nothing
>                         *       - provided_client_ssl_ctx must be NULL
>         to get a
>                  generated
>                       client
>                         *           ssl context, otherwise you can pass a
>                  prepared one in
>                       by setting it
>                         *       - ssl_cipher_list may be NULL or set to the
>                  client valid
>                       cipher list
>                         *       - ssl_ca_filepath may be NULL or client
>         cert filepath
>                         *       - ssl_cert_filepath may be NULL or
>         client cert
>                  filepath
>                         *       - ssl_private_key_filepath may be NULL
>         or client cert
>                       private key
>                         *
>                         * You must create your vhost explicitly if you
>         want to
>                  use this,
>                       so you have
>                         * a pointer to the vhost.  Create the context
>         first with the
>                       option flag
>                         * LWS_SERVER_OPTION_EXPLICIT_VHOSTS and then call
>                       lws_create_vhost() with
>                         * the same info struct.
>                         */
>                       LWS_VISIBLE LWS_EXTERN int
>                       lws_init_vhost_client_ssl(const struct
>                  lws_context_creation_info *info,
>                                                  struct lws_vhost *vhost);
> 
>                       -Andy
> 
> 
>                           On Tue, Jul 18, 2017 at 10:31 AM, Andy Green
>                  <andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                           <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>
>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                           <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>>>
>                  wrote:
> 
> 
> 
>                                On 07/18/2017 12:50 PM, techi eth wrote:
> 
>                                    Test Server as it works perfectly. As
>                  mentioned earlier for
>                                    single interface test stuff is
>         working ok but
>                  when you
>                           have two
>                                    interface there is problem.
> 
> 
>                                Good.
> 
>                                I don't understand what that ah thing is
>         yet, but
>                  for sure
>                           you can't
>                                just call the vhost destroy from inside
>         the service.
> 
>                                    I have tried as suggested by you for
>                  destroying vhost
>                           not in
>                                    callback but still issue persist.
>         Please find
>                  attached
>                           modified
>                                    patch for test server.
> 
> 
>                                I tried your test app, it's too much like
>         your
>                  code and not
>                           like the
>                                test app.  For example it doesn't build
>         as patch
>                  on lws (due to
>                                unused vars and other problems).  It
>         needs me to
>                  make a ws
>                                connection directly using your protocol
>         names.
> 
>                                It couldn't work either because
>                           LWS_SERVER_OPTION_EXPLICIT_VHOSTS
>                                was needed to still be set when the
>         vhosts are
>                  created.         The test
>                                apps all reuse the same struct so this
>         was always
>                  OK for
>                           them.  I
>                                pushed a small patch that removes that
>         necessity
>                  and just has
>                                everything follow the context option for
>         it, so it
>                  only needs
>                                setting once now at context creation time.
> 
>                                It's quicker for me to redo your test
>         aligned with
>                  the test
>                           server.
> 
>                                What exactly is the problem coming now? 
>         Still
>                  related to ah?
> 
>                                -Andy
> 
> 
> 
> 
> 
>                                    On Mon, Jul 17, 2017 at 10:54 PM,
>         Andy Green
>                           <andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>                                    <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>                           <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>
>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
> 
>                                    <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>>
> 
>                           wrote:
> 
> 
> 
>                                         On 07/17/2017 08:26 PM, techi
>         eth wrote:
> 
>                                             Please find attached patch over
>                           test_server.Base test
>                                    server
>                                             code work fine with one
>         interface but
>                  with two
>                                    interface i am
>                                             seeing problem.
>                                             Please check attached patch
>         & point
>                  me for
>                           issue.I have run
>                                             below command to start test
>         server.
> 
> 
>                                         It's good to know if the test server
>                  works OK for
>                           you as-is.
> 
>                                         Destroying the vhost during
>         service is
>                  probably
>                           going to make
>                                         trouble, because the caller may hold
>                  pointers to it if
>                                    nothing else.
> 
>                                         +               case
>                  LWS_CALLBACK_ESTABLISHED :
>                                         +                               
>                 lws_get_peer_simple(wsi,IPAddrBuf,32);
>                                         +                       printf
>                           ("fWebsocketWrapServer1CB :
>                                         LWS_CALLBACK_ESTABLISHED,Client
>                  IP=%s,Socket ID
>                                       
>           =%d\n",IPAddrBuf,lws_get_socket_fd(wsi));
>                                         +                     
>           printf("Calling
>                  LWS VHOST
>                           DESTROY\n");
>                                         +                             
>           lws_vhost_destroy(vhost1);
> 
>                                         Why don't you follow what the
>         test server
>                  does and
>                           create and
>                                         destroy the vhosts outside of
>         the service.
> 
>                                         -               if
>         (dynamic_vhost_enable &&
>                           !dynamic_vhost) {
>                                         -                             
>           lwsl_notice("creating dynamic
>                                    vhost...\n");
>                                         -                     
>           dynamic_vhost =
>                                    lws_create_vhost(context,
>                                         &info);
>                                         -               } else
>                                         -                       if
>                  (!dynamic_vhost_enable &&
>                                    dynamic_vhost) {
>                                         -                               
>                         lwsl_notice("destroying dynamic
>                                         vhost...\n");
>                                         -                               
>                                 lws_vhost_destroy(dynamic_vhost);
>                                         -                               
>                 dynamic_vhost = NULL;
>                                         -                       }
>                                         +//             if
>         (dynamic_vhost_enable &&
>                           !dynamic_vhost) {
>                                         +//                           
>           lwsl_notice("creating dynamic
>                                    vhost...\n");
>                                         +//                   
>           dynamic_vhost =
>                                    lws_create_vhost(context,
>                                         &info);
>                                         +//             } else
>                                         +//                     if
>                  (!dynamic_vhost_enable &&
>                                    dynamic_vhost) {
>                                         +//                             
>                         lwsl_notice("destroying dynamic
>                                         vhost...\n");
>                                         +//                             
>                                 lws_vhost_destroy(dynamic_vhost);
>                                         +//                             
>                 dynamic_vhost = NULL;
>                                         +//
> 
>                                         -Andy
> 
> 
> 
> 
> 
> 
> 
> 
> _______________________________________________
> Libwebsockets mailing list
> Libwebsockets at ml.libwebsockets.org
> https://libwebsockets.org/mailman/listinfo/libwebsockets
> 



More information about the Libwebsockets mailing list