[Libwebsockets] Error callback on SSL failed

Andy Green andy at warmcat.com
Mon Nov 13 18:42:16 CET 2017



On November 13, 2017 5:09:41 PM GMT+08:00, Vijay Khurdiya <vijay.khurdiya at gmail.com> wrote:
>It is same like the case when you don't able to resolve the address of
>server & you get error "getaddrinfo failed" & that will get notified on

You never once mentioned the word 'client'.  So I have had no idea what you are talking about.  It's not remarkable if a server gets an incoming connection that fails tls.

>callback with error reason.In that case also connection is not made but
>we
>will receive error.
>I am not sure i am right or wrong but i think it will be good if we
>will
>get error in error callback so that application know about error & take
>the
>decision to recover from error.

That's why there is a CONNECTION_ERROR callback.

But if I understand it, this is just broken very early on your side.  The vhost doesn't have an initialized client ssl_ctx and can't even create the ssl object to start the connection process.  It's a fatal situation entirely on your side.  If it reacts by returning NULL wsi from the connection api, that's okay, because there is always a class of immediate failures that cannot call CONNECTION_ERROR and must be noticed by NULL return from the connection api, eg, it couldn't even malloc the wsi.

If it gets far enough along that it reacts currently by returning a valid wsi from the connection api and fails later, but before it was ESTABLISHED, generally it should call CONNECTION_ERROR.

-Andy

>On Mon, Nov 13, 2017 at 2:32 PM, Andy Green <andy at warmcat.com> wrote:
>
>>
>>
>> On 11/13/2017 04:58 PM, Vijay Khurdiya wrote:
>>
>>> I am trying to get answer on getting any notification (Callback in
>>> Callback handler) on above error. Currently i found application
>doesn't get
>>> notified on this error so it is not able to take decision on further
>>> activity of server connection.
>>>
>>> I am currently on V2.3.0 stable version.
>>>
>>
>> It didn't succeed to set up the TLS tunnel, so there isn't any
>workable
>> connection.
>>
>> What is it about that, that makes you feel you wanted to be made
>aware of
>> it?  What does that failed connection represent that you want to know
>about?
>>
>> Presumably there's something that brought it to your attention...
>what?
>>
>> -Andy
>>
>> On Mon, Nov 13, 2017 at 2:22 PM, Andy Green <andy at warmcat.com
><mailto:
>>> andy at warmcat.com>> wrote:
>>>
>>>
>>>
>>>     On 11/13/2017 04:46 PM, Vijay Khurdiya wrote:
>>>
>>>         Hi,
>>>
>>>         Is their any callback event i should get on below error ?
>>>
>>>         [2017/11/10 19:22:47:7137] ERR: SSL_new failed:
>>>         error:00000063:lib(0):func(0):reason(99)
>>>         [2017/11/10 19:22:47:7161] ERR: *** error:140BA0C3:SSL
>>>         routines:SSL_new:null ssl ctx
>>>         [2017/11/10 19:23:08:0094] NOTICE: wsi 0xb4f6caa0: TIMEDOUT
>>>         WAITING on 8 (did hdr 0, ah 0x5cd8d8, wl 0, pfd events 1)
>>>         1510341788 vs 1510341787
>>>         [2017/11/10 19:23:08:0492] NOTICE: lws_header_table_detach:
>wsi
>>>         0xb4f6caa0: ah held 22s, ah.rxpos -1, ah.rxlen -1,
>mode/state 36
>>>         4,wsi->more_rx_waiting 0
>>>
>>>
>>>     That's a very open-ended question with a little ambiguous log
>paste
>>>     to go on.
>>>
>>>     What does that error represent in terms of what you think you
>should
>>>     have been notified of?
>>>
>>>     -Andy
>>>
>>>
>>>         Thanks
>>>
>>>
>>>         _______________________________________________
>>>         Libwebsockets mailing list
>>>         Libwebsockets at ml.libwebsockets.org
>>>         <mailto:Libwebsockets at ml.libwebsockets.org>
>>>         https://libwebsockets.org/mailman/listinfo/libwebsockets
>>>         <https://libwebsockets.org/mailman/listinfo/libwebsockets>
>>>
>>>
>>>



More information about the Libwebsockets mailing list