[Libwebsockets] Error callback on SSL failed

Andy Green andy at warmcat.com
Thu Nov 16 02:59:22 CET 2017



On 11/15/2017 02:20 PM, Vijay Khurdiya wrote:
> I agree with your justification.

...

> As I see lws_client_connect_via_info() returning non null or valid 
> pointer so after that any error during connection or any stage suppose 
> to hit callback.Here in this stage no error return in callback although 
> i have received  lws_client_connect_via_info() success.

Well, "success" is limited in meaning, since it may not have even tried 
to make the connection yet.  But yes, it means it didn't fail early and 
then it should hear about the error in the callback.  (Although this 
particular error is a local configuration error entirely on your side...).

>  From the error log also you can see WSI is created as we are 
> getting TIMEDOUT WAITING on 8.

Yeah that is also part of the problem, it should have failed out not 
hung around to timeout.

I pushed a little patch on v2.3-stable, v2.4-stable and master that 
should solve it.

-Andy

> 
> On Mon, Nov 13, 2017 at 11:12 PM, Andy Green <andy at warmcat.com 
> <mailto:andy at warmcat.com>> wrote:
> 
> 
> 
>     On November 13, 2017 5:09:41 PM GMT+08:00, Vijay Khurdiya
>     <vijay.khurdiya at gmail.com <mailto:vijay.khurdiya at gmail.com>> wrote:
>     >It is same like the case when you don't able to resolve the address of
>     >server & you get error "getaddrinfo failed" & that will get notified on
> 
>     You never once mentioned the word 'client'.  So I have had no idea
>     what you are talking about.  It's not remarkable if a server gets an
>     incoming connection that fails tls.
> 
>     >callback with error reason.In that case also connection is not made but
>     >we
>     >will receive error.
>     >I am not sure i am right or wrong but i think it will be good if we
>     >will
>     >get error in error callback so that application know about error & take
>     >the
>     >decision to recover from error.
> 
>     That's why there is a CONNECTION_ERROR callback.
> 
>     But if I understand it, this is just broken very early on your
>     side.  The vhost doesn't have an initialized client ssl_ctx and
>     can't even create the ssl object to start the connection process. 
>     It's a fatal situation entirely on your side.  If it reacts by
>     returning NULL wsi from the connection api, that's okay, because
>     there is always a class of immediate failures that cannot call
>     CONNECTION_ERROR and must be noticed by NULL return from the
>     connection api, eg, it couldn't even malloc the wsi.
> 
>     If it gets far enough along that it reacts currently by returning a
>     valid wsi from the connection api and fails later, but before it was
>     ESTABLISHED, generally it should call CONNECTION_ERROR.
> 
>     -Andy
> 
>      >On Mon, Nov 13, 2017 at 2:32 PM, Andy Green <andy at warmcat.com
>     <mailto:andy at warmcat.com>> wrote:
>      >
>      >>
>      >>
>      >> On 11/13/2017 04:58 PM, Vijay Khurdiya wrote:
>      >>
>      >>> I am trying to get answer on getting any notification (Callback in
>      >>> Callback handler) on above error. Currently i found application
>      >doesn't get
>      >>> notified on this error so it is not able to take decision on
>     further
>      >>> activity of server connection.
>      >>>
>      >>> I am currently on V2.3.0 stable version.
>      >>>
>      >>
>      >> It didn't succeed to set up the TLS tunnel, so there isn't any
>      >workable
>      >> connection.
>      >>
>      >> What is it about that, that makes you feel you wanted to be made
>      >aware of
>      >> it?  What does that failed connection represent that you want to
>     know
>      >about?
>      >>
>      >> Presumably there's something that brought it to your attention...
>      >what?
>      >>
>      >> -Andy
>      >>
>      >> On Mon, Nov 13, 2017 at 2:22 PM, Andy Green <andy at warmcat.com
>     <mailto:andy at warmcat.com>
>      ><mailto:
>      >>> andy at warmcat.com <mailto:andy at warmcat.com>>> wrote:
>      >>>
>      >>>
>      >>>
>      >>>     On 11/13/2017 04:46 PM, Vijay Khurdiya wrote:
>      >>>
>      >>>         Hi,
>      >>>
>      >>>         Is their any callback event i should get on below error ?
>      >>>
>      >>>         [2017/11/10 19:22:47:7137] ERR: SSL_new failed:
>      >>>         error:00000063:lib(0):func(0):reason(99)
>      >>>         [2017/11/10 19:22:47:7161] ERR: *** error:140BA0C3:SSL
>      >>>         routines:SSL_new:null ssl ctx
>      >>>         [2017/11/10 19:23:08:0094] NOTICE: wsi 0xb4f6caa0: TIMEDOUT
>      >>>         WAITING on 8 (did hdr 0, ah 0x5cd8d8, wl 0, pfd events 1)
>      >>>         1510341788 vs 1510341787
>      >>>         [2017/11/10 19:23:08:0492] NOTICE: lws_header_table_detach:
>      >wsi
>      >>>         0xb4f6caa0: ah held 22s, ah.rxpos -1, ah.rxlen -1,
>      >mode/state 36
>      >>>         4,wsi->more_rx_waiting 0
>      >>>
>      >>>
>      >>>     That's a very open-ended question with a little ambiguous log
>      >paste
>      >>>     to go on.
>      >>>
>      >>>     What does that error represent in terms of what you think you
>      >should
>      >>>     have been notified of?
>      >>>
>      >>>     -Andy
>      >>>
>      >>>
>      >>>         Thanks
>      >>>
>      >>>
>      >>>         _______________________________________________
>      >>>         Libwebsockets mailing list
>      >>> Libwebsockets at ml.libwebsockets.org
>     <mailto:Libwebsockets at ml.libwebsockets.org>
>      >>>         <mailto:Libwebsockets at ml.libwebsockets.org
>     <mailto:Libwebsockets at ml.libwebsockets.org>>
>      >>> https://libwebsockets.org/mailman/listinfo/libwebsockets
>     <https://libwebsockets.org/mailman/listinfo/libwebsockets>
>      >>>       
>       <https://libwebsockets.org/mailman/listinfo/libwebsockets
>     <https://libwebsockets.org/mailman/listinfo/libwebsockets>>
>      >>>
>      >>>
>      >>>
> 
> 



More information about the Libwebsockets mailing list