[Libwebsockets] How to fix the "SSL_CTX_get_extra_chain_certs_only" error

Chropin Hu chropinhu at gmail.com
Tue Jan 23 07:49:54 CET 2018


Dear Andy,
        I reproduced the issue.
        I use the eclipse to debug lwsws step by step.
*        work well  case:  *
Root process is 2275
lwsws[2275]: _realloc: size 3288: context
lwsws[2275]: _realloc: size 4096: pt_serv_buf
lwsws[2275]: _realloc: size 524288: peer limits hash table
lwsws[2275]: _realloc: size 8388608: fds table
lwsws[2275]: _realloc: size 8388608: lws_lookup
lwsws[2275]: _realloc: size 128: plugin
lwsws[2275]: _realloc: size 128: plugin
lwsws[2275]: _realloc: size 128: plugin
lwsws[2275]: _realloc: size 128: plugin
lwsws[2275]: _realloc: size 128: plugin
lwsws[2275]: _realloc: size 128: plugin
lwsws[2275]: _realloc: size 128: plugin
lwsws[2275]: _realloc: size 128: plugin
lwsws[2275]: _realloc: size 128: plugin
lwsws[2275]: _realloc: size 128: plugin
lwsws[2275]: _realloc: size 128: plugin
lwsws[2275]: adding mount /
lwsws[2275]: adding mount /server-status
lwsws[2275]: adding mount /testcgi
lwsws[2275]: adding mount /formtest
lwsws[2275]: _realloc: size 520: create vhost
lwsws[2275]: _realloc: size 784: vhost-specific plugin table
lwsws[2275]: _realloc: size 56: same vh list
lwsws[2275]: _realloc: size 832: listen wsi
lwsws[2275]: insert_wsi_socket_into_fds: 0x6394f0: tsi=0, sock=20,
pos-in-fds=0
lwsws[2275]: lws_uv_timeout_cb
lwsws[2275]: _realloc: size 56: protocol_vh_privs
lwsws[2275]: _realloc: size 40: vh priv
lwsws[2275]: _realloc: size 33984: vh priv
lwsws[2275]: _realloc: size 8: vh priv
lwsws[2275]: _realloc: size 176: vh priv
lwsws[2275]: lws_service_fd_tsi:  wsi port:0  fd:20 mode: 10

lwsws[2275]: accepted new conn port 39332 on fd=15
lwsws[2275]: _realloc: size 88: peer
lwsws[2275]: _realloc: size 832: new server wsi
lwsws[2275]: new wsi 0x642e40 joining vhost localhost, tsi 0
lwsws[2275]: lws_adopt_descriptor_vhost: new wsi 0x642e40, sockfd 15
lwsws[2275]: insert_wsi_socket_into_fds: 0x642e40: tsi=0, sock=15,
pos-in-fds=1
lwsws[2275]: inserted SSL accept into fds, trying SSL_accept
lwsws[2275]: lws_ssl_get_error: 0x643450 -1 -> 2
lwsws[2275]: _realloc: size 2960: ah struct
lwsws[2275]: _realloc: size 4096: ah data
lwsws[2275]: Attached ah immediately
lwsws[2275]: accepted new conn port 39334 on fd=16
lwsws[2275]: _realloc: size 832: new server wsi
lwsws[2275]: new wsi 0x654e00 joining vhost localhost, tsi 0
lwsws[2275]: lws_adopt_descriptor_vhost: new wsi 0x654e00, sockfd 16
lwsws[2275]: insert_wsi_socket_into_fds: 0x654e00: tsi=0, sock=16,
pos-in-fds=2
lwsws[2275]: inserted SSL accept into fds, trying SSL_accept
lwsws[2275]: lws_ssl_get_error: 0x655e40 -1 -> 2
lwsws[2275]: _realloc: size 2960: ah struct
lwsws[2275]: _realloc: size 4096: ah data
lwsws[2275]: Attached ah immediately
lwsws[2275]: lws_service_fd_tsi:  wsi port:0  fd:15 mode: 6

lwsws[2275]: accepted new SSL conn
lwsws[2275]: lws_service_fd_tsi:  wsi port:0  fd:15 mode: 0

lwsws[2275]: 0x642e40: SSL_read says 0
lwsws[2275]: lws_close_free_wsi: 0x642e40
lwsws[2275]: lws_close_free_wsi: real just_kill_connection: 0x642e40
(sockfd 15)
lwsws[2275]: remove_wsi_socket_from_fds: wsi=0x642e40, sock=15, fds pos=1,
end guy pos=3, endfd=0
lwsws[2275]: calling back CLOSED 0 4
lwsws[2275]: lws_close_free_wsi: lws_libuv_closehandle: wsi 0x642e40
lwsws[2275]: lws_service_fd_tsi:  wsi port:0  fd:16 mode: 6

lwsws[2275]: accepted new SSL conn
lwsws[2275]: lws_header_table_detach: wsi 0x642e40: ah held 11s, ah.rxpos
-1, ah.rxlen -1, mode/state 0 4,wsi->more_rx_waiting 0
lwsws[2275]: lws_free_wsi: 0x642e40, remaining wsi 2
lwsws[2275]: lws_service_fd_tsi:  wsi port:0  fd:16 mode: 0

lwsws[2275]: 0x654e00: SSL_read says 0
lwsws[2275]: lws_close_free_wsi: 0x654e00
lwsws[2275]: lws_close_free_wsi: real just_kill_connection: 0x654e00
(sockfd 16)
lwsws[2275]: remove_wsi_socket_from_fds: wsi=0x654e00, sock=16, fds pos=1,
end guy pos=2, endfd=16
lwsws[2275]: calling back CLOSED 0 4
lwsws[2275]: lws_close_free_wsi: lws_libuv_closehandle: wsi 0x654e00
lwsws[2275]: lws_header_table_detach: wsi 0x654e00: ah held 12s, ah.rxpos
-1, ah.rxlen -1, mode/state 0 4,wsi->more_rx_waiting 0
lwsws[2275]: lws_free_wsi: 0x654e00, remaining wsi 1
lwsws[2275]: lws_service_fd_tsi:  wsi port:0  fd:20 mode: 10

lwsws[2275]: accepted new conn port 39336 on fd=15
lwsws[2275]: _realloc: size 832: new server wsi
lwsws[2275]: new wsi 0x654e00 joining vhost localhost, tsi 0
lwsws[2275]: lws_adopt_descriptor_vhost: new wsi 0x654e00, sockfd 15
lwsws[2275]: insert_wsi_socket_into_fds: 0x654e00: tsi=0, sock=15,
pos-in-fds=1
lwsws[2275]: inserted SSL accept into fds, trying SSL_accept
lwsws[2275]: lws_ssl_get_error: 0x655e40 -1 -> 2
lwsws[2275]: _realloc: size 2960: ah struct
lwsws[2275]: _realloc: size 4096: ah data
lwsws[2275]: Attached ah immediately
lwsws[2275]: accepted new conn port 39338 on fd=16
lwsws[2275]: _realloc: size 832: new server wsi
lwsws[2275]: new wsi 0x653290 joining vhost localhost, tsi 0
lwsws[2275]: lws_adopt_descriptor_vhost: new wsi 0x653290, sockfd 16
lwsws[2275]: insert_wsi_socket_into_fds: 0x653290: tsi=0, sock=16,
pos-in-fds=2
lwsws[2275]: inserted SSL accept into fds, trying SSL_accept
lwsws[2275]: lws_ssl_get_error: 0x6535e0 -1 -> 2
lwsws[2275]: _realloc: size 2960: ah struct
lwsws[2275]: _realloc: size 4096: ah data
lwsws[2275]: Attached ah immediately
lwsws[2275]: lws_service_fd_tsi:  wsi port:0  fd:15 mode: 6

lwsws[2275]: accepted new SSL conn
lwsws[2275]: lws_service_fd_tsi:  wsi port:0  fd:15 mode: 0

lwsws[2275]: 0x654e00: SSL_read says 377
lwsws[2275]:
lwsws[2275]: 0000: 47 45 54 20 2F 68 63 70 2F 77 65 62 73 6F 63 6B    GET
/hcp/websock
lwsws[2275]: 0010: 65 74 2E 68 74 6D 6C 20 48 54 54 50 2F 31 2E 31
 et.html HTTP/1.1
lwsws[2275]: 0020: 0D 0A 48 6F 73 74 3A 20 31 32 37 2E 30 2E 30 2E
 ..Host: 127.0.0.
lwsws[2275]: 0030: 31 3A 37 36 38 31 0D 0A 44 4E 54 3A 20 31 0D 0A
 1:7681..DNT: 1..
lwsws[2275]: 0040: 41 63 63 65 70 74 3A 20 74 65 78 74 2F 68 74 6D
 Accept: text/htm
lwsws[2275]: 0050: 6C 2C 61 70 70 6C 69 63 61 74 69 6F 6E 2F 78 68
 l,application/xh
lwsws[2275]: 0060: 74 6D 6C 2B 78 6D 6C 2C 61 70 70 6C 69 63 61 74
 tml+xml,applicat
lwsws[2275]: 0070: 69 6F 6E 2F 78 6D 6C 3B 71 3D 30 2E 39 2C 2A 2F
 ion/xml;q=0.9,*/
lwsws[2275]: 0080: 2A 3B 71 3D 30 2E 38 0D 0A 55 73 65 72 2D 41 67
 *;q=0.8..User-Ag
lwsws[2275]: 0090: 65 6E 74 3A 20 4D 6F 7A 69 6C 6C 61 2F 35 2E 30    ent:
Mozilla/5.0
lwsws[2275]: 00A0: 20 28 58 31 31 3B 20 4C 69 6E 75 78 20 78 38 36
(X11; Linux x86
lwsws[2275]: 00B0: 5F 36 34 29 20 41 70 70 6C 65 57 65 62 4B 69 74    _64)
AppleWebKit
lwsws[2275]: 00C0: 2F 36 30 35 2E 31 20 28 4B 48 54 4D 4C 2C 20 6C
 /605.1 (KHTML, l
lwsws[2275]: 00D0: 69 6B 65 20 47 65 63 6B 6F 29 20 56 65 72 73 69    ike
Gecko) Versi
lwsws[2275]: 00E0: 6F 6E 2F 31 31 2E 30 20 53 61 66 61 72 69 2F 36
 on/11.0 Safari/6
lwsws[2275]: 00F0: 30 35 2E 31 20 55 62 75 6E 74 75 2F 31 36 2E 30    05.1
Ubuntu/16.0
lwsws[2275]: 0100: 34 20 28 33 2E 31 38 2E 31 31 2D 30 75 62 75 6E    4
(3.18.11-0ubun
lwsws[2275]: 0110: 74 75 31 29 20 45 70 69 70 68 61 6E 79 2F 33 2E    tu1)
Epiphany/3.
lwsws[2275]: 0120: 31 38 2E 31 31 0D 0A 41 63 63 65 70 74 2D 45 6E
 18.11..Accept-En
lwsws[2275]: 0130: 63 6F 64 69 6E 67 3A 20 67 7A 69 70 2C 20 64 65
 coding: gzip, de
lwsws[2275]: 0140: 66 6C 61 74 65 0D 0A 41 63 63 65 70 74 2D 4C 61
 flate..Accept-La
lwsws[2275]: 0150: 6E 67 75 61 67 65 3A 20 65 6E 2D 55 53 0D 0A 43
 nguage: en-US..C
lwsws[2275]: 0160: 6F 6E 6E 65 63 74 69 6F 6E 3A 20 4B 65 65 70 2D
 onnection: Keep-
lwsws[2275]: 0170: 41 6C 69 76 65 0D 0A 0D 0A
Alive....
lwsws[2275]:
lwsws[2275]:
lwsws[2275]: 0000: 47 45 54 20 2F 68 63 70 2F 77 65 62 73 6F 63 6B    GET
/hcp/websock
lwsws[2275]: 0010: 65 74 2E 68 74 6D 6C 20 48 54 54 50 2F 31 2E 31
 et.html HTTP/1.1
lwsws[2275]: 0020: 0D 0A 48 6F 73 74 3A 20 31 32 37 2E 30 2E 30 2E
 ..Host: 127.0.0.
lwsws[2275]: 0030: 31 3A 37 36 38 31 0D 0A 44 4E 54 3A 20 31 0D 0A
 1:7681..DNT: 1..
lwsws[2275]: 0040: 41 63 63 65 70 74 3A 20 74 65 78 74 2F 68 74 6D
 Accept: text/htm
lwsws[2275]: 0050: 6C 2C 61 70 70 6C 69 63 61 74 69 6F 6E 2F 78 68
 l,application/xh
lwsws[2275]: 0060: 74 6D 6C 2B 78 6D 6C 2C 61 70 70 6C 69 63 61 74
 tml+xml,applicat
lwsws[2275]: 0070: 69 6F 6E 2F 78 6D 6C 3B 71 3D 30 2E 39 2C 2A 2F
 ion/xml;q=0.9,*/
lwsws[2275]: 0080: 2A 3B 71 3D 30 2E 38 0D 0A 55 73 65 72 2D 41 67
 *;q=0.8..User-Ag
lwsws[2275]: 0090: 65 6E 74 3A 20 4D 6F 7A 69 6C 6C 61 2F 35 2E 30    ent:
Mozilla/5.0
lwsws[2275]: 00A0: 20 28 58 31 31 3B 20 4C 69 6E 75 78 20 78 38 36
(X11; Linux x86
lwsws[2275]: 00B0: 5F 36 34 29 20 41 70 70 6C 65 57 65 62 4B 69 74    _64)
AppleWebKit
lwsws[2275]: 00C0: 2F 36 30 35 2E 31 20 28 4B 48 54 4D 4C 2C 20 6C
 /605.1 (KHTML, l
lwsws[2275]: 00D0: 69 6B 65 20 47 65 63 6B 6F 29 20 56 65 72 73 69    ike
Gecko) Versi
lwsws[2275]: 00E0: 6F 6E 2F 31 31 2E 30 20 53 61 66 61 72 69 2F 36
 on/11.0 Safari/6
lwsws[2275]: 00F0: 30 35 2E 31 20 55 62 75 6E 74 75 2F 31 36 2E 30    05.1
Ubuntu/16.0
lwsws[2275]: 0100: 34 20 28 33 2E 31 38 2E 31 31 2D 30 75 62 75 6E    4
(3.18.11-0ubun
lwsws[2275]: 0110: 74 75 31 29 20 45 70 69 70 68 61 6E 79 2F 33 2E    tu1)
Epiphany/3.
lwsws[2275]: 0120: 31 38 2E 31 31 0D 0A 41 63 63 65 70 74 2D 45 6E
 18.11..Accept-En
lwsws[2275]: 0130: 63 6F 64 69 6E 67 3A 20 67 7A 69 70 2C 20 64 65
 coding: gzip, de
lwsws[2275]: 0140: 66 6C 61 74 65 0D 0A 41 63 63 65 70 74 2D 4C 61
 flate..Accept-La
lwsws[2275]: 0150: 6E 67 75 61 67 65 3A 20 65 6E 2D 55 53 0D 0A 43
 nguage: en-US..C
lwsws[2275]: 0160: 6F 6E 6E 65 63 74 69 6F 6E 3A 20 4B 65 65 70 2D
 onnection: Keep-
lwsws[2275]: 0170: 41 6C 69 76 65 0D 0A 0D 0A
Alive....
lwsws[2275]:
lwsws[2275]: lws_handshake_server: wsi->more_rx_waiting=0
lwsws[2275]: lws_union_transition: 0x654e00: mode 1
lwsws[2275]: lws_handshake_server: wsi 0x654e00: ah 0x6526f0
lwsws[2275]: lws_ensure_user_space: 0x654e00 protocol pss 0,
user_space=(nil)
lwsws[2275]: _realloc: size 256: access log
lwsws[2275]: _realloc: size 146: access log
lwsws[2275]: Range count 0
lwsws[2275]: lws_read: thinks we have used 0
lwsws[2275]: lws_server_socket_service: wsi 0x654e00: ah read rxpos 377,
rxlen 377
lwsws[2275]: lws_service_fd_tsi:  wsi port:0  fd:16 mode: 6

lwsws[2275]: accepted new SSL conn
lwsws[2275]: lws_service_fd_tsi:  wsi port:0  fd:15 mode: 1

lwsws[2275]: wsi->http2_substream 0
lwsws[2275]: _lws_plat_file_read: read 1431 of req 4087, pos 1431, len 1431
lwsws[2275]: lws_serve_http_file_fragment: sending 1431
lwsws[2275]: file completed
lwsws[2275]: lws_http_transaction_completed: wsi 0x654e00
lwsws[2275]: lws_ensure_user_space: 0x654e00 protocol pss 0,
user_space=(nil)
lwsws[2275]: lws_http_transaction_completed: wsi->more_rx_waiting=0
lwsws[2275]: lws_header_table_detach: wsi 0x654e00: ah held 15s, ah.rxpos
-1, ah.rxlen -1, mode/state 0 0,wsi->more_rx_waiting 0
lwsws[2275]: lws_service_fd_tsi:  wsi port:0  fd:16 mode: 0

lwsws[2275]: 0x653290: SSL_read says 395
lwsws[2275]:
lwsws[2275]: 0000: 47 45 54 20 2F 66 61 76 69 63 6F 6E 2E 69 63 6F    GET
/favicon.ico
lwsws[2275]: 0010: 20 48 54 54 50 2F 31 2E 31 0D 0A 48 6F 73 74 3A
HTTP/1.1..Host:
lwsws[2275]: 0020: 20 31 32 37 2E 30 2E 30 2E 31 3A 37 36 38 31 0D
127.0.0.1:7681.
lwsws[2275]: 0030: 0A 52 65 66 65 72 65 72 3A 20 68 74 74 70 73 3A
 .Referer: https:
lwsws[2275]: 0040: 2F 2F 31 32 37 2E 30 2E 30 2E 31 3A 37 36 38 31    //
127.0.0.1:7681
lwsws[2275]: 0050: 2F 68 63 70 2F 77 65 62 73 6F 63 6B 65 74 2E 68
 /hcp/websocket.h
lwsws[2275]: 0060: 74 6D 6C 0D 0A 55 73 65 72 2D 41 67 65 6E 74 3A
 tml..User-Agent:
lwsws[2275]: 0070: 20 4D 6F 7A 69 6C 6C 61 2F 35 2E 30 20 28 58 31
Mozilla/5.0 (X1
lwsws[2275]: 0080: 31 3B 20 4C 69 6E 75 78 20 78 38 36 5F 36 34 29    1;
Linux x86_64)
lwsws[2275]: 0090: 20 41 70 70 6C 65 57 65 62 4B 69 74 2F 36 30 35
AppleWebKit/605
lwsws[2275]: 00A0: 2E 31 20 28 4B 48 54 4D 4C 2C 20 6C 69 6B 65 20    .1
(KHTML, like
lwsws[2275]: 00B0: 47 65 63 6B 6F 29 20 56 65 72 73 69 6F 6E 2F 31
 Gecko) Version/1
lwsws[2275]: 00C0: 31 2E 30 20 53 61 66 61 72 69 2F 36 30 35 2E 31    1.0
Safari/605.1
lwsws[2275]: 00D0: 20 55 62 75 6E 74 75 2F 31 36 2E 30 34 20 28 33
Ubuntu/16.04 (3
lwsws[2275]: 00E0: 2E 31 38 2E 31 31 2D 30 75 62 75 6E 74 75 31 29
 .18.11-0ubuntu1)
lwsws[2275]: 00F0: 20 45 70 69 70 68 61 6E 79 2F 33 2E 31 38 2E 31
Epiphany/3.18.1
lwsws[2275]: 0100: 31 0D 0A 49 66 2D 4E 6F 6E 65 2D 4D 61 74 63 68
 1..If-None-Match
lwsws[2275]: 0110: 3A 20 30 30 30 30 30 35 37 45 35 41 33 43 36 46    :
0000057E5A3C6F
lwsws[2275]: 0120: 42 46 0D 0A 44 4E 54 3A 20 31 0D 0A 41 63 63 65
 BF..DNT: 1..Acce
lwsws[2275]: 0130: 70 74 3A 20 2A 2F 2A 0D 0A 41 63 63 65 70 74 2D    pt:
*/*..Accept-
lwsws[2275]: 0140: 45 6E 63 6F 64 69 6E 67 3A 20 67 7A 69 70 2C 20
 Encoding: gzip,
lwsws[2275]: 0150: 64 65 66 6C 61 74 65 0D 0A 41 63 63 65 70 74 2D
 deflate..Accept-
lwsws[2275]: 0160: 4C 61 6E 67 75 61 67 65 3A 20 65 6E 2D 55 53 0D
 Language: en-US.
lwsws[2275]: 0170: 0A 43 6F 6E 6E 65 63 74 69 6F 6E 3A 20 4B 65 65
 .Connection: Kee
lwsws[2275]: 0180: 70 2D 41 6C 69 76 65 0D 0A 0D 0A
p-Alive....
lwsws[2275]:
lwsws[2275]:
lwsws[2275]: 0000: 47 45 54 20 2F 66 61 76 69 63 6F 6E 2E 69 63 6F    GET
/favicon.ico
lwsws[2275]: 0010: 20 48 54 54 50 2F 31 2E 31 0D 0A 48 6F 73 74 3A
HTTP/1.1..Host:
lwsws[2275]: 0020: 20 31 32 37 2E 30 2E 30 2E 31 3A 37 36 38 31 0D
127.0.0.1:7681.
lwsws[2275]: 0030: 0A 52 65 66 65 72 65 72 3A 20 68 74 74 70 73 3A
 .Referer: https:
lwsws[2275]: 0040: 2F 2F 31 32 37 2E 30 2E 30 2E 31 3A 37 36 38 31    //
127.0.0.1:7681
lwsws[2275]: 0050: 2F 68 63 70 2F 77 65 62 73 6F 63 6B 65 74 2E 68
 /hcp/websocket.h
lwsws[2275]: 0060: 74 6D 6C 0D 0A 55 73 65 72 2D 41 67 65 6E 74 3A
 tml..User-Agent:
lwsws[2275]: 0070: 20 4D 6F 7A 69 6C 6C 61 2F 35 2E 30 20 28 58 31
Mozilla/5.0 (X1
lwsws[2275]: 0080: 31 3B 20 4C 69 6E 75 78 20 78 38 36 5F 36 34 29    1;
Linux x86_64)
lwsws[2275]: 0090: 20 41 70 70 6C 65 57 65 62 4B 69 74 2F 36 30 35
AppleWebKit/605
lwsws[2275]: 00A0: 2E 31 20 28 4B 48 54 4D 4C 2C 20 6C 69 6B 65 20    .1
(KHTML, like
lwsws[2275]: 00B0: 47 65 63 6B 6F 29 20 56 65 72 73 69 6F 6E 2F 31
 Gecko) Version/1
lwsws[2275]: 00C0: 31 2E 30 20 53 61 66 61 72 69 2F 36 30 35 2E 31    1.0
Safari/605.1
lwsws[2275]: 00D0: 20 55 62 75 6E 74 75 2F 31 36 2E 30 34 20 28 33
Ubuntu/16.04 (3
lwsws[2275]: 00E0: 2E 31 38 2E 31 31 2D 30 75 62 75 6E 74 75 31 29
 .18.11-0ubuntu1)
lwsws[2275]: 00F0: 20 45 70 69 70 68 61 6E 79 2F 33 2E 31 38 2E 31
Epiphany/3.18.1
lwsws[2275]: 0100: 31 0D 0A 49 66 2D 4E 6F 6E 65 2D 4D 61 74 63 68
 1..If-None-Match
lwsws[2275]: 0110: 3A 20 30 30 30 30 30 35 37 45 35 41 33 43 36 46    :
0000057E5A3C6F
lwsws[2275]: 0120: 42 46 0D 0A 44 4E 54 3A 20 31 0D 0A 41 63 63 65
 BF..DNT: 1..Acce
lwsws[2275]: 0130: 70 74 3A 20 2A 2F 2A 0D 0A 41 63 63 65 70 74 2D    pt:
*/*..Accept-
lwsws[2275]: 0140: 45 6E 63 6F 64 69 6E 67 3A 20 67 7A 69 70 2C 20
 Encoding: gzip,
lwsws[2275]: 0150: 64 65 66 6C 61 74 65 0D 0A 41 63 63 65 70 74 2D
 deflate..Accept-
lwsws[2275]: 0160: 4C 61 6E 67 75 61 67 65 3A 20 65 6E 2D 55 53 0D
 Language: en-US.
lwsws[2275]: 0170: 0A 43 6F 6E 6E 65 63 74 69 6F 6E 3A 20 4B 65 65
 .Connection: Kee
lwsws[2275]: 0180: 70 2D 41 6C 69 76 65 0D 0A 0D 0A
p-Alive....
lwsws[2275]:
lwsws[2275]: lws_handshake_server: wsi->more_rx_waiting=0
lwsws[2275]: lws_union_transition: 0x653290: mode 1
lwsws[2275]: lws_handshake_server: wsi 0x653290: ah 0x6689b0
lwsws[2275]: lws_ensure_user_space: 0x653290 protocol pss 0,
user_space=(nil)
lwsws[2275]: _realloc: size 256: access log
lwsws[2275]: _realloc: size 146: access log
lwsws[2275]: _realloc: size 43: referrer
lwsws[2275]: lws_http_serve: ETAG match favicon.ico
/usr/local/share/libwebsockets-test-server
lwsws[2275]: lws_http_transaction_completed: wsi 0x653290
lwsws[2275]: lws_ensure_user_space: 0x653290 protocol pss 0,
user_space=(nil)
lwsws[2275]: lws_http_transaction_completed: wsi->more_rx_waiting=0
lwsws[2275]: lws_header_table_detach: wsi 0x653290: ah held 15s, ah.rxpos
-1, ah.rxlen -1, mode/state 0 0,wsi->more_rx_waiting 0
lwsws[2275]: wsi->u.http.rx_content_length 0 0 0
lwsws[2275]: lws_read: thinks we have used 0
lwsws[2275]: lws_service_fd_tsi:  wsi port:0  fd:16 mode: 0

lwsws[2275]: _realloc: size 2960: ah struct
lwsws[2275]: _realloc: size 4096: ah data
lwsws[2275]: 0x653290: SSL_read says 0
lwsws[2275]: lws_close_free_wsi: 0x653290
lwsws[2275]: lws_close_free_wsi: real just_kill_connection: 0x653290
(sockfd 16)
lwsws[2275]: remove_wsi_socket_from_fds: wsi=0x653290, sock=16, fds pos=2,
end guy pos=3, endfd=0
lwsws[2275]: calling back CLOSED 0 4
lwsws[2275]: lws_close_free_wsi: lws_libuv_closehandle: wsi 0x653290
lwsws[2275]: lws_free_wsi: 0x653290, remaining wsi 2


*Bad case: *
      Root process is 2871
lwsws[2871]: _realloc: size 3288: context
lwsws[2871]: _realloc: size 4096: pt_serv_buf
lwsws[2871]: _realloc: size 524288: peer limits hash table
lwsws[2871]: _realloc: size 8388608: fds table
lwsws[2871]: _realloc: size 8388608: lws_lookup
lwsws[2871]: _realloc: size 128: plugin
lwsws[2871]: _realloc: size 128: plugin
lwsws[2871]: _realloc: size 128: plugin
lwsws[2871]: _realloc: size 128: plugin
lwsws[2871]: _realloc: size 128: plugin
lwsws[2871]: _realloc: size 128: plugin
lwsws[2871]: _realloc: size 128: plugin
lwsws[2871]: _realloc: size 128: plugin
lwsws[2871]: _realloc: size 128: plugin
lwsws[2871]: _realloc: size 128: plugin
lwsws[2871]: _realloc: size 128: plugin
lwsws[2871]: adding mount /
lwsws[2871]: adding mount /server-status
lwsws[2871]: adding mount /testcgi
lwsws[2871]: adding mount /formtest
lwsws[2871]: _realloc: size 520: create vhost
lwsws[2871]: _realloc: size 784: vhost-specific plugin table
lwsws[2871]: _realloc: size 56: same vh list
lwsws[2871]: _realloc: size 832: listen wsi
lwsws[2871]: insert_wsi_socket_into_fds: 0x6394f0: tsi=0, sock=20,
pos-in-fds=0
lwsws[2871]: lws_uv_timeout_cb
lwsws[2871]: _realloc: size 56: protocol_vh_privs
lwsws[2871]: _realloc: size 40: vh priv
lwsws[2871]: _realloc: size 33984: vh priv
lwsws[2871]: _realloc: size 8: vh priv
lwsws[2871]: _realloc: size 176: vh priv
lwsws[2871]: lws_service_fd_tsi:  wsi port:0  fd:20 mode: 10

lwsws[2871]: accepted new conn port 39476 on fd=15
lwsws[2871]: _realloc: size 88: peer
lwsws[2871]: _realloc: size 832: new server wsi
lwsws[2871]: new wsi 0x642e40 joining vhost localhost, tsi 0
lwsws[2871]: lws_adopt_descriptor_vhost: new wsi 0x642e40, sockfd 15
lwsws[2871]: insert_wsi_socket_into_fds: 0x642e40: tsi=0, sock=15,
pos-in-fds=1
lwsws[2871]: inserted SSL accept into fds, trying SSL_accept
lwsws[2871]: lws_ssl_get_error: 0x643450 -1 -> 1
lwsws[2871]: lws_close_free_wsi: 0x642e40
lwsws[2871]: SSL_shutdown=-1 for fd 15
lwsws[2871]: lws_close_free_wsi: real just_kill_connection: 0x642e40
(sockfd 15)
lwsws[2871]: remove_wsi_socket_from_fds: wsi=0x642e40, sock=15, fds pos=1,
end guy pos=2, endfd=0
lwsws[2871]: calling back CLOSED 6 4
lwsws[2871]: lws_close_free_wsi: lws_libuv_closehandle: wsi 0x642e40
lwsws[2871]: lws_free_wsi: 0x642e40, remaining wsi 1
lwsws[2871]: lws_service_fd_tsi:  wsi port:0  fd:20 mode: 10

lwsws[2871]: accepted new conn port 39478 on fd=15
lwsws[2871]: _realloc: size 832: new server wsi
lwsws[2871]: new wsi 0x6430e0 joining vhost localhost, tsi 0
lwsws[2871]: lws_adopt_descriptor_vhost: new wsi 0x6430e0, sockfd 15
lwsws[2871]: insert_wsi_socket_into_fds: 0x6430e0: tsi=0, sock=15,
pos-in-fds=1
lwsws[2871]: inserted SSL accept into fds, trying SSL_accept
lwsws[2871]: lws_ssl_get_error: 0x6434a0 -1 -> 1
lwsws[2871]: lws_close_free_wsi: 0x6430e0
lwsws[2871]: SSL_shutdown=-1 for fd 15
lwsws[2871]: lws_close_free_wsi: real just_kill_connection: 0x6430e0
(sockfd 15)
lwsws[2871]: remove_wsi_socket_from_fds: wsi=0x6430e0, sock=15, fds pos=1,
end guy pos=2, endfd=0
lwsws[2871]: calling back CLOSED 6 4
lwsws[2871]: lws_close_free_wsi: lws_libuv_closehandle: wsi 0x6430e0
lwsws[2871]: lws_free_wsi: 0x6430e0, remaining wsi 1


*The different is the line marked as red.*
*I think the error maybe related to some of the resource leak.*
*Sometimes, I do not close the server properly,  for example, I just random
stop the gdb debug.*
*When I restart the server, it can not work well.*

Best Regards

Yours Chropin

On Tue, Jan 23, 2018 at 10:39 AM, Chropin Hu <chropinhu at gmail.com> wrote:

> Dear Andy,
>         It is seems work well now. I do not know why the browser always
> prompt " Oops! Unable to display this website."  yesterday.
>         I use the Epiphany Web Browser.
>         Anyway, I will check the flow further and update the status.
>
> Thank your very very much!
>
> Best Regards
>
> Yours Chropin
>
> On Mon, Jan 22, 2018 at 9:27 PM, Andy Green <andy at warmcat.com> wrote:
>
>>
>>
>> On 22/01/18 21:02, Chropin Hu wrote:
>>
>>> Dear Andy,
>>>         Thank you very much,
>>>         I have instead of the host-ssl-key and host-ssl-cert, like this:
>>> (I can find the cacert, so, just mark it)
>>>              "host-ssl-key":   "/home/mtk40387/develop/libwe
>>> bsockets-master/build/libwebsockets-test-server.key.pem",
>>>              "host-ssl-cert": "/home/mtk40387/develop/libweb
>>> sockets-master/build/libwebsockets-test-server.pem",
>>>               #     "host-ssl-ca":   "/home/mtk40387/develop/ecdh/
>>> ca/cacert.pem",
>>>
>>>         But the result is the same:
>>> lwsws[19746]: accepted new conn port 51922 on fd=15
>>> lwsws[19746]: _realloc: size 88: peer
>>> lwsws[19746]: _realloc: size 832: new server wsi
>>> lwsws[19746]: new wsi 0x642e40 joining vhost localhost, tsi 0
>>> lwsws[19746]: lws_adopt_descriptor_vhost: new wsi 0x642e40, sockfd 15
>>> lwsws[19746]: insert_wsi_socket_into_fds: 0x642e40: tsi=0, sock=15,
>>> pos-in-fds=1
>>> lwsws[19746]: inserted SSL accept into fds, trying SSL_accept
>>> lwsws[19746]: lws_ssl_get_error: 0x643450 -1 -> 2
>>>
>>
>> This is a log from SSL_accept... it just seems to be saying
>> SSL_ERROR_WANT_READ, ie, nonfatal status.
>>
>> So I don't see anything going wrong.  Why do we think something went
>> wrong?
>>
>> The title of your email says "How to fix the
>> "SSL_CTX_get_extra_chain_certs_only" error"... why do we think that is
>> related to the problem?
>>
>> You don't mention what the client you are connecting to lws says about
>> what happened to the connection.  If you connect with, eg, Firefox, it
>> should complain about unknown CA and offer for you to make an exception.
>> What does the client say?
>>
>> -Andy
>>
>> *The openssl version is: OpenSSL 1.0.2g  1 Mar 2016.*
>>> *
>>> *
>>> **Is it possible to disable the option *LWS_HAVE_OPENSSL_ECDH_H. *
>>> ** It is very hard to generate to ECDH key, I just want to enable https
>>> and wss, maybe is easier to use other keys.
>>>
>>> Best Regards
>>>
>>> Yours Chropin.
>>>
>>> On Mon, Jan 22, 2018 at 8:11 PM, Andy Green <andy at warmcat.com <mailto:
>>> andy at warmcat.com>> wrote:
>>>
>>>
>>>
>>>     On January 22, 2018 8:01:02 PM GMT+08:00, Chropin Hu
>>>     <chropinhu at gmail.com <mailto:chropinhu at gmail.com>> wrote:
>>>     >Dear All,
>>>     >       I am trying to setup a https server  on ubuntu.
>>>     >       Currently, I just use the lwsws,
>>>     >       The config file like this:
>>>     >        {
>>>     > "vhosts": [ {
>>>     >     "name": "localhost",
>>>     >     "port": "7681",
>>>     >     "interface": "lo",
>>>     >     "host-ssl-key":  "/home/develop/ecdh/ca/ecdhkey.pem",
>>>     >     "host-ssl-cert": "/home/develop/ecdh/ca/ecdhcert.pem",
>>>     >     "host-ssl-ca":   "/home/develop/ecdh/ca/cacert.pem",
>>>
>>>     What happens if instead of these, you use the test selfsigned certs
>>>     lws creates in the build dir when you run cmake?
>>>
>>>     -Andy
>>>
>>>      >#     "sts": "on",
>>>      >     "mounts": [{
>>>      >       "mountpoint": "/",
>>>      >       "origin": "file://_lws_ddir_/libwebsockets-test-server",
>>>      >       "default": "test.html",
>>>      >       "cache-max-age": "60",
>>>      >       "cache-reuse": "1",
>>>      >       "cache-revalidate": "1",
>>>      >       "cache-intermediaries": "0"
>>>      >       }, {
>>>      >        "mountpoint": "/server-status",
>>>      >        "origin":
>>>      >"file://_lws_ddir_/libwebsockets-test-server/server-status",
>>>      >        "default": "server-status.html"
>>>      >        }, {
>>>      >        "mountpoint": "/testcgi",
>>>      >        "origin":
>>>      >"cgi://_lws_ddir_/libwebsockets-test-server/lws-cgi-test.sh"
>>>      >
>>>      >       }, {
>>>      >        "mountpoint": "/formtest",
>>>      >        "origin": "callback://protocol-post-demo"
>>>      >       }],
>>>      >     # which protocols are enabled for this vhost, and optional
>>>      >     # vhost-specific config options for the protocol
>>>      >     #
>>>      >     "ws-protocols": [{
>>>      >       "lws-meta": {
>>>      >         "status": "ok"
>>>      >       },
>>>      >       "dumb-increment-protocol": {
>>>      >         "status": "ok"
>>>      >       },
>>>      >       "lws-mirror-protocol": {
>>>      >         "status": "ok"
>>>      >       },
>>>      >       "lws-status": {
>>>      >         "status": "ok"
>>>      >       },
>>>      >       "protocol-post-demo": {
>>>      >         "status": "ok"
>>>      >       },
>>>      >       "lws-server-status": {
>>>      >         "status": "ok",
>>>      >         "update-ms": "5000"
>>>      >       }
>>>      >     }]
>>>      >    }
>>>      >  ]
>>>      >}
>>>      >
>>>      >The server always failed at the line marked as red.
>>>      >
>>>      >/* Get X509 certificate from ssl context */
>>>      >#if !defined(LWS_HAVE_SSL_EXTRA_CHAIN_CERTS)
>>>      >x = sk_X509_value(vhost->ssl_ctx->extra_certs, 0);
>>>      >#else
>>>      >SSL_CTX_get_extra_chain_certs_only(vhost->ssl_ctx, &extra_certs);
>>>      >if (extra_certs)
>>>      >x = sk_X509_value(extra_certs, 0);
>>>      >else
>>>      >lwsl_err("%s: no extra certs\n", __func__);
>>>      >#endif
>>>      >
>>>      >and further, The ssl accept always fail.
>>>      >
>>>      >lwsws[18957]: insert_wsi_socket_into_fds: 0x1114890: tsi=0,
>>> sock=15,
>>>      >pos-in-fds=1
>>>      >lwsws[18957]: inserted SSL accept into fds, trying SSL_accept
>>>      >lwsws[18957]: lws_ssl_get_error: 0x1114ea0 -1 -> 2
>>>      >lwsws[18957]: _realloc: size 2960: ah struct
>>>      >lwsws[18957]: _realloc: size 4096: ah data
>>>      >
>>>      >Someone can help me out?
>>>      >Thanks, I appreciate the answer.
>>>      >
>>>      >Best Regards
>>>      >
>>>      >Yours Chropin.
>>>
>>>
>>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://libwebsockets.org/pipermail/libwebsockets/attachments/20180123/32121060/attachment-0002.html>


More information about the Libwebsockets mailing list