堆栈内存溢出
  简体   繁体   English

带有 openSSL 的 libwebsocket 服务器不接受连接

[英]libwebsocket server with openSSL not accepting connection

 原文  2019-11-05 13:54:22       c++/ c/ linux/ openssl/ libwebsockets

问题描述

I have written web socket server with the help of (libwebsocket library )which accepts web socket client connection for non SSL.我在(libwebsocket 库)的帮助下编写了 web 套接字服务器,它接受非 SSL 的 web 套接字客户端连接。 Now I wanted it to accept SSL connection so I have generated the self signed certificate and key, while creating web socket context I have given the key and certificate path and option LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT as well.现在我希望它接受 SSL 连接,所以我生成了自签名证书和密钥,在创建 web 套接字上下文时,我也给出了密钥和证书路径以及选项 LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT。 But while making https connection using wss://ip:7681 from I am getting connection request callback ie LWS_CALLBACK_SERVER_NEW_CLIENT_INSTANTIATED and after that LWS_CALLBACK_WSI_DESTROY and in browser getting console error about not able to connect.但是,在使用 wss://ip:7681 进行 https 连接时,我得到了连接请求回调,即 LWS_CALLBACK_SERVER_NEW_CLIENT_INSTANTIATED,然后是 LWS_CALLBACK_WSI_DESTROY,并且在浏览器中出现关于无法连接的控制台错误。

  Firefox can’t establish a connection to the server at wss://192.168.4.254:7681/.

Please check the following server side code used for creating openSSL based web socket server.请检查以下用于创建基于 openSSL 的 web 套接字服务器的服务器端代码。

struct lws_protocols WebSocketCommon::protocols[ 2 ] = { {"wss", WebSocketCommon::callback, 0,    0 },{ NULL, NULL, 0, 0 } };

int callback ( struct lws *wsi, enum lws_callback_reasons reason, void *user, void *in, size_t len ) {
   switch ( reason ) {

    case LWS_CALLBACK_SERVER_NEW_CLIENT_INSTANTIATED:
    {
         //code 
         break;      
    }
    case LWS_CALLBACK_WSI_DESTROY: 
    {
         //code 
         break;
    }  
    case LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS: {
        Log::d( m_r_logger, TAG, "LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS\n");
        SSL_CTX_load_verify_locations( (SSL_CTX*) user, NULL, getenv(SSL_CERT_FILE_PATH) );
        break;
    }
        default: {
            break;
    }
}

return lws_callback_http_dummy(wsi, reason, user, in, len);
} 

void createContext (bool useSSL) {
    struct lws_context_creation_info info;
    memset( &info, 0, sizeof(struct lws_context_creation_info) );

    info.port = 7681;
    info.uid = -1;
    info.gid = -1;
    info.protocols = protocols;
    info.mounts = &mount;

    info.extensions = exts;
    info.timeout_secs = 5;
    info.ip_limit_ah = 24; /* for testing */
    info.ip_limit_wsi = 400; /* for testing */

    // Following options for openSSL certificate
    if(useSSL){
        info.options = LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT | LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT | LWS_SERVER_OPTION_DISABLE_IPV6 | LWS_SERVER_OPTION_PEER_CERT_NOT_REQUIRED | LWS_SERVER_OPTION_IGNORE_MISSING_CERT;
        info.ssl_cert_filepath = SSL_CERT_FILE_PATH;
        info.ssl_private_key_filepath = SSL_PRIVATE_KEY_PATH;
    }
    fContext = lws_create_context( &info );

    }

I am getting following logs while creating web socket context and accepting wss connection.在创建 web 套接字上下文并接受 wss 连接时,我正在获取以下日志。

WebSocket.cpp:638...... :createContext ( ) - begin
WebSocket.cpp:640...... : createContext - fReferenceCount = 0
WebSocket.cpp:324...... : Creating Vhost 'default' port 7681, 1 protocols, IPv6 off
WebSocket.cpp:324...... :  Using SSL mode
WebSocket.cpp:324...... :  SSL ECDH curve 'prime256v1'
WebSocket.cpp:612...... : LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS
WebSocket.cpp:324...... : lws_tls_client_create_vhost_context: doing cert filepath /etc/nginx  /ssl/mycert.crt
WebSocket.cpp:324...... : Loaded client cert /etc/nginx/ssl/mycert.crt
WebSocket.cpp:324...... : lws_tls_client_create_vhost_context: doing private key filepath
WebSocket.cpp:324...... : Loaded client cert private key /etc/nginx/ssl/mykey.key
WebSocket.cpp:324...... : created client ssl context for default
WebSocket.cpp:684...... : lws_create_context SUCCEEDED
WebSocket.cpp:759...... : start  Starting Service Thread.
WebSocket.cpp:705...... : createContext - fReferenceCount = 1 
WebSocket.cpp:706...... : createContext - end

Following is library versions I am using.以下是我正在使用的库版本。

libwebsocket.so 13
OpenSSL 1.0.2o  27 Mar 2018

Please let me know what is going wrong?请让我知道出了什么问题?

1 个解决方案

解决方案1
 0  2019-11-05 14:23:45

The problem is possibly not related to libwebsockets, but rather to do with Firefox being fussy about allowing connections to WSS that have a self signed certificate.该问题可能与 libwebsockets 无关,而是与 Firefox 对允许与具有自签名证书的 WSS 的连接过于挑剔有关。 Try to connect to your server from some other program, eg, a simple python program.尝试从其他程序连接到您的服务器,例如,一个简单的 python 程序。

related:有关的:

What is the problem with Websocket and Self-Signed SSL certificate Websocket 和自签名 SSL 证书有什么问题

Firefox disconnects websockets connection for a self signed certificate Firefox 断开自签名证书的 websockets 连接

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 密码套件错误或与OpenSSL服务器无连接 - Wrong cipher suite or no connection with OpenSSL server 如何使用libwebsocket将16bit音频数据发送到服务器 - how to send 16bit audio data to server using libwebsocket iocp openssl peer server 与 ConnectEx 连接后关闭连接 - iocp openssl peer server closes the connection after connecting with ConnectEx 同时接受套接字连接 - while accepting socket connection C ++电子邮件客户端中的OpenSSL - 服务器关闭与TLSv1警报消息的连接 - OpenSSL in C++ email client - server closes connection with TLSv1 Alert message 如果多个不同的接受套接字使用相同的OpenSSL上下文是否有问题? - Is it a problem if multiple different accepting sockets use the same OpenSSL context? 服务器在Openssl初始化时失败 - Server Fails on Openssl Initialization MySQL服务器不接受远程连接 - MySQL server not accepting remote connections 为什么这个简单的服务器不接受连接? - Why is this simple server not accepting connections? asio异步服务器不接受连接 - asio async server not accepting connections
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM