[noPoll] pelase help, about tls

Francis Brosnan Blázquez francis en aspl.es
Jue Jun 18 12:05:10 CEST 2015 

Hello Su Min,

I didn't have time to take a look into your examples but that's good to
know.

Best Regards,


> Hello Francis,
> 
> i want to tell you, that my problem is solved. you're right in the 
> beginning, the problem is with certificate. i just know that the html 
> should be in the server (not using file:// and the server should be in 
> https, so the browser will ask to continue, rather than automatically 
> reject it).
> 
> thanks for your help
> 
> Regards
> 
> Su Min
> 
> On 2015-06-16 20:05, sumin en trus.co.id wrote:
> > Hello Francis,
> > 
> > the 22,3,1 i get from read, is from code 3
> > code 1: current code, working with ws
> > code 2: i try to put wss support in code 1, fail
> > code 3: i try to accept from standard socket, fail and
> > nopoll_conn_read get handshaking message
> > 
> > here's working code with regular WS
> > -----------START 1 --------------------
> > ctx = nopoll_ctx_new();
> > listener = nopoll_listener_new(ctx, "0.0.0.0", "8000");
> > NOPOLL_SOCKET listener_sock = nopoll_conn_socket(listener);
> > nopoll_conn_set_sock_block(listener_sock,nopoll_true);
> > while(running)
> > {
> >     conn = nopoll_conn_accept(ctx,listener);
> >     fork();
> >     //in child process, create several service thread, one of them is
> > blocking read nopoll_conn_read(conn, buff, length-needed-to-read,
> > nopoll_true, 0);
> > }
> > -----------END of 1 -------------------
> > 
> > i try to make it support WSS
> > ------------START 2 -------------------
> > ctx = nopoll_ctx_new();
> > listener = nopoll_listener_tls_new(ctx, "0.0.0.0", "8000");
> > //also tried this
> > //nopoll_conn_opts_set_ssl_certs(opts, KEYDIR"/server.pem",
> > KEYDIR"/server.key", NULL, NULL )
> > //listener = nopoll_listener_tls_new_opts (ctx, opts, "0.0.0.0", 
> > "8000");
> > 
> > NOPOLL_SOCKET listener_sock = nopoll_conn_socket(listener);
> > nopoll_conn_set_sock_block(listener_sock,nopoll_true);
> > while(running)
> > {
> >     conn = nopoll_conn_accept(ctx,listener);
> >     fork();
> > }
> > -------------END of 2 ---------------
> > 
> > i also try to accept from standard socket
> > -------------START 3--------------
> > 
> > socket.accept();
> > //use MSG_PEEK like tutorial in aspl.es, make sure it is ws or wss
> > (actually no regular ws will be used, all is wss)
> > //if ws or wss, fork()... then in child code:
> > 
> > ctx = nopoll_ctx_new();
> > //tried this
> > //nopoll_ctx_set_certificate(ctx, "domain.test", KEYDIR"/server.pem",
> > KEYDIR"/server.key", NULL)
> > 
> > listener = nopoll_listener_from_socket(ctx, ListenerFd);
> > conn = nopoll_listener_from_socket(ctx, AcceptedFd);
> > nopoll_conn_set_sock_block(AcceptedFd, nopoll_true);
> > nopoll_listener_set_certificate(conn, "server.pem", "server.key", 
> > NULL);
> > 
> > nopoll_conn_accept_complete(ctx, nopoll_listener, conn, AcceptedFd, 
> > isTls);
> > //then create thread, which one of them is blocking read
> > nopoll_conn_read(conn, buff, length-needed-to-read, nopoll_true, 0);
> > -----------END of 3 --------------------
> > 
> > 
> > 
> > Regards,
> > 
> > Su Min
> > 
> > 
> > On 2015-06-16 17:48, Francis Brosnan Blázquez wrote:
> >> Hello Su Min,
> >> 
> >>  I don't know why you are getting that. Could you post a working
> >> example
> >>  that reproduces the error you are facing?
> >> 
> >>  Best Regards,
> >> 
> >> Hello Francis
> >> 
> >> thanks for your information
> >> 
> >> why do i get wss "client hello" packet (3 first bytes are 22, 3, 1)
> >> from nopoll_conn_read? (blocking socket)
> >> do i miss accept/handshake?
> >> 
> >> note : on previous mail, i said wireshark didn't capture client hello,
> >> 
> >> it turns out client hello was sent but wireshark didnt label/recognize
> >> 
> >> it as client hello
> >> 
> >> Regards
> >> 
> >> Su Min
> >> 
> >> On 2015-06-13 00:29, Francis Brosnan Blázquez wrote:
> >>> El vie, 12-06-2015 a las 22:23 +0700, sumin en trus.co.id escribió:
> >>> 
> >>> Hello,
> >>> 
> >>> Hello Su Min,
> >>> 
> >>> im learning nopoll for my application, i plan to use websocket in
> >>> android/ios using ionic framework (html5/js), so i use nopoll for
> >>> websocket server only. if im not using TLS, the server run well, but
> >>> if
> >>> i try use TLS, the connection wont established.
> >>> 
> >>> Ok,
> >>> 
> >>> i hope this info have some clue:
> >>> 1. i compare packet between my application and websocket.org using
> >>> wireshark. i think the difference begins at "client hello",
> >> wireshark
> >>> didnt capture any "client hello" from my application
> >>> 2. im using blocking socket
> >> nopoll_conn_set_sock_block(listener_sock,
> >>> nopoll_true), and later i accept with nopoll_conn_accept(ctx,
> >>> listener).
> >>> 
> >>> Ok, I think the problem, with 99% of probability is that you are
> >>> using a certificate
> >>> that is not valid (signed by a trusted party like Twathe, Geotrust
> >>> and so forth...). That
> >>> can explain why you are getting a failure with your server noPoll
> >> app
> >>> and the server
> >>> provided by websocket.org
> >>> 
> >>> If this is the case, the only solution is to a) review your client
> >>> TLS code to disable
> >>> certificate verification before connecting... or b) have a signed
> >>> certificate that is recognized
> >>> by your mobile app
> >>> 
> >>> Going a) would work for your dev test, but you'll need b) for
> >>> production
> >>> 
> >>> 1. can i have some sample code about server with TLS?
> >>> 
> >>> Sure, see full working examples at the regression test code:
> >>> 
> >>> 
> >>> 
> >> https://dolphin.aspl.es/svn/publico/nopoll/trunk/test/nopoll-regression-client.c
> >> [1]
> >>> [2]
> >>> 
> >>> 
> >> https://dolphin.aspl.es/svn/publico/nopoll/trunk/test/nopoll-regression-listener.c
> >> [2]
> >>> [3]
> >>> 
> >>> 2. how to show some log/error code from nopoll, i read everyone show
> >>> nopoll log/error, but i cant find one?
> >>> 
> >>> See http://www.aspl.es/nopoll/html/group__nopoll__log.html [3] [4]
> >>> 
> >>> Alternatively, assuming you are running a noPoll listener app in a
> >>> linux or similar
> >>> you can use:
> >>> 
> >>> >> NOPOLL_DEBUG=1 NOPOLL_DEBUG_COLOR=1 ./your-app
> >>> 
> >>> Best Regards,
> >>> 
> >>> thanks in advance
> >>> 
> >>> Regards,
> >>> 
> >>> Su Min
> >>> _______________________________________________
> >>> noPoll mailing list
> >>> noPoll en lists.aspl.es
> >>> http://lists.aspl.es/cgi-bin/mailman/listinfo/nopoll [4] [1]
> >>> 
> >>> --
> >>> Francis Brosnan Blázquez <francis en aspl.es>
> >>> ASPL
> >>> 91 134 14 22 - 91 134 14 45 - 91 116 07 57
> >>> 
> >>> AVISO LEGAL
> >>> 
> >>> En virtud de lo dispuesto en la Ley Orgánica 15/1999, de 13 de
> >>> diciembre, de Protección de Datos de Carácter Personal, le
> >>> informamos de
> >>> que sus datos de carácter personal, recogidos de fuentes accesibles
> >>> al
> >>> público o datos que usted nos ha facilitado previamente, proceden
> >> de
> >>> bases de datos propiedad de Advanced Software Production Line, S.L.
> >>> (ASPL).
> >>> 
> >>> ASPL garantiza que los datos serán tratados con la finalidad de
> >>> mantener
> >>> las oportunas relaciones comerciales o promocionales con usted o la
> >>> entidad que usted representa. No obstante, usted puede ejercitar sus
> >>> derechos de acceso, rectificación, cancelación y oposición
> >>> dispuestos en
> >>> la mencionada Ley Orgánica, notificándolo por escrito a ASPL -
> >>> Protección Datos, C/Antonio Suárez 10 A-102, 28802, Alcalá de
> >>> Henares
> >>> (Madrid).
> >>> 
> >>> 
> >>> 
> >>> Links:
> >>> ------
> >>> [1] http://lists.aspl.es/cgi-bin/mailman/listinfo/nopoll [4]
> >>> [2]
> >>> 
> >> https://dolphin.aspl.es/svn/publico/nopoll/trunk/test/nopoll-regression-client.c
> >> [1]
> >>> [3]
> >>> 
> >> https://dolphin.aspl.es/svn/publico/nopoll/trunk/test/nopoll-regression-listener.c
> >> [2]
> >>> [4] http://www.aspl.es/nopoll/html/group__nopoll__log.html [3]
> >> 
> >> --
> >> Francis Brosnan Blázquez <francis.brosnan en aspl.es>
> >> ASPL
> >> 91 134 14 22 - 91 134 14 45 - 91 116 07 57
> >> 
> >> AVISO LEGAL
> >> 
> >> Este mensaje se dirige exclusivamente a su destinatario. Los datos
> >> incluidos en el presente correo son confidenciales y sometidos a
> >> secreto
> >> profesional, se prohíbe divulgarlos, en virtud de las leyes vigentes.
> >> Si
> >> usted no lo es y lo ha recibido por error o tiene conocimiento del
> >> mismo
> >> por cualquier motivo, le rogamos que nos lo comunique por este medio y
> >> proceda a destruirlo o borrarlo.
> >> 
> >> En virtud de lo dispuesto en la Ley Orgánica 15/1999, de 13 de
> >> diciembre, de Protección de Datos de Carácter Personal, le
> >> informamos de
> >> que sus datos de carácter personal, recogidos de fuentes accesibles
> >> al
> >> público o datos que usted nos ha facilitado previamente, proceden de
> >> bases de datos propiedad de Advanced Software Production Line, S.L.
> >> (ASPL). No obstante, usted puede ejercitar sus derechos de acceso,
> >> rectificación, cancelación y oposición dispuestos en la mencionada
> >> Ley
> >> Orgánica, notificándolo por escrito a:
> >> ASPL - Protección Datos, C/Antonio Suárez 10 A-102, 28802, Alcalá
> >> de
> >> Henares (Madrid).
> >> 
> >> 
> >> 
> >> Links:
> >> ------
> >> [1]
> >> https://dolphin.aspl.es/svn/publico/nopoll/trunk/test/nopoll-regression-client.c
> >> [2]
> >> https://dolphin.aspl.es/svn/publico/nopoll/trunk/test/nopoll-regression-listener.c
> >> [3] http://www.aspl.es/nopoll/html/group__nopoll__log.html
> >> [4] http://lists.aspl.es/cgi-bin/mailman/listinfo/nopoll
> > 
> > _______________________________________________
> > noPoll mailing list
> > noPoll en lists.aspl.es
> > http://lists.aspl.es/cgi-bin/mailman/listinfo/nopoll
> 


-- 
Francis Brosnan Blázquez <francis.brosnan en aspl.es>
ASPL
91 134 14 22 - 91 134 14 45 - 91 116 07 57

AVISO LEGAL

Este mensaje se dirige exclusivamente a su destinatario. Los datos
incluidos en el presente correo son confidenciales y sometidos a secreto
profesional, se prohíbe divulgarlos, en virtud de las leyes vigentes. Si
usted no lo es y lo ha recibido por error o tiene conocimiento del mismo
por cualquier motivo, le rogamos que nos lo comunique por este medio y
proceda a destruirlo o borrarlo.

En virtud de lo dispuesto en la Ley Orgánica 15/1999, de 13 de
diciembre, de Protección de Datos de Carácter Personal, le informamos de
que sus datos de carácter personal, recogidos de fuentes accesibles al
público o datos que usted nos ha facilitado previamente, proceden de
bases de datos propiedad de Advanced Software Production Line, S.L.
(ASPL). No obstante, usted puede ejercitar sus derechos de acceso,
rectificación, cancelación y oposición dispuestos en la mencionada Ley
Orgánica, notificándolo por escrito a:
ASPL - Protección Datos, C/Antonio Suárez 10 A-102, 28802, Alcalá de
Henares (Madrid).
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: <http://lists.aspl.es/pipermail/nopoll/attachments/20150618/8159ae4a/attachment.html>

Más información sobre la lista de distribución noPoll