Project

General

Profile

Bug #2969

Not able to create secure socket connection.

Added by Deepak about 1 month ago. Updated 9 days ago.

Status:
Invalid
Priority:
Normal
Assignee:
-
Category:
mod_wstunnel
Target version:
Start date:
2019-08-07
Due date:
% Done:

0%

Estimated time:
Missing in 1.5.x:

Description

Hi,

Lighttpd version in use lighttpd/1.4.54 (ssl).

I'm able to make web socket connection, but I'm not able to make secure socket connection.

With secure socket configuration, I'm make connection with non-secure web socket connection. Below is curl sample request.

curl --insecure -i -N -H "Connection: Upgrade" -H "Upgrade: websocket" -H "Host: 10.10.11.1" -H "Origin: https://10.10.11.1" http://10.10.11.1:4454/ws_server.php
HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
WebSocket-Location: ws://10.10.11.1/ws_server.php
Sec-WebSocket-Accept: Kfh9QIsMVZcl6xEPYxPHzW8SZ8w=

With secure request, I'm seeing below error:

curl --insecure -i -N -H "Connection: Upgrade" -H "Upgrade: websocket" -H "Host: 10.10.11.1" -H "Origin: https://10.10.11.1" https://10.10.11.1:4454/ws_server.php
curl: (35) SSL received a record that exceeded the maximum permissible length.

On browser, I'm seeing below when I make request.

WebSocket connection to 'wss://10.10.11.1:4454/ws_server.php' failed: Error in connection establishment: net::ERR_SSL_PROTOCOL_ERROR

I've followed below link:

https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModWSTunnel
https://redmine.lighttpd.net/boards/2/topics/7600

Please note, I'm using self-signed certificate for ssl configuration and I've attached lighttpd configuration.

Requesting to share some light, if I'm something in the configuration.

lighttpd.conf (12.6 KB) lighttpd.conf Deepak, 2019-08-07 05:53

History

#1

Updated by gstrauss 9 days ago

  • Status changed from New to Invalid

DO NOT FILE BUGS for questions like "how do I...?"
Please ask questions in the support Forum (see the Forums tab near the top of the page)

I've followed below link:

https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModWSTunnel
https://redmine.lighttpd.net/boards/2/topics/7600

The config you provided is incomplete. If you actually carefully read through the above links, you would have seen how to get a complete config (lighttpd -p -f /etc/lighttpd/lighttpd.conf)

.

lighttpd with mod_wstunnel works fine with both http and https.

(Instead of mod_wstunnel, perhaps you want to use mod_proxy to proxy to your websocket backend.)

.

server.modules += ("mod_wstunnel")
$HTTP["url"] =~ "^/ws" {
    wstunnel.server = ( "" => (( "host" => "127.0.0.1", "port" => "12345")) )
    wstunnel.frame-type = "text" 
}

Note that I am using wstunnel.frame-type = "text" above.

Note: PHP is a considered a poor choice for a socket backend, but I have found that those who use PHP have a difficult time with other languages.
Manually starting a PHP script as a daemon in another window:
php -q wstunnel-endpoint-example.php

<?php

$address = '127.0.0.1';
$port = 12345;

$server = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
socket_set_option($server, SOL_SOCKET, SO_REUSEADDR, 1);
socket_bind($server, $address, $port);
socket_listen($server);

while (($client = socket_accept($server))) {
    do { sleep(1); } while (FALSE !== socket_write($client, 'Now: '.time()));
}

?>

Using /path/to/docroot/example.html and having my lighttpd server listen on port 8443 with TLS enabled:
https://localhost:8443/example.html

<html>
<body>
    <div id="root"></div>
    <script>
        var host = 'wss://127.0.0.1:8443/ws';
        var socket = new WebSocket(host);
        socket.onmessage = function(e) {
            document.getElementById('root').innerHTML = e.data;
        };
    </script>
</body>
</html>

Also available in: Atom