Skip to content
This repository has been archived by the owner on Nov 2, 2020. It is now read-only.

node10 SSL alert number 10 #6

Closed
SirAnthony opened this issue Oct 24, 2018 · 9 comments
Closed

node10 SSL alert number 10 #6

SirAnthony opened this issue Oct 24, 2018 · 9 comments
Assignees
@goriunov

Comments

@SirAnthony
Copy link

Hello,

As I can see, code taken not from uws repo, but my fork of uWebSockets-binding, to build on node10. Please note, this does not work on node 10 for some ssl ws messages after parser tweaking (worked well on node8). I'm still investigating issue (spent few weeks already), but it seems node changed http_parser/socket interaction, and uws socket interaction should be altered too.

Error hook for search engines:

Error: 140682218641280:error:140943F2:SSL routines:ssl3_read_bytes:sslv3 alert unexpected message:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1407:SSL alert number 10
@goriunov
Copy link
Member

Thank you, i will also do research about that.

@goriunov goriunov self-assigned this Oct 24, 2018
@SirAnthony
Copy link
Author

SirAnthony commented Oct 25, 2018
edited
Loading

https://github.com/ClusterWS/uWS/blob/master/src/Socket.h#L190
There is the line, where ssl read error coming from.
I noticed by gdb debugging, that node internals also catch ssl alerts in SSL_read (mostly in handshake, whereas uws got it in data), but consume it, without any notice. Probably there is not an issue at all, since dropping ws connection on error is design of uws.

@goriunov
Copy link
Member

That is a good news :)

@goriunov
Copy link
Member

I have added your info to the README and link to your fork as well. Also if you would like you can contribute to this repo as i am planning to support it properly at least till version 0.15 for Node.js comes out. Thank you.

@SirAnthony
Copy link
Author

It seems, issue can be split into 2 parts:

  • ssl alert received from client (can be any kind of server-client interaction error), we will continue of investigation of it, but it is not blocker for us.
  • uws does not handle _tlsError/error events of socket, and node throws it as unhandledException.
    I added hack in my branch, it just add handler for such exceptions, to stop it from failing to unhandled. I do not like that solution, so it is up to you, what to do with it.

@goriunov
Copy link
Member

Thanks, i have updated to the latest changes :)

@ghost
Copy link

ghost commented Dec 14, 2018

Is there anything new about this issue? Still websocket transport doesn't work with SSL

@goriunov
Copy link
Member

@Kamil93 it should work alright, can you send an error you get. Also in case if you can not set up proper ssl in node app you can use something like nginx with ssl in front of non ssl node app.

@goriunov
Copy link
Member

Moved to #28

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@goriunov goriunov

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@SirAnthony @goriunov