Webbit websocket ws://连接有效但 wss://握手失败而没有任何错误? [英] Webbit websocket ws:// connection works but wss:// handshake fails silently without any error?

问题描述

将 Webbit 升级到 0.4.6 以使用新的 SSL 支持，但立即意识到所有 wss://握手都以静默方式失败，我没有显示任何错误.Chrome 仅针对没有 HTTP 代码或任何其他标头的响应报告成功".我检查了服务器日志，它甚至没有注册打开"事件.

Upgraded Webbit to 0.4.6 to use the new SSL support but immediately realized that all wss:// handshakes are failing silently and I don't have any errors to show for it. Chrome only reports a "success" for a response without a HTTP code or any other headers. I check server logs and it doesn't even register an "open" event.

这里的问题是任何 ws://连接都很好用.那么什么可能是可能的问题，我怎样才能从中得到错误呢?java密钥库和SSL握手有问题吗?

The catch here is that any ws:// connection works great. So what could be possible problems and how can I get an error out of it? Could it be something wrong with the java keystore and SSL handshake?

我找到了一个用于测试握手的 openSSL 命令.这是输出:

I was able to find an openSSL command for a test handshake. Here's the output:

SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:error in SSLv2/v3 read server hello A

编辑 2

我意识到我可以进一步调试

Edit 2

I realized I could debug this further

CONNECTED(0000016C)
SSL_connect:before/connect initialization
write to 0x1f57750 [0x1f6a730] (210 bytes => 210 (0xD2))
0000 - 16 03 01 00 cd 01 00 00-c9 03 01 4f 6b 8d 68 63   ...........Ok.hc
0010 - 99 06 08 30 93 2a 42 88-f8 f1 c4 c5 dc 89 71 0b   ...0.*B.......q.
0020 - b6 04 42 4e 11 79 b4 76-6c f7 66 00 00 5c c0 14   ..BN.y.vl.f..\..
0030 - c0 0a 00 39 00 38 00 88-00 87 c0 0f c0 05 00 35   ...9.8.........5
0040 - 00 84 c0 12 c0 08 00 16-00 13 c0 0d c0 03 00 0a   ................
0050 - c0 13 c0 09 00 33 00 32-00 9a 00 99 00 45 00 44   .....3.2.....E.D
0060 - c0 0e c0 04 00 2f 00 96-00 41 00 07 c0 11 c0 07   ...../...A......
0070 - c0 0c c0 02 00 05 00 04-00 15 00 12 00 09 00 14   ................
0080 - 00 11 00 08 00 06 00 03-00 ff 01 00 00 44 00 0b   .............D..
0090 - 00 04 03 00 01 02 00 0a-00 34 00 32 00 01 00 02   .........4.2....
00a0 - 00 03 00 04 00 05 00 06-00 07 00 08 00 09 00 0a   ................
00b0 - 00 0b 00 0c 00 0d 00 0e-00 0f 00 10 00 11 00 12   ................
00c0 - 00 13 00 14 00 15 00 16-00 17 00 18 00 19 00 23   ...............#
00d2 - <SPACES/NULS>
SSL_connect:SSLv2/v3 write client hello A
read from 0x1f57750 [0x1f6fc90] (7 bytes => 0 (0x0))
12488:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:.\ssl\s23_lib.c:177:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 210 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---

编辑 3

好的，我已经将问题归结为 Webbit 初始化，但它没有抛出任何错误，因此我可以使用一些输入来使 getResourceAsStream 正常运行.以下是服务器的初始化方式:

Edit 3

Ok I've nailed the problem to Webbit initialization, but it doesn't throw any errors so I could use some input to getting getResourceAsStream functioning properly. Here's how the server is initialized:

def startWebSocketServer(webSocketHandler:PartialFunction[WebSocketEvent, Unit]) {
    val webServer = WebServers.createWebServer(port)
    try {
      webServer.setupSsl(getClass.getResourceAsStream("/keystore"), "webbit")
      webServer.add("/", new WebSocketEventAdapter(webSocketHandler))
      webServer.start
    } catch {
      case e => e.printStackTrace()
    }
  }

不幸的是 setupSsl 不会输出任何信息，我已经尝试了我认为的路径和插入假路径.无论哪种情况，我都不会出错.我到底如何正确定位路径?谢谢！

Unfortunately setupSsl won't output any information, and I've tried both what I thought would be the path and inserting a fake path. In either case, I can't get an error. How on earth would I properly locate the path? Thanks!

推荐答案

OMFG 答案

在歇斯底里的命运转折中，我发现了问题所在.这个特殊问题占用了我 48 小时的时间，但其原因甚至与代码无关，而且是一个有趣的误传.

The OMFG Answer

In a hysterical twist of fate, I found the problem. This particular issue took up 48 hours of my time, but the cause was not even code related and a funny miscommunication.

事实证明，另一位开发人员已将我们的 websocket 代码复制到他正在开发的新文件中.一直以来，我们都在尝试调试甚至不在运行时执行的文件中的代码.因此，经过进一步调查，我们滚动到一个非常长且不同的文件的底部，找到了 webbit init 代码并完美地执行了它.

So as it turns out, another developer had copied our websocket code into a new file he was working on for development. All this time we were trying to debug code in a file that wasn't even executing at run-time. So upon further investigation we scrolled to the bottom of a very long and different file, and found the webbit init code and excuted it perfectly.

这个故事的寓意:不要将不完整的文件提交到 master 分支，并指向那里的每个人进行调试；)

Moral of the story: don't commit an incomplete file to the master branch and point everyone there for debugging ;)

这篇关于Webbit websocket ws://连接有效但 wss://握手失败而没有任何错误?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！