Webbit websocket ws://连接有效但 wss://握手失败而没有任何错误? [英] Webbit websocket ws:// connection works but wss:// handshake fails silently without any error?
问题描述
将 Webbit 升级到 0.4.6 以使用新的 SSL 支持,但立即意识到所有 wss://握手都以静默方式失败,我没有显示任何错误.Chrome 仅针对没有 HTTP 代码或任何其他标头的响应报告成功".我检查了服务器日志,它甚至没有注册打开"事件.
Upgraded Webbit to 0.4.6 to use the new SSL support but immediately realized that all wss:// handshakes are failing silently and I don't have any errors to show for it. Chrome only reports a "success" for a response without a HTTP code or any other headers. I check server logs and it doesn't even register an "open" event.
这里的问题是任何 ws://连接都很好用.那么什么可能是可能的问题,我怎样才能从中得到错误呢?java密钥库和SSL握手有问题吗?
The catch here is that any ws:// connection works great. So what could be possible problems and how can I get an error out of it? Could it be something wrong with the java keystore and SSL handshake?
我找到了一个用于测试握手的 openSSL 命令.这是输出:
I was able to find an openSSL command for a test handshake. Here's the output:
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:error in SSLv2/v3 read server hello A
编辑 2
我意识到我可以进一步调试
Edit 2
I realized I could debug this further
CONNECTED(0000016C)
SSL_connect:before/connect initialization
write to 0x1f57750 [0x1f6a730] (210 bytes => 210 (0xD2))
0000 - 16 03 01 00 cd 01 00 00-c9 03 01 4f 6b 8d 68 63 ...........Ok.hc
0010 - 99 06 08 30 93 2a 42 88-f8 f1 c4 c5 dc 89 71 0b ...0.*B.......q.
0020 - b6 04 42 4e 11 79 b4 76-6c f7 66 00 00 5c c0 14 ..BN.y.vl.f..\..
0030 - c0 0a 00 39 00 38 00 88-00 87 c0 0f c0 05 00 35 ...9.8.........5
0040 - 00 84 c0 12 c0 08 00 16-00 13 c0 0d c0 03 00 0a ................
0050 - c0 13 c0 09 00 33 00 32-00 9a 00 99 00 45 00 44 .....3.2.....E.D
0060 - c0 0e c0 04 00 2f 00 96-00 41 00 07 c0 11 c0 07 ...../...A......
0070 - c0 0c c0 02 00 05 00 04-00 15 00 12 00 09 00 14 ................
0080 - 00 11 00 08 00 06 00 03-00 ff 01 00 00 44 00 0b .............D..
0090 - 00 04 03 00 01 02 00 0a-00 34 00 32 00 01 00 02 .........4.2....
00a0 - 00 03 00 04 00 05 00 06-00 07 00 08 00 09 00 0a ................
00b0 - 00 0b 00 0c 00 0d 00 0e-00 0f 00 10 00 11 00 12 ................
00c0 - 00 13 00 14 00 15 00 16-00 17 00 18 00 19 00 23 ...............#
00d2 - <SPACES/NULS>
SSL_connect:SSLv2/v3 write client hello A
read from 0x1f57750 [0x1f6fc90] (7 bytes => 0 (0x0))
12488:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:.\ssl\s23_lib.c:177:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 210 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---
编辑 3
好的,我已经将问题归结为 Webbit 初始化,但它没有抛出任何错误,因此我可以使用一些输入来使 getResourceAsStream
正常运行.以下是服务器的初始化方式:
Edit 3
Ok I've nailed the problem to Webbit initialization, but it doesn't throw any errors so I could use some input to getting getResourceAsStream
functioning properly. Here's how the server is initialized:
def startWebSocketServer(webSocketHandler:PartialFunction[WebSocketEvent, Unit]) {
val webServer = WebServers.createWebServer(port)
try {
webServer.setupSsl(getClass.getResourceAsStream("/keystore"), "webbit")
webServer.add("/", new WebSocketEventAdapter(webSocketHandler))
webServer.start
} catch {
case e => e.printStackTrace()
}
}
不幸的是 setupSsl
不会输出任何信息,我已经尝试了我认为的路径和插入假路径.无论哪种情况,我都不会出错.我到底如何正确定位路径?谢谢!
Unfortunately setupSsl
won't output any information, and I've tried both what I thought would be the path and inserting a fake path. In either case, I can't get an error. How on earth would I properly locate the path? Thanks!
推荐答案
OMFG 答案
在歇斯底里的命运转折中,我发现了问题所在.这个特殊问题占用了我 48 小时的时间,但其原因甚至与代码无关,而且是一个有趣的误传.
The OMFG Answer
In a hysterical twist of fate, I found the problem. This particular issue took up 48 hours of my time, but the cause was not even code related and a funny miscommunication.
事实证明,另一位开发人员已将我们的 websocket 代码复制到他正在开发的新文件中.一直以来,我们都在尝试调试甚至不在运行时执行的文件中的代码.因此,经过进一步调查,我们滚动到一个非常长且不同的文件的底部,找到了 webbit init 代码并完美地执行了它.
So as it turns out, another developer had copied our websocket code into a new file he was working on for development. All this time we were trying to debug code in a file that wasn't even executing at run-time. So upon further investigation we scrolled to the bottom of a very long and different file, and found the webbit init code and excuted it perfectly.
这个故事的寓意:不要将不完整的文件提交到 master 分支,并指向那里的每个人进行调试;)
Moral of the story: don't commit an incomplete file to the master branch and point everyone there for debugging ;)
这篇关于Webbit websocket ws://连接有效但 wss://握手失败而没有任何错误?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!