尝试连接到配置了SSL和WebSocket Hook的套接字时,连接失败。
JavaScript WebSocket请求:
WebSocket('wss://ohmingle.com:7001');
Chrome响应:
WebSocket连接到' wss://ohmingle.com:7001 /'失败:WebSocket 开放握手被取消
InspIRCd调试输出:
Wed Jul 12 09:17:13 2017 SOCKET: Accepting connection on socket 192.168.1.200:7001 fd 232
Wed Jul 12 09:17:13 2017 CULLLIST: classbase::+ @0000017BCDEA2CF0
Wed Jul 12 09:17:13 2017 USERS: New UUID for user: 854AAAAAA
Wed Jul 12 09:17:13 2017 CULLLIST: classbase::+ @0000017BCDEA2F18
Wed Jul 12 09:17:13 2017 USERS: New user fd: 232
Wed Jul 12 09:17:13 2017 SOCKET: New file descriptor: 232
Wed Jul 12 09:17:13 2017 CULLLIST: classbase::+ @0000017BCC2A95D0
Wed Jul 12 09:17:13 2017 CULLLIST: classbase::+ @0000017BCC34C1D0
Wed Jul 12 09:17:13 2017 CONNECTCLASS: Setting connect class for UID 854AAAAAA
Wed Jul 12 09:17:13 2017 CONNECTCLASS: Checking main
Wed Jul 12 09:17:13 2017 USEROUTPUT: C[854AAAAAA] O :ohmingle.com NOTICE * :*** Raw I/O logging is enabled on this server. All messages,
passwords, and commands are being recorded.
Wed Jul 12 09:17:13 2017 USEROUTPUT: C[854AAAAAA] O :ohmingle.com NOTICE * :*** Skipping host resolution (disabled by server
administrator)
Wed Jul 12 09:17:13 2017 SOCKET: Error on FD 232 - 'Read Error'
Wed Jul 12 09:17:13 2017 USERS: QuitUser: 854AAAAAA=854AAAAAA 'Read Error'
Wed Jul 12 09:17:13 2017 USEROUTPUT: C[854AAAAAA] O ERROR :Closing link: (unknown@68.0.186.85) [Read Error]
Wed Jul 12 09:17:13 2017 SOCKET: DoWrite on errored or closed socket
Wed Jul 12 09:17:13 2017 CULLLIST: classbase::~ @0000017BCC2A95D0
Wed Jul 12 09:17:13 2017 CULLLIST: classbase::~ @0000017BCC34C1D0
Wed Jul 12 09:17:13 2017 SOCKET: Remove file descriptor: 232
Wed Jul 12 09:17:13 2017 CULLLIST: Deleting @0000017BCDEA2CF0
Wed Jul 12 09:17:13 2017 CULLLIST: classbase::- @0000017BCDEA2F18
Wed Jul 12 09:17:13 2017 CULLLIST: classbase::- @0000017BCDEA2CF0
Wed Jul 12 09:17:13 2017 CULLLIST: classbase::~ @0000017BCDEA2F18
Wed Jul 12 09:17:13 2017 CULLLIST: classbase::~ @0000017BCDEA2CF0
注意:
Wed Jul 12 09:17:13 2017 SOCKET: Error on FD 232 - 'Read Error'
Wed Jul 12 09:17:13 2017 USERS: QuitUser: 854AAAAAA=854AAAAAA 'Read Error'
Wed Jul 12 09:17:13 2017 USEROUTPUT: C[854AAAAAA] O ERROR :Closing link: (unknown@68.0.186.85) [Read Error]
Wed Jul 12 09:17:13 2017 SOCKET: DoWrite on errored or closed socket
InspIRCd配置:
<module name="ssl_openssl">
<module name="sha1">
<module name="websocket">
<sslprofile name="profileSSL"
provider="openssl"
cafile="C:/sslCert/ohmingle.com.ca-bundle" # Certificate Authority Bundle
certfile="C:/sslCert/ohmingle.com.crt" # My Certificate
keyfile="C:/sslCert/ohmingle.key" # My Private Key
dhfile="C:/sslCert/dhparams4096.pem" # DHParams
hash="sha1">
<bind address="192.168.1.200" port="6669" type="clients" ssl="profileSSL">
<bind address="192.168.1.200" port="7001" type="clients" hook="websocket" ssl="profileSSL">
<bind address="127.0.0.1" port="7000" type="servers">
我正在使用OpenSSL 1.0.2l运行在Windows上编译的InspIRCd的最新源代码。
疑难解答:
我有有效的购买和签名证书。使用端口6669使用HexChat进行测试表明没有连接SSL的问题。证书也用于我的网站,并且没有任何问题。
我尝试从WebSocket绑定(端口7001)中删除ssl="profileSSL",然后尝试标准的WebSocket(ws://ohmingle.com:7001)连接,它可以正常运行。一旦我将ssl="profileSSL"重新引入绑定,我们就无法连接。
欢迎任何人使用6669端口的传统客户端或端口7001上的WebSocket capeable客户端尝试与ohmingle.com上的IRC服务器进行安全连接。我的网站https://ohmingle.com/会自动尝试安全的WebSocket连接。背景,以便您可以使用Chrome DEV控制台检查正在进行的操作。
更新
Chrome仍可按上述方式运行。
FireFox的一切正常。
Edge的工作方式与Chrome类似,但提供了更具描述性的错误:
SCRIPT12044:WebSocket错误:网络错误12044,证书是 需要完成客户端身份验证
证书?我的网络服务器有效证书。我连接的页面使用它。 WebSocket是否只使用与其使用的网页相同的证书?
答案 0 :(得分:0)
您必须先在https://ohmingle.com:7001上接受自签名证书,然后才能通过wss进行连接。
答案 1 :(得分:0)
要使其正常工作,您必须在inspircd3 sslprofile标记中设置requestclientcert="no"。