- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Dear Sir,
Could you help me to check this error when connection websocket using Websocket Server Example on WICED 6.1.2
I just test some application on Windows Client Socket, and the application is okay, it can connect in both ws and wss(tls 1.1).
But when i write it on android application, it can just connect to ws, the feature wss (tls 1.2) can not work. (The android application i try on echo.websocket.org still okay in both mode ws and wss)
The Debug Log i got on WICED device:
Initialising NetX_Duo v5.10_sp3
Creating Packet pools
WLAN MAC Address : 00:25:CA:11:51:97
WLAN Firmware : wl0: Apr 30 2018 04:14:19 version 7.45.98.50 (r688715 CY) FWID 01-283fcdb9
WLAN CLM : API: 12.2 Data: 9.10.39 Compiler: 1.29.4 ClmImport: 1.36.3 Creation: 2018-04-11 22:31:21
IPv4 network ready IP: 192.168.0.1
Setting IPv6 link-local address
IPv6 network ready IP: FE80:0000:0000:0000:0225:CAFF:FE11:5197
[App] Network initialized
[App] Read the certificate Key from DCT
Websocket Server console start
> start
[App] WebSocket Server running(listening...)
> . Setting up the SSL/TLS structure...
TLS library asked for [5] bytes
Received new TCP packet with length [157]
TLS library asked for [152] bytes
Skip [5] no of bytes from TCP received packet with length : [157]
TLS library asked for [5] bytes
Received new TCP packet with length [7]
TLS library asked for [2] bytes
Skip [5] no of bytes from TCP received packet with length : [7]
WICED/security/BESL/mbedtls_open/library/ssl_tls.c:4219: is a fatal alert message (msg 46)
WICED/security/BESL/mbedtls_open/library/ssl_tls.c:3837: mbedtls_ssl_read_record_layer() returned -30592 (-0x7780)
WICED/security/BESL/mbedtls_open/library/ssl_srv.c:3859: mbedtls_ssl_read_record() returned -30592 (-0x7780)
failed
! mbedtls_ssl_handshake returned -0xffff8880
[websocket_server_deferred_connect_callback] Failed to accept socket - res:4 @websock: 0x2000ecd0 @sock: 0x2001457c
[App] Error[11] @websocket:0x2000ecd0
disconnect callback @websocket: 0x2000ecd0 @sock: 0x2001457c
. Setting up the SSL/TLS structure...
TLS library asked for [5] bytes
Received new TCP packet with length [157]
TLS library asked for [152] bytes
Skip [5] no of bytes from TCP received packet with length : [157]
TLS library asked for [5] bytes
Received new TCP packet with length [7]
TLS library asked for [2] bytes
Skip [5] no of bytes from TCP received packet with length : [7]
WICED/security/BESL/mbedtls_open/library/ssl_tls.c:4219: is a fatal alert message (msg 46)
WICED/security/BESL/mbedtls_open/library/ssl_tls.c:3837: mbedtls_ssl_read_record_layer() returned -30592 (-0x7780)
WICED/security/BESL/mbedtls_open/library/ssl_srv.c:3859: mbedtls_ssl_read_record() returned -30592 (-0x7780)
failed
! mbedtls_ssl_handshake returned -0xffff8880
[websocket_server_deferred_connect_callback] Failed to accept socket - res:4 @websock: 0x2000ef7c @sock: 0x20015344
[App] Error[11] @websocket:0x2000ef7c
disconnect callback @websocket: 0x2000ef7c @sock: 0x20015344
And on Wireshark side, i got this information:
Please check it for me what i do wrong.
Thank you
- Labels:
-
WICED Studio
-
Wifi+Bluetooth
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Can you tell me the platform and SDK you are using? Is it WICED 6.2.1 or 6.0.1.85?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am using WICED 6.2.1
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The Websocket application largely depends upon the client libraries used in Andrioid application. Can you share a sample android application that can be used to replicate the issue?
Besides can you first try to establish a secure connection with a WICED TCP server?
Note: There are known issues in TLS handshake between external client and WICED webscoket server
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This is my source client to connect to server. Could you check it for me.
And how about the known issues in TLS handshake? could you describe it for me?
Thank you
package com.example.lmorda.websocketchat;
import android.os.Bundle;
import android.os.Handler;
import android.support.v7.app.AppCompatActivity;
import android.util.Log;
import android.widget.TextView;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.X509HostnameVerifier;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.conn.SingleClientConnManager;
import java.io.IOException;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;
import okhttp3.WebSocket;
import okhttp3.WebSocketListener;
import okio.ByteString;
@SuppressWarnings("deprecation")
public class WebSocketActivity extends AppCompatActivity {
private TextView tvOutput;
private static final int NORMAL_CLOSURE_STATUS = 1000;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
tvOutput = findViewById(R.id.output);
tvOutput.setText("Connecting: ws://192.168.0.1 ...");
HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
DefaultHttpClient client = new DefaultHttpClient();
SchemeRegistry registry = new SchemeRegistry();
SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
registry.register(new Scheme("https", socketFactory, 443));
SingleClientConnManager mgr = new SingleClientConnManager(client.getParams(), registry);
DefaultHttpClient httpClient = new DefaultHttpClient(mgr, client.getParams());
// Set verifier
HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
// Example send http request
// final String url = "ws://192.168.0.1";
// HttpPost httpPost = new HttpPost(url);
// try {
// HttpResponse response = httpClient.execute(httpPost);
// } catch (IOException e) {
// e.printStackTrace();
// }
// OkHttpClient client = new OkHttpClient();
// SSLContext sslContext = SslUtils.getSslContextForCertificateFile(this, "BPClass2RootCA-sha2.cer");
// client.setSslSocketFactory(sslContext.getSocketFactory());
// WebSocket
Request request = new Request.Builder().url("ws://192.168.0.1").build();
EchoWebSocketListener listener = new EchoWebSocketListener();
OkHttpClient okHttpClient = new OkHttpClient();
final WebSocket webSocket = okHttpClient.newWebSocket(request, listener);
okHttpClient.dispatcher().executorService().shutdown();
final Handler pingHandler = new Handler();
Runnable pingRunnable = new Runnable() {
@Override
public void run() {
String ping = "{\"type\":\"ping\",\"message\":\"hello\"}";
output("Tx: " + ping);
webSocket.send(ping);
pingHandler.postDelayed(this, 10000);
}
};
pingHandler.postDelayed(pingRunnable, 10000);
}
// WebSocket
private final class EchoWebSocketListener extends WebSocketListener {
@Override
public void onOpen(WebSocket webSocket, Response response) {
output("WebSocket connected to ws://10.0.2.2:8080/websocket/chat");
output("Actively listening to localhost port 8080 for WebSocket traffic");
output("Sending test echo message");
String json = "{\"type\":\"chat\",\"message\":\"im online, whats up\"}";
output("Tx: " + json);
webSocket.send(json);
}
@Override
public void onMessage(WebSocket webSocket, String text) {
output("Rx: " + text);
// Check the WebSocket message type
if (text.contains("chat")) {
// do something chat related
}
}
@Override
public void onMessage(WebSocket webSocket, ByteString bytes) {
output("Rx bytes: " + bytes.hex());
}
@Override
public void onClosing(WebSocket webSocket, int code, String reason) {
webSocket.close(NORMAL_CLOSURE_STATUS, null);
output("Closed: " + code + " / " + reason);
}
@Override
public void onFailure(WebSocket webSocket, Throwable t, Response response) {
output("Error: " + t.getMessage());
}
}
private void output(final String txt) {
runOnUiThread(new Runnable() {
@Override
public void run() {
Log.d("websocketchat", txt);
tvOutput.setText(tvOutput.getText().toString() + "\n\n" + txt);
}
});
}
}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
riya wrote:
Note: There are known issues in TLS handshake between external client and WICED webscoket server
What is the known issues in TLS handshake?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
axel.lin_1746341 wrote:
riya wrote:
Note: There are known issues in TLS handshake between external client and WICED webscoket server
What is the known issues in TLS handshake?
riya
The reason I asked the TLS handshake issue is because it is a common library used by various
applications. I'd like to know the impact of "known issues in TLS handshake" as you mentioned.
Can you elaborate the known issue?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
There are no issues in TLS library. There are issues in connecting an external client(browser/android) to Webscoket of WICED. We have tested TLS with mbed server and WICED implementation for different cipher suites and TLS handshake completed without any error.
I have tried to connect to WICED Webscoket server through web browser but couldn't include the certificates in my client. Websocket application works fine between two WICED boards(one as client and other as server) as the certificates can be easily included in the WICED client application. Need to figure out a way to include certificates in client.