real time reporting with ssl not working - Stopping WebSocket server

[j-hen]

I am having a problem getting the real time reporting working for go access. The real time reporting works without issue if I do not use ssl. When I attempt to use ssl with the real time reporting I get the following message:

Stopping WebSocket server...

I am using various versions of the following command:

sudo goaccess /var/log/apache2/access.log -a -o /var/www/goaccess.html --real-time-html --log-format COMBINED --ssl-cert=/pathtocert/certname.crt --ssl-key=/pathtocert/certname.key --ws-url=wss://sitename.com:7890

What varies is the use of the --ws-url flag and its option. I've tried with and without specifying the scheme. I've tried with and without specifying the port. I have recompiled goaccess as follows in attempt to view the debug log for helpful information:

./configure --enable-utf8 --enable-geoip=legacy --enable-debug --with-openssl

The debug file contains the following:

Bye.

Thanks for your help.

[allinurl]

Did you build from development or from the latest version (v1.2)? Also, which openssl version are you using?

If the WS exits right after it's ran, then it's likely it couldn't initialize the SSL context.

For instance, you may get something like:

==Using TLS/SSL==
Error: error:02001002:system library:fopen:No such file or directory
Stopping WebSocket server...

[j-hen]

me@box:~$ openssl version -a OpenSSL 1.0.1t 3 May 2016 built on: Tue Jan 31 22:09:44 2017 platform: debian-amd64

I built this:

http://tar.goaccess.io/goaccess-1.2.tar.gz

The only output I received is the following:

Stopping WebSocket server... Parsing... [342,509] [38,056/s]

[xbgmsharp]

I have the same problem, i build using the Docker image with the following parameters:

./configure --enable-utf8 --enable-geoip=mmdb --enable-debug --with-openssl

The debug log:

Accepted: 11 xx.xx.yy.zz
SSL: SSL_accept - SSL_ERROR_WANT_READ
SSL: incomplete, data available for reading
SSL Accepted: 11 xx.xx.yy.zz
SSL: SSL_shutdown - SSL_ERROR_SYSCALL
SSL: handshake interrupted, got EOF
SSL: SSL_shutdown, connection unexpectedly closed by peer.
Active: 0

From Chrome i got:

WebSocket connection to 'wss://mysite.com:7890/' failed: Error during WebSocket handshake: Unexpected response code: 400
setWebSocket @ index.html:1214

From Firefox i got:

Firefox can’t establish a connection to the server at wss://mysite.com:7890/.

[allinurl]

@j-hen I've added some additional debug messages that should help pinpoint where the issue may be. Would you be able to build from development and post back the complete output that you get. Thanks

[allinurl]

@xbgmsharp Can you please build from development and post back your output? Thanks

[CensuV]

Tried with devel version but still getting this, debug.log not showing anything else.

./configure --enable-utf8 --enable-debug --with-openssl --enable-tcb=btree

VM146:161 WebSocket connection to 'wss://************:7890/' failed: Error during WebSocket handshake: Unexpected response code: 400
WrappedWebSocket @ VM146:161

==Using TLS/SSL==
WebSocket server ready to accept new client connections
Accepted: 160 ***.***.***.***
SSL: SSL_accept - SSL_ERROR_WANT_READ
SSL: incomplete, data available for reading
SSL Accepted: 160 ***.***.***.*** 
SSL: SSL_shutdown - SSL_ERROR_SYSCALL
SSL: handshake interrupted, got EOF
SSL: SSL_shutdown, connection unexpectedly closed by peer.
Active: 0

I can start debug the ssl handshake and stuff on network level, but maybe you have already some pointers i could try first.

All certs are within domain and working fine for httpd

[allinurl]

@CensuV Can I ask you what version of openssl are you running?

[CensuV]

@allinurl OpenSSL 1.0.2k-fips 26 Jan 2017 / RHEL 7.3

[allinurl]

I just pushed a commit that may help with this issue. The output of SSL_get_error(3) in here can be misleading as an erroneous SSL_ERROR_SYSCALL when no error has occured and therefore lead to a completely shutdown of the connection.

Please build from development again and let me know if that fixes the issue. Thanks!

[allinurl]

BTW, just pushed a few commits for SSL_accept, SSL_read and SSL_write.

[CensuV]

@allinurl so, not much more soda .....

Accepted: 160 ***************************
SSL: SSL_accept - SSL_ERROR_WANT_READ
SSL: incomplete, data available for reading
SSL Accepted: 160 ************************
SSL: SSL_shutdown - SSL_ERROR_SYSCALL
SSL: handshake interrupted, got EOF
SSL: SSL_shutdown, connection unexpectedly closed by peer.
Active: 0

Chrome gives

Error during WebSocket handshake:

---

./configure --enable-utf8 --enable-debug --with-openssl --enable-tcb=btree

[allinurl]

I've pushed some additional changes to the SSL routines and SSL_accept(3). Can you please rebase and let me know what output you get. If that doesn't help, and since I'm not able to reproduce this on my side, may I ask you if you could please help debug the following functions in gdb and see why the connection is shutting down:

1. shutdown_ssl
2. accept_ssl
3. send_ssl_buffer
4. read_ssl_socket
5. handle_ssl_pending_rw

$ gdb --args ./goaccess -p /your/configfile/goaccess.conf
(gdb) b function_name
(gdb) b any_other_function_name
(gdb) r <enter>

Thanks

[CensuV]

[Thread 0x7fffed3af700 (LWP 23842) exited]
Accepted: 162 10.127.12.168
[Switching to Thread 0x7fffee3b1700 (LWP 23840)]

Breakpoint 5, handle_ssl_pending_rw (conn=162, server=0x6aa020, client=0x7fffe801fb70) at src/websocket.c:848
848       if (!wsconfig.use_ssl)

[allinurl]

@CensuV Could you please elaborate a bit more on the debug output you posted above? Is that where it's closing the connection? Can you also post the output after a normal run? Thanks

[CensuV]

@allinurl, is there a prived chat we can directly convers about this ? Makes it easier i think.

[allinurl]

@CensuV Unfortunately no private chat, but feel free to send me an email: hello [at] goaccess.io

[Maksold]

I have the same problem. @allinurl Do you have any solution?

[allinurl]

@Maksold I didn't hear back from CensuV so can I ask you to build from development and test it out and post your output here?