search

lunarmodules / luasec

LuaSec
Other
364 stars 133 forks source link

SSL Handshake fails without an error message #177

Closed markfmh closed 3 years ago

markfmh commented 3 years ago

Hello,

The handshake fails, but there is no error message. According to the spec there should be an error message if the call returns false. I have no idea why it fails and how to solve it

Steps to reproduce

local http=require("socket.http")
local https = require("ssl.https")
local socket = require "socket"

  local conn = socket.tcp()
  local status, errmsg =  conn:connect( "api.notion.com",443)

  local params = {
    mode = "client",
    protocol = "tlsv1_2",
    --  cafile = "/tmp/cacert.pem",
    verify = "none",
    options = "all",
    }

   conn, errmsg = ssl.wrap( conn, params)
   local succes, errmsg  = conn:dohandshake()

 --> succes returns false but errmsg is nil

Kind regards,

Mark

brunoos commented 3 years ago

It seems the server requires that you set SNI.

conn, errmsg = ssl.wrap( conn, params)
conn:sni("api.notion.com")
local succes, errmsg  = conn:dohandshake()
markfmh commented 3 years ago

Hi Bruno,

Thanks for your answer!

My luasec version (0.5) doesn't seem to support that call, I will check if I can upgrade the library.

Kind regards,

Mark

Op vr 16 jul. 2021 om 20:17 schreef Bruno Silvestre < @.***>:

It seems the server requires that you set SNI.

conn, errmsg = ssl.wrap( conn, params) conn:sni("api.notion.com") local succes, errmsg = conn:dohandshake()

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/brunoos/luasec/issues/177#issuecomment-881631778, or unsubscribe https://github.com/notifications/unsubscribe-auth/AU3LDJD7MBY2GXGPXJNDIO3TYBZVDANCNFSM5ANCRXOA .