search

ninenines / gun

HTTP/1.1, HTTP/2, Websocket client (and more) for Erlang/OTP.
ISC License
891 stars 232 forks source link

Problem connecting to wss://echo.websocket.org #225

Closed michelboaventura closed 4 years ago

michelboaventura commented 4 years ago

Hi,

I'm using 2.0.0-pre.2 on elixir and trying to run a basic example without success:

iex> {:ok, pid} = :gun.open('echo.websocket.org', 443)
{:ok, #PID<0.687.0>}
iex> :gun.await_up(pid)
{:error, :timeout}

If I try the same thing on port 80, everything works:

iex> {:ok, pid} = :gun.open('echo.websocket.org', 80)
{:ok, #PID<0.747.0>}
iex> :gun.await_up(pid)
{:ok, :http}

Of course I've thought the problem was with the https version of the site, but you can try it on https://www.websocket.org/echo.html or use something like wscat -c ws://echo.websocket.org. How can I debug this issue further? Thank you!

essen commented 4 years ago

Please try tracing the Gun process I'll have a look later.

michelboaventura commented 4 years ago

Hi,

Tracing the process just prints this a couple of times before giving up:

*DBG* <0.489.0> receive state_timeout {retries,1,not_connected} in state domain_lookup
*DBG* <0.489.0> receive internal {retries,1,
                  #{ip_addresses => [{174,129,224,73}],
                    port => 443,tcp_module => inet_tcp,
                    tcp_opts => [binary,{active,false},{packet,raw}]}} in state domain_lookup
*DBG* <0.489.0> consume state_timeout {retries,1,not_connected} in state domain_lookup => connecting
*DBG* <0.489.0> receive internal {retries,1,#Port<0.27>} in state connecting
*DBG* <0.489.0> consume internal {retries,1,
                  #{ip_addresses => [{174,129,224,73}],
                    port => 443,tcp_module => inet_tcp,
                    tcp_opts => [binary,{active,false},{packet,raw}]}} in state connecting => initial_tls_handshake
*DBG* <0.489.0> receive internal {retries,1,closed} in state initial_tls_handshake
*DBG* <0.489.0> consume internal {retries,1,#Port<0.27>} in state initial_tls_handshake => not_connected
*DBG* <0.489.0> consume internal {retries,1,closed} in state not_connected => domain_lookup
*DBG* <0.489.0> start_timer {state_timeout,5000,{retries,0,not_connected},[]} in state domain_lookup
essen commented 4 years ago

Yep seems that the domain lookup fails. Times out.

essen commented 4 years ago

Reading again, seems like initial_tls_handshake instead. So it's the TLS connect that times out. Not sure I can do much about that. Maybe it expects a specific TLS version or something.

essen commented 4 years ago

One thing for sure I know this is not a Gun issue, because:

1> application:ensure_all_started(ssl).
{ok,[crypto,asn1,public_key,ssl]}
2> {ok, S} = ssl:connect("echo.websocket.org", 443, []).
** exception error: no match of right hand side value {error,closed}

Please open a ticket to https://bugs.erlang.org if you think this is an Erlang bug.

michelboaventura commented 4 years ago

Thank you @essen, I will try to debug this further and will return with any news.

Cheers.

michelboaventura commented 4 years ago

I've created an issue on Erlang's Jira: https://bugs.erlang.org/browse/ERL-1225

Meanwhile I was able to connect by manually setting the ssl cypher:

1> application:ensure_all_started(ssl).
{ok,[crypto,asn1,public_key,ssl]}
2> ssl:connect("echo.websocket.org", 443, [{ciphers, [ssl:str_to_suite("AES128-SHA")]}]).
{ok,{sslsocket,{gen_tcp,#Port<0.7>,tls_connection,undefined},
               [<0.113.0>,<0.112.0>]}}
essen commented 4 years ago

Cheers.