[squeak-dev] Re: WebClient + SqueakSSL = https

Levente Uzonyi leves at elte.hu
Mon Jul 26 13:59:37 UTC 2010 

On Sun, 25 Jul 2010, Andreas Raab wrote:

> On 7/25/2010 7:55 PM, Levente Uzonyi wrote:
>> It works for me, but I always get 'Invalid certificate' error, even for
>> google.com. #certState is always 1 (generic error). If I just ignore the
>> error, everything is fine. Is there a way to debug it?
>> (Ubuntu 8.04 x86_64 CogVM)
>
> Interesting. I suspect it's something in OpenSSL plugin code. The thing to 
> try is to to change SecureSocketStream>>sslConnect from:
>
> 	squeakSSL := SqueakSSL new.
>
> to the following:
>
> 	squeakSSL := SqueakSSL new.
>
> 	"Logs extra info stdout"
> 	squeakSSL logLevel: 1.
>
> You should be getting a bunch of console output as a result which should 
> prove helpful.

I found a few issues with logging on unix:
- SqueakSSL >> #primitiveSSL:setIntProperty:toValue: calls
   #primitiveSetStringProperty instead of #primitiveSetIntProperty.
- #primitiveSetIntPropery always fails, because sqSetIntPropertySSL always
   returns 0, it should return 1 at the end of the function.
After fixing these #logLevel: with argument 1 didn't give any output. It 
works with 2 and 3. It's a bit annoying that the log messages are not 
flushed (printf is buffered), so one has to generate a few requests to 
see the result of the first one (I can't flush stdout without FFI or 
OSProcess).

>
> Also, you might try to see whether going directly to encrypted.google.com 
> makes a difference (the https request to www.google.com is first redirected 
> to encrypted.google.com and perhaps the problem is somewhere in the redirect 
> handling):
>
> 	WebClient httpGet: 'https://encrypted.google.com/search?q=squeak'.

It's the same.

I attached the output of [WebClient httpGet: 
'https://www.google.com/search?q=squeak'] generated with #logLevel: 3.


Levente

>
> Cheers,
>  - Andreas
>
>
-------------- next part --------------
sqConnectSSL: 8139f20
sqConnectSSL: Setting up SSL
sqSetupSSL: setting method
sqSetupSSL: Creating context
sqSetupSSL: setting cipher list
sqSetupSSL: No root CA given; using default verify paths
sqSetupSSL: Creating SSL
sqSetupSSL: setting bios
sqConnectSSL: Setting connect state
sqConnectSSL: BIO_write 0 bytes
sqConnectSSL: SSL_connect
sqConnectSSL: sqCopyBioSSL
sqCopyBioSSL: 85 bytes pending; buffer size 4096
sqConnectSSL: 8139f20
sqConnectSSL: BIO_write 1718 bytes
sqConnectSSL: SSL_connect
sqConnectSSL: sqCopyBioSSL
sqCopyBioSSL: 186 bytes pending; buffer size 4096
sqConnectSSL: 8139f20
sqConnectSSL: BIO_write 47 bytes
sqConnectSSL: SSL_connect
sqConnectSSL: SSL_get_peer_certificate
sqConnectSSL: cert = 814c218
sqConnectSSL: peerName = www.google.com
sqConnectSSL: SSL_get_verify_result = 20
sqEncryptSSL: Encrypting 133 bytes
sqCopyBioSSL: 158 bytes pending; buffer size 4096
sqConnectSSL: 8139f20
sqConnectSSL: Setting up SSL
sqSetupSSL: setting method
sqSetupSSL: Creating context
sqSetupSSL: setting cipher list
sqSetupSSL: No root CA given; using default verify paths
sqSetupSSL: Creating SSL
sqSetupSSL: setting bios
sqConnectSSL: Setting connect state
sqConnectSSL: BIO_write 0 bytes
sqConnectSSL: SSL_connect
sqConnectSSL: sqCopyBioSSL
sqCopyBioSSL: 85 bytes pending; buffer size 4096
sqConnectSSL: 8139f20
sqConnectSSL: BIO_write 1709 bytes
sqConnectSSL: SSL_connect
sqConnectSSL: sqCopyBioSSL
sqCopyBioSSL: 186 bytes pending; buffer size 4096
sqConnectSSL: 8139f20
sqConnectSSL: BIO_write 47 bytes
sqConnectSSL: SSL_connect
sqConnectSSL: SSL_get_peer_certificate
sqConnectSSL: cert = 814b420
sqConnectSSL: peerName = *.google.com
sqConnectSSL: SSL_get_verify_result = 20
sqEncryptSSL: Encrypting 139 bytes
sqCopyBioSSL: 164 bytes pending; buffer size 4096

More information about the Squeak-dev mailing list