• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: SSL websocket server, part two
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SSL websocket server, part two

  • Subject: Re: SSL websocket server, part two
  • From: Mitchell Laurren-Ring <email@hidden>
  • Date: Mon, 10 Nov 2014 17:40:22 -0800
I used Wireshark to capture packets on interface lo0 on Lion, Mountain Lion and Mavericks. Remember, the client is Google Chrome and the server is a launchd process. Both client and server are local (127.0.0.1). A summary of the packet trace for the three OS versions follows. For brevity, C=client and S=server.


Lion (fails)

1) C: SYN
2) S: SYN, ACK
3) C: ACK
4) S: Dup ACK (of #2)
5) C: Client Hello (TLS 1.0)
6) S: ACK
7) C: FIN, ACK
8) S: ACK
9) C: Dup ACK (of #7)
10) S: FIN, ACK
11) C: ACK


Mountain Lion (fails)

1) C: SYN
2) S: SYN, ACK
3) C: ACK
4) S: TCP window update + ACK
5) C: Client hello (TLS 1.2)
6) S: ACK
7) C: FIN, ACK
8) S: ACK
9) C: Dup ACK (of #7)
10) S: Server hello
11) C: RST


Mavericks (successful)

1) C: SYN
2) S: SYN, ACK
3) C: ACK
4) S: TCP Window Update + ACK
5) C: Client Hello (TLS 1.2)
6) S: ACK
7) S: Server Hello
8( C: ACK
9) S: Certificate
10) C: ACK
11) S: Server Hello Done
12) C: ACK
13) C: Client key exchange, change cipher spec, encrypted handshake message
14) S: ACK
15) S: Change Cipher Spec
16) C: ACK
etc.

It looks to me like the client’s SSL stack is ending the conversation early by setting the FIN flag in step #7. Is that a correct conclusion? How do I prevent or mitigate this?

/Mick




On Nov 6, 2014, at 1:35 AM, Quinn The Eskimo! <email@hidden> wrote:

>
> On 5 Nov 2014, at 19:09, Mitchell Laurren-Ring <email@hidden> wrote:
>
>> What should I look for in the tcpdump?
>
> You'll need to use a higher-level tool to decode the TCP stream as TLS.  A lot of folks do this with the Wireshark app.  Personally, I can't cope with its UI, so I tend to use the "tshark" tool that comes bundled within Wireshark.
>
> Share and Enjoy
> --
> Quinn "The Eskimo!"                    <http://www.apple.com/developer/>
> Apple Developer Relations, Developer Technical Support, Core OS/Hardware
>
>
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Macnetworkprog mailing list      (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden


 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: SSL websocket server, part two
      • From: "Quinn \"The Eskimo!\"" <email@hidden>
References: 
 >SSL websocket server, part two (From: Mitchell Laurren-Ring <email@hidden>)
 >Re: SSL websocket server, part two (From: "Quinn \"The Eskimo!\"" <email@hidden>)
 >Re: SSL websocket server, part two (From: "Quinn \"The Eskimo!\"" <email@hidden>)

  • Prev by Date: Re: SSL websocket server, part two
  • Next by Date: Re: SSL websocket server, part two
  • Previous by thread: Re: SSL websocket server, part two
  • Next by thread: Re: SSL websocket server, part two
  • Index(es):
    • Date
    • Thread