About a SSLSocket pluging


photo

Recommended Posts

Hello Unigine ...

I have 3 problems using SSLSocket

  1. Using Unigine script creating a client it don't pass the Handshake with a RSS Feed server
  2. The plugin sample ssl_socket_01.cpp, is using tls 1.0 or 1.1 that are deprecable, I try to load my own private key and don't load.
  3. How I can use this plugin from C++ if I don't found the interface?. 

Expanding the questions....

Problem 1

I trying to create a single client and down some RSS feed sample.  This client connect but fail on the handshacke.

 

int init() 
{
	#ifdef HAS_SSL_SOCKET
		log.message("ssl socket\n");
		socket = new SSLSocket();
		
		// https://www.feedforall.com/sample.xml
		socket.open("www.feedforall.com", 443);
		if (socket.connect())
		{
			log.message("Is Connected\n");
			if(socket.getHandshake()) 
			{
				log.message("Handshake OK\n");
				stream = socket.getStream();
				if (stream!=NULL)
				{
					log.message("Stream is OK\n");

					// socket.block();
					stream.printf("GET /sample.xml HTTP/1.1\r\nHost: www.feedforall.com\r\nUser-Agent: Unigine\r\n\r\n");
				
					if (stream.isAvailable())
					{
						log.message("isAvailable OK\n");
					}
					else
					{
						log.message("isAvailable not data\n");
					}
					log.message(stream.gets());
				}
				else
				{
					log.message("Stream is NULL");
				}
			}
			else
			{
				log.message("Handshake FALSE\n");
			}
		}
		else
		{
			log.message("Not is Is Connected\n");
		}
	#else
		log.message("SSLSocket plugin is not loaded");
	#endif
	
	return 1;
}

173897827_2019-10-0814-17-43SSLSocketTest.world-UnigineEditor-2.9.0.0(DX11)(29c715810_master).jpg.a99b0dc4b1a252fd69495bd1d7f59948.jpg

Problem 2

For Other place I test your server application and this work. But I used your Private key and certificate. The browser says that is using TLS 1.0 or TLS 1.1 that are deprecable. Then I try to use my own web site private key and certificate. This load the certificate correctly but the Private key fail loading that. 

 1819118451_2019-10-0814-21-06LynzaDocodez1.5.0.2.jpg.65781435e33e5ca7822232fb31e839da.jpg

	void create() {
		socket = new SSLSocket();
		socket.open(4433);
		socket.bind();
		socket.listen(10);
		socket.nonblock();
		socket.load(SSL_SOCKET_RSA_KEY,fullPath("ssl/lynza/private_key.pem"));   //  Fail load this, this load fine with OpenSSL
		socket.load(SSL_SOCKET_X509_CERT,fullPath("ssl/lynza/certificate.pem")); // certificate load fine.
		//socket.load(SSL_SOCKET_RSA_KEY,fullPath("ssl/private_key.pem"));
		//socket.load(SSL_SOCKET_X509_CERT,fullPath("ssl/certificate.pem"));
		
	}

Unigine~# config_readonly 1 && world_load "SSLServerTest"
Script loading "core/unigine.usc" 9ms
Loading "core/locale/unigine.locale" dictionary 1ms
Script loading "SSLServerTest.cpp" 9ms
World loading "SSLServerTest.world" 102ms
SSLSocket::load(): can't load certificate from "ssl/lynza/private_key.pem" file -269
----Load cache textures----
Cache textures loaded 94 (62ms)

Problem 3

2017404071_2019-10-0814-37-51task3-MicrosoftVisualStudio.jpg.5fbf7f54b8479a3e32123076055a324f.jpg

 

/Roberto

 

Edited by roberto.voxelfarm
spelling
Link to post

Hello Roberto,

10 hours ago, roberto.voxelfarm said:

Problem 1

You need to load the certificate right after you've created SSLSocket. Please, check how it was made in the SDK sample ssl_socket_00.cpp.

10 hours ago, roberto.voxelfarm said:

Problem 2

Error 269 is an SSL one. I can't give you more info based on the description. Looks like the issue is on the certificate side. How exactly did you make it?

12 hours ago, roberto.voxelfarm said:

Problem 3

There's no interface for C++, only UnigineScript available. As a workaround you can create header and use it in your own app.

Thanks.

How to submit a good bug report
---
FTP server for test scenes and user uploads:

Link to post

For problem 1, I make many test, one of that was load certificate too. and continue fail the handshake

for problem 2, you can use https://www.sslforfree.com/ with this site, you can generate a valid certificate free for 3 months and use this for the test.

Problem 1 code

int init() 
{
	#ifdef HAS_SSL_SOCKET
		log.message("ssl socket\n");
		socket = new SSLSocket();
		
		int v = socket.load(SSL_SOCKET_X509_CACERT,fullPath("pem/certificate.pem"));
		log.message("Load certificate %i\n", v);

		//socket.nonblock();
		// https://www.feedforall.com/sample.xml
		socket.open("www.feedforall.com", 443);
		if (socket.connect())
		{
			log.message("Is Connected\n");
			if(socket.getHandshake()) 
			{
				log.message("Handshake OK\n");
				stream = socket.getStream();
				if (stream!=NULL)
				{
					log.message("Stream is OK\n");

					// socket.block();
					stream.printf("GET /sample.xml HTTP/1.1\r\nHost: www.feedforall.com\r\nUser-Agent: Unigine\r\n\r\n");
				
					if (stream.isAvailable())
					{
						log.message("isAvailable OK\n");
					}
					else
					{
						log.message("isAvailable not data\n");
					}
					thread("read_data");
					log.message(stream.gets());
				}
				else
				{
					log.message("Stream is NULL");
				}
			}
			else
			{
				log.message("Handshake FALSE\n");
			}
		}
		else
		{
			log.message("Not is Is Connected\n");
		}
	#else
		log.message("SSLSocket plugin is not loaded");
	#endif
	
	return 1;
}

1449637505_2019-10-0908-40-09SSLSocketTest.world-UnigineEditor-2.9.0.0(DX11)(29c715810_master).jpg.3f713da380cef5e8a4985e7fb7cec829.jpg

/roberto

Edited by roberto.voxelfarm
Link to post