Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

gwsocket+apache: status 200 instead of 101 #29

Open
imatasic opened this issue Dec 9, 2019 · 2 comments
Open

gwsocket+apache: status 200 instead of 101 #29

imatasic opened this issue Dec 9, 2019 · 2 comments

Comments

@imatasic
Copy link

imatasic commented Dec 9, 2019

Ubuntu14.04 + Apache 2.4.7 + gwsocket 0.3 with SSL

I have found that if i serve both http and https traffic, and i have gwsocket service running like this:
/usr/local/bin/gwsocket_ssl --port=8080 --ssl-cert=/etc/apache2/ssl/apache_ss.crt --ssl-key=/etc/apache2/ssl/apache_ss.key --access-log=/tmp/gw_access.log

and access the site via http, this results in:

127.0.0.1 - - [09/Dec/2019:12:20:01 +0100] "(null) - (null)" 400 0 "-" "-" 0
127.0.0.1 - - [09/Dec/2019:12:20:01 +0100] "(null) - (null)" 200 0 "-" "-" 0

while accessing via https results in:

127.0.0.1 - - [09/Dec/2019:12:38:14 +0100] "GET / HTTP/1.1" 200 703 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 0
127.0.0.1 - - [09/Dec/2019:12:38:15 +0100] "GET / HTTP/1.1" 101 703 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 0

apache configs:

<VirtualHost *:80>
    ServerName servername
    ServerAdmin webmaster@localhost

    ProxyPass "/ws"  "ws://127.0.0.1:8080/"
    ProxyPassReverse "/ws"  "ws://127.0.0.1:8080/"
    ProxyRequests Off

    DocumentRoot /var/www/html
    <Directory /var/www/html>
        Options -Indexes +FollowSymLinks -SymLinksIfOwnerMatch +MultiViews
        AllowOverride None
        Require all granted
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/se_error.log
    CustomLog ${APACHE_LOG_DIR}/se_access.log combined

</VirtualHost>
<IfModule mod_ssl.c>
    <VirtualHost _default_:443>
        ServerName servername
        ServerAlias servername
        ServerAdmin webmaster@localhost

        SSLProxyEngine on
	ProxyPass "/wss"  "wss://127.0.0.1:8080/"
        ProxyPassReverse "/wss"  "wss://127.0.0.1:8080/"
        ProxyRequests Off

	DocumentRoot /var/www/html
        <Directory /var/www/html>
            Options -Indexes +FollowSymLinks -SymLinksIfOwnerMatch +MultiViews
            AllowOverride None
            Require all granted
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/se_error.log
        CustomLog ${APACHE_LOG_DIR}/se_access.log combined

        SSLEngine on
        SSLCertificateFile      /etc/apache2/ssl/apache_ss.crt
        SSLCertificateKeyFile   /etc/apache2/ssl/apache_ss.key

        <FilesMatch "\.(cgi|shtml|phtml|php)$">
            SSLOptions +StdEnvVars
        </FilesMatch>
        <Directory /usr/lib/cgi-bin>
            SSLOptions +StdEnvVars
        </Directory>

        BrowserMatch "MSIE [2-6]" \
        nokeepalive ssl-unclean-shutdown \
        downgrade-1.0 force-response-1.0
        # MSIE 7 and newer should be able to use keepalive
        BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

    </VirtualHost>
</IfModule>

if i change proxypass directive in http site definition to watch port 8081, and run another instance of gwsocket like this, then i can access both:
`/usr/local/bin/gwsocket_ssl --port=8081``

    ProxyPass "/ws"  "ws://127.0.0.1:8081/"
    ProxyPassReverse "/ws"  "ws://127.0.0.1:8081/"

edit

    ProxyPass "/wss"  "wss://127.0.0.1:8080/"
    ProxyPassReverse "/wss"  "wss://127.0.0.1:8080/"

/edit

Is this by design?
is there a way to circumvent this, or should i be using two gwsocket services running on the same machine?

@allinurl
Copy link
Owner

allinurl commented Dec 13, 2019

The "(null) - (null)" is certainly a bug. I'll look into that. However, I'm not sure I understand your question below. What do you mean you can access both?

@imatasic
Copy link
Author

imatasic commented Dec 13, 2019

@allinurl
in case i need access over both http and https, i have to run 2 instances of gwsocket.
one with defined certificate and key, and one without.

Of course, they have to run on different ports, and I have to separately define them in apache site definitions with proxypass.

I have edited the original question to include the https proxypass definition

Please let me know if I can help you debug this in any way.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants
@allinurl @imatasic and others