Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: P1: Critical
Fix Version/s: 5.14
Affects Version/s: 5.6.2, 5.7.0, 5.8.0 Beta
Component/s: WebSockets
Labels:
None

Commits:
2e54dbe86eac61e87782a138dbcc158cb6b10cd9

Description

Many connection attempts to a SSL-Websocketserver with a non-SSL Websocket causes the Websocketserver to accept any new connections.

I already looked into the server code. The reason for this behaviour is caused by this section:

websockets/sslserver.cpp

[...]
void QSslServer::incomingConnection(qintptr socket)
{
    QSslSocket *pSslSocket = new QSslSocket();

    if (Q_LIKELY(pSslSocket)) {
        pSslSocket->setSslConfiguration(m_sslConfiguration);

        if (Q_LIKELY(pSslSocket->setSocketDescriptor(socket))) {
            connect(pSslSocket, &QSslSocket::peerVerifyError, this, &QSslServer::peerVerifyError);

            typedef void (QSslSocket::* sslErrorsSignal)(const QList<QSslError> &);
            connect(pSslSocket, static_cast<sslErrorsSignal>(&QSslSocket::sslErrors),
                    this, &QSslServer::sslErrors);
            connect(pSslSocket, &QSslSocket::encrypted, this, &QSslServer::newEncryptedConnection);
            connect(pSslSocket, &QSslSocket::preSharedKeyAuthenticationRequired, this, &QSslServer::preSharedKeyAuthenticationRequired);

            addPendingConnection(pSslSocket);

            pSslSocket->startServerEncryption();
        } else {
           delete pSslSocket;
        }
    }
}
[...]

The new socket is appended to the queue with addPendingConnection. But the signal QSslSocket::encrypted is never emitted, so the connection never gets dequeued with nextPendingConnection in QWebSocketServerPrivate::onNewConnection. As a result, QTcpServer stops accepting new connections when maxPendingConnections is reached.

This can be reproduced with SSL Echo Client Example. I've modifed the code accordingly:

sslechoclient/main.cpp

// Tested with SslEchClient changed
// void SslEchoClient::onTextMessageReceived(QString message)
// {
//     qDebug() << "Message received:" << message;
//     //qApp->quit(); -- disabled
// }

int main(int argc, char *argv[])
{
    QCoreApplication a(argc, argv);

    new SslEchoClient(QUrl(QStringLiteral("wss://localhost:1234")));

    for (int i = 0; i < 40; i++)
        new SslEchoClient(QUrl(QStringLiteral("ws://localhost:1234")));

    QTimer::singleShot(2500, [&] {
        a.quit();
    });

    return a.exec();
}

Attachments

Issue Links

is duplicated by

QTBUG-58237 secureMode QWebSocketServer stops accepting connections after multiple failed ws:// connection attempts

Closed

relates to

QTBUG-53503 QWebSocketServer memory leak

Closed

QTBUG-63312 No timeout in QWebSocketServer/QSslServer during handshake

Closed

QTBUG-56270 QWebSocketServer, telnet connection not notified

Closed

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

For Gerrit Dashboard: QTBUG-57026
#	Subject	Branch	Project	Status	CR	V
179030,6	Fixed WebSocketServer pending connections overflow	dev	qt/qtwebsockets	Status: NEW	0	0
255804,7	websocket server: add timeout to abort incomplete handshakes	dev	qt/qtwebsockets	Status: MERGED	-2	0

Activity

People

Assignee:: Heiko Voigt

Reporter:: Hubert Feurstein

Votes:: 5 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 09 Nov '16 15:44

Updated:: 23 Feb '20 14:51

Resolved:: 15 May '19 11:22

Gerrit Reviews

There is 1 open Gerrit change

Fixed WebSocketServer pending connections overflow

-1 Gerrit Review:

Show There is 1 closed Gerrit change

Hide There is 1 closed Gerrit change

websocket server: add timeout to abort incomplete handshakes: Gerrit Review: