websockets and woe - lugnut's mission to create html5 websockets - still broked

[Lugnut]

Code: [Select]

if($_SERVERHTTP_Connection $= "Upgrade" && $_SERVERHTTP_UPGRADE $= "websocket")
{
recho("> Upgrading connection to websocket.");

// if($WebSocketNum $= "")
$WebSocketNum = 0;

%spec = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
%clkey = $_SERVERHTTP_Sec_WebSocket_Key;

%catkey = %clkey @ %spec;
recho("> CatKey: " @ %catkey);

%shakey = trueSha1(%catkey);
recho("> ShaKey: " @ %shakey);

%rkey = base64Encode(%shakey);
recho("> key: " @ %rkey);

%this.send("HTTP/1.1 101 Switching Protocols\r\n");
%this.send("Upgrade: websocket\r\n");
%this.send("Connection: Upgrade\r\n");
%this.send("Sec-WebSocket-Accept: " @ %rkey @ "\r\n");
%this.send("\r\n");

%this.isWebSocket = 1; // for use later
$WebSocketArray[$WebSocketNum] = %this; // for use later once i get it working
$WebSocketNum++;
return;
}
and the code i posted above

Code: [Select]

==> echo(base64encode(truesha1("27ebx99X70eajZ2+toSlog==258EAFA5-E914-47DA-95CA-C5AB0DC85B11")));
cEJsRzz1TVJXaX nVjJKRDf0TTB1SVn3bkFpPQ==
i'll try restarting server. for all i know there's some old code or some damn thing
done, latest attempt using posted code:
> CatKey: 8Q/9ulciD30Ah7kAuWNFTQ==258EAFA5-E914-47DA-95CA-C5AB0DC85B11
> ShaKey: MT 8kpXMXRUiXOTrXAGqAgSmEdU=
> key: TVQfOGsvWE0YUkVoWE7UckgBR2FBZ 0NsRWRVPQ==

there isn't supposed to be spaces in the shakey is there?

[Ad Bot]

[Truce]

there isn't supposed to be spaces in the shakey is there?

Probably not, but for now fix that you encode into base64 inside trueSha1 then encode it again outside.

EDIT: I think your main problem is you didn't replace base64Encode with the one I posted in my first post?

[Lugnut]

Probably not, but for now fix that you encode into base64 inside trueSha1 then encode it again outside.

aha! i am. good observation

EDIT: I think your main problem is you didn't replace base64Encode with the one I posted in my first post?

i did this for sure

[Lugnut]

still failing but i seem to be a step closer:
> CatKey: Qc5x+B7oWoK2yCTNoPBNtA==258EAFA5-E914-47DA-95CA-C5AB0DC85B11
> ShaKey: �~/䁪c�S2��Q̡wg
> key: 1AHCh23u4IGpY44TMpt2Ucxg 1c=so I just took some tools and manually did this whole deal

Code: (client) [Select]

var s = new WebSocket("ws://localhost:31337");

Code: (nc -l 31337) [Select]

lugnut@LugBook:~$ nc -l 31337
GET / HTTP/1.1
Upgrade: websocket
Connection: Upgrade
Host: localhost:31337
Origin: chrome://newtab
Sec-WebSocket-Key: 2MEWh3ksQkyFYjbeqeyfxw==
Sec-WebSocket-Version: 13
Sec-WebSocket-Extensions: x-webkit-deflate-frame

Code: (manually checked) [Select]

lugnut@LugBook:~$ echo "2MEWh3ksQkyFYjbeqeyfxw==258EAFA5-E914-47DA-95CA-C5AB0DC85B11" > tmp; sha1sum tmp | base64
YWEzMTJjMzk3YTZkYzQ5YTY2NDhlMzYwMDdmMWZiOWI3NmUwYzg0OCAgdG1wCg==


Code: (nc -l 31337) [Select]

HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: YWEzMTJjMzk3YTZkYzQ5YTY2NDhlMzYwMDdmMWZiOWI3NmUwYzg0OCAgdG1wCg==

lugnut@LugBook:~$

Code: (client) [Select]

ERROR: Status line does not end with CRLF
in other words, it worked...
until i killed it on accident
this basically confirms that torque is the issue somehow. i'll try running my test again, except i'll use torque for the sha1sum and then use my tool for the base64 calculation, then do the inverse (tool - sha1sum, torque - base64) and see what fails to help track down the problemresults:

Code: (client) [Select]

var s = new WebSocket("ws://localhost:31337");

Code: (nc -l 31337) [Select]

GET / HTTP/1.1
Upgrade: websocket
Connection: Upgrade
Host: localhost:31337
Origin: http://forum.blockland.us
Sec-WebSocket-Key: ST4DekmHesR7EVfCU6K5Hw==
Sec-WebSocket-Version: 13
Sec-WebSocket-Extensions: x-webkit-deflate-frame



Code: (torque) [Select]

==> echo(realsha1("ST4DekmHesR7EVfCU6K5Hw==258EAFA5-E914-47DA-95CA-C5AB0DC85B11"));
�nM�N�>⏑�O����G //951a6e4de44e7fbc3ee28f91d04fcccfcaea4711

Code: (base64 tool) [Select]

lugnut@LugBook:~$ base64
�nM�N�>⏑�O����G
77+9bk3vv71O77+9PuKPke+/vU/vv73vv73vv73vv71HCg==

Code: (nc -l 31337) [Select]

HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: 77+9bk3vv71O77+9PuKPke+/vU/vv73vv73vv73vv71HCg==



Code: (client) [Select]

ERROR: Status line does not end with CRLF

working on opposite

E: ... same thing. I think i'm messing up the sending part.

[Truce]

this basically confirms that torque is the issue somehow.

My point was I copypasta'd your "> CatKey" line and it works perfectly with the process, so it's not Torque.

[Lugnut]

goddamnit idk what's wrong

[TripNick]

Holy christ that's a lot of code and hash to read. I'll get to it.

[Ipquarx]

Try doing a strUpr on the sha1 result at the beginning of the 'truesha1' function.

[Lugnut]

so i just tested this stuff out locally instead of on one of kalphiters dedicated servers.
key point: still no luck, but i have more data now

so i modified my original method modification:

Code: [Select]

if($_SERVERHTTP_Connection $= "Upgrade" && $_SERVERHTTP_UPGRADE $= "websocket")
{
echo("> Upgrading connection to websocket.");

%spec = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
%clkey = $_SERVERHTTP_Sec_WebSocket_Key;

%catkey = %clkey @ %spec;
echo("> CatKey: " @ %catkey);

%shakey = realSha1(%catkey);
echo("> ShaKey: " @ %shakey);

%rkey = base64Encode(%shakey);
echo("> key: " @ %rkey);

%this.send("HTTP/1.1 101 Switching Protocols\r\n");
%this.send("Upgrade: websocket\r\n");
%this.send("Connection: Upgrade\r\n");
// %this.send("Sec-WebSocket-Accept: " @ %rkey @ "\r\n"); //commented out because manual
// %this.send("\r\n"); //commented out because manual

$SuperSock = %this; //added for later recall


%this.isWebSocket = 1;
WebSocketClients.add(%this); //changed this, irrelevant
return;
}
and I added this function

Code: [Select]

function superSock(%rkey)
{
$SuperSock.send("Sec-WebSocket-Accept: " @ %rkey @ "\r\n");
$SuperSock.send("\r\n");
}
This basically allows me to manually perform the calculation and then send the data to the client.
what happens, you ask? (in no particular order)

Code: (console) [Select]

==>exec("config/web.cs");
Executing config/web.cs.
Binding server port to default IP
> Upgrading connection to websocket.
> CatKey: zgJBYnbK+ts9nck9feezRw==258EAFA5-E914-47DA-95CA-C5AB0DC85B11
> ShaKey: y(r->Ro>u //this stuff is irrelevant
> key: uuR4ixgxt6MssRLGPkJuHy40kRY= //irrelevant


Code: (terminal) [Select]

lugnut@LugBook:~$ echo "zgJBYnbK+ts9nck9feezRw==258EAFA5-E914-47DA-95CA-C5AB0DC85B11" | sha1sum | base64
MDZmZjRlOTU2MGNmOTk3MjMxMzlkM2JkOTU0ODc4YWQwNmE4NjI4YSAgLQo=

Code: (console) [Select]

==>superSock("MDZmZjRlOTU2MGNmOTk3MjMxMzlkM2JkOTU0ODc4YWQwNmE4NjI4YSAgLQo=");

Code: (client) [Select]

blah blah make a webserver
blah blah same error i've gotten everywhere "Sec-Websocket-accept doesn't match blah blah"

basically, i don't know what the loving hell is going wrong!

[Ipquarx]

Try doing a strUpr on the sha1 result at the beginning of the 'truesha1' function.

[Lugnut]

that seems to have not worked somehow

> Upgrading connection to websocket.
> CatKey: +nPsAGLJyBfg8rEa8bzV7g==258EAFA5-E914-47DA-95CA-C5AB0DC85B11
˷�3����8� �K��
Ơ�
> key: C5kL3PzNx eKM KDoPr3tQqGnLI=

um

[Destiny/Zack0Wack0]

The specification requires the sha1 hash to be outputted as plain binary (20 bytes) and then encoded in base 64 directly. As Truce mentioned, the sha1 function in Torque is outputting it as 2 characters per byte (hexadecimal string).

But here's my input: This is not going to work. It is perfectly possible for sha1 to output a 0x00 (NUL) byte. Collapsing the hex "00" is going to result in a NUL byte in the string, and we all know how Torque loves that. You'll end up getting a shortened form of the actual sha1 (cuts off the NUL byte and everything beyond it) which will output malformed base64.

[Lugnut]

okay. your post made me brainstorm, and i came up with the following ideas:
option a:
continue as i was, but modify the realsha1 function so if it encounters 00, it will return false.
then, in the original code, have the system do an if() check on the returned value. if false, disconnect.
on the clients side, check if the disconnect (via global variable) was caused by the disconnect button, or by other means, and if not by the button, automatically reconnect, generating a new source key, and hopefully not encountering the problem again.

obviously this requires me to get the function working, which i'm not too optimistic about.

option b:
find a service on the web that performs these calculations for me

option c:
steal option b. how? by taking the input from the client to my server, then running it against another server with websockets enabled, and since the results are the same no matter what server they're run on (except mine which is broke loel) i can just use the response from the alternate server to create /my/ response to my client.

option d:
make option b with php and run it on a free webhost.

obviously options b, c, and d are going to raise response time, but i'm looking for "it works" right about now, not "it works brilliantly!"

besides, once the intial connection is established, i can probably handle everything on my end.

additionally, unless i do option d, i might (or rather, kalphiter might) get complaints about too many requests to one guys server. although, websockets are designed for minimal requests, and beyond the initial request... hmm.

anyone have any input?

[Ipquarx]

I could make a php base 64 encoder for you to use with sha1, I have a website I can do that on.

[Destiny/Zack0Wack0]

a and c are bad and you should feel bad