Socket + SSL does not work PHP

Asked

Viewed 163 times

2

Good morning, I have a system that uses a chat created by me and your communication by socket, all in php.

The point is, I asked hostgator install the SSL in the domain, it has been installed and works normally, but when I try to use the socket, return the following errors to me:

app.js? v=1484568422:59 Mixed Content: The page at 'https://vendemoda.com.br/sandbox/admin_responsivo/index.php' was Loaded over HTTPS, but attempted to connect to the insecure Websocket endpoint 'Ws://192.185.220.81:9009/'. This request has been blocked; this endpoint must be available over WSS. (Anonymous) @app.js? v=1484568422:59

app.js. v=1484568422:59 Uncaught Domexception: Failed to Construct 'Websocket': An insecure Websocket Connection may not be initiated from a page Loaded over HTTPS. at https://vendemoda.com.br/sandbox/admin_responsivo/js/app.js?v=1484568422:59:16

Who can, please help me.

Updating

<?php
$host = '127.0.0.1';
$port = '9000';
$null = NULL;

$socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
socket_set_option($socket, SOL_SOCKET, SO_REUSEADDR, 1);
socket_bind($socket, 0, $port);
socket_listen($socket);
$clients = array($socket);


while (true) {
    $changed = $clients;
    socket_select($changed, $null, $null, 0, 10);

if (in_array($socket, $changed)) {
    $socket_new = socket_accept($socket);
    $clients[] = $socket_new;

    $header = socket_read($socket_new, 1024);
    perform_handshaking($header, $socket_new, $host, $port);

    socket_getpeername($socket_new, $ip);
    $response = mask(json_encode(array('type'=>'system', 'message'=>$ip.' connected')));
    send_message($response);

    $found_socket = array_search($socket, $changed);
    unset($changed[$found_socket]);
}


foreach ($changed as $changed_socket) { 


    while(socket_recv($changed_socket, $buf, 1024, 0) >= 1)
    {
        $received_text = unmask($buf); //unmask data
        $tst_msg = json_decode($received_text);

        $user_id_cliente = $tst_msg->id_cliente;
        $empresa_id = $tst_msg->empresa_id;
        $user_time_mensagem = $tst_msg->time_mensagem;
        $user_conteudo_mensagem = $tst_msg->conteudo_mensagem;
        $user_nome_cliente = $tst_msg->nome_cliente;
        $quem_esta_enviado = $tst_msg->quem_envia;
        $produto_detalhes = $tst_msg->produto_detalhes;
        $grupo_men = $tst_msg->grupo_mensagem;
        $nome_empresa = $tst_msg->nome_empresa;

        $regra_empresa = $tst_msg->regra_empresa;
        $atacado_empresa = $tst_msg->atacado_empresa;
        $min_empresa = $tst_msg->min_empresa;
        $cidade_cliente = $tst_msg->cidade_cliente;
        $valor_pedido = $tst_msg->valor_pedido;
        $pedido_mandar = $tst_msg->pedido_mandar;

        $response_text = mask(json_encode(array('nome_empresa'=>$nome_empresa,'grupo_mensagem'=>$grupo_men,'pedido_mandar'=>$pedido_mandar,'regra_empresa'=>$regra_empresa,'atacado_empresa'=>$atacado_empresa,'min_empresa'=>$min_empresa,'cidade_cliente'=>$cidade_cliente,'valor_pedido'=>$valor_pedido,'produto_detalhes'=>$produto_detalhes,'quem_envia'=>$quem_esta_enviado,'empresa_id'=>$empresa_id,'id_cliente'=>$user_id_cliente, 'time_mensagem'=>$user_time_mensagem, 'conteudo_mensagem'=>$user_conteudo_mensagem, 'nome_cliente'=>$user_nome_cliente)));
        send_message($response_text); //send data
        break 2; //exist this loop
    }


    $buf = @socket_read($changed_socket, 1024, PHP_NORMAL_READ);
    if ($buf === false) { 
        $found_socket = array_search($changed_socket, $clients);
        socket_getpeername($changed_socket, $ip);
        unset($clients[$found_socket]);

        $response = mask(json_encode(array('type'=>'system', 'message'=>$ip.' disconnected')));
        send_message($response);
    }
}
}

socket_close($socket);

function send_message($msg)
{
    global $clients;
    foreach($clients as $changed_socket)
    {
        @socket_write($changed_socket,$msg,strlen($msg));
    }
    return true;
}


function unmask($text) {
    $length = ord($text[1]) & 127;
    if($length == 126) {
        $masks = substr($text, 4, 4);
        $data = substr($text, 8);
    }
    elseif($length == 127) {
        $masks = substr($text, 10, 4);
        $data = substr($text, 14);
    }
    else {
        $masks = substr($text, 2, 4);
        $data = substr($text, 6);
    }
    $text = "";
    for ($i = 0; $i < strlen($data); ++$i) {
        $text .= $data[$i] ^ $masks[$i%4];
    }
    return $text;
}

function mask($text)
{
    $b1 = 0x80 | (0x1 & 0x0f);
    $length = strlen($text);

    if($length <= 125)
        $header = pack('CC', $b1, $length);
    elseif($length > 125 && $length < 65536)
        $header = pack('CCn', $b1, 126, $length);
    elseif($length >= 65536)
        $header = pack('CCNN', $b1, 127, $length);
    return $header.$text;
}

function perform_handshaking($receved_header,$client_conn, $host, $port)
{
    $headers = array();
    $lines = preg_split("/\r\n/", $receved_header);
    foreach($lines as $line)
    {
        $line = chop($line);
        if(preg_match('/\A(\S+): (.*)\z/', $line, $matches))
        {
            $headers[$matches[1]] = $matches[2];
        }
    }

    $secKey = $headers['Sec-WebSocket-Key'];
    $secAccept = base64_encode(pack('H*', sha1($secKey . '258EAFA5-E914-47DA-95CA-C5AB0DC85B11')));

    $upgrade  = "HTTP/1.1 101 Web Socket Protocol Handshake\r\n" .
    "Upgrade: websocket\r\n" .
    "Connection: Upgrade\r\n" .
    "WebSocket-Origin: $host\r\n" .
    "WebSocket-Location: ws://$host:$port/demo/shout.php\r\n".
    "Sec-WebSocket-Accept:$secAccept\r\n\r\n";
    socket_write($client_conn,$upgrade,strlen($upgrade));
}

Client side

var wsUrir = "wss://127.0.0.1:9000";
    connection = new WebSocket(wsUrir);

    connection.onopen = function(ev) { 
        console.log('socket aberto');
    };

    connection.onmessage = function(ev) {
        var msg_ws = JSON.parse(ev.data);

        var type_ws = msg_ws.type;
        var ws_id_cliente = msg_ws.id_cliente;

        console.log(ev.data);

        if(type_ws !== 'system'){

            // suas condições aqui

        }


    };

    connection.onerror  = function(ev){
        console.log("Error Occurred - "+ev.data);
    }; 

    connection.onclose  = function(ev){
        console.log("conexao fechada"); 
    };
  • What web server is this? Apache? Tried calling content with wss://192.185.220.81:9009/ as indicated in the error?

  • Hello @Shutupmagda, the server is apache, and I have tried yes, but without success.

  • Has a library generating the socket? If yes, come on?

  • No no, in case I’m using a code q found on the net, remembering q it works smoothly in common http protocol, but when opened in https returns me error and nothing works :(.

  • it is good to show the code. may have something in it that helps to solve ;)

  • hehe, I’ll do it now, a moment. kkkkk

  • I updated the code above, which you think might be?

  • Your problem: the server needs to perform one Handshake using encryption, but since you are not using a library, you will have to implement this Handshake in hand. It is possible using stream_socket_server, but I honestly don’t like this idea. It’s like wanting to reinvent the wheel, because there are already stable and functional solutions in libraries like Wrench.

  • I really don’t know anything about this library, I’ll check it out and if it’s possible to give me some important north I’ll thank you very much!

Show 4 more comments
No answers

Browser other questions tagged

You are not signed in. Login or sign up in order to post.