Hi everyone,
I'm trying to establish a connection from Chrome WebRTC ssltcp ICE candidate to ICS SSL TCP socket server.
This is a media connection used by Google Hangouts.
This connection should be a standard SSL connection but ICS behaves differently from Hangouts server and I don't know why.

Here follows Hangouts SSL handshake.

Note that Chrome sends a Client Hello without any extension. Standard HTTPS requests have a number of extensions inside Client Hello.

https://drive.google.com/file/d/0B34NxWChUHUdR2tBWTdRUXpNYW8/view?usp=sharing

This is Hangouts server reply. It's identical to ICS server reply.

https://drive.google.com/file/d/0B34NxWChUHUdS0pQSDVnZXpvZzg/view?usp=sharing

After this, this is what I see from Wireshark:



The socket is already being used to send encryted data.
Note that client sends the first packet.
For more details, download wireshark capture from here.
https://drive.google.com/file/d/0B34NxWChUHUdMVJoZHo3TmhNcEk/view?usp=sharing

ICS behaves differently.
Client Hello and Server Hello are absolutely identical.
After Server Hello, ICS is sending Certificate, but at this point Chrome disconnects.

I
From Chrome debug log:

Conn[0000000005FE1700:audio:jwf0iNh/:1:0:local:tcp:192.168.190.1:0->BEMy0XiZ:1:65535:local:ssltcp:10.0.0.166:4443|---W|281473718042110|-]
[6760:10528:1127/153804:WARNING:socket_host_tcp.cc(223)] Error from connecting TLS socket, status=-9 [7784:11068:1127/153804:INFO:tcpport.cc(402)] Jingle:Conn[0000000005FE1700:audio:jwf0iNh/:1:0:local:tcp:192.168.190.1:0->BEMy0XiZ:1:65535:local:ssltcp:10.0.0.166:4443|---W|281473718042110|-]: Connection closed with error 0

Status = -9 corresponds to

// An unexpected error. This may be caused by a programming mistake or an
// invalid assumption.
NET_ERROR(UNEXPECTED, -9)

It seems that Chrome is not expecting the certificate at this point.

Is there a ICS configuration that disables certificate transmission?

Thanks in advance.
--
Marcello




--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

Reply via email to