custom module tcp tls socket

Discussions about Z-Way software and Z-Wave technology in general
Post Reply
ingo
Posts: 5
Joined: 04 Apr 2019 12:01

custom module tcp tls socket

Post by ingo »

Hi,

i try to develop a custom module with a secure communication to a external server. the js-engine does unfortunately not support tls/ssl as far as i know. is there a way to get tls encrypted connections without changing the code base of zway?
User avatar
PoltoS
Posts: 7565
Joined: 26 Jan 2011 19:36

Re: custom module tcp tls socket

Post by PoltoS »

SSL is used only in HTTP requests (http object). Do you want SSL with clean sockets?
ingo
Posts: 5
Joined: 04 Apr 2019 12:01

Re: custom module tcp tls socket

Post by ingo »

hi, i try to connect to a mqtt broker.
https://www.hivemq.com/blog/mqtt-securi ... s-tls-ssl/
ingo
Posts: 5
Joined: 04 Apr 2019 12:01

Re: custom module tcp tls socket

Post by ingo »

as alternative for the tls connection i tried to use ws/wss connections. but i think i have the same problem as in https://forum.z-wave.me/viewtopic.php?f=3419&t=24524

after a ws disconnect, https requests return {"status":-1,"statusText":"Out of memory"}}

is there new information about this problem?
User avatar
PoltoS
Posts: 7565
Joined: 26 Jan 2011 19:36

Re: custom module tcp tls socket

Post by PoltoS »

Can you give a snipplet of code to reproduce the error? We use websockets quite a lot and all work fine
ingo
Posts: 5
Joined: 04 Apr 2019 12:01

Re: custom module tcp tls socket

Post by ingo »

you can find the module at https://github.com/SENERGY-Platform/zwa ... yConnector

i doubt that this will really be helpful though. it has become quite messy in my attempt to debug it.

error description:
- before each ws-connection: https request to sync device provisioning with server
- after some ws-disconnect / connect: https request returns {"status":-1,"statusText":"Out of memory"}}

some additional information:
- the module runs on a older zway installation which has been updated
- on a local docker installation the module runs without problems
- the websocket connects to a proxy that adds the mqtt 3.1 protocol header because the zway websocket dosnt allow it.
- the startup of the module is delayed to ensure all devices are registered in zway --> no unneeded device provisioning at the start
- before the delay was added the Out of memory error was thrown sooner (probably because the module started with ca 70 https post requests)

in the hopes that its a problem with old libraries, we will try the module on a fresh zway installation.


but back to the original question:
so zway does not support tls except for https and wss?
User avatar
PoltoS
Posts: 7565
Joined: 26 Jan 2011 19:36

Re: custom module tcp tls socket

Post by PoltoS »

I don't really get how https is related to wss. The only common thing is OpenSSL library. I think the main problem you experience might be that after an HTTPS error OpenSSL can stop working in all modules. This looks to be an OpenSSL problem that we need to solve by updating the OpenSSL.
User avatar
PoltoS
Posts: 7565
Joined: 26 Jan 2011 19:36

Re: custom module tcp tls socket

Post by PoltoS »

We have tried to reproduce your case, but all in vain. Need better instructions:
- how to configure the module - we used tcp://echo.websockets.org instead of the docker
- how to reproduce the issue
- how to experience the issue
ingo
Posts: 5
Joined: 04 Apr 2019 12:01

Re: custom module tcp tls socket

Post by ingo »

hi,

we have moved the module to a new raspberry with a new zway installation. there we have no problems. maybe the update on the old raspberry didn't update all dependencies?

thank you for the help.


P.S.: the tcp://echo.websockets.org address you used should be rejected by the version i linked (expect ws:// as protocol). in the current version it would use a separate mqtt by tcp implementation. a echo websockets wouldn't work because the module expects mqtt messages. But a standard mqtt would also not work, because i wasnt able to add the mqttv3.1 subprotocol header to sockets.ws() (for a browser i would write this.socket = new WebSocket(wsurl, 'mqttv3.1');".
Post Reply