Avatar for akot

akot

Member since Mar 2021 • Last active Jul 2021
  • 2 conversations
  • 5 comments

Most recent activity

    • 4 comments
    • 609 views
    • 5 comments
    • 535 views
  • in General
    Avatar for akot

    @Robin thanks for your response. Unfortunately I have no control over the API and like I said it keeps sending chunked data and never stops doing it. Based on your hint I rewrote my code using tls and plain HTTP like so:

    var socket = require('tls').connect(opts, function() {
      socket.write('GET /somemethod  HTTP/1.1\r\n' +
                 'host: someapi.com\r\n' +
                  '\r\n');
    });
    
    socket.on('data', function(chunk) {
      if (chunk== "someEvent") {
                socket.end();
            }
    });
    
  • in General
    Avatar for akot

    @Robin yes, I've tried calling end(), but I'm getting an error:
    Uncaught Error: This socket is closed.

  • in General
    Avatar for akot

    Hello!

    I connect to some API that continuously sends events via a chunked transfer ("Transfer-Encoding": "chunked"). My goal is to terminate the request after receiving a specific event.

    require("http").get("https://someapi.com­", function(res) {
        res.on('data', function(data) {
            if (data == "someEvent") {
                // terminate the request
            } 
        });
        res.on('close', function() { print("closed"); });
    });
    

    How can I achieve it? I know that get returns a httpCRq object, but it doesn't have abort() or destroy() methods. If I keep the connection open, it consumes a lot of memory, so I need to close it.

  • in General
    Avatar for akot

    Hello @Robin, thanks for your response.
    I've spent some time researching the source code and found this file:
    https://github.com/espruino/Espruino/blo­b/master/libs/crypto/mbedtls/library/ssl­_ciphersuites.c
    where ciphersuite_definitions array is being filled out depending on defined macros. In https://github.com/espruino/Espruino/blo­b/master/libs/crypto/mbedtls/config.h there's a MBEDTLS_CIPHER_MODE_CBC macro defined, which adds mentioned above Cipher Suites to ciphersuite_definitions . I've added macros MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED, MBEDTLS_DHM_C, MBEDTLS_GCM_C, and also added two lines:
    libs/crypto/mbedtls/library/dhm.c \
    libs/crypto/mbedtls/library/gcm.c
    in https://github.com/espruino/Espruino/blo­b/master/make/crypto/default.make

    Now that's what I see at ClientHello:

            Cipher Suites (13 suites)
                Cipher Suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x009f)
                Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x006b)
                Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039)
                Cipher Suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009e)
                Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x0067)
                Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033)
                Cipher Suite: TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d)
                Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)
                Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
                Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
                Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
                Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
                Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)
    

    and web-sites that require DHE RSA work.

  • in General
    Avatar for akot

    Hello!
    I've noticed that when trying to establish an HTTPS connection to some web-sites I get the "Uncaught InternalError: Failed! mbedtls_ssl_handshake returned -0x7780" error. I compiled the lastest sources on Linux and after playing around with Wireshark, figured out that Espruino only supports a very limited list of Cipher Suites:

                Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)
                Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
                Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
                Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
                Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)
    

    The web-site I'm trying to connect to [require('http').get('https://lichess.org')] doesn't support any of them:

              TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e)
              TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
              TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f)
              TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)
              TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA­256 (0xcca8)
    

    I've tried to search the Espruino source code to find out where the list of Cipher Suites is being set, but had no success. Of course instead of directly accessing the web-site I could use a proxy, but I'd really like to include the above Cipher Suites in Espruino. Where in the source code should I be looking?

Actions