SSL socket fails with OSError: -30592

peterson79

Hello!

I am trying to connect to a node.js server on a ZEIT instance, zeit.co. ZEIT handles the SSL through an nginx proxy ( I think ). My following code works when connecting to google but not the ZEIT server.

I get a weird error code:

Traceback (most recent call last):
   File "main.py", line 146, in networkThread
   File "main.py", line 54, in connectToService
OSError: -30592

line 54 is the ss.connect(...) line, Here is my connection code:

def connectToService():
    global socketQueue
    global serialQueue

    print("Creating Socket...")
    ss = socket.socket()
    print("Wrapping Socket...")
    ss = ssl.wrap_socket(ss)
    print("Connecting...")

    #this next line works
    #ss.connect(socket.getaddrinfo('www.google.com', 443)[0][-1])

    #this line does not
    ss.connect(socket.getaddrinfo('thismeshserver-fhprkttlyv.now.sh', 443)[0][-1])

    print("Get...")

    cl = ss.makefile()

    buf = b""
    buf += "GET / HTTP/1.0\r\n"
    buf += "\r\n"

    cl.write(buf)

    while 1:
        l = cl.readline()
        print(l)
        if l == b"\r\n":
            break

    ss.close()

Where do I lookup the -30592 error?

Any other insight appreciated!

Thank you in advance.

Devang Sharma

@this-wiederkehr I think it the same way as you do. There is no parameter named as server_hostname in the docs.

this.wiederkehr

@peterson79 said in SSL socket fails with OSError: -30592:

ss = ssl.wrap_socket(ss)

BTW: have you tried adding parameters to this call? Like, do you need to supplie a client cert, or does the server require you to use SNI?

See the docs here:
https://docs.pycom.io/chapter/firmwareapi/micropython/ussl.html

Regarding SNI there is an undocumented keyword parameter server_hostname see my post here: https://forum.pycom.io/topic/2065/sni-on-tls-connections/2

Finally: If you intend to do an http request consider using urequests from here: https://github.com/micropython/micropython-lib/tree/master/urequests

this.wiederkehr

You have to translate the error code to hex and search for it on the mbed tls implementation:
https://tls.mbed.org/api/ssl_8h.html#acc37a34787c5c5484a993ff64c3a1634

30592 is 0x7780
Which means A fatal alert message was received from our peer.

honestly I have no clue what this message implies ...

peterson79

I haven't found a solution, a standard connection seems to work through a dedicated server but not though ZEIT. Probably due to some proxy or load balancer would be my guess... I haven't found a way to lookup the error either...

Devang Sharma

@peterson79, have you solved the error?

I'm facing similar problem while using SSL.