TechQA.

How to suppress "ERROR message: short read (SSL routines, SSL routines), value: 335544539"

976 views Asked by At

Reference: websocket_client_sync_ssl.cpp

// Read a message into our buffer
ws.read(buffer);

// Close the WebSocket connection
ws.close(websocket::close_code::normal);

Based on my test, the ws.close will spit out a warning below:

ERROR message: short read (SSL routines, SSL routines), value: 335544539

Based on this post short read, this error can be safely ignored in the end of the session. I have tried the following method to suppress the warning:

try
{
  boost::system::error_code close_ec;
  ws.close(websocket::close_code::normal, close_ec);
  if (close_ec)
  {
    std::cerr << "ERROR message: " << close_ec.message() << ", value: " << close_ec.value() << std::endl;
  }
}
catch(...)
{

}

However, the ws.close still prints out the warning message.

Question> Is there a way that I can suppress this message?

boost boost-beast-websocket
Original Q&A
1

There are 1 answers

0
sehe On BEST ANSWER

However, the ws.close still prints out the warning message.

Are you sure? It looks like that's simply coming from the line:

std::cerr << "ERROR message: " << close_ec.message() << ", value: " << close_ec.value() << std::endl;

So, you would check the value of close_ec and conditionally handle it: Short read error-Boost asio synchoronous https call

Also, note that some kinds of "short reads" can constitute security errors. Some of the samples have very insightful comments about this:

// `net::ssl::error::stream_truncated`, also known as an SSL "short read",
// indicates the peer closed the connection without performing the
// required closing handshake (for example, Google does this to
// improve performance). Generally this can be a security issue,
// but if your communication protocol is self-terminated (as
// it is with both HTTP and WebSocket) then you may simply
// ignore the lack of close_notify:
//
// https://github.com/boostorg/beast/issues/38
//
// https://security.stackexchange.com/questions/91435/how-to-handle-a-malicious-ssl-tls-shutdown
//
// When a short read would cut off the end of an HTTP message,
// Beast returns the error beast::http::error::partial_message.
// Therefore, if we see a short read here, it has occurred
// after the message has been completed, so it is safe to ignore it.

if(ec == net::ssl::error::stream_truncated)
    ec = {};
else if(ec)
    return;

Related Questions in BOOST

Related Questions in BOOST-BEAST-WEBSOCKET

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions