Skip to content

Make server-side pre-connection errors observable via a log callback#595

Merged
bsergean merged 1 commit into
masterfrom
fix-593-server-log-callback
Jul 15, 2026
Merged

Make server-side pre-connection errors observable via a log callback#595
bsergean merged 1 commit into
masterfrom
fix-593-server-log-callback

Conversation

@bsergean

Copy link
Copy Markdown
Collaborator

Fixes #593

Problem

When a TLS handshake fails on the server before a WebSocket connection is established, the error is only written to stderr via the internal logError(). Applications wired to setOnClientMessageCallback see nothing — no error, no client IP — while the client side reports the same class of failure through its Error message callback. The handshake runs in SocketServer::run() before any WebSocket object exists, so the existing callbacks can't be reached at that point.

Changes

  • SocketServer::setLogCallback(LogLevel level, const std::string& message) — when set, server log messages (errors and info) are delivered to the callback instead of being written to stderr/stdout. This covers all pre-connection failures: TLS accept, socket accept errors, max-connections rejections, socket creation. Works for WebSocketServer and HttpServer alike. Default behavior is unchanged when no callback is set.
  • The tls accept failed and cannot create socket error messages now include the client ip:port, which was already known at that point but not reported.
  • New unittest: starts a wss server, connects with a plaintext client so the TLS handshake fails, and asserts the error (including the peer address) reaches the log callback.
  • Documented in docs/usage.md.

Example log line now delivered to the application:

SocketServer::run() tls accept failed for client 127.0.0.1:59898: OpenSSL failed - error:0A00009C:SSL routines::http request

Test plan

  • IXWebSocketServerTest passes locally (macOS, OpenSSL build), including the new TLS-failure test.
  • Full ninja build (library, tests, ws) clean.

🤖 Generated with Claude Code

…ix #593)

Server-side TLS handshake failures (and other pre-connection errors such
as accept failures or hitting max connections) were only written to
stderr by SocketServer::logError, so applications wired to
setOnClientMessageCallback never saw them - unlike the client side,
which reports TLS failures through the Error message callback.

- Add SocketServer::setLogCallback(LogLevel, message): when set, server
  log messages are delivered to the callback instead of stderr/stdout.
  Applies to WebSocketServer and HttpServer alike.
- Include the client ip and port in the tls accept failure and socket
  creation error messages.
- Add a unittest exercising a failed TLS handshake against a wss server
  and asserting the error reaches the callback with the peer address.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@bsergean
bsergean merged commit 652279d into master Jul 15, 2026
7 checks passed
@shivaxsaib

Copy link
Copy Markdown

@bsergean Hey thanks for the swish update on this. Can you please tell when will be the next release?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

WebSocketServer (server-side TLS failures) produce zero application-visible logs while WebSocket client reports them via Error callback

2 participants