Advertisement
Download maps with ssl
#2
Posted 05 July 2017 - 07:25 PM
Hello Guys,
Let's try to give more informations.
The web site is open on https side only with certicate.
We also host some maps, and thee svdl url look like https://xxxxx.yyy/maps.
Inside folder maps, we have a q3ut4 folder with maps inside.
The problem is that we can't download maps from urt client, we got error 0.
Is Urt client able to handle ssl protocol to get maps on web site behind hsts ?
Thanks,
Let's try to give more informations.
The web site is open on https side only with certicate.
We also host some maps, and thee svdl url look like https://xxxxx.yyy/maps.
Inside folder maps, we have a q3ut4 folder with maps inside.
The problem is that we can't download maps from urt client, we got error 0.
Is Urt client able to handle ssl protocol to get maps on web site behind hsts ?
Thanks,
#4
Posted 23 July 2017 - 10:40 PM
Hi
*Disclaimer*: I'm not a UrT4 engine dev - I might say crap here:
To be honest, I've no idea whether the curl version used by the engine have either small, or no support of HTTP over TLS/SSL.
Here's few more questions on your issue. So we may have more information to solve this:
- Do you have more console output when the game try to download a map on a HTTPS mirror ? Some insights might be hidden there. Please, paste the FULL log between the moment the game gets that the map is needed and your error message.
- Can you see any traces of the game trying to download the map in your websever's log (on either access or error log) ?
- Please, give the link to your map repo. So one could try, or just have look the the TLS/SSL setup from the "outside" (TLS version, Ciphers, Certificate...)- What is the exact value of sv_dlURL in your server config
- Is there any redirects ?
- Anything else that might help to solve this
Also be careful, don't confuse HTTPS (just simple HTTP over SSL/TLS) and HSTS (HTTP Strict Transport Security) that is just a header to tell your browser to never use plain HTTP with the current website.
As you may have guessed, a temporary work around is to use HTTP.
PS:
Just a reminder : Everyone here is doing this on their free time. We all have a life, with many many things to do (Work, Studies, other projects, sport, dating someone etc.). And some time, we can miss some threads on the board (Also, I admit it, I don't have enough free time to look into all new post here). Bumping a thread after some days is a good thing. However, please, don't be rude like this.
Also, keep in mind that people that do not know the technical side of the question may not respond because, so please, don't blame them.
*Disclaimer*: I'm not a UrT4 engine dev - I might say crap here:
To be honest, I've no idea whether the curl version used by the engine have either small, or no support of HTTP over TLS/SSL.
Here's few more questions on your issue. So we may have more information to solve this:
- Do you have more console output when the game try to download a map on a HTTPS mirror ? Some insights might be hidden there. Please, paste the FULL log between the moment the game gets that the map is needed and your error message.
- Can you see any traces of the game trying to download the map in your websever's log (on either access or error log) ?
- Please, give the link to your map repo. So one could try, or just have look the the TLS/SSL setup from the "outside" (TLS version, Ciphers, Certificate...)- What is the exact value of sv_dlURL in your server config
- Is there any redirects ?
- Anything else that might help to solve this
Also be careful, don't confuse HTTPS (just simple HTTP over SSL/TLS) and HSTS (HTTP Strict Transport Security) that is just a header to tell your browser to never use plain HTTP with the current website.
As you may have guessed, a temporary work around is to use HTTP.
PS:
Quote
Give an answer, positive or negative, but the disdain is the worst answers.
Later if you prefer that the servers close for lack of help in
Later if you prefer that the servers close for lack of help in
Just a reminder : Everyone here is doing this on their free time. We all have a life, with many many things to do (Work, Studies, other projects, sport, dating someone etc.). And some time, we can miss some threads on the board (Also, I admit it, I don't have enough free time to look into all new post here). Bumping a thread after some days is a good thing. However, please, don't be rude like this.
Also, keep in mind that people that do not know the technical side of the question may not respond because, so please, don't blame them.
This is fine &&åß∂ƒ©˙∆˚¬…æ œ∑´®†¥¨ˆøπ“‘ ¡™£¢∞§¶•ªº–≠ ¸˛Ç◊ı˜Â¯˘¿ ÅÍÎÏ˝ÓÔÒÚÆ☃ Œ„´‰ˇÁ¨ˆØ∏”’ `⁄€‹›fifl‡°·‚—± ⅛⅜⅝⅞ ЁЂЃЄЅІЇЈЉЊЋЌЍЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫЬЭЮЯабвгдежзийклмнопрстуфхцчшщъыьэюя ٠١٢٣٤٥٦٧٨٩Ω≈ç√∫˜µ≤≥÷
#5
Posted 27 July 2017 - 10:14 AM
Hi,
Thanks for your answer.
I went deeper in this problem, starting by checking server.cfg file.
I did a small change in it like this :
From this moment on, i was able to download a map from our server like you can see here :
I'm using linux to play, behind home server using iptables firewall, everything went fine, i did the test more than one time without problem.
The problem still exist under Windows >.<
On server side i have absolutely nothing in logs.
On client side i have :
Any help appreciated.
Thanks for your answer.
I went deeper in this problem, starting by checking server.cfg file.
I did a small change in it like this :
sets sv_dlURL "https://tag-cnd.xyz"
//sets sv_dlURL "OtherServer.fr" // Sets the address for auto-downloading. The client will try to download <sv_dlURL>/q3ut4/mapname.pk3. If your server is running ut4_coolmap and sv_dlURL is set to 'yoursite.com/maps', make sure the maps is hosted at http://www.yoursite.com/maps/q3ut4/ut4_coolmap.pk3. Leaving this set 'urbanterror.info' will make it use a map mirror with the most common maps on it
From this moment on, i was able to download a map from our server like you can see here :
My.Public.IP.Here - - [27/Jul/2017:09:41:12 +0200] "GET /q3ut4/ut4_casa_bots.pk3 HTTP/1.1" 200 4473430 "ioQ3://91.121.163.58:27970" "ioQ3 1.35 urt 4.3.2 libcurl/7.51.0 OpenSSL/1.0.2k zlib/1.2.8 libssh2/1.7.0"
I'm using linux to play, behind home server using iptables firewall, everything went fine, i did the test more than one time without problem.
The problem still exist under Windows >.<
On server side i have absolutely nothing in logs.
On client side i have :
73768 files in pk3 files
Need paks: @q3ut4/ut4_casa_bots.pk3@q3ut4/ut4_casa_bots.pk3
URL: https://tag-cnd.xyz/q3ut4/ut4_casa_bots.pk3
******************
ERROR: Download error: unsupported protocol code 0 https://tag-cnd.xyz
******************
Any help appreciated.
Advertisement
#7
Posted 01 August 2017 - 06:28 AM
BladeKiller, on 29 July 2017 - 07:10 PM, said:
Nice example using an unauthorized modification of one of our maps. meh At least, the modder(s) gave it a different name.
Hi,
Thanks for your answer.
We did not modify the map, and if you want i can do the same test with an other one.
The problem stay as long as it is not one map bundled with urt.
And, afaik, casa was modified to add bot support, nothing else.
Still trying to understand why windows urt client not able to get map on web site with ssl activated...