Nostr

i am debugging why clients are not connecting to my relay, and comparing nostrudel production vs next version:

if i'm not mistaken, it looks like next version (and this is probably the same with primal and coracle, which also don't talk to my relay anymore) is messing up the TLS/SSL and asking for a secure connection even though the URL protocol i see in the source code says `ws://` for the local relay

nostr:npub1ye5ptcxfyyxl5vjvdjar2ua3f0hynkjzpx552mu5snj3qmx5pzjscpknpr any idea what is going on here? it looks like this is actually kinda wrong that it's trying to connect using SSL when the protocol is not SSL nostr:npub1l2vyh47mk2p0qlsku7hg0vn29faehy9hy34ygaclpn66ukqp3afqutajft and whoever else works on NDK, dis you guys?

Reply to this note

Please Login to reply.

Discussion

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

nostr:npub1jlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qdjynqn also related

what i have observed is that it doesn't connect at first at all, and when i click on the link, it connects and shows like this, looks like it received a tiny little message and quit listening, but no error

though the console prints this

so i'm guessing my relay is disconnecting? it doesn't even get to the first stage of running the http handler when this happens, i see nothing in my logs saying connected, and i don't see it with netstat either, like the connection is being reset for some other reason

note that it does work with the production version of nostrudel, which is about a month old, so this is a new change somewhere, and i've tried switching from gorilla websocket to fasthttp websocket library (was originally the latter) and no beans there either... the connection negotiation fail seems to be at TCP level by the looks of it

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

i'm just gonna check if it isn't because of new code imported by an update to the websocket libraries

hodlbod 1y ago

Seems to be working fine for me. In firefox I do see two requests to the relay, but maybe Firefox splits out the http and ws upgrade? Anyway, I'm sending stuff successfully.

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

ok, that's encouraging, thanks for poking at it

Laeserin 1y ago

It's requesting a certificate?

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

yep, that's what it looks like, and it shouldn't be on localhost with ws://

i strongly suspect an upstream component of both nostrudel next and probably NDK libraries has been quietly "upgrading" all websockets to TLS

Laeserin 1y ago

Could be, but then they should suggest a NIP update.

hzrd149 1y ago

Yeah, I think its a browser thing. https://stackoverflow.com/questions/70503250/how-to-stop-chrome-from-upgrading-websockets-from-ws-to-wss-when-the-websocket-o

The TLS mafia requires everything to be TLS

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

ok so next gets this, but production gets this

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

ok but why does production version of nostrudel do it fine, in every respect, and not next version, there is a break somewhere along the line

i really don't think this is a break in my code but in the client libraries, not even the runtime itself because how else was it still working? and further, brave wasn't able to do the thing at all, but firefox is, even without changing that about:config setting, in fact i've started using it because i can do this, but now i'm thinking, the easiest solution to this all nonsense is that the local relay is going to be modified in my version to point to my relay's reverse proxied https address and see if that changes things

Nour 1y ago

The best debugging client for me is from nostr:npub1nmr6w7qk0ta36vxysv77jv3d5rqghfc6d8sez8240rf3gja4vsmsd2yha8

https://github.com/eskema/alphaama/tree/v3

Nour 1y ago

you know exactly what's up

Nour 1y ago

once you get used to its commands, you could focus on what you want to debug in your relay.

Also customizing the stuff isn't pretty hard since you could just edit the js files to add your own shortcuts

hzrd149 1y ago

Figured it out. its the `Content-Security-Policy: upgrade-insecure-requests` header https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

yeah, no way no how to make brave relax that setting for some reason... so i've just got firefox, with a little "standalone app" extension enabled and running the current version of nostrudel with my baked in defaults and the cache relay enabled, runs beautifully and it's actually for sure faster than brave at rendering

hzrd149 1y ago

I'm going to fix it, CSP headers are actively hostile to open source apps. the issue is my hosting provider wont let me change the headers and I cant find another one that does not require tons of KYC

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

well, it's not critical it just nerfs that feature on chrome based browsers it looks like, for some reason firefox is fine so i'm running that... and also yes, the production version doesn't have issues with my relay connections, but both next and several others do

for this reason in our work we are gonna stick with this current version of nostrudel production until some other solution comes up... i still haven't checked my reverse proxy isn't involved yet either

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

also, perhaps consider the possibility of making an electron desktop version, then you can bundle in a full blown relay like strfry... i'm very much preferring how fast this is with replicatr backing the event store

hzrd149 1y ago

I've thought about this. but If I'm building a full desktop app and the only feature I add is a system level relay then it wont really be worth it.

If I where to build a desktop app I would want the majority of the logic to be run at the system level and not in the web view

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

it's gonna run inside a javascript runtime either way

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

the point is that the most slow thing in the app is the relay cache, and a real relay is way way faster