Web sockets over TLS

A web socket can be built above a secure TLS socket. We discussed in Chapter 8: HTTP how to use a TLS socket using the certificates from Chapter 7: Security. That is used unchanged for web sockets. that is, we use http.ListenAndServeTLS instead of http.ListenAndServe.

Here is the echo server using TLS

  1. /* EchoServer
  2.  */
  3. package main
  5. import (
  6.     "golang.org/x/net/websocket"
  7.     "fmt"
  8.     "net/http"
  9.     "os"
  10. )
  12. func Echo(ws *websocket.Conn) {
  13.     fmt.Println("Echoing")
  15.     for n := 0; n < 10; n++ {
  16.         msg := "Hello  " + string(n+48)
  17.         fmt.Println("Sending to client: " + msg)
  18.         err := websocket.Message.Send(ws, msg)
  19.         if err != nil {
  20.             fmt.Println("Can't send")
  21.             break
  22.         }
  24.         var reply string
  25.         err = websocket.Message.Receive(ws, &reply)
  26.         if err != nil {
  27.             fmt.Println("Can't receive")
  28.             break
  29.         }
  30.         fmt.Println("Received back from client: " + reply)
  31.     }
  32. }
  34. func main() {
  36.     http.Handle("/", websocket.Handler(Echo))
  37.     err := http.ListenAndServeTLS(":12345", "jan.newmarch.name.pem",
  38.         "private.pem", nil)
  39.     checkError(err)
  40. }
  42. func checkError(err error) {
  43.     if err != nil {
  44.         fmt.Println("Fatal error ", err.Error())
  45.         os.Exit(1)
  46.     }
  47. }

The client is the same echo client as before. All that changes is the url, which uses the "wss" scheme instead of the "ws" scheme:

  1. EchoClient wss://localhost:12345/

Conclusion

The web sockets standard is nearing completion and no major changes are anticipated. This will allow HTTP user agents and servers to set up bi-directional socket connections and should make certain interaction styles much easier. Go has nearly complete support for web sockets.