#1767 closed defect (fixed)
Cannot connect to a windows 10 pro server using SSL
Reported by: | Luis Mendes | Owned by: | Luis Mendes |
---|---|---|---|
Priority: | major | Milestone: | 2.3 |
Component: | server | Version: | 2.2.x |
Keywords: | Cc: |
Description (last modified by )
The problem, described below is that I cannot connect using SSL.
With TCP it works fine.
One thing I remember is that VoidLinux seems to be using LibreSSL,
not OpenSSL.
- 1.a. operating system on client
$ uname -a Linux leao 4.9.80_1 #1 SMP PREEMPT Thu Feb 8 18:53:51 UTC 2018 x86_64 GNU/Linux
I've tried with kernel 4.14.xx and
- 1.b. operating system on server
Windows 10 Pro version 1709 (OS Build 16299.192)
Pristine and legit installation, no other software installed by me.
- 2. xpra showconfig (see attachment)
I haven't done changes, but the distribution packager might have.
- 3. desktop environment
xfce4-4.12.0
- 4. unusual setup
client desktop is running in 4K
- 5. network setup
Windows server is running in a KVM virtual machine in the same computer.
Tried with NAT only, now also with bridge only setup. Same behaviour.
- 6. full command lines used both on the server and client
The windows server is running the xpra shadow service. No modifications.
The client works with TCP only:
XPRA_ALLOW_UNENCRYPTED_PASSWORDS=1 xpra attach --bind-tcp=0.0.0.0:10000 tcp://luispedro@192.168.1.60
The problem is that it doesn't work with SSL:
xpra attach --ssl-server-verify=none ssl://luispedro@192.168.1.60 2018-02-13 16:56:50,436 Xpra gtk2 client version 2.2.4-r18312 64-bit 2018-02-13 16:56:50,436 running on Linux VoidLinux rolling void 2018-02-13 16:56:50,436 Warning: failed to import opencv: 2018-02-13 16:56:50,437 No module named cv2 2018-02-13 16:56:50,437 webcam forwarding is disabled 2018-02-13 16:56:50,593 GStreamer version 1.12.4 for Python 2.7.14 64-bit 2018-02-13 16:56:50,660 Warning: cannot import gtk OpenGL module 2018-02-13 16:56:50,660 cannot import name gtkgl 2018-02-13 16:56:50,661 Warning: cannot import native OpenGL module 2018-02-13 16:56:50,661 No module named OpenGL 2018-02-13 16:56:50,661 Warning: no OpenGL backends found SSL handshake failed: [Errno 104] Connection reset by peer
with the '-d all' debug option (last lines) - see attachment
- 8. the environment
In the client (Linux):
$ echo $PATH /home/lupe/bin:/usr/local/sbin:/usr/local/bin:/usr/bin:/usr/sbin:/sbin:/bin:/usr/local/bin/fim $ echo $LD_LIBRARY_PATH (nothing)
In the server echo %PATH%
:
C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Users\luis_.WIN-10-TRADING\AppData\Local\Microsoft\WindowsApps;
- 9. xpra info
$ xpra info xpra initialization error: cannot find any live servers to connect to
- 10. xpra installation
In the client, from Void linux packaging system
version:
$ xpra --version xpra v2.2.4-r18312
In the server, from the xpra download page:
Xpra 2.2.4 64 bit revision 18312
- 11. It's a new problem
First time trying xpra for work.
- 12. other similar bugs
Not that I know of.
- 13. other unusual issues
VoidLinux uses !LibreSSL.
No other that I know of.
- 14. reproducible reliably
Everytime I try to connect with the above mentioned xpra line with SSL
Attachments (1)
Change History (5)
Changed 4 years ago by
Attachment: | xpra_bug.txt added |
---|
comment:2 Changed 4 years ago by
Component: | android → server |
---|---|
Description: | modified (diff) |
Milestone: | → 2.3 |
Owner: | changed from Antoine Martin to Luis Mendes |
(moving information where it can be found)
Your server log is full of stacktraces pointing straight to the issue:
Exception in thread new-tcp-connection: Traceback (most recent call last): File "C:/msys64/mingw64/lib/python2.7/threading.py", line 801, in __bootstrap_inner File "C:/msys64/mingw64/lib/python2.7/threading.py", line 754, in run File "./xpra/server/server_core.py", line 847, in handle_new_connection File "./xpra/server/server_core.py", line 948, in may_wrap_socket NameError: global name 'endpoint' is not defined
This error was fixed in the 2.2 branch in r18018 and this fix was included in the 2.2.4 release.
So my guess is that you're not running the server version you think you are.
Maybe you started the shadow server when an older version was installed?
comment:3 Changed 4 years ago by
Description: | modified (diff) |
---|
Never mind, the backport fix done in r18018 was wrong, so 2.2.4 was actually broken wrt ssl socket upgrades. r18429 should fix that, for real this time...
Sorry about that. I should have spotted that, maybe I tested with an earlier 2.2.x build, or with 2.3 RC which isn't affected.
Try the latest 2.2.5 RC or 2.3 beta builds: https://xpra.org/beta/windows.
(only the server side is affected and needs updating)
Just don't use the 2.2.x "python3" builds as those need yet another backport fix.
comment:4 Changed 4 years ago by
Resolution: | → fixed |
---|---|
Status: | new → closed |
Feel free to re-open if I've missed something.
comment:5 Changed 16 months ago by
this ticket has been moved to: https://github.com/Xpra-org/xpra/issues/1767
answer to guidelines