Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 29 Jul 2022 21:44:33 +0000
From:      bugzilla-noreply@freebsd.org
To:        ports-bugs@FreeBSD.org
Subject:   [Bug 264528] net/freerdp: NLA fails to connect through gateway after 13.1 upgrade: rdg_process_close_packet:freerdp_set_last_error_ex E_PROXY_INTERNALERROR [0x800759D8]
Message-ID:  <bug-264528-7788-mXpokUsQdt@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-264528-7788@https.bugs.freebsd.org/bugzilla/>
References:  <bug-264528-7788@https.bugs.freebsd.org/bugzilla/>

next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D264528

--- Comment #10 from alt2600@icloud.com ---
(In reply to VVD from comment #9)

unfortunately no dice, i even tried adding +enforce-tlsv1_2 which seemed to
just delay the erroring out


this is just trying out the box with the same settings that work from 13.0
bhyve X!! forwarded to my desktop using the older version of freerdp. I'll =
take
a harder look at the changelog to see if any other options exist, but I hav=
e to
log into work now so cannot play around. Its has to be something that is
different between 13.0 and 13.1 , and beyond openssl in base and clang I do=
n't
know what else it could be.=20


[16:55:19:583] [44161:0f212700] [DEBUG][com.freerdp.core] -
freerdp_connect:freerdp_set_last_error_ex resetting error state
[16:55:19:583] [44161:0f212700] [DEBUG][com.freerdp.client.common.cmdline] -
loading channelEx rdpdr
[16:55:19:583] [44161:0f212700] [DEBUG][com.freerdp.client.common.cmdline] -
loading channelEx rdpsnd
[16:55:19:583] [44161:0f212700] [DEBUG][com.freerdp.channels.drdynvc.client=
] -
VirtualChannelEntryEx
[16:55:19:583] [44161:0f212700] [DEBUG][com.freerdp.client.common.cmdline] -
loading channelEx drdynvc
[16:55:19:587] [44161:0f212700] [DEBUG][com.freerdp.primitives] - primitives
benchmark result:
[16:55:20:755] [44161:0f212700] [DEBUG][com.freerdp.primitives] -  * generi=
c=3D
17
[16:55:20:906] [44161:0f212700] [DEBUG][com.freerdp.primitives] -  * optimi=
zed=3D
105
[16:55:20:906] [44161:0f212700] [DEBUG][com.freerdp.primitives] - primitives
autodetect, using optimized
[16:55:20:911] [44161:0f212700] [DEBUG][com.freerdp.core.nego] - Enabling
security layer negotiation: TRUE
[16:55:20:911] [44161:0f212700] [DEBUG][com.freerdp.core.nego] - Enabling
restricted admin mode: FALSE
[16:55:20:911] [44161:0f212700] [DEBUG][com.freerdp.core.nego] - Enabling R=
DP
security: TRUE
[16:55:20:911] [44161:0f212700] [DEBUG][com.freerdp.core.nego] - Enabling T=
LS
security: TRUE
[16:55:20:911] [44161:0f212700] [DEBUG][com.freerdp.core.nego] - Enabling N=
LA
security: TRUE
[16:55:20:911] [44161:0f212700] [DEBUG][com.freerdp.core.nego] - Enabling N=
LA
extended security: FALSE
[16:55:20:911] [44161:0f212700] [DEBUG][com.freerdp.core.nego] - state:
NEGO_STATE_NLA
[16:55:20:911] [44161:0f212700] [DEBUG][com.freerdp.core.nego] - Attempting=
 NLA
security
[16:55:20:034] [44161:0f212700] [DEBUG][com.freerdp.core] -
freerdp_tcp_connect:freerdp_set_last_error_ex resetting error state
[16:55:20:034] [44161:0f212700] [DEBUG][com.freerdp.core] - connecting to p=
eer
<redacted>
GatewayPassword:=20
[16:55:24:948] [44161:0f212700] [DEBUG][com.winpr.sspi] -
InitSecurityInterfaceExA
[16:55:24:948] [44161:0f212700] [DEBUG][com.winpr.sspi.NTLM] - change state
from NTLM_STATE_INITIAL to NTLM_STATE_INITIAL
[16:55:24:948] [44161:0f212700] [DEBUG][com.winpr.sspi.NTLM] - change state
from NTLM_STATE_INITIAL to NTLM_STATE_NEGOTIATE
[16:55:24:948] [44161:0f212700] [DEBUG][com.winpr.sspi.NTLM] - Write flags
[0xe20882b7]
NTLMSSP_NEGOTIATE_UNICODE|NTLMSSP_NEGOTIATE_OEM|NTLMSSP_REQUEST_TARGET|NTLM=
SSP_NEGOTIATE_SIGN|NTLMSSP_NEGOTIATE_SEAL|NTLMSSP_NEGOTIATE_LM_KEY|NTLMSSP_=
NEGOTIATE_NTLM|NTLMSSP_NEGOTIATE_ALWAYS_SIGN|NTLMSSP_NEGOTIATE_EXTENDED_SES=
SION_SECURITY|NTLMSSP_NEGOTIATE_VERSION|NTLMSSP_NEGOTIATE_128|NTLMSSP_NEGOT=
IATE_KEY_EXCH
[16:55:24:948] [44161:0f212700] [DEBUG][com.winpr.sspi.NTLM] - change state
from NTLM_STATE_NEGOTIATE to NTLM_STATE_CHALLENGE
[16:55:24:981] [44161:0f212700] [DEBUG][com.winpr.sspi.NTLM] - Read flags
[0xe2898235]
NTLMSSP_NEGOTIATE_UNICODE|NTLMSSP_REQUEST_TARGET|NTLMSSP_NEGOTIATE_SIGN|NTL=
MSSP_NEGOTIATE_SEAL|NTLMSSP_NEGOTIATE_NTLM|NTLMSSP_NEGOTIATE_ALWAYS_SIGN|NT=
LMSSP_TARGET_TYPE_DOMAIN|NTLMSSP_NEGOTIATE_EXTENDED_SESSION_SECURITY|NTLMSS=
P_NEGOTIATE_TARGET_INFO|NTLMSSP_NEGOTIATE_VERSION|NTLMSSP_NEGOTIATE_128|NTL=
MSSP_NEGOTIATE_KEY_EXCH
[16:55:24:981] [44161:0f212700] [DEBUG][com.winpr.sspi.NTLM] - change state
from NTLM_STATE_CHALLENGE to NTLM_STATE_AUTHENTICATE
[16:55:24:981] [44161:0f212700] [DEBUG][com.winpr.sspi.NTLM] - Write flags
[0xe288b235]
NTLMSSP_NEGOTIATE_UNICODE|NTLMSSP_REQUEST_TARGET|NTLMSSP_NEGOTIATE_SIGN|NTL=
MSSP_NEGOTIATE_SEAL|NTLMSSP_NEGOTIATE_NTLM|NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIE=
D|NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED|NTLMSSP_NEGOTIATE_ALWAYS_SIGN|NTLM=
SSP_NEGOTIATE_EXTENDED_SESSION_SECURITY|NTLMSSP_NEGOTIATE_TARGET_INFO|NTLMS=
SP_NEGOTIATE_VERSION|NTLMSSP_NEGOTIATE_128|NTLMSSP_NEGOTIATE_KEY_EXCH
[16:55:24:981] [44161:0f212700] [DEBUG][com.winpr.sspi.NTLM] - change state
from NTLM_STATE_AUTHENTICATE to NTLM_STATE_FINAL
[16:55:24:027] [44161:0f212700] [DEBUG][com.freerdp.core.gateway.rdg] -
RDG_OUT_DATA authorization result: 101
[16:55:24:027] [44161:0f212700] [DEBUG][com.freerdp.core.gateway.rdg] -
Upgraded to websocket. RDG_IN_DATA not required
[16:55:24:059] [44161:0f212700] [DEBUG][com.freerdp.core.gateway.rdg] -
Handshake response received
[16:55:24:059] [44161:0f212700] [DEBUG][com.freerdp.core.gateway.rdg] -
errorCode=3DRPC_S_OK, verMajor=3D1, verMinor=3D0, serverVersion=3D0,
extendedAuth=3DHTTP_EXTENDED_AUTH_SC|HTTP_EXTENDED_AUTH_PAA|HTTP_EXTENDED_A=
UTH_SSPI_NTLM
[0007]
[16:55:24:101] [44161:0f212700] [DEBUG][com.freerdp.core.gateway.rdg] - Tun=
nel
response received
[16:55:24:101] [44161:0f212700] [DEBUG][com.freerdp.core.gateway.rdg] -
serverVersion=3D0, errorCode=3DRPC_S_OK,
fieldsPresent=3DHTTP_EXTENDED_AUTH_SC|HTTP_EXTENDED_AUTH_PAA|HTTP_EXTENDED_=
AUTH_SSPI_NTLM
[0007]|HTTP_TUNNEL_RESPONSE_FIELD_TUNNEL_ID|HTTP_TUNNEL_RESPONSE_FIELD_CAPS
[0003]
[16:55:24:101] [44161:0f212700] [DEBUG][com.freerdp.core.gateway.rdg] -
capabilities=3DHTTP_EXTENDED_AUTH_SC|HTTP_EXTENDED_AUTH_PAA|HTTP_EXTENDED_A=
UTH_SSPI_NTLM
[0007]|HTTP_TUNNEL_RESPONSE_FIELD_TUNNEL_ID|HTTP_TUNNEL_RESPONSE_FIELD_CAPS
[0003]|HTTP_CAPABILITY_TYPE_QUAR_SOH|HTTP_CAPABILITY_MESSAGING_CONSENT_SIGN=
|HTTP_CAPABILITY_MESSAGING_SERVICE_MSG
[000d]
[16:55:28:882] [44161:0f212700] [DEBUG][com.freerdp.core.gateway.rdg] - Tun=
nel
authorization received
[16:55:28:883] [44161:0f212700] [DEBUG][com.freerdp.core.gateway.rdg] -
errorCode=3DRPC_S_OK,
fieldsPresent=3DHTTP_EXTENDED_AUTH_SC|HTTP_EXTENDED_AUTH_PAA|HTTP_EXTENDED_=
AUTH_SSPI_NTLM
[0007]|HTTP_TUNNEL_RESPONSE_FIELD_TUNNEL_ID|HTTP_TUNNEL_RESPONSE_FIELD_CAPS
[0003]|HTTP_CAPABILITY_TYPE_QUAR_SOH|HTTP_CAPABILITY_MESSAGING_CONSENT_SIGN=
|HTTP_CAPABILITY_MESSAGING_SERVICE_MSG
[000d]|HTTP_TUNNEL_AUTH_RESPONSE_FIELD_REDIR_FLAGS|HTTP_TUNNEL_AUTH_RESPONS=
E_FIELD_IDLE_TIMEOUT
[0003]
[16:55:28:936] [44161:0f212700] [DEBUG][com.freerdp.core.gateway.rdg] - Cha=
nnel
response received
[16:55:28:936] [44161:0f212700] [DEBUG][com.freerdp.core.gateway.rdg] - cha=
nnel
response errorCode=3DRPC_S_OK,
fieldsPresent=3DHTTP_EXTENDED_AUTH_SC|HTTP_EXTENDED_AUTH_PAA|HTTP_EXTENDED_=
AUTH_SSPI_NTLM
[0007]|HTTP_TUNNEL_RESPONSE_FIELD_TUNNEL_ID|HTTP_TUNNEL_RESPONSE_FIELD_CAPS
[0003]|HTTP_CAPABILITY_TYPE_QUAR_SOH|HTTP_CAPABILITY_MESSAGING_CONSENT_SIGN=
|HTTP_CAPABILITY_MESSAGING_SERVICE_MSG
[000d]|HTTP_TUNNEL_AUTH_RESPONSE_FIELD_REDIR_FLAGS|HTTP_TUNNEL_AUTH_RESPONS=
E_FIELD_IDLE_TIMEOUT
[0003]|HTTP_CHANNEL_RESPONSE_FIELD_CHANNELID|HTTP_CHANNEL_RESPONSE_OPTIONAL=
|HTTP_CHANNEL_RESPONSE_FIELD_UDPPORT
[0007]
[16:55:28:936] [44161:0f212700] [DEBUG][com.freerdp.core.nego] -
RequestedProtocols: 3
[16:55:28:985] [44161:0f212700] [DEBUG][com.freerdp.core.nego] - RDP_NEG_RSP
[16:55:28:985] [44161:0f212700] [DEBUG][com.freerdp.core.nego] -
RDP_NEG_RSP::flags =3D { [0x1f]
|EXTENDED_CLIENT_DATA_SUPPORTED|DYNVC_GFX_PROTOCOL_SUPPORTED|RDP_NEGRSP_RES=
ERVED|RESTRICTED_ADMIN_MODE_SUPPORTED|REDIRECTED_AUTHENTICATION_MODE_SUPPOR=
TED
}
[16:55:28:985] [44161:0f212700] [DEBUG][com.freerdp.core.nego] -
selected_protocol: 2
[16:55:28:985] [44161:0f212700] [DEBUG][com.freerdp.core.nego] - state:
NEGO_STATE_FINAL
[16:55:28:985] [44161:0f212700] [DEBUG][com.freerdp.core.nego] - Negotiated=
 NLA
security
[16:55:28:985] [44161:0f212700] [DEBUG][com.freerdp.core.nego] -
nego_security_connect with PROTOCOL_HYBRID
[16:55:28:016] [44161:0f212700] [ERROR][com.freerdp.core] -
rdg_process_close_packet:freerdp_set_last_error_ex E_PROXY_INTERNALERROR
[0x800759D8]
[16:55:28:052] [44161:0f212700] [DEBUG][com.freerdp.core.nego] - Failed to
connect with NLA security

--=20
You are receiving this mail because:
You are the assignee for the bug.=



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-264528-7788-mXpokUsQdt>