Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/index.php/Reporting_Bug_Guidelines

Do NOT report bugs when a package is just outdated, or it is in Unsupported. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#29032 - [nx-common] "Connection error" with nx-common 3.5.0-4

Attached to Project: Arch Linux
Opened by Jeppe Toustrup (Tenzer) - Wednesday, 21 March 2012, 11:18 GMT
Last edited by Andreas Radke (AndyRTR) - Thursday, 19 April 2012, 14:50 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Tobias Powalowski (tpowa)
Pierre Schmitz (Pierre)
Andreas Radke (AndyRTR)
Architecture All
Severity Medium
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 2
Private No

Details

Description:

When trying to connect to two different NX servers, I only get a "Connection error" refused error message back, with the following content in the "Details" window:
NX> 203 NXSSH running with pid: 4814
NX> 285 Enabling check on switch command
NX> 285 Enabling skip of SSH config files
NX> 285 Setting the preferred NX options
NX> 200 Connected to address: X.X.X.X on port: 22
NX> 202 Authenticating user: nx
NX> 208 Using auth method: publickey

This seems to have come up after the update to 3.5.0-4, as it worked yesterday with version 3.5.0-3.

Are there any way I can enable debug output from nxclient, in order to find out what exactly is causing this?
This task depends upon

Closed by  Andreas Radke (AndyRTR)
Thursday, 19 April 2012, 14:50 GMT
Reason for closing:  Fixed
Comment by Andreas Radke (AndyRTR) - Wednesday, 21 March 2012, 16:36 GMT
make sure your system is fully up to date. you will also need latest openssl and openssh packages.
Comment by Jeppe Toustrup (Tenzer) - Wednesday, 21 March 2012, 16:54 GMT
I have openssh 5.9p1-8 and openssl 1.0.1-1 installed, which are the newest versions available in Core.
Comment by Gerhard Brauer (GerBra) - Thursday, 22 March 2012, 10:31 GMT
A user in archlinux.de bbs reports the same problem. He tried to downgrade all/most packages on both client and server, no way...
At last he deinstalled freenx (with config removing and all depends) and reinstalled it. That solved the problem for him... maybe a try worth (backup your configs), also you could look for *.pacnew versions of the config (perhaps a config change...)
Comment by Jeppe Toustrup (Tenzer) - Thursday, 22 March 2012, 12:28 GMT
I found the mentioned thread here: https://bbs.archlinux.de/viewtopic.php?id=21168, unfortunately reinstalling the packages and removing any config files didn't do any difference to me.

In the mean time I have found a more detailed log from the connection inside ~/.nx/temp/<pid>/runlog, which I honestly don't make much of, but perhaps other do?
(I have changed the IP address of the target machine to X.X.X.X in the file)
   runlog (10.7 KiB)
Comment by Jürgen Hötzel (juergen) - Thursday, 29 March 2012, 12:27 GMT
Seems to be a nxssh/openssl issue.

The server sshd session is closed immediately :

[sshd] debug2: channel 7: rcvd eof


because on the client nxssh segfaults:


Core was generated by `/opt/NX/bin/nxssh.orig -nx -p 2222 -i /home/juergen/.nx/temp/8006/keylog nx@lo...'
Program terminated with signal 11, Segmentation fault.
#0 0xb75b9a4d in _vpaes_decrypt_core () from /usr/lib/libcrypto.so.1.0.0
(gdb) bt
#0 0xb75b9a4d in _vpaes_decrypt_core () from /usr/lib/libcrypto.so.1.0.0
#1 0xb75b9fe5 in vpaes_cbc_encrypt () from /usr/lib/libcrypto.so.1.0.0
...

Maybe related to  FS#29111 
Comment by Jürgen Hötzel (juergen) - Thursday, 29 March 2012, 13:44 GMT
Workaround: Disable asm in openssl:

./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \
no-asm shared zlib enable-md2 ${optflags} \

Im not familar with the openssl build system. Maybe its possible to just disable the new vpaes asm code?
Comment by Maxwell Draven (Ravenman) - Thursday, 29 March 2012, 15:24 GMT
I had this problem also. I solved downgrading package nx-common (3.5.0-4 => 3.5.0-3) and downgrading package openssl (1.0.1-1 => 1.0.0.h-1).
Comment by Jeppe Toustrup (Tenzer) - Thursday, 19 April 2012, 11:43 GMT
I noticed that the openssl package was at version 1.0.1-3 now, and tested out NX again - and it works now. I don't know if we can just close this bug now, or if there is something to check/verify at this stage?

Loading...