Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

RDP Connection unexpected closed after login greeting #89

Closed
dm-msk opened this issue Oct 4, 2023 · 7 comments
Closed

RDP Connection unexpected closed after login greeting #89

dm-msk opened this issue Oct 4, 2023 · 7 comments
Assignees

Comments

@dm-msk
Copy link

dm-msk commented Oct 4, 2023

The Guacamole server is not currently reachable. Please check your network and try again.

An internal error has occurred within the Guacamole server, and the connection has been terminated. If the problem persists, please notify your system administrator, or check your system logs.

[2023-10-04 12:36:08] [info] 12:36:08.002 [https-openssl-apr-8443-exec-2] ERROR o.a.g.w.GuacamoleWebSocketTunnelEndpoint - Creation of WebSocket tunnel to guacd failed: OpenUDS service returned an error.
[2023-10-04 12:36:08] [info] 12:36:08.027 [https-openssl-apr-8443-exec-3] ERROR o.a.g.s.GuacamoleHTTPTunnelServlet - HTTP tunnel request failed: OpenUDS service returned an error.
@dm-msk
Copy link
Author

dm-msk commented Oct 4, 2023

[2023-10-04 12:36:44] [info] Starting service [Catalina]
[2023-10-04 12:36:44] [info] Starting Servlet engine: [Apache Tomcat/9.0.70 (Debian)]
[2023-10-04 12:36:44] [info] Deploying web application archive [/var/lib/tomcat9/webapps/guacamole.war]
[2023-10-04 12:36:49] [info] At least one JAR was scanned for TLDs yet contained no TLDs. Enable debug logging for this logger for a complete list of JARs that were scanned but no TLDs were found in them. Skipping unneeded JARs during scanning can improve startup time and JSP compilation time.
[2023-10-04 12:36:50] [info] 12:36:50.178 [main] INFO  o.a.g.environment.LocalEnvironment - GUACAMOLE_HOME is "/etc/guacamole".
[2023-10-04 12:36:50] [info] 12:36:50.320 [main] INFO  o.a.g.GuacamoleServletContextListener - Read configuration parameters from "/etc/guacamole/guacamole.properties".
[2023-10-04 12:36:50] [info] 12:36:50.322 [main] INFO  o.a.g.rest.auth.HashTokenSessionMap - Sessions will expire after 60 minutes of inactivity.
[2023-10-04 12:36:51] [info] 12:36:51.314 [main] INFO  o.a.g.extension.ExtensionModule - Multiple extensions are installed and will be loaded in order of decreasing priority:
[2023-10-04 12:36:51] [info] 12:36:51.314 [main] INFO  o.a.g.extension.ExtensionModule -  - [custom-namespace] "Custom Guacamole Theme" (/etc/guacamole/extensions/branding.jar)
[2023-10-04 12:36:51] [info] 12:36:51.314 [main] INFO  o.a.g.extension.ExtensionModule -  - [mysql] "MySQL Authentication" (/etc/guacamole/extensions/guacamole-auth-jdbc-mysql-1.5.3.jar)
[2023-10-04 12:36:51] [info] 12:36:51.314 [main] INFO  o.a.g.extension.ExtensionModule -  - [uds] "UDS Integration Extension for Apache Guacamole" (/etc/guacamole/extensions/guacamole-auth-uds-2.5.0.jar)
[2023-10-04 12:36:51] [info] 12:36:51.314 [main] INFO  o.a.g.extension.ExtensionModule - To change this order, set the "extension-priority" property or rename the extension files. The default priority of extensions is dictated by the sort order of their filenames.
[2023-10-04 12:36:51] [info] 12:36:51.397 [main] INFO  o.a.g.extension.ExtensionModule - Extension "Custom Guacamole Theme" (custom-namespace) loaded.
[2023-10-04 12:36:51] [info] 12:36:51.467 [main] INFO  o.a.g.a.mysql.conf.MySQLEnvironment - Installed JDBC driver for MySQL/MariaDB detected as "MySQL Connector/J".
[2023-10-04 12:36:52] [info] 12:36:52.762 [main] INFO  o.a.g.extension.ExtensionModule - Extension "MySQL Authentication" (mysql) loaded.
[2023-10-04 12:36:52] [info] 12:36:52.767 [main] INFO  o.a.g.environment.LocalEnvironment - GUACAMOLE_HOME is "/etc/guacamole".
[2023-10-04 12:36:52] [info] 12:36:52.940 [main] INFO  o.a.g.extension.ExtensionModule - Extension "UDS Integration Extension for Apache Guacamole" (uds) loaded.
[2023-10-04 12:36:53] [info] 12:36:53.040 [main] INFO  o.a.g.t.w.WebSocketTunnelModule - Loading JSR-356 WebSocket support...
[2023-10-04 12:36:53] [info] 12:36:53.708 [main] WARN  o.g.jersey.server.wadl.WadlFeature - JAXBContext implementation could not be found. WADL feature is disabled.
[2023-10-04 12:36:54] [info] Deployment of web application archive [/var/lib/tomcat9/webapps/guacamole.war] has finished in [9 445] ms
[2023-10-04 12:36:54] [info] Установка веб приложения в папку [/var/lib/tomcat9/webapps/ROOT]
[2023-10-04 12:36:54] [info] At least one JAR was scanned for TLDs yet contained no TLDs. Enable debug logging for this logger for a complete list of JARs that were scanned but no TLDs were found in them. Skipping unneeded JARs during scanning can improve startup time and JSP compilation time.
[2023-10-04 12:36:54] [info] Deployment of web application directory [/var/lib/tomcat9/webapps/ROOT] has finished in [729] ms
[2023-10-04 12:36:54] [info] Starting ProtocolHandler ["http-nio-8080"]
[2023-10-04 12:36:54] [info] Starting ProtocolHandler ["https-openssl-apr-8443"]
[2023-10-04 12:36:54] [info] Server startup in [10462] milliseconds

@dm-msk
Copy link
Author

dm-msk commented Oct 4, 2023

2023-10-04T12:43:33.934571+03:00 uds-tunnel guacd[566]: Creating new client for protocol "rdp"
2023-10-04T12:43:33.934927+03:00 uds-tunnel guacd[566]: guacd[566]: INFO:#011Creating new client for protocol "rdp"
2023-10-04T12:43:33.935753+03:00 uds-tunnel guacd[566]: Connection ID is "$8a515f75-bc36-408f-8d44-1c7b9fa6b676"
2023-10-04T12:43:33.935878+03:00 uds-tunnel guacd[566]: guacd[566]: INFO:#011Connection ID is "$8a515f75-bc36-408f-8d44-1c7b9fa6b676"
2023-10-04T12:43:33.995054+03:00 uds-tunnel guacd[1523]: Security mode: Negotiate (ANY)
2023-10-04T12:43:33.995712+03:00 uds-tunnel guacd[1523]: guacd[1523]: INFO:#011Security mode: Negotiate (ANY)
2023-10-04T12:43:33.995877+03:00 uds-tunnel guacd[1523]: Resize method: display-update
2023-10-04T12:43:33.995999+03:00 uds-tunnel guacd[1523]: guacd[1523]: INFO:#011Resize method: display-update
2023-10-04T12:43:33.996096+03:00 uds-tunnel guacd[1523]: No clipboard line-ending normalization specified. Defaulting to preserving the format of all line endings.
2023-10-04T12:43:33.996206+03:00 uds-tunnel guacd[1523]: guacd[1523]: INFO:#011No clipboard line-ending normalization specified. Defaulting to preserving the format of all line endings.
2023-10-04T12:43:33.996356+03:00 uds-tunnel guacd[1523]: User "@513dc934-a6df-45a6-bbae-2bd20eb065ef" joined connection "$8a515f75-bc36-408f-8d44-1c7b9fa6b676" (1 users now present)
2023-10-04T12:43:33.996461+03:00 uds-tunnel guacd[1523]: guacd[1523]: INFO:#011User "@513dc934-a6df-45a6-bbae-2bd20eb065ef" joined connection "$8a515f75-bc36-408f-8d44-1c7b9fa6b676" (1 users now present)
2023-10-04T12:43:34.000936+03:00 uds-tunnel guacd[1523]: Loading keymap "base"
2023-10-04T12:43:34.001149+03:00 uds-tunnel guacd[1523]: guacd[1523]: INFO:#011Loading keymap "base"
2023-10-04T12:43:34.001282+03:00 uds-tunnel guacd[1523]: Loading keymap "en-us-qwerty"
2023-10-04T12:43:34.001375+03:00 uds-tunnel guacd[1523]: guacd[1523]: INFO:#011Loading keymap "en-us-qwerty"
2023-10-04T12:43:37.534205+03:00 uds-tunnel guacd[1523]: User "@513dc934-a6df-45a6-bbae-2bd20eb065ef" disconnected (0 users remain)
2023-10-04T12:43:37.534523+03:00 uds-tunnel guacd[1523]: guacd[1523]: INFO:#011User "@513dc934-a6df-45a6-bbae-2bd20eb065ef" disconnected (0 users remain)
2023-10-04T12:43:37.534619+03:00 uds-tunnel guacd[1523]: guacd[1523]: INFO:#011Last user of connection "$8a515f75-bc36-408f-8d44-1c7b9fa6b676" disconnected
2023-10-04T12:43:37.534692+03:00 uds-tunnel guacd[1523]: Last user of connection "$8a515f75-bc36-408f-8d44-1c7b9fa6b676" disconnected
2023-10-04T12:43:37.567906+03:00 uds-tunnel guacd[1523]: Internal RDP client disconnected
2023-10-04T12:43:37.568158+03:00 uds-tunnel guacd[1523]: guacd[1523]: INFO:#011Internal RDP client disconnected
2023-10-04T12:43:37.576364+03:00 uds-tunnel guacd[566]: Connection "$8a515f75-bc36-408f-8d44-1c7b9fa6b676" removed.
2023-10-04T12:43:37.576689+03:00 uds-tunnel guacd[566]: guacd[566]: INFO:#011Connection "$8a515f75-bc36-408f-8d44-1c7b9fa6b676" removed.

@dm-msk
Copy link
Author

dm-msk commented Oct 4, 2023

guacd version 1.5.3
tomcat 9
openuds v3.6

@dkmstr
Copy link
Collaborator

dkmstr commented Oct 9, 2023

Sorry for the delay on the response.
Yes, probably you have had issues using tunnels with 3.6 version.
From 3.6 onwards, the server has to be registered with UDS before it is allowed to request for anything on UDS. The problem: I forgot to document this :(

This is the procedure to obtain the valid url for 3.6 onwards:
Using this script:
https://raw.githubusercontent.com/VirtualCable/openuds/master/server/samples/reg_tunnel.py
Yo have to register the tunnel with UDS Server.

The use is fair easy:

usage: reg_tunnel.py [-h] [--auth-uuid AUTH_UUID] --username USERNAME --password PASSWORD --broker-host BROKER_HOST [--broker-port BROKER_PORT] --tunnel-ip TUNNEL_IP
[--tunnel-hostname TUNNEL_HOSTNAME] [--no-ssl] [--no-verify]

Register a tunnel with UDS Broker

options:
-h, --help show this help message and exit
--auth-uuid AUTH_UUID
UUID of authenticator to use
--username USERNAME Username to use (must have administator privileges)
--password PASSWORD Password to use
--broker-host BROKER_HOST
Broker host to connect to
--broker-port BROKER_PORT
Broker port to connect to
--tunnel-ip TUNNEL_IP
IP of tunnel server
--tunnel-hostname TUNNEL_HOSTNAME
Hostname of tunnel server (defaults to juliet)
--no-ssl Disable SSL in connection to broker
--no-verify Disable SSL certificate verification

  • Get an admin user of from uds. If you use the "root" uds user, then no auth-uuid is needed, if not, take the uuid of the authenticator from the database.
  • Run the command with required parameters, and get the output:
    ./reg_tunnel.py --username root --password the_passwor --broker-host 192.168.1.10 --tunnel-ip 192.168.10.10 --no-verify
  • Get the output token:
    Registered with token "eBCeFxTBw1IKXCqq-RlncshwWIfrrqxc8y5nehqiqMtRztwD"
  • Now, compose the url for guacamole as this:
    uds-base-url=https://192.168.1.10/uds/guacamole/auth/eBCeFxTBw1IKXCqq-RlncshwWIfrrqxc8y5nehqiqMtRztwD/
    (note the last part with the token and the trailing slash)
    With this, your guacamole should work.

Note: Guacamole will ALWAYS try to check certificate validity, so, if you have a self-signed certificate, ensure to add it to local java ca repository, so guacamole does not fails.

Again, sorry for the lack of documentation and the delay, sometimes i don't have even time for sleeping, literally, due to work :)

Tell me please if this works for you,

@dm-msk
Copy link
Author

dm-msk commented Oct 12, 2023

#Hello. It's not helped me. I've already have tunnel token.

Certificate is a GlobalSign

curl -v https://example.com

  • Trying 192.168.180.110:443...
  • Connected to example.com (192.168.180.110) port 443 (#0)
  • ALPN: offers h2,http/1.1
  • TLSv1.3 (OUT), TLS handshake, Client hello (1):
  • CAfile: /etc/ssl/certs/ca-certificates.crt
  • CApath: /etc/ssl/certs
  • TLSv1.3 (IN), TLS handshake, Server hello (2):
  • TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
  • TLSv1.3 (IN), TLS handshake, Certificate (11):
  • TLSv1.3 (IN), TLS handshake, CERT verify (15):
  • TLSv1.3 (IN), TLS handshake, Finished (20):
  • TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
  • TLSv1.3 (OUT), TLS handshake, Finished (20):
  • SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
  • ALPN: server accepted h2
  • Server certificate:
  • subject: CN=*.example.com;
  • start date: Aug 29 13:16:29 2023 GMT
  • expire date: Sep 29 13:16:28 2024 GMT
  • subjectAltName: host "example.com" matched cert's "*.example.com"
  • issuer: C=BE; O=GlobalSign nv-sa; CN=GlobalSign RSA OV SSL CA 2018
  • SSL certificate verify ok.
  • using HTTP/2
  • h2h3 [:method: GET]
  • h2h3 [:path: /]
  • h2h3 [:scheme: https]
  • h2h3 [:authority: example.com]
  • h2h3 [user-agent: curl/7.88.1]
  • h2h3 [accept: /]
  • Using Stream ID: 1 (easy handle 0x558998a6ec70)

GET / HTTP/2
Host: example.com
user-agent: curl/7.88.1
accept: /

  • TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
  • TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
  • old SSL session ID is stale, removing
    < HTTP/2 302
    < server: nginx/1.22.1
    < date: Thu, 12 Oct 2023 07:05:38 GMT
    < content-type: text/html; charset=utf-8
    < content-length: 0
    < location: /uds/page/services
    < x-ua-compatible: IE=edge
    < x-xss-protection: 1; mode=block
    < content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' uds: udss:; img-src 'self' https: data:;
    < x-content-type-options: nosniff
    < referrer-policy: same-origin
    < x-frame-options: DENY
    < vary: Accept-Language, Cookie
    < content-language: ru
    < set-cookie: sessionid=xtjpler2ioarbqx1ewguwf4ipqhrqjgp; Path=/; SameSite=Lax
    < strict-transport-security: max-age=63072000; includeSubDomains; preload
    < x-frame-options: DENY
    < x-content-type-options: nosniff
    < x-xss-protection: 1; mode=block
    <
  • Connection #0 to host example.com left intact

окт 12 10:03:07 uds-tunnel tomcat9[24594]: 10:03:07.520 [https-openssl-apr-8443-exec-7] INFO o.a.g.tunnel.TunnelRequestService - User "" disconnected from connection "UDS". Duration: 3568 milliseconds
окт 12 10:03:07 uds-tunnel guacd[24782]: Guacamole connection failure: Error filling instruction buffer
окт 12 10:03:07 uds-tunnel guacd[24782]: guacd[24782]: WARNING: Guacamole connection failure: Error filling instruction buffer
окт 12 10:03:07 uds-tunnel guacd[24782]: guacd[24782]: INFO: User "@9f5e3493-e692-4d41-a15e-47c0f1b432ff" disconnected (0 users remain)
окт 12 10:03:07 uds-tunnel guacd[24782]: guacd[24782]: INFO: Last user of connection "$de909c75-b58c-4080-96da-f131b3445284" disconnected
окт 12 10:03:07 uds-tunnel guacd[24782]: User "@9f5e3493-e692-4d41-a15e-47c0f1b432ff" disconnected (0 users remain)
окт 12 10:03:07 uds-tunnel guacd[24782]: Last user of connection "$de909c75-b58c-4080-96da-f131b3445284" disconnected
окт 12 10:03:07 uds-tunnel guacd[24782]: Internal RDP client disconnected
окт 12 10:03:07 uds-tunnel guacd[24782]: guacd[24782]: INFO: Internal RDP client disconnected
окт 12 10:03:07 uds-tunnel guacd[24579]: Connection "$de909c75-b58c-4080-96da-f131b3445284" removed.
окт 12 10:03:07 uds-tunnel guacd[24579]: guacd[24579]: INFO: Connection "$de909c75-b58c-4080-96da-f131b3445284" removed.
окт 12 10:03:22 uds-tunnel guacd[24579]: Creating new client for protocol "rdp"
окт 12 10:03:22 uds-tunnel guacd[24579]: guacd[24579]: INFO: Creating new client for protocol "rdp"
окт 12 10:03:22 uds-tunnel guacd[24579]: Connection ID is "$9bb2eabb-7ffe-4831-bb3d-4c220a05d92c"
окт 12 10:03:22 uds-tunnel guacd[24579]: guacd[24579]: INFO: Connection ID is "$9bb2eabb-7ffe-4831-bb3d-4c220a05d92c"
окт 12 10:03:22 uds-tunnel tomcat9[24594]: 10:03:22.985 [https-openssl-apr-8443-exec-4] INFO o.a.g.tunnel.TunnelRequestService - User "null" connected to connection "UDS".
окт 12 10:03:22 uds-tunnel guacd[24803]: Security mode: Negotiate (ANY)
окт 12 10:03:22 uds-tunnel guacd[24803]: guacd[24803]: INFO: Security mode: Negotiate (ANY)
окт 12 10:03:22 uds-tunnel guacd[24803]: Resize method: display-update
окт 12 10:03:22 uds-tunnel guacd[24803]: guacd[24803]: INFO: Resize method: display-update
окт 12 10:03:22 uds-tunnel guacd[24803]: No clipboard line-ending normalization specified. Defaulting to preserving the format of all line endings.
окт 12 10:03:22 uds-tunnel guacd[24803]: guacd[24803]: INFO: No clipboard line-ending normalization specified. Defaulting to preserving the format of all line endings.
окт 12 10:03:22 uds-tunnel guacd[24803]: User "@b389e5ae-1359-4a5b-ac15-61ae6ac8d8d8" joined connection "$9bb2eabb-7ffe-4831-bb3d-4c220a05d92c" (1 users now present)
окт 12 10:03:22 uds-tunnel guacd[24803]: guacd[24803]: INFO: User "@b389e5ae-1359-4a5b-ac15-61ae6ac8d8d8" joined connection "$9bb2eabb-7ffe-4831-bb3d-4c220a05d92c" (1 users now present)
окт 12 10:03:22 uds-tunnel guacd[24803]: Loading keymap "base"
окт 12 10:03:22 uds-tunnel guacd[24803]: Loading keymap "en-us-qwerty"
окт 12 10:03:23 uds-tunnel guacd[24803]: guacd[24803]: INFO: Loading keymap "base"
окт 12 10:03:23 uds-tunnel guacd[24803]: guacd[24803]: INFO: Loading keymap "en-us-qwerty"
окт 12 10:03:26 uds-tunnel tomcat9[24594]: 10:03:26.507 [https-openssl-apr-8443-exec-3] INFO o.a.g.tunnel.TunnelRequestService - User "" disconnected from connection "UDS". Duration: 3522 milliseconds
окт 12 10:03:26 uds-tunnel guacd[24803]: User "@b389e5ae-1359-4a5b-ac15-61ae6ac8d8d8" disconnected (0 users remain)
окт 12 10:03:26 uds-tunnel guacd[24803]: guacd[24803]: INFO: User "@b389e5ae-1359-4a5b-ac15-61ae6ac8d8d8" disconnected (0 users remain)
окт 12 10:03:26 uds-tunnel guacd[24803]: guacd[24803]: INFO: Last user of connection "$9bb2eabb-7ffe-4831-bb3d-4c220a05d92c" disconnected
окт 12 10:03:26 uds-tunnel guacd[24803]: Last user of connection "$9bb2eabb-7ffe-4831-bb3d-4c220a05d92c" disconnected
окт 12 10:03:26 uds-tunnel guacd[24803]: Internal RDP client disconnected
окт 12 10:03:26 uds-tunnel guacd[24803]: guacd[24803]: INFO: Internal RDP client disconnected
окт 12 10:03:26 uds-tunnel guacd[24579]: Connection "$9bb2eabb-7ffe-4831-bb3d-4c220a05d92c" removed.
окт 12 10:03:26 uds-tunnel guacd[24579]: guacd[24579]: INFO: Connection "$9bb2eabb-7ffe-4831-bb3d-4c220a05d92c" removed.

@dm-msk
Copy link
Author

dm-msk commented Oct 12, 2023

guacd[25760]: WARNING:  Guacamole connection failure: Error filling instruction buffer
guacd[25760]: INFO:     User "@62da93df-3b11-465d-bd62-eff8b95b3337" disconnected (0 users remain)

@dm-msk
Copy link
Author

dm-msk commented Oct 12, 2023

I solved this error. It was Data Leak Prevention system lock RDP in browser

@dkmstr dkmstr closed this as completed Oct 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants