new macos rdp client >= 10.7.2 doesn't work over rdpgw about rdpgw HOT 8 CLOSED

replicated locally

rdpgw_1 | 2021/12/21 10:38:29 Starting remote desktop gateway server
rdpgw_1 | 2021/12/21 10:39:13 http: TLS handshake error from 172.19.0.1:58920: remote error: tls: unknown certificate
rdpgw_1 | 2021/12/21 10:39:13 http: TLS handshake error from 172.19.0.1:58918: remote error: tls: unknown certificate
rdpgw_1 | 2021/12/21 10:39:13 http: TLS handshake error from 172.19.0.1:58926: remote error: tls: unknown certificate
rdpgw_1 | 2021/12/21 10:39:25 Session {33001a58-6ad9-f0f6-a16b-14bbb641c5fe}, false, false
rdpgw_1 | 2021/12/21 10:39:25 Opening RDGOUT for client 172.19.0.1
rdpgw_1 | 2021/12/21 10:39:25 Session {33001a58-6ad9-f0f6-a16b-14bbb641c5fe}, true, false
rdpgw_1 | 2021/12/21 10:39:25 Opening RDGIN for client 172.19.0.1
rdpgw_1 | 2021/12/21 10:39:25 Legacy handshakeRequest done for client 172.19.0.1
rdpgw_1 | 2021/12/21 10:39:25 Client handshakeRequest from 172.19.0.1
rdpgw_1 | 2021/12/21 10:39:25 major: 1, minor: 0, version: 0, ext auth: 2
rdpgw_1 | 2021/12/21 10:39:25 Tunnel create
rdpgw_1 | 2021/12/21 10:39:25 Tunnel auth
rdpgw_1 | 2021/12/21 10:39:26 Channel create
rdpgw_1 | 2021/12/21 10:39:26 Establishing connection to RDP server: xrdp:3389
rdpgw_1 | 2021/12/21 10:39:26 Connection established
rdpgw_1 | 2021/12/21 10:39:29 Close channel
rdpgw_1 | 2021/12/21 10:39:29 Cannot read message from stream read tcp 172.19.0.4:9443->172.19.0.1:58940: use of closed network connection
rdpgw_1 | 2021/12/21 10:40:32 http: TLS handshake error from 172.19.0.1:58952: remote error: tls: unknown certificate
rdpgw_1 | 2021/12/21 10:40:36 Session {1c9833c1-a626-6c5c-c5af-090f32ef9c40}, false, false
rdpgw_1 | 2021/12/21 10:40:36 Opening RDGOUT for client 172.19.0.1
rdpgw_1 | 2021/12/21 10:40:36 Session {1c9833c1-a626-6c5c-c5af-090f32ef9c40}, true, false
rdpgw_1 | 2021/12/21 10:40:36 Opening RDGIN for client 172.19.0.1
rdpgw_1 | 2021/12/21 10:40:36 Legacy handshakeRequest done for client 172.19.0.1
rdpgw_1 | 2021/12/21 10:40:36 Client handshakeRequest from 172.19.0.1
rdpgw_1 | 2021/12/21 10:40:36 major: 1, minor: 0, version: 0, ext auth: 2
rdpgw_1 | 2021/12/21 10:40:36 Tunnel create
rdpgw_1 | 2021/12/21 10:40:36 Tunnel auth
rdpgw_1 | 2021/12/21 10:40:36 Channel create
rdpgw_1 | 2021/12/21 10:40:36 Establishing connection to RDP server: xrdp:3389
rdpgw_1 | 2021/12/21 10:40:36 Connection established
rdpgw_1 | 2021/12/21 10:40:38 Close channel
rdpgw_1 | 2021/12/21 10:40:38 Cannot read message from stream read tcp 172.19.0.4:9443->172.19.0.1:58956: use of closed network connection

from rdpgw.

well, it might be bit different locally, here the request hits xrdp

[20211221-17:40:55] [INFO ] Socket 11: AF_INET connection received from 172.19.0.4 port 41296
[20211221-17:40:55] [DEBUG] Closed socket 11 (AF_INET 172.19.0.3:3389)
[20211221-17:40:55] [DEBUG] Closed socket 10 (AF_INET 0.0.0.0:3389)
[20211221-17:40:55] [DEBUG] item ini_version, value 1
[20211221-17:40:55] [DEBUG] item fork, value true
[20211221-17:40:55] [DEBUG] item port, value 3389
[20211221-17:40:55] [DEBUG] item tcp_nodelay, value true
[20211221-17:40:55] [DEBUG] item tcp_keepalive, value true
[20211221-17:40:55] [DEBUG] item security_layer, value rdp
[20211221-17:40:55] [DEBUG] item crypt_level, value low
[20211221-17:40:55] [DEBUG] item certificate, value
[20211221-17:40:55] [INFO ] Using default X.509 certificate: /etc/xrdp/cert.pem
[20211221-17:40:55] [DEBUG] item key_file, value
[20211221-17:40:55] [INFO ] Using default X.509 key file: /etc/xrdp/key.pem
[20211221-17:40:55] [DEBUG] item ssl_protocols, value TLSv1, TLSv1.1, TLSv1.2
[20211221-17:40:55] [DEBUG] TLSv1.2 enabled
[20211221-17:40:55] [DEBUG] TLSv1.1 enabled
[20211221-17:40:55] [DEBUG] TLSv1 enabled
[20211221-17:40:55] [DEBUG] item autorun, value
[20211221-17:40:55] [DEBUG] item allow_channels, value true
[20211221-17:40:55] [DEBUG] item allow_multimon, value false
[20211221-17:40:55] [INFO ] Multi monitor server support disabled
[20211221-17:40:55] [DEBUG] item bitmap_cache, value true
[20211221-17:40:55] [DEBUG] item bitmap_compression, value true
[20211221-17:40:55] [DEBUG] item bulk_compression, value true
[20211221-17:40:55] [DEBUG] item max_bpp, value 16
[20211221-17:40:55] [DEBUG] item new_cursors, value false
[20211221-17:40:55] [DEBUG] item use_fastpath, value both
[20211221-17:40:55] [DEBUG] item blue, value 009cb5
[20211221-17:40:55] [DEBUG] item grey, value dedede
[20211221-17:40:55] [DEBUG] item ls_top_window_bg_color, value 009cb5
[20211221-17:40:55] [DEBUG] item ls_width, value 350
[20211221-17:40:55] [DEBUG] item ls_height, value 430
[20211221-17:40:55] [DEBUG] item ls_bg_color, value dedede
[20211221-17:40:55] [DEBUG] item ls_logo_filename, value
[20211221-17:40:55] [DEBUG] item ls_logo_x_pos, value 55
[20211221-17:40:55] [DEBUG] item ls_logo_y_pos, value 50
[20211221-17:40:55] [DEBUG] item ls_label_x_pos, value 30
[20211221-17:40:55] [DEBUG] item ls_label_width, value 60
[20211221-17:40:55] [DEBUG] item ls_input_x_pos, value 110
[20211221-17:40:55] [DEBUG] item ls_input_width, value 210
[20211221-17:40:55] [DEBUG] item ls_input_y_pos, value 220
[20211221-17:40:55] [DEBUG] item ls_btn_ok_x_pos, value 142
[20211221-17:40:55] [DEBUG] item ls_btn_ok_y_pos, value 370
[20211221-17:40:55] [DEBUG] item ls_btn_ok_width, value 85
[20211221-17:40:55] [DEBUG] item ls_btn_ok_height, value 30
[20211221-17:40:55] [DEBUG] item ls_btn_cancel_x_pos, value 237
[20211221-17:40:55] [DEBUG] item ls_btn_cancel_y_pos, value 370
[20211221-17:40:55] [DEBUG] item ls_btn_cancel_width, value 85
[20211221-17:40:55] [DEBUG] item ls_btn_cancel_height, value 30
[20211221-17:40:55] [INFO ] Security protocol: configured [RDP], requested [SSL|HYBRID|HYBRID_EX|RDP], selected [RDP]
[20211221-17:40:55] [DEBUG] Using RDP security, and reading the server configuration
[20211221-17:40:55] [DEBUG] [MCS Connection Sequence] receive connection request

from rdpgw.

extract from the pcap @bolkedebruin

from rdpgw.

added some extra logging, it seems we are getting lost somewhere here

rdpgw_1     | 2021/12/23 10:10:59 Establishing connection to RDP server: xrdp:3389
rdpgw_1     | 2021/12/23 10:10:59 Connection established
rdpgw_1     | 2021/12/23 10:10:59 Entering channel response
rdpgw_1     | 2021/12/23 10:10:59 Leaving channel response
rdpgw_1     | 2021/12/23 10:10:59 Message pt: 10, sz: 29
rdpgw_1     | 2021/12/23 10:10:59 Data sent
rdpgw_1     | 2021/12/23 10:10:59 Writing data to stream
rdpgw_1     | 2021/12/23 10:10:59 Data packets received server side
rdpgw_1     | 2021/12/23 10:11:01 Message pt: 16, sz: 12
rdpgw_1     | 2021/12/23 10:11:01 Close channel
rdpgw_1     | 2021/12/23 10:11:01 Message pt: 0, sz: 0

connection seems to be closed after sending some data
we are somewhere here
https://github.com/bolkedebruin/rdpgw/blob/master/cmd/rdpgw/protocol/server.go#L145

from rdpgw.

@bolkedebruin it seems we are not the only one, we should probably wait for them to fix so it works over websockets or maybe there will be some param to set
https://techcommunity.microsoft.com/t5/azure-virtual-desktop-feedback/msrdc-10-7-2/idi-p/3042147

from rdpgw.

@krisss85 if you are capturing can you show what RDG_OUT_DATA is showing? Should be above RDG_IN_DATA somewhere.

from rdpgw.

I had a look myself. As per tech community post, the 10.7.2 client (and .3) do not ask for a websocket connection (e.g. there is no "upgrade" in the protocol asked for). This should still work for the docker version (however the legacy connection also seems to fail) but on kubernetes it doesn't and requires websockets.

from rdpgw.

@bolkedebruin the new beta client 10.7.4 resolved the issue, so I believe we can close this one as we are affected by the change on RDP client from MS
https://install.appcenter.ms/orgs/rdmacios-k2vy/apps/microsoft-remote-desktop-for-mac/distribution_groups/all-users-of-microsoft-remote-desktop-for-mac

from rdpgw.