Jump to content

SSL is being fixed


Nick Bolton

Recommended Posts

  • Synergy Team
Nick Bolton
Hello, Many users are experiencing problems with our new SSL feature. We are furiously working away on a bug fix release, which we plan to have ready by May 27th. You can track our progress here: https://github.com/synergy/synergy/mile ... 7.3-stable In the meantime, you can try any 1 of 3 workarounds: 1. [url=http://synergy-project.org/download/?alt]Downgrade to 1.6[/url] 2. Delete the ns.dll plugin 3. Disable SSL from settings Thanks, Nick
Link to comment
Share on other sites

phil fluffy
Just ran into another ssl bug today and making you aware via here, if a client is not running synergy pro and tries to connect to my pro enabled server, the server does not degrade to non ssl mode for that client, and indeed appears to hang the server from SSL clients with repeated ssl handshake errors (I think the unencrypted client is saying HELO in cleartext but its being handed straight to openssl wrapper as a ssl init string and openssl doesnt know what to do) & until the non ssl client is silenced and synergys restarted. Versions in use are synergy-1.7.2 all built from source (gentoo...). I have ssl working on all my machines, the only real gotcha apart from the above is the machines with the client on all have to be registered online as part of the setup process which means I have to log into each keyboard and mouseless machine via ssh -XYA and start up synergy and run through the registration as it appears to change something in the install during registration (though you have stopped pushing me the nsplugin linked against the wrong libs now, yay!). Its clear to me that you are going to have users that don't understand how to do this hoop and mixed with the first issue, its going to be a source of frustration for users. SSL is a great feature, and I for one *need* it because I dont control one of the windows machines I km to, and cant run stunnel or a ssh tunnel easily. On the windows client side its been fine. One last gripe, there doesnt seem to be a way clientside to see if its encrypted or not apart from taking a packet dump, as I start up synergyc as part of GDM Init so local user login can be done over the network. Now its not very important, but if you add a feature that lets the ssl degrade its negotiation for non ssl clients, it could be worth thinking about. I mentioned the no --enable-crypto in the docs, but Im sure you are on that already.
Link to comment
Share on other sites

Ben Koenig
Thanks Nick! On the plus side, Synergy still works. You can get set up and everything so that once SSL is ship shape your configuration is ready to go. Friendly reminder if you are on an exposed network! :o I think Synergy fits into a very nice spot. It's those weird people that write crazy encryption code for SSL that make life hard! I'm not much of a programmer, but in coder speak SSL != Synergy :D Kudos guys
Link to comment
Share on other sites

eddie dilanchian
[quote="Nick Bolton"]Hello, Many users are experiencing problems with our new SSL feature. We are furiously working away on a bug fix release, which we plan to have ready by May 27th. You can track our progress here: https://github.com/synergy/synergy/mile ... 7.3-stable In the meantime, you can try any 1 of 3 workarounds: 1. [url=http://synergy-project.org/download/?alt]Downgrade to 1.6[/url] 2. Delete the ns.dll plugin 3. Disable SSL from settings Thanks, Nick[/quote] i dont see the ns.dll any ideas ???
Link to comment
Share on other sites

David Bowser
Just an odd testing note for me: Mac to mac is not working with SSL enabled, but Windows to Mac was. Assuming Mac server and Windows and Mac clients. I disabled SSL as a workaround for my Macs, but I figured you should take a look at that from a testing perspective.
Link to comment
Share on other sites

Ben Koenig
[quote="Esther Singer"]where do I disable ssl?[/quote] It's actually labeled in settings as "Network Encryption" I believe. SSL, OpenSSL are the official names for the technology/projects that secure network communication. If you see an option for Encryption anywhere, it is safe to assume SSL. EDIT: Sorry, it is "SSL encryption". My mistake.
Link to comment
Share on other sites

Ben Koenig
Also, I don't use Windows 7 as my primary OS. My installation is generally unused and therefore as almost as fresh as the day I installed it + patches and updates. I can confirm that these Encryption and OpenSSL issues have not occurred a single time for me. I will document my setup here: - Windows 7 x86_64 Service Pack 1 - Installed 1.7.2 without any previous installation of Synergy. This means no registry keys and nothing in appdata. - Fairly open firewall. I am behind a home router. Generally a computer a computer will not enter my network without me knowing. Making Windows Firewall on a stationary Desktop almost pointless. When Synergy Crashes Windows keeps a hold of some pieces of it instead of letting the crash go. After crashes, such as the SSL handshake error others have experienced on Windows 7 follow these steps in this order precisely: 1) Close Synergy on the Client. 2) End the process "synergys.exe from Task Manager 3) Close the Synergy Graphical Application. It will complain. Force it to close however you can. 4) Count to 5 5) Done counting. Restart GUI and disable "SSL Encryption" Works on Windows 7 64bit. No need to delete anything.
Link to comment
Share on other sites

phil fluffy
[quote="David Bowser"]Just an odd testing note for me: Mac to mac is not working with SSL enabled, but Windows to Mac was. Assuming Mac server and Windows and Mac clients. I disabled SSL as a workaround for my Macs, but I figured you should take a look at that from a testing perspective.[/quote] David, just as a aside, have you run the synergy gui on each of the clients? if ssl is enabled, each client machine that connects has to be registered to get the ns plugin downloaded and enabled. I think from a functional point of view, if only the server required registration that would make things easier for customers. I bumped up to the latest stable and my setup is all working fine still. Gentoo server, gentoo + windows clients. Although I had to re-run registration on every client and the server yet again with the version bump. Somewhat tiresome...
Link to comment
Share on other sites

Ala Ibrahim
So after upgrading to 1.7.3 SSL stopped working (server Fedora, Client Mac 10.10) [code] ERROR: ssl error occurred (generic failure) ERROR: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number [/code] Not sure if it's related (although it looks like it), when running the "run wizard" on server, while installing plugins, it always says "Error: Could not get Linux package type." For the time being I'm disabling SSL for it to work.
Link to comment
Share on other sites

Alan Netherclift
Upgraded to 1.7.3 this morning on both client and server. Synergy Pro Server: Windows 7 64-bit Client: Mac OS X 10.8.5 With SSL turned on, Client, when started, would instantly stop. turned SSL off for both and works fine. Hope this helps.
Link to comment
Share on other sites

  • Synergy Team
Nick Bolton
[url=http://synergy-project.org/forum/viewtopic.php?f=13&t=360]Synergy 1.7.3 released[/url]
Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...