Collabora Online is a collaborative online office suite based on LibreOffice technology. This is also the source for the Collabora Office apps for iOS and Android.
Hey guys,
I was waiting for the release of 6.4.11 because a very similar bug was reported in #3199 (the only difference was that I'm using nginx instead of HAProxy) but after updating today still see the same behavior. Collabora online is accepting my CODE server incl. certificate check.
Describe the bug
Collabora Code is not opening the files in Nextcloud instance. After trying to open a file errors are appearing in loolwsd stutus.
To Reproduce
Open a file in NC
Expected behavior
File is opening in NC.
Actual behavior
Files are not opening.
Screenshots
Desktop
Nextcloud 22.1.1
Nginx 1.18.0-0
Linux Mint 20.1
Collabora Online 4.2.3
Collabor Code 6.4.11-3
PHP 7.4
No docker in use
Additional context
loolwsd status:
WRN Failed to verify the certificate of [cloud.XXX.net]| ./net/SslSocket.hpp:196
ERR Socket #27 SSL BIO error: error:1420C0CF:SSL routines:ssl_write_internal:protocol is shutdown (0: Success)| ./net/SslSocket.hpp:330
ERR Error while handling poll for socket #27 in HttpSynReqPoll: error:1420C0CF:SSL routines:ssl_write_internal:protocol is shutdown| net/Socket.cpp:423
ERR WOPI::CheckFileInfo failed for URI [https://cloud.XXX.net/index.php/apps/richdocuments/wopi/files/1351_ocfhv9kwyxj6?access_token=NXcBvZ1wTIdAdcTSmg9xLHXAwk9S>
ERR loading document exception: WOPI::CheckFileInfo failed: | wsd/DocumentBroker.cpp:1926
ERR Failed to add session to [/index.php/apps/richdocuments/wopi/files/1351_ocfhv9kwyxj6] with URI [https://cloud.XXX.net/index.php/apps/richdocuments/wopi/files>
ERR Storage error while starting session on /index.php/apps/richdocuments/wopi/files/1351_ocfhv9kwyxj6 for socket #24. Terminating connection. Error: WOPI::CheckFileI>
WRN Ignoring attempted read from 24| ./net/Socket.hpp:1021
ERR Invalid or unknown session [008] to remove.| wsd/DocumentBroker.cpp:1969
WRN Prisoner connection disconnected but without valid socket.| wsd/LOOLWSD.cpp:2248
Nextcloud log:
Warning Host 127.0.0.1 was not connected to because it violates local access rules
Here is the WOPI part of nano /etc/loolwsd/loolwsd.xml
<wopi allow="true" desc="Allow/deny wopi storage. Mutually exclusive with webdav.">
<host allow="true">office.XXX.net</host>
<host allow="true">cloud.XXX.net</host>
<host allow="true" desc="Regex pattern of hostname to allow or deny.">10\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}</host>
<host allow="true" desc="Regex pattern of hostname to allow or deny.">172\.1[6789]\.[0-9]{1,3}\.[0-9]{1,3}</host>
<host allow="true" desc="Regex pattern of hostname to allow or deny.">172\.2[0-9]\.[0-9]{1,3}\.[0-9]{1,3}</host>
<host allow="true" desc="Regex pattern of hostname to allow or deny.">172\.3[01]\.[0-9]{1,3}\.[0-9]{1,3}</host>
<host allow="true" desc="Regex pattern of hostname to allow or deny.">192\.168\.[0-9]{1,3}\.[0-9]{1,3}</host>
<host allow="true" desc="Regex pattern of hostname to allow or deny.">[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}</host>
<host allow="false" desc="Regex pattern of hostname to allow or deny.">192\.168\.1\.1</host>
<max_file_size desc="Maximum document size in bytes to load. 0 for unlimited." type="uint">0</max_file_size>
<reuse_cookies default="false" desc="When enabled, cookies from the browser will be captured and set on WOPI requests." type="bool">false</reuse_cookies>
<locking desc="Locking settings">
<refresh default="900" desc="How frequently we should re-acquire a lock with the storage server, in seconds (default 15 mins) or 0 for no refresh" type="int">900</refresh>
</locking>
</wopi>
…and the SSL part:
<ssl desc="SSL settings">
<enable default="true" desc="Controls whether SSL encryption between browser and loolwsd is enabled (do not disable for production deployment). If default is false, must first be compiled with SSL support to enable." type="bool">true</enable>
<termination default="true" desc="Connection via proxy where loolwsd acts as working via https, but actually uses http." type="bool">false</termination>
<cert_file_path desc="Path to the cert file" relative="false">/etc/loolwsd/fullchain.pem</cert_file_path>
<key_file_path desc="Path to the key file" relative="false">/etc/loolwsd/privkey.pem</key_file_path>
<ca_file_path desc="Path to the ca file" relative="false">/etc/loolwsd/cert.pem</ca_file_path>
<cipher_list default="ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH" desc="List of OpenSSL ciphers to accept"/>
<hpkp desc="Enable HTTP Public key pinning" enable="false" report_only="false">
<max_age desc="HPKP's max-age directive - time in seconds browser should remember the pins" enable="true">1000</max_age>
<report_uri desc="HPKP's report-uri directive - pin validation failure are reported at this URL" enable="false"/>
<pins desc="Base64 encoded SPKI fingerprints of keys to be pinned">
<pin/>
</pins>
</hpkp>
</ssl>
/etc/hosts
127.0.0.1 localhost
127.0.1.1 XXX
127.0.0.1 meet.XXX.net
127.0.0.1 office.XXX.net
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
Collabora online is accepting my CODE server incl. certificate check.
Hey guys, I was waiting for the release of 6.4.11 because a very similar bug was reported in #3199 (the only difference was that I'm using nginx instead of HAProxy) but after updating today still see the same behavior. Collabora online is accepting my CODE server incl. certificate check.
Describe the bug Collabora Code is not opening the files in Nextcloud instance. After trying to open a file errors are appearing in loolwsd stutus.
To Reproduce Open a file in NC
Expected behavior File is opening in NC.
Actual behavior Files are not opening.
Screenshots
Desktop
Additional context loolwsd status:
Nextcloud log:
Warning Host 127.0.0.1 was not connected to because it violates local access rules
Nginx conf:
Here is the WOPI part of nano /etc/loolwsd/loolwsd.xml
…and the SSL part:
/etc/hosts
Collabora online is accepting my CODE server incl. certificate check.