Freerdp fails to connect with "ERRCONNECT_CONNECT_CANCELLED"

[beerdedfellow]

Describe the bug I am attempting to use freerdp with a gateway. The tunnel looks to be correctly provisioned through the gateway[1], but then when making the attempt to connect to the target device I get the ERRCONNECT_CONNECT_CANCELLED error and my user session crashes[2]. It might be interesting to note that my user session crashes and I have to log back in when I execute freerdp directly, but not when using RoyalTSX (though I get the exact same error).

[1]

[12:47:28:967] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.tsg] - TSG_STATE_INITIAL -> TSG_STATE_INITIAL
[12:47:28:007] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.rts] - Reading PDU type PTYPE_RESPONSE
[12:47:28:007] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.tsg] - TsProxyCreateTunnelReadResponse: TSG_PACKET_TYPE_CAPS_RESPONSE
[12:47:28:007] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.tsg] - TSG_STATE_INITIAL -> TSG_STATE_CONNECTED
[12:47:28:007] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.tsg] - TsProxyAuthorizeTunnelWriteRequest
[12:47:28:043] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.rts] - Reading PDU type PTYPE_RESPONSE
[12:47:28:043] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.tsg] - TsProxyAuthorizeTunnelReadResponse: TSG_PACKET_TYPE_RESPONSE
[12:47:28:043] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.tsg] - TSG_STATE_CONNECTED -> TSG_STATE_AUTHORIZED
[12:47:28:043] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.tsg] - TsProxyMakeTunnelCallWriteRequest
[12:47:28:043] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.tsg] - TsProxyCreateChannelWriteRequest
[12:47:28:091] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.rts] - Reading PDU type PTYPE_RESPONSE
[12:47:28:091] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.tsg] - TsProxyCreateChannelReadResponse
[12:47:28:091] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.tsg] - TSG_STATE_AUTHORIZED -> TSG_STATE_CHANNEL_CREATED
[12:47:28:091] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.tsg] - TsProxySetupReceivePipeWriteRequest
[12:47:28:091] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.tsg] - TSG_STATE_CHANNEL_CREATED -> TSG_STATE_PIPE_CREATED
[12:47:28:091] [14459:061fa000] [INFO][com.freerdp.core.gateway.tsg] - TS Gateway Connection Success

[2]

[12:47:28:091] [14459:061fa000] [DEBUG][com.freerdp.core.nego] - Routing token looks correctly terminated - use verbatim
[12:47:28:091] [14459:061fa000] [DEBUG][com.freerdp.core.nego] - RequestedProtocols: 3
[12:47:28:192] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.rts] - Reading PDU type PTYPE_RESPONSE
[12:47:28:192] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.rts] - Reading PDU type PTYPE_RESPONSE
[12:47:28:193] [14459:061fa000] [DEBUG][com.freerdp.core.nego] - RDP_NEG_RSP
[12:47:28:193] [14459:061fa000] [DEBUG][com.freerdp.core.nego] - RDP_NEG_RSP::flags = { [0x01] |EXTENDED_CLIENT_DATA_SUPPORTED }
[12:47:28:193] [14459:061fa000] [DEBUG][com.freerdp.core.nego] - selected_protocol: 2
[12:47:28:193] [14459:061fa000] [DEBUG][com.freerdp.core.nego] - state: NEGO_STATE_FINAL
[12:47:28:193] [14459:061fa000] [DEBUG][com.freerdp.core.nego] - Negotiated NLA security
[12:47:28:193] [14459:061fa000] [DEBUG][com.freerdp.core.nego] - nego_security_connect with PROTOCOL_HYBRID
[12:47:28:294] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.rts] - Reading PDU type PTYPE_RESPONSE
[12:47:28:294] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.rts] - Reading PDU type PTYPE_RESPONSE
[12:47:28:395] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.rts] - Reading PDU type PTYPE_RESPONSE
[12:47:28:395] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.rts] - Reading PDU type PTYPE_RESPONSE
[12:47:28:395] [14459:061fa000] [DEBUG][com.winpr.sspi] - InitSecurityInterfaceExA
[12:47:28:395] [14459:061fa000] [DEBUG][com.freerdp.core.nla] - nla_client_init 411 : packageName=Negotiate ; cbMaxToken=12256
[12:47:28:396] [14459:061fa000] [DEBUG][com.winpr.sspi.NTLM] - change state from NTLM_STATE_INITIAL to NTLM_STATE_INITIAL
[12:47:28:396] [14459:061fa000] [DEBUG][com.winpr.sspi.NTLM] - change state from NTLM_STATE_INITIAL to NTLM_STATE_NEGOTIATE
[12:47:28:396] [14459:061fa000] [DEBUG][com.winpr.sspi.NTLM] - Write flags [0xe20882b7] NTLMSSP_NEGOTIATE_UNICODE|NTLMSSP_NEGOTIATE_OEM|NTLMSSP_REQUEST_TARGET|NTLMSSP_NEGOTIATE_SIGN|NTLMSSP_NEGOTIATE_SEAL|NTLMSSP_NEGOTIATE_LM_KEY|NTLMSSP_NEGOTIATE_NTLM|NTLMSSP_NEGOTIATE_ALWAYS_SIGN|NTLMSSP_NEGOTIATE_EXTENDED_SESSION_SECURITY|NTLMSSP_NEGOTIATE_VERSION|NTLMSSP_NEGOTIATE_128|NTLMSSP_NEGOTIATE_KEY_EXCH
[12:47:28:396] [14459:061fa000] [DEBUG][com.winpr.sspi.NTLM] - change state from NTLM_STATE_NEGOTIATE to NTLM_STATE_CHALLENGE
[12:47:28:396] [14459:061fa000] [DEBUG][com.freerdp.core.nla] - Client: Sending Authentication Token
[12:47:28:396] [14459:061fa000] [DEBUG][com.freerdp.core.nla] - NLA.negoToken (length = 40):
[12:47:29:501] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.rts] - Reading PDU type PTYPE_RESPONSE
[12:47:29:501] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.rts] - Reading PDU type PTYPE_RESPONSE
[12:47:29:501] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.rts] - Reading PDU type PTYPE_RESPONSE
[12:47:29:501] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.rts] - Reading PDU type PTYPE_RESPONSE
[12:47:29:501] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.rts] - Reading PDU type PTYPE_RESPONSE
[12:47:29:501] [14459:061fa000] [DEBUG][com.freerdp.core.nla] - CredSSP protocol support 6, peer supports 6
[12:47:29:501] [14459:061fa000] [DEBUG][com.winpr.sspi.NTLM] - Read flags [0xe2898235] NTLMSSP_NEGOTIATE_UNICODE|NTLMSSP_REQUEST_TARGET|NTLMSSP_NEGOTIATE_SIGN|NTLMSSP_NEGOTIATE_SEAL|NTLMSSP_NEGOTIATE_NTLM|NTLMSSP_NEGOTIATE_ALWAYS_SIGN|NTLMSSP_TARGET_TYPE_DOMAIN|NTLMSSP_NEGOTIATE_EXTENDED_SESSION_SECURITY|NTLMSSP_NEGOTIATE_TARGET_INFO|NTLMSSP_NEGOTIATE_VERSION|NTLMSSP_NEGOTIATE_128|NTLMSSP_NEGOTIATE_KEY_EXCH
[12:47:29:501] [14459:061fa000] [DEBUG][com.winpr.sspi.NTLM] - change state from NTLM_STATE_CHALLENGE to NTLM_STATE_AUTHENTICATE
[12:47:29:502] [14459:061fa000] [DEBUG][com.winpr.sspi.NTLM] - Write flags [0xe288b235] NTLMSSP_NEGOTIATE_UNICODE|NTLMSSP_REQUEST_TARGET|NTLMSSP_NEGOTIATE_SIGN|NTLMSSP_NEGOTIATE_SEAL|NTLMSSP_NEGOTIATE_NTLM|NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED|NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED|NTLMSSP_NEGOTIATE_ALWAYS_SIGN|NTLMSSP_NEGOTIATE_EXTENDED_SESSION_SECURITY|NTLMSSP_NEGOTIATE_TARGET_INFO|NTLMSSP_NEGOTIATE_VERSION|NTLMSSP_NEGOTIATE_128|NTLMSSP_NEGOTIATE_KEY_EXCH
[12:47:29:502] [14459:061fa000] [DEBUG][com.winpr.sspi.NTLM] - change state from NTLM_STATE_AUTHENTICATE to NTLM_STATE_FINAL
[12:47:29:502] [14459:061fa000] [DEBUG][com.freerdp.core.nla] - Client: Sending Authentication Token
[12:47:29:502] [14459:061fa000] [DEBUG][com.freerdp.core.nla] - NLA.negoToken (length = 524):
[12:47:29:502] [14459:061fa000] [DEBUG][com.freerdp.core.nla] - NLA.pubKeyAuth (length = 48):
[12:47:29:605] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.rts] - Reading PDU type PTYPE_RESPONSE
[12:47:29:605] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.rts] - Reading PDU type PTYPE_RESPONSE
[12:47:29:605] [14459:061fa000] [DEBUG][com.freerdp.core.nla] - Client: Sending PubKeyAuth Token
[12:47:29:605] [14459:061fa000] [DEBUG][com.freerdp.core.nla] - NLA.authInfo (length = 115):
[12:47:29:708] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.rts] - Reading PDU type PTYPE_RESPONSE
[12:47:29:708] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.rts] - Reading PDU type PTYPE_RESPONSE
[12:47:34:754] [14459:061fa000] [DEBUG][com.freerdp.core.gateway.rts] - Reading PDU type PTYPE_RESPONSE
[12:47:34:755] [14459:061fa000] [ERROR][com.freerdp.core] - freerdp_abort_connect:freerdp_set_last_error_ex ERRCONNECT_CONNECT_CANCELLED [0x0002000B]
[12:47:38:663] [14459:061fa000] [ERROR][com.freerdp.core.connection] - Timeout waiting for activation
[12:47:38:663] [14459:061fa000] [DEBUG][com.freerdp.core] - rdp_check_fds() - -1
[12:47:38:663] [14459:061fa000] [INFO][com.freerdp.client.common] - Network disconnect!
[12:47:38:663] [14459:061fa000] [INFO][com.freerdp.client.common] - Attempting reconnect (1 of 3)
[12:47:38:663] [14459:061fa000] [WARN][com.freerdp.client.common] - Autoreconnect aborted by user
[12:47:38:697] [14459:061fa000] [ERROR][com.freerdp.client.common] - Maximum reconnect retries exceeded      

To Reproduce Execute freerdp. Example command: /usr/local/bin/xfreerdp /cert-ignore /cert-tofu /auto-reconnect /auto-reconnect-max-retries:3 /clipboard /bpp:16 /size:1280x960 /log-level:DEBUG /g:xxx.gateway.xxx.com /gd:XXXXXXXXX /gu:xxxxxxxx /gp:xxxxxxxxxxxxxxxx /v:vts.xxx.xxx.xx.io:3389 /t:vts.xxx.xxx.xxx.io /d:XXXXXXXX /p:xxxxxxxxxxxxxxxxxx /u:xxxxxxxxxxxx

Expected behavior Connection successful. User session does not crash.

Screenshots

Application details

• FreeRDP version (xfreerdp /version)

  This is FreeRDP version 2.8.0 (2.8.0)

• Command line used /usr/local/bin/xfreerdp /cert-ignore /cert-tofu /auto-reconnect /auto-reconnect-max-retries:3 /clipboard /bpp:16 /size:1280x960 /log-level:DEBUG /g:xxx.gateway.xxx.com /gd:XXXXXXXXX /gu:xxxxxxxx /gp:xxxxxxxxxxxxxxxx /v:vts.xxx.xxx.xx.io:3389 /t:vts.xxx.xxx.xxx.io /d:XXXXXXXX /p:xxxxxxxxxxxxxxxxxx /u:xxxxxxxxxxxx

• Output of xfreerdp /buildconfig

  $ xfreerdp /buildconfig
  This is FreeRDP version 2.8.0 (2.8.0)
  Build configuration: BUILD_TESTING=OFF BUILTIN_CHANNELS=ON HAVE_AIO_H=1 HAVE_EXECINFO_H=1 HAVE_FCNTL_H=1 HAVE_FLAG_SEARCH_PATHS_FIRST=1 HAVE_GETLOGIN_R=1 HAVE_GETPWUID_R=1 HAVE_INTTYPES_H=1 HAVE_MATH_C99_LONG_DOUBLE=1 HAVE_POLL_H=1 HAVE_PTHREAD_MUTEX_TIMEDLOCK_LIB= HAVE_PTHREAD_MUTEX_TIMEDLOCK_LIBS= HAVE_PTHREAD_MUTEX_TIMEDLOCK_SYMBOL= HAVE_SYSLOG_H=1 HAVE_SYS_EVENTFD_H= HAVE_SYS_FILIO_H=1 HAVE_SYS_MODEM_H= HAVE_SYS_SELECT_H=1 HAVE_SYS_SOCKIO_H=1 HAVE_SYS_STRTIO_H= HAVE_SYS_TIMERFD_H= HAVE_TM_GMTOFF=1 HAVE_UNISTD_H=1 HAVE_XI_TOUCH_CLASS=1 WITH_CAIRO=OFF WITH_CCACHE=ON WITH_CHANNELS=ON WITH_CLANG_FORMAT=ON WITH_CLIENT=ON WITH_CLIENT_AVAILABLE=1 WITH_CLIENT_CHANNELS=ON WITH_CLIENT_CHANNELS_AVAILABLE=1 WITH_CLIENT_COMMON=ON WITH_CLIENT_INTERFACE=OFF WITH_CLIENT_MAC=ON WITH_CUPS=ON WITH_DEBUG_ALL=OFF WITH_DEBUG_CAPABILITIES=OFF WITH_DEBUG_CERTIFICATE=OFF WITH_DEBUG_CHANNELS=OFF WITH_DEBUG_CLIPRDR=OFF WITH_DEBUG_DVC=OFF WITH_DEBUG_KBD=OFF WITH_DEBUG_LICENSE=OFF WITH_DEBUG_MUTEX=OFF WITH_DEBUG_NEGO=OFF WITH_DEBUG_NLA=OFF WITH_DEBUG_NTLM=OFF WITH_DEBUG_RAIL=OFF WITH_DEBUG_RDP=OFF WITH_DEBUG_RDPDR=OFF WITH_DEBUG_RDPEI=OFF WITH_DEBUG_RDPGFX=OFF WITH_DEBUG_REDIR=OFF WITH_DEBUG_RFX=OFF WITH_DEBUG_RINGBUFFER=OFF WITH_DEBUG_SCARD=OFF WITH_DEBUG_SND=OFF WITH_DEBUG_SVC=OFF WITH_DEBUG_SYMBOLS=OFF WITH_DEBUG_THREADS=OFF WITH_DEBUG_TIMEZONE=OFF WITH_DEBUG_TRANSPORT=OFF WITH_DEBUG_TSG=OFF WITH_DEBUG_TSMF=OFF WITH_DEBUG_TSMF=OFF WITH_DEBUG_TSMF_AVAILABLE=0 WITH_DEBUG_URBDRC=OFF WITH_DEBUG_WND=OFF WITH_DEBUG_X11=OFF WITH_DEBUG_X11_CLIPRDR=OFF WITH_DEBUG_X11_LOCAL_MOVESIZE=OFF WITH_DEBUG_XV=OFF WITH_DSP_EXPERIMENTAL=OFF WITH_FAAC=OFF WITH_FAAD2=OFF WITH_FFMPEG=OFF WITH_GFX_H264=OFF WITH_GPROF=OFF WITH_GSM=OFF WITH_GSSAPI=OFF WITH_ICU=OFF WITH_JPEG=ON WITH_LAME=OFF WITH_LIBRARY_VERSIONING=ON WITH_LIBSYSTEMD=OFF WITH_MACAUDIO=ON WITH_MACAUDIO_AVAILABLE=1 WITH_MANPAGES=ON WITH_MBEDTLS=OFF WITH_OPENCL=OFF WITH_OPENH264=OFF WITH_OPENSSL=ON WITH_PCSC=ON WITH_PROFILER=OFF WITH_PULSE=OFF WITH_SAMPLE=OFF WITH_SANITIZE_ADDRESS=OFF WITH_SANITIZE_ADDRESS_AVAILABLE=1 WITH_SANITIZE_MEMORY=OFF WITH_SANITIZE_MEMORY_AVAILABLE=1 WITH_SANITIZE_THREAD=OFF WITH_SANITIZE_THREAD_AVAILABLE=1 WITH_SERVER=OFF WITH_SERVER_INTERFACE=ON WITH_SMARTCARD_INSPECT=OFF WITH_SOXR=OFF WITH_SSE2=ON WITH_SWSCALE=OFF WITH_THIRD_PARTY=OFF WITH_VALGRIND_MEMCHECK=OFF WITH_VALGRIND_MEMCHECK_AVAILABLE=1 WITH_VERBOSE_WINPR_ASSERT=ON WITH_WINPR_TOOLS=ON WITH_X11=ON WITH_XCURSOR=ON WITH_XEXT=ON WITH_XFIXES=ON WITH_XI=ON WITH_XINERAMA=ON WITH_XKBFILE=OFF WITH_XRANDR=ON WITH_XRENDER=ON WITH_XSHM=ON WITH_XV=ON WITH_ZLIB=ON
  Build type:          Release
  CFLAGS:               -Wno-unused-parameter -Wno-unused-macros -Wno-padded -Wno-c11-extensions -Wno-gnu -Wno-unused-command-line-argument -Wno-deprecated-declarations -fno-omit-frame-pointer -DWINPR_DLL
  Compiler:            Clang, 13.1.6.13160021
  Target architecture: x64 

• OS version connecting to (server side) Windows Server 2019

• If available the log output from a run with /log-level:trace 2>&1 | tee log.txt freerdp_log.txt

• If you built it yourself add some notes which tag/commit/branch you have used, also your cmake parameters and compiler can help Installed via homebrew

Environment (please complete the following information):

• OS: [e.g. Linux/Windows/Android/..] OSX

• Version/Distribution: [e.g. Debian 10, Windows 2008, Android 10] Monterey 12.6

• Architecture: [amd64, arm]: arm

Additional context Troubleshooting with internal teams, nothing yet identified.

[akallabeth]

[12:47:38:663] [14459:061fa000] [ERROR][com.freerdp.core.connection] - Timeout waiting for activation check your server configuration.

[beerdedfellow]

I didn’t assume the connectivity issue was the fault of freerdp, but why is it crashing my GUI?

• Ryan

Sent via mobile

On Oct 12, 2022, at 10:42 PM, akallabeth @.***> wrote:

 Closed #8305 as completed.

— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you authored the thread.

[akallabeth]

@beerdedfellow which crash are you talking about? you just added a screenshot of some UI to display error return codes?

[beerdedfellow]

I can’t share a screenshot unfortunately because the entire GUI session crashes and I have to log back in. The screenshot I shared was from royalTSX, a gui that uses freerdp as a plug-in.

I’ve since gotten royalTSX to work, but still get the same failure message and GUI crash when executing xfreerdp on the command line. Presumably this is because it’s offering an ssh key (this was the problem with royal), but I’m not sure why freerdp would do that. I’m not specifying a key and no keys were loaded into my ssh agent (but why would ssh matter?). Any chance ssh keys interact with freerdp for some reason?

Appreciate the help.

• Ryan

Sent via mobile

On Oct 13, 2022, at 8:07 AM, akallabeth @.***> wrote:

 @beerdedfellow which crash are you talking about? you just added a screenshot of some UI to display error return codes?

— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were mentioned.

[akallabeth]

@beerdedfellow ssh key? which GUI are we talking about? (mac? that would be even more strange there as xfreerdp is X11 and could at most crash XQuartz) and nothing in the log indicates something other than a normal program termination.