search

Syncplay / syncplay

Client/server to synchronize media playback on mpv/VLC/MPC-HC/MPC-BE on many computers
http://syncplay.pl/
Apache License 2.0
2.11k stars 214 forks source link

Server TLS installation issues #244

Closed jimmydorry closed 5 years ago

jimmydorry commented 5 years ago

Running Ubuntu 18.0.4. I run the syncplay server, and I get the error below. My certificates have just been generated, but it appears that I am missing a required dependency crypto. Any suggestions on what that dependency is? Also, how can I go about finding additional or verbose logs for SyncPlay Server? There is nothing in /var/log/syncplay.log

Error: 

Welcome to Syncplay server, ver. 1.6.4
Error while loading the TLS certificates.
name 'crypto' is not defined
TLS support is not enabled.

SyncPlay Version 1.6.4a

Pip Dependencies:

Running pip list | grep "crypto" gives:

asn1crypto             0.24.0
cryptography           2.7
pycrypto               2.6.1
Mikaela commented 5 years ago

Check pip3 list or that you have installed python3-crypto or python3-pycrypto or whichever it is

jimmydorry commented 5 years ago

pip3 list | grep "crypt"

asn1crypto             0.24.0
crypto                 1.4.1
pycrypto               2.6.1

And still same error:

Welcome to Syncplay server, ver. 1.6.4
Error while loading the TLS certificates.
name 'crypto' is not defined
TLS support is not enabled.
jimmydorry commented 5 years ago

Looking at the server.py. It sounds like it might have something to do with the OpenSSL dependency.

import argparse
import codecs
import hashlib
import os
import random
import time
from string import Template

from twisted.enterprise import adbapi
from twisted.internet import task, reactor
from twisted.internet.protocol import Factory

try:
    from OpenSSL import crypto
    from OpenSSL.SSL import TLSv1_2_METHOD
    from twisted.internet import ssl
except:
    pass
jimmydorry commented 5 years ago

Got it! I had to do pip3 install pyopenssl. I don't remember all the intermediate steps to force an upgrade, but it was only installing pyopenssl (17.5.0). I needed 19.0.0.

jimmydorry commented 5 years ago

The wiki probably needs to be updated to mention dependency on pyopenssl (19.0.0)

albertosottile commented 5 years ago

Thanks for reporting this, I am glad the issue has been solved on your side, but I would like to fix our documentation/wiki as well.

As far as I know, crypto is available in pyOpenSSL 16.0.0, as shown here https://github.com/pyca/pyopenssl/blob/16.0.0/src/OpenSSL/crypto.py . Would it be possible to reproduce the issue on your system by downgrading pyOpenSSL accordingly? Can you tell us also what Python version are you using?

Thanks for your assistance.

jimmydorry commented 5 years ago

Alright. I'll install from scratch tomorrow in a blank VM. I need to clean up my installation guide anyway.

jimmydorry commented 5 years ago

I started from a fresh Ubuntu 18.04 VM, and didn't have any issues this time. It's possible that there were legacy libraries that somehow carried through on the original VM that I have been using and upgrading overtime (Ubuntu 14.04 to 18.04). I had a lot of issues originally installing syncplay server, but these issues have gone away with Ubuntu 18.04. I culled a lot of extra steps out of my personal installation guide.

I did note that pip was installing certifi 2018.01.18 though. To force it to use the recommended version, you need to run pip install certifi==2018.11.29. It didn't seem to be an issue with the old library though.

The process I followed (mostly following https://blog.cybrox.eu/posts/setup-a-proper-syncplay-server-on-ubuntu-debian):

########################
## SETTING UP SYNCPLAY SERVER
########################

sudo useradd -r syncplay
sudo mkdir /home/syncplay
sudo chown syncplay:syncplay /home/syncplay
cd /home/syncplay

git clone https://github.com/Syncplay/syncplay.git ./

sudo chown -R syncplay:syncplay ./*

sudo apt-get install make
sudo make install

sudo apt-get install python3 python3-pip

sudo apt-get install build-essential cmake libqt4-dev libxml2-dev libxslt1-dev python3-dev python3-pip

cd /home/syncplay
curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py
python3 get-pip.py

pip install PySide
pip install twisted[tls]
pip install certifi
pip install pyopenssl

########################
## Updating SyncPlay
########################

cd /home/syncplay
git pull

## change the 'v1.6.2' below to the latest version
git checkout tags/v1.6.2

########################
## Startup Service
########################

nano -w /etc/systemd/system/syncplay
### copy in the bash file contents https://gist.github.com/jimmydorry/734e8d964041c83465f569179121419b
chmod +x /etc/systemd/system/syncplay
update-rc.d syncplay defaults
systemctl enable syncplay

########################
## SETTING UP LETSENCRYPT CERT RENEWAL WITH CLOUDFLARE DNS
########################

mkdir /home/certbot
mkdir /home/certbot/.secrets
chmod 0400 /home/certbot/.secrets
echo 'dns_cloudflare_email = "youremail@example.com"' > /home/certbot/.secrets/cloudflare.ini
echo 'dns_cloudflare_api_key = "XXXXXXXXXXXXXXXXXXXXXXX"' >> /home/certbot/.secrets/cloudflare.ini
chmod 0400 /home/certbot/.secrets/cloudflare.ini

nano /home/certbot/.secrets/cloudflare.ini
## UPDATE CREDENTIALS

pip install certbot-dns-cloudflare
## Now you should have Certbot installed in /usr/local/bin/certbot, and have the CloudFlare DNS Authenticator plugin installed and activated along with it.

## TO GENERATE A CERT MANUALLY
/usr/local/bin/certbot certonly --dns-cloudflare --dns-cloudflare-credentials /home/certbot/.secrets/cloudflare.ini -d __YOUR_DOMAIN__ --preferred-challenges dns-01
## Replace __YOUR_DOMAIN__ with the domain that you are making the certificate for

## ADD A CRONTAB ENTRY TO AUTOMATE
14 5 * * * /usr/local/bin/certbot renew --quiet > /dev/null 2>&1