Pasting too long of a string causes an unknown error

[ibeckermayer]

Description

Pasting an amount of text apparently above some relatively small threshold causes an unknown error in our RDP client which causes the RDP connection to terminate.

Reproduction Steps

1. Start a Desktop Access session with clipboard sharing enabled
2. Copy the text below
3. Paste it into Notepad
4. You should see the error message "Session disconnected for an unkown reason" [sic]

teleport:
  nodename: Isaiahs-MacBook-Pro.local
  log:
    output: stderr
    severity: INFO
    format:
      output: text
  ca_pin:
    ["sha256:aaaaaaad4ffccccccccccccccbbbbbbbc5185219d1d867f9fcaab6ae96678799"]
  diag_addr: ""
  data_dir: /Users/ibeckermayer/teleport-config/desktop-access/data
auth_service:
  enabled: "yes"
  listen_addr: 0.0.0.0:3025
  license_file: /Users/ibeckermayer/teleport-config/desktop-access/no-desktops-license.pem

  # authentication:
  # type: local
  # second_factor: off
  # second_factor: optional
  # require_session_mfa: yes
  # webauthn:
  # rp_id: proxy.0.0.0.0.nip.io
  # disabled: true
  # u2f:
  #   app_id: https://localhost:8080
  #   facets:
  #     - https://localhost:8080
  # u2f:
  #   app_id: https://proxy.0.0.0.0.nip.io
  #   facets:
  #     - https://proxy.0.0.0.0.nip.io
  #     - https://proxy.0.0.0.0.nip.io:8080
  # second_factor: off
  authentication:
    type: local
    second_factor: off
  # authentication:
  #   type: local
  #   second_factor: optional
  #   require_session_mfa: yes
  #   webauthn:
  #     rp_id: proxy.0.0.0.0.nip.io
  # authentication:
  #   type: local
  #   second_factor: optional
  #   require_session_mfa: yes
  #   webauthn:
  #     disabled: true
  #   u2f:
  #     app_id: https://proxy.0.0.0.0.nip.io
  #     facets:
  #       - https://proxy.0.0.0.0.nip.io
  #       - https://proxy.0.0.0.0.nip.io:8080

ssh_service:
  enabled: "yes"
  labels:
    env: example
  commands:
    - name: hostname
      command: [hostname]
      period: 1m0s
proxy_service:
  enabled: "yes"
  listen_addr: 0.0.0.0:3023
  https_keypairs: []
  acme: {}
windows_desktop_service:
  enabled: yes
  listen_addr: "0.0.0.0:3028"
  ldap:
    addr: "172.16.97.186:636"
    domain: "teleport.dev"
    username: 'TELEPORT\svc-teleport'
    # password_file: "/Users/ibeckermayer/teleport-config/desktop-access/ldap.pass"
    insecure_skip_verify: true
    # der_ca_file: /Users/ibeckermayer/windows-server-2012-shared/der-ca-file.cer
  # hosts:
  #   - "100.104.52.89"
  discovery:
    base_dn: "*"
  host_labels:
    - match: ".*"
      labels:
        env: prod
        foo: bar

Server Details

• Teleport version (run teleport version): v9.0.0-beta.1
• Server OS (e.g. from /etc/os-release): MacOS 12.2.1
• Where are you running Teleport? (e.g. AWS, GCP, Dedicated Hardware): Macbook

Debug Logs

GLOBAL: Unknown Fast Path order RdpError(RdpError { kind: NotImplemented, message: "GLOBAL: Fast Path parsing not implemented FastpathUpdatetypePtrDefault" })
GLOBAL: Unknown Fast Path order RdpError(RdpError { kind: NotImplemented, message: "GLOBAL: Fast Path parsing not implemented FastpathUpdatetypePtrDefault" })
GLOBAL: Unknown Fast Path order RdpError(RdpError { kind: NotImplemented, message: "GLOBAL: Fast Path parsing not implemented FastpathUpdatetypePtrDefault" })
GLOBAL: Unknown Fast Path order RdpError(RdpError { kind: NotImplemented, message: "GLOBAL: Fast Path parsing not implemented FastpathUpdatetypePtrDefault" })
GLOBAL: Unknown Fast Path order RdpError(RdpError { kind: NotImplemented, message: "GLOBAL: Fast Path parsing not implemented FastpathUpdatetypePtrDefault" })
GLOBAL: Receive error PDU from server 4395
2022-02-25T14:24:27-05:00 INFO [WINDOWS_D] RDP output streaming finished client-ip:::1 desktop-addr:172.16.97.186:3389 desktop-name:WIN-JR2L4P7KN15-teleport-dev rdp-addr:172.16.97.186:3389 rdpclient/client.go:257
2022-02-25T14:24:27-05:00 WARN [WINDOWS_D] Error closing RDP connection: failed writing RDP keyboard event: Io(Os { code: 54, kind: ConnectionReset, message: "Connection reset by peer" }) client-ip:::1 desktop-addr:172.16.97.186:3389 desktop-name:WIN-JR2L4P7KN15-teleport-dev rdp-addr:172.16.97.186:3389 rdpclient/client.go:446
2022-02-25T14:24:27-05:00 WARN [WINDOWS_D] Failed forwarding RDP key press: failed writing RDP keyboard event: Io(Custom { kind: Other, error: Error { code: -9806, message: "connection closed via error" } }) client-ip:::1 desktop-addr:172.16.97.186:3389 desktop-name:WIN-JR2L4P7KN15-teleport-dev rdp-addr:172.16.97.186:3389 rdpclient/client.go:358
2022-02-25T14:24:27-05:00 INFO [WINDOWS_D] TDP input streaming finished client-ip:::1 desktop-addr:172.16.97.186:3389 desktop-name:WIN-JR2L4P7KN15-teleport-dev rdp-addr:172.16.97.186:3389 rdpclient/client.go:359
2022-02-25T14:24:27-05:00 INFO [AUDIT]     windows.desktop.session.end cluster_name:Isaiahs-MacBook-Pro.local code:TDP01I desktop_addr:172.16.97.186:3389 desktop_labels:map[env:prod foo:bar teleport.dev/computer_name:WIN-JR2L4P7KN15 teleport.dev/dns_host_name:WIN-JR2L4P7KN15.teleport.dev teleport.dev/is_domain_controller:true teleport.dev/origin:dynamic teleport.dev/os:Windows Server 2012 R2 Standard Evaluation teleport.dev/os_version:6.3 (9600) teleport.dev/windows_domain:teleport.dev] desktop_name:WIN-JR2L4P7KN15-teleport-dev ei:0 event:windows.desktop.session.end login:Administrator participants:[joe] recorded:true session_start:2022-02-25T19:24:02.89Z session_stop:2022-02-25T19:24:27.097Z sid:b003ccb4-b22f-4cb9-a527-ba9ed6c77832 time:2022-02-25T19:24:27.097Z uid:371ab8e8-dfa9-4375-806c-4d8da7117d8b user:joe windows_desktop_service:8f1ed2bc-65fb-48de-b32f-cac76676f8db windows_domain:teleport.dev windows_user:Administrator events/emitter.go:325
2022-02-25T14:24:27-05:00 DEBU [WINDOWS_D] Windows desktop disconnected client-ip:::1 desktop-addr:172.16.97.186:3389 desktop-name:WIN-JR2L4P7KN15-teleport-dev desktop/windows_server.go:747
2022-02-25T14:24:27-05:00 DEBU [WINDOWS_D] Releasing associated resources - context has been closed. client-ip:::1 desktop-addr:172.16.97.186:3389 desktop-name:WIN-JR2L4P7KN15-teleport-dev srv/monitor.go:253
2022-02-25T14:24:27-05:00 DEBU [SSH:PROXY] Closed connection [::1]:62194. sshutils/server.go:471
2022-02-25T14:24:27-05:00 DEBU [WINDOWS_D] Session has encountered 220 slow writes out of 4455. Check disk and network on this server. events/auditwriter.go:404
2022-02-25T14:24:27-05:00 DEBU [UPLOAD]    Scanned 1 uploads, started 1 in /Users/ibeckermayer/teleport-config/desktop-access/data/log/upload/streaming/default. filesessions/fileasync.go:289
2022-02-25T14:24:27-05:00 DEBU [AUTH:GRPC] CreateAuditStream connection from 8f1ed2bc-65fb-48de-b32f-cac76676f8db.Isaiahs-MacBook-Pro.local. auth/grpcserver.go:169
2022-02-25T14:24:27-05:00 DEBU [AUTH:GRPC] Created stream: <nil>. auth/grpcserver.go:212
2022-02-25T14:24:27-05:00 INFO [AUDIT]     session.upload cluster_name:Isaiahs-MacBook-Pro.local code:T2005I ei:2.147483647e+09 event:session.upload sid:b003ccb4-b22f-4cb9-a527-ba9ed6c77832 time:2022-02-25T19:24:27.496Z url:file:///Users/ibeckermayer/teleport-config/desktop-access/data/log/records/multi/b003ccb4-b22f-4cb9-a527-ba9ed6c77832 events/emitter.go:325
2022-02-25T14:24:27-05:00 DEBU [AUTH:GRPC] Completed stream: <nil>. auth/grpcserver.go:259
2022-02-25T14:24:27-05:00 DEBU [AUTH:GRPC] Flushed and closed the stream. auth/grpcserver.go:190
2022-02-25T14:24:27-05:00 DEBU [UPLOAD]    Session upload completed. duration:182.372365ms session-id:b003ccb4-b22f-4cb9-a527-ba9ed6c77832 filesessions/fileasync.go:443

@zmb3 link to the Slack messages where I began preliminary debugging.

[zmb3]

Error 4395 is ERRINFO_VCDATATOOLONG (0x0000112B).

The size of a received Virtual Channel PDU (section 2.2.6.1) exceeds the chunking size specified in the Virtual Channel Capability Set (section 2.2.7.1.10).

Which makes sense. We must need to break up the message in some way. To the spec..

[zmb3]

After some digging, looks like a Windows 2012 R2 server is specifying a maximum chunk size of 1600 bytes. Your example is a little over 2000 bytes, so everything adds up so far.