deluge-web on CentOS refuses to see running daemons

[Haxton Fale]

Thin client on my own PC is able to connect fine.

WebUI is relentlessly attempting (and failing) to use SSL3 to connect, as seen in the logs. It also keeps overwriting the config I'm giving it with its own, discarding my changes to change HTTPS or cert settings.

[Cas]

You have to stop deluge-web before changing config.

[Haxton Fale]

Apparently I was forgetting to kill deluge-web. My bad.

As a side note, I requested 1.3.10 to be made available on the repo and then did a rollback to that version. Everything works fine, including the WebUI. Ergo, something in the update was changed and caused WebUI to stop working properly.

[Cas]

Ergo, something in the update was changed and caused WebUI to stop working properly.

That is an erroneous conclusion and my comments have already outlined why this is not a Deluge code issue:

The client (deluge-web) is not forced into using SSLv3 protocol, what changed in 1.3.11 is that the daemon no longer accepts SSLv3 connections and all client versions are still be able to connect so there is nothing in the Deluge code that is at issue here.

That you can connect via thin client from another OS demonstrates that the daemon code (which I changed to reject SSLv3) and client code (not altered since 1.3.6 release) are working as they should.

As you were adamant that Deluge was at fault and were not willing to try other avenues I went to the time and effort of downloading and installing a CentOS 6 image and found it was an issue with Twisted 8.2 (a very old version of Twisted). Testing with Twisted 9.0.0 showed no issues. This should be raised with CentOS package maintainers.

[Haxton Fale]

I see, thank you.
I'll file an appropriate ticket.

[marksie1988]

Hi All,

I have just installed Deluge 1.3.11 on Centos 6.5 and the services start with no issues but then when i go into the web ui it shows the connection manager saying deluged is offline.

I checked top and both deluged and deluge-web are running and under the same user account. when i was on an older version it worked fine but i have issues with ports not saving.

Please could i have some guidance on getting this working again, it all seems to be correct but just shows offline.

[INFO ] 10:59:06 daemon:124 Deluge daemon 1.3.11
[INFO ] 10:59:06 core:80 Starting libtorrent 0.15.10.0 session..
[INFO ] 10:59:06 rpcserver:367 Starting DelugeRPC server localhost:58846
[WARNING ] 10:59:06 torrentmanager:650 Unable to update state file to a compatible version: list index out of range
[WARNING ] 10:59:06 torrentmanager:753 Unable to load fastresume file: [Errno 2] No such file or directory: '/home/seedbox/.config/deluge/state/torrents.fastresume'

[INFO ] 11:10:46 rpcserver:224 Deluge client disconnected: [('SSL routines', 'SSL3_GET_CLIENT_HELLO', 'wrong version number')]

[lexa2]

It is actually a bug in python-twisted-core 8.2.0 shipped with CentOS6.

A quick and dirty fix is to patch twisted core files in place like this (should be run under root credentials):

Code: Select all

sed -i "s/SSL.SSLv3_METHOD/SSL.SSLv23_METHOD/g" /usr/lib64/python2.6/site-packages/twisted/internet/ssl.py
rm /usr/lib64/python2.6/site-packages/twisted/internet/ssl.pyc /usr/lib64/python2.6/site-packages/twisted/internet/ssl.pyo

This would allow deluge-gtk and deluge-web to connect to local rpcserver. But this quick fix is insecure as it not only allow TLS but also allow SSLv2 usage - which is insecure.

More correct approach would be to patch class ClientContextFactory in /usr/lib64/python2.6/site-packages/twisted/internet/ssl.py so to look like this:

Code: Select all

class ClientContextFactory:
    """A context factory for SSL clients."""

    isClient = 1

    method = SSL.SSLv23_METHOD

    _contextFactory = SSL.Context

    def getContext(self):
        ctx = self._contextFactory(self.method)
        ctx.set_options(SSL.OP_NO_SSLv2)
        return ctx

Another approach is to download latest source rpm for CentOS7 from CentOS vault (as of 2015-09-12 it is http://vault.centos.org/7.1.1503/os/Sou ... l7.src.rpm) and rpmbuild it for CentOS6. Version 12.2 contains just the same as above patch to ClientContextFactory class.

The best approach is to force upstream (RedHat/RHEL6 in this case) to fix shipped version of python-twisted-core but that won't be as easy as any of methods listed above due to RedHat being extremely picky in accepting patches to stable versions of RHEL6 due to security and stability concerns.