deluge-web on CentOS refuses to see running daemons
-
- New User
- Posts: 7
- Joined: Thu Jan 15, 2015 12:03 pm
deluge-web on CentOS refuses to see running daemons
Hello!
I'm running two Deluge (1.3.11, libtorrent 0.15.10.0, installed from package manager) daemons (as two different users) on a CentOS 6.6 (kernel 2.6.32) server and a WebUI (no plugins) as one of the two users. I've updated everything recently and now the WebUI refuses to acknowledge/notice either of the running daemons - they both appear as "offline" (they're not) and even killing them and trying to start from WebUI doesn't work (they start, but still invisible to WebUI).
Has anyone encountered this sort of problem before? What should I log?
I'm running two Deluge (1.3.11, libtorrent 0.15.10.0, installed from package manager) daemons (as two different users) on a CentOS 6.6 (kernel 2.6.32) server and a WebUI (no plugins) as one of the two users. I've updated everything recently and now the WebUI refuses to acknowledge/notice either of the running daemons - they both appear as "offline" (they're not) and even killing them and trying to start from WebUI doesn't work (they start, but still invisible to WebUI).
Has anyone encountered this sort of problem before? What should I log?
-
- New User
- Posts: 7
- Joined: Thu Jan 15, 2015 12:03 pm
Re: deluge-web on CentOS refuses to see running daemons
Just set up some logging and found out that the WebUI keeps trying (and failing) to connect to the Daemons using SSL, for whatever reason. As another fun fact, deluge-web keeps tossing aside my config and inserting a default one instead, rendering me unable to turn on HTTPS or change paths to cert/key.
WebUI log:
Daemon log:
This is tiring, and the exact opposite of useful. I would rollback if not for the fact that the latest non-head version is 1.3.5, which is too old (it doesn't recognize magnet links IIRC). How do I disable SSL permanently for Deluge?
WebUI log:
Code: Select all
[INFO ] 00:45:32 ui:121 Deluge ui 1.3.11
[INFO ] 00:45:32 ui:124 Starting web ui..
[INFO ] 00:45:32 server:662 Starting server in PID 63290.
[INFO ] 00:45:32 server:676 serving on 0.0.0.0:8112 view at http://127.0.0.1:8112
[INFO ] 00:45:32 client:217 Connecting to daemon at 127.0.0.1:58846..
[INFO ] 00:45:32 client:121 Connected to daemon at 127.0.0.1:58846..
[INFO ] 00:45:32 client:217 Connecting to daemon at 127.0.0.1:58847..
[INFO ] 00:45:32 client:224 Connection lost to daemon at 127.0.0.1:58846 reason: [('SSL routines', 'SSL3_READ_BYTES', 'sslv3 alert handshake failure'), ('SSL routines', 'SSL3_WRITE_BYTES', 'ssl handshake failure')]
[INFO ] 00:45:32 client:121 Connected to daemon at 127.0.0.1:58847..
[INFO ] 00:45:32 client:224 Connection lost to daemon at 127.0.0.1:58847 reason: [('SSL routines', 'SSL3_READ_BYTES', 'sslv3 alert handshake failure'), ('SSL routines', 'SSL3_WRITE_BYTES', 'ssl handshake failure')]
[INFO ] 00:45:36 client:217 Connecting to daemon at 127.0.0.1:58846..
[INFO ] 00:45:36 client:217 Connecting to daemon at 127.0.0.1:58847..
[INFO ] 00:45:36 client:121 Connected to daemon at 127.0.0.1:58846..
[INFO ] 00:45:36 client:217 Connecting to daemon at 127.0.0.1:58847..
[INFO ] 00:45:36 client:217 Connecting to daemon at 127.0.0.1:58846..
[INFO ] 00:45:36 client:224 Connection lost to daemon at 127.0.0.1:58846 reason: [('SSL routines', 'SSL3_READ_BYTES', 'sslv3 alert handshake failure'), ('SSL routines', 'SSL3_WRITE_BYTES', 'ssl handshake failure')]
[INFO ] 00:45:36 client:121 Connected to daemon at 127.0.0.1:58847..
[INFO ] 00:45:36 client:224 Connection lost to daemon at 127.0.0.1:58847 reason: [('SSL routines', 'SSL3_READ_BYTES', 'sslv3 alert handshake failure'), ('SSL routines', 'SSL3_WRITE_BYTES', 'ssl handshake failure')]
[INFO ] 00:45:36 client:121 Connected to daemon at 127.0.0.1:58847..
[INFO ] 00:45:36 client:121 Connected to daemon at 127.0.0.1:58846..
[INFO ] 00:45:36 client:224 Connection lost to daemon at 127.0.0.1:58847 reason: [('SSL routines', 'SSL3_READ_BYTES', 'sslv3 alert handshake failure'), ('SSL routines', 'SSL3_WRITE_BYTES', 'ssl handshake failure')]
[INFO ] 00:45:36 client:224 Connection lost to daemon at 127.0.0.1:58846 reason: [('SSL routines', 'SSL3_READ_BYTES', 'sslv3 alert handshake failure'), ('SSL routines', 'SSL3_WRITE_BYTES', 'ssl handshake failure')]
[INFO ] 00:46:02 client:217 Connecting to daemon at 127.0.0.1:58846..
[INFO ] 00:46:02 client:121 Connected to daemon at 127.0.0.1:58846..
[INFO ] 00:46:02 client:224 Connection lost to daemon at 127.0.0.1:58846 reason: [('SSL routines', 'SSL3_READ_BYTES', 'sslv3 alert handshake failure'), ('SSL routines', 'SSL3_WRITE_BYTES', 'ssl handshake failure')]
[INFO ] 00:46:04 client:217 Connecting to daemon at 127.0.0.1:58846..
[INFO ] 00:46:04 client:121 Connected to daemon at 127.0.0.1:58846..
[INFO ] 00:46:04 client:224 Connection lost to daemon at 127.0.0.1:58846 reason: [('SSL routines', 'SSL3_READ_BYTES', 'sslv3 alert handshake failure'), ('SSL routines', 'SSL3_WRITE_BYTES', 'ssl handshake failure')]
[INFO ] 00:46:04 client:217 Connecting to daemon at 127.0.0.1:58847..
[INFO ] 00:46:04 client:121 Connected to daemon at 127.0.0.1:58847..
[INFO ] 00:46:04 client:224 Connection lost to daemon at 127.0.0.1:58847 reason: [('SSL routines', 'SSL3_READ_BYTES', 'sslv3 alert handshake failure'), ('SSL routines', 'SSL3_WRITE_BYTES', 'ssl handshake failure')]
[INFO ] 00:46:04 client:217 Connecting to daemon at 127.0.0.1:58846..
[INFO ] 00:46:04 client:121 Connected to daemon at 127.0.0.1:58846..
[INFO ] 00:46:04 client:224 Connection lost to daemon at 127.0.0.1:58846 reason: [('SSL routines', 'SSL3_READ_BYTES', 'sslv3 alert handshake failure'), ('SSL routines', 'SSL3_WRITE_BYTES', 'ssl handshake failure')]
[INFO ] 00:46:04 client:217 Connecting to daemon at 127.0.0.1:58847..
[INFO ] 00:46:04 client:121 Connected to daemon at 127.0.0.1:58847..
[INFO ] 00:46:04 client:224 Connection lost to daemon at 127.0.0.1:58847 reason: [('SSL routines', 'SSL3_READ_BYTES', 'sslv3 alert handshake failure'), ('SSL routines', 'SSL3_WRITE_BYTES', 'ssl handshake failure')]
Code: Select all
[INFO ] 00:45:00 daemon:124 Deluge daemon 1.3.11
[INFO ] 00:45:00 core:80 Starting libtorrent 0.15.10.0 session..
[INFO ] 00:45:00 rpcserver:367 Starting DelugeRPC server :58846
[SNIP]
[INFO ] 00:45:02 rpcserver:204 Deluge Client connection made from: 127.0.0.1:38977
[INFO ] 00:45:02 rpcserver:224 Deluge client disconnected: [('SSL routines', 'SSL3_GET_CLIENT_HELLO', 'wrong version number')]
[INFO ] 00:45:32 rpcserver:204 Deluge Client connection made from: 127.0.0.1:38978
[INFO ] 00:45:32 rpcserver:224 Deluge client disconnected: [('SSL routines', 'SSL3_GET_CLIENT_HELLO', 'wrong version number')]
[INFO ] 00:45:36 rpcserver:204 Deluge Client connection made from: 127.0.0.1:38980
[INFO ] 00:45:36 rpcserver:224 Deluge client disconnected: [('SSL routines', 'SSL3_GET_CLIENT_HELLO', 'wrong version number')]
[INFO ] 00:45:36 rpcserver:204 Deluge Client connection made from: 127.0.0.1:38984
[INFO ] 00:45:36 rpcserver:224 Deluge client disconnected: [('SSL routines', 'SSL3_GET_CLIENT_HELLO', 'wrong version number')]
[INFO ] 00:46:02 rpcserver:204 Deluge Client connection made from: 127.0.0.1:38985
[INFO ] 00:46:02 rpcserver:224 Deluge client disconnected: [('SSL routines', 'SSL3_GET_CLIENT_HELLO', 'wrong version number')]
[INFO ] 00:46:04 rpcserver:204 Deluge Client connection made from: 127.0.0.1:38986
[INFO ] 00:46:04 rpcserver:224 Deluge client disconnected: [('SSL routines', 'SSL3_GET_CLIENT_HELLO', 'wrong version number')]
[INFO ] 00:46:04 rpcserver:204 Deluge Client connection made from: 127.0.0.1:38988
[INFO ] 00:46:04 rpcserver:224 Deluge client disconnected: [('SSL routines', 'SSL3_GET_CLIENT_HELLO', 'wrong version number')]
Re: deluge-web on CentOS refuses to see running daemons
Woah, I just wanted to register and post the same thing, it's tiring.
So I pretty much have the same problem, deluged is running fine but nothing can connect.
Log from deluged:
Log from deluge-web:
Before I had deluge 1.3.5 and it worked fine, though I wanted a more up to date version so I installed 1.3.11 from source. I already tinkered with both core/rpcserver.py and web/server.py and changed the ctx = to TLSv1, though without luck.
This is what it looks like right now:
rpcserver.py
server.py
I googled around and the only thing I found was some couchpatoto issue which resulted in the same error, but setting ssl.context to tls did not help.
Would appreciate any help, I don't want to rollback to an older version. OS is the same as OP - CentOS.
So I pretty much have the same problem, deluged is running fine but nothing can connect.
Log from deluged:
Code: Select all
[INFO ] 14:00:44 rpcserver:204 Deluge Client connection made from: 127.0.0.1:56135
[INFO ] 14:00:44 rpcserver:224 Deluge client disconnected: [('SSL routines', 'SSL3_GET_CLIENT_HELLO', 'wrong version number')]
Code: Select all
[INFO ] 14:01:07 client:121 Connected to daemon at 127.0.0.1:58846..
[INFO ] 14:01:07 client:224 Connection lost to daemon at 127.0.0.1:58846 reason: [('SSL routines', 'SSL3_READ_BYTES', 'sslv3 alert handshake failure'), ('SSL routines', 'SSL3_READ_BYTES', 'ssl handshake failure')]
This is what it looks like right now:
rpcserver.py
Code: Select all
ctx = SSL.Context(SSL.SSLv23_METHOD)
ctx.set_options(SSL.OP_NO_SSLv2 | SSL.OP_NO_SSLv3)
ctx.use_certificate_file(os.path.join(ssl_dir, "daemon.cert"))
ctx.use_privatekey_file(os.path.join(ssl_dir, "daemon.pkey"))
Code: Select all
ctx = SSL.Context(SSL.SSLv23_METHOD)
ctx.set_options(SSL.OP_NO_SSLv2 | SSL.OP_NO_SSLv3)
deluge_web = component.get("DelugeWeb")
log.debug("Enabling SSL using:")
log.debug("Pkey: %s", deluge_web.pkey)
log.debug("Cert: %s", deluge_web.cert)
Would appreciate any help, I don't want to rollback to an older version. OS is the same as OP - CentOS.
Re: deluge-web on CentOS refuses to see running daemons
Edit: It suggests your OpenSSL is too old, see this: http://wiki.centos.org/Security/POODLE
There have been no reports of issues from any other OS and I don't see how this can be a Deluge issue. It might be worth asking on CentOS forums for help.
Just to note there is no point in looking at web/server.py it is irrelevant to the issue. It only affects connecting via browser or using json api as couchpotato does.
There have been no reports of issues from any other OS and I don't see how this can be a Deluge issue. It might be worth asking on CentOS forums for help.
Just to note there is no point in looking at web/server.py it is irrelevant to the issue. It only affects connecting via browser or using json api as couchpotato does.
Re: deluge-web on CentOS refuses to see running daemons
Well it is as up to date as CentOS ships it. Anyway I installed 1.3.10 before the SSLv3 removal since I only use the web client locally.
I might add that running openssl s_client -connect localhost:daemon port -sslv2 failed when running 1.3.11, though tls1 worked fine.
Regards, Cr0.
I might add that running openssl s_client -connect localhost:daemon port -sslv2 failed when running 1.3.11, though tls1 worked fine.
Regards, Cr0.
Re: deluge-web on CentOS refuses to see running daemons
Did you verify that the version of openssl as mentioned on that page is actually installed. It would be more helpful to find out why CentOS has an issue (specifically why it is forcing SSLv3 connection) rather than just opting to use an older version of Deluge. As I said before this is not an issue with any other OS so something with the OpenSSL on CentOS is not right.
That's what you should expect with 1.3.11, both SSLv2 and SSLv3 are disabled on the daemon so only TLS is available.
That's what you should expect with 1.3.11, both SSLv2 and SSLv3 are disabled on the daemon so only TLS is available.
-
- New User
- Posts: 7
- Joined: Thu Jan 15, 2015 12:03 pm
Re: deluge-web on CentOS refuses to see running daemons
I tend to not update things selectively, so OpenSSL was updated as soon as it was out. And I also verified that it's up to date as per the Wiki page linked.
Would it be possible to simply disable SSL/TLS in my Deluge setup to begin with? I'm not interested in making connections to itself secure, and it's not like I'm allowing any outside connections.
Would it be possible to simply disable SSL/TLS in my Deluge setup to begin with? I'm not interested in making connections to itself secure, and it's not like I'm allowing any outside connections.
Re: deluge-web on CentOS refuses to see running daemons
The simplest solution is to talk to CentOS devs about this...
-
- New User
- Posts: 7
- Joined: Thu Jan 15, 2015 12:03 pm
Re: deluge-web on CentOS refuses to see running daemons
I went and talked to some CentOS folks, and there's nothing wrong with the OS itself. The problem is in deluge trying to use SSL3. Apparently CouchPotato had the same issue, but it got fixed in their version.
Re: deluge-web on CentOS refuses to see running daemons
The client (deluge-web) is not forced into using SSLv3 protocol, what changed in 1.3.11 is that the daemon no longer accepts SSLv3 connections and all client versions are still be able to connect so there is nothing in the Deluge code that is at issue here. As I also mentioned there is no issue with any other operating system running 1.3.11. I still suspect it is an OpenSSL or cert issue.
The code change made by Couchpotato is irrelevant here as they use their own synchronous deluge client code and were specifically using SSLv3: https://github.com/RuudBurger/CouchPota ... be288c0e02
You can see the deluge client code yourself that has nothing specifying the protocol to be used: https://github.com/deluge-torrent/delug ... nt.py#L273
The code change made by Couchpotato is irrelevant here as they use their own synchronous deluge client code and were specifically using SSLv3: https://github.com/RuudBurger/CouchPota ... be288c0e02
You can see the deluge client code yourself that has nothing specifying the protocol to be used: https://github.com/deluge-torrent/delug ... nt.py#L273
Have you tried running deluge-web on another OS and attempted to connect to the daemon on CentOS?ClientContextFactory default to using SSL.SSLv23_METHOD as their method, and it is compatible for communication with all the other methods listed above.