Created attachment 199282 [details]
I've created n update to nextcloudclient to recently released 2.5.0.
Unluckily this version strictly requires OpenSSL 1.1.0. This means it can work only on 12.0 and up or 11.2 with openssl installed from ports.
Due to this I'm just proposing this patch but at present I will not commit it even in case of timeout, since I think the maintainer should choose how to deal with this.
While updating it I made a few minor changes to please portlint.
I also changed the way DEBUG is manged. It's preferred not to expose it as an option, but to conditionally enable required flags when WITH_DEBUG is enabled.
BTW there is no compatibility layer anymore between WITH_DEBUG and the DEBUG option, so to get proper debugging code (not stripped) it is required to have extra logic anyway.
Created attachment 199387 [details]
Patch including upstream fix
I've updated the patch to include this upstream commit:
It stops the client from flooding the server for "activity" request if the plugin is disabled and also in some other cases.
Created attachment 199486 [details]
Further upstream fix included
New patch including further upstream fix for a flood/CPU hog problem.
I'm currently trying to test the 2.5.0 version.
After upgrading my notebook to stable/12 I'm having troubles to use
Trying to conntect to https://<myserver>/ I get an error:
Error creating SSL Context ()...
Maybe its related that on the nextcloud server I'm using self-signed Cert's
but the RootCA ind the intermediadCA certs got added to the system-wide cert
How did you test?
I'm actually using it on my machines with my nextcloud server(which is a VM rented in the cloud). Although I have letencrypt provided certificates there.
In the past, when I was still using owncloud, I had certs created by a custom CA and I remember owncloud client asking me if I trusted the cert.
Since the client is leveraging gnome-keyring for authentication, maybe that's where it also offloads certificate verification? Otherwise I'd suspect there is a problem with functionality to accept untrusted certs.
I'm not completely sure the nextcloud desktop client checks the store in /usr/local/share/certs/ca-root-nss.crt.
BTW I'm keeping my store in /usr/local/etc/ssl/cert.pem, concatenating the ones from /usr/local/share/certs/ca-root-nss.crt and my own ones. I think that's the actual global storage, but I can't remember the details.
Created attachment 199969 [details]
Update to 2.5.1
Version 2.5.1 was released. It includes fixes I merged as patches.
A commit references this bug:
Date: Wed Dec 26 18:04:47 UTC 2018
New revision: 488411
Add missing checks for openssl 1.1
===> nextcloudclient-0.0.0.20181226 Incorrect 'USES+= cmake:outsource noninja'
usage: argument [outsource] is not recognized.
*** Error code 1
A commit references this bug:
Date: Thu Dec 27 09:53:54 UTC 2018
New revision: 488525
cmake:outsource is now default, so delete it.
Reported by: firstname.lastname@example.org
(In reply to Guido Falsi from comment #5)
I'm still not fully satisfied with the new version:
- I'm getting no popup for unlocking the keyfile followed by an dump:
-> Workaround: starting chrome first
- On successful startup (if starting chrome beforehand) I'm getting the (same?)
dump on exiting the application:
[17336:1401483264:1227/132727.546838:ERROR:shared_memory_posix.cc(283)] Creating shared memory in /tmp/.org.chromium.Chromium.lUG2Oy failed: Too many open files
[17336:1490594560:1227/132727.548927:ERROR:nss_util.cc(712)] Error initializing NSS with a persistent database (sql:/home/rmx/.pki/nssdb): NSS error code: -8023
[17336:1490594560:1227/132727.549155:ERROR:nss_util.cc(201)] Error initializing NSS without a persistent database: NSS error code: -8023
[17336:1490594560:1227/132727.549181:FATAL:nss_util.cc(203)] nss_error=-8023, os_error=0
#0 0x000042d10153 <unknown>
#1 0x000042d21c1d <unknown>
#2 0x00004339ffa9 <unknown>
#3 0x0000432cdada <unknown>
#4 0x0000431b366b <unknown>
#5 0x00004318732a <unknown>
#6 0x0000424b0460 <unknown>
#7 0x0000424af411 <unknown>
#8 0x00004267264f <unknown>
#9 0x0000429a9c04 <unknown>
#10 0x000042d86a63 <unknown>
#11 0x000042d283cb <unknown>
#12 0x000042d2880c <unknown>
#13 0x000042d28cd3 <unknown>
#14 0x000042d2c669 <unknown>
#15 0x000042d280ce <unknown>
#16 0x000042d40ac4 <unknown>
#17 0x0000426b00ab <unknown>
#18 0x0000426b026d <unknown>
#19 0x000042d5d0f9 <unknown>
#20 0x000042d58a61 <unknown>
(zb3)(rmx) # [17337:1287618560:1227/132728.253676:ERROR:broker_posix.cc(41)] Invalid node channel message
(In reply to Michael Reifenberger from comment #9)
> (In reply to Guido Falsi from comment #5)
> I'm still not fully satisfied with the new version:
> - I'm getting no popup for unlocking the keyfile followed by an dump:
> -> Workaround: starting chrome first
Don't know what happened there, I'm not using a self signed certificate anymore so I can't see this.
I could try setting up a testing server but really have no time for that right now.
> - On successful startup (if starting chrome beforehand) I'm getting the
> dump on exiting the application:
> Creating shared memory in /tmp/.org.chromium.Chromium.lUG2Oy failed: Too
> many open files
This error is a little suspect. Maybe you need to raise some limit or syscontrol due to the number of files you're synchronizing/opening?
(In reply to Guido Falsi from comment #10)
after the last round of OS/pkg updates nextcloudclient seens to run fine now