View Issue Details

IDProjectCategoryView StatusLast Update
0001573bareos-coredirectorpublic2023-11-27 17:40
ReporterNeptune Assigned Tobruno-at-bareos  
PrioritynormalSeveritymajorReproducibilityalways
Status closedResolutionfixed 
PlatformLinuxOSDebianOS Version10
Summary0001573: After upgrade do bareos-directo 23.0.0~pre1269.3ddd57cb0-3 Director cannot connect to bareos 16 fd
DescriptionWe have recently upgraded our bareos-director (Linux Debian 10) using apt and the new director is 23.0.0~pre1269.3ddd57cb0-3

Since the upgrade, the director cannot connect to any system running Linux Debian 9 running bareos-fd Version: 16.2.6 (02 June 2017)


Steps To Reproduce
* Upgrade Debian 10 director from v22 to v23
* Test connectivity between systems using telnet : ok
* using bconsole, try to connect to a system running bareos-fd v16

Additional InformationWhen running bareos-fd on foreground and verbosely, we have the following logs :

27-nov.-2023 16:46:14.567229 heb-nep-47-mut (580): message.c:519-0 Close_msg jcr=0
27-nov.-2023 16:46:14.567238 heb-nep-47-mut (850): message.c:549-0 ===Begin close msg resource at 55e9cc2acbc8
27-nov.-2023 16:46:14.567246 heb-nep-47-mut (850): message.c:663-0 Done walking message chain.
27-nov.-2023 16:46:14.567250 heb-nep-47-mut (850): message.c:670-0 ===End close msg resource
27-nov.-2023 16:46:14.567274 heb-nep-47-mut (250): message.c:349-0 Copy message resource 55e9cc2b5d78 to 55e9cc2b4898
27-nov.-2023 16:46:14.567569 heb-nep-47-mut (100): jcr.c:141-0 read_last_jobs seek to 192
27-nov.-2023 16:46:14.567585 heb-nep-47-mut (100): jcr.c:148-0 Read num_items=10
27-nov.-2023 16:46:14.567616 heb-nep-47-mut (150): fd_plugins.c:1664-0 plugin dir is NULL
27-nov.-2023 16:46:14.567629 heb-nep-47-mut (800): watchdog.c:83-0 Initialising NicB-hacked watchdog thread
27-nov.-2023 16:46:14.567686 heb-nep-47-mut (10): socket_server.c:96-0 filed: listening on port 9102
27-nov.-2023 16:46:14.567709 heb-nep-47-mut (100): bnet_server_tcp.c:170-0 Addresses host[ipv4;0.0.0.0;9102]
27-nov.-2023 16:46:14.567804 heb-nep-47-mut (800): watchdog.c:255-0 NicB-reworked watchdog thread entered
27-nov.-2023 16:46:18.656754 heb-nep-47-mut (10): socket_server.c:56-0 ERROR: Connection request from client failed.
27-nov.-2023 16:46:18.656776 heb-nep-47-mut (850): message.c:858-0 Enter dispatch_message type=4 msg=heb-nep-47-mut: ERROR in socket_server.c:56 Connection request from client failed.
27-nov.-2023 16:46:18.656785 heb-nep-47-mut (850): message.c:1129-0 DIRECTOR for following msg: heb-nep-47-mut: ERROR in socket_server.c:56 Connection request from client failed.
27-nov.-2023 16:46:18.656790 heb-nep-47-mut (800): message.c:1134-0 no jcr for following msg: heb-nep-47-mut: ERROR in socket_server.c:56 Connection request from client failed.
27-nov.-2023 16:46:36.385957 heb-nep-47-mut (10): socket_server.c:56-0 ERROR: Connection request from client failed.
27-nov.-2023 16:46:36.386056 heb-nep-47-mut (850): message.c:858-0 Enter dispatch_message type=4 msg=heb-nep-47-mut: ERROR in socket_server.c:56 Connection request from client failed.
27-nov.-2023 16:46:36.386123 heb-nep-47-mut (850): message.c:1129-0 DIRECTOR for following msg: heb-nep-47-mut: ERROR in socket_server.c:56 Connection request from client failed.
27-nov.-2023 16:46:36.386217 heb-nep-47-mut (800): message.c:1134-0 no jcr for following msg: heb-nep-47-mut: ERROR in socket_server.c:56 Connection request from client failed.


On the director side :
*setdebug level=1000 trace=1 timestamp=1 dir
level=1000 trace=1 hangup=0 timestamp=1 tracefilename=/var/lib/bareos/gr2-dmz-17-backup-dir.trace
*status client=
Display all 143 possibilities? (y or n)
*status client=heb-nep-43-mut
Connecting to Client heb-nep-43-mut at 194.2.77.43:9102
Probing client protocol... (result will be saved until config reload)
Failed to connect to Client heb-nep-43-mut.

In the trace file we have :

7-nov.-2023 17:15:16.222441 gr2-dmz-17-backup-dir (10): dird/ua_audit.cc:137-0 : Console [default] from [127.0.0.1] cmdline status client=heb-nep-43-mut
27-nov.-2023 17:15:16.222498 gr2-dmz-17-backup-dir (20): dird/ua_status.cc:176-0 status:status client=heb-nep-43-mut:
27-nov.-2023 17:15:16.222593 gr2-dmz-17-backup-dir (120): dird/job.cc:402-0 Connection from client "heb-nep-43-mut" to director is not allowed.
27-nov.-2023 17:15:16.222613 gr2-dmz-17-backup-dir (100): lib/bsock.cc:85-0 Construct BareosSocket
27-nov.-2023 17:15:16.222649 gr2-dmz-17-backup-dir (100): lib/bsock.cc:162-0 All source addresses
27-nov.-2023 17:15:16.222849 gr2-dmz-17-backup-dir (100): lib/bsock_tcp.cc:219-0 Current host[ipv4;194.2.77.43;9102] All host[ipv4;194.2.77.43;9102]
27-nov.-2023 17:15:16.223367 gr2-dmz-17-backup-dir (20): lib/bsock_tcp.cc:302-0 Cannot set TCP_ULP on socket: Aucun fichier ou dossier de ce type;
Is the tls module not loaded? kTLS will not work without it.27-nov.-2023 17:15:16.223390 gr2-dmz-17-backup-dir (100): lib/bsock_tcp.cc:149-0 who=Client: heb-nep-43-mut host=194.2.77.43
 port=9102
27-nov.-2023 17:15:16.223577 gr2-dmz-17-backup-dir (10): dird/fd_cmds.cc:146-0 Opened connection with File daemon
27-nov.-2023 17:15:16.223601 gr2-dmz-17-backup-dir (100): lib/tls_openssl_private.cc:59-0 Construct TlsOpenSslPrivate
27-nov.-2023 17:15:16.223754 gr2-dmz-17-backup-dir (100): lib/tls_openssl_private.cc:632-0 Set tcp filedescriptor: <12>
27-nov.-2023 17:15:16.223772 gr2-dmz-17-backup-dir (100): lib/tls_openssl_private.cc:650-0 Set protocol: <>
27-nov.-2023 17:15:16.223788 gr2-dmz-17-backup-dir (100): lib/tls_openssl_private.cc:572-0 Set ca_certfile: <>
27-nov.-2023 17:15:16.223804 gr2-dmz-17-backup-dir (100): lib/tls_openssl_private.cc:578-0 Set ca_certdir: <>
27-nov.-2023 17:15:16.223819 gr2-dmz-17-backup-dir (100): lib/tls_openssl_private.cc:584-0 Set crlfile_: <>
27-nov.-2023 17:15:16.223835 gr2-dmz-17-backup-dir (100): lib/tls_openssl_private.cc:590-0 Set certfile_: <>
27-nov.-2023 17:15:16.223850 gr2-dmz-17-backup-dir (100): lib/tls_openssl_private.cc:596-0 Set keyfile_: <>
27-nov.-2023 17:15:16.223866 gr2-dmz-17-backup-dir (100): lib/tls_openssl_private.cc:614-0 Set dhfile_: <>
27-nov.-2023 17:15:16.223881 gr2-dmz-17-backup-dir (100): lib/tls_openssl_private.cc:638-0 Set cipherlist: <>
27-nov.-2023 17:15:16.223896 gr2-dmz-17-backup-dir (100): lib/tls_openssl_private.cc:644-0 Set ciphersuites: <>
27-nov.-2023 17:15:16.223912 gr2-dmz-17-backup-dir (100): lib/tls_openssl_private.cc:620-0 Set Verify Peer: <false>
27-nov.-2023 17:15:16.223928 gr2-dmz-17-backup-dir (100): lib/tls_openssl_private.cc:626-0 Set ktls: <false>
27-nov.-2023 17:15:16.223956 gr2-dmz-17-backup-dir (50): lib/tls_openssl.cc:64-0 Preparing TLS_PSK CLIENT context for identity R_DIRECTOR gr2-dmz-17-backup-dir
27-nov.-2023 17:15:16.224182 gr2-dmz-17-backup-dir (100): lib/tls_openssl_private.cc:559-0 psk_client_cb. identity: R_DIRECTOR gr2-dmz-17-backup-dir.
27-nov.-2023 17:15:21.226226 gr2-dmz-17-backup-dir (100): lib/tls_openssl_private.cc:90-0 Destruct TlsOpenSslPrivate
27-nov.-2023 17:15:21.226300 gr2-dmz-17-backup-dir (50): lib/bsock.cc:672-0 TLS negotiation failed (while probing client protocol)
27-nov.-2023 17:15:21.226316 gr2-dmz-17-backup-dir (100): dird/authenticate.cc:144-0 Could not DoTlsHandshake() with a file daemon
27-nov.-2023 17:15:21.226346 gr2-dmz-17-backup-dir (100): lib/bsock.cc:137-0 Destruct BareosSocket
27-nov.-2023 17:15:22.706500 gr2-dmz-17-backup-dir (100): lib/tls_openssl_private.cc:90-0 Destruct TlsOpenSslPrivate
27-nov.-2023 17:15:22.706577 gr2-dmz-17-backup-dir (200): dird/job.cc:1519-0 Start dird FreeJcr
27-nov.-2023 17:15:22.706596 gr2-dmz-17-backup-dir (200): dird/job.cc:1587-0 End dird FreeJcr
27-nov.-2023 17:15:22.706609 gr2-dmz-17-backup-dir (100): lib/jcr.cc:267-0 FreeCommonJcr: 7f739c006600
27-nov.-2023 17:15:22.706631 gr2-dmz-17-backup-dir (100): lib/bsock.cc:137-0 Destruct BareosSocket
TagsNo tags attached.

Activities

bruno-at-bareos

bruno-at-bareos

2023-11-27 17:40

manager   ~0005535

As annonced in changelog the default behavior is TLS enforced, with no downgrade.

TLS negotiation failed (while probing client protocol)

Issue History

Date Modified Username Field Change
2023-11-27 17:26 Neptune New Issue
2023-11-27 17:40 bruno-at-bareos Assigned To => bruno-at-bareos
2023-11-27 17:40 bruno-at-bareos Status new => closed
2023-11-27 17:40 bruno-at-bareos Resolution open => fixed
2023-11-27 17:40 bruno-at-bareos Note Added: 0005535