[FreeNX-kNX] Sanity check...
Fabian Franz
FabianFranz at gmx.de
Sat Apr 23 12:03:52 UTC 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Am Samstag, 23. April 2005 09:19 schrieb Ed Warnicke:
> I am trying to debug an issue I'm seeing, and I want to
> make sure I understand how FreeNX handles 'ssl tunneling'.
Ok.
>
> From what I can find in the nxserver/nxnode code,
> if 'ssl tunneling' is enabled via the ENCRYPTION environment
> variable then nxnode will only accept connections from
> 127.0.0.1 (localhost) and nxserver uses netcat to connect
> to the nxagent spawned by nxnode and redirect all of
> it's input and output via the ssh connection to nxserver.
Completely correct.
>
> It seems that in the case of an encrypted connection,
> after the 'NX> 999 Bye' all traffic should then be the
> normal chatter between the nxproxy on the client
> side and the nxagent on the server side.
Yes, perhaps we can do some magic like:
exec 3>&1 # save stdout
exec 1>&2 # put all stdout to stderr instead
netcat >&3 # connect with old stdout
to prevent the effects that _any_ message goes to stdout after the bye
command.
But this needs testing and evaulation.
> Info: Connection with remote proxy established.
> Error: Parse error in remote options string 'NX> '."
I thought it was when nxagent did not start. Then netcat would not be started
and such the NX> goes to stdout to the proxy ...
You can debug this by doing something like that:
log "netcat started"
netcat [...]
log "netcat finished"
>
> Is my understanding of how Freenx 'ssl tunneling' works
> and what is causing this error message correct?
Yes, somehow.
>
> I *think* the problem I reported here:
> http://developer.berlios.de/bugs/?func=detailbug&bug_id=3603&group_id=2978
Ok.
cu
Fabian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFCajmuI0lSH7CXz7MRAoQ1AJ9ZM4p64P6AhNXmBB4khBb2I4Tm2QCfc86K
Adrgec70eK5wXPJWfvsSlNQ=
=LX0K
-----END PGP SIGNATURE-----
More information about the FreeNX-kNX
mailing list