[GH-ISSUE #925] ssl3_get_record:wrong version number (Mac client to Windows server) #738

New issue

Open

opened 2026-05-05 07:00:50 -06:00 by gitea-mirror · 3 comments

gitea-mirror commented 2026-05-05 07:00:50 -06:00

Owner

Copy link

Originally created by @winnyucui on GitHub (Oct 22, 2020).
Original GitHub issue: https://github.com/debauchee/barrier/issues/925

Bug Description
The Mac client fails to connect to a Windows server.

To Reproduce

1. Download Barrier on PC, set as server. I use "Configure interactively" initially, then save the configuration file to C:\Program Files\Barrier folder. For all subsequent Barrier activations, run with "Use existing configuration" option, pointing to the saved file.
2. Download Barrier on Mac, set as client. Unselect "autoconfig" option, then type in the IP address from the PC Barrier app (I use the bolded one).
3. Run the server and client, and wait for connection to establish.

Expected behavior
I expected to see a secure connection established to the server. Instead, the connection times out.

Screenshots
Mac Logs:
...
[2020-10-22T00:38:01] DEBUG1: connection timed out
[2020-10-22T00:38:01] DEBUG: retry in 1 seconds
[2020-10-22T00:38:01] WARNING: failed to connect to server: Timed out
[2020-10-22T00:38:02] NOTE: connecting to '192.168.1.211': 192.168.1.211:24800
[2020-10-22T00:38:02] DEBUG: Opening new socket: 2DD472A0
[2020-10-22T00:38:02] INFO: OpenSSL 1.1.1g 21 Apr 2020
[2020-10-22T00:38:02] DEBUG1: openSSL : compiler: clang -fPIC -arch x86_64 -O3 -Wall -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -D_REENTRANT -DNDEBUG
[2020-10-22T00:38:02] DEBUG1: openSSL : built on: Tue Apr 21 13:28:37 2020 UTC
[2020-10-22T00:38:02] DEBUG1: openSSL : platform: darwin64-x86_64-cc
[2020-10-22T00:38:02] DEBUG1: OPENSSLDIR: "/usr/local/etc/openssl@1.1"
[2020-10-22T00:38:02] DEBUG1: connecting to server
[2020-10-22T00:38:02] DEBUG2: connecting secure socket
[2020-10-22T00:38:02] DEBUG2: want to read, error=2, attempt=1
[2020-10-22T00:38:02] DEBUG2: retry connect secure socket
[2020-10-22T00:38:02] DEBUG2: connecting secure socket
[2020-10-22T00:38:02] ERROR: ssl error occurred (generic failure)
[2020-10-22T00:38:02] ERROR: error:1408F10B:SSL routines:ssl3_get_record:wrong version number
[2020-10-22T00:38:02] ERROR: failed to connect secure socket
[2020-10-22T00:38:17] DEBUG: Closing socket: 2DD472A0
[2020-10-22T00:38:17] WARNING: failed to connect to server: Timed out
[2020-10-22T00:38:17] DEBUG1: connection timed out
[2020-10-22T00:38:17] DEBUG: retry in 1 seconds
[2020-10-22T00:38:18] NOTE: connecting to '192.168.1.211': 192.168.1.211:24800
[2020-10-22T00:38:18] DEBUG: Opening new socket: 2DE08260
[2020-10-22T00:38:18] INFO: OpenSSL 1.1.1g 21 Apr 2020
[2020-10-22T00:38:18] DEBUG1: openSSL : compiler: clang -fPIC -arch x86_64 -O3 -Wall -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -D_REENTRANT -DNDEBUG
[2020-10-22T00:38:18] DEBUG1: openSSL : built on: Tue Apr 21 13:28:37 2020 UTC
[2020-10-22T00:38:18] DEBUG1: openSSL : platform: darwin64-x86_64-cc
[2020-10-22T00:38:18] DEBUG1: OPENSSLDIR: "/usr/local/etc/openssl@1.1"
[2020-10-22T00:38:18] DEBUG1: connecting to server
[2020-10-22T00:38:18] DEBUG2: connecting secure socket
[2020-10-22T00:38:18] DEBUG2: want to read, error=2, attempt=1
[2020-10-22T00:38:18] DEBUG2: retry connect secure socket
[2020-10-22T00:38:18] DEBUG2: connecting secure socket
[2020-10-22T00:38:18] ERROR: ssl error occurred (generic failure)
[2020-10-22T00:38:18] ERROR: error:1408F10B:SSL routines:ssl3_get_record:wrong version number
[2020-10-22T00:38:18] ERROR: failed to connect secure socket
...

Desktop and App versions:

• OS: Server=Windows 10 Pro, Client=macOS Catalina v 10.15.7
• Barrier version 2.3.3

Additional context
I have already tried the following:

• disabling "enable ssl" option on both the Windows and PC app

Originally created by @winnyucui on GitHub (Oct 22, 2020). Original GitHub issue: https://github.com/debauchee/barrier/issues/925 **Bug Description** The Mac client fails to connect to a Windows server. **To Reproduce** 1. Download Barrier on PC, set as server. I use "Configure interactively" initially, then save the configuration file to C:\Program Files\Barrier folder. For all subsequent Barrier activations, run with "Use existing configuration" option, pointing to the saved file. 2. Download Barrier on Mac, set as client. Unselect "autoconfig" option, then type in the IP address from the PC Barrier app (I use the bolded one). 3. Run the server and client, and wait for connection to establish. **Expected behavior** I expected to see a secure connection established to the server. Instead, the connection times out. **Screenshots** Mac Logs: ... [2020-10-22T00:38:01] DEBUG1: connection timed out [2020-10-22T00:38:01] DEBUG: retry in 1 seconds [2020-10-22T00:38:01] WARNING: failed to connect to server: Timed out [2020-10-22T00:38:02] NOTE: connecting to '192.168.1.211': 192.168.1.211:24800 [2020-10-22T00:38:02] DEBUG: Opening new socket: 2DD472A0 [2020-10-22T00:38:02] INFO: OpenSSL 1.1.1g 21 Apr 2020 [2020-10-22T00:38:02] DEBUG1: openSSL : compiler: clang -fPIC -arch x86_64 -O3 -Wall -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -D_REENTRANT -DNDEBUG [2020-10-22T00:38:02] DEBUG1: openSSL : built on: Tue Apr 21 13:28:37 2020 UTC [2020-10-22T00:38:02] DEBUG1: openSSL : platform: darwin64-x86_64-cc [2020-10-22T00:38:02] DEBUG1: OPENSSLDIR: "/usr/local/etc/openssl@1.1" [2020-10-22T00:38:02] DEBUG1: connecting to server [2020-10-22T00:38:02] DEBUG2: connecting secure socket [2020-10-22T00:38:02] DEBUG2: want to read, error=2, attempt=1 [2020-10-22T00:38:02] DEBUG2: retry connect secure socket [2020-10-22T00:38:02] DEBUG2: connecting secure socket [2020-10-22T00:38:02] ERROR: ssl error occurred (generic failure) [2020-10-22T00:38:02] ERROR: error:1408F10B:SSL routines:ssl3_get_record:wrong version number [2020-10-22T00:38:02] ERROR: failed to connect secure socket [2020-10-22T00:38:17] DEBUG: Closing socket: 2DD472A0 [2020-10-22T00:38:17] WARNING: failed to connect to server: Timed out [2020-10-22T00:38:17] DEBUG1: connection timed out [2020-10-22T00:38:17] DEBUG: retry in 1 seconds [2020-10-22T00:38:18] NOTE: connecting to '192.168.1.211': 192.168.1.211:24800 [2020-10-22T00:38:18] DEBUG: Opening new socket: 2DE08260 [2020-10-22T00:38:18] INFO: OpenSSL 1.1.1g 21 Apr 2020 [2020-10-22T00:38:18] DEBUG1: openSSL : compiler: clang -fPIC -arch x86_64 -O3 -Wall -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -D_REENTRANT -DNDEBUG [2020-10-22T00:38:18] DEBUG1: openSSL : built on: Tue Apr 21 13:28:37 2020 UTC [2020-10-22T00:38:18] DEBUG1: openSSL : platform: darwin64-x86_64-cc [2020-10-22T00:38:18] DEBUG1: OPENSSLDIR: "/usr/local/etc/openssl@1.1" [2020-10-22T00:38:18] DEBUG1: connecting to server [2020-10-22T00:38:18] DEBUG2: connecting secure socket [2020-10-22T00:38:18] DEBUG2: want to read, error=2, attempt=1 [2020-10-22T00:38:18] DEBUG2: retry connect secure socket [2020-10-22T00:38:18] DEBUG2: connecting secure socket [2020-10-22T00:38:18] ERROR: ssl error occurred (generic failure) [2020-10-22T00:38:18] ERROR: error:1408F10B:SSL routines:ssl3_get_record:wrong version number [2020-10-22T00:38:18] ERROR: failed to connect secure socket ... **Desktop and App versions:** - OS: Server=Windows 10 Pro, Client=macOS Catalina v 10.15.7 - Barrier version 2.3.3 **Additional context** I have already tried the following: - disabling "enable ssl" option on both the Windows and PC app

gitea-mirror commented 2026-05-05 07:00:53 -06:00

Author

Owner

Copy link

@schigum commented on GitHub (Oct 26, 2020):

I can confirm this issue on Manjaro. (Host and Client)
It was still working last week. Neither barrier nor openssl have been updated since, don`t know what else to look for.
For me its openssl version: OpenSSL 1.1.1h 22 Sep 2020
Happens at least with these two linux kernels: 5.8.16-2 and 5.9.1-1.

[2020-10-26T13:15:13] NOTE: started client
[2020-10-26T13:15:13] NOTE: connecting to 'schigum-pc': 192.168.0.10:24800
[2020-10-26T13:15:13] DEBUG: Opening new socket: 976F9640
[2020-10-26T13:15:13] INFO: OpenSSL 1.1.1h  22 Sep 2020
[2020-10-26T13:15:13] DEBUG1: openSSL : compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -Wa,--noexecstack -D_FORTIFY_SOURCE=2 -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -Wl,-O1,--sort-common,--as-needed,-z,relro,-z,now -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DNDEBUG -D_FORTIFY_SOURCE=2
[2020-10-26T13:15:13] DEBUG1: openSSL : built on: Tue Sep 22 14:59:44 2020 UTC
[2020-10-26T13:15:13] DEBUG1: openSSL : platform: linux-x86_64
[2020-10-26T13:15:13] DEBUG1: OPENSSLDIR: "/etc/ssl"
[2020-10-26T13:15:13] DEBUG1: connecting to server
[2020-10-26T13:15:13] DEBUG1: registered event type secureConnected as 10
[2020-10-26T13:15:13] DEBUG1: registered event type connectionFailed as 11
[2020-10-26T13:15:13] DEBUG1: registered event type connected as 12
[2020-10-26T13:15:13] DEBUG: event queue is ready
[2020-10-26T13:15:13] DEBUG2: connecting secure socket
[2020-10-26T13:15:13] DEBUG2: want to read, error=2, attempt=1
[2020-10-26T13:15:13] DEBUG2: retry connect secure socket
[2020-10-26T13:15:13] DEBUG2: connecting secure socket
[2020-10-26T13:15:13] ERROR: ssl error occurred (generic failure)
[2020-10-26T13:15:13] ERROR: error:1408F10B:SSL routines:ssl3_get_record:wrong version number
[2020-10-26T13:15:13] DEBUG1: registered event type stopRetry as 13
[2020-10-26T13:15:13] DEBUG1: registered event type disconnected as 14
[2020-10-26T13:15:13] DEBUG1: registered event type inputShutdown as 15
[2020-10-26T13:15:13] ERROR: failed to connect secure socket
[2020-10-26T13:15:13] DEBUG1: registered event type inputReady as 16
[2020-10-26T13:15:28] DEBUG1: registered event type outputError as 17
[2020-10-26T13:15:28] DEBUG1: registered event type outputShutdown as 18
[2020-10-26T13:15:28] DEBUG: Closing socket: 976F9640
[2020-10-26T13:15:28] DEBUG1: connection timed out
[2020-10-26T13:15:28] WARNING: failed to connect to server: Timed out
[2020-10-26T13:15:28] DEBUG: retry in 1 seconds

<!-- gh-comment-id:716510628 --> @schigum commented on GitHub (Oct 26, 2020): I can confirm this issue on Manjaro. (Host and Client) It was still working last week. Neither barrier nor openssl have been updated since, don`t know what else to look for. For me its openssl version: OpenSSL 1.1.1h 22 Sep 2020 Happens at least with these two linux kernels: 5.8.16-2 and 5.9.1-1. ``` [2020-10-26T13:15:13] NOTE: started client [2020-10-26T13:15:13] NOTE: connecting to 'schigum-pc': 192.168.0.10:24800 [2020-10-26T13:15:13] DEBUG: Opening new socket: 976F9640 [2020-10-26T13:15:13] INFO: OpenSSL 1.1.1h 22 Sep 2020 [2020-10-26T13:15:13] DEBUG1: openSSL : compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -Wa,--noexecstack -D_FORTIFY_SOURCE=2 -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -Wl,-O1,--sort-common,--as-needed,-z,relro,-z,now -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DNDEBUG -D_FORTIFY_SOURCE=2 [2020-10-26T13:15:13] DEBUG1: openSSL : built on: Tue Sep 22 14:59:44 2020 UTC [2020-10-26T13:15:13] DEBUG1: openSSL : platform: linux-x86_64 [2020-10-26T13:15:13] DEBUG1: OPENSSLDIR: "/etc/ssl" [2020-10-26T13:15:13] DEBUG1: connecting to server [2020-10-26T13:15:13] DEBUG1: registered event type secureConnected as 10 [2020-10-26T13:15:13] DEBUG1: registered event type connectionFailed as 11 [2020-10-26T13:15:13] DEBUG1: registered event type connected as 12 [2020-10-26T13:15:13] DEBUG: event queue is ready [2020-10-26T13:15:13] DEBUG2: connecting secure socket [2020-10-26T13:15:13] DEBUG2: want to read, error=2, attempt=1 [2020-10-26T13:15:13] DEBUG2: retry connect secure socket [2020-10-26T13:15:13] DEBUG2: connecting secure socket [2020-10-26T13:15:13] ERROR: ssl error occurred (generic failure) [2020-10-26T13:15:13] ERROR: error:1408F10B:SSL routines:ssl3_get_record:wrong version number [2020-10-26T13:15:13] DEBUG1: registered event type stopRetry as 13 [2020-10-26T13:15:13] DEBUG1: registered event type disconnected as 14 [2020-10-26T13:15:13] DEBUG1: registered event type inputShutdown as 15 [2020-10-26T13:15:13] ERROR: failed to connect secure socket [2020-10-26T13:15:13] DEBUG1: registered event type inputReady as 16 [2020-10-26T13:15:28] DEBUG1: registered event type outputError as 17 [2020-10-26T13:15:28] DEBUG1: registered event type outputShutdown as 18 [2020-10-26T13:15:28] DEBUG: Closing socket: 976F9640 [2020-10-26T13:15:28] DEBUG1: connection timed out [2020-10-26T13:15:28] WARNING: failed to connect to server: Timed out [2020-10-26T13:15:28] DEBUG: retry in 1 seconds ```

gitea-mirror commented 2026-05-05 07:00:56 -06:00

Author

Owner

Copy link

@schigum commented on GitHub (Oct 30, 2020):

As it is so often the case, if the system hasn't changed, the user must be at fault...
I did not start the server with the --enable-crypto option. (Because I changed the way I start the service)
After adding the option again, everything is back to normal.

<!-- gh-comment-id:719483169 --> @schigum commented on GitHub (Oct 30, 2020): As it is so often the case, if the system hasn't changed, the user must be at fault... I did not start the server with the --enable-crypto option. (Because I changed the way I start the service) After adding the option again, everything is back to normal.

gitea-mirror commented 2026-05-05 07:00:58 -06:00

Author

Owner

Copy link

@subins2000 commented on GitHub (Jul 23, 2021):

Can confirm that starting with --enable-crypto works.

<!-- gh-comment-id:885509036 --> @subins2000 commented on GitHub (Jul 23, 2021): Can confirm that starting with `--enable-crypto` works.

gitea-mirror referenced this issue 2026-05-05 07:59:35 -06:00

[PR #738] [MERGED] Revert "Make connection message a NOTE for consistency" #1693

gitea-mirror referenced this issue 2026-05-05 07:59:41 -06:00

[PR #739] [MERGED] GUI status log comments #1695

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

enhancement/builds/windows-multi-versions-build

martin-furter-barrier-term

enhancement/builds/macos-universal

enhancement/builds/macos-universal-qt6-test

2.3.x

fix/lang-translation/ssl-slash-tls

feature/build/compile/32-bit

feature/build/compile/armv7

testing-framework

README-update

remotes/fork/README-update

remotes/fork/smartzeroconf

smartzeroconf

pages-devel

remotes/fork/pages-devel

pkgconfig

remotes/fork/pkgconfig

release

remotes/fork/release

v2.4.0

v2.3.4

v2.3.3

1.11.0-stable

v1.11.0-rc2

v2.3.2

v1.10.3-stable

v2.3.2-alpha

v2.3.1

v2.3.0

v1.10.2-stable

v1.10.2-rc1

v1.10.2-rc2

v2.1.2

v2.0.8-beta

v2.0.7-beta

v2.0.4-beta

v2.0.3-beta

v2.1.1

v2.1.0

v1.9.1-stable

v2.0.0

v1.9.0-stable

v2.0.0-RC2

v2.0.0-RC1

v2.0.0-stable

v1.8.8-stable

v1.8.7-stable

v1.8.6-stable

v1.8.5-stable

v1.8.4-stable

v1.8.3-stable

v1.8.1-stable

v1.8.0-beta

v1.7.3-stable

v1.7.2-stable

v1.7.1-stable

1.7.0

1.6.3-final

1.6.2

1.6.1

1.6.0

Labels

Clear labels   

HiDPI

  

bounty

  

bsd/freebsd

  

bsd/openbsd

  

bug

  

bug

  

build-infra

  

cantfix

  

critical

  

doc

  

duplicate

  

enhancement

  

fix-available

  

from git

  

from release

  

good first issue

  

help wanted

  

installer/package

  

invalid

  

linux

  

macOS

  

meta

  

needs testing

  

pull-request

Mirrored from GitHub Pull Request

  

query

  

question

  

regression

  

regression

  

v2.4.0

  

windows

  

wontfix

  

work-in-progress

No labels

HiDPI

bounty

bsd/freebsd

bsd/openbsd

bug

bug

build-infra

cantfix

critical

doc

duplicate

enhancement

fix-available

from git

from release

good first issue

help wanted

installer/package

invalid

linux

macOS

meta

needs testing

pull-request

query

question

regression

regression

v2.4.0

windows

wontfix

work-in-progress

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/barrier#738

No description provided.