desktop
desktop copied to clipboard
mattermost
Desktop auto updater not working behind proxy with authentication
I confirm (by marking "x" in the [ ] below: [x]):
- [x] This is not a troubleshooting question. Troubleshooting questions go here: https://docs.mattermost.com/install/troubleshooting.html.
- [x] This doesn't reproduce on web browsers (such as in Chrome). If it does, issue reports go to the Mattermost Server repository.
- [x] I have read contributing guidelines.
Summary The auto updater does not use the proxy authentication cached credentials in the app and therefore fails to download the update binary.
Environment
- Operating System: Windows 11
- Mattermost Desktop App version: 5.1.0
- Mattermost Server version: master (independent of MM Server version)
Steps to reproduce Connect with MM desktop version 5.1.0 to the internet behind a proxy server without default route to the internet Authenticate in order to connect to internet facing chat servers Try to update to 5.1.1 using the auto update function
Expected behavior Cached proxy credentials are used
Observed behavior No authentication is being performed
MM Desktop Log:
[2022-06-29 16:41:38.590] [info] Downloading update from 5.1.1/mattermost-desktop-setup-5.1.1-win.exe [2022-06-29 16:41:38.592] [info] Download block maps (old: "https://releases.mattermost.com/desktop/5.1.0/mattermost-desktop-setup-5.1.0-win.exe.blockmap", new: https://releases.mattermost.com/desktop/5.1.1/mattermost-desktop-setup-5.1.1-win.exe.blockmap) [2022-06-29 16:42:02.784] [error] Cannot download differentially, fallback to full download: Error: net::ERR_ABORTED at SimpleURLLoaderWrapper.<anonymous> (node:electron/js2c/browser_init:101:7169) at SimpleURLLoaderWrapper.emit (node:events:390:28) [2022-06-29 16:42:02.787] [info] Log level set to: info [2022-06-29 16:42:02.792] [info] Log level set to: info [2022-06-29 16:42:02.805] [info] config.autostart has been configured: true [2022-06-29 16:42:02.806] [info] config.autostart has been configured: true [2022-06-29 16:42:02.920] [error] Error: Error: net::ERR_ABORTED at SimpleURLLoaderWrapper.<anonymous> (node:electron/js2c/browser_init:101:7169) at SimpleURLLoaderWrapper.emit (node:events:390:28) [2022-06-29 16:42:02.920] [error] [Mattermost] There was an error while trying to update: Error: net::ERR_ABORTED [2022-06-29 16:42:03.163] [error] Error parsing server data from https://community.mattermost.com//api/v4/config/client?format=old [2022-06-29 16:42:03.180] [error] Error parsing server data from https://community.mattermost.com//api/v4/config/client?format=old
Proxy logs of chat and update:
2022-06-29T16:30:21+02:00 REDACTED squid[1260]: 1887 REDACTED 59364 TCP_TUNNEL/200 1699 CONNECT community.mattermost.com:443 timo HIER_DIRECT/104.18.12.157 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Mattermost/5.1.0 Chrome/100.0.4896.75 Electron/18.0.3 Safari/537.36" 2022-06-29T16:42:02+02:00 REDACTED squid[1260]: 0 REDACTED 59619 TCP_DENIED/407 4235 CONNECT releases.mattermost.com:443 - HIER_NONE/- text/html "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Mattermost/5.1.0 Chrome/100.0.4896.75 Electron/18.0.3 Safari/537.36"
Possible fixes
@timo-d-e Can you show me how you're logging into your MM server in the first place? Is there a web proxy that you have to go through that requires an HTML page to log in?
I don't think the auto-updater would support using the existing cookie, since it doesn't make use of the default session as far as I know. I could be wrong though.
Hi @devinbinnie,
it is a web proxy that is configured as a systemwide proxy that utilizes username/password auth (local accounts on the proxy, no ldap/saml/sso/ad)
Thanks @timo-d-e. I can look into this and get back to you on whether this is feasible to fix.
@timo-d-e So it's not looking like we'll be able to pop a dialog like we do for the servers, since electron-updater doesn't send the login event that would normally popup when hitting the proxy.
What might work for you is described here: https://github.com/electron-userland/electron-builder/issues/6286
It looks like the updater would accept an environment variable of either HTTP_PROXY or HTTPS_PROXY that should allow you to specify the proxy you want to use. Unfortunately you would need to store your basic auth credentials if you wanted to automate this, but that seems to be the best solution at this time.