ios
ios copied to clipboard
nextcloud
Nextcloud App BUG REPORT - Your input can't be opened. VLC is unable to open the MRL
### Original Post: #2563
Steps to reproduce
- Nextcloud is being hosted via Docker Container, using Cloudflare Tunneling, and behind Nginx Proxy Manager to export it out to the internet
- Play any video using the Nextcloud App that is not downloaded to your iPhone.
Expected behaviour
- Allows you to play any videos through the Nextcloud app without receiving any errors
Actual behaviour
- When you play any video on any IOS device. You get an error that says "Your input can't be opened. VLC is unable to open the MRL"
Screenshots
Logs
[internet_connection_check] Error: GuzzleHttp\Exception\ConnectException: cURL error 28: Connection timed out after 30000 milliseconds (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for http://www.nextcloud.com/ at <<closure>>
0. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Handler/CurlFactory.php line 158
GuzzleHttp\Handler\CurlFactory::createRejection("*** sensitive parameters replaced ***")
1. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Handler/CurlFactory.php line 110
GuzzleHttp\Handler\CurlFactory::finishError(["GuzzleHttp\\Handler\\CurlHandler"], "*** sensitive parameters replaced ***", ["GuzzleHttp\\Handler\\CurlFactory"])
2. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Handler/CurlHandler.php line 47
GuzzleHttp\Handler\CurlFactory::finish(["GuzzleHttp\\Handler\\CurlHandler"], "*** sensitive parameters replaced ***", ["GuzzleHttp\\Handler\\CurlFactory"])
3. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Middleware.php line 137
GuzzleHttp\Handler\CurlHandler->__invoke("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
4. /var/www/html/lib/private/Http/Client/DnsPinMiddleware.php line 154
GuzzleHttp\Middleware::GuzzleHttp\{closure}("*** sensitive parameters replaced ***")
5. /var/www/html/3rdparty/guzzlehttp/guzzle/src/PrepareBodyMiddleware.php line 35
OC\Http\Client\DnsPinMiddleware->OC\Http\Client\{closure}("*** sensitive parameters replaced ***")
6. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Middleware.php line 31
GuzzleHttp\PrepareBodyMiddleware->__invoke("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
7. /var/www/html/3rdparty/guzzlehttp/guzzle/src/RedirectMiddleware.php line 71
GuzzleHttp\Middleware::GuzzleHttp\{closure}("*** sensitive parameters replaced ***")
8. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Middleware.php line 63
GuzzleHttp\RedirectMiddleware->__invoke("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
9. /var/www/html/3rdparty/guzzlehttp/guzzle/src/HandlerStack.php line 75
GuzzleHttp\Middleware::GuzzleHttp\{closure}("*** sensitive parameters replaced ***")
10. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Client.php line 331
GuzzleHttp\HandlerStack->__invoke("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
11. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Client.php line 168
GuzzleHttp\Client->transfer("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
12. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Client.php line 187
GuzzleHttp\Client->requestAsync("*** sensitive parameters replaced ***")
13. /var/www/html/lib/private/Http/Client/Client.php line 230
GuzzleHttp\Client->request("*** sensitive parameters replaced ***", "http://www.nextcloud.com/", ["/var/www/html/ ... e])
14. /var/www/html/apps/settings/lib/Controller/CheckSetupController.php line 224
OC\Http\Client\Client->get("http://www.nextcloud.com/")
15. /var/www/html/apps/settings/lib/Controller/CheckSetupController.php line 206
OCA\Settings\Controller\CheckSetupController->isSiteReachable("www.nextcloud.com")
16. /var/www/html/apps/settings/lib/Controller/CheckSetupController.php line 921
OCA\Settings\Controller\CheckSetupController->hasInternetConnectivityProblems()
17. /var/www/html/lib/private/AppFramework/Http/Dispatcher.php line 230
OCA\Settings\Controller\CheckSetupController->check()
18. /var/www/html/lib/private/AppFramework/Http/Dispatcher.php line 137
OC\AppFramework\Http\Dispatcher->executeController(["OCA\\Settings\ ... "], "check")
19. /var/www/html/lib/private/AppFramework/App.php line 183
OC\AppFramework\Http\Dispatcher->dispatch(["OCA\\Settings\ ... "], "check")
20. /var/www/html/lib/private/Route/Router.php line 315
OC\AppFramework\App::main("OCA\\Settings\\ ... r", "check", ["OC\\AppFramewo ... "], ["settings.CheckSetup.check"])
21. /var/www/html/lib/base.php line 1068
OC\Route\Router->match("/settings/ajax/checksetup")
22. /var/www/html/index.php line 36
OC::handleRequest()
GET /settings/ajax/checksetup
from PUBLIC IP ADDRESS by daviscoleclark at 2023-11-06T23:55:21+00:00
Reasoning or why should it be changed/implemented?
Environment data
iOS version:
- iOS 17.1
Nextcloud iOS app version: see More > Settings
- Nextcloud Liquid for iOS 4.9.1.0
Server operating system:
- Unraid
Web server:
- Ngnix
Database:
- MariaDB - MySQL v10.11.5
PHP version:
- 8.2.12
Nextcloud version:
- 27.1.3
IMPORTANT UPDATE AS OF DECEMBER 24, 2023 ABOUT THIS ISSUE
FIX
- According to @Nikki1993's, @evsrt's, and including a Reddit post that I posted about a month and a half ago. Nextcloud's video player in the Nextcloud app doesn't support TLS 1.3, only 1.2. In my Cloudflare Account, I was forcing TLS 1.3 but I did downgrade it to TLS 1.2 which did solve the issue!
I'm keeping this issue open for a couple of more weeks just in case if anyone has any questions, issues, or suggestions.
Thank you everyone for sharing your logs, devices you have used, and your configuration of Nextcloud Instance that you are using. Hopefully, Nextcloud will be able to fix this issue in the coming months
Same for me...
But the problem has worsened. Now I'm not able to view media within my priv network and from remote...
Using NPM.
Client and Server are up to date. (22.11.23)
Log:
2023-11-22 22:57:07 [INFO] Clear log with level 1 Nextcloud Liquid for iOS 4.9.1.0 © 2023 2023-11-22 22:57:12 [INFO] Reload data source network files forced false 2023-11-22 22:57:12 Network request started: PROPFIND https://... 2023-11-22 22:57:13 Network request started: POST https://cloud... 2023-11-22 22:57:13 Network response request: https://cloud.m..., result: success(1786 bytes) 2023-11-22 22:57:14 Network response request: https://cloud..., result: success(194 bytes) 2023-11-22 22:57:15 [INFO] Reload data source network files forced false 2023-11-22 22:57:15 Network request started: PROPFIND https://.., 2023-11-22 22:57:16 Network response request: https://..., result: success(1786 bytes) 2023-11-22 22:57:16 [INFO] Reload data source network files forced false 2023-11-22 22:57:16 Network request started: PROPFIND https://cloud... 2023-11-22 22:57:17 Network response request: https://cloud... Sonstiges, result: success(1773 bytes)
I faced this problem and I managed to solve it in the following way.
- Enabled info for error.log
# logging in server context
access_log /var/log/nginx/access.log combined buffer=512k flush=1m;
error_log /var/log/nginx/error.log info;
- When trying to play the video, an error appeared in the log
2023/12/21 09:30:12 [info] 33343#33343: *2410 SSL_do_handshake() failed (SSL: error:0A000102:SSL routines::unsupported protocol) while SSL handshaking, client: CLIENT_IP, server: 0.0.0.0:443
2023/12/21 09:30:12 [info] 33343#33343: *2411 SSL_do_handshake() failed (SSL: error:0A000102:SSL routines::unsupported protocol) while SSL handshaking, client: CLIENT_IP, server: 0.0.0.0:443
2023/12/21 09:30:12 [info] 33343#33343: *2412 SSL_do_handshake() failed (SSL: error:0A000102:SSL routines::unsupported protocol) while SSL handshaking, client: CLIENT_IP, server: 0.0.0.0:443
- Included the following parameters in the nginx.conf in the http context
# Mozilla Intermediate configuration
# https://ssl-config.mozilla.org/#server=nginx
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
In conclusion, the error was that in my nginx.conf only TLSv.1.3 was enabled.
# comment this string
#ssl_protocols TLSv1.3;
I faced this problem and I managed to solve it in the following way.
- Enabled info for error.log
# logging in server context access_log /var/log/nginx/access.log combined buffer=512k flush=1m; error_log /var/log/nginx/error.log info;
- When trying to play the video, an error appeared in the log
2023/12/21 09:30:12 [info] 33343#33343: *2410 SSL_do_handshake() failed (SSL: error:0A000102:SSL routines::unsupported protocol) while SSL handshaking, client: CLIENT_IP, server: 0.0.0.0:443 2023/12/21 09:30:12 [info] 33343#33343: *2411 SSL_do_handshake() failed (SSL: error:0A000102:SSL routines::unsupported protocol) while SSL handshaking, client: CLIENT_IP, server: 0.0.0.0:443 2023/12/21 09:30:12 [info] 33343#33343: *2412 SSL_do_handshake() failed (SSL: error:0A000102:SSL routines::unsupported protocol) while SSL handshaking, client: CLIENT_IP, server: 0.0.0.0:443
- Included the following parameters in the nginx.conf in the http context
# Mozilla Intermediate configuration # https://ssl-config.mozilla.org/#server=nginx ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;In conclusion, the error was that in my nginx.conf only TLSv.1.3 was enabled.
# comment this string #ssl_protocols TLSv1.3;
hm doesn't work for me. I have both TLS 1.2 and 1.3, same ciphers (even 1 more). I don't see same error in error.log so far. I am using linuxserver setup if that at all relevant.
@DCCInterstellar I figured it out (at least for me). Courtesy of @evsrt I realized that while my NGINX config did accept 1.2 and 1.3 TLS, Cloudflare minimum was set to TLS 1.3. Setting TLS min to 1.2 fixed the issue for me entirely.
I just got a bit involved in a topic on the forum (https://help.nextcloud.com/t/ios-app-cant-play-mp4-from-smb-storage-browser-can/177307), and for my setup it works with nginx and TLSv1.3. But I don't use any additional proxy.
So as far as the current problems were analyzed and fixed, it is not related to the media player at all. Not sure why it only happens to the media player, and what cipher each part (NC app, media player, ...) supports.
IMPORTANT UPDATE AS OF DECEMBER 24, 2023 ABOUT THIS ISSUE
FIX
- According to @Nikki1993's, @evsrt's, and including a Reddit post that I posted about a month and a half ago. Nextcloud's video player in the Nextcloud app doesn't support TLS 1.3, only 1.2. In my Cloudflare Account, I was forcing TLS 1.3 but I did downgrade it to TLS 1.2 which did solve the issue!
I'm keeping this issue open for a couple of more weeks just in case if anyone has any questions, issues, or suggestions.
Thank you everyone for sharing your logs, devices you have used, and your configuration of Nextcloud Instance that you are using. Hopefully, Nextcloud will be able to fix this issue in the coming months
Wouldn't go as far as to claim Nextcloud in general doesn't support TLS 1.3, I've tested on Android with TLS 1.3 only and it does work, the issue seems to be only for iOS client and only with video player specifically so it could be a very specific bug with cloudflare tunnel + nginx + iOS combo.
I do agree and hope that Nextcloud team will be able take it from here.
Hello I’m on apache2, I’have test site only tls 1.3 and only tls 1.2 and nothing appened. It’s doesn’t work for me
Hello I’m on apache2, I’have test site only tls 1.3 and only tls 1.2 and nothing appened. It’s doesn’t work for me
As I mentioned, my nginx config with TLSv1.3 only, it works with the iOS app (in the linked forum topic, I shared the cipher selection that worked for me). And I don't use any proxies.
it could be a very specific bug with cloudflare tunnel + nginx + iOS combo
Yes, it seems like if an additonal reverse proxy is involved, the available SSL ciphers play a crucial role. The only thing the iOS client can do, is to check the current available ciphers, if they are up to date (perhaps cloudflare requires a different set of TLS 1.3 ciphers). Or between cloudflare and the Nextcloud server.