Release: 2.0.4.37 (canary) 2019-12-12

2.0.4.37-2.0.4.37_canary_2019-12-12

  • Updated and improved TrayIcon’s for warning state, thanks @drwtsn32x
  • Fixed a selection issue for file restores, thanks @drwtsn32x
  • Updated build system and added tests, thanks @verhoek
  • Added support for Minio as an S3 backend option, thanks @verhoek
1 Like

Hello,

I have a little problem. I don’t think that existed with 2.0.4.36 yet, but only with 2.0.4.37.

For a backup I have to specify the slash at the beginning and at the end; the connection test works with slash, without it it doesn’t work:

If I change and save the job, the slash disappears often or always. The backup fails, no connection to the backend.

I open the job, see that the slash is missing, go there and save the job. Now the backup works.

I change something in the settings of the job (but not in “Destination”!) and save the job. The backup does not work. I open the job, see that the slash is missing, put it there again, save, the job works.

Can somebody please check if the slash stays there at Sharepoint V2 jobs or is deleted when saving the job?

Best regards,
Oliver

I don’t have SharePoint, but 2.0.4.37, 2.0.4.36, and even 2.0.4.5 beta delete the leading but not trailing slash for me after I took “Destination path” of Desktop, added the slashes, and did Save and Edit again.

While I was slashing, I tested five before and after (likely invalid, but the focus was on editing behavior). Web UI Commandline and Export As Command-line showed the expected five after initial sharepoint://, whereas Edit Destination --> Destination path showed five after, but four before. Maybe one is stripped, however the removal of initial slash looks like very old behavior. Again, I can’t actually try SharePoint…

Maybe somebody with SharePoint can confirm the need for slashes, and if it’s new. I have no opinion… Meanwhile, maybe you can test again to verify what you were suspecting above, and open a new topic.

Maybe the space in the path is a problem? Anyway, as long as I don’t edit the job again, it works. I’ll report in 2020 with a new topic if I still have the problem then. Then I make a video (I can’t do that anymore in 2019).

Thank you very much for your experiments and have nice days. :slight_smile:

Hello!

Update from 2.0.4.34_canary_2019-11-05 version is not working.

System.Net.WebException: The remote name could not be resolved: 'alt.updates.duplicati.com'
   at System.Net.WebClient.DownloadFile(Uri address, String fileName)
   at Duplicati.Library.AutoUpdater.UpdaterManager.CheckForUpdate(ReleaseType channel

How i can fix it?

Thank you!

Although possibly it’s intermittent, or someone has already fixed the update server, it seems fine now:

C:\ProgramData\Duplicati\duplicati-2.0.4.34_canary_2019-11-05>Duplicati.Library.AutoUpdater.exe check
New version is available: 2.0.4.37_canary_2019-12-12

C:\ProgramData\Duplicati\duplicati-2.0.4.34_canary_2019-11-05>

Does the above or ping updates.duplicati.com work for you? You won’t be able to succeed with alt.updates.duplicati.com because it’s not in DNS, however it’s only even tried if the main server fails.

Ping works fine. Tracert updates.duplicati.com is also works fine. But ‘Duplicati.Library.AutoUpdater.exe check’ fails with unable to resolve alt.updates.duplicati.com. Is it possible to tune Duplicati.Library.AutoUpdater.exe check the updates on updates.duplicati.com only? In my situation, updates from GUI or command line are checked on alt.updates.duplicati.com, which is unable to resolve for some reasons.

Thank you!

The alt.updates.duplicati.com is a backup DNS name, and not active. You should only see it if the call to the main update site fails.

If you have curl or a similar tool, you can try this to see if you have connection issues:

curl -vvv https://updates.duplicati.com/canary/latest.manifest

Otherwise you can set the environment variable to choose a specific url:

AUTOUPDATER_Duplicati_URLS=https://updates.duplicati.com/canary/latest.manifest

C:\Users>curl -vvv https://updates.duplicati.com/canary/latest.manifest

  • Trying 46.101.178.195…
  • TCP_NODELAY set
  • Connected to updates.duplicati.com (46.101.178.195) port 443 (#0)
  • schannel: SSL/TLS connection with updates.duplicati.com port 443 (step 1/3)
  • schannel: checking server certificate revocation
  • schannel: sending initial handshake data: sending 186 bytes…
  • schannel: sent initial handshake data: sent 186 bytes
  • schannel: SSL/TLS connection with updates.duplicati.com port 443 (step 2/3)
  • schannel: failed to receive handshake, need more data
  • schannel: SSL/TLS connection with updates.duplicati.com port 443 (step 2/3)
  • schannel: encrypted data got 3530
  • schannel: encrypted data buffer: offset 3530 length 4096
  • schannel: sending next handshake data: sending 93 bytes…
  • schannel: SSL/TLS connection with updates.duplicati.com port 443 (step 2/3)
  • schannel: encrypted data got 51
  • schannel: encrypted data buffer: offset 51 length 4096
  • schannel: SSL/TLS handshake complete
  • schannel: SSL/TLS connection with updates.duplicati.com port 443 (step 3/3)
  • schannel: stored credential handle in session cache

GET /canary/latest.manifest HTTP/1.1
Host: updates.duplicati.com
User-Agent: curl/7.55.1
Accept: /

  • schannel: client wants to read 102400 bytes
  • schannel: encdata_buffer resized 103424
  • schannel: encrypted data buffer: offset 0 length 103424
  • schannel: encrypted data got 13864
  • schannel: encrypted data buffer: offset 13864 length 103424
  • schannel: decrypted data length: 4145
  • schannel: decrypted data added: 4145
  • schannel: decrypted data cached: offset 4145 length 102400
  • schannel: encrypted data length: 9690
  • schannel: encrypted data cached: offset 9690 length 103424
  • schannel: decrypted data length: 4096
  • schannel: decrypted data added: 4096
  • schannel: decrypted data cached: offset 8241 length 102400
  • schannel: encrypted data length: 5565
  • schannel: encrypted data cached: offset 5565 length 103424
  • schannel: decrypted data length: 4096
  • schannel: decrypted data added: 4096
  • schannel: decrypted data cached: offset 12337 length 102400
  • schannel: encrypted data length: 1440
  • schannel: encrypted data cached: offset 1440 length 103424
  • schannel: failed to decrypt data, need more data
  • schannel: schannel_recv cleanup
  • schannel: decrypted data returned 12337
  • schannel: decrypted data buffer: offset 0 length 102400
    < HTTP/1.1 200 OK
    < Server: nginx/1.17.5
    < Date: Tue, 24 Dec 2019 11:55:59 GMT
    < Content-Type: application/octet-stream
    < Content-Length: 57088
    < Connection: keep-alive
    < Last-Modified: Thu, 12 Dec 2019 12:00:07 GMT
    < Accept-Ranges: bytes
    < Expires: Wed, 25 Dec 2019 11:55:59 GMT
    < Cache-Control: public, max-age=86400
    < ETag: “D40y3wT2VXuWqq7xiO1htw”
    < Strict-Transport-Security: max-age=31536000
    <
    Warning: Binary output can mess up your terminal. Use “–output -” to tell
    Warning: curl to output it to your terminal anyway, or consider "–output
    Warning: " to save to a file.
  • Failed writing body (0 != 11949)
  • Closing connection 0
  • schannel: shutting down SSL/TLS connection with updates.duplicati.com port 443
  • schannel: clear security context handle

C:\Users>

Thank you!

With environment variable:

System.Net.WebException: Базовое соединение закрыто: Непредвиденная ошибка при передаче. —> System.IO.IOException: Не удается прочитать данные из транспортного соединения: Удаленный хост принудительно разорвал существующее подключение. —> System.Net.Sockets.SocketException: Удаленный хост принудительно разорвал существующее подключение

в System.Net.Sockets.NetworkStream.Read(Byte buffer, Int32 offset, Int32 size)

— Конец трассировки внутреннего стека исключений —

в System.Net.Sockets.NetworkStream.Read(Byte buffer, Int32 offset, Int32 size)

в System.Net.FixedSizeReader.ReadPacket(Byte buffer, Int32 offset, Int32 count)

в System.Net.Security.SslState.StartReceiveBlob(Byte buffer, AsyncProtocolRequest asyncRequest)

в System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)

в System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte buffer, AsyncProtocolRequest asyncRequest)

в System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)

в System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)

в System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)

в System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)

в System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)

в System.Net.TlsStream.Write(Byte buffer, Int32 offset, Int32 size)

в System.Net.ConnectStream.WriteHeaders(Boolean async)

— Конец трассировки внутреннего стека исключений —

в System.Net.WebClient.DownloadFile(Uri address, String fileName)

в Duplicati.Library.AutoUpdater.UpdaterManager.CheckForUpdate(ReleaseType channel)

Sorry for russian log file.

Thank you!

Sorry for bothering you. Ip address updates.duplicati.com [46.101.178.195] was banned in our country.

Thank you!

That IP belongs to Digital Ocean and only hosts the Duplicati update server.

Any chance it will be un-banned or is the entire Digital Ocean space banned? Is Amazon S3 banned as well?

Edit: the curl command returns the correct output. Are you sure it is banned?

46.101.128.0 - 46.101.255.255 - all this are banned :frowning: And i don’t know how long it will be banned.

I need some ip’s to check if it is banned or not. Some hosts from Amazon S3 are works well.

Yes, it is banned :frowning: Unfortunately, I do not know how the provider does it.
Using a proxy server from another country solves the problem and updates begin to work. Unfortunately, these proxies do not work stably :frowning:

Thank you!

You can always install updates manually by downloading the latest version from github. That’s usually what I do anyway, even though the autoupdate mechanism works for me.

Specifics are scarce, but the general direction is towards deep packet inspection rather than IP blocking which proved insufficient. As an interesting note on timing, December 23, the day of Duplicati’s reported update issue, was the day their Internet experiments began, probably including some newer techniques, some of which were possibly left in place. I don’t know what the last time was that update check worked.

I’m not sure what to make of the incomplete curl result. Actually getting an output file written might have been nice. An ordinary web browser should also be able to download the file. If not, there’s the problem.

I can download the file, but with a help of Browsec in my browser. Unfortunately, i cannot tune Duplicati to use Browsec.

Thank you!

It looks completely fine to me. curl will not output binary content to the console, as it might trash it when trying to interpret the binary data as console control codes.

The update server only serves over SSL (https) so deep packet inspection is not possible here. The only thing you can extract is the hostname (via the SNI header, pre-encryption), but blocking updates.duplicati.com seems like a random thing to do IMO.

That looks like a whole range of Digital Ocean IP’s, so likely no going to be unblocked easily.

If you can get the response from curl but not from Duplicati, it looks more like a local application-level firewall. I am considering putting up another mirror, but if we do not know exactly what goes wrong, it is not likely that it will be fixed.

C:\Users>curl -vvv https://updates.duplicati.com/canary/latest.manifest

  • Trying 46.101.178.195…
  • TCP_NODELAY set
  • Connected to updates.duplicati.com (46.101.178.195) port 443 (#0)
  • schannel: SSL/TLS connection with updates.duplicati.com port 443 (step 1/3)
  • schannel: checking server certificate revocation
  • schannel: sending initial handshake data: sending 186 bytes…
  • schannel: sent initial handshake data: sent 186 bytes
  • schannel: SSL/TLS connection with updates.duplicati.com port 443 (step 2/3)
  • schannel: failed to receive handshake, need more data
  • schannel: SSL/TLS connection with updates.duplicati.com port 443 (step 2/3)
  • schannel: failed to receive handshake, SSL/TLS connection failed
  • Closing connection 0
  • schannel: shutting down SSL/TLS connection with updates.duplicati.com port 443
  • Send failure: Connection was reset
  • schannel: failed to send close msg: Failed sending data to the peer (bytes written: -1)
  • schannel: clear security context handle
    curl: (35) schannel: failed to receive handshake, SSL/TLS connection failed

Output from curl today :frowning: From different servers and different ISP.

I am completely sure that all Digital Ocean IP’s are blocked in our country in most ISP. Simple test with vpn or proxy confirms this.

Thank you!

What about the forum? If that works directly, I can set up a mirror in the same datacenter.

https://forum.duplicati.com and https://www.duplicati.com/ are work fine! :slight_smile: Without vpn or proxy.

Thank you!