Windows Client Broken

windows
nc13

#1

The Windows client is broken on my system. Through testing I have determined that the issue is not server related. I have tried to connect to multiple nextcloud servers but I get the same timeout error for all of them. Last month I had the client break spontaneously on me and I managed to get it working again by doing a Windows System Restore. It worked for two weeks and then recently broke again with the same issue. According to the logs the client times out when trying to check the status.php page of the nextcloud server. From my web browser I can navigate to https://nextcloud.whatever.com/status.php just fine and see the information of my server. All my other computer clients work just fine.

Here are the logs from the client: https://pastebin.com/HfeRnSUr
Wireshark Packet Capture: https://packettotal.com/app/analysis?id=57653a9c2eca97eeec6130cc4fd13376

I have tried uninstalling the client and reinstalling it but that did not fix the issue. I even tried installing the latest version of the Owncloud client but that had the same issue, even when trying to connect to official owncloud servers.

Further Details:
Operating System: Windows 10 Pro Build 1709
Nextcloud Client: 2.3.3 Build 1
Security Software: I don’t have any 3rd party antivirus or security software installed that could be blocking the program. The Windows Firewall does not restrict outbound traffic.


#2

Similar problem here.
It looks like the 2.3.3.1 client is not working well with the last 13. updates.

Uploads start/stop and are very slow. (Both LAN & WAN)
Up to 13.0.1 everything works great at fullspeed.
The actual Android client is working well without any speedproblems, so it looks like a problem with the WIndows client.

Tested on several W10 machines, from longtime running system to fresh install.


#3

I initially thought it was the server update that caused the problem because I did the 13.0.2 update around the same time but I ruled that out since I can’t connect to any public Nextcloud servers. I even downloaded the latest version of Owncloud as well as the 2.3.3 version of Owncloud client and tried to connect to a variety of owncloud and nextcloud servers with the same issue. From my troubleshooting I’ve determined that the only time I am able to establish a connection is when a server allows connections over HTTP. HTTPS connections always time out. A System Restore fixed the problem for about two weeks, at which point I booted up the computer one day to find that I was disconnected and receiving the timeout messages again. I can connect just fine over HTTPS using my browser or with WebDAV. Did Microsoft make any changes via Windows Update that could have caused this? I verified that the thumbprint of my server’s SSL certificate, as displayed in my browser, matches the actual cert on my server so I don’t suspect any foul play. Perhaps it is a broken dependency.


#4

After 6 months of working around this issue I finally found the cause for the TLS timeouts. I discovered that another vendor’s software encountered a bug and was continuously minting self signed certificates in my OS root store every few seconds. I cannot say how many certificates I had back when the issue first occurred but the oldest certificate was dated June 4th and shortly after that date the Nextcloud client started timing out. This minting went on for months until the software was eventually removed. Those certificates remained in my root store for months until yesterday when I discovered them during an audit using the Sysinternals sigcheck tool (I had over 64,000 certificates!) Once I deleted all of the certificates from my root store the NC client started to work again.

I know that having a large amount of certificates in the root store is an uncommon situation, but for some reason all of my other software was able to operate except for the Nextcloud client. I was unable to test the behavior of the NC 2.5 client since I was not aware of it’s release until after yesterday’s fix.

If you have a similar issue it would not hurt to try doing an audit of your certificate store for 3rd party certificates not provided by Microsoft. You can get the sigcheck utility here: https://docs.microsoft.com/en-us/sysinternals/downloads/sigcheck and the command I was running was:

sigcheck.exe -tv

#5

hey notsponsible

thanks for not giving up on this problem and even more thanks that you provided us here on the foruzm with that very special solution!
that’s what i like about the OS-community… they try to be of help. even after months. yay.
and a triple hiphip - hoorraaaay for you! - user of the day!

thanks
jimmy