From nobody Thu Jun 29 14:41:51 2023
X-Original-To: freebsd-virtualization@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QsLmB4rZlz4jx3s;
	Thu, 29 Jun 2023 14:43:22 +0000 (UTC)
	(envelope-from mad@madpilot.net)
Received: from mail.madpilot.net (vogon.madpilot.net [159.69.1.99])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4QsLmB3WHzz3nxf;
	Thu, 29 Jun 2023 14:43:22 +0000 (UTC)
	(envelope-from mad@madpilot.net)
Authentication-Results: mx1.freebsd.org;
	none
Received: from mail (mail [IPv6:fd5c:5351:d272::3])
	by mail.madpilot.net (Postfix) with ESMTP id 4QsLlY0x3Tz6fPf;
	Thu, 29 Jun 2023 16:42:49 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=madpilot.net; h=
	content-transfer-encoding:content-type:content-type:in-reply-to
	:from:from:references:content-language:subject:subject:date:date
	:message-id:received; s=bjowvop61wgh; t=1688049706; x=
	1689864107; bh=NvFUg09a3HnzSKUWQ65K87MT0nEUHQjsGZPEUhJrsMU=; b=w
	6Aj2sXdoYuPtfYkBhlt6Q/zNqa+CHVxtPwdX8fpKKk0E7bsduaoPIrzZuOn34BBR
	gS0FSdfUgv46/qAPYcwFuuOaN/kAdYI5Ds1kE9NXsH7yX+U1I2+pihoYbciyggv+
	617kZYi2AgzqgMosf/N9RQY4MPvUliRcbpi3qFOAIP0brquhiwN0ZdFONqvOcHGS
	Fo7GjzBTC5sirvhEBcNoUZytYb5MX9MB7TSVQ4Kzi2dXjFr8LU7ChUkLiiD+zSyq
	Yx5+CL+aNPuQFWWdn2aI7+Z+hqIEjJNhC4eNGjo4QRbMvxLhk9nWTM0vla+oDWGB
	npcQEQ9vkOQ7yy4THGLJA==
Received: from mail.madpilot.net ([IPv6:fd5c:5351:d272::3])
	by mail (mail.madpilot.net [IPv6:fd5c:5351:d272::3]) (amavisd-new, port 10026)
	with ESMTP id dgta9-W3g6Wf; Thu, 29 Jun 2023 16:41:46 +0200 (CEST)
Message-ID: <ded9c3b0-0a26-24aa-131f-d06632a9922f@madpilot.net>
Date: Thu, 29 Jun 2023 16:41:51 +0200
Subject: Re: CURRENT: bhyve: xfreerdp doesn't support OpenSSL 3 yet.
 Alternatives?
Content-Language: en-US
To: FreeBSD User <freebsd@walstatt-de.de>,
 freebsd-virtualization@freebsd.org,
 FreeBSD CURRENT <freebsd-current@freebsd.org>
References: <20230629163533.4d430fed@thor.intern.walstatt.dynvpn.de>
From: Guido Falsi <mad@madpilot.net>
In-Reply-To: <20230629163533.4d430fed@thor.intern.walstatt.dynvpn.de>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Rspamd-Queue-Id: 4QsLmB3WHzz3nxf
X-Spamd-Bar: ----
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[];
	ASN(0.00)[asn:24940, ipnet:159.69.0.0/16, country:DE]
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated
X-ThisMailContainsUnwantedMimeParts: N
List-Id: Discussion <freebsd-virtualization.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-virtualization
List-Help: <mailto:virtualization+help@freebsd.org>
List-Post: <mailto:virtualization@freebsd.org>
List-Subscribe: <mailto:virtualization+subscribe@freebsd.org>
List-Unsubscribe: <mailto:virtualization+unsubscribe@freebsd.org>
Sender: owner-freebsd-virtualization@freebsd.org
X-BeenThere: freebsd-virtualization@freebsd.org

On 29/06/23 16:35, FreeBSD User wrote:
> Hello,
> 
> running a recent CURRENT, 14.0-CURRENT #10 main-n263871-fd774e065c5d: Thu Jun 29 05:26:55 CEST
> 2023 amd64, xfreerdp (net/freerdp) doesn't working anymore on Windows 10 guest in bhyve. It
> seems OpenSSL 3 is the culprit (see the error message from xfreerdp below). I opened already a
> PR (see: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=272281). In a very quick response I
> was informed that recent FreeRDP doesn't support OpenSSL 3 yes
> (https://github.com/FreeRDP/FreeRDP/pull/8920).
> 
> Checking for HowTo's setting up bhyve guests, I dodn't realise any setting for alternatives to
> RDP. As I do not fully understand how bhyve passes through its guest's framebuffer device/ or
> native GUI, I'm a bit helpless in searching for another solution to contact the Windows10
> guest from the X11 desktop of the hosts.
> 
> Trying remmina turns out to be a fail, because in our installation libsoup2 and libsoup3 are
> installed both and remmina complains about having both symbols, also I realised remmina seems
> to utilize net/freerdb as the RDP backend.
> 
> Since I have no clue how to install "blindly" a VNCserver within the Windows10 guest, I
> presume VNC is not an option in any way.
> 
> Is there any way to access the bhyve guest's native graphical interface? As in the PR shown
> above already documented (setup taken from the FreeBSD Wiki/bhyve), a framebuffer is already
> configured.
> 
> It would be nice if someone could give a hint.
> 

I had the same issue, with Windows 10 pro hosts, but the fault is in 
windows, which, by default, tries to negotiate an ancient protocol (NTLM 
using RC4 if I understand correctly).

With modern windows RDP servers there are better protocols available, 
you can get them in remmina by forcing "TLS protocolo security" in the 
advanced tab, security protocol negotiation (second row).

Doing this (after some experimentation with various options) solved the 
issue for me.

-- 
Guido Falsi <mad@madpilot.net>