Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Load symbols from cluster fails when behind a TLS intercepting proxy #119

Closed
pearj opened this issue Dec 5, 2023 · 17 comments
Closed

Load symbols from cluster fails when behind a TLS intercepting proxy #119

pearj opened this issue Dec 5, 2023 · 17 comments
Labels
bug Something isn't working help wanted Contribution requested

Comments

@pearj
Copy link

pearj commented Dec 5, 2023

When trying to load symbols from a cluster I get the following error:

/home/pearj/.vscode-server/extensions/rosshamish.kuskus-kusto-language-server-1.0.35/server/node_modules/azure-kusto-data/dist-esm/src/client.js:226
            const clientTimeout = properties.getClientTimeout();
                                             ^

TypeError: properties.getClientTimeout is not a function
    at KustoClient._getClientTimeout (/home/pearj/.vscode-server/extensions/rosshamish.kuskus-kusto-language-server-1.0.35/server/node_modules/azure-kusto-data/dist-esm/src/client.js:226:46)
    at KustoClient._execute (/home/pearj/.vscode-server/extensions/rosshamish.kuskus-kusto-language-server-1.0.35/server/node_modules/azure-kusto-data/dist-esm/src/client.js:113:30)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)

Node.js v18.15.0
[Info  - 12:34:35 PM] Connection to server got closed. Server will restart.

Any idea what is causing this? I'm running vscode 1.84.2 inside WSL2
@rosshamish rosshamish added bug Something isn't working help wanted Contribution requested labels Dec 6, 2023
@rosshamish
Copy link
Owner

Could you try downgrading your kusto language server extension to 1.0.34 and see if you get the same issue? There was a version bump in the azure-kusto-data package recently which I'm guessing is the issue.

Aside - I'm not maintaining this repo much anymore. If you're interested to look into a fix, contributions are very welcome. There's some dev workflow instructions in kusto-language-server/README.md

@pearj
Copy link
Author

pearj commented Dec 15, 2023

Thanks for the quick reply.

Yes downgrading to 1.0.34 did help, interestingly the latest version 1.0.37 fails in a different way, it gets a 400 error with Axios.

I don't use Kusto that much, so I was more curious to see this working.

If I feel inspired I may have a go at fixing it myself

@rosshamish rosshamish mentioned this issue Apr 29, 2024
Merged
rosshamish added a commit that referenced this issue Apr 29, 2024
@rosshamish
Update vscode-languageclient, vscode-languageserverk open, clipboardy (
c792f56 
…#148)

Update language server and language client to 7.*

With the update, we get some benefits:
- Fix load symbols (fixes bug #119) 
- Add support for load symbols on public clusters that need MSA account logins (rather than AAD/Entra account login)
- Fix load symbols on remote connections which dont support clipboard writes
- Update default load symbols params to be the public sample cluster

Also:
- Add steps for manual testing the 5 basic scenarios in kusto-language-server/README.md (activate extension, format document, load symbols, autocomplete, hover info)
- Update `open` and `clipboardy` to the newest non-ESM versions (vs code does NOT support ESM-only modules, ref: microsoft/vscode#130367)
@rosshamish
Copy link
Owner

rosshamish commented Apr 29, 2024
edited

@pearj - I just merged a speculative fix for this in #148 and released it as v2.0.3 https://marketplace.visualstudio.com/items?itemName=rosshamish.kuskus-kusto-language-server

If you're still using this, consider updating the extension and letting me know if the fix is good on your end. If you still see issues, let me know and I'll re-open. Thanks.

@rosshamish
Copy link
Owner

rosshamish commented Apr 29, 2024
edited

Unable to verify this fix in the published v2.0.3 due to #74
[Edit: speculative fix for #74 is released in v2.0.4]

@rosshamish rosshamish reopened this Apr 29, 2024
@rosshamish
Copy link
Owner

Fixed in 2.0.5

@pearj
Copy link
Author

pearj commented Apr 30, 2024
edited

I tried v3.1.0 but loading symbols from the cluster fails to authenticate. Curiously I can't even find the language server output, maybe it hasn't initialised properly? It does say "Kuskus loaded!" though...

It just fails with:

[Kuskus] Failed to authenticate to https://help.kusto.windows.net//SampleLogs

@rosshamish
Copy link
Owner

Huh, is that after logging in with a regular microsoft account? Does it offer you a login page?

@rosshamish rosshamish reopened this Apr 30, 2024
@pearj
Copy link
Author

pearj commented Apr 30, 2024

It doesn't offer a login page, it just dies straight away with and without a tenant id.

@rosshamish
Copy link
Owner

rosshamish commented Apr 30, 2024
edited

Do you get anything relevant-looking in Output for Extension Host ?

Also, is this on Windows, or Mac? Or any sort of browser app (e.g. github codespace) or other VM/virtualized type situation?

@pearj
Copy link
Author

pearj commented Apr 30, 2024

It only mentions this:

2024-04-30 15:00:12.636 [info] ExtensionService#_doActivateExtension rosshamish.kuskus-kusto-language-server, startup: false, activationEvent: 'onLanguage:kusto'

But that only happens when vscode launches, it doesn't log when the error happens.

image

@rosshamish
Copy link
Owner

Strange, I can't repro. I added error messages to that notification in #156 , it's releasing with https://github.com/rosshamish/kuskus/actions/runs/8889921549/job/24409058542 as v3.1.1. Could you update and reply back with the error message you get?

@pearj
Copy link
Author

pearj commented Apr 30, 2024 

[Kuskus] Failed to authenticate to https://help.kusto.windows.net//SampleLogs with error Failed to get cloud info for cluster https://help.kusto.windows.net - AxiosError: Request failed with status code 400

@rosshamish
Copy link
Owner

rosshamish commented Apr 30, 2024
edited

Are you able to access that cluster normally from a web browser on that machine? https://dataexplorer.azure.com/clusters/help/databases/SampleLogs

@pearj
Copy link
Author

pearj commented Apr 30, 2024

Yeah that works fine.

I am behind a corporate proxy with TLS inspection, so maybe that's interfering somehow.

I have tried opening up the extension in development mode, but I haven't had any luck getting a breakpoint to trigger when I run the extension.

@rosshamish
Copy link
Owner

Ah yeah that must be involved. I tried setting some breakpoints now too and am also not having any luck. I do see that source maps are enabled in the tsconfig.json, and i do see them in the out/ dir ... maybe they're not getting picked up properly?

@pearj
Copy link
Author

pearj commented Apr 30, 2024

I managed to get break points working, and I put one at server/node_modules/azure-kusto-data/dist-esm/src/cloudSettings.js:69. It's dying trying to do a get of: https://help.kusto.windows.net/v1/rest/auth/metadata

It's getting a bad gateway, but in the browser and via curl it's fine. It's really weird, the response body looks like a proxy error message.

I switched to an alternate proxy and gets past the above issue, then it dies a bit later on with a generic network error.

After following different breakpoints for far too long, I eventually uncovered the real error:

RestError: self-signed certificate in certificate chain
    at ClientRequest.<anonymous> (/home/pearj/dev/kuskus/kusto-language-server/server/node_modules/@azure/core-rest-pipeline/dist/commonjs/nodeHttpClient.js:187:24)
    at Object.onceWrapper (node:events:632:26)
    at ClientRequest.emit (node:events:517:28)
    at TLSSocket.socketErrorListener (node:_http_client:501:9)
    at TLSSocket.emit (node:events:517:28)
    at emitErrorNT (node:internal/streams/destroy:151:8)
    at emitErrorCloseNT (node:internal/streams/destroy:116:3)
    at process.processTicksAndRejections (node:internal/process/task_queues:82:21)

If only the error handling code in @azure/core-rest-pipeline wouldn't hide the real error message.

Anyway now it's clear the TLS interception is breaking it, need to figure out how to tell it where the certificate store is...

@rosshamish rosshamish changed the title Load symbols from cluster crashing with properties.getClientTimeout is not a function Load symbols from cluster fails when behind a TLS intercepting proxy Apr 30, 2024
@pearj
Copy link
Author

pearj commented Apr 30, 2024

So I got it working, you can close this now.

I added this to ~/.zprofile

export NODE_EXTRA_CA_CERTS=/etc/ssl/certs/ca-certificates.crt

And closed all the VS Code windows, and it started working.

Well it worked a few times and then started dying with empty responses:

[Kuskus] Failed to authenticate to https://help.kusto.windows.net//SampleLogs with error Failed to parse response ({200}) with the following error [TypeError: Cannot read properties of undefined (reading 'TableName')].

I figure it will probably work again at some point, since it worked before, of course it works ok in the browser, and via curl when I run the same request using the http headers grabbed from the debugger.

@pearj pearj closed this as completed Apr 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working help wanted Contribution requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pearj @rosshamish