taskserver: client connection handshake failed

Question

Issue

client$ task sync
Syncing with <hostname>.localdomain:53589

Handshake failed. The TLS connection was non-properly terminated.
Sync failed. Could not connect to the Taskserver

TL;DR I'm pretty sure this isn't an issue with certificates, but more likely something to do with the client/server interaction across the WSL implementation. I can connect via telnet and netcat, but the taskd debugger receives nothing when I try to sync from the client. I can however sync from a client on the same machine as the server. If anybody can share advice on how to progress or some debugging tips, I'd be very grateful!

Set-up

Server

OS: Ubuntu 20.04 LTS (running in WSL, Windows 10)

Verbatim result of $hostname -f referred to as <hostname>.localdomain

Private IP: 192.168.1.20

server$ taskd diagnostics

taskd 1.1.0
    Platform: Linux
    Hostname: <hostname>

Compiler
     Version: 9.3.0
        Caps: +stdc +stdc_hosted +200809 +200809 +LP64 +c8 +i32 +l64 +vp64 +time_t64
  Compliance: C++11

Build Features
       Built: Jun 16 2020 14:36:11
       CMake: 3.16.3
     libuuid: libuuid + uuid_unparse_lower
   libgnutls: 3.6.13
  Build type: release

Configuration
   TASKDDATA: /var/taskd
        root: /var/taskd (readable)
      config: /var/taskd/config (readable)
          CA: /var/taskd/ca.cert.pem (readable)
 Certificate: /var/taskd/server.cert.pem (readable)
         Key: /var/taskd/server.key.pem (readable)
         CRL: /var/taskd/server.crl.pem (readable)
         Log: /var/log/taskd.log (found)
    PID File: /home/rob/taskd.pid (found)
      Server: <hostname>.localdomain:53589
 Max Request: 1048576 bytes
     Ciphers:
       Trust: allow all

Client

This is a physically different machine than the server, on the same LAN

OS: Ubuntu 20.04 LTS (running in WSL, Windows 10)

client$ task diagnostics

task 2.5.1
   Platform: Linux

Compiler
    Version: 9.2.1 20200306
       Caps: +stdc +stdc_hosted +LP64 +c8 +i32 +l64 +vp64 +time_t64
 Compliance: C++11

Build Features
      CMake: 3.16.3
    libuuid: libuuid + uuid_unparse_lower
  libgnutls: 3.6.11
 Build type: None

Configuration
       File: /home/rob/.taskrc (found), 1622 bytes, mode 100666
       Data: /home/rob/.task (found), dir, mode 40755
    Locking: Enabled
         GC: Enabled
     Server: B160227-RBC.localdomain:53589
      Trust: allow all
Certificate: /home/rob/.task/rob_home.cert.pem, readable, 4015 bytes
        Key: /home/rob/.task/rob_home.key.pem, readable, 24742 bytes
    Ciphers: NORMAL
      Creds: Public/Rob Home/************************************

Hooks
     System: Enabled
   Location: /home/rob/.task/hooks
             (-none-)

Tests
      $TERM: xterm-256color (346x102)
       Dups: Scanned 0 tasks for duplicate UUIDs:
             No duplicates found
 Broken ref: Scanned 0 tasks for broken references:
             No broken references found

Troubleshooting

• I have read through the following

  • Setup
  • Troubleshooting guide
  • GitHub

• And I have been trying to google the issues I'm encountering but have not found anything yet which has solved my specific problem.

• As a consequence of my own debugging, the system is currently in the following state:

  • Firewalls disabled (server, client and router)
  • taskd.trust = allow all (client and server)

• From the client, I can connect to server via telnet:

client$ telnet <hostname>.localdomain 53589
Trying 192.168.1.20...
Connected to <hostname>.localdomain.
Escape character is '^]'.

• I am also able to set up a simple "chat server" using netcat, on the same port.

server$ nc -vv -l 192.168.1.20 53589
Listening on 192.168.1.20 53589

and then running

client$ nc -vv 192.168.1.20 53589
Connection to 192.168.1.20 53589 port [tcp/*] succeeded!

I receive the following message on the server...

Connection received on 192.168.1.19 53885

I find it strange that the connection is received over port 53885 - shouldn't it be coming from 53589 on the client machine?

• I have tried running the task server in debug mode using taskd server --data $TASKDDATA. From this I am able to successfully connect from a second client on the server machine, and see the results in the log. However, nothing shows when I run task sync from the client machine.

• I have checked the pages specific to "Handshake Failed", and here are the results:

client$ openssl s_client -CAfile .task/ca.cert.pem -host 192.168.1.20 -port 53589
CONNECTED(00000003)

When I generated the certificates on the server, in ~/taskd-1.1.0/pki/vars CN=.localdomain.

server$ certtool -i < server.cert.pem | grep Subject:
        Subject: O=Göteborg Bit Factory,CN=<hostname>.localdomain

• I get no response at all from running lsof -i TCP:53589 -s TCP:LISTEN or netstat -tl | grep 53589, but I think that is more to do with the complication of running the server on WSL.

Conclusion so far

From the debug log of the server, I guess that the taskwarrior client cannot "see" the taskserver at all. But what confuses me is that I have verified that the client and server machines can communicate over the right port (#53589).

I've been at this for a few days now and I'm fairly sure I must be missing something obvious. Any guidance would be really, really appreciated!