Chiming in here as I'm experiencing the same issue - here's the console output when running Vinagre and hitting the 'Connect' button a couple times trying to confirm the certificate:

[snuxoll@mbsi-lapnuxoll ~]$ vinagre

** (vinagre:27120): WARNING **: Failed to initialize mDNS browser: Failed to create avahi client: Daemon not running

[10:38:54:441] [27120:27120] [ERROR][com.freerdp.crypto] - certificate not trusted, aborting.
[10:38:54:441] [27120:27120] [ERROR][com.freerdp.core] - freerdp_set_last_error ERRCONNECT_CONNECT_CANCELLED [0x2000B]
[10:38:54:441] [27120:27120] [ERROR][com.freerdp.core.connection] - Error: protocol security negotiation or connection failure
[10:38:58:371] [27120:27120] [ERROR][com.freerdp.crypto] - certificate not trusted, aborting.
[10:38:58:371] [27120:27120] [ERROR][com.freerdp.core] - freerdp_set_last_error ERRCONNECT_CONNECT_CANCELLED [0x2000B]
[10:38:58:371] [27120:27120] [ERROR][com.freerdp.core.connection] - Error: protocol security negotiation or connection failure
[10:38:59:384] [27120:27120] [ERROR][com.freerdp.crypto] - certificate not trusted, aborting.
[10:38:59:384] [27120:27120] [ERROR][com.freerdp.core] - freerdp_set_last_error ERRCONNECT_CONNECT_CANCELLED [0x2000B]
[10:38:59:384] [27120:27120] [ERROR][com.freerdp.core.connection] - Error: protocol security negotiation or connection failure
[10:39:00:097] [27120:27120] [ERROR][com.freerdp.crypto] - certificate not trusted, aborting.
[10:39:00:097] [27120:27120] [ERROR][com.freerdp.core] - freerdp_set_last_error ERRCONNECT_CONNECT_CANCELLED [0x2000B]
[10:39:00:097] [27120:27120] [ERROR][com.freerdp.core.connection] - Error: protocol security negotiation or connection failure
[10:39:00:794] [27120:27120] [ERROR][com.freerdp.crypto] - certificate not trusted, aborting.
[10:39:00:794] [27120:27120] [ERROR][com.freerdp.core] - freerdp_set_last_error ERRCONNECT_CONNECT_CANCELLED [0x2000B]
[10:39:00:794] [27120:27120] [ERROR][com.freerdp.core.connection] - Error: protocol security negotiation or connection failure

Upon some further investigation it looks like Fedora 25 is now using FreeRDP 2, which has changed from a BOOL to a DWORD for the return type of the pVerifyCertificate callback [1]. I'm attaching a patch that defines HAVE_FREERDP_2_0 and switches the return type of frdp_certificate_verify correctly based on whether 1.x or 2.x is being used, I'm also going to submit the issue upstream along with the proposed patch if it hasn't already been done.

[1]: https://github.com/FreeRDP/FreeRDP/blob/128ce8a5a4b062269179a93a8da8bcac24dba5c8/include/freerdp/freerdp.h#L84

Created attachment 1237307 [details]
Proposed patch

Actually, upstream has a better patch available on the GNOME Bugzilla already [1] that handles some additional API changes in FreeRDP 2.x (don't I feel silly for spending 2 hours on this now?).

The patch was missing a header include and still had the wrong return type (int instead of DWORD) - so I'm attaching a 'fixed' copy as well as the results of a koji scratch build [2].

[1]: https://bugzilla.gnome.org/show_bug.cgi?id=774473
[2]: https://koji.fedoraproject.org/koji/taskinfo?taskID=17164264

Created attachment 1237316 [details]
0001-FreeRDP-1.2-certificate-callback-support.patch

Priority needs to be very high.  A cert change blocks vinagre from functioning, so all rdp operation is impossible.  Blocker.

*** Bug 1408557 has been marked as a duplicate of this bug. ***

Hi Stefan,

FreeRDP had no releases for more than 2 years and there is absolutely no guarantee of any stability towards API/ABI. So the best that it can happen is that in a given moment in time all components relying on FreeRDP work fine. Just by saying that it makes me shiver.

I've been trying to push on a new release along with a lot of other people to no avail so far.

Having said that, for fixing some of the intermediate issues I've created a compat-freerdp12 package that contains the last FreeRDP release from 2014 in library form only, and I've rebuilt Vinagre in rawhide/f26 with that.

I'm making a scratch build on Fedora 25, it would be great if you could test that.

Please test this build:

https://koji.fedoraproject.org/koji/taskinfo?taskID=18246371

You would also need this update (contains compat-freerdp12):

https://bodhi.fedoraproject.org/updates/FEDORA-2017-7191d8e808

So, the freedrp compat package with the above build fixes the endless connection loop, but Vinagre is still very broken.

I get the following spam (note, the last message repeats when the dialog box tries to roll out... it is never shown and the window never closes or exits full screen when disconnecting):


(vinagre:21608): Gtk-WARNING **: Theme parsing error: <data>:2:28: The style property GtkButton:default-border is deprecated and shouldn't be used anymore. It will be removed in a future version

(vinagre:21608): Gtk-WARNING **: Theme parsing error: <data>:3:36: The style property GtkButton:default-outside-border is deprecated and shouldn't be used anymore. It will be removed in a future version

(vinagre:21608): Gtk-WARNING **: Theme parsing error: <data>:4:25: The style property GtkButton:inner-border is deprecated and shouldn't be used anymore. It will be removed in a future version

(vinagre:21608): Gtk-WARNING **: Theme parsing error: <data>:5:30: The style property GtkWidget:focus-line-width is deprecated and shouldn't be used anymore. It will be removed in a future version

(vinagre:21608): Gtk-WARNING **: Theme parsing error: <data>:6:27: The style property GtkWidget:focus-padding is deprecated and shouldn't be used anymore. It will be removed in a future version

(vinagre:21608): Gtk-WARNING **: Drawing a gadget with negative dimensions. Did you forget to allocate a size? (node box owner ViewAutoDrawer)

-----------------------------------------------------------------------

I also get the following error when disconnecting:

[18:34:46:622] [21672:21672] [ERROR][com.freerdp.legacy] - ERRINFO_LOGOFF_BY_USER (0x0000000C):
The disconnection was initiated by the user logging off his or her session on the server.

[18:34:46:622] [21672:21672] [ERROR][com.freerdp.legacy] - DisconnectProviderUltimatum: reason: 3


** (vinagre:21672): WARNING **: Failed to check FreeRDP file descriptor

This message is a reminder that Fedora 25 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 25. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as EOL if it remains open with a Fedora  'version'
of '25'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version'
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not
able to fix it before Fedora 25 is end of life. If you would still like
to see this bug fixed and are able to reproduce it against a later version
of Fedora, you are encouraged  change the 'version' to a later Fedora
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's
lifetime, sometimes those efforts are overtaken by events. Often a
more recent Fedora release includes newer upstream software that fixes
bugs or makes them obsolete.

in Fedora-27 issue is solved.

Fedora 25 changed to end-of-life (EOL) status on 2017-12-12. Fedora 25 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
bug.

Thank you for reporting this bug and we are sorry it could not be fixed.