Server incompatible with Focal clients

Bug #1861791 reported by René Walendy
22
This bug affects 4 people
Affects Status Importance Assigned to Milestone
mumble (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

We're currently having trouble with a TLS issue between mumble-server 1.2.19-1ubuntu1 on 18.04 Bionic and the mumble client 1.3.0+dfsg-1 on Focal.

There is a known issue (https://github.com/mumble-voip/mumble/issues/2116) with mumble-server (murmurd) on Bionic causing only TLS 1.0 connections to be negotiated, which is starting to be a security concern as TLS 1.3 becomes widely available. This is detected by the new mumble client on Focal, which outright refuses to establish TLS 1.0 connections in a default setup. While this is a good thing security-wise, it of course makes mumble-server 1.2.19 rather obsolete. The only solution that worked for us so far was to upgrade mumble-server to 1.3.0 via ppa:mumble/release.

Since both 18.04 and 20.04 are LTS releases, this creates an incompatibility between the packages shipped by default on two supported and widely used releases.

To improve security and fix the incompatibility issue, is it possible to bump mumble and mumble-server to 1.3.0 on Bionic without compiling from source or using PPAs?

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in mumble (Ubuntu):
status: New → Confirmed
Revision history for this message
James Henstridge (jamesh) wrote :

I encountered this today too. This seems to be an OpenSSL problem, given that "openssl s_client" refuses to connect to the server, where it succeeds with older releases. Presumably the server only supports ciphers or TLS versions the new OpenSSL rejects.

Revision history for this message
James Henstridge (jamesh) wrote :

This is likely caused by bug 1856428, which indicates that support for the older TLS versions can be enabled in a configuration file.

Revision history for this message
René Walendy (0k53-rene-f830) wrote :

This could work as a temporary fix. However, "re-enable old crypto protocols that should not be used unless absolutely unavoidable since RFC 7525 five years ago" must not be the final resolution for this bug, since it's exactly what Focal wants to avoid. From a crypto standpoint, while TLS1.0 is not utterly broken like SSL, there are still plenty of reasons why one should really not be using it anymore.

Revision history for this message
James Henstridge (jamesh) wrote :

Sure. But if this is controllable from a configuration file, then it might be possible to come up with a temporary work around until the server you want to connect to is upgraded. With any luck, the configuration can be changed in such a way that only Mumble is affected.

Revision history for this message
James Henstridge (jamesh) wrote :

I detailed the configuration file workaround here:

https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1856428/comments/2

I wonder if the underlying cause of the problem is that Bionic's Mumble is compiled against Qt 4, which predates the newer TLS versions. I would have thought it'd get new versions automatically through new OpenSSL releases, but perhaps there is some incompatibility in there.

If that's the case, I wonder if Bionic's Mumble client can successfully connect to Focal's Mumble server?

Revision history for this message
René Walendy (0k53-rene-f830) wrote :

Thanks for the openSSL config example! I set up a Bionic and a Focal VM, both with client and server, to test this.

Without this config, the connection does not work in any direction, i.e. the Bionic client won't connect to the Focal server (with a chat message saying "remote host closed connection") and the Focal client won't connect to the Bionic server (with a popup warning about legacy encryption).

Adding the openSSL config snippet on the Focal machine allows a connection in both directions. When using the default mumble config on both sides, TLS1.0 using suite TLS_RSA_WITH_AES_256_CBC_SHA is negotiated on the control channel.

Two Focal instances will correctly negotiate TLS1.3 using TLS_AES_256_GCM_SHA384. Bionic instances using the PPA will also successfully negotiate TLS1.3 and the same cipher but show "UnknownProtocol" in the client's server info dialog.

Revision history for this message
Chris Knadle (chris-knadle) wrote : Re: [Bug 1861791] Re: Server incompatible with Focal clients

James Henstridge:
> I detailed the configuration file workaround here:
>
> https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1856428/comments/2
>
> I wonder if the underlying cause of the problem is that Bionic's Mumble
> is compiled against Qt 4, which predates the newer TLS versions. I
> would have thought it'd get new versions automatically through new
> OpenSSL releases, but perhaps there is some incompatibility in there.

Mumble uses Qt's SSL library, and there are differences in the Qt SSL library
between Qt 4 and 5. Mumble 1.3 with Qt 5 is capable of TLS that have perfect
forward secrecy, but Mumble 1.2 with Qt 4 is not, and that's independent of the
particular versions of OpenSSL that are used. i.e. this isn't a limitation of
the OpenSSL version, it's a limitation of the SSL library in Qt 4.

  -- Chris

--
Chris Knadle
<email address hidden>

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.