mumble-web-proxy
mumble-web-proxy copied to clipboard
Johni0702
Does not work with LibreSSL
I made a Docker container for mumble-web-proxy. It works like that. However, if you replace openssl by libressl, then it doesn't work, because the DTLS handshake between the user agent and mumble-web-proxy fails:
New connection from [::ffff:10.100.164.143]:41662
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy MSG Authenticate: username: "has2" password: "" opus: false webrtc: true
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy SystemTime { tv_sec: 1615180182, tv_nsec: 106587785 }
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Local ice candidate: 1 1 UDP 2015363327 10.100.34.62 50093 typ host
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Local ice candidate: 2 1 TCP 1015021823 10.100.34.62 0 typ host tcptype active
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Local ice candidate: 3 1 TCP 1010827519 10.100.34.62 50010 typ host tcptype passive
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Local ice candidate: 4 1 UDP 2015363583 fe80::fc7e:adff:fe92:3ed5 50045 typ host
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Local ice candidate: 5 1 TCP 1015022079 fe80::fc7e:adff:fe92:3ed5 0 typ host tcptype active
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Local ice candidate: 6 1 TCP 1010827775 fe80::fc7e:adff:fe92:3ed5 50073 typ host tcptype passive
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Got WebRTC: ice_pwd: "d978fc954a5a373c75f84ae5d542d8fc" ice_ufrag: "9f0c1c5c" dtls_fingerprint: "0F:C2:BD:3C:80:26:0C:C9:48:9E:53:1B:B5:2E:D7:BD:5D:4E:2B:99:47:9E:5F:EA:FB:93:94:89:8E:31:25:E9"
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Got ice candidate: "candidate:0 1 UDP 2122252543 192.168.129.186 60437 typ host"
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Got ice candidate: "candidate:1 1 UDP 2122187007 172.17.0.1 34821 typ host"
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Got ice candidate: "candidate:2 1 TCP 2105524479 192.168.129.186 9 typ host tcptype active"
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Got ice candidate: "candidate:3 1 TCP 2105458943 172.17.0.1 9 typ host tcptype active"
- mumble-web-proxy-645bf4c77c-pwlvj
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Error on connection [::ffff:10.100.164.143]:41662: Io(Custom { kind: Other, error: "handshake error" })
This might be related: https://github.com/libressl-portable/portable/issues/380
Through some debugging, I found that the handshake error is a tokio_openssl::HandshakeError that contains the following.
Failure(
MidHandshakeSslStream {
stream: SslStream {
stream: Compat {
inner: DtlsSrtpMuxerPart {
muxer: Mutex {
data: DtlsSrtpMuxer {
inner: StreamComponent {
_recv_handle: AttachRecvHandle(
NiceAgent {
inner: ObjectRef {
inner: 0x5598424870c0, type: NiceAgent
}
}, 1, 1, MainContext(
Shared {
inner: 0x55984247e780
}
), Any
), stream_id: 1, component_id: 1, state: Connected, state_stream: Receiver {
inner: Some(
BoundedInner {
buffer: 8, state: 9223372036854775808, message_queue: Queue {
head: 0x5598424b17c0, tail: UnsafeCell
}, parked_queue: Queue {
head: 0x559842491720, tail: UnsafeCell
}, num_senders: 1, recv_task: AtomicWaker
}
)
}, source: Receiver {
inner: Some(
BoundedInner {
buffer: 10, state: 9223372036854775808, message_queue: Queue {
head: 0x5598424ad7c0, tail: UnsafeCell
}, parked_queue: Queue {
head: 0x55984248cfe0, tail: UnsafeCell
}, num_senders: 1, recv_task: AtomicWaker
}
)
}
}, dtls_buf: [], srtp_buf: []
}
}, srtp: false
}
}, ssl: Ssl {
state: \"SSLv3 read client hello B\", verify_result: X509VerifyResult {
code: 0, error: \"ok\"
}
}
}, error: Error {
code: ErrorCode(5), cause: None
}
}
)
