Johni0702 / mumble-web-proxy

Mumble to WebSocket+WebRTC proxy for use with mumble-web
70 stars 25 forks source link

Does not work with LibreSSL #28

Open haslersn opened 3 years ago

haslersn commented 3 years ago

I made a Docker container for mumble-web-proxy. It works like that. However, if you replace openssl by libressl, then it doesn't work, because the DTLS handshake between the user agent and mumble-web-proxy fails:

New connection from [::ffff:10.100.164.143]:41662
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy MSG Authenticate: username: "has2" password: "" opus: false webrtc: true
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy SystemTime { tv_sec: 1615180182, tv_nsec: 106587785 }
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Local ice candidate: 1 1 UDP 2015363327 10.100.34.62 50093 typ host
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Local ice candidate: 2 1 TCP 1015021823 10.100.34.62 0 typ host tcptype active
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Local ice candidate: 3 1 TCP 1010827519 10.100.34.62 50010 typ host tcptype passive
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Local ice candidate: 4 1 UDP 2015363583 fe80::fc7e:adff:fe92:3ed5 50045 typ host
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Local ice candidate: 5 1 TCP 1015022079 fe80::fc7e:adff:fe92:3ed5 0 typ host tcptype active
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Local ice candidate: 6 1 TCP 1010827775 fe80::fc7e:adff:fe92:3ed5 50073 typ host tcptype passive
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Got WebRTC: ice_pwd: "d978fc954a5a373c75f84ae5d542d8fc" ice_ufrag: "9f0c1c5c" dtls_fingerprint: "0F:C2:BD:3C:80:26:0C:C9:48:9E:53:1B:B5:2E:D7:BD:5D:4E:2B:99:47:9E:5F:EA:FB:93:94:89:8E:31:25:E9"
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Got ice candidate: "candidate:0 1 UDP 2122252543 192.168.129.186 60437 typ host"
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Got ice candidate: "candidate:1 1 UDP 2122187007 172.17.0.1 34821 typ host"
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Got ice candidate: "candidate:2 1 TCP 2105524479 192.168.129.186 9 typ host tcptype active"
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Got ice candidate: "candidate:3 1 TCP 2105458943 172.17.0.1 9 typ host tcptype active"
- mumble-web-proxy-645bf4c77c-pwlvj
mumble-web-proxy-584b58c4cc-2zvzt mumble-web-proxy Error on connection [::ffff:10.100.164.143]:41662: Io(Custom { kind: Other, error: "handshake error" })

This might be related: https://github.com/libressl-portable/portable/issues/380

Through some debugging, I found that the handshake error is a tokio_openssl::HandshakeError that contains the following.

Failure(
    MidHandshakeSslStream {
        stream: SslStream {
            stream: Compat {
                inner: DtlsSrtpMuxerPart {
                    muxer: Mutex {
                        data: DtlsSrtpMuxer {
                            inner: StreamComponent {
                                _recv_handle: AttachRecvHandle(
                                    NiceAgent {
                                        inner: ObjectRef {
                                            inner: 0x5598424870c0, type: NiceAgent
                                        }
                                    }, 1, 1, MainContext(
                                        Shared {
                                            inner: 0x55984247e780
                                        }
                                    ), Any
                                ), stream_id: 1, component_id: 1, state: Connected, state_stream: Receiver {
                                    inner: Some(
                                        BoundedInner {
                                            buffer: 8, state: 9223372036854775808, message_queue: Queue {
                                                head: 0x5598424b17c0, tail: UnsafeCell
                                            }, parked_queue: Queue {
                                                head: 0x559842491720, tail: UnsafeCell
                                            }, num_senders: 1, recv_task: AtomicWaker
                                        }
                                    )
                                }, source: Receiver {
                                    inner: Some(
                                        BoundedInner {
                                            buffer: 10, state: 9223372036854775808, message_queue: Queue {
                                                head: 0x5598424ad7c0, tail: UnsafeCell
                                            }, parked_queue: Queue {
                                                head: 0x55984248cfe0, tail: UnsafeCell
                                            }, num_senders: 1, recv_task: AtomicWaker
                                        }
                                    )
                                }
                            }, dtls_buf: [], srtp_buf: []
                        }
                    }, srtp: false
                }
            }, ssl: Ssl {
                state: \"SSLv3 read client hello B\", verify_result: X509VerifyResult {
                    code: 0, error: \"ok\"
                }
            }
        }, error: Error {
            code: ErrorCode(5), cause: None
        }
    }
)