search

mumble-voip / grumble

Alternative Mumble server
http://mumble.info/grumble
Other
275 stars 86 forks source link

crypt resync #9

Closed GEverding closed 4 years ago

GEverding commented 7 years ago

Hi,

Been experimenting with grumble and i've come across a issue where i'll get into a state where the system keeps trying to "resync". Its sending a empty CryptSetup message to the clients (ios, android). Android (jumble) handles this by either generating a new nonce and sending it to the server. iOS (MumbleKit) does nothing unless its a full CryptSetup message. What is the intended behaviour? Do you know why I might be getting into this state?

mkrautz commented 7 years ago

It's hard to say why you're seeing the crypt resyncs. If it happens for both Android and iOS, maybe there's a bug in Grumble causing it. Or maybe there's enough packet loss for CryptState to get confused...

Regarding the weird CryptSetup behavior on MumbleKit, I believe that's indeed a bug in MumbleKit.

MumbleKit should handle CryptSetup like Mumble itself:

https://github.com/mumble-voip/mumble/blob/master/src/mumble/Messages.cpp#L713

Right now it seemingly only handles the initial setup, as you mention:

https://github.com/mumble-voip/mumblekit/blob/master/src/MKConnection.m#L908

GEverding commented 7 years ago

What would constitute "enough packet loss"? 

Garrett

    _____________________________

From: Mikkel Krautz notifications@github.com Sent: Monday, September 26, 2016 11:11 AM Subject: Re: [mumble-voip/grumble] crypt resync (#9) To: mumble-voip/grumble grumble@noreply.github.com Cc: Author author@noreply.github.com, Garrett Everding garrett.everding92@gmail.com

It's hard to say why you're seeing the crypt resyncs. If it happens for both Android and iOS, maybe there's a bug in Grumble causing it. Or maybe there's enough packet loss for CryptState to get confused...

Regarding the weird CryptSetup behavior on MumbleKit, I believe that's indeed a bug in MumbleKit.

MumbleKit should handle CryptSetup like Mumble itself:

https://github.com/mumble-voip/mumble/blob/master/src/mumble/Messages.cpp#L713

Right now it seemingly only handles the initial setup, as you mention:

https://github.com/mumble-voip/mumblekit/blob/master/src/MKConnection.m#L908

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.

GEverding commented 7 years ago

When we see cryptstate resync's we gett errors saying that there is no matching ivbyte and then we get errors saying that the tags don't match. Can you provide any insight as to "why" thees errors would happen. I've been through the ocb2 spec but i'm having trouble understanding it.

GEverding commented 7 years ago

Is this a bug? https://github.com/mumble-voip/grumble/blob/master/pkg/cryptstate/cryptstate.go#L199 You do this in the example https://github.com/mumble-voip/grumble/blob/master/pkg/cryptstate/testgen/CryptState.cpp#L170

should it be?

if cs.decryptHistory[cs.DecryptIV[0]] == cs.DecryptIV[1] {
    ...
}
mkrautz commented 7 years ago

That looks like a bug, yes!

actown commented 4 years ago

Closing as we merged in what looks like a fix, please create a new issue if you run into this again.