Suboptimal TLS negotiation in Mumble 1.3 snapshots

[schlarpc]

I'm trying to understand why my connection is still using TLS 1.0 and does not have perfect forward secrecy, even though both client and server are running Mumble 1.3 snapshots.

My client is Windows 10 running 1.3.0~941~gcffa565~snapshot, and my server is Ubuntu 14.04.3 LTS running 1.3.0~935~g6e16502~snapshot-1~ppa1~trusty1 (from the mumble/snapshot PPA).

From my reading of http://blog.mumble.info/mumble-1-2-9/ and https://github.com/mumble-voip/mumble/issues/1763, Mumble 1.3 snapshots should be using TLS 1.2 and negotiate cipher suites with PFS. What am I missing?

[mkrautz]

Unfortunately, Trusty only provides Qt 5.2.

To use "TLSv1.0 or later", which we require for backwards compatibility, you need Qt 5.5 -- but Qt 5.4 has equivalent behavior to "TLSv1.0 or later" using "SecureProtocols".

See https://github.com/mumble-voip/mumble/blob/master/src/murmur/Server.cpp#L1250-L1255

[mkrautz]

It's worth noting, however, that our static snapshots should work just as well -- just drop in murmurd from the static tarball, and it should just work. [...and lose automatic updates :(]

[schlarpc]

Ah, got it. Thanks for the quick response, the static build does indeed give much better behavior, but I'll probably just stick to the PPA until 16.04 hits.

[Ascendor]

Hey @mkrautz, I was wondering if this has ever been fixed? I cannot get mumble-server to really accept anything newer than TLSv1, and so are others: https://www.reddit.com/r/mumble/comments/dkbegg/mumble_murmur_1219_defaulting_to_tls_10_and_i/

Is this still an open issue or should it actually work?

Thanks!

[davidebeatrici]

Hi, why are you using 1.2.19 instead of 1.3.0?

[Ascendor]

Hey @davidebeatrici, I am actually using mumble-server 1.2.18 (the thread I linked is from somebody else, but it describes my exact same problem, so I linked it). Reason: It's the version delivered with Debian 9

[davidebeatrici]

Oh, I see. Any reasons for not updating to Debian 10?

By the way, you can either install the package for Buster (https://packages.debian.org/buster/mumble-server) or use the static binary: https://dl.mumble.info/murmur-static_x86-1.3.0.tar.bz2

[Ascendor]

Oh, I see. Any reasons for not updating to Debian 10?

No, none specifically other than: 9 is still under support and I'm lazy. :)

By the way, you can either install the package for Buster (https://packages.debian.org/buster/mumble-server) or use the static binary: https://dl.mumble.info/murmur-static_x86-1.3.0.tar.bz2

Thanks for the package source link, I'll try that. Wasn't able to get the static binary running. Error message: "ServerDB: Database driver QSQLITE not available" - even after installing SQLite.

So are you saying the TLSv1.0 issue is solved with 1.3.0?

[davidebeatrici]

Thanks for the package source link, I'll try that. Wasn't able to get the static binary running. Error message: "ServerDB: Database driver QSQLITE not available" - even after installing SQLite.

Install libqt5sql5-sqlite.

So are you saying the TLSv1.0 issue is solved with 1.3.0?

Yes.

[Ascendor]

Install libqt5sql5-sqlite.

Just tried that, same error

So are you saying the TLSv1.0 issue is solved with 1.3.0?

Yes.

Thanks!

[davidebeatrici]

You're welcome!

I wonder whether the QSQLite plugin is supposed to be static and was not included in the release, we didn't receive other reports though...

[Ascendor]

Hint for other readers: I cannot recommend trying to install Buster's mumble package on Stretch. I got into dependency hell and finally locked myself out of my server (no prompt anymore after SSH login). Trying to recover from backup now.

(davidebeatrici: Not blaming you at all. Just giving a hint to others, that there are risks. Again thanks for help and information)

[davidebeatrici]

Sorry, I should've mentioned to be careful with the dependencies.

Which ones caused the issue?

[Ascendor]

I don't know. I've jumped to solutions too quickly, trying to reboot the machine and then being locked out. Errors I got during installation were about unability to set a locale:

perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = (unset), LC_ALL = (unset), LANG = "de_DE.UTF-8" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C").

[RenWal]

Are there any plans to bring 1.3.0 to Ubuntu Bionic? We're currently stuck at 1.2.19.

Since 18.04 is an LTS and our servers run it (with no immediate plan to upgrade) it would be nice to get security by default instead of fiddling with PPAs or building from source.

[Krzmbrzl]

AFAIK we're not responsible for the Ubuntu package. I could be wrong though.

However the Ubuntu package archives are simply not meant to always contain the most recent version. They are meant to contain a version that is known to work (and thus is typically older). If you want to have a newer version you'll have to add a PPA (though I don't actually think we are currently providing one :thinking:) or build the software yourself...

[Krzmbrzl]

We are however providing an AppImage but that appears to currently have some problems. See #3959

[RenWal]

Problem for me is that Ubuntu 20.04 will ship 1.3.0 and it outright refuses to connect to 1.2.19 servers because of the TLS issue. This creates an incompatibility between two supported LTS releases. If anyone can point me to the maintainer of the Ubuntu package, I'll go ask them if there's anything that can be done.

[Krzmbrzl]

Maybe @davidebeatrici knows more about that...

[GeckoEidechse]

@RenWal, APT lists "Ubuntu Developers", available via ubuntu-devel-discuss@lists.ubuntu.com, as maintainer. Might be worth a shot sending them an email.

[RenWal]

There is a snap (with 1.3.0) for the client available from the Snapcrafters Repository. However, there seems to be no equivalent for the server. I've asked the Ubuntu Developers list about this, will report back what they say.

[RenWal]

The mailing list didn't help much. Looks like the Ubuntu devs don't want to deal with this.

[streaps]

Why should the Ubuntu devs waste their time with something Mumble itself is responsible for? In 2018 (when Bionic was released) TLS 1.2 was already 10 years old.

For Ubuntu there is also the Mumble PPA https://launchpad.net/~mumble/+archive/ubuntu/release

I would not recommend it, but this might be a workaround for connecting to an insecure server: https://askubuntu.com/questions/1233186/ubuntu-20-04-how-to-set-lower-ssl-security-level

I have not tested it with the Mumble client though.