touch-packages team mailing list archive

Thread
Date

[Bug 1425914] Re: DTLS handshake broken - precise x64

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Pavel <pavel.bazika@xxxxxxxxxxx>
Date: Fri, 27 Feb 2015 11:00:24 -0000
Reply-to: Bug 1425914 <1425914@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Hi,

unfortunately I don't have any separate little tool how to test it. The
bug causes, that WebRTC calls in our proprieatry application - IceWarp
server doesn't work. However we have a free demo, so you can test it
like this:

0) Have Ubuntu 12.04 x86_64
1) Download http://linuxbuilds.icewarp.com/UBUNTU1204_x64/devel/2015-02-26-05-00-03/IceWarpServer-11.2.0.0_x64_20150226_UBUNTU1204.tar.gz
2) Unpack
3) Run install.sh with parameter -f
4) Confirm installation of all dependencies, libreoffice, java etc.
5) Install it to /opt/icewarp, create admin user, do not register license - it is not needed, you will get 30 days demo
6) Stop any HTTP and SIP server running on the machine
7) Start IceWarp server running /opt/icewarp/icewarpd.sh --start
8) Run firefox, go to localhost - webmail login page appears
9) Login using credentials admin/admin
10) Click the phone icon in the upper right corner - webphone will start
11) Type echo  and click Call
-> You should hear echo service voice

You can also try it on Ubuntu 12.04 i686 with
http://linuxbuilds.icewarp.com/UBUNTU1204/devel/2015-02-26-05-00-03/IceWarpServer-11.2.0.0_20150226_UBUNTU1204.tar.gz
- there it works normally.

If needed, I'm able to test it using steps above on our side too. Just
give me the fixed package.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1425914

Title:
  DTLS handshake broken - precise x64

Status in OpenSSL cryptography and SSL/TLS toolkit:
  Fix Released
Status in openssl package in Ubuntu:
  Fix Released
Status in openssl source package in Precise:
  Confirmed
Status in openssl source package in Trusty:
  Fix Released
Status in openssl source package in Utopic:
  Fix Released
Status in openssl source package in Vivid:
  Fix Released

Bug description:
  Hi,

  there is a problem in DTLS handshake in OpenSSL library in Ubuntu
  12.04 x86_64. The affected library version is  libssl
  1.0.1-4ubuntu5.21.  The problem causes, that it is impossible to
  establish DTLS session with Chrome or Firefox when trying to perform a
  SIP call via WebRTC.

  The problem is fixed in OpenSSL upstream by commit https://github.com/openssl/openssl/commit/a20152bdaf7a99b006ff5a0eef081502e0e11553
  committed April 4th 2012.

  32bit version of Ubuntu 12.04 is not affected by this issue, because
  it doesn't support HMAC ciphers, which cause the problem.

  I've checked other distributions (Centos6, Centos7, Ubuntu 14.04 and
  especially Debian 7 - which should be close to Ubuntu 12.04) and all
  has this patch applied and thus WebRTC calls work.

  Please merge this upstream fix to Ubuntu 12.04 x86_64 libssl package.

  Thanks

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssl/+bug/1425914/+subscriptions

References

[Bug 1425914] [NEW] DTLS handshake broken - precise x64
From: Pavel, 2015-02-26