This is a read-only archive of the Mumble forums.

This website archives and makes accessible historical state. It receives no updates or corrections. It is provided only to keep the information accessible as-is, under their old address.

For up-to-date information please refer to the Mumble website and its linked documentation and other resources. For support please refer to one of our other community/support channels.

Jump to content

Murmur server stuck in TLS 1.0 rather than 1.2

zifnab

By zifnab,
in Usage

 Share

Recommended Posts

zifnab Newbie

zifnab

Posted
Posted

hi.

here is my (working) setup:

- server side: headless (armv7) arch linux murmur 1.2.19

- client side: up to date murmur 1.3 x64 snapshot (win10 pro x64)

when connected from the client to this server and looking at the server information box, it says TLS 1.0 and NO perfect forward secrecy...

when my client connect to third party yet older murmur servers, it says: TLS 1.2 with perfect forward secrecy.


what's wrong with my server. how can I change that?

- sslCiphers order in murmur.ini?

- reset the murmur server auto-generated certificate? (cannot find how to do that for the server in the wiki: I can only find for the client...)

- anything else?


thx for any help.

Link to comment
Share on other sites
  • Administrators
mkrautz Newbie

mkrautz

Posted
  • Administrators
Posted

Hi,


The problem is that Mumble 1.2.x in Linux distros is built against a stock Qt 4.


Our official binaries (as well as some operating systems, such as OpenBSD) use a patch for Qt 4 that allows it to use TLS 1.2. No Linux distros have picked up this patch, to my knowledge.


But as I said, our official 1.2.x binaries all carry the ability to negotiate TLS 1.2.


If you can get a "mumble-git" or "mumble-snapshot" version for your distro, you should also be good to go, since this version is built against Qt 5, which supports TLS 1.2.


Unfortunately, we only provide our static Murmur Linux binaries for x86 at present, so I don't think that's much help for you, on ARM.

Link to comment
Share on other sites
zifnab Newbie

zifnab

Posted
  • Author
Posted

ok, thx for your help.

so based on your answer, and out of this list: one of the following should do (I just checked which one mention qt5 instead of qt4 in their dependencies, and still mention armv7h in their pkgbuild file):

- murmur-git (it's 1.3.0, but git tags seem to be the reason why this gets mislabeled as 1.2.5)

- murmur-snapshot-minimal

- murmur-snapshot-ice

btw, those are all based on 1.3.0, hence the switch to qt5.

not sure if murmur-static would have work, but since it doesn't support armv7h this one is a dead end for my armv7h based setup.

I'll let you know how it goes once I switch (or I might wait for the official 1.3.0 release which doesn't look that far away ;)), but with what you told me, this should definitely do the trick.


thanks again.

Link to comment
Share on other sites
 Share
Go to topic listing
×
×
  • Create New...