Re: DTLS 1.1 failure when Firefox 51 is initiating a call
Thanks! I suppose that it's too late for Firefox 52, which is beta now. BTW, I've already verified the fix on developer (53.0a2) and Nightly (54) versions. ___ dev-media mailing list dev-media@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-media
Re: DTLS 1.1 failure when Firefox 51 is initiating a call
On Fri, Feb 3, 2017 at 2:51 AM,wrote: > @Martin Thomson Thank you for the info. Do you know which version of > Firefox this fix will land on? Firefox 53. https://bugzilla.mozilla.org/show_bug.cgi?id=1317947 ___ dev-media mailing list dev-media@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-media
Re: DTLS 1.1 failure when Firefox 51 is initiating a call
@Martin Thomson Thank you for the info. Do you know which version of Firefox this fix will land on? @Prerak Jain Thank you. ___ dev-media mailing list dev-media@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-media
Re: DTLS 1.1 failure when Firefox 51 is initiating a call
On Thursday, 2 February 2017 01:54:23 UTC+5:30, ushun...@gmail.com wrote: > Hi Prerak, > > Thank you much for the info. When I made the client create an RSA P-256 > certificate and use it in PeerConnection (in fact, this is required with > Chrome 52 and later, when using OpenSSL 1.0.1g, for e.g.), it still didn't > work, but the cipher suite used was the same as in the working case. > However, I could see that the ECDH named curve used in Server Key Exchange > was ecdh_x25519 (0x001d) - as you have noted, compared to secp256r1 (0x0017) > in the working case. I also don't see any named curves specified in Client > Hello. Note that secp256r1 is one of the curves supported by Firefox, > according to the code diff you've pointed out. Also note that DTLS works > fine when Firefox receives a call, and acts as a client. > > It looks like that SSL_CTL_set1_curves() is only available from OpenSSL > 1.0.2. FYI, we are already using > EC_KEY_new_by_curve_name(NID_X9_62_prime256v1), followed by > SSL_CTX_set_tmp_ecdh() to set the curve name - this was required a while ago > after Firefox made some changes on this regard. Other than updating OpenSSL, > is there any other way to have the supported named curves listed in the > Client Hello? > > Thank, > Uma I was using the same openssl API you mentioned EC_KEY_new_by_curve_name(NID_X9_62_prime256v1), it works only in case when your server is acting as DTLS server thats why it works when Firefox acts as the DTLS client. This API doesn't add named_curve field in Client Hello message, so had to upgrade openssl to 1.0.2 to unblock WebRTC Firefox calls. So either you can wait for the fix Martin has mentioned or upgrade openssl to at least 1.0.2. ___ dev-media mailing list dev-media@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-media
Re: DTLS 1.1 failure when Firefox 51 is initiating a call
On Thu, Feb 2, 2017 at 11:37 AM,wrote: > BTW, it seems to me that Firefox should be using a more widely used ECDH > named curve, such as secp256r1, when the Client Hello does not list the > supported named curves. This would make Firefox more compatible with older > implementations. I suppose security and speed may be factor here, but isn't > it a bit too soon to make this change? This is in fact how Firefox will operate in future. The error, that exists in Firefox 51 (and maybe 52) is that we assume support for all of the groups that are enabled on the server. That will not be the case soon, we will only assume support of P-256. See https://bugzilla.mozilla.org/show_bug.cgi?id=1330612 ___ dev-media mailing list dev-media@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-media
Re: DTLS 1.1 failure when Firefox 51 is initiating a call
Thanks, Nils. I captured the DTLS message exchanges for the working and failing cases using Wireshark. I mainly see two differences. 1. In the working case (Firefox 50.1.0), I see a "Server Hello Done" message from Firefox first, before a "Server Hello" along with Certificate, Server Key Exchange, and Certificate Request records in the same message. In the failing case, the Server Hello Done is sent at the end in the same message, after Certificate Request (which actually makes more sense?). 2. In the working case, the cipher suite used is: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013), compared with TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a) in the failing case. It's more likely that the 2nd difference is causing the issue. I see that this and other ECDSA ciphers listed in the Client Hello in both cases. I tried disabling ECDSA in the gateway using the cipher list "DEFAULT:!aECDSA:!ECDSA" in SSL_CTX_set_cipher_list(), but to no avail - I still see the ECDSA ciphers in the Client Hello. Nils, I'll send you the pcap files for these two cases too. Please let me know if you have any suggestions. Cheers, Uma ___ dev-media mailing list dev-media@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-media
Re: DTLS 1.1 failure when Firefox 51 is initiating a call
Hi Uma, > On Jan 27, 2017, at 15:42, ushunmu...@gmail.com wrote: > > Hi, I am encountering a WebRTC DTLS issue with Firefox 51 and our WebRTC > gateway, which didn't happen with the previous version 50. This only happens > when Firefox initiates the call (it works fine when the gateway initiates the > call). The gateway, after exchanging the Client/Server Hello messages, is > trying to read the server certificate, when it gets an "internal error" from > OpenSSL (version 1.0.1g is being used). This results in a fatal alert to be > sent back to Firefox. > > I went through the release notes at > https://developer.mozilla.org/en-US/Firefox/Releases/51, but I didn't see any > relevant changes. Does anyone have any idea what could be happening in this > case? Any pointers will be appreciated. I’m not aware of any changes in regards to DTLS in the WebRTC implementation of Firefox. Our crypto library NSS might have changed. I would recommend to take a Wireshark trace of the working and the failing scenario and compare the two. Feel free to send me copies of the two files and I’ll have a look as well. Best Nils Ohlmeier signature.asc Description: Message signed with OpenPGP ___ dev-media mailing list dev-media@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-media
DTLS 1.1 failure when Firefox 51 is initiating a call
Hi, I am encountering a WebRTC DTLS issue with Firefox 51 and our WebRTC gateway, which didn't happen with the previous version 50. This only happens when Firefox initiates the call (it works fine when the gateway initiates the call). The gateway, after exchanging the Client/Server Hello messages, is trying to read the server certificate, when it gets an "internal error" from OpenSSL (version 1.0.1g is being used). This results in a fatal alert to be sent back to Firefox. I went through the release notes at https://developer.mozilla.org/en-US/Firefox/Releases/51, but I didn't see any relevant changes. Does anyone have any idea what could be happening in this case? Any pointers will be appreciated. Thanks! Uma ___ dev-media mailing list dev-media@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-media