Public bug reported:
Binary package hint: mumble
Upon to connecting to a server which has a reasonable "Common Name" set
using an "incorrect" hostname, mumble dies.
To reproduce, set up a mumble-server to use a certificate with the
servers host as the "Common Name" and start it with this. If the key is
password-protected, you should be asked for your passphrase upon
starting it, if it is not stored in an unencrypted way.
If you now connect to that server using the hostname as defined in the
"Common Name" of the SSL certificate, the connection should work fine.
As soon as you connect to this server using a different address (e. g.
localhost instead of mumble.example.org) than this, the mumble client
crashes with SIGSEGV.
The behaviour I would have expected would be a dialoge popping up,
asking whether to connect even though the certificate's hostname does
not match the actual host.
--- cat /etc/lsb-release ---
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=8.04
DISTRIB_CODENAME=hardy
DISTRIB_DESCRIPTION="Ubuntu hardy (development branch)"
--- /cat /etc/lsb-release ---
--- apt-cache policy mumble ---
mumble:
Installed: 1.1.3-0ubuntu1
Candidate: 1.1.3-0ubuntu1
Version table:
*** 1.1.3-0ubuntu1 0
500 http://archive.ubuntu.com hardy/universe Packages
100 /var/lib/dpkg/status
--- /apt-cache policy mumble ---
** Affects: mumble (Ubuntu)
Importance: Undecided
Assignee: Thorvald Natvig (slicer)
Status: New
--
Mumble crashes when connecting to certain SSL certificate authenticated servers
https://bugs.launchpad.net/bugs/202776
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
