Age | Commit message (Collapse) | Author |
|
|
|
1d45d991aa4d53b6c1bd7d7cae0126a21f3991e1 refactored the audio processing
on the server and introduced the new AudioReceiverBuffer class. In the
function that is responsible for obtaining the current range of
receivers that shall obtain the identical audio packet, the passed begin
iterator was always dereferenced. However, in the case in which the
receiver list is actually empty begin == end and therefore dereferencing
the begin iterator is undefined behavior.
This could lead to the entire server crashing (or could work just fine -
UB is great at this) but in any case, this is a severe problem.
The fix consists of a simple check for this specific situation and an
early return in that case.
Co-Authored-By: Irak Rigia <tarakrigia@gmail.com>
|
|
|
|
Previously Mumble was using a custom binary format for transmitting data
via UDP (mainly audio). This has worked for a long time but besides
being inconvenient for 3rdParty implementors (they had to manually
re-implement encoding and decoding support for this format) this format
was not very flexible and changes to the data format were very hard.
In order to improve on this situation, this commit introduces changes
that allow to use Protobuf for the UDP messages as well (it's already
used for TCP). With that it should be relatively easy to extend/change
the UDP packet formats in the future and 3rdParty implementors can now
simply use Protobuf to handle decoding/encoding packets for them (much
less work and much less prone to errors).
Since the new Protobuf format is incompatible with the old UDP format,
this commit also includes support for dealing with older clients or
servers that don't recognize the new protocol yet. That way the new
protocol format is only used if both the client and the server are
recent enough to have it implemented (assumed to be the case >=1.5.0).
Note also that the server will make sure that clients using the old and
the new format can seamlessly communicate with one another.
Therefore, on the surface it should not be noticeable to the user which
protocol is currently used.
Note also that the new protocol format only supports Opus as an audio
codec. If one of the legacy codecs is to be used, the legacy packet
format has to be used as well. However, all codecs except for Opus will
be removed from Mumble in the future anyway.
Fixes #4350
|
|
Previously the default values for the member fields in the Settings
struct (and related structs) have been performed explicitly in the
corresponding constructor (if there even was one).
Besides the constructors not using initialization lists but instead
assigning a value in the constructor body (supposedly slower than member
initialization lists), this also blew up the constructor's size and
required to duplicate all variables in there (and not forget any, which
could in turn cause UB due to uninitialized memory).
For these reasons, this commit refactors these structs to us in-class
initialization of all member variables. Some of these values might get
overwritten in the corresponding constructor (e.g. if the value depends
on a preprocessor flag) but for most variables, this is not the case.
The script for generating the Settings JSON serialization was adapted
accordingly.
|
|
|
|
|
|
|
|
Apparently the first commit (59ae429972c16c377135bcccfee646b7df446933)
did not include all files.
Furthermore the used script tended to produce funny results in certain
cases. This has been fixed and as a result thereof a few more changes
were made in this second run.
|
|
This is needed in order for the <cmath> header to also define constants
like M_PI. Instead of manually defining the macro every time before
including <cmath>, the macro is now defined via cmake and thus always
defined.
|
|
If they are not there is the potential of name clashes when performing a
unity build.
See: https://stackoverflow.com/questions/847974/the-benefits-disadvantages-of-unity-builds
|
|
This was done by running scripts/updateLicenseHeaders.py and then
manually editing the LICENSE file.
|
|
The mitigation for vulnerabilities discovered in
OCB2 (https://eprint.iacr.org/2019/311, called XEX* attack, or XEXStarAttack, in code)
introduced in be97594 (#4227) willingly allowed for some packets with specific
characteristics to be dropped during encryption to prevent the vulnerability
from being exploited.
It was assumed that the chance of such packets was sufficiently small (given
we are dealing with compressed audio) that such loss was acceptable.
It was however discovered that digital silence (as produced by e.g. a noise
gate) will cause Opus to emit almost exclusively such packets, leading to strong
artifacts on the receiving end. See #4385.
This commit tries to work around the issue by modifying such packets in a way
which will no longer require them to be dropped, and yet produce the expected
output on the receiver side.
As far as I understand [Opus] (specifically section 4.1, 4.3.0 and 4.3.3), the
0s are simply unused bits and are only there because we running Opus in constant
bitrate mode. So, flipping one of them should have no effect on the resulting
audio.
[Opus]: https://tools.ietf.org/html/rfc6716
Fixes #4719
|
|
|
|
The TestServerResolver test requires an active internet connection. This
is something that is not really expected when running the tests and will
cause test failure if used without an internet connection.
Therefore this commit makes this test optional. By default this test
will not be built. If you want to enable it (and potential future
tests that require an internet connection), you have to use
-Donline-tests=ON when invoking cmake.
|
|
As some tests only make sense to be run if a given component is included
in the build (client/server), this commit makes sure no unnecessary
tests are built (and run).
Furthermore it removed the dependency of some tests on a certain target
having a source-dir property.
And finally it also removed the references to "NO_USE_SRV" from
TestServerResolver as this macro is never defined anywhere (it's
probably a remnant of the old qmake system).
Co-Authored-By: Sebastian Parborg <darkdefende@gmail.com>
|
|
This commit removes all qmake-related build-files from the system. We
have now migrated to cmake and are no longer maintaining qmake anyways
and therefore there is no reason to keep it.
Removing it also clearly states to any potential user/programmer that
this project is no longer intended to be compiled with qmake.
Given that the .pri files no longer exist, the mumble-version.py script
had to be adapted to read the version from the CMakeLists.txt file
instead.
Furthermore a few of the submodules support cmake natively and therefore
we no longer need the src/buid-directory approach in order to build
them. The respective build dirs have been removed and the src-dirs have
been renamed.
|
|
|
|
This changes all occurances of NULL in the tests source
dir to nullptr. Additionally explicit comparisons with NULL were
removed.
|
|
qrand() has been deprecated in Qt 5.15. Therefore this commit replaces
it with QRandomNumberGenerator as recommended by Qt.
As the RNG returned by QRandomNumberGenerator::global() (which was used
throughout this refactoring) is already seeded (according to the docs),
there is no need to explicitly seed the RNG in the main function as has
been done before by calling qsrand().
|
|
types in the future. Moved all crypto-related files into src/crypto.
|
|
OCB2 is known to be broken under certain conditions:
https://eprint.iacr.org/2019/311
To execute the universal attacks described in the paper, an attacker needs
access to an encryption oracle that allows it to perform encryption queries with
attacker-chosen nonce. Luckily in Mumble the encryption nonce is a fixed counter
which is far too restrictive for the universal attacks to be feasible against
Mumble.
The basic attacks do not require an attacker-chosen nonce and as such are more
applicable to Mumble. They are however of limited use and do require an en- and
a decryption oracle which Mumble seemingly does not provide at the same time.
To be on the safe side, this commit implements the counter-cryptanalysis
measure described in the paper in section 9 for the sender and receiver side.
This way if either server of client are patched, their communication is almost
certainly (merely lacking formal proof) not susceptible to the attacks described
in the paper.
|
|
for Qt 5.14 and higher
|
|
|
|
For reference: https://wiki.qt.io/Transition_from_Qt_4.x_to_Qt5
|
|
Qt 4: https://doc.qt.io/archives/qt-4.8/qatomicint.html
Qt 5: https://doc.qt.io/qt-5/qatomicint.html
|
|
Qt 4 used a different implementation because QDnsLookup was introduced in Qt 5.
Unlike the complete implementation, the Qt 4 compatible one only supported simple lookups (e.g. hostname -> IP address).
|
|
This commit adds all the missing includes when the PCH header is not used.
Also, some includes are reordered and/or made consistent (e.g. "#include <QtEndian>" -> "#include <QtCore/QtEndian>").
|
|
According to Qt's documentation the PCH header doesn't need to be included.
From https://doc.qt.io/qt-5/qmake-precompiledheaders.html:
"To make your project use precompiled headers, you only need to define the PRECOMPILED_HEADER variable in your project file."
"qmake will handle the rest, to ensure the creation and use of the precompiled header file. You do not need to include the precompiled header file in HEADERS, as qmake will do this if the configuration supports precompiled headers."
|
|
|
|
|
|
This fixes the build on our OS X Universal builder.
Our legacy OS X Universal builder's gcc 4.2 seems to
misparse this.
The only place the default argument is used is in test
code, which is easily changable. Also, this is internal
API, so we can change it as we wish.
Fixes mumble-voip/mumble#3336
|
|
This commit adds tests to ensure that it's now possible to create a
client certificate without an email, and that creating a client certificate
with an email still works.
This is added because SelfSignedCertificate now conditionally adds an email
subject alt name (SAN) to the generated certificate. If the passed-in email
is empty, SelfSignedCertificat will not include the SAN.
|
|
SelfSignedCertificate's new logic
Now it shouldn't fail, since we don't rely on the name and email to detect the certificate type anymore.
|
|
It was a copy/paste error.
|
|
|
|
|
|
overwriting them.
Now that test.pri adds source files and headers by default, the .pro files
of our tests need to append to SOURCES and HEADERS to ensure everything
test.pri adds to SOURCES and HEADERS are kept around.
|
|
|
|
|
|
This adds a 'just-in-case' test for correct runtime behavior of std::abs's
float overload.
|
|
original port given to the resolver.
Instead of using the port from the QDnsServiceRecord, the
srvResolved() slot used m_origPort. Oops.
Fixes mumble-voip/mumble#3267
|
|
Also updates TestFFDHE to exercise the new method (and, in doing so,
refactors the tests a bit).
The core check logic from exercise() is moved into a tryFFDHELookupByName
function, which is now used by both the exercise() test, as well as the
namedGroupsMethod() test that is added by this commit.
|
|
Consistently use single space before assignment operator.
|
|
Make them consistently two spaces indentation.
In two places a wrong indentation level was fixed.
|
|
This commit adds a new class that gives access to the
Diffie-Hellman parameters from RFC 7919.
The class exposes a static function, PEMForNamedGroup, which
looks up a set of Diffie-Hellman parameters in PEM form by
the name used in RFC 7919.
For example, to get the PEM form of 'ffdhe2048', you would
call
QByteArray pem = FFDHE::PEMForNamedGroup(QLatin1String("ffdhe2048"));
With that in hand, you can pass the returned PEM data to
QSslDiffieHellmanParameters to construct an object that can be set
on a QSslSocket-based TLS server.
|
|
This test tests that our SSLLocks class works correctly.
Note: Since OpenSSL 1.1, OpenSSL provides their own locking for Windows
and POSIX systems. So if you're playing around with this test, you should
only be able to make it crash OpenSSL versions prior to 1.1.
|
|
ensure OpenSSL is properly initialized.
|
|
certificates.
|
|
This moves the refactored certificate generation code from
src/murmur/Cert.cpp into its own file, src/SelfSignedCertificate.cpp.
Furthermore, the code is refactored to also be able to fulfil the duties
of Mumble's code for generating self-signed certificates.
The old code in both Mumble and Murmur is updated to call the new
SelfSignedCertificate methods for generating client and server
certificates.
This fixes the ability to build Mumble with OpenSSL 1.1.
(Previously, only Murmur could be built.)
|