Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[murmur] No SSL ciphers of at least 128 bit found (Resolu)
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index French
View previous topic :: View next topic  
Author Message
Chr0nos
Apprentice
Apprentice


Joined: 26 Feb 2010
Posts: 205

PostPosted: Sun Aug 15, 2010 7:04 pm    Post subject: [murmur] No SSL ciphers of at least 128 bit found (Resolu) Reply with quote

Bonjours,
j'ai un souci avec murmur (le serveur mumble) : impossible de m'y connecter depuis un client mumble: echec de la connection

du coup j'ai tenté de le relancer mais voila ce qui en a résulté:

Quote:

BlackPearl downloads # /etc/init.d/murmur restart
* Caching service dependencies ... [ ok ]
* Stopping Murmur ...
* start-stop-daemon: fopen `/var/run/murmur/murmur.pid': No such file or directory [ ok ]
* Starting Murmur ...
<W>2010-08-15 20:58:29.469 Initializing settings from /etc/murmur/murmur.ini (basepath /etc/murmur)
<F>2010-08-15 20:58:29.491 No SSL ciphers of at least 128 bit found


j'ai tenté de re-merge murmur mais rien n'a changé

le fichier /etc/murmur/murmur.ini
Quote:
BlackPearl downloads # cat /etc/murmur/murmur.ini
# Path to database. If blank, will search for
# murmur.sqlite in default locations or create it if not found.
database=/var/lib/murmur/murmur.sqlite

# If you wish to use something other than SQLite, you'll need to set the name
# of the database above, and also uncomment the below.
# Sticking with SQLite is strongly recommended, as it's the most well tested
# and by far the fastest solution.
#
#dbDriver=QMYSQL
#dbUsername=
#dbPassword=
#dbHost=
#dbPort=
#dbPrefix=murmur_
#dbOpts=

# Murmur defaults to not using D-Bus. If you wish to use dbus, which is one of the
# RPC methods available in murmur, please specify so here.
#
dbus=system

# Alternate service name. Only use if you are running distinct
# murmurd processes connected to the same D-Bus daemon.
#dbusservice=net.sourceforge.mumble.murmur

# If you want to use ZeroC Ice to communicate with Murmur, you need
# to specify the endpoint to use. Since there is no authentication
# with ICE, you should only use it if you trust all the users who have
# shell access to your machine.
# Please see the ICE documentation on how to specify endpoints.
ice="tcp -h 127.0.0.1 -p 6502"

# Ice primarily uses local sockets. This means anyone who has a
# user account on your machine can connect to the Ice services.
# You can set a plaintext "secret" on the Ice conntection, and
# any script attempting to access must then have this secret.
#icesecret=

# How many login attempts do we tolerate from one IP
# inside a given timeframe before we ban the connection?
# Note that this is global (shared between all virtual servers), and that
# it counts both successfull and unsuccessfull connection attempts.
# Set either Attempts or Timeframe to 0 to disable.
#autobanAttempts = 10
#autobanTimeframe = 120
#autobanTime = 300

# Murmur default to logging to murmur.log. If you leave this blank,
# murmur will log to the console (linux) or through message boxes (win32).
logfile=/var/log/murmur/murmur.log

# If set, murmur will write its process ID to this file.
pidfile=/var/run/murmur/murmur.pid

# The below will be used as defaults for new configured servers.
# If you're just running one server (the default), it's easier to
# configure it here than through D-Bus or Ice.
#
# Welcome message sent to clients when they connect
welcometext="<br />Welcome to this server running <b>Murmur</b>.<br />Enjoy your stay!<br />"

# Port to bind TCP and UDP sockets to
port=64738

# Specific IP or hostname to bind to.
# If this is left blank (default), murmur will bind to all available addresses.
#host=

# Password to join server
serverpassword=mon mdp :)

# Maximum bandwidth (in bits per second) clients are allowed
# to send speech at.
bandwidth=72000

# Maximum number of concurrent clients allowed.
users=100

# Regular expression used to validate channel names
# (note that you have to escape backslashes with \ )
#channelname=[ \\-=\\w\\#\\[\\]\\{\\}\\(\\)\\@\\|]+

# Regular expression used to validate user names
# (note that you have to escape backslashes with \ )
#username=[-=\\w\\[\\]\\{\\}\\(\\)\\@\\|\\.]+

# Maximum length of text messages in characters. 0 for no limit.
#textmessagelength=5000

# Maximum length of text messages in characters, with image data. 0 for no limit.
#imagemessagelength=131072

# Allow clients to use HTML in messages, user comments and channel descriptions?
#allowhtml=true

# Murmur retains the per-server log entries in an internal database which
# allows it to be accessed over D-Bus/ICE.
# How many days should such entries be kept?
#logdays=31

# To enable public server registration, the serverpassword must be blank, and
# this must all be filled out.
# The password here is used to create a registry for the server name; subsequent
# updates will need the same password. Don't lose your password.
# The URL is your own website, and only set the registerHostname for static IP
# addresses.
#
#registerName=Mumble Server
#registerPassword=secret
#registerUrl=http://mumble.sourceforge.net/
#registerHostname=

# To enable bonjour service discovery uncomment the following line.
# To change the name announced by bonjour adjust the registerName variable.
# See http://developer.apple.com/networking/bonjour/index.html for more information
# about bonjour.
#bonjour=True

# If you have a proper SSL certificate, you can provide the filenames here.
#sslCert=
#sslKey=

# If murmur is started as root, which user should it switch to?
# This option is ignored if murmur isn't started with root privileges.
uname=murmur

# If this options is enabled, only clients which have a certificate are allowed
# to connect.
#certrequired=False

# You can configure any of the configuration options for Ice here. We recommend
# leave the defaults as they are.
# Please note that this section has to be last in the configuration file.
#
[Ice]
Ice.Warn.UnknownProperties=1
Ice.MessageSizeMax=65536


Last edited by Chr0nos on Tue Aug 17, 2010 8:43 am; edited 1 time in total
Back to top
View user's profile Send private message
El_Goretto
Moderator
Moderator


Joined: 29 May 2004
Posts: 3090
Location: Paris

PostPosted: Sun Aug 15, 2010 10:22 pm    Post subject: Reply with quote

Tu as bien une version de client à peu près identique à celle du serveur? (1.2.x)?
Tu as bien un certificat et une clé SSL visible dans les paramètres de ton instance murmur en question (visible à travers ICE ou DBUS)?
Tu as aussi généré ce qui va bien côté client (certif' auto signé)?
_________________
-Gentoo hardened [EoL]: µ-serv Gen8 G1610T, 8Go ECC ; NF9D-2700, 4Go
-FreeBSD 11/Vimage/Jails: DS61, i3 2100T, 16Go ; FreeNAS: µ-serv N40L, 8Go ECC
-Réseau: ERL-3 + ESL-24 + GS108Tv2
-NAS: RN312
Back to top
View user's profile Send private message
Chr0nos
Apprentice
Apprentice


Joined: 26 Feb 2010
Posts: 205

PostPosted: Sun Aug 15, 2010 11:05 pm    Post subject: Reply with quote

1) oui j'ai la derniere version du client
2) le certificat a pas changé depuis avant que ca marchais (mais je suppose qu'une maj a du coincer de ce coté ci du coup) (comment on fais pour voir si c visible a traver de dbus ? (connais pas ice))
3) oui pour le certif auto-signé j'ai meme tenté l'authentification par certif: rien n'y fait
Back to top
View user's profile Send private message
El_Goretto
Moderator
Moderator


Joined: 29 May 2004
Posts: 3090
Location: Paris

PostPosted: Mon Aug 16, 2010 9:34 am    Post subject: Reply with quote

Chr0nos wrote:
1) oui j'ai la derniere version du client

Bon, alors tu n'est pas dans le même cas que moi avant que je ne passe murmur de 1.1.8 en 1.2.2 (j'avais aussi une cagade avant la mise à jour)
Chr0nos wrote:
2) le certificat a pas changé depuis avant que ca marchais (mais je suppose qu'une maj a du coincer de ce coté ci du coup) (comment on fais pour voir si c visible a traver de dbus ? (connais pas ice))

Perso j'ai laché mes vains efforts pour rester en CLI et j'ai installé une interface web (django-mumble). Je prévois d'essayer MumPI sous peu aussi. Elles te permettent de gérer les multiples instances possibles de murmur ("virtual servers") sur une même machine. Du coup, moi aussi je m'étais trompé en pensant que tout se faisait dans murmur.ini (comme la bande passante par client), alors que non, il ne s'agit que de valeurs par défaut à la création initiale des instances, tout doit être paramétré sur l'instance elle même via ICE ou DBUS.
En 1.1.x, j'utilisais dbus, car installer ICE sur gentoo était une véritable plaie. Depuis, ICE a connu pas mal de MAJ, et les ebuild gentoo se sont bonifiée. "Ca marche". Il faut savoir que le projet mumble a déprécié le support DBUS au profit ded ICE.
Chr0nos wrote:
3) oui pour le certif auto-signé j'ai meme tenté l'authentification par certif: rien n'y fait

Pas d'authentification basée sur les certificats non plus sur mes 2 machines.

Par hasard, fait un coup de revdep-rebuild, des fois que ce soit une dépendance cassée (au hasard openssl qu'on retrouve vite).
Code:
# equery g murmur-1.2.2 --depth=1
[ Searching for packages matching murmur-1.2.2... ]
* dependency graph for media-sound/murmur-1.2.2
`-- media-sound/murmur-1.2.2
 `-- dev-libs/openssl-0.9.8o
 `-- dev-libs/protobuf-2.3.0-r1
 `-- sys-libs/libcap-2.17
 `-- x11-libs/qt-core-4.6.2-r1
 `-- x11-libs/qt-sql-4.6.2
 `-- x11-libs/qt-xmlpatterns-4.6.2
 `-- x11-libs/qt-dbus-4.6.2 [ dbus ]
 `-- dev-libs/Ice-3.4.1 [ ice ]
 `-- net-dns/avahi-0.6.25-r1 [ zeroconf ]
 `-- net-misc/mDNSResponder-212.1 [ zeroconf ]
 `-- dev-libs/boost-1.41.0-r3
 `-- dev-util/pkgconfig-0.25-r2
[ media-sound/murmur-1.2.2 stats: packages (13), max depth (1) ]



Perso, mon upgrade récent de murmur en 1.2.2 s'est fait suite à un upgrade général et propre du reste du système.

--
edit:
ceci dit, pour django-mumble, DBUS est encore la solution la plus fiable (aucun problème avec), alors que j'ai toujours quelques merdouilles avec ICE.

_________________
-Gentoo hardened [EoL]: µ-serv Gen8 G1610T, 8Go ECC ; NF9D-2700, 4Go
-FreeBSD 11/Vimage/Jails: DS61, i3 2100T, 16Go ; FreeNAS: µ-serv N40L, 8Go ECC
-Réseau: ERL-3 + ESL-24 + GS108Tv2
-NAS: RN312
Back to top
View user's profile Send private message
Chr0nos
Apprentice
Apprentice


Joined: 26 Feb 2010
Posts: 205

PostPosted: Mon Aug 16, 2010 5:33 pm    Post subject: Reply with quote

je viens de tenter derecompiller openssl -> aucun changement :(
Back to top
View user's profile Send private message
boozo
Advocate
Advocate


Joined: 01 Jul 2004
Posts: 3193

PostPosted: Mon Aug 16, 2010 8:35 pm    Post subject: Reply with quote

'alute

bug mumble-1.2 semble-t-il. Essaie voir si la proposition en comment #3 ne règle pas aussi le pb chez toi :wink:
_________________
" Un psychotique, c'est quelqu'un qui croit dur comme fer que 2 et 2 font 5, et qui en est pleinement satisfait.
Un névrosé, c'est quelqu'un qui sait pertinemment que 2 et 2 font 4, et ça le rend malade ! "
Back to top
View user's profile Send private message
Chr0nos
Apprentice
Apprentice


Joined: 26 Feb 2010
Posts: 205

PostPosted: Tue Aug 17, 2010 8:02 am    Post subject: Reply with quote

ah merci ca a marché ! \o/
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index French All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum