With this patch ConfigWidgets can set the new requireRestartToApply
variable to true to cause the ConfigDialog to ask the user wheter
he wants to restart to apply the settings immediatly. If the
user agrees we exit the event loop with the special
MUMBLE_EXIT_CODE_RESTART causing a relaunch of the client and
safe application of the new settings.
For some option changes a client restart is required
to fully apply the changes. This patch enabled Mumble
to restart itself. This is accomplished by adding a
special MUMBLE_EXIT_CODE_RESTART exit code that is
cought right before the application terminates. Mumble
then uses available session information to launch
another instance of itself right before it exits. As
this happens after the vast majority of cleanup multiple
client restrictions and other resource contention issues
do not come into play.
Launching another client deviates from the usually
recommended way of not exiting the process but simply
doing a re-initialization of the application after the
cleanup. With Mumble this is tricky as we have some
objects for which we do not control the lifetime after
we initialized them once and others might be managed
sloppily as the design never expected to have to
re-initialize. We should strive to clean up these
weaknesses in resource management but for now the
approach taken here works around them.
We have had reports that a lot of users out of habit add
http:// or https:// schemas to server addresses when adding
a new server. This patch changes the ConnectDialogEdit to
drop schema and path components from server addresses if
present. This happens automatically when accepting the
dialog.
In theory, the installer should already do this, but if we
aren't caferful with our component GUID'ing (or so the docs say),
it can break.
This method will force the uninstallation to happen before
installation.
This should fix the issue where stale files from old versions
are left behind.
You cannot query for GLX_WIDTH and GLX_HEIGHT using glXQueryDrawable in Mesa.
It simply fails with an error, and crashes the program:
X Error of failed request: GLXBadDrawable
Major opcode of failed request: 156 (GLX)
Minor opcode of failed request: 29 (X_GLXGetDrawableAttributes)
Serial number of failed request: 41
Current serial number in output stream: 41
The old check to only allow using glXQueryDrawable using GLX > 1.2
presumably worked for older Mesa versions, but now, Mesa advertises
GLX > 1.2.
That makes the overlay practically unusable when using Mesa.
This commit changes the code path to detect Mesa instead of GLX > 1.2,
and makes the overlay work correctly on Mesa once again.
Linking the overlay library with '-z now' requires all target
processes to have libGL symbols in them at load time.
If it doesn't, the program will not start at all.
Instead, explicitly use '-z lazy' to defer libGL symbol resolution
until first use, which is never for non-libGL users.
The default Boost installation paradigm for non-Unix boxes
is to install Boost into your include directory with a version
attached. For example:
include/boost-1_49/boost
However, it is also possible to install Boost in a more traditional
manner, such that it simply lives in include/boost, instead of having
a version attached -- this is called a tagged installation, and
is triggered via 'b2 --layout=tagged'.
All of our build environments use tagged Boost installations, and thus
we can avoid the embedded versions now that we have transitioned to
using build environments from mumble-releng.
While we don't necessarily want to force the build environments
from mumble-releng on people, the versioned includes are a bad idea
in the first place, because they require constant maintenance.
Nothing prevents people from adding a non-tagged include themselves,
if that is what their home-grown build environment uses.
Applies the Qt 4 workaround in 3283ac2fdd
also to Qt versions before 5.3 as those have the same API restrictions
on the QSslChiper constructor. Unfortunately the Qt documentation
doesn't have the usual note about it having been added later which
made this slip through. This should fix our builds on trusty.
This patch fixes dual-stack UDP on Windows as well as for unsual
Linux configurations by ensuring the UDP sockets we create
inherit their IPV6_V6ONLY sockopt from their corresponding
TCP socket. Previously on systems where IPV6_V6ONLY was enabled
by default (e.g. Windows) we would incorrectly create an
IPv6 only socket even though our TCP socket and the system
are dual-stacked.
The dual-stack detection moved from Meta.h to Server.h into the
SslServer class where it is a better fit. Also modified the function
to instead of querying the value of IPV6_V6ONLY on a test socket
it now tries to actively disable it. While previously dual stack
support was only detected if it was the default configuration for
that system, it should now be detected in all cases. The function
also now performs the same check on Windows socket where the default
actually is to have IPV6_V6ONLY enabled.
If no host string is given murmur should listen for Ipv4 as
well as IPv6 address on all devices. Due to a semantics change
for requesting dual-stacked sockets between Qt 4 and Qt 5 we
accidentally requested an IPv6 only socket for dual-stacked
systems in Qt 5. This patch remedies that.
Fixes#1668
This commit updates the Mumble installer to install all binaries except
mumble.exe into a "versioned root".
For example, a typical Mumble installation would look something like this
(rooted the install target, typically "C:\Program Files (x86)\Mumble"):
/mumble.exe
/Versions/1.3.0/mumble_app.dll
/Versions/1.3.0/mumble_ol.dll
/Versions/1.3.0/mumble_ol_x64.dll
/Versions/1.3.0/mumble_ol_helper.exe
/Versions/1.3.0/mumble_ol_helper_x64.exe
/Versions/1.3.0/mumble-g15-helper.exe
/Versions/1.3.0/[various runtime DLLs, D3DCompiler, MSVCRT, etc.]
This also changes the installer to disable use of the Windows restart
manager.
The Windows restart manager does not work too well when the Mumble
overlay is in use. In this case, the restart manager will prompt users
to restart all applications that the overlay is injected into.
Users see this as a big list of programs that they must close to
upgrade Mumble.
This can be very scary for anyone that does not know about the
inner workings of the Mumble overlay, and are new to Mumble.
It is an instant red flag for people, and they will associate
Mumble with malware, or be afraid that it will actually touch
anything in those programs and make them unusable in some fashion.
The combination of disabling the restart manager and the new
versioned directory hierarchy removes nearly all of the cases
where a user sees a "file in use" dialog when running the Mumble
installer.
The overlay DLLs will not trigger the "files in use" dialog anymore,
because upgrading to a newer version of Mumble will cause the new
overlay DLLs to be installed in a distinct directory.
The removal of the old overlay files will also not trigger the
"files in use" dialog. Their removal will simply be scheduled
on the next restart of the computer.
This commit also includes a forceful termination of "mumble.exe"
when performing an upgrade of the Mumble installation. This is done
because the removal of the restart manager functionality in the
installer unfortunately also removes the ability to have the restart
manager quit Mumble on upgrade.
With the implementation of the versioned directory hierarchy, there
is a problem with the placement of some of our dependencies, at least
when Mumble and Murmur are installed at the same time.
The "murmur.exe" executable expects dbghelp.dll, msvcr120.dll and
msvcp120.dll to be next to "murmur.exe". However, with this new
directory hierarchy for the client, those DLLs live in the versioned
root instead.
To remedy this, we include two copies of these dependencies. If Murmur
is not chosen during installation, only Mumble's copies are installed
in the versioned root. If Murmur is selected, the DLLs will also be
installed next to murmur.exe.
This commit bakes the MUMBLE_VERSION string into mumble.exe.
This version string is used to determine where to load mumble_app.dll
from, and what to consider the root directory for other binaries.
In pseudo code, if the path
${MUMBLE_EXE_DIRECTORY}\Versions\${MUMBLE_VERSION}
exists, the mumble.exe binary will use that as the root for loading
mumble_app.dll, and all further binaries.
If mumble.exe finds the aforementioned directory, it sets the
MUMBLE_VERSION_ROOT environment variable to signal which directory
to use as the "application root" directory for loading further
binaries.
* Now that we no longer do anything when unloading the overlay DLL,
remove the injection of FreeLibrary. This also drops some undefined
behavior.
** If we inject into rendering (D3Dxx.cpp) we hold a self-reference to
prevent to ever be unloaded. For this case, there is no issue as the
hooks will always exist.
** In case of no rendering-injection, our module can actually be
unloaded. In that case, MyFreeLibrary would call the original function
which in turn would lead to a call to DllMain with DLL_PROCESS_DETACH,
at which point we restore the hooks to their original equivalents in
dllmainProcDetach.
However, afterwards, execution returns to our MyFreeLibrary function,
whichs code is no longer the code we began executing.
** This also leads to the question whether the non-trampoline hooking
ever worked/even works. We restore, call the original (which is already
code that no longer exists) and then inject again.
This commit adds the 'sslCiphers' option to Murmur.
The 'sslCiphers' option is used to configure the list of advertised
TLS cipher suites. The option lives on Meta, so it is a server-wide
configuration, and cannot be configured on a per-virtual-server basis.
The 'sslCiphers' option uses the OpenSSL's cipher list format to
describe the cipher suite selection. For more information on this
format, see:
https://www.openssl.org/docs/apps/ciahers.html#CIPHER-LIST-FORMAT
This commit adds a new method to MumbleSSL that returns Mumble's
preferred cipher suites represented in the OpenSSL cipher list format.
This commit does not hook up the function to anything. It merely
implements it.
Previously, Mumble relied on OpenSSL's default cipher suites. However,
that decision has increasingly turned out to be unwise. Often, new TLS
vulnerabilities require server admins and users to be able to change the
cipher suites advertised by their software to help mitigate the damage.
This was not previously possible in Mumble.
The other thing that prompted this change is the Logjam TLS vulnerablity
(https://weakdh.org/, CVE-2015-4000). Mumble is not vulnerable to Logjam,
because Mumble has never allowed export grade DH groups. However, one of
the other key takeaways from the Logjam paper, "Imperfect Forward Secrecy:
How Diffie-Hellman Fails in Practice", is that the Internet community
should move towards DH groups bigger than 1024 bits, and preferably use
unique groups on a per-server basis. Unfortunately, neither of these two
solutions are possible with API that Qt provides for TLS.
To remedy this, we instead drop support for non-Elliptic Curve DH
in the default cipher configuration. We don't have any legacy clients
to support that can only use DH, so this is fine.
The OpenSSL cipher list in MumbleSSL::defaultOpenSSLCipherString()
evaluates to the following set of cipher suites, in order of preference:
ECDHE-RSA-AES256-GCM-SHA384 (TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384)
ECDHE-ECDSA-AES256-GCM-SHA384 (TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384)
ECDHE-RSA-AES128-GCM-SHA256 (TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256)
ECDHE-ECDSA-AES128-GCM-SHA256 (TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256)
AES256-SHA (TLS_RSA_WITH_AES_256_CBC_SHA)
AES128-SHA (TLS_RSA_WITH_AES_128_CBC_SHA)
The CBC-mode cipher suites are included for backwards compatibility with
older 1.2.x Mumble clients and other implementations that only use
TLSv1.0.
This commit implements MumbleSSL::ciphersFromOpenSSLCipherString(),
which reads a string in OpenSSL's cipher list format and returns a list
of QSslCiphers for use with QSsl.
This function will be used for implementing user-configurable cipher
suites in Mumble and Murmur.
This commit also changes our precompiled headers slightly by rearranging
the OpenSSL includes. This is done because the ssl.h header on Windows
requires winsock2.h (and perhaps others). By moving the includes, we
ensure that winsock2.h is included.
* For D3D10 and D3D11 the underlying DXGI provides the present and reset
functions. Hence, those hooks are in dxgi.cpp rather than the respective
d3d files.
** Remove unused hook variables
* When unloading the overlay DLL freeD3D9Hook was called *after* unloading the DLL. This is incorrect.
** For applications that actually use D3D and we inject into, the DLL is
never unloaded because we hold a refernce to it ourselves. So in this case,
the problematic code is never executed.
** When not actually injecting, the DLL will be unloaded, and then the
function freeD3D9Hook is called which is from that DLL.
** As we’re executing code in undefined space which previously held the
function, this may or may not crash.
* Remove the freeD3D9Hook function
** The function freeD3D9Hook just resets some fields to NULL and a flag
to false. As the DLL is unloaded anyway, these are never used again.
Hence, we can just remove it altogether (rather than just calling it
before unloading).
Right now, we do not get PDB files for our overlay DLLs because
the overlay DLL PDB files share their name with the overlay helper
PDB files.
To avoid this madness, we rename the overlay helpers as follows:
mumble_ol.exe -> mumble_ol_helper.exe
mumble_ol_x64.exe -> mumble_ol_helper_x64.exe
In some configurations, fx11 will use symbols like CreateFile2
that are only available on Windows 8 and greater.
This change forces the library to only use APIs that are
available on Windows XP.
Fixes#1666
We do not plan on using ICC to build mumble now or in the
foreseeable future. Hence this patch drops it.
It also removes some backwards compatibility code that
worked around bad C compatibility with VC10 mostly
related to math header usage.
Updated compiler.pri to make use of the new /Zo
option to improve our debugging capabilities on optimized
builds. This flag is officially supported since
Visual Studio 2013 Update 3.
This patch updates the compiler flags under the assumption
of us using VC12. This mostly consists of dropping flags
this compiler already set by default as well as removing
a conditional. This might even still build from this point
on VC10 support is considered to be dropped.
Since ConnectDialog::accept calls are refused if no item is selected,
and the server last connected to is selected in ConnectDialog::timeTick
(after initialisation), it doesn't make sense for the Connect button
to be enabled before a server is selected.
If the XDG_RUNTIME_DIR environment variable is present the overlay
pipe and RPC socket will be created at..
$XDG_RUNTIME_DIR/MumbleSocket
$XDG_RUNTIME_DIR/MumbleOverlayPipe
Since we plan to drop Qt 4 support for building the client
soon'ish add an explicit 'qt4-legacy-compat' flag that has
to be set to still build the client with qt 4. If the flag
is not set we error out of the build to ensure the maintainer
has to actively aknowledge using a legacy version. Even
when the flag is set we still show a warning as a reminder.
Before this commit, Mumble indiscriminately attenuates applications.
A simple example: it would attenuate applications that were set to output
to HDMI -- something that wasn't always desirable. My HDMI wouldn't need
to be attenuated because I am able to physically distinguish between sound
coming from either my HDMI or my laptop and "tune in" accordingly.
A more advanced use case is my PulseAudio streaming setup. I create two
additional sinks: "stream" and "stream_spkr." The "stream" sink is used
when I want to send audio from an application to my stream but not to
my speakers/headset (i.e., background music or something). In this case,
before this commit Mumble would attenuate my program playing the
background music. If I am running Mumble off-stream (which I often am),
this leads the background music volume fluctuating for seemingly no reason.
The second sink, "stream_spkr" routes both to "stream" and my
speakers/headset via two module-loopbacks. In this way, anything I attach
to stream_spkr can be heard both by my viewers and myself.
The option to include attenuation on loopback modules is for advanced
configurations. Loopback modules are used to route audio, usually between
a sink monitor and a sink. Sometimes it might be beneficial to attenuate a
loopback module that goes into Mumble's sink. Sometimes, however it's
inconvenient such as in the case where a user moves an application to
another sink that uses a loopback to Mumble's sink in order to specifically
have Mumble ignore attenuation on that application. But, if the loopback
that carries the non-Mumble sink's audio back to Mumble's sink is attenuated
then there would still be indirect attenuation of that application. In my
configuration, an example is the loopback from stream_spkr.monitor to the
physical speakers.
Only PulseAusio is supported in this patch, but this functionality could
potentially be extended to other audio systems.