Chrome Update 87 Breaks viciphone

All installation and configuration problems and questions

Moderators: gerski, enjay, williamconley, Op3r, Staydog, gardo, mflorell, MJCoate, mcargile, Kumba, Michael_N

Chrome Update 87 Breaks viciphone

Postby alo » Wed Nov 18, 2020 12:02 pm

We had a bunch of agents update chrome today to the new Chrome Version 87.0.4280.66.

It looks like this started breaking. when they press call agent webphone it now RIngs and goes back to registered. all agents that havent updated chrome are fine.

anyone know what broke here?

**UPDATE**
Just found This from logs:

Google Chrome 87 will remove support for the non-standard RTP data channels in WebRTC in favor of the standard SCTP-based data channels.

Anyone know the process for changing to the standard SCTP-based data channels?
alo
 
Posts: 197
Joined: Wed Jun 20, 2012 10:21 am

Re: Chrome Update 87 Breaks viciphone

Postby mcargile » Wed Nov 18, 2020 6:11 pm

Just tested Chrome 87 with both my development version and the standard phone.viciphone.com version. It works just fine. Please post your JavaScript error output so we can see what is actually happening.
Michael Cargile | Director of Engineering | ViciDialGroup | http://www.vicidial.com

The official source for VICIDIAL services and support. 1-888-894-VICI (8424)
mcargile
Site Admin
 
Posts: 617
Joined: Tue Jan 16, 2007 9:38 am

Re: Chrome Update 87 Breaks viciphone

Postby carpenox » Wed Nov 18, 2020 7:09 pm

I've had no issues either, running in production across multiple clusters and single server setups. No one has reported any issues.
Alma Linux 9.4 | SVN Version: 3889 | DB Schema Version: 1721 | Asterisk 18.21.1 | PHP8
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WA: +19549477572
GC: https://join.skype.com/ujkQ7i5lV78O | DC: https://discord.gg/DVktk6smbh
carpenox
 
Posts: 2423
Joined: Wed Apr 08, 2020 2:02 am
Location: St Petersburg, FL

Re: Chrome Update 87 Breaks viciphone

Postby alo » Wed Nov 18, 2020 10:00 pm

I have found this only affects our vicibox7 server and not vicibox 8 or 9.

From the asterisk console we get
Code: Select all
ERROR[2989][C-00000025]: res_rtp_asterisk.c:2170 __rtp_recvfrom: DTLS failure occurred on RTP instance 'SomeNumberHere' due to reason 'tlsv1 alert protocol version', terminating


I decided chrome must have blocked TLSv1 or TLSv1.1. but I have disabled TLSv1 and TLSv1.1 everywhere I can think of.

Maybe I am missing it or can update apache or something?
alo
 
Posts: 197
Joined: Wed Jun 20, 2012 10:21 am

Re: Chrome Update 87 Breaks viciphone

Postby carpenox » Thu Nov 19, 2020 7:59 am

You can not use an old version of Asterisk and have it work as the browsers and WebRTC implementations change. You must use the latest version. You also have to ensure you are keeping up to date with the changes that browsers make and how they impact your usage. In this case you’ve probably gotten hit by the change for ECDSA which is not supported by Asterisk 13.2: https://developers.google.com/web/updat ... cdsa?hl=en 40 and if not that specific one then something else.

Hope this helps....I found this information about it though:

Solved this issue by upgrading openssl.
Use below commands to upgrade openssl in Ubuntu 14

echo ‘deb http://us.archive.ubuntu.com/ubuntu/ 25 xenial main restricted universe multiverse’ > /etc/apt/sources.list.d/xenial.list
aptitude update
aptitude install -y openssl libssl-dev
rm /etc/apt/sources.list.d/xenial.list
aptitude update

Use below commands to check openssl version

ldd /usr/sbin/asterisk | grep libssl
libssl.so.1.0.0 => /lib/x86_64-linux-gnu/libssl.so.1.0.0 (0x00007f33ce117000)

strings /lib/x86_64-linux-gnu/libssl.so.1.0.0 | grep 1.0.2
OPENSSL_1.0.2
OPENSSL_1.0.2g
SSLv3 part of OpenSSL 1.0.2g-fips 1 Mar 2016
TLSv1 part of OpenSSL 1.0.2g-fips 1 Mar 2016
DTLSv1 part of OpenSSL 1.0.2g-fips 1 Mar 2016
OpenSSL 1.0.2g-fips 1 Mar 2016

openssl version
OpenSSL 1.0.2g-fips 1 Mar 2016

After this delete all existing asterisk keys and recreate again

cd /usr/src/astersik*/contrb/scripts
sudo ./ast_tls_cert -C pbx.mycompany.com 5 -O “My Super Company” -d /etc/asterisk/keys
asterisk -rx “reload”

-Nox
Alma Linux 9.4 | SVN Version: 3889 | DB Schema Version: 1721 | Asterisk 18.21.1 | PHP8
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WA: +19549477572
GC: https://join.skype.com/ujkQ7i5lV78O | DC: https://discord.gg/DVktk6smbh
carpenox
 
Posts: 2423
Joined: Wed Apr 08, 2020 2:02 am
Location: St Petersburg, FL

Re: Chrome Update 87 Breaks viciphone

Postby elite_energy » Thu Nov 19, 2020 9:18 am

To jump on the Chrome 87 issue, has anyone had any trouble downloading recordings stored on an ftp server from call logs?
Vicidial 8.0.1 (2.14-661a Build 180222-0017) | Asterisk 11.25.3-vici | Cluster: DB, Web, 3 Dialer, 1 Archive (Win 10) | No Digium/Sangoma Hardware | No Extra Software After Installation | HP ProLiant DL360 G6 | Intel Xeon CPU E5540 @ 2.53GHz
elite_energy
 
Posts: 14
Joined: Mon Aug 12, 2019 12:04 pm

Re: Chrome Update 87 Breaks viciphone

Postby mflorell » Thu Nov 19, 2020 9:56 am

Looks like the Chrome developers think you shouldn't use FTP anymore:


"Chrome 87 released with fix for NAT Slipstream attacks, broader FTP deprecation
Support for FTP links will be disabled for 50% of Chrome 87 users, with a complete removal scheduled for Chrome 88."

https://www.zdnet.com/article/chrome-87 ... precation/
mflorell
Site Admin
 
Posts: 18384
Joined: Wed Jun 07, 2006 2:45 pm
Location: Florida

Re: Chrome Update 87 Breaks viciphone

Postby alo » Thu Nov 19, 2020 10:26 am

For my webphone issue,

I have the same version of asterisk on both Vicibox7 and vicibox8(which works fine) and looks like the same version of openssl too.

Any one know of some difference between vicibox7 and vicibox 8 I could look at? I assume its some configuration file for asterisk or apache, but not sure.

Thanks
alo
 
Posts: 197
Joined: Wed Jun 20, 2012 10:21 am

Re: Chrome Update 87 Breaks viciphone

Postby alo » Fri Nov 20, 2020 10:02 am

Looks like now since edge is Chromium it breaks with edge updating to version 87 too.

Anyone else experiencing this or am I the only one?
alo
 
Posts: 197
Joined: Wed Jun 20, 2012 10:21 am

Re: Chrome Update 87 Breaks viciphone

Postby alo » Fri Nov 20, 2020 10:31 am

Figured I could share a bit more info on what I found here.

Code: Select all
Google Chrome 87 will remove support for the non-standard RTP data channels in WebRTC in favor of the standard SCTP-based data channels.
RTP data channels was a nonstandard feature introduced into the WebRTC codebase at its creation. Standardization efforts resulted in the definition of SCTP-based datachannels, which are much more common, and interoperate with other browsers. The continued support of RTP data channels adds significant complexity to the codebase



the error I see in asterisk is:

Code: Select all
ERROR[356][C-00005f56]: res_rtp_asterisk.c:2170 __rtp_recvfrom: DTLS failure occurred on RTP instance '0x7f3a600119f8' due to reason 'tlsv1 alert protocol version', terminating
res_rtp_asterisk.c:4506 ast_rtp_read: RTP Read error: Unspecified.


Same version of asterisk 11.25.3
Works on vicibox8 and above but not vicibox 7
alo
 
Posts: 197
Joined: Wed Jun 20, 2012 10:21 am

Re: Chrome Update 87 Breaks viciphone

Postby alo » Fri Nov 20, 2020 2:12 pm

Fixed this by using DTLS 1.2.

Thanks
alo
 
Posts: 197
Joined: Wed Jun 20, 2012 10:21 am

Re: Chrome Update 87 Breaks viciphone

Postby carpenox » Fri Nov 20, 2020 2:14 pm

good postback
Alma Linux 9.4 | SVN Version: 3889 | DB Schema Version: 1721 | Asterisk 18.21.1 | PHP8
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WA: +19549477572
GC: https://join.skype.com/ujkQ7i5lV78O | DC: https://discord.gg/DVktk6smbh
carpenox
 
Posts: 2423
Joined: Wed Apr 08, 2020 2:02 am
Location: St Petersburg, FL

Re: Chrome Update 87 Breaks viciphone

Postby vishalmpai » Wed Dec 09, 2020 11:33 am

alo wrote:Fixed this by using DTLS 1.2.

Thanks

How you have done that. Can you please share the step.
Thank you.
vishalmpai
 
Posts: 8
Joined: Wed Dec 09, 2020 6:10 am

Re: Chrome Update 87 Breaks viciphone

Postby carpenox » Wed Dec 09, 2020 12:08 pm

have you tried to zypper up? its automatically updated in latest opensuse updates
Alma Linux 9.4 | SVN Version: 3889 | DB Schema Version: 1721 | Asterisk 18.21.1 | PHP8
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WA: +19549477572
GC: https://join.skype.com/ujkQ7i5lV78O | DC: https://discord.gg/DVktk6smbh
carpenox
 
Posts: 2423
Joined: Wed Apr 08, 2020 2:02 am
Location: St Petersburg, FL

Re: Chrome Update 87 Breaks viciphone

Postby vishalmpai » Wed Dec 09, 2020 12:52 pm

carpenox wrote:have you tried to zypper up? its automatically updated in latest opensuse updates


File '/repodata/repomd.xml' not found on medium 'http://download.opensuse.org/repositories/Apache/openSUSE_Leap_42.1/'
Warning: Skipping repository 'Apache_Leap_42.1' because of the above error.

File '/repodata/repomd.xml' not found on medium 'http://download.opensuse.org/repositories/devel:/languages:/perl/openSUSE_Leap_42.1/'
Warning: Skipping repository 'Perl_openSUSE_Leap_42.1' because of the above error.

File '/repodata/repomd.xml' not found on medium 'http://download.opensuse.org/repositories/server:database/openSUSE_Leap_42.1/'
Warning: Skipping repository 'server:database_openSUSE_Leap_42.1' because of the above error.
Some of the repositories have not been refreshed because of an error.

Loading repository data...
Warning: Repository 'openSUSE_Leap_42.1_Updates' appears to be outdated. Consider using a different mirror or server.
Reading installed packages...

The following 9 package updates will NOT be installed:
asterisk asterisk-dahdi asterisk-moh-base asterisk-snmp dahdi-linux dahdi-linux-kmp-default libasteriskssl1 libjson-c2 libosptk-4_13_0

Nothing to do.
vishalmpai
 
Posts: 8
Joined: Wed Dec 09, 2020 6:10 am

Re: Chrome Update 87 Breaks viciphone

Postby carpenox » Wed Dec 09, 2020 12:56 pm

what version of vicibox are u using?
Alma Linux 9.4 | SVN Version: 3889 | DB Schema Version: 1721 | Asterisk 18.21.1 | PHP8
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WA: +19549477572
GC: https://join.skype.com/ujkQ7i5lV78O | DC: https://discord.gg/DVktk6smbh
carpenox
 
Posts: 2423
Joined: Wed Apr 08, 2020 2:02 am
Location: St Petersburg, FL

Re: Chrome Update 87 Breaks viciphone

Postby vishalmpai » Wed Dec 09, 2020 1:39 pm

carpenox wrote:what version of vicibox are u using?


Vicibox 7
vishalmpai
 
Posts: 8
Joined: Wed Dec 09, 2020 6:10 am

Re: Chrome Update 87 Breaks viciphone

Postby carpenox » Wed Dec 09, 2020 1:55 pm

oh yea, your not gonna wanna zypper up with that, they dont update anymore for leap 42.1. youre gonna have to manually do the package via rpm probably but im not sure with 42.1, perhaps someone else here knows how to run that, or google how to update openssl for leap 42.1
Alma Linux 9.4 | SVN Version: 3889 | DB Schema Version: 1721 | Asterisk 18.21.1 | PHP8
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WA: +19549477572
GC: https://join.skype.com/ujkQ7i5lV78O | DC: https://discord.gg/DVktk6smbh
carpenox
 
Posts: 2423
Joined: Wed Apr 08, 2020 2:02 am
Location: St Petersburg, FL

Re: Chrome Update 87 Breaks viciphone

Postby carpenox » Wed Dec 09, 2020 7:59 pm

Anyone having issues that is on the latest version of vicibox(opensuse 15.1) try this:

zypper in ncurses-devel libxml2-devel sqlite-devel libsrtp-devel libuuid-devel openssl-devel

Good luck

Nox
Alma Linux 9.4 | SVN Version: 3889 | DB Schema Version: 1721 | Asterisk 18.21.1 | PHP8
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WA: +19549477572
GC: https://join.skype.com/ujkQ7i5lV78O | DC: https://discord.gg/DVktk6smbh
carpenox
 
Posts: 2423
Joined: Wed Apr 08, 2020 2:02 am
Location: St Petersburg, FL


Return to Support

Who is online

Users browsing this forum: No registered users and 110 guests