TLS/TCP socket buffer operation error when using TURN over TLS (turns:)

[Paride Legovini]

Hi,

While setting up a coturn turns: server I noticed that I could not connect to it using Google's webrtc library [1].

This is the error I'm getting at the coturn side:

2721: IPv4. tcp or tls connected to: 1.2.3.4:47716

2721: session 000000000000000002: TLS/TCP socket disconnected: 1.2.3.4:47716

2721: session 000000000000000002: closed (2nd stage), user <> realm origin <>, local 192.168.43.70:8443, remote 1.2.3.4:47716, reason: TLS/TCP socket buffer operation error  (callback)

 

In order to guess what the problem is I tried to connect to coturn via https using Chromium, but the browser gave me this error: ERR_SSL_PROTOCOL_ERROR, while coturn logged the same error as before. After trying a few things I noticed that I could connect to the server using Firefox, curl, or other tools, but not with Chromium. If I don't use TLS everything works fine both with Chromium and with the webrtc library.

I really don't know what could be wrong. The only thing I can think of if that both Chromium and the webrtc library use Google's BoringSSL library instead of OpenSSL, so the culprit may lie there,

This issue is easy to reproduce, for example this is a coturn server (now owned by me) working fine with curl:

$ curl https://turn1.whispersystems.org

<!DOCTYPE html>

<html>

  <head>

    <title>TURN Server (https admin connection)</title>

 <style> table, th, td { border: 1px solid black; border-collapse: collapse; text-align: left; padding: 5px;} table#msg th { color: red; background-color: white; } </style> </head>

  <body>

    <b>TURN Server</b><br><i>https admin connection</i><br>

<br>To use the HTTPS admin connection, you have to set the database table <b><i>admin_user</i></b> with the admin user accounts.<br>

</body>

</html>

the same is true with Firefox, while Chromium gives ERR_SSL_PROTOCOL_ERROR. I'm not the only one experiencing this issue [2] [3].

I'm running coturn 4.5.0.5 from Debian Stretch.

[1] https://chromium.googlesource.com/external/webrtc

[2] https://groups.google.com/forum/#!topic/turn-server-project-rfc5766-turn-server/CxrWCQjDGKc

[3] https://groups.google.com/forum/#!topic/turn-server-project-rfc5766-turn-server/-jFdNKSdebE

Thank you,

Paride

[Urban Mrak]

Hello,

Paride, have you find the solution, as I have similar problem. turns just not working with native android webrtc stack (M57). Coturn with certificate for turns work fine for native iOS. Firefox recognizes certificates ok. But Chrome is not and native Android does not work with turns.

Please give me info if you made native Android webrtc to work over turns.

Thanks.

[Paride Legovini]

Which version of coturn are you using?

This was a bug and has been fixed in 4.5.0.6, see:

https://github.com/coturn/coturn/issues/113

Paride

[Nitin Dhami]

@par

Do you have the latest docker image for this getting the same error " TLS/TCP socket buffer operation error (callback)"