-
Notifications
You must be signed in to change notification settings - Fork 394
VoIP broken in F-Droid (and PlayStore?) build, TURN credentials not being renewed (was: Riot calls with "Media Connection Failed" error outside LAN?) #1744
Comments
Your best bet is to submit bug reports from both the sending and receiving clients and then ping us on #matrix-dev:matrix.org to investigate. Also look at your coturn logs to see if you can see both clients trying to talk TURN to it in order to create the necessary ICE candidates. |
I'm seeing similar behavior. It looks like in my case the cause is that one of the clients doesn't even attempt to fetch TURN credentials from the Synapse server. @saljut7 can you check if that's the case for you as well?
In Synapse log, i can see messages for user G requesting I can see mentions of both users in the coturn log though. For user G there are success messages like It's interesting that client F appears to know what TURN server to use (if its appearance in coturn log proves that? i'm not very familiar with TURN), but doesn't have or even try to request the credentials. Not sure if some broken caching could be to blame? Is it even possible for the riot client to know the turn server address if it doesn't issue the |
Very interesting, indeed the issue went away when i force-stopped the Riot app on client F, cleaned the app cache, and started it again. Client F issued the Interesting is that when i issued another call, only client G re-ran the |
After the credentials expired, i'm back to the same problem. The F client doesn't issue the So the F-Droid version seems to have some TURN credentials problem (caching them too long / indefinitely?), but the GPlay version seems to work fine. |
Please let me know if you want me to collect some more info to help uncover the cause. |
Just upgraded to my synapse server to 0.25.1, tried again, same problem (call within LAN works, outside not). I've send a bug report from within riot. I will try to "ping you" on #matrix-dev:matrix.org as you say but for "freetime admins" it is quite complicated to observe a chat all the time. Anyway, thx for your reply!
Trying again I had working call within my LAN and a not working call from outside my LAN to inside my LAN:
|
@saljut7
|
I might have the same problem... My config : Since some month (I don't know exactly when it started, but at least 3 months), the call (with or without video) between 2 persons (direct call) is much much less reliable when two android devices call each other. |
@saljut7 did you receive any news from @ara4n regarding this issue ? |
@croulibri no, unfortunately not. But I don't want to stress the matrix dev team with this issue.. AV call is a bonus for me. text chat works very great and much better than my xmpp server so anyway I'm quite happy. Anyway: tried a call between 2 palystore-riot-users registered on my homeserver and id worked just fine. @jistr I've reinstalled fdroid-riot today (couldn't find the clear cache option under android6) but still no call to a playstore-riot possible. |
@ara4n @ylecollen can you please change the issue title to something more specific like "VoIP broken in F-Droid build, TURN credentials not being renewed" ? I think that at this point there's enough supporting evidence for that in the thread above (mainly that 3 folks face the same symptoms, only f-droid version is affected, and clearing the app cache helps as a temporary workaround). Having precise title might help more granular prioritization when going through P2 bugs perhaps... |
@jistr thx, /done btw: does a reinstallation of an app clear the cache? |
@saljut7 Thanks :) Regarding reinstall, I don't know that... But i found a guide how to clear app cache on Android 6 here (don't clear data, just clear cache): https://www.cnet.com/how-to/how-to-clear-app-cache-and-app-data-in-android-6-0-marshmallow/ You should also Force Stop the app before clearing the cache if you want to replicate the workaround more closely. I'm not sure if it's required for the workaround to take effect, but it may be... |
@saljut7 i still see the old issue title so maybe it didn't get saved? |
...now? Too long this way? |
@saljut7 great thanks :) Personally i think the length is ok, admins can shorten it if desired... |
@jistr thx. Anyway.. reinstalling the app (which should clear the cache as well) didn't work for me. |
Very strange: Yesterday a call Riot F-Droid -> Riot F-Droid worked fine. |
I've totally missed this bug - sorry all :( @giomfo, @manuroe - I think this may be impacting more than just Fdroid. If it would be possible to prioritise it on Android maintenance it'd be much appreciated; failure to load the TURN config from the homeserver sounds like quite an obvious thinko to spot. |
@saljut7 I only use firewalld, not ufw, but i doubt that UDP would be included when a port for is opened for TCP. You should be able to create two separate rules though -- one for TCP, and one for UDP, even though they "use" the same port number. This should be valid and the rules shouldn't collide. And yes, i also have no calls unless i do the "force stop + clear cache" trick. |
Hm, okay. "man ufw" says:
So I have to set 4 rules on my router at least, thx. |
@ara4n sry but what doy you mean? |
My config : Since my November's message, I still face regular regular problem when calling from Riot Android. If I clear cache (within Riot Android app) then calls work all the time. So I guess the coturn server and the firewall is not the problem. Is there still other people facing this situation ? Is there a workaround ? |
Yea i'm also still facing this issue with Riot 0.8.3, clearing cache helps as a workaround still. Btw the bug is now marked P1 and in a Sprint 8 milestone list: |
I tried both: clearing the cache within Android (Android preferences -> Apps -> Riot -> Storage -> clear cache) and within Riot (Riot -> Settings -> Clear cache) and tried again voice call with 2 F-Droid devices v0.8.5 (F-c0c7146a) which ends up with...
...in both directions. |
I noticed thet my
Both calling user and CalledUser are on same matrix homeserver but connecting via mobile data connection. Coturn reports Is there anything else I could have forgot in my config causing this error? |
@r4dh4l I'd probably double check that all TLS key/cert paths are correct and valid, but i'm not sure what in particular could cause that error. |
(Sry for the OT comment but because I opened this issue I feel responsible to support it until it is solved and therefor I just wanted to say: Unfortunately I won't be able to contribute reports to the issue here anymore. I will close my GitHub account and will move to https://gitlab.com because of https://blog.github.com/2018-06-04-github-microsoft/. I personally don't want to support the https://en.wikipedia.org/wiki/Embrace,_extend,_and_extinguish strategy in anyway - I hope the Matrix/Riot development won't be affected by the M$-GitHub deal in any way and I try to contribute reports via rageshake if the Matrix team will stay in GitHub. Anyway: Thank you all for the community support here!) |
I retested, it's still broken but the behavior changed slightly since we discussed last time. As a workaround, it's now ok to just restart Riot (via menu -> Exit, then open the app again) to get it to request fresh TURN credentials (no need to clear cache), then calls work fine until the TURN credentials expire again. The problem still seems to only affect FDroid build, not Google Play build. I have 1 hour period for TURN credentials expiration, and when i run docker logs synapse_20180713 2>&1 | grep turnServer | grep $USERNAME i get different results for different clients. User with Google Play client makes the turnServer request much more often (usually about once in 55 minutes) than user which uses FDroid client (looks like it makes turnServer request just on app restart times). I wonder if we should report this issue at https://github.com/matrix-org/matrix-android-sdk instead, as it might be directly in the Android SDK. Versions involved:
|
I confirm that this issue exists. I'm using the PlayStore version and exiting the program doesn't solve the problem. Edit: Sorry! I was wrong. The problem was that the turnserver was stopped. Everything is working. |
Saljut7 no longer has a github account, he reached out to me to post this in his name: ====== Hi, this is the user who originally opened this issue. Because I left ====== |
Hi! Sorry to dig this issue but I have a similar problem. I have my own synapse homeserver alongside a coturn server, and the latter works very fine when doing voip between riot-web clients. However, when using riot-android, I always end up with "Media Connection Failed" and coturn's logs don't even show a single connection attempt, as if riot-android was completely ignoring by TURN uris while riot-web does make good use of them. Any suggestion? |
@Ezwen in the Android app, do Menu -> Exit to forcefully shut down the Riot client. Then launch the application again, it will do a fresh login and refresh TURN credentials. After this you should be able to make calls until the TURN credentials expire, then you will need to restart the app again. If this works (it does for me) you may want to set the TURN credentials expiration to a long time so that you don't have to do this workaround too often (i use 1 week). |
That workaround isn't helping in my case. Consistently failing calls for a couple of months (used to work). |
Nevermind, I looked through other tickets related to "could not connect media" and stumbled upon #1787. I installed blokada a couple of months ago, and killing it made calls work again! Please fix this. |
@Impala2 thank you very much! Blokada was indeed the culprit! Mystery solved as last :). I've simply added Riot in the Blokada whitelist and everything works now. |
Hi, sorry to reopen the case but the problem is still here on the newest riot.im version (0.9.3) from playstore. Can't call on different networks. I need to empty cache or force quit riot.im on both sides before calling. As soon as both users get their new credentials and matrix shows: I can call, and call again in both directions beautifully for a bit of time. Then I receive this error from turnserver: Homeserver config:
(I tied different values for turn_user_lifetime) Coturn config:
Thanks for any help or debugging hints! |
and same on 0.9.8 from PlayStore. Come on guys, fix this already... |
I'm also receiving the same issue on my homeserver. Running 0.9.8 Riot Android, Synapse 1.4.1, on Debian 10. All of Synapse core stuff works fine (federation, messaging, etc), but when it comes to VoIP it only works for LAN<>LAN and that's cause .. well we are both behind the same NAT so STUN/TURN doesn't need to be used. Looking at the coturn logs, I don't see any voip communication activity in there. It doesn't matter if I restart the app via Exit, or I force quit and clear cache. Originally I was getting an error saying that my server doesn't have a correct turn configuration, after clearing the cache the error went away but when I make the first call after launching the app, it says "Media Connection Failed", and then every other call just immediately says "Call Connecting..." and it rings forever, the other side never receives any notifications/events/etc. Cancelling the call just goes back to the main page (Before it would always say that the server was misconfigured and that I could try to use turn.matrix.org as fallback). |
I fixed the error a few days ago, it may have been a combination of outside factors mixed with a typo I had. However, the error: "Exit and Start Riot" problem still exists on Riot Android at least where even if my device has the correct turn info retrieved from synapse, if the target client doesn't have the most up-to-date info, the client wont auto-retrieve info from the server (Since most likely they are still within the token expiration time). This causes the caller to receive an error along the lines of "invalid key or cipher" (403 forbidden on the backend relay). Once they Exit/Start Riot, the correct info was fetched and we can speak. |
Just now I faced the same issue. With version 0.9.9 from Play Store.
I asked the caller to reboot the phone and without any other change everything is working again... (maybe Riot Android restart could do the trick too) |
I am seeing the same issue between two google play installs version 0.9.9 (G-5da259a74). The media connection fails when one device is in Lan and the other on a mobile connection. |
Same (both devices in same LAN) F-Droid <-> GPlay fails, too. |
Same thing between GPlay and F-Droid still. I wonder if it will ever be solved, I can't bring some people to matrix because of this problem. |
I hope Voip is a first class candidate in RiotX and not an after thought which seems like the case in Riot.im. For all my users, I have "Allow fallback call assist server" turned on. This workaround has helped me get past this bug. |
Hi,
running an own synapse node I've configured COTURN and riot calls work fine within my local network but not if one client is outside my LAN. In this case I get
Media Connection Failed
.My config:
3478
and5349
are opened for both TCP and UDP on my server running synapse and my router.< Server: Synapse/0.23.1
0.7.03 (F-45a3aba)
| 2.)0.7.03 (G-da8a7535b)
homeserver.yaml
TURN settings:4.5.0.2-3~bpo8+1 0
debian 8.9
(armbian:4.9.7-sunxi armv7l (32 bit)
)Any ideas?
The text was updated successfully, but these errors were encountered: