New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
TLS module compiled with outdated OpenSSL version for Ubuntu bionic #2018
Comments
Maybe @linuxmaniac can get a bit of time to check if OS used to build the packages is properly up to date in this case. |
confirmed:
We don't use |
Shouldn't that be advisable though? So the only option we have is downgrading openssl to 1.1.0g? |
Until We build the debs with those repositories added, yes. I hope it would be not too long to solve this. |
I think we'll rather go with plain TCP then as other tools are relying on >=1.1.1 and we cannot downgrade them, too.
Thanks, that's important for us. That's likely gonna be a hard time with non-encrypted SIP. Looking forward to seeing that build in the repos soon. |
As a follow-up, now, when using the nightly build, I'm getting a different error:
Do you want me to file another report for this or should we instead continue the discussion here? |
After the changes, we are using the latest version
@welljsjs What is the version you have installed? |
This is the extract from the logs:
|
Sorry I meant what openssl version do you have in that system |
Sorry, my mistake.
|
The error looks now related to runtime operations, no longer related to the initial compilation with an outdated version. @welljsjs - open a new issue and it would be good if you can attach the logs with debug=3 in kamailio.cfg. Also, try to use kamailio 5.3.0-pre1 that has new code for dealing with libssl 1.1+. |
I'm seeing this exact behavior with kamailio/5.3.3 on Ubuntu/18.04.4.
Should this be a new bug? Is the build host for these packages broken again? |
Description
Ubuntu Bionic 18.04.02 LTS ships with "OpenSSL 1.1.1 11 Sep 2018" (0x1010100f), whereas the
kamailio-tls-modules
package is compiled with "OpenSSL 1.1.0g 2 Nov 2017" (0x1010007f).I installed Kamailio from the Kamailio repositories (not from the Ubuntu repositories).
This leads to Kamailio being unable to start as it complains about the OpenSSL versions being too different from each other.
Overriding the OpenSSl version check by enabling
tls_force_run
does not solve the issue, instead, it leads to Kamailio emitting multiple errors.Reproduction
I installed Kamailio from the official Kamailio apt sources (nightly build, the same occurs for the latest stable version 5.2).
I enabled TLS and edited the configuration files accordingly.
Log Messages
Possible Solutions
Publish the
kamailio-tls-modules
package compiled with OpenSSL 1.1.1b.Additional Information
kamailio -v
The text was updated successfully, but these errors were encountered: