New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
tlsa + OpenSSL 3.0.x: multiple unpredictable shm corruption #3222
Comments
BT1
|
BT2
|
BT3
|
BT4
|
Based on various reports on tracker and mailing lists, probably the support for OpenSSL v3.0 has to be reviewed, checking their public API and internal changes. At this moment you should use OpenSSL 1.1.x. |
Can you try with git master branch and setting tls moduparam lock_mode to 1? |
@space88man can you please try master now? We introduced some changes related to openssl 3.0 recently |
Update — I have had good results with 5.7.1! Tested EL9 + kamailio-tls (packaged module, i.e., not locally compiled):
Same load test as with OpenSSL 1.1.1, and tls_wolfssl. I will continue to test Debian 12 then I think this ticket can be closed. [Update Debian 12] Working correctly with:
|
OK using - |
Do you use this thing: https://github.com/kamailio/kamailio/tree/master/src/modules/tls/utils/openssl_mutex_shared ? The documentation says on some places, it is needed, on other — it is not needed anymore. |
@dilyanpalauzov : in recent versions of kamailio this is already included |
@space88man: thanks for testing and providing some feedback so far! I would rather close all the old opened issues related to openssl 3.0 because the code base changed. If you get new crashes with master branch or 5.7.1+ versions, it is better to open new one with traces relevant to the latest versions. This issue is almost one year old anyhow, many other parts of code changed. If you disagree and feel it is still better to continue here , I am fine to reopen it. |
Yes, but it is unclear, if this is still necessary. That is what I asked: is openssl_mutex_shared needed by your setup. Do you mean by included, that you have |
@dilyanpalauzov — the function of See
|
Description
with the OS version of OpenSSL
Troubleshooting
Reproduction
lookup()
is on another kamailio system.Debugging Data
BT in comments below
Log Messages
SIP Traffic
Possible Solutions
Additional Information
5.6.1
The text was updated successfully, but these errors were encountered: