<p>tls_init.c calls OPENSSL_init_ssl(); this initializes the<br>
global engine linked-list and this cannot be reset in the child.</p>
<p>To avoid linked-list corruption we manually instantiate<br>
the engine object required for loading private keys instead of<br>
relying on CONF_modules_load_file().</p>
<p>Updates to doc/.</p>
<p>Addresses <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="984375239" data-permission-text="Title is private" data-url="https://github.com/kamailio/kamailio/issues/2839" data-hovercard-type="issue" data-hovercard-url="/kamailio/kamailio/issues/2839/hovercard" href="https://github.com/kamailio/kamailio/issues/2839">#2839</a></p>


<h4>Pre-Submission Checklist</h4>



<ul class="contains-task-list">
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox" checked=""> Commit message has the format required by CONTRIBUTING guide</li>
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox" checked=""> Commits are split per component (core, individual modules, libs, utils, ...)</li>
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox" checked=""> Each component has a single commit (if not, squash them into one commit)</li>
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox" checked=""> No commits to README files for modules (changes must be done to docbook files<br>
in <code>doc/</code> subfolder, the README file is autogenerated)</li>
</ul>
<h4>Type Of Change</h4>
<ul class="contains-task-list">
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox" checked=""> Small bug fix (non-breaking change which fixes an issue)</li>
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> New feature (non-breaking change which adds new functionality)</li>
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> Breaking change (fix or feature that would change existing functionality)</li>
</ul>
<h4>Checklist:</h4>

<ul class="contains-task-list">
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox" checked=""> PR should be backported to stable branches</li>
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox" checked=""> Tested changes locally</li>
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox" checked=""> Related to issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="984375239" data-permission-text="Title is private" data-url="https://github.com/kamailio/kamailio/issues/2839" data-hovercard-type="issue" data-hovercard-url="/kamailio/kamailio/issues/2839/hovercard" href="https://github.com/kamailio/kamailio/issues/2839">#2839</a></li>
</ul>
<h4>Description</h4>
<p>The call to <code>OPENSSL_init_ssl()</code> in <code>tls_init.c</code> results in the creation of the engine linked-list in the parent.</p>
<p>This affects per-child engine private keys as there is no api to reinitialize the engine linked-list in the child.</p>
<p>This PR removes the call to <code>CONF_modules_load_file()</code> which causes linked-list corruption and replaces<br>
the initialization of engine private keys in the child with with other api calls which do not manipulate global<br>
objects.</p>

<hr>

<h4>You can view, comment on, or merge this pull request online at:</h4>
<p>  <a href='https://github.com/kamailio/kamailio/pull/2840'>https://github.com/kamailio/kamailio/pull/2840</a></p>

<h4>Commit Summary</h4>
<ul>
  <li>tls: fix OpenSSL engine in child processes</li>
</ul>

<h4>File Changes</h4>
<ul>
  <li>
    <strong>M</strong>
    <a href="https://github.com/kamailio/kamailio/pull/2840/files#diff-733add6f13872204db4a970bb362fe23f55ecc2be90c01ad9324c476fdb21b28">src/modules/tls/doc/hsm_howto.xml</a>
    (15)
  </li>
  <li>
    <strong>M</strong>
    <a href="https://github.com/kamailio/kamailio/pull/2840/files#diff-f953132c4bc4209d99868383261e058c920e0c5fbf429cf8364346b204173e69">src/modules/tls/tls_mod.c</a>
    (93)
  </li>
</ul>

<h4>Patch Links:</h4>
<ul>
  <li><a href='https://github.com/kamailio/kamailio/pull/2840.patch'>https://github.com/kamailio/kamailio/pull/2840.patch</a></li>
  <li><a href='https://github.com/kamailio/kamailio/pull/2840.diff'>https://github.com/kamailio/kamailio/pull/2840.diff</a></li>
</ul>

<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br />You are receiving this because you are subscribed to this thread.<br />Reply to this email directly, <a href="https://github.com/kamailio/kamailio/pull/2840">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/ABO7UZPIQCXQRQZJUQD6D23T7VROZANCNFSM5DFGFD4A">unsubscribe</a>.<br />Triage notifications on the go with GitHub Mobile for <a href="https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675">iOS</a> or <a href="https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub">Android</a>.
<img src="https://github.com/notifications/beacon/ABO7UZIDNBKNKDCKJDX3YCLT7VROZA5CNFSM5DFGFD4KYY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4OVNGCAA.gif" height="1" width="1" alt="" /></p>
<script type="application/ld+json">[
{
"@context": "http://schema.org",
"@type": "EmailMessage",
"potentialAction": {
"@type": "ViewAction",
"target": "https://github.com/kamailio/kamailio/pull/2840",
"url": "https://github.com/kamailio/kamailio/pull/2840",
"name": "View Pull Request"
},
"description": "View this Pull Request on GitHub",
"publisher": {
"@type": "Organization",
"name": "GitHub",
"url": "https://github.com"
}
}
]</script>