Dear sirs,
I'm not sure where should I report a backtrace for this event; so let me add some details in the mailing list, but please advice me if there were more appropriate places for this.
Moreover, I'm not sure if it is actually a bug in libssl. In this case, I just wanted you to know it.
[server version] $ sudo kamailio -V version: kamailio 3.1.3 (x86_64/linux) 8b3506 flags: STATS: Off, EXTRA_DEBUG, USE_IPV6, USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, USE_STUN, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MEM, SHM_MMAP, PKG_MALLOC, DBG_QM_MALLOC, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLACKLIST, HAVE_RESOLV_RES ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535, PKG_SIZE 32MB poll method support: poll, epoll_lt, epoll_et, sigio_rt, select. id: 8b3506 compiled on 03:07:12 Apr 28 2011 with gcc 4.4.5
[OS] $ sudo cat /etc/apt/sources.list deb http://debian.fastweb.it/debian/ squeeze main deb-src http://debian.fastweb.it/debian/ squeeze main deb http://security.debian.org/ squeeze/updates main deb-src http://security.debian.org/ squeeze/updates main deb http://linux.dell.com/repo/community/deb/latest /
$ uname -a Linux sip2 2.6.32-5-amd64 #1 SMP Mon Mar 7 21:35:22 UTC 2011 x86_64 GNU/Linux
[BT] Program terminated with signal 11, Segmentation fault. #0 SSL_CIPHER_description (cipher=0x0, buf=0x7fff92999420 "AES256-SHA", ' ' <repeats 14 times>, "SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1", len=128) at ssl_ciph.c:1114 1114 ssl_ciph.c: No such file or directory. in ssl_ciph.c (gdb) bt #0 SSL_CIPHER_description (cipher=0x0, buf=0x7fff92999420 "AES256-SHA", ' ' <repeats 14 times>, "SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1", len=128) at ssl_ciph.c:1114 #1 0x00007f6d46e48e09 in tls_list (rpc=0x7f6cc2e72ca0, c=0x7fff92999530) at tls_rpc.c:136 #2 0x00007f6cc2c50e40 in process_rpc_req (buf=0xd6bbf4 "\241\003\v5\355R\260\221\ttls.list", size=18, bytes_needed=0x7fff929996c8, sh=0x7fff92999640, saved_state=0xd7bbf8) at binrpc_run.c:597 #3 0x00007f6cc2c68343 in handle_stream_read (s_c=0xd6bbc0, idx=-1) at io_listener.c:521 #4 0x00007f6cc2c68f6d in handle_io (fm=0xd68f98, events=1, idx=-1) at io_listener.c:716 #5 0x00007f6cc2c65462 in io_wait_loop_epoll (h=0x7f6cc2e73d00, t=10, repeat=0) at ../../io_wait.h:1092 #6 0x00007f6cc2c67086 in io_listen_loop (fd_no=1, cs_lst=0xd39068) at io_listener.c:291 #7 0x00007f6cc2c54e76 in mod_child (rank=0) at ctl.c:327 #8 0x00000000004e0e75 in init_mod_child (m=0x9555b8, rank=0) at sr_module.c:829 #9 0x00000000004e0d60 in init_mod_child (m=0x956618, rank=0) at sr_module.c:826 #10 0x00000000004e0d60 in init_mod_child (m=0x956de8, rank=0) at sr_module.c:826 #11 0x00000000004e0d60 in init_mod_child (m=0x957330, rank=0) at sr_module.c:826 #12 0x00000000004e0d60 in init_mod_child (m=0x958c20, rank=0) at sr_module.c:826 #13 0x00000000004e0d60 in init_mod_child (m=0x959cc0, rank=0) at sr_module.c:826 #14 0x00000000004e0d60 in init_mod_child (m=0x95b228, rank=0) at sr_module.c:826 #15 0x00000000004e0d60 in init_mod_child (m=0x95bcb0, rank=0) at sr_module.c:826 #16 0x00000000004e0d60 in init_mod_child (m=0x95d508, rank=0) at sr_module.c:826 #17 0x00000000004e0d60 in init_mod_child (m=0x95ed20, rank=0) at sr_module.c:826 #18 0x00000000004e0d60 in init_mod_child (m=0x961ac8, rank=0) at sr_module.c:826 #19 0x00000000004e0d60 in init_mod_child (m=0x962590, rank=0) at sr_module.c:826 #20 0x00000000004e0d60 in init_mod_child (m=0x963450, rank=0) at sr_module.c:826 #21 0x00000000004e0d60 in init_mod_child (m=0x9641c0, rank=0) at sr_module.c:826 #22 0x00000000004e0d60 in init_mod_child (m=0x964ab8, rank=0) at sr_module.c:826 #23 0x00000000004e0d60 in init_mod_child (m=0x965c10, rank=0) at sr_module.c:826 #24 0x00000000004e0d60 in init_mod_child (m=0x966010, rank=0) at sr_module.c:826 #25 0x00000000004e0d60 in init_mod_child (m=0x9662e8, rank=0) at sr_module.c:826 #26 0x00000000004e0d60 in init_mod_child (m=0x966ab8, rank=0) at sr_module.c:826 #27 0x00000000004e0d60 in init_mod_child (m=0x967498, rank=0) at sr_module.c:826 #28 0x00000000004e0d60 in init_mod_child (m=0x967ce8, rank=0) at sr_module.c:826 #29 0x00000000004e0d60 in init_mod_child (m=0x968ad8, rank=0) at sr_module.c:826 #30 0x00000000004e0d60 in init_mod_child (m=0x969080, rank=0) at sr_module.c:826 #31 0x00000000004e0d60 in init_mod_child (m=0x969b60, rank=0) at sr_module.c:826 #32 0x00000000004e0d60 in init_mod_child (m=0x96a500, rank=0) at sr_module.c:826 #33 0x00000000004e0d60 in init_mod_child (m=0x96c838, rank=0) at sr_module.c:826 #34 0x00000000004e0d60 in init_mod_child (m=0x96ceb0, rank=0) at sr_module.c:826 #35 0x00000000004e0fb3 in init_child (rank=0) at sr_module.c:853 #36 0x000000000045f128 in main_loop () at main.c:1624 #37 0x0000000000461aad in main (argc=13, argv=0x7fff9299a438) at main.c:2398 (gdb)
[OpenSSL] $ openssl version OpenSSL 0.9.8o 01 Jun 2010
$ sudo dpkg -l libssl-dev libssl0.9.8 Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Description +++-=============================================-=============================================-========================================================================================================== ii libssl-dev 0.9.8o-4squeeze1 SSL development libraries, header files and documentation ii libssl0.9.8 0.9.8o-4squeeze1 SSL shared libraries
From the Kamailio log file at startup:
/usr/local/sbin/kamailio[14488]: INFO: tls [tls_init.c:519]: tls: init_tls_h: installed openssl library version "OpenSSL 0.9.8o 01 Jun 2010" (0x009080ff), kerberos support: off, zlib compression: on#012 compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -m64 -DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall -DMD32_REG_T=int -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM /usr/local/sbin/kamailio[14488]: WARNING: tls [tls_init.c:587]: tls: openssl bug #1491 (crash/mem leaks on low memory) workaround enabled (on low memory tls operations will fail preemptively) with free memory thresholds 46661632 and 23330816 bytes
If you need any other information, please let me know. Unfortunately, being a production server, we cannot promise you to test possibly patches on it.
Best regards Francesco Castellano