From Debian BTS: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804276

Package: kamailio-tls-modules Version: 4.3.3-1+b1 Severity: important Tags: security

Today's upgrade installs openssl 1.0.2 compiled w/o any ssl3 support and kamailio compiled against it, but the latter fails when run with:

[FAIL] Not starting Kamailio SIP Server: invalid configuration file! ... failed! failed! [....] 0(20886) ERROR: <core> [sr_module.c:576]: load_module(): could not open module </usr/lib/x86_64-linux-gnu/kamailio/modules/tls.so>: /usr/lib/x86_64-linux-gnu/kamailio/modules/tls.so: undefined symbol: SSLv3_client_method 0(20886) : <core> [cfg.y:3432]: yyerror_at(): parse error in config file /etc/kamailio/kamailio.cfg, line 73, column 12-19: failed to load module 0(20886) ERROR: <core> [modparam.c:150]: set_mod_param_regex(): No module matching <tls> found 0(20886) : <core> [cfg.y:3435]: yyerror_at(): parse error in config file /etc/kamailio/kamailio.cfg, line 148, column 50: Can't set module parameter 0(20886) ERROR: <core> [modparam.c:150]: set_mod_param_regex(): No module matching <tls> found 0(20886) : <core> [cfg.y:3435]: yyerror_at(): parse error in config file /etc/kamailio/kamailio.cfg, line 149, column 45: Can't set module parameter 0(20886) ERROR: <core> [modparam.c:150]: set_mod_param_regex(): No module matching <tls> found 0(20886) : <core> [cfg.y:3435]

: yyerro r_

at(): parse error in config file /etc/kamailio/kamailio.cfg, line 150, column 35: Can't set module parameter ERROR: bad config file (4 errors) 0(20886)

As such and kama install with needs tls cannot run.

(All of the errors there are because the tls modules cannot load because of the load-time link failure.)

It will need a patch removing things like SSLv3_client_method.

It is unfortunate that this didn't result in a compile time failure but only in a dynamic-link-time failure...

--- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/391