Hello,

I finally got Kamailio to start with TLS.
I tried with multiple openssl versions last with 
openssl version
OpenSSL 1.1.0g  2 Nov 2017

also updated Kamailio to 5.0.4 from Suse repo's
and had no luck with those two.

I decided to compile Kamailio 5.1 and with little fling with database I think I overcame the TLS starting troubleā€¦ 
Now it cranshes as it cannot connect to Asterisk DB -> will jack with that tomorrow.

Thank you for your guidance as with it I focused on the openssl and finally have I hope working setup...

Regards,
 Tomi

On 12 Dec 2017, at 10.26, Daniel-Constantin Mierla <miconda@gmail.com> wrote:

Hello,

there were some broken versions of openssl that didn't allow anymore to set custom memory manager. The only option is to upgrade libssl to a version that doesn't expose the issue. If you search on kamailio issues tracker on github.com, there should be one closed about this topic.

Cheers,
Daniel


On 11.12.17 22:20, Tomi Hakkarainen wrote:
Hi,
  
I have problem to enable TLS on just installed Kamailio server 
openSUSE 42.3 (x86_64)
VERSION = 42.3
CODENAME = Malachite

version: kamailio 5.0.4 (x86_64/linux) 
flags: STATS: Off, USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MEM, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLACKLIST, HAVE_RESOLV_RES
ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB
poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
id: unknown 
compiled on 18:06:25 Dec  3 2017 with gcc 4.8.5

I get this on debug log:

 0(11336) DEBUG: <core> [core/cfg.y:1642]: yyparse(): loading modules under /usr/lib64/kamailio/modules/
loading modules under config path: /usr/lib64/kamailio/modules/
 0(11336) DEBUG: <core> [core/cfg.y:1623]: yyparse(): loading module tls.so
 0(11336) DEBUG: <core> [core/sr_module.c:575]: load_module(): trying to load </usr/lib64/kamailio/modules/tls.so>
 0(11336) DEBUG: <core> [core/mem/q_malloc.c:189]: qm_malloc_init(): qm_malloc_init: QM_OPTIMIZE=16384, /ROUNDTO=2048
 0(11336) DEBUG: <core> [core/mem/q_malloc.c:191]: qm_malloc_init(): qm_malloc_init: QM_HASH_SIZE=2099, qm_block size=235152
 0(11336) DEBUG: <core> [core/mem/q_malloc.c:193]: qm_malloc_init(): qm_malloc_init(0x7f6e001cb000, 67108864), start=0x7f6e001cb000
 0(11336) DEBUG: <core> [core/mem/q_malloc.c:202]: qm_malloc_init(): qm_malloc_init: size= 67108864, init_overhead=235256
 0(11336) ERROR: tls [tls_init.c:595]: tls_pre_init(): Unable to set the memory allocation functions
 0(11336) ERROR: tls [tls_init.c:597]: tls_pre_init(): libssl current mem functions - m: 0x7f6e055b33d0 r: 0x7f6e055b3a30 f: 0x7f6e055b39a0
 0(11336) ERROR: tls [tls_init.c:599]: tls_pre_init(): Be sure tls module is loaded before any other module using libssl (can be loaded first to be safe)
 0(11336) ERROR: <core> [core/sr_module.c:607]: load_module(): /usr/lib64/kamailio/modules/tls.so: mod_register failed
 0(11336) CRITICAL: <core> [core/cfg.y:3411]: yyerror_at(): parse error in config file /etc/kamailio/kamailio.cfg, line 150, column 12-19: failed to load module

for resolving have compiled openssl from 1.0.2j-fips to

openssl version
OpenSSL 1.0.2n  7 Dec 2017




Is this information enough to see what we are missing 
Will provide more info if needed.
Any help and suggestions are appreciated.

Regards, 
T












_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users


-- 
Daniel-Constantin Mierla
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio Advanced Training - www.asipto.com
Kamailio World Conference - May 14-16, 2018 - www.kamailioworld.com