Hello Klaus,
I believe I've run into the same issue here:
0(21444) DEBUG: <core> [main.c:1559]: Expect maximum 2144 open fds 14(21473) DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (10): mi_fifo 14(21473) DEBUG: <core> [sr_module.c:791]: DEBUG: init_mod_child (10): tm 14(21473) DEBUG: tm [callid.c:131]: DEBUG: callid: '6b17ba47-21473@127.0.0.1' 14(21473) DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (10): usrloc 14(21473) DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (10): registrar 14(21473) DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (10): uri_db 14(21473) DEBUG: <core> [sr_module.c:791]: DEBUG: init_mod_child (10): ctl 14(21473) DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (10): acc 14(21473) DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (10): auth_db 14(21473) DEBUG: <core> [db.c:294]: connection 0x8292950 found in pool 14(21473) DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (10): tls 14(21473) DEBUG: <core> [local_timer.c:67]: init_local_timer: timer_list between 0x82393e4 and 0x825b3e4 14(21473) DEBUG: <core> [io_wait.h:361]: DBG: io_watch_add(0x8239220, 28, 1, (nil)), fd_no=0 17(21476) DEBUG: <core> [ip_addr.c:116]: tcpconn_new: new tcp connection: 192.168.10.106 17(21476) DEBUG: <core> [tcp_main.c:1052]: tcpconn_new: on port 2087, type 3 17(21476) DEBUG: <core> [tcp_main.c:1351]: tcpconn_add: hashes: 201:2583:2549, 1 17(21476) DEBUG: <core> [io_wait.h:361]: DBG: io_watch_add(0x8216fe0, 32, 2, 0xb60eb860), fd_no=24 17(21476) DEBUG: <core> [io_wait.h:588]: DBG: io_watch_del (0x8216fe0, 32, -1, 0x0) fd_no=25 called 17(21476) DEBUG: <core> [tcp_main.c:3627]: tcp: DBG: sendig to child, events 1 17(21476) DEBUG: <core> [tcp_main.c:3336]: send2child: to tcp child 0 13(21472), 0xb60eb860 13(21472) DEBUG: <core> [tcp_read.c:884]: received n=4 con=0xb60eb860, fd=7 13(21472) DEBUG: tls [tls_server.c:109]: Using TLS domain TLSs<default> 17(21476) : <core> [pass_fd.c:283]: ERROR: receive_fd: EOF on 4 17(21476) DEBUG: <core> [tcp_main.c:3038]: DBG: handle_ser_child: dead child 13, pid 21472 (shutting down?) 17(21476) DEBUG: <core> [io_wait.h:588]: DBG: io_watch_del (0x8216fe0, 4, -1, 0x0) fd_no=24 called 17(21476) DEBUG: <core> [tcp_main.c:2826]: DBG: handle_tcp_child: dead tcp child 0 (pid 21472, no 13) (shutting down?) 17(21476) DEBUG: <core> [io_wait.h:588]: DBG: io_watch_del (0x8216fe0, 25, -1, 0x0) fd_no=23 called 0(21444) ALERT: <core> [main.c:722]: child process 21472 exited by a signal 11 0(21444) ALERT: <core> [main.c:725]: core was generated 0(21444) INFO: <core> [main.c:737]: INFO: terminating due to SIGCHLD 17(21476) INFO: <core> [main.c:788]: INFO: signal 15 received 10(21464) INFO: <core> [main.c:788]: INFO: signal 15 received 2(21449) INFO: <core> [main.c:788]: INFO: signal 15 received 1(21448) INFO: <core> [main.c:788]: INFO: signal 15 received 3(21450) INFO: <core> [main.c:788]: INFO: signal 15 received 4(21451) INFO: <core> [main.c:788]: INFO: signal 15 received 16(21475) INFO: <core> [main.c:788]: INFO: signal 15 received 15(21474) INFO: <core> [main.c:788]: INFO: signal 15 received 14(21473) INFO: <core> [main.c:788]: INFO: signal 15 received 9(21463) INFO: <core> [main.c:788]: INFO: signal 15 received 8(21461) INFO: <core> [main.c:788]: INFO: signal 15 received 7(21454) INFO: <core> [main.c:788]: INFO: signal 15 received 6(21453) INFO: <core> [main.c:788]: INFO: signal 15 received 5(21452) INFO: <core> [main.c:788]: INFO: signal 15 received 12(21471) INFO: <core> [main.c:788]: INFO: signal 15 received 11(21465) INFO: <core> [main.c:788]: INFO: signal 15 received 0(21444) DEBUG: usrloc [urecord.c:325]: Binding '20','sip:20@192.168.10.107:5060;transport=tcp;line=4c0o3xlb' has expired 0(21444) DEBUG: usrloc [urecord.c:325]: Binding '30','sip:30@192.168.10.108:5060;transport=tcp;line=7rz2j81s' has expired 0(21444) DEBUG: <core> [db_pool.c:102]: removing connection from the pool 0(21444) DEBUG: tm [t_funcs.c:122]: DEBUG: tm_shutdown : start 0(21444) DEBUG: tm [t_funcs.c:125]: DEBUG: tm_shutdown : emptying hash table 0(21444) DEBUG: tm [t_funcs.c:127]: DEBUG: tm_shutdown : removing semaphores 0(21444) DEBUG: tm [t_funcs.c:129]: DEBUG: tm_shutdown : destroying tmcb lists 0(21444) DEBUG: tm [t_funcs.c:132]: DEBUG: tm_shutdown : done 0(21444) DEBUG: tls [tls_init.c:621]: tls module final tls destroy 0(21444) DEBUG: <core> [mem/shm_mem.c:236]: shm_mem_destroy 0(21444) DEBUG: <core> [mem/shm_mem.c:239]: destroying the shared memory lock 0(21444) DEBUG: <core> [main.c:741]: terminating due to SIGCHLD
kamailio -V version: kamailio 3.0.0 (i386/linux) 6d1e9f flags: STATS: Off, USE_IPV6, USE_TCP, USE_TLS, TLS_HOOKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MEM, SHM_MMAP, PKG_MALLOC, F_MALLOC, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLACKLIST, HAVE_RESOLV_RES ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535 poll method support: poll, epoll_lt, epoll_et, sigio_rt, select. @(#) $Id$ main.c compiled on 15:09:49 Jan 29 2010 with gcc 4.1.2
Kamailio is setup with the default self-signed certificates, the telephone is snom 320 v7.3.30.
Best regards, Martin
-----Ursprüngliche Nachricht----- Von: sr-users-bounces@lists.sip-router.org [mailto:sr-users- bounces@lists.sip-router.org] Im Auftrag von Klaus Darilion Gesendet: Freitag, 22. Januar 2010 16:07 An: Andreas Rehbein Cc: sr-users@lists.sip-router.org Betreff: Re: [SR-Users] TLS problems
I managed to have SNOM 320 registering at kamailio-3.0 via TLS. But I do not have any crashes (openssl 0.9.8g-15+lenny6).
Andreas, when does the crash happen exactly: during TLS handshake or afterwards (you can for example use "ssldump port 5061" to debug the TLS connection)?
regards klaus
Andreas Rehbein schrieb:
Hi Klaus,
until now (OpenSER 1.3.x without client verification) it was not
necessary
to import certs into snom. To force the snom to send Messages via tls, you need to insert
something
like "192.168.0.89:5061;transport=tls" in the outbound proxy field
(but I'm
sure you already knew)
regards Andreas
-----Ursprüngliche Nachricht----- Von: Klaus Darilion [mailto:klaus.mailinglists@pernau.at] Gesendet: Freitag, 22. Januar 2010 13:17 An: Andreas Rehbein Cc: sr-users@lists.sip-router.org Betreff: Re: AW: AW: AW: [SR-Users] TLS problems
Andreas Rehbein schrieb:
Hello Klaus,
Linux: Red Hat Enterprise Linux 5; Kernel: 2.6.18-92.1.10.el5 OpenSSL: OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
Hi Andreas!
I fail to configure SNOM to accept the certificate. I imported the CA cert as trusted certificates, but TLS handshake is not successful. Is there something else I need to take care of?
I'm quite sure my certificates are OK as it works with eyebeam and
QjSimple.
regards Klaus
sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users