[Devel] Crash with openser 1.1.0 and TLS clients

Christophe Irles christophe.irles at alcatel.fr
Fri Nov 17 17:24:25 CET 2006 

Hi Klaus,

The context is: a minisip called A (uri:800 at test.test) with TLS calls
another minisip called B (uri:810 at test.test) with TLS.
Always A registered first and B in second (the order is important)

Test 1:
A and B unregistered => no crash
I restart openser and minisip A and B devices (to be sure to have the same
configuration in each test)

Test 2:
A calls B. Communication is good. A or B hang up (I test the both)
A unregistered => openser is still working
B unregistered => openser crash !
I restart openser and minisip A and B devices  

Test 3:
A calls B. Communication is good. A or B hang up (I test the both)
B unregistered => openser crash !
I restart openser and minisip A and B devices 

Test 4:
A calls B. Communication is good. A or B hang up  (I test the both)
B calls A. Communication is good. A or B hang up  (I test the both)
Calls made several times => Communications are always good
A unregistered => openser is still working
B unregistered => openser crash !
I restart openser and minisip A and B devices 

Test 5:
A calls B. Communication is good. A or B hang up  (I test the both)
B calls A. Communication is good. A or B hang up  (I test the both)
Calls made several times => Communications are good
B unregistered => openser crash !

About ssldump, I need to compile it including the lib pcap. As soon as
possible I will send you the entire dump.

Please find below some comments about some of your previous remarks.

Thanks,
Regards,
Christophe 

-----Message d'origine-----
De : Klaus Darilion [mailto:klaus.mailinglists at pernau.at] 
Envoyé : mardi 14 novembre 2006 18:51
À : Christophe Irles
Cc : OpenSER_DEV
Objet : Re: [Devel] Crash with openser 1.1.0 and TLS clients

Christophe Irles wrote:
> Hello,

Hi Christoph!

Who is closing the SSL connection - openser or minisip?
[Chris] minisip is closing the connection.

There are several things which look very strange:

> Extract of the log file:
> 	19(26390) tls_close: Closing SSL connection
> 	19(26390) tls_update_fd: New fd is 42
> 	19(26390) INFO: signal 13 received

Why is there a signal 13 (SIGPIPE) ?
[Chris] I don't know ... But this occurs, each time the second minisip
unregistered from openser

> 	19(26390) tls_shutdown: First phase of 2-way handshake completed 
> succesfuly

Looks like openser shuts down the SSL connection
[Chris] Actually it's minisip 

> 	19(26390) tls_tcpconn_clean: Entered
> 	19(26390) handle_tcp_child: reader response= b61c3f28, -2 from 2

Is openser reading from the closed SSL connection
[Chris] I don't know ... I'm compiling ssldump in order to have a dump with
all packets

> 	19(26390) tcpconn_destroy: destroying connection 0xb61c3f28, flags
> 0002
> 	19(26390) tls_close: Closing SSL connection

Is this the same TLS connection which will bel closed again?
[Chris] It's the second one created by the other minisip device

> 	19(26390) tls_update_fd: New fd is 44
> 	19(26390) INFO: signal 13 received
> 	19(26390) tls_shutdown: First phase of 2-way handshake completed 
> succesfuly

If it would be the same SSL connection which will be closed here, there
should not bee this message. Thus, I suspect there is another SSL connection
open which will be closed here?
[Chris] It's the second one created by the other minisip device

> 	19(26390) tls_tcpconn_clean: Entered
> 	*** glibc detected *** openser: free(): invalid pointer: 0x08788a38


Christophe - can you please provide a tcpdump (capture file) and ssldump
too? If its big, send it to me privately.
[Chris] I'm working on it

regards
klaus


> ***
> 	======= Backtrace: =========
> 	/lib/libc.so.6[0x1741e0]
> 	/lib/libc.so.6(__libc_free+0x77)[0x17472b]
> 	/lib/libssl.so.5(kssl_ctx_free+0x82)[0x9c8317]
> 	/lib/libssl.so.5(SSL_free+0x165)[0x9be03e]
> 	openser(tls_tcpconn_clean+0x46)[0x80e2cd6]
> 	openser(_tcpconn_rm+0x2f0)[0x8093bd0]
> 	openser[0x80943dc]
> 	openser[0x8098e63]
> 	openser[0x8097461]
> 	openser[0x8099a63]
> 	openser(tcp_main_loop+0x55b)[0x809a1db]
> 	openser(main_loop+0x8e0)[0x806cd20]
> 	openser(main+0x16bb)[0x806e77b]
> 	/lib/libc.so.6(__libc_start_main+0xdf)[0x125d7f]
> 	openser[0x8051111]
> 	======= Memory map: ========
> 	00111000-00234000 r-xp 00000000 fd:02 289199     /lib/libc-2.3.6.so
> 	00234000-00236000 r-xp 00122000 fd:02 289199     /lib/libc-2.3.6.so
> 
> 
> 	Is this problem already corrected in the HEAD version of openSER ?
> Is anyone has the same problem with TLS clients and openSER 1.1.0 ?
> 
> Thanks,
> Christophe
> 
> 
>       
> 
> 
> 
> 
> ----------------------------------------------------------------------
> --
> 
> _______________________________________________
> Devel mailing list
> Devel at openser.org
> http://openser.org/cgi-bin/mailman/listinfo/devel


--
Klaus Darilion
nic.at

More information about the Devel mailing list