[Devel] Crash with openser 1.1.0 and TLS clients

Klaus Darilion klaus.mailinglists at pernau.at
Tue Nov 21 17:34:35 CET 2006 

Hi!

I can't open the dump in ethereal. Maybe it was broken because it was 
named .txt. Can you please resend it as .cap? (or zip)

regards
klaus

Christophe Irles wrote:
> Hi Klauss,
> 
> Since ssldump is working not so well I used this option in my config file:
> tls_ciphers_list="NULL"
> I used tcpdump to have SIP messages as follow:  tcpdump -vv -s 2000 -i eth0
> port 5061 -w dump.txt (cf. attached file)
> 
> In this file, you will find this scenario:
> - Device A (known as uri 800 at sbcsipsophia.dyndns.rog) registered first
> - Device B (known as uri 810 at sbcsipsophia.dyndns.rog) registered in second
> - A calls B => communications is good (media is working)
> - B hangup 
> - B unregistered => openser crash !
> 
> This scenario is the same as the test 3 describe in my previous mail (cf.
> below)
> 
> If you need more explanations or more debug output, please tell me.
> 
> I'm using openser-1.1.0-tls
> 
> Hope this helps,
> Christophe
>  
> 
> -----Message d'origine-----
> De : devel-bounces at openser.org [mailto:devel-bounces at openser.org] De la part
> de Christophe Irles
> Envoyé : vendredi 17 novembre 2006 17:24
> À : 'Klaus Darilion'
> Cc : 'OpenSER_DEV'
> Objet : RE: [Devel] Crash with openser 1.1.0 and TLS clients
> 
> Hi Klaus,
> 
> The context is: a minisip called A (uri:800 at test.test) with TLS calls
> another minisip called B (uri:810 at test.test) with TLS.
> Always A registered first and B in second (the order is important)
> 
> Test 1:
> A and B unregistered => no crash
> I restart openser and minisip A and B devices (to be sure to have the same
> configuration in each test)
> 
> Test 2:
> A calls B. Communication is good. A or B hang up (I test the both) A
> unregistered => openser is still working B unregistered => openser crash !
> I restart openser and minisip A and B devices  
> 
> Test 3:
> A calls B. Communication is good. A or B hang up (I test the both) B
> unregistered => openser crash !
> I restart openser and minisip A and B devices 
> 
> Test 4:
> A calls B. Communication is good. A or B hang up  (I test the both) B calls
> A. Communication is good. A or B hang up  (I test the both) Calls made
> several times => Communications are always good A unregistered => openser is
> still working B unregistered => openser crash !
> I restart openser and minisip A and B devices 
> 
> Test 5:
> A calls B. Communication is good. A or B hang up  (I test the both) B calls
> A. Communication is good. A or B hang up  (I test the both) Calls made
> several times => Communications are good B unregistered => openser crash !
> 
> About ssldump, I need to compile it including the lib pcap. As soon as
> possible I will send you the entire dump.
> 
> Please find below some comments about some of your previous remarks.
> 
> Thanks,
> Regards,
> Christophe 
> 
> -----Message d'origine-----
> De : Klaus Darilion [mailto:klaus.mailinglists at pernau.at]
> Envoyé : mardi 14 novembre 2006 18:51
> À : Christophe Irles
> Cc : OpenSER_DEV
> Objet : Re: [Devel] Crash with openser 1.1.0 and TLS clients
> 
> Christophe Irles wrote:
>> Hello,
> 
> Hi Christoph!
> 
> Who is closing the SSL connection - openser or minisip?
> [Chris] minisip is closing the connection.
> 
> There are several things which look very strange:
> 
>> Extract of the log file:
>> 	19(26390) tls_close: Closing SSL connection
>> 	19(26390) tls_update_fd: New fd is 42
>> 	19(26390) INFO: signal 13 received
> 
> Why is there a signal 13 (SIGPIPE) ?
> [Chris] I don't know ... But this occurs, each time the second minisip
> unregistered from openser
> 
>> 	19(26390) tls_shutdown: First phase of 2-way handshake completed 
>> succesfuly
> 
> Looks like openser shuts down the SSL connection [Chris] Actually it's
> minisip 
> 
>> 	19(26390) tls_tcpconn_clean: Entered
>> 	19(26390) handle_tcp_child: reader response= b61c3f28, -2 from 2
> 
> Is openser reading from the closed SSL connection [Chris] I don't know ...
> I'm compiling ssldump in order to have a dump with all packets
> 
>> 	19(26390) tcpconn_destroy: destroying connection 0xb61c3f28, flags
>> 0002
>> 	19(26390) tls_close: Closing SSL connection
> 
> Is this the same TLS connection which will bel closed again?
> [Chris] It's the second one created by the other minisip device
> 
>> 	19(26390) tls_update_fd: New fd is 44
>> 	19(26390) INFO: signal 13 received
>> 	19(26390) tls_shutdown: First phase of 2-way handshake completed 
>> succesfuly
> 
> If it would be the same SSL connection which will be closed here, there
> should not bee this message. Thus, I suspect there is another SSL connection
> open which will be closed here?
> [Chris] It's the second one created by the other minisip device
> 
>> 	19(26390) tls_tcpconn_clean: Entered
>> 	*** glibc detected *** openser: free(): invalid pointer: 0x08788a38
> 
> 
> Christophe - can you please provide a tcpdump (capture file) and ssldump
> too? If its big, send it to me privately.
> [Chris] I'm working on it
> 
> regards
> klaus
> 
> 
>> ***
>> 	======= Backtrace: =========
>> 	/lib/libc.so.6[0x1741e0]
>> 	/lib/libc.so.6(__libc_free+0x77)[0x17472b]
>> 	/lib/libssl.so.5(kssl_ctx_free+0x82)[0x9c8317]
>> 	/lib/libssl.so.5(SSL_free+0x165)[0x9be03e]
>> 	openser(tls_tcpconn_clean+0x46)[0x80e2cd6]
>> 	openser(_tcpconn_rm+0x2f0)[0x8093bd0]
>> 	openser[0x80943dc]
>> 	openser[0x8098e63]
>> 	openser[0x8097461]
>> 	openser[0x8099a63]
>> 	openser(tcp_main_loop+0x55b)[0x809a1db]
>> 	openser(main_loop+0x8e0)[0x806cd20]
>> 	openser(main+0x16bb)[0x806e77b]
>> 	/lib/libc.so.6(__libc_start_main+0xdf)[0x125d7f]
>> 	openser[0x8051111]
>> 	======= Memory map: ========
>> 	00111000-00234000 r-xp 00000000 fd:02 289199     /lib/libc-2.3.6.so
>> 	00234000-00236000 r-xp 00122000 fd:02 289199     /lib/libc-2.3.6.so
>>
>>
>> 	Is this problem already corrected in the HEAD version of openSER ?
>> Is anyone has the same problem with TLS clients and openSER 1.1.0 ?
>>
>> Thanks,
>> Christophe
>>
>>
>>       
>>
>>
>>
>>
>> ----------------------------------------------------------------------
>> --
>>
>> _______________________________________________
>> Devel mailing list
>> Devel at openser.org
>> http://openser.org/cgi-bin/mailman/listinfo/devel
> 
> 
> --
> Klaus Darilion
> nic.at
> 
> 
> _______________________________________________
> Devel mailing list
> Devel at openser.org
> http://openser.org/cgi-bin/mailman/listinfo/devel


-- 
Klaus Darilion
nic.at

More information about the Devel mailing list