[Devel] Crash with openser 1.1.0 and TLS clients

Christophe Irles christophe.irles at alcatel.fr
Fri Nov 24 10:21:20 CET 2006


Hi Klaus,

Thank for your inputs.

Server side - version:
	openser-1.1.0-tls
	openssl-0.9.7f-7.10

Client side - version:
	minisip r2891
	openssl-0.9.8b


About the buggy User Agent, to be sure to understand well, the pb comes from
the line 55.
The ACK must be:
ACK sip:810 at 192.168.92.23:5060;transport=TCP SIP/2.0
Instead of:
ACK sip:810 at 192.168.92.23:5060 SIP/2.0
Is it correct ? I will send a mail to the minisip development team.

TLS Dump analysis:
- 3 SSL connections: I thought openssl will reuse the previous connections
and not create a new one to send the INVITE to the second client. In this
situtation the client 2 is never reached if he is behind a NAT, isn't it ?
The problem is the same in TCP.

As soons as possible I will test again as you suggest with the all traffic.

Thanks,
Christophe

-----Message d'origine-----
De : Klaus Darilion [mailto:klaus.mailinglists at pernau.at] 
Envoyé : vendredi 24 novembre 2006 08:49
À : Christophe Irles
Cc : 'OpenSER_DEV'
Objet : Re: [Devel] Crash with openser 1.1.0 and TLS clients

Hi Christophe!

Can you tell me the exact versions you use? openser, minisip, openssl (both
o nminisip PCs and openser PC).

thanks
klaus


Christophe Irles wrote:
> 
> Ok I create again dump files with exactly the same scenario. I test 
> them with wireshark successfully. Pb seems to come from the "txt"
extension.
> 
> The first dump file is based on SIP over TLS and the second is based 
> on SIP over TCP.
> 
> As I said previously when using TLS, openser crash but not in TCP 
> (same openser config, just a restart between each test)
> 
> I notice in these two dump files something strange: some packets send 
> by openser are in UDP ! When they are send, the header "Record Route" 
> is composed of two lines: the last with the correct transport set (TCP 
> or TLS) but the first one wihtout this information ...
> 
> Hope this helps,
> Christophe
> 
> -----Message d'origine-----
> De : Klaus Darilion [mailto:klaus.mailinglists at pernau.at]
> Envoyé : mardi 21 novembre 2006 17:35
> À : Christophe Irles
> Cc : 'OpenSER_DEV'
> Objet : Re: [Devel] Crash with openser 1.1.0 and TLS clients
> 
> Hi!
> 
> I can't open the dump in ethereal. Maybe it was broken because it was 
> named .txt. Can you please resend it as .cap? (or zip)
> 
> regards
> klaus
> 
> Christophe Irles wrote:
>> Hi Klauss,
>>
>> Since ssldump is working not so well I used this option in my config
file:
>> tls_ciphers_list="NULL"
>> I used tcpdump to have SIP messages as follow:  tcpdump -vv -s 2000 
>> -i eth0 port 5061 -w dump.txt (cf. attached file)
>>
>> In this file, you will find this scenario:
>> - Device A (known as uri 800 at sbcsipsophia.dyndns.rog) registered 
>> first
>> - Device B (known as uri 810 at sbcsipsophia.dyndns.rog) registered in 
>> second
>> - A calls B => communications is good (media is working)
>> - B hangup
>> - B unregistered => openser crash !
>>
>> This scenario is the same as the test 3 describe in my previous mail (cf.
>> below)
>>
>> If you need more explanations or more debug output, please tell me.
>>
>> I'm using openser-1.1.0-tls
>>
>> Hope this helps,
>> Christophe
>>  
>>
>> -----Message d'origine-----
>> De : devel-bounces at openser.org [mailto:devel-bounces at openser.org] De 
>> la part de Christophe Irles Envoyé : vendredi 17 novembre 2006 17:24 
>> À
>> : 'Klaus Darilion'
>> Cc : 'OpenSER_DEV'
>> Objet : RE: [Devel] Crash with openser 1.1.0 and TLS clients
>>
>> Hi Klaus,
>>
>> The context is: a minisip called A (uri:800 at test.test) with TLS calls 
>> another minisip called B (uri:810 at test.test) with TLS.
>> Always A registered first and B in second (the order is important)
>>
>> Test 1:
>> A and B unregistered => no crash
>> I restart openser and minisip A and B devices (to be sure to have the 
>> same configuration in each test)
>>
>> Test 2:
>> A calls B. Communication is good. A or B hang up (I test the both) A 
>> unregistered => openser is still working B unregistered => openser crash
!
>> I restart openser and minisip A and B devices
>>
>> Test 3:
>> A calls B. Communication is good. A or B hang up (I test the both) B 
>> unregistered => openser crash !
>> I restart openser and minisip A and B devices
>>
>> Test 4:
>> A calls B. Communication is good. A or B hang up  (I test the both) B 
>> calls A. Communication is good. A or B hang up  (I test the both) 
>> Calls made several times => Communications are always good A 
>> unregistered => openser is still working B unregistered => openser crash
!
>> I restart openser and minisip A and B devices
>>
>> Test 5:
>> A calls B. Communication is good. A or B hang up  (I test the both) B 
>> calls A. Communication is good. A or B hang up  (I test the both) 
>> Calls made several times => Communications are good B unregistered =>
> openser crash !
>> About ssldump, I need to compile it including the lib pcap. As soon 
>> as possible I will send you the entire dump.
>>
>> Please find below some comments about some of your previous remarks.
>>
>> Thanks,
>> Regards,
>> Christophe
>>
>> -----Message d'origine-----
>> De : Klaus Darilion [mailto:klaus.mailinglists at pernau.at]
>> Envoyé : mardi 14 novembre 2006 18:51 À : Christophe Irles Cc : 
>> OpenSER_DEV Objet : Re: [Devel] Crash with openser 1.1.0 and TLS 
>> clients
>>
>> Christophe Irles wrote:
>>> Hello,
>> Hi Christoph!
>>
>> Who is closing the SSL connection - openser or minisip?
>> [Chris] minisip is closing the connection.
>>
>> There are several things which look very strange:
>>
>>> Extract of the log file:
>>> 	19(26390) tls_close: Closing SSL connection
>>> 	19(26390) tls_update_fd: New fd is 42
>>> 	19(26390) INFO: signal 13 received
>> Why is there a signal 13 (SIGPIPE) ?
>> [Chris] I don't know ... But this occurs, each time the second 
>> minisip unregistered from openser
>>
>>> 	19(26390) tls_shutdown: First phase of 2-way handshake completed 
>>> succesfuly
>> Looks like openser shuts down the SSL connection [Chris] Actually 
>> it's minisip
>>
>>> 	19(26390) tls_tcpconn_clean: Entered
>>> 	19(26390) handle_tcp_child: reader response= b61c3f28, -2 from 2
>> Is openser reading from the closed SSL connection [Chris] I don't know
...
>> I'm compiling ssldump in order to have a dump with all packets
>>
>>> 	19(26390) tcpconn_destroy: destroying connection 0xb61c3f28, flags
>>> 0002
>>> 	19(26390) tls_close: Closing SSL connection
>> Is this the same TLS connection which will bel closed again?
>> [Chris] It's the second one created by the other minisip device
>>
>>> 	19(26390) tls_update_fd: New fd is 44
>>> 	19(26390) INFO: signal 13 received
>>> 	19(26390) tls_shutdown: First phase of 2-way handshake completed 
>>> succesfuly
>> If it would be the same SSL connection which will be closed here, 
>> there should not bee this message. Thus, I suspect there is another 
>> SSL connection open which will be closed here?
>> [Chris] It's the second one created by the other minisip device
>>
>>> 	19(26390) tls_tcpconn_clean: Entered
>>> 	*** glibc detected *** openser: free(): invalid pointer: 0x08788a38
>>
>> Christophe - can you please provide a tcpdump (capture file) and 
>> ssldump too? If its big, send it to me privately.
>> [Chris] I'm working on it
>>
>> regards
>> klaus
>>
>>
>>> ***
>>> 	======= Backtrace: =========
>>> 	/lib/libc.so.6[0x1741e0]
>>> 	/lib/libc.so.6(__libc_free+0x77)[0x17472b]
>>> 	/lib/libssl.so.5(kssl_ctx_free+0x82)[0x9c8317]
>>> 	/lib/libssl.so.5(SSL_free+0x165)[0x9be03e]
>>> 	openser(tls_tcpconn_clean+0x46)[0x80e2cd6]
>>> 	openser(_tcpconn_rm+0x2f0)[0x8093bd0]
>>> 	openser[0x80943dc]
>>> 	openser[0x8098e63]
>>> 	openser[0x8097461]
>>> 	openser[0x8099a63]
>>> 	openser(tcp_main_loop+0x55b)[0x809a1db]
>>> 	openser(main_loop+0x8e0)[0x806cd20]
>>> 	openser(main+0x16bb)[0x806e77b]
>>> 	/lib/libc.so.6(__libc_start_main+0xdf)[0x125d7f]
>>> 	openser[0x8051111]
>>> 	======= Memory map: ========
>>> 	00111000-00234000 r-xp 00000000 fd:02 289199     /lib/libc-2.3.6.so
>>> 	00234000-00236000 r-xp 00122000 fd:02 289199     /lib/libc-2.3.6.so
>>>
>>>
>>> 	Is this problem already corrected in the HEAD version of openSER ?
>>> Is anyone has the same problem with TLS clients and openSER 1.1.0 ?
>>>
>>> Thanks,
>>> Christophe
>>>
>>>
>>>       
>>>
>>>
>>>
>>>
>>> --------------------------------------------------------------------
>>> -
>>> -
>>> --
>>>
>>> _______________________________________________
>>> Devel mailing list
>>> Devel at openser.org
>>> http://openser.org/cgi-bin/mailman/listinfo/devel
>>
>> --
>> Klaus Darilion
>> nic.at
>>
>>
>> _______________________________________________
>> Devel mailing list
>> Devel at openser.org
>> http://openser.org/cgi-bin/mailman/listinfo/devel
> 
> 
> --
> Klaus Darilion
> nic.at


--
Klaus Darilion
nic.at




More information about the Devel mailing list