[Devel] Crash with openser 1.1.0 and TLS clients

Klaus Darilion klaus.mailinglists at pernau.at
Wed Nov 29 16:47:17 CET 2006 

Hi Christophe!


Can you please make the following test (with force_tcp_alias):
A*B register with TLS
A calls B
B sends 180 ringing, but does not pick up
kill client B (maybe there is a problem if the TLS connection gets lost 
during an ongoing transaction)
A cancels the call

thanks
klaus




Christophe Irles wrote:
> Klauss,
> 
> Very good news with force_tcp_alias(), openser doesn't crash ! Even when the
> client 2 un-register or is killed.
> 
> Please find in the attached ZIP file, openser and network traffic dump
> without the used of the function "force_tcp_alias(") in two use case:
> - client 2 unregistered
> - client 2 is killed
> 
> Hope this helps,
> Christophe
> 
> PS: If you want the miniSIP binary to reproduce the pb, please tell me (for
> windows only ...)
> 
> -----Message d'origine-----
> De : Klaus Darilion [mailto:klaus.mailinglists at pernau.at] 
> Envoyé : vendredi 24 novembre 2006 11:31
> À : Christophe Irles
> Cc : 'OpenSER_DEV'
> Objet : Re: [Devel] Crash with openser 1.1.0 and TLS clients
> 
> Hi!
> 
> Can you please repeat this test with force_tcp_alias() (just after
> route[]{).
> 
> This should cause only one connection to client 2.
> 
> Then kill again client 2. It will be interesting if there is again a crash.
> 
> thanks
> klaus
> 
> 
> 
> Christophe Irles wrote:
>> Hi Klaus,
>>
>> Please find in the attached file the network trace in this scenario:
>> Client 1 (800 at sbcsipsophia.dyndns.org) registers on openser in SIP-TLS 
>> Then client 2 (810 at sbcsipsophia.dyndns.org) registers too Client 1 
>> calls client 2 Client 2 is killed => openser crash
>>
>> Regards,
>> Christophe
>>
>> -----Message d'origine-----
>> De : devel-bounces at openser.org [mailto:devel-bounces at openser.org] De 
>> la part de Christophe Irles Envoyé : vendredi 24 novembre 2006 10:21 À 
>> : 'Klaus Darilion'
>> Cc : 'OpenSER_DEV'
>> Objet : RE: [Devel] Crash with openser 1.1.0 and TLS clients
>>
>> Hi Klaus,
>>
>> Thank for your inputs.
>>
>> Server side - version:
>> 	openser-1.1.0-tls
>> 	openssl-0.9.7f-7.10
>>
>> Client side - version:
>> 	minisip r2891
>> 	openssl-0.9.8b
>>
>>
>> About the buggy User Agent, to be sure to understand well, the pb 
>> comes from the line 55.
>> The ACK must be:
>> ACK sip:810 at 192.168.92.23:5060;transport=TCP SIP/2.0 Instead of:
>> ACK sip:810 at 192.168.92.23:5060 SIP/2.0 Is it correct ? I will send a 
>> mail to the minisip development team.
>>
>> TLS Dump analysis:
>> - 3 SSL connections: I thought openssl will reuse the previous 
>> connections and not create a new one to send the INVITE to the second 
>> client. In this situtation the client 2 is never reached if he is behind a
> NAT, isn't it ?
>> The problem is the same in TCP.
>>
>> As soons as possible I will test again as you suggest with the all
> traffic.
>> Thanks,
>> Christophe
>>
>> -----Message d'origine-----
>> De : Klaus Darilion [mailto:klaus.mailinglists at pernau.at]
>> Envoyé : vendredi 24 novembre 2006 08:49 À : Christophe Irles Cc :
>> 'OpenSER_DEV'
>> Objet : Re: [Devel] Crash with openser 1.1.0 and TLS clients
>>
>> Hi Christophe!
>>
>> Can you tell me the exact versions you use? openser, minisip, openssl 
>> (both o nminisip PCs and openser PC).
>>
>> thanks
>> klaus
>>
>>
>> Christophe Irles wrote:
>>> Ok I create again dump files with exactly the same scenario. I test 
>>> them with wireshark successfully. Pb seems to come from the "txt"
>> extension.
>>> The first dump file is based on SIP over TLS and the second is based 
>>> on SIP over TCP.
>>>
>>> As I said previously when using TLS, openser crash but not in TCP 
>>> (same openser config, just a restart between each test)
>>>
>>> I notice in these two dump files something strange: some packets send 
>>> by openser are in UDP ! When they are send, the header "Record Route"
>>> is composed of two lines: the last with the correct transport set 
>>> (TCP or TLS) but the first one wihtout this information ...
>>>
>>> Hope this helps,
>>> Christophe
>>>
>>> -----Message d'origine-----
>>> De : Klaus Darilion [mailto:klaus.mailinglists at pernau.at]
>>> Envoyé : mardi 21 novembre 2006 17:35 À : Christophe Irles Cc : 
>>> 'OpenSER_DEV'
>>> Objet : Re: [Devel] Crash with openser 1.1.0 and TLS clients
>>>
>>> Hi!
>>>
>>> I can't open the dump in ethereal. Maybe it was broken because it was 
>>> named .txt. Can you please resend it as .cap? (or zip)
>>>
>>> regards
>>> klaus
>>>
>>> Christophe Irles wrote:
>>>> Hi Klauss,
>>>>
>>>> Since ssldump is working not so well I used this option in my config
>> file:
>>>> tls_ciphers_list="NULL"
>>>> I used tcpdump to have SIP messages as follow:  tcpdump -vv -s 2000 
>>>> -i eth0 port 5061 -w dump.txt (cf. attached file)
>>>>
>>>> In this file, you will find this scenario:
>>>> - Device A (known as uri 800 at sbcsipsophia.dyndns.rog) registered 
>>>> first
>>>> - Device B (known as uri 810 at sbcsipsophia.dyndns.rog) registered in 
>>>> second
>>>> - A calls B => communications is good (media is working)
>>>> - B hangup
>>>> - B unregistered => openser crash !
>>>>
>>>> This scenario is the same as the test 3 describe in my previous mail
> (cf.
>>>> below)
>>>>
>>>> If you need more explanations or more debug output, please tell me.
>>>>
>>>> I'm using openser-1.1.0-tls
>>>>
>>>> Hope this helps,
>>>> Christophe
>>>>  
>>>>
>>>> -----Message d'origine-----
>>>> De : devel-bounces at openser.org [mailto:devel-bounces at openser.org] De 
>>>> la part de Christophe Irles Envoyé : vendredi 17 novembre 2006 17:24 
>>>> À
>>>> : 'Klaus Darilion'
>>>> Cc : 'OpenSER_DEV'
>>>> Objet : RE: [Devel] Crash with openser 1.1.0 and TLS clients
>>>>
>>>> Hi Klaus,
>>>>
>>>> The context is: a minisip called A (uri:800 at test.test) with TLS 
>>>> calls another minisip called B (uri:810 at test.test) with TLS.
>>>> Always A registered first and B in second (the order is important)
>>>>
>>>> Test 1:
>>>> A and B unregistered => no crash
>>>> I restart openser and minisip A and B devices (to be sure to have 
>>>> the same configuration in each test)
>>>>
>>>> Test 2:
>>>> A calls B. Communication is good. A or B hang up (I test the both) A 
>>>> unregistered => openser is still working B unregistered => openser 
>>>> crash
>> !
>>>> I restart openser and minisip A and B devices
>>>>
>>>> Test 3:
>>>> A calls B. Communication is good. A or B hang up (I test the both) B 
>>>> unregistered => openser crash !
>>>> I restart openser and minisip A and B devices
>>>>
>>>> Test 4:
>>>> A calls B. Communication is good. A or B hang up  (I test the both) 
>>>> B calls A. Communication is good. A or B hang up  (I test the both) 
>>>> Calls made several times => Communications are always good A 
>>>> unregistered => openser is still working B unregistered => openser 
>>>> crash
>> !
>>>> I restart openser and minisip A and B devices
>>>>
>>>> Test 5:
>>>> A calls B. Communication is good. A or B hang up  (I test the both) 
>>>> B calls A. Communication is good. A or B hang up  (I test the both) 
>>>> Calls made several times => Communications are good B unregistered 
>>>> =>
>>> openser crash !
>>>> About ssldump, I need to compile it including the lib pcap. As soon 
>>>> as possible I will send you the entire dump.
>>>>
>>>> Please find below some comments about some of your previous remarks.
>>>>
>>>> Thanks,
>>>> Regards,
>>>> Christophe
>>>>
>>>> -----Message d'origine-----
>>>> De : Klaus Darilion [mailto:klaus.mailinglists at pernau.at]
>>>> Envoyé : mardi 14 novembre 2006 18:51 À : Christophe Irles Cc : 
>>>> OpenSER_DEV Objet : Re: [Devel] Crash with openser 1.1.0 and TLS 
>>>> clients
>>>>
>>>> Christophe Irles wrote:
>>>>> Hello,
>>>> Hi Christoph!
>>>>
>>>> Who is closing the SSL connection - openser or minisip?
>>>> [Chris] minisip is closing the connection.
>>>>
>>>> There are several things which look very strange:
>>>>
>>>>> Extract of the log file:
>>>>> 	19(26390) tls_close: Closing SSL connection
>>>>> 	19(26390) tls_update_fd: New fd is 42
>>>>> 	19(26390) INFO: signal 13 received
>>>> Why is there a signal 13 (SIGPIPE) ?
>>>> [Chris] I don't know ... But this occurs, each time the second 
>>>> minisip unregistered from openser
>>>>
>>>>> 	19(26390) tls_shutdown: First phase of 2-way handshake completed 
>>>>> succesfuly
>>>> Looks like openser shuts down the SSL connection [Chris] Actually 
>>>> it's minisip
>>>>
>>>>> 	19(26390) tls_tcpconn_clean: Entered
>>>>> 	19(26390) handle_tcp_child: reader response= b61c3f28, -2 from 2
>>>> Is openser reading from the closed SSL connection [Chris] I don't 
>>>> know
>> ...
>>>> I'm compiling ssldump in order to have a dump with all packets
>>>>
>>>>> 	19(26390) tcpconn_destroy: destroying connection 0xb61c3f28, flags
>>>>> 0002
>>>>> 	19(26390) tls_close: Closing SSL connection
>>>> Is this the same TLS connection which will bel closed again?
>>>> [Chris] It's the second one created by the other minisip device
>>>>
>>>>> 	19(26390) tls_update_fd: New fd is 44
>>>>> 	19(26390) INFO: signal 13 received
>>>>> 	19(26390) tls_shutdown: First phase of 2-way handshake completed 
>>>>> succesfuly
>>>> If it would be the same SSL connection which will be closed here, 
>>>> there should not bee this message. Thus, I suspect there is another 
>>>> SSL connection open which will be closed here?
>>>> [Chris] It's the second one created by the other minisip device
>>>>
>>>>> 	19(26390) tls_tcpconn_clean: Entered
>>>>> 	*** glibc detected *** openser: free(): invalid pointer: 
>>>>> 0x08788a38
>>>> Christophe - can you please provide a tcpdump (capture file) and 
>>>> ssldump too? If its big, send it to me privately.
>>>> [Chris] I'm working on it
>>>>
>>>> regards
>>>> klaus
>>>>
>>>>
>>>>> ***
>>>>> 	======= Backtrace: =========
>>>>> 	/lib/libc.so.6[0x1741e0]
>>>>> 	/lib/libc.so.6(__libc_free+0x77)[0x17472b]
>>>>> 	/lib/libssl.so.5(kssl_ctx_free+0x82)[0x9c8317]
>>>>> 	/lib/libssl.so.5(SSL_free+0x165)[0x9be03e]
>>>>> 	openser(tls_tcpconn_clean+0x46)[0x80e2cd6]
>>>>> 	openser(_tcpconn_rm+0x2f0)[0x8093bd0]
>>>>> 	openser[0x80943dc]
>>>>> 	openser[0x8098e63]
>>>>> 	openser[0x8097461]
>>>>> 	openser[0x8099a63]
>>>>> 	openser(tcp_main_loop+0x55b)[0x809a1db]
>>>>> 	openser(main_loop+0x8e0)[0x806cd20]
>>>>> 	openser(main+0x16bb)[0x806e77b]
>>>>> 	/lib/libc.so.6(__libc_start_main+0xdf)[0x125d7f]
>>>>> 	openser[0x8051111]
>>>>> 	======= Memory map: ========
>>>>> 	00111000-00234000 r-xp 00000000 fd:02 289199     /lib/libc-2.3.6.so
>>>>> 	00234000-00236000 r-xp 00122000 fd:02 289199     /lib/libc-2.3.6.so
>>>>>
>>>>>
>>>>> 	Is this problem already corrected in the HEAD version of openSER ?
>>>>> Is anyone has the same problem with TLS clients and openSER 1.1.0 ?
>>>>>
>>>>> Thanks,
>>>>> Christophe
>>>>>
>>>>>
>>>>>       
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> -------------------------------------------------------------------
>>>>> -
>>>>> -
>>>>> -
>>>>> --
>>>>>
>>>>> _______________________________________________
>>>>> Devel mailing list
>>>>> Devel at openser.org
>>>>> http://openser.org/cgi-bin/mailman/listinfo/devel
>>>> --
>>>> Klaus Darilion
>>>> nic.at
>>>>
>>>>
>>>> _______________________________________________
>>>> Devel mailing list
>>>> Devel at openser.org
>>>> http://openser.org/cgi-bin/mailman/listinfo/devel
>>> --
>>> Klaus Darilion
>>> nic.at
>>
>> --
>> Klaus Darilion
>> nic.at
>>
>>
>> _______________________________________________
>> Devel mailing list
>> Devel at openser.org
>> http://openser.org/cgi-bin/mailman/listinfo/devel
> 
> 
> --
> Klaus Darilion
> nic.at


-- 
Klaus Darilion
nic.at

More information about the Devel mailing list