[sr-dev] [kamailio/kamailio] TLS crashes Kamailio 5.4 branch on Ubuntu 20.04 and Debian Buster (#2560)
Dylan
notifications at github.com
Tue Nov 24 21:11:42 CET 2020
<!--
Kamailio Project uses GitHub Issues only for bugs in the code or feature requests. Please use this template only for bug reports.
If you have questions about using Kamailio or related to its configuration file, ask on sr-users mailing list:
* http://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
If you have questions about developing extensions to Kamailio or its existing C code, ask on sr-dev mailing list:
* http://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-dev
Please try to fill this template as much as possible for any issue. It helps the developers to troubleshoot the issue.
If there is no content to be filled in a section, the entire section can be removed.
You can delete the comments from the template sections when filling.
You can delete next line and everything above before submitting (it is a comment).
-->
### Description
Kamailio crashes on launch with TLS enabled on both Ubuntu 20.04 and Debian Buster.
### Troubleshooting
#### Reproduction
<!--
If the issue can be reproduced, describe how it can be done.
-->
1. cloned `https://github.com/kamailio/kamailio`
2. checked out `5.4`
3. make cfg
4. include_modules=app_python3 crypto db_mongodb
db_postgres dialplan http_async_client
http_client jansson json jsonrpcc log_systemd
outbound regex tls utils xcap_client xhttp_pi
uuid
5. make all
6. make install
7. make install-systemd-debian
8. turn on TLS (WITH_TLS), copy certs & keys.
9. sudo systemctl start kamailio
#### Log Messages
```
Nov 20 00:20:06 kamailio-stage-3 /usr/local/sbin/kamailio[12570]: INFO: tls [tls_mod.c:389]: mod_init(): With ECDH-Support!
Nov 20 00:20:06 kamailio-stage-3 /usr/local/sbin/kamailio[12570]: INFO: tls [tls_mod.c:392]: mod_init(): With Diffie Hellman
Nov 20 00:20:06 kamailio-stage-3 kamailio[12569]: DIGEST-MD5 common mech free
Nov 20 00:20:06 kamailio-stage-3 /usr/local/sbin/kamailio[12570]: INFO: auth [auth_mod.c:345]: mod_init(): qop set, but nonce-count (nonce_count) support disabled
Nov 20 00:20:06 kamailio-stage-3 /usr/local/sbin/kamailio[12570]: INFO: rr [../outbound/api.h:52]: ob_load_api(): unable to import bind_ob - maybe module is not loaded
Nov 20 00:20:06 kamailio-stage-3 /usr/local/sbin/kamailio[12570]: INFO: rr [rr_mod.c:185]: mod_init(): outbound module not available
Nov 20 00:20:06 kamailio-stage-3 kamailio[12568]: ERROR: <core> [core/daemonize.c:303]: daemonize(): Main process exited before writing to pipe
Nov 20 00:20:06 kamailio-stage-3 kamailio[12568]: CRITICAL: <core> [core/mem/q_malloc.c:519]: qm_free(): BUG: freeing already freed pointer (0x7f09fdb43de8), called from tls: tls_init.c: ser_free(323), first free tls: tls_init.c: ser_free(323) - ignoring
Nov 20 00:20:06 kamailio-stage-3 kamailio[12568]: CRITICAL: <core> [core/mem/q_malloc.c:519]: qm_free(): BUG: freeing already freed pointer (0x7f09fdb44098), called from tls: tls_init.c: ser_free(323), first free tls: tls_init.c: ser_malloc(293) - ignoring
Nov 20 00:20:06 kamailio-stage-3 kamailio[12568]: CRITICAL: <core> [core/mem/q_malloc.c:519]: qm_free(): BUG: freeing already freed pointer (0x7f09fdb94230), called from tls: tls_init.c: ser_free(323), first free tls: tls_init.c: ser_free(323) - ignoring
Nov 20 00:20:06 kamailio-stage-3 kamailio[12568]: CRITICAL: <core> [core/mem/q_malloc.c:519]: qm_free(): BUG: freeing already freed pointer (0x7f09fdb41890), called from tls: tls_init.c: ser_free(323), first free tls: tls_init.c: ser_free(323) - ignoring
Nov 20 00:20:06 kamailio-stage-3 kamailio[12568]: CRITICAL: <core> [core/mem/q_malloc.c:519]: qm_free(): BUG: freeing already freed pointer (0x7f09fdb34998), called from tls: tls_init.c: ser_free(323), first free tls: tls_init.c: ser_free(323) - ignoring
Nov 20 00:20:06 kamailio-stage-3 kamailio[12568]: CRITICAL: <core> [core/mem/q_malloc.c:519]: qm_free(): BUG: freeing already freed pointer (0x7f09fdb347b8), called from tls: tls_init.c: ser_free(323), first free tls: tls_init.c: ser_free(323) - ignoring
Nov 20 00:20:06 kamailio-stage-3 kamailio[12568]: CRITICAL: <core> [core/mem/q_malloc.c:519]: qm_free(): BUG: freeing already freed pointer (0x7f09fdb34858), called from tls: tls_init.c: ser_free(323), first free tls: tls_init.c: ser_malloc(293) - ignoring
Nov 20 00:20:06 kamailio-stage-3 kamailio[12568]: CRITICAL: <core> [core/mem/q_malloc.c:519]: qm_free(): BUG: freeing already freed pointer (0x7f09fdb348f8), called from tls: tls_init.c: ser_free(323), first free tls: tls_init.c: ser_malloc(293) - ignoring
Nov 20 00:20:06 kamailio-stage-3 systemd[1]: kamailio.service: Control process exited, code=killed, status=11/SEGV
Nov 20 00:20:06 kamailio-stage-3 systemd[1]: kamailio.service: Failed with result 'signal'.
Nov 20 00:20:06 kamailio-stage-3 systemd[1]: Failed to start kamailio (OpenSER) - the Open Source SIP Server.
Nov 20 00:20:06 kamailio-stage-3 systemd[1]: kamailio.service: Service RestartSec=100ms expired, scheduling restart.
Nov 20 00:20:06 kamailio-stage-3 systemd[1]: kamailio.service: Scheduled restart job, restart counter is at 57.
Nov 20 00:20:06 kamailio-stage-3 systemd[1]: Stopped kamailio (OpenSER) - the Open Source SIP Server.
Nov 20 00:20:06 kamailio-stage-3 systemd[1]: kamailio.service: Start request repeated too quickly.
Nov 20 00:20:06 kamailio-stage-3 systemd[1]: kamailio.service: Failed with result 'signal'.
Nov 20 00:20:06 kamailio-stage-3 systemd[1]: Failed to start kamailio (OpenSER) - the Open Source SIP Server.
```
### Possible Solutions
As a hack, we manually downgraded to https://www.openssl.org/source/openssl-1.0.2r.tar.gz and that seemed to allow the system to launch, but this is obviously not a stable, long-term solution.
### Additional Information
* **Kamailio Version** - output of `kamailio -v`
```
version: kamailio 5.4.2 (x86_64/linux) 2d733e
flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLACKLIST, HAVE_RESOLV_RES, TLS_PTHREAD_MUTEX_SHARED
ADAPTIVE_WAIT_LOOPS 1024, MAX_RECV_BUFFER_SIZE 262144, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB
poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
id: 2d733e
compiled on 23:01:51 Nov 19 2020 with gcc 8.3.0
```
* **Operating System**:
<!--
Details about the operating system, the type: Linux (e.g.,: Debian 8.4, Ubuntu 16.04, CentOS 7.1, ...), MacOS, xBSD, Solaris, ...;
Kernel details (output of `uname -a`)
-->
```
root at kamailio-stage-3:/home/admin# lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 10 (buster)
Release: 10
Codename: buster
root at kamailio-stage-3:/home/admin# uname -a
Linux kamailio-stage-3 4.19.0-12-cloud-amd64 #1 SMP Debian 4.19.152-1 (2020-10-18) x86_64 GNU/Linux
ubuntu at kamailio-stage-2:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 20.04.1 LTS
Release: 20.04
Codename: focal
ubuntu at kamailio-stage-2:~$ uname -a
Linux kamailio-stage-2 5.4.0-1029-aws #30-Ubuntu SMP Tue Oct 20 10:06:38 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
```
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2560
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-dev/attachments/20201124/66620508/attachment-0001.htm>
More information about the sr-dev
mailing list