[sr-dev] [kamailio/kamailio] tls: allow export session keys (#2785)

[Daniel-Constantin Mierla]

> I have checked openssl sources, look as `BIO_printf` and `BIO_write` function to not use lock mechanism.
> 
> > The solution would be to either have a lock around and do every time: lock, open file, write, close, unlock;
> 
> Why we cannot open the file once and use logic inside childrens
> 
> ```
> lock, write, unlock
> ```

You can read more on the net about opening a file before fork() and what happens after forking, etc ... In short, if you do not want to complicate the life a lot, it is not a good idea at all. Each process will have a clone of the file descriptor, with managing own states after fork ...

> 
> > I also noticed that the file name is reallocated in pkg using a local variable in a function and not freed.
> 
> is memory allocated here and not freed?
> 
> ```diff
> @@ -636,6 +710,7 @@ int tls_h_mod_pre_init_f(void)
>  #endif
>         SSL_load_error_strings();
>         tls_mod_preinitialized=1;
> +       prepare_keylog_file(cfg_get(tls, tls_cfg, session_keylog_filename));
>         return 0;
>  }
> ```

I meant the `keylog_file` variable which is local to the function and then lost:

```
+int prepare_keylog_file(str session_keylog_filename)
+{
+	char *keylog_file = NULL;
```

I couldn't spot where is freed.



-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/pull/2785#issuecomment-869505360
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-dev/attachments/20210628/f36eb23d/attachment-0001.htm>