[sr-dev] [kamailio/kamailio] tls: allow export session keys (#2785)

Daniel-Constantin Mierla notifications at github.com
Mon Jun 28 10:59:27 CEST 2021

> I have checked openssl sources, look as `BIO_printf` and `BIO_write` function to not use lock mechanism.
> > The solution would be to either have a lock around and do every time: lock, open file, write, close, unlock;
> Why we cannot open the file once and use logic inside childrens
> ```
> lock, write, unlock
> ```

You can read more on the net about opening a file before fork() and what happens after forking, etc ... In short, if you do not want to complicate the life a lot, it is not a good idea at all. Each process will have a clone of the file descriptor, with managing own states after fork ...

> > I also noticed that the file name is reallocated in pkg using a local variable in a function and not freed.
> is memory allocated here and not freed?
> ```diff
> @@ -636,6 +710,7 @@ int tls_h_mod_pre_init_f(void)
>  #endif
>         SSL_load_error_strings();
>         tls_mod_preinitialized=1;
> +       prepare_keylog_file(cfg_get(tls, tls_cfg, session_keylog_filename));
>         return 0;
>  }
> ```

I meant the `keylog_file` variable which is local to the function and then lost:

+int prepare_keylog_file(str session_keylog_filename)
+	char *keylog_file = NULL;

I couldn't spot where is freed.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-dev/attachments/20210628/f36eb23d/attachment-0001.htm>

More information about the sr-dev mailing list