[SR-Users] tls.so: mod_register failed on fedora 18 x86_64

Roberto Fichera kernel at tekno-soft.it
Thu Aug 22 10:28:23 CEST 2013 

On 08/22/2013 10:23 AM, Daniel-Constantin Mierla wrote:
>
> On 8/22/13 9:00 AM, Roberto Fichera wrote:
>> On 08/21/2013 10:23 PM, Daniel-Constantin Mierla wrote:
>>> Hello,
>>>
>>> On 8/20/13 4:24 PM, Roberto Fichera wrote:
>>>> [...]
>>>>> Mmmhhh!!! Looks like this particular version has problem, see:
>>>>>
>>>>> http://bugs.python.org/msg191610
>>>>
>>>> I can confirm that the bug is present in both Fedora 18 & 19. The openssl has a bug
>>>> which prevent the tls module to work due to allow_customize = 0 set in one of the
>>>> functions called by OPENSSL_init() within CRYPTO_set_mem_functions().
>>>>
>>>> You can check easily with this small code:
>>>>
>>>> #include <stdio.h>
>>>> #include <openssl/ssl.h>
>>>>
>>>> static void *myMalloc( size_t s ) { return NULL; }   
>>>> static void *myRealloc( void *p, size_t s ) { return NULL; }
>>>> static void myFree( void *p ) {}
>>>>
>>>> int main()
>>>> {
>>>>   if ( !CRYPTO_set_mem_functions( myMalloc, myRealloc, myFree) )
>>>>   {
>>>>     fprintf( stderr, "Unable to set the memory allocation functions\n");
>>>>     return -1;
>>>>   }
>>>>
>>>>   return 0;
>>>> }
>>>>
>>>> compile with "gcc -o testssl testssl.c -lssl -lcrypto"
>>>>
>>>> I've done a small patch in order to workaround the problem in case someone need it.
>>> Thanks for investigating further and providing proper references.
>>>
>>> Is the patch for kamailio? If yes, you can attach it here or on our tracker, so others can use it. Eventually we can
>>> integrate it in the module, there are couple of other workarounds for openssl bugs there.
>>
>> Unfortunately not! I haven't found yet a solution to workaround the openssl patch!
>> I guess we cannot easily workaround inside the kamailio tls module since the
>> problem is strictly related to openssl.
> Can you share the openssl patch? Maybe we find a solution together here...

Sure! See below

diff -urN openssl-1.0.1e/crypto/mem.c openssl-1.0.1e/crypto/mem.c
--- openssl-1.0.1e/crypto/mem.c    2013-02-11 16:26:04.000000000 +0100
+++ openssl-1.0.1e/crypto/mem.c    2013-08-20 12:44:01.375906737 +0200
@@ -125,7 +125,7 @@
     void (*f)(void *))
     {
     /* Dummy call just to ensure OPENSSL_init() gets linked in */
-    OPENSSL_init();
+    static void *ptr = (void*)OPENSSL_init;
     if (!allow_customize)
         return 0;
     if ((m == 0) || (r == 0) || (f == 0))


>
> Cheers,
> Daniel
> -- 
> Daniel-Constantin Mierla - http://www.asipto.com
> http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20130822/b3db99e6/attachment-0001.html>

More information about the sr-users mailing list