[SR-Users] Why my kamailio only support 1 TLS connection

Daniel-Constantin Mierla miconda at gmail.com
Wed Nov 20 11:33:56 CET 2013 

Hello,

3.0 is almost 4 years old and there were some issue fixed for tls and 
shm memory afaik.

Can you try with 4.0.4?

Cheers,
Daniel

On 11/19/13 10:43 PM, Derrick Ding wrote:
> Hi Daniel,
>
> Thanks for response.
> The software version is:
> Kamailio 3.0.2
> OpenSSL 0.9.8k 25 Mar 2009
>
> I have used Kamailio 3.0.2 for long. I installed it from source file.
>
> Regards,
> Derrick
>
>
>
> -----Original Message-----
> From: sr-users-bounces at lists.sip-router.org [mailto:sr-users-bounces at lists.sip-router.org] On Behalf Of Daniel-Constantin Mierla
> Sent: Tuesday, November 19, 2013 4:18 PM
> To: Kamailio (SER) - Users Mailing List
> Cc: Kamailio (SER) - Users Mailing List
> Subject: Re: [SR-Users] Why my kamailio only support 1 TLS connection
>
> Hello,
>
> What version of kamailio and what libssl do you have? Have you installed from sources or from packages?
>
> Cheers,
> Daniel
>
> Daniel-Constantin Mierla
> http://www.asipto.com
>
> On 19 Nov 2013, at 22:03, Derrick Ding <dding at aastra.com> wrote:
>
>> Here is the partial log:
>> 17(21280) DEBUG: <core> [ip_addr.c:116]: tcpconn_new: new tcp connection: 10.30.102.161
>> 17(21280) DEBUG: <core> [tcp_main.c:1052]: tcpconn_new: on port 5061, type 3
>> 17(21280) DEBUG: <core> [tcp_main.c:1351]: tcpconn_add: hashes: 454:1641:1419, 3
>> 17(21280) DEBUG: <core> [io_wait.h:361]: DBG: io_watch_add(0x7d51a0, 32, 2, 0x7fc3e26c20e8), fd_no=25
>> 17(21280) DEBUG: <core> [io_wait.h:588]: DBG: io_watch_del (0x7d51a0, 32, -1, 0x0) fd_no=26 called
>> 17(21280) DEBUG: <core> [tcp_main.c:3627]: tcp: DBG: sendig to child, events 1
>> 17(21280) DEBUG: <core> [tcp_main.c:3336]: send2child: to tcp child 2 15(21278), 0x7fc3e26c20e8
>> 15(21278) DEBUG: <core> [tcp_read.c:884]: received n=8 con=0x7fc3e26c20e8, fd=7
>> 15(21278) DEBUG: tls [tls_server.c:109]: Using TLS domain TLSs<default>
>> 15(21278) ERROR: tls [tls_server.c:392]: SSL error:error:07064041:memory buffer routines:BUF_MEM_grow:malloc failure
>> 15(21278) DEBUG: <core> [tcp_read.c:811]: releasing con 0x7fc3e26c20e8, state -2, fd=7, id=3
>> 15(21278) DEBUG: <core> [tcp_read.c:812]:  extra_data 0x7fc3e26d7c68
>> 17(21280) DEBUG: <core> [tcp_main.c:2855]: handle_tcp_child: reader response= 7fc3e26c20e8, -2 from 2
>> 17(21280) DEBUG: tls [tls_server.c:701]: Closing SSL connection
>> 17(21280) DEBUG: tls [tls_server.c:523]: TLS shutdown successful
>>
>> -----Original Message-----
>> From: sr-users-bounces at lists.sip-router.org [mailto:sr-users-bounces at lists.sip-router.org] On Behalf Of Derrick Ding
>> Sent: Tuesday, November 19, 2013 4:01 PM
>> To: 'Kamailio (SER) - Users Mailing List'
>> Subject: Re: [SR-Users] Why my kamailio only support 1 TLS connection
>>
>> Also tried:
>> modparam("tls", "low_memory_threshold1", 0)
>> modparam("tls", "low_memory_threshold2", 0)
>> same error.
>>
>> And by default, compression is disabled. So strange error.
>>
>> -----Original Message-----
>> From: sr-users-bounces at lists.sip-router.org [mailto:sr-users-bounces at lists.sip-router.org] On Behalf Of Derrick Ding
>> Sent: Tuesday, November 19, 2013 3:19 PM
>> To: 'Kamailio (SER) - Users Mailing List'
>> Subject: [SR-Users] Why my kamailio only support 1 TLS connection
>>
>> Hi All,
>>
>> Need some help of setup TLS on Kamailio.
>> Currently my Kamailio TLS works, but only support one client register successfully. If there's another client want to setup TLS connection, it shows:
>> tls [tls_server.c:392]: SSL error:error:07064041:memory bufferoutines:BUF_MEM_grow:malloc failure.
>>
>> I have modified /etc/default/Kamailio
>> MEMORY=256
>> But the error is still there.
>>
>> The client A and B share same private key and Trusted Certificate. I don't know if this is correct or this is the cause that second TLS failure.
>>
>> Can anyone help me? I can provide log or config if necessary.
>>
>> Thanks,
>> Derrick
>>
>>
>> _______________________________________________
>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
>> sr-users at lists.sip-router.org
>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>>
>> _______________________________________________
>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
>> sr-users at lists.sip-router.org
>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>>
>> _______________________________________________
>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
>> sr-users at lists.sip-router.org
>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla - http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Kamailio Advanced Trainings - Berlin, Nov 25-28
   - more details about Kamailio trainings at http://www.asipto.com -

More information about the sr-users mailing list