sr-dev October 2019

sr-dev@lists.kamailio.org

22 participants
436 discussions

git:5.2:d86c831a: core: str2int() test first if result is null, otherwise init it to 0

by Daniel-Constantin Mierla

Module: kamailio Branch: 5.2 Commit: d86c831a474e57acc6bd744eb52a24b3b7b9a3c0 URL: https://github.com/kamailio/kamailio/commit/d86c831a474e57acc6bd744eb52a24b… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2019-10-07T11:43:55+02:00 core: str2int() test first if result is null, otherwise init it to 0 (cherry picked from commit b83a165e2d0e34c9bca742708c1891eb114bae04) (cherry picked from commit ac16e21715e57befcba386e74214fa482bdf97d7) --- Modified: src/core/ut.h --- Diff: https://github.com/kamailio/kamailio/commit/d86c831a474e57acc6bd744eb52a24b… Patch: https://github.com/kamailio/kamailio/commit/d86c831a474e57acc6bd744eb52a24b… --- diff --git a/src/core/ut.h b/src/core/ut.h index 8d4f01e9a1..4a5cc463a5 100644 --- a/src/core/ut.h +++ b/src/core/ut.h @@ -635,12 +635,12 @@ static inline int str2int(str* _s, unsigned int* _r) { int i; - if (_s == NULL) return -1; if (_r == NULL) return -1; + *_r = 0; + if (_s == NULL) return -1; if (_s->len < 0) return -1; if (_s->s == NULL) return -1; - *_r = 0; for(i = 0; i < _s->len; i++) { if ((_s->s[i] >= '0') && (_s->s[i] <= '9')) { *_r *= 10;

5 years, 1 month

git:5.2:52e34808: tls: docs for rand_engine parameter

by Daniel-Constantin Mierla

Module: kamailio Branch: 5.2 Commit: 52e348087551b42c97bcb235dabbc95255a83b1a URL: https://github.com/kamailio/kamailio/commit/52e348087551b42c97bcb235dabbc95… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2019-10-07T11:43:55+02:00 tls: docs for rand_engine parameter (cherry picked from commit 787b95a5a0573d4e81b2475a84bad59076e34faf) (cherry picked from commit 3c11a405344af55aa4b9c8d35e1c181473cbdf42) --- Modified: src/modules/tls/doc/params.xml --- Diff: https://github.com/kamailio/kamailio/commit/52e348087551b42c97bcb235dabbc95… Patch: https://github.com/kamailio/kamailio/commit/52e348087551b42c97bcb235dabbc95… --- diff --git a/src/modules/tls/doc/params.xml b/src/modules/tls/doc/params.xml index 6ef2d4123f..6028642b5f 100644 --- a/src/modules/tls/doc/params.xml +++ b/src/modules/tls/doc/params.xml @@ -1241,6 +1241,39 @@ end </example> </section> + <section id="tls.p.rand_engine"> + <title><varname>rand_engine</varname> (str)</title> + <para> + Set the ranondom number generator engine for libssl. + </para> + <para> + Note: the default random number generator (PRNG) engine of libssl v1.1.x + is not designed for multi-process applications and can result in a crash. + Therefore set the PRNG engine to one of the options listed in this + section. If libssl 1.1.x (or newer) is detected at compile time, then + the PRNG engine is set to "fastrand". + </para> + <para> + The following options are avaialble: + </para> + <itemizedlist> + <listitem><para>krand - use internal kam_rand() function</para></listitem> + <listitem><para>fastrand - use internal fastrand function</para></listitem> + </itemizedlist> + <para> + The default value is empty (not set) for libssl v1.0.x or older, and + "fastrand" for libssl v1.1.x or newer. + </para> + <example> + <title>Set <varname>rand_engine</varname> parameter</title> + <programlisting> +... +modparam("tls", "rand_engine", "fastrand") +... + </programlisting> + </example> + </section> + <section id="tls.p.engine"> <title><varname>engine</varname> (string)</title> <para>

5 years, 1 month

git:5.2:e1b740b4: tls: set random number engine to fastrand for libssl1.1+

by Daniel-Constantin Mierla

Module: kamailio Branch: 5.2 Commit: e1b740b43f0fda7bcbf4b36c2816d318193acf54 URL: https://github.com/kamailio/kamailio/commit/e1b740b43f0fda7bcbf4b36c2816d31… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2019-10-07T11:43:55+02:00 tls: set random number engine to fastrand for libssl1.1+ (cherry picked from commit 6d154fbb2ff1d2941316281fad120b5db219deb1) (cherry picked from commit 2935b65d7d909f8ac355b8f2b5404494c4ec2c6b) --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/e1b740b43f0fda7bcbf4b36c2816d31… Patch: https://github.com/kamailio/kamailio/commit/e1b740b43f0fda7bcbf4b36c2816d31… --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 87759249b2..75d8aa8fd2 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -561,6 +561,12 @@ int mod_register(char *path, int *dlflags, void *p1, void *p2) return -1; register_tls_hooks(&tls_h); + +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + LM_DBG("setting fastrand random engine\n"); + RAND_set_rand_method(RAND_ksr_fastrand_method()); +#endif + sr_kemi_modules_add(sr_kemi_tls_exports); return 0;

5 years, 1 month

git:5.2:f73aa772: tls: option to set use fastrand for rand_engine

by Daniel-Constantin Mierla

Module: kamailio Branch: 5.2 Commit: f73aa7727607c18cf6d6bcb11c51510c8d3660c9 URL: https://github.com/kamailio/kamailio/commit/f73aa7727607c18cf6d6bcb11c51510… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2019-10-07T11:43:55+02:00 tls: option to set use fastrand for rand_engine (cherry picked from commit 4f514a7956534f1afc1ef30d8332f5dc3547de4b) (cherry picked from commit 43aa779ee9e43805e6a7da2c12562fdc89c5c413) --- Modified: src/modules/tls/tls_mod.c Modified: src/modules/tls/tls_rand.c Modified: src/modules/tls/tls_rand.h --- Diff: https://github.com/kamailio/kamailio/commit/f73aa7727607c18cf6d6bcb11c51510… Patch: https://github.com/kamailio/kamailio/commit/f73aa7727607c18cf6d6bcb11c51510… --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 52a45353d6..87759249b2 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -449,7 +449,10 @@ int ksr_rand_engine_param(modparam_t type, void* val) LM_DBG("random engine: %.*s\n", reng->len, reng->s); if(reng->len == 5 && strncasecmp(reng->s, "krand", 5) == 0) { LM_DBG("setting krand random engine\n"); - RAND_set_rand_method(RAND_ksr_method()); + RAND_set_rand_method(RAND_ksr_krand_method()); + } else if(reng->len == 8 && strncasecmp(reng->s, "fastrand", 8) == 0) { + LM_DBG("setting fastrand random engine\n"); + RAND_set_rand_method(RAND_ksr_fastrand_method()); } #endif return 0; diff --git a/src/modules/tls/tls_rand.c b/src/modules/tls/tls_rand.c index 0f283306dd..9101251dd7 100644 --- a/src/modules/tls/tls_rand.c +++ b/src/modules/tls/tls_rand.c @@ -27,9 +27,10 @@ #include "../../core/dprint.h" #include "../../core/rand/kam_rand.h" +#include "../../core/rand/fastrand.h" #include "fortuna/random.h" -static int ksr_rand_bytes(unsigned char *outdata, int size) +static int ksr_krand_bytes(unsigned char *outdata, int size) { int r; @@ -57,28 +58,75 @@ static int ksr_rand_bytes(unsigned char *outdata, int size) return 1; } -static int ksr_rand_pseudorand(unsigned char *outdata, int size) +static int ksr_krand_pseudorand(unsigned char *outdata, int size) { - return ksr_rand_bytes(outdata, size); + return ksr_krand_bytes(outdata, size); } -static int ksr_rand_status(void) +static int ksr_krand_status(void) { return 1; } -const RAND_METHOD _ksr_rand_method = { +const RAND_METHOD _ksr_krand_method = { NULL, - ksr_rand_bytes, + ksr_krand_bytes, NULL, NULL, - ksr_rand_pseudorand, - ksr_rand_status + ksr_krand_pseudorand, + ksr_krand_status }; -const RAND_METHOD *RAND_ksr_method(void) +const RAND_METHOD *RAND_ksr_krand_method(void) { - return &_ksr_rand_method; + return &_ksr_krand_method; +} + +static int ksr_fastrand_bytes(unsigned char *outdata, int size) +{ + int r; + + if (size < 0) { + return 0; + } else if (size == 0) { + return 1; + } + + while(size >= sizeof(int)) { + r = kam_rand(); + memcpy(outdata, &r, sizeof(int)); + size -= sizeof(int); + outdata += sizeof(int); + } + if(size>0) { + r = kam_rand(); + memcpy(outdata, &r, size); + } + return 1; +} + +static int ksr_fastrand_pseudorand(unsigned char *outdata, int size) +{ + return ksr_fastrand_bytes(outdata, size); +} + +static int ksr_fastrand_status(void) +{ + return 1; +} + +const RAND_METHOD _ksr_fastrand_method = { + NULL, + ksr_fastrand_bytes, + NULL, + NULL, + ksr_fastrand_pseudorand, + ksr_fastrand_status +}; + +const RAND_METHOD *RAND_ksr_fastrand_method(void) +{ + return &_ksr_fastrand_method; } #endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */ diff --git a/src/modules/tls/tls_rand.h b/src/modules/tls/tls_rand.h index 20b5a20e9c..d1a3f0d37f 100644 --- a/src/modules/tls/tls_rand.h +++ b/src/modules/tls/tls_rand.h @@ -25,7 +25,8 @@ #include <openssl/rand.h> -const RAND_METHOD *RAND_ksr_method(void); +const RAND_METHOD *RAND_ksr_krand_method(void); +const RAND_METHOD *RAND_ksr_fastrand_method(void); #endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */ #endif

5 years, 1 month

git:5.2:c6cac677: tls: add local copy of fortuna and depenencies from git master

by Daniel-Constantin Mierla

Module: kamailio Branch: 5.2 Commit: c6cac67746e96fff43dbf6b55e018a84722a1400 URL: https://github.com/kamailio/kamailio/commit/c6cac67746e96fff43dbf6b55e018a8… Author: Henning Westerholt <hw(a)skalatan.de> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2019-10-07T11:43:54+02:00 tls: add local copy of fortuna and depenencies from git master - add local copy of fortuna and depenencies from git master - not active yet, needs additions in tls_rand.* and probably also Makefile (cherry picked from commit 26d8e3cf82a49ad4e58ced507f7a1787b74656b0) --- Added: src/modules/tls/fortuna/Makefile Added: src/modules/tls/fortuna/fortuna.c Added: src/modules/tls/fortuna/fortuna.h Added: src/modules/tls/fortuna/random.c Added: src/modules/tls/fortuna/random.h Added: src/modules/tls/fortuna/rijndael.c Added: src/modules/tls/fortuna/rijndael.h Added: src/modules/tls/fortuna/rijndael.tbl Added: src/modules/tls/fortuna/sha256.c Added: src/modules/tls/fortuna/sha256.h Modified: src/modules/tls/Makefile Modified: src/modules/tls/tls_rand.c --- Diff: https://github.com/kamailio/kamailio/commit/c6cac67746e96fff43dbf6b55e018a8… Patch: https://github.com/kamailio/kamailio/commit/c6cac67746e96fff43dbf6b55e018a8…

5 years, 1 month

git:5.3:f0789360: tls: Makefile - do not enclose fortuna lib in quotes

by Daniel-Constantin Mierla

Module: kamailio Branch: 5.3 Commit: f07893606b2129f3a7f24a7d1f7fee619f9b8105 URL: https://github.com/kamailio/kamailio/commit/f07893606b2129f3a7f24a7d1f7fee6… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2019-10-07T11:42:12+02:00 tls: Makefile - do not enclose fortuna lib in quotes - bsd make keeps them in compile/ldd command --- Modified: src/modules/tls/Makefile --- Diff: https://github.com/kamailio/kamailio/commit/f07893606b2129f3a7f24a7d1f7fee6… Patch: https://github.com/kamailio/kamailio/commit/f07893606b2129f3a7f24a7d1f7fee6… --- diff --git a/src/modules/tls/Makefile b/src/modules/tls/Makefile index 9911882dc8..224bbd81d3 100644 --- a/src/modules/tls/Makefile +++ b/src/modules/tls/Makefile @@ -28,7 +28,7 @@ else # E.g.: make TLS_HOOKS=1 TLS_EXTRA_LIBS="-lz -lkrb5" endif -TLS_EXTRA_LIBS="-L. -lfortuna" +TLS_EXTRA_LIBS= -L. -lfortuna LIBS+= $(TLS_EXTRA_LIBS) # dcm: tls.cfg installed via local 'install-cfg' to update paths

5 years, 1 month

Errored: kamailio/kamailio#7886 (master - b0538d6)

by Travis CI

Build Update for kamailio/kamailio ------------------------------------- Build: #7886 Status: Errored Duration: 33 secs Commit: b0538d6 (master) Author: Henning Westerholt Message: tls: fix error in DBG message View the changeset: https://github.com/kamailio/kamailio/compare/876c05299626...b0538d6515ad View the full build log and details: https://travis-ci.org/kamailio/kamailio/builds/594497545?utm_medium=notific… -- You can unsubscribe from build emails from the kamailio/kamailio repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=3596148&ut…. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notificati…. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

5 years, 1 month

git:master:b0538d65: tls: fix error in DBG message

by Henning Westerholt

Module: kamailio Branch: master Commit: b0538d6515ad2a62f4336ec4395d10a5a9fc654b URL: https://github.com/kamailio/kamailio/commit/b0538d6515ad2a62f4336ec4395d10a… Author: Henning Westerholt <hw(a)skalatan.de> Committer: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-07T11:31:50+02:00 tls: fix error in DBG message --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/b0538d6515ad2a62f4336ec4395d10a… Patch: https://github.com/kamailio/kamailio/commit/b0538d6515ad2a62f4336ec4395d10a… --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 5784ce4842..424fad8a08 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -566,7 +566,7 @@ int mod_register(char *path, int *dlflags, void *p1, void *p2) register_tls_hooks(&tls_h); #if OPENSSL_VERSION_NUMBER >= 0x10100000L - LM_DBG("setting fastrand random engine\n"); + LM_DBG("setting cryptorand random engine\n"); RAND_set_rand_method(RAND_ksr_cryptorand_method()); #endif

5 years, 1 month

Errored: kamailio/kamailio#7885 (master - 876c052)

by Travis CI

Build Update for kamailio/kamailio ------------------------------------- Build: #7885 Status: Errored Duration: 33 secs Commit: 876c052 (master) Author: Sergey Safarov Message: pkg/docker: updated kamailio-ci subproject View the changeset: https://github.com/kamailio/kamailio/compare/b1886c15ba56...876c05299626 View the full build log and details: https://travis-ci.org/kamailio/kamailio/builds/594496259?utm_medium=notific… -- You can unsubscribe from build emails from the kamailio/kamailio repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=3596148&ut…. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notificati…. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

5 years, 1 month

git:master:b1886c15: modules: readme files regenerated - tls ... [skip ci]

by Kamailio Dev

Module: kamailio Branch: master Commit: b1886c15ba562fef987fe6361df2cb3bbe00888c URL: https://github.com/kamailio/kamailio/commit/b1886c15ba562fef987fe6361df2cb3… Author: Kamailio Dev <kamailio.dev(a)kamailio.org> Committer: Kamailio Dev <kamailio.dev(a)kamailio.org> Date: 2019-10-07T11:02:17+02:00 modules: readme files regenerated - tls ... [skip ci] --- Modified: src/modules/tls/README --- Diff: https://github.com/kamailio/kamailio/commit/b1886c15ba562fef987fe6361df2cb3… Patch: https://github.com/kamailio/kamailio/commit/b1886c15ba562fef987fe6361df2cb3… --- diff --git a/src/modules/tls/README b/src/modules/tls/README index 295306a74e..b0d9fa2601 100644 --- a/src/modules/tls/README +++ b/src/modules/tls/README @@ -1430,14 +1430,17 @@ end v1.1.x is not designed for multi-process applications and can result in a crash. Therefore set the PRNG engine to one of the options listed in this section. If libssl 1.1.x (or newer) is detected at compile time, - then the PRNG engine is set to "fastrand". + then the PRNG engine is set to "cryptorand". The following options are avaialble: * krand - use internal kam_rand() function * fastrand - use internal fastrand function + * cryptorand - use internal cryptorand function The default value is empty (not set) for libssl v1.0.x or older, and - "fastrand" for libssl v1.1.x or newer. + "cryptorand" for libssl v1.1.x or newer. The krand and fastrand engines + are not recommended for production use, as they will not generate + secure enough random numbers. Example 1.45. Set rand_engine parameter ...

5 years, 1 month

← Newer
1
...
33
34
35
36
37
38
39
...
44
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

sr-dev October 2019