sr-dev October 2019

sr-dev@lists.kamailio.org

22 participants
436 discussions

git:master:b83a165e: core: str2int() test first if result is null, otherwise init it to 0

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: b83a165e2d0e34c9bca742708c1891eb114bae04 URL: https://github.com/kamailio/kamailio/commit/b83a165e2d0e34c9bca742708c1891e… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2019-10-04T08:54:35+02:00 core: str2int() test first if result is null, otherwise init it to 0 --- Modified: src/core/ut.h --- Diff: https://github.com/kamailio/kamailio/commit/b83a165e2d0e34c9bca742708c1891e… Patch: https://github.com/kamailio/kamailio/commit/b83a165e2d0e34c9bca742708c1891e… --- diff --git a/src/core/ut.h b/src/core/ut.h index 88df8dba65..2259aea973 100644 --- a/src/core/ut.h +++ b/src/core/ut.h @@ -635,12 +635,12 @@ static inline int str2int(str* _s, unsigned int* _r) { int i; - if (_s == NULL) return -1; if (_r == NULL) return -1; + *_r = 0; + if (_s == NULL) return -1; if (_s->len < 0) return -1; if (_s->s == NULL) return -1; - *_r = 0; for(i = 0; i < _s->len; i++) { if ((_s->s[i] >= '0') && (_s->s[i] <= '9')) { *_r *= 10;

5 years, 1 month

addition of a cryptographic secure RNG to git master

by Henning Westerholt

Hello, I've added a cryptographic secure pseudo random number generator to git master. It is located in src/core/random/fortuna. There are easy wrapper function available in src/core/random/cryptorand.h - this is the one that is easiest to use. Please use this if you need cryptographic secure random numbers in your module. The wrapper provides a similar API as fastrand or kam_rand: /* seed the generator, will also use system randomness */ void cryptorand_seed(const unsigned int seed) /* generate a 32 bit random number */ unsigned int cryptorand(void) Motivation for this addition was the issue [1] related to the TLS module and openssl-1.1. The implementation was based on libfortuna [2]. It was refactored to the Kamailio core and all not necessary parts were removed. It is seeded from the core at startup and also includes automatic time-based reseeding from kernel random sources. As part of this implementation I also consolidated the existing crypto related code into a new directory: src/core/crypto. This way I could also get rid of the srutils library dependency for several modules. This changes will not backported in this way to 5.3.0. There will be probably for 5.3. a dedicated copy of the necessary code to the TLS module. If you notice any issues, please let me know. Cheers, Henning [1] https://github.com/kamailio/kamailio/issues/2077 [2] https://github.com/henningw/libfortuna -- Kamailio Merchandising - https://skalatan.de/merchandising/ Kamailio services - https://skalatan.de/services Henning Westerholt - https://skalatan.de/blog/

5 years, 1 month

git: new commits in branch master

by Henning Westerholt

- URL: https://github.com/kamailio/kamailio/commit/6c892196583adf7d4615cdfc9ba9311… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T13:45:33+02:00 core: move existing MD5 hash implementation into new core subfolder crypto - URL: https://github.com/kamailio/kamailio/commit/8d1403d59b09868028e2528b84a5bed… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T13:45:33+02:00 lib: adapt md5 #include path to new core location - URL: https://github.com/kamailio/kamailio/commit/c5c2943f2139b3eecded7577292ade0… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T13:45:33+02:00 tm: adapt md5 #include path to new core location - URL: https://github.com/kamailio/kamailio/commit/420b6baf2a63d3e65ebfa8d83fc0737… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T13:45:33+02:00 auth: adapt md5 #include path to new core location - URL: https://github.com/kamailio/kamailio/commit/8ea763eb3bc28008003195c0e22e1c6… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T13:45:33+02:00 cfgutils: adapt md5 #include path to new core location - URL: https://github.com/kamailio/kamailio/commit/8aa7a19f671cf537cb0617ec1a3f1ec… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T13:45:33+02:00 exec: adapt md5 #include path to new core location - URL: https://github.com/kamailio/kamailio/commit/9ebe6364c60d0ef6ec61c70fbc22d07… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T13:45:33+02:00 memcached: adapt md5 #include path to new core location - URL: https://github.com/kamailio/kamailio/commit/abb0f95e9a8457b2d578b82bb9d2b67… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T13:45:33+02:00 ims_auth: adapt md5 #include path to new core location - URL: https://github.com/kamailio/kamailio/commit/5b7b5f1c9786c7f94f6f051fb47f0f2… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T13:45:33+02:00 siputils: adapt md5 #include path to new core location - URL: https://github.com/kamailio/kamailio/commit/5bac8fbe6eb2634a714745ae0085091… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T13:45:33+02:00 sl: adapt md5 #include path to new core location - URL: https://github.com/kamailio/kamailio/commit/99d1a664bda9fcf4758be559dcc52a2… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T13:45:33+02:00 topoh: adapt md5 #include path to new core location - URL: https://github.com/kamailio/kamailio/commit/018d8bfe5220db796cb0289b938a677… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T13:45:33+02:00 uac: adapt md5 #include path to new core location - URL: https://github.com/kamailio/kamailio/commit/aa9bffab566bee2f393e7101329cd7e… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T13:45:33+02:00 lib: move existing SHA cryptographic hash function to new core crypto sub dir - URL: https://github.com/kamailio/kamailio/commit/6dead6e8f35882eabb6aa2c505df32e… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T13:45:33+02:00 auth: adapt SHA hash function to new location, remove srutils library dependency - URL: https://github.com/kamailio/kamailio/commit/56f4a0912e689a16056b55ac8785d35… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T13:45:33+02:00 pv: adapt SHA hash function to new location, remove srutils library dependency - URL: https://github.com/kamailio/kamailio/commit/204124a1e6bdf8f97c342f8a659017a… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T13:45:33+02:00 auth_xkeys: adapt SHA hash function to new location, remove srutils library dependency - URL: https://github.com/kamailio/kamailio/commit/b2ec4db5084234d1573ed16ac7bc29e… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T13:45:33+02:00 core: add AES implementation to core, necessary for fortuna cryptographic RNG - URL: https://github.com/kamailio/kamailio/commit/f6c2d70ec107f830589eb35130a2e4d… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T13:45:34+02:00 core: add fortuna cryptographic random number generator to core - URL: https://github.com/kamailio/kamailio/commit/4012eb43c7dd719aff32aef0b3161ab… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T13:45:34+02:00 core: comment main() test routine in AES implementation out - URL: https://github.com/kamailio/kamailio/commit/7625993165aa829ea454b34c7498b5b… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T14:45:55+02:00 core: synchronize rijndael.c with postgresql upstream (static functions, spelling fixes) - URL: https://github.com/kamailio/kamailio/commit/6f66bd2fdf75dcad961ec225175c670… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T14:53:10+02:00 core: use static for internal fortuna CPRNG functions, add sr_ prefix to public functions - URL: https://github.com/kamailio/kamailio/commit/752f3b4237ae6469ec0ed3efb5d53a7… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T17:28:56+02:00 core: cleanup code for fortuna and random implementation - fix indention for a few functions - use types from sys/types.h consistently - get rid of redundant wrapper function, we implement a wrapper in core anyway - URL: https://github.com/kamailio/kamailio/commit/2402b8abd7f5f5e106d7d23e99052a2… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T17:48:32+02:00 core: add debug logging for automatic reseeding and manual entropy adding - URL: https://github.com/kamailio/kamailio/commit/e68f0926d6118497cd8d5cae54fc003… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T17:49:05+02:00 core: also initialize cryptographic PRNG, use it to seed all others RNGs - URL: https://github.com/kamailio/kamailio/commit/de0c7743e0cd6f9daf90a0dc9d0629d… Author: Henning Westerholt <hw(a)skalatan.de> Date: 2019-10-03T17:52:37+02:00 core: add small wrappers around cryptographic PRNG with an interface like fastrand

5 years, 1 month

git:5.3:eb792682: pkg/kamailio/deb: version set 5.3.0~rc0

by Victor Seva

Module: kamailio Branch: 5.3 Commit: eb792682973f34b1946a36126a01f6547ae43a5b URL: https://github.com/kamailio/kamailio/commit/eb792682973f34b1946a36126a01f65… Author: Victor Seva <linuxmaniac(a)torreviejawireless.org> Committer: Victor Seva <linuxmaniac(a)torreviejawireless.org> Date: 2019-10-03T12:02:12+02:00 pkg/kamailio/deb: version set 5.3.0~rc0 --- Modified: pkg/kamailio/deb/bionic/changelog Modified: pkg/kamailio/deb/buster/changelog Modified: pkg/kamailio/deb/debian/changelog Modified: pkg/kamailio/deb/jessie/changelog Modified: pkg/kamailio/deb/precise/changelog Modified: pkg/kamailio/deb/sid/changelog Modified: pkg/kamailio/deb/stretch/changelog Modified: pkg/kamailio/deb/trusty/changelog Modified: pkg/kamailio/deb/wheezy/changelog Modified: pkg/kamailio/deb/xenial/changelog --- Diff: https://github.com/kamailio/kamailio/commit/eb792682973f34b1946a36126a01f65… Patch: https://github.com/kamailio/kamailio/commit/eb792682973f34b1946a36126a01f65…

5 years, 1 month

git:master:075c74f1: pkg/kamailio/deb: version set 5.4.0~dev0

by Victor Seva

Module: kamailio Branch: master Commit: 075c74f1dfc7b3402e8c0b9c3ad0e7930b2dcba6 URL: https://github.com/kamailio/kamailio/commit/075c74f1dfc7b3402e8c0b9c3ad0e79… Author: Victor Seva <linuxmaniac(a)torreviejawireless.org> Committer: Victor Seva <linuxmaniac(a)torreviejawireless.org> Date: 2019-10-03T11:59:52+02:00 pkg/kamailio/deb: version set 5.4.0~dev0 --- Modified: pkg/kamailio/deb/bionic/changelog Modified: pkg/kamailio/deb/buster/changelog Modified: pkg/kamailio/deb/debian/changelog Modified: pkg/kamailio/deb/jessie/changelog Modified: pkg/kamailio/deb/precise/changelog Modified: pkg/kamailio/deb/sid/changelog Modified: pkg/kamailio/deb/stretch/changelog Modified: pkg/kamailio/deb/trusty/changelog Modified: pkg/kamailio/deb/wheezy/changelog Modified: pkg/kamailio/deb/xenial/changelog --- Diff: https://github.com/kamailio/kamailio/commit/075c74f1dfc7b3402e8c0b9c3ad0e79… Patch: https://github.com/kamailio/kamailio/commit/075c74f1dfc7b3402e8c0b9c3ad0e79…

5 years, 1 month

git:master:e376fe8a: modules: readme files regenerated - tls ... [skip ci]

by Kamailio Dev

Module: kamailio Branch: master Commit: e376fe8aacd37c9f2f889e16d98fb3da6960f95d URL: https://github.com/kamailio/kamailio/commit/e376fe8aacd37c9f2f889e16d98fb3d… Author: Kamailio Dev <kamailio.dev(a)kamailio.org> Committer: Kamailio Dev <kamailio.dev(a)kamailio.org> Date: 2019-10-03T11:47:53+02:00 modules: readme files regenerated - tls ... [skip ci] --- Modified: src/modules/tls/README --- Diff: https://github.com/kamailio/kamailio/commit/e376fe8aacd37c9f2f889e16d98fb3d… Patch: https://github.com/kamailio/kamailio/commit/e376fe8aacd37c9f2f889e16d98fb3d…

5 years, 1 month

git:master:787b95a5: tls: docs for rand_engine parameter

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 787b95a5a0573d4e81b2475a84bad59076e34faf URL: https://github.com/kamailio/kamailio/commit/787b95a5a0573d4e81b2475a84bad59… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2019-10-03T11:36:28+02:00 tls: docs for rand_engine parameter --- Modified: src/modules/tls/doc/params.xml --- Diff: https://github.com/kamailio/kamailio/commit/787b95a5a0573d4e81b2475a84bad59… Patch: https://github.com/kamailio/kamailio/commit/787b95a5a0573d4e81b2475a84bad59… --- diff --git a/src/modules/tls/doc/params.xml b/src/modules/tls/doc/params.xml index 6ef2d4123f..6028642b5f 100644 --- a/src/modules/tls/doc/params.xml +++ b/src/modules/tls/doc/params.xml @@ -1241,6 +1241,39 @@ end </example> </section> + <section id="tls.p.rand_engine"> + <title><varname>rand_engine</varname> (str)</title> + <para> + Set the ranondom number generator engine for libssl. + </para> + <para> + Note: the default random number generator (PRNG) engine of libssl v1.1.x + is not designed for multi-process applications and can result in a crash. + Therefore set the PRNG engine to one of the options listed in this + section. If libssl 1.1.x (or newer) is detected at compile time, then + the PRNG engine is set to "fastrand". + </para> + <para> + The following options are avaialble: + </para> + <itemizedlist> + <listitem><para>krand - use internal kam_rand() function</para></listitem> + <listitem><para>fastrand - use internal fastrand function</para></listitem> + </itemizedlist> + <para> + The default value is empty (not set) for libssl v1.0.x or older, and + "fastrand" for libssl v1.1.x or newer. + </para> + <example> + <title>Set <varname>rand_engine</varname> parameter</title> + <programlisting> +... +modparam("tls", "rand_engine", "fastrand") +... + </programlisting> + </example> + </section> + <section id="tls.p.engine"> <title><varname>engine</varname> (string)</title> <para>

5 years, 1 month

git:master:6d154fbb: tls: set random number engine to fastrand for libssl1.1+

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 6d154fbb2ff1d2941316281fad120b5db219deb1 URL: https://github.com/kamailio/kamailio/commit/6d154fbb2ff1d2941316281fad120b5… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2019-10-03T11:36:28+02:00 tls: set random number engine to fastrand for libssl1.1+ --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/6d154fbb2ff1d2941316281fad120b5… Patch: https://github.com/kamailio/kamailio/commit/6d154fbb2ff1d2941316281fad120b5… --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 87759249b2..75d8aa8fd2 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -561,6 +561,12 @@ int mod_register(char *path, int *dlflags, void *p1, void *p2) return -1; register_tls_hooks(&tls_h); + +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + LM_DBG("setting fastrand random engine\n"); + RAND_set_rand_method(RAND_ksr_fastrand_method()); +#endif + sr_kemi_modules_add(sr_kemi_tls_exports); return 0;

5 years, 1 month

git:master:4f514a79: tls: option to set use fastrand for rand_engine

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 4f514a7956534f1afc1ef30d8332f5dc3547de4b URL: https://github.com/kamailio/kamailio/commit/4f514a7956534f1afc1ef30d8332f5d… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2019-10-03T11:36:28+02:00 tls: option to set use fastrand for rand_engine --- Modified: src/modules/tls/tls_mod.c Modified: src/modules/tls/tls_rand.c Modified: src/modules/tls/tls_rand.h --- Diff: https://github.com/kamailio/kamailio/commit/4f514a7956534f1afc1ef30d8332f5d… Patch: https://github.com/kamailio/kamailio/commit/4f514a7956534f1afc1ef30d8332f5d… --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 52a45353d6..87759249b2 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -449,7 +449,10 @@ int ksr_rand_engine_param(modparam_t type, void* val) LM_DBG("random engine: %.*s\n", reng->len, reng->s); if(reng->len == 5 && strncasecmp(reng->s, "krand", 5) == 0) { LM_DBG("setting krand random engine\n"); - RAND_set_rand_method(RAND_ksr_method()); + RAND_set_rand_method(RAND_ksr_krand_method()); + } else if(reng->len == 8 && strncasecmp(reng->s, "fastrand", 8) == 0) { + LM_DBG("setting fastrand random engine\n"); + RAND_set_rand_method(RAND_ksr_fastrand_method()); } #endif return 0; diff --git a/src/modules/tls/tls_rand.c b/src/modules/tls/tls_rand.c index 7be0d335f7..3f78cb93e9 100644 --- a/src/modules/tls/tls_rand.c +++ b/src/modules/tls/tls_rand.c @@ -27,8 +27,9 @@ #include "../../core/dprint.h" #include "../../core/rand/kam_rand.h" +#include "../../core/rand/fastrand.h" -static int ksr_rand_bytes(unsigned char *outdata, int size) +static int ksr_krand_bytes(unsigned char *outdata, int size) { int r; @@ -51,28 +52,75 @@ static int ksr_rand_bytes(unsigned char *outdata, int size) return 1; } -static int ksr_rand_pseudorand(unsigned char *outdata, int size) +static int ksr_krand_pseudorand(unsigned char *outdata, int size) { - return ksr_rand_bytes(outdata, size); + return ksr_krand_bytes(outdata, size); } -static int ksr_rand_status(void) +static int ksr_krand_status(void) { return 1; } -const RAND_METHOD _ksr_rand_method = { +const RAND_METHOD _ksr_krand_method = { NULL, - ksr_rand_bytes, + ksr_krand_bytes, NULL, NULL, - ksr_rand_pseudorand, - ksr_rand_status + ksr_krand_pseudorand, + ksr_krand_status }; -const RAND_METHOD *RAND_ksr_method(void) +const RAND_METHOD *RAND_ksr_krand_method(void) { - return &_ksr_rand_method; + return &_ksr_krand_method; +} + +static int ksr_fastrand_bytes(unsigned char *outdata, int size) +{ + int r; + + if (size < 0) { + return 0; + } else if (size == 0) { + return 1; + } + + while(size >= sizeof(int)) { + r = kam_rand(); + memcpy(outdata, &r, sizeof(int)); + size -= sizeof(int); + outdata += sizeof(int); + } + if(size>0) { + r = kam_rand(); + memcpy(outdata, &r, size); + } + return 1; +} + +static int ksr_fastrand_pseudorand(unsigned char *outdata, int size) +{ + return ksr_fastrand_bytes(outdata, size); +} + +static int ksr_fastrand_status(void) +{ + return 1; +} + +const RAND_METHOD _ksr_fastrand_method = { + NULL, + ksr_fastrand_bytes, + NULL, + NULL, + ksr_fastrand_pseudorand, + ksr_fastrand_status +}; + +const RAND_METHOD *RAND_ksr_fastrand_method(void) +{ + return &_ksr_fastrand_method; } #endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */ diff --git a/src/modules/tls/tls_rand.h b/src/modules/tls/tls_rand.h index 20b5a20e9c..d1a3f0d37f 100644 --- a/src/modules/tls/tls_rand.h +++ b/src/modules/tls/tls_rand.h @@ -25,7 +25,8 @@ #include <openssl/rand.h> -const RAND_METHOD *RAND_ksr_method(void); +const RAND_METHOD *RAND_ksr_krand_method(void); +const RAND_METHOD *RAND_ksr_fastrand_method(void); #endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */ #endif

5 years, 1 month

Development is open for future release of v5.4.x series

by Daniel-Constantin Mierla

Hello, the branch 5.3 was created late last evening, therefore the master branch is open for adding new features, to be part of future release series v5.4.x. Any bug fix committed to master that applies to 5.3.x or older stable branches should be backported as usual with "git cherry-pick -x ..." to appropriate branches like 5.3 or 5.2. Expect that v5.3.0 will be released in a few weeks from now. Based on the workflow used during the past years, the next future release v5.4.0 should be out after another 8-10 months of development, plus 1-2 months of testing, so sometime in close to the end of spring 2020 or afterwards. Cheers, Daniel -- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio Advanced Training, Oct 21-23, 2019, Berlin, Germany -- https://asipto.com/u/kat

5 years, 1 month

← Newer
1
...
37
38
39
40
41
42
43
44
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

sr-dev October 2019