sr-dev April 2019

sr-dev@lists.kamailio.org

23 participants
317 discussions

git:master:f847fcd7: tls: fix shell syntax for preloaded .so usage

by Richard Fuchs

Module: kamailio Branch: master Commit: f847fcd720ccc62744c5cbea6c7db9f94b25a14a URL: https://github.com/kamailio/kamailio/commit/f847fcd720ccc62744c5cbea6c7db9f… Author: Richard Fuchs <rfuchs(a)sipwise.com> Committer: Richard Fuchs <rfuchs(a)sipwise.com> Date: 2019-04-15T07:26:40-04:00 tls: fix shell syntax for preloaded .so usage --- Modified: src/modules/tls/utils/openssl_mutex_shared/README.md --- Diff: https://github.com/kamailio/kamailio/commit/f847fcd720ccc62744c5cbea6c7db9f… Patch: https://github.com/kamailio/kamailio/commit/f847fcd720ccc62744c5cbea6c7db9f… --- diff --git a/src/modules/tls/utils/openssl_mutex_shared/README.md b/src/modules/tls/utils/openssl_mutex_shared/README.md index e446d66f72..26f5de84b4 100644 --- a/src/modules/tls/utils/openssl_mutex_shared/README.md +++ b/src/modules/tls/utils/openssl_mutex_shared/README.md @@ -47,7 +47,7 @@ Kamailio. Example, when Kamailio was installed from sources: ``` -LD_PRELOAD=/usr/local/lib64/kamailio/openssl_mutex_shared/openssl_mutex_shared.so; \ +LD_PRELOAD=/usr/local/lib64/kamailio/openssl_mutex_shared/openssl_mutex_shared.so \ /usr/local/sbin/kamailio -f /usr/local/etc/kamailio/kamailio.cfg ```

5 years, 7 months

[kamailio/kamailio] Preloaded library for openssl v1.1 process shared locking (#1927)

by Daniel-Constantin Mierla

#### Pre-Submission Checklist    - [x] Commit message has the format required by CONTRIBUTING guide - [x] Commits are split per component (core, individual modules, libs, utils, ...) - [x] Each component has a single commit (if not, squash them into one commit) - [x] No commits to README files for modules (changes must be done to docbook files in `doc/` subfolder, the README file is autogenerated) #### Type Of Change - [x] Small bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds new functionality) - [ ] Breaking change (fix or feature that would change existing functionality) #### Checklist:  - [x] PR should be backported to stable branches - [ ] Tested changes locally - [ ] Related to issue #XXXX (replace XXXX with an open issue number) #### Description  Preloaded library to make libssl 1.1 use pthread locks with process shared option. You can view, comment on, or merge this pull request online at: https://github.com/kamailio/kamailio/pull/1927 -- Commit Summary -- * tls: add preloaded library to force process-shared locks * tls: added a readme for openssl_mutex_shared * tls: docs - short note about libssl 1.1.x and openssl_mutex_shared -- File Changes -- M src/modules/tls/Makefile (2) M src/modules/tls/doc/tls.xml (5) A src/modules/tls/utils/openssl_mutex_shared/Makefile (26) A src/modules/tls/utils/openssl_mutex_shared/README.md (53) A src/modules/tls/utils/openssl_mutex_shared/openssl_mutex_shared.c (46) -- Patch Links -- https://github.com/kamailio/kamailio/pull/1927.patch https://github.com/kamailio/kamailio/pull/1927.diff -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/1927

5 years, 7 months

git:master:770c3972: modules: readme files regenerated - registrar ... [skip ci]

by Kamailio Dev

Module: kamailio Branch: master Commit: 770c39726dc36e4f278cd662e538c85015e5440c URL: https://github.com/kamailio/kamailio/commit/770c39726dc36e4f278cd662e538c85… Author: Kamailio Dev <kamailio.dev(a)kamailio.org> Committer: Kamailio Dev <kamailio.dev(a)kamailio.org> Date: 2019-04-15T11:31:48+02:00 modules: readme files regenerated - registrar ... [skip ci] --- Modified: src/modules/registrar/README --- Diff: https://github.com/kamailio/kamailio/commit/770c39726dc36e4f278cd662e538c85… Patch: https://github.com/kamailio/kamailio/commit/770c39726dc36e4f278cd662e538c85…

5 years, 7 months

git:master:01834fb2: registrar: docs for lookup_filter_mode parameter

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 01834fb2ddfb993a8680eabd42e0715309abf0ba URL: https://github.com/kamailio/kamailio/commit/01834fb2ddfb993a8680eabd42e0715… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2019-04-15T11:24:31+02:00 registrar: docs for lookup_filter_mode parameter --- Modified: src/modules/registrar/doc/registrar_admin.xml --- Diff: https://github.com/kamailio/kamailio/commit/01834fb2ddfb993a8680eabd42e0715… Patch: https://github.com/kamailio/kamailio/commit/01834fb2ddfb993a8680eabd42e0715… --- diff --git a/src/modules/registrar/doc/registrar_admin.xml b/src/modules/registrar/doc/registrar_admin.xml index a3c974203a..4ce4a6b995 100644 --- a/src/modules/registrar/doc/registrar_admin.xml +++ b/src/modules/registrar/doc/registrar_admin.xml @@ -999,6 +999,44 @@ end </programlisting> </example> </section> + <section id="registrar.p.lookup_filter_mode"> + <title><varname>lookup_filter_mode</varname> (int)</title> + <para> + Control what filters should be applied to lookup(...) operations. + It can be a combination (sum) of the next values: + </para> + <itemizedlist> + <listitem> + <para> + <emphasis>1</emphasis> - apply the branch flags filter - return + only contact records with branch flags matching at least one set + inside xavp specified by xavp_cfg parameter with inner name + rlf_bflags - e.g., $xavp(reg=>rlf_bflags). + </para> + </listitem> + </itemizedlist> + <para> + <emphasis> + Default value is NULL (disabled). + </emphasis> + </para> + <example> + <title>Set <varname>xavp_cfg</varname> parameter</title> + <programlisting format="linespecific"> +... +modparam("registrar", "xavp_cfg", "reg") +modparam("registrar", "lookup_filter_mode", 1) +... +request_route { + ... + $xavp(reg=>rlf_bflags) = 8; + if(lookup("location")) { ... } + ... +} +... + </programlisting> + </example> + </section> </section>

5 years, 7 months

git:master:97f7d248: registrar: new parameter lookup_filter_mode

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 97f7d248f7ce1456c1b86e07c0389d376d547520 URL: https://github.com/kamailio/kamailio/commit/97f7d248f7ce1456c1b86e07c0389d3… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2019-04-15T11:22:45+02:00 registrar: new parameter lookup_filter_mode - control what filters should be applied for lookup(...) operations - filter values are specified via filed of xavp_cfg - implemented filter for branch flags matching --- Modified: src/modules/registrar/lookup.c Modified: src/modules/registrar/registrar.c --- Diff: https://github.com/kamailio/kamailio/commit/97f7d248f7ce1456c1b86e07c0389d3… Patch: https://github.com/kamailio/kamailio/commit/97f7d248f7ce1456c1b86e07c0389d3… --- diff --git a/src/modules/registrar/lookup.c b/src/modules/registrar/lookup.c index f012d690ab..89a0b7f600 100644 --- a/src/modules/registrar/lookup.c +++ b/src/modules/registrar/lookup.c @@ -45,6 +45,54 @@ #include "lookup.h" #include "config.h" + +extern int reg_lookup_filter_mode; + +typedef struct reg_lookup_filter { + uint32_t factive; + uint32_t bflags; +} reg_lookup_filter_t; + +static reg_lookup_filter_t _reg_lookup_filter; + +static void reg_lookup_filter_init(void) +{ + str filter_bflags = str_init("rlf_bflags"); + sr_xavp_t *vavp = NULL; + + if(reg_lookup_filter_mode==0 || reg_xavp_cfg.s==NULL) { + return; + } + memset(&_reg_lookup_filter, 0, sizeof(reg_lookup_filter_t)); + + if((reg_lookup_filter_mode & 1) + && (vavp = xavp_get_child_with_ival(&reg_xavp_cfg, + &filter_bflags)) != NULL) { + if(vavp->val.v.i != 0) { + _reg_lookup_filter.bflags = (uint32_t)vavp->val.v.i; + _reg_lookup_filter.factive = 1; + } + } + return; +} + +static int reg_lookup_filter_match(ucontact_t* ptr) +{ + if(reg_lookup_filter_mode==0 || reg_xavp_cfg.s==NULL) { + return 1; + } + if(_reg_lookup_filter.factive==0) { + return 1; + } + if(_reg_lookup_filter.bflags!=0) { + if((_reg_lookup_filter.bflags & ptr->cflags)==0) { + return 0; + } + } + return 1; + +} + static int has_to_tag(struct sip_msg* msg) { if (parse_to_header(msg) < 0) return 0; @@ -223,6 +271,7 @@ int lookup_helper(struct sip_msg* _m, udomain_t* _d, str* _uri, int _mode) } get_act_time(); + reg_lookup_filter_init(); if(puri.gr.s==NULL || puri.gr_val.len>0) { @@ -251,10 +300,12 @@ int lookup_helper(struct sip_msg* _m, udomain_t* _d, str* _uri, int _mode) break; } } else { - /* no-gruu - found by address */ - LM_DBG("contact for [%.*s] found by address\n", - aor.len, ZSW(aor.s)); - break; + if(reg_lookup_filter_match(ptr)) { + /* no-gruu - found by address */ + LM_DBG("contact for [%.*s] found by address\n", + aor.len, ZSW(aor.s)); + break; + } } } else { LM_DBG("contact for [%.*s] cannot handle the SIP method\n", @@ -417,7 +468,8 @@ int lookup_helper(struct sip_msg* _m, udomain_t* _d, str* _uri, int _mode) if (!cfg_get(registrar, registrar_cfg, append_branches)) goto done; for( ; ptr ; ptr = ptr->next ) { - if (VALID_CONTACT(ptr, act_time) && allowed_method(_m, ptr)) { + if (VALID_CONTACT(ptr, act_time) && allowed_method(_m, ptr) + && reg_lookup_filter_match(ptr)) { path_dst.len = 0; if(ptr->path.s && ptr->path.len) { path_str = ptr->path; diff --git a/src/modules/registrar/registrar.c b/src/modules/registrar/registrar.c index 5ea2a5f99c..4a9d6f5332 100644 --- a/src/modules/registrar/registrar.c +++ b/src/modules/registrar/registrar.c @@ -135,6 +135,8 @@ str sock_hdr_name = {0,0}; int reg_expire_event_rt = -1; /* default disabled */ str reg_event_callback = STR_NULL; +int reg_lookup_filter_mode = 0; + sr_kemi_eng_t *keng = NULL; #define RCV_NAME "received" @@ -239,6 +241,7 @@ static param_export_t params[] = { {"flow_timer", INT_PARAM, &reg_flow_timer }, {"contact_max_size", INT_PARAM, &contact_max_size }, {"event_callback", PARAM_STR, &reg_event_callback }, + {"lookup_filter_mode", INT_PARAM, &reg_lookup_filter_mode }, {0, 0, 0} };

5 years, 7 months

git:master:96421ea0: registrar: detailed example for xavp_cfg parameter

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 96421ea051ff799943ae1c7b66251f97211aa125 URL: https://github.com/kamailio/kamailio/commit/96421ea051ff799943ae1c7b66251f9… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2019-04-15T11:09:26+02:00 registrar: detailed example for xavp_cfg parameter --- Modified: src/modules/registrar/doc/registrar_admin.xml --- Diff: https://github.com/kamailio/kamailio/commit/96421ea051ff799943ae1c7b66251f9… Patch: https://github.com/kamailio/kamailio/commit/96421ea051ff799943ae1c7b66251f9… --- diff --git a/src/modules/registrar/doc/registrar_admin.xml b/src/modules/registrar/doc/registrar_admin.xml index 7c4226ad3c..a3c974203a 100644 --- a/src/modules/registrar/doc/registrar_admin.xml +++ b/src/modules/registrar/doc/registrar_admin.xml @@ -730,6 +730,13 @@ modparam("registrar", "reg_callid_avp", "$avp(s:avp)") <programlisting format="linespecific"> ... modparam("registrar", "xavp_cfg", "reg") +... +request_route { + ... + $xavp(reg=>max_contacts) = 4; + save("location"); + ... +} ... </programlisting> </example>

5 years, 7 months

Re: [sr-dev] [SR-Users] Kamailio stop to process incoming SIP traffic via TCP.

by Richard Fuchs

Hi, (X-posted to sr-dev as this is getting into the nitty gritty) As a short-term workaround for this, I've been playing with the preloaded library approach to hijack the pthread mutex calls and force them to provide process-shared mutexes. AFAICT this seems to be working and only has the minuscule performance impact of using slower process-shared mutexes in all instances, even when they aren't required. The code for the preloaded library itself is very short and simple: https://gist.github.com/rfuchs/1bb7348b6acbe37e557d94c2f69a1498 As a more complete patch that integrates it into the build system (probably badly): https://gist.github.com/rfuchs/b240ffe87938a45e6f2a4cf53fe29f17 Finally it requires adding it to the startup script, for example in a systemd service file as: Environment='LD_PRELOAD=/usr/lib/x86_64-linux-gnu/kamailio/openssl_mutex_shared/openssl_mutex_shared.so' (that's with a hard coded path which isn't optimal of course). I don't consider this a proper fix, but only a hacky workaround, but it might be a solution for the very near future. Throwing it out there in case other people have been working on similar approaches, and/or maybe have some comments about this. Cheers On 01/04/2019 04.52, Daniel-Constantin Mierla wrote: > Hello, > > an update on this issue -- I spent a bit of time looking at > libssl/libcrypto library and the problem can be the type of mutexes they > use now internally starting with v1.1, respectively the pthread mutex. > They are not process shared and kamailio is a multi-process application, > working with the same tls connection from multiple processes. > > Today I wrote to openssl mailing list, waiting now to see if I get any > hints from there. > > Cheers, > Daniel > > On 01.04.19 10:33, Kristijan Vrban wrote: >> Hi Andrew, >> >> yes, with openssl 1.0.2 Kamailio is now up and running since five >> days. Looks good so far. >> >> Kristijan >> >> Am Do., 28. März 2019 um 11:09 Uhr schrieb Andrew Pogrebennyk >> <apogrebennyk(a)sipwise.com>: >>> On 3/26/19 3:52 PM, Kristijan Vrban wrote: >>>>> Just curious, did you get to compile with OpenSSL 1.0 and test? >>>> Just compiled with OpenSSL 1.0 . Gone test now. >>> Kristijan, >>> any new occurrences since you have recompiled kamailio with openssl 1.0? >>> >>> Regards, >>> Andrew >> _______________________________________________ >> Kamailio (SER) - Users Mailing List >> sr-users(a)lists.kamailio.org >> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

5 years, 7 months

git:master:387533b0: tls: openssl_mutex_shared - note about ability to be used independent of Kamailio

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 387533b04f7bf6d8b1e4e90d38f462639ba03ee2 URL: https://github.com/kamailio/kamailio/commit/387533b04f7bf6d8b1e4e90d38f4626… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2019-04-15T08:52:24+02:00 tls: openssl_mutex_shared - note about ability to be used independent of Kamailio --- Modified: src/modules/tls/utils/openssl_mutex_shared/README.md --- Diff: https://github.com/kamailio/kamailio/commit/387533b04f7bf6d8b1e4e90d38f4626… Patch: https://github.com/kamailio/kamailio/commit/387533b04f7bf6d8b1e4e90d38f4626… --- diff --git a/src/modules/tls/utils/openssl_mutex_shared/README.md b/src/modules/tls/utils/openssl_mutex_shared/README.md index 9f2e9c57e3..e446d66f72 100644 --- a/src/modules/tls/utils/openssl_mutex_shared/README.md +++ b/src/modules/tls/utils/openssl_mutex_shared/README.md @@ -34,6 +34,11 @@ For Debian packing, the location is like: /usr/lib/x86_64-linux-gnu/kamailio/openssl_mutex_shared/openssl_mutex_shared.so ``` +Note: there is no dependency on Kamailio source code, this shared object can +be compiled and used ouside of Kamailio source tree. It uses only Kamailio's +Makefile system to install in the same directory like the other shared objects +installed by Kamailio. + ## Usage ## Use LD_PRELOAD to tell the linker to preload this shared object before starting

5 years, 7 months

git:master:84002ae9: modules: readme files regenerated - tls ... [skip ci]

by Kamailio Dev

Module: kamailio Branch: master Commit: 84002ae99524bdb2aba4c724a86074f88bea1ffe URL: https://github.com/kamailio/kamailio/commit/84002ae99524bdb2aba4c724a86074f… Author: Kamailio Dev <kamailio.dev(a)kamailio.org> Committer: Kamailio Dev <kamailio.dev(a)kamailio.org> Date: 2019-04-15T08:46:56+02:00 modules: readme files regenerated - tls ... [skip ci] --- Modified: src/modules/tls/README --- Diff: https://github.com/kamailio/kamailio/commit/84002ae99524bdb2aba4c724a86074f… Patch: https://github.com/kamailio/kamailio/commit/84002ae99524bdb2aba4c724a86074f… --- diff --git a/src/modules/tls/README b/src/modules/tls/README index a94c179dac..4b724210cb 100644 --- a/src/modules/tls/README +++ b/src/modules/tls/README @@ -273,6 +273,10 @@ request_route { options, run kamailio -V and look for USE_TLS and TLS_HOOKS among the flags. + For OpenSSL (libssl) v1.1.x, it is required to preload + 'openssl_mutex_shared' library shipped by Kamailio. For more details + see 'src/modules/tls/openssl_mutex_shared/README.md'. + This module includes several workarounds for various Openssl bugs (like compression and Kerberos using the wrong memory allocations functions, low memory problems a.s.o). On startup it will try to enable the needed

5 years, 7 months

git:master:ef09ff97: Merge pull request #1927 from kamailio/rfuchs/openssl-locking-fix

by GitHub

Module: kamailio Branch: master Commit: ef09ff976bb06185d9b50abe0f1564d8fc3e1a7c URL: https://github.com/kamailio/kamailio/commit/ef09ff976bb06185d9b50abe0f1564d… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: GitHub <noreply(a)github.com> Date: 2019-04-15T08:38:33+02:00 Merge pull request #1927 from kamailio/rfuchs/openssl-locking-fix Preloaded library for openssl v1.1 process shared locking --- Added: src/modules/tls/utils/openssl_mutex_shared/Makefile Added: src/modules/tls/utils/openssl_mutex_shared/README.md Added: src/modules/tls/utils/openssl_mutex_shared/openssl_mutex_shared.c Modified: src/modules/tls/Makefile Modified: src/modules/tls/doc/tls.xml --- Diff: https://github.com/kamailio/kamailio/commit/ef09ff976bb06185d9b50abe0f1564d… Patch: https://github.com/kamailio/kamailio/commit/ef09ff976bb06185d9b50abe0f1564d…

5 years, 7 months

← Newer
1
...
14
15
16
17
18
19
20
...
32
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

sr-dev April 2019