sr-dev September 2022

sr-dev@lists.kamailio.org

16 participants
275 discussions

[kamailio/kamailio] Stirshaken module not handling certificate chain caching (Issue #3246)

by Sylvain Fontaine

### Description The stirshaken module has an option to cache certificates instead of downloading it using http for each calls. The problem is that the module doesn't save the certificate chain in the cached file. from here: https://github.com/kamailio/kamailio/blob/f7b35f05f31bd7cc01aea4572c79ba48d… We see that only `cert->x` is saved to the file. It needs to save `cert->chainx` as well. Similarly, the load function should load both the x509 and associated x509 chain. ### Troubleshooting #### Reproduction To reproduce, we need to configure the stirshaken module to do cerrtificate caching: ``` modparam("stirshaken", "vs_verify_x509_cert_path", 1) modparam("stirshaken", "vs_ca_dir", "/path/to/ca") modparam("stirshaken", "vs_cache_certificates", 1) modparam("stirshaken", "vs_cache_dir", "/path/to/cert_cache") modparam("stirshaken", "vs_cache_expire_s", 100) ``` Then send 2 calls featuring an identity header signed by a private key associated to a public certificate that includes a chain such as https://pstn-cdn.live.gtc.goto.com/certs/stirshaken/goto-2022-09 Verification for the fist call should work, but verification of x509 cert path will fail on second call #### SIP Traffic Example sip INVITE that should help reproduce the problem. ``` INVITE sip:+13855551212@216.82.227.102:5060 SIP/2.0 Max-Forwards: 61 f: <sip:+13852194167@reg.mydomain.net>;tag=as04e1a3e0 t: <sip:+13851212@somedomain.net> m: <sip:+13852194167@reg.mydomain.net:5060> i: 59ede93214794e1033b27ed249a90f15(a)reg.mydomain.net CSeq: 102 INVITE Date: Mon, 19 Sep 2022 15:04:01 GMT l: 0 Identity: eyJhbGciOiJFUzI1NiIsInBwdCI6InNoYWtlbiIsInR5cCI6InBhc3Nwb3J0IiwieDV1IjoiaHR0cHM6Ly9wc3RuLWNkbi5saXZlLmd0Yy5nb3RvLmNvbS9jZXJ0cy9zdGlyc2hha2VuL2dvdG8tMjAyMi0wOSJ9.eyJhdHRlc3QiOiJBIiwiZGVzdCI6eyJ0biI6WyIxNTE0ODM4MjY0NyJdfSwiaWF0IjoxNjYzNTk5ODQxLCJvcmlnIjp7InRuIjoiMTM4NTIxOTQxNjcifSwib3JpZ2lkIjoiNTllZGU5MzIxNDc5NGUxMDMzYjI3ZWQyNDlhOTBmMTVAcmVnLmppdmVpcC5uZXQifQ.wX5H0FhPt99MPWbdk_xgZXOWCHPGRcS_RiGTBBE5mG_r6By6StdnsBWiipdU9xyLuG3nSPKKFybhdO1S8OIeSQ;info=<https://pstn-cdn.live.gtc.goto.com/certs/stirshaken/goto-2022-09>;alg=ES256;ppt=shaken ``` ### Possible Solutions The module should save/load `cert->chainx` as well. Maybe a new set of function in libstirshaken should be added to save/load a certificate (vs saving/loading x509) -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3246 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/issues/3246(a)github.com>

1 year, 10 months

[kamailio/kamailio] stirshaken: Properly handle intermediary/chain certificates when caching certificates (PR #3175)

by mrtrev

#### Pre-Submission Checklist    - [ ] Commit message has the format required by CONTRIBUTING guide - [ ] Commits are split per component (core, individual modules, libs, utils, ...) - [ ] Each component has a single commit (if not, squash them into one commit) - [ ] No commits to README files for modules (changes must be done to docbook files in `doc/` subfolder, the README file is autogenerated) #### Type Of Change - [ ] Small bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds new functionality) - [ ] Breaking change (fix or feature that would change existing functionality) #### Checklist:  - [ ] PR should be backported to stable branches - [ ] Tested changes locally - [ ] Related to issue #XXXX (replace XXXX with an open issue number) #### Description  When the stirshaken module is in use and configured to cache certifications, validation will succeed on the very first attempt but will then fail every time the certificate is loaded from cache. The reason is because this module only saves the certificate and discards the any supplied chain certificates. This patch causes the module to save all supplied certificates and properly loads them upon retrieval. For the loading to work a patch is required in libstirshaken. A PR has already been submitted and is linked below. Without that patch the problem will persist but no other harm is done. This is a safe change to make that does not break existing behaviour. - save all certificates provided by signor to the disk cache - properly load all certificates when loading from cache - requires patch to libstirshaken (PR 123); this patch causes no harm (but no benefit) without it - resolve unrelated compiler warnings on 32bit systems https://github.com/signalwire/libstirshaken/pull/123 You can view, comment on, or merge this pull request online at: https://github.com/kamailio/kamailio/pull/3175 -- Commit Summary -- * stirshaken: Properly handle intermediary/chain certificates when caching certificates * stirshaken: close file in write failure cases -- File Changes -- M src/modules/stirshaken/stirshaken_mod.c (106) -- Patch Links -- https://github.com/kamailio/kamailio/pull/3175.patch https://github.com/kamailio/kamailio/pull/3175.diff -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/3175 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/pull/3175(a)github.com>

1 year, 10 months

[kamailio/kamailio] Kamailio 5.4.7 crash (Issue #3052)

by Igor Olhovskiy

### Description Kamailio running with mix of TLS/WebSocket/UDP transports. ### Troubleshooting #### Reproduction Really random issues, can't really catch it #### Debugging Data ``` [root@pbxphone-0866-fe-1 kamailio_crash]# gdb kamailio core.kamailio.222460.pbxphone-0866-fe-1.company.domain.1646903834 GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-120.el7 Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /root/kamailio_crash/kamailio...done. warning: exec file is newer than core file. [New LWP 222460] [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". Core was generated by `/usr/local/sbin/kamailio -P /run/kamailio/kamailio.pid -f /usr/local/etc/kamail'. Program terminated with signal 11, Segmentation fault. #0 0x00007f04af578716 in tls_complete_init (c=0x7f042fe11c98) at tls_server.c:236 236 data->ssl = SSL_new(dom->ctx[process_no]); Missing separate debuginfos, use: debuginfo-install audit-libs-2.8.5-4.el7.x86_64 bzip2-libs-1.0.6-13.el7.x86_64 elfutils-libelf-0.176-5.el7.x86_64 glibc-2.17-325.el7_9.x86_64 keyutils-libs-1.5.8-3.el7.x86_64 krb5-libs-1.15.1-51.el7_9.x86_64 libacl-2.2.51-15.el7.x86_64 libattr-2.4.46-13.el7.x86_64 libcap-2.22-11.el7.x86_64 libcap-ng-0.7.5-4.el7.x86_64 libcom_err-1.42.9-19.el7.x86_64 libdb-5.3.21-25.el7.x86_64 libffi-3.0.13-19.el7.x86_64 libgcc-4.8.5-44.el7.x86_64 libselinux-2.5-15.el7.x86_64 libstdc++-4.8.5-44.el7.x86_64 libunistring-0.9.3-9.el7.x86_64 libuuid-2.23.2-65.el7_9.1.x86_64 libxml2-2.9.1-6.el7_9.6.x86_64 lm_sensors-libs-3.4.0-8.20160601gitf9185e5.el7.x86_64 lua-5.1.4-15.el7.x86_64 net-snmp-agent-libs-5.7.2-49.el7_9.1.x86_64 net-snmp-libs-5.7.2-49.el7_9.1.x86_64 nspr-4.32.0-1.el7_9.x86_64 nss-3.67.0-4.el7_9.x86_64 nss-softokn-freebl-3.67.0-3.el7_9.x86_64 nss-util-3.67.0-1.el7_9.x86_64 openssl-libs-1.0.2k-24.el7_9.x86_64 pcre-8.32-17.el7.x86_64 perl-libs-5.16.3-299.el7_9.x86_64 popt-1.13-16.el7.x86_64 python-libs-2.7.5-90.el7.x86_64 rpm-libs-4.11.3-48.el7_9.x86_64 tcp_wrappers-libs-7.6-77.el7.x86_64 xz-libs-5.2.2-1.el7.x86_64 zlib-1.2.7-19.el7_9.x86_64 (gdb) bt full #0 0x00007f04af578716 in tls_complete_init (c=0x7f042fe11c98) at tls_server.c:236 dom = 0x7f042fbcccf8 data = 0x7f042f96dec0 cfg = 0x7f042f96dec0 state = S_TLS_CONNECTING sname = 0x0 srvid = 0x0 __FUNCTION__ = "tls_complete_init" #1 0x00007f04af578d07 in tls_fix_connection_unsafe (c=0x7f042fe11c98) at tls_server.c:297 __FUNCTION__ = "tls_fix_connection_unsafe" #2 0x00007f04af580784 in tls_h_encode_f (c=0x7f042fe11c98, pbuf=0x7ffd8be909e0, plen=0x7ffd8be909d8, rest_buf=0x7ffd8be909e8, rest_len=0x7ffd8be909dc, send_flags=0x7ffd8be909c0) at tls_server.c:772 n = 0 offs = 0 ssl = 0x1 tls_c = 0x7f042fe11ca0 wr_buf = "\026\003\001\002\000\001\000\001\374\003\003\276,'P^\252j\027\021S\351\252\021\342(~\347\216\351\332Hh!\vb\024\361\324+\003\177\a\000\000\254\300\060\300,\300(\300$\300\024\300\n\000\245\000\243\000\241\000\237\000k\000j\000i\000h\000\071\000\070\000\067\000\066\000\210\000\207\000\206\000\205\300\062\300.\300*\300&\300\017\300\005\000\235\000=\000\065\000\204\300/\300+\300'\300#\300\023\300\t\000\244\000\242\000\240\000\236\000g\000@\000?\000>\000\063\000\062\000\061\000\060\000\232\000\231\000\230\000\227\000E\000D\000C\000B\300\061\300-\300)\300%\300\016\300\004\000\234\000<\000/\000\226\000A\300\022\300\b\000\026\000\023\000\020\000\r\300\r\300\003"... rd = {buf = 0x18 <Address 0x18 out of bounds>, pos = 22930096, used = 1771061403, size = -1947662592} wr = {buf = 0x4b6e74a40 <Address 0x4b6e74a40 out of bounds>, pos = -1226359400, used = 32516, size = -1562640382} ssl_error = 0 err_src = 0x7f04af5afc09 "TLS write:" ip_buf = "\000\000\000\000\000\000\000\000\230\034\341/\004\177\000\000\000\000\000\000\000\000\000\000\370@\347\266\001\000\000\000\340\b\351\213\375\177\000\000f\211Q\000\000\000\000\000\000\000\000\000\001\000\000\000\060\000\000\000\060\000\000" buf = 0x7ffd8be90fd0 "OPTIONS sip:73054@82.66.66.105:46050;transport=tls SIP/2.0\r\nVia: SIP/2.0/TLS tone.company.domain:5061;branch=z9hG4bKx.2854.1.0\r\nFrom: <sip:pbxphone@tone.company.domain>;tag=uloc-6228658a-43655-2c-31dd201c-6229c21a"... len = 308 x = 4 __FUNCTION__ = "tls_h_encode_f" #3 0x000000000051e729 in tcp_send (dst=0x7ffd8be90d60, from=0x0, buf=0x7ffd8be90fd0 "OPTIONS sip:73054@82.66.66.105:46050;transport=tls SIP/2.0\r\nVia: SIP/2.0/TLS tone.company.domain:5061;branch=z9hG4bKx.2854.1.0\r\nFrom: <sip:pbxphone@tone.company.domain>;tag=uloc-6228658a-43655-2c-31dd201c-6229c21a"..., len=308) at core/tcp_main.c:2093 c = 0x7f042fe11c98 ip = {af = 2, len = 4, u = {addrl = {1765950034, 4294967295}, addr32 = {1765950034, 0, 4294967295, 0}, addr16 = {16978, 26946, 0, 0, 65535, 65535, 0, 0}, addr = "RBBi\000\000\000\000\377\377\377\377\000\000\000"}} port = 46050 fd = 22 response = {139655966192064, 0} n = 0 con_lifetime = 9600 try_local_port = 5061 rest_buf = 0x0 t_buf = 0x7ffd8be90fd0 "OPTIONS sip:73054@82.66.66.105:46050;transport=tls SIP/2.0\r\nVia: SIP/2.0/TLS tone.company.domain:5061;branch=z9hG4bKx.2854.1.0\r\nFrom: <sip:pbxphone@tone.company.domain>;tag=uloc-6228658a-43655-2c-31dd201c-6229c21a"... rest_len = 0 t_len = 308 resp = 140726950756352 t_send_flags = {f = 0, blst_imask = 0} __FUNCTION__ = "tcp_send" #4 0x00007f04b2aa0ceb in ul_ka_send (kamsg=0x7ffd8be90fc0, kadst=0x7ffd8be90d60) at ul_keepalive.c:271 __FUNCTION__ = "ul_ka_send" #5 0x00007f04b2aa0b58 in ul_ka_urecord (ur=0x7f042fca3340) at ul_keepalive.c:239 ---Type <return> to continue, or q <return> to quit--- uc = 0x7f042fca3458 kabuf = "OPTIONS sip:73054@82.66.66.105:46050;transport=tls SIP/2.0\r\nVia: SIP/2.0/TLS tone.company.domain:5061;branch=z9hG4bKx.2854.1.0\r\nFrom: <sip:pbxphone@tone.company.domain>;tag=uloc-6228658a-43655-2c-31dd201c-6229c21a"... kabuf_len = 308 kamsg = { s = 0x7ffd8be90fd0 "OPTIONS sip:73054@82.66.66.105:46050;transport=tls SIP/2.0\r\nVia: SIP/2.0/TLS tone.company.domain:5061;branch=z9hG4bKx.2854.1.0\r\nFrom: <sip:pbxphone@tone.company.domain>;tag=uloc-6228658a-43655-2c-31dd201c-6229c21a"..., len = 308} vaddr = {s = 0x7f04b6e74008 "tone.company.domain", len = 12} vport = {s = 0x7f04b6e740f8 "5061", len = 4} sdst = {s = 0x7f042fca3770 "sip:82.66.66.105:46050;transport=tls", len = 36} sproto = {s = 0x81bb4b "TLS", len = 3} duri = {user = {s = 0x0, len = 0}, passwd = {s = 0x0, len = 0}, host = {s = 0x7f042fca3774 "82.66.66.105:46050;transport=tls", len = 12}, port = {s = 0x7f042fca3781 "46050;transport=tls", len = 5}, params = {s = 0x7f042fca3787 "transport=tls", len = 13}, sip_params = {s = 0x7f042fca3787 "transport=tls", len = 13}, headers = {s = 0x0, len = 0}, port_no = 46050, proto = 3, type = SIP_URI_T, flags = (unknown: 0), transport = {s = 0x7f042fca3787 "transport=tls", len = 13}, ttl = {s = 0x0, len = 0}, user_param = {s = 0x0, len = 0}, maddr = {s = 0x0, len = 0}, method = {s = 0x0, len = 0}, lr = {s = 0x0, len = 0}, r2 = {s = 0x0, len = 0}, gr = {s = 0x0, len = 0}, transport_val = {s = 0x7f042fca3791 "tls", len = 3}, ttl_val = {s = 0x0, len = 0}, user_param_val = {s = 0x0, len = 0}, maddr_val = {s = 0x0, len = 0}, method_val = {s = 0x0, len = 0}, lr_val = {s = 0x0, len = 0}, r2_val = {s = 0x0, len = 0}, gr_val = {s = 0x0, len = 0}} dproto = 3 '\003' he = 0xb88fa0 <he.5288> ssock = 0x7f04b6e73d98 idst = {send_sock = 0x7f04b6e73d98, to = {s = {sa_family = 2, sa_data = "\263\342RBBi\000\000\000\000\000\000\000"}, sin = {sin_family = 2, sin_port = 58035, sin_addr = {s_addr = 1765950034}, sin_zero = "\000\000\000\000\000\000\000"}, sin6 = {sin6_family = 2, sin6_port = 58035, sin6_flowinfo = 1765950034, sin6_addr = {__in6_u = {__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = { 0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}, sas = {ss_family = 2, __ss_padding = "\263\342RBBi", '\000' <repeats 111 times>, __ss_align = 0}}, id = 0, send_flags = {f = 0, blst_imask = 0}, proto = 3 '\003', proto_pad0 = 0 '\000', proto_pad1 = 0} bcnt = 1 aortype = 0 i = 5 tv = {tv_sec = 1646903834, tv_usec = 680904} tnow = 1646903834 __FUNCTION__ = "ul_ka_urecord" #6 0x00007f04b2a6bb99 in mem_timer_udomain (_d=0x7f042f9c5388, istart=0, istep=1) at udomain.c:1234 ptr = 0x7f042fca3340 t = 0x7f0429d60470 <str_record_route_col> i = 28 #7 0x00007f04b2a9dd0e in synchronize_all_udomains (istart=0, istep=1) at dlist.c:966 res = 0 ptr = 0x7f042f9c5288 #8 0x00007f04b2a7b019 in ul_core_timer (ticks=1791845, param=0x0) at usrloc_mod.c:527 __FUNCTION__ = "ul_core_timer" #9 0x00000000004f1e69 in compat_old_handler (ti=28669522, tl=0x7f042f82e060, data=0x7f042f82e060) at core/timer.c:980 t = 0x7f042f82e060 #10 0x00000000004f29a5 in slow_timer_main () at core/timer.c:1105 n = 12 ret = 4294967295 tl = 0x7f042f82e060 i = 308 __FUNCTION__ = "slow_timer_main" #11 0x000000000042a707 in main_loop () at main.c:1765 i = 4 pid = 0 si = 0x0 si_desc = "udp receiver child=3 sock=128.141.18.117:5060 (tone.company.domain:5060)\000\000\000\000\000\000\000\000\200S/\004\177\000\000\000\000\000\000\000\000\000\000\220Q\234/\004\177\000\000\200\034\351\213\375\177\000\000\000R\234/\004\177\000\000B\227Z\257\004\177\000\000\300\023\006\267\004\177\000" nrprocs = 4 ---Type <return> to continue, or q <return> to quit--- woneinit = 1 __FUNCTION__ = "main_loop" #12 0x000000000043423e in main (argc=9, argv=0x7ffd8be921f8) at main.c:2942 cfg_stream = 0xf6a040 c = -1 r = 0 tmp = 0x7ffd8be935cc "" tmp_len = 1472 port = 960 proto = 32516 ahost = 0x0 aport = 0 options = 0x7d7ef8 ":f:cm:M:dVIhEeb:l:L:n:vKrRDTN:W:w:t:u:g:P:G:SQ:O:a:A:x:X:Y:" ret = -1 seed = 1413124693 rfd = 4 debug_save = 0 debug_flag = 0 dont_fork_cnt = 0 n_lst = 0x7ffd8be920b0 p = 0xf0b5ff <Address 0xf0b5ff out of bounds> st = {st_dev = 20, st_ino = 16553497, st_nlink = 2, st_mode = 16832, st_uid = 0, st_gid = 0, __pad0 = 0, st_rdev = 0, st_size = 40, st_blksize = 4096, st_blocks = 0, st_atim = {tv_sec = 1646819986, tv_nsec = 228520360}, st_mtim = {tv_sec = 1646903531, tv_nsec = 836398702}, st_ctim = {tv_sec = 1646903531, tv_nsec = 836398702}, __unused = {0, 0, 0}} tbuf = '\000' <repeats 392 times>... option_index = 0 long_options = {{name = 0x7da22f "help", has_arg = 0, flag = 0x0, val = 104}, {name = 0x7d56d4 "version", has_arg = 0, flag = 0x0, val = 118}, {name = 0x7da234 "alias", has_arg = 1, flag = 0x0, val = 1024}, {name = 0x7da23a "subst", has_arg = 1, flag = 0x0, val = 1025}, {name = 0x7da240 "substdef", has_arg = 1, flag = 0x0, val = 1026}, {name = 0x7da249 "substdefs", has_arg = 1, flag = 0x0, val = 1027}, {name = 0x7da253 "server-id", has_arg = 1, flag = 0x0, val = 1028}, {name = 0x7da25d "loadmodule", has_arg = 1, flag = 0x0, val = 1029}, {name = 0x7da268 "modparam", has_arg = 1, flag = 0x0, val = 1030}, {name = 0x7da271 "log-engine", has_arg = 1, flag = 0x0, val = 1031}, {name = 0x7da27c "debug", has_arg = 1, flag = 0x0, val = 1032}, { name = 0x7da282 "atexit", has_arg = 1, flag = 0x0, val = 1034}, {name = 0x0, has_arg = 0, flag = 0x0, val = 0}} __FUNCTION__ = "main" (gdb) (gdb) info locals cfg_stream = 0xf6a040 c = -1 r = 0 tmp = 0x7ffd8be935cc "" tmp_len = 1472 port = 960 proto = 32516 ahost = 0x0 aport = 0 options = 0x7d7ef8 ":f:cm:M:dVIhEeb:l:L:n:vKrRDTN:W:w:t:u:g:P:G:SQ:O:a:A:x:X:Y:" ret = -1 seed = 1413124693 rfd = 4 debug_save = 0 debug_flag = 0 dont_fork_cnt = 0 n_lst = 0x7ffd8be920b0 p = 0xf0b5ff <Address 0xf0b5ff out of bounds> st = {st_dev = 20, st_ino = 16553497, st_nlink = 2, st_mode = 16832, st_uid = 0, st_gid = 0, __pad0 = 0, st_rdev = 0, st_size = 40, st_blksize = 4096, st_blocks = 0, st_atim = {tv_sec = 1646819986, tv_nsec = 228520360}, st_mtim = {tv_sec = 1646903531, tv_nsec = 836398702}, st_ctim = {tv_sec = 1646903531, tv_nsec = 836398702}, __unused = {0, 0, 0}} tbuf = '\000' <repeats 392 times>... option_index = 0 long_options = {{name = 0x7da22f "help", has_arg = 0, flag = 0x0, val = 104}, {name = 0x7d56d4 "version", has_arg = 0, flag = 0x0, val = 118}, {name = 0x7da234 "alias", has_arg = 1, flag = 0x0, val = 1024}, { name = 0x7da23a "subst", has_arg = 1, flag = 0x0, val = 1025}, {name = 0x7da240 "substdef", has_arg = 1, flag = 0x0, val = 1026}, {name = 0x7da249 "substdefs", has_arg = 1, flag = 0x0, val = 1027}, { name = 0x7da253 "server-id", has_arg = 1, flag = 0x0, val = 1028}, {name = 0x7da25d "loadmodule", has_arg = 1, flag = 0x0, val = 1029}, {name = 0x7da268 "modparam", has_arg = 1, flag = 0x0, val = 1030}, { name = 0x7da271 "log-engine", has_arg = 1, flag = 0x0, val = 1031}, {name = 0x7da27c "debug", has_arg = 1, flag = 0x0, val = 1032}, {name = 0x7da282 "atexit", has_arg = 1, flag = 0x0, val = 1034}, { name = 0x0, has_arg = 0, flag = 0x0, val = 0}} __FUNCTION__ = "main" (gdb) cfg_stream = 0xf6a040 c = -1 r = 0 tmp = 0x7ffd8be935cc "" tmp_len = 1472 port = 960 proto = 32516 ahost = 0x0 aport = 0 options = 0x7d7ef8 ":f:cm:M:dVIhEeb:l:L:n:vKrRDTN:W:w:t:u:g:P:G:SQ:O:a:A:x:X:Y:" ret = -1 seed = 1413124693 rfd = 4 debug_save = 0 debug_flag = 0 dont_fork_cnt = 0 n_lst = 0x7ffd8be920b0 p = 0xf0b5ff <Address 0xf0b5ff out of bounds> st = {st_dev = 20, st_ino = 16553497, st_nlink = 2, st_mode = 16832, st_uid = 0, st_gid = 0, __pad0 = 0, st_rdev = 0, st_size = 40, st_blksize = 4096, st_blocks = 0, st_atim = {tv_sec = 1646819986, tv_nsec = 228520360}, st_mtim = {tv_sec = 1646903531, tv_nsec = 836398702}, st_ctim = {tv_sec = 1646903531, tv_nsec = 836398702}, __unused = {0, 0, 0}} tbuf = '\000' <repeats 392 times>... option_index = 0 long_options = {{name = 0x7da22f "help", has_arg = 0, flag = 0x0, val = 104}, {name = 0x7d56d4 "version", has_arg = 0, flag = 0x0, val = 118}, {name = 0x7da234 "alias", has_arg = 1, flag = 0x0, val = 1024}, { name = 0x7da23a "subst", has_arg = 1, flag = 0x0, val = 1025}, {name = 0x7da240 "substdef", has_arg = 1, flag = 0x0, val = 1026}, {name = 0x7da249 "substdefs", has_arg = 1, flag = 0x0, val = 1027}, { name = 0x7da253 "server-id", has_arg = 1, flag = 0x0, val = 1028}, {name = 0x7da25d "loadmodule", has_arg = 1, flag = 0x0, val = 1029}, {name = 0x7da268 "modparam", has_arg = 1, flag = 0x0, val = 1030}, { name = 0x7da271 "log-engine", has_arg = 1, flag = 0x0, val = 1031}, {name = 0x7da27c "debug", has_arg = 1, flag = 0x0, val = 1032}, {name = 0x7da282 "atexit", has_arg = 1, flag = 0x0, val = 1034}, { name = 0x0, has_arg = 0, flag = 0x0, val = 0}} __FUNCTION__ = "main" (gdb) cfg_stream = 0xf6a040 c = -1 r = 0 tmp = 0x7ffd8be935cc "" tmp_len = 1472 port = 960 proto = 32516 ahost = 0x0 aport = 0 options = 0x7d7ef8 ":f:cm:M:dVIhEeb:l:L:n:vKrRDTN:W:w:t:u:g:P:G:SQ:O:a:A:x:X:Y:" ret = -1 seed = 1413124693 rfd = 4 debug_save = 0 debug_flag = 0 dont_fork_cnt = 0 n_lst = 0x7ffd8be920b0 p = 0xf0b5ff <Address 0xf0b5ff out of bounds> st = {st_dev = 20, st_ino = 16553497, st_nlink = 2, st_mode = 16832, st_uid = 0, st_gid = 0, __pad0 = 0, st_rdev = 0, st_size = 40, st_blksize = 4096, st_blocks = 0, st_atim = {tv_sec = 1646819986, tv_nsec = 228520360}, st_mtim = {tv_sec = 1646903531, tv_nsec = 836398702}, st_ctim = {tv_sec = 1646903531, tv_nsec = 836398702}, __unused = {0, 0, 0}} tbuf = '\000' <repeats 392 times>... option_index = 0 long_options = {{name = 0x7da22f "help", has_arg = 0, flag = 0x0, val = 104}, {name = 0x7d56d4 "version", has_arg = 0, flag = 0x0, val = 118}, {name = 0x7da234 "alias", has_arg = 1, flag = 0x0, val = 1024}, { name = 0x7da23a "subst", has_arg = 1, flag = 0x0, val = 1025}, {name = 0x7da240 "substdef", has_arg = 1, flag = 0x0, val = 1026}, {name = 0x7da249 "substdefs", has_arg = 1, flag = 0x0, val = 1027}, { name = 0x7da253 "server-id", has_arg = 1, flag = 0x0, val = 1028}, {name = 0x7da25d "loadmodule", has_arg = 1, flag = 0x0, val = 1029}, {name = 0x7da268 "modparam", has_arg = 1, flag = 0x0, val = 1030}, { name = 0x7da271 "log-engine", has_arg = 1, flag = 0x0, val = 1031}, {name = 0x7da27c "debug", has_arg = 1, flag = 0x0, val = 1032}, {name = 0x7da282 "atexit", has_arg = 1, flag = 0x0, val = 1034}, { name = 0x0, has_arg = 0, flag = 0x0, val = 0}} __FUNCTION__ = "main" (gdb) cfg_stream = 0xf6a040 c = -1 r = 0 tmp = 0x7ffd8be935cc "" tmp_len = 1472 port = 960 proto = 32516 ahost = 0x0 aport = 0 options = 0x7d7ef8 ":f:cm:M:dVIhEeb:l:L:n:vKrRDTN:W:w:t:u:g:P:G:SQ:O:a:A:x:X:Y:" ret = -1 seed = 1413124693 rfd = 4 debug_save = 0 debug_flag = 0 dont_fork_cnt = 0 n_lst = 0x7ffd8be920b0 p = 0xf0b5ff <Address 0xf0b5ff out of bounds> st = {st_dev = 20, st_ino = 16553497, st_nlink = 2, st_mode = 16832, st_uid = 0, st_gid = 0, __pad0 = 0, st_rdev = 0, st_size = 40, st_blksize = 4096, st_blocks = 0, st_atim = {tv_sec = 1646819986, tv_nsec = 228520360}, st_mtim = {tv_sec = 1646903531, tv_nsec = 836398702}, st_ctim = {tv_sec = 1646903531, tv_nsec = 836398702}, __unused = {0, 0, 0}} tbuf = '\000' <repeats 392 times>... option_index = 0 long_options = {{name = 0x7da22f "help", has_arg = 0, flag = 0x0, val = 104}, {name = 0x7d56d4 "version", has_arg = 0, flag = 0x0, val = 118}, {name = 0x7da234 "alias", has_arg = 1, flag = 0x0, val = 1024}, { name = 0x7da23a "subst", has_arg = 1, flag = 0x0, val = 1025}, {name = 0x7da240 "substdef", has_arg = 1, flag = 0x0, val = 1026}, {name = 0x7da249 "substdefs", has_arg = 1, flag = 0x0, val = 1027}, { name = 0x7da253 "server-id", has_arg = 1, flag = 0x0, val = 1028}, {name = 0x7da25d "loadmodule", has_arg = 1, flag = 0x0, val = 1029}, {name = 0x7da268 "modparam", has_arg = 1, flag = 0x0, val = 1030}, { name = 0x7da271 "log-engine", has_arg = 1, flag = 0x0, val = 1031}, {name = 0x7da27c "debug", has_arg = 1, flag = 0x0, val = 1032}, {name = 0x7da282 "atexit", has_arg = 1, flag = 0x0, val = 1034}, { name = 0x0, has_arg = 0, flag = 0x0, val = 0}} __FUNCTION__ = "main" (gdb) list ... here goes a code of tls_server.c but if I'll leave it - Comment is too long (maximum is 65536 characters) (gdb) Line number 1513 out of range; tls_server.c has 1512 lines. ``` #### Log Messages ``` 2022-03-10T10:17:16.838905+01:00 pbxphone-0866-fe-1.company.domain /usr/local/sbin/kamailio[222489]: CRITICAL: <core> [core/pass_fd.c:277]: receive_fd(): EOF on 27 ``` ### Additional Information * **Kamailio Version** - output of `kamailio -v` ``` kamailio -V version: kamailio 5.4.7 (x86_64/linux) a19fe1 flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLACKLIST, HAVE_RESOLV_RES ADAPTIVE_WAIT_LOOPS 1024, MAX_RECV_BUFFER_SIZE 262144, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB poll method support: poll, epoll_lt, epoll_et, sigio_rt, select. id: a19fe1 compiled on 20:40:47 Nov 22 2021 with gcc 4.8.5 ``` * **Operating System**:  ``` Linux pbxphone-0866-fe-1.company.domain 3.10.0-1160.15.2.el7.x86_64 #1 SMP Wed Feb 3 15:06:38 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux ``` -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3052 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/issues/3052(a)github.com>

1 year, 11 months

Testing dialog module (and acc with dialog cdrs)

by Daniel-Constantin Mierla

Hello, as I am not a user of dialog variables, I am turning to community to ask for help testing the current master branch with configurations that make use of dialog variables and acc dialog-based cdr generation. With a few reports of issues related to dialog modules and unexpected crashes, I looked over the code and noticed that the access of the value for dialog variables was not protected, making them vulnerable of invalid memory access in case of the variable was updated by another process or dialog was terminated. I introduced a couple of new functions to try to cover different use cases of getting the dlg variable values, dialog management code was not affected, but given that these commits need to be backported to stable branch (5.6), I want to get proper feedback from community that things work fine. A previous attempt of a simpler fix was not enough, having side effects to acc module for dialog-based cdr generation, because it was keeping referenced to many dlg variables at the same time. In short, it would be appreciated any feedback on testing dialog and acc with dialog-based cdr generation using git master branch. Cheers, Daniel -- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio Advanced Training - Online Nov 7-10, 2022 (Europe Timezone) * https://www.asipto.com/sw/kamailio-advanced-training-online/

2 years

[kamailio/kamailio] Update mod_stats.c Random crash in CTL handler (PR #3250)

by bensly-shanmugam

#### Pre-Submission Checklist    - [ ] Commit message has the format required by CONTRIBUTING guide - [x] Commits are split per component (core, individual modules, libs, utils, ...) - [x] Each component has a single commit (if not, squash them into one commit) - [x] No commits to README files for modules (changes must be done to docbook files in `doc/` subfolder, the README file is autogenerated) #### Type Of Change - [x] Small bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds new functionality) - [ ] Breaking change (fix or feature that would change existing functionality) #### Checklist:  - [ ] PR should be backported to stable branches - [x] Tested changes locally - [ ] Related to issue #XXXX (replace XXXX with an open issue number) #### Description  We have found a random crash in the CTL module handler and we are using kamailio 5.4.7. Based on the core log analysis, we have identified that, due to some of the RPC events this crash happens. This crash happen when "rpc_mod_is_printed_one" funtion recevies the parameter ( mem_counter *stats ) as NULL. To avoid the crash, we have added the below code. if ( stats == NULL || current == NULL ) { LM_ERR("rpc_mod_is_printed_one -> funtion parameter contains null value \n"); return 1; } You can view, comment on, or merge this pull request online at: https://github.com/kamailio/kamailio/pull/3250 -- Commit Summary -- * Update mod_stats.c Random crash in CTL handler -- File Changes -- M src/modules/kex/mod_stats.c (6) -- Patch Links -- https://github.com/kamailio/kamailio/pull/3250.patch https://github.com/kamailio/kamailio/pull/3250.diff -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/3250 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/pull/3250(a)github.com>

2 years

[kamailio/kamailio] tm: proper fill of From/To URI/tag values using parsed structure in rpc_t_uac() (PR #3251)

by braams

#### Pre-Submission Checklist    - [x] Commit message has the format required by CONTRIBUTING guide - [x] Commits are split per component (core, individual modules, libs, utils, ...) - [x] Each component has a single commit (if not, squash them into one commit) - [x] No commits to README files for modules (changes must be done to docbook files in `doc/` subfolder, the README file is autogenerated) #### Type Of Change - [x] Small bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds new functionality) - [ ] Breaking change (fix or feature that would change existing functionality) #### Checklist:  - [x] PR should be backported to stable branches - [x] Tested changes locally - [x] Related to https://github.com/kamailio/kamailio/commit/aa6e9963b2725c1b6b7e5ff995a77c2… https://lists.kamailio.org/pipermail/sr-users/2020-November/111152.html #### Description tm.t_uac_start adds new tag into from header even if it exists. It has already been fixed for t_uac_send function. But there is the same problem for tm.t_uac_start RPC command. I've fixed it in the same way. You can view, comment on, or merge this pull request online at: https://github.com/kamailio/kamailio/pull/3251 -- Commit Summary -- * tm: proper fill of From/To URI/tag values using parsed structure in rpc_t_uac() -- File Changes -- M src/modules/tm/rpc_uac.c (24) -- Patch Links -- https://github.com/kamailio/kamailio/pull/3251.patch https://github.com/kamailio/kamailio/pull/3251.diff -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/3251 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/pull/3251(a)github.com>

2 years

[kamailio/kamailio] Unexpected kamailio 5.4 segfault (#2828)

by nmateo26

Dear all we have seen a core in a running production kamailio instance today, i attach you the bt in dropbox version: kamailio 5.4.4 (x86_64/linux) 0ddb01-dirty centos7 3.10.0-693.17.1.el7.x86_64 https://www.dropbox.com/s/fpunfs0o9aqhwww/kamailio_core_17agosto.txt?dl=0 ~~~ #0 0x00007f4c131446ad in print_lists (dlg=0x7f4b60abb2e8) at dlg_var.c:277 #1 0x00007f4c131467ff in pv_set_dlg_variable (msg=0x7f4c17592d70, param=0x7f4c17aa88d0, op=254, val=0x7ffc8de8c990) at dlg_var.c:443 #2 0x00000000004f9c82 in lval_pvar_assign (h=0x7ffc8de8ddc0, msg=0x7f4c17592d70, lv=0x7f4c17aa8998, rv=0x7f4c17aa8b18) at core/lvalue.c:352 #3 0x00000000004fa780 in lval_assign (h=0x7ffc8de8ddc0, msg=0x7f4c17592d70, lv=0x7f4c17aa8998, rve=0x7f4c17aa8b10) at core/lvalue.c:400 #4 0x00000000004c3f6f in do_action (h=0x7ffc8de8ddc0, a=0x7f4c17aa92b0, msg=0x7f4c17592d70) at core/action.c:1455 #5 0x00000000004c5cab in run_actions (h=0x7ffc8de8ddc0, a=0x7f4c17aa8668, msg=0x7f4c17592d70) at core/action.c:1581 #6 0x00000000004b8867 in do_action (h=0x7ffc8de8ddc0, a=0x7f4c17aac2b0, msg=0x7f4c17592d70) at core/action.c:1067 #7 0x00000000004c5cab in run_actions (h=0x7ffc8de8ddc0, a=0x7f4c17aa34c0, msg=0x7f4c17592d70) at core/action.c:1581 #8 0x00000000004c63ef in run_top_route (a=0x7f4c17aa34c0, msg=0x7f4c17592d70, c=0x7ffc8de8ddc0) at core/action.c:1666 #9 0x00007f4c16bbc0a2 in reply_received (p_msg=0x7f4c17592d70) at t_reply.c:2543 #10 0x00000000005d0b69 in do_forward_reply (msg=0x7f4c17592d70, mode=0) at core/forward.c:764 #11 0x00000000005d283b in forward_reply (msg=0x7f4c17592d70) at core/forward.c:865 #12 0x0000000000622dd2 in receive_msg ( buf=0xb034a0 <buf.7140> "SIP/2.0 100 Trying\r\nVia: SIP/2.0/UDP 79.170.68.186;branch=z9hG4bK895d.0e2ee1cb7a0cde9ed9e78d7f0ec22c00.0\r\nVia: SIP/2.0/UDP 79.170.71.172:5080;received=79.170.71.172;rport=5080;branch=z9hG4bKtmtBy7jaQ5"..., len=449, rcv_info=0x7ffc8de8e8b0) at core/receive.c:509 #13 0x0000000000521e67 in udp_rcv_loop () at core/udp_server.c:543 #14 0x0000000000429f56 in main_loop () at main.c:1689 #15 0x0000000000434034 in main (argc=13, argv=0x7ffc8de8f148) at main.c:2876 ~~~ Best regards, Noel -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/2828

2 years

[kamailio/kamailio] KEMI API implementation for carrierroute module (PR #3247)

by Muhammad Shahzad Shafi

#### Pre-Submission Checklist    - [x] Commit message has the format required by CONTRIBUTING guide - [x] Commits are split per component (core, individual modules, libs, utils, ...) - [x] Each component has a single commit (if not, squash them into one commit) - [x] No commits to README files for modules (changes must be done to docbook files in `doc/` subfolder, the README file is autogenerated) #### Type Of Change - [ ] Small bug fix (non-breaking change which fixes an issue) - [x] New feature (non-breaking change which adds new functionality) - [ ] Breaking change (fix or feature that would change existing functionality) #### Checklist:  - [x] PR should be backported to stable branches - [x] Tested changes locally - [ ] Related to issue #XXXX (replace XXXX with an open issue number) #### Description  Ported all carrierroute module functions to KEMI API. Here is an example, ```python3 ... # User location service def ksr_route_location(self, msg): if KSR.pv.get("$rm") == "INVITE" and KSR.carrierroute.cr_user_carrier("$fU", "$fd", "$avp(carrier)") > 0: if KSR.pv.get("$rm") == "INVITE" and KSR.carrierroute.cr_route("$avp(carrier)","$avp(domain)","$rU","$rU","call_id") > 0: KSR.info('Routing call via user carrier route\n') self.ksr_route_relay(msg) rc = KSR.registrar.lookup("location") if rc < 0: KSR.tm.t_newtran() if rc == -1 or rc == -3: KSR.sl.send_reply(404, "Not Found") return -255 elif rc == -2: KSR.sl.send_reply(405, "Method Not Allowed") return -255 # when routing via usrloc, log the missed calls also if KSR.is_INVITE() : KSR.setflag(FLT_ACCMISSED) self.ksr_route_relay(msg) return -255 ... ``` You can view, comment on, or merge this pull request online at: https://github.com/kamailio/kamailio/pull/3247 -- Commit Summary -- * KEMI API implementation for carrierroute module -- File Changes -- M src/modules/carrierroute/carrierroute.c (50) M src/modules/carrierroute/carrierroute.h (1) M src/modules/carrierroute/cr_func.c (260) M src/modules/carrierroute/cr_func.h (63) A src/modules/carrierroute/cr_kemi.c (199) A src/modules/carrierroute/cr_kemi.h (119) -- Patch Links -- https://github.com/kamailio/kamailio/pull/3247.patch https://github.com/kamailio/kamailio/pull/3247.diff -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/3247 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/pull/3247(a)github.com>

2 years

Kamailio Developers Meeting, Nov 16-17, 2022, in Dusseldorf

by Daniel-Constantin Mierla

Hello, Kamailio SIP Server project is organizing another meeting of its developers during November 16-17, 2022, hosted again by sipgate.de in Dusseldorf, Germany. The event is intended to facilitate the interaction between Kamailio developers and to offer a convenient environment for working together on several topics of high interest for the project, including writing code for Kamailio and its tools, improving documentation, or discuss about future development. Everyone from the community is welcome to join. Please note we have a limited capacity of seats in the meeting room, the main policy for accepting participants being first come first server. Also, very important to be aware that this is not an event to learn how to use Kamailio. More details about the event, the venue, how to register, are available at: * https://www.kamailio.org/w/developers-meeting/ Looking forward to those two intensive hacking Kamailio days in Dusseldorf! Cheers, Daniel -- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio Advanced Training - Online Oct 10-13, 2022 (Europe Timezone) * https://www.asipto.com/sw/kamailio-advanced-training-online/

2 years

Jenkins build became unstable: kamailio56-binaries » amd64,bookworm #2

by kamailio＠sipwise.com

See <https://kamailio.sipwise.com/job/kamailio56-binaries/architecture=amd64,dis…>

2 years

← Newer
1
...
8
9
10
11
12
13
14
...
28
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

sr-dev September 2022