Description

Segfault in Kamailio when using mysql (over ssl) and tls listeners.

We have a reproducible segfault with Kamailio on Ubuntu Xenial. The problems is revealed when two modules (db_mysql and tls) and both using the openssl library. The mysql module is using openssl indirectly, because the connection is encrypted by default when the server supports it.

Troubleshooting

Reproduction

Install Kamailio with

• tls listeners enabled
• dispatcher module enabled, from mysql db

Example configuration attached:

In this case, reproduction with:

• start kamailio
• let dispatcher reload, for example via jsonrpc
• make connection on tls, for example with openssl s_connect

Kamailio will crash.

Debugging Data

Stack trace, with libssl1.0.0-dbg installed:

#0  0x0000000000000000 in ?? ()
#1  0x00007ff862d07b0d in getrn (lh=lh@entry=0x7ff8641eb7e8, data=data@entry=0x7ffe1f36e750, rhash=rhash@entry=0x7ffe1f36e6f0) at lhash.c:396
#2  0x00007ff862d0817a in lh_retrieve (lh=0x7ff8641eb7e8, data=data@entry=0x7ffe1f36e750) at lhash.c:248
#3  0x00007ff862d0a651 in int_thread_get_item (d=0x7ffe1f36e750) at err.c:500
#4  0x00007ff862d0b024 in ERR_get_state () at err.c:1023
#5  0x00007ff862d0b25f in ERR_clear_error () at err.c:743
#6  0x00007ff86305c67e in ssl23_accept (s=0x7ff864a282d0) at s23_srvr.c:157
#7  0x00007ff860b70d86 in tls_accept (c=0x7ff864af8810, error=0x7ffe1f36eb30) at tls_server.c:422
#8  0x00007ff860b7a486 in tls_read_f (c=0x7ff864af8810, flags=0x7ffe1f38eedc) at tls_server.c:1116
#9  0x0000000000625ac2 in tcp_read_headers (c=0x7ff864af8810, read_flags=0x7ffe1f38eedc) at core/tcp_read.c:469
#10 0x000000000062d05d in tcp_read_req (con=0x7ff864af8810, bytes_read=0x7ffe1f38eed8, read_flags=0x7ffe1f38eedc) at core/tcp_read.c:1496
#11 0x0000000000631c42 in handle_io (fm=0x7ff885734520, events=1, idx=-1) at core/tcp_read.c:1804
#12 0x0000000000620500 in io_wait_loop_epoll (h=0xae0200 <io_w>, t=2, repeat=0) at core/io_wait.h:1065
#13 0x0000000000633adb in tcp_receive_loop (unix_sock=26) at core/tcp_read.c:1974
#14 0x000000000051a9a1 in tcp_init_children () at core/tcp_main.c:4853
#15 0x000000000042620e in main_loop () at main.c:1745
#16 0x000000000042ca76 in main (argc=7, argv=0x7ffe1f38f578) at main.c:2696

Log Messages

2020-04-05T01:27:37.965778+02:00 nathancmp01 kernel: [432825.787355] kamailio[6296]: segfault at 0 ip           (null) sp 00007ffe4cdaf248 error 14 in kamailio[400000+47b000]

SIP Traffic

No SIP traffic needed, just a TLS connection.

Possible Solutions

Could not reproduce with Kamailio 5.3.3 on Ubuntu Bionic nor Debian Buster. Both are using openssl 1.1.x, so I guess that fixes the problem. But Xenial is still on 1.0.2g...

Additional Information

Tested with Kamailio 5.2 and 5.3.3.

• Operating System:

Repro on:

• Ubuntu Xenial

No repro on:

• Ubuntu Bionic
• Debian Buster

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.