Module: kamailio Branch: master Commit: e18c52030e202716df9f5e8e953c19fb4a9c65e2 URL: https://github.com/kamailio/kamailio/commit/e18c52030e202716df9f5e8e953c19f… Author: Daniel-Constantin Mierla &lt;miconda(a)gmail.com&gt; Committer: Daniel-Constantin Mierla &lt;miconda(a)gmail.com&gt; Date: 2024-10-16T11:05:04+02:00 tls: docs - relocate overview notes to Important Notes section --- Modified: src/modules/tls/doc/tls.xml --- Diff: https://github.com/kamailio/kamailio/commit/e18c52030e202716df9f5e8e953c19f… Patch: https://github.com/kamailio/kamailio/commit/e18c52030e202716df9f5e8e953c19f… --- diff --git a/src/modules/tls/doc/tls.xml b/src/modules/tls/doc/tls.xml index 3a0416fed61..53397e2d50a 100644 --- a/src/modules/tls/doc/tls.xml +++ b/src/modules/tls/doc/tls.xml @@ -60,27 +60,9 @@ must be added to the Kamailio config file. </para> <para> - IMPORTANT: the tls module must be loaded before any other &kamailio; module - that uses libssl (OpenSSL library). A safe option is to have the tls module - loaded first (be in the first "loadmodule" in &kamailio;.cfg). - </para> - <para> - IMPORTANT: For libssl v3.x, the core parameter "tls_threads_mode" - has to be set, see the Core Cookbook for possible values. - </para> - <para> - IMPORTANT: using this module compiled with newer versions of libssl - (e.g., v1.1+) may require &kamailio; to be started with - <emphasis>--atexit=no</emphasis> command line parameters to avoid - calling C atexit callbacks inside the process ending during - daemonize procedure as well as during shut down, which can lead - to crashes because it destroys and then accesses shared memory. For - example, such case has been reported for Ubuntu 20.04 or RedHat 8. - </para> - <para> - Note: with some particular combination of OS, openssl and mysql-client - libraries, there were reports of random crashes, in such case try to set - the db_mysql module parameter opt_ssl_mode to 1. + Read the "Important Notes" section because it has relevant information + about configuring properly the module for various libssl versions, + components and operating systems. </para> </section> <section id="tls.quick_start"> @@ -134,7 +116,7 @@ request_route { <para> The TLS module needs some special options enabled when compiling Kamailio. These options are enabled by default, however in case - you're using a modified Kamailio version or Makefile, make sure + you are using a modified Kamailio version or Makefile, make sure that you enable -DUSE_TLS and -DTLS_HOOKS (or compile with make TLS_HOOKS=1 which will take care of both options). </para> @@ -188,6 +170,29 @@ request_route { </itemizedlist> The bug reports can be viewed at <ulink url="http://rt.openssl.org/">http://rt.openssl.org/</ulink&….org/</ulink>. </para> + <para> + Note 1: the tls module must be loaded before any other &kamailio; module + that uses libssl (OpenSSL library). A safe option is to have the tls module + loaded first (be in the first "loadmodule" in &kamailio;.cfg). + </para> + <para> + Note 2: for libssl v3.x, the core parameter "tls_threads_mode" + has to be set, see the Core Cookbook for possible values. + </para> + <para> + Note 3: using this module compiled with newer versions of libssl + (e.g., v1.1+) may require &kamailio; to be started with + <emphasis>--atexit=no</emphasis> command line parameters to avoid + calling C atexit callbacks inside the process ending during + daemonize procedure as well as during shut down, which can lead + to crashes because it destroys and then accesses shared memory. For + example, such case has been reported for Ubuntu 20.04 or RedHat 8. + </para> + <para> + Note 4: with some particular combination of OS, openssl and mysql-client + libraries, there were reports of random crashes, in such case try to set + the db_mysql module parameter opt_ssl_mode to 1. + </para> </section>