Kamailio's **srutils** SHA functions have names that collide with OpenSSL's **libcrypto** SHA functions. In practice, OpenSSL fails to validate a server cert if **srutils** is loaded before **libcrypto**, because their SHA functions are not 100% equivalent.
On my Debian, **http_async_client** was unable to issue any HTTPS request unless server certificate verification was disabled.
This patch solves the issue by renaming the SHA functions in **srutils** to non-colliding names. I think this has no side effect because they are only used internally. You can view, comment on, or merge this pull request online at:
https://github.com/kamailio/kamailio/pull/513
-- Commit Summary --
* srutils: change names colliding with libcrypto
-- File Changes --
M lib/srutils/sha256.c (56) M lib/srutils/sha256.h (98) M lib/srutils/shautils.c (18)
-- Patch Links --
https://github.com/kamailio/kamailio/pull/513.patch https://github.com/kamailio/kamailio/pull/513.diff
--- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/513
Thanks, it can be merged.
--- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/513#issuecomment-185741119
Merged #513.
--- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/513#event-556285610
Should this be back ported?
--- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/513#issuecomment-186141289
You're right, the bug should occur every time `libsrutils.so` is loaded before `libcrypto.so` and OpenSSL is performing a SHA hash, so it's not specific to the new http modules. I'll backport it.
--- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/513#issuecomment-186149284
-
Camille Oudot -
Daniel-Constantin Mierla
-
Olle E. Johansson