Hello Henning,

yes, I use this major version

$ openssl version
OpenSSL 3.0.7 1 Nov 2022 (Library: OpenSSL 3.0.7 1 Nov 2022)

Thanks, I'll try updating Kamailio and report the results.


пн, 13 мая 2024 г. в 13:19, Henning Westerholt <hw@gilawa.com>:

Hello,

 

are you on openssl 3.x by any chance? If yes, please upgrade to kamailio 5.7.5 or 5.8.1 and set tls_thread_mode=2 in the kamailio.cfg, as it fixes certain memory corruption issues on this openssl version.

If you are still getting crashes after the upgrade and setting, please let us know, it might be something related to the FIPS mode.

 

Cheers,

 

Henning

 

From: Marat Gareev via sr-users <sr-users@lists.kamailio.org>
Sent: Montag, 13. Mai 2024 09:19
To: Kamailio (SER) - Users Mailing List <sr-users@lists.kamailio.org>
Cc: Marat Gareev <maratkin94@gmail.com>
Subject: [SR-Users] TLS module crashes with FIPS OpenSSL

 

Hello,

 

I encountered a problem stopping Kamailio with FIPS OpenSSL:

 

Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00007ff7292380ac in OPENSSL_sk_pop () from /lib64/libcrypto.so.3
Missing separate debuginfos, use: dnf debuginfo-install kamailio-5.7.3-4816.x86_64
(gdb) bt
#0  0x00007ff7292380ac in OPENSSL_sk_pop () from /lib64/libcrypto.so.3
#1  0x00007ff72914bf5b in conf_modules_finish_int () from /lib64/libcrypto.so.3
#2  0x00007ff72914c694 in CONF_modules_unload () from /lib64/libcrypto.so.3
#3  0x00007ff7291efff9 in OPENSSL_cleanup () from /lib64/libcrypto.so.3
#4  0x00007ff72954702b in ?? ()
#5  0x0000000100061c08 in ?? ()
#6  0x00007ff7190566c8 in ?? ()
#7  0x00007ffccf196a20 in ?? ()
#8  0x000000000071da8a in futex_release (lock=0x7ff729f08b50 <syslog>) at core/mem/../mem/../futexlock.h:134
#9  0x00000000006e9448 in destroy_tls () at core/tls_hooks.c:75
#10 0x000000000041f278 in cleanup (show_status=1) at main.c:594
#11 0x0000000000420af1 in shutdown_children (sig=15, show_status=1) at main.c:721
#12 0x0000000000421717 in handle_sigs () at main.c:752
#13 0x0000000000430c88 in main_loop () at main.c:1988
#14 0x0000000000439d13 in main (argc=14, argv=0x7ffccf1973f8) at main.c:3212
(gdb)

 

Environment:

Oracle Linux Server 9.3

Kamailio 5.7.3

yum list --installed | grep ssl
openssl.x86_64                        10:3.0.7-24.0.3.el9_fips                  @tools              
openssl-libs.x86_64                   10:3.0.7-24.0.3.el9_fips                  @tools              
openssl-pkcs11.x86_64                 0.4.11-7.el9                              @anaconda           
xmlsec1-openssl.x86_64                1.2.29-9.el9                              @AppStream

 

What can I do for further investigation?

 

Thanks