I am running source code based, I don't see any changes in tls module with respect to implementation. I have recompiled my kamailio source using openssl 1.1.1j version.

I tried this below by upgrading openssl using the latest source code.

Vulnerability in OpenSSL - Integer overflow in CipherUpdate (vulners.com)

Going to monitor kamailio for some days, this core is not straightforward.


On Mon, Feb 22, 2021 at 1:04 PM Henning Westerholt <hw@skalatan.de> wrote:

Hi,

 

try to update to a maintained version (e.g. recent 5.3.x or 5.4.x) – in TLS support there have been several bugs fixed in newer releases.

 

Cheers,

 

Henning

 

--

Henning Westerholt – https://skalatan.de/blog/

Kamailio services – https://gilawa.com

 

From: sr-users <sr-users-bounces@lists.kamailio.org> On Behalf Of surendra p
Sent: Monday, February 22, 2021 5:26 AM
To: sr-users@lists.kamailio.org
Subject: [SR-Users] Kamailio Crash in TLS acceppt

 

Hi Team,

 

Kamailio 5.2 getting crashed in tls_accept. Can someone help over here.

 

#0  0x00007f1b135c09b2 in EVP_DecryptUpdate () from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1

#1  0x00007f1b135f3034 in ?? () from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1

#2  0x00007f1b135f36a3 in ?? () from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1

#3  0x00007f1b135f4051 in RAND_DRBG_reseed () from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1

#4  0x00007f1b135f457d in RAND_DRBG_generate () from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1

#5  0x00007f1b135f46f1 in RAND_DRBG_bytes () from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1

#6  0x00007f1b1378649e in ?? () from /usr/lib/x86_64-linux-gnu/libssl.so.1.1

#7  0x00007f1b13777f5f in ?? () from /usr/lib/x86_64-linux-gnu/libssl.so.1.1

#8  0x00007f1b13763f34 in SSL_do_handshake () from /usr/lib/x86_64-linux-gnu/libssl.so.1.1

#9  0x00007f1acf246fce in tls_accept (c=0x7f1ad35fdc60, error=0x7ffc238dd1dc) at tls_server.c:411

#10 0x00007f1acf2503a3 in tls_read_f (c=0x7f1ad35fdc60, flags=0x7ffc238dd50c) at tls_server.c:1097

#11 0x0000559ac2ec9b46 in tcp_read_headers (c=0x7f1ad35fdc60, read_flags=0x7ffc238dd50c) at core/tcp_read.c:462

#12 0x0000559ac2eced1c in tcp_read_req (con=0x7f1ad35fdc60, bytes_read=0x7ffc238dd514, read_flags=0x7ffc238dd50c) at core/tcp_read.c:1348

#13 0x0000559ac2ed5442 in handle_io (fm=0x7f1b13d2cef8, events=8193, idx=-1) at core/tcp_read.c:1715

#14 0x0000559ac2ec424a in io_wait_loop_epoll (h=0x559ac3153f80 <io_w>, t=2, repeat=0) at core/io_wait.h:1073

#15 0x0000559ac2ed6df4 in tcp_receive_loop (unix_sock=75) at core/tcp_read.c:1829

#16 0x0000559ac2db8685 in tcp_init_children () at core/tcp_main.c:4802

#17 0x0000559ac2cb6867 in main_loop () at main.c:1714

#18 0x0000559ac2cbd6af in main (argc=15, argv=0x7ffc238ddb88) at main.c:2644