Hello,
Hi,
Yes I tought that also at the beginning and moved that tls loading to first. And same configuration works now with 5.1.
####### Modules Section ########
# set paths to location of modules (to sources or installation folders)#!ifdef WITH_SRCPATHmpath="modules_k:modules"#!else#mpath="/usr/local/lib/kamailio/modules_k/:/usr/local/lib/kamailio/modules/"mpath="/lib64/kamailio/modules/"#!endif
#!ifdef WITH_TLSloadmodule "tls.so"#!endif
#!ifdef WITH_MYSQLloadmodule "db_mysql.so"#!endif
loadmodule "jsonrpcs.so"loadmodule "kex.so"loadmodule "tm.so"loadmodule "tmx.so"loadmodule "sl.so"loadmodule "rr.so"loadmodule "pv.so"loadmodule "maxfwd.so"loadmodule "usrloc.so"loadmodule "registrar.so"loadmodule "textops.so"loadmodule "siputils.so"loadmodule "xlog.so"loadmodule "sanity.so"loadmodule "ctl.so"loadmodule "cfg_rpc.so"loadmodule "acc.so"loadmodule "dispatcher.so"
#!ifdef WITH_AUTHloadmodule "auth.so"loadmodule "auth_db.so"#!ifdef WITH_IPAUTHloadmodule "permissions.so"#!endif#!endif
#!ifdef WITH_IPAUTHloadmodule "permissions.so"#!endif#!endif
#!ifdef WITH_ALIASDBloadmodule "alias_db.so"#!endif
#!ifdef WITH_SPEEDDIALloadmodule "speeddial.so"#!endif
#!ifdef WITH_MULTIDOMAINloadmodule "domain.so"#!endif
#!ifdef WITH_PRESENCEloadmodule "presence.so"loadmodule "presence_xml.so"#!endif
#!ifdef WITH_NATloadmodule "nathelper.so"loadmodule "rtpproxy.so"#!endif
#!ifdef WITH_ANTIFLOODloadmodule "htable.so"loadmodule "pike.so"#!endif
#!ifdef WITH_XMLRPCloadmodule "xmlrpc.so"#!endif
#!ifdef WITH_DEBUGloadmodule "debugger.so"#!endif
#!ifdef WITH_ASTERISKloadmodule "uac.so"#!endif
Regards, Tomi
On 13 Dec 2017, at 19.50, Daniel-Constantin Mierla <miconda@gmail.com> wrote:
Hello,
there should be also good openssl 1.0.x versions, maybe the problem was the order of modules. Can you list all loadmodule line from your kamailio.cfg?
Cheers,
Daniel
On 13.12.17 00:20, Tomi Hakkarainen wrote:
Hello,
I finally got Kamailio to start with TLS.I tried with multiple openssl versions last withopenssl versionOpenSSL 1.1.0g 2 Nov 2017
also updated Kamailio to 5.0.4 from Suse repo'sand had no luck with those two.
I decided to compile Kamailio 5.1 and with little fling with database I think I overcame the TLS starting trouble…Now it cranshes as it cannot connect to Asterisk DB -> will jack with that tomorrow.
Thank you for your guidance as with it I focused on the openssl and finally have I hope working setup...
Regards,Tomi
On 12 Dec 2017, at 10.26, Daniel-Constantin Mierla <miconda@gmail.com> wrote:
Hello,
there were some broken versions of openssl that didn't allow anymore to set custom memory manager. The only option is to upgrade libssl to a version that doesn't expose the issue. If you search on kamailio issues tracker on github.com, there should be one closed about this topic.
Cheers,
Daniel
On 11.12.17 22:20, Tomi Hakkarainen wrote:
Hi,I have problem to enable TLS on just installed Kamailio serveropenSUSE 42.3 (x86_64)VERSION = 42.3CODENAME = Malachite
version: kamailio 5.0.4 (x86_64/linux)flags: STATS: Off, USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MEM, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLACKLIST, HAVE_RESOLV_RESADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MBpoll method support: poll, epoll_lt, epoll_et, sigio_rt, select.id: unknowncompiled on 18:06:25 Dec 3 2017 with gcc 4.8.5
I get this on debug log:
0(11336) DEBUG: <core> [core/cfg.y:1642]: yyparse(): loading modules under /usr/lib64/kamailio/modules/loading modules under config path: /usr/lib64/kamailio/modules/0(11336) DEBUG: <core> [core/cfg.y:1623]: yyparse(): loading module tls.so0(11336) DEBUG: <core> [core/sr_module.c:575]: load_module(): trying to load </usr/lib64/kamailio/modules/tls.so>0(11336) DEBUG: <core> [core/mem/q_malloc.c:189]: qm_malloc_init(): qm_malloc_init: QM_OPTIMIZE=16384, /ROUNDTO=20480(11336) DEBUG: <core> [core/mem/q_malloc.c:191]: qm_malloc_init(): qm_malloc_init: QM_HASH_SIZE=2099, qm_block size=2351520(11336) DEBUG: <core> [core/mem/q_malloc.c:193]: qm_malloc_init(): qm_malloc_init(0x7f6e001cb000, 67108864), start=0x7f6e001cb0000(11336) DEBUG: <core> [core/mem/q_malloc.c:202]: qm_malloc_init(): qm_malloc_init: size= 67108864, init_overhead=2352560(11336) ERROR: tls [tls_init.c:595]: tls_pre_init(): Unable to set the memory allocation functions0(11336) ERROR: tls [tls_init.c:597]: tls_pre_init(): libssl current mem functions - m: 0x7f6e055b33d0 r: 0x7f6e055b3a30 f: 0x7f6e055b39a00(11336) ERROR: tls [tls_init.c:599]: tls_pre_init(): Be sure tls module is loaded before any other module using libssl (can be loaded first to be safe)0(11336) ERROR: <core> [core/sr_module.c:607]: load_module(): /usr/lib64/kamailio/modules/tls.so: mod_register failed0(11336) CRITICAL: <core> [core/cfg.y:3411]: yyerror_at(): parse error in config file /etc/kamailio/kamailio.cfg, line 150, column 12-19: failed to load module
for resolving have compiled openssl from 1.0.2j-fips to
openssl versionOpenSSL 1.0.2n 7 Dec 2017
Is this information enough to see what we are missingWill provide more info if needed.Any help and suggestions are appreciated.
Regards,T
_______________________________________________ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-- Daniel-Constantin Mierla www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio Advanced Training - www.asipto.com Kamailio World Conference - May 14-16, 2018 - www.kamailioworld.com
-- Daniel-Constantin Mierla www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio Advanced Training - www.asipto.com Kamailio World Conference - May 14-16, 2018 - www.kamailioworld.com
-- Daniel-Constantin Mierla www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio Advanced Training - www.asipto.com Kamailio World Conference - May 14-16, 2018 - www.kamailioworld.com