Hi,

Yes I tought that also at the beginning and moved that tls loading to first. And same configuration works now with 5.1.

####### Modules Section ########

 

# set paths to location of modules (to sources or installation folders)
#!ifdef WITH_SRCPATH
mpath="modules_k:modules"
#!else
#mpath="/usr/local/lib/kamailio/modules_k/:/usr/local/lib/kamailio/modules/"
mpath="/lib64/kamailio/modules/"
#!endif

#!ifdef WITH_TLS
loadmodule "tls.so"
#!endif

 

#!ifdef WITH_MYSQL
loadmodule "db_mysql.so"
#!endif

loadmodule "jsonrpcs.so"
loadmodule "kex.so"
loadmodule "tm.so"
loadmodule "tmx.so"
loadmodule "sl.so"
loadmodule "rr.so"
loadmodule "pv.so"
loadmodule "maxfwd.so"
loadmodule "usrloc.so"
loadmodule "registrar.so"
loadmodule "textops.so"
loadmodule "siputils.so"
loadmodule "xlog.so"
loadmodule "sanity.so"
loadmodule "ctl.so"
loadmodule "cfg_rpc.so"
loadmodule "acc.so"
loadmodule "dispatcher.so"

 

#!ifdef WITH_AUTH
loadmodule "auth.so"
loadmodule "auth_db.so"
#!ifdef WITH_IPAUTH
loadmodule "permissions.so"
#!endif
#!endif

 

#!ifdef WITH_IPAUTH
loadmodule "permissions.so"
#!endif
#!endif

 

#!ifdef WITH_ALIASDB
loadmodule "alias_db.so"
#!endif

 

#!ifdef WITH_SPEEDDIAL
loadmodule "speeddial.so"
#!endif

 

#!ifdef WITH_MULTIDOMAIN
loadmodule "domain.so"
#!endif

 

#!ifdef WITH_PRESENCE
loadmodule "presence.so"
loadmodule "presence_xml.so"
#!endif

 

#!ifdef WITH_NAT
loadmodule "nathelper.so"
loadmodule "rtpproxy.so"
#!endif

  

#!ifdef WITH_ANTIFLOOD
loadmodule "htable.so"
loadmodule "pike.so"
#!endif

 

#!ifdef WITH_XMLRPC
loadmodule "xmlrpc.so"
#!endif

 

#!ifdef WITH_DEBUG
loadmodule "debugger.so"
#!endif

 

#!ifdef WITH_ASTERISK
loadmodule "uac.so"
#!endif

 



Regards, Tomi

On 13 Dec 2017, at 19.50, Daniel-Constantin Mierla <miconda@gmail.com> wrote:

Hello,

there should be also good openssl 1.0.x versions, maybe the problem was the order of modules. Can you list all loadmodule line from your kamailio.cfg?

Cheers,
Daniel


On 13.12.17 00:20, Tomi Hakkarainen wrote:
Hello,

I finally got Kamailio to start with TLS.
I tried with multiple openssl versions last with 
openssl version
OpenSSL 1.1.0g  2 Nov 2017

also updated Kamailio to 5.0.4 from Suse repo's
and had no luck with those two.

I decided to compile Kamailio 5.1 and with little fling with database I think I overcame the TLS starting troubleā€¦ 
Now it cranshes as it cannot connect to Asterisk DB -> will jack with that tomorrow.

Thank you for your guidance as with it I focused on the openssl and finally have I hope working setup...

Regards,
 Tomi

On 12 Dec 2017, at 10.26, Daniel-Constantin Mierla <miconda@gmail.com> wrote:

Hello,

there were some broken versions of openssl that didn't allow anymore to set custom memory manager. The only option is to upgrade libssl to a version that doesn't expose the issue. If you search on kamailio issues tracker on github.com, there should be one closed about this topic.

Cheers,
Daniel


On 11.12.17 22:20, Tomi Hakkarainen wrote:
Hi,
  
I have problem to enable TLS on just installed Kamailio server 
openSUSE 42.3 (x86_64)
VERSION = 42.3
CODENAME = Malachite

version: kamailio 5.0.4 (x86_64/linux) 
flags: STATS: Off, USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MEM, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLACKLIST, HAVE_RESOLV_RES
ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB
poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
id: unknown 
compiled on 18:06:25 Dec  3 2017 with gcc 4.8.5

I get this on debug log:

 0(11336) DEBUG: <core> [core/cfg.y:1642]: yyparse(): loading modules under /usr/lib64/kamailio/modules/
loading modules under config path: /usr/lib64/kamailio/modules/
 0(11336) DEBUG: <core> [core/cfg.y:1623]: yyparse(): loading module tls.so
 0(11336) DEBUG: <core> [core/sr_module.c:575]: load_module(): trying to load </usr/lib64/kamailio/modules/tls.so>
 0(11336) DEBUG: <core> [core/mem/q_malloc.c:189]: qm_malloc_init(): qm_malloc_init: QM_OPTIMIZE=16384, /ROUNDTO=2048
 0(11336) DEBUG: <core> [core/mem/q_malloc.c:191]: qm_malloc_init(): qm_malloc_init: QM_HASH_SIZE=2099, qm_block size=235152
 0(11336) DEBUG: <core> [core/mem/q_malloc.c:193]: qm_malloc_init(): qm_malloc_init(0x7f6e001cb000, 67108864), start=0x7f6e001cb000
 0(11336) DEBUG: <core> [core/mem/q_malloc.c:202]: qm_malloc_init(): qm_malloc_init: size= 67108864, init_overhead=235256
 0(11336) ERROR: tls [tls_init.c:595]: tls_pre_init(): Unable to set the memory allocation functions
 0(11336) ERROR: tls [tls_init.c:597]: tls_pre_init(): libssl current mem functions - m: 0x7f6e055b33d0 r: 0x7f6e055b3a30 f: 0x7f6e055b39a0
 0(11336) ERROR: tls [tls_init.c:599]: tls_pre_init(): Be sure tls module is loaded before any other module using libssl (can be loaded first to be safe)
 0(11336) ERROR: <core> [core/sr_module.c:607]: load_module(): /usr/lib64/kamailio/modules/tls.so: mod_register failed
 0(11336) CRITICAL: <core> [core/cfg.y:3411]: yyerror_at(): parse error in config file /etc/kamailio/kamailio.cfg, line 150, column 12-19: failed to load module

for resolving have compiled openssl from 1.0.2j-fips to

openssl version
OpenSSL 1.0.2n  7 Dec 2017




Is this information enough to see what we are missing 
Will provide more info if needed.
Any help and suggestions are appreciated.

Regards, 
T












_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio Advanced Training - www.asipto.com
Kamailio World Conference - May 14-16, 2018 - www.kamailioworld.com


-- 
Daniel-Constantin Mierla
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio Advanced Training - www.asipto.com
Kamailio World Conference - May 14-16, 2018 - www.kamailioworld.com