12 Feb
2008
12 Feb
'08
1:50 p.m.
HI,
I encountered the following error while trying to set up tls in ser.
When I start ser I get such error:
Feb 12 12:40:51 venom ser[26157]: tls: _init_tls_h: compiled with
openssl version "OpenSSL 0.9.8g 19 Oct 2007" (0x0090807f), kerberos
support: off, compression: on
Feb 12 12:40:51 venom ser[26157]: tls: init_tls_h: installed openssl library
version "OpenSSL 0.9.8g 19 Oct 2007" (0x0090807f), kerberos support: off,
zlib compression: on compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -m64 -DL_ENDIAN
-DTERMIO -O3 -Wa,--noexecstack -g -Wall -DMD32_REG_T=int -DMD5_ASM
Feb 12 12:40:51 venom ser[26157]: ERROR: tls_init.c:366: Unable to set the
memory allocation functions
Feb 12 12:40:51 venom ser[26157]: could not initialize tls, exiting...
Here is my config:
# -- tls params --
modparam("tls", "config",
"/home/sip/ser/2.0/hsp/ca/tls.cfg")
modparam("tls", "tls_force_run", 0)
modparam("tls", "tls_log",3)
modparam("tls", "handshake_timeout", 10)
modparam("tls", "send_timeout", 10)
modparam("tls", "tls_disable_compression", 0)
#modparam("tls", "private_key", "/etc/certs/key.pem")
#modparam("tls", "certificate", "/etc/certs/cert.pem")
#modparam("tls", "ca_list", "/etc/certs/ca_list.pem")
#modparam("tls", "require_certificate", 0)
#modparam("tls", "verify_certificate", 1)
#modparam("tls", "tls_method", "TLSv1")
and tls.cfg
[server:default]
method = TLSv1
verify_certificate = no
require_certificate = no
private_key = /home/sip/ser/2.0/hsp/ca/hsp_key.pem
certificate = /home/sip/ser/2.0/hsp/ca/hsp_cert.pem
ca_list = /home/sip/ser/2.0/hsp/ca/hsp_calist.pem
[client:default]
verify_certificate = yes
require_certificate = yes
Please point me what did I miss if this is the right behaviour?
Kind regards
Tomasz
12 Feb
12 Feb
3:53 p.m.
Which other modules are you using?
There are some incompatibility between several modules using openssl because
all of them tries to allocate the pointers to the hook functions and this is
not possible. I'm not 100% sure but I think that presence and auth_identity
are incompatible with tls module...
I posted some mails about this issue and I think docs were updated...
Hope it helps,
Samuel
2008/2/12, Tomasz Zieleniewski <tzieleniewski(a)gmail.com>om>:
HI,
I encountered the following error while trying to set up tls in ser.
When I start ser I get such error:
Feb 12 12:40:51 venom ser[26157]: tls: _init_tls_h: compiled with
openssl version "OpenSSL 0.9.8g 19 Oct 2007" (0x0090807f), kerberos
support: off, compression: on
Feb 12 12:40:51 venom ser[26157]: tls: init_tls_h: installed openssl
library version "OpenSSL 0.9.8g 19 Oct 2007" (0x0090807f), kerberos
support: off, zlib compression: on compiler: gcc -fPIC -DOPENSSL_PIC
-DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -m64
-DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall -DMD32_REG_T=int
-DMD5_ASM
Feb 12 12:40:51 venom ser[26157]: ERROR: tls_init.c:366: Unable to set the
memory allocation functions
Feb 12 12:40:51 venom ser[26157]: could not initialize tls, exiting...
Here is my config:
# -- tls params --
modparam("tls", "config",
"/home/sip/ser/2.0/hsp/ca/tls.cfg")
modparam("tls", "tls_force_run", 0)
modparam("tls", "tls_log",3)
modparam("tls", "handshake_timeout", 10)
modparam("tls", "send_timeout", 10)
modparam("tls", "tls_disable_compression", 0)
#modparam("tls", "private_key", "/etc/certs/key.pem")
#modparam("tls", "certificate", "/etc/certs/cert.pem")
#modparam("tls", "ca_list", "/etc/certs/ca_list.pem")
#modparam("tls", "require_certificate", 0)
#modparam("tls", "verify_certificate", 1)
#modparam("tls", "tls_method", "TLSv1")
and tls.cfg
[server:default]
method = TLSv1
verify_certificate = no
require_certificate = no
private_key = /home/sip/ser/2.0/hsp/ca/hsp_key.pem
certificate = /home/sip/ser/2.0/hsp/ca/hsp_cert.pem
ca_list = /home/sip/ser/2.0/hsp/ca/hsp_calist.pem
[client:default]
verify_certificate = yes
require_certificate = yes
Please point me what did I miss if this is the right behaviour?
Kind regards
Tomasz
_______________________________________________
Serusers mailing list
Serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
6132
days inactive
6132
days old
1 comments
2 participants
participants (2)
-
samuel -
Tomasz Zieleniewski