[sr-dev] [kamailio/kamailio] http_async_client: exit mod_init if tm is not loaded (PR #3706)
Pre-Submission Checklist - [X] Commit message has the format required by CONTRIBUTING guide - [X] Commits are split per component (core, individual modules, libs, utils, ...) - [X] Each component has a single commit (if not, squash them into one commit) - [X] No commits to README files for modules (changes must be done to docbook files in `doc/` subfolder, the README file is autogenerated) Type Of Change - [X] Small bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds new functionality) - [ ] Breaking change (fix or feature that would change existing functionality) Checklist: - [X] PR should be backported to stable branches - [X] Tested changes locally - [ ] Related to issue # (replace with an open issue number) Description You can view, comment on, or merge this pull request online at: https://github.com/kamailio/kamailio/pull/3706 -- Commit Summary -- * http_async_client: exit mod_init if tm is not loaded -- File Changes -- M src/modules/http_async_client/http_async_client_mod.c (2) -- Patch Links -- https://github.com/kamailio/kamailio/pull/3706.patch https://github.com/kamailio/kamailio/pull/3706.diff -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/3706 You are receiving this because you are subscribed to this thread. Message ID:___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] Re: [kamailio/kamailio] Lost selectors (#2705)
Closed #2705. -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/2705#event-11437863339 You are receiving this because you are subscribed to this thread. Message ID: ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] Re: [kamailio/kamailio] [OpenSSL] kamailio 5.7.1 as a webrtc server experiences random crashes (Issue #3563)
Closed #3563 as completed. -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3563#event-11431678723 You are receiving this because you are subscribed to this thread. Message ID: ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] Re: [kamailio/kamailio] [OpenSSL] kamailio 5.7.1 as a webrtc server experiences random crashes (Issue #3563)
Closing with commits on current master and 5.7. Probably fixed by thread-locals rework. -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3563#issuecomment-1883232052 You are receiving this because you are subscribed to this thread. Message ID: ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:f485a0c9: pkg: rpm obs spec - removed app_sqlang module from packaging
Module: kamailio Branch: master Commit: f485a0c9f138ccfbeb548fa22ea9053afb449875 URL: https://github.com/kamailio/kamailio/commit/f485a0c9f138ccfbeb548fa22ea9053afb449875 Author: Daniel-Constantin Mierla Committer: Daniel-Constantin Mierla Date: 2024-01-09T15:32:14+01:00 pkg: rpm obs spec - removed app_sqlang module from packaging --- Modified: pkg/kamailio/obs/kamailio.spec --- Diff: https://github.com/kamailio/kamailio/commit/f485a0c9f138ccfbeb548fa22ea9053afb449875.diff Patch: https://github.com/kamailio/kamailio/commit/f485a0c9f138ccfbeb548fa22ea9053afb449875.patch --- diff --git a/pkg/kamailio/obs/kamailio.spec b/pkg/kamailio/obs/kamailio.spec index 1dc6687e645..ab556f5cd59 100644 --- a/pkg/kamailio/obs/kamailio.spec +++ b/pkg/kamailio/obs/kamailio.spec @@ -1008,9 +1008,6 @@ Group: %{PKGGROUP} Requires: kamailio = %version BuildRequires: gcc-c++ -%descriptionsqlang -app_sqlang module for Kamailio. - %packagesqlite Summary:SQLite database connectivity for Kamailio @@ -2318,12 +2315,6 @@ fi %{_libdir}/kamailio/modules/statsd.so -%files sqlang -%defattr(-,root,root) -%doc %{_docdir}/kamailio/modules/README.app_sqlang -%{_libdir}/kamailio/modules/app_sqlang.so - - %files sqlite %defattr(-,root,root) %doc %{_docdir}/kamailio/modules/README.db_sqlite ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] Re: [kamailio/kamailio] Error in make all (Issue #3705)
You have to do a 'make proper' or 'make pure' if you just pulled new commits and not cloned a fresh copy. For more assistance, write to sr-users mailing list. -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3705#issuecomment-1883154665 You are receiving this because you are subscribed to this thread. Message ID: ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] Re: [kamailio/kamailio] Error in make all (Issue #3705)
Closed #3705 as completed. -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3705#event-11431117368 You are receiving this because you are subscribed to this thread. Message ID: ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] [kamailio/kamailio] Error in make all (Issue #3705)
### Description I've cloned Kamailio and tried to build with `make all` commands and the error below appeared: ``` module not found: modules/app_sqlang make[1]: *** [Makefile:508: modules] Error 1 make[1]: Leaving directory '/usr/local/src/kamailio-devel/kamailio/src' make: *** [Makefile:34: all] Error 2 ``` the error wasn't occured before [9bb1976 "Makefile.groups: removed app_sqlang from modules list"](https://github.com/kamailio/kamailio/commit/9bb1976b4b7d52542a4de37144194bfc24649222) and just appered after pulling new commits. ### Troubleshooting I could solve the issue by set `app_sqlang` as skip_modules or exclude_modules, it's also possible solve it by set in ``` make skip_modules="app_sqlang" cfg ``` * **Ubuntu 22.04** -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3705 You are receiving this because you are subscribed to this thread. Message ID: ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] Re: [kamailio/kamailio] htable dmq can not get the expected result (Issue #3674)
I pushed a commit in master for it, the rpc value had to be read as long. Can you try and report if ok? It will be backported if fixes it. -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3674#issuecomment-1883034227 You are receiving this because you are subscribed to this thread. Message ID: ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:3f4844b4: siputils: reformat module exported structures
Module: kamailio Branch: master Commit: 3f4844b4ad1190a38eff8b377c89a9554be80e59 URL: https://github.com/kamailio/kamailio/commit/3f4844b4ad1190a38eff8b377c89a9554be80e59 Author: Daniel-Constantin Mierla Committer: Daniel-Constantin Mierla Date: 2024-01-09T14:07:18+01:00 siputils: reformat module exported structures --- Modified: src/modules/siputils/siputils.c --- Diff: https://github.com/kamailio/kamailio/commit/3f4844b4ad1190a38eff8b377c89a9554be80e59.diff Patch: https://github.com/kamailio/kamailio/commit/3f4844b4ad1190a38eff8b377c89a9554be80e59.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:0fcc950d: siputils: added module prefix to global variables
Module: kamailio Branch: master Commit: 0fcc950dc54990a51fe74616ec2d2972a4e1c094 URL: https://github.com/kamailio/kamailio/commit/0fcc950dc54990a51fe74616ec2d2972a4e1c094 Author: Daniel-Constantin Mierla Committer: Daniel-Constantin Mierla Date: 2024-01-09T14:07:18+01:00 siputils: added module prefix to global variables --- Modified: src/modules/siputils/chargingvector.c --- Diff: https://github.com/kamailio/kamailio/commit/0fcc950dc54990a51fe74616ec2d2972a4e1c094.diff Patch: https://github.com/kamailio/kamailio/commit/0fcc950dc54990a51fe74616ec2d2972a4e1c094.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:577fb110: htable: read rpc number value as long
Module: kamailio Branch: master Commit: 577fb11010ff61af3c4b567581c0bbc5404654c8 URL: https://github.com/kamailio/kamailio/commit/577fb11010ff61af3c4b567581c0bbc5404654c8 Author: Daniel-Constantin Mierla Committer: Daniel-Constantin Mierla Date: 2024-01-09T14:07:18+01:00 htable: read rpc number value as long - remove autoconvert for number, it is only for string values - GH #3674 --- Modified: src/modules/htable/htable.c --- Diff: https://github.com/kamailio/kamailio/commit/577fb11010ff61af3c4b567581c0bbc5404654c8.diff Patch: https://github.com/kamailio/kamailio/commit/577fb11010ff61af3c4b567581c0bbc5404654c8.patch --- diff --git a/src/modules/htable/htable.c b/src/modules/htable/htable.c index 5c682972f0c..0fcd280de9c 100644 --- a/src/modules/htable/htable.c +++ b/src/modules/htable/htable.c @@ -1673,7 +1673,8 @@ static void htable_rpc_seti(rpc_t *rpc, void *c) int_str keyvalue; ht_t *ht; - if(rpc->scan(c, "SS.d", &htname, &keyname, &keyvalue.n) < 3) { + keyvalue.n = 0; + if(rpc->scan(c, "SSl", &htname, &keyname, &keyvalue.n) < 3) { rpc->fault(c, 500, "Not enough parameters (htable name, key name and value)"); return; @@ -1710,7 +1711,7 @@ static void htable_rpc_setex(rpc_t *rpc, void *c) int exval; ht_t *ht; - if(rpc->scan(c, "SS.d", &htname, &itname, &exval) < 3) { + if(rpc->scan(c, "SSd", &htname, &itname, &exval) < 3) { rpc->fault(c, 500, "Not enough parameters (htable name, item name and expire)"); return; @@ -1761,10 +1762,10 @@ static void htable_rpc_setxs(rpc_t *rpc, void *c) static void htable_rpc_setxi(rpc_t *rpc, void *c) { str htname, keyname; - int ival; + int ival = 0; int exval; - if(rpc->scan(c, "SS.dd", &htname, &keyname, &ival, &exval) < 4) { + if(rpc->scan(c, "SSdd", &htname, &keyname, &ival, &exval) < 4) { rpc->fault(c, 500, "Not enough parameters (htable name, key name, value and " "expire)"); ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] Re: git:master:52e82aa7: gcrypt: new module for crypto functions
Hello, thanks for the interesting module addition. Just a quick note, as maybe developers are not aware of it, there are AES ECB and CBC cryptographic functions also available in the core: /kamailio/src/core/crypto$ egrep "ecb_|cbc_" rijndael.h void aes_ecb_encrypt(rijndael_ctx *ctx, u_int8_t *data, unsigned len); void aes_ecb_decrypt(rijndael_ctx *ctx, u_int8_t *data, unsigned len); There is also SHA256, SHA384, SHA512 and MD5 available, in case people prefer to don't use OpenSSL or another library for this functionality. Cheers, Henning > -Original Message- > From: Daniel-Constantin Mierla via sr-dev > Sent: Montag, 8. Januar 2024 20:22 > To: sr-dev@lists.kamailio.org > Cc: Daniel-Constantin Mierla > Subject: [sr-dev] git:master:52e82aa7: gcrypt: new module for crypto > functions > > Module: kamailio > Branch: master > Commit: 52e82aa79febcdc7aa422756e250d402b61dfe14 > URL: > https://github.com/kamailio/kamailio/commit/52e82aa79febcdc7aa422756 > e250d402b61dfe14 > > Author: Daniel-Constantin Mierla > Committer: Daniel-Constantin Mierla > Date: 2024-01-08T20:21:02+01:00 > > gcrypt: new module for crypto functions > > - uses the GNU libgcrypt library > - implemented AES256 ECB encrypt/decrypt functions > > --- > > Added: src/modules/gcrypt/Makefile > Added: src/modules/gcrypt/README > Added: src/modules/gcrypt/doc/Makefile > Added: src/modules/gcrypt/doc/gcrypt.xml > Added: src/modules/gcrypt/doc/gcrypt_admin.xml > Added: src/modules/gcrypt/gcrypt_mod.c > > --- > > Diff: > https://github.com/kamailio/kamailio/commit/52e82aa79febcdc7aa422756 > e250d402b61dfe14.diff > Patch: > https://github.com/kamailio/kamailio/commit/52e82aa79febcdc7aa422756 > e250d402b61dfe14.patch > > ___ > Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr- > dev-le...@lists.kamailio.org ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] Re: [kamailio/kamailio] secfilter.reload does not work for destination block list (Issue #3694)
5.4.x is out of maintenance for long time, try with 5.7.x or 5.6.x and see if works. -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3694#issuecomment-1882938268 You are receiving this because you are subscribed to this thread. Message ID: ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] Re: [kamailio/kamailio] sip_trace(address, "", "t") uses the duplicate_uri for replies from auth_challenge instead of address argument in sip_trace() (Issue #3700)
Closed #3700 as completed. -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3700#event-11429309886 You are receiving this because you commented. Message ID: ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] Re: [kamailio/kamailio] sip_trace(address, "", "t") uses the duplicate_uri for replies from auth_challenge instead of address argument in sip_trace() (Issue #3700)
Likely the challenge for authentication is sent out stateless, not in a transaction. This is how the default config does it. You can try to create the transaction before the authentication challenge and see if solves it. If not, you can reopen here or continue the discussion on the mailing list for more help. -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3700#issuecomment-1882925519 You are receiving this because you commented. Message ID: ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] Re: [kamailio/kamailio] error on module (Issue #3704)
Closed #3704 as completed. -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3704#event-11429243635 You are receiving this because you are subscribed to this thread. Message ID: ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] Re: [kamailio/kamailio] error on module (Issue #3704)
As instructed in another tracker item, for questions about installing or using kamailio, you have to use sr-us...@lists.kamailio.org mailing list. The tracker is only for reporting bugs in the C code. -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3704#issuecomment-1882916614 You are receiving this because you are subscribed to this thread. Message ID: ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] [kamailio/kamailio] error on module (Issue #3704)
Hello. I am trying to install Kamailio branch devel for using Volte on open5gs. when compiled have this error: gcrypt_mod.c:36:10: fatal error: gcrypt.h: No such file or directory 36 | #include | ^~ compilation terminated. make[2]: *** [../../Makefile.rules:100: gcrypt_mod.o] Error 1 make[2]: Leaving directory '/usr/local/src/kamailio-devel/kamailio/src/modules/gcrypt' make[1]: *** [Makefile:508: modules] Error 1 make[1]: Leaving directory '/usr/local/src/kamailio-devel/kamailio/src' make: *** [Makefile:34: all] Error 2 I have installed the dependencies of crypt : libcrypto and libssl-dev. -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3704 You are receiving this because you are subscribed to this thread. Message ID: ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:587c3e33: modules: readme files regenerated - gcrypt ... [skip ci]
Module: kamailio Branch: master Commit: 587c3e337c3cbabed1373b9308065d59392a370d URL: https://github.com/kamailio/kamailio/commit/587c3e337c3cbabed1373b9308065d59392a370d Author: Kamailio Dev Committer: Kamailio Dev Date: 2024-01-09T12:17:06+01:00 modules: readme files regenerated - gcrypt ... [skip ci] --- Modified: src/modules/gcrypt/README --- Diff: https://github.com/kamailio/kamailio/commit/587c3e337c3cbabed1373b9308065d59392a370d.diff Patch: https://github.com/kamailio/kamailio/commit/587c3e337c3cbabed1373b9308065d59392a370d.patch --- diff --git a/src/modules/gcrypt/README b/src/modules/gcrypt/README index 7c4826b849b..3d7f9af4226 100644 --- a/src/modules/gcrypt/README +++ b/src/modules/gcrypt/README @@ -26,7 +26,8 @@ Daniel-Constantin Mierla 3. Parameters 3.1. init_vector (str) - 3.2. register_callid (int) + 3.2. aes_mode (int) + 3.3. register_callid (int) 4. Functions @@ -36,9 +37,10 @@ Daniel-Constantin Mierla List of Examples 1.1. Set init_vector parameter - 1.2. Set register_callid parameter - 1.3. gcrypt_aes_encrypt usage - 1.4. gcrypt_aes_decrypt usage + 1.2. Set aes_mode parameter + 1.3. Set register_callid parameter + 1.4. gcrypt_aes_encrypt usage + 1.5. gcrypt_aes_decrypt usage Chapter 1. Admin Guide @@ -53,7 +55,8 @@ Chapter 1. Admin Guide 3. Parameters 3.1. init_vector (str) -3.2. register_callid (int) +3.2. aes_mode (int) +3.3. register_callid (int) 4. Functions @@ -85,7 +88,8 @@ Chapter 1. Admin Guide 3. Parameters 3.1. init_vector (str) - 3.2. register_callid (int) + 3.2. aes_mode (int) + 3.3. register_callid (int) 3.1. init_vector (str) @@ -99,7 +103,19 @@ Chapter 1. Admin Guide modparam("gcrypt", "init_vector", "abcdefghijklmnop") ... -3.2. register_callid (int) +3.2. aes_mode (int) + + Set it to 1 in order to do AES CBC encryption mode. By default, it does + AES ECB mode. + + Default value is 0. + + Example 1.2. Set aes_mode parameter +... +modparam("gcrypt", "aes_mode", 1) +... + +3.3. register_callid (int) Set it to 1 in order to register a callback to core for generation of callid values for requests generated by Kamailio tm module. @@ -111,7 +127,7 @@ modparam("gcrypt", "init_vector", "abcdefghijklmnop") Default value is 0. - Example 1.2. Set register_callid parameter + Example 1.3. Set register_callid parameter ... modparam("gcrypt", "register_callid", 1) ... @@ -130,7 +146,7 @@ modparam("gcrypt", "register_callid", 1) This function can be used from ANY_ROUTE. - Example 1.3. gcrypt_aes_encrypt usage + Example 1.4. gcrypt_aes_encrypt usage ... gcrypt_aes_encrypt("$rb", "my-secret-key", "$var(encrypted)"); ... @@ -144,7 +160,7 @@ gcrypt_aes_encrypt("$rb", "my-secret-key", "$var(encrypted)"); This function can be used from ANY_ROUTE. - Example 1.4. gcrypt_aes_decrypt usage + Example 1.5. gcrypt_aes_decrypt usage ... gcrypt_aes_decrypt("$var(encrypted)", "my-secret-key", "$var(text)"); ... ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:2024253f: gcrypt: added aes_mode parameter
Module: kamailio Branch: master Commit: 2024253fac4c4fda48f2b0c5b9a1f9717294aa22 URL: https://github.com/kamailio/kamailio/commit/2024253fac4c4fda48f2b0c5b9a1f9717294aa22 Author: Daniel-Constantin Mierla Committer: Daniel-Constantin Mierla Date: 2024-01-09T11:56:50+01:00 gcrypt: added aes_mode parameter - specify AES encryption mode: - 0: ECB (GCRY_CIPHER_MODE_ECB) - default - 1: CBC (GCRY_CIPHER_MODE_CBC) --- Modified: src/modules/gcrypt/gcrypt_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/2024253fac4c4fda48f2b0c5b9a1f9717294aa22.diff Patch: https://github.com/kamailio/kamailio/commit/2024253fac4c4fda48f2b0c5b9a1f9717294aa22.patch --- diff --git a/src/modules/gcrypt/gcrypt_mod.c b/src/modules/gcrypt/gcrypt_mod.c index 1554154d9cc..8a5550139c8 100644 --- a/src/modules/gcrypt/gcrypt_mod.c +++ b/src/modules/gcrypt/gcrypt_mod.c @@ -53,6 +53,8 @@ static int fixup_gcrypt_aes_decrypt(void **param, int param_no); /* init vector value */ static str _gcrypt_init_vector = str_init("SIP/2.0 is RFC3261"); static int _gcrypt_register_callid = 0; +static int _gcrypt_aes_mode_param = 0; +static int _gcrypt_aes_mode = GCRY_CIPHER_MODE_ECB; /* clang-format off */ static cmd_export_t cmds[] = { @@ -66,6 +68,7 @@ static cmd_export_t cmds[] = { static param_export_t params[] = { {"init_vector", PARAM_STR, &_gcrypt_init_vector}, {"register_callid", PARAM_INT, &_gcrypt_register_callid}, + {"aes_mode", PARAM_INT, &_gcrypt_aes_mode_param}, {0, 0, 0} }; @@ -100,6 +103,9 @@ static int mod_init(void) } LM_DBG("registered crypto callid callback\n"); } + if(_gcrypt_aes_mode_param == 1) { + _gcrypt_aes_mode = GCRY_CIPHER_MODE_CBC; + } return 0; } @@ -140,7 +146,7 @@ static int ki_gcrypt_aes_encrypt_helper( gcry_ret = gcry_cipher_open(&cipher_hd, // gcry_cipher_hd_t *hd GCRY_CIPHER_AES256, // int algo - GCRY_CIPHER_MODE_ECB, // int mode + _gcrypt_aes_mode, // int mode 0); // unsigned int flags if(gcry_ret) { LM_ERR("gcry cipher open failed: %s/%s\n", gcry_strsource(gcry_ret), @@ -306,7 +312,7 @@ static int ki_gcrypt_aes_decrypt_helper( gcry_ret = gcry_cipher_open(&cipher_hd, // gcry_cipher_hd_t *hd GCRY_CIPHER_AES256, // int algo - GCRY_CIPHER_MODE_ECB, // int mode + _gcrypt_aes_mode, // int mode 0); // unsigned int flags if(gcry_ret) { LM_ERR("gcry cipher open failed: %s/%s\n", gcry_strsource(gcry_ret), ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:33a0eeb4: gcrypt: docs for aes_mode parameters
Module: kamailio Branch: master Commit: 33a0eeb40cb6be28c7921ccb61dcede1ebce4bad URL: https://github.com/kamailio/kamailio/commit/33a0eeb40cb6be28c7921ccb61dcede1ebce4bad Author: Daniel-Constantin Mierla Committer: Daniel-Constantin Mierla Date: 2024-01-09T12:00:41+01:00 gcrypt: docs for aes_mode parameters --- Modified: src/modules/gcrypt/doc/gcrypt_admin.xml --- Diff: https://github.com/kamailio/kamailio/commit/33a0eeb40cb6be28c7921ccb61dcede1ebce4bad.diff Patch: https://github.com/kamailio/kamailio/commit/33a0eeb40cb6be28c7921ccb61dcede1ebce4bad.patch --- diff --git a/src/modules/gcrypt/doc/gcrypt_admin.xml b/src/modules/gcrypt/doc/gcrypt_admin.xml index b88781425cf..533ec5c80f9 100644 --- a/src/modules/gcrypt/doc/gcrypt_admin.xml +++ b/src/modules/gcrypt/doc/gcrypt_admin.xml @@ -75,6 +75,27 @@ modparam("gcrypt", "init_vector", "abcdefghijklmnop") + + aes_mode (int) + + Set it to 1 in order to do AES CBC encryption mode. By default, + it does AES ECB mode. + + + + Default value is 0. + + + + Set aes_mode parameter + +... +modparam("gcrypt", "aes_mode", 1) +... + + + + register_callid (int) ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:e73b07e9: tls: thread-local, revert 1a9b0b6361 as double-layer locking is redundant
Module: kamailio Branch: 5.7 Commit: e73b07e9835ba5f0b89065616d8cd6390898d700 URL: https://github.com/kamailio/kamailio/commit/e73b07e9835ba5f0b89065616d8cd6390898d700 Author: S-P Chan Committer: Richard Chan Date: 2024-01-09T10:18:55+08:00 tls: thread-local, revert 1a9b0b6361 as double-layer locking is redundant - the 2nd lock was put in place as defensive programming for shm contention - GH #3695: the underlying issue is early init of thread-locals (cherry-pick from 1c70775530b1a3a905e8a983610cb0d092b0d240) --- Modified: src/modules/tls/tls_init.c --- Diff: https://github.com/kamailio/kamailio/commit/e73b07e9835ba5f0b89065616d8cd6390898d700.diff Patch: https://github.com/kamailio/kamailio/commit/e73b07e9835ba5f0b89065616d8cd6390898d700.patch --- diff --git a/src/modules/tls/tls_init.c b/src/modules/tls/tls_init.c index 2d5a9e19420..58289c626c4 100644 --- a/src/modules/tls/tls_init.c +++ b/src/modules/tls/tls_init.c @@ -259,9 +259,6 @@ static void *ser_malloc(size_t size, const char *file, int line) static ticks_t st = 0; #endif - if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM) - pthread_mutex_lock(ksr_tls_lock_shm); - #ifdef RAND_NULL_MALLOC /* start random null returns only after * NULL_GRACE_PERIOD from first call */ @@ -289,8 +286,6 @@ static void *ser_malloc(size_t size, const char *file, int line) size, file, line, bt_buf); } #endif - if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM) - pthread_mutex_unlock(ksr_tls_lock_shm); return p; } @@ -304,9 +299,6 @@ static void *ser_realloc(void *ptr, size_t size, const char *file, int line) static ticks_t st = 0; #endif - if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM) - pthread_mutex_lock(ksr_tls_lock_shm); - #ifdef RAND_NULL_MALLOC /* start random null returns only after * NULL_GRACE_PERIOD from first call */ @@ -335,21 +327,14 @@ static void *ser_realloc(void *ptr, size_t size, const char *file, int line) } #endif - if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM) - pthread_mutex_unlock(ksr_tls_lock_shm); - return p; } static void ser_free(void *ptr, const char *fname, int fline) { - if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM) - pthread_mutex_lock(ksr_tls_lock_shm); if(ptr) { shm_free(ptr); } - if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM) - pthread_mutex_unlock(ksr_tls_lock_shm); } #endif /* LIBRESSL_VERSION_NUMBER */ @@ -363,11 +348,7 @@ static void *ser_malloc(size_t size) { void *p; - if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM) - pthread_mutex_lock(ksr_tls_lock_shm); p = shm_malloc(size); - if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM) - pthread_mutex_unlock(ksr_tls_lock_shm); return p; } @@ -375,22 +356,14 @@ static void *ser_malloc(size_t size) static void *ser_realloc(void *ptr, size_t size) { void *p; - if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM) - pthread_mutex_lock(ksr_tls_lock_shm); p = shm_realloc(ptr, size); - if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM) - pthread_mutex_unlock(ksr_tls_lock_shm); return p; } #else static void *ser_malloc(size_t size, const char *fname, int fline) { void *p; - if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM) - pthread_mutex_lock(ksr_tls_lock_shm); p = shm_malloc(size); - if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM) - pthread_mutex_unlock(ksr_tls_lock_shm); return p; } @@ -398,11 +371,7 @@ static void *ser_malloc(size_t size, const char *fname, int fline) static void *ser_realloc(void *ptr, size_t size, const char *fname, int fline) { void *p; - if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM) - pthread_mutex_lock(ksr_tls_lock_shm); p = shm_realloc(ptr, size); - if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM) - pthread_mutex_unlock(ksr_tls_lock_shm); return p; } #endif @@ -419,24 +388,16 @@ static void ser_free(void *ptr) * As shm_free() aborts on null pointers, we have to check for null pointer * here in the wrapper function. */ - if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM) - pthread_mutex_lock(ksr_tls_lock_shm); if(ptr) { shm_free(ptr); } - if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM) - pthread_mutex_unlock(ksr_tls_lock_shm); } #else static void ser_free(void *ptr, const char *fname, int fline) { - if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM) - pthread_mutex_lock(ksr_tls_lock_shm); if(ptr) { shm_free(ptr); } - if(ksr
[sr-dev] git:5.7:ed2d7035: tls: OpenSSL 3.x thread-local, init libssl in thread or PROC_SIPINIT
Module: kamailio Branch: 5.7 Commit: ed2d70359723458089dd8a62fe1e37a60dd83869 URL: https://github.com/kamailio/kamailio/commit/ed2d70359723458089dd8a62fe1e37a60dd83869 Author: S-P Chan Committer: Richard Chan Date: 2024-01-09T10:12:59+08:00 tls: OpenSSL 3.x thread-local, init libssl in thread or PROC_SIPINIT - avoid initialising ERR_STATE in rank 0(thread#1) (cherry-pick from e49a60e1052c6c1dcebe7f78f2ac970338eabe2e) --- Modified: src/modules/tls/tls_init.c Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/ed2d70359723458089dd8a62fe1e37a60dd83869.diff Patch: https://github.com/kamailio/kamailio/commit/ed2d70359723458089dd8a62fe1e37a60dd83869.patch --- diff --git a/src/modules/tls/tls_init.c b/src/modules/tls/tls_init.c index 57be9cad814..0bc12d31b4a 100644 --- a/src/modules/tls/tls_init.c +++ b/src/modules/tls/tls_init.c @@ -769,6 +769,44 @@ int tls_pre_init(void) * tls mod pre-init function * - executed before any mod_init() */ +long tls_h_mod_randctx(void *) { +do { +OSSL_LIB_CTX *osslglobal = NULL; +EVP_RAND_CTX *randctx = NULL; + +LM_DBG("enabling locking for rand ctx\n"); + +osslglobal = OSSL_LIB_CTX_get0_global_default(); +if(osslglobal == NULL) { +LM_ERR("failed to get lib ssl global ctx\n"); +return -1L; +} + +randctx = RAND_get0_primary(osslglobal); +if(randctx == NULL) { +LM_ERR("primary rand ctx is null\n"); +return -1L; +} +EVP_RAND_enable_locking(randctx); + +randctx = RAND_get0_public(osslglobal); +if(randctx == NULL) { +LM_ERR("public rand ctx is null\n"); +return -1L; +} +EVP_RAND_enable_locking(randctx); + +randctx = RAND_get0_private(osslglobal); +if(randctx == NULL) { +LM_ERR("private rand ctx is null\n"); +return -1L; +} +EVP_RAND_enable_locking(randctx); +} while(0); + +return 0L; +} + int tls_h_mod_pre_init_f(void) { if(tls_mod_preinitialized == 1) { @@ -782,7 +820,9 @@ int tls_h_mod_pre_init_f(void) LM_DBG("preparing tls env for modules initialization\n"); #if OPENSSL_VERSION_NUMBER >= 0x01010L && !defined(LIBRESSL_VERSION_NUMBER) LM_DBG("preparing tls env for modules initialization (libssl >=1.1)\n"); -#if OPENSSL_VERSION_NUMBER >= 0x010101000L +#if OPENSSL_VERSION_NUMBER >= 0x03000L +// skip init for 3.x +#elif OPENSSL_VERSION_NUMBER >= 0x010101000L OPENSSL_init_ssl(OPENSSL_INIT_ATFORK, NULL); #else OPENSSL_init_ssl(0, NULL); @@ -791,42 +831,17 @@ int tls_h_mod_pre_init_f(void) LM_DBG("preparing tls env for modules initialization (libssl <=1.0)\n"); SSL_library_init(); #endif +#if OPENSSL_VERSION_NUMBER < 0x03000L SSL_load_error_strings(); +#endif #if OPENSSL_VERSION_NUMBER >= 0x03000L - do { - OSSL_LIB_CTX *osslglobal = NULL; - EVP_RAND_CTX *randctx = NULL; - - LM_DBG("enabling locking for rand ctx\n"); - - osslglobal = OSSL_LIB_CTX_get0_global_default(); - if(osslglobal == NULL) { - LM_ERR("failed to get lib ssl global ctx\n"); - return -1; - } - - randctx = RAND_get0_primary(osslglobal); - if(randctx == NULL) { - LM_ERR("primary rand ctx is null\n"); - return -1; - } - EVP_RAND_enable_locking(randctx); - - randctx = RAND_get0_public(osslglobal); - if(randctx == NULL) { - LM_ERR("public rand ctx is null\n"); - return -1; - } - EVP_RAND_enable_locking(randctx); - - randctx = RAND_get0_private(osslglobal); - if(randctx == NULL) { - LM_ERR("private rand ctx is null\n"); - return -1; - } - EVP_RAND_enable_locking(randctx); - } while(0); +pthread_t tid; +long rl; +pthread_create(&tid, NULL, (void *(*)(void *))tls_h_mod_randctx, NULL); +pthread_join(tid, (void **)&rl); +if ((int)rl) +return (int)rl; #endif tls_mod_preinitialized = 1; diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 3a047769ca4..1e74ba0e309 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -440,7 +440,16 @@ static int mod_child(int rank) /* fix tls config only from the main proc/PROC_INIT., when we know * the exact process number and before any other process starts*/ - if(rank == PROC_INIT) { + +#if OPENSSL_VERSION_NUMBER >= 0x03000L +/* + * OpenSSL 3.x: create shared SSL_CTX* in worker to avoid init of + * libssl in rank 0(t
[sr-dev] git:5.7:90ea4120: tls: fix compilation with OpenSSL <= 1.1.1
Module: kamailio Branch: 5.7 Commit: 90ea4120c04cb70f858f417309ee4fab71a070e7 URL: https://github.com/kamailio/kamailio/commit/90ea4120c04cb70f858f417309ee4fab71a070e7 Author: S-P Chan Committer: Richard Chan Date: 2024-01-09T10:18:55+08:00 tls: fix compilation with OpenSSL <= 1.1.1 (cherry-pick from 7111687e1107261bcdd7a9f8cc90959754c93272) --- Modified: src/modules/tls/tls_init.c --- Diff: https://github.com/kamailio/kamailio/commit/90ea4120c04cb70f858f417309ee4fab71a070e7.diff Patch: https://github.com/kamailio/kamailio/commit/90ea4120c04cb70f858f417309ee4fab71a070e7.patch --- diff --git a/src/modules/tls/tls_init.c b/src/modules/tls/tls_init.c index 0bc12d31b4a..872fdb206dc 100644 --- a/src/modules/tls/tls_init.c +++ b/src/modules/tls/tls_init.c @@ -769,6 +769,7 @@ int tls_pre_init(void) * tls mod pre-init function * - executed before any mod_init() */ +#if OPENSSL_VERSION_NUMBER >= 0x03000L long tls_h_mod_randctx(void *) { do { OSSL_LIB_CTX *osslglobal = NULL; @@ -806,6 +807,7 @@ long tls_h_mod_randctx(void *) { return 0L; } +#endif int tls_h_mod_pre_init_f(void) { ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:fe096868: outbound: OpenSSL 1.1.1 thread-local, init libssl in thread
Module: kamailio Branch: 5.7 Commit: fe0968687d5ee7918f6a18591623fcb1b5fe2004 URL: https://github.com/kamailio/kamailio/commit/fe0968687d5ee7918f6a18591623fcb1b5fe2004 Author: S-P Chan Committer: Richard Chan Date: 2024-01-09T10:18:55+08:00 outbound: OpenSSL 1.1.1 thread-local, init libssl in thread (cherry-pick from 689de2736f5c92f11860e5854ccd95c84239f032) --- Modified: src/modules/outbound/outbound_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/fe0968687d5ee7918f6a18591623fcb1b5fe2004.diff Patch: https://github.com/kamailio/kamailio/commit/fe0968687d5ee7918f6a18591623fcb1b5fe2004.patch --- diff --git a/src/modules/outbound/outbound_mod.c b/src/modules/outbound/outbound_mod.c index 00c0a66f73b..a797eb8132e 100644 --- a/src/modules/outbound/outbound_mod.c +++ b/src/modules/outbound/outbound_mod.c @@ -110,7 +110,7 @@ static int mod_init(void) } ob_key.len = OB_KEY_LEN; -#if OPENSSL_VERSION_NUMBER < 0x03000L +#if OPENSSL_VERSION_NUMBER < 0x010101000L mod_init_openssl(NULL); #else pthread_t tid; ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:1eb1d50e: outbound: build, fix missing argument name
Module: kamailio Branch: 5.7 Commit: 1eb1d50e676fe8f81521c209f37ffe907fa9cf94 URL: https://github.com/kamailio/kamailio/commit/1eb1d50e676fe8f81521c209f37ffe907fa9cf94 Author: S-P Chan Committer: Richard Chan Date: 2024-01-09T10:18:55+08:00 outbound: build, fix missing argument name (cherry-pick from 4708f537d7f5d28123b48cd89474a4931dd698ad) --- Modified: src/modules/outbound/outbound_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/1eb1d50e676fe8f81521c209f37ffe907fa9cf94.diff Patch: https://github.com/kamailio/kamailio/commit/1eb1d50e676fe8f81521c209f37ffe907fa9cf94.patch --- diff --git a/src/modules/outbound/outbound_mod.c b/src/modules/outbound/outbound_mod.c index a797eb8132e..32f10f6cdb9 100644 --- a/src/modules/outbound/outbound_mod.c +++ b/src/modules/outbound/outbound_mod.c @@ -75,7 +75,7 @@ struct module_exports exports = { destroy /* destroy function */ }; -static void *mod_init_openssl(void *) { +static void *mod_init_openssl(void *arg) { if(flow_token_secret.s) { assert(ob_key.len == SHA_DIGEST_LENGTH); LM_DBG("flow_token_secret mod param set. use persistent ob_key"); ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:7060ad2b: tls: OpenSSL 3.x/1.1.1 thread-local, clean-up dead code and preprocessor blocks
Module: kamailio Branch: 5.7 Commit: 7060ad2b0ebf90288be9d8d7e9d789ccbb3aebdc URL: https://github.com/kamailio/kamailio/commit/7060ad2b0ebf90288be9d8d7e9d789ccbb3aebdc Author: S-P Chan Committer: Richard Chan Date: 2024-01-09T10:18:55+08:00 tls: OpenSSL 3.x/1.1.1 thread-local, clean-up dead code and preprocessor blocks (cherry-pick from 798cc26908395d2ba21015684ad6f0ac4f012b2e) --- Modified: src/modules/tls/tls_init.c Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/7060ad2b0ebf90288be9d8d7e9d789ccbb3aebdc.diff Patch: https://github.com/kamailio/kamailio/commit/7060ad2b0ebf90288be9d8d7e9d789ccbb3aebdc.patch --- diff --git a/src/modules/tls/tls_init.c b/src/modules/tls/tls_init.c index 58289c626c4..65f5ae72c65 100644 --- a/src/modules/tls/tls_init.c +++ b/src/modules/tls/tls_init.c @@ -783,12 +783,7 @@ int tls_h_mod_pre_init_f(void) LM_DBG("preparing tls env for modules initialization\n"); #if OPENSSL_VERSION_NUMBER >= 0x01010L && !defined(LIBRESSL_VERSION_NUMBER) LM_DBG("preparing tls env for modules initialization (libssl >=1.1)\n"); -#if OPENSSL_VERSION_NUMBER >= 0x03000L -// skip init for 3.x -#elif OPENSSL_VERSION_NUMBER >= 0x010101000L -//not needed on Linux - //OPENSSL_init_ssl(OPENSSL_INIT_ATFORK, NULL); -#else +#if OPENSSL_VERSION_NUMBER < 0x01010L OPENSSL_init_ssl(0, NULL); #endif #else diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 03874edabba..7cad1b046e4 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -438,20 +438,9 @@ static int mod_child(int rank) if(tls_disable || (tls_domains_cfg == 0)) return 0; - /* fix tls config only from the main proc/PROC_INIT., when we know -* the exact process number and before any other process starts*/ -if(rank == PROC_INIT) { -#if OPENSSL_VERSION_NUMBER >= 0x010101000L \ -&& OPENSSL_VERSION_NUMBER < 0x03000L -if(ksr_tls_init_mode & TLS_MODE_FORK_PREPARE) { -// not needed on Linux: OPENSSL_fork_prepare(); -} -#endif -} - #if OPENSSL_VERSION_NUMBER >= 0x010101000L /* - * OpenSSL 3.x: create shared SSL_CTX* in worker to avoid init of + * OpenSSL 3.x/1.1.1: create shared SSL_CTX* in worker to avoid init of * libssl in rank 0(thread#1) */ if(rank == PROC_SIPINIT) { @@ -471,22 +460,6 @@ static int mod_child(int rank) return 0; } -#if OPENSSL_VERSION_NUMBER >= 0x010101000L \ - && OPENSSL_VERSION_NUMBER < 0x03000L - if(ksr_tls_init_mode & TLS_MODE_FORK_PREPARE) { - if(rank == PROC_POSTCHILDINIT) { - /* -* this is called after forking of all child processes -*/ - // not needed on Linux: OPENSSL_fork_parent(); - return 0; - } - if(!_ksr_is_main) { -// not needed on Linux: OPENSSL_fork_child(); - } - } -#endif - #ifndef OPENSSL_NO_ENGINE /* * after the child is fork()ed we go through the TLS domains @@ -514,6 +487,11 @@ static void mod_destroy(void) * => nothing to do here */ } +/* + * GH #3695: OpenSSL 1.1.1: it is no longer necessary to replace RAND + * - early init in rank 0 causes workers to inherit public_drbg/private_drbg + * which are not thread-safe + */ int ksr_rand_engine_param(modparam_t type, void *val) { @@ -690,12 +668,10 @@ int mod_register(char *path, int *dlflags, void *p1, void *p2) register_tls_hooks(&tls_h); -#if OPENSSL_VERSION_NUMBER >= 0x1010L \ - && OPENSSL_VERSION_NUMBER < 0x03000L - LM_DBG("setting cryptorand random engine\n"); - // RAND_set_rand_method(RAND_ksr_cryptorand_method()); -#endif - +/* + * GH #3695: OpenSSL 1.1.1 historical note: it is no longer + * needed to replace RAND with cryptorand + */ sr_kemi_modules_add(sr_kemi_tls_exports); return 0; ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:c011f518: tls: OpenSSL 1.1.1 thread-local, init libssl in thread
Module: kamailio Branch: 5.7 Commit: c011f518b083fc2f7da3a08a2c1a306c6122b04c URL: https://github.com/kamailio/kamailio/commit/c011f518b083fc2f7da3a08a2c1a306c6122b04c Author: S-P Chan Committer: Richard Chan Date: 2024-01-09T10:18:55+08:00 tls: OpenSSL 1.1.1 thread-local, init libssl in thread - no need for RAND workaround; default is OpenSSL 1.1.1 RAND - linux/pthreads will handle forking (cherry-pick from 7b531cfe038fae5e3414ac74c4e076c10e32b86c) --- Modified: src/modules/tls/tls_init.c Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/c011f518b083fc2f7da3a08a2c1a306c6122b04c.diff Patch: https://github.com/kamailio/kamailio/commit/c011f518b083fc2f7da3a08a2c1a306c6122b04c.patch --- diff --git a/src/modules/tls/tls_init.c b/src/modules/tls/tls_init.c index 872fdb206dc..2d5a9e19420 100644 --- a/src/modules/tls/tls_init.c +++ b/src/modules/tls/tls_init.c @@ -825,7 +825,8 @@ int tls_h_mod_pre_init_f(void) #if OPENSSL_VERSION_NUMBER >= 0x03000L // skip init for 3.x #elif OPENSSL_VERSION_NUMBER >= 0x010101000L - OPENSSL_init_ssl(OPENSSL_INIT_ATFORK, NULL); +//not needed on Linux + //OPENSSL_init_ssl(OPENSSL_INIT_ATFORK, NULL); #else OPENSSL_init_ssl(0, NULL); #endif @@ -833,7 +834,7 @@ int tls_h_mod_pre_init_f(void) LM_DBG("preparing tls env for modules initialization (libssl <=1.0)\n"); SSL_library_init(); #endif -#if OPENSSL_VERSION_NUMBER < 0x03000L +#if OPENSSL_VERSION_NUMBER < 0x010101000L SSL_load_error_strings(); #endif diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 1e74ba0e309..03874edabba 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -440,8 +440,16 @@ static int mod_child(int rank) /* fix tls config only from the main proc/PROC_INIT., when we know * the exact process number and before any other process starts*/ +if(rank == PROC_INIT) { +#if OPENSSL_VERSION_NUMBER >= 0x010101000L \ +&& OPENSSL_VERSION_NUMBER < 0x03000L +if(ksr_tls_init_mode & TLS_MODE_FORK_PREPARE) { +// not needed on Linux: OPENSSL_fork_prepare(); +} +#endif +} -#if OPENSSL_VERSION_NUMBER >= 0x03000L +#if OPENSSL_VERSION_NUMBER >= 0x010101000L /* * OpenSSL 3.x: create shared SSL_CTX* in worker to avoid init of * libssl in rank 0(thread#1) @@ -460,12 +468,6 @@ static int mod_child(int rank) < 0) return -1; } -#if OPENSSL_VERSION_NUMBER >= 0x010101000L \ - && OPENSSL_VERSION_NUMBER < 0x03000L - if(ksr_tls_init_mode & TLS_MODE_FORK_PREPARE) { - OPENSSL_fork_prepare(); - } -#endif return 0; } @@ -476,11 +478,11 @@ static int mod_child(int rank) /* * this is called after forking of all child processes */ - OPENSSL_fork_parent(); + // not needed on Linux: OPENSSL_fork_parent(); return 0; } if(!_ksr_is_main) { - OPENSSL_fork_child(); +// not needed on Linux: OPENSSL_fork_child(); } } #endif @@ -691,7 +693,7 @@ int mod_register(char *path, int *dlflags, void *p1, void *p2) #if OPENSSL_VERSION_NUMBER >= 0x1010L \ && OPENSSL_VERSION_NUMBER < 0x03000L LM_DBG("setting cryptorand random engine\n"); - RAND_set_rand_method(RAND_ksr_cryptorand_method()); + // RAND_set_rand_method(RAND_ksr_cryptorand_method()); #endif sr_kemi_modules_add(sr_kemi_tls_exports); ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:31e42aad: outbound: OpenSSL 3.x thread-local, init libssl in thread
Module: kamailio Branch: 5.7 Commit: 31e42aade0a42aac8a128a4af3f37edb23bb3ab8 URL: https://github.com/kamailio/kamailio/commit/31e42aade0a42aac8a128a4af3f37edb23bb3ab8 Author: S-P Chan Committer: Richard Chan Date: 2024-01-09T10:18:55+08:00 outbound: OpenSSL 3.x thread-local, init libssl in thread (cherry-pick from 4742c8131aba878c4fc954e42b656b9d4bafdd24) --- Modified: src/modules/outbound/outbound_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/31e42aade0a42aac8a128a4af3f37edb23bb3ab8.diff Patch: https://github.com/kamailio/kamailio/commit/31e42aade0a42aac8a128a4af3f37edb23bb3ab8.patch --- diff --git a/src/modules/outbound/outbound_mod.c b/src/modules/outbound/outbound_mod.c index 4e408e22356..00c0a66f73b 100644 --- a/src/modules/outbound/outbound_mod.c +++ b/src/modules/outbound/outbound_mod.c @@ -75,6 +75,23 @@ struct module_exports exports = { destroy /* destroy function */ }; +static void *mod_init_openssl(void *) { +if(flow_token_secret.s) { +assert(ob_key.len == SHA_DIGEST_LENGTH); +LM_DBG("flow_token_secret mod param set. use persistent ob_key"); +SHA1((const unsigned char *)flow_token_secret.s, flow_token_secret.len, + (unsigned char *)ob_key.s); +} else { +if(RAND_bytes((unsigned char *)ob_key.s, ob_key.len) == 0) { +LM_ERR("unable to get %d cryptographically strong pseudo-" + "random bytes\n", + ob_key.len); +} +} + +return NULL; +} + static int mod_init(void) { if(ob_force_flag != -1 && !flag_in_range(ob_force_flag)) { @@ -93,18 +110,14 @@ static int mod_init(void) } ob_key.len = OB_KEY_LEN; - if(flow_token_secret.s) { - assert(ob_key.len == SHA_DIGEST_LENGTH); - LM_DBG("flow_token_secret mod param set. use persistent ob_key"); - SHA1((const unsigned char *)flow_token_secret.s, flow_token_secret.len, - (unsigned char *)ob_key.s); - } else { - if(RAND_bytes((unsigned char *)ob_key.s, ob_key.len) == 0) { - LM_ERR("unable to get %d cryptographically strong pseudo-" - "random bytes\n", - ob_key.len); - } - } +#if OPENSSL_VERSION_NUMBER < 0x03000L +mod_init_openssl(NULL); +#else +pthread_t tid; +void *retval; +pthread_create(&tid, NULL, mod_init_openssl, NULL); +pthread_join(tid, &retval); +#endif if(cfg_declare("outbound", outbound_cfg_def, &default_outbound_cfg, cfg_sizeof(outbound), &outbound_cfg)) { ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:977e4f3e: modules: readme files regenerated - gcrypt ... [skip ci]
Module: kamailio Branch: master Commit: 977e4f3e4d2a002f8aed55035c4ab6c3ee9ea1b8 URL: https://github.com/kamailio/kamailio/commit/977e4f3e4d2a002f8aed55035c4ab6c3ee9ea1b8 Author: Kamailio Dev Committer: Kamailio Dev Date: 2024-01-09T11:02:08+01:00 modules: readme files regenerated - gcrypt ... [skip ci] --- Modified: src/modules/gcrypt/README --- Diff: https://github.com/kamailio/kamailio/commit/977e4f3e4d2a002f8aed55035c4ab6c3ee9ea1b8.diff Patch: https://github.com/kamailio/kamailio/commit/977e4f3e4d2a002f8aed55035c4ab6c3ee9ea1b8.patch --- diff --git a/src/modules/gcrypt/README b/src/modules/gcrypt/README index f836521537c..7c4826b849b 100644 --- a/src/modules/gcrypt/README +++ b/src/modules/gcrypt/README @@ -26,6 +26,7 @@ Daniel-Constantin Mierla 3. Parameters 3.1. init_vector (str) + 3.2. register_callid (int) 4. Functions @@ -35,8 +36,9 @@ Daniel-Constantin Mierla List of Examples 1.1. Set init_vector parameter - 1.2. gcrypt_aes_encrypt usage - 1.3. gcrypt_aes_decrypt usage + 1.2. Set register_callid parameter + 1.3. gcrypt_aes_encrypt usage + 1.4. gcrypt_aes_decrypt usage Chapter 1. Admin Guide @@ -51,6 +53,7 @@ Chapter 1. Admin Guide 3. Parameters 3.1. init_vector (str) +3.2. register_callid (int) 4. Functions @@ -82,6 +85,7 @@ Chapter 1. Admin Guide 3. Parameters 3.1. init_vector (str) + 3.2. register_callid (int) 3.1. init_vector (str) @@ -92,7 +96,24 @@ Chapter 1. Admin Guide Example 1.1. Set init_vector parameter ... -modparam("crypto", "init_vector", "abcdefghijklmnop") +modparam("gcrypt", "init_vector", "abcdefghijklmnop") +... + +3.2. register_callid (int) + + Set it to 1 in order to register a callback to core for generation of + callid values for requests generated by Kamailio tm module. + + This callid generator uses libcrypt random and hashing functions for + generating RFC 4122 version 4 UUID with high quality entropy. It is + useful when wanting to have new callids that cannot be predicted from + previous values. + + Default value is 0. + + Example 1.2. Set register_callid parameter +... +modparam("gcrypt", "register_callid", 1) ... 4. Functions @@ -109,7 +130,7 @@ modparam("crypto", "init_vector", "abcdefghijklmnop") This function can be used from ANY_ROUTE. - Example 1.2. gcrypt_aes_encrypt usage + Example 1.3. gcrypt_aes_encrypt usage ... gcrypt_aes_encrypt("$rb", "my-secret-key", "$var(encrypted)"); ... @@ -123,7 +144,7 @@ gcrypt_aes_encrypt("$rb", "my-secret-key", "$var(encrypted)"); This function can be used from ANY_ROUTE. - Example 1.3. gcrypt_aes_decrypt usage + Example 1.4. gcrypt_aes_decrypt usage ... gcrypt_aes_decrypt("$var(encrypted)", "my-secret-key", "$var(text)"); ... ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:4d969662: gcrypt: docs for register_callid parameter
Module: kamailio Branch: master Commit: 4d96966272761816d16b40dc68adf3b24e79fbaf URL: https://github.com/kamailio/kamailio/commit/4d96966272761816d16b40dc68adf3b24e79fbaf Author: Daniel-Constantin Mierla Committer: Daniel-Constantin Mierla Date: 2024-01-09T10:52:24+01:00 gcrypt: docs for register_callid parameter --- Modified: src/modules/gcrypt/doc/gcrypt_admin.xml --- Diff: https://github.com/kamailio/kamailio/commit/4d96966272761816d16b40dc68adf3b24e79fbaf.diff Patch: https://github.com/kamailio/kamailio/commit/4d96966272761816d16b40dc68adf3b24e79fbaf.patch --- diff --git a/src/modules/gcrypt/doc/gcrypt_admin.xml b/src/modules/gcrypt/doc/gcrypt_admin.xml index 523364318d5..b88781425cf 100644 --- a/src/modules/gcrypt/doc/gcrypt_admin.xml +++ b/src/modules/gcrypt/doc/gcrypt_admin.xml @@ -70,7 +70,33 @@ Set init_vector parameter ... -modparam("crypto", "init_vector", "abcdefghijklmnop") +modparam("gcrypt", "init_vector", "abcdefghijklmnop") +... + + + + + register_callid (int) + + Set it to 1 in order to register a callback to core for generation + of callid values for requests generated by &kamailio; tm module. + + + This callid generator uses libcrypt random and hashing functions + for generating RFC 4122 version 4 UUID with high quality entropy. + It is useful when wanting to have new callids that cannot be + predicted from previous values. + + + + Default value is 0. + + + + Set register_callid parameter + +... +modparam("gcrypt", "register_callid", 1) ... ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:fae3632a: gcrypt: added functions to generate random call-id in uuid format
Module: kamailio Branch: master Commit: fae3632a224cde753c2a6e3d1d2a72b6e9aa9ceb URL: https://github.com/kamailio/kamailio/commit/fae3632a224cde753c2a6e3d1d2a72b6e9aa9ceb Author: Daniel-Constantin Mierla Committer: Daniel-Constantin Mierla Date: 2024-01-09T10:49:48+01:00 gcrypt: added functions to generate random call-id in uuid format - alternative to the option offered by crypto module --- Added: src/modules/gcrypt/gcrypt_uuid.c Added: src/modules/gcrypt/gcrypt_uuid.h Modified: src/modules/gcrypt/gcrypt_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/fae3632a224cde753c2a6e3d1d2a72b6e9aa9ceb.diff Patch: https://github.com/kamailio/kamailio/commit/fae3632a224cde753c2a6e3d1d2a72b6e9aa9ceb.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] Re: [kamailio/kamailio] error on make cdp module (Issue #3701)
You are missing lib dependencies. Please use user mailing list for questions. -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3701#issuecomment-1882711653 You are receiving this because you are subscribed to this thread. Message ID: ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] Re: [kamailio/kamailio] error on make cdp module (Issue #3701)
Closed #3701 as not planned. -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3701#event-11427714757 You are receiving this because you are subscribed to this thread. Message ID: ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] Re: [kamailio/kamailio] error on make cdp module (Issue #3701)
Also in devel branch have error for ruby modul app_ruby_api.h:26:10: fatal error: ruby.h: No such file or directory 26 | #include | ^~~~ compilation terminated. make[2]: *** [../../Makefile.rules:100: app_ruby_api.o] Error 1 make[2]: Leaving directory '/usr/local/src/kamailio-devel/kamailio/src/modules/app_ruby_proc' make[1]: *** [Makefile:508: modules] Error 1 make[1]: Leaving directory '/usr/local/src/kamailio-devel/kamailio/src' make: *** [Makefile:34: all] Error 2 -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3701#issuecomment-1882595963 You are receiving this because you are subscribed to this thread. Message ID: ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org