[sr-dev] git:5.8:dbe51dc4: db_mysql: fix check for enum MYSQL_OPT_SSL_CA for CentOS 7/5.5.x
Module: kamailio Branch: 5.8 Commit: dbe51dc4ee53f6e4f00450745db709a9d741c481 URL: https://github.com/kamailio/kamailio/commit/dbe51dc4ee53f6e4f00450745db709a9d741c481 Author: S-P Chan Committer: S-P Chan Date: 2024-07-09T13:40:05+08:00 db_mysql: fix check for enum MYSQL_OPT_SSL_CA for CentOS 7/5.5.x - MYSQL_OPT_SSL_CA is an enum not a macro - base check on MYSQL_VERSION_ID - 50568 used in CentOS 7 Addresses #3910 (cherry-picked from commit 92cfedaaffb034db536f3bcf68695b433db92706) --- Modified: src/modules/db_mysql/km_my_con.c --- Diff: https://github.com/kamailio/kamailio/commit/dbe51dc4ee53f6e4f00450745db709a9d741c481.diff Patch: https://github.com/kamailio/kamailio/commit/dbe51dc4ee53f6e4f00450745db709a9d741c481.patch --- diff --git a/src/modules/db_mysql/km_my_con.c b/src/modules/db_mysql/km_my_con.c index 240d3f59a76..37508ce24c0 100644 --- a/src/modules/db_mysql/km_my_con.c +++ b/src/modules/db_mysql/km_my_con.c @@ -179,14 +179,14 @@ struct my_con *db_mysql_new_connection(const struct db_id *id) #endif /* MYSQL_VERSION_ID */ #endif /* MARIADB_BASE_VERSION */ -#ifdef MYSQL_OPT_SSL_CA +#if(MYSQL_VERSION_ID >= 50600) if(db_mysql_opt_ssl_ca) mysql_options( ptr->con, MYSQL_OPT_SSL_CA, (const void *)db_mysql_opt_ssl_ca); #else - LM_DBG("opt_ssl_ca option not supported by mysql version (value %s) - " + LM_DBG("opt_ssl_ca option not supported by mysql version (value %d) - " "ignoring\n", - db_mysql_opt_ssl_ca); + MYSQL_VERSION_ID); #endif /* MYSQL_OPT_SSL_CA */ #ifdef KSR_MYSQL_OPT_RECONNECT ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:0fc0c7b3: Revert "db_mysql: fix check for enum MYSQL_OPT_SSL_CA for CentOS 7/5.5.x"
Module: kamailio Branch: master Commit: 0fc0c7b3d3d6ded300c46f504406447670fee4e8 URL: https://github.com/kamailio/kamailio/commit/0fc0c7b3d3d6ded300c46f504406447670fee4e8 Author: S-P Chan Committer: S-P Chan Date: 2024-07-09T10:50:14+08:00 Revert "db_mysql: fix check for enum MYSQL_OPT_SSL_CA for CentOS 7/5.5.x" This reverts commit 5b2be5e2c716ad8f8502b3be3db5194eb8474d39. The commit should check >= not < --- Modified: src/modules/db_mysql/km_my_con.c --- Diff: https://github.com/kamailio/kamailio/commit/0fc0c7b3d3d6ded300c46f504406447670fee4e8.diff Patch: https://github.com/kamailio/kamailio/commit/0fc0c7b3d3d6ded300c46f504406447670fee4e8.patch --- diff --git a/src/modules/db_mysql/km_my_con.c b/src/modules/db_mysql/km_my_con.c index 21ac5023c81..240d3f59a76 100644 --- a/src/modules/db_mysql/km_my_con.c +++ b/src/modules/db_mysql/km_my_con.c @@ -179,15 +179,15 @@ struct my_con *db_mysql_new_connection(const struct db_id *id) #endif /* MYSQL_VERSION_ID */ #endif /* MARIADB_BASE_VERSION */ -#if(MYSQL_VERSION_ID < 50600) +#ifdef MYSQL_OPT_SSL_CA if(db_mysql_opt_ssl_ca) mysql_options( ptr->con, MYSQL_OPT_SSL_CA, (const void *)db_mysql_opt_ssl_ca); #else - LM_DBG("opt_ssl_ca option not supported by mysql version (value %s:%d) - " + LM_DBG("opt_ssl_ca option not supported by mysql version (value %s) - " "ignoring\n", - MYSQL_SERVER_VERSION, MYSQL_VERSION_ID); -#endif /* MYSQL_VERSION_ID */ + db_mysql_opt_ssl_ca); +#endif /* MYSQL_OPT_SSL_CA */ #ifdef KSR_MYSQL_OPT_RECONNECT /* set reconnect flag if enabled */ ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:92cfedaa: db_mysql: fix check for enum MYSQL_OPT_SSL_CA for CentOS 7/5.5.x
Module: kamailio Branch: master Commit: 92cfedaaffb034db536f3bcf68695b433db92706 URL: https://github.com/kamailio/kamailio/commit/92cfedaaffb034db536f3bcf68695b433db92706 Author: S-P Chan Committer: S-P Chan Date: 2024-07-09T10:53:07+08:00 db_mysql: fix check for enum MYSQL_OPT_SSL_CA for CentOS 7/5.5.x - MYSQL_OPT_SSL_CA is an enum not a macro - base check on MYSQL_VERSION_ID - 50568 used in CentOS 7 Addresses #3910 --- Modified: src/modules/db_mysql/km_my_con.c --- Diff: https://github.com/kamailio/kamailio/commit/92cfedaaffb034db536f3bcf68695b433db92706.diff Patch: https://github.com/kamailio/kamailio/commit/92cfedaaffb034db536f3bcf68695b433db92706.patch --- diff --git a/src/modules/db_mysql/km_my_con.c b/src/modules/db_mysql/km_my_con.c index 240d3f59a76..37508ce24c0 100644 --- a/src/modules/db_mysql/km_my_con.c +++ b/src/modules/db_mysql/km_my_con.c @@ -179,14 +179,14 @@ struct my_con *db_mysql_new_connection(const struct db_id *id) #endif /* MYSQL_VERSION_ID */ #endif /* MARIADB_BASE_VERSION */ -#ifdef MYSQL_OPT_SSL_CA +#if(MYSQL_VERSION_ID >= 50600) if(db_mysql_opt_ssl_ca) mysql_options( ptr->con, MYSQL_OPT_SSL_CA, (const void *)db_mysql_opt_ssl_ca); #else - LM_DBG("opt_ssl_ca option not supported by mysql version (value %s) - " + LM_DBG("opt_ssl_ca option not supported by mysql version (value %d) - " "ignoring\n", - db_mysql_opt_ssl_ca); + MYSQL_VERSION_ID); #endif /* MYSQL_OPT_SSL_CA */ #ifdef KSR_MYSQL_OPT_RECONNECT ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:5b2be5e2: db_mysql: fix check for enum MYSQL_OPT_SSL_CA for CentOS 7/5.5.x
Module: kamailio Branch: master Commit: 5b2be5e2c716ad8f8502b3be3db5194eb8474d39 URL: https://github.com/kamailio/kamailio/commit/5b2be5e2c716ad8f8502b3be3db5194eb8474d39 Author: S-P Chan Committer: S-P Chan Date: 2024-07-09T10:38:44+08:00 db_mysql: fix check for enum MYSQL_OPT_SSL_CA for CentOS 7/5.5.x - MYSQL_OPT_SSL_CA is an enum not a macro - base check on MYSQL_VERSION_ID - 50568 used in CentOS 7 Addresses #3910 --- Modified: src/modules/db_mysql/km_my_con.c --- Diff: https://github.com/kamailio/kamailio/commit/5b2be5e2c716ad8f8502b3be3db5194eb8474d39.diff Patch: https://github.com/kamailio/kamailio/commit/5b2be5e2c716ad8f8502b3be3db5194eb8474d39.patch --- diff --git a/src/modules/db_mysql/km_my_con.c b/src/modules/db_mysql/km_my_con.c index 240d3f59a76..21ac5023c81 100644 --- a/src/modules/db_mysql/km_my_con.c +++ b/src/modules/db_mysql/km_my_con.c @@ -179,15 +179,15 @@ struct my_con *db_mysql_new_connection(const struct db_id *id) #endif /* MYSQL_VERSION_ID */ #endif /* MARIADB_BASE_VERSION */ -#ifdef MYSQL_OPT_SSL_CA +#if(MYSQL_VERSION_ID < 50600) if(db_mysql_opt_ssl_ca) mysql_options( ptr->con, MYSQL_OPT_SSL_CA, (const void *)db_mysql_opt_ssl_ca); #else - LM_DBG("opt_ssl_ca option not supported by mysql version (value %s) - " + LM_DBG("opt_ssl_ca option not supported by mysql version (value %s:%d) - " "ignoring\n", - db_mysql_opt_ssl_ca); -#endif /* MYSQL_OPT_SSL_CA */ + MYSQL_SERVER_VERSION, MYSQL_VERSION_ID); +#endif /* MYSQL_VERSION_ID */ #ifdef KSR_MYSQL_OPT_RECONNECT /* set reconnect flag if enabled */ ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:77de8690: tls: document handling of thread-locals
Module: kamailio Branch: master Commit: 77de86909ac8c156335e1e789bb3067932f9eff5 URL: https://github.com/kamailio/kamailio/commit/77de86909ac8c156335e1e789bb3067932f9eff5 Author: S-P Chan Committer: S-P Chan Date: 2024-05-04T19:48:21+08:00 tls: document handling of thread-locals --- Added: src/modules/tls/OpenSSL3-README.md --- Diff: https://github.com/kamailio/kamailio/commit/77de86909ac8c156335e1e789bb3067932f9eff5.diff Patch: https://github.com/kamailio/kamailio/commit/77de86909ac8c156335e1e789bb3067932f9eff5.patch --- diff --git a/src/modules/tls/OpenSSL3-README.md b/src/modules/tls/OpenSSL3-README.md new file mode 100644 index 000..6b6a7814129 --- /dev/null +++ b/src/modules/tls/OpenSSL3-README.md @@ -0,0 +1,55 @@ +# OpenSSL 3 Developer Notes + +## Background + +OpenSSL since 1.1.1 uses thread-local storage. The OpenSSL internal API +is `CRYPTO_THREAD_set_local()` and it is implemented on Linux using `pthread_setspecific()`. + +In a new thread, the value of a thread-local variable is 0x0; the first access of this +variable by OpenSSL will allocate new dynamic memory. The implication for Kamailio is that +if such variables are initialized in rank 0, then all workers will reuse the same memory +location as Kamailio uses shared memory for OpenSSL. + +## OpenSSL 1.1.1 shmmem Corruption + +In OpenSSL 1.1.1 there are three variables that impact Kamailio: `private_drbg`, `public_drbg`, and +`err_thread_local`. The first two variables are circumvented by an early call to `RAND_set_rand_method()`. + +The third variable, i.e., `err_thread_local` is reused by all workers and leads to shmmem corruption +particularly with other users of OpenSSL such as libcurl, and db modules with TLS. + +Historically, since 2019, this was a low-impact bug due to use of static variables in the OpenSSL 1.1.1 +implementation. + + +## OpenSSL 3 shmmem Corruption + +In OpenSSL 3 there is one variable that impacts Kamailio: `err_thread_local`. + +OpenSSL 3 uses more dynamic memory to handle the error stack and shmmem corruption is easily +reproducible, even without libcurl or db modules. + +## Resolution + +This resolution uses non-portable internal knowledge of pthreads on Linux: that `pthread_key_t` +is a small integer, and that it is incremented when a new thread-local key is requested + +OpenSSL 3 uses 6 thread-locals, and OpenSSL 1.1.1 uses 4 thread-locals. + +The first attempt (5.8.0/5.8.1) to resolve this issue uses the following technique: +* `tls_threads_mode = 1`: for each function that might initialize OpenSSL, run it in + a temporary thread; this leaves the thread-local variables in rank 0, main thread at their + default value of 0x0 +* `tls_threads_mode = 2`: add an at-fork handler to set thread-local variables to 0x0. + The implementation will set thread-local keys from 0-15 to have value 0x0. + +Limitation: the limitation of this method is some libraries like libpython cannot be initialized +other than in the primary thread and they will initialize thread-locals. + +The revised method makes a few OpenSSL function calls so +that OpenSSL will initialize all required thread-locals, and the tls.so sets a high-water mark. +It is assumed that all `pthread_key_t` values at the high-water mark or greater are set +by non-OpenSSL libraries. During fork, tls.so will clear all thread-locals up to the high-water +mark. + + ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:d8907b62: tls: clear thread-local variables up to tls_pthreads_key_mark
Module: kamailio Branch: 5.7 Commit: d8907b6290d37965d07ceaf30e6c06956a59c90a URL: https://github.com/kamailio/kamailio/commit/d8907b6290d37965d07ceaf30e6c06956a59c90a Author: S-P Chan Committer: S-P Chan Date: 2024-05-04T19:35:23+08:00 tls: clear thread-local variables up to tls_pthreads_key_mark - other libraries may set thread-locals via pthread_setspecific - assume that tls_pthreads_key_mark demarcates libssl's values - only clean thread-local values up to tls_pthreads_key_mark Currently only used by app_python[s] (cherry picked from commit fe6f4fcde2fa06a3c00479cef169c27dc32ae490) --- Modified: src/modules/tls/tls_mod.c Modified: src/modules/tls/tls_rand.h --- Diff: https://github.com/kamailio/kamailio/commit/d8907b6290d37965d07ceaf30e6c06956a59c90a.diff Patch: https://github.com/kamailio/kamailio/commit/d8907b6290d37965d07ceaf30e6c06956a59c90a.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index c2a3c8de271..524419dd854 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -343,9 +343,11 @@ static tls_domains_cfg_t* tls_use_modparams(void) * is < 10 * */ +static int tls_pthreads_key_mark; static void fork_child(void) { - for(int k = 0; k < 16; k++) { + int k; + for(k = 0; k < tls_pthreads_key_mark; k++) { if(pthread_getspecific(k) != 0) pthread_setspecific(k, 0x0); } @@ -355,6 +357,8 @@ static int mod_init(void) { int method; int verify_client; + unsigned char rand_buf[32]; + int k; if(tls_disable) { LM_WARN("tls support is disabled " @@ -463,6 +467,23 @@ static int mod_init(void) if(ksr_tls_threads_mode == 2) { pthread_atfork(NULL, NULL, _child); } + +#if OPENSSL_VERSION_NUMBER >= 0x010101000L + /* +* force creation of all thread-locals now so that other libraries +* that use pthread_key_create(), e.g. python, +* will have larger key values +*/ + if(ksr_tls_threads_mode > 0) { + ERR_clear_error(); + RAND_bytes(rand_buf, sizeof(rand_buf)); + for(k = 0; k < 32; k++) { + if(pthread_getspecific(k)) + tls_pthreads_key_mark = k + 1; + } + LM_WARN("set maximum pthreads key to %d\n", tls_pthreads_key_mark); + } +#endif return 0; error: tls_h_mod_destroy_f(); @@ -499,6 +520,7 @@ static int mod_child_hook(int *rank, void *dummy) if(tls_fix_domains_cfg(*tls_domains_cfg, _params, _params) < 0) return -1; } + return 0; } @@ -508,6 +530,8 @@ static OSSL_LIB_CTX *new_ctx; #endif static int mod_child(int rank) { + int k; + if(tls_disable || (tls_domains_cfg == 0)) return 0; @@ -519,6 +543,13 @@ static int mod_child(int rank) return run_thread4PP((_thread_proto4PP)mod_child_hook, , NULL); } + if(ksr_tls_threads_mode == 1 && rank && rank != PROC_INIT + && rank != PROC_POSTCHILDINIT) { + for(k = 0; k < tls_pthreads_key_mark; k++) + pthread_setspecific(k, 0x0); + LM_WARN("clean-up of thread-locals key < %d\n", tls_pthreads_key_mark); + } + #ifdef KSR_SSL_COMMON /* * after the child is fork()ed we go through the TLS domains diff --git a/src/modules/tls/tls_rand.h b/src/modules/tls/tls_rand.h index 58ddc853acd..7bbcf3a628c 100644 --- a/src/modules/tls/tls_rand.h +++ b/src/modules/tls/tls_rand.h @@ -21,10 +21,10 @@ #define _TLS_RAND_H_ #include +#include #if OPENSSL_VERSION_NUMBER >= 0x1010L \ && OPENSSL_VERSION_NUMBER < 0x03000L -#include const RAND_METHOD *RAND_ksr_krand_method(void); const RAND_METHOD *RAND_ksr_fastrand_method(void); ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:cafe437d: tls: clear thread-local variables up to tls_pthreads_key_mark
Module: kamailio Branch: 5.8 Commit: cafe437dcb637b0e571a2d2ffd04d911584404d9 URL: https://github.com/kamailio/kamailio/commit/cafe437dcb637b0e571a2d2ffd04d911584404d9 Author: S-P Chan Committer: S-P Chan Date: 2024-04-29T21:27:38+08:00 tls: clear thread-local variables up to tls_pthreads_key_mark - other libraries may set thread-locals via pthread_setspecific - assume that tls_pthreads_key_mark demarcates libssl's values - only clean thread-local values up to tls_pthreads_key_mark Currently only used by app_python[s] (cherry picked from commit fe6f4fcde2fa06a3c00479cef169c27dc32ae490) --- Modified: src/modules/tls/tls_mod.c Modified: src/modules/tls/tls_rand.h --- Diff: https://github.com/kamailio/kamailio/commit/cafe437dcb637b0e571a2d2ffd04d911584404d9.diff Patch: https://github.com/kamailio/kamailio/commit/cafe437dcb637b0e571a2d2ffd04d911584404d9.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 83b86d99d58..baa1a7c76d1 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -343,10 +343,11 @@ static tls_domains_cfg_t* tls_use_modparams(void) * is < 10 * */ +static int tls_pthreads_key_mark; static void fork_child(void) { - int k = 0; - for(k = 0; k < 16; k++) { + int k; + for(k = 0; k < tls_pthreads_key_mark; k++) { if(pthread_getspecific(k) != 0) pthread_setspecific(k, 0x0); } @@ -356,6 +357,8 @@ static int mod_init(void) { int method; int verify_client; + unsigned char rand_buf[32]; + int k; if(tls_disable) { LM_WARN("tls support is disabled " @@ -464,6 +467,23 @@ static int mod_init(void) if(ksr_tls_threads_mode == 2) { pthread_atfork(NULL, NULL, _child); } + +#if OPENSSL_VERSION_NUMBER >= 0x010101000L + /* +* force creation of all thread-locals now so that other libraries +* that use pthread_key_create(), e.g. python, +* will have larger key values +*/ + if(ksr_tls_threads_mode > 0) { + ERR_clear_error(); + RAND_bytes(rand_buf, sizeof(rand_buf)); + for(k = 0; k < 32; k++) { + if(pthread_getspecific(k)) + tls_pthreads_key_mark = k + 1; + } + LM_WARN("set maximum pthreads key to %d\n", tls_pthreads_key_mark); + } +#endif return 0; error: tls_h_mod_destroy_f(); @@ -500,6 +520,7 @@ static int mod_child_hook(int *rank, void *dummy) if(tls_fix_domains_cfg(*tls_domains_cfg, _params, _params) < 0) return -1; } + return 0; } @@ -509,17 +530,26 @@ static OSSL_LIB_CTX *new_ctx; #endif static int mod_child(int rank) { + int k; + if(tls_disable || (tls_domains_cfg == 0)) return 0; /* - * OpenSSL 3.x/1.1.1: create shared SSL_CTX* in thread executor - * to avoid init of libssl in thread#1: ksr_tls_threads_mode = 1 - */ +* OpenSSL 3.x/1.1.1: create shared SSL_CTX* in thread executor +* to avoid init of libssl in thread#1: ksr_tls_threads_mode = 1 +*/ if(rank == PROC_INIT) { return run_thread4PP((_thread_proto4PP)mod_child_hook, , NULL); } + if(ksr_tls_threads_mode == 1 && rank && rank != PROC_INIT + && rank != PROC_POSTCHILDINIT) { + for(k = 0; k < tls_pthreads_key_mark; k++) + pthread_setspecific(k, 0x0); + LM_WARN("clean-up of thread-locals key < %d\n", tls_pthreads_key_mark); + } + #ifdef KSR_SSL_COMMON /* * after the child is fork()ed we go through the TLS domains diff --git a/src/modules/tls/tls_rand.h b/src/modules/tls/tls_rand.h index 58ddc853acd..7bbcf3a628c 100644 --- a/src/modules/tls/tls_rand.h +++ b/src/modules/tls/tls_rand.h @@ -21,10 +21,10 @@ #define _TLS_RAND_H_ #include +#include #if OPENSSL_VERSION_NUMBER >= 0x1010L \ && OPENSSL_VERSION_NUMBER < 0x03000L -#include const RAND_METHOD *RAND_ksr_krand_method(void); const RAND_METHOD *RAND_ksr_fastrand_method(void); ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:fe6f4fcd: tls: clear thread-local variables up to tls_pthreads_key_mark
Module: kamailio Branch: master Commit: fe6f4fcde2fa06a3c00479cef169c27dc32ae490 URL: https://github.com/kamailio/kamailio/commit/fe6f4fcde2fa06a3c00479cef169c27dc32ae490 Author: S-P Chan Committer: S-P Chan Date: 2024-04-29T21:20:20+08:00 tls: clear thread-local variables up to tls_pthreads_key_mark - other libraries may set thread-locals via pthread_setspecific - assume that tls_pthreads_key_mark demarcates libssl's values - only clean thread-local values up to tls_pthreads_key_mark Currently only used by app_python[s] --- Modified: src/modules/tls/tls_mod.c Modified: src/modules/tls/tls_rand.h --- Diff: https://github.com/kamailio/kamailio/commit/fe6f4fcde2fa06a3c00479cef169c27dc32ae490.diff Patch: https://github.com/kamailio/kamailio/commit/fe6f4fcde2fa06a3c00479cef169c27dc32ae490.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 83b86d99d58..baa1a7c76d1 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -343,10 +343,11 @@ static tls_domains_cfg_t* tls_use_modparams(void) * is < 10 * */ +static int tls_pthreads_key_mark; static void fork_child(void) { - int k = 0; - for(k = 0; k < 16; k++) { + int k; + for(k = 0; k < tls_pthreads_key_mark; k++) { if(pthread_getspecific(k) != 0) pthread_setspecific(k, 0x0); } @@ -356,6 +357,8 @@ static int mod_init(void) { int method; int verify_client; + unsigned char rand_buf[32]; + int k; if(tls_disable) { LM_WARN("tls support is disabled " @@ -464,6 +467,23 @@ static int mod_init(void) if(ksr_tls_threads_mode == 2) { pthread_atfork(NULL, NULL, _child); } + +#if OPENSSL_VERSION_NUMBER >= 0x010101000L + /* +* force creation of all thread-locals now so that other libraries +* that use pthread_key_create(), e.g. python, +* will have larger key values +*/ + if(ksr_tls_threads_mode > 0) { + ERR_clear_error(); + RAND_bytes(rand_buf, sizeof(rand_buf)); + for(k = 0; k < 32; k++) { + if(pthread_getspecific(k)) + tls_pthreads_key_mark = k + 1; + } + LM_WARN("set maximum pthreads key to %d\n", tls_pthreads_key_mark); + } +#endif return 0; error: tls_h_mod_destroy_f(); @@ -500,6 +520,7 @@ static int mod_child_hook(int *rank, void *dummy) if(tls_fix_domains_cfg(*tls_domains_cfg, _params, _params) < 0) return -1; } + return 0; } @@ -509,17 +530,26 @@ static OSSL_LIB_CTX *new_ctx; #endif static int mod_child(int rank) { + int k; + if(tls_disable || (tls_domains_cfg == 0)) return 0; /* - * OpenSSL 3.x/1.1.1: create shared SSL_CTX* in thread executor - * to avoid init of libssl in thread#1: ksr_tls_threads_mode = 1 - */ +* OpenSSL 3.x/1.1.1: create shared SSL_CTX* in thread executor +* to avoid init of libssl in thread#1: ksr_tls_threads_mode = 1 +*/ if(rank == PROC_INIT) { return run_thread4PP((_thread_proto4PP)mod_child_hook, , NULL); } + if(ksr_tls_threads_mode == 1 && rank && rank != PROC_INIT + && rank != PROC_POSTCHILDINIT) { + for(k = 0; k < tls_pthreads_key_mark; k++) + pthread_setspecific(k, 0x0); + LM_WARN("clean-up of thread-locals key < %d\n", tls_pthreads_key_mark); + } + #ifdef KSR_SSL_COMMON /* * after the child is fork()ed we go through the TLS domains diff --git a/src/modules/tls/tls_rand.h b/src/modules/tls/tls_rand.h index 58ddc853acd..7bbcf3a628c 100644 --- a/src/modules/tls/tls_rand.h +++ b/src/modules/tls/tls_rand.h @@ -21,10 +21,10 @@ #define _TLS_RAND_H_ #include +#include #if OPENSSL_VERSION_NUMBER >= 0x1010L \ && OPENSSL_VERSION_NUMBER < 0x03000L -#include const RAND_METHOD *RAND_ksr_krand_method(void); const RAND_METHOD *RAND_ksr_fastrand_method(void); ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.6:3d642314: tls: revert commit a08562b2e56c89900220b7ed15c9ccd12655d9a6
Module: kamailio Branch: 5.6 Commit: 3d6423140a864b83e61dbc8e662c8fd53ecb9bb3 URL: https://github.com/kamailio/kamailio/commit/3d6423140a864b83e61dbc8e662c8fd53ecb9bb3 Author: S-P Chan Committer: S-P Chan Date: 2024-03-24T08:27:43+08:00 tls: revert commit a08562b2e56c89900220b7ed15c9ccd12655d9a6 - GH#3791: users of tls.so on systems that provide only libssl3 (e.g. bookworm) are advised to try >= 5.8.0 --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/3d6423140a864b83e61dbc8e662c8fd53ecb9bb3.diff Patch: https://github.com/kamailio/kamailio/commit/3d6423140a864b83e61dbc8e662c8fd53ecb9bb3.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 3805accf70a..499a9a77aea 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -306,17 +306,6 @@ static tls_domains_cfg_t* tls_use_modparams(void) } #endif -/* unconditionally perform thread-local clean-up - * especially needed with libssl3 uses - * (bookworm/jammy/noble/el9) - */ -static void fork_child(void) -{ -for(int k = 0; k < 16; k++) { -if(pthread_getspecific(k) != 0) -pthread_setspecific(k, 0x0); -} -} static int mod_init(void) { @@ -418,9 +407,6 @@ static int mod_init(void) if(sr_tls_event_callback.s == NULL || sr_tls_event_callback.len <= 0) { tls_lookup_event_routes(); } -/* minimal fix for libssl 1.1.1/3.x uses - */ -pthread_atfork(NULL, NULL, _child); return 0; error: tls_h_mod_destroy_f(); @@ -649,6 +635,11 @@ int mod_register(char *path, int *dlflags, void *p1, void *p2) register_tls_hooks(_h); +#if OPENSSL_VERSION_NUMBER >= 0x1010L + LM_DBG("setting cryptorand random engine\n"); + RAND_set_rand_method(RAND_ksr_cryptorand_method()); +#endif + sr_kemi_modules_add(sr_kemi_tls_exports); return 0; ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.6:a08562b2: tls: force thread-locals clean-up for libssl3
Module: kamailio Branch: 5.6 Commit: a08562b2e56c89900220b7ed15c9ccd12655d9a6 URL: https://github.com/kamailio/kamailio/commit/a08562b2e56c89900220b7ed15c9ccd12655d9a6 Author: S-P Chan Committer: S-P Chan Date: 2024-03-23T21:38:18+08:00 tls: force thread-locals clean-up for libssl3 - minimal thread-locals patch as 5.6.x is packaged for distros that use libssl3 GH#3791 - simplified version of tls rework in 5.8.x --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/a08562b2e56c89900220b7ed15c9ccd12655d9a6.diff Patch: https://github.com/kamailio/kamailio/commit/a08562b2e56c89900220b7ed15c9ccd12655d9a6.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 499a9a77aea..3805accf70a 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -306,6 +306,17 @@ static tls_domains_cfg_t* tls_use_modparams(void) } #endif +/* unconditionally perform thread-local clean-up + * especially needed with libssl3 uses + * (bookworm/jammy/noble/el9) + */ +static void fork_child(void) +{ +for(int k = 0; k < 16; k++) { +if(pthread_getspecific(k) != 0) +pthread_setspecific(k, 0x0); +} +} static int mod_init(void) { @@ -407,6 +418,9 @@ static int mod_init(void) if(sr_tls_event_callback.s == NULL || sr_tls_event_callback.len <= 0) { tls_lookup_event_routes(); } +/* minimal fix for libssl 1.1.1/3.x uses + */ +pthread_atfork(NULL, NULL, _child); return 0; error: tls_h_mod_destroy_f(); @@ -635,11 +649,6 @@ int mod_register(char *path, int *dlflags, void *p1, void *p2) register_tls_hooks(_h); -#if OPENSSL_VERSION_NUMBER >= 0x1010L - LM_DBG("setting cryptorand random engine\n"); - RAND_set_rand_method(RAND_ksr_cryptorand_method()); -#endif - sr_kemi_modules_add(sr_kemi_tls_exports); return 0; ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:af524f5b: tlsa: removed the map files used in the past for tls engine
Module: kamailio Branch: 5.7 Commit: af524f5b2b2fa3de4aa4e198bf3a9f0feff04e17 URL: https://github.com/kamailio/kamailio/commit/af524f5b2b2fa3de4aa4e198bf3a9f0feff04e17 Author: Daniel-Constantin Mierla Committer: S-P Chan Date: 2024-03-23T21:06:43+08:00 tlsa: removed the map files used in the past for tls engine - sync with code of tls module --- Removed: src/modules/tlsa/tls_map.c Removed: src/modules/tlsa/tls_map.h --- Diff: https://github.com/kamailio/kamailio/commit/af524f5b2b2fa3de4aa4e198bf3a9f0feff04e17.diff Patch: https://github.com/kamailio/kamailio/commit/af524f5b2b2fa3de4aa4e198bf3a9f0feff04e17.patch --- diff --git a/src/modules/tlsa/tls_map.c b/src/modules/tlsa/tls_map.c deleted file mode 100644 index ad799b5cdff..000 --- a/src/modules/tlsa/tls_map.c +++ /dev/null @@ -1,27 +0,0 @@ -/** - * Copyright (C) 2021 Daniel-Constantin Mierla (asipto.com) - * - * This file is part of Kamailio, a free SIP server. - * - * This file is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version - * - * - * This file is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - * - */ - -/** - * THIS FILE IS GENERATED - DO NOT MODIFY IT - */ - -#include "../tls/tls_map.c" diff --git a/src/modules/tlsa/tls_map.h b/src/modules/tlsa/tls_map.h deleted file mode 100644 index 96705a7f7fa..000 --- a/src/modules/tlsa/tls_map.h +++ /dev/null @@ -1,27 +0,0 @@ -/** - * Copyright (C) 2021 Daniel-Constantin Mierla (asipto.com) - * - * This file is part of Kamailio, a free SIP server. - * - * This file is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version - * - * - * This file is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - * - */ - -/** - * THIS FILE IS GENERATED - DO NOT MODIFY IT - */ - -#include "../tls/tls_map.h" ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:d20df6fb: core/rthreads.h: add new option tls_threads_mode = 2
Module: kamailio Branch: 5.7 Commit: d20df6fb372ab4da0dd5e6f277b08345059c2be5 URL: https://github.com/kamailio/kamailio/commit/d20df6fb372ab4da0dd5e6f277b08345059c2be5 Author: S-P Chan Committer: S-P Chan Date: 2024-03-23T21:09:14+08:00 core/rthreads.h: add new option tls_threads_mode = 2 - add global handling of thread-locals with tls_threads_mode = 2 - this will run a pthread_atfork handler to reset all thread-locals to 0x0 - alternative solution to running functions in thread executors - requires tls.so to be loaded to be effective (cherry picked from commit e7f040f219b46592081a6053b4ed1ae0d0552b1a) --- Modified: src/core/rthreads.h --- Diff: https://github.com/kamailio/kamailio/commit/d20df6fb372ab4da0dd5e6f277b08345059c2be5.diff Patch: https://github.com/kamailio/kamailio/commit/d20df6fb372ab4da0dd5e6f277b08345059c2be5.patch --- diff --git a/src/core/rthreads.h b/src/core/rthreads.h index 0f4f0cf8b8a..6fee4d0b407 100644 --- a/src/core/rthreads.h +++ b/src/core/rthreads.h @@ -40,7 +40,7 @@ static void *run_threadP(_thread_proto fn, void *arg) pthread_t tid; void *ret; - if(likely(ksr_tls_threads_mode == 0 + if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2 || (ksr_tls_threads_mode == 1 && process_no > 0))) { return fn(arg); } @@ -77,7 +77,7 @@ static void *run_threadPI(_thread_protoPI fn, void *arg1, int arg2) pthread_t tid; void *ret; - if(likely(ksr_tls_threads_mode == 0 + if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2 || (ksr_tls_threads_mode == 1 && process_no > 0))) { return fn(arg1, arg2); } @@ -113,7 +113,7 @@ static void run_threadV(_thread_protoV fn) #ifdef USE_TLS pthread_t tid; - if(likely(ksr_tls_threads_mode == 0 + if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2 || (ksr_tls_threads_mode == 1 && process_no > 0))) { fn(); return; @@ -152,7 +152,7 @@ static int run_thread4PP(_thread_proto4PP fn, void *arg1, void *arg2) pthread_t tid; int ret; - if(likely(ksr_tls_threads_mode == 0 + if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2 || (ksr_tls_threads_mode == 1 && process_no > 0))) { return fn(arg1, arg2); } @@ -188,7 +188,7 @@ static void run_thread0P(_thread_proto0P fn, void *arg1) #ifdef USE_TLS pthread_t tid; - if(likely(ksr_tls_threads_mode == 0 + if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2 || (ksr_tls_threads_mode == 1 && process_no > 0))) { fn(arg1); return; @@ -240,7 +240,7 @@ static int run_thread4P5I2P2(_thread_proto4P5I2P2 fn, void *arg1, void *arg2, pthread_t tid; int ret; - if(likely(ksr_tls_threads_mode == 0 + if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2 || (ksr_tls_threads_mode == 1 && process_no > 0))) { return fn(arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8, arg9); } @@ -278,7 +278,7 @@ static int run_thread4L(_thread_proto4L fn, long arg1) pthread_t tid; int ret; - if(likely(ksr_tls_threads_mode == 0 + if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2 || (ksr_tls_threads_mode == 1 && process_no > 0))) { return fn(arg1); } ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:88429b9e: tls: remove unused ENGINE define
Module: kamailio Branch: 5.7 Commit: 88429b9e3546864845fb1a3c2ce5263620b51c58 URL: https://github.com/kamailio/kamailio/commit/88429b9e3546864845fb1a3c2ce5263620b51c58 Author: S-P Chan Committer: S-P Chan Date: 2024-03-23T21:06:43+08:00 tls: remove unused ENGINE define --- Modified: src/modules/tls/tls_server.c --- Diff: https://github.com/kamailio/kamailio/commit/88429b9e3546864845fb1a3c2ce5263620b51c58.diff Patch: https://github.com/kamailio/kamailio/commit/88429b9e3546864845fb1a3c2ce5263620b51c58.patch --- diff --git a/src/modules/tls/tls_server.c b/src/modules/tls/tls_server.c index 3e22ec42712..3bfea131cf2 100644 --- a/src/modules/tls/tls_server.c +++ b/src/modules/tls/tls_server.c @@ -128,11 +128,6 @@ int tls_run_event_routes(struct tcp_connection *c); #endif /* __SUNPRO_c */ #endif /* TLS_RD_DEBUG */ -/* only OpenSSL <= 1.1.1 */ -#if !defined(OPENSSL_NO_ENGINE) && OPENSSL_VERSION_NUMBER < 0x03000L -#define KSR_SSL_ENGINE -#endif - extern str sr_tls_xavp_cfg; static str _ksr_tls_connect_server_id = STR_NULL; ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:cf764b49: tls: new option tls_threads_mode = 2
Module: kamailio Branch: 5.7 Commit: cf764b499fbc3f28f7ed080b488e0e8111687cf8 URL: https://github.com/kamailio/kamailio/commit/cf764b499fbc3f28f7ed080b488e0e8111687cf8 Author: S-P Chan Committer: S-P Chan Date: 2024-03-23T21:09:14+08:00 tls: new option tls_threads_mode = 2 - use pthread_atfork to force all thread-locals to 0x0 after fork() (cherry picked from commit 464299c202f3ba963aed821b777075397e843856) --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/cf764b499fbc3f28f7ed080b488e0e8111687cf8.diff Patch: https://github.com/kamailio/kamailio/commit/cf764b499fbc3f28f7ed080b488e0e8111687cf8.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index c34c9933b1d..51e88bed51f 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -337,6 +337,20 @@ static tls_domains_cfg_t* tls_use_modparams(void) } #endif +/* global config tls_threads_mode = 2 + * - force all thread-locals to be 0x0 after fork() + * - with OpenSSL loaded the largest value observed + * is < 10 + * + */ +static void fork_child(void) +{ + for(int k = 0; k < 16; k++) { + if(pthread_getspecific(k) != 0) + pthread_setspecific(k, 0x0); + } +} + static int mod_init(void) { int method; @@ -446,6 +460,9 @@ static int mod_init(void) ksr_module_set_flag(KSRMOD_FLAG_POSTCHILDINIT); } #endif + if(ksr_tls_threads_mode == 2) { + pthread_atfork(NULL, NULL, _child); + } return 0; error: tls_h_mod_destroy_f(); ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:4b206bcc: tls: make explicit ENGINE deprecation in OpenSSL 3
Module: kamailio Branch: 5.7 Commit: 4b206bccc0ed46aac876921009d2884eb868075c URL: https://github.com/kamailio/kamailio/commit/4b206bccc0ed46aac876921009d2884eb868075c Author: S-P Chan Committer: S-P Chan Date: 2024-03-23T21:06:43+08:00 tls: make explicit ENGINE deprecation in OpenSSL 3 --- Modified: src/modules/tls/tls_domain.c Modified: src/modules/tls/tls_mod.c Modified: src/modules/tls/tls_server.c --- Diff: https://github.com/kamailio/kamailio/commit/4b206bccc0ed46aac876921009d2884eb868075c.diff Patch: https://github.com/kamailio/kamailio/commit/4b206bccc0ed46aac876921009d2884eb868075c.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:957c8005: tls: clean-up of ENGINE
Module: kamailio Branch: 5.7 Commit: 957c8005d2a97207debf1d3e782c1df5de70d487 URL: https://github.com/kamailio/kamailio/commit/957c8005d2a97207debf1d3e782c1df5de70d487 Author: S-P Chan Committer: S-P Chan Date: 2024-03-23T21:06:43+08:00 tls: clean-up of ENGINE - remove tls_map.* - not needed anymore - install an ENGINE in each worker SSL_CTX no need to replicate to all processes --- Modified: src/modules/tls/tls_domain.c Modified: src/modules/tls/tls_server.c Removed: src/modules/tls/tls_map.c Removed: src/modules/tls/tls_map.h --- Diff: https://github.com/kamailio/kamailio/commit/957c8005d2a97207debf1d3e782c1df5de70d487.diff Patch: https://github.com/kamailio/kamailio/commit/957c8005d2a97207debf1d3e782c1df5de70d487.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:d03d5fdf: tls: NULL safety check
Module: kamailio Branch: 5.7 Commit: d03d5fdf2b6a29e783738a6ea98c35725826d9ed URL: https://github.com/kamailio/kamailio/commit/d03d5fdf2b6a29e783738a6ea98c35725826d9ed Author: S-P Chan Committer: S-P Chan Date: 2024-03-23T21:09:14+08:00 tls: NULL safety check (cherry picked from commit f6f9d90ada963b53b6552e1a172b8f2fd021c33b) --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/d03d5fdf2b6a29e783738a6ea98c35725826d9ed.diff Patch: https://github.com/kamailio/kamailio/commit/d03d5fdf2b6a29e783738a6ea98c35725826d9ed.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 51e88bed51f..c2a3c8de271 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -871,6 +871,8 @@ EVP_PKEY *tls_engine_private_key(const char *key_id) while(!(OSSL_STORE_eof(ctx))) { OSSL_STORE_INFO *info = OSSL_STORE_load(ctx); + if(info == NULL) + continue; int type; type = OSSL_STORE_INFO_get_type(info); ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:caa24125: etc/kamailio.cfg: document tls_threads_mode = 2 to use atfork handler
Module: kamailio Branch: 5.7 Commit: caa2412507586329b7b97685203fd8bd54cd2691 URL: https://github.com/kamailio/kamailio/commit/caa2412507586329b7b97685203fd8bd54cd2691 Author: S-P Chan Committer: S-P Chan Date: 2024-03-23T21:09:14+08:00 etc/kamailio.cfg: document tls_threads_mode = 2 to use atfork handler (cherry picked from commit 5b4926b04ba0fcd8f65f5709789abd83181a381a) --- Modified: etc/kamailio.cfg --- Diff: https://github.com/kamailio/kamailio/commit/caa2412507586329b7b97685203fd8bd54cd2691.diff Patch: https://github.com/kamailio/kamailio/commit/caa2412507586329b7b97685203fd8bd54cd2691.patch --- diff --git a/etc/kamailio.cfg b/etc/kamailio.cfg index a95a652b935..bf456f396fa 100755 --- a/etc/kamailio.cfg +++ b/etc/kamailio.cfg @@ -224,8 +224,9 @@ tls_max_connections=2048 /* For OpenSSL 3 integration * functions calling libssl3 can be invoked in a transient thread * 0: disable threaded calls - * 1: use threads for process#0 only - * 2: use threads for all processes */ + * 1: use thread executors for process#0 only + * 2: no thread executors, but use atfork handler to reset thread-locals to NULL + * 3: use thread executors for all processes */ tls_threads_mode=1 #!endif ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:822960b0: tls: basic OpenSSL 3 support of provider keys (replaces ENGINE)
Module: kamailio Branch: 5.7 Commit: 822960b0e869b5fce093f708daf65b9f4b4c47f8 URL: https://github.com/kamailio/kamailio/commit/822960b0e869b5fce093f708daf65b9f4b4c47f8 Author: S-P Chan Committer: S-P Chan Date: 2024-03-23T21:09:14+08:00 tls: basic OpenSSL 3 support of provider keys (replaces ENGINE) - initial support for v3 provider keys (replaces ENGINE from v1.1.1) - can be disabled behind build flag -DOPENSSL_NO_PROVIDER - provider keys start with /uri: e.g private_key = /uri:pkcs11:token=NSS%20Certificate%20DB;type=private;object=Fork-Test-c67cc0e0 - global config: provider_quirks: 0 | 1 - 0 - default - 1 - create a new OSS_LIB_CTX* in the child This integration does not load any providers itself and depends on the usual export OPENSSL_CONF=my-openssl.cnf to configure providers. (cherry picked from commit 69883dd381368ca219cc52140e71d571775f95d5) --- Modified: src/modules/tls/tls_domain.c Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/822960b0e869b5fce093f708daf65b9f4b4c47f8.diff Patch: https://github.com/kamailio/kamailio/commit/822960b0e869b5fce093f708daf65b9f4b4c47f8.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:dae15377: tls: NULL safety check
Module: kamailio Branch: 5.8 Commit: dae15377dac1b019f2278baca208162154d5a7ad URL: https://github.com/kamailio/kamailio/commit/dae15377dac1b019f2278baca208162154d5a7ad Author: S-P Chan Committer: S-P Chan Date: 2024-03-05T10:01:03+08:00 tls: NULL safety check (cherry picked from commit f6f9d90ada963b53b6552e1a172b8f2fd021c33b) --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/dae15377dac1b019f2278baca208162154d5a7ad.diff Patch: https://github.com/kamailio/kamailio/commit/dae15377dac1b019f2278baca208162154d5a7ad.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 6dfde00c93a..b4a2afb7818 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -871,6 +871,8 @@ EVP_PKEY *tls_engine_private_key(const char *key_id) while(!(OSSL_STORE_eof(ctx))) { OSSL_STORE_INFO *info = OSSL_STORE_load(ctx); + if(info == NULL) + continue; int type; type = OSSL_STORE_INFO_get_type(info); ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:f6f9d90a: tls: NULL safety check
Module: kamailio Branch: master Commit: f6f9d90ada963b53b6552e1a172b8f2fd021c33b URL: https://github.com/kamailio/kamailio/commit/f6f9d90ada963b53b6552e1a172b8f2fd021c33b Author: S-P Chan Committer: S-P Chan Date: 2024-03-05T09:59:41+08:00 tls: NULL safety check --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/f6f9d90ada963b53b6552e1a172b8f2fd021c33b.diff Patch: https://github.com/kamailio/kamailio/commit/f6f9d90ada963b53b6552e1a172b8f2fd021c33b.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 6dfde00c93a..b4a2afb7818 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -871,6 +871,8 @@ EVP_PKEY *tls_engine_private_key(const char *key_id) while(!(OSSL_STORE_eof(ctx))) { OSSL_STORE_INFO *info = OSSL_STORE_load(ctx); + if(info == NULL) + continue; int type; type = OSSL_STORE_INFO_get_type(info); ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:56aeb072: etc/kamailio.cfg: document tls_threads_mode = 2 to use atfork handler
Module: kamailio Branch: 5.8 Commit: 56aeb0723562409aa97098e51c602bcddc8b6789 URL: https://github.com/kamailio/kamailio/commit/56aeb0723562409aa97098e51c602bcddc8b6789 Author: S-P Chan Committer: S-P Chan Date: 2024-03-05T06:48:35+08:00 etc/kamailio.cfg: document tls_threads_mode = 2 to use atfork handler (cherry picked from commit 5b4926b04ba0fcd8f65f5709789abd83181a381a) --- Modified: etc/kamailio.cfg --- Diff: https://github.com/kamailio/kamailio/commit/56aeb0723562409aa97098e51c602bcddc8b6789.diff Patch: https://github.com/kamailio/kamailio/commit/56aeb0723562409aa97098e51c602bcddc8b6789.patch --- diff --git a/etc/kamailio.cfg b/etc/kamailio.cfg index 2d68f7692e1..3f9a5fe793f 100755 --- a/etc/kamailio.cfg +++ b/etc/kamailio.cfg @@ -224,8 +224,9 @@ tls_max_connections=2048 /* For OpenSSL 3 integration * functions calling libssl3 can be invoked in a transient thread * 0: disable threaded calls - * 1: use threads for process#0 only - * 2: use threads for all processes */ + * 1: use thread executors for process#0 only + * 2: no thread executors, but use atfork handler to reset thread-locals to NULL + * 3: use thread executors for all processes */ tls_threads_mode=1 #!endif ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:5b4926b0: etc/kamailio.cfg: document tls_threads_mode = 2 to use atfork handler
Module: kamailio Branch: master Commit: 5b4926b04ba0fcd8f65f5709789abd83181a381a URL: https://github.com/kamailio/kamailio/commit/5b4926b04ba0fcd8f65f5709789abd83181a381a Author: S-P Chan Committer: S-P Chan Date: 2024-03-05T06:47:24+08:00 etc/kamailio.cfg: document tls_threads_mode = 2 to use atfork handler --- Modified: etc/kamailio.cfg --- Diff: https://github.com/kamailio/kamailio/commit/5b4926b04ba0fcd8f65f5709789abd83181a381a.diff Patch: https://github.com/kamailio/kamailio/commit/5b4926b04ba0fcd8f65f5709789abd83181a381a.patch --- diff --git a/etc/kamailio.cfg b/etc/kamailio.cfg index 2d68f7692e1..3f9a5fe793f 100755 --- a/etc/kamailio.cfg +++ b/etc/kamailio.cfg @@ -224,8 +224,9 @@ tls_max_connections=2048 /* For OpenSSL 3 integration * functions calling libssl3 can be invoked in a transient thread * 0: disable threaded calls - * 1: use threads for process#0 only - * 2: use threads for all processes */ + * 1: use thread executors for process#0 only + * 2: no thread executors, but use atfork handler to reset thread-locals to NULL + * 3: use thread executors for all processes */ tls_threads_mode=1 #!endif ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:e7f040f2: core/rthreads.h: add new option tls_threads_mode = 2
Module: kamailio Branch: master Commit: e7f040f219b46592081a6053b4ed1ae0d0552b1a URL: https://github.com/kamailio/kamailio/commit/e7f040f219b46592081a6053b4ed1ae0d0552b1a Author: S-P Chan Committer: S-P Chan Date: 2024-03-04T22:00:38+08:00 core/rthreads.h: add new option tls_threads_mode = 2 - add global handling of thread-locals with tls_threads_mode = 2 - this will run a pthread_atfork handler to reset all thread-locals to 0x0 - alternative solution to running functions in thread executors - requires tls.so to be loaded to be effective --- Modified: src/core/rthreads.h --- Diff: https://github.com/kamailio/kamailio/commit/e7f040f219b46592081a6053b4ed1ae0d0552b1a.diff Patch: https://github.com/kamailio/kamailio/commit/e7f040f219b46592081a6053b4ed1ae0d0552b1a.patch --- diff --git a/src/core/rthreads.h b/src/core/rthreads.h index 1a04f9982c7..56d68cef276 100644 --- a/src/core/rthreads.h +++ b/src/core/rthreads.h @@ -40,7 +40,7 @@ static void *run_threadP(_thread_proto fn, void *arg) pthread_t tid; void *ret = NULL; - if(likely(ksr_tls_threads_mode == 0 + if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2 || (ksr_tls_threads_mode == 1 && process_no > 0))) { return fn(arg); } @@ -77,7 +77,7 @@ static void *run_threadPI(_thread_protoPI fn, void *arg1, int arg2) pthread_t tid; void *ret = NULL; - if(likely(ksr_tls_threads_mode == 0 + if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2 || (ksr_tls_threads_mode == 1 && process_no > 0))) { return fn(arg1, arg2); } @@ -113,7 +113,7 @@ static void run_threadV(_thread_protoV fn) #ifdef USE_TLS pthread_t tid; - if(likely(ksr_tls_threads_mode == 0 + if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2 || (ksr_tls_threads_mode == 1 && process_no > 0))) { fn(); return; @@ -152,7 +152,7 @@ static int run_thread4PP(_thread_proto4PP fn, void *arg1, void *arg2) pthread_t tid; int ret = 0; - if(likely(ksr_tls_threads_mode == 0 + if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2 || (ksr_tls_threads_mode == 1 && process_no > 0))) { return fn(arg1, arg2); } @@ -188,7 +188,7 @@ static void run_thread0P(_thread_proto0P fn, void *arg1) #ifdef USE_TLS pthread_t tid; - if(likely(ksr_tls_threads_mode == 0 + if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2 || (ksr_tls_threads_mode == 1 && process_no > 0))) { fn(arg1); return; @@ -240,7 +240,7 @@ static int run_thread4P5I2P2(_thread_proto4P5I2P2 fn, void *arg1, void *arg2, pthread_t tid; int ret = 0; - if(likely(ksr_tls_threads_mode == 0 + if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2 || (ksr_tls_threads_mode == 1 && process_no > 0))) { return fn(arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8, arg9); } @@ -278,7 +278,7 @@ static int run_thread4L(_thread_proto4L fn, long arg1) pthread_t tid; int ret = 0; - if(likely(ksr_tls_threads_mode == 0 + if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2 || (ksr_tls_threads_mode == 1 && process_no > 0))) { return fn(arg1); } ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:0ba1ff1d: tls: new option tls_threads_mode = 2
Module: kamailio Branch: 5.8 Commit: 0ba1ff1d430e5e51c7745d7eb1242dcae2557db9 URL: https://github.com/kamailio/kamailio/commit/0ba1ff1d430e5e51c7745d7eb1242dcae2557db9 Author: S-P Chan Committer: S-P Chan Date: 2024-03-04T22:27:36+08:00 tls: new option tls_threads_mode = 2 - use pthread_atfork to force all thread-locals to 0x0 after fork() (cherry picked from commit 464299c202f3ba963aed821b777075397e843856) --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/0ba1ff1d430e5e51c7745d7eb1242dcae2557db9.diff Patch: https://github.com/kamailio/kamailio/commit/0ba1ff1d430e5e51c7745d7eb1242dcae2557db9.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 1dc9357f56a..6dfde00c93a 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -337,6 +337,20 @@ static tls_domains_cfg_t* tls_use_modparams(void) } #endif +/* global config tls_threads_mode = 2 + * - force all thread-locals to be 0x0 after fork() + * - with OpenSSL loaded the largest value observed + * is < 10 + * + */ +static void fork_child(void) +{ + for(int k = 0; k < 16; k++) { + if(pthread_getspecific(k) != 0) + pthread_setspecific(k, 0x0); + } +} + static int mod_init(void) { int method; @@ -446,6 +460,9 @@ static int mod_init(void) ksr_module_set_flag(KSRMOD_FLAG_POSTCHILDINIT); } #endif + if(ksr_tls_threads_mode == 2) { + pthread_atfork(NULL, NULL, _child); + } return 0; error: tls_h_mod_destroy_f(); ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:0a565d34: core/rthreads.h: add new option tls_threads_mode = 2
Module: kamailio Branch: 5.8 Commit: 0a565d34b98b7ec4de0524a3e216e8d907661181 URL: https://github.com/kamailio/kamailio/commit/0a565d34b98b7ec4de0524a3e216e8d907661181 Author: S-P Chan Committer: S-P Chan Date: 2024-03-04T22:27:15+08:00 core/rthreads.h: add new option tls_threads_mode = 2 - add global handling of thread-locals with tls_threads_mode = 2 - this will run a pthread_atfork handler to reset all thread-locals to 0x0 - alternative solution to running functions in thread executors - requires tls.so to be loaded to be effective (cherry picked from commit e7f040f219b46592081a6053b4ed1ae0d0552b1a) --- Modified: src/core/rthreads.h --- Diff: https://github.com/kamailio/kamailio/commit/0a565d34b98b7ec4de0524a3e216e8d907661181.diff Patch: https://github.com/kamailio/kamailio/commit/0a565d34b98b7ec4de0524a3e216e8d907661181.patch --- diff --git a/src/core/rthreads.h b/src/core/rthreads.h index 0f4f0cf8b8a..6fee4d0b407 100644 --- a/src/core/rthreads.h +++ b/src/core/rthreads.h @@ -40,7 +40,7 @@ static void *run_threadP(_thread_proto fn, void *arg) pthread_t tid; void *ret; - if(likely(ksr_tls_threads_mode == 0 + if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2 || (ksr_tls_threads_mode == 1 && process_no > 0))) { return fn(arg); } @@ -77,7 +77,7 @@ static void *run_threadPI(_thread_protoPI fn, void *arg1, int arg2) pthread_t tid; void *ret; - if(likely(ksr_tls_threads_mode == 0 + if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2 || (ksr_tls_threads_mode == 1 && process_no > 0))) { return fn(arg1, arg2); } @@ -113,7 +113,7 @@ static void run_threadV(_thread_protoV fn) #ifdef USE_TLS pthread_t tid; - if(likely(ksr_tls_threads_mode == 0 + if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2 || (ksr_tls_threads_mode == 1 && process_no > 0))) { fn(); return; @@ -152,7 +152,7 @@ static int run_thread4PP(_thread_proto4PP fn, void *arg1, void *arg2) pthread_t tid; int ret; - if(likely(ksr_tls_threads_mode == 0 + if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2 || (ksr_tls_threads_mode == 1 && process_no > 0))) { return fn(arg1, arg2); } @@ -188,7 +188,7 @@ static void run_thread0P(_thread_proto0P fn, void *arg1) #ifdef USE_TLS pthread_t tid; - if(likely(ksr_tls_threads_mode == 0 + if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2 || (ksr_tls_threads_mode == 1 && process_no > 0))) { fn(arg1); return; @@ -240,7 +240,7 @@ static int run_thread4P5I2P2(_thread_proto4P5I2P2 fn, void *arg1, void *arg2, pthread_t tid; int ret; - if(likely(ksr_tls_threads_mode == 0 + if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2 || (ksr_tls_threads_mode == 1 && process_no > 0))) { return fn(arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8, arg9); } @@ -278,7 +278,7 @@ static int run_thread4L(_thread_proto4L fn, long arg1) pthread_t tid; int ret; - if(likely(ksr_tls_threads_mode == 0 + if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2 || (ksr_tls_threads_mode == 1 && process_no > 0))) { return fn(arg1); } ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:464299c2: tls: new option tls_threads_mode = 2
Module: kamailio Branch: master Commit: 464299c202f3ba963aed821b777075397e843856 URL: https://github.com/kamailio/kamailio/commit/464299c202f3ba963aed821b777075397e843856 Author: S-P Chan Committer: S-P Chan Date: 2024-03-04T22:00:38+08:00 tls: new option tls_threads_mode = 2 - use pthread_atfork to force all thread-locals to 0x0 after fork() --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/464299c202f3ba963aed821b777075397e843856.diff Patch: https://github.com/kamailio/kamailio/commit/464299c202f3ba963aed821b777075397e843856.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 1dc9357f56a..6dfde00c93a 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -337,6 +337,20 @@ static tls_domains_cfg_t* tls_use_modparams(void) } #endif +/* global config tls_threads_mode = 2 + * - force all thread-locals to be 0x0 after fork() + * - with OpenSSL loaded the largest value observed + * is < 10 + * + */ +static void fork_child(void) +{ + for(int k = 0; k < 16; k++) { + if(pthread_getspecific(k) != 0) + pthread_setspecific(k, 0x0); + } +} + static int mod_init(void) { int method; @@ -446,6 +460,9 @@ static int mod_init(void) ksr_module_set_flag(KSRMOD_FLAG_POSTCHILDINIT); } #endif + if(ksr_tls_threads_mode == 2) { + pthread_atfork(NULL, NULL, _child); + } return 0; error: tls_h_mod_destroy_f(); ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:3d80bc81: tls: basic OpenSSL 3 support of provider keys (replaces ENGINE)
Module: kamailio Branch: 5.8 Commit: 3d80bc811c75eb0cbcf0f4aee8929a5082b4de6a URL: https://github.com/kamailio/kamailio/commit/3d80bc811c75eb0cbcf0f4aee8929a5082b4de6a Author: S-P Chan Committer: S-P Chan Date: 2024-03-03T14:38:56+08:00 tls: basic OpenSSL 3 support of provider keys (replaces ENGINE) - initial support for v3 provider keys (replaces ENGINE from v1.1.1) - can be disabled behind build flag -DOPENSSL_NO_PROVIDER - provider keys start with /uri: e.g private_key = /uri:pkcs11:token=NSS%20Certificate%20DB;type=private;object=Fork-Test-c67cc0e0 - global config: provider_quirks: 0 | 1 - 0 - default - 1 - create a new OSS_LIB_CTX* in the child This integration does not load any providers itself and depends on the usual export OPENSSL_CONF=my-openssl.cnf to configure providers. (cherry picked from commit 69883dd381368ca219cc52140e71d571775f95d5) --- Modified: src/modules/tls/tls_domain.c Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/3d80bc811c75eb0cbcf0f4aee8929a5082b4de6a.diff Patch: https://github.com/kamailio/kamailio/commit/3d80bc811c75eb0cbcf0f4aee8929a5082b4de6a.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:69883dd3: tls: basic OpenSSL 3 support of provider keys (replaces ENGINE)
Module: kamailio Branch: master Commit: 69883dd381368ca219cc52140e71d571775f95d5 URL: https://github.com/kamailio/kamailio/commit/69883dd381368ca219cc52140e71d571775f95d5 Author: S-P Chan Committer: S-P Chan Date: 2024-03-03T14:34:47+08:00 tls: basic OpenSSL 3 support of provider keys (replaces ENGINE) - initial support for v3 provider keys (replaces ENGINE from 1.1.1) - can be disabled behind build flag -DOPENSSL_NO_PROVIDER - provider keys start with /uri: e.g private_key = /uri:pkcs11:token=NSS%20Certificate%20DB;type=private;object=Fork-Test-c67cc0e0 - global config: provider_quirks: 0 | 1 - 0 - default - 1 - create a new OSS_LIB_CTX* in the child This integration does not load any providers itself and depends on the usual export OPENSSL_CONF=my-openssl.cnf to configure providers. --- Modified: src/modules/tls/tls_domain.c Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/69883dd381368ca219cc52140e71d571775f95d5.diff Patch: https://github.com/kamailio/kamailio/commit/69883dd381368ca219cc52140e71d571775f95d5.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:6ee44373: tls: remove unused ENGINE define
Module: kamailio Branch: 5.8 Commit: 6ee443731a23032fce9a32ce9609ae5b7c6bd171 URL: https://github.com/kamailio/kamailio/commit/6ee443731a23032fce9a32ce9609ae5b7c6bd171 Author: S-P Chan Committer: S-P Chan Date: 2024-03-02T21:42:51+08:00 tls: remove unused ENGINE define (cherry-picked from commit 73e7123c2dd19b82db167ceee93444e43f70f446) --- Modified: src/modules/tls/tls_server.c --- Diff: https://github.com/kamailio/kamailio/commit/6ee443731a23032fce9a32ce9609ae5b7c6bd171.diff Patch: https://github.com/kamailio/kamailio/commit/6ee443731a23032fce9a32ce9609ae5b7c6bd171.patch --- diff --git a/src/modules/tls/tls_server.c b/src/modules/tls/tls_server.c index 3e22ec42712..3bfea131cf2 100644 --- a/src/modules/tls/tls_server.c +++ b/src/modules/tls/tls_server.c @@ -128,11 +128,6 @@ int tls_run_event_routes(struct tcp_connection *c); #endif /* __SUNPRO_c */ #endif /* TLS_RD_DEBUG */ -/* only OpenSSL <= 1.1.1 */ -#if !defined(OPENSSL_NO_ENGINE) && OPENSSL_VERSION_NUMBER < 0x03000L -#define KSR_SSL_ENGINE -#endif - extern str sr_tls_xavp_cfg; static str _ksr_tls_connect_server_id = STR_NULL; ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:73e7123c: tls: remove unused ENGINE define
Module: kamailio Branch: master Commit: 73e7123c2dd19b82db167ceee93444e43f70f446 URL: https://github.com/kamailio/kamailio/commit/73e7123c2dd19b82db167ceee93444e43f70f446 Author: S-P Chan Committer: S-P Chan Date: 2024-03-02T21:41:11+08:00 tls: remove unused ENGINE define --- Modified: src/modules/tls/tls_server.c --- Diff: https://github.com/kamailio/kamailio/commit/73e7123c2dd19b82db167ceee93444e43f70f446.diff Patch: https://github.com/kamailio/kamailio/commit/73e7123c2dd19b82db167ceee93444e43f70f446.patch --- diff --git a/src/modules/tls/tls_server.c b/src/modules/tls/tls_server.c index 3e22ec42712..3bfea131cf2 100644 --- a/src/modules/tls/tls_server.c +++ b/src/modules/tls/tls_server.c @@ -128,11 +128,6 @@ int tls_run_event_routes(struct tcp_connection *c); #endif /* __SUNPRO_c */ #endif /* TLS_RD_DEBUG */ -/* only OpenSSL <= 1.1.1 */ -#if !defined(OPENSSL_NO_ENGINE) && OPENSSL_VERSION_NUMBER < 0x03000L -#define KSR_SSL_ENGINE -#endif - extern str sr_tls_xavp_cfg; static str _ksr_tls_connect_server_id = STR_NULL; ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:9d42e4aa: tls: clean-up of ENGINE
Module: kamailio Branch: 5.8 Commit: 9d42e4aacab4a7bf18192701cd66cba95c2c98dd URL: https://github.com/kamailio/kamailio/commit/9d42e4aacab4a7bf18192701cd66cba95c2c98dd Author: S-P Chan Committer: S-P Chan Date: 2024-03-02T08:47:48+08:00 tls: clean-up of ENGINE - remove tls_map.* - not needed anymore - install an ENGINE in each worker SSL_CTX no need to replicate to all processes Cherry-pick from 5933893b91 --- Modified: src/modules/tls/tls_domain.c Modified: src/modules/tls/tls_server.c Removed: src/modules/tls/tls_map.c Removed: src/modules/tls/tls_map.h --- Diff: https://github.com/kamailio/kamailio/commit/9d42e4aacab4a7bf18192701cd66cba95c2c98dd.diff Patch: https://github.com/kamailio/kamailio/commit/9d42e4aacab4a7bf18192701cd66cba95c2c98dd.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:5933893b: tls: clean-up of ENGINE
Module: kamailio Branch: master Commit: 5933893b919bccdc1c35e7bb0505e3a49d72c403 URL: https://github.com/kamailio/kamailio/commit/5933893b919bccdc1c35e7bb0505e3a49d72c403 Author: S-P Chan Committer: S-P Chan Date: 2024-03-02T08:46:39+08:00 tls: clean-up of ENGINE - remove tls_map.* - not needed anymore - install an ENGINE in each worker SSL_CTX no need to replicate to all processes --- Modified: src/modules/tls/tls_domain.c Modified: src/modules/tls/tls_server.c Removed: src/modules/tls/tls_map.c Removed: src/modules/tls/tls_map.h --- Diff: https://github.com/kamailio/kamailio/commit/5933893b919bccdc1c35e7bb0505e3a49d72c403.diff Patch: https://github.com/kamailio/kamailio/commit/5933893b919bccdc1c35e7bb0505e3a49d72c403.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:0ddbd961: tls: make explicit ENGINE deprecation in OpenSSL 3
Module: kamailio Branch: 5.8 Commit: 0ddbd961e91abf3e967285d80cc1c6f8d2aa5cf9 URL: https://github.com/kamailio/kamailio/commit/0ddbd961e91abf3e967285d80cc1c6f8d2aa5cf9 Author: S-P Chan Committer: S-P Chan Date: 2024-03-01T08:08:09+08:00 tls: make explicit ENGINE deprecation in OpenSSL 3 Cherry-pick from 0c68a5511e --- Modified: src/modules/tls/tls_domain.c Modified: src/modules/tls/tls_mod.c Modified: src/modules/tls/tls_server.c --- Diff: https://github.com/kamailio/kamailio/commit/0ddbd961e91abf3e967285d80cc1c6f8d2aa5cf9.diff Patch: https://github.com/kamailio/kamailio/commit/0ddbd961e91abf3e967285d80cc1c6f8d2aa5cf9.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:0c68a551: tls: make explicit ENGINE deprecation in OpenSSL 3
Module: kamailio Branch: master Commit: 0c68a5511e83e4367954172e3050fe997e47e9c8 URL: https://github.com/kamailio/kamailio/commit/0c68a5511e83e4367954172e3050fe997e47e9c8 Author: S-P Chan Committer: S-P Chan Date: 2024-03-01T08:06:13+08:00 tls: make explicit ENGINE deprecation in OpenSSL 3 --- Modified: src/modules/tls/tls_domain.c Modified: src/modules/tls/tls_mod.c Modified: src/modules/tls/tls_server.c --- Diff: https://github.com/kamailio/kamailio/commit/0c68a5511e83e4367954172e3050fe997e47e9c8.diff Patch: https://github.com/kamailio/kamailio/commit/0c68a5511e83e4367954172e3050fe997e47e9c8.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:f53c6b49: tls: fix OpenSSL 1.1.1 engine keys
Module: kamailio Branch: 5.8 Commit: f53c6b49e158203ba0783ec6a6fbadd76c5fdde9 URL: https://github.com/kamailio/kamailio/commit/f53c6b49e158203ba0783ec6a6fbadd76c5fdde9 Author: S-P Chan Committer: S-P Chan Date: 2024-02-29T19:02:03+08:00 tls: fix OpenSSL 1.1.1 engine keys Cherry-pick from e535cc5eb2 --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/f53c6b49e158203ba0783ec6a6fbadd76c5fdde9.diff Patch: https://github.com/kamailio/kamailio/commit/f53c6b49e158203ba0783ec6a6fbadd76c5fdde9.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 550a1bcc2b5..322be20bd8e 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -728,6 +728,7 @@ static int tls_engine_init() * We are in the child process and the global engine linked-list * is initialized in the parent. */ + ENGINE_load_builtin_engines(); e = ENGINE_by_id("dynamic"); if(!e) { err = "Error loading dynamic engine"; ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:e535cc5e: tls: fix OpenSSL 1.1.1 engine keys
Module: kamailio Branch: master Commit: e535cc5eb2d81a67d00931bb53328953ec8ef492 URL: https://github.com/kamailio/kamailio/commit/e535cc5eb2d81a67d00931bb53328953ec8ef492 Author: S-P Chan Committer: S-P Chan Date: 2024-02-29T19:01:14+08:00 tls: fix OpenSSL 1.1.1 engine keys --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/e535cc5eb2d81a67d00931bb53328953ec8ef492.diff Patch: https://github.com/kamailio/kamailio/commit/e535cc5eb2d81a67d00931bb53328953ec8ef492.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 550a1bcc2b5..322be20bd8e 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -728,6 +728,7 @@ static int tls_engine_init() * We are in the child process and the global engine linked-list * is initialized in the parent. */ + ENGINE_load_builtin_engines(); e = ENGINE_by_id("dynamic"); if(!e) { err = "Error loading dynamic engine"; ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:e66915b9: tls: fix OpenSSL 1.1.1 engine keys
Module: kamailio Branch: 5.7 Commit: e66915b95fda66ab9d2981854894707813e331ee URL: https://github.com/kamailio/kamailio/commit/e66915b95fda66ab9d2981854894707813e331ee Author: S-P Chan Committer: S-P Chan Date: 2024-02-29T19:05:57+08:00 tls: fix OpenSSL 1.1.1 engine keys Cherry-pick from e535cc5eb2 --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/e66915b95fda66ab9d2981854894707813e331ee.diff Patch: https://github.com/kamailio/kamailio/commit/e66915b95fda66ab9d2981854894707813e331ee.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 664e35f7c33..85a1fc4cd9e 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -728,6 +728,7 @@ static int tls_engine_init() * We are in the child process and the global engine linked-list * is initialized in the parent. */ + ENGINE_load_builtin_engines(); e = ENGINE_by_id("dynamic"); if(!e) { err = "Error loading dynamic engine"; ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:1d9ea67e: http_async_client: libssl refactor thread executors for curl
Module: kamailio Branch: 5.7 Commit: 1d9ea67eb29b4fd45c00a00581e7b73a9b42c8ce URL: https://github.com/kamailio/kamailio/commit/1d9ea67eb29b4fd45c00a00581e7b73a9b42c8ce Author: S-P Chan Committer: S-P Chan Date: 2024-02-27T12:40:11+08:00 http_async_client: libssl refactor thread executors for curl Cherry-pick from 6a0c86bba8 --- Modified: src/modules/http_async_client/http_async_client_mod.c Modified: src/modules/http_async_client/http_multi.c --- Diff: https://github.com/kamailio/kamailio/commit/1d9ea67eb29b4fd45c00a00581e7b73a9b42c8ce.diff Patch: https://github.com/kamailio/kamailio/commit/1d9ea67eb29b4fd45c00a00581e7b73a9b42c8ce.patch --- diff --git a/src/modules/http_async_client/http_async_client_mod.c b/src/modules/http_async_client/http_async_client_mod.c index e9f6cb0d26b..4b984d3efdc 100644 --- a/src/modules/http_async_client/http_async_client_mod.c +++ b/src/modules/http_async_client/http_async_client_mod.c @@ -50,6 +50,9 @@ #include "../../core/cfg/cfg_struct.h" #include "../../core/fmsg.h" #include "../../core/kemi.h" +#define KSR_RTHREAD_NEED_V +#define KSR_RTHREAD_SKIP_P +#include "../../core/rthreads.h" #include "../../modules/tm/tm_load.h" #include "../../modules/pv/pv_api.h" @@ -285,7 +288,7 @@ static int mod_init(void) return -1; } - set_curl_mem_callbacks(); + run_threadV((_thread_protoV)_curl_mem_callbacks); /* init faked sip msg */ if(faked_msg_init() < 0) { diff --git a/src/modules/http_async_client/http_multi.c b/src/modules/http_async_client/http_multi.c index a0ee1c877cf..a57aba9c951 100644 --- a/src/modules/http_async_client/http_multi.c +++ b/src/modules/http_async_client/http_multi.c @@ -32,9 +32,6 @@ #include "../../core/mem/mem.h" #include "../../core/ut.h" #include "../../core/hashes.h" -#define KSR_RTHREAD_NEED_4L -#define KSR_RTHREAD_SKIP_P -#include "../../core/rthreads.h" #include "http_multi.h" extern int hash_size; @@ -392,8 +389,7 @@ void set_curl_mem_callbacks(void) break; case 1: LM_DBG("Initilizing cURL with sys malloc\n"); - rc = run_thread4L( - (_thread_proto4L)curl_global_init, CURL_GLOBAL_ALL); + rc = curl_global_init(CURL_GLOBAL_ALL); if(rc != 0) { LM_ERR("Cannot initialize cURL: %d\n", rc); } ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:bc4c2069: http_async_client: libssl refactor thread executors for curl
Module: kamailio Branch: 5.8 Commit: bc4c206999094ed74e77c73f5537e857111d0a30 URL: https://github.com/kamailio/kamailio/commit/bc4c206999094ed74e77c73f5537e857111d0a30 Author: S-P Chan Committer: S-P Chan Date: 2024-02-27T12:39:52+08:00 http_async_client: libssl refactor thread executors for curl Cherry-pick from 6a0c86bba8 --- Modified: src/modules/http_async_client/http_async_client_mod.c Modified: src/modules/http_async_client/http_multi.c --- Diff: https://github.com/kamailio/kamailio/commit/bc4c206999094ed74e77c73f5537e857111d0a30.diff Patch: https://github.com/kamailio/kamailio/commit/bc4c206999094ed74e77c73f5537e857111d0a30.patch --- diff --git a/src/modules/http_async_client/http_async_client_mod.c b/src/modules/http_async_client/http_async_client_mod.c index 983a9e387f1..97a5c5dd420 100644 --- a/src/modules/http_async_client/http_async_client_mod.c +++ b/src/modules/http_async_client/http_async_client_mod.c @@ -50,6 +50,9 @@ #include "../../core/cfg/cfg_struct.h" #include "../../core/fmsg.h" #include "../../core/kemi.h" +#define KSR_RTHREAD_NEED_V +#define KSR_RTHREAD_SKIP_P +#include "../../core/rthreads.h" #include "../../modules/tm/tm_load.h" #include "../../modules/pv/pv_api.h" @@ -285,7 +288,7 @@ static int mod_init(void) return -1; } - set_curl_mem_callbacks(); + run_threadV((_thread_protoV)_curl_mem_callbacks); /* init faked sip msg */ if(faked_msg_init() < 0) { diff --git a/src/modules/http_async_client/http_multi.c b/src/modules/http_async_client/http_multi.c index a0ee1c877cf..a57aba9c951 100644 --- a/src/modules/http_async_client/http_multi.c +++ b/src/modules/http_async_client/http_multi.c @@ -32,9 +32,6 @@ #include "../../core/mem/mem.h" #include "../../core/ut.h" #include "../../core/hashes.h" -#define KSR_RTHREAD_NEED_4L -#define KSR_RTHREAD_SKIP_P -#include "../../core/rthreads.h" #include "http_multi.h" extern int hash_size; @@ -392,8 +389,7 @@ void set_curl_mem_callbacks(void) break; case 1: LM_DBG("Initilizing cURL with sys malloc\n"); - rc = run_thread4L( - (_thread_proto4L)curl_global_init, CURL_GLOBAL_ALL); + rc = curl_global_init(CURL_GLOBAL_ALL); if(rc != 0) { LM_ERR("Cannot initialize cURL: %d\n", rc); } ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:6a0c86bb: http_async_client: libssl refactor thread executors for curl
Module: kamailio Branch: master Commit: 6a0c86bba8ff1200b8fe9197f2a76688a9948808 URL: https://github.com/kamailio/kamailio/commit/6a0c86bba8ff1200b8fe9197f2a76688a9948808 Author: S-P Chan Committer: S-P Chan Date: 2024-02-27T12:38:09+08:00 http_async_client: libssl refactor thread executors for curl --- Modified: src/modules/http_async_client/http_async_client_mod.c Modified: src/modules/http_async_client/http_multi.c --- Diff: https://github.com/kamailio/kamailio/commit/6a0c86bba8ff1200b8fe9197f2a76688a9948808.diff Patch: https://github.com/kamailio/kamailio/commit/6a0c86bba8ff1200b8fe9197f2a76688a9948808.patch --- diff --git a/src/modules/http_async_client/http_async_client_mod.c b/src/modules/http_async_client/http_async_client_mod.c index 983a9e387f1..97a5c5dd420 100644 --- a/src/modules/http_async_client/http_async_client_mod.c +++ b/src/modules/http_async_client/http_async_client_mod.c @@ -50,6 +50,9 @@ #include "../../core/cfg/cfg_struct.h" #include "../../core/fmsg.h" #include "../../core/kemi.h" +#define KSR_RTHREAD_NEED_V +#define KSR_RTHREAD_SKIP_P +#include "../../core/rthreads.h" #include "../../modules/tm/tm_load.h" #include "../../modules/pv/pv_api.h" @@ -285,7 +288,7 @@ static int mod_init(void) return -1; } - set_curl_mem_callbacks(); + run_threadV((_thread_protoV)_curl_mem_callbacks); /* init faked sip msg */ if(faked_msg_init() < 0) { diff --git a/src/modules/http_async_client/http_multi.c b/src/modules/http_async_client/http_multi.c index a0ee1c877cf..a57aba9c951 100644 --- a/src/modules/http_async_client/http_multi.c +++ b/src/modules/http_async_client/http_multi.c @@ -32,9 +32,6 @@ #include "../../core/mem/mem.h" #include "../../core/ut.h" #include "../../core/hashes.h" -#define KSR_RTHREAD_NEED_4L -#define KSR_RTHREAD_SKIP_P -#include "../../core/rthreads.h" #include "http_multi.h" extern int hash_size; @@ -392,8 +389,7 @@ void set_curl_mem_callbacks(void) break; case 1: LM_DBG("Initilizing cURL with sys malloc\n"); - rc = run_thread4L( - (_thread_proto4L)curl_global_init, CURL_GLOBAL_ALL); + rc = curl_global_init(CURL_GLOBAL_ALL); if(rc != 0) { LM_ERR("Cannot initialize cURL: %d\n", rc); } ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:8098136c: xcap_client: libssl thread executor for curl_global_init()
Module: kamailio Branch: 5.7 Commit: 8098136ccbe2050b499d3d962c44d58203afc370 URL: https://github.com/kamailio/kamailio/commit/8098136ccbe2050b499d3d962c44d58203afc370 Author: S-P Chan Committer: S-P Chan Date: 2024-02-27T05:11:36+08:00 xcap_client: libssl thread executor for curl_global_init() Cherry-pick from f5164b39c8 --- Modified: src/modules/xcap_client/xcap_client.c --- Diff: https://github.com/kamailio/kamailio/commit/8098136ccbe2050b499d3d962c44d58203afc370.diff Patch: https://github.com/kamailio/kamailio/commit/8098136ccbe2050b499d3d962c44d58203afc370.patch --- diff --git a/src/modules/xcap_client/xcap_client.c b/src/modules/xcap_client/xcap_client.c index ac77228bfde..4de2d367b63 100644 --- a/src/modules/xcap_client/xcap_client.c +++ b/src/modules/xcap_client/xcap_client.c @@ -41,6 +41,9 @@ #include "../../core/mem/shm_mem.h" #include "../../core/rpc.h" #include "../../core/rpc_lookup.h" +#define KSR_RTHREAD_NEED_4L +#define KSR_RTHREAD_SKIP_P +#include "../../core/rthreads.h" #include "../presence/utils_func.h" #include "xcap_functions.h" #include "xcap_client.h" @@ -140,7 +143,7 @@ static int mod_init(void) xcap_dbf.close(xcap_db); xcap_db = NULL; - curl_global_init(CURL_GLOBAL_ALL); + run_thread4L((_thread_proto4L)curl_global_init, CURL_GLOBAL_ALL); if(periodical_query) { register_timer(query_xcap_update, 0, query_period); ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:d9285fc7: http_client: libssl thread executor for curl_global_init()
Module: kamailio Branch: 5.7 Commit: d9285fc741c2a3c3995e037c23393df108e94bf1 URL: https://github.com/kamailio/kamailio/commit/d9285fc741c2a3c3995e037c23393df108e94bf1 Author: S-P Chan Committer: S-P Chan Date: 2024-02-27T05:11:33+08:00 http_client: libssl thread executor for curl_global_init() Cherry-pick from f58225950c --- Modified: src/modules/http_client/http_client.c --- Diff: https://github.com/kamailio/kamailio/commit/d9285fc741c2a3c3995e037c23393df108e94bf1.diff Patch: https://github.com/kamailio/kamailio/commit/d9285fc741c2a3c3995e037c23393df108e94bf1.patch --- diff --git a/src/modules/http_client/http_client.c b/src/modules/http_client/http_client.c index 430933e23d2..3cf662820f5 100644 --- a/src/modules/http_client/http_client.c +++ b/src/modules/http_client/http_client.c @@ -64,6 +64,9 @@ #include "../../core/lvalue.h" #include "../../core/pt.h" /* Process table */ #include "../../core/kemi.h" +#define KSR_RTHREAD_NEED_4L +#define KSR_RTHREAD_SKIP_P +#include "../../core/rthreads.h" #include "functions.h" #include "curlcon.h" @@ -278,7 +281,7 @@ static int mod_init(void) LM_DBG("init curl module\n"); /* Initialize curl */ - if(curl_global_init(CURL_GLOBAL_ALL)) { + if(run_thread4L((_thread_proto4L)_global_init, CURL_GLOBAL_ALL)) { LM_ERR("curl_global_init failed\n"); return -1; } ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:d01b6e22: http_async_client: libssl thread executor for curl_global_init()
Module: kamailio Branch: 5.7 Commit: d01b6e22e083c6fab457f8fbe1c8ac2526a37d30 URL: https://github.com/kamailio/kamailio/commit/d01b6e22e083c6fab457f8fbe1c8ac2526a37d30 Author: S-P Chan Committer: S-P Chan Date: 2024-02-27T05:11:23+08:00 http_async_client: libssl thread executor for curl_global_init() Cherry-pick from 514635dc3e --- Modified: src/modules/http_async_client/http_multi.c --- Diff: https://github.com/kamailio/kamailio/commit/d01b6e22e083c6fab457f8fbe1c8ac2526a37d30.diff Patch: https://github.com/kamailio/kamailio/commit/d01b6e22e083c6fab457f8fbe1c8ac2526a37d30.patch --- diff --git a/src/modules/http_async_client/http_multi.c b/src/modules/http_async_client/http_multi.c index a57aba9c951..a0ee1c877cf 100644 --- a/src/modules/http_async_client/http_multi.c +++ b/src/modules/http_async_client/http_multi.c @@ -32,6 +32,9 @@ #include "../../core/mem/mem.h" #include "../../core/ut.h" #include "../../core/hashes.h" +#define KSR_RTHREAD_NEED_4L +#define KSR_RTHREAD_SKIP_P +#include "../../core/rthreads.h" #include "http_multi.h" extern int hash_size; @@ -389,7 +392,8 @@ void set_curl_mem_callbacks(void) break; case 1: LM_DBG("Initilizing cURL with sys malloc\n"); - rc = curl_global_init(CURL_GLOBAL_ALL); + rc = run_thread4L( + (_thread_proto4L)curl_global_init, CURL_GLOBAL_ALL); if(rc != 0) { LM_ERR("Cannot initialize cURL: %d\n", rc); } ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:f850f4ee: Revert ed9d7bc58b - split into per module commits
Module: kamailio Branch: 5.7 Commit: f850f4eef66b6461bb93ede9bf67b52458e18856 URL: https://github.com/kamailio/kamailio/commit/f850f4eef66b6461bb93ede9bf67b52458e18856 Author: S-P Chan Committer: S-P Chan Date: 2024-02-27T05:07:27+08:00 Revert ed9d7bc58b - split into per module commits --- Modified: src/core/rthreads.h Modified: src/modules/http_async_client/http_multi.c Modified: src/modules/http_client/http_client.c Modified: src/modules/xcap_client/xcap_client.c --- Diff: https://github.com/kamailio/kamailio/commit/f850f4eef66b6461bb93ede9bf67b52458e18856.diff Patch: https://github.com/kamailio/kamailio/commit/f850f4eef66b6461bb93ede9bf67b52458e18856.patch --- diff --git a/src/core/rthreads.h b/src/core/rthreads.h index 0f4f0cf8b8a..e96f45c9395 100644 --- a/src/core/rthreads.h +++ b/src/core/rthreads.h @@ -254,41 +254,3 @@ static int run_thread4P5I2P2(_thread_proto4P5I2P2 fn, void *arg1, void *arg2, #endif } #endif - -/* - * prototype: CURLcode curl_global_init(long flags) { ... } - */ -#ifdef KSR_RTHREAD_NEED_4L -typedef int (*_thread_proto4L)(long); -struct _thread_args4L -{ - _thread_proto4L fn; - long arg1; - int *ret; -}; -static void *run_thread_wrap4L(struct _thread_args4L *args) -{ - *args->ret = (*args->fn)(args->arg1); - return NULL; -} - -static int run_thread4L(_thread_proto4L fn, long arg1) -{ -#ifdef USE_TLS - pthread_t tid; - int ret; - - if(likely(ksr_tls_threads_mode == 0 - || (ksr_tls_threads_mode == 1 && process_no > 0))) { - return fn(arg1); - } - pthread_create(, NULL, (_thread_proto)run_thread_wrap4L, - &(struct _thread_args4L){fn, arg1, }); - pthread_join(tid, NULL); - - return ret; -#else - return fn(arg1) -#endif -} -#endif diff --git a/src/modules/http_async_client/http_multi.c b/src/modules/http_async_client/http_multi.c index a0ee1c877cf..a57aba9c951 100644 --- a/src/modules/http_async_client/http_multi.c +++ b/src/modules/http_async_client/http_multi.c @@ -32,9 +32,6 @@ #include "../../core/mem/mem.h" #include "../../core/ut.h" #include "../../core/hashes.h" -#define KSR_RTHREAD_NEED_4L -#define KSR_RTHREAD_SKIP_P -#include "../../core/rthreads.h" #include "http_multi.h" extern int hash_size; @@ -392,8 +389,7 @@ void set_curl_mem_callbacks(void) break; case 1: LM_DBG("Initilizing cURL with sys malloc\n"); - rc = run_thread4L( - (_thread_proto4L)curl_global_init, CURL_GLOBAL_ALL); + rc = curl_global_init(CURL_GLOBAL_ALL); if(rc != 0) { LM_ERR("Cannot initialize cURL: %d\n", rc); } diff --git a/src/modules/http_client/http_client.c b/src/modules/http_client/http_client.c index 3cf662820f5..430933e23d2 100644 --- a/src/modules/http_client/http_client.c +++ b/src/modules/http_client/http_client.c @@ -64,9 +64,6 @@ #include "../../core/lvalue.h" #include "../../core/pt.h" /* Process table */ #include "../../core/kemi.h" -#define KSR_RTHREAD_NEED_4L -#define KSR_RTHREAD_SKIP_P -#include "../../core/rthreads.h" #include "functions.h" #include "curlcon.h" @@ -281,7 +278,7 @@ static int mod_init(void) LM_DBG("init curl module\n"); /* Initialize curl */ - if(run_thread4L((_thread_proto4L)_global_init, CURL_GLOBAL_ALL)) { + if(curl_global_init(CURL_GLOBAL_ALL)) { LM_ERR("curl_global_init failed\n"); return -1; } diff --git a/src/modules/xcap_client/xcap_client.c b/src/modules/xcap_client/xcap_client.c index 4de2d367b63..ac77228bfde 100644 --- a/src/modules/xcap_client/xcap_client.c +++ b/src/modules/xcap_client/xcap_client.c @@ -41,9 +41,6 @@ #include "../../core/mem/shm_mem.h" #include "../../core/rpc.h" #include "../../core/rpc_lookup.h" -#define KSR_RTHREAD_NEED_4L -#define KSR_RTHREAD_SKIP_P -#include "../../core/rthreads.h" #include "../presence/utils_func.h" #include "xcap_functions.h" #include "xcap_client.h" @@ -143,7 +140,7 @@ static int mod_init(void) xcap_dbf.close(xcap_db); xcap_db = NULL; - run_thread4L((_thread_proto4L)curl_global_init, CURL_GLOBAL_ALL); + curl_global_init(CURL_GLOBAL_ALL); if(periodical_query) { register_timer(query_xcap_update, 0, query_period); ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:0f1d78a2: core/rthreads.h: add thread executor for curl_global_init()
Module: kamailio Branch: 5.7 Commit: 0f1d78a22aeefef7601d0cf646ec154f5e52c175 URL: https://github.com/kamailio/kamailio/commit/0f1d78a22aeefef7601d0cf646ec154f5e52c175 Author: S-P Chan Committer: S-P Chan Date: 2024-02-27T05:11:08+08:00 core/rthreads.h: add thread executor for curl_global_init() Cherry-pick from db05449932 --- Modified: src/core/rthreads.h --- Diff: https://github.com/kamailio/kamailio/commit/0f1d78a22aeefef7601d0cf646ec154f5e52c175.diff Patch: https://github.com/kamailio/kamailio/commit/0f1d78a22aeefef7601d0cf646ec154f5e52c175.patch --- diff --git a/src/core/rthreads.h b/src/core/rthreads.h index e96f45c9395..0f4f0cf8b8a 100644 --- a/src/core/rthreads.h +++ b/src/core/rthreads.h @@ -254,3 +254,41 @@ static int run_thread4P5I2P2(_thread_proto4P5I2P2 fn, void *arg1, void *arg2, #endif } #endif + +/* + * prototype: CURLcode curl_global_init(long flags) { ... } + */ +#ifdef KSR_RTHREAD_NEED_4L +typedef int (*_thread_proto4L)(long); +struct _thread_args4L +{ + _thread_proto4L fn; + long arg1; + int *ret; +}; +static void *run_thread_wrap4L(struct _thread_args4L *args) +{ + *args->ret = (*args->fn)(args->arg1); + return NULL; +} + +static int run_thread4L(_thread_proto4L fn, long arg1) +{ +#ifdef USE_TLS + pthread_t tid; + int ret; + + if(likely(ksr_tls_threads_mode == 0 + || (ksr_tls_threads_mode == 1 && process_no > 0))) { + return fn(arg1); + } + pthread_create(, NULL, (_thread_proto)run_thread_wrap4L, + &(struct _thread_args4L){fn, arg1, }); + pthread_join(tid, NULL); + + return ret; +#else + return fn(arg1) +#endif +} +#endif ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:49c3290f: http_client: libssl thread executor for curl_global_init()
Module: kamailio Branch: 5.8 Commit: 49c3290fc6eb50de0b08661c50ff42663ff3de6b URL: https://github.com/kamailio/kamailio/commit/49c3290fc6eb50de0b08661c50ff42663ff3de6b Author: S-P Chan Committer: S-P Chan Date: 2024-02-27T05:05:40+08:00 http_client: libssl thread executor for curl_global_init() Cherry-pick from f58225950c --- Modified: src/modules/http_client/http_client.c --- Diff: https://github.com/kamailio/kamailio/commit/49c3290fc6eb50de0b08661c50ff42663ff3de6b.diff Patch: https://github.com/kamailio/kamailio/commit/49c3290fc6eb50de0b08661c50ff42663ff3de6b.patch --- diff --git a/src/modules/http_client/http_client.c b/src/modules/http_client/http_client.c index 48844246984..ca605ec1729 100644 --- a/src/modules/http_client/http_client.c +++ b/src/modules/http_client/http_client.c @@ -64,6 +64,9 @@ #include "../../core/lvalue.h" #include "../../core/pt.h" /* Process table */ #include "../../core/kemi.h" +#define KSR_RTHREAD_NEED_4L +#define KSR_RTHREAD_SKIP_P +#include "../../core/rthreads.h" #include "functions.h" #include "curlcon.h" @@ -76,8 +79,10 @@ MODULE_VERSION #define CURL_USER_AGENT_LEN (sizeof(CURL_USER_AGENT) - 1) /* Module parameter variables */ -unsigned int default_connection_timeout = 0; /*!< 0 = not user configured - the default (4 seconds) will be used */ -unsigned int timeout_mode = 1; /*!< 0 = timeout disabled, 1 (default) = timeout in seconds, 2 = timeout in ms */ +unsigned int default_connection_timeout = + 0; /*!< 0 = not user configured - the default (4 seconds) will be used */ +unsigned int timeout_mode = + 1; /*!< 0 = timeout disabled, 1 (default) = timeout in seconds, 2 = timeout in ms */ char *default_tls_cacert = NULL; /*!< File name: Default CA cert to use for curl TLS connection */ str default_tls_clientcert = @@ -280,7 +285,7 @@ static int mod_init(void) LM_DBG("init curl module\n"); /* Initialize curl */ - if(curl_global_init(CURL_GLOBAL_ALL)) { + if(run_thread4L((_thread_proto4L)_global_init, CURL_GLOBAL_ALL)) { LM_ERR("curl_global_init failed\n"); return -1; } @@ -317,16 +322,16 @@ static int mod_init(void) * - 1 (default) : timeout value is in seconds. * - 2 : timeout value is in milliseconds. */ - if (!(timeout_mode == 1 || timeout_mode == 2)) { - if (default_connection_timeout > 0) { + if(!(timeout_mode == 1 || timeout_mode == 2)) { + if(default_connection_timeout > 0) { LM_WARN("configured connection_timeout is ignored " - "because timeouts are disabled (timeout_mode)\n"); + "because timeouts are disabled (timeout_mode)\n"); } - } else if (default_connection_timeout == 0) { + } else if(default_connection_timeout == 0) { LM_INFO("curl connection timeout set to zero. Using default 4 secs\n"); - if (timeout_mode == 1) { /* timeout is in seconds (default) */ + if(timeout_mode == 1) { /* timeout is in seconds (default) */ default_connection_timeout = 4; - } else if (timeout_mode == 2) { /* timeout is in milliseconds */ + } else if(timeout_mode == 2) { /* timeout is in milliseconds */ default_connection_timeout = 4000; } } ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:ce17fee3: core/rthreads.h: add thread executor for curl_global_init()
Module: kamailio Branch: 5.8 Commit: ce17fee304e9ffa5046194a0827f771742113640 URL: https://github.com/kamailio/kamailio/commit/ce17fee304e9ffa5046194a0827f771742113640 Author: S-P Chan Committer: S-P Chan Date: 2024-02-27T05:04:59+08:00 core/rthreads.h: add thread executor for curl_global_init() Cherry-pick from db05449932 --- Modified: src/core/rthreads.h --- Diff: https://github.com/kamailio/kamailio/commit/ce17fee304e9ffa5046194a0827f771742113640.diff Patch: https://github.com/kamailio/kamailio/commit/ce17fee304e9ffa5046194a0827f771742113640.patch --- diff --git a/src/core/rthreads.h b/src/core/rthreads.h index e96f45c9395..0f4f0cf8b8a 100644 --- a/src/core/rthreads.h +++ b/src/core/rthreads.h @@ -254,3 +254,41 @@ static int run_thread4P5I2P2(_thread_proto4P5I2P2 fn, void *arg1, void *arg2, #endif } #endif + +/* + * prototype: CURLcode curl_global_init(long flags) { ... } + */ +#ifdef KSR_RTHREAD_NEED_4L +typedef int (*_thread_proto4L)(long); +struct _thread_args4L +{ + _thread_proto4L fn; + long arg1; + int *ret; +}; +static void *run_thread_wrap4L(struct _thread_args4L *args) +{ + *args->ret = (*args->fn)(args->arg1); + return NULL; +} + +static int run_thread4L(_thread_proto4L fn, long arg1) +{ +#ifdef USE_TLS + pthread_t tid; + int ret; + + if(likely(ksr_tls_threads_mode == 0 + || (ksr_tls_threads_mode == 1 && process_no > 0))) { + return fn(arg1); + } + pthread_create(, NULL, (_thread_proto)run_thread_wrap4L, + &(struct _thread_args4L){fn, arg1, }); + pthread_join(tid, NULL); + + return ret; +#else + return fn(arg1) +#endif +} +#endif ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:53398940: xcap_client: libssl thread executor for curl_global_init()
Module: kamailio Branch: 5.8 Commit: 533989406d0fa1e57ff007fd8d7f702f5831dacd URL: https://github.com/kamailio/kamailio/commit/533989406d0fa1e57ff007fd8d7f702f5831dacd Author: S-P Chan Committer: S-P Chan Date: 2024-02-27T05:05:54+08:00 xcap_client: libssl thread executor for curl_global_init() Cherry-pick from f5164b39c8 --- Modified: src/modules/xcap_client/xcap_client.c --- Diff: https://github.com/kamailio/kamailio/commit/533989406d0fa1e57ff007fd8d7f702f5831dacd.diff Patch: https://github.com/kamailio/kamailio/commit/533989406d0fa1e57ff007fd8d7f702f5831dacd.patch --- diff --git a/src/modules/xcap_client/xcap_client.c b/src/modules/xcap_client/xcap_client.c index ac77228bfde..4de2d367b63 100644 --- a/src/modules/xcap_client/xcap_client.c +++ b/src/modules/xcap_client/xcap_client.c @@ -41,6 +41,9 @@ #include "../../core/mem/shm_mem.h" #include "../../core/rpc.h" #include "../../core/rpc_lookup.h" +#define KSR_RTHREAD_NEED_4L +#define KSR_RTHREAD_SKIP_P +#include "../../core/rthreads.h" #include "../presence/utils_func.h" #include "xcap_functions.h" #include "xcap_client.h" @@ -140,7 +143,7 @@ static int mod_init(void) xcap_dbf.close(xcap_db); xcap_db = NULL; - curl_global_init(CURL_GLOBAL_ALL); + run_thread4L((_thread_proto4L)curl_global_init, CURL_GLOBAL_ALL); if(periodical_query) { register_timer(query_xcap_update, 0, query_period); ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:5d4fae5c: http_async_client: libssl thread executor for curl_global_init()
Module: kamailio Branch: 5.8 Commit: 5d4fae5c24eb4f13d585e1af4cb1753ea5a784c5 URL: https://github.com/kamailio/kamailio/commit/5d4fae5c24eb4f13d585e1af4cb1753ea5a784c5 Author: S-P Chan Committer: S-P Chan Date: 2024-02-27T05:05:20+08:00 http_async_client: libssl thread executor for curl_global_init() Cherry-pick from 514635dc3e --- Modified: src/modules/http_async_client/http_multi.c --- Diff: https://github.com/kamailio/kamailio/commit/5d4fae5c24eb4f13d585e1af4cb1753ea5a784c5.diff Patch: https://github.com/kamailio/kamailio/commit/5d4fae5c24eb4f13d585e1af4cb1753ea5a784c5.patch --- diff --git a/src/modules/http_async_client/http_multi.c b/src/modules/http_async_client/http_multi.c index a57aba9c951..a0ee1c877cf 100644 --- a/src/modules/http_async_client/http_multi.c +++ b/src/modules/http_async_client/http_multi.c @@ -32,6 +32,9 @@ #include "../../core/mem/mem.h" #include "../../core/ut.h" #include "../../core/hashes.h" +#define KSR_RTHREAD_NEED_4L +#define KSR_RTHREAD_SKIP_P +#include "../../core/rthreads.h" #include "http_multi.h" extern int hash_size; @@ -389,7 +392,8 @@ void set_curl_mem_callbacks(void) break; case 1: LM_DBG("Initilizing cURL with sys malloc\n"); - rc = curl_global_init(CURL_GLOBAL_ALL); + rc = run_thread4L( + (_thread_proto4L)curl_global_init, CURL_GLOBAL_ALL); if(rc != 0) { LM_ERR("Cannot initialize cURL: %d\n", rc); } ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:b1a30880: Revert ac4f1be039 - split into per module commits
Module: kamailio Branch: 5.8 Commit: b1a308801430a5561c4c13c1d4602fe5d5542cf8 URL: https://github.com/kamailio/kamailio/commit/b1a308801430a5561c4c13c1d4602fe5d5542cf8 Author: S-P Chan Committer: S-P Chan Date: 2024-02-27T05:03:10+08:00 Revert ac4f1be039 - split into per module commits --- Modified: src/core/rthreads.h Modified: src/modules/http_async_client/http_multi.c Modified: src/modules/http_client/http_client.c Modified: src/modules/xcap_client/xcap_client.c --- Diff: https://github.com/kamailio/kamailio/commit/b1a308801430a5561c4c13c1d4602fe5d5542cf8.diff Patch: https://github.com/kamailio/kamailio/commit/b1a308801430a5561c4c13c1d4602fe5d5542cf8.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:514635dc: http_async_client: libssl thread executor for curl_global_init()
Module: kamailio Branch: master Commit: 514635dc3e6182ff0daaebe548ed613edc2de61f URL: https://github.com/kamailio/kamailio/commit/514635dc3e6182ff0daaebe548ed613edc2de61f Author: S-P Chan Committer: S-P Chan Date: 2024-02-27T05:01:14+08:00 http_async_client: libssl thread executor for curl_global_init() --- Modified: src/modules/http_async_client/http_multi.c --- Diff: https://github.com/kamailio/kamailio/commit/514635dc3e6182ff0daaebe548ed613edc2de61f.diff Patch: https://github.com/kamailio/kamailio/commit/514635dc3e6182ff0daaebe548ed613edc2de61f.patch --- diff --git a/src/modules/http_async_client/http_multi.c b/src/modules/http_async_client/http_multi.c index a57aba9c951..a0ee1c877cf 100644 --- a/src/modules/http_async_client/http_multi.c +++ b/src/modules/http_async_client/http_multi.c @@ -32,6 +32,9 @@ #include "../../core/mem/mem.h" #include "../../core/ut.h" #include "../../core/hashes.h" +#define KSR_RTHREAD_NEED_4L +#define KSR_RTHREAD_SKIP_P +#include "../../core/rthreads.h" #include "http_multi.h" extern int hash_size; @@ -389,7 +392,8 @@ void set_curl_mem_callbacks(void) break; case 1: LM_DBG("Initilizing cURL with sys malloc\n"); - rc = curl_global_init(CURL_GLOBAL_ALL); + rc = run_thread4L( + (_thread_proto4L)curl_global_init, CURL_GLOBAL_ALL); if(rc != 0) { LM_ERR("Cannot initialize cURL: %d\n", rc); } ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:db054499: core/rthreads.h: add thread executor for curl_global_init()
Module: kamailio Branch: master Commit: db05449932b1753d4b705f88445533bbe1ed6475 URL: https://github.com/kamailio/kamailio/commit/db05449932b1753d4b705f88445533bbe1ed6475 Author: S-P Chan Committer: S-P Chan Date: 2024-02-27T05:00:35+08:00 core/rthreads.h: add thread executor for curl_global_init() --- Modified: src/core/rthreads.h --- Diff: https://github.com/kamailio/kamailio/commit/db05449932b1753d4b705f88445533bbe1ed6475.diff Patch: https://github.com/kamailio/kamailio/commit/db05449932b1753d4b705f88445533bbe1ed6475.patch --- diff --git a/src/core/rthreads.h b/src/core/rthreads.h index e96f45c9395..0f4f0cf8b8a 100644 --- a/src/core/rthreads.h +++ b/src/core/rthreads.h @@ -254,3 +254,41 @@ static int run_thread4P5I2P2(_thread_proto4P5I2P2 fn, void *arg1, void *arg2, #endif } #endif + +/* + * prototype: CURLcode curl_global_init(long flags) { ... } + */ +#ifdef KSR_RTHREAD_NEED_4L +typedef int (*_thread_proto4L)(long); +struct _thread_args4L +{ + _thread_proto4L fn; + long arg1; + int *ret; +}; +static void *run_thread_wrap4L(struct _thread_args4L *args) +{ + *args->ret = (*args->fn)(args->arg1); + return NULL; +} + +static int run_thread4L(_thread_proto4L fn, long arg1) +{ +#ifdef USE_TLS + pthread_t tid; + int ret; + + if(likely(ksr_tls_threads_mode == 0 + || (ksr_tls_threads_mode == 1 && process_no > 0))) { + return fn(arg1); + } + pthread_create(, NULL, (_thread_proto)run_thread_wrap4L, + &(struct _thread_args4L){fn, arg1, }); + pthread_join(tid, NULL); + + return ret; +#else + return fn(arg1) +#endif +} +#endif ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:f5822595: http_client: libssl thread executor for curl_global_init()
Module: kamailio Branch: master Commit: f58225950cc2bfa63a230a3bc8460bbcbfa7738e URL: https://github.com/kamailio/kamailio/commit/f58225950cc2bfa63a230a3bc8460bbcbfa7738e Author: S-P Chan Committer: S-P Chan Date: 2024-02-27T05:01:31+08:00 http_client: libssl thread executor for curl_global_init() --- Modified: src/modules/http_client/http_client.c --- Diff: https://github.com/kamailio/kamailio/commit/f58225950cc2bfa63a230a3bc8460bbcbfa7738e.diff Patch: https://github.com/kamailio/kamailio/commit/f58225950cc2bfa63a230a3bc8460bbcbfa7738e.patch --- diff --git a/src/modules/http_client/http_client.c b/src/modules/http_client/http_client.c index 48844246984..ca605ec1729 100644 --- a/src/modules/http_client/http_client.c +++ b/src/modules/http_client/http_client.c @@ -64,6 +64,9 @@ #include "../../core/lvalue.h" #include "../../core/pt.h" /* Process table */ #include "../../core/kemi.h" +#define KSR_RTHREAD_NEED_4L +#define KSR_RTHREAD_SKIP_P +#include "../../core/rthreads.h" #include "functions.h" #include "curlcon.h" @@ -76,8 +79,10 @@ MODULE_VERSION #define CURL_USER_AGENT_LEN (sizeof(CURL_USER_AGENT) - 1) /* Module parameter variables */ -unsigned int default_connection_timeout = 0; /*!< 0 = not user configured - the default (4 seconds) will be used */ -unsigned int timeout_mode = 1; /*!< 0 = timeout disabled, 1 (default) = timeout in seconds, 2 = timeout in ms */ +unsigned int default_connection_timeout = + 0; /*!< 0 = not user configured - the default (4 seconds) will be used */ +unsigned int timeout_mode = + 1; /*!< 0 = timeout disabled, 1 (default) = timeout in seconds, 2 = timeout in ms */ char *default_tls_cacert = NULL; /*!< File name: Default CA cert to use for curl TLS connection */ str default_tls_clientcert = @@ -280,7 +285,7 @@ static int mod_init(void) LM_DBG("init curl module\n"); /* Initialize curl */ - if(curl_global_init(CURL_GLOBAL_ALL)) { + if(run_thread4L((_thread_proto4L)_global_init, CURL_GLOBAL_ALL)) { LM_ERR("curl_global_init failed\n"); return -1; } @@ -317,16 +322,16 @@ static int mod_init(void) * - 1 (default) : timeout value is in seconds. * - 2 : timeout value is in milliseconds. */ - if (!(timeout_mode == 1 || timeout_mode == 2)) { - if (default_connection_timeout > 0) { + if(!(timeout_mode == 1 || timeout_mode == 2)) { + if(default_connection_timeout > 0) { LM_WARN("configured connection_timeout is ignored " - "because timeouts are disabled (timeout_mode)\n"); + "because timeouts are disabled (timeout_mode)\n"); } - } else if (default_connection_timeout == 0) { + } else if(default_connection_timeout == 0) { LM_INFO("curl connection timeout set to zero. Using default 4 secs\n"); - if (timeout_mode == 1) { /* timeout is in seconds (default) */ + if(timeout_mode == 1) { /* timeout is in seconds (default) */ default_connection_timeout = 4; - } else if (timeout_mode == 2) { /* timeout is in milliseconds */ + } else if(timeout_mode == 2) { /* timeout is in milliseconds */ default_connection_timeout = 4000; } } ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:f5164b39: xcap_client: libssl thread executor for curl_global_init()
Module: kamailio Branch: master Commit: f5164b39c8b61792e9cf396cfcd0fe3ba567bb86 URL: https://github.com/kamailio/kamailio/commit/f5164b39c8b61792e9cf396cfcd0fe3ba567bb86 Author: S-P Chan Committer: S-P Chan Date: 2024-02-27T05:01:45+08:00 xcap_client: libssl thread executor for curl_global_init() --- Modified: src/modules/xcap_client/xcap_client.c --- Diff: https://github.com/kamailio/kamailio/commit/f5164b39c8b61792e9cf396cfcd0fe3ba567bb86.diff Patch: https://github.com/kamailio/kamailio/commit/f5164b39c8b61792e9cf396cfcd0fe3ba567bb86.patch --- diff --git a/src/modules/xcap_client/xcap_client.c b/src/modules/xcap_client/xcap_client.c index ac77228bfde..4de2d367b63 100644 --- a/src/modules/xcap_client/xcap_client.c +++ b/src/modules/xcap_client/xcap_client.c @@ -41,6 +41,9 @@ #include "../../core/mem/shm_mem.h" #include "../../core/rpc.h" #include "../../core/rpc_lookup.h" +#define KSR_RTHREAD_NEED_4L +#define KSR_RTHREAD_SKIP_P +#include "../../core/rthreads.h" #include "../presence/utils_func.h" #include "xcap_functions.h" #include "xcap_client.h" @@ -140,7 +143,7 @@ static int mod_init(void) xcap_dbf.close(xcap_db); xcap_db = NULL; - curl_global_init(CURL_GLOBAL_ALL); + run_thread4L((_thread_proto4L)curl_global_init, CURL_GLOBAL_ALL); if(periodical_query) { register_timer(query_xcap_update, 0, query_period); ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:272a4e08: Revert 8b2573c1f7 - split into per module commits
Module: kamailio Branch: master Commit: 272a4e08be61870cd7788c8cd8dd9be29b50753f URL: https://github.com/kamailio/kamailio/commit/272a4e08be61870cd7788c8cd8dd9be29b50753f Author: S-P Chan Committer: S-P Chan Date: 2024-02-27T04:58:40+08:00 Revert 8b2573c1f7 - split into per module commits --- Modified: src/core/rthreads.h Modified: src/modules/http_async_client/http_multi.c Modified: src/modules/http_client/http_client.c Modified: src/modules/xcap_client/xcap_client.c --- Diff: https://github.com/kamailio/kamailio/commit/272a4e08be61870cd7788c8cd8dd9be29b50753f.diff Patch: https://github.com/kamailio/kamailio/commit/272a4e08be61870cd7788c8cd8dd9be29b50753f.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:ed9d7bc5: OpenSSL integration: manage curl_global_init(...) used by modules
Module: kamailio Branch: 5.7 Commit: ed9d7bc58b1896652f2526daa524531a0945b7b3 URL: https://github.com/kamailio/kamailio/commit/ed9d7bc58b1896652f2526daa524531a0945b7b3 Author: S-P Chan Committer: S-P Chan Date: 2024-02-26T10:45:02+08:00 OpenSSL integration: manage curl_global_init(...) used by modules - http_client, http_async_client, xcap_client use libcurl - call curl_global_init in a thread executor as it invokes OpenSSL functions on Debian 12 - clang-format Cherry-pick from ac4f1be039 --- Modified: src/core/rthreads.h Modified: src/modules/http_async_client/http_multi.c Modified: src/modules/http_client/http_client.c Modified: src/modules/xcap_client/xcap_client.c --- Diff: https://github.com/kamailio/kamailio/commit/ed9d7bc58b1896652f2526daa524531a0945b7b3.diff Patch: https://github.com/kamailio/kamailio/commit/ed9d7bc58b1896652f2526daa524531a0945b7b3.patch --- diff --git a/src/core/rthreads.h b/src/core/rthreads.h index e96f45c9395..0f4f0cf8b8a 100644 --- a/src/core/rthreads.h +++ b/src/core/rthreads.h @@ -254,3 +254,41 @@ static int run_thread4P5I2P2(_thread_proto4P5I2P2 fn, void *arg1, void *arg2, #endif } #endif + +/* + * prototype: CURLcode curl_global_init(long flags) { ... } + */ +#ifdef KSR_RTHREAD_NEED_4L +typedef int (*_thread_proto4L)(long); +struct _thread_args4L +{ + _thread_proto4L fn; + long arg1; + int *ret; +}; +static void *run_thread_wrap4L(struct _thread_args4L *args) +{ + *args->ret = (*args->fn)(args->arg1); + return NULL; +} + +static int run_thread4L(_thread_proto4L fn, long arg1) +{ +#ifdef USE_TLS + pthread_t tid; + int ret; + + if(likely(ksr_tls_threads_mode == 0 + || (ksr_tls_threads_mode == 1 && process_no > 0))) { + return fn(arg1); + } + pthread_create(, NULL, (_thread_proto)run_thread_wrap4L, + &(struct _thread_args4L){fn, arg1, }); + pthread_join(tid, NULL); + + return ret; +#else + return fn(arg1) +#endif +} +#endif diff --git a/src/modules/http_async_client/http_multi.c b/src/modules/http_async_client/http_multi.c index a57aba9c951..a0ee1c877cf 100644 --- a/src/modules/http_async_client/http_multi.c +++ b/src/modules/http_async_client/http_multi.c @@ -32,6 +32,9 @@ #include "../../core/mem/mem.h" #include "../../core/ut.h" #include "../../core/hashes.h" +#define KSR_RTHREAD_NEED_4L +#define KSR_RTHREAD_SKIP_P +#include "../../core/rthreads.h" #include "http_multi.h" extern int hash_size; @@ -389,7 +392,8 @@ void set_curl_mem_callbacks(void) break; case 1: LM_DBG("Initilizing cURL with sys malloc\n"); - rc = curl_global_init(CURL_GLOBAL_ALL); + rc = run_thread4L( + (_thread_proto4L)curl_global_init, CURL_GLOBAL_ALL); if(rc != 0) { LM_ERR("Cannot initialize cURL: %d\n", rc); } diff --git a/src/modules/http_client/http_client.c b/src/modules/http_client/http_client.c index 430933e23d2..3cf662820f5 100644 --- a/src/modules/http_client/http_client.c +++ b/src/modules/http_client/http_client.c @@ -64,6 +64,9 @@ #include "../../core/lvalue.h" #include "../../core/pt.h" /* Process table */ #include "../../core/kemi.h" +#define KSR_RTHREAD_NEED_4L +#define KSR_RTHREAD_SKIP_P +#include "../../core/rthreads.h" #include "functions.h" #include "curlcon.h" @@ -278,7 +281,7 @@ static int mod_init(void) LM_DBG("init curl module\n"); /* Initialize curl */ - if(curl_global_init(CURL_GLOBAL_ALL)) { + if(run_thread4L((_thread_proto4L)_global_init, CURL_GLOBAL_ALL)) { LM_ERR("curl_global_init failed\n"); return -1; } diff --git a/src/modules/xcap_client/xcap_client.c b/src/modules/xcap_client/xcap_client.c index ac77228bfde..4de2d367b63 100644 --- a/src/modules/xcap_client/xcap_client.c +++ b/src/modules/xcap_client/xcap_client.c @@ -41,6 +41,9 @@ #include "../../core/mem/shm_mem.h" #include "../../core/rpc.h" #include "../../core/rpc_lookup.h" +#define KSR_RTHREAD_NEED_4L +#define KSR_RTHREAD_SKIP_P +#include "../../core/rthreads.h" #include "../presence/utils_func.h" #include "xcap_functions.h" #include "xcap_client.h" @@ -140,7 +143,7 @@ static int mod_init(void) xcap_dbf.close(xcap_db); xcap_db = NULL; - curl_global_init(CURL_GLOBAL_ALL); + run_thread4L((_thread_proto4L)curl_global_init, CURL_GLOBAL_ALL); if(periodical_query) { register_timer(query_xcap_update, 0, query_period); ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:8b2573c1: OpenSSL integration: manage curl_global_init(...) used by modules
Module: kamailio Branch: master Commit: 8b2573c1f7c5e4bed24f8c5ca09817f613641a03 URL: https://github.com/kamailio/kamailio/commit/8b2573c1f7c5e4bed24f8c5ca09817f613641a03 Author: S-P Chan Committer: S-P Chan Date: 2024-02-26T10:40:19+08:00 OpenSSL integration: manage curl_global_init(...) used by modules - http_client, http_async_client, xcap_client use libcurl - call curl_global_init in a thread executor as it invokes OpenSSL functions on Debian 12 - clang-format --- Modified: src/core/rthreads.h Modified: src/modules/http_async_client/http_multi.c Modified: src/modules/http_client/http_client.c Modified: src/modules/xcap_client/xcap_client.c --- Diff: https://github.com/kamailio/kamailio/commit/8b2573c1f7c5e4bed24f8c5ca09817f613641a03.diff Patch: https://github.com/kamailio/kamailio/commit/8b2573c1f7c5e4bed24f8c5ca09817f613641a03.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:ac4f1be0: OpenSSL integration: manage curl_global_init(...) used by modules
Module: kamailio Branch: 5.8 Commit: ac4f1be039809d68483fe39e94b0803da1661a48 URL: https://github.com/kamailio/kamailio/commit/ac4f1be039809d68483fe39e94b0803da1661a48 Author: S-P Chan Committer: S-P Chan Date: 2024-02-26T10:36:36+08:00 OpenSSL integration: manage curl_global_init(...) used by modules - http_client, http_async_client, xcap_client use libcurl - call curl_global_init in a thread executor as it invokes OpenSSL functions on Debian 12 - clang-format --- Modified: src/core/rthreads.h Modified: src/modules/http_async_client/http_multi.c Modified: src/modules/http_client/http_client.c Modified: src/modules/xcap_client/xcap_client.c --- Diff: https://github.com/kamailio/kamailio/commit/ac4f1be039809d68483fe39e94b0803da1661a48.diff Patch: https://github.com/kamailio/kamailio/commit/ac4f1be039809d68483fe39e94b0803da1661a48.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:191efd64: tls: fix OpenSSL 1.1.1 compatibility
Module: kamailio Branch: master Commit: 191efd6485989de64713d0644368c2f58d984f5e URL: https://github.com/kamailio/kamailio/commit/191efd6485989de64713d0644368c2f58d984f5e Author: S-P Chan Committer: S-P Chan Date: 2024-02-25T20:43:55+08:00 tls: fix OpenSSL 1.1.1 compatibility --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/191efd6485989de64713d0644368c2f58d984f5e.diff Patch: https://github.com/kamailio/kamailio/commit/191efd6485989de64713d0644368c2f58d984f5e.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 136f0e2deb2..550a1bcc2b5 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -688,6 +688,14 @@ int mod_register(char *path, int *dlflags, void *p1, void *p2) * GH #3695: OpenSSL 1.1.1 historical note: it is no longer * needed to replace RAND with cryptorand */ +#if OPENSSL_VERSION_NUMBER >= 0x1010L \ + && OPENSSL_VERSION_NUMBER < 0x03000L + if(ksr_tls_threads_mode == 0) { + LM_WARN("OpenSSL 1.1.1 setting cryptorand random engine\n"); + RAND_set_rand_method(RAND_ksr_cryptorand_method()); + } +#endif + sr_kemi_modules_add(sr_kemi_tls_exports); return 0; ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:b98718c2: tls: fix OpenSSL 1.1.1 compatibility
Module: kamailio Branch: 5.8 Commit: b98718c28f72b1372a62b17174b43c403fa6b729 URL: https://github.com/kamailio/kamailio/commit/b98718c28f72b1372a62b17174b43c403fa6b729 Author: S-P Chan Committer: S-P Chan Date: 2024-02-25T20:42:14+08:00 tls: fix OpenSSL 1.1.1 compatibility --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/b98718c28f72b1372a62b17174b43c403fa6b729.diff Patch: https://github.com/kamailio/kamailio/commit/b98718c28f72b1372a62b17174b43c403fa6b729.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 136f0e2deb2..550a1bcc2b5 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -688,6 +688,14 @@ int mod_register(char *path, int *dlflags, void *p1, void *p2) * GH #3695: OpenSSL 1.1.1 historical note: it is no longer * needed to replace RAND with cryptorand */ +#if OPENSSL_VERSION_NUMBER >= 0x1010L \ + && OPENSSL_VERSION_NUMBER < 0x03000L + if(ksr_tls_threads_mode == 0) { + LM_WARN("OpenSSL 1.1.1 setting cryptorand random engine\n"); + RAND_set_rand_method(RAND_ksr_cryptorand_method()); + } +#endif + sr_kemi_modules_add(sr_kemi_tls_exports); return 0; ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:88e1dce9: tls: fix restore early init
Module: kamailio Branch: 5.7 Commit: 88e1dce91b2db99bf24a01e910dc5f2d78e62e1a URL: https://github.com/kamailio/kamailio/commit/88e1dce91b2db99bf24a01e910dc5f2d78e62e1a Author: S-P Chan Committer: S-P Chan Date: 2024-02-25T12:59:22+08:00 tls: fix restore early init Cherry-pick from a02ca644e8 --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/88e1dce91b2db99bf24a01e910dc5f2d78e62e1a.diff Patch: https://github.com/kamailio/kamailio/commit/88e1dce91b2db99bf24a01e910dc5f2d78e62e1a.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 6058592aa01..664e35f7c33 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -468,19 +468,13 @@ static int mod_child(int rank) if(tls_disable || (tls_domains_cfg == 0)) return 0; -#if OPENSSL_VERSION_NUMBER >= 0x010101000L /* * OpenSSL 3.x/1.1.1: create shared SSL_CTX* in thread executor -* to avoid init of libssl in thread#1 +* to avoid init of libssl in thread#1: ksr_tls_threads_mode = 1 */ - if(rank == PROC_INIT && ksr_tls_threads_mode != 0) { - return run_thread4PP((_thread_proto4PP)mod_child_hook, , NULL); - } -#else if(rank == PROC_INIT) { - return mod_child_hook(, NULL); + return run_thread4PP((_thread_proto4PP)mod_child_hook, , NULL); } -#endif /* OPENSSL_VERSION_NUMBER */ #ifndef OPENSSL_NO_ENGINE /* ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:aa8fcf9e: tls: fix restore early init
Module: kamailio Branch: 5.8 Commit: aa8fcf9ec76e7c4543db22de6de5ef62374c80be URL: https://github.com/kamailio/kamailio/commit/aa8fcf9ec76e7c4543db22de6de5ef62374c80be Author: S-P Chan Committer: S-P Chan Date: 2024-02-25T12:57:19+08:00 tls: fix restore early init --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/aa8fcf9ec76e7c4543db22de6de5ef62374c80be.diff Patch: https://github.com/kamailio/kamailio/commit/aa8fcf9ec76e7c4543db22de6de5ef62374c80be.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 463814720b8..136f0e2deb2 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -468,19 +468,13 @@ static int mod_child(int rank) if(tls_disable || (tls_domains_cfg == 0)) return 0; -#if OPENSSL_VERSION_NUMBER >= 0x010101000L /* * OpenSSL 3.x/1.1.1: create shared SSL_CTX* in thread executor - * to avoid init of libssl in thread#1 + * to avoid init of libssl in thread#1: ksr_tls_threads_mode = 1 */ - if(rank == PROC_INIT && ksr_tls_threads_mode != 0) { - return run_thread4PP((_thread_proto4PP)mod_child_hook, , NULL); - } -#else if(rank == PROC_INIT) { - return mod_child_hook(, NULL); + return run_thread4PP((_thread_proto4PP)mod_child_hook, , NULL); } -#endif /* OPENSSL_VERSION_NUMBER */ #ifndef OPENSSL_NO_ENGINE /* ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:a02ca644: tls: fix restore early init
Module: kamailio Branch: master Commit: a02ca644e889d011dd63acbabfc5550904ff7d4d URL: https://github.com/kamailio/kamailio/commit/a02ca644e889d011dd63acbabfc5550904ff7d4d Author: S-P Chan Committer: S-P Chan Date: 2024-02-25T12:56:19+08:00 tls: fix restore early init --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/a02ca644e889d011dd63acbabfc5550904ff7d4d.diff Patch: https://github.com/kamailio/kamailio/commit/a02ca644e889d011dd63acbabfc5550904ff7d4d.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 463814720b8..136f0e2deb2 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -468,19 +468,13 @@ static int mod_child(int rank) if(tls_disable || (tls_domains_cfg == 0)) return 0; -#if OPENSSL_VERSION_NUMBER >= 0x010101000L /* * OpenSSL 3.x/1.1.1: create shared SSL_CTX* in thread executor - * to avoid init of libssl in thread#1 + * to avoid init of libssl in thread#1: ksr_tls_threads_mode = 1 */ - if(rank == PROC_INIT && ksr_tls_threads_mode != 0) { - return run_thread4PP((_thread_proto4PP)mod_child_hook, , NULL); - } -#else if(rank == PROC_INIT) { - return mod_child_hook(, NULL); + return run_thread4PP((_thread_proto4PP)mod_child_hook, , NULL); } -#endif /* OPENSSL_VERSION_NUMBER */ #ifndef OPENSSL_NO_ENGINE /* ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:73b19da1: tls: restore early init for other modules that use TLS
Module: kamailio Branch: 5.7 Commit: 73b19da1e0dd512f9eb77ca0606092c545e8fb99 URL: https://github.com/kamailio/kamailio/commit/73b19da1e0dd512f9eb77ca0606092c545e8fb99 Author: S-P Chan Committer: S-P Chan Date: 2024-02-25T11:04:27+08:00 tls: restore early init for other modules that use TLS Client modules (e.g. dispatcher) that require outbound TLS may race if tls init is too late. Restore tls init to PROC_INIT with a thread executor. Addresses GH #3765 Cherry-pick from 706d7b7ff3 --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/73b19da1e0dd512f9eb77ca0606092c545e8fb99.diff Patch: https://github.com/kamailio/kamailio/commit/73b19da1e0dd512f9eb77ca0606092c545e8fb99.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 0d8ea3df4c5..6058592aa01 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -42,6 +42,10 @@ #include "../../core/dprint.h" #include "../../core/mod_fix.h" #include "../../core/kemi.h" + +#define KSR_RTHREAD_SKIP_P +#define KSR_RTHREAD_NEED_4PP +#include "../../core/rthreads.h" #include "tls_init.h" #include "tls_server.h" #include "tls_domain.h" @@ -443,6 +447,22 @@ int tls_fix_engine_keys(tls_domains_cfg_t *, tls_domain_t *, tls_domain_t *); * * EC operations do not use pthread_self(), so could use shared SSL_CTX */ +static int mod_child_hook(int *rank, void *dummy) +{ + LM_DBG("Loading SSL_CTX in process_no=%d rank=%d " + "ksr_tls_threads_mode=%d\n", + process_no, *rank, ksr_tls_threads_mode); + if(cfg_get(tls, tls_cfg, config_file).s) { + if(tls_fix_domains_cfg(*tls_domains_cfg, _defaults, _defaults) + < 0) + return -1; + } else { + if(tls_fix_domains_cfg(*tls_domains_cfg, _params, _params) < 0) + return -1; + } + return 0; +} + static int mod_child(int rank) { if(tls_disable || (tls_domains_cfg == 0)) @@ -450,29 +470,17 @@ static int mod_child(int rank) #if OPENSSL_VERSION_NUMBER >= 0x010101000L /* - * OpenSSL 3.x/1.1.1: create shared SSL_CTX* in worker to avoid init of - * libssl in rank 0(thread#1). Requires tls_threads_mode = 1 config. - */ - if((rank == PROC_SIPINIT && ksr_tls_threads_mode) - || (rank == PROC_INIT && !ksr_tls_threads_mode)) { +* OpenSSL 3.x/1.1.1: create shared SSL_CTX* in thread executor +* to avoid init of libssl in thread#1 +*/ + if(rank == PROC_INIT && ksr_tls_threads_mode != 0) { + return run_thread4PP((_thread_proto4PP)mod_child_hook, , NULL); + } #else if(rank == PROC_INIT) { -#endif - LM_DBG("Loading SSL_CTX in process_no=%d rank=%d " - "ksr_tls_threads_mode=%d\n", - process_no, rank, ksr_tls_threads_mode); - if(cfg_get(tls, tls_cfg, config_file).s) { - if(tls_fix_domains_cfg( - *tls_domains_cfg, _defaults, _defaults) - < 0) - return -1; - } else { - if(tls_fix_domains_cfg(*tls_domains_cfg, _params, _params) - < 0) - return -1; - } - return 0; + return mod_child_hook(, NULL); } +#endif /* OPENSSL_VERSION_NUMBER */ #ifndef OPENSSL_NO_ENGINE /* ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:49a9d8a4: tls: restore early init for other modules that use TLS
Module: kamailio Branch: 5.8 Commit: 49a9d8a4fb2f8a03d478aed2a405f812d2c2c5e8 URL: https://github.com/kamailio/kamailio/commit/49a9d8a4fb2f8a03d478aed2a405f812d2c2c5e8 Author: S-P Chan Committer: S-P Chan Date: 2024-02-25T10:58:33+08:00 tls: restore early init for other modules that use TLS Client modules (e.g. dispatcher) that require outbound TLS may race if tls init is too late. Restore tls init to PROC_INIT with a thread executor. Addresses GH #3765 Cherry-pick from 706d7b7ff3 --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/49a9d8a4fb2f8a03d478aed2a405f812d2c2c5e8.diff Patch: https://github.com/kamailio/kamailio/commit/49a9d8a4fb2f8a03d478aed2a405f812d2c2c5e8.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index beaf1b7b70b..463814720b8 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -42,6 +42,10 @@ #include "../../core/dprint.h" #include "../../core/mod_fix.h" #include "../../core/kemi.h" + +#define KSR_RTHREAD_SKIP_P +#define KSR_RTHREAD_NEED_4PP +#include "../../core/rthreads.h" #include "tls_init.h" #include "tls_server.h" #include "tls_domain.h" @@ -443,32 +447,40 @@ int tls_fix_engine_keys(tls_domains_cfg_t *, tls_domain_t *, tls_domain_t *); * * EC operations do not use pthread_self(), so could use shared SSL_CTX */ +static int mod_child_hook(int *rank, void *dummy) +{ + LM_DBG("Loading SSL_CTX in process_no=%d rank=%d " + "ksr_tls_threads_mode=%d\n", + process_no, *rank, ksr_tls_threads_mode); + if(cfg_get(tls, tls_cfg, config_file).s) { + if(tls_fix_domains_cfg(*tls_domains_cfg, _defaults, _defaults) + < 0) + return -1; + } else { + if(tls_fix_domains_cfg(*tls_domains_cfg, _params, _params) < 0) + return -1; + } + return 0; +} + static int mod_child(int rank) { if(tls_disable || (tls_domains_cfg == 0)) return 0; #if OPENSSL_VERSION_NUMBER >= 0x010101000L -/* - * OpenSSL 3.x/1.1.1: create shared SSL_CTX* in worker to avoid init of - * libssl in rank 0(thread#1) + /* + * OpenSSL 3.x/1.1.1: create shared SSL_CTX* in thread executor + * to avoid init of libssl in thread#1 */ -if(rank == PROC_SIPINIT) { + if(rank == PROC_INIT && ksr_tls_threads_mode != 0) { + return run_thread4PP((_thread_proto4PP)mod_child_hook, , NULL); + } #else -if(rank == PROC_INIT) { -#endif - if(cfg_get(tls, tls_cfg, config_file).s) { - if(tls_fix_domains_cfg( - *tls_domains_cfg, _defaults, _defaults) - < 0) - return -1; - } else { - if(tls_fix_domains_cfg(*tls_domains_cfg, _params, _params) - < 0) - return -1; - } - return 0; + if(rank == PROC_INIT) { + return mod_child_hook(, NULL); } +#endif /* OPENSSL_VERSION_NUMBER */ #ifndef OPENSSL_NO_ENGINE /* @@ -678,7 +690,7 @@ int mod_register(char *path, int *dlflags, void *p1, void *p2) register_tls_hooks(_h); -/* + /* * GH #3695: OpenSSL 1.1.1 historical note: it is no longer * needed to replace RAND with cryptorand */ ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:706d7b7f: tls: restore early init for other modules that use TLS
Module: kamailio Branch: master Commit: 706d7b7ff3bc2723614de328611c2100d19bf742 URL: https://github.com/kamailio/kamailio/commit/706d7b7ff3bc2723614de328611c2100d19bf742 Author: S-P Chan Committer: S-P Chan Date: 2024-02-25T10:41:18+08:00 tls: restore early init for other modules that use TLS Client modules (e.g. dispatcher) that require outbound TLS may race if tls init is too late. Restore tls init to PROC_INIT with a thread executor. Addresses GH #3765 --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/706d7b7ff3bc2723614de328611c2100d19bf742.diff Patch: https://github.com/kamailio/kamailio/commit/706d7b7ff3bc2723614de328611c2100d19bf742.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index beaf1b7b70b..463814720b8 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -42,6 +42,10 @@ #include "../../core/dprint.h" #include "../../core/mod_fix.h" #include "../../core/kemi.h" + +#define KSR_RTHREAD_SKIP_P +#define KSR_RTHREAD_NEED_4PP +#include "../../core/rthreads.h" #include "tls_init.h" #include "tls_server.h" #include "tls_domain.h" @@ -443,32 +447,40 @@ int tls_fix_engine_keys(tls_domains_cfg_t *, tls_domain_t *, tls_domain_t *); * * EC operations do not use pthread_self(), so could use shared SSL_CTX */ +static int mod_child_hook(int *rank, void *dummy) +{ + LM_DBG("Loading SSL_CTX in process_no=%d rank=%d " + "ksr_tls_threads_mode=%d\n", + process_no, *rank, ksr_tls_threads_mode); + if(cfg_get(tls, tls_cfg, config_file).s) { + if(tls_fix_domains_cfg(*tls_domains_cfg, _defaults, _defaults) + < 0) + return -1; + } else { + if(tls_fix_domains_cfg(*tls_domains_cfg, _params, _params) < 0) + return -1; + } + return 0; +} + static int mod_child(int rank) { if(tls_disable || (tls_domains_cfg == 0)) return 0; #if OPENSSL_VERSION_NUMBER >= 0x010101000L -/* - * OpenSSL 3.x/1.1.1: create shared SSL_CTX* in worker to avoid init of - * libssl in rank 0(thread#1) + /* + * OpenSSL 3.x/1.1.1: create shared SSL_CTX* in thread executor + * to avoid init of libssl in thread#1 */ -if(rank == PROC_SIPINIT) { + if(rank == PROC_INIT && ksr_tls_threads_mode != 0) { + return run_thread4PP((_thread_proto4PP)mod_child_hook, , NULL); + } #else -if(rank == PROC_INIT) { -#endif - if(cfg_get(tls, tls_cfg, config_file).s) { - if(tls_fix_domains_cfg( - *tls_domains_cfg, _defaults, _defaults) - < 0) - return -1; - } else { - if(tls_fix_domains_cfg(*tls_domains_cfg, _params, _params) - < 0) - return -1; - } - return 0; + if(rank == PROC_INIT) { + return mod_child_hook(, NULL); } +#endif /* OPENSSL_VERSION_NUMBER */ #ifndef OPENSSL_NO_ENGINE /* @@ -678,7 +690,7 @@ int mod_register(char *path, int *dlflags, void *p1, void *p2) register_tls_hooks(_h); -/* + /* * GH #3695: OpenSSL 1.1.1 historical note: it is no longer * needed to replace RAND with cryptorand */ ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:46c0db15: db_mysql: libssl thread guard for db_mysql_query (and libmysqlclient)
Module: kamailio Branch: 5.7 Commit: 46c0db156ab12a94419324947b806176b6cc14a8 URL: https://github.com/kamailio/kamailio/commit/46c0db156ab12a94419324947b806176b6cc14a8 Author: S-P Chan Committer: S-P Chan Date: 2024-02-24T23:19:04+08:00 db_mysql: libssl thread guard for db_mysql_query (and libmysqlclient) This function is observed to call SSL_read() when compiled with libmysqlclient.so.21 (but not libmariadb.so.3). Apply a thread executor just in case. Cherry-pick from 1e42364451 --- Modified: src/modules/db_mysql/km_dbase.c --- Diff: https://github.com/kamailio/kamailio/commit/46c0db156ab12a94419324947b806176b6cc14a8.diff Patch: https://github.com/kamailio/kamailio/commit/46c0db156ab12a94419324947b806176b6cc14a8.patch --- diff --git a/src/modules/db_mysql/km_dbase.c b/src/modules/db_mysql/km_dbase.c index 7b65c0a012c..91ace58df5b 100644 --- a/src/modules/db_mysql/km_dbase.c +++ b/src/modules/db_mysql/km_dbase.c @@ -41,6 +41,7 @@ #define KSR_RTHREAD_NEED_4PP #define KSR_RTHREAD_NEED_0P +#define KSR_RTHREAD_NEED_4P5I2P2 #include "../../core/rthreads.h" #include "../../lib/srdb1/db_query.h" #include "../../lib/srdb1/db_ut.h" @@ -348,12 +349,26 @@ int db_mysql_free_result(const db1_con_t *_h, db1_res_t *_r) * \param _r pointer to a structure representing the result * \return zero on success, negative value on failure */ + +/* + * this function observed to invoke SSL_read() under libmysqlclient.so.21 + * but not libmariadb.so.3; apply libssl guard + */ +static int db_mysql_query_impl(const db1_con_t *_h, const db_key_t *_k, + const db_op_t *_op, const db_val_t *_v, const db_key_t *_c, + const int _n, const int _nc, const db_key_t _o, db1_res_t **_r) +{ + return db_do_query(_h, _k, _op, _v, _c, _n, _nc, _o, _r, db_mysql_val2str, + db_mysql_submit_query, db_mysql_store_result); +} + int db_mysql_query(const db1_con_t *_h, const db_key_t *_k, const db_op_t *_op, const db_val_t *_v, const db_key_t *_c, const int _n, const int _nc, const db_key_t _o, db1_res_t **_r) { - return db_do_query(_h, _k, _op, _v, _c, _n, _nc, _o, _r, db_mysql_val2str, - db_mysql_submit_query, db_mysql_store_result); + return run_thread4P5I2P2((_thread_proto4P5I2P2)_mysql_query_impl, + (void *)_h, (void *)_k, (void *)_op, (void *)_v, (void *)_c, _n, + _nc, (void *)_o, (void *)_r); } /** ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:2c082bd1: db_mysql: update docs for opt_ssl_ca
Module: kamailio Branch: 5.7 Commit: 2c082bd135203382855b297de736b22fbedee672 URL: https://github.com/kamailio/kamailio/commit/2c082bd135203382855b297de736b22fbedee672 Author: S-P Chan Committer: S-P Chan Date: 2024-02-24T23:18:56+08:00 db_mysql: update docs for opt_ssl_ca Cherry-pick from eafd93f057 --- Modified: src/modules/db_mysql/doc/db_mysql_admin.xml --- Diff: https://github.com/kamailio/kamailio/commit/2c082bd135203382855b297de736b22fbedee672.diff Patch: https://github.com/kamailio/kamailio/commit/2c082bd135203382855b297de736b22fbedee672.patch --- diff --git a/src/modules/db_mysql/doc/db_mysql_admin.xml b/src/modules/db_mysql/doc/db_mysql_admin.xml index 51c9b5b728d..dceb8253eb7 100644 --- a/src/modules/db_mysql/doc/db_mysql_admin.xml +++ b/src/modules/db_mysql/doc/db_mysql_admin.xml @@ -211,6 +211,30 @@ modparam("db_mysql", "update_affected_found", 1) ... modparam("db_mysql", "opt_ssl_mode", 1) ... + + + + + opt_ssl_ca (string) + + Configures the CA certs used to verify the MySQL server cert when + SSL is enabled. + + + Required when opt_ssl_mode = 4 or 5 and db_mysql is built + with libmysqlclient. + + + + Default value is NULL (NULL - not configured). + + + + Set opt_ssl_ca parameter + +... +modparam("db_mysql", "opt_ssl_ca", "/etc/ssl/certs/mysql-ca.pem") +... ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:29f848c9: db_mysql: new module param opt_ssl_ca to configure CA certs
Module: kamailio Branch: 5.7 Commit: 29f848c9a658af33b6a9693d709edf3a340c95d0 URL: https://github.com/kamailio/kamailio/commit/29f848c9a658af33b6a9693d709edf3a340c95d0 Author: S-P Chan Committer: S-P Chan Date: 2024-02-24T23:18:31+08:00 db_mysql: new module param opt_ssl_ca to configure CA certs ERROR: db_mysql [km_my_con.c:200]: db_mysql_new_connection(): driver error: SSL connection error: CA certificate is required if ssl-mode is VERIFY_CA or VERIFY_IDENTITY When opt_ssl_mode = 4 | 5 libmysqlclient.so.21 requires that the trusted CAs be configured. Fixed with: mysql_options(ptr->con, MYSQL_OPT_SSL_CA, (void *)db_mysql_opt_ssl_ca) Note: libmariadb.so.3 doesn't require this setting and uses the system trust store. Cherry-pick from ea81e6cb8b --- Modified: src/modules/db_mysql/db_mysql.c Modified: src/modules/db_mysql/km_my_con.c --- Diff: https://github.com/kamailio/kamailio/commit/29f848c9a658af33b6a9693d709edf3a340c95d0.diff Patch: https://github.com/kamailio/kamailio/commit/29f848c9a658af33b6a9693d709edf3a340c95d0.patch --- diff --git a/src/modules/db_mysql/db_mysql.c b/src/modules/db_mysql/db_mysql.c index 1a698329bac..9a7aa8673b5 100644 --- a/src/modules/db_mysql/db_mysql.c +++ b/src/modules/db_mysql/db_mysql.c @@ -47,6 +47,7 @@ unsigned int my_server_timezone = unsigned long my_client_ver = 0; int db_mysql_unsigned_type = 0; int db_mysql_opt_ssl_mode = 0; +char *db_mysql_opt_ssl_ca = NULL; struct mysql_counters_h mysql_cnts_h; counter_def_t mysql_cnt_defs[] = { @@ -100,6 +101,7 @@ static param_export_t params[] = { {"insert_delayed", INT_PARAM, _mysql_insert_all_delayed}, {"update_affected_found", INT_PARAM, _mysql_update_affected_found}, {"unsigned_type", PARAM_INT, _mysql_unsigned_type}, + {"opt_ssl_ca", PARAM_STRING, _mysql_opt_ssl_ca}, {"opt_ssl_mode", PARAM_INT, _mysql_opt_ssl_mode}, {0, 0, 0}}; diff --git a/src/modules/db_mysql/km_my_con.c b/src/modules/db_mysql/km_my_con.c index b4c4dca33b0..226d724f1ae 100644 --- a/src/modules/db_mysql/km_my_con.c +++ b/src/modules/db_mysql/km_my_con.c @@ -41,6 +41,7 @@ #include "db_mysql.h" extern int db_mysql_opt_ssl_mode; +extern char *db_mysql_opt_ssl_ca; /*! \brief * Create a new connection structure, @@ -167,6 +168,9 @@ struct my_con *db_mysql_new_connection(const struct db_id *id) } #endif /* MYSQL_VERSION_ID */ #endif /* MARIADB_BASE_VERSION */ + if(db_mysql_opt_ssl_ca) + mysql_options( + ptr->con, MYSQL_OPT_SSL_CA, (const void *)db_mysql_opt_ssl_ca); #if MYSQL_VERSION_ID > 50012 /* set reconnect flag if enabled */ ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:1e423644: db_mysql: libssl thread guard for db_mysql_query (and libmysqlclient)
Module: kamailio Branch: master Commit: 1e4236445167d837a89d54ce6bee5ef14aef568e URL: https://github.com/kamailio/kamailio/commit/1e4236445167d837a89d54ce6bee5ef14aef568e Author: S-P Chan Committer: S-P Chan Date: 2024-02-14T19:49:10+08:00 db_mysql: libssl thread guard for db_mysql_query (and libmysqlclient) This function is observed to call SSL_read() when compiled with libmysqlclient.so.21 (but not libmariadb.so.3). Apply a thread executor just in case. --- Modified: src/modules/db_mysql/km_dbase.c --- Diff: https://github.com/kamailio/kamailio/commit/1e4236445167d837a89d54ce6bee5ef14aef568e.diff Patch: https://github.com/kamailio/kamailio/commit/1e4236445167d837a89d54ce6bee5ef14aef568e.patch --- diff --git a/src/modules/db_mysql/km_dbase.c b/src/modules/db_mysql/km_dbase.c index 7b65c0a012c..91ace58df5b 100644 --- a/src/modules/db_mysql/km_dbase.c +++ b/src/modules/db_mysql/km_dbase.c @@ -41,6 +41,7 @@ #define KSR_RTHREAD_NEED_4PP #define KSR_RTHREAD_NEED_0P +#define KSR_RTHREAD_NEED_4P5I2P2 #include "../../core/rthreads.h" #include "../../lib/srdb1/db_query.h" #include "../../lib/srdb1/db_ut.h" @@ -348,12 +349,26 @@ int db_mysql_free_result(const db1_con_t *_h, db1_res_t *_r) * \param _r pointer to a structure representing the result * \return zero on success, negative value on failure */ + +/* + * this function observed to invoke SSL_read() under libmysqlclient.so.21 + * but not libmariadb.so.3; apply libssl guard + */ +static int db_mysql_query_impl(const db1_con_t *_h, const db_key_t *_k, + const db_op_t *_op, const db_val_t *_v, const db_key_t *_c, + const int _n, const int _nc, const db_key_t _o, db1_res_t **_r) +{ + return db_do_query(_h, _k, _op, _v, _c, _n, _nc, _o, _r, db_mysql_val2str, + db_mysql_submit_query, db_mysql_store_result); +} + int db_mysql_query(const db1_con_t *_h, const db_key_t *_k, const db_op_t *_op, const db_val_t *_v, const db_key_t *_c, const int _n, const int _nc, const db_key_t _o, db1_res_t **_r) { - return db_do_query(_h, _k, _op, _v, _c, _n, _nc, _o, _r, db_mysql_val2str, - db_mysql_submit_query, db_mysql_store_result); + return run_thread4P5I2P2((_thread_proto4P5I2P2)_mysql_query_impl, + (void *)_h, (void *)_k, (void *)_op, (void *)_v, (void *)_c, _n, + _nc, (void *)_o, (void *)_r); } /** ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:c89fe41b: db_mysql: fix typos
Module: kamailio Branch: master Commit: c89fe41b1583af74cdf7e20d2357d7c90990839f URL: https://github.com/kamailio/kamailio/commit/c89fe41b1583af74cdf7e20d2357d7c90990839f Author: S-P Chan Committer: S-P Chan Date: 2024-02-14T15:20:35+08:00 db_mysql: fix typos The option opt_ssl_ca is a string not integer. The comment for ea81e6cb should show the code fix as mysql_options(ptr->con, MYSQL_OPT_SSL_CA, (void *)db_mysql_opt_ssl_ca) --- Modified: src/modules/db_mysql/doc/db_mysql_admin.xml --- Diff: https://github.com/kamailio/kamailio/commit/c89fe41b1583af74cdf7e20d2357d7c90990839f.diff Patch: https://github.com/kamailio/kamailio/commit/c89fe41b1583af74cdf7e20d2357d7c90990839f.patch --- diff --git a/src/modules/db_mysql/doc/db_mysql_admin.xml b/src/modules/db_mysql/doc/db_mysql_admin.xml index 7297f2d1b15..18c703838ce 100644 --- a/src/modules/db_mysql/doc/db_mysql_admin.xml +++ b/src/modules/db_mysql/doc/db_mysql_admin.xml @@ -219,7 +219,7 @@ modparam("db_mysql", "opt_ssl_mode", 1) - opt_ssl_ca (integer) + opt_ssl_ca (string) Configures the CA certs used to verify the MySQL server cert when SSL is enabled. ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:eafd93f0: db_mysql: update docs for opt_ssl_ca
Module: kamailio Branch: master Commit: eafd93f0576504ea03fe6b5e3898506072218cef URL: https://github.com/kamailio/kamailio/commit/eafd93f0576504ea03fe6b5e3898506072218cef Author: S-P Chan Committer: S-P Chan Date: 2024-02-14T15:09:24+08:00 db_mysql: update docs for opt_ssl_ca --- Modified: src/modules/db_mysql/doc/db_mysql_admin.xml --- Diff: https://github.com/kamailio/kamailio/commit/eafd93f0576504ea03fe6b5e3898506072218cef.diff Patch: https://github.com/kamailio/kamailio/commit/eafd93f0576504ea03fe6b5e3898506072218cef.patch --- diff --git a/src/modules/db_mysql/doc/db_mysql_admin.xml b/src/modules/db_mysql/doc/db_mysql_admin.xml index f1ff53df0ed..7297f2d1b15 100644 --- a/src/modules/db_mysql/doc/db_mysql_admin.xml +++ b/src/modules/db_mysql/doc/db_mysql_admin.xml @@ -215,6 +215,30 @@ modparam("db_mysql", "update_affected_found", 1) ... modparam("db_mysql", "opt_ssl_mode", 1) ... + + + + + opt_ssl_ca (integer) + + Configures the CA certs used to verify the MySQL server cert when + SSL is enabled. + + + Required when opt_ssl_mode = 4 or 5 and db_mysql is built + with libmysqlclient. + + + + Default value is NULL (NULL - not configured). + + + + Set opt_ssl_ca parameter + +... +modparam("db_mysql", "opt_ssl_ca", "/etc/ssl/certs/mysql-ca.pem") +... ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:ea81e6cb: db_mysql: new module param opt_ssl_ca to configure CA certs
Module: kamailio Branch: master Commit: ea81e6cb8b2b2d896de7a07ce191876f9f182673 URL: https://github.com/kamailio/kamailio/commit/ea81e6cb8b2b2d896de7a07ce191876f9f182673 Author: S-P Chan Committer: S-P Chan Date: 2024-02-14T15:08:56+08:00 db_mysql: new module param opt_ssl_ca to configure CA certs ERROR: db_mysql [km_my_con.c:200]: db_mysql_new_connection(): driver error: SSL connection error: CA certificate is required if ssl-mode is VERIFY_CA or VERIFY_IDENTITY When opt_ssl_mode = 4 | 5 libmysqclient requires that the trusted CAs be configured. Fixed with: mysql_options(ptr->con, MYSQL_OPT_SSL_CA, (void *)db_mysql_opt_ssl_mode) Note: libmariadb3 doesn't require this setting and uses the system trust store. --- Modified: src/modules/db_mysql/db_mysql.c Modified: src/modules/db_mysql/km_my_con.c --- Diff: https://github.com/kamailio/kamailio/commit/ea81e6cb8b2b2d896de7a07ce191876f9f182673.diff Patch: https://github.com/kamailio/kamailio/commit/ea81e6cb8b2b2d896de7a07ce191876f9f182673.patch --- diff --git a/src/modules/db_mysql/db_mysql.c b/src/modules/db_mysql/db_mysql.c index 1a698329bac..9a7aa8673b5 100644 --- a/src/modules/db_mysql/db_mysql.c +++ b/src/modules/db_mysql/db_mysql.c @@ -47,6 +47,7 @@ unsigned int my_server_timezone = unsigned long my_client_ver = 0; int db_mysql_unsigned_type = 0; int db_mysql_opt_ssl_mode = 0; +char *db_mysql_opt_ssl_ca = NULL; struct mysql_counters_h mysql_cnts_h; counter_def_t mysql_cnt_defs[] = { @@ -100,6 +101,7 @@ static param_export_t params[] = { {"insert_delayed", INT_PARAM, _mysql_insert_all_delayed}, {"update_affected_found", INT_PARAM, _mysql_update_affected_found}, {"unsigned_type", PARAM_INT, _mysql_unsigned_type}, + {"opt_ssl_ca", PARAM_STRING, _mysql_opt_ssl_ca}, {"opt_ssl_mode", PARAM_INT, _mysql_opt_ssl_mode}, {0, 0, 0}}; diff --git a/src/modules/db_mysql/km_my_con.c b/src/modules/db_mysql/km_my_con.c index b4c4dca33b0..226d724f1ae 100644 --- a/src/modules/db_mysql/km_my_con.c +++ b/src/modules/db_mysql/km_my_con.c @@ -41,6 +41,7 @@ #include "db_mysql.h" extern int db_mysql_opt_ssl_mode; +extern char *db_mysql_opt_ssl_ca; /*! \brief * Create a new connection structure, @@ -167,6 +168,9 @@ struct my_con *db_mysql_new_connection(const struct db_id *id) } #endif /* MYSQL_VERSION_ID */ #endif /* MARIADB_BASE_VERSION */ + if(db_mysql_opt_ssl_ca) + mysql_options( + ptr->con, MYSQL_OPT_SSL_CA, (const void *)db_mysql_opt_ssl_ca); #if MYSQL_VERSION_ID > 50012 /* set reconnect flag if enabled */ ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:a0dfb8cb: tls: raise logging level of early messages in mod_register
Module: kamailio Branch: 5.7 Commit: a0dfb8cbdf4282040351e9dc014d9ef13e0e77fd URL: https://github.com/kamailio/kamailio/commit/a0dfb8cbdf4282040351e9dc014d9ef13e0e77fd Author: S-P Chan Committer: S-P Chan Date: 2024-02-13T19:11:20+08:00 tls: raise logging level of early messages in mod_register --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/a0dfb8cbdf4282040351e9dc014d9ef13e0e77fd.diff Patch: https://github.com/kamailio/kamailio/commit/a0dfb8cbdf4282040351e9dc014d9ef13e0e77fd.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 905ca6f2411..0d8ea3df4c5 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -689,7 +689,7 @@ int mod_register(char *path, int *dlflags, void *p1, void *p2) #if OPENSSL_VERSION_NUMBER >= 0x1010L \ && OPENSSL_VERSION_NUMBER < 0x03000L if(ksr_tls_threads_mode == 0) { - LM_DBG("setting cryptorand random engine\n"); + LM_WARN("OpenSSL 1.1.1 setting cryptorand random engine\n"); RAND_set_rand_method(RAND_ksr_cryptorand_method()); } #endif ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:5d7d7ea5: tls: add logging
Module: kamailio Branch: 5.7 Commit: 5d7d7ea54c908cae333ed3cafd4a2cc93cacd4db URL: https://github.com/kamailio/kamailio/commit/5d7d7ea54c908cae333ed3cafd4a2cc93cacd4db Author: S-P Chan Committer: S-P Chan Date: 2024-02-13T17:23:31+08:00 tls: add logging --- Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/5d7d7ea54c908cae333ed3cafd4a2cc93cacd4db.diff Patch: https://github.com/kamailio/kamailio/commit/5d7d7ea54c908cae333ed3cafd4a2cc93cacd4db.patch --- diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c index 5d3982b64d9..905ca6f2411 100644 --- a/src/modules/tls/tls_mod.c +++ b/src/modules/tls/tls_mod.c @@ -458,6 +458,9 @@ static int mod_child(int rank) #else if(rank == PROC_INIT) { #endif + LM_DBG("Loading SSL_CTX in process_no=%d rank=%d " + "ksr_tls_threads_mode=%d\n", + process_no, rank, ksr_tls_threads_mode); if(cfg_get(tls, tls_cfg, config_file).s) { if(tls_fix_domains_cfg( *tls_domains_cfg, _defaults, _defaults) ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:eb7aa576: tls: restore some function calls in non-threaded mode
Module: kamailio Branch: 5.7 Commit: eb7aa57676f48f16cc66a16c511ed45ac9c8f62e URL: https://github.com/kamailio/kamailio/commit/eb7aa57676f48f16cc66a16c511ed45ac9c8f62e Author: S-P Chan Committer: S-P Chan Date: 2024-02-13T11:08:29+08:00 tls: restore some function calls in non-threaded mode In the case that tls_threads_mode = 0 we restore the earlier behaviour of 5.7.3. - OpenSSL 1.1.1: restore early call to RAND_set_rand_method - OpenSSL 3.x: restore enable locking on EVP_RAND_CTX --- Modified: src/modules/tls/tls_init.c Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/eb7aa57676f48f16cc66a16c511ed45ac9c8f62e.diff Patch: https://github.com/kamailio/kamailio/commit/eb7aa57676f48f16cc66a16c511ed45ac9c8f62e.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:0936b6b7: db_postgres: libssl thread guard for db_postgres_close
Module: kamailio Branch: 5.7 Commit: 0936b6b70efe2e9d05766ce925ca10e4ff4bf7be URL: https://github.com/kamailio/kamailio/commit/0936b6b70efe2e9d05766ce925ca10e4ff4bf7be Author: S-P Chan Committer: S-P Chan Date: 2024-02-08T14:28:12+08:00 db_postgres: libssl thread guard for db_postgres_close --- Modified: src/modules/db_postgres/km_dbase.c --- Diff: https://github.com/kamailio/kamailio/commit/0936b6b70efe2e9d05766ce925ca10e4ff4bf7be.diff Patch: https://github.com/kamailio/kamailio/commit/0936b6b70efe2e9d05766ce925ca10e4ff4bf7be.patch --- diff --git a/src/modules/db_postgres/km_dbase.c b/src/modules/db_postgres/km_dbase.c index 7948ff0075f..e8dce6e09ea 100644 --- a/src/modules/db_postgres/km_dbase.c +++ b/src/modules/db_postgres/km_dbase.c @@ -45,6 +45,7 @@ #include "../../core/clist.h" #define KSR_RTHREAD_NEED_PI #define KSR_RTHREAD_NEED_4PP +#define KSR_RTHREAD_NEED_0P #include "../../core/rthreads.h" #include "km_dbase.h" #include "km_pg_con.h" @@ -147,11 +148,16 @@ db1_con_t *db_postgres_init2(const str *_url, db_pooling_t pooling) * \param _h closed connection, as returned from db_postgres_init * \note free all memory and resources */ -void db_postgres_close(db1_con_t *_h) +static void db_postgres_close_impl(db1_con_t *_h) { db_do_close(_h, db_postgres_free_connection); } +void db_postgres_close(db1_con_t *_h) +{ + run_thread0P((_thread_proto0P)db_postgres_close_impl, _h); +} + /*! * \brief Submit_query, run a query ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:58082265: db_unixodbc: libssl thread guards for db_unixodbc_(close|free_result|query)
Module: kamailio Branch: 5.7 Commit: 5808226593fcf11d4713b2161809466568c51682 URL: https://github.com/kamailio/kamailio/commit/5808226593fcf11d4713b2161809466568c51682 Author: S-P Chan Committer: S-P Chan Date: 2024-02-08T14:28:12+08:00 db_unixodbc: libssl thread guards for db_unixodbc_(close|free_result|query) --- Modified: src/modules/db_unixodbc/dbase.c --- Diff: https://github.com/kamailio/kamailio/commit/5808226593fcf11d4713b2161809466568c51682.diff Patch: https://github.com/kamailio/kamailio/commit/5808226593fcf11d4713b2161809466568c51682.patch --- diff --git a/src/modules/db_unixodbc/dbase.c b/src/modules/db_unixodbc/dbase.c index 7a5f2bdb09e..01aab5bb273 100644 --- a/src/modules/db_unixodbc/dbase.c +++ b/src/modules/db_unixodbc/dbase.c @@ -26,6 +26,8 @@ #include "../../core/dprint.h" #include "../../core/async_task.h" #define KSR_RTHREAD_NEED_4PP +#define KSR_RTHREAD_NEED_4P5I2P2 +#define KSR_RTHREAD_NEED_0P #include "../../core/rthreads.h" #include "../../lib/srdb1/db_query.h" #include "val.h" @@ -254,11 +256,16 @@ db1_con_t *db_unixodbc_init(const str *_url) * Shut down database module * No function should be called after this */ -void db_unixodbc_close(db1_con_t *_h) +static void db_unixodbc_close_impl(db1_con_t *_h) { return db_do_close(_h, db_unixodbc_free_connection); } +void db_unixodbc_close(db1_con_t *_h) +{ + run_thread0P((_thread_proto0P)db_unixodbc_close_impl, _h); +} + /* * Retrieve result set */ @@ -299,7 +306,7 @@ static int db_unixodbc_store_result(const db1_con_t *_h, db1_res_t **_r) /* * Release a result set from memory */ -int db_unixodbc_free_result(db1_con_t *_h, db1_res_t *_r) +static int db_unixodbc_free_result_impl(db1_con_t *_h, db1_res_t *_r) { if((!_h) || (!_r)) { LM_ERR("invalid parameter value\n"); @@ -315,6 +322,11 @@ int db_unixodbc_free_result(db1_con_t *_h, db1_res_t *_r) return 0; } +int db_unixodbc_free_result(db1_con_t *_h, db1_res_t *_r) +{ + return run_thread4PP((_thread_proto4PP)db_unixodbc_free_result_impl, _h, _r); +} + /* * Query table for specified rows * _h: structure representing database connection @@ -326,7 +338,7 @@ int db_unixodbc_free_result(db1_con_t *_h, db1_res_t *_r) * _nc: number of columns to return * _o: order by the specified column */ -int db_unixodbc_query(const db1_con_t *_h, const db_key_t *_k, +static int db_unixodbc_query_impl(const db1_con_t *_h, const db_key_t *_k, const db_op_t *_op, const db_val_t *_v, const db_key_t *_c, const int _n, const int _nc, const db_key_t _o, db1_res_t **_r) { @@ -335,6 +347,15 @@ int db_unixodbc_query(const db1_con_t *_h, const db_key_t *_k, db_unixodbc_store_result); } +int db_unixodbc_query(const db1_con_t *_h, const db_key_t *_k, + const db_op_t *_op, const db_val_t *_v, const db_key_t *_c, + const int _n, const int _nc, const db_key_t _o, db1_res_t **_r) +{ + return run_thread4P5I2P2((_thread_proto4P5I2P2)db_unixodbc_query_impl, + (void *)_h, (void *)_k, (void *)_op, (void *)_v, (void *)_c, _n, + _nc, (void *)_o, (void *)_r); +} + /*! * \brief Gets a partial result set, fetch rows from a result * ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:0d0c9910: core/rthreads.h: thread wrapper for db_XXXX_query
Module: kamailio Branch: 5.7 Commit: 0d0c9910095e3e87a4d27be5af30f02cd5f26020 URL: https://github.com/kamailio/kamailio/commit/0d0c9910095e3e87a4d27be5af30f02cd5f26020 Author: S-P Chan Committer: S-P Chan Date: 2024-02-08T14:28:12+08:00 core/rthreads.h: thread wrapper for db__query --- Modified: src/core/rthreads.h --- Diff: https://github.com/kamailio/kamailio/commit/0d0c9910095e3e87a4d27be5af30f02cd5f26020.diff Patch: https://github.com/kamailio/kamailio/commit/0d0c9910095e3e87a4d27be5af30f02cd5f26020.patch --- diff --git a/src/core/rthreads.h b/src/core/rthreads.h index add3426d4db..fa60ccef071 100644 --- a/src/core/rthreads.h +++ b/src/core/rthreads.h @@ -195,3 +195,55 @@ static void run_thread0P(_thread_proto0P fn, void *arg1) #endif /* USE_TLS */ } #endif + +/* + * prototype: + * db_unixodbc_query(const db1_con_t *_h, const db_key_t *_k, + *const db_op_t *_op, const db_val_t *_v, const db_key_t *_c, + *const int _n, const int _nc, const db_key_t _o, db1_res_t **_r) + */ +#ifdef KSR_RTHREAD_NEED_4P5I2P2 +typedef int (*_thread_proto4P5I2P2)( + void *, void *, void *, void *, void *, int, int, void *, void *); +struct _thread_args4P5I2P2 +{ + _thread_proto4P5I2P2 fn; + void *arg1; + void *arg2; + void *arg3; + void *arg4; + void *arg5; + int arg6; + int arg7; + void *arg8; + void *arg9; + int *ret; +}; +static void *run_thread_wrap4P5I2P2(struct _thread_args4P5I2P2 *args) +{ + *args->ret = (*args->fn)(args->arg1, args->arg2, args->arg3, args->arg4, + args->arg5, args->arg6, args->arg7, args->arg8, args->arg9); + return NULL; +} + +static int run_thread4P5I2P2(_thread_proto4P5I2P2 fn, void *arg1, void *arg2, + void *arg3, void *arg4, void *arg5, int arg6, int arg7, void *arg8, + void *arg9) +{ +#ifdef USE_TLS + pthread_t tid; + int ret; + + if(likely(process_no)) { + return fn(arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8, arg9); + } + pthread_create(, NULL, (_thread_proto)run_thread_wrap4P5I2P2, + &(struct _thread_args4P5I2P2){fn, arg1, arg2, arg3, arg4, arg5, + arg6, arg7, arg8, arg9, }); + pthread_join(tid, NULL); + return ret; +#else + return fn(arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8, arg9); +#endif +} +#endif ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:f4edfd47: db_mysql: libssl thread guard for db_mysql_close
Module: kamailio Branch: 5.7 Commit: f4edfd47aa18aecaf5650bb39a69c6e800c14f2d URL: https://github.com/kamailio/kamailio/commit/f4edfd47aa18aecaf5650bb39a69c6e800c14f2d Author: S-P Chan Committer: S-P Chan Date: 2024-02-08T14:28:12+08:00 db_mysql: libssl thread guard for db_mysql_close --- Modified: src/modules/db_mysql/km_dbase.c --- Diff: https://github.com/kamailio/kamailio/commit/f4edfd47aa18aecaf5650bb39a69c6e800c14f2d.diff Patch: https://github.com/kamailio/kamailio/commit/f4edfd47aa18aecaf5650bb39a69c6e800c14f2d.patch --- diff --git a/src/modules/db_mysql/km_dbase.c b/src/modules/db_mysql/km_dbase.c index e86e4a0391b..7b65c0a012c 100644 --- a/src/modules/db_mysql/km_dbase.c +++ b/src/modules/db_mysql/km_dbase.c @@ -40,6 +40,7 @@ #include "../../core/async_task.h" #define KSR_RTHREAD_NEED_4PP +#define KSR_RTHREAD_NEED_0P #include "../../core/rthreads.h" #include "../../lib/srdb1/db_query.h" #include "../../lib/srdb1/db_ut.h" @@ -228,11 +229,16 @@ db1_con_t *db_mysql_init(const str *_url) * \param _h handle to the closed connection * \return zero on success, negative value on failure */ -void db_mysql_close(db1_con_t *_h) +static void db_mysql_close_impl(db1_con_t *_h) { db_do_close(_h, db_mysql_free_connection); } +void db_mysql_close(db1_con_t *_h) +{ + run_thread0P((_thread_proto0P)db_mysql_close_impl, _h); +} + /** * Retrieve a result set ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:f0289725: core/rthreads.h: use thread wrappers only for process#0
Module: kamailio Branch: 5.7 Commit: f028972588296858429e28f941a085131af8084c URL: https://github.com/kamailio/kamailio/commit/f028972588296858429e28f941a085131af8084c Author: S-P Chan Committer: S-P Chan Date: 2024-02-07T17:36:38+08:00 core/rthreads.h: use thread wrappers only for process#0 - for process#0 use threads to avoid initializing libssl thread-locals in thread#1 - for process_no > 0 revert to standard behaviour and reduce overhead of creating threads --- Modified: src/core/rthreads.h --- Diff: https://github.com/kamailio/kamailio/commit/f028972588296858429e28f941a085131af8084c.diff Patch: https://github.com/kamailio/kamailio/commit/f028972588296858429e28f941a085131af8084c.patch --- diff --git a/src/core/rthreads.h b/src/core/rthreads.h index a416ad2ca50..add3426d4db 100644 --- a/src/core/rthreads.h +++ b/src/core/rthreads.h @@ -35,13 +35,20 @@ typedef void *(*_thread_proto)(void *); #ifndef KSR_RTHREAD_SKIP_P static void *run_threadP(_thread_proto fn, void *arg) { +#ifdef USE_TLS pthread_t tid; void *ret; + if(likely(process_no)) { + return fn(arg); + } pthread_create(, NULL, fn, arg); pthread_join(tid, ); return ret; +#else + return fn(arg); +#endif /* USE_TLS */ } #endif @@ -63,14 +70,21 @@ static void *run_thread_wrapPI(struct _thread_argsPI *args) static void *run_threadPI(_thread_protoPI fn, void *arg1, int arg2) { +#ifdef USE_TLS pthread_t tid; void *ret; + if(likely(process_no)) { + return fn(arg1, arg2); + } pthread_create(, NULL, (_thread_proto)_thread_wrapPI, &(struct _thread_argsPI){fn, arg1, arg2}); pthread_join(tid, ); return ret; +#else + return fn(arg1, arg2); +#endif /* USE_TLS */ } #endif @@ -91,11 +105,20 @@ static void *run_thread_wrapV(struct _thread_argsV *args) static void run_threadV(_thread_protoV fn) { +#ifdef USE_TLS pthread_t tid; + if(likely(process_no)) { + fn(); + return; + } + pthread_create(, NULL, (_thread_proto)run_thread_wrapV, &(struct _thread_argsV){fn}); pthread_join(tid, NULL); +#else + fn(); +#endif /* USE_TLS */ } #endif @@ -119,14 +142,22 @@ static void *run_thread_wrap4PP(struct _thread_args4PP *args) static int run_thread4PP(_thread_proto4PP fn, void *arg1, void *arg2) { +#ifdef USE_TLS pthread_t tid; int ret; + if(likely(process_no)) { + return fn(arg1, arg2); + } + pthread_create(, NULL, (_thread_proto)run_thread_wrap4PP, &(struct _thread_args4PP){fn, arg1, arg2, }); pthread_join(tid, NULL); return ret; +#else + return fn(arg1, arg2); +#endif } #endif @@ -148,10 +179,19 @@ static void *run_thread_wrap0P(struct _thread_args0P *args) static void run_thread0P(_thread_proto0P fn, void *arg1) { +#ifdef USE_TLS pthread_t tid; + if(likely(process_no)) { + fn(arg1); + return; + } + pthread_create(, NULL, (_thread_proto)run_thread_wrap0P, &(struct _thread_args0P){fn, arg1}); pthread_join(tid, NULL); +#else + fn(arg1); +#endif /* USE_TLS */ } #endif ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:c393d5d5: db_unixodbc: libssl thread guards for db_unixodbc_(close|free_result|query)
Module: kamailio Branch: master Commit: c393d5d5d167bdbf9a2f465effdc761195ed1279 URL: https://github.com/kamailio/kamailio/commit/c393d5d5d167bdbf9a2f465effdc761195ed1279 Author: S-P Chan Committer: S-P Chan Date: 2024-02-09T07:05:17+08:00 db_unixodbc: libssl thread guards for db_unixodbc_(close|free_result|query) --- Modified: src/modules/db_unixodbc/dbase.c --- Diff: https://github.com/kamailio/kamailio/commit/c393d5d5d167bdbf9a2f465effdc761195ed1279.diff Patch: https://github.com/kamailio/kamailio/commit/c393d5d5d167bdbf9a2f465effdc761195ed1279.patch --- diff --git a/src/modules/db_unixodbc/dbase.c b/src/modules/db_unixodbc/dbase.c index 7a5f2bdb09e..aa2387ee26e 100644 --- a/src/modules/db_unixodbc/dbase.c +++ b/src/modules/db_unixodbc/dbase.c @@ -26,6 +26,8 @@ #include "../../core/dprint.h" #include "../../core/async_task.h" #define KSR_RTHREAD_NEED_4PP +#define KSR_RTHREAD_NEED_4P5I2P2 +#define KSR_RTHREAD_NEED_0P #include "../../core/rthreads.h" #include "../../lib/srdb1/db_query.h" #include "val.h" @@ -254,11 +256,16 @@ db1_con_t *db_unixodbc_init(const str *_url) * Shut down database module * No function should be called after this */ -void db_unixodbc_close(db1_con_t *_h) +static void db_unixodbc_close_impl(db1_con_t *_h) { return db_do_close(_h, db_unixodbc_free_connection); } +void db_unixodbc_close(db1_con_t *_h) +{ + run_thread0P((_thread_proto0P)db_unixodbc_close_impl, _h); +} + /* * Retrieve result set */ @@ -299,7 +306,7 @@ static int db_unixodbc_store_result(const db1_con_t *_h, db1_res_t **_r) /* * Release a result set from memory */ -int db_unixodbc_free_result(db1_con_t *_h, db1_res_t *_r) +static int db_unixodbc_free_result_impl(db1_con_t *_h, db1_res_t *_r) { if((!_h) || (!_r)) { LM_ERR("invalid parameter value\n"); @@ -315,6 +322,12 @@ int db_unixodbc_free_result(db1_con_t *_h, db1_res_t *_r) return 0; } +int db_unixodbc_free_result(db1_con_t *_h, db1_res_t *_r) +{ + return run_thread4PP( + (_thread_proto4PP)db_unixodbc_free_result_impl, _h, _r); +} + /* * Query table for specified rows * _h: structure representing database connection @@ -326,7 +339,7 @@ int db_unixodbc_free_result(db1_con_t *_h, db1_res_t *_r) * _nc: number of columns to return * _o: order by the specified column */ -int db_unixodbc_query(const db1_con_t *_h, const db_key_t *_k, +static int db_unixodbc_query_impl(const db1_con_t *_h, const db_key_t *_k, const db_op_t *_op, const db_val_t *_v, const db_key_t *_c, const int _n, const int _nc, const db_key_t _o, db1_res_t **_r) { @@ -335,6 +348,15 @@ int db_unixodbc_query(const db1_con_t *_h, const db_key_t *_k, db_unixodbc_store_result); } +int db_unixodbc_query(const db1_con_t *_h, const db_key_t *_k, + const db_op_t *_op, const db_val_t *_v, const db_key_t *_c, + const int _n, const int _nc, const db_key_t _o, db1_res_t **_r) +{ + return run_thread4P5I2P2((_thread_proto4P5I2P2)db_unixodbc_query_impl, + (void *)_h, (void *)_k, (void *)_op, (void *)_v, (void *)_c, _n, + _nc, (void *)_o, (void *)_r); +} + /*! * \brief Gets a partial result set, fetch rows from a result * ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:7043a581: db_mysql: libssl thread guard for db_mysql_close
Module: kamailio Branch: master Commit: 7043a581c4cfe05d6f9a0161368a61f7c67e326c URL: https://github.com/kamailio/kamailio/commit/7043a581c4cfe05d6f9a0161368a61f7c67e326c Author: S-P Chan Committer: S-P Chan Date: 2024-02-09T07:05:17+08:00 db_mysql: libssl thread guard for db_mysql_close --- Modified: src/modules/db_mysql/km_dbase.c --- Diff: https://github.com/kamailio/kamailio/commit/7043a581c4cfe05d6f9a0161368a61f7c67e326c.diff Patch: https://github.com/kamailio/kamailio/commit/7043a581c4cfe05d6f9a0161368a61f7c67e326c.patch --- diff --git a/src/modules/db_mysql/km_dbase.c b/src/modules/db_mysql/km_dbase.c index e86e4a0391b..7b65c0a012c 100644 --- a/src/modules/db_mysql/km_dbase.c +++ b/src/modules/db_mysql/km_dbase.c @@ -40,6 +40,7 @@ #include "../../core/async_task.h" #define KSR_RTHREAD_NEED_4PP +#define KSR_RTHREAD_NEED_0P #include "../../core/rthreads.h" #include "../../lib/srdb1/db_query.h" #include "../../lib/srdb1/db_ut.h" @@ -228,11 +229,16 @@ db1_con_t *db_mysql_init(const str *_url) * \param _h handle to the closed connection * \return zero on success, negative value on failure */ -void db_mysql_close(db1_con_t *_h) +static void db_mysql_close_impl(db1_con_t *_h) { db_do_close(_h, db_mysql_free_connection); } +void db_mysql_close(db1_con_t *_h) +{ + run_thread0P((_thread_proto0P)db_mysql_close_impl, _h); +} + /** * Retrieve a result set ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:e33911f5: db_postgres: libssl thread guard for db_postgres_close
Module: kamailio Branch: master Commit: e33911f5edbac36f54b6371f9b952b57488bcced URL: https://github.com/kamailio/kamailio/commit/e33911f5edbac36f54b6371f9b952b57488bcced Author: S-P Chan Committer: S-P Chan Date: 2024-02-09T07:05:17+08:00 db_postgres: libssl thread guard for db_postgres_close --- Modified: src/modules/db_postgres/km_dbase.c --- Diff: https://github.com/kamailio/kamailio/commit/e33911f5edbac36f54b6371f9b952b57488bcced.diff Patch: https://github.com/kamailio/kamailio/commit/e33911f5edbac36f54b6371f9b952b57488bcced.patch --- diff --git a/src/modules/db_postgres/km_dbase.c b/src/modules/db_postgres/km_dbase.c index 7948ff0075f..e8dce6e09ea 100644 --- a/src/modules/db_postgres/km_dbase.c +++ b/src/modules/db_postgres/km_dbase.c @@ -45,6 +45,7 @@ #include "../../core/clist.h" #define KSR_RTHREAD_NEED_PI #define KSR_RTHREAD_NEED_4PP +#define KSR_RTHREAD_NEED_0P #include "../../core/rthreads.h" #include "km_dbase.h" #include "km_pg_con.h" @@ -147,11 +148,16 @@ db1_con_t *db_postgres_init2(const str *_url, db_pooling_t pooling) * \param _h closed connection, as returned from db_postgres_init * \note free all memory and resources */ -void db_postgres_close(db1_con_t *_h) +static void db_postgres_close_impl(db1_con_t *_h) { db_do_close(_h, db_postgres_free_connection); } +void db_postgres_close(db1_con_t *_h) +{ + run_thread0P((_thread_proto0P)db_postgres_close_impl, _h); +} + /*! * \brief Submit_query, run a query ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:4baa76cd: core/rthreads.h: thread wrapper for db_XXXX_query
Module: kamailio Branch: master Commit: 4baa76cd3e0d4052baf037c663a898fd11c54514 URL: https://github.com/kamailio/kamailio/commit/4baa76cd3e0d4052baf037c663a898fd11c54514 Author: S-P Chan Committer: S-P Chan Date: 2024-02-09T07:05:17+08:00 core/rthreads.h: thread wrapper for db__query --- Modified: src/core/rthreads.h --- Diff: https://github.com/kamailio/kamailio/commit/4baa76cd3e0d4052baf037c663a898fd11c54514.diff Patch: https://github.com/kamailio/kamailio/commit/4baa76cd3e0d4052baf037c663a898fd11c54514.patch --- diff --git a/src/core/rthreads.h b/src/core/rthreads.h index 2f922be5a75..e96f45c9395 100644 --- a/src/core/rthreads.h +++ b/src/core/rthreads.h @@ -201,3 +201,56 @@ static void run_thread0P(_thread_proto0P fn, void *arg1) #endif } #endif + +/* + * prototype: + * db_unixodbc_query(const db1_con_t *_h, const db_key_t *_k, + *const db_op_t *_op, const db_val_t *_v, const db_key_t *_c, + *const int _n, const int _nc, const db_key_t _o, db1_res_t **_r) + */ +#ifdef KSR_RTHREAD_NEED_4P5I2P2 +typedef int (*_thread_proto4P5I2P2)( + void *, void *, void *, void *, void *, int, int, void *, void *); +struct _thread_args4P5I2P2 +{ + _thread_proto4P5I2P2 fn; + void *arg1; + void *arg2; + void *arg3; + void *arg4; + void *arg5; + int arg6; + int arg7; + void *arg8; + void *arg9; + int *ret; +}; +static void *run_thread_wrap4P5I2P2(struct _thread_args4P5I2P2 *args) +{ + *args->ret = (*args->fn)(args->arg1, args->arg2, args->arg3, args->arg4, + args->arg5, args->arg6, args->arg7, args->arg8, args->arg9); + return NULL; +} + +static int run_thread4P5I2P2(_thread_proto4P5I2P2 fn, void *arg1, void *arg2, + void *arg3, void *arg4, void *arg5, int arg6, int arg7, void *arg8, + void *arg9) +{ +#ifdef USE_TLS + pthread_t tid; + int ret; + + if(likely(ksr_tls_threads_mode == 0 + || (ksr_tls_threads_mode == 1 && process_no > 0))) { + return fn(arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8, arg9); + } + pthread_create(, NULL, (_thread_proto)run_thread_wrap4P5I2P2, + &(struct _thread_args4P5I2P2){fn, arg1, arg2, arg3, arg4, arg5, + arg6, arg7, arg8, arg9, }); + pthread_join(tid, NULL); + return ret; +#else + return fn(arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8, arg9); +#endif +} +#endif ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:fb7c4ec9: core/rthreads.h: fix missing returns
Module: kamailio Branch: master Commit: fb7c4ec9a33d8147094aa664ce3c96b6c3cb7d35 URL: https://github.com/kamailio/kamailio/commit/fb7c4ec9a33d8147094aa664ce3c96b6c3cb7d35 Author: S-P Chan Committer: S-P Chan Date: 2024-02-07T14:08:01+08:00 core/rthreads.h: fix missing returns --- Modified: src/core/rthreads.h --- Diff: https://github.com/kamailio/kamailio/commit/fb7c4ec9a33d8147094aa664ce3c96b6c3cb7d35.diff Patch: https://github.com/kamailio/kamailio/commit/fb7c4ec9a33d8147094aa664ce3c96b6c3cb7d35.patch --- diff --git a/src/core/rthreads.h b/src/core/rthreads.h index 897e6b8d9ed..2f922be5a75 100644 --- a/src/core/rthreads.h +++ b/src/core/rthreads.h @@ -40,16 +40,17 @@ static void *run_threadP(_thread_proto fn, void *arg) pthread_t tid; void *ret; -if(likely(ksr_tls_threads_mode == 0 || (ksr_tls_threads_mode == 1 && process_no > 0))) { -return fn(arg); -} + if(likely(ksr_tls_threads_mode == 0 + || (ksr_tls_threads_mode == 1 && process_no > 0))) { + return fn(arg); + } pthread_create(, NULL, fn, arg); pthread_join(tid, ); return ret; #else -return fn(arg); + return fn(arg); #endif /* USE_TLS */ } #endif @@ -76,9 +77,10 @@ static void *run_threadPI(_thread_protoPI fn, void *arg1, int arg2) pthread_t tid; void *ret; -if(likely(ksr_tls_threads_mode == 0 || (ksr_tls_threads_mode == 1 && process_no > 0))) { -return fn(arg1, arg2); -} + if(likely(ksr_tls_threads_mode == 0 + || (ksr_tls_threads_mode == 1 && process_no > 0))) { + return fn(arg1, arg2); + } pthread_create(, NULL, (_thread_proto)_thread_wrapPI, &(struct _thread_argsPI){fn, arg1, arg2}); @@ -86,7 +88,7 @@ static void *run_threadPI(_thread_protoPI fn, void *arg1, int arg2) return ret; #else -return fn(arg1, arg2); + return fn(arg1, arg2); #endif } #endif @@ -111,15 +113,17 @@ static void run_threadV(_thread_protoV fn) #ifdef USE_TLS pthread_t tid; -if(likely(ksr_tls_threads_mode == 0 || (ksr_tls_threads_mode == 1 && process_no > 0))) { -fn(); -} + if(likely(ksr_tls_threads_mode == 0 + || (ksr_tls_threads_mode == 1 && process_no > 0))) { + fn(); + return; + } pthread_create(, NULL, (_thread_proto)run_thread_wrapV, &(struct _thread_argsV){fn}); pthread_join(tid, NULL); #else -fn(); + fn(); #endif } #endif @@ -148,16 +152,17 @@ static int run_thread4PP(_thread_proto4PP fn, void *arg1, void *arg2) pthread_t tid; int ret; -if(likely(ksr_tls_threads_mode == 0 || (ksr_tls_threads_mode == 1 && process_no > 0))) { -return fn(arg1, arg2); -} + if(likely(ksr_tls_threads_mode == 0 + || (ksr_tls_threads_mode == 1 && process_no > 0))) { + return fn(arg1, arg2); + } pthread_create(, NULL, (_thread_proto)run_thread_wrap4PP, &(struct _thread_args4PP){fn, arg1, arg2, }); pthread_join(tid, NULL); return ret; #else -return fn(arg1, arg2); + return fn(arg1, arg2); #endif } #endif @@ -183,14 +188,16 @@ static void run_thread0P(_thread_proto0P fn, void *arg1) #ifdef USE_TLS pthread_t tid; -if(likely(ksr_tls_threads_mode == 0 || (ksr_tls_threads_mode == 1 && process_no > 0))) { -fn(arg1); -} + if(likely(ksr_tls_threads_mode == 0 + || (ksr_tls_threads_mode == 1 && process_no > 0))) { + fn(arg1); + return; + } pthread_create(, NULL, (_thread_proto)run_thread_wrap0P, &(struct _thread_args0P){fn, arg1}); pthread_join(tid, NULL); #else -fn(arg1) + fn(arg1) #endif } #endif ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:1a2993ca: core/rthreads.h: fix missing return
Module: kamailio Branch: master Commit: 1a2993ca370da35c34abae1cb44086492faa0ade URL: https://github.com/kamailio/kamailio/commit/1a2993ca370da35c34abae1cb44086492faa0ade Author: S-P Chan Committer: S-P Chan Date: 2024-02-07T05:54:35+08:00 core/rthreads.h: fix missing return --- Modified: src/core/rthreads.h --- Diff: https://github.com/kamailio/kamailio/commit/1a2993ca370da35c34abae1cb44086492faa0ade.diff Patch: https://github.com/kamailio/kamailio/commit/1a2993ca370da35c34abae1cb44086492faa0ade.patch --- diff --git a/src/core/rthreads.h b/src/core/rthreads.h index 084f463261b..897e6b8d9ed 100644 --- a/src/core/rthreads.h +++ b/src/core/rthreads.h @@ -49,7 +49,7 @@ static void *run_threadP(_thread_proto fn, void *arg) return ret; #else -fn(arg); +return fn(arg); #endif /* USE_TLS */ } #endif ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:e52bc4ba: Sample etc/kamailio.cfg: add tls_threads_mode to config
Module: kamailio Branch: master Commit: e52bc4ba41417362c79da1cd3d41b283aabc4eb8 URL: https://github.com/kamailio/kamailio/commit/e52bc4ba41417362c79da1cd3d41b283aabc4eb8 Author: S-P Chan Committer: S-P Chan Date: 2024-02-07T05:49:14+08:00 Sample etc/kamailio.cfg: add tls_threads_mode to config --- Modified: etc/kamailio.cfg --- Diff: https://github.com/kamailio/kamailio/commit/e52bc4ba41417362c79da1cd3d41b283aabc4eb8.diff Patch: https://github.com/kamailio/kamailio/commit/e52bc4ba41417362c79da1cd3d41b283aabc4eb8.patch --- diff --git a/etc/kamailio.cfg b/etc/kamailio.cfg index cc043fad58b..2d68f7692e1 100755 --- a/etc/kamailio.cfg +++ b/etc/kamailio.cfg @@ -220,6 +220,13 @@ enable_tls=yes /* upper limit for TLS connections */ tls_max_connections=2048 + +/* For OpenSSL 3 integration + * functions calling libssl3 can be invoked in a transient thread + * 0: disable threaded calls + * 1: use threads for process#0 only + * 2: use threads for all processes */ +tls_threads_mode=1 #!endif /* set it to yes to enable sctp and load sctp.so module */ ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:aa15489f: core/rthreads.h: use global ksr_tls_threads_mode to constrain thread
Module: kamailio Branch: master Commit: aa15489f0a8de4a27197602d771fe02cf5745287 URL: https://github.com/kamailio/kamailio/commit/aa15489f0a8de4a27197602d771fe02cf5745287 Author: S-P Chan Committer: S-P Chan Date: 2024-02-07T05:24:30+08:00 core/rthreads.h: use global ksr_tls_threads_mode to constrain thread wrapping - 0: run wrapped function directly - 1: run wrapped function in thread for process#0 else run directly - 2: always run wrapped function in thread --- Modified: src/core/rthreads.h --- Diff: https://github.com/kamailio/kamailio/commit/aa15489f0a8de4a27197602d771fe02cf5745287.diff Patch: https://github.com/kamailio/kamailio/commit/aa15489f0a8de4a27197602d771fe02cf5745287.patch --- diff --git a/src/core/rthreads.h b/src/core/rthreads.h index a416ad2ca50..084f463261b 100644 --- a/src/core/rthreads.h +++ b/src/core/rthreads.h @@ -27,6 +27,7 @@ */ #include +#include "./globals.h" /* * prototype: void *fn(void *arg) { ... } */ @@ -35,13 +36,21 @@ typedef void *(*_thread_proto)(void *); #ifndef KSR_RTHREAD_SKIP_P static void *run_threadP(_thread_proto fn, void *arg) { +#ifdef USE_TLS pthread_t tid; void *ret; +if(likely(ksr_tls_threads_mode == 0 || (ksr_tls_threads_mode == 1 && process_no > 0))) { +return fn(arg); +} + pthread_create(, NULL, fn, arg); pthread_join(tid, ); return ret; +#else +fn(arg); +#endif /* USE_TLS */ } #endif @@ -63,14 +72,22 @@ static void *run_thread_wrapPI(struct _thread_argsPI *args) static void *run_threadPI(_thread_protoPI fn, void *arg1, int arg2) { +#ifdef USE_TLS pthread_t tid; void *ret; +if(likely(ksr_tls_threads_mode == 0 || (ksr_tls_threads_mode == 1 && process_no > 0))) { +return fn(arg1, arg2); +} + pthread_create(, NULL, (_thread_proto)_thread_wrapPI, &(struct _thread_argsPI){fn, arg1, arg2}); pthread_join(tid, ); return ret; +#else +return fn(arg1, arg2); +#endif } #endif @@ -91,11 +108,19 @@ static void *run_thread_wrapV(struct _thread_argsV *args) static void run_threadV(_thread_protoV fn) { +#ifdef USE_TLS pthread_t tid; +if(likely(ksr_tls_threads_mode == 0 || (ksr_tls_threads_mode == 1 && process_no > 0))) { +fn(); +} + pthread_create(, NULL, (_thread_proto)run_thread_wrapV, &(struct _thread_argsV){fn}); pthread_join(tid, NULL); +#else +fn(); +#endif } #endif @@ -119,14 +144,21 @@ static void *run_thread_wrap4PP(struct _thread_args4PP *args) static int run_thread4PP(_thread_proto4PP fn, void *arg1, void *arg2) { +#ifdef USE_TLS pthread_t tid; int ret; +if(likely(ksr_tls_threads_mode == 0 || (ksr_tls_threads_mode == 1 && process_no > 0))) { +return fn(arg1, arg2); +} pthread_create(, NULL, (_thread_proto)run_thread_wrap4PP, &(struct _thread_args4PP){fn, arg1, arg2, }); pthread_join(tid, NULL); return ret; +#else +return fn(arg1, arg2); +#endif } #endif @@ -148,10 +180,17 @@ static void *run_thread_wrap0P(struct _thread_args0P *args) static void run_thread0P(_thread_proto0P fn, void *arg1) { +#ifdef USE_TLS pthread_t tid; +if(likely(ksr_tls_threads_mode == 0 || (ksr_tls_threads_mode == 1 && process_no > 0))) { +fn(arg1); +} pthread_create(, NULL, (_thread_proto)run_thread_wrap0P, &(struct _thread_args0P){fn, arg1}); pthread_join(tid, NULL); +#else +fn(arg1) +#endif } #endif ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:579d3973: db_unixodbc: handle SSL and submit query
Module: kamailio Branch: 5.7 Commit: 579d39736b8f11d0e5c68715ba3a9aafc07cd7dc URL: https://github.com/kamailio/kamailio/commit/579d39736b8f11d0e5c68715ba3a9aafc07cd7dc Author: S-P Chan Committer: S-P Chan Date: 2024-02-06T13:13:42+08:00 db_unixodbc: handle SSL and submit query (cherry-pick from 7d917e6649be7188bb9ab152ada75bc7199b2980) --- Modified: src/modules/db_unixodbc/dbase.c --- Diff: https://github.com/kamailio/kamailio/commit/579d39736b8f11d0e5c68715ba3a9aafc07cd7dc.diff Patch: https://github.com/kamailio/kamailio/commit/579d39736b8f11d0e5c68715ba3a9aafc07cd7dc.patch --- diff --git a/src/modules/db_unixodbc/dbase.c b/src/modules/db_unixodbc/dbase.c index c4ba64b019c..7a5f2bdb09e 100644 --- a/src/modules/db_unixodbc/dbase.c +++ b/src/modules/db_unixodbc/dbase.c @@ -25,6 +25,7 @@ #include "../../core/mem/mem.h" #include "../../core/dprint.h" #include "../../core/async_task.h" +#define KSR_RTHREAD_NEED_4PP #include "../../core/rthreads.h" #include "../../lib/srdb1/db_query.h" #include "val.h" @@ -81,7 +82,7 @@ static int reconnect(const db1_con_t *_h) /* * Send an SQL query to the server */ -static int db_unixodbc_submit_query(const db1_con_t *_h, const str *_s) +static int db_unixodbc_submit_query_impl(const db1_con_t *_h, const str *_s) { int ret = 0; SQLCHAR sqlstate[7]; @@ -155,6 +156,11 @@ static int db_unixodbc_submit_query(const db1_con_t *_h, const str *_s) return ret; } +static int db_unixodbc_submit_query(const db1_con_t *_h, const str *_s) +{ + return run_thread4PP((_thread_proto4PP)db_unixodbc_submit_query_impl, + (void *)_h, (void *)_s); +} /** * */ ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:103c62ba: db_mysql: handle SSL and submit query
Module: kamailio Branch: 5.7 Commit: 103c62ba675f8d306e1c0fb60ddfd4c4bca1e931 URL: https://github.com/kamailio/kamailio/commit/103c62ba675f8d306e1c0fb60ddfd4c4bca1e931 Author: S-P Chan Committer: S-P Chan Date: 2024-02-06T13:13:59+08:00 db_mysql: handle SSL and submit query (cherry-pick from 51d9f92eca3ef1044052581c9438af6e643652a1) --- Modified: src/modules/db_mysql/km_dbase.c --- Diff: https://github.com/kamailio/kamailio/commit/103c62ba675f8d306e1c0fb60ddfd4c4bca1e931.diff Patch: https://github.com/kamailio/kamailio/commit/103c62ba675f8d306e1c0fb60ddfd4c4bca1e931.patch --- diff --git a/src/modules/db_mysql/km_dbase.c b/src/modules/db_mysql/km_dbase.c index 9cd238b78ab..e86e4a0391b 100644 --- a/src/modules/db_mysql/km_dbase.c +++ b/src/modules/db_mysql/km_dbase.c @@ -38,6 +38,8 @@ #include "../../core/mem/mem.h" #include "../../core/dprint.h" #include "../../core/async_task.h" + +#define KSR_RTHREAD_NEED_4PP #include "../../core/rthreads.h" #include "../../lib/srdb1/db_query.h" #include "../../lib/srdb1/db_ut.h" @@ -67,7 +69,7 @@ static char *mysql_sql_buf; * \param _s executed query * \return zero on success, negative value on failure */ -static int db_mysql_submit_query(const db1_con_t *_h, const str *_s) +static int db_mysql_submit_query_impl(const db1_con_t *_h, const str *_s) { time_t t; int i, code; @@ -128,6 +130,11 @@ static int db_mysql_submit_query(const db1_con_t *_h, const str *_s) } +static int db_mysql_submit_query(const db1_con_t *_h, const str *_s) +{ + return run_thread4PP((_thread_proto4PP)db_mysql_submit_query_impl, + (void *)_h, (void *)_s); +} /** * */ ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:63009ee5: db_postgres: handle SSL and submit query
Module: kamailio Branch: 5.7 Commit: 63009ee559bb68a3fde0b7f479d3023b06a6c376 URL: https://github.com/kamailio/kamailio/commit/63009ee559bb68a3fde0b7f479d3023b06a6c376 Author: S-P Chan Committer: S-P Chan Date: 2024-02-06T13:14:12+08:00 db_postgres: handle SSL and submit query (cherry-pick from d638c774ed816eec800e72ba2546004215cfe097) --- Modified: src/modules/db_postgres/km_dbase.c --- Diff: https://github.com/kamailio/kamailio/commit/63009ee559bb68a3fde0b7f479d3023b06a6c376.diff Patch: https://github.com/kamailio/kamailio/commit/63009ee559bb68a3fde0b7f479d3023b06a6c376.patch --- diff --git a/src/modules/db_postgres/km_dbase.c b/src/modules/db_postgres/km_dbase.c index 3d58f1a53e0..7948ff0075f 100644 --- a/src/modules/db_postgres/km_dbase.c +++ b/src/modules/db_postgres/km_dbase.c @@ -44,6 +44,7 @@ #include "../../core/hashes.h" #include "../../core/clist.h" #define KSR_RTHREAD_NEED_PI +#define KSR_RTHREAD_NEED_4PP #include "../../core/rthreads.h" #include "km_dbase.h" #include "km_pg_con.h" @@ -158,7 +159,7 @@ void db_postgres_close(db1_con_t *_h) * \param _s query string * \return 0 on success, negative on failure */ -static int db_postgres_submit_query(const db1_con_t *_con, const str *_s) +static int db_postgres_submit_query_impl(const db1_con_t *_con, const str *_s) { char *s = NULL; int i, retries; @@ -286,6 +287,12 @@ static int db_postgres_submit_query(const db1_con_t *_con, const str *_s) return -1; } +static int db_postgres_submit_query(const db1_con_t *_con, const str *_s) +{ + return run_thread4PP((_thread_proto4PP)db_postgres_submit_query_impl, + (void *)_con, (void *)_s); +} + void db_postgres_async_exec_task(void *param) { str *p; ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:6f037a48: core/rthread.h: add prototype for db queries
Module: kamailio Branch: 5.7 Commit: 6f037a48f706e6108a063883f9e9a324bea56da9 URL: https://github.com/kamailio/kamailio/commit/6f037a48f706e6108a063883f9e9a324bea56da9 Author: S-P Chan Committer: S-P Chan Date: 2024-02-06T13:13:23+08:00 core/rthread.h: add prototype for db queries (cherry-pick from ba921b2112e87625fba5789d1b049161bb611073) --- Modified: src/core/rthreads.h --- Diff: https://github.com/kamailio/kamailio/commit/6f037a48f706e6108a063883f9e9a324bea56da9.diff Patch: https://github.com/kamailio/kamailio/commit/6f037a48f706e6108a063883f9e9a324bea56da9.patch --- diff --git a/src/core/rthreads.h b/src/core/rthreads.h index a5ad7670dae..a416ad2ca50 100644 --- a/src/core/rthreads.h +++ b/src/core/rthreads.h @@ -98,3 +98,60 @@ static void run_threadV(_thread_protoV fn) pthread_join(tid, NULL); } #endif + +/* + * prototype: int fn(void *, void *) { ... } + */ +#ifdef KSR_RTHREAD_NEED_4PP +typedef int (*_thread_proto4PP)(void *, void *); +struct _thread_args4PP +{ + _thread_proto4PP fn; + void *arg1; + void *arg2; + int *ret; +}; +static void *run_thread_wrap4PP(struct _thread_args4PP *args) +{ + *args->ret = (*args->fn)(args->arg1, args->arg2); + return NULL; +} + +static int run_thread4PP(_thread_proto4PP fn, void *arg1, void *arg2) +{ + pthread_t tid; + int ret; + + pthread_create(, NULL, (_thread_proto)run_thread_wrap4PP, + &(struct _thread_args4PP){fn, arg1, arg2, }); + pthread_join(tid, NULL); + + return ret; +} +#endif + +/* + * prototype: void fn(void *) { ... } + */ +#ifdef KSR_RTHREAD_NEED_0P +typedef void (*_thread_proto0P)(void *); +struct _thread_args0P +{ + _thread_proto0P fn; + void *arg1; +}; +static void *run_thread_wrap0P(struct _thread_args0P *args) +{ + (*args->fn)(args->arg1); + return NULL; +} + +static void run_thread0P(_thread_proto0P fn, void *arg1) +{ + pthread_t tid; + + pthread_create(, NULL, (_thread_proto)run_thread_wrap0P, + &(struct _thread_args0P){fn, arg1}); + pthread_join(tid, NULL); +} +#endif ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:475b4da7: Sample etc/kamailio.cfg: tls should be loaded first if used
Module: kamailio Branch: master Commit: 475b4da798fce232eba6834c3cb05e3c97e12d03 URL: https://github.com/kamailio/kamailio/commit/475b4da798fce232eba6834c3cb05e3c97e12d03 Author: S-P Chan Committer: S-P Chan Date: 2024-02-06T11:09:13+08:00 Sample etc/kamailio.cfg: tls should be loaded first if used --- Modified: etc/kamailio.cfg --- Diff: https://github.com/kamailio/kamailio/commit/475b4da798fce232eba6834c3cb05e3c97e12d03.diff Patch: https://github.com/kamailio/kamailio/commit/475b4da798fce232eba6834c3cb05e3c97e12d03.patch --- diff --git a/etc/kamailio.cfg b/etc/kamailio.cfg old mode 100644 new mode 100755 index 598d12bc23e..cc043fad58b --- a/etc/kamailio.cfg +++ b/etc/kamailio.cfg @@ -257,6 +257,12 @@ voicemail.srv_port = "5060" desc "VoiceMail Port" /* set paths to location of modules */ # mpath="/usr/local/lib/kamailio/modules/" +# when using TLS with OpenSSL it is recommended to load this module +# first so that OpenSSL is initialized correctly +#!ifdef WITH_TLS +loadmodule "tls.so" +#!endif + #!ifdef WITH_MYSQL loadmodule "db_mysql.so" #!endif @@ -319,10 +325,6 @@ loadmodule "rtpproxy.so" #!endif #!endif -#!ifdef WITH_TLS -loadmodule "tls.so" -#!endif - #!ifdef WITH_HTABLE loadmodule "htable.so" #!endif ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:d638c774: db_postgres: handle SSL and submit query
Module: kamailio Branch: master Commit: d638c774ed816eec800e72ba2546004215cfe097 URL: https://github.com/kamailio/kamailio/commit/d638c774ed816eec800e72ba2546004215cfe097 Author: S-P Chan Committer: S-P Chan Date: 2024-02-06T10:17:53+08:00 db_postgres: handle SSL and submit query --- Modified: src/modules/db_postgres/km_dbase.c --- Diff: https://github.com/kamailio/kamailio/commit/d638c774ed816eec800e72ba2546004215cfe097.diff Patch: https://github.com/kamailio/kamailio/commit/d638c774ed816eec800e72ba2546004215cfe097.patch --- diff --git a/src/modules/db_postgres/km_dbase.c b/src/modules/db_postgres/km_dbase.c index 3d58f1a53e0..7948ff0075f 100644 --- a/src/modules/db_postgres/km_dbase.c +++ b/src/modules/db_postgres/km_dbase.c @@ -44,6 +44,7 @@ #include "../../core/hashes.h" #include "../../core/clist.h" #define KSR_RTHREAD_NEED_PI +#define KSR_RTHREAD_NEED_4PP #include "../../core/rthreads.h" #include "km_dbase.h" #include "km_pg_con.h" @@ -158,7 +159,7 @@ void db_postgres_close(db1_con_t *_h) * \param _s query string * \return 0 on success, negative on failure */ -static int db_postgres_submit_query(const db1_con_t *_con, const str *_s) +static int db_postgres_submit_query_impl(const db1_con_t *_con, const str *_s) { char *s = NULL; int i, retries; @@ -286,6 +287,12 @@ static int db_postgres_submit_query(const db1_con_t *_con, const str *_s) return -1; } +static int db_postgres_submit_query(const db1_con_t *_con, const str *_s) +{ + return run_thread4PP((_thread_proto4PP)db_postgres_submit_query_impl, + (void *)_con, (void *)_s); +} + void db_postgres_async_exec_task(void *param) { str *p; ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:7d917e66: db_unixodbc: handle SSL and submit query
Module: kamailio Branch: master Commit: 7d917e6649be7188bb9ab152ada75bc7199b2980 URL: https://github.com/kamailio/kamailio/commit/7d917e6649be7188bb9ab152ada75bc7199b2980 Author: S-P Chan Committer: S-P Chan Date: 2024-02-06T10:17:53+08:00 db_unixodbc: handle SSL and submit query --- Modified: src/modules/db_unixodbc/dbase.c --- Diff: https://github.com/kamailio/kamailio/commit/7d917e6649be7188bb9ab152ada75bc7199b2980.diff Patch: https://github.com/kamailio/kamailio/commit/7d917e6649be7188bb9ab152ada75bc7199b2980.patch --- diff --git a/src/modules/db_unixodbc/dbase.c b/src/modules/db_unixodbc/dbase.c index c4ba64b019c..7a5f2bdb09e 100644 --- a/src/modules/db_unixodbc/dbase.c +++ b/src/modules/db_unixodbc/dbase.c @@ -25,6 +25,7 @@ #include "../../core/mem/mem.h" #include "../../core/dprint.h" #include "../../core/async_task.h" +#define KSR_RTHREAD_NEED_4PP #include "../../core/rthreads.h" #include "../../lib/srdb1/db_query.h" #include "val.h" @@ -81,7 +82,7 @@ static int reconnect(const db1_con_t *_h) /* * Send an SQL query to the server */ -static int db_unixodbc_submit_query(const db1_con_t *_h, const str *_s) +static int db_unixodbc_submit_query_impl(const db1_con_t *_h, const str *_s) { int ret = 0; SQLCHAR sqlstate[7]; @@ -155,6 +156,11 @@ static int db_unixodbc_submit_query(const db1_con_t *_h, const str *_s) return ret; } +static int db_unixodbc_submit_query(const db1_con_t *_h, const str *_s) +{ + return run_thread4PP((_thread_proto4PP)db_unixodbc_submit_query_impl, + (void *)_h, (void *)_s); +} /** * */ ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:51d9f92e: db_mysql: handle SSL and submit query
Module: kamailio Branch: master Commit: 51d9f92eca3ef1044052581c9438af6e643652a1 URL: https://github.com/kamailio/kamailio/commit/51d9f92eca3ef1044052581c9438af6e643652a1 Author: S-P Chan Committer: S-P Chan Date: 2024-02-06T10:17:53+08:00 db_mysql: handle SSL and submit query --- Modified: src/modules/db_mysql/km_dbase.c --- Diff: https://github.com/kamailio/kamailio/commit/51d9f92eca3ef1044052581c9438af6e643652a1.diff Patch: https://github.com/kamailio/kamailio/commit/51d9f92eca3ef1044052581c9438af6e643652a1.patch --- diff --git a/src/modules/db_mysql/km_dbase.c b/src/modules/db_mysql/km_dbase.c index 9cd238b78ab..e86e4a0391b 100644 --- a/src/modules/db_mysql/km_dbase.c +++ b/src/modules/db_mysql/km_dbase.c @@ -38,6 +38,8 @@ #include "../../core/mem/mem.h" #include "../../core/dprint.h" #include "../../core/async_task.h" + +#define KSR_RTHREAD_NEED_4PP #include "../../core/rthreads.h" #include "../../lib/srdb1/db_query.h" #include "../../lib/srdb1/db_ut.h" @@ -67,7 +69,7 @@ static char *mysql_sql_buf; * \param _s executed query * \return zero on success, negative value on failure */ -static int db_mysql_submit_query(const db1_con_t *_h, const str *_s) +static int db_mysql_submit_query_impl(const db1_con_t *_h, const str *_s) { time_t t; int i, code; @@ -128,6 +130,11 @@ static int db_mysql_submit_query(const db1_con_t *_h, const str *_s) } +static int db_mysql_submit_query(const db1_con_t *_h, const str *_s) +{ + return run_thread4PP((_thread_proto4PP)db_mysql_submit_query_impl, + (void *)_h, (void *)_s); +} /** * */ ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:ba921b21: core/rthread.h: add prototype for db queries
Module: kamailio Branch: master Commit: ba921b2112e87625fba5789d1b049161bb611073 URL: https://github.com/kamailio/kamailio/commit/ba921b2112e87625fba5789d1b049161bb611073 Author: S-P Chan Committer: S-P Chan Date: 2024-02-06T10:17:53+08:00 core/rthread.h: add prototype for db queries --- Modified: src/core/rthreads.h --- Diff: https://github.com/kamailio/kamailio/commit/ba921b2112e87625fba5789d1b049161bb611073.diff Patch: https://github.com/kamailio/kamailio/commit/ba921b2112e87625fba5789d1b049161bb611073.patch --- diff --git a/src/core/rthreads.h b/src/core/rthreads.h index a5ad7670dae..a416ad2ca50 100644 --- a/src/core/rthreads.h +++ b/src/core/rthreads.h @@ -98,3 +98,60 @@ static void run_threadV(_thread_protoV fn) pthread_join(tid, NULL); } #endif + +/* + * prototype: int fn(void *, void *) { ... } + */ +#ifdef KSR_RTHREAD_NEED_4PP +typedef int (*_thread_proto4PP)(void *, void *); +struct _thread_args4PP +{ + _thread_proto4PP fn; + void *arg1; + void *arg2; + int *ret; +}; +static void *run_thread_wrap4PP(struct _thread_args4PP *args) +{ + *args->ret = (*args->fn)(args->arg1, args->arg2); + return NULL; +} + +static int run_thread4PP(_thread_proto4PP fn, void *arg1, void *arg2) +{ + pthread_t tid; + int ret; + + pthread_create(, NULL, (_thread_proto)run_thread_wrap4PP, + &(struct _thread_args4PP){fn, arg1, arg2, }); + pthread_join(tid, NULL); + + return ret; +} +#endif + +/* + * prototype: void fn(void *) { ... } + */ +#ifdef KSR_RTHREAD_NEED_0P +typedef void (*_thread_proto0P)(void *); +struct _thread_args0P +{ + _thread_proto0P fn; + void *arg1; +}; +static void *run_thread_wrap0P(struct _thread_args0P *args) +{ + (*args->fn)(args->arg1); + return NULL; +} + +static void run_thread0P(_thread_proto0P fn, void *arg1) +{ + pthread_t tid; + + pthread_create(, NULL, (_thread_proto)run_thread_wrap0P, + &(struct _thread_args0P){fn, arg1}); + pthread_join(tid, NULL); +} +#endif ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:74636a9b: Revert "tls_wolfssl: enable building with external package"
Module: kamailio Branch: 5.7 Commit: 74636a9bf53524a6d60351c1569a033270677d6c URL: https://github.com/kamailio/kamailio/commit/74636a9bf53524a6d60351c1569a033270677d6c Author: S-P Chan Committer: S-P Chan Date: 2024-02-04T10:11:45+08:00 Revert "tls_wolfssl: enable building with external package" This reverts commit 53ce759091f78ffecc6b4047ff3e8885329d718f. < 5.8 does not have 16-byte memory alignment --- Modified: src/modules/tls_wolfssl/Makefile --- Diff: https://github.com/kamailio/kamailio/commit/74636a9bf53524a6d60351c1569a033270677d6c.diff Patch: https://github.com/kamailio/kamailio/commit/74636a9bf53524a6d60351c1569a033270677d6c.patch --- diff --git a/src/modules/tls_wolfssl/Makefile b/src/modules/tls_wolfssl/Makefile index 98239c43183..5ef95d697b6 100644 --- a/src/modules/tls_wolfssl/Makefile +++ b/src/modules/tls_wolfssl/Makefile @@ -8,13 +8,6 @@ include ../../Makefile.defs auto_gen= NAME=tls_wolfssl.so -# make WOLFSSL_INTERNAL=yes... for internal submodule -# make WOLFSSL_INTERNAL=no... for system package -# default: yes - -WOLFSSL_INTERNAL ?= yes - -ifeq ($(WOLFSSL_INTERNAL),yes) WOLFSSL_PREFIX = ../../../misc/external/wolfssl/build WOLFSSL_SRC = ../../../misc/external/wolfssl/wolfssl @@ -41,15 +34,6 @@ $(WOLFSSL_PREFIX)/include/wolfssl/options.h $(WOLFSSL_PREFIX)/lib/libwolfssl.a: $(NAME): $(WOLFSSL_PREFIX)/lib/libwolfssl.a -else -WOLFSSL_LIBS ?= $(shell pkg-config wolfssl --libs) -WOLFSSL_INCLUDES ?= $(shell pkg-config wolfssl --cflags) - -LIBS += $(WOLFSSL_LIBS) -INCLUDES += $(WOLFSSL_INCLUDES) -include ../../Makefile.modules -endif - clean-wolfssl: @rm -rf $(WOLFSSL_PREFIX)/{bin,include,share,lib}; \ (cd $(WOLFSSL_SRC); make distclean) || /bin/true ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org