[sr-dev] git:5.8:dbe51dc4: db_mysql: fix check for enum MYSQL_OPT_SSL_CA for CentOS 7/5.5.x
Module: kamailio
Branch: 5.8
Commit: dbe51dc4ee53f6e4f00450745db709a9d741c481
URL:
https://github.com/kamailio/kamailio/commit/dbe51dc4ee53f6e4f00450745db709a9d741c481
Author: S-P Chan
Committer: S-P Chan
Date: 2024-07-09T13:40:05+08:00
db_mysql: fix check for enum MYSQL_OPT_SSL_CA for CentOS 7/5.5.x
- MYSQL_OPT_SSL_CA is an enum not a macro
- base check on MYSQL_VERSION_ID - 50568 used in CentOS 7
Addresses #3910
(cherry-picked from commit 92cfedaaffb034db536f3bcf68695b433db92706)
---
Modified: src/modules/db_mysql/km_my_con.c
---
Diff:
https://github.com/kamailio/kamailio/commit/dbe51dc4ee53f6e4f00450745db709a9d741c481.diff
Patch:
https://github.com/kamailio/kamailio/commit/dbe51dc4ee53f6e4f00450745db709a9d741c481.patch
---
diff --git a/src/modules/db_mysql/km_my_con.c b/src/modules/db_mysql/km_my_con.c
index 240d3f59a76..37508ce24c0 100644
--- a/src/modules/db_mysql/km_my_con.c
+++ b/src/modules/db_mysql/km_my_con.c
@@ -179,14 +179,14 @@ struct my_con *db_mysql_new_connection(const struct db_id
*id)
#endif /* MYSQL_VERSION_ID */
#endif /* MARIADB_BASE_VERSION */
-#ifdef MYSQL_OPT_SSL_CA
+#if(MYSQL_VERSION_ID >= 50600)
if(db_mysql_opt_ssl_ca)
mysql_options(
ptr->con, MYSQL_OPT_SSL_CA, (const void
*)db_mysql_opt_ssl_ca);
#else
- LM_DBG("opt_ssl_ca option not supported by mysql version (value %s) - "
+ LM_DBG("opt_ssl_ca option not supported by mysql version (value %d) - "
"ignoring\n",
- db_mysql_opt_ssl_ca);
+ MYSQL_VERSION_ID);
#endif /* MYSQL_OPT_SSL_CA */
#ifdef KSR_MYSQL_OPT_RECONNECT
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:0fc0c7b3: Revert "db_mysql: fix check for enum MYSQL_OPT_SSL_CA for CentOS 7/5.5.x"
Module: kamailio
Branch: master
Commit: 0fc0c7b3d3d6ded300c46f504406447670fee4e8
URL:
https://github.com/kamailio/kamailio/commit/0fc0c7b3d3d6ded300c46f504406447670fee4e8
Author: S-P Chan
Committer: S-P Chan
Date: 2024-07-09T10:50:14+08:00
Revert "db_mysql: fix check for enum MYSQL_OPT_SSL_CA for CentOS 7/5.5.x"
This reverts commit 5b2be5e2c716ad8f8502b3be3db5194eb8474d39.
The commit should check >= not <
---
Modified: src/modules/db_mysql/km_my_con.c
---
Diff:
https://github.com/kamailio/kamailio/commit/0fc0c7b3d3d6ded300c46f504406447670fee4e8.diff
Patch:
https://github.com/kamailio/kamailio/commit/0fc0c7b3d3d6ded300c46f504406447670fee4e8.patch
---
diff --git a/src/modules/db_mysql/km_my_con.c b/src/modules/db_mysql/km_my_con.c
index 21ac5023c81..240d3f59a76 100644
--- a/src/modules/db_mysql/km_my_con.c
+++ b/src/modules/db_mysql/km_my_con.c
@@ -179,15 +179,15 @@ struct my_con *db_mysql_new_connection(const struct db_id
*id)
#endif /* MYSQL_VERSION_ID */
#endif /* MARIADB_BASE_VERSION */
-#if(MYSQL_VERSION_ID < 50600)
+#ifdef MYSQL_OPT_SSL_CA
if(db_mysql_opt_ssl_ca)
mysql_options(
ptr->con, MYSQL_OPT_SSL_CA, (const void
*)db_mysql_opt_ssl_ca);
#else
- LM_DBG("opt_ssl_ca option not supported by mysql version (value %s:%d)
- "
+ LM_DBG("opt_ssl_ca option not supported by mysql version (value %s) - "
"ignoring\n",
- MYSQL_SERVER_VERSION, MYSQL_VERSION_ID);
-#endif /* MYSQL_VERSION_ID */
+ db_mysql_opt_ssl_ca);
+#endif /* MYSQL_OPT_SSL_CA */
#ifdef KSR_MYSQL_OPT_RECONNECT
/* set reconnect flag if enabled */
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:92cfedaa: db_mysql: fix check for enum MYSQL_OPT_SSL_CA for CentOS 7/5.5.x
Module: kamailio
Branch: master
Commit: 92cfedaaffb034db536f3bcf68695b433db92706
URL:
https://github.com/kamailio/kamailio/commit/92cfedaaffb034db536f3bcf68695b433db92706
Author: S-P Chan
Committer: S-P Chan
Date: 2024-07-09T10:53:07+08:00
db_mysql: fix check for enum MYSQL_OPT_SSL_CA for CentOS 7/5.5.x
- MYSQL_OPT_SSL_CA is an enum not a macro
- base check on MYSQL_VERSION_ID - 50568 used in CentOS 7
Addresses #3910
---
Modified: src/modules/db_mysql/km_my_con.c
---
Diff:
https://github.com/kamailio/kamailio/commit/92cfedaaffb034db536f3bcf68695b433db92706.diff
Patch:
https://github.com/kamailio/kamailio/commit/92cfedaaffb034db536f3bcf68695b433db92706.patch
---
diff --git a/src/modules/db_mysql/km_my_con.c b/src/modules/db_mysql/km_my_con.c
index 240d3f59a76..37508ce24c0 100644
--- a/src/modules/db_mysql/km_my_con.c
+++ b/src/modules/db_mysql/km_my_con.c
@@ -179,14 +179,14 @@ struct my_con *db_mysql_new_connection(const struct db_id
*id)
#endif /* MYSQL_VERSION_ID */
#endif /* MARIADB_BASE_VERSION */
-#ifdef MYSQL_OPT_SSL_CA
+#if(MYSQL_VERSION_ID >= 50600)
if(db_mysql_opt_ssl_ca)
mysql_options(
ptr->con, MYSQL_OPT_SSL_CA, (const void
*)db_mysql_opt_ssl_ca);
#else
- LM_DBG("opt_ssl_ca option not supported by mysql version (value %s) - "
+ LM_DBG("opt_ssl_ca option not supported by mysql version (value %d) - "
"ignoring\n",
- db_mysql_opt_ssl_ca);
+ MYSQL_VERSION_ID);
#endif /* MYSQL_OPT_SSL_CA */
#ifdef KSR_MYSQL_OPT_RECONNECT
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:5b2be5e2: db_mysql: fix check for enum MYSQL_OPT_SSL_CA for CentOS 7/5.5.x
Module: kamailio
Branch: master
Commit: 5b2be5e2c716ad8f8502b3be3db5194eb8474d39
URL:
https://github.com/kamailio/kamailio/commit/5b2be5e2c716ad8f8502b3be3db5194eb8474d39
Author: S-P Chan
Committer: S-P Chan
Date: 2024-07-09T10:38:44+08:00
db_mysql: fix check for enum MYSQL_OPT_SSL_CA for CentOS 7/5.5.x
- MYSQL_OPT_SSL_CA is an enum not a macro
- base check on MYSQL_VERSION_ID - 50568 used in CentOS 7
Addresses #3910
---
Modified: src/modules/db_mysql/km_my_con.c
---
Diff:
https://github.com/kamailio/kamailio/commit/5b2be5e2c716ad8f8502b3be3db5194eb8474d39.diff
Patch:
https://github.com/kamailio/kamailio/commit/5b2be5e2c716ad8f8502b3be3db5194eb8474d39.patch
---
diff --git a/src/modules/db_mysql/km_my_con.c b/src/modules/db_mysql/km_my_con.c
index 240d3f59a76..21ac5023c81 100644
--- a/src/modules/db_mysql/km_my_con.c
+++ b/src/modules/db_mysql/km_my_con.c
@@ -179,15 +179,15 @@ struct my_con *db_mysql_new_connection(const struct db_id
*id)
#endif /* MYSQL_VERSION_ID */
#endif /* MARIADB_BASE_VERSION */
-#ifdef MYSQL_OPT_SSL_CA
+#if(MYSQL_VERSION_ID < 50600)
if(db_mysql_opt_ssl_ca)
mysql_options(
ptr->con, MYSQL_OPT_SSL_CA, (const void
*)db_mysql_opt_ssl_ca);
#else
- LM_DBG("opt_ssl_ca option not supported by mysql version (value %s) - "
+ LM_DBG("opt_ssl_ca option not supported by mysql version (value %s:%d)
- "
"ignoring\n",
- db_mysql_opt_ssl_ca);
-#endif /* MYSQL_OPT_SSL_CA */
+ MYSQL_SERVER_VERSION, MYSQL_VERSION_ID);
+#endif /* MYSQL_VERSION_ID */
#ifdef KSR_MYSQL_OPT_RECONNECT
/* set reconnect flag if enabled */
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:77de8690: tls: document handling of thread-locals
Module: kamailio Branch: master Commit: 77de86909ac8c156335e1e789bb3067932f9eff5 URL: https://github.com/kamailio/kamailio/commit/77de86909ac8c156335e1e789bb3067932f9eff5 Author: S-P Chan Committer: S-P Chan Date: 2024-05-04T19:48:21+08:00 tls: document handling of thread-locals --- Added: src/modules/tls/OpenSSL3-README.md --- Diff: https://github.com/kamailio/kamailio/commit/77de86909ac8c156335e1e789bb3067932f9eff5.diff Patch: https://github.com/kamailio/kamailio/commit/77de86909ac8c156335e1e789bb3067932f9eff5.patch --- diff --git a/src/modules/tls/OpenSSL3-README.md b/src/modules/tls/OpenSSL3-README.md new file mode 100644 index 000..6b6a7814129 --- /dev/null +++ b/src/modules/tls/OpenSSL3-README.md @@ -0,0 +1,55 @@ +# OpenSSL 3 Developer Notes + +## Background + +OpenSSL since 1.1.1 uses thread-local storage. The OpenSSL internal API +is `CRYPTO_THREAD_set_local()` and it is implemented on Linux using `pthread_setspecific()`. + +In a new thread, the value of a thread-local variable is 0x0; the first access of this +variable by OpenSSL will allocate new dynamic memory. The implication for Kamailio is that +if such variables are initialized in rank 0, then all workers will reuse the same memory +location as Kamailio uses shared memory for OpenSSL. + +## OpenSSL 1.1.1 shmmem Corruption + +In OpenSSL 1.1.1 there are three variables that impact Kamailio: `private_drbg`, `public_drbg`, and +`err_thread_local`. The first two variables are circumvented by an early call to `RAND_set_rand_method()`. + +The third variable, i.e., `err_thread_local` is reused by all workers and leads to shmmem corruption +particularly with other users of OpenSSL such as libcurl, and db modules with TLS. + +Historically, since 2019, this was a low-impact bug due to use of static variables in the OpenSSL 1.1.1 +implementation. + + +## OpenSSL 3 shmmem Corruption + +In OpenSSL 3 there is one variable that impacts Kamailio: `err_thread_local`. + +OpenSSL 3 uses more dynamic memory to handle the error stack and shmmem corruption is easily +reproducible, even without libcurl or db modules. + +## Resolution + +This resolution uses non-portable internal knowledge of pthreads on Linux: that `pthread_key_t` +is a small integer, and that it is incremented when a new thread-local key is requested + +OpenSSL 3 uses 6 thread-locals, and OpenSSL 1.1.1 uses 4 thread-locals. + +The first attempt (5.8.0/5.8.1) to resolve this issue uses the following technique: +* `tls_threads_mode = 1`: for each function that might initialize OpenSSL, run it in + a temporary thread; this leaves the thread-local variables in rank 0, main thread at their + default value of 0x0 +* `tls_threads_mode = 2`: add an at-fork handler to set thread-local variables to 0x0. + The implementation will set thread-local keys from 0-15 to have value 0x0. + +Limitation: the limitation of this method is some libraries like libpython cannot be initialized +other than in the primary thread and they will initialize thread-locals. + +The revised method makes a few OpenSSL function calls so +that OpenSSL will initialize all required thread-locals, and the tls.so sets a high-water mark. +It is assumed that all `pthread_key_t` values at the high-water mark or greater are set +by non-OpenSSL libraries. During fork, tls.so will clear all thread-locals up to the high-water +mark. + + ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:d8907b62: tls: clear thread-local variables up to tls_pthreads_key_mark
Module: kamailio
Branch: 5.7
Commit: d8907b6290d37965d07ceaf30e6c06956a59c90a
URL:
https://github.com/kamailio/kamailio/commit/d8907b6290d37965d07ceaf30e6c06956a59c90a
Author: S-P Chan
Committer: S-P Chan
Date: 2024-05-04T19:35:23+08:00
tls: clear thread-local variables up to tls_pthreads_key_mark
- other libraries may set thread-locals via pthread_setspecific
- assume that tls_pthreads_key_mark demarcates libssl's values
- only clean thread-local values up to tls_pthreads_key_mark
Currently only used by app_python[s]
(cherry picked from commit fe6f4fcde2fa06a3c00479cef169c27dc32ae490)
---
Modified: src/modules/tls/tls_mod.c
Modified: src/modules/tls/tls_rand.h
---
Diff:
https://github.com/kamailio/kamailio/commit/d8907b6290d37965d07ceaf30e6c06956a59c90a.diff
Patch:
https://github.com/kamailio/kamailio/commit/d8907b6290d37965d07ceaf30e6c06956a59c90a.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index c2a3c8de271..524419dd854 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -343,9 +343,11 @@ static tls_domains_cfg_t* tls_use_modparams(void)
* is < 10
*
*/
+static int tls_pthreads_key_mark;
static void fork_child(void)
{
- for(int k = 0; k < 16; k++) {
+ int k;
+ for(k = 0; k < tls_pthreads_key_mark; k++) {
if(pthread_getspecific(k) != 0)
pthread_setspecific(k, 0x0);
}
@@ -355,6 +357,8 @@ static int mod_init(void)
{
int method;
int verify_client;
+ unsigned char rand_buf[32];
+ int k;
if(tls_disable) {
LM_WARN("tls support is disabled "
@@ -463,6 +467,23 @@ static int mod_init(void)
if(ksr_tls_threads_mode == 2) {
pthread_atfork(NULL, NULL, _child);
}
+
+#if OPENSSL_VERSION_NUMBER >= 0x010101000L
+ /*
+* force creation of all thread-locals now so that other libraries
+* that use pthread_key_create(), e.g. python,
+* will have larger key values
+*/
+ if(ksr_tls_threads_mode > 0) {
+ ERR_clear_error();
+ RAND_bytes(rand_buf, sizeof(rand_buf));
+ for(k = 0; k < 32; k++) {
+ if(pthread_getspecific(k))
+ tls_pthreads_key_mark = k + 1;
+ }
+ LM_WARN("set maximum pthreads key to %d\n",
tls_pthreads_key_mark);
+ }
+#endif
return 0;
error:
tls_h_mod_destroy_f();
@@ -499,6 +520,7 @@ static int mod_child_hook(int *rank, void *dummy)
if(tls_fix_domains_cfg(*tls_domains_cfg, _params,
_params) < 0)
return -1;
}
+
return 0;
}
@@ -508,6 +530,8 @@ static OSSL_LIB_CTX *new_ctx;
#endif
static int mod_child(int rank)
{
+ int k;
+
if(tls_disable || (tls_domains_cfg == 0))
return 0;
@@ -519,6 +543,13 @@ static int mod_child(int rank)
return run_thread4PP((_thread_proto4PP)mod_child_hook, ,
NULL);
}
+ if(ksr_tls_threads_mode == 1 && rank && rank != PROC_INIT
+ && rank != PROC_POSTCHILDINIT) {
+ for(k = 0; k < tls_pthreads_key_mark; k++)
+ pthread_setspecific(k, 0x0);
+ LM_WARN("clean-up of thread-locals key < %d\n",
tls_pthreads_key_mark);
+ }
+
#ifdef KSR_SSL_COMMON
/*
* after the child is fork()ed we go through the TLS domains
diff --git a/src/modules/tls/tls_rand.h b/src/modules/tls/tls_rand.h
index 58ddc853acd..7bbcf3a628c 100644
--- a/src/modules/tls/tls_rand.h
+++ b/src/modules/tls/tls_rand.h
@@ -21,10 +21,10 @@
#define _TLS_RAND_H_
#include
+#include
#if OPENSSL_VERSION_NUMBER >= 0x1010L \
&& OPENSSL_VERSION_NUMBER < 0x03000L
-#include
const RAND_METHOD *RAND_ksr_krand_method(void);
const RAND_METHOD *RAND_ksr_fastrand_method(void);
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:cafe437d: tls: clear thread-local variables up to tls_pthreads_key_mark
Module: kamailio
Branch: 5.8
Commit: cafe437dcb637b0e571a2d2ffd04d911584404d9
URL:
https://github.com/kamailio/kamailio/commit/cafe437dcb637b0e571a2d2ffd04d911584404d9
Author: S-P Chan
Committer: S-P Chan
Date: 2024-04-29T21:27:38+08:00
tls: clear thread-local variables up to tls_pthreads_key_mark
- other libraries may set thread-locals via pthread_setspecific
- assume that tls_pthreads_key_mark demarcates libssl's values
- only clean thread-local values up to tls_pthreads_key_mark
Currently only used by app_python[s]
(cherry picked from commit fe6f4fcde2fa06a3c00479cef169c27dc32ae490)
---
Modified: src/modules/tls/tls_mod.c
Modified: src/modules/tls/tls_rand.h
---
Diff:
https://github.com/kamailio/kamailio/commit/cafe437dcb637b0e571a2d2ffd04d911584404d9.diff
Patch:
https://github.com/kamailio/kamailio/commit/cafe437dcb637b0e571a2d2ffd04d911584404d9.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 83b86d99d58..baa1a7c76d1 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -343,10 +343,11 @@ static tls_domains_cfg_t* tls_use_modparams(void)
* is < 10
*
*/
+static int tls_pthreads_key_mark;
static void fork_child(void)
{
- int k = 0;
- for(k = 0; k < 16; k++) {
+ int k;
+ for(k = 0; k < tls_pthreads_key_mark; k++) {
if(pthread_getspecific(k) != 0)
pthread_setspecific(k, 0x0);
}
@@ -356,6 +357,8 @@ static int mod_init(void)
{
int method;
int verify_client;
+ unsigned char rand_buf[32];
+ int k;
if(tls_disable) {
LM_WARN("tls support is disabled "
@@ -464,6 +467,23 @@ static int mod_init(void)
if(ksr_tls_threads_mode == 2) {
pthread_atfork(NULL, NULL, _child);
}
+
+#if OPENSSL_VERSION_NUMBER >= 0x010101000L
+ /*
+* force creation of all thread-locals now so that other libraries
+* that use pthread_key_create(), e.g. python,
+* will have larger key values
+*/
+ if(ksr_tls_threads_mode > 0) {
+ ERR_clear_error();
+ RAND_bytes(rand_buf, sizeof(rand_buf));
+ for(k = 0; k < 32; k++) {
+ if(pthread_getspecific(k))
+ tls_pthreads_key_mark = k + 1;
+ }
+ LM_WARN("set maximum pthreads key to %d\n",
tls_pthreads_key_mark);
+ }
+#endif
return 0;
error:
tls_h_mod_destroy_f();
@@ -500,6 +520,7 @@ static int mod_child_hook(int *rank, void *dummy)
if(tls_fix_domains_cfg(*tls_domains_cfg, _params,
_params) < 0)
return -1;
}
+
return 0;
}
@@ -509,17 +530,26 @@ static OSSL_LIB_CTX *new_ctx;
#endif
static int mod_child(int rank)
{
+ int k;
+
if(tls_disable || (tls_domains_cfg == 0))
return 0;
/*
- * OpenSSL 3.x/1.1.1: create shared SSL_CTX* in thread executor
- * to avoid init of libssl in thread#1: ksr_tls_threads_mode = 1
- */
+* OpenSSL 3.x/1.1.1: create shared SSL_CTX* in thread executor
+* to avoid init of libssl in thread#1: ksr_tls_threads_mode = 1
+*/
if(rank == PROC_INIT) {
return run_thread4PP((_thread_proto4PP)mod_child_hook, ,
NULL);
}
+ if(ksr_tls_threads_mode == 1 && rank && rank != PROC_INIT
+ && rank != PROC_POSTCHILDINIT) {
+ for(k = 0; k < tls_pthreads_key_mark; k++)
+ pthread_setspecific(k, 0x0);
+ LM_WARN("clean-up of thread-locals key < %d\n",
tls_pthreads_key_mark);
+ }
+
#ifdef KSR_SSL_COMMON
/*
* after the child is fork()ed we go through the TLS domains
diff --git a/src/modules/tls/tls_rand.h b/src/modules/tls/tls_rand.h
index 58ddc853acd..7bbcf3a628c 100644
--- a/src/modules/tls/tls_rand.h
+++ b/src/modules/tls/tls_rand.h
@@ -21,10 +21,10 @@
#define _TLS_RAND_H_
#include
+#include
#if OPENSSL_VERSION_NUMBER >= 0x1010L \
&& OPENSSL_VERSION_NUMBER < 0x03000L
-#include
const RAND_METHOD *RAND_ksr_krand_method(void);
const RAND_METHOD *RAND_ksr_fastrand_method(void);
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:fe6f4fcd: tls: clear thread-local variables up to tls_pthreads_key_mark
Module: kamailio
Branch: master
Commit: fe6f4fcde2fa06a3c00479cef169c27dc32ae490
URL:
https://github.com/kamailio/kamailio/commit/fe6f4fcde2fa06a3c00479cef169c27dc32ae490
Author: S-P Chan
Committer: S-P Chan
Date: 2024-04-29T21:20:20+08:00
tls: clear thread-local variables up to tls_pthreads_key_mark
- other libraries may set thread-locals via pthread_setspecific
- assume that tls_pthreads_key_mark demarcates libssl's values
- only clean thread-local values up to tls_pthreads_key_mark
Currently only used by app_python[s]
---
Modified: src/modules/tls/tls_mod.c
Modified: src/modules/tls/tls_rand.h
---
Diff:
https://github.com/kamailio/kamailio/commit/fe6f4fcde2fa06a3c00479cef169c27dc32ae490.diff
Patch:
https://github.com/kamailio/kamailio/commit/fe6f4fcde2fa06a3c00479cef169c27dc32ae490.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 83b86d99d58..baa1a7c76d1 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -343,10 +343,11 @@ static tls_domains_cfg_t* tls_use_modparams(void)
* is < 10
*
*/
+static int tls_pthreads_key_mark;
static void fork_child(void)
{
- int k = 0;
- for(k = 0; k < 16; k++) {
+ int k;
+ for(k = 0; k < tls_pthreads_key_mark; k++) {
if(pthread_getspecific(k) != 0)
pthread_setspecific(k, 0x0);
}
@@ -356,6 +357,8 @@ static int mod_init(void)
{
int method;
int verify_client;
+ unsigned char rand_buf[32];
+ int k;
if(tls_disable) {
LM_WARN("tls support is disabled "
@@ -464,6 +467,23 @@ static int mod_init(void)
if(ksr_tls_threads_mode == 2) {
pthread_atfork(NULL, NULL, _child);
}
+
+#if OPENSSL_VERSION_NUMBER >= 0x010101000L
+ /*
+* force creation of all thread-locals now so that other libraries
+* that use pthread_key_create(), e.g. python,
+* will have larger key values
+*/
+ if(ksr_tls_threads_mode > 0) {
+ ERR_clear_error();
+ RAND_bytes(rand_buf, sizeof(rand_buf));
+ for(k = 0; k < 32; k++) {
+ if(pthread_getspecific(k))
+ tls_pthreads_key_mark = k + 1;
+ }
+ LM_WARN("set maximum pthreads key to %d\n",
tls_pthreads_key_mark);
+ }
+#endif
return 0;
error:
tls_h_mod_destroy_f();
@@ -500,6 +520,7 @@ static int mod_child_hook(int *rank, void *dummy)
if(tls_fix_domains_cfg(*tls_domains_cfg, _params,
_params) < 0)
return -1;
}
+
return 0;
}
@@ -509,17 +530,26 @@ static OSSL_LIB_CTX *new_ctx;
#endif
static int mod_child(int rank)
{
+ int k;
+
if(tls_disable || (tls_domains_cfg == 0))
return 0;
/*
- * OpenSSL 3.x/1.1.1: create shared SSL_CTX* in thread executor
- * to avoid init of libssl in thread#1: ksr_tls_threads_mode = 1
- */
+* OpenSSL 3.x/1.1.1: create shared SSL_CTX* in thread executor
+* to avoid init of libssl in thread#1: ksr_tls_threads_mode = 1
+*/
if(rank == PROC_INIT) {
return run_thread4PP((_thread_proto4PP)mod_child_hook, ,
NULL);
}
+ if(ksr_tls_threads_mode == 1 && rank && rank != PROC_INIT
+ && rank != PROC_POSTCHILDINIT) {
+ for(k = 0; k < tls_pthreads_key_mark; k++)
+ pthread_setspecific(k, 0x0);
+ LM_WARN("clean-up of thread-locals key < %d\n",
tls_pthreads_key_mark);
+ }
+
#ifdef KSR_SSL_COMMON
/*
* after the child is fork()ed we go through the TLS domains
diff --git a/src/modules/tls/tls_rand.h b/src/modules/tls/tls_rand.h
index 58ddc853acd..7bbcf3a628c 100644
--- a/src/modules/tls/tls_rand.h
+++ b/src/modules/tls/tls_rand.h
@@ -21,10 +21,10 @@
#define _TLS_RAND_H_
#include
+#include
#if OPENSSL_VERSION_NUMBER >= 0x1010L \
&& OPENSSL_VERSION_NUMBER < 0x03000L
-#include
const RAND_METHOD *RAND_ksr_krand_method(void);
const RAND_METHOD *RAND_ksr_fastrand_method(void);
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.6:3d642314: tls: revert commit a08562b2e56c89900220b7ed15c9ccd12655d9a6
Module: kamailio
Branch: 5.6
Commit: 3d6423140a864b83e61dbc8e662c8fd53ecb9bb3
URL:
https://github.com/kamailio/kamailio/commit/3d6423140a864b83e61dbc8e662c8fd53ecb9bb3
Author: S-P Chan
Committer: S-P Chan
Date: 2024-03-24T08:27:43+08:00
tls: revert commit a08562b2e56c89900220b7ed15c9ccd12655d9a6
- GH#3791: users of tls.so on systems that provide only
libssl3 (e.g. bookworm) are advised to try >= 5.8.0
---
Modified: src/modules/tls/tls_mod.c
---
Diff:
https://github.com/kamailio/kamailio/commit/3d6423140a864b83e61dbc8e662c8fd53ecb9bb3.diff
Patch:
https://github.com/kamailio/kamailio/commit/3d6423140a864b83e61dbc8e662c8fd53ecb9bb3.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 3805accf70a..499a9a77aea 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -306,17 +306,6 @@ static tls_domains_cfg_t* tls_use_modparams(void)
}
#endif
-/* unconditionally perform thread-local clean-up
- * especially needed with libssl3 uses
- * (bookworm/jammy/noble/el9)
- */
-static void fork_child(void)
-{
-for(int k = 0; k < 16; k++) {
-if(pthread_getspecific(k) != 0)
-pthread_setspecific(k, 0x0);
-}
-}
static int mod_init(void)
{
@@ -418,9 +407,6 @@ static int mod_init(void)
if(sr_tls_event_callback.s == NULL || sr_tls_event_callback.len <= 0) {
tls_lookup_event_routes();
}
-/* minimal fix for libssl 1.1.1/3.x uses
- */
-pthread_atfork(NULL, NULL, _child);
return 0;
error:
tls_h_mod_destroy_f();
@@ -649,6 +635,11 @@ int mod_register(char *path, int *dlflags, void *p1, void
*p2)
register_tls_hooks(_h);
+#if OPENSSL_VERSION_NUMBER >= 0x1010L
+ LM_DBG("setting cryptorand random engine\n");
+ RAND_set_rand_method(RAND_ksr_cryptorand_method());
+#endif
+
sr_kemi_modules_add(sr_kemi_tls_exports);
return 0;
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.6:a08562b2: tls: force thread-locals clean-up for libssl3
Module: kamailio
Branch: 5.6
Commit: a08562b2e56c89900220b7ed15c9ccd12655d9a6
URL:
https://github.com/kamailio/kamailio/commit/a08562b2e56c89900220b7ed15c9ccd12655d9a6
Author: S-P Chan
Committer: S-P Chan
Date: 2024-03-23T21:38:18+08:00
tls: force thread-locals clean-up for libssl3
- minimal thread-locals patch as 5.6.x is packaged for distros
that use libssl3 GH#3791
- simplified version of tls rework in 5.8.x
---
Modified: src/modules/tls/tls_mod.c
---
Diff:
https://github.com/kamailio/kamailio/commit/a08562b2e56c89900220b7ed15c9ccd12655d9a6.diff
Patch:
https://github.com/kamailio/kamailio/commit/a08562b2e56c89900220b7ed15c9ccd12655d9a6.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 499a9a77aea..3805accf70a 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -306,6 +306,17 @@ static tls_domains_cfg_t* tls_use_modparams(void)
}
#endif
+/* unconditionally perform thread-local clean-up
+ * especially needed with libssl3 uses
+ * (bookworm/jammy/noble/el9)
+ */
+static void fork_child(void)
+{
+for(int k = 0; k < 16; k++) {
+if(pthread_getspecific(k) != 0)
+pthread_setspecific(k, 0x0);
+}
+}
static int mod_init(void)
{
@@ -407,6 +418,9 @@ static int mod_init(void)
if(sr_tls_event_callback.s == NULL || sr_tls_event_callback.len <= 0) {
tls_lookup_event_routes();
}
+/* minimal fix for libssl 1.1.1/3.x uses
+ */
+pthread_atfork(NULL, NULL, _child);
return 0;
error:
tls_h_mod_destroy_f();
@@ -635,11 +649,6 @@ int mod_register(char *path, int *dlflags, void *p1, void
*p2)
register_tls_hooks(_h);
-#if OPENSSL_VERSION_NUMBER >= 0x1010L
- LM_DBG("setting cryptorand random engine\n");
- RAND_set_rand_method(RAND_ksr_cryptorand_method());
-#endif
-
sr_kemi_modules_add(sr_kemi_tls_exports);
return 0;
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:af524f5b: tlsa: removed the map files used in the past for tls engine
Module: kamailio Branch: 5.7 Commit: af524f5b2b2fa3de4aa4e198bf3a9f0feff04e17 URL: https://github.com/kamailio/kamailio/commit/af524f5b2b2fa3de4aa4e198bf3a9f0feff04e17 Author: Daniel-Constantin Mierla Committer: S-P Chan Date: 2024-03-23T21:06:43+08:00 tlsa: removed the map files used in the past for tls engine - sync with code of tls module --- Removed: src/modules/tlsa/tls_map.c Removed: src/modules/tlsa/tls_map.h --- Diff: https://github.com/kamailio/kamailio/commit/af524f5b2b2fa3de4aa4e198bf3a9f0feff04e17.diff Patch: https://github.com/kamailio/kamailio/commit/af524f5b2b2fa3de4aa4e198bf3a9f0feff04e17.patch --- diff --git a/src/modules/tlsa/tls_map.c b/src/modules/tlsa/tls_map.c deleted file mode 100644 index ad799b5cdff..000 --- a/src/modules/tlsa/tls_map.c +++ /dev/null @@ -1,27 +0,0 @@ -/** - * Copyright (C) 2021 Daniel-Constantin Mierla (asipto.com) - * - * This file is part of Kamailio, a free SIP server. - * - * This file is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version - * - * - * This file is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - * - */ - -/** - * THIS FILE IS GENERATED - DO NOT MODIFY IT - */ - -#include "../tls/tls_map.c" diff --git a/src/modules/tlsa/tls_map.h b/src/modules/tlsa/tls_map.h deleted file mode 100644 index 96705a7f7fa..000 --- a/src/modules/tlsa/tls_map.h +++ /dev/null @@ -1,27 +0,0 @@ -/** - * Copyright (C) 2021 Daniel-Constantin Mierla (asipto.com) - * - * This file is part of Kamailio, a free SIP server. - * - * This file is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version - * - * - * This file is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - * - */ - -/** - * THIS FILE IS GENERATED - DO NOT MODIFY IT - */ - -#include "../tls/tls_map.h" ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:d20df6fb: core/rthreads.h: add new option tls_threads_mode = 2
Module: kamailio
Branch: 5.7
Commit: d20df6fb372ab4da0dd5e6f277b08345059c2be5
URL:
https://github.com/kamailio/kamailio/commit/d20df6fb372ab4da0dd5e6f277b08345059c2be5
Author: S-P Chan
Committer: S-P Chan
Date: 2024-03-23T21:09:14+08:00
core/rthreads.h: add new option tls_threads_mode = 2
- add global handling of thread-locals with
tls_threads_mode = 2
- this will run a pthread_atfork handler to reset
all thread-locals to 0x0
- alternative solution to running functions
in thread executors
- requires tls.so to be loaded to be effective
(cherry picked from commit e7f040f219b46592081a6053b4ed1ae0d0552b1a)
---
Modified: src/core/rthreads.h
---
Diff:
https://github.com/kamailio/kamailio/commit/d20df6fb372ab4da0dd5e6f277b08345059c2be5.diff
Patch:
https://github.com/kamailio/kamailio/commit/d20df6fb372ab4da0dd5e6f277b08345059c2be5.patch
---
diff --git a/src/core/rthreads.h b/src/core/rthreads.h
index 0f4f0cf8b8a..6fee4d0b407 100644
--- a/src/core/rthreads.h
+++ b/src/core/rthreads.h
@@ -40,7 +40,7 @@ static void *run_threadP(_thread_proto fn, void *arg)
pthread_t tid;
void *ret;
- if(likely(ksr_tls_threads_mode == 0
+ if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2
|| (ksr_tls_threads_mode == 1 && process_no > 0))) {
return fn(arg);
}
@@ -77,7 +77,7 @@ static void *run_threadPI(_thread_protoPI fn, void *arg1, int
arg2)
pthread_t tid;
void *ret;
- if(likely(ksr_tls_threads_mode == 0
+ if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2
|| (ksr_tls_threads_mode == 1 && process_no > 0))) {
return fn(arg1, arg2);
}
@@ -113,7 +113,7 @@ static void run_threadV(_thread_protoV fn)
#ifdef USE_TLS
pthread_t tid;
- if(likely(ksr_tls_threads_mode == 0
+ if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2
|| (ksr_tls_threads_mode == 1 && process_no > 0))) {
fn();
return;
@@ -152,7 +152,7 @@ static int run_thread4PP(_thread_proto4PP fn, void *arg1,
void *arg2)
pthread_t tid;
int ret;
- if(likely(ksr_tls_threads_mode == 0
+ if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2
|| (ksr_tls_threads_mode == 1 && process_no > 0))) {
return fn(arg1, arg2);
}
@@ -188,7 +188,7 @@ static void run_thread0P(_thread_proto0P fn, void *arg1)
#ifdef USE_TLS
pthread_t tid;
- if(likely(ksr_tls_threads_mode == 0
+ if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2
|| (ksr_tls_threads_mode == 1 && process_no > 0))) {
fn(arg1);
return;
@@ -240,7 +240,7 @@ static int run_thread4P5I2P2(_thread_proto4P5I2P2 fn, void
*arg1, void *arg2,
pthread_t tid;
int ret;
- if(likely(ksr_tls_threads_mode == 0
+ if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2
|| (ksr_tls_threads_mode == 1 && process_no > 0))) {
return fn(arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8, arg9);
}
@@ -278,7 +278,7 @@ static int run_thread4L(_thread_proto4L fn, long arg1)
pthread_t tid;
int ret;
- if(likely(ksr_tls_threads_mode == 0
+ if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2
|| (ksr_tls_threads_mode == 1 && process_no > 0))) {
return fn(arg1);
}
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:88429b9e: tls: remove unused ENGINE define
Module: kamailio Branch: 5.7 Commit: 88429b9e3546864845fb1a3c2ce5263620b51c58 URL: https://github.com/kamailio/kamailio/commit/88429b9e3546864845fb1a3c2ce5263620b51c58 Author: S-P Chan Committer: S-P Chan Date: 2024-03-23T21:06:43+08:00 tls: remove unused ENGINE define --- Modified: src/modules/tls/tls_server.c --- Diff: https://github.com/kamailio/kamailio/commit/88429b9e3546864845fb1a3c2ce5263620b51c58.diff Patch: https://github.com/kamailio/kamailio/commit/88429b9e3546864845fb1a3c2ce5263620b51c58.patch --- diff --git a/src/modules/tls/tls_server.c b/src/modules/tls/tls_server.c index 3e22ec42712..3bfea131cf2 100644 --- a/src/modules/tls/tls_server.c +++ b/src/modules/tls/tls_server.c @@ -128,11 +128,6 @@ int tls_run_event_routes(struct tcp_connection *c); #endif /* __SUNPRO_c */ #endif /* TLS_RD_DEBUG */ -/* only OpenSSL <= 1.1.1 */ -#if !defined(OPENSSL_NO_ENGINE) && OPENSSL_VERSION_NUMBER < 0x03000L -#define KSR_SSL_ENGINE -#endif - extern str sr_tls_xavp_cfg; static str _ksr_tls_connect_server_id = STR_NULL; ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:cf764b49: tls: new option tls_threads_mode = 2
Module: kamailio
Branch: 5.7
Commit: cf764b499fbc3f28f7ed080b488e0e8111687cf8
URL:
https://github.com/kamailio/kamailio/commit/cf764b499fbc3f28f7ed080b488e0e8111687cf8
Author: S-P Chan
Committer: S-P Chan
Date: 2024-03-23T21:09:14+08:00
tls: new option tls_threads_mode = 2
- use pthread_atfork to force all thread-locals
to 0x0 after fork()
(cherry picked from commit 464299c202f3ba963aed821b777075397e843856)
---
Modified: src/modules/tls/tls_mod.c
---
Diff:
https://github.com/kamailio/kamailio/commit/cf764b499fbc3f28f7ed080b488e0e8111687cf8.diff
Patch:
https://github.com/kamailio/kamailio/commit/cf764b499fbc3f28f7ed080b488e0e8111687cf8.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index c34c9933b1d..51e88bed51f 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -337,6 +337,20 @@ static tls_domains_cfg_t* tls_use_modparams(void)
}
#endif
+/* global config tls_threads_mode = 2
+ * - force all thread-locals to be 0x0 after fork()
+ * - with OpenSSL loaded the largest value observed
+ * is < 10
+ *
+ */
+static void fork_child(void)
+{
+ for(int k = 0; k < 16; k++) {
+ if(pthread_getspecific(k) != 0)
+ pthread_setspecific(k, 0x0);
+ }
+}
+
static int mod_init(void)
{
int method;
@@ -446,6 +460,9 @@ static int mod_init(void)
ksr_module_set_flag(KSRMOD_FLAG_POSTCHILDINIT);
}
#endif
+ if(ksr_tls_threads_mode == 2) {
+ pthread_atfork(NULL, NULL, _child);
+ }
return 0;
error:
tls_h_mod_destroy_f();
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:4b206bcc: tls: make explicit ENGINE deprecation in OpenSSL 3
Module: kamailio Branch: 5.7 Commit: 4b206bccc0ed46aac876921009d2884eb868075c URL: https://github.com/kamailio/kamailio/commit/4b206bccc0ed46aac876921009d2884eb868075c Author: S-P Chan Committer: S-P Chan Date: 2024-03-23T21:06:43+08:00 tls: make explicit ENGINE deprecation in OpenSSL 3 --- Modified: src/modules/tls/tls_domain.c Modified: src/modules/tls/tls_mod.c Modified: src/modules/tls/tls_server.c --- Diff: https://github.com/kamailio/kamailio/commit/4b206bccc0ed46aac876921009d2884eb868075c.diff Patch: https://github.com/kamailio/kamailio/commit/4b206bccc0ed46aac876921009d2884eb868075c.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:957c8005: tls: clean-up of ENGINE
Module: kamailio Branch: 5.7 Commit: 957c8005d2a97207debf1d3e782c1df5de70d487 URL: https://github.com/kamailio/kamailio/commit/957c8005d2a97207debf1d3e782c1df5de70d487 Author: S-P Chan Committer: S-P Chan Date: 2024-03-23T21:06:43+08:00 tls: clean-up of ENGINE - remove tls_map.* - not needed anymore - install an ENGINE in each worker SSL_CTX no need to replicate to all processes --- Modified: src/modules/tls/tls_domain.c Modified: src/modules/tls/tls_server.c Removed: src/modules/tls/tls_map.c Removed: src/modules/tls/tls_map.h --- Diff: https://github.com/kamailio/kamailio/commit/957c8005d2a97207debf1d3e782c1df5de70d487.diff Patch: https://github.com/kamailio/kamailio/commit/957c8005d2a97207debf1d3e782c1df5de70d487.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:d03d5fdf: tls: NULL safety check
Module: kamailio
Branch: 5.7
Commit: d03d5fdf2b6a29e783738a6ea98c35725826d9ed
URL:
https://github.com/kamailio/kamailio/commit/d03d5fdf2b6a29e783738a6ea98c35725826d9ed
Author: S-P Chan
Committer: S-P Chan
Date: 2024-03-23T21:09:14+08:00
tls: NULL safety check
(cherry picked from commit f6f9d90ada963b53b6552e1a172b8f2fd021c33b)
---
Modified: src/modules/tls/tls_mod.c
---
Diff:
https://github.com/kamailio/kamailio/commit/d03d5fdf2b6a29e783738a6ea98c35725826d9ed.diff
Patch:
https://github.com/kamailio/kamailio/commit/d03d5fdf2b6a29e783738a6ea98c35725826d9ed.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 51e88bed51f..c2a3c8de271 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -871,6 +871,8 @@ EVP_PKEY *tls_engine_private_key(const char *key_id)
while(!(OSSL_STORE_eof(ctx))) {
OSSL_STORE_INFO *info = OSSL_STORE_load(ctx);
+ if(info == NULL)
+ continue;
int type;
type = OSSL_STORE_INFO_get_type(info);
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:caa24125: etc/kamailio.cfg: document tls_threads_mode = 2 to use atfork handler
Module: kamailio Branch: 5.7 Commit: caa2412507586329b7b97685203fd8bd54cd2691 URL: https://github.com/kamailio/kamailio/commit/caa2412507586329b7b97685203fd8bd54cd2691 Author: S-P Chan Committer: S-P Chan Date: 2024-03-23T21:09:14+08:00 etc/kamailio.cfg: document tls_threads_mode = 2 to use atfork handler (cherry picked from commit 5b4926b04ba0fcd8f65f5709789abd83181a381a) --- Modified: etc/kamailio.cfg --- Diff: https://github.com/kamailio/kamailio/commit/caa2412507586329b7b97685203fd8bd54cd2691.diff Patch: https://github.com/kamailio/kamailio/commit/caa2412507586329b7b97685203fd8bd54cd2691.patch --- diff --git a/etc/kamailio.cfg b/etc/kamailio.cfg index a95a652b935..bf456f396fa 100755 --- a/etc/kamailio.cfg +++ b/etc/kamailio.cfg @@ -224,8 +224,9 @@ tls_max_connections=2048 /* For OpenSSL 3 integration * functions calling libssl3 can be invoked in a transient thread * 0: disable threaded calls - * 1: use threads for process#0 only - * 2: use threads for all processes */ + * 1: use thread executors for process#0 only + * 2: no thread executors, but use atfork handler to reset thread-locals to NULL + * 3: use thread executors for all processes */ tls_threads_mode=1 #!endif ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:822960b0: tls: basic OpenSSL 3 support of provider keys (replaces ENGINE)
Module: kamailio Branch: 5.7 Commit: 822960b0e869b5fce093f708daf65b9f4b4c47f8 URL: https://github.com/kamailio/kamailio/commit/822960b0e869b5fce093f708daf65b9f4b4c47f8 Author: S-P Chan Committer: S-P Chan Date: 2024-03-23T21:09:14+08:00 tls: basic OpenSSL 3 support of provider keys (replaces ENGINE) - initial support for v3 provider keys (replaces ENGINE from v1.1.1) - can be disabled behind build flag -DOPENSSL_NO_PROVIDER - provider keys start with /uri: e.g private_key = /uri:pkcs11:token=NSS%20Certificate%20DB;type=private;object=Fork-Test-c67cc0e0 - global config: provider_quirks: 0 | 1 - 0 - default - 1 - create a new OSS_LIB_CTX* in the child This integration does not load any providers itself and depends on the usual export OPENSSL_CONF=my-openssl.cnf to configure providers. (cherry picked from commit 69883dd381368ca219cc52140e71d571775f95d5) --- Modified: src/modules/tls/tls_domain.c Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/822960b0e869b5fce093f708daf65b9f4b4c47f8.diff Patch: https://github.com/kamailio/kamailio/commit/822960b0e869b5fce093f708daf65b9f4b4c47f8.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:dae15377: tls: NULL safety check
Module: kamailio
Branch: 5.8
Commit: dae15377dac1b019f2278baca208162154d5a7ad
URL:
https://github.com/kamailio/kamailio/commit/dae15377dac1b019f2278baca208162154d5a7ad
Author: S-P Chan
Committer: S-P Chan
Date: 2024-03-05T10:01:03+08:00
tls: NULL safety check
(cherry picked from commit f6f9d90ada963b53b6552e1a172b8f2fd021c33b)
---
Modified: src/modules/tls/tls_mod.c
---
Diff:
https://github.com/kamailio/kamailio/commit/dae15377dac1b019f2278baca208162154d5a7ad.diff
Patch:
https://github.com/kamailio/kamailio/commit/dae15377dac1b019f2278baca208162154d5a7ad.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 6dfde00c93a..b4a2afb7818 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -871,6 +871,8 @@ EVP_PKEY *tls_engine_private_key(const char *key_id)
while(!(OSSL_STORE_eof(ctx))) {
OSSL_STORE_INFO *info = OSSL_STORE_load(ctx);
+ if(info == NULL)
+ continue;
int type;
type = OSSL_STORE_INFO_get_type(info);
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:f6f9d90a: tls: NULL safety check
Module: kamailio
Branch: master
Commit: f6f9d90ada963b53b6552e1a172b8f2fd021c33b
URL:
https://github.com/kamailio/kamailio/commit/f6f9d90ada963b53b6552e1a172b8f2fd021c33b
Author: S-P Chan
Committer: S-P Chan
Date: 2024-03-05T09:59:41+08:00
tls: NULL safety check
---
Modified: src/modules/tls/tls_mod.c
---
Diff:
https://github.com/kamailio/kamailio/commit/f6f9d90ada963b53b6552e1a172b8f2fd021c33b.diff
Patch:
https://github.com/kamailio/kamailio/commit/f6f9d90ada963b53b6552e1a172b8f2fd021c33b.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 6dfde00c93a..b4a2afb7818 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -871,6 +871,8 @@ EVP_PKEY *tls_engine_private_key(const char *key_id)
while(!(OSSL_STORE_eof(ctx))) {
OSSL_STORE_INFO *info = OSSL_STORE_load(ctx);
+ if(info == NULL)
+ continue;
int type;
type = OSSL_STORE_INFO_get_type(info);
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:56aeb072: etc/kamailio.cfg: document tls_threads_mode = 2 to use atfork handler
Module: kamailio Branch: 5.8 Commit: 56aeb0723562409aa97098e51c602bcddc8b6789 URL: https://github.com/kamailio/kamailio/commit/56aeb0723562409aa97098e51c602bcddc8b6789 Author: S-P Chan Committer: S-P Chan Date: 2024-03-05T06:48:35+08:00 etc/kamailio.cfg: document tls_threads_mode = 2 to use atfork handler (cherry picked from commit 5b4926b04ba0fcd8f65f5709789abd83181a381a) --- Modified: etc/kamailio.cfg --- Diff: https://github.com/kamailio/kamailio/commit/56aeb0723562409aa97098e51c602bcddc8b6789.diff Patch: https://github.com/kamailio/kamailio/commit/56aeb0723562409aa97098e51c602bcddc8b6789.patch --- diff --git a/etc/kamailio.cfg b/etc/kamailio.cfg index 2d68f7692e1..3f9a5fe793f 100755 --- a/etc/kamailio.cfg +++ b/etc/kamailio.cfg @@ -224,8 +224,9 @@ tls_max_connections=2048 /* For OpenSSL 3 integration * functions calling libssl3 can be invoked in a transient thread * 0: disable threaded calls - * 1: use threads for process#0 only - * 2: use threads for all processes */ + * 1: use thread executors for process#0 only + * 2: no thread executors, but use atfork handler to reset thread-locals to NULL + * 3: use thread executors for all processes */ tls_threads_mode=1 #!endif ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:5b4926b0: etc/kamailio.cfg: document tls_threads_mode = 2 to use atfork handler
Module: kamailio Branch: master Commit: 5b4926b04ba0fcd8f65f5709789abd83181a381a URL: https://github.com/kamailio/kamailio/commit/5b4926b04ba0fcd8f65f5709789abd83181a381a Author: S-P Chan Committer: S-P Chan Date: 2024-03-05T06:47:24+08:00 etc/kamailio.cfg: document tls_threads_mode = 2 to use atfork handler --- Modified: etc/kamailio.cfg --- Diff: https://github.com/kamailio/kamailio/commit/5b4926b04ba0fcd8f65f5709789abd83181a381a.diff Patch: https://github.com/kamailio/kamailio/commit/5b4926b04ba0fcd8f65f5709789abd83181a381a.patch --- diff --git a/etc/kamailio.cfg b/etc/kamailio.cfg index 2d68f7692e1..3f9a5fe793f 100755 --- a/etc/kamailio.cfg +++ b/etc/kamailio.cfg @@ -224,8 +224,9 @@ tls_max_connections=2048 /* For OpenSSL 3 integration * functions calling libssl3 can be invoked in a transient thread * 0: disable threaded calls - * 1: use threads for process#0 only - * 2: use threads for all processes */ + * 1: use thread executors for process#0 only + * 2: no thread executors, but use atfork handler to reset thread-locals to NULL + * 3: use thread executors for all processes */ tls_threads_mode=1 #!endif ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:e7f040f2: core/rthreads.h: add new option tls_threads_mode = 2
Module: kamailio
Branch: master
Commit: e7f040f219b46592081a6053b4ed1ae0d0552b1a
URL:
https://github.com/kamailio/kamailio/commit/e7f040f219b46592081a6053b4ed1ae0d0552b1a
Author: S-P Chan
Committer: S-P Chan
Date: 2024-03-04T22:00:38+08:00
core/rthreads.h: add new option tls_threads_mode = 2
- add global handling of thread-locals with
tls_threads_mode = 2
- this will run a pthread_atfork handler to reset
all thread-locals to 0x0
- alternative solution to running functions
in thread executors
- requires tls.so to be loaded to be effective
---
Modified: src/core/rthreads.h
---
Diff:
https://github.com/kamailio/kamailio/commit/e7f040f219b46592081a6053b4ed1ae0d0552b1a.diff
Patch:
https://github.com/kamailio/kamailio/commit/e7f040f219b46592081a6053b4ed1ae0d0552b1a.patch
---
diff --git a/src/core/rthreads.h b/src/core/rthreads.h
index 1a04f9982c7..56d68cef276 100644
--- a/src/core/rthreads.h
+++ b/src/core/rthreads.h
@@ -40,7 +40,7 @@ static void *run_threadP(_thread_proto fn, void *arg)
pthread_t tid;
void *ret = NULL;
- if(likely(ksr_tls_threads_mode == 0
+ if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2
|| (ksr_tls_threads_mode == 1 && process_no > 0))) {
return fn(arg);
}
@@ -77,7 +77,7 @@ static void *run_threadPI(_thread_protoPI fn, void *arg1, int
arg2)
pthread_t tid;
void *ret = NULL;
- if(likely(ksr_tls_threads_mode == 0
+ if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2
|| (ksr_tls_threads_mode == 1 && process_no > 0))) {
return fn(arg1, arg2);
}
@@ -113,7 +113,7 @@ static void run_threadV(_thread_protoV fn)
#ifdef USE_TLS
pthread_t tid;
- if(likely(ksr_tls_threads_mode == 0
+ if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2
|| (ksr_tls_threads_mode == 1 && process_no > 0))) {
fn();
return;
@@ -152,7 +152,7 @@ static int run_thread4PP(_thread_proto4PP fn, void *arg1,
void *arg2)
pthread_t tid;
int ret = 0;
- if(likely(ksr_tls_threads_mode == 0
+ if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2
|| (ksr_tls_threads_mode == 1 && process_no > 0))) {
return fn(arg1, arg2);
}
@@ -188,7 +188,7 @@ static void run_thread0P(_thread_proto0P fn, void *arg1)
#ifdef USE_TLS
pthread_t tid;
- if(likely(ksr_tls_threads_mode == 0
+ if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2
|| (ksr_tls_threads_mode == 1 && process_no > 0))) {
fn(arg1);
return;
@@ -240,7 +240,7 @@ static int run_thread4P5I2P2(_thread_proto4P5I2P2 fn, void
*arg1, void *arg2,
pthread_t tid;
int ret = 0;
- if(likely(ksr_tls_threads_mode == 0
+ if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2
|| (ksr_tls_threads_mode == 1 && process_no > 0))) {
return fn(arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8, arg9);
}
@@ -278,7 +278,7 @@ static int run_thread4L(_thread_proto4L fn, long arg1)
pthread_t tid;
int ret = 0;
- if(likely(ksr_tls_threads_mode == 0
+ if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2
|| (ksr_tls_threads_mode == 1 && process_no > 0))) {
return fn(arg1);
}
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:0ba1ff1d: tls: new option tls_threads_mode = 2
Module: kamailio
Branch: 5.8
Commit: 0ba1ff1d430e5e51c7745d7eb1242dcae2557db9
URL:
https://github.com/kamailio/kamailio/commit/0ba1ff1d430e5e51c7745d7eb1242dcae2557db9
Author: S-P Chan
Committer: S-P Chan
Date: 2024-03-04T22:27:36+08:00
tls: new option tls_threads_mode = 2
- use pthread_atfork to force all thread-locals
to 0x0 after fork()
(cherry picked from commit 464299c202f3ba963aed821b777075397e843856)
---
Modified: src/modules/tls/tls_mod.c
---
Diff:
https://github.com/kamailio/kamailio/commit/0ba1ff1d430e5e51c7745d7eb1242dcae2557db9.diff
Patch:
https://github.com/kamailio/kamailio/commit/0ba1ff1d430e5e51c7745d7eb1242dcae2557db9.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 1dc9357f56a..6dfde00c93a 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -337,6 +337,20 @@ static tls_domains_cfg_t* tls_use_modparams(void)
}
#endif
+/* global config tls_threads_mode = 2
+ * - force all thread-locals to be 0x0 after fork()
+ * - with OpenSSL loaded the largest value observed
+ * is < 10
+ *
+ */
+static void fork_child(void)
+{
+ for(int k = 0; k < 16; k++) {
+ if(pthread_getspecific(k) != 0)
+ pthread_setspecific(k, 0x0);
+ }
+}
+
static int mod_init(void)
{
int method;
@@ -446,6 +460,9 @@ static int mod_init(void)
ksr_module_set_flag(KSRMOD_FLAG_POSTCHILDINIT);
}
#endif
+ if(ksr_tls_threads_mode == 2) {
+ pthread_atfork(NULL, NULL, _child);
+ }
return 0;
error:
tls_h_mod_destroy_f();
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:0a565d34: core/rthreads.h: add new option tls_threads_mode = 2
Module: kamailio
Branch: 5.8
Commit: 0a565d34b98b7ec4de0524a3e216e8d907661181
URL:
https://github.com/kamailio/kamailio/commit/0a565d34b98b7ec4de0524a3e216e8d907661181
Author: S-P Chan
Committer: S-P Chan
Date: 2024-03-04T22:27:15+08:00
core/rthreads.h: add new option tls_threads_mode = 2
- add global handling of thread-locals with
tls_threads_mode = 2
- this will run a pthread_atfork handler to reset
all thread-locals to 0x0
- alternative solution to running functions
in thread executors
- requires tls.so to be loaded to be effective
(cherry picked from commit e7f040f219b46592081a6053b4ed1ae0d0552b1a)
---
Modified: src/core/rthreads.h
---
Diff:
https://github.com/kamailio/kamailio/commit/0a565d34b98b7ec4de0524a3e216e8d907661181.diff
Patch:
https://github.com/kamailio/kamailio/commit/0a565d34b98b7ec4de0524a3e216e8d907661181.patch
---
diff --git a/src/core/rthreads.h b/src/core/rthreads.h
index 0f4f0cf8b8a..6fee4d0b407 100644
--- a/src/core/rthreads.h
+++ b/src/core/rthreads.h
@@ -40,7 +40,7 @@ static void *run_threadP(_thread_proto fn, void *arg)
pthread_t tid;
void *ret;
- if(likely(ksr_tls_threads_mode == 0
+ if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2
|| (ksr_tls_threads_mode == 1 && process_no > 0))) {
return fn(arg);
}
@@ -77,7 +77,7 @@ static void *run_threadPI(_thread_protoPI fn, void *arg1, int
arg2)
pthread_t tid;
void *ret;
- if(likely(ksr_tls_threads_mode == 0
+ if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2
|| (ksr_tls_threads_mode == 1 && process_no > 0))) {
return fn(arg1, arg2);
}
@@ -113,7 +113,7 @@ static void run_threadV(_thread_protoV fn)
#ifdef USE_TLS
pthread_t tid;
- if(likely(ksr_tls_threads_mode == 0
+ if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2
|| (ksr_tls_threads_mode == 1 && process_no > 0))) {
fn();
return;
@@ -152,7 +152,7 @@ static int run_thread4PP(_thread_proto4PP fn, void *arg1,
void *arg2)
pthread_t tid;
int ret;
- if(likely(ksr_tls_threads_mode == 0
+ if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2
|| (ksr_tls_threads_mode == 1 && process_no > 0))) {
return fn(arg1, arg2);
}
@@ -188,7 +188,7 @@ static void run_thread0P(_thread_proto0P fn, void *arg1)
#ifdef USE_TLS
pthread_t tid;
- if(likely(ksr_tls_threads_mode == 0
+ if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2
|| (ksr_tls_threads_mode == 1 && process_no > 0))) {
fn(arg1);
return;
@@ -240,7 +240,7 @@ static int run_thread4P5I2P2(_thread_proto4P5I2P2 fn, void
*arg1, void *arg2,
pthread_t tid;
int ret;
- if(likely(ksr_tls_threads_mode == 0
+ if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2
|| (ksr_tls_threads_mode == 1 && process_no > 0))) {
return fn(arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8, arg9);
}
@@ -278,7 +278,7 @@ static int run_thread4L(_thread_proto4L fn, long arg1)
pthread_t tid;
int ret;
- if(likely(ksr_tls_threads_mode == 0
+ if(likely(ksr_tls_threads_mode == 0 || ksr_tls_threads_mode == 2
|| (ksr_tls_threads_mode == 1 && process_no > 0))) {
return fn(arg1);
}
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:464299c2: tls: new option tls_threads_mode = 2
Module: kamailio
Branch: master
Commit: 464299c202f3ba963aed821b777075397e843856
URL:
https://github.com/kamailio/kamailio/commit/464299c202f3ba963aed821b777075397e843856
Author: S-P Chan
Committer: S-P Chan
Date: 2024-03-04T22:00:38+08:00
tls: new option tls_threads_mode = 2
- use pthread_atfork to force all thread-locals
to 0x0 after fork()
---
Modified: src/modules/tls/tls_mod.c
---
Diff:
https://github.com/kamailio/kamailio/commit/464299c202f3ba963aed821b777075397e843856.diff
Patch:
https://github.com/kamailio/kamailio/commit/464299c202f3ba963aed821b777075397e843856.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 1dc9357f56a..6dfde00c93a 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -337,6 +337,20 @@ static tls_domains_cfg_t* tls_use_modparams(void)
}
#endif
+/* global config tls_threads_mode = 2
+ * - force all thread-locals to be 0x0 after fork()
+ * - with OpenSSL loaded the largest value observed
+ * is < 10
+ *
+ */
+static void fork_child(void)
+{
+ for(int k = 0; k < 16; k++) {
+ if(pthread_getspecific(k) != 0)
+ pthread_setspecific(k, 0x0);
+ }
+}
+
static int mod_init(void)
{
int method;
@@ -446,6 +460,9 @@ static int mod_init(void)
ksr_module_set_flag(KSRMOD_FLAG_POSTCHILDINIT);
}
#endif
+ if(ksr_tls_threads_mode == 2) {
+ pthread_atfork(NULL, NULL, _child);
+ }
return 0;
error:
tls_h_mod_destroy_f();
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:3d80bc81: tls: basic OpenSSL 3 support of provider keys (replaces ENGINE)
Module: kamailio Branch: 5.8 Commit: 3d80bc811c75eb0cbcf0f4aee8929a5082b4de6a URL: https://github.com/kamailio/kamailio/commit/3d80bc811c75eb0cbcf0f4aee8929a5082b4de6a Author: S-P Chan Committer: S-P Chan Date: 2024-03-03T14:38:56+08:00 tls: basic OpenSSL 3 support of provider keys (replaces ENGINE) - initial support for v3 provider keys (replaces ENGINE from v1.1.1) - can be disabled behind build flag -DOPENSSL_NO_PROVIDER - provider keys start with /uri: e.g private_key = /uri:pkcs11:token=NSS%20Certificate%20DB;type=private;object=Fork-Test-c67cc0e0 - global config: provider_quirks: 0 | 1 - 0 - default - 1 - create a new OSS_LIB_CTX* in the child This integration does not load any providers itself and depends on the usual export OPENSSL_CONF=my-openssl.cnf to configure providers. (cherry picked from commit 69883dd381368ca219cc52140e71d571775f95d5) --- Modified: src/modules/tls/tls_domain.c Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/3d80bc811c75eb0cbcf0f4aee8929a5082b4de6a.diff Patch: https://github.com/kamailio/kamailio/commit/3d80bc811c75eb0cbcf0f4aee8929a5082b4de6a.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:69883dd3: tls: basic OpenSSL 3 support of provider keys (replaces ENGINE)
Module: kamailio Branch: master Commit: 69883dd381368ca219cc52140e71d571775f95d5 URL: https://github.com/kamailio/kamailio/commit/69883dd381368ca219cc52140e71d571775f95d5 Author: S-P Chan Committer: S-P Chan Date: 2024-03-03T14:34:47+08:00 tls: basic OpenSSL 3 support of provider keys (replaces ENGINE) - initial support for v3 provider keys (replaces ENGINE from 1.1.1) - can be disabled behind build flag -DOPENSSL_NO_PROVIDER - provider keys start with /uri: e.g private_key = /uri:pkcs11:token=NSS%20Certificate%20DB;type=private;object=Fork-Test-c67cc0e0 - global config: provider_quirks: 0 | 1 - 0 - default - 1 - create a new OSS_LIB_CTX* in the child This integration does not load any providers itself and depends on the usual export OPENSSL_CONF=my-openssl.cnf to configure providers. --- Modified: src/modules/tls/tls_domain.c Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/69883dd381368ca219cc52140e71d571775f95d5.diff Patch: https://github.com/kamailio/kamailio/commit/69883dd381368ca219cc52140e71d571775f95d5.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:6ee44373: tls: remove unused ENGINE define
Module: kamailio Branch: 5.8 Commit: 6ee443731a23032fce9a32ce9609ae5b7c6bd171 URL: https://github.com/kamailio/kamailio/commit/6ee443731a23032fce9a32ce9609ae5b7c6bd171 Author: S-P Chan Committer: S-P Chan Date: 2024-03-02T21:42:51+08:00 tls: remove unused ENGINE define (cherry-picked from commit 73e7123c2dd19b82db167ceee93444e43f70f446) --- Modified: src/modules/tls/tls_server.c --- Diff: https://github.com/kamailio/kamailio/commit/6ee443731a23032fce9a32ce9609ae5b7c6bd171.diff Patch: https://github.com/kamailio/kamailio/commit/6ee443731a23032fce9a32ce9609ae5b7c6bd171.patch --- diff --git a/src/modules/tls/tls_server.c b/src/modules/tls/tls_server.c index 3e22ec42712..3bfea131cf2 100644 --- a/src/modules/tls/tls_server.c +++ b/src/modules/tls/tls_server.c @@ -128,11 +128,6 @@ int tls_run_event_routes(struct tcp_connection *c); #endif /* __SUNPRO_c */ #endif /* TLS_RD_DEBUG */ -/* only OpenSSL <= 1.1.1 */ -#if !defined(OPENSSL_NO_ENGINE) && OPENSSL_VERSION_NUMBER < 0x03000L -#define KSR_SSL_ENGINE -#endif - extern str sr_tls_xavp_cfg; static str _ksr_tls_connect_server_id = STR_NULL; ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:73e7123c: tls: remove unused ENGINE define
Module: kamailio Branch: master Commit: 73e7123c2dd19b82db167ceee93444e43f70f446 URL: https://github.com/kamailio/kamailio/commit/73e7123c2dd19b82db167ceee93444e43f70f446 Author: S-P Chan Committer: S-P Chan Date: 2024-03-02T21:41:11+08:00 tls: remove unused ENGINE define --- Modified: src/modules/tls/tls_server.c --- Diff: https://github.com/kamailio/kamailio/commit/73e7123c2dd19b82db167ceee93444e43f70f446.diff Patch: https://github.com/kamailio/kamailio/commit/73e7123c2dd19b82db167ceee93444e43f70f446.patch --- diff --git a/src/modules/tls/tls_server.c b/src/modules/tls/tls_server.c index 3e22ec42712..3bfea131cf2 100644 --- a/src/modules/tls/tls_server.c +++ b/src/modules/tls/tls_server.c @@ -128,11 +128,6 @@ int tls_run_event_routes(struct tcp_connection *c); #endif /* __SUNPRO_c */ #endif /* TLS_RD_DEBUG */ -/* only OpenSSL <= 1.1.1 */ -#if !defined(OPENSSL_NO_ENGINE) && OPENSSL_VERSION_NUMBER < 0x03000L -#define KSR_SSL_ENGINE -#endif - extern str sr_tls_xavp_cfg; static str _ksr_tls_connect_server_id = STR_NULL; ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:9d42e4aa: tls: clean-up of ENGINE
Module: kamailio Branch: 5.8 Commit: 9d42e4aacab4a7bf18192701cd66cba95c2c98dd URL: https://github.com/kamailio/kamailio/commit/9d42e4aacab4a7bf18192701cd66cba95c2c98dd Author: S-P Chan Committer: S-P Chan Date: 2024-03-02T08:47:48+08:00 tls: clean-up of ENGINE - remove tls_map.* - not needed anymore - install an ENGINE in each worker SSL_CTX no need to replicate to all processes Cherry-pick from 5933893b91 --- Modified: src/modules/tls/tls_domain.c Modified: src/modules/tls/tls_server.c Removed: src/modules/tls/tls_map.c Removed: src/modules/tls/tls_map.h --- Diff: https://github.com/kamailio/kamailio/commit/9d42e4aacab4a7bf18192701cd66cba95c2c98dd.diff Patch: https://github.com/kamailio/kamailio/commit/9d42e4aacab4a7bf18192701cd66cba95c2c98dd.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:5933893b: tls: clean-up of ENGINE
Module: kamailio Branch: master Commit: 5933893b919bccdc1c35e7bb0505e3a49d72c403 URL: https://github.com/kamailio/kamailio/commit/5933893b919bccdc1c35e7bb0505e3a49d72c403 Author: S-P Chan Committer: S-P Chan Date: 2024-03-02T08:46:39+08:00 tls: clean-up of ENGINE - remove tls_map.* - not needed anymore - install an ENGINE in each worker SSL_CTX no need to replicate to all processes --- Modified: src/modules/tls/tls_domain.c Modified: src/modules/tls/tls_server.c Removed: src/modules/tls/tls_map.c Removed: src/modules/tls/tls_map.h --- Diff: https://github.com/kamailio/kamailio/commit/5933893b919bccdc1c35e7bb0505e3a49d72c403.diff Patch: https://github.com/kamailio/kamailio/commit/5933893b919bccdc1c35e7bb0505e3a49d72c403.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:0ddbd961: tls: make explicit ENGINE deprecation in OpenSSL 3
Module: kamailio Branch: 5.8 Commit: 0ddbd961e91abf3e967285d80cc1c6f8d2aa5cf9 URL: https://github.com/kamailio/kamailio/commit/0ddbd961e91abf3e967285d80cc1c6f8d2aa5cf9 Author: S-P Chan Committer: S-P Chan Date: 2024-03-01T08:08:09+08:00 tls: make explicit ENGINE deprecation in OpenSSL 3 Cherry-pick from 0c68a5511e --- Modified: src/modules/tls/tls_domain.c Modified: src/modules/tls/tls_mod.c Modified: src/modules/tls/tls_server.c --- Diff: https://github.com/kamailio/kamailio/commit/0ddbd961e91abf3e967285d80cc1c6f8d2aa5cf9.diff Patch: https://github.com/kamailio/kamailio/commit/0ddbd961e91abf3e967285d80cc1c6f8d2aa5cf9.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:0c68a551: tls: make explicit ENGINE deprecation in OpenSSL 3
Module: kamailio Branch: master Commit: 0c68a5511e83e4367954172e3050fe997e47e9c8 URL: https://github.com/kamailio/kamailio/commit/0c68a5511e83e4367954172e3050fe997e47e9c8 Author: S-P Chan Committer: S-P Chan Date: 2024-03-01T08:06:13+08:00 tls: make explicit ENGINE deprecation in OpenSSL 3 --- Modified: src/modules/tls/tls_domain.c Modified: src/modules/tls/tls_mod.c Modified: src/modules/tls/tls_server.c --- Diff: https://github.com/kamailio/kamailio/commit/0c68a5511e83e4367954172e3050fe997e47e9c8.diff Patch: https://github.com/kamailio/kamailio/commit/0c68a5511e83e4367954172e3050fe997e47e9c8.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:f53c6b49: tls: fix OpenSSL 1.1.1 engine keys
Module: kamailio
Branch: 5.8
Commit: f53c6b49e158203ba0783ec6a6fbadd76c5fdde9
URL:
https://github.com/kamailio/kamailio/commit/f53c6b49e158203ba0783ec6a6fbadd76c5fdde9
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-29T19:02:03+08:00
tls: fix OpenSSL 1.1.1 engine keys
Cherry-pick from e535cc5eb2
---
Modified: src/modules/tls/tls_mod.c
---
Diff:
https://github.com/kamailio/kamailio/commit/f53c6b49e158203ba0783ec6a6fbadd76c5fdde9.diff
Patch:
https://github.com/kamailio/kamailio/commit/f53c6b49e158203ba0783ec6a6fbadd76c5fdde9.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 550a1bcc2b5..322be20bd8e 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -728,6 +728,7 @@ static int tls_engine_init()
* We are in the child process and the global engine linked-list
* is initialized in the parent.
*/
+ ENGINE_load_builtin_engines();
e = ENGINE_by_id("dynamic");
if(!e) {
err = "Error loading dynamic engine";
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:e535cc5e: tls: fix OpenSSL 1.1.1 engine keys
Module: kamailio
Branch: master
Commit: e535cc5eb2d81a67d00931bb53328953ec8ef492
URL:
https://github.com/kamailio/kamailio/commit/e535cc5eb2d81a67d00931bb53328953ec8ef492
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-29T19:01:14+08:00
tls: fix OpenSSL 1.1.1 engine keys
---
Modified: src/modules/tls/tls_mod.c
---
Diff:
https://github.com/kamailio/kamailio/commit/e535cc5eb2d81a67d00931bb53328953ec8ef492.diff
Patch:
https://github.com/kamailio/kamailio/commit/e535cc5eb2d81a67d00931bb53328953ec8ef492.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 550a1bcc2b5..322be20bd8e 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -728,6 +728,7 @@ static int tls_engine_init()
* We are in the child process and the global engine linked-list
* is initialized in the parent.
*/
+ ENGINE_load_builtin_engines();
e = ENGINE_by_id("dynamic");
if(!e) {
err = "Error loading dynamic engine";
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:e66915b9: tls: fix OpenSSL 1.1.1 engine keys
Module: kamailio
Branch: 5.7
Commit: e66915b95fda66ab9d2981854894707813e331ee
URL:
https://github.com/kamailio/kamailio/commit/e66915b95fda66ab9d2981854894707813e331ee
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-29T19:05:57+08:00
tls: fix OpenSSL 1.1.1 engine keys
Cherry-pick from e535cc5eb2
---
Modified: src/modules/tls/tls_mod.c
---
Diff:
https://github.com/kamailio/kamailio/commit/e66915b95fda66ab9d2981854894707813e331ee.diff
Patch:
https://github.com/kamailio/kamailio/commit/e66915b95fda66ab9d2981854894707813e331ee.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 664e35f7c33..85a1fc4cd9e 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -728,6 +728,7 @@ static int tls_engine_init()
* We are in the child process and the global engine linked-list
* is initialized in the parent.
*/
+ ENGINE_load_builtin_engines();
e = ENGINE_by_id("dynamic");
if(!e) {
err = "Error loading dynamic engine";
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:1d9ea67e: http_async_client: libssl refactor thread executors for curl
Module: kamailio
Branch: 5.7
Commit: 1d9ea67eb29b4fd45c00a00581e7b73a9b42c8ce
URL:
https://github.com/kamailio/kamailio/commit/1d9ea67eb29b4fd45c00a00581e7b73a9b42c8ce
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-27T12:40:11+08:00
http_async_client: libssl refactor thread executors for curl
Cherry-pick from 6a0c86bba8
---
Modified: src/modules/http_async_client/http_async_client_mod.c
Modified: src/modules/http_async_client/http_multi.c
---
Diff:
https://github.com/kamailio/kamailio/commit/1d9ea67eb29b4fd45c00a00581e7b73a9b42c8ce.diff
Patch:
https://github.com/kamailio/kamailio/commit/1d9ea67eb29b4fd45c00a00581e7b73a9b42c8ce.patch
---
diff --git a/src/modules/http_async_client/http_async_client_mod.c
b/src/modules/http_async_client/http_async_client_mod.c
index e9f6cb0d26b..4b984d3efdc 100644
--- a/src/modules/http_async_client/http_async_client_mod.c
+++ b/src/modules/http_async_client/http_async_client_mod.c
@@ -50,6 +50,9 @@
#include "../../core/cfg/cfg_struct.h"
#include "../../core/fmsg.h"
#include "../../core/kemi.h"
+#define KSR_RTHREAD_NEED_V
+#define KSR_RTHREAD_SKIP_P
+#include "../../core/rthreads.h"
#include "../../modules/tm/tm_load.h"
#include "../../modules/pv/pv_api.h"
@@ -285,7 +288,7 @@ static int mod_init(void)
return -1;
}
- set_curl_mem_callbacks();
+ run_threadV((_thread_protoV)_curl_mem_callbacks);
/* init faked sip msg */
if(faked_msg_init() < 0) {
diff --git a/src/modules/http_async_client/http_multi.c
b/src/modules/http_async_client/http_multi.c
index a0ee1c877cf..a57aba9c951 100644
--- a/src/modules/http_async_client/http_multi.c
+++ b/src/modules/http_async_client/http_multi.c
@@ -32,9 +32,6 @@
#include "../../core/mem/mem.h"
#include "../../core/ut.h"
#include "../../core/hashes.h"
-#define KSR_RTHREAD_NEED_4L
-#define KSR_RTHREAD_SKIP_P
-#include "../../core/rthreads.h"
#include "http_multi.h"
extern int hash_size;
@@ -392,8 +389,7 @@ void set_curl_mem_callbacks(void)
break;
case 1:
LM_DBG("Initilizing cURL with sys malloc\n");
- rc = run_thread4L(
- (_thread_proto4L)curl_global_init,
CURL_GLOBAL_ALL);
+ rc = curl_global_init(CURL_GLOBAL_ALL);
if(rc != 0) {
LM_ERR("Cannot initialize cURL: %d\n", rc);
}
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:bc4c2069: http_async_client: libssl refactor thread executors for curl
Module: kamailio
Branch: 5.8
Commit: bc4c206999094ed74e77c73f5537e857111d0a30
URL:
https://github.com/kamailio/kamailio/commit/bc4c206999094ed74e77c73f5537e857111d0a30
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-27T12:39:52+08:00
http_async_client: libssl refactor thread executors for curl
Cherry-pick from 6a0c86bba8
---
Modified: src/modules/http_async_client/http_async_client_mod.c
Modified: src/modules/http_async_client/http_multi.c
---
Diff:
https://github.com/kamailio/kamailio/commit/bc4c206999094ed74e77c73f5537e857111d0a30.diff
Patch:
https://github.com/kamailio/kamailio/commit/bc4c206999094ed74e77c73f5537e857111d0a30.patch
---
diff --git a/src/modules/http_async_client/http_async_client_mod.c
b/src/modules/http_async_client/http_async_client_mod.c
index 983a9e387f1..97a5c5dd420 100644
--- a/src/modules/http_async_client/http_async_client_mod.c
+++ b/src/modules/http_async_client/http_async_client_mod.c
@@ -50,6 +50,9 @@
#include "../../core/cfg/cfg_struct.h"
#include "../../core/fmsg.h"
#include "../../core/kemi.h"
+#define KSR_RTHREAD_NEED_V
+#define KSR_RTHREAD_SKIP_P
+#include "../../core/rthreads.h"
#include "../../modules/tm/tm_load.h"
#include "../../modules/pv/pv_api.h"
@@ -285,7 +288,7 @@ static int mod_init(void)
return -1;
}
- set_curl_mem_callbacks();
+ run_threadV((_thread_protoV)_curl_mem_callbacks);
/* init faked sip msg */
if(faked_msg_init() < 0) {
diff --git a/src/modules/http_async_client/http_multi.c
b/src/modules/http_async_client/http_multi.c
index a0ee1c877cf..a57aba9c951 100644
--- a/src/modules/http_async_client/http_multi.c
+++ b/src/modules/http_async_client/http_multi.c
@@ -32,9 +32,6 @@
#include "../../core/mem/mem.h"
#include "../../core/ut.h"
#include "../../core/hashes.h"
-#define KSR_RTHREAD_NEED_4L
-#define KSR_RTHREAD_SKIP_P
-#include "../../core/rthreads.h"
#include "http_multi.h"
extern int hash_size;
@@ -392,8 +389,7 @@ void set_curl_mem_callbacks(void)
break;
case 1:
LM_DBG("Initilizing cURL with sys malloc\n");
- rc = run_thread4L(
- (_thread_proto4L)curl_global_init,
CURL_GLOBAL_ALL);
+ rc = curl_global_init(CURL_GLOBAL_ALL);
if(rc != 0) {
LM_ERR("Cannot initialize cURL: %d\n", rc);
}
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:6a0c86bb: http_async_client: libssl refactor thread executors for curl
Module: kamailio
Branch: master
Commit: 6a0c86bba8ff1200b8fe9197f2a76688a9948808
URL:
https://github.com/kamailio/kamailio/commit/6a0c86bba8ff1200b8fe9197f2a76688a9948808
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-27T12:38:09+08:00
http_async_client: libssl refactor thread executors for curl
---
Modified: src/modules/http_async_client/http_async_client_mod.c
Modified: src/modules/http_async_client/http_multi.c
---
Diff:
https://github.com/kamailio/kamailio/commit/6a0c86bba8ff1200b8fe9197f2a76688a9948808.diff
Patch:
https://github.com/kamailio/kamailio/commit/6a0c86bba8ff1200b8fe9197f2a76688a9948808.patch
---
diff --git a/src/modules/http_async_client/http_async_client_mod.c
b/src/modules/http_async_client/http_async_client_mod.c
index 983a9e387f1..97a5c5dd420 100644
--- a/src/modules/http_async_client/http_async_client_mod.c
+++ b/src/modules/http_async_client/http_async_client_mod.c
@@ -50,6 +50,9 @@
#include "../../core/cfg/cfg_struct.h"
#include "../../core/fmsg.h"
#include "../../core/kemi.h"
+#define KSR_RTHREAD_NEED_V
+#define KSR_RTHREAD_SKIP_P
+#include "../../core/rthreads.h"
#include "../../modules/tm/tm_load.h"
#include "../../modules/pv/pv_api.h"
@@ -285,7 +288,7 @@ static int mod_init(void)
return -1;
}
- set_curl_mem_callbacks();
+ run_threadV((_thread_protoV)_curl_mem_callbacks);
/* init faked sip msg */
if(faked_msg_init() < 0) {
diff --git a/src/modules/http_async_client/http_multi.c
b/src/modules/http_async_client/http_multi.c
index a0ee1c877cf..a57aba9c951 100644
--- a/src/modules/http_async_client/http_multi.c
+++ b/src/modules/http_async_client/http_multi.c
@@ -32,9 +32,6 @@
#include "../../core/mem/mem.h"
#include "../../core/ut.h"
#include "../../core/hashes.h"
-#define KSR_RTHREAD_NEED_4L
-#define KSR_RTHREAD_SKIP_P
-#include "../../core/rthreads.h"
#include "http_multi.h"
extern int hash_size;
@@ -392,8 +389,7 @@ void set_curl_mem_callbacks(void)
break;
case 1:
LM_DBG("Initilizing cURL with sys malloc\n");
- rc = run_thread4L(
- (_thread_proto4L)curl_global_init,
CURL_GLOBAL_ALL);
+ rc = curl_global_init(CURL_GLOBAL_ALL);
if(rc != 0) {
LM_ERR("Cannot initialize cURL: %d\n", rc);
}
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:8098136c: xcap_client: libssl thread executor for curl_global_init()
Module: kamailio
Branch: 5.7
Commit: 8098136ccbe2050b499d3d962c44d58203afc370
URL:
https://github.com/kamailio/kamailio/commit/8098136ccbe2050b499d3d962c44d58203afc370
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-27T05:11:36+08:00
xcap_client: libssl thread executor for curl_global_init()
Cherry-pick from f5164b39c8
---
Modified: src/modules/xcap_client/xcap_client.c
---
Diff:
https://github.com/kamailio/kamailio/commit/8098136ccbe2050b499d3d962c44d58203afc370.diff
Patch:
https://github.com/kamailio/kamailio/commit/8098136ccbe2050b499d3d962c44d58203afc370.patch
---
diff --git a/src/modules/xcap_client/xcap_client.c
b/src/modules/xcap_client/xcap_client.c
index ac77228bfde..4de2d367b63 100644
--- a/src/modules/xcap_client/xcap_client.c
+++ b/src/modules/xcap_client/xcap_client.c
@@ -41,6 +41,9 @@
#include "../../core/mem/shm_mem.h"
#include "../../core/rpc.h"
#include "../../core/rpc_lookup.h"
+#define KSR_RTHREAD_NEED_4L
+#define KSR_RTHREAD_SKIP_P
+#include "../../core/rthreads.h"
#include "../presence/utils_func.h"
#include "xcap_functions.h"
#include "xcap_client.h"
@@ -140,7 +143,7 @@ static int mod_init(void)
xcap_dbf.close(xcap_db);
xcap_db = NULL;
- curl_global_init(CURL_GLOBAL_ALL);
+ run_thread4L((_thread_proto4L)curl_global_init, CURL_GLOBAL_ALL);
if(periodical_query) {
register_timer(query_xcap_update, 0, query_period);
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:d9285fc7: http_client: libssl thread executor for curl_global_init()
Module: kamailio
Branch: 5.7
Commit: d9285fc741c2a3c3995e037c23393df108e94bf1
URL:
https://github.com/kamailio/kamailio/commit/d9285fc741c2a3c3995e037c23393df108e94bf1
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-27T05:11:33+08:00
http_client: libssl thread executor for curl_global_init()
Cherry-pick from f58225950c
---
Modified: src/modules/http_client/http_client.c
---
Diff:
https://github.com/kamailio/kamailio/commit/d9285fc741c2a3c3995e037c23393df108e94bf1.diff
Patch:
https://github.com/kamailio/kamailio/commit/d9285fc741c2a3c3995e037c23393df108e94bf1.patch
---
diff --git a/src/modules/http_client/http_client.c
b/src/modules/http_client/http_client.c
index 430933e23d2..3cf662820f5 100644
--- a/src/modules/http_client/http_client.c
+++ b/src/modules/http_client/http_client.c
@@ -64,6 +64,9 @@
#include "../../core/lvalue.h"
#include "../../core/pt.h" /* Process table */
#include "../../core/kemi.h"
+#define KSR_RTHREAD_NEED_4L
+#define KSR_RTHREAD_SKIP_P
+#include "../../core/rthreads.h"
#include "functions.h"
#include "curlcon.h"
@@ -278,7 +281,7 @@ static int mod_init(void)
LM_DBG("init curl module\n");
/* Initialize curl */
- if(curl_global_init(CURL_GLOBAL_ALL)) {
+ if(run_thread4L((_thread_proto4L)_global_init, CURL_GLOBAL_ALL)) {
LM_ERR("curl_global_init failed\n");
return -1;
}
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:d01b6e22: http_async_client: libssl thread executor for curl_global_init()
Module: kamailio
Branch: 5.7
Commit: d01b6e22e083c6fab457f8fbe1c8ac2526a37d30
URL:
https://github.com/kamailio/kamailio/commit/d01b6e22e083c6fab457f8fbe1c8ac2526a37d30
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-27T05:11:23+08:00
http_async_client: libssl thread executor for curl_global_init()
Cherry-pick from 514635dc3e
---
Modified: src/modules/http_async_client/http_multi.c
---
Diff:
https://github.com/kamailio/kamailio/commit/d01b6e22e083c6fab457f8fbe1c8ac2526a37d30.diff
Patch:
https://github.com/kamailio/kamailio/commit/d01b6e22e083c6fab457f8fbe1c8ac2526a37d30.patch
---
diff --git a/src/modules/http_async_client/http_multi.c
b/src/modules/http_async_client/http_multi.c
index a57aba9c951..a0ee1c877cf 100644
--- a/src/modules/http_async_client/http_multi.c
+++ b/src/modules/http_async_client/http_multi.c
@@ -32,6 +32,9 @@
#include "../../core/mem/mem.h"
#include "../../core/ut.h"
#include "../../core/hashes.h"
+#define KSR_RTHREAD_NEED_4L
+#define KSR_RTHREAD_SKIP_P
+#include "../../core/rthreads.h"
#include "http_multi.h"
extern int hash_size;
@@ -389,7 +392,8 @@ void set_curl_mem_callbacks(void)
break;
case 1:
LM_DBG("Initilizing cURL with sys malloc\n");
- rc = curl_global_init(CURL_GLOBAL_ALL);
+ rc = run_thread4L(
+ (_thread_proto4L)curl_global_init,
CURL_GLOBAL_ALL);
if(rc != 0) {
LM_ERR("Cannot initialize cURL: %d\n", rc);
}
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:f850f4ee: Revert ed9d7bc58b - split into per module commits
Module: kamailio
Branch: 5.7
Commit: f850f4eef66b6461bb93ede9bf67b52458e18856
URL:
https://github.com/kamailio/kamailio/commit/f850f4eef66b6461bb93ede9bf67b52458e18856
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-27T05:07:27+08:00
Revert ed9d7bc58b - split into per module commits
---
Modified: src/core/rthreads.h
Modified: src/modules/http_async_client/http_multi.c
Modified: src/modules/http_client/http_client.c
Modified: src/modules/xcap_client/xcap_client.c
---
Diff:
https://github.com/kamailio/kamailio/commit/f850f4eef66b6461bb93ede9bf67b52458e18856.diff
Patch:
https://github.com/kamailio/kamailio/commit/f850f4eef66b6461bb93ede9bf67b52458e18856.patch
---
diff --git a/src/core/rthreads.h b/src/core/rthreads.h
index 0f4f0cf8b8a..e96f45c9395 100644
--- a/src/core/rthreads.h
+++ b/src/core/rthreads.h
@@ -254,41 +254,3 @@ static int run_thread4P5I2P2(_thread_proto4P5I2P2 fn, void
*arg1, void *arg2,
#endif
}
#endif
-
-/*
- * prototype: CURLcode curl_global_init(long flags) { ... }
- */
-#ifdef KSR_RTHREAD_NEED_4L
-typedef int (*_thread_proto4L)(long);
-struct _thread_args4L
-{
- _thread_proto4L fn;
- long arg1;
- int *ret;
-};
-static void *run_thread_wrap4L(struct _thread_args4L *args)
-{
- *args->ret = (*args->fn)(args->arg1);
- return NULL;
-}
-
-static int run_thread4L(_thread_proto4L fn, long arg1)
-{
-#ifdef USE_TLS
- pthread_t tid;
- int ret;
-
- if(likely(ksr_tls_threads_mode == 0
- || (ksr_tls_threads_mode == 1 && process_no > 0))) {
- return fn(arg1);
- }
- pthread_create(, NULL, (_thread_proto)run_thread_wrap4L,
- &(struct _thread_args4L){fn, arg1, });
- pthread_join(tid, NULL);
-
- return ret;
-#else
- return fn(arg1)
-#endif
-}
-#endif
diff --git a/src/modules/http_async_client/http_multi.c
b/src/modules/http_async_client/http_multi.c
index a0ee1c877cf..a57aba9c951 100644
--- a/src/modules/http_async_client/http_multi.c
+++ b/src/modules/http_async_client/http_multi.c
@@ -32,9 +32,6 @@
#include "../../core/mem/mem.h"
#include "../../core/ut.h"
#include "../../core/hashes.h"
-#define KSR_RTHREAD_NEED_4L
-#define KSR_RTHREAD_SKIP_P
-#include "../../core/rthreads.h"
#include "http_multi.h"
extern int hash_size;
@@ -392,8 +389,7 @@ void set_curl_mem_callbacks(void)
break;
case 1:
LM_DBG("Initilizing cURL with sys malloc\n");
- rc = run_thread4L(
- (_thread_proto4L)curl_global_init,
CURL_GLOBAL_ALL);
+ rc = curl_global_init(CURL_GLOBAL_ALL);
if(rc != 0) {
LM_ERR("Cannot initialize cURL: %d\n", rc);
}
diff --git a/src/modules/http_client/http_client.c
b/src/modules/http_client/http_client.c
index 3cf662820f5..430933e23d2 100644
--- a/src/modules/http_client/http_client.c
+++ b/src/modules/http_client/http_client.c
@@ -64,9 +64,6 @@
#include "../../core/lvalue.h"
#include "../../core/pt.h" /* Process table */
#include "../../core/kemi.h"
-#define KSR_RTHREAD_NEED_4L
-#define KSR_RTHREAD_SKIP_P
-#include "../../core/rthreads.h"
#include "functions.h"
#include "curlcon.h"
@@ -281,7 +278,7 @@ static int mod_init(void)
LM_DBG("init curl module\n");
/* Initialize curl */
- if(run_thread4L((_thread_proto4L)_global_init, CURL_GLOBAL_ALL)) {
+ if(curl_global_init(CURL_GLOBAL_ALL)) {
LM_ERR("curl_global_init failed\n");
return -1;
}
diff --git a/src/modules/xcap_client/xcap_client.c
b/src/modules/xcap_client/xcap_client.c
index 4de2d367b63..ac77228bfde 100644
--- a/src/modules/xcap_client/xcap_client.c
+++ b/src/modules/xcap_client/xcap_client.c
@@ -41,9 +41,6 @@
#include "../../core/mem/shm_mem.h"
#include "../../core/rpc.h"
#include "../../core/rpc_lookup.h"
-#define KSR_RTHREAD_NEED_4L
-#define KSR_RTHREAD_SKIP_P
-#include "../../core/rthreads.h"
#include "../presence/utils_func.h"
#include "xcap_functions.h"
#include "xcap_client.h"
@@ -143,7 +140,7 @@ static int mod_init(void)
xcap_dbf.close(xcap_db);
xcap_db = NULL;
- run_thread4L((_thread_proto4L)curl_global_init, CURL_GLOBAL_ALL);
+ curl_global_init(CURL_GLOBAL_ALL);
if(periodical_query) {
register_timer(query_xcap_update, 0, query_period);
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:0f1d78a2: core/rthreads.h: add thread executor for curl_global_init()
Module: kamailio
Branch: 5.7
Commit: 0f1d78a22aeefef7601d0cf646ec154f5e52c175
URL:
https://github.com/kamailio/kamailio/commit/0f1d78a22aeefef7601d0cf646ec154f5e52c175
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-27T05:11:08+08:00
core/rthreads.h: add thread executor for curl_global_init()
Cherry-pick from db05449932
---
Modified: src/core/rthreads.h
---
Diff:
https://github.com/kamailio/kamailio/commit/0f1d78a22aeefef7601d0cf646ec154f5e52c175.diff
Patch:
https://github.com/kamailio/kamailio/commit/0f1d78a22aeefef7601d0cf646ec154f5e52c175.patch
---
diff --git a/src/core/rthreads.h b/src/core/rthreads.h
index e96f45c9395..0f4f0cf8b8a 100644
--- a/src/core/rthreads.h
+++ b/src/core/rthreads.h
@@ -254,3 +254,41 @@ static int run_thread4P5I2P2(_thread_proto4P5I2P2 fn, void
*arg1, void *arg2,
#endif
}
#endif
+
+/*
+ * prototype: CURLcode curl_global_init(long flags) { ... }
+ */
+#ifdef KSR_RTHREAD_NEED_4L
+typedef int (*_thread_proto4L)(long);
+struct _thread_args4L
+{
+ _thread_proto4L fn;
+ long arg1;
+ int *ret;
+};
+static void *run_thread_wrap4L(struct _thread_args4L *args)
+{
+ *args->ret = (*args->fn)(args->arg1);
+ return NULL;
+}
+
+static int run_thread4L(_thread_proto4L fn, long arg1)
+{
+#ifdef USE_TLS
+ pthread_t tid;
+ int ret;
+
+ if(likely(ksr_tls_threads_mode == 0
+ || (ksr_tls_threads_mode == 1 && process_no > 0))) {
+ return fn(arg1);
+ }
+ pthread_create(, NULL, (_thread_proto)run_thread_wrap4L,
+ &(struct _thread_args4L){fn, arg1, });
+ pthread_join(tid, NULL);
+
+ return ret;
+#else
+ return fn(arg1)
+#endif
+}
+#endif
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:49c3290f: http_client: libssl thread executor for curl_global_init()
Module: kamailio
Branch: 5.8
Commit: 49c3290fc6eb50de0b08661c50ff42663ff3de6b
URL:
https://github.com/kamailio/kamailio/commit/49c3290fc6eb50de0b08661c50ff42663ff3de6b
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-27T05:05:40+08:00
http_client: libssl thread executor for curl_global_init()
Cherry-pick from f58225950c
---
Modified: src/modules/http_client/http_client.c
---
Diff:
https://github.com/kamailio/kamailio/commit/49c3290fc6eb50de0b08661c50ff42663ff3de6b.diff
Patch:
https://github.com/kamailio/kamailio/commit/49c3290fc6eb50de0b08661c50ff42663ff3de6b.patch
---
diff --git a/src/modules/http_client/http_client.c
b/src/modules/http_client/http_client.c
index 48844246984..ca605ec1729 100644
--- a/src/modules/http_client/http_client.c
+++ b/src/modules/http_client/http_client.c
@@ -64,6 +64,9 @@
#include "../../core/lvalue.h"
#include "../../core/pt.h" /* Process table */
#include "../../core/kemi.h"
+#define KSR_RTHREAD_NEED_4L
+#define KSR_RTHREAD_SKIP_P
+#include "../../core/rthreads.h"
#include "functions.h"
#include "curlcon.h"
@@ -76,8 +79,10 @@ MODULE_VERSION
#define CURL_USER_AGENT_LEN (sizeof(CURL_USER_AGENT) - 1)
/* Module parameter variables */
-unsigned int default_connection_timeout = 0; /*!< 0 = not user configured -
the default (4 seconds) will be used */
-unsigned int timeout_mode = 1; /*!< 0 = timeout disabled, 1 (default) =
timeout in seconds, 2 = timeout in ms */
+unsigned int default_connection_timeout =
+ 0; /*!< 0 = not user configured - the default (4 seconds) will
be used */
+unsigned int timeout_mode =
+ 1; /*!< 0 = timeout disabled, 1 (default) = timeout in seconds,
2 = timeout in ms */
char *default_tls_cacert =
NULL; /*!< File name: Default CA cert to use for curl TLS
connection */
str default_tls_clientcert =
@@ -280,7 +285,7 @@ static int mod_init(void)
LM_DBG("init curl module\n");
/* Initialize curl */
- if(curl_global_init(CURL_GLOBAL_ALL)) {
+ if(run_thread4L((_thread_proto4L)_global_init, CURL_GLOBAL_ALL)) {
LM_ERR("curl_global_init failed\n");
return -1;
}
@@ -317,16 +322,16 @@ static int mod_init(void)
* - 1 (default) : timeout value is in seconds.
* - 2 : timeout value is in milliseconds.
*/
- if (!(timeout_mode == 1 || timeout_mode == 2)) {
- if (default_connection_timeout > 0) {
+ if(!(timeout_mode == 1 || timeout_mode == 2)) {
+ if(default_connection_timeout > 0) {
LM_WARN("configured connection_timeout is ignored "
- "because timeouts are disabled
(timeout_mode)\n");
+ "because timeouts are disabled
(timeout_mode)\n");
}
- } else if (default_connection_timeout == 0) {
+ } else if(default_connection_timeout == 0) {
LM_INFO("curl connection timeout set to zero. Using default 4
secs\n");
- if (timeout_mode == 1) { /* timeout is in seconds (default) */
+ if(timeout_mode == 1) { /* timeout is in seconds (default) */
default_connection_timeout = 4;
- } else if (timeout_mode == 2) { /* timeout is in milliseconds */
+ } else if(timeout_mode == 2) { /* timeout is in milliseconds */
default_connection_timeout = 4000;
}
}
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:ce17fee3: core/rthreads.h: add thread executor for curl_global_init()
Module: kamailio
Branch: 5.8
Commit: ce17fee304e9ffa5046194a0827f771742113640
URL:
https://github.com/kamailio/kamailio/commit/ce17fee304e9ffa5046194a0827f771742113640
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-27T05:04:59+08:00
core/rthreads.h: add thread executor for curl_global_init()
Cherry-pick from db05449932
---
Modified: src/core/rthreads.h
---
Diff:
https://github.com/kamailio/kamailio/commit/ce17fee304e9ffa5046194a0827f771742113640.diff
Patch:
https://github.com/kamailio/kamailio/commit/ce17fee304e9ffa5046194a0827f771742113640.patch
---
diff --git a/src/core/rthreads.h b/src/core/rthreads.h
index e96f45c9395..0f4f0cf8b8a 100644
--- a/src/core/rthreads.h
+++ b/src/core/rthreads.h
@@ -254,3 +254,41 @@ static int run_thread4P5I2P2(_thread_proto4P5I2P2 fn, void
*arg1, void *arg2,
#endif
}
#endif
+
+/*
+ * prototype: CURLcode curl_global_init(long flags) { ... }
+ */
+#ifdef KSR_RTHREAD_NEED_4L
+typedef int (*_thread_proto4L)(long);
+struct _thread_args4L
+{
+ _thread_proto4L fn;
+ long arg1;
+ int *ret;
+};
+static void *run_thread_wrap4L(struct _thread_args4L *args)
+{
+ *args->ret = (*args->fn)(args->arg1);
+ return NULL;
+}
+
+static int run_thread4L(_thread_proto4L fn, long arg1)
+{
+#ifdef USE_TLS
+ pthread_t tid;
+ int ret;
+
+ if(likely(ksr_tls_threads_mode == 0
+ || (ksr_tls_threads_mode == 1 && process_no > 0))) {
+ return fn(arg1);
+ }
+ pthread_create(, NULL, (_thread_proto)run_thread_wrap4L,
+ &(struct _thread_args4L){fn, arg1, });
+ pthread_join(tid, NULL);
+
+ return ret;
+#else
+ return fn(arg1)
+#endif
+}
+#endif
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:53398940: xcap_client: libssl thread executor for curl_global_init()
Module: kamailio
Branch: 5.8
Commit: 533989406d0fa1e57ff007fd8d7f702f5831dacd
URL:
https://github.com/kamailio/kamailio/commit/533989406d0fa1e57ff007fd8d7f702f5831dacd
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-27T05:05:54+08:00
xcap_client: libssl thread executor for curl_global_init()
Cherry-pick from f5164b39c8
---
Modified: src/modules/xcap_client/xcap_client.c
---
Diff:
https://github.com/kamailio/kamailio/commit/533989406d0fa1e57ff007fd8d7f702f5831dacd.diff
Patch:
https://github.com/kamailio/kamailio/commit/533989406d0fa1e57ff007fd8d7f702f5831dacd.patch
---
diff --git a/src/modules/xcap_client/xcap_client.c
b/src/modules/xcap_client/xcap_client.c
index ac77228bfde..4de2d367b63 100644
--- a/src/modules/xcap_client/xcap_client.c
+++ b/src/modules/xcap_client/xcap_client.c
@@ -41,6 +41,9 @@
#include "../../core/mem/shm_mem.h"
#include "../../core/rpc.h"
#include "../../core/rpc_lookup.h"
+#define KSR_RTHREAD_NEED_4L
+#define KSR_RTHREAD_SKIP_P
+#include "../../core/rthreads.h"
#include "../presence/utils_func.h"
#include "xcap_functions.h"
#include "xcap_client.h"
@@ -140,7 +143,7 @@ static int mod_init(void)
xcap_dbf.close(xcap_db);
xcap_db = NULL;
- curl_global_init(CURL_GLOBAL_ALL);
+ run_thread4L((_thread_proto4L)curl_global_init, CURL_GLOBAL_ALL);
if(periodical_query) {
register_timer(query_xcap_update, 0, query_period);
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:5d4fae5c: http_async_client: libssl thread executor for curl_global_init()
Module: kamailio
Branch: 5.8
Commit: 5d4fae5c24eb4f13d585e1af4cb1753ea5a784c5
URL:
https://github.com/kamailio/kamailio/commit/5d4fae5c24eb4f13d585e1af4cb1753ea5a784c5
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-27T05:05:20+08:00
http_async_client: libssl thread executor for curl_global_init()
Cherry-pick from 514635dc3e
---
Modified: src/modules/http_async_client/http_multi.c
---
Diff:
https://github.com/kamailio/kamailio/commit/5d4fae5c24eb4f13d585e1af4cb1753ea5a784c5.diff
Patch:
https://github.com/kamailio/kamailio/commit/5d4fae5c24eb4f13d585e1af4cb1753ea5a784c5.patch
---
diff --git a/src/modules/http_async_client/http_multi.c
b/src/modules/http_async_client/http_multi.c
index a57aba9c951..a0ee1c877cf 100644
--- a/src/modules/http_async_client/http_multi.c
+++ b/src/modules/http_async_client/http_multi.c
@@ -32,6 +32,9 @@
#include "../../core/mem/mem.h"
#include "../../core/ut.h"
#include "../../core/hashes.h"
+#define KSR_RTHREAD_NEED_4L
+#define KSR_RTHREAD_SKIP_P
+#include "../../core/rthreads.h"
#include "http_multi.h"
extern int hash_size;
@@ -389,7 +392,8 @@ void set_curl_mem_callbacks(void)
break;
case 1:
LM_DBG("Initilizing cURL with sys malloc\n");
- rc = curl_global_init(CURL_GLOBAL_ALL);
+ rc = run_thread4L(
+ (_thread_proto4L)curl_global_init,
CURL_GLOBAL_ALL);
if(rc != 0) {
LM_ERR("Cannot initialize cURL: %d\n", rc);
}
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:b1a30880: Revert ac4f1be039 - split into per module commits
Module: kamailio Branch: 5.8 Commit: b1a308801430a5561c4c13c1d4602fe5d5542cf8 URL: https://github.com/kamailio/kamailio/commit/b1a308801430a5561c4c13c1d4602fe5d5542cf8 Author: S-P Chan Committer: S-P Chan Date: 2024-02-27T05:03:10+08:00 Revert ac4f1be039 - split into per module commits --- Modified: src/core/rthreads.h Modified: src/modules/http_async_client/http_multi.c Modified: src/modules/http_client/http_client.c Modified: src/modules/xcap_client/xcap_client.c --- Diff: https://github.com/kamailio/kamailio/commit/b1a308801430a5561c4c13c1d4602fe5d5542cf8.diff Patch: https://github.com/kamailio/kamailio/commit/b1a308801430a5561c4c13c1d4602fe5d5542cf8.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:514635dc: http_async_client: libssl thread executor for curl_global_init()
Module: kamailio
Branch: master
Commit: 514635dc3e6182ff0daaebe548ed613edc2de61f
URL:
https://github.com/kamailio/kamailio/commit/514635dc3e6182ff0daaebe548ed613edc2de61f
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-27T05:01:14+08:00
http_async_client: libssl thread executor for curl_global_init()
---
Modified: src/modules/http_async_client/http_multi.c
---
Diff:
https://github.com/kamailio/kamailio/commit/514635dc3e6182ff0daaebe548ed613edc2de61f.diff
Patch:
https://github.com/kamailio/kamailio/commit/514635dc3e6182ff0daaebe548ed613edc2de61f.patch
---
diff --git a/src/modules/http_async_client/http_multi.c
b/src/modules/http_async_client/http_multi.c
index a57aba9c951..a0ee1c877cf 100644
--- a/src/modules/http_async_client/http_multi.c
+++ b/src/modules/http_async_client/http_multi.c
@@ -32,6 +32,9 @@
#include "../../core/mem/mem.h"
#include "../../core/ut.h"
#include "../../core/hashes.h"
+#define KSR_RTHREAD_NEED_4L
+#define KSR_RTHREAD_SKIP_P
+#include "../../core/rthreads.h"
#include "http_multi.h"
extern int hash_size;
@@ -389,7 +392,8 @@ void set_curl_mem_callbacks(void)
break;
case 1:
LM_DBG("Initilizing cURL with sys malloc\n");
- rc = curl_global_init(CURL_GLOBAL_ALL);
+ rc = run_thread4L(
+ (_thread_proto4L)curl_global_init,
CURL_GLOBAL_ALL);
if(rc != 0) {
LM_ERR("Cannot initialize cURL: %d\n", rc);
}
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:db054499: core/rthreads.h: add thread executor for curl_global_init()
Module: kamailio
Branch: master
Commit: db05449932b1753d4b705f88445533bbe1ed6475
URL:
https://github.com/kamailio/kamailio/commit/db05449932b1753d4b705f88445533bbe1ed6475
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-27T05:00:35+08:00
core/rthreads.h: add thread executor for curl_global_init()
---
Modified: src/core/rthreads.h
---
Diff:
https://github.com/kamailio/kamailio/commit/db05449932b1753d4b705f88445533bbe1ed6475.diff
Patch:
https://github.com/kamailio/kamailio/commit/db05449932b1753d4b705f88445533bbe1ed6475.patch
---
diff --git a/src/core/rthreads.h b/src/core/rthreads.h
index e96f45c9395..0f4f0cf8b8a 100644
--- a/src/core/rthreads.h
+++ b/src/core/rthreads.h
@@ -254,3 +254,41 @@ static int run_thread4P5I2P2(_thread_proto4P5I2P2 fn, void
*arg1, void *arg2,
#endif
}
#endif
+
+/*
+ * prototype: CURLcode curl_global_init(long flags) { ... }
+ */
+#ifdef KSR_RTHREAD_NEED_4L
+typedef int (*_thread_proto4L)(long);
+struct _thread_args4L
+{
+ _thread_proto4L fn;
+ long arg1;
+ int *ret;
+};
+static void *run_thread_wrap4L(struct _thread_args4L *args)
+{
+ *args->ret = (*args->fn)(args->arg1);
+ return NULL;
+}
+
+static int run_thread4L(_thread_proto4L fn, long arg1)
+{
+#ifdef USE_TLS
+ pthread_t tid;
+ int ret;
+
+ if(likely(ksr_tls_threads_mode == 0
+ || (ksr_tls_threads_mode == 1 && process_no > 0))) {
+ return fn(arg1);
+ }
+ pthread_create(, NULL, (_thread_proto)run_thread_wrap4L,
+ &(struct _thread_args4L){fn, arg1, });
+ pthread_join(tid, NULL);
+
+ return ret;
+#else
+ return fn(arg1)
+#endif
+}
+#endif
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:f5822595: http_client: libssl thread executor for curl_global_init()
Module: kamailio
Branch: master
Commit: f58225950cc2bfa63a230a3bc8460bbcbfa7738e
URL:
https://github.com/kamailio/kamailio/commit/f58225950cc2bfa63a230a3bc8460bbcbfa7738e
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-27T05:01:31+08:00
http_client: libssl thread executor for curl_global_init()
---
Modified: src/modules/http_client/http_client.c
---
Diff:
https://github.com/kamailio/kamailio/commit/f58225950cc2bfa63a230a3bc8460bbcbfa7738e.diff
Patch:
https://github.com/kamailio/kamailio/commit/f58225950cc2bfa63a230a3bc8460bbcbfa7738e.patch
---
diff --git a/src/modules/http_client/http_client.c
b/src/modules/http_client/http_client.c
index 48844246984..ca605ec1729 100644
--- a/src/modules/http_client/http_client.c
+++ b/src/modules/http_client/http_client.c
@@ -64,6 +64,9 @@
#include "../../core/lvalue.h"
#include "../../core/pt.h" /* Process table */
#include "../../core/kemi.h"
+#define KSR_RTHREAD_NEED_4L
+#define KSR_RTHREAD_SKIP_P
+#include "../../core/rthreads.h"
#include "functions.h"
#include "curlcon.h"
@@ -76,8 +79,10 @@ MODULE_VERSION
#define CURL_USER_AGENT_LEN (sizeof(CURL_USER_AGENT) - 1)
/* Module parameter variables */
-unsigned int default_connection_timeout = 0; /*!< 0 = not user configured -
the default (4 seconds) will be used */
-unsigned int timeout_mode = 1; /*!< 0 = timeout disabled, 1 (default) =
timeout in seconds, 2 = timeout in ms */
+unsigned int default_connection_timeout =
+ 0; /*!< 0 = not user configured - the default (4 seconds) will
be used */
+unsigned int timeout_mode =
+ 1; /*!< 0 = timeout disabled, 1 (default) = timeout in seconds,
2 = timeout in ms */
char *default_tls_cacert =
NULL; /*!< File name: Default CA cert to use for curl TLS
connection */
str default_tls_clientcert =
@@ -280,7 +285,7 @@ static int mod_init(void)
LM_DBG("init curl module\n");
/* Initialize curl */
- if(curl_global_init(CURL_GLOBAL_ALL)) {
+ if(run_thread4L((_thread_proto4L)_global_init, CURL_GLOBAL_ALL)) {
LM_ERR("curl_global_init failed\n");
return -1;
}
@@ -317,16 +322,16 @@ static int mod_init(void)
* - 1 (default) : timeout value is in seconds.
* - 2 : timeout value is in milliseconds.
*/
- if (!(timeout_mode == 1 || timeout_mode == 2)) {
- if (default_connection_timeout > 0) {
+ if(!(timeout_mode == 1 || timeout_mode == 2)) {
+ if(default_connection_timeout > 0) {
LM_WARN("configured connection_timeout is ignored "
- "because timeouts are disabled
(timeout_mode)\n");
+ "because timeouts are disabled
(timeout_mode)\n");
}
- } else if (default_connection_timeout == 0) {
+ } else if(default_connection_timeout == 0) {
LM_INFO("curl connection timeout set to zero. Using default 4
secs\n");
- if (timeout_mode == 1) { /* timeout is in seconds (default) */
+ if(timeout_mode == 1) { /* timeout is in seconds (default) */
default_connection_timeout = 4;
- } else if (timeout_mode == 2) { /* timeout is in milliseconds */
+ } else if(timeout_mode == 2) { /* timeout is in milliseconds */
default_connection_timeout = 4000;
}
}
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:f5164b39: xcap_client: libssl thread executor for curl_global_init()
Module: kamailio
Branch: master
Commit: f5164b39c8b61792e9cf396cfcd0fe3ba567bb86
URL:
https://github.com/kamailio/kamailio/commit/f5164b39c8b61792e9cf396cfcd0fe3ba567bb86
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-27T05:01:45+08:00
xcap_client: libssl thread executor for curl_global_init()
---
Modified: src/modules/xcap_client/xcap_client.c
---
Diff:
https://github.com/kamailio/kamailio/commit/f5164b39c8b61792e9cf396cfcd0fe3ba567bb86.diff
Patch:
https://github.com/kamailio/kamailio/commit/f5164b39c8b61792e9cf396cfcd0fe3ba567bb86.patch
---
diff --git a/src/modules/xcap_client/xcap_client.c
b/src/modules/xcap_client/xcap_client.c
index ac77228bfde..4de2d367b63 100644
--- a/src/modules/xcap_client/xcap_client.c
+++ b/src/modules/xcap_client/xcap_client.c
@@ -41,6 +41,9 @@
#include "../../core/mem/shm_mem.h"
#include "../../core/rpc.h"
#include "../../core/rpc_lookup.h"
+#define KSR_RTHREAD_NEED_4L
+#define KSR_RTHREAD_SKIP_P
+#include "../../core/rthreads.h"
#include "../presence/utils_func.h"
#include "xcap_functions.h"
#include "xcap_client.h"
@@ -140,7 +143,7 @@ static int mod_init(void)
xcap_dbf.close(xcap_db);
xcap_db = NULL;
- curl_global_init(CURL_GLOBAL_ALL);
+ run_thread4L((_thread_proto4L)curl_global_init, CURL_GLOBAL_ALL);
if(periodical_query) {
register_timer(query_xcap_update, 0, query_period);
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:272a4e08: Revert 8b2573c1f7 - split into per module commits
Module: kamailio Branch: master Commit: 272a4e08be61870cd7788c8cd8dd9be29b50753f URL: https://github.com/kamailio/kamailio/commit/272a4e08be61870cd7788c8cd8dd9be29b50753f Author: S-P Chan Committer: S-P Chan Date: 2024-02-27T04:58:40+08:00 Revert 8b2573c1f7 - split into per module commits --- Modified: src/core/rthreads.h Modified: src/modules/http_async_client/http_multi.c Modified: src/modules/http_client/http_client.c Modified: src/modules/xcap_client/xcap_client.c --- Diff: https://github.com/kamailio/kamailio/commit/272a4e08be61870cd7788c8cd8dd9be29b50753f.diff Patch: https://github.com/kamailio/kamailio/commit/272a4e08be61870cd7788c8cd8dd9be29b50753f.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:ed9d7bc5: OpenSSL integration: manage curl_global_init(...) used by modules
Module: kamailio
Branch: 5.7
Commit: ed9d7bc58b1896652f2526daa524531a0945b7b3
URL:
https://github.com/kamailio/kamailio/commit/ed9d7bc58b1896652f2526daa524531a0945b7b3
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-26T10:45:02+08:00
OpenSSL integration: manage curl_global_init(...) used by modules
- http_client, http_async_client, xcap_client use libcurl
- call curl_global_init in a thread executor as it invokes
OpenSSL functions on Debian 12
- clang-format
Cherry-pick from ac4f1be039
---
Modified: src/core/rthreads.h
Modified: src/modules/http_async_client/http_multi.c
Modified: src/modules/http_client/http_client.c
Modified: src/modules/xcap_client/xcap_client.c
---
Diff:
https://github.com/kamailio/kamailio/commit/ed9d7bc58b1896652f2526daa524531a0945b7b3.diff
Patch:
https://github.com/kamailio/kamailio/commit/ed9d7bc58b1896652f2526daa524531a0945b7b3.patch
---
diff --git a/src/core/rthreads.h b/src/core/rthreads.h
index e96f45c9395..0f4f0cf8b8a 100644
--- a/src/core/rthreads.h
+++ b/src/core/rthreads.h
@@ -254,3 +254,41 @@ static int run_thread4P5I2P2(_thread_proto4P5I2P2 fn, void
*arg1, void *arg2,
#endif
}
#endif
+
+/*
+ * prototype: CURLcode curl_global_init(long flags) { ... }
+ */
+#ifdef KSR_RTHREAD_NEED_4L
+typedef int (*_thread_proto4L)(long);
+struct _thread_args4L
+{
+ _thread_proto4L fn;
+ long arg1;
+ int *ret;
+};
+static void *run_thread_wrap4L(struct _thread_args4L *args)
+{
+ *args->ret = (*args->fn)(args->arg1);
+ return NULL;
+}
+
+static int run_thread4L(_thread_proto4L fn, long arg1)
+{
+#ifdef USE_TLS
+ pthread_t tid;
+ int ret;
+
+ if(likely(ksr_tls_threads_mode == 0
+ || (ksr_tls_threads_mode == 1 && process_no > 0))) {
+ return fn(arg1);
+ }
+ pthread_create(, NULL, (_thread_proto)run_thread_wrap4L,
+ &(struct _thread_args4L){fn, arg1, });
+ pthread_join(tid, NULL);
+
+ return ret;
+#else
+ return fn(arg1)
+#endif
+}
+#endif
diff --git a/src/modules/http_async_client/http_multi.c
b/src/modules/http_async_client/http_multi.c
index a57aba9c951..a0ee1c877cf 100644
--- a/src/modules/http_async_client/http_multi.c
+++ b/src/modules/http_async_client/http_multi.c
@@ -32,6 +32,9 @@
#include "../../core/mem/mem.h"
#include "../../core/ut.h"
#include "../../core/hashes.h"
+#define KSR_RTHREAD_NEED_4L
+#define KSR_RTHREAD_SKIP_P
+#include "../../core/rthreads.h"
#include "http_multi.h"
extern int hash_size;
@@ -389,7 +392,8 @@ void set_curl_mem_callbacks(void)
break;
case 1:
LM_DBG("Initilizing cURL with sys malloc\n");
- rc = curl_global_init(CURL_GLOBAL_ALL);
+ rc = run_thread4L(
+ (_thread_proto4L)curl_global_init,
CURL_GLOBAL_ALL);
if(rc != 0) {
LM_ERR("Cannot initialize cURL: %d\n", rc);
}
diff --git a/src/modules/http_client/http_client.c
b/src/modules/http_client/http_client.c
index 430933e23d2..3cf662820f5 100644
--- a/src/modules/http_client/http_client.c
+++ b/src/modules/http_client/http_client.c
@@ -64,6 +64,9 @@
#include "../../core/lvalue.h"
#include "../../core/pt.h" /* Process table */
#include "../../core/kemi.h"
+#define KSR_RTHREAD_NEED_4L
+#define KSR_RTHREAD_SKIP_P
+#include "../../core/rthreads.h"
#include "functions.h"
#include "curlcon.h"
@@ -278,7 +281,7 @@ static int mod_init(void)
LM_DBG("init curl module\n");
/* Initialize curl */
- if(curl_global_init(CURL_GLOBAL_ALL)) {
+ if(run_thread4L((_thread_proto4L)_global_init, CURL_GLOBAL_ALL)) {
LM_ERR("curl_global_init failed\n");
return -1;
}
diff --git a/src/modules/xcap_client/xcap_client.c
b/src/modules/xcap_client/xcap_client.c
index ac77228bfde..4de2d367b63 100644
--- a/src/modules/xcap_client/xcap_client.c
+++ b/src/modules/xcap_client/xcap_client.c
@@ -41,6 +41,9 @@
#include "../../core/mem/shm_mem.h"
#include "../../core/rpc.h"
#include "../../core/rpc_lookup.h"
+#define KSR_RTHREAD_NEED_4L
+#define KSR_RTHREAD_SKIP_P
+#include "../../core/rthreads.h"
#include "../presence/utils_func.h"
#include "xcap_functions.h"
#include "xcap_client.h"
@@ -140,7 +143,7 @@ static int mod_init(void)
xcap_dbf.close(xcap_db);
xcap_db = NULL;
- curl_global_init(CURL_GLOBAL_ALL);
+ run_thread4L((_thread_proto4L)curl_global_init, CURL_GLOBAL_ALL);
if(periodical_query) {
register_timer(query_xcap_update, 0, query_period);
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:8b2573c1: OpenSSL integration: manage curl_global_init(...) used by modules
Module: kamailio Branch: master Commit: 8b2573c1f7c5e4bed24f8c5ca09817f613641a03 URL: https://github.com/kamailio/kamailio/commit/8b2573c1f7c5e4bed24f8c5ca09817f613641a03 Author: S-P Chan Committer: S-P Chan Date: 2024-02-26T10:40:19+08:00 OpenSSL integration: manage curl_global_init(...) used by modules - http_client, http_async_client, xcap_client use libcurl - call curl_global_init in a thread executor as it invokes OpenSSL functions on Debian 12 - clang-format --- Modified: src/core/rthreads.h Modified: src/modules/http_async_client/http_multi.c Modified: src/modules/http_client/http_client.c Modified: src/modules/xcap_client/xcap_client.c --- Diff: https://github.com/kamailio/kamailio/commit/8b2573c1f7c5e4bed24f8c5ca09817f613641a03.diff Patch: https://github.com/kamailio/kamailio/commit/8b2573c1f7c5e4bed24f8c5ca09817f613641a03.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:ac4f1be0: OpenSSL integration: manage curl_global_init(...) used by modules
Module: kamailio Branch: 5.8 Commit: ac4f1be039809d68483fe39e94b0803da1661a48 URL: https://github.com/kamailio/kamailio/commit/ac4f1be039809d68483fe39e94b0803da1661a48 Author: S-P Chan Committer: S-P Chan Date: 2024-02-26T10:36:36+08:00 OpenSSL integration: manage curl_global_init(...) used by modules - http_client, http_async_client, xcap_client use libcurl - call curl_global_init in a thread executor as it invokes OpenSSL functions on Debian 12 - clang-format --- Modified: src/core/rthreads.h Modified: src/modules/http_async_client/http_multi.c Modified: src/modules/http_client/http_client.c Modified: src/modules/xcap_client/xcap_client.c --- Diff: https://github.com/kamailio/kamailio/commit/ac4f1be039809d68483fe39e94b0803da1661a48.diff Patch: https://github.com/kamailio/kamailio/commit/ac4f1be039809d68483fe39e94b0803da1661a48.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:191efd64: tls: fix OpenSSL 1.1.1 compatibility
Module: kamailio
Branch: master
Commit: 191efd6485989de64713d0644368c2f58d984f5e
URL:
https://github.com/kamailio/kamailio/commit/191efd6485989de64713d0644368c2f58d984f5e
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-25T20:43:55+08:00
tls: fix OpenSSL 1.1.1 compatibility
---
Modified: src/modules/tls/tls_mod.c
---
Diff:
https://github.com/kamailio/kamailio/commit/191efd6485989de64713d0644368c2f58d984f5e.diff
Patch:
https://github.com/kamailio/kamailio/commit/191efd6485989de64713d0644368c2f58d984f5e.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 136f0e2deb2..550a1bcc2b5 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -688,6 +688,14 @@ int mod_register(char *path, int *dlflags, void *p1, void
*p2)
* GH #3695: OpenSSL 1.1.1 historical note: it is no longer
* needed to replace RAND with cryptorand
*/
+#if OPENSSL_VERSION_NUMBER >= 0x1010L \
+ && OPENSSL_VERSION_NUMBER < 0x03000L
+ if(ksr_tls_threads_mode == 0) {
+ LM_WARN("OpenSSL 1.1.1 setting cryptorand random engine\n");
+ RAND_set_rand_method(RAND_ksr_cryptorand_method());
+ }
+#endif
+
sr_kemi_modules_add(sr_kemi_tls_exports);
return 0;
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:b98718c2: tls: fix OpenSSL 1.1.1 compatibility
Module: kamailio
Branch: 5.8
Commit: b98718c28f72b1372a62b17174b43c403fa6b729
URL:
https://github.com/kamailio/kamailio/commit/b98718c28f72b1372a62b17174b43c403fa6b729
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-25T20:42:14+08:00
tls: fix OpenSSL 1.1.1 compatibility
---
Modified: src/modules/tls/tls_mod.c
---
Diff:
https://github.com/kamailio/kamailio/commit/b98718c28f72b1372a62b17174b43c403fa6b729.diff
Patch:
https://github.com/kamailio/kamailio/commit/b98718c28f72b1372a62b17174b43c403fa6b729.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 136f0e2deb2..550a1bcc2b5 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -688,6 +688,14 @@ int mod_register(char *path, int *dlflags, void *p1, void
*p2)
* GH #3695: OpenSSL 1.1.1 historical note: it is no longer
* needed to replace RAND with cryptorand
*/
+#if OPENSSL_VERSION_NUMBER >= 0x1010L \
+ && OPENSSL_VERSION_NUMBER < 0x03000L
+ if(ksr_tls_threads_mode == 0) {
+ LM_WARN("OpenSSL 1.1.1 setting cryptorand random engine\n");
+ RAND_set_rand_method(RAND_ksr_cryptorand_method());
+ }
+#endif
+
sr_kemi_modules_add(sr_kemi_tls_exports);
return 0;
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:88e1dce9: tls: fix restore early init
Module: kamailio
Branch: 5.7
Commit: 88e1dce91b2db99bf24a01e910dc5f2d78e62e1a
URL:
https://github.com/kamailio/kamailio/commit/88e1dce91b2db99bf24a01e910dc5f2d78e62e1a
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-25T12:59:22+08:00
tls: fix restore early init
Cherry-pick from a02ca644e8
---
Modified: src/modules/tls/tls_mod.c
---
Diff:
https://github.com/kamailio/kamailio/commit/88e1dce91b2db99bf24a01e910dc5f2d78e62e1a.diff
Patch:
https://github.com/kamailio/kamailio/commit/88e1dce91b2db99bf24a01e910dc5f2d78e62e1a.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 6058592aa01..664e35f7c33 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -468,19 +468,13 @@ static int mod_child(int rank)
if(tls_disable || (tls_domains_cfg == 0))
return 0;
-#if OPENSSL_VERSION_NUMBER >= 0x010101000L
/*
* OpenSSL 3.x/1.1.1: create shared SSL_CTX* in thread executor
-* to avoid init of libssl in thread#1
+* to avoid init of libssl in thread#1: ksr_tls_threads_mode = 1
*/
- if(rank == PROC_INIT && ksr_tls_threads_mode != 0) {
- return run_thread4PP((_thread_proto4PP)mod_child_hook, ,
NULL);
- }
-#else
if(rank == PROC_INIT) {
- return mod_child_hook(, NULL);
+ return run_thread4PP((_thread_proto4PP)mod_child_hook, ,
NULL);
}
-#endif /* OPENSSL_VERSION_NUMBER */
#ifndef OPENSSL_NO_ENGINE
/*
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:aa8fcf9e: tls: fix restore early init
Module: kamailio
Branch: 5.8
Commit: aa8fcf9ec76e7c4543db22de6de5ef62374c80be
URL:
https://github.com/kamailio/kamailio/commit/aa8fcf9ec76e7c4543db22de6de5ef62374c80be
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-25T12:57:19+08:00
tls: fix restore early init
---
Modified: src/modules/tls/tls_mod.c
---
Diff:
https://github.com/kamailio/kamailio/commit/aa8fcf9ec76e7c4543db22de6de5ef62374c80be.diff
Patch:
https://github.com/kamailio/kamailio/commit/aa8fcf9ec76e7c4543db22de6de5ef62374c80be.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 463814720b8..136f0e2deb2 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -468,19 +468,13 @@ static int mod_child(int rank)
if(tls_disable || (tls_domains_cfg == 0))
return 0;
-#if OPENSSL_VERSION_NUMBER >= 0x010101000L
/*
* OpenSSL 3.x/1.1.1: create shared SSL_CTX* in thread executor
- * to avoid init of libssl in thread#1
+ * to avoid init of libssl in thread#1: ksr_tls_threads_mode = 1
*/
- if(rank == PROC_INIT && ksr_tls_threads_mode != 0) {
- return run_thread4PP((_thread_proto4PP)mod_child_hook, ,
NULL);
- }
-#else
if(rank == PROC_INIT) {
- return mod_child_hook(, NULL);
+ return run_thread4PP((_thread_proto4PP)mod_child_hook, ,
NULL);
}
-#endif /* OPENSSL_VERSION_NUMBER */
#ifndef OPENSSL_NO_ENGINE
/*
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:a02ca644: tls: fix restore early init
Module: kamailio
Branch: master
Commit: a02ca644e889d011dd63acbabfc5550904ff7d4d
URL:
https://github.com/kamailio/kamailio/commit/a02ca644e889d011dd63acbabfc5550904ff7d4d
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-25T12:56:19+08:00
tls: fix restore early init
---
Modified: src/modules/tls/tls_mod.c
---
Diff:
https://github.com/kamailio/kamailio/commit/a02ca644e889d011dd63acbabfc5550904ff7d4d.diff
Patch:
https://github.com/kamailio/kamailio/commit/a02ca644e889d011dd63acbabfc5550904ff7d4d.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 463814720b8..136f0e2deb2 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -468,19 +468,13 @@ static int mod_child(int rank)
if(tls_disable || (tls_domains_cfg == 0))
return 0;
-#if OPENSSL_VERSION_NUMBER >= 0x010101000L
/*
* OpenSSL 3.x/1.1.1: create shared SSL_CTX* in thread executor
- * to avoid init of libssl in thread#1
+ * to avoid init of libssl in thread#1: ksr_tls_threads_mode = 1
*/
- if(rank == PROC_INIT && ksr_tls_threads_mode != 0) {
- return run_thread4PP((_thread_proto4PP)mod_child_hook, ,
NULL);
- }
-#else
if(rank == PROC_INIT) {
- return mod_child_hook(, NULL);
+ return run_thread4PP((_thread_proto4PP)mod_child_hook, ,
NULL);
}
-#endif /* OPENSSL_VERSION_NUMBER */
#ifndef OPENSSL_NO_ENGINE
/*
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:73b19da1: tls: restore early init for other modules that use TLS
Module: kamailio
Branch: 5.7
Commit: 73b19da1e0dd512f9eb77ca0606092c545e8fb99
URL:
https://github.com/kamailio/kamailio/commit/73b19da1e0dd512f9eb77ca0606092c545e8fb99
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-25T11:04:27+08:00
tls: restore early init for other modules that use TLS
Client modules (e.g. dispatcher) that require outbound TLS
may race if tls init is too late.
Restore tls init to PROC_INIT with a thread executor.
Addresses GH #3765
Cherry-pick from 706d7b7ff3
---
Modified: src/modules/tls/tls_mod.c
---
Diff:
https://github.com/kamailio/kamailio/commit/73b19da1e0dd512f9eb77ca0606092c545e8fb99.diff
Patch:
https://github.com/kamailio/kamailio/commit/73b19da1e0dd512f9eb77ca0606092c545e8fb99.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 0d8ea3df4c5..6058592aa01 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -42,6 +42,10 @@
#include "../../core/dprint.h"
#include "../../core/mod_fix.h"
#include "../../core/kemi.h"
+
+#define KSR_RTHREAD_SKIP_P
+#define KSR_RTHREAD_NEED_4PP
+#include "../../core/rthreads.h"
#include "tls_init.h"
#include "tls_server.h"
#include "tls_domain.h"
@@ -443,6 +447,22 @@ int tls_fix_engine_keys(tls_domains_cfg_t *, tls_domain_t
*, tls_domain_t *);
*
* EC operations do not use pthread_self(), so could use shared SSL_CTX
*/
+static int mod_child_hook(int *rank, void *dummy)
+{
+ LM_DBG("Loading SSL_CTX in process_no=%d rank=%d "
+ "ksr_tls_threads_mode=%d\n",
+ process_no, *rank, ksr_tls_threads_mode);
+ if(cfg_get(tls, tls_cfg, config_file).s) {
+ if(tls_fix_domains_cfg(*tls_domains_cfg, _defaults,
_defaults)
+ < 0)
+ return -1;
+ } else {
+ if(tls_fix_domains_cfg(*tls_domains_cfg, _params,
_params) < 0)
+ return -1;
+ }
+ return 0;
+}
+
static int mod_child(int rank)
{
if(tls_disable || (tls_domains_cfg == 0))
@@ -450,29 +470,17 @@ static int mod_child(int rank)
#if OPENSSL_VERSION_NUMBER >= 0x010101000L
/*
- * OpenSSL 3.x/1.1.1: create shared SSL_CTX* in worker to avoid init of
- * libssl in rank 0(thread#1). Requires tls_threads_mode = 1 config.
- */
- if((rank == PROC_SIPINIT && ksr_tls_threads_mode)
- || (rank == PROC_INIT && !ksr_tls_threads_mode)) {
+* OpenSSL 3.x/1.1.1: create shared SSL_CTX* in thread executor
+* to avoid init of libssl in thread#1
+*/
+ if(rank == PROC_INIT && ksr_tls_threads_mode != 0) {
+ return run_thread4PP((_thread_proto4PP)mod_child_hook, ,
NULL);
+ }
#else
if(rank == PROC_INIT) {
-#endif
- LM_DBG("Loading SSL_CTX in process_no=%d rank=%d "
- "ksr_tls_threads_mode=%d\n",
- process_no, rank, ksr_tls_threads_mode);
- if(cfg_get(tls, tls_cfg, config_file).s) {
- if(tls_fix_domains_cfg(
- *tls_domains_cfg, _defaults,
_defaults)
- < 0)
- return -1;
- } else {
- if(tls_fix_domains_cfg(*tls_domains_cfg, _params,
_params)
- < 0)
- return -1;
- }
- return 0;
+ return mod_child_hook(, NULL);
}
+#endif /* OPENSSL_VERSION_NUMBER */
#ifndef OPENSSL_NO_ENGINE
/*
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.8:49a9d8a4: tls: restore early init for other modules that use TLS
Module: kamailio
Branch: 5.8
Commit: 49a9d8a4fb2f8a03d478aed2a405f812d2c2c5e8
URL:
https://github.com/kamailio/kamailio/commit/49a9d8a4fb2f8a03d478aed2a405f812d2c2c5e8
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-25T10:58:33+08:00
tls: restore early init for other modules that use TLS
Client modules (e.g. dispatcher) that require outbound TLS
may race if tls init is too late.
Restore tls init to PROC_INIT with a thread executor.
Addresses GH #3765
Cherry-pick from 706d7b7ff3
---
Modified: src/modules/tls/tls_mod.c
---
Diff:
https://github.com/kamailio/kamailio/commit/49a9d8a4fb2f8a03d478aed2a405f812d2c2c5e8.diff
Patch:
https://github.com/kamailio/kamailio/commit/49a9d8a4fb2f8a03d478aed2a405f812d2c2c5e8.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index beaf1b7b70b..463814720b8 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -42,6 +42,10 @@
#include "../../core/dprint.h"
#include "../../core/mod_fix.h"
#include "../../core/kemi.h"
+
+#define KSR_RTHREAD_SKIP_P
+#define KSR_RTHREAD_NEED_4PP
+#include "../../core/rthreads.h"
#include "tls_init.h"
#include "tls_server.h"
#include "tls_domain.h"
@@ -443,32 +447,40 @@ int tls_fix_engine_keys(tls_domains_cfg_t *, tls_domain_t
*, tls_domain_t *);
*
* EC operations do not use pthread_self(), so could use shared SSL_CTX
*/
+static int mod_child_hook(int *rank, void *dummy)
+{
+ LM_DBG("Loading SSL_CTX in process_no=%d rank=%d "
+ "ksr_tls_threads_mode=%d\n",
+ process_no, *rank, ksr_tls_threads_mode);
+ if(cfg_get(tls, tls_cfg, config_file).s) {
+ if(tls_fix_domains_cfg(*tls_domains_cfg, _defaults,
_defaults)
+ < 0)
+ return -1;
+ } else {
+ if(tls_fix_domains_cfg(*tls_domains_cfg, _params,
_params) < 0)
+ return -1;
+ }
+ return 0;
+}
+
static int mod_child(int rank)
{
if(tls_disable || (tls_domains_cfg == 0))
return 0;
#if OPENSSL_VERSION_NUMBER >= 0x010101000L
-/*
- * OpenSSL 3.x/1.1.1: create shared SSL_CTX* in worker to avoid init of
- * libssl in rank 0(thread#1)
+ /*
+ * OpenSSL 3.x/1.1.1: create shared SSL_CTX* in thread executor
+ * to avoid init of libssl in thread#1
*/
-if(rank == PROC_SIPINIT) {
+ if(rank == PROC_INIT && ksr_tls_threads_mode != 0) {
+ return run_thread4PP((_thread_proto4PP)mod_child_hook, ,
NULL);
+ }
#else
-if(rank == PROC_INIT) {
-#endif
- if(cfg_get(tls, tls_cfg, config_file).s) {
- if(tls_fix_domains_cfg(
- *tls_domains_cfg, _defaults,
_defaults)
- < 0)
- return -1;
- } else {
- if(tls_fix_domains_cfg(*tls_domains_cfg, _params,
_params)
- < 0)
- return -1;
- }
- return 0;
+ if(rank == PROC_INIT) {
+ return mod_child_hook(, NULL);
}
+#endif /* OPENSSL_VERSION_NUMBER */
#ifndef OPENSSL_NO_ENGINE
/*
@@ -678,7 +690,7 @@ int mod_register(char *path, int *dlflags, void *p1, void
*p2)
register_tls_hooks(_h);
-/*
+ /*
* GH #3695: OpenSSL 1.1.1 historical note: it is no longer
* needed to replace RAND with cryptorand
*/
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:706d7b7f: tls: restore early init for other modules that use TLS
Module: kamailio
Branch: master
Commit: 706d7b7ff3bc2723614de328611c2100d19bf742
URL:
https://github.com/kamailio/kamailio/commit/706d7b7ff3bc2723614de328611c2100d19bf742
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-25T10:41:18+08:00
tls: restore early init for other modules that use TLS
Client modules (e.g. dispatcher) that require outbound TLS
may race if tls init is too late.
Restore tls init to PROC_INIT with a thread executor.
Addresses GH #3765
---
Modified: src/modules/tls/tls_mod.c
---
Diff:
https://github.com/kamailio/kamailio/commit/706d7b7ff3bc2723614de328611c2100d19bf742.diff
Patch:
https://github.com/kamailio/kamailio/commit/706d7b7ff3bc2723614de328611c2100d19bf742.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index beaf1b7b70b..463814720b8 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -42,6 +42,10 @@
#include "../../core/dprint.h"
#include "../../core/mod_fix.h"
#include "../../core/kemi.h"
+
+#define KSR_RTHREAD_SKIP_P
+#define KSR_RTHREAD_NEED_4PP
+#include "../../core/rthreads.h"
#include "tls_init.h"
#include "tls_server.h"
#include "tls_domain.h"
@@ -443,32 +447,40 @@ int tls_fix_engine_keys(tls_domains_cfg_t *, tls_domain_t
*, tls_domain_t *);
*
* EC operations do not use pthread_self(), so could use shared SSL_CTX
*/
+static int mod_child_hook(int *rank, void *dummy)
+{
+ LM_DBG("Loading SSL_CTX in process_no=%d rank=%d "
+ "ksr_tls_threads_mode=%d\n",
+ process_no, *rank, ksr_tls_threads_mode);
+ if(cfg_get(tls, tls_cfg, config_file).s) {
+ if(tls_fix_domains_cfg(*tls_domains_cfg, _defaults,
_defaults)
+ < 0)
+ return -1;
+ } else {
+ if(tls_fix_domains_cfg(*tls_domains_cfg, _params,
_params) < 0)
+ return -1;
+ }
+ return 0;
+}
+
static int mod_child(int rank)
{
if(tls_disable || (tls_domains_cfg == 0))
return 0;
#if OPENSSL_VERSION_NUMBER >= 0x010101000L
-/*
- * OpenSSL 3.x/1.1.1: create shared SSL_CTX* in worker to avoid init of
- * libssl in rank 0(thread#1)
+ /*
+ * OpenSSL 3.x/1.1.1: create shared SSL_CTX* in thread executor
+ * to avoid init of libssl in thread#1
*/
-if(rank == PROC_SIPINIT) {
+ if(rank == PROC_INIT && ksr_tls_threads_mode != 0) {
+ return run_thread4PP((_thread_proto4PP)mod_child_hook, ,
NULL);
+ }
#else
-if(rank == PROC_INIT) {
-#endif
- if(cfg_get(tls, tls_cfg, config_file).s) {
- if(tls_fix_domains_cfg(
- *tls_domains_cfg, _defaults,
_defaults)
- < 0)
- return -1;
- } else {
- if(tls_fix_domains_cfg(*tls_domains_cfg, _params,
_params)
- < 0)
- return -1;
- }
- return 0;
+ if(rank == PROC_INIT) {
+ return mod_child_hook(, NULL);
}
+#endif /* OPENSSL_VERSION_NUMBER */
#ifndef OPENSSL_NO_ENGINE
/*
@@ -678,7 +690,7 @@ int mod_register(char *path, int *dlflags, void *p1, void
*p2)
register_tls_hooks(_h);
-/*
+ /*
* GH #3695: OpenSSL 1.1.1 historical note: it is no longer
* needed to replace RAND with cryptorand
*/
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:46c0db15: db_mysql: libssl thread guard for db_mysql_query (and libmysqlclient)
Module: kamailio
Branch: 5.7
Commit: 46c0db156ab12a94419324947b806176b6cc14a8
URL:
https://github.com/kamailio/kamailio/commit/46c0db156ab12a94419324947b806176b6cc14a8
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-24T23:19:04+08:00
db_mysql: libssl thread guard for db_mysql_query (and libmysqlclient)
This function is observed to call SSL_read() when compiled with
libmysqlclient.so.21 (but not libmariadb.so.3).
Apply a thread executor just in case.
Cherry-pick from 1e42364451
---
Modified: src/modules/db_mysql/km_dbase.c
---
Diff:
https://github.com/kamailio/kamailio/commit/46c0db156ab12a94419324947b806176b6cc14a8.diff
Patch:
https://github.com/kamailio/kamailio/commit/46c0db156ab12a94419324947b806176b6cc14a8.patch
---
diff --git a/src/modules/db_mysql/km_dbase.c b/src/modules/db_mysql/km_dbase.c
index 7b65c0a012c..91ace58df5b 100644
--- a/src/modules/db_mysql/km_dbase.c
+++ b/src/modules/db_mysql/km_dbase.c
@@ -41,6 +41,7 @@
#define KSR_RTHREAD_NEED_4PP
#define KSR_RTHREAD_NEED_0P
+#define KSR_RTHREAD_NEED_4P5I2P2
#include "../../core/rthreads.h"
#include "../../lib/srdb1/db_query.h"
#include "../../lib/srdb1/db_ut.h"
@@ -348,12 +349,26 @@ int db_mysql_free_result(const db1_con_t *_h, db1_res_t
*_r)
* \param _r pointer to a structure representing the result
* \return zero on success, negative value on failure
*/
+
+/*
+ * this function observed to invoke SSL_read() under libmysqlclient.so.21
+ * but not libmariadb.so.3; apply libssl guard
+ */
+static int db_mysql_query_impl(const db1_con_t *_h, const db_key_t *_k,
+ const db_op_t *_op, const db_val_t *_v, const db_key_t *_c,
+ const int _n, const int _nc, const db_key_t _o, db1_res_t **_r)
+{
+ return db_do_query(_h, _k, _op, _v, _c, _n, _nc, _o, _r,
db_mysql_val2str,
+ db_mysql_submit_query, db_mysql_store_result);
+}
+
int db_mysql_query(const db1_con_t *_h, const db_key_t *_k, const db_op_t *_op,
const db_val_t *_v, const db_key_t *_c, const int _n, const int
_nc,
const db_key_t _o, db1_res_t **_r)
{
- return db_do_query(_h, _k, _op, _v, _c, _n, _nc, _o, _r,
db_mysql_val2str,
- db_mysql_submit_query, db_mysql_store_result);
+ return run_thread4P5I2P2((_thread_proto4P5I2P2)_mysql_query_impl,
+ (void *)_h, (void *)_k, (void *)_op, (void *)_v, (void
*)_c, _n,
+ _nc, (void *)_o, (void *)_r);
}
/**
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:2c082bd1: db_mysql: update docs for opt_ssl_ca
Module: kamailio
Branch: 5.7
Commit: 2c082bd135203382855b297de736b22fbedee672
URL:
https://github.com/kamailio/kamailio/commit/2c082bd135203382855b297de736b22fbedee672
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-24T23:18:56+08:00
db_mysql: update docs for opt_ssl_ca
Cherry-pick from eafd93f057
---
Modified: src/modules/db_mysql/doc/db_mysql_admin.xml
---
Diff:
https://github.com/kamailio/kamailio/commit/2c082bd135203382855b297de736b22fbedee672.diff
Patch:
https://github.com/kamailio/kamailio/commit/2c082bd135203382855b297de736b22fbedee672.patch
---
diff --git a/src/modules/db_mysql/doc/db_mysql_admin.xml
b/src/modules/db_mysql/doc/db_mysql_admin.xml
index 51c9b5b728d..dceb8253eb7 100644
--- a/src/modules/db_mysql/doc/db_mysql_admin.xml
+++ b/src/modules/db_mysql/doc/db_mysql_admin.xml
@@ -211,6 +211,30 @@ modparam("db_mysql", "update_affected_found", 1)
...
modparam("db_mysql", "opt_ssl_mode", 1)
...
+
+
+
+
+ opt_ssl_ca (string)
+
+ Configures the CA certs used to verify the MySQL server cert
when
+ SSL is enabled.
+
+
+ Required when opt_ssl_mode = 4 or 5 and db_mysql is built
+ with libmysqlclient.
+
+
+
+ Default value is NULL (NULL - not configured).
+
+
+
+ Set opt_ssl_ca parameter
+
+...
+modparam("db_mysql", "opt_ssl_ca", "/etc/ssl/certs/mysql-ca.pem")
+...
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:29f848c9: db_mysql: new module param opt_ssl_ca to configure CA certs
Module: kamailio
Branch: 5.7
Commit: 29f848c9a658af33b6a9693d709edf3a340c95d0
URL:
https://github.com/kamailio/kamailio/commit/29f848c9a658af33b6a9693d709edf3a340c95d0
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-24T23:18:31+08:00
db_mysql: new module param opt_ssl_ca to configure CA certs
ERROR: db_mysql [km_my_con.c:200]: db_mysql_new_connection():
driver error: SSL connection error: CA certificate is required
if ssl-mode is VERIFY_CA or VERIFY_IDENTITY
When opt_ssl_mode = 4 | 5 libmysqlclient.so.21
requires that the trusted CAs be configured.
Fixed with:
mysql_options(ptr->con, MYSQL_OPT_SSL_CA, (void *)db_mysql_opt_ssl_ca)
Note: libmariadb.so.3 doesn't require this setting
and uses the system trust store.
Cherry-pick from ea81e6cb8b
---
Modified: src/modules/db_mysql/db_mysql.c
Modified: src/modules/db_mysql/km_my_con.c
---
Diff:
https://github.com/kamailio/kamailio/commit/29f848c9a658af33b6a9693d709edf3a340c95d0.diff
Patch:
https://github.com/kamailio/kamailio/commit/29f848c9a658af33b6a9693d709edf3a340c95d0.patch
---
diff --git a/src/modules/db_mysql/db_mysql.c b/src/modules/db_mysql/db_mysql.c
index 1a698329bac..9a7aa8673b5 100644
--- a/src/modules/db_mysql/db_mysql.c
+++ b/src/modules/db_mysql/db_mysql.c
@@ -47,6 +47,7 @@ unsigned int my_server_timezone =
unsigned long my_client_ver = 0;
int db_mysql_unsigned_type = 0;
int db_mysql_opt_ssl_mode = 0;
+char *db_mysql_opt_ssl_ca = NULL;
struct mysql_counters_h mysql_cnts_h;
counter_def_t mysql_cnt_defs[] = {
@@ -100,6 +101,7 @@ static param_export_t params[] = {
{"insert_delayed", INT_PARAM, _mysql_insert_all_delayed},
{"update_affected_found", INT_PARAM,
_mysql_update_affected_found},
{"unsigned_type", PARAM_INT, _mysql_unsigned_type},
+ {"opt_ssl_ca", PARAM_STRING, _mysql_opt_ssl_ca},
{"opt_ssl_mode", PARAM_INT, _mysql_opt_ssl_mode}, {0, 0, 0}};
diff --git a/src/modules/db_mysql/km_my_con.c b/src/modules/db_mysql/km_my_con.c
index b4c4dca33b0..226d724f1ae 100644
--- a/src/modules/db_mysql/km_my_con.c
+++ b/src/modules/db_mysql/km_my_con.c
@@ -41,6 +41,7 @@
#include "db_mysql.h"
extern int db_mysql_opt_ssl_mode;
+extern char *db_mysql_opt_ssl_ca;
/*! \brief
* Create a new connection structure,
@@ -167,6 +168,9 @@ struct my_con *db_mysql_new_connection(const struct db_id
*id)
}
#endif /* MYSQL_VERSION_ID */
#endif /* MARIADB_BASE_VERSION */
+ if(db_mysql_opt_ssl_ca)
+ mysql_options(
+ ptr->con, MYSQL_OPT_SSL_CA, (const void
*)db_mysql_opt_ssl_ca);
#if MYSQL_VERSION_ID > 50012
/* set reconnect flag if enabled */
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:1e423644: db_mysql: libssl thread guard for db_mysql_query (and libmysqlclient)
Module: kamailio
Branch: master
Commit: 1e4236445167d837a89d54ce6bee5ef14aef568e
URL:
https://github.com/kamailio/kamailio/commit/1e4236445167d837a89d54ce6bee5ef14aef568e
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-14T19:49:10+08:00
db_mysql: libssl thread guard for db_mysql_query (and libmysqlclient)
This function is observed to call SSL_read() when compiled with
libmysqlclient.so.21 (but not libmariadb.so.3).
Apply a thread executor just in case.
---
Modified: src/modules/db_mysql/km_dbase.c
---
Diff:
https://github.com/kamailio/kamailio/commit/1e4236445167d837a89d54ce6bee5ef14aef568e.diff
Patch:
https://github.com/kamailio/kamailio/commit/1e4236445167d837a89d54ce6bee5ef14aef568e.patch
---
diff --git a/src/modules/db_mysql/km_dbase.c b/src/modules/db_mysql/km_dbase.c
index 7b65c0a012c..91ace58df5b 100644
--- a/src/modules/db_mysql/km_dbase.c
+++ b/src/modules/db_mysql/km_dbase.c
@@ -41,6 +41,7 @@
#define KSR_RTHREAD_NEED_4PP
#define KSR_RTHREAD_NEED_0P
+#define KSR_RTHREAD_NEED_4P5I2P2
#include "../../core/rthreads.h"
#include "../../lib/srdb1/db_query.h"
#include "../../lib/srdb1/db_ut.h"
@@ -348,12 +349,26 @@ int db_mysql_free_result(const db1_con_t *_h, db1_res_t
*_r)
* \param _r pointer to a structure representing the result
* \return zero on success, negative value on failure
*/
+
+/*
+ * this function observed to invoke SSL_read() under libmysqlclient.so.21
+ * but not libmariadb.so.3; apply libssl guard
+ */
+static int db_mysql_query_impl(const db1_con_t *_h, const db_key_t *_k,
+ const db_op_t *_op, const db_val_t *_v, const db_key_t *_c,
+ const int _n, const int _nc, const db_key_t _o, db1_res_t **_r)
+{
+ return db_do_query(_h, _k, _op, _v, _c, _n, _nc, _o, _r,
db_mysql_val2str,
+ db_mysql_submit_query, db_mysql_store_result);
+}
+
int db_mysql_query(const db1_con_t *_h, const db_key_t *_k, const db_op_t *_op,
const db_val_t *_v, const db_key_t *_c, const int _n, const int
_nc,
const db_key_t _o, db1_res_t **_r)
{
- return db_do_query(_h, _k, _op, _v, _c, _n, _nc, _o, _r,
db_mysql_val2str,
- db_mysql_submit_query, db_mysql_store_result);
+ return run_thread4P5I2P2((_thread_proto4P5I2P2)_mysql_query_impl,
+ (void *)_h, (void *)_k, (void *)_op, (void *)_v, (void
*)_c, _n,
+ _nc, (void *)_o, (void *)_r);
}
/**
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:c89fe41b: db_mysql: fix typos
Module: kamailio
Branch: master
Commit: c89fe41b1583af74cdf7e20d2357d7c90990839f
URL:
https://github.com/kamailio/kamailio/commit/c89fe41b1583af74cdf7e20d2357d7c90990839f
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-14T15:20:35+08:00
db_mysql: fix typos
The option opt_ssl_ca is a string not integer.
The comment for ea81e6cb should show the code fix as
mysql_options(ptr->con, MYSQL_OPT_SSL_CA, (void *)db_mysql_opt_ssl_ca)
---
Modified: src/modules/db_mysql/doc/db_mysql_admin.xml
---
Diff:
https://github.com/kamailio/kamailio/commit/c89fe41b1583af74cdf7e20d2357d7c90990839f.diff
Patch:
https://github.com/kamailio/kamailio/commit/c89fe41b1583af74cdf7e20d2357d7c90990839f.patch
---
diff --git a/src/modules/db_mysql/doc/db_mysql_admin.xml
b/src/modules/db_mysql/doc/db_mysql_admin.xml
index 7297f2d1b15..18c703838ce 100644
--- a/src/modules/db_mysql/doc/db_mysql_admin.xml
+++ b/src/modules/db_mysql/doc/db_mysql_admin.xml
@@ -219,7 +219,7 @@ modparam("db_mysql", "opt_ssl_mode", 1)
- opt_ssl_ca (integer)
+ opt_ssl_ca (string)
Configures the CA certs used to verify the MySQL server cert
when
SSL is enabled.
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:eafd93f0: db_mysql: update docs for opt_ssl_ca
Module: kamailio
Branch: master
Commit: eafd93f0576504ea03fe6b5e3898506072218cef
URL:
https://github.com/kamailio/kamailio/commit/eafd93f0576504ea03fe6b5e3898506072218cef
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-14T15:09:24+08:00
db_mysql: update docs for opt_ssl_ca
---
Modified: src/modules/db_mysql/doc/db_mysql_admin.xml
---
Diff:
https://github.com/kamailio/kamailio/commit/eafd93f0576504ea03fe6b5e3898506072218cef.diff
Patch:
https://github.com/kamailio/kamailio/commit/eafd93f0576504ea03fe6b5e3898506072218cef.patch
---
diff --git a/src/modules/db_mysql/doc/db_mysql_admin.xml
b/src/modules/db_mysql/doc/db_mysql_admin.xml
index f1ff53df0ed..7297f2d1b15 100644
--- a/src/modules/db_mysql/doc/db_mysql_admin.xml
+++ b/src/modules/db_mysql/doc/db_mysql_admin.xml
@@ -215,6 +215,30 @@ modparam("db_mysql", "update_affected_found", 1)
...
modparam("db_mysql", "opt_ssl_mode", 1)
...
+
+
+
+
+ opt_ssl_ca (integer)
+
+ Configures the CA certs used to verify the MySQL server cert
when
+ SSL is enabled.
+
+
+ Required when opt_ssl_mode = 4 or 5 and db_mysql is built
+ with libmysqlclient.
+
+
+
+ Default value is NULL (NULL - not configured).
+
+
+
+ Set opt_ssl_ca parameter
+
+...
+modparam("db_mysql", "opt_ssl_ca", "/etc/ssl/certs/mysql-ca.pem")
+...
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:ea81e6cb: db_mysql: new module param opt_ssl_ca to configure CA certs
Module: kamailio
Branch: master
Commit: ea81e6cb8b2b2d896de7a07ce191876f9f182673
URL:
https://github.com/kamailio/kamailio/commit/ea81e6cb8b2b2d896de7a07ce191876f9f182673
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-14T15:08:56+08:00
db_mysql: new module param opt_ssl_ca to configure CA certs
ERROR: db_mysql [km_my_con.c:200]: db_mysql_new_connection():
driver error: SSL connection error: CA certificate is required
if ssl-mode is VERIFY_CA or VERIFY_IDENTITY
When opt_ssl_mode = 4 | 5 libmysqclient
requires that the trusted CAs be configured.
Fixed with:
mysql_options(ptr->con, MYSQL_OPT_SSL_CA, (void *)db_mysql_opt_ssl_mode)
Note: libmariadb3 doesn't require this setting
and uses the system trust store.
---
Modified: src/modules/db_mysql/db_mysql.c
Modified: src/modules/db_mysql/km_my_con.c
---
Diff:
https://github.com/kamailio/kamailio/commit/ea81e6cb8b2b2d896de7a07ce191876f9f182673.diff
Patch:
https://github.com/kamailio/kamailio/commit/ea81e6cb8b2b2d896de7a07ce191876f9f182673.patch
---
diff --git a/src/modules/db_mysql/db_mysql.c b/src/modules/db_mysql/db_mysql.c
index 1a698329bac..9a7aa8673b5 100644
--- a/src/modules/db_mysql/db_mysql.c
+++ b/src/modules/db_mysql/db_mysql.c
@@ -47,6 +47,7 @@ unsigned int my_server_timezone =
unsigned long my_client_ver = 0;
int db_mysql_unsigned_type = 0;
int db_mysql_opt_ssl_mode = 0;
+char *db_mysql_opt_ssl_ca = NULL;
struct mysql_counters_h mysql_cnts_h;
counter_def_t mysql_cnt_defs[] = {
@@ -100,6 +101,7 @@ static param_export_t params[] = {
{"insert_delayed", INT_PARAM, _mysql_insert_all_delayed},
{"update_affected_found", INT_PARAM,
_mysql_update_affected_found},
{"unsigned_type", PARAM_INT, _mysql_unsigned_type},
+ {"opt_ssl_ca", PARAM_STRING, _mysql_opt_ssl_ca},
{"opt_ssl_mode", PARAM_INT, _mysql_opt_ssl_mode}, {0, 0, 0}};
diff --git a/src/modules/db_mysql/km_my_con.c b/src/modules/db_mysql/km_my_con.c
index b4c4dca33b0..226d724f1ae 100644
--- a/src/modules/db_mysql/km_my_con.c
+++ b/src/modules/db_mysql/km_my_con.c
@@ -41,6 +41,7 @@
#include "db_mysql.h"
extern int db_mysql_opt_ssl_mode;
+extern char *db_mysql_opt_ssl_ca;
/*! \brief
* Create a new connection structure,
@@ -167,6 +168,9 @@ struct my_con *db_mysql_new_connection(const struct db_id
*id)
}
#endif /* MYSQL_VERSION_ID */
#endif /* MARIADB_BASE_VERSION */
+ if(db_mysql_opt_ssl_ca)
+ mysql_options(
+ ptr->con, MYSQL_OPT_SSL_CA, (const void
*)db_mysql_opt_ssl_ca);
#if MYSQL_VERSION_ID > 50012
/* set reconnect flag if enabled */
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:a0dfb8cb: tls: raise logging level of early messages in mod_register
Module: kamailio
Branch: 5.7
Commit: a0dfb8cbdf4282040351e9dc014d9ef13e0e77fd
URL:
https://github.com/kamailio/kamailio/commit/a0dfb8cbdf4282040351e9dc014d9ef13e0e77fd
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-13T19:11:20+08:00
tls: raise logging level of early messages in mod_register
---
Modified: src/modules/tls/tls_mod.c
---
Diff:
https://github.com/kamailio/kamailio/commit/a0dfb8cbdf4282040351e9dc014d9ef13e0e77fd.diff
Patch:
https://github.com/kamailio/kamailio/commit/a0dfb8cbdf4282040351e9dc014d9ef13e0e77fd.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 905ca6f2411..0d8ea3df4c5 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -689,7 +689,7 @@ int mod_register(char *path, int *dlflags, void *p1, void
*p2)
#if OPENSSL_VERSION_NUMBER >= 0x1010L \
&& OPENSSL_VERSION_NUMBER < 0x03000L
if(ksr_tls_threads_mode == 0) {
- LM_DBG("setting cryptorand random engine\n");
+ LM_WARN("OpenSSL 1.1.1 setting cryptorand random engine\n");
RAND_set_rand_method(RAND_ksr_cryptorand_method());
}
#endif
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:5d7d7ea5: tls: add logging
Module: kamailio
Branch: 5.7
Commit: 5d7d7ea54c908cae333ed3cafd4a2cc93cacd4db
URL:
https://github.com/kamailio/kamailio/commit/5d7d7ea54c908cae333ed3cafd4a2cc93cacd4db
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-13T17:23:31+08:00
tls: add logging
---
Modified: src/modules/tls/tls_mod.c
---
Diff:
https://github.com/kamailio/kamailio/commit/5d7d7ea54c908cae333ed3cafd4a2cc93cacd4db.diff
Patch:
https://github.com/kamailio/kamailio/commit/5d7d7ea54c908cae333ed3cafd4a2cc93cacd4db.patch
---
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 5d3982b64d9..905ca6f2411 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -458,6 +458,9 @@ static int mod_child(int rank)
#else
if(rank == PROC_INIT) {
#endif
+ LM_DBG("Loading SSL_CTX in process_no=%d rank=%d "
+ "ksr_tls_threads_mode=%d\n",
+ process_no, rank, ksr_tls_threads_mode);
if(cfg_get(tls, tls_cfg, config_file).s) {
if(tls_fix_domains_cfg(
*tls_domains_cfg, _defaults,
_defaults)
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:eb7aa576: tls: restore some function calls in non-threaded mode
Module: kamailio Branch: 5.7 Commit: eb7aa57676f48f16cc66a16c511ed45ac9c8f62e URL: https://github.com/kamailio/kamailio/commit/eb7aa57676f48f16cc66a16c511ed45ac9c8f62e Author: S-P Chan Committer: S-P Chan Date: 2024-02-13T11:08:29+08:00 tls: restore some function calls in non-threaded mode In the case that tls_threads_mode = 0 we restore the earlier behaviour of 5.7.3. - OpenSSL 1.1.1: restore early call to RAND_set_rand_method - OpenSSL 3.x: restore enable locking on EVP_RAND_CTX --- Modified: src/modules/tls/tls_init.c Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/eb7aa57676f48f16cc66a16c511ed45ac9c8f62e.diff Patch: https://github.com/kamailio/kamailio/commit/eb7aa57676f48f16cc66a16c511ed45ac9c8f62e.patch ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:0936b6b7: db_postgres: libssl thread guard for db_postgres_close
Module: kamailio
Branch: 5.7
Commit: 0936b6b70efe2e9d05766ce925ca10e4ff4bf7be
URL:
https://github.com/kamailio/kamailio/commit/0936b6b70efe2e9d05766ce925ca10e4ff4bf7be
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-08T14:28:12+08:00
db_postgres: libssl thread guard for db_postgres_close
---
Modified: src/modules/db_postgres/km_dbase.c
---
Diff:
https://github.com/kamailio/kamailio/commit/0936b6b70efe2e9d05766ce925ca10e4ff4bf7be.diff
Patch:
https://github.com/kamailio/kamailio/commit/0936b6b70efe2e9d05766ce925ca10e4ff4bf7be.patch
---
diff --git a/src/modules/db_postgres/km_dbase.c
b/src/modules/db_postgres/km_dbase.c
index 7948ff0075f..e8dce6e09ea 100644
--- a/src/modules/db_postgres/km_dbase.c
+++ b/src/modules/db_postgres/km_dbase.c
@@ -45,6 +45,7 @@
#include "../../core/clist.h"
#define KSR_RTHREAD_NEED_PI
#define KSR_RTHREAD_NEED_4PP
+#define KSR_RTHREAD_NEED_0P
#include "../../core/rthreads.h"
#include "km_dbase.h"
#include "km_pg_con.h"
@@ -147,11 +148,16 @@ db1_con_t *db_postgres_init2(const str *_url,
db_pooling_t pooling)
* \param _h closed connection, as returned from db_postgres_init
* \note free all memory and resources
*/
-void db_postgres_close(db1_con_t *_h)
+static void db_postgres_close_impl(db1_con_t *_h)
{
db_do_close(_h, db_postgres_free_connection);
}
+void db_postgres_close(db1_con_t *_h)
+{
+ run_thread0P((_thread_proto0P)db_postgres_close_impl, _h);
+}
+
/*!
* \brief Submit_query, run a query
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:58082265: db_unixodbc: libssl thread guards for db_unixodbc_(close|free_result|query)
Module: kamailio
Branch: 5.7
Commit: 5808226593fcf11d4713b2161809466568c51682
URL:
https://github.com/kamailio/kamailio/commit/5808226593fcf11d4713b2161809466568c51682
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-08T14:28:12+08:00
db_unixodbc: libssl thread guards for db_unixodbc_(close|free_result|query)
---
Modified: src/modules/db_unixodbc/dbase.c
---
Diff:
https://github.com/kamailio/kamailio/commit/5808226593fcf11d4713b2161809466568c51682.diff
Patch:
https://github.com/kamailio/kamailio/commit/5808226593fcf11d4713b2161809466568c51682.patch
---
diff --git a/src/modules/db_unixodbc/dbase.c b/src/modules/db_unixodbc/dbase.c
index 7a5f2bdb09e..01aab5bb273 100644
--- a/src/modules/db_unixodbc/dbase.c
+++ b/src/modules/db_unixodbc/dbase.c
@@ -26,6 +26,8 @@
#include "../../core/dprint.h"
#include "../../core/async_task.h"
#define KSR_RTHREAD_NEED_4PP
+#define KSR_RTHREAD_NEED_4P5I2P2
+#define KSR_RTHREAD_NEED_0P
#include "../../core/rthreads.h"
#include "../../lib/srdb1/db_query.h"
#include "val.h"
@@ -254,11 +256,16 @@ db1_con_t *db_unixodbc_init(const str *_url)
* Shut down database module
* No function should be called after this
*/
-void db_unixodbc_close(db1_con_t *_h)
+static void db_unixodbc_close_impl(db1_con_t *_h)
{
return db_do_close(_h, db_unixodbc_free_connection);
}
+void db_unixodbc_close(db1_con_t *_h)
+{
+ run_thread0P((_thread_proto0P)db_unixodbc_close_impl, _h);
+}
+
/*
* Retrieve result set
*/
@@ -299,7 +306,7 @@ static int db_unixodbc_store_result(const db1_con_t *_h,
db1_res_t **_r)
/*
* Release a result set from memory
*/
-int db_unixodbc_free_result(db1_con_t *_h, db1_res_t *_r)
+static int db_unixodbc_free_result_impl(db1_con_t *_h, db1_res_t *_r)
{
if((!_h) || (!_r)) {
LM_ERR("invalid parameter value\n");
@@ -315,6 +322,11 @@ int db_unixodbc_free_result(db1_con_t *_h, db1_res_t *_r)
return 0;
}
+int db_unixodbc_free_result(db1_con_t *_h, db1_res_t *_r)
+{
+ return run_thread4PP((_thread_proto4PP)db_unixodbc_free_result_impl,
_h, _r);
+}
+
/*
* Query table for specified rows
* _h: structure representing database connection
@@ -326,7 +338,7 @@ int db_unixodbc_free_result(db1_con_t *_h, db1_res_t *_r)
* _nc: number of columns to return
* _o: order by the specified column
*/
-int db_unixodbc_query(const db1_con_t *_h, const db_key_t *_k,
+static int db_unixodbc_query_impl(const db1_con_t *_h, const db_key_t *_k,
const db_op_t *_op, const db_val_t *_v, const db_key_t *_c,
const int _n, const int _nc, const db_key_t _o, db1_res_t **_r)
{
@@ -335,6 +347,15 @@ int db_unixodbc_query(const db1_con_t *_h, const db_key_t
*_k,
db_unixodbc_store_result);
}
+int db_unixodbc_query(const db1_con_t *_h, const db_key_t *_k,
+ const db_op_t *_op, const db_val_t *_v, const db_key_t *_c,
+ const int _n, const int _nc, const db_key_t _o, db1_res_t **_r)
+{
+ return run_thread4P5I2P2((_thread_proto4P5I2P2)db_unixodbc_query_impl,
+ (void *)_h, (void *)_k, (void *)_op, (void *)_v, (void
*)_c, _n,
+ _nc, (void *)_o, (void *)_r);
+}
+
/*!
* \brief Gets a partial result set, fetch rows from a result
*
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:0d0c9910: core/rthreads.h: thread wrapper for db_XXXX_query
Module: kamailio
Branch: 5.7
Commit: 0d0c9910095e3e87a4d27be5af30f02cd5f26020
URL:
https://github.com/kamailio/kamailio/commit/0d0c9910095e3e87a4d27be5af30f02cd5f26020
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-08T14:28:12+08:00
core/rthreads.h: thread wrapper for db__query
---
Modified: src/core/rthreads.h
---
Diff:
https://github.com/kamailio/kamailio/commit/0d0c9910095e3e87a4d27be5af30f02cd5f26020.diff
Patch:
https://github.com/kamailio/kamailio/commit/0d0c9910095e3e87a4d27be5af30f02cd5f26020.patch
---
diff --git a/src/core/rthreads.h b/src/core/rthreads.h
index add3426d4db..fa60ccef071 100644
--- a/src/core/rthreads.h
+++ b/src/core/rthreads.h
@@ -195,3 +195,55 @@ static void run_thread0P(_thread_proto0P fn, void *arg1)
#endif /* USE_TLS */
}
#endif
+
+/*
+ * prototype:
+ * db_unixodbc_query(const db1_con_t *_h, const db_key_t *_k,
+ *const db_op_t *_op, const db_val_t *_v, const db_key_t *_c,
+ *const int _n, const int _nc, const db_key_t _o, db1_res_t **_r)
+ */
+#ifdef KSR_RTHREAD_NEED_4P5I2P2
+typedef int (*_thread_proto4P5I2P2)(
+ void *, void *, void *, void *, void *, int, int, void *, void
*);
+struct _thread_args4P5I2P2
+{
+ _thread_proto4P5I2P2 fn;
+ void *arg1;
+ void *arg2;
+ void *arg3;
+ void *arg4;
+ void *arg5;
+ int arg6;
+ int arg7;
+ void *arg8;
+ void *arg9;
+ int *ret;
+};
+static void *run_thread_wrap4P5I2P2(struct _thread_args4P5I2P2 *args)
+{
+ *args->ret = (*args->fn)(args->arg1, args->arg2, args->arg3, args->arg4,
+ args->arg5, args->arg6, args->arg7, args->arg8,
args->arg9);
+ return NULL;
+}
+
+static int run_thread4P5I2P2(_thread_proto4P5I2P2 fn, void *arg1, void *arg2,
+ void *arg3, void *arg4, void *arg5, int arg6, int arg7, void
*arg8,
+ void *arg9)
+{
+#ifdef USE_TLS
+ pthread_t tid;
+ int ret;
+
+ if(likely(process_no)) {
+ return fn(arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8, arg9);
+ }
+ pthread_create(, NULL, (_thread_proto)run_thread_wrap4P5I2P2,
+ &(struct _thread_args4P5I2P2){fn, arg1, arg2, arg3,
arg4, arg5,
+ arg6, arg7, arg8, arg9, });
+ pthread_join(tid, NULL);
+ return ret;
+#else
+ return fn(arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8, arg9);
+#endif
+}
+#endif
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:f4edfd47: db_mysql: libssl thread guard for db_mysql_close
Module: kamailio
Branch: 5.7
Commit: f4edfd47aa18aecaf5650bb39a69c6e800c14f2d
URL:
https://github.com/kamailio/kamailio/commit/f4edfd47aa18aecaf5650bb39a69c6e800c14f2d
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-08T14:28:12+08:00
db_mysql: libssl thread guard for db_mysql_close
---
Modified: src/modules/db_mysql/km_dbase.c
---
Diff:
https://github.com/kamailio/kamailio/commit/f4edfd47aa18aecaf5650bb39a69c6e800c14f2d.diff
Patch:
https://github.com/kamailio/kamailio/commit/f4edfd47aa18aecaf5650bb39a69c6e800c14f2d.patch
---
diff --git a/src/modules/db_mysql/km_dbase.c b/src/modules/db_mysql/km_dbase.c
index e86e4a0391b..7b65c0a012c 100644
--- a/src/modules/db_mysql/km_dbase.c
+++ b/src/modules/db_mysql/km_dbase.c
@@ -40,6 +40,7 @@
#include "../../core/async_task.h"
#define KSR_RTHREAD_NEED_4PP
+#define KSR_RTHREAD_NEED_0P
#include "../../core/rthreads.h"
#include "../../lib/srdb1/db_query.h"
#include "../../lib/srdb1/db_ut.h"
@@ -228,11 +229,16 @@ db1_con_t *db_mysql_init(const str *_url)
* \param _h handle to the closed connection
* \return zero on success, negative value on failure
*/
-void db_mysql_close(db1_con_t *_h)
+static void db_mysql_close_impl(db1_con_t *_h)
{
db_do_close(_h, db_mysql_free_connection);
}
+void db_mysql_close(db1_con_t *_h)
+{
+ run_thread0P((_thread_proto0P)db_mysql_close_impl, _h);
+}
+
/**
* Retrieve a result set
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:f0289725: core/rthreads.h: use thread wrappers only for process#0
Module: kamailio
Branch: 5.7
Commit: f028972588296858429e28f941a085131af8084c
URL:
https://github.com/kamailio/kamailio/commit/f028972588296858429e28f941a085131af8084c
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-07T17:36:38+08:00
core/rthreads.h: use thread wrappers only for process#0
- for process#0 use threads to avoid initializing libssl thread-locals in
thread#1
- for process_no > 0 revert to standard behaviour and reduce
overhead of creating threads
---
Modified: src/core/rthreads.h
---
Diff:
https://github.com/kamailio/kamailio/commit/f028972588296858429e28f941a085131af8084c.diff
Patch:
https://github.com/kamailio/kamailio/commit/f028972588296858429e28f941a085131af8084c.patch
---
diff --git a/src/core/rthreads.h b/src/core/rthreads.h
index a416ad2ca50..add3426d4db 100644
--- a/src/core/rthreads.h
+++ b/src/core/rthreads.h
@@ -35,13 +35,20 @@ typedef void *(*_thread_proto)(void *);
#ifndef KSR_RTHREAD_SKIP_P
static void *run_threadP(_thread_proto fn, void *arg)
{
+#ifdef USE_TLS
pthread_t tid;
void *ret;
+ if(likely(process_no)) {
+ return fn(arg);
+ }
pthread_create(, NULL, fn, arg);
pthread_join(tid, );
return ret;
+#else
+ return fn(arg);
+#endif /* USE_TLS */
}
#endif
@@ -63,14 +70,21 @@ static void *run_thread_wrapPI(struct _thread_argsPI *args)
static void *run_threadPI(_thread_protoPI fn, void *arg1, int arg2)
{
+#ifdef USE_TLS
pthread_t tid;
void *ret;
+ if(likely(process_no)) {
+ return fn(arg1, arg2);
+ }
pthread_create(, NULL, (_thread_proto)_thread_wrapPI,
&(struct _thread_argsPI){fn, arg1, arg2});
pthread_join(tid, );
return ret;
+#else
+ return fn(arg1, arg2);
+#endif /* USE_TLS */
}
#endif
@@ -91,11 +105,20 @@ static void *run_thread_wrapV(struct _thread_argsV *args)
static void run_threadV(_thread_protoV fn)
{
+#ifdef USE_TLS
pthread_t tid;
+ if(likely(process_no)) {
+ fn();
+ return;
+ }
+
pthread_create(, NULL, (_thread_proto)run_thread_wrapV,
&(struct _thread_argsV){fn});
pthread_join(tid, NULL);
+#else
+ fn();
+#endif /* USE_TLS */
}
#endif
@@ -119,14 +142,22 @@ static void *run_thread_wrap4PP(struct _thread_args4PP
*args)
static int run_thread4PP(_thread_proto4PP fn, void *arg1, void *arg2)
{
+#ifdef USE_TLS
pthread_t tid;
int ret;
+ if(likely(process_no)) {
+ return fn(arg1, arg2);
+ }
+
pthread_create(, NULL, (_thread_proto)run_thread_wrap4PP,
&(struct _thread_args4PP){fn, arg1, arg2, });
pthread_join(tid, NULL);
return ret;
+#else
+ return fn(arg1, arg2);
+#endif
}
#endif
@@ -148,10 +179,19 @@ static void *run_thread_wrap0P(struct _thread_args0P
*args)
static void run_thread0P(_thread_proto0P fn, void *arg1)
{
+#ifdef USE_TLS
pthread_t tid;
+ if(likely(process_no)) {
+ fn(arg1);
+ return;
+ }
+
pthread_create(, NULL, (_thread_proto)run_thread_wrap0P,
&(struct _thread_args0P){fn, arg1});
pthread_join(tid, NULL);
+#else
+ fn(arg1);
+#endif /* USE_TLS */
}
#endif
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:c393d5d5: db_unixodbc: libssl thread guards for db_unixodbc_(close|free_result|query)
Module: kamailio
Branch: master
Commit: c393d5d5d167bdbf9a2f465effdc761195ed1279
URL:
https://github.com/kamailio/kamailio/commit/c393d5d5d167bdbf9a2f465effdc761195ed1279
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-09T07:05:17+08:00
db_unixodbc: libssl thread guards for db_unixodbc_(close|free_result|query)
---
Modified: src/modules/db_unixodbc/dbase.c
---
Diff:
https://github.com/kamailio/kamailio/commit/c393d5d5d167bdbf9a2f465effdc761195ed1279.diff
Patch:
https://github.com/kamailio/kamailio/commit/c393d5d5d167bdbf9a2f465effdc761195ed1279.patch
---
diff --git a/src/modules/db_unixodbc/dbase.c b/src/modules/db_unixodbc/dbase.c
index 7a5f2bdb09e..aa2387ee26e 100644
--- a/src/modules/db_unixodbc/dbase.c
+++ b/src/modules/db_unixodbc/dbase.c
@@ -26,6 +26,8 @@
#include "../../core/dprint.h"
#include "../../core/async_task.h"
#define KSR_RTHREAD_NEED_4PP
+#define KSR_RTHREAD_NEED_4P5I2P2
+#define KSR_RTHREAD_NEED_0P
#include "../../core/rthreads.h"
#include "../../lib/srdb1/db_query.h"
#include "val.h"
@@ -254,11 +256,16 @@ db1_con_t *db_unixodbc_init(const str *_url)
* Shut down database module
* No function should be called after this
*/
-void db_unixodbc_close(db1_con_t *_h)
+static void db_unixodbc_close_impl(db1_con_t *_h)
{
return db_do_close(_h, db_unixodbc_free_connection);
}
+void db_unixodbc_close(db1_con_t *_h)
+{
+ run_thread0P((_thread_proto0P)db_unixodbc_close_impl, _h);
+}
+
/*
* Retrieve result set
*/
@@ -299,7 +306,7 @@ static int db_unixodbc_store_result(const db1_con_t *_h,
db1_res_t **_r)
/*
* Release a result set from memory
*/
-int db_unixodbc_free_result(db1_con_t *_h, db1_res_t *_r)
+static int db_unixodbc_free_result_impl(db1_con_t *_h, db1_res_t *_r)
{
if((!_h) || (!_r)) {
LM_ERR("invalid parameter value\n");
@@ -315,6 +322,12 @@ int db_unixodbc_free_result(db1_con_t *_h, db1_res_t *_r)
return 0;
}
+int db_unixodbc_free_result(db1_con_t *_h, db1_res_t *_r)
+{
+ return run_thread4PP(
+ (_thread_proto4PP)db_unixodbc_free_result_impl, _h, _r);
+}
+
/*
* Query table for specified rows
* _h: structure representing database connection
@@ -326,7 +339,7 @@ int db_unixodbc_free_result(db1_con_t *_h, db1_res_t *_r)
* _nc: number of columns to return
* _o: order by the specified column
*/
-int db_unixodbc_query(const db1_con_t *_h, const db_key_t *_k,
+static int db_unixodbc_query_impl(const db1_con_t *_h, const db_key_t *_k,
const db_op_t *_op, const db_val_t *_v, const db_key_t *_c,
const int _n, const int _nc, const db_key_t _o, db1_res_t **_r)
{
@@ -335,6 +348,15 @@ int db_unixodbc_query(const db1_con_t *_h, const db_key_t
*_k,
db_unixodbc_store_result);
}
+int db_unixodbc_query(const db1_con_t *_h, const db_key_t *_k,
+ const db_op_t *_op, const db_val_t *_v, const db_key_t *_c,
+ const int _n, const int _nc, const db_key_t _o, db1_res_t **_r)
+{
+ return run_thread4P5I2P2((_thread_proto4P5I2P2)db_unixodbc_query_impl,
+ (void *)_h, (void *)_k, (void *)_op, (void *)_v, (void
*)_c, _n,
+ _nc, (void *)_o, (void *)_r);
+}
+
/*!
* \brief Gets a partial result set, fetch rows from a result
*
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:7043a581: db_mysql: libssl thread guard for db_mysql_close
Module: kamailio
Branch: master
Commit: 7043a581c4cfe05d6f9a0161368a61f7c67e326c
URL:
https://github.com/kamailio/kamailio/commit/7043a581c4cfe05d6f9a0161368a61f7c67e326c
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-09T07:05:17+08:00
db_mysql: libssl thread guard for db_mysql_close
---
Modified: src/modules/db_mysql/km_dbase.c
---
Diff:
https://github.com/kamailio/kamailio/commit/7043a581c4cfe05d6f9a0161368a61f7c67e326c.diff
Patch:
https://github.com/kamailio/kamailio/commit/7043a581c4cfe05d6f9a0161368a61f7c67e326c.patch
---
diff --git a/src/modules/db_mysql/km_dbase.c b/src/modules/db_mysql/km_dbase.c
index e86e4a0391b..7b65c0a012c 100644
--- a/src/modules/db_mysql/km_dbase.c
+++ b/src/modules/db_mysql/km_dbase.c
@@ -40,6 +40,7 @@
#include "../../core/async_task.h"
#define KSR_RTHREAD_NEED_4PP
+#define KSR_RTHREAD_NEED_0P
#include "../../core/rthreads.h"
#include "../../lib/srdb1/db_query.h"
#include "../../lib/srdb1/db_ut.h"
@@ -228,11 +229,16 @@ db1_con_t *db_mysql_init(const str *_url)
* \param _h handle to the closed connection
* \return zero on success, negative value on failure
*/
-void db_mysql_close(db1_con_t *_h)
+static void db_mysql_close_impl(db1_con_t *_h)
{
db_do_close(_h, db_mysql_free_connection);
}
+void db_mysql_close(db1_con_t *_h)
+{
+ run_thread0P((_thread_proto0P)db_mysql_close_impl, _h);
+}
+
/**
* Retrieve a result set
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:e33911f5: db_postgres: libssl thread guard for db_postgres_close
Module: kamailio
Branch: master
Commit: e33911f5edbac36f54b6371f9b952b57488bcced
URL:
https://github.com/kamailio/kamailio/commit/e33911f5edbac36f54b6371f9b952b57488bcced
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-09T07:05:17+08:00
db_postgres: libssl thread guard for db_postgres_close
---
Modified: src/modules/db_postgres/km_dbase.c
---
Diff:
https://github.com/kamailio/kamailio/commit/e33911f5edbac36f54b6371f9b952b57488bcced.diff
Patch:
https://github.com/kamailio/kamailio/commit/e33911f5edbac36f54b6371f9b952b57488bcced.patch
---
diff --git a/src/modules/db_postgres/km_dbase.c
b/src/modules/db_postgres/km_dbase.c
index 7948ff0075f..e8dce6e09ea 100644
--- a/src/modules/db_postgres/km_dbase.c
+++ b/src/modules/db_postgres/km_dbase.c
@@ -45,6 +45,7 @@
#include "../../core/clist.h"
#define KSR_RTHREAD_NEED_PI
#define KSR_RTHREAD_NEED_4PP
+#define KSR_RTHREAD_NEED_0P
#include "../../core/rthreads.h"
#include "km_dbase.h"
#include "km_pg_con.h"
@@ -147,11 +148,16 @@ db1_con_t *db_postgres_init2(const str *_url,
db_pooling_t pooling)
* \param _h closed connection, as returned from db_postgres_init
* \note free all memory and resources
*/
-void db_postgres_close(db1_con_t *_h)
+static void db_postgres_close_impl(db1_con_t *_h)
{
db_do_close(_h, db_postgres_free_connection);
}
+void db_postgres_close(db1_con_t *_h)
+{
+ run_thread0P((_thread_proto0P)db_postgres_close_impl, _h);
+}
+
/*!
* \brief Submit_query, run a query
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:4baa76cd: core/rthreads.h: thread wrapper for db_XXXX_query
Module: kamailio
Branch: master
Commit: 4baa76cd3e0d4052baf037c663a898fd11c54514
URL:
https://github.com/kamailio/kamailio/commit/4baa76cd3e0d4052baf037c663a898fd11c54514
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-09T07:05:17+08:00
core/rthreads.h: thread wrapper for db__query
---
Modified: src/core/rthreads.h
---
Diff:
https://github.com/kamailio/kamailio/commit/4baa76cd3e0d4052baf037c663a898fd11c54514.diff
Patch:
https://github.com/kamailio/kamailio/commit/4baa76cd3e0d4052baf037c663a898fd11c54514.patch
---
diff --git a/src/core/rthreads.h b/src/core/rthreads.h
index 2f922be5a75..e96f45c9395 100644
--- a/src/core/rthreads.h
+++ b/src/core/rthreads.h
@@ -201,3 +201,56 @@ static void run_thread0P(_thread_proto0P fn, void *arg1)
#endif
}
#endif
+
+/*
+ * prototype:
+ * db_unixodbc_query(const db1_con_t *_h, const db_key_t *_k,
+ *const db_op_t *_op, const db_val_t *_v, const db_key_t *_c,
+ *const int _n, const int _nc, const db_key_t _o, db1_res_t **_r)
+ */
+#ifdef KSR_RTHREAD_NEED_4P5I2P2
+typedef int (*_thread_proto4P5I2P2)(
+ void *, void *, void *, void *, void *, int, int, void *, void
*);
+struct _thread_args4P5I2P2
+{
+ _thread_proto4P5I2P2 fn;
+ void *arg1;
+ void *arg2;
+ void *arg3;
+ void *arg4;
+ void *arg5;
+ int arg6;
+ int arg7;
+ void *arg8;
+ void *arg9;
+ int *ret;
+};
+static void *run_thread_wrap4P5I2P2(struct _thread_args4P5I2P2 *args)
+{
+ *args->ret = (*args->fn)(args->arg1, args->arg2, args->arg3, args->arg4,
+ args->arg5, args->arg6, args->arg7, args->arg8,
args->arg9);
+ return NULL;
+}
+
+static int run_thread4P5I2P2(_thread_proto4P5I2P2 fn, void *arg1, void *arg2,
+ void *arg3, void *arg4, void *arg5, int arg6, int arg7, void
*arg8,
+ void *arg9)
+{
+#ifdef USE_TLS
+ pthread_t tid;
+ int ret;
+
+ if(likely(ksr_tls_threads_mode == 0
+ || (ksr_tls_threads_mode == 1 && process_no > 0))) {
+ return fn(arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8, arg9);
+ }
+ pthread_create(, NULL, (_thread_proto)run_thread_wrap4P5I2P2,
+ &(struct _thread_args4P5I2P2){fn, arg1, arg2, arg3,
arg4, arg5,
+ arg6, arg7, arg8, arg9, });
+ pthread_join(tid, NULL);
+ return ret;
+#else
+ return fn(arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8, arg9);
+#endif
+}
+#endif
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:fb7c4ec9: core/rthreads.h: fix missing returns
Module: kamailio
Branch: master
Commit: fb7c4ec9a33d8147094aa664ce3c96b6c3cb7d35
URL:
https://github.com/kamailio/kamailio/commit/fb7c4ec9a33d8147094aa664ce3c96b6c3cb7d35
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-07T14:08:01+08:00
core/rthreads.h: fix missing returns
---
Modified: src/core/rthreads.h
---
Diff:
https://github.com/kamailio/kamailio/commit/fb7c4ec9a33d8147094aa664ce3c96b6c3cb7d35.diff
Patch:
https://github.com/kamailio/kamailio/commit/fb7c4ec9a33d8147094aa664ce3c96b6c3cb7d35.patch
---
diff --git a/src/core/rthreads.h b/src/core/rthreads.h
index 897e6b8d9ed..2f922be5a75 100644
--- a/src/core/rthreads.h
+++ b/src/core/rthreads.h
@@ -40,16 +40,17 @@ static void *run_threadP(_thread_proto fn, void *arg)
pthread_t tid;
void *ret;
-if(likely(ksr_tls_threads_mode == 0 || (ksr_tls_threads_mode == 1 &&
process_no > 0))) {
-return fn(arg);
-}
+ if(likely(ksr_tls_threads_mode == 0
+ || (ksr_tls_threads_mode == 1 && process_no > 0))) {
+ return fn(arg);
+ }
pthread_create(, NULL, fn, arg);
pthread_join(tid, );
return ret;
#else
-return fn(arg);
+ return fn(arg);
#endif /* USE_TLS */
}
#endif
@@ -76,9 +77,10 @@ static void *run_threadPI(_thread_protoPI fn, void *arg1,
int arg2)
pthread_t tid;
void *ret;
-if(likely(ksr_tls_threads_mode == 0 || (ksr_tls_threads_mode == 1 &&
process_no > 0))) {
-return fn(arg1, arg2);
-}
+ if(likely(ksr_tls_threads_mode == 0
+ || (ksr_tls_threads_mode == 1 && process_no > 0))) {
+ return fn(arg1, arg2);
+ }
pthread_create(, NULL, (_thread_proto)_thread_wrapPI,
&(struct _thread_argsPI){fn, arg1, arg2});
@@ -86,7 +88,7 @@ static void *run_threadPI(_thread_protoPI fn, void *arg1, int
arg2)
return ret;
#else
-return fn(arg1, arg2);
+ return fn(arg1, arg2);
#endif
}
#endif
@@ -111,15 +113,17 @@ static void run_threadV(_thread_protoV fn)
#ifdef USE_TLS
pthread_t tid;
-if(likely(ksr_tls_threads_mode == 0 || (ksr_tls_threads_mode == 1 &&
process_no > 0))) {
-fn();
-}
+ if(likely(ksr_tls_threads_mode == 0
+ || (ksr_tls_threads_mode == 1 && process_no > 0))) {
+ fn();
+ return;
+ }
pthread_create(, NULL, (_thread_proto)run_thread_wrapV,
&(struct _thread_argsV){fn});
pthread_join(tid, NULL);
#else
-fn();
+ fn();
#endif
}
#endif
@@ -148,16 +152,17 @@ static int run_thread4PP(_thread_proto4PP fn, void *arg1,
void *arg2)
pthread_t tid;
int ret;
-if(likely(ksr_tls_threads_mode == 0 || (ksr_tls_threads_mode == 1 &&
process_no > 0))) {
-return fn(arg1, arg2);
-}
+ if(likely(ksr_tls_threads_mode == 0
+ || (ksr_tls_threads_mode == 1 && process_no > 0))) {
+ return fn(arg1, arg2);
+ }
pthread_create(, NULL, (_thread_proto)run_thread_wrap4PP,
&(struct _thread_args4PP){fn, arg1, arg2, });
pthread_join(tid, NULL);
return ret;
#else
-return fn(arg1, arg2);
+ return fn(arg1, arg2);
#endif
}
#endif
@@ -183,14 +188,16 @@ static void run_thread0P(_thread_proto0P fn, void *arg1)
#ifdef USE_TLS
pthread_t tid;
-if(likely(ksr_tls_threads_mode == 0 || (ksr_tls_threads_mode == 1 &&
process_no > 0))) {
-fn(arg1);
-}
+ if(likely(ksr_tls_threads_mode == 0
+ || (ksr_tls_threads_mode == 1 && process_no > 0))) {
+ fn(arg1);
+ return;
+ }
pthread_create(, NULL, (_thread_proto)run_thread_wrap0P,
&(struct _thread_args0P){fn, arg1});
pthread_join(tid, NULL);
#else
-fn(arg1)
+ fn(arg1)
#endif
}
#endif
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:1a2993ca: core/rthreads.h: fix missing return
Module: kamailio Branch: master Commit: 1a2993ca370da35c34abae1cb44086492faa0ade URL: https://github.com/kamailio/kamailio/commit/1a2993ca370da35c34abae1cb44086492faa0ade Author: S-P Chan Committer: S-P Chan Date: 2024-02-07T05:54:35+08:00 core/rthreads.h: fix missing return --- Modified: src/core/rthreads.h --- Diff: https://github.com/kamailio/kamailio/commit/1a2993ca370da35c34abae1cb44086492faa0ade.diff Patch: https://github.com/kamailio/kamailio/commit/1a2993ca370da35c34abae1cb44086492faa0ade.patch --- diff --git a/src/core/rthreads.h b/src/core/rthreads.h index 084f463261b..897e6b8d9ed 100644 --- a/src/core/rthreads.h +++ b/src/core/rthreads.h @@ -49,7 +49,7 @@ static void *run_threadP(_thread_proto fn, void *arg) return ret; #else -fn(arg); +return fn(arg); #endif /* USE_TLS */ } #endif ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:e52bc4ba: Sample etc/kamailio.cfg: add tls_threads_mode to config
Module: kamailio Branch: master Commit: e52bc4ba41417362c79da1cd3d41b283aabc4eb8 URL: https://github.com/kamailio/kamailio/commit/e52bc4ba41417362c79da1cd3d41b283aabc4eb8 Author: S-P Chan Committer: S-P Chan Date: 2024-02-07T05:49:14+08:00 Sample etc/kamailio.cfg: add tls_threads_mode to config --- Modified: etc/kamailio.cfg --- Diff: https://github.com/kamailio/kamailio/commit/e52bc4ba41417362c79da1cd3d41b283aabc4eb8.diff Patch: https://github.com/kamailio/kamailio/commit/e52bc4ba41417362c79da1cd3d41b283aabc4eb8.patch --- diff --git a/etc/kamailio.cfg b/etc/kamailio.cfg index cc043fad58b..2d68f7692e1 100755 --- a/etc/kamailio.cfg +++ b/etc/kamailio.cfg @@ -220,6 +220,13 @@ enable_tls=yes /* upper limit for TLS connections */ tls_max_connections=2048 + +/* For OpenSSL 3 integration + * functions calling libssl3 can be invoked in a transient thread + * 0: disable threaded calls + * 1: use threads for process#0 only + * 2: use threads for all processes */ +tls_threads_mode=1 #!endif /* set it to yes to enable sctp and load sctp.so module */ ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:aa15489f: core/rthreads.h: use global ksr_tls_threads_mode to constrain thread
Module: kamailio
Branch: master
Commit: aa15489f0a8de4a27197602d771fe02cf5745287
URL:
https://github.com/kamailio/kamailio/commit/aa15489f0a8de4a27197602d771fe02cf5745287
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-07T05:24:30+08:00
core/rthreads.h: use global ksr_tls_threads_mode to constrain thread
wrapping
- 0: run wrapped function directly
- 1: run wrapped function in thread for process#0 else run directly
- 2: always run wrapped function in thread
---
Modified: src/core/rthreads.h
---
Diff:
https://github.com/kamailio/kamailio/commit/aa15489f0a8de4a27197602d771fe02cf5745287.diff
Patch:
https://github.com/kamailio/kamailio/commit/aa15489f0a8de4a27197602d771fe02cf5745287.patch
---
diff --git a/src/core/rthreads.h b/src/core/rthreads.h
index a416ad2ca50..084f463261b 100644
--- a/src/core/rthreads.h
+++ b/src/core/rthreads.h
@@ -27,6 +27,7 @@
*/
#include
+#include "./globals.h"
/*
* prototype: void *fn(void *arg) { ... }
*/
@@ -35,13 +36,21 @@ typedef void *(*_thread_proto)(void *);
#ifndef KSR_RTHREAD_SKIP_P
static void *run_threadP(_thread_proto fn, void *arg)
{
+#ifdef USE_TLS
pthread_t tid;
void *ret;
+if(likely(ksr_tls_threads_mode == 0 || (ksr_tls_threads_mode == 1 &&
process_no > 0))) {
+return fn(arg);
+}
+
pthread_create(, NULL, fn, arg);
pthread_join(tid, );
return ret;
+#else
+fn(arg);
+#endif /* USE_TLS */
}
#endif
@@ -63,14 +72,22 @@ static void *run_thread_wrapPI(struct _thread_argsPI *args)
static void *run_threadPI(_thread_protoPI fn, void *arg1, int arg2)
{
+#ifdef USE_TLS
pthread_t tid;
void *ret;
+if(likely(ksr_tls_threads_mode == 0 || (ksr_tls_threads_mode == 1 &&
process_no > 0))) {
+return fn(arg1, arg2);
+}
+
pthread_create(, NULL, (_thread_proto)_thread_wrapPI,
&(struct _thread_argsPI){fn, arg1, arg2});
pthread_join(tid, );
return ret;
+#else
+return fn(arg1, arg2);
+#endif
}
#endif
@@ -91,11 +108,19 @@ static void *run_thread_wrapV(struct _thread_argsV *args)
static void run_threadV(_thread_protoV fn)
{
+#ifdef USE_TLS
pthread_t tid;
+if(likely(ksr_tls_threads_mode == 0 || (ksr_tls_threads_mode == 1 &&
process_no > 0))) {
+fn();
+}
+
pthread_create(, NULL, (_thread_proto)run_thread_wrapV,
&(struct _thread_argsV){fn});
pthread_join(tid, NULL);
+#else
+fn();
+#endif
}
#endif
@@ -119,14 +144,21 @@ static void *run_thread_wrap4PP(struct _thread_args4PP
*args)
static int run_thread4PP(_thread_proto4PP fn, void *arg1, void *arg2)
{
+#ifdef USE_TLS
pthread_t tid;
int ret;
+if(likely(ksr_tls_threads_mode == 0 || (ksr_tls_threads_mode == 1 &&
process_no > 0))) {
+return fn(arg1, arg2);
+}
pthread_create(, NULL, (_thread_proto)run_thread_wrap4PP,
&(struct _thread_args4PP){fn, arg1, arg2, });
pthread_join(tid, NULL);
return ret;
+#else
+return fn(arg1, arg2);
+#endif
}
#endif
@@ -148,10 +180,17 @@ static void *run_thread_wrap0P(struct _thread_args0P
*args)
static void run_thread0P(_thread_proto0P fn, void *arg1)
{
+#ifdef USE_TLS
pthread_t tid;
+if(likely(ksr_tls_threads_mode == 0 || (ksr_tls_threads_mode == 1 &&
process_no > 0))) {
+fn(arg1);
+}
pthread_create(, NULL, (_thread_proto)run_thread_wrap0P,
&(struct _thread_args0P){fn, arg1});
pthread_join(tid, NULL);
+#else
+fn(arg1)
+#endif
}
#endif
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:579d3973: db_unixodbc: handle SSL and submit query
Module: kamailio
Branch: 5.7
Commit: 579d39736b8f11d0e5c68715ba3a9aafc07cd7dc
URL:
https://github.com/kamailio/kamailio/commit/579d39736b8f11d0e5c68715ba3a9aafc07cd7dc
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-06T13:13:42+08:00
db_unixodbc: handle SSL and submit query
(cherry-pick from 7d917e6649be7188bb9ab152ada75bc7199b2980)
---
Modified: src/modules/db_unixodbc/dbase.c
---
Diff:
https://github.com/kamailio/kamailio/commit/579d39736b8f11d0e5c68715ba3a9aafc07cd7dc.diff
Patch:
https://github.com/kamailio/kamailio/commit/579d39736b8f11d0e5c68715ba3a9aafc07cd7dc.patch
---
diff --git a/src/modules/db_unixodbc/dbase.c b/src/modules/db_unixodbc/dbase.c
index c4ba64b019c..7a5f2bdb09e 100644
--- a/src/modules/db_unixodbc/dbase.c
+++ b/src/modules/db_unixodbc/dbase.c
@@ -25,6 +25,7 @@
#include "../../core/mem/mem.h"
#include "../../core/dprint.h"
#include "../../core/async_task.h"
+#define KSR_RTHREAD_NEED_4PP
#include "../../core/rthreads.h"
#include "../../lib/srdb1/db_query.h"
#include "val.h"
@@ -81,7 +82,7 @@ static int reconnect(const db1_con_t *_h)
/*
* Send an SQL query to the server
*/
-static int db_unixodbc_submit_query(const db1_con_t *_h, const str *_s)
+static int db_unixodbc_submit_query_impl(const db1_con_t *_h, const str *_s)
{
int ret = 0;
SQLCHAR sqlstate[7];
@@ -155,6 +156,11 @@ static int db_unixodbc_submit_query(const db1_con_t *_h,
const str *_s)
return ret;
}
+static int db_unixodbc_submit_query(const db1_con_t *_h, const str *_s)
+{
+ return run_thread4PP((_thread_proto4PP)db_unixodbc_submit_query_impl,
+ (void *)_h, (void *)_s);
+}
/**
*
*/
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:103c62ba: db_mysql: handle SSL and submit query
Module: kamailio
Branch: 5.7
Commit: 103c62ba675f8d306e1c0fb60ddfd4c4bca1e931
URL:
https://github.com/kamailio/kamailio/commit/103c62ba675f8d306e1c0fb60ddfd4c4bca1e931
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-06T13:13:59+08:00
db_mysql: handle SSL and submit query
(cherry-pick from 51d9f92eca3ef1044052581c9438af6e643652a1)
---
Modified: src/modules/db_mysql/km_dbase.c
---
Diff:
https://github.com/kamailio/kamailio/commit/103c62ba675f8d306e1c0fb60ddfd4c4bca1e931.diff
Patch:
https://github.com/kamailio/kamailio/commit/103c62ba675f8d306e1c0fb60ddfd4c4bca1e931.patch
---
diff --git a/src/modules/db_mysql/km_dbase.c b/src/modules/db_mysql/km_dbase.c
index 9cd238b78ab..e86e4a0391b 100644
--- a/src/modules/db_mysql/km_dbase.c
+++ b/src/modules/db_mysql/km_dbase.c
@@ -38,6 +38,8 @@
#include "../../core/mem/mem.h"
#include "../../core/dprint.h"
#include "../../core/async_task.h"
+
+#define KSR_RTHREAD_NEED_4PP
#include "../../core/rthreads.h"
#include "../../lib/srdb1/db_query.h"
#include "../../lib/srdb1/db_ut.h"
@@ -67,7 +69,7 @@ static char *mysql_sql_buf;
* \param _s executed query
* \return zero on success, negative value on failure
*/
-static int db_mysql_submit_query(const db1_con_t *_h, const str *_s)
+static int db_mysql_submit_query_impl(const db1_con_t *_h, const str *_s)
{
time_t t;
int i, code;
@@ -128,6 +130,11 @@ static int db_mysql_submit_query(const db1_con_t *_h,
const str *_s)
}
+static int db_mysql_submit_query(const db1_con_t *_h, const str *_s)
+{
+ return run_thread4PP((_thread_proto4PP)db_mysql_submit_query_impl,
+ (void *)_h, (void *)_s);
+}
/**
*
*/
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:63009ee5: db_postgres: handle SSL and submit query
Module: kamailio
Branch: 5.7
Commit: 63009ee559bb68a3fde0b7f479d3023b06a6c376
URL:
https://github.com/kamailio/kamailio/commit/63009ee559bb68a3fde0b7f479d3023b06a6c376
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-06T13:14:12+08:00
db_postgres: handle SSL and submit query
(cherry-pick from d638c774ed816eec800e72ba2546004215cfe097)
---
Modified: src/modules/db_postgres/km_dbase.c
---
Diff:
https://github.com/kamailio/kamailio/commit/63009ee559bb68a3fde0b7f479d3023b06a6c376.diff
Patch:
https://github.com/kamailio/kamailio/commit/63009ee559bb68a3fde0b7f479d3023b06a6c376.patch
---
diff --git a/src/modules/db_postgres/km_dbase.c
b/src/modules/db_postgres/km_dbase.c
index 3d58f1a53e0..7948ff0075f 100644
--- a/src/modules/db_postgres/km_dbase.c
+++ b/src/modules/db_postgres/km_dbase.c
@@ -44,6 +44,7 @@
#include "../../core/hashes.h"
#include "../../core/clist.h"
#define KSR_RTHREAD_NEED_PI
+#define KSR_RTHREAD_NEED_4PP
#include "../../core/rthreads.h"
#include "km_dbase.h"
#include "km_pg_con.h"
@@ -158,7 +159,7 @@ void db_postgres_close(db1_con_t *_h)
* \param _s query string
* \return 0 on success, negative on failure
*/
-static int db_postgres_submit_query(const db1_con_t *_con, const str *_s)
+static int db_postgres_submit_query_impl(const db1_con_t *_con, const str *_s)
{
char *s = NULL;
int i, retries;
@@ -286,6 +287,12 @@ static int db_postgres_submit_query(const db1_con_t *_con,
const str *_s)
return -1;
}
+static int db_postgres_submit_query(const db1_con_t *_con, const str *_s)
+{
+ return run_thread4PP((_thread_proto4PP)db_postgres_submit_query_impl,
+ (void *)_con, (void *)_s);
+}
+
void db_postgres_async_exec_task(void *param)
{
str *p;
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:6f037a48: core/rthread.h: add prototype for db queries
Module: kamailio
Branch: 5.7
Commit: 6f037a48f706e6108a063883f9e9a324bea56da9
URL:
https://github.com/kamailio/kamailio/commit/6f037a48f706e6108a063883f9e9a324bea56da9
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-06T13:13:23+08:00
core/rthread.h: add prototype for db queries
(cherry-pick from ba921b2112e87625fba5789d1b049161bb611073)
---
Modified: src/core/rthreads.h
---
Diff:
https://github.com/kamailio/kamailio/commit/6f037a48f706e6108a063883f9e9a324bea56da9.diff
Patch:
https://github.com/kamailio/kamailio/commit/6f037a48f706e6108a063883f9e9a324bea56da9.patch
---
diff --git a/src/core/rthreads.h b/src/core/rthreads.h
index a5ad7670dae..a416ad2ca50 100644
--- a/src/core/rthreads.h
+++ b/src/core/rthreads.h
@@ -98,3 +98,60 @@ static void run_threadV(_thread_protoV fn)
pthread_join(tid, NULL);
}
#endif
+
+/*
+ * prototype: int fn(void *, void *) { ... }
+ */
+#ifdef KSR_RTHREAD_NEED_4PP
+typedef int (*_thread_proto4PP)(void *, void *);
+struct _thread_args4PP
+{
+ _thread_proto4PP fn;
+ void *arg1;
+ void *arg2;
+ int *ret;
+};
+static void *run_thread_wrap4PP(struct _thread_args4PP *args)
+{
+ *args->ret = (*args->fn)(args->arg1, args->arg2);
+ return NULL;
+}
+
+static int run_thread4PP(_thread_proto4PP fn, void *arg1, void *arg2)
+{
+ pthread_t tid;
+ int ret;
+
+ pthread_create(, NULL, (_thread_proto)run_thread_wrap4PP,
+ &(struct _thread_args4PP){fn, arg1, arg2, });
+ pthread_join(tid, NULL);
+
+ return ret;
+}
+#endif
+
+/*
+ * prototype: void fn(void *) { ... }
+ */
+#ifdef KSR_RTHREAD_NEED_0P
+typedef void (*_thread_proto0P)(void *);
+struct _thread_args0P
+{
+ _thread_proto0P fn;
+ void *arg1;
+};
+static void *run_thread_wrap0P(struct _thread_args0P *args)
+{
+ (*args->fn)(args->arg1);
+ return NULL;
+}
+
+static void run_thread0P(_thread_proto0P fn, void *arg1)
+{
+ pthread_t tid;
+
+ pthread_create(, NULL, (_thread_proto)run_thread_wrap0P,
+ &(struct _thread_args0P){fn, arg1});
+ pthread_join(tid, NULL);
+}
+#endif
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:475b4da7: Sample etc/kamailio.cfg: tls should be loaded first if used
Module: kamailio Branch: master Commit: 475b4da798fce232eba6834c3cb05e3c97e12d03 URL: https://github.com/kamailio/kamailio/commit/475b4da798fce232eba6834c3cb05e3c97e12d03 Author: S-P Chan Committer: S-P Chan Date: 2024-02-06T11:09:13+08:00 Sample etc/kamailio.cfg: tls should be loaded first if used --- Modified: etc/kamailio.cfg --- Diff: https://github.com/kamailio/kamailio/commit/475b4da798fce232eba6834c3cb05e3c97e12d03.diff Patch: https://github.com/kamailio/kamailio/commit/475b4da798fce232eba6834c3cb05e3c97e12d03.patch --- diff --git a/etc/kamailio.cfg b/etc/kamailio.cfg old mode 100644 new mode 100755 index 598d12bc23e..cc043fad58b --- a/etc/kamailio.cfg +++ b/etc/kamailio.cfg @@ -257,6 +257,12 @@ voicemail.srv_port = "5060" desc "VoiceMail Port" /* set paths to location of modules */ # mpath="/usr/local/lib/kamailio/modules/" +# when using TLS with OpenSSL it is recommended to load this module +# first so that OpenSSL is initialized correctly +#!ifdef WITH_TLS +loadmodule "tls.so" +#!endif + #!ifdef WITH_MYSQL loadmodule "db_mysql.so" #!endif @@ -319,10 +325,6 @@ loadmodule "rtpproxy.so" #!endif #!endif -#!ifdef WITH_TLS -loadmodule "tls.so" -#!endif - #!ifdef WITH_HTABLE loadmodule "htable.so" #!endif ___ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:d638c774: db_postgres: handle SSL and submit query
Module: kamailio
Branch: master
Commit: d638c774ed816eec800e72ba2546004215cfe097
URL:
https://github.com/kamailio/kamailio/commit/d638c774ed816eec800e72ba2546004215cfe097
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-06T10:17:53+08:00
db_postgres: handle SSL and submit query
---
Modified: src/modules/db_postgres/km_dbase.c
---
Diff:
https://github.com/kamailio/kamailio/commit/d638c774ed816eec800e72ba2546004215cfe097.diff
Patch:
https://github.com/kamailio/kamailio/commit/d638c774ed816eec800e72ba2546004215cfe097.patch
---
diff --git a/src/modules/db_postgres/km_dbase.c
b/src/modules/db_postgres/km_dbase.c
index 3d58f1a53e0..7948ff0075f 100644
--- a/src/modules/db_postgres/km_dbase.c
+++ b/src/modules/db_postgres/km_dbase.c
@@ -44,6 +44,7 @@
#include "../../core/hashes.h"
#include "../../core/clist.h"
#define KSR_RTHREAD_NEED_PI
+#define KSR_RTHREAD_NEED_4PP
#include "../../core/rthreads.h"
#include "km_dbase.h"
#include "km_pg_con.h"
@@ -158,7 +159,7 @@ void db_postgres_close(db1_con_t *_h)
* \param _s query string
* \return 0 on success, negative on failure
*/
-static int db_postgres_submit_query(const db1_con_t *_con, const str *_s)
+static int db_postgres_submit_query_impl(const db1_con_t *_con, const str *_s)
{
char *s = NULL;
int i, retries;
@@ -286,6 +287,12 @@ static int db_postgres_submit_query(const db1_con_t *_con,
const str *_s)
return -1;
}
+static int db_postgres_submit_query(const db1_con_t *_con, const str *_s)
+{
+ return run_thread4PP((_thread_proto4PP)db_postgres_submit_query_impl,
+ (void *)_con, (void *)_s);
+}
+
void db_postgres_async_exec_task(void *param)
{
str *p;
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:7d917e66: db_unixodbc: handle SSL and submit query
Module: kamailio
Branch: master
Commit: 7d917e6649be7188bb9ab152ada75bc7199b2980
URL:
https://github.com/kamailio/kamailio/commit/7d917e6649be7188bb9ab152ada75bc7199b2980
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-06T10:17:53+08:00
db_unixodbc: handle SSL and submit query
---
Modified: src/modules/db_unixodbc/dbase.c
---
Diff:
https://github.com/kamailio/kamailio/commit/7d917e6649be7188bb9ab152ada75bc7199b2980.diff
Patch:
https://github.com/kamailio/kamailio/commit/7d917e6649be7188bb9ab152ada75bc7199b2980.patch
---
diff --git a/src/modules/db_unixodbc/dbase.c b/src/modules/db_unixodbc/dbase.c
index c4ba64b019c..7a5f2bdb09e 100644
--- a/src/modules/db_unixodbc/dbase.c
+++ b/src/modules/db_unixodbc/dbase.c
@@ -25,6 +25,7 @@
#include "../../core/mem/mem.h"
#include "../../core/dprint.h"
#include "../../core/async_task.h"
+#define KSR_RTHREAD_NEED_4PP
#include "../../core/rthreads.h"
#include "../../lib/srdb1/db_query.h"
#include "val.h"
@@ -81,7 +82,7 @@ static int reconnect(const db1_con_t *_h)
/*
* Send an SQL query to the server
*/
-static int db_unixodbc_submit_query(const db1_con_t *_h, const str *_s)
+static int db_unixodbc_submit_query_impl(const db1_con_t *_h, const str *_s)
{
int ret = 0;
SQLCHAR sqlstate[7];
@@ -155,6 +156,11 @@ static int db_unixodbc_submit_query(const db1_con_t *_h,
const str *_s)
return ret;
}
+static int db_unixodbc_submit_query(const db1_con_t *_h, const str *_s)
+{
+ return run_thread4PP((_thread_proto4PP)db_unixodbc_submit_query_impl,
+ (void *)_h, (void *)_s);
+}
/**
*
*/
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:51d9f92e: db_mysql: handle SSL and submit query
Module: kamailio
Branch: master
Commit: 51d9f92eca3ef1044052581c9438af6e643652a1
URL:
https://github.com/kamailio/kamailio/commit/51d9f92eca3ef1044052581c9438af6e643652a1
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-06T10:17:53+08:00
db_mysql: handle SSL and submit query
---
Modified: src/modules/db_mysql/km_dbase.c
---
Diff:
https://github.com/kamailio/kamailio/commit/51d9f92eca3ef1044052581c9438af6e643652a1.diff
Patch:
https://github.com/kamailio/kamailio/commit/51d9f92eca3ef1044052581c9438af6e643652a1.patch
---
diff --git a/src/modules/db_mysql/km_dbase.c b/src/modules/db_mysql/km_dbase.c
index 9cd238b78ab..e86e4a0391b 100644
--- a/src/modules/db_mysql/km_dbase.c
+++ b/src/modules/db_mysql/km_dbase.c
@@ -38,6 +38,8 @@
#include "../../core/mem/mem.h"
#include "../../core/dprint.h"
#include "../../core/async_task.h"
+
+#define KSR_RTHREAD_NEED_4PP
#include "../../core/rthreads.h"
#include "../../lib/srdb1/db_query.h"
#include "../../lib/srdb1/db_ut.h"
@@ -67,7 +69,7 @@ static char *mysql_sql_buf;
* \param _s executed query
* \return zero on success, negative value on failure
*/
-static int db_mysql_submit_query(const db1_con_t *_h, const str *_s)
+static int db_mysql_submit_query_impl(const db1_con_t *_h, const str *_s)
{
time_t t;
int i, code;
@@ -128,6 +130,11 @@ static int db_mysql_submit_query(const db1_con_t *_h,
const str *_s)
}
+static int db_mysql_submit_query(const db1_con_t *_h, const str *_s)
+{
+ return run_thread4PP((_thread_proto4PP)db_mysql_submit_query_impl,
+ (void *)_h, (void *)_s);
+}
/**
*
*/
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:master:ba921b21: core/rthread.h: add prototype for db queries
Module: kamailio
Branch: master
Commit: ba921b2112e87625fba5789d1b049161bb611073
URL:
https://github.com/kamailio/kamailio/commit/ba921b2112e87625fba5789d1b049161bb611073
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-06T10:17:53+08:00
core/rthread.h: add prototype for db queries
---
Modified: src/core/rthreads.h
---
Diff:
https://github.com/kamailio/kamailio/commit/ba921b2112e87625fba5789d1b049161bb611073.diff
Patch:
https://github.com/kamailio/kamailio/commit/ba921b2112e87625fba5789d1b049161bb611073.patch
---
diff --git a/src/core/rthreads.h b/src/core/rthreads.h
index a5ad7670dae..a416ad2ca50 100644
--- a/src/core/rthreads.h
+++ b/src/core/rthreads.h
@@ -98,3 +98,60 @@ static void run_threadV(_thread_protoV fn)
pthread_join(tid, NULL);
}
#endif
+
+/*
+ * prototype: int fn(void *, void *) { ... }
+ */
+#ifdef KSR_RTHREAD_NEED_4PP
+typedef int (*_thread_proto4PP)(void *, void *);
+struct _thread_args4PP
+{
+ _thread_proto4PP fn;
+ void *arg1;
+ void *arg2;
+ int *ret;
+};
+static void *run_thread_wrap4PP(struct _thread_args4PP *args)
+{
+ *args->ret = (*args->fn)(args->arg1, args->arg2);
+ return NULL;
+}
+
+static int run_thread4PP(_thread_proto4PP fn, void *arg1, void *arg2)
+{
+ pthread_t tid;
+ int ret;
+
+ pthread_create(, NULL, (_thread_proto)run_thread_wrap4PP,
+ &(struct _thread_args4PP){fn, arg1, arg2, });
+ pthread_join(tid, NULL);
+
+ return ret;
+}
+#endif
+
+/*
+ * prototype: void fn(void *) { ... }
+ */
+#ifdef KSR_RTHREAD_NEED_0P
+typedef void (*_thread_proto0P)(void *);
+struct _thread_args0P
+{
+ _thread_proto0P fn;
+ void *arg1;
+};
+static void *run_thread_wrap0P(struct _thread_args0P *args)
+{
+ (*args->fn)(args->arg1);
+ return NULL;
+}
+
+static void run_thread0P(_thread_proto0P fn, void *arg1)
+{
+ pthread_t tid;
+
+ pthread_create(, NULL, (_thread_proto)run_thread_wrap0P,
+ &(struct _thread_args0P){fn, arg1});
+ pthread_join(tid, NULL);
+}
+#endif
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
[sr-dev] git:5.7:74636a9b: Revert "tls_wolfssl: enable building with external package"
Module: kamailio
Branch: 5.7
Commit: 74636a9bf53524a6d60351c1569a033270677d6c
URL:
https://github.com/kamailio/kamailio/commit/74636a9bf53524a6d60351c1569a033270677d6c
Author: S-P Chan
Committer: S-P Chan
Date: 2024-02-04T10:11:45+08:00
Revert "tls_wolfssl: enable building with external package"
This reverts commit 53ce759091f78ffecc6b4047ff3e8885329d718f.
< 5.8 does not have 16-byte memory alignment
---
Modified: src/modules/tls_wolfssl/Makefile
---
Diff:
https://github.com/kamailio/kamailio/commit/74636a9bf53524a6d60351c1569a033270677d6c.diff
Patch:
https://github.com/kamailio/kamailio/commit/74636a9bf53524a6d60351c1569a033270677d6c.patch
---
diff --git a/src/modules/tls_wolfssl/Makefile b/src/modules/tls_wolfssl/Makefile
index 98239c43183..5ef95d697b6 100644
--- a/src/modules/tls_wolfssl/Makefile
+++ b/src/modules/tls_wolfssl/Makefile
@@ -8,13 +8,6 @@ include ../../Makefile.defs
auto_gen=
NAME=tls_wolfssl.so
-# make WOLFSSL_INTERNAL=yes... for internal submodule
-# make WOLFSSL_INTERNAL=no... for system package
-# default: yes
-
-WOLFSSL_INTERNAL ?= yes
-
-ifeq ($(WOLFSSL_INTERNAL),yes)
WOLFSSL_PREFIX = ../../../misc/external/wolfssl/build
WOLFSSL_SRC = ../../../misc/external/wolfssl/wolfssl
@@ -41,15 +34,6 @@ $(WOLFSSL_PREFIX)/include/wolfssl/options.h
$(WOLFSSL_PREFIX)/lib/libwolfssl.a:
$(NAME): $(WOLFSSL_PREFIX)/lib/libwolfssl.a
-else
-WOLFSSL_LIBS ?= $(shell pkg-config wolfssl --libs)
-WOLFSSL_INCLUDES ?= $(shell pkg-config wolfssl --cflags)
-
-LIBS += $(WOLFSSL_LIBS)
-INCLUDES += $(WOLFSSL_INCLUDES)
-include ../../Makefile.modules
-endif
-
clean-wolfssl:
@rm -rf $(WOLFSSL_PREFIX)/{bin,include,share,lib}; \
(cd $(WOLFSSL_SRC); make distclean) || /bin/true
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
