I've been tasked to use LD_PRELOAD to log SSL keys for TLS connections
using a Diffie-Hellman cipher. The first attempt did not work, so I wanted
to sanity check whether Kamailio's TLS support is built in such a way that
would defeat LD_PRELOAD.
The instructions from the vendor are to update /etc/init.d/kamailio like
this:
env SSLKEYLOG_UDP='127.0.0.1:1234'
LD_PRELOAD="/usr/local/src/voipmonitor-git/tools/ssl_keylogger/sslkeylog.so
/usr/lib/x86_64-linux-gnu/libssl.so.3" \
start-stop-daemon --start --quiet --pidfile $PIDFILE \
--exec $DAEMON -- $OPTIONS || log_failure_msg " already
running"
Is there anything special in Kamailio (5.7.3 on Debian 12) that would
prevent this from working? Not necessarily something to defeat a keylogger,
but maybe the way tls.so gets loaded?
The only discrepancy I've noticed is the vendor docs refer to libssl.so.3
not libssl.so.1, but the vendor said that should be OK.
I'd love to hear from someone already using VoIPmonitor with Diffie-Hellman
ciphers and Kamailio.
__________________________________________________________
Kamailio - Users Mailing List - Non Commercial Discussions
To unsubscribe send an email to sr-users-le...@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the
sender!
Edit mailing list options or unsubscribe:
