Klaus,
With the information you provided, I did find the emails initiated by
Jan Janak on this topic. Thanks.
Guess our test with large RSA keys hits one of the race conditions when
reloading TLS config, which results in kamailio crash. One thing I'm not
quite clear is whether this is an openssl issue or kamailio TLS module
issue. And where to start if we'd like to help fix this.
Appreciate your help,
Ding
On 10/21/2013 3:14 AM, Klaus Darilion wrote:
I remember that long time ago there was an email discussing the
problem in details. MAybe it was on one of the old mailing lists (ser,
openser). IIRC the feature and the detailed discussion way by Jan
Janak. Maybe this helps you to refine your Google search.
regards
Klaus
On 19.10.2013 21:33, Ding Ma wrote:
In the current Kamailio TLS module document, there is a statement about
tls.reload being unsafe. But the only way to periodically update CRL
without restarting Kamailio is to use tls.reload. In our test with
tls.reload for CRL, it seems Kamailio would crash after about 100 times
of tls.reload in 5/6 hours. The core dump indicates memory access
violation, signal 11. We compiled Kamailio with openssl 1.0.0-fips.
Would appreciate some insights on tls.reload and ideas to fix the crash
issue. Thanks,
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
