Hi, Carlos!

Each TLS connection has its own buffer, protected by a locking mechanisms, so I don't see how data might get corrupted. Have you tried taking a wireshark capture to see if Wireshark manages to parse and validate the TLS sessions?

Best regards,

Răzvan Crainea
OpenSIPS Core Developer
http://www.opensips-solutions.com

On 10/14/2015 02:55 PM, Carlos Oliva wrote:
After some tests I was able to reproduce the issue with
tls_verify_client = 0 and tls_require_client_certificate = 0 The error
now is:
"ERROR:core:tls_print_errstack: TLS errstack: error:14094418:SSL
routines:SSL3_READ_BYTES:tlsv1 alert unknown ca"

Always is reproducible after some tests with a bit of load in the proxy.
I was not able to reproduce with only two registered AORs. Maybe (only a
supposition) the ssl buffer can be modified by other process while
reading and the data is corrupted?

In case it can help, here a new paste with debug=6
http://pastebin.com/vCmitj0m

—
Reply to this email directly or view it on GitHub
<https://github.com/OpenSIPS/opensips/issues/670#issuecomment-148027341>.



_______________________________________________
Devel mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/devel


_______________________________________________
Devel mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/devel

Reply via email to