Re: [Devel] Crash with openser 1.1.0 and TLS clients

Thu, 23 Nov 2006 23:48:58 -0800 

Hi Christophe!
Can you tell me the exact versions you use? openser, minisip, openssl (both o nminisip PCs and openser PC). 

thanks
klaus


Christophe Irles wrote:


Ok I create again dump files with exactly the same scenario. I test them
with wireshark successfully. Pb seems to come from the "txt" extension.

The first dump file is based on SIP over TLS and the second is based on SIP
over TCP.

As I said previously when using TLS, openser crash but not in TCP (same
openser config, just a restart between each test)

I notice in these two dump files something strange: some packets send by
openser are in UDP ! When they are send, the header "Record Route" is
composed of two lines: the last with the correct transport set (TCP or TLS)
but the first one wihtout this information ...

Hope this helps,
Christophe

-----Message d'origine-----

De : Klaus Darilion [mailto:[EMAIL PROTECTED] 
Envoyé : mardi 21 novembre 2006 17:35

À : Christophe Irles
Cc : 'OpenSER_DEV'
Objet : Re: [Devel] Crash with openser 1.1.0 and TLS clients

Hi!

I can't open the dump in ethereal. Maybe it was broken because it was named
.txt. Can you please resend it as .cap? (or zip)

regards
klaus

Christophe Irles wrote:

Hi Klauss,

Since ssldump is working not so well I used this option in my config file:
tls_ciphers_list="NULL"

I used tcpdump to have SIP messages as follow:  tcpdump -vv -s 2000 -i 
eth0 port 5061 -w dump.txt (cf. attached file)


In this file, you will find this scenario:
- Device A (known as uri [EMAIL PROTECTED]) registered first

- Device B (known as uri [EMAIL PROTECTED]) registered in 
second

- A calls B => communications is good (media is working)
- B hangup
- B unregistered => openser crash !

This scenario is the same as the test 3 describe in my previous mail (cf.
below)

If you need more explanations or more debug output, please tell me.

I'm using openser-1.1.0-tls

Hope this helps,
Christophe

 


-----Message d'origine-----

De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De 
la part de Christophe Irles Envoyé : vendredi 17 novembre 2006 17:24 À 
: 'Klaus Darilion'

Cc : 'OpenSER_DEV'
Objet : RE: [Devel] Crash with openser 1.1.0 and TLS clients

Hi Klaus,


The context is: a minisip called A (uri:[EMAIL PROTECTED]) with TLS calls 
another minisip called B (uri:[EMAIL PROTECTED]) with TLS.

Always A registered first and B in second (the order is important)

Test 1:
A and B unregistered => no crash

I restart openser and minisip A and B devices (to be sure to have the 
same configuration in each test)


Test 2:

A calls B. Communication is good. A or B hang up (I test the both) A 
unregistered => openser is still working B unregistered => openser crash !

I restart openser and minisip A and B devices

Test 3:

A calls B. Communication is good. A or B hang up (I test the both) B 
unregistered => openser crash !

I restart openser and minisip A and B devices

Test 4:

A calls B. Communication is good. A or B hang up  (I test the both) B 
calls A. Communication is good. A or B hang up  (I test the both) 
Calls made several times => Communications are always good A 
unregistered => openser is still working B unregistered => openser crash !

I restart openser and minisip A and B devices

Test 5:

A calls B. Communication is good. A or B hang up  (I test the both) B 
calls A. Communication is good. A or B hang up  (I test the both) 
Calls made several times => Communications are good B unregistered =>

openser crash !

About ssldump, I need to compile it including the lib pcap. As soon as 
possible I will send you the entire dump.


Please find below some comments about some of your previous remarks.

Thanks,
Regards,
Christophe

-----Message d'origine-----
De : Klaus Darilion [mailto:[EMAIL PROTECTED]
Envoyé : mardi 14 novembre 2006 18:51
À : Christophe Irles
Cc : OpenSER_DEV
Objet : Re: [Devel] Crash with openser 1.1.0 and TLS clients

Christophe Irles wrote:

Hello,

Hi Christoph!

Who is closing the SSL connection - openser or minisip?
[Chris] minisip is closing the connection.

There are several things which look very strange:


Extract of the log file:
        19(26390) tls_close: Closing SSL connection
        19(26390) tls_update_fd: New fd is 42
        19(26390) INFO: signal 13 received

Why is there a signal 13 (SIGPIPE) ?

[Chris] I don't know ... But this occurs, each time the second minisip 
unregistered from openser



	19(26390) tls_shutdown: First phase of 2-way handshake completed 
succesfuly

Looks like openser shuts down the SSL connection [Chris] Actually it's 
minisip



        19(26390) tls_tcpconn_clean: Entered
        19(26390) handle_tcp_child: reader response= b61c3f28, -2 from 2

Is openser reading from the closed SSL connection [Chris] I don't know ...
I'm compiling ssldump in order to have a dump with all packets


        19(26390) tcpconn_destroy: destroying connection 0xb61c3f28, flags
0002
        19(26390) tls_close: Closing SSL connection

Is this the same TLS connection which will bel closed again?
[Chris] It's the second one created by the other minisip device


        19(26390) tls_update_fd: New fd is 44
        19(26390) INFO: signal 13 received

	19(26390) tls_shutdown: First phase of 2-way handshake completed 
succesfuly

If it would be the same SSL connection which will be closed here, 
there should not bee this message. Thus, I suspect there is another 
SSL connection open which will be closed here?

[Chris] It's the second one created by the other minisip device


        19(26390) tls_tcpconn_clean: Entered
        *** glibc detected *** openser: free(): invalid pointer: 0x08788a38



Christophe - can you please provide a tcpdump (capture file) and 
ssldump too? If its big, send it to me privately.

[Chris] I'm working on it

regards
klaus



***
        ======= Backtrace: =========
        /lib/libc.so.6[0x1741e0]
        /lib/libc.so.6(__libc_free+0x77)[0x17472b]
        /lib/libssl.so.5(kssl_ctx_free+0x82)[0x9c8317]
        /lib/libssl.so.5(SSL_free+0x165)[0x9be03e]
        openser(tls_tcpconn_clean+0x46)[0x80e2cd6]
        openser(_tcpconn_rm+0x2f0)[0x8093bd0]
        openser[0x80943dc]
        openser[0x8098e63]
        openser[0x8097461]
        openser[0x8099a63]
        openser(tcp_main_loop+0x55b)[0x809a1db]
        openser(main_loop+0x8e0)[0x806cd20]
        openser(main+0x16bb)[0x806e77b]
        /lib/libc.so.6(__libc_start_main+0xdf)[0x125d7f]
        openser[0x8051111]
        ======= Memory map: ========
        00111000-00234000 r-xp 00000000 fd:02 289199     /lib/libc-2.3.6.so
        00234000-00236000 r-xp 00122000 fd:02 289199     /lib/libc-2.3.6.so


        Is this problem already corrected in the HEAD version of openSER ?
Is anyone has the same problem with TLS clients and openSER 1.1.0 ?

Thanks,
Christophe



      





---------------------------------------------------------------------
-
--

_______________________________________________
Devel mailing list
[email protected]
http://openser.org/cgi-bin/mailman/listinfo/devel


--
Klaus Darilion
nic.at


_______________________________________________
Devel mailing list
[email protected]
http://openser.org/cgi-bin/mailman/listinfo/devel



--
Klaus Darilion
nic.at



--
Klaus Darilion
nic.at


_______________________________________________
Devel mailing list
[email protected]
http://openser.org/cgi-bin/mailman/listinfo/devel






















					Reply via email to