You will notice that the PR moves HSM private keys loading to child (after
fork()). Some further explanation is in order:
Engines like AWS CloudHSM(SafeNet "gem" and "LunaCA3" engines) are wrappers
around their PKCS 11 implementations. Some of these libraries do not behave
predictably after
Thanks for the comments, I summarize actionable items at the bottom as the
conversation develops. I can push further commits, and do the final squash when
it can be accepted.
1. Preprocessor defines `OPENSSL_NO_ENGINE` - followed nginx and HAProxy where
they use this to omit compile-time code
Hello, thank you for the contribution! A few observations/questions from my
side:
* you added the new functionality as a pre-processor define, what was the
reason for this? Will this change break some other functionality, or is there
some other compatibility issue/new dependencies introduced?
Am Montag, 19. März 2018, 19:51:17 CET schrieb Henning Westerholt:
> [..]
> You'll find all information about this issue consolidated on our web page
> at:
>
> https://www.kamailio.org/w/2018/03/kamailio-security-announcement-tmx-lcr/
There was a small error in the configuration (missing
Am Montag, 19. März 2018, 09:49:55 CET schrieb Henning Westerholt:
> as already announced from Daniel-Constantin Mierla on the lists last
> Wednesday [1], we strongly advise you to update your Kamailio installation
> to the latest stable release for security reasons.
>
> All supported releases
Module: kamailio
Branch: master
Commit: 77beeb5d765119f46589a9d519123256fb8a9138
URL:
https://github.com/kamailio/kamailio/commit/77beeb5d765119f46589a9d519123256fb8a9138
Author: Daniel-Constantin Mierla
Committer: Daniel-Constantin Mierla
Date:
Module: kamailio
Branch: master
Commit: 22bd6ca04dd20951a20aca77ec9a8cb46cdf73f9
URL:
https://github.com/kamailio/kamailio/commit/22bd6ca04dd20951a20aca77ec9a8cb46cdf73f9
Author: Andreas Granig
Committer: Andreas Granig
Date: 2018-03-19T17:42:39+01:00
Hello,
this is another core dump..
Thanks
```
Program terminated with signal 11, Segmentation fault.
#0 0x7fd2cfd3ae07 in internal_rpc_print_dlg (rpc=0x7fd2cf6769c0,
c=0x7fd2cf676960, dlg=0x7fd2d0d380a0, with_context=0) at dialog.c:1548
1548if (pl->profile->has_value) {
Hello,
as already announced from Daniel-Constantin Mierla on the lists last Wednesday
[1], we strongly advise you to update your Kamailio installation to the latest
stable release for security reasons.
All supported releases (4.4, 5.0. and 5.1) contains two important security
fixes related to