Bug 237503

Summary: net/kamailio: Crashes with TLS enabled with OpenSSL 1.1
Product: Ports & Packages Reporter: Nathan Whitehorn <nwhitehorn>
Component: Individual Port(s)Assignee: Kurt Jaeger <pi>
Status: Closed FIXED    
Severity: Affects Some People Keywords: needs-qa
Priority: --- Flags: bugzilla: maintainer-feedback? (pi)
koobs: merge-quarterly?
Version: Latest   
Hardware: Any   
OS: Any   
See Also: https://github.com/kamailio/kamailio/issues/1860

Description Nathan Whitehorn freebsd_committer 2019-04-23 17:47:02 UTC
Kamailio seg faults periodically when built against OpenSSL 1.1 (https://github.com/kamailio/kamailio/issues/1860) and TLS is enabled. To avoid this on FreeBSD 12 and up, it should probably be built against OpenSSL 1.0 from ports until the underlying bug is fixed (this is the recommendation in the GitHub bug above).
Comment 1 Nathan Whitehorn freebsd_committer 2019-06-04 04:36:09 UTC
There is also a workaround in the Kamailio repository here that fixes at least some of the problems: https://github.com/kamailio/kamailio/tree/master/src/modules/tls/utils/openssl_mutex_shared

It's not perfect, but it reduces the time between crashes from ~ 12 hours to ~ 2 weeks. Maybe this could at least be enabled by default?
Comment 2 Kurt Jaeger freebsd_committer 2019-08-23 10:11:03 UTC
With r509639 kamilio was updated to 5.2.4, please retest, if it is fixed.
Comment 3 Nathan Whitehorn freebsd_committer 2019-09-17 14:31:49 UTC
(In reply to Kurt Jaeger from comment #2)

It seems not to be. Per the upstream bug, a full solution will wait until 5.3.0. With 5.2.4, LD_PRELOAD of their openssl_mutex_shared module fixes the problem completely, however. It would be nice if that could be included in the port.
Comment 4 Nathan Whitehorn freebsd_committer 2020-02-18 20:33:26 UTC
This is fixed in 5.3.0.