Hi Daniel - great work.
On Tue, 8 Jul 2025, 19:20 Daniel-Constantin Mierla,
wrote:
> Hello,
>
> some updates: during the past several days I added a new mode controlled
> by the new parameter tcp_main_threads. If set to 1, the tcp main process
> create a thread for each Kamailio process and the
Ideas for developer meeting 2b: Teach TCP sockets that they are TLS proxies
Background:
This is a follow-on for Proposal 2 - it is for each of use TLS offloading
to external proxies.
When using external TLS/TCP bridges users encounter a mismatch when
the URI/socket matcher cannnot find a matchin
(Apologies for the long wall of text)
Ideas for developer meeting 2: Rearchitect TLS
Background:
Kamailio uses OpenSSL in fork() for load balancing (TLS followed by SIP).The
TLS state must be in shared memory so that each worker can pick up
where the previous worker has left off.
Over the years
Great work kamailio devs in releasing 6.0.2 and the continuing work on
master branch.
Wishing you a restful weekend and while you are at it, here are some ideas,
probably half-baked, for your consideration.
Background:
Kamailio uses XML for documentation that is followed by an automatic task
tha
Yes - I will do that (re: warning on tls_threads_mode=1).
On further study I will not implement tls_threads_mode=3 for 6.x; I'll
merely leave it in the docs.
It uses a function that is actually deprecated in libssl3 - so is fragile
with respect to the build of OpenSSL.
Regards
Richard
___
lready, it would be great if you
> could quickly outline how intrusive the proposed tls_thread mode 3 would
> be, e.g. would it touch all the modules etc..
>
> We might consider maybe then adding it later.
>
>
>
> Thank you,
>
>
>
> Henning
>
>
>
> *F
Hi Xenofon,
It works for me now - thanks! You can go ahead with the merge to master.
On Fri, 20 Dec 2024 at 19:35, Xenofon via sr-dev
wrote:
> Hey Richard,
>
> Thanks for testing this out and letting me know! I pushed some fixes
> regarding `kamctl` and `kamdbctl` in
> https://github.com/kamail
HI devs,
In trying to solve the libssl3 issue the original attempt with
tls_threads_mode=1 turns out to be not quite correct.
Since the release of 5.8 we have consistently recommended
tls_threads_mode=2 for users of libssl 1.1.1 and 3.
For master/6.0.0-pre I will start to revert the changes of
t
Hi devs,
I am seeing a doubled path segment kamctl/ in MYLIBDIR in kamctl
MYLIBDIR="/usr/local/kamailio/lib64/kamailio/kamctl/kamctl"
kamctl.base is actually installed to
/usr/local/kamailio/lib64/kamailio/kamctl/kamctl.base.
This is the lastest master on debian 12.
Anyone else seeing this? My
@Sergey-safarov
Both EL distros 8.10 and 9.4 have been released with Python 3.12.
Can you consider updating bumping the Python version to 3.12 for the
upcoming 5.8.2 release.
Thank you.
Richard Chan
___
Kamailio (SER) - Development Mailing List
To uns
Chiming in...
RHEL 9.4 is on 3.0.7; what you are seeing is from CentOS Stream 9 which has
moved to 3.2.1.
Likely this will be in RHEL 9.5.
It is very unusual for Red Hat to bump the OpenSSL version within the life
of a release.
https://issues.redhat.com/browse/RHEL-26271
On Wed, 22 May 2024,
In 5.8 you need to set in global config
tls_threads_mode = 1 #or 2
On Thu, 21 Mar 2024, 03:59 Henning Westerholt via sr-dev, <
sr-dev@lists.kamailio.org> wrote:
> Thanks for the report. This is could be a known issue with OpenSSL 3.0
> e.g. on bookworm. Please try with Kamailio 5.8.0, or even be
Hi sr-dev
Just a heads-up that I have included a (slightly larger than normal)
commit to 5.8.
This offers provider support (v3) in parallel to ENGINE(v1.1.1).
- provides basic infrastructure for OpenSSL 3 providers
- it can be guarded with -DOPENSSL_NO_PROVIDER (which turns this commit off
compl
Typo in the gdb breakpoints in the earlier email : they should use the
function
$_any_caller_is (not $_caller_is)
# STEP 2
# this breakpoint detects if OpenSSL 3 initializes the thread-local
err_thread_local
# in process#0.thread#1 — this causes shared memory contention
gdb> breakpoint CRYPTO_THRE
Hi Daniel
===
For the upgrading notes, some ideas —
"tls.so: fixing GH#3635 new global config tls_threads_mode = 0 | 1
0: is the default and is the existing Kamailio behaviour
1: run some initialization functions(libcurl, database) in a thread to
avoid creating thread-
Ah so sorry about that : I have a new DRAFT PR for master that implements
enable_tls_threads = 0|1|2
that disables threading when not essential
https://github.com/kamailio/kamailio/pull/3745
On Tue, 6 Feb 2024 at 21:21, Daniel-Constantin Mierla via sr-dev <
sr-dev@lists.kamailio.org> wrote:
> @
For 5.7 stable I have a draft PR
https://github.com/kamailio/kamailio/pull/3744 that minimises
thread execution: it will run functions in a thread only if process_no = 0.
This restores unchanged
behaviour to all workers. FYC.
On Tue, 6 Feb 2024 at 16:02, Henning Westerholt via sr-dev <
sr-dev@list
Hi Daniel / Henning,
I would like to propose a global config to restore the non-threaded default:
enable_tls = no|yes #(EXISTING) boolean
enable_tls_threads = 0 | 1 | 2 #(NEW) int
0: disable thread-wrappers (restores kamailio behaviour)
- default when enable_tls = no
1: thread-wrapper only for
Hi devs,
The CI/CD seems to be broken after I pushed a few commits to master.
There seem to be docker pull errors.
Appreciate if someone could take a look.
Regards
Shih-Ping
___
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to
"It would be good to just use libwolfssl from the OS distro." - another
point to take note is that wolfSSL currently does not support semantic
versioning and will bump the soname even for a patch release. E.g., 5.6.4
soname version is 41, 5.6.6 soname version is 42. For distro packagers this
is une
Good point Daniel - I recommend that we keep the submodule in for one more
kamailio release cycle (5.8?) and wait until the dust settles from the new
OpenSSL 3 commits. wolfSSL is also less packaged in some of the RPM based
distros. Also OpenSSL 3 has (relative to 1.1.1) poor performance (although
Module: kamailio
Branch: 5.7
Commit: e73b07e9835ba5f0b89065616d8cd6390898d700
URL:
https://github.com/kamailio/kamailio/commit/e73b07e9835ba5f0b89065616d8cd6390898d700
Author: S-P Chan
Committer: Richard Chan
Date: 2024-01-09T10:18:55+08:00
tls: thread-local, revert 1a9b0b6361 as double-layer
Module: kamailio
Branch: 5.7
Commit: ed2d70359723458089dd8a62fe1e37a60dd83869
URL:
https://github.com/kamailio/kamailio/commit/ed2d70359723458089dd8a62fe1e37a60dd83869
Author: S-P Chan
Committer: Richard Chan
Date: 2024-01-09T10:12:59+08:00
tls: OpenSSL 3.x thread-local, init libssl in thread
Module: kamailio
Branch: 5.7
Commit: 90ea4120c04cb70f858f417309ee4fab71a070e7
URL:
https://github.com/kamailio/kamailio/commit/90ea4120c04cb70f858f417309ee4fab71a070e7
Author: S-P Chan
Committer: Richard Chan
Date: 2024-01-09T10:18:55+08:00
tls: fix compilation with OpenSSL <= 1.1.1
(cherry-p
Module: kamailio
Branch: 5.7
Commit: fe0968687d5ee7918f6a18591623fcb1b5fe2004
URL:
https://github.com/kamailio/kamailio/commit/fe0968687d5ee7918f6a18591623fcb1b5fe2004
Author: S-P Chan
Committer: Richard Chan
Date: 2024-01-09T10:18:55+08:00
outbound: OpenSSL 1.1.1 thread-local, init libssl in
Module: kamailio
Branch: 5.7
Commit: 1eb1d50e676fe8f81521c209f37ffe907fa9cf94
URL:
https://github.com/kamailio/kamailio/commit/1eb1d50e676fe8f81521c209f37ffe907fa9cf94
Author: S-P Chan
Committer: Richard Chan
Date: 2024-01-09T10:18:55+08:00
outbound: build, fix missing argument name
(cherry-p
Module: kamailio
Branch: 5.7
Commit: 7060ad2b0ebf90288be9d8d7e9d789ccbb3aebdc
URL:
https://github.com/kamailio/kamailio/commit/7060ad2b0ebf90288be9d8d7e9d789ccbb3aebdc
Author: S-P Chan
Committer: Richard Chan
Date: 2024-01-09T10:18:55+08:00
tls: OpenSSL 3.x/1.1.1 thread-local, clean-up dead co
Module: kamailio
Branch: 5.7
Commit: c011f518b083fc2f7da3a08a2c1a306c6122b04c
URL:
https://github.com/kamailio/kamailio/commit/c011f518b083fc2f7da3a08a2c1a306c6122b04c
Author: S-P Chan
Committer: Richard Chan
Date: 2024-01-09T10:18:55+08:00
tls: OpenSSL 1.1.1 thread-local, init libssl in threa
Module: kamailio
Branch: 5.7
Commit: 31e42aade0a42aac8a128a4af3f37edb23bb3ab8
URL:
https://github.com/kamailio/kamailio/commit/31e42aade0a42aac8a128a4af3f37edb23bb3ab8
Author: S-P Chan
Committer: Richard Chan
Date: 2024-01-09T10:18:55+08:00
outbound: OpenSSL 3.x thread-local, init libssl in th
29 matches
Mail list logo
