[OpenSIPS-Devel] [opensips] TLS closing connection under a bit of load (sslv3 alert bad certificate) (#670)
Răzvan Crainea
razvan at opensips.org
Wed Oct 14 20:27:02 CEST 2015
Hi, Carlos!
Each TLS connection has its own buffer, protected by a locking
mechanisms, so I don't see how data might get corrupted. Have you tried
taking a wireshark capture to see if Wireshark manages to parse and
validate the TLS sessions?
Best regards,
Răzvan Crainea
OpenSIPS Core Developer
http://www.opensips-solutions.com
On 10/14/2015 02:55 PM, Carlos Oliva wrote:
> After some tests I was able to reproduce the issue with
> tls_verify_client = 0 and tls_require_client_certificate = 0 The error
> now is:
> "ERROR:core:tls_print_errstack: TLS errstack: error:14094418:SSL
> routines:SSL3_READ_BYTES:tlsv1 alert unknown ca"
>
> Always is reproducible after some tests with a bit of load in the proxy.
> I was not able to reproduce with only two registered AORs. Maybe (only a
> supposition) the ssl buffer can be modified by other process while
> reading and the data is corrupted?
>
> In case it can help, here a new paste with debug=6
> http://pastebin.com/vCmitj0m
>
> —
> Reply to this email directly or view it on GitHub
> <https://github.com/OpenSIPS/opensips/issues/670#issuecomment-148027341>.
>
>
>
> _______________________________________________
> Devel mailing list
> Devel at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/devel
>
More information about the Devel
mailing list