[OpenSIPS-Users] Unable to enable secure renegotiation option in WolfSSL from OpenSIPs 3.2.2
rkumar at pandorarndlabs.com
rkumar at pandorarndlabs.com
Wed Aug 9 08:16:57 UTC 2023
Hello,
We are getting issue with OpenSIPs using TLS library "WolfSSL" when clients
using OpenSSL 3.0. we are getting Pre TLS handshake Errors . Please check
and let us know what can be done to resolve this issue.
ERROR:tls_wolfssl:_wolfssl_tls_accept: New TLS connection [0x7f1276c51740]
from 202.65.142.206:51053 failed to accept
ERROR:tls_wolfssl:_wolfssl_tls_accept: TLS accept error: -313, received
alert fatal error , connection [0x7f1276c51740]
ERROR:proto_tls:tls_read_req: failed to do pre-tls handshake!
INFO:core:tcp_trigger_report: Connection [0x7f1276c51740] is getting release
because of [Read error]
To address above issue we are trying to enable "secure-renegotiation" from
WolfSSL end but when we enable this , we are getting following error from
WolfSSL library
error "WRITE DUP and SECURE RENEGOTIATION cannot both be on"
so we disabled "WRITE DUP" and enabled "SECURE RENEGOTIATION" , and
compilation is getting succeeded but OpenSIPs unable to load WolfSSL
module as it is using "WRITE DUP" functions in WolfSSL module .
ERROR:core:sr_load_module: could not open module tls_wolfssl.so: undefined
symbol: wolfSSL_write_dup
ERROR:core:load_module: failed to load module
Software versions used :
OpenSIPs : 3.2.2
Embedded WolfSSL: 4.7.1
Regards,
V Ravi Kumar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20230809/1925627c/attachment-0001.html>
More information about the Users
mailing list