[Home]

Summary:ASTERISK-25615: res_pjsip: Setting transport async_operations > 1 causes segfault on tls transports
Reporter:George Joseph (gjoseph)Labels:
Date Opened:2015-12-08 01:11:11.000-0600Date Closed:2015-12-14 06:47:13.000-0600
Priority:CriticalRegression?
Status:Closed/CompleteComponents:pjproject/pjsip
Versions:SVN 13.6.0 Frequency of
Occurrence
Constant
Related
Issues:
Environment:Fedora 23 x86_64 Asterisk from current 13 branch pjproject 2.4.5 Attachments:( 0) backtrace.txt
( 1) pjsip.conf
( 2) register.xml
Description:Originally reported issue:
{quote}
If async_operations is set greater than 1 on a tls transport, asterisk segfaults in pjproject just after the tls negotiation.
Test scenario and backtrace attached.
Use the Wiki Secure Calls page and contrib/scripts/ast_tls_cert script to create the keys and certs
Then from the /etc/asterisk/keys directory, run: sipp localhost:41061 -sf ./register.xml -t l1 -tls_cert ./1175.crt -tls_key 1175.key -p 5061 -max_socket 10 -m 1 -s 1175 -ap fordst1175
{quote}

However, I can now reproduce this issue solely using pjsua for both client and server...
Steps to reproduce (assuming pjproject-2.4.5):
* Modify pjsip/src/pjsua-lib/pjsua_core.c:2279 to set async_cnt to 2.
* Compile (no need to install)
* Create suitable TLS keys and certificates for a server
* Run
{code}pjsip-apps/bin/pjsua-x86_64-unknown-linux-gnu --use-tls --tls-ca-file ca.crt --tls-cert-file server.crt --tls-privkey-file server.key{code}
* From another command prompt, run
{code}
LD_LIBRARY_PATH=./pjsip/lib pjsip-apps/bin/pjsua-x86_64-unknown-linux-gnu --local-port 7070 --use-tls <<EOF
S
OPTIONS
sips:bob@localhost:5061
S
OPTIONS
sips:bob@localhost:5061
q
EOF
{code}
* The server side will segfault.

NOTE:  You need to run more than 1 request on the same socket.  Just sending 1 OPTIONS and exiting won't cause the segfault.



Comments:By: Asterisk Team (asteriskteam) 2015-12-08 01:11:13.382-0600

Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution.

A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report.

Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process].

By: Joshua C. Colp (jcolp) 2015-12-08 13:07:11.186-0600

I've gone ahead and sent an email to Teluu about this particular issue.

By: Joshua C. Colp (jcolp) 2015-12-11 12:55:46.445-0600

Teluu has fixed this upstream at https://trac.pjsip.org/repos/ticket/1901

By: George Joseph (gjoseph) 2015-12-11 21:45:22.236-0600

I'm going to test the fix Saturday.


By: George Joseph (gjoseph) 2015-12-12 11:19:20.124-0600

Patch confirmed to work and is targeted for pjproject 2.5.0.  I've added a runtime check that will cause an error if async_operations > 1 and pjproject version < 2.5.0.