[asterisk-bugs] [Asterisk 0016673]: TLS socket file descriptor fails to open (with no error message in log)
Asterisk Bug Tracker
noreply at bugs.digium.com
Sat Jan 23 13:30:12 CST 2010
A NOTE has been added to this issue.
======================================================================
https://issues.asterisk.org/view.php?id=16673
======================================================================
Reported By: michaesc
Assigned To:
======================================================================
Project: Asterisk
Issue ID: 16673
Category: Core/Portability
Reproducibility: have not tried
Severity: minor
Priority: normal
Status: acknowledged
Asterisk Version: 1.6.2.1
JIRA: SWP-779
Regression: No
Reviewboard Link:
SVN Branch (only for SVN checkouts, not tarball releases): N/A
SVN Revision (number only!):
Request Review:
======================================================================
Date Submitted: 2010-01-22 10:55 CST
Last Modified: 2010-01-23 13:30 CST
======================================================================
Summary: TLS socket file descriptor fails to open (with no
error message in log)
Description:
On platforms missing funopen(3) or fopencookie(3) DO_SSL is undefined in
main/tcptls.h. Other files including tcptls.h will fail in their TLS
operations, because of this portability problem.
In the most basic case of configuring (in sip.conf) the TLS variables
properly, one expects the TLS logic to open the necessary TCP socket file
descriptors. Asterisk (see tcptls.c) doesn't do it on all supported
platforms, and doesn't even write any error or debug message to the log
announcing the problem.
======================================================================
----------------------------------------------------------------------
(0117109) michaesc (reporter) - 2010-01-23 13:30
https://issues.asterisk.org/view.php?id=16673#c117109
----------------------------------------------------------------------
Solaris 11 x86 (nv-b91) is the one I tested. I looked at FreeBSD which has
funopen(3), but only on newer releases. Glibc implements fopencookie(3),
but glibc has not yet been ported to many platforms (according to the
developers.)
In other words, if you use Linux then not writing code portably like this
works. Most other platforms fail if the releases are older than a couple
years. Some platforms (Solaris notably) fail even with newer releases.
By the way, the author of tcptls.c seems to be aware of that as there are
three parts to the condition (#if HAVE_FUNOPEN, #elif HAVE_FOPENCOOKIE,
#else /* to be implemented */) But there is a problem with this logic,
because all three parts of the condition are wrapped in #if DO_SSL which
depends wholly on either HAVE_FUNOPEN or HAVE_FOPENCOOKIE being available
on the platform. It looks kind of hacky.
Other than this, every other component of Asterisk 1.6.2.X is building and
running well on Solaris 11.
Issue History
Date Modified Username Field Change
======================================================================
2010-01-23 13:30 michaesc Note Added: 0117109
======================================================================
More information about the asterisk-bugs
mailing list