[OpenSIPS-Users] Question about "OpenSSL journey" blog

Beaveryoga Asana beaveryogaa at gmail.com
Sat Sep 11 01:48:59 EST 2021


Hi OpenSIPS community,

A couple of questions regarding the educational blog "The OpenSIPS and
OpenSSL journey":

The article explains that SSL_CTX* is duplicated across all children.

* Is the SSL* object shared between child workers for performing SSL_read()
and SSL_write() (— with global locking)?

IOW the underlying TCP socket is read/written by all workers and the SSL*
object is mutated by each worker when they get the lock? (See next question)

* Is the underlying TCP socket fd open in each worker?

I gather this from point 3. in the article where OpenSIP will "Keep a
single SSL/TLS connection to each destination throughout all the processes,
and make sure there’s a mutual concurrent access to it."

* Is there a distinction between the "worker-that-decrypts-packet
(SSL_read())" and "worker-that-processes-SIP" - are they always the same
process?

Scenario: OpenSIPS is TLS server and UAC makes a SIP-over-TLS call: are the
SIP messages handled by multiple workers and a single worker: wrt to
SSL_read()/SSL_write() and wrt to SIP message handling.

Thank you.

BY
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20210911/40361407/attachment.html>


More information about the Users mailing list