All right, will do. Compiling with debug symbols now for extra information.
I don't think it is Postgres-related; I briefly looked at the backtrace and there was no evidence at all of database activity. Nor did a TCP packet capture show any database activity. Instead, it seemed to me like the fact that the initial REGISTER request arrived without digest/auth headers (like it's supposed to) was taken as evidence that user does not exist without further developments.
I will post the backtrace as soon as I have it.
-- Alex Balashov - Principal Evariste Systems LLC 1170 Peachtree Street 12th Floor, Suite 1200 Atlanta, GA 30309 Tel: +1-678-954-0670 Fax: +1-404-961-1892 Web: http://www.evaristesys.com/
On Oct 7, 2010, at 2:45 AM, Daniel-Constantin Mierla miconda@gmail.com wrote:
On 10/7/10 7:03 AM, Alex Balashov wrote:
I have tinkered with various combinations of modparam values for 'qop', 'nonce_count', and 'one_time_nonce' to see if it makes a difference. It does not.
Please send the backtrace. It is strange since authentication was deployed on many tests, but with mysql. Might be related to some of latest changes in postgres module.
Cheers, Daniel
On 10/07/2010 01:00 AM, Alex Balashov wrote:
Actually, on further investigation, I think auth <-> auth_db is very broken in 3.1.0, at least when auth_db is used with Postgres. I imagine this is because the new 'auth' is from the SER side and 'auth_db' is from the Kamailio extraction.
In the below script, www_authorize() returns -1 even though the user is valid and is in the database table. However, when I look at my Postgres server's query logs, Kamailio does not actually check the 'subscriber' table to see if the user exists, nor is the table demand-loaded at startup. The user and the domain are both quite valid.
I have my script set to send_reply("403", "Forbidden") and 'exit' when www_authorize() returns -1, because if it's an invalid user, there is no point in challenging them. If I remove this reply and 'exit' however, to test what happens if I www_challenge() anyway, then Kamailio crashes.
On 10/06/2010 11:58 PM, Alex Balashov wrote:
I seem to be able to crash Kamailio v3.1 by doing this when handling a REGISTER:
if(!www_authorize("$td", "subscriber")) { # $rc is -1 - "invalid user"
www_challenge("$td", "1"); exit; }
In other words, it cannot find the user, but I call www_challenge() anyway, and get a segfault. Can anyone reproduce, before I attempt to obtain a backtrace?
-- Daniel-Constantin Mierla http://www.asipto.com