7 Oct
2010
7 Oct
'10
1:03 a.m.
I have tinkered with various combinations of modparam values for
'qop', 'nonce_count', and 'one_time_nonce' to see if it makes a
difference. It does not.
On 10/07/2010 01:00 AM, Alex Balashov wrote:
Actually, on further investigation, I think auth
<-> auth_db is very
broken in 3.1.0, at least when auth_db is used with Postgres. I
imagine this is because the new 'auth' is from the SER side and
'auth_db' is from the Kamailio extraction.
In the below script, www_authorize() returns -1 even though the user
is valid and is in the database table. However, when I look at my
Postgres server's query logs, Kamailio does not actually check the
'subscriber' table to see if the user exists, nor is the table
demand-loaded at startup. The user and the domain are both quite valid.
I have my script set to send_reply("403", "Forbidden") and
'exit' when
www_authorize() returns -1, because if it's an invalid user, there is
no point in challenging them. If I remove this reply and 'exit'
however, to test what happens if I www_challenge() anyway, then
Kamailio crashes.
On 10/06/2010 11:58 PM, Alex Balashov wrote:
--
Alex Balashov - Principal
Evariste Systems LLC
1170 Peachtree Street
12th Floor, Suite 1200
Atlanta, GA 30309
Tel: +1-678-954-0670
Fax: +1-404-961-1892
Web: http://www.evaristesys.com/
I seem to be able to crash Kamailio v3.1 by doing
this when handling a
REGISTER:
if(!www_authorize("$td", "subscriber")) {
# $rc is -1 - "invalid user"
www_challenge("$td", "1");
exit;
}
In other words, it cannot find the user, but I call www_challenge()
anyway, and get a segfault. Can anyone reproduce, before I attempt to
obtain a backtrace?