[sr-dev] Bug in www_authorize/challenge functions

Alex Balashov abalashov at evaristesys.com
Thu Oct 7 07:00:10 CEST 2010


Actually, on further investigation, I think auth <-> auth_db is very 
broken in 3.1.0, at least when auth_db is used with Postgres.  I 
imagine this is because the new 'auth' is from the SER side and 
'auth_db' is from the Kamailio extraction.

In the below script, www_authorize() returns -1 even though the user 
is valid and is in the database table.  However, when I look at my 
Postgres server's query logs, Kamailio does not actually check the 
'subscriber' table to see if the user exists, nor is the table 
demand-loaded at startup.  The user and the domain are both quite valid.

I have my script set to send_reply("403", "Forbidden") and 'exit' when 
www_authorize() returns -1, because if it's an invalid user, there is 
no point in challenging them.  If I remove this reply and 'exit' 
however, to test what happens if I www_challenge() anyway, then 
Kamailio crashes.

On 10/06/2010 11:58 PM, Alex Balashov wrote:

> I seem to be able to crash Kamailio v3.1 by doing this when handling a
> REGISTER:
>
> if(!www_authorize("$td", "subscriber")) {
> # $rc is -1 - "invalid user"
>
> www_challenge("$td", "1");
> exit;
> }
>
> In other words, it cannot find the user, but I call www_challenge()
> anyway, and get a segfault. Can anyone reproduce, before I attempt to
> obtain a backtrace?
>


-- 
Alex Balashov - Principal
Evariste Systems LLC
1170 Peachtree Street
12th Floor, Suite 1200
Atlanta, GA 30309
Tel: +1-678-954-0670
Fax: +1-404-961-1892
Web: http://www.evaristesys.com/



More information about the sr-dev mailing list