[sr-dev] Bug in www_authorize/challenge functions
Alex Balashov
abalashov at evaristesys.com
Thu Oct 7 07:03:03 CEST 2010
I have tinkered with various combinations of modparam values for
'qop', 'nonce_count', and 'one_time_nonce' to see if it makes a
difference. It does not.
On 10/07/2010 01:00 AM, Alex Balashov wrote:
> Actually, on further investigation, I think auth <-> auth_db is very
> broken in 3.1.0, at least when auth_db is used with Postgres. I
> imagine this is because the new 'auth' is from the SER side and
> 'auth_db' is from the Kamailio extraction.
>
> In the below script, www_authorize() returns -1 even though the user
> is valid and is in the database table. However, when I look at my
> Postgres server's query logs, Kamailio does not actually check the
> 'subscriber' table to see if the user exists, nor is the table
> demand-loaded at startup. The user and the domain are both quite valid.
>
> I have my script set to send_reply("403", "Forbidden") and 'exit' when
> www_authorize() returns -1, because if it's an invalid user, there is
> no point in challenging them. If I remove this reply and 'exit'
> however, to test what happens if I www_challenge() anyway, then
> Kamailio crashes.
>
> On 10/06/2010 11:58 PM, Alex Balashov wrote:
>
>> I seem to be able to crash Kamailio v3.1 by doing this when handling a
>> REGISTER:
>>
>> if(!www_authorize("$td", "subscriber")) {
>> # $rc is -1 - "invalid user"
>>
>> www_challenge("$td", "1");
>> exit;
>> }
>>
>> In other words, it cannot find the user, but I call www_challenge()
>> anyway, and get a segfault. Can anyone reproduce, before I attempt to
>> obtain a backtrace?
>>
>
>
--
Alex Balashov - Principal
Evariste Systems LLC
1170 Peachtree Street
12th Floor, Suite 1200
Atlanta, GA 30309
Tel: +1-678-954-0670
Fax: +1-404-961-1892
Web: http://www.evaristesys.com/
More information about the sr-dev
mailing list