[sr-dev] Bug in www_authorize/challenge functions

[Daniel-Constantin Mierla]

On 10/7/10 7:03 AM, Alex Balashov wrote:
> I have tinkered with various combinations of modparam values for 
> 'qop', 'nonce_count', and 'one_time_nonce' to see if it makes a 
> difference.  It does not.
Please send the backtrace. It is strange since authentication was 
deployed on many tests, but with mysql. Might be related to some of 
latest changes in postgres module.

Cheers,
Daniel

>
> On 10/07/2010 01:00 AM, Alex Balashov wrote:
>
>> Actually, on further investigation, I think auth <-> auth_db is very
>> broken in 3.1.0, at least when auth_db is used with Postgres. I
>> imagine this is because the new 'auth' is from the SER side and
>> 'auth_db' is from the Kamailio extraction.
>>
>> In the below script, www_authorize() returns -1 even though the user
>> is valid and is in the database table. However, when I look at my
>> Postgres server's query logs, Kamailio does not actually check the
>> 'subscriber' table to see if the user exists, nor is the table
>> demand-loaded at startup. The user and the domain are both quite valid.
>>
>> I have my script set to send_reply("403", "Forbidden") and 'exit' when
>> www_authorize() returns -1, because if it's an invalid user, there is
>> no point in challenging them. If I remove this reply and 'exit'
>> however, to test what happens if I www_challenge() anyway, then
>> Kamailio crashes.
>>
>> On 10/06/2010 11:58 PM, Alex Balashov wrote:
>>
>>> I seem to be able to crash Kamailio v3.1 by doing this when handling a
>>> REGISTER:
>>>
>>> if(!www_authorize("$td", "subscriber")) {
>>> # $rc is -1 - "invalid user"
>>>
>>> www_challenge("$td", "1");
>>> exit;
>>> }
>>>
>>> In other words, it cannot find the user, but I call www_challenge()
>>> anyway, and get a segfault. Can anyone reproduce, before I attempt to
>>> obtain a backtrace?
>>>
>>
>>
>
>

-- 
Daniel-Constantin Mierla
http://www.asipto.com