[sr-dev] git:4.3:4602f2dc: auth_db: use username when querying for credentials via is_subscriber

[Daniel-Constantin Mierla]

Module: kamailio
Branch: 4.3
Commit: 4602f2dc430b97b6e76ae5da9ebf7f2a7984a48c
URL: https://github.com/kamailio/kamailio/commit/4602f2dc430b97b6e76ae5da9ebf7f2a7984a48c

Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date: 2016-02-07T20:24:42+01:00

auth_db: use username when querying for credentials via is_subscriber

- for the case when credentials should not be stored, just discover if a
  record exists for the user
- avoids buffer overflow by setting all credentials columns, while
  trying to use only the first column
- reported by Anthony Messina, GH #500

(cherry picked from commit adbbe8b62d6b4b95e5ecbab041b93bb3130f1932)

---

Modified: modules/auth_db/authorize.c

---

Diff:  https://github.com/kamailio/kamailio/commit/4602f2dc430b97b6e76ae5da9ebf7f2a7984a48c.diff
Patch: https://github.com/kamailio/kamailio/commit/4602f2dc430b97b6e76ae5da9ebf7f2a7984a48c.patch

---

diff --git a/modules/auth_db/authorize.c b/modules/auth_db/authorize.c
index c307326..9174894 100644
--- a/modules/auth_db/authorize.c
+++ b/modules/auth_db/authorize.c
@@ -62,13 +62,16 @@ int fetch_credentials(sip_msg_t *msg, str *user, str* domain, str *table, int fl
 		LM_ERR("no more pkg memory\n");
 		return -1;
 	}
-	col[0] = &user_column;
 
 	keys[0] = &user_column;
 	keys[1] = &domain_column;
 
-	for (n = 0, cred=credentials; cred ; n++, cred=cred->next) {
-		col[n] = &cred->text;
+	if(flags&AUTH_DB_SUBS_SKIP_CREDENTIALS) {
+		col[0] = &user_column;
+	} else {
+		for (n = 0, cred=credentials; cred ; n++, cred=cred->next) {
+			col[n] = &cred->text;
+		}
 	}
 
 	VAL_TYPE(vals) = VAL_TYPE(vals + 1) = DB1_STR;