[SR-Users] dictionary attacks
Alex Balashov
abalashov at evaristesys.com
Sun Oct 24 22:53:57 CEST 2010
On 10/24/2010 04:44 PM, Sergey Okhapkin wrote:
> I'm working on migration of my kamailio.cfg from v1.4 to 3.1 and stuck with
> weird problem:
>
> 0(25026) ERROR: auth_db [authdb_mod.c:236]: empty parameter 1 not allowed
> 0(25026) ERROR:<core> [route.c:1161]: fixing failed (code=-1) at
> cfg:/usr/local/etc/kamailio/kamailio.cfg.31:433
> 0(25026) ERROR:<core> [route.c:1161]: fixing failed (code=-1) at
> cfg:/usr/local/etc/kamailio/kamailio.cfg.31:438
> 0(25026) ERROR:<core> [route.c:1161]: fixing failed (code=-1) at
> cfg:/usr/local/etc/kamailio/kamailio.cfg.31:445
> 0(25026) ERROR:<core> [route.c:1161]: fixing failed (code=-1) at
> cfg:/usr/local/etc/kamailio/kamailio.cfg.31:445
> 0(25026) ERROR:<core> [route.c:1161]: fixing failed (code=-1) at
> cfg:/usr/local/etc/kamailio/kamailio.cfg.31:445
> 0(25026) ERROR:<core> [route.c:1161]: fixing failed (code=-1) at
> cfg:/usr/local/etc/kamailio/kamailio.cfg.31:451
> ERROR: error -1 while trying to fix configuration
>
> The complained lines are calls like
>
> proxy_authorize("", "subscriber")
> proxy_challenge("", "0")
>
> According to auth_db module documentation the "realm" parameter can be an
> empty string, but code in modules_k/auth_db/authdb_mod.c line 236 explicitly
> checks that parameter value must be non-empty.
I ran into this too. The documentation is wrong; you need to put a
realm in there.
For www_authorize(), it's $td. For everything else
(proxy_challenge()), it's $fd.
--
Alex Balashov - Principal
Evariste Systems LLC
1170 Peachtree Street
12th Floor, Suite 1200
Atlanta, GA 30309
Tel: +1-678-954-0670
Fax: +1-404-961-1892
Web: http://www.evaristesys.com/
More information about the sr-users
mailing list