[SR-Users] dictionary attacks

Alex Balashov abalashov at evaristesys.com
Sun Oct 24 22:53:57 CEST 2010


On 10/24/2010 04:44 PM, Sergey Okhapkin wrote:
> I'm working on migration of my kamailio.cfg from v1.4 to 3.1 and stuck with
> weird problem:
>
>   0(25026) ERROR: auth_db [authdb_mod.c:236]: empty parameter 1 not allowed
>   0(25026) ERROR:<core>  [route.c:1161]: fixing failed (code=-1) at
> cfg:/usr/local/etc/kamailio/kamailio.cfg.31:433
>   0(25026) ERROR:<core>  [route.c:1161]: fixing failed (code=-1) at
> cfg:/usr/local/etc/kamailio/kamailio.cfg.31:438
>   0(25026) ERROR:<core>  [route.c:1161]: fixing failed (code=-1) at
> cfg:/usr/local/etc/kamailio/kamailio.cfg.31:445
>   0(25026) ERROR:<core>  [route.c:1161]: fixing failed (code=-1) at
> cfg:/usr/local/etc/kamailio/kamailio.cfg.31:445
>   0(25026) ERROR:<core>  [route.c:1161]: fixing failed (code=-1) at
> cfg:/usr/local/etc/kamailio/kamailio.cfg.31:445
>   0(25026) ERROR:<core>  [route.c:1161]: fixing failed (code=-1) at
> cfg:/usr/local/etc/kamailio/kamailio.cfg.31:451
> ERROR: error -1 while trying to fix configuration
>
> The complained lines are calls like
>
> proxy_authorize("", "subscriber")
> proxy_challenge("", "0")
>
> According to auth_db module documentation the "realm" parameter can be an
> empty string, but code in modules_k/auth_db/authdb_mod.c line 236 explicitly
> checks that parameter value must be non-empty.

I ran into this too.  The documentation is wrong;  you need to put a 
realm in there.

For www_authorize(), it's $td.  For everything else 
(proxy_challenge()), it's $fd.

-- 
Alex Balashov - Principal
Evariste Systems LLC
1170 Peachtree Street
12th Floor, Suite 1200
Atlanta, GA 30309
Tel: +1-678-954-0670
Fax: +1-404-961-1892
Web: http://www.evaristesys.com/



More information about the sr-users mailing list