Actually, on further investigation, I think auth <-> auth_db is very broken in 3.1.0, at least when auth_db is used with Postgres. I imagine this is because the new 'auth' is from the SER side and 'auth_db' is from the Kamailio extraction.
In the below script, www_authorize() returns -1 even though the user is valid and is in the database table. However, when I look at my Postgres server's query logs, Kamailio does not actually check the 'subscriber' table to see if the user exists, nor is the table demand-loaded at startup. The user and the domain are both quite valid.
I have my script set to send_reply("403", "Forbidden") and 'exit' when www_authorize() returns -1, because if it's an invalid user, there is no point in challenging them. If I remove this reply and 'exit' however, to test what happens if I www_challenge() anyway, then Kamailio crashes.
On 10/06/2010 11:58 PM, Alex Balashov wrote:
I seem to be able to crash Kamailio v3.1 by doing this when handling a REGISTER:
if(!www_authorize("$td", "subscriber")) { # $rc is -1 - "invalid user"
www_challenge("$td", "1"); exit; }
In other words, it cannot find the user, but I call www_challenge() anyway, and get a segfault. Can anyone reproduce, before I attempt to obtain a backtrace?