Hi Rob / Liviu,
I browsed quickly through the code and I think the following clause may be
a culprit:
if (calc_ha1) {
/* Only plaintext passwords are stored in database,
* we have to calculate HA1 */
cprms.creds.open = &(const struct digest_auth_credential){
.realm = *_domain, .user = _username->whole, .passwd =
result};
cprms.use_hashed = 0;
}
Compiler might deallocate / overwrite struct digest_auth_credential after
exiting that block causing subsequent call to auth_api.calc_HA1() to access
bogus pointer.
Rob, can you try applying the following commit and recompile/reinstall the
module in question and see if it helps?
https://github.com/sippy/opensips/commit/fea6a1d60d70f64971dff3ec2dc83f7ddc00389d
Thanks!
-Max
On Mon, Sep 27, 2021 at 12:48 AM Liviu Chircu <li...@opensips.org> wrote:
> On 27.09.2021 03:56, Rob Dyck wrote:
> > I am seeing the same. opensips-3.2.2 compiled from git source on Fedora.
>
> Thank you for the help, gents! Let's see if I can reproduce it...
> should be fairly straightforward.
>
> Best,
>
> --
> Liviu Chircu
> www.twitter.com/liviuchircu | www.opensips-solutions.com
>
>
> _______________________________________________
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
