26 Nov
2005
26 Nov
'05
2:40 p.m.
I have also compiled "avp_radius" module and load it in openser.cfg. Nothing
changed.
Sip Client IP: 192.168.1.2
OpenSER: 192.168.1.5
Radius Server: 192.168.1.3
Here is the openser debug log:
------------------------------------
[root@localhost openser]# 6(2884) SIP Request:
6(2884) method: <REGISTER>
6(2884) uri: <sip:192.168.1.5>
6(2884) version: <SIP/2.0>
6(2884) parse_headers: flags=2
6(2884) DEBUG:parse_to:end of header reached, state=9
6(2884) DEBUG: get_hdr_field: <To> [36]; uri=[sip:arda@192.168.1.5]
6(2884) DEBUG: to body [arda_eyebeam<sip:arda@192.168.1.5>
]
6(2884) Found param type 232, <branch> =
<z9hG4bK-d87543-622802375-1--d87543->; state=6
6(2884) Found param type 235, <rport> = <n/a>; state=17
6(2884) end of header reached, state=5
6(2884) parse_headers: Via found, flags=2
6(2884) parse_headers: this is the first via
6(2884) After parse_msg...
6(2884) preparing to run routing scripts...
6(2884) parse_headers: flags=100
6(2884) get_hdr_field: cseq <CSeq>: <1> <REGISTER>
6(2884) DEBUG:maxfwd:is_maxfwd_present: value = 70
6(2884) parse_headers: flags=200
6(2884) DEBUG: get_hdr_body : content_length=0
6(2884) found end of header
6(2884) find_first_route: No Route headers found
6(2884) loose_route: There is no Route HF
6(2884) grep_sock_info - checking if host==us: 11==9 && [192.168.1.5] ==
[127.0.0.1]
6(2884) grep_sock_info - checking if port 5060 matches port 5060
6(2884) grep_sock_info - checking if host==us: 11==11 && [192.168.1.5] ==
[192.168.1.5]
6(2884) grep_sock_info - checking if port 5060 matches port 5060
6(2884) grep_sock_info - checking if host==us: 11==9 && [192.168.1.5] ==
[127.0.0.1]
6(2884) grep_sock_info - checking if port 5060 matches port 5060
6(2884) grep_sock_info - checking if host==us: 11==11 && [192.168.1.5] ==
[192.168.1.5]
6(2884) grep_sock_info - checking if port 5060 matches port 5060
6(2884) parse_headers: flags=2000
6(2884) pre_auth(): Credentials with given realm not found
6(2884) REGISTER: challenging user2
6(2884) build_auth_hf(): 'WWW-Authenticate: Digest realm="192.168.1.5",
nonce="438222d8c7aac499351c46bad60c32a2c03eb751"
'
6(2884) parse_headers: flags=ffffffffffffffff
6(2884) check_via_address(192.168.1.2, 192.168.1.2, 0)
6(2884) DEBUG:destroy_avp_list: destroying list (nil)
6(2884) receive_msg: cleaning up
6(2884) SIP Request:
6(2884) method: <REGISTER>
6(2884) uri: <sip:192.168.1.5>
6(2884) version: <SIP/2.0>
6(2884) parse_headers: flags=2
6(2884) DEBUG:parse_to:end of header reached, state=9
6(2884) DEBUG: get_hdr_field: <To> [36]; uri=[sip:arda@192.168.1.5]
6(2884) DEBUG: to body [arda_eyebeam<sip:arda@192.168.1.5>
]
6(2884) Found param type 232, <branch> =
<z9hG4bK-d87543-907902613-1--d87543->; state=6
6(2884) Found param type 235, <rport> = <n/a>; state=17
6(2884) end of header reached, state=5
6(2884) parse_headers: Via found, flags=2
6(2884) parse_headers: this is the first via
6(2884) After parse_msg...
6(2884) preparing to run routing scripts...
6(2884) parse_headers: flags=100
6(2884) get_hdr_field: cseq <CSeq>: <2> <REGISTER>
6(2884) DEBUG:maxfwd:is_maxfwd_present: value = 70
6(2884) parse_headers: flags=200
6(2884) DEBUG: get_hdr_body : content_length=0
6(2884) found end of header
6(2884) find_first_route: No Route headers found
6(2884) loose_route: There is no Route HF
6(2884) grep_sock_info - checking if host==us: 11==9 && [192.168.1.5] ==
[127.0.0.1]
6(2884) grep_sock_info - checking if port 5060 matches port 5060
6(2884) grep_sock_info - checking if host==us: 11==11 && [192.168.1.5] ==
[192.168.1.5]
6(2884) grep_sock_info - checking if port 5060 matches port 5060
6(2884) grep_sock_info - checking if host==us: 11==9 && [192.168.1.5] ==
[127.0.0.1]
6(2884) grep_sock_info - checking if port 5060 matches port 5060
6(2884) grep_sock_info - checking if host==us: 11==11 && [192.168.1.5] ==
[192.168.1.5]
6(2884) grep_sock_info - checking if port 5060 matches port 5060
6(2884) check_nonce(): comparing [438222d8c7aac499351c46bad60c32a2c03eb751]
and [438222d8c7aac499351c46bad60c32a2c03eb751]
6(2884) ERROR:auth_radius:radius_authorize_sterman: rc_auth failed
6(2884) REGISTER: challenging user2
6(2884) build_auth_hf(): 'WWW-Authenticate: Digest realm="192.168.1.5",
nonce="438222d8c7aac499351c46bad60c32a2c03eb751"
'
6(2884) parse_headers: flags=ffffffffffffffff
6(2884) check_via_address(192.168.1.2, 192.168.1.2, 0)
6(2884) DEBUG:destroy_avp_list: destroying list (nil)
6(2884) receive_msg: cleaning up
-------------------------------------------
As I see in the sterman.c source rc_auth fails:
/* Send request */
if ((i = rc_auth(rh, SIP_PORT, send, &received, msg)) == OK_RC) {
DBG("DEBUG:auth_radius:radius_authorize_sterman: Success\n");
rc_avpair_free(send);
send = 0;
generate_avps(received);
rc_avpair_free(received);
return 1;
} else {
LOG(L_ERR,"ERROR:auth_radius:radius_authorize_sterman: "
"rc_auth failed\n");
goto err;
}
Any opinion?
Thanks in advance
Arda
----- Original Message -----
From: "Bogdan-Andrei Iancu" <bogdan(a)voice-system.ro>
To: "Arda Tekin" <arda(a)nicivr.com>
Cc: <users(a)openser.org>
Sent: Friday, November 25, 2005 5:00 PM
Subject: Re: [Users] How can I send radius authentication packet with
openser
Hi Arda,
you need to use auth_radius for this purpose. See:
http://www.openser.org/docs/modules/1.1.x/auth_radius.html
regards,
bogdan
Arda Tekin wrote:
Hi,
I have installed openser, mysql, radiusclient-ng-0.5.2 successfully on
REL3.0. openser works well with mysql. I need to send a radius
authentication packet to a radius server(according to RFC2865).
Packet contains base params:
User-name (attr.1) $Username
Password (attr.2) $Password
NAS-Identifier (attr.4)
(auto-generated)
NAS-Port (attr.5) $uref
State (attr.24) 0
Client-Port-DNIS (attr.30) NONE
Caller-Id (attr.31) $calling
I can not find a clear sample about radius. Which module is used for
this purpose?
Regards
Arda
------------------------------------------------------------------------
_______________________________________________
Users mailing list
Users(a)openser.org
http://openser.org/cgi-bin/mailman/listinfo/users