Hi,
I have installed openser-1.2.1-notls, freeradius-1.1.6, mysql-0.5.41, radiusclient-ng-0.5.2 successfully.
Openser works well with no modification of the 'openser.cfg' and I can register a SIP telephone. The Openser reponses always 200 ok!
And freeradius works well with the databases of mysql. When I make a 'radtest', I can received a 'access-request'.
But when I need to use openser+freeradius+mysql. It seems that the authentification doesn't work. I think that may be the problem to register a user in the mysql tables. I just want a authentification with username and password. But I can not find a clear sample about that. Can you help me?
Thank you very much!!!
And this is information I received:
[root@localhost openser-1.2.1-notls]# rad_recv: Access-Request packet from host 127.0.0.1:33097, id=136, length=225
User-Name = "1000@opensersip.test.machine"
Digest-Attributes = 0x0a0631303030
Digest-Attributes = 0x01196f70656e7365727369702e746573742e6d616368696e65
Digest-Attributes = 0x022a34363965323432306531346231643932316462376239393834353634636166666537396332663633
Digest-Attributes = 0x04187369703a3137322e32302e31342e3231343a35303630
Digest-Attributes = 0x030a5245474953544552
Digest-Response = "49c0b2b33010b2681d8b610a763387e7"
Service-Type = Sip-Session
Sip-Uri-User = "1000"
NAS-Port = 5060
NAS-IP-Address = 127.0.0.1
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 3
modcall[authorize]: module "preprocess" returns ok for request 3
modcall[authorize]: module "chap" returns noop for request 3
modcall[authorize]: module "mschap" returns noop for request 3
rlm_digest: Adding Auth-Type = DIGEST
modcall[authorize]: module "digest" returns ok for request 3
rlm_realm: Looking up realm "opensersip.test.machine" for User-Name = "1000@opensersip.test.machine"
rlm_realm: No such realm "opensersip.test.machine"
modcall[authorize]: module "suffix" returns noop for request 3
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 3
radius_xlat: '1000@opensersip.test.machine'
rlm_sql (sql): sql_set_user escaped user --> '1000@opensersip.test.machine'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = '1000@opensersip.test.machine' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 1
rlm_sql (sql): User 1000@opensersip.test.machine not found in radcheck
radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = '1000@opensersip.test.machine' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = '1000@opensersip.test.machine' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): User 1000@opensersip.test.machine not found in radgroupcheck
rlm_sql (sql): Released sql socket id: 1
rlm_sql (sql): User not found
modcall[authorize]: module "sql" returns notfound for request 3
rlm_pap: WARNING! No "known good" password found for the user. Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 3
modcall: leaving group authorize (returns ok) for request 3
rad_check_password: Found Auth-Type DIGEST
auth: type "digest"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 3
rlm_digest: Configuration item "User-Password" or Digest-HA1 is required for authentication.
modcall[authenticate]: module "digest" returns invalid for request 3
modcall: leaving group authenticate (returns invalid) for request 3
auth: Failed to validate the user.
Delaying request 3 for 1 seconds
Finished request 3
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds…
….
Waking up in 1 seconds…
….
Finished request 5
Going to the next request
--- Walking the entire request list ---
Sending Access-Reject of id 136 to 127.0.0.1 port 33097
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 137 to 127.0.0.1 port 33098
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 138 to 127.0.0.1 port 33099
Waking up in 2 seconds...
--- Walking the entire request list ---
Cleaning up request 3 ID 136 with timestamp 469e22f4
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 4 ID 137 with timestamp 469e22f5
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 5 ID 138 with timestamp 469e22f6
Nothing to do. Sleeping until we see a request.
rad_recv: Access-Request packet from host 127.0.0.1:33100, id=139, length=225
User-Name = "1000@opensersip.test.machine"
Digest-Attributes = 0x0a0631303030
Digest-Attributes = 0x01196f70656e7365727369702e746573742e6d616368696e65
Digest-Attributes = 0x022a34363965323864346337663736663239396262316438353138363732373962303436656462363061
Digest-Attributes = 0x04187369703a3137322e32302e31342e3231343a35303630
Digest-Attributes = 0x030a5245474953544552
Digest-Response = "9423cfb4f5e1472a432daf62417ea82e"
Service-Type = Sip-Session
Sip-Uri-User = "1000"
NAS-Port = 5060
NAS-IP-Address = 127.0.0.1
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 6
modcall[authorize]: module "preprocess" returns ok for request 6
modcall[authorize]: module "chap" returns noop for request 6
modcall[authorize]: module "mschap" returns noop for request 6
rlm_digest: Adding Auth-Type = DIGEST
modcall[authorize]: module "digest" returns ok for request 6
rlm_realm: Looking up realm "opensersip.test.machine" for User-Name = "1000@opensersip.test.machine"
rlm_realm: No such realm "opensersip.test.machine"
modcall[authorize]: module "suffix" returns noop for request 6
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 6
radius_xlat: '1000@opensersip.test.machine'
rlm_sql (sql): sql_set_user escaped user --> '1000@opensersip.test.machine'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = '1000@opensersip.test.machine' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql (sql): User 1000@opensersip.test.machine not found in radcheck
radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = '1000@opensersip.test.machine' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = '1000@opensersip.test.machine' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): User 1000@opensersip.test.machine not found in radgroupcheck
rlm_sql (sql): Released sql socket id: 3
rlm_sql (sql): User not found
modcall[authorize]: module "sql" returns notfound for request 6
rlm_pap: WARNING! No "known good" password found for the user. Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 6
modcall: leaving group authorize (returns ok) for request 6
rad_check_password: Found Auth-Type DIGEST
auth: type "digest"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 6
rlm_digest: Configuration item "User-Password" or Digest-HA1 is required for authentication.
modcall[authenticate]: module "digest" returns invalid for request 6
modcall: leaving group authenticate (returns invalid) for request 6
auth: Failed to validate the user.
Delaying request 6 for 1 seconds
Finished request 6
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
Waking up in 1 seconds…
…….
--- Walking the entire request list ---
Sending Access-Reject of id 139 to 127.0.0.1 port 33100
Sending Access-Reject of id 140 to 127.0.0.1 port 33101
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 141 to 127.0.0.1 port 33102
Waking up in 3 seconds...
--- Walking the entire request list ---
Cleaning up request 6 ID 139 with timestamp 469e27a8
Cleaning up request 7 ID 140 with timestamp 469e27a8
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 8 ID 141 with timestamp 469e27a9
Nothing to do. Sleeping until we see a request.