22 Sep
2007
22 Sep
'07
4:42 a.m.
The issue I am referring to is this (and is not related to any specific
release of radiusclient-ng):
md5 hashes are not correct on 64bit platforms.
http://developer.berlios.de/bugs/?func=detailbug&bug_id=7442&group_…
I've applied this patch on various versions of radiusclient-ng and had
success.
This problem was discussed previously, for example:
http://www.openser.org/pipermail/users/2006-August/006247.html
I found that applying the patch worked in cases where the latest CVS
didn't work. This was a while ago (perhaps as long as a year ago).
The patch itself isn't very long and you may find it easier to manually
apply it (as I remember, I just manually applied it).
--- ../../radiusclient-ng-0.5.2/include/radiusclient-ng.h 2005-11-07
12:46:37.000000000 -0700
+++ radiusclient-ng.h 2006-09-19 17:32:54.725650893 -0600
@@ -19,6 +19,7 @@
#include <sys/types.h>
#include <stdio.h>
+#include <stdint.h>
#include <time.h>
#undef __BEGIN_DECLS
@@ -31,8 +32,8 @@
# define __END_DECLS /* empty */
#endif
-typedef unsigned long UINT4;
-typedef long INT4;
+#define UINT4 uint32_t
+#define INT4 int32_t
#define AUTH_VECTOR_LEN 16
#define AUTH_PASS_LEN (3 * 16) /* multiple of 16 */
On a related topic, I recently loaded the current development versions
of both freeradius and radiusclient-ng. When I tried to remove the
radiusclient-ng dictionary overrides, it was surprising to note that,
for example, the octet attribute type isn't supported in
radiusclient-ng. It seems that this piece of code has not kept pace
with other radius development efforts. That said, the current
development copies of openser, freeradius and radiusclient-ng appear to
play nicely with each other.
Regards,
Norm
Edson wrote:
Hi, Marc...
I'll have to move an OpenSER from the test machine (OpenSUSE/P4) to a XEON
(OpenSUSE/64-bits).
So I'm curious to understand why are You saying that only with this version
it will work? The one finded on the site indicated by Norman didn't work?
How did You solve this issue, Norman?
Edson
_______________________________________________
Users mailing list
Users(a)openser.org
http://openser.org/cgi-bin/mailman/listinfo/users
-----Original Message-----
From: users-bounces(a)openser.org [mailto:users-bounces@openser.org] On
Behalf Of Marc LEURENT
Sent: quinta-feira, 20 de setembro de 2007 11:04
To: Norman Brandinger
Cc: users(a)openser.org
Subject: Re: [OpenSER-Users] OpenSER + FreeRadius error (solved)
OK, if someone wants to use OpenSER + Freeradius accounting on a 64 bits
platform,
libradiusclient-ng2-0.5.5-1 sould be use, otherwise it won't work
Have a nice day
Marc LEURENT a écrit :
>> THANKS!
>> Indeed, my computer is a 64bit platform!
>> I'm going to test the patch!
>>
>> Norman Brandinger a écrit :
>>> Hi Marc,
>>> I recall this problem when working on 64-bit machines. Seems that
>>> radiusclient-ng needed a patch. Not sure if the current CVS has this
>>> problem fixed.
>>> The radiusclient distribution is here:
>>> http://developer.berlios.de/projects/radiusclient-ng/
>>> Take a look at the 64-bit patches.
>>> If your machines aren't 64-bit, your problem may be somewhere else.
>>> Regards,
>>> Norm
>>
>>
>>
>>> Marc LEURENT wrote:
>>>> It seems that the credentials send by radiusclient from openser are
>>>> wrong whereas when I use a rastest, it's working!
>>>> Strange!
>>>>
>>>> rad_recv: Accounting-Request packet from host 213.91.4.213:34734,
>>>> id=43, length=293
>>>> Received Accounting-Request packet from 213.91.4.213 with invalid
>>>> signature! (Shared secret is incorrect.) Dropping packet without
>>>> response.
>>>> Finished request 24
>>>> Going to the next request
>>>> --- Walking the entire request list ---
>>>> Waking up in 6 seconds...
>>>> --- Walking the entire request list ---
>>>> Cleaning up request 24 ID 43 with timestamp 46f23ab0
>>>> Nothing to do. Sleeping until we see a request.
>>>> rad_recv: Accounting-Request packet from host 213.91.4.213:34734,
>>>> id=43, length=293
>>>> Received Accounting-Request packet from 213.91.4.213 with invalid
>>>> signature! (Shared secret is incorrect.) Dropping packet without
>>>> response.
>>>> Finished request 25
>>>> Going to the next request
>>>> --- Walking the entire request list ---
>>>> Waking up in 6 seconds...
>>>> --- Walking the entire request list ---
>>>> Cleaning up request 25 ID 43 with timestamp 46f23aba
>>>> Nothing to do. Sleeping until we see a request.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> Marc LEURENT a écrit :
>>>>> Does this error means something to somebody??
>>>>> Thanks
>>>>> ERROR:acc:acc_rad_request: radius-ing failed
>>>>> My openser.cfg
>>>>> # -- acc params (with radius )--
>>>>> modparam("acc", "radius_config",
>>>> "/etc/radiusclient-ng/radiusclient.conf")
>>>>> modparam("acc", "radius_flag", 1)
>>>>> modparam("acc", "radius_missed_flag", 2)
>>>>> .....
>>>>> ################### SET RADIUS ACCOUTING FLAGS
>>>> #################################
>>>>> # Set the acc flags
>>>>> xlog("JUSTE BEFORE SETTING FLAGS FOR RADIUS\r\n");
>>>>> if(is_method("INVITE") && !has_totag()) {
>>>>> xlog("L_INFO", "I AM SETTING THE FLAGS
FOR RADIUS
\r\n");
>>>>> $avp(can_uri)
= $ru; # SIP Request's URI
>>>>> $avp(billing_party) = "sip:" + $au +
"@" + $ar; #
>>>> From URI
>>>>> $avp(user_name) = $fu;
>>>>> xlog("!!!! FROM TAG = $ft\r\n");
>>>>> xlog("SETTING FLAGS 1 & 2 FOR RADIUS
\r\n");
>>>>> setflag(1); # radius_flag
>>>>> setflag(2); # radius_missed_flag
>>>>> };
>>>>
>>>>
>>>>
>>>>
>>>>> DEBUG OUTPUT:
>>>>> 3(26026) DEBUG: update_totag_set: new totag
>>>>> 3(26026) DEBUG: add_to_tail_of_timer[2]: 0x2b898c7eb9d0 (12)
>>>>> 3(26026) DEBUG:tm:relay_reply: sent buf=0x61d2e8: SIP/2.0 2...,
>>>> shmem=0x2b898c7ed7a8: SIP/2.0 2
>>>>> 3(26026) DBG: trans=0x2b898c7eb950, callback type 128, id 0
entered
>>>>> 3(26026)
ERROR:acc:acc_rad_request: radius-ing failed
>>>>> 3(26026) DEBUG: cleanup_uac_timers: RETR/FR timers reset
>>>>> 3(26026) DEBUG:tm:UNREF_UNSAFE: after is 0
>>>>> 3(26026) DEBUG:destroy_avp_list: destroying list (nil)
>>>>> 3(26026) receive_msg: cleaning up
>>>>> 1(26024) SIP Request:
>>>>> 1(26024) method: <ACK>
>>>>> 1(26024) uri:
<sip:105@82.127.0.79:1030;user=phone;nat=yes>
>>>>> 1(26024) version: <SIP/2.0>
>>>>> 1(26024) parse_headers: flags=2
>>>>> 1(26024) Found param type 232, <branch> =
>>>> <z9hG4bK2175363103192047157>; state=16
>>>>> 1(26024) end of header reached, state=5
>>>>> 1(26024) parse_headers: Via found, flags=2
>>>>> 1(26024) parse_headers: this is the first via
>>>> _______________________________________________
>>>> Users mailing list
>>>> Users(a)openser.org
>>>> http://openser.org/cgi-bin/mailman/listinfo/users
>>> _______________________________________________
>>> Users mailing list
>>> Users(a)openser.org
>>> http://openser.org/cgi-bin/mailman/listinfo/users
>>
>>
>>
_______________________________________________
Users mailing list
Users(a)openser.org
http://openser.org/cgi-bin/mailman/listinfo/users
>