AW: (RADIATOR) Question about Radiator Support.
Martin Wallner
Martin.Wallner at eunet.co.at
Thu Dec 29 19:57:35 CST 2005
I might be TOTALLY on the wrong track here, but sometimes perl-MD4 Support is not installed/missing (and that one is used for MSCHAP)... That can bring the funniest effects....
Martin
________________________________
Von: owner-radiator at open.com.au im Auftrag von Rosario Pingaro
Gesendet: Do 29.12.2005 23:02
An: Hugh Irvine
Cc: radiator at open.com.au
Betreff: Re: (RADIATOR) Question about Radiator Support.
we are experiencing the same problem.
Radiator is the latest 3.13 patched.
I have couppled my dictionary with the sip one like Hugh described some time
Before, but I am not able to let Radiator decoding the Digest-Attribute:
Attributes:
User-Name = "rpingar at voip.convergenze.it"
Digest-Attributes = "<10><9>rpingar"
Digest-Attributes = "<1><21>voip.convergenze.it"
Digest-Attributes = "<2>*43b45a051b018d59f1ccf21927c56cb5f3b7eabe"
Digest-Attributes = "<4><25>sip:voip.convergenze.it"
Digest-Attributes = "<3><10>REGISTER"
Digest-Response = "e8b688341619b901e17713acec847ff1"
Service-Type = IAPP-Register
SIP-URI-User = "rpingar"
NAS-Port = 5060
This is the dictionary from the radiusclient:
#### Attributes ###
ATTRIBUTE User-Name 1 string # RFC2865, acc,
auth_radius, avp_radius, group_radius, uri_radius
ATTRIBUTE NAS-Port 5 integer
ATTRIBUTE Service-Type 6 integer # RFC2865, acc,
auth_radius, avp_radius, group_radius, uri_radius
ATTRIBUTE Called-Station-Id 30 string # RFC2865, acc
ATTRIBUTE Calling-Station-Id 31 string # RFC2865, acc
ATTRIBUTE Acct-Status-Type 40 integer # RFC2865, acc
ATTRIBUTE Acct-Session-Id 44 string # RFC2865, acc
ATTRIBUTE Sip-Method 101 integer # Schulzrinne, acc
ATTRIBUTE Sip-Response-Code 102 integer # Schulzrinne, acc
ATTRIBUTE Sip-Cseq 103 string # Schulzrinne, acc
ATTRIBUTE Sip-To-Tag 104 string # Schulzrinne, acc
ATTRIBUTE Sip-From-Tag 105 string # Schulzrinne, acc
ATTRIBUTE Sip-Translated-Request-URI 107 string # Proprietary, acc
ATTRIBUTE Digest-Response 206 string # Sterman,
auth_radius
ATTRIBUTE Sip-Uri-User 208 string # Proprietary,
auth_radius
ATTRIBUTE Sip-Group 211 string # Proprietary,
group_radius
ATTRIBUTE Sip-Rpid 213 string # Proprietary,
auth_radius
ATTRIBUTE SIP-AVP 225 string # Proprietary,
avp_radius
ATTRIBUTE Digest-Realm 1063 string # Sterman,
auth_radius
ATTRIBUTE Digest-Nonce 1064 string # Sterman,
auth_radius
ATTRIBUTE Digest-Method 1065 string # Sterman,
auth_radius
ATTRIBUTE Digest-URI 1066 string # Sterman,
auth_radius
ATTRIBUTE Digest-QOP 1067 string # Sterman,
auth_radius
ATTRIBUTE Digest-Algorithm 1068 string # Sterman,
auth_radius
ATTRIBUTE Digest-Body-Digest 1069 string # Sterman,
auth_radius
ATTRIBUTE Digest-CNonce 1070 string # Sterman,
auth_radius
ATTRIBUTE Digest-Nonce-Count 1071 string # Sterman,
auth_radius
ATTRIBUTE Digest-User-Name 1072 string # Sterman,
auth_radius
Seems that what you call attribute 207, has from the client point of view
different attributes, from 1063 to 1072
Howto deal with this strange situation?
Thanks
Rosario
----- Original Message -----
From: "Hugh Irvine" <hugh at open.com.au>
To: "Ricardo Martinez" <rmartinez at redvoiss.net>
Cc: <radiator at open.com.au>
Sent: Friday, June 03, 2005 6:34 PM
Subject: Re: (RADIATOR) Question about Radiator Support.
>
> Hello Ricardo -
>
> Further to this, I didn't make it clear that if you define your
> dictionaries like this (in recent versions of Radiator):
>
> DictionaryFile %D/dictionary, %D/dictionary.sip
>
> SIP authentication will work automatically without requiring hooks or
> whatever.
>
> The most recent version is Radiator 3.13.
>
> regards
>
> Hugh
>
>
> On 3 Jun 2005, at 16:07, Hugh Irvine wrote:
>
>>
>> Hello Ricardo -
>>
>> On this same topic - see the file "dictionary.sip" in the Radiator 3.13
>> distribution.
>>
>> regards
>>
>> Hugh
>>
>>
>> On 3 Jun 2005, at 05:32, Ricardo Martinez wrote:
>>
>>
>>> Hello list.
>>> I'm using SER (Sip Express Router) to provide SIP services, and
>>> also
>>> i'm using Radiator 3.9 to my AAA services.
>>> SER send to my radius server a authentication message like this :
>>>
>>> Attributes:
>>> User-Name = "user1 at mydomain.com"
>>> Digest-Attributes = "<10><10>user1"
>>> Digest-Attributes = "<1><23>mydomain.com"
>>> Digest-Attributes = "<2>*429f5a94dfac500699b5465aae863a390d5ebd92"
>>> Digest-Attributes = "<4>&sip:1234567 at mydomain.com"
>>> Digest-Attributes = "<3><10>REGISTER"
>>> Digest-Attributes = "<5><6>auth"
>>> Digest-Attributes = "<9><10>00000037"
>>> Digest-Attributes = "<8><10>dbb06da4"
>>> Digest-Response = "08525b9e17e0ed25fccc61b104ff9e20"
>>> Service-Type = Sip-Session
>>> Sip-Uri-User = "1234567"
>>> NAS-IP-Address = 10.1.1.3
>>> NAS-Port = 5060
>>>
>>> As you can see I have different's Digest-Attributes with different
>>> values.
>>> It suppose that these Digest-Attributes must be parsed to Digest- Uri ,
>>> Digest-Realm, Digest-Nonce, etc...but RADIATOR seems not to be doing
>>> anything about it.
>>> Well. A long time ago asking in this mailing list Hugh told me that i
>>> need
>>> to run a preClientHook and parse by myself this attributes... well
>>> that's
>>> what i'm doing now and it is working.
>>> What i found out recently is that, for example FreeRadius Server
>>> recognize
>>> this attributes and do the conversion by itself. So i0m wondering if
>>> Radiator has maybe now a support for this type of message, i think that
>>> is
>>> the draft "draft-sterman-aaa-sip-00".
>>>
>>> I hope that somone could give me a hand here
>>> Thanks in advace.
>>>
>>> Regards,
>>>
>>> Ricardo Martinez.-
>>>
>>> --
>>> Archive at http://www.open.com.au/archives/radiator/
>>> Announcements on radiator-announce at open.com.au
>>> To unsubscribe, email 'majordomo at open.com.au' with
>>> 'unsubscribe radiator' in the body of the message.
>>>
>>>
>>
>>
>> NB:
>>
>> Have you read the reference manual ("doc/ref.html")?
>> Have you searched the mailing list archive (www.open.com.au/
>> archives/radiator)?
>> Have you had a quick look on Google (www.google.com)?
>> Have you included a copy of your configuration file (no secrets),
>> together with a trace 4 debug showing what is happening?
>>
>> --
>> Radiator: the most portable, flexible and configurable RADIUS server
>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>> -
>> Nets: internetwork inventory and management - graphical, extensible,
>> flexible with hardware, software, platform and database independence.
>> -
>> CATool: Private Certificate Authority for Unix and Unix-like systems.
>>
>>
>> --
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.
>>
>
>
> NB:
>
> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive (www.open.com.au/archives/
> radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20051230/84bdbbc8/attachment.html>
More information about the radiator
mailing list