(RADIATOR) Question about Radiator Support.

Hugh Irvine hugh at open.com.au
Fri Jun 3 02:13:51 CDT 2005 

Hello Igor -

Thanks for that - do you mind if I include it in the example hooks  
(with credit to you of course)?

BTW - you can also call get_attr() in a list context and then loop  
through the resulting elements rather than using a join.

regards

Hugh


On 3 Jun 2005, at 17:04, Igor Briski wrote:

> Hugh Irvine wrote:
>
>> Hello Ricardo -
>> What exactly are you wanting to do?
>> Radiator will already correctly deal with the authentication and  
>> so  on, but you are correct - the sub-attributes are not decoded  
>> by default.
>> If you want to be able to access the "Digest-Uri", "Digest- 
>> Realm",  "Digest-Nonce" attributes then you should continue to use  
>> a hook.
>>
>
> I wrote a hook for dealing with those Digest attributes, see  
> attachment. Comments are welcome.
>
> -- 
> Tko vrijedi leti, tko leti vrijedi, tko ne leti ne vrijedi.
>
> Igor Briški - igor.briski at iskon.hr
> # -*- mode: Perl -*-
> #
> # DigestHook, (c)2004. Igor Briski, Iskon Internet d.d.
> #
> # Used as a PreHandlerHook to unpack inner attributes from
> # Digest-Attributes as per draft-sterman-aaa-sip-00.txt
> # and insert them as standalone attributes in current packet
> #
>
> sub
> {
>    my $p = ${$_[0]};
>
>    if (defined($p->get_attr('Digest-Response')))
>    {
>       my ($username, $realm, $nonce, $uri, $qop, $method, $nc,  
> $cnonce, $algorithm, $body_digest);
>
>       my $sipattrs = join('', $p->get_attr('Digest-Attributes')); #  
> May be multiple instances
>       if (defined $sipattrs)
>       {
>          my @attrs;
>
>          # Unpack inner attributes from Digest-Attributes as per  
> draft-sterman-aaa-sip-00.txt
>          while (length($sipattrs))
>          {
>              my ($subtype, $sublength) = unpack('C C', $sipattrs);
>              last if $sublength < 3;
>              my $vallen = $sublength - 2;
>              $attrs[$subtype] = unpack("x x a$vallen", $sipattrs);
>              substr($sipattrs, 0, $sublength) = undef; # Strip that  
> one off
>          }
>          $realm       = $attrs[1];
>          $nonce       = $attrs[2];
>          $method      = $attrs[3];
>          $uri         = $attrs[4];
>          $qop         = $attrs[5];
>          $algorithm   = $attrs[6];
>          $body_digest = $attrs[7];
>          $cnonce      = $attrs[8];
>          $nc          = $attrs[9];
>          $username    = $attrs[10];
>
>          $p->add_attr('Digest-Realm', $realm) if defined $realm;
>          $p->add_attr('Digest-Nonce', $nonce) if defined $nonce;
>          $p->add_attr('Digest-Method', $method) if defined $method;
>          $p->add_attr('Digest-URI', $uri) if defined $uri;
>          $p->add_attr('Digest-QOP', $qop) if defined $qop;
>          $p->add_attr('Digest-Algorithm', $algorithm) if defined  
> $algorithm;
>          $p->add_attr('Digest-Body-Digest', $body_digest) if  
> defined $body_digest;
>          $p->add_attr('Digest-CNonce', $cnonce) if defined $cnonce;
>          $p->add_attr('Digest-Nonce-Count', $nc) if defined $nc;
>          $p->add_attr('Digest-User-Name', $username) if defined  
> $username;
>
>          &main::log($main::LOG_DEBUG,"Digest-Attributes parsed to:");
>          &main::log($main::LOG_DEBUG,"Digest-Realm = $realm");
>          &main::log($main::LOG_DEBUG,"Digest-Nonce = $nonce");
>          &main::log($main::LOG_DEBUG,"Digest-Method = $method");
>          &main::log($main::LOG_DEBUG,"Digest-URI = $uri");
>          &main::log($main::LOG_DEBUG,"Digest-QOP = $qop");
>          &main::log($main::LOG_DEBUG,"Digest-Algorithm = $algorithm");
>          &main::log($main::LOG_DEBUG,"Digest-Body-Digest =  
> $body_digest");
>          &main::log($main::LOG_DEBUG,"Digest-CNonce = $cnonce");
>          &main::log($main::LOG_DEBUG,"Digest-Nonce-Count = $nc");
>          &main::log($main::LOG_DEBUG,"Digest-User-Name = $username");
>       }
>    }
>    return;
> }
>


NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list