(RADIATOR) Access reject (sip digest) seems not reacing the radius client

Rosario Pingaro rpingar at nesec.it
Sun Jan 1 10:01:33 CST 2006


fixed adding NoDefault.

Regards

Rosario




----- Original Message ----- 
From: "Rosario Pingaro" <rpingar at nesec.it>
To: "Hugh Irvine" <hugh at open.com.au>
Cc: <radiator at open.com.au>
Sent: Sunday, January 01, 2006 5:50 AM
Subject: (RADIATOR) Access reject (sip digest) seems not reacing the radius 
client


> Hi Hugh, have a great 2006
>
> we were able to configure Radiator 3.13 for digest authentication against 
> ser and its radius client. This is the handler about it (with the 
> prehadlerhook you mailed me):
> <AuthBy SQL>
>                Identifier      SIPDigest
>                DBSource        dbi:mysql:ser:xxx.xxx.xxx.xxx
>                DBUsername      ser
>                DBAuth          xxxxxxxxxxx
>
>                AuthSelect select password from subscriber where 
> username='%{Digest-User-Name}' and domain='%{Dige\
> st-Realm}'
>
>                AuthColumnDef 0, User-Password, check
>                AuthColumnDef 1, NAS-Port-Type, reply
>
> </AuthBy>
>
> <Handler Realm=voip.convergenze.it,Digest-Method=REGISTER>
>        # AuthByPolicy per gestire il Timeout del Mysql
>        AuthByPolicy ContinueWhileIgnore
>
>        AuthBy SIPDigest
>
>        <AuthBy INTERNAL>
>                DefaultResult REJECT
>        </AuthBy>
>
>        # Log authentication to a detail file.Sun Jan  1 11:37:09 2006: 
> DEBUG: Radius::AuthSQL looks for match with DEFAULT11485 
> [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:09 2006: DEBUG: Radius::AuthSQL REJECT: Bad Password: 
> DEFAULT11485 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:09 2006: DEBUG: Query is: 'select password from 
> subscriber where username='rpingar' and domain='voip.convergenze.it'':
> Sun Jan  1 11:37:09 2006: DEBUG: Radius::AuthSQL looks for match with 
> DEFAULT11486 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:09 2006: DEBUG: Radius::AuthSQL REJECT: Bad Password: 
> DEFAULT11486 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:09 2006: DEBUG: Query is: 'select password from 
> subscriber where username='rpingar' and domain='voip.convergenze.it'':
> Sun Jan  1 11:37:09 2006: DEBUG: Radius::AuthSQL looks for match with 
> DEFAULT11487 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:09 2006: DEBUG: Radius::AuthSQL REJECT: Bad Password: 
> DEFAULT11487 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:09 2006: DEBUG: Query is: 'select password from 
> subscriber where username='rpingar' and domain='voip.convergenze.it'':
> Sun Jan  1 11:37:09 2006: DEBUG: Radius::AuthSQL looks for match with 
> DEFAULT11488 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:09 2006: DEBUG: Radius::AuthSQL REJECT: Bad Password: 
> DEFAULT11488 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:09 2006: DEBUG: Query is: 'select password from 
> subscriber where username='rpingar' and domain='voip.convergenze.it'':
> Sun Jan  1 11:37:09 2006: DEBUG: Radius::AuthSQL looks for match with 
> DEFAULT11489 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:09 2006: DEBUG: Radius::AuthSQL REJECT: Bad Password: 
> DEFAULT11489 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:09 2006: DEBUG: Query is: 'select password from 
> subscriber where username='rpingar' and domain='voip.convergenze.it'':
> Sun Jan  1 11:37:09 2006: DEBUG: Radius::AuthSQL looks for match with 
> DEFAULT11490 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:09 2006: DEBUG: Radius::AuthSQL REJECT: Bad Password: 
> DEFAULT11490 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:09 2006: DEBUG: Query is: 'select password from 
> subscriber where username='rpingar' and domain='voip.convergenze.it'':
> Sun Jan  1 11:37:09 2006: DEBUG: Radius::AuthSQL looks for match with 
> DEFAULT11491 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:09 2006: DEBUG: Radius::AuthSQL REJECT: Bad Password: 
> DEFAULT11491 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:09 2006: DEBUG: Query is: 'select password from 
> subscriber where username='rpingar' and domain='voip.convergenze.it'':
> Sun Jan  1 11:37:09 2006: DEBUG: Radius::AuthSQL looks for match with 
> DEFAULT11492 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:09 2006: DEBUG: Radius::AuthSQL REJECT: Bad Password: 
> DEFAULT11492 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:09 2006: DEBUG: Query is: 'select password from 
> subscriber where username='rpingar' and domain='voip.convergenze.it'':
> Sun Jan  1 11:37:09 2006: DEBUG: Radius::AuthSQL looks for match with 
> DEFAULT11493 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:10 2006: DEBUG: Radius::AuthSQL REJECT: Bad Password: 
> DEFAULT11493 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:10 2006: DEBUG: Query is: 'select password from 
> subscriber where username='rpingar' and domain='voip.convergenze.it'':
> Sun Jan  1 11:37:10 2006: DEBUG: Radius::AuthSQL looks for match with 
> DEFAULT11494 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:10 2006: DEBUG: Radius::AuthSQL REJECT: Bad Password: 
> DEFAULT11494 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:10 2006: DEBUG: Query is: 'select password from 
> subscriber where username='rpingar' and domain='voip.convergenze.it'':
> Sun Jan  1 11:37:10 2006: DEBUG: Radius::AuthSQL looks for match with 
> DEFAULT11495 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:10 2006: DEBUG: Radius::AuthSQL REJECT: Bad Password: 
> DEFAULT11495 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:10 2006: DEBUG: Query is: 'select password from 
> subscriber where username='rpingar' and domain='voip.convergenze.it'':
> Sun Jan  1 11:37:10 2006: DEBUG: Radius::AuthSQL looks for match with 
> DEFAULT11496 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:10 2006: DEBUG: Radius::AuthSQL REJECT: Bad Password: 
> DEFAULT11496 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:10 2006: DEBUG: Query is: 'select password from 
> subscriber where username='rpingar' and domain='voip.convergenze.it'':
> Sun Jan  1 11:37:10 2006: DEBUG: Radius::AuthSQL looks for match with 
> DEFAULT11497 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:10 2006: DEBUG: Radius::AuthSQL REJECT: Bad Password: 
> DEFAULT11497 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:10 2006: DEBUG: Query is: 'select password from 
> subscriber where username='rpingar' and domain='voip.convergenze.it'':
> Sun Jan  1 11:37:10 2006: DEBUG: Radius::AuthSQL looks for match with 
> DEFAULT11498 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:10 2006: DEBUG: Radius::AuthSQL REJECT: Bad Password: 
> DEFAULT11498 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:10 2006: DEBUG: Query is: 'select password from 
> subscriber where username='rpingar' and domain='voip.convergenze.it'':
> Sun Jan  1 11:37:10 2006: DEBUG: Radius::AuthSQL looks for match with 
> DEFAULT11499 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:10 2006: DEBUG: Radius::AuthSQL REJECT: Bad Password: 
> DEFAULT11499 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:10 2006: DEBUG: Query is: 'select password from 
> subscriber where username='rpingar' and domain='voip.convergenze.it'':
> Sun Jan  1 11:37:10 2006: DEBUG: Radius::AuthSQL looks for match with 
> DEFAULT11500 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:10 2006: DEBUG: Radius::AuthSQL REJECT: Bad Password: 
> DEFAULT11500 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:10 2006: DEBUG: Query is: 'select password from 
> subscriber where username='rpingar' and domain='voip.convergenze.it'':
> Sun Jan  1 11:37:10 2006: DEBUG: Radius::AuthSQL looks for match with 
> DEFAULT11501 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:10 2006: DEBUG: Radius::AuthSQL REJECT: Bad Password: 
> DEFAULT11501 [rpingar at voip.convergenze.it]
> Sun Jan  1 11:37:10 2006: DEBUG: Query is: 'select password from 
> subscriber where username='rpingar' and domain='voip.convergenze.it'':
> Sun Jan  1 11:37:10 2006: DEBUG: Radius::AuthSQL looks for match with 
> DEFAULT11502 [rpingar at voip.convergenze.it]
>
> The client stops only about timeout and not get the access-reject.
> At the moment it seems more related to radius confeg that the client one. 
> Beacuse logging on port 1812 on the radius server I don't get such long 
> access-request but only the few request it should normally receive and at 
> same time I don't see the reject message leaving the server to the client.
>
> Can you help me to understand what is going on?
>
> Thanks
> Rosario
> </Handler>
>
>
> Now the problem is that when I try to authenticate with the right infos 
> everything is fine and working. When I try with the wrong one I got this 
> kind of behaviour:
>
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
> 


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list