<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=GB2312" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
On another front... I ma having tough time with Mysql 5.0.41 and
FreeRadius 1.1.6<br>
This is needed for OpenSER 1.2.1<br>
<br>
Compilation of freeRadius went fine and I got rlm_sql_mysql modules<br>
but radius -X cant start.<br>
<br>
sql: safe-characters =
"@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"<br>
rlm_sql (sql): Could not link driver rlm_sql_mysql: ld.so.1: radiusd:
fatal: libmtmalloc.so.1: DF_1_NOOPEN tagged object may not be
dlopen()'ed<br>
rlm_sql (sql): Make sure it (and all its dependent libraries!) are in
the search path of your system's ld.<br>
radiusd.conf[14]: sql: Module instantiation failed.<br>
radiusd.conf[1861] Unknown module "sql".<br>
radiusd.conf[1788] Failed to parse authorize section.<br>
<br>
Anyone know how to fix it ?<br>
<br>
<br>
Lee Jacky wrote:
<blockquote cite="mid135621.43861.qm@web15113.mail.cnb.yahoo.com"
type="cite">
<pre wrap="">So do I.
I also meet this problem.
radius_is_user_in() is not working correctly. I have
found many ones meet this problem.
Has anyone solved it?
--- Neeraj Gupta <a class="moz-txt-link-rfc2396E" href="mailto:Neeraj.Gupta@Sun.COM"><Neeraj.Gupta@Sun.COM></a>дµÀ:
</pre>
<blockquote type="cite">
<pre wrap="">No, there is no radius request generated under this
scenario.
But the problem goes away when I comment out the
radius_is_user_in section.
I found another email thread on this same topic.
</pre>
</blockquote>
<pre wrap=""><!----><a class="moz-txt-link-freetext" href="http://osdir.com/ml/voip.openser.user/2005-10/msg00230.html">http://osdir.com/ml/voip.openser.user/2005-10/msg00230.html</a>
</pre>
<blockquote type="cite">
<pre wrap="">But in my case, I dont see radius request in radiusd
-X output.
-Neeraj
Bogdan-Andrei Iancu wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Hi Neeraj,
that is quite odd as the "credentials received are
</pre>
</blockquote>
<pre wrap="">not filled
</pre>
<blockquote type="cite">
<pre wrap="">properly" is generated by the authentication API
</pre>
</blockquote>
<pre wrap="">(auth module) and has
</pre>
<blockquote type="cite">
<pre wrap="">nothing to do with radius_is_user_in().
when hitting radius_is_user_in(), does the process
</pre>
</blockquote>
<pre wrap="">get blocked or it
</pre>
<blockquote type="cite">
<pre wrap="">just go through without doing anything? Can you
</pre>
</blockquote>
<pre wrap="">check with
</pre>
<blockquote type="cite">
<pre wrap="">ngrep/tcpdump if any radius request is sent by
</pre>
</blockquote>
<pre wrap="">radius_is_user_in()?
</pre>
<blockquote type="cite">
<pre wrap="">regards,
bogdan
Neeraj Gupta wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Thanks Bogdan.
I spent a lot of time yesterday to troubleshoot
</pre>
</blockquote>
</blockquote>
<pre wrap="">my own problem.
</pre>
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">Its much better now. Here is the latest.
I found out that the routing script has a section
</pre>
</blockquote>
</blockquote>
<pre wrap="">which was causing
</pre>
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">all this.
# check if user is suspended
</pre>
</blockquote>
</blockquote>
</blockquote>
<pre wrap=""><!---->if(is_method("REGISTER|INVITE|MESSAGE|OPTIONS|SUBSCRIBE"))
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap=""> {
if (radius_is_user_in("From",
</pre>
</blockquote>
</blockquote>
<pre wrap="">"suspended")) {
</pre>
<blockquote type="cite">
<blockquote type="cite">
<pre wrap=""> sl_send_reply("403", "Forbidden -
</pre>
</blockquote>
</blockquote>
<pre wrap="">suspended");
</pre>
<blockquote type="cite">
<blockquote type="cite">
<pre wrap=""> exit;
};
};
I confirmed that is_method function works fine
</pre>
</blockquote>
</blockquote>
<pre wrap="">but when the call hits
</pre>
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">radius_is_user_in, it does not go through
and I see "credentials received are not properly
</pre>
</blockquote>
</blockquote>
<pre wrap="">filled in" on
</pre>
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">openser. When I commented out this and other
</pre>
</blockquote>
</blockquote>
<pre wrap="">radius_is_user_in and
</pre>
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">re-ran, all is well.
Any clue on whats missing here ?
I am thinking of creating a how-to doc on openser
</pre>
</blockquote>
</blockquote>
<pre wrap="">wiki after
</pre>
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">completing my tests.
Thanks,
Neeraj
Sun Microsystems
Bogdan-Andrei Iancu wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Hi Neeraj,
The "pre_auth(): credentials received are not
</pre>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">filled properly" is
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">generated in multiple cases, like missing
</pre>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">username/realm/nonce, etc.
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">Check your register request to see if it has all
</pre>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">the required info
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">in the auth hdr.
Logs in debug=6 are also useful.
regards,
bogdan
Neeraj Gupta wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Hi,
I switched to OpenSER 1.2.1 last week, from ser
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">0.9.6.
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">And this is first time I am trying to use
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">FreeRADIUS 1.1.6 with
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">OpenSER 1.2.1
I followed instructions on web based on 1.0.1
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">and made some changes
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">by hand to adapt to 1.2.1 model.
This was my reference:
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap=""><a class="moz-txt-link-abbreviated" href="http://www.*openser*.org/docs/*openser*-radius-1.0.x.html">www.*openser*.org/docs/*openser*-radius-1.0.x.html</a>
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">I can start OpenSER, no issues but I am not
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">able to use SiPP UA.
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">Openser does not respond back to UA (no
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">incoming message in
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">ethereal/wireshark).
Openser reports that "pre_auth(): credentials
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">received are not
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">filled properly".
I tried to comment out the avp sections in
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">openser.cfg.. but Its
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">not helping.
Please see my logs and configs below. If
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">someone can send me a
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">working config file, I will be very thankful.
If more info needed, let me know.
_*# openser -V*_
version: openser 1.2.1-tls (sparc64/solaris)
flags: STATS: Off, USE_IPV6, USE_TCP, USE_TLS,
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">DISABLE_NAGLE,
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">USE_MCAST, SHM_MEM, SHM_MMAP, PKG_MALLOC,
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">F_MALLOC,
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">FAST_LOCK-ADAPTIVE_WAIT
ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">262144, MAX_LISTEN
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">16, MAX_URI_SIZE 1024, BUF_SIZE 65535
poll method support: poll, select, /dev/poll.
svnrevision: unknown
@(#) $Id: main.c 1827 2007-03-12 15:22:53Z
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">bogdan_iancu $
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">main.c compiled on 23:04:19 Jun 26 2007 with
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">gcc 3.4.6
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">_*Radius users file*_
# from website examples
### --- avps ---
<a class="moz-txt-link-abbreviated" href="mailto:101@192.168.4.128">101@192.168.4.128</a> Auth-Type := Accept,
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">Service-Type ==
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">"SIP-Callee-AVPs"
Sip-Avp += "#3#1",
Sip-Avp += "#4:08:00",
Sip-Avp += "#5:16:00",
Sip-Avp += "#6:Mon,Wed,Thu,Fri"
<a class="moz-txt-link-abbreviated" href="mailto:102@192.168.4.128">102@192.168.4.128</a> Auth-Type := Accept,
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">Service-Type ==
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">"SIP-Callee-AVPs"
Sip-Avp += "#3#1",
Sip-Avp += "#4:08:00",
Sip-Avp += "#5:16:00",
Sip-Avp += "#6:Mon,Wed,Thu,Fri"
DEFAULT Auth-Type := Accept, Service-Type ==
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">"SIP-Callee-AVPs"
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">### --- group checking ---
### --- user 101 ---
<a class="moz-txt-link-abbreviated" href="mailto:101@192.168.4.128">101@192.168.4.128</a> Auth-Type := Accept,
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">Sip-Group == "voip",
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">Service-Type == "Group-Check"
Reply-Message = "Authorized"
<a class="moz-txt-link-abbreviated" href="mailto:101@192.168.4.128">101@192.168.4.128</a> Auth-Type := Accept,
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">Sip-Group == "pstn",
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">Service-Type == "Group-Check"
Reply-Message = "Authorized"
### --- user 102 ---
<a class="moz-txt-link-abbreviated" href="mailto:102@192.168.4.128">102@192.168.4.128</a> Auth-Type := Accept,
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">Sip-Group == "voip",
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">Service-Type == "Group-Check"
Reply-Message = "Authorized"
DEFAULT Auth-Type := Reject, Service-Type ==
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">"Group-Check"
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">### --- user authentication ---
<a class="moz-txt-link-abbreviated" href="mailto:101@192.168.4.128">101@192.168.4.128</a> Auth-Type := Digest,
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">User-Password == "101"
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap=""> Reply-Message = "Authenticated",
Sip-Avp += "rpid:101",
Sip-Avp += "#2:192.168.4.101",
Sip-Avp += "#2:192.168.4.100"
<a class="moz-txt-link-abbreviated" href="mailto:102@192.168.4.128">102@192.168.4.128</a> Auth-Type := Digest,
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">User-Password == "102"
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap=""> Reply-Message = "Authenticated",
Sip-Avp += "rpid:102",
Sip-Avp += "#2:192.168.4.101"
# test user
test Auth-Type := Digest, User-Password ==
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">"test"
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap=""> Reply-Message = "Hello, test with
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">digest"
</pre>
</blockquote>
<pre wrap=""><!---->=== message truncated ===
___________________________________________________________
ÑÅ»¢Ãâ·ÑÓÊÏä3.5GÈÝÁ¿£¬20M¸½¼þ£¡
<a class="moz-txt-link-freetext" href="http://cn.mail.yahoo.com/">http://cn.mail.yahoo.com/</a>
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
-------------------------------------------------------------
o Neeraj Gupta email: <a class="moz-txt-link-abbreviated" href="mailto:neeraj.gupta@sun.com">neeraj.gupta@sun.com</a>
o Netra Systems & Networking phone: +1(408) 276-7214 x71214
o Sun Microsystems, Inc. fax : +1(408) 276-4552
o 4120 Network Circle, USCA12-216, Santa Clara, CA 95054, USA
-------------------------------------------------------------
</pre>
</body>
</html>