i have now converted k/auth_radius module to use the famed s/auth module. all functionality of existing auth_radius is preserved except for this:
If an empty string "" is used (as realm parameter) then the server will generate it from the request. In case of REGISTER requests To header field domain will be used (because this header field represents a user being registered), for all other messages From header field domain will be used.
so the user needs to always give the realm ($td/$fd/...).
regarding s/auth module, there are differences in parameters as compared to k auth module and www_challenge()/proxy_challenge() have been replaced by digest_challenge avp. this will be shown in README example.
is it ok if i commit the changes or does anyone else care if i'm the only radius user?
-- juha