Hi
I'm playing with this right now, so I'll try to comment a bit
Lucas Aimaretto wrote:
... And this is the radclient OUTPUT ...
Received response ID 86, code 2, length = 52 Vendor-9-Attr-102 = 0x683332332d6372656469742d616d6f756e743d31392e3030
the correct response should be
Login OK: [test] (from client localhost port 0) Sending Access-Accept of id 188 to 127.0.0.1:32769 Reply-Message = "Hello, test with digest"
if I recall correctly, IC-RADIUS is based on Cistron RADIUS. Cistron RADIUS don't have digest auth support, and it seems never will. Cistron's author recommend to use FreeRADIUS instead, which has the Digest support and correctly give the result shown above
so... I drop my Cistron RADIUS and installed FreeRADIUS to see how it behave on my test server
Questions:
- Although I sent to radius diferent ATTRIBUTES, RADIUS recognized all
of them (except for one, Digest-Response) as Digest-Attributes. Why is that?
may be because IC-RADIUS doesn't have digest support?
- All of the values sent to RADIUS, for each attribute, are different
from the ones originally sent. For example ...
sent: Digest-Method = "INVITE" received: Digest-Attributes = "\003\010INVITE"
So you see the "\003\010" chars in front of the string "INVITE" ... Why is that?
I also noticed that with FreeRADIUS. no clue on this one
Well, I hope you can clarify some (better if all of them ;-) ) of my doubts.
one thing I could not find was an example ser.cfg that logs the calls via RADIUS. All posts I found tend to guide to
http://www.iptel.org/ser/doc/modules/html/acc.html
but I'm far new to SER to be able to convert the man page on a working example ;-)
I'm using pretty much the etc/nathelper.cfg example config on my tests.
hope this helps
Cheers !3runo