-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Does this error means something to somebody?? Thanks ERROR:acc:acc_rad_request: radius-ing failed
My openser.cfg
# -- acc params (with radius )-- modparam("acc", "radius_config", "/etc/radiusclient-ng/radiusclient.conf") modparam("acc", "radius_flag", 1) modparam("acc", "radius_missed_flag", 2)
.....
################### SET RADIUS ACCOUTING FLAGS ################################# # Set the acc flags xlog("JUSTE BEFORE SETTING FLAGS FOR RADIUS\r\n"); if(is_method("INVITE") && !has_totag()) { xlog("L_INFO", "I AM SETTING THE FLAGS FOR RADIUS \r\n"); $avp(can_uri) = $ru; # SIP Request's URI $avp(billing_party) = "sip:" + $au + "@" + $ar; # From URI $avp(user_name) = $fu; xlog("!!!! FROM TAG = $ft\r\n");
xlog("SETTING FLAGS 1 & 2 FOR RADIUS \r\n"); setflag(1); # radius_flag setflag(2); # radius_missed_flag };
DEBUG OUTPUT:
3(26026) DEBUG: update_totag_set: new totag 3(26026) DEBUG: add_to_tail_of_timer[2]: 0x2b898c7eb9d0 (12) 3(26026) DEBUG:tm:relay_reply: sent buf=0x61d2e8: SIP/2.0 2..., shmem=0x2b898c7ed7a8: SIP/2.0 2 3(26026) DBG: trans=0x2b898c7eb950, callback type 128, id 0 entered 3(26026) ERROR:acc:acc_rad_request: radius-ing failed 3(26026) DEBUG: cleanup_uac_timers: RETR/FR timers reset 3(26026) DEBUG:tm:UNREF_UNSAFE: after is 0 3(26026) DEBUG:destroy_avp_list: destroying list (nil) 3(26026) receive_msg: cleaning up 1(26024) SIP Request: 1(26024) method: <ACK> 1(26024) uri: sip:105@82.127.0.79:1030;user=phone;nat=yes 1(26024) version: <SIP/2.0> 1(26024) parse_headers: flags=2 1(26024) Found param type 232, <branch> = <z9hG4bK2175363103192047157>; state=16 1(26024) end of header reached, state=5 1(26024) parse_headers: Via found, flags=2 1(26024) parse_headers: this is the first via
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
It seems that the credentials send by radiusclient from openser are wrong whereas when I use a rastest, it's working! Strange!
rad_recv: Accounting-Request packet from host 213.91.4.213:34734, id=43, length=293 Received Accounting-Request packet from 213.91.4.213 with invalid signature! (Shared secret is incorrect.) Dropping packet without response. Finished request 24 Going to the next request - --- Walking the entire request list --- Waking up in 6 seconds... - --- Walking the entire request list --- Cleaning up request 24 ID 43 with timestamp 46f23ab0 Nothing to do. Sleeping until we see a request. rad_recv: Accounting-Request packet from host 213.91.4.213:34734, id=43, length=293 Received Accounting-Request packet from 213.91.4.213 with invalid signature! (Shared secret is incorrect.) Dropping packet without response. Finished request 25 Going to the next request - --- Walking the entire request list --- Waking up in 6 seconds... - --- Walking the entire request list --- Cleaning up request 25 ID 43 with timestamp 46f23aba Nothing to do. Sleeping until we see a request.
Marc LEURENT a écrit :
Does this error means something to somebody?? Thanks ERROR:acc:acc_rad_request: radius-ing failed
My openser.cfg
# -- acc params (with radius )-- modparam("acc", "radius_config", "/etc/radiusclient-ng/radiusclient.conf") modparam("acc", "radius_flag", 1) modparam("acc", "radius_missed_flag", 2)
.....
################### SET RADIUS ACCOUTING FLAGS ################################# # Set the acc flags xlog("JUSTE BEFORE SETTING FLAGS FOR RADIUS\r\n"); if(is_method("INVITE") && !has_totag()) { xlog("L_INFO", "I AM SETTING THE FLAGS FOR RADIUS \r\n"); $avp(can_uri) = $ru; # SIP Request's URI $avp(billing_party) = "sip:" + $au + "@" + $ar; # From URI $avp(user_name) = $fu; xlog("!!!! FROM TAG = $ft\r\n");
xlog("SETTING FLAGS 1 & 2 FOR RADIUS \r\n"); setflag(1); # radius_flag setflag(2); # radius_missed_flag };DEBUG OUTPUT:
3(26026) DEBUG: update_totag_set: new totag 3(26026) DEBUG: add_to_tail_of_timer[2]: 0x2b898c7eb9d0 (12) 3(26026) DEBUG:tm:relay_reply: sent buf=0x61d2e8: SIP/2.0 2..., shmem=0x2b898c7ed7a8: SIP/2.0 2 3(26026) DBG: trans=0x2b898c7eb950, callback type 128, id 0 entered 3(26026) ERROR:acc:acc_rad_request: radius-ing failed 3(26026) DEBUG: cleanup_uac_timers: RETR/FR timers reset 3(26026) DEBUG:tm:UNREF_UNSAFE: after is 0 3(26026) DEBUG:destroy_avp_list: destroying list (nil) 3(26026) receive_msg: cleaning up 1(26024) SIP Request: 1(26024) method: <ACK> 1(26024) uri: sip:105@82.127.0.79:1030;user=phone;nat=yes 1(26024) version: <SIP/2.0> 1(26024) parse_headers: flags=2 1(26024) Found param type 232, <branch> = <z9hG4bK2175363103192047157>; state=16 1(26024) end of header reached, state=5 1(26024) parse_headers: Via found, flags=2 1(26024) parse_headers: this is the first via
_______________________________________________ Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
Hi Marc,
I recall this problem when working on 64-bit machines. Seems that radiusclient-ng needed a patch. Not sure if the current CVS has this problem fixed.
The radiusclient distribution is here: http://developer.berlios.de/projects/radiusclient-ng/ Take a look at the 64-bit patches.
If your machines aren't 64-bit, your problem may be somewhere else.
Regards, Norm
Marc LEURENT wrote:
It seems that the credentials send by radiusclient from openser are wrong whereas when I use a rastest, it's working! Strange!
rad_recv: Accounting-Request packet from host 213.91.4.213:34734, id=43, length=293 Received Accounting-Request packet from 213.91.4.213 with invalid signature! (Shared secret is incorrect.) Dropping packet without response. Finished request 24 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 24 ID 43 with timestamp 46f23ab0 Nothing to do. Sleeping until we see a request. rad_recv: Accounting-Request packet from host 213.91.4.213:34734, id=43, length=293 Received Accounting-Request packet from 213.91.4.213 with invalid signature! (Shared secret is incorrect.) Dropping packet without response. Finished request 25 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 25 ID 43 with timestamp 46f23aba Nothing to do. Sleeping until we see a request.
Marc LEURENT a écrit :
Does this error means something to somebody?? Thanks ERROR:acc:acc_rad_request: radius-ing failed
My openser.cfg
# -- acc params (with radius )-- modparam("acc", "radius_config",
"/etc/radiusclient-ng/radiusclient.conf")
modparam("acc", "radius_flag", 1) modparam("acc", "radius_missed_flag", 2)
.....
################### SET RADIUS ACCOUTING FLAGS
#################################
# Set the acc flags xlog("JUSTE BEFORE SETTING FLAGS FOR RADIUS\r\n"); if(is_method("INVITE") && !has_totag()) { xlog("L_INFO", "I AM SETTING THE FLAGS FOR RADIUS \r\n"); $avp(can_uri) = $ru; # SIP Request's URI $avp(billing_party) = "sip:" + $au + "@" + $ar; #From URI
$avp(user_name) = $fu; xlog("!!!! FROM TAG = $ft\r\n");xlog("SETTING FLAGS 1 & 2 FOR RADIUS \r\n"); setflag(1); # radius_flag setflag(2); # radius_missed_flag };DEBUG OUTPUT:
3(26026) DEBUG: update_totag_set: new totag 3(26026) DEBUG: add_to_tail_of_timer[2]: 0x2b898c7eb9d0 (12) 3(26026) DEBUG:tm:relay_reply: sent buf=0x61d2e8: SIP/2.0 2...,
shmem=0x2b898c7ed7a8: SIP/2.0 2
3(26026) DBG: trans=0x2b898c7eb950, callback type 128, id 0 entered 3(26026) ERROR:acc:acc_rad_request: radius-ing failed 3(26026) DEBUG: cleanup_uac_timers: RETR/FR timers reset 3(26026) DEBUG:tm:UNREF_UNSAFE: after is 0 3(26026) DEBUG:destroy_avp_list: destroying list (nil) 3(26026) receive_msg: cleaning up 1(26024) SIP Request: 1(26024) method: <ACK> 1(26024) uri: sip:105@82.127.0.79:1030;user=phone;nat=yes 1(26024) version: <SIP/2.0> 1(26024) parse_headers: flags=2 1(26024) Found param type 232, <branch> =
<z9hG4bK2175363103192047157>; state=16
1(26024) end of header reached, state=5 1(26024) parse_headers: Via found, flags=2 1(26024) parse_headers: this is the first via
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
_______________________________________________ Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
THANKS! Indeed, my computer is a 64bit platform! I'm going to test the patch!
Norman Brandinger a écrit :
Hi Marc,
I recall this problem when working on 64-bit machines. Seems that radiusclient-ng needed a patch. Not sure if the current CVS has this problem fixed.
The radiusclient distribution is here: http://developer.berlios.de/projects/radiusclient-ng/ Take a look at the 64-bit patches.
If your machines aren't 64-bit, your problem may be somewhere else.
Regards, Norm
Marc LEURENT wrote:
It seems that the credentials send by radiusclient from openser are wrong whereas when I use a rastest, it's working! Strange!
rad_recv: Accounting-Request packet from host 213.91.4.213:34734, id=43, length=293 Received Accounting-Request packet from 213.91.4.213 with invalid signature! (Shared secret is incorrect.) Dropping packet without response. Finished request 24 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 24 ID 43 with timestamp 46f23ab0 Nothing to do. Sleeping until we see a request. rad_recv: Accounting-Request packet from host 213.91.4.213:34734, id=43, length=293 Received Accounting-Request packet from 213.91.4.213 with invalid signature! (Shared secret is incorrect.) Dropping packet without response. Finished request 25 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 25 ID 43 with timestamp 46f23aba Nothing to do. Sleeping until we see a request.
Marc LEURENT a écrit :
Does this error means something to somebody?? Thanks ERROR:acc:acc_rad_request: radius-ing failed
My openser.cfg
# -- acc params (with radius )-- modparam("acc", "radius_config",
"/etc/radiusclient-ng/radiusclient.conf")
modparam("acc", "radius_flag", 1) modparam("acc", "radius_missed_flag", 2)
.....
################### SET RADIUS ACCOUTING FLAGS
#################################
# Set the acc flags xlog("JUSTE BEFORE SETTING FLAGS FOR RADIUS\r\n"); if(is_method("INVITE") && !has_totag()) { xlog("L_INFO", "I AM SETTING THE FLAGS FOR RADIUS \r\n"); $avp(can_uri) = $ru; # SIP Request's URI $avp(billing_party) = "sip:" + $au + "@" + $ar; #From URI
$avp(user_name) = $fu; xlog("!!!! FROM TAG = $ft\r\n"); xlog("SETTING FLAGS 1 & 2 FOR RADIUS \r\n"); setflag(1); # radius_flag setflag(2); # radius_missed_flag };DEBUG OUTPUT: 3(26026) DEBUG: update_totag_set: new totag 3(26026) DEBUG: add_to_tail_of_timer[2]: 0x2b898c7eb9d0 (12) 3(26026) DEBUG:tm:relay_reply: sent buf=0x61d2e8: SIP/2.0 2...,
shmem=0x2b898c7ed7a8: SIP/2.0 2
3(26026) DBG: trans=0x2b898c7eb950, callback type 128, id 0 entered 3(26026) ERROR:acc:acc_rad_request: radius-ing failed 3(26026) DEBUG: cleanup_uac_timers: RETR/FR timers reset 3(26026) DEBUG:tm:UNREF_UNSAFE: after is 0 3(26026) DEBUG:destroy_avp_list: destroying list (nil) 3(26026) receive_msg: cleaning up 1(26024) SIP Request: 1(26024) method: <ACK> 1(26024) uri: sip:105@82.127.0.79:1030;user=phone;nat=yes 1(26024) version: <SIP/2.0> 1(26024) parse_headers: flags=2 1(26024) Found param type 232, <branch> =
<z9hG4bK2175363103192047157>; state=16
1(26024) end of header reached, state=5 1(26024) parse_headers: Via found, flags=2 1(26024) parse_headers: this is the first via
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
OK, if someone wants to use OpenSER + Freeradius accounting on a 64 bits platform, libradiusclient-ng2-0.5.5-1 sould be use, otherwise it won't work
Have a nice day
Marc LEURENT a écrit :
THANKS! Indeed, my computer is a 64bit platform! I'm going to test the patch!
Norman Brandinger a écrit :
Hi Marc,
I recall this problem when working on 64-bit machines. Seems that radiusclient-ng needed a patch. Not sure if the current CVS has this problem fixed.
The radiusclient distribution is here: http://developer.berlios.de/projects/radiusclient-ng/ Take a look at the 64-bit patches.
If your machines aren't 64-bit, your problem may be somewhere else.
Regards, Norm
Marc LEURENT wrote:
It seems that the credentials send by radiusclient from openser are wrong whereas when I use a rastest, it's working! Strange!
rad_recv: Accounting-Request packet from host 213.91.4.213:34734, id=43, length=293 Received Accounting-Request packet from 213.91.4.213 with invalid signature! (Shared secret is incorrect.) Dropping packet without response. Finished request 24 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 24 ID 43 with timestamp 46f23ab0 Nothing to do. Sleeping until we see a request. rad_recv: Accounting-Request packet from host 213.91.4.213:34734, id=43, length=293 Received Accounting-Request packet from 213.91.4.213 with invalid signature! (Shared secret is incorrect.) Dropping packet without response. Finished request 25 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 25 ID 43 with timestamp 46f23aba Nothing to do. Sleeping until we see a request.
Marc LEURENT a écrit :
Does this error means something to somebody?? Thanks ERROR:acc:acc_rad_request: radius-ing failed My openser.cfg # -- acc params (with radius )-- modparam("acc", "radius_config",
"/etc/radiusclient-ng/radiusclient.conf")
modparam("acc", "radius_flag", 1) modparam("acc", "radius_missed_flag", 2) ..... ################### SET RADIUS ACCOUTING FLAGS
#################################
# Set the acc flags xlog("JUSTE BEFORE SETTING FLAGS FOR RADIUS\r\n"); if(is_method("INVITE") && !has_totag()) { xlog("L_INFO", "I AM SETTING THE FLAGS FOR RADIUS \r\n"); $avp(can_uri) = $ru; # SIP Request's URI $avp(billing_party) = "sip:" + $au + "@" + $ar; #From URI
$avp(user_name) = $fu; xlog("!!!! FROM TAG = $ft\r\n"); xlog("SETTING FLAGS 1 & 2 FOR RADIUS \r\n"); setflag(1); # radius_flag setflag(2); # radius_missed_flag };DEBUG OUTPUT: 3(26026) DEBUG: update_totag_set: new totag 3(26026) DEBUG: add_to_tail_of_timer[2]: 0x2b898c7eb9d0 (12) 3(26026) DEBUG:tm:relay_reply: sent buf=0x61d2e8: SIP/2.0 2...,
shmem=0x2b898c7ed7a8: SIP/2.0 2
3(26026) DBG: trans=0x2b898c7eb950, callback type 128, id 0 entered 3(26026) ERROR:acc:acc_rad_request: radius-ing failed 3(26026) DEBUG: cleanup_uac_timers: RETR/FR timers reset 3(26026) DEBUG:tm:UNREF_UNSAFE: after is 0 3(26026) DEBUG:destroy_avp_list: destroying list (nil) 3(26026) receive_msg: cleaning up 1(26024) SIP Request: 1(26024) method: <ACK> 1(26024) uri: sip:105@82.127.0.79:1030;user=phone;nat=yes 1(26024) version: <SIP/2.0> 1(26024) parse_headers: flags=2 1(26024) Found param type 232, <branch> =
<z9hG4bK2175363103192047157>; state=16
1(26024) end of header reached, state=5 1(26024) parse_headers: Via found, flags=2 1(26024) parse_headers: this is the first via
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
_______________________________________________ Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
Hi, Marc...
I'll have to move an OpenSER from the test machine (OpenSUSE/P4) to a XEON (OpenSUSE/64-bits).
So I'm curious to understand why are You saying that only with this version it will work? The one finded on the site indicated by Norman didn't work?
How did You solve this issue, Norman?
Edson
-----Original Message----- From: users-bounces@openser.org [mailto:users-bounces@openser.org] On Behalf Of Marc LEURENT Sent: quinta-feira, 20 de setembro de 2007 11:04 To: Norman Brandinger Cc: users@openser.org Subject: Re: [OpenSER-Users] OpenSER + FreeRadius error (solved)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
OK, if someone wants to use OpenSER + Freeradius accounting on a 64 bits platform, libradiusclient-ng2-0.5.5-1 sould be use, otherwise it won't work
Have a nice day
Marc LEURENT a écrit :
THANKS! Indeed, my computer is a 64bit platform! I'm going to test the patch!
Norman Brandinger a écrit :
Hi Marc,
I recall this problem when working on 64-bit machines. Seems that radiusclient-ng needed a patch. Not sure if the current CVS has this problem fixed.
The radiusclient distribution is here: http://developer.berlios.de/projects/radiusclient-ng/ Take a look at the 64-bit patches.
If your machines aren't 64-bit, your problem may be somewhere else.
Regards, Norm
Marc LEURENT wrote:
It seems that the credentials send by radiusclient from openser are wrong whereas when I use a rastest, it's working! Strange!
rad_recv: Accounting-Request packet from host 213.91.4.213:34734, id=43, length=293 Received Accounting-Request packet from 213.91.4.213 with invalid signature! (Shared secret is incorrect.) Dropping packet without response. Finished request 24 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 24 ID 43 with timestamp 46f23ab0 Nothing to do. Sleeping until we see a request. rad_recv: Accounting-Request packet from host 213.91.4.213:34734, id=43, length=293 Received Accounting-Request packet from 213.91.4.213 with invalid signature! (Shared secret is incorrect.) Dropping packet without response. Finished request 25 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 25 ID 43 with timestamp 46f23aba Nothing to do. Sleeping until we see a request.
Marc LEURENT a écrit :
Does this error means something to somebody?? Thanks ERROR:acc:acc_rad_request: radius-ing failed My openser.cfg # -- acc params (with radius )-- modparam("acc", "radius_config",
"/etc/radiusclient-ng/radiusclient.conf")
modparam("acc", "radius_flag", 1) modparam("acc", "radius_missed_flag", 2) ..... ################### SET RADIUS ACCOUTING FLAGS
#################################
# Set the acc flags xlog("JUSTE BEFORE SETTING FLAGS FOR RADIUS\r\n"); if(is_method("INVITE") && !has_totag()) { xlog("L_INFO", "I AM SETTING THE FLAGS FOR RADIUS\r\n");
$avp(can_uri) = $ru; # SIP Request's URI $avp(billing_party) = "sip:" + $au + "@" + $ar; #From URI
$avp(user_name) = $fu; xlog("!!!! FROM TAG = $ft\r\n"); xlog("SETTING FLAGS 1 & 2 FOR RADIUS \r\n"); setflag(1); # radius_flag setflag(2); # radius_missed_flag };DEBUG OUTPUT: 3(26026) DEBUG: update_totag_set: new totag 3(26026) DEBUG: add_to_tail_of_timer[2]: 0x2b898c7eb9d0 (12) 3(26026) DEBUG:tm:relay_reply: sent buf=0x61d2e8: SIP/2.0 2...,
shmem=0x2b898c7ed7a8: SIP/2.0 2
3(26026) DBG: trans=0x2b898c7eb950, callback type 128, id 0 entered 3(26026) ERROR:acc:acc_rad_request: radius-ing failed 3(26026) DEBUG: cleanup_uac_timers: RETR/FR timers reset 3(26026) DEBUG:tm:UNREF_UNSAFE: after is 0 3(26026) DEBUG:destroy_avp_list: destroying list (nil) 3(26026) receive_msg: cleaning up 1(26024) SIP Request: 1(26024) method: <ACK> 1(26024) uri: sip:105@82.127.0.79:1030;user=phone;nat=yes 1(26024) version: <SIP/2.0> 1(26024) parse_headers: flags=2 1(26024) Found param type 232, <branch> =
<z9hG4bK2175363103192047157>; state=16
1(26024) end of header reached, state=5 1(26024) parse_headers: Via found, flags=2 1(26024) parse_headers: this is the first via
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFG8n3kqjpLE0HiOBYRAtsqAJ4+H6RlW9x8Triqfc6W1o1+B6U9MwCeKrz2 sdfq4g8Ijh6hYbFc99nWT/s= =iLbX -----END PGP SIGNATURE-----
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
The issue I am referring to is this (and is not related to any specific release of radiusclient-ng):
md5 hashes are not correct on 64bit platforms. http://developer.berlios.de/bugs/?func=detailbug&bug_id=7442&group_i...
I've applied this patch on various versions of radiusclient-ng and had success.
This problem was discussed previously, for example: http://www.openser.org/pipermail/users/2006-August/006247.html I found that applying the patch worked in cases where the latest CVS didn't work. This was a while ago (perhaps as long as a year ago).
The patch itself isn't very long and you may find it easier to manually apply it (as I remember, I just manually applied it).
--- ../../radiusclient-ng-0.5.2/include/radiusclient-ng.h 2005-11-07 12:46:37.000000000 -0700 +++ radiusclient-ng.h 2006-09-19 17:32:54.725650893 -0600 @@ -19,6 +19,7 @@
#include <sys/types.h> #include <stdio.h> +#include <stdint.h> #include <time.h>
#undef __BEGIN_DECLS @@ -31,8 +32,8 @@ # define __END_DECLS /* empty */ #endif
-typedef unsigned long UINT4; -typedef long INT4; +#define UINT4 uint32_t +#define INT4 int32_t
#define AUTH_VECTOR_LEN 16 #define AUTH_PASS_LEN (3 * 16) /* multiple of 16 */
On a related topic, I recently loaded the current development versions of both freeradius and radiusclient-ng. When I tried to remove the radiusclient-ng dictionary overrides, it was surprising to note that, for example, the octet attribute type isn't supported in radiusclient-ng. It seems that this piece of code has not kept pace with other radius development efforts. That said, the current development copies of openser, freeradius and radiusclient-ng appear to play nicely with each other.
Regards, Norm
Edson wrote:
Hi, Marc...
I'll have to move an OpenSER from the test machine (OpenSUSE/P4) to a XEON (OpenSUSE/64-bits).
So I'm curious to understand why are You saying that only with this version it will work? The one finded on the site indicated by Norman didn't work?
How did You solve this issue, Norman?
Edson
-----Original Message----- From: users-bounces@openser.org [mailto:users-bounces@openser.org] On Behalf Of Marc LEURENT Sent: quinta-feira, 20 de setembro de 2007 11:04 To: Norman Brandinger Cc: users@openser.org Subject: Re: [OpenSER-Users] OpenSER + FreeRadius error (solved)
OK, if someone wants to use OpenSER + Freeradius accounting on a 64 bits platform, libradiusclient-ng2-0.5.5-1 sould be use, otherwise it won't work
Have a nice day
Marc LEURENT a écrit :
THANKS! Indeed, my computer is a 64bit platform! I'm going to test the patch!
Norman Brandinger a écrit :
Hi Marc, I recall this problem when working on 64-bit machines. Seems that radiusclient-ng needed a patch. Not sure if the current CVS has this problem fixed. The radiusclient distribution is here: http://developer.berlios.de/projects/radiusclient-ng/ Take a look at the 64-bit patches. If your machines aren't 64-bit, your problem may be somewhere else. Regards, Norm
Marc LEURENT wrote:
It seems that the credentials send by radiusclient from openser are wrong whereas when I use a rastest, it's working! Strange!
rad_recv: Accounting-Request packet from host 213.91.4.213:34734, id=43, length=293 Received Accounting-Request packet from 213.91.4.213 with invalid signature! (Shared secret is incorrect.) Dropping packet without response. Finished request 24 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 24 ID 43 with timestamp 46f23ab0 Nothing to do. Sleeping until we see a request. rad_recv: Accounting-Request packet from host 213.91.4.213:34734, id=43, length=293 Received Accounting-Request packet from 213.91.4.213 with invalid signature! (Shared secret is incorrect.) Dropping packet without response. Finished request 25 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 25 ID 43 with timestamp 46f23aba Nothing to do. Sleeping until we see a request.
Marc LEURENT a écrit : > Does this error means something to somebody?? > Thanks > ERROR:acc:acc_rad_request: radius-ing failed > My openser.cfg > # -- acc params (with radius )-- > modparam("acc", "radius_config", "/etc/radiusclient-ng/radiusclient.conf") > modparam("acc", "radius_flag", 1) > modparam("acc", "radius_missed_flag", 2) > ..... > ################### SET RADIUS ACCOUTING FLAGS ################################# > # Set the acc flags > xlog("JUSTE BEFORE SETTING FLAGS FOR RADIUS\r\n"); > if(is_method("INVITE") && !has_totag()) { > xlog("L_INFO", "I AM SETTING THE FLAGS FOR RADIUS
\r\n");
> $avp(can_uri) = $ru; # SIP Request's URI > $avp(billing_party) = "sip:" + $au + "@" + $ar; # From URI > $avp(user_name) = $fu; > xlog("!!!! FROM TAG = $ft\r\n"); > xlog("SETTING FLAGS 1 & 2 FOR RADIUS \r\n"); > setflag(1); # radius_flag > setflag(2); # radius_missed_flag > };
> DEBUG OUTPUT: > 3(26026) DEBUG: update_totag_set: new totag > 3(26026) DEBUG: add_to_tail_of_timer[2]: 0x2b898c7eb9d0 (12) > 3(26026) DEBUG:tm:relay_reply: sent buf=0x61d2e8: SIP/2.0 2..., shmem=0x2b898c7ed7a8: SIP/2.0 2 > 3(26026) DBG: trans=0x2b898c7eb950, callback type 128, id 0
entered
> 3(26026) ERROR:acc:acc_rad_request: radius-ing failed > 3(26026) DEBUG: cleanup_uac_timers: RETR/FR timers reset > 3(26026) DEBUG:tm:UNREF_UNSAFE: after is 0 > 3(26026) DEBUG:destroy_avp_list: destroying list (nil) > 3(26026) receive_msg: cleaning up > 1(26024) SIP Request: > 1(26024) method: <ACK> > 1(26024) uri: sip:105@82.127.0.79:1030;user=phone;nat=yes > 1(26024) version: <SIP/2.0> > 1(26024) parse_headers: flags=2 > 1(26024) Found param type 232, <branch> = <z9hG4bK2175363103192047157>; state=16 > 1(26024) end of header reached, state=5 > 1(26024) parse_headers: Via found, flags=2 > 1(26024) parse_headers: this is the first via _______________________________________________ Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
_______________________________________________ Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
-
Edson -
Marc LEURENT -
Norman Brandinger