[Serusers] ser/radius

Daniel-Constantin Mierla Daniel-Constantin.Mierla at fokus.fraunhofer.de
Thu Nov 13 13:28:24 CET 2003


Hello,
now it seems that the authentication in Radius side failed :) :

0(13462) radius_authorize_sterman(): Failure

So I need the logs from Radius server, too. Better reproduce again the 
case and send both ser and radius logs in a mail.

}Daniel

On 11/13/2003 1:12 PM, Madan wrote:

>Hi Daniel,
>here is the debug-9 level logs
>
> 0(13462) SIP Request:
> 0(13462)  method:  <REGISTER>
> 0(13462)  uri:     <sip:sip.net4india.com>
> 0(13462)  version: <SIP/2.0>
> 0(13462) parse_headers: flags=1
> 0(13462) end of header reached, state=5
> 0(13462) parse_headers: Via found, flags=1
> 0(13462) parse_headers: this is the first via
> 0(13462) After parse_msg...
> 0(13462) preparing to run routing scripts...
> 0(13462) DEBUG : is_maxfwd_present: searching for max_forwards header
> 0(13462) parse_headers: flags=128
> 0(13462) DEBUG: is_maxfwd_present: value = 70
> 0(13462) parse_headers: flags=8
> 0(13462) DEBUG: add_param: tag=b012f0317df24bc28c22c024cfa027f3
> 0(13462) DEBUG: add_param: epid=4afef3ee8a
> 0(13462) end of header reached, state=29
> 0(13462) parse_headers: flags=256
> 0(13462) end of header reached, state=9
> 0(13462) DEBUG: get_hdr_field: <To> [30]; uri=[sip:1111 at sip.net4india.com]
> 0(13462) DEBUG: to body [<sip:1111 at sip.net4india.com>
>]
> 0(13462) get_hdr_field: cseq <CSeq>: <1> <REGISTER>
> 0(13462) DEBUG: get_hdr_body : content_length=0
> 0(13462) found end of header
> 0(13462) find_first_route(): No Route headers found
> 0(13462) loose_route(): There is no Route HF
> 0(13462) REGISTER: Authenticating user
> 0(13462) parse_headers: flags=4096
> 0(13462) pre_auth(): Credentials with given realm not found
> 0(13462) REGISTER: challenging user
> 0(13462) build_auth_hf(): 'WWW-Authenticate: Digest
>realm="sip.net4india.com", nonce="3fb37a01834a42156a764ee9df05ad19d7687a
>23", qop="auth"
>'
> 0(13462) parse_headers: flags=-1
> 0(13462) check_via_address(202.71.135.212, 202.71.135.212, 0)
> 0(13462) receive_msg: cleaning up
> 0(13462) SIP Request:
> 0(13462)  method:  <REGISTER>
> 0(13462)  uri:     <sip:sip.net4india.com>
> 0(13462)  version: <SIP/2.0>
> 0(13462) parse_headers: flags=1
> 0(13462) end of header reached, state=5
> 0(13462) parse_headers: Via found, flags=1
> 0(13462) parse_headers: this is the first via
> 0(13462) After parse_msg...
> 0(13462) preparing to run routing scripts...
> 0(13462) DEBUG : is_maxfwd_present: searching for max_forwards header
> 0(13462) parse_headers: flags=128
> 0(13462) DEBUG: is_maxfwd_present: value = 70
> 0(13462) parse_headers: flags=8
>(13462) DEBUG: add_param: tag=0809578b00894f62bdb457bee0c4234b
> 0(13462) DEBUG: add_param: epid=85dccaccd6
> 0(13462) end of header reached, state=29
> 0(13462) parse_headers: flags=256
> 0(13462) end of header reached, state=9
> 0(13462) DEBUG: get_hdr_field: <To> [30]; uri=[sip:1111 at sip.net4india.com]
> 0(13462) DEBUG: to body [<sip:1111 at sip.net4india.com>
>]
> 0(13462) get_hdr_field: cseq <CSeq>: <1> <REGISTER>
> 0(13462) DEBUG: get_hdr_body : content_length=0
> 0(13462) found end of header
> 0(13462) find_first_route(): No Route headers found
> 0(13462) loose_route(): There is no Route HF
> 0(13462) REGISTER: Authenticating user
> 0(13462) parse_headers: flags=4096
> 0(13462) pre_auth(): Credentials with given realm not found
> 0(13462) REGISTER: challenging user
> 0(13462) build_auth_hf(): 'WWW-Authenticate: Digest
>realm="sip.net4india.com", nonce="3fb37a088e0d83f2084b0221f11e7ac8d6709b
>e0", qop="auth"
>'
> 0(13462) parse_headers: flags=-1
> 0(13462) check_via_address(202.71.135.212, 202.71.135.212, 0)
> 0(13462) receive_msg: cleaning up
> 0(13462) SIP Request:
> 0(13462)  method:  <REGISTER>
> 0(13462)  uri:     <sip:sip.net4india.com>
> 0(13462)  version: <SIP/2.0>
> 0(13462) parse_headers: flags=1
> 0(13462) end of header reached, state=5
> 0(13462) parse_headers: Via found, flags=1
> 0(13462) parse_headers: this is the first via
> 0(13462) After parse_msg...
> 0(13462) preparing to run routing scripts...
> 0(13462) DEBUG : is_maxfwd_present: searching for max_forwards header
> 0(13462) parse_headers: flags=128
> 0(13462) DEBUG: is_maxfwd_present: value = 70
> 0(13462) parse_headers: flags=8
> 0(13462) DEBUG: add_param: tag=0809578b00894f62bdb457bee0c4234b
> 0(13462) DEBUG: add_param: epid=85dccaccd6
>0(13462) end of header reached, state=29
> 0(13462) parse_headers: flags=256
> 0(13462) end of header reached, state=9
> 0(13462) DEBUG: get_hdr_field: <To> [30]; uri=[sip:1111 at sip.net4india.com]
> 0(13462) DEBUG: to body [<sip:1111 at sip.net4india.com>
>]
> 0(13462) get_hdr_field: cseq <CSeq>: <2> <REGISTER>
> 0(13462) DEBUG: get_hdr_body : content_length=0
> 0(13462) found end of header
> 0(13462) find_first_route(): No Route headers found
> 0(13462) loose_route(): There is no Route HF
> 0(13462) REGISTER: Authenticating user
> 0(13462) check_nonce(): comparing
>[3fb37a088e0d83f2084b0221f11e7ac8d6709be0] and
>[3fb37a088e0d83f2084b0221f11e7ac8d6709be0]
> 0(13462) radius_authorize_sterman(): Failure
> 0(13462) REGISTER: challenging user
> 0(13462) build_auth_hf(): 'WWW-Authenticate: Digest
>realm="sip.net4india.com", nonce="3fb37a088e0d83f2084b0221f11e7ac8d6709b
>e0", qop="auth"
>'
> 0(13462) parse_headers: flags=-1
> 0(13462) check_via_address(202.71.135.212, 202.71.135.212, 0)
> 0(13462) receive_msg: cleaning up
>
>----- Original Message ----- 
>From: "Daniel-Constantin Mierla"
><Daniel-Constantin.Mierla at fokus.fraunhofer.de>
>To: "Madan" <madan.r at net4india.net>
>Cc: "serusers" <serusers at lists.iptel.org>
>Sent: Thursday, November 13, 2003 5:01 PM
>Subject: Re: [Serusers] ser/radius
>
>
>  
>
>>Hello,
>>please increase the debug level to a higher value (debug=9), try again
>>and send the logs to us. From your previous mail on the seruser list
>>(subj: radius issue) seems that the Radius server authenticates OK the
>>    
>>
>user.
>  
>
>>}Daniel
>>
>>On 11/13/2003 12:08 PM, Madan wrote:
>>
>>    
>>
>>>----ser.cfg------------
>>>
>>>
>>>#
>>># ----------- global configuration parameters ------------------------
>>>debug=3         # debug level (cmd line: -dddddddddd)
>>>fork=no
>>>log_stderror=yes # (cmd line: -E)
>>>listen=202.71.135.219
>>>/* Uncomment these lines to enter debugging mode
>>>debug=7
>>>fork=no
>>>log_stderror=yes
>>>*/
>>>
>>>check_via=no # (cmd. line: -v)
>>>dns=no           # (cmd. line: -r)
>>>rev_dns=no      # (cmd. line: -R)
>>>port=5060
>>>children=4
>>>fifo="/tmp/ser_fifo"
>>>
>>># ------------------ module loading ----------------------------------
>>>
>>># Uncomment this if you want to use SQL database
>>>loadmodule "/usr/local/lib/ser/modules/mysql.so"
>>>loadmodule "/usr/local/lib/ser/modules/sl.so"
>>>loadmodule "/usr/local/lib/ser/modules/tm.so"
>>>loadmodule "/usr/local/lib/ser/modules/rr.so"
>>>loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
>>>loadmodule "/usr/local/lib/ser/modules/usrloc.so"
>>>loadmodule "/usr/local/lib/ser/modules/registrar.so"
>>>loadmodule "/usr/local/lib/ser/modules/auth.so"
>>>loadmodule "/usr/local/lib/ser/modules/acc.so"
>>>loadmodule "/usr/local/lib/ser/modules/auth_radius.so"
>>>
>>>
>>># ----------------- setting module-specific parameters ---------------
>>>
>>># -- usrloc params --
>>>
>>>modparam("usrloc", "db_mode",   2)
>>>modparam("auth_radius",
>>>"radius_config","/usr/local/etc/radiusclient/radiusclient.conf")
>>>modparam("auth_radius", "service_type", 15)
>>>
>>># -- rr params --
>>># add value to ;lr param to make some broken UAs happy
>>>modparam("rr", "enable_full_lr", 1)
>>>#modparam("acc", "log_level", 1)
>>>#modparam("acc", "radius_flag", 1)
>>>
>>># -------------------------  request routing logic -------------------
>>># main routing logic
>>>
>>>route{
>>># initial sanity checks -- messages with
>>>       # max_forwards==0, or excessively long requests
>>>       if (!mf_process_maxfwd_header("10")) {
>>>               sl_send_reply("483","Too Many Hops");
>>>               break;
>>>       };
>>>       if (len_gt( max_len )) {
>>>               sl_send_reply("513", "Message too big");
>>>               break;
>>>       };
>>>
>>>
>>>
>>># we record-route all messages -- to make sure that
>>># subsequent messages will go through our proxy; that's
>>># particularly good if upstream and downstream entities
>>># use different transport protocol
>>>record_route();
>>># loose-route processing
>>>if (loose_route()) {
>>>t_relay();
>>>break;
>>>};
>>>
>>># if the request is for other domain use UsrLoc
>>>       # (in case, it does not work, use the following command
>>>       # with proper names and addresses in it)
>>>
>>>       if (method=="REGISTER") {
>>>
>>>               log(1, "REGISTER: Authenticating user\n");
>>>
>>>               if (!radius_www_authorize("")) {
>>>                       log(1, "REGISTER: challenging user\n");
>>>                       www_challenge("", "2");
>>>                       break;
>>>               };
>>>               save("location");
>>>               break;
>>>       };
>>>
>>>
>>>       if (method=="INVITE") {
>>>
>>>               log(1, "INVITE\n");
>>>               setflag(1); /* set for accounting (the same value as in
>>>log_flag!) */
>>>       };
>>>
>>>       if (method=="MESSAGE") {
>>>               log(1, "MESSAGE\n");
>>>               setflag(1); /* set for accounting (the same value as in
>>>log_flag!) */
>>>       };
>>>
>>>       if (method=="BYE" || method=="CANCEL") {
>>>               log (1, "BYE or CANCEL\n");
>>>               setflag(1);
>>>       };
>>>
>>>       # native SIP destinations are handled using our USRLOC DB
>>>       if (!lookup("location")) {
>>>               sl_send_reply("404", "Not Found");
>>>               break;
>>>       };
>>>       if (!t_relay()) {
>>>               sl_reply_error();
>>>               break;
>>>       };
>>>
>>>
>>>}
>>>
>>>
>>>-----------------logs---------
>>>
>>>0(13437) mod_init(): Database connection opened successfuly
>>>acc - initializing
>>>0(0) INFO: udp_init: SO_RCVBUF is initially 65535
>>>0(0) INFO: udp_init: SO_RCVBUF is finally 262142
>>>2(13439) INFO: fifo process starting: 13439
>>>2(13439) SER: open_uac_fifo: fifo server up at /tmp/ser_fifo...
>>>0(13437) REGISTER: Authenticating user
>>>0(13437) REGISTER: challenging user
>>>0(13437) REGISTER: Authenticating user
>>>0(13437) REGISTER: challenging user
>>>0(13437) REGISTER: Authenticating user
>>>0(13437) REGISTER: challenging user
>>>
>>>i can not get my sipua registered, please help me to get out of this
>>>
>>>
>>>
>>>
>>>----- Original Message ----- 
>>>From: "Daniel-Constantin Mierla"
>>><Daniel-Constantin.Mierla at fokus.fraunhofer.de>
>>>To: "Santosh M Hulkund" <santoshmh at indts.com>
>>>Cc: <serusers at lists.iptel.org>
>>>Sent: Thursday, November 13, 2003 3:42 PM
>>>Subject: Re: [Serusers] Integrating Ser to Jabberd
>>>
>>>
>>>
>>>
>>>      
>>>
>>>>Hello,
>>>>try with this one:
>>>>http://www.iptel.org/ser/doc/jabgw/xjab-manual.html
>>>>
>>>>Best regards,
>>>>}Daniel
>>>>
>>>>On 11/13/2003 8:01 AM, Santosh M Hulkund wrote:
>>>>
>>>>
>>>>
>>>>        
>>>>
>>>>>Hi Gurus,
>>>>>
>>>>>Is there any clear document on integrating  ser with jabberd.
>>>>>
>>>>>Any pointers, greatly appreciated.
>>>>>
>>>>>Regards,
>>>>>Santosh M Hulkund
>>>>>
>>>>>
>>>>>
>>>>>_______________________________________________
>>>>>Serusers mailing list
>>>>>serusers at lists.iptel.org
>>>>>http://lists.iptel.org/mailman/listinfo/serusers
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>          
>>>>>
>>>>_______________________________________________
>>>>Serusers mailing list
>>>>serusers at lists.iptel.org
>>>>http://lists.iptel.org/mailman/listinfo/serusers
>>>>
>>>>
>>>>
>>>>        
>>>>
>>>
>>>      
>>>
>>
>>    
>>
>
>_______________________________________________
>Serusers mailing list
>serusers at lists.iptel.org
>http://lists.iptel.org/mailman/listinfo/serusers
>
>  
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20031113/57faea36/attachment.htm>


More information about the sr-users mailing list