[Serusers] Existing Radius Authentication

Ryan Pagquil rpagquil at philonline.com
Mon Aug 1 13:19:47 CEST 2005


I replaced System with digest authentication and the result is this:

rad_recv: Access-Request packet from host 127.0.0.1:1758, id=145, length=318
        User-Name = "rpagquil at server4all"
        Digest-Attributes = "\n\nrpagquil"
        Digest-Attributes = "\001\014server4all"
        Digest-Attributes = "\002*42ee08a5a74a8d5a8e2028edd9f31ce75d40d551"
        Digest-Attributes = "\004\020sip:server4all"
        Digest-Attributes = "\003\nREGISTER"
        Digest-Attributes = "\005\006auth"
        Digest-Attributes = "\t\n00000002"
        Digest-Attributes = "\010"142A216802C111DABFB500E04CAB4AB4"
        Digest-Response = "da8032e6eb15381a0cbad43e6b981458"
        Service-Type = Sip-Session
        Sip-URI-User = "rpagquil"
        Cisco-AVPair = "call-id=142A216302C111DABFB500E04CAB4AB4 at server4all"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 5060
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
Invalid operator for item Suffix: reverting to '=='
Invalid operator for item Suffix: reverting to '=='
Invalid operator for item Suffix: reverting to '=='
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module "eap" returns noop for request 0
    rlm_digest: Converting Digest-Attributes to something sane...
        Digest-User-Name = "rpagquil"
        Digest-Realm = "server4all"
        Digest-Nonce = "42ee08a5a74a8d5a8e2028edd9f31ce75d40d551"
        Digest-URI = "sip:server4all"
        Digest-Method = "REGISTER"
        Digest-QOP = "auth"
        Digest-Nonce-Count = "00000002"
        Digest-CNonce = "142A216802C111DABFB500E04CAB4AB4"
rlm_digest: Adding Auth-Type = DIGEST
  modcall[authorize]: module "digest" returns ok for request 0
    rlm_realm: Looking up realm "server4all" for User-Name = 
"rpagquil at server4all"
    rlm_realm: Found realm "DEFAULT"
    rlm_realm: Adding Stripped-User-Name = "rpagquil"
    rlm_realm: Proxying request from user rpagquil to realm DEFAULT
    rlm_realm: Adding Realm = "DEFAULT"
    rlm_realm: Authentication realm is LOCAL.
  modcall[authorize]: module "suffix" returns noop for request 0
    users: Matched DEFAULT at 162
  modcall[authorize]: module "files" returns ok for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
modcall: group authorize returns ok for request 0
  rad_check_password:  Found Auth-Type DIGEST
auth: type "Digest"
  Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 0
rlm_digest: Configuration item "User-Password" is required for 
authentication.
  modcall[authenticate]: module "digest" returns invalid for request 0
modcall: group Auth-Type returns invalid for request 0
auth: Failed to validate the user.
Login incorrect: [rpagquil at server4all] (from client server port 5060)
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
rad_recv: Access-Request packet from host 127.0.0.1:1759, id=146, length=318
        User-Name = "rpagquil at server4all"
        Digest-Attributes = "\n\nrpagquil"
        Digest-Attributes = "\001\014server4all"
        Digest-Attributes = "\002*42ee08a5a74a8d5a8e2028edd9f31ce75d40d551"
        Digest-Attributes = "\004\020sip:server4all"
        Digest-Attributes = "\003\nREGISTER"
        Digest-Attributes = "\005\006auth"
        Digest-Attributes = "\t\n00000002"
        Digest-Attributes = "\010"142A216902C111DABFB500E04CAB4AB4"
        Digest-Response = "9d27c6e00fb5490e25c6166a2ce5c149"
        Service-Type = Sip-Session
        Sip-URI-User = "rpagquil"
        Cisco-AVPair = "call-id=142A216302C111DABFB500E04CAB4AB4 at server4all"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 5060
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
Invalid operator for item Suffix: reverting to '=='
Invalid operator for item Suffix: reverting to '=='
Invalid operator for item Suffix: reverting to '=='
  modcall[authorize]: module "preprocess" returns ok for request 1
  modcall[authorize]: module "chap" returns noop for request 1
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module "eap" returns noop for request 1
    rlm_digest: Converting Digest-Attributes to something sane...
        Digest-User-Name = "rpagquil"
        Digest-Realm = "server4all"
        Digest-Nonce = "42ee08a5a74a8d5a8e2028edd9f31ce75d40d551"
        Digest-URI = "sip:server4all"
        Digest-Method = "REGISTER"
        Digest-QOP = "auth"
        Digest-Nonce-Count = "00000002"
        Digest-CNonce = "142A216902C111DABFB500E04CAB4AB4"
rlm_digest: Adding Auth-Type = DIGEST
  modcall[authorize]: module "digest" returns ok for request 1
    rlm_realm: Looking up realm "server4all" for User-Name = 
"rpagquil at server4all"
    rlm_realm: Found realm "DEFAULT"
    rlm_realm: Adding Stripped-User-Name = "rpagquil"
    rlm_realm: Proxying request from user rpagquil to realm DEFAULT
    rlm_realm: Adding Realm = "DEFAULT"
    rlm_realm: Authentication realm is LOCAL.
  modcall[authorize]: module "suffix" returns noop for request 1
    users: Matched DEFAULT at 162
  modcall[authorize]: module "files" returns ok for request 1
  modcall[authorize]: module "mschap" returns noop for request 1
modcall: group authorize returns ok for request 1
  rad_check_password:  Found Auth-Type DIGEST
auth: type "Digest"
  Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 1
rlm_digest: Configuration item "User-Password" is required for 
authentication.
  modcall[authenticate]: module "digest" returns invalid for request 1
modcall: group Auth-Type returns invalid for request 1
auth: Failed to validate the user.
Login incorrect: [rpagquil at server4all] (from client server port 5060)
Delaying request 1 for 1 seconds
Finished request 1
Going to the next request
--- Walking the entire request list ---
Sending Access-Reject of id 145 to 127.0.0.1:1758
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 146 to 127.0.0.1:1759
Waking up in 2 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 145 with timestamp 42ee0779
Waking up in 2 seconds...
--- Walking the entire request list ---
Cleaning up request 1 ID 146 with timestamp 42ee077b
Nothing to do.  Sleeping until we see a request.




More information about the sr-users mailing list