[Serusers] Can't run SER with radius

Jan Janak jan at iptel.org
Fri Feb 18 19:49:26 CET 2005


You need radiusclient-ng :

http://developer.berlios.de/projects/radiusclient-ng

  Jan.

On 17-02 22:36, Roman wrote:
> $ cat /usr/local/include/radiusclient.h |grep ,v
>  * $Id: radiusclient.h,v 1.9 1999/01/06 23:53:04 lf Exp $
> 
> $ ls -l /usr/local/lib
> -rw-r--r--  1 root  root  47474 May 15  2004 libradiusclient.a
> lrwxrwxrwx  1 root  root     24 Feb 17 22:28 libradiusclient.so -> 
> libradiusclient.so.0.0.1
> lrwxrwxrwx  1 root  root     24 Feb 17 22:28 libradiusclient.so.0 -> 
> libradiusclient.so.0.0.1
> -rwxr-xr-x  1 root  root  45967 May 15  2004 libradiusclient.so.0.0.1
> lrwxrwxrwx  1 root  root     24 Feb 17 22:16 libradiusclient.so.2 -> 
> libradiusclient.so.0.0.1
> drwxr-xr-x  3 roman roman  4096 Jul 27  2004 ser
> 
> $ cat /etc/ld.so.conf
> include ld.so.conf.d/*.conf
> /usr/lib/mysql
> /usr/X11R6/lib
> /usr/lib/qt-3.3/lib
> /usr/local/lib
> 
> doesn't ser precompiled auth_radius module supposed to be working?
> 
> On Thursday 17 February 2005 21:47, Charles Wang wrote:
> > It seems the problem of your environment. If you has compile the
> > radiusclient first. Please make sure the its lib files and its include
> > files are in your include path and lib path.
> >
> > You can search your /usr/local/include and  make sure the file
> > radiusclient.h in it. and /usr/local/lib/libradiusclient.* are exist.
> >
> > Then vi /etc/ld.so.conf and check if "/usr/local/lib" exist or not. If
> > not, add it.
> > Then use command "ldconf" to reload it. And make again.
> >
> > On Thu, 17 Feb 2005 17:56:47 +0200, Roman <leroi at navigator.lv> wrote:
> > > well:
> > >
> > > gcc -fPIC -DPIC -g -O9 -funroll-loops  -Wcast-align  -Wall
> > > -minline-all-stringops -malign-double -falign-loops -mcpu=athlon
> > > -DNAME='"auth_radius.so"' -DVERSION='"0.8.14"' -DARCH='"i386"'
> > > -DOS='"linux"' -DCOMPILER='"gcc 3.3"' -D__CPU_i386 -D__OS_linux
> > > -DCFG_DIR='"/usr/local/etc/ser/"' -DPKG_MALLOC -DSHM_MEM  -DSHM_MMAP
> > > -DDNS_IP_HACK -DUSE_IPV6 -DUSE_TCP -DDISABLE_NAGLE -DF_MALLOC 
> > > -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 
> > > -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_SCHED_YIELD
> > > -DHAVE_MSG_NOSIGNAL
> > > -DHAVE_MSGHDR_MSG_CONTROL -I/usr/local/include -c authrad_mod.c -o
> > > authrad_mod.o
> > > authrad_mod.c: In function `mod_init':
> > > authrad_mod.c:111: error: `DICT_VENDOR' undeclared (first use in this
> > > function)
> > > authrad_mod.c:111: error: (Each undeclared identifier is reported only
> > > once authrad_mod.c:111: error: for each function it appears in.)
> > > authrad_mod.c:111: error: `vend' undeclared (first use in this function)
> > > authrad_mod.c:135: warning: assignment makes pointer from integer without
> > > a cast
> > > authrad_mod.c:140: error: too many arguments to function `rc_conf_str'
> > > authrad_mod.c:140: error: too many arguments to function
> > > `rc_read_dictionary' authrad_mod.c:145: warning: implicit declaration of
> > > function
> > > `rc_dict_findvend'
> > > authrad_mod.c:163: error: too many arguments to function
> > > `rc_dict_findattr' authrad_mod.c:163: error: too many arguments to
> > > function `rc_dict_findval' make: *** [authrad_mod.o] Error 1
> > >
> > > and... 0.8.14 binary package has auth_radius in it
> > > radiusd and radiusclient are installed and _working_
> > >
> > > On Thursday 17 February 2005 17:32, Charles Wang wrote:
> > > > Just download the source code and type "make" under
> > > > ser/modules/auth_radius/ Then copy the auth_radius.so to
> > > > /usr/local/lib/ser/modules/
> > > > Re-run your serctl.
> > > > Make sure you have to install radiusclient package first before compile
> > > > it.
> > > >
> > > > Charles
> > > >
> > > > On Thu, 17 Feb 2005 16:44:16 +0200, Roman <leroi at navigator.lv> wrote:
> > > > > Sorry forgot syslog messages:
> > > > >
> > > > > Feb 17 16:37:41 uranus ser: ERROR: load_module: could not open module
> > > > > </usr/local/lib/ser/modules/auth_radius.so>:
> > > > > /usr/local/lib/ser/modules/auth_radius.so: undefined symbol:
> > > > > rc_dict_findvend
> > > > > Feb 17 16:37:41 uranus ser: parse error (36,13-55): failed to load
> > > > > module Feb 17 16:37:41 uranus ser: set_mod_param_regex: No module
> > > > > matching auth_radius found |
> > > > > Feb 17 16:37:41 uranus ser: parse error (44,78-79): Can't set module
> > > > > parameter Feb 17 16:37:41 uranus ser: set_mod_param_regex: No module
> > > > > matching auth_radius found |
> > > > > Feb 17 16:37:41 uranus ser: parse error (45,43-44): Can't set module
> > > > > parameter Feb 17 16:37:41 uranus ser: parse error (93,32-33): unknown
> > > > > command, missing loadmodule?
> > > > >
> > > > > On Wednesday 16 February 2005 20:45, Roman wrote:
> > > > > > Anybody please help with subj
> > > > > > 0.8.14 binaries from iptel.org
> > > > > > ser -dddddddd says:
> > > > > > ERROR: bad config file (4 errors)
> > > > > >
> > > > > > config as in the manual:
> > > > > >
> > > > > > # ----------- global configuration parameters
> > > > > > ------------------------
> > > > > >
> > > > > > debug=5         # debug level (cmd line: -dddddddddd)
> > > > > > #fork=yes
> > > > > > #log_stderror=no        # (cmd line: -E)
> > > > > >
> > > > > > /* Uncomment these lines to enter debugging mode
> > > > > > debug=7
> > > > > > fork=no
> > > > > > log_stderror=yes
> > > > > > */
> > > > > >
> > > > > > check_via=no    # (cmd. line: -v)
> > > > > > dns=no           # (cmd. line: -r)
> > > > > > rev_dns=no      # (cmd. line: -R)
> > > > > > port=5065
> > > > > > #children=4
> > > > > > fifo="/tmp/ser_fifo"
> > > > > >
> > > > > > # ------------------ module loading
> > > > > > ----------------------------------
> > > > > >
> > > > > > loadmodule "/usr/local/lib/ser/modules/sl.so"
> > > > > > loadmodule "/usr/local/lib/ser/modules/tm.so"
> > > > > > loadmodule "/usr/local/lib/ser/modules/rr.so"
> > > > > > loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
> > > > > > loadmodule "/usr/local/lib/ser/modules/usrloc.so"
> > > > > > loadmodule "/usr/local/lib/ser/modules/registrar.so"
> > > > > >
> > > > > > loadmodule "/usr/local/lib/ser/modules/auth.so"
> > > > > > loadmodule "/usr/local/lib/ser/modules/auth_radius.so"
> > > > > >
> > > > > > # ----------------- setting module-specific parameters
> > > > > > ---------------
> > > > > >
> > > > > > # -- usrloc params --
> > > > > > modparam("usrloc", "db_mode", 2)
> > > > > >
> > > > > > # -- auth params --
> > > > > > modparam("auth_radius",
> > > > > > "radius_config","/etc/radiusclient/radiusclient.conf")
> > > > > > modparam("auth_radius", "service_type", 15)
> > > > > >
> > > > > > # -- rr params --
> > > > > > # add value to ;lr param to make some broken UAs happy
> > > > > > modparam("rr", "enable_full_lr", 1)
> > > > > >
> > > > > > #modparam("acc", "log_level", 1)
> > > > > > #modparam("acc", "radius_flag", 1)
> > > > > >
> > > > > > # -------------------------  request routing logic
> > > > > > ------------------- # main routing logic
> > > > > >
> > > > > >
> > > > > > route{
> > > > > >
> > > > > >         # initial sanity checks -- messages with
> > > > > >         # max_forwards==0, or excessively long requests
> > > > > >         if (!mf_process_maxfwd_header("10")) {
> > > > > >                 sl_send_reply("483","Too Many Hops");
> > > > > >                 break;
> > > > > >         };
> > > > > >         if ( msg:len > max_len ) {
> > > > > >                 sl_send_reply("513", "Message too big");
> > > > > >                 break;
> > > > > >         };
> > > > > >
> > > > > >         # we record-route all messages -- to make sure that
> > > > > >         # subsequent messages will go through our proxy; that's
> > > > > >         # particularly good if upstream and downstream entities
> > > > > >         # use different transport protocol
> > > > > >         record_route();
> > > > > >         # loose-route processing
> > > > > >         if (loose_route()) {
> > > > > >                 t_relay();
> > > > > >                 break;
> > > > > >         };
> > > > > >
> > > > > >         # if the request is for other domain use UsrLoc
> > > > > >         # (in case, it does not work, use the following command
> > > > > >         # with proper names and addresses in it)
> > > > > >         if (uri==myself) {
> > > > > >
> > > > > >                 if (method=="REGISTER") {
> > > > > >
> > > > > > # Uncomment this if you want to use digest authentication
> > > > > >                         if (!radius_www_authorize("")) {
> > > > > >                                 www_challenge("", "1");
> > > > > >                                 break;
> > > > > >                         };
> > > > > >
> > > > > >                         save("location");
> > > > > >                         break;
> > > > > >                 };
> > > > > >
> > > > > >                 # native SIP destinations are handled using our
> > > > > > USRLOC DB if (!lookup("location")) {
> > > > > >                         sl_send_reply("404", "Not Found");
> > > > > >                         break;
> > > > > >                 };
> > > > > >         };
> > > > > >         # forward to current uri now; use stateful forwarding; that
> > > > > >         # works reliably even if we forward from TCP to UDP
> > > > > >         if (!t_relay()) {
> > > > > >                 sl_reply_error();
> > > > > >         };
> > > > > >
> > > > > > }
> > > > > >
> > > > > > _______________________________________________
> > > > > > Serusers mailing list
> > > > > > serusers at lists.iptel.org
> > > > > > http://lists.iptel.org/mailman/listinfo/serusers
> > > > >
> > > > > --
> > > > > Please avoid sending me Word or PowerPoint attachments.
> > > > > See http://www.fsf.org/philosophy/no-word-attachments.html
> > > > >
> > > > > _______________________________________________
> > > > > Serusers mailing list
> > > > > serusers at lists.iptel.org
> > > > > http://lists.iptel.org/mailman/listinfo/serusers
> > >
> > > --
> > > Please avoid sending me Word or PowerPoint attachments.
> > > See http://www.fsf.org/philosophy/no-word-attachments.html
> 
> _______________________________________________
> Serusers mailing list
> serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers




More information about the sr-users mailing list