[Users] what algorithm does radiusclient-ng+openser use?(md5 or)

Jason Ma realmj at gmail.com
Wed May 30 17:56:57 CEST 2007 

Hi Daniel,
Thanks for your reply,a quick question,how can I trace or check whether my
radiusclient-ng sent the right information and algorithm to AAA server?Is
the information below in the log conrrect for radius server to parse?Thanks
a lot.

On 5/30/07, Daniel-Constantin Mierla <daniel at voice-system.ro> wrote:
>
> Hello,
>
> the algorithm for authentication is www digest (or http digest --
> rfc2617). The password has to be stored either plain text or HA1 format
> (see the rfc for how to get the HA1). This auth algorithm uses md5 to
> compute the response and decide whether auth was successful or not.
>
> Cheers,
> Daniel
>
> On 05/30/07 17:15, Jason Ma wrote:
> > Hi All,
> > I'm configuring radius support on openser using
> > radiusclient-ng-0.5.5.1.tar.gz,and the radius server is Lucent AAA
> > server,everytime openser sent the request to AAA server,the AAA server
> > could not parse the request,the logs on AAA server is as below.I
> > noticed that the the server said it was "Unsupported algorithm",and
> > the algorithm was null,I'm wandering what kind of algorithm does
> > radiusclient-ng use?MD5 or HA1......... Please help ! Thanks in advance.
> >
> > ~~~~~~~~~~~~~~~~~~~~~~~
> > 2007/05/29 16:51:45.685 <engine.item.setup> Initializing Radius Item:
> > 192.168.1.42:33345->0.0.0.0:1812(77)
> >      0  <engine.item.setup> Using dictionary: draft-sterman-aaa-sip-01
> >      0  <engine.item.setup> Request decode:
> >         User-Name = "21230001 at 192.168.1.42 <mailto:21230001 at 192.168.1.42
> >"
> >         Digest-Attributes =
> >             User-Name = "21230001"
> >         Digest-Attributes =
> >             Realm = "192.168.1.42 <http://192.168.1.42>"
> >         Digest-Attributes =
> >             Nonce = "465c49b766fa11f4a9db29977bf16857d3372780"
> >         Digest-Attributes =
> >             URI = "sip:192.168.1.42 <http://192.168.1.42>"
> >         Digest-Attributes =
> >             Method = "REGISTER"
> >         Digest-Response = "689a0f89cd73751f61b12d04f585a224"
> >         Service-Type = IAPP-Register
> >         Anonymous = v0-a208-3231323330303031
> >         NAS-Port = 5060
> >         NAS-IP-Address = 192.168.1.42 <http://192.168.1.42>
> >
> >      0  <engine.item.setup > User-Name parsed: Base-User-Name =
> > "21230001", User-Realm = "192.168.1.42 <http://192.168.1.42>"
> >      0  <engine.item.setup> Item setup complete
> >      0  <engine.worker.1 >  <setup> ==> ReadUserFile.auth:readUserFile
> >      0  <plugin.ReadUserFile.auth:readUserFile> searchValue =
> > '21230001 at 192.168.1.42 <mailto:21230001 at 192.168.1.42>'.
> >      0  <plugin.ReadUserFile.auth:readUserFile > Found entry:
> > 21230001 at 192.168.1.42 <mailto:21230001 at 192.168.1.42>
> >      0  <plugin.ReadUserFile.auth:readUserFile> Check items for found
> > entry:
> >         User-Password = <hidden>
> >         Auth-Type = Local
> >
> >      0  <plugin.ReadUserFile.auth:readUserFile> Reply items for found
> > entry:
> >
> >      0  <plugin.ReadUserFile.auth:readUserFile> SUCCESS -- Read User
> > 21230001 at 192.168.1.42 <mailto:21230001 at 192.168.1.42>
> >      0  <engine.worker.1> ReadUserFile.auth:readUserFile ==>
> > AuthHttpDigest.auth:checkDigest by SUCCESS -- Read User
> > 21230001 at 192.168.1.42 <mailto:21230001 at 192.168.1.42>
> >      0  <plugin.AuthHttpDigest.auth:checkDigest > response =
> > 689a0f89cd73751f61b12d04f585a224
> >      0  <plugin.AuthHttpDigest.auth:checkDigest> realm = 192.168.1.42
> > <http://192.168.1.42>
> >      0  <plugin.AuthHttpDigest.auth:checkDigest> nonce =
> > 465c49b766fa11f4a9db29977bf16857d3372780
> >      0  <plugin.AuthHttpDigest.auth:checkDigest> method = REGISTER
> >      0  <plugin.AuthHttpDigest.auth:checkDigest> uri =
> > sip:192.168.1.42 <http://192.168.1.42>
> >      0  <plugin.AuthHttpDigest.auth:checkDigest > qop =
> >      0  <plugin.AuthHttpDigest.auth:checkDigest> algorithm =
> >      0  <plugin.AuthHttpDigest.auth:checkDigest> entityBodyHash =
> >      0  <plugin.AuthHttpDigest.auth:checkDigest> cNonce =
> >      0  <plugin.AuthHttpDigest.auth:checkDigest> nonceCount =
> >      0  <plugin.AuthHttpDigest.auth:checkDigest> username = 21230001
> >      0  <plugin.AuthHttpDigest.auth:checkDigest> ERROR -- Error
> > generating HTTP digest: java.io.IOException: Unsupported algorithm: :
> > java.io.IOException: Unsupported algorithm:
> >      1  <engine.worker.1> AuthHttpDigest.auth:checkDigest ==>
> > End-Of-Methods by ERROR -- Error generating HTTP digest:
> > java.io.IOException: Unsupported algorithm:
> >      1  <engine.worker.1> 21230001 at 192.168.1.42
> > <mailto:21230001 at 192.168.1.42> login discarded due to Error generating
> > HTTP digest: java.io.IOException: Unsupported algorithm:
> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Users mailing list
> > Users at openser.org
> > http://openser.org/cgi-bin/mailman/listinfo/users
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20070530/8247b512/attachment.htm>

More information about the sr-users mailing list