[SR-Users] Kamailio auth_radius: duplicate User-Name attribute

Kosilov Fedor dangerkoffe at gmail.com
Fri Mar 4 13:06:14 CET 2011 

Hello List!

I'm trying to set up authorization with our billing proprietary radius
server, using Freeradius as a proxy. Currently I'm experiencing the
following problem:

The Access-Request packet, sent by Kamailio, contains two User-Name
attribute records
Here is a log from the Freeradius server:

rad_recv: Access-Request packet from host 127.0.0.1 port 59294, id=112,
length=298
    User-Name = "2219001 at example.com"
    Digest-Attributes = 0x0a0932323139303031
    Digest-Attributes = 0x01106c696e6b2d726567696f6e2e7275
    Digest-Attributes =
0x022254584452634531773045524b7368796f30684a70544f4f6a69424d386b32534a
    Digest-Attributes = 0x04147369703a6c696e6b2d726567696f6e2e7275
    Digest-Attributes = 0x030a5245474953544552
    Digest-Attributes = 0x050661757468
    Digest-Attributes = 0x090a3030303030303031
    Digest-Attributes = 0x080c32383034636535373032
    Digest-Response = "e79b47955c02401fe52d05f7956609aa"
    Service-Type = Sip-Session
    Sip-Uri-User = "2219001"
*    User-Name = "call-id=domcmqmnychbwlp at koffe-work"*
    NAS-Identifier = "kamserv.example.com"
    NAS-Port = 5060
    NAS-IP-Address = 127.0.0.1
# Executing section authorize from file
/etc/freeradius/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[digest] Checking for correctly formatted Digest-Attributes
[digest] Digest-Attributes look OK.  Converting them to something more
usful.
    Digest-User-Name = "2219001"
    Digest-Realm = "example.com"
    Digest-Nonce = "TXDRcE1w0ERKshyo0hJpTOOjiBM8k2SJ"
    Digest-URI = "sip:example.com"
    Digest-Method = "REGISTER"
    Digest-QOP = "auth"
    Digest-Nonce-Count = "00000001"
    Digest-CNonce = "2804ce5702"
[digest] Adding Auth-Type = DIGEST
++[digest] returns ok
[suffix] Looking up realm "example.com" for User-Name = "2219001 at example.com
"
[suffix] Found realm "example.com"
[suffix] Adding Realm = "example.com"
[suffix] Proxying request from user 2219001 to realm example.com
[suffix] Preparing to proxy authentication request to realm "example.com"
++[suffix] returns updated
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Sending Access-Request of id 250 to 127.0.0.1 port 1822
    User-Name = "2219001 at example.com"
    Digest-Attributes = 0x0a0932323139303031
    Digest-Attributes = 0x01106c696e6b2d726567696f6e2e7275
    Digest-Attributes =
0x022254584452634531773045524b7368796f30684a70544f4f6a69424d386b32534a
    Digest-Attributes = 0x04147369703a6c696e6b2d726567696f6e2e7275
    Digest-Attributes = 0x030a5245474953544552
    Digest-Attributes = 0x050661757468
    Digest-Attributes = 0x090a3030303030303031
    Digest-Attributes = 0x080c32383034636535373032
    Digest-Response = "e79b47955c02401fe52d05f7956609aa"
    Service-Type = Sip-Session
    Sip-Uri-User = "2219001"
*    User-Name = "call-id=domcmqmnychbwlp at koffe-work"*
    NAS-Identifier = "kamserv.example.com"
    NAS-Port = 5060
    NAS-IP-Address = 127.0.0.1
    Proxy-State = 0x313132
Proxying request 1 to home server 127.0.0.1 port 1822

As I understand, this second User-Name attribute has to be a call-id
attribute.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20110304/0625525b/attachment.htm>

More information about the sr-users mailing list