[SR-Users] Radius - new style AVP's (misc_radius)

Daniel-Constantin Mierla miconda at gmail.com
Wed May 8 09:48:15 CEST 2013 

Hello,

can you make the behavior configurable via module parameter? The patch 
does not seem to be that intrusive, by just making this option 
configurable would be no reason to not accept it, the old style can 
still be used. As said previously, I am not using radius myself, just 
looked at the patch.

Cheers,
Daniel


On 5/6/13 3:09 PM, Victor V. Kustov wrote:
> Good day!
>
> Now I test new style AVP's for radius response storing. Today
> additional radius responses return in special radpair:
>
> SIP-AVP - name, string "email:sr-users at lists.sip-router.org session-timeout#161 nexthopip:h323/0001111 at myvoip-gate.kamailio.org" - value.
>
> I don't know why developers chose this way. But it's addition kamailio's feature, so let it be.
> But if radius server responded with standard pairs?
>
> Sending Access-Accept of id 60 to 172.16.X.X port 59736
> 	Session-Timeout = 4261674
> 	next-hop-ip = "SIP/00111222333444 at cisco-out"
> 	SIP-AVP = "email:sr-users at lists.sip-router.org session-timeout#161 next-hop-ip:h323/0001111 at myvoip-gate.kamailio.org"
> 	session-protocol = "SIP"
>
> No chance to get full radius response at this moment. Only parse SIP-AVP pair. This mean that when you wanna integrate K. in existing infrastructure (in my case - billing), u need work with K. and radius. But why, if you already had worked voip devices?
>
> I think more flexible solution ADD in misc_radius function to get radpairs as AVP's.
> See that i got:
>   misc_radius [functions.c:159]: AVP 'Session-Timeout'/0='null'/4261674 has been added
>   misc_radius [functions.c:143]: AVP 'next-hop-ip'/0='SIP/005555777888 at cisco-out'/0 has been added
>   misc_radius [functions.c:143]: AVP 'session-protocol'/0='SIP'/0 has been added
>
> After radius response i get:
> $avp(Session-Timeout)=4261674 (integer)
> $avp(next-hop-ip)="SIP/005555777888 at cisco-out" (string)
> $avp(session-protocol)="SIP" (string)
>
> I think its usable and more flexible.
>
> I see 3 way to integrate it:
> 1. additionally with existing radius_load_caller_avps/radius_load_callee_avps (i make same for test)
> 2. new function in same module, like radius_authorize_request (caller,callee).
> 3. replace existing style. it's bad for backward compability, of cause.
>
> Or it stay my local patch :)
>
> If it really needed and usable i may made any (1..3) way with doc and examples :)
>
>
> diff --git a/modules/misc_radius/functions.c b/modules/misc_radius/functions.c
> index 2a42024..f156939 100644
> --- a/modules/misc_radius/functions.c
> +++ b/modules/misc_radius/functions.c
> @@ -107,6 +107,60 @@ error:
>          return -1;
>   }
>   
> +static void generate_avps_rad(VALUE_PAIR* received)
> +{
> +    int_str name, val;
> +    unsigned short flags;
> +    VALUE_PAIR *vp;
> +
> +    vp = received;
> +
> +    for( ; vp ; vp=vp->next) {
> +       flags = AVP_NAME_STR;
> +    switch(vp->type)
> +    {
> +    case PW_TYPE_STRING:
> +        flags |= AVP_VAL_STR;
> +        name.s.len = strlen(vp->name);
> +        val.s.len = strlen(vp->strvalue);
> +        name.s.s = vp->name;
> +        val.s.s = vp->strvalue;
> +        if (add_avp( flags, name, val ) < 0) {
> +            LM_ERR("unable to create a new AVP\n");
> +        } else {
> +            LM_DBG("AVP '%.*s'/%d='%.*s'/%d has been added\n",
> +            (flags&AVP_NAME_STR)?name.s.len:4,
> +            (flags&AVP_NAME_STR)?name.s.s:"null",
> +            (flags&AVP_NAME_STR)?0:name.n,
> +            (flags&AVP_VAL_STR)?val.s.len:4,
> +            (flags&AVP_VAL_STR)?val.s.s:"null",
> +            (flags&AVP_VAL_STR)?0:val.n );
> +        }
> +        continue;
> +     case PW_TYPE_INTEGER:
> +          name.s.len = strlen(vp->name);
> +          name.s.s = vp->name;
> +          val.n = vp->lvalue;
> +                if (add_avp( flags, name, val ) < 0) {
> +            LM_ERR("unable to create a new AVP\n");
> +        } else {
> +            LM_DBG("AVP '%.*s'/%d='%.*s'/%d has been added\n",
> +            (flags&AVP_NAME_STR)?name.s.len:4,
> +            (flags&AVP_NAME_STR)?name.s.s:"null",
> +            (flags&AVP_NAME_STR)?0:name.n,
> +            (flags&AVP_VAL_STR)?val.s.len:4,
> +            (flags&AVP_VAL_STR)?val.s.s:"null",
> +            (flags&AVP_VAL_STR)?0:val.n );
> +        }
> +        continue;
> +    default:
> +        LM_ERR("skip attribute type %d (non-string)", vp->type);
> +        continue;
> +    }
> +    return;
> +  }
> +}
> +
>   
>   /* Generate AVPs from Radius reply items */
>   static void generate_avps(struct attr *attrs, VALUE_PAIR* received)
> @@ -212,6 +266,7 @@ int radius_load_caller_avps(struct sip_msg* _m, char* _caller, char* _s2)
>          LM_DBG("success\n");
>          rc_avpair_free(send);
>          generate_avps(caller_attrs, received);
> +       generate_avps_rad(received);
>          rc_avpair_free(received);
>          return 1;
>       } else {
>
>
>
> --
>   WBR, Victor
>    JID: coyote at bks.tv
>    JID: coyote at bryansktel.ru
>    I use FREE operation system: 3.8.4-calculate GNU/Linux
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla - http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Kamailio Advanced Training, San Francisco, USA - June 24-27, 2013
   * http://asipto.com/u/katu *

More information about the sr-users mailing list