[SR-Users] Kamailio AVPs Radius

Daniel-Constantin Mierla miconda at gmail.com
Thu Dec 11 16:10:47 CET 2014 

Looking a bit deeper in the code, apparently only SIP_AVP (code 27) are
added as avps -- see generate_avps():

   modules/auth_radius/sterman.c

For adding all radius avps, I guess some extra C code needs to be pushed
there.

Cheers,
Daniel

On 11/12/14 14:57, Kalala Alexander wrote:
> I have done avp_print (); Here's the output:
>
> 1(11832) INFO: avpops [avpops_impl.c:1488]: ops_print_avp():   name=<digest_challenge>
>  1(11832) INFO: avpops [avpops_impl.c:1496]: ops_print_avp():  val_str=<Proxy-Authenticate: Digest realm="sip.voip.by", nonce="VIgtSVSILB3mhgkw9TUSxb2W5cVvKr4S", qop="auth"
>
>
> Received no attributes in  the AVP (For Example "Session-Timeout")...
> The answer comes from the Radius after proxy_challenge("$fd", "0");
>
> Access-Accept (2)
> AVP: l=6 t=Session-Timeout(27): 11234
>
>
>
> 11.12.2014, 16:06, "Daniel-Constantin Mierla" <miconda at gmail.com>:
>> Not using radius myself, but a quick look at the code reveals that some
>> avps are generated after authentication. You can print the list of the
>> avps with avp_print():
>>
>> http://kamailio.org/docs/modules/stable/modules/avpops.html#avpops.f.avp_print
>>
>> Then you can see what is getting back from radius.
>>
>> Cheers,
>> Daniel
>>
>> On 10/12/14 20:42, Kalala Alexander wrote:
>>>  Radius server sends a response containing an attribute (Session-Timeout (27): 2342).
>>>  How is the value saved in the AVPs using module auch_radius?
>>>
>>>  Config:
>>>
>>>  modparam("auth_radius", "radius_config","/etc/radiusclient-ng/radiusclient.conf")
>>>  modparam("auth_radius", "service_type",15)
>>>  modparam("auth_radius", "use_ruri_flag", 22)
>>>  modparam("auth_radius", "auth_extra",
>>>          "Calling-Station-Id=$fU;Called-Station-Id=$tU;Acct-Session-Id=$ci")
>>>
>>>  if (is_method("REGISTER"))
>>>          {
>>>                  # authenticate the REGISTER requests (uncomment to enable auth)
>>>                  if (!radius_www_authorize("$td")) {
>>>                          www_challenge("$td", "0");
>>>                          exit;
>>>                  }
>>>
>>>                  if ($au!=$tU)
>>>                  {
>>>                          sl_send_reply("403","Forbidden auth ID");
>>>                          exit;
>>>                  }
>>>          }
>>>
>>>  ...............................
>>>
>>>  if (from_uri==myself)
>>>                  {
>>>                          if (!radius_proxy_authorize("$fd", "$fU")) {
>>>                                  proxy_challenge("$fd", "0");
>>>                                  exit;
>>>
>>>                          }
>> --
>> Daniel-Constantin Mierla
>> http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
>>
>> _______________________________________________
>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
>> sr-users at lists.sip-router.org
>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda

More information about the sr-users mailing list