[Users] what algorithm does radiusclient-ng+openser use?(md5 or)

Daniel-Constantin Mierla daniel at voice-system.ro
Wed May 30 17:07:19 CEST 2007 

Hello,

the algorithm for authentication is www digest (or http digest -- 
rfc2617). The password has to be stored either plain text or HA1 format 
(see the rfc for how to get the HA1). This auth algorithm uses md5 to 
compute the response and decide whether auth was successful or not.

Cheers,
Daniel

On 05/30/07 17:15, Jason Ma wrote:
> Hi All,
> I'm configuring radius support on openser using 
> radiusclient-ng-0.5.5.1.tar.gz,and the radius server is Lucent AAA 
> server,everytime openser sent the request to AAA server,the AAA server 
> could not parse the request,the logs on AAA server is as below.I 
> noticed that the the server said it was "Unsupported algorithm",and 
> the algorithm was null,I'm wandering what kind of algorithm does 
> radiusclient-ng use?MD5 or HA1......... Please help ! Thanks in advance.
>  
> ~~~~~~~~~~~~~~~~~~~~~~~
> 2007/05/29 16:51:45.685 <engine.item.setup> Initializing Radius Item: 
> 192.168.1.42:33345->0.0.0.0:1812(77)
>      0  <engine.item.setup> Using dictionary: draft-sterman-aaa-sip-01
>      0  <engine.item.setup> Request decode:
>         User-Name = "21230001 at 192.168.1.42 <mailto:21230001 at 192.168.1.42>"
>         Digest-Attributes =
>             User-Name = "21230001"
>         Digest-Attributes =
>             Realm = "192.168.1.42 <http://192.168.1.42>"
>         Digest-Attributes =
>             Nonce = "465c49b766fa11f4a9db29977bf16857d3372780"
>         Digest-Attributes =
>             URI = "sip:192.168.1.42 <http://192.168.1.42>"
>         Digest-Attributes =
>             Method = "REGISTER"
>         Digest-Response = "689a0f89cd73751f61b12d04f585a224"
>         Service-Type = IAPP-Register
>         Anonymous = v0-a208-3231323330303031
>         NAS-Port = 5060
>         NAS-IP-Address = 192.168.1.42 <http://192.168.1.42>
>
>      0  <engine.item.setup > User-Name parsed: Base-User-Name = 
> "21230001", User-Realm = "192.168.1.42 <http://192.168.1.42>"
>      0  <engine.item.setup> Item setup complete
>      0  <engine.worker.1 >  <setup> ==> ReadUserFile.auth:readUserFile
>      0  <plugin.ReadUserFile.auth:readUserFile> searchValue = 
> '21230001 at 192.168.1.42 <mailto:21230001 at 192.168.1.42>'.
>      0  <plugin.ReadUserFile.auth:readUserFile > Found entry: 
> 21230001 at 192.168.1.42 <mailto:21230001 at 192.168.1.42>
>      0  <plugin.ReadUserFile.auth:readUserFile> Check items for found 
> entry:
>         User-Password = <hidden>
>         Auth-Type = Local
>
>      0  <plugin.ReadUserFile.auth:readUserFile> Reply items for found 
> entry:
>
>      0  <plugin.ReadUserFile.auth:readUserFile> SUCCESS -- Read User 
> 21230001 at 192.168.1.42 <mailto:21230001 at 192.168.1.42>
>      0  <engine.worker.1> ReadUserFile.auth:readUserFile ==> 
> AuthHttpDigest.auth:checkDigest by SUCCESS -- Read User 
> 21230001 at 192.168.1.42 <mailto:21230001 at 192.168.1.42>
>      0  <plugin.AuthHttpDigest.auth:checkDigest > response = 
> 689a0f89cd73751f61b12d04f585a224
>      0  <plugin.AuthHttpDigest.auth:checkDigest> realm = 192.168.1.42 
> <http://192.168.1.42>
>      0  <plugin.AuthHttpDigest.auth:checkDigest> nonce = 
> 465c49b766fa11f4a9db29977bf16857d3372780
>      0  <plugin.AuthHttpDigest.auth:checkDigest> method = REGISTER
>      0  <plugin.AuthHttpDigest.auth:checkDigest> uri = 
> sip:192.168.1.42 <http://192.168.1.42>
>      0  <plugin.AuthHttpDigest.auth:checkDigest > qop =
>      0  <plugin.AuthHttpDigest.auth:checkDigest> algorithm =
>      0  <plugin.AuthHttpDigest.auth:checkDigest> entityBodyHash =
>      0  <plugin.AuthHttpDigest.auth:checkDigest> cNonce =
>      0  <plugin.AuthHttpDigest.auth:checkDigest> nonceCount =
>      0  <plugin.AuthHttpDigest.auth:checkDigest> username = 21230001
>      0  <plugin.AuthHttpDigest.auth:checkDigest> ERROR -- Error 
> generating HTTP digest: java.io.IOException: Unsupported algorithm: : 
> java.io.IOException: Unsupported algorithm:
>      1  <engine.worker.1> AuthHttpDigest.auth:checkDigest ==> 
> End-Of-Methods by ERROR -- Error generating HTTP digest: 
> java.io.IOException: Unsupported algorithm:
>      1  <engine.worker.1> 21230001 at 192.168.1.42 
> <mailto:21230001 at 192.168.1.42> login discarded due to Error generating 
> HTTP digest: java.io.IOException: Unsupported algorithm:
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> ------------------------------------------------------------------------
>
> _______________________________________________
> Users mailing list
> Users at openser.org
> http://openser.org/cgi-bin/mailman/listinfo/users
>

More information about the Users mailing list