[OpenSIPS-Devel] OPENSIP code Contribution- Add callid to RADIUS authentication message

Dror Wald dror at jajah.com
Mon Aug 11 16:22:17 CEST 2008 

Hello Peter,
Thanks for your fast response and for your explanation from RFC2866. (We
added your explanation to the patch we submitted)
We uploaded the patch.
http://sourceforge.net/tracker/index.php?func=detail&aid=2046495&group_id=23
2389&atid=1086412
Following are the examples you requested from Access-Request and
Accounting-Requests. These examples are after the patch was applied.


Code:       Access-Request
Identifier: 24
Authentic:  i<176><227>`r<228><13>%<255>9<198><215>9s9<16>
Attributes:
        User-Name = "111 at XXX.XXX.XXX.XXX"
        Digest-Attributes = <10><5>111
        Digest-Attributes = <1><17> XXX.XXX.XXX.XXX
        Digest-Attributes = <2>*48a07a06c6a405f298d6fc37d31cfa5f9e32f229
        Digest-Attributes = <4>"sip:XXXXXXXXXX at XXX.XXX.XXX.XXX
        Digest-Attributes = <3><8>INVITE
        Digest-Response = "84f681efc850721965e44923498acf37"
        Service-Type = Sip-Session
        Sip-Uri-User = "111"
        Acct-Session-Id = "ODU4YjgzNTczODFkMmUyN2U3N2Q5NTY5NTBjNmNiNmY."
        NAS-Port = 5060
        NAS-IP-Address = 127.0.0.1


Code:       Accounting-Request
Identifier: 175
Authentic:  i.2<188><240>KsH<242><15><193><131><248>/<128>U
Attributes:
        Acct-Status-Type = Start
        Service-Type = Sip-Session
        Sip-Response-Code = 200
        Sip-Method = Invite
        Event-Timestamp = 1218476278
        Sip-From-Tag = "da008f1c"
        Sip-To-Tag = "3427436554-277323"
        Acct-Session-Id = "ODU4YjgzNTczODFkMmUyN2U3N2Q5NTY5NTBjNmNiNmY."
        NAS-Port = 5060
        Acct-Delay-Time = 0
        NAS-IP-Address = 127.0.0.1


Code:       Accounting-Request
Identifier: 163
Authentic:  <206>2<211><234><0>U<211>ZY<194><214><128><171><220>?<224>
Attributes:
        Acct-Status-Type = Stop
        Service-Type = Sip-Session
        Sip-Response-Code = 200
        Sip-Method = Bye
        Event-Timestamp = 1218476280
        Sip-From-Tag = "da008f1c"
        Sip-To-Tag = "3427436554-277323"
        Acct-Session-Id = "ODU4YjgzNTczODFkMmUyN2U3N2Q5NTY5NTBjNmNiNmY."
        NAS-Port = 5060
        Acct-Delay-Time = 0
        NAS-IP-Address = 127.0.0.1





-----Original Message-----
From: Peter Nixon [mailto:listuser at peternixon.net] 
Sent: Monday, August 11, 2008 4:22 PM
To: Dror Wald
Cc: devel at lists.opensips.org
Subject: Re: OPENSIP code Contribution- Add callid to RADIUS authentication
message

Hello Dror

I am one of the FreeRADIUS developers. I would like to see both the patch
you 
are proposing and and example Auth and Acct packet. The behavior you propose

is supported by RFC2866 so I would support including it:

5.5.  Acct-Session-Id

   Description

      This attribute is a unique Accounting ID to make it easy to match
      start and stop records in a log file.  The start and stop records
      for a given session MUST have the same Acct-Session-Id.  An
      Accounting-Request packet MUST have an Acct-Session-Id.  An
      Access-Request packet MAY have an Acct-Session-Id; if it does,
      then the NAS MUST use the same Acct-Session-Id in the Accounting-
      Request packets for that session.

If you need to create a relationship between an auth and acct request, 
another way (that is under the controll of the RADIUS server instead of the 
NAS) would be to set a Class value in your auth accept and then the NAS (in 
this case OpenSIPS) should automatically add this attribute to any 
accounting records it sends you. (I don't know whether it does currently, 
but thats what is SHOULD dot). See:

5.25.  Class

   Description

      This Attribute is available to be sent by the server to the client
      in an Access-Accept and SHOULD be sent unmodified by the client to
      the accounting server as part of the Accounting-Request packet if
      accounting is supported.  The client MUST NOT interpret the
      attribute locally.

Regards

Peter

On Mon 11 Aug 2008, Dror Wald wrote:
> Hello,
>
> We needed to add callid value to the authentication requests that OpenSIPS
> sends to RADIUS server.
>
> We need it because when we get the authentication message we start an
> object of the specific call in our billing application. Without getting
> the callid in the authentication phase, we can't later connect between the
> call object and the accounting information about the call.
>
> We also need it because users use the same user name but different
> authentication usernames, so it's difficult later for accounting to
> distinguish between users.
>
> We made a patch to auth_radius module and added the callid value in the
> Acct-Session-Id attribute (maybe you can suggest a better name for the
> attribute, but this one is good because it's the same one latter in
> accounting).
>
> The patch is good for us, and we'd like to contribute it to the project.
>
> Comments are welcome.
>
>
>
> Dror Wald
>
> A developer, VoIP team, Jajah Inc
>
> E-mail: dror at jajah.com



-- 

Peter Nixon
http://peternixon.net/

More information about the Devel mailing list