[OpenSIPS-Devel] Scripting problem RFC5090/Diameter
Bogdan-Andrei Iancu
bogdan at voice-system.ro
Thu Jun 3 21:59:00 CEST 2010
Hi Alexandre,
Could you please send an unified diff with your changes?
Regards,
Bogdan
Alexandre Westfahl (アレックサンドル ウエスファル) wrote:
> Hello,
>
> I am using OpenSIPS with auth_radius module to simulate to radius
> client with my Diameter/Radius Gateway. With scripting variables I
> succeeded for a part but I still have some problems. I change some
> functions to make opensips and my requests fully compliant to RFC 5090.
>
> First, there is some bugs in names. For example, two variables have
> the same name and one of them was with the wrong number to parse. Here
> is a propose change:
> pvar.c
>
> {{"an", (sizeof("an")-1)}, /* */
> PVT_AUTH_NONCE, pv_get_authattr, 0,
> 0, 0, pv_init_iname, 5},
> {{"aR", (sizeof("aR")-1)}, /* */
> PVT_AUTH_RESPONSE, pv_get_authattr, 0,
> 0, 0, pv_init_iname, 6},
>
>
> Second, I changed some functions in aaa_radius because I need high
> customization (to make it compliant with RFC5090).
> I changed "proxy_challenge" and I want to give as parameters realm and
> nonce (nonce must be done on diameter server). I succeeded in making
> static parameters but if I try this:
>
> xlog("realm: $var(realm), nonce: $var(nonce)\n");
> proxy_challenge( "$var(realm)", "$var(nonce)");
>
> In xlog, everything is Ok but in proxy_challenge, I obtain variables
> as they are, e.g."$var(realm)". It's hard to get into opensips source
> in just one day but I found that there is a translator in auth_mod.c.
> Here is the non controlled.
>
> {"proxy_challenge", (cmd_function)proxy_challenge, 2,
> 0, 0, REQUEST_ROUTE},
>
> Obtained values are as I said before.
>
> If I try, to activate a translator:
>
> {"proxy_challenge", (cmd_function)proxy_challenge, 2,
> fixup_pvar_pvar, 0, REQUEST_ROUTE},
>
> It's supposed to work but I obtain "N" for both values.
>
>
> For information, here is my opensips.cfg:
>
> # We are in REGISTER part!
> $var(method)="REGISTER";
>
>
> if ($adu == NULL)
> {
> radius_send_auth("Frequest","challenge");
> #Digest-Realm = $var(realm),Digest-Nonce = $var(nonce),Digest-Qop
> = $var(qop),Digest-Algorithm = $var(algorithm)
>
> xlog("realm: $var(realm), nonce: $var(nonce)\n");
>
> proxy_challenge( "$var(realm)", "$var(nonce)");
> exit;
> }
> else
> {
> radius_send_auth("request","result");
> xlog( "SECOND REQUEST!!!!!!!!!!!!!!!\n");
> }
> xlog("**********************************OUT");
>
>
> I changed all functions after proxy_challenge (like challenge...) to
> give the nonce, don't ask for qop (always on) and don't manage nonce
> index as it's not sip server job.
>
>
> I hope I was clear in my questions.
>
> Thanks
>
> Best regards,
> Alexandre Westfahl,
> Keio University, Yokohama
> Teraoka Lab.
> Linux User: #458230
> PGP: EACE5768
> ------------------------------------------------------------------------
>
> _______________________________________________
> Devel mailing list
> Devel at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/devel
>
--
Bogdan-Andrei Iancu
www.voice-system.ro
More information about the Devel
mailing list