[OpenSIPS-Devel] Scripting problem RFC5090/Diameter

Bogdan-Andrei Iancu bogdan at voice-system.ro
Thu Jun 3 21:59:00 CEST 2010


Hi Alexandre,

Could you please send an unified diff with your changes?

Regards,
Bogdan

Alexandre Westfahl (アレックサンドル ウエスファル) wrote:
> Hello,
>
> I am using OpenSIPS with auth_radius module to simulate to radius 
> client with my Diameter/Radius Gateway. With scripting variables I 
> succeeded for a part but I still have some problems. I change some 
> functions to make opensips and my requests fully compliant to RFC 5090.
>
> First, there is some bugs in names. For example, two variables have 
> the same name and one of them was with the wrong number to parse. Here 
> is a propose change:
> pvar.c
>
>     {{"an", (sizeof("an")-1)}, /* */
>     PVT_AUTH_NONCE, pv_get_authattr, 0,
>     0, 0, pv_init_iname, 5},
>     {{"aR", (sizeof("aR")-1)}, /* */
>     PVT_AUTH_RESPONSE, pv_get_authattr, 0,
>     0, 0, pv_init_iname, 6},
>
>
> Second, I changed some functions in aaa_radius because I need high 
> customization (to make it compliant with RFC5090).
> I changed "proxy_challenge" and I want to give as parameters realm and 
> nonce (nonce must be done on diameter server). I succeeded in making 
> static parameters but if I try this:
>
>     xlog("realm: $var(realm), nonce: $var(nonce)\n");
>     proxy_challenge( "$var(realm)", "$var(nonce)");
>
> In xlog, everything is Ok but in proxy_challenge, I obtain variables 
> as they are, e.g."$var(realm)". It's hard to get into opensips source 
> in just one day but I found that there is a translator in auth_mod.c.
> Here is the non controlled.
>
>     {"proxy_challenge", (cmd_function)proxy_challenge, 2,
>     0, 0, REQUEST_ROUTE},
>
> Obtained values are as I said before.
>
> If I try, to activate a translator:
>
>     {"proxy_challenge", (cmd_function)proxy_challenge, 2,
>     fixup_pvar_pvar, 0, REQUEST_ROUTE},
>
> It's supposed to work but I obtain "N" for both values.
>
>
> For information, here is my opensips.cfg:
>
>     # We are in REGISTER part!
>     $var(method)="REGISTER";
>
>
>     if ($adu == NULL)
>     {
>     radius_send_auth("Frequest","challenge");
>     #Digest-Realm = $var(realm),Digest-Nonce = $var(nonce),Digest-Qop
>     = $var(qop),Digest-Algorithm = $var(algorithm)
>
>     xlog("realm: $var(realm), nonce: $var(nonce)\n");
>
>     proxy_challenge( "$var(realm)", "$var(nonce)");
>     exit;
>     }
>     else
>     {
>     radius_send_auth("request","result");
>     xlog( "SECOND REQUEST!!!!!!!!!!!!!!!\n");
>     }
>     xlog("**********************************OUT");
>
>
> I changed all functions after proxy_challenge (like challenge...) to 
> give the nonce, don't ask for qop (always on) and don't manage nonce 
> index as it's not sip server job.
>
>
> I hope I was clear in my questions.
>
> Thanks
>
> Best regards,
> Alexandre Westfahl,
> Keio University, Yokohama
> Teraoka Lab.
> Linux User: #458230
> PGP: EACE5768
> ------------------------------------------------------------------------
>
> _______________________________________________
> Devel mailing list
> Devel at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/devel
>   


-- 
Bogdan-Andrei Iancu
www.voice-system.ro




More information about the Devel mailing list