[Freeswitch-dev] mod_radiusclient

Anthony Minessale anthmct at yahoo.com
Wed Jul 25 15:51:01 EDT 2007 

if you want it to handle sip registrations the correct way is to connect to the directory interface with the xml hook (see mod_xml_curl)
This allows a module to request that it has the first chance to lookup any xml requests ahead of actually looking in the file.  If your module was registered and binded to the "directory" section, then when the sip asked for the directory data from xml you can actually do the radius request and populate the reply with our xml api and return it in place of the actual contents of the real xml file.  This already can be done with mod_xml_curl which is similar but uses a http connection instead of radius to do the proxy lookups.

 
Anthony Minessale II

FreeSWITCH http://www.freeswitch.org/
ClueCon http://www.cluecon.com/

AIM: anthm
MSN:anthony_minessale at hotmail.com
JABBER:anthony.minessale at gmail.com
IRC: irc.freenode.net #freeswitch

FreeSWITCH Developer Conference
sip:888 at conference.freeswitch.org
iax:guest at conference.freeswitch.org/888
googletalk:conf+888 at conference.freeswitch.org
pstn:213-799-1400


----- Original Message ----
From: Tuyan Özipek <tuyanozipek at gmail.com>
To: freeswitch-dev at lists.freeswitch.org
Sent: Friday, July 20, 2007 4:20:30 AM
Subject: [Freeswitch-dev] mod_radiusclient

Hi all,

Here is a small piece of log from the radius auth module that i wrote.
Just by curiosity, i patched mod_sofia to handle incoming registration
requests with radius.I used freeradius-client library like the
mod_radius_cdr module.Almost all the client configuration is in
radiusclient.conf.xml.

I hope i am not duplicating someone else's work.I am planning to
release it after adding a few more features..If someone has a better
idea, some thoughts about a cool feature or anything, i will be happy
to hear that..

Cheers
/tuyan


freeswitch at gitt> 2007-07-20 04:46:32 [DEBUG] sofia_reg.c:430
sofia_reg_handle_register() Requesting Registration from:
[tuyan at 10.0.0.1]
2007-07-20 04:46:32 [DEBUG] mod_fradiusclient.c:216
radius_accrequest_digest_function() Sending Digest Request
2007-07-20 04:46:32 [DEBUG] sofia_reg.c:465
sofia_reg_handle_register() Register:
From:    [tuyan at 10.0.0.1]
Contact: [tuyan <sip:tuyan at 10.0.0.2:5060>]
Expires: [89]

and from freeradius

rad_recv: Access-Request packet from host 127.0.0.1 port 33676, id=81,
length=200
        User-Name = "tuyan"
        Digest-Response = "dded20ab037e670932e15104cd91ec98"
        Digest-Attributes = 0x010a31302e302e302e31
        Digest-Attributes =
0x022635636636643966652d333661312d313164632d626330652d393764356565303135626466
        Digest-Attributes = 0x030a5245474953544552
        Digest-Attributes = 0x040e7369703a31302e302e302e31
        Digest-Attributes = 0x06054d4435
        Digest-Attributes = 0x0a07747579616e
        Digest-Attributes = 0x050661757468
        Digest-Attributes = 0x080962353632663666
        Digest-Attributes = 0x090a3030303030303031
        NAS-Port = 0
        NAS-IP-Address = 127.0.0.1

    rlm_digest: Converting Digest-Attributes to something sane...
        Digest-Realm = "10.0.0.1"
        Digest-Nonce = "5cf6d9fe-36a1-11dc-bc0e-97d5ee015bdf"
        Digest-Method = "REGISTER"
        Digest-URI = "sip:10.0.0.1"
        Digest-Algorithm = "MD5"
        Digest-User-Name = "tuyan"
        Digest-QOP = "auth"
        Digest-CNonce = "b562f6f"
        Digest-Nonce-Count = "00000001"
A1 = tuyan:10.0.0.1:tuyan
A2 = REGISTER:sip:10.0.0.1
H(A1) = 7eeee22e4515abd8631075ce5f548eb9
H(A2) = bde0744e720053a66f505221cfc7202f
KD = 7eeee22e4515abd8631075ce5f548eb9:5cf6d9fe-36a1-11dc-bc0e-97d5ee015bdf:00000001:b562f6f:auth:bde0744e720053a66f505221cfc7202f
EXPECTED dded20ab037e670932e15104cd91ec98
RECEIVED dded20ab037e670932e15104cd91ec98
++[digest] returns ok
Sending Access-Accept of id 81 to 127.0.0.1 port 33676

And the configuration file
<configuration name="radiusclient.conf" description="Radius Client
Configuration">
  <settings>
    <param name="auth_order" value="radius"/>
    <param name="login_tries" value="3"/>
    <param name="dictionary" value="/opt/radiusclient/etc/dictionary.tuyan"/>
    <param name="seqfile" value="/var/run/radius.seq"/>

    <param name="authserver" value="127.0.0.1:1812:testing123"/>
    <param name="acctserver" value="localhost:1813:testing1234"/>
    <!--<param name="servers"
value="/opt/radiusclient/etc/radiusclient/servers"/>-->

    <!--<param name="default_realm" value=""/>-->

    <param name="radius_timeout" value="2"/>
    <param name="radius_retries" value="3"/>
    <param name="bindaddr" value="127.0.0.1"/>


  </settings>
</configuration>

_______________________________________________
Freeswitch-dev mailing list
Freeswitch-dev at lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-dev
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-dev
http://www.freeswitch.org







      ____________________________________________________________________________________
Shape Yahoo! in your own image.  Join our Network Research Panel today!   http://surveylink.yahoo.com/gmrs/yahoo_panel_invite.asp?a=7 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-dev/attachments/20070725/be110e7c/attachment.html

More information about the Freeswitch-dev mailing list