freeradius-client

Chris Parker cparker at starnetusa.net
Thu Jan 25 18:47:30 CET 2007 

Having some issues with freeradius-client.  :)

I've build a CDR module for FreeSwitch ( www.freeswitch.org ) that  
uses the radiusclient library
to send accounting data.

Right now, it's just sending some basic data as a proof of concept  
( User-Name, Call(ed|ing)-Station, etc. ).

It sends okay, but the packet is rejected by FreeRADIUS ( v1.1.3 )  
with an invalid shared-secret.

Here's the relevant code from the client library where it calculates  
the Req Authenticator:

         if (data->code == PW_ACCOUNTING_REQUEST)
         {
                 rc_log(LOG_ERR,"DEBUG-signing accounting request\n");
                 total_length = rc_pack_list(data->send_pairs,  
secret, auth) + AUTH_HDR_LEN;

                 auth->length = htons ((unsigned short) total_length);

                 memset((char *) auth->vector, 0, AUTH_VECTOR_LEN);
                 secretlen = strlen (secret);
                 memcpy ((char *) auth + total_length, secret,  
secretlen);
		/* cparker */
                 rc_log(LOG_ERR,"DEBUG-code,seq %d:%d, secret %s,  
length %d\n", auth->code, auth->id, secret, total_length);
                 rc_md5_calc (vector, (unsigned char *) auth,  
total_length + secretlen);
                 memcpy ((char *) auth->vector, (char *) vector,  
AUTH_VECTOR_LEN);
         }

This outputs: DEBUG-code,seq 4:212, secret testing123, length 204

The resulting packet ( intercepted with tcpdump ) is length 204:

RADIUS, length: 204
         Accounting Request (4), id: 0xd0, Authenticator:  
57fe69699a09491bf38cf5e24bdd847b
           Accounting Status Attribute (40), length: 6, Value: Stop
           Username Attribute (1), length: 52, Value: starnetusa.net/ 
18479630116 at test-td1.starnetusa.net
           Called Station Attribute (30), length: 12, Value: 8478797989
           Calling Station Attribute (31), length: 52, Value:  
starnetusa.net/18479630116 at test-td1.starnetusa.net
           Accounting Session Time Attribute (46), length: 6, Value:  
540:48:23 hours
           NAS Port Attribute (5), length: 6, Value: 0
           Accounting Delay Attribute (41), length: 6, Value: 00 secs
           NAS IP Address Attribute (4), length: 6, Value: dev- 
cr1.starnetusa.net

         0x0000:  4500 00e8 0001 4000 4011 773b d87e 901a   
E..... at .@.w;.~..
         0x0010:  d87e 81b1 8030 0715 00d4 c3ae 04d0 00cc  .~... 
0..........
         0x0020:  57fe 6969 9a09 491b f38c f5e2 4bdd 847b   
W.ii..I.....K..{
         0x0030:  2806 0000 0002 2c26 6565 3265 3864 3062   
(.....,&ee2e8d0b
         0x0040:  2d61 3266 392d 3465 3233 2d38 3037 382d  - 
a2f9-4e23-8078-
         0x0050:  6638 3162 3731 3361 3732 6139 0134 7374   
f81b713a72a9.4st
         0x0060:  6172 6e65 7475 7361 2e6e 6574 2f31 3834   
arnetusa.net/184
         0x0070:  3739 3633 3031 3136 4074 6573 742d 7464   
79630116 at test-td
         0x0080:  312e 7374 6172 6e65 7475 7361 2e6e 6574   
1.starnetusa.net
         0x0090:  1e0c 3834 3738 3739 3739 3839 1f34 7374  .. 
8478797989.4st
         0x00a0:  6172 6e65 7475 7361 2e6e 6574 2f31 3834   
arnetusa.net/184
         0x00b0:  3739 3633 3031 3136 4074 6573 742d 7464   
79630116 at test-td
         0x00c0:  312e 7374 6172 6e65 7475 7361 2e6e 6574   
1.starnetusa.net
         0x00d0:  2e06 001d b517 0506 0000 0000 2906  
0000  ............)...
         0x00e0:  0000 0406 d87e 901a                      .....~..

Any ideas on what's wrong with this?

-Chris
--
Chris Parker
Director, Engineering
US LEC Corp.
Internet Telephony & ISP Operations

(888)212-0099   Fax (847)963-1302
Wholesale Internet Services     http://www.megapop.net
VoiceEclipse, The Fresh Alternative http://www.voiceeclipse.com

NOTICE: Message is sent IN CONFIDENCE to addressees. It may contain  
information that is privileged, proprietary or confidential.

More information about the Freeradius-Devel mailing list