problem with radclient
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Thu Oct 18 11:02:19 CEST 2012
<nice but completely irrelevant discussion>
> i need to call COA disconnects and other COA packet (service change) upon request from CRM . I don't see how to use the coa in the radius it self as it can be called only upon auth and acct packet processing.
*sigh*
Ok reading through the code it looks like that error message is more specific, it's actually saying the Response Authenticator is incorrect, not the Message-Authenticator.
MD5(Code+ID+Length+RequestAuth+Attributes+Secret)
Again the response authenticator does not include anything from the UDP packet header, so if it is incorrect, it's because the NAS has not selected the correct shared secret.
I'm going to change the debug messages to remove the ambiguous terminology, as 'signature' appears nowhere in the RFCs and could conceivably refer to either the Response Authenticator or the Message-Authenticator.
I still believe the root cause to be the same.
-Arran
More information about the Freeradius-Devel
mailing list