rml_perl question

FreeRadius-ML freeradius at zap2link.com
Tue Jul 24 10:43:19 CEST 2007 

Hi Peter,

  Well, according to the RFC, the string should be:
username:realm:password and then into the md5sum.

  Now, according to my logs, I can see the following:

Packet-Type = Access-Request
Thu Jul 19 09:37:23 2007
        User-Name = "101 at 192.168.2.80"
        Digest-Attributes = 0x0a05313031
        Digest-Attributes = 0x010e3139322e3136382e322e3830
        Digest-Attributes = 0x022a34363966313930646437336461386462323964356231306236373262646532633262623030353733
        Digest-Attributes = 0x04127369703a3139322e3136382e322e3830
        Digest-Attributes = 0x030a5245474953544552
        Digest-Response = "80d23e66bd4d667eb445c89b74ff7a6b"
        Service-Type = IAPP-Register
        Sip-Uri-User = "101"
        NAS-Port = 5060
        NAS-IP-Address = 192.168.2.80
        Client-IP-Address = 192.168.2.80

  Now, the password for that user is 101.

  So, I did the following: echo '101 at 192.168.2.80:192.168.2.80:101' | md5sum, which generated
the following output: ec6cec8f0b5904ba56401b1e305638b5.

  Now, examining the log file shows that a few minutes before that, the Access-Request looks
like this:

Packet-Type = Access-Request
Thu Jul 19 09:29:54 2007
        User-Name = "101 at 192.168.2.80"
        Digest-Attributes = 0x0a05313031
        Digest-Attributes = 0x010e3139322e3136382e322e3830
        Digest-Attributes = 0x022a34363966313734623339623735663735363137326635613334646135666437393766353563353632
        Digest-Attributes = 0x04127369703a3139322e3136382e322e3830
        Digest-Attributes = 0x030a5245474953544552
        Digest-Response = "a15ff7de436bada1093be663290f8ad8"
        Service-Type = IAPP-Register
        Sip-Uri-User = "101"
        NAS-Port = 5060
        NAS-IP-Address = 192.168.2.80
        Client-IP-Address = 192.168.2.80

  As you can see, the Digest here is different, so I'm surely missing something here.

Regards,
  Z2L


----- Original Message -----
From: "Peter Nixon" <listuser at peternixon.net>
To: freeradius at zap2link.com, "FreeRadius users mailing list" <freeradius-users at lists.freeradius.org>
Sent: Tuesday, July 24, 2007 11:30:25 AM (GMT+0200) Asia/Jerusalem
Subject: Re: rml_perl question

On Tue 24 Jul 2007, FreeRadius-ML wrote:
> Thanks, that helps a bunch.
>
> Another question, may be non related. Anyone has an idea how does OpenSER
> and FreeRadius calculate the Digest response for rlm_digest?
>
> According to the output of my rlm_perl RAD_REQUEST, I'm getting the
> following request from the OpenSER server:
>
> rlm_perl: RAD_REQUEST: Client-IP-Address = 192.168.2.80
> rlm_perl: RAD_REQUEST: Digest-Response = 80d23e66bd4d667eb445c89b74ff7a6b
> rlm_perl: RAD_REQUEST: User-Name = 101 at 192.168.2.80
> rlm_perl: RAD_REQUEST: Service-Type = IAPP-Register
> rlm_perl: RAD_REQUEST: NAS-IP-Address = 192.168.2.80
> rlm_perl: RAD_REQUEST: NAS-Port = 5060
> rlm_perl: RAD_REQUEST: Sip-Uri-User = 101
> rlm_perl: RAD_REQUEST: Digest-Attributes = ARRAY(0x84e7a90)
> rlm_perl: Added pair Auth-Type = perl
>
> If I understand correctly, I need to calculate the digest response,
> according to the information I hold in my AAA database, which should match
> the Digest-Response request. My question is, what is the actual string
> format that is required for the calculation of the Digest-Response?

Read RFC 2617

-- 

Peter Nixon
http://peternixon.net/

More information about the Freeradius-Users mailing list