what does the attribute PW_DIGEST_NONCE represent in the rlm_digest module?

maximus keyan at inovaventure.com
Tue Apr 19 05:38:24 CEST 2011


Hi,

I would like to know what does the attribute PW_DIGEST_NONCE (1064)
represent in rlm_digest module in radius server?

My radius log information is given here.
<------the radius log information for the authentication packet starts
here---------->
Received radius packet:
   NAS-Identifier = "localhost.localdomain"
   Digest-Attributes = "\003\010INVITE"
   Digest-Attributes = "\006\005MD5"
   Digest-Attributes = "\002*60d9d2b7b8ab7b4da4014bcdac1724b7320068d6"
   Digest-Attributes = "\n\0146599999970"
   User-Name = "6599999970 at 192.168.104.239"
   Digest-Attributes = "\004 sip:6599999508 at 192.168.104.240"
   Digest-Response = "1ee3c49572b6fcd4a9e0438bba8810dc"
   Digest-Attributes = "\001\021192.168.104.239"
rlm_sql in rlm_sql_authenticate
<------the radius log information ends here---------->

The Digest-Attributes = "\002*60d9d2b7b8ab7b4da4014bcdac1724b7320068d6"  is
the PW_DIGEST_NONCE with 60d9d2b7b8ab7b4da4014bcdac1724b7320068d6 as the
value.

In my setup, the radius client uses SIP. I want to know whether the
PW_DIGEST_NONCE in the digest attributes can be used as a Session ID of the
SIP call or the Call-Reference of the authentication packet?
Or, only after receiving the RLM_MODULE_OK for the digest request, the
radius client will send the further SIP call information in the next packet?

A little background about the problem I face:
I have a customized radius source(taken from freeradius few years back)  to
work with radius clients to perform authentication and accounting with only
rlm_detail, rlm_preprocess, rlm_sql (with unixodbc) modules. 

Now, I have a requirement for the radius server to work with a radius client
which has SIP. And I have found that radius client with SIP uses
'rlm_digest' module as part of authentication. This is when I have the
following issues:
a) I can not just integrate 'rlm_digest' module source to the existing
radius server source to work since the changes are quite a lot.
b)I have very limited or no details about how the radius client with the SIP
works.

This is why I wanted to get more information about the role of rlm_digest
module and how to handle it in my situation.

Thanks.

./maximus

--
View this message in context: http://freeradius.1045715.n5.nabble.com/what-does-the-attribute-PW-DIGEST-NONCE-represent-in-the-rlm-digest-module-tp4312363p4312363.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.



More information about the Freeradius-Users mailing list