Ok, That makes more sense, do you have an example I can look at? In any case, let me see if I understand the below: I see that we perform 3 MD5 sums, each time on a different concatenated string. The fields that I'm not recognizing are nc-val and entiry-body. Can you please add information about these, as I would like to get more information on this, as there may be a possibility that I would be required to calculate this externally. Regards, Z2L ----- Original Message ----- From: "Phil Mayers" <p.mayers@imperial.ac.uk> To: "FreeRadius users mailing list" <freeradius-users@lists.freeradius.org> Sent: Tuesday, July 24, 2007 2:00:33 PM (GMT+0200) Asia/Jerusalem Subject: Re: rml_perl question On Tue, 2007-07-24 at 11:43 +0300, FreeRadius-ML wrote:
Hi Peter,
Well, according to the RFC, the string should be: username:realm:password and then into the md5sum.
No, the digest response is: md5 ( concat ( md5 ( user:realm:passwd ) nonce:nc-val:cnonce:qop:md5(method:uri[:entity-body]) ) )
So, I did the following: echo '101@192.168.2.80:192.168.2.80:101' | md5sum, which generated the following output: ec6cec8f0b5904ba56401b1e305638b5.
*Even* if that were how it worked, you've md5'ed the "\n" that echo will echo. In any event, you're going about this totally wrong. FreeRadius has a digest auth module; you should be extracting the credentials from your database and letting FreeRadius do the auth algorithm. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html