AccountingReq message authenticator
Paolo Rotela
paolo.rotela at bluetelecom.com
Wed Sep 28 17:09:50 CEST 2005
RFCs are a little messy about this issue. Message-Authenticator in Accounting Packets are not well standarized, so everyone does what they want about this.
Do a search in the list for "FreeRadius Proxying and Message-Authenticator" for more information.
Eng. Paolo Rotela
CTO
Blue Telecom
----- Original Message -----
From: Ashwin Gobind
To: freeradius-users at lists.freeradius.org
Sent: Wednesday, September 28, 2005 11:20 AM
Subject: AccountingReq message authenticator
Hi.
Is there anyway to generate a message authenticator for an accounting request packet. At the moment I am using JRadius, I need to send an accounting request message to another radius server. However after I add the message authenticator and send to to another server, the other server complains about "Invalid message authenticator" (Shared secret is incorrect).
Here is some code :
//Proxy request to the wap gateway
DatagramSocket socket = new DatagramSocket();
socket.setSoTimeout(5000);
//Generate authenticator
MessageDigest md5 = MessageDigest.getInstance("MD5");
md5.reset();
md5.update((byte)req.getCode());
md5.update((byte)req.getIdentifier());
int length = req.getBytes().length;
byte [] authenticator = req.getAuthenticator();
byte [] attributeBytes = req.getAttributeBytes(req.getAttributes(),0);
for (int z=0; z <authenticator.length ; z++ )
RadiusLog.debug("Autenticator["+z+"] Before = " + authenticator[z]);
RadiusLog.debug("Autenticator Length: " + authenticator.length);
RadiusLog.debug("Attributes Length: " + attributeBytes.length);
RadiusLog.debug("Paket Length: " + length);
String sharedSecret = "testing123";
md5.update((byte)(length >> 8));
md5.update((byte)(length & 0xff));
md5.update(authenticator, 0, authenticator.length);
md5.update(attributeBytes, 0, attributeBytes.length);
md5.update(sharedSecret.getBytes());
req.overwriteAttribute(AttributeFactory.newAttribute(AttributeDictionary.MESSAGE_AUTHENTICATOR, authenticator));
System.arraycopy(md5.digest(), 0, authenticator, 0, 16);
"This e-mail is sent on the Terms and Conditions that can be accessed by Clicking on this link http://www.vodacom.net/legal/email.aspx "
------------------------------------------------------------------------------
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20050928/7e16e79b/attachment.html>
More information about the Freeradius-Users
mailing list