Hello, I'm trying actually to update OpenSips to the v.1.10-tls, and now radius auth is not working anymore : radius server is rejecting the request. "Auth: [digest] Cleartext-Password or Digest-HA1 is required for authentication."
environment : new registrar server in a dev environment. 1/ configs are exactly the same (strict copy of everything) - except necessary changes from opensips 1.8.1 to opensips 1.10 (alphanumerical flags, and so on) 2/ the os is a new one : updated squeeze to wheezy (so several libs are updated, like openssl, ...) 3/ libradiusclient-ng is the same version (0.5.6-1.1), dics are identical 4/ the auth is made against the same freeradius server used in the production (so, same sip accounts, etc ... in the back-end) ==> Radius server logs : <== Wed Oct 30 13:51:43 2013 Packet-Type = Access-Request User-Name = "10...@anydomain.com" Digest-Attributes = "\n\00710133" Digest-Attributes = "\001\025anydomain.com" Digest-Attributes = "\002252710f0c0000000380e712a81e132fb9fb25b6e7079a90ea" Digest-Attributes = "\004\031sip:anydomain.com" Digest-Attributes = "\003\nREGISTER" Digest-Attributes = "\005\006auth" Digest-Attributes = "\t\n00000001" Digest-Attributes = "\010\n718b1c07" Digest-Response = "9c080c96ce9f553af167d96b9045605f" Service-Type = Sip-Session Sip-URI-User = "10133" Acct-Session-Id = "e3d46f526b7a-zfy2ru5j4wxb" Cisco-AVPair = "call-id=e3d46f526b7a-zfy2ru5j4wxb" NAS-Port-Id = 5060 NAS-IP-Address = 10.10.10.100 Wed Oct 30 13:51:43 2013 : Auth: [digest] Cleartext-Password or Digest-HA1 is required for authentication. Wed Oct 30 13:51:43 2013 : Auth: Login incorrect: [10...@anydomain.com/<via Auth-Type = DIGEST>] (from client registrar.anydomain.com port 5060) ==> Opensips debug logs <== REGISTER sip:anydomain.com SIP/2.0 Via: SIP/2.0/UDP 10.0.0.10:5060;branch=z9hG4bK42a7.81e32d7403fde0265a279f6f1af9f223.0 v: SIP/2.0/UDP 192.168.1.61:3072;received=172.21.8.126;branch=z9hG4bK-pg3sz33w7irx;rport=19779 f: "Red is Dead" <sip:10...@anydomain.com>;tag=0vc6kaq7q7 t: "Red is Dead" <sip:10...@anydomain.com> i: e3d46f526b7a-zfy2ru5j4wxb CSeq: 812 REGISTER Max-Forwards: 32 m: <sip:10133@192.168.1.61:3072>;reg-id=1;q=1.0 User-Agent: snom821/8.7.3.19 Allow-Events: dialog X-Real-IP: 192.168.1.61 Supported: path Authorization: Digest username="10133",realm="anydomain.com",nonce="52710e8300000000bf18b8ca585d8021ac4de4bf5c6c5111",uri="sip:anydomain.com",qop=auth,nc=00000001,cnonce="19ec9410",response="89bf7e58d81541ea6d3d4cf643d7d0e1",algorithm=MD5 Expires: 360 l: 0 P-Visited-Network-ID: 5411 Path: <sip:10.0.0.10;lr;received=sip:172.21.8.126:19779> Oct 30 13:49:25 registrar opensips[17021]: DBG:auth:check_nonce: comparing [52710e8300000000bf18b8ca585d8021ac4de4bf5c6c5111] and [52710e8300000000bf18b8ca585d8021ac4de4bf5c6c5111] Oct 30 13:49:26 registrar opensips[17021]: DBG:aaa_radius:rad_send_message: rc_auth function succeded with result REJECT_RC Oct 30 13:49:26 registrar opensips[17021]: ERROR:auth_aaa:aaa_authorize_sterman: authorization failed Oct 30 13:49:26 registrar opensips[17021]: DBG:auth:reserve_nonce_index: second= 0, sec_monit= -1, index= 1 Oct 30 13:49:26 registrar opensips[17021]: DBG:auth:build_auth_hf: nonce index= 1 Oct 30 13:49:26 registrar opensips[17021]: DBG:auth:build_auth_hf: 'WWW-Authenticate: Digest realm="anydomain.com", nonce="52710e840000000161b61dea385526f8bf7ca0e47041e8c6", qop="auth" If anyone has any idea, thanks a lot ! Samuel MULLER _______________________________________________ Users mailing list Users@lists.opensips.org http://lists.opensips.org/cgi-bin/mailman/listinfo/users