Hi Michael,
What you can do is to grab some online digest auth calculator and to
doublecheck the auth responses on each side (opensips and radius)
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
https://www.opensips-solutions.com
OpenSIPS Bootcamp 2020 online
https://opensips.org/training/OpenSIPS_eBootcamp_2020/
On 1/6/21 6:56 PM, bobsy via Users wrote:
Hello everyone,
I’m attempting to use digest auth on Freeradius with LDAP and plaintext
userPassword’s.
When the radius server goes to auth the digest hashes don’t match up.
authenticate {
(17) digest: A1 = bobsy:opensips.vale.ski:password
(17) digest: A2 = REGISTER:sip:opensips.vale.ski
H(A1) = 0342aafbaea975d9fde3c46f3f093993
H(A2) = b0605d01a41aac18c7f1a84c8ca1c4f5
(17) digest: KD =
0342aafbaea975d9fde3c46f3f093993:5ff5eaca000015917970591b0edf7c7c6bbd13698c0dd5e6:b0605d01a41aac18c7f1a84c8ca1c4f5
EXPECTED a8d6639edfd61ac7b1bb247f7832b8e5
RECEIVED a817470a4e1612532d167bed0354a88b
(17) digest: FAILED authentication
(17) [digest] = reject
(17) } # authenticate = reject
(17) Failed to authenticate the user
I have calculate_ha1 set to 1.
Any insight would be great.
And after this is resolved maybe someone can help me find out why the Kerberos
module looks for “User-Password”. I believe it should be looking for
“Cleartext-Password” and that’s why Kerberos won’t work for me.
Regards,
Michael Vale.
_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users