h323-credit-time= && Session-TImeout

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi, dear gnugk users.
If somebody cares, at the end I describe a *possible* bug in gnugk or freeradius perl module.
I tried to setup perl module in freeradius but had ALOT of troubles. I think people who tried it had also experienced this problem.

In default simple configuration, authenticate function of perl module sets h323-credit-amount parametr of reply packet as follows: $RAD_REPLY{'h323-credit-amount'} = "100";
Strugling for nearly an hour, I foud out that I needed 'h323-credit-TIME' (not 'h323-credit-AMOUNT') for limiting session time ;)... following logic of the provided example I replaced word amount with word time like this: $RAD_REPLY{'h323-credit-time'} = "100";
BUT!! it still didn't work. I tried to replace $RAD_REPLY{'h323-credit-time'} = "100"; with $RAD_REPLY{'Session-Timeout'} = 100; but it still didn't work (in the latter case the string didn't take any effect at all!).
In the radiusd -X there were the followin messages:
Sending Access-Accept of id 13 to 192.168.199.1:40939
	h323-credit-time = "100"
but gnugk instantly was rejecting the accepted call.
When I traced all fields of received radius reply in gnugk (RadAliasAuth::Check(ARQ,...)) it turned out that there were no string like 'h323-credit-time=100' but the field contained only '100'.
Changing in perl script the original string to $RAD_REPLY{'h323-credit-time'} = 'h323-credit-time=100'; fixed the problem!
I have no idea what is the standart for this radius field, but original perl script from freeradius was configured to not to send correct string (if to follow the logic the very orignal string should also be changed to $RAD_REPLY{'h323-credit-amount'} = 'h323-credit-amount=100';

Did I do something wrong??? What is the correct way to do this? 
There was not much harm if the h323-credit-time was sent in not correct form - gnugk simply rejected the call. But in case if I used $RAD_REPLY{'Session-Timeout'} = 100; There were no reaction - the call was unlimited! The most strange thing - it only had some partial reaction when I set it like this:
$RAD_REPLY{'Session-Timeout'} = '100';   #integer is replace by string '100'
In that case in radiusd -X there was reaction:
Sending Access-Accept of id 13 to 192.168.199.1:40939
	Session-Timeout = 100
But gnugk rejected the call (At the beginning I tried to use integer becase in dictionary it's declared as:
ATTRIBUTE	Session-Timeout		27	integer)
But even changing it to '100' didn't help. Solution was quite strange - I had to change in gnugk the part when there is a check for SessionTimeout: attr->AsString() replaced by attr->AsInteger() made it functioning well.
It seems like a bug in gnugk or freeradius doesn't send an integer value as a string; Who is wrong in this case???

I'll try to post this case to freeradius mailing list as well.

Another thing - I HAVE NO IDEA what fot the part authenticate is used for! In order to make it work I had to change authenticate function to autorize (authenticate function has never been called aven when the call was accepted...) Very strange.




-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
_______________________________________________
List: Openh323gk-users@lists.sourceforge.net
Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549
Homepage: http://www.gnugk.org/

[Index of Archives]     [SIP]     [Open H.323]     [Gnu Gatekeeper]     [Asterisk PBX]     [ISDN Cause Codes]     [Yosemite News]

  Powered by Linux