This is an old revision of the document!
Table of Contents
Generic RADIUS Driver
Contact: Jan Janak
Abstract
The sip-router server contains several modules that can talk to a RADIUS server. We have acc_radius module that implements RADIUS accounting, we have auth_radius module which implementes digest authentication against a RADIUS server, we have a couple of other modules that can be used to retrieve bits of information from a RADIUS server. All these modules depend on a RADIUS client library and these is some portion of code that needs to be duplicated in those modules.
The goal of this task is to develop a generic RADIUS module called db_radius which can be then reused from all other RADIUS-modules. Instead of having acc_radius we will simply use acc_db to do RADIUS accounting, instead of acc_radius we will use acc_db to perform RADIUS digest authentication, and so on.
A RADIUS server is in fact nothing else than a special type of database running on a remote host and speaking the RADIUS protocol and thus we can develop a generic RADIUS database driver which will convert database operations performed by other sip-router modules through the database abstraction layer to RADIUS queries.
State of the Art
RADIUS related functionality is currently scattered across a number of sip-router modules. We have
- acc_radius for RADIUS based accounting.
- auth_radius for RADIUS based digest authentication.
- misc_radius for miscelanous RADIUS based operations (mostly used to retrieve a set of attributes from the RADIUS server).
All three modules share some parts of RADIUS related code. All the modules have similar parameters, for example, they all need to be configured with a path to the configuration file of the radius client library. They all need to be provided with the radius attribute dictionary, and so on.
Goals
Reading List
- RFC 2866: RADIUS Accounting
- RFC 2869: RADIUS Extensions
- Documentation for the following sip-router modules: