[RADIATOR-ANNOUNCE] Radiator Version 4.15 released - security fixes and enhancements

Wed Jul 15 07:39:48 CDT 2015

We are pleased to announce the release of Radiator version 4.15

This version contains fixes for an EAP-MSCHAP-V2 and EAP-pwd
vulnerability. Upgrade is recommended. Please review OSC security
advisory OSC-SEC-2015-01 for more information:
https://www.open.com.au/OSC-SEC-2015-01.html

As usual, the new version is available to current licensees from:
https://www.open.com.au/radiator/downloads/

and to current evaluators from:
https://www.open.com.au/radiator/demo-downloads

Licensees with expired access contracts can renew at:
https://www.open.com.au/renewal.html

An extract from the history file
https://www.open.com.au/radiator/history.html is below:

-----------------------------

Revision 4.15 (2015-07-15)

     Selected fixes, compatibility notes and enhancements

Fixes an EAP-MSCHAP-V2 and EAP-pwd vulnerability.
OSC recommends all users to review OSC security advisory
OSC-SEC-2015-01 to see if they are affected.
https://www.open.com.au/OSC-SEC-2015-01.html

perl-ldap-0.32 or better is required. Should be available in all current
systems.

EAP-pwd requires Crypt::OpenSSL::Bignum 0.06 or later from CPAN

Configurable TLS version and ciphersuite selection for TLS based EAP and
stream modules

CRL checks for the entire certificate chain can now be enabled

Included Gossip framework with Redis based implementation

Support for Gossip when communicating next hop proxy failures between
Radiator instances

Shared duplicate cache for a more simple server farm configuration

Windows Event log support

Custom format support for logs, authentication logs and accounting logs.
CEF and JSON included

Support for IEEE 802.1AE, also known as MACsec

All AuthBys now support PostAuthHooks

Various binary modules are now available from OSC and were removed from
the Radiator distribution

     Detailed changes

Added VENDOR STI (Server Technology Inc.) 1718 and multiple STI VSAs to
dictionary. Contributed by Garry Shtern.

Added VENDOR PacketDesign 8083 and VSAs PacketDesign-UserClass and
PacketDesign-FTP to dictionary. Contributed by Garry Shtern.

Added SN-Software-Version to dictionary. Reported by Bruno Tiago Rodrigues.

Changed type of VENDORATTR 3076 Cisco-VPN-DHCP-Network-Scope in
dictionary.cisco-vpn from text to ipaddr. Reported by Kilian Krause.

Dictionary updates: Added H3C proprietary values H3C-SSH and H3C-Console
for Login-Service. Changed Lancom LCS-Mac-Address type from string to
hexadecimal. Added H3C-Priority. All reported by Philip Herbert.

Zero length writes are now skipped in Stream.pm write_pending() used by
RadSec, Diameter, SIGTRAN and other stream protocols. SCTP does not
support 0 length syswrites on all platforms and may close the socket if
zero length write is done.

Added VENDOR Airespace 14179 VSAs 7-11 and 13-16 to dictionary.

AuthBy GROUP now updates current AuthBy for %{AuthBy:parmname}. When
AuthBy GROUP is used, this special formatting now gets the parameter
value from the current AuthBy within the group instead of the AuthBy
GROUP itself.

Updated VENDOR 1991 Foundry VSAs in dictionary. foundry-privilege-level
is now a synonym for brocade-privilege-level. Added a number of foundry
VSAs.

LDAP Version now defaults to 3 instead of 2. Updated a number of LDAP
configuration example files in goodies to reflect this change.

Ldap.pm now uses the LDAP object's disconnect method, instead of closing
the socket directly.

AuthBy LDAP2 and AuthBy LDAPDIGIPASS now use escape_filter_value
provided by Net::LDAP::Util instead of escapeLdapLiteral in Ldap.pm
Ldap.pm escapeLdapLiteral is now deprecacted and perl-ldap-0.32 or
better is required.

RefreshPeriod in ClientListSQL and ClientListLDAP now support special %
formatting. Suggested by Bengi Sağlam.

Updated VENDOR 2011 Huawei VSAs in dictionary. Huawei-Input-Basic-Rate
is now an alias for Huawei-Input-Peak-Rate. Huawei-Output-Basic-Rate was
changed similarly. Some of the attribute numbers appear to have
different names and types between different devices. Huawei-User-Type,
Huawei-MIP-Agent-MN-Flag and Huawei-Requested-APN are now aliases but
aliasing may be handled with separate dictionary files in the future.
Huawei-HW-Portal-Mode was renamed to Huawei-Portal-Mode.

WiMAX dictionary updates: changed WiMAX-Session-Termination-Capability
type to integer and added one value: Dynamic-Authorization. Changed
WiMAX-PPAQ TLV Quota-Identifier type to binary. WiMAX subattributes
within single Vendor-Specific attribute are now correctly decoded.

Dictionary updates for Huawei: Reverted the recent aliasing changes. The
conflicting attributes are now in a new Huawei specific dictionary file
goodies/dictionary.huawei1. This new dictionary file contains attributes
used by, for example, Huawei packet gateway / Wi-Fi controller. Since
Huawei seems to use device specific dictionaries, additional dictionary
files are added as needed.

Added new AuthLog EVENTLOG and Log EVENTLOG modules for logging to
Windows Event Log. Added eventlog.cfg in goodies for configuration
example and more information about how to set up registry and DLL Event
Log helpers. Precompiled DLLs are available in goodies\windows-dll with
source files and compilation examples.

radiusd now handles SIGINT (typically from Ctrl-C) similar to SIGTERM.

Added support for shared and global DupCache. Radiator now supports 3
different options for the new DupCache configuration parameter: local
(the default), shared (uses shared memory) and global (uses Radiator's
Gossip framework). When DupCache is set to shared, DupCacheFile sets the
location of the mmapped shared memory file. Shared DupCache is recommend
when FarmSize configuration parameter is set. With shared or global
DupCache, the backend workers do not need to have
UseContentsForDuplicateDetection enabled anymore. DupCache shared
requries Cache::FastMmap module. Sample configuration eapbalance.cfg in
goodies was updated to demonstrate the new configuration parameters
DupCache and DupCacheFile.

Added a number of VENDOR 22610 A10-Networks VSAs in dictionary.
Contributed by Scott Bertilson.

Changed the types of WiMAX-PPAQ TLVs Volume-Quota, Volume-Threshold,
Resource-Quota and Resource-Threshold to hexadecimal. This makes the 8
or 12 long values easier to handle in PPAQ applications.

Updated shared and global DupCache debugging and initialisation. If the
required Cache::FastMmap is not available when DupCache is set to
'shared', Radiator will log a message and refuses to start. The
availability of Cache::FastMmap is checked during the configuration phase.

Added support for Gossip protocol framework and Redis based Gossip
implementation. Radiator's Gossip implementation allows Radiator
instances to share information and event notifications. The instances
may be part of server farm, completely separate processes running on the
same or different hosts or any combination of thereof. Redis based
Gossip is configured with GossipRedis clause. At first, Gossip support
is provided for RADIUS duplicate cache: When the global configuration
parameter DupCache is set to 'global', GossipRedis will be used for
RADIUS duplicate cache. More Radiator modules will be added and upgraded
to use the Gossip framework in the future. Requires Data::MessagePack
and Redis Perl modules from CPAN.

Updated AuthLog SQL examples in goodies to use SQL bind variables.

Added Radiator Gossip framework support to AuthBy RADIUS. Multiple
Radiator instances can now communicate next hop host unreachability and
reachability information with Gossip messages. This allows, for example,
just one member to run Status-Server queries when FarmSize configuration
parameter is enabled. Added new configuration parameter
NoKeepaliveTimeoutForChildInstances to limit Status-Server probing to
the first farm instance only. The new features are also available to
AuthBy RADIUS sub-types, such as, ROUNDROBIN and HASHBALANCE. See
goodies/farmsize.cfg for a configuration example with shared duplicate
cache and Gossip and Redis configuration.

Updated EAP-pwd to use unpatched version of Crypt::OpenSSL::Bignum.
Radiator 4.14 and earlier required Crypt::OpenSSL::Bignum 0.04 +
patches. These patches are no longer needed, and version 0.06 or later
from CPAN is now required instead. Caution: Crypt::OpenSSL::Bignum 0.04
+ patches in Radiator goodies no longer work with the current version of
EAP_52.pm (EAP-pwd). You must update to Crypt::OpenSSL::Bignum 0.06 or
later.

Updated dictionary with new attributes for vendors 14823 Aruba, 25053
Ruckus and 25506 H3C.

Fixed a problem that could cause a crash if AuthBy RADIUS was configured
with the Synchronous parameter, FailureBackoffTime was set and the next
hop proxy becomes unreachable. Reported by Diogo Gonçalves

EAP-pwd now correctly adds the user's and AuthBy's reply attributes in
the Access-Accept.

The first components in @INC, the Perl library search locations, are now
checked for readability. Unreadable directories may cause hard to
diagnose failures when Perl modules are loaded. This may happen, for
example, when radiusd process is started as a user with restricted
privileges. Reported by Kilian Krause.

Added support for AuthBy specific PostAuthHook configuration parameters.
All AuthBys can now define a PostAuthHook that will be called when the
AuthBy is done processing the request and has returned. The hook
parameters are the same as for Handler's PostAuthHook. After the
optional PostAuthHook has run, result, reason and Identifier from the
AuthBy are saved in $p for subsequent AuthBys and other use. Updated
duo.cfg in goodies to use PostAuthHook for password splitting.

Added support for IEEE 802.1AE, also known as MACsec. Radiator will now
return EAP-Key-Name attribute if requested by the RADIUS client.
EAP-Key-Name is supported for the following EAP methods: EAP-FAST,
EAP-pwd, EAP-TLS, EAP-TTLS and PEAP.

RADIUS attributes using encrypt=2 flag or decode/encode_salted directly,
now have their initialisation vector set to all zeroes when there would
otherwise be a circular dependeny between the RADIUS fixed header
Authenticator, the initialisation vector, and the encrypted attribute
value. This allows, for example, proxying RFC 5176 dynamic
authentication request so that the encrypted values can be correctly
recovered, provided that target also uses zero IV similarly. Known to
work with vendor 6527.

EAP-TLS now rejects possible EAP-TLS conversation restart attempts
instead of replying, again, with an alert. Some EAP-TLS peers, such as
Windows, may try to restart the EAP-TLS conversation after certain
alerts such as 'Unknown CA'. Reported by Pieter Jan Van Meerbeeck.

Updated a number of configuration samples in goodies: 'DupInterval 0' is
usually not needed and can be harmful. The default value of 10 seconds
is preferred and non-default values are only necessary in very unusual
circumstances. Handler clauses are in most cases more flexible than
Realm clauses. Other typo fixes and small corrections.

EAP-FAST now checks Net::SSLeay::get_keyblock_size() calls for error
return values. Also, Net::SSLeay 1.68 and earlier with OpenSSL 1.0.1 and
later may return incorrect values, not errors, for get_keyblock_size()
which cause authentication to fail. Fix in Net::SSLeay 1.69 allows it to
return correct values with recent OpenSSL versions, and any error return
values are now correctly checked by EAP-FAST.

Added new configuration parameter TLS_Protocols to set the supported SSL
and TLS protocols for Stream based modules, such as Diameter and RadSec.
New configurations should use TLS_Protocols instead of UseSSL or UseTLS.
TLS_Protocols overrides UseSSL and UseTLS when defined. TLS_Protocols is
not defined by default. Added new configuration parameter
EAPTLS_Protocols to set the supported TLS protocols for TLS based EAP
methods, such as EAP-TLS, EAP-TTLS and PEAP. EAPTLS_Protocols is not
defined by default. Both TLS_Protocols and EAPTLS_Protocols accept a
list of comma separated values. The supported values are: SSLv3, TLSv1,
TLSv1.1 and TLSv1.2 Added new configuration parameters TLS_Ciphers and
EAPTLS_Ciphers to define the allowed cipher suites for Stream protocols
and TLS based EAP methods. The parameter format is OpenSSL cipher string
format. Both parameters default to DEFAULT:!EXPORT:!LOW TLS_Ciphers and
EAPTLS_Ciphers can be defined separately from TLS_Protocols and
EAPTLS_Protocols.

Updated vendor ZTE 3902 VSAs in dictionary.

Added support for TLS_Protocols and TLS_Ciphers parameters to Monitor
and Server HTTP

TLS_Ciphers and EAPTLS_Ciphers now support formatting characters.
Net::SSLeay and SSL library version, if available, are now logged after
SSL library initialisation.

Added goodies/logformat.cfg, showing how to use LogFormatHook for
authentication log and AcctLogFileFormatHook for accounting messages.
Added LogFormat.pm with sample hooks for formatting accounting messages
in JSON format and authentication log entries in JSON and CEF (ArcSight
Common Event Format) formats.

Removed non-functional support for the obsolete RSA ephemeral keying.
See TLS_DHFile, EAPTLS_DHFile, TLS_ECDH_Curve and EAPTLS_ECDH_Curve for
the currently supported forward secrecy methods.

Updated Radiator's Gossip module Perl requirements based on suggestions
by Alan Buxey. Testing with Net::SSLeay 1.69 and LibreSSL 2.2.0. OK.

Added support for CRL checks for the entire certificate chain. New
configuration parameters EAPTLS_CRLCheckAll for TLS based EAP methods
and TLS_CRLCheckAll for stream based protocols, such as RadSec and
Diameter, enable X509_V_FLAG_CRL_CHECK_ALL to turn on CRL checks for the
entire certificate chain. Note: you need to also have EAPTLS_CRLCheck or
TLS_CRLCheck enabled for any CRL checks to happen. If the CRL files for
the intermediate CAs are not found, certificate check fails with:
'SSL3_GET_CLIENT_CERTIFICATE:no certificate returned'.

Updated configuration samples in goodies to include the recently added
TLS and related parameters. Updated other goodies files with various
other fixes.

Documented SSLCiphers in the reference manual and updated LDAP
SSLCiphers default value from 'ALL' to 'DEFAULT:!EXPORT:!LOW'.

Updated ldap.cfg to mention possible interoperability problems between
HoldServerConnection and ServerChecksPassword when the both are set.
Suggested by Niels Monen. Documented SSLCiphers in ldap.cfg

Removed Authen::Digipass and Authen::ACE4 binary modules from the
Radiator distribution. Direct contact with OSC is now preferred to find
out how to compile these modules for your chosen OS, Perl version, Perl
distribution and 32 or 64 bit platform. Added 32 and 64 bit Win32-Lsa
ppms for Strawberry Perl 5.22.

DBM file handling is not working on Strawberry Perl 5.20 or 5.22.
Disabled AuthBy DBMFILE checks from test.pl on Windows meanwhile this is
investigated.

Updates to EAP-MSCHAP-V2 and EAP-pwd identity handling. See OSC security 
advisory OSC-SEC-2015-01.

-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.