(RADIATOR) Radiator Version 3.13 released
Mike McCauley
mikem at open.com.au
Wed Jun 1 02:01:59 CDT 2005
We are pleased to announce the release of Radiator version 3.13
This version contains a number of new features and some bug fixes
As usual, the new version is available to current licensees from:
http://www.open.com.au/radiator/downloads/
and to current evaluators from:
http://www.open.com.au/radiator/demo-downloads
Licensees with expired access contracts can renew at:
http://www.open.com.au/renewal.html
An extract from the history file is attached
-----------------------------
Revision 3.13 (2005-06-02) New features and bug fixes
Added several more USR-Bogus-* entries for unknown USR
attributes. Suggested by Robert Blayzor.
Fixed a problem with startup file on Suse, causing error message
Starting Radiator: /usr/bin/radiusd/sbin/start-stop-daemon: (null):
Bad address. Reported by Frank Messie.
Testing on various Debian distros, aGNUla/DeMuDi. OK.
Testing on Xandros 2.0. OK.
Testing on Xandros 3.0.1. OK.
Testing on Fedora Core 3. OK.
Fixed a problem with format_special that prevented %nn numeric
replacements working correctly for %10, %11 etc. This affected AuthBy
RODOPI accounting, causing multiple identical date fields to be
included in SQL queries.
Testing on Solaris 10. OK.
Testing on Sun Java Desktop Release 2. OK.
Testing on Knoppix 3.7. OK.
Testing on Flash Linux 0.3.1. OK.
Testing on SuSE 9.2. OK.
Testing on FreeSBIE 1.1. OK.
Testing on MEPIS 3.3. OK.
Testing on CentOS 3.4. OK.
Monitor now supports more advanced methods for filtering packets to be
printed by TRACE. New command TRACE_PREDICATE takes a comma separated
list of name op value tests. Operators ==, !=, <, <=, >, >= and =~
(regexp) are supported, eg: TRACE_PREDICATE User-Name =~ "mi",NAS-Port
== 1234 Also TRACE_NOPACKET causes messages without an associated
packet (ie general server level mesages) to be traced (defaults to 1).
Fixed a typo in Giganews-gbpm definition that could cause a crash:
Can't use string ("") as a subroutine ref while "strict refs" in use
at Radius/Radius.pm line 630.
Performance improvements and refactoring in RDict.pm
Added support for online checking of Colubris Wi-fi NASes. Tested with
Colubris CN3200. Contributed by Vangelis Kyriakakis.
Fixed a problem that could cause an error opening the DHCP socket
after a restart on some platforms. Reported by Bill Ouchark and Andrew
D. Clark.
When doing a RefreshPeriod, ClientListSQL and ClientListLDAP now only
replaces Clients that were previously loaded by that clause. Clients
defined in the configuration file will not be clobbered.
New class Predicate to support new command TRACE_PREDICATE in
Monitor. TRACE_PREDICATE allows Monitor to select log messages based
on multiple attributes in incoming requests, such as:
TRACE_PREDICATE User-Name=~"^mik",NAS-Port="1234"
Support tests include ==, !=, <, <=, >, >= and =~ (regexp). Also
added support for new command TRACE_NOPACKET, which can be used to
disable tracing of log messages that are not relevant to a particular
incoming request.
TRACE_NOPACKET 0
The recent change to the type of User-Password in dictionary, combined
with broken behaviour of Xsupplicant 1.0 when passwords are 8 chars
long resulted in failed authentications with TTLS-PAP. TTLS inner
User-Password is now NUL stripped.
You can now 'include' multiple files from the configuration file by
using file csh style wildcards, and filename expansions such as *, ?,
[...], {....}, ~, etc. Files whose first character is a '.' are
ignored unless explicitly matched.
In Log SYSLOG and AuthLog SYSLOG, a new parameter LogHost allows you
to specify the host name of the syslog host when using LogSock of
'tcp' or 'udp'. Defaults to the local host.
On BSD/OS encrypted passwords with length 20 are also considered to be
crypt(3) encrypted, using DES extended format. Patch provided by Baron
Fujimoto.
Added sample LDAP schema and example data file for use with OPenLDAP
and AuthBy LDAPRADIUS to goodies/radiator-ldap.ldif and
goodies/radiator-ldap.schema
Fixed a problem with Linux startup file '/etc/init.d/radiator status'
hanging with an infinite loop.
Added new argument for the current request to pass to
TranslatePasswordHook. Requested by Pavel A Crasotin.
Added goodies/solaris-radiator.init, a startup script for Solaris 8, 9
and 10. Install as /etc/init.d/radiator and check the other
instructions at the top of the file.
Added 'make rpm' target to the Makefile to make it easy to build Linux
RPMs.
Fixed a problem with the type of the State attribute which prevented
interoperation with Windows Server 2003 with SP1. Reported by Yoann
Foucher and Denis Pavani.
Added new parameters MaxFailedRequests and MaxFailedGraceTime,
allowing configuration on how AuthBy RADIUS will determine proxy host
failure. Requested by Arjan Waardenburg. Briefly: For any remote Host
to which a request is sent, if no reply is heard for a specific
request after the Retries retransmissions, that request is deemed to
have failed for that Host. AuthBy RADIUS keeps track of how many
requests failed for each host since the last time a reply was heard
from that Host. If more than MaxFailedRequests are deemed to have
failed within MaxFailedGraceTime seconds of the last reply heard from
that Host, the Host is deemed to have failed until a further
FailureBackoffTime seconds have elapsed.
Following assignment of an official IANA port number for RadSec
protocol, the default port number for RadSec has been changed to 2083.
Testing with Linksys wrt54g wireless router with WPA/Radius. OK. The
wrt54g does not send accounting requests.
--
Mike McCauley mikem at open.com.au
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia http://www.open.com.au
Phone +61 7 5598-7474 Fax +61 7 5598-7070
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP etc on Unix, Windows, MacOS etc.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list