(RADIATOR) Radiator Version 4.1 released

Mike McCauley mikem at open.com.au
Mon Feb 25 01:13:51 CST 2008


We are pleased to announce the release of Radiator version 4.1

This version contains some new minor new features and bug fixes.

As usual, the new version is available to current licensees from:
http://www.open.com.au/radiator/downloads/

and to current evaluators from:
http://www.open.com.au/radiator/demo-downloads

Licensees with expired access contracts can renew at:
http://www.open.com.au/renewal.html

An extract from the history file
http://www.open.com.au/radiator/history.html is below:
-----------------------------

Revision 4.1 (2008-02-22) Bug fixes

Fixed a problem where anonymous logins to ServerHTTP would not get a
 Privilege Level. Reported by Dominic J. Eidson.

Fixed a significant memory leak that affected certain installations with
multiple clients.

Fixed a problem where the Configuration Edit link was not displayed on the
ServerHTTP GUI in the Locked version.

Improved configuration file saving for the case where AuthBy objects are
referred to by Identifier. Reported by Dominic J. Eidson.

OSC now provides precompiled Net::SSLeay+OpenSSL+EAP-FAST-patches bundles for
Linux and Windows. Updated documentation in goodies/eap_fast.txt describing
how to install these precompiled bundles.

Added new function Radius::AuthWIMAX::get_cached_keys to fetch $sessionid,
$mip_rk, $mip_spi, $fa_rk from the database given the outer nai. Requested by
Ian Forster.

SimpleClient now correctly generates a random authenticator instead of a
 fixed one.

Reinstated support for EAPErrorReject which was accidentally lost from some
modules.

Fixed a problem where EAPTLS_CAPath would not be set correctly if
EAPTLS_CAFile was not defined. Reported by Jan Tomasek.

Fixed documentation of EAPTLS_CertificateVerifyHook. The list of arguments
passed was incorrect, and out by an index of one. Reported by Jan Tomasek.

Added new special character %K, which is replaced with the realm name after
the last @ in the user name. Requested by Michael Kwan.

Added to dictionary 2 new values for Error-Cause defined in RFC 5176.

Fixed a problem with fideliosim.pl not working correctly with serial ports.

AuthBy PAM now supports AuthenticateAttribute. Contributed by Markus Moeller.

A number of improvements to Diameter support, contributed by José Borges
Ferreira: In Handler clauses you can catch Diameter attributes: <Handler
DiaRequest:Auth-Application-Id=NASREQ> or <Handler
DiaRequest:Disconnect-Cause=CREDIT_CONTROL>. Added extra methods to allow
vendorByName (returns vendor data from a given vendor name) grouped_attr
(allows easy manipulations of grouped attributes). Added avp type vendor,
witch is a Unsigned32 variant (like enumerated) that tries to translate
vendorname to vendornum and vice-versa. Grouped attributes within grouped
attributes are logged with alignments. New attribute SupportedVendorIds for
Server DIAMETER. This optional parameter allows you to define the Supported
Vendor Ids announced in CER. Defaults to BASE(0). Thanks José.

AuthBy PAM now supports PasswordPrompt, parameter, which specifies the
password prompt string asked for by PAM. Contributed by Markus Moeller.

Improvements to Server TACSCSPLUS. Now uses Client statements for
RewriteUsername, StripFromRequest, AddToRequest, AddToRequestIfNotExist and
PreHandlerHook. There will be two PreHandlers called. First the one form the
Client statement and second the one defined inside the Server
definition. Contributed by Markus Moeller.

Improvements to special character handling, and to enable multi-char special
character names in the future. Now, any of the special single-character (and,
in future, mutiple character) special characters can be accessed with, for
example, the format %{Special:x} as well as just %x.

Added functions ntptime2systime and systime2ntptime for converting between
 NTP and systime, useful for Diameter. Contributed by José Borges Ferreira.

EAP-FAST was not correctly REJECTING with an EAP failure after a RESULT
FAILURE message was received from the clinet, causing retransmissions of the
original RESULT FAILURE message. Reported by Jim Veneskey.

Added support for AuthLog in Server HTTP. Suggested by Markus Moeller.

AuthBy TEST did not correctly support the Identifier parameter. Reported by
Ian Forster.

Changes to Server HTTP so that manually edited configuration files are saved
with the correct line endings appropriate for the local machine. Reported by
Jin Tao.

When running as a service under Windows, did not correctly restart when a
'restart server' command was given by either Monitor or ServerHTTP. Reported
by Jin Tao.

Improvements to ServerHTTP, adding some attributes to the Radius packet used
to authenticate Server HTTP access, including NAS-IP-Address and
Calling-Station-Id. Contributed by Markus Moeller.

Added support for EAPTLS_CertificateChainFile wherever EAPTLS_CertificateFile
is supported, and added support for TLS_CertificateChainFile wherever
TLS_CertificateFile is supported. The ChainFile parameter specifies the name
of a file containing a certificate chain for the Radius server
certificate. Suggested by Jan Tomasek.

Added more detail to WARNING log when AuthBy HASHBALANCE declines to break up
an EAP stream.

AuthBy RADSEC would not always reply with the correct type of packet.
 Reported by Paul Dekkers.

Fixed problems when Server RADSEC or Server DIAMETER were in use and a SIGHUP
was received. Reported by Paul Dekkers.


--
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP etc on Unix, Windows, MacOS, NetWare etc.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list