[RADIATOR] AuthBy DUO issue
Alexander.Hartmaier at t-systems.com
Alexander.Hartmaier at t-systems.com
Tue Jul 13 15:05:49 UTC 2021
Hi Heikki,
thanks for the new version, we'll look into deploying it.
We've encountered another issue today: when CheckTimerInterval is configured to 0, to disable the periodic DUO API check which fills our log and generated unnecessary traffic and load, the API never recovers when marked as dead.
Do you have a suggestion how to solve this besides configuring CheckTimerInterval for something else?
Thanks, Alex
T-SYSTEMS AUSTRIA GESMBH
PU Cyber Security
Network Architecture
Operation Manager Authentication
Rennweg 97-99, A-1030 Vienna
+43 57057 4320 (phone)
+43 676 8642 4320 (mobile)
E-mail: alexander.hartmaier at t-systems.com
Internet: www.t-systems.at
Blog: blog.t-systems.at
Social Media: Facebook, Linkedin, Twitter
BIG CHANGES START SMALL – CONSERVE RESOURCES BY NOT PRINTING EVERY E-MAIL.
****************************************************************************************************************
T-Systems Austria GesmbH, Rennweg 97-99, A-1030 Vienna
Commercial Court Vienna, FN 79340b
****************************************************************************************************************
Notice: This transmittal and/or attachments may be privileged or confidential. It is
intended solely for the addressee named above. If you received this transmittal in error,
please notify us immediately by reply and delete this message and all its attachments.
Thank you.
****************************************************************************************************************
________________________________
Von: radiator <radiator-bounces at lists.open.com.au> im Auftrag von Heikki Vatiainen <hvn at open.com.au>
Gesendet: Mittwoch, 30. Juni 2021 18:48
An: radiator at lists.open.com.au <radiator at lists.open.com.au>
Betreff: Re: [RADIATOR] AuthBy DUO issue
On 11.6.2021 14.42, Heikki Vatiainen wrote:
> On 8.6.2021 15.06, Alexander.Hartmaier at t-systems.com wrote:
>> What is your plan to fix this issue?
>
> One option is to select only TLSv1.2 by default and make it
> configurable. If the problem is with Net::HTTPS::NB or HTTP::Async,
> allow by default TLSv1.3 when a working version of this/those is detected.
AuthBy DUO now disables TLSv1.3 until a better fix is available. DUO
seems to support TLS versions older than TLSv1.2 so for this reason
TLSv1.2 is not forced by Radiator. Those who still require older
versions can still continue to use them. TLS library continues to
negotiate the highest version that's available.
Updated packages are available from Radiator patch package downloads.
Thanks,
Heikki
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, TACACS+, PAM, Active Directory,
EAP, TLS, TTLS, PEAP, WiMAX, RSA, Vasco, Yubikey, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, etc.
_______________________________________________
radiator mailing list
radiator at lists.open.com.au
https://lists.open.com.au/mailman/listinfo/radiator
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.open.com.au/pipermail/radiator/attachments/20210713/a9be8ec4/attachment-0001.html>
More information about the radiator
mailing list