We are pleased to announce the release of Radiator version 2.17.
2.17 includes some significant new feature like MSCHAP and improved logging
support, as well as some fixes.
As usual, current customers and evaluators can download the new version.
Attached is an extract from the revision history.
---------------------------------------------
Revision 2.17 (21/11/00) Some significant new features
Added new parameters to AuthBy SQL, to permit logging accounting
records to a file if the SQL insert fails. See AcctFailedLogFileName
and AcctLogFileFormat.
Added MS-CHAP support as per rfc2548. Like ordinary CHAP, it works
with plaintext, not encrypted passwords in the user database.
Requires Digest-MD4-1.0 or better from CPAN. Also added support for
MS-MPPE-Send-Key and MS-MPPE-Recv-Key reply items as tunnel passwords.
Fix a problem that prevented AuthBy RADIUS receiving replies after a
HUP. Reported by [EMAIL PROTECTED] Also fixed some similar
issues in AuthFILE and others.
AuthBy LDAP2 is now compatible with perl-ldap versions before and
after 0.20 (changes to the perl-ldap API made this necessary). With
patches from Ragnar Kurm ([EMAIL PROTECTED]). Thanks Ragnar.
Added Nas support for Patton RAS.
Fixed a problem with decode_tunnel_password that could cause a crash
with various out-of-spec tunnel passwords. Reported and patched by
Christophe Wolfhugel ([EMAIL PROTECTED]). Thanks Christophe.
Fixed a problem with Realms and Handlers that prevented old Realms and
Handlers being discarded during a SIGHUP.
Fixed minor error in dictionary: VENDORATTR 307 type 2 was incorrectly
called 'Livingston'. Changed to 'LE-Terminate-Detail'. Fix identified
by Blaz Zupan ([EMAIL PROTECTED]).
Added dictionary.redback for Redback NASs
Added sample NoReplyHook to goodies by knind permission of John Kemp
([EMAIL PROTECTED])
Separated out a utility function for doing all the magic for replying
to a request.
Testing on HP-UX 10.20. No changes required.
Improved memory cleanup code in AuthRADIUS.pm to slightly reduce
memory requirements. Found by Christophe Wolfhugel
([EMAIL PROTECTED]). Thanks Christophe.
Improved SQL timeout handling, The need for this was revealed by
recent versions of Oracle 8 using local transport. Reported by Chris
Keladis ([EMAIL PROTECTED]). Thanks Chris. A similar fix
was contributed by David Lloyd ([EMAIL PROTECTED]). Thanks David.
Fixed a problem that caused excessive memory usage in Client.pm. Found
and fixed by Christophe Wolfhugel ([EMAIL PROTECTED]). Thanks
Christophe.
Removed incorrect reinitialisation code from AuthFILE, which would
cause a crash on SIGHUP.
Fixed some problems with SIGHUP handling and SNMP Agent, which
prevented the Agent receiving requests after a HUP with
SNMP_Session-0.77. Fix now works with all versions of
SNMP_Session. Reported by Anton Sparrius ([EMAIL PROTECTED])
Mods to a number of classes that inherit from SqlDb.pm, to hide use of
the dbh handle, in order to support sharing of SQL connections.
Added CachePasswords to AuthBy RADIUS. It implements a password
cache. It allows proxying to be more robust when the remote server is
not available. It can be very useful if the remote server is
unreliable, or at the end of a saturated or unreliable link.
Some users have reported that Microsoft LDAP leaves NULs at the end of
returned attributes. Added code to AuthLDAP2.pm to strip any trailing
NUL.
Added NoCheckPassword to AuthBy NT, useful in conjunction with other
authentication methods that actually check the password
AuthBy RADIUS now honours the global SocketQueueLength parameter, if
it is set. Reported by David Lloyd ([EMAIL PROTECTED]). Thanks David.
Fixed a problem with AuthLDAP2 that prevented it working with CHAP
unless RejectEmptyPassword was cleared. The test is now implemented
with LDAPRejectEmptyPassword, which defaults to 1 and is only referred
to if ServerChecksPassword is set. Reported by Nacho Paredes
([EMAIL PROTECTED]). Thanks Nacho.
Improved detection of running under inetd so running under cron wint
be mistaken for inetd.
Added Alcatel DANA vendor specific attribute to standard dictionary.
Added -code flag to radpwtst, allowing it to send any type of request
code, eg: radpwtst -noacct -noauth -code Disconnect-Request
Changes to Client.pm, Radius.pm to permit proxying of any type of
code, eg Disconnect-Request
Added hydrarad to goodies. Hydrarad is an agent for the HydraWeb load
distributor (www.hydraweb.com). It probes server performance and
produces a Usability figure from 0 to 100.
In dictionary, the types of CHAP-Password and CHAP-Challenge changed
to 'binary' to prevent trailing NULs being stripped.
AddToReply and DefaultReply were not honouring special formatting characters.
Minor performance improvements in RDict.pm.
Permit special characters (eg %{GlobalVar:databasename} in DBSource,
DBUsername and DBAuth in any SQL connection.
Added new generic authentication logging support contributed by Dave
Lloyd . Thanks heaps Dave! Also example config file using in
goodies/authlog.cfg and documentation.
Added support for USR1Hook, USR2Hook and WINCHHook. Contributed by
Dave Lloyd . Thanks Dave!
Fixed Handler.pm so handlerResult is called when MaxSessions is
exceeded. Suggested by Dave Lloyd . Thanks Dave!
Added Shasta attributes to dictionary. Contributed by "Mariano Absatz"
([EMAIL PROTECTED]). Thanks Mariano.
Improved portability of module importing. Now uses eval("require
RADIUS::classname") which will work portably on all platforms,
including MAC.
Added goodies/blocktime.txt, a discussion about how to implement
prepaid time.
Hugh added some more examples to goodies/hooks.txt.
Prevented warnings 'No CHAP-Password or User-Password in request' when
User-Password is empty. reported by Cortney Thompson
([EMAIL PROTECTED]). Thanks Cortney.
Added SNMP MIB 2 variables sysUpTime and sysName. Suggested by Mariano
Absatz ([EMAIL PROTECTED]), since MRTG likes to get them.
Fixes to AuthBy EMERALD to be compatible with RadiusNT version 3
(suitable for Platypus version 3 with RadiusNT compatibility
too). Also now correctly handles per-user and per-service
vendor-specific check and reply items.
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
