info-gnu-radius
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Info-gnu-radius] Radius 1.2.93

From: Sergey Poznyakoff
Subject: [Info-gnu-radius] Radius 1.2.93
Date: Sat, 26 Jun 2004 15:39:05 +0300 
Radius 1.2.93 is a next alpha release on our way to stable version 1.3.
It is available from ftp://alpha.gnu.org/pub/radius and from
ftp://mirddin.farlep.net/pub/alpha/radius as gzip and bzip2 compressed
tar archives. The relevant snippet from the NEWS files follows.

Please download and try the new version. Any comments, bug-reports,
propositions are welcome.

Version 1.2.93:

* Important compatibility note.

Previous versions of GNU Radius were silently adding an NAS-IP-Address
attribute/value pair to any requests lacking it. Whereas such behavior
is sometimes useful, it is not always needed. Therefore, the new
version of GNU Radius does not automatically add this attribute.
Instead, a rewrite rule is provided for this purpose. The default
raddb/hints file is shipped with this rule enabled. If you are
upgrading from a previously installed version of GNU Radius, you might
wish to add the following rule to the very beginning of your
'raddb/hints':

  DEFAULT Rewrite-Function = restore_nas_ip
          Fall-Through = Yes

If you chose to do so, add the following statement to the "rewrite"
section of 'raddb/config':
          
        load "nas-ip.rw";

* radiusd

** Improved checking for multiple logins. Previous versions relied entirely
on the contents of /var/log/radutmp file. Starting at this version,
radiusd offers at least two methods of checking for multiple logins:
using the traditional radutmp file and using the SQL database. New
keywords has been added to the sqlserver file that declare the SQL
queries to be used when retrieving information about currently
active sessions.

More methods of checking will be added in future versions.

** New methods of querying the NASes about active user sessions: using
guile function and using an external program.

** When an unsupported authentication type is requested, radiusd first
checks if an extension Scheme module is provided that handles that
authentication type. If such module is found, it is invoked to handle
the authentication.

** System accounting can be turned off by specifying `system no;' in
`acct' section of raddb/config. 

** New configuration statement 'load-module' allows to load arbitrary
Scheme modules.

** The file names of detailed log files are configurable via `detail-file-name'
statements in `auth' and `acct' sections of raddb/config.

** Support for Guile versions prior to 1.6 has been withdrawn.

** Implemented support for locking user accounts based on the number
of authentication failures:

*** New attribute Auth-Failure-Trigger specifies an external program or
a Scheme expression to be run upon an authentication failure. It can
update failure counts that subsequently will be used by
Exec-Program-Wait or Scheme-Procedure.

*** New keywords auth_success_query and auth_failure_query set 
SQL queries to be executed upon authentication success and failure,
respectively. These may maintain failure counts, that can be
used by group_query to control the authentication.

** Rewrite-Function attributes are handled uniformly in hints and
huntgroups. First, the Rewrite-Function attributes from the RHS list
are processed, then the ones from the LHS list. Notice, that in
contrast with the previous versions, any number of Rewrite-Function
attributes is allowed in both lists.

* Rewrite language

** Added i18n support

** New built-in functions:

*** Functions to access internal fields of a RADIUS request.
*** Interfaces to the Radius NAS database (raddb/naslist).
*** Interfaces to DNS lookup functions.

* libgnuradius

This is a library of functions for creation, handling and sending
requests using RADIUS protocol.

All programs have been rewritten to link with libgnuradius. On most
sites this will mean linking against a shared library, which will
reduce the size of the executables.

* gnuradius.scm

This is a guile module allowing to use libgnuradius functions. It
supersedes radscm program, which has been removed.

* Bugfixes

** Allow to omit port numbers in `listen' statements (raddb/config), as
described in the documentation.
    
** Fixed several inconsistencies in parsing Ascend-Data-Filter and
Ascend-Call-Filter attributes.

** Fixed a long-standing bug in radtest that caused misinterpretation
of optional arguments if the program was invoked from '#!' shell magic.

=====

Regards,
Sergey
reply via email to
[Prev in Thread] Current Thread [Next in Thread]