[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Radius 1.2 released.
From: |
Sergey Poznyakoff |
Subject: |
Radius 1.2 released. |
Date: |
Mon, 08 Dec 2003 13:43:48 +0200 |
Hello,
I am pleased to announce the release of GNU Radius 1.2.
GNU Radius is a set of tools for remote user authentication and accounting.
The package includes server daemon, various client utilities, and a set of
administrator tools.
For more information on Radius, including links to file downloads,
please see the Radius web page: http://www.gnu.org/software/radius
and the Radius project page http://savannah.gnu.org/projects/radius.
GNU Radius is available from ftp://ftp.gnu.org/gnu/radius and
the mirror sites worldwide (see http://www.gnu.org/order/ftp.html
for the list of those).
The MD5 checksums of the files are:
99b5e96118bc79178317eb72819d7027 radius-1.2.tar.bz2
41efba1332ff563e1f88f2aba04d9d24 radius-1.2.tar.gz
The list of user-visible changes follows:
* New features:
** Support for Status-Server request.
** Support for Tunnel Protocol (RFC 2865)
** The main configuration file raddb/config allows to specify several
Rewrite source files to be loaded instead of the single predefined
file raddb/rewrite.
** Arbitrary Rewrite expressions may be used in A/V pairs.
** Test shell mode considerably improved.
** The internal attributes do not appear in detailed logs. The
special flag 'l' has been added to the dictionary syntax to
turn this feature off for selected attributes.
** Changes to Rewrite language
*** Usual dotted-quad notation may be used to represent IP numbers.
*** A number of new built-in functions is added.
*** New statement `#pragma regexp' allows to alter the type of regular
expressions used. The rest of line following `#pragma regexp' must
consist of whitespace-separated regexp modifiers. Each regexp modifier
is one of the following keywords:
extended Use extended regular expressions
icase Ignore case
newline Match-any-character operators don't match a newline.
optionally preceeded by plus, indicating enabling the feature, or
minus, indicating disabling it.
Default is `-extended -icase -newline'.
** Realms
*** New flags "auth" and "acct" allow to select which type of requests is
to be proxied to the remote server.
*** New boolean flag "ignorecase". When set, enables case-insensitive
comparison for realm names.
** New configuration file statements
*** radiusd-user <username>
Instructs radiusd to drop root privileges and to switch to uid / gid
of the given user right after becoming daemon.
*** forward ip[:port]...
This statement can be used in `auth' and `acct' blocks to request
forwarding of the requests to remote server or servers. It has the
same syntax as `listen' statement. Forwarding differs from proxying
in that the requests are sent to the remote server *and* processed
locally. The remote server is not expected to reply. This mode is
intended primarily for debugging purposes. It could also be useful in
some very complex configurations.
*** trace-rules {yes|no}
Enables tracing of configuration rules matched while processing
requests. The statement may be used in `auth' and `acct' blocks.
*** reject-malformed-names {yes|no}
Used in `auth' block. Setting this option to `yes' enables
sending access-reject replies for access-requests that contained
invalid user names.
*** listen no
This is a special form of `listen' statement that disables a
particular service.
** The amount of information output in logs is configurable via the
use of logging-hook rewrite functions. There are two kinds of such hooks:
prefix hooks that generate text to be displayed before the diagnostics
message, and suffix hooks that produce text to be displayed after it.
Such hooks may be global and category-specific, the latter overriding
the former.
** File raddb/rewrite is no longer installed. The Rewrite sources are
installed under $prefix/share/radius/1.2/rewrite.
** Dictionary
Redefinition of an attribute produces a warning message. In future
releases it will be considered an error.
There are two new statements: ALIAS and PROPERTY. ALIAS statement
defines an alternative name for an attribute. PROPERTY redefines
the attribute properties.
Flag 'E' marks attributes encrypted as per RFC 2138. Currently
these are User-Password and CHAP-Password.
Flag 'F' marks attribute encrypted as per RFC 2868.
** Both raddb/naslist and raddb/clients files allow to specify hosts
using CIDR notation. The DEFAULT keyword is also accepted in both files.
* Emacs files: Improved radconf-mode.el
* Deprecated features:
** Explicit use of Add-Port-To-IP-Address is no longer allowed.
* Bugfixes
** Renamed LIST to RAD_LIST to eliminate possible name clashes with the
other libraries (namely, libmysqlclient)
** Choose the strictest timeout value between the one imposed by Login-Time
attribute and the one set using Session-Timeout attribute.
** Use sigaction for signal handling whenever it is available.
** Fixed coredumps after unsuccessful error recovery in raddb/users
file.
Regards,
Sergey
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Radius 1.2 released.,
Sergey Poznyakoff <=