Radius 1.2 released.

info-gnu
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Radius 1.2 released.

From:	Sergey Poznyakoff
Subject:	Radius 1.2 released.
Date:	Mon, 08 Dec 2003 13:43:48 +0200
Hello,

I am pleased to announce the release of GNU Radius 1.2.

GNU Radius is a set of tools for remote user authentication and accounting.
The package includes server daemon, various client utilities, and a set of
administrator tools.

For more information on Radius, including links to file downloads,
please see the Radius web page: http://www.gnu.org/software/radius
and the Radius project page http://savannah.gnu.org/projects/radius.    

GNU Radius is available from ftp://ftp.gnu.org/gnu/radius and
the mirror sites worldwide (see http://www.gnu.org/order/ftp.html
for the list of those).

The MD5 checksums of the files are:

99b5e96118bc79178317eb72819d7027  radius-1.2.tar.bz2
41efba1332ff563e1f88f2aba04d9d24  radius-1.2.tar.gz

The list of user-visible changes follows:

* New features:

** Support for Status-Server request.
** Support for Tunnel Protocol (RFC 2865)
** The main configuration file raddb/config allows to specify several
Rewrite source files to be loaded instead of the single predefined
file raddb/rewrite.
** Arbitrary Rewrite expressions may be used in A/V pairs.
** Test shell mode considerably improved.
** The internal attributes do not appear in detailed logs. The
special flag 'l' has been added to the dictionary syntax to
turn this feature off for selected attributes. 

** Changes to Rewrite language

*** Usual dotted-quad notation may be used to represent IP numbers.
*** A number of new built-in functions is added.
*** New statement `#pragma regexp' allows to alter the type of regular
expressions used. The rest of line following `#pragma regexp' must
consist of whitespace-separated regexp modifiers. Each regexp modifier
is one of the following keywords:

  extended      Use extended regular expressions
  icase         Ignore case
  newline       Match-any-character operators don't match a newline.

optionally preceeded by plus, indicating enabling the feature, or
minus, indicating disabling it.

Default is `-extended -icase -newline'.

** Realms

*** New flags "auth" and "acct" allow to select which type of requests is
to be proxied to the remote server.
*** New boolean flag "ignorecase". When set, enables case-insensitive
comparison for realm names.

** New configuration file statements

*** radiusd-user <username>

Instructs radiusd to drop root privileges and to switch to uid / gid
of the given user right after becoming daemon.

*** forward ip[:port]...

This statement can be used in `auth' and `acct' blocks to request
forwarding of the requests to remote server or servers. It has the
same syntax as `listen' statement. Forwarding differs from proxying
in that the requests are sent to the remote server *and* processed
locally. The remote server is not expected to reply. This mode is
intended primarily for debugging purposes. It could also be useful in
some very complex configurations. 

*** trace-rules {yes|no}

Enables tracing of configuration rules matched while processing 
requests. The statement may be used in `auth' and `acct' blocks.

*** reject-malformed-names {yes|no}

Used in `auth' block. Setting this option to `yes' enables
sending access-reject replies for access-requests that contained
invalid user names.

*** listen no

This is a special form of `listen' statement that disables a
particular service.

** The amount of information output in logs is configurable via the
use of logging-hook rewrite functions. There are two kinds of such hooks:
prefix hooks that generate text to be displayed before the diagnostics
message, and suffix hooks that produce text to be displayed after it.
Such hooks may be global and category-specific, the latter overriding
the former.

** File raddb/rewrite is no longer installed. The Rewrite sources are
installed under $prefix/share/radius/1.2/rewrite. 

** Dictionary

Redefinition of an attribute produces a warning message. In future
releases it will be considered an error.

There are two new statements: ALIAS and PROPERTY. ALIAS statement
defines an alternative name for an attribute. PROPERTY redefines
the attribute properties.

Flag 'E' marks attributes encrypted as per RFC 2138. Currently
these are User-Password and CHAP-Password. 

Flag 'F' marks attribute encrypted as per RFC 2868.

** Both raddb/naslist and raddb/clients files allow to specify hosts
using CIDR notation. The DEFAULT keyword is also accepted in both files.

* Emacs files: Improved radconf-mode.el

* Deprecated features:

** Explicit use of Add-Port-To-IP-Address is no longer allowed.

* Bugfixes

** Renamed LIST to RAD_LIST to eliminate possible name clashes with the
other libraries (namely, libmysqlclient)
** Choose the strictest timeout value between the one imposed by Login-Time
attribute and the one set using Session-Timeout attribute.
** Use sigaction for signal handling whenever it is available.
** Fixed coredumps after unsuccessful error recovery in raddb/users
file.

Regards,
Sergey
[Prev in Thread]
Current Thread
[Next in Thread]
Radius 1.2 released., Sergey Poznyakoff <=
Next by Date: GNU Automake 1.8 released
Next by thread: GNU Automake 1.8 released
Index(es):
- Date
- Thread