[GENERAL NOTE: We have experienced problems compiling Merit RADIUS
using GCC 2.7.2 -- this may or may not be a real problem, but the
consensus was to make mention of this at least to alert people...]
This message serves to announce the new version 2.4.20 of RADIUS from
Merit Network, Inc. This version fixes problems in versions 2.4, 2.4.3,
2.4.4, 2.4.5, 2.4.7, 2.4.10, 2.4.14 and 2.4.16 announced earlier.
In particular, version 2.4.20 contains:
- everything mentioned in the 2.4.14 announcement (see ftp.merit.edu)
- the SVR4 fix from 2.4.16 for compressing logfiles in a child process
- the LAS now honors Simultaneous-Use without the use of realms (!)
- changes to the dictionary to support DRAFT 01 RADIUS RFC
- minor documentation changes to some of the man pages
- changes to rlmadmin(8) to remove some security holes
- changes to allow proper function without the Service-Type attribute
- place call to set_auth_parameters() early in main() for OSF/1
- allow nightly truncation of arbitrary files
- do not truncate logfile in debug mode
- properly match action on request queue event list in rad_2rad_recv()
- remember to flush the log stream when a child process exits
- prevent freezing of logging stream when server receives HUP signal
- a display utility for the LAS session.las current user status file
- a display utility for the LAS record.las accounting file(s)
- miscellaneous other stuff -- call for details ;^)
Even though this version has been tested extensively, there are bound
to be problems and bugs in this version. Every possible care has been
taken to make this release as clean as possible. Send problems and bug
reports directly to me and I will attempt to fix them. This version has
been compiled, linked, tested and run under Sunos 4.1.[34], Solaris 2.[45],
Ultrix 4.[23], AIX 3.2, BSDi 2.0, HP-UX 9.05, Linux 1.2.3 and Alpha OSF/1
but not on SCO, SGI, UnixWare or Novell NetWare (but, we're working on it).
Please throw away any copies of the Merit RADIUS 2.4.16 version or earlier
since those versions have several bugs and this new version fixes the known
bugs and adds some more new features. I will not be answering any questions
about nor fixing any bugs in the 2.4.16 version or earlier after the date of
this release. It's not because I don't want to, I just don't have the time!
Anyone who can test this release on machines which are unavailable to me
here at Merit should send me any changes you found necessary to get it to
work on your system. In addition, several people, who are too numerous to
mention, have contributed context diffs for various features. Thank you
for your efforts! There have been many diffs, suggestions and enhancements
to the Merit RADIUS code base. Thank you to everyone. I cannot always
just drop everything and slide in these changes, sorry! I have a list of
everything I have received, and I will get to those: a) when I get time and
b) if I get permission. I, too, have to answer to higher authority, darn!
In this release there are a few rough edges which need some explanation.
This version is just the tip of a much larger iceberg. We call it the
RADIUS engine. You may find odd routines and mention of unusual features
in the code. This is because we use this RADIUS engine as a small part
of our distributed authentication, authorization and accounting system
for MichNet, our local dial up network in Michigan. References to HGAS
and Huntgroups are part of this larger whole, but not part of this release.
We plan to release the HGAS package soon. It will contain the copyright
wording found in the LAS package.
In addition, there are some items which will be corrected in a subsequent
release. The get_radrequest() function still contains pseudo-code for true
conformance to the RADIUS DRAFT RFC. The routine unix_pass() is still very
ugly. It needs to be cleaned up and made into one AATV which is chosen by
a conditionally compiled choice from many password accessing routines. Not
having such an example for people to see how this might be accomplished is
something we regret. I have plans to put in an install hook for builddbm,
but have yet to do so. Finally, since RADIUS had its origins firmly planted
in UNIX, it is worth noting that, regrettably, some of the source file names
have grown over fourteen (or even the MS-DOS style 8.3) characters in length.
This is something which must wait for a later release, too, sigh...
We have decommissioned the historical Merit RADIUS location on merit.edu in
the pub/michnet directory. Today's release is located at the following URLs:
ftp://ftp.merit.edu/radius/releases/radius.2.4.20.tar.gz
ftp://ftp.merit.edu/radius/releases/radius.2.4.20.las.tar.gz
or
ftp://ftp.merit.edu/radius/releases/radius.2.4.20.tar.Z
ftp://ftp.merit.edu/radius/releases/radius.2.4.20.las.tar.Z
Use binary mode ftp, then uncompress and un-tar the RADIUS tar files. Do
the base engine first, then un-tar the LAS file on top of that (in the same
directory). No files appear in both tarchives, save for the Makefile. Next,
read the INSTALL file for further instructions. Be sure to read the man(1)
pages in the ./man subdirectory and check the files in the ./doc directory
for additional information. Read the README.LAS for information on how to
configure the LAS package, if you grab the second tarchive.
The Merit WWW home page also has some RADIUS information located at:
http://www.merit.edu/michnet/ (follow the Distributed Authorization link)
Regards,
web...
-- William Bulley, N8NXN Senior Systems Research Programmer Merit Network Inc. Domain: web@merit.edu 4251 Plymouth Road MaBell: (313) 764-9993 Ann Arbor, Michigan 48105-2785 Fax: (313) 747-3185