Revision history for RADIUSplugin. 0.3 Mon Mar 29 13:45:40 MEST 2010 Contributed by Holger Weiss: - Add AMD64 support. - Make the number of connection retries configurable. - Check whether the server responds with a modified User-Name attribute. In that case, use the modified user name for accounting requests; and, if the registry key "modify_username" is set to a true value, for logging in. - Fix the value of the NAS-Identifier attribute: If the host name of the Windows client cannot be resolved to an IP address, the plugin tries to set the NAS-Identifier instead of the NAS-IP-Address; this failed since release 0.2, that is, the NAS-Identifier was filled with garbage. - Various minor fixes and enhancements. Contributed by Kostas Kalevras: - Add support for the Message-Authenticator attribute. 0.2.1 Sun Mar 13 18:01:33 MET 2005 Contributed by Holger Weiss: - Use seperate variables for the "radius" and "radacct" ports in the radius_server_t structure instead of trying to adjust the port for accounting requests on the fly. This fixes a bug introduced in 0.2, where the port for accounting requests wasn't set correctly. Thanks to Ioan Caltun for reporting the bug. 0.2 Fri Mar 4 03:40:00 MET 2005 Contributed by Kostas Kalevras: - Add more sanity checks on the incoming RADIUS packets. This should eliminate a few security threats in the previous version. - Add functions for changing attribute values (length should be the same for now). - Add functions for reading attribute values instead of using the attribute structure elements (nice OO abstraction). - Make maximum attribute value length 253 (as it should be). - Add UserLogon attribute support and the corresponding dictionary: * UserLogon-HomeDir: User home directory * UserLogon-Type: In our case, Windows-Logon * UserLogon-Restriction: Determine if the user is anonymous, or admin * UserLogon-GroupNames: User Groups * UserLogon-DriveNames: Drives to map * UserLogon-UserDescription: User Description * UserLogon-UserFullName: User Full Name * UserLogon-UserProfile: The default user profile to use * UserLogon-UserDomain: The Domain to use for the user - Add anonymous user support. - Move a few attributes to the build_radius_packet() function so that they always get sent. - Add support for Vendor Specific attributes. - Update the random vector calculator to be more random. - Calculate session-time in a more nice way. - Support the Class attribute. - Move a few static variables to a request_t structure and remember that. - Allow the administrator to specify the NAS-IP-Address to be sent in requests. - Support the Session-Timeout attribute. Contributed by Holger Weiss: - If multiple IPs are returned for a given server hostname, choose one of them randomly (instead of simply using the first one). - Save a copy of the radius_server_t structure which was used for authentication and remember it in order to reuse the server data for accounting (instead of repeatedly reading the configuration from the registry and repeatedly resolving the server hostname). - Make the select() timeout configurable. - Make the local port the RADIUS plugin bind()s to configurable. - Make the Service-Type attribute values configurable seperately for authentication and accounting requests; but make this a "hidden feature", as using different values for authentication and accounting is a rather uncommon setup. The value set via the configuration dialog will be saved to the registry as "service_type" and used for both authentication and accounting as long as "service_type_acct" (which would be used for accounting) isn't set manually. - Update the configuration dialog to support the new options. - Update documentation with all new features. 0.1 Tue Jan 27 17:20:00 MET 2004 - Initial release