Skip to content

OpenLI 1.0.6
Compare
Choose a tag to compare
@salcock salcock released this 14 Sep 04:07
· 618 commits to master since this release
1.0.6-1
d6101b5
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
  • Added authentication layer to the provisioner REST API. If enabled, REST API requests must either provide a valid API key or use Digest Authentication to confirm that the request has been issued by an authorised party.
  • Collectors may now use rabbitmq to "buffer" encoded records before sending them to their mediator. The records will be persistently buffered to disk, so we are not solely relying on memory to retain records for mediators that have failed or disappeared.
  • Added RADIUS-friendly hashing option for collector input sources. This option should be used on all inputs that are going to receive RADIUS packets. Resolves issues with RADIUS packet ordering that required users to decrease the number of processing threads for their RADIUS inputs to 1.
  • Added scripts (openli-prov-authsetup.sh and openli-prov-adduser.sh) to assist in the creation and management of user credentials for the provisioner REST API.
  • Completely refactored mediator code to be easier to maintain. This in theory should have no impact on end users, but any code refactor may introduce new bugs so we want to make sure users know that we have done this.
  • Fixed bug where multiple configuration changes to an agency handover would not be applied correctly on the mediator.
  • Fixed crash when a RADIUS user has been removed but still had an outstanding request. The crash would occur if we then later saw the response.
  • Fixed hanging when collector processes a RADIUS packet that has been padded to the minimum frame size.
  • Fix provisioner crashes after expiring an unauthorised client that has connected to one of its listening ports.
  • Components that are not using TLS will now immediately exit after connecting to a component that is using TLS (and vice versa).

Note: some existing packaged installs may find that your package manager will "hold back" the new OpenLI packages if you attempt an upgrade. This is because we have upgraded from using libwandder1 to libwandder2 for one of our dependencies. To resolve this, you can explicitly install the packages directly, e.g. apt install openli-collector, to force the upgrade of the underlying libwandder package.

Assets 2
Loading