There are new versions of trust-router (1.5) and mech_eap (0.9.3)
available for testing.
The Debian packages are in wheezy-proposed.
The Centos packages are at the usual experimental place
(http://repository.project-moonshot.org/rpms/centos6/experimental/rpm-packages.tar
This version of mech_eap fixes a bug in delete_sec_context; you'll be
kind of sad if you use the new trust_router with the old mech_eap. In
addition, this version of mech_eap improves error handling. If your
RADIUS server reports back and error in the Reply-Message attribute,
then that will be included in the error print-out at the acceptor.
Note that expanded errors are not returned to the initiator.
The trust router includes Adam's syslog patches as well as support for
key expiration. You'll need to delete your keys database and recreate
it (and the view) with the new schema. The expiration enforcement is
handled in the view.
This version also includes path information so you can tell which system
generates an error.
I'm in the middle of testing these and hope to get one additional
feature related to enhanced error handling in prior to service launch.
--Sam
|