Releases: Amebis/GEANTLink
Releases · Amebis/GEANTLink
1.0-alpha17
- Profile configuration XML revised for better draft-winter-opsawg-eap-metadata-02 compliancy
- Provider identity is now coherent to draft
- Pre/post-processing of
<OuterIdentity>was found inaccurate and has been dropped <UserName>is no longer created for empty identities
- On session reconnect skip inner re-authentication now
- Struggle for Schannel to support session resumption continues...
- MSCHAPv2 work continues...
- Internal clean-up
1.0-alpha16
- Support for multi-provider added: one network profile can now contain more than one identity provider. GÉANTLink will attempt to connect to the first one it has all credentials for (or prompt user, as before).
- Schannel tweaked to support TLS 1.2 now, and hopefuly 1.3 once it is available
- Support for configuring provider ID using GUI added
- Pre&post-processing of XML configuration introduced to allow draft-winter-opsawg-eap-metadata-02 compliant XML profiles on the outside, while maintaining internal code simplicity
- Confusion between provider ID and provider name in GUI resolved
- Credential identities are more carefully prepared for display now
- Issues with 32-bit event log sources fixed
1.0-alpha15
- WLANManager is deployed separately now
- CredWrite stores an empty set of credentials for TLS now, avoiding initial credential prompt
- User identity derived from certificate is using sAN2 and sAN extensions only now
- In case of previously-failed authentication attempts we are more careful now not to request credential prompt for machine authentication
- Outer and inner TTLS credentials are combined separately now to provide finer feedback for more accurate logging (again)
- Other internal cleanup in preparation of MSCHAPv2
1.0-alpha14
- Localization:
- Slovenian localization files added
- Localization support mostly finished
- Awaiting further agreement how to deploy localized versions
- EventMonitor:
- Registry keys to save EventMonitor settings revised: new version of EventMonitor will start with defaults
- Default column widths adjusted to better fit the content initially
- WLANManager utility introduced
- Configuration dialog fixed to stop consuming ridiculous amount of CPU/battery power when idle
- Issue with initial credential prompt after XML wireless profile import resolved
- Identity selection revised to support cases where TLS certificate is present but contains no usable username
- GUI distinguishes between empty credentials and credentials with blank identity
- Internal reorganizations to pave the road for incoming MSCHAPv2 support
1.0-alpha13
- EventMonitor upgraded
- Clipboard support
- Filtering by source and/or by message level
- Schannel event source added (although totally silent on my Windows)
- Product icon introduced
- "Add/Remove Programs" contact info changed from Amebis to GÉANT
1.0-alpha12
- First application data message is now appended piggyback to the last client handshake message (Hopefully resolving issue with Radiator)
- The credentials are marked "invalid" at transition from handshake to application data phase only to prevent initial handshake problems from popping-up credential prompt when credentials have nothing to do with the connection failure.
- Handshake log events are a bit more specific now
- Duplicate log record of EAP-TLS initial handshake removed
1.0-alpha11
- If configured trusted root CA certificate list is empty, that really means "Trust no one!" now
- Certificate (TLS) credentials support custom identity now
- Credential prompt sometimes displayed in background issue fixed now
- Logging of handshake result added
- Internal exception handling fixes
- Our own TLS merged back to master and can be compiled conditionally
- Internal clean-up
1.0-alpha10-owntls
- Server certificate name check improved:
- subjectAltName and subjectAltName2 are honoured before Common Name now
- Support for wild-characters in certificate names dropped
- Support for Unicode DNS names and Punycode added
Note: This release uses own TLS processing, not Microsoft Schannel.
1.0-alpha10
- The TLS logic rewritten to use Schannel
- Server certificate name check improved:
- subjectAltName and subjectAltName2 are honoured before Common Name now
- Support for wild-characters in certificate names dropped
- Support for Unicode DNS names and Punycode added
1.0-alpha9
- GUI boots with a predefined configuration on new profiles now
- Provider identity and help-desk is configurable via GUI now
- Support for read-only lock added to GUI
- GUI updated to show "" when provider ID is blank
- Initial focus changed to the first non-mouse-wheel-capturing control to allow initial scrolling of the configuration dialog using mouse wheel