RADIUS 2.01 (OpenVMS) porting notes ------------------- Requirements ------------------- OS: oVMS 6.1 or Later (VAX/Alpha) Priv: SYSPRV - for access to SYSUAF.DAT NETMBX,TMPMBX - usual TCP/IP support: UCX (tested), TCPWare-TCP (tested),Multinet (tested) Compiler: DEC C 5.0 or later MMK: www.madgoat.com Porter: Ruslan R. Laishev (Laishev@SMTP.DeltaTel.RU) ------------------- Installation ------------------- * . Put distribution kit (Zip-file) in the special directory for the RADIUS, unpack & build executable image of the RADIUS server. * . Revise & edit RADIUS_STARTUP.COM & RADIUS_START.COM from distribution kit. * . Optionaly, add two entry in the SERVICES file, example for TCPWare-TCP follows: ... radius 1645/udp radact 1646/udp ... * . Edit CLIENTS file from RADIUS distribution kit for adding IP names of your Network Access Servers and "shared secret" (don't forget that maximum length of "shared secret" can't be more that 8 bytes. * . Start RADIUS server by RADIUS_STARTUP.COM as detached process, or for debuging purpose run RADIUS_START.COM from command line. ------------------- Changes & Additions ------------------- * . This version is not allow of password changing by RADPASS or by something like it facilities. * . Optimizations issue All critical file I/O is rewritted with RMS I/O, in particulary, access to USERS. file controled by discipline: USERS. file opening at start of server; during run of server USERS. file stay open; for each 10 minutes (0 00:10:00.00) this file is marked as expired by setting of special flag; when a next request is arrived the file is reopened again and expiration flag is cleared. This discipline reduces overhead for opening of the file during processing of each authentication request, and take advantages of buffered I/O with big numbers of RMS buffers. All requestes to IP to NAME (reverse resolving) translation use caching. ------------------- Logicals ------------------- RADIUS_DIR - where is root RADIUS's directory RADACCT_DIR - where will be placed .DETAIL files RADIUS_DICTIONARY - RADIUS's dictionary file RADIUS_CLIENTS - RADIUS's clients file RADIUS_USERS - RADIUS's users file RADIUS_LOGFILE - RADIUS's log file RADIUS_DEBUG - put debug information in the log file RADIUS_NODETAIL - disable putting accounting information to .DETAIL files ------------------- Limitations ------------------- * . Using of the RAIDUS preffixes, are is not allowed !!! Suffixes must be starting with characters '%' !!! * . Only local authentication is supported!!! ------------------- To Do ------------------- * I. Resting... C U SysMan (MailTo:"Ruslan R. Laishev" ). http://www.levitte.org/~rlaishev http://www.radiusvms.com/