ISL Conference Proxy 4.4.1734.24 with modules for Windows and Linux (2017-10-18)

 

General Information

On 18th of October the following was released: 

  • ISL Conference Proxy 4.4.1734.24 for Windows 32bit (Platform=win32, Revision=e3f3e2bc9ed8a5985cf9b2bb6a71f75e9ec415ac, release_date=2017-10-12, os_version=0x06000000-0x7fffffff)
  • ISL Conference Proxy 4.4.1734.24 for Windows 64bit (Platform=win64, Revision=e3f3e2bc9ed8a5985cf9b2bb6a71f75e9ec415ac, release_date=2017-10-12, os_version=0x06000000-0x7fffffff)
  • ISL Conference Proxy 4.4.1734.24 for Linux 32bit (Platform=linux, Revision=e3f3e2bc9ed8a5985cf9b2bb6a71f75e9ec415ac, release_date=2017-10-12)
  • ISL Conference Proxy 4.4.1734.24 for Linux 64bit (Platform=linux64, Revision=e3f3e2bc9ed8a5985cf9b2bb6a71f75e9ec415ac, release_date=2017-10-12)

Modules

  • Core Login 4.4.1734.24 (release_date=2017-10-12, revision=e3f3e2bc9ed8a5985cf9b2bb6a71f75e9ec415ac)
  • ISL AlwaysOn 4.4.1734.24 (release_date=2017-10-12, revision=e3f3e2bc9ed8a5985cf9b2bb6a71f75e9ec415ac)
  • ISL Groop 4.4.1734.24 (release_date=2017-10-12, revision=e3f3e2bc9ed8a5985cf9b2bb6a71f75e9ec415ac)
  • ISL Light 4.4.1734.24 (release_date=2017-10-12, revision=e3f3e2bc9ed8a5985cf9b2bb6a71f75e9ec415ac)
  • ISL Pronto 4.4.1734.24 (release_date=2017-10-12, revision=e3f3e2bc9ed8a5985cf9b2bb6a71f75e9ec415ac)
  • PostgreSQL4.4.1734.24 (release_date=2017-10-12, revision=e3f3e2bc9ed8a5985cf9b2bb6a71f75e9ec415ac)

Translations

  • core_login_20171017_20171017_072033.translation
  • isl_alwayson_20171017_20171017_072033.translation
  • isl_conference_proxy_20171017_20171017_072033.translation
  • isl_groop_20171017_20171017_072033.translation
  • isl_light_20171017_20171017_072033.translation
  • isl_pronto_20171017_20171017_072033.translation
  • reports_20171017_20171017_072033.translation

Update availability

All  updates have release date set to 2017-10-12. Your ESS will need to be  same or higher to be able to update your server. This release is  available to all countries except Japan.

Upgrading to new version

This are server side updates so hosted service users do not need to do anything.

Server license users please check Upgrading Server License

Improvements

ISL Conference Proxy - Core - Multiple application SSL keys / certs (FEATURE) [ISLCONFPROXY-1309] More

Description

In previous versions of ISL Conference Proxy the default application RSA keys length was 1024 bits which is now increased to 2048 bits. Users are also able to generate new keys, however old keys will remain stored on ISL Conference Proxy ( compatibility with applications that were downloaded before generating new RSA keys). Users also have the option to disable obsolete keys ( users who have application with obsolete keys will not longer be able to connect to ISL Conference Proxy server ).
Configuration of RSA keys can be found on ISL Conference Proxy configuration page under Configuration -> Advanced -> Security.

In previous version of ISL Conference Proxy 4.4.1721.26 this flag was disabled by default, and now, it is enabled by default

ISL Conference Proxy - Core Login - Retain configured 2FA devices and ask to restore them (FEATURE) [ISLCONFPROXY-1459] More

Description

Added support for restoring 2FA devices. When user disables 2FA, it will be asked if he wants to keep the devices or not. In case he keeps them, whenever he enables 2FA it will ask him if he wants to restore devices and which device he wants to restore.

ISL Conference Proxy - Core - Show integrator/ webapi2 calls only on localhost (FEATURE) [ISLCONFPROXY-1477] More

Description

ISL Online integrator WebAPI2 calls were displayed on Webapi2 help page when acessed from non-localhost address. This was redesigned, integrator methods are now shown only to localhost. The calls are still accessible, so webapi2 filters are needed to restrict further access. 

Flags for this ticket are enabled by default.

ISL Conference Proxy - Core - Pass original session_id to moduleapp webapi2 (FEATURE) [ISLCONFPROXY-1482] More

Description

Additional field orig_session_id was added to webapi2 backend protocol which passes the original session ID to webapi2 module. orig_session_id is needed to check the JWT signatures in other webapi2 calls. Calls should no longer return "failed to parse" error.

Flags for this ticket are enabled by default.

ISL Light - Module - Remove session code checksum (FEATURE) [ISLLIGHT-4745] More

Description

To increase the pool of available session codes in large grid setups, checksum characters were removed from the 8-character ISL Light code. 

Flags for this ticket are enabled by default.

[PREVIEW] ISL Conference Proxy - Core - Report AKV error lines in mail (FEATURE) [ISLCONFPROXY-1453] More

Description

Added email log reports to ISL Conference Proxy. Setting Logs / Enable mail log reports controls the feature. Every log subsystem has a new mail severity level. Mails with accumulated log lines are sent every 900 seconds. Maximum log line is 2048 bytes and it is truncated with three dots at the end if it's too long. Maximum mail size is 256KB and it is terminated with three dots in case of overflow.

Flags for this ticket are disabled by default.

[PREVIEW] ISL Conference Proxy - Core - Monitor file access and report long names (FEATURE) [ISLCONFPROXY-1484] More

Description

Long filenames and long paths caused errors with eCryptfs library on ISL Conference Proxy. Filenames were shortened and should no longer cause errors. File access monitor was added that reports any filename longer than 140 characters and  any path longer than 250 characters as critical events.

Flags for this ticket are disabled by default

[PREVIEW] ISL Conference Proxy - Core - Stabilize packet generator chunks (FEATURE) [ISLCONFPROXY-1501] More

Description

Packet generator for executables is now using a stable algorithm for calculating cache key hashes and ensuring that they stay the same, even after reboot or when only file timestamps change on disk but not content, thus making it easier to debug related issues. unpackcache directory will be rebuilt because raw file chunk hashes (accessed with raw#filename in spec files) are now precalculated when unpacking.

Flags for this ticket are disabled by default.

[PREVIEW] ISL Conference Proxy - Core - Split executable file to allow caching (FEATURE) [ISLCONFPROXY-1503] More

Description

Programs signed with authenticode (Windows desktop platform) are now correctly sliced into smaller chunks to support proper caching. Authenticode changes two bytes at the start of the executable ** and might cause the entire chunk to be redownloaded. The executable is now sliced into:

  • 512 bytes (not cached, authenticode change is here)
  • 256 kilobytes (cached, supports icon changes)
  • 512 kilobytes (cached, supports icon changes)
  • the rest (cached)

Flags for this ticket are disabled by default.

[PREVIEW] ISL Conference Proxy - Core - Add webapi groups/update/security/2 with custom privileges and added computer_all default privilege and remove aon_* privilege (FEATURE) [ISLCONFPROXY-1518] More

Description

New webapi2 method was introduced: groups/update/security/2. aon_* privilege was remove and several new custom privilages were added: all, computer_edit, computer_delete, computer_action, computer_all. Those privileges are checked against the rules set in the ISL Conference Proxy web administration under "Security / User privileges settings". Default privilege computer_all was added compared to webapi2 groups/update/security/1.

Flags for this ticket are disabled by default.

[PREVIEW] ISL Conference Proxy - Core - Detect timezone in web browser (FEATURE) [ISLCONFPROXY-1532] More

Description

Timezone detection javascript files have been added to ISL Conference Proxy resource files. Timezone detection is performed when users log into their account. Both modern browsers and Internet Explorer are suppored by Timezone detection script, in case web browser detection fails, old methods like GeoIP timezone and network class fallbacks are used.

Flags for this ticket are disabled by default.

[PREVIEW] ISL AlwaysOn - Module - Use "connect_continue" protocol message (FEATURE) [ISLALWAYSON-1231] More

Description

ISL AlwaysOn "islalwayson/computer/connect/2" method now supports new message: connect_continue. With new message, the session options and selected rdp session must be sent before server shows notification message. 

Flags for this ticket are disabled by default.

[PREVIEW] ISL AlwaysOn - Module - Check "computer_all" permission on group acls which matches any "computer_X" acl (FEATURE) [ISLALWAYSON-1244] More

Description

When using or updating computer connection that is owned by by group, group acl (access control list) are checked. When calling webapi2 "islalwayson/computer/update/2" method or calling RPC update, "computer_edit" and "all" acl permissions are checked. When deleting connection, "computer_delete" and "all" acl permission is checked. Running action on the computer requires "computer_action" or "all" acl permission.

We have added "computer_all" permission, that represents all computer related acl permissions in group. Acl "computer_all" will be supported in updated webapi2 method for groups: utils/groups/security/2.

Flags for this ticket are disabled by default.

[PREVIEW] ISL Light - Module - Disable port style codes (FEATURE) [ISLLIGHT-4739] More

Description

Support for short ISL Light codes (port style) has been removed. Older remote support applications, like ISL Light Desk and ISL Light Client 3.0.x, which used the port style codes, are not longer supported with new session code generation. User of such unsupported applications will receive notification about updating the software.

Flags for this ticket are disabled by default. 

ISL Conference Proxy - Core - Slow search query for ISL AlwaysOn computers (DEFECT) [ISLCONFPROXY-1509] More

Description

In previous version, query that performed search of ISL AlwaysOn computers was slow. Searching for ISL AlwaysOn computers was redesigned, and query optimized so that know, search should be faster.

The defect was fixed.

ISL Conference Proxy - Core - Inconsistent / nonsense behaviour of negative multi-value search in DB (DEFECT) [ISLCONFPROXY-1513] More

Description

Not equals operator with multiple values [<> column v1 v2 v3] was fixed to return !v1 && !v2 && !v3. This search format was not used in modules and was standardized to avoid possible issues in the future.

Flags for this ticket are enabled by default.

ISL Conference Proxy - Core - Remove stateless login support for utils/login/dialog/1 (DEFECT) [ISLCONFPROXY-1517] More

Description

In previous version, it was possible to proceed to second step of 2-Factor authentication without valid state parameter. This was redesigned in a way that users cannot proceed, if state parameter is invalid.

The defect was fixed.

 Flags for this ticket are enabled by default.

ISL Conference Proxy - Core - Fix utils/login/dialog/1 arg system-login-dialog-show-forgot-password (DEFECT) [ISLCONFPROXY-1526] More

Description

In rare cases, "system-login-dialog-show-forgot-password" parameter was improperly handled. So even if this parameter was set to 0, forgot password element was shown to user. This was now redesigned, and this parameter should be properly handled.

The defect was fixed. 

Flags for this ticket are enabled by default.

ISL Conference Proxy - Core Login - Translations break Golangs templating engine (DEFECT) [ISLCONFPROXY-1527] More

Description

Characters of some translations (French) caused 500 Internal Server errors on web-pages where such characters were used. Templating engine was redesigned to avoid future error causes.

The defect was fixed.

ISL Conference Proxy - Core -  Fix random code generation algorithm (DEFECT) [ISLCONFPROXY-1533] More

Description

Random code generation algorithm has been changed. Random base has been updated in order to provide sufficient session code pool in multiple server scenarios.

Flags for this ticket are enabled by default.

ISL Conference Proxy - Core - Restore support for initial args in login.html (DEFECT) [ISLCONFPROXY-1535] More

Description

In previous version, if users navigate to "Profile / Change password", wrong GUI was shown. GUI that was shown was product login GUI. This was now redesigned, so that correct GUI is shown and appropriate calls to webapi2 method "utils/login/dialog/1" are made.

The defect was fixed.

 Flags for this ticket are enabled by default.

ISL Conference Proxy - Core - Remove sensitive data from debug External login dialog log lines (DEFECT) [ISLCONFPROXY-1551] More

Description

Setting Subsystem external authentication debug log was replaced with [Core] External authenticator settings, log format is now AKV. Sensitive information was stripped from debug log lines (turned off by default in old and new implementation):

  • External authentication: *
  • External dialog authentication: *
  • login dialog *


The following dat has been stripped from the debug logs:

  • passwords
  • tokens (state, skip 2FA, device ID)
  • secure fields in login dialog request (password)
  • token state authenticator hash
  • token state variables (2FA status, ...)
  • login dialog GUI (may contain entered passwords, etc.)


The defect was fixed.

ISL AlwaysOn - Module - Add fid to file upload form (DEFECT) [ISLALWAYSON-1221] More

Description

Uploading files through ISL AlwaysOn web interface sometimes resulted in corrupted files, when GRID configuration was in place. If target ISL AlwaysOn computer was not active on the same server that handled upload form, the  data chunks were sent out of order. In order to correct wrong behavior, file identifier (fid) was added to the file upload form.

Flags for this ticket are enabled by default.

ISL Pronto - Module - Enable reverse proxy for web file upload (DEFECT) [ISLPRONTO-1067] More

Description

In case of ** reverse proxy usage (reverse proxy in front of ISL Conference Proxy GRID setup), file uploading a file from web-client sometimes failed. This happened if reverse proxy assigned the request to the server, that was not joined to the domain of the ongoing chat. File uploads through ISL Pronto chats are now handeled correctly in case of reverse proxy, the file upload pages are served from the correct server.

Flags for this ticket are enabled by default.

[PREVIEW] ISL Conference Proxy - Core - Reverse proxy channel is not released (DEFECT) [ISLCONFPROXY-1454] More

Description

When persistent reverse proxy connection to remote server was manually broken, corresponding handler was not called. This was redisigned, handler broken is now called correcly after when such scenario occurs.

Flags for this ticket are disabled by default.

[PREVIEW] ISL Conference Proxy - Core - Fix installation name sanitizer (DEFECT) [ISLCONFPROXY-1468] More

Description

Sanitizer for Installation name of ISL Conference Proxy was implemented incorrectly causing the invalid characters to remain in the installation name if present. This caused errors in various parts of the infrastructure (login, webstart etc.). Sanitizer was implemented correctly and should remove the invalid characters from installation name. If name is composed entirely from invalid characters it is replaced by the connection IP address.

Flags for this ticket are disabled by default.

[PREVIEW] ISL Conference Proxy - Core - Show PostgreSQL installation message in file backend mode (DEFECT) [ISLCONFPROXY-1469] More

Description

In previous version, in case PostgreSQL was installed and file database backend is enabled, in ISL Conference Proxy configuration page it displayed following message: "ISL Conference Proxy is not fully configured which will cause limited or inaccessible functionality. In the side menu, go to Manage software and select Online update or Manual update to install all the latest modules." This was now redesigned so that correct error is displayed saying following: "ISL Conference Proxy is using the file database backend which will cause limited or inaccessible functionality. Please upgrade the database backend to PostgreSQL.". Also, in previous version users could hide this notification. This was also redesigned, so that users cannot hide this notification.

The defect was fixed.

Flags for this ticket are disabled by default.

[PREVIEW] ISL Conference Proxy - Core Login - Improve error logs for crashing module (DEFECT) [ISLCONFPROXY-1494] More

Description

In certain cases the Default log mode of ISL Conference Proxy failed to provide enough information to diagnose the problem. Log entries were redesigned, they now contain additional information that should help diagnose the problems in the future. HTTP server reports errors in the log as well.

Flags for this ticket are disabled by default

[PREVIEW] ISL Conference Proxy - Core - Use file content etag in web server instead of file timestamp (DEFECT) [ISLCONFPROXY-1502] More

Description

Web server now serves content based etags instead of file timestamps in all cases, to allow effective caching in GRID setup. Etag cache stores 10000 file hashes and was implemented in ISLCONFPROXY-1501 to support packet generator raw file content hashes.

Flags for this ticket are disabled by default.

[PREVIEW] ISL Conference Proxy - Core - Handle translation files without version as fallback (DEFECT) [ISLCONFPROXY-1515] More

Description

Using islonline.net integrator module and corresponding translation file disabled the usage of translation file. Integrator module was using translation version identification whereas translation file had no version. Fallback check  was added to avoid checking translation verions when module is installed.

Flags for this ticket are disabled by default.

[PREVIEW] ISL AlwaysOn - Module - Fix action_list_js to be run through xpp (DEFECT) [ISLALWAYSON-1227] More

Description

ISL AlwaysOn actions list javascript is now run through an extra step of HTML preprocessor so translate_js calls can be executed and this no longer triggers javascript error. HTML preprocessor (XPP) in ISL Conference Proxy 4.4 is more strict and requires explicit runs of external recursive chunks of HTML.

Flags for this ticket are disabled by default.

[PREVIEW] ISL Light - Module - Show 2FA not available error for ISL Light v3 (DEFECT) [ISLLIGHT-4674] More

Description

In previous version, if user had 2FA and tried login via ISL Light Desk (v3) he got an error saying that provided username/password is wrong. This was now redesigned so that correct error message is shown to user saying that two-factor authentication is required but not supported with this version.

The defect was fixed.

Flags for this ticket are disabled by default.

[PREVIEW] ISL Pronto - Module - Login with invalid webtoken should not proceed to user authenticate if username is empty (DEFECT) [ISLPRONTO-1062] More

Description

If ISL Pronto client with 2FA enabled, had a webtoken cached from a previous login, it prompted the server with it using empty username/password. As a speed optimization, a flag was added to ISL Pronto module, which returns failure if webtoken is expired, without trying to log in with empty username/password.

Flags for this ticket are disabled by default. 

[PREVIEW] ISL Pronto - Module - Separate invited and joined state in database (DEFECT) [ISLPRONTO-1058] More

Description

ISL Pronto operators that were invited to the chat of other operators, but did not actually join the conversation, counted as they participated in the chat. This resulted in high number of chat participations for some operators, who only received invitations, but did not actually join the chats. States for chat invitations and actual joined chats are now separated in the database, which will show the correct number of chat participations in ISL Pronto reports section.

Flags for this ticket are disabled by default.

[PREVIEW] ISL Groop - Desktop - webtoken expires during session and requires reauthenticate (DEFECT) [ISLGROOP-816] More

Description

In cases where user started ISL Groop from join page on website, the webtoken was used for authentication. Webtoken then automatically expired while the session was ongoing. If the user then had to reconnect into Groop session he had to authenticate again. Authentication procedure for ISL Groop was redesigned and the user should now remain connected even after webtoken expires.

Flags for this ticket are disabled by default.

Was this article helpful?