ISL Conference Proxy 4.4.1837.77 with modules for Windows and Linux (2019-01-25)

 

On 25th of January the following was released: 

  • ISL Conference Proxy 4.4.1837.77 for Windows 32bit (Platform=win32, Revision=2cbe7994c526026bd0c391b0ea8b340b3a4eae52, release_date=2019-01-24, req_os_version=0x06000000-0x7fffffff)
  • ISL Conference Proxy 4.4.1837.77 for for Windows 64bit (Platform=win64, Revision=2cbe7994c526026bd0c391b0ea8b340b3a4eae52, release_date=2019-01-24, req_os_version=0x06000000-0x7fffffff)
  • ISL Conference Proxy 4.4.1837.77 for for Linux 32bit (Platform=linux, Revision=2cbe7994c526026bd0c391b0ea8b340b3a4eae52, release_date=2019-01-24, req_os_version=0x0206170000-0xffffffffff)
  • ISL Conference Proxy 4.4.1837.77 for for Linux 64bit (Platform=linux64, Revision=2cbe7994c526026bd0c391b0ea8b340b3a4eae52, release_date=2019-01-24, req_os_version=0x0206170000-0xffffffffff)

Modules

  • Core Login 4.4.1837.77 (release_date=2019-01-24, revision=2cbe7994c526026bd0c391b0ea8b340b3a4eae52)
  • DNS Server 4.4.1837.77 (release_date=2019-01-24, revision=2cbe7994c526026bd0c391b0ea8b340b3a4eae52)
  • ISL AlwaysOn 4.4.1837.77 (release_date=2019-01-24, revision=2cbe7994c526026bd0c391b0ea8b340b3a4eae52)
  • ISL Groop 4.4.1837.77 (release_date=2019-01-24, revision=2cbe7994c526026bd0c391b0ea8b340b3a4eae52)
  • ISL Pronto 4.4.1837.77 (release_date=2019-01-24, revision=2cbe7994c526026bd0c391b0ea8b340b3a4eae52

Translations

  • core_login_20190124_20190124_131340.translation
  • isl_alwayson_20190124_20190124_131340.translation
  • isl_conference_proxy_20190124_20190124_131340.translation
  • isl_groop_20190124_20190124_131340.translation
  • isl_light_20190124_20190124_131340.translation
  • isl_pronto_20190124_20190124_131340.translation
  • reports_20190124_20190124_131340.translation

Translations (newer translations)

  • core_login_20190226_20190226_172953.translation
  • isl_alwayson_20190226_20190226_172953.translation
  • isl_conference_proxy_20190226_20190226_172953.translation
  • isl_groop_20190226_20190226_172953.translation
  • isl_light_20190226_20190226_172953.translation
  • isl_pronto_20190226_20190226_172953.translation
  • reports_20190226_20190226_172953.translation

Update availability

All updates, except translations, have release date set to 2019-01-24. Your ESS will need to be  same or higher to be able to update your server. This release is  available to all countries except Japan.

Upgrading to new version

This are server side updates so hosted service users do not need to do anything.

Server license users please check Upgrading Server License

Improvements

ISL AlwaysOn - Module - Obsolete alwayon/* webapis (FEATURE) [ISLALWAYSON-1307] More

Description

In previous versions, ISL AlwaysOn module, registered some webapi2 method calls, that were not used by any of our product (they were obsolete). This was redesigned so that ISL AlwaysOn module will not register anymore this obsolete webapi2 methods. This methods are:

  • "islalwayon/computer/update/1"
  • "islalwayon/computer/connect/1"
  • "islalwayon/computer/search/1"
  • "islalwayon/user/grant/1"

ISL AlwaysOn - Module - Use wol groups field to select proxy computer (FEATURE) [ISLALWAYSON-1325] More

Description

Added support for improving WOL behaviour. New WOL sender is computer that has same wol_group as target computer. If it doesn't exists, then old WOL sender selection is used. So if last outer IP of computer is on the same network as ISL Conference Proxy, then ISL Conference Proxy will send WOL packet or we will find computers that have same outer IP and send them proxy WOL.

ISL AlwaysOn - Module - Add web hooks for "connection added" and "connection removed" (FEATURE) [ISLALWAYSON-1393] More

Description

Added support for reporting computer connection count when connection is created or deleted via webhooks mechanism. Count changes are queued for 5-7 seconds.

ISL Conference Proxy - Core - Monitor file access and report long names (FEATURE) [ISLCONFPROXY-1484] More

Description

Long filenames and long paths caused errors with eCryptfs library on ISL Conference Proxy. Filenames were shortened and should no longer cause errors. File access monitor was added that reports any filename longer than 140 characters and  any path longer than 250 characters as critical events.

ISL Conference Proxy - Core - Detect timezone in web browser (FEATURE) [ISLCONFPROXY-1532] More

Description

Timezone detection javascript files have been added to ISL Conference Proxy resource files. Timezone detection is performed when users log into their account. Both modern browsers and Internet Explorer are suppored by Timezone detection script, in case web browser detection fails, old methods like GeoIP timezone and network class fallbacks are used.

ISL Conference Proxy - Core - Module SDK activity log support (FEATURE) [ISLCONFPROXY-1626] More

Description

Record activity log feature (Logs->Record activity) now supports recording activity events from modules, developed with module SDK.

ISL Conference Proxy - Core Login - Disable legacy login after restoring login methods (FEATURE) [ISLCONFPROXY-1842] More

Description

Added support for disabling legacy login after login methods are restored.

ISL Conference Proxy - Module DNS - Pass ISC DNS-Compliance-Testing genreport -cf with COOKIE (FEATURE) [ISLCONFPROXY-1854] More

Description

DNS server was fixed to pass ISC DNS-Compliance-Testing available at: https://gitlab.isc.org/isc-projects/DNS-Compliance-Testing (empty output by "genreport -cfB"). Fixes include:

  • support for OPT records and EDNS0
  • UDP with EDNS0 max response packet size is 4096 (increase from 512 without EDNS0)
  • support for DNS COOKIE (server cookies are not enforced in any way at the moment)
  • response RD flag is now set to request RD flag if request OPCODE is 0 (previously always 0)

ISL Conference Proxy - Core / Module DNS - ECS (EDNS Client Subnet) (FEATURE) [ISLCONFPROXY-1855] More

Description

DNS server now uses client IP in load balancer provided by requestor and responds with:

  • ECS full bits response when load balancer is used (32 bits for IPv4, 128 bits for IPv6): "www.example.com"
  • ECS zero bits when load balancer is used, but client IPv4 is encoded in the request: "www-myipaaaaaaaa.example.com"
  • ECS zero bits response otherwise: "ns1.example.com"

ISL Conference Proxy - Module DNS - Extra DNS / EDNS counters (FEATURE) [ISLCONFPROXY-1857] More

Description

Following DNS & EDNS counters were added to DNS module:

  • DNS:reply_sum
  • DNS:edns_request_sum
  • DNS:edns_request_cookie_sum
  • DNS:edns_request_client_subnet_sum
  • DNS:edns_request_client_subnet_full_sum
  • DNS:edns_request_client_subnet_partial_sum
  • DNS:edns_request_client_subnet_zero_sum
  • DNS:edns_reply_client_subnet_nonzero_sum
  • DNS:edns_reply_client_subnet_zero_sum
  • DNS:error_edns1_sum
  • DNS:error_edns2plus_sum
  • DNS:error_parse_edns_sum
  • DNS:error_no_reply_sum
  • DNS:error_reply_truncated_sum
  • DNS:error_parse_sum
  • DNS:error_make_reply_sum
  • DNS:error_notimp_sum
  • DNS:error_send_reply_sum

ISL Groop - Module - Bump protocol version to 14 (FEATURE) [ISLGROOP-1025] More

Description

ISL Groop module protocol was raised to 14.

ISL AlwaysOn - Module - Secureon password is not sent to target computer when using new wake-on-lan implementation (DEFECT)  [ISLALWAYSON-1329] More

Description

Secureon password was not sent when sending wake-on-lan packet with the new implementation for turning on the remote computer. This functionality was added and now when wake-on-lan packet is sent to target computer it also includes secureon password if user defined it in the ISL AlwaysOn settings.

The defect was fixed.

ISL AlwaysOn - Module - use data in delete_object callback (DEFECT) [ISLALWAYSON-1421] More

Description

In previous versions ISL AlwaysOn module tried to report usage counters via webhook also on deleted DB objects. Module was not able to query relationship on deleted objects. This was now redesigned so that module mappings for deleted objects are cached for 40s.

The defect was fixed.

ISL Conference Proxy - Core - HTTP/1.0 Connection Close does not shutdown TCP write (DEFECT) [ISLCONFPROXY-1271] More

Description

Users who used Incapsula HTTP proxy were unable to connect to ISL Conference Proxy. The issue was that parameter Content-Length was not sufficient for notifying the proxy to shutdown the connection after the content was sent. Now after the content is sent ISL Conference Proxy will also send TCP shutdown write in order to notify the proxy to shutdown the connection.

In order to enable ISL Conference Proxy this functionality users have to navigate to ISL Conference Proxy configuration page under Configuration - Advanced - Web server:
HTTP/1.0 connection close write [4.3 preview]:
and set the value to Yes.

The defect was fixed.

ISL Conference Proxy - Core - Reverse button order in login dialog HTML (DEFECT) [ISLCONFPROXY-1512] More

Description

In previous version, on login dialog page, buttons were reversed. This was now redesigned, and buttons should be in correct order.

The defect was fixed.

ISL Conference Proxy - Core - IP range matcher is ineffective (DEFECT) [ISLCONFPROXY-1565] More

Description

Due to refactoring error, IP range matcher IP1-IP2 was not effective in ISL Conference Proxy 3.4.0 - 4.4.1734. IP range matcher is now effective again. Affected subsystems:

  • Security setting Allowed IP addresses for administration
  • Security setting Allowed IP addresses for XMLMSG
  • Security setting Allow X-Forwarded-For header (for CDN) for IP ranges
  • Security setting Do not use HTTP proxy for addresses
  • Security setting Force networks to public internet address
  • Security setting Force networks to private intranet address
  • Security setting Filters that define access to webapi2
  • Web server setting Allowed IP addresses for frontends
  • Load balancing setting IP boost on server X
  • Load balancing setting Global IP boost
  • <ip>1.2.3.4-1.2.3.10</ip> matcher in software_policy.xml
  • DNS zone IP limit
  • Locale setting Map IP to timezone

The defect was fixed.

ISL Conference Proxy - Core - IP filter parser on Linux fails to parse masks (DEFECT) [ISLCONFPROXY-1566] More

Description

Due to incorrect IP parsing order on Linux and the specific unit test not being run automatically, IP mask matcher with spaces 1.2.3.4 / 255.255.0.0 was not effective in ISL Conference Proxy. IP mask matcher is now effective again. IP matcher without spaces 1.2.3.4/255.255.0.0 is not affected. Affected subsystems:

  • Security setting Allowed IP addresses for administration
  • Security setting Allowed IP addresses for XMLMSG
  • Security setting Allow X-Forwarded-For header (for CDN) for IP ranges
  • Security setting Do not use HTTP proxy for addresses
  • Security setting Force networks to public internet address
  • Security setting Force networks to private intranet address
  • Security setting Filters that define access to webapi2
  • Web server setting Allowed IP addresses for frontends
  • Load balancing setting IP boost on server X
  • Load balancing setting Global IP boost
  • <ip>1.2.3.4 / 255.255.0.0</ip> matcher in software_policy.xml
  • DNS zone IP limit
  • Locale setting Map IP to timezone

The defect was fixed.

ISL Conference Proxy - Module GeoIP - when loading mmdb files on start, default or custom, version might stay "..." (DEFECT) [ISLCONFPROXY-1572] More

Description

In previous version, sometimes when loading GeoIP database, the database info in web admin GeoIP status stays empty / in progress. This now now redesigned so that table columns should always show database info.

The defect was fixed.

ISL Conference Proxy - Core - Reorder permissions to match settings (DEFECT) [ISLCONFPROXY-1716] More

Description

Permissions priority list was changed to match settings priority list: "default, grid, server, domain, user". Several features were found to use incorrect priority list because of the difference between permissions and settings, using only "default, server" levels instead of "default, server, grid".

The defect was fixed.

ISL Groop - Module - Webtoken expires during session and requires reauthenticate (DEFECT) [ISLGROOP-816] More

Description

In cases where user started ISL Groop from join page on website, the webtoken was used for authentication. Webtoken then automatically expired while the session was ongoing. If the user then had to reconnect into Groop session he had to authenticate again. Authentication procedure for ISL Groop was redesigned and the user should now remain connected even after webtoken expires.

ISL Groop - Module - Profile permissions do not inherit correctly (DEFECT) [ISLGROOP-985] More

Description

Correct permission inheritance is now used for profile permissions (No - deny overridewas not effective before). Affected profile permissions are: email history, personal image.

ISL Pronto - Module - Webapi2 islpronto/supporter/info/get/* return "insufficient permissions" (DEFECT) [ISLPRONTO-919] More

Description

In previous versions, webapi2 methods "islpronto/supporter/info/get/list/1" and "islpronto/supporter/info/get/single/1" returned user error (insufficient permissions) if supporter has "View other supporter's public chats" setting to "No". This was now redesigned so that this two webapi2 methods should return only chat info for supporters if they have this setting set to "No".

The defect was fixed.

ISL Pronto - Module - Truncate client name to 100 chars (DEFECT) [ISLPRONTO-1151] More

Description

In previous version, ISL Pronto module did not limit client name length. This was now redesigned, so that client name should be now truncated to 100 characters.

The defect was fixed.

ISL Pronto - Module - Pronto uses islstaticly encoded password for ISL Light Desk (DEFECT) [ISLPRONTO-1153] More

Description

In previous version ISL Pronto module did not decode ISL Light password before sending it to ISL Light. This was now redesigned, so that correct password is sent to ISL Light and login in ISL Light should go through smoothly.

The defect was fixed.

Was this article helpful?