Release notes
These release notes summarize the changes in current and previous PingAccess Agent SDK for C updates. Updated July 22, 2024.
|
The PingAccess Agent SDK for C no longer supports FreeBSD 8. |
- Version 1.4 - July 2024
-
-
Added support for RHEL 9.
-
If you use a Web + API application, the
vnd-pi-resource-cachePingAccess agent protocol (PAAP) header now contains an additional path so Web + API applications can cache both cookie and authorization header token-types. For more information, see the Cache multiple token-types for Web + API applications entry in the PingAccess 8.1 release notes, and theagent.cache.defaultTokenTypeproperty on an Apache or IIS agent configuration page.Existing agent environments ignore the new
vnd-pi-token-cache-oauth-ttlheader and additional paths in thevnd-pi-resource-cacheheader.To see the performance boost, upgrade to PingAccess 8.1 and upgrade to the latest version of the desired agent. Otherwise, continue to use an earlier agent version.
-
Configure a PingAccess Apache agent or the PingAccess agent for IIS to block requests that contain bad characters in the URI, query parameters, form parameters, or request body without having to reach out to PingAccess for a decision. Added eight new properties to each agent:
-
agent.request.block.xss.characters -
agent.request.block.uri.characters -
agent.request.block.query.characters -
agent.request.block.form.characters -
agent.request.block.xss.http.status -
agent.request.block.uri.http.status -
agent.request.block.query.http.status -
agent.request.block.form.http.status
For large scale or more complex blocking decisions, it’s best practice for the agent to reach out to PingAccess for a decision.
Learn more in the configuration page for your agent:
-
-
Added a new configuration option to the IIS agent to give protected applications better reliability without giving up the ability to perform CRL checking when the server is available: the
agent.engine.configuration.checkCertRevocation.bestEffortproperty.This change provides better alignment between PingAccess, PingFederate, and PingAccess policy server CRL checking. Learn more in IIS agent configuration.
-
- Version 1.3 - June 2020
-
-
Added support for RHEL 8
-
Added agent inventory callback API
-
Removed support for RHEL 6
-
- Version 1.2.1 - February 2020
-
Fixed a potential security issue.
- Version 1.2 - June 2019
-
Fixed a potential security issue.
- Version 1.1.5 - February 2019
-
Added support for FreeBSD 8
- Version 1.1.4 - October 2018
-
Fixed potential security issues.
- Version 1.1.3 - August 2018
-
-
Updated version of libcurl to fix an issue where libcurl was only checking the first SAN in the server certificate
-
Fixed a potential security issue
-
- Version 1.1.2 - March 2017
-
Added support for:
-
SUSE Linux Enterprise Server 11 SP4 (x86_64)
-
SUSE Linux Enterprise Server 12 SP2 (x86_64)
-
- Version 1.1.1 - January 2017
-
-
Established a workaround for a known issue in the Network Security Services library that results in a memory leak when the agent closes a HTTPS connection to a PingAccess policy server. For more information, see this KB article.
-
Fixed an issue where duplicate headers were included in the backend request to the PingAccess Engine, causing the agent to block the request for content.
-
- Version 1.1 - November 2016
-
Added policy server failover support. Policy server failover support is only provided by the SDK when using the libcurl HTTP client.
- Version 1.0.2 - September 2016
-
-
Fixed an issue where agents could not communicate with PingAccess servers using a certificate signed by a certificate authority because the CRL Distribution Point extension is missing. This issue is limited to agents on Windows deployments.
-
Addressed a potential security vulnerability. This issue is limited to Windows deployments.
-
- Version 1.0.1 - May 2016
-
Fixed an issue with ZeroMQ policy cache where a terminated process could cause a condition that resulted in unexpected CPU utilization.
- Version 1.0 - April 2016
-
Initial Release.