[freeradius.git] / doc / ChangeLog

FreeRADIUS 2.0.5 ; $Date$ , urgency=medium
        Feature improvements
        * Permit SQL authorize_reply_query to be empty.
        * Allow setting response packet type in Post-Proxy-Type Fail
          handler.
        * Added install-chown target to set correct permission and ownership
          make RADMIN=radmin RGROUP=radius install-chown
        * Support for LDAP-Group and other dynamic comparison attributes
          in unlang.  Developed from a patch by Jason Alderfer.
        * Added chroot support.  See radiusd.conf for comments.
        * Allow clients of 0/0.  We do not recommend using this, though.
        * Moved many module configurations into raddb/modules/*
        
        Bug fixes
        * Allow proxying to virtual servers for accounting packets, too.
        * Added "num fields" function to PostgreSQL client.
        * Updated proxy fallback mechanism to validate fallback servers,
          and to process fallback requests in a child thread.
        * rlm_realm returns "ok" for LOCAL realms, not "noop".
        * Fixed some DHCP code handling.  The examples should now work.

FreeRADIUS 2.0.4 ; Date: 2008/04/30 08:56:40  , urgency=medium
        Feature improvements
        * Allow "virtual_server" in "realm" and "home_server" sections.
          See raddb/proxy.conf and raddb/sites-available/virtual.example.com.
        * Allow "passwd" module to be listed in "accounting" and "post-auth".
        * Added "fallback" to "home_server_pool" configuration, to handle
          the case of all home servers being dead.  See raddb/proxy.conf.
        * Added sample text to raddb/sites-available/inner-tunnel which
          can simplify debugging of inner tunnel configurations.
        * Added regular expression matching in realm names.  See
          raddb/proxy.conf for examples.
        * Added simple DHCP server functionality.  For comments, see
          raddb/sites-available/dhcp.
        * Added file globbing capabilities to detail file reader
        * Added sample raddb/sites-available/robust-proxy-accounting
        * Clients in SQL can now refer to a virtual server.
          Patch from Michael Bretterklieber.
        * Added some examples of creating RADIUS administrator in SQL,
          and assigning appropriate access rights.
        
        Bug fixes
        * Install all files in raddb/sites-available
        * Allow non-threaded builds.
        * Don't treat '0x' as special for known attributes that are not
          of type "octets".
        * Fix log error in rlm_pap.
        * Remove documentation about non-existent functionality.
        * Updated warning messages in debug output.
        * Fix handling of timeouts in rlm_ldap that affected 64-bit systems.
          This fix was supposed to go into 2.0.3, but did not make it.
        * Fix event handling in debug mode for failed proxy requests.
        * Fix memleak in fifos.  Closes #537.
        * Fix memleak on blocked threads.  Closes #538.
        * Perform additional checks on NULL realms.  Closes #541.
        * Fix handling of "clients" in "listen" section.
        * When detail file cannot process a packet, sleep for longer
          to let the rest of the server do something.
        * Add missing table to raddb/sql/mssql/schema.sql.  Closes #545.
        * Updated rlm_sql_postgresql to build with PostgreSQL 7.x. 
          Closes #533.
        * Fix "postauth" of rlm_ldap to look for LDAP-UserDn in the
          correct place.
        * Update rlm_attr_filter for some corner cases.  Closes #543.
        * Fixed memory leak in libfreeradius event handler.
        * In the SQL Accounting on/off queries, remove the restriction
          that the session time had to be zero.
        
FreeRADIUS 2.0.3 ; Date: 2008/03/17 09:22:17  , urgency=medium
        Feature improvements
        * Updated raddb/certs/ca.cnf with extensions to allow ca.der
          to be imported as a CA on Symbian and Windows Mobile devices.
          Closes bug #524
        * Enable multiple matches in "hints" via Fall-Through = Yes.
          Closes bug #477
        * Added preliminary SQLite driver, contibuted by Apple.
          Untested, with no sample configuration.  This address bug #470.
        * Updated logging sub-system so that log messages from libfreeradius
          can go to the log file, and not stdout.
        * Added dictionary.rfc5176
        * EAP module now checks for instance name, and uses that for
          authentication.  This avoids the need to set Auth-Type when
          there are multiple instances of the EAP module.
        * Added Module-Return-Code attribute, which contains the value
          returned by the previous module (ok/fail/update/etc.)

        Bug fixes
        * Corrected typos in rlm_dbm.  Closes bugs #521 and #522.
        * Detail file "listen" sections now work much better.
        * Don't allow old "log_*" to over-ride new format.  Closes bug #525
        * Initialize allocated memory in Oracle SQL driver.  This fixes
          occasional crashes on some systems.  Closes bug #518
        * Call correct function in rlm_protocol_filter.  This enables the
          module to build.  Closes bug #512.
        * Added deprecated flag to build for rlm_krb5.  This allows it to
          run on 64-bit systems.  Closes bug #491
        * Corrected error message when parsing invalid configurations
          so it doesn't crash.  Closes bug #527
        * Fix handling of timeouts in rlm_ldap that affected 64-bit systems.
        * Handle $INCLUDE's in "instantiate" section.  Closes #528.
        * Format updates to "man" pages from Stephen Gran.

FreeRADIUS 2.0.2 ; Date: 2008/02/14 11:13:48  , urgency=medium
        Feature improvements
        * Added notes on how to debug the server in radiusd.conf
        * Moved all "log_*" in radiusd.conf to log{} section.
          The old configurations are still accepted, though.
        * Added ca.der target in raddb/certs/Makefile.  This is
          needed for importing CA certs into Windows.
        * Added ability send raw attributes via "Raw-Attribute = 0x0102..."
          This is available only debug builds.  It can be used
          to create invalid packets! Use it with care.
        * Permit "unlang" policies inside of Auth-Type{} sub-sections
          of the authenticate{} section.  This makes some policies easier
          to implement.
        * "listen" sections can now have "type = proxy".  This lets you
          control which IP is used for sending proxied requests.
        * Added note on SSL performance to raddb/certs/README

        Bug fixes
        * Fixed reading of "detail" files.
        * Allow inner EAP tunneled sessions to be proxied.
        * Corrected MySQL schemas
        * syslog now works in log{} section.
        * Corrected typo in raddb/certs/client.cnf
        * Updated raddb/sites-available/proxy-inner-tunnel to
          permit authentication to work.
        * Ignore zero-length attributes in received packets.
        * Correct memcpy when dealing with unknown attributes.
        * Corrected debugging messages in attr_rewrite.
        * Corrected generation of State attribute in EAP.  This
          fixes the "failed to remember handler" issues.
        * Fall back to DEFAULT realm if no realm was found.
          Based on a patch from Vincent Magnin.
        * Updated example raddb/sites-available/proxy-inner-tunnel
        * Corrected behavior of attr_filter to match documentation.
          This is NOT backwards compatible with previous versions!
          See "man rlm_attr_filter" for details.

FreeRADIUS 2.0.1 ; Date: 2008/01/22 13:29:37  , urgency=low
        Feature improvements
        * "unlang" has been expanded to do less run-time expansion,
          and to have better handling of typed data.  See "man unlang"
          for documentation and new examples.
        
        Bug fixes
        * The 'acct_unique' module has been updated to understand
          the deprecated (but still used) Client-IP-Address attribute.
        * The EAP-MSCHAPv2 module no longer leaks MS-CHAP2-Success in
          packets.
        * Fixed crash in rlm_dbm.
        * Fixed parsing of syslog configuration.

FreeRADIUS 2.0.0 ; Date: 2007/11/24 08:33:09 , urgency=low
        Feature improvements
        * Debugging mode is much clearer and easier to read.
        * A new policy language makes many configurations trivial.
          See "man unlang" for a complete description.
        * Virtual servers are now supported.  This permits clear separation
          of policies.  See raddb/sites-available/README
        * EAP-TLS (PEAP, EAP-TTLS) and OpenSSL certificates "just work".
          See raddb/certs/README for details.
        * Proxying is much more configurable than before.
          See proxy.conf for documentation on pools, and new config items.
        * Full support for IPv6.
        * Much more complete support for the RADIUS SNMP MIBs.
        * HUP now works.  Only some modules are re-loaded,
          and the server configuation is *not* reloaded.
        * "check config" option now works.  See "man radiusd"
        * radrelay functionality is now included in the server core.
          See raddb/sites-available/copy-acct-to-home-server
        * VMPS support.  It is minimal, but functional.
        * Cleaned up internal API's and names, including library names.
        
        Bug fixes
        * Many.