1 FreeRADIUS 2.0.5 ; $Date$ , urgency=medium
3 * Permit SQL authorize_reply_query to be empty.
4 * Allow setting response packet type in Post-Proxy-Type Fail
6 * Added install-chown target to set correct permission and ownership
7 make RADMIN=radmin RGROUP=radius install-chown
8 * Support for LDAP-Group and other dynamic comparison attributes
9 in unlang. Developed from a patch by Jason Alderfer.
10 * Added chroot support. See radiusd.conf for comments.
11 * Allow clients of 0/0. We do not recommend using this, though.
12 * Moved many module configurations into raddb/modules/*
15 * Allow proxying to virtual servers for accounting packets, too.
16 * Added "num fields" function to PostgreSQL client.
17 * Updated proxy fallback mechanism to validate fallback servers,
18 and to process fallback requests in a child thread.
19 * rlm_realm returns "ok" for LOCAL realms, not "noop".
20 * Fixed some DHCP code handling. The examples should now work.
22 FreeRADIUS 2.0.4 ; Date: 2008/04/30 08:56:40 , urgency=medium
24 * Allow "virtual_server" in "realm" and "home_server" sections.
25 See raddb/proxy.conf and raddb/sites-available/virtual.example.com.
26 * Allow "passwd" module to be listed in "accounting" and "post-auth".
27 * Added "fallback" to "home_server_pool" configuration, to handle
28 the case of all home servers being dead. See raddb/proxy.conf.
29 * Added sample text to raddb/sites-available/inner-tunnel which
30 can simplify debugging of inner tunnel configurations.
31 * Added regular expression matching in realm names. See
32 raddb/proxy.conf for examples.
33 * Added simple DHCP server functionality. For comments, see
34 raddb/sites-available/dhcp.
35 * Added file globbing capabilities to detail file reader
36 * Added sample raddb/sites-available/robust-proxy-accounting
37 * Clients in SQL can now refer to a virtual server.
38 Patch from Michael Bretterklieber.
39 * Added some examples of creating RADIUS administrator in SQL,
40 and assigning appropriate access rights.
43 * Install all files in raddb/sites-available
44 * Allow non-threaded builds.
45 * Don't treat '0x' as special for known attributes that are not
47 * Fix log error in rlm_pap.
48 * Remove documentation about non-existent functionality.
49 * Updated warning messages in debug output.
50 * Fix handling of timeouts in rlm_ldap that affected 64-bit systems.
51 This fix was supposed to go into 2.0.3, but did not make it.
52 * Fix event handling in debug mode for failed proxy requests.
53 * Fix memleak in fifos. Closes #537.
54 * Fix memleak on blocked threads. Closes #538.
55 * Perform additional checks on NULL realms. Closes #541.
56 * Fix handling of "clients" in "listen" section.
57 * When detail file cannot process a packet, sleep for longer
58 to let the rest of the server do something.
59 * Add missing table to raddb/sql/mssql/schema.sql. Closes #545.
60 * Updated rlm_sql_postgresql to build with PostgreSQL 7.x.
62 * Fix "postauth" of rlm_ldap to look for LDAP-UserDn in the
64 * Update rlm_attr_filter for some corner cases. Closes #543.
65 * Fixed memory leak in libfreeradius event handler.
66 * In the SQL Accounting on/off queries, remove the restriction
67 that the session time had to be zero.
69 FreeRADIUS 2.0.3 ; Date: 2008/03/17 09:22:17 , urgency=medium
71 * Updated raddb/certs/ca.cnf with extensions to allow ca.der
72 to be imported as a CA on Symbian and Windows Mobile devices.
74 * Enable multiple matches in "hints" via Fall-Through = Yes.
76 * Added preliminary SQLite driver, contibuted by Apple.
77 Untested, with no sample configuration. This address bug #470.
78 * Updated logging sub-system so that log messages from libfreeradius
79 can go to the log file, and not stdout.
80 * Added dictionary.rfc5176
81 * EAP module now checks for instance name, and uses that for
82 authentication. This avoids the need to set Auth-Type when
83 there are multiple instances of the EAP module.
84 * Added Module-Return-Code attribute, which contains the value
85 returned by the previous module (ok/fail/update/etc.)
88 * Corrected typos in rlm_dbm. Closes bugs #521 and #522.
89 * Detail file "listen" sections now work much better.
90 * Don't allow old "log_*" to over-ride new format. Closes bug #525
91 * Initialize allocated memory in Oracle SQL driver. This fixes
92 occasional crashes on some systems. Closes bug #518
93 * Call correct function in rlm_protocol_filter. This enables the
94 module to build. Closes bug #512.
95 * Added deprecated flag to build for rlm_krb5. This allows it to
96 run on 64-bit systems. Closes bug #491
97 * Corrected error message when parsing invalid configurations
98 so it doesn't crash. Closes bug #527
99 * Fix handling of timeouts in rlm_ldap that affected 64-bit systems.
100 * Handle $INCLUDE's in "instantiate" section. Closes #528.
101 * Format updates to "man" pages from Stephen Gran.
103 FreeRADIUS 2.0.2 ; Date: 2008/02/14 11:13:48 , urgency=medium
105 * Added notes on how to debug the server in radiusd.conf
106 * Moved all "log_*" in radiusd.conf to log{} section.
107 The old configurations are still accepted, though.
108 * Added ca.der target in raddb/certs/Makefile. This is
109 needed for importing CA certs into Windows.
110 * Added ability send raw attributes via "Raw-Attribute = 0x0102..."
111 This is available only debug builds. It can be used
112 to create invalid packets! Use it with care.
113 * Permit "unlang" policies inside of Auth-Type{} sub-sections
114 of the authenticate{} section. This makes some policies easier
116 * "listen" sections can now have "type = proxy". This lets you
117 control which IP is used for sending proxied requests.
118 * Added note on SSL performance to raddb/certs/README
121 * Fixed reading of "detail" files.
122 * Allow inner EAP tunneled sessions to be proxied.
123 * Corrected MySQL schemas
124 * syslog now works in log{} section.
125 * Corrected typo in raddb/certs/client.cnf
126 * Updated raddb/sites-available/proxy-inner-tunnel to
127 permit authentication to work.
128 * Ignore zero-length attributes in received packets.
129 * Correct memcpy when dealing with unknown attributes.
130 * Corrected debugging messages in attr_rewrite.
131 * Corrected generation of State attribute in EAP. This
132 fixes the "failed to remember handler" issues.
133 * Fall back to DEFAULT realm if no realm was found.
134 Based on a patch from Vincent Magnin.
135 * Updated example raddb/sites-available/proxy-inner-tunnel
136 * Corrected behavior of attr_filter to match documentation.
137 This is NOT backwards compatible with previous versions!
138 See "man rlm_attr_filter" for details.
140 FreeRADIUS 2.0.1 ; Date: 2008/01/22 13:29:37 , urgency=low
142 * "unlang" has been expanded to do less run-time expansion,
143 and to have better handling of typed data. See "man unlang"
144 for documentation and new examples.
147 * The 'acct_unique' module has been updated to understand
148 the deprecated (but still used) Client-IP-Address attribute.
149 * The EAP-MSCHAPv2 module no longer leaks MS-CHAP2-Success in
151 * Fixed crash in rlm_dbm.
152 * Fixed parsing of syslog configuration.
154 FreeRADIUS 2.0.0 ; Date: 2007/11/24 08:33:09 , urgency=low
156 * Debugging mode is much clearer and easier to read.
157 * A new policy language makes many configurations trivial.
158 See "man unlang" for a complete description.
159 * Virtual servers are now supported. This permits clear separation
160 of policies. See raddb/sites-available/README
161 * EAP-TLS (PEAP, EAP-TTLS) and OpenSSL certificates "just work".
162 See raddb/certs/README for details.
163 * Proxying is much more configurable than before.
164 See proxy.conf for documentation on pools, and new config items.
165 * Full support for IPv6.
166 * Much more complete support for the RADIUS SNMP MIBs.
167 * HUP now works. Only some modules are re-loaded,
168 and the server configuation is *not* reloaded.
169 * "check config" option now works. See "man radiusd"
170 * radrelay functionality is now included in the server core.
171 See raddb/sites-available/copy-acct-to-home-server
172 * VMPS support. It is minimal, but functional.
173 * Cleaned up internal API's and names, including library names.