* Run Post-Proxy-Type Reject {} if the upstream server rejected the
request.
* On startup, the server checks if it was linked with the correct
- OpenSSL libraries. if not, it errors out. This prevents later
+ OpenSSL libraries. If not, it errors out. This prevents later
crashes in OpenSSL, due to library incompatibilities.
* Added radmin command "hup main.log", to re-open the log files,
without HUPing any other part of the server.
* Added support for EAP-Key-Name. See raddb/sites-available/default,
and look for comments mentioning EAP-Key-Name. MacSec now works.
* Added support for hex numbers (0x...) to %{expr: ...}
+ * Backported TLS client certificate validation from 3.0.0.
Bug fixes
* Skip OCSP if there's no host / port / url, with soft_fail