Note TLS certificate validation

diff --git a/doc/ChangeLog b/doc/ChangeLog
index c4985d7..c213092 100644 (file)
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -17,13 +17,14 @@ FreeRADIUS 2.2.1 Mon 10 Sep 2012 12:00:00 CEST, urgency=medium
        * Run Post-Proxy-Type Reject {} if the upstream server rejected the
          request.
        * On startup, the server checks if it was linked with the correct
-         OpenSSL libraries.  if not, it errors out.  This prevents later
+         OpenSSL libraries.  If not, it errors out.  This prevents later
          crashes in OpenSSL, due to library incompatibilities.
        * Added radmin command "hup main.log", to re-open the log files,
          without HUPing any other part of the server.
        * Added support for EAP-Key-Name.  See raddb/sites-available/default,
          and look for comments mentioning EAP-Key-Name.  MacSec now works.
        * Added support for hex numbers (0x...) to %{expr: ...}
+       * Backported TLS client certificate validation from 3.0.0.
 
        Bug fixes
        * Skip OCSP if there's no host / port / url, with soft_fail