1 FreeRADIUS 2.0.6 ; $Date$ , urgency=medium
3 * Clients may now be defined dynamically. See
4 raddb/sites-available/dynamic-clients.
5 * SNMP statistics have been replaced by statistics gathered
6 via Status-Server. See raddb/sites-available/status
7 * SNMP support has been removed from the server. Since it has not
8 worked for a while, this should not affect anyone.
9 * Added more Microsoft attributes from bug #568.
12 * Parse "security" section in radiusd.conf. This was accidentally
13 deleted in 2.0.5. Closes bug #566.
14 * Bind to interface before IP, which allows DHCP sockets to
15 listen on "*" for multiple interfaces.
16 * Fix handling of giaddr in DHCP responses.
17 * Corrected parsing of status_check in home_server so that it works.
19 FreeRADIUS 2.0.5 ; Date: 2008/06/07 17:17:00 , urgency=medium
21 * Permit SQL authorize_reply_query to be empty.
22 * Allow setting response packet type in Post-Proxy-Type Fail
24 * Added install-chown target to set correct permission and ownership
25 make RADMIN=radmin RGROUP=radius install-chown
26 * Support for LDAP-Group and other dynamic comparison attributes
27 in unlang. Developed from a patch by Jason Alderfer.
28 * Added chroot support. See radiusd.conf for comments.
29 * Allow clients of 0/0. We do not recommend using this, though.
30 * Moved many module configurations into raddb/modules/*
33 * Allow proxying to virtual servers for accounting packets, too.
34 * Added "num fields" function to PostgreSQL client.
35 * Updated proxy fallback mechanism to validate fallback servers,
36 and to process fallback requests in a child thread.
37 * rlm_realm returns "ok" for LOCAL realms, not "noop".
38 * Fixed some DHCP code handling. The examples should now work.
40 FreeRADIUS 2.0.4 ; Date: 2008/04/30 08:56:40 , urgency=medium
42 * Allow "virtual_server" in "realm" and "home_server" sections.
43 See raddb/proxy.conf and raddb/sites-available/virtual.example.com.
44 * Allow "passwd" module to be listed in "accounting" and "post-auth".
45 * Added "fallback" to "home_server_pool" configuration, to handle
46 the case of all home servers being dead. See raddb/proxy.conf.
47 * Added sample text to raddb/sites-available/inner-tunnel which
48 can simplify debugging of inner tunnel configurations.
49 * Added regular expression matching in realm names. See
50 raddb/proxy.conf for examples.
51 * Added simple DHCP server functionality. For comments, see
52 raddb/sites-available/dhcp.
53 * Added file globbing capabilities to detail file reader
54 * Added sample raddb/sites-available/robust-proxy-accounting
55 * Clients in SQL can now refer to a virtual server.
56 Patch from Michael Bretterklieber.
57 * Added some examples of creating RADIUS administrator in SQL,
58 and assigning appropriate access rights.
61 * Install all files in raddb/sites-available
62 * Allow non-threaded builds.
63 * Don't treat '0x' as special for known attributes that are not
65 * Fix log error in rlm_pap.
66 * Remove documentation about non-existent functionality.
67 * Updated warning messages in debug output.
68 * Fix handling of timeouts in rlm_ldap that affected 64-bit systems.
69 This fix was supposed to go into 2.0.3, but did not make it.
70 * Fix event handling in debug mode for failed proxy requests.
71 * Fix memleak in fifos. Closes #537.
72 * Fix memleak on blocked threads. Closes #538.
73 * Perform additional checks on NULL realms. Closes #541.
74 * Fix handling of "clients" in "listen" section.
75 * When detail file cannot process a packet, sleep for longer
76 to let the rest of the server do something.
77 * Add missing table to raddb/sql/mssql/schema.sql. Closes #545.
78 * Updated rlm_sql_postgresql to build with PostgreSQL 7.x.
80 * Fix "postauth" of rlm_ldap to look for LDAP-UserDn in the
82 * Update rlm_attr_filter for some corner cases. Closes #543.
83 * Fixed memory leak in libfreeradius event handler.
84 * In the SQL Accounting on/off queries, remove the restriction
85 that the session time had to be zero.
87 FreeRADIUS 2.0.3 ; Date: 2008/03/17 09:22:17 , urgency=medium
89 * Updated raddb/certs/ca.cnf with extensions to allow ca.der
90 to be imported as a CA on Symbian and Windows Mobile devices.
92 * Enable multiple matches in "hints" via Fall-Through = Yes.
94 * Added preliminary SQLite driver, contibuted by Apple.
95 Untested, with no sample configuration. This address bug #470.
96 * Updated logging sub-system so that log messages from libfreeradius
97 can go to the log file, and not stdout.
98 * Added dictionary.rfc5176
99 * EAP module now checks for instance name, and uses that for
100 authentication. This avoids the need to set Auth-Type when
101 there are multiple instances of the EAP module.
102 * Added Module-Return-Code attribute, which contains the value
103 returned by the previous module (ok/fail/update/etc.)
106 * Corrected typos in rlm_dbm. Closes bugs #521 and #522.
107 * Detail file "listen" sections now work much better.
108 * Don't allow old "log_*" to over-ride new format. Closes bug #525
109 * Initialize allocated memory in Oracle SQL driver. This fixes
110 occasional crashes on some systems. Closes bug #518
111 * Call correct function in rlm_protocol_filter. This enables the
112 module to build. Closes bug #512.
113 * Added deprecated flag to build for rlm_krb5. This allows it to
114 run on 64-bit systems. Closes bug #491
115 * Corrected error message when parsing invalid configurations
116 so it doesn't crash. Closes bug #527
117 * Fix handling of timeouts in rlm_ldap that affected 64-bit systems.
118 * Handle $INCLUDE's in "instantiate" section. Closes #528.
119 * Format updates to "man" pages from Stephen Gran.
121 FreeRADIUS 2.0.2 ; Date: 2008/02/14 11:13:48 , urgency=medium
123 * Added notes on how to debug the server in radiusd.conf
124 * Moved all "log_*" in radiusd.conf to log{} section.
125 The old configurations are still accepted, though.
126 * Added ca.der target in raddb/certs/Makefile. This is
127 needed for importing CA certs into Windows.
128 * Added ability send raw attributes via "Raw-Attribute = 0x0102..."
129 This is available only debug builds. It can be used
130 to create invalid packets! Use it with care.
131 * Permit "unlang" policies inside of Auth-Type{} sub-sections
132 of the authenticate{} section. This makes some policies easier
134 * "listen" sections can now have "type = proxy". This lets you
135 control which IP is used for sending proxied requests.
136 * Added note on SSL performance to raddb/certs/README
139 * Fixed reading of "detail" files.
140 * Allow inner EAP tunneled sessions to be proxied.
141 * Corrected MySQL schemas
142 * syslog now works in log{} section.
143 * Corrected typo in raddb/certs/client.cnf
144 * Updated raddb/sites-available/proxy-inner-tunnel to
145 permit authentication to work.
146 * Ignore zero-length attributes in received packets.
147 * Correct memcpy when dealing with unknown attributes.
148 * Corrected debugging messages in attr_rewrite.
149 * Corrected generation of State attribute in EAP. This
150 fixes the "failed to remember handler" issues.
151 * Fall back to DEFAULT realm if no realm was found.
152 Based on a patch from Vincent Magnin.
153 * Updated example raddb/sites-available/proxy-inner-tunnel
154 * Corrected behavior of attr_filter to match documentation.
155 This is NOT backwards compatible with previous versions!
156 See "man rlm_attr_filter" for details.
158 FreeRADIUS 2.0.1 ; Date: 2008/01/22 13:29:37 , urgency=low
160 * "unlang" has been expanded to do less run-time expansion,
161 and to have better handling of typed data. See "man unlang"
162 for documentation and new examples.
165 * The 'acct_unique' module has been updated to understand
166 the deprecated (but still used) Client-IP-Address attribute.
167 * The EAP-MSCHAPv2 module no longer leaks MS-CHAP2-Success in
169 * Fixed crash in rlm_dbm.
170 * Fixed parsing of syslog configuration.
172 FreeRADIUS 2.0.0 ; Date: 2007/11/24 08:33:09 , urgency=low
174 * Debugging mode is much clearer and easier to read.
175 * A new policy language makes many configurations trivial.
176 See "man unlang" for a complete description.
177 * Virtual servers are now supported. This permits clear separation
178 of policies. See raddb/sites-available/README
179 * EAP-TLS (PEAP, EAP-TTLS) and OpenSSL certificates "just work".
180 See raddb/certs/README for details.
181 * Proxying is much more configurable than before.
182 See proxy.conf for documentation on pools, and new config items.
183 * Full support for IPv6.
184 * Much more complete support for the RADIUS SNMP MIBs.
185 * HUP now works. Only some modules are re-loaded,
186 and the server configuation is *not* reloaded.
187 * "check config" option now works. See "man radiusd"
188 * radrelay functionality is now included in the server core.
189 See raddb/sites-available/copy-acct-to-home-server
190 * VMPS support. It is minimal, but functional.
191 * Cleaned up internal API's and names, including library names.