1 FreeRADIUS 2.0.4 ; $Date$ , urgency=medium
3 * Allow "virtual_server" in "realm" and "home_server" sections.
4 See raddb/proxy.conf and raddb/sites-available/virtual.example.com.
5 * Allow "passwd" module to be listed in "accounting" and "post-auth".
6 * Added "fallback" to "home_server_pool" configuration, to handle
7 the case of all home servers being dead. See raddb/proxy.conf.
8 * Added sample text to raddb/sites-available/inner-tunnel which
9 can simplify debugging of inner tunnel configurations.
10 * Added regular expression matching in realm names. See
11 raddb/proxy.conf for examples.
12 * Added simple DHCP server functionality. For comments, see
13 raddb/sites-available/dhcp.
14 * Added file globbing capabilities to detail file reader
15 * Added sample raddb/sites-available/robust-proxy-accounting
16 * Clients in SQL can now refer to a virtual server.
19 * Install all files in raddb/sites-available
20 * Allow non-threaded builds.
21 * Don't treat '0x' as special for known attributes that are not
23 * Fix log error in rlm_pap.
24 * Remove documentation about non-existent functionality.
25 * Updated warning messages in debug output.
26 * Fix handling of timeouts in rlm_ldap that affected 64-bit systems.
27 This fix was supposed to go into 2.0.3, but did not make it.
28 * Fix event handling in debug mode for failed proxy requests.
29 * Fix memleak in fifos. Closes #537.
30 * Fix memleak on blocked threads. Closes #538.
31 * Perform additional checks on NULL realms. Closes #541.
32 * Fix handling of "clients" in "listen" section.
33 * When detail file cannot process a packet, sleep for longer
34 to let the rest of the server do something.
35 * Add missing table to raddb/sql/mssql/schema.sql. Closes #545.
36 * Updated rlm_sql_postgresql to build with PostgreSQL 7.x.
38 * Fix "postauth" of rlm_ldap to look for LDAP-UserDn in the
40 * Update rlm_attr_filter for some corner cases. Closes #543.
42 FreeRADIUS 2.0.3 ; Date: 2008/03/17 09:22:17 , urgency=medium
44 * Updated raddb/certs/ca.cnf with extensions to allow ca.der
45 to be imported as a CA on Symbian and Windows Mobile devices.
47 * Enable multiple matches in "hints" via Fall-Through = Yes.
49 * Added preliminary SQLite driver, contibuted by Apple.
50 Untested, with no sample configuration. This address bug #470.
51 * Updated logging sub-system so that log messages from libfreeradius
52 can go to the log file, and not stdout.
53 * Added dictionary.rfc5176
54 * EAP module now checks for instance name, and uses that for
55 authentication. This avoids the need to set Auth-Type when
56 there are multiple instances of the EAP module.
57 * Added Module-Return-Code attribute, which contains the value
58 returned by the previous module (ok/fail/update/etc.)
61 * Corrected typos in rlm_dbm. Closes bugs #521 and #522.
62 * Detail file "listen" sections now work much better.
63 * Don't allow old "log_*" to over-ride new format. Closes bug #525
64 * Initialize allocated memory in Oracle SQL driver. This fixes
65 occasional crashes on some systems. Closes bug #518
66 * Call correct function in rlm_protocol_filter. This enables the
67 module to build. Closes bug #512.
68 * Added deprecated flag to build for rlm_krb5. This allows it to
69 run on 64-bit systems. Closes bug #491
70 * Corrected error message when parsing invalid configurations
71 so it doesn't crash. Closes bug #527
72 * Fix handling of timeouts in rlm_ldap that affected 64-bit systems.
73 * Handle $INCLUDE's in "instantiate" section. Closes #528.
74 * Format updates to "man" pages from Stephen Gran.
76 FreeRADIUS 2.0.2 ; Date: 2008/02/14 11:13:48 , urgency=medium
78 * Added notes on how to debug the server in radiusd.conf
79 * Moved all "log_*" in radiusd.conf to log{} section.
80 The old configurations are still accepted, though.
81 * Added ca.der target in raddb/certs/Makefile. This is
82 needed for importing CA certs into Windows.
83 * Added ability send raw attributes via "Raw-Attribute = 0x0102..."
84 This is available only debug builds. It can be used
85 to create invalid packets! Use it with care.
86 * Permit "unlang" policies inside of Auth-Type{} sub-sections
87 of the authenticate{} section. This makes some policies easier
89 * "listen" sections can now have "type = proxy". This lets you
90 control which IP is used for sending proxied requests.
91 * Added note on SSL performance to raddb/certs/README
94 * Fixed reading of "detail" files.
95 * Allow inner EAP tunneled sessions to be proxied.
96 * Corrected MySQL schemas
97 * syslog now works in log{} section.
98 * Corrected typo in raddb/certs/client.cnf
99 * Updated raddb/sites-available/proxy-inner-tunnel to
100 permit authentication to work.
101 * Ignore zero-length attributes in received packets.
102 * Correct memcpy when dealing with unknown attributes.
103 * Corrected debugging messages in attr_rewrite.
104 * Corrected generation of State attribute in EAP. This
105 fixes the "failed to remember handler" issues.
106 * Fall back to DEFAULT realm if no realm was found.
107 Based on a patch from Vincent Magnin.
108 * Updated example raddb/sites-available/proxy-inner-tunnel
109 * Corrected behavior of attr_filter to match documentation.
110 This is NOT backwards compatible with previous versions!
111 See "man rlm_attr_filter" for details.
113 FreeRADIUS 2.0.1 ; Date: 2008/01/22 13:29:37 , urgency=low
115 * "unlang" has been expanded to do less run-time expansion,
116 and to have better handling of typed data. See "man unlang"
117 for documentation and new examples.
120 * The 'acct_unique' module has been updated to understand
121 the deprecated (but still used) Client-IP-Address attribute.
122 * The EAP-MSCHAPv2 module no longer leaks MS-CHAP2-Success in
124 * Fixed crash in rlm_dbm.
125 * Fixed parsing of syslog configuration.
127 FreeRADIUS 2.0.0 ; Date: 2007/11/24 08:33:09 , urgency=low
129 * Debugging mode is much clearer and easier to read.
130 * A new policy language makes many configurations trivial.
131 See "man unlang" for a complete description.
132 * Virtual servers are now supported. This permits clear separation
133 of policies. See raddb/sites-available/README
134 * EAP-TLS (PEAP, EAP-TTLS) and OpenSSL certificates "just work".
135 See raddb/certs/README for details.
136 * Proxying is much more configurable than before.
137 See proxy.conf for documentation on pools, and new config items.
138 * Full support for IPv6.
139 * Much more complete support for the RADIUS SNMP MIBs.
140 * HUP now works. Only some modules are re-loaded,
141 and the server configuation is *not* reloaded.
142 * "check config" option now works. See "man radiusd"
143 * radrelay functionality is now included in the server core.
144 See raddb/sites-available/copy-acct-to-home-server
145 * VMPS support. It is minimal, but functional.
146 * Cleaned up internal API's and names, including library names.