From 3ba3dd9b997efbc353ec3dc039e9d0a56c066b6c Mon Sep 17 00:00:00 2001 From: "Alan T. DeKok" Date: Thu, 29 Jul 2010 14:12:15 +0200 Subject: [PATCH] Renamed in preparation for RST --- doc/ChangeLog | 143 ++++++++++++++++++++- doc/{misc-nas => misc-nas.rst} | 0 doc/{module_interface => module_interface.rst} | 0 doc/release-method.rst | 4 +- ...supervise-radiusd.txt => supervise-radiusd.rst} | 0 5 files changed, 142 insertions(+), 5 deletions(-) rename doc/{misc-nas => misc-nas.rst} (100%) rename doc/{module_interface => module_interface.rst} (100%) rename doc/{supervise-radiusd.txt => supervise-radiusd.rst} (100%) diff --git a/doc/ChangeLog b/doc/ChangeLog index e45af81..25a5f8a 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,7 +1,144 @@ -FreeRADIUS 2.1.8 Mon Jan 1 1:00:00 CEST 1999; , urgency=medium +FreeRADIUS 2.1.10 Mon 01 Sep 8:00:00 CEST 2010, urgency=medium + Feature improvements + * Install the "radcrypt" program. + * Enable radclient to send requests containing MS-CHAPv1 + * Make the "inner-tunnel" virtual server listen on 127.0.0.1:18120 + This change makes PEAP testing much easier. + * Added more documentation and examples for the "passwd" module. + + Bug fixes + * Fix endless loop when there are multiple sub-options for + DHCP option 82. + * More debug output when sending / receiving DHCP packets. + * EAP-MSCHAPv2 should return the MPPE keys when used outside + of a TLS tunnel. This is needed for IKE. + * Added SSL "no ticket" option to prevent SSL from creating sessions + without IDs. We need the IDs, so this option should be set. + * Fix proxying of packets from inside a TTLS/PEAP tunnel. + Closes bug #25. + * Allow IPv6 address attributes to be created from domain names + Closes bug #82. + * Set the string length to the correct value when parsing double + quotes. Closes bug #88. + * No longer look users up in /etc/passwd in the default configuration. + This can be reverted by enabling "unix" in the "authorize" section. + * More #ifdef's to enable building on systems without certain + features. + * Fixed SQL-Group comparison to register only if the group + query is defined. + * Fixed SQL-Group comparison to register -SQL-Group, + just like rlm_ldap. This lets you have multiple SQL group checks. + * Fix scanning of octal numbers in "unlang". Closes bug #89. + * Be less aggressive about freeing "stuck" requests. Closes bug #35. + * Fix example in "originate-coa" to refer to the correct packet. + * Change default timeout for dynamic clients to 1 hour, not 1 day. + * Allow passwd module to map IP addresses, too. + * Allow passwd module to be used for CoA packets + * Put boot filename into DHCP header when DHCP-Boot-Filename + is specified. + * raddb/certs/Makefile no longer has certs depend on index.txt and + serial. Closes bug #64. + * Ignore NULL errorcode in PostgreSQL client. Closes bug #39 + * Made Exec-Program and Exec-Program-Wait work in accounting + section again. See sites-available/default. + * Fix long-standing memory leak in esoteric conditions. Found + by Jerry Nichols. + * Added "Password-With-Header == userPassword" to raddb/ldap.attrmap + This will automatically convert more passwords. + * Updated rlm_pap to decode Password-With-Header, if it was base64 + encoded, and to treat the contents as potentially binary data. + * Fix Novell eDir code to use the right function parameters. + Closes bug #86. + * Allow spaces to be escaped when executing external programs. + Closes bug #93. + * Be less restrictive about checking permissions on control socket. + If we're root, allow connecting to a non-root socket. + * Remove control socket on normal server exit. If the server isn't + running, the control socket should not exist. + * Use MS-CHAP-User-Name as Name field from EAP-MSCHAPv2 for MS-CHAP + calculations. It *MAY* be different (upper / lower case) from + the User-Name attribute. Closes bug #17. + * If the EAP module fails, more SSL errors are now in + Module-Failure-Message. + * Update Oracle configure scripts. Closes bug #57. + * Added text to DESC fields of doc/examples/openldap.schema + +FreeRADIUS 2.1.9 Mon 24 May 8:00:00 CEST 2010, urgency=medium + Feature improvements + * Add radmin command "stats detail " to see what + is going on inside of a detail file reader. + * Added documentation for CoA. See raddb/sites-available/coa + * Add sub-option support for Option 82. See dictionary.dhcp + * Add "server" field to default SQL NAS table, and documented it. + + Bug fixes + * Reset "received ping" counter for Status-Server checks. In some + corner cases it was not getting reset. + * Handle large VMPS attributes. + * Count accounting responses from a home server in SNMP / statistics + code. + * Set EAP-Session-Resumed = Yes, not "No" when session is resumed. + * radmin packet counter statistics are now unsigned, for numbers + 2^31..2^32. After that they roll over to zero. + * Be more careful about expanding data in PAP and MS-CHAP modules. + This prevents login failures when passwords contain '{'. + * Clean up zombie children if there were many "exec" modules being + run for one packet, all with "wait = no". + * re-open log file after HUP. Closes bug #63. + * Fix "no response to proxied packet" complaint for Coa / Disconnect + packets. It shouldn't ignore replies to packets it sent. + * Calculate IPv6 netmasks correctly. Closes bug #69. + * Fix SQL module to re-open sockets if they unexpectedly close. + * Track scope for IPv6 addresses. This lets us use link-local + addresses properly. Closes bug #70. + * Updated Makefiles to no longer use the shell for recursing into + subdirs. "make -j 2" should now work. + * Updated raddb/sql/mysql/ippool.conf to use "= NULL". Closes + bug #75. + * Updated Makefiles so that "make reconfig" no longer uses the shell + for recursing into subdirs, and re-builds all "configure" files. + * Used above method to regenerate all configure scripts. + Closes bug #34. + * Updated SQL module to allow "server" field of "nas" table + to be blank: "". This means the same as it being NULL. + * Fixed regex realm example. Create Realm attribute with value + of realm from User-Name, not from regex. Closes bug #40. + * If processing a DHCP Discover returns "fail / reject", ignore + the packet rather than sending a NAK. + * Allow '%' to be escaped in sqlcounter module. + * Fix typo internal hash table. + * For PEAP and TTLS, the tunneled reply is added to the reply, + rather than integrated via the operators. This allows multiple + VSAs to be added, where they would previously be discarded. + * Make request number unsigned. This changes nothing other than + the debug output when the server receives more than 2^31 packets. + * Don't block when reading child output in 'exec wait'. This means + that blocked children get killed, instead of blocking the server. + * Enabled building without any proxy functionality + * radclient now prefers IPv4, to match the default server config. + * Print useful error when a realm regex is invalid + * relaxed rules for preprocess module "with_cisco_vsa_hack". The + attributes can now be integer, ipaddr, etc. (i.e. non-string) + * Allow rlm_ldap to build if ldap_set_rebind_proc() has only + 2 arguments. + * Update configure script for rlm_python to avoid dynamic linking + problems on some platforms. + * Work-around for bug #35 + * Do suid to "user" when running in debug mode as root + * Make "allow_core_dumps" work in more situations. + * In detail file reader, treat bad records as EOF. + This allows it to continue working when the disk is full. + * Fix Oracle default accounting queries to work when there are no + gigawords attributes. Other databases already had the fix. + * Fix rlm_sql to show when it opens and closes sockets. It already + says when it cannot connect, so it should say when it can connect. + * "chmod -x" for a few C source files. + * Pull update spec files, etc. from RedHat into the redhat/ directory. + * Allow spaces when parsing integer values. This helps people who + put "too much" into an SQL value field. + +FreeRADIUS 2.1.8 Wed 30 Dec 16:44:50 CEST 2009, urgency=medium Feature improvements - * RADIUS over TCP is now supported. See "proto" fields in - radiusd.conf, clients.conf, and proxy.conf. * Print more descriptive error message for too many EAP sessions. This gives hints on what to do when "failed to store handler" * Moved illegal attributes to dictionary.ascend.illegal and diff --git a/doc/misc-nas b/doc/misc-nas.rst similarity index 100% rename from doc/misc-nas rename to doc/misc-nas.rst diff --git a/doc/module_interface b/doc/module_interface.rst similarity index 100% rename from doc/module_interface rename to doc/module_interface.rst diff --git a/doc/release-method.rst b/doc/release-method.rst index 0d2eb05..01fb59b 100644 --- a/doc/release-method.rst +++ b/doc/release-method.rst @@ -5,12 +5,12 @@ As of 2.0, the release process is much simpler. Edit the Changelog with the version number and any last updates. vi doc/ChangeLog -cvs commit doc/ChangeLog +git commit doc/ChangeLog Change version numbers in the VERSION file: vi VERSION -cvs commit VERSION +git commit VERSION Make the files diff --git a/doc/supervise-radiusd.txt b/doc/supervise-radiusd.rst similarity index 100% rename from doc/supervise-radiusd.txt rename to doc/supervise-radiusd.rst -- 2.1.4