+++ /dev/null
-2007-09-21 1.0
-2007-10-16 1.0p1
- Fixed crash when servers were configured after first realm block
-2007-12-24 1.1-alpha
- Pretend option for validating configuration
- Include option for including additional config files
- Allows clients configured by IP prefix, dynamic clients
- Server failover support
- Rewriting of username attribute
- Source address and port can be specified for requests
-2008-05-14 1.1-beta
- No longer looks for radsecproxy.conf in current directory
- Rewrite block that allows removal of specified attributes
- certificateNameCheck option for disabling CN/SubjectAltName check
- matchCertificateAttribute now also supports CN matching
- Forwarding of accounting messages, accountingServer option for realms
- Supports multiple client blocks for same source address with different
- certificate checks
- Removed weekday from log timestamps
-2008-07-24 1.1
- Logging stationid attribute
- Added LoopPrevention option
- Failover also without status-server
- Options for RetryCount and RetryInterval
- Working accounting and AccountingResponse option
- CRL checking and option for enabling it
-2008-10-07 1.2
- listenTCP and sourceTCP options renamed to listenTLS and sourceTLS
- Old options deprecated but available for backwards compatiblity
- Logging reply-message attribute from Reject messages
- Contribution from Arne Schwabe
- Rewrite blocks have new options addAttribute and modifyAttribute
- rewriteIn (replacing rewrite) and rewriteOut in client and server
- blocks for specifying rewrite on input/output. rewrite deprecated
- but available as an alias for rewriteIn for backwards compatibility.
- rewritein rewriteout rewrite
- regular expressions in realms etc can now be more advanced, including
- use of "or".
- cacheExpiry option in tls blocks for specifying expiry time for the
- cache of CA certificates and CRLs. This is particularly useful for
- regularly updating CRLs.
- Some logging has been made more informative
-2008-12-04 1.3-alpha
- Support for TCP and DTLS transports (type tcp, type dtls)
- Listen... options can be specified multiple times
- Dynamic server discovery
- DuplicateInterval option in client block for specifying for how
- long a request/reply shall be stored for duplicate detection
- Support for RADIUS TTL (hopcount) attribute. Decrements value of
- the TTL attribute if present, discards message if becomes 0.
- If addTTL option is used, the TTL attribute is added with the
- specified value if the forwarded message does not have one.
- PolicyOID option can be used to require certain CA policies.
-2009-02-18 1.3-beta
- Client and Server blocks may contain multiple host options.
- Configure (Makefile) options for specifying which transports
- should be supported in a build.
-2009-03-12 1.3
- Fixed some very minor bugs
- Changed log levels for some messages, made loglevel 2 default
-2009-07-22 1.3.1
- Fixed header files for FreeBSD
- Fix for multiple UDP servers on same IP address, solves accounting
- problems.
-2010-06-12 1.4
- Incompatible changes:
- - Log level 4 used to be DBG_DBG but is now DBG_NOTICE. In order
- to keep the same behaviour as in previous versions of radsecproxy,
- those who have LogLevel set to 4 need to change this to 5. Log
- levels 1, 2 and 3 are unaffected.
-
- New features and various improvements:
- - LoopPrevention per server has been added.
- - AddVendorAttribute rewrite configuration has been added.
- - New log level, DBG_NOTICE, added.
- - Diagnostics improved for errors resulting from failing syscalls.
- - Removed all compiler warnings (compiling with -Wall).
-
- Bug fixes:
- - A UDP fragmentation issue.
- - Build on Solaris when compiling with gcc.
- - A bug in pwdencrypt() with passwords of a length greater than
- 16 octets.
projects / radsecproxy.git / blobdiff