Feature Improvements
* Add dictionary.ciena, dictionary.nile, and DHCPv4 dictionaries
* Add simultaneous-use queries for MS SQL
* Add radmin command for "stats pool <module-name>"
which prints out statistics about the connection pools.
* Client statistics now shows "conflicts",
to count conflicting packets.
* New optional "lightweight accounting-on/off" strategy.
When refreshing queries.conf you should also add the new
nasreload table and corresponding GRANTs to your DB schema.
* Add TLS-Client-Cert-X509v3-Certificate-Policies, which helps
with Eduroam.
* Allow auth+acct for TCP sockets, too.
* Add rlm_cache_redis. See raddb/mods-available/cache for details.
* Allow radmin to look up home servers by name, too.
* Ensure that dynamic clients don't create loops on duplicates
* Removed rlm_sqlhpwippool. There was no documentation, no configuration,
and the module was ~15 years old with no one using it.
* Marked rlm_python3 as stable.
* Add sigalgs_list. See raddb/mods-available/eap
* For rlm_linelog, when opening files in /dev, look at "permissions"
to see whether to open them r/w.
* More flexibility for dynamic home servers. See
doc/configuration/dynamic_home_servers.md and
raddb/home_servers/README.md.
* Allow setting of application_name for PostgreSQL.
See mods-available/sql.
Bug Fixes
* Correct test for open sessions in radacct for MS SQL.
OBS-URL: https://build.opensuse.org/package/show/network/freeradius-server?expand=0&rev=159
Feature Improvements
* Added Force10 dictionary.
* Update dictionary.hp with new attributes. #2690.
* Update dictionary.aruba with new attributes. #2696.
* Fix side-channel leak in EAP-PWD (bsc#1166858, CVE-2019-20510)
* Relax OpenSSL version checks, now that their API is both public, and stable.
* Note that tls_min_version/tls_max_version also support "1.3"
Since there is no standard yet for EAP with TLS 1.3, it will not work.
* Added tripplite dictionary from #2760.
* Switch to the async interface for rlm_sql_postgresql so that
we can enforce query_timeout.
* Added new LDAP option 'allow_dangling_group_ref'.
* Updated documentation and functionality for EAP session caching
See "cache" section of mods-available/eap.
* Tighten systemd unit file security. Fixes#2637.
* Disable TLS 1.0 and TLS 1.1 support in the default configuration
We STRONGLY recommend doing this for all installations.
* Add expansions for *outgoing* Radsec connections
"%{proxy_listen:TLS-...}" for TLS-Client-Cert-* and
TLS-Cert-* attributes. Fixes#2839.
* Add %{listen:tls} which returns "yes" or "no" for
TLS or non-TLS connections.
* Update dictionary.lancom with new attributes. #2847.
* Added rlm_sql_mongo. See raddb/mods-available/sql.
Note that this module is experimental.
* Added more documentation in sites-available/robust-proxy-accounting.
* sqlippool now re-allocates unexpired leases, to prevent IP pool
exhaustion when clients perform multiple reauthentication attempts
* Add support to radmin keep the history in ~/.radmin_history.
OBS-URL: https://build.opensuse.org/package/show/network/freeradius-server?expand=0&rev=133
