freeradius-server/freeradius-server-3.2.3.tar.bz2.sig
Adam Majer 1b4e5f1e09 - update to version 3.2.3:
Feature Improvements
  * Add "max_retries" for connection pools. Fixes #4908.
  * Update dictionary.ciena, dictionary.huawei, dictionary.wifialliance and
    dictionary.wispr; add dictionary.eleven.
  * You can now list "eap" in the "pre-proxy" section. If the packet contains a
    malformed EAP message, then the request will be rejected The home server
    will either reject (or discard) this packet anyways, so this change can
    only help with large proxy scenarios.
  * Show warnings if libldap is not using OpenSSL.
  * Support RADIUS/1.1. See
    https://datatracker.ietf.org/doc/draft-dekok-radext-radiusv11/ Disabled by
    default, can be enabled by passing `--with-radiusv11` to the configure
    script. For now, this is for testing interoperability.
  * Add extra sanity checks for malformed EAP attributes.
  * More TLS debugging output.
  * Clear old module instance data before HUP reload. Avoids burst memory use
    when e.g. using large data files with rlm_files.
  * `rlm_cache_redis` is now included in the freeradius-redis packages.
Bug Fixes
  * Don't leak MD contexts with OpenSSL 3.0.
  * Increase internal buffer size for TLS connections, which can help with
    high-load proxies.
  * Send Status-Server checks for TLS connections.
  * Give descriptive error if "update CoA" is used with "fake" packets, as it
    won't work. i.e. inner-tunnel and virtual home servers.
  * Many small ASAN / LSAN fixes from Jorge Pereira.
  * Close inbound RADIUS/TLS socket on TLS errors. When a home server sees a
    TLS error, it will now close the socket, so proxies do not have an open
    (but dead) TLS connection.

OBS-URL: https://build.opensuse.org/package/show/network/freeradius-server?expand=0&rev=161
2023-09-01 11:37:49 +00:00

591 B