New Features Development Question

Alan DeKok aland at deployingradius.com
Mon May 11 15:26:49 CEST 2020


On May 11, 2020, at 8:38 AM, Oleg Pekar <oleg.pekar.2017 at gmail.com> wrote:
> 
> Dear FreeRADIUS developers,
> I'm evaluating of implementation of the following features in my local copy
> of FreeRADIUS for the PoC that I'm building locally:

  Which version is this for?

  We're trying to do major new features only in v4.  However, that's taking longer than expected.  So we're OK with minor code changes to v3.  But that work cannot involve major code changes.  We just don't have the bandwidth to support multiple releases.

> * Support of unloading RADIUS/EAP/TLS state to external DB (e.g. Redis) at
> the end of every RADIUS request processing and locating and loading the
> state back from the external DB to the application when the next request
> RADIUS of the same RADIUS session comes. This would be extremely helpful
> for building scalable clusters of stateless FreeRADIUS servers (I need it
> for my PoC)

  IIRC, that's already supported in v4.  I'll check with Arran, as he added that feature.

> * Support of external generic CA and CTL for certificate based user
> authentications

   I'm not sure what that means.  "generic CAs" ?

> * Support of configurable debug and audit log to external loggers

  We have a plan for that in v4.  But even there, it involves some fairly serious changes, even if they are largely of the form "change A to B".

> Are FreeRADIUS leads and the community interested in my contribution of any
> of these feature to FreeRADIUS?

  We're always interested in new features and contributions.

  My $0.02 would be to open up 3 GitHub issues, one for each topic.  Then describe what you plan to do, and how you plan to do it. We can discuss the changes and see if they can be done in v3.  If it works, we can pull the changes into the main release of v3.

  We *don't* want multiple different versions of v3 floating around, each with different features.  We've seen at least one company heavily modify version 1.1.4.  And then 10+ years later, they're stuck with it.  They don't get the benefit of any of the new features.  And end up re-implementing the features themselves.

  So *small* changes are likely OK for v3.  Large rearchitecture will have to wait for v4.

  Alan DeKok.




More information about the Freeradius-Devel mailing list