Thanks. Those are pretty obtuse comments. I finally figured out by trial and error you have to create those two sections as they are not in the file.
No.
From raddb/sites-available/README:
Which I wrote. I *do* understand how the server works. The *default* install does not require you to add "authorize" or "authenticate" sections to radiusd.conf. The *default* install includes a "default" virtual server, with those sections already defined. The *intent* as per the "man" page and other documentation, is for that default server to be used as the basis for your own policies. The only time you *have* to add "authorize" and "authenticate" sections to radiusd.conf is when you've edited the default install to remove all references to virtual servers.
They were removed from radiusd.conf because (a) they were getting too big, and (b) it enabled example files per virtual server.
Actually a good idea. Its just not obvious. The previously mentioned README is very helpful. I think its in the wrong place. It should be in raddb where its easier to find. Perhaps there should also be an UPDATING file that points to it. The new structure needs a road map because things are quite difficult to find until you really understand the structure.
Feel free to send a first draft of suggested documentation.
One significant change that took mw quite awhile to figure out was that the request arguments are addressed differently. You have to be careful in using the proper pointer for the data type. However, anything with an IPv4 address, e.g. Freamed-IP-Address, is handled quite differently. Version 1 would give you a string ("10.0.1.1") whereas Version 2 gives you the binary version as 4 bytes. I haven't checked all the other data types for changes like that. The other ones I use maintained the same format.
Yes. The internal data structures change. See libradius.h for complete definitions. Alan DeKok.