Hi Alan, On Sun, Nov 9, 2014 at 3:47 PM, Alan DeKok wrote:
We're continuing to develop the server, so I'd like to clarify the policy around releases.
Version 2.2.x: Long term stable release.
No new features. Minor bug fixes. The goal is long-term stability. We will maintain it 2-3 years.
Is there a 'known limitation' page which reflects behavior changes between version 2.x and 3.x? I am asking as I spent many hours last weened to figure out why a given case was failing with v3.x while it succeeded with v2.x (latest git). The case was with a proprietary NAS device authenticating via MSCHAP-2 protocol when the password contains a UTF-8 multi-byte character such as €, £, я, א, etc (locally with MYSQL back end - not via ntlm_auth). After lots of debugs (including dumping nt-hashes from windows server and testing with MS radius) it appears that v3.x was actually correct (the NT-hash matched what I was expecting). The reason the NAS worked only with v2.x was because it was doing the conversion as if the password was plain ASCII similar to the way it is done in FR v2.x: https://github.com/FreeRADIUS/freeradius-server/blob/v2.x.x/src/modules/rlm_... Compare to FR v3: https://github.com/FreeRADIUS/freeradius-server/blob/v3.0.x/src/modules/rlm_... I tried to look up information on this difference in behavior but with no luck so maybe it could be nice to state such changes in behavior somewhere (even correct changes which aren't ported back). Apologize if this comment isn't appropriate. Thank you, Isaac B.