FreeRADIUS 1.1.4 has been released

Alan DeKok aland at deployingradius.com
Fri Jan 5 01:39:39 CET 2007


  Version 1.1.4 has been released, with a few notable improvements.

  The server has been updated to be compatible with Microsoft Vista
clients for 802.1x.  This feature should prove to be of significant
interest in many deployments.

  The "rlm_pap" module has been updated, which should make many
configurations much simpler.  A new attribute has been added, called
Cleartext-Password.  This attribute should be used to hold the "known
good" password, where configurations previously had used the
"User-Password" attribute.  Historically, User-Password has been used
both as the users password in the Access-Request packet, and also for
the "known good" password in the servers configuration ("users" file or
SQL database).  Having two meanings for one attribute is problematic, so
we have modified the server to separate the meanings of the two attributes.

  Existing configurations will not be affected by this change.  However,
we recommend that everyone reads the "README" and "man rlm_pap"
documentation once the server is installed.

  The ChangeLog is included below:

Feature improvements
  * Major enhancements to rlm_pap, that make "encryption_scheme"
    a think of the past.  See "man rlm_pap" for details.
  * Added SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS flag to use
    work-arounds that enable Windows Vista clients to work.
  * Added preliminary code to support Firebird. (closes: #378)
    Use at your own risk!
  * Send MS-CHAP2-Success, which makes EAP-TTLS/MSCHAP work on more
    platforms.  (closes: #402)
  * Add a new "reply-name" directive in rlm_sqlcounter to define the
    name of the reply attribute. (closes: #403)
  * Added more dictionaries and attributes (closes: #408, among others)
  * Print ntlm_auth failure reason in Module-Failure-Message
    (closes: #398)
  * radsqlrelay is able to get the DB password from a file instead
    of command line. (closes: #395)

Bug fixes
  * Fix a parse error in the digest module, where malformed
    digest requests would result in the user being accepted.  Oops...
  * VALUEs can only be defined for 'integer', to catch mistakes
    with setting VALUEs for type 'string'.
  * Better parsing of VALUE names, so that values starting with
    a digit work correctly.
  * Check return from malloc (closes: #407)
  * Fix a double free() in rlm_eap_tls.c (closes: #404)
  * Check return code of malloc() during initialization. (closes: #407)
  * Fix a corner case where the proxy port isn't set either in
    radiusd.conf or in proxy.conf.


NOT in this release
  * Threading issues with SSL and EAP on some systems.
  * MS-CHAP UTF-8 fixes.

  We expect both those fixes to be in a future release.

  Alan DeKok.
  FreeRADIUS Project Leader


-- 
  Alan DeKok.
--
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog



More information about the Freeradius-Users mailing list