FreeRADIUS 1.1.4 has been released
aland at deployingradius.com
Fri Jan 5 01:39:39 CET 2007
Version 1.1.4 has been released, with a few notable improvements.
The server has been updated to be compatible with Microsoft Vista
clients for 802.1x. This feature should prove to be of significant
interest in many deployments.
The "rlm_pap" module has been updated, which should make many
configurations much simpler. A new attribute has been added, called
Cleartext-Password. This attribute should be used to hold the "known
good" password, where configurations previously had used the
"User-Password" attribute. Historically, User-Password has been used
both as the users password in the Access-Request packet, and also for
the "known good" password in the servers configuration ("users" file or
SQL database). Having two meanings for one attribute is problematic, so
we have modified the server to separate the meanings of the two attributes.
Existing configurations will not be affected by this change. However,
we recommend that everyone reads the "README" and "man rlm_pap"
documentation once the server is installed.
The ChangeLog is included below:
* Major enhancements to rlm_pap, that make "encryption_scheme"
a think of the past. See "man rlm_pap" for details.
* Added SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS flag to use
work-arounds that enable Windows Vista clients to work.
* Added preliminary code to support Firebird. (closes: #378)
Use at your own risk!
* Send MS-CHAP2-Success, which makes EAP-TTLS/MSCHAP work on more
platforms. (closes: #402)
* Add a new "reply-name" directive in rlm_sqlcounter to define the
name of the reply attribute. (closes: #403)
* Added more dictionaries and attributes (closes: #408, among others)
* Print ntlm_auth failure reason in Module-Failure-Message
* radsqlrelay is able to get the DB password from a file instead
of command line. (closes: #395)
* Fix a parse error in the digest module, where malformed
digest requests would result in the user being accepted. Oops...
* VALUEs can only be defined for 'integer', to catch mistakes
with setting VALUEs for type 'string'.
* Better parsing of VALUE names, so that values starting with
a digit work correctly.
* Check return from malloc (closes: #407)
* Fix a double free() in rlm_eap_tls.c (closes: #404)
* Check return code of malloc() during initialization. (closes: #407)
* Fix a corner case where the proxy port isn't set either in
radiusd.conf or in proxy.conf.
NOT in this release
* Threading issues with SSL and EAP on some systems.
* MS-CHAP UTF-8 fixes.
We expect both those fixes to be in a future release.
FreeRADIUS Project Leader
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users