FreeRADIUS Server Version 2.1.2 has been released

Alan T DeKok aland at
Thu Dec 4 11:39:17 CET 2008

Hash: SHA1

  We are pleased to announce the release of version 2.1.2 of the
FreeRADIUS server.  The focus of this release is stability.

  We have also created a "stable" tree on  This tree
will be used to release versions 2.1.2 and following.  The "master" tree
will be used for additional, experimental features.  There are a number
of important new features coming over the next year.  Splitting
development in this way helps to manage the trade-off of features versus

  We would like to thank Coverity for providing static analysis scanning
that highlighted a number of issues.  These issues do not have security
implications, but they can affect stability.

  Alan DeKok
  Project Leader

  The complete changelog is below.

- -----------------------------------------------------
Feature Improvements:
  * Allow running with "user=radiusd" and binding to secure sockets.
  * Start sending Status-Server "are you alive" messages earlier, which
helps with proxying multiple realms to a home server.
  * Removed thread pool code from rlm_perl.  It's not necessary.
  * Added example Perl configuration to raddb/modules/perl
  * Force OpenSSL to support certificates with SHA256. This seems to be
necessary for WiMAX certs.

Bug fixes:
  * Fix Debian patch to allow it to build.
  * Fix potential NULL dereference in debugging mode on certain
platforms for TTLS and PEAP inner tunnels.
  * Fix uninitialized memory in handling of vendor definitions
  * Fix parsing of quoted (but non-string) attributes in the "users" file.
  * Initialize uknown NAS IP to, rather than
  * use SUN_LEN in control socket, to avoid truncation on some platforms.
  * Correct internal handling of "debug condition" to prevent it from
being over-written.
  * Check return code of regcomp in "unlang", so that invalid regular
expressions are caught rather than mishandled.
  * Make rlm_sql use <ltdl.h>.  Addresses bug #610.
  * Document list "type = status" better.  Closes bug #580.
  * Set "default days" for certificates, because OpenSSL won't do it.
This closes bug #615.
  * Reference correct list in example raddb/modules/ldap. Closes #596.
  * Increase default schema size for Acct-Session-Id to 64. Closes #540.
  * Fix use of temporary files in dialup-admin.  Closes #605 and
addresses CVE-2008-4474.
  * Addressed a number of minor issues found by Coverity.
  * Added DHCP option 150 to the dictionary.  Closes #618.
Version: GnuPG v1.4.6 (Darwin)
Comment: Using GnuPG with Mozilla -


More information about the Freeradius-Users mailing list