What's new in v4
Alan DeKok
aland at deployingradius.com
Mon Oct 2 12:57:19 UTC 2023
No, we're not ready to release v4 yet, sorry. But hopefully soon.
The good news is that we're done the major re-architecture. That took much longer than planned, but actual paying work kept getting in the way. That's fine, people need to eat. :)
We've made good progress in the last month or so. To the point where it's making significant improvements. This message highlights some good and bad things.
First the bad:
* RADIUS/TLS (radsec) isn't there. It shouldn't be hard, but we've been working on higher priority things
* TTLS / PEAP / FAST / TEAP aren't there. These are harder, but not impossible.
Then the good: Many things are much much, much simpler than in v4.
* update sections are no longer needed. The debug output will even tell you how to convert update sections to the new syntax!
&User-Name = "foo"
&NAS-Port = 1
&reply.Reply-Message = "Hello %{User-Name}"
* math can be done in-place:
&NAS-Port = 5 + 2
&reply.Reply-Message = "Hello " + &User-Name
if (&User-Name == "foo" + "bar") ...
* we no longer need %{expr:...} to do math. We can just do it in place if necessary!
&reply.Reply-Message := "We have 1 + 2 = %{1 + 2}"
* the dynamic expansion syntax has changed to be more sane. They look like functions with comma-separated arguments
v3: %{md5:foo bar baz}
v4: %md5(foo, bar, baz)
* The horrible alternation syntax is gone. The new syntax is simpler, and easier to read if there are multiple layers of nesting
v3: %{${Stripped-User-Name}:-%{User-Name}}
v4: %{&Stripped-User-Name || &User-Name}
There are many, many, other fixes and features. TACACS+, DHCPv4 is fully supported. DHCPv6 (!), DNS (!!!!). and even listening to an OpenLDAP replication stream (!!!!!)
Alan DeKok.
More information about the Freeradius-Users
mailing list