Navigation:
Browse pkgsrc
(this page)
net freeradi..
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ]| 2023-11-08 14:21:43 by Thomas Klausner | Files touched by this commit (2377) |
Log message: *: recursive bump for icu 74.1 |
| 2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298) |
Log message: *: bump for openssl 3 |
2023-06-17 20:19:06 by Adam Ciarcinski | Files touched by this commit (9) |  |
Log message: freeradius: updated to 3.2.3 Version 3.2.3 has been released. The focus of this release is stability. |
| 2023-04-19 10:12:01 by Adam Ciarcinski | Files touched by this commit (2359) | |
Log message: revbump after textproc/icu update |
| 2023-04-05 11:16:43 by Adam Ciarcinski | Files touched by this commit (12) | |
Log message:
freeradius: updated to 3.2.2
Version 3.2.2
FEATURE IMPROVEMENTS
The "configure" process now gives a much clearer report when it's \
finished. Patches by Matthew Newton.
Fallback to "uname -n" on missing "hostname".
Export thread details in radmin "stats threads".
Improve queries for processing radacct into periodic usage data Fix from Nick Porter.
Update dictionary.juniper.
Add dictionary.calix.
Fix dictionary.rfc6519 DS-Lite-Tunnel-Name to be "octets".
Update documentation for robust-proxy-accounting, and be more aggressive about \
sending packets.
Add per-module README.md files in the source.
Add default Visual Studio configuration for developers.
Postgres can now automatically use alternate queries for errors other than \
duplicate keys.
%{listen:TLS-PSK-Identity} is now set when using PSK and psk_query This helps \
the server track the identity of the client which is connecting.
Include thread stats in Status-Server attributes.
Mark rlm_unbound stable and add to packages. Patches by Nick Porter.
Remove broken/unsupported Dockerfiles for centos8 and debian9.
Ensure Docker containers have stable uid/gid. Patches from Terry Burton.
BUG FIXES
Preliminary support for non-blocking TLS sockets.
Fix support for partial certificate chains after adding reload support.
Fix handling of debug_condition.
Clean up home server states, and re-sync with the dictionaries.
Correct certificate order when creating TLS-* attributes
Update use of isalpha() etc. so broken configurations have less impact on the server.
Outgoing TLS sockets now set SNI correctly from the "hostname" \
configuration item.
Support Apple Homebrew on the M1.
Better error messages when %{listen:TLS-...} is used.
Getting statistics via Status-Server can now be done within a virtual server.
Make TTLS+MS-CHAP work with TLS 1.3.
Fix md5 xlat memory leak when using OpenSSL 3. Fix by Terry Burton.
Version 3.2.1
FEATURE IMPROVEMENTS
Add dictionary.ciena, dictionary.nile, and DHCPv4 dictionaries,.
Add simultaneous-use queries for MS SQL.
Add radmin command for "stats pool <module-name>" Which prints \
out statistics about the connection pools.
Client statistics now shows "conflicts", to count conflicting packets.
New optional "lightweight accounting-on/off" strategy. When refreshing \
queries.conf you should also add the new nasreload table and corresponding \
GRANTs to your DB schema.
Add TLS-Client-Cert-X509v3-Certificate-Policies, which helps with Eduroam. \
Suggested by Stefan Winter.
Allow auth+acct for TCP sockets, too.
Add rlm_cache_redis. See raddb/mods-available/cache for details.
Allow radmin to look up home servers by name, too.
Ensure that dynamic clients don't create loops on duplicates Reported by Sam Yee.
Removed rlm_sqlhpwippool. There was no documentation, no configuration, and the \
module was ~15 years old with no one using it.
Marked rlm_python3 as stable.
Add sigalgs_list. See raddb/mods-available/eap. Patch from Boris Lytochkin.
For rlm_linelog, when opening files in /dev, look at "permissions" to \
see whether to open them r/w.
More flexibility for dynamic home servers. See \
doc/configuration/dynamic_home_servers.md and raddb/home_servers/README.md.
Allow setting of application_name for PostgreSQL. See mods-available/sql.
BUG FIXES
Correct test for open sessions in radacct for MS SQL.
The linelog module now opens /dev/stdout in "write-only" mode if the \
permissions are set to "u+w" (0002).
Various fixes to rlm_unbound from Nick Porter.
PEAP now correctly runs Post-Auth-Type Accept.
Create "TLS-Cert-*" for outbound Radsec, instead of TLS-Client-Cert-*. \
See sites-available/tls, and fix_cert_order.
Minor updates and fixes to CI, Dockerfiles and packaging.
Fix rlm_python3 build with python >= 3.10.
|
| 2022-10-26 12:32:08 by Thomas Klausner | Files touched by this commit (687) |
Log message: *: bump PKGREVISION for libunistring shlib major bump |
| 2021-12-08 17:07:18 by Adam Ciarcinski | Files touched by this commit (3063) |
Log message: revbump for icu and libffi |
| 2021-11-12 13:27:39 by Adam Ciarcinski | Files touched by this commit (8) | |
Log message: freeradius: updated to 3.0.25 FreeRADIUS 3.0.25 Feature improvements * Better debug output when proxying is disabled * Updates to support PostgreSQL 14 Bug fixes * Add `correct_escapes` back into default configuration * Fix undeclared variable with some compile options * Quiet erroneous debug output * Fix segfault when proxying to zombie home server * Fix resolving values to enum strings in rlm_rest * Fix printing raw values rather than enum strings in rlm_couchbase FreeRADIUS 3.0.24 Feature improvements * Add sanitizer options to configure script. * Log information needed by Wireshark to decode TLS sessions. * Allow more liberal SQL commands in rlm_sql_map. * Update dictionary.apc, dictionary.h3c * Add new Acct-Status-Type Subsystem-On and Subsystem-Off. See dictionary.iana and https://freeradius.org/rfc/acct_status_type_subsystem.html * Add reject_unknown_intermediate_ca. See mods-available/eap * Add dynamic loading of certificates via TLS-Session-Cert-File. See raddb/certs/realms/README.md * Add Server Name Indication (SNI) for outbound RadSec connections. See raddb/sites-available/tls, and the home server tls configuration. * Support SNI for inbound RadSec connections. Certificates will be loaded from "realm_dir" in the "tls" section. SNI will be cached in the TLS-Server-Name-Indication attribute. * Preliminary support for haproxy "PROXY" protocol. See sites-available/tls, "proxy_protocol" and \ doc/antora/modules/howto/pages/protocols/proxy/ * Generate parse errors in more circumstances when we know that the configuration is wrong. * Add "weeklycounter" to sample sqlcounter configuration * Add certificate attributes to the request list, even if the certificates have expired. * The Simultaneous-Use code is now IPv6 aware, and can deal with NAS-IPv6-Address. * Add dictionary.cambium Bug fixes * Fix crash in trustrouter module. Patch from Alejandro Perez * Fix crash in state handling. * Don't alter global options in redhat logrotate scripts. * EAP-FAST will print errors and continue, rather than exiting when OpenSSL fails various internal sanity checks. * Allow admin to manually change core limits, even when core limits are disabled. Patch from Antonio Torres. * Fix chunked rlm_rest HTTP body. Patch from Nathan Ward. * Many fixes around the SQL ippool queries.conf and schema. Patches from Jorge Periera. * Fix MySQL stored procedures. * Rework connection pool management for corner cases. * Final fix for double free. * Fix sqlcounter wrong memory free. * Accept slow writes from proxies over TCP, which allows the server to make more progress when it receives partial packets. * Add 'weeklycounter' for rlm_sqlcounter. * Outbound proxying over TCP / TLS is better able to deal with partial TCP reads, and has fewer issues with slow networks. * Fix wrong data-type of Acct-Delay-Time in rlm_unix. * Fix EAP-FAST PAC lifetime calculation. * Print correct encoded packet length when debugging |
New packages: