You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Allow defaults to be set for bulk clients in LDAP and couchbase.
Updates to dhcpclient. Patches from Nicolas C.
rlm_mschap now supports direct connections to winbind, which is faster than ntlm_auth. See raddb/mods-available/mschap. Patch from Matthew Newton.
Recommend /dev/urandom for TLS randomness, instead of ${certdir}/random
Allow TLSv1 to be disabled via "disable_tlsv1" in tls{}.
Allow Expanded EAP types where vendor is 0 (IETF) and type is normal EAP type. Supplicants sending Expanded EAP types like this are broken.
Add support for server side sort controls when searching for user objects in rlm_ldap.
Bug fixes
Don't complain about "authorize" in "server {}" blocks, but only if there's no "server" block.
Fix cosmetic issue where debug from the first packet read by a detail reader thread would be emited during config parsing.
Fix ASSERT on truncated detail packets.
Don't use main server log functions from within panic_action, as in the case of syslog this would cause deadlocks if the fault was triggered from within a malloc.
Fix issue in "switch" when "correct_escapes = false". Fixes #911.
Fix sqlcounter configuration to use "%%b" instead of "%b", otherwise the new syntax validation will fail.
Allow forward references in configuration items. Modules aren't always loaded in a sane order.
Fix state machine threading issues for conflicting packets.
Fix copy_request_to_tunnel issues for tagged attributes.
Allow "ok" to over-ride "updated" inside of Auth-Type sections.
Update state machine so that post-proxy is run though child threads for performance, instead of blocking the main thread.
Allow "netmask" to work again in client definitions.
Relax restrictions on SQL group queries.
track outgoing proxy sockets and clean them up more aggressively.
track proxy statistics, including CoA and Disconnect.
If radmin has a connection failure when running a command, it re-connects and runs the command again.
mark home servers "unknown" less aggressively.
Fix potential SEGV in PostgreSQL driver on error.
Fix issue where fields like nas_type would not be accessible via the %{client:} xlat, for dynamic clients.
Set default busy_timeout (of 200ms) in the sqlite driver, so writes don't cause selects to fail in multithreaded mode. This is user configurable, and may be increased if required.
Convert Password-With-Header attributes to binary (from hex or base64), in the authorize method of rlm_pap.
Fix invalid assert in state.c, that could cause abort in post-auth.
Fix double free when -m flag is used, and connection pools are referenced by multiple modules.
RADIUS over TLS accounting uses the same port as authentication.
Regularized return codes from radmin commands.
Fix RHEL spec file so it works correctly for Centos7 which uses systemd, and didn't like the SystemV init script.
radwho and radlast now have a -D option to load dictionaries
DHCP packets are no longer checked for duplicates.
Don't crash in sql module group comparisons in corner case.
