Parent Directory | Revision Log | Patch
--- radius/NEWS 2003/12/24 16:08:29 1.67 +++ radius/NEWS 2004/06/24 14:04:36 1.84 @@ -1,8 +1,116 @@ -GNU Radius NEWS -- history of user-visible changes. 2003-12-08 -Copyright (C) 2002,2003 Free Software Foundation, Inc. +GNU Radius NEWS -- history of user-visible changes. 2004-06-24 +Copyright (C) 2002,2003,2004 Free Software Foundation, Inc. See the end of file for copying conditions. Please send radius bug reports to <bug-gnu-radius@gnu.org> +^L +Version 1.2.93: + +* Important compatibility note. + +Previous versions of GNU Radius were silently adding an NAS-IP-Address +attribute/value pair to any requests lacking it. Whereas such behavior +is sometimes useful, it is not always needed. Therefore, the new +version of GNU Radius does not automatically add this attribute. +Instead, a rewrite rule is provided for this purpose. The default +raddb/hints file is shipped with this rule enabled. If you are +upgrading from a previously installed version of GNU Radius, you might +wish to add the following rule to the very beginning of your +'raddb/hints': + + DEFAULT Rewrite-Function = restore_nas_ip + Fall-Through = Yes + +If you chose to do so, add the following statement to the "rewrite" +section of 'raddb/config': + + load "nas-ip.rw"; + +* radiusd + +** Improved checking for multiple logins. Previous versions relied entirely +on the contents of /var/log/radutmp file. Starting at this version, +radiusd offers at least two methods of checking for multiple logins: +using the traditional radutmp file and using the SQL database. New +keywords has been added to the sqlserver file that declare the SQL +queries to be used when retrieving information about currently +active sessions. + +More methods of checking will be added in future versions. + +** New methods of querying the NASes about active user sessions: using +guile function and using an external program. + +** When an unsupported authentication type is requested, radiusd first +checks if an extension Scheme module is provided that handles that +authentication type. If such module is found, it is invoked to handle +the authentication. + +** System accounting can be turned off by specifying `system no;' in +`acct' section of raddb/config. + +** New configuration statement 'load-module' allows to load arbitrary +Scheme modules. + +** The file names of detailed log files are configurable via `detail-file-name' +statements in `auth' and `acct' sections of raddb/config. + +** Support for Guile versions prior to 1.6 has been withdrawn. + +** Implemented support for locking user accounts based on the number +of authentication failures: + +*** New attribute Auth-Failure-Trigger specifies an external program or +a Scheme expression to be run upon an authentication failure. It can +update failure counts that subsequently will be used by +Exec-Program-Wait or Scheme-Procedure. + +*** New keywords auth_success_query and auth_failure_query set +SQL queries to be executed upon authentication success and failure, +respectively. These may maintain failure counts, that can be +used by group_query to control the authentication. + +** Rewrite-Function attributes are handled uniformly in hints and +huntgroups. First, the Rewrite-Function attributes from the RHS list +are processed, then the ones from the LHS list. Notice, that in +contrast with the previous versions, any number of Rewrite-Function +attributes is allowed in both lists. + +* Rewrite language + +** Added i18n support + +** New built-in functions: + +*** Functions to access internal fields of a RADIUS request. +*** Interfaces to the Radius NAS database (raddb/naslist). +*** Interfaces to DNS lookup functions. + +* libgnuradius + +This is a library of functions for creation, handling and sending +requests using RADIUS protocol. + +All programs have been rewritten to link with libgnuradius. On most +sites this will mean linking against a shared library, which will +reduce the size of the executables. + +* gnuradius.scm + +This is a guile module allowing to use libgnuradius functions. It +supersedes radscm program, which has been removed. + +* Bugfixes + +** Allow to omit port numbers in `listen' statements (raddb/config), as +described in the documentation. + +** Fixed several inconsistencies in parsing Ascend-Data-Filter and +Ascend-Call-Filter attributes. + +** Fixed a long-standing bug in radtest that caused misinterpretation +of optional arguments if the program was invoked from '#!' shell magic. + Version 1.2: @@ -1041,7 +1149,7 @@ be told the ways of handling them withou ========================================================================= Copyright information: -Copyright (C) 2002 Free Software Foundation, Inc. +Copyright (C) 2002,2003,2004 Free Software Foundation, Inc. Permission is granted to anyone to make or distribute verbatim copies of this document as received, in any medium, provided that the
savannah-hackers-public@gnu.org | ViewVC Help |
Powered by ViewVC 1.1.26 |