Revisions of freeradius-server
Stephan Kulow (coolo)
accepted
request 298812
from
Vítězslav Čížek (vitezslav_cizek)
(revision 56)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 281294
from
Tomáš Chvátal (scarabeus_factory)
(revision 55)
- Do not disable as-needed build
- Remove the with_sysconfig switch and just stick with versions
- update to 3.0.6
- fixes a segmentation fault in PEAP module (bnc#912588)
Feature improvements:
* radmin / raddebug conditional errors are printed to the output, instead of being discarded.
* raddebug will exit if condition set with -c was invalid.
* radmin auto-reconnects if the connection to the server has gone away.
* rlm_cache now has submodule support. See raddb/mods-available/cache
* New memcached driver for rlm_cache. See raddb/mods-available/cache
* Add support for &Attribute-Name[*] in conditions. See "man unlang" for details.
* Add &Attribute-Name[n] which gets the last instance of an attribute e.g. Module-Failure-Message[n].
* Allow for redundant string expansions. See the "instantiate" section of radiusd.conf.
* When checking IP addresses in conditions, make the right side be parsed as an IP prefix.
* Support JIT compilation of compiled regular expressions when built with libpcre.
* Support named capture groups with "%{regex:<name>}" when built with libpcre.
* Increase regular expression capture groups from 8 to 32.
* Emit error markers for badly formed regular expressions.
* Allow 'm' flag to enable multiline mode in regular expressions.
* Support limited implicit attribute conversion in update sections.
* Support casting between IPv6 and IPv4 where the IPv6 address has the v4/v6 mapping prefix (::ffff:).
Dominique Leuenberger (dimstar_suse)
accepted
request 266133
from
Ismail Dönmez (namtrac)
(revision 54)
1
Stephan Kulow (coolo)
accepted
request 243572
from
Vítězslav Čížek (vitezslav_cizek)
(revision 52)
1
Stephan Kulow (coolo)
accepted
request 234720
from
Tomáš Chvátal (scarabeus_factory)
(revision 51)
- update to 3.0.3
Many bugfixes
Feature improvements
* Everything now builds with no warnings from the C compiler,
clang static analyzer, or cppcheck.
* rlm_ldap now supports defining the LDAP attribute name via
backticked expansion (i.e. shell command) in
RADIUS <-> LDAP mappings.
* rlm_ldap now supports older style generic attributes.
* dynamic expansions (e.g. "%{expr:1 + 2}" are now parsed
when the server starts. Syntax errors in the strings
are caught, and a descriptive error is printed.
* Static regular expressions (e.g. /a*b/) are now parsed
when the server starts. Syntax errors in the strings
are caught, and a descriptive error is printed.
* dynamic expansions are cached after being parsed. They are
no longer re-parsed at run-time for every request.
* regular expressions are now parsed and cached when the server
starts.
* Added the %{rest:} expansion to rlm_rest, which will send
a GET request to the URL passed as the format string.
Any body text will be written to the expansion buffer.
* rlm_rest now available as a debian package.
* When an 'if' condition statically evaluates to true/false,
unlang does more static optimization. For examples, see
src/tests/keywords/if-skip
* All modules are marked as safe for '-C', which lets the
dynamic expansion checks work in more situations.
* Added 'none' and 'custom' rlm_rest body types. 'custom'
allows sending of arbitrary expanded text and content-type (forwarded request 234679 from vitezslav_cizek)
Stephan Kulow (coolo)
accepted
request 224384
from
Marcus Meissner (msmeissn)
(revision 50)
- fix for CVE-2014-2015 (bnc#864576) * denial of service in rlm_pap hash processing * added freeradius-server-CVE-2014-2015.patch - remove the old 3.0.0 sources (forwarded request 224192 from vitezslav_cizek)
Stephan Kulow (coolo)
accepted
request 221398
from
Marcus Meissner (msmeissn)
(revision 49)
- update to 3.0.1
Feature improvements
* Add "timeout" to exec, and "ntlm_auth_timeout" to mschap.
So that run-away child processes are caught earlier.
* Allow TLS clients to use "proto = tls", in which case
TLS is required. The shared secret is then set to "radsec".
* More documentation in the tls virtual server.
* Add "date" module for date formatting.
See raddb/mods-available/date.
* Added unit test suite for internal server functionality
* When loading "update" sections, check if the RHS is a literal
value. If so, syntax check it immediately.
* Update LDAP module documentation and functionality.
The generic attribute can now update lists.
* Updated dictionary.extreme.
* Update sqlippool to do clears as a separate transaction,
and at most once per second. This should help MySQL.
* Respect control:Response-Packet-Type for all types of
requests.
* Add support for SSL encryption to the MySQL driver.
* Allow arbitrary connection parameters to be used with the
PostgreSQL driver.
* Changes to the OpenLDAP schema to fully expose functionality
of the new LDAP module.
* Update debian packaging to include a freeradius-config
package. This package may be provided as a site local
package to avoid fighting with the preinstalled config
files.
Bug fixes
* Use correct field for ARP setting in DHCP.
Tomáš Chvátal (scarabeus_factory)
accepted
request 204250
from
Andrey Karepin (EGDFree)
(revision 48)
- don't build with experimental modules - fix packaging bugs: * install init scripts only on <= 11.4 * install systemd unit * add %defattr for submodules (forwarded request 204232 from vitezslav_cizek)
Tomáš Chvátal (scarabeus_factory)
accepted
request 197517
from
Michael Schröder (mlschroe)
(revision 46)
->
Stephan Kulow (coolo)
accepted
request 159505
from
Marcus Meissner (msmeissn)
(revision 45)
- fixed a bug in the logrotate script (bnc#797292) (forwarded request 159427 from vitezslav_cizek)
Stephan Kulow (coolo)
accepted
request 137506
from
Factory Maintainer (factory-maintainer)
(revision 43)
Automatic submission by obs-autosubmit
Ismail Dönmez (namtrac)
accepted
request 133604
from
Marcus Meissner (msmeissn)
(revision 42)
- update to 2.2.0
- see /usr/share/doc/packages/freeradius-server/ChangeLog
for complete list of changes in this release
- fixes CVE-2012-3547 (bnc#777834)
- dropped freeradius-server-2.1.6-overflow.patch (upstream)
- dropped freeradius-server-sha1-default.patch (upstream)
- refreshed freeradius-server-fix-cert-bootstrap.patch (forwarded request 133519 from vitezslav_cizek)
Stephan Kulow (coolo)
accepted
request 124362
from
Marcus Meissner (msmeissn)
(revision 40)
- Use the new 'su' logrotate option (bnc#677335) - Enable the same CFLAGS as for other hardware
Stephan Kulow (coolo)
accepted
request 88732
from
Vítězslav Čížek (vitezslav_cizek)
(revision 38)
- update to 2.1.12
Feature improvements
* Updates to dictionary.erx, dictionary.siemens, dictionary.starent,
dictionary.starent.vsa1, dictionary.zyxel, added dictionary.symbol
* Added support for PCRE from Phil Mayers
* Configurable file permission in rlm_linelog
* Added "relaxed" option to rlm_attr_filter. This copies attributes
if at least one match occurred.
* Added documentation on dynamic clients.
See raddb/modules/dynamic_clients.
* Added support for elliptical curve cryptography.
See ecdh_curve in raddb/eap.conf.
* Added support for 802.1X MIBs in checkrad
* Added support for %{rand:...}, which generates a uniformly
distributed number between 0 and the number you specify.
* Created "man" pages for all installed commands, and documented
options for all commands. Patch from John Dennis.
* Allow radsniff to decode encrypted VSAs and CoA packets.
Patch from Bjorn Mork.
* Always send Message-Authenticator in radtest. Patch from John Dennis.
radclient continues to be more flexible.
* Updated Oracle schema and queries
* Added SecurID module. See src/modules/rlm_securid/README
Displaying revisions 41 - 60 of 97
