Feature improvements
- Add
dictionary.ciena,dictionary.nile, and DHCPv4 dictionaries, - Add simultaneous-use queries for MS SQL.
- Add radmin command for
stats pool <module-name>which prints out statistics about the connection pools. - Client statistics now shows "conflicts", to count conflicting packets.
- New optional "lightweight accounting-on/off" strategy. When refreshing
queries.confyou should also add the newnasreloadtable and corresponding GRANTs to your DB schema. - Add
TLS-Client-Cert-X509v3-Certificate-Policies, which helps with eduroam. Suggested by Stefan Winter. - Allow auth+acct for TCP sockets, too.
- Add
rlm_cache_redis. Seeraddb/mods-available/cachefor details. - Allow radmin to look up home servers by name, too.
- Ensure that dynamic clients don't create loops on duplicates. Reported by Sam Yee.
- Removed
rlm_sqlhpwippool. There was no documentation, no configuration, and the module was ~15 years old with no one using it. - Marked
rlm_python3as stable. - Add
sigalgs_list. Seeraddb/mods-available/eap. Patch from Boris Lytochkin. - For
rlm_linelog, when opening files in/dev, look at "permissions" to see whether to open them r/w. - More flexibility for dynamic home servers. See
doc/configuration/dynamic_home_servers.mdandraddb/home_servers/README.md. - Allow setting of application_name for PostgreSQL. See
mods-available/sql.
Bug fixes
- Correct test for open sessions in radacct for MS SQL.
- The linelog module now opens
/dev/stdoutin "write-only" mode if the permissions are set to "u+w" (0002). - Various fixes to
rlm_unboundfrom Nick Porter. - PEAP now correctly runs
Post-Auth-Type Accept. - Create
TLS-Cert-*for outbound RadSec, instead ofTLS-Client-Cert-*. Fixes #4698. Seesites-available/tls, andfix_cert_order. - Minor updates and fixes to CI, Dockerfiles and packaging.
- Fix
rlm_python3build with Python >= 3.10. Fixes #4441