Version 2.0.2 has been released.
People using EAP should definitely upgrade.
Feature improvements
* Added notes on how to debug the server in radiusd.conf
* Moved all log_* in radiusd.conf to log{} section.
The old configurations are still accepted, though.
* Added ca.der target in raddb/certs/Makefile. This is
needed for importing CA certs into Windows.
* Added ability send raw attributes via
Raw-Attribute = 0x0102...
This is available only debug builds. It can be used
to create invalid packets! Use it with care.
* Permit unlang policies inside of Auth-Type{} sub-sections
of the authenticate{} section. This makes some policies
easier to implement.
* listen sections can now have type = proxy. This lets you
control which IP is used for sending proxied requests.
* Added note on SSL performance to raddb/certs/README
Bug fixes
* Fixed reading of detail files.
* Allow inner EAP tunneled sessions to be proxied.
* Corrected MySQL schemas
* syslog now works in log{} section.
* Corrected typo in raddb/certs/client.cnf
* Updated raddb/sites-available/proxy-inner-tunnel to
permit authentication to work.
* Ignore zero-length attributes in received packets.
* Correct memcpy when dealing with unknown attributes.
* Corrected debugging messages in attr_rewrite.
* Corrected generation of State attribute in EAP. This
fixes the failed to remember handler issues.
* Fall back to DEFAULT realm if no realm was found.
Based on a patch from Vincent Magnin.
* Updated example raddb/sites-available/proxy-inner-tunnel
* Corrected behavior of attr_filter to match documentation.
This is NOT backwards compatible with previous versions!
See man rlm_attr_filter for details.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Version 2.0.2 has been released.
With 2.0.2 I tried a performance test with eap authentications.
At one point I get :
Thu Feb 14 15:10:30 2008 : Error: rlm_eap: No EAP session matching the
State variable.
Thu Feb 14 15:10:30 2008 : Error: rlm_eap: Either EAP-request timed out
OR EAP-response to an unknown EAP-request
Is this the normal message when the server is too busy?
Norbert Wegener
Alan T DeKok schrieb:
People using EAP should definitely upgrade.
Feature improvements
* Added notes on how to debug the server in radiusd.conf
* Moved all log_* in radiusd.conf to log{} section.
The old configurations are still accepted, though.
* Added ca.der target in raddb/certs/Makefile. This is
needed for importing CA certs into Windows.
* Added ability send raw attributes via
Raw-Attribute = 0x0102...
This is available only debug builds. It can be used
to create invalid packets! Use it with care.
* Permit unlang policies inside of Auth-Type{} sub-sections
of the authenticate{} section. This makes some policies
easier to implement.
* listen sections can now have type = proxy. This lets you
control which IP is used for sending proxied requests.
* Added note on SSL performance to raddb/certs/README
Bug fixes
* Fixed reading of detail files.
* Allow inner EAP tunneled sessions to be proxied.
* Corrected MySQL schemas
* syslog now works in log{} section.
* Corrected typo in raddb/certs/client.cnf
* Updated raddb/sites-available/proxy-inner-tunnel to
permit authentication to work.
* Ignore zero-length attributes in received packets.
* Correct memcpy when dealing with unknown attributes.
* Corrected debugging messages in attr_rewrite.
* Corrected generation of State attribute in EAP. This
fixes the failed to remember handler issues.
* Fall back to DEFAULT realm if no realm was found.
Based on a patch from Vincent Magnin.
* Updated example raddb/sites-available/proxy-inner-tunnel
* Corrected behavior of attr_filter to match documentation.
This is NOT backwards compatible with previous versions!
See man rlm_attr_filter for details.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Version 2.0.2 has been released.
Hey Alan,
is the LDAP_DEPRECATED stuff all fixed in 2.0.2? just wanna double
check before i compile it and don't pass that option myself...
Thanks,
Joe Vieira
UNIX Systems Administrator
Clark University - ITS
Norbert Wegener wrote:
With 2.0.2 I tried a performance test with eap authentications.
At one point I get :
Thu Feb 14 15:10:30 2008 : Error: rlm_eap: No EAP session matching the
State variable.
Thu Feb 14 15:10:30 2008 : Error: rlm_eap: Either EAP-request timed out
OR EAP-response to an unknown EAP-request
Is this the normal message when the server is too busy?
Norbert Wegener
Alan T DeKok schrieb:
People using EAP should definitely upgrade.
Feature improvements
* Added notes on how to debug the server in radiusd.conf
* Moved all log_* in radiusd.conf to log{} section.
The old configurations are still accepted, though.
* Added ca.der target in raddb/certs/Makefile. This is
needed for importing CA certs into Windows.
* Added ability send raw attributes via
Raw-Attribute = 0x0102...
This is available only debug builds. It can be used
to create invalid packets! Use it with care.
* Permit unlang policies inside of Auth-Type{} sub-sections
of the authenticate{} section. This makes some policies
easier to implement.
* listen sections can now have type = proxy. This lets you
control which IP is used for sending proxied requests.
* Added note on SSL performance to raddb/certs/README
Bug fixes
* Fixed reading of detail files.
* Allow inner EAP tunneled sessions to be proxied.
* Corrected MySQL schemas
* syslog now works in log{} section.
* Corrected typo in raddb/certs/client.cnf
* Updated raddb/sites-available/proxy-inner-tunnel to
permit authentication to work.
* Ignore zero-length attributes in received packets.
* Correct memcpy when dealing with unknown attributes.
* Corrected debugging messages in attr_rewrite.
* Corrected generation of State attribute in EAP. This
fixes the failed to remember handler issues.
* Fall back to DEFAULT realm if no realm was found.
Based on a patch from Vincent Magnin.
* Updated example raddb/sites-available/proxy-inner-tunnel
* Corrected behavior of attr_filter to match documentation.
This is NOT backwards compatible with previous versions!
See man rlm_attr_filter for details.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Version 2.0.2 has been released.
Joe Vieira wrote: Hey Alan, is the LDAP_DEPRECATED stuff all fixed in 2.0.2? just wanna double check before i compile it and don't pass that option myself... I committed it, and it should be there. Check for it in the Makefile after ./configure. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Version 2.0.2 has been released.
Norbert Wegener wrote: With 2.0.2 I tried a performance test with eap authentications. At one point I get : Thu Feb 14 15:10:30 2008 : Error: rlm_eap: No EAP session matching the State variable. Thu Feb 14 15:10:30 2008 : Error: rlm_eap: Either EAP-request timed out OR EAP-response to an unknown EAP-request Is this the normal message when the server is too busy? Only if there is an interval of 60 seconds between EAP packets for one session. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
