Skip to content

Releases: radsecproxy/radsecproxy

radsecproxy 1.11.2

25 Mar 13:27
1.11.2

Choose a tag to compare

Bug Fixes:

  • Fix Message-Authenticator validation for Accounting-Response

radsecproxy 1.11.1

06 Dec 15:17
1.11.1

Choose a tag to compare

Bug Fixes:

  • Fix wrong DN in certificate request (#154)
  • Fix memory leak when using SIGHUP
  • Fix exit when dyndisc script returns illegal PSKkey
  • Fix logging during config check
  • Fix invalid realm configs are ignored
  • Fix default tls block selection

Misc:

  • Improve message-authenticator logging

radsecproxy 1.11.0

05 Jul 15:24
1.11.0

Choose a tag to compare

New features:

  • TLS-PSK (#112)
  • Long hex-strings in config
  • Reload complete TLS context on SIGHUP, reload client/server cert and key (#76)
  • Implement SSLKEYLOGFILE mechanism
  • Options to require Message-Authenticator

Misc:

  • Re-verify certificates on SIGHUP and terminate invalid connections (#5)
  • Implement recommendations for deprecating insecure transports (#114)
  • verify EAP message content length (#128)
  • Close connection on radius attribute decode errors

Bug Fixes:

  • Fix correct secret for DTLS (radius/dtls)
  • Fix infinite loop when listening on tcp socket fails
  • Fix crashes under high load (#75, #109, #129)

radsecproxy 1.11.0-rc1

06 Jun 15:53
1.11.0-rc1

Choose a tag to compare

Pre-release

New features:

  • TLS-PSK (#112)
  • Long hex-strings in config
  • Reload complete TLS context on SIGHUP, reload client/server cert and key (#76)
  • Implement SSLKEYLOGFILE mechanism
  • Options to require Message-Authenticator

Misc:

  • Re-verify certificates on SIGHUP and terminate invalid connections (#5)
  • Implement recommendations for deprecating insecure transports (#114)
  • verify EAP message content length (#128)
  • Close connection on radius attribute decode errors

Bug Fixes:

  • Fix correct secret for DTLS (radius/dtls)
  • Fix infinite loop when listening on tcp socket fails

radsecproxy 1.10.1

02 May 18:23
1.10.1

Choose a tag to compare

Bug Fixes:

  • Fix tcp connection not closed after idle timeout
  • Fix tls/dtls logging (#127, #132)
  • Fix dynamic connection not re-established after timeout if both auth- and accounting server
    are dynamically resolved (#131).
  • Fix error in dyndisc script result might cause radsecproxy to exit.
  • Fix some TLS config errors not reported at startup
  • Fix referencing non-existant rewrite passed without error

Misc:

  • Add Message-Authenticator to requests if missing

radsecproxy 1.10.0

26 May 14:16
1.10.0

Choose a tag to compare

New features:

  • Native dynamic discovery for NAPTR and SRV records (#2, #83)
  • Optionally log accounting requests when respoinding directly (#72)
  • SNI support for outgoing connections (#90)
  • Optionally specify server name for certificate name check (#106)
  • Manual MTU setting for DTLS on non-linux platforms

Misc:

  • Don't require server type to be set by dyndisc scripts
  • Improve locating openssl lib using pkg-config

Bug Fixes:

  • Fix radius message length handling

radsecproxy 1.9.3

02 May 19:13
1.9.3

Choose a tag to compare

Bug Fixes:

  • Fix shutdown TLS connection on malformed radius message (#122)
  • Fix handling of lost requests in DTLS
  • Fix flush requests when dyndisc fails

radsecproxy 1.10.0-rc1

27 Mar 15:54
1.10.0-rc1

Choose a tag to compare

Pre-release

New features:

  • Native dynamic discovery for NAPTR and SRV records (#2, #83)
  • Optionally log accounting requests when respoinding directly (#72)
  • SNI support for outgoing connections (#90)
  • Optionally specify server name for certificate name check (#106)
  • Manual MTU setting for DTLS on non-linux platforms

Misc:

  • Don't require server type to be set by dyndisc scripts
  • Improve locating openssl lib using pkg-config

Bug Fixes:

  • Fix radius message length handling
  • Fix DTLS lost request and timeout handling

radsecproxy 1.9.2

23 Jan 15:31
1.9.2

Choose a tag to compare

Bug Fixes:

  • Fix potential segfault in tcp log message
  • Fix DTLS over IPv6
  • Fix SSL shutdown/EOF for openssl 3.x (#108)

radsecproxy 1.9.1

25 Oct 15:19
1.9.1

Choose a tag to compare

Misc:

  • OpenSSL 3.0 compatibility (#70)

Bug Fixes:

  • Fix refused startup with openssl <1.1 (#82)
  • Fix compiler issue for Fedora 33 on s390x (#84)
  • Fix small memory leak in config parser
  • Fix lazy certificate check when connecting to TLS servers
  • Fix connect is aborted if first host in list has invalid certificate
  • Fix setstacksize for glibc 2.34 (#91)
  • Fix system defaults/settings for TLS version not honored (#92)