From 270a98aff36871f422a16526b2c2a3d290946f48 Mon Sep 17 00:00:00 2001 From: Linus Nordberg Date: Wed, 28 Sep 2011 12:53:58 +0200 Subject: Add 1.5-dev notes and reverse the order of the entries in the file. --- ChangeLog | 173 +++++++++++++++++++++++++++++++++++--------------------------- 1 file changed, 98 insertions(+), 75 deletions(-) diff --git a/ChangeLog b/ChangeLog index b8cef87..f5d421a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,67 +1,27 @@ -2007-09-21 1.0 -2007-10-16 1.0p1 - Fixed crash when servers were configured after first realm block -2007-12-24 1.1-alpha - Pretend option for validating configuration - Include option for including additional config files - Allows clients configured by IP prefix, dynamic clients - Server failover support - Rewriting of username attribute - Source address and port can be specified for requests -2008-05-14 1.1-beta - No longer looks for radsecproxy.conf in current directory - Rewrite block that allows removal of specified attributes - certificateNameCheck option for disabling CN/SubjectAltName check - matchCertificateAttribute now also supports CN matching - Forwarding of accounting messages, accountingServer option for realms - Supports multiple client blocks for same source address with different - certificate checks - Removed weekday from log timestamps -2008-07-24 1.1 - Logging stationid attribute - Added LoopPrevention option - Failover also without status-server - Options for RetryCount and RetryInterval - Working accounting and AccountingResponse option - CRL checking and option for enabling it -2008-10-07 1.2 - listenTCP and sourceTCP options renamed to listenTLS and sourceTLS - Old options deprecated but available for backwards compatiblity - Logging reply-message attribute from Reject messages - Contribution from Arne Schwabe - Rewrite blocks have new options addAttribute and modifyAttribute - rewriteIn (replacing rewrite) and rewriteOut in client and server - blocks for specifying rewrite on input/output. rewrite deprecated - but available as an alias for rewriteIn for backwards compatibility. - rewritein rewriteout rewrite - regular expressions in realms etc can now be more advanced, including - use of "or". - cacheExpiry option in tls blocks for specifying expiry time for the - cache of CA certificates and CRLs. This is particularly useful for - regularly updating CRLs. - Some logging has been made more informative -2008-12-04 1.3-alpha - Support for TCP and DTLS transports (type tcp, type dtls) - Listen... options can be specified multiple times - Dynamic server discovery - DuplicateInterval option in client block for specifying for how - long a request/reply shall be stored for duplicate detection - Support for RADIUS TTL (hopcount) attribute. Decrements value of - the TTL attribute if present, discards message if becomes 0. - If addTTL option is used, the TTL attribute is added with the - specified value if the forwarded message does not have one. - PolicyOID option can be used to require certain CA policies. -2009-02-18 1.3-beta - Client and Server blocks may contain multiple host options. - Configure (Makefile) options for specifying which transports - should be supported in a build. -2009-03-12 1.3 - Fixed some very minor bugs - Changed log levels for some messages, made loglevel 2 default -2009-07-22 1.3.1 - Fixed header files for FreeBSD - Fix for multiple UDP servers on same IP address, solves accounting - problems. +2011-09-28 1.5-dev + New features: + - Support for F-Ticks logging. + - New binary radsecproxy-hash. + + Incompatible changes: + - catgconf renamed to radsecproxy-conf. + + Bug fixes: + - All compiler warnings removed. Building with -Werror. + +2010-11-23 1.4.2 + Bug fixes: + - Don't disable OpenSSL session caching for 0.9.8p and newer in + the 0.9.x track. + - Detect OpenSSL version at runtime rather than at compile time. + +2010-11-17 1.4.1 + Bug fixes: + - OpenSSL session caching is disabled when built against OpenSSL + older than 1.0.0b to mitigate possible effects of + http://openssl.org/news/secadv_20101116.txt (RADSECPROXY-14). + - Crash bug when reading improper config file fixed. + 2010-06-12 1.4 Incompatible changes: - Log level 4 used to be DBG_DBG but is now DBG_NOTICE. In order @@ -81,14 +41,77 @@ - Build on Solaris when compiling with gcc. - A bug in pwdencrypt() with passwords of a length greater than 16 octets. -2010-11-17 1.4.1 - Bug fixes: - - OpenSSL session caching is disabled when built against OpenSSL - older than 1.0.0b to mitigate possible effects of - http://openssl.org/news/secadv_20101116.txt (RADSECPROXY-14). - - Crash bug when reading improper config file fixed. -2010-11-23 1.4.2 - Bug fixes: - - Don't disable OpenSSL session caching for 0.9.8p and newer in - the 0.9.x track. - - Detect OpenSSL version at runtime rather than at compile time. + +2009-07-22 1.3.1 + Fixed header files for FreeBSD + Fix for multiple UDP servers on same IP address, solves accounting + problems. + +2009-03-12 1.3 + Fixed some very minor bugs + Changed log levels for some messages, made loglevel 2 default + +2009-02-18 1.3-beta + Client and Server blocks may contain multiple host options. + Configure (Makefile) options for specifying which transports + should be supported in a build. + +2008-12-04 1.3-alpha + Support for TCP and DTLS transports (type tcp, type dtls) + Listen... options can be specified multiple times + Dynamic server discovery + DuplicateInterval option in client block for specifying for how + long a request/reply shall be stored for duplicate detection + Support for RADIUS TTL (hopcount) attribute. Decrements value of + the TTL attribute if present, discards message if becomes 0. + If addTTL option is used, the TTL attribute is added with the + specified value if the forwarded message does not have one. + PolicyOID option can be used to require certain CA policies. + +2008-10-07 1.2 + listenTCP and sourceTCP options renamed to listenTLS and sourceTLS + Old options deprecated but available for backwards compatiblity + Logging reply-message attribute from Reject messages + Contribution from Arne Schwabe + Rewrite blocks have new options addAttribute and modifyAttribute + rewriteIn (replacing rewrite) and rewriteOut in client and server + blocks for specifying rewrite on input/output. rewrite deprecated + but available as an alias for rewriteIn for backwards compatibility. + rewritein rewriteout rewrite + regular expressions in realms etc can now be more advanced, including + use of "or". + cacheExpiry option in tls blocks for specifying expiry time for the + cache of CA certificates and CRLs. This is particularly useful for + regularly updating CRLs. + Some logging has been made more informative + +2008-07-24 1.1 + Logging stationid attribute + Added LoopPrevention option + Failover also without status-server + Options for RetryCount and RetryInterval + Working accounting and AccountingResponse option + CRL checking and option for enabling it + +2008-05-14 1.1-beta + No longer looks for radsecproxy.conf in current directory + Rewrite block that allows removal of specified attributes + certificateNameCheck option for disabling CN/SubjectAltName check + matchCertificateAttribute now also supports CN matching + Forwarding of accounting messages, accountingServer option for realms + Supports multiple client blocks for same source address with different + certificate checks + Removed weekday from log timestamps + +2007-12-24 1.1-alpha + Pretend option for validating configuration + Include option for including additional config files + Allows clients configured by IP prefix, dynamic clients + Server failover support + Rewriting of username attribute + Source address and port can be specified for requests + +2007-10-16 1.0p1 + Fixed crash when servers were configured after first realm block + +2007-09-21 1.0 -- cgit v1.1