2007-09-21 1.0 2007-10-16 1.0p1 Fixed crash when servers were configured after first realm block 2007-12-24 1.1-alpha Pretend option for validating configuration Include option for including additional config files Allows clients configured by IP prefix, dynamic clients Server failover support Rewriting of username attribute Source address and port can be specified for requests 2008-05-14 1.1-beta No longer looks for radsecproxy.conf in current directory Rewrite block that allows removal of specified attributes certificateNameCheck option for disabling CN/SubjectAltName check matchCertificateAttribute now also supports CN matching Forwarding of accounting messages, accountingServer option for realms Supports multiple client blocks for same source address with different certificate checks Removed weekday from log timestamps 2008-07-24 1.1 Logging stationid attribute Added LoopPrevention option Failover also without status-server Options for RetryCount and RetryInterval Working accounting and AccountingResponse option CRL checking and option for enabling it 2008-10-07 1.2 listenTCP and sourceTCP options renamed to listenTLS and sourceTLS Old options deprecated but available for backwards compatiblity Logging reply-message attribute from Reject messages Contribution from Arne Schwabe Rewrite blocks have new options addAttribute and modifyAttribute rewriteIn (replacing rewrite) and rewriteOut in client and server blocks for specifying rewrite on input/output. rewrite deprecated but available as an alias for rewriteIn for backwards compatibility. rewritein rewriteout rewrite regular expressions in realms etc can now be more advanced, including use of "or". cacheExpiry option in tls blocks for specifying expiry time for the cache of CA certificates and CRLs. This is particularly useful for regularly updating CRLs. Some logging has been made more informative 2008-12-04 1.3-alpha Support for TCP and DTLS transports (type tcp, type dtls) Listen... options can be specified multiple times Dynamic server discovery DuplicateInterval option in client block for specifying for how long a request/reply shall be stored for duplicate detection Support for RADIUS TTL (hopcount) attribute. Decrements value of the TTL attribute if present, discards message if becomes 0. If addTTL option is used, the TTL attribute is added with the specified value if the forwarded message does not have one. PolicyOID option can be used to require certain CA policies.