The world's most popular RADIUS Server.The FreeRADIUS Project
FreeRADIUS includes a RADIUS server, a BSD licensed client library, a PAM library, and an Apache module. In most cases, the word FreeRADIUS refers to the RADIUS server.
FreeRADIUS is the most widely deployed RADIUS server in the world. It is the basis for multiple commercial offerings. It supplies the AAA needs of many Fortune-500 companies and Tier 1 ISPs. It is also widely used in the academic community, including eduroam. The server is fast, feature-rich, modular, and scalable.
The server has reached a stable Version 2.1.6 (sig) , with incremental improvements added in every release.
Recent News
2009.05.18 Version 2.1.6 (sig) has been released. The focus of this release is stability.
Feature Improvements
- radclient exits with 0 on successful (accept / ack), and 1 otherwise (no response / reject)
- Added support for %{sql:UPDATE ..}, and insert/delete. Patch from Arran Cudbard-Bell
- Added sample "do not respond" policy. See raddb/policy.conf and raddb/sites-available/do_not_respond
- Cleanups to Suse spec file from Norbert Wegener
- New VSAs for Juniper from Bjorn Mork
- Include more RFC dictionaries in the default install
- More documentation for the WiMAX module
- Added "chase_referrals" and "rebind" configuration to rlm_ldap. This helps with Active Directory. See raddb/modules/ldap
- Don't load pre/post-proxy if proxying is disabled.
- Added %{md5:...}, which returns MD5 hash in hex.
- Added configurable "retry_interval" and "poll_interval" for "detail" listeners.
- Added "delete_mppe_keys" configuration option to rlm_wimax. Apparently some WiMAX clients misbehave when they see those keys.
- Added experimental rlm_ruby from http://github.com/Antti/freeradius-server/tree/master
- Add Tunnel attributes to ldap.attrmap
- Enable virtual servers to be reloaded on HUP. For now, only the "authorize", "authenticate", etc. processing sections are reloaded. Clients and "listen" sections are NOT reloaded.
- Updated "radwatch" script to be more robust. See scripts/radwatch
- Added certificate compatibility notes in raddb/certs/README, for compatibility with different operating systems. (i.e. Windows)
Bug Fixes
- Minor changes to allow building without VQP.
- Minor fixes from John Center
- Fixed raddebug example
- Don't crash when deleting attributes via unlang
- Be friendlier to very fast clients
- Updated the "detail" listener so that it only polls once, and not many times in a row, leaking memory each time...
- Update comparison for Packet-Src-IP-Address (etc.) so that the operators other than '==' work.
- Did autoconf magic to work around weird libtool bug
- Make rlm_perl keep tags for tagged attributes in more situations
- Update UID checking for radmin
- Added "include_length" field for TTLS. It's needed for RFC compliance, but not (apparently) for interoperability.
2008.05.13 A security bug in OpenSSL on Debian or Ubuntu systems may affect FreeRADIUS on those systems. We recommend that everyone using Debian or Ubuntu upgrade their OpenSSL packages immediately. Any certificates created on those systems since 2006 should also be re-generated.
2008.03.05 FreeRADIUS Client Version 1.1.6 (sig) has been released. The focus of this release is stability.
- Added dead_time functionality / configuration.
- Merge in fixes and enhancements from 'radiusclient-ng'.
- Improved functionality for embedded operation. In use in FreeSWITCH and OpenSER projects.
- Wrap gethostby*() family of calls with threadsafe variants.
- Change UINT4 to uint32_t, int to size_t, etc.
- Fixed wrong usage of strncat function in several places.
2007.12.01 - A Development Roadmap is announced
As part of the continued growth of the server, we are actively looking for sponsors for new features. New projects include support for WiMAX, 3GPP2, Change of Authorization (CoA), Windows ports, etc.