Press Releases

December 18, 2007 - RFC 5080 has been issued.

After a long wait, RFC 5080 has been issued, with the title Common RADIUS Implementation Issues and Suggested Fixes. FreeRADIUS has contributed heavily to this document, as Alan DeKok (Project Leader), is a co-author. In Section 2.1.2, the document describes a way of handling EAP sessions that was first developed in FreeRADIUS. In addition to the document standardizing this method, all RADIUS servers (commercial and open source) have been using this method since FreeRADIUS first developed it.

We are pleased to see the publication of this document. It further defines FreeRADIUS as the industry leading RADIUS server. It also defines FreeRADIUS as the product which is setting the standards followed by the rest of the industry.

December 1, 2007 - A Development Roadmap is announced

As part of the continued growth of the server, we are actively looking for sponsors for new features. New projects include support for WiMAX, 3GPP2, Change of Authorization (CoA), Windows ports, etc.

August 29, 2007 - FreeRADIUS 2.0.0-pre2 has been released.

This is the second "pre" release of what will become version 2.0.0 of the FreeRADIUS server. Please download it and test it, to ensure that any issues are caught before the final 2.0.0 release. The notable changes between 2.0.0-pre1 and 2.0.0-pre2 are:

  • There is a new policy "language" that makes it trivial to implement almost every policy. See man unlang for comprehensive documentation.
  • radrelay functionality has been improved. You can now limit the rate at which new requests are read from the detail file. Please test and comment on any issues you see.
  • Virtual server support (like Apache). See raddb/sites-available and raddb/sites-enabled
    • Multiple virtual servers may be configured. Each one can have local policies that do not affect any other virtual servers.
    • An IP address / port can be statically tied to one virtual server.
    • An IP address / port can be dynamically directed to a virtual server
    • Inner tunnel EAP sessions can be statically tied to one one virtual server.
    • Inner tunnel EAP sessions can be dynamically directed to a virtual server.
    • Each virtual server can have its own, private, list of clients.
    • One client can be listed in multiple virtual servers, possibly with a different shared secret for each server.
  • The biggest change from earlier versions of FreeRADIUS is that at least one default virtual server must be used. If you are upgrading from a previous version of FreeRADIUS, this change can be done by editing radiusd.conf, and wrapping all of the authorize, authenticate, etc. sections in one server block, as follows:
        server {	# line to add
      	authorize {
      		...
      	}
      	authenticate {
      		...
      	}
      	accounting {
      		...
      	}
      	...
      	post-proxy {
      		...
      	}
        }  		# matching line to add
      

    If this change is not made, the server will not start.

  • The changes from 1.x to 2.0.0-pre1 are outlined below in the 2.0.0-pre1 release announcement.
  • There are a few known issues with 2.0.0-pre2 that should be fixed before the final 2.0.0 release. These issues are:
    • HUP handling still doesn't work well. A proposal to use RTA was posted to the mailing list. Please comment if you have any opinions.

July 25, 2007 - Version 1.1.7 has been released.

The focus of this release is stability. A number of bugs that found in 1.1.6 have been fixed. Some features have been added, including support for stored procedures in MySQL.

May 16, 2007 - FreeRADIUS 2.0.0-pre1 has been released..

This is the first "pre" release of what will become version 2.0.0 of the FreeRADIUS server. Please download it and test it, to ensure that any issues are caught before the final 2.0.0 release.

It has been almost three years since 1.0.0 was released, and it's high time for the release of the next major version of the server. The notable changes between 1.x and 2.x are:

  • Debugging mode is much clearer and easier to read.
  • EAP-TLS and OpenSSL certificates "just work". See raddb/certs/README for details.
  • Proxying works much better than in 1.x. We mean much better. See proxy.conf for details.
  • rlm_unix no longer has an "authenticate" section. See "man rlm_unix" for details.
  • The server has full support for IPv6.
  • The server has much more complete support for SNMP MIBs.
  • "listen" sections can have per-socket clients.
  • Replaced "radrelay" and "radsqlrelay". See "man radrelay.conf" for details.
  • Post-Proxy-Type "Fail" section is executed when a home server fails to respond to a request. See "radiusd.conf" for details.
  • Configuration files CANNOT be copied directly from 1.x. Some may work, most will require careful porting.

There are a few known issues with 2.0.0-pre1 that will be fixed before the final 2.0.0 release. These issues are:

  • HUP handling still isn't correct. Almost anything may happen on HUP.
  • The "radrelay" integration into the server is not yet finalized
    Reading the detail files will work, mostly.

May 14, 2007 - The OpenSEA Alliance has been announced.

A number of industry vendors are working to create a commercial organization behind an Open Source supplicant. We suspect that the supplicant will work well with a popular RADIUS server.

April 16, 2007 - PAM Module version 1.3.17 has been released. Download (PGP Signature).

The number of allowed retries has been increased. A ruser option has been added, to authenticate as PAM_RUSER instead of PAM_USER, to allow applications such as 'su' to authenticate as the real user. Patch from David Mitchell. Also, 'localifdown' option was added, that causes the module to return PAM_IGNORE if there are no live RADIUS servers.

April 12, 2007 - Version 1.1.6 has been released.

The focus of this release is stability. A number of bugs that found in 1.1.5 have been fixed. Almost 30 bugs found by Coverity have been fixed, include a memory leak in the TTLS code.

March 27, 2007 - Critical Open Source Software Projects Receive 6,000 Bug Fixes in First Year of Coverity Scan Site

FreeRADIUS is referenced in Coverity's recent press release.

March 5, 2007 - Version 1.1.5 has been released.

The focus of this release is stability. In addition to a number of minor bugs fixed, the Python module has been updated.

January 4, 2007 - Version 1.1.4 has been released..

The focus of this release is Vista support, and configuration simplification in the rlm_pap module. Please read man rlm_pap for more information.