release 3.2.3

diff --git a/debian/changelog b/debian/changelog
index 1638a863c06b40c79a1248aaf60481ca318f6f54..c5600dc09accc30eddbbcd7376362a1fd29be58b 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,7 +2,7 @@ freeradius (3.2.3+git) unstable; urgency=medium
 
   * New upstream version.
 
- -- Alan DeKok <aland@freeradius.org>  Thu, 16 Feb 2023 12:00:00 -0500
+ -- Alan DeKok <aland@freeradius.org>  Fri, 26 May 2023 12:00:00 -0500
 
 freeradius (3.2.2+git) unstable; urgency=medium
 

diff --git a/doc/ChangeLog b/doc/ChangeLog
index b140dfeefaf14de7a30fce6a03ddd44f24301a7f..6b7006eaf090d097fa6751c7c6c71e173c477c22 100644 (file)
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -1,18 +1,19 @@
-FreeRADIUS 3.2.3 Thu 16 Feb 2023 12:00:00 EDT urgency=low
+FreeRADIUS 3.2.3 Fri 26 May 2023 12:00:00 EDT urgency=low
        Configuration changes
-       * The rlm_ldap and rlm_sql modules now have a "max_retries"
-         configuration item in the pool section.  This sets a
-         limit on how many times an operation will be retried
-         if it fails indicating a connection issue.
-       * Added "check_crl" configuration to rlm_ldap.  This only works with
-         OpenSSL.  Many Linux distributions use other TLS libraries, which
-         won't work.
+       * The rlm_ldap and rlm_sql modules now have a "max_retries" configuration
+         item in the pool section.  This sets a limit on how many times an operation
+         will be retried if it fails indicating a connection issue.
+       * Added "check_crl" configuration to rlm_ldap.  This only works with OpenSSL.
+         Many Linux distributions use other TLS libraries, which won't work.
        * Note that rlm_ldap does not support "-=" operators.  The documentation
          disagreed with the code, so we fixed the documentation.
+       * If checkrad is called from SQL Simultaneous-Use checks it will now be
+         passed NAS-Port-Id (as stored in the database), rather than NAS-Port.
 
        Feature improvements
        * Add "max_retries" for connection pools. Fixes #4908. Patch from Nick Porter.
-       * Update dictionary.wifialliance and dictionary.ciena; add dictionary.eleven.
+       * Update dictionary.ciena, dictionary.huawei, dictionary.wifialliance and
+         dictionary.wispr; add dictionary.eleven.
        * You can now list "eap" in the "pre-proxy" section.  If the packet
          contains a malformed EAP message, then the request will be rejected.
          The home server will either reject (or discard) this packet anyways,
@@ -25,6 +26,10 @@ FreeRADIUS 3.2.3 Thu 16 Feb 2023 12:00:00 EDT urgency=low
        * More TLS debugging output
        * Clear old module instance data before HUP reload. Avoids burst memory use
          when e.g. using large data files with rlm_files. Patch from Nick Porter.
+       * `rlm_cache_redis` is now included in the freeradius-redis packages.
+       * Separate out python2/python3 in Debian Packages. Previously python 2 or 3
+         was built depending on the system default which led to confusion. We now build
+         both freeradius-python2 and freeradius-python3 packages where possible.
 
        Bug fixes
        * Don't leak MD contexts with OpenSSL 3.0.
@@ -45,6 +50,8 @@ FreeRADIUS 3.2.3 Thu 16 Feb 2023 12:00:00 EDT urgency=low
        * Force correct packet type when running Post-Auth-Type. Helps with #4980
        * Fix small leak in Client-Lost code. Patch from Terry Burton. PR #4996
        * Fix TCP socket statistics. Closes #4990
+       * Use NAS-Port-Id instead of NAS-Port during SQL simultaneous-use
+         checks. Helps with #5010
 
 FreeRADIUS 3.2.2 Thu 16 Feb 2023 12:00:00 EDT urgency=low
        Configuration changes