2016-11-12T14:18:30-05:00- [FEATURE] Add KRB5CCache::changePassword kpasswd method - [FEATURE] Add KADM5 API version 3 support (password failure policy) - [BUG] properly mark shared globals external (fixes LLVM build) - [BUG] Fix unterminated string copy memory corruption in negotiate_auth - [BUG] properly free credentails in negotiate_auth (fixes rcache leaks) - [BUG] fix _add_assoc_string string length (fixes extra null bytes in some arrays) - [BUG] fix PHP7 crash due to wrong addrlist zval declaration
2016-07-16T14:47:14-05:00- [FEATURE] PHP7 compatibility - [FEATURE] Support getting/setting TL_DATA in KADM - [BUG] Fix GSSAPI->acquireCredentials behaviour, now defaults to GSS_C_INITIATE if only a ccache is available eagerly initialize credentials when no principal is specified (use ccache default principal) - [BUG] Fix a couple of memory leaks, add a few more sanity checks
2016-02-15T15:13:31-05:00- Add PHP 7.0 support. (Adam) - Drop support for PHP < 5.3.
2016-02-15T15:01:39-05:00- Fixed bug #65156 (Please provide LICENSE file). (Adam) - Fixed bug #65378 (radius.c:706: error: too many arguments to function ‘rad_salt_value’). (Adam) - Fixed bug #65599 (Fix compiling for VC11 x64). (Jan Ehrhardt)
2014-03-01T11:47:19-05:00- [CLEANUP] Remove bundled kadmin headers, drop support for mit-krb5 <1.8 - [FEATURE] Support use of the krb5-config tool to determine library paths - [CLEANUP] Remove KRB5CCache->setConfig method as this is no longer supported by libraries - [BUG] Fix null-deref in isValid for uninitialized KRB5CCache
2013-07-05T02:11:40-05:00This release adds several new features: - Support for CoA and disconnect packets. - Support for tagged attributes. - Support for salt-encrypted attributes. - Support for Juniper vendor specific attributes. These features are based on code written by Gabriel Blanchard in his fork of PECL radius: https://github.com/gblanchard/pecl-radius. Three new functions have been added to handle these features: - radius_get_tagged_attr_data(string attr) This function returns the data from a tagged attribute. - radius_get_tagged_attr_tag(string attr) This function returns the tag from a tagged attribute. - radius_salt_encrypt_attr(resource radius_handle, string attr) This function salt-encrypts the given attribute. This shouldn't normally need to be called manually, but is available for unusual use cases. Salt encryption is generally achieved through the use of the new RADIUS_OPTION_SALT option. All put functions have been extended to accept an optional options bitfield and an optional tag value, which will be used to tag an attribute if the RADIUS_OPTION_TAGGED option is set. There should be no backward compatibility breaks with this release; however existing users are encouraged to test their code against this release and to report any issues that they find. The next beta is expected in around two weeks from today (approximately July 18, 2013).
2013-06-27T17:18:46-05:00This release fixes a security issue in radius_get_vendor_attr(). It is strongly recommended that users using vendor specific attributes upgrade immediately, with other users encouraged to upgrade when practical. - Fix a security issue in radius_get_vendor_attr() by enforcing checks of the VSA length field against the buffer size. (Adam)
2013-06-20T13:53:05-05:00- Support added for PHP 5.4 and 5.5. (Johannes) - Fixed bug #60885 (Radius module causing Apache segmentation fault). (Adam) - Fixed a crash when calling radius_server_secret() with no servers configured. (Adam)
2009-11-29T05:50:04-05:00Added checkacctmgmt parameter to enable skipping the pam_acct_mgmt() call (which might require root access)
2007-11-28T14:20:34-05:00Added PAM_RHOST param to facilitate RHOST auth (using $_SERVER['REMOTE_ADDR'])