Accepting request 597707 from home:stroeder:branches:network

update to 3.0.17

OBS-URL: https://build.opensuse.org/request/show/597707
OBS-URL: https://build.opensuse.org/package/show/network/freeradius-server?expand=0&rev=108

freeradius-server-3.0.16.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:120cb1b75b434f8a2a9f9813da6df99ab92b8e6e24980353f314b04f517e0d84
-size 3054887

freeradius-server-3.0.17.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3f03404b6e4a4f410e1f15ea2ababfec7f8a7ae8a49836d8a0c137436d913b96
+size 3075724

freeradius-server.changes

@@ -1,3 +1,45 @@
+-------------------------------------------------------------------
+Tue Apr 17 22:00:15 UTC 2018 - michael@stroeder.com
+
+- update to 3.0.17
+
+Feature Improvements
+* Add CURLOPT_CAINFO. Patch from Nicolas C #2167.
+* "stats home server" now supports "src IPADDR", to specify home server also by source IP. Fixes #2169.
+* Add Dockerfiles for a selection of common systems.
+* Increase number of permitted file descriptors, for systems with many home servers.
+* Add TLS-Client-Cert-X509v3-Extended-Key-Usage-OIDs Patch from Isaac Boukris. Fixes #2205.
+* Update main READMEs. Patches from Matthew Newton.
+* Added dictionary.mimosa.
+
+Bug Fixes
+* Don't call post-proxy twice when proxying to a virtual server. Matthew Newton, #2161.
+* Use "raw" string value for shared secrets and dynamic clients It now parses strings with backslashes and "special characters" correctly. Fixes #2168.
+* Fix RuntimeDirectory for RedHat, from Alan Buxey.
+* Relax checks in 'if' parser from Isaac Bourkis.
+* Minor cleanups for %{debug_attr:&request} from Isaac Boukris.
+* Be more aggressive about cleaning up cached certificate attributes, due to deficiencies in OpenSSL. Reported by Nicolas Reich.
+* Be more accepting when parsing IPv6 addresses. Bug noted by Klara Mall.
+* Fix double free in rlm_sql. Fixes #2180.
+* rlm_detail now writes empty Access-Accept packets.
+* rlm_python can now create tagged attributes.
+* Don't crash on duplicate realm + authhost / accthost Bug found by Richard Palmer.
+* Allow partial certificate chain to trusted CA. Fixes #2162.
+* Treat SSL_read() returning zero as error. Fixes #2164.
+* detail writer now checks if the file was renamed or deleted.
+* Add User-Name to Access-Accept if EAP-Message exists, not Stripped-User-Name.
+* RedHat Systemd updates. Fixes #2184.
+* Use correct API for State variable in rlm_securid.
+* Remove broken radclient option "-i".
+* Fix "users" file (and hints, etc). So that it does not get confused about entry ordering with multiple $INCLUDEs.
+* Fix rlm_sql to expand the un-escaped string, not the raw string.
+* Link default and inner-tunnel only if they exist. Fixes #2206.
+* Don't use both IP_PKTINFO and IP_SENDSRCADDR.
+* Always install signal handler for SIGINT (needed by Docker).
+* Fix intermediate CA flow for OCSP. Fixes #2160 Intermediate certs which are not self-signed will now be checked.
+* sqlippool now returns "fail" if it fails IP allocation.
+* Fix rlm_yubikey to look for correct attribute in replay attack check.
+
 -------------------------------------------------------------------
 Thu Jan 11 23:15:49 UTC 2018 - michael@stroeder.com
 

freeradius-server.spec

@@ -20,7 +20,7 @@
 %define apxs2 apxs2-prefork
 %define apache2_sysconfdir %(%{_sbindir}/%{apxs2} -q SYSCONFDIR)
 Name:           freeradius-server
-Version:        3.0.16
+Version:        3.0.17
 Release:        0
 
 %if 0%{?suse_version} > 1140