Accepting request 477604 from home:stroeder:branches:network

update to 3.0.13

OBS-URL: https://build.opensuse.org/request/show/477604
OBS-URL: https://build.opensuse.org/package/show/network/freeradius-server?expand=0&rev=94

freeradius-server-3.0.12.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:fe4e1f52cc2873f6aee2b12b0f03236978e4632f2acf298f834686b240c4183d
-size 3016923

freeradius-server-3.0.13.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:b3be0d8849878c31af0a5375d20b7b20c9d1c1572e89dc3f22992824cefffb84
+size 3031744

freeradius-server-fix-cert-bootstrap.patch

@@ -1,52 +0,0 @@
-Index: freeradius-server-3.0.0/raddb/certs/Makefile
-===================================================================
---- freeradius-server-3.0.0.orig/raddb/certs/Makefile	2013-10-15 18:20:43.563939081 +0200
-+++ freeradius-server-3.0.0/raddb/certs/Makefile	2013-10-15 18:21:35.382475281 +0200
-@@ -51,7 +51,7 @@ dh:
- #  Create a new self-signed CA certificate
- #
- ######################################################################
--ca.key ca.pem: ca.cnf
-+ca.key ca.pem:
- 	@[ -f index.txt ] || $(MAKE) index.txt
- 	@[ -f serial ] || $(MAKE) serial
- 	openssl req -new -x509 -keyout ca.key -out ca.pem \
-@@ -65,7 +65,7 @@ ca.der: ca.pem
- #  Create a new server certificate, signed by the above CA.
- #
- ######################################################################
--server.csr server.key: server.cnf
-+server.csr server.key:
- 	openssl req -new  -out server.csr -keyout server.key -config ./server.cnf
- 
- server.crt: server.csr ca.key ca.pem
-@@ -87,7 +87,7 @@ server.vrfy: ca.pem
- #  certificate.
- #
- ######################################################################
--client.csr client.key: client.cnf
-+client.csr client.key:
- 	openssl req -new  -out client.csr -keyout client.key -config ./client.cnf
- 
- client.crt: client.csr ca.pem ca.key
-Index: freeradius-server-3.0.0/raddb/certs/bootstrap
-===================================================================
---- freeradius-server-3.0.0.orig/raddb/certs/bootstrap	2013-10-15 18:20:43.563939081 +0200
-+++ freeradius-server-3.0.0/raddb/certs/bootstrap	2013-10-15 18:20:45.669960874 +0200
-@@ -21,7 +21,9 @@ make -h > /dev/null 2>&1
- #
- if [ "$?" = "0" ]; then
-   make all
--  exit $?
-+  ret=$?
-+  chgrp radiusd *
-+  exit $ret
- fi
- 
- #
-@@ -80,3 +82,5 @@ fi
- if [ ! -f client.crt ]; then
-   openssl ca -batch -keyfile ca.key -cert ca.pem -in client.csr  -key `grep output_password ca.cnf | sed 's/.*=//;s/^ *//'` -out client.crt -extensions xpclient_ext -extfile xpextensions -config ./client.cnf
- fi
-+
-+chgrp radiusd *

freeradius-server.changes

@@ -1,3 +1,85 @@
+-------------------------------------------------------------------
+Mon Mar  6 23:07:21 UTC 2017 - michael@stroeder.com
+
+- removed obsolete freeradius-server-fix-cert-bootstrap.patch
+  because recent /etc/raddb/certs/bootstrap simply works
+- update to 3.0.13
+
+  Feature improvements
+  * Add dictionary.rfc7930.  Note that we do not implement
+    the RFC.
+  * Added 'cipher_server_preference' to mods-available/eap
+    Patch from #1797.
+  * OpenSSL 1.1.0 compatibility fixes.
+  * rlm_perl: radiusd::xlat to evaluate xlat string
+    within perl script
+  * Allow authentication retry in winbind. Patch from
+    Herwin Weststrate. See raddb/mods-available/mschap.
+  * Added "recv-coa" method to rlm_rest.  It behaves the
+    same as "authorize".
+  * Document Trust Router tr_port option.  Patch from
+    Stefan Paetow.
+  * Update elasticsearch/logstash examples so that they work
+    with elastic stack v5.  Patch from Matthew Newton.
+  * Print information about packets, replies, and contents
+    in the detail file reader.
+  * Update abfab-tr policy.  Pull request #1893
+    from Stefan Paetow.
+  * Reject packets which contain User-Password and
+    EAP-Message.
+  * Add example for filtering Access-Challenge.
+    See sites-enabled/default.
+  * Pull symlink fixes from v4.0.x.  Fixes #1859.
+  * Add systemd reload.  Not everything is reloaded, but
+    some is.  Fixes #1662.
+  * Better documentation for listen "ipaddr".  Fixes #1921
+  * Add dictionary.cnergee, updated dictionary.nomadix.
+  * radclient no longer needs -x to print statistics with -s.
+
+  Bug fixes
+  * Minor typos.  Fixes #1763
+  * Fix typo in RPM build.  Closes #1767.
+  * rlm_mschap check for password expiry only
+    if password was correct.  Fixes #1762.
+  * Update debian build.
+  * update rlm_counter "man" page.  Fixes #1775.
+  * Remove erroneous assert.  Fixes #1778.
+  * fix mschap password change test.  Fixes #1792.
+  * Cleanup config file on data remove.  Fixes #1795.
+  * passwd module returns "notfound" if not found.
+  * Check for old OpenSSL, and don't build rlm_eap_fast
+    if it necessary.  Fixes #1803
+  * Cleanup memory better after ldap version query.
+    Patch from Aleksey Katargin.
+  * Rename lt_* functions to avoid linker issues with
+    libtool.  Fixes #1277
+  * Many miscellaneous fixes and typos.
+  * Allow long strings in %{%{foo} bar:-%{baz} blah".
+    Fixes #1866
+  * Fix filtering operators, along with more documentation and
+    more tests for them.
+  * Fix OpenSSL fixes.  Fixes #1876.
+  * Finish SQL select queries even when SELECT returns no rows.
+    Fixes #1879.
+  * Set Module-Failure-Message for more EAP errors.
+  * Correct typo in dictionary.rfc5580.  Fixes #1882
+  * Remove obselete systemd syslog.target.
+  * Client-Port-Balance load-balancing now uses client port.
+  * Radrelay examples fixed from Alex Clouter.
+  * Update systemd target.  Pull request #1896.
+  * Trim starting whitespace in xlat strings.
+  * Get MySQL result lengths using normal API.
+  * suid down after fchown().  Fixes #1914.
+  * Fix cases of comparing pointer to NUL character.  Fixes #1915.
+  * OpenSSL v1.1 fixes.  Pull request #1921.
+  * Better Handle v4/v6 host names.  Pull request #1919.
+  * Remove "Auth-Type = System" from docs and examples.
+  * Don't crash on malformed %{home_server}.  Fixes #1922
+  * fix erroneous use of talloc destructor in rlm_eap
+  * Issue trigger modules.sql.fail.  Fixes #1923
+  * Document python_path gotcha's.  Fixes #1845
+  * dlopen() the specific version of Python.  Fixes #1592
+
 -------------------------------------------------------------------
 Mon Feb 20 15:27:28 CET 2017 - kukuk@suse.de
 

freeradius-server.spec

@@ -20,7 +20,7 @@
 %define apxs2 apxs2-prefork
 %define apache2_sysconfdir %(%{_sbindir}/%{apxs2} -q SYSCONFDIR)
 Name:           freeradius-server
-Version:        3.0.12
+Version:        3.0.13
 Release:        0
 
 %if 0%{?suse_version} > 1140
@@ -59,7 +59,6 @@ Source2:        freeradius-tmpfiles.conf
 Patch1:         freeradius-server-tmpfiles.patch
 Patch2:         freeradius-server-radiusd-logrotate.patch
 Patch3:         freeradius-server-rcradiusd.patch
-Patch4:         freeradius-server-fix-cert-bootstrap.patch
 Patch5:         freeradius-server-rlm_sql_unixodbc-configure.patch
 Patch6:         freeradius-server-radclient-init-error-buffer.patch
 Patch7:         freeradius-server-opensslversion.patch
@@ -234,7 +233,6 @@ FreeRADIUS plugin providing SQLite support.
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
-%patch4 -p1
 %patch5 -p1
 %patch6 -p1
 %patch7 -p1