--- rpms/smeserver-coova-chilli/contribs7/smeserver-coova-chilli.spec	2008/11/25 16:20:19	1.21
+++ rpms/smeserver-coova-chilli/contribs7/smeserver-coova-chilli.spec	2010/07/29 15:08:58	1.32
@@ -1,4 +1,4 @@
-# $Id: smeserver-coova-chilli.spec,v 1.19 2008/11/06 10:43:17 vip-ire Exp $
+# $Id: smeserver-coova-chilli.spec,v 1.30 2010/04/14 16:38:56 vip-ire Exp $
 # Authority: vip-ire
 # Name: Daniel Berteaud
 
@@ -6,7 +6,7 @@ Summary: Coova-Chilli, a captive portal
 %define name smeserver-coova-chilli
 Name: %{name}
 %define version 0.2
-%define release 6
+%define release 18
 Version: %{version}
 Release: %{release}%{?dist}
 License: GPL
@@ -18,9 +18,10 @@ BuildArchitectures: noarch
 BuildRequires: e-smith-devtools
 Requires: e-smith-release >= 7.0 
 Requires: openssl 
-Requires: coova-chilli
+Requires: coova-chilli >= 1.0.13
 Requires: e-smith-radiusd >= 1.0.0-18
 Requires: perl(NetAddr::IP)
+Requires: smeserver-remoteuseraccess
 
 Patch1: smeserver-coova-chilli-0.2-guest_uplink_downlink.patch
 Patch2: smeserver-coova-chilli-0.2-guest_access.patch
@@ -29,6 +30,28 @@ Patch4: smeserver-coova-chilli-0.2-radiu
 Patch5: smeserver-coova-chilli-0.2-guest_access2.patch
 Patch6: smeserver-coova-chilli-0.2-template_syntax_error.patch
 Patch7: smeserver-coova-chilli-0.2-httpd_warning.patch
+Patch8:	smeserver-coova-chilli-0.2-tundev.patch
+Patch9: smeserver-coova-chilli-0.2-dhcp_range.patch
+Patch10: smeserver-coova-chilli-0.2-localhost_nas.patch
+Patch11: smeserver-coova-chilli-0.2-localhost_nas2.patch
+Patch12: smeserver-coova-chilli-0.2-squid_template_typo.patch
+Patch13: smeserver-coova-chilli-0.2-typo.patch
+Patch14: smeserver-coova-chilli-0.2-allow_uamallowed.patch
+Patch15: smeserver-coova-chilli-0.2-drop_privileges.patch
+Patch16: smeserver-coova-chilli-0.2-use_sudo.patch
+Patch17: smeserver-coova-chilli-0.2-templates2expand_in_createlinks.patch
+Patch18: smeserver-coova-chilli-0.2-db_noc2c.patch
+Patch19: smeserver-coova-chilli-0.2-remove_space.patch
+Patch20: smeserver-coova-chilli-0.2-fixe_allow_uamallowed.patch
+Patch21: smeserver-coova-chilli-0.2-fixe_squid_disabled.patch
+Patch22: smeserver-coova-chilli-0.2-squid_tcpport.patch
+Patch23: smeserver-coova-chilli-0.2-sudo_env.patch
+Patch24: smeserver-coova-chilli-0.2-iptables_insert_position.patch
+Patch25: smeserver-coova-chilli-0.2-transparent_squid.patch
+Patch26: smeserver-coova-chilli-0.2-clean_cgi.patch
+Patch27: smeserver-coova-chilli-0.2-remove_obsolete_php_templates.patch
+Patch28: smeserver-coova-chilli-0.2-add_macallowed_in_db.patch
+Patch29: smeserver-coova-chilli-0.2-add_uamhomepage_in_db.patch
 
 %description
 This package allow you to configure a third interface
@@ -40,11 +63,63 @@ they'll only have web access if they are
 This contrib will only work in server&gateway mode 
 
 %changelog
+* Thu Jul 29 2010 Daniel B. <daniel@firewall-services.com> 0.2-18
+- cleanup CGI login script
+- remove obsolete php templates
+- add macallowed DB key to bypass auth for some mac addresses
+- add uamhomepage DB key
+
+* Mon Jul 19 2010 Daniel B. <daniel@firewall-services.com> 0.2-17
+- Fixes sudo env (bug only in SME8)
+- Uses TCPPort squid key instead of TransparentPort so coova can
+  work with dansguardian
+- insert NAT rule just before the ACCEPT (PREROUTING_FROM_CHILLI)
+- add transparent directive to squid (required for squid => 2.6)
+
+* Wed Apr 14 2010 Daniel B. <daniel@firewall-services.com> 0.2-16
+- Fixe a bug in conup.sh and condown.sh
+
+* Thu Jun 11 2009 Daniel B. <daniel@firewall-services.com> 0.2-15
+- Fixe a bug in masq template for uamallowed entries
+
+* Thu May 28 2009 Daniel B. <daniel@firewall-services.com> 0.2-14
+- Remove space in hotspot-config.pl template
+
+* Tue May 26 2009 Daniel B. <daniel@firewall-services.com> 0.2-13
+- Add noc2c key (allow to disable the option, but default to enabled)
+
+* Thu Apr 30 2009 Daniel B. <daniel@firewall-services.com> 0.2-12
+- Create a new user coovachilli
+- Add support of new options uid and gid to drop privileges
+- Enabled noc2c (prevent client to client communication)
+- Use sudo to call conup/condown script (as chilli runs under un
+  unprivileged account now)
+- Add smeserver-remoteuseraccess as a dependency (for sudoers metadata templates)
+- move templates2expand in creatlinks script
+
+* Wed Mar 13 2009 Daniel B. <daniel@firewall-services.com> 0.2-11
+- Automatically allow uamallowed entries in the firewall (no need to 
+  explicitly allow it agin in AllowOutgoing)
+
+* Thu Mar 12 2009 Daniel B. <daniel@firewall-services.com> 0.2-10
+- Small typo correction
+
+* Tue Mar 10 2009 Daniel B. <daniel@firewall-services.com> 0.2-9
+- Use allready defined localhost NAS to fixe PPTP problem [SME: 4996]
+  (thanks John K Pruder)
+- fix a typo in squid template
+
+* Sun Mar 07 2009 Daniel B. <daniel@firewall-services.com> 0.2-8
+- Add dhcpstart and dhcpstop db parameters (thanks John K Pruder)
+
+* Sun Mar 07 2009 Daniel B. <daniel@firewall-services.com> 0.2-7
+- Fix tundev template [SME: 5054]
+
 * Thu Sep 18 2008 Daniel B. <daniel@firewall-services.com> 0.2-6
 - Remove warning in httpd.conf file (httpd -t)
 
 * Mon Sep 15 2008 Daniel B. <daniel@firewall-services.com> 0.2-5
-- Fix Syntax Error in /etc/chilli.conf template (25listen) [4559]
+- Fix Syntax Error in /etc/chilli.conf template (25listen) [SME: 4559]
 
 * Mon Sep 08 2008 Daniel B. <daniel@firewall-services.com> 0.2-4
 - Requires perl(NetAddr::IP)
@@ -62,7 +137,7 @@ This contrib will only work in server&ga
 
 * Tue Sep 2 2008 Daniel B. <daniel@firewall-services.com> 0.2-0
 - Login page is a CGI, with a server-manager login page look
-- Guest Access can be enabled with guestAccess key (enabled/isabled)
+- Guest Access can be enabled with guestAccess key (enabled/disabled)
 - merge patchs in main package
 
 * Mon Sep 01 2008 Daniel B. <daniel@firewall-services.com> 0.1-8
@@ -120,6 +195,28 @@ This contrib will only work in server&ga
 %patch5 -p1
 %patch6 -p1
 %patch7 -p1
+%patch8 -p1
+%patch9 -p1
+%patch10 -p1
+%patch11 -p1
+%patch12 -p1
+%patch13 -p1
+%patch14 -p1
+%patch15 -p1
+%patch16 -p1
+%patch17 -p1
+%patch18 -p1
+%patch19 -p1
+%patch20 -p1
+%patch21 -p1
+%patch22 -p1
+%patch23 -p1
+%patch24 -p1
+%patch25 -p1
+%patch26 -p1
+%patch27 -p1
+%patch28 -p1
+%patch29 -p1
 
 %build
 /usr/bin/perl createlinks
@@ -129,8 +226,10 @@ This contrib will only work in server&ga
 (cd root   ; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT)
 /bin/rm -f %{name}-%{version}-filelist
 /sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
-	--file /etc/chilli/conup.sh 'attr(0750,root,root)' \
-	--file /etc/chilli/condown.sh 'attr(0750,root,root)' \
+	--file /etc/chilli/conup.sh 'attr(755,root,root)' \
+	--file /etc/chilli/condown.sh 'attr(750,root,root)' \
+	--file /etc/chilli/call_conup.sh 'attr(755,root,root)' \
+	--file /etc/chilli/call_condown.sh 'attr(755,root,root)' \
         --file /opt/chilli/cgi-bin/hotspotlogin.cgi 'attr(0750,root,www) %config(noreplace)' \
         --file /opt/chilli/lang/hotspotlogin.fr.pl 'config(noreplace)' \
         --file /opt/chilli/lang/hotspotlogin.en.pl 'config(noreplace)' \
@@ -143,6 +242,13 @@ This contrib will only work in server&ga
 %clean 
 rm -rf $RPM_BUILD_ROOT
 
+%pre
+if ! /usr/bin/id coovachilli &>/dev/null; then
+        /usr/sbin/useradd -c 'Coova Chilli User' -s /sbin/nologin -r -d /etc/chilli coovachilli &>/dev/null || \
+                %logmsg "Unexpected error adding user \"coovachilli\". Abort installation."
+fi
+
+
 %preun
 
 if [ $1 == 0 ]; then