--- rpms/smeserver-coova-chilli/contribs7/smeserver-coova-chilli.spec	2008/08/27 13:44:45	1.7
+++ rpms/smeserver-coova-chilli/contribs7/smeserver-coova-chilli.spec	2009/06/11 09:16:08	1.29
@@ -1,12 +1,12 @@
-# $Id: smeserver-coova-chilli.spec,v 1.2 2008/04/15 15:18:07 slords Exp $
+# $Id: smeserver-coova-chilli.spec,v 1.28 2009/05/29 07:25:10 vip-ire Exp $
 # Authority: vip-ire
 # Name: Daniel Berteaud
 
 Summary: Coova-Chilli, a captive portal based on ChilliSpot configured for SME server
 %define name smeserver-coova-chilli
 Name: %{name}
-%define version 0.1
-%define release 2
+%define version 0.2
+%define release 15
 Version: %{version}
 Release: %{release}%{?dist}
 License: GPL
@@ -16,12 +16,33 @@ URL: http://sme.firewall-services.com
 BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
 BuildArchitectures: noarch
 BuildRequires: e-smith-devtools
-Requires: e-smith-release >= 7.0 openssl coova-chilli
-
-Patch1: smeserver-coova-chilli-0.1-bypass_auth_with_squid_fix.patch
-Patch2: smeserver-coova-chilli-0.1-expand_masq_fix.patch
-Patch3: smeserver-coova-chilli-0.1-firewall2db.patch
-Patch4: smeserver-coova-chilli-0.1-loginPageDir.patch
+Requires: e-smith-release >= 7.0 
+Requires: openssl 
+Requires: coova-chilli >= 1.0.13
+Requires: e-smith-radiusd >= 1.0.0-18
+Requires: perl(NetAddr::IP)
+Requires: smeserver-remoteuseraccess
+
+Patch1: smeserver-coova-chilli-0.2-guest_uplink_downlink.patch
+Patch2: smeserver-coova-chilli-0.2-guest_access.patch
+Patch3: smeserver-coova-chilli-0.2-chilli_ip.patch
+Patch4: smeserver-coova-chilli-0.2-radius_timeout.patch
+Patch5: smeserver-coova-chilli-0.2-guest_access2.patch
+Patch6: smeserver-coova-chilli-0.2-template_syntax_error.patch
+Patch7: smeserver-coova-chilli-0.2-httpd_warning.patch
+Patch8:	smeserver-coova-chilli-0.2-tundev.patch
+Patch9: smeserver-coova-chilli-0.2-dhcp_range.patch
+Patch10: smeserver-coova-chilli-0.2-localhost_nas.patch
+Patch11: smeserver-coova-chilli-0.2-localhost_nas2.patch
+Patch12: smeserver-coova-chilli-0.2-squid_template_typo.patch
+Patch13: smeserver-coova-chilli-0.2-typo.patch
+Patch14: smeserver-coova-chilli-0.2-allow_uamallowed.patch
+Patch15: smeserver-coova-chilli-0.2-drop_privileges.patch
+Patch16: smeserver-coova-chilli-0.2-use_sudo.patch
+Patch17: smeserver-coova-chilli-0.2-templates2expand_in_createlinks.patch
+Patch18: smeserver-coova-chilli-0.2-db_noc2c.patch
+Patch19: smeserver-coova-chilli-0.2-remove_space.patch
+Patch20: smeserver-coova-chilli-0.2-fixe_allow_uamallowed.patch
 
 %description
 This package allow you to configure a third interface
@@ -33,6 +54,97 @@ they'll only have web access if they are
 This contrib will only work in server&gateway mode 
 
 %changelog
+* Thu Jun 11 2009 Daniel B. <daniel@firewall-services.com> 0.2-15
+- Fixe a bug in masq template for uamallowed entries
+
+* Thu May 28 2009 Daniel B. <daniel@firewall-services.com> 0.2-14
+- Remove space in hotspot-config.pl template
+
+* Tue May 26 2009 Daniel B. <daniel@firewall-services.com> 0.2-13
+- Add noc2c key (allow to disable the option, but default to enabled)
+
+* Thu Apr 30 2009 Daniel B. <daniel@firewall-services.com> 0.2-12
+- Create a new user coovachilli
+- Add support of new options uid and gid to drop privileges
+- Enabled noc2c (prevent client to client communication)
+- Use sudo to call conup/condown script (as chilli runs under un
+  unprivileged account now)
+- Add smeserver-remoteuseraccess as a dependency (for sudoers metadata templates)
+- move templates2expand in creatlinks script
+
+* Wed Mar 13 2009 Daniel B. <daniel@firewall-services.com> 0.2-11
+- Automatically allow uamallowed entries in the firewall (no need to 
+  explicitly allow it agin in AllowOutgoing)
+
+* Thu Mar 12 2009 Daniel B. <daniel@firewall-services.com> 0.2-10
+- Small typo correction
+
+* Tue Mar 10 2009 Daniel B. <daniel@firewall-services.com> 0.2-9
+- Use allready defined localhost NAS to fixe PPTP problem [SME: 4996]
+  (thanks John K Pruder)
+- fix a typo in squid template
+
+* Sun Mar 07 2009 Daniel B. <daniel@firewall-services.com> 0.2-8
+- Add dhcpstart and dhcpstop db parameters (thanks John K Pruder)
+
+* Sun Mar 07 2009 Daniel B. <daniel@firewall-services.com> 0.2-7
+- Fix tundev template [SME: 5054]
+
+* Thu Sep 18 2008 Daniel B. <daniel@firewall-services.com> 0.2-6
+- Remove warning in httpd.conf file (httpd -t)
+
+* Mon Sep 15 2008 Daniel B. <daniel@firewall-services.com> 0.2-5
+- Fix Syntax Error in /etc/chilli.conf template (25listen) [SME: 4559]
+
+* Mon Sep 08 2008 Daniel B. <daniel@firewall-services.com> 0.2-4
+- Requires perl(NetAddr::IP)
+
+* Fri Sep 5 2008 Daniel B. <daniel@firewall-services.com> 0.2-3
+- Chilli IP computed with NetAddr::IP
+- Radius timeout set to 3 sec
+- syntax error in radius users template fixed (for guest access)
+
+* Thu Sep 3 2008 Daniel B. <daniel@firewall-services.com> 0.2-2
+- Bug fix for guest access
+
+* Tue Sep 2 2008 Daniel B. <daniel@firewall-services.com> 0.2-1
+- uplink and downlink for guest account are configurable via db keys
+
+* Tue Sep 2 2008 Daniel B. <daniel@firewall-services.com> 0.2-0
+- Login page is a CGI, with a server-manager login page look
+- Guest Access can be enabled with guestAccess key (enabled/disabled)
+- merge patchs in main package
+
+* Mon Sep 01 2008 Daniel B. <daniel@firewall-services.com> 0.1-8
+- Fix uamallowed not working (since bypass_auth_with_squid_fix patch)
+- Add WebRequests key (use of squid or direct connexions, default to direct)
+- disable radconf in /etc/chilli/config
+- possible to disable https (enabled by default in AllowedOutgoing)
+- add tcp:static.sourceforge.net:80 in uamallowed so daloradius homepage is displayed correctly
+- add radiustimeout directive so authentication errors display the standard message quickly
+
+* Thu Aug 28 2008 Jonathan Martens <smeserver-contribs@snetram.nl> 0.1-7
+- Reverted moving of default db entries to SPEC file since common practice is to store them in files
+
+* Thu Aug 28 2008 Daniel B. <daniel@firewall-services.com> 0.1-6
+- split uamallowed (one per line)
+- Add dnsparanoia directive
+- correct cmdsock directive
+- initialise default configuration db in the spec file
+
+* Thu Aug 28 2008 Jonathan Martens <smeserver-contribs@snetram.nl> 0.1-5
+- Remove the reset of $OUT from the template
+
+* Thu Aug 28 2008 Daniel B. <daniel@firewall-services.com> 0.1-4
+- Add template to enable auth module unix (replace the template-custom)
+- Copy images to /opt/chilli/template before removing .rpmnew directory
+- Correct dependency (e-smith-radiusd not esmith-radiusd)
+
+* Wed Aug 27 2008 Jonathan Martens <smeserver-contribs@snetram.nl> 0.1-3
+- Split requirements to one per line
+- Removed .rpmnew directory from package
+- Removed the need for templates-custom as package now requires e-smith-radiusd >= 1.0.0-18
+
 * Tue Aug 26 2008 Daniel B. <daniel@firewall-services.com>
 - [0.1-2]
 - Most firewall customizations (for incomming and forwarded traffic from
@@ -55,6 +167,22 @@ This contrib will only work in server&ga
 %patch2 -p1
 %patch3 -p1
 %patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
+%patch9 -p1
+%patch10 -p1
+%patch11 -p1
+%patch12 -p1
+%patch13 -p1
+%patch14 -p1
+%patch15 -p1
+%patch16 -p1
+%patch17 -p1
+%patch18 -p1
+%patch19 -p1
+%patch20 -p1
 
 %build
 /usr/bin/perl createlinks
@@ -64,18 +192,14 @@ This contrib will only work in server&ga
 (cd root   ; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT)
 /bin/rm -f %{name}-%{version}-filelist
 /sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
-	--file /etc/chilli/conup.sh 'attr(0750,root,root)' \
-	--file /etc/chilli/condown.sh 'attr(0750,root,root)' \
-	--file /opt/chilli/hotspotlogin-loginform.php 'config(noreplace)' \
-	--file /opt/chilli/hotspotlogin-nonchilli.php 'config(noreplace)' \
-        --file /opt/chilli/hotspotlogin-nonssl.php 'config(noreplace)' \
-        --file /opt/chilli/hotspotlogin.php 'config(noreplace)' \
-        --file /opt/chilli/lang/en.php 'config(noreplace)' \
-        --file /opt/chilli/lang/fr.php 'config(noreplace)' \
-        --file /opt/chilli/lang/main.php 'config(noreplace)' \
-        --file /opt/chilli/template/loggingin.php 'config(noreplace)' \
-        --file /opt/chilli/template/loginform-footer.php 'config(noreplace)' \
-        --file /opt/chilli/template/loginform-header.php 'config(noreplace)' \
+	--file /etc/chilli/conup.sh 'attr(755,root,root)' \
+	--file /etc/chilli/condown.sh 'attr(750,root,root)' \
+	--file /etc/chilli/call_conup.sh 'attr(755,root,root)' \
+	--file /etc/chilli/call_condown.sh 'attr(755,root,root)' \
+        --file /opt/chilli/cgi-bin/hotspotlogin.cgi 'attr(0750,root,www) %config(noreplace)' \
+        --file /opt/chilli/lang/hotspotlogin.fr.pl 'config(noreplace)' \
+        --file /opt/chilli/lang/hotspotlogin.en.pl 'config(noreplace)' \
+	--file /opt/chilli/css/sme.css 'config(noreplace)' \
 	> %{name}-%{version}-filelist
 
 %files -f %{name}-%{version}-filelist
@@ -84,6 +208,13 @@ This contrib will only work in server&ga
 %clean 
 rm -rf $RPM_BUILD_ROOT
 
+%pre
+if ! /usr/bin/id coovachilli &>/dev/null; then
+        /usr/sbin/useradd -c 'Coova Chilli User' -s /sbin/nologin -r -d /etc/chilli coovachilli &>/dev/null || \
+                %logmsg "Unexpected error adding user \"coovachilli\". Abort installation."
+fi
+
+
 %preun
 
 if [ $1 == 0 ]; then