Update to FreeRADIUS 2.1.4.

This patch has been ready for a little while, but I was holding
back in the hope that the overdue FreeRADIUS 2.1.5 would be
released, fixing a few problems. With the imminent ports freeze, I
am submitting this patch now.


FreeBSD notes
=============

Mark MAKE_JOBS_UNSAFE.

Patch raddb/certs/Makefile for the full path to the openssl binary
(so that ports OpenSSL is used to bootstrap the server if it is
installed).

Use the pkg-install mechanism to update the libdir line in
radiusd.conf automatically.


In this version of FreeRADIUS, it appears that radmin is broken on
FreeBSD if you have gid (and/or uid, presumably) set in
raddb/sites-available/control-socket. In this event, the call to
getpeereid(3) in line 2096 of src/main/command.c fails with
ENOTCONN, radiusd segfaults and radmin goes into a loop using 100%
CPU time on one core. I hope to look further into this, but that
is a low priority task for me. If you are affected, you'll have to
unset uid and gid in raddb/sites-available/control-socket and rely
purely on the file permissions of /var/run/radiusd/radiusd.sock
for security. In any event, radmin is not for production use - see
the warnings on the man page for radmin(1).


This really is version 2.1.4 - VERSION is mistakenly set to 2.1.5
(see http://preview.tinyurl.com/dcnbsz for more details).


Release notes
=============

Feature improvements

* Permit multiple "-e" in radmin.
* Add support for originating CoA-Request and Disconnect-Request.
  See raddb/sites-available/originate-coa.
* Added "lifetime" and "max_queries" to raddb/sql.conf.
  This helps address the problem of hung SQL sockets.
* Allow packets to be injected via radmin.  See "inject help"
  in radmin.
* Answer VMPS reconfirmation request.  Patch from Hermann Lauer.
* Sample logrotate script in scripts/logrotate.freeradius
* Add configurable poll interval for "detail" listeners
* New "raddebug" command.  This prints debugging information from
  a running server.  See "man raddebug.
* Add "require_message_authenticator" configuration to home_server
  configuration.  This makes the server add Message-Authenticator
  to all outgoing Access-Request packets.
* Added smsotp module, as contributed by Siemens.
* Enabled the administration socket in the default install.
  See raddb/sites-available/control-socket, and "man radmin"
* Handle duplicate clients, such as with replicated or
  load-balanced SQL servers and "readclients = yes"


Bug fixes

* Clean up control sockets when they are closed, so that we don't
  leak memory.
* Define SUN_LEN for systems that don't have it.
* Correct some boundary conditions in the conditional checker ("if")
  in "unlang".  Bug noted by Arran Cudbard-Bell.
* Work around minor building issues in gmake.  This should only
  have affected developers.
* Change how we manage unprivileged user/group, so that we do not
  create control sockets owned by root.
* Fixed more minor issues found by Coverity.
* Allow raddb/certs/bootstrap to run when there is no "make"
  command installed.
* In radiusd.conf, run_dir depends on the name of the program,
  and isn't hard-coded to "..../radiusd"
* Check for EOF in more places in the "detail" file reader.
* Added Freeswitch dictionary.
* Chop ethernet frames in VMPS, rather than droppping packets.
* Fix EAP-TLS bug.  Patch from Arnaud Ebalard
* Don't lose string for regex-compares in the "users" file.
* Expose more functions in rlm_sql to rlm_sqlippool, which
  helps on systems where RTLD_GLOBAL is off.
* Fix typos in MySQL schemas for ippools.
* Remove macro that was causing build issues on some platforms.
* Fixed issues with dead home servers.  Bug noted by Chris Moules.
* Fixed "access after free" with some dynamic clients.

INSTRUCTIONS
============

No files have been been deleted.

files/patch-version and files/patch-bootstrap have been added.

Fix: Patch attached with submission follows: