[packages/hitch] new, version 1.0.0-beta4
glen
glen at pld-linux.org
Thu Aug 6 11:11:48 CEST 2015
commit 4a38419bf1cea89d6a265742922a7d99f27014a1
Author: Elan Ruusamäe <glen at delfi.ee>
Date: Thu Aug 6 12:10:23 2015 +0300
new, version 1.0.0-beta4
based on fedora package cdfd9fa
hitch-1.0.0-beta4.syslog.patch | 21 ++++
hitch.clean_test_processes.patch | 46 +++++++++
hitch.initrc.redhat.patch | 130 +++++++++++++++++++++++++
hitch.spec | 124 +++++++++++++++++++++++
hitch.systemd.service.patch | 36 +++++++
hitch.test07_missing_curl_resolve_on_el6.patch | 10 ++
6 files changed, 367 insertions(+)
---
diff --git a/hitch.spec b/hitch.spec
new file mode 100644
index 0000000..7e40308
--- /dev/null
+++ b/hitch.spec
@@ -0,0 +1,124 @@
+#
+# Conditional build:
+%bcond_with tests # run tests. needs internet connection
+
+%define commit b1ee595d7803dbdd403b554eb4ec0416d00efeb3
+%define shortcommit %(c=%{commit}; echo ${c:0:7})
+
+Summary: Network proxy that terminates TLS/SSL connections
+Name: hitch
+Version: 1.0.0
+Release: 0.4.3.beta4
+License: BSD
+Group: Daemons
+Source0: https://github.com/varnish/hitch/archive/%{commit}/%{name}-%{commit}.tar.gz
+# Source0-md5: 05184c997ddf1d167ae15adfbc9195e5
+Patch0: %{name}.systemd.service.patch
+Patch1: %{name}.initrc.redhat.patch
+Patch3: %{name}.clean_test_processes.patch
+Patch4: %{name}.test07_missing_curl_resolve_on_el6.patch
+Patch5: %{name}-1.0.0-beta4.syslog.patch
+URL: https://github.com/varnish/hitch
+BuildRequires: libev-devel
+BuildRequires: libtool
+BuildRequires: openssl
+BuildRequires: openssl-devel
+BuildRequires: rpmbuild(macros) >= 1.647
+Requires(post,preun): /sbin/chkconfig
+Requires(post,preun,postun): systemd-units >= 38
+Requires: rc-scripts
+Requires: systemd-units >= 0.38
+BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+
+%define hitch_user hitch
+%define hitch_group hitch
+%define hitch_homedir %{_localstatedir}/lib/hitch
+%define hitch_confdir %{_sysconfdir}/%{name}
+%define hitch_datadir %{_datadir}/hitch
+
+%description
+hitch is a network proxy that terminates TLS/SSL connections and
+forwards the unencrypted traffic to some backend. It is designed to
+handle 10s of thousands of connections efficiently on multicore
+machines.
+
+%prep
+%setup -qn %{name}-%{commit}
+%patch0
+%patch1
+%patch3
+%patch4
+%patch5 -p1
+
+%build
+./bootstrap
+CFLAGS="%{rpmcflags} -fPIE"
+LDFLAGS="-pie"
+CPPFLAGS="-I%{_includedir}/libev"
+%configure
+%{__make}
+sed -i 's/nogroup/nobody/g' tests/configs/test08*.cfg
+
+%if %{with tests}
+cd tests; ./runtests
+%endif
+
+%install
+rm -rf $RPM_BUILD_ROOT
+%{__make} install \
+ DESTDIR=$RPM_BUILD_ROOT
+
+$RPM_BUILD_ROOT%{_sbindir}/hitch-openssl --default-config | sed '
+ s/user = ""/user = "%{hitch_user}"/g;
+ s/group = ""/group = "%{hitch_group}"/g;
+ s/backend = "\[127.0.0.1\]:8000"/backend = "[127.0.0.1]:6081"/g;
+ s/syslog = off/syslog = on/g;
+ ' > hitch.conf
+ sed -i 's/daemon = off/daemon = on/g;' hitch.conf
+
+install -p -D hitch.conf $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/hitch.conf
+install -d $RPM_BUILD_ROOT%{hitch_homedir}
+install -d $RPM_BUILD_ROOT%{hitch_datadir}
+install -p -D hitch.service $RPM_BUILD_ROOT%{systemdunitdir}/hitch.service
+install -p -D hitch.tmpfilesd.conf $RPM_BUILD_ROOT%{systemdtmpfilesdir}/hitch.conf
+install -p -D hitch.initrc.redhat $RPM_BUILD_ROOT%{_initrddir}/hitch
+install -d $RPM_BUILD_ROOT%{_localstatedir}/run/hitch
+touch $RPM_BUILD_ROOT%{_localstatedir}/run/hitch/hitch.pid
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%if 0
+# TODO: register uid/gid
+%pre
+%groupadd -r %{hitch_group}
+%useradd -r -g %{hitch_group} -s /sbin/nologin -d %{hitch_homedir} %{hitch_user}
+%endif
+
+%post
+%systemd_post hitch.service
+%tmpfiles_create %{systemdtmpfilesdir}/hitch.conf
+/sbin/chkconfig --add hitch
+%service hitch restart
+
+%preun
+%systemd_preun hitch.service
+%service hitch stop
+/sbin/chkconfig --del hitch
+
+%postun
+%systemd_postun_with_restart hitch.service
+
+%files
+%defattr(644,root,root,755)
+%doc README.md LICENSE
+%dir %{_sysconfdir}/%{name}
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/hitch.conf
+%attr(754,root,root) /etc/rc.d/init.d/hitch
+%attr(755,root,root) %{_sbindir}/hitch-openssl
+%{_mandir}/man8/hitch.8*
+%{systemdunitdir}/hitch.service
+%{systemdtmpfilesdir}/hitch.conf
+%define no_install_post_check_tmpfiles 1
+%attr(755,hitch,hitch) %dir %{_localstatedir}/run/hitch
+%attr(644,hitch,hitch) %ghost %verify(not md5 mtime size) %{_localstatedir}/run/hitch/hitch.pid
diff --git a/hitch-1.0.0-beta4.syslog.patch b/hitch-1.0.0-beta4.syslog.patch
new file mode 100644
index 0000000..ee25003
--- /dev/null
+++ b/hitch-1.0.0-beta4.syslog.patch
@@ -0,0 +1,21 @@
+# Fixes a segfault added in upstream , see upstream bug #37
+diff --git a/src/hitch.c b/src/hitch.c
+index c109012..eed2654 100644
+--- a/src/hitch.c
++++ b/src/hitch.c
+@@ -266,6 +266,7 @@ VWLOG(int level, const char *fmt, va_list ap)
+ int n;
+ va_list ap1;
+
++ va_copy(ap1, ap);
+ if (CONFIG->SYSLOG) {
+ vsyslog(level, fmt, ap);
+ }
+@@ -293,7 +294,6 @@ VWLOG(int level, const char *fmt, va_list ap)
+ n = strftime(buf, sizeof(buf), "%Y%m%dT%H%M%S", &tm);
+ snprintf(buf + n, sizeof(buf) - n, ".%06d [%5d] %s",
+ (int) tv.tv_usec, getpid(), fmt);
+- va_copy(ap1, ap);
+ vfprintf(logf, buf, ap1);
+ va_end(ap1);
+ }
diff --git a/hitch.clean_test_processes.patch b/hitch.clean_test_processes.patch
new file mode 100644
index 0000000..b55f0c7
--- /dev/null
+++ b/hitch.clean_test_processes.patch
@@ -0,0 +1,46 @@
+# Fixes a bug in the test suite that leaves running processes behind
+
+diff -Nur tests.orig/common.sh tests/common.sh
+--- tests.orig/common.sh 2015-06-18 12:01:42.000000000 +0200
++++ tests/common.sh 2015-06-25 11:42:43.073934674 +0200
+@@ -7,13 +7,14 @@
+ PIDFILE="$(mktemp -u)"
+ CONFFILE="$(mktemp -u)"
+ DUMPFILE="$(mktemp -u)"
++SESSFILE="$(mktemp)"
+
+ HITCH=../src/hitch-openssl
+ HITCH_ARGS="--pidfile=$PIDFILE --daemon --quiet"
+
+ cleanup() {
+ test -s $PIDFILE && kill `cat "$PIDFILE"`
+- rm -f "$PIDFILE" "$CONFFILE" "$DUMPFILE" 2>/dev/null
++ rm -f "$PIDFILE" "$CONFFILE" "$DUMPFILE" "$SESSFILE" 2>/dev/null
+ }
+ trap cleanup EXIT
+
+diff -Nur tests.orig/test06-ticket-resume tests/test06-ticket-resume
+--- tests.orig/test06-ticket-resume 2015-06-25 11:33:22.324599585 +0200
++++ tests/test06-ticket-resume 2015-06-25 11:43:13.974677607 +0200
+@@ -5,19 +5,13 @@
+ . common.sh
+ set +o errexit
+
+-sessfile=$(mktemp)
+-function rmsess {
+- rm -f $sessfile
+-}
+-trap rmsess EXIT
+-
+ $HITCH $HITCH_ARGS --backend=[hyse.org]:80 "--frontend=[${LISTENADDR}]:$LISTENPORT" certs/site1.example.com
+ test "$?" = "0" || die "Hitch did not start."
+
+-echo -e "\n" | openssl s_client -prexit -sess_out $sessfile -connect $LISTENADDR:$LISTENPORT >/dev/null 2>&1
++echo -e "\n" | openssl s_client -prexit -sess_out $SESSFILE -connect $LISTENADDR:$LISTENPORT >/dev/null 2>&1
+ test "$?" = "0" || die "s_client failed (1)"
+
+-echo -e "\n" | openssl s_client -prexit -sess_in $sessfile -connect $LISTENADDR:$LISTENPORT 2>/dev/null > $DUMPFILE
++echo -e "\n" | openssl s_client -prexit -sess_in $SESSFILE -connect $LISTENADDR:$LISTENPORT 2>/dev/null > $DUMPFILE
+ test "$?" = "0" || die "s_client failed (2)"
+
+ grep -q -c "Reused, " $DUMPFILE
diff --git a/hitch.initrc.redhat.patch b/hitch.initrc.redhat.patch
new file mode 100644
index 0000000..490f796
--- /dev/null
+++ b/hitch.initrc.redhat.patch
@@ -0,0 +1,130 @@
+diff -Naur ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/hitch.initrc.redhat ./hitch.initrc.redhat
+--- ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/hitch.initrc.redhat 1970-01-01 01:00:00.000000000 +0100
++++ ./hitch.initrc.redhat 2015-06-25 15:23:33.575130324 +0200
+@@ -0,0 +1,126 @@
++#! /bin/sh
++#
++# hitch Control the Hitch daemon
++#
++# chkconfig: - 90 10
++# description: Hitch proxy daemon
++# processname: hitch
++# config: /etc/hitch/hitch.conf
++# pidfile: /var/run/hitch/hitch.pid
++
++### BEGIN INIT INFO
++# Provides: hitch
++# Required-Start: $network $local_fs $remote_fs
++# Required-Stop: $network $local_fs $remote_fs
++# Default-Start:
++# Default-Stop:
++# Short-Description: start and stop hitch
++# Description: Hitch proxy daemon
++### END INIT INFO
++
++# Source function library.
++. /etc/init.d/functions
++
++retval=0
++pidfile="/var/run/hitch/hitch.pid"
++lockfile="/var/lock/subsys/hitch"
++config="/etc/hitch/hitch.conf"
++exec="/usr/sbin/hitch-openssl"
++prog="hitch-openssl"
++
++
++start() {
++
++ if [ ! -x $exec ]
++ then
++ echo $exec not found
++ exit 5
++ fi
++
++ if [ ! -f $config ]
++ then
++ echo $config not found
++ exit 6
++ fi
++
++ echo -n "Starting hitch ssl proxy: "
++
++ daemon $exec "--pidfile=$pidfile --config $config" > /dev/null
++ retval=$?
++ if [ $retval -eq 0 ]
++ then
++ touch $lockfile
++ echo_success
++ echo
++ else
++ echo_failure
++ echo
++ fi
++ return $retval
++}
++
++stop() {
++ echo -n "Stopping Hitch proxy daemon: "
++ killproc -p $pidfile $prog
++ retval=$?
++ echo
++ [ $retval -eq 0 ] && rm -f $lockfile
++ return $retval
++}
++
++restart() {
++ stop
++ start
++}
++
++reload() {
++ restart
++}
++
++force_reload() {
++ restart
++}
++
++rh_status() {
++ status -p $pidfile $prog
++}
++
++rh_status_q() {
++ rh_status >/dev/null 2>&1
++}
++
++# See how we were called.
++case "$1" in
++ start)
++ rh_status_q && exit 0
++ $1
++ ;;
++ stop)
++ rh_status_q || exit 0
++ $1
++ ;;
++ restart)
++ $1
++ ;;
++ reload)
++ rh_status_q || exit 7
++ $1
++ ;;
++ force-reload)
++ force_reload
++ ;;
++ status)
++ rh_status
++ ;;
++ condrestart|try-restart)
++ rh_status_q || exit 0
++ restart
++ ;;
++ *)
++ echo "Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
++
++ exit 2
++esac
++
++exit $?
++
diff --git a/hitch.systemd.service.patch b/hitch.systemd.service.patch
new file mode 100644
index 0000000..40b5ec0
--- /dev/null
+++ b/hitch.systemd.service.patch
@@ -0,0 +1,36 @@
+diff -Naur ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/hitch.service ./hitch.service
+--- ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/hitch.service 1970-01-01 01:00:00.000000000 +0100
++++ ./hitch.service 2015-06-25 14:23:07.120277818 +0200
+@@ -0,0 +1,27 @@
++[Unit]
++Description=Network proxy that terminates TLS/SSL connections
++After=syslog.target network.target
++
++[Service]
++
++#
++# If you want to make changes to this file, please copy it to
++# /etc/systemd/system/hitch.service and make your changes there.
++# This will override the file kept at /lib/systemd/system/hitch.service
++#
++# Configuration may be done in /etc/hitch/hitch.params
++#
++
++PIDFile=/run/hitch/hitch.pid
++
++# Maximum size of the corefile.
++LimitCORE=infinity
++
++Type=simple
++PrivateTmp=true
++ExecStart=/usr/sbin/hitch-openssl --pidfile=/run/hitch/hitch.pid --config=/etc/hitch/hitch.conf
++
++
++[Install]
++WantedBy=multi-user.target
++
+diff -Naur ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/hitch.tmpfilesd.conf ./hitch.tmpfilesd.conf
+--- ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/hitch.tmpfilesd.conf 1970-01-01 01:00:00.000000000 +0100
++++ ./hitch.tmpfilesd.conf 2015-06-25 14:44:15.785888764 +0200
+@@ -0,0 +1 @@
++d /run/hitch 0755 hitch hitch -
diff --git a/hitch.test07_missing_curl_resolve_on_el6.patch b/hitch.test07_missing_curl_resolve_on_el6.patch
new file mode 100644
index 0000000..8a53c20
--- /dev/null
+++ b/hitch.test07_missing_curl_resolve_on_el6.patch
@@ -0,0 +1,10 @@
+diff -Nur ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/tests/test07-nomatch-abort ./tests/test07-nomatch-abort
+--- ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/tests/test07-nomatch-abort 2015-06-18 12:01:42.000000000 +0200
++++ ./tests/test07-nomatch-abort 2015-06-25 16:54:31.635809295 +0200
+@@ -30,5 +30,4 @@
+ grep -q -c "unrecognized name" $DUMPFILE
+ test "$?" = "0" || die "Expected 'unrecognized name' error."
+
+-CURL_EXTRA="--resolve site1.example.com:$LISTENPORT:127.0.0.1"
+-runcurl site1.example.com $LISTENPORT
++(echo -e 'GET / HTTP/1.0\nHost: site1.example.com\n'; sleep 1) | openssl s_client -connect $LISTENADDR:$LISTENPORT > $DUMPFILE 2>&1
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/hitch.git/commitdiff/4a38419bf1cea89d6a265742922a7d99f27014a1
More information about the pld-cvs-commit
mailing list