[packages/hitch] new, version 1.0.0-beta4

glen glen at pld-linux.org
Thu Aug 6 11:11:48 CEST 2015 

commit 4a38419bf1cea89d6a265742922a7d99f27014a1
Author: Elan Ruusamäe <glen at delfi.ee>
Date:   Thu Aug 6 12:10:23 2015 +0300

    new, version 1.0.0-beta4
    
    based on fedora package cdfd9fa

 hitch-1.0.0-beta4.syslog.patch                 |  21 ++++
 hitch.clean_test_processes.patch               |  46 +++++++++
 hitch.initrc.redhat.patch                      | 130 +++++++++++++++++++++++++
 hitch.spec                                     | 124 +++++++++++++++++++++++
 hitch.systemd.service.patch                    |  36 +++++++
 hitch.test07_missing_curl_resolve_on_el6.patch |  10 ++
 6 files changed, 367 insertions(+)
---
diff --git a/hitch.spec b/hitch.spec
new file mode 100644
index 0000000..7e40308
--- /dev/null
+++ b/hitch.spec
@@ -0,0 +1,124 @@
+#
+# Conditional build:
+%bcond_with	tests		# run tests. needs internet connection
+
+%define	commit		b1ee595d7803dbdd403b554eb4ec0416d00efeb3
+%define	shortcommit	%(c=%{commit}; echo ${c:0:7})
+
+Summary:	Network proxy that terminates TLS/SSL connections
+Name:		hitch
+Version:	1.0.0
+Release:	0.4.3.beta4
+License:	BSD
+Group:		Daemons
+Source0:	https://github.com/varnish/hitch/archive/%{commit}/%{name}-%{commit}.tar.gz
+# Source0-md5:	05184c997ddf1d167ae15adfbc9195e5
+Patch0:		%{name}.systemd.service.patch
+Patch1:		%{name}.initrc.redhat.patch
+Patch3:		%{name}.clean_test_processes.patch
+Patch4:		%{name}.test07_missing_curl_resolve_on_el6.patch
+Patch5:		%{name}-1.0.0-beta4.syslog.patch
+URL:		https://github.com/varnish/hitch
+BuildRequires:	libev-devel
+BuildRequires:	libtool
+BuildRequires:	openssl
+BuildRequires:	openssl-devel
+BuildRequires:	rpmbuild(macros) >= 1.647
+Requires(post,preun):	/sbin/chkconfig
+Requires(post,preun,postun):	systemd-units >= 38
+Requires:	rc-scripts
+Requires:	systemd-units >= 0.38
+BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+
+%define		hitch_user		hitch
+%define		hitch_group		hitch
+%define		hitch_homedir	%{_localstatedir}/lib/hitch
+%define		hitch_confdir	%{_sysconfdir}/%{name}
+%define		hitch_datadir	%{_datadir}/hitch
+
+%description
+hitch is a network proxy that terminates TLS/SSL connections and
+forwards the unencrypted traffic to some backend. It is designed to
+handle 10s of thousands of connections efficiently on multicore
+machines.
+
+%prep
+%setup -qn %{name}-%{commit}
+%patch0
+%patch1
+%patch3
+%patch4
+%patch5 -p1
+
+%build
+./bootstrap
+CFLAGS="%{rpmcflags} -fPIE"
+LDFLAGS="-pie"
+CPPFLAGS="-I%{_includedir}/libev"
+%configure
+%{__make}
+sed -i 's/nogroup/nobody/g' tests/configs/test08*.cfg
+
+%if %{with tests}
+cd tests; ./runtests
+%endif
+
+%install
+rm -rf $RPM_BUILD_ROOT
+%{__make} install \
+	DESTDIR=$RPM_BUILD_ROOT
+
+$RPM_BUILD_ROOT%{_sbindir}/hitch-openssl --default-config | sed '
+	s/user = ""/user = "%{hitch_user}"/g;
+	s/group = ""/group = "%{hitch_group}"/g;
+	s/backend = "\[127.0.0.1\]:8000"/backend = "[127.0.0.1]:6081"/g;
+	s/syslog = off/syslog = on/g;
+	' > hitch.conf
+	sed -i 's/daemon = off/daemon = on/g;' hitch.conf
+
+install -p -D hitch.conf $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/hitch.conf
+install -d $RPM_BUILD_ROOT%{hitch_homedir}
+install -d $RPM_BUILD_ROOT%{hitch_datadir}
+install -p -D hitch.service $RPM_BUILD_ROOT%{systemdunitdir}/hitch.service
+install -p -D hitch.tmpfilesd.conf $RPM_BUILD_ROOT%{systemdtmpfilesdir}/hitch.conf
+install -p -D hitch.initrc.redhat $RPM_BUILD_ROOT%{_initrddir}/hitch
+install -d $RPM_BUILD_ROOT%{_localstatedir}/run/hitch
+touch $RPM_BUILD_ROOT%{_localstatedir}/run/hitch/hitch.pid
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%if 0
+# TODO: register uid/gid
+%pre
+%groupadd -r %{hitch_group}
+%useradd -r -g %{hitch_group} -s /sbin/nologin -d %{hitch_homedir} %{hitch_user}
+%endif
+
+%post
+%systemd_post hitch.service
+%tmpfiles_create %{systemdtmpfilesdir}/hitch.conf
+/sbin/chkconfig --add hitch
+%service hitch restart
+
+%preun
+%systemd_preun hitch.service
+%service hitch stop
+/sbin/chkconfig --del hitch
+
+%postun
+%systemd_postun_with_restart hitch.service
+
+%files
+%defattr(644,root,root,755)
+%doc README.md LICENSE
+%dir %{_sysconfdir}/%{name}
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/hitch.conf
+%attr(754,root,root) /etc/rc.d/init.d/hitch
+%attr(755,root,root) %{_sbindir}/hitch-openssl
+%{_mandir}/man8/hitch.8*
+%{systemdunitdir}/hitch.service
+%{systemdtmpfilesdir}/hitch.conf
+%define	no_install_post_check_tmpfiles 1
+%attr(755,hitch,hitch) %dir %{_localstatedir}/run/hitch
+%attr(644,hitch,hitch) %ghost %verify(not md5 mtime size)  %{_localstatedir}/run/hitch/hitch.pid
diff --git a/hitch-1.0.0-beta4.syslog.patch b/hitch-1.0.0-beta4.syslog.patch
new file mode 100644
index 0000000..ee25003
--- /dev/null
+++ b/hitch-1.0.0-beta4.syslog.patch
@@ -0,0 +1,21 @@
+# Fixes a segfault added in upstream , see upstream bug #37
+diff --git a/src/hitch.c b/src/hitch.c
+index c109012..eed2654 100644
+--- a/src/hitch.c
++++ b/src/hitch.c
+@@ -266,6 +266,7 @@ VWLOG(int level, const char *fmt, va_list ap)
+ 	int n;
+ 	va_list ap1;
+ 
++	va_copy(ap1, ap);
+ 	if (CONFIG->SYSLOG) {
+ 		vsyslog(level, fmt, ap);
+ 	}
+@@ -293,7 +294,6 @@ VWLOG(int level, const char *fmt, va_list ap)
+ 	n = strftime(buf, sizeof(buf), "%Y%m%dT%H%M%S", &tm);
+ 	snprintf(buf + n, sizeof(buf) - n, ".%06d [%5d] %s",
+ 	    (int) tv.tv_usec, getpid(), fmt);
+-	va_copy(ap1, ap);
+ 	vfprintf(logf, buf, ap1);
+ 	va_end(ap1);
+ }
diff --git a/hitch.clean_test_processes.patch b/hitch.clean_test_processes.patch
new file mode 100644
index 0000000..b55f0c7
--- /dev/null
+++ b/hitch.clean_test_processes.patch
@@ -0,0 +1,46 @@
+# Fixes a bug in the test suite that leaves running processes behind
+
+diff -Nur tests.orig/common.sh tests/common.sh
+--- tests.orig/common.sh	2015-06-18 12:01:42.000000000 +0200
++++ tests/common.sh	2015-06-25 11:42:43.073934674 +0200
+@@ -7,13 +7,14 @@
+ PIDFILE="$(mktemp -u)"
+ CONFFILE="$(mktemp -u)"
+ DUMPFILE="$(mktemp -u)"
++SESSFILE="$(mktemp)"
+ 
+ HITCH=../src/hitch-openssl
+ HITCH_ARGS="--pidfile=$PIDFILE --daemon --quiet"
+ 
+ cleanup() {
+         test -s $PIDFILE && kill `cat "$PIDFILE"`
+-        rm -f "$PIDFILE" "$CONFFILE" "$DUMPFILE" 2>/dev/null
++        rm -f "$PIDFILE" "$CONFFILE" "$DUMPFILE" "$SESSFILE" 2>/dev/null
+ }
+ trap cleanup EXIT
+ 
+diff -Nur tests.orig/test06-ticket-resume tests/test06-ticket-resume
+--- tests.orig/test06-ticket-resume	2015-06-25 11:33:22.324599585 +0200
++++ tests/test06-ticket-resume	2015-06-25 11:43:13.974677607 +0200
+@@ -5,19 +5,13 @@
+ . common.sh
+ set +o errexit
+ 
+-sessfile=$(mktemp)
+-function rmsess {
+-	rm -f $sessfile
+-}
+-trap rmsess EXIT
+-
+ $HITCH $HITCH_ARGS --backend=[hyse.org]:80 "--frontend=[${LISTENADDR}]:$LISTENPORT" certs/site1.example.com
+ test "$?" = "0" || die "Hitch did not start."
+ 
+-echo -e "\n" | openssl s_client -prexit -sess_out $sessfile -connect $LISTENADDR:$LISTENPORT >/dev/null 2>&1
++echo -e "\n" | openssl s_client -prexit -sess_out $SESSFILE -connect $LISTENADDR:$LISTENPORT >/dev/null 2>&1
+ test "$?" = "0" || die "s_client failed (1)"
+ 
+-echo -e "\n" | openssl s_client -prexit -sess_in $sessfile -connect $LISTENADDR:$LISTENPORT 2>/dev/null > $DUMPFILE
++echo -e "\n" | openssl s_client -prexit -sess_in $SESSFILE -connect $LISTENADDR:$LISTENPORT 2>/dev/null > $DUMPFILE
+ test "$?" = "0" || die "s_client failed (2)"
+ 
+ grep -q -c "Reused, " $DUMPFILE
diff --git a/hitch.initrc.redhat.patch b/hitch.initrc.redhat.patch
new file mode 100644
index 0000000..490f796
--- /dev/null
+++ b/hitch.initrc.redhat.patch
@@ -0,0 +1,130 @@
+diff -Naur ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/hitch.initrc.redhat ./hitch.initrc.redhat
+--- ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/hitch.initrc.redhat	1970-01-01 01:00:00.000000000 +0100
++++ ./hitch.initrc.redhat	2015-06-25 15:23:33.575130324 +0200
+@@ -0,0 +1,126 @@
++#! /bin/sh
++#
++# hitch Control the Hitch daemon
++#
++# chkconfig: - 90 10
++# description: Hitch proxy daemon
++# processname: hitch
++# config: /etc/hitch/hitch.conf
++# pidfile: /var/run/hitch/hitch.pid
++
++### BEGIN INIT INFO
++# Provides: hitch
++# Required-Start: $network $local_fs $remote_fs
++# Required-Stop: $network $local_fs $remote_fs
++# Default-Start:
++# Default-Stop:
++# Short-Description: start and stop hitch
++# Description: Hitch proxy daemon
++### END INIT INFO
++
++# Source function library.
++. /etc/init.d/functions
++
++retval=0
++pidfile="/var/run/hitch/hitch.pid"
++lockfile="/var/lock/subsys/hitch"
++config="/etc/hitch/hitch.conf"
++exec="/usr/sbin/hitch-openssl"
++prog="hitch-openssl"
++
++
++start() {
++
++	if [ ! -x $exec ]
++	then
++		echo $exec not found
++		exit 5
++	fi
++
++	if [ ! -f $config ]
++	then
++		echo $config not found
++		exit 6
++	fi
++
++	echo -n "Starting hitch ssl proxy: "
++
++	daemon $exec "--pidfile=$pidfile --config $config" > /dev/null
++	retval=$?
++	if [ $retval -eq 0 ]
++	then
++		touch $lockfile
++		echo_success
++		echo
++	else
++		echo_failure
++		echo
++	fi
++	return $retval
++}
++
++stop() {
++	echo -n "Stopping Hitch proxy daemon: "
++	killproc -p $pidfile $prog
++	retval=$?
++	echo
++	[ $retval -eq 0 ] && rm -f $lockfile
++	return $retval
++}
++
++restart() {
++	stop
++	start
++}
++
++reload() {
++	restart
++}
++
++force_reload() {
++	restart
++}
++
++rh_status() {
++	status -p $pidfile $prog
++}
++
++rh_status_q() {
++	rh_status >/dev/null 2>&1
++}
++
++# See how we were called.
++case "$1" in
++	start)
++		rh_status_q && exit 0
++		$1
++		;;
++	stop)
++		rh_status_q || exit 0
++		$1
++		;;
++	restart)
++		$1
++		;;
++	reload)
++		rh_status_q || exit 7
++		$1
++		;;
++	force-reload)
++		force_reload
++		;;
++	status)
++		rh_status
++		;;
++	condrestart|try-restart)
++		rh_status_q || exit 0
++		restart
++		;;
++	*)
++	echo "Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
++
++	exit 2
++esac
++
++exit $?
++
diff --git a/hitch.systemd.service.patch b/hitch.systemd.service.patch
new file mode 100644
index 0000000..40b5ec0
--- /dev/null
+++ b/hitch.systemd.service.patch
@@ -0,0 +1,36 @@
+diff -Naur ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/hitch.service ./hitch.service
+--- ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/hitch.service	1970-01-01 01:00:00.000000000 +0100
++++ ./hitch.service	2015-06-25 14:23:07.120277818 +0200
+@@ -0,0 +1,27 @@
++[Unit]
++Description=Network proxy that terminates TLS/SSL connections
++After=syslog.target network.target
++
++[Service]
++
++#
++# If you want to make changes to this file, please copy it to 
++# /etc/systemd/system/hitch.service and make your changes there.
++# This will override the file kept at /lib/systemd/system/hitch.service
++#
++# Configuration may be done in /etc/hitch/hitch.params
++#
++
++PIDFile=/run/hitch/hitch.pid
++
++# Maximum size of the corefile. 
++LimitCORE=infinity
++
++Type=simple
++PrivateTmp=true
++ExecStart=/usr/sbin/hitch-openssl --pidfile=/run/hitch/hitch.pid --config=/etc/hitch/hitch.conf
++
++
++[Install]
++WantedBy=multi-user.target
++
+diff -Naur ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/hitch.tmpfilesd.conf ./hitch.tmpfilesd.conf
+--- ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/hitch.tmpfilesd.conf	1970-01-01 01:00:00.000000000 +0100
++++ ./hitch.tmpfilesd.conf	2015-06-25 14:44:15.785888764 +0200
+@@ -0,0 +1 @@
++d /run/hitch 0755 hitch hitch -
diff --git a/hitch.test07_missing_curl_resolve_on_el6.patch b/hitch.test07_missing_curl_resolve_on_el6.patch
new file mode 100644
index 0000000..8a53c20
--- /dev/null
+++ b/hitch.test07_missing_curl_resolve_on_el6.patch
@@ -0,0 +1,10 @@
+diff -Nur ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/tests/test07-nomatch-abort ./tests/test07-nomatch-abort
+--- ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/tests/test07-nomatch-abort	2015-06-18 12:01:42.000000000 +0200
++++ ./tests/test07-nomatch-abort	2015-06-25 16:54:31.635809295 +0200
+@@ -30,5 +30,4 @@
+ grep -q -c "unrecognized name" $DUMPFILE
+ test "$?" = "0" || die "Expected 'unrecognized name' error."
+ 
+-CURL_EXTRA="--resolve site1.example.com:$LISTENPORT:127.0.0.1"
+-runcurl site1.example.com $LISTENPORT
++(echo -e 'GET / HTTP/1.0\nHost: site1.example.com\n'; sleep 1) | openssl s_client -connect $LISTENADDR:$LISTENPORT > $DUMPFILE 2>&1
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/hitch.git/commitdiff/4a38419bf1cea89d6a265742922a7d99f27014a1

More information about the pld-cvs-commit mailing list