0895aa4
%global	commit		00b264b5537986fecfa1013cc27ad3b7b771a646
0895aa4
%global	shortcommit	%(c=%{commit}; echo ${c:0:7})
0895aa4
0895aa4
# Checks may only be ran from a host with internet connection
0895aa4
#% global runcheck	0
0895aa4
0895aa4
%global hitch_user	hitch
0895aa4
%global hitch_group	hitch
0895aa4
%global hitch_homedir	%{_localstatedir}/lib/hitch
0895aa4
%global hitch_confdir	%{_sysconfdir}/hitch
0895aa4
%global hitch_datadir	%{_datadir}/hitch
0895aa4
0895aa4
%global _hardened_build 1
0895aa4
0895aa4
Name:		hitch
0895aa4
Version:	1.0.0
0895aa4
Release:	0.3.4.beta3%{?dist}
0895aa4
Summary:	Network proxy that terminates TLS/SSL connections
0895aa4
0895aa4
Group:		System Environment/Daemons
0895aa4
License:	BSD
0895aa4
URL:		https://github.com/varnish/hitch
0895aa4
Source0:	https://github.com/varnish/%{name}/archive/%{commit}/%{name}-%{commit}.tar.gz
0895aa4
0895aa4
BuildRequires:	libev-devel
0895aa4
BuildRequires:	openssl-devel
0895aa4
BuildRequires:	openssl
0895aa4
BuildRequires:	libtool
0895aa4
Requires:	openssl
0895aa4
0895aa4
Patch0:		hitch.systemd.service.patch
0895aa4
Patch1:		hitch.initrc.redhat.patch
0895aa4
# POS36-C correct revocation order while relinquishing privileges
0895aa4
Patch2:		hitch-1.0.0-beta3.setgroups.patch
0895aa4
# Fixes a bug in the test suite that leaves running processes behind
0895aa4
Patch3:		hitch.clean_test_processes.patch
0895aa4
Patch4:		hitch.test07_missing_curl_resolve_on_el6.patch
0895aa4
0895aa4
%if 0%{?fedora} >= 18 || 0%{?rhel} >= 7
0895aa4
Requires(post): systemd
0895aa4
Requires(preun): systemd
0895aa4
Requires(postun): systemd
0895aa4
BuildRequires: systemd
0895aa4
%else
0895aa4
Requires(preun): initscripts
0895aa4
%endif
0895aa4
0895aa4
%description
0895aa4
hitch is a network proxy that terminates TLS/SSL connections and forwards the
0895aa4
unencrypted traffic to some backend. It is designed to handle 10s of thousands
0895aa4
of connections efficiently on multicore machines.
0895aa4
0895aa4
%prep
0895aa4
%setup -qn %{name}-%{commit}
0895aa4
%patch0
0895aa4
%patch1
0895aa4
%patch2 -p1
0895aa4
%patch3
0895aa4
%if 0%{?rhel} == 6
0895aa4
%patch4
0895aa4
%endif
0895aa4
0895aa4
0895aa4
%build
0895aa4
./bootstrap
0895aa4
0895aa4
%if 0%{?rhel} == 6
0895aa4
CFLAGS="%{optflags} -fPIE"
0895aa4
LDFLAGS=" -pie"
0895aa4
CPPFLAGS=" -I%{_includedir}/libev"
0895aa4
export CFLAGS
0895aa4
export LDFLAGS
0895aa4
export CPPFLAGS
0895aa4
%endif
0895aa4
0895aa4
%configure
0895aa4
make %{?_smp_mflags}
0895aa4
0895aa4
0895aa4
%install
0895aa4
%make_install
0895aa4
%{buildroot}%{_sbindir}/hitch-openssl --default-config | sed '
0895aa4
	s/user = ""/user = "%{hitch_user}"/g;
0895aa4
	s/group = ""/group = "%{hitch_group}"/g;
0895aa4
	s/backend = "\[127.0.0.1\]:8000"/backend = "[127.0.0.1]:6081"/g;
0895aa4
	s/syslog = off/syslog = on/g;
0895aa4
	' > hitch.conf
0895aa4
%if 0%{?rhel} == 6
0895aa4
	sed -i 's/daemon = off/daemon = on/g;' hitch.conf
0895aa4
%endif
0895aa4
install -p -D -m 0644 hitch.conf %{buildroot}%{_sysconfdir}/hitch/hitch.conf
0895aa4
install -d -m 0755 %{buildroot}%{hitch_homedir}
0895aa4
install -d -m 0755 %{buildroot}%{hitch_datadir}
0895aa4
%if 0%{?fedora} >= 18 || 0%{?rhel} >= 7
0895aa4
install -p -D -m 0644 hitch.service %{buildroot}%{_unitdir}/hitch.service
0895aa4
install -p -D -m 0644 hitch.tmpfilesd.conf %{buildroot}%{_tmpfilesdir}/hitch.conf
0895aa4
%else
0895aa4
install -p -D -m 0755 hitch.initrc.redhat %{buildroot}%{_initrddir}/hitch
0895aa4
install -d -m 0755 %{buildroot}%{_localstatedir}/run/hitch
0895aa4
%endif
0895aa4
0895aa4
# check is not enabled by default, as it won't work on the koji builders, 
0895aa4
# nor on machines that can't reach the Internet. 
0895aa4
%check
0895aa4
%if 0%{?runcheck} == 1
0895aa4
cd tests; ./runtests
0895aa4
%endif
0895aa4
0895aa4
%pre
0895aa4
groupadd -r %{hitch_group} &>/dev/null ||:
0895aa4
useradd -r -g %{hitch_group} -s /sbin/nologin -d %{hitch_homedir} %{hitch_user} &>/dev/null ||:
0895aa4
0895aa4
0895aa4
%post
0895aa4
%if 0%{?fedora} >= 18 || 0%{?rhel} >= 7
0895aa4
%systemd_post hitch.service
0895aa4
%tmpfiles_create %{_tmpfilesdir}/hitch.conf
0895aa4
%else
0895aa4
/sbin/chkconfig --add hitch
0895aa4
%endif
0895aa4
0895aa4
%preun
0895aa4
%if 0%{?fedora} >= 18 || 0%{?rhel} >= 7
0895aa4
%systemd_preun hitch.service
0895aa4
%else
0895aa4
/sbin/service hitch stop > /dev/null 2>&1
0895aa4
/sbin/chkconfig --del hitch
0895aa4
%endif
0895aa4
0895aa4
0895aa4
%if 0%{?fedora} >= 18 || 0%{?rhel} >= 7
0895aa4
%postun
0895aa4
%systemd_postun_with_restart hitch.service
0895aa4
%endif
0895aa4
0895aa4
0895aa4
%files
0895aa4
%doc README.md
0895aa4
%if 0%{?rhel} == 6
0895aa4
%doc LICENSE
0895aa4
%else
0895aa4
%license LICENSE
0895aa4
%endif
0895aa4
%{_sbindir}/hitch-openssl
0895aa4
%{_mandir}/man8/hitch.8*
0895aa4
%dir %{_sysconfdir}/hitch
0895aa4
%config(noreplace) %{_sysconfdir}/hitch/hitch.conf
0895aa4
%if 0%{?fedora} >= 18 || 0%{?rhel} >= 7
0895aa4
%{_unitdir}/hitch.service
0895aa4
%{_tmpfilesdir}/hitch.conf
0895aa4
%ghost %verify(not md5 size mtime)  /run/hitch/hitch.pid
0895aa4
0895aa4
%else
0895aa4
%{_initrddir}/hitch
0895aa4
%attr(0755,hitch,hitch) %dir %{_localstatedir}/run/hitch
0895aa4
%attr(0644,hitch,hitch) %ghost %verify(not md5 size mtime)  %{_localstatedir}/run/hitch/hitch.pid
0895aa4
%endif
0895aa4
0895aa4
0895aa4
%changelog
0895aa4
* Sun Jul 19 2015 Ingvar Hagelund <ingvar@redpill-linpro.com> 1.0.0-0.3.4.beta3
0895aa4
- Some more fixes for the fedora package review, ref Cicku
0895aa4
0895aa4
* Thu Jul 16 2015 Ingvar Hagelund <ingvar@redpill-linpro.com> 1.0.0-0.3.3.beta3
0895aa4
- Some more fixes for the fedora package review, ref Jeff Backus
0895aa4
0895aa4
* Fri Jun 26 2015 Ingvar Hagelund <ingvar@redpill-linpro.com> 1.0.0-0.3.2.beta3
0895aa4
- Added _hardened_build macro and PIE on el6
0895aa4
0895aa4
* Thu Jun 25 2015 Ingvar Hagelund <ingvar@redpill-linpro.com> 1.0.0-0.3.1.beta3
0895aa4
- Some fixes for the fedora package review, ref Sören Möller
0895aa4
- Now runs the test suite in check, adding BuildRequire openssl
0895aa4
- Added a patch that fixed missing cleaning running daemons from test suite
0895aa4
- Added a patch that made test07 run on older curl (epel6)
0895aa4
- Package owns /etc/hitch
0895aa4
- Added pidfile to systemd and tmpfiles.d configuration
0895aa4
- Added pidfile to redhat sysv init script
0895aa4
0895aa4
* Wed Jun 10 2015 Ingvar Hagelund <ingvar@redpill-linpro.com> 1.0.0-0.3.beta3
0895aa4
- Initial wrap for fedora
0895aa4