|
|
1a41ea0 |
#% global commit adca8d96fa16de1f2e66717ec2b7c95b772a1204
|
|
|
1a41ea0 |
#% global shortcommit % (c=% {commit}; echo ${c:0:7})
|
|
|
0895aa4 |
|
|
|
0895aa4 |
# Checks may only be ran from a host with internet connection
|
|
|
e266e15 |
#% global runcheck 1
|
|
|
0895aa4 |
|
|
|
0895aa4 |
%global hitch_user hitch
|
|
|
0895aa4 |
%global hitch_group hitch
|
|
|
0895aa4 |
%global hitch_homedir %{_localstatedir}/lib/hitch
|
|
|
0895aa4 |
%global hitch_confdir %{_sysconfdir}/hitch
|
|
|
0895aa4 |
%global hitch_datadir %{_datadir}/hitch
|
|
|
6577e73 |
%{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}}
|
|
|
6577e73 |
|
|
|
0895aa4 |
|
|
|
0895aa4 |
%global _hardened_build 1
|
|
|
0895aa4 |
|
|
|
0895aa4 |
Name: hitch
|
|
|
e266e15 |
Version: 1.2.0
|
|
|
e266e15 |
Release: 1%{?dist}
|
|
|
0895aa4 |
Summary: Network proxy that terminates TLS/SSL connections
|
|
|
0895aa4 |
|
|
|
0895aa4 |
Group: System Environment/Daemons
|
|
|
0895aa4 |
License: BSD
|
|
|
1a41ea0 |
URL: https://hitch-tls.org/
|
|
|
1a41ea0 |
Source0: https://hitch-tls.org/source/%{name}-%{version}.tar.gz
|
|
|
0895aa4 |
|
|
|
0895aa4 |
BuildRequires: libev-devel
|
|
|
0895aa4 |
BuildRequires: openssl-devel
|
|
|
0895aa4 |
BuildRequires: openssl
|
|
|
0895aa4 |
BuildRequires: libtool
|
|
|
0895aa4 |
Requires: openssl
|
|
|
0895aa4 |
|
|
|
0895aa4 |
Patch0: hitch.systemd.service.patch
|
|
|
0895aa4 |
Patch1: hitch.initrc.redhat.patch
|
|
|
e266e15 |
Patch4: hitch-1.2.0_test07_missing_curl_resolve_on_el6.patch
|
|
|
0895aa4 |
|
|
|
0895aa4 |
%if 0%{?fedora} >= 18 || 0%{?rhel} >= 7
|
|
|
0895aa4 |
Requires(post): systemd
|
|
|
0895aa4 |
Requires(preun): systemd
|
|
|
0895aa4 |
Requires(postun): systemd
|
|
|
0895aa4 |
BuildRequires: systemd
|
|
|
0895aa4 |
%else
|
|
|
0895aa4 |
Requires(preun): initscripts
|
|
|
0895aa4 |
%endif
|
|
|
0895aa4 |
|
|
|
0895aa4 |
%description
|
|
|
0895aa4 |
hitch is a network proxy that terminates TLS/SSL connections and forwards the
|
|
|
0895aa4 |
unencrypted traffic to some backend. It is designed to handle 10s of thousands
|
|
|
0895aa4 |
of connections efficiently on multicore machines.
|
|
|
0895aa4 |
|
|
|
0895aa4 |
%prep
|
|
|
1a41ea0 |
%setup -q
|
|
|
0895aa4 |
%patch0
|
|
|
0895aa4 |
%patch1
|
|
|
0895aa4 |
%if 0%{?rhel} == 6
|
|
|
0895aa4 |
%patch4
|
|
|
0895aa4 |
%endif
|
|
|
0895aa4 |
|
|
|
0895aa4 |
%build
|
|
|
1a41ea0 |
#./bootstrap
|
|
|
0895aa4 |
|
|
|
0895aa4 |
%if 0%{?rhel} == 6
|
|
|
0895aa4 |
CFLAGS="%{optflags} -fPIE"
|
|
|
0895aa4 |
LDFLAGS=" -pie"
|
|
|
0895aa4 |
CPPFLAGS=" -I%{_includedir}/libev"
|
|
|
0895aa4 |
export CFLAGS
|
|
|
0895aa4 |
export LDFLAGS
|
|
|
0895aa4 |
export CPPFLAGS
|
|
|
0895aa4 |
%endif
|
|
|
0895aa4 |
|
|
|
8f2e073 |
# manpages are prebuilt, no need to build again
|
|
|
8f2e073 |
export RST2MAN=/bin/true
|
|
|
8f2e073 |
|
|
|
e266e15 |
# Someone forgot to clean out the test tree
|
|
|
e266e15 |
rm src/tests/test*.log
|
|
|
e266e15 |
rm src/tests/test*.trs
|
|
|
e266e15 |
|
|
|
6577e73 |
%configure \
|
|
|
6577e73 |
--docdir=%{?_pkgdocdir}%{!?_pkgdocdir:%{_docdir}/%{name}-%{version}}
|
|
|
6577e73 |
|
|
|
0895aa4 |
make %{?_smp_mflags}
|
|
|
0895aa4 |
|
|
|
0895aa4 |
|
|
|
0895aa4 |
%install
|
|
|
1a41ea0 |
echo %_docdir
|
|
|
1a41ea0 |
|
|
|
6577e73 |
%make_install
|
|
|
1a41ea0 |
sed '
|
|
|
0895aa4 |
s/user = ""/user = "%{hitch_user}"/g;
|
|
|
0895aa4 |
s/group = ""/group = "%{hitch_group}"/g;
|
|
|
0895aa4 |
s/backend = "\[127.0.0.1\]:8000"/backend = "[127.0.0.1]:6081"/g;
|
|
|
0895aa4 |
s/syslog = off/syslog = on/g;
|
|
|
cfbd8e5 |
' hitch.conf.ex > hitch.conf
|
|
|
0895aa4 |
%if 0%{?rhel} == 6
|
|
|
0895aa4 |
sed -i 's/daemon = off/daemon = on/g;' hitch.conf
|
|
|
0895aa4 |
%endif
|
|
|
e266e15 |
%if 0%{?fedora}
|
|
|
e266e15 |
sed -i 's/^ciphers =.*/ciphers = "PROFILE=SYSTEM"/g' hitch.conf
|
|
|
e266e15 |
%endif
|
|
|
e266e15 |
|
|
|
1a41ea0 |
rm -f %{buildroot}%{_datarootdir}/doc/%{name}/hitch.conf.ex
|
|
|
1a41ea0 |
|
|
|
0895aa4 |
install -p -D -m 0644 hitch.conf %{buildroot}%{_sysconfdir}/hitch/hitch.conf
|
|
|
0895aa4 |
install -d -m 0755 %{buildroot}%{hitch_homedir}
|
|
|
0895aa4 |
install -d -m 0755 %{buildroot}%{hitch_datadir}
|
|
|
0895aa4 |
%if 0%{?fedora} >= 18 || 0%{?rhel} >= 7
|
|
|
0895aa4 |
install -p -D -m 0644 hitch.service %{buildroot}%{_unitdir}/hitch.service
|
|
|
0895aa4 |
install -p -D -m 0644 hitch.tmpfilesd.conf %{buildroot}%{_tmpfilesdir}/hitch.conf
|
|
|
0895aa4 |
%else
|
|
|
0895aa4 |
install -p -D -m 0755 hitch.initrc.redhat %{buildroot}%{_initrddir}/hitch
|
|
|
0895aa4 |
install -d -m 0755 %{buildroot}%{_localstatedir}/run/hitch
|
|
|
0895aa4 |
%endif
|
|
|
0895aa4 |
|
|
|
0895aa4 |
# check is not enabled by default, as it won't work on the koji builders,
|
|
|
0895aa4 |
# nor on machines that can't reach the Internet.
|
|
|
0895aa4 |
%check
|
|
|
0895aa4 |
%if 0%{?runcheck} == 1
|
|
|
e266e15 |
make check
|
|
|
0895aa4 |
%endif
|
|
|
0895aa4 |
|
|
|
0895aa4 |
%pre
|
|
|
0895aa4 |
groupadd -r %{hitch_group} &>/dev/null ||:
|
|
|
0895aa4 |
useradd -r -g %{hitch_group} -s /sbin/nologin -d %{hitch_homedir} %{hitch_user} &>/dev/null ||:
|
|
|
0895aa4 |
|
|
|
0895aa4 |
|
|
|
0895aa4 |
%post
|
|
|
0895aa4 |
%if 0%{?fedora} >= 18 || 0%{?rhel} >= 7
|
|
|
0895aa4 |
%systemd_post hitch.service
|
|
|
0895aa4 |
%tmpfiles_create %{_tmpfilesdir}/hitch.conf
|
|
|
0895aa4 |
%else
|
|
|
0895aa4 |
/sbin/chkconfig --add hitch
|
|
|
0895aa4 |
%endif
|
|
|
0895aa4 |
|
|
|
0895aa4 |
%preun
|
|
|
0895aa4 |
%if 0%{?fedora} >= 18 || 0%{?rhel} >= 7
|
|
|
0895aa4 |
%systemd_preun hitch.service
|
|
|
0895aa4 |
%else
|
|
|
0895aa4 |
/sbin/service hitch stop > /dev/null 2>&1
|
|
|
0895aa4 |
/sbin/chkconfig --del hitch
|
|
|
0895aa4 |
%endif
|
|
|
0895aa4 |
|
|
|
0895aa4 |
|
|
|
0895aa4 |
%if 0%{?fedora} >= 18 || 0%{?rhel} >= 7
|
|
|
0895aa4 |
%postun
|
|
|
0895aa4 |
%systemd_postun_with_restart hitch.service
|
|
|
0895aa4 |
%endif
|
|
|
0895aa4 |
|
|
|
0895aa4 |
|
|
|
0895aa4 |
%files
|
|
|
0895aa4 |
%doc README.md
|
|
|
6577e73 |
%doc CHANGES.rst
|
|
|
1a41ea0 |
%doc hitch.conf.ex
|
|
|
0895aa4 |
%if 0%{?rhel} == 6
|
|
|
0895aa4 |
%doc LICENSE
|
|
|
0895aa4 |
%else
|
|
|
0895aa4 |
%license LICENSE
|
|
|
0895aa4 |
%endif
|
|
|
1a41ea0 |
%{_sbindir}/%{name}
|
|
|
0895aa4 |
%{_mandir}/man8/hitch.8*
|
|
|
0895aa4 |
%dir %{_sysconfdir}/hitch
|
|
|
0895aa4 |
%config(noreplace) %{_sysconfdir}/hitch/hitch.conf
|
|
|
0895aa4 |
%if 0%{?fedora} >= 18 || 0%{?rhel} >= 7
|
|
|
0895aa4 |
%{_unitdir}/hitch.service
|
|
|
0895aa4 |
%{_tmpfilesdir}/hitch.conf
|
|
|
0895aa4 |
%ghost %verify(not md5 size mtime) /run/hitch/hitch.pid
|
|
|
0895aa4 |
|
|
|
0895aa4 |
%else
|
|
|
0895aa4 |
%{_initrddir}/hitch
|
|
|
0895aa4 |
%attr(0755,hitch,hitch) %dir %{_localstatedir}/run/hitch
|
|
|
0895aa4 |
%attr(0644,hitch,hitch) %ghost %verify(not md5 size mtime) %{_localstatedir}/run/hitch/hitch.pid
|
|
|
0895aa4 |
%endif
|
|
|
0895aa4 |
|
|
|
0895aa4 |
|
|
|
0895aa4 |
%changelog
|
|
|
e266e15 |
* Mon Apr 25 2016 Ingvar Hagelund <ingvar@redpill-linpro.com> 1.2.0-1
|
|
|
e266e15 |
- New upstream release
|
|
|
e266e15 |
- Clean up test tree before build
|
|
|
e266e15 |
- Removed no longer needed test patch
|
|
|
e266e15 |
- Rebased missing_curl_resolve_on_el6 test patch
|
|
|
e266e15 |
- Added reload option to systemd service file and sysv initrc script
|
|
|
e266e15 |
- Changed the default cipher to "PROFILE=SYSTEM" on fedora
|
|
|
e266e15 |
|
|
|
fb5d7ab |
* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.1-2
|
|
|
fb5d7ab |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
|
|
fb5d7ab |
|
|
|
8f2e073 |
* Thu Jan 28 2016 Ingvar Hagelund <ingvar@redpill-linpro.com> 1.1.1-1
|
|
|
8f2e073 |
- New upstream release
|
|
|
8f2e073 |
- Removed patches included upstream
|
|
|
8f2e073 |
- No need to rebuild the manpage, as the upstream distribution includes it
|
|
|
8f2e073 |
|
|
|
6577e73 |
* Mon Nov 23 2015 Ingvar Hagelund <ingvar@redpill-linpro.com> 1.1.0-1
|
|
|
6577e73 |
- New upstream release
|
|
|
6577e73 |
- Use the _pkgdocdir macro to avoid docdir hacks for el6
|
|
|
6577e73 |
- Added a patch from upstream that sets stronger ciphers as default
|
|
|
6577e73 |
|
|
|
1a41ea0 |
* Thu Oct 15 2015 Ingvar Hagelund <ingvar@redpill-linpro.com> 1.0.1-1
|
|
|
1a41ea0 |
- New upstream release
|
|
|
1a41ea0 |
- New Home and Source0 URLs
|
|
|
1a41ea0 |
- Rebased patches
|
|
|
1a41ea0 |
- Changed initrc and systemd start up scripts to match new binary name
|
|
|
1a41ea0 |
|
|
|
cfbd8e5 |
* Tue Aug 04 2015 Ingvar Hagelund <ingvar@redpill-linpro.com> 1.0.0-0.5.1.beta5
|
|
|
cfbd8e5 |
- New upstream beta
|
|
|
cfbd8e5 |
- Dropped patch3 and patch5, they are fixed in upstream
|
|
|
cfbd8e5 |
- Rebased patch for curl on el6
|
|
|
cfbd8e5 |
- hitch no longer autocreates the default config, so use the provided example
|
|
|
cfbd8e5 |
|
|
|
cdfd9fa |
* Tue Aug 04 2015 Ingvar Hagelund <ingvar@redpill-linpro.com> 1.0.0-0.4.3.beta4
|
|
|
b325d36 |
- Much simpler patch for github issue #37
|
|
|
b325d36 |
|
|
|
b3fb299 |
* Mon Aug 03 2015 Ingvar Hagelund <ingvar@redpill-linpro.com> 1.0.0-0.4.2.beta4
|
|
|
b3fb299 |
- Patching around upstream github issue #37
|
|
|
b3fb299 |
|
|
|
7faa896 |
* Mon Aug 03 2015 Ingvar Hagelund <ingvar@redpill-linpro.com> 1.0.0-0.4.1.beta4
|
|
|
7faa896 |
- New upstream beta
|
|
|
7faa896 |
- Dropped setgroups patch as it has been accepted upstream
|
|
|
7faa896 |
- Simple sed replace nobody for nogroup in test08
|
|
|
7faa896 |
|
|
|
0895aa4 |
* Sun Jul 19 2015 Ingvar Hagelund <ingvar@redpill-linpro.com> 1.0.0-0.3.4.beta3
|
|
|
0895aa4 |
- Some more fixes for the fedora package review, ref Cicku
|
|
|
0895aa4 |
|
|
|
0895aa4 |
* Thu Jul 16 2015 Ingvar Hagelund <ingvar@redpill-linpro.com> 1.0.0-0.3.3.beta3
|
|
|
0895aa4 |
- Some more fixes for the fedora package review, ref Jeff Backus
|
|
|
0895aa4 |
|
|
|
0895aa4 |
* Fri Jun 26 2015 Ingvar Hagelund <ingvar@redpill-linpro.com> 1.0.0-0.3.2.beta3
|
|
|
0895aa4 |
- Added _hardened_build macro and PIE on el6
|
|
|
0895aa4 |
|
|
|
0895aa4 |
* Thu Jun 25 2015 Ingvar Hagelund <ingvar@redpill-linpro.com> 1.0.0-0.3.1.beta3
|
|
|
0895aa4 |
- Some fixes for the fedora package review, ref Sören Möller
|
|
|
0895aa4 |
- Now runs the test suite in check, adding BuildRequire openssl
|
|
|
0895aa4 |
- Added a patch that fixed missing cleaning running daemons from test suite
|
|
|
0895aa4 |
- Added a patch that made test07 run on older curl (epel6)
|
|
|
0895aa4 |
- Package owns /etc/hitch
|
|
|
0895aa4 |
- Added pidfile to systemd and tmpfiles.d configuration
|
|
|
0895aa4 |
- Added pidfile to redhat sysv init script
|
|
|
0895aa4 |
|
|
|
0895aa4 |
* Wed Jun 10 2015 Ingvar Hagelund <ingvar@redpill-linpro.com> 1.0.0-0.3.beta3
|
|
|
0895aa4 |
- Initial wrap for fedora
|
|
|
0895aa4 |
|