From 3db7bc79d7ea172e0c2d2738c2dd1500ea20f4eb Mon Sep 17 00:00:00 2001
From: Ingvar Hagelund <ingvar@redpill-linpro.com>
Date: Nov 27 2019 01:17:03 +0000
Subject: New upstream release

Added a patch working around upstream bug #322
Example config now sets debug-level=1 and logs to syslog

---

diff --git a/.gitignore b/.gitignore
index 0c8fb32..f36e733 100644
--- a/.gitignore
+++ b/.gitignore
@@ -14,3 +14,4 @@
 /hitch-1.4.6.tar.gz
 /hitch-1.4.8.tar.gz
 /hitch-1.5.0.tar.gz
+/hitch-1.5.1.tar.gz
diff --git a/hitch-1.5.1_refuse_run_as_root_reversed.patch b/hitch-1.5.1_refuse_run_as_root_reversed.patch
new file mode 100644
index 0000000..0004762
--- /dev/null
+++ b/hitch-1.5.1_refuse_run_as_root_reversed.patch
@@ -0,0 +1,20 @@
+Author: Ingvar Hagelund <ingvar@redpill-linpro.com>
+Date: Wed Nov 27 02:14:36 CET 2019
+
+    Revert parts of upstream commit 55b2f623b2a9cde3831b45920e1a657fa1ffe3a4
+
+--- src/hitch.c.orig	2019-11-27 01:15:30.734391214 +0100
++++ src/hitch.c	2019-11-27 01:15:10.901000746 +0100
+@@ -3993,8 +3993,10 @@
+ 		exit(1);
+ 	}
+ 
+-	if (!verify_privileges())
+-		exit(1);
++       if (geteuid() == 0 && CONFIG->UID < 0) {
++               ERR("{core} ERROR: Refusing to run workers as root.\n");
++               exit(1);
++        }
+ 
+ 	if (CONFIG->DAEMONIZE)
+ 		daemonize();
diff --git a/hitch.spec b/hitch.spec
index 08ee023..7835077 100644
--- a/hitch.spec
+++ b/hitch.spec
@@ -17,8 +17,8 @@
 %global _hardened_build 1
 
 Name:		hitch
-Version:	1.5.0
-Release:	4%{?dist}
+Version:	1.5.1
+Release:	1%{?dist}
 Summary:	Network proxy that terminates TLS/SSL connections
 
 License:	BSD
@@ -36,6 +36,9 @@ Requires:	openssl
 Patch0:		hitch.systemd.service.patch
 Patch1:		hitch.initrc.redhat.patch
 
+# working around upstream bug #322
+Patch3:		hitch-1.5.1_refuse_run_as_root_reversed.patch
+
 %if 0%{?fedora} >= 18 || 0%{?rhel} >= 7
 Requires(post): systemd
 Requires(preun): systemd
@@ -54,6 +57,7 @@ of connections efficiently on multicore machines.
 %setup -q -n %{name}-%{version}%{?v_rc}
 %patch0
 %patch1
+%patch3
 
 %build
 #./bootstrap
@@ -81,7 +85,8 @@ sed   '
 	s/user = .*/user = "%{hitch_user}"/g;
 	s/group = .*/group = "%{hitch_group}"/g;
 	s/backend = "\[127.0.0.1\]:8000"/backend = "[127.0.0.1]:6081"/g;
-	s/syslog = off/syslog = on/g;
+	$a\syslog = on
+	$a\log-level = 1
 	$a\# Add pem files to this directory
 	$a\pem-dir = "/etc/pki/tls/private"
 	' hitch.conf.example > hitch.conf
@@ -176,6 +181,11 @@ fi
 
 
 %changelog
+* Tue Nov 26 2019 Ingvar Hagelund <ingvar@redpill-linpro.com> - 1.5.1-1
+- New upstream release
+- Added a patch working around upstream bug #322
+- Example config now sets debug-level=1 and logs to syslog
+
 * Tue Nov 12 2019 Ingvar Hagelund <ingvar@redpill-linpro.com> - 1.5.0-4
 - Added support for epel8
 - Added a systemd limit.conf with defaults LimitCORE=infinity, LimitNOFILE=10240
diff --git a/sources b/sources
index 0bded90..632b4b5 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (hitch-1.5.0.tar.gz) = 17991d9a82635456fcd0cebf0f1b067183bc0a02eaf0d1437ba3369674a2a9880ca8774afde984710123c46b472bdbe3b1bf6770e7475d5d24170a7674a48be5
+SHA512 (hitch-1.5.1.tar.gz) = 61fca7c55cc01ae314a216109249877a9b9bb9544ada5704bdec608f68ef3dc03d30de9fc1796ed519cad074e72c4104213714c2a30873378133d7b1f14cbf17