diff --git a/.gitignore b/.gitignore index 7e83869..caf38e6 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,4 @@ /hitch-1.0.1.tar.gz /hitch-1.1.0.tar.gz /hitch-1.1.1.tar.gz +/hitch-1.2.0.tar.gz diff --git a/hitch-1.2.0_test07_missing_curl_resolve_on_el6.patch b/hitch-1.2.0_test07_missing_curl_resolve_on_el6.patch new file mode 100644 index 0000000..0b4e31a --- /dev/null +++ b/hitch-1.2.0_test07_missing_curl_resolve_on_el6.patch @@ -0,0 +1,13 @@ +--- src/tests/test07-nomatch-abort.sh.orig 2016-04-25 15:04:43.468360647 +0200 ++++ src/tests/test07-nomatch-abort.sh 2016-04-25 15:05:20.749503573 +0200 +@@ -51,9 +51,7 @@ + grep -q -c "unrecognized name" $DUMPFILE + test "$?" = "0" || die "Expected 'unrecognized name' error." + +-CURL_EXTRA="--resolve site1.example.com:$LISTENPORT:127.0.0.1" +-runcurl site1.example.com $LISTENPORT +- ++(echo -e 'GET / HTTP/1.0\nHost: site1.example.com\n'; sleep 1) | openssl s_client -connect $LISTENADDR:$LISTENPORT > $DUMPFILE 2>&1 + # SNI request w/ valid servername + echo -e "\n" | openssl s_client -servername site1.example.com -prexit -connect $LISTENADDR:$((LISTENPORT+1)) >$DUMPFILE 2>&1 + test "$?" = "0" || die "s_client failed" diff --git a/hitch.initrc.redhat.patch b/hitch.initrc.redhat.patch index 05e12e0..32869ab 100644 --- a/hitch.initrc.redhat.patch +++ b/hitch.initrc.redhat.patch @@ -1,6 +1,138 @@ -diff -Naur ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/hitch.initrc.redhat ./hitch.initrc.redhat ---- ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/hitch.initrc.redhat 1970-01-01 01:00:00.000000000 +0100 -+++ ./hitch.initrc.redhat 2015-06-25 15:23:33.575130324 +0200 +diff -Naur ../hitch-1.2.0.orig/hitch.initrc.redhat ./hitch.initrc.redhat +--- ../hitch-1.2.0.orig/hitch.initrc.redhat 1970-01-01 01:00:00.000000000 +0100 ++++ ./hitch.initrc.redhat 2016-04-26 12:16:15.174291004 +0200 +@@ -0,0 +1,128 @@ ++#! /bin/sh ++# ++# hitch Control the Hitch daemon ++# ++# chkconfig: - 90 10 ++# description: Hitch proxy daemon ++# processname: hitch ++# config: /etc/hitch/hitch.conf ++# pidfile: /var/run/hitch/hitch.pid ++ ++### BEGIN INIT INFO ++# Provides: hitch ++# Required-Start: $network $local_fs $remote_fs ++# Required-Stop: $network $local_fs $remote_fs ++# Default-Start: ++# Default-Stop: ++# Short-Description: start and stop hitch ++# Description: Hitch proxy daemon ++### END INIT INFO ++ ++# Source function library. ++. /etc/init.d/functions ++ ++retval=0 ++pidfile="/var/run/hitch/hitch.pid" ++lockfile="/var/lock/subsys/hitch" ++config="/etc/hitch/hitch.conf" ++exec="/usr/sbin/hitch" ++prog="hitch" ++ ++ ++start() { ++ ++ if [ ! -x $exec ] ++ then ++ echo $exec not found ++ exit 5 ++ fi ++ ++ if [ ! -f $config ] ++ then ++ echo $config not found ++ exit 6 ++ fi ++ ++ echo -n "Starting hitch ssl proxy: " ++ ++ daemon $exec "--pidfile=$pidfile --config $config" > /dev/null ++ retval=$? ++ if [ $retval -eq 0 ] ++ then ++ touch $lockfile ++ echo_success ++ echo ++ else ++ echo_failure ++ echo ++ fi ++ return $retval ++} ++ ++stop() { ++ echo -n "Stopping Hitch proxy daemon: " ++ killproc -p $pidfile $prog ++ retval=$? ++ echo ++ [ $retval -eq 0 ] && rm -f $lockfile ++ return $retval ++} ++ ++restart() { ++ $exec --test --config $config || exit 1 ++ stop ++ start ++} ++ ++reload() { ++ $exec --test --config $config || exit 1 ++ killproc -p $pidfile $prog -HUP ++} ++ ++force_reload() { ++ restart ++} ++ ++rh_status() { ++ status -p $pidfile $prog ++} ++ ++rh_status_q() { ++ rh_status >/dev/null 2>&1 ++} ++ ++# See how we were called. ++case "$1" in ++ start) ++ rh_status_q && exit 0 ++ $1 ++ ;; ++ stop) ++ rh_status_q || exit 0 ++ $1 ++ ;; ++ restart) ++ $1 ++ ;; ++ reload) ++ rh_status_q || exit 7 ++ $1 ++ ;; ++ force-reload) ++ force_reload ++ ;; ++ status) ++ rh_status ++ ;; ++ condrestart|try-restart) ++ rh_status_q || exit 0 ++ restart ++ ;; ++ *) ++ echo "Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}" ++ ++ exit 2 ++esac ++ ++exit $? ++ +diff -Naur ../hitch-1.2.0.orig/hitch.initrc.redhat.old ./hitch.initrc.redhat.old +--- ../hitch-1.2.0.orig/hitch.initrc.redhat.old 1970-01-01 01:00:00.000000000 +0100 ++++ ./hitch.initrc.redhat.old 2016-04-26 11:10:57.835847857 +0200 @@ -0,0 +1,126 @@ +#! /bin/sh +# diff --git a/hitch.spec b/hitch.spec index d3f1d6f..696c74f 100644 --- a/hitch.spec +++ b/hitch.spec @@ -2,7 +2,7 @@ #% global shortcommit % (c=% {commit}; echo ${c:0:7}) # Checks may only be ran from a host with internet connection -#% global runcheck 0 +#% global runcheck 1 %global hitch_user hitch %global hitch_group hitch @@ -15,8 +15,8 @@ %global _hardened_build 1 Name: hitch -Version: 1.1.1 -Release: 2%{?dist} +Version: 1.2.0 +Release: 1%{?dist} Summary: Network proxy that terminates TLS/SSL connections Group: System Environment/Daemons @@ -32,8 +32,7 @@ Requires: openssl Patch0: hitch.systemd.service.patch Patch1: hitch.initrc.redhat.patch -Patch3: hitch-1.0.1_tests_nobody_group.patch -Patch4: hitch.test07_missing_curl_resolve_on_el6.patch +Patch4: hitch-1.2.0_test07_missing_curl_resolve_on_el6.patch %if 0%{?fedora} >= 18 || 0%{?rhel} >= 7 Requires(post): systemd @@ -53,7 +52,6 @@ of connections efficiently on multicore machines. %setup -q %patch0 %patch1 -%patch3 %if 0%{?rhel} == 6 %patch4 %endif @@ -73,6 +71,10 @@ export CPPFLAGS # manpages are prebuilt, no need to build again export RST2MAN=/bin/true +# Someone forgot to clean out the test tree +rm src/tests/test*.log +rm src/tests/test*.trs + %configure \ --docdir=%{?_pkgdocdir}%{!?_pkgdocdir:%{_docdir}/%{name}-%{version}} @@ -92,6 +94,10 @@ sed ' %if 0%{?rhel} == 6 sed -i 's/daemon = off/daemon = on/g;' hitch.conf %endif +%if 0%{?fedora} + sed -i 's/^ciphers =.*/ciphers = "PROFILE=SYSTEM"/g' hitch.conf +%endif + rm -f %{buildroot}%{_datarootdir}/doc/%{name}/hitch.conf.ex install -p -D -m 0644 hitch.conf %{buildroot}%{_sysconfdir}/hitch/hitch.conf @@ -109,7 +115,7 @@ install -d -m 0755 %{buildroot}%{_localstatedir}/run/hitch # nor on machines that can't reach the Internet. %check %if 0%{?runcheck} == 1 -cd src/tests; ./runtests +make check %endif %pre @@ -166,6 +172,14 @@ useradd -r -g %{hitch_group} -s /sbin/nologin -d %{hitch_homedir} %{hitch_user} %changelog +* Mon Apr 25 2016 Ingvar Hagelund 1.2.0-1 +- New upstream release +- Clean up test tree before build +- Removed no longer needed test patch +- Rebased missing_curl_resolve_on_el6 test patch +- Added reload option to systemd service file and sysv initrc script +- Changed the default cipher to "PROFILE=SYSTEM" on fedora + * Wed Feb 03 2016 Fedora Release Engineering - 1.1.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild diff --git a/hitch.systemd.service.patch b/hitch.systemd.service.patch index ef21e35..2aa12d9 100644 --- a/hitch.systemd.service.patch +++ b/hitch.systemd.service.patch @@ -1,6 +1,6 @@ -diff -Naur ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/hitch.service ./hitch.service ---- ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/hitch.service 1970-01-01 01:00:00.000000000 +0100 -+++ ./hitch.service 2015-06-25 14:23:07.120277818 +0200 +diff -Naur ../hitch-1.2.0.orig/hitch.service ./hitch.service +--- ../hitch-1.2.0.orig/hitch.service 1970-01-01 01:00:00.000000000 +0100 ++++ ./hitch.service 2016-04-26 10:43:41.177533507 +0200 @@ -0,0 +1,27 @@ +[Unit] +Description=Network proxy that terminates TLS/SSL connections @@ -24,13 +24,13 @@ diff -Naur ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/hitch.service +Type=simple +PrivateTmp=true +ExecStart=/usr/sbin/hitch --pidfile=/run/hitch/hitch.pid --config=/etc/hitch/hitch.conf -+ ++ExecReload=/usr/bin/kill -HUP $MAINPID + +[Install] +WantedBy=multi-user.target + -diff -Naur ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/hitch.tmpfilesd.conf ./hitch.tmpfilesd.conf ---- ../hitch-00b264b5537986fecfa1013cc27ad3b7b771a646.orig/hitch.tmpfilesd.conf 1970-01-01 01:00:00.000000000 +0100 -+++ ./hitch.tmpfilesd.conf 2015-06-25 14:44:15.785888764 +0200 +diff -Naur ../hitch-1.2.0.orig/hitch.tmpfilesd.conf ./hitch.tmpfilesd.conf +--- ../hitch-1.2.0.orig/hitch.tmpfilesd.conf 1970-01-01 01:00:00.000000000 +0100 ++++ ./hitch.tmpfilesd.conf 2016-04-26 10:44:00.091623905 +0200 @@ -0,0 +1 @@ +d /run/hitch 0755 hitch hitch - diff --git a/sources b/sources index 782fcf3..91fae05 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -4035ddf8381c3addef56feebfc44e10f hitch-1.1.1.tar.gz +f2f19b6e92115c083d0fccf59b7bd856 hitch-1.2.0.tar.gz