SHA256
1
0
forked from pool/haproxy
haproxy/haproxy.spec
Kristoffer Gronlund 52b33deb58 Accepting request 719829 from home:KGronlund:branches:server:http
- Update to version 2.0.3+git14.0ff395c1 (bsc#1142529) (CVE-2019-14241):
  * BUG/MAJOR: queue/threads: avoid an AB/BA locking issue in process_srv_queue()
  * BUG/MINOR: htx: Fix free space addresses calculation during a block expansion
  * BUG/MINOR: hlua: Only execute functions of HTTP class if the txn is HTTP ready
  * MINOR: hlua: Add a flag on the lua txn to know in which context it can be used
  * MINOR: hlua: Don't set request analyzers on response channel for lua actions
  * BUG/MEDIUM: hlua: Check the calling direction in lua functions of the HTTP class
  * BUG/MINOR: hlua/htx: Reset channels analyzers when txn:done() is called
  * DOC: improve the wording in CONTRIBUTING about how to document a bug fix
  * BUG/MINOR: log: make sure writev() is not interrupted on a file output
  * BUG/MEDIUM: streams: Don't switch the SI to SI_ST_DIS if we have data to send.
  * BUG/MEDIUM: lb-chash: Fix the realloc() when the number of nodes is increased
  * BUILD: threads: add the definition of PROTO_LOCK
  * BUG/MINOR: proxy: always lock stop_proxy()
  * BUG/MEDIUM: protocols: add a global lock for the init/deinit stuff
  * [RELEASE] Released version 2.0.3
  * BUG/CRITICAL: http_ana: Fix parsing of malformed cookies which start by a delimiter
  * BUG/MINOR: http_htx: Support empty errorfiles
  * BUG/MINOR: http_ana: Be sure to have an allocated buffer to generate an error
  * BUG/MEDIUM: tcp-checks: do not dereference inexisting conn_stream
  * BUG/MINOR: mux-h1: Close server connection if input data remains in h1_detach()
  * BUG/MEDIUM: mux-h1: Trim excess server data at the end of a transaction
  * BUG/MINOR: checks: do not exit tcp-checks from the middle of the loop
  * BUG/MINOR: session: Send a default HTTP error if accept fails for a H1 socket
  * BUG/MINOR: session: Emit an HTTP error if accept fails only for H1 connection
  * BUG/MINOR: debug: Remove flags CO_FL_SOCK_WR_ENA/CO_FL_SOCK_RD_ENA
  * DOC: htx: Update comments in HTX files
  * BUG/MINOR: hlua: Make the function txn:done() HTX aware
  * BUG/MINOR: cache/htx: Make maxage calculation HTX aware
  * BUG/MINOR: http_htx: Initialize HTX error messages for TCP proxies

OBS-URL: https://build.opensuse.org/request/show/719829
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=188
2019-07-30 14:49:53 +00:00

257 lines
7.3 KiB
RPMSpec

#
# spec file for package haproxy
#
# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
%if 0%{?suse_version} >= 1230
%bcond_without tcp_fast_open
%bcond_without network_namespace
%else
%bcond_with tcp_fast_open
%bcond_with network_namespace
%endif
%if 0%{?suse_version} > 1320
%bcond_without lua
%else
%bcond_with lua
%endif
%if 0%{?suse_version} >= 1310
%bcond_without systemd
%else
%bcond_with systemd
%endif
%if 0%{?suse_version} > 1140
%bcond_without pcre_jit
%else
%bcond_with pcre_jit
%endif
%bcond_without apparmor
%if 0%{?suse_version} > 1320
%bcond_without apparmor_reload
%else
%bcond_with apparmor_reload
%endif
Name: haproxy
Version: 2.0.3+git14.0ff395c1
Release: 0
#
#
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%if %{with apparmor}
%if 0%{?suse_version} <= 1315
BuildRequires: apparmor-profiles
Requires: apparmor-profiles
%else
BuildRequires: apparmor-abstractions
Requires: apparmor-abstractions
%endif
%if %{with apparmor_reload}
BuildRequires: apparmor-rpm-macros
%endif
%endif
BuildRequires: libgcrypt-devel
%if %{with lua}
BuildRequires: lua-devel >= 5.3
%endif
BuildRequires: pcre-devel
BuildRequires: zlib-devel
BuildRequires: openssl-devel
BuildRequires: pkg-config
BuildRequires: udev
%if %{with systemd}
BuildRequires: pkgconfig(systemd)
BuildRequires: pkgconfig(libsystemd)
%endif
BuildRequires: vim
%define pkg_name haproxy
%define pkg_home /var/lib/%{pkg_name}
#
Url: http://www.haproxy.org/
# source URL in _service file
Source: haproxy-%{version}.tar.gz
Source1: %{pkg_name}.init
Source2: usr.sbin.haproxy.apparmor
Source3: local.usr.sbin.haproxy.apparmor
Source4: haproxy.cfg
Patch1: haproxy-1.6.0_config_haproxy_user.patch
Patch2: haproxy-1.6.0-makefile_lib.patch
Patch3: haproxy-1.6.0-sec-options.patch
#
Source99: haproxy-rpmlintrc
#
Summary: The Reliable, High Performance TCP/HTTP Load Balancer
License: GPL-3.0+ and LGPL-2.1+
Group: Productivity/Networking/Web/Proxy
Provides: %{name}-doc = %{version}
Obsoletes: %{name}-doc < %{version}
Provides: haproxy-1.5 = %{version}
Obsoletes: haproxy-1.5 < %{version}
# this requires is not strictly needed. we only need it for the ownership of the vim data dir
Requires: vim
%if %{with systemd}
%{?systemd_requires}
%endif
%{!?vim_data_dir:%global vim_data_dir /usr/share/vim/%(readlink /usr/share/vim/current)}
%description
HAProxy implements an event-driven, mono-process model which enables support
for very high number of simultaneous connections at very high speeds.
Multi-process or multi-threaded models can rarely cope with thousands of
connections because of memory limits, system scheduler limits, and lock
contention everywhere. Event-driven models do not have these problems because
implementing all the tasks in user-space allows a finer resource and time
management. The down side is that those programs generally don't scale well on
multi-processor systems. That's the reason why they must be optimized to get
the most work done from every CPU cycle.
%prep
%setup -q
%patch1 -p1
%patch2 -p1
%patch3 -p1
%build
make \
TARGET=linux-glibc \
CPU="%{_target_cpu}" \
USE_PCRE=1 \
%if %{with pcre_jit}
USE_PCRE_JIT=1 \
%endif
USE_PTHREAD_PSHARED=1 \
%ifarch %ix86
USE_REGPARM=1 \
%endif
USE_GETADDRINFO=1 \
USE_OPENSSL=1 \
%if %{with lua}
USE_LUA=1 \
%endif
USE_ZLIB=1 \
%if %{with tcp_fast_open}
USE_TFO=1 \
%endif
%if %{with network_namespace}
USE_NS=1 \
%endif
%if %{with systemd}
USE_SYSTEMD=1 \
%endif
USE_PIE=1 \
USE_STACKPROTECTOR=1 \
USE_RELRO_NOW=1 \
LIB="%{_lib}" \
PREFIX="%{_prefix}" \
DEBUG_CFLAGS="%{optflags}"
%if %{with systemd}
make -C contrib/systemd PREFIX="%{_prefix}"
%endif
make -C contrib/halog PREFIX="%{_prefix}" \
DEFINE="%{optflags} -pie -fpie -fstack-protector -Wl,-z,relro,-z,now"
%install
install -D -m 0755 %{pkg_name} %{buildroot}%{_sbindir}/%{pkg_name}
install -d -m 0750 %{buildroot}%{_sysconfdir}/%{pkg_name}/
install -m 0640 %{S:4} %{buildroot}%{_sysconfdir}/%{pkg_name}/%{pkg_name}.cfg
install -D -m 0755 contrib/halog/halog %{buildroot}%{_sbindir}/haproxy-halog
%if %{with systemd}
install -D -m 0644 contrib/systemd/%{pkg_name}.service %{buildroot}%{_unitdir}/%{pkg_name}.service
ln -sf /sbin/service %{buildroot}%{_sbindir}/rc%{pkg_name}
%else
install -D -m 0755 %{S:1} %{buildroot}%{_sysconfdir}/init.d/%{pkg_name}
ln -fs %{_sysconfdir}/init.d/%{pkg_name} %{buildroot}%{_sbindir}/rc%{pkg_name}
%endif
install -d -m 0750 %{buildroot}%{pkg_home}
install -D -m 0644 contrib/syntax-highlight/haproxy.vim %{buildroot}%{vim_data_dir}/syntax/%{pkg_name}.vim
install -D -m 0644 doc/%{pkg_name}.1 %{buildroot}%{_mandir}/man1/%{pkg_name}.1
%if %{with apparmor}
install -D -m 0644 %{S:2} %{buildroot}/etc/apparmor.d/usr.sbin.haproxy
install -D -m 0644 %{S:3} %{buildroot}/etc/apparmor.d/local/usr.sbin.haproxy
%endif
rm examples/*init*
%pre
getent group %{pkg_name} >/dev/null || /usr/sbin/groupadd -r %{pkg_name}
getent passwd %{pkg_name} >/dev/null || \
/usr/sbin/useradd -g %{pkg_name} -s /bin/false -r \
-c "user for %{pkg_name}" -d %{pkg_home} %{pkg_name}
%if %{with systemd}
%service_add_pre %{pkg_name}.service
%post
%if %{with apparmor} && %{with apparmor_reload}
%apparmor_reload /etc/apparmor.d/usr.sbin.haproxy
%endif
%service_add_post %{pkg_name}.service
%preun
%service_del_preun %{pkg_name}.service
%postun
%service_del_postun %{pkg_name}.service
%else
%post
%fillup_and_insserv %{pkg_name}
%if %{with apparmor} && %{with apparmor_reload}
%apparmor_reload /etc/apparmor.d/usr.sbin.haproxy
%endif
%preun
%stop_on_removal %{pkg_name}
%postun
%restart_on_update %{pkg_name}
%{insserv_cleanup}
%endif
%files
%defattr(-,root,root,-)
%doc CHANGELOG README LICENSE
%doc ROADMAP doc/* examples/
%doc contrib/netsnmp-perl/ contrib/selinux/
%dir %attr(-,root,haproxy) %{_sysconfdir}/%{pkg_name}
%config(noreplace) %attr(-,root,haproxy) %{_sysconfdir}/%{pkg_name}/*
%if %{with systemd}
%{_unitdir}/%{pkg_name}.service
%else
%config(noreplace) %{_sysconfdir}/init.d/%{pkg_name}
%endif
%{_sbindir}/haproxy
%{_sbindir}/haproxy-halog
%{_sbindir}/rchaproxy
%dir %attr(-,root,haproxy) %{pkg_home}
%{_mandir}/man1/%{pkg_name}.1.gz
%{vim_data_dir}/syntax/%{pkg_name}.vim
%if %{with apparmor}
%if 0%{?suse_version} == 1110
%dir /etc/apparmor.d/local/
%endif
%config(noreplace) /etc/apparmor.d/usr.sbin.haproxy
%config(noreplace) /etc/apparmor.d/local/usr.sbin.haproxy
%endif
%changelog