jhogarth pushed to sslh (f21). "Initial import (#1203476)"

notifications at fedoraproject.org notifications at fedoraproject.org
Thu Apr 9 23:16:14 UTC 2015 

>From 37d672beed21391f9277a39a1839bf9d0140a626 Mon Sep 17 00:00:00 2001
From: James Hogarth <james.hogarth at gmail.com>
Date: Thu, 9 Apr 2015 23:38:37 +0100
Subject: Initial import (#1203476)


diff --git a/.gitignore b/.gitignore
index e69de29..a29d5d7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
+/sslh-v1.17.tar.gz
diff --git a/patch0-sslh-sensible-fedora-defaults.patch b/patch0-sslh-sensible-fedora-defaults.patch
new file mode 100644
index 0000000..3f1115f
--- /dev/null
+++ b/patch0-sslh-sensible-fedora-defaults.patch
@@ -0,0 +1,64 @@
+diff --git a/basic.cfg b/basic.cfg
+index 526ffbf..fb274e2 100644
+--- a/basic.cfg
++++ b/basic.cfg
+@@ -2,13 +2,12 @@
+ # sensible values for "standard" setup.
+ 
+ verbose: false;
+-foreground: false;
++foreground: true;
+ inetd: false;
+ numeric: false;
+ transparent: false;
+ timeout: "2";
+-user: "nobody";
+-pidfile: "/var/run/sslh.pid";
++user: "sslh";
+ 
+ 
+ # Change hostname with your external address name.
+diff --git a/scripts/systemd.sslh.service b/scripts/systemd.sslh.service
+index c2a69fd..c25f09e 100644
+--- a/scripts/systemd.sslh.service
++++ b/scripts/systemd.sslh.service
+@@ -1,11 +1,17 @@
+ [Unit]
+ Description=SSL/SSH multiplexer
++Documentation=man:sslh(8)
+ After=network.target
+ 
+ [Service]
+-EnvironmentFile=/etc/conf.d/sslh
+-ExecStart=/usr/bin/sslh --foreground $DAEMON_OPTS
++EnvironmentFile=-/etc/sysconfig/sslh
++ExecStart=/usr/sbin/sslh -F /etc/sslh.cfg ${DAEMON_OPTS}
+ KillMode=process
++CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_NET_ADMIN CAP_SETGID CAP_SETUID
++PrivateTmp=true
++PrivateDevices=true
++ProtectSystem=full
++ProtectHome=true
+ 
+ [Install]
+ WantedBy=multi-user.target
+diff --git a/sslh.pod b/sslh.pod
+index c0ce606..b4446b2 100644
+--- a/sslh.pod
++++ b/sslh.pod
+@@ -214,12 +214,11 @@ personality disorder).
+ 
+ =over 4
+ 
+-=item F</etc/init.d/sslh>
++=item F</usr/lib/systemd/system/sslh.service>
+ 
+-Start-up script. The standard actions B<start>, B<stop> and
+-B<restart> are supported.
++Systemd unit to control the daemon.
+ 
+-=item F</etc/default/sslh>
++=item F</etc/sysconfig/sslh>
+ 
+ Server configuration. These are environment variables
+ loaded by the start-up script and passed to B<sslh> as
diff --git a/sources b/sources
index e69de29..b8a1f96 100644
--- a/sources
+++ b/sources
@@ -0,0 +1 @@
+1fc3ada4bafaca5a9786cc1431f48ed4  sslh-v1.17.tar.gz
diff --git a/sslh.spec b/sslh.spec
new file mode 100644
index 0000000..f755e33
--- /dev/null
+++ b/sslh.spec
@@ -0,0 +1,95 @@
+%global _hardened_build 1
+
+Name:    sslh
+Version: 1.17
+Release: 1%{?dist}
+Summary: Applicative protocol(SSL/SSH) multiplexer
+License: GPLv2
+URL:     http://www.rutschle.net/tech/sslh.shtml
+Source0: http://www.rutschle.net/tech/%{name}-v%{version}.tar.gz
+Patch0:  patch0-sslh-sensible-fedora-defaults.patch
+
+BuildRequires: libconfig-devel
+BuildRequires: libcap-devel
+BuildRequires: tcp_wrappers-devel
+BuildRequires: systemd
+
+Requires(pre):    shadow-utils
+Requires(post):   systemd
+Requires(preun):  systemd
+Requires(postun): systemd
+
+%description
+sslh accepts connections on specified ports, and forwards them further
+based on tests performed on the first data packet sent by the remote
+client.
+
+Probes for HTTP, SSL, SSH, OpenVPN, tinc, XMPP are implemented, and
+any other protocol that can be tested using a regular expression, can
+be recognized. A typical use case is to allow serving several services
+on port 443 (e.g. to connect to ssh from inside a corporate firewall,
+which almost never block port 443) while still serving HTTPS on that port.
+
+Hence sslh acts as a protocol multiplexer, or a switchboard. Its name
+comes from its original function to serve SSH and HTTPS on the same port.
+
+
+%prep
+%setup -q -n %{name}-v%{version}
+%patch0 -p1
+
+%build
+./genver.sh >version.h
+make %{?_smp_mflags} USELIBWRAP=1 USELIBCAP=1 CFLAGS="%{optflags}" %{name}
+pod2man --section=8 --release=%{version} --center=" " %{name}.pod > %{name}.8
+iconv --from=ISO-8859-1 --to=UTF-8 ChangeLog > ChangeLog.conv && \
+touch -r ChangeLog ChangeLog.conv && \
+mv ChangeLog.conv ChangeLog
+
+%install
+mkdir -p %{buildroot}%{_sbindir}
+mkdir -p %{buildroot}%{_sysconfdir}
+mkdir -p %{buildroot}%{_pkgdocdir}
+mkdir -p %{buildroot}%{_mandir}/man8
+mkdir -p %{buildroot}%{_unitdir}
+cp -p %{name}-fork %{buildroot}%{_sbindir}/%{name}
+cp -p %{name}-select %{buildroot}%{_sbindir}/%{name}-select
+cp -p basic.cfg %{buildroot}/etc/%{name}.cfg
+cp -p {README.md,COPYING,ChangeLog} %{buildroot}%{_pkgdocdir}/
+cp -p %{name}.8 %{buildroot}%{_mandir}/man8/
+cp -p scripts/systemd.sslh.service %{buildroot}%{_unitdir}/%{name}.service
+
+
+%pre
+getent group %{name} >/dev/null || groupadd -r %{name}
+getent passwd %{name} >/dev/null || \
+    useradd -r -g %{name} -d /dev/null -s /sbin/nologin \
+    -c "SSLH daemon" %{name}
+exit 0
+
+%post
+%systemd_post sslh.service
+
+%preun
+%systemd_preun sslh.service
+
+%postun
+%systemd_postun_with_restart sslh.service 
+
+%files
+%dir %{_pkgdocdir}
+%doc %{_pkgdocdir}/README.md
+%license %{_pkgdocdir}/COPYING
+%doc %{_pkgdocdir}/ChangeLog
+%doc %{_mandir}/man8/%{name}.8*
+%attr(0755,root,root) %{_sbindir}/%{name}
+%attr(0755,root,root) %{_sbindir}/%{name}-select
+%{_unitdir}/%{name}.service
+%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/%{name}.cfg
+
+
+
+
+%changelog
+* Wed Mar 18 2015 James Hogarth <james.hogarth at gmail.com> - 1.17-1
+- Initial packaging of sslh 1.17
-- 
cgit v0.10.2


	http://pkgs.fedoraproject.org/cgit/sslh.git/commit/?h=f21&id=37d672beed21391f9277a39a1839bf9d0140a626

More information about the scm-commits mailing list