From: Christian Ruppert Date: Thu, 2 Apr 2020 13:09:47 +0000 (+0200) Subject: net-proxy/haproxy: Version bumps re CVE-2020-11100 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=950709ed744b74b0ffeabec4ed7847522b81c2aa;p=gentoo.git net-proxy/haproxy: Version bumps re CVE-2020-11100 Package-Manager: Portage-2.3.94, Repoman-2.3.21 Signed-off-by: Christian Ruppert --- diff --git a/net-proxy/haproxy/Manifest b/net-proxy/haproxy/Manifest index ad47564e3d40..b089c439e032 100644 --- a/net-proxy/haproxy/Manifest +++ b/net-proxy/haproxy/Manifest @@ -1,6 +1,10 @@ DIST haproxy-1.8.13.tar.gz 2063046 BLAKE2B 9ebccf2520719cdf209bc9a87bf28d015b5b673e0d017d5387af4025f930ac401f6a2cfa851583ffe6b6645b7b91ad255bb5db737688a1f310958072a11c8a80 SHA512 54d4cb0721a3868267d7e085b3d3bb050384e4279eb49e88abb925bb3ea8cc39ef9069bdc99b7b18a23fd22e0d29e24dfcb8a0507ddca9243a845e4418be9cc5 DIST haproxy-1.8.24.tar.gz 2178823 BLAKE2B 4b040133b22f78fa8c4cdbe04183c6ae6a70fb20703907c63b6437d441ba260a41cb2d6067833700a230553648152dde0cbd3a443f05ec7935ff76939db996ae SHA512 1c53c7f579ee7eb95c3e614441745c644e5cb5b00efb1da4db9b202e2ae58ffb331ce0b94da9fe5dd4db591c5a0995030739dd3f925f66bd5b9dcce70d6b6de6 +DIST haproxy-1.8.25.tar.gz 2184002 BLAKE2B d6ea39af0109eee679d87dde258038bbb38ccf12796b2e6a7172067fce6bd0f10485e2a3d89ca5b3596529db4e34d511bbb194b019c7403703cb636573b0438d SHA512 655eb4056989a3fee321ea9278a2085b0a999e522293f1f6229ebb8d17f3d33cb78abb4fd55a06d0218082e632b2d42de105575d0acd0c1b49996d4b45aa78e8 DIST haproxy-1.8.9.tar.gz 2057051 BLAKE2B d81d18f68a27ae8a77660c1ecb1dfc28599263ebfd57f25ea574af2b101b35eb7a1a89ba4034b55dfa89673ae6ac4c0dca5428b4b494a02184b1b157850ce96b SHA512 e59c29af3a39d6212f012ae8341b169436e10e42fadaf8f1aa68d2bb7ee181fd1fe3b74640bfcd8c37c17dfc5062b36bd69d90290d7c59cd3e4648ef2ab1c8dd DIST haproxy-1.9.14.tar.gz 2476753 BLAKE2B 3bf2b685b04b77fec6637b2c56e824681fe6fbd32de0b66a03fbdc9e71e52357b74eb315c17e72f345d255d9763b719c5d201f994a11c62e96f8f6e50208cb2e SHA512 ee0b0a994f25dff9538326c0e124e291a74a1381f9526352fe01317756ab59dfb523ee7968587f31883c59dabeb5b17effa699e65dbb67a4a18d094f32fab88a +DIST haproxy-1.9.15.tar.gz 2480346 BLAKE2B 9ebdef0cb038324b1cbe74198e73fd7f3adf5d1c6ec4000fb02e2640fe79e4b64257bfb5d6da5f1ee73486969a47e13f386313d1923893d290ef368775a08d79 SHA512 618799c9c9c5ce2c9e42aaf22abe6018d1071a72ce54273c330538007d44568a29f643d53e4861d26dbc4fc5acd1b927361948dfc1c846574d6183b6ae81429c DIST haproxy-2.0.13.tar.gz 2643134 BLAKE2B a14ff8488b6d187feea2b0ed81253392b4f26d546b602597bf7dc2802a2b4b2119d5769668cc0eeda1bf448d2f544ce3e456ef78af43719ab6a4c0e0829ab291 SHA512 b0a218e1cebd2c356e81605157d6cee9f448bad59172d31d9b67eb2bab4c72dbc32f48690d84c92faac8c47d8c22002b3a93af49b61a3e7bb97fcf3fa8fe081a +DIST haproxy-2.0.14.tar.gz 2651320 BLAKE2B dd5aed78e52b3d3dd295f3883d45adf8795efac93cf6c23fbe39be031f29d19adad0afb400e8041281413f4570bc074f06d9cd88bee672789311e56f57b258d0 SHA512 6b63b713a1009eff59a2622fa93462deb8794c910685840f142711a61be88ea228c7cb2ec7ca50bba0803288625e1a65b2d2f87ffbcedfd23debfbbbb5d96993 DIST haproxy-2.1.3.tar.gz 2675529 BLAKE2B be663fd629c001c1c91d6e3db5a8d940ed5ee674d5b886283284d2077ed8e0d13d295aeb376f6580131bdeb105c9d88f7afe367f2279d6c548d5888bd943e2b6 SHA512 4728c1177b2bba69465cbc56b1ed73a1b2d36891ba2d94d29bb49714ad98ccfac4b52947735aded211f0cd8070002f5406ddd77cabd2f8230b00438189dd7a60 +DIST haproxy-2.1.4.tar.gz 2684568 BLAKE2B 0618e069e6cf6fd20eb9fad0cfcb5ca1714d4001a794e20ce60d812741f4f65d44088c46599e4181cb79536566a940d748030552d0bd010ba14d1552cf7156f4 SHA512 fd029ac1ec877fa89a9410944439b66795b1392b6c8416aaa7978943170530c3826ba50ea706366f3f7785b7cffed58497cb362fc2480dd6920a99af4f920d98 diff --git a/net-proxy/haproxy/haproxy-1.8.25.ebuild b/net-proxy/haproxy/haproxy-1.8.25.ebuild new file mode 100644 index 000000000000..840825cd8eaf --- /dev/null +++ b/net-proxy/haproxy/haproxy-1.8.25.ebuild @@ -0,0 +1,169 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +[[ ${PV} == *9999 ]] && SCM="git-r3" +inherit user versionator toolchain-funcs flag-o-matic systemd linux-info $SCM + +MY_P="${PN}-${PV/_beta/-dev}" + +DESCRIPTION="A TCP/HTTP reverse proxy for high availability environments" +HOMEPAGE="http://www.haproxy.org" +if [[ ${PV} != *9999 ]]; then + SRC_URI="http://haproxy.1wt.eu/download/$(get_version_component_range 1-2)/src/${MY_P}.tar.gz" + KEYWORDS="~amd64 ~arm ~ppc ~x86" +else + EGIT_REPO_URI="http://git.haproxy.org/git/haproxy-$(get_version_component_range 1-2).git/" + EGIT_BRANCH=master +fi + +LICENSE="GPL-2 LGPL-2.1" +SLOT="0" +IUSE="+crypt doc examples libressl slz net_ns +pcre pcre-jit pcre2 pcre2-jit ssl +systemd +threads tools vim-syntax +zlib lua device-atlas 51degrees wurfl" +REQUIRED_USE="pcre-jit? ( pcre ) + pcre2-jit? ( pcre2 ) + pcre? ( !pcre2 ) + device-atlas? ( pcre ) + ?? ( slz zlib )" + +DEPEND=" + pcre? ( + dev-libs/libpcre + pcre-jit? ( dev-libs/libpcre[jit] ) + ) + pcre2? ( + dev-libs/libpcre + pcre2-jit? ( dev-libs/libpcre2[jit] ) + ) + ssl? ( + !libressl? ( dev-libs/openssl:0=[zlib?] ) + libressl? ( dev-libs/libressl:0= ) + ) + slz? ( dev-libs/libslz:= ) + zlib? ( sys-libs/zlib ) + lua? ( dev-lang/lua:5.3 ) + device-atlas? ( dev-libs/device-atlas-api-c )" +RDEPEND="${DEPEND}" + +S="${WORKDIR}/${MY_P}" + +DOCS=( CHANGELOG CONTRIBUTING MAINTAINERS README ) +CONTRIBS=( halog iprange ) +# ip6range is present in 1.6, but broken. +version_is_at_least 1.7.0 $PV && CONTRIBS+=( ip6range spoa_example tcploop ) +# TODO: mod_defender - requires apache / APR, modsecurity - the same +version_is_at_least 1.8.0 $PV && CONTRIBS+=( hpack ) + +haproxy_use() { + (( $# != 2 )) && die "${FUNCNAME} " + + usex "${1}" "USE_${2}=1" "USE_${2}=" +} + +pkg_setup() { + enewgroup haproxy + enewuser haproxy -1 -1 -1 haproxy + + if use net_ns; then + CONFIG_CHECK="~NET_NS" + linux-info_pkg_setup + fi +} + +src_compile() { + local -a args=( + TARGET=linux2628 + USE_GETADDRINFO=1 + USE_TFO=1 + ) + + # TODO: PCRE2_WIDTH? + args+=( $(haproxy_use threads THREAD) ) + args+=( $(haproxy_use crypt LIBCRYPT) ) + args+=( $(haproxy_use net_ns NS) ) + args+=( $(haproxy_use pcre PCRE) ) + args+=( $(haproxy_use pcre-jit PCRE_JIT) ) + args+=( $(haproxy_use ssl OPENSSL) ) + args+=( $(haproxy_use slz SLZ) ) + args+=( $(haproxy_use zlib ZLIB) ) + args+=( $(haproxy_use lua LUA) ) + args+=( $(haproxy_use 51degrees 51DEGREES) ) + args+=( $(haproxy_use device-atlas DEVICEATLAS) ) + args+=( $(haproxy_use wurfl WURFL) ) + args+=( $(haproxy_use systemd SYSTEMD) ) + + # For now, until the strict-aliasing breakage will be fixed + append-cflags -fno-strict-aliasing + + emake CFLAGS="${CFLAGS}" LDFLAGS="${LDFLAGS}" CC=$(tc-getCC) ${args[@]} + emake -C contrib/systemd SBINDIR=/usr/sbin + + if use tools ; then + for contrib in ${CONTRIBS[@]} ; do + emake -C contrib/${contrib} \ + CFLAGS="${CFLAGS}" OPTIMIZE="${CFLAGS}" LDFLAGS="${LDFLAGS}" CC=$(tc-getCC) ${args[@]} + done + fi +} + +src_install() { + dosbin haproxy + dosym ../sbin/haproxy /usr/bin/haproxy + + newconfd "${FILESDIR}/${PN}.confd" $PN + newinitd "${FILESDIR}/${PN}.initd-r6" $PN + + doman doc/haproxy.1 + + systemd_dounit contrib/systemd/haproxy.service + + einstalldocs + + # The errorfiles are used by upstream defaults. + insinto /etc/haproxy/errors/ + doins examples/errorfiles/* + + if use doc; then + dodoc ROADMAP doc/*.txt + #if use lua; then + # TODO: doc/lua-api/ + #fi + fi + + if use tools ; then + has halog "${CONTRIBS[@]}" && dobin contrib/halog/halog + has "iprange" "${CONTRIBS[@]}" && newbin contrib/iprange/iprange haproxy_iprange + has "ip6range" "${CONTRIBS[@]}" && newbin contrib/ip6range/ip6range haproxy_ip6range + has "spoa_example" "${CONTRIBS[@]}" && newbin contrib/spoa_example/spoa haproxy_spoa_example + has "spoa_example" "${CONTRIBS[@]}" && newdoc contrib/spoa_example/README README.spoa_example + has "tcploop" "${CONTRIBS[@]}" && newbin contrib/tcploop/tcploop haproxy_tcploop + has "hpack" "${CONTRIBS[@]}" && newbin contrib/hpack/gen-rht haproxy_hpack + fi + + if use examples ; then + docinto examples + dodoc examples/*.cfg + dodoc examples/seamless_reload.txt + fi + + if use vim-syntax ; then + insinto /usr/share/vim/vimfiles/syntax + doins examples/haproxy.vim + fi +} + +pkg_postinst() { + if [[ ! -f "${EROOT}/etc/haproxy/haproxy.cfg" ]] ; then + ewarn "You need to create /etc/haproxy/haproxy.cfg before you start the haproxy service." + ewarn "It's best practice to not run haproxy as root, user and group haproxy was therefore created." + ewarn "Make use of them with the \"user\" and \"group\" directives." + + if [[ -d "${EROOT}/usr/share/doc/${PF}" ]]; then + einfo "Please consult the installed documentation for learning the configuration file's syntax." + einfo "The documentation and sample configuration files are installed here:" + einfo " ${EROOT}usr/share/doc/${PF}" + fi + fi +} diff --git a/net-proxy/haproxy/haproxy-1.9.15.ebuild b/net-proxy/haproxy/haproxy-1.9.15.ebuild new file mode 100644 index 000000000000..9c532b354464 --- /dev/null +++ b/net-proxy/haproxy/haproxy-1.9.15.ebuild @@ -0,0 +1,173 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="7" + +[[ ${PV} == *9999 ]] && SCM="git-r3" +inherit user toolchain-funcs flag-o-matic systemd linux-info $SCM + +MY_P="${PN}-${PV/_beta/-dev}" + +DESCRIPTION="A TCP/HTTP reverse proxy for high availability environments" +HOMEPAGE="http://www.haproxy.org" +if [[ ${PV} != *9999 ]]; then + SRC_URI="http://haproxy.1wt.eu/download/$(ver_cut 1-2)/src/${MY_P}.tar.gz" + KEYWORDS="~amd64 ~arm ~ppc ~x86" +else + EGIT_REPO_URI="http://git.haproxy.org/git/haproxy-$(ver_cut 1-2).git/" + EGIT_BRANCH=master +fi + +LICENSE="GPL-2 LGPL-2.1" +SLOT="0" +IUSE="+crypt doc examples libressl slz net_ns +pcre pcre-jit pcre2 pcre2-jit ssl +systemd +threads tools vim-syntax +zlib lua device-atlas 51degrees wurfl" +REQUIRED_USE="pcre-jit? ( pcre ) + pcre2-jit? ( pcre2 ) + pcre? ( !pcre2 ) + device-atlas? ( pcre ) + ?? ( slz zlib )" + +DEPEND=" + pcre? ( + dev-libs/libpcre + pcre-jit? ( dev-libs/libpcre[jit] ) + ) + pcre2? ( + dev-libs/libpcre + pcre2-jit? ( dev-libs/libpcre2[jit] ) + ) + ssl? ( + !libressl? ( dev-libs/openssl:0=[zlib?] ) + libressl? ( dev-libs/libressl:0= ) + ) + slz? ( dev-libs/libslz:= ) + zlib? ( sys-libs/zlib ) + lua? ( dev-lang/lua:5.3 ) + device-atlas? ( dev-libs/device-atlas-api-c )" +RDEPEND="${DEPEND}" + +S="${WORKDIR}/${MY_P}" + +DOCS=( CHANGELOG CONTRIBUTING MAINTAINERS README ) +CONTRIBS=( halog iprange ) +# ip6range is present in 1.6, but broken. +ver_test $PV -ge 1.7.0 && CONTRIBS+=( ip6range spoa_example tcploop ) +# TODO: mod_defender - requires apache / APR, modsecurity - the same +ver_test $PV -ge 1.8.0 && CONTRIBS+=( hpack ) + +haproxy_use() { + (( $# != 2 )) && die "${FUNCNAME} " + + usex "${1}" "USE_${2}=1" "USE_${2}=" +} + +pkg_setup() { + enewgroup haproxy + enewuser haproxy -1 -1 -1 haproxy + + if use net_ns; then + CONFIG_CHECK="~NET_NS" + linux-info_pkg_setup + fi +} + +src_compile() { + local -a args=( + V=1 + TARGET=linux2628 + USE_GETADDRINFO=1 + USE_TFO=1 + ) + + # TODO: PCRE2_WIDTH? + args+=( $(haproxy_use threads THREAD) ) + args+=( $(haproxy_use crypt LIBCRYPT) ) + args+=( $(haproxy_use net_ns NS) ) + args+=( $(haproxy_use pcre PCRE) ) + args+=( $(haproxy_use pcre-jit PCRE_JIT) ) + args+=( $(haproxy_use pcre2 PCRE2) ) + args+=( $(haproxy_use pcre2-jit PCRE2_JIT) ) + args+=( $(haproxy_use ssl OPENSSL) ) + args+=( $(haproxy_use slz SLZ) ) + args+=( $(haproxy_use zlib ZLIB) ) + args+=( $(haproxy_use lua LUA) ) + args+=( $(haproxy_use 51degrees 51DEGREES) ) + args+=( $(haproxy_use device-atlas DEVICEATLAS) ) + args+=( $(haproxy_use wurfl WURFL) ) + args+=( $(haproxy_use systemd SYSTEMD) ) + + # For now, until the strict-aliasing breakage will be fixed + append-cflags -fno-strict-aliasing + + emake CFLAGS="${CFLAGS}" LDFLAGS="${LDFLAGS}" CC=$(tc-getCC) ${args[@]} + emake -C contrib/systemd SBINDIR=/usr/sbin + + if use tools ; then + for contrib in ${CONTRIBS[@]} ; do + # Those two includes are a workaround for hpack Makefile missing those + emake -C contrib/${contrib} \ + CFLAGS="${CFLAGS} -I../../include/ -I../../ebtree/" OPTIMIZE="${CFLAGS}" LDFLAGS="${LDFLAGS}" CC=$(tc-getCC) ${args[@]} + done + fi +} + +src_install() { + dosbin haproxy + dosym ../sbin/haproxy /usr/bin/haproxy + + newconfd "${FILESDIR}/${PN}.confd" $PN + newinitd "${FILESDIR}/${PN}.initd-r6" $PN + + doman doc/haproxy.1 + + systemd_dounit contrib/systemd/haproxy.service + + einstalldocs + + # The errorfiles are used by upstream defaults. + insinto /etc/haproxy/errors/ + doins examples/errorfiles/* + + if use doc; then + dodoc ROADMAP doc/*.txt + #if use lua; then + # TODO: doc/lua-api/ + #fi + fi + + if use tools ; then + has halog "${CONTRIBS[@]}" && dobin contrib/halog/halog + has "iprange" "${CONTRIBS[@]}" && newbin contrib/iprange/iprange haproxy_iprange + has "ip6range" "${CONTRIBS[@]}" && newbin contrib/ip6range/ip6range haproxy_ip6range + has "spoa_example" "${CONTRIBS[@]}" && newbin contrib/spoa_example/spoa haproxy_spoa_example + has "spoa_example" "${CONTRIBS[@]}" && newdoc contrib/spoa_example/README README.spoa_example + has "tcploop" "${CONTRIBS[@]}" && newbin contrib/tcploop/tcploop haproxy_tcploop + has "hpack" "${CONTRIBS[@]}" && newbin contrib/hpack/gen-rht haproxy_hpack + fi + + if use examples ; then + docinto examples + dodoc examples/*.cfg + dodoc examples/seamless_reload.txt + fi + + if use vim-syntax ; then + insinto /usr/share/vim/vimfiles/syntax + doins examples/haproxy.vim + fi +} + +pkg_postinst() { + if [[ ! -f "${EROOT}/etc/haproxy/haproxy.cfg" ]] ; then + ewarn "You need to create /etc/haproxy/haproxy.cfg before you start the haproxy service." + ewarn "It's best practice to not run haproxy as root, user and group haproxy was therefore created." + ewarn "Make use of them with the \"user\" and \"group\" directives." + + if [[ -d "${EROOT}/usr/share/doc/${PF}" ]]; then + einfo "Please consult the installed documentation for learning the configuration file's syntax." + einfo "The documentation and sample configuration files are installed here:" + einfo " ${EROOT}/usr/share/doc/${PF}" + fi + fi +} diff --git a/net-proxy/haproxy/haproxy-2.0.14.ebuild b/net-proxy/haproxy/haproxy-2.0.14.ebuild new file mode 100644 index 000000000000..9d63986726c7 --- /dev/null +++ b/net-proxy/haproxy/haproxy-2.0.14.ebuild @@ -0,0 +1,176 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="7" + +[[ ${PV} == *9999 ]] && SCM="git-r3" +inherit user toolchain-funcs flag-o-matic systemd linux-info $SCM + +MY_P="${PN}-${PV/_beta/-dev}" + +DESCRIPTION="A TCP/HTTP reverse proxy for high availability environments" +HOMEPAGE="http://www.haproxy.org" +if [[ ${PV} != *9999 ]]; then + SRC_URI="http://haproxy.1wt.eu/download/$(ver_cut 1-2)/src/${MY_P}.tar.gz" + KEYWORDS="~amd64 ~arm ~ppc ~x86" +else + EGIT_REPO_URI="http://git.haproxy.org/git/haproxy-$(ver_cut 1-2).git/" + EGIT_BRANCH=master +fi + +LICENSE="GPL-2 LGPL-2.1" +SLOT="0" +IUSE="+crypt doc examples libressl slz +net_ns +pcre pcre-jit pcre2 pcre2-jit prometheus-exporter +ssl systemd +threads tools vim-syntax +zlib lua device-atlas 51degrees wurfl" +REQUIRED_USE="pcre-jit? ( pcre ) + pcre2-jit? ( pcre2 ) + pcre? ( !pcre2 ) + device-atlas? ( pcre ) + ?? ( slz zlib )" + +DEPEND=" + pcre? ( + dev-libs/libpcre + pcre-jit? ( dev-libs/libpcre[jit] ) + ) + pcre2? ( + dev-libs/libpcre + pcre2-jit? ( dev-libs/libpcre2[jit] ) + ) + ssl? ( + !libressl? ( dev-libs/openssl:0=[zlib?] ) + libressl? ( dev-libs/libressl:0= ) + ) + slz? ( dev-libs/libslz:= ) + zlib? ( sys-libs/zlib ) + lua? ( dev-lang/lua:5.3 ) + device-atlas? ( dev-libs/device-atlas-api-c )" +RDEPEND="${DEPEND}" + +S="${WORKDIR}/${MY_P}" + +DOCS=( CHANGELOG CONTRIBUTING MAINTAINERS README ) +CONTRIBS=( halog iprange ) +# ip6range is present in 1.6, but broken. +ver_test $PV -ge 1.7.0 && CONTRIBS+=( ip6range spoa_example tcploop ) +# TODO: mod_defender - requires apache / APR, modsecurity - the same +ver_test $PV -ge 1.8.0 && CONTRIBS+=( hpack ) + +haproxy_use() { + (( $# != 2 )) && die "${FUNCNAME} " + + usex "${1}" "USE_${2}=1" "USE_${2}=" +} + +pkg_setup() { + enewgroup haproxy + enewuser haproxy -1 -1 -1 haproxy + + if use net_ns; then + CONFIG_CHECK="~NET_NS" + linux-info_pkg_setup + fi +} + +src_compile() { + local -a args=( + V=1 + TARGET=linux-glibc + ) + + # TODO: PCRE2_WIDTH? + args+=( $(haproxy_use threads THREAD) ) + args+=( $(haproxy_use crypt LIBCRYPT) ) + args+=( $(haproxy_use net_ns NS) ) + args+=( $(haproxy_use pcre PCRE) ) + args+=( $(haproxy_use pcre-jit PCRE_JIT) ) + args+=( $(haproxy_use pcre2 PCRE2) ) + args+=( $(haproxy_use pcre2-jit PCRE2_JIT) ) + args+=( $(haproxy_use ssl OPENSSL) ) + args+=( $(haproxy_use slz SLZ) ) + args+=( $(haproxy_use zlib ZLIB) ) + args+=( $(haproxy_use lua LUA) ) + args+=( $(haproxy_use 51degrees 51DEGREES) ) + args+=( $(haproxy_use device-atlas DEVICEATLAS) ) + args+=( $(haproxy_use wurfl WURFL) ) + args+=( $(haproxy_use systemd SYSTEMD) ) + + # For now, until the strict-aliasing breakage will be fixed + append-cflags -fno-strict-aliasing + + if use prometheus-exporter; then + EXTRA_OBJS="contrib/prometheus-exporter/service-prometheus.o" + fi + + # HAProxy really needs some of those "SPEC_CFLAGS", like -fno-strict-aliasing + emake CFLAGS="${CFLAGS} \$(SPEC_CFLAGS)" LDFLAGS="${LDFLAGS}" CC=$(tc-getCC) EXTRA_OBJS="${EXTRA_OBJS}" ${args[@]} + emake -C contrib/systemd SBINDIR=/usr/sbin + + if use tools ; then + for contrib in ${CONTRIBS[@]} ; do + # Those two includes are a workaround for hpack Makefile missing those + emake -C contrib/${contrib} \ + CFLAGS="${CFLAGS} -I../../include/ -I../../ebtree/" OPTIMIZE="${CFLAGS}" LDFLAGS="${LDFLAGS}" CC=$(tc-getCC) ${args[@]} + done + fi +} + +src_install() { + dosbin haproxy + dosym ../sbin/haproxy /usr/bin/haproxy + + newconfd "${FILESDIR}/${PN}.confd" $PN + newinitd "${FILESDIR}/${PN}.initd-r6" $PN + + doman doc/haproxy.1 + + systemd_dounit contrib/systemd/haproxy.service + + einstalldocs + + # The errorfiles are used by upstream defaults. + insinto /etc/haproxy/errors/ + doins examples/errorfiles/* + + if use doc; then + dodoc ROADMAP doc/*.txt + #if use lua; then + # TODO: doc/lua-api/ + #fi + fi + + if use tools ; then + has halog "${CONTRIBS[@]}" && dobin contrib/halog/halog + has "iprange" "${CONTRIBS[@]}" && newbin contrib/iprange/iprange haproxy_iprange + has "ip6range" "${CONTRIBS[@]}" && newbin contrib/ip6range/ip6range haproxy_ip6range + has "spoa_example" "${CONTRIBS[@]}" && newbin contrib/spoa_example/spoa haproxy_spoa_example + has "spoa_example" "${CONTRIBS[@]}" && newdoc contrib/spoa_example/README README.spoa_example + has "tcploop" "${CONTRIBS[@]}" && newbin contrib/tcploop/tcploop haproxy_tcploop + has "hpack" "${CONTRIBS[@]}" && newbin contrib/hpack/gen-rht haproxy_hpack + fi + + if use examples ; then + docinto examples + dodoc examples/*.cfg + dodoc doc/seamless_reload.txt + fi + + if use vim-syntax ; then + insinto /usr/share/vim/vimfiles/syntax + doins contrib/syntax-highlight/haproxy.vim + fi +} + +pkg_postinst() { + if [[ ! -f "${EROOT}/etc/haproxy/haproxy.cfg" ]] ; then + ewarn "You need to create /etc/haproxy/haproxy.cfg before you start the haproxy service." + ewarn "It's best practice to not run haproxy as root, user and group haproxy was therefore created." + ewarn "Make use of them with the \"user\" and \"group\" directives." + + if [[ -d "${EROOT}/usr/share/doc/${PF}" ]]; then + einfo "Please consult the installed documentation for learning the configuration file's syntax." + einfo "The documentation and sample configuration files are installed here:" + einfo " ${EROOT}/usr/share/doc/${PF}" + fi + fi +} diff --git a/net-proxy/haproxy/haproxy-2.1.4.ebuild b/net-proxy/haproxy/haproxy-2.1.4.ebuild new file mode 100644 index 000000000000..9d63986726c7 --- /dev/null +++ b/net-proxy/haproxy/haproxy-2.1.4.ebuild @@ -0,0 +1,176 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="7" + +[[ ${PV} == *9999 ]] && SCM="git-r3" +inherit user toolchain-funcs flag-o-matic systemd linux-info $SCM + +MY_P="${PN}-${PV/_beta/-dev}" + +DESCRIPTION="A TCP/HTTP reverse proxy for high availability environments" +HOMEPAGE="http://www.haproxy.org" +if [[ ${PV} != *9999 ]]; then + SRC_URI="http://haproxy.1wt.eu/download/$(ver_cut 1-2)/src/${MY_P}.tar.gz" + KEYWORDS="~amd64 ~arm ~ppc ~x86" +else + EGIT_REPO_URI="http://git.haproxy.org/git/haproxy-$(ver_cut 1-2).git/" + EGIT_BRANCH=master +fi + +LICENSE="GPL-2 LGPL-2.1" +SLOT="0" +IUSE="+crypt doc examples libressl slz +net_ns +pcre pcre-jit pcre2 pcre2-jit prometheus-exporter +ssl systemd +threads tools vim-syntax +zlib lua device-atlas 51degrees wurfl" +REQUIRED_USE="pcre-jit? ( pcre ) + pcre2-jit? ( pcre2 ) + pcre? ( !pcre2 ) + device-atlas? ( pcre ) + ?? ( slz zlib )" + +DEPEND=" + pcre? ( + dev-libs/libpcre + pcre-jit? ( dev-libs/libpcre[jit] ) + ) + pcre2? ( + dev-libs/libpcre + pcre2-jit? ( dev-libs/libpcre2[jit] ) + ) + ssl? ( + !libressl? ( dev-libs/openssl:0=[zlib?] ) + libressl? ( dev-libs/libressl:0= ) + ) + slz? ( dev-libs/libslz:= ) + zlib? ( sys-libs/zlib ) + lua? ( dev-lang/lua:5.3 ) + device-atlas? ( dev-libs/device-atlas-api-c )" +RDEPEND="${DEPEND}" + +S="${WORKDIR}/${MY_P}" + +DOCS=( CHANGELOG CONTRIBUTING MAINTAINERS README ) +CONTRIBS=( halog iprange ) +# ip6range is present in 1.6, but broken. +ver_test $PV -ge 1.7.0 && CONTRIBS+=( ip6range spoa_example tcploop ) +# TODO: mod_defender - requires apache / APR, modsecurity - the same +ver_test $PV -ge 1.8.0 && CONTRIBS+=( hpack ) + +haproxy_use() { + (( $# != 2 )) && die "${FUNCNAME} " + + usex "${1}" "USE_${2}=1" "USE_${2}=" +} + +pkg_setup() { + enewgroup haproxy + enewuser haproxy -1 -1 -1 haproxy + + if use net_ns; then + CONFIG_CHECK="~NET_NS" + linux-info_pkg_setup + fi +} + +src_compile() { + local -a args=( + V=1 + TARGET=linux-glibc + ) + + # TODO: PCRE2_WIDTH? + args+=( $(haproxy_use threads THREAD) ) + args+=( $(haproxy_use crypt LIBCRYPT) ) + args+=( $(haproxy_use net_ns NS) ) + args+=( $(haproxy_use pcre PCRE) ) + args+=( $(haproxy_use pcre-jit PCRE_JIT) ) + args+=( $(haproxy_use pcre2 PCRE2) ) + args+=( $(haproxy_use pcre2-jit PCRE2_JIT) ) + args+=( $(haproxy_use ssl OPENSSL) ) + args+=( $(haproxy_use slz SLZ) ) + args+=( $(haproxy_use zlib ZLIB) ) + args+=( $(haproxy_use lua LUA) ) + args+=( $(haproxy_use 51degrees 51DEGREES) ) + args+=( $(haproxy_use device-atlas DEVICEATLAS) ) + args+=( $(haproxy_use wurfl WURFL) ) + args+=( $(haproxy_use systemd SYSTEMD) ) + + # For now, until the strict-aliasing breakage will be fixed + append-cflags -fno-strict-aliasing + + if use prometheus-exporter; then + EXTRA_OBJS="contrib/prometheus-exporter/service-prometheus.o" + fi + + # HAProxy really needs some of those "SPEC_CFLAGS", like -fno-strict-aliasing + emake CFLAGS="${CFLAGS} \$(SPEC_CFLAGS)" LDFLAGS="${LDFLAGS}" CC=$(tc-getCC) EXTRA_OBJS="${EXTRA_OBJS}" ${args[@]} + emake -C contrib/systemd SBINDIR=/usr/sbin + + if use tools ; then + for contrib in ${CONTRIBS[@]} ; do + # Those two includes are a workaround for hpack Makefile missing those + emake -C contrib/${contrib} \ + CFLAGS="${CFLAGS} -I../../include/ -I../../ebtree/" OPTIMIZE="${CFLAGS}" LDFLAGS="${LDFLAGS}" CC=$(tc-getCC) ${args[@]} + done + fi +} + +src_install() { + dosbin haproxy + dosym ../sbin/haproxy /usr/bin/haproxy + + newconfd "${FILESDIR}/${PN}.confd" $PN + newinitd "${FILESDIR}/${PN}.initd-r6" $PN + + doman doc/haproxy.1 + + systemd_dounit contrib/systemd/haproxy.service + + einstalldocs + + # The errorfiles are used by upstream defaults. + insinto /etc/haproxy/errors/ + doins examples/errorfiles/* + + if use doc; then + dodoc ROADMAP doc/*.txt + #if use lua; then + # TODO: doc/lua-api/ + #fi + fi + + if use tools ; then + has halog "${CONTRIBS[@]}" && dobin contrib/halog/halog + has "iprange" "${CONTRIBS[@]}" && newbin contrib/iprange/iprange haproxy_iprange + has "ip6range" "${CONTRIBS[@]}" && newbin contrib/ip6range/ip6range haproxy_ip6range + has "spoa_example" "${CONTRIBS[@]}" && newbin contrib/spoa_example/spoa haproxy_spoa_example + has "spoa_example" "${CONTRIBS[@]}" && newdoc contrib/spoa_example/README README.spoa_example + has "tcploop" "${CONTRIBS[@]}" && newbin contrib/tcploop/tcploop haproxy_tcploop + has "hpack" "${CONTRIBS[@]}" && newbin contrib/hpack/gen-rht haproxy_hpack + fi + + if use examples ; then + docinto examples + dodoc examples/*.cfg + dodoc doc/seamless_reload.txt + fi + + if use vim-syntax ; then + insinto /usr/share/vim/vimfiles/syntax + doins contrib/syntax-highlight/haproxy.vim + fi +} + +pkg_postinst() { + if [[ ! -f "${EROOT}/etc/haproxy/haproxy.cfg" ]] ; then + ewarn "You need to create /etc/haproxy/haproxy.cfg before you start the haproxy service." + ewarn "It's best practice to not run haproxy as root, user and group haproxy was therefore created." + ewarn "Make use of them with the \"user\" and \"group\" directives." + + if [[ -d "${EROOT}/usr/share/doc/${PF}" ]]; then + einfo "Please consult the installed documentation for learning the configuration file's syntax." + einfo "The documentation and sample configuration files are installed here:" + einfo " ${EROOT}/usr/share/doc/${PF}" + fi + fi +}