haproxy: add nossl variant

According to Issue #342 here is a proposal to add a nossl variant to that builts haproxy without ssl Add pending patch from upstream - [PATCH 14/14] MEDIUM: systemd-wrapper: support multiple executable Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
2014-09-23 10:45:03 +02:00 · 2014-09-23 10:45:03 +02:00 · 2e071aeaa8
parent 724053bd73
commit 2e071aeaa8
2 changed files with 147 additions and 9 deletions
--- a/net/haproxy/Makefile
+++ b/net/haproxy/Makefile
@ -10,30 +10,63 @@ include $(TOPDIR)/rules.mk

 PKG_NAME:=haproxy
 PKG_VERSION:=1.5.4
-PKG_RELEASE:=13
+PKG_RELEASE:=14
 PKG_SOURCE:=haproxy-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://haproxy.1wt.eu/download/1.5/src/
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
 PKG_MD5SUM:=b027035bfd8f28326634f802c3447a34
 PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>
 PKG_LICENSE:=GPL-2.0

 include $(INCLUDE_DIR)/package.mk

-define Package/haproxy
+define Package/haproxy/Default
  SUBMENU:=Web Servers/Proxies
  SECTION:=net
  CATEGORY:=Network
  TITLE:=The Reliable, High Performance TCP/HTTP Load Balancer
  URL:=http://haproxy.1wt.eu/
-  DEPENDS:=+libpcre +libltdl +libopenssl +zlib +libpthread
 endef

-define Package/haproxy/conffiles
+define Package/haproxy/Default/conffiles
 /etc/haproxy.cfg
 endef

+define Package/haproxy/Default/description
+ Open source Reliable, High Performance TCP/HTTP Load Balancer.
+endef
+
+define Package/haproxy
+  DEPENDS+= +libpcre +libltdl +zlib +libpthread +libopenssl
+  TITLE+= (with SSL support)
+  VARIANT:=ssl
+$(call Package/haproxy/Default)
+endef
+
+define Package/haproxy/conffiles
+$(call Package/haproxy/Default/conffiles)
+endef
+
 define Package/haproxy/description
-  Open source High Performance TCP/HTTP Load Balancer
+$(call Package/haproxy/Default/description)
+ This package is built with SSL support.
+endef
+
+define Package/haproxy-nossl
+  TITLE+= (without SSL support)
+  VARIANT:=nossl
+  DEPENDS+= +libpcre +libltdl +zlib +libpthread
+  TITLE+= (with SSL support)
+$(call Package/haproxy/Default)
+endef
+
+define Package/haproxy-nossl/conffiles
+$(call Package/haproxy/Default/conffiles)
+endef
+
+define Package/haproxy-nossl/description
+$(call Package/haproxy/Default/description)
+ This package is built without SSL support.
 endef

 ifeq ($(CONFIG_avr32),y)
@ -42,6 +75,18 @@ else
  LINUX_TARGET:=linux2628
 endif

+ifeq ($(BUILD_VARIANT),ssl)
+	ADDLIB:=-lcrypt
+	USE_OPENSSL=USE_OPENSSL=1
+else
+	ADDLIB:=
+	USE_OPENSSL=
+endif
+
+
+
+
+
 define Build/Compile
 	$(MAKE) TARGET=$(LINUX_TARGET) -C $(PKG_BUILD_DIR) \
 		DESTDIR="$(PKG_INSTALL_DIR)" \
@ -49,10 +94,10 @@ define Build/Compile
 		CFLAGS="$(TARGET_CFLAGS) -fno-align-jumps -fno-align-functions -fno-align-labels -fno-align-loops -pipe -fomit-frame-pointer -fhonour-copts" \
 		LD="$(TARGET_CC)" \
 		LDFLAGS="$(TARGET_LDFLAGS)" \
-		ADDLIB="-lcrypto" \
+		ADDLIB="$(ADDLIB)" \
 		PCREDIR="$(STAGING_DIR)/usr/include" \
 		SMALL_OPTS="-DBUFSIZE=16384 -DMAXREWRITE=1030 -DSYSTEM_MAXCONN=165530 " \
-		USE_LINUX_TPROXY=1 USE_LINUX_SPLICE=1 USE_REGPARM=1 USE_OPENSSL=1 \
+		USE_LINUX_TPROXY=1 USE_LINUX_SPLICE=1 USE_REGPARM=1 $(USE_OPENSSL) \
 		USE_ZLIB=yes USE_PCRE=1 \
 		VERSION="$(PKG_VERSION)-patch$(PKG_RELEASE)" \
 		install
@ -63,7 +108,7 @@ define Build/Compile
 		CFLAGS="$(TARGET_CFLAGS) -fno-align-jumps -fno-align-functions -fno-align-labels -fno-align-loops -pipe -fomit-frame-pointer -fhonour-copts" \
 		LD="$(TARGET_CC)" \
 		LDFLAGS="$(TARGET_LDFLAGS)" \
-		ADDLIB="-lcrypto" \
+		ADDLIB="$(ADDLIB)" \
 		VERSION="$(PKG_VERSION)-patch$(PKG_RELEASE)" \
 		halog
 endef
@ -79,9 +124,11 @@ define Package/haproxy/install
 	$(INSTALL_BIN) ./files/haproxy.hotplug $(1)/etc/hotplug.d/net/90-haproxy
 endef

+Package/haproxy-nossl/install = $(Package/haproxy/install)
+
 define Package/halog
 	MENU:=1
-	$(call Package/haproxy)
+	$(call Package/haproxy/Default)
 	TITLE+= halog
 	DEPENDS:=haproxy
 endef
@ -95,5 +142,6 @@ define Package/halog/install
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/contrib/halog/halog $(1)/usr/bin/
 endef

+$(eval $(call BuildPackage,haproxy-nossl))
 $(eval $(call BuildPackage,haproxy))
 $(eval $(call BuildPackage,halog))
--- a/net/haproxy/patches/0014-MEDIUM-systemd-wrapper-support-multiple-executable-v.patch
+++ b/net/haproxy/patches/0014-MEDIUM-systemd-wrapper-support-multiple-executable-v.patch
@ -0,0 +1,90 @@
+From afbfc27c0f2cac29e18f87b36335ea821c633b9d Mon Sep 17 00:00:00 2001
+From: Willy Tarreau <w@1wt.eu>
+Date: Fri, 19 Sep 2014 15:42:30 +0200
+Subject: [PATCH 14/14] MEDIUM: systemd-wrapper: support multiple executable
+ versions and names
+
+Having to use a hard-coded "haproxy" executable name next to the systemd
+wrapper is not always convenient, as it's sometimes desirable to run with
+multiple versions in parallel.
+
+Thus this patch performs a minor change to the wrapper : if the name ends
+with "-systemd-wrapper", then it trims that part off and what remains
+becomes the target haproxy executable. That makes it easy to have for
+example :
+
+     haproxy-1.5.4-systemd-wrapper      haproxy-1.5.4
+     haproxy-1.5.3-systemd-wrapper      haproxy-1.5.3
+
+and so on, in a same directory.
+
+This patch also fixes a rare bug caused by readlink() not adding the
+trailing zero and leaving possible existing contents, including possibly
+a randomly placed "/" which would make it unable to locate the correct
+binary. This case is not totally unlikely as I got a \177 a few times
+at the end of the executable names, so I could have got a '/' as well.
+
+Back-porting to 1.5 is desirable.
+(cherry picked from commit ceaf2aec1ec1612da461c61798e944693144bee9)
+---
+ src/haproxy-systemd-wrapper.c | 27 ++++++++++++++++++++++-----
+ 1 file changed, 22 insertions(+), 5 deletions(-)
+
+diff --git a/src/haproxy-systemd-wrapper.c b/src/haproxy-systemd-wrapper.c
+index cc8baa8..446f28f 100644
+--- a/src/haproxy-systemd-wrapper.c
+++ b/src/haproxy-systemd-wrapper.c
+@@ -28,20 +28,36 @@ static char *pid_file = "/run/haproxy.pid";
+ static int wrapper_argc;
+ static char **wrapper_argv;
+ 
+/* returns the path to the haproxy binary into <buffer>, whose size indicated
+ * in <buffer_size> must be at least 1 byte long.
+ */
+ static void locate_haproxy(char *buffer, size_t buffer_size)
+ {
+ 	char *end = NULL;
+	int len;
+
+	len = readlink("/proc/self/exe", buffer, buffer_size - 1);
+	if (len == -1)
+		goto fail;
+ 
+-	if (readlink("/proc/self/exe", buffer, buffer_size) > 0)
+-		end = strrchr(buffer, '/');
+	buffer[len] = 0;
+	end = strrchr(buffer, '/');
+	if (end == NULL)
+		goto fail;
+ 
+-	if (end == NULL) {
+-		strncpy(buffer, "/usr/sbin/haproxy", buffer_size);
+	if (strcmp(end + strlen(end) - 16, "-systemd-wrapper") == 0) {
+		end[strlen(end) - 16] = '\0';
+ 		return;
+ 	}
+
+ 	end[1] = '\0';
+ 	strncpy(end + 1, "haproxy", buffer + buffer_size - (end + 1));
+ 	buffer[buffer_size - 1] = '\0';
+	return;
+ fail:
+	strncpy(buffer, "/usr/sbin/haproxy", buffer_size);
+	buffer[buffer_size - 1] = '\0';
+	return;
+ }
+ 
+ static void spawn_haproxy(char **pid_strv, int nb_pid)
+@@ -54,7 +70,8 @@ static void spawn_haproxy(char **pid_strv, int nb_pid)
+ 	main_argc = wrapper_argc - 1;
+ 	main_argv = wrapper_argv + 1;
+ 
+-	pid = fork();
+	//pid = fork();
+	pid=0;
+ 	if (!pid) {
+ 		/* 3 for "haproxy -Ds -sf" */
+ 		char **argv = calloc(4 + main_argc + nb_pid + 1, sizeof(char *));
+-- 
+1.8.5.5
+