-
Notifications
You must be signed in to change notification settings - Fork 6
/
yass.spec.in
450 lines (417 loc) · 15.4 KB
/
yass.spec.in
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
# lto is handled with cmakelists.txt internally
# with flag -DENABLE_LTO
%global _lto_cflags %nil
%if 0%{?fedora} || 0%{?rhel}
%global cmake_alias cmake3
%else
%global cmake_alias cmake
%endif
# on centos, nghttp2 sits in epel repo
%if 0%{?fedora} || 0%{?sle_version}
%global enable_system_nghttp2_opt on
%else
%global enable_system_nghttp2_opt off
%endif
# on centos, mbedtls sits in epel repo
%if 0%{?fedora} || 0%{?sle_version}
%global enable_system_mbedtls_opt on
%else
%global enable_system_mbedtls_opt off
%endif
# requires nlohman json
%if 0%{?fedora}
%global enable_system_json_opt on
%else
%global enable_system_json_opt off
%endif
# test failed in copr
%bcond_with tests_dns
%if !%{with tests_dns}
%global yass_test_opt --no_cares_tests --no_doh_tests --no_dot_tests
%else
%global yass_test_opt %nil
%endif
# requires recent version of c-ares
%if 0%{?fedora}
%global enable_system_cares_opt on
%else
%global enable_system_cares_opt off
%endif
# libc++ is only built with clang now
%bcond_with toolchain_clang
%if %{with toolchain_clang}
%global _clang_extra_ldflags %nil
%global toolchain clang
%global enable_libcxx_opt on
%else
%global toolchain gcc
%global enable_libcxx_opt off
%endif
# on centos 8, gperftools sits in epel repo
# and it is not compatible with custom libc++
%if 0%{?fedora} && !%{with toolchain_clang}
%global enable_system_gperftools_opt on
%else
%global enable_system_gperftools_opt off
%endif
# lld is forced to be enabled if you are using external toolchain and so
%bcond_with disable_lld
%if %{with disable_lld}
%global enable_lld_opt off
%else
%global enable_lld_opt on
%endif
# force use old systemd unit files
%if 0%{?rhel} == 7
%global use_old_systemd_service on
%else
%global use_old_systemd_service off
%endif
Name: yass
Version: __VERSION__
Release: __SUBVERSION__%{?dist}
Summary: Lightweight and Secure http/socks4/socks5 Proxy
# fedora supports spdx license
# see /etc/xdg/rpmlint/fedora-spdx-licenses.toml
%if 0%{?fedora} || 0%{?sle_version}
License: GPL-2.0-only
%else
# old distributions don't
# see https://github.com/rpm-software-management/rpmlint/blob/main/configs/Fedora/licenses.toml
License: GPLv2
%endif
URL: https://github.com/Chilledheart/%{name}
Source0: %{url}/releases/download/%{version}/%{name}-%{version}.tar.gz
%if 0%{?rhel} == 9 || 0%{?fedora} || 0%{?sle_version}
BuildRequires: gtk4-devel
%else
BuildRequires: gtk3-devel
%endif
%if 0%{?rhel} < 9 || 0%{?fedora} || 0%{?sle_version}
BuildRequires: perl
%endif
%if 0%{?rhel} >= 8 || 0%{?fedora} || 0%{?sle_version}
BuildRequires: cmake >= 3.12, pkg-config
%endif
%if 0%{?rhel} == 7
BuildRequires: cmake3 >= 3.12, pkgconfig
%endif
%if 0%{?fedora}
BuildRequires: clang, lld
BuildRequires: c-ares-devel
%endif
%if 0%{?fedora} || 0%{?sle_version}
BuildRequires: mbedtls-devel
%endif
%if 0%{?fedora} && !%{with toolchain_clang}
BuildRequires: gperftools-devel
%endif
%if 0%{?fedora}
BuildRequires: json-devel
%endif
BuildRequires: zlib-devel
%if 0%{?fedora} || 0%{?sle_version}
BuildRequires: libnghttp2-devel
%endif
BuildRequires: gcc, gcc-c++, golang >= 1.4
%if 0%{?sle_version}
BuildRequires: ninja
%else
BuildRequires: ninja-build
%endif
BuildRequires: glib2-devel
BuildRequires: curl-devel
BuildRequires: desktop-file-utils
BuildRequires: systemd
Requires: hicolor-icon-theme
Requires: ca-certificates
# required by opensuse
%if 0%{?sle_version}
%debug_package
%endif
%description
yass is a lightweight and secure http/socks proxy
for embedded devices and low end boxes.
%prep
%setup -q -n %{name}-%{version}
%build
mkdir build
cd build
# old c-ares doesn't contain ares_getaddrinfo api
%cmake_alias -G Ninja -DCMAKE_BUILD_TYPE=Release \
-DBUILD_BENCHMARKS=on -DBUILD_TESTS=on -DGUI=on -DCLI=on -DSERVER=on \
-DUSE_OLD_SYSTEMD_SERVICE="%use_old_systemd_service" \
-DUSE_TCMALLOC=on -DUSE_SYSTEM_TCMALLOC="%enable_system_gperftools_opt" \
-DUSE_SYSTEM_ZLIB=on \
-DUSE_SYSTEM_NGHTTP2="%enable_system_nghttp2_opt" \
-DUSE_SYSTEM_MBEDTLS="%enable_system_mbedtls_opt" \
-DUSE_SYSTEM_JSON="%enable_system_json_opt" \
-DUSE_SYSTEM_CARES="%enable_system_cares_opt" -DUSE_LIBCXX="%enable_libcxx_opt" \
-DENABLE_LLD="%enable_lld_opt" -DUSE_BUILTIN_CA_BUNDLE_CRT=off ..
ninja
cd ..
%check
cd build
./yass_test %yass_test_opt
./yass_benchmark
cd ..
%install
echo "Toolchain is %toolchain"
cd build
%cmake_alias -DCMAKE_INSTALL_PREFIX=%{buildroot}/usr -DCMAKE_INSTALL_SYSCONFDIR=%{buildroot}/etc ..
rm -rf %{buildroot}
ninja install
rm -rf %{buildroot}/%{_datadir}/doc
cd ..
desktop-file-validate %{buildroot}%{_datadir}/applications/it.gui.yass.desktop
%find_lang %{name}
%post
update-desktop-database
%files -f %{name}.lang
%defattr(-,root,root)
%license build/LICENSE
%dir /usr/share/icons/hicolor/
%dir /usr/share/applications/
%dir /usr/share/pixmaps/
%{_bindir}/yass
%{_datadir}/applications/it.gui.yass.desktop
%{_datadir}/pixmaps/yass.png
%{_datadir}/icons/hicolor/16x16/apps/yass.png
%{_datadir}/icons/hicolor/22x22/apps/yass.png
%{_datadir}/icons/hicolor/24x24/apps/yass.png
%{_datadir}/icons/hicolor/32x32/apps/yass.png
%{_datadir}/icons/hicolor/48x48/apps/yass.png
%{_datadir}/icons/hicolor/128x128/apps/yass.png
%{_datadir}/icons/hicolor/256x256/apps/yass.png
%{_datadir}/icons/hicolor/512x512/apps/yass.png
%package server
Summary: Lightweight and Secure http/socks4/socks5 Proxy (Server Side)
%description server
yass is a lightweight and secure http/socks proxy
for embedded devices and low end boxes.
%files server
%defattr(-,root,root)
%{_bindir}/yass_server
%{_sysconfdir}/yass/server.json
%{_unitdir}/yass-server.service
%dir /usr/share/man/man1/
%{_mandir}/man1/yass_server.1*
%post server
%systemd_post yass-server.service
%preun server
%systemd_preun yass-server.service
%postun server
%systemd_postun_with_restart yass-server.service
%package client
Summary: Lightweight and Secure http/socks4/socks5 Proxy (Client Side)
%description client
yass is a lightweight and secure http/socks proxy
for embedded devices and low end boxes.
%files client
%defattr(-,root,root)
%{_bindir}/yass_cli
%{_sysconfdir}/yass/config.json
%{_sysconfdir}/yass/redir.json
%{_unitdir}/yass.service
%{_unitdir}/yass-redir.service
%dir /usr/share/man/man1/
%{_mandir}/man1/yass_cli.1*
%post client
%systemd_post yass.service
%systemd_post yass-redir.service
%preun client
%systemd_preun yass.service
%systemd_preun yass-redir.service
%postun client
%systemd_postun_with_restart yass.service
%systemd_postun_with_restart yass-redir.service
%changelog
* Sun May 26 2024 Chilledheart <keeyou-cn@outlook.com> - 1.10.3-1
- net: support https protocol via caddy.
* Thu May 23 2024 Chilledheart <keeyou-cn@outlook.com> - 1.10.2-1
- net: reduce memory footprint peak and cpu peak.
* Sun May 19 2024 Chilledheart <keeyou-cn@outlook.com> - 1.10.1-1
- net: improve buffer to 16k.
- net: improve http2 send performance.
- net: miscs fixes.
* Wed May 15 2024 Chilledheart <keeyou-cn@outlook.com> - 1.10.0-1
- bump to chromium 126 dependents.
- net: support socks4/socks4a/socks5/socks5h cipher.
* Tue May 7 2024 Chilledheart <keeyou-cn@outlook.com> - 1.9.5-1
- ui: provide an option to turn on post quantum kyber.
* Mon May 6 2024 Chilledheart <keeyou-cn@outlook.com> - 1.9.4-1
- ui: provide an option to turn on post quantum kyber.
* Wed May 1 2024 Chilledheart <keeyou-cn@outlook.com> - 1.9.3-1
- bump to chromium 125 dependents (clang).
- ca-certificates: update for 20240203.3.98 release.
* Mon Apr 29 2024 Chilledheart <keeyou-cn@outlook.com> - 1.9.2-1
- net: fix broken --certificate_chain_file flag
* Fri Apr 19 2024 Chilledheart <keeyou-cn@outlook.com> - 1.9.1-1
- net: fix cve-2024-32475
* Tue Apr 16 2024 Chilledheart <keeyou-cn@outlook.com> - 1.9.0-1
- bump to chromium 125 dependents.
* Mon Apr 8 2024 Chilledheart <keeyou-cn@outlook.com> - 1.8.3-1
- net: add dot support
* Fri Apr 5 2024 Chilledheart <keeyou-cn@outlook.com> - 1.8.2-1
- fix (nghttp2) CVE-2024-30255
* Tue Mar 26 2024 Chilledheart <keeyou-cn@outlook.com> - 1.8.1-1
- bump to chromium 124 dependents.
- miscellaneous fixes
* Wed Mar 20 2024 Chilledheart <keeyou-cn@outlook.com> - 1.8.0-1
- bump to chromium 124 dependents.
* Mon Mar 18 2024 Chilledheart <keeyou-cn@outlook.com> - 1.7.5-1
- net: add doh support
* Sun Mar 17 2024 Chilledheart <keeyou-cn@outlook.com> - 1.7.4-1
- net: add doh support
* Thu Mar 7 2024 Chilledheart <keeyou-cn@outlook.com> - 1.7.3-1
- c-ares: fix CVE-2024-25629
* Thu Mar 7 2024 Chilledheart <keeyou-cn@outlook.com> - 1.7.2-1
- c-ares: fix CVE-2024-25629
* Sat Feb 24 2024 Chilledheart <keeyou-cn@outlook.com> - 1.7.1-1
- cli: turn off redir mode by default
* Tue Feb 20 2024 Chilledheart <keeyou-cn@outlook.com> - 1.7.0-1
- bump to chromium 123 dependents.
* Thu Feb 15 2024 Chilledheart <keeyou-cn@outlook.com> - 1.6.4-1
- ssl: add supplementary ca bundle support.
* Sun Feb 4 2024 Chilledheart <keeyou-cn@outlook.com> - 1.6.3-1
- bump to chromium 122 dependents.
* Wed Jan 31 2024 Chilledheart <keeyou-cn@outlook.com> - 1.6.2-1
- bump to chromium 122 dependents.
* Wed Jan 24 2024 Chilledheart <keeyou-cn@outlook.com> - 1.6.1-1
- bump to chromium 122 dependents.
* Fri Jan 19 2024 Chilledheart <keeyou-cn@outlook.com> - 1.6.0-1
- bump to chromium 122 dependents.
* Thu Jan 18 2024 Chilledheart <keeyou-cn@outlook.com> - 1.5.20-1
- ca-certificates: update for 20230311.3.95 release.
* Tue Jan 16 2024 Chilledheart <keeyou-cn@outlook.com> - 1.5.19-1
- gtk: quote the exec entry in autostart.
* Fri Jan 12 2024 Chilledheart <keeyou-cn@outlook.com> - 1.5.18-1
- net: code refactor.
* Thu Jan 11 2024 Chilledheart <keeyou-cn@outlook.com> - 1.5.17-1
- c-ares: defer c-ares init.
* Wed Jan 10 2024 Chilledheart <keeyou-cn@outlook.com> - 1.5.16-1
- c-ares: defer c-ares init.
* Wed Jan 10 2024 Chilledheart <keeyou-cn@outlook.com> - 1.5.15-1
- gcc: fix lto build under gold.
- rpm: handle systemd scriptlet operations.
* Mon Jan 8 2024 Chilledheart <keeyou-cn@outlook.com> - 1.5.14-1
- ssl: enable client-side ssl session cache.
- ssl: deduplicate all ceritificates.
* Sun Jan 7 2024 Chilledheart <keeyou-cn@outlook.com> - 1.5.13-1
- gtk: add server sni support.
* Sun Jan 7 2024 Chilledheart <keeyou-cn@outlook.com> - 1.5.12-1
- gtk: add server sni support.
* Sat Jan 6 2024 Chilledheart <keeyou-cn@outlook.com> - 1.5.11-1
- gtk: add server sni support.
* Fri Jan 5 2024 Chilledheart <keeyou-cn@outlook.com> - 1.5.10-1
- gtk: add server sni support.
* Wed Jan 3 2024 Chilledheart <keeyou-cn@outlook.com> - 1.5.9-1
- ca-certificates: load symbolic link as cert files.
* Wed Jan 3 2024 Chilledheart <keeyou-cn@outlook.com> - 1.5.8-1
- ca-certificates: load symbolic link as cert files.
* Wed Dec 27 2023 Chilledheart <keeyou-cn@outlook.com> - 1.5.7-1
- ca-certificates: update for 20230311.3.93 release.
* Tue Dec 19 2023 Chilledheart <keeyou-cn@outlook.com> - 1.5.6-1
- man: add yass_cli and yass_server man pages.
* Thu Dec 14 2023 Chilledheart <keeyou-cn@outlook.com> - 1.5.5-1
- ssl: use builtin ca bundle if system keystore fails.
* Wed Dec 13 2023 Chilledheart <keeyou-cn@outlook.com> - 1.5.4-1
- Fix bad F_SETFD calls.
- gtk: update desktop database.
* Fri Dec 8 2023 Chilledheart <keeyou-cn@outlook.com> - 1.5.3-1
- Fix linux thread name setting.
* Tue Dec 5 2023 Chilledheart <keeyou-cn@outlook.com> - 1.5.2-1
- Bump to chromium 121 dependents (updated).
- Fix RPM releases.
* Mon Dec 4 2023 Chilledheart <keeyou-cn@outlook.com> - 1.5.1-1
- Bump to chromium 121 dependents.
- Fix use cached configuration issue.
- Fix crash in resume from previous failure.
* Mon Dec 4 2023 Chilledheart <keeyou-cn@outlook.com> - 1.5.0-1
- New major release.
* Sat Dec 2 2023 Chilledheart <keeyou-cn@outlook.com> - 1.4.12-1
- Fix bad F_SETFD calls.
- gtk: update desktop database.
* Sat Dec 2 2023 Chilledheart <keeyou-cn@outlook.com> - 1.4.11-1
- Bump Clang.
- Fix use cached configuration issue.
- Fix crash in resume from previous failure.
* Sat Dec 2 2023 Chilledheart <keeyou-cn@outlook.com> - 1.4.10-1
- Bump Clang and Abseil-Cpp.
- Use tcmalloc be default.
- Misc fixes.
* Thu Nov 16 2023 Chilledheart <keeyou-cn@outlook.com> - 1.4.9-1
- Fix startup failure on the first try since version 1.4.5.
* Thu Nov 16 2023 Chilledheart <keeyou-cn@outlook.com> - 1.4.8-1
- Some trivial changes.
* Mon Nov 6 2023 Chilledheart <keeyou-cn@outlook.com> - 1.4.7-1
- Bump to chromium 120 dependents.
* Mon Oct 23 2023 Chilledheart <keeyou-cn@outlook.com> - 1.4.6-1
- Better handling with SIGTERM signal.
- Bump to chromium 119 dependents.
* Thu Oct 5 2023 Chilledheart <keeyou-cn@outlook.com> - 1.4.5-1
- Some trivial changes.
* Wed Sep 20 2023 Chilledheart <keeyou-cn@outlook.com> - 1.4.4-1
- Add chinese translation (GTK4).
* Mon Sep 18 2023 Chilledheart <keeyou-cn@outlook.com> - 1.4.3-1
- Add chinese translation.
* Fri Sep 15 2023 Chilledheart <keeyou-cn@outlook.com> - 1.4.2-1
- New minor release.
* Thu Sep 14 2023 Chilledheart <keeyou-cn@outlook.com> - 1.4.1-1
- Bump to chromium 118 dependents.
* Thu Aug 24 2023 Chilledheart <keeyou-cn@outlook.com> - 1.4.0-1
- New major release.
* Thu Aug 24 2023 Chilledheart <keeyou-cn@outlook.com> - 1.3.15-1
- Add support for legacy shadowsocks stream ciphers.
- Bump to chromium 117 dependents.
* Fri Aug 11 2023 Chilledheart <keeyou-cn@outlook.com> - 1.3.14-1
- Prepare for downstream build.
* Wed Aug 9 2023 Chilledheart <keeyou-cn@outlook.com> - 1.3.13-1
- Prepare for downstream build.
* Wed Aug 9 2023 Chilledheart <keeyou-cn@outlook.com> - 1.3.12-1
- Prepare for downstream build.
* Sat Aug 5 2023 Chilledheart <keeyou-cn@outlook.com> - 1.3.11-1
- Add system proxy support.
* Sun Jul 30 2023 Chilledheart <keeyou-cn@outlook.com> - 1.3.10-1
- New bug-fix release.
* Sat Jul 22 2023 Chilledheart <keeyou-cn@outlook.com> - 1.3.9-1
- Bump to chromium 116 dependents.
- server: fix crash in hostname tlsext handling.
* Sun Jul 16 2023 Chilledheart <keeyou-cn@outlook.com> - 1.3.8-1
- CVE/http: Fix memory leak in nghttp2 codec.
* Thu Jul 13 2023 Chilledheart <keeyou-cn@outlook.com> - 1.3.7-1
- More complete IPv6 support.
* Tue Jul 4 2023 Chilledheart <keeyou-cn@outlook.com> - 1.3.6-1
- Improvement of performance over http2 (client).
* Sun Jul 2 2023 Chilledheart <keeyou-cn@outlook.com> - 1.3.5-1
- New bug-fix release.
* Fri May 26 2023 Chilledheart <keeyou-cn@outlook.com> - 1.3.4-1
- New bug-fix release.
* Fri May 26 2023 Chilledheart <keeyou-cn@outlook.com> - 1.3.3-1
- New bug-fix release.
* Wed Apr 26 2023 Chilledheart <keeyou-cn@outlook.com> - 1.3.2-1
- New bug-fix release.
* Sun Apr 2 2023 Chilledheart <keeyou-cn@outlook.com> - 1.3.1-1
- New bug-fix release.
* Mon Mar 13 2023 Chilledheart <keeyou-cn@outlook.com> - 1.3.0-1
- New HTTP TLS Implementation.
* Wed Mar 8 2023 Chilledheart <keeyou-cn@outlook.com> - 1.2.7-1
- New bug-fix release.
* Wed Mar 1 2023 Chilledheart <keeyou-cn@outlook.com> - 1.2.6-1
- New bug-fix release.
* Thu Feb 16 2023 Chilledheart <keeyou-cn@outlook.com> - 1.2.5-1
- New bug-fix release.
* Sat Feb 11 2023 Chilledheart <keeyou-cn@outlook.com> - 1.2.4-1
- New bug-fix release.
* Fri Feb 10 2023 Chilledheart <keeyou-cn@outlook.com> - 1.2.3-1
- New bug-fix release.
* Wed Feb 8 2023 Chilledheart <keeyou-cn@outlook.com> - 1.2.2-1
- New bug-fix release.
* Fri Feb 3 2023 Chilledheart <keeyou-cn@outlook.com> - 1.2.1-1
- New bug-fix release.
* Sun Jan 29 2023 Chilledheart <keeyou-cn@outlook.com> - 1.2.0-1
- New HTTP2 Tunnel Proxy Support.
* Tue Jan 10 2023 Chilledheart <keeyou-cn@outlook.com> - 1.1.0-1
- New bug-fix release.
* Sat Jan 22 2022 Chilledheart <keeyou-cn@outlook.com> - 1.0.0-1
- Initial release. (Closes: #4)