X-Git-Url: https://git.tld-linux.org/?p=packages%2Fdehydrated.git;a=blobdiff_plain;f=tld.patch;h=9c8e779c6196943954f3e07be4053c8dce122100;hp=3a85259249733c471f4534897bb5f7af5cd91388;hb=b5d5d321a92ef9a1ee59bc6ffebc3bb2d2f93454;hpb=60133e74d7171e663e39da1a02d71ba4c4fb6c85 diff --git a/tld.patch b/tld.patch index 3a85259..9c8e779 100644 --- a/tld.patch +++ b/tld.patch @@ -1,22 +1,31 @@ -diff -ur dehydrated-0.4.0.orig/dehydrated dehydrated-0.4.0/dehydrated ---- dehydrated-0.4.0.orig/dehydrated 2017-02-05 15:33:17.000000000 +0100 -+++ dehydrated-0.4.0/dehydrated 2017-10-24 16:58:33.761256185 +0200 +diff -ur dehydrated-0.6.5.orig/dehydrated dehydrated-0.6.5/dehydrated +--- dehydrated-0.6.5.orig/dehydrated 2019-06-26 12:33:35.000000000 +0200 ++++ dehydrated-0.6.5/dehydrated 2020-08-16 15:17:01.872293508 +0200 @@ -1,4 +1,4 @@ -#!/usr/bin/env bash +#!/bin/bash # dehydrated by lukas2511 - # Source: https://github.com/lukas2511/dehydrated -@@ -20,7 +20,7 @@ + # Source: https://dehydrated.io +@@ -11,7 +11,7 @@ + [[ -n "${ZSH_VERSION:-}" ]] && set -o SH_WORD_SPLIT && set +o FUNCTION_ARGZERO && set -o NULL_GLOB && set -o noglob + [[ -z "${ZSH_VERSION:-}" ]] && shopt -s nullglob && set -f + +-umask 077 # paranoid umask, we're creating private keys ++umask 027 # allow root and dehydrated group only to protect private keys + + # Close weird external file descriptors + exec 3>&- +@@ -28,7 +28,7 @@ done SCRIPTDIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )" -BASEDIR="${SCRIPTDIR}" +BASEDIR="/var/lib/dehydrated" + ORIGARGS="$@" # Create (identifiable) temporary files - _mktemp() { -@@ -115,7 +115,7 @@ +@@ -135,7 +135,7 @@ DOMAINS_TXT= HOOK= HOOK_CHAIN="no" @@ -25,23 +34,34 @@ diff -ur dehydrated-0.4.0.orig/dehydrated dehydrated-0.4.0/dehydrated KEYSIZE="4096" WELLKNOWN= PRIVATE_KEY_RENEW="yes" -@@ -182,8 +182,8 @@ - fi +@@ -151,8 +151,8 @@ + IP_VERSION= + CHAINCACHE= + AUTO_CLEANUP="no" +- DEHYDRATED_USER= +- DEHYDRATED_GROUP= ++ DEHYDRATED_USER="root" ++ DEHYDRATED_GROUP="dehydrated" + API="auto" + if [[ -z "${CONFIG:-}" ]]; then +@@ -260,8 +260,8 @@ [[ -z "${CERTDIR}" ]] && CERTDIR="${BASEDIR}/certs" + [[ -z "${ALPNCERTDIR}" ]] && ALPNCERTDIR="${BASEDIR}/alpn-certs" + [[ -z "${CHAINCACHE}" ]] && CHAINCACHE="${BASEDIR}/chains" - [[ -z "${DOMAINS_TXT}" ]] && DOMAINS_TXT="${BASEDIR}/domains.txt" - [[ -z "${WELLKNOWN}" ]] && WELLKNOWN="/var/www/dehydrated" + [[ -z "${DOMAINS_TXT}" ]] && DOMAINS_TXT="/etc/dehydrated/domains.txt" + [[ -z "${WELLKNOWN}" ]] && WELLKNOWN="${BASEDIR}/acme-challenges" [[ -z "${LOCKFILE}" ]] && LOCKFILE="${BASEDIR}/lock" + [[ -z "${OPENSSL_CNF}" ]] && OPENSSL_CNF="$("${OPENSSL}" version -d | cut -d\" -f2)/openssl.cnf" [[ -n "${PARAM_LOCKFILE_SUFFIX:-}" ]] && LOCKFILE="${LOCKFILE}-${PARAM_LOCKFILE_SUFFIX}" - [[ -n "${PARAM_NO_LOCK:-}" ]] && LOCKFILE="" -diff -ur dehydrated-0.4.0.orig/docs/examples/config dehydrated-0.4.0/docs/examples/config ---- dehydrated-0.4.0.orig/docs/examples/config 2017-02-05 15:33:17.000000000 +0100 -+++ dehydrated-0.4.0/docs/examples/config 2017-10-24 16:58:47.821256753 +0200 -@@ -33,11 +33,11 @@ +diff -ur dehydrated-0.6.5.orig/docs/examples/config dehydrated-0.6.5/docs/examples/config +--- dehydrated-0.6.5.orig/docs/examples/config 2019-06-26 12:33:35.000000000 +0200 ++++ dehydrated-0.6.5/docs/examples/config 2020-08-16 15:17:01.872293508 +0200 +@@ -45,11 +45,11 @@ # default: - #CONFIG_D= + #DOMAINS_D= -# Base directory for account key, generated certificates and list of domains (default: $SCRIPTDIR -- uses config directory if undefined) -#BASEDIR=$SCRIPTDIR @@ -54,7 +74,7 @@ diff -ur dehydrated-0.4.0.orig/docs/examples/config dehydrated-0.4.0/docs/exampl # Output directory for generated certificates #CERTDIR="${BASEDIR}/certs" -@@ -46,7 +46,7 @@ +@@ -61,7 +61,7 @@ #ACCOUNTDIR="${BASEDIR}/accounts" # Output directory for challenge-tokens to be served by webserver or deployed in HOOK (default: /var/www/dehydrated) @@ -63,12 +83,12 @@ diff -ur dehydrated-0.4.0.orig/docs/examples/config dehydrated-0.4.0/docs/exampl # Default keysize for private keys (default: 4096) #KEYSIZE="4096" -@@ -64,13 +64,13 @@ +@@ -85,13 +85,13 @@ # # BASEDIR and WELLKNOWN variables are exported and can be used in an external program # default: -#HOOK= -+#HOOK="/etc/dehydrated/hook.sh" ++#HOOK="/etc/dehydrated/hooks/hook.sh" # Chain clean_challenge|deploy_challenge arguments together into one hook call per certificate (default: no) #HOOK_CHAIN="no"