X-Git-Url: https://git.tld-linux.org/?p=packages%2Fdehydrated.git;a=blobdiff_plain;f=tld.patch;h=9c8e779c6196943954f3e07be4053c8dce122100;hp=57beb42e535bef30e248dfb31f89913f5f49deba;hb=b5d5d321a92ef9a1ee59bc6ffebc3bb2d2f93454;hpb=9bf026a0896f188bfd309b0fcdaca394efac974d diff --git a/tld.patch b/tld.patch index 57beb42..9c8e779 100644 --- a/tld.patch +++ b/tld.patch @@ -1,12 +1,21 @@ -diff -ur dehydrated-0.6.2.orig/dehydrated dehydrated-0.6.2/dehydrated ---- dehydrated-0.6.2.orig/dehydrated 2018-04-25 21:22:40.000000000 +0000 -+++ dehydrated-0.6.2/dehydrated 2018-05-27 19:22:45.065763589 +0000 +diff -ur dehydrated-0.6.5.orig/dehydrated dehydrated-0.6.5/dehydrated +--- dehydrated-0.6.5.orig/dehydrated 2019-06-26 12:33:35.000000000 +0200 ++++ dehydrated-0.6.5/dehydrated 2020-08-16 15:17:01.872293508 +0200 @@ -1,4 +1,4 @@ -#!/usr/bin/env bash +#!/bin/bash # dehydrated by lukas2511 # Source: https://dehydrated.io +@@ -11,7 +11,7 @@ + [[ -n "${ZSH_VERSION:-}" ]] && set -o SH_WORD_SPLIT && set +o FUNCTION_ARGZERO && set -o NULL_GLOB && set -o noglob + [[ -z "${ZSH_VERSION:-}" ]] && shopt -s nullglob && set -f + +-umask 077 # paranoid umask, we're creating private keys ++umask 027 # allow root and dehydrated group only to protect private keys + + # Close weird external file descriptors + exec 3>&- @@ -28,7 +28,7 @@ done SCRIPTDIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )" @@ -16,7 +25,7 @@ diff -ur dehydrated-0.6.2.orig/dehydrated dehydrated-0.6.2/dehydrated ORIGARGS="$@" # Create (identifiable) temporary files -@@ -133,7 +133,7 @@ +@@ -135,7 +135,7 @@ DOMAINS_TXT= HOOK= HOOK_CHAIN="no" @@ -25,9 +34,20 @@ diff -ur dehydrated-0.6.2.orig/dehydrated dehydrated-0.6.2/dehydrated KEYSIZE="4096" WELLKNOWN= PRIVATE_KEY_RENEW="yes" -@@ -255,8 +255,8 @@ +@@ -151,8 +151,8 @@ + IP_VERSION= + CHAINCACHE= + AUTO_CLEANUP="no" +- DEHYDRATED_USER= +- DEHYDRATED_GROUP= ++ DEHYDRATED_USER="root" ++ DEHYDRATED_GROUP="dehydrated" + API="auto" + if [[ -z "${CONFIG:-}" ]]; then +@@ -260,8 +260,8 @@ [[ -z "${CERTDIR}" ]] && CERTDIR="${BASEDIR}/certs" + [[ -z "${ALPNCERTDIR}" ]] && ALPNCERTDIR="${BASEDIR}/alpn-certs" [[ -z "${CHAINCACHE}" ]] && CHAINCACHE="${BASEDIR}/chains" - [[ -z "${DOMAINS_TXT}" ]] && DOMAINS_TXT="${BASEDIR}/domains.txt" - [[ -z "${WELLKNOWN}" ]] && WELLKNOWN="/var/www/dehydrated" @@ -36,12 +56,12 @@ diff -ur dehydrated-0.6.2.orig/dehydrated dehydrated-0.6.2/dehydrated [[ -z "${LOCKFILE}" ]] && LOCKFILE="${BASEDIR}/lock" [[ -z "${OPENSSL_CNF}" ]] && OPENSSL_CNF="$("${OPENSSL}" version -d | cut -d\" -f2)/openssl.cnf" [[ -n "${PARAM_LOCKFILE_SUFFIX:-}" ]] && LOCKFILE="${LOCKFILE}-${PARAM_LOCKFILE_SUFFIX}" -diff -ur dehydrated-0.6.2.orig/docs/examples/config dehydrated-0.6.2/docs/examples/config ---- dehydrated-0.6.2.orig/docs/examples/config 2018-04-25 21:22:40.000000000 +0000 -+++ dehydrated-0.6.2/docs/examples/config 2018-05-27 19:12:46.943770323 +0000 -@@ -40,11 +40,11 @@ +diff -ur dehydrated-0.6.5.orig/docs/examples/config dehydrated-0.6.5/docs/examples/config +--- dehydrated-0.6.5.orig/docs/examples/config 2019-06-26 12:33:35.000000000 +0200 ++++ dehydrated-0.6.5/docs/examples/config 2020-08-16 15:17:01.872293508 +0200 +@@ -45,11 +45,11 @@ # default: - #CONFIG_D= + #DOMAINS_D= -# Base directory for account key, generated certificates and list of domains (default: $SCRIPTDIR -- uses config directory if undefined) -#BASEDIR=$SCRIPTDIR @@ -54,7 +74,7 @@ diff -ur dehydrated-0.6.2.orig/docs/examples/config dehydrated-0.6.2/docs/exampl # Output directory for generated certificates #CERTDIR="${BASEDIR}/certs" -@@ -53,7 +53,7 @@ +@@ -61,7 +61,7 @@ #ACCOUNTDIR="${BASEDIR}/accounts" # Output directory for challenge-tokens to be served by webserver or deployed in HOOK (default: /var/www/dehydrated) @@ -63,7 +83,7 @@ diff -ur dehydrated-0.6.2.orig/docs/examples/config dehydrated-0.6.2/docs/exampl # Default keysize for private keys (default: 4096) #KEYSIZE="4096" -@@ -77,13 +77,13 @@ +@@ -85,13 +85,13 @@ # # BASEDIR and WELLKNOWN variables are exported and can be used in an external program # default: