]> TLD Linux GIT Repositories - packages/dehydrated.git/commitdiff
- updated to 0.7.0
authorMarcin Krol <hawk@tld-linux.org>
Fri, 1 Jan 2021 18:02:56 +0000 (19:02 +0100)
committerMarcin Krol <hawk@tld-linux.org>
Fri, 1 Jan 2021 18:02:56 +0000 (19:02 +0100)
01-ca-path.sh
02-challenge-type.sh
03-keys.sh
05-ocsp.sh
08-curl.sh [new file with mode: 0644]
dehydrated.spec
tld.patch

index cd6f030dac1c32bdcc08d3f592180205cad4d3f2..85594ee35634a4b3ed5d13607a91d77fa4fd3ab9 100644 (file)
@@ -1,5 +1,4 @@
-# Path to certificate authority (default: https://acme-v02.api.letsencrypt.org/directory)
-#CA="https://acme-v02.api.letsencrypt.org/directory"
-
-# Path to staging certificate authority (for testing purposes)
-#CA="https://acme-staging-v02.api.letsencrypt.org/directory"
+# URL to certificate authority or internal preset
+# Presets: letsencrypt, letsencrypt-test, zerossl, buypass, buypass-test
+# default: letsencrypt
+#CA="letsencrypt"
index 5416ba9f28f90bef0da711c623c9c8706185d473..ec10240460f1d0753e55b40d8952ff50a96cc1ce 100644 (file)
@@ -1,2 +1,2 @@
-# Which challenge should be used? Currently http-01 and dns-01 are supported
+# Which challenge should be used? Currently http-01, dns-01 and tls-alpn-01 are supported
 #CHALLENGETYPE="http-01"
index e10db0f5cab2cc426d4734b40ab54a4ab2395255..20e615d3df526b5a8d3d8d321755f160118e9ea5 100644 (file)
@@ -5,4 +5,4 @@
 #PRIVATE_KEY_ROLLOVER="no"
 
 # Which public key algorithm should be used? Supported: rsa, prime256v1 and secp384r1
-#KEY_ALGO=rsa
+#KEY_ALGO=secp384r1
index 42cab3055b0ab55fb657d8b3c3c55aef6a07598c..dcdc20a224ddbdb7f16e964a3ab9a8ea8ecb68ac 100644 (file)
@@ -1,2 +1,8 @@
 # Option to add CSR-flag indicating OCSP stapling to be mandatory (default: no)
 #OCSP_MUST_STAPLE="no"
+
+# Fetch OCSP responses (default: no)
+#OCSP_FETCH="no"
+
+# OCSP refresh interval (default: 5 days)
+#OCSP_DAYS=5
diff --git a/08-curl.sh b/08-curl.sh
new file mode 100644 (file)
index 0000000..d4d8ae2
--- /dev/null
@@ -0,0 +1,2 @@
+# Extra options passed to the curl binary (default: <unset>)
+#CURL_OPTS=
index 21c11032913b67d0489421354bfa4a759f436444..6b57dfe86494357ff8303ca9a48310f0e5c79089 100644 (file)
@@ -1,11 +1,11 @@
 Summary:       letsencrypt/acme client implemented as a shell-script
 Name:          dehydrated
-Version:       0.6.5
+Version:       0.7.0
 Release:       1
 License:       MIT
 Group:         Applications/Networking
 Source0:       https://github.com/lukas2511/dehydrated/archive/v%{version}/%{name}-%{version}.tar.gz
-# Source0-md5: cedf07369517c317c4e1075540b94699
+# Source0-md5: a23c9f7a475b9d690e788ee13dd8f14a
 Source1:       httpd.conf
 Source2:       lighttpd.conf
 Source3:       nginx.conf
@@ -19,11 +19,12 @@ Source10:   04-renew.sh
 Source11:      05-ocsp.sh
 Source12:      06-hook.sh
 Source13:      07-contact.sh
-Source14:      hook.sh
-Source15:      hook.functions
-Source16:      hook.custom_functions
-Source17:      hook.global
-Source18:      sudoers
+Source14:      08-curl.sh
+Source30:      hook.sh
+Source31:      hook.functions
+Source32:      hook.custom_functions
+Source33:      hook.global
+Source34:      sudoers
 Patch0:                tld.patch
 URL:           https://github.com/lukas2511/dehydrated
 BuildRequires: rpmbuild(macros) >= 1.713
@@ -76,13 +77,13 @@ cp -p %{SOURCE4} $RPM_BUILD_ROOT/etc/%{name}/domains.txt
 cp -p %{SOURCE5} $RPM_BUILD_ROOT/etc/cron.d/%{name}
 cp -p %{SOURCE6} $RPM_BUILD_ROOT/etc/%{name}/config
 cp -p %{SOURCE7} %{SOURCE8} %{SOURCE9} %{SOURCE10} \
-       %{SOURCE11} %{SOURCE12} %{SOURCE13} \
+       %{SOURCE11} %{SOURCE12} %{SOURCE13} %{SOURCE14} \
        $RPM_BUILD_ROOT/etc/%{name}/conf.d/
-install -p %{SOURCE14} $RPM_BUILD_ROOT/etc/%{name}/hooks/hook.sh
-cp -p %{SOURCE15} $RPM_BUILD_ROOT/etc/%{name}/hooks/functions
-cp -p %{SOURCE16} $RPM_BUILD_ROOT/etc/%{name}/hooks/custom_functions
-cp -p %{SOURCE17} $RPM_BUILD_ROOT/etc/%{name}/hooks.d/global
-cp -p %{SOURCE18} $RPM_BUILD_ROOT/etc/sudoers.d/%{name}
+install -p %{SOURCE30} $RPM_BUILD_ROOT/etc/%{name}/hooks/hook.sh
+cp -p %{SOURCE31} $RPM_BUILD_ROOT/etc/%{name}/hooks/functions
+cp -p %{SOURCE32} $RPM_BUILD_ROOT/etc/%{name}/hooks/custom_functions
+cp -p %{SOURCE33} $RPM_BUILD_ROOT/etc/%{name}/hooks.d/global
+cp -p %{SOURCE34} $RPM_BUILD_ROOT/etc/sudoers.d/%{name}
 
 %pre
 %groupadd -g 184 dehydrated
index 9c8e779c6196943954f3e07be4053c8dce122100..96819c74d0dfcbab97df63d91a52515ed1aa7a50 100644 (file)
--- a/tld.patch
+++ b/tld.patch
@@ -1,6 +1,6 @@
-diff -ur dehydrated-0.6.5.orig/dehydrated dehydrated-0.6.5/dehydrated
---- dehydrated-0.6.5.orig/dehydrated   2019-06-26 12:33:35.000000000 +0200
-+++ dehydrated-0.6.5/dehydrated        2020-08-16 15:17:01.872293508 +0200
+diff -ur dehydrated-0.7.0.orig/dehydrated dehydrated-0.7.0/dehydrated
+--- dehydrated-0.7.0.orig/dehydrated   2020-12-10 16:54:26.000000000 +0100
++++ dehydrated-0.7.0/dehydrated        2021-01-01 18:41:50.608417166 +0100
 @@ -1,4 +1,4 @@
 -#!/usr/bin/env bash
 +#!/bin/bash
@@ -22,19 +22,19 @@ diff -ur dehydrated-0.6.5.orig/dehydrated dehydrated-0.6.5/dehydrated
  
 -BASEDIR="${SCRIPTDIR}"
 +BASEDIR="/var/lib/dehydrated"
- ORIGARGS="$@"
+ ORIGARGS=("${@}")
  
- # Create (identifiable) temporary files
-@@ -135,7 +135,7 @@
-   DOMAINS_TXT=
+ # Generate json.sh path matching string
+@@ -340,7 +340,7 @@
    HOOK=
+   PREFERRED_CHAIN=
    HOOK_CHAIN="no"
 -  RENEW_DAYS="30"
 +  RENEW_DAYS="10"
    KEYSIZE="4096"
    WELLKNOWN=
    PRIVATE_KEY_RENEW="yes"
-@@ -151,8 +151,8 @@
+@@ -356,8 +356,8 @@
    IP_VERSION=
    CHAINCACHE=
    AUTO_CLEANUP="no"
@@ -45,7 +45,7 @@ diff -ur dehydrated-0.6.5.orig/dehydrated dehydrated-0.6.5/dehydrated
    API="auto"
  
    if [[ -z "${CONFIG:-}" ]]; then
-@@ -260,8 +260,8 @@
+@@ -495,8 +495,8 @@
    [[ -z "${CERTDIR}" ]] && CERTDIR="${BASEDIR}/certs"
    [[ -z "${ALPNCERTDIR}" ]] && ALPNCERTDIR="${BASEDIR}/alpn-certs"
    [[ -z "${CHAINCACHE}" ]] && CHAINCACHE="${BASEDIR}/chains"
@@ -56,10 +56,10 @@ diff -ur dehydrated-0.6.5.orig/dehydrated dehydrated-0.6.5/dehydrated
    [[ -z "${LOCKFILE}" ]] && LOCKFILE="${BASEDIR}/lock"
    [[ -z "${OPENSSL_CNF}" ]] && OPENSSL_CNF="$("${OPENSSL}" version -d | cut -d\" -f2)/openssl.cnf"
    [[ -n "${PARAM_LOCKFILE_SUFFIX:-}" ]] && LOCKFILE="${LOCKFILE}-${PARAM_LOCKFILE_SUFFIX}"
-diff -ur dehydrated-0.6.5.orig/docs/examples/config dehydrated-0.6.5/docs/examples/config
---- dehydrated-0.6.5.orig/docs/examples/config 2019-06-26 12:33:35.000000000 +0200
-+++ dehydrated-0.6.5/docs/examples/config      2020-08-16 15:17:01.872293508 +0200
-@@ -45,11 +45,11 @@
+diff -ur dehydrated-0.7.0.orig/docs/examples/config dehydrated-0.7.0/docs/examples/config
+--- dehydrated-0.7.0.orig/docs/examples/config 2020-12-10 16:54:26.000000000 +0100
++++ dehydrated-0.7.0/docs/examples/config      2021-01-01 18:41:13.934417166 +0100
+@@ -47,11 +47,11 @@
  # default: <unset>
  #DOMAINS_D=
  
@@ -74,7 +74,7 @@ diff -ur dehydrated-0.6.5.orig/docs/examples/config dehydrated-0.6.5/docs/exampl
  
  # Output directory for generated certificates
  #CERTDIR="${BASEDIR}/certs"
-@@ -61,7 +61,7 @@
+@@ -63,7 +63,7 @@
  #ACCOUNTDIR="${BASEDIR}/accounts"
  
  # Output directory for challenge-tokens to be served by webserver or deployed in HOOK (default: /var/www/dehydrated)
@@ -83,7 +83,7 @@ diff -ur dehydrated-0.6.5.orig/docs/examples/config dehydrated-0.6.5/docs/exampl
  
  # Default keysize for private keys (default: 4096)
  #KEYSIZE="4096"
-@@ -85,13 +85,13 @@
+@@ -87,13 +87,13 @@
  #
  # BASEDIR and WELLKNOWN variables are exported and can be used in an external program
  # default: <unset>