CVS commit: pkgsrc/security/acme-client

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/security/acme-client
From: "Paolo Vincenzo Olivo" <vins%netbsd.org@localhost>
Date: Mon, 20 Oct 2025 19:09:17 +0000

Module Name:    pkgsrc
Committed By:   vins
Date:           Mon Oct 20 19:09:17 UTC 2025

Added Files:
        pkgsrc/security/acme-client: DESCR Makefile PLIST distinfo
        pkgsrc/security/acme-client/patches: patch-acme-client.conf
            patch-compat__vis.c

Log Message:
security/acme-client: initial import of package

Portable version of OpenBSD's acme-client(1), a secure ACME /
Let's Encrypt client.

acme-client looks in its configuration for a domain section
corresponding to the handle given as command line argument, and uses
that configuration to retrieve an X.509 certificate which can be used
to provide domain name validation.w


To generate a diff of this commit:
cvs rdiff -u -r0 -r1.1 pkgsrc/security/acme-client/DESCR \
    pkgsrc/security/acme-client/Makefile pkgsrc/security/acme-client/PLIST \
    pkgsrc/security/acme-client/distinfo
cvs rdiff -u -r0 -r1.1 \
    pkgsrc/security/acme-client/patches/patch-acme-client.conf \
    pkgsrc/security/acme-client/patches/patch-compat__vis.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Added files:

Index: pkgsrc/security/acme-client/DESCR
diff -u /dev/null pkgsrc/security/acme-client/DESCR:1.1
--- /dev/null   Mon Oct 20 19:09:17 2025
+++ pkgsrc/security/acme-client/DESCR   Mon Oct 20 19:09:16 2025
@@ -0,0 +1,7 @@
+Portable version of OpenBSD's acme-client(1), a secure ACME / 
+Let's Encrypt client.
+
+acme-client looks in its configuration for a domain section
+corresponding to the handle given as command line argument, and uses
+that configuration to retrieve an X.509 certificate which can be used
+to provide domain name validation.w
Index: pkgsrc/security/acme-client/Makefile
diff -u /dev/null pkgsrc/security/acme-client/Makefile:1.1
--- /dev/null   Mon Oct 20 19:09:17 2025
+++ pkgsrc/security/acme-client/Makefile        Mon Oct 20 19:09:17 2025
@@ -0,0 +1,54 @@
+# $NetBSD: Makefile,v 1.1 2025/10/20 19:09:17 vins Exp $
+
+DISTNAME=      acme-client-1.3.5
+CATEGORIES=    security
+# repo at      https://git.wolfsden.cz/acme-client-portable
+MASTER_SITES=  https://files.wolfsden.cz/releases/acme-client/
+
+MAINTAINER=    vins%NetBSD.org@localhost
+HOMEPAGE=      https://wolfsden.cz/project/acme-client.html
+COMMENT=       Client for issuing certificates from ACME-complaint servers
+LICENSE=       isc AND gnu-gpl-v2
+
+BUILD_DEFS+=   VARBASE
+
+USE_TOOLS+=    pkg-config yacc sed
+
+GNU_CONFIGURE= yes
+
+BUILDLINK_TRANSFORM+=          opt:-std=c99:-std=gnu99                 # strdup()
+BUILDLINK_TRANSFORM.NetBSD+=   opt:-D_GNU_SOURCE=1:-D_OPENBSD_SOURCE   # strtonum()
+
+LIBS.SunOS+=           -lsocket        # getaddrinfo
+
+EGDIR=                 share/examples/${PKGBASE}
+CONF_FILES+=           ${PREFIX}/${EGDIR}/acme-client.conf \
+                       ${PKG_SYSCONFDIR}/acme-client.conf
+
+INSTALLATION_DIRS+=    ${EGDIR}
+MAKE_DIRS+=            ${PKG_SYSCONFDIR}/acme ${VARBASE}/www/acme
+
+CONFIGURE_ARGS+=       --enable-libtls
+
+SUBST_CLASSES+=                paths
+SUBST_STAGE.paths=     pre-configure
+SUBST_MESSAGE.paths=   Replacing hard-coded paths.
+SUBST_FILES.paths=     usr.sbin/acme-client/acme-client.1
+SUBST_FILES.paths+=    usr.sbin/acme-client/acme-client.conf.5
+SUBST_FILES.paths+=    acme-client.conf
+SUBST_SED.paths+=      -e "s:/etc/acme:${PKG_SYSCONFDIR}/acme:g"
+SUBST_SED.paths+=      -e "s:/etc/examples:${PREFIX}/${EGDIR}:g"
+SUBST_VARS.paths+=     PKG_SYSCONFDIR SSLDIR
+
+post-install:
+       ${INSTALL_DATA} ${WRKSRC}/acme-client.conf \
+               ${DESTDIR}${PREFIX}/${EGDIR}
+
+.include "../../mk/bsd.prefs.mk"
+
+.if ${OPSYS} == "Linux"
+.  include "../../devel/libbsd/buildlink3.mk"
+.endif
+
+.include "../../security/libretls/buildlink3.mk"
+.include "../../mk/bsd.pkg.mk"
Index: pkgsrc/security/acme-client/PLIST
diff -u /dev/null pkgsrc/security/acme-client/PLIST:1.1
--- /dev/null   Mon Oct 20 19:09:17 2025
+++ pkgsrc/security/acme-client/PLIST   Mon Oct 20 19:09:17 2025
@@ -0,0 +1,5 @@
+@comment $NetBSD: PLIST,v 1.1 2025/10/20 19:09:17 vins Exp $
+bin/acme-client
+man/man1/acme-client.1
+man/man5/acme-client.conf.5
+share/examples/acme-client/acme-client.conf
Index: pkgsrc/security/acme-client/distinfo
diff -u /dev/null pkgsrc/security/acme-client/distinfo:1.1
--- /dev/null   Mon Oct 20 19:09:17 2025
+++ pkgsrc/security/acme-client/distinfo        Mon Oct 20 19:09:17 2025
@@ -0,0 +1,7 @@
+$NetBSD: distinfo,v 1.1 2025/10/20 19:09:17 vins Exp $
+
+BLAKE2s (acme-client-1.3.5.tar.gz) = 10a942592124cf90c1ea1d1deecd3748cd1fe37d8835412d056500ba2c5ab6fc
+SHA512 (acme-client-1.3.5.tar.gz) = cfd8ada04b8a3e9d5ccf7193bafe309f2e6b4a5b6fb7c99b1d651b08190a43a053a479abf00fb2a4ba9bab839979a212b71388dc6f162c9176033766defd3a6c
+Size (acme-client-1.3.5.tar.gz) = 221427 bytes
+SHA1 (patch-acme-client.conf) = 2b6508a16bdcc3d59c37185e040b10b1623e9e04
+SHA1 (patch-compat__vis.c) = 0a2db8965e1a8d8c66418db8189d5871487794fa

Index: pkgsrc/security/acme-client/patches/patch-acme-client.conf
diff -u /dev/null pkgsrc/security/acme-client/patches/patch-acme-client.conf:1.1
--- /dev/null   Mon Oct 20 19:09:17 2025
+++ pkgsrc/security/acme-client/patches/patch-acme-client.conf  Mon Oct 20 19:09:17 2025
@@ -0,0 +1,38 @@
+$NetBSD: patch-acme-client.conf,v 1.1 2025/10/20 19:09:17 vins Exp $
+
+acme-client configuration for pkgsrc.
+
+--- acme-client.conf.orig      2025-10-20 17:42:55.426948159 +0000
++++ acme-client.conf
+@@ -0,0 +1,31 @@
++#
++# $OpenBSD: acme-client.conf,v 1.4 2020/09/17 09:13:06 florian Exp $
++#
++authority letsencrypt {
++      api url "https://acme-v02.api.letsencrypt.org/directory";
++      account key "@PKG_SYSCONFDIR@/acme/letsencrypt-privkey.pem"
++}
++
++authority letsencrypt-staging {
++      api url "https://acme-staging-v02.api.letsencrypt.org/directory";
++      account key "@PKG_SYSCONFDIR@/acme/letsencrypt-staging-privkey.pem"
++}
++
++authority buypass {
++      api url "https://api.buypass.com/acme/directory";
++      account key "@PKG_SYSCONFDIR@/acme/buypass-privkey.pem"
++      contact "mailto:me%example.com@localhost";
++}
++
++authority buypass-test {
++      api url "https://api.test4.buypass.no/acme/directory";
++      account key "@PKG_SYSCONFDIR@/acme/buypass-test-privkey.pem"
++      contact "mailto:me%example.com@localhost";
++}
++
++domain example.com {
++      alternative names { secure.example.com }
++      domain key "@SSLDIR@/acme/private/example.com.key"
++      domain full chain certificate "@SSLDIR@/acme/example.com.fullchain.pem"
++      sign with letsencrypt
++}
Index: pkgsrc/security/acme-client/patches/patch-compat__vis.c
diff -u /dev/null pkgsrc/security/acme-client/patches/patch-compat__vis.c:1.1
--- /dev/null   Mon Oct 20 19:09:17 2025
+++ pkgsrc/security/acme-client/patches/patch-compat__vis.c     Mon Oct 20 19:09:17 2025
@@ -0,0 +1,19 @@
+$NetBSD: patch-compat__vis.c,v 1.1 2025/10/20 19:09:17 vins Exp $
+
+Fix indeterminate use of pointer after realloc. 
+
+--- compat_vis.c.orig  2025-10-20 17:18:46.766954133 +0000
++++ compat_vis.c
+@@ -217,9 +217,9 @@ stravis(char **outp, const char *src, in
+               return -1;
+       len = strvis(buf, src, flag);
+       serrno = errno;
+-      *outp = realloc(buf, len + 1);
+-      if (*outp == NULL) {
+-              *outp = buf;
++      outp = realloc(buf, len + 1);
++      if (outp == NULL) {
++              free(buf);
+               errno = serrno;
+       }
+       return (len);

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/security
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/security
Indexes:

Home | Main Index | Thread Index | Old Index