pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/security/uacme
Module Name: pkgsrc
Committed By: hauke
Date: Fri May 1 21:27:35 UTC 2026
Modified Files:
pkgsrc/security/uacme: Makefile distinfo
pkgsrc/security/uacme/patches: patch-configure.ac patch-uacme.c
patch-uacme.sh
Log Message:
security/uacme: Update to v1.8.1
>From upstream's changelog:
2026-04-05 Nicola Di Lieto <nicola.dilieto%gmail.com@localhost>
* Release 1.8.1
- uacme: Fix EAB bit parsing logic
Closes https://github.com/ndilieto/uacme/issues/108
- ualpn: Manage TLS alerts when built with mbedTLS
Closes https://github.com/ndilieto/uacme/issues/109
See also https://github.com/openwrt/packages/issues/29003
2026-01-25 Nicola Di Lieto <nicola.dilieto%gmail.com@localhost>
* Release 1.8.0
- uacme: Add support for dns-persist-01 challenge
See https://datatracker.ietf.org/doc/draft-ietf-acme-dns-persist/
- uacme: Add support for certificate profiles
Closes https://github.com/ndilieto/uacme/issues/90
See also https://letsencrypt.org/2025/01/09/acme-profiles/
- uacme: Use Retry-After header when server sends it
- uacme: Add method to check certificate existence and validity
Closes https://github.com/ndilieto/uacme/issues/93
- uacme: Parse RFC3339 timestamps directly
Closes https://github.com/ndilieto/uacme/issues/91
- uacme: Omit Common Name in certificate for IP identifiers
See https://github.com/ndilieto/uacme/pull/96
- uacme: Add support for certificate key rotation
Closes https://github.com/ndilieto/uacme/issues/92
- uacme: Add support for HMAC-SHA-{384,512} in EAB Signatures
Closes https://github.com/ndilieto/uacme/issues/98
- uacme: Support settings from environment in nsupdate.sh
- ualpn: Check that authorization isn't missing
- ualpn: Bump embedded libev to version 4.33
- Documentation update including copyright year
2024-12-29 Nicola Di Lieto <nicola.dilieto%gmail.com@localhost>
* Release 1.7.6
- Fix OpenSSL 3.x deprecated APIs
- Fix cross compilation
Closes https://github.com/ndilieto/uacme/issues/79
- uacme: Add environment variables
Closes https://github.com/ndilieto/uacme/issues/63
- uacme: Add support for ACME Renewal Information (ARI)
Closes https://github.com/ndilieto/uacme/issues/67
- uacme: Try obtaining new Reply-Nonce if server doesn't supply one
Closes https://github.com/ndilieto/uacme/issues/82
- uacme: Add hook environment variables
Closes https://github.com/ndilieto/uacme/issues/83
- uacme: Allow matching alternative chain by Authority Key Id
Closes https://github.com/ndilieto/uacme/issues/85
- Documentation update
- Add link to linode api hook
To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 pkgsrc/security/uacme/Makefile
cvs rdiff -u -r1.2 -r1.3 pkgsrc/security/uacme/distinfo
cvs rdiff -u -r1.1 -r1.2 pkgsrc/security/uacme/patches/patch-configure.ac \
pkgsrc/security/uacme/patches/patch-uacme.sh
cvs rdiff -u -r1.2 -r1.3 pkgsrc/security/uacme/patches/patch-uacme.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/security/uacme/Makefile
diff -u pkgsrc/security/uacme/Makefile:1.14 pkgsrc/security/uacme/Makefile:1.15
--- pkgsrc/security/uacme/Makefile:1.14 Fri Feb 6 10:05:51 2026
+++ pkgsrc/security/uacme/Makefile Fri May 1 21:27:35 2026
@@ -1,15 +1,14 @@
-# $NetBSD: Makefile,v 1.14 2026/02/06 10:05:51 wiz Exp $
+# $NetBSD: Makefile,v 1.15 2026/05/01 21:27:35 hauke Exp $
-PKGNAME= uacme-${PKGVER}
-PKGREVISION= 11
DISTNAME= v${PKGVER}
-PKGVER= 1.7.5
+PKGNAME= uacme-${PKGVER}
+PKGVER= 1.8.1
CATEGORIES= security
MASTER_SITES= ${MASTER_SITE_GITHUB:=ndilieto/uacme/archive/refs/tags/}
MAINTAINER= hauke%NetBSD.org@localhost
-COMMENT= Lightweight C ACMEv2 client which uses external authenticators
HOMEPAGE= https://github.com/ndilieto/uacme
+COMMENT= Lightweight C ACMEv2 client which uses external authenticators
LICENSE= gnu-gpl-v3
TOOL_DEPENDS+= asciidoc-[0-9]*:../../textproc/asciidoc
Index: pkgsrc/security/uacme/distinfo
diff -u pkgsrc/security/uacme/distinfo:1.2 pkgsrc/security/uacme/distinfo:1.3
--- pkgsrc/security/uacme/distinfo:1.2 Mon Jan 27 13:37:06 2025
+++ pkgsrc/security/uacme/distinfo Fri May 1 21:27:35 2026
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.2 2025/01/27 13:37:06 riastradh Exp $
+$NetBSD: distinfo,v 1.3 2026/05/01 21:27:35 hauke Exp $
-BLAKE2s (v1.7.5.tar.gz) = 1947951f05e8b61a896394d1f67367446969dc14205440514ad679e1951bf208
-SHA512 (v1.7.5.tar.gz) = c219e3ade3a81e3088cc95ecc6422022d18bffd11f26aa1618d7e4bdbf492034ae886ad6d4428ba9bbe64dbe6e6576945f50ea8ae9d6f85098758a20ff82051c
-Size (v1.7.5.tar.gz) = 258398 bytes
+BLAKE2s (v1.8.1.tar.gz) = 0d1520dea6599c1e70b112ddada33e79bc483d9e5923409a214fbe4f46882fbe
+SHA512 (v1.8.1.tar.gz) = 96c6f9f54b412d8aa6f339ffc6616e7b1ce372cf1d796ade088adbd18d0d0a9e046363925315458a5ba1ccce8bbf5795453b5185869ed80aed668338c8adbf7d
+Size (v1.8.1.tar.gz) = 252881 bytes
SHA1 (patch-Makefile.am) = 562ca9e346d95771798c8fab146f59aaefb57b52
-SHA1 (patch-configure.ac) = da767baba9ddac9548d9790c16580c99931acd9d
-SHA1 (patch-uacme.c) = da6815cfd867637703501660109b05599c6b708d
-SHA1 (patch-uacme.sh) = 24da3e33aac08634d61287d1fb971f0b4095de8e
+SHA1 (patch-configure.ac) = 6bc5ddca5c45b50d34fb8c32366e7f6d59cf9fdc
+SHA1 (patch-uacme.c) = 31a41a05cab1d053232ce182d3d63d3e9a70afd9
+SHA1 (patch-uacme.sh) = dab3857c5f866672a9c0f73d51513832f1cf853c
Index: pkgsrc/security/uacme/patches/patch-configure.ac
diff -u pkgsrc/security/uacme/patches/patch-configure.ac:1.1 pkgsrc/security/uacme/patches/patch-configure.ac:1.2
--- pkgsrc/security/uacme/patches/patch-configure.ac:1.1 Mon Jan 27 13:37:07 2025
+++ pkgsrc/security/uacme/patches/patch-configure.ac Fri May 1 21:27:35 2026
@@ -1,11 +1,11 @@
-$NetBSD: patch-configure.ac,v 1.1 2025/01/27 13:37:07 riastradh Exp $
+$NetBSD: patch-configure.ac,v 1.2 2026/05/01 21:27:35 hauke Exp $
Wrap autoconf runtime test (AC_RUN_IFELSE) in AC_CACHE_CHECK so we can
override it on the command-line when cross-compiling.
---- configure.ac.orig 2024-01-28 20:03:31.000000000 +0000
+--- configure.ac.orig 2026-04-05 08:20:43.000000000 +0000
+++ configure.ac
-@@ -336,26 +336,35 @@ if test "x$OPT_UALPN" != "xno"; then
+@@ -336,27 +336,35 @@ if test "x$OPT_UALPN" != "xno"; then
AC_MSG_ERROR([ualpn requires sys/un.h]))
AC_CHECK_FUNCS([mmap],[],
AC_MSG_ERROR([ualpn requires mmap]))
@@ -43,14 +43,15 @@ override it on the command-line when cro
AC_DEFINE(HAVE_MAP_DEVZERO, 1, [if mmap("/dev/zero", MAP_SHARED) works])
- AC_MSG_RESULT([yes]),
- AC_MSG_RESULT([no])
-- AC_MSG_ERROR([ualpn requires MAP_ANON or mmap("/dev/zero", MAP_SHARED)])),
+- AC_MSG_ERROR([ualpn requires MAP_ANON or mmap("/dev/zero", MAP_SHARED)]))
+- ], [
+ else
+ AC_MSG_ERROR([ualpn requires MAP_ANON or mmap("/dev/zero", MAP_SHARED)])
+ fi
AC_COMPILE_IFELSE([AC_LANG_SOURCE([#include <sys/mman.h>
int main() {return mmap(0, 4096, PROT_READ|PROT_WRITE,
MAP_ANON|MAP_SHARED, -1, 0) == MAP_FAILED;}])],
-@@ -364,7 +373,8 @@ if test "x$OPT_UALPN" != "xno"; then
+@@ -365,7 +373,8 @@ if test "x$OPT_UALPN" != "xno"; then
AC_MSG_RESULT([no])
AC_MSG_NOTICE([falling back to mmap("/dev/zero", MAP_SHARED)])
AC_DEFINE(HAVE_MAP_DEVZERO, 1, [if mmap("/dev/zero", MAP_SHARED) works]))
Index: pkgsrc/security/uacme/patches/patch-uacme.sh
diff -u pkgsrc/security/uacme/patches/patch-uacme.sh:1.1 pkgsrc/security/uacme/patches/patch-uacme.sh:1.2
--- pkgsrc/security/uacme/patches/patch-uacme.sh:1.1 Thu May 2 13:34:56 2024
+++ pkgsrc/security/uacme/patches/patch-uacme.sh Fri May 1 21:27:35 2026
@@ -1,10 +1,10 @@
-$NetBSD: patch-uacme.sh,v 1.1 2024/05/02 13:34:56 hauke Exp $
+$NetBSD: patch-uacme.sh,v 1.2 2026/05/01 21:27:35 hauke Exp $
Make location of the http-01 challenges build-configurable.
The web server used then has to map the directory to
"/.well-known/acme-challenge/".
---- uacme.sh.orig 2024-04-25 11:12:57.787219060 +0000
+--- uacme.sh.orig 2026-04-05 08:20:43.000000000 +0000
+++ uacme.sh
@@ -16,7 +16,7 @@
# You should have received a copy of the GNU General Public License
Index: pkgsrc/security/uacme/patches/patch-uacme.c
diff -u pkgsrc/security/uacme/patches/patch-uacme.c:1.2 pkgsrc/security/uacme/patches/patch-uacme.c:1.3
--- pkgsrc/security/uacme/patches/patch-uacme.c:1.2 Mon Jan 27 13:37:07 2025
+++ pkgsrc/security/uacme/patches/patch-uacme.c Fri May 1 21:27:35 2026
@@ -1,12 +1,12 @@
-$NetBSD: patch-uacme.c,v 1.2 2025/01/27 13:37:07 riastradh Exp $
+$NetBSD: patch-uacme.c,v 1.3 2026/05/01 21:27:35 hauke Exp $
1. Set CONFDIR default - we prefer not to write under /etc
2. Fix ctype(3) abuse.
---- uacme.c.orig 2024-01-28 20:03:31.000000000 +0000
+--- uacme.c.orig 2026-04-05 08:20:43.000000000 +0000
+++ uacme.c
-@@ -46,7 +46,7 @@
+@@ -48,7 +48,7 @@
#define PRODUCTION_URL "https://acme-v02.api.letsencrypt.org/directory";
#define STAGING_URL "https://acme-staging-v02.api.letsencrypt.org/directory";
@@ -15,16 +15,16 @@ $NetBSD: patch-uacme.c,v 1.2 2025/01/27
typedef struct acme {
privkey_t key;
-@@ -866,7 +866,7 @@ bool authorize(acme_t *a)
- goto out;
- }
- for (const char *t = token; *t; t++)
-- if (!isalnum(*t) && *t != '-' && *t != '_') {
-+ if (!isalnum((unsigned char)*t) && *t != '-' && *t != '_') {
- warnx("failed to validate token");
+@@ -937,7 +937,7 @@ bool authorize(acme_t *a)
goto out;
}
-@@ -1301,7 +1301,7 @@ bool validate_identifier_str(const char
+ for (const char *t = token; *t; t++)
+- if (!isalnum(*t) && *t != '-' && *t != '_') {
++ if (!isalnum((unsigned char)*t) && *t != '-' && *t != '_') {
+ warnx("failed to validate token");
+ goto out;
+ }
+@@ -1388,7 +1388,7 @@ bool validate_identifier_str(const char
}
break;
default:
@@ -33,7 +33,7 @@ $NetBSD: patch-uacme.c,v 1.2 2025/01/27
warnx("invalid character '%c' in %s", s[j], s);
return false;
}
-@@ -1359,7 +1359,7 @@ bool alt_parse(acme_t *a, char *alt)
+@@ -1460,7 +1460,7 @@ bool alt_parse(acme_t *a, char *alt)
size_t len = 0;
char *tok = strtok(alt, ":");
while (tok && len < sizeof(a->alt_fp)) {
Home |
Main Index |
Thread Index |
Old Index