diff options
| author |   Ulrich Müller <ulm@gentoo.org> | 2024-12-27 16:34:57 +0100 |
|---|---|---|
| committer |   Marc Schiffbauer <mschiff@gentoo.org> | 2025-01-03 01:38:38 +0100 |
| commit | 1e9bc7bf78116de4f64fd98a1705da1cd8cac286 (patch) | |
| tree | 6cbf560c5ea61aabd53be8b31a1b64e8a9411a54 /app-crypt | |
| parent | toolchain.eclass: run fixincludes for all mingw targets (diff) | |
| download | gentoo-1e9bc7bf78116de4f64fd98a1705da1cd8cac286.tar.gz gentoo-1e9bc7bf78116de4f64fd98a1705da1cd8cac286.tar.bz2 gentoo-1e9bc7bf78116de4f64fd98a1705da1cd8cac286.zip | |
app-crypt/dehydrated: Ignore output of "openssl req"
Closes: https://bugs.gentoo.org/942637
Signed-off-by: Ulrich Müller <ulm@gentoo.org>
Closes: https://github.com/gentoo/gentoo/pull/39864
Signed-off-by: Marc Schiffbauer <mschiff@gentoo.org>
Diffstat (limited to 'app-crypt')
| -rw-r--r-- | app-crypt/dehydrated/dehydrated-0.7.1-r1.ebuild | 63 | ||||
| -rw-r--r-- | app-crypt/dehydrated/files/dehydrated-0.7.1-openssl-stdout.patch | 19 |
2 files changed, 82 insertions, 0 deletions
diff --git a/app-crypt/dehydrated/dehydrated-0.7.1-r1.ebuild b/app-crypt/dehydrated/dehydrated-0.7.1-r1.ebuild new file mode 100644 index 000000000000..db7d63245d29 --- /dev/null +++ b/app-crypt/dehydrated/dehydrated-0.7.1-r1.ebuild @@ -0,0 +1,63 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="8" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/dehydrated.asc + +inherit verify-sig + +DESCRIPTION="A client for signing certificates with an ACME-server" +HOMEPAGE="https://dehydrated.io/" +SRC_URI=" + https://github.com/dehydrated-io/${PN}/releases/download/v${PV}/${P}.tar.gz + verify-sig? ( https://github.com/dehydrated-io/${PN}/releases/download/v${PV}/${P}.tar.gz.asc ) +" + +LICENSE="MIT" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" +IUSE="+cron" + +BDEPEND="verify-sig? ( sec-keys/openpgp-keys-dehydrated )" +RDEPEND="acct-group/dehydrated + acct-user/dehydrated + app-shells/bash + net-misc/curl + cron? ( virtual/cron )" + +PATCHES=( "${FILESDIR}"/${P}-openssl-stdout.patch ) + +src_configure() { + default + sed -i 's,^#CONFIG_D=.*,CONFIG_D="/etc/dehydrated/config.d",' docs/examples/config \ + || die "could not set config (CONFIG_D)" +} + +src_install() { + dobin ${PN} + insinto /etc/${PN} + doins docs/examples/{config,domains.txt,hook.sh} + fperms u+x /etc/${PN}/hook.sh + dodoc docs/*.md + + insinto /etc/${PN}/config.d + newins "${FILESDIR}"/00_gentoo.sh-r1 00_gentoo.sh + + keepdir /etc/${PN}/domains.d + + doman docs/man/dehydrated.1 + + if use cron ; then + insinto /etc/cron.d + newins "${FILESDIR}"/cron-r1 ${PN} + fi +} + +pkg_postinst() { + if [[ -z "${REPLACING_VERSIONS}" ]] ; then + einfo "See /etc/dehydrated/config for configuration." + + use cron && einfo "After finishing setup you should enable the cronjob in /etc/cron.d/dehydrated." + fi +} diff --git a/app-crypt/dehydrated/files/dehydrated-0.7.1-openssl-stdout.patch b/app-crypt/dehydrated/files/dehydrated-0.7.1-openssl-stdout.patch new file mode 100644 index 000000000000..16e8271d4678 --- /dev/null +++ b/app-crypt/dehydrated/files/dehydrated-0.7.1-openssl-stdout.patch @@ -0,0 +1,19 @@ +https://bugs.gentoo.org/942637 + +commit 4fd777e87e589652b1127b79ac6688ed7cb151fe +Author: Wilfried Teiken <wteiken@teiken.org> +Date: Sun Dec 3 15:07:01 2023 -0500 + + Ignore output of 'openssl req -verify'. + +--- a/dehydrated ++++ b/dehydrated +@@ -1011,7 +1011,7 @@ signed_request() { + extract_altnames() { + csr="${1}" # the CSR itself (not a file) + +- if ! <<<"${csr}" "${OPENSSL}" req -verify -noout 2>/dev/null; then ++ if ! <<<"${csr}" "${OPENSSL}" req -verify -noout >/dev/null 2>&1; then + _exiterr "Certificate signing request isn't valid" + fi + |