Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package uacme for openSUSE:Factory checked in at 2024-02-06 16:35:27 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/uacme (Old) and /work/SRC/openSUSE:Factory/.uacme.new.1815 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "uacme" Tue Feb 6 16:35:27 2024 rev:4 rq:1144501 version:1.7.5 Changes: -------- --- /work/SRC/openSUSE:Factory/uacme/uacme.changes 2023-06-30 19:59:04.629716599 +0200 +++ /work/SRC/openSUSE:Factory/.uacme.new.1815/uacme.changes 2024-02-06 16:36:17.214821628 +0100 @@ -1,0 +2,8 @@ +Fri Feb 2 08:05:04 UTC 2024 - Martin Hauke <mar...@gmx.de> + +- Update to version 1.7.5 + * fix ualpn exit code in client mode + * fix build with autoconf version 2.71 + * nsupdate.sh overhaul and DNAME redirection support + +------------------------------------------------------------------- Old: ---- uacme-1.7.4.tar.gz New: ---- uacme-1.7.5.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ uacme.spec ++++++ --- /var/tmp/diff_new_pack.1Tdnfz/_old 2024-02-06 16:36:17.702839283 +0100 +++ /var/tmp/diff_new_pack.1Tdnfz/_new 2024-02-06 16:36:17.706839428 +0100 @@ -1,8 +1,8 @@ # # spec file for package uacme # -# Copyright (c) 2023 SUSE LLC -# Copyright (c) 2020, Martin Hauke <mar...@gmx.de> +# Copyright (c) 2024 SUSE LLC +# Copyright (c) 2020-2024, Martin Hauke <mar...@gmx.de> # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ Name: uacme -Version: 1.7.4 +Version: 1.7.5 Release: 0 Summary: A minimal ACMEv2 client License: GPL-3.0-or-later ++++++ uacme-1.7.4.tar.gz -> uacme-1.7.5.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/ChangeLog new/uacme-1.7.5/ChangeLog --- old/uacme-1.7.4/ChangeLog 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/ChangeLog 2024-01-28 21:03:31.000000000 +0100 @@ -1,3 +1,13 @@ +2024-01-28 Nicola Di Lieto <nicola.dili...@gmail.com> + * Release 1.7.5 + - fix ualpn exit code in client mode + Fixes https://github.com/ndilieto/uacme/issues/76 + - fix build with autoconf version 2.71 + See https://github.com/ndilieto/uacme/pull/70 + - uacme: nsupdate.sh overhaul and DNAME redirection support + - add link to deSEC.io DNS integration + - minor documentation changes including copyright year + 2023-02-15 Nicola Di Lieto <nicola.dili...@gmail.com> * Release 1.7.4 - uacme: Validate token from ACME server. Fixes diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/Makefile.am new/uacme-1.7.5/Makefile.am --- old/uacme-1.7.4/Makefile.am 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/Makefile.am 2024-01-28 21:03:31.000000000 +0100 @@ -1,4 +1,4 @@ -# Copyright (C) 2019-2023 Nicola Di Lieto <nicola.dili...@gmail.com> +# Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dili...@gmail.com> # # This file is part of uacme. # diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/NEWS new/uacme-1.7.5/NEWS --- old/uacme-1.7.4/NEWS 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/NEWS 2024-01-28 21:03:31.000000000 +0100 @@ -1,5 +1,15 @@ uacme NEWS -Copyright (C) 2019-2023 Nicola Di Lieto <nicola.dili...@gmail.com> +Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dili...@gmail.com> + +## [1.7.5] - 2024-01-28 +### Changed +- fix ualpn exit code in client mode + Fixes https://github.com/ndilieto/uacme/issues/76 +- fix build with autoconf version 2.71 + See https://github.com/ndilieto/uacme/pull/70 +- uacme: nsupdate.sh overhaul and DNAME redirection support +- add link to deSEC.io DNS integration +- minor documentation changes including copyright year ## [1.7.4] - 2023-02-15 ### Changed diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/README new/uacme-1.7.5/README --- old/uacme-1.7.4/README 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/README 2024-01-28 21:03:31.000000000 +0100 @@ -1,5 +1,5 @@ uacme README -Copyright (C) 2019-2023 Nicola Di Lieto <nicola.dili...@gmail.com> +Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dili...@gmail.com> uacme is a client for the RFC8555 ACMEv2 protocol. Additional information can be found at <https://github.com/ndilieto/uacme> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/README.md new/uacme-1.7.5/README.md --- old/uacme-1.7.4/README.md 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/README.md 2024-01-28 21:03:31.000000000 +0100 @@ -165,6 +165,8 @@ https://github.com/tdy91/uacme-gandi-hook works with [gandi.net][gandi]. +https://sr.ht/~jacksonchen666/uacme-desec-hook/ works with [deSEC.io][desec]. + ## tls-alpn-01 challenge support [ualpn][ualpn] is a lightweight proxying [tls-alpn-01][RFC8737] challenge @@ -264,3 +266,4 @@ [libev]: http://libev.schmorp.de [splice]: https://en.wikipedia.org/wiki/Splice_%28system_call%29 [proxy]: http://www.haproxy.org/download/1.8/doc/proxy-protocol.txt +[desec]: https://desec.readthedocs.io/en/latest/ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/base64.c new/uacme-1.7.5/base64.c --- old/uacme-1.7.4/base64.c 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/base64.c 2024-01-28 21:03:31.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 Nicola Di Lieto <nicola.dili...@gmail.com> + * Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dili...@gmail.com> * * This file is part of uacme. * diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/base64.h new/uacme-1.7.5/base64.h --- old/uacme-1.7.4/base64.h 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/base64.h 2024-01-28 21:03:31.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 Nicola Di Lieto <nicola.dili...@gmail.com> + * Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dili...@gmail.com> * * This file is part of uacme. * diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/configure.ac new/uacme-1.7.5/configure.ac --- old/uacme-1.7.4/configure.ac 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/configure.ac 2024-01-28 21:03:31.000000000 +0100 @@ -1,4 +1,4 @@ -# Copyright (C) 2019-2023 Nicola Di Lieto <nicola.dili...@gmail.com> +# Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dili...@gmail.com> # # This file is part of uacme. # @@ -340,28 +340,31 @@ AC_RUN_IFELSE([AC_LANG_SOURCE([#include <sys/mman.h> int main() {return mmap(0, 4096, PROT_READ|PROT_WRITE, MAP_ANON|MAP_SHARED, -1, 0) == MAP_FAILED;}])], - AC_DEFINE(HAVE_MAP_ANON, 1, [if mmap(MAP_ANON|MAP_SHARED) works]) - AC_MSG_RESULT([yes]), - AC_MSG_RESULT([no]) - AC_MSG_CHECKING([if mmap("/dev/zero", MAP_SHARED) works]) - AC_RUN_IFELSE([AC_LANG_SOURCE([#include <sys/mman.h> - #include <sys/stat.h> - #include <fcntl.h> - int main() {return mmap(0, 4096, PROT_READ|PROT_WRITE, - MAP_ANON|MAP_SHARED, open("/dev/zero", O_RDWR), 0) == - MAP_FAILED;}])], - AC_DEFINE(HAVE_MAP_DEVZERO, 1, [if mmap("/dev/zero", MAP_SHARED) works]) - AC_MSG_RESULT([yes]), - AC_MSG_RESULT([no]) - AC_MSG_ERROR([ualpn requires MAP_ANON or mmap("/dev/zero", MAP_SHARED)])), - AC_COMPILE_IFELSE([AC_LANG_SOURCE([#include <sys/mman.h> - int main() {return mmap(0, 4096, PROT_READ|PROT_WRITE, - MAP_ANON|MAP_SHARED, -1, 0) == MAP_FAILED;}])], + [ AC_DEFINE(HAVE_MAP_ANON, 1, [if mmap(MAP_ANON|MAP_SHARED) works]) - AC_MSG_RESULT([yes]), + AC_MSG_RESULT([yes]) + ], [ AC_MSG_RESULT([no]) - AC_MSG_NOTICE([falling back to mmap("/dev/zero", MAP_SHARED)]) - AC_DEFINE(HAVE_MAP_DEVZERO, 1, [if mmap("/dev/zero", MAP_SHARED) works]))) + AC_MSG_CHECKING([if mmap("/dev/zero", MAP_SHARED) works]) + AC_RUN_IFELSE([AC_LANG_SOURCE([#include <sys/mman.h> + #include <sys/stat.h> + #include <fcntl.h> + int main() {return mmap(0, 4096, PROT_READ|PROT_WRITE, + MAP_ANON|MAP_SHARED, open("/dev/zero", O_RDWR), 0) == + MAP_FAILED;}])], + AC_DEFINE(HAVE_MAP_DEVZERO, 1, [if mmap("/dev/zero", MAP_SHARED) works]) + AC_MSG_RESULT([yes]), + AC_MSG_RESULT([no]) + AC_MSG_ERROR([ualpn requires MAP_ANON or mmap("/dev/zero", MAP_SHARED)])), + AC_COMPILE_IFELSE([AC_LANG_SOURCE([#include <sys/mman.h> + int main() {return mmap(0, 4096, PROT_READ|PROT_WRITE, + MAP_ANON|MAP_SHARED, -1, 0) == MAP_FAILED;}])], + AC_DEFINE(HAVE_MAP_ANON, 1, [if mmap(MAP_ANON|MAP_SHARED) works]) + AC_MSG_RESULT([yes]), + AC_MSG_RESULT([no]) + AC_MSG_NOTICE([falling back to mmap("/dev/zero", MAP_SHARED)]) + AC_DEFINE(HAVE_MAP_DEVZERO, 1, [if mmap("/dev/zero", MAP_SHARED) works])) + ]) AC_ARG_ENABLE(splice, AS_HELP_STRING([--disable-splice], [disable splice])) if test "x$enable_splice" != "xno"; then AC_CHECK_FUNCS([splice]) @@ -406,4 +409,3 @@ AC_CONFIG_HEADERS([config.h]) AC_CONFIG_FILES([Makefile]) AC_OUTPUT - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/crypto.c new/uacme-1.7.5/crypto.c --- old/uacme-1.7.4/crypto.c 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/crypto.c 2024-01-28 21:03:31.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 Nicola Di Lieto <nicola.dili...@gmail.com> + * Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dili...@gmail.com> * * This file is part of uacme. * diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/crypto.h new/uacme-1.7.5/crypto.h --- old/uacme-1.7.4/crypto.h 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/crypto.h 2024-01-28 21:03:31.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 Nicola Di Lieto <nicola.dili...@gmail.com> + * Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dili...@gmail.com> * * This file is part of uacme. * diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/curlwrap.c new/uacme-1.7.5/curlwrap.c --- old/uacme-1.7.4/curlwrap.c 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/curlwrap.c 2024-01-28 21:03:31.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 Nicola Di Lieto <nicola.dili...@gmail.com> + * Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dili...@gmail.com> * * This file is part of uacme. * diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/curlwrap.h new/uacme-1.7.5/curlwrap.h --- old/uacme-1.7.4/curlwrap.h 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/curlwrap.h 2024-01-28 21:03:31.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 Nicola Di Lieto <nicola.dili...@gmail.com> + * Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dili...@gmail.com> * * This file is part of uacme. * diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/docs/uacme.html new/uacme-1.7.5/docs/uacme.html --- old/uacme-1.7.4/docs/uacme.html 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/docs/uacme.html 2024-01-28 21:03:31.000000000 +0100 @@ -1318,7 +1318,7 @@ <div class="sect1"> <h2 id="_copyright">COPYRIGHT</h2> <div class="sectionbody"> -<div class="paragraph"><p>Copyright © 2019-2023 Nicola Di Lieto <<a href="mailto:nicola.dili...@gmail.com";>nicola.dili...@gmail.com</a>></p></div> +<div class="paragraph"><p>Copyright © 2019-2024 Nicola Di Lieto <<a href="mailto:nicola.dili...@gmail.com";>nicola.dili...@gmail.com</a>></p></div> <div class="paragraph"><p>This file is part of <strong>uacme</strong>.</p></div> <div class="paragraph"><p><strong>uacme</strong> is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -1336,9 +1336,9 @@ <div id="footnotes"><hr></div> <div id="footer"> <div id="footer-text"> -Version 1.7.4<br> +Version 1.7.5<br> Last updated - 2023-02-15 21:19:35 CET + 2024-01-28 20:29:11 CET </div> </div> </body> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/docs/ualpn.html new/uacme-1.7.5/docs/ualpn.html --- old/uacme-1.7.4/docs/ualpn.html 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/docs/ualpn.html 2024-01-28 21:03:31.000000000 +0100 @@ -1170,7 +1170,7 @@ <div class="sect1"> <h2 id="_copyright">COPYRIGHT</h2> <div class="sectionbody"> -<div class="paragraph"><p>Copyright © 2019-2023 Nicola Di Lieto <<a href="mailto:nicola.dili...@gmail.com";>nicola.dili...@gmail.com</a>></p></div> +<div class="paragraph"><p>Copyright © 2019-2024 Nicola Di Lieto <<a href="mailto:nicola.dili...@gmail.com";>nicola.dili...@gmail.com</a>></p></div> <div class="paragraph"><p>This file is part of <strong>uacme</strong>.</p></div> <div class="paragraph"><p><strong>uacme</strong> is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -1188,9 +1188,9 @@ <div id="footnotes"><hr></div> <div id="footer"> <div id="footer-text"> -Version 1.7.4<br> +Version 1.7.5<br> Last updated - 2023-02-15 21:19:35 CET + 2024-01-20 20:29:11 CET </div> </div> </body> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/json.c new/uacme-1.7.5/json.c --- old/uacme-1.7.4/json.c 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/json.c 2024-01-28 21:03:31.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 Nicola Di Lieto <nicola.dili...@gmail.com> + * Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dili...@gmail.com> * * This file is part of uacme. * diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/json.h new/uacme-1.7.5/json.h --- old/uacme-1.7.4/json.h 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/json.h 2024-01-28 21:03:31.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 Nicola Di Lieto <nicola.dili...@gmail.com> + * Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dili...@gmail.com> * * This file is part of uacme. * diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/log.c new/uacme-1.7.5/log.c --- old/uacme-1.7.4/log.c 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/log.c 2024-01-28 21:03:31.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 Nicola Di Lieto <nicola.dili...@gmail.com> + * Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dili...@gmail.com> * * This file is part of uacme. * diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/log.h new/uacme-1.7.5/log.h --- old/uacme-1.7.4/log.h 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/log.h 2024-01-28 21:03:31.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 Nicola Di Lieto <nicola.dili...@gmail.com> + * Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dili...@gmail.com> * * This file is part of uacme. * diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/msg.c new/uacme-1.7.5/msg.c --- old/uacme-1.7.4/msg.c 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/msg.c 2024-01-28 21:03:31.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 Nicola Di Lieto <nicola.dili...@gmail.com> + * Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dili...@gmail.com> * * This file is part of uacme. * diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/msg.h new/uacme-1.7.5/msg.h --- old/uacme-1.7.4/msg.h 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/msg.h 2024-01-28 21:03:31.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 Nicola Di Lieto <nicola.dili...@gmail.com> + * Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dili...@gmail.com> * * This file is part of uacme. * diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/nsupdate.sh new/uacme-1.7.5/nsupdate.sh --- old/uacme-1.7.4/nsupdate.sh 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/nsupdate.sh 2024-01-28 21:03:31.000000000 +0100 @@ -1,5 +1,6 @@ #!/bin/sh # Copyright (C) 2020 Michel Stam <mic...@reverze.net> +# Copyright (C) 2023 Michal Roszkowski # # This file is part of uacme. # @@ -20,135 +21,181 @@ DIG=dig NSUPDATE=nsupdate +# Server to which updates will be sent. If not specified it will +# be obtained from MNAME in the SOA record. +NSUPDATE_SERVER= + # Files -# RNDC_KEY_{NSUPDATE,DIG} -# if you wish to specify an RDC key for TSIG transactions, do so -# here. If you do, also make sure /etc/named.conf specifies the +# {NSUPDATE,DIG}_KEY +# If you wish to sign transactions using TSIG, specify the keyfile +# here. If you do, also make sure named.conf specifies the # key "KEYNAME"; in the zone that must be updated (and disallow # all others for safety) -RNDC_KEY_NSUPDATE= -RNDC_KEY_DIG= +NSUPDATE_KEY= +DIG_KEY= + +ARGS=5 +E_BADARGS=85 + +if [ $# -ne "$ARGS" ]; then + echo "Usage: $(basename "$0") method type ident token auth" 1>&2 + exit $E_BADARGS +fi -# Arguments METHOD=$1 TYPE=$2 IDENT=$3 TOKEN=$4 AUTH=$5 -ns_getdomain() +ns_getns() { - local domain=$1 + local zone=$1 + local answer - [ -n "$domain" ] || return - set -- $($DIG ${RNDC_KEY_DIG:+-k ${RNDC_KEY_DIG}} +noall +authority "$domain" SOA 2>/dev/null) + [ -n "$zone" ] && answer=$($DIG ${DIG_KEY:+-k ${DIG_KEY}} +noall +nottl +noclass +answer "$zone" NS) || return - echo $1 -} - -ns_getprimary() -{ - local domain=$1 - - [ -n "$domain" ] || return - set -- $($DIG ${RNDC_KEY_DIG:+-k ${RNDC_KEY_DIG}} +short "$domain" SOA 2>/dev/null) - - echo $1 + local owner + local type + local rdata + while read -r owner type rdata; do + [ "$type" = NS ] && echo $rdata + done <<-EOF + $answer + EOF } ns_getall() { - local domain=$1 - - [ -n "$domain" ] || return 1 + local name=$1 + local answer + local zone + local primary + + [ -n "$name" ] && answer=$($DIG ${DIG_KEY:+-k ${DIG_KEY}} +noall +nottl +noclass +answer +authority "$name" SOA) || return + + name=${name%.}. + + local owner + local type + local rdata + while read -r owner type rdata; do + case "$type" in + CNAME) + name=$rdata + ;; + DNAME) + name=${name%$owner}$rdata + ;; + SOA) + zone=$owner + set -- $rdata && primary=$1 + ;; + esac + done <<-EOF + $answer + EOF - $DIG ${RNDC_KEY_DIG:+-k ${RNDC_KEY_DIG}} +short "$domain" NS 2>/dev/null + echo $name $zone $primary } ns_ispresent() { - local fqhn="$1" - local expect="$2" - local domain=$(ns_getdomain "$fqhn") - local nameservers=$(ns_getall "$domain") - local res - local ret - - for NS in $nameservers; do - OLDIFS="${IFS}" - IFS='.' - set -- $($DIG ${RNDC_KEY_DIG:+-k ${RNDC_KEY_DIG}} +short "@$NS" "$fqhn" TXT 2>/dev/null) - IFS="${OLDIFS}" - { [ "$*" = "$expect" ] || [ "$*" = "\"$expect\"" ] ; } || return 1 + local challenge=$2 + set -- $(ns_getall "$1") + local name=$1 + local nameservers=$(ns_getns "$2") + local answer + local target + local rc=1 + + local ns + for ns in $nameservers; do + answer=$($DIG ${DIG_KEY:+-k ${DIG_KEY}} +noall +nottl +noclass +answer "@$ns" "$name" TXT) || continue + target= + + local owner + local type + local rdata + while read -r owner type rdata; do + case "$type" in + CNAME) + target=$rdata + ;; + DNAME) + [ -n "$target" ] && target=${target%$owner}$rdata || target=${name%$owner}$rdata + ;; + TXT) + [ "$rdata" = \"$challenge\" ] && rc=0 && continue 2 + target= + ;; + esac + done <<-EOF + $answer + EOF + + [ -n "$target" ] && ns_ispresent "$target" "$challenge" && rc=0 || return 1 done - return 0 + return $rc } ns_doupdate() { - local fqhn="$1" - local challenge="$2" - local ttl=600 - local domain=$(ns_getdomain "$fqhn") - local nameserver=$(ns_getprimary "$domain") - local action= - - [ -n "$nameserver" ] || return - - if [ -n "${challenge}" ]; then - action="update add ${fqhn}. ${ttl} IN TXT ${challenge}" - else - action="update del ${fqhn}." - fi - - $NSUPDATE ${RNDC_KEY_NSUPDATE:+-k ${RNDC_KEY_NSUPDATE}} -v <<-EOF - server ${nameserver} - ${action} - send -EOF + local action=$1 + local challenge=$3 + set -- $(ns_getall "$2") + local name=$1 + local zone=$2 + local server=${NSUPDATE_SERVER:-$3} + local ttl=300 + + [ -n "$server" ] && [ -n "$zone" ] && [ -n "$name" ] && [ -n "$challenge" ] || return 1 + + $NSUPDATE ${NSUPDATE_KEY:+-k ${NSUPDATE_KEY}} -v <<-EOF + server ${server} + zone ${zone} + update ${action} ${name} ${ttl} IN TXT ${challenge} + send + EOF return $? } ns_update() { - local fqhn="$1" - local challenge="$2" + local action=$1 + local name=$2 + local challenge=$3 + local retries=5 + local delay=5 local count=0 - local res - res=1 - while [ $res -ne 0 ]; do - if [ $count -eq 0 ]; then - ns_doupdate "$fqhn" "$challenge" - res=$? - [ $res -eq 0 ] || break - else - sleep 1 - fi - - count=$(((count + 1) % 5)) - ns_ispresent "$fqhn" "$challenge" - res=$? + ns_doupdate "$action" "$name" "$challenge" || return 1 + + while sleep $delay; do + case "$action" in + add) + ns_ispresent "$name" "$challenge" && break + ;; + del) + ns_ispresent "$name" "$challenge" || break + ;; + *) + return 1 + esac + [ $count -lt $retries ] || return 1 + count=$((count + 1)) done - return $res + return 0 } -ARGS=5 -E_BADARGS=85 - -if [ $# -ne "$ARGS" ]; then - echo "Usage: $(basename "$0") method type ident token auth" 1>&2 - exit $E_BADARGS -fi - case "$METHOD" in "begin") case "$TYPE" in dns-01) - ns_update "_acme-challenge.$IDENT" "$AUTH" + ns_update add "_acme-challenge.$IDENT" "$AUTH" exit $? ;; *) @@ -160,7 +207,7 @@ "done"|"failed") case "$TYPE" in dns-01) - ns_update "_acme-challenge.$IDENT" + ns_update del "_acme-challenge.$IDENT" "$AUTH" exit $? ;; *) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/uacme.1 new/uacme-1.7.5/uacme.1 --- old/uacme-1.7.4/uacme.1 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/uacme.1 2024-01-28 21:03:31.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: uacme .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> -.\" Date: 02/15/2023 +.\" Date: 01/28/2024 .\" Manual: User Commands -.\" Source: uacme 1.7.4 +.\" Source: uacme 1.7.5 .\" Language: English .\" -.TH "UACME" "1" "02/15/2023" "uacme 1\&.7\&.4" "User Commands" +.TH "UACME" "1" "01/28/2024" "uacme 1\&.7\&.5" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -503,7 +503,7 @@ \fBuacme\fR was written by Nicola Di Lieto .SH "COPYRIGHT" .sp -Copyright \(co 2019\-2023 Nicola Di Lieto <nicola\&.dilieto@gmail\&.com> +Copyright \(co 2019\-2024 Nicola Di Lieto <nicola\&.dilieto@gmail\&.com> .sp This file is part of \fBuacme\fR\&. .sp diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/uacme.1.txt new/uacme-1.7.5/uacme.1.txt --- old/uacme-1.7.4/uacme.1.txt 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/uacme.1.txt 2024-01-28 21:03:31.000000000 +0100 @@ -320,7 +320,7 @@ COPYRIGHT --------- -Copyright (C) 2019-2023 Nicola Di Lieto <nicola.dili...@gmail.com> +Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dili...@gmail.com> This file is part of *uacme*. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/uacme.c new/uacme-1.7.5/uacme.c --- old/uacme-1.7.4/uacme.c 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/uacme.c 2024-01-28 21:03:31.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 Nicola Di Lieto <nicola.dili...@gmail.com> + * Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dili...@gmail.com> * * This file is part of uacme. * @@ -1390,7 +1390,7 @@ void version(const char *progname) { fprintf(stderr, "%s: version " PACKAGE_VERSION "\n" - "Copyright (C) 2019-2023 Nicola Di Lieto\n\n" + "Copyright (C) 2019-2024 Nicola Di Lieto\n\n" "%s is free software: you can redistribute and/or modify\n" "it under the terms of the GNU General Public License as\n" "published by the Free Software Foundation, either version 3\n" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/uacme.sh new/uacme-1.7.5/uacme.sh --- old/uacme-1.7.4/uacme.sh 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/uacme.sh 2024-01-28 21:03:31.000000000 +0100 @@ -1,5 +1,5 @@ #!/bin/sh -# Copyright (C) 2019-2023 Nicola Di Lieto <nicola.dili...@gmail.com> +# Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dili...@gmail.com> # # This file is part of uacme. # diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/ualpn.1 new/uacme-1.7.5/ualpn.1 --- old/uacme-1.7.4/ualpn.1 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/ualpn.1 2024-01-28 21:03:31.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: ualpn .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> -.\" Date: 02/15/2023 +.\" Date: 01/28/2024 .\" Manual: User Commands -.\" Source: ualpn 1.7.4 +.\" Source: ualpn 1.7.5 .\" Language: English .\" -.TH "UALPN" "1" "02/15/2023" "ualpn 1\&.7\&.4" "User Commands" +.TH "UALPN" "1" "01/28/2024" "ualpn 1\&.7\&.5" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -379,7 +379,7 @@ \fBualpn\fR was written by Nicola Di Lieto .SH "COPYRIGHT" .sp -Copyright \(co 2019\-2023 Nicola Di Lieto <nicola\&.dilieto@gmail\&.com> +Copyright \(co 2019\-2024 Nicola Di Lieto <nicola\&.dilieto@gmail\&.com> .sp This file is part of \fBuacme\fR\&. .sp diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/ualpn.1.txt new/uacme-1.7.5/ualpn.1.txt --- old/uacme-1.7.4/ualpn.1.txt 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/ualpn.1.txt 2024-01-28 21:03:31.000000000 +0100 @@ -268,7 +268,7 @@ COPYRIGHT --------- -Copyright (C) 2019-2023 Nicola Di Lieto <nicola.dili...@gmail.com> +Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dili...@gmail.com> This file is part of *uacme*. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/ualpn.c new/uacme-1.7.5/ualpn.c --- old/uacme-1.7.4/ualpn.c 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/ualpn.c 2024-01-28 21:03:31.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 Nicola Di Lieto <nicola.dili...@gmail.com> + * Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dili...@gmail.com> * * This file is part of uacme. * @@ -4024,7 +4024,7 @@ void version(void) { fprintf(stderr, "%s: version " PACKAGE_VERSION "\n" - "Copyright (C) 2019-2023 Nicola Di Lieto\n\n" + "Copyright (C) 2019-2024 Nicola Di Lieto\n\n" "%s is free software: you can redistribute and/or modify\n" "it under the terms of the GNU General Public License as\n" "published by the Free Software Foundation, either version 3\n" @@ -4434,24 +4434,38 @@ cleanup_and_exit(0, EXIT_FAILURE); } + rc = EXIT_SUCCESS; while (1) { ssize_t r = getline(&line, &len, stdin); - if (r == -1) + if (r == -1) { + if (!feof(stdin)) { + rc = EXIT_FAILURE; + err("failed to get line from stdin"); + } break; - + } if (fputs(line, f) < 0) { + rc = EXIT_FAILURE; err("failed to write to %s", g.socket); break; } r = getline(&line, &len, f); - if (r == -1) + if (r == -1) { + if (!feof(f)) { + rc = EXIT_FAILURE; + err("failed to read from %s", g.socket); + } break; - fputs(line, stdout); + } + if (fputs(line, stdout) < 0) { + rc = EXIT_FAILURE; + err("failed to write to stdout"); + break; + } } - free(line); fclose(f); - cleanup_and_exit(0, EXIT_FAILURE); + cleanup_and_exit(0, rc); } if (g.connect == NULL) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.4/ualpn.sh new/uacme-1.7.5/ualpn.sh --- old/uacme-1.7.4/ualpn.sh 2023-02-15 21:21:00.000000000 +0100 +++ new/uacme-1.7.5/ualpn.sh 2024-01-28 21:03:31.000000000 +0100 @@ -1,5 +1,5 @@ #!/bin/sh -# Copyright (C) 2019-2023 Nicola Di Lieto <nicola.dili...@gmail.com> +# Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dili...@gmail.com> # # This file is part of uacme. #
