Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package uacme for openSUSE:Factory checked in at 2022-12-05 18:01:00 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/uacme (Old) and /work/SRC/openSUSE:Factory/.uacme.new.1835 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "uacme" Mon Dec 5 18:01:00 2022 rev:2 rq:1040043 version:1.7.3 Changes: -------- --- /work/SRC/openSUSE:Factory/uacme/uacme.changes 2022-09-19 16:03:59.754256012 +0200 +++ /work/SRC/openSUSE:Factory/.uacme.new.1835/uacme.changes 2022-12-05 18:01:05.452545549 +0100 @@ -1,0 +2,10 @@ +Sat Dec 3 13:38:24 UTC 2022 - Adrian Schröter <adr...@suse.de> + +- Update to version 1.7.3 + * ualpn.c: fix build with mbedtls 2.x ⦠+ * LibreSSL > 3.5.0 has ASN1_TIME_diff() + * Enable --must-staple support with LibreSSL > 3.5.0 ⦠+ * Add Unix philosophy link to README.md + * Compatibility wth LibreSSL + +------------------------------------------------------------------- Old: ---- uacme-1.7.2.tar.gz New: ---- uacme-1.7.3.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ uacme.spec ++++++ --- /var/tmp/diff_new_pack.EDP5uD/_old 2022-12-05 18:01:05.940548207 +0100 +++ /var/tmp/diff_new_pack.EDP5uD/_new 2022-12-05 18:01:05.952548272 +0100 @@ -18,7 +18,7 @@ Name: uacme -Version: 1.7.2 +Version: 1.7.3 Release: 0 Summary: A minimal ACMEv2 client License: GPL-3.0-or-later ++++++ uacme-1.7.2.tar.gz -> uacme-1.7.3.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.2/ChangeLog new/uacme-1.7.3/ChangeLog --- old/uacme-1.7.2/ChangeLog 2022-07-20 21:46:37.000000000 +0200 +++ new/uacme-1.7.3/ChangeLog 2022-09-20 22:02:08.000000000 +0200 @@ -1,3 +1,10 @@ +2022-09-20 Nicola Di Lieto <nicola.dili...@gmail.com> + * Release 1.7.3 + - better compatibility with LibreSSL, require 3.4.2 or later + - uacme: Enable --must-staple support with LibreSSL > 3.5.0 + - ualpn: Fix build issue with mbedTLS 2.x + see https://github.com/ndilieto/uacme/pull/61 + 2022-07-20 Nicola Di Lieto <nicola.dili...@gmail.com> * Release 1.7.2 - uacme: exponential backoff for status polling instead diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.2/NEWS new/uacme-1.7.3/NEWS --- old/uacme-1.7.2/NEWS 2022-07-20 21:46:37.000000000 +0200 +++ new/uacme-1.7.3/NEWS 2022-09-20 22:02:08.000000000 +0200 @@ -1,6 +1,13 @@ uacme NEWS Copyright (C) 2019-2022 Nicola Di Lieto <nicola.dili...@gmail.com> +## [1.7.3] - 2022-09-20 +### Changed +- better compatibility with LibreSSL, require 3.4.2 or later +- uacme: Enable --must-staple support with LibreSSL > 3.5.0 +- ualpn: Fix build issue with mbedTLS 2.x + see https://github.com/ndilieto/uacme/pull/61 + ## [1.7.2] - 2022-07-20 ### Added - uacme: exponential backoff for status polling instead of diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.2/README.md new/uacme-1.7.3/README.md --- old/uacme-1.7.2/README.md 2022-07-20 21:46:37.000000000 +0200 +++ new/uacme-1.7.3/README.md 2022-09-20 22:02:08.000000000 +0200 @@ -10,6 +10,10 @@ certificate management functions, such as certificate revocation. ## Features +* **Lightweight** - Unlike most other ACME clients [uacme][uacme] does one +thing only and tries to do it well, according to the [Unix philosophy][uph]. +For example don't expect it to automatically set up your webserver to use the +certificates it obtains. * **Written in C** - It runs on any unix machine, including Linux, BSD, ... * **Minimal dependencies** - Other than the standard C library, [uacme][uacme] depends only on [libcurl][libcurl] and one of [GnuTLS][GnuTLS], @@ -57,13 +61,14 @@ ``` git clone -b upstream/latest https://github.com/ndilieto/uacme ``` -[uacme][uacme] packages are available for several distributions: +[uacme][uacme] is included in several distributions: * https://packages.debian.org/uacme * https://packages.ubuntu.com/uacme * https://software.opensuse.org/package/uacme * https://pkgs.alpinelinux.org/packages?name=uacme * https://aur.archlinux.org/packages/uacme +* https://voidlinux.org/packages/?q=uacme * https://cvsweb.openbsd.org/ports/security/uacme * https://www.freshports.org/security/uacme * https://github.com/openwrt/packages/tree/master/net/uacme @@ -244,6 +249,7 @@ [OpenSSL]: https://www.openssl.org [mbedTLS]: https://tls.mbed.org [le]: https://letsencrypt.org +[uph]: https://en.wikipedia.org/wiki/Unix_philosophy [uacme.sh]: https://github.com/ndilieto/uacme/blob/master/uacme.sh [ualpn.sh]: https://github.com/ndilieto/uacme/blob/master/ualpn.sh [tls-alpn-01]: #tls-alpn-01-challenge-support diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.2/crypto.c new/uacme-1.7.3/crypto.c --- old/uacme-1.7.2/crypto.c 2022-07-20 21:46:37.000000000 +0200 +++ new/uacme-1.7.3/crypto.c 2022-09-20 22:02:08.000000000 +0200 @@ -116,6 +116,9 @@ #if OPENSSL_VERSION_NUMBER < 0x1010100fL #error OpenSSL version 1.1.1 or later is required #endif +#if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x3040200fL +#error LibreSSL version 3.4.2 or later is required +#endif bool crypto_init(void) { @@ -2345,11 +2348,11 @@ } sk_X509_EXTENSION_push(exts, ext); if (status_req) { -#if defined(LIBRESSL_VERSION_NUMBER) +#if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x3050000fL warnx("csr_gen: -m, --must-staple is not supported by LibreSSL " - "- consider recompiling with OpenSSL"); + "earlier than 3.5.0 - consider updating it"); goto out; -#endif +#else ext = X509V3_EXT_conf_nid(NULL, NULL, NID_tlsfeature, "status_request"); if (!ext) { @@ -2357,6 +2360,7 @@ goto out; } sk_X509_EXTENSION_push(exts, ext); +#endif } if (!X509_REQ_add_extensions(crq, exts)) { openssl_error("csr_gen"); @@ -4346,7 +4350,7 @@ goto out; int days_left; const ASN1_TIME *tm = X509_get0_notAfter(crt[0]); -#if defined(LIBRESSL_VERSION_NUMBER) +#if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x3050000fL struct tm tcrt; if (tm && ASN1_time_parse((const char *)tm->data, tm->length, &tcrt, tm->type) != -1) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.2/docs/uacme.html new/uacme-1.7.3/docs/uacme.html --- old/uacme-1.7.2/docs/uacme.html 2022-07-20 21:46:37.000000000 +0200 +++ new/uacme-1.7.3/docs/uacme.html 2022-09-20 22:02:08.000000000 +0200 @@ -1336,9 +1336,9 @@ <div id="footnotes"><hr></div> <div id="footer"> <div id="footer-text"> -Version 1.7.2<br> +Version 1.7.3<br> Last updated - 2022-07-20 21:26:32 CEST + 2022-07-20 21:54:31 CEST </div> </div> </body> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.2/docs/ualpn.html new/uacme-1.7.3/docs/ualpn.html --- old/uacme-1.7.2/docs/ualpn.html 2022-07-20 21:46:37.000000000 +0200 +++ new/uacme-1.7.3/docs/ualpn.html 2022-09-20 22:02:08.000000000 +0200 @@ -1188,9 +1188,9 @@ <div id="footnotes"><hr></div> <div id="footer"> <div id="footer-text"> -Version 1.7.2<br> +Version 1.7.3<br> Last updated - 2022-07-20 21:26:32 CEST + 2022-07-20 21:54:31 CEST </div> </div> </body> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.2/uacme.1 new/uacme-1.7.3/uacme.1 --- old/uacme-1.7.2/uacme.1 2022-07-20 21:46:37.000000000 +0200 +++ new/uacme-1.7.3/uacme.1 2022-09-20 22:02:08.000000000 +0200 @@ -2,12 +2,12 @@ .\" Title: uacme .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> -.\" Date: 07/20/2022 +.\" Date: 09/20/2022 .\" Manual: User Commands -.\" Source: uacme 1.7.2 +.\" Source: uacme 1.7.3 .\" Language: English .\" -.TH "UACME" "1" "07/20/2022" "uacme 1\&.7\&.2" "User Commands" +.TH "UACME" "1" "09/20/2022" "uacme 1\&.7\&.3" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.2/ualpn.1 new/uacme-1.7.3/ualpn.1 --- old/uacme-1.7.2/ualpn.1 2022-07-20 21:46:37.000000000 +0200 +++ new/uacme-1.7.3/ualpn.1 2022-09-20 22:02:08.000000000 +0200 @@ -2,12 +2,12 @@ .\" Title: ualpn .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> -.\" Date: 07/20/2022 +.\" Date: 09/20/2022 .\" Manual: User Commands -.\" Source: ualpn 1.7.2 +.\" Source: ualpn 1.7.3 .\" Language: English .\" -.TH "UALPN" "1" "07/20/2022" "ualpn 1\&.7\&.2" "User Commands" +.TH "UALPN" "1" "09/20/2022" "ualpn 1\&.7\&.3" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uacme-1.7.2/ualpn.c new/uacme-1.7.3/ualpn.c --- old/uacme-1.7.2/ualpn.c 2022-07-20 21:46:37.000000000 +0200 +++ new/uacme-1.7.3/ualpn.c 2022-09-20 22:02:08.000000000 +0200 @@ -118,6 +118,10 @@ mbedtls_strerror(code, buf, sizeof(buf)); return buf; } + +#ifndef MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE +#define MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE -1 +#endif #endif #if !defined(EAGAIN)
