From nobody Tue Jan 7 10:12:32 2025 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YS6L873CVz5kJYl; Tue, 07 Jan 2025 10:12:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4YS6L85B9lz53mH; Tue, 7 Jan 2025 10:12:32 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1736244752; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=hfbrhtG7MiZgoJCNhoUNFTiBpuaJd5l8I5zRUl0xgqw=; b=NDHvLW55CfK+SG7VsW05bIuTlgqfK8OvmktYbTN+ANiGiQFt3dKdyU216r3292H/vxAndv Ns/PeJ/nqz0AuJLF94ALcM2gNYJKCO8oFo8ZbNM6Lb3rL4iLTKaqfj2PspnAJwIn5N1ITT xma3Iyp/Bt1FVj6BNbDCa1UD3HWVnw1zVjpXXPwGCJrKIBNy6sxWv/E1AfFNf1fWmWdk4P ya50YTLVp5fp+iXEBX+pWw7fmIYBZCEe9sJs6dDI2/10/umMbdNxLybkWK3c+crA0y7PUJ pCUK75YzeqBp9J/x+KANJdHf0uqYf9awJZGqFhZKDA7hB6dsCoWCK5JkuLYMJQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1736244752; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=hfbrhtG7MiZgoJCNhoUNFTiBpuaJd5l8I5zRUl0xgqw=; b=esbHk6yZBuoUUjeGcSAyx1/PiyPhCjhdozvJt5zQHbjYHZYF4lM9SZm7Id2ZrNnljSlUVx 4WMkcsVO6mfNUcFNDB3L2TnxF12by8YG0Ct1JaUp4SwPB20HV3FiIFxxR4FsllcBWk7CAP 7JQ5JJinIWqFqO0jLIbzYc6DNN97kzSGbXX3LluRPgck2E6OyY+LA4usfXfA/u/81+4BbS KPXVvb2GXXttAhhnx+SVUYyyN2GMbnLwRAaPOChkpxbKXlGZgYapHGqbs4KZGmNcX63XGb bzA+AoDIsRqDEU8O59iuW9nEFX2PWqNhZ1iZa6cnRM+5Nt75Zr3HC5m+mIztuQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1736244752; a=rsa-sha256; cv=none; b=NF8Rnk9JTp4b2rgkd4XYyQoCZUojpN9ezNuaogKSWlQZ5Ho0uIc0bPcusyGSYM8sp6hSka 1W3vFNtb6dcR/aLiLFTisb4Z5QwEIinycgNH76SgUFHL1uasW4gWAUy3pHWBnTyIs2CNYT UcgBBy3lU1n6athVuGoiNbsgCu9iQLUQ16h9CFDPnlhTA2wuYGdqjZyHDWxS41zNg36gLl 7xeEXSffKBL/IP/TxhpD4qkXg/SeBM3KAS+GAxHeFnz4odJGKWK8dgF3Kp5T2QWYBzIpLo K1tpxdMLMMC5lSsfGOb6ablff4SlfcbvhS/2hu3lFRYrCjk1soRwXow1+8Z4qQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4YS6L84pjxz15YB; Tue, 07 Jan 2025 10:12:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 507ACWes028987; Tue, 7 Jan 2025 10:12:32 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 507ACWqE028984; Tue, 7 Jan 2025 10:12:32 GMT (envelope-from git) Date: Tue, 7 Jan 2025 10:12:32 GMT Message-Id: <202501071012.507ACWqE028984@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Vladimir Druzenko <vvd@FreeBSD.org> Subject: git: 7bf02d3f9f50 - main - security/step-certificates: Update 0.27.5 =?utf-8?Q?=E2=86=92?= 0.28.1, fix issues with rc-script List-Id: Commit messages for all branches of the ports repository <dev-commits-ports-all.freebsd.org> List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: <mailto:dev-commits-ports-all+help@freebsd.org> List-Post: <mailto:dev-commits-ports-all@freebsd.org> List-Subscribe: <mailto:dev-commits-ports-all+subscribe@freebsd.org> List-Unsubscribe: <mailto:dev-commits-ports-all+unsubscribe@freebsd.org> X-BeenThere: dev-commits-ports-all@freebsd.org Sender: owner-dev-commits-ports-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: vvd X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 7bf02d3f9f50e6cf47aad822a6333bc59023a946 Auto-Submitted: auto-generated The branch main has been updated by vvd: URL: https://cgit.FreeBSD.org/ports/commit/?id=7bf02d3f9f50e6cf47aad822a6333bc59023a946 commit 7bf02d3f9f50e6cf47aad822a6333bc59023a946 Author: Markus Wipp <mw@wipp.bayern> AuthorDate: 2025-01-07 10:08:18 +0000 Commit: Vladimir Druzenko <vvd@FreeBSD.org> CommitDate: 2025-01-07 10:12:21 +0000 security/step-certificates: Update 0.27.5 → 0.28.1, fix issues with rc-script - Rename rc-script from step-ca to step_ca. - Fix permission issue in step_ca rc-script. Changelogs: https://github.com/smallstep/certificates/releases/tag/v0.28.0 https://github.com/smallstep/certificates/releases/tag/v0.28.1 PR: 283894 282633 --- security/step-certificates/Makefile | 7 +++---- security/step-certificates/distinfo | 10 +++++----- security/step-certificates/files/{step-ca.in => step_ca.in} | 9 +++++---- security/step-certificates/pkg-message | 2 ++ 4 files changed, 15 insertions(+), 13 deletions(-) diff --git a/security/step-certificates/Makefile b/security/step-certificates/Makefile index dd3daf6c32a2..d70b9816948b 100644 --- a/security/step-certificates/Makefile +++ b/security/step-certificates/Makefile @@ -1,11 +1,10 @@ PORTNAME= step-certificates DISTVERSIONPREFIX= v -DISTVERSION= 0.27.5 -PORTREVISION= 1 +DISTVERSION= 0.28.1 CATEGORIES= security MAINTAINER= mw@wipp.bayern -COMMENT= Smallstep step-ca certificates server +COMMENT= Smallstep step_ca certificates server WWW= https://smallstep.com/certificates/ LICENSE= APACHE20 @@ -17,7 +16,7 @@ RUN_DEPENDS= step:security/step-cli USES= go:1.22,modules -USE_RC_SUBR= step-ca +USE_RC_SUBR= step_ca GO_MODULE= github.com/smallstep/certificates diff --git a/security/step-certificates/distinfo b/security/step-certificates/distinfo index 27f74b7c1385..7306fa012d25 100644 --- a/security/step-certificates/distinfo +++ b/security/step-certificates/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1729364384 -SHA256 (go/security_step-certificates/step-certificates-v0.27.5/v0.27.5.mod) = 035fc4e3449be2e504dd99cf79ed07b27c3d514aee7bb116db4707861620c9d2 -SIZE (go/security_step-certificates/step-certificates-v0.27.5/v0.27.5.mod) = 8344 -SHA256 (go/security_step-certificates/step-certificates-v0.27.5/v0.27.5.zip) = 2c4774a23b31bb2fa3f854776c99269a9add30b0d5dc23b0c301ba46dc77e11c -SIZE (go/security_step-certificates/step-certificates-v0.27.5/v0.27.5.zip) = 1161319 +TIMESTAMP = 1736184396 +SHA256 (go/security_step-certificates/step-certificates-v0.28.1/v0.28.1.mod) = 41cf738a27e1f0894ddd48801408f60c78fd8b69dee14e8db55c9eb445959d46 +SIZE (go/security_step-certificates/step-certificates-v0.28.1/v0.28.1.mod) = 8354 +SHA256 (go/security_step-certificates/step-certificates-v0.28.1/v0.28.1.zip) = b1e3a63ae518e9475979006b3665816757e06f62bef180060749fb4eb276dd42 +SIZE (go/security_step-certificates/step-certificates-v0.28.1/v0.28.1.zip) = 1168039 diff --git a/security/step-certificates/files/step-ca.in b/security/step-certificates/files/step_ca.in similarity index 93% rename from security/step-certificates/files/step-ca.in rename to security/step-certificates/files/step_ca.in index 88d784823679..2d5ac4edad39 100644 --- a/security/step-certificates/files/step-ca.in +++ b/security/step-certificates/files/step_ca.in @@ -1,6 +1,6 @@ #!/bin/sh -# PROVIDE: step-ca +# PROVIDE: step_ca # REQUIRE: LOGIN networking # KEYWORD: shutdown # @@ -32,6 +32,7 @@ load_rc_config $name : ${step_ca_stepdir:=%%PREFIX%%/etc/step} : ${step_ca_steppath:=${step_ca_stepdir}/ca} : ${step_ca_password:=${step_ca_stepdir}/password.txt} +: ${step_ca_env:=STEPPATH=${step_ca_steppath}} pidfile="/var/run/${name}.pid" step_ca_command="%%PREFIX%%/sbin/step-ca" @@ -60,7 +61,7 @@ step_ca_startprecmd() if [ ! -e ${step_ca_steppath} ]; then echo "No configured Step CA found." - echo "Please run service step-ca configure" + echo "Please run service step_ca configure" exit 1 else export STEPPATH=${step_ca_steppath} @@ -68,7 +69,7 @@ step_ca_startprecmd() if [ ! -e ${step_ca_password} ]; then echo "Step CA Password file for auto-start not found" - echo "Please run service step-ca configure" + echo "Please run service step_ca configure" exit 1 fi @@ -90,7 +91,7 @@ step_ca_configure() { if [ ! -e ${step_ca_steppath} ]; then echo "No configured Step CA found." echo "Creating new one...." - install -d -m 600 -o ${step_ca_user} -g ${step_ca_group} ${step_ca_steppath} + install -d -m 700 -o ${step_ca_user} -g ${step_ca_group} ${step_ca_steppath} export STEPPATH=${step_ca_steppath} %%PREFIX%%/bin/step ca init --ssh chown -R ${step_ca_user}:${step_ca_group} ${step_ca_stepdir} diff --git a/security/step-certificates/pkg-message b/security/step-certificates/pkg-message index 2e595b5f19ae..bca4286cd021 100644 --- a/security/step-certificates/pkg-message +++ b/security/step-certificates/pkg-message @@ -21,6 +21,8 @@ Following are the defaults for step certificates and can be overridden by rc.con * The password required for automatic startup is in step_ca_password (%%PREFIX%%/etc/step/password.txt) * By default step certificates logs to syslog with a tag of step_ca +Due to an inconsistency between this message and the rc-script, the rc-script has been renamed from step-ca to step_ca in v0.28.1. +Please be aware of this if you call the rc-script from a custom script. ================================================================================ EOM }