From owner-svn-ports-head@freebsd.org  Wed Feb 24 16:07:53 2021
Return-Path: <owner-svn-ports-head@freebsd.org>
Delivered-To: svn-ports-head@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 48E8C5618C3;
 Wed, 24 Feb 2021 16:07:53 +0000 (UTC)
 (envelope-from tobik@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4Dm16K1fsbz3kQb;
 Wed, 24 Feb 2021 16:07:53 +0000 (UTC)
 (envelope-from tobik@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 2BCBB2F0AA;
 Wed, 24 Feb 2021 16:07:53 +0000 (UTC)
 (envelope-from tobik@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 11OG7rtf006309;
 Wed, 24 Feb 2021 16:07:53 GMT (envelope-from tobik@FreeBSD.org)
Received: (from tobik@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id 11OG7qNc006304;
 Wed, 24 Feb 2021 16:07:52 GMT (envelope-from tobik@FreeBSD.org)
Message-Id: <202102241607.11OG7qNc006304@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: tobik set sender to
 tobik@FreeBSD.org using -f
From: Tobias Kortkamp <tobik@FreeBSD.org>
Date: Wed, 24 Feb 2021 16:07:52 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r566487 - in head/security: . uacme
X-SVN-Group: ports-head
X-SVN-Commit-Author: tobik
X-SVN-Commit-Paths: in head/security: . uacme
X-SVN-Commit-Revision: 566487
X-SVN-Commit-Repository: ports
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-head@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: SVN commit messages for the ports tree for head
 <svn-ports-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-head>, 
 <mailto:svn-ports-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-head/>
List-Post: <mailto:svn-ports-head@freebsd.org>
List-Help: <mailto:svn-ports-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Feb 2021 16:07:53 -0000

Author: tobik
Date: Wed Feb 24 16:07:51 2021
New Revision: 566487
URL: https://svnweb.freebsd.org/changeset/ports/566487

Log:
  Add security/uacme
  
  Lightweight client for the RFC8555 ACMEv2 protocol, written in plain
  C with minimal dependencies (libcurl and one of GnuTLS, OpenSSL or
  mbedTLS).  The ACMEv2 protocol allows a Certificate Authority (Let's
  Encrypt is a popular one) and an applicant to automate the process
  of verification and certificate issuance.  The protocol also provides
  facilities for other certificate management functions, such as
  certificate revocation.
  
  WWW: https://github.com/ndilieto/uacme

Added:
  head/security/uacme/
  head/security/uacme/Makefile   (contents, props changed)
  head/security/uacme/distinfo   (contents, props changed)
  head/security/uacme/pkg-descr   (contents, props changed)
  head/security/uacme/pkg-plist   (contents, props changed)
Modified:
  head/security/Makefile

Modified: head/security/Makefile
==============================================================================
--- head/security/Makefile	Wed Feb 24 16:01:00 2021	(r566486)
+++ head/security/Makefile	Wed Feb 24 16:07:51 2021	(r566487)
@@ -1270,6 +1270,7 @@
     SUBDIR += truecrypt
     SUBDIR += tthsum
     SUBDIR += u2f-devd
+    SUBDIR += uacme
     SUBDIR += unhide
     SUBDIR += unicornscan
     SUBDIR += vanguards-tor

Added: head/security/uacme/Makefile
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/uacme/Makefile	Wed Feb 24 16:07:51 2021	(r566487)
@@ -0,0 +1,51 @@
+# $FreeBSD$
+
+PORTNAME=	uacme
+DISTVERSIONPREFIX=	upstream/
+DISTVERSION=	1.7
+CATEGORIES=	security www
+
+MAINTAINER=	tobik@FreeBSD.org
+COMMENT=	Lightweight C ACMEv2 client which uses external authenticators
+
+LICENSE=	GPLv3+
+LICENSE_FILE=	${WRKSRC}/COPYING
+
+LIB_DEPENDS=	libcurl.so:ftp/curl
+
+USES=		gmake pkgconfig
+USE_GITHUB=	yes
+GH_ACCOUNT=	ndilieto
+GNU_CONFIGURE=	yes
+CONFIGURE_ARGS=	--datadir=${EXAMPLESDIR:H} \
+		--disable-maintainer-mode \
+		--sysconfdir=${PREFIX}/etc
+
+OPTIONS_DEFINE=		DOCS EXAMPLES MANPAGES UALPN
+_OPENSSL_SAFE=		${(${OPSYS} == FreeBSD && ${OSVERSION} < 1200085 && ${SSL_DEFAULT} == base) || ${SSL_DEFAULT} == libressl || ${SSL_DEFAULT} == libressl-devel:?no:yes}
+OPTIONS_DEFAULT=	${${_OPENSSL_SAFE} == no:?GNUTLS:OPENSSL} MANPAGES \
+			UALPN
+OPTIONS_SINGLE=		CRYPTO
+OPTIONS_SINGLE_CRYPTO=	GNUTLS MBEDTLS OPENSSL
+OPTIONS_EXCLUDE=	${${_OPENSSL_SAFE} == no:?OPENSSL:}
+OPTIONS_SUB=		yes
+
+CRYPTO_DESC=	Crypto library
+UALPN_DESC=	Install the proxying ACMEv2 tls-alpn-01 responder ualpn(1)
+
+GNUTLS_LIB_DEPENDS=		libgnutls.so:security/gnutls
+GNUTLS_CONFIGURE_WITH=		gnutls
+MANPAGES_BUILD_DEPENDS=		asciidoc:textproc/asciidoc
+MANPAGES_CONFIGURE_ENABLE=	docs
+MBEDTLS_BROKEN=			needs mbedtls >= 2.25, 2.16.x lacks mbedtls_x509_crt_parse_der_with_ext_cb support
+MBEDTLS_LIB_DEPENDS=		libmbedtls.so:security/mbedtls
+MBEDTLS_CONFIGURE_WITH=		mbedtls=${LOCALBASE}
+OPENSSL_USES=			ssl
+OPENSSL_CONFIGURE_WITH=		openssl=${OPENSSLBASE}
+UALPN_CONFIGURE_WITH=		ualpn
+
+post-install-DOCS-on:
+	@${MKDIR} ${STAGEDIR}${DOCSDIR}
+	${INSTALL_MAN} ${WRKSRC}/README.md ${STAGEDIR}${DOCSDIR}
+
+.include <bsd.port.mk>

Added: head/security/uacme/distinfo
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/uacme/distinfo	Wed Feb 24 16:07:51 2021	(r566487)
@@ -0,0 +1,3 @@
+TIMESTAMP = 1611663220
+SHA256 (ndilieto-uacme-upstream-1.7_GH0.tar.gz) = 32ca99851194cadb16c05f3c5d32892b0b93fc247321de2b560fa0f667e6cf04
+SIZE (ndilieto-uacme-upstream-1.7_GH0.tar.gz) = 327941

Added: head/security/uacme/pkg-descr
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/uacme/pkg-descr	Wed Feb 24 16:07:51 2021	(r566487)
@@ -0,0 +1,9 @@
+Lightweight client for the RFC8555 ACMEv2 protocol, written in plain
+C with minimal dependencies (libcurl and one of GnuTLS, OpenSSL or
+mbedTLS).  The ACMEv2 protocol allows a Certificate Authority (Let's
+Encrypt is a popular one) and an applicant to automate the process
+of verification and certificate issuance.  The protocol also provides
+facilities for other certificate management functions, such as
+certificate revocation.
+
+WWW: https://github.com/ndilieto/uacme

Added: head/security/uacme/pkg-plist
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/uacme/pkg-plist	Wed Feb 24 16:07:51 2021	(r566487)
@@ -0,0 +1,10 @@
+bin/uacme
+%%UALPN%%bin/ualpn
+%%MANPAGES%%man/man1/uacme.1.gz
+%%UALPN%%%%MANPAGES%%man/man1/ualpn.1.gz
+%%PORTDOCS%%%%DOCSDIR%%/README.md
+%%MANPAGES%%%%PORTDOCS%%%%DOCSDIR%%/uacme.html
+%%UALPN%%%%MANPAGES%%%%PORTDOCS%%%%DOCSDIR%%/ualpn.html
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/nsupdate.sh
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/uacme.sh
+%%UALPN%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/ualpn.sh