Date: Sun, 02 Aug 2020 10:16:42 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 248425] security/acme.sh: Missing several DNS plugin scripts Message-ID: <bug-248425-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D248425 Bug ID: 248425 Summary: security/acme.sh: Missing several DNS plugin scripts Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: dvl@FreeBSD.org Reporter: phedoreanu@wearehackerone.com Assignee: dvl@FreeBSD.org Flags: maintainer-feedback?(dvl@FreeBSD.org) **Describe the bug** The `acme.sh` client installed on OPNsense doesn't contain all the DNS plug= in scripts. **To Reproduce** Steps to reproduce the behaviour: 1. Download https://github.com/acmesh-official/acme.sh/archive/2.8.6.tar.gz 2. Check its SHA2 sum with the value from [opnsense/ports/distinfo](https://github.com/opnsense/ports/blob/master/sec= urity/acme.sh/distinfo) 3. Extract the tar.gz and see all dnsapi plugins contained in the `2.8.6.` release.=20 ``` $ ls Downloads/acme.sh-2.8.6/dnsapi | wc -l=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20 105 ``` 4. ssh into opnsense and run ``` $ sudo ls /var/db/acme/.acme.sh/dnsapi | wc -l 95 ``` 5. Comparing `/var/db/acme/.acme.sh/dnsapi` with the release tar reveals th= e 10 missing plugin scripts: ``` $ diff Downloads/acme.sh-2.8.6/dnsapi opn_dnsapi Only in Downloads/acme.sh-2.8.6/dnsapi: dns_1984hosting.sh Only in Downloads/acme.sh-2.8.6/dnsapi: dns_arvan.sh Only in Downloads/acme.sh-2.8.6/dnsapi: dns_clouddns.sh Only in Downloads/acme.sh-2.8.6/dnsapi: dns_constellix.sh Only in Downloads/acme.sh-2.8.6/dnsapi: dns_df.sh Only in Downloads/acme.sh-2.8.6/dnsapi: dns_dynv6.sh Only in Downloads/acme.sh-2.8.6/dnsapi: dns_joker.sh Only in Downloads/acme.sh-2.8.6/dnsapi: dns_kas.sh Only in Downloads/acme.sh-2.8.6/dnsapi: dns_nm.sh Only in Downloads/acme.sh-2.8.6/dnsapi: dns_opnsense.sh ``` **Expected behavior** The folder `/var/db/acme/.acme.sh/dnsapi` should have the same contents as = the `dnsapi` folder from the release tar, as its SHA2 sum and file size match. ``` $ shasum -a 256 Downloads/acme.sh-2.8.6.tar.gz=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20 fd36cb749466296ded521ceacda3fc841ec76be620900d1116e0492d171c1d9f=20 Downloads/acme.sh-2.8.6.tar.gz ------------------------------------------------------------ $ ls -al Downloads/acme.sh-2.8.6.tar.gz=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20 -rw-r--r--@ 1 test nobody 193182 Aug 1 15:37 Downloads/acme.sh-2.8.6.tar= .gz ```` **Environment** OPNsense 20.7-amd64 FreeBSD 12.1-RELEASE-p7-HBSD OpenSSL 1.1.1g 21 Apr 2020 --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-248425-7788>