Add app-crypt/acme-tiny

This commit is contained in:
Stefan Reimer 2017-03-01 04:47:40 +00:00
parent 2953e2613a
commit 035bf046e1
5 changed files with 304 additions and 0 deletions

View File

@ -0,0 +1,4 @@
AUX acme-tiny-PR101-contactinfo.patch 4065 SHA256 0e78f8e7ad56389507bb003f3edd8c32140955020b42bd78e8eabaceeaaf10b3 SHA512 2a473486a7d33026bcaaf01d5cbda40809c6a3a8e01b047ec7ea8283c993b94c2f090774f38e1e25924a8f36df342e36633acaea2749042c034ebcb0bff5a4e0 WHIRLPOOL 92498bc8a3b489147516330b3d543f28b94ea87b3a4ab19348e899fea2a7235b5a84104d7abc930c9215b481238c9629b14a1cee87c1a4ba36dad52e34e5352f
AUX acme-tiny-PR50-setup.py.patch 4568 SHA256 66e20c59f4b549f43c3c073147a9e98955681f7b3dc25918e9b68290af204ece SHA512 41daa64e2517950f3863bf0573aa80304fb43a2221f4ea048b52fac64c5cc3b91b52d3dd6b6d791760c29accf26383a559f2956f27467528a1f7eb11ae8449d3 WHIRLPOOL a63766d0a4643b26ceba26e641d5ad02f83c6e794af2274a1f8b19789e205e4a10e830e59355b7091bc67c29f38709500c4847cebb49148feeb13034c3b31c95
AUX acme-tiny-PR87-readmefix.patch 821 SHA256 7a07c9f00e018d1b630898d6be27d5e8ca779e0132c5260a89dbd16dcd02a073 SHA512 20dde53915bfc93cd48811cedfdf95405ed7322c277615c0f24969d9071a416db9dff51ce8c0c93af46e9ecfc3ae10bf0ab777576ea2f30a0a5419bd2b406404 WHIRLPOOL c6b9691faf5db09f99db0f6bea62d959c083dec928690b556f184db5561dae3330862e78708b0876dc71c86e0e2c90abeeaf45737fe718d2698d0e011cf0f1c3
EBUILD acme-tiny-9999.ebuild 657 SHA256 0316cff7c727344e59320a4a74abe76078776e285e2bd084e46f1e3cc9e1eda8 SHA512 28774b5cb59777bc562b87920d4fd9cee779ea50884fdf566a8477f7c9edaaef6f78d150ac0418231d9862437d2cc874fb6c11f89d99e9c5a5c9ed2a9b9cb285 WHIRLPOOL c4c6a56cf74b1a72524adba6ff70df2f856aa769e2989de3e5f4fe17f9ac6dd7b4e4291706f854843ee66547f55c5c9a5cd31aed3e9c175814b25cef6aeee44d

View File

@ -0,0 +1,30 @@
# Copyright 1999-2016 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$
EAPI=6
PYTHON_COMPAT=( python{2_7,3_3,3_4,3_5} )
inherit distutils-r1
inherit git-r3
KEYWORDS=""
EGIT_REPO_URI="https://github.com/diafygi/${PN}.git"
DESCRIPTION="A tiny, auditable script for Let's Encrypt's ACME Protocol"
HOMEPAGE="https://github.com/diafygi/acme-tiny"
LICENSE="MIT"
SLOT="0"
IUSE=""
DEPEND="dev-libs/openssl:0
dev-python/setuptools_scm[${PYTHON_USEDEP}]"
RDEPEND="${DEPEND}"
PATCHES=(
"${FILESDIR}/${PN}-PR50-setup.py.patch"
"${FILESDIR}/${PN}-PR87-readmefix.patch"
"${FILESDIR}/${PN}-PR101-contactinfo.patch"
)

View File

@ -0,0 +1,97 @@
From 86083e6f79c6af99a59d8ee27c61f5d9b407f436 Mon Sep 17 00:00:00 2001
From: Phiber2000 <phiber2000@gmx.de>
Date: Thu, 10 Mar 2016 16:43:54 +0100
Subject: [PATCH 1/3] added contact key in payload and email parameter
---
acme_tiny.py | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/acme_tiny.py b/acme_tiny.py
index 34a1863..bd79321 100644
--- a/acme_tiny.py
+++ b/acme_tiny.py
@@ -12,7 +12,7 @@
LOGGER.addHandler(logging.StreamHandler())
LOGGER.setLevel(logging.INFO)
-def get_crt(account_key, csr, acme_dir, log=LOGGER, CA=DEFAULT_CA):
+def get_crt(account_key, csr, acme_dir, account_email, log=LOGGER, CA=DEFAULT_CA):
# helper function base64 encode for jose spec
def _b64(b):
return base64.urlsafe_b64encode(b).decode('utf8').replace("=", "")
@@ -80,10 +80,13 @@ def _send_signed_request(url, payload):
# get the certificate domains and expiration
log.info("Registering account...")
- code, result = _send_signed_request(CA + "/acme/new-reg", {
+ payload = {
"resource": "new-reg",
"agreement": "https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf",
- })
+ }
+ if account_email:
+ payload["contact"] = ["mailto:"+account_email]
+ code, result = _send_signed_request(CA + "/acme/new-reg", payload)
if code == 201:
log.info("Registered!")
elif code == 409:
@@ -188,10 +191,11 @@ def main(argv):
parser.add_argument("--acme-dir", required=True, help="path to the .well-known/acme-challenge/ directory")
parser.add_argument("--quiet", action="store_const", const=logging.ERROR, help="suppress output except for errors")
parser.add_argument("--ca", default=DEFAULT_CA, help="certificate authority, default is Let's Encrypt")
+ parser.add_argument("--account-email", help="contact e-mail address")
args = parser.parse_args(argv)
LOGGER.setLevel(args.quiet or LOGGER.level)
- signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca)
+ signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, args.account_email, log=LOGGER, CA=args.ca)
sys.stdout.write(signed_crt)
if __name__ == "__main__": # pragma: no cover
From b128ae1289b106e1ddf20d3787a431d8ea949cf3 Mon Sep 17 00:00:00 2001
From: Phiber2000 <phiber2000@gmx.de>
Date: Thu, 10 Mar 2016 19:27:17 +0100
Subject: [PATCH 2/3] code style correction
---
acme_tiny.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/acme_tiny.py b/acme_tiny.py
index bd79321..cea57ee 100644
--- a/acme_tiny.py
+++ b/acme_tiny.py
@@ -85,7 +85,7 @@ def _send_signed_request(url, payload):
"agreement": "https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf",
}
if account_email:
- payload["contact"] = ["mailto:"+account_email]
+ payload["contact"] = ["mailto:{0}".format(account_email)]
code, result = _send_signed_request(CA + "/acme/new-reg", payload)
if code == 201:
log.info("Registered!")
From 90eac8d6f22e858168ead32f00f13e7c997b64fc Mon Sep 17 00:00:00 2001
From: Phiber2000 <phiber2000@gmx.de>
Date: Thu, 10 Mar 2016 19:33:21 +0100
Subject: [PATCH 3/3] updated email argument helptext
---
acme_tiny.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/acme_tiny.py b/acme_tiny.py
index cea57ee..930cd43 100644
--- a/acme_tiny.py
+++ b/acme_tiny.py
@@ -191,7 +191,7 @@ def main(argv):
parser.add_argument("--acme-dir", required=True, help="path to the .well-known/acme-challenge/ directory")
parser.add_argument("--quiet", action="store_const", const=logging.ERROR, help="suppress output except for errors")
parser.add_argument("--ca", default=DEFAULT_CA, help="certificate authority, default is Let's Encrypt")
- parser.add_argument("--account-email", help="contact e-mail address")
+ parser.add_argument("--account-email", help="set contact e-mail address, leave empty to keep current")
args = parser.parse_args(argv)
LOGGER.setLevel(args.quiet or LOGGER.level)

View File

@ -0,0 +1,150 @@
From 9bc3865d8c86392ca115ffb64a9389e92e00e861 Mon Sep 17 00:00:00 2001
From: Jonas Haag <jonas@lophus.org>
Date: Tue, 29 Dec 2015 14:14:49 +0100
Subject: [PATCH 1/3] Add setup.py
---
acme_tiny.py | 2 +-
setup.py | 28 ++++++++++++++++++++++++++++
tests/__init__.py | 1 +
tests/test_install.py | 24 ++++++++++++++++++++++++
4 files changed, 54 insertions(+), 1 deletion(-)
create mode 100644 setup.py
create mode 100644 tests/test_install.py
diff --git a/acme_tiny.py b/acme_tiny.py
index f54db0c..ca9ad3d 100644
--- a/acme_tiny.py
+++ b/acme_tiny.py
@@ -165,7 +165,7 @@ def _send_signed_request(url, payload):
return """-----BEGIN CERTIFICATE-----\n{0}\n-----END CERTIFICATE-----\n""".format(
"\n".join(textwrap.wrap(base64.b64encode(result).decode('utf8'), 64)))
-def main(argv):
+def main(argv=None):
parser = argparse.ArgumentParser(
formatter_class=argparse.RawDescriptionHelpFormatter,
description=textwrap.dedent("""\
diff --git a/setup.py b/setup.py
new file mode 100644
index 0000000..9ed597e
--- /dev/null
+++ b/setup.py
@@ -0,0 +1,28 @@
+from setuptools import setup
+
+setup(
+ name="acme-tiny",
+ version="1.0.0",
+ url="https://github.com/diafygi/acme-tiny",
+ author="Daniel Roesler",
+ author_email="diafygi@gmail.com",
+ description="A tiny script to issue and renew TLS certs from Let's Encrypt",
+ license="MIT",
+ py_modules=['acme_tiny'],
+ entry_points={'console_scripts': [
+ 'acme-tiny = acme_tiny:main',
+ ]},
+ classifiers = [
+ 'Development Status :: 5 - Production/Stable',
+ 'Intended Audience :: System Administrators'
+ 'License :: OSI Approved :: MIT License',
+ 'Operating System :: OS Independent',
+ 'Programming Language :: Python',
+ 'Programming Language :: Python :: 2',
+ 'Programming Language :: Python :: 2.7',
+ 'Programming Language :: Python :: 3',
+ 'Programming Language :: Python :: 3.3',
+ 'Programming Language :: Python :: 3.4',
+ 'Programming Language :: Python :: 3.5',
+ ]
+)
diff --git a/tests/__init__.py b/tests/__init__.py
index ce89619..5ade34c 100644
--- a/tests/__init__.py
+++ b/tests/__init__.py
@@ -1 +1,2 @@
from .test_module import TestModule
+from .test_install import TestInstall
diff --git a/tests/test_install.py b/tests/test_install.py
new file mode 100644
index 0000000..005f36c
--- /dev/null
+++ b/tests/test_install.py
@@ -0,0 +1,24 @@
+import unittest
+import os
+import tempfile
+import shutil
+import subprocess
+
+
+class TestInstall(unittest.TestCase):
+ def setUp(self):
+ self.tempdir = tempfile.mkdtemp()
+ subprocess.check_call(["virtualenv", self.tempdir])
+
+ def tearDown(self):
+ shutil.rmtree(self.tempdir)
+
+ def virtualenv_bin(self, cmd):
+ return os.path.join(self.tempdir, "bin", cmd)
+
+ def test_install(self):
+ subprocess.check_call([self.virtualenv_bin("python"), "setup.py", "install"])
+
+ def test_cli(self):
+ self.test_install()
+ subprocess.check_call([self.virtualenv_bin("acme-tiny"), "-h"])
From cdf1bde83d6b640a8896722557386b6d9b6a9fbb Mon Sep 17 00:00:00 2001
From: Rob Speed <speed.rob@gmail.com>
Date: Wed, 10 Feb 2016 21:53:24 -0500
Subject: [PATCH 2/3] Added setuptools_scm for automatic versioning based on
tags.
---
setup.py | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/setup.py b/setup.py
index 9ed597e..7ec7ef1 100644
--- a/setup.py
+++ b/setup.py
@@ -2,7 +2,7 @@
setup(
name="acme-tiny",
- version="1.0.0",
+ use_scm_version=True,
url="https://github.com/diafygi/acme-tiny",
author="Daniel Roesler",
author_email="diafygi@gmail.com",
@@ -12,6 +12,7 @@
entry_points={'console_scripts': [
'acme-tiny = acme_tiny:main',
]},
+ setup_requires=['setuptools_scm'],
classifiers = [
'Development Status :: 5 - Production/Stable',
'Intended Audience :: System Administrators'
From edcaee1fa841d49a3fa488288faa8e6573269413 Mon Sep 17 00:00:00 2001
From: Matthias Bach <marix@marix.org>
Date: Mon, 22 Feb 2016 22:53:06 +0100
Subject: [PATCH 3/3] Mark wheels of acme-tiny as universal
Ensure that wheels created from the acme-tiny source are marked as universal.
---
setup.cfg | 2 ++
1 file changed, 2 insertions(+)
create mode 100644 setup.cfg
diff --git a/setup.cfg b/setup.cfg
new file mode 100644
index 0000000..434559d
--- /dev/null
+++ b/setup.cfg
@@ -0,0 +1,2 @@
+[wheel]
+universal=True

View File

@ -0,0 +1,23 @@
From 85df9d1217341893ab6dbbe58fb7c878e15d832b Mon Sep 17 00:00:00 2001
From: Jakub Wilk <jwilk@jwilk.net>
Date: Wed, 24 Feb 2016 22:10:01 +0100
Subject: [PATCH] renew_cert.sh: fix unusual shebang
sh is normally lives in /bin, not in /usr/bin.
---
README.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/README.md b/README.md
index dfa562c..5c83a67 100644
--- a/README.md
+++ b/README.md
@@ -171,7 +171,7 @@ for example script).
Example of a `renew_cert.sh`:
```sh
-#!/usr/bin/sh
+#!/bin/sh
python /path/to/acme_tiny.py --account-key /path/to/account.key --csr /path/to/domain.csr --acme-dir /var/www/challenges/ > /tmp/signed.crt || exit
wget -O - https://letsencrypt.org/certs/lets-encrypt-x1-cross-signed.pem > intermediate.pem
cat /tmp/signed.crt intermediate.pem > /path/to/chained.pem