git: 7bf02d3f9f50 - main - security/step-certificates: Update 0.27.5 → 0.28.1, fix issues with rc-script
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 07 Jan 2025 10:12:32 UTC
The branch main has been updated by vvd:
URL: https://cgit.FreeBSD.org/ports/commit/?id=7bf02d3f9f50e6cf47aad822a6333bc59023a946
commit 7bf02d3f9f50e6cf47aad822a6333bc59023a946
Author: Markus Wipp <mw@wipp.bayern>
AuthorDate: 2025-01-07 10:08:18 +0000
Commit: Vladimir Druzenko <vvd@FreeBSD.org>
CommitDate: 2025-01-07 10:12:21 +0000
security/step-certificates: Update 0.27.5 → 0.28.1, fix issues with rc-script
- Rename rc-script from step-ca to step_ca.
- Fix permission issue in step_ca rc-script.
Changelogs:
https://github.com/smallstep/certificates/releases/tag/v0.28.0
https://github.com/smallstep/certificates/releases/tag/v0.28.1
PR: 283894 282633
---
security/step-certificates/Makefile | 7 +++----
security/step-certificates/distinfo | 10 +++++-----
security/step-certificates/files/{step-ca.in => step_ca.in} | 9 +++++----
security/step-certificates/pkg-message | 2 ++
4 files changed, 15 insertions(+), 13 deletions(-)
diff --git a/security/step-certificates/Makefile b/security/step-certificates/Makefile
index dd3daf6c32a2..d70b9816948b 100644
--- a/security/step-certificates/Makefile
+++ b/security/step-certificates/Makefile
@@ -1,11 +1,10 @@
PORTNAME= step-certificates
DISTVERSIONPREFIX= v
-DISTVERSION= 0.27.5
-PORTREVISION= 1
+DISTVERSION= 0.28.1
CATEGORIES= security
MAINTAINER= mw@wipp.bayern
-COMMENT= Smallstep step-ca certificates server
+COMMENT= Smallstep step_ca certificates server
WWW= https://smallstep.com/certificates/
LICENSE= APACHE20
@@ -17,7 +16,7 @@ RUN_DEPENDS= step:security/step-cli
USES= go:1.22,modules
-USE_RC_SUBR= step-ca
+USE_RC_SUBR= step_ca
GO_MODULE= github.com/smallstep/certificates
diff --git a/security/step-certificates/distinfo b/security/step-certificates/distinfo
index 27f74b7c1385..7306fa012d25 100644
--- a/security/step-certificates/distinfo
+++ b/security/step-certificates/distinfo
@@ -1,5 +1,5 @@
-TIMESTAMP = 1729364384
-SHA256 (go/security_step-certificates/step-certificates-v0.27.5/v0.27.5.mod) = 035fc4e3449be2e504dd99cf79ed07b27c3d514aee7bb116db4707861620c9d2
-SIZE (go/security_step-certificates/step-certificates-v0.27.5/v0.27.5.mod) = 8344
-SHA256 (go/security_step-certificates/step-certificates-v0.27.5/v0.27.5.zip) = 2c4774a23b31bb2fa3f854776c99269a9add30b0d5dc23b0c301ba46dc77e11c
-SIZE (go/security_step-certificates/step-certificates-v0.27.5/v0.27.5.zip) = 1161319
+TIMESTAMP = 1736184396
+SHA256 (go/security_step-certificates/step-certificates-v0.28.1/v0.28.1.mod) = 41cf738a27e1f0894ddd48801408f60c78fd8b69dee14e8db55c9eb445959d46
+SIZE (go/security_step-certificates/step-certificates-v0.28.1/v0.28.1.mod) = 8354
+SHA256 (go/security_step-certificates/step-certificates-v0.28.1/v0.28.1.zip) = b1e3a63ae518e9475979006b3665816757e06f62bef180060749fb4eb276dd42
+SIZE (go/security_step-certificates/step-certificates-v0.28.1/v0.28.1.zip) = 1168039
diff --git a/security/step-certificates/files/step-ca.in b/security/step-certificates/files/step_ca.in
similarity index 93%
rename from security/step-certificates/files/step-ca.in
rename to security/step-certificates/files/step_ca.in
index 88d784823679..2d5ac4edad39 100644
--- a/security/step-certificates/files/step-ca.in
+++ b/security/step-certificates/files/step_ca.in
@@ -1,6 +1,6 @@
#!/bin/sh
-# PROVIDE: step-ca
+# PROVIDE: step_ca
# REQUIRE: LOGIN networking
# KEYWORD: shutdown
#
@@ -32,6 +32,7 @@ load_rc_config $name
: ${step_ca_stepdir:=%%PREFIX%%/etc/step}
: ${step_ca_steppath:=${step_ca_stepdir}/ca}
: ${step_ca_password:=${step_ca_stepdir}/password.txt}
+: ${step_ca_env:=STEPPATH=${step_ca_steppath}}
pidfile="/var/run/${name}.pid"
step_ca_command="%%PREFIX%%/sbin/step-ca"
@@ -60,7 +61,7 @@ step_ca_startprecmd()
if [ ! -e ${step_ca_steppath} ]; then
echo "No configured Step CA found."
- echo "Please run service step-ca configure"
+ echo "Please run service step_ca configure"
exit 1
else
export STEPPATH=${step_ca_steppath}
@@ -68,7 +69,7 @@ step_ca_startprecmd()
if [ ! -e ${step_ca_password} ]; then
echo "Step CA Password file for auto-start not found"
- echo "Please run service step-ca configure"
+ echo "Please run service step_ca configure"
exit 1
fi
@@ -90,7 +91,7 @@ step_ca_configure() {
if [ ! -e ${step_ca_steppath} ]; then
echo "No configured Step CA found."
echo "Creating new one...."
- install -d -m 600 -o ${step_ca_user} -g ${step_ca_group} ${step_ca_steppath}
+ install -d -m 700 -o ${step_ca_user} -g ${step_ca_group} ${step_ca_steppath}
export STEPPATH=${step_ca_steppath}
%%PREFIX%%/bin/step ca init --ssh
chown -R ${step_ca_user}:${step_ca_group} ${step_ca_stepdir}
diff --git a/security/step-certificates/pkg-message b/security/step-certificates/pkg-message
index 2e595b5f19ae..bca4286cd021 100644
--- a/security/step-certificates/pkg-message
+++ b/security/step-certificates/pkg-message
@@ -21,6 +21,8 @@ Following are the defaults for step certificates and can be overridden by rc.con
* The password required for automatic startup is in step_ca_password (%%PREFIX%%/etc/step/password.txt)
* By default step certificates logs to syslog with a tag of step_ca
+Due to an inconsistency between this message and the rc-script, the rc-script has been renamed from step-ca to step_ca in v0.28.1.
+Please be aware of this if you call the rc-script from a custom script.
================================================================================
EOM
}