Tue Mar 13 10:08:51 2018 UTC ()
security/py-certbot: Update to 0.22.0

### Added

- Support for obtaining wildcard certificates and a newer version of the ACME
  protocol such as the one implemented by Let's Encrypt's upcoming ACMEv2
  endpoint was added to Certbot and its ACME library. Certbot still works with
  older ACME versions and will automatically change the version of the protocol
  used based on the version the ACME CA implements.
- The Apache and Nginx plugins are now able to automatically install a wildcard
  certificate to multiple virtual hosts that you select from your server
  configuration.
- The `certbot install` command now accepts the `--cert-name` flag for
  selecting a certificate.
- `acme.client.BackwardsCompatibleClientV2` was added to Certbot's ACME library
  which automatically handles most of the differences between new and old ACME
  versions. `acme.client.ClientV2` is also available for people who only want
  to support one version of the protocol or want to handle the differences
  between versions themselves.
- certbot-auto now supports the flag --install-only which has the script
  install Certbot and its dependencies and exit without invoking Certbot.
- Support for issuing a single certificate for a wildcard and base domain was
  added to our Google Cloud DNS plugin. To do this, we now require your API
  credentials have additional permissions, however, your credentials will
  already have these permissions unless you defined a custom role with fewer
  permissions than the standard DNS administrator role provided by Google.
  These permissions are also only needed for the case described above so it
  will continue to work for existing users. For more information about the
  permissions changes, see the documentation in the plugin.

### Changed

- We have broken lockstep between our ACME library, Certbot, and its plugins.
  This means that the different components do not need to be the same version
  to work together like they did previously. This makes packaging easier
  because not every piece of Certbot needs to be repackaged to ship a change to
  a subset of its components.
- Support for Python 2.6 and Python 3.3 has been removed from ACME, Certbot,
  Certbot's plugins, and certbot-auto. If you are using certbot-auto on a RHEL
  6 based system, it will walk you through the process of installing Certbot
  with Python 3 and refuse to upgrade to a newer version of Certbot until you
  have done so.
- Certbot's components now work with older versions of setuptools to simplify
  packaging for EPEL 7.

### Fixed

- Issues caused by Certbot's Nginx plugin adding multiple ipv6only directives
  has been resolved.
- A problem where Certbot's Apache plugin would add redundant include
  directives for the TLS configuration managed by Certbot has been fixed.
- Certbot's webroot plugin now properly deletes any directories it creates.


(fhajny)
diff -r1.9 -r1.10 pkgsrc/security/py-acme/Makefile
diff -r1.7 -r1.8 pkgsrc/security/py-acme/PLIST
diff -r1.7 -r1.8 pkgsrc/security/py-certbot/Makefile
diff -r1.20 -r1.21 pkgsrc/security/py-certbot/Makefile.common
diff -r1.20 -r1.21 pkgsrc/security/py-certbot/distinfo
cvs diff -r1.9 -r1.10 pkgsrc/security/py-acme/Makefile (expand / switch to unified diff)

--- pkgsrc/security/py-acme/Makefile 2018/01/22 13:37:25 1.9
+++ pkgsrc/security/py-acme/Makefile 2018/03/13 10:08:51 1.10
@@ -1,26 +1,26 @@ @@ -1,26 +1,26 @@
1# $NetBSD: Makefile,v 1.9 2018/01/22 13:37:25 fhajny Exp $ 1# $NetBSD: Makefile,v 1.10 2018/03/13 10:08:51 fhajny Exp $
2 2
3PKGNAME= ${PYPKGPREFIX}-${DISTNAME:S/certbot/acme/} 3PKGNAME= ${PYPKGPREFIX}-${DISTNAME:S/certbot/acme/}
4CATEGORIES= security 4CATEGORIES= security
5 5
6COMMENT= ACME protocol implementation in Python 6COMMENT= ACME protocol implementation in Python
7MAINTAINER= filip@joyent.com 7MAINTAINER= filip@joyent.com
8LICENSE= apache-2.0 8LICENSE= apache-2.0
9 9
10.include "../../security/py-certbot/Makefile.common" 10.include "../../security/py-certbot/Makefile.common"
11 11
12DEPENDS+= ${PYPKGPREFIX}-josepy>=1.0.0:../../security/py-josepy 
13DEPENDS+= ${PYPKGPREFIX}-cryptography>=0.8:../../security/py-cryptography 12DEPENDS+= ${PYPKGPREFIX}-cryptography>=0.8:../../security/py-cryptography
14DEPENDS+= ${PYPKGPREFIX}-OpenSSL>=0.15:../../security/py-OpenSSL 13DEPENDS+= ${PYPKGPREFIX}-josepy>=1.0.0:../../security/py-josepy
15DEPENDS+= ${PYPKGPREFIX}-mock-[0-9]*:../../devel/py-mock 14DEPENDS+= ${PYPKGPREFIX}-mock-[0-9]*:../../devel/py-mock
 15DEPENDS+= ${PYPKGPREFIX}-OpenSSL>=0.15:../../security/py-OpenSSL
16DEPENDS+= ${PYPKGPREFIX}-pytz-[0-9]*:../../time/py-pytz 16DEPENDS+= ${PYPKGPREFIX}-pytz-[0-9]*:../../time/py-pytz
17DEPENDS+= ${PYPKGPREFIX}-requests>2.10:../../devel/py-requests 17DEPENDS+= ${PYPKGPREFIX}-requests>2.10:../../devel/py-requests
18DEPENDS+= ${PYPKGPREFIX}-rfc3339-[0-9]*:../../time/py-rfc3339 18DEPENDS+= ${PYPKGPREFIX}-rfc3339-[0-9]*:../../time/py-rfc3339
19DEPENDS+= ${PYPKGPREFIX}-six>1.9.0:../../lang/py-six 19DEPENDS+= ${PYPKGPREFIX}-six>1.9.0:../../lang/py-six
20 20
21EGG_NAME= ${DISTNAME:S/certbot/acme/} 21EGG_NAME= ${DISTNAME:S/certbot/acme/}
22 22
23PYSETUPSUBDIR= acme 23PYSETUPSUBDIR= acme
24 24
25.include "../../lang/python/egg.mk" 25.include "../../lang/python/egg.mk"
26.include "../../mk/bsd.pkg.mk" 26.include "../../mk/bsd.pkg.mk"
cvs diff -r1.7 -r1.8 pkgsrc/security/py-acme/PLIST (expand / switch to unified diff)

--- pkgsrc/security/py-acme/PLIST 2018/01/22 13:37:25 1.7
+++ pkgsrc/security/py-acme/PLIST 2018/03/13 10:08:51 1.8
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1@comment $NetBSD: PLIST,v 1.7 2018/01/22 13:37:25 fhajny Exp $ 1@comment $NetBSD: PLIST,v 1.8 2018/03/13 10:08:51 fhajny Exp $
2${PYSITELIB}/${EGG_INFODIR}/PKG-INFO 2${PYSITELIB}/${EGG_INFODIR}/PKG-INFO
3${PYSITELIB}/${EGG_INFODIR}/SOURCES.txt 3${PYSITELIB}/${EGG_INFODIR}/SOURCES.txt
4${PYSITELIB}/${EGG_INFODIR}/dependency_links.txt 4${PYSITELIB}/${EGG_INFODIR}/dependency_links.txt
5${PYSITELIB}/${EGG_INFODIR}/requires.txt 5${PYSITELIB}/${EGG_INFODIR}/requires.txt
6${PYSITELIB}/${EGG_INFODIR}/top_level.txt 6${PYSITELIB}/${EGG_INFODIR}/top_level.txt
7${PYSITELIB}/acme/__init__.py 7${PYSITELIB}/acme/__init__.py
8${PYSITELIB}/acme/__init__.pyo 8${PYSITELIB}/acme/__init__.pyo
9${PYSITELIB}/acme/__init__.pyc 9${PYSITELIB}/acme/__init__.pyc
10${PYSITELIB}/acme/challenges.pyo 10${PYSITELIB}/acme/challenges.pyo
11${PYSITELIB}/acme/challenges.pyc 11${PYSITELIB}/acme/challenges.pyc
12${PYSITELIB}/acme/challenges_test.pyo 12${PYSITELIB}/acme/challenges_test.pyo
13${PYSITELIB}/acme/challenges_test.pyc 13${PYSITELIB}/acme/challenges_test.pyc
14${PYSITELIB}/acme/client.pyo 14${PYSITELIB}/acme/client.pyo
@@ -55,26 +55,27 @@ ${PYSITELIB}/acme/errors.py @@ -55,26 +55,27 @@ ${PYSITELIB}/acme/errors.py
55${PYSITELIB}/acme/errors_test.py 55${PYSITELIB}/acme/errors_test.py
56${PYSITELIB}/acme/fields.py 56${PYSITELIB}/acme/fields.py
57${PYSITELIB}/acme/fields_test.py 57${PYSITELIB}/acme/fields_test.py
58${PYSITELIB}/acme/jws.py 58${PYSITELIB}/acme/jws.py
59${PYSITELIB}/acme/jws_test.py 59${PYSITELIB}/acme/jws_test.py
60${PYSITELIB}/acme/messages.py 60${PYSITELIB}/acme/messages.py
61${PYSITELIB}/acme/messages_test.py 61${PYSITELIB}/acme/messages_test.py
62${PYSITELIB}/acme/standalone.py 62${PYSITELIB}/acme/standalone.py
63${PYSITELIB}/acme/standalone_test.py 63${PYSITELIB}/acme/standalone_test.py
64${PYSITELIB}/acme/test_util.py 64${PYSITELIB}/acme/test_util.py
65${PYSITELIB}/acme/testdata/README 65${PYSITELIB}/acme/testdata/README
66${PYSITELIB}/acme/testdata/cert-100sans.pem 66${PYSITELIB}/acme/testdata/cert-100sans.pem
67${PYSITELIB}/acme/testdata/cert-idnsans.pem 67${PYSITELIB}/acme/testdata/cert-idnsans.pem
 68${PYSITELIB}/acme/testdata/cert-nocn.der
68${PYSITELIB}/acme/testdata/cert-san.pem 69${PYSITELIB}/acme/testdata/cert-san.pem
69${PYSITELIB}/acme/testdata/cert.der 70${PYSITELIB}/acme/testdata/cert.der
70${PYSITELIB}/acme/testdata/cert.pem 71${PYSITELIB}/acme/testdata/cert.pem
71${PYSITELIB}/acme/testdata/critical-san.pem 72${PYSITELIB}/acme/testdata/critical-san.pem
72${PYSITELIB}/acme/testdata/csr-100sans.pem 73${PYSITELIB}/acme/testdata/csr-100sans.pem
73${PYSITELIB}/acme/testdata/csr-6sans.pem 74${PYSITELIB}/acme/testdata/csr-6sans.pem
74${PYSITELIB}/acme/testdata/csr-idnsans.pem 75${PYSITELIB}/acme/testdata/csr-idnsans.pem
75${PYSITELIB}/acme/testdata/csr-nosans.pem 76${PYSITELIB}/acme/testdata/csr-nosans.pem
76${PYSITELIB}/acme/testdata/csr-san.pem 77${PYSITELIB}/acme/testdata/csr-san.pem
77${PYSITELIB}/acme/testdata/csr.der 78${PYSITELIB}/acme/testdata/csr.der
78${PYSITELIB}/acme/testdata/csr.pem 79${PYSITELIB}/acme/testdata/csr.pem
79${PYSITELIB}/acme/testdata/dsa512_key.pem 80${PYSITELIB}/acme/testdata/dsa512_key.pem
80${PYSITELIB}/acme/testdata/rsa1024_key.pem 81${PYSITELIB}/acme/testdata/rsa1024_key.pem
cvs diff -r1.7 -r1.8 pkgsrc/security/py-certbot/Makefile (expand / switch to unified diff)

--- pkgsrc/security/py-certbot/Makefile 2018/01/22 13:37:25 1.7
+++ pkgsrc/security/py-certbot/Makefile 2018/03/13 10:08:51 1.8
@@ -1,30 +1,31 @@ @@ -1,30 +1,31 @@
1# $NetBSD: Makefile,v 1.7 2018/01/22 13:37:25 fhajny Exp $ 1# $NetBSD: Makefile,v 1.8 2018/03/13 10:08:51 fhajny Exp $
2 2
3PKGNAME= ${PYPKGPREFIX}-${DISTNAME} 3PKGNAME= ${PYPKGPREFIX}-${DISTNAME}
4CATEGORIES= security 4CATEGORIES= security
5 5
6COMMENT= Client for the Let's Encrypt CA 6COMMENT= Client for the Let's Encrypt CA
7MAINTAINER= filip@joyent.com 7MAINTAINER= filip@joyent.com
8LICENSE= apache-2.0 8LICENSE= apache-2.0
9 9
10EGG_NAME= ${DISTNAME} 10EGG_NAME= ${DISTNAME}
11 11
12.include "Makefile.common" 12.include "Makefile.common"
13 13
14DEPENDS+= ${PYPKGPREFIX}-acme-${PKGVERSION_NOREV}{nb*,}:../../security/py-acme 14DEPENDS+= ${PYPKGPREFIX}-acme-${PKGVERSION_NOREV}{nb*,}:../../security/py-acme
15DEPENDS+= ${PYPKGPREFIX}-configargparse>=0.9.3:../../devel/py-configargparse 15DEPENDS+= ${PYPKGPREFIX}-configargparse>=0.9.3:../../devel/py-configargparse
16DEPENDS+= ${PYPKGPREFIX}-configobj-[0-9]*:../../devel/py-configobj 16DEPENDS+= ${PYPKGPREFIX}-configobj-[0-9]*:../../devel/py-configobj
17DEPENDS+= ${PYPKGPREFIX}-cryptography>=1.2:../../security/py-cryptography 17DEPENDS+= ${PYPKGPREFIX}-cryptography>=1.2:../../security/py-cryptography
 18DEPENDS+= ${PYPKGPREFIX}-josepy-[0-9]*:../../security/py-josepy
18DEPENDS+= ${PYPKGPREFIX}-mock-[0-9]*:../../devel/py-mock 19DEPENDS+= ${PYPKGPREFIX}-mock-[0-9]*:../../devel/py-mock
19DEPENDS+= ${PYPKGPREFIX}-parsedatetime>=2.0:../../time/py-parsedatetime 20DEPENDS+= ${PYPKGPREFIX}-parsedatetime>=2.0:../../time/py-parsedatetime
20DEPENDS+= ${PYPKGPREFIX}-pytz-[0-9]*:../../time/py-pytz 21DEPENDS+= ${PYPKGPREFIX}-pytz-[0-9]*:../../time/py-pytz
21DEPENDS+= ${PYPKGPREFIX}-rfc3339-[0-9]*:../../time/py-rfc3339 22DEPENDS+= ${PYPKGPREFIX}-rfc3339-[0-9]*:../../time/py-rfc3339
22DEPENDS+= ${PYPKGPREFIX}-six-[0-9]*:../../lang/py-six 23DEPENDS+= ${PYPKGPREFIX}-six-[0-9]*:../../lang/py-six
23DEPENDS+= ${PYPKGPREFIX}-ZopeComponent-[0-9]*:../../devel/py-ZopeComponent 24DEPENDS+= ${PYPKGPREFIX}-ZopeComponent-[0-9]*:../../devel/py-ZopeComponent
24DEPENDS+= ${PYPKGPREFIX}-ZopeInterface-[0-9]*:../../devel/py-ZopeInterface 25DEPENDS+= ${PYPKGPREFIX}-ZopeInterface-[0-9]*:../../devel/py-ZopeInterface
25 26
26# Needed for the test target 27# Needed for the test target
27# https://github.com/certbot/certbot/issues/2956 28# https://github.com/certbot/certbot/issues/2956
28BUILD_DEPENDS+= ${PYPKGPREFIX}-readline-[0-9]*:../../devel/py-readline 29BUILD_DEPENDS+= ${PYPKGPREFIX}-readline-[0-9]*:../../devel/py-readline
29 30
30BUILD_DEFS+= VARBASE 31BUILD_DEFS+= VARBASE
cvs diff -r1.20 -r1.21 pkgsrc/security/py-certbot/Makefile.common (expand / switch to unified diff)

--- pkgsrc/security/py-certbot/Makefile.common 2018/02/02 15:36:08 1.20
+++ pkgsrc/security/py-certbot/Makefile.common 2018/03/13 10:08:51 1.21
@@ -1,18 +1,18 @@ @@ -1,18 +1,18 @@
1# $NetBSD: Makefile.common,v 1.20 2018/02/02 15:36:08 fhajny Exp $ 1# $NetBSD: Makefile.common,v 1.21 2018/03/13 10:08:51 fhajny Exp $
2# 2#
3# used by security/py-acme/Makefile 3# used by security/py-acme/Makefile
4# used by security/py-certbot/Makefile 4# used by security/py-certbot/Makefile
5 5
6DISTNAME= certbot-0.21.1 6DISTNAME= certbot-0.22.0
7MASTER_SITES= ${MASTER_SITE_GITHUB:=certbot/} 7MASTER_SITES= ${MASTER_SITE_GITHUB:=certbot/}
8 8
9HOMEPAGE= https://letsencrypt.org/ 9HOMEPAGE= https://letsencrypt.org/
10 10
11GITHUB_PROJECT= certbot 11GITHUB_PROJECT= certbot
12GITHUB_TAG= v${PKGVERSION_NOREV} 12GITHUB_TAG= v${PKGVERSION_NOREV}
13 13
14EXTRACT_USING= bsdtar 14EXTRACT_USING= bsdtar
15USE_TOOLS+= bsdtar 15USE_TOOLS+= bsdtar
16 16
17DISTINFO_FILE= ${PKGDIR}/../../security/py-certbot/distinfo 17DISTINFO_FILE= ${PKGDIR}/../../security/py-certbot/distinfo
18#PATCHDIR= ${PKGDIR}/../../security/py-certbot/patches 18#PATCHDIR= ${PKGDIR}/../../security/py-certbot/patches
cvs diff -r1.20 -r1.21 pkgsrc/security/py-certbot/distinfo (expand / switch to unified diff)

--- pkgsrc/security/py-certbot/distinfo 2018/02/02 15:36:08 1.20
+++ pkgsrc/security/py-certbot/distinfo 2018/03/13 10:08:51 1.21
@@ -1,6 +1,6 @@ @@ -1,6 +1,6 @@
1$NetBSD: distinfo,v 1.20 2018/02/02 15:36:08 fhajny Exp $ 1$NetBSD: distinfo,v 1.21 2018/03/13 10:08:51 fhajny Exp $
2 2
3SHA1 (certbot-0.21.1.tar.gz) = 824d40e584a017559fae58954845663a20e34a76 3SHA1 (certbot-0.22.0.tar.gz) = 3ff38bfce754140ee61be392dc1da8bc02e09896
4RMD160 (certbot-0.21.1.tar.gz) = bedb988810cf30594b2ee014029c3edb9914582d 4RMD160 (certbot-0.22.0.tar.gz) = 53747b949a37eb35beb7ce098eca8f98f41b7bdf
5SHA512 (certbot-0.21.1.tar.gz) = 6f3ffba7dc06bcc2a6b9835906331753ee2715192e7a49562314480069f22e4a66bb26f04dc4bbdfb0ab40998220d0c9b77fb0351e042116b02996fb2da699d2 5SHA512 (certbot-0.22.0.tar.gz) = 406810e29a2637c420b9a8a3feb3a2ffb77bd740419cbcf46d10ab152a7252c765c058481b2a1f9a96cc426a9ae018bf90540fc0ebd54be1c8822c528cf1b605
6Size (certbot-0.21.1.tar.gz) = 1105663 bytes 6Size (certbot-0.22.0.tar.gz) = 1128134 bytes