uacme: apply upstream changes

updating with changes from outside (acme-common/uacme)
version/profile support/key rotation option

Signed-off-by: Seo Suchan <tjtncks@gmail.com>

Author: orangepizza

net/acme-common/Makefile

@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=acme-common
-PKG_VERSION:=1.5.1
+PKG_VERSION:=1.5.2
 
 PKG_MAINTAINER:=Toke Høiland-Jørgensen <toke@toke.dk>
 PKG_LICENSE:=GPL-3.0-only

net/uacme/Makefile

@@ -111,6 +111,7 @@ define Package/uacme/install
 
 	$(INSTALL_BIN) ./files/hook.sh $(1)/usr/lib/acme/hook
 	$(INSTALL_BIN) ./files/httpchalhook.sh $(1)/usr/lib/acme/client/httpchalhook.sh
+	$(INSTALL_BIN) ./files/dns_persist.sh $(1)/usr/lib/acme/client/dns_persist.sh
 	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/uacme $(1)/usr/sbin/uacme
 endef
 
@@ -128,9 +129,10 @@ define Package/uacme-dnsapi-adapter/install
 	$(INSTALL_DIR) \
 	 $(1)/usr/lib/acme/client
 
-  $(INSTALL_BIN) ./files/dnschalhook.sh $(1)/usr/lib/acme/client/dnschalhook.sh
-  $(INSTALL_BIN) ./files/dnsapi_helper.sh $(1)/usr/lib/acme/client/dnsapi_helper.sh
+	$(INSTALL_BIN) ./files/dnschalhook.sh $(1)/usr/lib/acme/client/dnschalhook.sh
+	$(INSTALL_BIN) ./files/dnsapi_helper.sh $(1)/usr/lib/acme/client/dnsapi_helper.sh
 endef
 
 $(eval $(call BuildPackage,uacme))
 $(eval $(call BuildPackage,uacme-ualpn))
+$(eval $(call BuildPackage,uacme-dnsapi-adapter))

net/uacme/files/dns_persist.sh

@@ -0,0 +1,48 @@
+#!/bin/sh
+# Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dilieto@gmail.com>
+#
+# This file is part of uacme.
+#
+# uacme is free software: you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# uacme is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# Part of this is copied from acme.sh
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+# noop challange 'solver' for challenge type select
+
+ARGS=5
+E_BADARGS=85
+LOG_TAG=acme-uacme-dnshook
+
+if test $# -ne "$ARGS"
+then
+    echo "Usage: $(basename "$0") method type ident token auth" 1>&2
+    exit $E_BADARGS
+fi
+
+METHOD=$1
+TYPE=$2
+IDENT=$3
+TOKEN=$4
+AUTH=$5
+
+if [ "$TYPE" != "dns-persist-01" ]; then
+    echo "skipping $TYPE" 1>&2
+    exit 1
+fi
+
+if [ "$METHOD" == "failed" ]; then
+    echo "Failed dns-persist-01 challange for $IDENT, did you put right validation record?"
+fi
+
+exit 0

net/uacme/files/hook.sh

@@ -85,7 +85,6 @@ get)
 	fi
 	set --
 	[ "$debug" = 1 ] && set -- "$@" -v
-#uacme doesn't rotate privkey
 	case $key_type in
 	ec*)
 		keylength=${key_type#ec}
@@ -130,6 +129,10 @@ get)
 		set -- "$@" --days "$days"
 	fi
 
+	if [ "$cert_profile" ]; then
+		set -- "$@" --profile "$cert_profile"
+	fi
+
 	# uacme handles challange select by hook script
 	case "$validation_method" in
 	"alpn")
@@ -151,6 +154,9 @@ get)
 			export dns_wait
 		fi
 		;;
+	"dns-persist")
+		set -- "$@" -h "$HOOKDIR/client/dns_persist.sh"
+		;;
 	"standalone")
 		set -- "$@" --standalone --listen-v6
 		log err "standalone server is not implmented for uacme"
@@ -173,7 +179,7 @@ get)
 
 	log info "$ACME $*"
 	trap '$NOTIFY issue-failed;exit 1' INT
-	"$ACME" "$@" 2>&1
+	"$ACME" "$@" -k 2>&1
 	status=$?
 	trap - INT