Merge branch 'master' of github.com:srvrco/getssl

.github/workflows/release-and-package.yml

@@ -0,0 +1,88 @@
+# Hacked together from https://github.com/qemu-riscv-xpack/.github/workflows/build-all.yml
+# and https://github.com/palmetto/palm-cli/blob/develop/.github/workflows/pypi-deploy.yaml
+
+name: Deploy getssl
+
+on:
+  workflow_dispatch:
+    inputs:
+      tags:
+        description: 'Tag to deploy, e.g. 2.47'
+        required: true
+        type: string
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          path: "getssl"
+
+      - name: Get version number
+        id: get_version
+        run: |
+          echo ::set-output name=VERSION::$(bash ./getssl/getssl --version)
+
+      - name: Check version matches tag
+        run: |
+          if [ "${{ steps.get_version.outputs.VERSION }}" != "getssl V${{ github.event.inputs.tags }}" ]; then
+            echo "Version number in getssl (${{ steps.get_version.outputs.VERSION }}) does not match tag (getssl V${{ github.event.inputs.tags }})"
+            exit 1
+          fi
+
+      - name: build .deb package
+        id: build_deb
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y build-essential devscripts debhelper pax liblocale-gettext-perl
+          wget https://github.com/debbuild/debbuild/releases/download/22.02.1/debbuild_22.02.1-0ubuntu20.04_all.deb
+          sudo dpkg --install debbuild_22.02.1-0ubuntu20.04_all.deb
+          # Line 1959 has an extra ")" bracket
+          sudo patch /usr/bin/debbuild < ./getssl/debbuild.patch
+          mkdir -p /root/debbuild/BUILD
+          mkdir -p /root/debbuild/DEBS/all
+          mkdir -p /root/debbuild/SDEBS
+          mkdir -p /root/debbuild/SOURCES
+          mkdir -p /root/debbuild/SPECS
+          tar -czf /root/debbuild/SOURCES/getssl-${{ github.event.inputs.tags }}.tar.gz ./getssl/* --transform "s/getssl\//getssl-${{ github.event.inputs.tags }}\//"
+          tar --append -f /root/getssl-${{ github.event.inputs.tags }}.sdeb /root/debbuild/SOURCES/getssl-${{ github.event.inputs.tags }}.tar.gz --transform 's,\.,SOURCES,'
+          tar --append -f /root/getssl-${{ github.event.inputs.tags }}.sdeb -C ./getssl getssl.crontab getssl.logrotate --transform 's,^,SOURCES/,'
+          tar --append -f /root/getssl-${{ github.event.inputs.tags }}.sdeb -C ./getssl getssl.spec --transform 's,^,SPECS/,'
+          debbuild --install /root/getssl-${{ github.event.inputs.tags }}.sdeb
+          debbuild -vv -ba /root/debbuild/SPECS/getssl.spec
+
+      - name: build .rpm package
+        id: build_rpm
+        if: ${{ success() }}
+        uses: addnab/docker-run-action@v3
+        with:
+          image: rockylinux:8
+          options: -v ${{ github.workspace }}:/root/getssl -e GITHUB_REF=${{ github.ref }}
+          run: |
+            sudo yum install -y rpm-build make
+            mkdir -p /root/rpmbuild/SOURCES /root/rpmbuild/RPMS/SRPMS /root/rpmbuild/RPMS/noarch
+            tar -czf /root/rpmbuild/SOURCES/getssl-${{ github.event.inputs.tags }}.tar.gz /root/getssl/* --transform "s/root\/getssl\//getssl-${{ github.event.inputs.tags }}\//"
+            cp /root/getssl/getssl.crontab /root/rpmbuild/SOURCES
+            cp /root/getssl/getssl.logrotate /root/rpmbuild/SOURCES
+            rpmbuild -ba /root/getssl/getssl.spec
+            cp /root/rpmbuild/SRPMS/getssl-*.rpm /root/getssl
+            cp /root/rpmbuild/RPMS/noarch/getssl-*.rpm /root/getssl
+
+      - name: create_release
+        id: create_release
+        if: ${{ success() }}
+        uses: ncipollo/release-action@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag: ${{ github.ref }}
+          name: Draft Release ${{ github.ref }}
+          generateReleaseNotes: true
+          draft: true
+          prerelease: false
+          artifacts: |
+            /root/debbuild/DEBS/all/getssl_${{ github.event.inputs.tags }}-*_all.deb
+            /root/getssl-${{ github.event.inputs.tags }}-*.src.rpm
+            /root/getssl-${{ github.event.inputs.tags }}-*.noarch.rpm

.github/workflows/run-tests-pebble.yml

@@ -3,17 +3,16 @@ on:
   push:
     paths-ignore:
       - '.github/workflows/*'
-    branches:
-      - master
   pull_request:
-    branches:
-      - master
+    paths-ignore:
+      - '.github/workflows/*'
   workflow_dispatch:
-    branches:
-      - master
+    paths-ignore:
+      - '.github/workflows/*'
 jobs:
   test-alpine:
     runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/master' # run this job only for the master branch
     steps:
       - uses: actions/checkout@v3
       - name: Build the docker-compose stack
@@ -22,6 +21,7 @@ jobs:
         run: test/run-test.sh alpine
   test-bash-4-0:
     runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/master' # run this job only for the master branch
     steps:
       - uses: actions/checkout@v3
       - name: Build the docker-compose stack
@@ -30,6 +30,7 @@ jobs:
         run: test/run-test.sh bash4-0
   test-bash-4-2:
     runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/master' # run this job only for the master branch
     steps:
       - uses: actions/checkout@v3
       - name: Build the docker-compose stack
@@ -38,30 +39,34 @@ jobs:
         run: test/run-test.sh bash4-2
   test-bash-5-0:
     runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/master' # run this job only for the master branch
     steps:
       - uses: actions/checkout@v3
       - name: Build the docker-compose stack
         run: docker-compose up -d --build
       - name: Run test suite on Alpine using Bash 5
         run: test/run-test.sh bash5-0
   test-centos6:
-      runs-on: ubuntu-latest
-      steps:
-        - uses: actions/checkout@v3
-        - name: Build the docker-compose stack
-          run: docker-compose up -d --build
-        - name: Run test suite on CentOS6
-          run: test/run-test.sh centos6
+    runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/master' # run this job only for the master branch
+    steps:
+      - uses: actions/checkout@v3
+      - name: Build the docker-compose stack
+        run: docker-compose up -d --build
+      - name: Run test suite on CentOS6
+        run: test/run-test.sh centos6
   test-centos7:
-      runs-on: ubuntu-latest
-      steps:
-        - uses: actions/checkout@v3
-        - name: Build the docker-compose stack
-          run: docker-compose up -d --build
-        - name: Run test suite on CentOS7
-          run: test/run-test.sh centos7
+    runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/master' # run this job only for the master branch
+    steps:
+      - uses: actions/checkout@v3
+      - name: Build the docker-compose stack
+        run: docker-compose up -d --build
+      - name: Run test suite on CentOS7
+        run: test/run-test.sh centos7
   test-centos8:
     runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/master' # run this job only for the master branch
     steps:
       - uses: actions/checkout@v3
       - name: Build the docker-compose stack
@@ -70,6 +75,7 @@ jobs:
         run: test/run-test.sh centos8
   test-debian:
     runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/master' # run this job only for the master branch
     steps:
       - uses: actions/checkout@v3
       - name: Build the docker-compose stack
@@ -78,6 +84,7 @@ jobs:
         run: test/run-test.sh debian
   test-rockylinux8:
     runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/master' # run this job only for the master branch
     steps:
       - uses: actions/checkout@v3
       - name: Build the docker-compose stack
@@ -86,6 +93,7 @@ jobs:
         run: test/run-test.sh rockylinux8
   test-ubuntu:
     runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/master' # run this job only for the master branch
     steps:
       - uses: actions/checkout@v3
       - name: Build the docker-compose stack
@@ -94,6 +102,7 @@ jobs:
         run: test/run-test.sh ubuntu
   test-ubuntu14:
     runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/master' # run this job only for the master branch
     steps:
       - uses: actions/checkout@v3
       - name: Build the docker-compose stack
@@ -102,6 +111,7 @@ jobs:
         run: test/run-test.sh ubuntu14
   test-ubuntu16:
     runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/master' # run this job only for the master branch
     steps:
       - uses: actions/checkout@v3
       - name: Build the docker-compose stack
@@ -110,6 +120,7 @@ jobs:
         run: test/run-test.sh ubuntu16
   test-ubuntu18:
     runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/master' # run this job only for the master branch
     steps:
       - uses: actions/checkout@v3
       - name: Build the docker-compose stack

.github/workflows/run-tests-staging-acmedns.yml

@@ -3,20 +3,20 @@ on:
   push:
     paths-ignore:
       - '.github/workflows/*'
-    branches:
-      - master
   pull_request:
-    branches:
-      - master
+    paths-ignore:
+      - '.github/workflows/*'
   workflow_dispatch:
-    branches:
-      - master
+    paths-ignore:
+      - '.github/workflows/*'
+
 env:
   DYNU_API_KEY: ${{ secrets.DYNU_API_KEY == '' && '65cXefd35XbYf36546eg5dYcZT6X52Y2' || secrets.DYNU_API_KEY }}
+
 jobs:
   test-ubuntu-acmedns:
     runs-on: ubuntu-latest
-    if: always()
+    if: github.ref == 'refs/heads/master' # run this job only for the master branch
     steps:
       - uses: actions/checkout@v3
       - name: Build the docker-compose stack

.github/workflows/shellcheck.yml

@@ -4,16 +4,17 @@ on:
   push:
     paths-ignore:
       - '.github/workflows/*'
-    branches: [ master ]
   pull_request:
-    branches: [ master ]
+    paths-ignore:
+      - '.github/workflows/*'
   workflow_dispatch:
-    branches:
-      - master
+    paths-ignore:
+      - '.github/workflows/*'
 
 jobs:
   lint:
     runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/master' # run this job only for the master branch
     steps:
       - uses: actions/checkout@v3
       - name: Lint check

debbuild.patch

@@ -0,0 +1,11 @@
+--- /usr/bin/debbuild	2022-11-11 15:34:22.529876000 +0000
++++ /usr/bin/debbuild.fix	2022-11-11 15:34:53.137410000 +0000
+@@ -1956,7 +1956,7 @@
+   my $srcpkg = shift;
+   die _('Can\'t install ').$srcpkg."\n" unless $srcpkg =~ /\.sdeb$/;
+   $srcpkg = abs_path($srcpkg);
+-  system(expandmacros("cd %{_topdir}; %{__pax} -r -f $srcpkg)")) == 0 and
++  system(expandmacros("cd %{_topdir}; %{__pax} -r -f $srcpkg")) == 0 and
+   $finalmessages .= _('Extracted source package ').$srcpkg.
+     _(" to %{_topdir}.\n");
+ } # end install_sdeb()

getssl

@@ -285,6 +285,8 @@
 # 2022-01-06 Support --account-id (#716)(2.46)
 # 2022-03-09 Support for ISPConfig API
 # 2022-05-03 Windows Server and IIS support (2.47)
+# 2022-05-18 Add FTP_ARGS
+# 2022-11-01 Add FTP_PORT
 # ----------------------------------------------------------------------------------------
 
 case :$SHELLOPTS: in
@@ -319,6 +321,7 @@ DUAL_RSA_ECDSA="false"
 FTP_OPTIONS=""
 FTPS_OPTIONS=""
 FTP_ARGS=""
+FTP_PORT=""
 FULL_CHAIN_INCLUDE_ROOT="false"
 GETSSL_IGNORE_CP_PRESERVE="false"
 HTTP_TOKEN_CHECK_WAIT=0
@@ -1013,15 +1016,15 @@ copy_file_to_location() { # copies a file, using scp, sftp or ftp if required.
       ftpfile=$(basename "$ftplocn")
       fromdir=$(dirname "$from")
       fromfile=$(basename "$from")
-      debug "ftp user=$ftpuser - pass=$ftppass - host=$ftphost dir=$ftpdirn file=$ftpfile"
+      debug "ftp user=$ftpuser - pass=$ftppass - host=$ftphost port=$FTP_PORT dir=$ftpdirn file=$ftpfile"
       debug "from dir=$fromdir  file=$fromfile"
       if [ -n "$FTP_OPTIONS" ]; then
         # Use eval to expand any variables in FTP_OPTIONS
         FTP_OPTIONS=$(eval echo "$FTP_OPTIONS")
         debug "FTP_OPTIONS=$FTP_OPTIONS"
       fi
       $FTP_COMMAND <<- _EOF
-			open $ftphost
+			open $ftphost $FTP_PORT
 			user $ftpuser $ftppass
 			$FTP_OPTIONS
 			cd $ftpdirn
@@ -1038,10 +1041,11 @@ copy_file_to_location() { # copies a file, using scp, sftp or ftp if required.
       ftpfile=$(basename "$ftplocn")
       fromdir=$(dirname "$from")
       fromfile=$(basename "$from")
-      debug "sftp $SFTP_OPTS user=$ftpuser - pass=$ftppass - host=$ftphost dir=$ftpdirn file=$ftpfile"
+      if [ -n "$FTP_PORT" ]; then SFTP_PORT="-P $FTP_PORT"; else SFTP_PORT=""; fi
+      debug "sftp $SFTP_OPTS user=$ftpuser - pass=$ftppass - host=$ftphost port=$FTP_PORT dir=$ftpdirn file=$ftpfile"
       debug "from dir=$fromdir  file=$fromfile"
       # shellcheck disable=SC2086
-      sshpass -p "$ftppass" sftp $SFTP_OPTS "$ftpuser@$ftphost" <<- _EOF
+      sshpass -p "$ftppass" sftp $SFTP_OPTS $SFTP_PORT "$ftpuser@$ftphost" <<- _EOF
 			cd $ftpdirn
 			lcd $fromdir
 			put ./$fromfile
@@ -1063,7 +1067,8 @@ copy_file_to_location() { # copies a file, using scp, sftp or ftp if required.
       # shellcheck disable=SC2086
       curl ${_NOMETER} -u "${davsuser}:${davspass}" -T "${fromdir}/${fromfile}" "https://${davshost}:${davsport}${davsdirn}${davsfile}"
     elif [[ "${to:0:6}" == "ftpes:" ]] || [[ "${to:0:5}" == "ftps:" ]] ; then
-      debug "using ftp to copy the file from $from"
+      # FTPES (FTP over explicit TLS/SSL, port 21) and FTPS (FTP over implicit TLS/SSL, port 990).
+      debug "using ${to:0:5} to copy the file from $from"
       ftpuser=$(echo "$to"| awk -F: '{print $2}')
       ftppass=$(echo "$to"| awk -F: '{print $3}')
       ftphost=$(echo "$to"| awk -F: '{print $4}')
@@ -1072,14 +1077,25 @@ copy_file_to_location() { # copies a file, using scp, sftp or ftp if required.
       ftpfile=$(basename "$ftplocn")
       fromdir=$(dirname "$from")
       fromfile=$(basename "$from")
-      debug "ftp user=$ftpuser - pass=$ftppass - host=$ftphost dir=$ftpdirn file=$ftpfile"
+
+      SFTP_PORT="";
+      if [ -n "$FTP_PORT" ]; then SFTP_PORT=":${FTP_PORT}"; fi
+      debug "${to:0:5} user=$ftpuser - pass=$ftppass - host=$ftphost port=$FTP_PORT dir=$ftpdirn file=$ftpfile"
       debug "from dir=$fromdir  file=$fromfile"
       if [[ "${to:0:5}" == "ftps:" ]] ; then
+        # if no FTP_PORT is specified, then use default
+        if [ -z "$FTP_PORT" ]; then
+          SFTP_PORT=":990"
+        fi
         # shellcheck disable=SC2086
-        curl ${_NOMETER} $FTPS_OPTIONS --ftp-ssl --ftp-ssl-reqd -u "${ftpuser}:${ftppass}" -T "${fromdir}/${fromfile}" "ftp://${ftphost}${ftpdirn}:990/"
+        debug curl ${_NOMETER} $FTPS_OPTIONS --ftp-ssl --ftp-ssl-reqd -u "${ftpuser}:${ftppass}" -T "${fromdir}/${fromfile}" "ftps://${ftphost}${SFTP_PORT}/${ftpdirn}/"
+        # shellcheck disable=SC2086
+        curl ${_NOMETER} $FTPS_OPTIONS --ftp-ssl --ftp-ssl-reqd -u "${ftpuser}:${ftppass}" -T "${fromdir}/${fromfile}" "ftps://${ftphost}${SFTP_PORT}/${ftpdirn}/"
       else
         # shellcheck disable=SC2086
-        curl ${_NOMETER} $FTPS_OPTIONS --ftp-ssl --ftp-ssl-reqd -u "${ftpuser}:${ftppass}" -T "${fromdir}/${fromfile}" "ftp://${ftphost}${ftpdirn}/"
+        debug curl ${_NOMETER} $FTPS_OPTIONS --ftp-ssl --ftp-ssl-reqd -u "${ftpuser}:${ftppass}" -T "${fromdir}/${fromfile}" "ftp://${ftphost}${SFTP_PORT}/${ftpdirn}/"
+        # shellcheck disable=SC2086
+        curl ${_NOMETER} $FTPS_OPTIONS --ftp-ssl --ftp-ssl-reqd -u "${ftpuser}:${ftppass}" -T "${fromdir}/${fromfile}" "ftp://${ftphost}${SFTP_PORT}/${ftpdirn}/"
       fi
     else
       if ! mkdir -p "$(dirname "$to")" ; then