projects / feed / packages.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 015e212)
acme: standardize key_type
authorGlen Huang <me@glenhuang.com>
Wed, 17 May 2023 09:53:51 +0000 (17:53 +0800)
committerJosef Schlehofer <pepe.schlehofer@gmail.com>
Sun, 31 Mar 2024 13:27:05 +0000 (15:27 +0200)
keylength, being an acme.sh value type, uses pure numbers for rsa keys.
This can be disorienting for other acme clients. This change introduces
a new option "key_type" that aims to remove this ambiguity, and makes
all key type names follow the same pattern, making acme-common more
client agnostic.

Signed-off-by: Glen Huang <me@glenhuang.com>
(cherry picked from commit 6d61014e51266f1cb083d9f31491f9c5fb73eeb0)

net/acme-acmesh/files/hook.sh patch | blob | history
net/acme-common/files/acme.init patch | blob | history

diff --git a/net/acme-acmesh/files/hook.sh b/net/acme-acmesh/files/hook.sh
index 03343dacbffbc956c7342471b6247c0aeffb81e8..99d705aa87252de578e9b2d4f58796564761f3ba 100644 (file)
--- a/net/acme-acmesh/files/hook.sh
+++ b/net/acme-acmesh/files/hook.sh
@@ -44,12 +44,14 @@ get)
        set --
        [ "$debug" = 1 ] && set -- "$@" --debug
 
-       case $keylength in
-       ec-*)
+       case $key_type in
+       ec*)
+               keylength=${key_type/ec/ec-}
                domain_dir="$state_dir/${main_domain}_ecc"
                set -- "$@" --ecc
                ;;
-       *)
+       rsa*)
+               keylength=${key_type#rsa}
                domain_dir="$state_dir/$main_domain"
                ;;
        esac
diff --git a/net/acme-common/files/acme.init b/net/acme-common/files/acme.init
index 71ee8c0ade3a3222835429db4311412562701d80..a9a5703dc568deaaad09a850873aca2e224bd871 100644 (file)
--- a/net/acme-common/files/acme.init
+++ b/net/acme-common/files/acme.init
@@ -39,8 +39,17 @@ load_options() {
        export domains
        export main_domain
        main_domain="$(first_arg $domains)"
-       config_get keylength "$section" keylength ec-256
-       export keylength
+       config_get keylength "$section" keylength
+       if [ "$keylength" ]; then
+               log warn "Option \"keylength\" is deprecated, please use key_type (e.g., ec256, rsa2048) instead."
+               case $keylength in
+               ec-*) key_type=${keylength/-/} ;;
+               *) key_type=rsa$keylength ;;
+               esac
+       else
+               config_get key_type "$section" key_type ec256
+       fi
+       export key_type
        config_get dns "$section" dns
        export dns
        config_get acme_server "$section" acme_server
@@ -51,7 +60,6 @@ load_options() {
        [ -n "$standalone" ] && log warn "Option \"standalone\" is deprecated."
        config_get dns_wait "$section" dns_wait
        export dns_wait
-
        config_get webroot "$section" webroot
        export webroot
        if [ "$webroot" ]; then
Mirror of packages feed