From fbcd17c52091cb51a86f0ab2acb5348a12b613e0 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Mon, 22 Feb 2021 12:06:09 +0100
Subject: In lacme's the [accountd] config, let lacme-accountd(1) do the
 %-expansion for 'config'.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This matches the arguably expected behavior that ‘config = %h/foo’ is
passed as ‘--config=%h/foo’ and resolved by lacme-accountd(1) (possibly
remote and with another passwd database).
---
 Changelog  | 7 +++++++
 lacme      | 2 +-
 lacme.8.md | 5 ++---
 3 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/Changelog b/Changelog
index 9f12237..3765bf9 100644
--- a/Changelog
+++ b/Changelog
@@ -1,3 +1,10 @@
+lacme (0.8.1) upstream;
+
+ - lacme: in the [accountd] config, let lacme-accountd(1) do the
+   %-expansion for 'config', not lacme(8) when building the command.
+
+ -- Guilhem Moulin <guilhem@fripost.org>  Mon, 22 Feb 2021 12:04:28 +0100
+
 lacme (0.8.0) upstream;
 
  * Breaking change: 'challenge-directory' now needs to be set to an
diff --git a/lacme b/lacme
index 731535f..9691888 100755
--- a/lacme
+++ b/lacme
@@ -536,7 +536,7 @@ sub acme_client($@) {
             my ($cmd, @args) = split(/\s+/, $accountd->{command}) or die "Empty accountd command\n";
             $_ = spec_expand($_) foreach ($cmd, @args); # expand %-specifiers after privilege drop and whitespace split
             push @args, '--stdio';
-            push @args, '--config='.spec_expand($accountd->{config}) if $accountd->{config} ne '';
+            push @args, '--config='.$accountd->{config} if $accountd->{config} ne '';
             push @args, '--privkey='.$accountd->{privkey} if $accountd->{privkey} ne ''; # XXX deprecated in 0.8.0
             push @args, '--quiet' unless lc $accountd->{quiet} eq 'no';
             push @args, '--debug' if $OPTS{debug};
diff --git a/lacme.8.md b/lacme.8.md
index ad6dab6..c39f51c 100644
--- a/lacme.8.md
+++ b/lacme.8.md
@@ -322,9 +322,8 @@ UNIX-domain socket.
 
 *config*
 
-:   Path to the [`lacme-accountd`(1)] configuration file.  The value is
-    subject to [%-specifier expansion](#percent-specifiers) _after_
-    privilege drop.
+:   Path to the [`lacme-accountd`(1)] configuration file.  Note that the
+    value might be subject to %-expansion by [`lacme-accountd`(1)].
 
 *quiet*
 
-- 
cgit v1.2.3