From 09d4e6f58254cc18803e9746b84e521924c55aee Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Sat, 1 Jul 2017 19:59:23 +0200 Subject: Avoid hash slices. That's mostly what prevents us from supporting Perl older than 5.20. --- lacme | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lacme') diff --git a/lacme b/lacme index 1065e67..478f2e4 100755 --- a/lacme +++ b/lacme @@ -532,7 +532,7 @@ sub acme_client($@) { # child doesn't have access to the parent's memory my @fileno = map { fileno($_) =~ /^(\d+)$/ ? $1 : die } ($CONFFILE, $client); # untaint fileno set_FD_CLOEXEC($client, 1); - my $rv = spawn({%$args{qw/in out/}, child => sub() { + my $rv = spawn({in => $args->{in}, out => $args->{out}, child => sub() { drop_privileges($conf->{user}, $conf->{group}, $args->{chdir} // '/'); set_FD_CLOEXEC($_, 0) foreach ($CONFFILE, $client); seek($CONFFILE, SEEK_SET, 0) or die "Can't seek: $!"; @@ -723,7 +723,7 @@ elsif ($COMMAND eq 'new-cert') { } # generate the CSR - my $csr = gen_csr(%$conf{qw/certificate-key subject subjectAltName keyUsage hash/}) // do { + my $csr = gen_csr(map {$_ => $conf->{$_}} qw/certificate-key subject subjectAltName keyUsage hash/) // do { print STDERR "[$s] Warning: Couldn't generate CSR, skipping\n"; $rv = 1; next; -- cgit v1.2.3 From abb09fac8787c3444f45cf8cc06386dd75719a01 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Sat, 1 Jul 2017 19:55:55 +0200 Subject: Specify minimum required Perl versions. --- lacme | 1 + 1 file changed, 1 insertion(+) (limited to 'lacme') diff --git a/lacme b/lacme index 478f2e4..270828b 100755 --- a/lacme +++ b/lacme @@ -18,6 +18,7 @@ # along with this program. If not, see . #---------------------------------------------------------------------- +use v5.16.2; use strict; use warnings; -- cgit v1.2.3 From 13a0c9cf64543214282c6809cbbc43ef225df935 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Sat, 1 Jul 2017 20:23:28 +0200 Subject: lacme: Specify minimum required Socket version 1.95. --- lacme | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'lacme') diff --git a/lacme b/lacme index 270828b..01c683e 100755 --- a/lacme +++ b/lacme @@ -18,7 +18,7 @@ # along with this program. If not, see . #---------------------------------------------------------------------- -use v5.16.2; +use v5.14.2; use strict; use warnings; @@ -31,9 +31,9 @@ use File::Temp (); use Getopt::Long qw/:config posix_default no_ignore_case gnu_getopt auto_version/; use List::Util 'first'; use POSIX (); -use Socket qw/AF_UNIX AF_INET AF_INET6 PF_UNIX PF_INET PF_INET6 PF_UNSPEC - INADDR_ANY IN6ADDR_ANY IPPROTO_IPV6 - SOCK_STREAM SOL_SOCKET SO_REUSEADDR SHUT_RDWR/; +use Socket 1.95 qw/AF_UNIX AF_INET AF_INET6 PF_UNIX PF_INET PF_INET6 PF_UNSPEC + INADDR_ANY IN6ADDR_ANY IPPROTO_IPV6 + SOCK_STREAM SOL_SOCKET SO_REUSEADDR SHUT_RDWR/; use Config::Tiny (); use Net::SSLeay (); -- cgit v1.2.3 From 8cdd29841d0dbb89e866aad36173bb26182d0c97 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Sat, 8 Jul 2017 21:02:36 +0200 Subject: Bind webserver to /var/run/lacme-www.socket by default. --- lacme | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lacme') diff --git a/lacme b/lacme index 01c683e..6570891 100755 --- a/lacme +++ b/lacme @@ -97,7 +97,7 @@ do { map {$_ => undef} qw/server timeout SSL_verify SSL_version SSL_cipher_list/ }, webserver => { - listen => '/var/run/lacme.socket', + listen => '/var/run/lacme-www.socket', 'challenge-directory' => undef, user => 'www-data', group => 'www-data', -- cgit v1.2.3