From patchwork Thu Nov 14 20:12:22 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Artyom V. Poptsov" X-Patchwork-Id: 70404 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 69CEC27BBEA; Thu, 14 Nov 2024 20:14:38 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-6.6 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED,DKIM_VALID,FREEMAIL_FROM,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_VALIDITY_CERTIFIED,RCVD_IN_VALIDITY_RPBL, RCVD_IN_VALIDITY_SAFE,SPF_HELO_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id C8DFA27BBE2 for ; Thu, 14 Nov 2024 20:14:37 +0000 (GMT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tBgEH-0001Ja-49; Thu, 14 Nov 2024 15:14:13 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tBgE7-0001GI-L3 for guix-patches@gnu.org; Thu, 14 Nov 2024 15:14:05 -0500 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1tBgE7-0004vE-BU for guix-patches@gnu.org; Thu, 14 Nov 2024 15:14:03 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debbugs.gnu.org; s=debbugs-gnu-org; h=MIME-Version:References:In-Reply-To:Date:From:To:Subject; bh=7a53j+vLiJpZ0VWKIAoIuoqbfFIC8AkQOXxpi5nIfMY=; b=kxfzJKdJ27bNO8rpQyayFdP8YZzHcr1prUnrzLp++ndh7q3aVt9XITt2avi6TmfOQBO4WeZI2F5T/Ha97aT2CsA3At1aYVqxzsuCFxXKxtnDoT58DL1E/GC09mvrJr7CxTQy4dG0ZiqxrKLkW/fpSJyyOOjz+CmX7OFnlltfVHg1C8Xdc1fDwi0n9AX+BH3NVRihe8stOL/IJa+VQ+YOciqb47QaG4VB42nWmPA8L+byi71ooDq7DMETwBSjPxS0LJ5jjVFreX7+7hMu9ekMZawbMQDA7mztuCsHIQJMtMUXcd+gZEretBEGEx7wJ1ij67UmLiBG394lNY0jeF/Ugg==; Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1tBgE6-0001Qz-Vo for guix-patches@gnu.org; Thu, 14 Nov 2024 15:14:03 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#74355] [PATCH 3/7] gnu: Add go-github-com-mholt-acmez. Resent-From: "Artyom V. Poptsov" Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Thu, 14 Nov 2024 20:14:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 74355 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 74355@debbugs.gnu.org Cc: "Artyom V. Poptsov" Received: via spool by 74355-submit@debbugs.gnu.org id=B74355.17316152275431 (code B ref 74355); Thu, 14 Nov 2024 20:14:02 +0000 Received: (at 74355) by debbugs.gnu.org; 14 Nov 2024 20:13:47 +0000 Received: from localhost ([127.0.0.1]:47324 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tBgDr-0001PQ-3t for submit@debbugs.gnu.org; Thu, 14 Nov 2024 15:13:47 -0500 Received: from mail-lj1-f179.google.com ([209.85.208.179]:40383) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tBgDm-0001OU-7g for 74355@debbugs.gnu.org; Thu, 14 Nov 2024 15:13:43 -0500 Received: by mail-lj1-f179.google.com with SMTP id 38308e7fff4ca-2fb5f64766eso592481fa.1 for <74355@debbugs.gnu.org>; Thu, 14 Nov 2024 12:13:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1731615155; x=1732219955; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=7a53j+vLiJpZ0VWKIAoIuoqbfFIC8AkQOXxpi5nIfMY=; b=K8Zn4pfWdah7FRxHjjYHPdRBbzSk3sGPzVYGsPFHcijLpOl5WOEwSmLDXuL/xqhmwm rrV1mNeMaj8bwbaH/BJDmykkd/qxCebWVc9NqTGd9ePH+86Cfkf4eNvYbuGenxqjH8bN B+UcsWfK+GmJm58BqP1/QY3bQiprhlwRKpoQoIhaEfLwCWwWaehR8t0h4KrgK4ejD2Du fx49VJhKMjM4+aq+Mkv+rxM533sgkZEpIJq6Cg1aidTz2dVWmywm2o9Lx3BFL5P6Xb30 JSI5D0vTJc872o5JQyvzPc4f26rx8VqN7kO0FwcAbmMwW8N04OqbcGylKfLyn7/jI17O usaw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731615155; x=1732219955; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=7a53j+vLiJpZ0VWKIAoIuoqbfFIC8AkQOXxpi5nIfMY=; b=Y66OEZOfdhx//aS9n6N+Nh/wupkCzvMGClHPIR2IrmM4FJtAYVn87u8W3y9UVPLagj 2DxYNXjnjGLSst8Dn7cn8NXQZV3H0VRwcq+PN0zfeB6DtFr7gr7miGrG/wL5PkOtIdwh SSfV1ioRGn2da0VPyBrFbF1CnhU+oA7HvROc9XtOxCaMCsWoDYRDCwg7sKtE0D1jxfZK 4/UkUpnenGc0giPOQbHlhCcdqbm5UCMQS4kk3DfPBD+vkWamHf/AR0l89wRoC4r1/B1T TVHl9ttY5fpw1JKncbn7Rs73Nr/vvXGWpbQx9MkLdMKSNrD3lKAMFutJ6QIi3Ntt912d b1Gg== X-Gm-Message-State: AOJu0Yx5DPYvMrgNrmRSQOw2IIK8ZEwMYAsQkXcq71iJ9yXzWcp0tUmG 2regUtsM1/o+iBOr7U0g0dIaALOXqE/8ozuxdFGngTCDYHKwxV0R6NnMOxXgAfA= X-Google-Smtp-Source: AGHT+IENb4McHjFPMG0+gb5Psv4ABN+aELYl1VqmbPwH3Actgdr5iwi+TBl7ygkm9GroI+S/SrgikA== X-Received: by 2002:a05:651c:2125:b0:2f7:5c24:1cab with SMTP id 38308e7fff4ca-2ff6075855bmr373021fa.10.1731615154772; Thu, 14 Nov 2024 12:12:34 -0800 (PST) Received: from elephant.. ([5.164.195.48]) by smtp.gmail.com with ESMTPSA id 2adb3069b0e04-53da653e3f9sm296167e87.189.2024.11.14.12.12.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 14 Nov 2024 12:12:34 -0800 (PST) From: "Artyom V. Poptsov" Date: Thu, 14 Nov 2024 23:12:22 +0300 Message-ID: X-Mailer: git-send-email 2.46.0 In-Reply-To: References: MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org X-getmail-retrieved-from-mailbox: Patches * gnu/packages/golang-web.scm (go-github-com-mholt-acmez): New variable. Change-Id: I220f588ff600e032c38974b9f09e873d22a1811a --- gnu/packages/golang-web.scm | 83 +++++++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) diff --git a/gnu/packages/golang-web.scm b/gnu/packages/golang-web.scm index c71878423f..b29fc69b1a 100644 --- a/gnu/packages/golang-web.scm +++ b/gnu/packages/golang-web.scm @@ -3657,6 +3657,89 @@ (define-public go-github-com-mdlayher-socket deadline support.") (license license:expat))) +(define-public go-github-com-mholt-acmez + (package + (name "go-github-com-mholt-acmez") + (version "2.0.3") + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/mholt/acmez") + (commit (string-append "v" version)))) + (file-name (git-file-name name version)) + (sha256 + (base32 "0xfl6p8izgjs1d26iygfilmmagxld409qsgdy60r1chfsrcnraby")))) + (build-system go-build-system) + (arguments + (list + #:import-path "github.com/mholt/acmez")) + (propagated-inputs + (list go-golang-org-x-crypto + go-golang-org-x-net + go-go-uber-org-zap)) + (home-page "https://github.com/mholt/acmez") + (synopsis "Premier ACME client library for Go") + (description + "@code{ACMEz} (@code{ack-measy} or @code{acme-zee}, whichever you prefer) is a +fully-compliant @url{https://tools.ietf.org/html/rfc8555, RFC 8555} (ACME) +implementation in pure Go. It is lightweight, has an elegant Go API, and its retry +logic is highly robust against external errors. ACMEz is suitable for large-scale +enterprise deployments. It also supports common IETF-standardized ACME extensions. + +NOTE: This module is for getting certificates, not managing certificates. Most users +probably want certificate management (keeping certificates renewed) rather than to +interface directly with ACME. Developers who want to use certificates in their +long-running Go programs should use @url{https://github.com/caddyserver/certmagic, +CertMagic} instead; or, if their program is not written in Go, +@url{https://caddyserver.com/, Caddy} can be used to manage certificates (even +without running an HTTP or TLS server if needed). + +This module has two primary packages: + +@itemize +@item @code{acmez} is a high-level wrapper for getting certificates. It implements +the ACME order flow described in RFC 8555 including challenge solving using pluggable +solvers. +@item @code{acme} is a low-level RFC 8555 implementation that provides the +fundamental ACME operations, mainly useful if you have advanced or niche +requirements. +@end itemize + +In other words, the @code{acmez} package is porcelain while the @code{acme} package +is plumbing (to use git's terminology). + +Main features: +@itemize +@item Go API thoroughly documented with spec citations. +@item Robust to external errors. +@item Structured error values ('problems' as defined in RFC 7807.) +@item Smart retries (resilient against network and server hiccups.) +@item Challenge plasticity (randomized challenges, and will retry others if one +fails.) + +@item Context cancellation (suitable for high-frequency config changes or reloads.) + +@item Highly flexible and customizable. + +@item External Account Binding (EAB) support. + +@item Tested with numerous ACME CAs (more than just Let's Encrypt.) + +@item Implements niche aspects of RFC 8555 (such as alt cert chains and account key +rollover.) + +@item Efficient solving of large SAN lists (e.g. for slow DNS record propagation.) + +@item Utility functions for solving challenges: device attestation +challenges (draft-acme-device-attest-02), RFC 8737 (tls-alpn-01 challenge), RFC +8823 (email-reply-00 challenge; S/MIME.) + +@item ACME Renewal Information (ARI) support (draft-ietf-acme-ari-03.) +@end itemize +") + (license license:asl2.0))) + (define-public go-github-com-microcosm-cc-bluemonday (package (name "go-github-com-microcosm-cc-bluemonday")