~graywolf/acme-client-portable

Add define for EC_POINT_get_affine_coordinates

On openssl <1.1.1 EC_POINT_get_affine_coordinates is not defined. Since
based on the manpage EC_POINT_get_affine_coordinates_GFp is alias for it
provided for backwards compatibility, we should use it.

Thanks to Andrew Clayton <andrew@digital-domain.net> for pointing this
out and providing the fix. Original commit message:

acme-client-portable stopped building against OpenSSL < 1.1.1 with
commit e9103fb ("Update from openbsd (2021-07-10 23:52:43 UTC)") due to
the switch from EC_POINT_get_affine_coordinates_GFp() to
EC_POINT_get_affine_coordinates() which was only added in OpenSSL 1.1.1

This thus breaks the build on RHEL/CentOS/etc 7

It seems that we can simply alias EC_POINT_get_affine_coordinates to
EC_POINT_get_affine_coordinates_GFp when building with older OpenSSL.
Add TODO file

There are some things I would like to fix/improve when I have the time
to do so, so put them in a file so that I do not forget.
Merge branch 'openbsd'

	Change the error reporting pattern throughout the tree when unveil
	fails to report the path that the failure occured on. Suggested by
	deraadt@ after some tech discussion.

	Work done and verified by Ashton Fagg <ashton@fagg.id.au>

	ok deraadt@ semarie@ claudio@
Update from openbsd (2021-07-25 16:17:33 UTC)
Merge branch 'openbsd'

	acme-client: use EC_POINT_{get,set}_affine_cooordinates()

	The versions with _GFp() suffix only exist for historical reasons.
	Now that we have EC_POINT_{get,set}_affine_coordinates(), we should
	stop using the old ones as they provide no benefit.

	ok florian
Update from openbsd (2021-07-10 23:52:43 UTC)
Merge branch 'openbsd'
Ignore dist tarballs
Add .gitignore

This will prevent having more files committed by accident in the future.
Delete rest of committed stuff
Merge branch 'openbsd'

	Xr to ssl(8) which has clues about EC key generation that are
	still useful to acme-client users.
Update from openbsd (2021-02-28 14:15:39 UTC)
Delete object files

I manage to commit them by mistake (that's what I get for not having
clean working tree).
Merge branch 'openbsd'

document how to specify multiple alternative names;
modified version of diff from wolf on misc,
improved by and ok florian benno sthen
Update from openbsd (2021-01-26 15:22:07 UTC)
Gitignore new file created by autotools 2.70
Bump version to 1.2.0
Update configure.ac to 2.70
Merge updates from openbsd

Create backup files for certificates

	Create .1 backup files when acme-client is going to overwrite a
	certificate file.
	These files are not terribly big and they might become helpful if one
	re-creates a certificate with additional or removed domains and
	whishes to revoke the old cert (this part needs a bit of work to make
	it convenient to do).
	OK sthen

Improve handling of added/removed SANs

	If acme-client detects an added or removed SAN in the config file
	compared to the existing certificate on disk, automatically request a
	new certificate without requiring -F.

	(Previously the code using -F only coped with added SANs; if one was
	removed in config then the certificate needed manual removal vefore
	acme-client would work).

	Name checks for -r (revocation) are kept as-is for now.

First fulfill all challenges

	First fulfil all challenges then tell the CA that it should check.

	For http-01 this doesn't matter but I think this will be nicer for
	dns-01 because there are propagation delays to consider and it will be
	better to just put everything in DNS and then wait then wait after
	each challenge.

	Testing & OK sthen
Update from openbsd (2021-01-08 23:10:33 UTC)
Next