acme-client: 0.1.16 -> 0.2.4

* acme-client: 0.1.16 -> 0.2.3 (#71853)

The upstream acme-client that used to be at [1] has now been integrated
into OpenBSD, and the portable version that it links to at [2] is marked
as unmaintained. However, letsencrypt.org links to [3] for a portable
version, and indeed, that repository contains a version that has recent
activity, so I switched over to that.

It is hard to tell what the difference is between the OpenBSD version
and what is on Github, and even if that would be easy, there are a lot
of Linux-specific changes. This program is dealing with certificates, so
I feel it is important to at least check that thare are no obviously
unintended differences between the previous version and the new, but I
don't know of a good way of doing that at this point. I will continue
to investigate before I open a pull request.

[1]: https://kristaps.bsd.lv/acme-client/
[2]: https://github.com/kristapsdz/acme-client-portable
[3]: https://github.com/graywolf/acme-client-portable

* acme-client: fix Linux build of new upstream

The new source does not include a configure script in the repository,
but we can generate it with automake. Also, the new acme-client-portable
has an OpenSSL compatibility layer, but that actually breaks building
against LibreSSL. Avoid this issue by patching the compatibility layer
to be less eager to define things when linking against LibreSSL. I will
also submit a pull request for that upstream.

I don't expect this to work on Darwin, and the current package suggests
it does, but if the upstream (portable) version is no longer maintained,
for Darwin, perhaps we should just drop support for it. But maybe it
will just work, CI or somebody with a Darwin system will have to try.

* acme-client: 0.2.3 -> 0.2.4

My LibreSSL compatibility patch has been merged upstream into
acme-client-portable, and version 0.2.4 that includes it has been
released, so we can remove the patch here.

* acme-client: address review feedback

 * Replace the manual autoreconf invocation with autoreconfHook.
 * Remove DEFAULT_CA_FILE, which no longer affects the build.

1 files changed, 13 insertions, 15 deletions

diff --git a/pkgs/tools/networking/acme-client/default.nix b/pkgs/tools/networking/acme-client/default.nix
index 60b3b6df69a..bf1c96b66b2 100644
--- a/pkgs/tools/networking/acme-client/default.nix
+++ b/pkgs/tools/networking/acme-client/default.nix
@@ -1,8 +1,8 @@
 { stdenv
+, fetchFromGitHub
+, autoreconfHook
+, bison
 , apple_sdk ? null
-, cacert
-, defaultCaFile ? "${cacert}/etc/ssl/certs/ca-bundle.crt"
-, fetchurl
 , libbsd
 , libressl
 , pkgconfig
@@ -12,24 +12,22 @@ with stdenv.lib;
 
 stdenv.mkDerivation rec {
   pname = "acme-client";
-  version = "0.1.16";
+  version = "0.2.4";
 
-  src = fetchurl {
-    url = "https://kristaps.bsd.lv/acme-client/snapshots/acme-client-portable-${version}.tgz";
-    sha256 = "00q05b3b1dfnfp7sr1nbd212n0mqrycl3cr9lbs51m7ncaihbrz9";
+  src = fetchFromGitHub {
+    owner = "graywolf";
+    repo = "acme-client-portable";
+    rev = "v${version}";
+    sha256 = "1yq2lkrnjwjs0h9mijqysnjmr7kp4zcq1f4cxr9n1db7pw8446xb";
   };
 
-  buildInputs = [ libbsd libressl pkgconfig ]
-    ++ optional stdenv.isDarwin apple_sdk.sdk;
+  nativeBuildInputs = [ autoreconfHook bison pkgconfig ];
+  buildInputs = [ libbsd libressl ] ++ optional stdenv.isDarwin apple_sdk.sdk;
 
-  CFLAGS = "-DDEFAULT_CA_FILE='\"${defaultCaFile}\"'";
-
-  preConfigure = ''
-    export PREFIX="$out"
-  '';
+  makeFlags = [ "PREFIX=${placeholder "out"}" ];
 
   meta = {
-    homepage = https://kristaps.bsd.lv/acme-client/;
+    homepage = "https://github.com/graywolf/acme-client-portable";
     description = "Secure ACME/Let's Encrypt client";
     platforms = platforms.unix;
     license = licenses.isc;