Hello, first, let me say that I'm sorry for taking so long. However, since it was working for you, and I have been crazy busy at work, I sadly did not manage to get to this sooner.
It's unclear whether --with-libtls replaces or adds to --with-openssl. I had to specify both for configure to work. May I suggest making --with-libtls a full alternative to --with-openssl, with a directory indication? --with-libtls=libresslbasedir
Since libtls can be used with openssl, making those options exclusive would not work I think. However I've tried to improve (well, more like add :) ) documentation, so please check if it is sufficiently documented now.
Reliance on pkg-config. Some systems (including mine) don't have pkg-config, so I had to specify LIBTLS_CFLAGS and LIBTLS_LIBS by hand. It's fine; but it needs to be documented. The way I made it work, the build had "-lssl -lcrypto -ltls -lssl -lcrypto" as its final LIBS, which kinda works but is suboptimal ^^
I've moved libtls over to same script as openssl detection. That does use pkg-config, but accepts explicit path and checks default ones if pkg-config cannot be used. Also now both libraries are configured the same way, which is probably better anyway. I've also documented the lookup order, I hope that should help.
The software relies on sys/queue.h, which is not standard. glibc provides it, but not musl; I had to fish out a sys/queue.h implementation manually. In order to make acme-client-portable really portable, I think it should provide its own sys/queue.h :-) (this problem already happened on 1.2.0, I think, but I'm using the opportunity to report it here.)
True, looking back at it it's not worth it to require user to provide the header, since it is self-contained. The build still checks if bsd/sys/queue.h is present, but if not, it falls back to vendored one.
Hope this helps, and even if you don't fix the small annoyances above, I was able to make it work, so, thanks!
I've created a proper -rc1 this time, would appreciate if you would find a time to give it a spin, both for functionality and for the documentation. I would like to do the release at latest by end of month, so feel free to take your time if necessary.
0: https://data.wolfsden.cz/sources/acme-client-1.3.0-rc1.tar.gz sha256sum: 02dc12880669a6cd948e20747cabe21e5a8be60dd9f1dd7c8fae33c9830b2b69
Patch accepted upstream, will be present in 1.3.
While I do not share your opinion, I kinda understand. I've packaged current master here . Please ignore the version number in the name, it is not a final release, I've just run make dist on the master branch that already has the version bumped.
If you are paranoid here is a checksum:
+ $ sha256sum acme-client-1.3.0.tar.gz 0b25b31ac4e4f3479e7cf3534ba5ad124519c5dd43afb07d20e4905547f9ecf4 acme-client-1.3.0.tar.gz
I appreciate your help with testing this.
I would love to see a version of acme-client using LibreSSL, unchanged except for the removal of OpenBSD-specific calls.
With the --with-libtls you should be basically getting this. Minimal changes possible (or realistic).
sorry for taking so long to get back to you. Could you please try current master? In order to use tls from libressl (which you likely want), pass --with-libtls to the configure script.
Based on my testing it should work with libressl now. So please give it a shot.
If it is fine I will release 1.3.0 which will contain some more bug fixes.