On Wed, 2021-07-28 at 23:09 +0200, Daniel Gustafsson wrote:
> > On 28 Jul 2021, at 23:02, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> > Jacob Champion <pchampion@vmware.com> writes:
> > > As long as the .SECONDARYEXPANSION magic is clear enough to others, I'm
> > > happy.
> >
> > After reading the gmake docs about that, I'd have to say it's likely to be next
> > door to unmaintainable.
>
> Personally, I don’t think it’s that bad, but mileage varies. It’s obviously a
> show-stopper if maintainers don’t feel comfortable with it.
>
> > And, AFAICT, it's not in 3.80.
>
> That however, is a very good point that I missed. I think it’s a good tool,
> but probably not enough to bump the requirement.
No worries, it's easy enough to unroll the expansion manually. The
annoyances without secondary expansion are the duplicated lines for
each individual CA and the need to introduce .INTERMEDIATE targets so
that cleanup works as intended.
Attached is a v3 that does that, and introduces a fallback in case
openssl isn't on the PATH. I also missed a Makefile dependency on
cas.config the first time through, which has been fixed. The patch you
pulled out earlier is 0001 in the set.
--Jacob
