ports/149509: Fix for TLS SNI in www/lighttpd

Grzegorz Blach magik at roorback.net
Tue Aug 10 20:20:02 UTC 2010

>Number:         149509
>Category:       ports
>Synopsis:       Fix for TLS SNI in www/lighttpd
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          open
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Tue Aug 10 20:20:01 UTC 2010
>Originator:     Grzegorz Blach
>Release:        8.1-RELEASE amd64
FreeBSD silver.nine 8.1-RELEASE FreeBSD 8.1-RELEASE #13 r210273: Tue Jul 20 04:46:24 CEST 2010     root at silver.nine:/usr/obj/usr/src/sys/SILVER  amd64

Ligttpd use TLS SNI if is linked against openssl 0.9.8f or higher.
In base FreeBSD 8.1 openssl is in v. 0.9.8n, but unfortunately without TLS SNI.

There two possible solutions:
1) link lighttpd with openssl from port (v.1.0.0a)
2) enable TLS SNI with openssl from base

I prepared patch for first solution (in attachment).

Build lighttpd on 8.1, and try to use name based https configuration

More info at: http://redmine.lighttpd.net/issues/2207
Apply my patch for lighttpd and rebuild

Patch attached with submission follows:

diff -x .svn -ruN /var/cache/portshaker/ports/www/lighttpd/Makefile www/lighttpd/Makefile
--- /var/cache/portshaker/ports/www/lighttpd/Makefile	2010-08-03 21:09:14.000000000 +0200
+++ www/lighttpd/Makefile	2010-08-10 22:02:39.589228221 +0200
@@ -81,6 +81,7 @@
 .if !defined(WITHOUT_OPENSSL)
 .include "${PORTSDIR}/Mk/bsd.openssl.mk"
 CONFIGURE_ARGS+=	--with-openssl \
 			--with-openssl-includes=${OPENSSLINC} \


More information about the freebsd-ports-bugs mailing list