ports/149509: Fix for TLS SNI in www/lighttpd
Grzegorz Blach
magik at roorback.net
Tue Aug 10 20:20:02 UTC 2010
>Number: 149509
>Category: ports
>Synopsis: Fix for TLS SNI in www/lighttpd
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Tue Aug 10 20:20:01 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator: Grzegorz Blach
>Release: 8.1-RELEASE amd64
>Organization:
>Environment:
FreeBSD silver.nine 8.1-RELEASE FreeBSD 8.1-RELEASE #13 r210273: Tue Jul 20 04:46:24 CEST 2010 root at silver.nine:/usr/obj/usr/src/sys/SILVER amd64
>Description:
Ligttpd use TLS SNI if is linked against openssl 0.9.8f or higher.
In base FreeBSD 8.1 openssl is in v. 0.9.8n, but unfortunately without TLS SNI.
There two possible solutions:
1) link lighttpd with openssl from port (v.1.0.0a)
2) enable TLS SNI with openssl from base
I prepared patch for first solution (in attachment).
>How-To-Repeat:
Build lighttpd on 8.1, and try to use name based https configuration
More info at: http://redmine.lighttpd.net/issues/2207
>Fix:
Apply my patch for lighttpd and rebuild
Patch attached with submission follows:
diff -x .svn -ruN /var/cache/portshaker/ports/www/lighttpd/Makefile www/lighttpd/Makefile
--- /var/cache/portshaker/ports/www/lighttpd/Makefile 2010-08-03 21:09:14.000000000 +0200
+++ www/lighttpd/Makefile 2010-08-10 22:02:39.589228221 +0200
@@ -81,6 +81,7 @@
.if !defined(WITHOUT_OPENSSL)
.include "${PORTSDIR}/Mk/bsd.openssl.mk"
+WITH_OPENSSL_PORT= yes
CONFIGURE_ARGS+= --with-openssl \
--with-openssl-includes=${OPENSSLINC} \
--with-openssl-libs=${OPENSSLLIB}
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list