git: 01064291636e - main - www/hiawatha: Make it work with Mbed TLS 2.28
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 20 Sep 2022 20:31:16 UTC
The branch main has been updated by tijl:
URL: https://cgit.FreeBSD.org/ports/commit/?id=01064291636ecbb8aa043e075e8bcf9e1d0918e9
commit 01064291636ecbb8aa043e075e8bcf9e1d0918e9
Author: Tijl Coosemans <tijl@FreeBSD.org>
AuthorDate: 2022-09-19 10:35:22 +0000
Commit: Tijl Coosemans <tijl@FreeBSD.org>
CommitDate: 2022-09-20 20:29:15 +0000
www/hiawatha: Make it work with Mbed TLS 2.28
Tested by: Karsten Brand <unknown@u53r.space>
---
www/hiawatha/Makefile | 1 +
www/hiawatha/files/patch-src_tls.c | 20 ++++++++++++--------
www/hiawatha/files/patch-src_wigwam.c | 11 ++++-------
3 files changed, 17 insertions(+), 15 deletions(-)
diff --git a/www/hiawatha/Makefile b/www/hiawatha/Makefile
index 4e2ec5398407..334e8a9cb649 100644
--- a/www/hiawatha/Makefile
+++ b/www/hiawatha/Makefile
@@ -1,5 +1,6 @@
PORTNAME= hiawatha
PORTVERSION= 11.2
+PORTREVISION= 1
CATEGORIES= www
MASTER_SITES= https://www.hiawatha-webserver.org/files/
diff --git a/www/hiawatha/files/patch-src_tls.c b/www/hiawatha/files/patch-src_tls.c
index e7723e37d069..d549f8bc366c 100644
--- a/www/hiawatha/files/patch-src_tls.c
+++ b/www/hiawatha/files/patch-src_tls.c
@@ -1,5 +1,14 @@
--- src/tls.c.orig 2022-01-22 12:16:26 UTC
+++ src/tls.c
+@@ -161,7 +161,7 @@ int init_tls_module(mbedtls_x509_crt *ca_certificates)
+ int init_tls_module(mbedtls_x509_crt *ca_certificates) {
+ char version[16];
+
+- if (mbedtls_version_get_number() < 0x03000000) {
++ if (mbedtls_version_get_number() < 0x021c0000) {
+ mbedtls_version_get_string(version);
+ fprintf(stderr, "This Hiawatha installation requires at least mbed TLS v3.0.0 and you have v%s.\n", version);
+ return -1;
@@ -322,7 +322,7 @@ int tls_load_key_cert(char *file, mbedtls_pk_context *
}
mbedtls_pk_init(*private_key);
@@ -9,17 +18,12 @@
print_tls_error(result, "Error loading private key from %s", file);
return -1;
}
-@@ -436,11 +436,13 @@ int tls_accept(int *sock, mbedtls_ssl_context *context
+@@ -436,7 +436,7 @@ int tls_accept(int *sock, mbedtls_ssl_context *context
result = TLS_HANDSHAKE_OKE;
while ((handshake = mbedtls_ssl_handshake(context)) != 0) {
-+#ifndef __FreeBSD__
- if (handshake == MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE) {
+- if (handshake == MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE) {
++ if (handshake == MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION) {
mbedtls_ssl_free(context);
result = TLS_HANDSHAKE_NO_MATCH;
break;
- }
-+#endif
-
- if ((handshake != MBEDTLS_ERR_SSL_WANT_READ) && (handshake != MBEDTLS_ERR_SSL_WANT_WRITE)) {
- mbedtls_ssl_free(context);
diff --git a/www/hiawatha/files/patch-src_wigwam.c b/www/hiawatha/files/patch-src_wigwam.c
index 47266fdadfa9..cefa70ecc49f 100644
--- a/www/hiawatha/files/patch-src_wigwam.c
+++ b/www/hiawatha/files/patch-src_wigwam.c
@@ -1,4 +1,4 @@
---- src/wigwam.c.orig 2022-08-31 17:25:16 UTC
+--- src/wigwam.c.orig 2022-06-29 09:42:42 UTC
+++ src/wigwam.c
@@ -582,7 +582,7 @@ int check_main_config(char *config_dir) {
/* Private key check
@@ -9,15 +9,12 @@
printf("Error loading private key from %s.\n", needle->value);
errors++;
goto next_crt;
-@@ -601,9 +601,11 @@ int check_main_config(char *config_dir) {
+@@ -601,7 +601,7 @@ int check_main_config(char *config_dir) {
goto next_crt;
}
-+#ifndef __FreeBSD__
- if (certificate.MBEDTLS_PRIVATE(sig_md) < MBEDTLS_MD_SHA256) {
+- if (certificate.MBEDTLS_PRIVATE(sig_md) < MBEDTLS_MD_SHA256) {
++ if (certificate.sig_md < MBEDTLS_MD_SHA256) {
printf("Warning: the certificate signature algoritm in %s should at least be SHA256.\n", needle->value);
}
-+#endif
- next_crt:
- last_file = needle->value;