From owner-freebsd-ports-bugs@FreeBSD.ORG Tue Aug 10 20:20:02 2010 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 85F95106566C for ; Tue, 10 Aug 2010 20:20:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 498518FC18 for ; Tue, 10 Aug 2010 20:20:02 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id o7AKK2DJ044505 for ; Tue, 10 Aug 2010 20:20:02 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id o7AKK2Xe044504; Tue, 10 Aug 2010 20:20:02 GMT (envelope-from gnats) Resent-Date: Tue, 10 Aug 2010 20:20:02 GMT Resent-Message-Id: <201008102020.o7AKK2Xe044504@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Grzegorz Blach Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C6C51106566B for ; Tue, 10 Aug 2010 20:11:54 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21]) by mx1.freebsd.org (Postfix) with ESMTP id B683D8FC18 for ; Tue, 10 Aug 2010 20:11:54 +0000 (UTC) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.14.3/8.14.3) with ESMTP id o7AKBscj033441 for ; Tue, 10 Aug 2010 20:11:54 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.14.3/8.14.3/Submit) id o7AKBsv7033440; Tue, 10 Aug 2010 20:11:54 GMT (envelope-from nobody) Message-Id: <201008102011.o7AKBsv7033440@www.freebsd.org> Date: Tue, 10 Aug 2010 20:11:54 GMT From: Grzegorz Blach To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: ports/149509: Fix for TLS SNI in www/lighttpd X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Aug 2010 20:20:02 -0000 >Number: 149509 >Category: ports >Synopsis: Fix for TLS SNI in www/lighttpd >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Tue Aug 10 20:20:01 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Grzegorz Blach >Release: 8.1-RELEASE amd64 >Organization: >Environment: FreeBSD silver.nine 8.1-RELEASE FreeBSD 8.1-RELEASE #13 r210273: Tue Jul 20 04:46:24 CEST 2010 root@silver.nine:/usr/obj/usr/src/sys/SILVER amd64 >Description: Ligttpd use TLS SNI if is linked against openssl 0.9.8f or higher. In base FreeBSD 8.1 openssl is in v. 0.9.8n, but unfortunately without TLS SNI. There two possible solutions: 1) link lighttpd with openssl from port (v.1.0.0a) 2) enable TLS SNI with openssl from base I prepared patch for first solution (in attachment). >How-To-Repeat: Build lighttpd on 8.1, and try to use name based https configuration More info at: http://redmine.lighttpd.net/issues/2207 >Fix: Apply my patch for lighttpd and rebuild Patch attached with submission follows: diff -x .svn -ruN /var/cache/portshaker/ports/www/lighttpd/Makefile www/lighttpd/Makefile --- /var/cache/portshaker/ports/www/lighttpd/Makefile 2010-08-03 21:09:14.000000000 +0200 +++ www/lighttpd/Makefile 2010-08-10 22:02:39.589228221 +0200 @@ -81,6 +81,7 @@ .if !defined(WITHOUT_OPENSSL) .include "${PORTSDIR}/Mk/bsd.openssl.mk" +WITH_OPENSSL_PORT= yes CONFIGURE_ARGS+= --with-openssl \ --with-openssl-includes=${OPENSSLINC} \ --with-openssl-libs=${OPENSSLLIB} >Release-Note: >Audit-Trail: >Unformatted: