Date: Tue, 20 Sep 2022 20:31:16 GMT From: Tijl Coosemans <tijl@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 01064291636e - main - www/hiawatha: Make it work with Mbed TLS 2.28 Message-ID: <202209202031.28KKVG97093998@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by tijl: URL: https://cgit.FreeBSD.org/ports/commit/?id=01064291636ecbb8aa043e075e8bcf9e1d0918e9 commit 01064291636ecbb8aa043e075e8bcf9e1d0918e9 Author: Tijl Coosemans <tijl@FreeBSD.org> AuthorDate: 2022-09-19 10:35:22 +0000 Commit: Tijl Coosemans <tijl@FreeBSD.org> CommitDate: 2022-09-20 20:29:15 +0000 www/hiawatha: Make it work with Mbed TLS 2.28 Tested by: Karsten Brand <unknown@u53r.space> --- www/hiawatha/Makefile | 1 + www/hiawatha/files/patch-src_tls.c | 20 ++++++++++++-------- www/hiawatha/files/patch-src_wigwam.c | 11 ++++------- 3 files changed, 17 insertions(+), 15 deletions(-) diff --git a/www/hiawatha/Makefile b/www/hiawatha/Makefile index 4e2ec5398407..334e8a9cb649 100644 --- a/www/hiawatha/Makefile +++ b/www/hiawatha/Makefile @@ -1,5 +1,6 @@ PORTNAME= hiawatha PORTVERSION= 11.2 +PORTREVISION= 1 CATEGORIES= www MASTER_SITES= https://www.hiawatha-webserver.org/files/ diff --git a/www/hiawatha/files/patch-src_tls.c b/www/hiawatha/files/patch-src_tls.c index e7723e37d069..d549f8bc366c 100644 --- a/www/hiawatha/files/patch-src_tls.c +++ b/www/hiawatha/files/patch-src_tls.c @@ -1,5 +1,14 @@ --- src/tls.c.orig 2022-01-22 12:16:26 UTC +++ src/tls.c +@@ -161,7 +161,7 @@ int init_tls_module(mbedtls_x509_crt *ca_certificates) + int init_tls_module(mbedtls_x509_crt *ca_certificates) { + char version[16]; + +- if (mbedtls_version_get_number() < 0x03000000) { ++ if (mbedtls_version_get_number() < 0x021c0000) { + mbedtls_version_get_string(version); + fprintf(stderr, "This Hiawatha installation requires at least mbed TLS v3.0.0 and you have v%s.\n", version); + return -1; @@ -322,7 +322,7 @@ int tls_load_key_cert(char *file, mbedtls_pk_context * } mbedtls_pk_init(*private_key); @@ -9,17 +18,12 @@ print_tls_error(result, "Error loading private key from %s", file); return -1; } -@@ -436,11 +436,13 @@ int tls_accept(int *sock, mbedtls_ssl_context *context +@@ -436,7 +436,7 @@ int tls_accept(int *sock, mbedtls_ssl_context *context result = TLS_HANDSHAKE_OKE; while ((handshake = mbedtls_ssl_handshake(context)) != 0) { -+#ifndef __FreeBSD__ - if (handshake == MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE) { +- if (handshake == MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE) { ++ if (handshake == MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION) { mbedtls_ssl_free(context); result = TLS_HANDSHAKE_NO_MATCH; break; - } -+#endif - - if ((handshake != MBEDTLS_ERR_SSL_WANT_READ) && (handshake != MBEDTLS_ERR_SSL_WANT_WRITE)) { - mbedtls_ssl_free(context); diff --git a/www/hiawatha/files/patch-src_wigwam.c b/www/hiawatha/files/patch-src_wigwam.c index 47266fdadfa9..cefa70ecc49f 100644 --- a/www/hiawatha/files/patch-src_wigwam.c +++ b/www/hiawatha/files/patch-src_wigwam.c @@ -1,4 +1,4 @@ ---- src/wigwam.c.orig 2022-08-31 17:25:16 UTC +--- src/wigwam.c.orig 2022-06-29 09:42:42 UTC +++ src/wigwam.c @@ -582,7 +582,7 @@ int check_main_config(char *config_dir) { /* Private key check @@ -9,15 +9,12 @@ printf("Error loading private key from %s.\n", needle->value); errors++; goto next_crt; -@@ -601,9 +601,11 @@ int check_main_config(char *config_dir) { +@@ -601,7 +601,7 @@ int check_main_config(char *config_dir) { goto next_crt; } -+#ifndef __FreeBSD__ - if (certificate.MBEDTLS_PRIVATE(sig_md) < MBEDTLS_MD_SHA256) { +- if (certificate.MBEDTLS_PRIVATE(sig_md) < MBEDTLS_MD_SHA256) { ++ if (certificate.sig_md < MBEDTLS_MD_SHA256) { printf("Warning: the certificate signature algoritm in %s should at least be SHA256.\n", needle->value); } -+#endif - next_crt: - last_file = needle->value;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202209202031.28KKVG97093998>