www/hiawatha: Make it work with Mbed TLS 2.28
Tested by: Karsten Brand <unknown@u53r.space>
This commit is contained in:
Tijl Coosemans
parent
e1eedc14e9
commit
0106429163
3 changed files with 17 additions and 15 deletions
|
|
@ -1,5 +1,6 @@
|
|||
PORTNAME= hiawatha
|
||||
PORTVERSION= 11.2
|
||||
PORTREVISION= 1
|
||||
CATEGORIES= www
|
||||
MASTER_SITES= https://www.hiawatha-webserver.org/files/
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,14 @@
|
|||
--- src/tls.c.orig 2022-01-22 12:16:26 UTC
|
||||
+++ src/tls.c
|
||||
@@ -161,7 +161,7 @@ int init_tls_module(mbedtls_x509_crt *ca_certificates)
|
||||
int init_tls_module(mbedtls_x509_crt *ca_certificates) {
|
||||
char version[16];
|
||||
|
||||
- if (mbedtls_version_get_number() < 0x03000000) {
|
||||
+ if (mbedtls_version_get_number() < 0x021c0000) {
|
||||
mbedtls_version_get_string(version);
|
||||
fprintf(stderr, "This Hiawatha installation requires at least mbed TLS v3.0.0 and you have v%s.\n", version);
|
||||
return -1;
|
||||
@@ -322,7 +322,7 @@ int tls_load_key_cert(char *file, mbedtls_pk_context *
|
||||
}
|
||||
mbedtls_pk_init(*private_key);
|
||||
|
|
@ -9,17 +18,12 @@
|
|||
print_tls_error(result, "Error loading private key from %s", file);
|
||||
return -1;
|
||||
}
|
||||
@@ -436,11 +436,13 @@ int tls_accept(int *sock, mbedtls_ssl_context *context
|
||||
@@ -436,7 +436,7 @@ int tls_accept(int *sock, mbedtls_ssl_context *context
|
||||
|
||||
result = TLS_HANDSHAKE_OKE;
|
||||
while ((handshake = mbedtls_ssl_handshake(context)) != 0) {
|
||||
+#ifndef __FreeBSD__
|
||||
if (handshake == MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE) {
|
||||
- if (handshake == MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE) {
|
||||
+ if (handshake == MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION) {
|
||||
mbedtls_ssl_free(context);
|
||||
result = TLS_HANDSHAKE_NO_MATCH;
|
||||
break;
|
||||
}
|
||||
+#endif
|
||||
|
||||
if ((handshake != MBEDTLS_ERR_SSL_WANT_READ) && (handshake != MBEDTLS_ERR_SSL_WANT_WRITE)) {
|
||||
mbedtls_ssl_free(context);
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
--- src/wigwam.c.orig 2022-08-31 17:25:16 UTC
|
||||
--- src/wigwam.c.orig 2022-06-29 09:42:42 UTC
|
||||
+++ src/wigwam.c
|
||||
@@ -582,7 +582,7 @@ int check_main_config(char *config_dir) {
|
||||
/* Private key check
|
||||
|
|
@ -9,15 +9,12 @@
|
|||
printf("Error loading private key from %s.\n", needle->value);
|
||||
errors++;
|
||||
goto next_crt;
|
||||
@@ -601,9 +601,11 @@ int check_main_config(char *config_dir) {
|
||||
@@ -601,7 +601,7 @@ int check_main_config(char *config_dir) {
|
||||
goto next_crt;
|
||||
}
|
||||
|
||||
+#ifndef __FreeBSD__
|
||||
if (certificate.MBEDTLS_PRIVATE(sig_md) < MBEDTLS_MD_SHA256) {
|
||||
- if (certificate.MBEDTLS_PRIVATE(sig_md) < MBEDTLS_MD_SHA256) {
|
||||
+ if (certificate.sig_md < MBEDTLS_MD_SHA256) {
|
||||
printf("Warning: the certificate signature algoritm in %s should at least be SHA256.\n", needle->value);
|
||||
}
|
||||
+#endif
|
||||
|
||||
next_crt:
|
||||
last_file = needle->value;
|
||||
|
|
|
|||
Loading…
Reference in a new issue