On 2022/10/25 16:20, Chris wrote: > Hello, > > Can www/hiawatha be changed to include the embedded mbedtls 3.x which is in > par with the current version ? > > Chris >
That should be possible, try this (diff is against -current). It builds, I have not tested runtime. Note that there is a license conflict between Hiawatha's "GPLv2 only" and mbedTLS' Apache v2, so binaries can't be distributed. (If Hiawatha could change to "GPLv2 or newer" then it would be OK). There is some more information about this in the discussion on https://github.com/OpenVPN/openvpn/commit/110eee0288cff0720952a2cf16c4fb191d0bd616 Index: Makefile =================================================================== RCS file: /cvs/ports/www/hiawatha/Makefile,v retrieving revision 1.66 diff -u -p -r1.66 Makefile --- Makefile 25 Oct 2022 20:36:04 -0000 1.66 +++ Makefile 26 Oct 2022 11:00:08 -0000 @@ -1,6 +1,5 @@ COMMENT = secure webserver -DISTNAME = hiawatha-10.11 -REVISION = 0 +DISTNAME = hiawatha-11.2 CATEGORIES = www net HOMEPAGE = https://www.hiawatha-webserver.org/ @@ -10,12 +9,11 @@ PERMIT_PACKAGE = mbedtls Apache 2 licens MASTER_SITES = ${HOMEPAGE}files/ -MODULES = devel/cmake +WANTLIB += c pthread xml2 xslt z -WANTLIB += c mbedcrypto mbedtls mbedx509 pthread xml2 xslt z +MODULES = devel/cmake -LIB_DEPENDS = security/polarssl>=2.8.0 \ - textproc/libxslt +LIB_DEPENDS = textproc/libxslt CONFIGURE_ARGS = -DWEBROOT_DIR="/var/hiawatha" \ -DWORK_DIR="/var/db/hiawatha" \ @@ -24,7 +22,8 @@ CONFIGURE_ARGS = -DWEBROOT_DIR="/var/hia -DCMAKE_INSTALL_MANDIR="${PREFIX}/man" \ -DENABLE_XSLT=ON \ -DPID_DIR="/var/run" \ - -DUSE_SYSTEM_MBEDTLS=ON + -DUSE_SHARED_MBEDTLS_LIBRARY=OFF \ + -DUSE_STATIC_MBEDTLS_LIBRARY=ON CONFIGURE_ENV = CPPFLAGS="-I${LOCALBASE}/include" \ LDFLAGS="-L${WRKBUILD}/mbedtls/library -L${LOCALBASE}/lib" @@ -39,6 +38,8 @@ pre-configure: post-install: mv ${WRKINST}${SYSCONFDIR}/hiawatha ${PREFIX}/share/examples/hiawatha mv ${WRKINST}/var/hiawatha/index.html ${PREFIX}/share/examples/hiawatha/ - rm -r ${WRKINST}/var + rm -r ${WRKINST}/var \ + ${PREFIX}/lib/hiawatha \ + ${PREFIX}/include/{psa,mbedtls} .include <bsd.port.mk> Index: distinfo =================================================================== RCS file: /cvs/ports/www/hiawatha/distinfo,v retrieving revision 1.49 diff -u -p -r1.49 distinfo --- distinfo 31 Jul 2020 07:20:45 -0000 1.49 +++ distinfo 26 Oct 2022 11:00:08 -0000 @@ -1,2 +1,2 @@ -SHA256 (hiawatha-10.11.tar.gz) = edhdFl1o3XBDu9M39bx90Q2GMtaLph0OVX+EvWh8lyc= -SIZE (hiawatha-10.11.tar.gz) = 1393303 +SHA256 (hiawatha-11.2.tar.gz) = mcZPdpJ/k0afBiq3a3TreaOX6kvhLahr90ayu1fPG8U= +SIZE (hiawatha-11.2.tar.gz) = 1583611 Index: patches/patch-CMakeLists_txt =================================================================== RCS file: /cvs/ports/www/hiawatha/patches/patch-CMakeLists_txt,v retrieving revision 1.2 diff -u -p -r1.2 patch-CMakeLists_txt --- patches/patch-CMakeLists_txt 11 Mar 2022 20:09:55 -0000 1.2 +++ patches/patch-CMakeLists_txt 26 Oct 2022 11:00:08 -0000 @@ -4,7 +4,7 @@ in base, and several alternatives in por Index: CMakeLists.txt --- CMakeLists.txt.orig +++ CMakeLists.txt -@@ -192,15 +192,15 @@ endforeach() +@@ -170,15 +170,15 @@ endforeach() install(FILES extra/index.html DESTINATION ${WEBROOT_DIR}) Index: patches/patch-man_hiawatha_1_in =================================================================== RCS file: /cvs/ports/www/hiawatha/patches/patch-man_hiawatha_1_in,v retrieving revision 1.12 diff -u -p -r1.12 patch-man_hiawatha_1_in --- patches/patch-man_hiawatha_1_in 11 Mar 2022 20:09:55 -0000 1.12 +++ patches/patch-man_hiawatha_1_in 26 Oct 2022 11:00:08 -0000 @@ -25,7 +25,7 @@ Index: man/hiawatha.1.in .TP .B KickOnBan = yes|no Close all other connections that originate from the same IP in case of a ban. -@@ -308,7 +308,7 @@ Example: RequestLimitMask = deny 192.168.0.1 +@@ -300,7 +300,7 @@ Example: RequestLimitMask = deny 192.168.0.1 .B ServerId = <userid>|<userid>:<groupid>[, <groupid>, ...] The userid and groupid(s) the server will change to. If only a userid is specified, the groupid(s) will be looked up in /etc/passwd and /etc/group. The userid en groupid of user root are not allowed here. The userid or groupid can also be a name. .br @@ -34,7 +34,7 @@ Index: man/hiawatha.1.in .TP .B ServerString = <text> The text behind 'Server:' in the HTTP header of a response. Use 'none' to completely remove the Server string from the HTTP header. -@@ -675,7 +675,7 @@ Example: ScriptAlias = /script.cgi:/usr/lib/script.cgi +@@ -661,7 +661,7 @@ Example: ScriptAlias = /script.cgi:/usr/lib/script.cgi .B ShowIndex = yes|no|<XSLT file with full path>|xml Return a directory listing in HTML format for a directory request when the startfile does not exist. If you want to change the index layout completely, specify the path of a XSLT file. If the XSLT file is not found or 'xml' is used, Hiawatha will output the XML of the directory index. An example of the XML output can be found in extra/index.xml inside the source package. .br @@ -43,7 +43,7 @@ Index: man/hiawatha.1.in .br (requires that Hiawatha was not compiled with -DENABLE_XSLT=off) -@@ -1066,7 +1066,7 @@ and +@@ -1052,7 +1052,7 @@ and (only valid in the root directory of a website) .SH MIMETYPES @@ -52,7 +52,7 @@ Index: man/hiawatha.1.in .TP .B <mimetype> <extension> [<extension> ...] Example: image/jpeg jpg jpeg jpe -@@ -1086,13 +1086,13 @@ Unban all IP addresses. +@@ -1072,13 +1072,13 @@ Unban all IP addresses. Clear the internal cache (requires that Hiawatha was not compiled with -DENABLE_CACHE=off). .SH FILES Index: patches/patch-src_serverconfig_c =================================================================== RCS file: /cvs/ports/www/hiawatha/patches/patch-src_serverconfig_c,v retrieving revision 1.14 diff -u -p -r1.14 patch-src_serverconfig_c --- patches/patch-src_serverconfig_c 11 Mar 2022 20:09:55 -0000 1.14 +++ patches/patch-src_serverconfig_c 26 Oct 2022 11:00:08 -0000 @@ -10,7 +10,7 @@ Index: src/serverconfig.c #define MAX_LENGTH_CONFIGLINE 1024 #define MAX_CACHE_SIZE 1024 #define MAX_UPLOAD_SIZE 2047 -@@ -298,8 +298,8 @@ t_config *default_config(void) { +@@ -291,8 +291,8 @@ t_config *default_config(void) { config->tomahawk_port = NULL; #endif
