diff --git a/www/hiawatha/Makefile b/www/hiawatha/Makefile index 33f138280129..563faae9a607 100644 --- a/www/hiawatha/Makefile +++ b/www/hiawatha/Makefile @@ -1,74 +1,70 @@ PORTNAME= hiawatha -PORTVERSION= 11.2 -PORTREVISION= 2 +DISTVERSION= 11.6 CATEGORIES= www -MASTER_SITES= https://www.hiawatha-webserver.org/files/ +MASTER_SITES= https://hiawatha.leisink.net/files/ MAINTAINER= johntdarrah@gmail.com COMMENT= Advanced and secure web server for Unix -WWW= https://www.hiawatha-webserver.org/ +WWW= https://hiawatha.leisink.net/ LICENSE= GPLv2 LICENSE_FILE= ${WRKSRC}/LICENSE -DEPRECATED= Depends on expired security/mbedtls2 -EXPIRATION_DATE=2025-03-31 - -LIB_DEPENDS= libmbedtls.so:security/mbedtls2 +LIB_DEPENDS= libmbedtls.so:security/mbedtls3 USES= cmake:insource compiler:c11 cpe localbase:ldflags shebangfix -CPE_VENDOR= ${PORTNAME}-webserver +CPE_VENDOR= hiawatha-webserver USE_RC_SUBR= hiawatha SHEBANG_FILES= extra/letsencrypt/lefh.in CMAKE_ARGS= -DCMAKE_INSTALL_LOCALSTATEDIR=/var \ -DWEBROOT_DIR=${WWWDIR} \ -DWORK_DIR=/var/db/${PORTNAME} CMAKE_ON= USE_SYSTEM_MBEDTLS OPTIONS_DEFINE= CACHE CGIWRAPPER LEFH LOADCHECK MONITOR RPROXY TOMAHAWK \ TOOLKIT XSLT OPTIONS_DEFAULT= CACHE CGIWRAPPER RPROXY TOOLKIT XSLT OPTIONS_SUB= yes CACHE_DESC= Caching support CGIWRAPPER_DESC= Install cgi-wrapper(1) (needs setuid bit) -LEFH_DESC= Install Let's Encrypt For Hiawatha script +LEFH_DESC= Install Let\'s Encrypt For Hiawatha script LOADCHECK_DESC= Load check support (experimental) MONITOR_DESC= Hiawatha Monitor support RPROXY_DESC= Reverse proxy support TOMAHAWK_DESC= Tomahawk command shell support TOOLKIT_DESC= URL toolkit support XSLT_DESC= XSLT support CACHE_CMAKE_BOOL= ENABLE_CACHE LEFH_USES= php:cli LOADCHECK_CMAKE_BOOL= ENABLE_LOADCHECK MONITOR_CMAKE_BOOL= ENABLE_MONITOR RPROXY_CMAKE_BOOL= ENABLE_RPROXY TOMAHAWK_CMAKE_BOOL= ENABLE_TOMAHAWK TOOLKIT_CMAKE_BOOL= ENABLE_TOOLKIT XSLT_USES= gnome XSLT_USE= GNOME=libxslt XSLT_CMAKE_BOOL= ENABLE_XSLT post-patch: @${REINPLACE_CMD} -e 's|/usr/bin/ssi-cgi|${PREFIX}/bin/ssi-cgi|g' \ -e 's|/usr/bin|${LOCALBASE}/bin|g' \ ${WRKSRC}/config/cgi-wrapper.conf \ ${WRKSRC}/config/hiawatha.conf.in @${REINPLACE_CMD} -e 's|/usr/sbin|${PREFIX}/sbin|g' \ -e 's|/etc/hiawatha|${ETCDIR}|g' \ ${WRKSRC}/man/hiawatha.1.in post-install: .for f in hiawatha.conf mimetype.conf cgi-wrapper.conf toolkit.conf error.xslt \ index.xslt ${INSTALL_DATA} ${WRKSRC}/config/${f} \ ${STAGEDIR}${PREFIX}/etc/hiawatha/${f}.sample .endfor @${MKDIR} ${STAGEDIR}${WWWDIR} ${INSTALL_DATA} ${WRKSRC}/extra/index.html \ ${STAGEDIR}${WWWDIR}/index.html.sample .include diff --git a/www/hiawatha/distinfo b/www/hiawatha/distinfo index 3352a5fbd423..bbcbe0985b32 100644 --- a/www/hiawatha/distinfo +++ b/www/hiawatha/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1661965966 -SHA256 (hiawatha-11.2.tar.gz) = 99c64f76927f93469f062ab76b74eb79a397ea4be12da86bf746b2bb57cf1bc5 -SIZE (hiawatha-11.2.tar.gz) = 1583611 +TIMESTAMP = 1724529515 +SHA256 (hiawatha-11.6.tar.gz) = b3c5eb7be007509b7e1f3d88cc03a99904d3b6e5e05d980f9d5bdaa424864dd6 +SIZE (hiawatha-11.6.tar.gz) = 1886754 diff --git a/www/hiawatha/files/patch-CMakeLists.txt b/www/hiawatha/files/patch-CMakeLists.txt index fc0ccada759f..501c27952b07 100644 --- a/www/hiawatha/files/patch-CMakeLists.txt +++ b/www/hiawatha/files/patch-CMakeLists.txt @@ -1,12 +1,11 @@ ---- CMakeLists.txt.orig 2022-06-01 21:01:35 UTC +--- CMakeLists.txt.orig 2024-03-29 19:55:54 UTC +++ CMakeLists.txt -@@ -36,7 +36,8 @@ include(cmake/CopyIfNotExists.cmake) - include(cmake/CopyIfNotExists.cmake) +@@ -2,7 +2,7 @@ project(Hiawatha VERSION 11.6 LANGUAGES C) + project(Hiawatha VERSION 11.6 LANGUAGES C) - # Settings --if(EXISTS "/proc/loadavg") -+check_function_exists(getloadavg HAVE_GETLOADAVG) -+if(HAVE_GETLOADAVG OR EXISTS "/proc/loadavg") - option(ENABLE_LOADCHECK "Enable the ability to check for server load." on) - endif() - set(CONFIG_DIR ${CMAKE_INSTALL_FULL_SYSCONFDIR}/hiawatha CACHE STRING "Configuration directory") + # Compiler +-set(CMAKE_C_FLAGS "-O2 -Wall -Wextra ${CMAKE_C_FLAGS} -gdwarf-4") ++set(CMAKE_C_FLAGS "-O2 -Wall -Wextra -gdwarf-4 ${CMAKE_C_FLAGS}") + set(CMAKE_BUILD_TYPE "RelWithDebInfo") + + # Options diff --git a/www/hiawatha/files/patch-config.h.in b/www/hiawatha/files/patch-config.h.in deleted file mode 100644 index b71043215465..000000000000 --- a/www/hiawatha/files/patch-config.h.in +++ /dev/null @@ -1,10 +0,0 @@ ---- config.h.in.orig 2022-01-23 19:44:44 UTC -+++ config.h.in -@@ -43,6 +43,7 @@ - /* Functions - */ - #cmakedefine HAVE_CRYPT_R ${HAVE_CRYPT_R} -+#cmakedefine HAVE_GETLOADAVG ${HAVE_GETLOADAVG} - #cmakedefine HAVE_SETENV ${HAVE_SETENV} - #cmakedefine HAVE_UNSETENV ${HAVE_UNSETENV} - #cmakedefine HAVE_CLEARENV ${HAVE_CLEARENV} diff --git a/www/hiawatha/files/patch-src_hiawatha.c b/www/hiawatha/files/patch-src_hiawatha.c deleted file mode 100644 index 4aa62c339cf9..000000000000 --- a/www/hiawatha/files/patch-src_hiawatha.c +++ /dev/null @@ -1,45 +0,0 @@ ---- src/hiawatha.c.orig 2021-07-22 15:18:13 UTC -+++ src/hiawatha.c -@@ -141,8 +141,12 @@ void task_runner(t_config *config) { - int delay = 0; - time_t now; - #ifdef ENABLE_LOADCHECK -+#ifdef HAVE_GETLOADAVG -+ double loadavg[1]; -+#else - FILE *load_fp = NULL; - char load_str[50], *c; -+#endif - #ifdef ENABLE_MONITOR - int load_monitor_timer = 0; - #endif -@@ -213,6 +217,21 @@ void task_runner(t_config *config) { - - #ifdef ENABLE_LOADCHECK - if (config->max_server_load > 0) { -+#ifdef HAVE_GETLOADAVG -+ if (getloadavg(loadavg, 1) >= 1) { -+ current_server_load = loadavg[0]; -+#ifdef ENABLE_MONITOR -+ if (config->monitor_enabled) { -+ if ((current_server_load > config->max_server_load) && (load_monitor_timer == 0)) { -+ monitor_event("High server load (%0.2f)", current_server_load); -+ load_monitor_timer = 60; -+ } -+ } -+#endif -+ } else { -+ current_server_load = 0; -+ } -+#else - if ((load_fp = fopen("/proc/loadavg", "r")) != NULL) { - if (fgets(load_str, 49, load_fp) != NULL) { - load_str[49] = '\0'; -@@ -238,6 +257,7 @@ void task_runner(t_config *config) { - } else { - current_server_load = 0; - } -+#endif - - #ifdef ENABLE_MONITOR - if (load_monitor_timer > 0) { diff --git a/www/hiawatha/files/patch-src_session.c b/www/hiawatha/files/patch-src_session.c deleted file mode 100644 index f095434683f9..000000000000 --- a/www/hiawatha/files/patch-src_session.c +++ /dev/null @@ -1,27 +0,0 @@ ---- src/session.c.orig 2021-04-27 07:15:50 UTC -+++ src/session.c -@@ -33,15 +33,15 @@ - static const struct { - const char *text; - } sqli_detection[] = { -- {"'\\s*(;\\s*)?--(\\s|')"}, -- {"\\s+(and|or|xor|&&|\\|\\|)\\s*\\(?\\s*('|[0-9]|`?[a-z\\._-]+`?\\s*(=|like)|[a-z]+\\s*\\()"}, -- {"\\s+(not\\s+)?in\\s*\\(\\s*['0-9]"}, -- {"union(\\s+all)?(\\s*\\(\\s*|\\s+)select(`|\\s)"}, -- {"select(\\s*`|\\s+)(\\*|[a-z0-9_\\, ]*)(`\\s*|\\s+)from(\\s*`|\\s+)[a-z0-9_\\.]*"}, -- {"insert\\s+into(\\s*`|\\s+).*(`\\s*|\\s+)(values\\s*)?\\(.*\\)"}, -- {"update(\\s*`|\\s+)[a-z0-9_\\.]*(`\\s*|\\s+)set(\\s*`|\\s+).*="}, -- {"delete\\s+from(\\s*`|\\s+)[a-z0-9_\\.]*`?"}, -- {"extractvalue\\s*\\(\\s*[0-9'\"@]"}, -+ {"'[[:space:]]*(;[[:space:]]*)?--([[:space:]]|')"}, -+ {"[[:space:]]+(and|or|xor|&&|\\|\\|)[[:space:]]*\\(?[[:space:]]*('|[0-9]|`?[a-z\\._-]+`?[[:space:]]*(=|like)|[a-z]+[[:space:]]*\\()"}, -+ {"[[:space:]]+(not[[:space:]]+)?in[[:space:]]*\\([[:space:]]*['0-9]"}, -+ {"union([[:space:]]+all)?([[:space:]]*\\([[:space:]]*|[[:space:]]+)select(`|[[:space:]])"}, -+ {"select([[:space:]]*`|[[:space:]]+)(\\*|[a-z0-9_\\, ]*)(`[[:space:]]*|[[:space:]]+)from([[:space:]]*`|[[:space:]]+)[a-z0-9_\\.]*"}, -+ {"insert[[:space:]]+into([[:space:]]*`|[[:space:]]+).*(`[[:space:]]*|[[:space:]]+)(values[[:space:]]*)?\\(.*\\)"}, -+ {"update([[:space:]]*`|[[:space:]]+)[a-z0-9_\\.]*(`[[:space:]]*|[[:space:]]+)set([[:space:]]*`|[[:space:]]+).*="}, -+ {"delete[[:space:]]+from([[:space:]]*`|[[:space:]]+)[a-z0-9_\\.]*`?"}, -+ {"extractvalue[[:space:]]*\\([[:space:]]*[0-9'\"@]"}, - {NULL} - }; - diff --git a/www/hiawatha/files/patch-src_tls.c b/www/hiawatha/files/patch-src_tls.c deleted file mode 100644 index d549f8bc366c..000000000000 --- a/www/hiawatha/files/patch-src_tls.c +++ /dev/null @@ -1,29 +0,0 @@ ---- src/tls.c.orig 2022-01-22 12:16:26 UTC -+++ src/tls.c -@@ -161,7 +161,7 @@ int init_tls_module(mbedtls_x509_crt *ca_certificates) - int init_tls_module(mbedtls_x509_crt *ca_certificates) { - char version[16]; - -- if (mbedtls_version_get_number() < 0x03000000) { -+ if (mbedtls_version_get_number() < 0x021c0000) { - mbedtls_version_get_string(version); - fprintf(stderr, "This Hiawatha installation requires at least mbed TLS v3.0.0 and you have v%s.\n", version); - return -1; -@@ -322,7 +322,7 @@ int tls_load_key_cert(char *file, mbedtls_pk_context * - } - mbedtls_pk_init(*private_key); - -- if ((result = mbedtls_pk_parse_keyfile(*private_key, file, NULL, mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE)) != 0) { -+ if ((result = mbedtls_pk_parse_keyfile(*private_key, file, NULL)) != 0) { - print_tls_error(result, "Error loading private key from %s", file); - return -1; - } -@@ -436,7 +436,7 @@ int tls_accept(int *sock, mbedtls_ssl_context *context - - result = TLS_HANDSHAKE_OKE; - while ((handshake = mbedtls_ssl_handshake(context)) != 0) { -- if (handshake == MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE) { -+ if (handshake == MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION) { - mbedtls_ssl_free(context); - result = TLS_HANDSHAKE_NO_MATCH; - break; diff --git a/www/hiawatha/files/patch-src_wigwam.c b/www/hiawatha/files/patch-src_wigwam.c deleted file mode 100644 index cefa70ecc49f..000000000000 --- a/www/hiawatha/files/patch-src_wigwam.c +++ /dev/null @@ -1,20 +0,0 @@ ---- src/wigwam.c.orig 2022-06-29 09:42:42 UTC -+++ src/wigwam.c -@@ -582,7 +582,7 @@ int check_main_config(char *config_dir) { - /* Private key check - */ - mbedtls_pk_init(&private_key); -- if (mbedtls_pk_parse_keyfile(&private_key, needle->value, NULL, mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE) != 0) { -+ if (mbedtls_pk_parse_keyfile(&private_key, needle->value, NULL) != 0) { - printf("Error loading private key from %s.\n", needle->value); - errors++; - goto next_crt; -@@ -601,7 +601,7 @@ int check_main_config(char *config_dir) { - goto next_crt; - } - -- if (certificate.MBEDTLS_PRIVATE(sig_md) < MBEDTLS_MD_SHA256) { -+ if (certificate.sig_md < MBEDTLS_MD_SHA256) { - printf("Warning: the certificate signature algoritm in %s should at least be SHA256.\n", needle->value); - } - diff --git a/www/hiawatha/files/patch-src_xslt.c b/www/hiawatha/files/patch-src_xslt.c deleted file mode 100644 index 349b8aa8e3e1..000000000000 --- a/www/hiawatha/files/patch-src_xslt.c +++ /dev/null @@ -1,12 +0,0 @@ ---- src/xslt.c.orig 2019-02-18 18:34:36 UTC -+++ src/xslt.c -@@ -277,7 +277,9 @@ void init_xslt_module() { - /* XSLT transform functions - */ - void init_xslt_module() { -+#ifndef __FreeBSD__ - xmlInitMemory(); -+#endif - xmlInitParser(); - } - diff --git a/www/hiawatha/pkg-plist b/www/hiawatha/pkg-plist index e367f60d400b..66271ea55187 100644 --- a/www/hiawatha/pkg-plist +++ b/www/hiawatha/pkg-plist @@ -1,29 +1,29 @@ bin/ssi-cgi @sample %%ETCDIR%%/cgi-wrapper.conf.sample @sample %%ETCDIR%%/error.xslt.sample @sample %%ETCDIR%%/hiawatha.conf.sample @sample %%ETCDIR%%/index.xslt.sample @sample %%ETCDIR%%/mimetype.conf.sample @sample %%ETCDIR%%/toolkit.conf.sample %%LEFH%%lib/hiawatha/letsencrypt/acmev2.php %%LEFH%%lib/hiawatha/letsencrypt/config.php %%LEFH%%lib/hiawatha/letsencrypt/hiawatha_config.php %%LEFH%%lib/hiawatha/letsencrypt/http.php %%LEFH%%lib/hiawatha/letsencrypt/https.php %%LEFH%%lib/hiawatha/letsencrypt/letsencrypt.conf %%LEFH%%lib/hiawatha/letsencrypt/letsencrypt.php %%LEFH%%lib/hiawatha/letsencrypt/logfile.php %%LEFH%%lib/hiawatha/letsencrypt/openssl.conf %%LEFH%%lib/hiawatha/letsencrypt/rsa.php %%CGIWRAPPER%%share/man/man1/cgi-wrapper.1.gz share/man/man1/hiawatha.1.gz %%LEFH%%share/man/man1/lefh.1.gz share/man/man1/ssi-cgi.1.gz share/man/man1/wigwam.1.gz %%CGIWRAPPER%%sbin/cgi-wrapper sbin/hiawatha %%LEFH%%sbin/lefh sbin/wigwam @sample %%WWWDIR%%/index.html.sample -@dir /var/log/hiawatha @dir /var/db/hiawatha +@dir /var/log/hiawatha