www/hiawatha: update 11.2 => 11.6

* Delete patches merged upstream * Small linting * Switch to mbedTLS 3.6 as in upstream * Update MASTER_SITES and WWW Poudriere testport: OK for [amd64 i386] * [142 141 134] PR: 281028
2025-05-03 20:16:39 -04:00 · 2025-01-11 07:11:09 +04:00 · 2025-01-11 07:11:09 +04:00 · 9968354a40
commit 9968354a40
parent 87bc5c42a8
10 changed files with 19 additions and 167 deletions
--- a/www/hiawatha/Makefile
+++ b/www/hiawatha/Makefile
@ -1,23 +1,19 @@
 PORTNAME=	hiawatha
-PORTVERSION=	11.2
-PORTREVISION=	2
+DISTVERSION=	11.6
 CATEGORIES=	www
-MASTER_SITES=	https://www.hiawatha-webserver.org/files/
+MASTER_SITES=	https://hiawatha.leisink.net/files/

 MAINTAINER=	johntdarrah@gmail.com
 COMMENT=	Advanced and secure web server for Unix
-WWW=		https://www.hiawatha-webserver.org/
+WWW=		https://hiawatha.leisink.net/

 LICENSE=	GPLv2
 LICENSE_FILE=	${WRKSRC}/LICENSE

-DEPRECATED=	Depends on expired security/mbedtls2
-EXPIRATION_DATE=2025-03-31
-
-LIB_DEPENDS=	libmbedtls.so:security/mbedtls2
+LIB_DEPENDS=	libmbedtls.so:security/mbedtls3

 USES=		cmake:insource compiler:c11 cpe localbase:ldflags shebangfix
-CPE_VENDOR=	${PORTNAME}-webserver
+CPE_VENDOR=	hiawatha-webserver
 USE_RC_SUBR=	hiawatha
 SHEBANG_FILES=	extra/letsencrypt/lefh.in

@ -33,7 +29,7 @@ OPTIONS_SUB=		yes

 CACHE_DESC=		Caching support
 CGIWRAPPER_DESC=	Install cgi-wrapper(1) (needs setuid bit)
-LEFH_DESC=		Install Let's Encrypt For Hiawatha script
+LEFH_DESC=		Install Let\'s Encrypt For Hiawatha script
 LOADCHECK_DESC=		Load check support (experimental)
 MONITOR_DESC=		Hiawatha Monitor support
 RPROXY_DESC=		Reverse proxy support
--- a/www/hiawatha/distinfo
+++ b/www/hiawatha/distinfo
@ -1,3 +1,3 @@
-TIMESTAMP = 1661965966
-SHA256 (hiawatha-11.2.tar.gz) = 99c64f76927f93469f062ab76b74eb79a397ea4be12da86bf746b2bb57cf1bc5
-SIZE (hiawatha-11.2.tar.gz) = 1583611
+TIMESTAMP = 1724529515
+SHA256 (hiawatha-11.6.tar.gz) = b3c5eb7be007509b7e1f3d88cc03a99904d3b6e5e05d980f9d5bdaa424864dd6
+SIZE (hiawatha-11.6.tar.gz) = 1886754
--- a/www/hiawatha/files/patch-CMakeLists.txt
+++ b/www/hiawatha/files/patch-CMakeLists.txt
@ -1,12 +1,11 @@
--- CMakeLists.txt.orig	2022-06-01 21:01:35 UTC
+--- CMakeLists.txt.orig	2024-03-29 19:55:54 UTC
 +++ CMakeLists.txt
-@@ -36,7 +36,8 @@ include(cmake/CopyIfNotExists.cmake)
- include(cmake/CopyIfNotExists.cmake)
+@@ -2,7 +2,7 @@ project(Hiawatha VERSION 11.6 LANGUAGES C)
+ project(Hiawatha VERSION 11.6 LANGUAGES C)
 
- # Settings
-if(EXISTS "/proc/loadavg")
-+check_function_exists(getloadavg HAVE_GETLOADAVG)
-+if(HAVE_GETLOADAVG OR EXISTS "/proc/loadavg")
- 	option(ENABLE_LOADCHECK "Enable the ability to check for server load." on)
- endif()
- set(CONFIG_DIR ${CMAKE_INSTALL_FULL_SYSCONFDIR}/hiawatha CACHE STRING "Configuration directory")
+ # Compiler
+-set(CMAKE_C_FLAGS "-O2 -Wall -Wextra ${CMAKE_C_FLAGS} -gdwarf-4")
+set(CMAKE_C_FLAGS "-O2 -Wall -Wextra -gdwarf-4 ${CMAKE_C_FLAGS}")
+ set(CMAKE_BUILD_TYPE "RelWithDebInfo")
+ 
+ # Options
--- a/www/hiawatha/files/patch-config.h.in
+++ b/www/hiawatha/files/patch-config.h.in
@ -1,10 +0,0 @@
--- config.h.in.orig	2022-01-23 19:44:44 UTC
-+++ config.h.in
-@@ -43,6 +43,7 @@
- /* Functions
-  */
- #cmakedefine HAVE_CRYPT_R ${HAVE_CRYPT_R}
-+#cmakedefine HAVE_GETLOADAVG ${HAVE_GETLOADAVG}
- #cmakedefine HAVE_SETENV ${HAVE_SETENV}
- #cmakedefine HAVE_UNSETENV ${HAVE_UNSETENV}
- #cmakedefine HAVE_CLEARENV ${HAVE_CLEARENV}
--- a/www/hiawatha/files/patch-src_hiawatha.c
+++ b/www/hiawatha/files/patch-src_hiawatha.c
@ -1,45 +0,0 @@
--- src/hiawatha.c.orig	2021-07-22 15:18:13 UTC
-+++ src/hiawatha.c
-@@ -141,8 +141,12 @@ void task_runner(t_config *config) {
- 	int delay = 0;
- 	time_t now;
- #ifdef ENABLE_LOADCHECK
-+#ifdef HAVE_GETLOADAVG
-+	double loadavg[1];
-+#else
- 	FILE *load_fp = NULL;
- 	char load_str[50], *c;
-+#endif
- #ifdef ENABLE_MONITOR
- 	int  load_monitor_timer = 0;
- #endif
-@@ -213,6 +217,21 @@ void task_runner(t_config *config) {
- 
- #ifdef ENABLE_LOADCHECK
- 		if (config->max_server_load > 0) {
-+#ifdef HAVE_GETLOADAVG
-+			if (getloadavg(loadavg, 1) >= 1) {
-+				current_server_load = loadavg[0];
-+#ifdef ENABLE_MONITOR
-+				if (config->monitor_enabled) {
-+					if ((current_server_load > config->max_server_load) && (load_monitor_timer == 0)) {
-+						monitor_event("High server load (%0.2f)", current_server_load);
-+						load_monitor_timer = 60;
-+					}
-+				}
-+#endif
-+			} else {
-+				current_server_load = 0;
-+			}
-+#else
- 			if ((load_fp = fopen("/proc/loadavg", "r")) != NULL) {
- 				if (fgets(load_str, 49, load_fp) != NULL) {
- 					load_str[49] = '\0';
-@@ -238,6 +257,7 @@ void task_runner(t_config *config) {
- 			} else {
- 				current_server_load = 0;
- 			}
-+#endif
- 
- #ifdef ENABLE_MONITOR
- 			if (load_monitor_timer > 0) {
--- a/www/hiawatha/files/patch-src_session.c
+++ b/www/hiawatha/files/patch-src_session.c
@ -1,27 +0,0 @@
--- src/session.c.orig	2021-04-27 07:15:50 UTC
-+++ src/session.c
-@@ -33,15 +33,15 @@
- static const struct {
- 	const char *text;
- } sqli_detection[] = {
-	{"'\\s*(;\\s*)?--(\\s|')"},
-	{"\\s+(and|or|xor|&&|\\|\\|)\\s*\\(?\\s*('|[0-9]|`?[a-z\\._-]+`?\\s*(=|like)|[a-z]+\\s*\\()"},
-	{"\\s+(not\\s+)?in\\s*\\(\\s*['0-9]"},
-	{"union(\\s+all)?(\\s*\\(\\s*|\\s+)select(`|\\s)"},
-	{"select(\\s*`|\\s+)(\\*|[a-z0-9_\\, ]*)(`\\s*|\\s+)from(\\s*`|\\s+)[a-z0-9_\\.]*"},
-	{"insert\\s+into(\\s*`|\\s+).*(`\\s*|\\s+)(values\\s*)?\\(.*\\)"},
-	{"update(\\s*`|\\s+)[a-z0-9_\\.]*(`\\s*|\\s+)set(\\s*`|\\s+).*="},
-	{"delete\\s+from(\\s*`|\\s+)[a-z0-9_\\.]*`?"},
-	{"extractvalue\\s*\\(\\s*[0-9'\"@]"},
-+	{"'[[:space:]]*(;[[:space:]]*)?--([[:space:]]|')"},
-+	{"[[:space:]]+(and|or|xor|&&|\\|\\|)[[:space:]]*\\(?[[:space:]]*('|[0-9]|`?[a-z\\._-]+`?[[:space:]]*(=|like)|[a-z]+[[:space:]]*\\()"},
-+	{"[[:space:]]+(not[[:space:]]+)?in[[:space:]]*\\([[:space:]]*['0-9]"},
-+	{"union([[:space:]]+all)?([[:space:]]*\\([[:space:]]*|[[:space:]]+)select(`|[[:space:]])"},
-+	{"select([[:space:]]*`|[[:space:]]+)(\\*|[a-z0-9_\\, ]*)(`[[:space:]]*|[[:space:]]+)from([[:space:]]*`|[[:space:]]+)[a-z0-9_\\.]*"},
-+	{"insert[[:space:]]+into([[:space:]]*`|[[:space:]]+).*(`[[:space:]]*|[[:space:]]+)(values[[:space:]]*)?\\(.*\\)"},
-+	{"update([[:space:]]*`|[[:space:]]+)[a-z0-9_\\.]*(`[[:space:]]*|[[:space:]]+)set([[:space:]]*`|[[:space:]]+).*="},
-+	{"delete[[:space:]]+from([[:space:]]*`|[[:space:]]+)[a-z0-9_\\.]*`?"},
-+	{"extractvalue[[:space:]]*\\([[:space:]]*[0-9'\"@]"},
- 	{NULL}
- };
- 
--- a/www/hiawatha/files/patch-src_tls.c
+++ b/www/hiawatha/files/patch-src_tls.c
@ -1,29 +0,0 @@
--- src/tls.c.orig	2022-01-22 12:16:26 UTC
-+++ src/tls.c
-@@ -161,7 +161,7 @@ int init_tls_module(mbedtls_x509_crt *ca_certificates)
- int init_tls_module(mbedtls_x509_crt *ca_certificates) {
- 	char version[16];
- 
-	if (mbedtls_version_get_number() < 0x03000000) {
-+	if (mbedtls_version_get_number() < 0x021c0000) {
- 		mbedtls_version_get_string(version);
- 		fprintf(stderr, "This Hiawatha installation requires at least mbed TLS v3.0.0 and you have v%s.\n", version);
- 		return -1;
-@@ -322,7 +322,7 @@ int tls_load_key_cert(char *file, mbedtls_pk_context *
- 	}
- 	mbedtls_pk_init(*private_key);
- 
-	if ((result = mbedtls_pk_parse_keyfile(*private_key, file, NULL, mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE)) != 0) {
-+	if ((result = mbedtls_pk_parse_keyfile(*private_key, file, NULL)) != 0) {
- 		print_tls_error(result, "Error loading private key from %s", file);
- 		return -1;
- 	}
-@@ -436,7 +436,7 @@ int tls_accept(int *sock, mbedtls_ssl_context *context
- 
- 	result = TLS_HANDSHAKE_OKE;
- 	while ((handshake = mbedtls_ssl_handshake(context)) != 0) {
-		if (handshake == MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE) {
-+		if (handshake == MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION) {
- 			mbedtls_ssl_free(context);
- 			result = TLS_HANDSHAKE_NO_MATCH;
- 			break;
--- a/www/hiawatha/files/patch-src_wigwam.c
+++ b/www/hiawatha/files/patch-src_wigwam.c
@ -1,20 +0,0 @@
--- src/wigwam.c.orig	2022-06-29 09:42:42 UTC
-+++ src/wigwam.c
-@@ -582,7 +582,7 @@ int check_main_config(char *config_dir) {
- 		/* Private key check
- 		 */
- 		mbedtls_pk_init(&private_key);
-		if (mbedtls_pk_parse_keyfile(&private_key, needle->value, NULL, mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE) != 0) {
-+		if (mbedtls_pk_parse_keyfile(&private_key, needle->value, NULL) != 0) {
- 			printf("Error loading private key from %s.\n", needle->value);
- 			errors++;
- 			goto next_crt;
-@@ -601,7 +601,7 @@ int check_main_config(char *config_dir) {
- 			goto next_crt;
- 		}
- 
-		if (certificate.MBEDTLS_PRIVATE(sig_md) < MBEDTLS_MD_SHA256) {
-+		if (certificate.sig_md < MBEDTLS_MD_SHA256) {
- 			printf("Warning: the certificate signature algoritm in %s should at least be SHA256.\n", needle->value);
- 		}
- 
--- a/www/hiawatha/files/patch-src_xslt.c
+++ b/www/hiawatha/files/patch-src_xslt.c
@ -1,12 +0,0 @@
--- src/xslt.c.orig	2019-02-18 18:34:36 UTC
-+++ src/xslt.c
-@@ -277,7 +277,9 @@ void init_xslt_module() {
- /* XSLT transform functions
-  */
- void init_xslt_module() {
-+#ifndef __FreeBSD__
- 	xmlInitMemory();
-+#endif
- 	xmlInitParser();
- }
- 
--- a/www/hiawatha/pkg-plist
+++ b/www/hiawatha/pkg-plist
@ -25,5 +25,5 @@ sbin/hiawatha
 %%LEFH%%sbin/lefh
 sbin/wigwam
@sample %%WWWDIR%%/index.html.sample
-@dir /var/log/hiawatha
@dir /var/db/hiawatha
+@dir /var/log/hiawatha