Weblog

Patch to use mbed TLS 2.3.0

18 July 2016, 17:46

Apply the following patch to Hiawatha v10.3 to make it compile with mbed TLS v2.3.0.

--- src/rproxy.h	2015-07-13 15:21:34.000000000 +0200
+++ src/rproxy.h	2016-07-18 17:29:46.813754000 +0200
@@ -19,6 +19,7 @@
 #include 
 #include 
 #ifdef ENABLE_TLS
+#include "mbedtls/platform.h"
 #include "mbedtls/ssl.h"
 #endif
 #include "ip.h"
--- src/tls.h	2016-02-14 14:45:44.000000000 +0100
+++ src/tls.h	2016-07-18 17:29:35.797754000 +0200
@@ -18,6 +18,7 @@
 
 #include 
 #include "liblist.h"
+#include "mbedtls/platform.h"
 #include "mbedtls/ssl.h"
 #include "mbedtls/x509.h"
 #include "mbedtls/version.h"
--- src/wigwam.c	2016-04-30 12:41:04.000000000 +0200
+++ src/wigwam.c	2016-07-18 17:30:12.677754000 +0200
@@ -33,6 +33,7 @@
 #include "filehashes.h"
 #include "mbedtls/md5.h"
 #ifdef ENABLE_TLS
+#include "mbedtls/platform.h"
 #include "mbedtls/ssl.h"
 #include "mbedtls/x509.h"
 #endif

Place this patch in a file called hiawatha-10.3.patch and use the following command from within the Hiawatha source directory to apply the patch:

patch -p0 < hiawatha-10.3.patch

After applying the patch, recompile Hiawatha.

samiux

19 July 2016, 10:20

To make the patch works, you need to do the following steps :

cd hiawatha-10.3/mbedtls
./upgrade

After that, apply the patch and then re-compile.

hiawatha -v

Hiawatha v10.3, cache, IPv6, Monitor, reverse proxy, TLS v2.3.0, Tomahawk, URL toolkit, XSLT
Copyright (c) by Hugo Leisink <hugo@leisink.net>

Heiko

19 July 2016, 13:25

Works fine. Thank you.

Chris Wadge

22 July 2016, 05:32

If anybody wants to try out the new mbedTLS, there's a patched version of the Debian packages up here: http://files.tuxhelp.org/hiawatha/BETA/

Peter

11 September 2016, 21:07

I've been using Chris Wadge's beta package on multiple servers since July 24th, and it works perfectly.