| Message ID | ZrhLQMty5kRy7Oo4@waldemar-brodkorb.de |
|---|---|
| State | Changes Requested |
| Headers | show |
| Series | [next] package/hiawatha: update to 11.6 | expand |
Hello Waldemar, On Sun, 11 Aug 2024 07:25:20 +0200 Waldemar Brodkorb <wbx@openadk.org> wrote: > See here for a changelog: > https://hiawatha.leisink.net/changelog > > Update Config.in to use the new homepage. > Update download site to use the new homepage. > > Signed-off-by: Waldemar Brodkorb <wbx@openadk.org> > --- > package/hiawatha/Config.in | 2 +- > package/hiawatha/hiawatha.hash | 2 +- > package/hiawatha/hiawatha.mk | 4 ++-- > 3 files changed, 4 insertions(+), 4 deletions(-) You're going to hate me, but this bump also doesn't build. Try to build: BR2_arm=y BR2_cortex_a9=y BR2_ARM_ENABLE_VFP=y BR2_TOOLCHAIN_EXTERNAL=y BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_ARMV7_EABIHF_MUSL_STABLE=y BR2_INIT_NONE=y BR2_SYSTEM_BIN_SH_NONE=y # BR2_PACKAGE_BUSYBOX is not set BR2_PACKAGE_HIAWATHA=y # BR2_TARGET_ROOTFS_TAR is not set Successful before your bump, fails after your bump. Also, it is worth nothing that there is also an issue with the 11.2 version of hiawatha: the hash we have in Buildroot no longer matches the one from the upstream tarball: ERROR: while checking hashes from package/hiawatha/hiawatha.hash ERROR: hiawatha-11.2.tar.gz has wrong sha256 hash: ERROR: expected: 99c64f76927f93469f062ab76b74eb79a397ea4be12da86bf746b2bb57cf1bc5 ERROR: got : e00a659225b5f201b1fd81014277bcfe96da476a165f92fc057f3d7036c8b993 ERROR: Incomplete download, or man-in-the-middle (MITM) attack It "works" because we fallback to sources.buildroot.net, which has the "right" tarball, but it would be nice to understand what's going on. Could you have a look? Thomas
Hi Thomas, Thomas Petazzoni wrote, > Hello Waldemar, > > On Sun, 11 Aug 2024 07:25:20 +0200 > Waldemar Brodkorb <wbx@openadk.org> wrote: > > > See here for a changelog: > > https://hiawatha.leisink.net/changelog > > > > Update Config.in to use the new homepage. > > Update download site to use the new homepage. > > > > Signed-off-by: Waldemar Brodkorb <wbx@openadk.org> > > --- > > package/hiawatha/Config.in | 2 +- > > package/hiawatha/hiawatha.hash | 2 +- > > package/hiawatha/hiawatha.mk | 4 ++-- > > 3 files changed, 4 insertions(+), 4 deletions(-) > > You're going to hate me, but this bump also doesn't build. > > Try to build: > > BR2_arm=y > BR2_cortex_a9=y > BR2_ARM_ENABLE_VFP=y > BR2_TOOLCHAIN_EXTERNAL=y > BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y > BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_ARMV7_EABIHF_MUSL_STABLE=y > BR2_INIT_NONE=y > BR2_SYSTEM_BIN_SH_NONE=y > # BR2_PACKAGE_BUSYBOX is not set > BR2_PACKAGE_HIAWATHA=y > # BR2_TARGET_ROOTFS_TAR is not set > > Successful before your bump, fails after your bump. I only tested with TLS on, sorry. It seems upstream is broken regarding ENABLE_TLS=OFF. I tried to patch CMakeFiles.txt to add the missing sha3.c, but then other symbols are missing. I added 5 missing files and still no go. Uptream is not very active anymore, he mentions on his website that he is doing releases, but no active development anymore. We could remove TLS off case entirely and still have a small secure webserver. What do you think? > Also, it is worth nothing that there is also an issue with the 11.2 > version of hiawatha: the hash we have in Buildroot no longer matches > the one from the upstream tarball: > > ERROR: while checking hashes from package/hiawatha/hiawatha.hash > ERROR: hiawatha-11.2.tar.gz has wrong sha256 hash: > ERROR: expected: 99c64f76927f93469f062ab76b74eb79a397ea4be12da86bf746b2bb57cf1bc5 > ERROR: got : e00a659225b5f201b1fd81014277bcfe96da476a165f92fc057f3d7036c8b993 > ERROR: Incomplete download, or man-in-the-middle (MITM) attack > > It "works" because we fallback to sources.buildroot.net, which has the > "right" tarball, but it would be nice to understand what's going on. > > Could you have a look? It is because the old URL is no longer available and a html is downloaded instead of the tar.gz. best regards Waldemar
On Tue, 13 Aug 2024 08:58:23 +0200 Waldemar Brodkorb <wbx@openadk.org> wrote: > > Successful before your bump, fails after your bump. > > I only tested with TLS on, sorry. > > It seems upstream is broken regarding ENABLE_TLS=OFF. > I tried to patch CMakeFiles.txt to add the missing sha3.c, but then > other symbols are missing. I added 5 missing files and still no go. > Uptream is not very active anymore, he mentions on his website that > he is doing releases, but no active development anymore. > > We could remove TLS off case entirely and still have a small secure > webserver. What do you think? Would be OK for me. However, if upstream is not active anymore, should we drop the package instead? Thomas
Hi Thomas, Thomas Petazzoni wrote, > On Tue, 13 Aug 2024 08:58:23 +0200 > Waldemar Brodkorb <wbx@openadk.org> wrote: > > > > Successful before your bump, fails after your bump. > > > > I only tested with TLS on, sorry. > > > > It seems upstream is broken regarding ENABLE_TLS=OFF. > > I tried to patch CMakeFiles.txt to add the missing sha3.c, but then > > other symbols are missing. I added 5 missing files and still no go. > > Uptream is not very active anymore, he mentions on his website that > > he is doing releases, but no active development anymore. > > > > We could remove TLS off case entirely and still have a small secure > > webserver. What do you think? > > Would be OK for me. However, if upstream is not active anymore, should > we drop the package instead? He is still doing releases and added TLS 1.3 support recently. I would like to update it and keep the package. I can sent him an email to report the issue with TLS off and see what he says. Would you like two patches, one with URL updates for master and the update and TLS removal for next? best regards Waldemar
Hello Waldemar, On Tue, 13 Aug 2024 09:23:29 +0200 Waldemar Brodkorb <wbx@openadk.org> wrote: > > Would be OK for me. However, if upstream is not active anymore, should > > we drop the package instead? > > He is still doing releases and added TLS 1.3 support recently. > I would like to update it and keep the package. I can sent him an > email to report the issue with TLS off and see what he says. Then please report the issue with building without TLS support, hopefully the maintainer will be interested in fixing what really is a regression. > Would you like two patches, one with URL updates for master and > the update and TLS removal for next? URL updates for master, for sure. TLS removal, I would like to wait for the maintainer feedback. I'd prefer to see it fixed instead. Thanks! Thomas
diff --git a/package/hiawatha/Config.in b/package/hiawatha/Config.in index 0c35734c34..8bcee3f098 100644 --- a/package/hiawatha/Config.in +++ b/package/hiawatha/Config.in @@ -27,7 +27,7 @@ config BR2_PACKAGE_HIAWATHA pipelining, keep alive connections, URL rewriting and many more. - http://www.hiawatha-webserver.org/ + https://hiawatha.leisink.net/ if BR2_PACKAGE_HIAWATHA diff --git a/package/hiawatha/hiawatha.hash b/package/hiawatha/hiawatha.hash index 1ee94ee69a..14b8cf8d63 100644 --- a/package/hiawatha/hiawatha.hash +++ b/package/hiawatha/hiawatha.hash @@ -1,3 +1,3 @@ # Locally calculated -sha256 99c64f76927f93469f062ab76b74eb79a397ea4be12da86bf746b2bb57cf1bc5 hiawatha-11.2.tar.gz +sha256 b3c5eb7be007509b7e1f3d88cc03a99904d3b6e5e05d980f9d5bdaa424864dd6 hiawatha-11.6.tar.gz sha256 ab15fd526bd8dd18a9e77ebc139656bf4d33e97fc7238cd11bf60e2b9b8666c6 LICENSE diff --git a/package/hiawatha/hiawatha.mk b/package/hiawatha/hiawatha.mk index 3e9cf2571b..dc82e6ffde 100644 --- a/package/hiawatha/hiawatha.mk +++ b/package/hiawatha/hiawatha.mk @@ -4,8 +4,8 @@ # ################################################################################ -HIAWATHA_VERSION = 11.2 -HIAWATHA_SITE = https://www.hiawatha-webserver.org/files +HIAWATHA_VERSION = 11.6 +HIAWATHA_SITE = https://hiawatha.leisink.net/files HIAWATHA_DEPENDENCIES = zlib HIAWATHA_LICENSE = GPL-2.0 HIAWATHA_LICENSE_FILES = LICENSE
See here for a changelog: https://hiawatha.leisink.net/changelog Update Config.in to use the new homepage. Update download site to use the new homepage. Signed-off-by: Waldemar Brodkorb <wbx@openadk.org> --- package/hiawatha/Config.in | 2 +- package/hiawatha/hiawatha.hash | 2 +- package/hiawatha/hiawatha.mk | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-)