From owner-freebsd-ports@freebsd.org Sun Mar 10 07:23:51 2019 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A2941152856E for ; Sun, 10 Mar 2019 07:23:51 +0000 (UTC) (envelope-from franco@lastsummer.de) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id E3B1969A3C for ; Sun, 10 Mar 2019 07:23:50 +0000 (UTC) (envelope-from franco@lastsummer.de) Received: by mailman.ysv.freebsd.org (Postfix) id A707D1528563; Sun, 10 Mar 2019 07:23:50 +0000 (UTC) Delivered-To: ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 930BF1528562 for ; Sun, 10 Mar 2019 07:23:50 +0000 (UTC) (envelope-from franco@lastsummer.de) Received: from host64.shmhost.net (host64.shmhost.net [213.239.241.64]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 211FA69A3A; Sun, 10 Mar 2019 07:23:49 +0000 (UTC) (envelope-from franco@lastsummer.de) Received: from francos-mbp.homeoffice.local (dslb-002-203-231-019.002.203.pools.vodafone-ip.de [2.203.231.19]) by host64.shmhost.net (Postfix) with ESMTPSA id 44HCQQ3GWbzCDbR; Sun, 10 Mar 2019 08:23:42 +0100 (CET) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\)) Subject: Re: Open strongswan bugs From: Franco Fichtner In-Reply-To: <20190309104634.GB5474@home.opsec.eu> Date: Sun, 10 Mar 2019 08:23:41 +0100 Cc: FreeBSD Ports , "strongswan@nanoteq.com" Content-Transfer-Encoding: quoted-printable Message-Id: References: <3BA04555-E55B-4180-939B-6884E15E41D8@lastsummer.de> <20190309104634.GB5474@home.opsec.eu> To: Kurt Jaeger X-Mailer: Apple Mail (2.3445.102.3) X-Virus-Scanned: clamav-milter 0.100.2 at host64.shmhost.net X-Virus-Status: Clean X-Rspamd-Queue-Id: 211FA69A3A X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-6.98 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; REPLY(-4.00)[]; NEURAL_HAM_SHORT(-0.98)[-0.975,0] X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Mar 2019 07:23:51 -0000 Hi, > On 9. Mar 2019, at 11:46 AM, Kurt Jaeger wrote: >=20 >> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D212149 >=20 > I'm unsure about closing this one. Right now strongswan does not > build with libressl, right ? It's tricky. LibreSSL is not supported and currently the only way to make it build is modify the opensslv.h file in LibreSSL to emit a "compatible" version number since StrongSwan only uses version checks to figure out features. So this is in all likeliness a larger upstream issue. https://wiki.strongswan.org/issues/2495 https://wiki.strongswan.org/issues/2165 > Either the FreeBSD port adds patches to allow build with libressl, > or upstream does it, otherwise that PR is just unresolved, and > has to stay open. Ah, okay, then it should stay open indeed. >> LibreSSL support in StrongSwan is nonexistent, a patch >> set for interested parties can be found at: >>=20 >> = https://github.com/opnsense/ports/blob/master/security/strongswan/Makefile= #L126-L131 >=20 > So, does the maintainer approve that patch ? See above, requires fudging the OPENSSL_VERSION_NUMBER via libressl port include file: = https://github.com/opnsense/ports/blob/master/security/libressl/files/patc= h-include_openssl_opensslv.h It looks like too much trickery for useful FreeBSD inclusion although the end result is a working StrongSwan port. Cheers, Franco