Date: Mon, 11 Nov 2013 10:20:01 GMT From: strongswan <strongswan@Nanoteq.com> To: freebsd-ports-bugs@FreeBSD.org Subject: RE: ports/183688: [maintainer update] security/strongswan 5.0.4 -> 5.1.1 Message-ID: <201311111020.rABAK1Ms070164@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/183688; it has been noted by GNATS. From: strongswan <strongswan@Nanoteq.com> To: "bug-followup@FreeBSD.org" <bug-followup@FreeBSD.org> Cc: Subject: RE: ports/183688: [maintainer update] security/strongswan 5.0.4 -> 5.1.1 Date: Mon, 11 Nov 2013 12:14:51 +0200 Hi David Thanks for the feedback. I will look into changing the config file locations, this should just requi= re some additional modifications to the make files (Will see if I can inclu= de this in a future patch) The pfkey patch only adds the camellia algorithm, it is actually in FreeBSD= but it was never included in the pfkey interface. I also wanted to include the AES-GCM algorithms but the kernel patches for = these have not made it into HEAD yet. I will have a look at the libipsec plugin. I managed to get a mostly autom= ated testing setup for strongSwan now, so new releases should be fairly qui= ck to test. Kind Regards Francois ten Krooden. ________________________________________ From: David Shane Holden [dpejesh@yahoo.com] Sent: Wednesday, November 06, 2013 3:19 AM To: bug-followup@FreeBSD.org; strongswan Subject: Re: ports/183688: [maintainer update] security/strongswan 5.0.4 ->= 5.1.1 I actually had a patch for this which I was planning on sending, but you beat me to it. I have a couple of questions/suggestions though. * If the config files are going to be used as samples I think they should be moved to share/examples/strongswan instead of being left in etc. I know other ports are dumping samples in etc and I think it's tacky. * I couldn't find any reference to your patch to kernel_pfkey_ipsec.c anywhere. Does it fix a bug or is it just an optimization that you've tested? Either way, seems that it belongs upstream and not a patch in the ports tree since other platforms use the pfkey interface too. * 5.1.0 also added the kernel-libipsec plugin which looks like it might be worth having a config option for. -- Dave Important Notice: This e-mail and its contents are subject to the Nanoteq (Pty) Ltd e-mail le= gal notice available at: http://www.nanoteq.com/AboutUs/EmailDisclaimer.aspx
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201311111020.rABAK1Ms070164>