From owner-freebsd-ports-bugs@FreeBSD.ORG Mon Nov 11 10:20:02 2013 Return-Path: Delivered-To: freebsd-ports-bugs@smarthost.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 424D5625 for ; Mon, 11 Nov 2013 10:20:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 141A02967 for ; Mon, 11 Nov 2013 10:20:02 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id rABAK11L070165 for ; Mon, 11 Nov 2013 10:20:01 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id rABAK1Ms070164; Mon, 11 Nov 2013 10:20:01 GMT (envelope-from gnats) Date: Mon, 11 Nov 2013 10:20:01 GMT Message-Id: <201311111020.rABAK1Ms070164@freefall.freebsd.org> To: freebsd-ports-bugs@FreeBSD.org Cc: From: strongswan Subject: RE: ports/183688: [maintainer update] security/strongswan 5.0.4 -> 5.1.1 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: strongswan List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Nov 2013 10:20:02 -0000 The following reply was made to PR ports/183688; it has been noted by GNATS. From: strongswan To: "bug-followup@FreeBSD.org" Cc: Subject: RE: ports/183688: [maintainer update] security/strongswan 5.0.4 -> 5.1.1 Date: Mon, 11 Nov 2013 12:14:51 +0200 Hi David Thanks for the feedback. I will look into changing the config file locations, this should just requi= re some additional modifications to the make files (Will see if I can inclu= de this in a future patch) The pfkey patch only adds the camellia algorithm, it is actually in FreeBSD= but it was never included in the pfkey interface. I also wanted to include the AES-GCM algorithms but the kernel patches for = these have not made it into HEAD yet. I will have a look at the libipsec plugin. I managed to get a mostly autom= ated testing setup for strongSwan now, so new releases should be fairly qui= ck to test. Kind Regards Francois ten Krooden. ________________________________________ From: David Shane Holden [dpejesh@yahoo.com] Sent: Wednesday, November 06, 2013 3:19 AM To: bug-followup@FreeBSD.org; strongswan Subject: Re: ports/183688: [maintainer update] security/strongswan 5.0.4 ->= 5.1.1 I actually had a patch for this which I was planning on sending, but you beat me to it. I have a couple of questions/suggestions though. * If the config files are going to be used as samples I think they should be moved to share/examples/strongswan instead of being left in etc. I know other ports are dumping samples in etc and I think it's tacky. * I couldn't find any reference to your patch to kernel_pfkey_ipsec.c anywhere. Does it fix a bug or is it just an optimization that you've tested? Either way, seems that it belongs upstream and not a patch in the ports tree since other platforms use the pfkey interface too. * 5.1.0 also added the kernel-libipsec plugin which looks like it might be worth having a config option for. -- Dave Important Notice: This e-mail and its contents are subject to the Nanoteq (Pty) Ltd e-mail le= gal notice available at: http://www.nanoteq.com/AboutUs/EmailDisclaimer.aspx