Date: Fri, 28 Mar 2008 17:04:06 +0600 (NOVT) From: Dmitry A Grigorovich <odip@bionet.nsc.ru> To: FreeBSD-gnats-submit@FreeBSD.org Cc: vanhu@netasq.com Subject: ports/122187: [patch] ipsec-tools failed build on FreeBSD 7.0 when RC5 is ON Message-ID: <20080328110406.3327821965@manticore.bionet.nsc.ru> Resent-Message-ID: <200803281140.m2SBe1gX048361@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 122187
>Category: ports
>Synopsis: [patch] ipsec-tools failed build on FreeBSD 7.0 when RC5 is ON
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Fri Mar 28 11:40:01 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator: Dmitry A Grigorovich
>Release: FreeBSD 7.0-RELEASE i386
>Organization:
ICiG SB RAS, Novisibirsk, Russia
>Environment:
System: FreeBSD elf.bionet.nsc.ru 7.0-RELEASE FreeBSD 7.0-RELEASE #0
>Description:
On FreeBSD 7.0 try to build security/ipsec-tools with option RC5 is ON
root@elf# cd /usr/ports/security/ipsec-tools
root@elf# make showconfig
===> The following configuration options are available for ipsec-tools-0.7:
DEBUG=on "enable Debug support"
IPV6=on "enable IPV6 support"
ADMINPORT=on "enable Admin port"
STATS=on "enable Statistics logging function"
DPD=on "enable Dead Peer Detection"
NATT=off "enable NAT-Traversal (kernel-patch required)"
NATTF=off "require NAT-Traversal (fail without kernel-patch)"
FRAG=on "enable IKE fragmentation payload support"
HYBRID=on "enable Hybrid Mode-cfg and Xauth support"
PAM=on "enable PAM authentication"
GSSAPI=off "enable GSS-API authentication"
RADIUS=off "enable Radius authentication"
SAUNSPEC=off "enable Unspecified SA mode"
RC5=on "enable RC5 encryption (patented)"
IDEA=on "enable IDEA encryption (patented)"
===> Use 'make config' to modify these settings
root@elf# make build
...
cc -DHAVE_CONFIG_H -I. -I../.. -I./../libipsec -I./../../src/racoon/missing -D_GNU_SOURCE -DSYSCONFDIR=\"/usr/local/etc/racoon\" -DADMINPORTDIR=\"/var/db/racoon\" -pipe -march=pentiumpro -g -Wall -Werror -Wno-unused -DEAYDEBUG -o crypto_openssl_test.o -c ./crypto_openssl.c
cc1: warnings being treated as errors
./crypto_openssl.c: In function 'eay_rc5_encrypt':
./crypto_openssl.c:1394: warning: pointer targets in passing argument 3 of 'RC5_32_set_key' differ in signedness
./crypto_openssl.c:1402: warning: pointer targets in passing argument 1 of 'RC5_32_cbc_encrypt' differ in signedness
./crypto_openssl.c:1402: warning: pointer targets in passing argument 2 of 'RC5_32_cbc_encrypt' differ in signedness
./crypto_openssl.c:1402: warning: pointer targets in passing argument 5 of 'RC5_32_cbc_encrypt' differ in signedness
./crypto_openssl.c: In function 'eay_rc5_decrypt':
./crypto_openssl.c:1415: warning: pointer targets in passing argument 3 of 'RC5_32_set_key' differ in signedness
./crypto_openssl.c:1423: warning: pointer targets in passing argument 1 of 'RC5_32_cbc_encrypt' differ in signedness
./crypto_openssl.c:1423: warning: pointer targets in passing argument 2 of 'RC5_32_cbc_encrypt' differ in signedness
./crypto_openssl.c:1423: warning: pointer targets in passing argument 5 of 'RC5_32_cbc_encrypt' differ in signedness
*** Error code 1
Stop in /usr/ports/security/ipsec-tools/work/ipsec-tools-0.7/src/racoon.
*** Error code 1
Stop in /usr/ports/security/ipsec-tools/work/ipsec-tools-0.7/src.
*** Error code 1
Stop in /usr/ports/security/ipsec-tools/work/ipsec-tools-0.7.
*** Error code 1
Stop in /usr/ports/security/ipsec-tools/work/ipsec-tools-0.7.
*** Error code 1
Stop in /usr/ports/security/ipsec-tools.
*** Error code 1
Stop in /usr/ports/security/ipsec-tools.
==============================
On FreeBSD 6.3 bulding with same settings is OK
>How-To-Repeat:
See above !
>Fix:
Add following patch to /usr/ports/security/ipsec-tools/files/
Rebuild security/ipsec-tools
--- patch-crypto_openssl.c begins here ---
--- src/racoon/crypto_openssl.c.orig 2006-12-18 16:18:10.000000000 +0600
+++ src/racoon/crypto_openssl.c 2008-03-28 16:36:05.000000000 +0600
@@ -1391,15 +1391,15 @@
RC5_32_KEY ks;
/* in RFC 2451, there is information about the number of round. */
- RC5_32_set_key(&ks, key->l, key->v, 16);
+ RC5_32_set_key(&ks, key->l, (unsigned char*)key->v, 16);
/* allocate buffer for result */
if ((res = vmalloc(data->l)) == NULL)
return NULL;
/* decryption data */
- RC5_32_cbc_encrypt(data->v, res->v, data->l,
- &ks, iv->v, RC5_ENCRYPT);
+ RC5_32_cbc_encrypt( (unsigned char*)data->v, (unsigned char*)res->v, data->l,
+ &ks, (unsigned char*)iv->v, RC5_ENCRYPT);
return res;
}
@@ -1412,15 +1412,15 @@
RC5_32_KEY ks;
/* in RFC 2451, there is information about the number of round. */
- RC5_32_set_key(&ks, key->l, key->v, 16);
+ RC5_32_set_key(&ks, key->l, (unsigned char*)key->v, 16);
/* allocate buffer for result */
if ((res = vmalloc(data->l)) == NULL)
return NULL;
/* decryption data */
- RC5_32_cbc_encrypt(data->v, res->v, data->l,
- &ks, iv->v, RC5_DECRYPT);
+ RC5_32_cbc_encrypt( (unsigned char*)data->v, (unsigned char*)res->v, data->l,
+ &ks, (unsigned char*)iv->v, RC5_DECRYPT);
return res;
}
--- patch-crypto_openssl.c ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080328110406.3327821965>