Date: Wed, 3 May 2006 08:10:21 GMT From: VANHULLEBUS Yvan <yvan.vanhullebus@netasq.com> To: freebsd-ports-bugs@FreeBSD.org Subject: Re: ports/96368: security/ipsec-tools: use OPTIONS, extend featureset Message-ID: <200605030810.k438ALmI035144@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/96368; it has been noted by GNATS. From: VANHULLEBUS Yvan <yvan.vanhullebus@netasq.com> To: Joerg Pulz <Joerg.Pulz@frm2.tum.de> Cc: Renato Botelho <garga@freebsd.org>, bug-followup@freebsd.org Subject: Re: ports/96368: security/ipsec-tools: use OPTIONS, extend featureset Date: Wed, 3 May 2006 10:04:56 +0200 --jRHKVT23PllUwdXP Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, May 03, 2006 at 08:05:20AM +0200, Joerg Pulz wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 >=20 >=20 > On Tue, 2 May 2006, VANHULLEBUS Yvan wrote: >=20 > >On Sun, Apr 30, 2006 at 11:20:51PM +0200, Joerg Pulz wrote: > [...] > >>- - added some descriptive output if NATT is enabled (to please Yvan ;)= ) > > > >The simplest description in the option would be "enable NAT-T if > >kernel support". That is exactly what configure will do. >=20 > The OPTIONS description for NATT is already set to: > "enable NAT-Traversal (kernel-patch required)" >=20 > I think this is enough, as it is more than the current version of the=20 > port has as description (currently there is no message at all). Yep. > >The warning message if activated is also a good thing. >=20 > There is a warning now which points the user to the URL for the=20 > downloadable patches. It appears just before configure kicks in. Yes, I already noticed it, that's the warning message I was talking about. > >>- - small change to pkg-plist to create and delete the STATEDIR > > > > > >I also took more time to look at the configure patch. > > > >If this is not "so urgent", the best way is to report a patch to > >configure.ac directly to ipsec-tools-devel Ml (or directly to me), > >I'll integrate it for 0.6.6 (which will soon need to be released). >=20 > I will take a look at this, maybe i can write a small patch which you can= =20 > integrate in the next release. Send me the patch if you have time to make it. > But for now we should keep it as it is, to=20 > have a consistent behavior for port and package. Ok for me if it's not trivial to do the patch directly in ipsec-tools 0.6.6. [adminport] > >The reason why I'm not sure it is a good idea to enable it by default > >is that it will create the socket file needed to communicate between > >racoonctl/racoon, but I know they are some caveheats where the file is > >not correctly removed (for example if racoon crashes). > > > >People may take a lot of time to understant that racoon doesn't > >restart just because the file already exists ! >=20 > Just curious, i have no problem starting/restarting racoon when the socke= t=20 > file already exists. I just often use adminport, and just remember that "I had some problems in the past", perhaps it has been fixed by someone else, I'll recheck. > Anyway, to please you even more, I've modified the racoon.sh rcNG script = a=20 > little bit, that it removes the pidfile and the socketfile after a normal= =20 > stop of racoon and just before the racoon startup, in case racoon died=20 > unexpectedly. Now we are sure that we have no leftovers from previously= =20 > running racoon processes. > I've also set the ADMINPORT OPTION to off by default. Good. > The new complete patch is: Just for information, I don't know why, but if I just save your patch and try to apply it, I always have a "File to patch:" request by patch... I don't know if I use an old version of patch (FreeBSD6.1's one) or if your diff has "something" (I noticed that all lines which should start by "- " starts by "- -", but I also tried to remove those manually, and it doesn't change anything), as I'm not a diff/patch guru.... If the commiter don't have this problem applying the patch, it's ok for me. Thanks again for the time you took to provide the patch, and for the time you took to made it "Vanhu compliant" :-) Yvan. --=20 NETASQ - Secure Internet Connectivity http://www.netasq.com --jRHKVT23PllUwdXP Content-Type: application/x-pkcs7-signature Content-Disposition: attachment; filename="smime.p7s" Content-Transfer-Encoding: base64 MIINPQYJKoZIhvcNAQcCoIINLjCCDSoCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC CokwggZ/MIIFZ6ADAgECAgpwxrFIFmvykFosMA0GCSqGSIb3DQEBBAUAMIGRMQswCQYDVQQG EwJGUjENMAsGA1UECBMETm9yZDEaMBgGA1UEBxMRVmlsbGVuZXV2ZSBkJ0FzY3ExLjAsBgNV BAoTJU5FVEFTUSAtIFNlY3VyZSBJbnRlcm5ldCBDb25uZWN0aXZpdHkxJzAlBgNVBAsTHk5F VEFTUSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNTA3MTUxNDQ0NDNaFw0wNzA3MTUx NDQ0NDNaMIHYMQswCQYDVQQGEwJGUjENMAsGA1UECBMETm9yZDEuMCwGA1UEChMlTkVUQVNR IC0gU2VjdXJlIEludGVybmV0IENvbm5lY3Rpdml0eTEnMCUGA1UECxMeTkVUQVNRIENlcnRp ZmljYXRpb24gQXV0aG9yaXR5MRowGAYDVQQHExFWaWxsZW5ldXZlIGQnQXNjcTEZMBcGA1UE AxMQeXZhbiBWQU5IVUxMRUJVUzEqMCgGCSqGSIb3DQEJARYbeXZhbi52YW5odWxsZWJ1c0Bu ZXRhc3EuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0quG0Q0oe+uM8lT HAklvpFArPSxUE8qM+NzfqOUaMaAI9/+Zg1kFOSrcYYRnB0R7ZGj9H+wk92l6+9jdOJx+1cG 9wwhCzTFuN1qxiznhXtryOwZ9vZswnAJXH3b0R0hL0CUsv54KWGsZIDI72KHrEx/KThY7iU7 AMq8/MqGGjSixXzhm89ybWm4N36dWRJvyT3oHFRREDLhGhherC+FJPied4FwIjth7worVD9m SVAPgp0WHpAhMqVe4vp4bJvpT9Qrv38cccfEiaaFaUvOCSF7h5gXy6F+D7xV/3adGqAwZ3sI o1qN4SijkaI6uqbUP+zslX3t78qHSc7HWhVm4QIDAQABo4ICjjCCAoowDAYDVR0TAQH/BAIw ADAdBgNVHQ4EFgQU/CR/mkkP1k1mu7ApVahPzBnqdJowgb4GA1UdIwSBtjCBs4AUJyrrHdlE 2joXc2oJICDJJaj5f7KhgZekgZQwgZExCzAJBgNVBAYTAkZSMQ0wCwYDVQQIEwROb3JkMRow GAYDVQQHExFWaWxsZW5ldXZlIGQnQXNjcTEuMCwGA1UEChMlTkVUQVNRIC0gU2VjdXJlIElu dGVybmV0IENvbm5lY3Rpdml0eTEnMCUGA1UECxMeTkVUQVNRIENlcnRpZmljYXRpb24gQXV0 aG9yaXR5ggEAMA4GA1UdDwEB/wQEAwIF4DARBglghkgBhvhCAQEEBAMCBaAwKwYJKwYBBAGC NxQCBB4eHABTAG0AYQByAHQAYwBhAHIAZABMAG8AZwBvAG4wLAYDVR0lAQH/BCIwIAYIKwYB BQUHAwQGCCsGAQUFBwMCBgorBgEEAYI3FAICMCsGA1UdEQQkMCKgIAYKKwYBBAGCNxQCA6AS DBB5dmFudkBuZXRhc3EuY29tMIHNBgNVHR8EgcUwgcIwWqBYoFaGVGxkYXA6Ly9wa2kubmV0 YXNxLmNvbS9jbj1md2NhLG91PWNhcyxvPW5ldGFzcSxkYz1mcj9jZXJ0aWZpY2F0ZVJldm9j YXRpb25MaXN0O2JpbmFyeTA4oDagNIYyaHR0cDovL2ludHJhbmV0Lm5ldGFzcS5jb20vaW50 cmFuZXQvcGtpL25ldGFzcS5jcmwwKqAooCaGJGh0dHA6Ly93d3cubmV0YXNxLmNvbS9wa2kv bmV0YXNxLmNybDAfBglghkgBhvhCAQ0EEhYQVXNlciBDZXJ0aWZpY2F0ZTANBgkqhkiG9w0B AQQFAAOCAQEAMlfufwmHT/3KRXLIx0jcRwT9bOboCGMQrI7xK/kk9t0jvGm3KTlVN2uuZ0Hk VU2QWqw6hPPoc1mclOPPWfNW4DHGafbIAqritDMoAtwCe7BkeZFaTRcigrnNJhyIjlfTHrrF Pz8Iul+ZugtAV8gCrpMPrF/RUJ2wgvUiBrp/1zhTZ0WMini5KK/MEiWgvZKHq0Y4riD9Sw5L 84TbPcwQmHG4aQhsKkTNC9S80qurRVmTre+Qo68fzGXznPsSU/atH0OCIka3KYcJmrnoFosh 0fuWOhKRTDfcTVarpCFhFiNvg8gxUxi9kdI2m/u2h7zEYvEH89G4HQ6NFBNvh0XfjjCCBAIw ggLqoAMCAQICAQAwDQYJKoZIhvcNAQEEBQAwgZExCzAJBgNVBAYTAkZSMQ0wCwYDVQQIEwRO b3JkMRowGAYDVQQHExFWaWxsZW5ldXZlIGQnQXNjcTEuMCwGA1UEChMlTkVUQVNRIC0gU2Vj dXJlIEludGVybmV0IENvbm5lY3Rpdml0eTEnMCUGA1UECxMeTkVUQVNRIENlcnRpZmljYXRp b24gQXV0aG9yaXR5MB4XDTAyMDIxOTEyMzQ1NVoXDTIyMDIxNDEyMzQ1NVowgZExCzAJBgNV BAYTAkZSMQ0wCwYDVQQIEwROb3JkMRowGAYDVQQHExFWaWxsZW5ldXZlIGQnQXNjcTEuMCwG A1UEChMlTkVUQVNRIC0gU2VjdXJlIEludGVybmV0IENvbm5lY3Rpdml0eTEnMCUGA1UECxMe TkVUQVNRIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEAwYBPi3ref6t0tuJMoj5R4H7sa+WMSZwDh4XHjZV5e6P6LObyrleC6oNFDZJr gBtKk9Swzfnnf4m3xc0QS9kKCPLFwLpmIK3RCx0K4YYi+uBrrL347kH4UPfrI6KvrYcFpG3Y wFZUK+7LZn/Y9HSB6n4gvdiCk7cmkuFr1ifFtDYZqktNUss9yQCPqh0d9dXfuhRV8vyggvVk cfTZcCyVpRaDYaDm0j30Urba62KsKxfh6cEAt6kmPUxviGVaoEiiaABDZVSu6PjS17qDcZaQ zlnwhLacKyM1zR7+lvfFR03/h6m8JYGBPMP7zccH2uJfufh+Of3AvOfCFZFcNhzHCwIDAQAB o2MwYTAdBgNVHQ4EFgQUJyrrHdlE2joXc2oJICDJJaj5f7IwHwYDVR0jBBgwFoAUJyrrHdlE 2joXc2oJICDJJaj5f7IwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZI hvcNAQEEBQADggEBAJclqFN/WqYmhcZlXabrw6KJQNq/TK6TLDHzwZVcyjn0QhujHRr+EcVp aE1pIS4fjsywzpINE3fe9DSlC4IzyeqDq3EtM4eQDSXm4YRGLZp8X2M5TdccmxlElDgZzlVX MOlo/Ehhh4vqzSbc1M4FEfETiEV+vLX5MaWEHH8dmzlEL632mOme19QJN6BQKJPmCCj1VbxJ DrJSpF01kXFJUtyrA0ilrEG0mA+FLFjfsWuZXzYEPjv1/FIPMlSnCCiW8ZSzwstQX2BhLEi0 ugZJRpakVMY/TkdoLEErYt0mjZD+d/oXFR7QNzMxAHpDEPmlZRotP1W7sO6kpBP7lyh/Yc4x ggJ8MIICeAIBATCBoDCBkTELMAkGA1UEBhMCRlIxDTALBgNVBAgTBE5vcmQxGjAYBgNVBAcT EVZpbGxlbmV1dmUgZCdBc2NxMS4wLAYDVQQKEyVORVRBU1EgLSBTZWN1cmUgSW50ZXJuZXQg Q29ubmVjdGl2aXR5MScwJQYDVQQLEx5ORVRBU1EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkC CnDGsUgWa/KQWiwwCQYFKw4DAhoFAKCBsTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwG CSqGSIb3DQEJBTEPFw0wNjA1MDMwODA0NTVaMCMGCSqGSIb3DQEJBDEWBBQpLGDNo9M32RZb jp2Eg5kpbdRBeTBSBgkqhkiG9w0BCQ8xRTBDMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIA gDANBggqhkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDANBgkqhkiG9w0BAQEF AASCAQBgWvK4SG3rm/Rj7WQiCq+QP+1q6y6yDmSC9P/vz69rr2IcmpL8XYCrb0ah8Bt1+nG8 trlfaiWUDZ8Hm/JXGKNEcnSbsNpkYTKRgGr9MdfYtv2yxiQqh/yJ/HVN8QZ2tiYzCig66mhm aG4OQHMsyVg5FCFnBrBFABKhUh8/09XnKoHh/madZebcc0ClqPh7hzUUxZ8FCggsMhBFI6uY e56akS8ijTruusy5PEtxiCl3L7tPqiSC5+6fhCyeFwfSsei7BbBAIUG+4e4YyV6SZXw93hbG 7p1XQe3ejxCIM14XuOT4Y7h5R0AyfSbNC0hLdVHSiNd6IBnwgrX7LMFNmRc8 --jRHKVT23PllUwdXP--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200605030810.k438ALmI035144>