From owner-freebsd-ports-bugs@FreeBSD.ORG  Mon Nov 13 18:49:09 2006
Return-Path: <owner-freebsd-ports-bugs@FreeBSD.ORG>
X-Original-To: freebsd-ports-bugs@hub.freebsd.org
Delivered-To: freebsd-ports-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 0F69416A4E5
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Mon, 13 Nov 2006 18:49:09 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id BA0D74404F
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Mon, 13 Nov 2006 18:40:23 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id kADIeCKY038309
	for <freebsd-ports-bugs@freefall.freebsd.org>;
	Mon, 13 Nov 2006 18:40:12 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.13.4/8.13.4/Submit) id kADIeCSb038307;
	Mon, 13 Nov 2006 18:40:12 GMT (envelope-from gnats)
Resent-Date: Mon, 13 Nov 2006 18:40:12 GMT
Resent-Message-Id: <200611131840.kADIeCSb038307@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-ports-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
	"Bjoern A.Zeeb" <bzeeb+freebsd+ports@zabbadoz.net>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3990D16A407
	for <freebsd-gnats-submit@freebsd.org>;
	Mon, 13 Nov 2006 18:36:23 +0000 (UTC) (envelope-from bz@zabbadoz.net)
Received: from transport.cksoft.de (transport.cksoft.de [62.111.66.27])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 5ECEE44285
	for <freebsd-gnats-submit@freebsd.org>;
	Mon, 13 Nov 2006 18:30:18 +0000 (GMT) (envelope-from bz@zabbadoz.net)
Received: from transport.cksoft.de (localhost [127.0.0.1])
	by transport.cksoft.de (Postfix) with ESMTP id 582571FFD6A
	for <freebsd-gnats-submit@freebsd.org>;
	Mon, 13 Nov 2006 19:30:10 +0100 (CET)
Received: by transport.cksoft.de (Postfix, from userid 66)
	id 478BE1FFD1D; Mon, 13 Nov 2006 19:30:05 +0100 (CET)
Received: by mail.int.zabbadoz.net (Postfix, from userid 1060)
	id 327B3444892; Mon, 13 Nov 2006 18:29:00 +0000 (UTC)
Message-Id: <20061113182900.327B3444892@mail.int.zabbadoz.net>
Date: Mon, 13 Nov 2006 18:29:00 +0000 (UTC)
From: "Bjoern A.Zeeb" <bzeeb+freebsd+ports@zabbadoz.net>
To: FreeBSD-gnats-submit@FreeBSD.org
Cc: "Bjoern A.Zeeb" <bzeeb+freebsd+ports@zabbadoz.net>
Subject: ports/105488: [patch] security/ipsec-tools: NAT-T support silently
	ignored if header file unpatched
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Nov 2006 18:49:09 -0000


>Number:         105488
>Category:       ports
>Synopsis:       [patch] security/ipsec-tools: NAT-T support silently ignored if header file unpatched
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Mon Nov 13 18:40:12 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator:     Bjoern A. Zeeb
>Release:        FreeBSD 7.0-CURRENT i386
>Organization:
Zabbadoz.NeT
>Environment:
	CURRENT that needs updating

>Description:
	ipsec-tools has a make config option to enable NAT-T support
        or leave it disabled.
	To be able to compile in NAT-T support  patched header files have to
	be installed to the system the port is build on.
	People enabling NAT-T support but not having installed the patched
	header files do not get NAT-T support and only a single line
	output from configure/autotools tells you about this so it is
	unlikely that anyone will ever notice.
	Usually people install ipsec-tools and wonder why NAT-T support
	is not working. We have already seen those problems on freebsd-net@
	for example.

>How-To-Repeat:
	turn on option NATT in make config compiling on an unpatched
	base system and look at the configure output or try to use the
	package with a patched kernel. There is no error message though
	you said "I want this to be on".

>Fix:
	If NATT is enabled in make config tell gnu configure that we really
	want it and not only optionally want it so the port will fail to
	build if no patched header files are available.

Index: Makefile
===================================================================
RCS file: /local/mirror/FreeBSD/r/pcvs/ports/security/ipsec-tools/Makefile,v
retrieving revision 1.13
diff -u -p -r1.13 Makefile
--- Makefile    16 Jun 2006 16:02:54 -0000      1.13
+++ Makefile    13 Nov 2006 14:12:50 -0000
@@ -89,7 +89,7 @@ CONFIGURE_ARGS+=      --disable-dpd
 .endif
 
 .ifdef(WITH_NATT)
-CONFIGURE_ARGS+=       --enable-natt=kernel
+CONFIGURE_ARGS+=       --enable-natt=yes
 .else
 CONFIGURE_ARGS+=       --disable-natt
 .endif

>Release-Note:
>Audit-Trail:
>Unformatted: