97442 – security/ipsec-tools: IPSec-Tools do not compile

Bug 97442 - security/ipsec-tools: IPSec-Tools do not compile

Summary: security/ipsec-tools: IPSec-Tools do not compile

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	Pav Lucistnik

URL:
Keywords:

Depends on:
Blocks:

Reported:	2006-05-18 01:50 UTC by Thomas Schweikle
Modified:	2006-07-02 20:30 UTC (History)
CC List:	0 users

See Also:

Attachments
smime.p7s (3.31 KB, application/x-pkcs7-signature) 2006-06-20 10:11 UTC, VANHULLEBUS Yvan	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thomas Schweikle 2006-05-18 01:50:15 UTC

# portupgrade ipsec-tools
--->  Upgrading 'ipsec-tools-0.6.5_1' to 'ipsec-tools-0.6.5_2' (security/ipsec-tools)
--->  Building '/usr/ports/security/ipsec-tools'
===>  Cleaning for openssl-0.9.8b
===>  Cleaning for libiconv-1.9.2_2
===>  Cleaning for perl-5.8.8
===>  Cleaning for gdbm-1.8.3_2
===>  Cleaning for gmake-3.80_2
===>  Cleaning for gettext-0.14.5_2
===>  Cleaning for libtool-1.5.22_2
===>  Cleaning for ipsec-tools-0.6.5_2
===>  Vulnerability check disabled, database not found
===>  Found saved configuration for ipsec-tools-0.6.5_2
===>  Extracting for ipsec-tools-0.6.5_2
=> MD5 Checksum OK for ipsec-tools-0.6.5.tar.bz2.
=> SHA256 Checksum OK for ipsec-tools-0.6.5.tar.bz2.
===>  Patching for ipsec-tools-0.6.5_2
===>  Applying FreeBSD patches for ipsec-tools-0.6.5_2
===>   ipsec-tools-0.6.5_2 depends on file: /usr/local/lib/libcrypto.so.4 - found
===>   ipsec-tools-0.6.5_2 depends on shared library: iconv.3 - found
===>  Configuring for ipsec-tools-0.6.5_2
checking for a BSD-compatible install... /usr/bin/install -c -o root -g wheel
checking whether build environment is sane... yes
checking for gawk... no
[...]
In file included from ./crypto_openssl.c:84:
./../../src/racoon/missing/crypto/sha2/sha2.h:105: error: conflicting types for 'SHA256_CTX'
/usr/local/include/openssl/sha.h:134: error: previous declaration of 'SHA256_CTX' was here
./../../src/racoon/missing/crypto/sha2/sha2.h:110: error: conflicting types for 'SHA512_CTX'
/usr/local/include/openssl/sha.h:180: error: previous declaration of 'SHA512_CTX' was here
./../../src/racoon/missing/crypto/sha2/sha2.h:121: error: conflicting types for 'SHA256_Init'
/usr/local/include/openssl/sha.h:141: error: previous declaration of 'SHA256_Init' was here
./../../src/racoon/missing/crypto/sha2/sha2.h:121: error: conflicting types for 'SHA256_Init'
/usr/local/include/openssl/sha.h:141: error: previous declaration of 'SHA256_Init' was here
./../../src/racoon/missing/crypto/sha2/sha2.h:122: error: conflicting types for 'SHA256_Update'
/usr/local/include/openssl/sha.h:142: error: previous declaration of 'SHA256_Update' was here
./../../src/racoon/missing/crypto/sha2/sha2.h:122: error: conflicting types for 'SHA256_Update'
/usr/local/include/openssl/sha.h:142: error: previous declaration of 'SHA256_Update' was here
./../../src/racoon/missing/crypto/sha2/sha2.h:123: error: conflicting types for 'SHA256_Final'
/usr/local/include/openssl/sha.h:143: error: previous declaration of 'SHA256_Final' was here
./../../src/racoon/missing/crypto/sha2/sha2.h:123: error: conflicting types for 'SHA256_Final'
/usr/local/include/openssl/sha.h:143: error: previous declaration of 'SHA256_Final' was here
./../../src/racoon/missing/crypto/sha2/sha2.h:129: error: conflicting types for 'SHA384_Init'
/usr/local/include/openssl/sha.h:184: error: previous declaration of 'SHA384_Init' was here
./../../src/racoon/missing/crypto/sha2/sha2.h:129: error: conflicting types for 'SHA384_Init'
/usr/local/include/openssl/sha.h:184: error: previous declaration of 'SHA384_Init' was here
./../../src/racoon/missing/crypto/sha2/sha2.h:130: error: conflicting types for 'SHA384_Update'
/usr/local/include/openssl/sha.h:185: error: previous declaration of 'SHA384_Update' was here
./../../src/racoon/missing/crypto/sha2/sha2.h:130: error: conflicting types for 'SHA384_Update'
/usr/local/include/openssl/sha.h:185: error: previous declaration of 'SHA384_Update' was here
./../../src/racoon/missing/crypto/sha2/sha2.h:131: error: conflicting types for 'SHA384_Final'
/usr/local/include/openssl/sha.h:186: error: previous declaration of 'SHA384_Final' was here
./../../src/racoon/missing/crypto/sha2/sha2.h:131: error: conflicting types for 'SHA384_Final'
/usr/local/include/openssl/sha.h:186: error: previous declaration of 'SHA384_Final' was here
./../../src/racoon/missing/crypto/sha2/sha2.h:137: error: conflicting types for 'SHA512_Init'
/usr/local/include/openssl/sha.h:188: error: previous declaration of 'SHA512_Init' was here
./../../src/racoon/missing/crypto/sha2/sha2.h:137: error: conflicting types for 'SHA512_Init'
/usr/local/include/openssl/sha.h:188: error: previous declaration of 'SHA512_Init' was here
./../../src/racoon/missing/crypto/sha2/sha2.h:138: error: conflicting types for 'SHA512_Update'
/usr/local/include/openssl/sha.h:189: error: previous declaration of 'SHA512_Update' was here
./../../src/racoon/missing/crypto/sha2/sha2.h:138: error: conflicting types for 'SHA512_Update'
/usr/local/include/openssl/sha.h:189: error: previous declaration of 'SHA512_Update' was here
./../../src/racoon/missing/crypto/sha2/sha2.h:139: error: conflicting types for 'SHA512_Final'
/usr/local/include/openssl/sha.h:190: error: previous declaration of 'SHA512_Final' was here
./../../src/racoon/missing/crypto/sha2/sha2.h:139: error: conflicting types for 'SHA512_Final'
/usr/local/include/openssl/sha.h:190: error: previous declaration of 'SHA512_Final' was here
*** Error code 1

Stop in /usr/ports/security/ipsec-tools/work/ipsec-tools-0.6.5/src/racoon.
*** Error code 1

Stop in /usr/ports/security/ipsec-tools/work/ipsec-tools-0.6.5/src.
*** Error code 1

Stop in /usr/ports/security/ipsec-tools/work/ipsec-tools-0.6.5.
*** Error code 1

Stop in /usr/ports/security/ipsec-tools/work/ipsec-tools-0.6.5.
*** Error code 1

Stop in /usr/ports/security/ipsec-tools.
** Command failed [exit code 1]: /usr/bin/script -qa /tmp/portupgrade43433.0 make
** Fix the problem and try again.
** Listing the failed packages (*:skipped / !:failed)
        ! security/ipsec-tools (ipsec-tools-0.6.5_1)    (compiler error)
--->  Packages processed: 0 done, 0 ignored, 0 skipped and 1 failed

How-To-Repeat: Just upgrade via portupgrade, or remove ipsec-tools using pkg_deinstall, then try to reinstall using portinstall.

Comment 1 Bjoern A. Zeeb freebsd_committer

2006-05-18 07:50:52 UTC

Responsible Changed
From-To: freebsd-bugs->freebsd-ports-bugs

correct category.

Comment 2 Dmitry Andrianov 2006-05-22 19:49:30 UTC

It is not FreeBSD port bug but rather ipsec-tools bug.

I already submitted it to them -
http://sourceforge.net/tracker/index.php?func=detail&aid=1491819&group_i
d=74601&atid=541482

 

If you just need a workaround, then

 

$ cd /usr/ports/security/ipsec-tools/
$ cat > files/patch-configure
--- configure.orig Fri May 19 15:58:36 2006
+++ configure Fri May 19 15:59:34 2006
@@ -24212,6 +24212,7 @@
 cat >>conftest.$ac_ext <<_ACEOF
 /* end confdefs.h. */
 
+ #include <sys/types.h>
 #include <openssl/sha.h> 
int

 

before running make. (If you already run make, rm -rf work and rerun)

Comment 3 Dmitry Andrianov 2006-05-23 23:19:25 UTC

Sorry for rich-text message. Sometimes outlook is a monster.
Re-sending in plaintext

It is not FreeBSD port bug but rather ipsec-tools bug.

I already submitted it to them -
http://sourceforge.net/tracker/index.php?func=3Ddetail&aid=3D1491819&grou=
p_i
d=3D74601&atid=3D541482

If you just need a workaround, then

$ cd /usr/ports/security/ipsec-tools/
$ cat > files/patch-configure
--- configure.orig     Fri May 19 15:58:36 2006
+++ configure  Fri May 19 15:59:34 2006
@@ -24212,6 +24212,7 @@
 cat >>conftest.$ac_ext <<_ACEOF
 /* end confdefs.h.  */
=20
+		#include <sys/types.h>
		#include <openssl/sha.h>=20
 int


before running make. (If you already run make, rm -rf work and rerun)
Note that patch contains TABs! Be careful when copying and pasting.

Comment 4 Dmitry Andrianov 2006-05-26 21:11:43 UTC

Ok, looks like my "workaround" was for 0.6.5_1 while people having
problems with 0.6.5_2
Below is the patch for 0.6.5_2. Since that version already have
a patch for configure, I'm providing a patch for that patch :=)
It has to be applied before running make.

--- files/patch-configure.orig	Fri May 26 19:34:07 2006
+++ files/patch-configure	Fri May 26 19:47:30 2006
@@ -1,5 +1,15 @@
 --- configure.orig	Wed Apr 26 15:28:47 2006
 +++ configure	Wed Apr 26 15:28:56 2006
+@@ -24212,6 +24212,9 @@
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
+ 
++#ifdef HAVE_SYS_TYPES_H
++#include <sys/types.h>
++#endif
+ 		#include <openssl/sha.h>
+ 
+ int
 @@ -25122,6 +25122,74 @@
  fi
===============================================================

Patch is to be applied in /usr/ports/security/ipsec-tools

Comment 5 Pav Lucistnik freebsd_committer

2006-06-16 17:01:17 UTC

Dear maintainer of FreeBSD port security/ipsec-tools, please take a look
at

http://www.freebsd.org/cgi/query-pr.cgi?q=97442

What do you think about the included patch?

-- 
Pav Lucistnik <pav@oook.cz>
              <pav@FreeBSD.org>

Fufie> snow should be on the tv and in the mountains, not here

Comment 6 Pav Lucistnik freebsd_committer

2006-06-16 17:01:20 UTC

State Changed
From-To: open->feedback

Asked maintainer for opinion

Comment 7 Pav Lucistnik freebsd_committer

2006-06-16 17:01:20 UTC

Responsible Changed
From-To: freebsd-ports-bugs->pav

Take

Comment 8 VANHULLEBUS Yvan 2006-06-20 10:11:58 UTC

On Fri, Jun 16, 2006 at 06:01:17PM +0200, Pav Lucistnik wrote:
> Dear maintainer of FreeBSD port security/ipsec-tools, please take a look
> at
> 
> http://www.freebsd.org/cgi/query-pr.cgi?q=97442
> 
> What do you think about the included patch?

Hi.

I can't reproduce the problem, it may be related to OpenSSL's
installed version, or "something else".

But according to some other reports on ipsec-tools's ML, it looks like
the patch will fix the problem for people who have it, and I just
checked it won't break things for people who don't have it.

So you can safely add the patch (I tested the patch-configure's
patch), and we will report it for future versions of ipsec-tools.

Yvan.

-- 
NETASQ
http://www.netasq.com

Comment 9 Pav Lucistnik freebsd_committer

2006-06-20 10:54:04 UTC

State Changed
From-To: feedback->closed

SHould be fixed now.

Comment 10 Thomas Schweikle 2006-07-02 20:20:31 UTC

No, it is not fixed. Checked out the latest version, compiled,
then again:

> screen@hazel /usr/ports/security/ipsec-tools # make install
> ===>  Building for ipsec-tools-0.6.6
> make  all-recursive
> Making all in src
> Making all in libipsec
> Making all in setkey
> Making all in racoon


...

> cc -DHAVE_CONFIG_H -I. -I. -I../.. -I./../libipsec

-I/usr/include   -I./../../src/racoon/missing -D_GNU_SOURCE
-DSYSCONFDIR=\"/usr/local/etc/racoon\"
-DADMINPORTDIR=\"/var/db/racoon\" -O2 -fno-strict-aliasing -pipe
-march=pentium2 -I/usr/local/include  -Wall -Werror -Wno-unused
-DEAYDEBUG -o crypto_openssl_test.o -c ./crypto_openssl.c
> In file included from ./crypto_openssl.c:68:
> /usr/include/openssl/rc5.h:67:2: #error RC5 is disabled.
> *** Error code 1
>
> Stop in

/usr/ports/security/ipsec-tools/work/ipsec-tools-0.6.6/src/racoon.
> *** Error code 1
>
> Stop in

/usr/ports/security/ipsec-tools/work/ipsec-tools-0.6.6/src.
> *** Error code 1
>
> Stop in /usr/ports/security/ipsec-tools/work/ipsec-tools-0.6.6.
> *** Error code 1
>
> Stop in /usr/ports/security/ipsec-tools/work/ipsec-tools-0.6.6.
> *** Error code 1
>
> Stop in /usr/ports/security/ipsec-tools.


For me it looks a lot like something disables RC5 in openssl
making various other things fail depending on RC5 routines not
included this way.

Since "make config" doesn't help and "/etc/make.conf" does not
hold anything related to RC5 and openssl --- how to enable RC5
to make openssl not breaking various other packages?!

-- 
Thomas