Comment 1 Fernando Apesteguía 2022-05-10 06:57:37 UTC

Hi Andrew,

Do you mean this file?

/usr/src/contrib/unbound/libunbound/unbound-event.h

It can be obtained when installing the source code of the distribution (or via git clone). Can you elaborate?

Thanks in advance.

(that's weird, the comments box appears at the top)

Yes.  If I remember right configuring with --libevent will add it to the install.

Make that --with-libevent

Nope, remind me to check the documentation:

  --enable-event-api      Enable (experimental) pluggable event base
                          libunbound API installed to unbound-event.h

Any progress? It is used when building libreswan's event-loop code.

Comment 6 Fernando Apesteguía 2022-10-27 10:51:46 UTC

(In reply to Andrew Cagney from comment #5)
Since that is marked as experimental ("Enable (experimental) pluggable event base libunbound API installed to unbound-event.h") I can see why it is not included by default.

I'm afraid that if you want ubound-event.h in 13.1 you will need to checkout the sources for the release and configure with --enable-event-api.

Interesting.  NetBSD, OpenBSD, and the Linux distros all bundle this.

Comment 8 Fernando Apesteguía 2022-10-27 12:49:43 UTC

(In reply to Andrew Cagney from comment #7)
I really don't know what version they use. At least in 1.17.0 (the one in current) it seems to be still experimental.

That's the version that is installed.

Comment 10 Fernando Apesteguía 2022-11-06 18:50:28 UTC

(In reply to Andrew Cagney from comment #9)
I doubt we will bundle that file being marked as unstable. Would the provided workaround be useful for you?

> I'm afraid that if you want ubound-event.h in 13.1 you will need to checkout the sources for the release and configure with --enable-event-api.

So libreswan should build and link against a private version of unbound?  I'm guessing but wouldn't bundling a private copy of a security sensitive library such as unbound be a big no-no when it comes to "ports" (FreeBSD's packaging guidelines).

Comment 12 Fernando Apesteguía 2022-11-07 07:51:06 UTC

(In reply to Andrew Cagney from comment #11)
Including maintainer in the discussion.

I don't see security/libreswan failing in the cluster and the port depends on dns/unbound. Does it fail for you?

Libreswan currently manages to build on FreeBSD because it is dragging around an old copy of unbound-event.h.  Little different to unpacking the sources.

Comment 14 Fernando Apesteguía 2022-11-07 16:38:03 UTC

(In reply to Andrew Cagney from comment #13)
Again maintainer might have better information :-)
Here are my thoughts:

In the install instructions[1] for Fedora and NetBSD they install unbound. That is from the packages repositories. So it would be equivalent to use unbound from ports in FreeBSD right? Unless something is incompatible.

If libreswan has its own copy of unbound-event.h, I wonder if they really _want_ to use that instead of whatever is installed in the host machine.

https://libreswan.org/wiki/Building_and_installing_from_source

(In reply to Fernando Apesteguía from comment #14)

https://lists.libreswan.org/pipermail/swan-dev/2022-January/004481.html
https://github.com/libreswan/libreswan/issues/826

Comment 16 Yuri Victorovich 2022-11-07 18:20:23 UTC

Created attachment 237922 [details]
patch

Does the attached patch look reasonable?

I'm not clear on how this can help anyone building libreswan outside of FreeBSD's packaging system.

BTW, this should no longer be needed:
	${RLN} netbsd.mk freebsd.mk

Comment 18 Yuri Victorovich 2022-11-07 19:14:35 UTC

(In reply to Andrew Cagney from comment #17)

Port patches are only for in-tree builds.

If you need the upstream package changed - you should contact the project maintainer.

What exactly needs to change upstream?  I don't see anything wrong with either libreswan or unbound here.

Comment 20 commit-hook 2022-11-08 01:44:41 UTC

A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=22784d03f650254ab0516030594719946b475db1

commit 22784d03f650254ab0516030594719946b475db1
Author:     Yuri Victorovich <yuri@FreeBSD.org>
AuthorDate: 2022-11-08 01:37:04 +0000
Commit:     Yuri Victorovich <yuri@FreeBSD.org>
CommitDate: 2022-11-08 01:44:19 +0000

    security/libreswan: Unbundle unbound-event.h

    Use the header from dns/unbound.

    PR:             263838
    Reported by:    Andrew Cagney <andrew.cagney@gmail.com>

 security/libreswan/Makefile | 7 +++++++
 1 file changed, 7 insertions(+)

Comment 21 Yuri Victorovich 2022-11-08 01:44:53 UTC

Patch committed.

Thanks for reporting the issue!

Er, this bug isn't fixed.  unbound-event.h isn't being packaged.

Comment 23 Yuri Victorovich 2022-11-08 01:50:42 UTC

(In reply to Andrew Cagney from comment #22)

What do you mean by "not being packaged"?
This port doesn't install any headers.

The request is to build and package unbound with --enable-event-api.

Comment 25 Yuri Victorovich 2022-11-08 02:36:20 UTC

There is the port option EVAPI.
Is it the same thing?

Comment 26 Mark Linimon 2024-01-05 03:32:39 UTC

^Triage: canonicalize assignment.

Comment 27 Yuri Victorovich 2024-05-26 22:06:02 UTC

I can't reproduce the problem when both py39-duckdb and py39-pyarrow are installed, or when only py39-duckdb is installed.

Comment 28 Yuri Victorovich 2024-05-26 22:06:32 UTC

Sorry, wrong PR.

Comment 29 Mark Linimon 2025-02-24 17:59:40 UTC

Comment on attachment 237922 [details]
patch

^Triage: this patch does not belong to this PR.

Comment 30 Mark Linimon 2025-02-24 18:01:35 UTC

^Triage: notify current maintainer after removing irrelevant information.

(In reply to Mark Linimon from comment #30)
This option is relatively harmless it seems. I'll enable it starting te next release