Bug 239458

Summary: security/strongswan: Add support of the VIA Padlock plugin via port config option
Product: Ports & Packages Reporter: Evgeny <evgenyx7c8>
Component: Individual Port(s)Assignee: freebsd-ports-bugs (Nobody) <ports-bugs>
Status: Closed FIXED    
Severity: Affects Some People CC: evgenyx7c8, meta, strongswan, ultima
Priority: --- Flags: evgenyx7c8: maintainer-feedback+
Version: Latest   
Hardware: i386   
OS: Any   
Attachments:
Description Flags
Patch whole port
none
Updated patch for VIA Padlock plugin
strongswan: maintainer-approval+
Updated patch for VIA Padlock plugin to fix pkg-plist strongswan: maintainer-approval+

Description Evgeny 2019-07-26 06:52:06 UTC 
Created attachment 206078 [details]
Patch whole port

Atm there is no such option to build strongswan padlock plugin, this patch aims to make it possible. Checked padlock plugin with VIA C7. I'm using this plugin about 4 months with VIA C7 embedded processor at the production crypto-gateway based on NanoBSD and it works flawlessly.
Comment 1 Francois ten Krooden 2019-07-26 09:22:07 UTC 
(In reply to mojolicious from comment #0)

I had a quick look.
The patch fails to apply, but I am building it on a 64-bit machine.
I receive this error
"error: instruction requires: Not 64-bit mode"

If this works only on 32-bit, then I just want to add a comment that it is only for 32-bit mode.

Or if it should work, I might just have to do an updated on the server which I was building on.
Comment 2 Evgeny 2019-07-26 10:28:37 UTC 
(In reply to strongswan from comment #1)
It's for i386 arch only.
Comment 3 Francois ten Krooden 2019-07-26 11:38:34 UTC 
Created attachment 206081 [details]
Updated patch for VIA Padlock plugin

I updated the patch to change the port option for the define to OPTIONS_DEFINE_i386.
This adds the port option only when the architecture is 32-bit, and on 64-bit it is not shown.
Comment 4 Francois ten Krooden 2019-07-26 11:39:01 UTC 
Comment on attachment 206078 [details]
Patch whole port

Replaced by the new patch
Comment 5 Francois ten Krooden 2019-07-26 11:39:15 UTC 
The patch can be applied to the port.
Comment 6 Richard Gallamore freebsd_committer freebsd_triage 2019-07-27 05:17:41 UTC 
Due to not being defined when building other archs, the via option is not commented in pkg-plist. Full build log here: https://poudriere.ultimasbox.com/data/112amd64-test/2019-07-26_21h33m05s/logs/errors/strongswan-5.8.0.log

==> Checking for items in pkg-plist which are not in STAGEDIR
Error: Missing: %%VIA%%@sample %%ETCDIR%%.d/charon/padlock.conf.sample
Error: Missing: %%VIA%%lib/ipsec/plugins/libstrongswan-padlock.la
Error: Missing: %%VIA%%lib/ipsec/plugins/libstrongswan-padlock.so
Error: Missing: %%VIA%%%%DATADIR%%/templates/config/plugins/padlock.conf
===> Error: Plist issues found.
*** Error code 1
Comment 7 Francois ten Krooden 2019-07-29 09:53:09 UTC 
Created attachment 206138 [details]
Updated patch for VIA Padlock plugin to fix pkg-plist

Updated the patch to fix the pkg-plist on other architectures.
Comment 8 Koichiro Iwao freebsd_committer freebsd_triage 2019-08-21 01:54:22 UTC 
LGTM
Comment 9 commit-hook freebsd_committer freebsd_triage 2019-08-21 02:00:37 UTC 
A commit references this bug:

Author: meta
Date: Wed Aug 21 01:59:58 UTC 2019
New revision: 509483
URL: https://svnweb.freebsd.org/changeset/ports/509483

Log:
  security/strongswan: Add support for the VIA Padlock plugin

  PR:		239458
  Submitted by:	Evgeny <mojolicious@yandex.com> (initial revision)
  		strongswan@Nanoteq.com (maintainer, brushed-up revision)
  Approved by:	strongswan@Nanoteq.com (maintainer)

Changes:
  head/security/strongswan/Makefile
  head/security/strongswan/pkg-plist
Comment 10 Koichiro Iwao freebsd_committer freebsd_triage 2019-08-21 02:01:25 UTC 
Committed, thanks!