svn commit: r400233 - head/security/strongswan

Renato Botelho garga at FreeBSD.org
Tue Oct 27 13:27:19 UTC 2015 

Author: garga
Date: Tue Oct 27 13:27:17 2015
New Revision: 400233
URL: https://svnweb.freebsd.org/changeset/ports/400233

Log:
  strongSwan can be beuit using 3 different printf hooks: builtin, glibc
  (compatible with FreeBSD's libc) and vstr (devel/vstr). Since it's not
  selected any of them on CONFIGURE_ARGS, it uses auto, and end up using
  glibc.
  
  pfSense users reported memory leaks on strongSwan [2] [3] and a it was
  reported to upstream [1].
  
  Add a single option and let user choose which printf hook to use, and
  change default to use builtin. Bump PORTREVISION due to default change
  
  [1] https://wiki.strongswan.org/issues/1106
  [2] https://forum.pfsense.org/index.php?topic=96767.0
  [3] https://redmine.pfsense.org/issues/5149
  
  PR:		204051
  Approved by:	maintainer
  Obtained from:	pfSense
  MFH:		2015Q4
  Sponsored by:	Rubicon Communications (Netgate)

Modified:
  head/security/strongswan/Makefile

Modified: head/security/strongswan/Makefile
==============================================================================
--- head/security/strongswan/Makefile	Tue Oct 27 13:17:55 2015	(r400232)
+++ head/security/strongswan/Makefile	Tue Oct 27 13:27:17 2015	(r400233)
@@ -3,6 +3,7 @@
 
 PORTNAME=	strongswan
 PORTVERSION=	5.3.3
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES=	http://download.strongswan.org/ \
 		http://download2.strongswan.org/
@@ -42,7 +43,9 @@ CONFIGURE_ARGS=	--enable-kernel-pfkey \
 OPTIONS_DEFINE=	CURL EAPAKA3GPP2 EAPDYNAMIC EAPRADIUS EAPSIMFILE GCM IKEv1 \
 		IPSECKEY KERNELLIBIPSEC LOADTESTER LDAP MYSQL PKI SCEP SMP \
 		SQLITE TESTVECTOR UNBOUND UNITY XAUTH
-OPTIONS_DEFAULT=	IKEv1
+OPTIONS_DEFAULT=	IKEv1 BUILTIN
+OPTIONS_SINGLE=	PRINTF_HOOKS
+OPTIONS_SINGLE_PRINTF_HOOKS=	BUILTIN VSTR LIBC
 OPTIONS_SUB=	yes
 CURL_DESC=	Enable CURL to fetch CRL/OCSP
 EAPAKA3GPP2_DESC=	Enable EAP AKA with 3gpp2 backend
@@ -61,6 +64,9 @@ SMP_DESC=	Enable XML-based management pr
 UNBOUND_DESC=	Enable DNSSEC-enabled resolver
 UNITY_DESC=	Enable Cisco Unity extension plugin
 XAUTH_DESC=	Enable XAuth password verification
+BUILTIN_DESC=	Use builtin printf hooks
+LIBC_DESC=	Use libc printf hooks
+VSTR_DESC=	Use devel/vstr printf hooks
 
 # Extra options
 CURL_CONFIGURE_ON=	--enable-curl
@@ -90,6 +96,10 @@ UNBOUND_CONFIGURE_ON=	--enable-unbound
 UNBOUND_LIB_DEPENDS=	libunbound.so:${PORTSDIR}/dns/unbound
 UNITY_CONFIGURE_ON=	--enable-unity
 XAUTH_CONFIGURE_ON=	--enable-xauth-eap --enable-xauth-generic
+BUILTIN_CONFIGURE_ON=	--with-printf-hooks=builtin
+LIBC_CONFIGURE_ON=	--with-printf-hooks=glibc
+VSTR_CONFIGURE_ON=	--with-printf-hooks=vstr
+VSTR_LIB_DEPENDS=	libvstr.so:devel/vstr
 
 .include <bsd.port.options.mk>

More information about the svn-ports-head mailing list