On Wed, 23 Aug 2017, Antony Antony wrote:
Why is commit e0a15de removing DEFAULT_DNSSEC_ROOTKEY_FILE from USERLAND_CFLAGS. The compile time option is necessary for Debian, pluto need the defined value.USERLAND_CFLAGS+=-DDEFAULT_DNSSEC_ROOTKEY_FILE=\"${DEFAULT_DNSSEC_ROOTKEY_FILE}\"
It is now set using DEFAULT_DNSSEC_ROOTKEY_FILE which has a builtin default? So you can still set it to build on debian, but you don't have to tweak USERLAND_CFLAGS for it.
After the commit e0a15de DEFAULT_DNSSEC_ROOTKEY_FILE seems to be unused. It breaks on Debian default settings.
That should not happen. I'll look into that today.
The rest of changes to USE_DNSSEC looks a bit confusing too. Is it a git accident?
no? :)
If USE_DNSSEC is false printing <unused> looks confusing to me. Ideally I would put an ifdef around it and do not show.
My preference is for unused, so that we can tell the difference between output from old versions that do not support this at all, and versions that support setting it to a value or not.
This is fine tuning, but fixing USERLAND_CFLAGS is essential.
I think possibly it is not broken, but the method of setting it changed and I didn't update that in the debian/ files. Paul _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
