pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/net/snort
Module Name: pkgsrc
Committed By: nils
Date: Thu Oct 1 19:45:02 UTC 2020
Modified Files:
pkgsrc/net/snort: Makefile distinfo options.mk
Added Files:
pkgsrc/net/snort/patches:
patch-src_dynamic-preprocessors_appid_service__plugins_service__rpc.c
Log Message:
Updated net/snort to version 2.9.16.1.
Upstream changelog from 2.9.15.1 to 2.9.16 :
* src/preprocessors/Stream6/snort_stream_tcp.c :
Addressed an issue when out-of-order FIN is received by dropping it.
* src/output-plugins/spo_unified2.c,
src/preprocessors/Stream6/snort_stream_tcp.c :
Fixed an issue in which xtradata is not added to the alert in unified file.
* src/reload.c,
src/snort.c :
Fixed potential race condition between reload and exit path (main thread).
* etc/file_magic.conf :
Updated the file magic to detect ALZ file types.
* src/sfutil/sf_ip.h :
Added support for gcc version 9.2.1.
* src/dynamic-preprocessors/appid/detector_plugins/detector_dns.c :
Fixed an issue in which APPID returns no match.
* src/dynamic-preprocessors/dcerpc2/sf_dce2.vcxproj,
src/dynamic-preprocessors/dnp3/sf_dnp3.vcxproj,
src/dynamic-preprocessors/dns/sf_dns.vcxproj,
src/dynamic-preprocessors/dynamic_preprocessors.vcxproj,
src/dynamic-preprocessors/ftptelnet/sf_ftptelnet.vcxproj,
src/dynamic-preprocessors/gtp/sf_gtp.vcxproj,
src/dynamic-preprocessors/imap/sf_imap.vcxproj,
src/dynamic-preprocessors/libs/sfdynamic_preproc_libs.vcxproj,
src/dynamic-preprocessors/modbus/sf_modbus.vcxproj,
src/dynamic-preprocessors/pop/sf_pop.vcxproj,
src/dynamic-preprocessors/reputation/sf_reputation.vcxproj,
src/dynamic-preprocessors/sdf/sf_sdf.vcxproj,
src/dynamic-preprocessors/sf_dynamic_initialize/sf_dynamic_initialize.vcxproj,
src/dynamic-preprocessors/sip/sf_sip.vcxproj,
src/dynamic-preprocessors/smtp/sf_smtp.vcxproj,
src/dynamic-preprocessors/ssh/sf_ssh.vcxproj,
src/dynamic-preprocessors/ssl/sf_ssl.vcxproj,
src/win32/WIN32-Prj/build_all.vcxproj,
src/win32/WIN32-Prj/sf_engine.vcxproj,
src/win32/WIN32-Prj/sf_engine_initialize.vcxproj,
src/win32/WIN32-Prj/snort.vcxproj,
src/win32/WIN32-Prj/snort_initialize.vcxproj,
src/win32/WIN32-Prj/snort_installer_x64.nsi,
src/win32/WIN32-Prj/snort_x64.dsw,
src/win64/WIN64-Libraries/Packet.lib,
src/win64/WIN64-Libraries/libdnet/dnet.lib,
src/win64/WIN64-Libraries/pcre.lib,
src/win64/WIN64-Libraries/wpcap.lib,
src/win64/WIN64-Libraries/zlib.lib,
tools/u2spewfoo/u2spewfoo.vcxproj :
Added 64-bit support for Windows 10 operating system.
* src/dynamic-preprocessors/pop/snort_pop.c :
Fixed an issue where POP preprocessor was not generating alert in some cases.
* src/dynamic-preprocessors/gtp/gtp_parser.c :
Fixed the alerting logic for GTP v2 with missing TEID.
* src/preprocessors/HttpInspect/utils/hi_paf.c :
Fixed file policy not working with character prefix in chunk size.
* configure.in,
src/reload.c,
src/side-channel/sidechannel.c,
src/snort.c,
src/target-based/sftarget_reader.c,
src/util.h :
Added support for glibc version 2.30.
* src/decode.h,
src/dynamic-plugins/sf_engine/sf_snort_packet.h,
src/preprocessors/HttpInspect/utils/hi_paf.c,
src/preprocessors/Stream6/snort_stream_tcp.c,
src/preprocessors/Stream6/stream_paf.c,
src/preprocessors/snort_httpinspect.c,
src/preprocessors/snort_httpinspect.h,
src/preprocessors/stream_api.h :
Added support for early inspection of HTTP payload before flushing in pre-ack mode.
* src/file-process/file_api.h,
src/file-process/file_service.c,
src/preprocessors/HttpInspect/include/hi_norm.h,
src/preprocessors/HttpInspect/include/hi_ui_config.h,
src/preprocessors/HttpInspect/server/hi_server_norm.c,
src/preprocessors/snort_httpinspect.c :
Normalize randomly encoded nulls interspersed in the HTTP server response to UTF-8.
Upstream changelog from 2.9.16 to 2.9.16.1 :
* src/dynamic-preprocessors/appid/appIdConfig.h,
src/dynamic-preprocessors/appid/appInfoTable.c,
src/dynamic-preprocessors/appid/flow.h,
src/dynamic-preprocessors/appid/fw_appid.c :
Added packet counters to make sure flows with one-way data don't pend forever.
* src/detection-plugins/sp_flowbits.c,
src/snort.c :
Fixed potential race condition between reload and exit path.
* src/detection-plugins/sp_session.c,
src/preprocessors/Stream6/stream_paf.h,
src/sfutil/util_jsnorm.c :
Added support for GCC version 10.1.1.
Pkgsrc changes :
* added patch for NetBSD to get the definition for endrpcent(), which fixes compilation
* snort now depends on bash since a bundled tool is a bash shell script
* some pkglint compliance changes in Makefile and options.mk
To generate a diff of this commit:
cvs rdiff -u -r1.65 -r1.66 pkgsrc/net/snort/Makefile
cvs rdiff -u -r1.51 -r1.52 pkgsrc/net/snort/distinfo
cvs rdiff -u -r1.9 -r1.10 pkgsrc/net/snort/options.mk
cvs rdiff -u -r0 -r1.1 \
pkgsrc/net/snort/patches/patch-src_dynamic-preprocessors_appid_service__plugins_service__rpc.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/net/snort/Makefile
diff -u pkgsrc/net/snort/Makefile:1.65 pkgsrc/net/snort/Makefile:1.66
--- pkgsrc/net/snort/Makefile:1.65 Fri May 22 10:56:31 2020
+++ pkgsrc/net/snort/Makefile Thu Oct 1 19:45:02 2020
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.65 2020/05/22 10:56:31 adam Exp $
+# $NetBSD: Makefile,v 1.66 2020/10/01 19:45:02 nils Exp $
#
-DISTNAME= snort-2.9.15.1
-PKGREVISION= 3
+DISTNAME= snort-2.9.16.1
CATEGORIES= net security
MASTER_SITES= https://www.snort.org/downloads/archive/snort/
@@ -21,7 +20,8 @@ CONFLICTS+= snort-prelude-[0-9]*
GNU_CONFIGURE= YES
USE_LIBTOOL= YES
-USE_TOOLS+= pkg-config
+USE_TOOLS+= pkg-config
+USE_TOOLS+= bash
PKG_SYSCONFSUBDIR= snort
RCD_SCRIPTS= snort
SNORT_USER?= snort
@@ -33,13 +33,13 @@ PKG_GROUPS_VARS+= SNORT_GROUP
PKG_USERS_VARS= SNORT_USER
FILES_SUBST+= SNORT_USER=${SNORT_USER} SNORT_GROUP=${SNORT_GROUP}
BUILD_DEFS+= VARBASE
-MAKE_JOBS_SAFE= NO
+MAKE_JOBS_SAFE= NO # could not compile it on a multi-core system
OWN_DIRS_PERMS= ${VARBASE}/log/snort ${SNORT_USER} ${SNORT_GROUP} 700
DOC_FILES= BUGS INSTALL NEWS PROBLEMS README TODO USAGE WISHLIST
OWN_DIRS= ${PKG_SYSCONFDIR} ${PKG_SYSCONFDIR}/rules
OWN_DIRS+= ${PKG_SYSCONFDIR}/so_rules ${PKG_SYSCONFDIR}/preproc_rules
OWN_DIRS+= ${PREFIX}/lib ${PREFIX}/lib/snort_dynamicrules
-INSTALLATION_DIRS+= ${EGDIR}/rules
+INSTALLATION_DIRS+= ${EGDIR}/rules
AUTO_MKDIRS= yes
CONF_FILES= ${EGDIR}/attribute_table.dtd \
@@ -65,6 +65,8 @@ CONF_FILES+= ${EGDIR}/rules/black_list.
CONF_FILES+= ${EGDIR}/rules/white_list.rules \
${PKG_SYSCONFDIR}/rules/white_list.rules
+REPLACE_BASH+= tools/appid_detector_builder.sh
+
SUBST_CLASSES+= paths
SUBST_STAGE.paths= pre-configure
SUBST_FILES.paths= etc/snort.conf
Index: pkgsrc/net/snort/distinfo
diff -u pkgsrc/net/snort/distinfo:1.51 pkgsrc/net/snort/distinfo:1.52
--- pkgsrc/net/snort/distinfo:1.51 Tue Feb 18 23:00:26 2020
+++ pkgsrc/net/snort/distinfo Thu Oct 1 19:45:02 2020
@@ -1,7 +1,8 @@
-$NetBSD: distinfo,v 1.51 2020/02/18 23:00:26 sevan Exp $
+$NetBSD: distinfo,v 1.52 2020/10/01 19:45:02 nils Exp $
-SHA1 (snort-2.9.15.1.tar.gz) = dc8c89125c27153ffd69f27fbd60b95b9d1cbfe0
-RMD160 (snort-2.9.15.1.tar.gz) = 10ed066819c6021367245f59598509aeaeaef197
-SHA512 (snort-2.9.15.1.tar.gz) = 9940f5bcdcf04823f9cb5c3f8efda72f98f6a47bce9f40399dec9ec41d23a386c7f7e44861d82368de31546123b920f9fc617197bbf9c5e750724bf8b9e19590
-Size (snort-2.9.15.1.tar.gz) = 6618999 bytes
+SHA1 (snort-2.9.16.1.tar.gz) = cbee25cd793f40eddb72ff7b2cf4d2025a7df43d
+RMD160 (snort-2.9.16.1.tar.gz) = 0716e9647d86d56d82761b0ffc6e491dcd4985a0
+SHA512 (snort-2.9.16.1.tar.gz) = 9462bd38a032c96298a6b6abea8502dadbab53f6f5163b90abb9ae247262c0e76afdeef31748a6bbd216a7c9d65d14e18b7096865135d88087ea27cc32596155
+Size (snort-2.9.16.1.tar.gz) = 6947960 bytes
+SHA1 (patch-src_dynamic-preprocessors_appid_service__plugins_service__rpc.c) = 73ba0e37d37cc919957d4bb5b660a581bc6af9a2
SHA1 (patch-src_target-based_sftarget__reader.c) = 60f053d990af6329e48a1a26c89d9c4a59a0ffce
Index: pkgsrc/net/snort/options.mk
diff -u pkgsrc/net/snort/options.mk:1.9 pkgsrc/net/snort/options.mk:1.10
--- pkgsrc/net/snort/options.mk:1.9 Tue Feb 18 23:00:26 2020
+++ pkgsrc/net/snort/options.mk Thu Oct 1 19:45:02 2020
@@ -1,4 +1,4 @@
-# $NetBSD: options.mk,v 1.9 2020/02/18 23:00:26 sevan Exp $
+# $NetBSD: options.mk,v 1.10 2020/10/01 19:45:02 nils Exp $
PKG_OPTIONS_VAR= PKG_OPTIONS.snort
@@ -95,7 +95,6 @@ SUBST_MESSAGE.conf= Fixing configuration
###
.if !empty(PKG_OPTIONS:Msnort-flexresp2)
.include "../../devel/libnet11/buildlink3.mk"
-.include "../../net/libdnet/buildlink3.mk"
CONFIGURE_ARGS+= --with-libnet-includes=${BUILDLINK_PREFIX.libnet11}/include/libnet11
CONFIGURE_ARGS+= --with-libnet-libraries=${BUILDLINK_PREFIX.libnet11}/lib/libnet11
CONFIGURE_ARGS+= --enable-flexresp2
Added files:
Index: pkgsrc/net/snort/patches/patch-src_dynamic-preprocessors_appid_service__plugins_service__rpc.c
diff -u /dev/null pkgsrc/net/snort/patches/patch-src_dynamic-preprocessors_appid_service__plugins_service__rpc.c:1.1
--- /dev/null Thu Oct 1 19:45:02 2020
+++ pkgsrc/net/snort/patches/patch-src_dynamic-preprocessors_appid_service__plugins_service__rpc.c Thu Oct 1 19:45:02 2020
@@ -0,0 +1,17 @@
+$NetBSD: patch-src_dynamic-preprocessors_appid_service__plugins_service__rpc.c,v 1.1 2020/10/01 19:45:02 nils Exp $
+
+endrpcent() is defined in /usr/include/rpc/rpcent.h in NetBSD.
+
+--- src/dynamic-preprocessors/appid/service_plugins/service_rpc.c.orig 2020-07-10 11:28:23.000000000 +0000
++++ src/dynamic-preprocessors/appid/service_plugins/service_rpc.c
+@@ -36,6 +36,10 @@
+ #include "rpc/rpc.h"
+ #endif
+
++#if defined(__NetBSD__)
++#include "rpc/rpcent.h"
++#endif
++
+ /*#define RNA_DEBUG_RPC 1 */
+
+ typedef enum
Home |
Main Index |
Thread Index |
Old Index