Date: Sat, 16 Dec 2023 21:37:00 GMT From: Jose Alonso Cardenas Marquez <acm@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: abaf8dc39cc3 - main - security/wazuh: Update to 4.7.0 Message-ID: <202312162137.3BGLb0pn099114@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by acm: URL: https://cgit.FreeBSD.org/ports/commit/?id=abaf8dc39cc35be6d2e861a4245c6367c1aa1234 commit abaf8dc39cc35be6d2e861a4245c6367c1aa1234 Author: Jose Alonso Cardenas Marquez <acm@FreeBSD.org> AuthorDate: 2023-12-16 21:30:51 +0000 Commit: Jose Alonso Cardenas Marquez <acm@FreeBSD.org> CommitDate: 2023-12-16 21:36:43 +0000 security/wazuh: Update to 4.7.0 - Fix ssl=openssl build [1] - Fix permissions of backup/db directory. Now backup are generated without problems - Add support for get ports info - Add support for get processes info - Add a better way for get memory info - Add new decoders and rules files (https://github.com/alonsobsd/wazuh-freebsd) - Update FreeBSD sca files (https://github.com/alonsobsd/wazuh-freebsd) - Minor changes to SysInfo::getPackages function - Another minor modifications PR: 275008 Reported by: franco _at_ opnsense.org [1] --- security/wazuh-agent/Makefile | 2 +- security/wazuh-agent/distinfo | 78 +-- security/wazuh-agent/files/patch-src-Makefile | 35 +- .../patch-src-data_provider-src_sysInfoFreeBSD.cpp | 259 ++++++++ .../patch-src-shared_modules-utils_stringHelper.h | 40 ++ .../patch-src-shared_modules-utils_timeHelper.h | 24 + security/wazuh-dashboard/Makefile | 4 +- security/wazuh-dashboard/distinfo | 10 +- security/wazuh-dashboard/pkg-plist | 35 +- security/wazuh-indexer/Makefile | 13 +- security/wazuh-indexer/distinfo | 6 +- security/wazuh-manager/Makefile | 11 +- security/wazuh-manager/distinfo | 118 ++-- .../patch-src-data_provider-src_sysInfoFreeBSD.cpp | 259 ++++++++ .../patch-src-shared_modules-utils_stringHelper.h | 40 ++ .../patch-src-shared_modules-utils_timeHelper.h | 24 + security/wazuh-manager/files/patch-src_Makefile | 34 +- security/wazuh-manager/files/pkg-message.in | 9 +- security/wazuh-manager/pkg-plist | 710 +++++++++++---------- security/wazuh-server/Makefile | 8 +- security/wazuh-server/distinfo | 18 +- security/wazuh-server/pkg-plist | 3 + 22 files changed, 1213 insertions(+), 527 deletions(-) diff --git a/security/wazuh-agent/Makefile b/security/wazuh-agent/Makefile index 801aa1752376..f1e32cdd6e5b 100644 --- a/security/wazuh-agent/Makefile +++ b/security/wazuh-agent/Makefile @@ -1,5 +1,5 @@ PORTNAME= wazuh -DISTVERSION= 4.6.0 +DISTVERSION= 4.7.0 DISTVERSIONPREFIX= v CATEGORIES= security MASTER_SITES= https://packages.wazuh.com/deps/22/libraries/sources/:wazuh_sources diff --git a/security/wazuh-agent/distinfo b/security/wazuh-agent/distinfo index f6fb0922e3a1..12b8a606a757 100644 --- a/security/wazuh-agent/distinfo +++ b/security/wazuh-agent/distinfo @@ -1,39 +1,39 @@ -TIMESTAMP = 1698908769 -SHA256 (wazuh-4.6.0/cJSON.tar.gz) = 678d796318da57d5f38075e74bbb3b77375dc3f8bb49da341ad1b43c417e8cc1 -SIZE (wazuh-4.6.0/cJSON.tar.gz) = 27863 -SHA256 (wazuh-4.6.0/curl.tar.gz) = 50bb159324b1ec38ca76b338ba3709f0c0da8678680a12a9d305f1d8f726b25d -SIZE (wazuh-4.6.0/curl.tar.gz) = 4105359 -SHA256 (wazuh-4.6.0/libdb.tar.gz) = 7e9c44e8c7fdb186ff521a8d085b1bfa634d342dcc777ecea1fbf9a98ab5dc5e -SIZE (wazuh-4.6.0/libdb.tar.gz) = 3874990 -SHA256 (wazuh-4.6.0/libffi.tar.gz) = 0e971f64bacc22094e89f034bba075b40ecc2c2c2900eecd7ae85815fd6c9f69 -SIZE (wazuh-4.6.0/libffi.tar.gz) = 964576 -SHA256 (wazuh-4.6.0/libyaml.tar.gz) = 35daad608b372d5ce099f738c0f21bfcc03d6920d92f448386c584e664f1376a -SIZE (wazuh-4.6.0/libyaml.tar.gz) = 424656 -SHA256 (wazuh-4.6.0/openssl.tar.gz) = 9289ccf6b82762569a183ad71a745872eff51f1089c77d58b0c4ef0f761e0288 -SIZE (wazuh-4.6.0/openssl.tar.gz) = 13235833 -SHA256 (wazuh-4.6.0/procps.tar.gz) = 221f395e29d1bdbe4bacc9db39602eee0bae685a935437be0d7feb42e3192d07 -SIZE (wazuh-4.6.0/procps.tar.gz) = 55897 -SHA256 (wazuh-4.6.0/sqlite.tar.gz) = e68521637d9e4e60115707cd7f35275a92ce6d0fc1ff04e22d7bbf0c393f8ff1 -SIZE (wazuh-4.6.0/sqlite.tar.gz) = 2296429 -SHA256 (wazuh-4.6.0/zlib.tar.gz) = da229c2ac01c572d6b00085fbbbb141382c818ed29299093153525f84b027b0d -SIZE (wazuh-4.6.0/zlib.tar.gz) = 638616 -SHA256 (wazuh-4.6.0/audit-userspace.tar.gz) = e82a32e5edf93b055160e14bc97f41dead39287925851dc80a7638e2d4d30434 -SIZE (wazuh-4.6.0/audit-userspace.tar.gz) = 1682820 -SHA256 (wazuh-4.6.0/msgpack.tar.gz) = 06d63bcf32896cd0af5480c401134b1ad1c166fd84ebe5b486e792101ee854e2 -SIZE (wazuh-4.6.0/msgpack.tar.gz) = 591294 -SHA256 (wazuh-4.6.0/bzip2.tar.gz) = 27688ee0316a64b39e511b2c224070cad97c394a5f711f9d055fc1809d895bcd -SIZE (wazuh-4.6.0/bzip2.tar.gz) = 71277 -SHA256 (wazuh-4.6.0/nlohmann.tar.gz) = cefb07936d3d5bfdd3efc5e9bb8d3c807d681273bdac2e83b3d67aef2d1158c4 -SIZE (wazuh-4.6.0/nlohmann.tar.gz) = 135749 -SHA256 (wazuh-4.6.0/googletest.tar.gz) = 8c1e8a0a7f221c2125e99e6acb709da2ba472476b4d057c58de504bebf38d417 -SIZE (wazuh-4.6.0/googletest.tar.gz) = 885874 -SHA256 (wazuh-4.6.0/libpcre2.tar.gz) = d0bafc3579fa0af0a39951586edfa349e1f4be83d28bed86abe0a3fc4b34fcfa -SIZE (wazuh-4.6.0/libpcre2.tar.gz) = 1252173 -SHA256 (wazuh-4.6.0/libplist.tar.gz) = 88278d4bdfc1bd6a3a1a55a4f3d933683d2732ba09cf7a749fe8ec8eec406e3c -SIZE (wazuh-4.6.0/libplist.tar.gz) = 1520623 -SHA256 (wazuh-4.6.0/libarchive.tar.gz) = f863f382ead9f61abc560ff0ead0be3aa9e95b6f8c62756e1f034f4c2386ba79 -SIZE (wazuh-4.6.0/libarchive.tar.gz) = 7040169 -SHA256 (wazuh-4.6.0/popt.tar.gz) = d6880a06622ca32dc4aa39ad5dcf7bef2faa81bd931afbe64ba434ad8fee1daa -SIZE (wazuh-4.6.0/popt.tar.gz) = 891309 -SHA256 (wazuh-4.6.0/wazuh-wazuh-v4.6.0_GH0.tar.gz) = ae5b7a5fa50a342c24aaa8f96dfc4a70493ae9064439b8e2aa98b7aecce73175 -SIZE (wazuh-4.6.0/wazuh-wazuh-v4.6.0_GH0.tar.gz) = 11773199 +TIMESTAMP = 1701901061 +SHA256 (wazuh-4.7.0/cJSON.tar.gz) = 678d796318da57d5f38075e74bbb3b77375dc3f8bb49da341ad1b43c417e8cc1 +SIZE (wazuh-4.7.0/cJSON.tar.gz) = 27863 +SHA256 (wazuh-4.7.0/curl.tar.gz) = 50bb159324b1ec38ca76b338ba3709f0c0da8678680a12a9d305f1d8f726b25d +SIZE (wazuh-4.7.0/curl.tar.gz) = 4105359 +SHA256 (wazuh-4.7.0/libdb.tar.gz) = 7e9c44e8c7fdb186ff521a8d085b1bfa634d342dcc777ecea1fbf9a98ab5dc5e +SIZE (wazuh-4.7.0/libdb.tar.gz) = 3874990 +SHA256 (wazuh-4.7.0/libffi.tar.gz) = 0e971f64bacc22094e89f034bba075b40ecc2c2c2900eecd7ae85815fd6c9f69 +SIZE (wazuh-4.7.0/libffi.tar.gz) = 964576 +SHA256 (wazuh-4.7.0/libyaml.tar.gz) = 35daad608b372d5ce099f738c0f21bfcc03d6920d92f448386c584e664f1376a +SIZE (wazuh-4.7.0/libyaml.tar.gz) = 424656 +SHA256 (wazuh-4.7.0/openssl.tar.gz) = 9289ccf6b82762569a183ad71a745872eff51f1089c77d58b0c4ef0f761e0288 +SIZE (wazuh-4.7.0/openssl.tar.gz) = 13235833 +SHA256 (wazuh-4.7.0/procps.tar.gz) = 221f395e29d1bdbe4bacc9db39602eee0bae685a935437be0d7feb42e3192d07 +SIZE (wazuh-4.7.0/procps.tar.gz) = 55897 +SHA256 (wazuh-4.7.0/sqlite.tar.gz) = e68521637d9e4e60115707cd7f35275a92ce6d0fc1ff04e22d7bbf0c393f8ff1 +SIZE (wazuh-4.7.0/sqlite.tar.gz) = 2296429 +SHA256 (wazuh-4.7.0/zlib.tar.gz) = da229c2ac01c572d6b00085fbbbb141382c818ed29299093153525f84b027b0d +SIZE (wazuh-4.7.0/zlib.tar.gz) = 638616 +SHA256 (wazuh-4.7.0/audit-userspace.tar.gz) = e82a32e5edf93b055160e14bc97f41dead39287925851dc80a7638e2d4d30434 +SIZE (wazuh-4.7.0/audit-userspace.tar.gz) = 1682820 +SHA256 (wazuh-4.7.0/msgpack.tar.gz) = 06d63bcf32896cd0af5480c401134b1ad1c166fd84ebe5b486e792101ee854e2 +SIZE (wazuh-4.7.0/msgpack.tar.gz) = 591294 +SHA256 (wazuh-4.7.0/bzip2.tar.gz) = 27688ee0316a64b39e511b2c224070cad97c394a5f711f9d055fc1809d895bcd +SIZE (wazuh-4.7.0/bzip2.tar.gz) = 71277 +SHA256 (wazuh-4.7.0/nlohmann.tar.gz) = cefb07936d3d5bfdd3efc5e9bb8d3c807d681273bdac2e83b3d67aef2d1158c4 +SIZE (wazuh-4.7.0/nlohmann.tar.gz) = 135749 +SHA256 (wazuh-4.7.0/googletest.tar.gz) = 8c1e8a0a7f221c2125e99e6acb709da2ba472476b4d057c58de504bebf38d417 +SIZE (wazuh-4.7.0/googletest.tar.gz) = 885874 +SHA256 (wazuh-4.7.0/libpcre2.tar.gz) = d0bafc3579fa0af0a39951586edfa349e1f4be83d28bed86abe0a3fc4b34fcfa +SIZE (wazuh-4.7.0/libpcre2.tar.gz) = 1252173 +SHA256 (wazuh-4.7.0/libplist.tar.gz) = 88278d4bdfc1bd6a3a1a55a4f3d933683d2732ba09cf7a749fe8ec8eec406e3c +SIZE (wazuh-4.7.0/libplist.tar.gz) = 1520623 +SHA256 (wazuh-4.7.0/libarchive.tar.gz) = f863f382ead9f61abc560ff0ead0be3aa9e95b6f8c62756e1f034f4c2386ba79 +SIZE (wazuh-4.7.0/libarchive.tar.gz) = 7040169 +SHA256 (wazuh-4.7.0/popt.tar.gz) = d6880a06622ca32dc4aa39ad5dcf7bef2faa81bd931afbe64ba434ad8fee1daa +SIZE (wazuh-4.7.0/popt.tar.gz) = 891309 +SHA256 (wazuh-4.7.0/wazuh-wazuh-v4.7.0_GH0.tar.gz) = 1c505f66fc28a702f58867e63117ab470eb2ba4dafc84c2fc30a27a2b29cb980 +SIZE (wazuh-4.7.0/wazuh-wazuh-v4.7.0_GH0.tar.gz) = 13722456 diff --git a/security/wazuh-agent/files/patch-src-Makefile b/security/wazuh-agent/files/patch-src-Makefile index 2c03f3fddbc1..09c4c6fd6fb4 100644 --- a/security/wazuh-agent/files/patch-src-Makefile +++ b/security/wazuh-agent/files/patch-src-Makefile @@ -1,5 +1,5 @@ ---- src/Makefile 2023-10-30 12:58:46.000000000 -0500 -+++ src/Makefile 2023-11-02 13:03:04.740615000 -0500 +--- src/Makefile 2023-11-23 07:17:53.000000000 -0500 ++++ src/Makefile 2023-12-06 17:52:09.798369000 -0500 @@ -49,9 +49,11 @@ HAS_CHECKMODULE = $(shell command -v checkmodule > /dev/null && echo YES) @@ -21,7 +21,16 @@ USE_BIG_ENDIAN=no USE_AUDIT=no MINGW_HOST=unknown -@@ -253,10 +255,10 @@ +@@ -163,6 +165,8 @@ + DEFINES+=-DUSER=\"${WAZUH_USER}\" + DEFINES+=-DGROUPGLOBAL=\"${WAZUH_GROUP}\" + ++OSSEC_CFLAGS+=-I./ -I./headers/ -I${EXTERNAL_OPENSSL}include -I$(EXTERNAL_JSON) -I${EXTERNAL_LIBYAML}include -I${EXTERNAL_CURL}include -I${EXTERNAL_MSGPACK}include -I${EXTERNAL_BZIP2} -I${SHARED_MODULES}common -I${DBSYNC}include -I${RSYNC}include -I${SYSCOLLECTOR}include -I${SYSINFO}include -I${EXTERNAL_LIBPCRE2}include -I${EXTERNAL_RPM}/builddir/output/include -I${SYSCHECK}include ++ + ifneq (${TARGET},winagent) + DEFINES+=-D${uname_S} + ifeq (${uname_S},Linux) +@@ -253,10 +257,10 @@ ifeq (${uname_S},FreeBSD) DEFINES+=-DFreeBSD OSSEC_CFLAGS+=-pthread -I/usr/local/include @@ -34,7 +43,15 @@ AR_LDFLAGS+=-L/usr/local/lib AR_LDFLAGS+='-Wl,-rpath,$$ORIGIN/../../lib' PRECOMPILED_OS:=freebsd -@@ -487,8 +489,8 @@ +@@ -390,7 +394,6 @@ + + OSSEC_CFLAGS+=${DEFINES} + OSSEC_CFLAGS+=-pipe -Wall -Wextra -std=gnu99 +-OSSEC_CFLAGS+=-I./ -I./headers/ -I${EXTERNAL_OPENSSL}include -I$(EXTERNAL_JSON) -I${EXTERNAL_LIBYAML}include -I${EXTERNAL_CURL}include -I${EXTERNAL_MSGPACK}include -I${EXTERNAL_BZIP2} -I${SHARED_MODULES}common -I${DBSYNC}include -I${RSYNC}include -I${SYSCOLLECTOR}include -I${SYSINFO}include -I${EXTERNAL_LIBPCRE2}include -I${EXTERNAL_RPM}/builddir/output/include -I${SYSCHECK}include + + OSSEC_CFLAGS += ${CFLAGS} + OSSEC_LDFLAGS += ${LDFLAGS} +@@ -487,8 +490,8 @@ ifneq (,$(filter ${USE_INOTIFY},YES auto yes y Y 1)) DEFINES+=-DINOTIFY_ENABLED ifeq (${uname_S},FreeBSD) @@ -45,7 +62,7 @@ OSSEC_CFLAGS+=-I/usr/local/include endif endif -@@ -907,6 +909,8 @@ +@@ -907,6 +910,8 @@ EXTERNAL_LIBS += $(LIBCURL_LIB) else ifeq (${uname_S},Linux) EXTERNAL_LIBS += $(LIBCURL_LIB) @@ -54,7 +71,7 @@ else ifeq (${uname_S},Darwin) EXTERNAL_LIBS += $(LIBCURL_LIB) endif -@@ -1084,9 +1088,13 @@ +@@ -1084,9 +1089,13 @@ ifeq (${uname_S},Linux) cd $(EXTERNAL_CURL) && CPPFLAGS="-fPIC -I${ROUTE_PATH}/${EXTERNAL_OPENSSL}include" LDFLAGS="-L${ROUTE_PATH}/${EXTERNAL_OPENSSL}" LIBS="-ldl -lpthread" ./configure --with-ssl="${ROUTE_PATH}/${EXTERNAL_OPENSSL}" --disable-ldap --without-libidn2 --without-libpsl --without-brotli --without-nghttp2 else @@ -68,7 +85,7 @@ #### procps ######### -@@ -2106,7 +2114,7 @@ +@@ -2106,7 +2115,7 @@ #### FIM ###### wazuh-syscheckd: librootcheck.a libwazuh.a ${WAZUHEXT_LIB} build_shared_modules @@ -77,7 +94,7 @@ #### Monitor ####### -@@ -2305,10 +2313,33 @@ +@@ -2305,10 +2314,33 @@ mkdir -p ${WPYTHON_DIR} cp external/${WPYTHON_TAR} ${WPYTHON_DIR}/${WPYTHON_TAR} && ${TAR} ${WPYTHON_DIR}/${WPYTHON_TAR} -C ${WPYTHON_DIR} && rm -rf ${WPYTHON_DIR}/${WPYTHON_TAR} endif @@ -111,7 +128,7 @@ install_dependencies: install_python ifneq (,$(wildcard ${EXTERNAL_CPYTHON})) ${WPYTHON_DIR}/bin/python3 -m pip install --upgrade pip --index-url=file://${ROUTE_PATH}/${EXTERNAL_CPYTHON}/Dependencies/simple -@@ -2325,6 +2356,7 @@ +@@ -2325,6 +2357,7 @@ install_mitre: install_python cd ../tools/mitre && ${WPYTHON_DIR}/bin/python3 mitredb.py -d ${INSTALLDIR}/var/db/mitre.db diff --git a/security/wazuh-agent/files/patch-src-data_provider-src_sysInfoFreeBSD.cpp b/security/wazuh-agent/files/patch-src-data_provider-src_sysInfoFreeBSD.cpp new file mode 100644 index 000000000000..78b6d052cb88 --- /dev/null +++ b/security/wazuh-agent/files/patch-src-data_provider-src_sysInfoFreeBSD.cpp @@ -0,0 +1,259 @@ +--- src/data_provider/src/sysInfoFreeBSD.cpp 2023-11-23 07:17:53.000000000 -0500 ++++ src/data_provider/src/sysInfoFreeBSD.cpp 2023-12-12 19:22:35.579828000 -0500 +@@ -11,6 +11,7 @@ + #include "sysInfo.hpp" + #include "cmdHelper.h" + #include "stringHelper.h" ++#include "timeHelper.h" + #include "osinfo/sysOsParsers.h" + #include <sys/sysctl.h> + #include <sys/vmmeter.h> +@@ -19,12 +20,13 @@ + + static void getMemory(nlohmann::json& info) + { ++ constexpr auto vmFree{"vm.stats.vm.v_free_count"}; ++ constexpr auto vmInactive{"vm.stats.vm.v_inactive_count"}; + constexpr auto vmPageSize{"vm.stats.vm.v_page_size"}; +- constexpr auto vmTotal{"vm.vmtotal"}; ++ constexpr auto vmTotal{"hw.physmem"}; + uint64_t ram{0}; +- const std::vector<int> mib{CTL_HW, HW_PHYSMEM}; + size_t len{sizeof(ram)}; +- auto ret{sysctl(const_cast<int*>(mib.data()), mib.size(), &ram, &len, nullptr, 0)}; ++ auto ret{sysctlbyname(vmTotal, &ram, &len, nullptr, 0)}; + + if (ret) + { +@@ -52,11 +54,23 @@ + }; + } + +- struct vmtotal vmt {}; ++ uint64_t freeMem{0}; ++ len = sizeof(freeMem); ++ ret = sysctlbyname(vmFree, &freeMem, &len, nullptr, 0); + +- len = sizeof(vmt); ++ if (ret) ++ { ++ throw std::system_error ++ { ++ ret, ++ std::system_category(), ++ "Error reading free memory size." ++ }; ++ } + +- ret = sysctlbyname(vmTotal, &vmt, &len, nullptr, 0); ++ uint64_t inactiveMem{0}; ++ len = sizeof(inactiveMem); ++ ret = sysctlbyname(vmInactive, &inactiveMem, &len, nullptr, 0); + + if (ret) + { +@@ -64,11 +78,11 @@ + { + ret, + std::system_category(), +- "Error reading total memory." ++ "Error reading inactive memory size." + }; + } + +- const auto ramFree{(vmt.t_free * pageSize) / KByte}; ++ const auto ramFree{(freeMem + inactiveMem) * pageSize / KByte}; + info["ram_free"] = ramFree; + info["ram_usage"] = 100 - (100 * ramFree / ramTotal); + } +@@ -184,8 +198,12 @@ + + nlohmann::json SysInfo::getProcessesInfo() const + { +- // Currently not supported for this OS +- return nlohmann::json {}; ++ nlohmann::json ret; ++ getProcessesInfo([&ret](nlohmann::json & data) ++ { ++ ret.push_back(data); ++ }); ++ return ret; + } + + nlohmann::json SysInfo::getOsInfo() const +@@ -196,11 +214,12 @@ + + if (!spParser->parseUname(Utils::exec("uname -r"), ret)) + { +- ret["os_name"] = "BSD"; + ret["os_platform"] = "bsd"; + ret["os_version"] = UNKNOWN_VALUE; + } + ++ ret["os_name"] = "FreeBSD"; ++ + if (uname(&uts) >= 0) + { + ret["sysname"] = uts.sysname; +@@ -215,18 +234,129 @@ + + nlohmann::json SysInfo::getPorts() const + { +- // Currently not supported for this OS. +- return nlohmann::json {}; ++ const auto query{Utils::exec(R"(sockstat -46qs)")}; ++ nlohmann::json ports {}; ++ ++ if (!query.empty()) ++ { ++ const auto lines{Utils::split(Utils::trimToOneSpace(query), '\n')}; ++ ++ for (const auto& line : lines) ++ { ++ std::string localip = ""; ++ std::string localport = ""; ++ std::string remoteip = ""; ++ std::string remoteport = ""; ++ const auto data{Utils::split(line, ' ')}; ++ auto localdata{Utils::split(data[5], ':')}; ++ auto remotedata{Utils::split(data[6], ':')}; ++ auto statedata{Utils::toLowerCase(data[7])}; ++ ++ localip = localdata[0]; ++ localport = localdata[1]; ++ remoteip = remotedata[0]; ++ remoteport = remotedata[1]; ++ ++ if(statedata == "listen") { ++ statedata = "listening"; ++ } ++ ++ if(localdata.size() == 4) { ++ localip = localdata[0] + ":"+ localdata[1] + ":" + localdata[2]; ++ localport = localdata[3]; ++ } else if(localip == "*") { ++ if((data[4] == "tcp6") || (data[4] == "udp6")) { ++ localip = "0:0:0:0:0:0:0:0"; ++ } else { ++ localip = "0.0.0.0"; ++ } ++ } ++ ++ if(remotedata.size() == 4) { ++ remoteip = remotedata[0] + ":"+ remotedata[1] + ":" + remotedata[2]; ++ remoteport = remotedata[3]; ++ } else if(remoteport == "*") { ++ remoteip = ""; ++ remoteport = ""; ++ } ++ ++ if(data[0] != "?") { ++ nlohmann::json port {}; ++ port["protocol"] = data[4]; ++ port["local_ip"] = localip; ++ port["local_port"] = localport; ++ port["remote_ip"] = remoteip; ++ port["remote_port"] = remoteport; ++ port["tx_queue"] = 0; ++ port["rx_queue"] = 0; ++ port["inode"] = data[3]; ++ port["state"] = statedata; ++ port["pid"] = data[2]; ++ port["process"] = data[1]; ++ ++ ports.push_back(port); ++ } ++ } ++ } ++ ++ return ports; + } + +-void SysInfo::getProcessesInfo(std::function<void(nlohmann::json&)> /*callback*/) const ++void SysInfo::getProcessesInfo(std::function<void(nlohmann::json&)> callback) const + { +- // Currently not supported for this OS. ++ const auto query{Utils::exec(R"(ps -ax -w -o pid,comm,state,ppid,usertime,systime,user,ruser,svuid,group,rgroup,svgid,pri,nice,ssiz,vsz,rss,pmem,etimes,sid,pgid,tpgid,tty,cpu,nlwp,args --libxo json)")}; ++ ++ if (!query.empty()) ++ { ++ nlohmann::json psjson; ++ psjson = nlohmann::json::parse(query); ++ auto &processes = psjson["process-information"]["process"]; ++ ++ for(auto &process : processes) { ++ std::string user_time{""}; ++ std::string system_time{""}; ++ ++ user_time = process["user-time"].get<std::string>(); ++ system_time = process["system-time"].get<std::string>(); ++ ++ nlohmann::json jsProcessInfo{}; ++ jsProcessInfo["pid"] = process["pid"].get<std::string>(); ++ jsProcessInfo["name"] = process["command"].get<std::string>(); ++ jsProcessInfo["state"] = process["state"].get<std::string>(); ++ jsProcessInfo["ppid"] = process["ppid"].get<std::string>(); ++ jsProcessInfo["utime"] = Utils::timeToSeconds(user_time); ++ jsProcessInfo["stime"] = Utils::timeToSeconds(system_time); ++ jsProcessInfo["cmd"] = process["command"].get<std::string>(); ++ jsProcessInfo["argvs"] = process["arguments"].get<std::string>(); ++ jsProcessInfo["euser"] = process["user"].get<std::string>(); ++ jsProcessInfo["ruser"] = process["real-user"].get<std::string>(); ++ jsProcessInfo["suser"] = process["saved-uid"].get<std::string>(); ++ jsProcessInfo["egroup"] = process["group"].get<std::string>(); ++ jsProcessInfo["rgroup"] = process["real-group"].get<std::string>(); ++ jsProcessInfo["sgroup"] = process["saved-gid"].get<std::string>(); ++ jsProcessInfo["fgroup"] = process["group"].get<std::string>(); ++ jsProcessInfo["priority"] = process["priority"].get<std::string>(); ++ jsProcessInfo["nice"] = process["nice"].get<std::string>(); ++ jsProcessInfo["size"] = process["stack-size"].get<std::string>(); ++ jsProcessInfo["vm_size"] = process["virtual-size"].get<std::string>(); ++ jsProcessInfo["resident"] = process["rss"].get<std::string>(); ++ //jsProcessInfo["share"] = process["percent-memory"].get<std::string>(); ++ jsProcessInfo["start_time"] = process["elapsed-times"].get<std::string>(); ++ jsProcessInfo["pgrp"] = process["process-group"].get<std::string>(); ++ jsProcessInfo["session"] = process["sid"].get<std::string>(); ++ jsProcessInfo["tgid"] = process["terminal-process-gid"].get<std::string>(); ++ //jsProcessInfo["tty"] = process["tty"].get<std::string>(); // this field should be TEXT into local.db ++ jsProcessInfo["processor"] = process["on-cpu"].get<std::string>(); ++ jsProcessInfo["nlwp"] = process["threads"].get<std::string>(); ++ ++ callback(jsProcessInfo); ++ } ++ } + } + + void SysInfo::getPackages(std::function<void(nlohmann::json&)> callback) const + { +- const auto query{Utils::exec(R"(pkg query -a "%n|%m|%v|%q|%c")")}; ++ const auto query{Utils::exec(R"(pkg query -a "%n|%m|%v|%q|%c|%sb|%t|%R|%o")")}; + + if (!query.empty()) + { +@@ -235,18 +365,22 @@ + for (const auto& line : lines) + { + const auto data{Utils::split(line, '|')}; ++ const auto archdata{Utils::split(data[3], ':')}; ++ const auto sectiondata{Utils::split(data[8], '/')}; ++ + nlohmann::json package; + package["name"] = data[0]; + package["vendor"] = data[1]; + package["version"] = data[2]; +- package["install_time"] = UNKNOWN_VALUE; ++ package["install_time"] = data[6]; + package["location"] = UNKNOWN_VALUE; +- package["architecture"] = data[3]; ++ package["architecture"] = archdata[2]; + package["groups"] = UNKNOWN_VALUE; + package["description"] = data[4]; +- package["size"] = 0; ++ package["size"] = data[5]; + package["priority"] = UNKNOWN_VALUE; +- package["source"] = UNKNOWN_VALUE; ++ package["source"] = data[7]; ++ package["section"] = sectiondata[0]; + package["format"] = "pkg"; + // The multiarch field won't have a default value + diff --git a/security/wazuh-agent/files/patch-src-shared_modules-utils_stringHelper.h b/security/wazuh-agent/files/patch-src-shared_modules-utils_stringHelper.h new file mode 100644 index 000000000000..1b9e9ba27e60 --- /dev/null +++ b/security/wazuh-agent/files/patch-src-shared_modules-utils_stringHelper.h @@ -0,0 +1,40 @@ +--- src/shared_modules/utils/stringHelper.h 2023-12-09 01:08:14.397366000 -0500 ++++ src/shared_modules/utils/stringHelper.h 2023-12-09 12:07:52.155984000 -0500 +@@ -210,6 +210,17 @@ + return leftTrim(rightTrim(str, args), args); + } + ++ static std::string trimToOneSpace(const std::string& str) ++ { ++ std::string str_output; ++ ++ str_output.clear(); ++ std::unique_copy (str.begin(), str.end(), std::back_insert_iterator<std::string>(str_output), ++ [](char a,char b){ return std::isspace(a) && std::isspace(b);}); ++ ++ return str_output; ++ } ++ + static std::string toUpperCase(const std::string& str) + { + std::string temp{ str }; +@@ -219,6 +230,19 @@ + [](std::string::value_type character) + { + return std::toupper(character); ++ }); ++ return temp; ++ } ++ ++ static std::string toLowerCase(const std::string& str) ++ { ++ std::string temp{ str }; ++ std::transform(std::begin(temp), ++ std::end(temp), ++ std::begin(temp), ++ [](std::string::value_type character) ++ { ++ return std::tolower(character); + }); + return temp; + } diff --git a/security/wazuh-agent/files/patch-src-shared_modules-utils_timeHelper.h b/security/wazuh-agent/files/patch-src-shared_modules-utils_timeHelper.h new file mode 100644 index 000000000000..81df5b32557f --- /dev/null +++ b/security/wazuh-agent/files/patch-src-shared_modules-utils_timeHelper.h @@ -0,0 +1,24 @@ +--- src/shared_modules/utils/timeHelper.h 2023-12-12 19:27:07.563605000 -0500 ++++ src/shared_modules/utils/timeHelper.h 2023-12-12 19:27:29.163243000 -0500 +@@ -48,8 +48,19 @@ + { + return getTimestamp(std::time(nullptr)); + } ++ ++ static std::string timeToSeconds(std::string& str) { ++ int seconds; ++ std::tm t; ++ std::istringstream ss(str); ++ ss >> std::get_time(&t, "%H:%M.%S"); ++ ++ seconds = t.tm_hour * 3600 + t.tm_min * 60 + t.tm_sec; ++ ++ return std::to_string(seconds); ++ } + }; + + #pragma GCC diagnostic pop + +-#endif // _TIME_HELPER_H +\ No newline at end of file ++#endif // _TIME_HELPER_H diff --git a/security/wazuh-dashboard/Makefile b/security/wazuh-dashboard/Makefile index ae0c76499841..7a41f06ccc3a 100644 --- a/security/wazuh-dashboard/Makefile +++ b/security/wazuh-dashboard/Makefile @@ -1,6 +1,6 @@ PORTNAME= wazuh DISTVERSIONPREFIX= v -DISTVERSION= 4.6.0 +DISTVERSION= 4.7.0 CATEGORIES= security MASTER_SITES= LOCAL/acm/${PORTNAME}/ PKGNAMESUFFIX= -dashboard @@ -14,7 +14,7 @@ WWW= https://github.com/wazuh/wazuh-dashboard-plugins LICENSE= GPLv2 -RUN_DEPENDS= ${LOCALBASE}/www/opensearch-dashboards/bin/opensearch-dashboards:textproc/opensearch-dashboards +RUN_DEPENDS= ${LOCALBASE}/www/opensearch-dashboards/bin/opensearch-dashboards:textproc/opensearch-dashboards210 NO_BUILD= yes diff --git a/security/wazuh-dashboard/distinfo b/security/wazuh-dashboard/distinfo index 91b0185ad593..c7f95227324b 100644 --- a/security/wazuh-dashboard/distinfo +++ b/security/wazuh-dashboard/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1698979814 -SHA256 (wazuh-4.6.0/wazuh-dashboard-plugins-4.6.0-2.10.0.tar.gz) = c363ccc2a1fa14ffd18da5b745afed1cf263e2f30467cd361f34f02c3520ef11 -SIZE (wazuh-4.6.0/wazuh-dashboard-plugins-4.6.0-2.10.0.tar.gz) = 31758257 -SHA256 (wazuh-4.6.0/opensearch_dashboards.yml) = 88affe6dab2e1299b6f8b5264e6dd9ea1aa42885f3aefb8822fe559f2b6bb5d5 -SIZE (wazuh-4.6.0/opensearch_dashboards.yml) = 806 +TIMESTAMP = 1702018967 +SHA256 (wazuh-4.7.0/wazuh-dashboard-plugins-4.7.0-2.10.0.tar.gz) = 093e5effa5fa6dab2a535a78b4ebcc887d3199211a6a9de9b26dbcec8621b7b7 +SIZE (wazuh-4.7.0/wazuh-dashboard-plugins-4.7.0-2.10.0.tar.gz) = 31769983 +SHA256 (wazuh-4.7.0/opensearch_dashboards.yml) = 88affe6dab2e1299b6f8b5264e6dd9ea1aa42885f3aefb8822fe559f2b6bb5d5 +SIZE (wazuh-4.7.0/opensearch_dashboards.yml) = 806 diff --git a/security/wazuh-dashboard/pkg-plist b/security/wazuh-dashboard/pkg-plist index 818e739c96ca..1ddd8bfb37cb 100644 --- a/security/wazuh-dashboard/pkg-plist +++ b/security/wazuh-dashboard/pkg-plist @@ -1838,20 +1838,6 @@ www/opensearch-dashboards/plugins/wazuh/node_modules/codemirror/theme/xq-light.c www/opensearch-dashboards/plugins/wazuh/node_modules/codemirror/theme/yeti.css www/opensearch-dashboards/plugins/wazuh/node_modules/codemirror/theme/yonce.css www/opensearch-dashboards/plugins/wazuh/node_modules/codemirror/theme/zenburn.css -www/opensearch-dashboards/plugins/wazuh/node_modules/color-convert/CHANGELOG.md -www/opensearch-dashboards/plugins/wazuh/node_modules/color-convert/LICENSE -www/opensearch-dashboards/plugins/wazuh/node_modules/color-convert/README.md -www/opensearch-dashboards/plugins/wazuh/node_modules/color-convert/conversions.js -www/opensearch-dashboards/plugins/wazuh/node_modules/color-convert/index.js -www/opensearch-dashboards/plugins/wazuh/node_modules/color-convert/node_modules/color-name/.eslintrc.json -www/opensearch-dashboards/plugins/wazuh/node_modules/color-convert/node_modules/color-name/.npmignore -www/opensearch-dashboards/plugins/wazuh/node_modules/color-convert/node_modules/color-name/LICENSE -www/opensearch-dashboards/plugins/wazuh/node_modules/color-convert/node_modules/color-name/README.md -www/opensearch-dashboards/plugins/wazuh/node_modules/color-convert/node_modules/color-name/index.js -www/opensearch-dashboards/plugins/wazuh/node_modules/color-convert/node_modules/color-name/package.json -www/opensearch-dashboards/plugins/wazuh/node_modules/color-convert/node_modules/color-name/test.js -www/opensearch-dashboards/plugins/wazuh/node_modules/color-convert/package.json -www/opensearch-dashboards/plugins/wazuh/node_modules/color-convert/route.js www/opensearch-dashboards/plugins/wazuh/node_modules/color-name/LICENSE www/opensearch-dashboards/plugins/wazuh/node_modules/color-name/README.md www/opensearch-dashboards/plugins/wazuh/node_modules/color-name/index.js @@ -1863,6 +1849,20 @@ www/opensearch-dashboards/plugins/wazuh/node_modules/color-string/package.json www/opensearch-dashboards/plugins/wazuh/node_modules/color/LICENSE www/opensearch-dashboards/plugins/wazuh/node_modules/color/README.md www/opensearch-dashboards/plugins/wazuh/node_modules/color/index.js +www/opensearch-dashboards/plugins/wazuh/node_modules/color/node_modules/color-convert/CHANGELOG.md +www/opensearch-dashboards/plugins/wazuh/node_modules/color/node_modules/color-convert/LICENSE +www/opensearch-dashboards/plugins/wazuh/node_modules/color/node_modules/color-convert/README.md +www/opensearch-dashboards/plugins/wazuh/node_modules/color/node_modules/color-convert/conversions.js +www/opensearch-dashboards/plugins/wazuh/node_modules/color/node_modules/color-convert/index.js +www/opensearch-dashboards/plugins/wazuh/node_modules/color/node_modules/color-convert/package.json +www/opensearch-dashboards/plugins/wazuh/node_modules/color/node_modules/color-convert/route.js +www/opensearch-dashboards/plugins/wazuh/node_modules/color/node_modules/color-name/.eslintrc.json +www/opensearch-dashboards/plugins/wazuh/node_modules/color/node_modules/color-name/.npmignore +www/opensearch-dashboards/plugins/wazuh/node_modules/color/node_modules/color-name/LICENSE +www/opensearch-dashboards/plugins/wazuh/node_modules/color/node_modules/color-name/README.md +www/opensearch-dashboards/plugins/wazuh/node_modules/color/node_modules/color-name/index.js +www/opensearch-dashboards/plugins/wazuh/node_modules/color/node_modules/color-name/package.json +www/opensearch-dashboards/plugins/wazuh/node_modules/color/node_modules/color-name/test.js www/opensearch-dashboards/plugins/wazuh/node_modules/color/package.json www/opensearch-dashboards/plugins/wazuh/node_modules/colorspace/LICENSE.md www/opensearch-dashboards/plugins/wazuh/node_modules/colorspace/README.md @@ -4144,9 +4144,9 @@ www/opensearch-dashboards/plugins/wazuh/node_modules/tiny-inflate/package.json www/opensearch-dashboards/plugins/wazuh/node_modules/tiny-inflate/readme.md www/opensearch-dashboards/plugins/wazuh/node_modules/tiny-inflate/test/index.js www/opensearch-dashboards/plugins/wazuh/node_modules/tiny-inflate/test/lorem.txt -www/opensearch-dashboards/plugins/wazuh/node_modules/triple-beam/.eslintrc -www/opensearch-dashboards/plugins/wazuh/node_modules/triple-beam/.gitattributes -www/opensearch-dashboards/plugins/wazuh/node_modules/triple-beam/.travis.yml +www/opensearch-dashboards/plugins/wazuh/node_modules/triple-beam/.nyc_output/c579bf8f-6820-47a5-b2da-a11267eb8435.json +www/opensearch-dashboards/plugins/wazuh/node_modules/triple-beam/.nyc_output/processinfo/c579bf8f-6820-47a5-b2da-a11267eb8435.json +www/opensearch-dashboards/plugins/wazuh/node_modules/triple-beam/.nyc_output/processinfo/index.json www/opensearch-dashboards/plugins/wazuh/node_modules/triple-beam/CHANGELOG.md www/opensearch-dashboards/plugins/wazuh/node_modules/triple-beam/LICENSE www/opensearch-dashboards/plugins/wazuh/node_modules/triple-beam/README.md @@ -4156,7 +4156,6 @@ www/opensearch-dashboards/plugins/wazuh/node_modules/triple-beam/config/npm.js www/opensearch-dashboards/plugins/wazuh/node_modules/triple-beam/config/syslog.js www/opensearch-dashboards/plugins/wazuh/node_modules/triple-beam/index.js www/opensearch-dashboards/plugins/wazuh/node_modules/triple-beam/package.json -www/opensearch-dashboards/plugins/wazuh/node_modules/triple-beam/test.js www/opensearch-dashboards/plugins/wazuh/node_modules/type-check/LICENSE www/opensearch-dashboards/plugins/wazuh/node_modules/type-check/README.md www/opensearch-dashboards/plugins/wazuh/node_modules/type-check/lib/check.js diff --git a/security/wazuh-indexer/Makefile b/security/wazuh-indexer/Makefile index 867b7681558c..6f123e157209 100644 --- a/security/wazuh-indexer/Makefile +++ b/security/wazuh-indexer/Makefile @@ -1,9 +1,9 @@ PORTNAME= wazuh -PORTVERSION= 4.6.0 +PORTVERSION= 4.7.0 CATEGORIES= security MASTER_SITES= LOCAL/acm/${PORTNAME}/ PKGNAMESUFFIX= -indexer -DISTFILES= ${PORTNAME}${PKGNAMESUFFIX}.yml +DISTFILES= ${PORTNAME}-${PORTVERSION}${PKGNAMESUFFIX}.yml DIST_SUBDIR= ${PORTNAME}-${DISTVERSION} MAINTAINER= acm@FreeBSD.org @@ -12,7 +12,7 @@ WWW= https://wazuh.com/ LICENSE= GPLv2 -RUN_DEPENDS= ${LOCALBASE}/lib/opensearch/bin/opensearch:textproc/opensearch +RUN_DEPENDS= ${LOCALBASE}/lib/opensearch/bin/opensearch:textproc/opensearch210 NO_BUILD= yes @@ -24,10 +24,11 @@ ETCDIR= ${PREFIX}/etc/${PORTNAME}${PKGNAMESUFFIX} do-extract: @${MKDIR} ${WRKSRC} - ${CP} ${_DISTDIR}/wazuh-indexer.yml ${WRKSRC} + ${CP} ${_DISTDIR}/${PORTNAME}-${PORTVERSION}-indexer.yml ${WRKSRC} do-install: - ${MKDIR} ${STAGEDIR}${PREFIX}/etc/wazuh-indexer - ${INSTALL_DATA} ${WRKSRC}/wazuh-indexer.yml ${STAGEDIR}${PREFIX}/etc/wazuh-indexer/ + ${MKDIR} ${STAGEDIR}${PREFIX}/etc/${PORTNAME}-${PORTVERSION}-indexer + ${INSTALL_DATA} ${WRKSRC}/${PORTNAME}-${PORTVERSION}-indexer.yml \ + ${STAGEDIR}${PREFIX}/etc/wazuh-indexer/wazuh-indexer.yml .include <bsd.port.mk> diff --git a/security/wazuh-indexer/distinfo b/security/wazuh-indexer/distinfo index 703f31061108..084e0197f73d 100644 --- a/security/wazuh-indexer/distinfo +++ b/security/wazuh-indexer/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1698950294 -SHA256 (wazuh-4.6.0/wazuh-indexer.yml) = f6bc1d4de01742268ca42ef285896c31b7a31fb82f0c9f13de32d383fa3669e0 -SIZE (wazuh-4.6.0/wazuh-indexer.yml) = 2123 +TIMESTAMP = 1702742908 +SHA256 (wazuh-4.7.0/wazuh-4.7.0-indexer.yml) = 15290a6e81026d970891d7e1805afe4a87420984893948b5dd7a65789d62f5c5 +SIZE (wazuh-4.7.0/wazuh-4.7.0-indexer.yml) = 2216 diff --git a/security/wazuh-manager/Makefile b/security/wazuh-manager/Makefile index 9801ac421aa8..8575e517b30f 100644 --- a/security/wazuh-manager/Makefile +++ b/security/wazuh-manager/Makefile @@ -1,5 +1,5 @@ PORTNAME= wazuh -DISTVERSION= 4.6.0 +DISTVERSION= 4.7.0 DISTVERSIONPREFIX= v CATEGORIES= security MASTER_SITES= https://packages.wazuh.com/deps/22/libraries/sources/:wazuh_sources \ @@ -105,7 +105,7 @@ WAZUHMOD750= / /logs/wazuh /logs/archives /logs/alerts /logs/firewall \ /queue/syscollector /queue/syscollector/db /ruleset \ /ruleset/decoders /ruleset/rules /ruleset/sca /wodles \ /active-response /active-response/bin /agentless /var /backup \ - /backup/agents /backup/groups /backup/shared /queue/rids \ + /backup/db /backup/agents /backup/groups /backup/shared /queue/rids \ /wodles/aws /wodles/azure /wodles/docker /wodles/gcloud \ /wodles/gcloud/buckets /wodles/gcloud/pubsub /wodles/oscap \ /wodles/oscap/content /stats /integrations @@ -238,8 +238,9 @@ do-install: ${INSTALL_DATA} ${WRKSRC}/ruleset/lists/audit-keys ${STAGEDIR}${WAZUHPREFIX}/etc/lists/audit-keys ${INSTALL_DATA} ${WRKSRC}/ruleset/lists/security-eventchannel ${STAGEDIR}${WAZUHPREFIX}/etc/lists/security-eventchannel - ${INSTALL_SCRIPT} ${WRKSRC}/integrations/pagerduty ${STAGEDIR}${WAZUHPREFIX}/integrations/pagerduty - ${INSTALL_SCRIPT} ${WRKSRC}/integrations/slack ${STAGEDIR}${WAZUHPREFIX}/integrations/slack.py + ${INSTALL_SCRIPT} ${WRKSRC}/integrations/maltiverse.py ${STAGEDIR}${WAZUHPREFIX}/integrations/maltiverse.py + ${INSTALL_SCRIPT} ${WRKSRC}/integrations/pagerduty.py ${STAGEDIR}${WAZUHPREFIX}/integrations/pagerduty.py + ${INSTALL_SCRIPT} ${WRKSRC}/integrations/slack.py ${STAGEDIR}${WAZUHPREFIX}/integrations/slack.py ${INSTALL_SCRIPT} ${WRKSRC}/integrations/shuffle.py ${STAGEDIR}${WAZUHPREFIX}/integrations/shuffle.py ${INSTALL_SCRIPT} ${WRKSRC}/integrations/virustotal.py ${STAGEDIR}${WAZUHPREFIX}/integrations/virustotal.py @@ -273,6 +274,8 @@ do-install: ${INSTALL_SCRIPT} ${WRKSRC}/framework/wrappers/generic_wrapper.sh ${STAGEDIR}${WAZUHPREFIX}/wodles/azure/azure-logs ${INSTALL_SCRIPT} ${WRKSRC}/wodles/azure/orm.py ${STAGEDIR}${WAZUHPREFIX}/wodles/azure/orm.py + ${INSTALL_SCRIPT} ${WRKSRC}/framework/wrappers/generic_wrapper.sh ${STAGEDIR}${WAZUHPREFIX}/integrations/maltiverse + ${INSTALL_SCRIPT} ${WRKSRC}/framework/wrappers/generic_wrapper.sh ${STAGEDIR}${WAZUHPREFIX}/integrations/pagerduty ${INSTALL_SCRIPT} ${WRKSRC}/framework/wrappers/generic_wrapper.sh ${STAGEDIR}${WAZUHPREFIX}/integrations/slack ${INSTALL_SCRIPT} ${WRKSRC}/framework/wrappers/generic_wrapper.sh ${STAGEDIR}${WAZUHPREFIX}/integrations/virustotal ${INSTALL_SCRIPT} ${WRKSRC}/framework/wrappers/generic_wrapper.sh ${STAGEDIR}${WAZUHPREFIX}/integrations/shuffle diff --git a/security/wazuh-manager/distinfo b/security/wazuh-manager/distinfo index fac3cc8b54c7..2e00ff43ce4b 100644 --- a/security/wazuh-manager/distinfo +++ b/security/wazuh-manager/distinfo @@ -1,59 +1,59 @@ -TIMESTAMP = 1698897930 -SHA256 (wazuh-4.6.0/cJSON.tar.gz) = 678d796318da57d5f38075e74bbb3b77375dc3f8bb49da341ad1b43c417e8cc1 -SIZE (wazuh-4.6.0/cJSON.tar.gz) = 27863 -SHA256 (wazuh-4.6.0/curl.tar.gz) = 50bb159324b1ec38ca76b338ba3709f0c0da8678680a12a9d305f1d8f726b25d -SIZE (wazuh-4.6.0/curl.tar.gz) = 4105359 -SHA256 (wazuh-4.6.0/jemalloc.tar.gz) = 2b22e85b352c7df550ba408a42251e51e8dffa6c91aa2e1fb4804ab317ffbca0 -SIZE (wazuh-4.6.0/jemalloc.tar.gz) = 579864 -SHA256 (wazuh-4.6.0/libdb.tar.gz) = 7e9c44e8c7fdb186ff521a8d085b1bfa634d342dcc777ecea1fbf9a98ab5dc5e -SIZE (wazuh-4.6.0/libdb.tar.gz) = 3874990 -SHA256 (wazuh-4.6.0/libffi.tar.gz) = 0e971f64bacc22094e89f034bba075b40ecc2c2c2900eecd7ae85815fd6c9f69 -SIZE (wazuh-4.6.0/libffi.tar.gz) = 964576 -SHA256 (wazuh-4.6.0/libyaml.tar.gz) = 35daad608b372d5ce099f738c0f21bfcc03d6920d92f448386c584e664f1376a -SIZE (wazuh-4.6.0/libyaml.tar.gz) = 424656 -SHA256 (wazuh-4.6.0/openssl.tar.gz) = 9289ccf6b82762569a183ad71a745872eff51f1089c77d58b0c4ef0f761e0288 -SIZE (wazuh-4.6.0/openssl.tar.gz) = 13235833 -SHA256 (wazuh-4.6.0/procps.tar.gz) = 221f395e29d1bdbe4bacc9db39602eee0bae685a935437be0d7feb42e3192d07 -SIZE (wazuh-4.6.0/procps.tar.gz) = 55897 -SHA256 (wazuh-4.6.0/sqlite.tar.gz) = e68521637d9e4e60115707cd7f35275a92ce6d0fc1ff04e22d7bbf0c393f8ff1 -SIZE (wazuh-4.6.0/sqlite.tar.gz) = 2296429 -SHA256 (wazuh-4.6.0/zlib.tar.gz) = da229c2ac01c572d6b00085fbbbb141382c818ed29299093153525f84b027b0d -SIZE (wazuh-4.6.0/zlib.tar.gz) = 638616 -SHA256 (wazuh-4.6.0/audit-userspace.tar.gz) = e82a32e5edf93b055160e14bc97f41dead39287925851dc80a7638e2d4d30434 -SIZE (wazuh-4.6.0/audit-userspace.tar.gz) = 1682820 -SHA256 (wazuh-4.6.0/msgpack.tar.gz) = 06d63bcf32896cd0af5480c401134b1ad1c166fd84ebe5b486e792101ee854e2 -SIZE (wazuh-4.6.0/msgpack.tar.gz) = 591294 -SHA256 (wazuh-4.6.0/bzip2.tar.gz) = 27688ee0316a64b39e511b2c224070cad97c394a5f711f9d055fc1809d895bcd -SIZE (wazuh-4.6.0/bzip2.tar.gz) = 71277 -SHA256 (wazuh-4.6.0/nlohmann.tar.gz) = cefb07936d3d5bfdd3efc5e9bb8d3c807d681273bdac2e83b3d67aef2d1158c4 -SIZE (wazuh-4.6.0/nlohmann.tar.gz) = 135749 -SHA256 (wazuh-4.6.0/googletest.tar.gz) = 8c1e8a0a7f221c2125e99e6acb709da2ba472476b4d057c58de504bebf38d417 -SIZE (wazuh-4.6.0/googletest.tar.gz) = 885874 -SHA256 (wazuh-4.6.0/libpcre2.tar.gz) = d0bafc3579fa0af0a39951586edfa349e1f4be83d28bed86abe0a3fc4b34fcfa -SIZE (wazuh-4.6.0/libpcre2.tar.gz) = 1252173 -SHA256 (wazuh-4.6.0/libplist.tar.gz) = 88278d4bdfc1bd6a3a1a55a4f3d933683d2732ba09cf7a749fe8ec8eec406e3c -SIZE (wazuh-4.6.0/libplist.tar.gz) = 1520623 -SHA256 (wazuh-4.6.0/libarchive.tar.gz) = f863f382ead9f61abc560ff0ead0be3aa9e95b6f8c62756e1f034f4c2386ba79 -SIZE (wazuh-4.6.0/libarchive.tar.gz) = 7040169 -SHA256 (wazuh-4.6.0/popt.tar.gz) = d6880a06622ca32dc4aa39ad5dcf7bef2faa81bd931afbe64ba434ad8fee1daa -SIZE (wazuh-4.6.0/popt.tar.gz) = 891309 -SHA256 (wazuh-4.6.0/cpython.tar.gz) = 3e48cdd11842883fa2bfa2a1d75187cfff9c4c49e662a6cdd9877e5b018de7b5 -SIZE (wazuh-4.6.0/cpython.tar.gz) = 237193900 -SHA256 (wazuh-4.6.0/wazuh-cache-any-4.6.0.tar.gz) = cb30e1d51396ee61f123eee4fdca7ca74648aede2f4180a39ca3aee53c3ef255 -SIZE (wazuh-4.6.0/wazuh-cache-any-4.6.0.tar.gz) = 15300416 -SHA256 (wazuh-4.6.0/wazuh-cache-fbsd12-amd64-4.6.0.tar.gz) = 3c7e209b9dd0372379f5ce5c86ea1a543ef4e85f33238f8929def3b6d5fe4a8b -SIZE (wazuh-4.6.0/wazuh-cache-fbsd12-amd64-4.6.0.tar.gz) = 19834895 -SHA256 (wazuh-4.6.0/wazuh-cache-fbsd13-aarch64-4.6.0.tar.gz) = 363546089a08d18a3bbe84f6c9c04c1f4f430f78942b56e97db2cde1e76b4cb4 -SIZE (wazuh-4.6.0/wazuh-cache-fbsd13-aarch64-4.6.0.tar.gz) = 18477175 -SHA256 (wazuh-4.6.0/wazuh-cache-fbsd13-amd64-4.6.0.tar.gz) = d7acc48dcb7bf9fc177b43c1ab7c71e85e05e5c9cdf0156e57f0fb240b7082cf -SIZE (wazuh-4.6.0/wazuh-cache-fbsd13-amd64-4.6.0.tar.gz) = 18235838 -SHA256 (wazuh-4.6.0/wazuh-cache-fbsd14-aarch64-4.6.0.tar.gz) = bbb5a31cb5c7211ef9139becc37c55e6fff0d5056ec3af3f6b3f63c58a116c31 -SIZE (wazuh-4.6.0/wazuh-cache-fbsd14-aarch64-4.6.0.tar.gz) = 18664162 -SHA256 (wazuh-4.6.0/wazuh-cache-fbsd14-amd64-4.6.0.tar.gz) = 67c151543f77a03d41647ed66d274faa4c50704c37f6aafa0412c8922b437364 -SIZE (wazuh-4.6.0/wazuh-cache-fbsd14-amd64-4.6.0.tar.gz) = 18058904 -SHA256 (wazuh-4.6.0/wazuh-cache-fbsd15-aarch64-4.6.0.tar.gz) = 435c60ecac1fefda4411c2277cbdc3e5d7f20f45b0fea8c859d5701a729429de -SIZE (wazuh-4.6.0/wazuh-cache-fbsd15-aarch64-4.6.0.tar.gz) = 17209204 -SHA256 (wazuh-4.6.0/wazuh-cache-fbsd15-amd64-4.6.0.tar.gz) = 18b5477852185026e6c6e8e4b6302ce83f3196cf921b8ab192a6640091abc366 -SIZE (wazuh-4.6.0/wazuh-cache-fbsd15-amd64-4.6.0.tar.gz) = 19692298 -SHA256 (wazuh-4.6.0/wazuh-wazuh-v4.6.0_GH0.tar.gz) = ae5b7a5fa50a342c24aaa8f96dfc4a70493ae9064439b8e2aa98b7aecce73175 -SIZE (wazuh-4.6.0/wazuh-wazuh-v4.6.0_GH0.tar.gz) = 11773199 +TIMESTAMP = 1701988240 +SHA256 (wazuh-4.7.0/cJSON.tar.gz) = 678d796318da57d5f38075e74bbb3b77375dc3f8bb49da341ad1b43c417e8cc1 +SIZE (wazuh-4.7.0/cJSON.tar.gz) = 27863 +SHA256 (wazuh-4.7.0/curl.tar.gz) = 50bb159324b1ec38ca76b338ba3709f0c0da8678680a12a9d305f1d8f726b25d +SIZE (wazuh-4.7.0/curl.tar.gz) = 4105359 +SHA256 (wazuh-4.7.0/jemalloc.tar.gz) = 2b22e85b352c7df550ba408a42251e51e8dffa6c91aa2e1fb4804ab317ffbca0 +SIZE (wazuh-4.7.0/jemalloc.tar.gz) = 579864 +SHA256 (wazuh-4.7.0/libdb.tar.gz) = 7e9c44e8c7fdb186ff521a8d085b1bfa634d342dcc777ecea1fbf9a98ab5dc5e +SIZE (wazuh-4.7.0/libdb.tar.gz) = 3874990 +SHA256 (wazuh-4.7.0/libffi.tar.gz) = 0e971f64bacc22094e89f034bba075b40ecc2c2c2900eecd7ae85815fd6c9f69 +SIZE (wazuh-4.7.0/libffi.tar.gz) = 964576 +SHA256 (wazuh-4.7.0/libyaml.tar.gz) = 35daad608b372d5ce099f738c0f21bfcc03d6920d92f448386c584e664f1376a +SIZE (wazuh-4.7.0/libyaml.tar.gz) = 424656 +SHA256 (wazuh-4.7.0/openssl.tar.gz) = 9289ccf6b82762569a183ad71a745872eff51f1089c77d58b0c4ef0f761e0288 +SIZE (wazuh-4.7.0/openssl.tar.gz) = 13235833 +SHA256 (wazuh-4.7.0/procps.tar.gz) = 221f395e29d1bdbe4bacc9db39602eee0bae685a935437be0d7feb42e3192d07 +SIZE (wazuh-4.7.0/procps.tar.gz) = 55897 +SHA256 (wazuh-4.7.0/sqlite.tar.gz) = e68521637d9e4e60115707cd7f35275a92ce6d0fc1ff04e22d7bbf0c393f8ff1 +SIZE (wazuh-4.7.0/sqlite.tar.gz) = 2296429 +SHA256 (wazuh-4.7.0/zlib.tar.gz) = da229c2ac01c572d6b00085fbbbb141382c818ed29299093153525f84b027b0d +SIZE (wazuh-4.7.0/zlib.tar.gz) = 638616 +SHA256 (wazuh-4.7.0/audit-userspace.tar.gz) = e82a32e5edf93b055160e14bc97f41dead39287925851dc80a7638e2d4d30434 +SIZE (wazuh-4.7.0/audit-userspace.tar.gz) = 1682820 +SHA256 (wazuh-4.7.0/msgpack.tar.gz) = 06d63bcf32896cd0af5480c401134b1ad1c166fd84ebe5b486e792101ee854e2 +SIZE (wazuh-4.7.0/msgpack.tar.gz) = 591294 +SHA256 (wazuh-4.7.0/bzip2.tar.gz) = 27688ee0316a64b39e511b2c224070cad97c394a5f711f9d055fc1809d895bcd +SIZE (wazuh-4.7.0/bzip2.tar.gz) = 71277 +SHA256 (wazuh-4.7.0/nlohmann.tar.gz) = cefb07936d3d5bfdd3efc5e9bb8d3c807d681273bdac2e83b3d67aef2d1158c4 +SIZE (wazuh-4.7.0/nlohmann.tar.gz) = 135749 +SHA256 (wazuh-4.7.0/googletest.tar.gz) = 8c1e8a0a7f221c2125e99e6acb709da2ba472476b4d057c58de504bebf38d417 +SIZE (wazuh-4.7.0/googletest.tar.gz) = 885874 +SHA256 (wazuh-4.7.0/libpcre2.tar.gz) = d0bafc3579fa0af0a39951586edfa349e1f4be83d28bed86abe0a3fc4b34fcfa +SIZE (wazuh-4.7.0/libpcre2.tar.gz) = 1252173 +SHA256 (wazuh-4.7.0/libplist.tar.gz) = 88278d4bdfc1bd6a3a1a55a4f3d933683d2732ba09cf7a749fe8ec8eec406e3c +SIZE (wazuh-4.7.0/libplist.tar.gz) = 1520623 +SHA256 (wazuh-4.7.0/libarchive.tar.gz) = f863f382ead9f61abc560ff0ead0be3aa9e95b6f8c62756e1f034f4c2386ba79 +SIZE (wazuh-4.7.0/libarchive.tar.gz) = 7040169 +SHA256 (wazuh-4.7.0/popt.tar.gz) = d6880a06622ca32dc4aa39ad5dcf7bef2faa81bd931afbe64ba434ad8fee1daa +SIZE (wazuh-4.7.0/popt.tar.gz) = 891309 +SHA256 (wazuh-4.7.0/cpython.tar.gz) = 3e48cdd11842883fa2bfa2a1d75187cfff9c4c49e662a6cdd9877e5b018de7b5 +SIZE (wazuh-4.7.0/cpython.tar.gz) = 237193900 +SHA256 (wazuh-4.7.0/wazuh-cache-any-4.7.0.tar.gz) = cb30e1d51396ee61f123eee4fdca7ca74648aede2f4180a39ca3aee53c3ef255 +SIZE (wazuh-4.7.0/wazuh-cache-any-4.7.0.tar.gz) = 15300416 +SHA256 (wazuh-4.7.0/wazuh-cache-fbsd12-amd64-4.7.0.tar.gz) = 3c7e209b9dd0372379f5ce5c86ea1a543ef4e85f33238f8929def3b6d5fe4a8b +SIZE (wazuh-4.7.0/wazuh-cache-fbsd12-amd64-4.7.0.tar.gz) = 19834895 +SHA256 (wazuh-4.7.0/wazuh-cache-fbsd13-aarch64-4.7.0.tar.gz) = 363546089a08d18a3bbe84f6c9c04c1f4f430f78942b56e97db2cde1e76b4cb4 +SIZE (wazuh-4.7.0/wazuh-cache-fbsd13-aarch64-4.7.0.tar.gz) = 18477175 +SHA256 (wazuh-4.7.0/wazuh-cache-fbsd13-amd64-4.7.0.tar.gz) = d7acc48dcb7bf9fc177b43c1ab7c71e85e05e5c9cdf0156e57f0fb240b7082cf +SIZE (wazuh-4.7.0/wazuh-cache-fbsd13-amd64-4.7.0.tar.gz) = 18235838 +SHA256 (wazuh-4.7.0/wazuh-cache-fbsd14-aarch64-4.7.0.tar.gz) = bbb5a31cb5c7211ef9139becc37c55e6fff0d5056ec3af3f6b3f63c58a116c31 +SIZE (wazuh-4.7.0/wazuh-cache-fbsd14-aarch64-4.7.0.tar.gz) = 18664162 +SHA256 (wazuh-4.7.0/wazuh-cache-fbsd14-amd64-4.7.0.tar.gz) = 67c151543f77a03d41647ed66d274faa4c50704c37f6aafa0412c8922b437364 +SIZE (wazuh-4.7.0/wazuh-cache-fbsd14-amd64-4.7.0.tar.gz) = 18058904 +SHA256 (wazuh-4.7.0/wazuh-cache-fbsd15-aarch64-4.7.0.tar.gz) = 435c60ecac1fefda4411c2277cbdc3e5d7f20f45b0fea8c859d5701a729429de +SIZE (wazuh-4.7.0/wazuh-cache-fbsd15-aarch64-4.7.0.tar.gz) = 17209204 +SHA256 (wazuh-4.7.0/wazuh-cache-fbsd15-amd64-4.7.0.tar.gz) = 18b5477852185026e6c6e8e4b6302ce83f3196cf921b8ab192a6640091abc366 +SIZE (wazuh-4.7.0/wazuh-cache-fbsd15-amd64-4.7.0.tar.gz) = 19692298 +SHA256 (wazuh-4.7.0/wazuh-wazuh-v4.7.0_GH0.tar.gz) = 1c505f66fc28a702f58867e63117ab470eb2ba4dafc84c2fc30a27a2b29cb980 +SIZE (wazuh-4.7.0/wazuh-wazuh-v4.7.0_GH0.tar.gz) = 13722456 diff --git a/security/wazuh-manager/files/patch-src-data_provider-src_sysInfoFreeBSD.cpp b/security/wazuh-manager/files/patch-src-data_provider-src_sysInfoFreeBSD.cpp new file mode 100644 index 000000000000..78b6d052cb88 --- /dev/null +++ b/security/wazuh-manager/files/patch-src-data_provider-src_sysInfoFreeBSD.cpp @@ -0,0 +1,259 @@ +--- src/data_provider/src/sysInfoFreeBSD.cpp 2023-11-23 07:17:53.000000000 -0500 ++++ src/data_provider/src/sysInfoFreeBSD.cpp 2023-12-12 19:22:35.579828000 -0500 +@@ -11,6 +11,7 @@ + #include "sysInfo.hpp" + #include "cmdHelper.h" + #include "stringHelper.h" ++#include "timeHelper.h" + #include "osinfo/sysOsParsers.h" + #include <sys/sysctl.h> + #include <sys/vmmeter.h> +@@ -19,12 +20,13 @@ + + static void getMemory(nlohmann::json& info) + { ++ constexpr auto vmFree{"vm.stats.vm.v_free_count"}; ++ constexpr auto vmInactive{"vm.stats.vm.v_inactive_count"}; + constexpr auto vmPageSize{"vm.stats.vm.v_page_size"}; +- constexpr auto vmTotal{"vm.vmtotal"}; ++ constexpr auto vmTotal{"hw.physmem"}; + uint64_t ram{0}; +- const std::vector<int> mib{CTL_HW, HW_PHYSMEM}; + size_t len{sizeof(ram)}; +- auto ret{sysctl(const_cast<int*>(mib.data()), mib.size(), &ram, &len, nullptr, 0)}; ++ auto ret{sysctlbyname(vmTotal, &ram, &len, nullptr, 0)}; + + if (ret) + { +@@ -52,11 +54,23 @@ + }; + } + +- struct vmtotal vmt {}; ++ uint64_t freeMem{0}; ++ len = sizeof(freeMem); ++ ret = sysctlbyname(vmFree, &freeMem, &len, nullptr, 0); + +- len = sizeof(vmt); ++ if (ret) ++ { ++ throw std::system_error ++ { ++ ret, ++ std::system_category(), ++ "Error reading free memory size." ++ }; ++ } + +- ret = sysctlbyname(vmTotal, &vmt, &len, nullptr, 0); ++ uint64_t inactiveMem{0}; ++ len = sizeof(inactiveMem); ++ ret = sysctlbyname(vmInactive, &inactiveMem, &len, nullptr, 0); + + if (ret) + { +@@ -64,11 +78,11 @@ + { + ret, + std::system_category(), +- "Error reading total memory." ++ "Error reading inactive memory size." + }; + } + +- const auto ramFree{(vmt.t_free * pageSize) / KByte}; ++ const auto ramFree{(freeMem + inactiveMem) * pageSize / KByte}; + info["ram_free"] = ramFree; + info["ram_usage"] = 100 - (100 * ramFree / ramTotal); + } +@@ -184,8 +198,12 @@ + + nlohmann::json SysInfo::getProcessesInfo() const + { +- // Currently not supported for this OS +- return nlohmann::json {}; ++ nlohmann::json ret; ++ getProcessesInfo([&ret](nlohmann::json & data) ++ { ++ ret.push_back(data); ++ }); ++ return ret; + } + + nlohmann::json SysInfo::getOsInfo() const +@@ -196,11 +214,12 @@ + + if (!spParser->parseUname(Utils::exec("uname -r"), ret)) + { *** 1199 LINES SKIPPED ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202312162137.3BGLb0pn099114>