From owner-svn-ports-head@FreeBSD.ORG Tue Nov 11 15:57:54 2014 Return-Path: Delivered-To: svn-ports-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4ADB1D81; Tue, 11 Nov 2014 15:57:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2BB21E9F; Tue, 11 Nov 2014 15:57:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id sABFvsTv063722; Tue, 11 Nov 2014 15:57:54 GMT (envelope-from garga@FreeBSD.org) Received: (from garga@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id sABFvrOb063718; Tue, 11 Nov 2014 15:57:53 GMT (envelope-from garga@FreeBSD.org) Message-Id: <201411111557.sABFvrOb063718@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: garga set sender to garga@FreeBSD.org using -f From: Renato Botelho Date: Tue, 11 Nov 2014 15:57:53 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r372453 - head/security/suricata X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Nov 2014 15:57:54 -0000 Author: garga Date: Tue Nov 11 15:57:52 2014 New Revision: 372453 URL: https://svnweb.freebsd.org/changeset/ports/372453 QAT: https://qat.redports.org/buildarchive/r372453/ Log: - Update suricata to 2.0.4 [1] - Added JSON knob - this allows Suricata to be compiled with JSON output support - Added GEOIP knob - this allows Suricata to support rules with geoip word - Added HTP_PORT knob - this make the use of www/libhtp-suricata optional. E.g. user can choose between build-in and port version. - Unbreak PLIST renaming sample files from -sample to .sample PR: 193220 [1] Submitted by: cheffo [1] Approved by: maintainer timeout (> 2 months) Security: CVE-2014-6603 Modified: head/security/suricata/Makefile head/security/suricata/distinfo head/security/suricata/pkg-plist Modified: head/security/suricata/Makefile ============================================================================== --- head/security/suricata/Makefile Tue Nov 11 15:32:29 2014 (r372452) +++ head/security/suricata/Makefile Tue Nov 11 15:57:52 2014 (r372453) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= suricata -PORTVERSION= 2.0.3 +PORTVERSION= 2.0.4 CATEGORIES= security MASTER_SITES= http://www.openinfosecfoundation.org/download/ \ http://mirrors.rit.edu/zi/ @@ -13,20 +13,22 @@ COMMENT= High Performance Network IDS, I LICENSE= GPLv2 LIB_DEPENDS= libpcre.so:${PORTSDIR}/devel/pcre \ - libhtp.so:${PORTSDIR}/devel/libhtp \ libnet.so:${PORTSDIR}/net/libnet \ libyaml.so:${PORTSDIR}/textproc/libyaml -OPTIONS_DEFINE= IPFW PRELUDE PORTS_PCAP TESTS -OPTIONS_DEFAULT=IPFW PRELUDE +OPTIONS_DEFINE= IPFW PRELUDE PORTS_PCAP TESTS JSON GEOIP HTP_PORT +OPTIONS_DEFAULT=IPFW PRELUDE HTP_PORT OPTIONS_SUB= yes IPFW_DESC= Enable IPFW and IP Divert support for inline IDP PRELUDE_DESC= Enable Prelude support for NIDS alerts PORTS_PCAP_DESC=Use libpcap from ports TESTS_DESC= Enable unit tests in suricata binary +JSON_DESC= Enable Suricata JSON output +GEOIP_DESC= Enable GeoIP support for Suricata +HTP_PORT_DESC= Use libhtp from ports instead of bundled -USES= gmake pkgconfig libtool +USES= gmake pkgconfig libtool pathfix USE_AUTOTOOLS= aclocal autoconf automake USE_LDCONFIG= yes USE_RC_SUBR= ${PORTNAME} @@ -43,10 +45,18 @@ PRELUDE_LIB_DEPENDS= libprelude.so:${PO PRELUDE_CONFIGURE_ENABLE= prelude PRELUDE_CONFIGURE_ON= --with-libprelude-prefix=${LOCALBASE} TESTS_CONFIGURE_ENABLE= unittests +JSON_CONFIGURE_OFF= --with-libjansson-includes=${LOCALBASE}/include \ + --with-libjansson-libraries=${LOCALBASE}/lib +JSON_LIB_DEPENDS= libjansson.so:${PORTSDIR}/devel/jansson +GEOIP_CONFIGURE_ON= --enable-geoip +GEOIP_LIB_DEPENDS= libGeoIP.so:${PORTSDIR}/net/GeoIP +HTP_PORT_CONFIGURE_ON= --enable-non-bundled-htp +HTP_PORT_LIB_DEPENDS= libhtp.so:${PORTSDIR}/devel/libhtp +HTP_PORT_CONFLICT_OFF= libhtp-[0-9]* libhtp-suricata SUB_FILES= pkg-message -CONFIGURE_ARGS+=--enable-non-bundled-htp --enable-gccprotect \ +CONFIGURE_ARGS+=--enable-gccprotect \ --with-libpcre-includes=${LOCALBASE}/include \ --with-libpcre-libraries=${LOCALBASE}/lib \ --with-libyaml-includes=${LOCALBASE}/include \ @@ -66,6 +76,12 @@ LOGS_DIR?= /var/log/${PORTNAME} .include +.if ${PORT_OPTIONS:MHTP_PORT} +PLIST_SUB+= HTPPORT="@comment " +.else +PLIST_SUB+= HTPPORT="" +.endif + .if ${ARCH} == "ia64" || ${ARCH} == "powerpc" || ${ARCH} == "sparc64" BROKEN= Does not compile on ia64, powerpc, or sparc64 .endif @@ -80,7 +96,7 @@ post-install: ${MKDIR} ${STAGEDIR}${CONFIG_DIR} ${MKDIR} ${STAGEDIR}${RULES_DIR} .for f in ${CONFIG_FILES} - ${INSTALL_DATA} ${WRKSRC}/${f} ${STAGEDIR}${CONFIG_DIR}/${f}-sample + ${INSTALL_DATA} ${WRKSRC}/${f} ${STAGEDIR}${CONFIG_DIR}/${f}.sample .endfor TMPDIR?= /tmp Modified: head/security/suricata/distinfo ============================================================================== --- head/security/suricata/distinfo Tue Nov 11 15:32:29 2014 (r372452) +++ head/security/suricata/distinfo Tue Nov 11 15:57:52 2014 (r372453) @@ -1,2 +1,2 @@ -SHA256 (suricata-2.0.3.tar.gz) = b6e554cbacb925bbcf88dd4554c9222b51b21796c39e198cdf5b0b9cdc1ed383 -SIZE (suricata-2.0.3.tar.gz) = 3083891 +SHA256 (suricata-2.0.4.tar.gz) = 677d97a829d9e05f664c82eb0372e870d5f6e9501ccee20130dfde4014bd5084 +SIZE (suricata-2.0.4.tar.gz) = 3085919 Modified: head/security/suricata/pkg-plist ============================================================================== --- head/security/suricata/pkg-plist Tue Nov 11 15:32:29 2014 (r372452) +++ head/security/suricata/pkg-plist Tue Nov 11 15:57:52 2014 (r372453) @@ -28,7 +28,28 @@ bin/suricata %%DOCSDIR%%/Ubuntu_Installation.txt %%DOCSDIR%%/Ubuntu_Installation_from_GIT.txt %%DOCSDIR%%/Windows.txt -@sample etc/suricata/suricata.yaml-sample -@sample etc/suricata/classification.config-sample -@sample etc/suricata/reference.config-sample +%%HTPPORT%%include/htp/bstr.h +%%HTPPORT%%include/htp/bstr_builder.h +%%HTPPORT%%include/htp/htp.h +%%HTPPORT%%include/htp/htp_base64.h +%%HTPPORT%%include/htp/htp_config.h +%%HTPPORT%%include/htp/htp_connection_parser.h +%%HTPPORT%%include/htp/htp_core.h +%%HTPPORT%%include/htp/htp_decompressors.h +%%HTPPORT%%include/htp/htp_hooks.h +%%HTPPORT%%include/htp/htp_list.h +%%HTPPORT%%include/htp/htp_multipart.h +%%HTPPORT%%include/htp/htp_table.h +%%HTPPORT%%include/htp/htp_transaction.h +%%HTPPORT%%include/htp/htp_urlencoded.h +%%HTPPORT%%include/htp/htp_utf8_decoder.h +%%HTPPORT%%include/htp/htp_version.h +%%HTPPORT%%lib/libhtp-0.5.15.so.1 +%%HTPPORT%%lib/libhtp-0.5.15.so.1.0.0 +%%HTPPORT%%lib/libhtp.a +%%HTPPORT%%lib/libhtp.so +%%HTPPORT%%libdata/pkgconfig/htp.pc +@sample etc/suricata/suricata.yaml.sample +@sample etc/suricata/classification.config.sample +@sample etc/suricata/reference.config.sample @dir etc/suricata/rules