Date: Sun, 17 Nov 2013 03:09:13 +0000 (UTC) From: Kubilay Kocak <koobs@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r334051 - in head/security/suricata: . files Message-ID: <201311170309.rAH39DrS094275@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: koobs Date: Sun Nov 17 03:09:13 2013 New Revision: 334051 URL: http://svnweb.freebsd.org/changeset/ports/334051 Log: security/suricata: Update to 1.4.6, Switch to libhtp-suricata, Un-BROKEN Clang. - Update to 1.4.6 - Switch to the correct library in www/libhtp-suricata - Take maintainership - Enable STAGE support - Remove uneccessary patches - Configure: Add libhtp include and library location - Configure: Add /var to --localstatedir - Configure: Disable Python support explicitly - QA: Remove BROKEN with clang - QA: Update to new LIB_DEPENDS format - QA: Use ETCDIR instead of custom path for CONFIG_DIR and RULES_DIR - QA: Replace hardcoded strings with ${PORTNAME} - QA: Add documentation and %%DOCSDIR%% to pkg-plist - QA: Add TESTS option to include unit tests in binary - QA: Add regression-test target (TMPDIR is not prefix safe) - QA: Replace USE_GMAKE with USES=gmake - QA: Remove automake from USE_AUTOTOOLS - QA: Remove LICENSE_FILE for those listed in bsd.licenses.db.mk - QA: Remove post-patch target - QA: Sort USE/USES and combine LIB_DEPENDS - QA: Clarify and tweak OPTIONS descriptions Reviewed by: wxs, mva, Johannes Meixner Approved by: wxs (maintainer) Deleted: head/security/suricata/files/patch-src__app-layer-htp.c head/security/suricata/files/patch-src__suricata-common.h Modified: head/security/suricata/Makefile head/security/suricata/distinfo head/security/suricata/pkg-plist (contents, props changed) Modified: head/security/suricata/Makefile ============================================================================== --- head/security/suricata/Makefile Sun Nov 17 02:58:44 2013 (r334050) +++ head/security/suricata/Makefile Sun Nov 17 03:09:13 2013 (r334051) @@ -2,58 +2,57 @@ # $FreeBSD$ PORTNAME= suricata -PORTVERSION= 1.3.4 -PORTREVISION= 3 +PORTVERSION= 1.4.6 CATEGORIES= security MASTER_SITES= http://www.openinfosecfoundation.org/download/ \ http://mirrors.rit.edu/zi/ -MAINTAINER= wxs@FreeBSD.org +MAINTAINER= koobs@FreeBSD.org COMMENT= Open Source next generation IDS/IPS engine by OISF LICENSE= GPLv2 -LICENSE_FILE= ${WRKSRC}/LICENSE -LIB_DEPENDS= pcre:${PORTSDIR}/devel/pcre \ - yaml:${PORTSDIR}/textproc/libyaml \ - htp:${PORTSDIR}/devel/libhtp +LIB_DEPENDS= libpcre.so:${PORTSDIR}/devel/pcre \ + libhtp.so:${PORTSDIR}/www/libhtp-suricata \ + libnet.so:${PORTSDIR}/net/libnet \ + libyaml.so:${PORTSDIR}/textproc/libyaml -LIB_DEPENDS+= net:${PORTSDIR}/net/libnet - -USE_AUTOTOOLS= automake autoconf libtool -USES= pkgconfig - -USE_RC_SUBR= suricata - -LIBNET_CONFIG?= ${LOCALBASE}/bin/libnet11-config - -OPTIONS_DEFINE= IPFW PRELUDE PORTS_PCAP DAG +OPTIONS_DEFINE= IPFW PRELUDE PORTS_PCAP DAG TESTS OPTIONS_DEFAULT=IPFW -IPFW_DESC= Enable ipfw/ipdivert for IPS usage -PRELUDE_DESC= Enable Prelude NIDS integration +IPFW_DESC= Enable IPFW and IP Divert support for inline IDP +PRELUDE_DESC= Enable Prelude support for NIDS alerts PORTS_PCAP_DESC=Use libpcap from ports -DAG_DESC= Enable Endace DAG Support +DAG_DESC= Enable Endace DAG capture support +TESTS_DESC= Enable unit tests in suricata binary + +USE_AUTOTOOLS= autoconf libtool +USE_LDCONFIG= yes +USE_RC_SUBR= ${PORTNAME} +USES= gmake pkgconfig +GNU_CONFIGURE= yes -NO_STAGE= yes .include <bsd.port.options.mk> SUB_FILES= pkg-message -HAS_CONFIGURE= yes -USE_GMAKE= yes -USE_LDCONFIG= yes -CONFIGURE_ARGS+=--enable-non-bundled-htp --enable-gccprotect \ - --with-libpcre-includes=${LOCALBASE}/include \ - --with-libpcre-libraries=${LOCALBASE}/lib \ - --with-libyaml-includes=${LOCALBASE}/include \ - --with-libyaml-libraries=${LOCALBASE}/lib \ - --with-libnet-includes=${LOCALBASE}/include/libnet11 \ - --with-libnet-libraries=${LOCALBASE}/lib/libnet11 -CONFIG_DIR?= ${PREFIX}/etc/suricata +CONFIGURE_ARGS+=--enable-non-bundled-htp --enable-gccprotect \ + --with-libpcre-includes=${LOCALBASE}/include \ + --with-libpcre-libraries=${LOCALBASE}/lib \ + --with-libyaml-includes=${LOCALBASE}/include \ + --with-libyaml-libraries=${LOCALBASE}/lib \ + --with-libnet-includes=${LOCALBASE}/include/libnet11 \ + --with-libnet-libraries=${LOCALBASE}/lib/libnet11 \ + --with-libhtp-includes=${LOCALBASE}/include/ \ + --with-libhtp-libraries=${LOCALBASE}/lib \ + --localstatedir=/var/ +CONFIGURE_ENV+= ac_cv_path_HAVE_PYTHON_CONFIG=no + +LIBNET_CONFIG?= ${LOCALBASE}/bin/libnet11-config +CONFIG_DIR?= ${ETCDIR} CONFIG_FILES= suricata.yaml classification.config reference.config -RULES_DIR= ${PREFIX}/etc/suricata/rules -LOGS_DIR= /var/log/suricata +RULES_DIR= ${CONFIG_DIR}/rules +LOGS_DIR?= /var/log/${PORTNAME} .include <bsd.port.pre.mk> @@ -61,10 +60,6 @@ LOGS_DIR= /var/log/suricata BROKEN= Does not compile on ia64, powerpc, or sparc64 .endif -.if ${CC} == "clang" || ${CXX} == "clang++" -BROKEN= Does not build when compiled with clang -.endif - .if ${PORT_OPTIONS:MPRELUDE} LIB_DEPENDS+= prelude:${PORTSDIR}/security/libprelude CONFIGURE_ARGS+= --enable-prelude \ @@ -91,27 +86,29 @@ CONFIGURE_ARGS+= --enable-dag \ --with-dag-libraries=${LOCALBASE}/lib .endif -AUTOTOOLSFILES= aclocal.m4 libhtp/aclocal.m4 - -post-patch: - @${REINPLACE_CMD} -Ee 's|^(install-data-am: )install-pkgconfigDATA|\1|' ${WRKSRC}/libhtp/Makefile.in -.for f in ${AUTOTOOLSFILES} - @${REINPLACE_CMD} -e 's|1.11.3|%%AUTOMAKE_APIVER%%|g' ${WRKSRC}/${f} -.endfor +.if ${PORT_OPTIONS:MTESTS} +CONFIGURE_ARGS+= --enable-unittests +.else +CONFIGURE_ARGS+= --disable-unittests +.endif pre-install: - @${REINPLACE_CMD} -e 's|/etc/suricata|${PREFIX}/etc/suricata|g' ${WRKSRC}/suricata.yaml + @${REINPLACE_CMD} -e 's|/etc/suricata|${CONFIG_DIR}|g' ${WRKSRC}/suricata.yaml post-install: - [ -d ${CONFIG_DIR} ] || ${MKDIR} ${CONFIG_DIR} - [ -d ${RULES_DIR} ] || ${MKDIR} ${RULES_DIR} - [ -d ${LOGS_DIR} ] || ${MKDIR} ${LOGS_DIR} + ${MKDIR} ${STAGEDIR}${CONFIG_DIR} + ${MKDIR} ${STAGEDIR}${RULES_DIR} .for f in ${CONFIG_FILES} - ${INSTALL_DATA} ${WRKSRC}/${f} ${CONFIG_DIR}/${f}-sample - @if [ ! -f ${CONFIG_DIR}/${f} ]; then \ - ${CP} -p ${CONFIG_DIR}/${f}-sample ${CONFIG_DIR}/${f} ; \ - fi + ${INSTALL_DATA} ${WRKSRC}/${f} ${STAGEDIR}${CONFIG_DIR}/${f}-sample .endfor - @${CAT} ${PKGMESSAGE} + +TMPDIR?= /tmp +TESTDIR= ${TMPDIR}/${PORTNAME} + +regression-test: build + ${RM} -rf ${TESTDIR} + ${MKDIR} ${TESTDIR} + cd ${WRKSRC}/src && ./suricata -u -l ${TESTDIR} + ${RM} -rf ${TESTDIR} .include <bsd.port.post.mk> Modified: head/security/suricata/distinfo ============================================================================== --- head/security/suricata/distinfo Sun Nov 17 02:58:44 2013 (r334050) +++ head/security/suricata/distinfo Sun Nov 17 03:09:13 2013 (r334051) @@ -1,2 +1,2 @@ -SHA256 (suricata-1.3.4.tar.gz) = cc1bdf30a8dc013eeac071d623c092bdd0e36609427967e68955b573cff361eb -SIZE (suricata-1.3.4.tar.gz) = 2348824 +SHA256 (suricata-1.4.6.tar.gz) = 5cf5d76dd63d06b993912301edc8afa06f886d0b68740239cc7df49b00800f8e +SIZE (suricata-1.4.6.tar.gz) = 2508956 Modified: head/security/suricata/pkg-plist ============================================================================== --- head/security/suricata/pkg-plist Sun Nov 17 02:58:44 2013 (r334050) +++ head/security/suricata/pkg-plist Sun Nov 17 03:09:13 2013 (r334051) @@ -1,4 +1,33 @@ bin/suricata +%%DOCSDIR%%/AUTHORS +%%DOCSDIR%%/Basic_Setup.txt +%%DOCSDIR%%/CentOS5.txt +%%DOCSDIR%%/CentOS_56_Installation.txt +%%DOCSDIR%%/Debian_Installation.txt +%%DOCSDIR%%/Fedora_Core.txt +%%DOCSDIR%%/FreeBSD_8.txt +%%DOCSDIR%%/GITGUIDE +%%DOCSDIR%%/HTP_library_installation.txt +%%DOCSDIR%%/INSTALL +%%DOCSDIR%%/INSTALL.PF_RING +%%DOCSDIR%%/INSTALL.WINDOWS +%%DOCSDIR%%/Installation_from_GIT_with_PCRE-JIT.txt +%%DOCSDIR%%/Installation_from_GIT_with_PF_RING_on_Ubuntu_server_1104.txt +%%DOCSDIR%%/Installation_with_CUDA_and_PFRING_on_Scientific_Linux_6.txt +%%DOCSDIR%%/Installation_with_CUDA_and_PF_RING_on_Ubuntu_server_1104.txt +%%DOCSDIR%%/Installation_with_CUDA_on_Scientific_Linux_6.txt +%%DOCSDIR%%/Installation_with_CUDA_on_Ubuntu_server_1104.txt +%%DOCSDIR%%/Installation_with_PF_RING.txt +%%DOCSDIR%%/Mac_OS_X_106x.txt +%%DOCSDIR%%/NEWS +%%DOCSDIR%%/OpenBSD_Installation_from_GIT.txt +%%DOCSDIR%%/README +%%DOCSDIR%%/Setting_up_IPSinline_for_Linux.txt +%%DOCSDIR%%/TODO +%%DOCSDIR%%/Third_Party_Installation_Guides.txt +%%DOCSDIR%%/Ubuntu_Installation.txt +%%DOCSDIR%%/Ubuntu_Installation_from_GIT.txt +%%DOCSDIR%%/Windows.txt @unexec if cmp -s %D/etc/suricata/suricata.yaml-sample %D/etc/suricata/suricata.yaml; then rm -f %D/etc/suricata/suricata.yaml; fi etc/suricata/suricata.yaml-sample @exec if [ ! -f %D/etc/suricata/suricata.yaml ] ; then cp -p %D/%F %B/suricata.yaml; fi @@ -9,5 +38,7 @@ etc/suricata/classification.config-sampl etc/suricata/reference.config-sample @exec if [ ! -f %D/etc/suricata/reference.config ] ; then cp -p %D/%F %B/reference.config; fi @dirrmtry etc/suricata/rules +@exec mkdir -p %D/etc/suricata/rules @dirrmtry etc/suricata @unexec if [ -d %D/%%ETCDIR%% ]; then echo "==> If you are permanently removing this port, you should do a ``rm -rf ${PKG_PREFIX}/etc/suricata`` to remove any configuration files left."; fi +@dirrm %%DOCSDIR%%
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201311170309.rAH39DrS094275>