FreeBSD Bugzilla – Attachment 137083 Details for
Bug 182475
[PATCH] security/bro: Split broccoli library into seperate port, other fixes and improvements
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
patch.txt
patch.txt (text/plain), 14.23 KB, created by
Craig Leres
on 2013-09-29 01:50:00 UTC
(
hide
)
Description:
patch.txt
Filename:
MIME Type:
Creator:
Craig Leres
Created:
2013-09-29 01:50:00 UTC
Size:
14.23 KB
patch
obsolete
>--- Makefile.orig 2013-09-20 21:34:02.000000000 -0700 >+++ Makefile 2013-09-27 15:28:38.000000000 -0700 >@@ -3,7 +3,7 @@ > > PORTNAME= bro > PORTVERSION= 2.1 >-PORTREVISION= 1 >+PORTREVISION= 2 > CATEGORIES= security > MASTER_SITES= http://www.bro-ids.org/downloads/release/ > >@@ -14,32 +14,65 @@ > swig:${PORTSDIR}/devel/swig13 > LIB_DEPENDS= GeoIP:${PORTSDIR}/net/GeoIP > >-USES= cmake perl5 >-CONFIGURE_WRKSRC= ${WRKSRC}/build >-BUILD_WRKSRC= ${CONFIGURE_WRKSRC} >-INSTALL_WRKSRC= ${CONFIGURE_WRKSRC} >+USES= cmake:outsource perl5 >+USE_PYTHON= yes >+ >+SUB_FILES= pkg-message >+NO_MTREE= yes >+ >+.if defined(BRO_PREFIX) >+PREFIX=${BRO_PREFIX} >+PLIST_SUB+= CLEANUP_PREFIX="" >+.else >+PLIST_SUB+= CLEANUP_PREFIX="@comment " >+.endif >+CMAKE_ARGS+= -D CMAKE_INSTALL_PREFIX:PATH=${PREFIX} \ >+ -D BRO_ROOT_DIR:PATH=${PREFIX} \ >+ -D PY_MOD_INSTALL_DIR:PATH=${PREFIX}/lib/broctl \ >+ -D BRO_SCRIPT_INSTALL_PATH:PATH=${PREFIX}/share/bro \ >+ -D BRO_ETC_INSTALL_DIR:PATH=${PREFIX}/etc \ >+ -D ENABLE_PERFTOOLS:BOOL=false \ >+ -D ENABLE_PERFTOOLS_DEBUG:BOOL=false \ >+ -D BinPAC_SKIP_INSTALL:BOOL=true \ >+ -D INSTALL_AUX_TOOLS:BOOL=true \ >+ -D BUILD_SHARED_LIBS:BOOL=true >+ >+OPTIONS_DEFINE= BROCCOLI BROCTL DEBUG IPSUMDUMP LBL_CF LBL_HF PERFTOOLS >+OPTIONS_DEFAULT=BROCCOLI BROCTL LBL_CF LBL_HF > >-OPTIONS_DEFINE= IPV6 LBL_HF LBL_CF ASSERT BROCCOLI >-OPTIONS_DEFAULT=IPV6 LBL_HF LBL_CF >-LBL_HF_DESC= Address to hostname filter support >-LBL_CF_DESC= Unix time to formated time/date filter support > BROCCOLI_DESC= Build support for libbroccoli communications >+BROCTL_DESC= Build BroControl support (requires BROCCOLI) >+DEBUG_DESC= Compile in debugging mode >+IPSUMDUMP_DESC= Enables traffic summaries >+LBL_CF_DESC= Unix time to formated time/date filter support >+LBL_HF_DESC= Address to hostname filter support >+PERFTOOLS_DESC= Use Perftools to improve memory & CPU usage >+ > OPTIONS_EXCLUDE=NLS DOCS > > NO_STAGE= yes > .include <bsd.port.options.mk> > > .if ${PORT_OPTIONS:MBROCCOLI} >-CMAKE_ARGS+= -DINSTALL_BROCCOLI:BOOL=ON \ >- -DDISABLE_PYTHON_BINDINGS:BOOL=ON \ >- -DDISABLE_RUBY_BINDINGS:BOOL=ON >-PLIST_SUB+= BROCCOLI="" >+LIB_DEPENDS+= broccoli:${PORTSDIR}/security/broccoli >+.endif >+ >+.if ${PORT_OPTIONS:MBROCTL} >+.if empty(PORT_OPTIONS:MBROCCOLI) >+IGNORE= the BROCTL option requires BROCCOLI >+.endif >+PLIST_SUB+= BROCTL="" >+USE_LDCONFIG= yes >+CMAKE_ARGS+= -D INSTALL_BROCTL:BOOL=true > .else >-PLIST_SUB+= BROCCOLI="@comment " >+CMAKE_ARGS+= -D INSTALL_BROCTL:BOOL=false >+PLIST_SUB+= BROCTL="@comment " > .endif > >-.if ${PORT_OPTIONS:MIPV6} >-CMAKE_ARGS+= -DBROv6:BOOL=ON >+.if ${PORT_OPTIONS:MDEBUG} >+CMAKE_ARGS+= -D ENABLE_DEBUG:BOOL=true >+.else >+CMAKE_ARGS+= -D ENABLE_DEBUG:BOOL=false > .endif > > .if ${PORT_OPTIONS:MLBL_HF} >@@ -50,12 +83,28 @@ > RUN_DEPENDS+= cf:${PORTSDIR}/sysutils/lbl-cf > .endif > >-.if ${PORT_OPTIONS:MASSERT} >-CMAKE_ARGS+= -DENABLE_DEBUG:BOOL=ON >+.if ${PORT_OPTIONS:MPERFTOOLS} >+CMAKE_ARGS+= -D ENABLE_PERFTOOLS:BOOL=true >+RUN_DEPENDS+= pprof:${PORTSDIR}/devel/google-perftools >+.else >+CMAKE_ARGS+= -D ENABLE_PERFTOOLS:BOOL=false >+.endif >+ >+.if ${PORT_OPTIONS:MIPSUMDUMP} >+RUN_DEPENDS+= ipsumdump:${PORTSDIR}/net/ipsumdump > .endif > >-post-patch: >-# avoid installing .in header file >- ${REINPLACE_CMD} -e '13d' ${WRKSRC}/aux/binpac/lib/CMakeLists.txt >+post-install: >+.if ${PORT_OPTIONS:MBROCTL} >+ @${MKDIR} ${PREFIX}/logs >+.for i in broctl.cfg networks.cfg node.cfg >+ @${MKDIR} ${PREFIX}/etc >+ @if [ ! -f ${PREFIX}/etc/${i} ]; then \ >+ ${CP} ${PREFIX}/etc/${i}.sample ${PREFIX}/etc/${i}; \ >+ fi >+.endfor >+ @${PREFIX}/bin/broctl install >+.endif >+ @${CAT} ${PKGMESSAGE} > > .include <bsd.port.mk> >--- pkg-plist.orig 2013-03-31 04:25:15.000000000 -0700 >+++ pkg-plist 2013-09-27 15:27:29.000000000 -0700 >@@ -1,20 +1,54 @@ >-@comment $FreeBSD: head/security/bro/pkg-plist 315615 2013-03-30 13:47:49Z miwi $ >-bin/binpac > bin/bro >-lib/libbinpac.a >-include/binpac.h >-include/binpac_analyzer.h >-include/binpac_buffer.h >-include/binpac_bytestring.h >-include/binpac_exception.h >-include/binpac_regex.h >-%%BROCCOLI%%bin/broccoli-config >-%%BROCCOLI%%include/broccoli.h >-%%BROCCOLI%%lib/libbinpac.a >-%%BROCCOLI%%lib/libbroccoli.a >-%%BROCCOLI%%lib/libbroccoli.so >-%%BROCCOLI%%lib/libbroccoli.so.5 >-%%BROCCOLI%%lib/libbroccoli.so.5.1.0 >+bin/bro-cut >+@exec mkdir -p %D/etc >+@exec mkdir -p %D/logs >+%%BROCTL%%bin/broctl >+%%BROCTL%%bin/capstats >+%%BROCTL%%bin/trace-summary >+%%BROCTL%%@unexec if cmp -s %D/etc/broctl.cfg.sample %D/etc/broctl.cfg ; then rm -f %D/etc/broctl.cfg; fi >+%%BROCTL%%etc/broctl.cfg.sample >+%%BROCTL%%@exec if [ ! -f %D/etc/broctl.cfg ] ; then cp -p %D/etc/broctl.cfg.sample %D/etc/broctl.cfg; fi >+%%BROCTL%%@unexec if cmp -s %D/etc/networks.cfg.sample %D/etc/networks.cfg ; then rm -f %D/etc/networks.cfg; fi >+%%BROCTL%%etc/networks.cfg.sample >+%%BROCTL%%@exec if [ ! -f %D/etc/networks.cfg ] ; then cp -p %D/etc/networks.cfg.sample %D/etc/networks.cfg; fi >+%%BROCTL%%@unexec if cmp -s %D/etc/node.cfg.sample %D/etc/node.cfg ; then rm -f %D/etc/node.cfg; fi >+%%BROCTL%%etc/node.cfg.sample >+%%BROCTL%%@exec if [ ! -f %D/etc/node.cfg ] ; then cp -p %D/etc/node.cfg.sample %D/etc/node.cfg; fi >+%%BROCTL%%lib/broctl/BroControl/__init__.py >+%%BROCTL%%lib/broctl/BroControl/__init__.pyc >+%%BROCTL%%lib/broctl/BroControl/config.py >+%%BROCTL%%lib/broctl/BroControl/config.pyc >+%%BROCTL%%lib/broctl/BroControl/control.py >+%%BROCTL%%lib/broctl/BroControl/control.pyc >+%%BROCTL%%lib/broctl/BroControl/cron.py >+%%BROCTL%%lib/broctl/BroControl/cron.pyc >+%%BROCTL%%lib/broctl/BroControl/doc.py >+%%BROCTL%%lib/broctl/BroControl/doc.pyc >+%%BROCTL%%lib/broctl/BroControl/execute.py >+%%BROCTL%%lib/broctl/BroControl/execute.pyc >+%%BROCTL%%lib/broctl/BroControl/install.py >+%%BROCTL%%lib/broctl/BroControl/install.pyc >+%%BROCTL%%lib/broctl/BroControl/node.py >+%%BROCTL%%lib/broctl/BroControl/node.pyc >+%%BROCTL%%lib/broctl/BroControl/options.py >+%%BROCTL%%lib/broctl/BroControl/options.pyc >+%%BROCTL%%lib/broctl/BroControl/plugin.py >+%%BROCTL%%lib/broctl/BroControl/plugin.pyc >+%%BROCTL%%lib/broctl/BroControl/pluginreg.py >+%%BROCTL%%lib/broctl/BroControl/pluginreg.pyc >+%%BROCTL%%lib/broctl/BroControl/util.py >+%%BROCTL%%lib/broctl/BroControl/util.pyc >+%%BROCTL%%lib/broctl/SubnetTree.py >+%%BROCTL%%@unexec rm -f %D/lib/broctl/SubnetTree.pyc >+%%BROCTL%%lib/broctl/_SubnetTree.so >+%%BROCTL%%lib/broctl/plugins/TestPlugin.py >+%%BROCTL%%lib/broctl/plugins/TestPlugin.pyc >+%%BROCTL%%lib/broctl/plugins/lb_myricom.py >+%%BROCTL%%lib/broctl/plugins/lb_myricom.pyc >+%%BROCTL%%lib/broctl/plugins/lb_pf_ring.py >+%%BROCTL%%lib/broctl/plugins/lb_pf_ring.pyc >+%%BROCTL%%lib/broctl/plugins/ps.py >+%%BROCTL%%lib/broctl/plugins/ps.pyc > %%DATADIR%%/base/bro.bif.bro > %%DATADIR%%/base/const.bif.bro > %%DATADIR%%/base/event.bif.bro >@@ -127,6 +161,12 @@ > %%DATADIR%%/base/utils/site.bro > %%DATADIR%%/base/utils/strings.bro > %%DATADIR%%/base/utils/thresholds.bro >+%%BROCTL%%%%DATADIR%%/broctl/__load__.bro >+%%BROCTL%%%%DATADIR%%/broctl/auto.bro >+%%BROCTL%%%%DATADIR%%/broctl/check.bro >+%%BROCTL%%%%DATADIR%%/broctl/main.bro >+%%BROCTL%%%%DATADIR%%/broctl/process-trace.bro >+%%BROCTL%%%%DATADIR%%/broctl/standalone.bro > %%DATADIR%%/policy/frameworks/communication/listen.bro > %%DATADIR%%/policy/frameworks/control/controllee.bro > %%DATADIR%%/policy/frameworks/control/controller.bro >@@ -186,6 +226,70 @@ > %%DATADIR%%/site/local-proxy.bro > %%DATADIR%%/site/local-worker.bro > %%DATADIR%%/site/local.bro >+%%BROCTL%%%%DATADIR%%ctl/scripts/archive-log >+%%BROCTL%%%%DATADIR%%ctl/scripts/broctl-config.sh >+%%BROCTL%%%%DATADIR%%ctl/scripts/cflow-stats >+%%BROCTL%%%%DATADIR%%ctl/scripts/check-config >+%%BROCTL%%%%DATADIR%%ctl/scripts/crash-diag >+%%BROCTL%%%%DATADIR%%ctl/scripts/create-link-for-log >+%%BROCTL%%%%DATADIR%%ctl/scripts/delete-log >+%%BROCTL%%%%DATADIR%%ctl/scripts/expire-logs >+%%BROCTL%%%%DATADIR%%ctl/scripts/fmt-time >+%%BROCTL%%%%DATADIR%%ctl/scripts/get-prof-log >+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/cat-file >+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/check-pid >+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/df >+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/exists >+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/gdb-attach >+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/get-childs >+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/is-dir >+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/rmdir >+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/run-cmd >+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/start >+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/stop >+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/to-bytes.awk >+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/top >+%%BROCTL%%%%DATADIR%%ctl/scripts/is-alive >+%%BROCTL%%%%DATADIR%%ctl/scripts/local-interfaces >+%%BROCTL%%%%DATADIR%%ctl/scripts/mail-contents >+%%BROCTL%%%%DATADIR%%ctl/scripts/make-archive-name >+%%BROCTL%%%%DATADIR%%ctl/scripts/post-terminate >+%%BROCTL%%%%DATADIR%%ctl/scripts/postprocessors/summarize-connections >+%%BROCTL%%%%DATADIR%%ctl/scripts/remove-link-for-log >+%%BROCTL%%%%DATADIR%%ctl/scripts/remove-log >+%%BROCTL%%%%DATADIR%%ctl/scripts/run-bro >+%%BROCTL%%%%DATADIR%%ctl/scripts/run-bro-on-trace >+%%BROCTL%%%%DATADIR%%ctl/scripts/send-mail >+%%BROCTL%%%%DATADIR%%ctl/scripts/set-bro-path >+%%BROCTL%%%%DATADIR%%ctl/scripts/stat-ctime >+%%BROCTL%%%%DATADIR%%ctl/scripts/stats-to-csv >+%%BROCTL%%%%DATADIR%%ctl/scripts/update >+%%BROCTL%%%%DATADIR%%ctl/scripts/update-stats >+%%BROCTL%%@dirrm %%DATADIR%%ctl/scripts/postprocessors >+%%BROCTL%%@dirrm %%DATADIR%%ctl/scripts/helpers >+%%BROCTL%%@dirrm %%DATADIR%%ctl/scripts >+%%BROCTL%%@dirrm %%DATADIR%%ctl >+%%BROCTL%%@unexec rm -f %D/spool/broctl-config.sh >+%%BROCTL%%@unexec rm -f %D/spool/broctl.dat >+%%BROCTL%%@unexec rm -f %D/logs/current >+%%BROCTL%%@unexec rm -f %D/spool/installed-scripts-do-not-touch/auto/broctl-config.bro >+%%BROCTL%%@unexec rm -f %D/spool/installed-scripts-do-not-touch/auto/local-networks.bro >+%%BROCTL%%@unexec rm -f %D/spool/installed-scripts-do-not-touch/auto/standalone-layout.bro >+%%BROCTL%%@unexec rm -f %D/spool/installed-scripts-do-not-touch/site/local-manager.bro >+%%BROCTL%%@unexec rm -f %D/spool/installed-scripts-do-not-touch/site/local-proxy.bro >+%%BROCTL%%@unexec rm -f %D/spool/installed-scripts-do-not-touch/site/local-worker.bro >+%%BROCTL%%@unexec rm -f %D/spool/installed-scripts-do-not-touch/site/local.bro >+%%BROCTL%%@dirrmtry spool/tmp >+%%BROCTL%%@dirrmtry spool/scripts >+%%BROCTL%%@dirrmtry spool/logs >+%%BROCTL%%@dirrm spool/installed-scripts-do-not-touch/site >+%%BROCTL%%@dirrm spool/installed-scripts-do-not-touch/auto >+%%BROCTL%%@dirrm spool/installed-scripts-do-not-touch >+%%BROCTL%%@dirrm spool >+%%BROCTL%%@dirrm %%DATADIR%%/broctl >+%%BROCTL%%@dirrm lib/broctl/plugins >+%%BROCTL%%@dirrm lib/broctl/BroControl >+%%BROCTL%%@dirrm lib/broctl > @dirrm %%DATADIR%%/site > @dirrm %%DATADIR%%/policy/tuning/defaults > @dirrm %%DATADIR%%/policy/tuning >@@ -244,3 +348,11 @@ > @dirrm %%DATADIR%%/base/frameworks > @dirrm %%DATADIR%%/base > @dirrm %%DATADIR%% >+%%CLEANUP_PREFIX%%@dirrmtry share >+@dirrmtry logs >+%%CLEANUP_PREFIX%%@dirrmtry lib >+%%CLEANUP_PREFIX%%@dirrmtry include >+%%CLEANUP_PREFIX%%@dirrmtry etc >+%%CLEANUP_PREFIX%%@dirrmtry bin >+%%CLEANUP_PREFIX%%@dirrmtry %D >+%%BROCTL%%@exec %D/bin/broctl install >--- /dev/null 2013-09-28 17:17:11.000000000 -0700 >+++ files/patch-CMakeLists.txt 2013-09-27 15:27:07.000000000 -0700 >@@ -0,0 +1,20 @@ >+--- CMakeLists.txt.orig 2013-03-12 19:08:46.000000000 -0700 >++++ CMakeLists.txt 2013-03-12 19:09:12.000000000 -0700 >+@@ -187,7 +187,7 @@ >+ >+ CheckOptionalBuildSources(aux/broctl Broctl INSTALL_BROCTL) >+ CheckOptionalBuildSources(aux/bro-aux Bro-Aux INSTALL_AUX_TOOLS) >+-CheckOptionalBuildSources(aux/broccoli Broccoli INSTALL_BROCCOLI) >++#CheckOptionalBuildSources(aux/broccoli Broccoli INSTALL_BROCCOLI) >+ >+ ######################################################################## >+ ## Packaging Setup >+@@ -225,7 +225,7 @@ >+ "\nCXXFLAGS: ${CMAKE_CXX_FLAGS} ${CMAKE_CXX_FLAGS_${BuildType}}" >+ "\nCPP: ${CMAKE_CXX_COMPILER}" >+ "\n" >+- "\nBroccoli: ${INSTALL_BROCCOLI}" >++# "\nBroccoli: ${INSTALL_BROCCOLI}" >+ "\nBroctl: ${INSTALL_BROCTL}" >+ "\nAux. Tools: ${INSTALL_AUX_TOOLS}" >+ "\n" >--- /dev/null 2013-09-28 17:17:11.000000000 -0700 >+++ files/patch-aux-broctl-CMakeLists.txt 2013-09-27 15:27:07.000000000 -0700 >@@ -0,0 +1,21 @@ >+--- aux/broctl/CMakeLists.txt.orig 2012-07-20 07:00:08.000000000 -0700 >++++ aux/broctl/CMakeLists.txt 2013-09-26 19:39:22.000000000 -0700 >+@@ -209,15 +209,15 @@ >+ InstallPackageConfigFile( >+ ${CMAKE_CURRENT_BINARY_DIR}/etc/broctl.cfg >+ ${ETC} >+- broctl.cfg) >++ broctl.cfg.sample) >+ InstallPackageConfigFile( >+ ${CMAKE_CURRENT_SOURCE_DIR}/etc/networks.cfg >+ ${ETC} >+- networks.cfg) >++ networks.cfg.sample) >+ InstallPackageConfigFile( >+ ${CMAKE_CURRENT_SOURCE_DIR}/etc/node.cfg >+ ${ETC} >+- node.cfg) >++ node.cfg.sample) >+ >+ ######################################################################## >+ ## Packaging Setup >--- /dev/null 2013-09-28 17:17:11.000000000 -0700 >+++ files/patch-aux-broctl-etc-broctl.cfg.in 2013-09-27 15:27:07.000000000 -0700 >@@ -0,0 +1,14 @@ >+--- aux/broctl/etc/broctl.cfg.in.orig 2013-09-27 00:02:53.000000000 -0700 >++++ aux/broctl/etc/broctl.cfg.in 2013-09-27 00:03:10.000000000 -0700 >+@@ -32,3 +32,11 @@ >+ >+ # Logs debug information into spool/debug.log. >+ # Debug = 1 >++ >++# >++# Work around to avoid race-condition where broctl deletes the >++# spool/bro directory before all the logs are archived. >++# >++# https://bro-tracker.atlassian.net/browse/BIT-970?jql=text%20~%20%22%23970%22 >++# >++TraceSummary="" >--- /dev/null 2013-09-28 17:17:11.000000000 -0700 >+++ files/patch-src-Expr.cc 2013-09-27 15:27:07.000000000 -0700 >@@ -0,0 +1,11 @@ >+--- src/Expr.cc.orig 2013-09-21 12:56:00.000000000 -0700 >++++ src/Expr.cc 2013-09-21 12:56:38.000000000 -0700 >+@@ -2389,7 +2389,7 @@ >+ if ( IsError() ) >+ return; >+ >+- if ( ! is_assignable(op->Type()) ) >++ if ( ! ::is_assignable(op->Type()) ) >+ ExprError("illegal assignment target"); >+ else >+ SetType(op->Type()->Ref()); >--- /dev/null 2013-09-28 17:17:11.000000000 -0700 >+++ files/pkg-message.in 2013-09-27 15:27:07.000000000 -0700 >@@ -0,0 +1,10 @@ >+********************PLEASE NOTE!!!*************************** >+ >+During deinstall of this package, the cfg files for broctl >+are not deleted if you have edited them. Instead >+the software will create a .sample file instead and the >+edited files will remain in place when you upgrade. If you >+want to delete them, you have to delete them and the directory, >+%%PREFIX%%/etc/bro manually. >+ >+********************PLEASE NOTE!!!***************************
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=137083">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 182475
: 137083 |
137084