Summary: | security/suricata: update to 3.2.1, HYPERSCAN support, take maintainership | ||||||
---|---|---|---|---|---|---|---|
Product: | Ports & Packages | Reporter: | Franco Fichtner <franco> | ||||
Component: | Individual Port(s) | Assignee: | Mathieu Arnold <mat> | ||||
Status: | Closed FIXED | ||||||
Severity: | Affects Only Me | Flags: | bugzilla:
maintainer-feedback?
(koobs) |
||||
Priority: | --- | ||||||
Version: | Latest | ||||||
Hardware: | Any | ||||||
OS: | Any | ||||||
Attachments: |
|
Hi, This timed out, again. Merges have been stalled numerous times despite several formal and informal conversations and mentions and requests. I'm formally requesting maintainership. The relevant open bugs are: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=210490 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212192 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=214353 In total, this has been going on for a year and I don't think FreeBSD ports should fall behind on Suricata development: not providing new versions lowers the chance of new versions being bug free. Cheers, Franco I added a few libs to the LIB_DEPENDS: ====> Running Q/A tests (stage-qa) Error: /usr/local/bin/suricata is linked to /usr/local/lib/libgnutls.so.30 from security/gnutls but it is not declared as a dependency Warning: you need LIB_DEPENDS+=libgnutls.so:security/gnutls Error: /usr/local/bin/suricata is linked to /usr/local/lib/libgcrypt.so.20 from security/libgcrypt but it is not declared as a dependency Warning: you need LIB_DEPENDS+=libgcrypt.so:security/libgcrypt Error: /usr/local/bin/suricata is linked to /usr/local/lib/libgpg-error.so.0 from security/libgpg-error but it is not declared as a dependency Warning: you need LIB_DEPENDS+=libgpg-error.so:security/libgpg-error Error: /usr/local/bin/suricata is linked to /usr/local/lib/libltdl.so.7 from devel/libltdl but it is not declared as a dependency Warning: you need LIB_DEPENDS+=libltdl.so:devel/libltdl A commit references this bug: Author: mat Date: Sat Mar 4 13:33:21 UTC 2017 New revision: 435392 URL: https://svnweb.freebsd.org/changeset/ports/435392 Log: Update to 0.5.23. PR: 217143 Submitted by: Franco Fichtner Approved by: maintainer timeout Sponsored by: Absolight Changes: head/devel/libhtp/Makefile head/devel/libhtp/distinfo A commit references this bug: Author: mat Date: Sat Mar 4 13:33:25 UTC 2017 New revision: 435393 URL: https://svnweb.freebsd.org/changeset/ports/435393 Log: Update to 3.2.1. Pass maintainership to submitter. PR: 217143 Submitted by: Franco Fichtner Approved by: maintainer timeout Sponsored by: Absolight Changes: head/security/suricata/Makefile head/security/suricata/distinfo head/security/suricata/files/patch-configure.ac head/security/suricata/pkg-plist Thank you. I did not know what the policy on adding these indirect dependencies was. So these should always be added? Cheers, Franco BTW: files/suricata.in.orig needs to be removed. They are not indirect, they are directly linked into it, so they must be added as a dependency: root@10amd64-ports:~ # readelf -d /usr/local/bin/suricata Dynamic section at offset 0x1ef028 contains 36 entries: Tag Type Name/Value 0x0000000000000001 (NEEDED) Shared library: [libprelude.so.23] 0x0000000000000001 (NEEDED) Shared library: [libgnutls.so.30] 0x0000000000000001 (NEEDED) Shared library: [libgcrypt.so.20] 0x0000000000000001 (NEEDED) Shared library: [libgpg-error.so.0] 0x0000000000000001 (NEEDED) Shared library: [libltdl.so.7] 0x0000000000000001 (NEEDED) Shared library: [libmagic.so.4] 0x0000000000000001 (NEEDED) Shared library: [libpcap.so.8] 0x0000000000000001 (NEEDED) Shared library: [libnet.so.1] 0x0000000000000001 (NEEDED) Shared library: [libjansson.so.4] 0x0000000000000001 (NEEDED) Shared library: [libthr.so.3] 0x0000000000000001 (NEEDED) Shared library: [libyaml-0.so.2] 0x0000000000000001 (NEEDED) Shared library: [libpcre.so.1] 0x0000000000000001 (NEEDED) Shared library: [libhtp-0.5.23.so.1] 0x0000000000000001 (NEEDED) Shared library: [libc.so.7] and the first entry for ldd -a: root@10amd64-ports:~ # ldd -a /usr/local/bin/suricata /usr/local/bin/suricata: libprelude.so.23 => /usr/local/lib/libprelude.so.23 (0x800a0e000) libgnutls.so.30 => /usr/local/lib/libgnutls.so.30 (0x800dd9000) libgcrypt.so.20 => /usr/local/lib/libgcrypt.so.20 (0x801146000) libgpg-error.so.0 => /usr/local/lib/libgpg-error.so.0 (0x80144c000) libltdl.so.7 => /usr/local/lib/libltdl.so.7 (0x80165e000) libmagic.so.4 => /usr/lib/libmagic.so.4 (0x801867000) libpcap.so.8 => /lib/libpcap.so.8 (0x801a86000) libnet.so.1 => /usr/local/lib/libnet.so.1 (0x801ccb000) libjansson.so.4 => /usr/local/lib/libjansson.so.4 (0x801ee2000) libthr.so.3 => /lib/libthr.so.3 (0x8020f0000) libyaml-0.so.2 => /usr/local/lib/libyaml-0.so.2 (0x802315000) libpcre.so.1 => /usr/local/lib/libpcre.so.1 (0x802532000) libhtp-0.5.23.so.1 => /usr/local/lib/libhtp-0.5.23.so.1 (0x8027ab000) libc.so.7 => /lib/libc.so.7 (0x8029ca000) It is possible that it is a case of overlinking, and that in this case, gnutls, gcrypt and gpg-error that are dependencies of libprelude should not be directly linked with suricata, and that libprelude needs to be fixed, or something. Understood, thanks for explaining. Nevermind the files/suricata.in.orig weirdness: it was a local problem due to work for another bug. Sorry for the noise. :) Cheers, Franco |
Created attachment 180049 [details] full patch including libhtp port update