Bug 217143
| Summary: | security/suricata: update to 3.2.1, HYPERSCAN support, take maintainership | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Franco Fichtner <franco> | ||||
| Component: | Individual Port(s) | Assignee: | Mathieu Arnold <mat> | ||||
| Status: | Closed FIXED | ||||||
| Severity: | Affects Only Me | Flags: | bugzilla:
maintainer-feedback?
(koobs) |
||||
| Priority: | --- | ||||||
| Version: | Latest | ||||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| Attachments: |
|
||||||
Hi, This timed out, again. Merges have been stalled numerous times despite several formal and informal conversations and mentions and requests. I'm formally requesting maintainership. The relevant open bugs are: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=210490 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212192 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=214353 In total, this has been going on for a year and I don't think FreeBSD ports should fall behind on Suricata development: not providing new versions lowers the chance of new versions being bug free. Cheers, Franco I added a few libs to the LIB_DEPENDS: ====> Running Q/A tests (stage-qa) Error: /usr/local/bin/suricata is linked to /usr/local/lib/libgnutls.so.30 from security/gnutls but it is not declared as a dependency Warning: you need LIB_DEPENDS+=libgnutls.so:security/gnutls Error: /usr/local/bin/suricata is linked to /usr/local/lib/libgcrypt.so.20 from security/libgcrypt but it is not declared as a dependency Warning: you need LIB_DEPENDS+=libgcrypt.so:security/libgcrypt Error: /usr/local/bin/suricata is linked to /usr/local/lib/libgpg-error.so.0 from security/libgpg-error but it is not declared as a dependency Warning: you need LIB_DEPENDS+=libgpg-error.so:security/libgpg-error Error: /usr/local/bin/suricata is linked to /usr/local/lib/libltdl.so.7 from devel/libltdl but it is not declared as a dependency Warning: you need LIB_DEPENDS+=libltdl.so:devel/libltdl A commit references this bug: Author: mat Date: Sat Mar 4 13:33:21 UTC 2017 New revision: 435392 URL: https://svnweb.freebsd.org/changeset/ports/435392 Log: Update to 0.5.23. PR: 217143 Submitted by: Franco Fichtner Approved by: maintainer timeout Sponsored by: Absolight Changes: head/devel/libhtp/Makefile head/devel/libhtp/distinfo A commit references this bug: Author: mat Date: Sat Mar 4 13:33:25 UTC 2017 New revision: 435393 URL: https://svnweb.freebsd.org/changeset/ports/435393 Log: Update to 3.2.1. Pass maintainership to submitter. PR: 217143 Submitted by: Franco Fichtner Approved by: maintainer timeout Sponsored by: Absolight Changes: head/security/suricata/Makefile head/security/suricata/distinfo head/security/suricata/files/patch-configure.ac head/security/suricata/pkg-plist Thank you. I did not know what the policy on adding these indirect dependencies was. So these should always be added? Cheers, Franco BTW: files/suricata.in.orig needs to be removed. They are not indirect, they are directly linked into it, so they must be added as a dependency:
root@10amd64-ports:~ # readelf -d /usr/local/bin/suricata
Dynamic section at offset 0x1ef028 contains 36 entries:
Tag Type Name/Value
0x0000000000000001 (NEEDED) Shared library: [libprelude.so.23]
0x0000000000000001 (NEEDED) Shared library: [libgnutls.so.30]
0x0000000000000001 (NEEDED) Shared library: [libgcrypt.so.20]
0x0000000000000001 (NEEDED) Shared library: [libgpg-error.so.0]
0x0000000000000001 (NEEDED) Shared library: [libltdl.so.7]
0x0000000000000001 (NEEDED) Shared library: [libmagic.so.4]
0x0000000000000001 (NEEDED) Shared library: [libpcap.so.8]
0x0000000000000001 (NEEDED) Shared library: [libnet.so.1]
0x0000000000000001 (NEEDED) Shared library: [libjansson.so.4]
0x0000000000000001 (NEEDED) Shared library: [libthr.so.3]
0x0000000000000001 (NEEDED) Shared library: [libyaml-0.so.2]
0x0000000000000001 (NEEDED) Shared library: [libpcre.so.1]
0x0000000000000001 (NEEDED) Shared library: [libhtp-0.5.23.so.1]
0x0000000000000001 (NEEDED) Shared library: [libc.so.7]
and the first entry for ldd -a:
root@10amd64-ports:~ # ldd -a /usr/local/bin/suricata
/usr/local/bin/suricata:
libprelude.so.23 => /usr/local/lib/libprelude.so.23 (0x800a0e000)
libgnutls.so.30 => /usr/local/lib/libgnutls.so.30 (0x800dd9000)
libgcrypt.so.20 => /usr/local/lib/libgcrypt.so.20 (0x801146000)
libgpg-error.so.0 => /usr/local/lib/libgpg-error.so.0 (0x80144c000)
libltdl.so.7 => /usr/local/lib/libltdl.so.7 (0x80165e000)
libmagic.so.4 => /usr/lib/libmagic.so.4 (0x801867000)
libpcap.so.8 => /lib/libpcap.so.8 (0x801a86000)
libnet.so.1 => /usr/local/lib/libnet.so.1 (0x801ccb000)
libjansson.so.4 => /usr/local/lib/libjansson.so.4 (0x801ee2000)
libthr.so.3 => /lib/libthr.so.3 (0x8020f0000)
libyaml-0.so.2 => /usr/local/lib/libyaml-0.so.2 (0x802315000)
libpcre.so.1 => /usr/local/lib/libpcre.so.1 (0x802532000)
libhtp-0.5.23.so.1 => /usr/local/lib/libhtp-0.5.23.so.1 (0x8027ab000)
libc.so.7 => /lib/libc.so.7 (0x8029ca000)
It is possible that it is a case of overlinking, and that in this case, gnutls, gcrypt and gpg-error that are dependencies of libprelude should not be directly linked with suricata, and that libprelude needs to be fixed, or something.
Understood, thanks for explaining. Nevermind the files/suricata.in.orig weirdness: it was a local problem due to work for another bug. Sorry for the noise. :) Cheers, Franco |
Created attachment 180049 [details] full patch including libhtp port update