Bug 254579

Summary: security/suricata: update to 5.0.6
Product: Ports & Packages Reporter: Franco Fichtner <franco>
Component: Individual Port(s)Assignee: Rainer Hurling <rhurlin>
Status: Closed FIXED    
Severity: Affects Only Me CC: franco, rhurlin
Priority: --- Flags: franco: maintainer-feedback+
Version: Latest   
Hardware: Any   
OS: Any   
URL: https://suricata-ids.org/2021/03/02/suricata-6-0-2-and-5-0-6-released/
Attachments:
Description Flags
Update to 5.0.6
franco: maintainer-approval+
suricata patch with some additions
none
suricata patch with some additions v2 rhurlin: maintainer-approval+

Description Franco Fichtner 2021-03-26 13:07:25 UTC
Created attachment 223610 [details]
Update to 5.0.6

Hi,

Small stable update for suricata.  I'm working on the update to version 6.0.2 at the moment but that should wait for after quarterly switch.


Cheers,
Franco
Comment 1 Rainer Hurling freebsd_committer freebsd_triage 2021-03-28 19:00:27 UTC
Created attachment 223671 [details]
suricata patch with some additions

Hi Franco,

thanks for your patch. I tested a bit on Poudriere and in a real life box and it turns out, that some refinements are needed:

- LUA_CONFIGURE_ON had an unnecessary backslash at the end of the line
- REDIS_LIB_DEPENDS had a missing dependency libevent_pthreads.so:devel/libevent
- Some missing manpages in pkg-plist

I prepared a renewed patch (see attachment). Could you please have a look at this patch and try out, if it works for you?

If it is ok for you, I would like to commit the patch.
Comment 2 Franco Fichtner 2021-03-29 06:57:47 UTC
Hi Rainer,

Thanks for taking care of this!

Trailing backslashes seem to be an artefact of 252571 so nice catch.

As for libpcap dependency I'm not sure where this comes from since we have a non-default PORTS_PCAP option that is supposed to link to it. If anything it should use the base pcap library? Locally for me it does...

# ldd /usr/local/bin/suricata
/usr/local/bin/suricata:
	[...]
	libpcap.so.8 => /lib/libpcap.so.8 (0x43c4b601000)

The manual page additions require %%PTYHON%% prefix.


Cheers,
Franco
Comment 3 Rainer Hurling freebsd_committer freebsd_triage 2021-03-30 14:08:27 UTC
Created attachment 223711 [details]
suricata patch with some additions v2

Thanks for your detailed answer.

> As for libpcap dependency I'm not sure where this comes from since
> we have a non-default PORTS_PCAP option that is supposed to link
> to it. If anything it should use the base pcap library? Locally
> for me it does...
I was missleaded by the following output, if I tested with disabled PORTS_PCAP option and 'DEVELOPER=yes' in /etc/make.conf:

Error: /usr/local/bin/suricata is linked to /usr/local/lib/libpcap.so.1 from net/libpcap but it is not declared as a dependency
Warning: you need LIB_DEPENDS+=libpcap.so:net/libpcap

It seems to be a false positive. All is fine, build with base PCAP or the ports one. So I suggest to not change anythink about it in your Makefile ;)


> The manual page additions require %%PTYHON%% prefix.
Nice catch from your side ;)


I attached a new patch with all corrections. Should I commit this one?
Comment 4 Franco Fichtner 2021-03-30 14:10:16 UTC
Looks good now, thanks in advance! :)
Comment 5 commit-hook freebsd_committer freebsd_triage 2021-03-30 14:13:39 UTC
A commit references this bug:

Author: rhurlin
Date: Tue Mar 30 14:13:08 UTC 2021
New revision: 569557
URL: https://svnweb.freebsd.org/changeset/ports/569557

Log:
  security/suricata: Update to 5.0.6

  Changelog: https://redmine.openinfosecfoundation.org/versions/164

  PR:		254579
  Submitted by:	Franco Fichtner <franco@opnsense.org> (maintainer)

Changes:
  head/security/suricata/Makefile
  head/security/suricata/distinfo
  head/security/suricata/pkg-plist
Comment 6 Rainer Hurling freebsd_committer freebsd_triage 2021-03-30 14:14:52 UTC
Committed, thanks :)