Bug 275008

Summary: security/wazuh-agent: fix ssl=openssl build
Product: Ports & Packages Reporter: Franco Fichtner <franco>
Component: Individual Port(s)Assignee: Jose Alonso Cardenas Marquez <acm>
Status: Closed FIXED    
Severity: Affects Only Me Flags: bugzilla: maintainer-feedback? (acm)
Priority: ---    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
header include fix in Makefile none

Description Franco Fichtner 2023-11-10 09:36:47 UTC 
Created attachment 246230 [details]
header include fix in Makefile

Hi,

The native build uses embedded OpenSSL but fails to propagate embedded library include paths before the system paths are merged leading wazuh-agent to build against the headers in /usr/local/include which includes OpenSSL on ssl=openssl* use.  for ssl=openssl111 this is not overly harmful since the the headers match the expectations, but for ssl=openssl the faulty headers will cause a linker error eventually.  The solution is to enforce OSSEC_CFLAGS early for all the embedded code.

The patch includes "makepatch" output for unrelated files.  These can obviously be left out if desired.

Note this is an upstream issue in their Makefile and should probably be addressed by them as well.


Cheers,
Franco
Comment 1 Jose Alonso Cardenas Marquez freebsd_committer freebsd_triage 2023-12-09 17:13:52 UTC 
Hello, I'll include this on next version of wazuh (I'm working on it right now)
Comment 2 commit-hook freebsd_committer freebsd_triage 2023-12-16 21:37:43 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=abaf8dc39cc35be6d2e861a4245c6367c1aa1234

commit abaf8dc39cc35be6d2e861a4245c6367c1aa1234
Author:     Jose Alonso Cardenas Marquez <acm@FreeBSD.org>
AuthorDate: 2023-12-16 21:30:51 +0000
Commit:     Jose Alonso Cardenas Marquez <acm@FreeBSD.org>
CommitDate: 2023-12-16 21:36:43 +0000

    security/wazuh: Update to 4.7.0

    - Fix ssl=openssl build [1]
    - Fix permissions of backup/db directory. Now backup are generated without
      problems
    - Add support for get ports info
    - Add support for get processes info
    - Add a better way for get memory info
    - Add new decoders and rules files (https://github.com/alonsobsd/wazuh-freebsd)
    - Update FreeBSD sca files (https://github.com/alonsobsd/wazuh-freebsd)
    - Minor changes to SysInfo::getPackages function
    - Another minor modifications
    PR:             275008
    Reported by:    franco _at_ opnsense.org [1]

 security/wazuh-agent/Makefile                      |   2 +-
 security/wazuh-agent/distinfo                      |  78 +--
 security/wazuh-agent/files/patch-src-Makefile      |  35 +-
 ...-src-data_provider-src_sysInfoFreeBSD.cpp (new) | 259 ++++++++
 ...h-src-shared_modules-utils_stringHelper.h (new) |  40 ++
 ...tch-src-shared_modules-utils_timeHelper.h (new) |  24 +
 security/wazuh-dashboard/Makefile                  |   4 +-
 security/wazuh-dashboard/distinfo                  |  10 +-
 security/wazuh-dashboard/pkg-plist                 |  35 +-
 security/wazuh-indexer/Makefile                    |  13 +-
 security/wazuh-indexer/distinfo                    |   6 +-
 security/wazuh-manager/Makefile                    |  11 +-
 security/wazuh-manager/distinfo                    | 118 ++--
 ...-src-data_provider-src_sysInfoFreeBSD.cpp (new) | 259 ++++++++
 ...h-src-shared_modules-utils_stringHelper.h (new) |  40 ++
 ...tch-src-shared_modules-utils_timeHelper.h (new) |  24 +
 security/wazuh-manager/files/patch-src_Makefile    |  34 +-
 security/wazuh-manager/files/pkg-message.in        |   9 +-
 security/wazuh-manager/pkg-plist                   | 710 +++++++++++----------
 security/wazuh-server/Makefile                     |   8 +-
 security/wazuh-server/distinfo                     |  18 +-
 security/wazuh-server/pkg-plist                    |   3 +
 22 files changed, 1213 insertions(+), 527 deletions(-)
Comment 3 Jose Alonso Cardenas Marquez freebsd_committer freebsd_triage 2023-12-16 21:40:09 UTC 
Committed thanks!