net-analyzer/suricata: remove vulnerable 4.0.4
authorMarek Szuba <marecki@gentoo.org>
Mon, 16 Dec 2019 18:10:25 +0000 (18:10 +0000)
committerMarek Szuba <marecki@gentoo.org>
Mon, 16 Dec 2019 18:10:25 +0000 (18:10 +0000)
Bug: https://bugs.gentoo.org/690196
Bug: https://bugs.gentoo.org/686428
Package-Manager: Portage-2.3.79, Repoman-2.3.16
Signed-off-by: Marek Szuba <marecki@gentoo.org>
net-analyzer/suricata/Manifest
net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch [deleted file]
net-analyzer/suricata/files/suricata-4.0.4_sockios.patch [deleted file]
net-analyzer/suricata/files/suricata-5.0.0-conf [moved from net-analyzer/suricata/files/suricata-4.0.4-conf with 100% similarity]
net-analyzer/suricata/files/suricata-5.0.0-init [moved from net-analyzer/suricata/files/suricata-4.0.4-init with 100% similarity]
net-analyzer/suricata/suricata-4.0.4.ebuild [deleted file]
net-analyzer/suricata/suricata-5.0.0.ebuild

index 72532b86510d50b4c5d3ef7144b3b284deeac906..16a7c6ae7315fa5b74aaacb5205667a16d658ea7 100644 (file)
@@ -1,2 +1 @@
-DIST suricata-4.0.4.tar.gz 12511121 BLAKE2B d9dfb00a45c2e9810409a8ce91a83e23ebce20eb28492bf24f9688d292b5805dca932c39cc673cf1148325fe5ef7936dda7f6c7819605753cb2e2ddc1cf5dba0 SHA512 6e158aa6d3edb9d11e0df3f986392ee2ae49ab4dfb978288ced4484dbe5c08ae061db2a566be6d22cf14bd0b88f87f9cb9c0a657d7fc44e099b8783d933c771e
 DIST suricata-5.0.0.tar.gz 23689051 BLAKE2B 701625d50dacbeb846d7ea1c3aad3980969c1c0124c007d843353fe25b7e579378d2cd125db4660e33fff1f8cf20eac4bbafe280ba6ff31f988fb6c42b29b6aa SHA512 0dc8941fdf29d615531eeda6f6076052cca79fda6dda3c96300c08b343a64a1700fd23dd83a03507009ab7c9b19c91b65ee65e704f55ddee17764b71e9e2911e
diff --git a/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch b/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch
deleted file mode 100644 (file)
index bad6635..0000000
+++ /dev/null
@@ -1,16 +0,0 @@
---- a/configure.ac
-+++ b/configure.ac
-@@ -1749,11 +1749,11 @@
-   # liblua
-     AC_ARG_ENABLE(lua,
-               AS_HELP_STRING([--enable-lua],[Enable Lua support]),
--              [ enable_lua="yes"],
-+              [],
-               [ enable_lua="no"])
-     AC_ARG_ENABLE(luajit,
-               AS_HELP_STRING([--enable-luajit],[Enable Luajit support]),
--              [ enable_luajit="yes"],
-+              [],
-               [ enable_luajit="no"])
-     if test "$enable_lua" = "yes"; then
-         if test "$enable_luajit" = "yes"; then
diff --git a/net-analyzer/suricata/files/suricata-4.0.4_sockios.patch b/net-analyzer/suricata/files/suricata-4.0.4_sockios.patch
deleted file mode 100644 (file)
index a341d9c..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
---- src/source-af-packet.c.orig        2019-09-08 20:50:06.416466432 +0200
-+++ src/source-af-packet.c     2019-09-08 20:53:26.144471385 +0200
-@@ -70,6 +70,10 @@
- #ifdef HAVE_AF_PACKET
-+#ifdef HAVE_LINUX_SOCKIOS_H
-+#include <linux/sockios.h>
-+#endif
-+
- #if HAVE_SYS_IOCTL_H
- #include <sys/ioctl.h>
- #endif
diff --git a/net-analyzer/suricata/suricata-4.0.4.ebuild b/net-analyzer/suricata/suricata-4.0.4.ebuild
deleted file mode 100644 (file)
index 2ea320c..0000000
+++ /dev/null
@@ -1,171 +0,0 @@
-# Copyright 1999-2019 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-
-inherit autotools eutils user
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="https://suricata-ids.org/"
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate lua luajit nflog +nfqueue redis +rules test"
-RESTRICT="!test? ( test )"
-
-DEPEND="
-       >=dev-libs/jansson-2.2
-       dev-libs/libpcre
-       dev-libs/libyaml
-       net-libs/libnet:*
-       net-libs/libnfnetlink
-       dev-libs/nspr
-       dev-libs/nss
-       >=net-libs/libhtp-0.5.20
-       net-libs/libpcap
-       sys-apps/file
-       cuda?       ( dev-util/nvidia-cuda-toolkit )
-       geoip?      ( dev-libs/geoip )
-       lua?        ( dev-lang/lua:* )
-       luajit?     ( dev-lang/luajit:* )
-       nflog?      ( net-libs/libnetfilter_log )
-       nfqueue?    ( net-libs/libnetfilter_queue )
-       redis?      ( dev-libs/hiredis )
-       logrotate?      ( app-admin/logrotate )
-       sys-libs/libcap-ng
-"
-# #446814
-#      prelude?    ( dev-libs/libprelude )
-#      pfring?     ( sys-process/numactl net-libs/pf_ring)
-RDEPEND="${DEPEND}"
-
-pkg_setup() {
-       enewgroup ${PN}
-       enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
-}
-
-src_prepare() {
-       epatch "${FILESDIR}/${P}_configure-lua-flags.patch"
-       epatch "${FILESDIR}/${P}_sockios.patch"
-       sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am"
-       eautoreconf
-}
-
-src_configure() {
-       local myeconfargs=(
-               "--localstatedir=/var/" \
-               "--enable-non-bundled-htp" \
-               $(use_enable af-packet) \
-               $(use_enable detection) \
-               $(use_enable nfqueue) \
-               $(use_enable test coccinelle) \
-               $(use_enable test unittests) \
-               $(use_enable control-socket unix-socket)
-       )
-
-       if use cuda ; then
-               myeconfargs+=( $(use_enable cuda) )
-       fi
-       if use geoip ; then
-               myeconfargs+=( $(use_enable geoip) )
-       fi
-       if use hardened ; then
-               myeconfargs+=( $(use_enable hardened gccprotect) )
-       fi
-       if use nflog ; then
-               myeconfargs+=( $(use_enable nflog) )
-       fi
-       if use redis ; then
-               myeconfargs+=( $(use_enable redis hiredis) )
-       fi
-       # not supported yet (no pfring in portage)
-#      if use pfring ; then
-#              myeconfargs+=( $(use_enable pfring) )
-#      fi
-       # no libprelude in portage
-#      if use prelude ; theng
-#              myeconfargs+=( $(use_enable prelude) )
-#      fi
-       if use lua ; then
-               myeconfargs+=( $(use_enable lua) )
-       fi
-       if use luajit ; then
-               myeconfargs+=( $(use_enable luajit) )
-       fi
-       if (use !lua) && (use !luajit) ; then
-               myeconfargs+=(
-                       --disable-lua
-                       --disable-luajit
-               )
-       fi
-
-# this should be used when pf_ring use flag support will be added
-#      LIBS+="-lrt -lnuma"
-
-       # avoid upstream configure script trying to add -march=native to CFLAGS
-       myeconfargs+=( --enable-gccmarch-native=no )
-
-       if use debug ; then
-               myeconfargs+=( $(use_enable debug) )
-               # so we can get a backtrace according to "reporting bugs" on upstream web site
-               CFLAGS="-ggdb -O0" econf LIBS="${LIBS}" ${myeconfargs[@]}
-       else
-               econf LIBS="${LIBS}" ${myeconfargs[@]}
-       fi
-}
-
-src_install() {
-       emake DESTDIR="${D}" install
-
-       insinto "/etc/${PN}"
-       doins {classification,reference,threshold}.config suricata.yaml
-
-       if use rules ; then
-               insinto "/etc/${PN}/rules"
-               doins rules/*.rules
-       fi
-
-       keepdir "/var/lib/${PN}"
-       keepdir "/var/log/${PN}"
-
-       fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
-       fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
-
-       newinitd "${FILESDIR}/${P}-init" ${PN}
-       newconfd "${FILESDIR}/${P}-conf" ${PN}
-
-       if use logrotate; then
-               insopts -m0644
-               insinto /etc/logrotate.d
-               newins "${FILESDIR}"/${PN}-logrotate ${PN}
-       fi
-}
-
-pkg_postinst() {
-       elog "The ${PN} init script expects to find the path to the configuration"
-       elog "file as well as extra options in /etc/conf.d."
-       elog ""
-       elog "To create more than one ${PN} service, simply create a new .yaml file for it"
-       elog "then create a symlink to the init script from a link called"
-       elog "${PN}.foo - like so"
-       elog "   cd /etc/${PN}"
-       elog "   ${EDITOR##*/} suricata-foo.yaml"
-       elog "   cd /etc/init.d"
-       elog "   ln -s ${PN} ${PN}.foo"
-       elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
-       elog ""
-       elog "You can create as many ${PN}.foo* services as you wish."
-
-       if use logrotate; then
-               elog "You enabled the logrotate USE flag. Please make sure you correctly set up the ${PN} logrotate config file in /etc/logrotate.d/."
-       fi
-
-       if use debug; then
-               elog "You enabled the debug USE flag. Please read this link to report bugs upstream:"
-               elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
-               elog "You need to also ensure the FEATURES variable in make.conf contains the"
-               elog "'nostrip' option to produce useful core dumps or back traces."
-       fi
-}
index 05f328b973b3b37990f045fed77c13b9e982e29d..9701e036e6a16c1bbce490f3823271ea9164bdb1 100644 (file)
@@ -134,8 +134,8 @@ src_install() {
        fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
        fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
 
-       newinitd "${FILESDIR}/${PN}-4.0.4-init" ${PN}
-       newconfd "${FILESDIR}/${PN}-4.0.4-conf" ${PN}
+       newinitd "${FILESDIR}/${PN}-5.0.0-init" ${PN}
+       newconfd "${FILESDIR}/${PN}-5.0.0-conf" ${PN}
        systemd_dounit "${FILESDIR}"/${PN}.service
        systemd_newtmpfilesd "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf