From fe2a50c7e44a2448af44aeb09f65d331ee901cda Mon Sep 17 00:00:00 2001
From: "W. Michael Petullo" <mike@flyn.org>
Date: Fri, 2 Mar 2018 16:35:04 -0500
Subject: [PATCH] snort: update to 2.9.11.1

Signed-off-by: W. Michael Petullo <mike@flyn.org>
---
 net/snort/Makefile                         |   4 +-
 net/snort/patches/001-compile.patch        | 161 +++++++++++++++++++--
 net/snort/patches/100-autoconf-fixes.patch |  17 ---
 3 files changed, 152 insertions(+), 30 deletions(-)
 delete mode 100644 net/snort/patches/100-autoconf-fixes.patch

diff --git a/net/snort/Makefile b/net/snort/Makefile
index 33c433d678..b11aba5647 100644
--- a/net/snort/Makefile
+++ b/net/snort/Makefile
@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=snort
-PKG_VERSION:=2.9.7.2
+PKG_VERSION:=2.9.11.1
 PKG_RELEASE:=4
 
 PKG_LICENSE:=GPL-2.0
@@ -17,7 +17,7 @@ PKG_MAINTAINER:=Luka Perkov <luka@openwrt.org>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://www.snort.org/downloads/snort/ \
 	@SF/$(PKG_NAME)
-PKG_HASH:=db57c532919d9ababac127f29dbdc05ed832394880e46cad81a5dde713ccb4be
+PKG_HASH:=9f6b3aeac5a109f55504bd370564ac431cb1773507929dc461626898f33f46cd
 
 PKG_BUILD_DEPENDS:=librpc
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)/$(PKG_NAME)-$(PKG_VERSION)
diff --git a/net/snort/patches/001-compile.patch b/net/snort/patches/001-compile.patch
index 06d283af5d..dff030c207 100644
--- a/net/snort/patches/001-compile.patch
+++ b/net/snort/patches/001-compile.patch
@@ -1,10 +1,7 @@
---- /dev/null
-+++ b/acinclude.m4
-@@ -0,0 +1 @@
-+sinclude(m4/libprelude.m4)
---- a/configure.in
-+++ b/configure.in
-@@ -285,21 +285,7 @@ AC_CHECK_TYPES([int8_t,int16_t,int32_t,i
+diff -u --recursive snort-2.9.11.1-vanilla/configure.in snort-2.9.11.1/configure.in
+--- snort-2.9.11.1-vanilla/configure.in	2018-03-02 15:41:50.601809500 -0500
++++ snort-2.9.11.1/configure.in	2018-03-02 16:19:08.119307772 -0500
+@@ -282,21 +282,7 @@
  AC_CHECK_TYPES([boolean])
  
  # In case INADDR_NONE is not defined (like on Solaris)
@@ -27,10 +24,11 @@
  AC_MSG_RESULT($have_inaddr_none)
  if test "x$have_inaddr_none" = "xno"; then
  	AC_DEFINE([INADDR_NONE],[-1],[For INADDR_NONE definition])
-@@ -433,16 +419,7 @@ if test "x$LPCAP" = "xno"; then
+@@ -428,17 +414,7 @@
+   fi
  fi
  
- AC_MSG_CHECKING([for pcap_lex_destroy])
+-AC_MSG_CHECKING([for pcap_lex_destroy])
 -AC_RUN_IFELSE(
 -[AC_LANG_PROGRAM(
 -[[
@@ -45,7 +43,27 @@
  AC_MSG_RESULT($have_pcap_lex_destroy)
  if test "x$have_pcap_lex_destroy" = "xyes"; then
      AC_DEFINE([HAVE_PCAP_LEX_DESTROY],[1],[Can cleanup lex buffer stack created by pcap bpf filter])
-@@ -727,54 +704,21 @@ if test "x$ac_cv_func_daq_dp_add_dc" = "
+@@ -715,18 +691,7 @@
+ 
+ AC_CHECK_FUNCS([daq_hup_apply] [daq_acquire_with_meta] [daq_dp_add_dc])
+ 
+-AC_MSG_CHECKING([for daq real addresses])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+-   DAQ_PktHdr_t hdr;
+-   hdr.n_real_dPort = 0;
+-]])],
+-[have_daq_real_addresses="yes"],
+-[have_daq_real_addresses="no"])
++have_daq_address_space_id="yes"
+ AC_MSG_RESULT($have_daq_real_addresses)
+ if test "x$have_daq_real_addresses" = "xyes"; then
+     AC_DEFINE([HAVE_DAQ_REAL_ADDRESSES],[1],
+@@ -753,56 +718,21 @@
  
  fi
  
@@ -87,7 +105,89 @@
          [DAQ version supports flow ID in header.])
  fi
  
--AC_MSG_CHECKING([for DAQ_VERDICT_RETRY])
+-AC_MSG_CHECKING([for daq extended flow modifiers])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+-   DAQ_ModFlow_t mod;
+-   mod.type = 0;
+-   mod.length = 0;
+-   mod.value = NULL;
+-]])],
+-[have_daq_ext_modflow="yes"],
+-[have_daq_ext_modflow="no"])
++have_daq_ext_modflow="no"
+ AC_MSG_RESULT($have_daq_ext_modflow)
+ if test "x$have_daq_ext_modflow" = "xyes"; then
+     CCONFIGFLAGS="${CCONFIGFLAGS} -DHAVE_DAQ_EXT_MODFLOW"
+@@ -810,20 +740,7 @@
+         [DAQ version supports extended flow modifiers.])
+ fi
+ 
+-AC_MSG_CHECKING([for daq query flow])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+-   DAQ_QueryFlow_t mod;
+-   mod.type = 0;
+-   mod.length = 0;
+-   mod.value = NULL;
+-]])],
+-[have_daq_queryflow="yes"],
+-[have_daq_queryflow="no"])
++have_daq_queryflow="no"
+ AC_MSG_RESULT($have_daq_queryflow)
+ if test "x$have_daq_queryflow" = "xyes"; then
+     CCONFIGFLAGS="${CCONFIGFLAGS} -DHAVE_DAQ_QUERYFLOW"
+@@ -831,17 +748,7 @@
+         [DAQ version supports query flow.])
+ fi
+ 
+-AC_MSG_CHECKING([for daq data channel flags])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+-   DAQ_Data_Channel_Params_t params;
+-]])],
+-[have_daq_data_channel_flags="yes"],
+-[have_daq_data_channel_flags="no"])
++have_daq_data_channel_flags="no"
+ AC_MSG_RESULT($have_daq_data_channel_flags)
+ if test "x$have_daq_data_channel_flags" = "xyes"; then
+     CCONFIGFLAGS="${CCONFIGFLAGS} -DHAVE_DAQ_DATA_CHANNEL_PARAMS"
+@@ -849,18 +756,7 @@
+         [DAQ version supports data channel.])
+ fi
+ 
+-AC_MSG_CHECKING([for separate IP versions on pinhole endpoints])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+-   DAQ_DP_key_t dpKey;
+-   dpKey.src_af = 0;
+-]])],
+-[have_daq_data_channel_separate_ip_versions="yes"],
+-[have_daq_data_channel_separate_ip_versions="no"])
++have_daq_data_channel_separate_ip_versions="no"
+ AC_MSG_RESULT($have_daq_data_channel_separate_ip_versions)
+ if test "x$have_daq_data_channel_separate_ip_versions" = "xyes"; then
+     CCONFIGFLAGS="${CCONFIGFLAGS} -DHAVE_DAQ_DATA_CHANNEL_SEPARATE_IP_VERSIONS"
+@@ -869,35 +765,14 @@
+ fi
+ 
+ AC_MSG_CHECKING([for DAQ_VERDICT_RETRY])
 -AC_RUN_IFELSE(
 -[AC_LANG_PROGRAM(
 -[[
@@ -103,3 +203,42 @@
  AC_MSG_RESULT($have_daq_verdict_retry)
  if test "x$have_daq_verdict_retry" = "xyes"; then
      AC_DEFINE([HAVE_DAQ_VERDICT_RETRY],[1],
+         [DAQ version supports DAQ_VERDICT_RETRY in DAQ_Verdict.])
+ fi
+ 
+-AC_MSG_CHECKING([for daq packet trace])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+-   DAQ_PktHdr_t hdr;
+-   hdr.flags = DAQ_PKT_FLAG_TRACE_ENABLED;
+-]])],
+-[have_daq_packet_trace="yes"],
+-[have_daq_packet_trace="no"])
++have_daq_packet_trace="no"
+ AC_MSG_RESULT($have_daq_packet_trace)
+ if test "x$have_daq_packet_trace" = "xyes"; then
+     AC_DEFINE([HAVE_DAQ_PKT_TRACE],[1],
+@@ -906,18 +781,7 @@
+     echo "DAQ version doesn't support packet trace."
+ fi
+ 
+-AC_MSG_CHECKING([for daq verdict reason])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+-   DAQ_ModFlow_t fl;
+-   fl.type = DAQ_MODFLOW_TYPE_VER_REASON;
+-]])],
+-[have_daq_verdict_reason="yes"],
+-[have_daq_verdict_reason="no"])
++have_daq_verdict_reason="no"
+ AC_MSG_RESULT($have_daq_verdict_reason)
+ if test "x$have_daq_verdict_reason" = "xyes"; then
+     AC_DEFINE([HAVE_DAQ_VERDICT_REASON],[1],
diff --git a/net/snort/patches/100-autoconf-fixes.patch b/net/snort/patches/100-autoconf-fixes.patch
deleted file mode 100644
index 414c0c1cc1..0000000000
--- a/net/snort/patches/100-autoconf-fixes.patch
+++ /dev/null
@@ -1,17 +0,0 @@
---- a/configure.in
-+++ b/configure.in
-@@ -11,14 +11,6 @@ AM_INIT_AUTOMAKE(snort,2.9.7.2)
- NO_OPTIMIZE="no"
- ADD_WERROR="no"
- 
--# Test for -Werror and sed it out for now since some of the auto tests,
--# for example AC_CHECK_LIB, will fail because of
--# warning: conflicting types for built-in function <func>
--if eval "echo $CFLAGS | grep -e -Werror"; then
--    CFLAGS=`echo $CFLAGS | sed -e "s/-Werror//g"`
--    ADD_WERROR="yes"
--fi
--
- # Disable annoying practice of recursively re-running the autotools
- AM_MAINTAINER_MODE
- AC_PROG_CC_STDC