Merge pull request #16062 from miska/snort3

snort3: Backport update to the stable version
2021-07-14 19:23:31 -07:00 · 2021-07-14 19:23:31 -07:00 · d617e7b143
parent 192aea109a dc621a9b19
commit d617e7b143
5 changed files with 99 additions and 81 deletions
--- a/libs/libdaq3/Makefile
+++ b/libs/libdaq3/Makefile
@ -0,0 +1,66 @@
+#
+# Copyright (C) 2012-2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=libdaq3
+PKG_VERSION:=3.0.0
+PKG_RELEASE:=2
+
+PKG_SOURCE:=libdaq-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://www.snort.org/downloads/snortplus/
+PKG_HASH:=4de807ab8c622e9ef8e0cfaa8dbd9231ece17d14dc9ebaa63add800475347b99
+PKG_BUILD_DIR:=$(BUILD_DIR)/libdaq-$(PKG_VERSION)
+
+PKG_LICENSE:=GPL-2.0-only
+PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
+
+PKG_FIXUP:=autoreconf
+PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/libdaq3
+  SECTION:=libs
+  CATEGORY:=Libraries
+  TITLE:=DAQ library
+  URL:=$(PKG_SOURCE_URL)
+  DEPENDS:=+libdnet +libpcap +libstdcpp
+endef
+
+define Package/libdaq3/description
+ Data Acquisition library for packet I/O.
+endef
+
+CONFIGURE_ARGS+= \
+	--disable-static \
+	--disable-nfq-module \
+	--with-dnet-includes="$(STAGING_DIR)/usr/include" \
+	--with-dnet-libraries="$(STAGING_DIR)/usr/lib" \
+	--with-libpcap-includes="$(STAGING_DIR)/usr/include" \
+	--with-libpcap-libraries="$(STAGING_DIR)/usr/lib" \
+
+define Build/InstallDev
+	$(INSTALL_DIR) $(STAGING_DIR)/usr/include/daq3
+	$(CP) $(PKG_INSTALL_DIR)/usr/include/. $(STAGING_DIR)/usr/include/daq3/
+	$(INSTALL_DIR) $(STAGING_DIR)/usr/lib/daq3
+	$(CP) $(PKG_INSTALL_DIR)/usr/lib/lib* $(STAGING_DIR)/usr/lib/daq3/
+	$(INSTALL_DIR) $(STAGING_DIR)/usr/lib/daq3/daq
+	$(CP) $(PKG_INSTALL_DIR)/usr/lib/daq/* $(STAGING_DIR)/usr/lib/daq3/daq/
+endef
+
+define Package/libdaq3/install
+	$(INSTALL_DIR) $(1)/usr/lib
+	$(CP) $(PKG_INSTALL_DIR)/usr/lib/*.so* $(1)/usr/lib/
+	$(INSTALL_DIR) $(1)/usr/lib/daq
+	$(CP) $(PKG_INSTALL_DIR)/usr/lib/daq/*.so* $(1)/usr/lib/daq/
+	$(INSTALL_DIR) $(1)/usr/bin
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/
+endef
+
+$(eval $(call BuildPackage,libdaq3))
--- a/net/snort3/Makefile
+++ b/net/snort3/Makefile
@ -6,21 +6,20 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=snort3
-PKG_VERSION:=3.0.0-beta
-PKG_VERSION_SHORT:=3.0.0
-PKG_RELEASE:=3
+PKG_VERSION:=3.1.0.0
+PKG_RELEASE:=2
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://www.snort.org/downloads/snortplus/
+PKG_HASH:=c4e2e78e3afa879d7e35e482afe42a6c4b96ed26198a9979edf7953b5151ccbf
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)/$(PKG_NAME)-$(PKG_VERSION)

-PKG_LICENSE:=GPL-2.0
 PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
+PKG_LICENSE:=GPL-2.0-only
+PKG_LICENSE_FILES:=COPYING
 PKG_CPE_ID:=cpe:/a:snort:snort

-PKG_SOURCE:=snort-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://www.snort.org/downloads/snortplus/
-PKG_HASH:=ea4079c551002e4d83586f05b3ecdae72706a46ec223339b87ce60f7ae30b8a2
-
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)/snort-$(PKG_VERSION_SHORT)
-PKG_FIXUP:=autoreconf
-PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1

 include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/cmake.mk
@ -29,7 +28,7 @@ define Package/snort3
  SUBMENU:=Firewall
  SECTION:=net
  CATEGORY:=Network
-  DEPENDS:=+libstdcpp +libdaq +libdnet +libopenssl +libpcap +libpcre +libpthread +libuuid +zlib +libhwloc +libtirpc +luajit
+  DEPENDS:=+libstdcpp +libdaq3 +libdnet +libopenssl +libpcap +libpcre +libpthread +libuuid +zlib +libhwloc +libtirpc +luajit
  TITLE:=Lightweight Network Intrusion Detection System
  URL:=http://www.snort.org/
  MENU:=1
@ -44,17 +43,21 @@ define Package/snort3/description
 endef

 CMAKE_OPTIONS += \
+	-DUSE_TIRPC:BOOL=YES \
 	-DENABLE_STATIC_DAQ:BOOL=NO \
+	-DDAQ_INCLUDE_DIR=$(STAGING_DIR)/usr/include/daq3 \
+	-DDAQ_LIBRARIES_DIR_HINT:PATH=$(STAGING_DIR)/usr/lib/daq3 \
 	-DENABLE_COREFILES:BOOL=NO \
 	-DENABLE_GDB:BOOL=NO \
 	-DMAKE_DOC:BOOL=NO \
 	-DMAKE_HTML_DOC:BOOL=NO \
 	-DMAKE_PDF_DOC:BOOL=NO \
 	-DMAKE_TEXT_DOC:BOOL=NO \
+	-DHAVE_LIBUNWIND=OFF \
 	-DHAVE_LZMA=OFF

-TARGET_CFLAGS  += -I$(STAGING_DIR)/usr/include/tirpc
-TARGET_LDFLAGS += -ltirpc
+TARGET_CFLAGS  += -I$(STAGING_DIR)/usr/include/daq3 -I$(STAGING_DIR)/usr/include/tirpc
+TARGET_LDFLAGS += -L$(STAGING_DIR)/usr/lib/daq3 -ltirpc

 define Package/snort3/conffiles
 /etc/config/snort
@ -84,10 +87,6 @@ define Package/snort3/install
 		$(PKG_INSTALL_DIR)/usr/include/snort/lua/snort_plugin.lua \
 		$(1)/usr/share/lua/

-	$(CP) \
-		$(PKG_INSTALL_DIR)/usr/include/snort/lua/snort_config.lua \
-		$(1)/usr/share/lua/
-
 	$(INSTALL_DIR) $(1)/etc/snort

 	$(INSTALL_DIR) $(1)/etc/init.d
--- a/net/snort3/patches/001-compile.patch
+++ b/net/snort3/patches/001-compile.patch
@ -1,52 +0,0 @@
-diff -u --recursive snort-3.0.0-vanilla/daqs/daq_file.c snort-3.0.0/daqs/daq_file.c
--- snort-3.0.0-vanilla/daqs/daq_file.c	2018-08-28 02:01:02.000000000 -0400
-+++ snort-3.0.0/daqs/daq_file.c	2019-03-28 23:03:25.292770141 -0400
-@@ -33,7 +33,7 @@
- 
- #include <sys/types.h>
- #include <sys/time.h>
-#include <sys/unistd.h>
-+#include <unistd.h>
- 
- #include <daq_api.h>
- #include <sfbpf_dlt.h>
-diff -u --recursive snort-3.0.0-vanilla/daqs/daq_hext.c snort-3.0.0/daqs/daq_hext.c
--- snort-3.0.0-vanilla/daqs/daq_hext.c	2018-08-28 02:01:02.000000000 -0400
-+++ snort-3.0.0/daqs/daq_hext.c	2019-03-28 22:54:15.738207157 -0400
-@@ -35,7 +35,7 @@
- #include <arpa/inet.h>
- #include <sys/types.h>
- #include <sys/time.h>
-#include <sys/unistd.h>
-+#include <unistd.h>
- #include <sys/socket.h>
- 
- #include <daq_api.h>
-diff -u --recursive snort-3.0.0-vanilla/src/network_inspectors/appid/service_plugins/service_rpc.cc snort-3.0.0/src/network_inspectors/appid/service_plugins/service_rpc.cc
--- snort-3.0.0-vanilla/src/network_inspectors/appid/service_plugins/service_rpc.cc	2018-08-28 02:01:02.000000000 -0400
-+++ snort-3.0.0/src/network_inspectors/appid/service_plugins/service_rpc.cc	2019-03-28 22:32:04.211783669 -0400
-@@ -27,6 +27,7 @@
- 
- #include <netdb.h>
- 
-+#include <tirpc/rpc/rpcent.h>
- #if defined(__FreeBSD__) || defined(__OpenBSD__)
- #include <rpc/rpc.h>
- #elif defined(__sun)
-diff -u --recursive snort-3.0.0-vanilla/src/utils/util.cc snort-3.0.0/src/utils/util.cc
--- snort-3.0.0-vanilla/src/utils/util.cc	2018-08-28 02:01:02.000000000 -0400
-+++ snort-3.0.0/src/utils/util.cc	2019-03-28 22:16:16.860942230 -0400
-@@ -605,13 +605,8 @@
- {
-     static THREAD_LOCAL char buf[128];
- 
-#if (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE < 200112L && \
-        defined(_XOPEN_SOURCE) && _XOPEN_SOURCE < 600) || _GNU_SOURCE
-    return strerror_r(errnum, buf, sizeof(buf));
-#else
-     (void)strerror_r(errnum, buf, sizeof(buf));
-     return buf;
-#endif
- }
- 
- char* snort_strndup(const char* src, size_t dst_size)
--- a/net/snort3/patches/002-ignore-liblzma.patch
+++ b/net/snort3/patches/002-ignore-liblzma.patch
@ -1,11 +0,0 @@
-diff -u --recursive snort-3.0.0-vanilla/cmake/include_libraries.cmake snort-3.0.0/cmake/include_libraries.cmake
--- snort-3.0.0-vanilla/cmake/include_libraries.cmake	2018-08-28 02:01:02.000000000 -0400
-+++ snort-3.0.0/cmake/include_libraries.cmake	2019-04-18 21:25:25.627070082 -0400
-@@ -14,7 +14,6 @@
- endif (ENABLE_UNIT_TESTS)
- 
- # optional libraries
-find_package(LibLZMA QUIET)
- find_package(Asciidoc QUIET)
- find_package(DBLATEX QUIET)
- find_package(Ruby QUIET 1.8.7)
--- a/net/snort3/patches/build-fix.patch
+++ b/net/snort3/patches/build-fix.patch
@ -0,0 +1,16 @@
+Index: snort3-3.1.4.0/src/network_inspectors/appid/service_plugins/service_rpc.cc
+===================================================================
+--- snort3-3.1.4.0.orig/src/network_inspectors/appid/service_plugins/service_rpc.cc
+++ snort3-3.1.4.0/src/network_inspectors/appid/service_plugins/service_rpc.cc
+@@ -27,11 +27,7 @@
+ 
+ #include <netdb.h>
+ 
+-#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(USE_TIRPC)
+-#include <rpc/rpc.h>
+-#elif defined(__sun)
+ #include <rpc/rpcent.h>
+-#endif
+ 
+ #include "detection/ips_context.h"
+ #include "log/messages.h"