1 |
commit: 5073a26b023b9b579b550c2d92fe949d9dbda2a5 |
2 |
Author: Marek Szuba <marecki <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon Jun 11 14:03:15 2018 +0000 |
4 |
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Jun 11 14:04:06 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5073a26b |
7 |
|
8 |
net-analyzer/suricata: remove vulnerable 4.0.3 |
9 |
|
10 |
Bug: https://bugs.gentoo.org/647664 |
11 |
Package-Manager: Portage-2.3.40, Repoman-2.3.9 |
12 |
|
13 |
net-analyzer/suricata/Manifest | 1 - |
14 |
net-analyzer/suricata/suricata-4.0.3.ebuild | 167 ---------------------------- |
15 |
2 files changed, 168 deletions(-) |
16 |
|
17 |
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest |
18 |
index cc70d0f7283..fe67675774d 100644 |
19 |
--- a/net-analyzer/suricata/Manifest |
20 |
+++ b/net-analyzer/suricata/Manifest |
21 |
@@ -1,2 +1 @@ |
22 |
-DIST suricata-4.0.3.tar.gz 12392388 BLAKE2B 9b6338b343ff85f070d61608ff9dc7f25df868fdffbc13b5a8d245cb3db5cd757cb1785c827c388653b2f8a7977129259671900bc1abfebeb878a668b4058bdf SHA512 aa6b6d1ae86efad0184ba4fa06375f34334e07c22b7b1f82bf17fcb0ae48ad7f867bced57ab4f713de01583965e1260cb82e1355f78002071b689dddd3b53892 |
23 |
DIST suricata-4.0.4.tar.gz 12511121 BLAKE2B d9dfb00a45c2e9810409a8ce91a83e23ebce20eb28492bf24f9688d292b5805dca932c39cc673cf1148325fe5ef7936dda7f6c7819605753cb2e2ddc1cf5dba0 SHA512 6e158aa6d3edb9d11e0df3f986392ee2ae49ab4dfb978288ced4484dbe5c08ae061db2a566be6d22cf14bd0b88f87f9cb9c0a657d7fc44e099b8783d933c771e |
24 |
|
25 |
diff --git a/net-analyzer/suricata/suricata-4.0.3.ebuild b/net-analyzer/suricata/suricata-4.0.3.ebuild |
26 |
deleted file mode 100644 |
27 |
index 501a7c7a03a..00000000000 |
28 |
--- a/net-analyzer/suricata/suricata-4.0.3.ebuild |
29 |
+++ /dev/null |
30 |
@@ -1,167 +0,0 @@ |
31 |
-# Copyright 1999-2018 Gentoo Foundation |
32 |
-# Distributed under the terms of the GNU General Public License v2 |
33 |
- |
34 |
-EAPI=5 |
35 |
- |
36 |
-inherit autotools eutils user |
37 |
- |
38 |
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine" |
39 |
-HOMEPAGE="https://suricata-ids.org/" |
40 |
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz" |
41 |
- |
42 |
-LICENSE="GPL-2" |
43 |
-SLOT="0" |
44 |
-KEYWORDS="~amd64 ~x86" |
45 |
-IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate lua luajit nflog +nfqueue redis +rules test" |
46 |
- |
47 |
-DEPEND=" |
48 |
- >=dev-libs/jansson-2.2 |
49 |
- dev-libs/libpcre |
50 |
- dev-libs/libyaml |
51 |
- net-libs/libnet:* |
52 |
- net-libs/libnfnetlink |
53 |
- dev-libs/nspr |
54 |
- dev-libs/nss |
55 |
- >=net-libs/libhtp-0.5.20 |
56 |
- net-libs/libpcap |
57 |
- sys-apps/file |
58 |
- cuda? ( dev-util/nvidia-cuda-toolkit ) |
59 |
- geoip? ( dev-libs/geoip ) |
60 |
- lua? ( dev-lang/lua:* ) |
61 |
- luajit? ( dev-lang/luajit:* ) |
62 |
- nflog? ( net-libs/libnetfilter_log ) |
63 |
- nfqueue? ( net-libs/libnetfilter_queue ) |
64 |
- redis? ( dev-libs/hiredis ) |
65 |
- logrotate? ( app-admin/logrotate ) |
66 |
- sys-libs/libcap-ng |
67 |
-" |
68 |
-# #446814 |
69 |
-# prelude? ( dev-libs/libprelude ) |
70 |
-# pfring? ( sys-process/numactl net-libs/pf_ring) |
71 |
-RDEPEND="${DEPEND}" |
72 |
- |
73 |
-pkg_setup() { |
74 |
- enewgroup ${PN} |
75 |
- enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}" |
76 |
-} |
77 |
- |
78 |
-src_prepare() { |
79 |
- eautoreconf |
80 |
-} |
81 |
- |
82 |
-src_configure() { |
83 |
- local myeconfargs=( |
84 |
- "--localstatedir=/var/" \ |
85 |
- "--enable-non-bundled-htp" \ |
86 |
- $(use_enable af-packet) \ |
87 |
- $(use_enable detection) \ |
88 |
- $(use_enable nfqueue) \ |
89 |
- $(use_enable test coccinelle) \ |
90 |
- $(use_enable test unittests) \ |
91 |
- $(use_enable control-socket unix-socket) |
92 |
- ) |
93 |
- |
94 |
- if use cuda ; then |
95 |
- myeconfargs+=( $(use_enable cuda) ) |
96 |
- fi |
97 |
- if use geoip ; then |
98 |
- myeconfargs+=( $(use_enable geoip) ) |
99 |
- fi |
100 |
- if use hardened ; then |
101 |
- myeconfargs+=( $(use_enable hardened gccprotect) ) |
102 |
- fi |
103 |
- if use nflog ; then |
104 |
- myeconfargs+=( $(use_enable nflog) ) |
105 |
- fi |
106 |
- if use redis ; then |
107 |
- myeconfargs+=( $(use_enable redis hiredis) ) |
108 |
- fi |
109 |
- # not supported yet (no pfring in portage) |
110 |
-# if use pfring ; then |
111 |
-# myeconfargs+=( $(use_enable pfring) ) |
112 |
-# fi |
113 |
- # no libprelude in portage |
114 |
-# if use prelude ; theng |
115 |
-# myeconfargs+=( $(use_enable prelude) ) |
116 |
-# fi |
117 |
- if use lua ; then |
118 |
- myeconfargs+=( $(use_enable lua) ) |
119 |
- fi |
120 |
- if use luajit ; then |
121 |
- myeconfargs+=( $(use_enable luajit) ) |
122 |
- fi |
123 |
- if (use !lua) && (use !luajit) ; then |
124 |
- myeconfargs+=( |
125 |
- --disable-lua |
126 |
- --disable-luajit |
127 |
- ) |
128 |
- fi |
129 |
- |
130 |
-# this should be used when pf_ring use flag support will be added |
131 |
-# LIBS+="-lrt -lnuma" |
132 |
- |
133 |
- # avoid upstream configure script trying to add -march=native to CFLAGS |
134 |
- myeconfargs+=( --enable-gccmarch-native=no ) |
135 |
- |
136 |
- if use debug ; then |
137 |
- myeconfargs+=( $(use_enable debug) ) |
138 |
- # so we can get a backtrace according to "reporting bugs" on upstream web site |
139 |
- CFLAGS="-ggdb -O0" econf LIBS="${LIBS}" ${myeconfargs[@]} |
140 |
- else |
141 |
- econf LIBS="${LIBS}" ${myeconfargs[@]} |
142 |
- fi |
143 |
-} |
144 |
- |
145 |
-src_install() { |
146 |
- emake DESTDIR="${D}" install |
147 |
- |
148 |
- insinto "/etc/${PN}" |
149 |
- doins {classification,reference,threshold}.config suricata.yaml |
150 |
- |
151 |
- if use rules ; then |
152 |
- insinto "/etc/${PN}/rules" |
153 |
- doins rules/*.rules |
154 |
- fi |
155 |
- |
156 |
- dodir "/var/lib/${PN}" |
157 |
- dodir "/var/log/${PN}" |
158 |
- |
159 |
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}" |
160 |
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}" |
161 |
- |
162 |
- newinitd "${FILESDIR}/${P}-init" ${PN} |
163 |
- newconfd "${FILESDIR}/${P}-conf" ${PN} |
164 |
- |
165 |
- if use logrotate; then |
166 |
- insopts -m0644 |
167 |
- insinto /etc/logrotate.d |
168 |
- newins "${FILESDIR}"/${PN}-logrotate ${PN} |
169 |
- fi |
170 |
-} |
171 |
- |
172 |
-pkg_postinst() { |
173 |
- elog "The ${PN} init script expects to find the path to the configuration" |
174 |
- elog "file as well as extra options in /etc/conf.d." |
175 |
- elog "" |
176 |
- elog "To create more than one ${PN} service, simply create a new .yaml file for it" |
177 |
- elog "then create a symlink to the init script from a link called" |
178 |
- elog "${PN}.foo - like so" |
179 |
- elog " cd /etc/${PN}" |
180 |
- elog " ${EDITOR##*/} suricata-foo.yaml" |
181 |
- elog " cd /etc/init.d" |
182 |
- elog " ln -s ${PN} ${PN}.foo" |
183 |
- elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo." |
184 |
- elog "" |
185 |
- elog "You can create as many ${PN}.foo* services as you wish." |
186 |
- |
187 |
- if use logrotate; then |
188 |
- elog "You enabled the logrotate USE flag. Please make sure you correctly set up the ${PN} logrotate config file in /etc/logrotate.d/." |
189 |
- fi |
190 |
- |
191 |
- if use debug; then |
192 |
- elog "You enabled the debug USE flag. Please read this link to report bugs upstream:" |
193 |
- elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs" |
194 |
- elog "You need to also ensure the FEATURES variable in make.conf contains the" |
195 |
- elog "'nostrip' option to produce useful core dumps or back traces." |
196 |
- fi |
197 |
-} |