gonzalo wrote (2023-10-25 13:01 CEST):
> ping
I'm getting this error. Is there a patch missing?
util-privs.c:246:20: error: use of undeclared identifier 'SC_ERR_GID_FAILED'
SCLogError(SC_ERR_GID_FAILED, "unable to set the group ID,"
^
util-privs.c:254:20: error: use of undeclared identifier 'SC_ERR_UID_FAILED'
SCLogError(SC_ERR_UID_FAILED, "unable to set the user ID,"
^
2 errors generated.
*** Error 1 in target 'util-privs.o'
*** Error 1 in src (Makefile:3487 'util-privs.o')
*** Error 2 in src (Makefile:2684 'all')
*** Error 1 in /home/dpb/usr/ports/pobj/suricata-7.0.1/suricata-7.0.1
(Makefile:519 'all-recursive')
*** Error 2 in . (/usr/ports/infrastructure/mk/bsd.port.mk:3034
'/usr/ports/pobj/suricata-7.0.1/.build_done': @cd /usr/ports/pobj/suricata-7...)
*** Error 2 in /usr/ports/security/suricata
(/usr/ports/infrastructure/mk/bsd.port.mk:2677 'all': @lock=suricata-7.0.1;
export _LOCKS_HELD=...)
> On 10/18/23 16:42, Gonzalo L. Rodriguez wrote:
> > Hello,
> >
> > Update for Suricata to 7.0.1:
> >
> > https://github.com/OISF/suricata/releases/tag/suricata-7.0.1
> >
> > OK? Comments?
> >
> > Cheers.-
> >
> >
> > Index: Makefile
> > ===================================================================
> > RCS file: /cvs/ports/security/suricata/Makefile,v
> > retrieving revision 1.60
> > diff -u -p -r1.60 Makefile
> > --- Makefile 27 Sep 2023 16:34:37 -0000 1.60
> > +++ Makefile 18 Oct 2023 14:14:00 -0000
> > @@ -3,7 +3,7 @@ NOT_FOR_ARCHS = powerpc64 riscv64
> > COMMENT = high performance network IDS, IPS and security monitoring
> > -SURICATA_V = 6.0.12
> > +SURICATA_V = 7.0.1
> > SUPDATE_V = 1.2.7
> > DISTNAME = suricata-${SURICATA_V}
> > @@ -20,9 +20,8 @@ PERMIT_PACKAGE= Yes
> > SITES = https://www.openinfosecfoundation.org/download/
> > # uses pledge()
> > -WANTLIB += ${COMPILER_LIBCXX} c iconv jansson lz4 lzma m magic
> > -WANTLIB += maxminddb net nspr4 nss3 nssutil3 pcap pcre plc4 plds4
> > -WANTLIB += smime3 ssl3 yaml-0 z
> > +WANTLIB += ${COMPILER_LIBCXX} c elf iconv m pcap yaml-0 z
> > +WANTLIB += jansson lz4 magic maxminddb net pcre2-8
> > MODULES = lang/python
> > @@ -40,7 +39,7 @@ LIB_DEPENDS = archivers/lz4 \
> > devel/nspr \
> > devel/libyaml \
> > devel/libmagic \
> > - devel/pcre \
> > + devel/pcre2 \
> > net/libnet/1.1 \
> > net/libmaxminddb \
> > security/nss
> > @@ -49,7 +48,7 @@ COMPILER = base-clang ports-gcc
> > DEBUG_PACKAGES = ${BUILD_PACKAGES}
> > CONFIGURE_STYLE = autoconf
> > -AUTOCONF_VERSION = 2.69
> > +AUTOCONF_VERSION = 2.71
> > AUTOMAKE_VERSION = 1.15
> > CONFIGURE_ENV = ac_cv_path_HAVE_PDFLATEX= \
> > Index: distinfo
> > ===================================================================
> > RCS file: /cvs/ports/security/suricata/distinfo,v
> > retrieving revision 1.20
> > diff -u -p -r1.20 distinfo
> > --- distinfo 3 Jul 2023 08:22:31 -0000 1.20
> > +++ distinfo 18 Oct 2023 14:14:00 -0000
> > @@ -1,2 +1,2 @@
> > -SHA256 (suricata-6.0.12.tar.gz) =
> > BLIxYJNbAxl7CFwszJ2Ah1oz8RVYMFTRRgqw+2bYNLM=
> > -SIZE (suricata-6.0.12.tar.gz) = 27388535
> > +SHA256 (suricata-7.0.1.tar.gz) =
> > YEfHX555qbDMbWx2MgJKQSaBK8IS9SrPXTyBPMfJ+ws=
> > +SIZE (suricata-7.0.1.tar.gz) = 23439262
> > Index: patches/patch-configure_ac
> > ===================================================================
> > RCS file: /cvs/ports/security/suricata/patches/patch-configure_ac,v
> > retrieving revision 1.11
> > diff -u -p -r1.11 patch-configure_ac
> > --- patches/patch-configure_ac 3 Jul 2023 08:22:31 -0000 1.11
> > +++ patches/patch-configure_ac 18 Oct 2023 14:14:00 -0000
> > @@ -3,7 +3,7 @@ To remove the pid file, its directory mu
> > Index: configure.ac
> > --- configure.ac.orig
> > +++ configure.ac
> > -@@ -2764,7 +2764,7 @@ if test "$WINDOWS_PATH" = "yes"; then
> > +@@ -2559,7 +2559,7 @@ if test "$WINDOWS_PATH" = "yes"; then
> > fi
> > else
> > EXPAND_VARIABLE(localstatedir, e_logdir, "/log/suricata/")
> > Index: patches/patch-doc_userguide_Makefile_in
> > ===================================================================
> > RCS file:
> > /cvs/ports/security/suricata/patches/patch-doc_userguide_Makefile_in,v
> > retrieving revision 1.6
> > diff -u -p -r1.6 patch-doc_userguide_Makefile_in
> > --- patches/patch-doc_userguide_Makefile_in 3 Jul 2023 08:22:31 -0000
> > 1.6
> > +++ patches/patch-doc_userguide_Makefile_in 18 Oct 2023 14:14:00 -0000
> > @@ -3,32 +3,6 @@ Index: doc/userguide/Makefile.in
> > +++ doc/userguide/Makefile.in
> > @@ -1,3 +1,4 @@
> > +
> > - # Makefile.in generated by automake 1.16.1 from Makefile.am.
> > + # Makefile.in generated by automake 1.16.5 from Makefile.am.
> > # @configure_input@
> > -
> > -@@ -623,14 +624,14 @@ uninstall-man: uninstall-man1
> > - @HAVE_SPHINXBUILD_TRUE@ sysconfdir=$(sysconfdir) \
> > - @HAVE_SPHINXBUILD_TRUE@ localstatedir=$(localstatedir) \
> > - @HAVE_SPHINXBUILD_TRUE@ version=$(PACKAGE_VERSION) \
> > --@HAVE_SPHINXBUILD_TRUE@ $(SPHINX_BUILD) -W -b html -d
> > _build/doctrees \
> > -+@HAVE_SPHINXBUILD_TRUE@ $(SPHINX_BUILD) -b html -d
> > _build/doctrees \
> > - @HAVE_SPHINXBUILD_TRUE@ $(top_srcdir)/doc/userguide _build/html
> > -
> > - @HAVE_SPHINXBUILD_TRUE@_build/latex/Suricata.pdf:
> > - @HAVE_SPHINXBUILD_TRUE@ sysconfdir=$(sysconfdir) \
> > - @HAVE_SPHINXBUILD_TRUE@ localstatedir=$(localstatedir) \
> > - @HAVE_SPHINXBUILD_TRUE@ version=$(PACKAGE_VERSION) \
> > --@HAVE_SPHINXBUILD_TRUE@ $(SPHINX_BUILD) -W -b latex -d
> > _build/doctrees \
> > -+@HAVE_SPHINXBUILD_TRUE@ $(SPHINX_BUILD) -b latex -d
> > _build/doctrees \
> > - @HAVE_SPHINXBUILD_TRUE@ $(top_srcdir)/doc/userguide _build/latex
> > - # The Sphinx generated Makefile is GNU Make specific, so just do what
> > - # it does here - yes, multiple passes of pdflatex is required.
> > -@@ -650,7 +651,7 @@ uninstall-man: uninstall-man1
> > - @HAVE_SPHINXBUILD_TRUE@ sysconfdir=$(sysconfdir) \
> > - @HAVE_SPHINXBUILD_TRUE@ localstatedir=$(localstatedir) \
> > - @HAVE_SPHINXBUILD_TRUE@ version=$(PACKAGE_VERSION) \
> > --@HAVE_SPHINXBUILD_TRUE@ $(SPHINX_BUILD) -W -b man -d
> > _build/doctrees \
> > -+@HAVE_SPHINXBUILD_TRUE@ $(SPHINX_BUILD) -b man -d
> > _build/doctrees \
> > - @HAVE_SPHINXBUILD_TRUE@ $(top_srcdir)/doc/userguide _build/man
> > - @HAVE_SPHINXBUILD_TRUE@ touch _build/man
> > Index: patches/patch-suricata-update_suricata_update_parsers_py
> > ===================================================================
> > RCS file:
> > /cvs/ports/security/suricata/patches/patch-suricata-update_suricata_update_parsers_py,v
> > retrieving revision 1.2
> > diff -u -p -r1.2 patch-suricata-update_suricata_update_parsers_py
> > --- patches/patch-suricata-update_suricata_update_parsers_py 11 Mar
> > 2022 19:54:07 -0000 1.2
> > +++ patches/patch-suricata-update_suricata_update_parsers_py 18 Oct
> > 2023 14:14:00 -0000
> > @@ -1,7 +1,7 @@
> > Index: suricata-update/suricata/update/parsers.py
> > --- suricata-update/suricata/update/parsers.py.orig
> > +++ suricata-update/suricata/update/parsers.py
> > -@@ -41,7 +41,7 @@ global_arg = [
> > +@@ -46,7 +46,7 @@ global_arg = [
> > 'help': "Be quiet, warning and error messages only"}),
> > (("-D", "--data-dir"),
> > {'metavar': '<directory>', 'dest': 'data_dir',
> > Index: patches/patch-suricata_yaml_in
> > ===================================================================
> > RCS file: /cvs/ports/security/suricata/patches/patch-suricata_yaml_in,v
> > retrieving revision 1.17
> > diff -u -p -r1.17 patch-suricata_yaml_in
> > --- patches/patch-suricata_yaml_in 3 Jul 2023 08:22:31 -0000 1.17
> > +++ patches/patch-suricata_yaml_in 18 Oct 2023 14:14:00 -0000
> > @@ -9,7 +9,7 @@ about downloading rules.
> > Index: suricata.yaml.in
> > --- suricata.yaml.in.orig
> > +++ suricata.yaml.in
> > -@@ -80,6 +80,7 @@ outputs:
> > +@@ -84,6 +84,7 @@ outputs:
> > - fast:
> > enabled: yes
> > filename: fast.log
> > @@ -17,15 +17,15 @@ Index: suricata.yaml.in
> > append: yes
> > #filetype: regular # 'regular', 'unix_stream' or 'unix_dgram'
> > -@@ -88,6 +89,7 @@ outputs:
> > +@@ -92,6 +93,7 @@ outputs:
> > enabled: @e_enable_evelog@
> > filetype: regular #regular|syslog|unix_dgram|unix_stream|redis
> > filename: eve.json
> > + filemode: 664
> > # Enable for multi-threaded eve.json output; output files are
> > amended with
> > - # with an identifier, e.g., eve.9.json
> > + # an identifier, e.g., eve.9.json
> > #threaded: false
> > -@@ -307,6 +309,7 @@ outputs:
> > +@@ -334,6 +336,7 @@ outputs:
> > - http-log:
> > enabled: no
> > filename: http.log
> > @@ -33,7 +33,7 @@ Index: suricata.yaml.in
> > append: yes
> > #extended: yes # enable this for extended logging information
> > #custom: yes # enable the custom logging format (defined by
> > customformat)
> > -@@ -317,6 +320,7 @@ outputs:
> > +@@ -344,6 +347,7 @@ outputs:
> > - tls-log:
> > enabled: no # Log TLS connections.
> > filename: tls.log # File to store TLS logs.
> > @@ -41,7 +41,7 @@ Index: suricata.yaml.in
> > append: yes
> > #extended: yes # Log extended information like fingerprint
> > #custom: yes # enabled the custom logging format (defined by
> > customformat)
> > -@@ -364,6 +368,7 @@ outputs:
> > +@@ -391,6 +395,7 @@ outputs:
> > - pcap-log:
> > enabled: no
> > filename: log.pcap
> > @@ -49,7 +49,7 @@ Index: suricata.yaml.in
> > # File size limit. Can be specified in kb, mb, gb. Just a number
> > # is parsed as bytes.
> > -@@ -399,6 +404,7 @@ outputs:
> > +@@ -429,6 +434,7 @@ outputs:
> > - alert-debug:
> > enabled: no
> > filename: alert-debug.log
> > @@ -57,7 +57,7 @@ Index: suricata.yaml.in
> > append: yes
> > #filetype: regular # 'regular', 'unix_stream' or 'unix_dgram'
> > -@@ -414,6 +420,7 @@ outputs:
> > +@@ -436,6 +442,7 @@ outputs:
> > - stats:
> > enabled: yes
> > filename: stats.log
> > @@ -65,7 +65,7 @@ Index: suricata.yaml.in
> > append: yes # append to file (yes) or overwrite it (no)
> > totals: yes # stats for all threads merged together
> > threads: no # per thread stats
> > -@@ -507,6 +514,7 @@ outputs:
> > +@@ -529,6 +536,7 @@ outputs:
> > enabled: no
> > type: file
> > filename: tcp-data.log
> > @@ -73,7 +73,7 @@ Index: suricata.yaml.in
> > # Log HTTP body data after normalization, de-chunking and unzipping.
> > # Two types: file or dir.
> > -@@ -520,6 +528,7 @@ outputs:
> > +@@ -542,6 +550,7 @@ outputs:
> > enabled: no
> > type: file
> > filename: http-data.log
> > @@ -81,22 +81,7 @@ Index: suricata.yaml.in
> > # Lua Output Support - execute lua script to generate alert and event
> > # output.
> > -@@ -566,12 +575,12 @@ logging:
> > - enabled: yes
> > - # type: json
> > - - file:
> > -- enabled: yes
> > -+ enabled: no
> > - level: info
> > - filename: suricata.log
> > - # type: json
> > - - syslog:
> > -- enabled: no
> > -+ enabled: yes
> > - facility: local5
> > - format: "[%i] <%d> -- "
> > - # type: json
> > -@@ -1010,9 +1019,9 @@ asn1-max-frames: 256
> > +@@ -1189,9 +1198,9 @@ datasets:
> > ##
> > # Run Suricata with a specific user-id and group-id:
> > @@ -107,9 +92,9 @@ Index: suricata.yaml.in
> > + user: _suricata
> > + group: _suricata
> > - # Some logging modules will use that name in event as identifier. The
> > default
> > - # value is the hostname
> > -@@ -1021,7 +1030,7 @@ asn1-max-frames: 256
> > + security:
> > + # if true, prevents process creation from Suricata by calling
> > +@@ -1221,7 +1230,7 @@ security:
> > # Default location of the pid file. The pid file is only used in
> > # daemon mode (start Suricata with -D). If not running in daemon mode
> > # the --pidfile command line option must be used to create a pid file.
> > @@ -118,7 +103,7 @@ Index: suricata.yaml.in
> > # Daemon working directory
> > # Suricata will change directory to this one if provided
> > -@@ -1920,14 +1929,38 @@ napatech:
> > +@@ -2137,14 +2146,38 @@ napatech:
> > #
> > hashmode: hash5tuplesorted
> > Index: pkg/PLIST
> > ===================================================================
> > RCS file: /cvs/ports/security/suricata/pkg/PLIST,v
> > retrieving revision 1.24
> > diff -u -p -r1.24 PLIST
> > --- pkg/PLIST 14 Feb 2023 21:14:14 -0000 1.24
> > +++ pkg/PLIST 18 Oct 2023 14:14:01 -0000
> > @@ -27,7 +27,6 @@ include/htp/htp_version.h
> > include/htp/lzma/
> > include/htp/lzma/7zTypes.h
> > include/htp/lzma/LzmaDec.h
> > -include/suricata-plugin.h
> > @static-lib lib/libhtp.a
> > lib/libhtp.la
> > @lib lib/libhtp.so.${LIBhtp_VERSION}
> > @@ -119,6 +118,12 @@ lib/suricata/python/suricata/update/conf
> > lib/suricata/python/suricata/update/configs/__init__.py
> >
> > ${MODPY_COMMENT}lib/suricata/python/suricata/update/configs/${MODPY_PYCACHE}/
> >
> > lib/suricata/python/suricata/update/configs/${MODPY_PYCACHE}__init__.${MODPY_PYC_MAGIC_TAG}pyc
> > +lib/suricata/python/suricata/update/configs/disable.conf
> > +lib/suricata/python/suricata/update/configs/drop.conf
> > +lib/suricata/python/suricata/update/configs/enable.conf
> > +lib/suricata/python/suricata/update/configs/modify.conf
> > +lib/suricata/python/suricata/update/configs/threshold.in
> > +lib/suricata/python/suricata/update/configs/update.yaml
> > lib/suricata/python/suricata/update/data/
> > lib/suricata/python/suricata/update/data/__init__.py
> > ${MODPY_COMMENT}lib/suricata/python/suricata/update/data/${MODPY_PYCACHE}/
> > @@ -176,6 +181,7 @@ share/suricata/rules/dns-events.rules
> > @sample ${SYSCONFDIR}/suricata/rules/dns-events.rules
> > share/suricata/rules/files.rules
> > @sample ${SYSCONFDIR}/suricata/rules/files.rules
> > +share/suricata/rules/ftp-events.rules
> > share/suricata/rules/http-events.rules
> > @sample ${SYSCONFDIR}/suricata/rules/http-events.rules
> > share/suricata/rules/http2-events.rules
> > @@ -190,6 +196,8 @@ share/suricata/rules/nfs-events.rules
> > @sample ${SYSCONFDIR}/suricata/rules/nfs-events.rules
> > share/suricata/rules/ntp-events.rules
> > @sample ${SYSCONFDIR}/suricata/rules/ntp-events.rules
> > +share/suricata/rules/quic-events.rules
> > +share/suricata/rules/rfb-events.rules
> > share/suricata/rules/smb-events.rules
> > @sample ${SYSCONFDIR}/suricata/rules/smb-events.rules
> > share/suricata/rules/smtp-events.rules
>
