[meta-security][PATCH 1/3] libhtp: update to 0.5.27

[meta-security][PATCH 1/3] libhtp: update to 0.5.27

[Armin Kuster]

Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../suricata/{libhtp_0.5.25.bb => libhtp_0.5.27.bb}         | 0
 recipes-security/suricata/suricata.inc                      | 6 +++---
 2 files changed, 3 insertions(+), 3 deletions(-)
 rename recipes-security/suricata/{libhtp_0.5.25.bb => libhtp_0.5.27.bb} (100%)

diff --git a/recipes-security/suricata/libhtp_0.5.25.bb b/recipes-security/suricata/libhtp_0.5.27.bb
similarity index 100%
rename from recipes-security/suricata/libhtp_0.5.25.bb
rename to recipes-security/suricata/libhtp_0.5.27.bb
diff --git a/recipes-security/suricata/suricata.inc b/recipes-security/suricata/suricata.inc
index a2d36eb..1f42121 100644
--- a/recipes-security/suricata/suricata.inc
+++ b/recipes-security/suricata/suricata.inc
@@ -2,8 +2,8 @@ HOMEPAGE = "http://suricata-ids.org/"
 SECTION = "security Monitor/Admin"
 LICENSE = "GPLv2"
 
-VER = "4.0.0"
+VER = "4.0.5"
 SRC_URI = "http://www.openinfosecfoundation.org/download/suricata-${VER}.tar.gz"
 
-SRC_URI[md5sum] = "41fb91b4cbc6705b353e4bdd02c3df4b"
-SRC_URI[sha256sum] = "6b8b183a8409829ca92c71854cc1abed45f04ccfb7f14c08211f4edf571fa577"
+SRC_URI[md5sum] = "ea0cb823d6a86568152f75ade6de442f"
+SRC_URI[sha256sum] = "74dacb4359d57fbd3452e384eeeb1dd77b6ae00f02e9994ad5a7b461d5f4c6c2"
-- 
2.17.1

[meta-security][PATCH 2/3] suricata: update 4.0.5

[Armin Kuster]

Fix rules make. Don't allow the makefile to download the rules. Use
fetcher

add install configs and remove manual intall of those files

Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../{suricata_4.0.0.bb => suricata_4.0.5.bb}  | 24 ++++++++++++-------
 1 file changed, 15 insertions(+), 9 deletions(-)
 rename recipes-security/suricata/{suricata_4.0.0.bb => suricata_4.0.5.bb} (85%)

diff --git a/recipes-security/suricata/suricata_4.0.0.bb b/recipes-security/suricata/suricata_4.0.5.bb
similarity index 85%
rename from recipes-security/suricata/suricata_4.0.0.bb
rename to recipes-security/suricata/suricata_4.0.5.bb
index 6efa351..6ccf3d2 100644
--- a/recipes-security/suricata/suricata_4.0.0.bb
+++ b/recipes-security/suricata/suricata_4.0.5.bb
@@ -4,17 +4,23 @@ require suricata.inc
 
 LIC_FILES_CHKSUM = "file://LICENSE;beginline=1;endline=2;md5=c70d8d3310941dcdfcd1e02800a1f548"
 
+SRC_URI += "https://rules.emergingthreats.net/open/suricata-4.0/emerging.rules.tar.gz;name=rules"
+
 SRC_URI += " \
            file://volatiles.03_suricata \
            file://suricata.yaml \
            file://suricata.service \
            "
 
+SRC_URI[rules.md5sum] = "7e8b570d318c98bff65f2ddc457122cb"
+SRC_URI[rules.sha256sum] = "229e3035804c2b816092c6eea09e35f9db0ea421758551a7a740cdd9c15e3feb"
+
 inherit autotools-brokensep pkgconfig python-dir systemd 
 
 CFLAGS += "-D_DEFAULT_SOURCE"
 
-CACHED_CONFIGUREVARS = "ac_cv_header_htp_htp_h=yes ac_cv_lib_htp_htp_conn_create=yes "
+CACHED_CONFIGUREVARS = "ac_cv_header_htp_htp_h=yes ac_cv_lib_htp_htp_conn_create=yes \
+                        ac_cv_path_HAVE_WGET=no ac_cv_path_HAVE_CURL=no "
 
 EXTRA_OECONF += " --disable-debug \
     --enable-non-bundled-htp \
@@ -41,19 +47,20 @@ export logdir = "${localstatedir}/log"
 
 do_install_append () {
 
+    install -d ${D}${sysconfdir}/suricata
+
+    oe_runmake install-conf DESTDIR=${D}
+
+    # mimic move of downloaded rules to e_sysconfrulesdir
+    cp -rf  ${WORKDIR}/rules ${D}${sysconfdir}/suricata
+
     oe_runmake install-rules DESTDIR=${D}
 
-    install -d ${D}${sysconfdir}/suricata
     install -d ${D}${sysconfdir}/suricata ${D}${sysconfdir}/default/volatiles
-    install -m 644 classification.config ${D}${sysconfdir}/suricata
-    install -m 644 reference.config ${D}${sysconfdir}/suricata
-    install -m 644 ${WORKDIR}/suricata.yaml ${D}${sysconfdir}/suricata
     install -m 0644 ${WORKDIR}/volatiles.03_suricata  ${D}${sysconfdir}/default/volatiles/volatiles.03_suricata
 
     install -m 0644 ${S}/threshold.config ${D}${sysconfdir}/suricata
 
-    install -d ${D}${logdir}/suricata
-
     install -d ${D}${systemd_unitdir}/system
     sed  -e s:/etc:${sysconfdir}:g \
          -e s:/var/run:/run:g \
@@ -62,7 +69,6 @@ do_install_append () {
          -e s:/bin/kill:${base_bindir}/kill:g \
          -e s:/usr/lib:${libdir}:g \
          ${WORKDIR}/suricata.service > ${D}${systemd_unitdir}/system/suricata.service
-
 }
 
 pkg_postinst_ontarget_${PN} () {
@@ -74,7 +80,7 @@ fi
 SYSTEMD_PACKAGES = "${PN}"
 
 PACKAGES =+ "${PN}-socketcontrol"
-FILES_${PN} += "${logdir}/suricata ${systemd_unitdir}"
+FILES_${PN} += "${systemd_unitdir} /run"
 FILES_${PN}-socketcontrol = "${bindir}/suricatasc ${PYTHON_SITEPACKAGES_DIR}"
 
 CONFFILES_${PN} = "${sysconfdir}/suricata/suricata.yaml"
-- 
2.17.1

[meta-security][PATCH 3/3] sleuthkit: update to 4.1.3

[Armin Kuster]

cleanup QA issues with perl
refresh patch

Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../{afflib_3.6.6.bb => afflib_3.7.16.bb}     | 20 +++++------
 .../afflib/files/configure_rm_ms_flags.patch  |  8 ++---
 .../sleuth/files/fix_host_poison.patch        | 33 ++++++++-----------
 ...{sleuthkit_4.1.3.bb => sleuthkit_4.6.0.bb} | 16 ++++++---
 4 files changed, 37 insertions(+), 40 deletions(-)
 rename recipes-forensic/afflib/{afflib_3.6.6.bb => afflib_3.7.16.bb} (54%)
 rename recipes-forensic/sleuth/{sleuthkit_4.1.3.bb => sleuthkit_4.6.0.bb} (73%)

diff --git a/recipes-forensic/afflib/afflib_3.6.6.bb b/recipes-forensic/afflib/afflib_3.7.16.bb
similarity index 54%
rename from recipes-forensic/afflib/afflib_3.6.6.bb
rename to recipes-forensic/afflib/afflib_3.7.16.bb
index a826d1d..013f524 100644
--- a/recipes-forensic/afflib/afflib_3.6.6.bb
+++ b/recipes-forensic/afflib/afflib_3.7.16.bb
@@ -1,21 +1,17 @@
 SUMMARY = "The Advanced Forensic Format (AFF) is on-disk format for storing computer forensic information."
 HOMEPAGE = "http://www.afflib.org/"
 LICENSE = " BSD-4-Clause  & CPL-1.0"
-LIC_FILES_CHKSUM = "file://COPYING;md5=d1b2c6d0d6908f45d143ef6380727828"
+LIC_FILES_CHKSUM = "file://COPYING;md5=dddf949f1763ecf9b73a96b87b8e6fce"
 
-DEPENDS = " zlib ncurses readline openssl libgcrypt"
+DEPENDS = "zlib ncurses readline openssl libgcrypt"
 
-SRC_URI = "http://archive.ubuntu.com/ubuntu/pool/universe/a/${BPN}/${BPN}_${PV}.orig.tar.gz;name=orig \
-        http://archive.ubuntu.com/ubuntu/pool/universe/a/${BPN}/${BPN}_${PV}-1.1.diff.gz;name=dpatch \
-        file://configure_rm_ms_flags.patch \
-        "
+SRC_URI = "http://archive.ubuntu.com/ubuntu/pool/universe/a/${BPN}/${BPN}_${PV}.orig.tar.gz \
+           file://configure_rm_ms_flags.patch "
 
-SRC_URI[orig.md5sum] = "b7ff4d2945882018eb1536cad182ad01"
-SRC_URI[orig.sha256sum] = "19cacfd558dc00e11975e820e3c4383b52aabbd5ca081d27bb7994a035d2f4ad"
-SRC_URI[dpatch.md5sum] = "171e871024545b487589e6c85290576f"
-SRC_URI[dpatch.sha256sum] = "db632e254ee51a1e4328cd4449d414eff4795053d4e36bfa8e0020fcb4085cdd"
+SRC_URI[md5sum] = "776f09e1c98a63e1e7a16a52f56146fe"
+SRC_URI[sha256sum] = "9c0522941a24a3aafa027e510c6add5ca9f4defd2d859da3e0b536ad11b6bf72"
 
-inherit autotools-brokensep pkgconfig
+inherit autotools pkgconfig
 
 CPPFLAGS = "-I${STAGING_INCDIR}"
 LDFLAGS = "-L${STAGING_LIBDIR}"
@@ -28,3 +24,5 @@ PACKAGECONFIG[python] = "--enable-python=yes, --enable-python=no, python"
 
 EXTRA_OECONF += "--enable-s3=no CPPFLAGS=-I${STAGING_INCDIR} LDFLAGS=-L${STAGING_LIBDIR}"
 EXTRA_OEMAKE += "CPPFLAGS='${CPPFLAGS}' LDFLAGS='-L${STAGING_LIBDIR} -I${STAGING_INCDIR}'"
+
+S = "${WORKDIR}/AFFLIBv3-${PV}"
diff --git a/recipes-forensic/afflib/files/configure_rm_ms_flags.patch b/recipes-forensic/afflib/files/configure_rm_ms_flags.patch
index ac33500..e6b3e1e 100644
--- a/recipes-forensic/afflib/files/configure_rm_ms_flags.patch
+++ b/recipes-forensic/afflib/files/configure_rm_ms_flags.patch
@@ -4,11 +4,11 @@ remove ms lib options when cross compiling
 
 Signed-Off-By: Armin Kuster <akuster808@gmail.com>
 
-Index: configure.ac
+Index: AFFLIBv3-3.7.16/configure.ac
 ===================================================================
---- a.orig/configure.ac
-+++ a/configure.ac
-@@ -47,7 +47,6 @@ if test x"${cross_compiling}" = "xno" ;
+--- AFFLIBv3-3.7.16.orig/configure.ac
++++ AFFLIBv3-3.7.16/configure.ac
+@@ -46,7 +46,6 @@ if test x"${cross_compiling}" = "xno" ;
    AC_MSG_NOTICE([ LDFLAGS = ${LDFLAGS} ])
  else
    AC_MSG_NOTICE([Cross Compiling --- will not update CPPFALGS or LDFLAGS with /usr/local, /opt/local or /sw])
diff --git a/recipes-forensic/sleuth/files/fix_host_poison.patch b/recipes-forensic/sleuth/files/fix_host_poison.patch
index 03b1fb9..1972f3e 100644
--- a/recipes-forensic/sleuth/files/fix_host_poison.patch
+++ b/recipes-forensic/sleuth/files/fix_host_poison.patch
@@ -1,23 +1,16 @@
-Upstream-Status: Inappropriate [configuration]
-
-Don't use host include or lib paths in *FLAGS
-
-Signed-off-by: Armin Kuster <akuster808@gmail.com>
-
-Index: configure.ac
+Index: sleuthkit-sleuthkit-4.6.0/configure.ac
 ===================================================================
---- a/configure.ac
-+++ b/configure.ac
-@@ -84,12 +84,6 @@ AX_PTHREAD([
-     LDFLAGS="$LDFLAGS $PTHREAD_CFLAGS"
-     CC="$PTHREAD_CC"],[])
- 
--dnl Not all compilers include /usr/local in the include and link path
--if test -d /usr/local/include; then
+--- sleuthkit-sleuthkit-4.6.0.orig/configure.ac
++++ sleuthkit-sleuthkit-4.6.0/configure.ac
+@@ -95,11 +95,6 @@ case "$host" in
+   dnl Adding the native /usr/local is wrong for cross-compiling
+   ;;
+ *)
+-  dnl Not all compilers include /usr/local in the include and link path
+-  if test -d /usr/local/include; then
 -    CPPFLAGS="$CPPFLAGS -I/usr/local/include"
 -    LDFLAGS="$LDFLAGS -L/usr/local/lib"
--fi
--
- dnl Add enable/disable option
- AC_ARG_ENABLE([java],
-     [AS_HELP_STRING([--disable-java], [Do not build the java bindings or jar file])])
+-  fi
+   ;;
+ esac
+ 
diff --git a/recipes-forensic/sleuth/sleuthkit_4.1.3.bb b/recipes-forensic/sleuth/sleuthkit_4.6.0.bb
similarity index 73%
rename from recipes-forensic/sleuth/sleuthkit_4.1.3.bb
rename to recipes-forensic/sleuth/sleuthkit_4.6.0.bb
index ba335f3..4f51f3a 100644
--- a/recipes-forensic/sleuth/sleuthkit_4.1.3.bb
+++ b/recipes-forensic/sleuth/sleuthkit_4.6.0.bb
@@ -7,14 +7,15 @@ LIC_FILES_CHKSUM = "file://licenses/GNU-COPYING;startline=4;endline=5;md5=475b47
 
 DEPENDS = "libtool"
 
-SRC_URI = "http://archive.ubuntu.com/ubuntu/pool/universe/s/${BPN}/${BPN}_${PV}.orig.tar.gz;name=orig \
-            file://fix_host_poison.patch \
+SRC_URI = "http://archive.ubuntu.com/ubuntu/pool/universe/s/${BPN}/${BPN}_${PV}.orig.tar.gz \
         "
-SRC_URI[orig.md5sum] = "139a12f06952d8a40bbe07884994cf5d"
-SRC_URI[orig.sha256sum] = "67f9d2a31a8884d58698d6122fc1a1bfa9bf238582bde2b49228ec9b899f0327"
+SRC_URI[md5sum] = "b94388c5f9de8a9f017619f4855f4401"
+SRC_URI[sha256sum] = "ad3e26958234c9e866dfbfb751bcd6ed300ff76446dc6767a6f9083df4bf4974"
 
 inherit autotools-brokensep pkgconfig gettext
 
+S = "${WORKDIR}/${BPN}-${BPN}-${PV}"
+
 PACKAGECONFIG ??= "aff zlib ewf"
 PACKAGECONFIG[aff] = "--with-afflib=${STAGING_DIR_HOST}/usr, --without-afflib, afflib"
 PACKAGECONFIG[zlib] = "--with-zlib=${STAGING_DIR_HOST}/usr, --without-zlib, zlib"
@@ -23,9 +24,14 @@ PACKAGECONFIG[ewf] = "--with-libewf=${STAGING_DIR_HOST}/usr, --without-libewf, l
 #--with-gnu-ld
 EXTRA_OECONF += "--enable-static=no --disable-java LIBS='-L${STAGING_LIBDIR}' LDFLAGS='-L${STAGING_LIBDIR}' CPPFLAGS='-I${STAGING_INCDIR}'"
 
+do_install_append () {
+	sed -e "s|${HOSTTOOLS_DIR}/perl -w|${bindir}/env perl|g" -i ${D}${bindir}/sorter
+	sed -e "s|${HOSTTOOLS_DIR}/perl -w|${bindir}/env perl|g" -i ${D}${bindir}/mactime
+
+}
 # Avoid QA Issue: No GNU_HASH in the elf binary
 INSANE_SKIP_${PN} = "ldflags" 
 
 FILES_${PN} += " ${datadir}/tsk"
 
-RDEPENDS_${PN} += " perl"
+RDEPENDS_sleuthkit = "perl"
-- 
2.17.1