* [meta-security][PATCH 1/3] libhtp: update to 0.5.27
@ 2018-08-09 23:04 Armin Kuster
2018-08-09 23:04 ` [meta-security][PATCH 2/3] suricata: update 4.0.5 Armin Kuster
2018-08-09 23:04 ` [meta-security][PATCH 3/3] sleuthkit: update to 4.1.3 Armin Kuster
0 siblings, 2 replies; 3+ messages in thread
From: Armin Kuster @ 2018-08-09 23:04 UTC (permalink / raw)
To: akuster808, yocto
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../suricata/{libhtp_0.5.25.bb => libhtp_0.5.27.bb} | 0
recipes-security/suricata/suricata.inc | 6 +++---
2 files changed, 3 insertions(+), 3 deletions(-)
rename recipes-security/suricata/{libhtp_0.5.25.bb => libhtp_0.5.27.bb} (100%)
diff --git a/recipes-security/suricata/libhtp_0.5.25.bb b/recipes-security/suricata/libhtp_0.5.27.bb
similarity index 100%
rename from recipes-security/suricata/libhtp_0.5.25.bb
rename to recipes-security/suricata/libhtp_0.5.27.bb
diff --git a/recipes-security/suricata/suricata.inc b/recipes-security/suricata/suricata.inc
index a2d36eb..1f42121 100644
--- a/recipes-security/suricata/suricata.inc
+++ b/recipes-security/suricata/suricata.inc
@@ -2,8 +2,8 @@ HOMEPAGE = "http://suricata-ids.org/"
SECTION = "security Monitor/Admin"
LICENSE = "GPLv2"
-VER = "4.0.0"
+VER = "4.0.5"
SRC_URI = "http://www.openinfosecfoundation.org/download/suricata-${VER}.tar.gz"
-SRC_URI[md5sum] = "41fb91b4cbc6705b353e4bdd02c3df4b"
-SRC_URI[sha256sum] = "6b8b183a8409829ca92c71854cc1abed45f04ccfb7f14c08211f4edf571fa577"
+SRC_URI[md5sum] = "ea0cb823d6a86568152f75ade6de442f"
+SRC_URI[sha256sum] = "74dacb4359d57fbd3452e384eeeb1dd77b6ae00f02e9994ad5a7b461d5f4c6c2"
--
2.17.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [meta-security][PATCH 2/3] suricata: update 4.0.5
2018-08-09 23:04 [meta-security][PATCH 1/3] libhtp: update to 0.5.27 Armin Kuster
@ 2018-08-09 23:04 ` Armin Kuster
2018-08-09 23:04 ` [meta-security][PATCH 3/3] sleuthkit: update to 4.1.3 Armin Kuster
1 sibling, 0 replies; 3+ messages in thread
From: Armin Kuster @ 2018-08-09 23:04 UTC (permalink / raw)
To: akuster808, yocto
Fix rules make. Don't allow the makefile to download the rules. Use
fetcher
add install configs and remove manual intall of those files
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../{suricata_4.0.0.bb => suricata_4.0.5.bb} | 24 ++++++++++++-------
1 file changed, 15 insertions(+), 9 deletions(-)
rename recipes-security/suricata/{suricata_4.0.0.bb => suricata_4.0.5.bb} (85%)
diff --git a/recipes-security/suricata/suricata_4.0.0.bb b/recipes-security/suricata/suricata_4.0.5.bb
similarity index 85%
rename from recipes-security/suricata/suricata_4.0.0.bb
rename to recipes-security/suricata/suricata_4.0.5.bb
index 6efa351..6ccf3d2 100644
--- a/recipes-security/suricata/suricata_4.0.0.bb
+++ b/recipes-security/suricata/suricata_4.0.5.bb
@@ -4,17 +4,23 @@ require suricata.inc
LIC_FILES_CHKSUM = "file://LICENSE;beginline=1;endline=2;md5=c70d8d3310941dcdfcd1e02800a1f548"
+SRC_URI += "https://rules.emergingthreats.net/open/suricata-4.0/emerging.rules.tar.gz;name=rules"
+
SRC_URI += " \
file://volatiles.03_suricata \
file://suricata.yaml \
file://suricata.service \
"
+SRC_URI[rules.md5sum] = "7e8b570d318c98bff65f2ddc457122cb"
+SRC_URI[rules.sha256sum] = "229e3035804c2b816092c6eea09e35f9db0ea421758551a7a740cdd9c15e3feb"
+
inherit autotools-brokensep pkgconfig python-dir systemd
CFLAGS += "-D_DEFAULT_SOURCE"
-CACHED_CONFIGUREVARS = "ac_cv_header_htp_htp_h=yes ac_cv_lib_htp_htp_conn_create=yes "
+CACHED_CONFIGUREVARS = "ac_cv_header_htp_htp_h=yes ac_cv_lib_htp_htp_conn_create=yes \
+ ac_cv_path_HAVE_WGET=no ac_cv_path_HAVE_CURL=no "
EXTRA_OECONF += " --disable-debug \
--enable-non-bundled-htp \
@@ -41,19 +47,20 @@ export logdir = "${localstatedir}/log"
do_install_append () {
+ install -d ${D}${sysconfdir}/suricata
+
+ oe_runmake install-conf DESTDIR=${D}
+
+ # mimic move of downloaded rules to e_sysconfrulesdir
+ cp -rf ${WORKDIR}/rules ${D}${sysconfdir}/suricata
+
oe_runmake install-rules DESTDIR=${D}
- install -d ${D}${sysconfdir}/suricata
install -d ${D}${sysconfdir}/suricata ${D}${sysconfdir}/default/volatiles
- install -m 644 classification.config ${D}${sysconfdir}/suricata
- install -m 644 reference.config ${D}${sysconfdir}/suricata
- install -m 644 ${WORKDIR}/suricata.yaml ${D}${sysconfdir}/suricata
install -m 0644 ${WORKDIR}/volatiles.03_suricata ${D}${sysconfdir}/default/volatiles/volatiles.03_suricata
install -m 0644 ${S}/threshold.config ${D}${sysconfdir}/suricata
- install -d ${D}${logdir}/suricata
-
install -d ${D}${systemd_unitdir}/system
sed -e s:/etc:${sysconfdir}:g \
-e s:/var/run:/run:g \
@@ -62,7 +69,6 @@ do_install_append () {
-e s:/bin/kill:${base_bindir}/kill:g \
-e s:/usr/lib:${libdir}:g \
${WORKDIR}/suricata.service > ${D}${systemd_unitdir}/system/suricata.service
-
}
pkg_postinst_ontarget_${PN} () {
@@ -74,7 +80,7 @@ fi
SYSTEMD_PACKAGES = "${PN}"
PACKAGES =+ "${PN}-socketcontrol"
-FILES_${PN} += "${logdir}/suricata ${systemd_unitdir}"
+FILES_${PN} += "${systemd_unitdir} /run"
FILES_${PN}-socketcontrol = "${bindir}/suricatasc ${PYTHON_SITEPACKAGES_DIR}"
CONFFILES_${PN} = "${sysconfdir}/suricata/suricata.yaml"
--
2.17.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [meta-security][PATCH 3/3] sleuthkit: update to 4.1.3
2018-08-09 23:04 [meta-security][PATCH 1/3] libhtp: update to 0.5.27 Armin Kuster
2018-08-09 23:04 ` [meta-security][PATCH 2/3] suricata: update 4.0.5 Armin Kuster
@ 2018-08-09 23:04 ` Armin Kuster
1 sibling, 0 replies; 3+ messages in thread
From: Armin Kuster @ 2018-08-09 23:04 UTC (permalink / raw)
To: akuster808, yocto
cleanup QA issues with perl
refresh patch
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../{afflib_3.6.6.bb => afflib_3.7.16.bb} | 20 +++++------
.../afflib/files/configure_rm_ms_flags.patch | 8 ++---
.../sleuth/files/fix_host_poison.patch | 33 ++++++++-----------
...{sleuthkit_4.1.3.bb => sleuthkit_4.6.0.bb} | 16 ++++++---
4 files changed, 37 insertions(+), 40 deletions(-)
rename recipes-forensic/afflib/{afflib_3.6.6.bb => afflib_3.7.16.bb} (54%)
rename recipes-forensic/sleuth/{sleuthkit_4.1.3.bb => sleuthkit_4.6.0.bb} (73%)
diff --git a/recipes-forensic/afflib/afflib_3.6.6.bb b/recipes-forensic/afflib/afflib_3.7.16.bb
similarity index 54%
rename from recipes-forensic/afflib/afflib_3.6.6.bb
rename to recipes-forensic/afflib/afflib_3.7.16.bb
index a826d1d..013f524 100644
--- a/recipes-forensic/afflib/afflib_3.6.6.bb
+++ b/recipes-forensic/afflib/afflib_3.7.16.bb
@@ -1,21 +1,17 @@
SUMMARY = "The Advanced Forensic Format (AFF) is on-disk format for storing computer forensic information."
HOMEPAGE = "http://www.afflib.org/"
LICENSE = " BSD-4-Clause & CPL-1.0"
-LIC_FILES_CHKSUM = "file://COPYING;md5=d1b2c6d0d6908f45d143ef6380727828"
+LIC_FILES_CHKSUM = "file://COPYING;md5=dddf949f1763ecf9b73a96b87b8e6fce"
-DEPENDS = " zlib ncurses readline openssl libgcrypt"
+DEPENDS = "zlib ncurses readline openssl libgcrypt"
-SRC_URI = "http://archive.ubuntu.com/ubuntu/pool/universe/a/${BPN}/${BPN}_${PV}.orig.tar.gz;name=orig \
- http://archive.ubuntu.com/ubuntu/pool/universe/a/${BPN}/${BPN}_${PV}-1.1.diff.gz;name=dpatch \
- file://configure_rm_ms_flags.patch \
- "
+SRC_URI = "http://archive.ubuntu.com/ubuntu/pool/universe/a/${BPN}/${BPN}_${PV}.orig.tar.gz \
+ file://configure_rm_ms_flags.patch "
-SRC_URI[orig.md5sum] = "b7ff4d2945882018eb1536cad182ad01"
-SRC_URI[orig.sha256sum] = "19cacfd558dc00e11975e820e3c4383b52aabbd5ca081d27bb7994a035d2f4ad"
-SRC_URI[dpatch.md5sum] = "171e871024545b487589e6c85290576f"
-SRC_URI[dpatch.sha256sum] = "db632e254ee51a1e4328cd4449d414eff4795053d4e36bfa8e0020fcb4085cdd"
+SRC_URI[md5sum] = "776f09e1c98a63e1e7a16a52f56146fe"
+SRC_URI[sha256sum] = "9c0522941a24a3aafa027e510c6add5ca9f4defd2d859da3e0b536ad11b6bf72"
-inherit autotools-brokensep pkgconfig
+inherit autotools pkgconfig
CPPFLAGS = "-I${STAGING_INCDIR}"
LDFLAGS = "-L${STAGING_LIBDIR}"
@@ -28,3 +24,5 @@ PACKAGECONFIG[python] = "--enable-python=yes, --enable-python=no, python"
EXTRA_OECONF += "--enable-s3=no CPPFLAGS=-I${STAGING_INCDIR} LDFLAGS=-L${STAGING_LIBDIR}"
EXTRA_OEMAKE += "CPPFLAGS='${CPPFLAGS}' LDFLAGS='-L${STAGING_LIBDIR} -I${STAGING_INCDIR}'"
+
+S = "${WORKDIR}/AFFLIBv3-${PV}"
diff --git a/recipes-forensic/afflib/files/configure_rm_ms_flags.patch b/recipes-forensic/afflib/files/configure_rm_ms_flags.patch
index ac33500..e6b3e1e 100644
--- a/recipes-forensic/afflib/files/configure_rm_ms_flags.patch
+++ b/recipes-forensic/afflib/files/configure_rm_ms_flags.patch
@@ -4,11 +4,11 @@ remove ms lib options when cross compiling
Signed-Off-By: Armin Kuster <akuster808@gmail.com>
-Index: configure.ac
+Index: AFFLIBv3-3.7.16/configure.ac
===================================================================
---- a.orig/configure.ac
-+++ a/configure.ac
-@@ -47,7 +47,6 @@ if test x"${cross_compiling}" = "xno" ;
+--- AFFLIBv3-3.7.16.orig/configure.ac
++++ AFFLIBv3-3.7.16/configure.ac
+@@ -46,7 +46,6 @@ if test x"${cross_compiling}" = "xno" ;
AC_MSG_NOTICE([ LDFLAGS = ${LDFLAGS} ])
else
AC_MSG_NOTICE([Cross Compiling --- will not update CPPFALGS or LDFLAGS with /usr/local, /opt/local or /sw])
diff --git a/recipes-forensic/sleuth/files/fix_host_poison.patch b/recipes-forensic/sleuth/files/fix_host_poison.patch
index 03b1fb9..1972f3e 100644
--- a/recipes-forensic/sleuth/files/fix_host_poison.patch
+++ b/recipes-forensic/sleuth/files/fix_host_poison.patch
@@ -1,23 +1,16 @@
-Upstream-Status: Inappropriate [configuration]
-
-Don't use host include or lib paths in *FLAGS
-
-Signed-off-by: Armin Kuster <akuster808@gmail.com>
-
-Index: configure.ac
+Index: sleuthkit-sleuthkit-4.6.0/configure.ac
===================================================================
---- a/configure.ac
-+++ b/configure.ac
-@@ -84,12 +84,6 @@ AX_PTHREAD([
- LDFLAGS="$LDFLAGS $PTHREAD_CFLAGS"
- CC="$PTHREAD_CC"],[])
-
--dnl Not all compilers include /usr/local in the include and link path
--if test -d /usr/local/include; then
+--- sleuthkit-sleuthkit-4.6.0.orig/configure.ac
++++ sleuthkit-sleuthkit-4.6.0/configure.ac
+@@ -95,11 +95,6 @@ case "$host" in
+ dnl Adding the native /usr/local is wrong for cross-compiling
+ ;;
+ *)
+- dnl Not all compilers include /usr/local in the include and link path
+- if test -d /usr/local/include; then
- CPPFLAGS="$CPPFLAGS -I/usr/local/include"
- LDFLAGS="$LDFLAGS -L/usr/local/lib"
--fi
--
- dnl Add enable/disable option
- AC_ARG_ENABLE([java],
- [AS_HELP_STRING([--disable-java], [Do not build the java bindings or jar file])])
+- fi
+ ;;
+ esac
+
diff --git a/recipes-forensic/sleuth/sleuthkit_4.1.3.bb b/recipes-forensic/sleuth/sleuthkit_4.6.0.bb
similarity index 73%
rename from recipes-forensic/sleuth/sleuthkit_4.1.3.bb
rename to recipes-forensic/sleuth/sleuthkit_4.6.0.bb
index ba335f3..4f51f3a 100644
--- a/recipes-forensic/sleuth/sleuthkit_4.1.3.bb
+++ b/recipes-forensic/sleuth/sleuthkit_4.6.0.bb
@@ -7,14 +7,15 @@ LIC_FILES_CHKSUM = "file://licenses/GNU-COPYING;startline=4;endline=5;md5=475b47
DEPENDS = "libtool"
-SRC_URI = "http://archive.ubuntu.com/ubuntu/pool/universe/s/${BPN}/${BPN}_${PV}.orig.tar.gz;name=orig \
- file://fix_host_poison.patch \
+SRC_URI = "http://archive.ubuntu.com/ubuntu/pool/universe/s/${BPN}/${BPN}_${PV}.orig.tar.gz \
"
-SRC_URI[orig.md5sum] = "139a12f06952d8a40bbe07884994cf5d"
-SRC_URI[orig.sha256sum] = "67f9d2a31a8884d58698d6122fc1a1bfa9bf238582bde2b49228ec9b899f0327"
+SRC_URI[md5sum] = "b94388c5f9de8a9f017619f4855f4401"
+SRC_URI[sha256sum] = "ad3e26958234c9e866dfbfb751bcd6ed300ff76446dc6767a6f9083df4bf4974"
inherit autotools-brokensep pkgconfig gettext
+S = "${WORKDIR}/${BPN}-${BPN}-${PV}"
+
PACKAGECONFIG ??= "aff zlib ewf"
PACKAGECONFIG[aff] = "--with-afflib=${STAGING_DIR_HOST}/usr, --without-afflib, afflib"
PACKAGECONFIG[zlib] = "--with-zlib=${STAGING_DIR_HOST}/usr, --without-zlib, zlib"
@@ -23,9 +24,14 @@ PACKAGECONFIG[ewf] = "--with-libewf=${STAGING_DIR_HOST}/usr, --without-libewf, l
#--with-gnu-ld
EXTRA_OECONF += "--enable-static=no --disable-java LIBS='-L${STAGING_LIBDIR}' LDFLAGS='-L${STAGING_LIBDIR}' CPPFLAGS='-I${STAGING_INCDIR}'"
+do_install_append () {
+ sed -e "s|${HOSTTOOLS_DIR}/perl -w|${bindir}/env perl|g" -i ${D}${bindir}/sorter
+ sed -e "s|${HOSTTOOLS_DIR}/perl -w|${bindir}/env perl|g" -i ${D}${bindir}/mactime
+
+}
# Avoid QA Issue: No GNU_HASH in the elf binary
INSANE_SKIP_${PN} = "ldflags"
FILES_${PN} += " ${datadir}/tsk"
-RDEPENDS_${PN} += " perl"
+RDEPENDS_sleuthkit = "perl"
--
2.17.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-08-09 23:04 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-08-09 23:04 [meta-security][PATCH 1/3] libhtp: update to 0.5.27 Armin Kuster
2018-08-09 23:04 ` [meta-security][PATCH 2/3] suricata: update 4.0.5 Armin Kuster
2018-08-09 23:04 ` [meta-security][PATCH 3/3] sleuthkit: update to 4.1.3 Armin Kuster
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.