* [PR PATCH] zeek: rename from bro, update to 3.1.1
@ 2020-04-09 16:44 abenson
2020-04-09 16:47 ` abenson
` (11 more replies)
0 siblings, 12 replies; 13+ messages in thread
From: abenson @ 2020-04-09 16:44 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 324 bytes --]
There is a new pull request by abenson against master on the void-packages repository
https://github.com/abenson/void-packages bro2zeek
https://github.com/void-linux/void-packages/pull/20798
zeek: rename from bro, update to 3.1.1
A patch file from https://github.com/void-linux/void-packages/pull/20798.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-bro2zeek-20798.patch --]
[-- Type: text/x-diff, Size: 16617 bytes --]
From 3914d671a3fe336a7526f1f94b7766f72050b677 Mon Sep 17 00:00:00 2001
From: Andrew Benson <abenson+void@gmail.com>
Date: Wed, 8 Apr 2020 19:56:10 -0500
Subject: [PATCH] zeek: rename from bro, update to 3.1.1
---
common/shlibs | 8 +-
srcpkgs/binpac | 2 +-
srcpkgs/binpac-devel | 2 +-
srcpkgs/bro/files/bro/run | 10 --
srcpkgs/bro/patches/libressl.patch | 176 ----------------------------
srcpkgs/bro/patches/musl.patch | 74 ------------
srcpkgs/bro/template | 48 +-------
srcpkgs/zeek-devel | 1 +
srcpkgs/zeek/files/zeek/run | 10 ++
srcpkgs/zeek/patches/fix-musl.patch | 23 ++++
srcpkgs/zeek/template | 53 +++++++++
11 files changed, 99 insertions(+), 308 deletions(-)
delete mode 100644 srcpkgs/bro/files/bro/run
delete mode 100644 srcpkgs/bro/patches/libressl.patch
delete mode 100644 srcpkgs/bro/patches/musl.patch
create mode 120000 srcpkgs/zeek-devel
create mode 100644 srcpkgs/zeek/files/zeek/run
create mode 100644 srcpkgs/zeek/patches/fix-musl.patch
create mode 100644 srcpkgs/zeek/template
diff --git a/common/shlibs b/common/shlibs
index b74c1cb6b18..a4f36a626d6 100644
--- a/common/shlibs
+++ b/common/shlibs
@@ -3536,9 +3536,11 @@ libtexpdf.so.0 libtexpdf-0.9.5_1
libupstart.so.1 libupstart-1.13.3_1
librtas.so.2 librtas-2.0.2_1
librtasevent.so.2 librtas-2.0.2_1
-libbroker.so.0 bro-2.6.1_1
-libcaf_core.so.0.16.2 bro-2.6.1_1
-libcaf_openssl.so.0.16.2 bro-2.6.1_1
+libbroker.so.2 zeek-3.1.1_1
+libcaf_core.so.0.17.4 zeek-3.1.1_1
+libcaf_io.so.0.17.4 zeek-3.1.1_1
+libcaf_openssl.so.0.17.4 zeek-3.1.1_1
+libbinpac.so.0 zeek-3.1.1_1
libllhttp.so.1 llhttp-1.0.1_1
libpinyin.so.13 libpinyin-2.2.1_1
libuhd.so.3.15.0 uhd-3.15.0.0_1
diff --git a/srcpkgs/binpac b/srcpkgs/binpac
index 52815503047..bd825eaacdb 120000
--- a/srcpkgs/binpac
+++ b/srcpkgs/binpac
@@ -1 +1 @@
-bro
\ No newline at end of file
+zeek
\ No newline at end of file
diff --git a/srcpkgs/binpac-devel b/srcpkgs/binpac-devel
index 52815503047..bd825eaacdb 120000
--- a/srcpkgs/binpac-devel
+++ b/srcpkgs/binpac-devel
@@ -1 +1 @@
-bro
\ No newline at end of file
+zeek
\ No newline at end of file
diff --git a/srcpkgs/bro/files/bro/run b/srcpkgs/bro/files/bro/run
deleted file mode 100644
index 90eb6a59c0c..00000000000
--- a/srcpkgs/bro/files/bro/run
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/sh
-
-BROLOGDIR="/var/log/bro"
-
-[ -r conf ] && . ./conf
-
-[ -d ${BROLOGDIR} ] || mkdir -p ${BROLOGDIR}
-
-cd /var/log/bro
-exec bro -i ${INTF:=eth0} ${BROPOLICY}
diff --git a/srcpkgs/bro/patches/libressl.patch b/srcpkgs/bro/patches/libressl.patch
deleted file mode 100644
index 31308629063..00000000000
--- a/srcpkgs/bro/patches/libressl.patch
+++ /dev/null
@@ -1,176 +0,0 @@
-From fc43d06955a255bce4162b459be4a6a3a11a178d Mon Sep 17 00:00:00 2001
-From: Jon Siwek <jsiwek@corelight.com>
-Date: Mon, 7 Jan 2019 11:35:17 -0600
-Subject: [PATCH] GH-227: Improve LibreSSL support
-
----
- src/file_analysis/analyzer/x509/OCSP.cc | 16 ++++++++--------
- src/file_analysis/analyzer/x509/X509.cc | 2 +-
- src/file_analysis/analyzer/x509/X509.h | 11 ++++++++---
- src/file_analysis/analyzer/x509/functions.bif | 6 +++---
- 4 files changed, 20 insertions(+), 15 deletions(-)
-
-diff --git src/file_analysis/analyzer/x509/OCSP.cc src/file_analysis/analyzer/x509/OCSP.cc
-index bea88fc747..537d194906 100644
---- src/file_analysis/analyzer/x509/OCSP.cc
-+++ src/file_analysis/analyzer/x509/OCSP.cc
-@@ -44,7 +44,7 @@ static Val* get_ocsp_type(RecordVal* args, const char* name)
-
- static bool OCSP_RESPID_bio(OCSP_BASICRESP* basic_resp, BIO* bio)
- {
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- ASN1_OCTET_STRING* key = nullptr;
- X509_NAME* name = nullptr;
-
-@@ -423,7 +423,7 @@ void file_analysis::OCSP::ParseRequest(OCSP_REQUEST* req, const char* fid)
-
- uint64 version = 0;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- if ( req->tbsRequest->version )
- version = (uint64)ASN1_INTEGER_get(req->tbsRequest->version);
- #else
-@@ -495,7 +495,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- if ( !basic_resp )
- goto clean_up;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- resp_data = basic_resp->tbsResponseData;
- if ( !resp_data )
- goto clean_up;
-@@ -506,7 +506,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- vl->append(resp_val->Ref());
- vl->append(status_val);
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- vl->append(new Val((uint64)ASN1_INTEGER_get(resp_data->version), TYPE_COUNT));
- #else
- vl->append(parse_basic_resp_data_version(basic_resp));
-@@ -526,7 +526,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- }
-
- // producedAt
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- produced_at = resp_data->producedAt;
- #else
- produced_at = OCSP_resp_get0_produced_at(basic_resp);
-@@ -551,7 +551,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- // cert id
- const OCSP_CERTID* cert_id = nullptr;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- cert_id = single_resp->certId;
- #else
- cert_id = OCSP_SINGLERESP_get0_id(single_resp);
-@@ -618,7 +618,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- }
- }
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- i2a_ASN1_OBJECT(bio, basic_resp->signatureAlgorithm->algorithm);
- len = BIO_read(bio, buf, sizeof(buf));
- vl->append(new StringVal(len, buf));
-@@ -635,7 +635,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- certs_vector = new VectorVal(internal_type("x509_opaque_vector")->AsVectorType());
- vl->append(certs_vector);
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- certs = basic_resp->certs;
- #else
- certs = OCSP_resp_get0_certs(basic_resp);
-diff --git src/file_analysis/analyzer/x509/X509.cc src/file_analysis/analyzer/x509/X509.cc
-index 7571915207..600b3adb52 100644
---- src/file_analysis/analyzer/x509/X509.cc
-+++ src/file_analysis/analyzer/x509/X509.cc
-@@ -290,7 +290,7 @@ void file_analysis::X509::ParseSAN(X509_EXTENSION* ext)
- continue;
- }
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- const char* name = (const char*) ASN1_STRING_data(gen->d.ia5);
- #else
- const char* name = (const char*) ASN1_STRING_get0_data(gen->d.ia5);
-diff --git src/file_analysis/analyzer/x509/X509.h src/file_analysis/analyzer/x509/X509.h
-index b808b676fe..91a5a7a5a1 100644
---- src/file_analysis/analyzer/x509/X509.h
-+++ src/file_analysis/analyzer/x509/X509.h
-@@ -8,24 +8,27 @@
- #include "Val.h"
- #include "X509Common.h"
-
--#if (OPENSSL_VERSION_NUMBER < 0x10002000L || LIBRESSL_VERSION_NUMBER)
-+#if ( OPENSSL_VERSION_NUMBER < 0x10002000L ) || defined(LIBRESSL_VERSION_NUMBER)
-
- #define X509_get_signature_nid(x) OBJ_obj2nid((x)->sig_alg->algorithm)
-
- #endif
-
--#if (OPENSSL_VERSION_NUMBER < 0x1010000fL || LIBRESSL_VERSION_NUMBER)
-+#if ( OPENSSL_VERSION_NUMBER < 0x1010000fL ) || defined(LIBRESSL_VERSION_NUMBER)
-
- #define X509_OBJECT_new() (X509_OBJECT*)malloc(sizeof(X509_OBJECT))
- #define X509_OBJECT_free(a) free(a)
-
--#define OCSP_SINGLERESP_get0_id(s) (s)->certId
- #define OCSP_resp_get0_certs(x) (x)->certs
-
- #define EVP_PKEY_get0_DSA(p) ((p)->pkey.dsa)
- #define EVP_PKEY_get0_EC_KEY(p) ((p)->pkey.ec)
- #define EVP_PKEY_get0_RSA(p) ((p)->pkey.rsa)
-
-+#if !defined(LIBRESSL_VERSION_NUMBER) || ( LIBRESSL_VERSION_NUMBER < 0x2070000fL )
-+
-+#define OCSP_SINGLERESP_get0_id(s) (s)->certId
-+
- static X509 *X509_OBJECT_get0_X509(const X509_OBJECT *a)
- {
- if ( a == nullptr || a->type != X509_LU_X509 )
-@@ -57,6 +60,8 @@ static void RSA_get0_key(const RSA *r,
-
- #endif
-
-+#endif
-+
- namespace file_analysis {
-
- class X509Val;
-diff --git src/file_analysis/analyzer/x509/functions.bif src/file_analysis/analyzer/x509/functions.bif
-index 0b18feb8fe..ec87a495b3 100644
---- src/file_analysis/analyzer/x509/functions.bif
-+++ src/file_analysis/analyzer/x509/functions.bif
-@@ -115,7 +115,7 @@ X509* x509_get_ocsp_signer(const STACK_OF(X509)* certs,
- const ASN1_OCTET_STRING* key = nullptr;
- const X509_NAME* name = nullptr;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- OCSP_RESPID* resp_id = basic_resp->tbsResponseData->responderId;
-
- if ( resp_id->type == V_OCSP_RESPID_NAME )
-@@ -348,7 +348,7 @@ function x509_ocsp_verify%(certs: x509_opaque_vector, ocsp_reply: string, root_c
-
- // Because we actually want to be able to give nice error messages that show why we were
- // not able to verify the OCSP response - do our own verification logic first.
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- signer = x509_get_ocsp_signer(basic->certs, basic);
- #else
- signer = x509_get_ocsp_signer(OCSP_resp_get0_certs(basic), basic);
-@@ -714,7 +714,7 @@ function sct_verify%(cert: opaque of x509, logid: string, log_key: string, signa
- uint32 cert_length;
- if ( precert )
- {
--#if (OPENSSL_VERSION_NUMBER < 0x10002000L || LIBRESSL_VERSION_NUMBER)
-+#if ( OPENSSL_VERSION_NUMBER < 0x10002000L ) || defined(LIBRESSL_VERSION_NUMBER)
- x->cert_info->enc.modified = 1;
- cert_length = i2d_X509_CINF(x->cert_info, &cert_out);
- #else
diff --git a/srcpkgs/bro/patches/musl.patch b/srcpkgs/bro/patches/musl.patch
deleted file mode 100644
index e8a2c6da9d5..00000000000
--- a/srcpkgs/bro/patches/musl.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-https://github.com/danielguerra69/docker-bro-1
-
---- aux/binpac/lib/binpac.h.in.orig
-+++ aux/binpac/lib/binpac.h.in
-@@ -4,6 +4,7 @@
- #define binpac_h
-
- #include <sys/param.h>
-+#include <sys/types.h>
-
- #cmakedefine HOST_BIGENDIAN
- #ifdef HOST_BIGENDIAN
-
---- src/OSFinger.h.orig
-+++ src/OSFinger.h
-@@ -166,3 +166,57 @@
- #define MATCHFUZZY 0x2
-
- #endif
-+
-+// For musl-libc
-+#ifndef TCPOPT_EOL
-+# define TCPOPT_EOL 0
-+#endif
-+
-+#ifndef TCPOPT_NOP
-+# define TCPOPT_NOP 1
-+#endif
-+
-+#ifndef TCPOPT_MAXSEG
-+# define TCPOPT_MAXSEG 2
-+#endif
-+
-+#ifndef TCPOLEN_MAXSEG
-+# define TCPOLEN_MAXSEG 4
-+#endif
-+
-+#ifndef TCPOPT_WINDOW
-+# define TCPOPT_WINDOW 3
-+#endif
-+
-+#ifndef TCPOLEN_WINDOW
-+# define TCPOLEN_WINDOW 3
-+#endif
-+
-+#ifndef TCPOPT_SACK_PERMITTED
-+# define TCPOPT_SACK_PERMITTED 4 /* Experimental */
-+#endif
-+
-+#ifndef TCPOLEN_SACK_PERMITTED
-+# define TCPOLEN_SACK_PERMITTED 2
-+#endif
-+
-+#ifndef TCPOPT_SACK
-+# define TCPOPT_SACK 5 /* Experimental */
-+#endif
-+
-+#ifndef TCPOPT_TIMESTAMP
-+# define TCPOPT_TIMESTAMP 8
-+#endif
-+
-+#ifndef TCPOLEN_TIMESTAMP
-+# define TCPOLEN_TIMESTAMP 10
-+#endif
-+
-+#ifndef TCPOLEN_TSTAMP_APPA
-+# define TCPOLEN_TSTAMP_APPA (TCPOLEN_TIMESTAMP+2) /* appendix A */
-+#endif
-+
-+#ifndef TCPOPT_TSTAMP_HDR
-+# define TCPOPT_TSTAMP_HDR \
-+ (TCPOPT_NOP<<24|TCPOPT_NOP<<16|TCPOPT_TIMESTAMP<<8|TCPOLEN_TIMESTAMP)
-+#endif
-
diff --git a/srcpkgs/bro/template b/srcpkgs/bro/template
index 4d453648771..2d818554e35 100644
--- a/srcpkgs/bro/template
+++ b/srcpkgs/bro/template
@@ -1,49 +1,11 @@
# Template file for 'bro'
pkgname=bro
version=2.6.4
-revision=1
-archs="x86_64* i686* aarch64* armv7* ppc64*"
-build_style=cmake
-hostmakedepends="flex pkg-config python3"
-makedepends="bind-devel geoip-devel libpcap-devel libressl-devel jemalloc-devel"
-short_desc="Advanced framework for network traffic analysis"
+revision=2
+archs=noarch
+build_style=meta
+depends="zeek"
+short_desc="Advanced framework for network traffic analysis (transitional dummy package)"
maintainer="Andrew Benson <abenson+void@gmail.com>"
license="BSD-3-Clause"
homepage="https://www.bro.org"
-distfiles="https://www.bro.org/downloads/bro-${version}.tar.gz"
-checksum=a47a9cdcef0ea14d5f70c390ab266f0333063ff96f3869a5f1609581a1d1ceb7
-nocross="Needs to build part of itself to run, can't be built separately yet."
-
-case "$XBPS_TARGET_MACHINE" in
- *-musl)
- makedepends+=" musl-fts-devel"
- ;;
-esac
-
-pre_configure() {
- case "$XBPS_TARGET_MACHINE" in
- *-musl)
- sed -i '/set(broxygen/i link_libraries("-lfts")' src/broxygen/CMakeLists.txt
- ;;
- esac
-}
-
-post_install() {
- vsv bro
- vlicense COPYING
-}
-
-binpac_package() {
- short_desc+=" - protocol parser compiler"
- pkg_install() {
- vmove /usr/bin/binpac
- }
-}
-
-binpac-devel_package() {
- short_desc+=" - protocol parser compiler library"
- pkg_install() {
- vmove /usr/include
- vmove "/usr/lib/*.a"
- }
-}
diff --git a/srcpkgs/zeek-devel b/srcpkgs/zeek-devel
new file mode 120000
index 00000000000..bd825eaacdb
--- /dev/null
+++ b/srcpkgs/zeek-devel
@@ -0,0 +1 @@
+zeek
\ No newline at end of file
diff --git a/srcpkgs/zeek/files/zeek/run b/srcpkgs/zeek/files/zeek/run
new file mode 100644
index 00000000000..8d3fd5e36f2
--- /dev/null
+++ b/srcpkgs/zeek/files/zeek/run
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+ZEEKLOGDIR="/var/log/zeek"
+
+[ -r conf ] && . ./conf
+
+[ -d ${ZEEKLOGDIR} ] || mkdir -p ${ZEEKLOGDIR}
+
+cd $ZEEKLOGDIR
+exec zeek -i ${INTF:=eth0} ${ZEEKPOLICY}
diff --git a/srcpkgs/zeek/patches/fix-musl.patch b/srcpkgs/zeek/patches/fix-musl.patch
new file mode 100644
index 00000000000..b44bcb3d165
--- /dev/null
+++ b/srcpkgs/zeek/patches/fix-musl.patch
@@ -0,0 +1,23 @@
+--- CMakeLists.txt.orig
++++ CMakeLists.txt
+@@ -322,18 +322,11 @@
+ # if one specifies --with-openssl (which may be common).
+ include_directories(BEFORE ${OPENSSL_INCLUDE_DIR})
+
+-# Alpine support
+-if ( ${CMAKE_SYSTEM_NAME} MATCHES Linux AND EXISTS /etc/os-release )
+- execute_process(
+- COMMAND grep -q alpine /etc/os-release
+- RESULT_VARIABLE os_release_alpine
+- )
+-
+- if ( os_release_alpine EQUAL 0 )
++# Void-musl support
++if ( IS_VOID_MUSL )
+ find_package(FTS REQUIRED)
+ list(APPEND OPTLIBS ${FTS_LIBRARY})
+ include_directories(BEFORE ${FTS_INCLUDE_DIR})
+- endif ()
+ endif ()
+
+ set(zeekdeps ${zeekdeps}
diff --git a/srcpkgs/zeek/template b/srcpkgs/zeek/template
new file mode 100644
index 00000000000..26db9cb7578
--- /dev/null
+++ b/srcpkgs/zeek/template
@@ -0,0 +1,53 @@
+# Template file for 'zeek'
+pkgname=zeek
+version=3.1.1
+revision=1
+archs="x86_64* i686* aarch64* armv7* ppc64*"
+build_style=cmake
+hostmakedepends="flex pkg-config python3"
+makedepends="bind-devel geoip-devel libpcap-devel libressl-devel jemalloc-devel
+ musl-legacy-compat"
+short_desc="Advanced framework for network traffic analysis"
+maintainer="Andrew Benson <abenson+void@gmail.com>"
+license="BSD-3-Clause"
+homepage="https://www.zeek.org"
+distfiles="https://old.zeek.org/downloads/zeek-${version}.tar.gz"
+checksum=a2ef5f36dc4566d2ba129f34c14c269619b9797725b65d2696c27074db5f3e6a
+nocross="Needs to build part of itself to run, can't be built separately yet."
+
+case "$XBPS_TARGET_MACHINE" in
+ *-musl)
+ makedepends+=" musl-fts-devel"
+ configure_args+=" -DIS_VOID_MUSL=1"
+ ;;
+esac
+
+post_install() {
+ vsv zeek
+ vlicense COPYING
+}
+
+zeek-devel_package() {
+ short_desc+=" - development files"
+ pkg_install() {
+ vmove usr/include
+ vmove "usr/bin/*-config"
+ vmove "usr/lib/*.a"
+ vmove "usr/lib/*.so"
+ vmove usr/share/zeek/cmake
+ }
+}
+
+binpac_package() {
+ short_desc+=" - protocol parser compiler (transitional)"
+ build_style=meta
+ archs=noarch
+ depends="${sourcepkg}>=${version}_${revision}"
+}
+
+binpac-devel_package() {
+ short_desc+=" - protocol parser compiler library (transitional)"
+ build_style=meta
+ archs=noarch
+ depends="${sourcepkg}>=${version}_${revision}"
+}
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: zeek: rename from bro, update to 3.1.1
2020-04-09 16:44 [PR PATCH] zeek: rename from bro, update to 3.1.1 abenson
@ 2020-04-09 16:47 ` abenson
2020-04-10 1:36 ` sgn
` (10 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: abenson @ 2020-04-09 16:47 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 233 bytes --]
New comment by abenson on void-packages repository
https://github.com/void-linux/void-packages/pull/20798#issuecomment-611631554
Comment:
I asked in #xbps whether to use replaces= or what, and was told transitional package instead
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: zeek: rename from bro, update to 3.1.1
2020-04-09 16:44 [PR PATCH] zeek: rename from bro, update to 3.1.1 abenson
2020-04-09 16:47 ` abenson
@ 2020-04-10 1:36 ` sgn
2020-04-10 14:43 ` abenson
` (9 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: sgn @ 2020-04-10 1:36 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 363 bytes --]
New comment by sgn on void-packages repository
https://github.com/void-linux/void-packages/pull/20798#issuecomment-611832763
Comment:
> replaces='bro>=0"?
`xbps-remove -o` will remove zeek if using replaces,
because it's not explicitly installed and no packages depends on it.
If xbps-pkgdb can mark zeek as manual when bro is manual, I think it's fine.
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: zeek: rename from bro, update to 3.1.1
2020-04-09 16:44 [PR PATCH] zeek: rename from bro, update to 3.1.1 abenson
2020-04-09 16:47 ` abenson
2020-04-10 1:36 ` sgn
@ 2020-04-10 14:43 ` abenson
2020-04-21 21:14 ` [PR PATCH] [Updated] [WIP] " abenson
` (8 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: abenson @ 2020-04-10 14:43 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 221 bytes --]
New comment by abenson on void-packages repository
https://github.com/void-linux/void-packages/pull/20798#issuecomment-612059455
Comment:
Yeah, replaces really should should make the package inherit installation state.
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PR PATCH] [Updated] [WIP] zeek: rename from bro, update to 3.1.1
2020-04-09 16:44 [PR PATCH] zeek: rename from bro, update to 3.1.1 abenson
` (2 preceding siblings ...)
2020-04-10 14:43 ` abenson
@ 2020-04-21 21:14 ` abenson
2020-04-21 21:59 ` abenson
` (7 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: abenson @ 2020-04-21 21:14 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 335 bytes --]
There is an updated pull request by abenson against master on the void-packages repository
https://github.com/abenson/void-packages bro2zeek
https://github.com/void-linux/void-packages/pull/20798
[WIP] zeek: rename from bro, update to 3.1.1
A patch file from https://github.com/void-linux/void-packages/pull/20798.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-bro2zeek-20798.patch --]
[-- Type: text/x-diff, Size: 16619 bytes --]
From f5bc4069d1bb346567a14730c164f47811a2f806 Mon Sep 17 00:00:00 2001
From: Andrew Benson <abenson+void@gmail.com>
Date: Wed, 8 Apr 2020 19:56:10 -0500
Subject: [PATCH] zeek: rename from bro, update to 3.1.2
---
common/shlibs | 8 +-
srcpkgs/binpac | 2 +-
srcpkgs/binpac-devel | 2 +-
srcpkgs/bro/files/bro/run | 10 --
srcpkgs/bro/patches/libressl.patch | 176 ----------------------------
srcpkgs/bro/patches/musl.patch | 74 ------------
srcpkgs/bro/template | 48 +-------
srcpkgs/zeek-devel | 1 +
srcpkgs/zeek/files/zeek/run | 10 ++
srcpkgs/zeek/patches/fix-musl.patch | 23 ++++
srcpkgs/zeek/template | 50 ++++++++
11 files changed, 96 insertions(+), 308 deletions(-)
delete mode 100644 srcpkgs/bro/files/bro/run
delete mode 100644 srcpkgs/bro/patches/libressl.patch
delete mode 100644 srcpkgs/bro/patches/musl.patch
create mode 120000 srcpkgs/zeek-devel
create mode 100644 srcpkgs/zeek/files/zeek/run
create mode 100644 srcpkgs/zeek/patches/fix-musl.patch
create mode 100644 srcpkgs/zeek/template
diff --git a/common/shlibs b/common/shlibs
index 5f1a09de8dc..81582151b94 100644
--- a/common/shlibs
+++ b/common/shlibs
@@ -3537,9 +3537,11 @@ libtexpdf.so.0 libtexpdf-0.9.5_1
libupstart.so.1 libupstart-1.13.3_1
librtas.so.2 librtas-2.0.2_1
librtasevent.so.2 librtas-2.0.2_1
-libbroker.so.0 bro-2.6.1_1
-libcaf_core.so.0.16.2 bro-2.6.1_1
-libcaf_openssl.so.0.16.2 bro-2.6.1_1
+libbroker.so.2 zeek-3.1.1_1
+libcaf_core.so.0.17.4 zeek-3.1.1_1
+libcaf_io.so.0.17.4 zeek-3.1.1_1
+libcaf_openssl.so.0.17.4 zeek-3.1.1_1
+libbinpac.so.0 zeek-3.1.1_1
libllhttp.so.1 llhttp-1.0.1_1
libpinyin.so.13 libpinyin-2.2.1_1
libuhd.so.3.15.0 uhd-3.15.0.0_1
diff --git a/srcpkgs/binpac b/srcpkgs/binpac
index 52815503047..bd825eaacdb 120000
--- a/srcpkgs/binpac
+++ b/srcpkgs/binpac
@@ -1 +1 @@
-bro
\ No newline at end of file
+zeek
\ No newline at end of file
diff --git a/srcpkgs/binpac-devel b/srcpkgs/binpac-devel
index 52815503047..bd825eaacdb 120000
--- a/srcpkgs/binpac-devel
+++ b/srcpkgs/binpac-devel
@@ -1 +1 @@
-bro
\ No newline at end of file
+zeek
\ No newline at end of file
diff --git a/srcpkgs/bro/files/bro/run b/srcpkgs/bro/files/bro/run
deleted file mode 100644
index 90eb6a59c0c..00000000000
--- a/srcpkgs/bro/files/bro/run
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/sh
-
-BROLOGDIR="/var/log/bro"
-
-[ -r conf ] && . ./conf
-
-[ -d ${BROLOGDIR} ] || mkdir -p ${BROLOGDIR}
-
-cd /var/log/bro
-exec bro -i ${INTF:=eth0} ${BROPOLICY}
diff --git a/srcpkgs/bro/patches/libressl.patch b/srcpkgs/bro/patches/libressl.patch
deleted file mode 100644
index 31308629063..00000000000
--- a/srcpkgs/bro/patches/libressl.patch
+++ /dev/null
@@ -1,176 +0,0 @@
-From fc43d06955a255bce4162b459be4a6a3a11a178d Mon Sep 17 00:00:00 2001
-From: Jon Siwek <jsiwek@corelight.com>
-Date: Mon, 7 Jan 2019 11:35:17 -0600
-Subject: [PATCH] GH-227: Improve LibreSSL support
-
----
- src/file_analysis/analyzer/x509/OCSP.cc | 16 ++++++++--------
- src/file_analysis/analyzer/x509/X509.cc | 2 +-
- src/file_analysis/analyzer/x509/X509.h | 11 ++++++++---
- src/file_analysis/analyzer/x509/functions.bif | 6 +++---
- 4 files changed, 20 insertions(+), 15 deletions(-)
-
-diff --git src/file_analysis/analyzer/x509/OCSP.cc src/file_analysis/analyzer/x509/OCSP.cc
-index bea88fc747..537d194906 100644
---- src/file_analysis/analyzer/x509/OCSP.cc
-+++ src/file_analysis/analyzer/x509/OCSP.cc
-@@ -44,7 +44,7 @@ static Val* get_ocsp_type(RecordVal* args, const char* name)
-
- static bool OCSP_RESPID_bio(OCSP_BASICRESP* basic_resp, BIO* bio)
- {
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- ASN1_OCTET_STRING* key = nullptr;
- X509_NAME* name = nullptr;
-
-@@ -423,7 +423,7 @@ void file_analysis::OCSP::ParseRequest(OCSP_REQUEST* req, const char* fid)
-
- uint64 version = 0;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- if ( req->tbsRequest->version )
- version = (uint64)ASN1_INTEGER_get(req->tbsRequest->version);
- #else
-@@ -495,7 +495,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- if ( !basic_resp )
- goto clean_up;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- resp_data = basic_resp->tbsResponseData;
- if ( !resp_data )
- goto clean_up;
-@@ -506,7 +506,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- vl->append(resp_val->Ref());
- vl->append(status_val);
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- vl->append(new Val((uint64)ASN1_INTEGER_get(resp_data->version), TYPE_COUNT));
- #else
- vl->append(parse_basic_resp_data_version(basic_resp));
-@@ -526,7 +526,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- }
-
- // producedAt
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- produced_at = resp_data->producedAt;
- #else
- produced_at = OCSP_resp_get0_produced_at(basic_resp);
-@@ -551,7 +551,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- // cert id
- const OCSP_CERTID* cert_id = nullptr;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- cert_id = single_resp->certId;
- #else
- cert_id = OCSP_SINGLERESP_get0_id(single_resp);
-@@ -618,7 +618,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- }
- }
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- i2a_ASN1_OBJECT(bio, basic_resp->signatureAlgorithm->algorithm);
- len = BIO_read(bio, buf, sizeof(buf));
- vl->append(new StringVal(len, buf));
-@@ -635,7 +635,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- certs_vector = new VectorVal(internal_type("x509_opaque_vector")->AsVectorType());
- vl->append(certs_vector);
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- certs = basic_resp->certs;
- #else
- certs = OCSP_resp_get0_certs(basic_resp);
-diff --git src/file_analysis/analyzer/x509/X509.cc src/file_analysis/analyzer/x509/X509.cc
-index 7571915207..600b3adb52 100644
---- src/file_analysis/analyzer/x509/X509.cc
-+++ src/file_analysis/analyzer/x509/X509.cc
-@@ -290,7 +290,7 @@ void file_analysis::X509::ParseSAN(X509_EXTENSION* ext)
- continue;
- }
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- const char* name = (const char*) ASN1_STRING_data(gen->d.ia5);
- #else
- const char* name = (const char*) ASN1_STRING_get0_data(gen->d.ia5);
-diff --git src/file_analysis/analyzer/x509/X509.h src/file_analysis/analyzer/x509/X509.h
-index b808b676fe..91a5a7a5a1 100644
---- src/file_analysis/analyzer/x509/X509.h
-+++ src/file_analysis/analyzer/x509/X509.h
-@@ -8,24 +8,27 @@
- #include "Val.h"
- #include "X509Common.h"
-
--#if (OPENSSL_VERSION_NUMBER < 0x10002000L || LIBRESSL_VERSION_NUMBER)
-+#if ( OPENSSL_VERSION_NUMBER < 0x10002000L ) || defined(LIBRESSL_VERSION_NUMBER)
-
- #define X509_get_signature_nid(x) OBJ_obj2nid((x)->sig_alg->algorithm)
-
- #endif
-
--#if (OPENSSL_VERSION_NUMBER < 0x1010000fL || LIBRESSL_VERSION_NUMBER)
-+#if ( OPENSSL_VERSION_NUMBER < 0x1010000fL ) || defined(LIBRESSL_VERSION_NUMBER)
-
- #define X509_OBJECT_new() (X509_OBJECT*)malloc(sizeof(X509_OBJECT))
- #define X509_OBJECT_free(a) free(a)
-
--#define OCSP_SINGLERESP_get0_id(s) (s)->certId
- #define OCSP_resp_get0_certs(x) (x)->certs
-
- #define EVP_PKEY_get0_DSA(p) ((p)->pkey.dsa)
- #define EVP_PKEY_get0_EC_KEY(p) ((p)->pkey.ec)
- #define EVP_PKEY_get0_RSA(p) ((p)->pkey.rsa)
-
-+#if !defined(LIBRESSL_VERSION_NUMBER) || ( LIBRESSL_VERSION_NUMBER < 0x2070000fL )
-+
-+#define OCSP_SINGLERESP_get0_id(s) (s)->certId
-+
- static X509 *X509_OBJECT_get0_X509(const X509_OBJECT *a)
- {
- if ( a == nullptr || a->type != X509_LU_X509 )
-@@ -57,6 +60,8 @@ static void RSA_get0_key(const RSA *r,
-
- #endif
-
-+#endif
-+
- namespace file_analysis {
-
- class X509Val;
-diff --git src/file_analysis/analyzer/x509/functions.bif src/file_analysis/analyzer/x509/functions.bif
-index 0b18feb8fe..ec87a495b3 100644
---- src/file_analysis/analyzer/x509/functions.bif
-+++ src/file_analysis/analyzer/x509/functions.bif
-@@ -115,7 +115,7 @@ X509* x509_get_ocsp_signer(const STACK_OF(X509)* certs,
- const ASN1_OCTET_STRING* key = nullptr;
- const X509_NAME* name = nullptr;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- OCSP_RESPID* resp_id = basic_resp->tbsResponseData->responderId;
-
- if ( resp_id->type == V_OCSP_RESPID_NAME )
-@@ -348,7 +348,7 @@ function x509_ocsp_verify%(certs: x509_opaque_vector, ocsp_reply: string, root_c
-
- // Because we actually want to be able to give nice error messages that show why we were
- // not able to verify the OCSP response - do our own verification logic first.
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- signer = x509_get_ocsp_signer(basic->certs, basic);
- #else
- signer = x509_get_ocsp_signer(OCSP_resp_get0_certs(basic), basic);
-@@ -714,7 +714,7 @@ function sct_verify%(cert: opaque of x509, logid: string, log_key: string, signa
- uint32 cert_length;
- if ( precert )
- {
--#if (OPENSSL_VERSION_NUMBER < 0x10002000L || LIBRESSL_VERSION_NUMBER)
-+#if ( OPENSSL_VERSION_NUMBER < 0x10002000L ) || defined(LIBRESSL_VERSION_NUMBER)
- x->cert_info->enc.modified = 1;
- cert_length = i2d_X509_CINF(x->cert_info, &cert_out);
- #else
diff --git a/srcpkgs/bro/patches/musl.patch b/srcpkgs/bro/patches/musl.patch
deleted file mode 100644
index e8a2c6da9d5..00000000000
--- a/srcpkgs/bro/patches/musl.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-https://github.com/danielguerra69/docker-bro-1
-
---- aux/binpac/lib/binpac.h.in.orig
-+++ aux/binpac/lib/binpac.h.in
-@@ -4,6 +4,7 @@
- #define binpac_h
-
- #include <sys/param.h>
-+#include <sys/types.h>
-
- #cmakedefine HOST_BIGENDIAN
- #ifdef HOST_BIGENDIAN
-
---- src/OSFinger.h.orig
-+++ src/OSFinger.h
-@@ -166,3 +166,57 @@
- #define MATCHFUZZY 0x2
-
- #endif
-+
-+// For musl-libc
-+#ifndef TCPOPT_EOL
-+# define TCPOPT_EOL 0
-+#endif
-+
-+#ifndef TCPOPT_NOP
-+# define TCPOPT_NOP 1
-+#endif
-+
-+#ifndef TCPOPT_MAXSEG
-+# define TCPOPT_MAXSEG 2
-+#endif
-+
-+#ifndef TCPOLEN_MAXSEG
-+# define TCPOLEN_MAXSEG 4
-+#endif
-+
-+#ifndef TCPOPT_WINDOW
-+# define TCPOPT_WINDOW 3
-+#endif
-+
-+#ifndef TCPOLEN_WINDOW
-+# define TCPOLEN_WINDOW 3
-+#endif
-+
-+#ifndef TCPOPT_SACK_PERMITTED
-+# define TCPOPT_SACK_PERMITTED 4 /* Experimental */
-+#endif
-+
-+#ifndef TCPOLEN_SACK_PERMITTED
-+# define TCPOLEN_SACK_PERMITTED 2
-+#endif
-+
-+#ifndef TCPOPT_SACK
-+# define TCPOPT_SACK 5 /* Experimental */
-+#endif
-+
-+#ifndef TCPOPT_TIMESTAMP
-+# define TCPOPT_TIMESTAMP 8
-+#endif
-+
-+#ifndef TCPOLEN_TIMESTAMP
-+# define TCPOLEN_TIMESTAMP 10
-+#endif
-+
-+#ifndef TCPOLEN_TSTAMP_APPA
-+# define TCPOLEN_TSTAMP_APPA (TCPOLEN_TIMESTAMP+2) /* appendix A */
-+#endif
-+
-+#ifndef TCPOPT_TSTAMP_HDR
-+# define TCPOPT_TSTAMP_HDR \
-+ (TCPOPT_NOP<<24|TCPOPT_NOP<<16|TCPOPT_TIMESTAMP<<8|TCPOLEN_TIMESTAMP)
-+#endif
-
diff --git a/srcpkgs/bro/template b/srcpkgs/bro/template
index 4d453648771..2d818554e35 100644
--- a/srcpkgs/bro/template
+++ b/srcpkgs/bro/template
@@ -1,49 +1,11 @@
# Template file for 'bro'
pkgname=bro
version=2.6.4
-revision=1
-archs="x86_64* i686* aarch64* armv7* ppc64*"
-build_style=cmake
-hostmakedepends="flex pkg-config python3"
-makedepends="bind-devel geoip-devel libpcap-devel libressl-devel jemalloc-devel"
-short_desc="Advanced framework for network traffic analysis"
+revision=2
+archs=noarch
+build_style=meta
+depends="zeek"
+short_desc="Advanced framework for network traffic analysis (transitional dummy package)"
maintainer="Andrew Benson <abenson+void@gmail.com>"
license="BSD-3-Clause"
homepage="https://www.bro.org"
-distfiles="https://www.bro.org/downloads/bro-${version}.tar.gz"
-checksum=a47a9cdcef0ea14d5f70c390ab266f0333063ff96f3869a5f1609581a1d1ceb7
-nocross="Needs to build part of itself to run, can't be built separately yet."
-
-case "$XBPS_TARGET_MACHINE" in
- *-musl)
- makedepends+=" musl-fts-devel"
- ;;
-esac
-
-pre_configure() {
- case "$XBPS_TARGET_MACHINE" in
- *-musl)
- sed -i '/set(broxygen/i link_libraries("-lfts")' src/broxygen/CMakeLists.txt
- ;;
- esac
-}
-
-post_install() {
- vsv bro
- vlicense COPYING
-}
-
-binpac_package() {
- short_desc+=" - protocol parser compiler"
- pkg_install() {
- vmove /usr/bin/binpac
- }
-}
-
-binpac-devel_package() {
- short_desc+=" - protocol parser compiler library"
- pkg_install() {
- vmove /usr/include
- vmove "/usr/lib/*.a"
- }
-}
diff --git a/srcpkgs/zeek-devel b/srcpkgs/zeek-devel
new file mode 120000
index 00000000000..bd825eaacdb
--- /dev/null
+++ b/srcpkgs/zeek-devel
@@ -0,0 +1 @@
+zeek
\ No newline at end of file
diff --git a/srcpkgs/zeek/files/zeek/run b/srcpkgs/zeek/files/zeek/run
new file mode 100644
index 00000000000..8d3fd5e36f2
--- /dev/null
+++ b/srcpkgs/zeek/files/zeek/run
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+ZEEKLOGDIR="/var/log/zeek"
+
+[ -r conf ] && . ./conf
+
+[ -d ${ZEEKLOGDIR} ] || mkdir -p ${ZEEKLOGDIR}
+
+cd $ZEEKLOGDIR
+exec zeek -i ${INTF:=eth0} ${ZEEKPOLICY}
diff --git a/srcpkgs/zeek/patches/fix-musl.patch b/srcpkgs/zeek/patches/fix-musl.patch
new file mode 100644
index 00000000000..b44bcb3d165
--- /dev/null
+++ b/srcpkgs/zeek/patches/fix-musl.patch
@@ -0,0 +1,23 @@
+--- CMakeLists.txt.orig
++++ CMakeLists.txt
+@@ -322,18 +322,11 @@
+ # if one specifies --with-openssl (which may be common).
+ include_directories(BEFORE ${OPENSSL_INCLUDE_DIR})
+
+-# Alpine support
+-if ( ${CMAKE_SYSTEM_NAME} MATCHES Linux AND EXISTS /etc/os-release )
+- execute_process(
+- COMMAND grep -q alpine /etc/os-release
+- RESULT_VARIABLE os_release_alpine
+- )
+-
+- if ( os_release_alpine EQUAL 0 )
++# Void-musl support
++if ( IS_VOID_MUSL )
+ find_package(FTS REQUIRED)
+ list(APPEND OPTLIBS ${FTS_LIBRARY})
+ include_directories(BEFORE ${FTS_INCLUDE_DIR})
+- endif ()
+ endif ()
+
+ set(zeekdeps ${zeekdeps}
diff --git a/srcpkgs/zeek/template b/srcpkgs/zeek/template
new file mode 100644
index 00000000000..d77cd68e30a
--- /dev/null
+++ b/srcpkgs/zeek/template
@@ -0,0 +1,50 @@
+# Template file for 'zeek'
+pkgname=zeek
+version=3.1.2
+revision=1
+archs="x86_64* i686* aarch64* armv7* ppc64*"
+build_style=cmake
+hostmakedepends="flex pkg-config python3"
+makedepends="bind-devel geoip-devel libpcap-devel libressl-devel jemalloc-devel"
+short_desc="Advanced framework for network traffic analysis"
+maintainer="Andrew Benson <abenson+void@gmail.com>"
+license="BSD-3-Clause"
+homepage="https://www.zeek.org"
+distfiles="https://old.zeek.org/downloads/zeek-${version}.tar.gz"
+checksum=1858725fd6d04a1af3c2798c341529aa0d229e838b6476f036156dc5dd254aa1
+nocross="Needs to build part of itself to run, can't be built separately yet."
+
+if [ "$XBPS_TARGET_LIBC" = "musl" ]; then
+ makedepends+=" musl-fts-devel musl-legacy-compat"
+ configure_args+=" -DIS_VOID_MUSL=1"
+fi
+
+post_install() {
+ vsv zeek
+ vlicense COPYING
+}
+
+zeek-devel_package() {
+ short_desc+=" - development files"
+ pkg_install() {
+ vmove usr/include
+ vmove "usr/bin/*-config"
+ vmove "usr/lib/*.a"
+ vmove "usr/lib/*.so"
+ vmove usr/share/zeek/cmake
+ }
+}
+
+binpac_package() {
+ short_desc+=" - protocol parser compiler (transitional)"
+ build_style=meta
+ archs=noarch
+ depends="${sourcepkg}>=${version}_${revision}"
+}
+
+binpac-devel_package() {
+ short_desc+=" - protocol parser compiler library (transitional)"
+ build_style=meta
+ archs=noarch
+ depends="${sourcepkg}>=${version}_${revision}"
+}
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PR PATCH] [Updated] [WIP] zeek: rename from bro, update to 3.1.1
2020-04-09 16:44 [PR PATCH] zeek: rename from bro, update to 3.1.1 abenson
` (3 preceding siblings ...)
2020-04-21 21:14 ` [PR PATCH] [Updated] [WIP] " abenson
@ 2020-04-21 21:59 ` abenson
2020-04-21 22:13 ` abenson
` (6 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: abenson @ 2020-04-21 21:59 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 335 bytes --]
There is an updated pull request by abenson against master on the void-packages repository
https://github.com/abenson/void-packages bro2zeek
https://github.com/void-linux/void-packages/pull/20798
[WIP] zeek: rename from bro, update to 3.1.1
A patch file from https://github.com/void-linux/void-packages/pull/20798.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-bro2zeek-20798.patch --]
[-- Type: text/x-diff, Size: 16651 bytes --]
From 2b374aa27ef1654e0058865f862cf5deeddd025b Mon Sep 17 00:00:00 2001
From: Andrew Benson <abenson+void@gmail.com>
Date: Wed, 8 Apr 2020 19:56:10 -0500
Subject: [PATCH] [no ci] zeek: rename from bro, update to 3.1.2
---
common/shlibs | 8 +-
srcpkgs/binpac | 2 +-
srcpkgs/binpac-devel | 2 +-
srcpkgs/bro/files/bro/run | 10 --
srcpkgs/bro/patches/libressl.patch | 176 ----------------------------
srcpkgs/bro/patches/musl.patch | 74 ------------
srcpkgs/bro/template | 50 +-------
srcpkgs/zeek-devel | 1 +
srcpkgs/zeek/files/zeek/run | 10 ++
srcpkgs/zeek/patches/fix-musl.patch | 23 ++++
srcpkgs/zeek/template | 50 ++++++++
11 files changed, 97 insertions(+), 309 deletions(-)
delete mode 100644 srcpkgs/bro/files/bro/run
delete mode 100644 srcpkgs/bro/patches/libressl.patch
delete mode 100644 srcpkgs/bro/patches/musl.patch
create mode 120000 srcpkgs/zeek-devel
create mode 100644 srcpkgs/zeek/files/zeek/run
create mode 100644 srcpkgs/zeek/patches/fix-musl.patch
create mode 100644 srcpkgs/zeek/template
diff --git a/common/shlibs b/common/shlibs
index 5f1a09de8dc..81582151b94 100644
--- a/common/shlibs
+++ b/common/shlibs
@@ -3537,9 +3537,11 @@ libtexpdf.so.0 libtexpdf-0.9.5_1
libupstart.so.1 libupstart-1.13.3_1
librtas.so.2 librtas-2.0.2_1
librtasevent.so.2 librtas-2.0.2_1
-libbroker.so.0 bro-2.6.1_1
-libcaf_core.so.0.16.2 bro-2.6.1_1
-libcaf_openssl.so.0.16.2 bro-2.6.1_1
+libbroker.so.2 zeek-3.1.1_1
+libcaf_core.so.0.17.4 zeek-3.1.1_1
+libcaf_io.so.0.17.4 zeek-3.1.1_1
+libcaf_openssl.so.0.17.4 zeek-3.1.1_1
+libbinpac.so.0 zeek-3.1.1_1
libllhttp.so.1 llhttp-1.0.1_1
libpinyin.so.13 libpinyin-2.2.1_1
libuhd.so.3.15.0 uhd-3.15.0.0_1
diff --git a/srcpkgs/binpac b/srcpkgs/binpac
index 52815503047..bd825eaacdb 120000
--- a/srcpkgs/binpac
+++ b/srcpkgs/binpac
@@ -1 +1 @@
-bro
\ No newline at end of file
+zeek
\ No newline at end of file
diff --git a/srcpkgs/binpac-devel b/srcpkgs/binpac-devel
index 52815503047..bd825eaacdb 120000
--- a/srcpkgs/binpac-devel
+++ b/srcpkgs/binpac-devel
@@ -1 +1 @@
-bro
\ No newline at end of file
+zeek
\ No newline at end of file
diff --git a/srcpkgs/bro/files/bro/run b/srcpkgs/bro/files/bro/run
deleted file mode 100644
index 90eb6a59c0c..00000000000
--- a/srcpkgs/bro/files/bro/run
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/sh
-
-BROLOGDIR="/var/log/bro"
-
-[ -r conf ] && . ./conf
-
-[ -d ${BROLOGDIR} ] || mkdir -p ${BROLOGDIR}
-
-cd /var/log/bro
-exec bro -i ${INTF:=eth0} ${BROPOLICY}
diff --git a/srcpkgs/bro/patches/libressl.patch b/srcpkgs/bro/patches/libressl.patch
deleted file mode 100644
index 31308629063..00000000000
--- a/srcpkgs/bro/patches/libressl.patch
+++ /dev/null
@@ -1,176 +0,0 @@
-From fc43d06955a255bce4162b459be4a6a3a11a178d Mon Sep 17 00:00:00 2001
-From: Jon Siwek <jsiwek@corelight.com>
-Date: Mon, 7 Jan 2019 11:35:17 -0600
-Subject: [PATCH] GH-227: Improve LibreSSL support
-
----
- src/file_analysis/analyzer/x509/OCSP.cc | 16 ++++++++--------
- src/file_analysis/analyzer/x509/X509.cc | 2 +-
- src/file_analysis/analyzer/x509/X509.h | 11 ++++++++---
- src/file_analysis/analyzer/x509/functions.bif | 6 +++---
- 4 files changed, 20 insertions(+), 15 deletions(-)
-
-diff --git src/file_analysis/analyzer/x509/OCSP.cc src/file_analysis/analyzer/x509/OCSP.cc
-index bea88fc747..537d194906 100644
---- src/file_analysis/analyzer/x509/OCSP.cc
-+++ src/file_analysis/analyzer/x509/OCSP.cc
-@@ -44,7 +44,7 @@ static Val* get_ocsp_type(RecordVal* args, const char* name)
-
- static bool OCSP_RESPID_bio(OCSP_BASICRESP* basic_resp, BIO* bio)
- {
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- ASN1_OCTET_STRING* key = nullptr;
- X509_NAME* name = nullptr;
-
-@@ -423,7 +423,7 @@ void file_analysis::OCSP::ParseRequest(OCSP_REQUEST* req, const char* fid)
-
- uint64 version = 0;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- if ( req->tbsRequest->version )
- version = (uint64)ASN1_INTEGER_get(req->tbsRequest->version);
- #else
-@@ -495,7 +495,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- if ( !basic_resp )
- goto clean_up;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- resp_data = basic_resp->tbsResponseData;
- if ( !resp_data )
- goto clean_up;
-@@ -506,7 +506,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- vl->append(resp_val->Ref());
- vl->append(status_val);
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- vl->append(new Val((uint64)ASN1_INTEGER_get(resp_data->version), TYPE_COUNT));
- #else
- vl->append(parse_basic_resp_data_version(basic_resp));
-@@ -526,7 +526,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- }
-
- // producedAt
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- produced_at = resp_data->producedAt;
- #else
- produced_at = OCSP_resp_get0_produced_at(basic_resp);
-@@ -551,7 +551,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- // cert id
- const OCSP_CERTID* cert_id = nullptr;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- cert_id = single_resp->certId;
- #else
- cert_id = OCSP_SINGLERESP_get0_id(single_resp);
-@@ -618,7 +618,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- }
- }
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- i2a_ASN1_OBJECT(bio, basic_resp->signatureAlgorithm->algorithm);
- len = BIO_read(bio, buf, sizeof(buf));
- vl->append(new StringVal(len, buf));
-@@ -635,7 +635,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- certs_vector = new VectorVal(internal_type("x509_opaque_vector")->AsVectorType());
- vl->append(certs_vector);
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- certs = basic_resp->certs;
- #else
- certs = OCSP_resp_get0_certs(basic_resp);
-diff --git src/file_analysis/analyzer/x509/X509.cc src/file_analysis/analyzer/x509/X509.cc
-index 7571915207..600b3adb52 100644
---- src/file_analysis/analyzer/x509/X509.cc
-+++ src/file_analysis/analyzer/x509/X509.cc
-@@ -290,7 +290,7 @@ void file_analysis::X509::ParseSAN(X509_EXTENSION* ext)
- continue;
- }
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- const char* name = (const char*) ASN1_STRING_data(gen->d.ia5);
- #else
- const char* name = (const char*) ASN1_STRING_get0_data(gen->d.ia5);
-diff --git src/file_analysis/analyzer/x509/X509.h src/file_analysis/analyzer/x509/X509.h
-index b808b676fe..91a5a7a5a1 100644
---- src/file_analysis/analyzer/x509/X509.h
-+++ src/file_analysis/analyzer/x509/X509.h
-@@ -8,24 +8,27 @@
- #include "Val.h"
- #include "X509Common.h"
-
--#if (OPENSSL_VERSION_NUMBER < 0x10002000L || LIBRESSL_VERSION_NUMBER)
-+#if ( OPENSSL_VERSION_NUMBER < 0x10002000L ) || defined(LIBRESSL_VERSION_NUMBER)
-
- #define X509_get_signature_nid(x) OBJ_obj2nid((x)->sig_alg->algorithm)
-
- #endif
-
--#if (OPENSSL_VERSION_NUMBER < 0x1010000fL || LIBRESSL_VERSION_NUMBER)
-+#if ( OPENSSL_VERSION_NUMBER < 0x1010000fL ) || defined(LIBRESSL_VERSION_NUMBER)
-
- #define X509_OBJECT_new() (X509_OBJECT*)malloc(sizeof(X509_OBJECT))
- #define X509_OBJECT_free(a) free(a)
-
--#define OCSP_SINGLERESP_get0_id(s) (s)->certId
- #define OCSP_resp_get0_certs(x) (x)->certs
-
- #define EVP_PKEY_get0_DSA(p) ((p)->pkey.dsa)
- #define EVP_PKEY_get0_EC_KEY(p) ((p)->pkey.ec)
- #define EVP_PKEY_get0_RSA(p) ((p)->pkey.rsa)
-
-+#if !defined(LIBRESSL_VERSION_NUMBER) || ( LIBRESSL_VERSION_NUMBER < 0x2070000fL )
-+
-+#define OCSP_SINGLERESP_get0_id(s) (s)->certId
-+
- static X509 *X509_OBJECT_get0_X509(const X509_OBJECT *a)
- {
- if ( a == nullptr || a->type != X509_LU_X509 )
-@@ -57,6 +60,8 @@ static void RSA_get0_key(const RSA *r,
-
- #endif
-
-+#endif
-+
- namespace file_analysis {
-
- class X509Val;
-diff --git src/file_analysis/analyzer/x509/functions.bif src/file_analysis/analyzer/x509/functions.bif
-index 0b18feb8fe..ec87a495b3 100644
---- src/file_analysis/analyzer/x509/functions.bif
-+++ src/file_analysis/analyzer/x509/functions.bif
-@@ -115,7 +115,7 @@ X509* x509_get_ocsp_signer(const STACK_OF(X509)* certs,
- const ASN1_OCTET_STRING* key = nullptr;
- const X509_NAME* name = nullptr;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- OCSP_RESPID* resp_id = basic_resp->tbsResponseData->responderId;
-
- if ( resp_id->type == V_OCSP_RESPID_NAME )
-@@ -348,7 +348,7 @@ function x509_ocsp_verify%(certs: x509_opaque_vector, ocsp_reply: string, root_c
-
- // Because we actually want to be able to give nice error messages that show why we were
- // not able to verify the OCSP response - do our own verification logic first.
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- signer = x509_get_ocsp_signer(basic->certs, basic);
- #else
- signer = x509_get_ocsp_signer(OCSP_resp_get0_certs(basic), basic);
-@@ -714,7 +714,7 @@ function sct_verify%(cert: opaque of x509, logid: string, log_key: string, signa
- uint32 cert_length;
- if ( precert )
- {
--#if (OPENSSL_VERSION_NUMBER < 0x10002000L || LIBRESSL_VERSION_NUMBER)
-+#if ( OPENSSL_VERSION_NUMBER < 0x10002000L ) || defined(LIBRESSL_VERSION_NUMBER)
- x->cert_info->enc.modified = 1;
- cert_length = i2d_X509_CINF(x->cert_info, &cert_out);
- #else
diff --git a/srcpkgs/bro/patches/musl.patch b/srcpkgs/bro/patches/musl.patch
deleted file mode 100644
index e8a2c6da9d5..00000000000
--- a/srcpkgs/bro/patches/musl.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-https://github.com/danielguerra69/docker-bro-1
-
---- aux/binpac/lib/binpac.h.in.orig
-+++ aux/binpac/lib/binpac.h.in
-@@ -4,6 +4,7 @@
- #define binpac_h
-
- #include <sys/param.h>
-+#include <sys/types.h>
-
- #cmakedefine HOST_BIGENDIAN
- #ifdef HOST_BIGENDIAN
-
---- src/OSFinger.h.orig
-+++ src/OSFinger.h
-@@ -166,3 +166,57 @@
- #define MATCHFUZZY 0x2
-
- #endif
-+
-+// For musl-libc
-+#ifndef TCPOPT_EOL
-+# define TCPOPT_EOL 0
-+#endif
-+
-+#ifndef TCPOPT_NOP
-+# define TCPOPT_NOP 1
-+#endif
-+
-+#ifndef TCPOPT_MAXSEG
-+# define TCPOPT_MAXSEG 2
-+#endif
-+
-+#ifndef TCPOLEN_MAXSEG
-+# define TCPOLEN_MAXSEG 4
-+#endif
-+
-+#ifndef TCPOPT_WINDOW
-+# define TCPOPT_WINDOW 3
-+#endif
-+
-+#ifndef TCPOLEN_WINDOW
-+# define TCPOLEN_WINDOW 3
-+#endif
-+
-+#ifndef TCPOPT_SACK_PERMITTED
-+# define TCPOPT_SACK_PERMITTED 4 /* Experimental */
-+#endif
-+
-+#ifndef TCPOLEN_SACK_PERMITTED
-+# define TCPOLEN_SACK_PERMITTED 2
-+#endif
-+
-+#ifndef TCPOPT_SACK
-+# define TCPOPT_SACK 5 /* Experimental */
-+#endif
-+
-+#ifndef TCPOPT_TIMESTAMP
-+# define TCPOPT_TIMESTAMP 8
-+#endif
-+
-+#ifndef TCPOLEN_TIMESTAMP
-+# define TCPOLEN_TIMESTAMP 10
-+#endif
-+
-+#ifndef TCPOLEN_TSTAMP_APPA
-+# define TCPOLEN_TSTAMP_APPA (TCPOLEN_TIMESTAMP+2) /* appendix A */
-+#endif
-+
-+#ifndef TCPOPT_TSTAMP_HDR
-+# define TCPOPT_TSTAMP_HDR \
-+ (TCPOPT_NOP<<24|TCPOPT_NOP<<16|TCPOPT_TIMESTAMP<<8|TCPOLEN_TIMESTAMP)
-+#endif
-
diff --git a/srcpkgs/bro/template b/srcpkgs/bro/template
index 4d453648771..006d12f5c38 100644
--- a/srcpkgs/bro/template
+++ b/srcpkgs/bro/template
@@ -1,49 +1,11 @@
# Template file for 'bro'
pkgname=bro
version=2.6.4
-revision=1
-archs="x86_64* i686* aarch64* armv7* ppc64*"
-build_style=cmake
-hostmakedepends="flex pkg-config python3"
-makedepends="bind-devel geoip-devel libpcap-devel libressl-devel jemalloc-devel"
-short_desc="Advanced framework for network traffic analysis"
+revision=2
+archs=noarch
+build_style=meta
+depends="zeek"
+short_desc="Advanced framework for network traffic analysis (transitional dummy package)"
maintainer="Andrew Benson <abenson+void@gmail.com>"
-license="BSD-3-Clause"
+license="BSD-2-Clause"
homepage="https://www.bro.org"
-distfiles="https://www.bro.org/downloads/bro-${version}.tar.gz"
-checksum=a47a9cdcef0ea14d5f70c390ab266f0333063ff96f3869a5f1609581a1d1ceb7
-nocross="Needs to build part of itself to run, can't be built separately yet."
-
-case "$XBPS_TARGET_MACHINE" in
- *-musl)
- makedepends+=" musl-fts-devel"
- ;;
-esac
-
-pre_configure() {
- case "$XBPS_TARGET_MACHINE" in
- *-musl)
- sed -i '/set(broxygen/i link_libraries("-lfts")' src/broxygen/CMakeLists.txt
- ;;
- esac
-}
-
-post_install() {
- vsv bro
- vlicense COPYING
-}
-
-binpac_package() {
- short_desc+=" - protocol parser compiler"
- pkg_install() {
- vmove /usr/bin/binpac
- }
-}
-
-binpac-devel_package() {
- short_desc+=" - protocol parser compiler library"
- pkg_install() {
- vmove /usr/include
- vmove "/usr/lib/*.a"
- }
-}
diff --git a/srcpkgs/zeek-devel b/srcpkgs/zeek-devel
new file mode 120000
index 00000000000..bd825eaacdb
--- /dev/null
+++ b/srcpkgs/zeek-devel
@@ -0,0 +1 @@
+zeek
\ No newline at end of file
diff --git a/srcpkgs/zeek/files/zeek/run b/srcpkgs/zeek/files/zeek/run
new file mode 100644
index 00000000000..8d3fd5e36f2
--- /dev/null
+++ b/srcpkgs/zeek/files/zeek/run
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+ZEEKLOGDIR="/var/log/zeek"
+
+[ -r conf ] && . ./conf
+
+[ -d ${ZEEKLOGDIR} ] || mkdir -p ${ZEEKLOGDIR}
+
+cd $ZEEKLOGDIR
+exec zeek -i ${INTF:=eth0} ${ZEEKPOLICY}
diff --git a/srcpkgs/zeek/patches/fix-musl.patch b/srcpkgs/zeek/patches/fix-musl.patch
new file mode 100644
index 00000000000..b44bcb3d165
--- /dev/null
+++ b/srcpkgs/zeek/patches/fix-musl.patch
@@ -0,0 +1,23 @@
+--- CMakeLists.txt.orig
++++ CMakeLists.txt
+@@ -322,18 +322,11 @@
+ # if one specifies --with-openssl (which may be common).
+ include_directories(BEFORE ${OPENSSL_INCLUDE_DIR})
+
+-# Alpine support
+-if ( ${CMAKE_SYSTEM_NAME} MATCHES Linux AND EXISTS /etc/os-release )
+- execute_process(
+- COMMAND grep -q alpine /etc/os-release
+- RESULT_VARIABLE os_release_alpine
+- )
+-
+- if ( os_release_alpine EQUAL 0 )
++# Void-musl support
++if ( IS_VOID_MUSL )
+ find_package(FTS REQUIRED)
+ list(APPEND OPTLIBS ${FTS_LIBRARY})
+ include_directories(BEFORE ${FTS_INCLUDE_DIR})
+- endif ()
+ endif ()
+
+ set(zeekdeps ${zeekdeps}
diff --git a/srcpkgs/zeek/template b/srcpkgs/zeek/template
new file mode 100644
index 00000000000..d77cd68e30a
--- /dev/null
+++ b/srcpkgs/zeek/template
@@ -0,0 +1,50 @@
+# Template file for 'zeek'
+pkgname=zeek
+version=3.1.2
+revision=1
+archs="x86_64* i686* aarch64* armv7* ppc64*"
+build_style=cmake
+hostmakedepends="flex pkg-config python3"
+makedepends="bind-devel geoip-devel libpcap-devel libressl-devel jemalloc-devel"
+short_desc="Advanced framework for network traffic analysis"
+maintainer="Andrew Benson <abenson+void@gmail.com>"
+license="BSD-3-Clause"
+homepage="https://www.zeek.org"
+distfiles="https://old.zeek.org/downloads/zeek-${version}.tar.gz"
+checksum=1858725fd6d04a1af3c2798c341529aa0d229e838b6476f036156dc5dd254aa1
+nocross="Needs to build part of itself to run, can't be built separately yet."
+
+if [ "$XBPS_TARGET_LIBC" = "musl" ]; then
+ makedepends+=" musl-fts-devel musl-legacy-compat"
+ configure_args+=" -DIS_VOID_MUSL=1"
+fi
+
+post_install() {
+ vsv zeek
+ vlicense COPYING
+}
+
+zeek-devel_package() {
+ short_desc+=" - development files"
+ pkg_install() {
+ vmove usr/include
+ vmove "usr/bin/*-config"
+ vmove "usr/lib/*.a"
+ vmove "usr/lib/*.so"
+ vmove usr/share/zeek/cmake
+ }
+}
+
+binpac_package() {
+ short_desc+=" - protocol parser compiler (transitional)"
+ build_style=meta
+ archs=noarch
+ depends="${sourcepkg}>=${version}_${revision}"
+}
+
+binpac-devel_package() {
+ short_desc+=" - protocol parser compiler library (transitional)"
+ build_style=meta
+ archs=noarch
+ depends="${sourcepkg}>=${version}_${revision}"
+}
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [WIP] zeek: rename from bro, update to 3.1.1
2020-04-09 16:44 [PR PATCH] zeek: rename from bro, update to 3.1.1 abenson
` (4 preceding siblings ...)
2020-04-21 21:59 ` abenson
@ 2020-04-21 22:13 ` abenson
2020-04-21 22:35 ` Chocimier
` (5 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: abenson @ 2020-04-21 22:13 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 190 bytes --]
New comment by abenson on void-packages repository
https://github.com/void-linux/void-packages/pull/20798#issuecomment-617441226
Comment:
Travis fails due to license. Otherwise seems g2g.
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [WIP] zeek: rename from bro, update to 3.1.1
2020-04-09 16:44 [PR PATCH] zeek: rename from bro, update to 3.1.1 abenson
` (5 preceding siblings ...)
2020-04-21 22:13 ` abenson
@ 2020-04-21 22:35 ` Chocimier
2020-04-21 23:00 ` [PR PATCH] [Updated] " abenson
` (4 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: Chocimier @ 2020-04-21 22:35 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 178 bytes --]
New comment by Chocimier on void-packages repository
https://github.com/void-linux/void-packages/pull/20798#issuecomment-617448470
Comment:
Please make bro subpackage of zeek.
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PR PATCH] [Updated] [WIP] zeek: rename from bro, update to 3.1.1
2020-04-09 16:44 [PR PATCH] zeek: rename from bro, update to 3.1.1 abenson
` (6 preceding siblings ...)
2020-04-21 22:35 ` Chocimier
@ 2020-04-21 23:00 ` abenson
2020-04-22 0:01 ` abenson
` (3 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: abenson @ 2020-04-21 23:00 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 335 bytes --]
There is an updated pull request by abenson against master on the void-packages repository
https://github.com/abenson/void-packages bro2zeek
https://github.com/void-linux/void-packages/pull/20798
[WIP] zeek: rename from bro, update to 3.1.1
A patch file from https://github.com/void-linux/void-packages/pull/20798.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-bro2zeek-20798.patch --]
[-- Type: text/x-diff, Size: 16959 bytes --]
From 346b406d2d15a6caae1d71ebeef9d68c3f857b7b Mon Sep 17 00:00:00 2001
From: Andrew Benson <abenson+void@gmail.com>
Date: Wed, 8 Apr 2020 19:56:10 -0500
Subject: [PATCH] zeek: rename from bro, update to 3.1.2
---
common/shlibs | 8 +-
srcpkgs/binpac | 2 +-
srcpkgs/binpac-devel | 2 +-
srcpkgs/bro | 1 +
srcpkgs/bro/files/bro/run | 10 --
srcpkgs/bro/patches/libressl.patch | 176 ----------------------------
srcpkgs/bro/patches/musl.patch | 74 ------------
srcpkgs/bro/template | 49 --------
srcpkgs/zeek-devel | 1 +
srcpkgs/zeek/files/zeek/run | 10 ++
srcpkgs/zeek/patches/fix-musl.patch | 23 ++++
srcpkgs/zeek/template | 57 +++++++++
12 files changed, 99 insertions(+), 314 deletions(-)
create mode 120000 srcpkgs/bro
delete mode 100644 srcpkgs/bro/files/bro/run
delete mode 100644 srcpkgs/bro/patches/libressl.patch
delete mode 100644 srcpkgs/bro/patches/musl.patch
delete mode 100644 srcpkgs/bro/template
create mode 120000 srcpkgs/zeek-devel
create mode 100644 srcpkgs/zeek/files/zeek/run
create mode 100644 srcpkgs/zeek/patches/fix-musl.patch
create mode 100644 srcpkgs/zeek/template
diff --git a/common/shlibs b/common/shlibs
index 5f1a09de8dc..81582151b94 100644
--- a/common/shlibs
+++ b/common/shlibs
@@ -3537,9 +3537,11 @@ libtexpdf.so.0 libtexpdf-0.9.5_1
libupstart.so.1 libupstart-1.13.3_1
librtas.so.2 librtas-2.0.2_1
librtasevent.so.2 librtas-2.0.2_1
-libbroker.so.0 bro-2.6.1_1
-libcaf_core.so.0.16.2 bro-2.6.1_1
-libcaf_openssl.so.0.16.2 bro-2.6.1_1
+libbroker.so.2 zeek-3.1.1_1
+libcaf_core.so.0.17.4 zeek-3.1.1_1
+libcaf_io.so.0.17.4 zeek-3.1.1_1
+libcaf_openssl.so.0.17.4 zeek-3.1.1_1
+libbinpac.so.0 zeek-3.1.1_1
libllhttp.so.1 llhttp-1.0.1_1
libpinyin.so.13 libpinyin-2.2.1_1
libuhd.so.3.15.0 uhd-3.15.0.0_1
diff --git a/srcpkgs/binpac b/srcpkgs/binpac
index 52815503047..bd825eaacdb 120000
--- a/srcpkgs/binpac
+++ b/srcpkgs/binpac
@@ -1 +1 @@
-bro
\ No newline at end of file
+zeek
\ No newline at end of file
diff --git a/srcpkgs/binpac-devel b/srcpkgs/binpac-devel
index 52815503047..bd825eaacdb 120000
--- a/srcpkgs/binpac-devel
+++ b/srcpkgs/binpac-devel
@@ -1 +1 @@
-bro
\ No newline at end of file
+zeek
\ No newline at end of file
diff --git a/srcpkgs/bro b/srcpkgs/bro
new file mode 120000
index 00000000000..bd825eaacdb
--- /dev/null
+++ b/srcpkgs/bro
@@ -0,0 +1 @@
+zeek
\ No newline at end of file
diff --git a/srcpkgs/bro/files/bro/run b/srcpkgs/bro/files/bro/run
deleted file mode 100644
index 90eb6a59c0c..00000000000
--- a/srcpkgs/bro/files/bro/run
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/sh
-
-BROLOGDIR="/var/log/bro"
-
-[ -r conf ] && . ./conf
-
-[ -d ${BROLOGDIR} ] || mkdir -p ${BROLOGDIR}
-
-cd /var/log/bro
-exec bro -i ${INTF:=eth0} ${BROPOLICY}
diff --git a/srcpkgs/bro/patches/libressl.patch b/srcpkgs/bro/patches/libressl.patch
deleted file mode 100644
index 31308629063..00000000000
--- a/srcpkgs/bro/patches/libressl.patch
+++ /dev/null
@@ -1,176 +0,0 @@
-From fc43d06955a255bce4162b459be4a6a3a11a178d Mon Sep 17 00:00:00 2001
-From: Jon Siwek <jsiwek@corelight.com>
-Date: Mon, 7 Jan 2019 11:35:17 -0600
-Subject: [PATCH] GH-227: Improve LibreSSL support
-
----
- src/file_analysis/analyzer/x509/OCSP.cc | 16 ++++++++--------
- src/file_analysis/analyzer/x509/X509.cc | 2 +-
- src/file_analysis/analyzer/x509/X509.h | 11 ++++++++---
- src/file_analysis/analyzer/x509/functions.bif | 6 +++---
- 4 files changed, 20 insertions(+), 15 deletions(-)
-
-diff --git src/file_analysis/analyzer/x509/OCSP.cc src/file_analysis/analyzer/x509/OCSP.cc
-index bea88fc747..537d194906 100644
---- src/file_analysis/analyzer/x509/OCSP.cc
-+++ src/file_analysis/analyzer/x509/OCSP.cc
-@@ -44,7 +44,7 @@ static Val* get_ocsp_type(RecordVal* args, const char* name)
-
- static bool OCSP_RESPID_bio(OCSP_BASICRESP* basic_resp, BIO* bio)
- {
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- ASN1_OCTET_STRING* key = nullptr;
- X509_NAME* name = nullptr;
-
-@@ -423,7 +423,7 @@ void file_analysis::OCSP::ParseRequest(OCSP_REQUEST* req, const char* fid)
-
- uint64 version = 0;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- if ( req->tbsRequest->version )
- version = (uint64)ASN1_INTEGER_get(req->tbsRequest->version);
- #else
-@@ -495,7 +495,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- if ( !basic_resp )
- goto clean_up;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- resp_data = basic_resp->tbsResponseData;
- if ( !resp_data )
- goto clean_up;
-@@ -506,7 +506,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- vl->append(resp_val->Ref());
- vl->append(status_val);
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- vl->append(new Val((uint64)ASN1_INTEGER_get(resp_data->version), TYPE_COUNT));
- #else
- vl->append(parse_basic_resp_data_version(basic_resp));
-@@ -526,7 +526,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- }
-
- // producedAt
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- produced_at = resp_data->producedAt;
- #else
- produced_at = OCSP_resp_get0_produced_at(basic_resp);
-@@ -551,7 +551,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- // cert id
- const OCSP_CERTID* cert_id = nullptr;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- cert_id = single_resp->certId;
- #else
- cert_id = OCSP_SINGLERESP_get0_id(single_resp);
-@@ -618,7 +618,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- }
- }
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- i2a_ASN1_OBJECT(bio, basic_resp->signatureAlgorithm->algorithm);
- len = BIO_read(bio, buf, sizeof(buf));
- vl->append(new StringVal(len, buf));
-@@ -635,7 +635,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- certs_vector = new VectorVal(internal_type("x509_opaque_vector")->AsVectorType());
- vl->append(certs_vector);
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- certs = basic_resp->certs;
- #else
- certs = OCSP_resp_get0_certs(basic_resp);
-diff --git src/file_analysis/analyzer/x509/X509.cc src/file_analysis/analyzer/x509/X509.cc
-index 7571915207..600b3adb52 100644
---- src/file_analysis/analyzer/x509/X509.cc
-+++ src/file_analysis/analyzer/x509/X509.cc
-@@ -290,7 +290,7 @@ void file_analysis::X509::ParseSAN(X509_EXTENSION* ext)
- continue;
- }
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- const char* name = (const char*) ASN1_STRING_data(gen->d.ia5);
- #else
- const char* name = (const char*) ASN1_STRING_get0_data(gen->d.ia5);
-diff --git src/file_analysis/analyzer/x509/X509.h src/file_analysis/analyzer/x509/X509.h
-index b808b676fe..91a5a7a5a1 100644
---- src/file_analysis/analyzer/x509/X509.h
-+++ src/file_analysis/analyzer/x509/X509.h
-@@ -8,24 +8,27 @@
- #include "Val.h"
- #include "X509Common.h"
-
--#if (OPENSSL_VERSION_NUMBER < 0x10002000L || LIBRESSL_VERSION_NUMBER)
-+#if ( OPENSSL_VERSION_NUMBER < 0x10002000L ) || defined(LIBRESSL_VERSION_NUMBER)
-
- #define X509_get_signature_nid(x) OBJ_obj2nid((x)->sig_alg->algorithm)
-
- #endif
-
--#if (OPENSSL_VERSION_NUMBER < 0x1010000fL || LIBRESSL_VERSION_NUMBER)
-+#if ( OPENSSL_VERSION_NUMBER < 0x1010000fL ) || defined(LIBRESSL_VERSION_NUMBER)
-
- #define X509_OBJECT_new() (X509_OBJECT*)malloc(sizeof(X509_OBJECT))
- #define X509_OBJECT_free(a) free(a)
-
--#define OCSP_SINGLERESP_get0_id(s) (s)->certId
- #define OCSP_resp_get0_certs(x) (x)->certs
-
- #define EVP_PKEY_get0_DSA(p) ((p)->pkey.dsa)
- #define EVP_PKEY_get0_EC_KEY(p) ((p)->pkey.ec)
- #define EVP_PKEY_get0_RSA(p) ((p)->pkey.rsa)
-
-+#if !defined(LIBRESSL_VERSION_NUMBER) || ( LIBRESSL_VERSION_NUMBER < 0x2070000fL )
-+
-+#define OCSP_SINGLERESP_get0_id(s) (s)->certId
-+
- static X509 *X509_OBJECT_get0_X509(const X509_OBJECT *a)
- {
- if ( a == nullptr || a->type != X509_LU_X509 )
-@@ -57,6 +60,8 @@ static void RSA_get0_key(const RSA *r,
-
- #endif
-
-+#endif
-+
- namespace file_analysis {
-
- class X509Val;
-diff --git src/file_analysis/analyzer/x509/functions.bif src/file_analysis/analyzer/x509/functions.bif
-index 0b18feb8fe..ec87a495b3 100644
---- src/file_analysis/analyzer/x509/functions.bif
-+++ src/file_analysis/analyzer/x509/functions.bif
-@@ -115,7 +115,7 @@ X509* x509_get_ocsp_signer(const STACK_OF(X509)* certs,
- const ASN1_OCTET_STRING* key = nullptr;
- const X509_NAME* name = nullptr;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- OCSP_RESPID* resp_id = basic_resp->tbsResponseData->responderId;
-
- if ( resp_id->type == V_OCSP_RESPID_NAME )
-@@ -348,7 +348,7 @@ function x509_ocsp_verify%(certs: x509_opaque_vector, ocsp_reply: string, root_c
-
- // Because we actually want to be able to give nice error messages that show why we were
- // not able to verify the OCSP response - do our own verification logic first.
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- signer = x509_get_ocsp_signer(basic->certs, basic);
- #else
- signer = x509_get_ocsp_signer(OCSP_resp_get0_certs(basic), basic);
-@@ -714,7 +714,7 @@ function sct_verify%(cert: opaque of x509, logid: string, log_key: string, signa
- uint32 cert_length;
- if ( precert )
- {
--#if (OPENSSL_VERSION_NUMBER < 0x10002000L || LIBRESSL_VERSION_NUMBER)
-+#if ( OPENSSL_VERSION_NUMBER < 0x10002000L ) || defined(LIBRESSL_VERSION_NUMBER)
- x->cert_info->enc.modified = 1;
- cert_length = i2d_X509_CINF(x->cert_info, &cert_out);
- #else
diff --git a/srcpkgs/bro/patches/musl.patch b/srcpkgs/bro/patches/musl.patch
deleted file mode 100644
index e8a2c6da9d5..00000000000
--- a/srcpkgs/bro/patches/musl.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-https://github.com/danielguerra69/docker-bro-1
-
---- aux/binpac/lib/binpac.h.in.orig
-+++ aux/binpac/lib/binpac.h.in
-@@ -4,6 +4,7 @@
- #define binpac_h
-
- #include <sys/param.h>
-+#include <sys/types.h>
-
- #cmakedefine HOST_BIGENDIAN
- #ifdef HOST_BIGENDIAN
-
---- src/OSFinger.h.orig
-+++ src/OSFinger.h
-@@ -166,3 +166,57 @@
- #define MATCHFUZZY 0x2
-
- #endif
-+
-+// For musl-libc
-+#ifndef TCPOPT_EOL
-+# define TCPOPT_EOL 0
-+#endif
-+
-+#ifndef TCPOPT_NOP
-+# define TCPOPT_NOP 1
-+#endif
-+
-+#ifndef TCPOPT_MAXSEG
-+# define TCPOPT_MAXSEG 2
-+#endif
-+
-+#ifndef TCPOLEN_MAXSEG
-+# define TCPOLEN_MAXSEG 4
-+#endif
-+
-+#ifndef TCPOPT_WINDOW
-+# define TCPOPT_WINDOW 3
-+#endif
-+
-+#ifndef TCPOLEN_WINDOW
-+# define TCPOLEN_WINDOW 3
-+#endif
-+
-+#ifndef TCPOPT_SACK_PERMITTED
-+# define TCPOPT_SACK_PERMITTED 4 /* Experimental */
-+#endif
-+
-+#ifndef TCPOLEN_SACK_PERMITTED
-+# define TCPOLEN_SACK_PERMITTED 2
-+#endif
-+
-+#ifndef TCPOPT_SACK
-+# define TCPOPT_SACK 5 /* Experimental */
-+#endif
-+
-+#ifndef TCPOPT_TIMESTAMP
-+# define TCPOPT_TIMESTAMP 8
-+#endif
-+
-+#ifndef TCPOLEN_TIMESTAMP
-+# define TCPOLEN_TIMESTAMP 10
-+#endif
-+
-+#ifndef TCPOLEN_TSTAMP_APPA
-+# define TCPOLEN_TSTAMP_APPA (TCPOLEN_TIMESTAMP+2) /* appendix A */
-+#endif
-+
-+#ifndef TCPOPT_TSTAMP_HDR
-+# define TCPOPT_TSTAMP_HDR \
-+ (TCPOPT_NOP<<24|TCPOPT_NOP<<16|TCPOPT_TIMESTAMP<<8|TCPOLEN_TIMESTAMP)
-+#endif
-
diff --git a/srcpkgs/bro/template b/srcpkgs/bro/template
deleted file mode 100644
index 4d453648771..00000000000
--- a/srcpkgs/bro/template
+++ /dev/null
@@ -1,49 +0,0 @@
-# Template file for 'bro'
-pkgname=bro
-version=2.6.4
-revision=1
-archs="x86_64* i686* aarch64* armv7* ppc64*"
-build_style=cmake
-hostmakedepends="flex pkg-config python3"
-makedepends="bind-devel geoip-devel libpcap-devel libressl-devel jemalloc-devel"
-short_desc="Advanced framework for network traffic analysis"
-maintainer="Andrew Benson <abenson+void@gmail.com>"
-license="BSD-3-Clause"
-homepage="https://www.bro.org"
-distfiles="https://www.bro.org/downloads/bro-${version}.tar.gz"
-checksum=a47a9cdcef0ea14d5f70c390ab266f0333063ff96f3869a5f1609581a1d1ceb7
-nocross="Needs to build part of itself to run, can't be built separately yet."
-
-case "$XBPS_TARGET_MACHINE" in
- *-musl)
- makedepends+=" musl-fts-devel"
- ;;
-esac
-
-pre_configure() {
- case "$XBPS_TARGET_MACHINE" in
- *-musl)
- sed -i '/set(broxygen/i link_libraries("-lfts")' src/broxygen/CMakeLists.txt
- ;;
- esac
-}
-
-post_install() {
- vsv bro
- vlicense COPYING
-}
-
-binpac_package() {
- short_desc+=" - protocol parser compiler"
- pkg_install() {
- vmove /usr/bin/binpac
- }
-}
-
-binpac-devel_package() {
- short_desc+=" - protocol parser compiler library"
- pkg_install() {
- vmove /usr/include
- vmove "/usr/lib/*.a"
- }
-}
diff --git a/srcpkgs/zeek-devel b/srcpkgs/zeek-devel
new file mode 120000
index 00000000000..bd825eaacdb
--- /dev/null
+++ b/srcpkgs/zeek-devel
@@ -0,0 +1 @@
+zeek
\ No newline at end of file
diff --git a/srcpkgs/zeek/files/zeek/run b/srcpkgs/zeek/files/zeek/run
new file mode 100644
index 00000000000..8d3fd5e36f2
--- /dev/null
+++ b/srcpkgs/zeek/files/zeek/run
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+ZEEKLOGDIR="/var/log/zeek"
+
+[ -r conf ] && . ./conf
+
+[ -d ${ZEEKLOGDIR} ] || mkdir -p ${ZEEKLOGDIR}
+
+cd $ZEEKLOGDIR
+exec zeek -i ${INTF:=eth0} ${ZEEKPOLICY}
diff --git a/srcpkgs/zeek/patches/fix-musl.patch b/srcpkgs/zeek/patches/fix-musl.patch
new file mode 100644
index 00000000000..b44bcb3d165
--- /dev/null
+++ b/srcpkgs/zeek/patches/fix-musl.patch
@@ -0,0 +1,23 @@
+--- CMakeLists.txt.orig
++++ CMakeLists.txt
+@@ -322,18 +322,11 @@
+ # if one specifies --with-openssl (which may be common).
+ include_directories(BEFORE ${OPENSSL_INCLUDE_DIR})
+
+-# Alpine support
+-if ( ${CMAKE_SYSTEM_NAME} MATCHES Linux AND EXISTS /etc/os-release )
+- execute_process(
+- COMMAND grep -q alpine /etc/os-release
+- RESULT_VARIABLE os_release_alpine
+- )
+-
+- if ( os_release_alpine EQUAL 0 )
++# Void-musl support
++if ( IS_VOID_MUSL )
+ find_package(FTS REQUIRED)
+ list(APPEND OPTLIBS ${FTS_LIBRARY})
+ include_directories(BEFORE ${FTS_INCLUDE_DIR})
+- endif ()
+ endif ()
+
+ set(zeekdeps ${zeekdeps}
diff --git a/srcpkgs/zeek/template b/srcpkgs/zeek/template
new file mode 100644
index 00000000000..080980c6016
--- /dev/null
+++ b/srcpkgs/zeek/template
@@ -0,0 +1,57 @@
+# Template file for 'zeek'
+pkgname=zeek
+version=3.1.2
+revision=1
+archs="x86_64* i686* aarch64* armv7* ppc64*"
+build_style=cmake
+hostmakedepends="flex pkg-config python3"
+makedepends="bind-devel geoip-devel libpcap-devel libressl-devel jemalloc-devel"
+short_desc="Advanced framework for network traffic analysis"
+maintainer="Andrew Benson <abenson+void@gmail.com>"
+license="BSD-3-Clause"
+homepage="https://www.zeek.org"
+distfiles="https://old.zeek.org/downloads/zeek-${version}.tar.gz"
+checksum=1858725fd6d04a1af3c2798c341529aa0d229e838b6476f036156dc5dd254aa1
+nocross="Needs to build part of itself to run, can't be built separately yet."
+
+if [ "$XBPS_TARGET_LIBC" = "musl" ]; then
+ makedepends+=" musl-fts-devel musl-legacy-compat"
+ configure_args+=" -DIS_VOID_MUSL=1"
+fi
+
+post_install() {
+ vsv zeek
+ vlicense COPYING
+}
+
+zeek-devel_package() {
+ short_desc+=" - development files"
+ pkg_install() {
+ vmove usr/include
+ vmove "usr/bin/*-config"
+ vmove "usr/lib/*.a"
+ vmove "usr/lib/*.so"
+ vmove usr/share/zeek/cmake
+ }
+}
+
+bro_package() {
+ archs=noarch
+ build_style=meta
+ depends="${sourcepkg}>=${version}_${revision}"
+ short_desc="Advanced framework for network traffic analysis (transitional dummy package)"
+}
+
+binpac_package() {
+ short_desc+=" - protocol parser compiler (transitional)"
+ build_style=meta
+ archs=noarch
+ depends="${sourcepkg}>=${version}_${revision}"
+}
+
+binpac-devel_package() {
+ short_desc+=" - protocol parser compiler library (transitional)"
+ build_style=meta
+ archs=noarch
+ depends="${sourcepkg}>=${version}_${revision}"
+}
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PR PATCH] [Updated] [WIP] zeek: rename from bro, update to 3.1.1
2020-04-09 16:44 [PR PATCH] zeek: rename from bro, update to 3.1.1 abenson
` (7 preceding siblings ...)
2020-04-21 23:00 ` [PR PATCH] [Updated] " abenson
@ 2020-04-22 0:01 ` abenson
2020-04-22 4:28 ` abenson
` (2 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: abenson @ 2020-04-22 0:01 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 335 bytes --]
There is an updated pull request by abenson against master on the void-packages repository
https://github.com/abenson/void-packages bro2zeek
https://github.com/void-linux/void-packages/pull/20798
[WIP] zeek: rename from bro, update to 3.1.1
A patch file from https://github.com/void-linux/void-packages/pull/20798.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-bro2zeek-20798.patch --]
[-- Type: text/x-diff, Size: 16959 bytes --]
From 773c57f4adf0427550e7c767051eb5bfcbeb2c50 Mon Sep 17 00:00:00 2001
From: Andrew Benson <abenson+void@gmail.com>
Date: Wed, 8 Apr 2020 19:56:10 -0500
Subject: [PATCH] zeek: rename from bro, update to 3.1.2
---
common/shlibs | 8 +-
srcpkgs/binpac | 2 +-
srcpkgs/binpac-devel | 2 +-
srcpkgs/bro | 1 +
srcpkgs/bro/files/bro/run | 10 --
srcpkgs/bro/patches/libressl.patch | 176 ----------------------------
srcpkgs/bro/patches/musl.patch | 74 ------------
srcpkgs/bro/template | 49 --------
srcpkgs/zeek-devel | 1 +
srcpkgs/zeek/files/zeek/run | 10 ++
srcpkgs/zeek/patches/fix-musl.patch | 23 ++++
srcpkgs/zeek/template | 57 +++++++++
12 files changed, 99 insertions(+), 314 deletions(-)
create mode 120000 srcpkgs/bro
delete mode 100644 srcpkgs/bro/files/bro/run
delete mode 100644 srcpkgs/bro/patches/libressl.patch
delete mode 100644 srcpkgs/bro/patches/musl.patch
delete mode 100644 srcpkgs/bro/template
create mode 120000 srcpkgs/zeek-devel
create mode 100644 srcpkgs/zeek/files/zeek/run
create mode 100644 srcpkgs/zeek/patches/fix-musl.patch
create mode 100644 srcpkgs/zeek/template
diff --git a/common/shlibs b/common/shlibs
index 5f1a09de8dc..81582151b94 100644
--- a/common/shlibs
+++ b/common/shlibs
@@ -3537,9 +3537,11 @@ libtexpdf.so.0 libtexpdf-0.9.5_1
libupstart.so.1 libupstart-1.13.3_1
librtas.so.2 librtas-2.0.2_1
librtasevent.so.2 librtas-2.0.2_1
-libbroker.so.0 bro-2.6.1_1
-libcaf_core.so.0.16.2 bro-2.6.1_1
-libcaf_openssl.so.0.16.2 bro-2.6.1_1
+libbroker.so.2 zeek-3.1.1_1
+libcaf_core.so.0.17.4 zeek-3.1.1_1
+libcaf_io.so.0.17.4 zeek-3.1.1_1
+libcaf_openssl.so.0.17.4 zeek-3.1.1_1
+libbinpac.so.0 zeek-3.1.1_1
libllhttp.so.1 llhttp-1.0.1_1
libpinyin.so.13 libpinyin-2.2.1_1
libuhd.so.3.15.0 uhd-3.15.0.0_1
diff --git a/srcpkgs/binpac b/srcpkgs/binpac
index 52815503047..bd825eaacdb 120000
--- a/srcpkgs/binpac
+++ b/srcpkgs/binpac
@@ -1 +1 @@
-bro
\ No newline at end of file
+zeek
\ No newline at end of file
diff --git a/srcpkgs/binpac-devel b/srcpkgs/binpac-devel
index 52815503047..bd825eaacdb 120000
--- a/srcpkgs/binpac-devel
+++ b/srcpkgs/binpac-devel
@@ -1 +1 @@
-bro
\ No newline at end of file
+zeek
\ No newline at end of file
diff --git a/srcpkgs/bro b/srcpkgs/bro
new file mode 120000
index 00000000000..bd825eaacdb
--- /dev/null
+++ b/srcpkgs/bro
@@ -0,0 +1 @@
+zeek
\ No newline at end of file
diff --git a/srcpkgs/bro/files/bro/run b/srcpkgs/bro/files/bro/run
deleted file mode 100644
index 90eb6a59c0c..00000000000
--- a/srcpkgs/bro/files/bro/run
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/sh
-
-BROLOGDIR="/var/log/bro"
-
-[ -r conf ] && . ./conf
-
-[ -d ${BROLOGDIR} ] || mkdir -p ${BROLOGDIR}
-
-cd /var/log/bro
-exec bro -i ${INTF:=eth0} ${BROPOLICY}
diff --git a/srcpkgs/bro/patches/libressl.patch b/srcpkgs/bro/patches/libressl.patch
deleted file mode 100644
index 31308629063..00000000000
--- a/srcpkgs/bro/patches/libressl.patch
+++ /dev/null
@@ -1,176 +0,0 @@
-From fc43d06955a255bce4162b459be4a6a3a11a178d Mon Sep 17 00:00:00 2001
-From: Jon Siwek <jsiwek@corelight.com>
-Date: Mon, 7 Jan 2019 11:35:17 -0600
-Subject: [PATCH] GH-227: Improve LibreSSL support
-
----
- src/file_analysis/analyzer/x509/OCSP.cc | 16 ++++++++--------
- src/file_analysis/analyzer/x509/X509.cc | 2 +-
- src/file_analysis/analyzer/x509/X509.h | 11 ++++++++---
- src/file_analysis/analyzer/x509/functions.bif | 6 +++---
- 4 files changed, 20 insertions(+), 15 deletions(-)
-
-diff --git src/file_analysis/analyzer/x509/OCSP.cc src/file_analysis/analyzer/x509/OCSP.cc
-index bea88fc747..537d194906 100644
---- src/file_analysis/analyzer/x509/OCSP.cc
-+++ src/file_analysis/analyzer/x509/OCSP.cc
-@@ -44,7 +44,7 @@ static Val* get_ocsp_type(RecordVal* args, const char* name)
-
- static bool OCSP_RESPID_bio(OCSP_BASICRESP* basic_resp, BIO* bio)
- {
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- ASN1_OCTET_STRING* key = nullptr;
- X509_NAME* name = nullptr;
-
-@@ -423,7 +423,7 @@ void file_analysis::OCSP::ParseRequest(OCSP_REQUEST* req, const char* fid)
-
- uint64 version = 0;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- if ( req->tbsRequest->version )
- version = (uint64)ASN1_INTEGER_get(req->tbsRequest->version);
- #else
-@@ -495,7 +495,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- if ( !basic_resp )
- goto clean_up;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- resp_data = basic_resp->tbsResponseData;
- if ( !resp_data )
- goto clean_up;
-@@ -506,7 +506,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- vl->append(resp_val->Ref());
- vl->append(status_val);
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- vl->append(new Val((uint64)ASN1_INTEGER_get(resp_data->version), TYPE_COUNT));
- #else
- vl->append(parse_basic_resp_data_version(basic_resp));
-@@ -526,7 +526,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- }
-
- // producedAt
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- produced_at = resp_data->producedAt;
- #else
- produced_at = OCSP_resp_get0_produced_at(basic_resp);
-@@ -551,7 +551,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- // cert id
- const OCSP_CERTID* cert_id = nullptr;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- cert_id = single_resp->certId;
- #else
- cert_id = OCSP_SINGLERESP_get0_id(single_resp);
-@@ -618,7 +618,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- }
- }
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- i2a_ASN1_OBJECT(bio, basic_resp->signatureAlgorithm->algorithm);
- len = BIO_read(bio, buf, sizeof(buf));
- vl->append(new StringVal(len, buf));
-@@ -635,7 +635,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- certs_vector = new VectorVal(internal_type("x509_opaque_vector")->AsVectorType());
- vl->append(certs_vector);
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- certs = basic_resp->certs;
- #else
- certs = OCSP_resp_get0_certs(basic_resp);
-diff --git src/file_analysis/analyzer/x509/X509.cc src/file_analysis/analyzer/x509/X509.cc
-index 7571915207..600b3adb52 100644
---- src/file_analysis/analyzer/x509/X509.cc
-+++ src/file_analysis/analyzer/x509/X509.cc
-@@ -290,7 +290,7 @@ void file_analysis::X509::ParseSAN(X509_EXTENSION* ext)
- continue;
- }
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- const char* name = (const char*) ASN1_STRING_data(gen->d.ia5);
- #else
- const char* name = (const char*) ASN1_STRING_get0_data(gen->d.ia5);
-diff --git src/file_analysis/analyzer/x509/X509.h src/file_analysis/analyzer/x509/X509.h
-index b808b676fe..91a5a7a5a1 100644
---- src/file_analysis/analyzer/x509/X509.h
-+++ src/file_analysis/analyzer/x509/X509.h
-@@ -8,24 +8,27 @@
- #include "Val.h"
- #include "X509Common.h"
-
--#if (OPENSSL_VERSION_NUMBER < 0x10002000L || LIBRESSL_VERSION_NUMBER)
-+#if ( OPENSSL_VERSION_NUMBER < 0x10002000L ) || defined(LIBRESSL_VERSION_NUMBER)
-
- #define X509_get_signature_nid(x) OBJ_obj2nid((x)->sig_alg->algorithm)
-
- #endif
-
--#if (OPENSSL_VERSION_NUMBER < 0x1010000fL || LIBRESSL_VERSION_NUMBER)
-+#if ( OPENSSL_VERSION_NUMBER < 0x1010000fL ) || defined(LIBRESSL_VERSION_NUMBER)
-
- #define X509_OBJECT_new() (X509_OBJECT*)malloc(sizeof(X509_OBJECT))
- #define X509_OBJECT_free(a) free(a)
-
--#define OCSP_SINGLERESP_get0_id(s) (s)->certId
- #define OCSP_resp_get0_certs(x) (x)->certs
-
- #define EVP_PKEY_get0_DSA(p) ((p)->pkey.dsa)
- #define EVP_PKEY_get0_EC_KEY(p) ((p)->pkey.ec)
- #define EVP_PKEY_get0_RSA(p) ((p)->pkey.rsa)
-
-+#if !defined(LIBRESSL_VERSION_NUMBER) || ( LIBRESSL_VERSION_NUMBER < 0x2070000fL )
-+
-+#define OCSP_SINGLERESP_get0_id(s) (s)->certId
-+
- static X509 *X509_OBJECT_get0_X509(const X509_OBJECT *a)
- {
- if ( a == nullptr || a->type != X509_LU_X509 )
-@@ -57,6 +60,8 @@ static void RSA_get0_key(const RSA *r,
-
- #endif
-
-+#endif
-+
- namespace file_analysis {
-
- class X509Val;
-diff --git src/file_analysis/analyzer/x509/functions.bif src/file_analysis/analyzer/x509/functions.bif
-index 0b18feb8fe..ec87a495b3 100644
---- src/file_analysis/analyzer/x509/functions.bif
-+++ src/file_analysis/analyzer/x509/functions.bif
-@@ -115,7 +115,7 @@ X509* x509_get_ocsp_signer(const STACK_OF(X509)* certs,
- const ASN1_OCTET_STRING* key = nullptr;
- const X509_NAME* name = nullptr;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- OCSP_RESPID* resp_id = basic_resp->tbsResponseData->responderId;
-
- if ( resp_id->type == V_OCSP_RESPID_NAME )
-@@ -348,7 +348,7 @@ function x509_ocsp_verify%(certs: x509_opaque_vector, ocsp_reply: string, root_c
-
- // Because we actually want to be able to give nice error messages that show why we were
- // not able to verify the OCSP response - do our own verification logic first.
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- signer = x509_get_ocsp_signer(basic->certs, basic);
- #else
- signer = x509_get_ocsp_signer(OCSP_resp_get0_certs(basic), basic);
-@@ -714,7 +714,7 @@ function sct_verify%(cert: opaque of x509, logid: string, log_key: string, signa
- uint32 cert_length;
- if ( precert )
- {
--#if (OPENSSL_VERSION_NUMBER < 0x10002000L || LIBRESSL_VERSION_NUMBER)
-+#if ( OPENSSL_VERSION_NUMBER < 0x10002000L ) || defined(LIBRESSL_VERSION_NUMBER)
- x->cert_info->enc.modified = 1;
- cert_length = i2d_X509_CINF(x->cert_info, &cert_out);
- #else
diff --git a/srcpkgs/bro/patches/musl.patch b/srcpkgs/bro/patches/musl.patch
deleted file mode 100644
index e8a2c6da9d5..00000000000
--- a/srcpkgs/bro/patches/musl.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-https://github.com/danielguerra69/docker-bro-1
-
---- aux/binpac/lib/binpac.h.in.orig
-+++ aux/binpac/lib/binpac.h.in
-@@ -4,6 +4,7 @@
- #define binpac_h
-
- #include <sys/param.h>
-+#include <sys/types.h>
-
- #cmakedefine HOST_BIGENDIAN
- #ifdef HOST_BIGENDIAN
-
---- src/OSFinger.h.orig
-+++ src/OSFinger.h
-@@ -166,3 +166,57 @@
- #define MATCHFUZZY 0x2
-
- #endif
-+
-+// For musl-libc
-+#ifndef TCPOPT_EOL
-+# define TCPOPT_EOL 0
-+#endif
-+
-+#ifndef TCPOPT_NOP
-+# define TCPOPT_NOP 1
-+#endif
-+
-+#ifndef TCPOPT_MAXSEG
-+# define TCPOPT_MAXSEG 2
-+#endif
-+
-+#ifndef TCPOLEN_MAXSEG
-+# define TCPOLEN_MAXSEG 4
-+#endif
-+
-+#ifndef TCPOPT_WINDOW
-+# define TCPOPT_WINDOW 3
-+#endif
-+
-+#ifndef TCPOLEN_WINDOW
-+# define TCPOLEN_WINDOW 3
-+#endif
-+
-+#ifndef TCPOPT_SACK_PERMITTED
-+# define TCPOPT_SACK_PERMITTED 4 /* Experimental */
-+#endif
-+
-+#ifndef TCPOLEN_SACK_PERMITTED
-+# define TCPOLEN_SACK_PERMITTED 2
-+#endif
-+
-+#ifndef TCPOPT_SACK
-+# define TCPOPT_SACK 5 /* Experimental */
-+#endif
-+
-+#ifndef TCPOPT_TIMESTAMP
-+# define TCPOPT_TIMESTAMP 8
-+#endif
-+
-+#ifndef TCPOLEN_TIMESTAMP
-+# define TCPOLEN_TIMESTAMP 10
-+#endif
-+
-+#ifndef TCPOLEN_TSTAMP_APPA
-+# define TCPOLEN_TSTAMP_APPA (TCPOLEN_TIMESTAMP+2) /* appendix A */
-+#endif
-+
-+#ifndef TCPOPT_TSTAMP_HDR
-+# define TCPOPT_TSTAMP_HDR \
-+ (TCPOPT_NOP<<24|TCPOPT_NOP<<16|TCPOPT_TIMESTAMP<<8|TCPOLEN_TIMESTAMP)
-+#endif
-
diff --git a/srcpkgs/bro/template b/srcpkgs/bro/template
deleted file mode 100644
index 4d453648771..00000000000
--- a/srcpkgs/bro/template
+++ /dev/null
@@ -1,49 +0,0 @@
-# Template file for 'bro'
-pkgname=bro
-version=2.6.4
-revision=1
-archs="x86_64* i686* aarch64* armv7* ppc64*"
-build_style=cmake
-hostmakedepends="flex pkg-config python3"
-makedepends="bind-devel geoip-devel libpcap-devel libressl-devel jemalloc-devel"
-short_desc="Advanced framework for network traffic analysis"
-maintainer="Andrew Benson <abenson+void@gmail.com>"
-license="BSD-3-Clause"
-homepage="https://www.bro.org"
-distfiles="https://www.bro.org/downloads/bro-${version}.tar.gz"
-checksum=a47a9cdcef0ea14d5f70c390ab266f0333063ff96f3869a5f1609581a1d1ceb7
-nocross="Needs to build part of itself to run, can't be built separately yet."
-
-case "$XBPS_TARGET_MACHINE" in
- *-musl)
- makedepends+=" musl-fts-devel"
- ;;
-esac
-
-pre_configure() {
- case "$XBPS_TARGET_MACHINE" in
- *-musl)
- sed -i '/set(broxygen/i link_libraries("-lfts")' src/broxygen/CMakeLists.txt
- ;;
- esac
-}
-
-post_install() {
- vsv bro
- vlicense COPYING
-}
-
-binpac_package() {
- short_desc+=" - protocol parser compiler"
- pkg_install() {
- vmove /usr/bin/binpac
- }
-}
-
-binpac-devel_package() {
- short_desc+=" - protocol parser compiler library"
- pkg_install() {
- vmove /usr/include
- vmove "/usr/lib/*.a"
- }
-}
diff --git a/srcpkgs/zeek-devel b/srcpkgs/zeek-devel
new file mode 120000
index 00000000000..bd825eaacdb
--- /dev/null
+++ b/srcpkgs/zeek-devel
@@ -0,0 +1 @@
+zeek
\ No newline at end of file
diff --git a/srcpkgs/zeek/files/zeek/run b/srcpkgs/zeek/files/zeek/run
new file mode 100644
index 00000000000..8d3fd5e36f2
--- /dev/null
+++ b/srcpkgs/zeek/files/zeek/run
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+ZEEKLOGDIR="/var/log/zeek"
+
+[ -r conf ] && . ./conf
+
+[ -d ${ZEEKLOGDIR} ] || mkdir -p ${ZEEKLOGDIR}
+
+cd $ZEEKLOGDIR
+exec zeek -i ${INTF:=eth0} ${ZEEKPOLICY}
diff --git a/srcpkgs/zeek/patches/fix-musl.patch b/srcpkgs/zeek/patches/fix-musl.patch
new file mode 100644
index 00000000000..b44bcb3d165
--- /dev/null
+++ b/srcpkgs/zeek/patches/fix-musl.patch
@@ -0,0 +1,23 @@
+--- CMakeLists.txt.orig
++++ CMakeLists.txt
+@@ -322,18 +322,11 @@
+ # if one specifies --with-openssl (which may be common).
+ include_directories(BEFORE ${OPENSSL_INCLUDE_DIR})
+
+-# Alpine support
+-if ( ${CMAKE_SYSTEM_NAME} MATCHES Linux AND EXISTS /etc/os-release )
+- execute_process(
+- COMMAND grep -q alpine /etc/os-release
+- RESULT_VARIABLE os_release_alpine
+- )
+-
+- if ( os_release_alpine EQUAL 0 )
++# Void-musl support
++if ( IS_VOID_MUSL )
+ find_package(FTS REQUIRED)
+ list(APPEND OPTLIBS ${FTS_LIBRARY})
+ include_directories(BEFORE ${FTS_INCLUDE_DIR})
+- endif ()
+ endif ()
+
+ set(zeekdeps ${zeekdeps}
diff --git a/srcpkgs/zeek/template b/srcpkgs/zeek/template
new file mode 100644
index 00000000000..080980c6016
--- /dev/null
+++ b/srcpkgs/zeek/template
@@ -0,0 +1,57 @@
+# Template file for 'zeek'
+pkgname=zeek
+version=3.1.2
+revision=1
+archs="x86_64* i686* aarch64* armv7* ppc64*"
+build_style=cmake
+hostmakedepends="flex pkg-config python3"
+makedepends="bind-devel geoip-devel libpcap-devel libressl-devel jemalloc-devel"
+short_desc="Advanced framework for network traffic analysis"
+maintainer="Andrew Benson <abenson+void@gmail.com>"
+license="BSD-3-Clause"
+homepage="https://www.zeek.org"
+distfiles="https://old.zeek.org/downloads/zeek-${version}.tar.gz"
+checksum=1858725fd6d04a1af3c2798c341529aa0d229e838b6476f036156dc5dd254aa1
+nocross="Needs to build part of itself to run, can't be built separately yet."
+
+if [ "$XBPS_TARGET_LIBC" = "musl" ]; then
+ makedepends+=" musl-fts-devel musl-legacy-compat"
+ configure_args+=" -DIS_VOID_MUSL=1"
+fi
+
+post_install() {
+ vsv zeek
+ vlicense COPYING
+}
+
+zeek-devel_package() {
+ short_desc+=" - development files"
+ pkg_install() {
+ vmove usr/include
+ vmove "usr/bin/*-config"
+ vmove "usr/lib/*.a"
+ vmove "usr/lib/*.so"
+ vmove usr/share/zeek/cmake
+ }
+}
+
+bro_package() {
+ archs=noarch
+ build_style=meta
+ depends="${sourcepkg}>=${version}_${revision}"
+ short_desc="Advanced framework for network traffic analysis (transitional dummy package)"
+}
+
+binpac_package() {
+ short_desc+=" - protocol parser compiler (transitional)"
+ build_style=meta
+ archs=noarch
+ depends="${sourcepkg}>=${version}_${revision}"
+}
+
+binpac-devel_package() {
+ short_desc+=" - protocol parser compiler library (transitional)"
+ build_style=meta
+ archs=noarch
+ depends="${sourcepkg}>=${version}_${revision}"
+}
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PR PATCH] [Updated] [WIP] zeek: rename from bro, update to 3.1.1
2020-04-09 16:44 [PR PATCH] zeek: rename from bro, update to 3.1.1 abenson
` (8 preceding siblings ...)
2020-04-22 0:01 ` abenson
@ 2020-04-22 4:28 ` abenson
2020-05-18 18:26 ` [PR PATCH] [Updated] " abenson
2020-05-19 2:39 ` abenson
11 siblings, 0 replies; 13+ messages in thread
From: abenson @ 2020-04-22 4:28 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 335 bytes --]
There is an updated pull request by abenson against master on the void-packages repository
https://github.com/abenson/void-packages bro2zeek
https://github.com/void-linux/void-packages/pull/20798
[WIP] zeek: rename from bro, update to 3.1.1
A patch file from https://github.com/void-linux/void-packages/pull/20798.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-bro2zeek-20798.patch --]
[-- Type: text/x-diff, Size: 16899 bytes --]
From aa9b3e7e09bad4ac7a133ed30dbf2edba1f3f42b Mon Sep 17 00:00:00 2001
From: Andrew Benson <abenson+void@gmail.com>
Date: Wed, 8 Apr 2020 19:56:10 -0500
Subject: [PATCH] zeek: rename from bro, update to 3.1.2
---
common/shlibs | 8 +-
srcpkgs/binpac | 2 +-
srcpkgs/binpac-devel | 2 +-
srcpkgs/bro | 1 +
srcpkgs/bro/files/bro/run | 10 --
srcpkgs/bro/patches/libressl.patch | 176 ----------------------------
srcpkgs/bro/patches/musl.patch | 74 ------------
srcpkgs/bro/template | 49 --------
srcpkgs/zeek-devel | 1 +
srcpkgs/zeek/files/zeek/run | 10 ++
srcpkgs/zeek/patches/fix-musl.patch | 23 ++++
srcpkgs/zeek/template | 57 +++++++++
12 files changed, 99 insertions(+), 314 deletions(-)
create mode 120000 srcpkgs/bro
delete mode 100644 srcpkgs/bro/files/bro/run
delete mode 100644 srcpkgs/bro/patches/libressl.patch
delete mode 100644 srcpkgs/bro/patches/musl.patch
delete mode 100644 srcpkgs/bro/template
create mode 120000 srcpkgs/zeek-devel
create mode 100644 srcpkgs/zeek/files/zeek/run
create mode 100644 srcpkgs/zeek/patches/fix-musl.patch
create mode 100644 srcpkgs/zeek/template
diff --git a/common/shlibs b/common/shlibs
index 5f1a09de8dc..81582151b94 100644
--- a/common/shlibs
+++ b/common/shlibs
@@ -3537,9 +3537,11 @@ libtexpdf.so.0 libtexpdf-0.9.5_1
libupstart.so.1 libupstart-1.13.3_1
librtas.so.2 librtas-2.0.2_1
librtasevent.so.2 librtas-2.0.2_1
-libbroker.so.0 bro-2.6.1_1
-libcaf_core.so.0.16.2 bro-2.6.1_1
-libcaf_openssl.so.0.16.2 bro-2.6.1_1
+libbroker.so.2 zeek-3.1.1_1
+libcaf_core.so.0.17.4 zeek-3.1.1_1
+libcaf_io.so.0.17.4 zeek-3.1.1_1
+libcaf_openssl.so.0.17.4 zeek-3.1.1_1
+libbinpac.so.0 zeek-3.1.1_1
libllhttp.so.1 llhttp-1.0.1_1
libpinyin.so.13 libpinyin-2.2.1_1
libuhd.so.3.15.0 uhd-3.15.0.0_1
diff --git a/srcpkgs/binpac b/srcpkgs/binpac
index 52815503047..bd825eaacdb 120000
--- a/srcpkgs/binpac
+++ b/srcpkgs/binpac
@@ -1 +1 @@
-bro
\ No newline at end of file
+zeek
\ No newline at end of file
diff --git a/srcpkgs/binpac-devel b/srcpkgs/binpac-devel
index 52815503047..bd825eaacdb 120000
--- a/srcpkgs/binpac-devel
+++ b/srcpkgs/binpac-devel
@@ -1 +1 @@
-bro
\ No newline at end of file
+zeek
\ No newline at end of file
diff --git a/srcpkgs/bro b/srcpkgs/bro
new file mode 120000
index 00000000000..bd825eaacdb
--- /dev/null
+++ b/srcpkgs/bro
@@ -0,0 +1 @@
+zeek
\ No newline at end of file
diff --git a/srcpkgs/bro/files/bro/run b/srcpkgs/bro/files/bro/run
deleted file mode 100644
index 90eb6a59c0c..00000000000
--- a/srcpkgs/bro/files/bro/run
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/sh
-
-BROLOGDIR="/var/log/bro"
-
-[ -r conf ] && . ./conf
-
-[ -d ${BROLOGDIR} ] || mkdir -p ${BROLOGDIR}
-
-cd /var/log/bro
-exec bro -i ${INTF:=eth0} ${BROPOLICY}
diff --git a/srcpkgs/bro/patches/libressl.patch b/srcpkgs/bro/patches/libressl.patch
deleted file mode 100644
index 31308629063..00000000000
--- a/srcpkgs/bro/patches/libressl.patch
+++ /dev/null
@@ -1,176 +0,0 @@
-From fc43d06955a255bce4162b459be4a6a3a11a178d Mon Sep 17 00:00:00 2001
-From: Jon Siwek <jsiwek@corelight.com>
-Date: Mon, 7 Jan 2019 11:35:17 -0600
-Subject: [PATCH] GH-227: Improve LibreSSL support
-
----
- src/file_analysis/analyzer/x509/OCSP.cc | 16 ++++++++--------
- src/file_analysis/analyzer/x509/X509.cc | 2 +-
- src/file_analysis/analyzer/x509/X509.h | 11 ++++++++---
- src/file_analysis/analyzer/x509/functions.bif | 6 +++---
- 4 files changed, 20 insertions(+), 15 deletions(-)
-
-diff --git src/file_analysis/analyzer/x509/OCSP.cc src/file_analysis/analyzer/x509/OCSP.cc
-index bea88fc747..537d194906 100644
---- src/file_analysis/analyzer/x509/OCSP.cc
-+++ src/file_analysis/analyzer/x509/OCSP.cc
-@@ -44,7 +44,7 @@ static Val* get_ocsp_type(RecordVal* args, const char* name)
-
- static bool OCSP_RESPID_bio(OCSP_BASICRESP* basic_resp, BIO* bio)
- {
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- ASN1_OCTET_STRING* key = nullptr;
- X509_NAME* name = nullptr;
-
-@@ -423,7 +423,7 @@ void file_analysis::OCSP::ParseRequest(OCSP_REQUEST* req, const char* fid)
-
- uint64 version = 0;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- if ( req->tbsRequest->version )
- version = (uint64)ASN1_INTEGER_get(req->tbsRequest->version);
- #else
-@@ -495,7 +495,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- if ( !basic_resp )
- goto clean_up;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- resp_data = basic_resp->tbsResponseData;
- if ( !resp_data )
- goto clean_up;
-@@ -506,7 +506,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- vl->append(resp_val->Ref());
- vl->append(status_val);
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- vl->append(new Val((uint64)ASN1_INTEGER_get(resp_data->version), TYPE_COUNT));
- #else
- vl->append(parse_basic_resp_data_version(basic_resp));
-@@ -526,7 +526,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- }
-
- // producedAt
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- produced_at = resp_data->producedAt;
- #else
- produced_at = OCSP_resp_get0_produced_at(basic_resp);
-@@ -551,7 +551,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- // cert id
- const OCSP_CERTID* cert_id = nullptr;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- cert_id = single_resp->certId;
- #else
- cert_id = OCSP_SINGLERESP_get0_id(single_resp);
-@@ -618,7 +618,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- }
- }
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- i2a_ASN1_OBJECT(bio, basic_resp->signatureAlgorithm->algorithm);
- len = BIO_read(bio, buf, sizeof(buf));
- vl->append(new StringVal(len, buf));
-@@ -635,7 +635,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- certs_vector = new VectorVal(internal_type("x509_opaque_vector")->AsVectorType());
- vl->append(certs_vector);
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- certs = basic_resp->certs;
- #else
- certs = OCSP_resp_get0_certs(basic_resp);
-diff --git src/file_analysis/analyzer/x509/X509.cc src/file_analysis/analyzer/x509/X509.cc
-index 7571915207..600b3adb52 100644
---- src/file_analysis/analyzer/x509/X509.cc
-+++ src/file_analysis/analyzer/x509/X509.cc
-@@ -290,7 +290,7 @@ void file_analysis::X509::ParseSAN(X509_EXTENSION* ext)
- continue;
- }
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- const char* name = (const char*) ASN1_STRING_data(gen->d.ia5);
- #else
- const char* name = (const char*) ASN1_STRING_get0_data(gen->d.ia5);
-diff --git src/file_analysis/analyzer/x509/X509.h src/file_analysis/analyzer/x509/X509.h
-index b808b676fe..91a5a7a5a1 100644
---- src/file_analysis/analyzer/x509/X509.h
-+++ src/file_analysis/analyzer/x509/X509.h
-@@ -8,24 +8,27 @@
- #include "Val.h"
- #include "X509Common.h"
-
--#if (OPENSSL_VERSION_NUMBER < 0x10002000L || LIBRESSL_VERSION_NUMBER)
-+#if ( OPENSSL_VERSION_NUMBER < 0x10002000L ) || defined(LIBRESSL_VERSION_NUMBER)
-
- #define X509_get_signature_nid(x) OBJ_obj2nid((x)->sig_alg->algorithm)
-
- #endif
-
--#if (OPENSSL_VERSION_NUMBER < 0x1010000fL || LIBRESSL_VERSION_NUMBER)
-+#if ( OPENSSL_VERSION_NUMBER < 0x1010000fL ) || defined(LIBRESSL_VERSION_NUMBER)
-
- #define X509_OBJECT_new() (X509_OBJECT*)malloc(sizeof(X509_OBJECT))
- #define X509_OBJECT_free(a) free(a)
-
--#define OCSP_SINGLERESP_get0_id(s) (s)->certId
- #define OCSP_resp_get0_certs(x) (x)->certs
-
- #define EVP_PKEY_get0_DSA(p) ((p)->pkey.dsa)
- #define EVP_PKEY_get0_EC_KEY(p) ((p)->pkey.ec)
- #define EVP_PKEY_get0_RSA(p) ((p)->pkey.rsa)
-
-+#if !defined(LIBRESSL_VERSION_NUMBER) || ( LIBRESSL_VERSION_NUMBER < 0x2070000fL )
-+
-+#define OCSP_SINGLERESP_get0_id(s) (s)->certId
-+
- static X509 *X509_OBJECT_get0_X509(const X509_OBJECT *a)
- {
- if ( a == nullptr || a->type != X509_LU_X509 )
-@@ -57,6 +60,8 @@ static void RSA_get0_key(const RSA *r,
-
- #endif
-
-+#endif
-+
- namespace file_analysis {
-
- class X509Val;
-diff --git src/file_analysis/analyzer/x509/functions.bif src/file_analysis/analyzer/x509/functions.bif
-index 0b18feb8fe..ec87a495b3 100644
---- src/file_analysis/analyzer/x509/functions.bif
-+++ src/file_analysis/analyzer/x509/functions.bif
-@@ -115,7 +115,7 @@ X509* x509_get_ocsp_signer(const STACK_OF(X509)* certs,
- const ASN1_OCTET_STRING* key = nullptr;
- const X509_NAME* name = nullptr;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- OCSP_RESPID* resp_id = basic_resp->tbsResponseData->responderId;
-
- if ( resp_id->type == V_OCSP_RESPID_NAME )
-@@ -348,7 +348,7 @@ function x509_ocsp_verify%(certs: x509_opaque_vector, ocsp_reply: string, root_c
-
- // Because we actually want to be able to give nice error messages that show why we were
- // not able to verify the OCSP response - do our own verification logic first.
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- signer = x509_get_ocsp_signer(basic->certs, basic);
- #else
- signer = x509_get_ocsp_signer(OCSP_resp_get0_certs(basic), basic);
-@@ -714,7 +714,7 @@ function sct_verify%(cert: opaque of x509, logid: string, log_key: string, signa
- uint32 cert_length;
- if ( precert )
- {
--#if (OPENSSL_VERSION_NUMBER < 0x10002000L || LIBRESSL_VERSION_NUMBER)
-+#if ( OPENSSL_VERSION_NUMBER < 0x10002000L ) || defined(LIBRESSL_VERSION_NUMBER)
- x->cert_info->enc.modified = 1;
- cert_length = i2d_X509_CINF(x->cert_info, &cert_out);
- #else
diff --git a/srcpkgs/bro/patches/musl.patch b/srcpkgs/bro/patches/musl.patch
deleted file mode 100644
index e8a2c6da9d5..00000000000
--- a/srcpkgs/bro/patches/musl.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-https://github.com/danielguerra69/docker-bro-1
-
---- aux/binpac/lib/binpac.h.in.orig
-+++ aux/binpac/lib/binpac.h.in
-@@ -4,6 +4,7 @@
- #define binpac_h
-
- #include <sys/param.h>
-+#include <sys/types.h>
-
- #cmakedefine HOST_BIGENDIAN
- #ifdef HOST_BIGENDIAN
-
---- src/OSFinger.h.orig
-+++ src/OSFinger.h
-@@ -166,3 +166,57 @@
- #define MATCHFUZZY 0x2
-
- #endif
-+
-+// For musl-libc
-+#ifndef TCPOPT_EOL
-+# define TCPOPT_EOL 0
-+#endif
-+
-+#ifndef TCPOPT_NOP
-+# define TCPOPT_NOP 1
-+#endif
-+
-+#ifndef TCPOPT_MAXSEG
-+# define TCPOPT_MAXSEG 2
-+#endif
-+
-+#ifndef TCPOLEN_MAXSEG
-+# define TCPOLEN_MAXSEG 4
-+#endif
-+
-+#ifndef TCPOPT_WINDOW
-+# define TCPOPT_WINDOW 3
-+#endif
-+
-+#ifndef TCPOLEN_WINDOW
-+# define TCPOLEN_WINDOW 3
-+#endif
-+
-+#ifndef TCPOPT_SACK_PERMITTED
-+# define TCPOPT_SACK_PERMITTED 4 /* Experimental */
-+#endif
-+
-+#ifndef TCPOLEN_SACK_PERMITTED
-+# define TCPOLEN_SACK_PERMITTED 2
-+#endif
-+
-+#ifndef TCPOPT_SACK
-+# define TCPOPT_SACK 5 /* Experimental */
-+#endif
-+
-+#ifndef TCPOPT_TIMESTAMP
-+# define TCPOPT_TIMESTAMP 8
-+#endif
-+
-+#ifndef TCPOLEN_TIMESTAMP
-+# define TCPOLEN_TIMESTAMP 10
-+#endif
-+
-+#ifndef TCPOLEN_TSTAMP_APPA
-+# define TCPOLEN_TSTAMP_APPA (TCPOLEN_TIMESTAMP+2) /* appendix A */
-+#endif
-+
-+#ifndef TCPOPT_TSTAMP_HDR
-+# define TCPOPT_TSTAMP_HDR \
-+ (TCPOPT_NOP<<24|TCPOPT_NOP<<16|TCPOPT_TIMESTAMP<<8|TCPOLEN_TIMESTAMP)
-+#endif
-
diff --git a/srcpkgs/bro/template b/srcpkgs/bro/template
deleted file mode 100644
index 4d453648771..00000000000
--- a/srcpkgs/bro/template
+++ /dev/null
@@ -1,49 +0,0 @@
-# Template file for 'bro'
-pkgname=bro
-version=2.6.4
-revision=1
-archs="x86_64* i686* aarch64* armv7* ppc64*"
-build_style=cmake
-hostmakedepends="flex pkg-config python3"
-makedepends="bind-devel geoip-devel libpcap-devel libressl-devel jemalloc-devel"
-short_desc="Advanced framework for network traffic analysis"
-maintainer="Andrew Benson <abenson+void@gmail.com>"
-license="BSD-3-Clause"
-homepage="https://www.bro.org"
-distfiles="https://www.bro.org/downloads/bro-${version}.tar.gz"
-checksum=a47a9cdcef0ea14d5f70c390ab266f0333063ff96f3869a5f1609581a1d1ceb7
-nocross="Needs to build part of itself to run, can't be built separately yet."
-
-case "$XBPS_TARGET_MACHINE" in
- *-musl)
- makedepends+=" musl-fts-devel"
- ;;
-esac
-
-pre_configure() {
- case "$XBPS_TARGET_MACHINE" in
- *-musl)
- sed -i '/set(broxygen/i link_libraries("-lfts")' src/broxygen/CMakeLists.txt
- ;;
- esac
-}
-
-post_install() {
- vsv bro
- vlicense COPYING
-}
-
-binpac_package() {
- short_desc+=" - protocol parser compiler"
- pkg_install() {
- vmove /usr/bin/binpac
- }
-}
-
-binpac-devel_package() {
- short_desc+=" - protocol parser compiler library"
- pkg_install() {
- vmove /usr/include
- vmove "/usr/lib/*.a"
- }
-}
diff --git a/srcpkgs/zeek-devel b/srcpkgs/zeek-devel
new file mode 120000
index 00000000000..bd825eaacdb
--- /dev/null
+++ b/srcpkgs/zeek-devel
@@ -0,0 +1 @@
+zeek
\ No newline at end of file
diff --git a/srcpkgs/zeek/files/zeek/run b/srcpkgs/zeek/files/zeek/run
new file mode 100644
index 00000000000..8d3fd5e36f2
--- /dev/null
+++ b/srcpkgs/zeek/files/zeek/run
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+ZEEKLOGDIR="/var/log/zeek"
+
+[ -r conf ] && . ./conf
+
+[ -d ${ZEEKLOGDIR} ] || mkdir -p ${ZEEKLOGDIR}
+
+cd $ZEEKLOGDIR
+exec zeek -i ${INTF:=eth0} ${ZEEKPOLICY}
diff --git a/srcpkgs/zeek/patches/fix-musl.patch b/srcpkgs/zeek/patches/fix-musl.patch
new file mode 100644
index 00000000000..b44bcb3d165
--- /dev/null
+++ b/srcpkgs/zeek/patches/fix-musl.patch
@@ -0,0 +1,23 @@
+--- CMakeLists.txt.orig
++++ CMakeLists.txt
+@@ -322,18 +322,11 @@
+ # if one specifies --with-openssl (which may be common).
+ include_directories(BEFORE ${OPENSSL_INCLUDE_DIR})
+
+-# Alpine support
+-if ( ${CMAKE_SYSTEM_NAME} MATCHES Linux AND EXISTS /etc/os-release )
+- execute_process(
+- COMMAND grep -q alpine /etc/os-release
+- RESULT_VARIABLE os_release_alpine
+- )
+-
+- if ( os_release_alpine EQUAL 0 )
++# Void-musl support
++if ( IS_VOID_MUSL )
+ find_package(FTS REQUIRED)
+ list(APPEND OPTLIBS ${FTS_LIBRARY})
+ include_directories(BEFORE ${FTS_INCLUDE_DIR})
+- endif ()
+ endif ()
+
+ set(zeekdeps ${zeekdeps}
diff --git a/srcpkgs/zeek/template b/srcpkgs/zeek/template
new file mode 100644
index 00000000000..1d0898dff9c
--- /dev/null
+++ b/srcpkgs/zeek/template
@@ -0,0 +1,57 @@
+# Template file for 'zeek'
+pkgname=zeek
+version=3.1.2
+revision=1
+archs="x86_64* i686* aarch64* armv7* ppc64*"
+build_style=cmake
+hostmakedepends="flex pkg-config python3"
+makedepends="bind-devel geoip-devel libpcap-devel libressl-devel jemalloc-devel"
+short_desc="Advanced framework for network traffic analysis"
+maintainer="Andrew Benson <abenson+void@gmail.com>"
+license="BSD-3-Clause"
+homepage="https://www.zeek.org"
+distfiles="https://old.zeek.org/downloads/zeek-${version}.tar.gz"
+checksum=1858725fd6d04a1af3c2798c341529aa0d229e838b6476f036156dc5dd254aa1
+nocross="Needs to build part of itself to run, can't be built separately yet."
+
+if [ "$XBPS_TARGET_LIBC" = "musl" ]; then
+ makedepends+=" musl-fts-devel musl-legacy-compat"
+ configure_args+=" -DIS_VOID_MUSL=1"
+fi
+
+post_install() {
+ vsv zeek
+ vlicense COPYING
+}
+
+zeek-devel_package() {
+ short_desc+=" - development files"
+ pkg_install() {
+ vmove usr/include
+ vmove "usr/bin/*-config"
+ vmove "usr/lib/*.a"
+ vmove "usr/lib/*.so"
+ vmove usr/share/zeek/cmake
+ }
+}
+
+bro_package() {
+ archs=noarch
+ build_style=meta
+ depends="${sourcepkg}>=${version}_${revision}"
+ short_desc+=" (transitional dummy package)"
+}
+
+binpac_package() {
+ short_desc+=" - protocol parser compiler (transitional)"
+ build_style=meta
+ archs=noarch
+ depends="${sourcepkg}>=${version}_${revision}"
+}
+
+binpac-devel_package() {
+ short_desc+=" - protocol parser compiler library (transitional)"
+ build_style=meta
+ archs=noarch
+ depends="${sourcepkg}>=${version}_${revision}"
+}
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PR PATCH] [Updated] zeek: rename from bro, update to 3.1.1
2020-04-09 16:44 [PR PATCH] zeek: rename from bro, update to 3.1.1 abenson
` (9 preceding siblings ...)
2020-04-22 4:28 ` abenson
@ 2020-05-18 18:26 ` abenson
2020-05-19 2:39 ` abenson
11 siblings, 0 replies; 13+ messages in thread
From: abenson @ 2020-05-18 18:26 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 329 bytes --]
There is an updated pull request by abenson against master on the void-packages repository
https://github.com/abenson/void-packages bro2zeek
https://github.com/void-linux/void-packages/pull/20798
zeek: rename from bro, update to 3.1.1
A patch file from https://github.com/void-linux/void-packages/pull/20798.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-bro2zeek-20798.patch --]
[-- Type: text/x-diff, Size: 16895 bytes --]
From 4fb6b5bb34322660f8b3d039c1aea21b525338dc Mon Sep 17 00:00:00 2001
From: Andrew Benson <abenson+void@gmail.com>
Date: Wed, 8 Apr 2020 19:56:10 -0500
Subject: [PATCH] zeek: rename from bro, update to 3.1.3
---
common/shlibs | 8 +-
srcpkgs/binpac | 2 +-
srcpkgs/binpac-devel | 2 +-
srcpkgs/bro | 1 +
srcpkgs/bro/files/bro/run | 10 --
srcpkgs/bro/patches/libressl.patch | 176 ----------------------------
srcpkgs/bro/patches/musl.patch | 74 ------------
srcpkgs/bro/template | 49 --------
srcpkgs/zeek-devel | 1 +
srcpkgs/zeek/files/zeek/run | 10 ++
srcpkgs/zeek/patches/fix-musl.patch | 23 ++++
srcpkgs/zeek/template | 57 +++++++++
12 files changed, 99 insertions(+), 314 deletions(-)
create mode 120000 srcpkgs/bro
delete mode 100644 srcpkgs/bro/files/bro/run
delete mode 100644 srcpkgs/bro/patches/libressl.patch
delete mode 100644 srcpkgs/bro/patches/musl.patch
delete mode 100644 srcpkgs/bro/template
create mode 120000 srcpkgs/zeek-devel
create mode 100644 srcpkgs/zeek/files/zeek/run
create mode 100644 srcpkgs/zeek/patches/fix-musl.patch
create mode 100644 srcpkgs/zeek/template
diff --git a/common/shlibs b/common/shlibs
index e2b782e80e8..3a47aeb4f79 100644
--- a/common/shlibs
+++ b/common/shlibs
@@ -3550,9 +3550,11 @@ libtexpdf.so.0 libtexpdf-0.9.5_1
libupstart.so.1 libupstart-1.13.3_1
librtas.so.2 librtas-2.0.2_1
librtasevent.so.2 librtas-2.0.2_1
-libbroker.so.0 bro-2.6.1_1
-libcaf_core.so.0.16.2 bro-2.6.1_1
-libcaf_openssl.so.0.16.2 bro-2.6.1_1
+libbroker.so.2 zeek-3.1.1_1
+libcaf_core.so.0.17.4 zeek-3.1.1_1
+libcaf_io.so.0.17.4 zeek-3.1.1_1
+libcaf_openssl.so.0.17.4 zeek-3.1.1_1
+libbinpac.so.0 zeek-3.1.1_1
libllhttp.so.1 llhttp-1.0.1_1
libpinyin.so.13 libpinyin-2.2.1_1
libuhd.so.3.15.0 uhd-3.15.0.0_1
diff --git a/srcpkgs/binpac b/srcpkgs/binpac
index 52815503047..bd825eaacdb 120000
--- a/srcpkgs/binpac
+++ b/srcpkgs/binpac
@@ -1 +1 @@
-bro
\ No newline at end of file
+zeek
\ No newline at end of file
diff --git a/srcpkgs/binpac-devel b/srcpkgs/binpac-devel
index 52815503047..bd825eaacdb 120000
--- a/srcpkgs/binpac-devel
+++ b/srcpkgs/binpac-devel
@@ -1 +1 @@
-bro
\ No newline at end of file
+zeek
\ No newline at end of file
diff --git a/srcpkgs/bro b/srcpkgs/bro
new file mode 120000
index 00000000000..bd825eaacdb
--- /dev/null
+++ b/srcpkgs/bro
@@ -0,0 +1 @@
+zeek
\ No newline at end of file
diff --git a/srcpkgs/bro/files/bro/run b/srcpkgs/bro/files/bro/run
deleted file mode 100644
index 90eb6a59c0c..00000000000
--- a/srcpkgs/bro/files/bro/run
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/sh
-
-BROLOGDIR="/var/log/bro"
-
-[ -r conf ] && . ./conf
-
-[ -d ${BROLOGDIR} ] || mkdir -p ${BROLOGDIR}
-
-cd /var/log/bro
-exec bro -i ${INTF:=eth0} ${BROPOLICY}
diff --git a/srcpkgs/bro/patches/libressl.patch b/srcpkgs/bro/patches/libressl.patch
deleted file mode 100644
index 31308629063..00000000000
--- a/srcpkgs/bro/patches/libressl.patch
+++ /dev/null
@@ -1,176 +0,0 @@
-From fc43d06955a255bce4162b459be4a6a3a11a178d Mon Sep 17 00:00:00 2001
-From: Jon Siwek <jsiwek@corelight.com>
-Date: Mon, 7 Jan 2019 11:35:17 -0600
-Subject: [PATCH] GH-227: Improve LibreSSL support
-
----
- src/file_analysis/analyzer/x509/OCSP.cc | 16 ++++++++--------
- src/file_analysis/analyzer/x509/X509.cc | 2 +-
- src/file_analysis/analyzer/x509/X509.h | 11 ++++++++---
- src/file_analysis/analyzer/x509/functions.bif | 6 +++---
- 4 files changed, 20 insertions(+), 15 deletions(-)
-
-diff --git src/file_analysis/analyzer/x509/OCSP.cc src/file_analysis/analyzer/x509/OCSP.cc
-index bea88fc747..537d194906 100644
---- src/file_analysis/analyzer/x509/OCSP.cc
-+++ src/file_analysis/analyzer/x509/OCSP.cc
-@@ -44,7 +44,7 @@ static Val* get_ocsp_type(RecordVal* args, const char* name)
-
- static bool OCSP_RESPID_bio(OCSP_BASICRESP* basic_resp, BIO* bio)
- {
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- ASN1_OCTET_STRING* key = nullptr;
- X509_NAME* name = nullptr;
-
-@@ -423,7 +423,7 @@ void file_analysis::OCSP::ParseRequest(OCSP_REQUEST* req, const char* fid)
-
- uint64 version = 0;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- if ( req->tbsRequest->version )
- version = (uint64)ASN1_INTEGER_get(req->tbsRequest->version);
- #else
-@@ -495,7 +495,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- if ( !basic_resp )
- goto clean_up;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- resp_data = basic_resp->tbsResponseData;
- if ( !resp_data )
- goto clean_up;
-@@ -506,7 +506,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- vl->append(resp_val->Ref());
- vl->append(status_val);
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- vl->append(new Val((uint64)ASN1_INTEGER_get(resp_data->version), TYPE_COUNT));
- #else
- vl->append(parse_basic_resp_data_version(basic_resp));
-@@ -526,7 +526,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- }
-
- // producedAt
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- produced_at = resp_data->producedAt;
- #else
- produced_at = OCSP_resp_get0_produced_at(basic_resp);
-@@ -551,7 +551,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- // cert id
- const OCSP_CERTID* cert_id = nullptr;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- cert_id = single_resp->certId;
- #else
- cert_id = OCSP_SINGLERESP_get0_id(single_resp);
-@@ -618,7 +618,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- }
- }
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- i2a_ASN1_OBJECT(bio, basic_resp->signatureAlgorithm->algorithm);
- len = BIO_read(bio, buf, sizeof(buf));
- vl->append(new StringVal(len, buf));
-@@ -635,7 +635,7 @@ void file_analysis::OCSP::ParseResponse(OCSP_RESPVal *resp_val, const char* fid)
- certs_vector = new VectorVal(internal_type("x509_opaque_vector")->AsVectorType());
- vl->append(certs_vector);
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- certs = basic_resp->certs;
- #else
- certs = OCSP_resp_get0_certs(basic_resp);
-diff --git src/file_analysis/analyzer/x509/X509.cc src/file_analysis/analyzer/x509/X509.cc
-index 7571915207..600b3adb52 100644
---- src/file_analysis/analyzer/x509/X509.cc
-+++ src/file_analysis/analyzer/x509/X509.cc
-@@ -290,7 +290,7 @@ void file_analysis::X509::ParseSAN(X509_EXTENSION* ext)
- continue;
- }
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- const char* name = (const char*) ASN1_STRING_data(gen->d.ia5);
- #else
- const char* name = (const char*) ASN1_STRING_get0_data(gen->d.ia5);
-diff --git src/file_analysis/analyzer/x509/X509.h src/file_analysis/analyzer/x509/X509.h
-index b808b676fe..91a5a7a5a1 100644
---- src/file_analysis/analyzer/x509/X509.h
-+++ src/file_analysis/analyzer/x509/X509.h
-@@ -8,24 +8,27 @@
- #include "Val.h"
- #include "X509Common.h"
-
--#if (OPENSSL_VERSION_NUMBER < 0x10002000L || LIBRESSL_VERSION_NUMBER)
-+#if ( OPENSSL_VERSION_NUMBER < 0x10002000L ) || defined(LIBRESSL_VERSION_NUMBER)
-
- #define X509_get_signature_nid(x) OBJ_obj2nid((x)->sig_alg->algorithm)
-
- #endif
-
--#if (OPENSSL_VERSION_NUMBER < 0x1010000fL || LIBRESSL_VERSION_NUMBER)
-+#if ( OPENSSL_VERSION_NUMBER < 0x1010000fL ) || defined(LIBRESSL_VERSION_NUMBER)
-
- #define X509_OBJECT_new() (X509_OBJECT*)malloc(sizeof(X509_OBJECT))
- #define X509_OBJECT_free(a) free(a)
-
--#define OCSP_SINGLERESP_get0_id(s) (s)->certId
- #define OCSP_resp_get0_certs(x) (x)->certs
-
- #define EVP_PKEY_get0_DSA(p) ((p)->pkey.dsa)
- #define EVP_PKEY_get0_EC_KEY(p) ((p)->pkey.ec)
- #define EVP_PKEY_get0_RSA(p) ((p)->pkey.rsa)
-
-+#if !defined(LIBRESSL_VERSION_NUMBER) || ( LIBRESSL_VERSION_NUMBER < 0x2070000fL )
-+
-+#define OCSP_SINGLERESP_get0_id(s) (s)->certId
-+
- static X509 *X509_OBJECT_get0_X509(const X509_OBJECT *a)
- {
- if ( a == nullptr || a->type != X509_LU_X509 )
-@@ -57,6 +60,8 @@ static void RSA_get0_key(const RSA *r,
-
- #endif
-
-+#endif
-+
- namespace file_analysis {
-
- class X509Val;
-diff --git src/file_analysis/analyzer/x509/functions.bif src/file_analysis/analyzer/x509/functions.bif
-index 0b18feb8fe..ec87a495b3 100644
---- src/file_analysis/analyzer/x509/functions.bif
-+++ src/file_analysis/analyzer/x509/functions.bif
-@@ -115,7 +115,7 @@ X509* x509_get_ocsp_signer(const STACK_OF(X509)* certs,
- const ASN1_OCTET_STRING* key = nullptr;
- const X509_NAME* name = nullptr;
-
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- OCSP_RESPID* resp_id = basic_resp->tbsResponseData->responderId;
-
- if ( resp_id->type == V_OCSP_RESPID_NAME )
-@@ -348,7 +348,7 @@ function x509_ocsp_verify%(certs: x509_opaque_vector, ocsp_reply: string, root_c
-
- // Because we actually want to be able to give nice error messages that show why we were
- // not able to verify the OCSP response - do our own verification logic first.
--#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
-+#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
- signer = x509_get_ocsp_signer(basic->certs, basic);
- #else
- signer = x509_get_ocsp_signer(OCSP_resp_get0_certs(basic), basic);
-@@ -714,7 +714,7 @@ function sct_verify%(cert: opaque of x509, logid: string, log_key: string, signa
- uint32 cert_length;
- if ( precert )
- {
--#if (OPENSSL_VERSION_NUMBER < 0x10002000L || LIBRESSL_VERSION_NUMBER)
-+#if ( OPENSSL_VERSION_NUMBER < 0x10002000L ) || defined(LIBRESSL_VERSION_NUMBER)
- x->cert_info->enc.modified = 1;
- cert_length = i2d_X509_CINF(x->cert_info, &cert_out);
- #else
diff --git a/srcpkgs/bro/patches/musl.patch b/srcpkgs/bro/patches/musl.patch
deleted file mode 100644
index e8a2c6da9d5..00000000000
--- a/srcpkgs/bro/patches/musl.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-https://github.com/danielguerra69/docker-bro-1
-
---- aux/binpac/lib/binpac.h.in.orig
-+++ aux/binpac/lib/binpac.h.in
-@@ -4,6 +4,7 @@
- #define binpac_h
-
- #include <sys/param.h>
-+#include <sys/types.h>
-
- #cmakedefine HOST_BIGENDIAN
- #ifdef HOST_BIGENDIAN
-
---- src/OSFinger.h.orig
-+++ src/OSFinger.h
-@@ -166,3 +166,57 @@
- #define MATCHFUZZY 0x2
-
- #endif
-+
-+// For musl-libc
-+#ifndef TCPOPT_EOL
-+# define TCPOPT_EOL 0
-+#endif
-+
-+#ifndef TCPOPT_NOP
-+# define TCPOPT_NOP 1
-+#endif
-+
-+#ifndef TCPOPT_MAXSEG
-+# define TCPOPT_MAXSEG 2
-+#endif
-+
-+#ifndef TCPOLEN_MAXSEG
-+# define TCPOLEN_MAXSEG 4
-+#endif
-+
-+#ifndef TCPOPT_WINDOW
-+# define TCPOPT_WINDOW 3
-+#endif
-+
-+#ifndef TCPOLEN_WINDOW
-+# define TCPOLEN_WINDOW 3
-+#endif
-+
-+#ifndef TCPOPT_SACK_PERMITTED
-+# define TCPOPT_SACK_PERMITTED 4 /* Experimental */
-+#endif
-+
-+#ifndef TCPOLEN_SACK_PERMITTED
-+# define TCPOLEN_SACK_PERMITTED 2
-+#endif
-+
-+#ifndef TCPOPT_SACK
-+# define TCPOPT_SACK 5 /* Experimental */
-+#endif
-+
-+#ifndef TCPOPT_TIMESTAMP
-+# define TCPOPT_TIMESTAMP 8
-+#endif
-+
-+#ifndef TCPOLEN_TIMESTAMP
-+# define TCPOLEN_TIMESTAMP 10
-+#endif
-+
-+#ifndef TCPOLEN_TSTAMP_APPA
-+# define TCPOLEN_TSTAMP_APPA (TCPOLEN_TIMESTAMP+2) /* appendix A */
-+#endif
-+
-+#ifndef TCPOPT_TSTAMP_HDR
-+# define TCPOPT_TSTAMP_HDR \
-+ (TCPOPT_NOP<<24|TCPOPT_NOP<<16|TCPOPT_TIMESTAMP<<8|TCPOLEN_TIMESTAMP)
-+#endif
-
diff --git a/srcpkgs/bro/template b/srcpkgs/bro/template
deleted file mode 100644
index 8ef7be068cc..00000000000
--- a/srcpkgs/bro/template
+++ /dev/null
@@ -1,49 +0,0 @@
-# Template file for 'bro'
-pkgname=bro
-version=2.6.4
-revision=1
-archs="x86_64* i686* aarch64* armv7* ppc64*"
-build_style=cmake
-hostmakedepends="flex pkg-config python3"
-makedepends="bind-devel geoip-devel libpcap-devel libressl-devel jemalloc-devel"
-short_desc="Advanced framework for network traffic analysis"
-maintainer="Andrew Benson <abenson+void@gmail.com>"
-license="BSD-3-Clause"
-homepage="https://www.bro.org"
-distfiles="https://download.zeek.org/bro-${version}.tar.gz"
-checksum=a47a9cdcef0ea14d5f70c390ab266f0333063ff96f3869a5f1609581a1d1ceb7
-nocross="Needs to build part of itself to run, can't be built separately yet."
-
-case "$XBPS_TARGET_MACHINE" in
- *-musl)
- makedepends+=" musl-fts-devel"
- ;;
-esac
-
-pre_configure() {
- case "$XBPS_TARGET_MACHINE" in
- *-musl)
- sed -i '/set(broxygen/i link_libraries("-lfts")' src/broxygen/CMakeLists.txt
- ;;
- esac
-}
-
-post_install() {
- vsv bro
- vlicense COPYING
-}
-
-binpac_package() {
- short_desc+=" - protocol parser compiler"
- pkg_install() {
- vmove /usr/bin/binpac
- }
-}
-
-binpac-devel_package() {
- short_desc+=" - protocol parser compiler library"
- pkg_install() {
- vmove /usr/include
- vmove "/usr/lib/*.a"
- }
-}
diff --git a/srcpkgs/zeek-devel b/srcpkgs/zeek-devel
new file mode 120000
index 00000000000..bd825eaacdb
--- /dev/null
+++ b/srcpkgs/zeek-devel
@@ -0,0 +1 @@
+zeek
\ No newline at end of file
diff --git a/srcpkgs/zeek/files/zeek/run b/srcpkgs/zeek/files/zeek/run
new file mode 100644
index 00000000000..8d3fd5e36f2
--- /dev/null
+++ b/srcpkgs/zeek/files/zeek/run
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+ZEEKLOGDIR="/var/log/zeek"
+
+[ -r conf ] && . ./conf
+
+[ -d ${ZEEKLOGDIR} ] || mkdir -p ${ZEEKLOGDIR}
+
+cd $ZEEKLOGDIR
+exec zeek -i ${INTF:=eth0} ${ZEEKPOLICY}
diff --git a/srcpkgs/zeek/patches/fix-musl.patch b/srcpkgs/zeek/patches/fix-musl.patch
new file mode 100644
index 00000000000..b44bcb3d165
--- /dev/null
+++ b/srcpkgs/zeek/patches/fix-musl.patch
@@ -0,0 +1,23 @@
+--- CMakeLists.txt.orig
++++ CMakeLists.txt
+@@ -322,18 +322,11 @@
+ # if one specifies --with-openssl (which may be common).
+ include_directories(BEFORE ${OPENSSL_INCLUDE_DIR})
+
+-# Alpine support
+-if ( ${CMAKE_SYSTEM_NAME} MATCHES Linux AND EXISTS /etc/os-release )
+- execute_process(
+- COMMAND grep -q alpine /etc/os-release
+- RESULT_VARIABLE os_release_alpine
+- )
+-
+- if ( os_release_alpine EQUAL 0 )
++# Void-musl support
++if ( IS_VOID_MUSL )
+ find_package(FTS REQUIRED)
+ list(APPEND OPTLIBS ${FTS_LIBRARY})
+ include_directories(BEFORE ${FTS_INCLUDE_DIR})
+- endif ()
+ endif ()
+
+ set(zeekdeps ${zeekdeps}
diff --git a/srcpkgs/zeek/template b/srcpkgs/zeek/template
new file mode 100644
index 00000000000..7bee0e5bf2f
--- /dev/null
+++ b/srcpkgs/zeek/template
@@ -0,0 +1,57 @@
+# Template file for 'zeek'
+pkgname=zeek
+version=3.1.3
+revision=1
+archs="x86_64* i686* aarch64* armv7* ppc64*"
+build_style=cmake
+hostmakedepends="flex pkg-config python3"
+makedepends="bind-devel geoip-devel libpcap-devel libressl-devel jemalloc-devel"
+short_desc="Advanced framework for network traffic analysis"
+maintainer="Andrew Benson <abenson+void@gmail.com>"
+license="BSD-3-Clause"
+homepage="https://www.zeek.org"
+distfiles="https://old.zeek.org/downloads/zeek-${version}.tar.gz"
+checksum=d7bf24615c4c0af2435c99c9fb8c9c0f0ecdce375e184ba7f63b715ae5900a61
+nocross="Needs to build part of itself to run, can't be built separately yet."
+
+if [ "$XBPS_TARGET_LIBC" = "musl" ]; then
+ makedepends+=" musl-fts-devel musl-legacy-compat"
+ configure_args+=" -DIS_VOID_MUSL=1"
+fi
+
+post_install() {
+ vsv zeek
+ vlicense COPYING
+}
+
+zeek-devel_package() {
+ short_desc+=" - development files"
+ pkg_install() {
+ vmove usr/include
+ vmove "usr/bin/*-config"
+ vmove "usr/lib/*.a"
+ vmove "usr/lib/*.so"
+ vmove usr/share/zeek/cmake
+ }
+}
+
+bro_package() {
+ archs=noarch
+ build_style=meta
+ depends="${sourcepkg}>=${version}_${revision}"
+ short_desc+=" (transitional dummy package)"
+}
+
+binpac_package() {
+ short_desc+=" - protocol parser compiler (transitional)"
+ build_style=meta
+ archs=noarch
+ depends="${sourcepkg}>=${version}_${revision}"
+}
+
+binpac-devel_package() {
+ short_desc+=" - protocol parser compiler library (transitional)"
+ build_style=meta
+ archs=noarch
+ depends="${sourcepkg}>=${version}_${revision}"
+}
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: zeek: rename from bro, update to 3.1.1
2020-04-09 16:44 [PR PATCH] zeek: rename from bro, update to 3.1.1 abenson
` (10 preceding siblings ...)
2020-05-18 18:26 ` [PR PATCH] [Updated] " abenson
@ 2020-05-19 2:39 ` abenson
11 siblings, 0 replies; 13+ messages in thread
From: abenson @ 2020-05-19 2:39 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 350 bytes --]
New comment by abenson on void-packages repository
https://github.com/void-linux/void-packages/pull/20798#issuecomment-630543727
Comment:
Hm, this doesn't seem right.
SONAME libbroker.so.2 from /usr/lib/libbroker.so.1.3
Though better than the same issue in the current bro build.
/usr/lib/libbroker.so.0 -> /usr/lib/libbroker.so..
^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2020-05-19 2:39 UTC | newest]
Thread overview: 13+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-04-09 16:44 [PR PATCH] zeek: rename from bro, update to 3.1.1 abenson
2020-04-09 16:47 ` abenson
2020-04-10 1:36 ` sgn
2020-04-10 14:43 ` abenson
2020-04-21 21:14 ` [PR PATCH] [Updated] [WIP] " abenson
2020-04-21 21:59 ` abenson
2020-04-21 22:13 ` abenson
2020-04-21 22:35 ` Chocimier
2020-04-21 23:00 ` [PR PATCH] [Updated] " abenson
2020-04-22 0:01 ` abenson
2020-04-22 4:28 ` abenson
2020-05-18 18:26 ` [PR PATCH] [Updated] " abenson
2020-05-19 2:39 ` abenson
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).