summaryrefslogtreecommitdiff
path: root/package/snort/patches
diff options
context:
space:
mode:
authorWaldemar Brodkorb <wbx@openadk.org>2019-10-09 09:02:42 +0200
committerWaldemar Brodkorb <wbx@openadk.org>2019-10-09 10:31:33 +0200
commit8c1f85475b812061d442b7f599f6f5166186648d (patch)
tree6a171aa3a78fe31a380cd816cc347262792ff280 /package/snort/patches
parente18aa6ff00f17abbf594560f769989b4a240d471 (diff)
snort/daq: update
Diffstat (limited to 'package/snort/patches')
-rw-r--r--package/snort/patches/patch-configure12
-rw-r--r--package/snort/patches/patch-configure_in279
-rw-r--r--package/snort/patches/patch-src_dynamic-preprocessors_appid_service_plugins_service_rpc_c11
-rw-r--r--package/snort/patches/patch-src_target-based_sf_attribute_table_parser_c95
-rw-r--r--package/snort/patches/patch-tools_u2boat_Makefile_in6
-rw-r--r--package/snort/patches/patch-tools_u2spewfoo_Makefile_in6
6 files changed, 302 insertions, 107 deletions
diff --git a/package/snort/patches/patch-configure b/package/snort/patches/patch-configure
index 3b197b010..915650ed6 100644
--- a/package/snort/patches/patch-configure
+++ b/package/snort/patches/patch-configure
@@ -1,6 +1,6 @@
---- snort-2.9.5.orig/configure 2013-06-04 23:21:55.000000000 +0200
-+++ snort-2.9.5/configure 2013-07-17 11:07:20.000000000 +0200
-@@ -14205,50 +14205,6 @@ _ACEOF
+--- snort-2.9.14.1.orig/configure 2019-08-02 08:33:43.000000000 +0200
++++ snort-2.9.14.1/configure 2019-10-08 14:35:23.506350397 +0200
+@@ -14408,50 +14408,6 @@ _ACEOF
fi
@@ -51,7 +51,7 @@
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
-@@ -14578,45 +14534,6 @@ if test "x$LPCAP" = "xno"; then
+@@ -14861,45 +14817,6 @@ if test "x$LPCAP" = "xno"; then
fi
fi
@@ -97,9 +97,9 @@
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for pcap_lib_version" >&5
$as_echo_n "checking for pcap_lib_version... " >&6; }
-@@ -15432,38 +15349,7 @@ fi
- done
+@@ -15830,38 +15747,7 @@ fi
+ fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for daq address space ID" >&5
-$as_echo_n "checking for daq address space ID... " >&6; }
diff --git a/package/snort/patches/patch-configure_in b/package/snort/patches/patch-configure_in
new file mode 100644
index 000000000..5ed8dc9f1
--- /dev/null
+++ b/package/snort/patches/patch-configure_in
@@ -0,0 +1,279 @@
+--- snort-2.9.14.1.orig/configure.in 2019-08-02 08:16:45.000000000 +0200
++++ snort-2.9.14.1/configure.in 2019-10-08 14:40:16.073097068 +0200
+@@ -70,8 +70,10 @@ case "$host" in
+ *-linux*)
+ linux="yes"
+ AC_DEFINE([LINUX],[1],[Define if Linux])
+- AC_SUBST(extra_incl)
+- extra_incl="-I/usr/include/pcap"
++ if test -z "x$with_libpcap_includes"; then
++ AC_SUBST(extra_incl)
++ extra_incl="-I/usr/include/pcap"
++ fi
+ ;;
+ *-hpux10*|*-hpux11*)
+ AC_DEFINE([HPUX],[1],[Define if HP-UX 10 or 11])
+@@ -282,8 +284,8 @@ AC_CHECK_TYPES([int8_t,int16_t,int32_t,i
+ AC_CHECK_TYPES([boolean])
+
+ # In case INADDR_NONE is not defined (like on Solaris)
++AC_CACHE_CHECK([for INADDR_NONE], [have_inaddr_none], [
+ have_inaddr_none="no"
+-AC_MSG_CHECKING([for INADDR_NONE])
+ AC_RUN_IFELSE(
+ [AC_LANG_PROGRAM(
+ [[
+@@ -296,7 +298,7 @@ AC_RUN_IFELSE(
+ return 0;
+ ]])],
+ [have_inaddr_none="yes"],
+-[have_inaddr_none="no"])
++[have_inaddr_none="no"])])
+ AC_MSG_RESULT($have_inaddr_none)
+ if test "x$have_inaddr_none" = "xno"; then
+ AC_DEFINE([INADDR_NONE],[-1],[For INADDR_NONE definition])
+@@ -429,7 +431,7 @@ if test "x$LPCAP" = "xno"; then
+ fi
+
+ AC_MSG_CHECKING([for pcap_lex_destroy])
+-AC_RUN_IFELSE(
++AC_COMPILE_IFELSE(
+ [AC_LANG_PROGRAM(
+ [[
+ #include <pcap.h>
+@@ -717,17 +719,11 @@ fi
+ AC_CHECK_FUNCS([daq_hup_apply] [daq_acquire_with_meta] [daq_dp_add_dc])
+
+ AC_MSG_CHECKING([for daq real addresses])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+- DAQ_PktHdr_t hdr;
+- hdr.n_real_dPort = 0;
+-]])],
+-[have_daq_real_addresses="yes"],
+-[have_daq_real_addresses="no"])
++
++AC_CHECK_MEMBERS([DAQ_PktHdr_t hdr.n_real_dPort],
++ [have_daq_real_addresses="yes"],
++ [have_daq_real_addresses="no"],
++ [[#include <daq.h>]])
+ AC_MSG_RESULT($have_daq_real_addresses)
+ if test "x$have_daq_real_addresses" = "xyes"; then
+ AC_DEFINE([HAVE_DAQ_REAL_ADDRESSES],[1],
+@@ -771,17 +767,11 @@ if test "x$ac_cv_func_daq_dp_add_dc" = "
+ fi
+
+ AC_MSG_CHECKING([for daq address space ID])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+- DAQ_PktHdr_t hdr;
+- hdr.address_space_id = 0;
+-]])],
+-[have_daq_address_space_id="yes"],
+-[have_daq_address_space_id="no"])
++
++AC_CHECK_MEMBERS([DAQ_PktHdr_t hdr.address_space_id],
++ [have_daq_address_space_id="yes"],
++ [have_daq_address_space_id="no"],
++ [[#include <daq.h>]])
+ AC_MSG_RESULT($have_daq_address_space_id)
+ if test "x$have_daq_address_space_id" = "xyes"; then
+ AC_DEFINE([HAVE_DAQ_ADDRESS_SPACE_ID],[1],
+@@ -789,17 +779,10 @@ if test "x$have_daq_address_space_id" =
+ fi
+
+ AC_MSG_CHECKING([for daq flow ID])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+- DAQ_PktHdr_t hdr;
+- hdr.flow_id = 0;
+-]])],
+-[have_daq_flow_id="yes"],
+-[have_daq_flow_id="no"])
++AC_CHECK_MEMBERS([DAQ_PktHdr_t hdr.flow_id],
++ [have_daq_flow_id="yes"],
++ [have_daq_flow_id="no"],
++ [[#include <daq.h>]])
+ AC_MSG_RESULT($have_daq_flow_id)
+ if test "x$have_daq_flow_id" = "xyes"; then
+ AC_DEFINE([HAVE_DAQ_FLOW_ID],[1],
+@@ -807,19 +790,10 @@ if test "x$have_daq_flow_id" = "xyes"; t
+ fi
+
+ AC_MSG_CHECKING([for daq extended flow modifiers])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+- DAQ_ModFlow_t mod;
+- mod.type = 0;
+- mod.length = 0;
+- mod.value = NULL;
+-]])],
+-[have_daq_ext_modflow="yes"],
+-[have_daq_ext_modflow="no"])
++AC_CHECK_MEMBERS([DAQ_ModFlow_t mod.type, DAQ_ModFlow_t mod.length, DAQ_ModFlow_t mod.value],
++ [have_daq_ext_modflow="yes"],
++ [have_daq_ext_modflow="no"],
++ [[#include <daq.h>]])
+ AC_MSG_RESULT($have_daq_ext_modflow)
+ if test "x$have_daq_ext_modflow" = "xyes"; then
+ CCONFIGFLAGS="${CCONFIGFLAGS} -DHAVE_DAQ_EXT_MODFLOW"
+@@ -828,19 +802,11 @@ if test "x$have_daq_ext_modflow" = "xyes
+ fi
+
+ AC_MSG_CHECKING([for daq query flow])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+- DAQ_QueryFlow_t mod;
+- mod.type = 0;
+- mod.length = 0;
+- mod.value = NULL;
+-]])],
+-[have_daq_queryflow="yes"],
+-[have_daq_queryflow="no"])
++
++AC_CHECK_MEMBERS([DAQ_QueryFlow_t mod.type, DAQ_QueryFlow_t mod.length, DAQ_QueryFlow_t mod.value],
++ [have_daq_queryflow="yes"],
++ [have_daq_queryflow="no"],
++ [[#include <daq.h>]])
+ AC_MSG_RESULT($have_daq_queryflow)
+ if test "x$have_daq_queryflow" = "xyes"; then
+ CCONFIGFLAGS="${CCONFIGFLAGS} -DHAVE_DAQ_QUERYFLOW"
+@@ -849,16 +815,11 @@ if test "x$have_daq_queryflow" = "xyes";
+ fi
+
+ AC_MSG_CHECKING([for daq data channel flags])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+- DAQ_Data_Channel_Params_t params;
+-]])],
+-[have_daq_data_channel_flags="yes"],
+-[have_daq_data_channel_flags="no"])
++
++AC_CHECK_MEMBERS([DAQ_Data_Channel_Params_t params.flags],
++ [have_daq_data_channel_flags="yes"],
++ [have_daq_data_channel_flags="no"],
++ [[#include <daq.h>]])
+ AC_MSG_RESULT($have_daq_data_channel_flags)
+ if test "x$have_daq_data_channel_flags" = "xyes"; then
+ CCONFIGFLAGS="${CCONFIGFLAGS} -DHAVE_DAQ_DATA_CHANNEL_PARAMS"
+@@ -867,17 +828,10 @@ if test "x$have_daq_data_channel_flags"
+ fi
+
+ AC_MSG_CHECKING([for separate IP versions on pinhole endpoints])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+- DAQ_DP_key_t dpKey;
+- dpKey.src_af = 0;
+-]])],
+-[have_daq_data_channel_separate_ip_versions="yes"],
+-[have_daq_data_channel_separate_ip_versions="no"])
++AC_CHECK_MEMBERS([DAQ_DP_key_t dpKey.src_af],
++ [have_daq_data_channel_separate_ip_versions="yes"],
++ [have_daq_data_channel_separate_ip_versions="no"],
++ [[#include <daq.h>]])
+ AC_MSG_RESULT($have_daq_data_channel_separate_ip_versions)
+ if test "x$have_daq_data_channel_separate_ip_versions" = "xyes"; then
+ CCONFIGFLAGS="${CCONFIGFLAGS} -DHAVE_DAQ_DATA_CHANNEL_SEPARATE_IP_VERSIONS"
+@@ -886,7 +840,7 @@ if test "x$have_daq_data_channel_separat
+ fi
+
+ AC_MSG_CHECKING([for DAQ_VERDICT_RETRY])
+-AC_RUN_IFELSE(
++AC_COMPILE_IFELSE(
+ [AC_LANG_PROGRAM(
+ [[
+ #include <daq.h>
+@@ -904,17 +858,10 @@ if test "x$have_daq_verdict_retry" = "xy
+ fi
+
+ AC_MSG_CHECKING([for daq packet trace])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+- DAQ_PktHdr_t hdr;
+- hdr.flags = DAQ_PKT_FLAG_TRACE_ENABLED;
+-]])],
+-[have_daq_packet_trace="yes"],
+-[have_daq_packet_trace="no"])
++AC_CHECK_MEMBERS([DAQ_PktHdr_t hdr.flags],
++ [have_daq_packet_trace="yes"],
++ [have_daq_packet_trace="no"],
++ [[#include <daq.h>]])
+ AC_MSG_RESULT($have_daq_packet_trace)
+ if test "x$have_daq_packet_trace" = "xyes"; then
+ AC_DEFINE([HAVE_DAQ_PKT_TRACE],[1],
+@@ -924,17 +871,11 @@ else
+ fi
+
+ AC_MSG_CHECKING([for daq verdict reason])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+- DAQ_ModFlow_t fl;
+- fl.type = DAQ_MODFLOW_TYPE_VER_REASON;
+-]])],
+-[have_daq_verdict_reason="yes"],
+-[have_daq_verdict_reason="no"])
++
++AC_CHECK_MEMBERS([DAQ_ModFlow_t fl.type],
++ [have_daq_verdict_reason="yes"],
++ [have_daq_verdict_reason="no"],
++ [[#include <daq.h>]])
+ AC_MSG_RESULT($have_daq_verdict_reason)
+ if test "x$have_daq_verdict_reason" = "xyes"; then
+ AC_DEFINE([HAVE_DAQ_VERDICT_REASON],[1],
+@@ -959,10 +900,8 @@ fi
+
+ # check for sparc %time register
+ if eval "echo $host_cpu|grep -i sparc >/dev/null"; then
+- OLD_CFLAGS="$CFLAGS"
+- CFLAGS="$CFLAGS -mcpu=v9 "
+ AC_MSG_CHECKING([for sparc %time register])
+- AC_RUN_IFELSE(
++ AC_COMPILE_IFELSE(
+ [AC_LANG_PROGRAM(
+ [[]],
+ [[
+@@ -974,8 +913,6 @@ if eval "echo $host_cpu|grep -i sparc >/
+ AC_MSG_RESULT($sparcv9)
+ if test "x$sparcv9" = "xyes"; then
+ AC_DEFINE([SPARCV9],[1],[For sparc v9 with %time register])
+- else
+- CFLAGS="$OLD_CFLAGS"
+ fi
+ fi
+
diff --git a/package/snort/patches/patch-src_dynamic-preprocessors_appid_service_plugins_service_rpc_c b/package/snort/patches/patch-src_dynamic-preprocessors_appid_service_plugins_service_rpc_c
new file mode 100644
index 000000000..fee10a196
--- /dev/null
+++ b/package/snort/patches/patch-src_dynamic-preprocessors_appid_service_plugins_service_rpc_c
@@ -0,0 +1,11 @@
+--- snort-2.9.14.1.orig/src/dynamic-preprocessors/appid/service_plugins/service_rpc.c 2019-08-02 08:16:46.000000000 +0200
++++ snort-2.9.14.1/src/dynamic-preprocessors/appid/service_plugins/service_rpc.c 2019-10-08 14:40:22.925536140 +0200
+@@ -32,7 +32,7 @@
+ #include "flow.h"
+ #include "service_api.h"
+
+-#if defined(FREEBSD) || defined(OPENBSD)
++#if defined(FREEBSD) || defined(OPENBSD) || (defined(LINUX) && defined(__UCLIBC__) && !defined(__UCLIBC_HAS_RPC__) || !defined(__GLIBC__))
+ #include "rpc/rpc.h"
+ #endif
+
diff --git a/package/snort/patches/patch-src_target-based_sf_attribute_table_parser_c b/package/snort/patches/patch-src_target-based_sf_attribute_table_parser_c
deleted file mode 100644
index 4279b4a72..000000000
--- a/package/snort/patches/patch-src_target-based_sf_attribute_table_parser_c
+++ /dev/null
@@ -1,95 +0,0 @@
---- snort-2.9.5.orig/src/target-based/sf_attribute_table_parser.c 2013-06-04 23:23:12.000000000 +0200
-+++ snort-2.9.5/src/target-based/sf_attribute_table_parser.c 2013-07-17 11:10:59.000000000 +0200
-@@ -73,7 +73,6 @@ typedef int flex_int32_t;
- typedef unsigned char flex_uint8_t;
- typedef unsigned short int flex_uint16_t;
- typedef unsigned int flex_uint32_t;
--#endif /* ! C99 */
-
- /* Limits of integral types. */
- #ifndef INT8_MIN
-@@ -104,6 +103,8 @@ typedef unsigned int flex_uint32_t;
- #define UINT32_MAX (4294967295U)
- #endif
-
-+#endif /* ! C99 */
-+
- #endif /* ! FLEXINT_H */
-
- #ifdef __cplusplus
-@@ -160,7 +161,15 @@ typedef unsigned int flex_uint32_t;
-
- /* Size of default input buffer. */
- #ifndef YY_BUF_SIZE
-+#ifdef __ia64__
-+/* On IA-64, the buffer size is 16k, not 8k.
-+ * Moreover, YY_BUF_SIZE is 2*YY_READ_BUF_SIZE in the general case.
-+ * Ditto for the __ia64__ case accordingly.
-+ */
-+#define YY_BUF_SIZE 32768
-+#else
- #define YY_BUF_SIZE 16384
-+#endif /* __ia64__ */
- #endif
-
- /* The state buf must be large enough to hold one state per character in the main buffer.
-@@ -6264,7 +6273,7 @@ int sfat_parse(void);
- /* Rules Section.
- * All rules are in here prior to second "%%" seperator
- */
--#line 6268 "sf_attribute_table_parser.c"
-+#line 6277 "sf_attribute_table_parser.c"
-
- #define INITIAL 0
- #define waiting_for_comma_prior_to_data 1
-@@ -6345,7 +6354,12 @@ static int input (void );
-
- /* Amount of stuff to slurp up with each read. */
- #ifndef YY_READ_BUF_SIZE
-+#ifdef __ia64__
-+/* On IA-64, the buffer size is 16k, not 8k */
-+#define YY_READ_BUF_SIZE 16384
-+#else
- #define YY_READ_BUF_SIZE 8192
-+#endif /* __ia64__ */
- #endif
-
- /* Copy whatever the last rule matched to the standard output. */
-@@ -6364,7 +6378,7 @@ static int input (void );
- if ( YY_CURRENT_BUFFER_LVALUE->yy_is_interactive ) \
- { \
- int c = '*'; \
-- unsigned n; \
-+ size_t n; \
- for ( n = 0; n < max_size && \
- (c = getc( sfatin )) != EOF && c != '\n'; ++n ) \
- buf[n] = (char) c; \
-@@ -6448,7 +6462,7 @@ YY_DECL
-
- #line 100 "sf_attribute_table_parser.l"
-
--#line 6452 "sf_attribute_table_parser.c"
-+#line 6466 "sf_attribute_table_parser.c"
-
- if ( !(yy_init) )
- {
-@@ -6842,7 +6856,7 @@ YY_RULE_SETUP
- #line 186 "sf_attribute_table_parser.l"
- ECHO;
- YY_BREAK
--#line 6846 "sf_attribute_table_parser.c"
-+#line 6860 "sf_attribute_table_parser.c"
-
- case YY_END_OF_BUFFER:
- {
-@@ -7558,8 +7572,8 @@ YY_BUFFER_STATE sfat_scan_string (yycons
-
- /** Setup the input buffer state to scan the given bytes. The next call to sfatlex() will
- * scan from a @e copy of @a bytes.
-- * @param bytes the byte buffer to scan
-- * @param len the number of bytes in the buffer pointed to by @a bytes.
-+ * @param yybytes the byte buffer to scan
-+ * @param _yybytes_len the number of bytes in the buffer pointed to by @a bytes.
- *
- * @return the newly allocated buffer state object.
- */
diff --git a/package/snort/patches/patch-tools_u2boat_Makefile_in b/package/snort/patches/patch-tools_u2boat_Makefile_in
index 495fab6c8..24fec7746 100644
--- a/package/snort/patches/patch-tools_u2boat_Makefile_in
+++ b/package/snort/patches/patch-tools_u2boat_Makefile_in
@@ -1,6 +1,6 @@
---- snort-2.9.5.orig/tools/u2boat/Makefile.in 2013-06-04 23:21:53.000000000 +0200
-+++ snort-2.9.5/tools/u2boat/Makefile.in 2013-07-17 11:21:52.000000000 +0200
-@@ -256,7 +256,7 @@ top_builddir = @top_builddir@
+--- snort-2.9.14.1.orig/tools/u2boat/Makefile.in 2019-08-02 08:33:42.000000000 +0200
++++ snort-2.9.14.1/tools/u2boat/Makefile.in 2019-10-08 14:35:23.514350918 +0200
+@@ -327,7 +327,7 @@ top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
AUTOMAKE_OPTIONS = foreign
u2boat_SOURCES = u2boat.c u2boat.h
diff --git a/package/snort/patches/patch-tools_u2spewfoo_Makefile_in b/package/snort/patches/patch-tools_u2spewfoo_Makefile_in
index a8f36785d..8583bebb6 100644
--- a/package/snort/patches/patch-tools_u2spewfoo_Makefile_in
+++ b/package/snort/patches/patch-tools_u2spewfoo_Makefile_in
@@ -1,6 +1,6 @@
---- snort-2.9.5.orig/tools/u2spewfoo/Makefile.in 2013-06-04 23:21:54.000000000 +0200
-+++ snort-2.9.5/tools/u2spewfoo/Makefile.in 2013-07-17 11:24:18.000000000 +0200
-@@ -226,7 +226,7 @@ top_builddir = @top_builddir@
+--- snort-2.9.14.1.orig/tools/u2spewfoo/Makefile.in 2019-08-02 08:33:42.000000000 +0200
++++ snort-2.9.14.1/tools/u2spewfoo/Makefile.in 2019-10-08 14:35:23.526351677 +0200
+@@ -298,7 +298,7 @@ top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
AUTOMAKE_OPTIONS = foreign
u2spewfoo_SOURCES = u2spewfoo.c