commit:     c35f490c5944f47bdcc633d70056ee8f433c3a44
Author:     Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Mon Jun 11 14:02:10 2018 +0000
Commit:     Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Mon Jun 11 14:04:06 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c35f490c

net-analyzer/suricata: bump to 4.0.4 + fix Lua USE flags

Invoking maintainer timeout on both issues.

Closes: https://bugs.gentoo.org/652344
Package-Manager: Portage-2.3.40, Repoman-2.3.9

 net-analyzer/suricata/Manifest                     |   1 +
 .../files/suricata-4.0.4_configure-lua-flags.patch |  16 ++
 net-analyzer/suricata/suricata-4.0.4.ebuild        | 168 +++++++++++++++++++++
 3 files changed, 185 insertions(+)

diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index b3ab446f9d9..cc70d0f7283 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1 +1,2 @@
 DIST suricata-4.0.3.tar.gz 12392388 BLAKE2B 
9b6338b343ff85f070d61608ff9dc7f25df868fdffbc13b5a8d245cb3db5cd757cb1785c827c388653b2f8a7977129259671900bc1abfebeb878a668b4058bdf
 SHA512 
aa6b6d1ae86efad0184ba4fa06375f34334e07c22b7b1f82bf17fcb0ae48ad7f867bced57ab4f713de01583965e1260cb82e1355f78002071b689dddd3b53892
+DIST suricata-4.0.4.tar.gz 12511121 BLAKE2B 
d9dfb00a45c2e9810409a8ce91a83e23ebce20eb28492bf24f9688d292b5805dca932c39cc673cf1148325fe5ef7936dda7f6c7819605753cb2e2ddc1cf5dba0
 SHA512 
6e158aa6d3edb9d11e0df3f986392ee2ae49ab4dfb978288ced4484dbe5c08ae061db2a566be6d22cf14bd0b88f87f9cb9c0a657d7fc44e099b8783d933c771e

diff --git 
a/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch 
b/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch
new file mode 100644
index 00000000000..bad66359afa
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch
@@ -0,0 +1,16 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -1749,11 +1749,11 @@
+   # liblua
+     AC_ARG_ENABLE(lua,
+               AS_HELP_STRING([--enable-lua],[Enable Lua support]),
+-              [ enable_lua="yes"],
++              [],
+               [ enable_lua="no"])
+     AC_ARG_ENABLE(luajit,
+               AS_HELP_STRING([--enable-luajit],[Enable Luajit support]),
+-              [ enable_luajit="yes"],
++              [],
+               [ enable_luajit="no"])
+     if test "$enable_lua" = "yes"; then
+         if test "$enable_luajit" = "yes"; then

diff --git a/net-analyzer/suricata/suricata-4.0.4.ebuild 
b/net-analyzer/suricata/suricata-4.0.4.ebuild
new file mode 100644
index 00000000000..2622dccdb3b
--- /dev/null
+++ b/net-analyzer/suricata/suricata-4.0.4.ebuild
@@ -0,0 +1,168 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=5
+
+inherit autotools eutils user
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring 
engine"
+HOMEPAGE="https://suricata-ids.org/";
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz";
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate 
lua luajit nflog +nfqueue redis +rules test"
+
+DEPEND="
+       >=dev-libs/jansson-2.2
+       dev-libs/libpcre
+       dev-libs/libyaml
+       net-libs/libnet:*
+       net-libs/libnfnetlink
+       dev-libs/nspr
+       dev-libs/nss
+       >=net-libs/libhtp-0.5.20
+       net-libs/libpcap
+       sys-apps/file
+       cuda?       ( dev-util/nvidia-cuda-toolkit )
+       geoip?      ( dev-libs/geoip )
+       lua?        ( dev-lang/lua:* )
+       luajit?     ( dev-lang/luajit:* )
+       nflog?      ( net-libs/libnetfilter_log )
+       nfqueue?    ( net-libs/libnetfilter_queue )
+       redis?      ( dev-libs/hiredis )
+       logrotate?      ( app-admin/logrotate )
+       sys-libs/libcap-ng
+"
+# #446814
+#      prelude?    ( dev-libs/libprelude )
+#      pfring?     ( sys-process/numactl net-libs/pf_ring)
+RDEPEND="${DEPEND}"
+
+pkg_setup() {
+       enewgroup ${PN}
+       enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
+}
+
+src_prepare() {
+       epatch "${FILESDIR}"/${P}_configure-lua-flags.patch
+       eautoreconf
+}
+
+src_configure() {
+       local myeconfargs=(
+               "--localstatedir=/var/" \
+               "--enable-non-bundled-htp" \
+               $(use_enable af-packet) \
+               $(use_enable detection) \
+               $(use_enable nfqueue) \
+               $(use_enable test coccinelle) \
+               $(use_enable test unittests) \
+               $(use_enable control-socket unix-socket)
+       )
+
+       if use cuda ; then
+               myeconfargs+=( $(use_enable cuda) )
+       fi
+       if use geoip ; then
+               myeconfargs+=( $(use_enable geoip) )
+       fi
+       if use hardened ; then
+               myeconfargs+=( $(use_enable hardened gccprotect) )
+       fi
+       if use nflog ; then
+               myeconfargs+=( $(use_enable nflog) )
+       fi
+       if use redis ; then
+               myeconfargs+=( $(use_enable redis hiredis) )
+       fi
+       # not supported yet (no pfring in portage)
+#      if use pfring ; then
+#              myeconfargs+=( $(use_enable pfring) )
+#      fi
+       # no libprelude in portage
+#      if use prelude ; theng
+#              myeconfargs+=( $(use_enable prelude) )
+#      fi
+       if use lua ; then
+               myeconfargs+=( $(use_enable lua) )
+       fi
+       if use luajit ; then
+               myeconfargs+=( $(use_enable luajit) )
+       fi
+       if (use !lua) && (use !luajit) ; then
+               myeconfargs+=(
+                       --disable-lua
+                       --disable-luajit
+               )
+       fi
+
+# this should be used when pf_ring use flag support will be added
+#      LIBS+="-lrt -lnuma"
+
+       # avoid upstream configure script trying to add -march=native to CFLAGS
+       myeconfargs+=( --enable-gccmarch-native=no )
+
+       if use debug ; then
+               myeconfargs+=( $(use_enable debug) )
+               # so we can get a backtrace according to "reporting bugs" on 
upstream web site
+               CFLAGS="-ggdb -O0" econf LIBS="${LIBS}" ${myeconfargs[@]}
+       else
+               econf LIBS="${LIBS}" ${myeconfargs[@]}
+       fi
+}
+
+src_install() {
+       emake DESTDIR="${D}" install
+
+       insinto "/etc/${PN}"
+       doins {classification,reference,threshold}.config suricata.yaml
+
+       if use rules ; then
+               insinto "/etc/${PN}/rules"
+               doins rules/*.rules
+       fi
+
+       dodir "/var/lib/${PN}"
+       dodir "/var/log/${PN}"
+
+       fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+       fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+
+       newinitd "${FILESDIR}/${PN}-4.0.3-init" ${PN}
+       newconfd "${FILESDIR}/${PN}-4.0.3-conf" ${PN}
+
+       if use logrotate; then
+               insopts -m0644
+               insinto /etc/logrotate.d
+               newins "${FILESDIR}"/${PN}-logrotate ${PN}
+       fi
+}
+
+pkg_postinst() {
+       elog "The ${PN} init script expects to find the path to the 
configuration"
+       elog "file as well as extra options in /etc/conf.d."
+       elog ""
+       elog "To create more than one ${PN} service, simply create a new .yaml 
file for it"
+       elog "then create a symlink to the init script from a link called"
+       elog "${PN}.foo - like so"
+       elog "   cd /etc/${PN}"
+       elog "   ${EDITOR##*/} suricata-foo.yaml"
+       elog "   cd /etc/init.d"
+       elog "   ln -s ${PN} ${PN}.foo"
+       elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible 
options for foo."
+       elog ""
+       elog "You can create as many ${PN}.foo* services as you wish."
+
+       if use logrotate; then
+               elog "You enabled the logrotate USE flag. Please make sure you 
correctly set up the ${PN} logrotate config file in /etc/logrotate.d/."
+       fi
+
+       if use debug; then
+               elog "You enabled the debug USE flag. Please read this link to 
report bugs upstream:"
+               elog 
"https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs";
+               elog "You need to also ensure the FEATURES variable in 
make.conf contains the"
+               elog "'nostrip' option to produce useful core dumps or back 
traces."
+       fi
+}

Reply via email to