[pkgsrc/trunk]: pkgsrc/security/libprelude Update to 0.9.18. Changes:

[shannonjr <shannonjr%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/a40aa8027ced
branches:  trunk
changeset: 544868:a40aa8027ced
user:      shannonjr <shannonjr%pkgsrc.org@localhost>
date:      Mon Jul 21 12:10:48 2008 +0000

description:
Update to 0.9.18. Changes:
- Add support for newer GnuTLS 2.2.0 session priority functions. When
the option is available, the user might specify TLS settings through
the "tls-options" configuration entry.
- Workaround a GnuTLS issue where the client wouldn't be able
to negotiate a supported compression protocol with the server (#299).
- Implement variable substitution in Prelude configuration files.
- Allow IDMEF criteria with multiples values for a single path,
as can be seen in the following example:
alert.classification.text = (A || B || C || D)
- Implement negation of idmef-criteria, allowing to write criteria like:
! (alert.classification.text = A || alert.classification.text = B)
- Fix an IDMEF-Criteria matching problem, where the match function would
not attempt to match a OR after multiple consecutive AND that failed.
Thanks Alexander Afonyashin <firm(at)iname.com> for pointing out the
problem.
- Never use non-pointer field, always use the "required" keyword. Fix
API consistency issue, that could lead to unexpected behavior.
- Fix multiples problem with prelude_read_multiline /
prelude_read_multiline2,
(fix a problem with prelude-manager idmef-criteria that wouldn't read
external ruleset).
- Error out if GnuTLS initialization fail.

diffstat:

 security/libprelude/Makefile         |   8 +++-----
 security/libprelude/distinfo         |  10 +++++-----
 security/libprelude/patches/patch-ab |  18 +++++++++---------
 3 files changed, 17 insertions(+), 19 deletions(-)

diffs (67 lines):

diff -r 39ca68062885 -r a40aa8027ced security/libprelude/Makefile
--- a/security/libprelude/Makefile      Mon Jul 21 12:00:07 2008 +0000
+++ b/security/libprelude/Makefile      Mon Jul 21 12:10:48 2008 +0000
@@ -1,10 +1,8 @@
-# $NetBSD: Makefile,v 1.31 2008/06/10 13:57:10 shannonjr Exp $
+# $NetBSD: Makefile,v 1.32 2008/07/21 12:10:48 shannonjr Exp $
 #
-DISTNAME=              libprelude-0.9.17
-PKGREVISION=           1
+DISTNAME=              libprelude-0.9.18
 CATEGORIES=            security
-MASTER_SITES=          http://www.prelude-ids.org/download/releases/ \
-                       http://www.prelude-ids.org/download/releases/old/
+MASTER_SITES=          http://www.prelude-ids.com/download/releases/libprelude/
 
 MAINTAINER=            shannonjr%NetBSD.org@localhost
 HOMEPAGE=              http://www.prelude-ids.org/download/releases/
diff -r 39ca68062885 -r a40aa8027ced security/libprelude/distinfo
--- a/security/libprelude/distinfo      Mon Jul 21 12:00:07 2008 +0000
+++ b/security/libprelude/distinfo      Mon Jul 21 12:10:48 2008 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.23 2008/06/10 13:57:10 shannonjr Exp $
+$NetBSD: distinfo,v 1.24 2008/07/21 12:10:48 shannonjr Exp $
 
-SHA1 (libprelude-0.9.17.tar.gz) = b2f93d3eff67ef8e1a756df6a2adab12ceb8740d
-RMD160 (libprelude-0.9.17.tar.gz) = 08abb60654fd06c376b8023609fb3ea9c804c47c
-Size (libprelude-0.9.17.tar.gz) = 2028451 bytes
+SHA1 (libprelude-0.9.18.tar.gz) = 37f91e6f0dfa4b1ae51bff607ba3b3e37a52fa36
+RMD160 (libprelude-0.9.18.tar.gz) = 7097537e9e0cc8c4b17b9a708d362a815ae48c74
+Size (libprelude-0.9.18.tar.gz) = 2040342 bytes
 SHA1 (patch-aa) = d6674584a7514dc3a57551215a15413d055f3d38
-SHA1 (patch-ab) = 3fa1b01b728cd1210cf22717e2f6c81a3d3b70cc
+SHA1 (patch-ab) = 96418b2ce697bdfef83780e0dbc47d95568d3a16
 SHA1 (patch-ad) = e89900459ed7834801ae22b7a4a711163ec3f86b
 SHA1 (patch-ae) = ec362a79320f8ab189597ddd4641e4718536c629
diff -r 39ca68062885 -r a40aa8027ced security/libprelude/patches/patch-ab
--- a/security/libprelude/patches/patch-ab      Mon Jul 21 12:00:07 2008 +0000
+++ b/security/libprelude/patches/patch-ab      Mon Jul 21 12:10:48 2008 +0000
@@ -1,19 +1,19 @@
-$NetBSD: patch-ab,v 1.2 2007/09/03 13:43:40 shannonjr Exp $
+$NetBSD: patch-ab,v 1.3 2008/07/21 12:10:49 shannonjr Exp $
 
---- src/tls-auth.c.orig        2007-08-23 10:25:39.000000000 -0600
+--- src/tls-auth.c.orig        2008-07-18 08:32:52.000000000 -0600
 +++ src/tls-auth.c
-@@ -189,6 +189,7 @@ int tls_auth_connection(prelude_client_p
+@@ -269,6 +269,7 @@ int tls_auth_connection(prelude_client_p
+         void *cred;
          int ret, fd;
-         void *cred;
          gnutls_session session;
 +      int cipher_list[2];
  
-         ret = prelude_client_profile_get_credentials(cp, &cred);
-         if ( ret < 0 )
-@@ -196,6 +197,9 @@ int tls_auth_connection(prelude_client_p
+         if ( ! priority_set ) {
+                 ret = tls_auth_init_priority(NULL);
+@@ -285,6 +286,9 @@ int tls_auth_connection(prelude_client_p
+                 return prelude_error_verbose(PRELUDE_ERROR_PROFILE, "TLS initialization error: %s", gnutls_strerror(ret));
  
-         gnutls_init(&session, GNUTLS_CLIENT);
-         gnutls_set_default_priority(session);
+         set_default_priority(session);
 +      cipher_list[0] = GNUTLS_CIPHER_AES_128_CBC;
 +      cipher_list[1] = 0;
 +      gnutls_cipher_set_priority (session, cipher_list);