[pkgsrc/trunk]: pkgsrc/security/prelude-lml Update to 0.9.15. Changes since 0...

[hasso <hasso%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/95fcf3bfe213
branches:  trunk
changeset: 398097:95fcf3bfe213
user:      hasso <hasso%pkgsrc.org@localhost>
date:      Sun Aug 23 19:49:27 2009 +0000

description:
Update to 0.9.15. Changes since 0.9.14:

- Make the Prelude-LML UDP server IPv6 compatible.
- Implement 'idmef-alter' and 'idmef-alter-force' option, alloing
  to include static values into IDMEF events generated using a given
  format.
- New PPP/PPTPD/L2TP ruleset, by Alexander Afonyashin <firm <at> iname.com>,
  with slight modification from Pierre Chifflier <p.chifflier <at> inl.fr>.
  Close #340.
- Fix CISCO VPN ruleset so that the 'Authentication rejected' rule will
  trigger even if the 'server' field does not contain a word (fix #328).
- Remove dos-style end-of-lines (Closes #338)
- Fixes possible off by one when parsing variable reference number, and
  remove un-needed check that would always evaluate to TRUE.Thanks
  Steve Grubb <sgrubb <at> redhat.com> for reporting this problem (and
  running flexelint on the Prelude sources)!
- Update for libtool 2.x compatibility.
- This simplify the whole regular expression handling a lot, making the
  code much easier to read, and fixing potential problem with ovector
  assignement. This code should also improve performance by a small
  factor.
- Change CISCO references urls to their new location, add CISCO ASA rule
  to handle discarded tcp or udp packets.
- Various fixes and update.

diffstat:

 security/prelude-lml/Makefile         |  41 +++++++++++++++++++++++++++++-----
 security/prelude-lml/PLIST            |  12 +++++----
 security/prelude-lml/distinfo         |  12 +++++-----
 security/prelude-lml/patches/patch-aa |  17 +------------
 security/prelude-lml/patches/patch-ab |  15 +++++-------
 5 files changed, 56 insertions(+), 41 deletions(-)

diffs (243 lines):

diff -r 4695bd222121 -r 95fcf3bfe213 security/prelude-lml/Makefile
--- a/security/prelude-lml/Makefile     Sun Aug 23 19:18:08 2009 +0000
+++ b/security/prelude-lml/Makefile     Sun Aug 23 19:49:27 2009 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.26 2008/10/18 13:29:28 shannonjr Exp $
+# $NetBSD: Makefile,v 1.27 2009/08/23 19:49:27 hasso Exp $
 #
 
-DISTNAME=              prelude-lml-0.9.14
+DISTNAME=              prelude-lml-0.9.15
 CATEGORIES=            security
 MASTER_SITES=          http://www.prelude-ids.com/download/releases/prelude-lml/ 
 
@@ -22,8 +22,7 @@
 GNU_CONFIGURE=         yes
 USE_TOOLS+=            gmake
 CONFIGURE_ARGS+=       --sysconfdir=${PKG_SYSCONFDIR:Q}
-CONFIGURE_ARGS+=       --with-html-dir=${PREFIX}/share/doc
-CONFIGURE_ARGS+=       --disable-fam
+CONFIGURE_ARGS+=       --html=${PREFIX}/share/doc
 CONFIGURE_ARGS+=       --localstatedir=${VARBASE:Q}
 RCD_SCRIPTS=           preludelml
 PRELUDE_USER?=         _prelude
@@ -38,8 +37,8 @@
 PKG_USERS=             ${PRELUDE_USER}:${PRELUDE_GROUP}
 
 EGDIR=                 ${PREFIX}/share/examples/prelude-lml
-REQD_DIRS=             ${EGDIR}
-MAKE_DIRS+=            ${VARBASE}/prelude-lml PKG_SYSCONFDIR
+REQD_DIRS=             ${EGDIR} ${PKG_SYSCONFDIR}/ruleset
+MAKE_DIRS+=            ${VARBASE}/prelude-lml
 MAKE_DIRS_PERMS+=      ${VARBASE}/prelude-lml  ${PRELUDE_USER} ${PRELUDE_GROUP} 0700
 
 PKG_GECOS.${PRELUDE_USER}=     Prelude IDS
@@ -71,6 +70,7 @@
        apc-emu.rules           \
        arbor.rules             \
        arpwatch.rules          \
+       asterisk.rules          \
        bonding.rules           \
        cacti-thold.rules       \
        checkpoint.rules        \
@@ -85,9 +85,11 @@
        f5-bigip.rules          \
        grsecurity.rules        \
        honeyd.rules            \
+       honeytrap.rules         \
        httpd.rules             \
        ipchains.rules          \
        ipfw.rules              \
+       kojoney.rules           \
        modsecurity.rules       \
        ms-cluster.rules        \
        ms-sql.rules            \
@@ -103,8 +105,10 @@
        pcre.rules              \
        portsentry.rules        \
        postfix.rules           \
+       ppp.rules               \
        proftpd.rules           \
        qpopper.rules           \
+       rishi.rules             \
        selinux.rules           \
        sendmail.rules          \
        shadow-utils.rules      \
@@ -112,8 +116,10 @@
        sonicwall.rules         \
        spamassassin.rules      \
        squid.rules             \
+       su.rules                \
        ssh.rules               \
        sudo.rules              \
+       suhosin.rules           \
        tripwire.rules          \
        vigor.rules             \
        vpopmail.rules          \
@@ -124,9 +130,31 @@
 CONF_FILES+=   ${EGDIR}/ruleset/${f:Q} ${PKG_SYSCONFDIR}/ruleset/${f:Q}
 .endfor
 
+PKG_OPTIONS_VAR=       PKG_OPTIONS.prelude-lml
+PKG_SUPPORTED_OPTIONS= unsupported-rulesets
+
+.include "../../mk/bsd.options.mk"
+
+PLIST_VARS+=           unsupported
+.if !empty(PKG_OPTIONS:Munsupported-rulesets)
+CONFIGURE_ARGS+=       --enable-unsupported-rulesets
+PLIST.unsupported=     yes
+unsupported_ruleset_DATA = \
+       exim.rules              \
+       ipso.rules              \
+       zywall.rules            \
+       zyxel.rules
+.  for f in ${unsupported_ruleset_DATA}
+CONF_FILES+=   ${EGDIR}/ruleset/${f:Q} ${PKG_SYSCONFDIR}/ruleset/${f:Q}
+.  endfor
+.endif
+
 pre-patch:
        ${CP} ${FILESDIR}/run-prelude-lml.c ${WRKSRC}
 
+pre-configure:
+       ${LN} -s ${BUILDLINK_DIR}/lib/libltdl.so ${BUILDLINK_DIR}/lib/libltdlc.so
+
 post-build:
        cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${CC} ${CFLAGS} -o run-prelude-lml run-prelude-lml.c
 
@@ -136,4 +164,5 @@
 
 .include "../../security/libprelude/buildlink3.mk"
 .include "../../devel/pcre/buildlink3.mk"
+.include "../../devel/libltdl/buildlink3.mk"
 .include "../../mk/bsd.pkg.mk"
diff -r 4695bd222121 -r 95fcf3bfe213 security/prelude-lml/PLIST
--- a/security/prelude-lml/PLIST        Sun Aug 23 19:18:08 2009 +0000
+++ b/security/prelude-lml/PLIST        Sun Aug 23 19:49:27 2009 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.12 2009/06/14 18:13:36 joerg Exp $
+@comment $NetBSD: PLIST,v 1.13 2009/08/23 19:49:27 hasso Exp $
 bin/prelude-lml
 include/prelude-lml/prelude-lml.h
 lib/prelude-lml/debug.la
@@ -20,7 +20,6 @@
 share/examples/prelude-lml/ruleset/httpd.rules
 share/examples/prelude-lml/ruleset/ipchains.rules
 share/examples/prelude-lml/ruleset/ipfw.rules
-share/examples/prelude-lml/ruleset/ipso.rules
 share/examples/prelude-lml/ruleset/linksys-wap11.rules
 share/examples/prelude-lml/ruleset/modsecurity.rules
 share/examples/prelude-lml/ruleset/ms-sql.rules
@@ -53,13 +52,10 @@
 share/examples/prelude-lml/ruleset/vpopmail.rules
 share/examples/prelude-lml/ruleset/webmin.rules
 share/examples/prelude-lml/ruleset/wu-ftp.rules
-share/examples/prelude-lml/ruleset/zywall.rules
-share/examples/prelude-lml/ruleset/zyxel.rules
 share/examples/prelude-lml/ruleset/cacti-thold.rules
 share/examples/prelude-lml/ruleset/cisco-asa.rules
 share/examples/prelude-lml/ruleset/cisco-css.rules
 share/examples/prelude-lml/ruleset/cisco-ips.rules
-share/examples/prelude-lml/ruleset/exim.rules
 share/examples/prelude-lml/ruleset/ms-cluster.rules
 share/examples/prelude-lml/ruleset/bonding.rules
 share/examples/prelude-lml/ruleset/cisco-common.rules
@@ -68,4 +64,10 @@
 share/examples/prelude-lml/ruleset/kojoney.rules
 share/examples/prelude-lml/ruleset/rishi.rules
 share/examples/prelude-lml/ruleset/suhosin.rules
+share/examples/prelude-lml/ruleset/ppp.rules
 share/examples/rc.d/preludelml
+
+${PLIST.unsupported}share/examples/prelude-lml/ruleset/exim.rules
+${PLIST.unsupported}share/examples/prelude-lml/ruleset/zywall.rules
+${PLIST.unsupported}share/examples/prelude-lml/ruleset/zyxel.rules
+${PLIST.unsupported}share/examples/prelude-lml/ruleset/ipso.rules
diff -r 4695bd222121 -r 95fcf3bfe213 security/prelude-lml/distinfo
--- a/security/prelude-lml/distinfo     Sun Aug 23 19:18:08 2009 +0000
+++ b/security/prelude-lml/distinfo     Sun Aug 23 19:49:27 2009 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.15 2008/10/18 13:29:28 shannonjr Exp $
+$NetBSD: distinfo,v 1.16 2009/08/23 19:49:28 hasso Exp $
 
-SHA1 (prelude-lml-0.9.14.tar.gz) = 586e9f19eaed2f2ba9d869a5fd7b0e391e0e5a68
-RMD160 (prelude-lml-0.9.14.tar.gz) = 59fbcca565840975d1e8b5c10ae27cfe23f4a033
-Size (prelude-lml-0.9.14.tar.gz) = 819949 bytes
-SHA1 (patch-aa) = 634202846912919004df2dc0b47f3f23b5ed7363
-SHA1 (patch-ab) = 41ecade30abfb985c3dabfbb43b2cf0bd44a6d9d
+SHA1 (prelude-lml-0.9.15.tar.gz) = 96f2f0d029dd75ca047bc0839f14418ddc1b5975
+RMD160 (prelude-lml-0.9.15.tar.gz) = 2dffcf6f4470e78fa0cf911c6ad801074ab1e793
+Size (prelude-lml-0.9.15.tar.gz) = 1018513 bytes
+SHA1 (patch-aa) = 9b7fbb9499b8e2abbf67d548292d8393d0e603fc
+SHA1 (patch-ab) = 31b02ae4bf29d6495268f203e512e5a18d6967ff
 SHA1 (patch-ac) = 0980dcf3d203ad759997bd3d1efb36ea6722a4af
 SHA1 (patch-ad) = ff6978d5975e4a410a8a9206d0a395ada5b4dbdf
diff -r 4695bd222121 -r 95fcf3bfe213 security/prelude-lml/patches/patch-aa
--- a/security/prelude-lml/patches/patch-aa     Sun Aug 23 19:18:08 2009 +0000
+++ b/security/prelude-lml/patches/patch-aa     Sun Aug 23 19:49:27 2009 +0000
@@ -1,20 +1,7 @@
-$NetBSD: patch-aa,v 1.4 2008/04/28 10:54:08 shannonjr Exp $
+$NetBSD: patch-aa,v 1.5 2009/08/23 19:49:28 hasso Exp $
 
 --- configure.orig     2008-04-24 11:48:16.000000000 -0600
 +++ configure
-@@ -34206,10 +34206,10 @@ fi
-   exec_prefix=$exec_prefix_save
- 
- 
--configdir=$SYSCONFDIR/prelude-lml
-+configdir=$SYSCONFDIR
- prelude_lml_conf=$configdir/prelude-lml.conf
- regex_conf=$configdir/plugins.rules
--metadata_dir=$LOCALSTATEDIR/lib/prelude-lml
-+metadata_dir=$LOCALSTATEDIR/prelude-lml
- plugindir=$LIBDIR/prelude-lml
- 
- 
 @@ -34815,6 +34815,8 @@ do
    case $ac_option in
    # Handling of the options.
@@ -23,4 +10,4 @@
 +    exit 0
      ac_cs_recheck=: ;;
    --version | --versio | --versi | --vers | --ver | --ve | --v | -V )
-     echo "$ac_cs_version"; exit ;;
+     $as_echo "$ac_cs_version"; exit ;;
diff -r 4695bd222121 -r 95fcf3bfe213 security/prelude-lml/patches/patch-ab
--- a/security/prelude-lml/patches/patch-ab     Sun Aug 23 19:18:08 2009 +0000
+++ b/security/prelude-lml/patches/patch-ab     Sun Aug 23 19:49:27 2009 +0000
@@ -1,12 +1,11 @@
-$NetBSD: patch-ab,v 1.3 2007/09/05 18:58:41 shannonjr Exp $
+$NetBSD: patch-ab,v 1.4 2009/08/23 19:49:28 hasso Exp $
 
 --- Makefile.in.orig   2007-08-08 09:48:58.000000000 -0600
 +++ Makefile.in
-@@ -872,34 +872,12 @@ uninstall-info: uninstall-info-recursive
-       uninstall uninstall-am uninstall-info-am uninstall-local
+@@ -1285,33 +1285,10 @@
  
  
--install-data-local:
+ install-data-local:
 -      $(INSTALL) -m 700 -d $(DESTDIR)$(metadata_dir)
 -      @if test -f $(DESTDIR)$(configdir)/prelude-lml.conf; then                                               \
 -              echo "********************************************************************************";        \
@@ -30,14 +29,12 @@
 -        else                                                                                                  \
 -              $(INSTALL) -m 600 $(top_srcdir)/plugins.rules $(DESTDIR)$(configdir)/;                          \
 -        fi
-+install-data-local:
 +      $(BSD_INSTALL_DATA) $(top_srcdir)/prelude-lml.conf @EGDIR@
 +      $(BSD_INSTALL_DATA) $(top_srcdir)/plugins.rules @EGDIR@
  
  uninstall-local:
 -      rm -f $(DESTDIR)$(configdir)/prelude-lml.conf;  \
 -      rm -f $(DESTDIR)$(configdir)/plugin.rules;
-+
- # Tell versions [3.59,3.63) of GNU make to not export all variables.
- # Otherwise a system limit (for SysV at least) may be exceeded.
- .NOEXPORT:
+ 
+ dist-hook:
+       @if test -d "$(srcdir)/.git"; then      \