diff options
Diffstat (limited to 'community/suricata/APKBUILD')
-rw-r--r-- | community/suricata/APKBUILD | 95 |
1 files changed, 64 insertions, 31 deletions
diff --git a/community/suricata/APKBUILD b/community/suricata/APKBUILD index de40b811003..27a5df198b4 100644 --- a/community/suricata/APKBUILD +++ b/community/suricata/APKBUILD @@ -1,69 +1,98 @@ +# Contributor: Michael Pirogov <vbnet.ru@gmail.com> # Contributor: Stuart Cardall <developer at it-offshore dot co.uk> # Maintainer: Steve McMaster <code@mcmaster.io> pkgname=suricata -pkgver=4.1.4 -pkgrel=4 +pkgver=7.0.4 +pkgrel=0 pkgdesc="High performance Network IDS, IPS and Network Security Monitoring engine" -url="https://suricata-ids.org/" +url="https://suricata.io/" arch="all" -license="GPL-2.0" -makedepends="automake autoconf libtool libhtp-dev>=0.5.25 libcap-ng-dev lz4-dev - file-dev geoip-dev pcre-dev yaml-dev libpcap-dev hiredis-dev nss-dev - libnet-dev libnetfilter_queue-dev libnfnetlink-dev jansson-dev nspr-dev" -depends="py3-yaml python3" +license="GPL-2.0-only" +makedepends=" + autoconf + automake + cargo + file-dev + geoip-dev + hiredis-dev + jansson-dev + libbpf-dev + libcap-ng-dev + libhtp-dev + libmaxminddb-dev + libnetfilter_log-dev + libnetfilter_queue-dev + libnet-dev + libnfnetlink-dev + libpcap-dev + lz4-dev + nspr-dev + nss-dev + pcre2-dev + rust + yaml-dev + " +depends="python3 py3-yaml" subpackages="$pkgname-doc $pkgname-openrc" install="$pkgname.post-install" source="https://www.openinfosecfoundation.org/download/suricata-$pkgver.tar.gz $pkgname.confd $pkgname.initd $pkgname.logrotate + 10-nflog.patch " -# luajit and rust are not available on some arches -_enable_luajit="" -_enable_rust="" +# secfixes: +# 6.0.4-r0: +# - CVE-2021-37592 +# - CVE-2021-45098 +# 6.0.3-r0: +# - CVE-2021-35063 case "$CARCH" in - aarch64|armhf|armv7|ppc64le|x86|x86_64) - makedepends="$makedepends luajit-dev cargo" - _enable_luajit="--enable-luajit" - _enable_rust="--enable-rust" - ;; - s390x) - makedepends="$makedepends" - ;; + ppc64le|riscv64) + _lua="" ;; *) - makedepends="$makedepends luajit-dev" - _enable_luajit="--enable-luajit" - ;; + _lua="--enable-luajit" + makedepends="$makedepends luajit-dev" ;; +esac + +case "$CARCH" in + x86_64|aarch64|ppc64le) + makedepends="$makedepends vectorscan-dev" ;; esac -prepare() { - autoreconf -vif -} build() { - HAVE_PYTHON=/usr/bin/python3 ./configure \ + ./configure \ --build=$CBUILD \ --host=$CHOST \ --prefix=/usr \ --sysconfdir=/etc \ --mandir=/usr/share/man \ --localstatedir=/var \ + --enable-ebpf \ --enable-non-bundled-htp \ + --enable-nflog \ --enable-nfqueue \ --disable-gccmarch-native \ --enable-hiredis \ --enable-geoip \ --enable-gccprotect \ --enable-pie \ - $_enable_luajit \ - $_enable_rust + "$_lua" \ + --enable-rust make } check() { - make check + case "$CARCH" in + ppc64le) + # ppc64le optimizes out FlowGetLastTimeAsParts somehow, causing cargo test to fail + echo "check() disabled on ppc64le" ;; + *) + make check ;; + esac } package() { @@ -79,7 +108,11 @@ package() { mkdir -p "$pkgdir"/etc/$pkgname/rules install -Dm644 "$builddir"/rules/*.rules "$pkgdir"/etc/$pkgname/rules/ } -sha512sums="5eca09731cc7446c8d70018f1f16dfbb6a6aaed32b2c4d6a0a6f4f094012af9f3bcdc49a3fe1ff61a24c3f1d363f30b06ca74b3920ffc5452c94677a026a561c suricata-4.1.4.tar.gz + +sha512sums=" +098364a5f0b2c14bf3a0c8895ec9c94a23edd990468f618fa35181c54405be6db012a6e97981e0024140864342764df97101be73308c835d6fabf6cd98a7ffc3 suricata-7.0.4.tar.gz ed7c78a80192f3f3ed433330df323beccb6079b5413289b9e9faa3fceea2c536de93de7372968d8605abd1618d73c9319ee39d86b16eed22e7313c8667252f5d suricata.confd 258c6d60fc878dc1c7b7bf93cc758080050f591084a1edf7f1aac81ccb523c73615716616fedd0269f9ac5ef2fa7adcb3e2cefd714754bac5571e9806b6781be suricata.initd -4f76a35bcde78c9860701897fe19bb84cc46bbc429124c4cb2e94cf3330f00ebe8067c0d7f3f83478e9b95323adb947e5081658f455657c4d03c682abe707534 suricata.logrotate" +4f76a35bcde78c9860701897fe19bb84cc46bbc429124c4cb2e94cf3330f00ebe8067c0d7f3f83478e9b95323adb947e5081658f455657c4d03c682abe707534 suricata.logrotate +86f50f1ff75bf54d23b473d272e3d6d0fb17f6ae6686fd2fd6c5d908a80029368a987ee725111f311a48d1a66e11d41978b7c8b5aa76411a9d85a737a7a2f62b 10-nflog.patch +" |