diff options
Diffstat (limited to 'community/suricata/APKBUILD')
-rw-r--r-- | community/suricata/APKBUILD | 81 |
1 files changed, 57 insertions, 24 deletions
diff --git a/community/suricata/APKBUILD b/community/suricata/APKBUILD index 8d278742e20..7b2ed24bd92 100644 --- a/community/suricata/APKBUILD +++ b/community/suricata/APKBUILD @@ -2,19 +2,37 @@ # Contributor: Stuart Cardall <developer at it-offshore dot co.uk> # Maintainer: Steve McMaster <code@mcmaster.io> pkgname=suricata -pkgver=6.0.0 +pkgver=7.0.5 pkgrel=0 pkgdesc="High performance Network IDS, IPS and Network Security Monitoring engine" -url="https://suricata-ids.org/" -# s390x and mips lacks rust support -# ppc64le has missing symbols with luajit and lua -arch="all !s390x !mips !mips64" +url="https://suricata.io/" +arch="all" license="GPL-2.0-only" -makedepends="automake autoconf libtool libhtp-dev>=0.5.25 libcap-ng-dev lz4-dev - file-dev geoip-dev pcre-dev yaml-dev libpcap-dev hiredis-dev nss-dev - libnet-dev libnetfilter_queue-dev libnfnetlink-dev jansson-dev nspr-dev - libnetfilter_log-dev libmaxminddb-dev rust cargo" -depends="py3-yaml python3" +makedepends=" + autoconf + automake + cargo + file-dev + geoip-dev + hiredis-dev + jansson-dev + libbpf-dev + libcap-ng-dev + libhtp-dev + libmaxminddb-dev + libnetfilter_log-dev + libnetfilter_queue-dev + libnet-dev + libnfnetlink-dev + libpcap-dev + lz4-dev + nspr-dev + nss-dev + pcre2-dev + rust + yaml-dev + " +depends="python3 py3-yaml" subpackages="$pkgname-doc $pkgname-openrc" install="$pkgname.post-install" source="https://www.openinfosecfoundation.org/download/suricata-$pkgver.tar.gz @@ -24,30 +42,36 @@ source="https://www.openinfosecfoundation.org/download/suricata-$pkgver.tar.gz 10-nflog.patch " +# secfixes: +# 6.0.4-r0: +# - CVE-2021-37592 +# - CVE-2021-45098 +# 6.0.3-r0: +# - CVE-2021-35063 + case "$CARCH" in - x86|x86_64) - _lua="--enable-luajit" - makedepends="$makedepends luajit-dev hyperscan-dev" ;; - ppc64le) + ppc64le|riscv64) _lua="" ;; *) - _lua="--enable-lua" - makedepends="$makedepends lua5.1-dev" ;; + _lua="--enable-luajit" + makedepends="$makedepends luajit-dev" ;; +esac + +case "$CARCH" in + x86_64|aarch64|ppc64le) + makedepends="$makedepends vectorscan-dev" ;; esac -prepare() { - default_prepare - autoreconf -vif -} build() { - HAVE_PYTHON=/usr/bin/python3 ./configure \ + ./configure \ --build=$CBUILD \ --host=$CHOST \ --prefix=/usr \ --sysconfdir=/etc \ --mandir=/usr/share/man \ --localstatedir=/var \ + --enable-ebpf \ --enable-non-bundled-htp \ --enable-nflog \ --enable-nfqueue \ @@ -62,7 +86,13 @@ build() { } check() { - make check + case "$CARCH" in + ppc64le) + # ppc64le optimizes out FlowGetLastTimeAsParts somehow, causing cargo test to fail + echo "check() disabled on ppc64le" ;; + *) + make check ;; + esac } package() { @@ -78,8 +108,11 @@ package() { mkdir -p "$pkgdir"/etc/$pkgname/rules install -Dm644 "$builddir"/rules/*.rules "$pkgdir"/etc/$pkgname/rules/ } -sha512sums="3c30f6f57c0e8a24992ff2b4ce8ce166d3c0d4b28c8f5e79434d04de9f2016773be01a1689fedfc9e54ff1c8bc9838206bc28f3ff2e47d60102a7016f1062ec3 suricata-6.0.0.tar.gz + +sha512sums=" +4eae28a78e1e9595c7f37215e9cccdf417235eadf3c8a9dc4cb531d7dc3fb353c903154ee745df7a44620d299998b84f15d6db95e5f0562744ff7cbaac398d34 suricata-7.0.5.tar.gz ed7c78a80192f3f3ed433330df323beccb6079b5413289b9e9faa3fceea2c536de93de7372968d8605abd1618d73c9319ee39d86b16eed22e7313c8667252f5d suricata.confd 258c6d60fc878dc1c7b7bf93cc758080050f591084a1edf7f1aac81ccb523c73615716616fedd0269f9ac5ef2fa7adcb3e2cefd714754bac5571e9806b6781be suricata.initd 4f76a35bcde78c9860701897fe19bb84cc46bbc429124c4cb2e94cf3330f00ebe8067c0d7f3f83478e9b95323adb947e5081658f455657c4d03c682abe707534 suricata.logrotate -e0e5a03c9b681bd1b5ac44b450ae896f32c99cd95a9247ad075b5a1428ae2c476d93abc449c20e43ae472edbc0b6a4f00b1b9b022a5eea7bb086fcc0accd42ed 10-nflog.patch" +86f50f1ff75bf54d23b473d272e3d6d0fb17f6ae6686fd2fd6c5d908a80029368a987ee725111f311a48d1a66e11d41978b7c8b5aa76411a9d85a737a7a2f62b 10-nflog.patch +" |