UPDATE: net/snort 2.9.14

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

UPDATE: net/snort 2.9.14

Lawrence Teo-7
This updates Snort to 2.9.14.

https://blog.snort.org/2019/07/snort-29140-has-been-released.html

ok?

snort-2.9.14.diff (2K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: UPDATE: net/snort 2.9.14

Aaron Bieber-2
On Fri, 19 Jul 2019 at 22:01:53 -0400, Lawrence Teo wrote:
> This updates Snort to 2.9.14.
>
> https://blog.snort.org/2019/07/snort-29140-has-been-released.html
>
> ok?

Builds and runs fine here! When I start it with "-d" I see:

snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_GetCFA'
snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_DeleteException'
snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_SetGR'
snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_SetIP'
snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_RaiseException'

I think this might be a combo of the packages / snapshot I have. I will update
and report back.

If you aren't seeing the undefined symbols, OK abieber@

> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/net/snort/Makefile,v
> retrieving revision 1.103
> diff -u -p -r1.103 Makefile
> --- Makefile 12 Jul 2019 20:48:49 -0000 1.103
> +++ Makefile 19 Jul 2019 20:17:17 -0000
> @@ -2,8 +2,8 @@
>  
>  COMMENT = highly flexible sniffer/NIDS
>  
> -DISTNAME = snort-2.9.13
> -RULESV = 29130
> +DISTNAME = snort-2.9.14
> +RULESV = 29140
>  SUBST_VARS = RULESV
>  
>  CATEGORIES = net security
> Index: distinfo
> ===================================================================
> RCS file: /cvs/ports/net/snort/distinfo,v
> retrieving revision 1.39
> diff -u -p -r1.39 distinfo
> --- distinfo 2 Jun 2019 02:07:44 -0000 1.39
> +++ distinfo 19 Jul 2019 20:17:52 -0000
> @@ -1,2 +1,2 @@
> -SHA256 (snort-2.9.13.tar.gz) = MURzk9FShrhIgQ3XirLLOtIx/NHxZj+VlYdpDu6nVBM=
> -SIZE (snort-2.9.13.tar.gz) = 6553425
> +SHA256 (snort-2.9.14.tar.gz) = wDBtuc5k9FzHxkya/HCr6WidqoYAIDRew7oJmSi3Rks=
> +SIZE (snort-2.9.14.tar.gz) = 6688482
> Index: patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c
> ===================================================================
> RCS file: /cvs/ports/net/snort/patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c,v
> retrieving revision 1.7
> diff -u -p -r1.7 patch-src_preprocessors_Stream6_snort_stream_tcp_c
> --- patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c 2 Jun 2019 02:07:44 -0000 1.7
> +++ patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c 19 Jul 2019 20:18:18 -0000
> @@ -2,7 +2,7 @@ $OpenBSD: patch-src_preprocessors_Stream
>  Index: src/preprocessors/Stream6/snort_stream_tcp.c
>  --- src/preprocessors/Stream6/snort_stream_tcp.c.orig
>  +++ src/preprocessors/Stream6/snort_stream_tcp.c
> -@@ -8562,7 +8562,7 @@ static int ProcessTcp(SessionControlBlock *scb, Packet
> +@@ -8575,7 +8575,7 @@ static int ProcessTcp(SessionControlBlock *scb, Packet
>                           char src_addr[17];
>                           char dst_addr[17];
>                           memset((char *)timestamp, 0, TIMEBUF_SIZE);


--
PGP: 0x1F81112D62A9ADCE / 3586 3350 BFEA C101 DB1A  4AF0 1F81 112D 62A9 ADCE

Reply | Threaded
Open this post in threaded view
|

Re: UPDATE: net/snort 2.9.14

Lawrence Teo-7
On Sun, Jul 21, 2019 at 11:38:06PM -0600, Aaron Bieber wrote:

> On Fri, 19 Jul 2019 at 22:01:53 -0400, Lawrence Teo wrote:
> > This updates Snort to 2.9.14.
> >
> > https://blog.snort.org/2019/07/snort-29140-has-been-released.html
> >
> > ok?
>
> Builds and runs fine here! When I start it with "-d" I see:
>
> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_GetCFA'
> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_DeleteException'
> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_SetGR'
> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_SetIP'
> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_RaiseException'
>
> I think this might be a combo of the packages / snapshot I have. I will update
> and report back.
>
> If you aren't seeing the undefined symbols, OK abieber@
Thanks for testing!

It looks like those Unwind errors are due to libsf_appid_preproc.so
which links against luajit, which in turn needs access to libunwind
symbols.

I found another port games/tome4 that had the same issue.  In that port
the issue was resolved by linking against libc++abi (in
games/tome4/patches/lld-linking).

Here's an updated diff that does the same thing for
libsf_appid_preproc.so.  I made it link against libc++abi in
src/dynamic-preprocessors/appid/Makefile.in.   I'm not certain that that
is the right place to fix it, but it does resolve those errors for me.

snort-2.9.14.20190722-2151.diff (3K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: UPDATE: net/snort 2.9.14

Aaron Bieber-2
Fixes it for me! Need to also regen WANTLIB, then OK abiener@

PGP: 0x1F81112D62A9ADCE / 3586 3350 BFEA C101 DB1A 4AF0 1F81 112D 62A9 ADCE

> On Jul 22, 2019, at 9:13 PM, Lawrence Teo <[hidden email]> wrote:
>
> ´╗┐On Sun, Jul 21, 2019 at 11:38:06PM -0600, Aaron Bieber wrote:
>>> On Fri, 19 Jul 2019 at 22:01:53 -0400, Lawrence Teo wrote:
>>> This updates Snort to 2.9.14.
>>>
>>> https://blog.snort.org/2019/07/snort-29140-has-been-released.html
>>>
>>> ok?
>>
>> Builds and runs fine here! When I start it with "-d" I see:
>>
>> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_GetCFA'
>> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_DeleteException'
>> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_SetGR'
>> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_SetIP'
>> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_RaiseException'
>>
>> I think this might be a combo of the packages / snapshot I have. I will update
>> and report back.
>>
>> If you aren't seeing the undefined symbols, OK abieber@
>
> Thanks for testing!
>
> It looks like those Unwind errors are due to libsf_appid_preproc.so
> which links against luajit, which in turn needs access to libunwind
> symbols.
>
> I found another port games/tome4 that had the same issue.  In that port
> the issue was resolved by linking against libc++abi (in
> games/tome4/patches/lld-linking).
>
> Here's an updated diff that does the same thing for
> libsf_appid_preproc.so.  I made it link against libc++abi in
> src/dynamic-preprocessors/appid/Makefile.in.   I'm not certain that that
> is the right place to fix it, but it does resolve those errors for me.
> <snort-2.9.14.20190722-2151.diff>
Reply | Threaded
Open this post in threaded view
|

Re: UPDATE: net/snort 2.9.14

Lawrence Teo-7
On Mon, Jul 22, 2019 at 09:41:21PM -0600, Aaron Bieber wrote:
> Fixes it for me! Need to also regen WANTLIB, then OK abiener@

Great, thanks!  Here is the updated diff with the regenerated WANTLIB.

Markus, is this ok with you too?


> > On Jul 22, 2019, at 9:13 PM, Lawrence Teo <[hidden email]> wrote:
> >
> > ???On Sun, Jul 21, 2019 at 11:38:06PM -0600, Aaron Bieber wrote:
> >>> On Fri, 19 Jul 2019 at 22:01:53 -0400, Lawrence Teo wrote:
> >>> This updates Snort to 2.9.14.
> >>>
> >>> https://blog.snort.org/2019/07/snort-29140-has-been-released.html
> >>>
> >>> ok?
> >>
> >> Builds and runs fine here! When I start it with "-d" I see:
> >>
> >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_GetCFA'
> >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_DeleteException'
> >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_SetGR'
> >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_SetIP'
> >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_RaiseException'
> >>
> >> I think this might be a combo of the packages / snapshot I have. I will update
> >> and report back.
> >>
> >> If you aren't seeing the undefined symbols, OK abieber@
> >
> > Thanks for testing!
> >
> > It looks like those Unwind errors are due to libsf_appid_preproc.so
> > which links against luajit, which in turn needs access to libunwind
> > symbols.
> >
> > I found another port games/tome4 that had the same issue.  In that port
> > the issue was resolved by linking against libc++abi (in
> > games/tome4/patches/lld-linking).
> >
> > Here's an updated diff that does the same thing for
> > libsf_appid_preproc.so.  I made it link against libc++abi in
> > src/dynamic-preprocessors/appid/Makefile.in.   I'm not certain that that
> > is the right place to fix it, but it does resolve those errors for me.
> > <snort-2.9.14.20190722-2151.diff>

snort-2.9.14.20190723-1218.diff (4K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: UPDATE: net/snort 2.9.14

Markus Lude-3
On Tue, Jul 23, 2019 at 12:23:02PM -0400, Lawrence Teo wrote:
> On Mon, Jul 22, 2019 at 09:41:21PM -0600, Aaron Bieber wrote:
> > Fixes it for me! Need to also regen WANTLIB, then OK abiener@
>
> Great, thanks!  Here is the updated diff with the regenerated WANTLIB.
>
> Markus, is this ok with you too?

Hi Lawrence, Hi Aaron,

I haven't got those undefined symbol messages here so far.
As the fix seems to fix those, I'm fine with it.

Thank you!

Regards
Markus

> > > On Jul 22, 2019, at 9:13 PM, Lawrence Teo <[hidden email]> wrote:
> > >
> > > ???On Sun, Jul 21, 2019 at 11:38:06PM -0600, Aaron Bieber wrote:
> > >>> On Fri, 19 Jul 2019 at 22:01:53 -0400, Lawrence Teo wrote:
> > >>> This updates Snort to 2.9.14.
> > >>>
> > >>> https://blog.snort.org/2019/07/snort-29140-has-been-released.html
> > >>>
> > >>> ok?
> > >>
> > >> Builds and runs fine here! When I start it with "-d" I see:
> > >>
> > >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_GetCFA'
> > >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_DeleteException'
> > >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_SetGR'
> > >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_SetIP'
> > >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_RaiseException'
> > >>
> > >> I think this might be a combo of the packages / snapshot I have. I will update
> > >> and report back.
> > >>
> > >> If you aren't seeing the undefined symbols, OK abieber@
> > >
> > > Thanks for testing!
> > >
> > > It looks like those Unwind errors are due to libsf_appid_preproc.so
> > > which links against luajit, which in turn needs access to libunwind
> > > symbols.
> > >
> > > I found another port games/tome4 that had the same issue.  In that port
> > > the issue was resolved by linking against libc++abi (in
> > > games/tome4/patches/lld-linking).
> > >
> > > Here's an updated diff that does the same thing for
> > > libsf_appid_preproc.so.  I made it link against libc++abi in
> > > src/dynamic-preprocessors/appid/Makefile.in.   I'm not certain that that
> > > is the right place to fix it, but it does resolve those errors for me.
> > > <snort-2.9.14.20190722-2151.diff>

> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/net/snort/Makefile,v
> retrieving revision 1.103
> diff -u -p -r1.103 Makefile
> --- Makefile 12 Jul 2019 20:48:49 -0000 1.103
> +++ Makefile 23 Jul 2019 13:50:47 -0000
> @@ -2,8 +2,8 @@
>
>  COMMENT = highly flexible sniffer/NIDS
>
> -DISTNAME = snort-2.9.13
> -RULESV = 29130
> +DISTNAME = snort-2.9.14
> +RULESV = 29140
>  SUBST_VARS = RULESV
>
>  CATEGORIES = net security
> @@ -15,7 +15,8 @@ MAINTAINER = Markus Lude <markus.lude@g
>  # GPLv2
>  PERMIT_PACKAGE = Yes
>
> -WANTLIB = c crypto daq dnet luajit-5.1 lzma m nghttp2 pcap pcre pthread z
> +WANTLIB += c c++abi crypto daq dnet luajit-5.1 lzma m nghttp2
> +WANTLIB += pcap pcre pthread z
>
>  MASTER_SITES = https://www.snort.org/downloads/snort/
>
> Index: distinfo
> ===================================================================
> RCS file: /cvs/ports/net/snort/distinfo,v
> retrieving revision 1.39
> diff -u -p -r1.39 distinfo
> --- distinfo 2 Jun 2019 02:07:44 -0000 1.39
> +++ distinfo 19 Jul 2019 20:17:52 -0000
> @@ -1,2 +1,2 @@
> -SHA256 (snort-2.9.13.tar.gz) = MURzk9FShrhIgQ3XirLLOtIx/NHxZj+VlYdpDu6nVBM=
> -SIZE (snort-2.9.13.tar.gz) = 6553425
> +SHA256 (snort-2.9.14.tar.gz) = wDBtuc5k9FzHxkya/HCr6WidqoYAIDRew7oJmSi3Rks=
> +SIZE (snort-2.9.14.tar.gz) = 6688482
> Index: patches/patch-src_dynamic-preprocessors_appid_Makefile_in
> ===================================================================
> RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_appid_Makefile_in,v
> retrieving revision 1.2
> diff -u -p -r1.2 patch-src_dynamic-preprocessors_appid_Makefile_in
> --- patches/patch-src_dynamic-preprocessors_appid_Makefile_in 2 Jun 2019 02:07:44 -0000 1.2
> +++ patches/patch-src_dynamic-preprocessors_appid_Makefile_in 23 Jul 2019 01:51:20 -0000
> @@ -1,14 +1,19 @@
>  $OpenBSD: patch-src_dynamic-preprocessors_appid_Makefile_in,v 1.2 2019/06/02 02:07:44 lteo Exp $
> +
> +libsf_appid_preproc.so needs to link against libc++abi so that luajit can access
> +libunwind symbols.
>
>  Index: src/dynamic-preprocessors/appid/Makefile.in
>  --- src/dynamic-preprocessors/appid/Makefile.in.orig
>  +++ src/dynamic-preprocessors/appid/Makefile.in
> -@@ -586,7 +586,7 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \
> +@@ -586,8 +586,8 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \
>   $(APPID_SRC_DIR)/util/sfutil.c $(APPID_SRC_DIR)/util/sfutil.h
>   dynamicpreprocessordir = ${libdir}/snort_dynamicpreprocessor
>   dynamicpreprocessor_LTLIBRARIES = libsf_appid_preproc.la
>  -libsf_appid_preproc_la_LDFLAGS = -export-dynamic -module @XCCFLAGS@
> +-@SO_WITH_STATIC_LIB_FALSE@libsf_appid_preproc_la_LIBADD = $(LUA_LIBS)
>  +libsf_appid_preproc_la_LDFLAGS = -export-dynamic -module -avoid-version @XCCFLAGS@
> - @SO_WITH_STATIC_LIB_FALSE@libsf_appid_preproc_la_LIBADD = $(LUA_LIBS)
> ++@SO_WITH_STATIC_LIB_FALSE@libsf_appid_preproc_la_LIBADD = $(LUA_LIBS) -lc++abi
>   @SO_WITH_STATIC_LIB_TRUE@libsf_appid_preproc_la_LIBADD = ../libsf_dynamic_preproc.la ../libsf_dynamic_utils.la $(LUA_LIBS)
>   @SO_WITH_STATIC_LIB_FALSE@nodist_libsf_appid_preproc_la_SOURCES = \
> + @SO_WITH_STATIC_LIB_FALSE@../include/sf_dynamic_preproc_lib.c \
> Index: patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c
> ===================================================================
> RCS file: /cvs/ports/net/snort/patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c,v
> retrieving revision 1.7
> diff -u -p -r1.7 patch-src_preprocessors_Stream6_snort_stream_tcp_c
> --- patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c 2 Jun 2019 02:07:44 -0000 1.7
> +++ patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c 19 Jul 2019 20:18:18 -0000
> @@ -2,7 +2,7 @@ $OpenBSD: patch-src_preprocessors_Stream
>  Index: src/preprocessors/Stream6/snort_stream_tcp.c
>  --- src/preprocessors/Stream6/snort_stream_tcp.c.orig
>  +++ src/preprocessors/Stream6/snort_stream_tcp.c
> -@@ -8562,7 +8562,7 @@ static int ProcessTcp(SessionControlBlock *scb, Packet
> +@@ -8575,7 +8575,7 @@ static int ProcessTcp(SessionControlBlock *scb, Packet
>                           char src_addr[17];
>                           char dst_addr[17];
>                           memset((char *)timestamp, 0, TIMEBUF_SIZE);