Page MenuHomeFreeBSD
Differential D22114

Unbreak security/snort3
AbandonedPublic
Actions

Authored by dvl on Oct 22 2019, 6:22 PM.
Tags
None
Referenced Files
Unknown Object (File)
Nov 9 2024, 9:31 AM
Unknown Object (File)
Nov 5 2024, 3:41 AM
Unknown Object (File)
Oct 19 2024, 2:08 AM
Unknown Object (File)
Oct 4 2024, 11:58 AM
Unknown Object (File)
Oct 2 2024, 9:02 PM
Unknown Object (File)
Sep 24 2024, 9:12 AM
Unknown Object (File)
Sep 22 2024, 8:16 AM
Unknown Object (File)
Sep 22 2024, 1:51 AM
View All 60 Files
Subscribers
mat

Details

Reviewers
bofh
Commits
rP515856: net/libdaq: Update version 3.0.0-alpha2=>3.0.0-alpha3
Summary

security/snort3 is broken, let's try newer version

... this is superceded by D24263

Test Plan

The current fail is:

FAILED: src/network_inspectors/rna/CMakeFiles/rna.dir/rna_logger.cc.o 
/usr/local/libexec/ccache/c++  -DHAVE_CONFIG_H -Dinline=inline -Drestrict=__restrict -I/wrkdirs/usr/ports/security/snort3/work/snort3-3.0.0-262/src/network_inspectors -I/wrkdirs/usr/ports/security/snort3/work/snort3-3.0.0-262/src -I/usr/local/include/luajit-2.0 -I. -I/wrkdirs/usr/ports/security/snort3/work/snort3-3.0.0-262 -O2 -pipe -DLIBICONV_PLUG -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing  -DLIBICONV_PLUG -isystem /usr/local/include  -fvisibility=hidden   -DNDEBUG    -O2 -pipe -DLIBICONV_PLUG -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing  -DLIBICONV_PLUG -isystem /usr/local/include   -std=c++11 -MD -MT src/network_inspectors/rna/CMakeFiles/rna.dir/rna_logger.cc.o -MF src/network_inspectors/rna/CMakeFiles/rna.dir/rna_logger.cc.o.d -o src/network_inspectors/rna/CMakeFiles/rna.dir/rna_logger.cc.o -c /wrkdirs/usr/ports/security/snort3/work/snort3-3.0.0-262/src/network_inspectors/rna/rna_logger.cc
/wrkdirs/usr/ports/security/snort3/work/snort3-3.0.0-262/src/network_inspectors/rna/rna_logger.cc:46:63: error: no member named 's6_addr32' in 'in6_addr'
    if ( src_ip and (!IN6_IS_ADDR_V4MAPPED(src_ip) or src_ip->s6_addr32[3]) )
                                                      ~~~~~~  ^
1 error generated.

and:

FAILED: src/network_inspectors/rna/CMakeFiles/rna.dir/rna_pnd.cc.o 
/usr/local/libexec/ccache/c++  -DHAVE_CONFIG_H -Dinline=inline -Drestrict=__restrict -I/wrkdirs/usr/ports/security/snort3/work/snort3-3.0.0-262/src/network_inspectors -I/wrkdirs/usr/ports/security/snort3/work/snort3-3.0.0-262/src -I/usr/local/include/luajit-2.0 -I. -I/wrkdirs/usr/ports/security/snort3/work/snort3-3.0.0-262 -O2 -pipe -DLIBICONV_PLUG -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing  -DLIBICONV_PLUG -isystem /usr/local/include  -fvisibility=hidden   -DNDEBUG    -O2 -pipe -DLIBICONV_PLUG -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing  -DLIBICONV_PLUG -isystem /usr/local/include   -std=c++11 -MD -MT src/network_inspectors/rna/CMakeFiles/rna.dir/rna_pnd.cc.o -MF src/network_inspectors/rna/CMakeFiles/rna.dir/rna_pnd.cc.o.d -o src/network_inspectors/rna/CMakeFiles/rna.dir/rna_pnd.cc.o -c /wrkdirs/usr/ports/security/snort3/work/snort3-3.0.0-262/src/network_inspectors/rna/rna_pnd.cc
/wrkdirs/usr/ports/security/snort3/work/snort3-3.0.0-262/src/network_inspectors/rna/rna_pnd.cc:73:33: error: member reference base type 'const uint32_t' (aka 'const unsigned int') is not a structure or union
        if ( !src->is_set() and IN6_IS_ADDR_MULTICAST(dst->get_ip6_ptr()) and
                                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/include/netinet6/in6.h:304:38: note: expanded from macro 'IN6_IS_ADDR_MULTICAST'
#define IN6_IS_ADDR_MULTICAST(a)        ((a)->s6_addr[0] == 0xff)
                                         ~~~^ ~~~~~~~
/wrkdirs/usr/ports/security/snort3/work/snort3-3.0.0-262/src/network_inspectors/rna/rna_pnd.cc:138:10: error: member reference base type 'const uint32_t' (aka 'const unsigned int') is not a structure or union
    if ( IN6_IS_ADDR_MULTICAST(ip_api.get_dst()->get_ip6_ptr()) )
         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/include/netinet6/in6.h:304:38: note: expanded from macro 'IN6_IS_ADDR_MULTICAST'
#define IN6_IS_ADDR_MULTICAST(a)        ((a)->s6_addr[0] == 0xff)
                                         ~~~^ ~~~~~~~
2 errors generated.

I do not know if this is an upstream error or if I am doing something incorrectly.

Diff Detail

Repository
rP FreeBSD ports repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

dvl created this revision.Oct 22 2019, 6:22 PM
Herald added a subscriber: mat. · View Herald TranscriptOct 22 2019, 6:22 PM
Harbormaster completed remote builds in B27157: Diff 63551.Oct 22 2019, 6:22 PM
dvl edited the test plan for this revision. (Show Details)Oct 22 2019, 6:23 PM
dvl edited the test plan for this revision. (Show Details)
dvl edited the test plan for this revision. (Show Details)Oct 22 2019, 6:26 PM
bofh requested changes to this revision.Oct 28 2019, 12:03 PM

Hi @dvl ,
Are you sure that snort3 builds after properly with these changes? So far in my system it doesn't build. For your reference please check the following:
http://pdr.bofh.network/data/latest-per-pkg/snort3/3.0.0.262,1/

I am committing libdaq for now. And will look more into it to fix it soon.

This revision now requires changes to proceed.Oct 28 2019, 12:03 PM
dvl added a comment.Oct 28 2019, 12:12 PM
In D22114#484562, @bofh wrote:

Hi @dvl ,
Are you sure that snort3 builds after properly with these changes? So far in my system it doesn't build. For your reference please check the following:
http://pdr.bofh.network/data/latest-per-pkg/snort3/3.0.0.262,1/

I am committing libdaq for now. And will look more into it to fix it soon.

Thank you. I will test today at work.

This revision was not accepted when it landed; it landed in state Needs Revision.Oct 28 2019, 12:28 PM
Closed by commit rP515856: net/libdaq: Update version 3.0.0-alpha2=>3.0.0-alpha3 (authored by bofh). · Explain Why
This revision was automatically updated to reflect the committed changes.
bofh added a commit: rP515856: net/libdaq: Update version 3.0.0-alpha2=>3.0.0-alpha3.
bofh reopened this revision.Oct 28 2019, 12:31 PM

Oops. @dvl sorry. Didn't know that partial commit closes the revision.

dvl added a comment.EditedOct 28 2019, 3:06 PM
In D22114#484573, @bofh wrote:

Oops. @dvl sorry. Didn't know that partial commit closes the revision.

No worries.

Sorry, I misread your note. Yes, you are getting the same error I received. The snort devs do all their work on Linux.

Here was one suggested patch which fixes the above error. However, it was suggested to me that perhaps we are missing an #include?

+
+#ifndef FREEBSD_s6_WORKAROUND
+#define FREEBSD_s6_WORKAROUND
+#define s6_addr8  __u6_addr.__u6_addr8
+#define s6_addr16 __u6_addr.__u6_addr16
+#define s6_addr32 __u6_addr.__u6_addr32
+#endif

A grep finds:

$ grep -r s6_addr8 /usr/include/*
/usr/include/netinet6/in6.h:#define s6_addr8  __u6_addr.__u6_addr8

Adding #include "netinet/in.h" does not help this.

dvl mentioned this in D24263: security/snort3 - try unbreaking it on 12.x.Apr 2 2020, 6:37 PM
dvl edited the summary of this revision. (Show Details)
dvl abandoned this revision.Apr 6 2020, 1:11 PM

Revision Contents
Changeset List

PathSize
head/
net/
libdaq/
2 lines
6 lines

Diff 63726

View Options

head/net/libdaq/Makefile

Loading...
View Options

head/net/libdaq/distinfo

Loading...