Index: head/security/pulledpork/Makefile =================================================================== --- head/security/pulledpork/Makefile (revision 457687) +++ head/security/pulledpork/Makefile (revision 457688) @@ -1,62 +1,63 @@ # Created by: Olli Hauer # $FreeBSD$ PORTNAME= pulledpork -PORTVERSION= 0.7.2 +PORTVERSION= 0.7.3 +DISTVERSIONPREFIX= v CATEGORIES= security MASTER_SITES= GHL MAINTAINER= ohauer@FreeBSD.org COMMENT= Script to update snort-2.8+ rules LICENSE= GPLv2 RUN_DEPENDS= p5-Crypt-SSLeay>=0.57:security/p5-Crypt-SSLeay \ p5-LWP-Protocol-https>=6.00:www/p5-LWP-Protocol-https \ p5-libwww>=0:www/p5-libwww \ ${LOCALBASE}/share/certs/ca-root-nss.crt:security/ca_root_nss NO_BUILD= yes USES= perl5 shebangfix USE_PERL5= run SHEBANG_FILES= ${WRKSRC}/pulledpork.pl ${WRKSRC}/contrib/oink-conv.pl SUB_FILES= pkg-message USE_GITHUB= yes GH_ACCOUNT= shirkdog OPTIONS_DEFINE= DOCS .include post-patch: @${REINPLACE_CMD} -e 's|^distro=FreeBSD-8.1|distro=FreeBSD-10-0|' \ -e 's|snort/enablesid.conf|pulledpork/enablesid.conf|g' \ -e 's|snort/dropsid.conf|pulledpork/dropsid.conf|g' \ -e 's|snort/disablesid.conf|pulledpork/disablesid.conf|g' \ -e 's|snort/modifysid.conf|pulledpork/modifysid.conf|g' \ -e "s|/usr/local/lib/snort_dynamicrules/|${PREFIX}/etc/snort/so_rules/|g" \ ${WRKSRC}/etc/pulledpork.conf do-install: ${INSTALL_SCRIPT} ${WRKSRC}/pulledpork.pl ${STAGEDIR}${PREFIX}/bin @${MKDIR} -m 750 ${STAGEDIR}${ETCDIR} # pulledpork.conf contains the snort user registration key, do not install world readable ${INSTALL} -m 640 ${WRKSRC}/etc/pulledpork.conf ${STAGEDIR}${ETCDIR}/pulledpork.conf.sample ${INSTALL_DATA} ${WRKSRC}/etc/disablesid.conf ${STAGEDIR}${ETCDIR}/disablesid.conf.sample ${INSTALL_DATA} ${WRKSRC}/etc/dropsid.conf ${STAGEDIR}${ETCDIR}/dropsid.conf.sample ${INSTALL_DATA} ${WRKSRC}/etc/enablesid.conf ${STAGEDIR}${ETCDIR}/enablesid.conf.sample ${INSTALL_DATA} ${WRKSRC}/etc/modifysid.conf ${STAGEDIR}${ETCDIR}/modifysid.conf.sample @${MKDIR} ${STAGEDIR}${DATADIR} ${INSTALL_DATA} ${WRKSRC}/contrib/README.CONTRIB ${STAGEDIR}${DATADIR} ${INSTALL_SCRIPT} ${WRKSRC}/contrib/oink-conv.pl ${STAGEDIR}${DATADIR} do-install-DOCS-on: @${MKDIR} ${STAGEDIR}${DOCSDIR} ${INSTALL_DATA} ${WRKSRC}/README.md ${STAGEDIR}${DOCSDIR}/README ${INSTALL_DATA} ${WRKSRC}/doc/README.CATEGORIES ${STAGEDIR}${DOCSDIR} ${INSTALL_DATA} ${WRKSRC}/doc/README.CHANGES ${STAGEDIR}${DOCSDIR} ${INSTALL_DATA} ${WRKSRC}/doc/README.RULESET ${STAGEDIR}${DOCSDIR} ${INSTALL_DATA} ${WRKSRC}/doc/README.SHAREDOBJECTS ${STAGEDIR}${DOCSDIR} .include Index: head/security/pulledpork/distinfo =================================================================== --- head/security/pulledpork/distinfo (revision 457687) +++ head/security/pulledpork/distinfo (revision 457688) @@ -1,3 +1,3 @@ -TIMESTAMP = 1478665576 -SHA256 (shirkdog-pulledpork-0.7.2_GH0.tar.gz) = 50046477d5d1a18aec131a56bd3f21170057d8a31fd6f30af706e31d5b14bd0a -SIZE (shirkdog-pulledpork-0.7.2_GH0.tar.gz) = 41740 +TIMESTAMP = 1512908815 +SHA256 (shirkdog-pulledpork-v0.7.3_GH0.tar.gz) = 48c66dc9abb7545186d4fba497263c1d1b247c0ea7f0953db4d515e7898461a2 +SIZE (shirkdog-pulledpork-v0.7.3_GH0.tar.gz) = 43167 Index: head/security/pulledpork/files/patch-pulledpork.pl =================================================================== --- head/security/pulledpork/files/patch-pulledpork.pl (revision 457687) +++ head/security/pulledpork/files/patch-pulledpork.pl (revision 457688) @@ -1,22 +1,28 @@ ---- pulledpork.pl.orig 2015-12-16 18:01:13 UTC +--- pulledpork.pl.orig 2017-12-07 15:13:06 UTC +++ pulledpork.pl -@@ -61,8 +61,8 @@ if ($oSystem =~ /freebsd/i) { - exit(1); +@@ -90,9 +90,24 @@ if ($oSystem =~ /freebsd/i) { + exit(1); } - #Check for the other location for the cert file -- } elsif ( -e "/usr/local/etc/ssl/cert.pem" ) { -- $CAFile = "/usr/local/etc/ssl/cert.pem"; -+ } elsif ( -e "/usr/local/share/certs/ca-root-nss.crt" ) { -+ $CAFile = "/usr/local/share/certs/ca-root-nss.crt"; - if ( -r $CAFile) { - $ua->ssl_opts( SSL_ca_file => $CAFile ); - } else { -@@ -72,7 +72,7 @@ if ($oSystem =~ /freebsd/i) { - exit(1); - } - } else { -- carp "ERROR: cert file does not exist (/etc/ssl/cert.pem or /usr/local/etc/ssl/cert.pem) Ensure that the ca_root_nss port/pkg is installed, or use -w to skip SSL verification\n"; -+ carp "ERROR: cert file does not exist (/etc/ssl/cert.pem or /usr/local/share/certs/ca-root-nss.crt) Ensure that the ca_root_nss port/pkg is installed, or use -w to skip SSL verification\n"; - syslogit( 'err|local0', "FATAL: cert file does not exist. Ensure that the ca_root_nss port/pkg is installed, or use -w to skip SSL verification\n") - if $Syslogging; - exit(1); + } ++ elsif (-e "/usr/local/share/certs/ca-root-nss.crt") { ++ $CAFile = "/usr/local/share/certs/ca-root-nss.crt"; ++ if (-r $CAFile) { ++ $ua->ssl_opts(SSL_ca_file => $CAFile); ++ } ++ else { ++ carp "ERROR: $CAFile is not readable by " ++ . (getpwuid($<))[0] . "\n"; ++ syslogit('err|local0', ++ "FATAL: ERROR: $CAFile is not readable by " ++ . (getpwuid($<))[0] . "\n") ++ if $Syslogging; ++ exit(1); ++ } ++ } + else { + carp +- "ERROR: cert file does not exist (/etc/ssl/cert.pem or /usr/local/etc/ssl/cert.pem) Ensure that the ca_root_nss port/pkg is installed, or use -w to skip SSL verification\n"; ++ "ERROR: cert file does not exist (/etc/ssl/cert.pem, /usr/local/etc/ssl/cert.pem or /usr/local/share/certs/ca-root-nss.crt) Ensure that the ca_root_nss port/pkg is installed, or use -w to skip SSL verification\n"; + syslogit('err|local0', + "FATAL: cert file does not exist. Ensure that the ca_root_nss port/pkg is installed, or use -w to skip SSL verification\n" + ) if $Syslogging;