From 1b884383aa83839ec057c3b047621f98ba7119b2 Mon Sep 17 00:00:00 2001 From: Noel Kuntze <noel.kuntze@thermi.consulting> Date: Sun, 14 Feb 2021 23:01:17 +0100 Subject: [PATCH 01/12] testing/ossec-hids-agent: patch to build with gcc-9 and gcc-10 --- ...84649f89a67a42894e66cdc8c2e23773b358.patch | 534 ++++++++++++++++++ testing/ossec-hids-agent/APKBUILD | 4 +- 2 files changed, 537 insertions(+), 1 deletion(-) create mode 100644 testing/ossec-hids-agent/745384649f89a67a42894e66cdc8c2e23773b358.patch diff --git a/testing/ossec-hids-agent/745384649f89a67a42894e66cdc8c2e23773b358.patch b/testing/ossec-hids-agent/745384649f89a67a42894e66cdc8c2e23773b358.patch new file mode 100644 index 000000000000..109873a721e7 --- /dev/null +++ b/testing/ossec-hids-agent/745384649f89a67a42894e66cdc8c2e23773b358.patch @@ -0,0 +1,534 @@ +From 745384649f89a67a42894e66cdc8c2e23773b358 Mon Sep 17 00:00:00 2001 +From: ddpbsd <ddpbsd@gmail.com> +Date: Sat, 2 May 2020 12:54:36 -0400 +Subject: [PATCH 1/5] Cleanup some variables. + +In issue #1871 @rseichter brings up that gcc 10 switches to '-fno-common' +by default. This killed builds of the agent. Switch agt to os_net_agt in os_net. +Shuffle around the variable in client-agent (I think gcc had issues with agt +being declared in agentd.h which gets included everywhere). +Shuffle around willchroot in manage_agents. +--- + src/addagent/main.c | 1 + + src/addagent/manage_agents.c | 2 ++ + src/addagent/manage_agents.h | 2 +- + src/addagent/manage_keys.c | 2 ++ + src/client-agent/agentd.c | 2 ++ + src/client-agent/agentd.h | 4 ++-- + src/client-agent/event-forward.c | 3 +++ + src/client-agent/main.c | 5 ++++- + src/client-agent/notify.c | 2 ++ + src/client-agent/receiver-win.c | 1 + + src/client-agent/receiver.c | 2 ++ + src/client-agent/sendmsg.c | 3 +++ + src/client-agent/start_agent.c | 7 +++++++ + src/os_net/os_net.c | 20 ++++++++++---------- + src/os_net/os_net.h | 2 +- + 15 files changed, 43 insertions(+), 15 deletions(-) + +diff --git a/src/addagent/main.c b/src/addagent/main.c +index 587a8a3d8..ab12f0326 100644 +--- a/src/addagent/main.c ++++ b/src/addagent/main.c +@@ -17,6 +17,7 @@ static void print_banner(void); + static void manage_shutdown(int sig) __attribute__((noreturn)); + #endif + ++int willchroot; + + #if defined(__MINGW32__) + static int setenv(const char *name, const char *val, __attribute__((unused)) int overwrite) +diff --git a/src/addagent/manage_agents.c b/src/addagent/manage_agents.c +index ac39c1e66..4f9c266ff 100644 +--- a/src/addagent/manage_agents.c ++++ b/src/addagent/manage_agents.c +@@ -85,6 +85,8 @@ int add_agent(int json_output) + + char authfile[257]; + ++ extern int willchroot; ++ + if(willchroot > 0) { + snprintf(authfile, 256, "%s", AUTH_FILE); //XXX + } else { +diff --git a/src/addagent/manage_agents.h b/src/addagent/manage_agents.h +index 4812dba43..f2962e80b 100644 +--- a/src/addagent/manage_agents.h ++++ b/src/addagent/manage_agents.h +@@ -147,4 +147,4 @@ extern fpos_t fp_pos; + #define GMF_UNKN_ERROR ARGV0 ": Could not run GetModuleFileName which returned (%ld).\n" + + +-int willchroot; ++//int willchroot; +diff --git a/src/addagent/manage_keys.c b/src/addagent/manage_keys.c +index 146b48326..ffb9a1f21 100644 +--- a/src/addagent/manage_keys.c ++++ b/src/addagent/manage_keys.c +@@ -336,6 +336,8 @@ int k_bulkload(const char *cmdbulk) + char delims[] = ","; + char *token = NULL; + ++ extern int willchroot; ++ + /* Check if we can open the input file */ + printf("Opening: [%s]\n", cmdbulk); + infp = fopen(cmdbulk, "r"); +diff --git a/src/client-agent/agentd.c b/src/client-agent/agentd.c +index c09cf87d3..67828e79c 100644 +--- a/src/client-agent/agentd.c ++++ b/src/client-agent/agentd.c +@@ -23,6 +23,8 @@ void AgentdStart(const char *dir, int uid, int gid, const char *user, const char + fd_set fdset; + struct timeval fdtimeout; + ++ extern agent *agt; ++ + available_server = 0; + + /* Initial random numbers must happen before chroot */ +diff --git a/src/client-agent/agentd.h b/src/client-agent/agentd.h +index 0246a5457..a362ff9a3 100644 +--- a/src/client-agent/agentd.h ++++ b/src/client-agent/agentd.h +@@ -81,9 +81,9 @@ void os_agent_cb(int fd, short ev, void *arg); + extern time_t available_server; + extern int run_foreground; + extern keystore keys; +-extern agent *agt; ++//extern agent *agt; + #ifndef WIN32 +-struct imsgbuf server_ibuf; ++//struct imsgbuf server_ibuf; + #endif //WIN32 + + #endif /* __AGENTD_H */ +diff --git a/src/client-agent/event-forward.c b/src/client-agent/event-forward.c +index 2e81f0c90..22ed0beb9 100644 +--- a/src/client-agent/event-forward.c ++++ b/src/client-agent/event-forward.c +@@ -19,6 +19,9 @@ + /* Receive a message locally on the agent and forward it to the manager */ + void *EventForward(void) + { ++ ++ extern agent *agt; ++ + ssize_t recv_b; + char msg[OS_MAXSTR + 1]; + +diff --git a/src/client-agent/main.c b/src/client-agent/main.c +index 5f85cfb73..01c18970c 100644 +--- a/src/client-agent/main.c ++++ b/src/client-agent/main.c +@@ -16,7 +16,8 @@ + #define ARGV0 "ossec-agentd" + #endif + +-extern struct imsgbuf server_ibuf; ++//extern struct imsgbuf server_ibuf; ++struct imsgbuf server_ibuf; + + + /* Prototypes */ +@@ -112,6 +113,8 @@ int main(int argc, char **argv) + + debug1(STARTED_MSG, ARGV0); + ++ extern agent *agt; ++ + agt = (agent *)calloc(1, sizeof(agent)); + if (!agt) { + ErrorExit(MEM_ERROR, ARGV0, errno, strerror(errno)); +diff --git a/src/client-agent/notify.c b/src/client-agent/notify.c +index 1b239f26c..93fec325c 100644 +--- a/src/client-agent/notify.c ++++ b/src/client-agent/notify.c +@@ -68,6 +68,8 @@ void run_notify() + os_md5 md5sum; + time_t curr_time; + ++ extern agent *agt; ++ + keep_alive_random[0] = '\0'; + curr_time = time(0); + +diff --git a/src/client-agent/receiver-win.c b/src/client-agent/receiver-win.c +index 859bdf7f9..4ab62ee77 100644 +--- a/src/client-agent/receiver-win.c ++++ b/src/client-agent/receiver-win.c +@@ -19,6 +19,7 @@ + /* Receive events from the server */ + void *receiver_thread(__attribute__((unused)) void *none) + { ++ extern agent *agt; + int recv_b; + + char file[OS_SIZE_1024 + 1]; +diff --git a/src/client-agent/receiver.c b/src/client-agent/receiver.c +index fde64c282..5286e60dc 100644 +--- a/src/client-agent/receiver.c ++++ b/src/client-agent/receiver.c +@@ -29,6 +29,8 @@ void *receive_msg() + char cleartext[OS_MAXSTR + 1]; + char *tmp_msg; + ++ extern agent *agt; ++ + memset(cleartext, '\0', OS_MAXSTR + 1); + memset(buffer, '\0', OS_MAXSTR + 1); + +diff --git a/src/client-agent/sendmsg.c b/src/client-agent/sendmsg.c +index 454c2e714..3076dfcf9 100644 +--- a/src/client-agent/sendmsg.c ++++ b/src/client-agent/sendmsg.c +@@ -15,6 +15,9 @@ + /* Send a message to the server */ + int send_msg(int agentid, const char *msg) + { ++ ++ extern agent *agt; ++ + size_t msg_size; + char crypt_msg[OS_MAXSTR + 1]; + +diff --git a/src/client-agent/start_agent.c b/src/client-agent/start_agent.c +index 51670cee5..f1df43715 100644 +--- a/src/client-agent/start_agent.c ++++ b/src/client-agent/start_agent.c +@@ -24,6 +24,9 @@ int connect_server(int initial_id) + #ifdef WIN32 + unsigned int attempts = 2; + #endif //WIN32 ++ ++ extern agent *agt; ++ + int rc = initial_id; + + /* Checking if the initial is zero, meaning we have to +@@ -139,6 +142,8 @@ void start_agent(int is_startup) + char cleartext[OS_MAXSTR + 1]; + char fmsg[OS_MAXSTR + 1]; + ++ extern agent *agt; ++ + memset(msg, '\0', OS_MAXSTR + 2); + memset(buffer, '\0', OS_MAXSTR + 1); + memset(cleartext, '\0', OS_MAXSTR + 1); +@@ -241,6 +246,8 @@ void os_agent_cb(int fd, short ev, void *arg) { + struct imsg imsg; + struct imsgbuf *ibuf = (struct imsgbuf *)arg; + ++ extern agent *agt; ++ + if (ev & EV_READ) { + if ((n = imsg_read(ibuf) == -1 && errno != EAGAIN)) { + ErrorExit("%s: ERROR: imsg_read() failed: %s", ARGV0, strerror(errno)); +diff --git a/src/os_net/os_net.c b/src/os_net/os_net.c +index f18e3be77..756e9fac8 100644 +--- a/src/os_net/os_net.c ++++ b/src/os_net/os_net.c +@@ -14,7 +14,7 @@ + #include <errno.h> + #include "shared.h" + #include "os_net.h" +-agent *agt; ++agent *os_net_agt; + + /* Prototypes */ + static OSNetInfo *OS_Bindport(char *_port, unsigned int _proto, const char *_ip); +@@ -346,11 +346,11 @@ int OS_Connect(char *_port, unsigned int protocol, const char *_ip) + return(OS_INVALID); + } + +- if (agt) { +- if (agt->lip) { ++ if (os_net_agt) { ++ if (os_net_agt->lip) { + memset(&hints, 0, sizeof(struct addrinfo)); + hints.ai_flags = AI_NUMERICHOST; +- s = getaddrinfo(agt->lip, NULL, &hints, &result); ++ s = getaddrinfo(os_net_agt->lip, NULL, &hints, &result); + if (s != 0) { + verbose("getaddrinfo: %s", gai_strerror(s)); + } +@@ -363,8 +363,8 @@ int OS_Connect(char *_port, unsigned int protocol, const char *_ip) + memset(&hints, 0, sizeof(struct addrinfo)); + /* Allow IPv4 or IPv6 if local_ip isn't specified */ + hints.ai_family = AF_UNSPEC; +- if (agt) { +- if (agt->lip) { ++ if (os_net_agt) { ++ if (os_net_agt->lip) { + hints.ai_family = local_ai->ai_family; + } + } +@@ -398,13 +398,13 @@ int OS_Connect(char *_port, unsigned int protocol, const char *_ip) + continue; + } + +- if (agt) { +- if (agt->lip) { ++ if (os_net_agt) { ++ if (os_net_agt->lip) { + if (bind(ossock, local_ai->ai_addr, local_ai->ai_addrlen)) { + verbose("Unable to bind to local address %s. Ignoring. (%s)", +- agt->lip, strerror(errno)); ++ os_net_agt->lip, strerror(errno)); + } +- else verbose("Connecting from local address %s", agt->lip); ++ else verbose("Connecting from local address %s", os_net_agt->lip); + } + } + +diff --git a/src/os_net/os_net.h b/src/os_net/os_net.h +index 9b7250928..3aaf00429 100644 +--- a/src/os_net/os_net.h ++++ b/src/os_net/os_net.h +@@ -13,7 +13,7 @@ + + #include "headers/shared.h" + #include "config/client-config.h" +-extern agent *agt; ++extern agent *os_net_agt; + #ifdef WIN32 + #ifndef AI_ADDRCONFIG + #define AI_ADDRCONFIG 0x0400 + +From 940198e914db65a7133784d25964aa0e11354233 Mon Sep 17 00:00:00 2001 +From: ddpbsd <ddpbsd@gmail.com> +Date: Sat, 2 May 2020 14:08:33 -0400 +Subject: [PATCH 2/5] extern agt + +--- + src/win32/win_agent.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/win32/win_agent.c b/src/win32/win_agent.c +index 40a37e621..a2ec784f2 100644 +--- a/src/win32/win_agent.c ++++ b/src/win32/win_agent.c +@@ -124,6 +124,7 @@ int local_start() + WSADATA wsaData; + DWORD threadID; + DWORD threadID2; ++ extern agent *agt; + + /* Start agent */ + agt = (agent *)calloc(1, sizeof(agent)); +@@ -271,6 +272,7 @@ int SendMSG(__attribute__((unused)) int queue, const char *message, const char * + char tmpstr[OS_MAXSTR + 2]; + char crypt_msg[OS_MAXSTR + 2]; + DWORD dwWaitResult; ++ extern agent *agt; + + tmpstr[OS_MAXSTR + 1] = '\0'; + crypt_msg[OS_MAXSTR + 1] = '\0'; +@@ -468,6 +470,8 @@ void send_win32_info(time_t curr_time) + tmp_msg[OS_MAXSTR + 1] = '\0'; + crypt_msg[OS_MAXSTR + 1] = '\0'; + ++ extern agent *agt; ++ + debug1("%s: DEBUG: Sending keep alive message.", ARGV0); + + /* Fix time */ + +From f8405753edbf1fd478ba75e6f7c770e63fa1e126 Mon Sep 17 00:00:00 2001 +From: ddpbsd <ddpbsd@gmail.com> +Date: Mon, 25 May 2020 12:23:16 -0400 +Subject: [PATCH 3/5] Shuffle around variable declarations to make -fno-common + happy. + +--- + src/analysisd/analysisd.c | 1 + + src/analysisd/syscheck-sqlite.h | 2 +- + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/analysisd/analysisd.c b/src/analysisd/analysisd.c +index a220f4421..2e89b7967 100644 +--- a/src/analysisd/analysisd.c ++++ b/src/analysisd/analysisd.c +@@ -43,6 +43,7 @@ + + #ifdef SQLITE_ENABLED + #include "syscheck-sqlite.h" ++sqlite3 *conn; + #endif + + /** Prototypes **/ +diff --git a/src/analysisd/syscheck-sqlite.h b/src/analysisd/syscheck-sqlite.h +index 526cab26e..3a68ca816 100644 +--- a/src/analysisd/syscheck-sqlite.h ++++ b/src/analysisd/syscheck-sqlite.h +@@ -1,5 +1,5 @@ + #ifdef SQLITE_ENABLED + #include <sqlite3.h> + +-sqlite3 *conn; ++//sqlite3 *conn; + #endif + +From 1d54a2cca3241bd80781a615e4f6f97ce2c1569e Mon Sep 17 00:00:00 2001 +From: ddpbsd <ddpbsd@gmail.com> +Date: Mon, 25 May 2020 12:24:47 -0400 +Subject: [PATCH 4/5] garbage collect syscheck-sqlite.h since it's blank now. + +--- + src/analysisd/analysisd.c | 1 - + src/analysisd/decoders/syscheck.c | 4 ---- + src/analysisd/syscheck-sqlite.h | 5 ----- + 3 files changed, 10 deletions(-) + delete mode 100644 src/analysisd/syscheck-sqlite.h + +diff --git a/src/analysisd/analysisd.c b/src/analysisd/analysisd.c +index 2e89b7967..db762a90d 100644 +--- a/src/analysisd/analysisd.c ++++ b/src/analysisd/analysisd.c +@@ -42,7 +42,6 @@ + #endif + + #ifdef SQLITE_ENABLED +-#include "syscheck-sqlite.h" + sqlite3 *conn; + #endif + +diff --git a/src/analysisd/decoders/syscheck.c b/src/analysisd/decoders/syscheck.c +index a6d675892..7c6745166 100644 +--- a/src/analysisd/decoders/syscheck.c ++++ b/src/analysisd/decoders/syscheck.c +@@ -15,10 +15,6 @@ + #include "alerts/alerts.h" + #include "decoder.h" + +-#ifdef SQLITE_ENABLED +-#include "syscheck-sqlite.h" +-#endif +- + typedef struct __sdb { + char buf[OS_MAXSTR + 1]; + char comment[OS_MAXSTR + 1]; +diff --git a/src/analysisd/syscheck-sqlite.h b/src/analysisd/syscheck-sqlite.h +deleted file mode 100644 +index 3a68ca816..000000000 +--- a/src/analysisd/syscheck-sqlite.h ++++ /dev/null +@@ -1,5 +0,0 @@ +-#ifdef SQLITE_ENABLED +-#include <sqlite3.h> +- +-//sqlite3 *conn; +-#endif + +From 5d6f21e31dab30e34f1713f6cfe1b2e0108f77f5 Mon Sep 17 00:00:00 2001 +From: ddpbsd <ddpbsd@gmail.com> +Date: Mon, 25 May 2020 14:38:08 -0400 +Subject: [PATCH 5/5] Shuffle around sqlite and geoip variables to make + -fno-common happy + +--- + src/analysisd/analysisd.c | 5 +++++ + src/analysisd/config.h | 3 +++ + src/analysisd/decoders/geoip.c | 1 + + src/analysisd/decoders/syscheck.c | 4 ++++ + src/analysisd/makelists.c | 4 ++++ + src/analysisd/testrule.c | 1 + + 6 files changed, 18 insertions(+) + +diff --git a/src/analysisd/analysisd.c b/src/analysisd/analysisd.c +index db762a90d..0a81971de 100644 +--- a/src/analysisd/analysisd.c ++++ b/src/analysisd/analysisd.c +@@ -42,9 +42,14 @@ + #endif + + #ifdef SQLITE_ENABLED ++#include <sqlite3.h> + sqlite3 *conn; + #endif + ++#ifdef LIBGEOIP_ENABLED ++GeoIP *geoipdb; ++#endif ++ + /** Prototypes **/ + void OS_ReadMSG(int m_queue); + RuleInfo *OS_CheckIfRuleMatch(Eventinfo *lf, RuleNode *curr_node); +diff --git a/src/analysisd/config.h b/src/analysisd/config.h +index 8d74c756e..976d1942e 100644 +--- a/src/analysisd/config.h ++++ b/src/analysisd/config.h +@@ -12,6 +12,7 @@ + + #include "config/config.h" + #include "config/global-config.h" ++ + #ifdef LIBGEOIP_ENABLED + #include "GeoIP.h" + #endif +@@ -20,9 +21,11 @@ + extern long int __crt_ftell; /* Global ftell pointer */ + extern _Config Config; /* Global Config structure */ + ++/* + #ifdef LIBGEOIP_ENABLED + GeoIP *geoipdb; + #endif ++*/ + + int GlobalConf(const char *cfgfile); + +diff --git a/src/analysisd/decoders/geoip.c b/src/analysisd/decoders/geoip.c +index 464e4bb71..9816b4c81 100644 +--- a/src/analysisd/decoders/geoip.c ++++ b/src/analysisd/decoders/geoip.c +@@ -30,6 +30,7 @@ char *GetGeoInfobyIP(char *ip_addr) + GeoIPRecord *geoiprecord; + char *geodata = NULL; + char geobuffer[256 +1]; ++ extern GeoIP *geoipdb; + + if(!geoipdb) + { +diff --git a/src/analysisd/decoders/syscheck.c b/src/analysisd/decoders/syscheck.c +index 7c6745166..30339a00d 100644 +--- a/src/analysisd/decoders/syscheck.c ++++ b/src/analysisd/decoders/syscheck.c +@@ -15,6 +15,10 @@ + #include "alerts/alerts.h" + #include "decoder.h" + ++#ifdef SQLITE_ENABLED ++#include <sqlite3.h> ++#endif ++ + typedef struct __sdb { + char buf[OS_MAXSTR + 1]; + char comment[OS_MAXSTR + 1]; +diff --git a/src/analysisd/makelists.c b/src/analysisd/makelists.c +index 06c90db70..dfbe6a4a3 100644 +--- a/src/analysisd/makelists.c ++++ b/src/analysisd/makelists.c +@@ -32,6 +32,10 @@ time_t c_time; + char __shost[512]; + OSDecoderInfo *NULL_Decoder; + ++#ifdef LIBGEOIP_ENABLED ++GeoIP *geoipdb; ++#endif ++ + /* print help statement */ + __attribute__((noreturn)) + static void help_makelists(void) +diff --git a/src/analysisd/testrule.c b/src/analysisd/testrule.c +index c08fb4885..b1aa928f7 100644 +--- a/src/analysisd/testrule.c ++++ b/src/analysisd/testrule.c +@@ -83,6 +83,7 @@ int main(int argc, char **argv) + memset(prev_month, '\0', 4); + + #ifdef LIBGEOIP_ENABLED ++ extern GeoIP *geoipdb; + geoipdb = NULL; + #endif + \ No newline at end of file diff --git a/testing/ossec-hids-agent/APKBUILD b/testing/ossec-hids-agent/APKBUILD index f64be47f8c8c..aaa16e62a65a 100644 --- a/testing/ossec-hids-agent/APKBUILD +++ b/testing/ossec-hids-agent/APKBUILD @@ -3,7 +3,7 @@ pkgname=ossec-hids-agent _target=${pkgname/ossec-hids-/} pkgver=3.6.0 -pkgrel=0 +pkgrel=1 pkgdesc="Open Source Host-based Intrusion Detection System" url="https://www.ossec.net/" arch="all !aarch64 !armhf !armv7 !s390x" @@ -17,10 +17,12 @@ subpackages="$pkgname-doc" pkgusers="ossec ossecm ossecr" pkggroups="ossec" source="$pkgname-$pkgver.tar.gz::https://github.com/ossec/ossec-hids/archive/$pkgver.tar.gz + 745384649f89a67a42894e66cdc8c2e23773b358.patch $pkgname.logrotate musl_lack_of_a_out_h.patch makefile.patch config" + builddir="$srcdir"/ossec-hids-$pkgver export CFLAGS="$CFLAGS -fcommon" -- GitLab From b1f0259fcf2ee9546467637f26654a4d5aef3490 Mon Sep 17 00:00:00 2001 From: Noel Kuntze <noel.kuntze@thermi.consulting> Date: Sun, 14 Feb 2021 23:07:46 +0100 Subject: [PATCH 02/12] testing/ossec-hids-agent: summarize declared exports in _make_args --- testing/ossec-hids-agent/APKBUILD | 21 +++++++-------------- 1 file changed, 7 insertions(+), 14 deletions(-) diff --git a/testing/ossec-hids-agent/APKBUILD b/testing/ossec-hids-agent/APKBUILD index aaa16e62a65a..c3a6925ff350 100644 --- a/testing/ossec-hids-agent/APKBUILD +++ b/testing/ossec-hids-agent/APKBUILD @@ -29,32 +29,25 @@ export CFLAGS="$CFLAGS -fcommon" prepare() { default_prepare - export V=1 - export USER_INSTALL_TYPE=$_target - export USER_NO_STOP=yes - export USER_DIR=/var/ossec - export USER_BINARYINSTALL=x - export USE_GEOIP=yes - export USE_ZEROMQ=yes - export LUA_ENABLE=yes - export USE_INOTIFY=yes - export PCRE2_SYSTEM=yes + export _make_args="V=1 USER_INSTALL_TYPE=$_target USER_NO_STOP=yes \ + USER_DIR=/var/ossec USER_BINARYINSTALL=x USE_GEOIP=yes USE_ZEROMQ=yes \ + LUA_ENABLE=yes USE_INOTIFY=yes PCRE2_SYSTEM=yes" } build() { cd "$builddir"/src make clean - make TARGET=$_target PREFIX=/var/ossec + make TARGET=$_target PREFIX=/var/ossec $_make_args } check() { cd "$builddir"/src - make test PREFIX=/var/ossec + make test PREFIX=/var/ossec $_make_args } package() { install -Dm644 -D "$srcdir"/$pkgname.logrotate "$pkgdir"/etc/logrotate.d/$pkgname - install -Dm644 -D etc/ossec-$_target.conf "$pkgdir"/etc/ossec-$_target.conf + install -Dm644 -D etc/ossec-$_target.conf "$pkgdir"/etc/ossec-$_target.conf mkdir -p "$pkgdir"/var/ossec/etc cat << EOF > "$pkgdir"/var/ossec/etc/ossec-init.conf @@ -71,7 +64,7 @@ EOF find "$pkgdir" -user daemon -exec chown 526 '{}' ';' find "$pkgdir" -group nobody -exec chgrp 525 '{}' ';' - make TARGET="$_target" PREFIX="$pkgdir"/var/ossec install + make install TARGET="$_target" PREFIX="$pkgdir"/var/ossec $_make_args } doc() { -- GitLab From 94819709a82a5f4cf59d5c5fa1e758ffbe678b40 Mon Sep 17 00:00:00 2001 From: Noel Kuntze <noel.kuntze@thermi.consulting> Date: Sun, 14 Feb 2021 23:09:24 +0100 Subject: [PATCH 03/12] testing/ossec-hids-local: patch to build with gcc-9 and gcc-10 --- ...84649f89a67a42894e66cdc8c2e23773b358.patch | 534 ++++++++++++++++++ testing/ossec-hids-local/APKBUILD | 5 +- 2 files changed, 538 insertions(+), 1 deletion(-) create mode 100644 testing/ossec-hids-local/745384649f89a67a42894e66cdc8c2e23773b358.patch diff --git a/testing/ossec-hids-local/745384649f89a67a42894e66cdc8c2e23773b358.patch b/testing/ossec-hids-local/745384649f89a67a42894e66cdc8c2e23773b358.patch new file mode 100644 index 000000000000..109873a721e7 --- /dev/null +++ b/testing/ossec-hids-local/745384649f89a67a42894e66cdc8c2e23773b358.patch @@ -0,0 +1,534 @@ +From 745384649f89a67a42894e66cdc8c2e23773b358 Mon Sep 17 00:00:00 2001 +From: ddpbsd <ddpbsd@gmail.com> +Date: Sat, 2 May 2020 12:54:36 -0400 +Subject: [PATCH 1/5] Cleanup some variables. + +In issue #1871 @rseichter brings up that gcc 10 switches to '-fno-common' +by default. This killed builds of the agent. Switch agt to os_net_agt in os_net. +Shuffle around the variable in client-agent (I think gcc had issues with agt +being declared in agentd.h which gets included everywhere). +Shuffle around willchroot in manage_agents. +--- + src/addagent/main.c | 1 + + src/addagent/manage_agents.c | 2 ++ + src/addagent/manage_agents.h | 2 +- + src/addagent/manage_keys.c | 2 ++ + src/client-agent/agentd.c | 2 ++ + src/client-agent/agentd.h | 4 ++-- + src/client-agent/event-forward.c | 3 +++ + src/client-agent/main.c | 5 ++++- + src/client-agent/notify.c | 2 ++ + src/client-agent/receiver-win.c | 1 + + src/client-agent/receiver.c | 2 ++ + src/client-agent/sendmsg.c | 3 +++ + src/client-agent/start_agent.c | 7 +++++++ + src/os_net/os_net.c | 20 ++++++++++---------- + src/os_net/os_net.h | 2 +- + 15 files changed, 43 insertions(+), 15 deletions(-) + +diff --git a/src/addagent/main.c b/src/addagent/main.c +index 587a8a3d8..ab12f0326 100644 +--- a/src/addagent/main.c ++++ b/src/addagent/main.c +@@ -17,6 +17,7 @@ static void print_banner(void); + static void manage_shutdown(int sig) __attribute__((noreturn)); + #endif + ++int willchroot; + + #if defined(__MINGW32__) + static int setenv(const char *name, const char *val, __attribute__((unused)) int overwrite) +diff --git a/src/addagent/manage_agents.c b/src/addagent/manage_agents.c +index ac39c1e66..4f9c266ff 100644 +--- a/src/addagent/manage_agents.c ++++ b/src/addagent/manage_agents.c +@@ -85,6 +85,8 @@ int add_agent(int json_output) + + char authfile[257]; + ++ extern int willchroot; ++ + if(willchroot > 0) { + snprintf(authfile, 256, "%s", AUTH_FILE); //XXX + } else { +diff --git a/src/addagent/manage_agents.h b/src/addagent/manage_agents.h +index 4812dba43..f2962e80b 100644 +--- a/src/addagent/manage_agents.h ++++ b/src/addagent/manage_agents.h +@@ -147,4 +147,4 @@ extern fpos_t fp_pos; + #define GMF_UNKN_ERROR ARGV0 ": Could not run GetModuleFileName which returned (%ld).\n" + + +-int willchroot; ++//int willchroot; +diff --git a/src/addagent/manage_keys.c b/src/addagent/manage_keys.c +index 146b48326..ffb9a1f21 100644 +--- a/src/addagent/manage_keys.c ++++ b/src/addagent/manage_keys.c +@@ -336,6 +336,8 @@ int k_bulkload(const char *cmdbulk) + char delims[] = ","; + char *token = NULL; + ++ extern int willchroot; ++ + /* Check if we can open the input file */ + printf("Opening: [%s]\n", cmdbulk); + infp = fopen(cmdbulk, "r"); +diff --git a/src/client-agent/agentd.c b/src/client-agent/agentd.c +index c09cf87d3..67828e79c 100644 +--- a/src/client-agent/agentd.c ++++ b/src/client-agent/agentd.c +@@ -23,6 +23,8 @@ void AgentdStart(const char *dir, int uid, int gid, const char *user, const char + fd_set fdset; + struct timeval fdtimeout; + ++ extern agent *agt; ++ + available_server = 0; + + /* Initial random numbers must happen before chroot */ +diff --git a/src/client-agent/agentd.h b/src/client-agent/agentd.h +index 0246a5457..a362ff9a3 100644 +--- a/src/client-agent/agentd.h ++++ b/src/client-agent/agentd.h +@@ -81,9 +81,9 @@ void os_agent_cb(int fd, short ev, void *arg); + extern time_t available_server; + extern int run_foreground; + extern keystore keys; +-extern agent *agt; ++//extern agent *agt; + #ifndef WIN32 +-struct imsgbuf server_ibuf; ++//struct imsgbuf server_ibuf; + #endif //WIN32 + + #endif /* __AGENTD_H */ +diff --git a/src/client-agent/event-forward.c b/src/client-agent/event-forward.c +index 2e81f0c90..22ed0beb9 100644 +--- a/src/client-agent/event-forward.c ++++ b/src/client-agent/event-forward.c +@@ -19,6 +19,9 @@ + /* Receive a message locally on the agent and forward it to the manager */ + void *EventForward(void) + { ++ ++ extern agent *agt; ++ + ssize_t recv_b; + char msg[OS_MAXSTR + 1]; + +diff --git a/src/client-agent/main.c b/src/client-agent/main.c +index 5f85cfb73..01c18970c 100644 +--- a/src/client-agent/main.c ++++ b/src/client-agent/main.c +@@ -16,7 +16,8 @@ + #define ARGV0 "ossec-agentd" + #endif + +-extern struct imsgbuf server_ibuf; ++//extern struct imsgbuf server_ibuf; ++struct imsgbuf server_ibuf; + + + /* Prototypes */ +@@ -112,6 +113,8 @@ int main(int argc, char **argv) + + debug1(STARTED_MSG, ARGV0); + ++ extern agent *agt; ++ + agt = (agent *)calloc(1, sizeof(agent)); + if (!agt) { + ErrorExit(MEM_ERROR, ARGV0, errno, strerror(errno)); +diff --git a/src/client-agent/notify.c b/src/client-agent/notify.c +index 1b239f26c..93fec325c 100644 +--- a/src/client-agent/notify.c ++++ b/src/client-agent/notify.c +@@ -68,6 +68,8 @@ void run_notify() + os_md5 md5sum; + time_t curr_time; + ++ extern agent *agt; ++ + keep_alive_random[0] = '\0'; + curr_time = time(0); + +diff --git a/src/client-agent/receiver-win.c b/src/client-agent/receiver-win.c +index 859bdf7f9..4ab62ee77 100644 +--- a/src/client-agent/receiver-win.c ++++ b/src/client-agent/receiver-win.c +@@ -19,6 +19,7 @@ + /* Receive events from the server */ + void *receiver_thread(__attribute__((unused)) void *none) + { ++ extern agent *agt; + int recv_b; + + char file[OS_SIZE_1024 + 1]; +diff --git a/src/client-agent/receiver.c b/src/client-agent/receiver.c +index fde64c282..5286e60dc 100644 +--- a/src/client-agent/receiver.c ++++ b/src/client-agent/receiver.c +@@ -29,6 +29,8 @@ void *receive_msg() + char cleartext[OS_MAXSTR + 1]; + char *tmp_msg; + ++ extern agent *agt; ++ + memset(cleartext, '\0', OS_MAXSTR + 1); + memset(buffer, '\0', OS_MAXSTR + 1); + +diff --git a/src/client-agent/sendmsg.c b/src/client-agent/sendmsg.c +index 454c2e714..3076dfcf9 100644 +--- a/src/client-agent/sendmsg.c ++++ b/src/client-agent/sendmsg.c +@@ -15,6 +15,9 @@ + /* Send a message to the server */ + int send_msg(int agentid, const char *msg) + { ++ ++ extern agent *agt; ++ + size_t msg_size; + char crypt_msg[OS_MAXSTR + 1]; + +diff --git a/src/client-agent/start_agent.c b/src/client-agent/start_agent.c +index 51670cee5..f1df43715 100644 +--- a/src/client-agent/start_agent.c ++++ b/src/client-agent/start_agent.c +@@ -24,6 +24,9 @@ int connect_server(int initial_id) + #ifdef WIN32 + unsigned int attempts = 2; + #endif //WIN32 ++ ++ extern agent *agt; ++ + int rc = initial_id; + + /* Checking if the initial is zero, meaning we have to +@@ -139,6 +142,8 @@ void start_agent(int is_startup) + char cleartext[OS_MAXSTR + 1]; + char fmsg[OS_MAXSTR + 1]; + ++ extern agent *agt; ++ + memset(msg, '\0', OS_MAXSTR + 2); + memset(buffer, '\0', OS_MAXSTR + 1); + memset(cleartext, '\0', OS_MAXSTR + 1); +@@ -241,6 +246,8 @@ void os_agent_cb(int fd, short ev, void *arg) { + struct imsg imsg; + struct imsgbuf *ibuf = (struct imsgbuf *)arg; + ++ extern agent *agt; ++ + if (ev & EV_READ) { + if ((n = imsg_read(ibuf) == -1 && errno != EAGAIN)) { + ErrorExit("%s: ERROR: imsg_read() failed: %s", ARGV0, strerror(errno)); +diff --git a/src/os_net/os_net.c b/src/os_net/os_net.c +index f18e3be77..756e9fac8 100644 +--- a/src/os_net/os_net.c ++++ b/src/os_net/os_net.c +@@ -14,7 +14,7 @@ + #include <errno.h> + #include "shared.h" + #include "os_net.h" +-agent *agt; ++agent *os_net_agt; + + /* Prototypes */ + static OSNetInfo *OS_Bindport(char *_port, unsigned int _proto, const char *_ip); +@@ -346,11 +346,11 @@ int OS_Connect(char *_port, unsigned int protocol, const char *_ip) + return(OS_INVALID); + } + +- if (agt) { +- if (agt->lip) { ++ if (os_net_agt) { ++ if (os_net_agt->lip) { + memset(&hints, 0, sizeof(struct addrinfo)); + hints.ai_flags = AI_NUMERICHOST; +- s = getaddrinfo(agt->lip, NULL, &hints, &result); ++ s = getaddrinfo(os_net_agt->lip, NULL, &hints, &result); + if (s != 0) { + verbose("getaddrinfo: %s", gai_strerror(s)); + } +@@ -363,8 +363,8 @@ int OS_Connect(char *_port, unsigned int protocol, const char *_ip) + memset(&hints, 0, sizeof(struct addrinfo)); + /* Allow IPv4 or IPv6 if local_ip isn't specified */ + hints.ai_family = AF_UNSPEC; +- if (agt) { +- if (agt->lip) { ++ if (os_net_agt) { ++ if (os_net_agt->lip) { + hints.ai_family = local_ai->ai_family; + } + } +@@ -398,13 +398,13 @@ int OS_Connect(char *_port, unsigned int protocol, const char *_ip) + continue; + } + +- if (agt) { +- if (agt->lip) { ++ if (os_net_agt) { ++ if (os_net_agt->lip) { + if (bind(ossock, local_ai->ai_addr, local_ai->ai_addrlen)) { + verbose("Unable to bind to local address %s. Ignoring. (%s)", +- agt->lip, strerror(errno)); ++ os_net_agt->lip, strerror(errno)); + } +- else verbose("Connecting from local address %s", agt->lip); ++ else verbose("Connecting from local address %s", os_net_agt->lip); + } + } + +diff --git a/src/os_net/os_net.h b/src/os_net/os_net.h +index 9b7250928..3aaf00429 100644 +--- a/src/os_net/os_net.h ++++ b/src/os_net/os_net.h +@@ -13,7 +13,7 @@ + + #include "headers/shared.h" + #include "config/client-config.h" +-extern agent *agt; ++extern agent *os_net_agt; + #ifdef WIN32 + #ifndef AI_ADDRCONFIG + #define AI_ADDRCONFIG 0x0400 + +From 940198e914db65a7133784d25964aa0e11354233 Mon Sep 17 00:00:00 2001 +From: ddpbsd <ddpbsd@gmail.com> +Date: Sat, 2 May 2020 14:08:33 -0400 +Subject: [PATCH 2/5] extern agt + +--- + src/win32/win_agent.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/win32/win_agent.c b/src/win32/win_agent.c +index 40a37e621..a2ec784f2 100644 +--- a/src/win32/win_agent.c ++++ b/src/win32/win_agent.c +@@ -124,6 +124,7 @@ int local_start() + WSADATA wsaData; + DWORD threadID; + DWORD threadID2; ++ extern agent *agt; + + /* Start agent */ + agt = (agent *)calloc(1, sizeof(agent)); +@@ -271,6 +272,7 @@ int SendMSG(__attribute__((unused)) int queue, const char *message, const char * + char tmpstr[OS_MAXSTR + 2]; + char crypt_msg[OS_MAXSTR + 2]; + DWORD dwWaitResult; ++ extern agent *agt; + + tmpstr[OS_MAXSTR + 1] = '\0'; + crypt_msg[OS_MAXSTR + 1] = '\0'; +@@ -468,6 +470,8 @@ void send_win32_info(time_t curr_time) + tmp_msg[OS_MAXSTR + 1] = '\0'; + crypt_msg[OS_MAXSTR + 1] = '\0'; + ++ extern agent *agt; ++ + debug1("%s: DEBUG: Sending keep alive message.", ARGV0); + + /* Fix time */ + +From f8405753edbf1fd478ba75e6f7c770e63fa1e126 Mon Sep 17 00:00:00 2001 +From: ddpbsd <ddpbsd@gmail.com> +Date: Mon, 25 May 2020 12:23:16 -0400 +Subject: [PATCH 3/5] Shuffle around variable declarations to make -fno-common + happy. + +--- + src/analysisd/analysisd.c | 1 + + src/analysisd/syscheck-sqlite.h | 2 +- + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/analysisd/analysisd.c b/src/analysisd/analysisd.c +index a220f4421..2e89b7967 100644 +--- a/src/analysisd/analysisd.c ++++ b/src/analysisd/analysisd.c +@@ -43,6 +43,7 @@ + + #ifdef SQLITE_ENABLED + #include "syscheck-sqlite.h" ++sqlite3 *conn; + #endif + + /** Prototypes **/ +diff --git a/src/analysisd/syscheck-sqlite.h b/src/analysisd/syscheck-sqlite.h +index 526cab26e..3a68ca816 100644 +--- a/src/analysisd/syscheck-sqlite.h ++++ b/src/analysisd/syscheck-sqlite.h +@@ -1,5 +1,5 @@ + #ifdef SQLITE_ENABLED + #include <sqlite3.h> + +-sqlite3 *conn; ++//sqlite3 *conn; + #endif + +From 1d54a2cca3241bd80781a615e4f6f97ce2c1569e Mon Sep 17 00:00:00 2001 +From: ddpbsd <ddpbsd@gmail.com> +Date: Mon, 25 May 2020 12:24:47 -0400 +Subject: [PATCH 4/5] garbage collect syscheck-sqlite.h since it's blank now. + +--- + src/analysisd/analysisd.c | 1 - + src/analysisd/decoders/syscheck.c | 4 ---- + src/analysisd/syscheck-sqlite.h | 5 ----- + 3 files changed, 10 deletions(-) + delete mode 100644 src/analysisd/syscheck-sqlite.h + +diff --git a/src/analysisd/analysisd.c b/src/analysisd/analysisd.c +index 2e89b7967..db762a90d 100644 +--- a/src/analysisd/analysisd.c ++++ b/src/analysisd/analysisd.c +@@ -42,7 +42,6 @@ + #endif + + #ifdef SQLITE_ENABLED +-#include "syscheck-sqlite.h" + sqlite3 *conn; + #endif + +diff --git a/src/analysisd/decoders/syscheck.c b/src/analysisd/decoders/syscheck.c +index a6d675892..7c6745166 100644 +--- a/src/analysisd/decoders/syscheck.c ++++ b/src/analysisd/decoders/syscheck.c +@@ -15,10 +15,6 @@ + #include "alerts/alerts.h" + #include "decoder.h" + +-#ifdef SQLITE_ENABLED +-#include "syscheck-sqlite.h" +-#endif +- + typedef struct __sdb { + char buf[OS_MAXSTR + 1]; + char comment[OS_MAXSTR + 1]; +diff --git a/src/analysisd/syscheck-sqlite.h b/src/analysisd/syscheck-sqlite.h +deleted file mode 100644 +index 3a68ca816..000000000 +--- a/src/analysisd/syscheck-sqlite.h ++++ /dev/null +@@ -1,5 +0,0 @@ +-#ifdef SQLITE_ENABLED +-#include <sqlite3.h> +- +-//sqlite3 *conn; +-#endif + +From 5d6f21e31dab30e34f1713f6cfe1b2e0108f77f5 Mon Sep 17 00:00:00 2001 +From: ddpbsd <ddpbsd@gmail.com> +Date: Mon, 25 May 2020 14:38:08 -0400 +Subject: [PATCH 5/5] Shuffle around sqlite and geoip variables to make + -fno-common happy + +--- + src/analysisd/analysisd.c | 5 +++++ + src/analysisd/config.h | 3 +++ + src/analysisd/decoders/geoip.c | 1 + + src/analysisd/decoders/syscheck.c | 4 ++++ + src/analysisd/makelists.c | 4 ++++ + src/analysisd/testrule.c | 1 + + 6 files changed, 18 insertions(+) + +diff --git a/src/analysisd/analysisd.c b/src/analysisd/analysisd.c +index db762a90d..0a81971de 100644 +--- a/src/analysisd/analysisd.c ++++ b/src/analysisd/analysisd.c +@@ -42,9 +42,14 @@ + #endif + + #ifdef SQLITE_ENABLED ++#include <sqlite3.h> + sqlite3 *conn; + #endif + ++#ifdef LIBGEOIP_ENABLED ++GeoIP *geoipdb; ++#endif ++ + /** Prototypes **/ + void OS_ReadMSG(int m_queue); + RuleInfo *OS_CheckIfRuleMatch(Eventinfo *lf, RuleNode *curr_node); +diff --git a/src/analysisd/config.h b/src/analysisd/config.h +index 8d74c756e..976d1942e 100644 +--- a/src/analysisd/config.h ++++ b/src/analysisd/config.h +@@ -12,6 +12,7 @@ + + #include "config/config.h" + #include "config/global-config.h" ++ + #ifdef LIBGEOIP_ENABLED + #include "GeoIP.h" + #endif +@@ -20,9 +21,11 @@ + extern long int __crt_ftell; /* Global ftell pointer */ + extern _Config Config; /* Global Config structure */ + ++/* + #ifdef LIBGEOIP_ENABLED + GeoIP *geoipdb; + #endif ++*/ + + int GlobalConf(const char *cfgfile); + +diff --git a/src/analysisd/decoders/geoip.c b/src/analysisd/decoders/geoip.c +index 464e4bb71..9816b4c81 100644 +--- a/src/analysisd/decoders/geoip.c ++++ b/src/analysisd/decoders/geoip.c +@@ -30,6 +30,7 @@ char *GetGeoInfobyIP(char *ip_addr) + GeoIPRecord *geoiprecord; + char *geodata = NULL; + char geobuffer[256 +1]; ++ extern GeoIP *geoipdb; + + if(!geoipdb) + { +diff --git a/src/analysisd/decoders/syscheck.c b/src/analysisd/decoders/syscheck.c +index 7c6745166..30339a00d 100644 +--- a/src/analysisd/decoders/syscheck.c ++++ b/src/analysisd/decoders/syscheck.c +@@ -15,6 +15,10 @@ + #include "alerts/alerts.h" + #include "decoder.h" + ++#ifdef SQLITE_ENABLED ++#include <sqlite3.h> ++#endif ++ + typedef struct __sdb { + char buf[OS_MAXSTR + 1]; + char comment[OS_MAXSTR + 1]; +diff --git a/src/analysisd/makelists.c b/src/analysisd/makelists.c +index 06c90db70..dfbe6a4a3 100644 +--- a/src/analysisd/makelists.c ++++ b/src/analysisd/makelists.c +@@ -32,6 +32,10 @@ time_t c_time; + char __shost[512]; + OSDecoderInfo *NULL_Decoder; + ++#ifdef LIBGEOIP_ENABLED ++GeoIP *geoipdb; ++#endif ++ + /* print help statement */ + __attribute__((noreturn)) + static void help_makelists(void) +diff --git a/src/analysisd/testrule.c b/src/analysisd/testrule.c +index c08fb4885..b1aa928f7 100644 +--- a/src/analysisd/testrule.c ++++ b/src/analysisd/testrule.c +@@ -83,6 +83,7 @@ int main(int argc, char **argv) + memset(prev_month, '\0', 4); + + #ifdef LIBGEOIP_ENABLED ++ extern GeoIP *geoipdb; + geoipdb = NULL; + #endif + \ No newline at end of file diff --git a/testing/ossec-hids-local/APKBUILD b/testing/ossec-hids-local/APKBUILD index 1a18f7a3be6d..06aab4d4611f 100644 --- a/testing/ossec-hids-local/APKBUILD +++ b/testing/ossec-hids-local/APKBUILD @@ -3,7 +3,7 @@ pkgname=ossec-hids-local _target=${pkgname/ossec-hids-/} pkgver=3.6.0 -pkgrel=0 +pkgrel=1 pkgdesc="Open Source Host-based Intrusion Detection System" url="https://www.ossec.net/" arch="all !aarch64 !armhf !armv7 !s390x" @@ -17,10 +17,12 @@ subpackages="$pkgname-doc" pkgusers="ossec ossecm ossecr" pkggroups="ossec" source="$pkgname-$pkgver.tar.gz::https://github.com/ossec/ossec-hids/archive/$pkgver.tar.gz + 745384649f89a67a42894e66cdc8c2e23773b358.patch $pkgname.logrotate musl_lack_of_a_out_h.patch makefile.patch config" + builddir="$srcdir"/ossec-hids-$pkgver prepare() { @@ -82,6 +84,7 @@ doc() { } sha512sums="1f5e897de757df264dfb56def74b7d8f886b6b9d772b5b3d0197c9cd00a32fd7fd8a7b53566851fea3cd74d433b5594cbd074e50b7dbe36305fb3c243e8ddcf5 ossec-hids-local-3.6.0.tar.gz +bc8a02b8ff395903d2782c95448672688b5b965cfe47cd7cc70b51cd18601fa85dab5cac8ab77d8ea060d83dfb5159a03040ec91b4ee8aa6e56d20e5a6238633 745384649f89a67a42894e66cdc8c2e23773b358.patch 6cdf4852feabfdd043405e2570bb9a3013eb11c1865e9178fb67a019717d44fb0fedba05ab74c4334a1bae0a0c45912213dd7d6c7e1eab31853d40beea7596a0 ossec-hids-local.logrotate 4e076581cc3977c527f30da6c43552db18bc35ea7b745c1504f4d15ebfbcef42c9604804af28fc90744a85f847a0f0c5bf991476cae71e3d860adb7cfa33a63b musl_lack_of_a_out_h.patch 27ccd8197541693c6cfa85e1598b40a5bd2dbd1dec2b7bd057211b45fd0c14c42c2ddd01d9ac57491eda93bb318961642d3adce55b395351d530609250ca003f makefile.patch -- GitLab From 88f2968a287ac82b38c19ccbb757680d46b7ba19 Mon Sep 17 00:00:00 2001 From: Noel Kuntze <noel.kuntze@thermi.consulting> Date: Sun, 14 Feb 2021 23:11:55 +0100 Subject: [PATCH 04/12] testing/ossec-hids-local: summarize declared exports in _make_args --- testing/ossec-hids-local/APKBUILD | 25 ++++++++----------------- 1 file changed, 8 insertions(+), 17 deletions(-) diff --git a/testing/ossec-hids-local/APKBUILD b/testing/ossec-hids-local/APKBUILD index 06aab4d4611f..bb5b01b83bdf 100644 --- a/testing/ossec-hids-local/APKBUILD +++ b/testing/ossec-hids-local/APKBUILD @@ -26,31 +26,22 @@ source="$pkgname-$pkgver.tar.gz::https://github.com/ossec/ossec-hids/archive/$pk builddir="$srcdir"/ossec-hids-$pkgver prepare() { - default_prepare - export CFLAGS="$CFLAGS -fcommon" - export V=1 - export USER_INSTALL_TYPE=$_target - export USER_NO_STOP=yes - export USER_DIR=/var/ossec - export USER_BINARYINSTALL=x - export USE_GEOIP=yes - export USE_ZEROMQ=yes - export LUA_ENABLE=yes - export USE_SQLITE=yes - export DATABASE=sqlite - export USE_INOTIFY=yes - export PCRE2_SYSTEM=yes + default_prepare + export _make_args="V=1 USER_INSTALL_TYPE=$_target USER_NO_STOP=yes \ + USER_DIR=/var/ossec USER_BINARYINSTALL=x USE_GEOIP=yes \ + USE_ZEROMQ=yes LUA_ENABLE=yes USE_SQLITE=yes DATABASE=sqlite \ + USE_INOTIFY=yes PCRE2_SYSTEM=yes" } build() { cd "$builddir"/src make clean - make TARGET=$_target PREFIX=/var/ossec + make TARGET=$_target PREFIX=/var/ossec $_make_args } check() { cd "$builddir"/src - make test PREFIX=/var/ossec + make test PREFIX=/var/ossec $_make_args } package() { @@ -72,7 +63,7 @@ EOF find "$pkgdir" -user daemon -exec chown 526 '{}' ';' find "$pkgdir" -group nobody -exec chgrp 525 '{}' ';' - make TARGET="$_target" PREFIX="$pkgdir"/var/ossec install + make install TARGET="$_target" PREFIX="$pkgdir"/var/ossec $_make_args } doc() { -- GitLab From 37281c34b81d32ec098c6ed400126d8786b8bcd8 Mon Sep 17 00:00:00 2001 From: Noel Kuntze <noel.kuntze@thermi.consulting> Date: Sun, 14 Feb 2021 23:12:24 +0100 Subject: [PATCH 05/12] testing/ossec-hids-server: patch to build with gcc-9 and gcc-10 --- ...84649f89a67a42894e66cdc8c2e23773b358.patch | 534 ++++++++++++++++++ testing/ossec-hids-server/APKBUILD | 4 +- 2 files changed, 537 insertions(+), 1 deletion(-) create mode 100644 testing/ossec-hids-server/745384649f89a67a42894e66cdc8c2e23773b358.patch diff --git a/testing/ossec-hids-server/745384649f89a67a42894e66cdc8c2e23773b358.patch b/testing/ossec-hids-server/745384649f89a67a42894e66cdc8c2e23773b358.patch new file mode 100644 index 000000000000..109873a721e7 --- /dev/null +++ b/testing/ossec-hids-server/745384649f89a67a42894e66cdc8c2e23773b358.patch @@ -0,0 +1,534 @@ +From 745384649f89a67a42894e66cdc8c2e23773b358 Mon Sep 17 00:00:00 2001 +From: ddpbsd <ddpbsd@gmail.com> +Date: Sat, 2 May 2020 12:54:36 -0400 +Subject: [PATCH 1/5] Cleanup some variables. + +In issue #1871 @rseichter brings up that gcc 10 switches to '-fno-common' +by default. This killed builds of the agent. Switch agt to os_net_agt in os_net. +Shuffle around the variable in client-agent (I think gcc had issues with agt +being declared in agentd.h which gets included everywhere). +Shuffle around willchroot in manage_agents. +--- + src/addagent/main.c | 1 + + src/addagent/manage_agents.c | 2 ++ + src/addagent/manage_agents.h | 2 +- + src/addagent/manage_keys.c | 2 ++ + src/client-agent/agentd.c | 2 ++ + src/client-agent/agentd.h | 4 ++-- + src/client-agent/event-forward.c | 3 +++ + src/client-agent/main.c | 5 ++++- + src/client-agent/notify.c | 2 ++ + src/client-agent/receiver-win.c | 1 + + src/client-agent/receiver.c | 2 ++ + src/client-agent/sendmsg.c | 3 +++ + src/client-agent/start_agent.c | 7 +++++++ + src/os_net/os_net.c | 20 ++++++++++---------- + src/os_net/os_net.h | 2 +- + 15 files changed, 43 insertions(+), 15 deletions(-) + +diff --git a/src/addagent/main.c b/src/addagent/main.c +index 587a8a3d8..ab12f0326 100644 +--- a/src/addagent/main.c ++++ b/src/addagent/main.c +@@ -17,6 +17,7 @@ static void print_banner(void); + static void manage_shutdown(int sig) __attribute__((noreturn)); + #endif + ++int willchroot; + + #if defined(__MINGW32__) + static int setenv(const char *name, const char *val, __attribute__((unused)) int overwrite) +diff --git a/src/addagent/manage_agents.c b/src/addagent/manage_agents.c +index ac39c1e66..4f9c266ff 100644 +--- a/src/addagent/manage_agents.c ++++ b/src/addagent/manage_agents.c +@@ -85,6 +85,8 @@ int add_agent(int json_output) + + char authfile[257]; + ++ extern int willchroot; ++ + if(willchroot > 0) { + snprintf(authfile, 256, "%s", AUTH_FILE); //XXX + } else { +diff --git a/src/addagent/manage_agents.h b/src/addagent/manage_agents.h +index 4812dba43..f2962e80b 100644 +--- a/src/addagent/manage_agents.h ++++ b/src/addagent/manage_agents.h +@@ -147,4 +147,4 @@ extern fpos_t fp_pos; + #define GMF_UNKN_ERROR ARGV0 ": Could not run GetModuleFileName which returned (%ld).\n" + + +-int willchroot; ++//int willchroot; +diff --git a/src/addagent/manage_keys.c b/src/addagent/manage_keys.c +index 146b48326..ffb9a1f21 100644 +--- a/src/addagent/manage_keys.c ++++ b/src/addagent/manage_keys.c +@@ -336,6 +336,8 @@ int k_bulkload(const char *cmdbulk) + char delims[] = ","; + char *token = NULL; + ++ extern int willchroot; ++ + /* Check if we can open the input file */ + printf("Opening: [%s]\n", cmdbulk); + infp = fopen(cmdbulk, "r"); +diff --git a/src/client-agent/agentd.c b/src/client-agent/agentd.c +index c09cf87d3..67828e79c 100644 +--- a/src/client-agent/agentd.c ++++ b/src/client-agent/agentd.c +@@ -23,6 +23,8 @@ void AgentdStart(const char *dir, int uid, int gid, const char *user, const char + fd_set fdset; + struct timeval fdtimeout; + ++ extern agent *agt; ++ + available_server = 0; + + /* Initial random numbers must happen before chroot */ +diff --git a/src/client-agent/agentd.h b/src/client-agent/agentd.h +index 0246a5457..a362ff9a3 100644 +--- a/src/client-agent/agentd.h ++++ b/src/client-agent/agentd.h +@@ -81,9 +81,9 @@ void os_agent_cb(int fd, short ev, void *arg); + extern time_t available_server; + extern int run_foreground; + extern keystore keys; +-extern agent *agt; ++//extern agent *agt; + #ifndef WIN32 +-struct imsgbuf server_ibuf; ++//struct imsgbuf server_ibuf; + #endif //WIN32 + + #endif /* __AGENTD_H */ +diff --git a/src/client-agent/event-forward.c b/src/client-agent/event-forward.c +index 2e81f0c90..22ed0beb9 100644 +--- a/src/client-agent/event-forward.c ++++ b/src/client-agent/event-forward.c +@@ -19,6 +19,9 @@ + /* Receive a message locally on the agent and forward it to the manager */ + void *EventForward(void) + { ++ ++ extern agent *agt; ++ + ssize_t recv_b; + char msg[OS_MAXSTR + 1]; + +diff --git a/src/client-agent/main.c b/src/client-agent/main.c +index 5f85cfb73..01c18970c 100644 +--- a/src/client-agent/main.c ++++ b/src/client-agent/main.c +@@ -16,7 +16,8 @@ + #define ARGV0 "ossec-agentd" + #endif + +-extern struct imsgbuf server_ibuf; ++//extern struct imsgbuf server_ibuf; ++struct imsgbuf server_ibuf; + + + /* Prototypes */ +@@ -112,6 +113,8 @@ int main(int argc, char **argv) + + debug1(STARTED_MSG, ARGV0); + ++ extern agent *agt; ++ + agt = (agent *)calloc(1, sizeof(agent)); + if (!agt) { + ErrorExit(MEM_ERROR, ARGV0, errno, strerror(errno)); +diff --git a/src/client-agent/notify.c b/src/client-agent/notify.c +index 1b239f26c..93fec325c 100644 +--- a/src/client-agent/notify.c ++++ b/src/client-agent/notify.c +@@ -68,6 +68,8 @@ void run_notify() + os_md5 md5sum; + time_t curr_time; + ++ extern agent *agt; ++ + keep_alive_random[0] = '\0'; + curr_time = time(0); + +diff --git a/src/client-agent/receiver-win.c b/src/client-agent/receiver-win.c +index 859bdf7f9..4ab62ee77 100644 +--- a/src/client-agent/receiver-win.c ++++ b/src/client-agent/receiver-win.c +@@ -19,6 +19,7 @@ + /* Receive events from the server */ + void *receiver_thread(__attribute__((unused)) void *none) + { ++ extern agent *agt; + int recv_b; + + char file[OS_SIZE_1024 + 1]; +diff --git a/src/client-agent/receiver.c b/src/client-agent/receiver.c +index fde64c282..5286e60dc 100644 +--- a/src/client-agent/receiver.c ++++ b/src/client-agent/receiver.c +@@ -29,6 +29,8 @@ void *receive_msg() + char cleartext[OS_MAXSTR + 1]; + char *tmp_msg; + ++ extern agent *agt; ++ + memset(cleartext, '\0', OS_MAXSTR + 1); + memset(buffer, '\0', OS_MAXSTR + 1); + +diff --git a/src/client-agent/sendmsg.c b/src/client-agent/sendmsg.c +index 454c2e714..3076dfcf9 100644 +--- a/src/client-agent/sendmsg.c ++++ b/src/client-agent/sendmsg.c +@@ -15,6 +15,9 @@ + /* Send a message to the server */ + int send_msg(int agentid, const char *msg) + { ++ ++ extern agent *agt; ++ + size_t msg_size; + char crypt_msg[OS_MAXSTR + 1]; + +diff --git a/src/client-agent/start_agent.c b/src/client-agent/start_agent.c +index 51670cee5..f1df43715 100644 +--- a/src/client-agent/start_agent.c ++++ b/src/client-agent/start_agent.c +@@ -24,6 +24,9 @@ int connect_server(int initial_id) + #ifdef WIN32 + unsigned int attempts = 2; + #endif //WIN32 ++ ++ extern agent *agt; ++ + int rc = initial_id; + + /* Checking if the initial is zero, meaning we have to +@@ -139,6 +142,8 @@ void start_agent(int is_startup) + char cleartext[OS_MAXSTR + 1]; + char fmsg[OS_MAXSTR + 1]; + ++ extern agent *agt; ++ + memset(msg, '\0', OS_MAXSTR + 2); + memset(buffer, '\0', OS_MAXSTR + 1); + memset(cleartext, '\0', OS_MAXSTR + 1); +@@ -241,6 +246,8 @@ void os_agent_cb(int fd, short ev, void *arg) { + struct imsg imsg; + struct imsgbuf *ibuf = (struct imsgbuf *)arg; + ++ extern agent *agt; ++ + if (ev & EV_READ) { + if ((n = imsg_read(ibuf) == -1 && errno != EAGAIN)) { + ErrorExit("%s: ERROR: imsg_read() failed: %s", ARGV0, strerror(errno)); +diff --git a/src/os_net/os_net.c b/src/os_net/os_net.c +index f18e3be77..756e9fac8 100644 +--- a/src/os_net/os_net.c ++++ b/src/os_net/os_net.c +@@ -14,7 +14,7 @@ + #include <errno.h> + #include "shared.h" + #include "os_net.h" +-agent *agt; ++agent *os_net_agt; + + /* Prototypes */ + static OSNetInfo *OS_Bindport(char *_port, unsigned int _proto, const char *_ip); +@@ -346,11 +346,11 @@ int OS_Connect(char *_port, unsigned int protocol, const char *_ip) + return(OS_INVALID); + } + +- if (agt) { +- if (agt->lip) { ++ if (os_net_agt) { ++ if (os_net_agt->lip) { + memset(&hints, 0, sizeof(struct addrinfo)); + hints.ai_flags = AI_NUMERICHOST; +- s = getaddrinfo(agt->lip, NULL, &hints, &result); ++ s = getaddrinfo(os_net_agt->lip, NULL, &hints, &result); + if (s != 0) { + verbose("getaddrinfo: %s", gai_strerror(s)); + } +@@ -363,8 +363,8 @@ int OS_Connect(char *_port, unsigned int protocol, const char *_ip) + memset(&hints, 0, sizeof(struct addrinfo)); + /* Allow IPv4 or IPv6 if local_ip isn't specified */ + hints.ai_family = AF_UNSPEC; +- if (agt) { +- if (agt->lip) { ++ if (os_net_agt) { ++ if (os_net_agt->lip) { + hints.ai_family = local_ai->ai_family; + } + } +@@ -398,13 +398,13 @@ int OS_Connect(char *_port, unsigned int protocol, const char *_ip) + continue; + } + +- if (agt) { +- if (agt->lip) { ++ if (os_net_agt) { ++ if (os_net_agt->lip) { + if (bind(ossock, local_ai->ai_addr, local_ai->ai_addrlen)) { + verbose("Unable to bind to local address %s. Ignoring. (%s)", +- agt->lip, strerror(errno)); ++ os_net_agt->lip, strerror(errno)); + } +- else verbose("Connecting from local address %s", agt->lip); ++ else verbose("Connecting from local address %s", os_net_agt->lip); + } + } + +diff --git a/src/os_net/os_net.h b/src/os_net/os_net.h +index 9b7250928..3aaf00429 100644 +--- a/src/os_net/os_net.h ++++ b/src/os_net/os_net.h +@@ -13,7 +13,7 @@ + + #include "headers/shared.h" + #include "config/client-config.h" +-extern agent *agt; ++extern agent *os_net_agt; + #ifdef WIN32 + #ifndef AI_ADDRCONFIG + #define AI_ADDRCONFIG 0x0400 + +From 940198e914db65a7133784d25964aa0e11354233 Mon Sep 17 00:00:00 2001 +From: ddpbsd <ddpbsd@gmail.com> +Date: Sat, 2 May 2020 14:08:33 -0400 +Subject: [PATCH 2/5] extern agt + +--- + src/win32/win_agent.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/win32/win_agent.c b/src/win32/win_agent.c +index 40a37e621..a2ec784f2 100644 +--- a/src/win32/win_agent.c ++++ b/src/win32/win_agent.c +@@ -124,6 +124,7 @@ int local_start() + WSADATA wsaData; + DWORD threadID; + DWORD threadID2; ++ extern agent *agt; + + /* Start agent */ + agt = (agent *)calloc(1, sizeof(agent)); +@@ -271,6 +272,7 @@ int SendMSG(__attribute__((unused)) int queue, const char *message, const char * + char tmpstr[OS_MAXSTR + 2]; + char crypt_msg[OS_MAXSTR + 2]; + DWORD dwWaitResult; ++ extern agent *agt; + + tmpstr[OS_MAXSTR + 1] = '\0'; + crypt_msg[OS_MAXSTR + 1] = '\0'; +@@ -468,6 +470,8 @@ void send_win32_info(time_t curr_time) + tmp_msg[OS_MAXSTR + 1] = '\0'; + crypt_msg[OS_MAXSTR + 1] = '\0'; + ++ extern agent *agt; ++ + debug1("%s: DEBUG: Sending keep alive message.", ARGV0); + + /* Fix time */ + +From f8405753edbf1fd478ba75e6f7c770e63fa1e126 Mon Sep 17 00:00:00 2001 +From: ddpbsd <ddpbsd@gmail.com> +Date: Mon, 25 May 2020 12:23:16 -0400 +Subject: [PATCH 3/5] Shuffle around variable declarations to make -fno-common + happy. + +--- + src/analysisd/analysisd.c | 1 + + src/analysisd/syscheck-sqlite.h | 2 +- + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/analysisd/analysisd.c b/src/analysisd/analysisd.c +index a220f4421..2e89b7967 100644 +--- a/src/analysisd/analysisd.c ++++ b/src/analysisd/analysisd.c +@@ -43,6 +43,7 @@ + + #ifdef SQLITE_ENABLED + #include "syscheck-sqlite.h" ++sqlite3 *conn; + #endif + + /** Prototypes **/ +diff --git a/src/analysisd/syscheck-sqlite.h b/src/analysisd/syscheck-sqlite.h +index 526cab26e..3a68ca816 100644 +--- a/src/analysisd/syscheck-sqlite.h ++++ b/src/analysisd/syscheck-sqlite.h +@@ -1,5 +1,5 @@ + #ifdef SQLITE_ENABLED + #include <sqlite3.h> + +-sqlite3 *conn; ++//sqlite3 *conn; + #endif + +From 1d54a2cca3241bd80781a615e4f6f97ce2c1569e Mon Sep 17 00:00:00 2001 +From: ddpbsd <ddpbsd@gmail.com> +Date: Mon, 25 May 2020 12:24:47 -0400 +Subject: [PATCH 4/5] garbage collect syscheck-sqlite.h since it's blank now. + +--- + src/analysisd/analysisd.c | 1 - + src/analysisd/decoders/syscheck.c | 4 ---- + src/analysisd/syscheck-sqlite.h | 5 ----- + 3 files changed, 10 deletions(-) + delete mode 100644 src/analysisd/syscheck-sqlite.h + +diff --git a/src/analysisd/analysisd.c b/src/analysisd/analysisd.c +index 2e89b7967..db762a90d 100644 +--- a/src/analysisd/analysisd.c ++++ b/src/analysisd/analysisd.c +@@ -42,7 +42,6 @@ + #endif + + #ifdef SQLITE_ENABLED +-#include "syscheck-sqlite.h" + sqlite3 *conn; + #endif + +diff --git a/src/analysisd/decoders/syscheck.c b/src/analysisd/decoders/syscheck.c +index a6d675892..7c6745166 100644 +--- a/src/analysisd/decoders/syscheck.c ++++ b/src/analysisd/decoders/syscheck.c +@@ -15,10 +15,6 @@ + #include "alerts/alerts.h" + #include "decoder.h" + +-#ifdef SQLITE_ENABLED +-#include "syscheck-sqlite.h" +-#endif +- + typedef struct __sdb { + char buf[OS_MAXSTR + 1]; + char comment[OS_MAXSTR + 1]; +diff --git a/src/analysisd/syscheck-sqlite.h b/src/analysisd/syscheck-sqlite.h +deleted file mode 100644 +index 3a68ca816..000000000 +--- a/src/analysisd/syscheck-sqlite.h ++++ /dev/null +@@ -1,5 +0,0 @@ +-#ifdef SQLITE_ENABLED +-#include <sqlite3.h> +- +-//sqlite3 *conn; +-#endif + +From 5d6f21e31dab30e34f1713f6cfe1b2e0108f77f5 Mon Sep 17 00:00:00 2001 +From: ddpbsd <ddpbsd@gmail.com> +Date: Mon, 25 May 2020 14:38:08 -0400 +Subject: [PATCH 5/5] Shuffle around sqlite and geoip variables to make + -fno-common happy + +--- + src/analysisd/analysisd.c | 5 +++++ + src/analysisd/config.h | 3 +++ + src/analysisd/decoders/geoip.c | 1 + + src/analysisd/decoders/syscheck.c | 4 ++++ + src/analysisd/makelists.c | 4 ++++ + src/analysisd/testrule.c | 1 + + 6 files changed, 18 insertions(+) + +diff --git a/src/analysisd/analysisd.c b/src/analysisd/analysisd.c +index db762a90d..0a81971de 100644 +--- a/src/analysisd/analysisd.c ++++ b/src/analysisd/analysisd.c +@@ -42,9 +42,14 @@ + #endif + + #ifdef SQLITE_ENABLED ++#include <sqlite3.h> + sqlite3 *conn; + #endif + ++#ifdef LIBGEOIP_ENABLED ++GeoIP *geoipdb; ++#endif ++ + /** Prototypes **/ + void OS_ReadMSG(int m_queue); + RuleInfo *OS_CheckIfRuleMatch(Eventinfo *lf, RuleNode *curr_node); +diff --git a/src/analysisd/config.h b/src/analysisd/config.h +index 8d74c756e..976d1942e 100644 +--- a/src/analysisd/config.h ++++ b/src/analysisd/config.h +@@ -12,6 +12,7 @@ + + #include "config/config.h" + #include "config/global-config.h" ++ + #ifdef LIBGEOIP_ENABLED + #include "GeoIP.h" + #endif +@@ -20,9 +21,11 @@ + extern long int __crt_ftell; /* Global ftell pointer */ + extern _Config Config; /* Global Config structure */ + ++/* + #ifdef LIBGEOIP_ENABLED + GeoIP *geoipdb; + #endif ++*/ + + int GlobalConf(const char *cfgfile); + +diff --git a/src/analysisd/decoders/geoip.c b/src/analysisd/decoders/geoip.c +index 464e4bb71..9816b4c81 100644 +--- a/src/analysisd/decoders/geoip.c ++++ b/src/analysisd/decoders/geoip.c +@@ -30,6 +30,7 @@ char *GetGeoInfobyIP(char *ip_addr) + GeoIPRecord *geoiprecord; + char *geodata = NULL; + char geobuffer[256 +1]; ++ extern GeoIP *geoipdb; + + if(!geoipdb) + { +diff --git a/src/analysisd/decoders/syscheck.c b/src/analysisd/decoders/syscheck.c +index 7c6745166..30339a00d 100644 +--- a/src/analysisd/decoders/syscheck.c ++++ b/src/analysisd/decoders/syscheck.c +@@ -15,6 +15,10 @@ + #include "alerts/alerts.h" + #include "decoder.h" + ++#ifdef SQLITE_ENABLED ++#include <sqlite3.h> ++#endif ++ + typedef struct __sdb { + char buf[OS_MAXSTR + 1]; + char comment[OS_MAXSTR + 1]; +diff --git a/src/analysisd/makelists.c b/src/analysisd/makelists.c +index 06c90db70..dfbe6a4a3 100644 +--- a/src/analysisd/makelists.c ++++ b/src/analysisd/makelists.c +@@ -32,6 +32,10 @@ time_t c_time; + char __shost[512]; + OSDecoderInfo *NULL_Decoder; + ++#ifdef LIBGEOIP_ENABLED ++GeoIP *geoipdb; ++#endif ++ + /* print help statement */ + __attribute__((noreturn)) + static void help_makelists(void) +diff --git a/src/analysisd/testrule.c b/src/analysisd/testrule.c +index c08fb4885..b1aa928f7 100644 +--- a/src/analysisd/testrule.c ++++ b/src/analysisd/testrule.c +@@ -83,6 +83,7 @@ int main(int argc, char **argv) + memset(prev_month, '\0', 4); + + #ifdef LIBGEOIP_ENABLED ++ extern GeoIP *geoipdb; + geoipdb = NULL; + #endif + \ No newline at end of file diff --git a/testing/ossec-hids-server/APKBUILD b/testing/ossec-hids-server/APKBUILD index 616ed8e728fd..4e05daa4ead0 100644 --- a/testing/ossec-hids-server/APKBUILD +++ b/testing/ossec-hids-server/APKBUILD @@ -3,7 +3,7 @@ pkgname=ossec-hids-server _target=${pkgname/ossec-hids-/} pkgver=3.6.0 -pkgrel=0 +pkgrel=1 pkgdesc="Open Source Host-based Intrusion Detection System" url="https://www.ossec.net/" arch="all !aarch64 !armhf !armv7 !s390x" @@ -17,6 +17,7 @@ subpackages="$pkgname-doc" pkgusers="ossec ossecm ossecr" pkggroups="ossec" source="$pkgname-$pkgver.tar.gz::https://github.com/ossec/ossec-hids/archive/$pkgver.tar.gz + 745384649f89a67a42894e66cdc8c2e23773b358.patch $pkgname.logrotate musl_lack_of_a_out_h.patch makefile.patch @@ -82,6 +83,7 @@ doc() { } sha512sums="1f5e897de757df264dfb56def74b7d8f886b6b9d772b5b3d0197c9cd00a32fd7fd8a7b53566851fea3cd74d433b5594cbd074e50b7dbe36305fb3c243e8ddcf5 ossec-hids-server-3.6.0.tar.gz +bc8a02b8ff395903d2782c95448672688b5b965cfe47cd7cc70b51cd18601fa85dab5cac8ab77d8ea060d83dfb5159a03040ec91b4ee8aa6e56d20e5a6238633 745384649f89a67a42894e66cdc8c2e23773b358.patch 6cdf4852feabfdd043405e2570bb9a3013eb11c1865e9178fb67a019717d44fb0fedba05ab74c4334a1bae0a0c45912213dd7d6c7e1eab31853d40beea7596a0 ossec-hids-server.logrotate 4e076581cc3977c527f30da6c43552db18bc35ea7b745c1504f4d15ebfbcef42c9604804af28fc90744a85f847a0f0c5bf991476cae71e3d860adb7cfa33a63b musl_lack_of_a_out_h.patch 27ccd8197541693c6cfa85e1598b40a5bd2dbd1dec2b7bd057211b45fd0c14c42c2ddd01d9ac57491eda93bb318961642d3adce55b395351d530609250ca003f makefile.patch -- GitLab From cb073670365f33526eb90cf9c2a67aced670b9c1 Mon Sep 17 00:00:00 2001 From: Noel Kuntze <noel.kuntze@thermi.consulting> Date: Sun, 14 Feb 2021 23:14:01 +0100 Subject: [PATCH 06/12] testing/ossec-hids-server: summarize declared exports in _make_args --- testing/ossec-hids-server/APKBUILD | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/testing/ossec-hids-server/APKBUILD b/testing/ossec-hids-server/APKBUILD index 4e05daa4ead0..5ba7ddbe0171 100644 --- a/testing/ossec-hids-server/APKBUILD +++ b/testing/ossec-hids-server/APKBUILD @@ -44,12 +44,12 @@ prepare() { build() { cd "$builddir"/src make clean - make TARGET=$_target PREFIX=/var/ossec + make TARGET=$_target PREFIX=/var/ossec $_make_args } check() { cd "$builddir"/src - make test PREFIX=/var/ossec + make test PREFIX=/var/ossec $_make_args } package() { @@ -71,7 +71,7 @@ EOF find "$pkgdir" -user daemon -exec chown 526 '{}' ';' find "$pkgdir" -group nobody -exec chgrp 525 '{}' ';' - make TARGET="$_target" PREFIX="$pkgdir"/var/ossec install + make install TARGET="$_target" PREFIX="$pkgdir"/var/ossec $_make_args } doc() { @@ -79,7 +79,7 @@ doc() { pkgdesc="Documentation for $pkgname" mkdir -p "$subpkgdir"/usr/share/doc/$pkgname cp -a doc/* \ - "$subpkgdir"/usr/share/doc/$pkgname + "$subpkgdir"/usr/share/doc/$pkgname } sha512sums="1f5e897de757df264dfb56def74b7d8f886b6b9d772b5b3d0197c9cd00a32fd7fd8a7b53566851fea3cd74d433b5594cbd074e50b7dbe36305fb3c243e8ddcf5 ossec-hids-server-3.6.0.tar.gz -- GitLab From a0d0de5039bb4501719a0cd136c7a8cf026a4283 Mon Sep 17 00:00:00 2001 From: Noel Kuntze <noel.kuntze@thermi.consulting> Date: Sun, 14 Feb 2021 23:19:26 +0100 Subject: [PATCH 07/12] testing/ossec-hids-agent: Add missing checksum --- testing/ossec-hids-agent/APKBUILD | 1 + 1 file changed, 1 insertion(+) diff --git a/testing/ossec-hids-agent/APKBUILD b/testing/ossec-hids-agent/APKBUILD index c3a6925ff350..f20beb853b5e 100644 --- a/testing/ossec-hids-agent/APKBUILD +++ b/testing/ossec-hids-agent/APKBUILD @@ -76,6 +76,7 @@ doc() { } sha512sums="1f5e897de757df264dfb56def74b7d8f886b6b9d772b5b3d0197c9cd00a32fd7fd8a7b53566851fea3cd74d433b5594cbd074e50b7dbe36305fb3c243e8ddcf5 ossec-hids-agent-3.6.0.tar.gz +bc8a02b8ff395903d2782c95448672688b5b965cfe47cd7cc70b51cd18601fa85dab5cac8ab77d8ea060d83dfb5159a03040ec91b4ee8aa6e56d20e5a6238633 745384649f89a67a42894e66cdc8c2e23773b358.patch 6cdf4852feabfdd043405e2570bb9a3013eb11c1865e9178fb67a019717d44fb0fedba05ab74c4334a1bae0a0c45912213dd7d6c7e1eab31853d40beea7596a0 ossec-hids-agent.logrotate 4e076581cc3977c527f30da6c43552db18bc35ea7b745c1504f4d15ebfbcef42c9604804af28fc90744a85f847a0f0c5bf991476cae71e3d860adb7cfa33a63b musl_lack_of_a_out_h.patch 27ccd8197541693c6cfa85e1598b40a5bd2dbd1dec2b7bd057211b45fd0c14c42c2ddd01d9ac57491eda93bb318961642d3adce55b395351d530609250ca003f makefile.patch -- GitLab From 068a50db5e619c59b3242b543625e63708864e8d Mon Sep 17 00:00:00 2001 From: Noel Kuntze <noel.kuntze@thermi.consulting> Date: Mon, 15 Feb 2021 05:11:34 +0100 Subject: [PATCH 08/12] community/ossec-hids: move from testing --- {testing => community}/ossec-hids/APKBUILD | 0 {testing => community}/ossec-hids/ossec-hids.pre-install | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename {testing => community}/ossec-hids/APKBUILD (100%) rename {testing => community}/ossec-hids/ossec-hids.pre-install (100%) diff --git a/testing/ossec-hids/APKBUILD b/community/ossec-hids/APKBUILD similarity index 100% rename from testing/ossec-hids/APKBUILD rename to community/ossec-hids/APKBUILD diff --git a/testing/ossec-hids/ossec-hids.pre-install b/community/ossec-hids/ossec-hids.pre-install similarity index 100% rename from testing/ossec-hids/ossec-hids.pre-install rename to community/ossec-hids/ossec-hids.pre-install -- GitLab From 6deece810efe2e0afe30fa86f86311ebb5d06532 Mon Sep 17 00:00:00 2001 From: Noel Kuntze <noel.kuntze@thermi.consulting> Date: Mon, 15 Feb 2021 05:11:45 +0100 Subject: [PATCH 09/12] community/ossec-hids-local: move from testing --- .../745384649f89a67a42894e66cdc8c2e23773b358.patch | 0 {testing => community}/ossec-hids-local/APKBUILD | 0 {testing => community}/ossec-hids-local/config | 0 {testing => community}/ossec-hids-local/makefile.patch | 0 .../ossec-hids-local/musl_lack_of_a_out_h.patch | 0 .../ossec-hids-local/ossec-hids-local.logrotate | 0 6 files changed, 0 insertions(+), 0 deletions(-) rename {testing => community}/ossec-hids-local/745384649f89a67a42894e66cdc8c2e23773b358.patch (100%) rename {testing => community}/ossec-hids-local/APKBUILD (100%) rename {testing => community}/ossec-hids-local/config (100%) rename {testing => community}/ossec-hids-local/makefile.patch (100%) rename {testing => community}/ossec-hids-local/musl_lack_of_a_out_h.patch (100%) rename {testing => community}/ossec-hids-local/ossec-hids-local.logrotate (100%) diff --git a/testing/ossec-hids-local/745384649f89a67a42894e66cdc8c2e23773b358.patch b/community/ossec-hids-local/745384649f89a67a42894e66cdc8c2e23773b358.patch similarity index 100% rename from testing/ossec-hids-local/745384649f89a67a42894e66cdc8c2e23773b358.patch rename to community/ossec-hids-local/745384649f89a67a42894e66cdc8c2e23773b358.patch diff --git a/testing/ossec-hids-local/APKBUILD b/community/ossec-hids-local/APKBUILD similarity index 100% rename from testing/ossec-hids-local/APKBUILD rename to community/ossec-hids-local/APKBUILD diff --git a/testing/ossec-hids-local/config b/community/ossec-hids-local/config similarity index 100% rename from testing/ossec-hids-local/config rename to community/ossec-hids-local/config diff --git a/testing/ossec-hids-local/makefile.patch b/community/ossec-hids-local/makefile.patch similarity index 100% rename from testing/ossec-hids-local/makefile.patch rename to community/ossec-hids-local/makefile.patch diff --git a/testing/ossec-hids-local/musl_lack_of_a_out_h.patch b/community/ossec-hids-local/musl_lack_of_a_out_h.patch similarity index 100% rename from testing/ossec-hids-local/musl_lack_of_a_out_h.patch rename to community/ossec-hids-local/musl_lack_of_a_out_h.patch diff --git a/testing/ossec-hids-local/ossec-hids-local.logrotate b/community/ossec-hids-local/ossec-hids-local.logrotate similarity index 100% rename from testing/ossec-hids-local/ossec-hids-local.logrotate rename to community/ossec-hids-local/ossec-hids-local.logrotate -- GitLab From 1380927f1bbc97712910e583647e3361211192d9 Mon Sep 17 00:00:00 2001 From: Noel Kuntze <noel.kuntze@thermi.consulting> Date: Mon, 15 Feb 2021 05:11:57 +0100 Subject: [PATCH 10/12] community/ossec-hids-server: move from testing --- .../745384649f89a67a42894e66cdc8c2e23773b358.patch | 0 {testing => community}/ossec-hids-server/APKBUILD | 0 {testing => community}/ossec-hids-server/config | 0 {testing => community}/ossec-hids-server/makefile.patch | 0 .../ossec-hids-server/musl_lack_of_a_out_h.patch | 0 .../ossec-hids-server/ossec-hids-server.logrotate | 0 6 files changed, 0 insertions(+), 0 deletions(-) rename {testing => community}/ossec-hids-server/745384649f89a67a42894e66cdc8c2e23773b358.patch (100%) rename {testing => community}/ossec-hids-server/APKBUILD (100%) rename {testing => community}/ossec-hids-server/config (100%) rename {testing => community}/ossec-hids-server/makefile.patch (100%) rename {testing => community}/ossec-hids-server/musl_lack_of_a_out_h.patch (100%) rename {testing => community}/ossec-hids-server/ossec-hids-server.logrotate (100%) diff --git a/testing/ossec-hids-server/745384649f89a67a42894e66cdc8c2e23773b358.patch b/community/ossec-hids-server/745384649f89a67a42894e66cdc8c2e23773b358.patch similarity index 100% rename from testing/ossec-hids-server/745384649f89a67a42894e66cdc8c2e23773b358.patch rename to community/ossec-hids-server/745384649f89a67a42894e66cdc8c2e23773b358.patch diff --git a/testing/ossec-hids-server/APKBUILD b/community/ossec-hids-server/APKBUILD similarity index 100% rename from testing/ossec-hids-server/APKBUILD rename to community/ossec-hids-server/APKBUILD diff --git a/testing/ossec-hids-server/config b/community/ossec-hids-server/config similarity index 100% rename from testing/ossec-hids-server/config rename to community/ossec-hids-server/config diff --git a/testing/ossec-hids-server/makefile.patch b/community/ossec-hids-server/makefile.patch similarity index 100% rename from testing/ossec-hids-server/makefile.patch rename to community/ossec-hids-server/makefile.patch diff --git a/testing/ossec-hids-server/musl_lack_of_a_out_h.patch b/community/ossec-hids-server/musl_lack_of_a_out_h.patch similarity index 100% rename from testing/ossec-hids-server/musl_lack_of_a_out_h.patch rename to community/ossec-hids-server/musl_lack_of_a_out_h.patch diff --git a/testing/ossec-hids-server/ossec-hids-server.logrotate b/community/ossec-hids-server/ossec-hids-server.logrotate similarity index 100% rename from testing/ossec-hids-server/ossec-hids-server.logrotate rename to community/ossec-hids-server/ossec-hids-server.logrotate -- GitLab From afbcef21daf97dea8847011d778793cee717a8ea Mon Sep 17 00:00:00 2001 From: Noel Kuntze <noel.kuntze@thermi.consulting> Date: Mon, 15 Feb 2021 05:12:25 +0100 Subject: [PATCH 11/12] community/ossec-hids-agent: move from testing --- .../745384649f89a67a42894e66cdc8c2e23773b358.patch | 0 {testing => community}/ossec-hids-agent/APKBUILD | 0 {testing => community}/ossec-hids-agent/config | 0 {testing => community}/ossec-hids-agent/makefile.patch | 0 .../ossec-hids-agent/musl_lack_of_a_out_h.patch | 0 .../ossec-hids-agent/ossec-hids-agent.logrotate | 0 6 files changed, 0 insertions(+), 0 deletions(-) rename {testing => community}/ossec-hids-agent/745384649f89a67a42894e66cdc8c2e23773b358.patch (100%) rename {testing => community}/ossec-hids-agent/APKBUILD (100%) rename {testing => community}/ossec-hids-agent/config (100%) rename {testing => community}/ossec-hids-agent/makefile.patch (100%) rename {testing => community}/ossec-hids-agent/musl_lack_of_a_out_h.patch (100%) rename {testing => community}/ossec-hids-agent/ossec-hids-agent.logrotate (100%) diff --git a/testing/ossec-hids-agent/745384649f89a67a42894e66cdc8c2e23773b358.patch b/community/ossec-hids-agent/745384649f89a67a42894e66cdc8c2e23773b358.patch similarity index 100% rename from testing/ossec-hids-agent/745384649f89a67a42894e66cdc8c2e23773b358.patch rename to community/ossec-hids-agent/745384649f89a67a42894e66cdc8c2e23773b358.patch diff --git a/testing/ossec-hids-agent/APKBUILD b/community/ossec-hids-agent/APKBUILD similarity index 100% rename from testing/ossec-hids-agent/APKBUILD rename to community/ossec-hids-agent/APKBUILD diff --git a/testing/ossec-hids-agent/config b/community/ossec-hids-agent/config similarity index 100% rename from testing/ossec-hids-agent/config rename to community/ossec-hids-agent/config diff --git a/testing/ossec-hids-agent/makefile.patch b/community/ossec-hids-agent/makefile.patch similarity index 100% rename from testing/ossec-hids-agent/makefile.patch rename to community/ossec-hids-agent/makefile.patch diff --git a/testing/ossec-hids-agent/musl_lack_of_a_out_h.patch b/community/ossec-hids-agent/musl_lack_of_a_out_h.patch similarity index 100% rename from testing/ossec-hids-agent/musl_lack_of_a_out_h.patch rename to community/ossec-hids-agent/musl_lack_of_a_out_h.patch diff --git a/testing/ossec-hids-agent/ossec-hids-agent.logrotate b/community/ossec-hids-agent/ossec-hids-agent.logrotate similarity index 100% rename from testing/ossec-hids-agent/ossec-hids-agent.logrotate rename to community/ossec-hids-agent/ossec-hids-agent.logrotate -- GitLab From 714dc03cece2e8efe602f2e26ae0fd56f55dc0ab Mon Sep 17 00:00:00 2001 From: Noel Kuntze <noel.kuntze@thermi.consulting> Date: Mon, 15 Feb 2021 05:15:29 +0100 Subject: [PATCH 12/12] community/ossec-hids: lint APKBUILD --- community/ossec-hids/APKBUILD | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/community/ossec-hids/APKBUILD b/community/ossec-hids/APKBUILD index 06b679dff8d8..94a93d7f98af 100644 --- a/community/ossec-hids/APKBUILD +++ b/community/ossec-hids/APKBUILD @@ -37,17 +37,17 @@ package() { doc() { cd "$builddir" pkgdesc="Documentation for $pkgname" - mkdir -p "$subpkgdir"/usr/share/doc/$pkgname + mkdir -p "${subpkgdir:?}"/usr/share/doc/$pkgname cp -a doc/* \ - "$subpkgdir"/usr/share/doc/$pkgname + "${subpkgdir:?}"/usr/share/doc/$pkgname } contrib() { pkgdesc="Contrib files for $pkgname" - mkdir -p "$subpkgdir"/usr/share/$pkgname - cp -a "$builddir"/contrib/* "$subpkgdir"/usr/share/$pkgname + mkdir -p "${subpkgdir:?}"/usr/share/$pkgname + cp -a "$builddir"/contrib/* "${subpkgdir:?}"/usr/share/$pkgname for r in selinux debian-packages specs; do - rm -rf "$subpkgdir"/usr/share/$pkgname/$r + rm -rf "${subpkgdir:?}"/usr/share/$pkgname/$r done } -- GitLab