From 1b884383aa83839ec057c3b047621f98ba7119b2 Mon Sep 17 00:00:00 2001
From: Noel Kuntze <noel.kuntze@thermi.consulting>
Date: Sun, 14 Feb 2021 23:01:17 +0100
Subject: [PATCH 01/12] testing/ossec-hids-agent: patch to build with gcc-9 and
 gcc-10

---
 ...84649f89a67a42894e66cdc8c2e23773b358.patch | 534 ++++++++++++++++++
 testing/ossec-hids-agent/APKBUILD             |   4 +-
 2 files changed, 537 insertions(+), 1 deletion(-)
 create mode 100644 testing/ossec-hids-agent/745384649f89a67a42894e66cdc8c2e23773b358.patch

diff --git a/testing/ossec-hids-agent/745384649f89a67a42894e66cdc8c2e23773b358.patch b/testing/ossec-hids-agent/745384649f89a67a42894e66cdc8c2e23773b358.patch
new file mode 100644
index 000000000000..109873a721e7
--- /dev/null
+++ b/testing/ossec-hids-agent/745384649f89a67a42894e66cdc8c2e23773b358.patch
@@ -0,0 +1,534 @@
+From 745384649f89a67a42894e66cdc8c2e23773b358 Mon Sep 17 00:00:00 2001
+From: ddpbsd <ddpbsd@gmail.com>
+Date: Sat, 2 May 2020 12:54:36 -0400
+Subject: [PATCH 1/5] Cleanup some variables.
+
+In issue #1871 @rseichter brings up that gcc 10 switches to '-fno-common'
+by default. This killed builds of the agent. Switch agt to os_net_agt in os_net.
+Shuffle around the variable in client-agent (I think gcc had issues with agt
+being declared in agentd.h which gets included everywhere).
+Shuffle around willchroot in manage_agents.
+---
+ src/addagent/main.c              |  1 +
+ src/addagent/manage_agents.c     |  2 ++
+ src/addagent/manage_agents.h     |  2 +-
+ src/addagent/manage_keys.c       |  2 ++
+ src/client-agent/agentd.c        |  2 ++
+ src/client-agent/agentd.h        |  4 ++--
+ src/client-agent/event-forward.c |  3 +++
+ src/client-agent/main.c          |  5 ++++-
+ src/client-agent/notify.c        |  2 ++
+ src/client-agent/receiver-win.c  |  1 +
+ src/client-agent/receiver.c      |  2 ++
+ src/client-agent/sendmsg.c       |  3 +++
+ src/client-agent/start_agent.c   |  7 +++++++
+ src/os_net/os_net.c              | 20 ++++++++++----------
+ src/os_net/os_net.h              |  2 +-
+ 15 files changed, 43 insertions(+), 15 deletions(-)
+
+diff --git a/src/addagent/main.c b/src/addagent/main.c
+index 587a8a3d8..ab12f0326 100644
+--- a/src/addagent/main.c
++++ b/src/addagent/main.c
+@@ -17,6 +17,7 @@ static void print_banner(void);
+ static void manage_shutdown(int sig) __attribute__((noreturn));
+ #endif
+ 
++int willchroot;
+ 
+ #if defined(__MINGW32__)
+ static int setenv(const char *name, const char *val, __attribute__((unused)) int overwrite)
+diff --git a/src/addagent/manage_agents.c b/src/addagent/manage_agents.c
+index ac39c1e66..4f9c266ff 100644
+--- a/src/addagent/manage_agents.c
++++ b/src/addagent/manage_agents.c
+@@ -85,6 +85,8 @@ int add_agent(int json_output)
+ 
+     char authfile[257];
+ 
++    extern int willchroot;
++
+     if(willchroot > 0) {
+         snprintf(authfile, 256, "%s", AUTH_FILE);  //XXX
+     } else {
+diff --git a/src/addagent/manage_agents.h b/src/addagent/manage_agents.h
+index 4812dba43..f2962e80b 100644
+--- a/src/addagent/manage_agents.h
++++ b/src/addagent/manage_agents.h
+@@ -147,4 +147,4 @@ extern fpos_t fp_pos;
+ #define GMF_UNKN_ERROR  ARGV0 ": Could not run GetModuleFileName which returned (%ld).\n"
+ 
+ 
+-int willchroot;
++//int willchroot;
+diff --git a/src/addagent/manage_keys.c b/src/addagent/manage_keys.c
+index 146b48326..ffb9a1f21 100644
+--- a/src/addagent/manage_keys.c
++++ b/src/addagent/manage_keys.c
+@@ -336,6 +336,8 @@ int k_bulkload(const char *cmdbulk)
+     char delims[] = ",";
+     char *token = NULL;
+ 
++    extern int willchroot;
++
+     /* Check if we can open the input file */
+     printf("Opening: [%s]\n", cmdbulk);
+     infp = fopen(cmdbulk, "r");
+diff --git a/src/client-agent/agentd.c b/src/client-agent/agentd.c
+index c09cf87d3..67828e79c 100644
+--- a/src/client-agent/agentd.c
++++ b/src/client-agent/agentd.c
+@@ -23,6 +23,8 @@ void AgentdStart(const char *dir, int uid, int gid, const char *user, const char
+     fd_set fdset;
+     struct timeval fdtimeout;
+ 
++    extern agent *agt;
++
+     available_server = 0;
+ 
+     /* Initial random numbers must happen before chroot */
+diff --git a/src/client-agent/agentd.h b/src/client-agent/agentd.h
+index 0246a5457..a362ff9a3 100644
+--- a/src/client-agent/agentd.h
++++ b/src/client-agent/agentd.h
+@@ -81,9 +81,9 @@ void os_agent_cb(int fd, short ev, void *arg);
+ extern time_t available_server;
+ extern int run_foreground;
+ extern keystore keys;
+-extern agent *agt;
++//extern agent *agt;
+ #ifndef WIN32
+-struct imsgbuf server_ibuf;
++//struct imsgbuf server_ibuf;
+ #endif //WIN32
+ 
+ #endif /* __AGENTD_H */
+diff --git a/src/client-agent/event-forward.c b/src/client-agent/event-forward.c
+index 2e81f0c90..22ed0beb9 100644
+--- a/src/client-agent/event-forward.c
++++ b/src/client-agent/event-forward.c
+@@ -19,6 +19,9 @@
+ /* Receive a message locally on the agent and forward it to the manager */
+ void *EventForward(void)
+ {
++
++    extern agent *agt;
++
+     ssize_t recv_b;
+     char msg[OS_MAXSTR + 1];
+ 
+diff --git a/src/client-agent/main.c b/src/client-agent/main.c
+index 5f85cfb73..01c18970c 100644
+--- a/src/client-agent/main.c
++++ b/src/client-agent/main.c
+@@ -16,7 +16,8 @@
+ #define ARGV0 "ossec-agentd"
+ #endif
+ 
+-extern struct imsgbuf server_ibuf;
++//extern struct imsgbuf server_ibuf;
++struct imsgbuf server_ibuf;
+ 
+ 
+ /* Prototypes */
+@@ -112,6 +113,8 @@ int main(int argc, char **argv)
+ 
+     debug1(STARTED_MSG, ARGV0);
+ 
++    extern agent *agt;
++
+     agt = (agent *)calloc(1, sizeof(agent));
+     if (!agt) {
+         ErrorExit(MEM_ERROR, ARGV0, errno, strerror(errno));
+diff --git a/src/client-agent/notify.c b/src/client-agent/notify.c
+index 1b239f26c..93fec325c 100644
+--- a/src/client-agent/notify.c
++++ b/src/client-agent/notify.c
+@@ -68,6 +68,8 @@ void run_notify()
+     os_md5 md5sum;
+     time_t curr_time;
+ 
++    extern agent *agt;
++
+     keep_alive_random[0] = '\0';
+     curr_time = time(0);
+ 
+diff --git a/src/client-agent/receiver-win.c b/src/client-agent/receiver-win.c
+index 859bdf7f9..4ab62ee77 100644
+--- a/src/client-agent/receiver-win.c
++++ b/src/client-agent/receiver-win.c
+@@ -19,6 +19,7 @@
+ /* Receive events from the server */
+ void *receiver_thread(__attribute__((unused)) void *none)
+ {
++    extern agent *agt;
+     int recv_b;
+ 
+     char file[OS_SIZE_1024 + 1];
+diff --git a/src/client-agent/receiver.c b/src/client-agent/receiver.c
+index fde64c282..5286e60dc 100644
+--- a/src/client-agent/receiver.c
++++ b/src/client-agent/receiver.c
+@@ -29,6 +29,8 @@ void *receive_msg()
+     char cleartext[OS_MAXSTR + 1];
+     char *tmp_msg;
+ 
++    extern agent *agt;
++
+     memset(cleartext, '\0', OS_MAXSTR + 1);
+     memset(buffer, '\0', OS_MAXSTR + 1);
+ 
+diff --git a/src/client-agent/sendmsg.c b/src/client-agent/sendmsg.c
+index 454c2e714..3076dfcf9 100644
+--- a/src/client-agent/sendmsg.c
++++ b/src/client-agent/sendmsg.c
+@@ -15,6 +15,9 @@
+ /* Send a message to the server */
+ int send_msg(int agentid, const char *msg)
+ {
++
++    extern agent *agt;
++
+     size_t msg_size;
+     char crypt_msg[OS_MAXSTR + 1];
+ 
+diff --git a/src/client-agent/start_agent.c b/src/client-agent/start_agent.c
+index 51670cee5..f1df43715 100644
+--- a/src/client-agent/start_agent.c
++++ b/src/client-agent/start_agent.c
+@@ -24,6 +24,9 @@ int connect_server(int initial_id)
+ #ifdef WIN32
+     unsigned int attempts = 2;
+ #endif //WIN32
++
++    extern agent *agt;
++
+     int rc = initial_id;
+ 
+     /* Checking if the initial is zero, meaning we have to
+@@ -139,6 +142,8 @@ void start_agent(int is_startup)
+     char cleartext[OS_MAXSTR + 1];
+     char fmsg[OS_MAXSTR + 1];
+ 
++    extern agent *agt;
++
+     memset(msg, '\0', OS_MAXSTR + 2);
+     memset(buffer, '\0', OS_MAXSTR + 1);
+     memset(cleartext, '\0', OS_MAXSTR + 1);
+@@ -241,6 +246,8 @@ void os_agent_cb(int fd, short ev, void *arg) {
+     struct imsg imsg;
+     struct imsgbuf *ibuf = (struct imsgbuf *)arg;
+ 
++    extern agent *agt;
++
+     if (ev & EV_READ) {
+         if ((n = imsg_read(ibuf) == -1 && errno != EAGAIN)) {
+             ErrorExit("%s: ERROR: imsg_read() failed: %s", ARGV0, strerror(errno));
+diff --git a/src/os_net/os_net.c b/src/os_net/os_net.c
+index f18e3be77..756e9fac8 100644
+--- a/src/os_net/os_net.c
++++ b/src/os_net/os_net.c
+@@ -14,7 +14,7 @@
+ #include <errno.h>
+ #include "shared.h"
+ #include "os_net.h"
+-agent *agt;
++agent *os_net_agt;
+ 
+ /* Prototypes */
+ static OSNetInfo *OS_Bindport(char *_port, unsigned int _proto, const char *_ip);
+@@ -346,11 +346,11 @@ int OS_Connect(char *_port, unsigned int protocol, const char *_ip)
+         return(OS_INVALID);
+     }
+ 
+-    if (agt) {
+-        if (agt->lip) {
++    if (os_net_agt) {
++        if (os_net_agt->lip) {
+             memset(&hints, 0, sizeof(struct addrinfo));
+             hints.ai_flags = AI_NUMERICHOST;
+-            s = getaddrinfo(agt->lip, NULL, &hints, &result);
++            s = getaddrinfo(os_net_agt->lip, NULL, &hints, &result);
+             if (s != 0) {
+                 verbose("getaddrinfo: %s", gai_strerror(s));
+             }
+@@ -363,8 +363,8 @@ int OS_Connect(char *_port, unsigned int protocol, const char *_ip)
+     memset(&hints, 0, sizeof(struct addrinfo));
+     /* Allow IPv4 or IPv6 if local_ip isn't specified */
+     hints.ai_family = AF_UNSPEC;
+-    if (agt) {
+-        if (agt->lip) {
++    if (os_net_agt) {
++        if (os_net_agt->lip) {
+             hints.ai_family = local_ai->ai_family;
+         }
+     }
+@@ -398,13 +398,13 @@ int OS_Connect(char *_port, unsigned int protocol, const char *_ip)
+             continue;
+         }
+ 
+-        if (agt) {
+-            if (agt->lip) {
++        if (os_net_agt) {
++            if (os_net_agt->lip) {
+                 if (bind(ossock, local_ai->ai_addr, local_ai->ai_addrlen)) {
+                     verbose("Unable to bind to local address %s.  Ignoring. (%s)",
+-                            agt->lip, strerror(errno));
++                            os_net_agt->lip, strerror(errno));
+                 }
+-                else verbose("Connecting from local address %s", agt->lip);
++                else verbose("Connecting from local address %s", os_net_agt->lip);
+             }
+         }
+ 
+diff --git a/src/os_net/os_net.h b/src/os_net/os_net.h
+index 9b7250928..3aaf00429 100644
+--- a/src/os_net/os_net.h
++++ b/src/os_net/os_net.h
+@@ -13,7 +13,7 @@
+ 
+ #include "headers/shared.h"
+ #include "config/client-config.h"
+-extern agent *agt;
++extern agent *os_net_agt;
+ #ifdef WIN32
+ #ifndef AI_ADDRCONFIG
+ #define AI_ADDRCONFIG   0x0400
+
+From 940198e914db65a7133784d25964aa0e11354233 Mon Sep 17 00:00:00 2001
+From: ddpbsd <ddpbsd@gmail.com>
+Date: Sat, 2 May 2020 14:08:33 -0400
+Subject: [PATCH 2/5] extern agt
+
+---
+ src/win32/win_agent.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/win32/win_agent.c b/src/win32/win_agent.c
+index 40a37e621..a2ec784f2 100644
+--- a/src/win32/win_agent.c
++++ b/src/win32/win_agent.c
+@@ -124,6 +124,7 @@ int local_start()
+     WSADATA wsaData;
+     DWORD  threadID;
+     DWORD  threadID2;
++    extern agent *agt;
+ 
+     /* Start agent */
+     agt = (agent *)calloc(1, sizeof(agent));
+@@ -271,6 +272,7 @@ int SendMSG(__attribute__((unused)) int queue, const char *message, const char *
+     char tmpstr[OS_MAXSTR + 2];
+     char crypt_msg[OS_MAXSTR + 2];
+     DWORD dwWaitResult;
++    extern agent *agt;
+ 
+     tmpstr[OS_MAXSTR + 1] = '\0';
+     crypt_msg[OS_MAXSTR + 1] = '\0';
+@@ -468,6 +470,8 @@ void send_win32_info(time_t curr_time)
+     tmp_msg[OS_MAXSTR + 1] = '\0';
+     crypt_msg[OS_MAXSTR + 1] = '\0';
+ 
++    extern agent *agt;
++
+     debug1("%s: DEBUG: Sending keep alive message.", ARGV0);
+ 
+     /* Fix time */
+
+From f8405753edbf1fd478ba75e6f7c770e63fa1e126 Mon Sep 17 00:00:00 2001
+From: ddpbsd <ddpbsd@gmail.com>
+Date: Mon, 25 May 2020 12:23:16 -0400
+Subject: [PATCH 3/5] Shuffle around variable declarations to make -fno-common
+ happy.
+
+---
+ src/analysisd/analysisd.c       | 1 +
+ src/analysisd/syscheck-sqlite.h | 2 +-
+ 2 files changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/analysisd/analysisd.c b/src/analysisd/analysisd.c
+index a220f4421..2e89b7967 100644
+--- a/src/analysisd/analysisd.c
++++ b/src/analysisd/analysisd.c
+@@ -43,6 +43,7 @@
+ 
+ #ifdef SQLITE_ENABLED
+ #include "syscheck-sqlite.h"
++sqlite3 *conn;
+ #endif
+ 
+ /** Prototypes **/
+diff --git a/src/analysisd/syscheck-sqlite.h b/src/analysisd/syscheck-sqlite.h
+index 526cab26e..3a68ca816 100644
+--- a/src/analysisd/syscheck-sqlite.h
++++ b/src/analysisd/syscheck-sqlite.h
+@@ -1,5 +1,5 @@
+ #ifdef SQLITE_ENABLED
+ #include <sqlite3.h>
+ 
+-sqlite3 *conn;
++//sqlite3 *conn;
+ #endif
+
+From 1d54a2cca3241bd80781a615e4f6f97ce2c1569e Mon Sep 17 00:00:00 2001
+From: ddpbsd <ddpbsd@gmail.com>
+Date: Mon, 25 May 2020 12:24:47 -0400
+Subject: [PATCH 4/5] garbage collect syscheck-sqlite.h since it's blank now.
+
+---
+ src/analysisd/analysisd.c         | 1 -
+ src/analysisd/decoders/syscheck.c | 4 ----
+ src/analysisd/syscheck-sqlite.h   | 5 -----
+ 3 files changed, 10 deletions(-)
+ delete mode 100644 src/analysisd/syscheck-sqlite.h
+
+diff --git a/src/analysisd/analysisd.c b/src/analysisd/analysisd.c
+index 2e89b7967..db762a90d 100644
+--- a/src/analysisd/analysisd.c
++++ b/src/analysisd/analysisd.c
+@@ -42,7 +42,6 @@
+ #endif
+ 
+ #ifdef SQLITE_ENABLED
+-#include "syscheck-sqlite.h"
+ sqlite3 *conn;
+ #endif
+ 
+diff --git a/src/analysisd/decoders/syscheck.c b/src/analysisd/decoders/syscheck.c
+index a6d675892..7c6745166 100644
+--- a/src/analysisd/decoders/syscheck.c
++++ b/src/analysisd/decoders/syscheck.c
+@@ -15,10 +15,6 @@
+ #include "alerts/alerts.h"
+ #include "decoder.h"
+ 
+-#ifdef SQLITE_ENABLED
+-#include "syscheck-sqlite.h"
+-#endif
+-
+ typedef struct __sdb {
+     char buf[OS_MAXSTR + 1];
+     char comment[OS_MAXSTR + 1];
+diff --git a/src/analysisd/syscheck-sqlite.h b/src/analysisd/syscheck-sqlite.h
+deleted file mode 100644
+index 3a68ca816..000000000
+--- a/src/analysisd/syscheck-sqlite.h
++++ /dev/null
+@@ -1,5 +0,0 @@
+-#ifdef SQLITE_ENABLED
+-#include <sqlite3.h>
+-
+-//sqlite3 *conn;
+-#endif
+
+From 5d6f21e31dab30e34f1713f6cfe1b2e0108f77f5 Mon Sep 17 00:00:00 2001
+From: ddpbsd <ddpbsd@gmail.com>
+Date: Mon, 25 May 2020 14:38:08 -0400
+Subject: [PATCH 5/5] Shuffle around sqlite and geoip variables to make
+ -fno-common happy
+
+---
+ src/analysisd/analysisd.c         | 5 +++++
+ src/analysisd/config.h            | 3 +++
+ src/analysisd/decoders/geoip.c    | 1 +
+ src/analysisd/decoders/syscheck.c | 4 ++++
+ src/analysisd/makelists.c         | 4 ++++
+ src/analysisd/testrule.c          | 1 +
+ 6 files changed, 18 insertions(+)
+
+diff --git a/src/analysisd/analysisd.c b/src/analysisd/analysisd.c
+index db762a90d..0a81971de 100644
+--- a/src/analysisd/analysisd.c
++++ b/src/analysisd/analysisd.c
+@@ -42,9 +42,14 @@
+ #endif
+ 
+ #ifdef SQLITE_ENABLED
++#include <sqlite3.h>
+ sqlite3 *conn;
+ #endif
+ 
++#ifdef LIBGEOIP_ENABLED
++GeoIP *geoipdb;
++#endif
++
+ /** Prototypes **/
+ void OS_ReadMSG(int m_queue);
+ RuleInfo *OS_CheckIfRuleMatch(Eventinfo *lf, RuleNode *curr_node);
+diff --git a/src/analysisd/config.h b/src/analysisd/config.h
+index 8d74c756e..976d1942e 100644
+--- a/src/analysisd/config.h
++++ b/src/analysisd/config.h
+@@ -12,6 +12,7 @@
+ 
+ #include "config/config.h"
+ #include "config/global-config.h"
++
+ #ifdef LIBGEOIP_ENABLED
+ #include "GeoIP.h"
+ #endif
+@@ -20,9 +21,11 @@
+ extern long int __crt_ftell; /* Global ftell pointer */
+ extern _Config Config;       /* Global Config structure */
+ 
++/*
+ #ifdef LIBGEOIP_ENABLED
+ GeoIP *geoipdb;
+ #endif
++*/
+ 
+ int GlobalConf(const char *cfgfile);
+ 
+diff --git a/src/analysisd/decoders/geoip.c b/src/analysisd/decoders/geoip.c
+index 464e4bb71..9816b4c81 100644
+--- a/src/analysisd/decoders/geoip.c
++++ b/src/analysisd/decoders/geoip.c
+@@ -30,6 +30,7 @@ char *GetGeoInfobyIP(char *ip_addr)
+     GeoIPRecord *geoiprecord;
+     char *geodata = NULL;
+     char geobuffer[256 +1];
++    extern GeoIP *geoipdb;
+ 
+     if(!geoipdb)
+     {
+diff --git a/src/analysisd/decoders/syscheck.c b/src/analysisd/decoders/syscheck.c
+index 7c6745166..30339a00d 100644
+--- a/src/analysisd/decoders/syscheck.c
++++ b/src/analysisd/decoders/syscheck.c
+@@ -15,6 +15,10 @@
+ #include "alerts/alerts.h"
+ #include "decoder.h"
+ 
++#ifdef SQLITE_ENABLED
++#include <sqlite3.h>
++#endif
++
+ typedef struct __sdb {
+     char buf[OS_MAXSTR + 1];
+     char comment[OS_MAXSTR + 1];
+diff --git a/src/analysisd/makelists.c b/src/analysisd/makelists.c
+index 06c90db70..dfbe6a4a3 100644
+--- a/src/analysisd/makelists.c
++++ b/src/analysisd/makelists.c
+@@ -32,6 +32,10 @@ time_t c_time;
+ char __shost[512];
+ OSDecoderInfo *NULL_Decoder;
+ 
++#ifdef LIBGEOIP_ENABLED
++GeoIP *geoipdb;
++#endif
++
+ /* print help statement */
+ __attribute__((noreturn))
+ static void help_makelists(void)
+diff --git a/src/analysisd/testrule.c b/src/analysisd/testrule.c
+index c08fb4885..b1aa928f7 100644
+--- a/src/analysisd/testrule.c
++++ b/src/analysisd/testrule.c
+@@ -83,6 +83,7 @@ int main(int argc, char **argv)
+     memset(prev_month, '\0', 4);
+ 
+ #ifdef LIBGEOIP_ENABLED
++    extern GeoIP *geoipdb;
+     geoipdb = NULL;
+ #endif
+ 
\ No newline at end of file
diff --git a/testing/ossec-hids-agent/APKBUILD b/testing/ossec-hids-agent/APKBUILD
index f64be47f8c8c..aaa16e62a65a 100644
--- a/testing/ossec-hids-agent/APKBUILD
+++ b/testing/ossec-hids-agent/APKBUILD
@@ -3,7 +3,7 @@
 pkgname=ossec-hids-agent
 _target=${pkgname/ossec-hids-/}
 pkgver=3.6.0
-pkgrel=0
+pkgrel=1
 pkgdesc="Open Source Host-based Intrusion Detection System"
 url="https://www.ossec.net/"
 arch="all !aarch64 !armhf !armv7 !s390x"
@@ -17,10 +17,12 @@ subpackages="$pkgname-doc"
 pkgusers="ossec ossecm ossecr"
 pkggroups="ossec"
 source="$pkgname-$pkgver.tar.gz::https://github.com/ossec/ossec-hids/archive/$pkgver.tar.gz
+	745384649f89a67a42894e66cdc8c2e23773b358.patch
 	$pkgname.logrotate
 	musl_lack_of_a_out_h.patch
 	makefile.patch
 	config"
+
 builddir="$srcdir"/ossec-hids-$pkgver
 
 export CFLAGS="$CFLAGS -fcommon"
-- 
GitLab


From b1f0259fcf2ee9546467637f26654a4d5aef3490 Mon Sep 17 00:00:00 2001
From: Noel Kuntze <noel.kuntze@thermi.consulting>
Date: Sun, 14 Feb 2021 23:07:46 +0100
Subject: [PATCH 02/12] testing/ossec-hids-agent: summarize declared exports in
 _make_args

---
 testing/ossec-hids-agent/APKBUILD | 21 +++++++--------------
 1 file changed, 7 insertions(+), 14 deletions(-)

diff --git a/testing/ossec-hids-agent/APKBUILD b/testing/ossec-hids-agent/APKBUILD
index aaa16e62a65a..c3a6925ff350 100644
--- a/testing/ossec-hids-agent/APKBUILD
+++ b/testing/ossec-hids-agent/APKBUILD
@@ -29,32 +29,25 @@ export CFLAGS="$CFLAGS -fcommon"
 
 prepare() {
 	default_prepare
-	export V=1
-	export USER_INSTALL_TYPE=$_target
-	export USER_NO_STOP=yes
-	export USER_DIR=/var/ossec
-	export USER_BINARYINSTALL=x
-	export USE_GEOIP=yes
-	export USE_ZEROMQ=yes
-	export LUA_ENABLE=yes
-	export USE_INOTIFY=yes
-	export PCRE2_SYSTEM=yes
+	export _make_args="V=1 USER_INSTALL_TYPE=$_target USER_NO_STOP=yes \
+		USER_DIR=/var/ossec USER_BINARYINSTALL=x USE_GEOIP=yes USE_ZEROMQ=yes \
+		LUA_ENABLE=yes USE_INOTIFY=yes PCRE2_SYSTEM=yes"
 }
 
 build() {
 	cd "$builddir"/src
 	make clean
-	make TARGET=$_target PREFIX=/var/ossec
+	make TARGET=$_target PREFIX=/var/ossec $_make_args
 }
 
 check() {
 	cd "$builddir"/src
-	make test PREFIX=/var/ossec
+	make test PREFIX=/var/ossec $_make_args
 }
 
 package() {
 	install -Dm644 -D "$srcdir"/$pkgname.logrotate "$pkgdir"/etc/logrotate.d/$pkgname
-	install -Dm644 -D etc/ossec-$_target.conf "$pkgdir"/etc/ossec-$_target.conf	
+	install -Dm644 -D etc/ossec-$_target.conf "$pkgdir"/etc/ossec-$_target.conf
 
 	mkdir -p "$pkgdir"/var/ossec/etc
 	cat << EOF > "$pkgdir"/var/ossec/etc/ossec-init.conf
@@ -71,7 +64,7 @@ EOF
 	find "$pkgdir" -user daemon -exec chown 526 '{}' ';'
 	find "$pkgdir" -group nobody -exec chgrp 525 '{}' ';'
 
-	make TARGET="$_target" PREFIX="$pkgdir"/var/ossec install
+	make install  TARGET="$_target" PREFIX="$pkgdir"/var/ossec $_make_args
 }
 
 doc() {
-- 
GitLab


From 94819709a82a5f4cf59d5c5fa1e758ffbe678b40 Mon Sep 17 00:00:00 2001
From: Noel Kuntze <noel.kuntze@thermi.consulting>
Date: Sun, 14 Feb 2021 23:09:24 +0100
Subject: [PATCH 03/12] testing/ossec-hids-local: patch to build with gcc-9 and
 gcc-10

---
 ...84649f89a67a42894e66cdc8c2e23773b358.patch | 534 ++++++++++++++++++
 testing/ossec-hids-local/APKBUILD             |   5 +-
 2 files changed, 538 insertions(+), 1 deletion(-)
 create mode 100644 testing/ossec-hids-local/745384649f89a67a42894e66cdc8c2e23773b358.patch

diff --git a/testing/ossec-hids-local/745384649f89a67a42894e66cdc8c2e23773b358.patch b/testing/ossec-hids-local/745384649f89a67a42894e66cdc8c2e23773b358.patch
new file mode 100644
index 000000000000..109873a721e7
--- /dev/null
+++ b/testing/ossec-hids-local/745384649f89a67a42894e66cdc8c2e23773b358.patch
@@ -0,0 +1,534 @@
+From 745384649f89a67a42894e66cdc8c2e23773b358 Mon Sep 17 00:00:00 2001
+From: ddpbsd <ddpbsd@gmail.com>
+Date: Sat, 2 May 2020 12:54:36 -0400
+Subject: [PATCH 1/5] Cleanup some variables.
+
+In issue #1871 @rseichter brings up that gcc 10 switches to '-fno-common'
+by default. This killed builds of the agent. Switch agt to os_net_agt in os_net.
+Shuffle around the variable in client-agent (I think gcc had issues with agt
+being declared in agentd.h which gets included everywhere).
+Shuffle around willchroot in manage_agents.
+---
+ src/addagent/main.c              |  1 +
+ src/addagent/manage_agents.c     |  2 ++
+ src/addagent/manage_agents.h     |  2 +-
+ src/addagent/manage_keys.c       |  2 ++
+ src/client-agent/agentd.c        |  2 ++
+ src/client-agent/agentd.h        |  4 ++--
+ src/client-agent/event-forward.c |  3 +++
+ src/client-agent/main.c          |  5 ++++-
+ src/client-agent/notify.c        |  2 ++
+ src/client-agent/receiver-win.c  |  1 +
+ src/client-agent/receiver.c      |  2 ++
+ src/client-agent/sendmsg.c       |  3 +++
+ src/client-agent/start_agent.c   |  7 +++++++
+ src/os_net/os_net.c              | 20 ++++++++++----------
+ src/os_net/os_net.h              |  2 +-
+ 15 files changed, 43 insertions(+), 15 deletions(-)
+
+diff --git a/src/addagent/main.c b/src/addagent/main.c
+index 587a8a3d8..ab12f0326 100644
+--- a/src/addagent/main.c
++++ b/src/addagent/main.c
+@@ -17,6 +17,7 @@ static void print_banner(void);
+ static void manage_shutdown(int sig) __attribute__((noreturn));
+ #endif
+ 
++int willchroot;
+ 
+ #if defined(__MINGW32__)
+ static int setenv(const char *name, const char *val, __attribute__((unused)) int overwrite)
+diff --git a/src/addagent/manage_agents.c b/src/addagent/manage_agents.c
+index ac39c1e66..4f9c266ff 100644
+--- a/src/addagent/manage_agents.c
++++ b/src/addagent/manage_agents.c
+@@ -85,6 +85,8 @@ int add_agent(int json_output)
+ 
+     char authfile[257];
+ 
++    extern int willchroot;
++
+     if(willchroot > 0) {
+         snprintf(authfile, 256, "%s", AUTH_FILE);  //XXX
+     } else {
+diff --git a/src/addagent/manage_agents.h b/src/addagent/manage_agents.h
+index 4812dba43..f2962e80b 100644
+--- a/src/addagent/manage_agents.h
++++ b/src/addagent/manage_agents.h
+@@ -147,4 +147,4 @@ extern fpos_t fp_pos;
+ #define GMF_UNKN_ERROR  ARGV0 ": Could not run GetModuleFileName which returned (%ld).\n"
+ 
+ 
+-int willchroot;
++//int willchroot;
+diff --git a/src/addagent/manage_keys.c b/src/addagent/manage_keys.c
+index 146b48326..ffb9a1f21 100644
+--- a/src/addagent/manage_keys.c
++++ b/src/addagent/manage_keys.c
+@@ -336,6 +336,8 @@ int k_bulkload(const char *cmdbulk)
+     char delims[] = ",";
+     char *token = NULL;
+ 
++    extern int willchroot;
++
+     /* Check if we can open the input file */
+     printf("Opening: [%s]\n", cmdbulk);
+     infp = fopen(cmdbulk, "r");
+diff --git a/src/client-agent/agentd.c b/src/client-agent/agentd.c
+index c09cf87d3..67828e79c 100644
+--- a/src/client-agent/agentd.c
++++ b/src/client-agent/agentd.c
+@@ -23,6 +23,8 @@ void AgentdStart(const char *dir, int uid, int gid, const char *user, const char
+     fd_set fdset;
+     struct timeval fdtimeout;
+ 
++    extern agent *agt;
++
+     available_server = 0;
+ 
+     /* Initial random numbers must happen before chroot */
+diff --git a/src/client-agent/agentd.h b/src/client-agent/agentd.h
+index 0246a5457..a362ff9a3 100644
+--- a/src/client-agent/agentd.h
++++ b/src/client-agent/agentd.h
+@@ -81,9 +81,9 @@ void os_agent_cb(int fd, short ev, void *arg);
+ extern time_t available_server;
+ extern int run_foreground;
+ extern keystore keys;
+-extern agent *agt;
++//extern agent *agt;
+ #ifndef WIN32
+-struct imsgbuf server_ibuf;
++//struct imsgbuf server_ibuf;
+ #endif //WIN32
+ 
+ #endif /* __AGENTD_H */
+diff --git a/src/client-agent/event-forward.c b/src/client-agent/event-forward.c
+index 2e81f0c90..22ed0beb9 100644
+--- a/src/client-agent/event-forward.c
++++ b/src/client-agent/event-forward.c
+@@ -19,6 +19,9 @@
+ /* Receive a message locally on the agent and forward it to the manager */
+ void *EventForward(void)
+ {
++
++    extern agent *agt;
++
+     ssize_t recv_b;
+     char msg[OS_MAXSTR + 1];
+ 
+diff --git a/src/client-agent/main.c b/src/client-agent/main.c
+index 5f85cfb73..01c18970c 100644
+--- a/src/client-agent/main.c
++++ b/src/client-agent/main.c
+@@ -16,7 +16,8 @@
+ #define ARGV0 "ossec-agentd"
+ #endif
+ 
+-extern struct imsgbuf server_ibuf;
++//extern struct imsgbuf server_ibuf;
++struct imsgbuf server_ibuf;
+ 
+ 
+ /* Prototypes */
+@@ -112,6 +113,8 @@ int main(int argc, char **argv)
+ 
+     debug1(STARTED_MSG, ARGV0);
+ 
++    extern agent *agt;
++
+     agt = (agent *)calloc(1, sizeof(agent));
+     if (!agt) {
+         ErrorExit(MEM_ERROR, ARGV0, errno, strerror(errno));
+diff --git a/src/client-agent/notify.c b/src/client-agent/notify.c
+index 1b239f26c..93fec325c 100644
+--- a/src/client-agent/notify.c
++++ b/src/client-agent/notify.c
+@@ -68,6 +68,8 @@ void run_notify()
+     os_md5 md5sum;
+     time_t curr_time;
+ 
++    extern agent *agt;
++
+     keep_alive_random[0] = '\0';
+     curr_time = time(0);
+ 
+diff --git a/src/client-agent/receiver-win.c b/src/client-agent/receiver-win.c
+index 859bdf7f9..4ab62ee77 100644
+--- a/src/client-agent/receiver-win.c
++++ b/src/client-agent/receiver-win.c
+@@ -19,6 +19,7 @@
+ /* Receive events from the server */
+ void *receiver_thread(__attribute__((unused)) void *none)
+ {
++    extern agent *agt;
+     int recv_b;
+ 
+     char file[OS_SIZE_1024 + 1];
+diff --git a/src/client-agent/receiver.c b/src/client-agent/receiver.c
+index fde64c282..5286e60dc 100644
+--- a/src/client-agent/receiver.c
++++ b/src/client-agent/receiver.c
+@@ -29,6 +29,8 @@ void *receive_msg()
+     char cleartext[OS_MAXSTR + 1];
+     char *tmp_msg;
+ 
++    extern agent *agt;
++
+     memset(cleartext, '\0', OS_MAXSTR + 1);
+     memset(buffer, '\0', OS_MAXSTR + 1);
+ 
+diff --git a/src/client-agent/sendmsg.c b/src/client-agent/sendmsg.c
+index 454c2e714..3076dfcf9 100644
+--- a/src/client-agent/sendmsg.c
++++ b/src/client-agent/sendmsg.c
+@@ -15,6 +15,9 @@
+ /* Send a message to the server */
+ int send_msg(int agentid, const char *msg)
+ {
++
++    extern agent *agt;
++
+     size_t msg_size;
+     char crypt_msg[OS_MAXSTR + 1];
+ 
+diff --git a/src/client-agent/start_agent.c b/src/client-agent/start_agent.c
+index 51670cee5..f1df43715 100644
+--- a/src/client-agent/start_agent.c
++++ b/src/client-agent/start_agent.c
+@@ -24,6 +24,9 @@ int connect_server(int initial_id)
+ #ifdef WIN32
+     unsigned int attempts = 2;
+ #endif //WIN32
++
++    extern agent *agt;
++
+     int rc = initial_id;
+ 
+     /* Checking if the initial is zero, meaning we have to
+@@ -139,6 +142,8 @@ void start_agent(int is_startup)
+     char cleartext[OS_MAXSTR + 1];
+     char fmsg[OS_MAXSTR + 1];
+ 
++    extern agent *agt;
++
+     memset(msg, '\0', OS_MAXSTR + 2);
+     memset(buffer, '\0', OS_MAXSTR + 1);
+     memset(cleartext, '\0', OS_MAXSTR + 1);
+@@ -241,6 +246,8 @@ void os_agent_cb(int fd, short ev, void *arg) {
+     struct imsg imsg;
+     struct imsgbuf *ibuf = (struct imsgbuf *)arg;
+ 
++    extern agent *agt;
++
+     if (ev & EV_READ) {
+         if ((n = imsg_read(ibuf) == -1 && errno != EAGAIN)) {
+             ErrorExit("%s: ERROR: imsg_read() failed: %s", ARGV0, strerror(errno));
+diff --git a/src/os_net/os_net.c b/src/os_net/os_net.c
+index f18e3be77..756e9fac8 100644
+--- a/src/os_net/os_net.c
++++ b/src/os_net/os_net.c
+@@ -14,7 +14,7 @@
+ #include <errno.h>
+ #include "shared.h"
+ #include "os_net.h"
+-agent *agt;
++agent *os_net_agt;
+ 
+ /* Prototypes */
+ static OSNetInfo *OS_Bindport(char *_port, unsigned int _proto, const char *_ip);
+@@ -346,11 +346,11 @@ int OS_Connect(char *_port, unsigned int protocol, const char *_ip)
+         return(OS_INVALID);
+     }
+ 
+-    if (agt) {
+-        if (agt->lip) {
++    if (os_net_agt) {
++        if (os_net_agt->lip) {
+             memset(&hints, 0, sizeof(struct addrinfo));
+             hints.ai_flags = AI_NUMERICHOST;
+-            s = getaddrinfo(agt->lip, NULL, &hints, &result);
++            s = getaddrinfo(os_net_agt->lip, NULL, &hints, &result);
+             if (s != 0) {
+                 verbose("getaddrinfo: %s", gai_strerror(s));
+             }
+@@ -363,8 +363,8 @@ int OS_Connect(char *_port, unsigned int protocol, const char *_ip)
+     memset(&hints, 0, sizeof(struct addrinfo));
+     /* Allow IPv4 or IPv6 if local_ip isn't specified */
+     hints.ai_family = AF_UNSPEC;
+-    if (agt) {
+-        if (agt->lip) {
++    if (os_net_agt) {
++        if (os_net_agt->lip) {
+             hints.ai_family = local_ai->ai_family;
+         }
+     }
+@@ -398,13 +398,13 @@ int OS_Connect(char *_port, unsigned int protocol, const char *_ip)
+             continue;
+         }
+ 
+-        if (agt) {
+-            if (agt->lip) {
++        if (os_net_agt) {
++            if (os_net_agt->lip) {
+                 if (bind(ossock, local_ai->ai_addr, local_ai->ai_addrlen)) {
+                     verbose("Unable to bind to local address %s.  Ignoring. (%s)",
+-                            agt->lip, strerror(errno));
++                            os_net_agt->lip, strerror(errno));
+                 }
+-                else verbose("Connecting from local address %s", agt->lip);
++                else verbose("Connecting from local address %s", os_net_agt->lip);
+             }
+         }
+ 
+diff --git a/src/os_net/os_net.h b/src/os_net/os_net.h
+index 9b7250928..3aaf00429 100644
+--- a/src/os_net/os_net.h
++++ b/src/os_net/os_net.h
+@@ -13,7 +13,7 @@
+ 
+ #include "headers/shared.h"
+ #include "config/client-config.h"
+-extern agent *agt;
++extern agent *os_net_agt;
+ #ifdef WIN32
+ #ifndef AI_ADDRCONFIG
+ #define AI_ADDRCONFIG   0x0400
+
+From 940198e914db65a7133784d25964aa0e11354233 Mon Sep 17 00:00:00 2001
+From: ddpbsd <ddpbsd@gmail.com>
+Date: Sat, 2 May 2020 14:08:33 -0400
+Subject: [PATCH 2/5] extern agt
+
+---
+ src/win32/win_agent.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/win32/win_agent.c b/src/win32/win_agent.c
+index 40a37e621..a2ec784f2 100644
+--- a/src/win32/win_agent.c
++++ b/src/win32/win_agent.c
+@@ -124,6 +124,7 @@ int local_start()
+     WSADATA wsaData;
+     DWORD  threadID;
+     DWORD  threadID2;
++    extern agent *agt;
+ 
+     /* Start agent */
+     agt = (agent *)calloc(1, sizeof(agent));
+@@ -271,6 +272,7 @@ int SendMSG(__attribute__((unused)) int queue, const char *message, const char *
+     char tmpstr[OS_MAXSTR + 2];
+     char crypt_msg[OS_MAXSTR + 2];
+     DWORD dwWaitResult;
++    extern agent *agt;
+ 
+     tmpstr[OS_MAXSTR + 1] = '\0';
+     crypt_msg[OS_MAXSTR + 1] = '\0';
+@@ -468,6 +470,8 @@ void send_win32_info(time_t curr_time)
+     tmp_msg[OS_MAXSTR + 1] = '\0';
+     crypt_msg[OS_MAXSTR + 1] = '\0';
+ 
++    extern agent *agt;
++
+     debug1("%s: DEBUG: Sending keep alive message.", ARGV0);
+ 
+     /* Fix time */
+
+From f8405753edbf1fd478ba75e6f7c770e63fa1e126 Mon Sep 17 00:00:00 2001
+From: ddpbsd <ddpbsd@gmail.com>
+Date: Mon, 25 May 2020 12:23:16 -0400
+Subject: [PATCH 3/5] Shuffle around variable declarations to make -fno-common
+ happy.
+
+---
+ src/analysisd/analysisd.c       | 1 +
+ src/analysisd/syscheck-sqlite.h | 2 +-
+ 2 files changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/analysisd/analysisd.c b/src/analysisd/analysisd.c
+index a220f4421..2e89b7967 100644
+--- a/src/analysisd/analysisd.c
++++ b/src/analysisd/analysisd.c
+@@ -43,6 +43,7 @@
+ 
+ #ifdef SQLITE_ENABLED
+ #include "syscheck-sqlite.h"
++sqlite3 *conn;
+ #endif
+ 
+ /** Prototypes **/
+diff --git a/src/analysisd/syscheck-sqlite.h b/src/analysisd/syscheck-sqlite.h
+index 526cab26e..3a68ca816 100644
+--- a/src/analysisd/syscheck-sqlite.h
++++ b/src/analysisd/syscheck-sqlite.h
+@@ -1,5 +1,5 @@
+ #ifdef SQLITE_ENABLED
+ #include <sqlite3.h>
+ 
+-sqlite3 *conn;
++//sqlite3 *conn;
+ #endif
+
+From 1d54a2cca3241bd80781a615e4f6f97ce2c1569e Mon Sep 17 00:00:00 2001
+From: ddpbsd <ddpbsd@gmail.com>
+Date: Mon, 25 May 2020 12:24:47 -0400
+Subject: [PATCH 4/5] garbage collect syscheck-sqlite.h since it's blank now.
+
+---
+ src/analysisd/analysisd.c         | 1 -
+ src/analysisd/decoders/syscheck.c | 4 ----
+ src/analysisd/syscheck-sqlite.h   | 5 -----
+ 3 files changed, 10 deletions(-)
+ delete mode 100644 src/analysisd/syscheck-sqlite.h
+
+diff --git a/src/analysisd/analysisd.c b/src/analysisd/analysisd.c
+index 2e89b7967..db762a90d 100644
+--- a/src/analysisd/analysisd.c
++++ b/src/analysisd/analysisd.c
+@@ -42,7 +42,6 @@
+ #endif
+ 
+ #ifdef SQLITE_ENABLED
+-#include "syscheck-sqlite.h"
+ sqlite3 *conn;
+ #endif
+ 
+diff --git a/src/analysisd/decoders/syscheck.c b/src/analysisd/decoders/syscheck.c
+index a6d675892..7c6745166 100644
+--- a/src/analysisd/decoders/syscheck.c
++++ b/src/analysisd/decoders/syscheck.c
+@@ -15,10 +15,6 @@
+ #include "alerts/alerts.h"
+ #include "decoder.h"
+ 
+-#ifdef SQLITE_ENABLED
+-#include "syscheck-sqlite.h"
+-#endif
+-
+ typedef struct __sdb {
+     char buf[OS_MAXSTR + 1];
+     char comment[OS_MAXSTR + 1];
+diff --git a/src/analysisd/syscheck-sqlite.h b/src/analysisd/syscheck-sqlite.h
+deleted file mode 100644
+index 3a68ca816..000000000
+--- a/src/analysisd/syscheck-sqlite.h
++++ /dev/null
+@@ -1,5 +0,0 @@
+-#ifdef SQLITE_ENABLED
+-#include <sqlite3.h>
+-
+-//sqlite3 *conn;
+-#endif
+
+From 5d6f21e31dab30e34f1713f6cfe1b2e0108f77f5 Mon Sep 17 00:00:00 2001
+From: ddpbsd <ddpbsd@gmail.com>
+Date: Mon, 25 May 2020 14:38:08 -0400
+Subject: [PATCH 5/5] Shuffle around sqlite and geoip variables to make
+ -fno-common happy
+
+---
+ src/analysisd/analysisd.c         | 5 +++++
+ src/analysisd/config.h            | 3 +++
+ src/analysisd/decoders/geoip.c    | 1 +
+ src/analysisd/decoders/syscheck.c | 4 ++++
+ src/analysisd/makelists.c         | 4 ++++
+ src/analysisd/testrule.c          | 1 +
+ 6 files changed, 18 insertions(+)
+
+diff --git a/src/analysisd/analysisd.c b/src/analysisd/analysisd.c
+index db762a90d..0a81971de 100644
+--- a/src/analysisd/analysisd.c
++++ b/src/analysisd/analysisd.c
+@@ -42,9 +42,14 @@
+ #endif
+ 
+ #ifdef SQLITE_ENABLED
++#include <sqlite3.h>
+ sqlite3 *conn;
+ #endif
+ 
++#ifdef LIBGEOIP_ENABLED
++GeoIP *geoipdb;
++#endif
++
+ /** Prototypes **/
+ void OS_ReadMSG(int m_queue);
+ RuleInfo *OS_CheckIfRuleMatch(Eventinfo *lf, RuleNode *curr_node);
+diff --git a/src/analysisd/config.h b/src/analysisd/config.h
+index 8d74c756e..976d1942e 100644
+--- a/src/analysisd/config.h
++++ b/src/analysisd/config.h
+@@ -12,6 +12,7 @@
+ 
+ #include "config/config.h"
+ #include "config/global-config.h"
++
+ #ifdef LIBGEOIP_ENABLED
+ #include "GeoIP.h"
+ #endif
+@@ -20,9 +21,11 @@
+ extern long int __crt_ftell; /* Global ftell pointer */
+ extern _Config Config;       /* Global Config structure */
+ 
++/*
+ #ifdef LIBGEOIP_ENABLED
+ GeoIP *geoipdb;
+ #endif
++*/
+ 
+ int GlobalConf(const char *cfgfile);
+ 
+diff --git a/src/analysisd/decoders/geoip.c b/src/analysisd/decoders/geoip.c
+index 464e4bb71..9816b4c81 100644
+--- a/src/analysisd/decoders/geoip.c
++++ b/src/analysisd/decoders/geoip.c
+@@ -30,6 +30,7 @@ char *GetGeoInfobyIP(char *ip_addr)
+     GeoIPRecord *geoiprecord;
+     char *geodata = NULL;
+     char geobuffer[256 +1];
++    extern GeoIP *geoipdb;
+ 
+     if(!geoipdb)
+     {
+diff --git a/src/analysisd/decoders/syscheck.c b/src/analysisd/decoders/syscheck.c
+index 7c6745166..30339a00d 100644
+--- a/src/analysisd/decoders/syscheck.c
++++ b/src/analysisd/decoders/syscheck.c
+@@ -15,6 +15,10 @@
+ #include "alerts/alerts.h"
+ #include "decoder.h"
+ 
++#ifdef SQLITE_ENABLED
++#include <sqlite3.h>
++#endif
++
+ typedef struct __sdb {
+     char buf[OS_MAXSTR + 1];
+     char comment[OS_MAXSTR + 1];
+diff --git a/src/analysisd/makelists.c b/src/analysisd/makelists.c
+index 06c90db70..dfbe6a4a3 100644
+--- a/src/analysisd/makelists.c
++++ b/src/analysisd/makelists.c
+@@ -32,6 +32,10 @@ time_t c_time;
+ char __shost[512];
+ OSDecoderInfo *NULL_Decoder;
+ 
++#ifdef LIBGEOIP_ENABLED
++GeoIP *geoipdb;
++#endif
++
+ /* print help statement */
+ __attribute__((noreturn))
+ static void help_makelists(void)
+diff --git a/src/analysisd/testrule.c b/src/analysisd/testrule.c
+index c08fb4885..b1aa928f7 100644
+--- a/src/analysisd/testrule.c
++++ b/src/analysisd/testrule.c
+@@ -83,6 +83,7 @@ int main(int argc, char **argv)
+     memset(prev_month, '\0', 4);
+ 
+ #ifdef LIBGEOIP_ENABLED
++    extern GeoIP *geoipdb;
+     geoipdb = NULL;
+ #endif
+ 
\ No newline at end of file
diff --git a/testing/ossec-hids-local/APKBUILD b/testing/ossec-hids-local/APKBUILD
index 1a18f7a3be6d..06aab4d4611f 100644
--- a/testing/ossec-hids-local/APKBUILD
+++ b/testing/ossec-hids-local/APKBUILD
@@ -3,7 +3,7 @@
 pkgname=ossec-hids-local
 _target=${pkgname/ossec-hids-/}
 pkgver=3.6.0
-pkgrel=0
+pkgrel=1
 pkgdesc="Open Source Host-based Intrusion Detection System"
 url="https://www.ossec.net/"
 arch="all !aarch64 !armhf !armv7 !s390x"
@@ -17,10 +17,12 @@ subpackages="$pkgname-doc"
 pkgusers="ossec ossecm ossecr"
 pkggroups="ossec"
 source="$pkgname-$pkgver.tar.gz::https://github.com/ossec/ossec-hids/archive/$pkgver.tar.gz
+	745384649f89a67a42894e66cdc8c2e23773b358.patch
 	$pkgname.logrotate
 	musl_lack_of_a_out_h.patch
 	makefile.patch
 	config"
+
 builddir="$srcdir"/ossec-hids-$pkgver
 
 prepare() {
@@ -82,6 +84,7 @@ doc() {
 }
 
 sha512sums="1f5e897de757df264dfb56def74b7d8f886b6b9d772b5b3d0197c9cd00a32fd7fd8a7b53566851fea3cd74d433b5594cbd074e50b7dbe36305fb3c243e8ddcf5  ossec-hids-local-3.6.0.tar.gz
+bc8a02b8ff395903d2782c95448672688b5b965cfe47cd7cc70b51cd18601fa85dab5cac8ab77d8ea060d83dfb5159a03040ec91b4ee8aa6e56d20e5a6238633  745384649f89a67a42894e66cdc8c2e23773b358.patch
 6cdf4852feabfdd043405e2570bb9a3013eb11c1865e9178fb67a019717d44fb0fedba05ab74c4334a1bae0a0c45912213dd7d6c7e1eab31853d40beea7596a0  ossec-hids-local.logrotate
 4e076581cc3977c527f30da6c43552db18bc35ea7b745c1504f4d15ebfbcef42c9604804af28fc90744a85f847a0f0c5bf991476cae71e3d860adb7cfa33a63b  musl_lack_of_a_out_h.patch
 27ccd8197541693c6cfa85e1598b40a5bd2dbd1dec2b7bd057211b45fd0c14c42c2ddd01d9ac57491eda93bb318961642d3adce55b395351d530609250ca003f  makefile.patch
-- 
GitLab


From 88f2968a287ac82b38c19ccbb757680d46b7ba19 Mon Sep 17 00:00:00 2001
From: Noel Kuntze <noel.kuntze@thermi.consulting>
Date: Sun, 14 Feb 2021 23:11:55 +0100
Subject: [PATCH 04/12] testing/ossec-hids-local: summarize declared exports in
 _make_args

---
 testing/ossec-hids-local/APKBUILD | 25 ++++++++-----------------
 1 file changed, 8 insertions(+), 17 deletions(-)

diff --git a/testing/ossec-hids-local/APKBUILD b/testing/ossec-hids-local/APKBUILD
index 06aab4d4611f..bb5b01b83bdf 100644
--- a/testing/ossec-hids-local/APKBUILD
+++ b/testing/ossec-hids-local/APKBUILD
@@ -26,31 +26,22 @@ source="$pkgname-$pkgver.tar.gz::https://github.com/ossec/ossec-hids/archive/$pk
 builddir="$srcdir"/ossec-hids-$pkgver
 
 prepare() {
-        default_prepare
-	export CFLAGS="$CFLAGS -fcommon"
-        export V=1
-        export USER_INSTALL_TYPE=$_target
-        export USER_NO_STOP=yes
-        export USER_DIR=/var/ossec
-        export USER_BINARYINSTALL=x
-        export USE_GEOIP=yes
-        export USE_ZEROMQ=yes
-        export LUA_ENABLE=yes
-        export USE_SQLITE=yes
-        export DATABASE=sqlite
-        export USE_INOTIFY=yes
-        export PCRE2_SYSTEM=yes
+		default_prepare
+		export _make_args="V=1 USER_INSTALL_TYPE=$_target USER_NO_STOP=yes \
+			USER_DIR=/var/ossec USER_BINARYINSTALL=x USE_GEOIP=yes \
+			USE_ZEROMQ=yes LUA_ENABLE=yes USE_SQLITE=yes DATABASE=sqlite \
+			USE_INOTIFY=yes PCRE2_SYSTEM=yes"
 }
 
 build() {
 	cd "$builddir"/src
 	make clean
-	make TARGET=$_target PREFIX=/var/ossec
+	make TARGET=$_target PREFIX=/var/ossec $_make_args
 }
 
 check() {
 	cd "$builddir"/src
-	make test PREFIX=/var/ossec
+	make test PREFIX=/var/ossec $_make_args
 }
 
 package() {
@@ -72,7 +63,7 @@ EOF
 	find "$pkgdir" -user daemon -exec chown 526 '{}' ';'
 	find "$pkgdir" -group nobody -exec chgrp 525 '{}' ';'
 
-	make TARGET="$_target" PREFIX="$pkgdir"/var/ossec install
+	make install TARGET="$_target" PREFIX="$pkgdir"/var/ossec $_make_args
 }
 
 doc() {
-- 
GitLab


From 37281c34b81d32ec098c6ed400126d8786b8bcd8 Mon Sep 17 00:00:00 2001
From: Noel Kuntze <noel.kuntze@thermi.consulting>
Date: Sun, 14 Feb 2021 23:12:24 +0100
Subject: [PATCH 05/12] testing/ossec-hids-server: patch to build with gcc-9
 and gcc-10

---
 ...84649f89a67a42894e66cdc8c2e23773b358.patch | 534 ++++++++++++++++++
 testing/ossec-hids-server/APKBUILD            |   4 +-
 2 files changed, 537 insertions(+), 1 deletion(-)
 create mode 100644 testing/ossec-hids-server/745384649f89a67a42894e66cdc8c2e23773b358.patch

diff --git a/testing/ossec-hids-server/745384649f89a67a42894e66cdc8c2e23773b358.patch b/testing/ossec-hids-server/745384649f89a67a42894e66cdc8c2e23773b358.patch
new file mode 100644
index 000000000000..109873a721e7
--- /dev/null
+++ b/testing/ossec-hids-server/745384649f89a67a42894e66cdc8c2e23773b358.patch
@@ -0,0 +1,534 @@
+From 745384649f89a67a42894e66cdc8c2e23773b358 Mon Sep 17 00:00:00 2001
+From: ddpbsd <ddpbsd@gmail.com>
+Date: Sat, 2 May 2020 12:54:36 -0400
+Subject: [PATCH 1/5] Cleanup some variables.
+
+In issue #1871 @rseichter brings up that gcc 10 switches to '-fno-common'
+by default. This killed builds of the agent. Switch agt to os_net_agt in os_net.
+Shuffle around the variable in client-agent (I think gcc had issues with agt
+being declared in agentd.h which gets included everywhere).
+Shuffle around willchroot in manage_agents.
+---
+ src/addagent/main.c              |  1 +
+ src/addagent/manage_agents.c     |  2 ++
+ src/addagent/manage_agents.h     |  2 +-
+ src/addagent/manage_keys.c       |  2 ++
+ src/client-agent/agentd.c        |  2 ++
+ src/client-agent/agentd.h        |  4 ++--
+ src/client-agent/event-forward.c |  3 +++
+ src/client-agent/main.c          |  5 ++++-
+ src/client-agent/notify.c        |  2 ++
+ src/client-agent/receiver-win.c  |  1 +
+ src/client-agent/receiver.c      |  2 ++
+ src/client-agent/sendmsg.c       |  3 +++
+ src/client-agent/start_agent.c   |  7 +++++++
+ src/os_net/os_net.c              | 20 ++++++++++----------
+ src/os_net/os_net.h              |  2 +-
+ 15 files changed, 43 insertions(+), 15 deletions(-)
+
+diff --git a/src/addagent/main.c b/src/addagent/main.c
+index 587a8a3d8..ab12f0326 100644
+--- a/src/addagent/main.c
++++ b/src/addagent/main.c
+@@ -17,6 +17,7 @@ static void print_banner(void);
+ static void manage_shutdown(int sig) __attribute__((noreturn));
+ #endif
+ 
++int willchroot;
+ 
+ #if defined(__MINGW32__)
+ static int setenv(const char *name, const char *val, __attribute__((unused)) int overwrite)
+diff --git a/src/addagent/manage_agents.c b/src/addagent/manage_agents.c
+index ac39c1e66..4f9c266ff 100644
+--- a/src/addagent/manage_agents.c
++++ b/src/addagent/manage_agents.c
+@@ -85,6 +85,8 @@ int add_agent(int json_output)
+ 
+     char authfile[257];
+ 
++    extern int willchroot;
++
+     if(willchroot > 0) {
+         snprintf(authfile, 256, "%s", AUTH_FILE);  //XXX
+     } else {
+diff --git a/src/addagent/manage_agents.h b/src/addagent/manage_agents.h
+index 4812dba43..f2962e80b 100644
+--- a/src/addagent/manage_agents.h
++++ b/src/addagent/manage_agents.h
+@@ -147,4 +147,4 @@ extern fpos_t fp_pos;
+ #define GMF_UNKN_ERROR  ARGV0 ": Could not run GetModuleFileName which returned (%ld).\n"
+ 
+ 
+-int willchroot;
++//int willchroot;
+diff --git a/src/addagent/manage_keys.c b/src/addagent/manage_keys.c
+index 146b48326..ffb9a1f21 100644
+--- a/src/addagent/manage_keys.c
++++ b/src/addagent/manage_keys.c
+@@ -336,6 +336,8 @@ int k_bulkload(const char *cmdbulk)
+     char delims[] = ",";
+     char *token = NULL;
+ 
++    extern int willchroot;
++
+     /* Check if we can open the input file */
+     printf("Opening: [%s]\n", cmdbulk);
+     infp = fopen(cmdbulk, "r");
+diff --git a/src/client-agent/agentd.c b/src/client-agent/agentd.c
+index c09cf87d3..67828e79c 100644
+--- a/src/client-agent/agentd.c
++++ b/src/client-agent/agentd.c
+@@ -23,6 +23,8 @@ void AgentdStart(const char *dir, int uid, int gid, const char *user, const char
+     fd_set fdset;
+     struct timeval fdtimeout;
+ 
++    extern agent *agt;
++
+     available_server = 0;
+ 
+     /* Initial random numbers must happen before chroot */
+diff --git a/src/client-agent/agentd.h b/src/client-agent/agentd.h
+index 0246a5457..a362ff9a3 100644
+--- a/src/client-agent/agentd.h
++++ b/src/client-agent/agentd.h
+@@ -81,9 +81,9 @@ void os_agent_cb(int fd, short ev, void *arg);
+ extern time_t available_server;
+ extern int run_foreground;
+ extern keystore keys;
+-extern agent *agt;
++//extern agent *agt;
+ #ifndef WIN32
+-struct imsgbuf server_ibuf;
++//struct imsgbuf server_ibuf;
+ #endif //WIN32
+ 
+ #endif /* __AGENTD_H */
+diff --git a/src/client-agent/event-forward.c b/src/client-agent/event-forward.c
+index 2e81f0c90..22ed0beb9 100644
+--- a/src/client-agent/event-forward.c
++++ b/src/client-agent/event-forward.c
+@@ -19,6 +19,9 @@
+ /* Receive a message locally on the agent and forward it to the manager */
+ void *EventForward(void)
+ {
++
++    extern agent *agt;
++
+     ssize_t recv_b;
+     char msg[OS_MAXSTR + 1];
+ 
+diff --git a/src/client-agent/main.c b/src/client-agent/main.c
+index 5f85cfb73..01c18970c 100644
+--- a/src/client-agent/main.c
++++ b/src/client-agent/main.c
+@@ -16,7 +16,8 @@
+ #define ARGV0 "ossec-agentd"
+ #endif
+ 
+-extern struct imsgbuf server_ibuf;
++//extern struct imsgbuf server_ibuf;
++struct imsgbuf server_ibuf;
+ 
+ 
+ /* Prototypes */
+@@ -112,6 +113,8 @@ int main(int argc, char **argv)
+ 
+     debug1(STARTED_MSG, ARGV0);
+ 
++    extern agent *agt;
++
+     agt = (agent *)calloc(1, sizeof(agent));
+     if (!agt) {
+         ErrorExit(MEM_ERROR, ARGV0, errno, strerror(errno));
+diff --git a/src/client-agent/notify.c b/src/client-agent/notify.c
+index 1b239f26c..93fec325c 100644
+--- a/src/client-agent/notify.c
++++ b/src/client-agent/notify.c
+@@ -68,6 +68,8 @@ void run_notify()
+     os_md5 md5sum;
+     time_t curr_time;
+ 
++    extern agent *agt;
++
+     keep_alive_random[0] = '\0';
+     curr_time = time(0);
+ 
+diff --git a/src/client-agent/receiver-win.c b/src/client-agent/receiver-win.c
+index 859bdf7f9..4ab62ee77 100644
+--- a/src/client-agent/receiver-win.c
++++ b/src/client-agent/receiver-win.c
+@@ -19,6 +19,7 @@
+ /* Receive events from the server */
+ void *receiver_thread(__attribute__((unused)) void *none)
+ {
++    extern agent *agt;
+     int recv_b;
+ 
+     char file[OS_SIZE_1024 + 1];
+diff --git a/src/client-agent/receiver.c b/src/client-agent/receiver.c
+index fde64c282..5286e60dc 100644
+--- a/src/client-agent/receiver.c
++++ b/src/client-agent/receiver.c
+@@ -29,6 +29,8 @@ void *receive_msg()
+     char cleartext[OS_MAXSTR + 1];
+     char *tmp_msg;
+ 
++    extern agent *agt;
++
+     memset(cleartext, '\0', OS_MAXSTR + 1);
+     memset(buffer, '\0', OS_MAXSTR + 1);
+ 
+diff --git a/src/client-agent/sendmsg.c b/src/client-agent/sendmsg.c
+index 454c2e714..3076dfcf9 100644
+--- a/src/client-agent/sendmsg.c
++++ b/src/client-agent/sendmsg.c
+@@ -15,6 +15,9 @@
+ /* Send a message to the server */
+ int send_msg(int agentid, const char *msg)
+ {
++
++    extern agent *agt;
++
+     size_t msg_size;
+     char crypt_msg[OS_MAXSTR + 1];
+ 
+diff --git a/src/client-agent/start_agent.c b/src/client-agent/start_agent.c
+index 51670cee5..f1df43715 100644
+--- a/src/client-agent/start_agent.c
++++ b/src/client-agent/start_agent.c
+@@ -24,6 +24,9 @@ int connect_server(int initial_id)
+ #ifdef WIN32
+     unsigned int attempts = 2;
+ #endif //WIN32
++
++    extern agent *agt;
++
+     int rc = initial_id;
+ 
+     /* Checking if the initial is zero, meaning we have to
+@@ -139,6 +142,8 @@ void start_agent(int is_startup)
+     char cleartext[OS_MAXSTR + 1];
+     char fmsg[OS_MAXSTR + 1];
+ 
++    extern agent *agt;
++
+     memset(msg, '\0', OS_MAXSTR + 2);
+     memset(buffer, '\0', OS_MAXSTR + 1);
+     memset(cleartext, '\0', OS_MAXSTR + 1);
+@@ -241,6 +246,8 @@ void os_agent_cb(int fd, short ev, void *arg) {
+     struct imsg imsg;
+     struct imsgbuf *ibuf = (struct imsgbuf *)arg;
+ 
++    extern agent *agt;
++
+     if (ev & EV_READ) {
+         if ((n = imsg_read(ibuf) == -1 && errno != EAGAIN)) {
+             ErrorExit("%s: ERROR: imsg_read() failed: %s", ARGV0, strerror(errno));
+diff --git a/src/os_net/os_net.c b/src/os_net/os_net.c
+index f18e3be77..756e9fac8 100644
+--- a/src/os_net/os_net.c
++++ b/src/os_net/os_net.c
+@@ -14,7 +14,7 @@
+ #include <errno.h>
+ #include "shared.h"
+ #include "os_net.h"
+-agent *agt;
++agent *os_net_agt;
+ 
+ /* Prototypes */
+ static OSNetInfo *OS_Bindport(char *_port, unsigned int _proto, const char *_ip);
+@@ -346,11 +346,11 @@ int OS_Connect(char *_port, unsigned int protocol, const char *_ip)
+         return(OS_INVALID);
+     }
+ 
+-    if (agt) {
+-        if (agt->lip) {
++    if (os_net_agt) {
++        if (os_net_agt->lip) {
+             memset(&hints, 0, sizeof(struct addrinfo));
+             hints.ai_flags = AI_NUMERICHOST;
+-            s = getaddrinfo(agt->lip, NULL, &hints, &result);
++            s = getaddrinfo(os_net_agt->lip, NULL, &hints, &result);
+             if (s != 0) {
+                 verbose("getaddrinfo: %s", gai_strerror(s));
+             }
+@@ -363,8 +363,8 @@ int OS_Connect(char *_port, unsigned int protocol, const char *_ip)
+     memset(&hints, 0, sizeof(struct addrinfo));
+     /* Allow IPv4 or IPv6 if local_ip isn't specified */
+     hints.ai_family = AF_UNSPEC;
+-    if (agt) {
+-        if (agt->lip) {
++    if (os_net_agt) {
++        if (os_net_agt->lip) {
+             hints.ai_family = local_ai->ai_family;
+         }
+     }
+@@ -398,13 +398,13 @@ int OS_Connect(char *_port, unsigned int protocol, const char *_ip)
+             continue;
+         }
+ 
+-        if (agt) {
+-            if (agt->lip) {
++        if (os_net_agt) {
++            if (os_net_agt->lip) {
+                 if (bind(ossock, local_ai->ai_addr, local_ai->ai_addrlen)) {
+                     verbose("Unable to bind to local address %s.  Ignoring. (%s)",
+-                            agt->lip, strerror(errno));
++                            os_net_agt->lip, strerror(errno));
+                 }
+-                else verbose("Connecting from local address %s", agt->lip);
++                else verbose("Connecting from local address %s", os_net_agt->lip);
+             }
+         }
+ 
+diff --git a/src/os_net/os_net.h b/src/os_net/os_net.h
+index 9b7250928..3aaf00429 100644
+--- a/src/os_net/os_net.h
++++ b/src/os_net/os_net.h
+@@ -13,7 +13,7 @@
+ 
+ #include "headers/shared.h"
+ #include "config/client-config.h"
+-extern agent *agt;
++extern agent *os_net_agt;
+ #ifdef WIN32
+ #ifndef AI_ADDRCONFIG
+ #define AI_ADDRCONFIG   0x0400
+
+From 940198e914db65a7133784d25964aa0e11354233 Mon Sep 17 00:00:00 2001
+From: ddpbsd <ddpbsd@gmail.com>
+Date: Sat, 2 May 2020 14:08:33 -0400
+Subject: [PATCH 2/5] extern agt
+
+---
+ src/win32/win_agent.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/win32/win_agent.c b/src/win32/win_agent.c
+index 40a37e621..a2ec784f2 100644
+--- a/src/win32/win_agent.c
++++ b/src/win32/win_agent.c
+@@ -124,6 +124,7 @@ int local_start()
+     WSADATA wsaData;
+     DWORD  threadID;
+     DWORD  threadID2;
++    extern agent *agt;
+ 
+     /* Start agent */
+     agt = (agent *)calloc(1, sizeof(agent));
+@@ -271,6 +272,7 @@ int SendMSG(__attribute__((unused)) int queue, const char *message, const char *
+     char tmpstr[OS_MAXSTR + 2];
+     char crypt_msg[OS_MAXSTR + 2];
+     DWORD dwWaitResult;
++    extern agent *agt;
+ 
+     tmpstr[OS_MAXSTR + 1] = '\0';
+     crypt_msg[OS_MAXSTR + 1] = '\0';
+@@ -468,6 +470,8 @@ void send_win32_info(time_t curr_time)
+     tmp_msg[OS_MAXSTR + 1] = '\0';
+     crypt_msg[OS_MAXSTR + 1] = '\0';
+ 
++    extern agent *agt;
++
+     debug1("%s: DEBUG: Sending keep alive message.", ARGV0);
+ 
+     /* Fix time */
+
+From f8405753edbf1fd478ba75e6f7c770e63fa1e126 Mon Sep 17 00:00:00 2001
+From: ddpbsd <ddpbsd@gmail.com>
+Date: Mon, 25 May 2020 12:23:16 -0400
+Subject: [PATCH 3/5] Shuffle around variable declarations to make -fno-common
+ happy.
+
+---
+ src/analysisd/analysisd.c       | 1 +
+ src/analysisd/syscheck-sqlite.h | 2 +-
+ 2 files changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/analysisd/analysisd.c b/src/analysisd/analysisd.c
+index a220f4421..2e89b7967 100644
+--- a/src/analysisd/analysisd.c
++++ b/src/analysisd/analysisd.c
+@@ -43,6 +43,7 @@
+ 
+ #ifdef SQLITE_ENABLED
+ #include "syscheck-sqlite.h"
++sqlite3 *conn;
+ #endif
+ 
+ /** Prototypes **/
+diff --git a/src/analysisd/syscheck-sqlite.h b/src/analysisd/syscheck-sqlite.h
+index 526cab26e..3a68ca816 100644
+--- a/src/analysisd/syscheck-sqlite.h
++++ b/src/analysisd/syscheck-sqlite.h
+@@ -1,5 +1,5 @@
+ #ifdef SQLITE_ENABLED
+ #include <sqlite3.h>
+ 
+-sqlite3 *conn;
++//sqlite3 *conn;
+ #endif
+
+From 1d54a2cca3241bd80781a615e4f6f97ce2c1569e Mon Sep 17 00:00:00 2001
+From: ddpbsd <ddpbsd@gmail.com>
+Date: Mon, 25 May 2020 12:24:47 -0400
+Subject: [PATCH 4/5] garbage collect syscheck-sqlite.h since it's blank now.
+
+---
+ src/analysisd/analysisd.c         | 1 -
+ src/analysisd/decoders/syscheck.c | 4 ----
+ src/analysisd/syscheck-sqlite.h   | 5 -----
+ 3 files changed, 10 deletions(-)
+ delete mode 100644 src/analysisd/syscheck-sqlite.h
+
+diff --git a/src/analysisd/analysisd.c b/src/analysisd/analysisd.c
+index 2e89b7967..db762a90d 100644
+--- a/src/analysisd/analysisd.c
++++ b/src/analysisd/analysisd.c
+@@ -42,7 +42,6 @@
+ #endif
+ 
+ #ifdef SQLITE_ENABLED
+-#include "syscheck-sqlite.h"
+ sqlite3 *conn;
+ #endif
+ 
+diff --git a/src/analysisd/decoders/syscheck.c b/src/analysisd/decoders/syscheck.c
+index a6d675892..7c6745166 100644
+--- a/src/analysisd/decoders/syscheck.c
++++ b/src/analysisd/decoders/syscheck.c
+@@ -15,10 +15,6 @@
+ #include "alerts/alerts.h"
+ #include "decoder.h"
+ 
+-#ifdef SQLITE_ENABLED
+-#include "syscheck-sqlite.h"
+-#endif
+-
+ typedef struct __sdb {
+     char buf[OS_MAXSTR + 1];
+     char comment[OS_MAXSTR + 1];
+diff --git a/src/analysisd/syscheck-sqlite.h b/src/analysisd/syscheck-sqlite.h
+deleted file mode 100644
+index 3a68ca816..000000000
+--- a/src/analysisd/syscheck-sqlite.h
++++ /dev/null
+@@ -1,5 +0,0 @@
+-#ifdef SQLITE_ENABLED
+-#include <sqlite3.h>
+-
+-//sqlite3 *conn;
+-#endif
+
+From 5d6f21e31dab30e34f1713f6cfe1b2e0108f77f5 Mon Sep 17 00:00:00 2001
+From: ddpbsd <ddpbsd@gmail.com>
+Date: Mon, 25 May 2020 14:38:08 -0400
+Subject: [PATCH 5/5] Shuffle around sqlite and geoip variables to make
+ -fno-common happy
+
+---
+ src/analysisd/analysisd.c         | 5 +++++
+ src/analysisd/config.h            | 3 +++
+ src/analysisd/decoders/geoip.c    | 1 +
+ src/analysisd/decoders/syscheck.c | 4 ++++
+ src/analysisd/makelists.c         | 4 ++++
+ src/analysisd/testrule.c          | 1 +
+ 6 files changed, 18 insertions(+)
+
+diff --git a/src/analysisd/analysisd.c b/src/analysisd/analysisd.c
+index db762a90d..0a81971de 100644
+--- a/src/analysisd/analysisd.c
++++ b/src/analysisd/analysisd.c
+@@ -42,9 +42,14 @@
+ #endif
+ 
+ #ifdef SQLITE_ENABLED
++#include <sqlite3.h>
+ sqlite3 *conn;
+ #endif
+ 
++#ifdef LIBGEOIP_ENABLED
++GeoIP *geoipdb;
++#endif
++
+ /** Prototypes **/
+ void OS_ReadMSG(int m_queue);
+ RuleInfo *OS_CheckIfRuleMatch(Eventinfo *lf, RuleNode *curr_node);
+diff --git a/src/analysisd/config.h b/src/analysisd/config.h
+index 8d74c756e..976d1942e 100644
+--- a/src/analysisd/config.h
++++ b/src/analysisd/config.h
+@@ -12,6 +12,7 @@
+ 
+ #include "config/config.h"
+ #include "config/global-config.h"
++
+ #ifdef LIBGEOIP_ENABLED
+ #include "GeoIP.h"
+ #endif
+@@ -20,9 +21,11 @@
+ extern long int __crt_ftell; /* Global ftell pointer */
+ extern _Config Config;       /* Global Config structure */
+ 
++/*
+ #ifdef LIBGEOIP_ENABLED
+ GeoIP *geoipdb;
+ #endif
++*/
+ 
+ int GlobalConf(const char *cfgfile);
+ 
+diff --git a/src/analysisd/decoders/geoip.c b/src/analysisd/decoders/geoip.c
+index 464e4bb71..9816b4c81 100644
+--- a/src/analysisd/decoders/geoip.c
++++ b/src/analysisd/decoders/geoip.c
+@@ -30,6 +30,7 @@ char *GetGeoInfobyIP(char *ip_addr)
+     GeoIPRecord *geoiprecord;
+     char *geodata = NULL;
+     char geobuffer[256 +1];
++    extern GeoIP *geoipdb;
+ 
+     if(!geoipdb)
+     {
+diff --git a/src/analysisd/decoders/syscheck.c b/src/analysisd/decoders/syscheck.c
+index 7c6745166..30339a00d 100644
+--- a/src/analysisd/decoders/syscheck.c
++++ b/src/analysisd/decoders/syscheck.c
+@@ -15,6 +15,10 @@
+ #include "alerts/alerts.h"
+ #include "decoder.h"
+ 
++#ifdef SQLITE_ENABLED
++#include <sqlite3.h>
++#endif
++
+ typedef struct __sdb {
+     char buf[OS_MAXSTR + 1];
+     char comment[OS_MAXSTR + 1];
+diff --git a/src/analysisd/makelists.c b/src/analysisd/makelists.c
+index 06c90db70..dfbe6a4a3 100644
+--- a/src/analysisd/makelists.c
++++ b/src/analysisd/makelists.c
+@@ -32,6 +32,10 @@ time_t c_time;
+ char __shost[512];
+ OSDecoderInfo *NULL_Decoder;
+ 
++#ifdef LIBGEOIP_ENABLED
++GeoIP *geoipdb;
++#endif
++
+ /* print help statement */
+ __attribute__((noreturn))
+ static void help_makelists(void)
+diff --git a/src/analysisd/testrule.c b/src/analysisd/testrule.c
+index c08fb4885..b1aa928f7 100644
+--- a/src/analysisd/testrule.c
++++ b/src/analysisd/testrule.c
+@@ -83,6 +83,7 @@ int main(int argc, char **argv)
+     memset(prev_month, '\0', 4);
+ 
+ #ifdef LIBGEOIP_ENABLED
++    extern GeoIP *geoipdb;
+     geoipdb = NULL;
+ #endif
+ 
\ No newline at end of file
diff --git a/testing/ossec-hids-server/APKBUILD b/testing/ossec-hids-server/APKBUILD
index 616ed8e728fd..4e05daa4ead0 100644
--- a/testing/ossec-hids-server/APKBUILD
+++ b/testing/ossec-hids-server/APKBUILD
@@ -3,7 +3,7 @@
 pkgname=ossec-hids-server
 _target=${pkgname/ossec-hids-/}
 pkgver=3.6.0
-pkgrel=0
+pkgrel=1
 pkgdesc="Open Source Host-based Intrusion Detection System"
 url="https://www.ossec.net/"
 arch="all !aarch64 !armhf !armv7 !s390x"
@@ -17,6 +17,7 @@ subpackages="$pkgname-doc"
 pkgusers="ossec ossecm ossecr"
 pkggroups="ossec"
 source="$pkgname-$pkgver.tar.gz::https://github.com/ossec/ossec-hids/archive/$pkgver.tar.gz
+	745384649f89a67a42894e66cdc8c2e23773b358.patch
 	$pkgname.logrotate
 	musl_lack_of_a_out_h.patch
 	makefile.patch
@@ -82,6 +83,7 @@ doc() {
 }
 
 sha512sums="1f5e897de757df264dfb56def74b7d8f886b6b9d772b5b3d0197c9cd00a32fd7fd8a7b53566851fea3cd74d433b5594cbd074e50b7dbe36305fb3c243e8ddcf5  ossec-hids-server-3.6.0.tar.gz
+bc8a02b8ff395903d2782c95448672688b5b965cfe47cd7cc70b51cd18601fa85dab5cac8ab77d8ea060d83dfb5159a03040ec91b4ee8aa6e56d20e5a6238633  745384649f89a67a42894e66cdc8c2e23773b358.patch
 6cdf4852feabfdd043405e2570bb9a3013eb11c1865e9178fb67a019717d44fb0fedba05ab74c4334a1bae0a0c45912213dd7d6c7e1eab31853d40beea7596a0  ossec-hids-server.logrotate
 4e076581cc3977c527f30da6c43552db18bc35ea7b745c1504f4d15ebfbcef42c9604804af28fc90744a85f847a0f0c5bf991476cae71e3d860adb7cfa33a63b  musl_lack_of_a_out_h.patch
 27ccd8197541693c6cfa85e1598b40a5bd2dbd1dec2b7bd057211b45fd0c14c42c2ddd01d9ac57491eda93bb318961642d3adce55b395351d530609250ca003f  makefile.patch
-- 
GitLab


From cb073670365f33526eb90cf9c2a67aced670b9c1 Mon Sep 17 00:00:00 2001
From: Noel Kuntze <noel.kuntze@thermi.consulting>
Date: Sun, 14 Feb 2021 23:14:01 +0100
Subject: [PATCH 06/12] testing/ossec-hids-server: summarize declared exports
 in _make_args

---
 testing/ossec-hids-server/APKBUILD | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/testing/ossec-hids-server/APKBUILD b/testing/ossec-hids-server/APKBUILD
index 4e05daa4ead0..5ba7ddbe0171 100644
--- a/testing/ossec-hids-server/APKBUILD
+++ b/testing/ossec-hids-server/APKBUILD
@@ -44,12 +44,12 @@ prepare() {
 build() {
 	cd "$builddir"/src
 	make clean
-	make TARGET=$_target PREFIX=/var/ossec
+	make TARGET=$_target PREFIX=/var/ossec $_make_args
 }
 
 check() {
 	cd "$builddir"/src
-	make test PREFIX=/var/ossec
+	make test PREFIX=/var/ossec $_make_args
 }
 
 package() {
@@ -71,7 +71,7 @@ EOF
 	find "$pkgdir" -user daemon -exec chown 526 '{}' ';'
 	find "$pkgdir" -group nobody -exec chgrp 525 '{}' ';'
 
-	make TARGET="$_target" PREFIX="$pkgdir"/var/ossec install
+	make install TARGET="$_target" PREFIX="$pkgdir"/var/ossec $_make_args
 }
 
 doc() {
@@ -79,7 +79,7 @@ doc() {
 	pkgdesc="Documentation for $pkgname"
 	mkdir -p "$subpkgdir"/usr/share/doc/$pkgname
 	cp -a doc/* \
-	  "$subpkgdir"/usr/share/doc/$pkgname
+		"$subpkgdir"/usr/share/doc/$pkgname
 }
 
 sha512sums="1f5e897de757df264dfb56def74b7d8f886b6b9d772b5b3d0197c9cd00a32fd7fd8a7b53566851fea3cd74d433b5594cbd074e50b7dbe36305fb3c243e8ddcf5  ossec-hids-server-3.6.0.tar.gz
-- 
GitLab


From a0d0de5039bb4501719a0cd136c7a8cf026a4283 Mon Sep 17 00:00:00 2001
From: Noel Kuntze <noel.kuntze@thermi.consulting>
Date: Sun, 14 Feb 2021 23:19:26 +0100
Subject: [PATCH 07/12] testing/ossec-hids-agent: Add missing checksum

---
 testing/ossec-hids-agent/APKBUILD | 1 +
 1 file changed, 1 insertion(+)

diff --git a/testing/ossec-hids-agent/APKBUILD b/testing/ossec-hids-agent/APKBUILD
index c3a6925ff350..f20beb853b5e 100644
--- a/testing/ossec-hids-agent/APKBUILD
+++ b/testing/ossec-hids-agent/APKBUILD
@@ -76,6 +76,7 @@ doc() {
 }
 
 sha512sums="1f5e897de757df264dfb56def74b7d8f886b6b9d772b5b3d0197c9cd00a32fd7fd8a7b53566851fea3cd74d433b5594cbd074e50b7dbe36305fb3c243e8ddcf5  ossec-hids-agent-3.6.0.tar.gz
+bc8a02b8ff395903d2782c95448672688b5b965cfe47cd7cc70b51cd18601fa85dab5cac8ab77d8ea060d83dfb5159a03040ec91b4ee8aa6e56d20e5a6238633  745384649f89a67a42894e66cdc8c2e23773b358.patch
 6cdf4852feabfdd043405e2570bb9a3013eb11c1865e9178fb67a019717d44fb0fedba05ab74c4334a1bae0a0c45912213dd7d6c7e1eab31853d40beea7596a0  ossec-hids-agent.logrotate
 4e076581cc3977c527f30da6c43552db18bc35ea7b745c1504f4d15ebfbcef42c9604804af28fc90744a85f847a0f0c5bf991476cae71e3d860adb7cfa33a63b  musl_lack_of_a_out_h.patch
 27ccd8197541693c6cfa85e1598b40a5bd2dbd1dec2b7bd057211b45fd0c14c42c2ddd01d9ac57491eda93bb318961642d3adce55b395351d530609250ca003f  makefile.patch
-- 
GitLab


From 068a50db5e619c59b3242b543625e63708864e8d Mon Sep 17 00:00:00 2001
From: Noel Kuntze <noel.kuntze@thermi.consulting>
Date: Mon, 15 Feb 2021 05:11:34 +0100
Subject: [PATCH 08/12] community/ossec-hids: move from testing

---
 {testing => community}/ossec-hids/APKBUILD               | 0
 {testing => community}/ossec-hids/ossec-hids.pre-install | 0
 2 files changed, 0 insertions(+), 0 deletions(-)
 rename {testing => community}/ossec-hids/APKBUILD (100%)
 rename {testing => community}/ossec-hids/ossec-hids.pre-install (100%)

diff --git a/testing/ossec-hids/APKBUILD b/community/ossec-hids/APKBUILD
similarity index 100%
rename from testing/ossec-hids/APKBUILD
rename to community/ossec-hids/APKBUILD
diff --git a/testing/ossec-hids/ossec-hids.pre-install b/community/ossec-hids/ossec-hids.pre-install
similarity index 100%
rename from testing/ossec-hids/ossec-hids.pre-install
rename to community/ossec-hids/ossec-hids.pre-install
-- 
GitLab


From 6deece810efe2e0afe30fa86f86311ebb5d06532 Mon Sep 17 00:00:00 2001
From: Noel Kuntze <noel.kuntze@thermi.consulting>
Date: Mon, 15 Feb 2021 05:11:45 +0100
Subject: [PATCH 09/12] community/ossec-hids-local: move from testing

---
 .../745384649f89a67a42894e66cdc8c2e23773b358.patch                | 0
 {testing => community}/ossec-hids-local/APKBUILD                  | 0
 {testing => community}/ossec-hids-local/config                    | 0
 {testing => community}/ossec-hids-local/makefile.patch            | 0
 .../ossec-hids-local/musl_lack_of_a_out_h.patch                   | 0
 .../ossec-hids-local/ossec-hids-local.logrotate                   | 0
 6 files changed, 0 insertions(+), 0 deletions(-)
 rename {testing => community}/ossec-hids-local/745384649f89a67a42894e66cdc8c2e23773b358.patch (100%)
 rename {testing => community}/ossec-hids-local/APKBUILD (100%)
 rename {testing => community}/ossec-hids-local/config (100%)
 rename {testing => community}/ossec-hids-local/makefile.patch (100%)
 rename {testing => community}/ossec-hids-local/musl_lack_of_a_out_h.patch (100%)
 rename {testing => community}/ossec-hids-local/ossec-hids-local.logrotate (100%)

diff --git a/testing/ossec-hids-local/745384649f89a67a42894e66cdc8c2e23773b358.patch b/community/ossec-hids-local/745384649f89a67a42894e66cdc8c2e23773b358.patch
similarity index 100%
rename from testing/ossec-hids-local/745384649f89a67a42894e66cdc8c2e23773b358.patch
rename to community/ossec-hids-local/745384649f89a67a42894e66cdc8c2e23773b358.patch
diff --git a/testing/ossec-hids-local/APKBUILD b/community/ossec-hids-local/APKBUILD
similarity index 100%
rename from testing/ossec-hids-local/APKBUILD
rename to community/ossec-hids-local/APKBUILD
diff --git a/testing/ossec-hids-local/config b/community/ossec-hids-local/config
similarity index 100%
rename from testing/ossec-hids-local/config
rename to community/ossec-hids-local/config
diff --git a/testing/ossec-hids-local/makefile.patch b/community/ossec-hids-local/makefile.patch
similarity index 100%
rename from testing/ossec-hids-local/makefile.patch
rename to community/ossec-hids-local/makefile.patch
diff --git a/testing/ossec-hids-local/musl_lack_of_a_out_h.patch b/community/ossec-hids-local/musl_lack_of_a_out_h.patch
similarity index 100%
rename from testing/ossec-hids-local/musl_lack_of_a_out_h.patch
rename to community/ossec-hids-local/musl_lack_of_a_out_h.patch
diff --git a/testing/ossec-hids-local/ossec-hids-local.logrotate b/community/ossec-hids-local/ossec-hids-local.logrotate
similarity index 100%
rename from testing/ossec-hids-local/ossec-hids-local.logrotate
rename to community/ossec-hids-local/ossec-hids-local.logrotate
-- 
GitLab


From 1380927f1bbc97712910e583647e3361211192d9 Mon Sep 17 00:00:00 2001
From: Noel Kuntze <noel.kuntze@thermi.consulting>
Date: Mon, 15 Feb 2021 05:11:57 +0100
Subject: [PATCH 10/12] community/ossec-hids-server: move from testing

---
 .../745384649f89a67a42894e66cdc8c2e23773b358.patch                | 0
 {testing => community}/ossec-hids-server/APKBUILD                 | 0
 {testing => community}/ossec-hids-server/config                   | 0
 {testing => community}/ossec-hids-server/makefile.patch           | 0
 .../ossec-hids-server/musl_lack_of_a_out_h.patch                  | 0
 .../ossec-hids-server/ossec-hids-server.logrotate                 | 0
 6 files changed, 0 insertions(+), 0 deletions(-)
 rename {testing => community}/ossec-hids-server/745384649f89a67a42894e66cdc8c2e23773b358.patch (100%)
 rename {testing => community}/ossec-hids-server/APKBUILD (100%)
 rename {testing => community}/ossec-hids-server/config (100%)
 rename {testing => community}/ossec-hids-server/makefile.patch (100%)
 rename {testing => community}/ossec-hids-server/musl_lack_of_a_out_h.patch (100%)
 rename {testing => community}/ossec-hids-server/ossec-hids-server.logrotate (100%)

diff --git a/testing/ossec-hids-server/745384649f89a67a42894e66cdc8c2e23773b358.patch b/community/ossec-hids-server/745384649f89a67a42894e66cdc8c2e23773b358.patch
similarity index 100%
rename from testing/ossec-hids-server/745384649f89a67a42894e66cdc8c2e23773b358.patch
rename to community/ossec-hids-server/745384649f89a67a42894e66cdc8c2e23773b358.patch
diff --git a/testing/ossec-hids-server/APKBUILD b/community/ossec-hids-server/APKBUILD
similarity index 100%
rename from testing/ossec-hids-server/APKBUILD
rename to community/ossec-hids-server/APKBUILD
diff --git a/testing/ossec-hids-server/config b/community/ossec-hids-server/config
similarity index 100%
rename from testing/ossec-hids-server/config
rename to community/ossec-hids-server/config
diff --git a/testing/ossec-hids-server/makefile.patch b/community/ossec-hids-server/makefile.patch
similarity index 100%
rename from testing/ossec-hids-server/makefile.patch
rename to community/ossec-hids-server/makefile.patch
diff --git a/testing/ossec-hids-server/musl_lack_of_a_out_h.patch b/community/ossec-hids-server/musl_lack_of_a_out_h.patch
similarity index 100%
rename from testing/ossec-hids-server/musl_lack_of_a_out_h.patch
rename to community/ossec-hids-server/musl_lack_of_a_out_h.patch
diff --git a/testing/ossec-hids-server/ossec-hids-server.logrotate b/community/ossec-hids-server/ossec-hids-server.logrotate
similarity index 100%
rename from testing/ossec-hids-server/ossec-hids-server.logrotate
rename to community/ossec-hids-server/ossec-hids-server.logrotate
-- 
GitLab


From afbcef21daf97dea8847011d778793cee717a8ea Mon Sep 17 00:00:00 2001
From: Noel Kuntze <noel.kuntze@thermi.consulting>
Date: Mon, 15 Feb 2021 05:12:25 +0100
Subject: [PATCH 11/12] community/ossec-hids-agent: move from testing

---
 .../745384649f89a67a42894e66cdc8c2e23773b358.patch                | 0
 {testing => community}/ossec-hids-agent/APKBUILD                  | 0
 {testing => community}/ossec-hids-agent/config                    | 0
 {testing => community}/ossec-hids-agent/makefile.patch            | 0
 .../ossec-hids-agent/musl_lack_of_a_out_h.patch                   | 0
 .../ossec-hids-agent/ossec-hids-agent.logrotate                   | 0
 6 files changed, 0 insertions(+), 0 deletions(-)
 rename {testing => community}/ossec-hids-agent/745384649f89a67a42894e66cdc8c2e23773b358.patch (100%)
 rename {testing => community}/ossec-hids-agent/APKBUILD (100%)
 rename {testing => community}/ossec-hids-agent/config (100%)
 rename {testing => community}/ossec-hids-agent/makefile.patch (100%)
 rename {testing => community}/ossec-hids-agent/musl_lack_of_a_out_h.patch (100%)
 rename {testing => community}/ossec-hids-agent/ossec-hids-agent.logrotate (100%)

diff --git a/testing/ossec-hids-agent/745384649f89a67a42894e66cdc8c2e23773b358.patch b/community/ossec-hids-agent/745384649f89a67a42894e66cdc8c2e23773b358.patch
similarity index 100%
rename from testing/ossec-hids-agent/745384649f89a67a42894e66cdc8c2e23773b358.patch
rename to community/ossec-hids-agent/745384649f89a67a42894e66cdc8c2e23773b358.patch
diff --git a/testing/ossec-hids-agent/APKBUILD b/community/ossec-hids-agent/APKBUILD
similarity index 100%
rename from testing/ossec-hids-agent/APKBUILD
rename to community/ossec-hids-agent/APKBUILD
diff --git a/testing/ossec-hids-agent/config b/community/ossec-hids-agent/config
similarity index 100%
rename from testing/ossec-hids-agent/config
rename to community/ossec-hids-agent/config
diff --git a/testing/ossec-hids-agent/makefile.patch b/community/ossec-hids-agent/makefile.patch
similarity index 100%
rename from testing/ossec-hids-agent/makefile.patch
rename to community/ossec-hids-agent/makefile.patch
diff --git a/testing/ossec-hids-agent/musl_lack_of_a_out_h.patch b/community/ossec-hids-agent/musl_lack_of_a_out_h.patch
similarity index 100%
rename from testing/ossec-hids-agent/musl_lack_of_a_out_h.patch
rename to community/ossec-hids-agent/musl_lack_of_a_out_h.patch
diff --git a/testing/ossec-hids-agent/ossec-hids-agent.logrotate b/community/ossec-hids-agent/ossec-hids-agent.logrotate
similarity index 100%
rename from testing/ossec-hids-agent/ossec-hids-agent.logrotate
rename to community/ossec-hids-agent/ossec-hids-agent.logrotate
-- 
GitLab


From 714dc03cece2e8efe602f2e26ae0fd56f55dc0ab Mon Sep 17 00:00:00 2001
From: Noel Kuntze <noel.kuntze@thermi.consulting>
Date: Mon, 15 Feb 2021 05:15:29 +0100
Subject: [PATCH 12/12] community/ossec-hids: lint APKBUILD

---
 community/ossec-hids/APKBUILD | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/community/ossec-hids/APKBUILD b/community/ossec-hids/APKBUILD
index 06b679dff8d8..94a93d7f98af 100644
--- a/community/ossec-hids/APKBUILD
+++ b/community/ossec-hids/APKBUILD
@@ -37,17 +37,17 @@ package() {
 doc() {
 	cd "$builddir"
 	pkgdesc="Documentation for $pkgname"
-	mkdir -p "$subpkgdir"/usr/share/doc/$pkgname
+	mkdir -p "${subpkgdir:?}"/usr/share/doc/$pkgname
 	cp -a doc/* \
-	  "$subpkgdir"/usr/share/doc/$pkgname
+	  "${subpkgdir:?}"/usr/share/doc/$pkgname
 }
 
 contrib() {
 	pkgdesc="Contrib files for $pkgname"
-	mkdir -p "$subpkgdir"/usr/share/$pkgname
-	cp -a "$builddir"/contrib/* "$subpkgdir"/usr/share/$pkgname
+	mkdir -p "${subpkgdir:?}"/usr/share/$pkgname
+	cp -a "$builddir"/contrib/* "${subpkgdir:?}"/usr/share/$pkgname
 	for r in selinux debian-packages specs; do
-		rm -rf "$subpkgdir"/usr/share/$pkgname/$r
+		rm -rf "${subpkgdir:?}"/usr/share/$pkgname/$r
 	done
 }
 
-- 
GitLab