app-forensics/ovaldi: bump to 5.10.1.7

Package-Manager: Portage-2.3.6, Repoman-2.3.1 Closes: 5283 Signed-off-by: Marek Szuba <[email protected]>
johu · Aug 3, 2017 · 1e598a5 · 1e598a5
1 parent d770cc6
commit 1e598a5
Show file tree

Hide file tree

Showing 4 changed files with 148 additions and 0 deletions.
diff --git a/app-forensics/ovaldi/Manifest b/app-forensics/ovaldi/Manifest
@@ -1 +1,2 @@
 DIST ovaldi-5.10.1.4-src.tar.bz2 14868251 SHA256 92a22ad75ecdb02abb155e520cf249cc0f737c52b17380b1d58caf410f8c2560 SHA512 d7926a7416fe90013e203b333390e33d51c3eb0caa6ebba69dd593791a8377ac38f5db72fcff2d1ab2dd39a0f5d1b0d2a0d08f906d3e26740288532a27debb47 WHIRLPOOL b9e9142f3d51818c6fbdd12d036176a435bb7af4a75b39bd6bbaee9c542718f9058401ccdfb053a84bac97dfb9b5ba0acdbcf98c4085f6198ad51e94d6ea9d25
+DIST ovaldi-5.10.1.7-src.tar.bz2 20391784 SHA256 daf8061307d5f945b3fda683af2b4407ad7dea345a3c0b2d669f0fd72b9c27ad SHA512 22c373436889b03ffb5d479bd322703bbd8b5b335f116a3b38a3d206ddaaf3115961ab89597c3907b6e5d745eb302a042c135c73cde0eaae10e51f5d6e3e55ec WHIRLPOOL e7a4924eeefb0d1296504adfd6dfcbdeebf0bd9f560bbc94f8c981999e3ec7278f4cffc34e0b698d04d82d3f7ae63f58ad1828b812dbee2bdc7bdd9cedb14b3d
diff --git a/app-forensics/ovaldi/files/ovaldi-5.10.1.7-disable-acl.patch b/app-forensics/ovaldi/files/ovaldi-5.10.1.7-disable-acl.patch
@@ -0,0 +1,23 @@
+--- src/probes/unix/FileProbe.cpp.old	2014-10-08 09:15:37.000000000 +0200
++++ src/probes/unix/FileProbe.cpp	2014-10-08 09:15:55.000000000 +0200
+@@ -386,18 +386,8 @@
+ 	   6) If a file has an ACL, the value will be 'true'.
+ 	*/
+
+-	int hasExtendedAcl = acl_extended_file(filePath.c_str());
+-	if(hasExtendedAcl > -1){ // behavior 4, 5, and 6
+-          item->AppendElement(new ItemEntity("has_extended_acl",Common::ToString(hasExtendedAcl),OvalEnum::DATATYPE_BOOLEAN,OvalEnum::STATUS_EXISTS,0));
+-	}else{
+-	  if(errno == EOPNOTSUPP){ // behavior 3
+-	    item->AppendElement(new ItemEntity("has_extended_acl","",OvalEnum::DATATYPE_BOOLEAN,OvalEnum::STATUS_DOES_NOT_EXIST,0));
+-          }else{ // behavior 2
+-	    item->AppendElement(new ItemEntity("has_extended_acl","",OvalEnum::DATATYPE_BOOLEAN,OvalEnum::STATUS_ERROR,0));
+-            item->AppendMessage(new OvalMessage(string("Error reading ACL data: ") + strerror(errno)));
+-          }
+-	}
+-
++	// behavior 1
++	item->AppendElement(new ItemEntity("has_extended_acl","",OvalEnum::DATATYPE_BOOLEAN,OvalEnum::STATUS_NOT_COLLECTED,0));
+ # else
+ 	// behavior 1
+ 	item->AppendElement(new ItemEntity("has_extended_acl","",OvalEnum::DATATYPE_BOOLEAN,OvalEnum::STATUS_NOT_COLLECTED,0));
diff --git a/app-forensics/ovaldi/files/ovaldi-5.10.1.7-disable_RetrieveSelinuxDomainLabel.patch b/app-forensics/ovaldi/files/ovaldi-5.10.1.7-disable_RetrieveSelinuxDomainLabel.patch
@@ -0,0 +1,31 @@
+--- src/probes/unix/Process58Probe.cpp.old	2014-10-08 08:56:37.000000000 +0200
++++ src/probes/unix/Process58Probe.cpp	2014-10-08 08:57:58.000000000 +0200
+@@ -743,26 +743,8 @@
+ }
+
+ bool Process58Probe::RetrieveSelinuxDomainLabel(pid_t pid, string *label, string *err) {
+-	security_context_t sctx;
+-	int ec = getpidcon(pid, &sctx);
+-	if (ec == -1) {
+-		// getpidcon man page doesn't say errno is set... so we can't get a
+-		// reason for the error.
+-		*err = "getpidcon() failed";
+-		return false;
+-	}
+-
+-	SecurityContextGuard scg(sctx);
+-	ContextGuard cg(sctx);
+-
+-	const char *tmp = context_type_get(cg);
+-	if (!tmp) {
+-		*err = string("context_get_type(")+sctx+"): "+strerror(errno);
+-		return false;
+-	}
+-
+-	*label = tmp;
+-	return true;
++	*err = string("context_get_type(NotImplmented)");
++	return false;
+ }
+
+ #elif defined SUNOS
diff --git a/app-forensics/ovaldi/ovaldi-5.10.1.7.ebuild b/app-forensics/ovaldi/ovaldi-5.10.1.7.ebuild
@@ -0,0 +1,93 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=5
+
+inherit eutils toolchain-funcs
+
+DESCRIPTION="Free implementation of OVAL"
+HOMEPAGE="http://oval.mitre.org/language/interpreter.html"
+SRC_URI="mirror://sourceforge/${PN}/${P}-src.tar.bz2"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="acl ldap selinux"
+
+CDEPEND="dev-libs/libgcrypt:0
+	dev-libs/libpcre
+	dev-libs/xalan-c
+	dev-libs/xerces-c
+	sys-apps/util-linux
+	sys-libs/libcap
+	acl? ( sys-apps/acl )
+	ldap? ( net-nds/openldap )"
+DEPEND="${CDEPEND}
+	sys-apps/sed"
+RDEPEND="${CDEPEND}
+	selinux? ( sys-libs/libselinux )"
+
+S="${WORKDIR}/${P}-src"
+
+src_prepare() {
+	if ! use ldap ; then
+		einfo "Disabling LDAP probes"
+		sed -i 's,.*ldap,//&,' src/linux/ProbeFactory.cpp || die
+		sed -i 's,.*LDAP,//&,' src/linux/ProbeFactory.cpp || die
+		sed -i 's/-lldap//' project/linux/Makefile || die
+		sed -i 's/-llber//' project/linux/Makefile || die
+		sed -i 's/.*LDAPProbe.h.*//' src/linux/ProbeFactory.h || die
+		rm src/probes/independent/LDAPProbe.{cpp,h} || die
+	fi
+
+	if ! use acl ; then
+		sed -i 's,.*libacl,//&,' src/probes/unix/FileProbe.h || die
+		epatch "${FILESDIR}"/${P}-disable-acl.patch
+		sed -i 's, -lacl , ,' project/linux/Makefile || die
+	fi
+
+	einfo "Disabling rpm probes"
+	sed -i 's/^PACKAGE_RPM/#PACKAGE_RPM/' project/linux/Makefile || die
+
+	# same thing for dpkg, but package dpkg is not sufficient, needs app-arch/apt-pkg that is not on tree
+	einfo "Disabling dpkg probes"
+	sed -i 's/^PACKAGE_DPKG/#PACKAGE_DPKG/' project/linux/Makefile || die
+
+	#Disabling SELinux support
+	if ! use selinux ; then
+		rm src/probes/linux/SelinuxSecurityContextProbe.cpp || die
+		rm src/probes/linux/SelinuxBooleanProbe.cpp || die
+		rm src/probes/linux/SelinuxBooleanProbe.h || die
+		epatch "${FILESDIR}"/${P}-disable_RetrieveSelinuxDomainLabel.patch
+		sed -i 's,.*selinux.*,//&,' src/linux/ProbeFactory.cpp || die
+		sed -i 's,.*Selinux.*,//&,' src/linux/ProbeFactory.cpp || die
+		sed -i 's,.*selinux.*.h.*,//&,' src/probes/unix/Process58Probe.cpp || die
+		sed -i 's,.*SecurityContextGuard.h.*,//&,' src/probes/unix/Process58Probe.cpp || die
+		sed -i 's, -lselinux,,' project/linux/Makefile || die
+	fi
+
+	# missing header for realloc and free
+	sed -i 's,#include <unistd.h>,&\n#include <stdlib.h>,' src/linux/NetworkInterfaces.cpp || die
+	sed -i 's,#include <unistd.h>,&\n#include <stdlib.h>,' src/linux/SystemInfo.cpp || die
+
+	# respect CXXFLAGS and CXX
+	sed -i -e '/^CPPFLAGS/s/$(INCDIRS)/$(CXXFLAGS) \0/' project/linux/Makefile || die
+
+	# no such library on linux 
+	sed -i 's,-lxalanMsg,,' project/linux/Makefile || die
+	tc-export CXX
+}
+
+src_compile () {
+	emake -C project/linux
+}
+
+src_install () {
+	# no make install in Makefile
+	dosbin project/linux/Release/ovaldi project/linux/ovaldi.sh
+	dodir /var/log/${PN}
+	insinto /usr/share/${PN}
+	doins xml/*
+	dodoc docs/{README.txt,version.txt}
+	doman docs/ovaldi.1
+}
Original file line number	Diff line number	Diff line change
		@@ -1 +1,2 @@
		DIST ovaldi-5.10.1.4-src.tar.bz2 14868251 SHA256 92a22ad75ecdb02abb155e520cf249cc0f737c52b17380b1d58caf410f8c2560 SHA512 d7926a7416fe90013e203b333390e33d51c3eb0caa6ebba69dd593791a8377ac38f5db72fcff2d1ab2dd39a0f5d1b0d2a0d08f906d3e26740288532a27debb47 WHIRLPOOL b9e9142f3d51818c6fbdd12d036176a435bb7af4a75b39bd6bbaee9c542718f9058401ccdfb053a84bac97dfb9b5ba0acdbcf98c4085f6198ad51e94d6ea9d25
		DIST ovaldi-5.10.1.7-src.tar.bz2 20391784 SHA256 daf8061307d5f945b3fda683af2b4407ad7dea345a3c0b2d669f0fd72b9c27ad SHA512 22c373436889b03ffb5d479bd322703bbd8b5b335f116a3b38a3d206ddaaf3115961ab89597c3907b6e5d745eb302a042c135c73cde0eaae10e51f5d6e3e55ec WHIRLPOOL e7a4924eeefb0d1296504adfd6dfcbdeebf0bd9f560bbc94f8c981999e3ec7278f4cffc34e0b698d04d82d3f7ae63f58ad1828b812dbee2bdc7bdd9cedb14b3d