- update to upstream svn r269

- use pkg-plist

5 files changed, 209 insertions, 69 deletions

diff --git a/security/pulledpork/Makefile b/security/pulledpork/Makefile
index 6257d09ed122..f3977028ed1a 100644
--- a/security/pulledpork/Makefile
+++ b/security/pulledpork/Makefile
@@ -3,6 +3,7 @@
 
 PORTNAME=	pulledpork
 PORTVERSION=	0.7.0
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES=	GOOGLE_CODE
 
@@ -16,53 +17,40 @@ RUN_DEPENDS=	p5-Crypt-SSLeay>=0.57:${PORTSDIR}/security/p5-Crypt-SSLeay \
 		p5-libwww>=0:${PORTSDIR}/www/p5-libwww
 
 NO_BUILD=	yes
-USES=		perl5
+USES=		perl5 shebangfix
 USE_PERL5=	run
-
-PLIST_FILES=	bin/pulledpork.pl \
-		%%ETCDIR%%/disablesid.conf.sample \
-		%%ETCDIR%%/dropsid.conf.sample \
-		%%ETCDIR%%/enablesid.conf.sample \
-		%%ETCDIR%%/modifysid.conf.sample \
-		%%ETCDIR%%/pulledpork.conf.sample \
-		%%DATADIR%%/README.CONTRIB \
-		%%DATADIR%%/oink-conv.pl
+SHEBANG_FILES= 	${WRKSRC}/pulledpork.pl ${WRKSRC}/contrib/oink-conv.pl
 
 SUB_FILES=	pkg-message
 
 OPTIONS_DEFINE=	DOCS
-
 .include <bsd.port.options.mk>
 
-PORTDOCS=	README README.CATEGORIES README.CHANGES README.RULESET README.SHAREDOBJECTS
-
 post-patch:
-	@${REINPLACE_CMD} -e "s|/usr/bin/perl|${PERL}|" ${WRKSRC}/pulledpork.pl
 	@${REINPLACE_CMD} -e 's|snort/enablesid.conf|pulledpork/enablesid.conf|g' \
 		-e 's|snort/dropsid.conf|pulledpork/dropsid.conf|g' \
 		-e 's|snort/disablesid.conf|pulledpork/disablesid.conf|g' \
 		-e 's|snort/modifysid.conf|pulledpork/modifysid.conf|g' \
 		-e "s|/usr/local/lib/snort_dynamicrules/|${PREFIX}/etc/snort/so_rules/|g" \
 		${WRKSRC}/etc/pulledpork.conf
-	@${REINPLACE_CMD} -e "s| /usr/bin/perl|${PERL}|" ${WRKSRC}/contrib/oink-conv.pl
 
 do-install:
-	@${INSTALL_SCRIPT} ${WRKSRC}/pulledpork.pl ${STAGEDIR}${PREFIX}/bin
+	${INSTALL_SCRIPT} ${WRKSRC}/pulledpork.pl ${STAGEDIR}${PREFIX}/bin
 	@${MKDIR} -m 750 ${STAGEDIR}${ETCDIR}
 # pulledpork.conf contains the snort user registration key, do not install world readable
-	@${INSTALL} -m 640 ${WRKSRC}/etc/pulledpork.conf ${STAGEDIR}${ETCDIR}/pulledpork.conf.sample
-	@${INSTALL_DATA} ${WRKSRC}/etc/disablesid.conf ${STAGEDIR}${ETCDIR}/disablesid.conf.sample
-	@${INSTALL_DATA} ${WRKSRC}/etc/dropsid.conf    ${STAGEDIR}${ETCDIR}/dropsid.conf.sample
-	@${INSTALL_DATA} ${WRKSRC}/etc/enablesid.conf  ${STAGEDIR}${ETCDIR}/enablesid.conf.sample
-	@${INSTALL_DATA} ${WRKSRC}/etc/modifysid.conf  ${STAGEDIR}${ETCDIR}/modifysid.conf.sample
+	${INSTALL} -m 640 ${WRKSRC}/etc/pulledpork.conf ${STAGEDIR}${ETCDIR}/pulledpork.conf.sample
+	${INSTALL_DATA} ${WRKSRC}/etc/disablesid.conf ${STAGEDIR}${ETCDIR}/disablesid.conf.sample
+	${INSTALL_DATA} ${WRKSRC}/etc/dropsid.conf    ${STAGEDIR}${ETCDIR}/dropsid.conf.sample
+	${INSTALL_DATA} ${WRKSRC}/etc/enablesid.conf  ${STAGEDIR}${ETCDIR}/enablesid.conf.sample
+	${INSTALL_DATA} ${WRKSRC}/etc/modifysid.conf  ${STAGEDIR}${ETCDIR}/modifysid.conf.sample
 	@${MKDIR} ${STAGEDIR}${DATADIR}
-	@${INSTALL_DATA} ${WRKSRC}/contrib/README.CONTRIB ${STAGEDIR}${DATADIR}
-	@${INSTALL_SCRIPT} ${WRKSRC}/contrib/oink-conv.pl ${STAGEDIR}${DATADIR}
+	${INSTALL_DATA} ${WRKSRC}/contrib/README.CONTRIB ${STAGEDIR}${DATADIR}
+	${INSTALL_SCRIPT} ${WRKSRC}/contrib/oink-conv.pl ${STAGEDIR}${DATADIR}
 	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-	@${INSTALL_DATA} ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}
-	@${INSTALL_DATA} ${WRKSRC}/doc/README.CATEGORIES ${STAGEDIR}${DOCSDIR}
-	@${INSTALL_DATA} ${WRKSRC}/doc/README.CHANGES ${STAGEDIR}${DOCSDIR}
-	@${INSTALL_DATA} ${WRKSRC}/doc/README.RULESET ${STAGEDIR}${DOCSDIR}
-	@${INSTALL_DATA} ${WRKSRC}/doc/README.SHAREDOBJECTS ${STAGEDIR}${DOCSDIR}
+	${INSTALL_DATA} ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}
+	${INSTALL_DATA} ${WRKSRC}/doc/README.CATEGORIES ${STAGEDIR}${DOCSDIR}
+	${INSTALL_DATA} ${WRKSRC}/doc/README.CHANGES ${STAGEDIR}${DOCSDIR}
+	${INSTALL_DATA} ${WRKSRC}/doc/README.RULESET ${STAGEDIR}${DOCSDIR}
+	${INSTALL_DATA} ${WRKSRC}/doc/README.SHAREDOBJECTS ${STAGEDIR}${DOCSDIR}
 
 .include <bsd.port.mk>
diff --git a/security/pulledpork/files/patch-etc__pulledpork.conf b/security/pulledpork/files/patch-etc__pulledpork.conf
new file mode 100644
index 000000000000..82ad130c0fb4
--- /dev/null
+++ b/security/pulledpork/files/patch-etc__pulledpork.conf
@@ -0,0 +1,38 @@
+--- etc/pulledpork.conf.orig	2013-09-11 21:01:05 UTC
++++ etc/pulledpork.conf
+@@ -121,14 +121,14 @@ config_path=/usr/local/etc/snort/snort.c
+ 
+ # Define your distro, this is for the precompiled shared object libs!
+ # Valid Distro Types:
+-# Debian-5-0, Debian-6-0,
+-# Ubuntu-8.04, Ubuntu-10-4
+-# Centos-4-8, Centos-5-4
++# Debian-6-0, Ubuntu-10-4
++# Ubuntu-12-04, Centos-5-4
+ # FC-12, FC-14, RHEL-5-5, RHEL-6-0
+-# FreeBSD-7-3, FreeBSD-8-1
+-# OpenBSD-4-8
++# FreeBSD-8-1, FreeBSD-9-0, FreeBSD-10-0
++# OpenBSD-5-2, OpenBSD-5-3
++# OpenSUSE-11-4, OpenSUSE-12-1
+ # Slackware-13-1
+-distro=FreeBSD-8.1
++distro=FreeBSD-10-0
+ 
+ #######  This next section is optional, but probably pretty useful to you.
+ #######  Please read thoroughly!
+@@ -187,7 +187,7 @@ snort_control=/usr/local/bin/snort_contr
+ # This value MUST contain all 4 minor version
+ # numbers. ET rules are now also dependant on this, verify supported ET versions
+ # prior to simply throwing rubbish in this variable kthx!
+-# snort_version=2.9.0.0
++# snort_version=2.9.7.3
+ 
+ # Here you can specify what rule modification files to run automatically.
+ # simply uncomment and specify the apt path.
+@@ -206,4 +206,4 @@ snort_control=/usr/local/bin/snort_contr
+ ####### need to process so_rules, simply comment out the so_rule section
+ ####### you can also specify -T at runtime to process only GID 1 rules.
+ 
+-version=0.7.0
++version=0.7.1
diff --git a/security/pulledpork/files/patch-pulledpork.pl b/security/pulledpork/files/patch-pulledpork.pl
new file mode 100644
index 000000000000..a80564f5ef57
--- /dev/null
+++ b/security/pulledpork/files/patch-pulledpork.pl
@@ -0,0 +1,141 @@
+--- pulledpork.pl.orig	2015-06-01 19:41:36 UTC
++++ pulledpork.pl
+@@ -3,7 +3,7 @@
+ ## pulledpork v(whatever it says below!)
+ ## cummingsj@gmail.com
+ 
+-# Copyright (C) 2009-2013 JJ Cummings and the PulledPork Team!
++# Copyright (C) 2009-2014 JJ Cummings and the PulledPork Team!
+ 
+ # This program is free software; you can redistribute it and/or
+ # modify it under the terms of the GNU General Public License
+@@ -41,16 +41,17 @@ use Data::Dumper;
+ 
+ # we are gonna need these!
+ my ( $oinkcode, $temp_path, $rule_file, $Syslogging );
+-my $VERSION = "PulledPork v0.7.0 - Swine Flu!";
++my $VERSION = "PulledPork v0.7.1 - Swine Flu with a side of Ebola!";
+ my $ua      = LWP::UserAgent->new;
+ 
++
+ my ( $Hash, $ALogger, $Config_file, $Sorules, $Auto );
+ my ( $Output, $Distro, $Snort, $sid_changelog, $ignore_files );
+ my ( $Snort_config, $Snort_path, $Textonly,   $grabonly,    $ips_policy, );
+ my ( $pid_path,     $SigHup,     $NoDownload, $sid_msg_map, @base_url );
+ my ( $local_rules,  $arch,       $docs,       @records,     $enonly );
+ my ( $rstate, $keep_rulefiles, $rule_file_path, $prefix, $black_list );
+-my ( $Process, $hmatch, $bmatch , $sid_msg_version);
++my ( $Process, $hmatch, $bmatch , $sid_msg_version, $skipVerify);
+ my $Sostubs = 1;
+ 
+ # verbose and quiet control print()
+@@ -144,11 +145,11 @@ sub Help {
+    -D What Distro are you running on, for the so_rules
+       For latest supported options see http://www.snort.org/snort-rules/shared-object-rules
+       Valid Distro Types:
+-		Debian-5-0, Debian-6-0, Ubuntu-8.04, Ubuntu-10-4
+-		Centos-4-8, Centos-5-4,	FC-12, FC-14, RHEL-5-5, RHEL-6-0
+-		FreeBSD-7-3, FreeBSD-8-1
+-		OpenBSD-4-8
+-		Slackware-13-1
++		Debian-6-0, Ubuntu-10-4, Ubuntu-12-04, Centos-5-4
++		FC-12, FC-14, RHEL-5-5, RHEL-6-0
++		FreeBSD-8-1, FreeBSD-9-0, FreeBSD-10-0
++		OpenBSD-5-2, OpenBSD-5-3
++		OpenSUSE-11-4, OpenSUSE-12-1, Slackware-13-1
+    -e Where the enablesid config file lives.
+    -E Write ONLY the enabled rules to the output files.
+    -g grabonly (download tarball rule file(s) and do NOT process)
+@@ -176,6 +177,7 @@ sub Help {
+    -V Print Version and exit
+    -v Verbose mode, you know.. for troubleshooting and such nonsense.
+    -vv EXTRA Verbose mode, you know.. for in-depth troubleshooting and other such nonsense.
++   -w Skip the SSL verification (if there are issues pulling down rule files)
+ __EOT
+ 
+     exit(0);
+@@ -191,7 +193,7 @@ sub pulledpork {
+      `----,\\    )
+       `--==\\\\  /    $VERSION
+        `--==\\\\/
+-     .-~~~~-.Y|\\\\_  Copyright (C) 2009-2013 JJ Cummings
++     .-~~~~-.Y|\\\\_  Copyright (C) 2009-2014 JJ Cummings
+   \@_/        /  66\\_  cummingsj\@gmail.com
+     |    \\   \\   _(\")
+      \\   /-| ||'--'  Rules give me wings!
+@@ -350,9 +352,27 @@ sub compare_md5 {
+ ## mimic LWP::Simple getstore routine - Thx pkthound!
+ sub getstore {
+     my ( $url, $file ) = @_;
+-    my $request = HTTP::Request->new( GET => $url );
+-    my $response = $ua->request( $request, $file );
+-    $response->code;
++
++    # on the first run, the file may not exist, so check.
++    if ( -e $file) { 
++        # Check to ensure the user has write access to the file
++        if ( -r $file && -w _) {
++    	   my $request = HTTP::Request->new( GET => $url );
++    	   my $response = $ua->request( $request, $file );
++    	   $response->code;
++        } else {	
++    	   carp "ERROR: $file is not writable by ".(getpwuid($<))[0]."\n";
++	   syslogit( 'err|local0', "FATAL: $file is not writable by ".(getpwuid($<))[0]."\n" )
++	   if $Syslogging;
++ 	   exit(1);
++        }
++    } else {
++	   # The file does not exist, any errors refer to permission issues
++    	   my $request = HTTP::Request->new( GET => $url );
++    	   my $response = $ua->request( $request, $file );
++    	   $response->code;
++    }
++
+ }
+ 
+ ## time to grab the real 0xb33f
+@@ -1507,7 +1527,8 @@ GetOptions(
+     "u=s"    => \@base_url,
+     "V!"     => sub { Version() },
+     "v+"     => \$Verbose,
+-    "help|?" => sub { Help() }
++    "help|?" => sub { Help() },
++    "w" => \$skipVerify
+ );
+ 
+ ## Fly piggy fly!
+@@ -1533,7 +1554,7 @@ if ( $Verbose && !$Quiet ) {
+ if ( exists $Config_info{'version'} ) {
+     croak "You are not using the current version of pulledpork.conf!\n",
+       "Please use the version of pulledpork.conf that shipped with $VERSION!\n\n"
+-      if $Config_info{'version'} ne "0.7.0";
++      if $Config_info{'version'} ne "0.7.1";
+ }
+ else {
+     croak
+@@ -1700,6 +1721,7 @@ if ( $Verbose && !$Quiet ) {
+     if ($Textonly)     { print "\tText Rules only Flag is Set\n"; }
+     if ( $Verbose == 2 ) { print "\tExtra Verbose Flag is Set\n"; }
+     if ($Verbose)        { print "\tVerbose Flag is Set\n"; }
++    if ($skipVerify)     { print "\tSSL Hostname Verification disabled\n"; }
+     if (@base_url)       { print "\tBase URL is: @base_url\n"; }
+ }
+ 
+@@ -1717,10 +1739,17 @@ if ( !-d $temp_path ) {
+ # Validate sid_msg_map version
+ Help("Please specify version 1 or 2 for sid_msg_version in your config file\n") unless $sid_msg_version =~ /(1|2)/;
+ 
++
+ # set some UserAgent and other connection configs
+ $ua->agent("$VERSION");
+ $ua->show_progress(1) if ( $Verbose && !$Quiet );
+ 
++# check to see if SSL verfication is disabled
++if ($skipVerify) {
++    $ua->ssl_opts( verify_hostname => 0 )
++}
++
++
+ # New Settings to allow proxy connections to use proper SSL formating - Thx pkthound!
+ $ua->timeout(60);
+ $ua->cookie_jar( {} );
diff --git a/security/pulledpork/files/patch-so_rules.diff b/security/pulledpork/files/patch-so_rules.diff
deleted file mode 100644
index 8c873f44bbed..000000000000
--- a/security/pulledpork/files/patch-so_rules.diff
+++ /dev/null
@@ -1,41 +0,0 @@
-Index: etc/pulledpork.conf
-===================================================================
---- etc/pulledpork.conf	(revision 268)
-+++ etc/pulledpork.conf	(working copy)
-@@ -121,12 +121,12 @@
- 
- # Define your distro, this is for the precompiled shared object libs!
- # Valid Distro Types:
--# Debian-5-0, Debian-6-0,
--# Ubuntu-8.04, Ubuntu-10-4
--# Centos-4-8, Centos-5-4
-+# Debian-6-0,
-+# Ubuntu-10-4, Ubuntu-12-04
-+# Centos-5-4
- # FC-12, FC-14, RHEL-5-5, RHEL-6-0
--# FreeBSD-7-3, FreeBSD-8-1
--# OpenBSD-4-8
-+# FreeBSD-8-1, FreeBSD-9-0
-+# OpenBSD-4-8, OpenBSD-5-2, OpenBSD-5-3
- # Slackware-13-1
- distro=FreeBSD-8.1
- 
-Index: pulledpork.pl
-===================================================================
---- pulledpork.pl	(revision 268)
-+++ pulledpork.pl	(working copy)
-@@ -144,10 +144,10 @@
-    -D What Distro are you running on, for the so_rules
-       For latest supported options see http://www.snort.org/snort-rules/shared-object-rules
-       Valid Distro Types:
--		Debian-5-0, Debian-6-0, Ubuntu-8.04, Ubuntu-10-4
--		Centos-4-8, Centos-5-4,	FC-12, FC-14, RHEL-5-5, RHEL-6-0
--		FreeBSD-7-3, FreeBSD-8-1
--		OpenBSD-4-8
-+		Debian-6-0, Ubuntu-10-4, Ubuntu-12-04
-+		Centos-5-4, FC-12, FC-14, RHEL-5-5, RHEL-6-0
-+		FreeBSD-8-1, FreeBSD-9-0
-+		OpenBSD-4-8, OpenBSD-5-2, OpenBSD-5-3
- 		Slackware-13-1
-    -e Where the enablesid config file lives.
-    -E Write ONLY the enabled rules to the output files.
diff --git a/security/pulledpork/pkg-plist b/security/pulledpork/pkg-plist
new file mode 100644
index 000000000000..d917a57b3da8
--- /dev/null
+++ b/security/pulledpork/pkg-plist
@@ -0,0 +1,14 @@
+bin/pulledpork.pl
+%%ETCDIR%%/disablesid.conf.sample
+%%ETCDIR%%/dropsid.conf.sample
+%%ETCDIR%%/enablesid.conf.sample
+%%ETCDIR%%/modifysid.conf.sample
+@(,,0640) %%ETCDIR%%/pulledpork.conf.sample
+%%PORTDOCS%%%%DOCSDIR%%/README
+%%PORTDOCS%%%%DOCSDIR%%/README.CATEGORIES
+%%PORTDOCS%%%%DOCSDIR%%/README.CHANGES
+%%PORTDOCS%%%%DOCSDIR%%/README.RULESET
+%%PORTDOCS%%%%DOCSDIR%%/README.SHAREDOBJECTS
+%%DATADIR%%/README.CONTRIB
+%%DATADIR%%/oink-conv.pl
+@dir(,,0750) %%ETCDIR%%