4 files changed, 59 insertions, 21 deletions

diff --git a/security/bro/Makefile b/security/bro/Makefile
index 65f5e2df6297..6d8889893e3a 100644
--- a/security/bro/Makefile
+++ b/security/bro/Makefile
@@ -3,16 +3,17 @@
 
 PORTNAME=	bro
 PORTVERSION=	2.2
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES=	http://www.bro.org/downloads/release/
 
 MAINTAINER=	leres@ee.lbl.gov
 COMMENT=	System for detecting network intruders in real-time
 
-LICENSE=	BSD
+LICENSE=	BSD3CLAUSE
 
-BUILD_DEPENDS=	bison:${PORTSDIR}/devel/bison \
-		swig:${PORTSDIR}/devel/swig13
+BUILD_DEPENDS=	${LOCALBASE}/bin/bison:${PORTSDIR}/devel/bison \
+		${LOCALBASE}/bin/swig:${PORTSDIR}/devel/swig13
 LIB_DEPENDS=	libGeoIP.so:${PORTSDIR}/net/GeoIP
 
 USES=		cmake:outsource perl5
@@ -24,7 +25,10 @@ NO_MTREE=	yes
 .if defined(BRO_PREFIX)
 PREFIX=${BRO_PREFIX}
 PLIST_SUB+=	CLEANUP_PREFIX=""
-NEED_ROOT=	yes
+.if ! defined(WITH_PKGNG) && ! exists(${BRO_PREFIX})
+NEED_ROOT=      yes
+.endif
+NO_MTREE=	yes
 .else
 PLIST_SUB+=	CLEANUP_PREFIX="@comment "
 .endif
@@ -74,35 +78,35 @@ IGNORE=		the BROCTL option requires BROCCOLI
 .if empty(PORT_OPTIONS:MIPSUMDUMP)
 IGNORE=		the BROCTL option requires IPSUMDUMP
 .endif
-BUILD_DEPENDS+=		bash:${PORTSDIR}/shells/bash
-RUN_DEPENDS+=		bash:${PORTSDIR}/shells/bash
-PLIST_SUB+=		BROCTL=""
-USE_LDCONFIG=		yes
-CMAKE_ARGS+=		-D INSTALL_BROCTL:BOOL=true
+BUILD_DEPENDS+=	${LOCALBASE}/bin/bash:${PORTSDIR}/shells/bash
+RUN_DEPENDS+=	${LOCALBASE}/bin/bash:${PORTSDIR}/shells/bash
+PLIST_SUB+=	BROCTL=""
+USE_LDCONFIG=	yes
+CMAKE_ARGS+=	-D INSTALL_BROCTL:BOOL=true
 .else
-CMAKE_ARGS+=		-D INSTALL_BROCTL:BOOL=false
-PLIST_SUB+=		BROCTL="@comment "
+CMAKE_ARGS+=	-D INSTALL_BROCTL:BOOL=false
+PLIST_SUB+=	BROCTL="@comment "
 .endif
 
 .if ${PORT_OPTIONS:MDEBUG}
-CMAKE_ARGS+=		-D ENABLE_DEBUG:BOOL=true
+CMAKE_ARGS+=	-D ENABLE_DEBUG:BOOL=true
 .else
-CMAKE_ARGS+=		-D ENABLE_DEBUG:BOOL=false
+CMAKE_ARGS+=	-D ENABLE_DEBUG:BOOL=false
 .endif
 
 .if ${PORT_OPTIONS:MLBL_HF}
-RUN_DEPENDS+=	hf:${PORTSDIR}/sysutils/lbl-hf
+RUN_DEPENDS+=	${LOCALBASE}/bin/hf:${PORTSDIR}/sysutils/lbl-hf
 .endif
 
 .if ${PORT_OPTIONS:MLBL_CF}
-RUN_DEPENDS+=	cf:${PORTSDIR}/sysutils/lbl-cf
+RUN_DEPENDS+=	${LOCALBASE}/bin/cf:${PORTSDIR}/sysutils/lbl-cf
 .endif
 
 .if ${PORT_OPTIONS:MPERFTOOLS}
-CMAKE_ARGS+=		-D ENABLE_PERFTOOLS:BOOL=true
-RUN_DEPENDS+=	pprof:${PORTSDIR}/devel/google-perftools
+CMAKE_ARGS+=	-D ENABLE_PERFTOOLS:BOOL=true
+RUN_DEPENDS+=	${LOCALBASE}/bin/pprof:${PORTSDIR}/devel/google-perftools
 .else
-CMAKE_ARGS+=		-D ENABLE_PERFTOOLS:BOOL=false
+CMAKE_ARGS+=	-D ENABLE_PERFTOOLS:BOOL=false
 .endif
 
 .if ${PORT_OPTIONS:MIPSUMDUMP}
@@ -111,8 +115,9 @@ RUN_DEPENDS+=	ipsumdump:${PORTSDIR}/net/ipsumdump
 .endif
 
 .if ${PORT_OPTIONS:MBROCTL}
-post-stage::
-.if defined(BRO_PREFIX)
+post-install:
+.if defined(BRO_PREFIX) && !defined(WITH_PKGNG) && !exists(${BRO_PREFIX})
+	# pkg_install needs PREFIX in order to make a package from STAGEDIR/PREFIX
 	@${MKDIR} ${PREFIX}
 .endif
 	@${MKDIR} ${STAGEDIR}${PREFIX}/spool/installed-scripts-do-not-touch/auto
@@ -121,7 +126,7 @@ post-stage::
 	@${INSTALL_SCRIPT} ${INSTALL_WRKSRC}/aux/broctl/etc/${F} ${STAGEDIR}${PREFIX}/etc/${F}.example
 .endfor
 .for F in networks.cfg node.cfg
-	@${INSTALL_SCRIPT} ${WRKSRC}/aux/broctl/etc/${F} ${STAGEDIR}${PREFIX}/etc/${F}.example
+	@${MV} ${WRKSRC}/aux/broctl/etc/${F} ${STAGEDIR}${PREFIX}/etc/${F}.example
 .endfor
 .endif
 
diff --git a/security/bro/files/patch-src-input-readers-Raw.cc b/security/bro/files/patch-src-input-readers-Raw.cc
new file mode 100644
index 000000000000..a620b505c588
--- /dev/null
+++ b/security/bro/files/patch-src-input-readers-Raw.cc
@@ -0,0 +1,11 @@
+--- src/input/readers/Raw.cc.orig	2014-01-06 21:04:06.000000000 +0200
++++ src/input/readers/Raw.cc	2014-01-06 21:04:13.000000000 +0200
+@@ -352,7 +352,7 @@
+ 		fname = source.substr(0, fname.length() - 1);
+ 		}
+ 
+-	map<const char*, const char*>::const_iterator it = info.config.find("stdin"); // data that is sent to the child process
++	ReaderInfo::config_map::const_iterator it = info.config.find("stdin"); // data that is sent to the child process
+ 	if ( it != info.config.end() )
+ 		{
+ 		stdin_string = it->second;
diff --git a/security/bro/files/patch-src-input-readers-SQLite.cc b/security/bro/files/patch-src-input-readers-SQLite.cc
new file mode 100644
index 000000000000..7e728adfcf99
--- /dev/null
+++ b/security/bro/files/patch-src-input-readers-SQLite.cc
@@ -0,0 +1,11 @@
+--- src/input/readers/SQLite.cc.orig	2014-01-06 21:07:44.000000000 +0200
++++ src/input/readers/SQLite.cc	2014-01-06 21:08:00.000000000 +0200
+@@ -85,7 +85,7 @@
+ 	fullpath.append(".sqlite");
+ 
+ 	string query;
+-	map<const char*, const char*>::const_iterator it = info.config.find("query");
++	ReaderInfo::config_map::const_iterator it = info.config.find("query");
+ 	if ( it == info.config.end() )
+ 		{
+ 		Error(Fmt("No query specified when setting up SQLite data source. Aborting.", info.source));
diff --git a/security/bro/files/patch-src-logging-writers-SQLite.cc b/security/bro/files/patch-src-logging-writers-SQLite.cc
new file mode 100644
index 000000000000..dd4db628089e
--- /dev/null
+++ b/security/bro/files/patch-src-logging-writers-SQLite.cc
@@ -0,0 +1,11 @@
+--- src/logging/writers/SQLite.cc.orig	2014-01-06 21:08:34.000000000 +0200
++++ src/logging/writers/SQLite.cc	2014-01-06 21:08:45.000000000 +0200
+@@ -126,7 +126,7 @@
+ 	fullpath.append(".sqlite");
+ 	string tablename;
+ 
+-	map<const char*, const char*>::const_iterator it = info.config.find("tablename");
++	WriterInfo::config_map::const_iterator it = info.config.find("tablename");
+ 	if ( it == info.config.end() )
+ 		{
+ 		MsgThread::Info(Fmt("tablename configuration option not found. Defaulting to path %s", info.path));