security/snort3: UNBREAK

- Update version 3.0.0-258=>3.0.0-270
- Remove BUILD_DEPENDS and RUN_DEPENDS into LIB_DEPENDS
- Change compiler to use c++14-lang
- Make HYPERSCAN default for amd64
- Remove DEBUG_DESC and DOCS_DESC for the defaults DESC

net/libdaq: Update version 3.0.0-alpha3=>3.0.0-alpha4

Submitted by:	dvl
MFH:		2020Q2 (buildtime fix)
Differential Revision:	https://reviews.freebsd.org/D24263

8 files changed, 117 insertions, 35 deletions

diff --git a/security/snort3/Makefile b/security/snort3/Makefile
index 3f2099e8af8f..e7d089bc7e78 100644
--- a/security/snort3/Makefile
+++ b/security/snort3/Makefile
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	snort
-DISTVERSION=	3.0.0-258
+DISTVERSION=	3.0.0-270
 PORTEPOCH=	1
 CATEGORIES=	security
 PKGNAMESUFFIX=	3
@@ -13,20 +13,17 @@ COMMENT=	Lightweight network intrusion detection system
 LICENSE=	GPLv2
 LICENSE_FILE=	${WRKSRC}/LICENSE
 
-BROKEN=		fails to build
-
-BUILD_DEPENDS=	libdaq>=0:net/libdaq \
-		bash>0:shells/bash
 LIB_DEPENDS=	libpcre.so:devel/pcre \
 		libdnet.so:net/libdnet \
 		libpcap.so:net/libpcap \
 		libluajit-5.1.so:lang/luajit \
-		libhwloc.so:devel/hwloc
-RUN_DEPENDS=	libdaq>=0:net/libdaq
-
-USES=		cmake compiler:c++11-lang cpe libtool localbase pathfix pkgconfig shebangfix ssl iconv
+		libhwloc.so:devel/hwloc \
+		libuuid.so:misc/e2fsprogs-libuuid \
+		libdaq.so:net/libdaq
 
+USES=		cmake compiler:c++14-lang cpe localbase pathfix pkgconfig shebangfix ssl iconv
 USE_GITHUB=	yes
+
 GH_ACCOUNT=	snort3
 GH_PROJECT=	snort3
 
@@ -35,10 +32,9 @@ SHEBANG_FILES=	tools/appid_detector_builder.sh
 OPTIONS_DEFINE=		ADDRESSSANITIZER DEBUG DOCS FLATBUFFERS LARGEPCAP PIE THREADSANITIZER STATICDAQ
 OPTIONS_DEFINE_amd64=	HYPERSCAN TSC
 OPTIONS_DEFAULT=	STATICDAQ
+OPTIONS_DEFAULT_amd64=	HYPERSCAN
 
 ADDRESSSANITIZER_DESC=	Enable address sanitizer
-DEBUG_DESC=		Enable debug
-DOCS_DESC=		Enable documentation
 FLATBUFFERS_DESC=	Enable flatbuffers support
 HYPERSCAN_DESC=		Enable high-performance regular expression lib
 LARGEPCAP_DESC=		Enable support for pcaps larger than 2 GB
@@ -56,9 +52,21 @@ STATICDAQ_CMAKE_BOOL=	ENABLE_STATIC_DAQ
 THREADSANITIZER_CMAKE_BOOL=	ENABLE_THREAD_SANITIZER
 TSC_CMAKE_BOOL=		ENABLE_TSC_CLOCK
 
-FLATBUFFERS_LIB_DEPENDS=	libflatbuffers.so:devel/flatbuffers
+FLATBUFFERS_LIB_DEPENDS=libflatbuffers.so:devel/flatbuffers
 HYPERSCAN_LIB_DEPENDS=	libhs.so:devel/hyperscan
 
 CONFLICTS=	snort-2*
 
+.include <bsd.port.options.mk>
+
+.if ${PORT_OPTIONS:MHYPERSCAN}
+PLIST_SUB+=	HYPERSCAN=""
+.else
+PLIST_SUB+=	HYPERSCAN="@comment "
+.endif
+
+post-patch:
+	${REINPLACE_CMD} -e 's|_LIBDIR}/pkgconfig|_PREFIX}/libdata/pkgconfig|g' \
+		${WRKSRC}/cmake/create_pkg_config.cmake
+
 .include <bsd.port.mk>
diff --git a/security/snort3/distinfo b/security/snort3/distinfo
index b6e23a546a7a..c92e8e1c2762 100644
--- a/security/snort3/distinfo
+++ b/security/snort3/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1563993608
-SHA256 (snort3-snort3-3.0.0-258_GH0.tar.gz) = 93db0d36d18c22dd78caf46c6fdfb7121886784167b5e5b3e6fcbddddc2cdfe2
-SIZE (snort3-snort3-3.0.0-258_GH0.tar.gz) = 6361952
+TIMESTAMP = 1585861636
+SHA256 (snort3-snort3-3.0.0-270_GH0.tar.gz) = 06e127240c9c234b17f9ff22469dd21651374fac0fec8fceea9849a108bb3499
+SIZE (snort3-snort3-3.0.0-270_GH0.tar.gz) = 6537334
diff --git a/security/snort3/files/patch-src_file__api_file__cache.cc b/security/snort3/files/patch-src_file__api_file__cache.cc
index 1b94bdd494a5..12ed7f630ed8 100644
--- a/security/snort3/files/patch-src_file__api_file__cache.cc
+++ b/security/snort3/files/patch-src_file__api_file__cache.cc
@@ -1,6 +1,6 @@
---- src/file_api/file_cache.cc.orig	2019-04-10 20:51:55 UTC
+--- src/file_api/file_cache.cc.orig	2020-03-25 14:13:20 UTC
 +++ src/file_api/file_cache.cc
-@@ -134,7 +134,7 @@ FileContext* FileCache::add(const FileHashKey& hashKey
+@@ -133,7 +133,7 @@ FileContext* FileCache::add(const FileHashKey& hashKey
      struct timeval now;
      packet_gettimeofday(&now);
  
@@ -9,7 +9,7 @@
      timeradd(&now, &time_to_add, &new_node.cache_expire_time);
  
      new_node.file = new FileContext;
-@@ -187,7 +187,7 @@ FileContext* FileCache::find(const FileHashKey& hashKe
+@@ -183,7 +183,7 @@ FileContext* FileCache::find(const FileHashKey& hashKe
      }
  
      struct timeval next_expire_time;
@@ -18,7 +18,7 @@
      timeradd(&now, &time_to_add, &next_expire_time);
  
      //  Refresh the timer on the cache.
-@@ -314,7 +314,7 @@ bool FileCache::apply_verdict(Packet* p, FileContext* 
+@@ -311,7 +311,7 @@ bool FileCache::apply_verdict(Packet* p, FileContext* 
  
              if (!timerisset(&file_ctx->pending_expire_time))
              {
diff --git a/security/snort3/files/patch-src_flow_ha.cc b/security/snort3/files/patch-src_flow_ha.cc
deleted file mode 100644
index 0478bc76e50f..000000000000
--- a/security/snort3/files/patch-src_flow_ha.cc
+++ /dev/null
@@ -1,10 +0,0 @@
---- src/flow/ha.cc.orig	2019-07-31 09:26:02 UTC
-+++ src/flow/ha.cc
-@@ -35,6 +35,7 @@
- #include "flow_key.h"
- #include "ha_module.h"
- #include "session.h"
-+#include <array>
- 
- using namespace snort;
- 
diff --git a/security/snort3/files/patch-src_host__tracker_host__cache__allocator.cc b/security/snort3/files/patch-src_host__tracker_host__cache__allocator.cc
new file mode 100644
index 000000000000..ab0f2903c0fc
--- /dev/null
+++ b/security/snort3/files/patch-src_host__tracker_host__cache__allocator.cc
@@ -0,0 +1,26 @@
+--- src/host_tracker/host_cache_allocator.cc.orig	2020-04-04 01:57:20 UTC
++++ src/host_tracker/host_cache_allocator.cc
+@@ -24,23 +24,6 @@
+ #include "host_cache.h"
+ 
+ template <class T>
+-T* HostCacheAlloc<T>::allocate(std::size_t n)
+-{
+-    size_t sz=n*sizeof(T);
+-    T* out=std::allocator<T>::allocate(n);
+-    lru->update(sz);
+-    return out;
+-}
+-
+-template <class T>
+-void HostCacheAlloc<T>::deallocate(T* p, std::size_t n) noexcept
+-{
+-    size_t sz = n*sizeof(T);
+-    std::allocator<T>::deallocate(p, n);
+-    lru->update( -(int) sz);
+-}
+-
+-template <class T>
+ HostCacheAllocIp<T>::HostCacheAllocIp()
+ {
+     lru = &host_cache;
diff --git a/security/snort3/files/patch-src_host__tracker_host__cache__allocator.h b/security/snort3/files/patch-src_host__tracker_host__cache__allocator.h
new file mode 100644
index 000000000000..ce74bf9038a9
--- /dev/null
+++ b/security/snort3/files/patch-src_host__tracker_host__cache__allocator.h
@@ -0,0 +1,25 @@
+--- src/host_tracker/host_cache_allocator.h.orig	2020-04-04 02:00:30 UTC
++++ src/host_tracker/host_cache_allocator.h
+@@ -44,6 +44,22 @@ class HostCacheAlloc : public std::allocator<T> (prote
+     HostCacheInterface* lru = 0;
+ };
+ 
++template <class T>
++T* HostCacheAlloc<T>::allocate(std::size_t n)
++{
++    size_t sz = n * sizeof(T);
++    T* out = std::allocator<T>::allocate(n);
++    lru->update(sz);
++    return out;
++}
++
++template <class T>
++void HostCacheAlloc<T>::deallocate(T* p, std::size_t n) noexcept
++{
++    size_t sz = n * sizeof(T);
++    std::allocator<T>::deallocate(p, n);
++    lru->update(-(int) sz);
++}
+ 
+ // Trivial derived allocator, pointing to their own host cache.
+ // HostCacheAllocIp has a HostCacheInterface* pointing to an lru cache
diff --git a/security/snort3/files/patch-src_main_analyzer.cc b/security/snort3/files/patch-src_main_analyzer.cc
index 2b23fcaa0579..ba139dda1e7d 100644
--- a/security/snort3/files/patch-src_main_analyzer.cc
+++ b/security/snort3/files/patch-src_main_analyzer.cc
@@ -1,11 +1,20 @@
---- src/main/analyzer.cc.orig	2019-07-31 10:41:21 UTC
+--- src/main/analyzer.cc.orig	2020-03-25 14:13:20 UTC
 +++ src/main/analyzer.cc
-@@ -94,7 +94,7 @@ class RetryQueue (public)
+@@ -95,7 +95,7 @@ class RetryQueue (public)
      RetryQueue(unsigned interval_ms)
      {
          assert(interval_ms > 0);
--        interval = { interval_ms / 1000, (interval_ms % 1000) * 1000 };
+-        interval = { interval_ms / 1000, static_cast<suseconds_t>((interval_ms % 1000) * 1000) };
 +        interval = { static_cast<time_t>(interval_ms / 1000), static_cast<suseconds_t>( (interval_ms % 1000) * 1000 )};
      }
  
      ~RetryQueue()
+@@ -546,7 +546,7 @@ void Analyzer::idle()
+     struct timeval now, increment;
+     unsigned int timeout = SnortConfig::get_conf()->daq_config->timeout;
+     packet_gettimeofday(&now);
+-    increment = { timeout / 1000, static_cast<suseconds_t>((timeout % 1000) * 1000) };
++    increment = { static_cast<time_t>(timeout / 1000), static_cast<suseconds_t>((timeout % 1000) * 1000) };
+     timeradd(&now, &increment, &now);
+     packet_time_update(&now);
+ 
diff --git a/security/snort3/pkg-plist b/security/snort3/pkg-plist
index 0d3a83d18607..9c585a1813ba 100644
--- a/security/snort3/pkg-plist
+++ b/security/snort3/pkg-plist
@@ -3,8 +3,12 @@ bin/snort
 bin/snort2lua
 bin/u2boat
 bin/u2spewfoo
+%%ETCDIR%%/balanced.lua
+%%ETCDIR%%/connectivity.lua
 %%ETCDIR%%/file_magic.lua
 %%ETCDIR%%/inline.lua
+%%ETCDIR%%/max_detect.lua
+%%ETCDIR%%/security.lua
 %%ETCDIR%%/snort.lua
 %%ETCDIR%%/snort_defaults.lua
 %%ETCDIR%%/talos.lua
@@ -66,11 +70,21 @@ include/snort/framework/range.h
 include/snort/framework/so_rule.h
 include/snort/framework/value.h
 include/snort/hash/ghash.h
+include/snort/hash/hash_defs.h
+include/snort/hash/hash_key_operations.h
 include/snort/hash/hashes.h
-include/snort/hash/hashfcn.h
+%%HYPERSCAN%%include/snort/helpers/hyper_scratch_allocator.h
+%%HYPERSCAN%%include/snort/helpers/hyper_search.h
 include/snort/hash/lru_cache_shared.h
 include/snort/hash/xhash.h
 include/snort/helpers/base64_encoder.h
+include/snort/helpers/boyer_moore_search.h
+include/snort/helpers/literal_search.h
+include/snort/helpers/scratch_allocator.h
+include/snort/host_tracker/host_cache.h
+include/snort/host_tracker/host_cache_allocator.h
+include/snort/host_tracker/host_cache_interface.h
+include/snort/host_tracker/host_tracker.h
 include/snort/log/log.h
 include/snort/log/log_text.h
 include/snort/log/messages.h
@@ -103,7 +117,12 @@ include/snort/network_inspectors/appid/appid_session_api.h
 include/snort/network_inspectors/appid/appid_types.h
 include/snort/network_inspectors/appid/application_ids.h
 include/snort/network_inspectors/appid/http_xff_fields.h
+include/snort/network_inspectors/appid/tp_appid_module_api.h
+include/snort/network_inspectors/appid/tp_appid_session_api.h
+include/snort/network_inspectors/appid/tp_appid_types.h
 include/snort/network_inspectors/packet_tracer/packet_tracer.h
+include/snort/network_inspectors/reputation/reputation_common.h
+include/snort/network_inspectors/rna/rna_logger.h
 include/snort/packet_io/active.h
 include/snort/packet_io/sfdaq.h
 include/snort/packet_io/sfdaq_instance.h
@@ -115,6 +134,7 @@ include/snort/profiler/profiler_defs.h
 include/snort/profiler/rule_profiler_defs.h
 include/snort/profiler/time_profiler_defs.h
 include/snort/protocols/arp.h
+include/snort/protocols/cisco_meta_data.h
 include/snort/protocols/eapol.h
 include/snort/protocols/eth.h
 include/snort/protocols/gre.h
@@ -139,6 +159,9 @@ include/snort/protocols/udp.h
 include/snort/protocols/vlan.h
 include/snort/protocols/wlan.h
 include/snort/pub_sub/appid_events.h
+include/snort/pub_sub/cip_events.h
+include/snort/pub_sub/daq_message_event.h
+include/snort/pub_sub/data_decrypt_event.h
 include/snort/pub_sub/expect_events.h
 include/snort/pub_sub/finalize_packet_event.h
 include/snort/pub_sub/http_events.h
@@ -155,18 +178,19 @@ include/snort/target_based/snort_protocols.h
 include/snort/time/clock_defs.h
 include/snort/time/packet_time.h
 include/snort/time/stopwatch.h
-include/snort/time/tsc_clock.h
 include/snort/utils/bitop.h
+include/snort/utils/boyer_moore.h
 include/snort/utils/cpp_macros.h
 include/snort/utils/endian.h
 include/snort/utils/event_gen.h
 include/snort/utils/infractions.h
 include/snort/utils/kmap.h
+include/snort/utils/memcap_allocator.h
+include/snort/utils/util_ber.h
 include/snort/utils/primed_allocator.h
 include/snort/utils/safec.h
 include/snort/utils/segment_mem.h
 include/snort/utils/sflsq.h
-include/snort/utils/sfmemcap.h
 include/snort/utils/stats.h
 include/snort/utils/util.h
 include/snort/utils/util_cstring.h