7 files changed, 280 insertions, 37 deletions

diff --git a/security/bro/Makefile b/security/bro/Makefile
index dc2b24d3c930..cd46f490463f 100644
--- a/security/bro/Makefile
+++ b/security/bro/Makefile
@@ -3,7 +3,7 @@
 
 PORTNAME=	bro
 PORTVERSION=	2.1
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	security
 MASTER_SITES=	http://www.bro-ids.org/downloads/release/
 
@@ -14,32 +14,70 @@ BUILD_DEPENDS=	bison:${PORTSDIR}/devel/bison \
 		swig:${PORTSDIR}/devel/swig13
 LIB_DEPENDS=	GeoIP:${PORTSDIR}/net/GeoIP
 
-USES=		cmake perl5
-CONFIGURE_WRKSRC=	${WRKSRC}/build
-BUILD_WRKSRC=	${CONFIGURE_WRKSRC}
-INSTALL_WRKSRC=	${CONFIGURE_WRKSRC}
+USES=		cmake:outsource perl5
+USE_PYTHON=	yes
+
+SUB_FILES=	pkg-message
+NO_MTREE=	yes
+
+.if defined(BRO_PREFIX)
+PREFIX=${BRO_PREFIX}
+PLIST_SUB+=	CLEANUP_PREFIX=""
+.else
+PLIST_SUB+=	CLEANUP_PREFIX="@comment "
+.endif
+CMAKE_ARGS+=	-D CMAKE_INSTALL_PREFIX:PATH=${PREFIX} \
+		-D BRO_ROOT_DIR:PATH=${PREFIX} \
+		-D PY_MOD_INSTALL_DIR:PATH=${PREFIX}/lib/broctl \
+		-D BRO_SCRIPT_INSTALL_PATH:PATH=${PREFIX}/share/bro \
+		-D BRO_ETC_INSTALL_DIR:PATH=${PREFIX}/etc \
+		-D ENABLE_PERFTOOLS:BOOL=false \
+		-D ENABLE_PERFTOOLS_DEBUG:BOOL=false \
+		-D BinPAC_SKIP_INSTALL:BOOL=true \
+		-D INSTALL_AUX_TOOLS:BOOL=true \
+		-D BUILD_SHARED_LIBS:BOOL=true
+
+OPTIONS_DEFINE=	BROCCOLI BROCTL DEBUG IPSUMDUMP LBL_CF LBL_HF PERFTOOLS
+OPTIONS_DEFAULT=BROCCOLI BROCTL IPSUMDUMP LBL_CF LBL_HF
 
-OPTIONS_DEFINE=	IPV6 LBL_HF LBL_CF ASSERT BROCCOLI
-OPTIONS_DEFAULT=IPV6 LBL_HF LBL_CF
-LBL_HF_DESC=	Address to hostname filter support
-LBL_CF_DESC=	Unix time to formated time/date filter support
 BROCCOLI_DESC=	Build support for libbroccoli communications
+BROCTL_DESC=	Build BroControl support (requires BROCCOLI)
+DEBUG_DESC=	Compile in debugging mode
+IPSUMDUMP_DESC=	Enables traffic summaries
+LBL_CF_DESC=	Unix time to formated time/date filter support
+LBL_HF_DESC=	Address to hostname filter support
+PERFTOOLS_DESC=	Use Perftools to improve memory & CPU usage
+
 OPTIONS_EXCLUDE=NLS DOCS
 
 NO_STAGE=	yes
 .include <bsd.port.options.mk>
 
 .if ${PORT_OPTIONS:MBROCCOLI}
-CMAKE_ARGS+=	-DINSTALL_BROCCOLI:BOOL=ON \
-		-DDISABLE_PYTHON_BINDINGS:BOOL=ON \
-		-DDISABLE_RUBY_BINDINGS:BOOL=ON
-PLIST_SUB+=	BROCCOLI=""
+LIB_DEPENDS+=	broccoli:${PORTSDIR}/security/broccoli
+.endif
+
+.if ${PORT_OPTIONS:MBROCTL}
+.if empty(PORT_OPTIONS:MBROCCOLI)
+IGNORE=		the BROCTL option requires BROCCOLI
+.endif
+.if empty(PORT_OPTIONS:MIPSUMDUMP)
+IGNORE=		the BROCTL option requires IPSUMDUMP
+.endif
+BUILD_DEPENDS+=		bash:${PORTSDIR}/shells/bash
+RUN_DEPENDS+=		bash:${PORTSDIR}/shells/bash
+PLIST_SUB+=		BROCTL=""
+USE_LDCONFIG=		yes
+CMAKE_ARGS+=		-D INSTALL_BROCTL:BOOL=true
 .else
-PLIST_SUB+=	BROCCOLI="@comment "
+CMAKE_ARGS+=		-D INSTALL_BROCTL:BOOL=false
+PLIST_SUB+=		BROCTL="@comment "
 .endif
 
-.if ${PORT_OPTIONS:MIPV6}
-CMAKE_ARGS+=	-DBROv6:BOOL=ON
+.if ${PORT_OPTIONS:MDEBUG}
+CMAKE_ARGS+=		-D ENABLE_DEBUG:BOOL=true
+.else
+CMAKE_ARGS+=		-D ENABLE_DEBUG:BOOL=false
 .endif
 
 .if ${PORT_OPTIONS:MLBL_HF}
@@ -50,12 +88,29 @@ RUN_DEPENDS+=	hf:${PORTSDIR}/sysutils/lbl-hf
 RUN_DEPENDS+=	cf:${PORTSDIR}/sysutils/lbl-cf
 .endif
 
-.if ${PORT_OPTIONS:MASSERT}
-CMAKE_ARGS+=	-DENABLE_DEBUG:BOOL=ON
+.if ${PORT_OPTIONS:MPERFTOOLS}
+CMAKE_ARGS+=		-D ENABLE_PERFTOOLS:BOOL=true
+RUN_DEPENDS+=	pprof:${PORTSDIR}/devel/google-perftools
+.else
+CMAKE_ARGS+=		-D ENABLE_PERFTOOLS:BOOL=false
+.endif
+
+.if ${PORT_OPTIONS:MIPSUMDUMP}
+BUILD_DEPENDS+=	ipsumdump:${PORTSDIR}/net/ipsumdump
+RUN_DEPENDS+=	ipsumdump:${PORTSDIR}/net/ipsumdump
 .endif
 
-post-patch:
-#	avoid installing .in header file
-	${REINPLACE_CMD} -e '13d' ${WRKSRC}/aux/binpac/lib/CMakeLists.txt
+post-install:
+.if ${PORT_OPTIONS:MBROCTL}
+	@${MKDIR} ${PREFIX}/logs
+.for i in broctl.cfg networks.cfg node.cfg
+	@${MKDIR} ${PREFIX}/etc
+	@if [ ! -f ${PREFIX}/etc/${i} ]; then \
+		${CP} ${PREFIX}/etc/${i}.sample ${PREFIX}/etc/${i}; \
+	fi
+.endfor
+	@${PREFIX}/bin/broctl install
+.endif
+	@${CAT} ${PKGMESSAGE}
 
 .include <bsd.port.mk>
diff --git a/security/bro/files/patch-CMakeLists.txt b/security/bro/files/patch-CMakeLists.txt
new file mode 100644
index 000000000000..c244f21795dd
--- /dev/null
+++ b/security/bro/files/patch-CMakeLists.txt
@@ -0,0 +1,20 @@
+--- CMakeLists.txt.orig	2013-03-12 19:08:46.000000000 -0700
++++ CMakeLists.txt	2013-03-12 19:09:12.000000000 -0700
+@@ -187,7 +187,7 @@
+ 
+ CheckOptionalBuildSources(aux/broctl   Broctl   INSTALL_BROCTL)
+ CheckOptionalBuildSources(aux/bro-aux  Bro-Aux  INSTALL_AUX_TOOLS)
+-CheckOptionalBuildSources(aux/broccoli Broccoli INSTALL_BROCCOLI)
++#CheckOptionalBuildSources(aux/broccoli Broccoli INSTALL_BROCCOLI)
+ 
+ ########################################################################
+ ## Packaging Setup
+@@ -225,7 +225,7 @@
+     "\nCXXFLAGS:          ${CMAKE_CXX_FLAGS} ${CMAKE_CXX_FLAGS_${BuildType}}"
+     "\nCPP:               ${CMAKE_CXX_COMPILER}"
+     "\n"
+-    "\nBroccoli:          ${INSTALL_BROCCOLI}"
++#    "\nBroccoli:          ${INSTALL_BROCCOLI}"
+     "\nBroctl:            ${INSTALL_BROCTL}"
+     "\nAux. Tools:        ${INSTALL_AUX_TOOLS}"
+     "\n"
diff --git a/security/bro/files/patch-aux-broctl-CMakeLists.txt b/security/bro/files/patch-aux-broctl-CMakeLists.txt
new file mode 100644
index 000000000000..dc5f221df9f3
--- /dev/null
+++ b/security/bro/files/patch-aux-broctl-CMakeLists.txt
@@ -0,0 +1,21 @@
+--- aux/broctl/CMakeLists.txt.orig	2012-07-20 07:00:08.000000000 -0700
++++ aux/broctl/CMakeLists.txt	2013-09-26 19:39:22.000000000 -0700
+@@ -209,15 +209,15 @@
+ InstallPackageConfigFile(
+     ${CMAKE_CURRENT_BINARY_DIR}/etc/broctl.cfg
+     ${ETC}
+-    broctl.cfg)
++    broctl.cfg.sample)
+ InstallPackageConfigFile(
+     ${CMAKE_CURRENT_SOURCE_DIR}/etc/networks.cfg
+     ${ETC}
+-    networks.cfg)
++    networks.cfg.sample)
+ InstallPackageConfigFile(
+     ${CMAKE_CURRENT_SOURCE_DIR}/etc/node.cfg
+     ${ETC}
+-    node.cfg)
++    node.cfg.sample)
+ 
+ ########################################################################
+ ## Packaging Setup
diff --git a/security/bro/files/patch-aux-broctl-etc-broctl.cfg.in b/security/bro/files/patch-aux-broctl-etc-broctl.cfg.in
new file mode 100644
index 000000000000..99f9a8e58634
--- /dev/null
+++ b/security/bro/files/patch-aux-broctl-etc-broctl.cfg.in
@@ -0,0 +1,14 @@
+--- aux/broctl/etc/broctl.cfg.in.orig	2013-09-27 00:02:53.000000000 -0700
++++ aux/broctl/etc/broctl.cfg.in	2013-09-27 00:03:10.000000000 -0700
+@@ -32,3 +32,11 @@
+ 
+ # Logs debug information into spool/debug.log.
+ # Debug = 1
++
++#
++# Work around to avoid race-condition where broctl deletes the
++# spool/bro directory before all the logs are archived.
++#
++#    https://bro-tracker.atlassian.net/browse/BIT-970?jql=text%20~%20%22%23970%22
++#
++TraceSummary=""
diff --git a/security/bro/files/patch-src-Expr.cc b/security/bro/files/patch-src-Expr.cc
new file mode 100644
index 000000000000..b1067556e1f9
--- /dev/null
+++ b/security/bro/files/patch-src-Expr.cc
@@ -0,0 +1,11 @@
+--- src/Expr.cc.orig	2013-09-21 12:56:00.000000000 -0700
++++ src/Expr.cc	2013-09-21 12:56:38.000000000 -0700
+@@ -2389,7 +2389,7 @@
+ 	if ( IsError() )
+ 		return;
+ 
+-	if ( ! is_assignable(op->Type()) )
++	if ( ! ::is_assignable(op->Type()) )
+ 		ExprError("illegal assignment target");
+ 	else
+ 		SetType(op->Type()->Ref());
diff --git a/security/bro/files/pkg-message.in b/security/bro/files/pkg-message.in
new file mode 100644
index 000000000000..63b9d2a7d8c4
--- /dev/null
+++ b/security/bro/files/pkg-message.in
@@ -0,0 +1,10 @@
+********************PLEASE NOTE!!!***************************
+
+During deinstall of this package, the cfg files for broctl
+are not deleted if you have edited them.  Instead
+the software will create a .sample file instead and the
+edited files will remain in place when you upgrade.  If you
+want to delete them, you have to delete them and the directory,
+%%PREFIX%%/etc/bro manually.
+
+********************PLEASE NOTE!!!***************************
diff --git a/security/bro/pkg-plist b/security/bro/pkg-plist
index a4ca2fc3946b..86b3dc6925fd 100644
--- a/security/bro/pkg-plist
+++ b/security/bro/pkg-plist
@@ -1,20 +1,54 @@
-@comment $FreeBSD$
-bin/binpac
 bin/bro
-lib/libbinpac.a
-include/binpac.h
-include/binpac_analyzer.h
-include/binpac_buffer.h
-include/binpac_bytestring.h
-include/binpac_exception.h
-include/binpac_regex.h
-%%BROCCOLI%%bin/broccoli-config
-%%BROCCOLI%%include/broccoli.h
-%%BROCCOLI%%lib/libbinpac.a
-%%BROCCOLI%%lib/libbroccoli.a
-%%BROCCOLI%%lib/libbroccoli.so
-%%BROCCOLI%%lib/libbroccoli.so.5
-%%BROCCOLI%%lib/libbroccoli.so.5.1.0
+bin/bro-cut
+@exec mkdir -p %D/etc
+@exec mkdir -p %D/logs
+%%BROCTL%%bin/broctl
+%%BROCTL%%bin/capstats
+%%BROCTL%%bin/trace-summary
+%%BROCTL%%@unexec if cmp -s %D/etc/broctl.cfg.sample %D/etc/broctl.cfg ; then rm -f %D/etc/broctl.cfg; fi
+%%BROCTL%%etc/broctl.cfg.sample
+%%BROCTL%%@exec if [ ! -f %D/etc/broctl.cfg ] ; then cp -p %D/etc/broctl.cfg.sample %D/etc/broctl.cfg; fi
+%%BROCTL%%@unexec if cmp -s %D/etc/networks.cfg.sample %D/etc/networks.cfg ; then rm -f %D/etc/networks.cfg; fi
+%%BROCTL%%etc/networks.cfg.sample
+%%BROCTL%%@exec if [ ! -f %D/etc/networks.cfg ] ; then cp -p %D/etc/networks.cfg.sample %D/etc/networks.cfg; fi
+%%BROCTL%%@unexec if cmp -s %D/etc/node.cfg.sample %D/etc/node.cfg ; then rm -f %D/etc/node.cfg; fi
+%%BROCTL%%etc/node.cfg.sample
+%%BROCTL%%@exec if [ ! -f %D/etc/node.cfg ] ; then cp -p %D/etc/node.cfg.sample %D/etc/node.cfg; fi
+%%BROCTL%%lib/broctl/BroControl/__init__.py
+%%BROCTL%%lib/broctl/BroControl/__init__.pyc
+%%BROCTL%%lib/broctl/BroControl/config.py
+%%BROCTL%%lib/broctl/BroControl/config.pyc
+%%BROCTL%%lib/broctl/BroControl/control.py
+%%BROCTL%%lib/broctl/BroControl/control.pyc
+%%BROCTL%%lib/broctl/BroControl/cron.py
+%%BROCTL%%lib/broctl/BroControl/cron.pyc
+%%BROCTL%%lib/broctl/BroControl/doc.py
+%%BROCTL%%lib/broctl/BroControl/doc.pyc
+%%BROCTL%%lib/broctl/BroControl/execute.py
+%%BROCTL%%lib/broctl/BroControl/execute.pyc
+%%BROCTL%%lib/broctl/BroControl/install.py
+%%BROCTL%%lib/broctl/BroControl/install.pyc
+%%BROCTL%%lib/broctl/BroControl/node.py
+%%BROCTL%%lib/broctl/BroControl/node.pyc
+%%BROCTL%%lib/broctl/BroControl/options.py
+%%BROCTL%%lib/broctl/BroControl/options.pyc
+%%BROCTL%%lib/broctl/BroControl/plugin.py
+%%BROCTL%%lib/broctl/BroControl/plugin.pyc
+%%BROCTL%%lib/broctl/BroControl/pluginreg.py
+%%BROCTL%%lib/broctl/BroControl/pluginreg.pyc
+%%BROCTL%%lib/broctl/BroControl/util.py
+%%BROCTL%%lib/broctl/BroControl/util.pyc
+%%BROCTL%%lib/broctl/SubnetTree.py
+%%BROCTL%%@unexec rm -f %D/lib/broctl/SubnetTree.pyc
+%%BROCTL%%lib/broctl/_SubnetTree.so
+%%BROCTL%%lib/broctl/plugins/TestPlugin.py
+%%BROCTL%%lib/broctl/plugins/TestPlugin.pyc
+%%BROCTL%%lib/broctl/plugins/lb_myricom.py
+%%BROCTL%%lib/broctl/plugins/lb_myricom.pyc
+%%BROCTL%%lib/broctl/plugins/lb_pf_ring.py
+%%BROCTL%%lib/broctl/plugins/lb_pf_ring.pyc
+%%BROCTL%%lib/broctl/plugins/ps.py
+%%BROCTL%%lib/broctl/plugins/ps.pyc
 %%DATADIR%%/base/bro.bif.bro
 %%DATADIR%%/base/const.bif.bro
 %%DATADIR%%/base/event.bif.bro
@@ -127,6 +161,12 @@ include/binpac_regex.h
 %%DATADIR%%/base/utils/site.bro
 %%DATADIR%%/base/utils/strings.bro
 %%DATADIR%%/base/utils/thresholds.bro
+%%BROCTL%%%%DATADIR%%/broctl/__load__.bro
+%%BROCTL%%%%DATADIR%%/broctl/auto.bro
+%%BROCTL%%%%DATADIR%%/broctl/check.bro
+%%BROCTL%%%%DATADIR%%/broctl/main.bro
+%%BROCTL%%%%DATADIR%%/broctl/process-trace.bro
+%%BROCTL%%%%DATADIR%%/broctl/standalone.bro
 %%DATADIR%%/policy/frameworks/communication/listen.bro
 %%DATADIR%%/policy/frameworks/control/controllee.bro
 %%DATADIR%%/policy/frameworks/control/controller.bro
@@ -186,6 +226,70 @@ include/binpac_regex.h
 %%DATADIR%%/site/local-proxy.bro
 %%DATADIR%%/site/local-worker.bro
 %%DATADIR%%/site/local.bro
+%%BROCTL%%%%DATADIR%%ctl/scripts/archive-log
+%%BROCTL%%%%DATADIR%%ctl/scripts/broctl-config.sh
+%%BROCTL%%%%DATADIR%%ctl/scripts/cflow-stats
+%%BROCTL%%%%DATADIR%%ctl/scripts/check-config
+%%BROCTL%%%%DATADIR%%ctl/scripts/crash-diag
+%%BROCTL%%%%DATADIR%%ctl/scripts/create-link-for-log
+%%BROCTL%%%%DATADIR%%ctl/scripts/delete-log
+%%BROCTL%%%%DATADIR%%ctl/scripts/expire-logs
+%%BROCTL%%%%DATADIR%%ctl/scripts/fmt-time
+%%BROCTL%%%%DATADIR%%ctl/scripts/get-prof-log
+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/cat-file
+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/check-pid
+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/df
+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/exists
+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/gdb-attach
+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/get-childs
+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/is-dir
+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/rmdir
+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/run-cmd
+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/start
+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/stop
+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/to-bytes.awk
+%%BROCTL%%%%DATADIR%%ctl/scripts/helpers/top
+%%BROCTL%%%%DATADIR%%ctl/scripts/is-alive
+%%BROCTL%%%%DATADIR%%ctl/scripts/local-interfaces
+%%BROCTL%%%%DATADIR%%ctl/scripts/mail-contents
+%%BROCTL%%%%DATADIR%%ctl/scripts/make-archive-name
+%%BROCTL%%%%DATADIR%%ctl/scripts/post-terminate
+%%BROCTL%%%%DATADIR%%ctl/scripts/postprocessors/summarize-connections
+%%BROCTL%%%%DATADIR%%ctl/scripts/remove-link-for-log
+%%BROCTL%%%%DATADIR%%ctl/scripts/remove-log
+%%BROCTL%%%%DATADIR%%ctl/scripts/run-bro
+%%BROCTL%%%%DATADIR%%ctl/scripts/run-bro-on-trace
+%%BROCTL%%%%DATADIR%%ctl/scripts/send-mail
+%%BROCTL%%%%DATADIR%%ctl/scripts/set-bro-path
+%%BROCTL%%%%DATADIR%%ctl/scripts/stat-ctime
+%%BROCTL%%%%DATADIR%%ctl/scripts/stats-to-csv
+%%BROCTL%%%%DATADIR%%ctl/scripts/update
+%%BROCTL%%%%DATADIR%%ctl/scripts/update-stats
+%%BROCTL%%@dirrm %%DATADIR%%ctl/scripts/postprocessors
+%%BROCTL%%@dirrm %%DATADIR%%ctl/scripts/helpers
+%%BROCTL%%@dirrm %%DATADIR%%ctl/scripts
+%%BROCTL%%@dirrm %%DATADIR%%ctl
+%%BROCTL%%@unexec rm -f %D/spool/broctl-config.sh
+%%BROCTL%%@unexec rm -f %D/spool/broctl.dat
+%%BROCTL%%@unexec rm -f %D/logs/current
+%%BROCTL%%@unexec rm -f %D/spool/installed-scripts-do-not-touch/auto/broctl-config.bro
+%%BROCTL%%@unexec rm -f %D/spool/installed-scripts-do-not-touch/auto/local-networks.bro
+%%BROCTL%%@unexec rm -f %D/spool/installed-scripts-do-not-touch/auto/standalone-layout.bro
+%%BROCTL%%@unexec rm -f %D/spool/installed-scripts-do-not-touch/site/local-manager.bro
+%%BROCTL%%@unexec rm -f %D/spool/installed-scripts-do-not-touch/site/local-proxy.bro
+%%BROCTL%%@unexec rm -f %D/spool/installed-scripts-do-not-touch/site/local-worker.bro
+%%BROCTL%%@unexec rm -f %D/spool/installed-scripts-do-not-touch/site/local.bro
+%%BROCTL%%@dirrmtry spool/tmp
+%%BROCTL%%@dirrmtry spool/scripts
+%%BROCTL%%@dirrmtry spool/logs
+%%BROCTL%%@dirrm spool/installed-scripts-do-not-touch/site
+%%BROCTL%%@dirrm spool/installed-scripts-do-not-touch/auto
+%%BROCTL%%@dirrm spool/installed-scripts-do-not-touch
+%%BROCTL%%@dirrm spool
+%%BROCTL%%@dirrm %%DATADIR%%/broctl
+%%BROCTL%%@dirrm lib/broctl/plugins
+%%BROCTL%%@dirrm lib/broctl/BroControl
+%%BROCTL%%@dirrm lib/broctl
 @dirrm %%DATADIR%%/site
 @dirrm %%DATADIR%%/policy/tuning/defaults
 @dirrm %%DATADIR%%/policy/tuning
@@ -244,3 +348,11 @@ include/binpac_regex.h
 @dirrm %%DATADIR%%/base/frameworks
 @dirrm %%DATADIR%%/base
 @dirrm %%DATADIR%%
+%%CLEANUP_PREFIX%%@dirrmtry share
+@dirrmtry logs
+%%CLEANUP_PREFIX%%@dirrmtry lib
+%%CLEANUP_PREFIX%%@dirrmtry include
+%%CLEANUP_PREFIX%%@dirrmtry etc
+%%CLEANUP_PREFIX%%@dirrmtry bin
+%%CLEANUP_PREFIX%%@dirrmtry %D
+%%BROCTL%%@exec %D/bin/broctl install