- Update to 0.8.0

- Optionng
- Trim header

PR:		174591
Submitted by:	maintainer

security/sguil-server/Makefile

@@ -1,13 +1,8 @@
-# New ports collection makefile for:	sguil-server
+# Created by: Paul Schmehl <pauls@utdallas.edu>
-# Date created:				9 Oct 2006
-# Whom:					Paul Schmehl <pauls@utdallas.edu>
-#
 # $FreeBSD$
-#
 
 PORTNAME=	sguil-server
-PORTVERSION=	0.7.0
+PORTVERSION=	0.8.0
-PORTREVISION=	4
 CATEGORIES=	security
 MASTER_SITES=	SF/sguil/sguil/sguil-${PORTVERSION}
 
@@ -20,48 +15,40 @@ RUN_DEPENDS=	p0f:${PORTSDIR}/net-mgmt/p0f \
 		${LOCALBASE}/lib/tclx8.4/tclx.tcl:${PORTSDIR}/lang/tclX
 LIB_DEPENDS=	tls:${PORTSDIR}/devel/tcltls
 
+OPTIONS_DEFINE=	MYSQL
+MYSQL_DESC=	Depend on databases/mysqltcl
+
+LICENSE_NAME=	QPLv1.0
+LICENSE_FILE=	${WRKSRC}/doc/LICENSE.QPL
+LICENSE_PERMS=	auto-accept
+
+IS_INTERACTIVE=	yes
 NO_BUILD=	yes
 USE_RC_SUBR=	sguild
-TCLSH_CMD?=	${PREFIX}/bin/tclsh8.4
+TCL_VER=	8.5
-SGUILDIR?=	sguil-server
+TCLSH=		tclsh${TCL_VER}
+MYSQLTCL_CMDS=	cd ${PORTSDIR}/databases/mysqltcl && ${MAKE} -V PORTVERSION
+SGUILDIR?=	sguild
 WRKSRC=		${WRKDIR}/sguil-${PORTVERSION}
 PATCH_WRKSRC=	${WRKSRC}/server
 PLIST_SUB=	SGUILDIR=${SGUILDIR}
 SUB_FILES=	pkg-message pkg-install pkg-deinstall
-SUB_LIST=	SGUILDIR=${SGUILDIR} TCLSH=${TCLSH_CMD} CURDIR=${.CURDIR} \
+SUB_LIST=	SGUILDIR=${SGUILDIR} TCLSH=${TCLSH}
-		WRKSRC=${WRKSRC} DOCSDIR=${DOCSDIR}
+CONFS=	autocat.conf sguild.access sguild.email	sguild.reports sguild.conf sguild.queries sguild.users
-LIBRARIES=	SguildAccess.tcl SguildGenericDB.tcl SguildReportBuilder.tcl \
-		SguildAutoCat.tcl SguildGenericEvent.tcl SguildSendComms.tcl \
-		SguildClientCmdRcvd.tcl SguildHealthChecks.tcl SguildSensorAgentComms.tcl \
-		SguildConnect.tcl SguildLoaderd.tcl SguildSensorCmdRcvd.tcl \
-		SguildCreateDB.tcl SguildMysqlMerge.tcl SguildTranscript.tcl \
-		SguildEmailEvent.tcl SguildPadsLib.tcl SguildUtils.tcl \
-		SguildEvent.tcl SguildQueryd.tcl
-SCRIPTS=	create_ruledb.sql update_0.7.tcl update_sguildb_v7-v8.sql \
-		create_sguildb.sql update_sguildb_v10-v11.sql update_sguildb_v8-v9.sql \
-		migrate_event.tcl update_sguildb_v11-v12.sql update_sguildb_v9-v10.sql \
-		migrate_sancp.tcl update_sguildb_v5-v6.sql sancp_cleanup.tcl update_sguildb_v6-v7.sql
-CONFS=		autocat.conf sguild.access sguild.conf sguild.email sguild.queries sguild.reports sguild.users
 
-PORTDOCS=	CHANGES FAQ INSTALL INSTALL.openbsd LICENSE.QPL \
+PORTDOCS1=	README
-		OPENSSL.README TODO UPGRADE USAGE sguildb.dia
+PORTDOCS2=	CHANGES FAQ INSTALL INSTALL.openbsd OPENSSL.README TODO UPGRADE USAGE sguildb.dia
 
-OPTIONS=	MYSQL50 "Install mysql50 server" off
+.include <bsd.port.options.mk>
 
-.include <bsd.port.pre.mk>
+.if ${PORT_OPTIONS:MMYSQL}
-
+	@${ECHO_CMD} $$(${MYSQLTCL_CMDS})
-.if defined(WITH_MYSQL50)
+	RUN_DEPENDS+=	${LOCALBASE}/lib/mysqltcl-${MYSQLTCL_VER}:${PORTSDIR}/databases/mysqltcl
-RUN_DEPENDS+=	${LOCALBASE}/libexec/mysqld:${PORTSDIR}/databases/mysql50-server
 .endif
 
-MYSQLTCL_VER!=	cd ${PORTSDIR}/databases/mysqltcl && ${MAKE} -V PORTVERSION
-
-RUN_DEPENDS+=	${LOCALBASE}/lib/mysqltcl-${MYSQLTCL_VER}:${PORTSDIR}/databases/mysqltcl
-
 post-patch:
-.for f in archive_sguildb.tcl sguild contrib/incident_report.tcl
+	@${REINPLACE_CMD} 's|/bin/sh|/usr/local/bin/${TCLSH}|' \
-	@${REINPLACE_CMD} -e 's:exec tclsh:exec ${TCLSH_CMD}:g' ${WRKSRC}/server/${f}
+		${PATCH_WRKSRC}/sguild
-.endfor
 
 pre-install:
 .if !defined(BATCH) && !defined(PACKAGE_BUILDING)
@@ -71,33 +58,31 @@ pre-install:
 	@${MKDIR} ${PREFIX}/etc/${SGUILDIR}
 	@${MKDIR} ${PREFIX}/lib/${SGUILDIR}
 	@${MKDIR} ${PREFIX}/share/${SGUILDIR}
+	@${MKDIR} ${PREFIX}/share/${SGUILDIR}/contrib
 	@${MKDIR} /var/run/${SGUILDIR}
 do-install:
-.for f in archive_sguildb.tcl sguild
+	(cd ${WRKSRC}/server/lib && ${COPYTREE_BIN} \* ${PREFIX}/lib/${SGUILDIR})
-	${INSTALL_SCRIPT} -m 751 ${WRKSRC}/server/${f} ${PREFIX}/bin/${f}
+	(cd ${WRKSRC}/server/sql_scripts && ${COPYTREE_SHARE} \* ${PREFIX}/share/${SGUILDIR})
-.endfor
+	(cd ${WRKSRC}/server/contrib && ${COPYTREE_SHARE} \* ${PREFIX}/share/${SGUILDIR}/contrib)
-.for f in incident_report.tcl
+.for f in sguild
-	${INSTALL_SCRIPT} -m 751 ${WRKSRC}/server/contrib/${f} ${PREFIX}/bin/${f}
+	${INSTALL_SCRIPT} -m 555 ${WRKSRC}/server/${f} ${PREFIX}/bin/${f}
 .endfor
 .for f in ${CONFS}
-	${INSTALL_DATA} ${WRKSRC}/server/${f} ${PREFIX}/etc/${SGUILDIR}/${f}-sample
+	${INSTALL_DATA} -m 441 ${PATCH_WRKSRC}/${f} ${PREFIX}/etc/${SGUILDIR}/${f}-sample
-.endfor
-.for f in ${LIBRARIES}
-	${INSTALL_DATA} ${WRKSRC}/server/lib/${f} ${PREFIX}/lib/${SGUILDIR}/${f}
-.endfor
-.for f in ${SCRIPTS}
-	${INSTALL_DATA} ${WRKSRC}/server/sql_scripts/${f} ${PREFIX}/share/${SGUILDIR}/${f}
 .endfor
+
 post-install:
 .if !defined(BATCH) && !defined(PACKAGE_BUILDING)
 	@${SETENV} ${SCRIPTS_ENV} PKG_PREFIX=${PREFIX} \
 		${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
 .endif
-.if !defined(NOPORTDOCS)
+
+.if ${PORT_OPTIONS:MDOCS}
 	@${MKDIR} ${DOCSDIR}
-	cd ${WRKSRC}/doc && ${INSTALL_DATA} ${PORTDOCS} ${DOCSDIR}
+	cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS1} ${DOCSDIR}
+	cd ${WRKSRC}/doc && ${INSTALL_DATA} ${PORTDOCS2} ${DOCSDIR}
 .endif
 
 	@${CAT} ${PKGMESSAGE}
 
-.include <bsd.port.post.mk>
+.include <bsd.port.mk>

security/sguil-server/distinfo

@@ -1,2 +1,2 @@
-SHA256 (sguil-server-0.7.0.tar.gz) = 8ed845779c516b7bcb092454d339a26bca69f52689f9f07831fb41a3efe58809
+SHA256 (sguil-server-0.8.0.tar.gz) = faa7152ddbdc0ba797c79d6419bf3ae50bfd6dbba4b2cd28ccb04a55ef788360
-SIZE (sguil-server-0.7.0.tar.gz) = 103440
+SIZE (sguil-server-0.8.0.tar.gz) = 102236

security/sguil-server/files/patch-lib-SguildLoaderd.tcl

@@ -1,15 +1,15 @@
---- lib/SguildLoaderd.tcl.orig	2007-09-25 14:17:13.000000000 +0000
+--- lib/SguildLoaderd.tcl.orig	2012-10-12 21:07:19.000000000 +0000
-+++ lib/SguildLoaderd.tcl	2011-08-11 20:22:18.000000000 +0000
++++ lib/SguildLoaderd.tcl	2012-10-12 21:15:06.000000000 +0000
-@@ -129,7 +129,7 @@
+@@ -124,7 +124,7 @@
          INDEX dst_port (dst_port),                         \
          INDEX src_port (src_port),                         \
          INDEX start_time (start_time)                      \
 -        )                                                  \
-+        ) ENGINE=MyISAM                                    \
++        )ENGINE=MyISAM                                     \
          "
  
      # Create the table
-@@ -182,7 +182,7 @@
+@@ -177,7 +177,7 @@
          INDEX dst_port (dst_port),                         \
          INDEX src_port (src_port),                         \
          INDEX start_time (start_time)                      \
@@ -18,12 +18,12 @@
          "
      # Create our MERGE sancp table
      mysqlexec $dbSocketID $createQuery
-@@ -225,7 +225,7 @@
+@@ -220,7 +220,7 @@
      } else {
          # Make sure its a MERGE table and not the old monster
          set tableStatus [mysqlsel $LOADERD_DB_ID {SHOW TABLE STATUS LIKE 'sancp'} -flatlist]
--        if { [lindex $tableStatus 1] != "MRG_MyISAM" } {
+-        if { $tableStatus != "" && ![ string equal -nocase [lindex $tableStatus 1] "MRG_MyISAM" ] } {
-+        if { [lindex $tableStatus 1] != "MRG_MYISAM" } {
++        if { $tableStatus != "" && ![ string equal -nocase [lindex $tableStatus 1] "MRG_MYISAM" ] } {
+ 
              ErrorMessage "ERROR: loaderd: You appear to be using an old version of the\n\
                            sguil database schema that does not support the MERGE sancp\n\
-                           table. Please see the CHANGES document for more information\n."

security/sguil-server/files/patch-lib-SguildMysqlMerge.tcl

@@ -1,11 +1,11 @@
---- lib/SguildMysqlMerge.tcl.bak	2009-07-06 14:53:27.000000000 -0500
+--- lib/SguildMysqlMerge.tcl.orig	2012-10-12 21:18:22.000000000 +0000
-+++ lib/SguildMysqlMerge.tcl	2009-07-06 14:54:26.000000000 -0500
++++ lib/SguildMysqlMerge.tcl	2012-10-12 21:19:41.000000000 +0000
 @@ -9,7 +9,7 @@
          set tmpQry "SHOW TABLE STATUS LIKE '$tableName'"
          set tableStatus [mysqlsel $MAIN_DB_SOCKETID $tmpQry -flatlist]
  
--        if { $tableStatus != "" && [lindex $tableStatus 1] != "MRG_MyISAM" } {
+-        if { $tableStatus != "" && ![ string equal -nocase [lindex $tableStatus 1] "MRG_MyISAM" ] } {
-+        if { $tableStatus != "" && [lindex $tableStatus 1] != "MRG_MYISAM" } {
++        if { $tableStatus != "" && ![ string equal -nocase [lindex $tableStatus 1] "MRG_MYISAM" ] } {
  
              # Non MERGE table found.
              set errorMsg "\n*************************************************************\n

security/sguil-server/files/patch-sguild

@@ -1,105 +1,99 @@
---- sguild.orig	2008-04-08 22:02:24.000000000 -0500
+--- sguild.orig	2012-12-17 20:54:14.000000000 +0000
-+++ sguild	2008-04-08 22:09:11.000000000 -0500
++++ sguild	2012-12-17 20:56:47.000000000 +0000
-@@ -235,7 +235,7 @@
+@@ -1,6 +1,4 @@
+ #!/bin/sh
+-# Run tcl from users PATH \
+-exec tclsh "$0" "$@"
+ 
+ # $Id: sguild,v 1.193 2011/05/29 15:41:16 bamm Exp $ #
+ 
+@@ -218,7 +216,7 @@
+ ##################################
+ 
+ # Do all priv account actions here.
+-# Open log files/etc. Privs will be dropped after.
++# Open log files/usr/local/etc. Privs will be dropped after.
+ 
+ if { ![info exists LOG_PATH] } { set LOG_PATH /var/log/sguild }
+ 
+@@ -318,7 +316,7 @@
  # Check for certs
  if {![info exists CERTS_PATH]} {
  
 -    set CERTS_PATH /etc/sguild/certs
-+    set CERTS_PATH /usr/local/etc/sguil-server/certs
++    set CERTS_PATH /usr/local/etc/sguild/certs
  
  }
  
-@@ -265,13 +265,13 @@
+@@ -348,13 +346,13 @@
  
  if { ![info exists CONF_FILE] } {
    # No conf file specified check the defaults
 -  if { [file exists /etc/sguild/sguild.conf] } {
 -    set CONF_FILE /etc/sguild/sguild.conf
-+  if { [file exists /usr/local/etc/sguil-server/sguild.conf] } {
++  if { [file exists /usr/local/etc/sguild/sguild.conf] } {
-+    set CONF_FILE /usr/local/etc/sguil-server/sguild.conf
++    set CONF_FILE /usr/local/etc/sguild/sguild.conf
    } elseif { [file exists ./sguild.conf] } {
      set CONF_FILE ./sguild.conf
    } else {
      puts "Couldn't determine where the sguil config file is"
 -    puts "Looked for ./sguild.conf and /etc/sguild/sguild.conf."
-+    puts "Looked for ./sguild.conf and /usr/local/etc/sguil-server/sguild.conf."
++    puts "Looked for ./sguild.conf and /usr/local/etc/sguild/sguild.conf."
      DisplayUsage $argv0
    }
  }
-@@ -354,17 +354,17 @@
+@@ -476,8 +474,8 @@
- # Check for a valid USERS file
- if { ![info exists USERS_FILE] } {
-   # No users file was specified. Go with the defaults
--  if { [file exists /etc/sguild/sguild.users] } {
--    set USERS_FILE "/etc/sguild/sguild.users"
-+  if { [file exists /usr/local/etc/sguil-server/sguild.users] } {
-+    set USERS_FILE "/usr/local/etc/sguil-server/sguild.users"
-   } elseif { [file exists ./sguild.users] } {
-     set USERS_FILE "./sguild.users"
-   } else {
-     if { [info exists ADDUSER] && $ADDUSER } {
--      CreateUsersFile "/etc/sguild/sguild.users"
-+      CreateUsersFile "/usr/local/etc/sguil-server/sguild.users"
-     } else {
-       set DEBUG 2
-       LogMessage "ERROR: Could not find a sguild.users file."
--      LogMessage "       Checked in ./ and /etc/sguild/"
-+      LogMessage "       Checked in ./ and /usr/local/etc/sguil-server/"
-       DisplayUsage $argv0
-     }
-   }
-@@ -392,8 +392,8 @@
  # Load accessfile
  if { ![info exists ACCESS_FILE] } {
    # Check the defaults
 -  if { [file exists /etc/sguild/sguild.access] } {
 -    set ACCESS_FILE "/etc/sguild/sguild.access"
-+  if { [file exists /usr/local/etc/sguil-server/sguild.access] } {
++  if { [file exists /usr/local/etc/sguild/sguild.access] } {
-+    set ACCESS_FILE "/usr/local/etc/sguil-server/sguild.access"
++    set ACCESS_FILE "/usr/local/etc/sguild/sguild.access"
    } elseif { [file exists ./sguild.access] } {
      set ACCESS_FILE "./sguild.access"
    } else {
-@@ -407,8 +407,8 @@
+@@ -491,8 +489,8 @@
  }
  # Load auto cat config
  if { ![info exists AUTOCAT_FILE] } {
 -   if { [file exists /etc/sguild/autocat.conf] } {
 -     set AUTOCAT_FILE "/etc/sguild/autocat.conf"
-+   if { [file exists /usr/local/etc/sguil-server/autocat.conf] } {
++   if { [file exists /usr/local/etc/sguild/autocat.conf] } {
-+     set AUTOCAT_FILE "/usr/local/etc/sguil-server/autocat.conf"
++     set AUTOCAT_FILE "/usr/local/etc/sguild/autocat.conf"
     } else {
       set AUTOCAT_FILE "./autocat.conf"
     }
-@@ -418,8 +418,8 @@
+@@ -502,8 +500,8 @@
  }
  # Load email config file
  if { ![info exists EMAIL_FILE] } {
 -  if { [file exists /etc/sguild/sguild.email] } {
 -    set EMAIL_FILE "/etc/sguild/sguild.email"
-+  if { [file exists /usr/local/etc/sguil-server/sguild.email] } {
++  if { [file exists /usr/local/etc/sguild/sguild.email] } {
-+    set EMAIL_FILE "/usr/local/etc/sguil-server/sguild.email"
++    set EMAIL_FILE "/usr/local/etc/sguild/sguild.email"
    } else {
      set EMAIL_FILE "./sguild.email"
    }
-@@ -431,8 +431,8 @@
+@@ -515,8 +513,8 @@
  }
  # Load global queries.
  if { ![info exists GLOBAL_QRY_FILE] } {
 -  if { [file exists /etc/sguild/sguild.queries] } {
 -    set GLOBAL_QRY_FILE "/etc/sguild/sguild.queries"
-+  if { [file exists /usr/local/etc/sguil-server/sguild.queries] } {
++  if { [file exists /usr/local/etc/sguild/sguild.queries] } {
-+    set GLOBAL_QRY_FILE "/usr/local/etc/sguil-server/sguild.queries"
++    set GLOBAL_QRY_FILE "/usr/local/etc/sguild/sguild.queries"
    } else {
      set GLOBAL_QRY_FILE "./sguild.queries"
    }
-@@ -444,8 +444,8 @@
+@@ -528,8 +526,8 @@
  }
  # Load report queries.
  if { ![info exists REPORT_QRY_FILE] } {
 -  if { [file exists /etc/sguild/sguild.reports] } {
 -    set REPORT_QRY_FILE "/etc/sguild/sguild.reports"
-+  if { [file exists /usr/local/etc/sguil-server/sguild.reports] } {
++  if { [file exists /usr/local/etc/sguild/sguild.reports] } {
-+    set REPORT_QRY_FILE "/usr/local/etc/sguil-server/sguild.reports"
++    set REPORT_QRY_FILE "/usr/local/etc/sguild/sguild.reports"
    } else {
      set REPORT_QRY_FILE "./sguild.reports"
    }

security/sguil-server/files/patch-sguild.conf

@@ -5,7 +5,7 @@
  
  # Path the sguild libs
 -set SGUILD_LIB_PATH ./lib
-+set SGUILD_LIB_PATH /usr/local/lib/sguil-server
++set SGUILD_LIB_PATH /usr/local/lib/sguild
  
  # DEBUG 0=off 1=important stuff 2=everything.  Option 2 is VERY chatty.
  set DEBUG 2

security/sguil-server/files/patch-sql_scripts-create_sguildb.sql

@@ -1,52 +1,63 @@
---- sql_scripts/create_sguildb.sql.orig	2007-03-17 02:43:37.000000000 +0000
+--- sql_scripts/create_sguildb.sql.orig	2012-10-12 21:39:20.000000000 +0000
-+++ sql_scripts/create_sguildb.sql	2011-08-09 22:21:09.000000000 +0000
++++ sql_scripts/create_sguildb.sql	2012-10-12 21:53:42.000000000 +0000
-@@ -52,10 +52,10 @@
+@@ -3,7 +3,7 @@
+ -- CREATE DATABASE IF NOT EXISTS sguildb;
+ -- USE sguildb;
+ 
+--- Depreciated for MRG_MyISAM tables
++-- Deprecated for MRG_MyISAM tables
+ -- CREATE TABLE event
+ -- (
+ --   sid			INT UNSIGNED	NOT NULL,
+@@ -52,7 +52,7 @@
  --  INDEX status (status),
  --  INDEX abuse_queue (abuse_queue),
  --  INDEX abuse_sent (abuse_sent)
----);
+--- );
-+-- );
++-- )ENGINE=MyISAM;
  
----CREATE TABLE tcphdr
+ -- CREATE TABLE tcphdr
----(
+ -- (
-+-- CREATE TABLE tcphdr
+@@ -66,7 +66,8 @@
-+-- (
+ --  tcp_win	SMALLINT UNSIGNED,
- --  sid		INT UNSIGNED	NOT NULL,
+ --  tcp_csum	SMALLINT UNSIGNED,
- --  cid		INT UNSIGNED	NOT NULL,
- --  tcp_seq	INT UNSIGNED,
-@@ -68,16 +68,16 @@
  --  tcp_urp	SMALLINT UNSIGNED,
- --  PRIMARY KEY (sid,cid));
+---  PRIMARY KEY (sid,cid));
++--  PRIMARY KEY (sid,cid)
++-- )ENGINE=MyISAM;
  --
----CREATE TABLE udphdr
+ -- CREATE TABLE udphdr
----(
+ -- (
-+-- CREATE TABLE udphdr
+@@ -74,7 +75,8 @@
-+-- (
- --  sid		INT UNSIGNED	NOT NULL,
  --  cid		INT UNSIGNED	NOT NULL,
  --  udp_len	SMALLINT UNSIGNED,
  --  udp_csum	SMALLINT UNSIGNED,
- --  PRIMARY KEY (sid,cid));
+---  PRIMARY KEY (sid,cid));
++--  PRIMARY KEY (sid,cid)
++-- )ENGINE=MyISAM;
  --
----CREATE TABLE icmphdr
+ -- CREATE TABLE icmphdr
----(
+ -- (
-+-- CREATE TABLE icmphdr
+@@ -83,14 +85,16 @@
-+-- (
- --  sid		INT UNSIGNED	NOT NULL,
- --  cid		INT UNSIGNED	NOT NULL,
  --  icmp_csum	SMALLINT UNSIGNED,
-@@ -85,8 +85,8 @@
+ --  icmp_id	SMALLINT UNSIGNED,
  --  icmp_seq	SMALLINT UNSIGNED,
- --  PRIMARY KEY (sid,cid));
+---  PRIMARY KEY (sid,cid));
++--  PRIMARY KEY (sid,cid)
++-- )ENGINE=MyISAM;
  --
----CREATE TABLE data
+ -- CREATE TABLE data
----(
+ -- (
-+-- CREATE TABLE data
-+-- (
  --  sid           INT UNSIGNED    NOT NULL,
  --  cid           INT UNSIGNED    NOT NULL,
  --  data_payload	TEXT,
-@@ -101,13 +101,13 @@
+---  PRIMARY KEY (sid,cid));
++--  PRIMARY KEY (sid,cid)
++-- )ENGINE=MyISAM;
+ 
+ CREATE TABLE sensor
+ (
+@@ -101,13 +105,13 @@
    interface	VARCHAR(255),
    description	TEXT,
    bpf_filter	TEXT,
@@ -58,100 +69,108 @@
    PRIMARY KEY (sid),
    INDEX hostname_idx (hostname)
 -);
-+) ENGINE=MyISAM;
++)ENGINE=MyISAM;
  
  CREATE TABLE portscan
  (
-@@ -119,7 +119,8 @@
+@@ -119,9 +123,10 @@
    dst_port	INT UNSIGNED,
    data		TEXT,
    INDEX ps_src_ip (src_ip),
 -  INDEX ps_timestamp (timestamp));
 +  INDEX ps_timestamp (timestamp)
-+) ENGINE=MyISAM;
++)ENGINE=MyISAM;
  
- -- Depreciated
+--- Depreciated
++-- Deprecated
  -- CREATE TABLE sessions ( 
-@@ -150,7 +151,7 @@
+ --  sid		INT UNSIGNED NOT NULL, 
+ --  xid		BIGINT UNSIGNED NOT NULL, 
+@@ -142,7 +147,8 @@
+ --  INDEX server (src_ip), 
+ --  INDEX client (dst_ip), 
+ --  INDEX sport (src_port), 
+---  INDEX cport (dst_port)); 
++--  INDEX cport (dst_port)
++-- )ENGINE=MyISAM; 
+ 
+ CREATE TABLE status
+ (
+@@ -150,7 +156,7 @@
    description	VARCHAR(255) NOT NULL,
    long_desc     VARCHAR(255),
    PRIMARY KEY (status_id)
 -);
-+) ENGINE=MyISAM;
++)ENGINE=MyISAM;
  
  CREATE TABLE history
  (
-@@ -161,7 +162,7 @@
+@@ -161,7 +167,7 @@
    status	SMALLINT UNSIGNED	NOT NULL,
    comment	VARCHAR(255),
    INDEX log_time (timestamp)
 -);
-+) ENGINE=MyISAM;
++)ENGINE=MyISAM;
  
  CREATE TABLE user_info
  (
-@@ -169,7 +170,7 @@
+@@ -170,7 +176,7 @@
-   username	VARCHAR(16)	NOT NULL,
+   last_login	DATETIME,
-   last_login	DATETIME	NOT NULL,
+   password	VARCHAR(42),
    PRIMARY KEY (uid)
 -);
-+) ENGINE=MyISAM;
++)ENGINE=MyISAM;
  
  CREATE TABLE nessus_data
  (
-@@ -178,7 +179,8 @@
+@@ -179,7 +185,8 @@
    nessus_id     INT UNSIGNED,
    level	        VARCHAR(20),
    description		TEXT,
 -  INDEX rid (rid));
 +  INDEX rid (rid)
-+) ENGINE=MyISAM;
++)ENGINE=MyISAM;
  
  CREATE TABLE nessus
  (
-@@ -188,7 +190,8 @@
+@@ -189,7 +196,8 @@
    timestart     DATETIME,
    timeend       DATETIME,
    PRIMARY KEY (rid),
 -  INDEX ip (ip));
 +  INDEX ip (ip)
-+) ENGINE=MyISAM;
++)ENGINE=MyISAM;
  
  CREATE TABLE IF NOT EXISTS `pads`
  (
-@@ -203,12 +206,12 @@
+@@ -204,10 +212,10 @@
    application           VARCHAR(255)     NOT NULL,
    hex_payload           VARCHAR(255),
    PRIMARY KEY (sid,asset_id)
 -);
-+) ENGINE=MyISAM;
++)ENGINE=MyISAM;
  
  --
- -- Depreciated for MERGE tables
+--- Depreciated for MERGE tables
----CREATE TABLE sancp
++-- Deprecated for MERGE tables
----(
+ -- CREATE TABLE sancp
-+-- CREATE TABLE sancp
+ -- (
-+-- (
  --  sid		INT UNSIGNED	NOT NULL,
- --  sancpid	BIGINT UNSIGNED	NOT NULL,
+@@ -232,7 +240,7 @@
- --  start_time	DATETIME	NOT NULL,
-@@ -231,8 +234,8 @@
  --  INDEX dst_port (dst_port),
  --  INDEX src_port (src_port),
  --  INDEX start_time (start_time)
----);
+--- );
----
++-- )ENGINE=MyISAM;
-+-- );
+ --
-+--
  
  INSERT INTO status (status_id, description, long_desc) VALUES (0, "New", "Real Time Event");
- INSERT INTO status (status_id, description, long_desc) VALUES (1, "No Further Action Required", "No Further Action Required");
+@@ -251,7 +259,7 @@
-@@ -250,7 +253,7 @@
  (
    version	VARCHAR(32),
    installed	DATETIME
 -);
-+) ENGINE=MyISAM;
++)ENGINE=MyISAM;
  
- INSERT INTO version (version, installed) VALUES ("0.12", now());
+ INSERT INTO version (version, installed) VALUES ("0.13", now());
  

security/sguil-server/files/pkg-deinstall.in

@@ -8,8 +8,8 @@ USER="sguil"
 # Make sure we're in the right stage of the process
 if [ "$2" = "DEINSTALL" ]; then
 	echo "Stopping sguild......"
-	%%PREFIX%%/etc/rc.d/sguild stop
+	%%PREFIX%%/etc/rc.d/sguild onestop
-	%%PREFIX%%/etc/rc.d/sguild poll
+	%%PREFIX%%/etc/rc.d/sguild onepoll
 	if [ ! ${BATCH} ]; then
 	  echo "Would you like to remove the sguild certs?" ; read ans
 	  case "$ans" in

security/sguil-server/files/pkg-install.in

@@ -396,6 +396,8 @@ esac
 		chown ${sguil_user}:${sguil_group} %%PREFIX%%/bin/${files}
 	fi
 	done
+	chown -R ${sguil_user}:${sguil_group} %%PREFIX%%/etc/%%SGUILDIR%%
+	chown -R ${sguil_user}:${sguil_group} %%PREFIX%%/lib/%%SGUILDIR%%
 	if [ ! -f %%PREFIX%%/bin/sguild ]; then
 		echo "Sguild is missing!  Please correct the problem before continuing!"
 		exit 1

security/sguil-server/files/pkg-message.in

@@ -2,15 +2,6 @@
          * !!!!!!!!!!! WARNING !!!!!!!!!!! *
          ***********************************
 
-PLEASE NOTE: If you are upgrading from a previous version,
-read the UPGRADE doc (in %%DOCSDIR%%) before proceeding!!!
-Some noteworthy changes in version 0.7.0:
-SSL is now required for server, sensor and client.
-The sguild.conf and sguild.email files have changed.
-You MUST run the upgrade_0.7.tcl script to clean up and
-prepare the database before running the new version.  BE SURE
-TO BACK UP YOUR DATABASE BEFORE PROCEEDING!!!
-
 If you had existing config files in %%PREFIX%%/etc/%%SGUILDIR%%
 they were not overwritten.  If this is a first time install, you
 must copy the sample files to the corresponding conf file and 
@@ -24,10 +15,10 @@ NOTE: LOG_DIR is not set by this install.  You MUST create the
 correct LOG_DIRS and put a copy of the snort rules you use in 
 LOG_DIR/rules.
 
-The sguild, archive_sguildb.tcl and incident_report.tcl scripts
+The sguild program was placed in %%PREFIX%%/bin/.
-were placed in %%PREFIX%%/bin/.  The incident_report.tcl
+
-script is from the contrib section.  There is no documentation
+Some contributed scripts were placed in 
-and the script's variables must be edited before it is used.
+%%PREFIX%%/share/%%SGUILDIR%%/contrib
 
 A startup script, named sguild.sh was installed in
 %%PREFIX%%/etc/rc.d/.  To enable it, edit /etc/rc.conf

security/sguil-server/files/sguild.in

@@ -9,43 +9,27 @@
 # Add the following lines to /etc/rc.conf to enable sguild:
 # sguild_enable (bool):		Set to YES to enable sguild
 # 				Default: NO
-# The following commandline arguments are available for sguild
-# "  -c <filename>: PATH to the sguild config (sguild.conf) file."
-# "  -a <filename>: PATH to the autocat config (autocat.conf) file."
-# "  -g <filename>: PATH to the sguild global queries (sguild.queries) file."
-# "  -u <filename>: PATH to the sguild users (sguild.users) file."
-# "  -P <filename>: Name of file to write the PID to."
-# "                 Default is /var/run/%%SGUILDIR%%/sguild.pid"
-# "  -l <filepath>: PATH to sguild libraries."
-# "  -O <filename>: Define PATH to tls (tcl openssl) lib (libtls1.x.so)"
-# "  -C <directory>: Directory that contains sguild.pem and sguild.key"
-# "  -D Runs sguild in daemon mode."
-# "  -A <filename>: PATH to sguild.access file."
-# "  -d <0|1|2>: Set DEBUG level"
 # sguild_flags (str):		Extra flags passed to sguild
 #				Default: -D -P ${pid}
 # sguild_conf (str):		Sguild configuration file
 #				Default: %%PREFIX%%/etc/%%SGUILDIR%%/sguild.conf
-# sguild_user (str):		Default: sguild
+# sguild_user (str):		Default: sguil
 # Note: this value MUST be set in /etc/rc.conf if you do not accept the default
 # user created by the pkg-install script
 
 . /etc/rc.subr
 
-load_rc_config sguild
-# set some defaults
-sguild_enable=${sguild_enable:-"NO"}
-sguild_conf=${sguild_conf:-"/%%PREFIX%%/etc/%%SGUILDIR%%/sguild.conf"}
-pid=${pid:-"/var/run/%%SGUILDIR%%/sguild.pid"}
-sguild_flags=${sguild_flags:-"-D -P ${pid}"}
-sguild_user=${sguild_user:-"sguil"}
-
 name="sguild"
 rcvar=sguild_enable
+load_rc_config sguild
+# set some defaults
+: ${sguild_enable:="NO"}
+: ${sguild_conf:="%%PREFIX%%/etc/%%SGUILDIR%%/sguild.conf"}
+: ${pid:="/var/run/%%SGUILDIR%%/sguild.pid"}
+: ${sguild_flags:="-D -P ${pid}"}
+: ${sguild_user:="sguil"}
+
 command="%%PREFIX%%/bin/${name}"
-command_args="-c ${sguild_conf} ${sguild_flags}"
+procname="%%PREFIX%%/bin/%%TCLSH%%"
-procname="%%TCLSH%%"
-check_process="${procname}"
-sguild_user="sguil"
 
 run_rc_command "$1"

security/sguil-server/pkg-plist

@@ -1,5 +1,3 @@
-bin/archive_sguildb.tcl
-bin/incident_report.tcl
 bin/sguild
 etc/%%SGUILDIR%%/autocat.conf-sample
 etc/%%SGUILDIR%%/sguild.access-sample
@@ -19,7 +17,9 @@ lib/%%SGUILDIR%%/SguildGenericDB.tcl
 lib/%%SGUILDIR%%/SguildGenericEvent.tcl
 lib/%%SGUILDIR%%/SguildHealthChecks.tcl
 lib/%%SGUILDIR%%/SguildLoaderd.tcl
+lib/%%SGUILDIR%%/SguildLoaderd.tcl.orig
 lib/%%SGUILDIR%%/SguildMysqlMerge.tcl
+lib/%%SGUILDIR%%/SguildMysqlMerge.tcl.orig
 lib/%%SGUILDIR%%/SguildPadsLib.tcl
 lib/%%SGUILDIR%%/SguildQueryd.tcl
 lib/%%SGUILDIR%%/SguildReportBuilder.tcl
@@ -28,20 +28,39 @@ lib/%%SGUILDIR%%/SguildSensorAgentComms.tcl
 lib/%%SGUILDIR%%/SguildSensorCmdRcvd.tcl
 lib/%%SGUILDIR%%/SguildTranscript.tcl
 lib/%%SGUILDIR%%/SguildUtils.tcl
+%%PORTDOCS%%%%DOCSDIR%%/CHANGES
+%%PORTDOCS%%%%DOCSDIR%%/FAQ
+%%PORTDOCS%%%%DOCSDIR%%/INSTALL
+%%PORTDOCS%%%%DOCSDIR%%/INSTALL.openbsd
+%%PORTDOCS%%%%DOCSDIR%%/OPENSSL.README
+%%PORTDOCS%%%%DOCSDIR%%/README
+%%PORTDOCS%%%%DOCSDIR%%/TODO
+%%PORTDOCS%%%%DOCSDIR%%/UPGRADE
+%%PORTDOCS%%%%DOCSDIR%%/USAGE
+%%PORTDOCS%%%%DOCSDIR%%/sguildb.dia
+share/%%SGUILDIR%%/contrib/incident_report.tcl
+share/%%SGUILDIR%%/contrib/init/sguil
+share/%%SGUILDIR%%/contrib/init/sguild
 share/%%SGUILDIR%%/create_ruledb.sql
 share/%%SGUILDIR%%/create_sguildb.sql
+share/%%SGUILDIR%%/create_sguildb.sql.orig
 share/%%SGUILDIR%%/migrate_event.tcl
 share/%%SGUILDIR%%/migrate_sancp.tcl
 share/%%SGUILDIR%%/sancp_cleanup.tcl
+share/%%SGUILDIR%%/sancp_cleanup.tcl.orig
 share/%%SGUILDIR%%/update_0.7.tcl
+share/%%SGUILDIR%%/update_0.8.tcl
+share/%%SGUILDIR%%/update_sguildb_v10-v11.sql
+share/%%SGUILDIR%%/update_sguildb_v11-v12.sql
+share/%%SGUILDIR%%/update_sguildb_v12-v13.sql
 share/%%SGUILDIR%%/update_sguildb_v5-v6.sql
 share/%%SGUILDIR%%/update_sguildb_v6-v7.sql
 share/%%SGUILDIR%%/update_sguildb_v7-v8.sql
 share/%%SGUILDIR%%/update_sguildb_v8-v9.sql
 share/%%SGUILDIR%%/update_sguildb_v9-v10.sql
-share/%%SGUILDIR%%/update_sguildb_v10-v11.sql
+@dirrm share/%%SGUILDIR%%/contrib/init
-share/%%SGUILDIR%%/update_sguildb_v11-v12.sql
+@dirrm share/%%SGUILDIR%%/contrib
-@dirrmtry etc/%%SGUILDIR%%/certs
-@unexec if [ ! -f %D/etc/%%SGUILDIR%%/sguild.conf ] && [ ! -d %D/etc/%%SGUILDIR%%/certs ] ; then rmdir %D/etc/%%SGUILDIR%%; fi
-@dirrm lib/%%SGUILDIR%%
 @dirrm share/%%SGUILDIR%%
+@dirrm lib/%%SGUILDIR%%
+@dirrm etc/%%SGUILDIR%%
+%%PORTDOCS%%@dirrm %%DOCSDIR%%