- update to sleuthkit 2.51 and take maintainership.

2008-02-18 18:19:35 +00:00 · 2008-02-18 18:19:35 +00:00 · a636a22e62
commit a636a22e62
parent b46ba636d7
13 changed files with 170 additions and 164 deletions
--- a/sysutils/sleuthkit/Makefile
+++ b/sysutils/sleuthkit/Makefile
@ -1,50 +1,33 @@
-# $OpenBSD: Makefile,v 1.7 2007/09/15 21:14:02 merdely Exp $
+# $OpenBSD: Makefile,v 1.8 2008/02/18 18:19:35 rui Exp $

 COMMENT=		forensic toolkit based on TCT

-VERSION=		1.73
-DISTNAME=		sleuthkit-${VERSION}
-PKGNAME=		${DISTNAME}p0
+DISTNAME=		sleuthkit-2.51
 CATEGORIES=		sysutils security

+SHARED_LIBS=		tsk 1.1
+
 HOMEPAGE=		http://www.sleuthkit.org/

-MASTER_SITES=		${MASTER_SITE_SOURCEFORGE:=sleuthkit/} \
-			${MASTER_SITE_PACKETSTORM:=UNIX/utilities/}
+MAINTAINER=		Rui Reis <rui@openbsd.org>

-# IBM & GPL
+# CPLv1 & IBM & GPLv2
 PERMIT_PACKAGE_CDROM=	commercial contributor must indemnify all others
 PERMIT_PACKAGE_FTP=	Yes
 PERMIT_DISTFILES_CDROM=	commercial contributor must indemnify all others
 PERMIT_DISTFILES_FTP=	Yes
+
+MASTER_SITES=		${MASTER_SITE_SOURCEFORGE:=sleuthkit/}
+
 WANTLIB=		c

+CONFIGURE_STYLE=        simple
+
 RUN_DEPENDS=		:p5-DateManip-*:converters/p5-DateManip

-MAKE_FLAGS=		CC="${CC}" OPT="${CFLAGS}" DEBUG=""
-
 NO_REGRESS=		Yes

-SCRIPTS=		mactime sorter
-PROGRAMS=		dcalc dcat diskstat dls dstat ffind fls fsstat \
-			hfind icat ifind ils istat jcat jls mmls sigfind \
-			sstrings
-DOCS=			README.txt docs/* tct.docs/*
-SORTFILES=		share/sorter/*
-
 pre-configure:
-	@perl -pi -e "s:%%PREFIX%%:${PREFIX}:" ${WRKSRC}/src/sorter/install \
-		${WRKSRC}/man/man1/sorter.1
+	@perl -pi -e "s:%%PREFIX%%:${PREFIX}:" ${WRKSRC}/man/sorter.1

-do-install:
-	${INSTALL_DATA_DIR} ${PREFIX}/share/doc/sleuthkit
-	${INSTALL_DATA_DIR} ${PREFIX}/share/sleuthkit
-	${INSTALL_DATA_DIR} ${PREFIX}/share/sleuthkit/sorter
-	cd ${WRKSRC}/bin && ${INSTALL_SCRIPT} ${SCRIPTS} ${PREFIX}/bin
-	cd ${WRKSRC}/bin && ${INSTALL_PROGRAM} ${PROGRAMS} ${PREFIX}/bin
-	cd ${WRKSRC}/man/man1 && ${INSTALL_MAN} * ${PREFIX}/man/man1
-	cd ${WRKSRC} && ${INSTALL_DATA} ${DOCS} ${PREFIX}/share/doc/sleuthkit
-	cd ${WRKSRC} && ${INSTALL_DATA} ${SORTFILES} \
-		${PREFIX}/share/sleuthkit/sorter
-	 
 .include <bsd.port.mk>
--- a/sysutils/sleuthkit/distinfo
+++ b/sysutils/sleuthkit/distinfo
@ -1,5 +1,5 @@
-MD5 (sleuthkit-1.73.tar.gz) = dzxI3QXKoCYtcgFUmP2Szg==
-RMD160 (sleuthkit-1.73.tar.gz) = HkskH+7HRavm3GcBsGkie9EZtTw=
-SHA1 (sleuthkit-1.73.tar.gz) = nvoorIWdVeS2JHxtbjo0LAwKXm4=
-SHA256 (sleuthkit-1.73.tar.gz) = y9JCEXPqb6mcBDg4JFDJXAox3+xsZAR/ZFXDnOeKrdc=
-SIZE (sleuthkit-1.73.tar.gz) = 727263
+MD5 (sleuthkit-2.51.tar.gz) = FN7vxEvDF4f8mfwjkST3Cw==
+RMD160 (sleuthkit-2.51.tar.gz) = CTjSsfsVKFpwl204EuaNlLO8yQQ=
+SHA1 (sleuthkit-2.51.tar.gz) = iXCXtGSFIvUCPQ2W3Mi50HuWf4w=
+SHA256 (sleuthkit-2.51.tar.gz) = lZCKcUhVx/37+yb9MBb15pePFzDwA9nOve7O5mvH/tw=
+SIZE (sleuthkit-2.51.tar.gz) = 817416
--- a/sysutils/sleuthkit/patches/patch-Makefile
+++ b/sysutils/sleuthkit/patches/patch-Makefile
@ -1,12 +0,0 @@
-$OpenBSD: patch-Makefile,v 1.1 2005/02/16 20:41:27 sturm Exp $
--- Makefile.orig	Wed Feb 16 21:27:22 2005
-+++ Makefile	Wed Feb 16 21:27:30 2005
-@@ -9,7 +9,7 @@ static:	$(DIRS) compile-static
- $(DIRS):
- 	mkdir -p $@
- 
-compile: no-perl mactime sorter file test 
-+compile: no-perl mactime sorter test 
- 
- compile-static: no-perl-static mactime sorter file test
- 
--- a/sysutils/sleuthkit/patches/patch-check-install
+++ b/sysutils/sleuthkit/patches/patch-check-install
@ -1,12 +0,0 @@
-$OpenBSD: patch-check-install,v 1.1 2005/02/16 20:41:27 sturm Exp $
--- check-install.orig	Tue Oct 12 04:00:23 2004
-+++ check-install	Wed Feb 16 21:30:17 2005
-@@ -47,8 +47,6 @@ fi
- 
- if (test -x "bin/file") then
-   blah=1;
-else
-  echo "ERROR: Missing 'file' command";
- fi
- 
- if (test -x "bin/mactime") then
--- a/sysutils/sleuthkit/patches/patch-man_hfind_1
+++ b/sysutils/sleuthkit/patches/patch-man_hfind_1
@ -0,0 +1,63 @@
+$OpenBSD: patch-man_hfind_1,v 1.1 2008/02/18 18:19:36 rui Exp $
+--- man/hfind.1.orig	Sat Feb 16 14:14:32 2008
+++ man/hfind.1	Sat Feb 16 14:15:28 2008
+@@ -16,7 +16,7 @@ hfind \- Lookup a hash value in a hash database
+ looks up hash values in a database using a binary search algorithm. 
+ This allows one to easily create a hash database and identify if a file
+ is known or not.  It works with the NIST National Software Reference
+-Library (NSRL) and the output of 'md5sum'.  
+Library (NSRL) and the output of 'md5'.  
+ 
+ Before the database can be used by 'hfind', an index file must be created
+ with the '-i' option.  
+@@ -31,7 +31,7 @@ The options are as follows:
+ .IP "-i db_type"
+ Create an index file for the database.  This step must be done before
+ a lookup can be performed. The 'db_type' argument specifies the 
+-database type (i.e. nsrl-md5 or md5sum).  See section below.
+database type (i.e. nsrl-md5 or md5).  See section below.
+ .IP "-f lookup_file"
+ Specify the location of a file that contains one hash value per line.  
+ These hashes will be looked up in the database.  
+@@ -72,7 +72,7 @@ to the entry in the original database.
+ 
+ The following input types are valid.  For NSRL, 'nsrl-md5' and
+ \'nsrl-sha1' can be used.  The difference is which hash value the index is
+-sorted by.  The 'md5sum' value can also be used to sort and index "home made"
+sorted by.  The 'md5' value can also be used to sort and index "home made"
+ databases.  'hfind' can take data in both common formats:
+ 
+ 	MD5 (test.txt) = 76b1f4de1522c20b67acc132937cf82e
+@@ -103,11 +103,11 @@ You can even do both SHA-1 and MD5 if you want:
+ 
+ 	80001A80B3F1B80076B297CEE8805AAA04E1B5BA  thrdcore.cpp
+ 
+-To make a database of critical binaries of a trusted system, use 'md5sum':
+To make a database of critical binaries of a trusted system, use 'md5':
+ 
+-	# md5sum /bin/* /sbin/* /usr/bin/* /usr/bin/* /usr/local/bin/* /usr/local/sbin/* > system.md5
+	# md5 -s /bin/* /sbin/* /usr/bin/* /usr/bin/* /usr/local/bin/* /usr/local/sbin/* > system.md5
+ 
+-	# hfind -i md5sum system.md5
+	# hfind -i md5 -s system.md5
+ 
+ To look entries up, the following will work:
+ 
+@@ -117,7 +117,7 @@ To look entries up, the following will work:
+ 
+ or
+ 
+-	# md5sum -q /bin/* | hfind system.md5
+	# md5 -s /bin/* | hfind system.md5
+ 
+ 	928682269cd3edb1acdf9a7f7e606ff2  /bin/bash
+ 
+@@ -125,7 +125,7 @@ or
+ 
+ or
+ 
+-	# md5sum -q /bin/* > bin.md5
+	# md5 -s /bin/* > bin.md5
+ 
+ 	# hfind -f bin.md5 system.md5
+ 
--- a/sysutils/sleuthkit/patches/patch-man_man1_sorter.1
+++ b/sysutils/sleuthkit/patches/patch-man_man1_sorter.1
@ -1,29 +1,30 @@
--- man/man1/sorter.1.orig	Tue Jan  6 23:50:51 2004
-+++ man/man1/sorter.1	Wed Feb 16 21:27:02 2005
-@@ -67,7 +67,7 @@ have priority over the standard files.  
+$OpenBSD: patch-man_sorter_1,v 1.1 2008/02/18 18:19:36 rui Exp $
+--- man/sorter.1.orig	Tue Dec 18 22:43:30 2007
+++ man/sorter.1	Sat Feb 16 14:24:00 2008
+@@ -73,7 +73,7 @@ have priority over the standard files.  
 .IP "-C config"
 Specify the location of the ONLY configuration file.  The standard config
 files will not be loaded if this option is given.  For example, in the
 -\'share/sort\' directory there is a file called 'images.sort'.  This file
-+\'%%PREFIX%%/share/sleuthkit/sorter/\' directory there is a file called 'images.sort'.  This file
+\'%%PREFIX%%/share/tsk/sorter/\' directory there is a file called 'images.sort'.  This file
 contains only rules about graphic images.  If it is specified with -C, then
 only images will be saved about the image.  
 .IP "-m mnt"
-@@ -192,7 +192,7 @@ file systems will produce data from this
+@@ -198,7 +198,7 @@ file systems will produce data from this step).  
 Configuration files are used to define what file types belong in which
 categories and what extensions belong to what file types.  Configuration
 files are distributed with the 'sorter' tool and are located in the
 -installation directory in the 'share/sorter' directory.  
-+installation directory in the \'%%PREFIX%%/share/sleuthkit/sorter/' directory.  
+installation directory in the '%%PREFIX%%/share/tsk/sorter/' directory.  
 
 The 'default.sort' file is used by any file system type.  It contains
 entries for common file types.  A specific operating system file also
-@@ -263,7 +263,7 @@ To include the NSRL, an exclude, and an 
+@@ -273,7 +273,7 @@ To include the NSRL, an exclude, and an alert hash dat
 
 To just identify images using the supplied 'images.sort' file:
 
 -    # sorter -f ntfs -C /usr/local/sleuthkit/share/sort/images.sort \
-+    # sorter -f ntfs -C %%PREFIX%%/share/sleuthkit/sorter/images.sort \
+    # sorter -f ntfs -C %%PREFIX%%/share/tsk/sort/images.sort \
 	  -d data/sorter -h -s images/hda1.dd
 
 .SH REQUIREMENTS
--- a/sysutils/sleuthkit/patches/patch-src_makedefs
+++ b/sysutils/sleuthkit/patches/patch-src_makedefs
@ -1,12 +0,0 @@
-$OpenBSD: patch-src_makedefs,v 1.1 2006/07/30 15:45:39 steven Exp $
--- src/makedefs.orig	Sun Jul 30 17:42:15 2006
-+++ src/makedefs	Sun Jul 30 17:42:26 2006
-@@ -16,6 +16,8 @@ case "$SYSTEM.$RELEASE" in
-                 ;;
-   OpenBSD.3*)   DEFS="-DOPENBSD3"
-                 ;;
-+  OpenBSD.4*)   DEFS="-DOPENBSD3"
-+                ;;
-    BSD/OS.2*)   DEFS="-DBSDI2"
-                 ;;
-    BSD/OS.3*)   DEFS="-DBSDI3"
--- a/sysutils/sleuthkit/patches/patch-src_sorter_install
+++ b/sysutils/sleuthkit/patches/patch-src_sorter_install
@ -1,11 +0,0 @@
--- src/sorter/install.orig	Tue Jan  6 23:50:55 2004
-+++ src/sorter/install	Wed Feb 16 21:27:02 2005
-@@ -58,7 +58,7 @@ if (test $found -eq 0) then
-   done
- fi
- 
-echo "my \$SK_DIR=\"`cd ../..; pwd`/\";" >> $BIN_DIR$PROG;
-+echo "my \$SK_DIR=\"%%PREFIX%%\";" >> $BIN_DIR$PROG;
- 
- # Print the current version
- echo "my \$VER = \"`cat ../../patchlevel`\";" >> $BIN_DIR$PROG;
--- a/sysutils/sleuthkit/patches/patch-src_sorter_sorter.base
+++ b/sysutils/sleuthkit/patches/patch-src_sorter_sorter.base
@ -1,21 +0,0 @@
--- src/sorter/sorter.base.orig	Thu May 20 19:07:53 2004
-+++ src/sorter/sorter.base	Wed Feb 16 21:27:02 2005
-@@ -40,14 +40,14 @@ use integer;
- $ENV{PATH} = '';
- 
- my $BIN_DIR = "$SK_DIR/bin/";
-my $SHARE_DIR = "$SK_DIR/share/sorter/";
-+my $SHARE_DIR = "$SK_DIR/share/sleuthkit/sorter/";
- 
- my $SK_FLS = "${BIN_DIR}fls";
- my $SK_ILS = "${BIN_DIR}ils";
- my $SK_ICAT = "${BIN_DIR}icat";
-my $SK_FILE = "${BIN_DIR}file";
-my $SK_MD5 = "${BIN_DIR}md5";
-my $SK_SHA1 = "${BIN_DIR}sha1";
-+my $SK_FILE = "/usr/bin/file";
-+my $SK_MD5 = "/bin/md5";
-+my $SK_SHA1 = "/bin/sha1";
- my $SK_HFIND = "${BIN_DIR}hfind";
- 
- 
--- a/sysutils/sleuthkit/patches/patch-src_timeline_config-perl
+++ b/sysutils/sleuthkit/patches/patch-src_timeline_config-perl
@ -1,25 +0,0 @@
--- src/timeline/config-perl.orig	Tue Jan  6 23:50:55 2004
-+++ src/timeline/config-perl	Wed Feb 16 21:27:02 2005
-@@ -1,6 +1,4 @@
- BIN_DIR='../../bin/';
-LIB_DIR_BACK='/../../lib/';
-LIB_DIR_NORM='/lib/';
- BASE='mactime.base';
- PROG='mactime';
- 
-@@ -57,15 +55,6 @@ if (test $found -eq 0) then
-       echo "file not found";
-     fi
-   done
-fi
-
-
-# Print the installed location of the lib directory
-# This is not the best fix, but it works
-if (test -z "`echo "$PWD" | awk '/\/src\/timeline/ {print $0}'`") then
-  echo "use lib '$PWD/$LIB_DIR_NORM';" >> $BIN_DIR$PROG;
-else
-  echo "use lib '$PWD/$LIB_DIR_BACK';" >> $BIN_DIR$PROG;
- fi
- 
- 
--- a/sysutils/sleuthkit/patches/patch-tools_sorter_sorter_base
+++ b/sysutils/sleuthkit/patches/patch-tools_sorter_sorter_base
@ -0,0 +1,16 @@
+$OpenBSD: patch-tools_sorter_sorter_base,v 1.1 2008/02/18 18:19:36 rui Exp $
+--- tools/sorter/sorter.base.orig	Sat Feb 16 14:09:11 2008
+++ tools/sorter/sorter.base	Sat Feb 16 14:09:51 2008
+@@ -23,9 +23,9 @@ my $SK_ICAT    = "${BIN_DIR}/icat";
+ my $SK_HFIND   = "${BIN_DIR}/hfind";
+ my $SK_FSSTAT  = "${BIN_DIR}/fsstat";
+ my $SK_IMGSTAT = "${BIN_DIR}/img_stat";
+-my $SK_FILE    = "";
+-my $SK_MD5     = "";
+-my $SK_SHA1    = "";
+my $SK_FILE    = "/usr/bin/file";
+my $SK_MD5     = "/bin/md5";
+my $SK_SHA1    = "/bin/sha1";
+ 
+ my $MIS_NAME        = "mismatch";
+ my $UNK_NAME        = "unknown";
--- a/sysutils/sleuthkit/patches/patch-tools_timeline_mactime_base
+++ b/sysutils/sleuthkit/patches/patch-tools_timeline_mactime_base
@ -0,0 +1,12 @@
+$OpenBSD: patch-tools_timeline_mactime_base,v 1.1 2008/02/18 18:19:36 rui Exp $
+--- tools/timeline/mactime.base.orig	Sat Feb 16 22:39:24 2008
+++ tools/timeline/mactime.base	Sat Feb 16 22:40:03 2008
+@@ -405,7 +405,7 @@ sub print_tl {
+         $delim = ",";
+     }
+ 
+-    for $key (sort { $a <=> $b } keys %time2macstr) {
+    for $key (sort { $a cmp $b } keys %time2macstr) {
+         if ($key =~ /^(\d+),([\d-]+),(.*)$/) {
+             $time  = $1;
+             $inode = $2;
--- a/sysutils/sleuthkit/pkg/PLIST
+++ b/sysutils/sleuthkit/pkg/PLIST
@ -1,8 +1,9 @@
-@comment $OpenBSD: PLIST,v 1.5 2005/03/16 15:43:19 naddy Exp $
+@comment $OpenBSD: PLIST,v 1.6 2008/02/18 18:19:36 rui Exp $
@conflict ja-jvim-*
 bin/dcalc
 bin/dcat
-bin/diskstat
+@comment bin/disk_sreset
+@comment bin/disk_stat
 bin/dls
 bin/dstat
 bin/ffind
@ -12,17 +13,49 @@ bin/hfind
 bin/icat
 bin/ifind
 bin/ils
+bin/img_cat
+bin/img_stat
 bin/istat
 bin/jcat
 bin/jls
 bin/mactime
 bin/mmls
+bin/mmstat
 bin/sigfind
 bin/sorter
-bin/sstrings
+bin/srch_strings
+include/tsk/
+include/tsk/base/
+include/tsk/base/tsk_base.h
+include/tsk/base/tsk_os.h
+include/tsk/fs/
+include/tsk/fs/tsk_ext2fs.h
+include/tsk/fs/tsk_fatfs.h
+include/tsk/fs/tsk_ffs.h
+include/tsk/fs/tsk_fs.h
+include/tsk/fs/tsk_hfs.h
+include/tsk/fs/tsk_iso9660.h
+include/tsk/fs/tsk_ntfs.h
+include/tsk/hashdb/
+include/tsk/hashdb/tsk_hashdb.h
+include/tsk/img/
+include/tsk/img/tsk_img.h
+include/tsk/libtsk.h
+include/tsk/tsk_incs.h
+include/tsk/vs/
+include/tsk/vs/tsk_bsd.h
+include/tsk/vs/tsk_dos.h
+include/tsk/vs/tsk_gpt.h
+include/tsk/vs/tsk_mac.h
+include/tsk/vs/tsk_sun.h
+include/tsk/vs/tsk_vs.h
+lib/libtsk.a
+lib/libtsk.la
+@lib lib/libtsk.so.${LIBtsk_VERSION}
@man man/man1/dcalc.1
@man man/man1/dcat.1
-@man man/man1/diskstat.1
+@man man/man1/disk_sreset.1
+@man man/man1/disk_stat.1
@man man/man1/dls.1
@man man/man1/dstat.1
@man man/man1/ffind.1
@ -32,35 +65,26 @@ bin/sstrings
@man man/man1/icat.1
@man man/man1/ifind.1
@man man/man1/ils.1
+@man man/man1/img_cat.1
+@man man/man1/img_stat.1
@man man/man1/istat.1
@man man/man1/jcat.1
@man man/man1/jls.1
@man man/man1/mactime.1
@man man/man1/mmls.1
+@man man/man1/mmstat.1
@man man/man1/sigfind.1
@man man/man1/sorter.1
-@comment man/man1/sorter.1.orig
-share/doc/sleuthkit/
-share/doc/sleuthkit/CHANGES.FROM.TCT
-share/doc/sleuthkit/README
-share/doc/sleuthkit/README.FIRST
-share/doc/sleuthkit/README.txt
-share/doc/sleuthkit/additional-resources
-share/doc/sleuthkit/bibliography
-share/doc/sleuthkit/help-recovering-file
-share/doc/sleuthkit/help-when-broken-into
-share/doc/sleuthkit/nsrl.txt
-share/doc/sleuthkit/other.txt
-share/doc/sleuthkit/ref_fs.txt
-share/doc/sleuthkit/ref_timeline.txt
-share/doc/sleuthkit/skins_fat.txt
-share/doc/sleuthkit/skins_ntfs.txt
-share/sleuthkit/
-share/sleuthkit/sorter/
-share/sleuthkit/sorter/default.sort
-share/sleuthkit/sorter/freebsd.sort
-share/sleuthkit/sorter/images.sort
-share/sleuthkit/sorter/linux.sort
-share/sleuthkit/sorter/openbsd.sort
-share/sleuthkit/sorter/solaris.sort
-share/sleuthkit/sorter/windows.sort
+share/tsk/
+share/tsk/lib/
+share/tsk/lib/Date/
+share/tsk/lib/Date/Manip.pm
+share/tsk/lib/Date/Manip.pod
+share/tsk/sorter/
+share/tsk/sorter/default.sort
+share/tsk/sorter/freebsd.sort
+share/tsk/sorter/images.sort
+share/tsk/sorter/linux.sort
+share/tsk/sorter/openbsd.sort
+share/tsk/sorter/solaris.sort
+share/tsk/sorter/windows.sort