diff --git a/security/wazuh-agent/Makefile b/security/wazuh-agent/Makefile index e4e77b9c01e4..c93ec2b45402 100644 --- a/security/wazuh-agent/Makefile +++ b/security/wazuh-agent/Makefile @@ -1,216 +1,226 @@ PORTNAME= wazuh DISTVERSION= 4.14.1 DISTVERSIONPREFIX= v CATEGORIES= security MASTER_SITES= https://packages.wazuh.com/deps/47/libraries/sources/:wazuh_sources PKGNAMESUFFIX= -agent DISTFILES= ${EXTERNAL_DISTFILES} DIST_SUBDIR= ${PORTNAME}-${DISTVERSION} EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX} MAINTAINER= acm@FreeBSD.org COMMENT= Security tool to monitor and check logs and intrusions (agent) WWW= https://github.com/wazuh/wazuh LICENSE= GPLv2 LICENSE_FILE= ${WRKSRC}/LICENSE LIB_DEPENDS= libnghttp2.so:www/libnghttp2 USES= cmake:indirect cpe gmake perl5 readline shebangfix sqlite:3 uidfix USE_GITHUB= yes GH_TUPLE= alonsobsd:wazuh-freebsd:${WAZUH_EXTRAFILE_TAGNAME}:wazuh USE_RC_SUBR= ${PORTNAME}${PKGNAMESUFFIX} MAKE_ARGS+= TARGET=agent WAZUH_EXTRAFILE= alonsobsd-${PORTNAME}-freebsd-${WAZUH_EXTRAFILE_TAGNAME}_GH0${EXTRACT_SUFX} WAZUH_EXTRAFILE_TAGNAME=2f1307c EXTERNAL_DISTFILES= cJSON.tar.gz:wazuh_sources \ curl.tar.gz:wazuh_sources \ libdb.tar.gz:wazuh_sources \ libffi.tar.gz:wazuh_sources \ libyaml.tar.gz:wazuh_sources \ openssl.tar.gz:wazuh_sources \ procps.tar.gz:wazuh_sources \ sqlite.tar.gz:wazuh_sources \ zlib.tar.gz:wazuh_sources \ audit-userspace.tar.gz:wazuh_sources \ msgpack.tar.gz:wazuh_sources \ bzip2.tar.gz:wazuh_sources \ nlohmann.tar.gz:wazuh_sources \ googletest.tar.gz:wazuh_sources \ libpcre2.tar.gz:wazuh_sources \ libplist.tar.gz:wazuh_sources \ libarchive.tar.gz:wazuh_sources \ popt.tar.gz:wazuh_sources OPTIONS_DEFAULT= INOTIFY OPTIONS_DEFINE= INOTIFY PRELUDE ZEROMQ INOTIFY_LIB_DEPENDS= libinotify.so:devel/libinotify PRELUDE_LIB_DEPENDS= libprelude.so:security/libprelude ZEROMQ_LIB_DEPENDS= libczmq.so:net/czmq INOTIFY_DESC= Kevent based real time monitoring PRELUDE_DESC= Sensor support from Prelude SIEM ZEROMQ_DESC= ZeroMQ support ZEROMQ_MAKE_ENV= USE_ZEROMQ=yes PRELUDE_MAKE_ENV= USE_PRELUDE=yes INOTIFY_MAKE_ENV= USE_INOTIFY=yes INOTIFY_USES= pkgconfig WAZUH_USER= wazuh WAZUH_GROUP= wazuh USERS= ${WAZUH_USER} GROUPS= ${WAZUH_GROUP} CONFLICTS= ossec-* wazuh-manager SUB_FILES= pkg-message WZBIN_FILES= agent-auth manage_agents wazuh-agentd wazuh-execd wazuh-logcollector \ wazuh-modulesd WZARBIN_FILES= default-firewall-drop pf npf ipfw firewalld-drop disable-account \ host-deny ip-customblock restart-wazuh route-null kaspersky wazuh-slack WAZUHMOD750= / /logs/wazuh /bin /lib /queue /queue/diff /queue/logcollector \ /queue/syscollector /queue/syscollector/db /ruleset /ruleset/sca /wodles \ /active-response /active-response/bin /agentless /var /backup \ /wodles/aws /wodles/azure /wodles/docker /wodles/gcloud \ /wodles/gcloud/buckets /wodles/gcloud/pubsub WAZUHMOD770= /etc/shared/default /logs /queue/alerts /queue/fim \ /queue/fim/db /queue/rids /queue/sockets /etc /etc/shared \ /var/run /var/upgrade /var/selinux /var/wodles /var/incoming WAZUHPREFIX= /var/ossec +.include + +.if ${ARCH} == powerpc64 +MAKE_ENV+= OSSL_TARGET=BSD-ppc64 +.elif ${ARCH} == powerpc64le +MAKE_ENV+= OSSL_TARGET=BSD-ppc64le +.elif ${ARCH} == riscv64 +MAKE_ENV+= OSSL_TARGET=BSD-riscv64 +.endif + .include .if ${OSVERSION} >= 1300139 && ${OSVERSION} < 1400000 FBSD_MAJOR_VERSION=13 .elif ${OSVERSION} >= 1400000 && ${OSVERSION} < 1500000 FBSD_MAJOR_VERSION=14 .elif ${OSVERSION} >= 1500000 && ${OSVERSION} < 1600000 FBSD_MAJOR_VERSION=15 .elif ${OSVERSION} >= 1600000 FBSD_MAJOR_VERSION=16 .else IGNORE= FreeBSD ${OSVERSION} ${ARCH} is not supported .endif post-extract: .for FILE in ${EXTERNAL_DISTFILES} @cd ${WRKSRC}/src/external && ${EXTRACT_CMD} ${EXTRACT_BEFORE_ARGS} ${_DISTDIR}/${FILE:S/:wazuh_sources//} ${EXTRACT_AFTER_ARGS} .endfor @${MKDIR} ${WRKSRC}/ruleset/sca/freebsd @cd ${WRKDIR} && ${EXTRACT_CMD} ${EXTRACT_BEFORE_ARGS} ${_DISTDIR}/${WAZUH_EXTRAFILE} ${EXTRACT_AFTER_ARGS} @${MV} ${WRKDIR}/${PORTNAME}-freebsd-${WAZUH_EXTRAFILE_TAGNAME} ${WRKDIR}/wazuh-freebsd @cd ${WRKDIR}/wazuh-freebsd/var/ossec/ruleset/sca && ${CP} *.yml ${WRKSRC}/ruleset/sca/freebsd/ post-patch: ${REINPLACE_CMD} -e 's|CC=|CC?=|g' -e 's|AR=|AR?=|g' ${WRKSRC}/src/external/bzip2/Makefile ${REINPLACE_CMD} -e 's|%%FBSD_MAJOR_VERSION%%|${FBSD_MAJOR_VERSION}|g' ${WRKSRC}/etc/ossec-agent.conf do-build: cd ${WRKSRC}/src/ && ${SETENV} ${MAKE_ENV} STAGEDIR=${STAGEDIR} \ ${MAKE_CMD} ${MAKE_ARGS} do-install: ${MKDIR} ${STAGEDIR}${WAZUHPREFIX}/bin ${MKDIR} ${STAGEDIR}${WAZUHPREFIX}/lib ${MKDIR} ${STAGEDIR}${WAZUHPREFIX}/tmp .for DIRE in ${WAZUHMOD750} ${MKDIR} -m 0750 ${STAGEDIR}${WAZUHPREFIX}${DIRE} .endfor .for DIRE in ${WAZUHMOD770} ${MKDIR} -m 0770 ${STAGEDIR}${WAZUHPREFIX}${DIRE} .endfor .for FILE in ${WZBIN_FILES} ${INSTALL_PROGRAM} ${WRKSRC}/src/${FILE} ${STAGEDIR}${WAZUHPREFIX}/bin .endfor ${INSTALL_PROGRAM} ${WRKSRC}/src/syscheckd/build/bin/wazuh-syscheckd ${STAGEDIR}${WAZUHPREFIX}/bin ${INSTALL_SCRIPT} ${WRKSRC}/src/init/wazuh-client.sh ${STAGEDIR}${WAZUHPREFIX}/bin/wazuh-control ${TOUCH} ${STAGEDIR}${WAZUHPREFIX}/etc/localtime ${INSTALL_DATA} ${WRKSRC}/etc/internal_options.conf ${STAGEDIR}${WAZUHPREFIX}/etc ${INSTALL_DATA} ${WRKSRC}/src/wazuh_modules/syscollector/norm_config.json ${STAGEDIR}${WAZUHPREFIX}/queue/syscollector ${INSTALL_DATA} ${WRKSRC}/etc/local_internal_options.conf ${STAGEDIR}${WAZUHPREFIX}/etc/local_internal_options.conf.sample ${INSTALL_DATA} /dev/null ${STAGEDIR}${WAZUHPREFIX}/etc/client.keys.sample ${INSTALL_DATA} ${WRKSRC}/etc/wpk_root.pem ${STAGEDIR}${WAZUHPREFIX}/etc/ ${INSTALL_DATA} ${WRKSRC}/etc/ossec-agent.conf ${STAGEDIR}${WAZUHPREFIX}/etc/ossec.conf.sample ${INSTALL_SCRIPT} ${WRKSRC}/src/agentlessd/scripts/* ${STAGEDIR}${WAZUHPREFIX}/agentless/ .for FILE in ${WZARBIN_FILES} ${INSTALL_PROGRAM} ${WRKSRC}/src/${FILE} ${STAGEDIR}${WAZUHPREFIX}/active-response/bin .endfor ${INSTALL_PROGRAM} ${WRKSRC}/src/wazuh-slack ${STAGEDIR}${WAZUHPREFIX}/active-response/bin ${INSTALL_SCRIPT} ${WRKSRC}/src/active-response/*.sh ${STAGEDIR}${WAZUHPREFIX}/active-response/bin ${INSTALL_SCRIPT} ${WRKSRC}/src/active-response/*.py ${STAGEDIR}${WAZUHPREFIX}/active-response/bin ${INSTALL_PROGRAM} ${WRKSRC}/src/default-firewall-drop ${STAGEDIR}${WAZUHPREFIX}/active-response/bin/firewall-drop ${INSTALL_DATA} ${WRKSRC}/ruleset/rootcheck/db/*.txt ${STAGEDIR}${WAZUHPREFIX}/etc/shared ${INSTALL_DATA} ${WRKSRC}/ruleset/rootcheck/db/*.txt ${STAGEDIR}${WAZUHPREFIX}/etc/shared/default ${INSTALL_SCRIPT} ${WRKSRC}/wodles/__init__.py ${STAGEDIR}${WAZUHPREFIX}/wodles/__init__.py ${INSTALL_SCRIPT} ${WRKSRC}/wodles/utils.py ${STAGEDIR}${WAZUHPREFIX}/wodles/utils.py ${INSTALL_SCRIPT} ${WRKSRC}/wodles/aws/aws_s3.py ${STAGEDIR}${WAZUHPREFIX}/wodles/aws/aws-s3.py ${INSTALL_SCRIPT} ${WRKSRC}/framework/wrappers/generic_wrapper.sh ${STAGEDIR}${WAZUHPREFIX}/wodles/aws/aws-s3 ${INSTALL_SCRIPT} ${WRKSRC}/wodles/gcloud/exceptions.py ${STAGEDIR}${WAZUHPREFIX}/wodles/gcloud/exceptions.py ${INSTALL_SCRIPT} ${WRKSRC}/wodles/gcloud/gcloud.py ${STAGEDIR}${WAZUHPREFIX}/wodles/gcloud/gcloud.py ${INSTALL_SCRIPT} ${WRKSRC}/wodles/gcloud/integration.py ${STAGEDIR}${WAZUHPREFIX}/wodles/gcloud/integration.py ${INSTALL_SCRIPT} ${WRKSRC}/wodles/gcloud/tools.py ${STAGEDIR}${WAZUHPREFIX}/wodles/gcloud/tools.py ${INSTALL_SCRIPT} ${WRKSRC}/wodles/gcloud/buckets/bucket.py ${STAGEDIR}${WAZUHPREFIX}/wodles/gcloud/buckets/bucket.py ${INSTALL_SCRIPT} ${WRKSRC}/wodles/gcloud/buckets/access_logs.py ${STAGEDIR}${WAZUHPREFIX}/wodles/gcloud/buckets/access_logs.py ${INSTALL_SCRIPT} ${WRKSRC}/wodles/gcloud/pubsub/subscriber.py ${STAGEDIR}${WAZUHPREFIX}/wodles/gcloud/pubsub/subscriber.py ${INSTALL_SCRIPT} ${WRKSRC}/framework/wrappers/generic_wrapper.sh ${STAGEDIR}${WAZUHPREFIX}/wodles/gcloud/gcloud ${INSTALL_SCRIPT} ${WRKSRC}/wodles/docker-listener/DockerListener.py ${STAGEDIR}${WAZUHPREFIX}/wodles/docker/DockerListener.py ${INSTALL_SCRIPT} ${WRKSRC}/framework/wrappers/generic_wrapper.sh ${STAGEDIR}${WAZUHPREFIX}/wodles/docker/DockerListener ${INSTALL_SCRIPT} ${WRKSRC}/wodles/azure/azure-logs.py ${STAGEDIR}${WAZUHPREFIX}/wodles/azure/azure-logs.py ${INSTALL_SCRIPT} ${WRKSRC}/framework/wrappers/generic_wrapper.sh ${STAGEDIR}${WAZUHPREFIX}/wodles/azure/azure-logs ${INSTALL_DATA} ${WRKSRC}/ruleset/sca/generic/sca_distro_independent_linux.yml ${STAGEDIR}${WAZUHPREFIX}/ruleset/sca/ ${INSTALL_LIB} ${WRKSRC}/src/libwazuhext.so ${STAGEDIR}${WAZUHPREFIX}/lib ${INSTALL_LIB} ${WRKSRC}/src/libwazuhshared.so ${STAGEDIR}${WAZUHPREFIX}/lib ${INSTALL_LIB} ${WRKSRC}/src/shared_modules/dbsync/build/lib/libdbsync.so ${STAGEDIR}${WAZUHPREFIX}/lib ${INSTALL_LIB} ${WRKSRC}/src/shared_modules/rsync/build/lib/librsync.so ${STAGEDIR}${WAZUHPREFIX}/lib ${INSTALL_LIB} ${WRKSRC}/src/syscheckd/build/lib/libfimdb.so ${STAGEDIR}${WAZUHPREFIX}/lib ${INSTALL_LIB} ${WRKSRC}/src/wazuh_modules/syscollector/build/lib/libsyscollector.so ${STAGEDIR}${WAZUHPREFIX}/lib ${INSTALL_LIB} ${WRKSRC}/src/data_provider/build/lib/libsysinfo.so ${STAGEDIR}${WAZUHPREFIX}/lib ${MKDIR} ${STAGEDIR}${WAZUHPREFIX}/packages_files/agent_installation_scripts/etc/templates ${MKDIR} ${STAGEDIR}${WAZUHPREFIX}/packages_files/agent_installation_scripts/src cd ${WRKSRC}/etc/templates && ${COPYTREE_SHARE} config \ ${STAGEDIR}${WAZUHPREFIX}/packages_files/agent_installation_scripts/etc/templates/ cd ${WRKSRC}/ruleset && ${COPYTREE_SHARE} sca \ ${STAGEDIR}${WAZUHPREFIX}/packages_files/agent_installation_scripts/ cd ${WRKSRC}/src && ${COPYTREE_SHARE} init \ ${STAGEDIR}${WAZUHPREFIX}/packages_files/agent_installation_scripts/src/ ${INSTALL_SCRIPT} ${WRKSRC}/gen_ossec.sh ${STAGEDIR}${WAZUHPREFIX}/packages_files/agent_installation_scripts/ ${INSTALL_SCRIPT} ${WRKSRC}/add_localfiles.sh ${STAGEDIR}${WAZUHPREFIX}/packages_files/agent_installation_scripts/ ${INSTALL_DATA} ${WRKSRC}/VERSION.json ${STAGEDIR}${WAZUHPREFIX} .include diff --git a/security/wazuh-agent/files/patch-src-Makefile b/security/wazuh-agent/files/patch-src-Makefile index a45608e5dff6..27d1da76dd10 100644 --- a/security/wazuh-agent/files/patch-src-Makefile +++ b/security/wazuh-agent/files/patch-src-Makefile @@ -1,181 +1,190 @@ --- src/Makefile 2025-09-23 06:59:40.000000000 -0700 +++ src/Makefile 2025-10-12 08:02:29.393309000 -0700 @@ -49,9 +49,11 @@ HAS_CHECKMODULE = $(shell command -v checkmodule > /dev/null && echo YES) HAS_SEMODULE_PACKAGE = $(shell command -v semodule_package > /dev/null && echo YES) +ifeq (${uname_S},Linux) CHECK_ARCHLINUX := $(shell sh -c 'grep "Arch Linux" /etc/os-release > /dev/null && echo YES || echo not') CHECK_CENTOS5 := $(shell sh -c 'grep "CentOS release 5." /etc/redhat-release 2>&1 > /dev/null && echo YES || echo not') CHECK_ALPINE := $(shell sh -c 'grep "Alpine Linux" /etc/os-release 2>&1 > /dev/null && echo YES || echo not') +endif ARCH_FLAGS = @@ -112,7 +114,7 @@ USE_PRELUDE?=no USE_ZEROMQ?=no USE_GEOIP?=no -USE_INOTIFY=no +USE_INOTIFY?=no USE_BIG_ENDIAN=no USE_AUDIT=no MINGW_HOST=unknown @@ -177,6 +179,8 @@ DEFINES+=-DUSER=\"${WAZUH_USER}\" DEFINES+=-DGROUPGLOBAL=\"${WAZUH_GROUP}\" +OSSEC_CFLAGS+=-I./ -I./headers/ -I${EXTERNAL_OPENSSL}include -I$(EXTERNAL_JSON) -I${EXTERNAL_LIBYAML}include -I${EXTERNAL_CURL}include -I${EXTERNAL_MSGPACK}include -I${EXTERNAL_BZIP2} -I${SHARED_MODULES}common -I${DBSYNC}include -I${RSYNC}include -I${SYSCOLLECTOR}include -I${SYSINFO}include -I${EXTERNAL_LIBPCRE2}include -I${EXTERNAL_RPM}/builddir/output/include -I${SYSCHECK}include -I${ROUTER}include -I${CONTENT_MANAGER}include -I${VULNERABILITY_SCANNER}include -I${INVENTORY_HARVESTER}include -I./shared_modules/ + ifneq (${TARGET},winagent) DEFINES+=-D${uname_S} ifeq (${uname_S},Linux) @@ -271,13 +275,14 @@ ifeq (${uname_S},FreeBSD) DEFINES+=-DFreeBSD OSSEC_CFLAGS+=-pthread -I/usr/local/include - OSSEC_LDFLAGS+=-pthread + OSSEC_LDFLAGS+=-pthread -lnghttp2 OSSEC_LDFLAGS+=-L/usr/local/lib OSSEC_LDFLAGS+='-Wl,-rpath,$$ORIGIN/../lib' - AR_LDFLAGS+=-pthread + AR_LDFLAGS+=-pthread -lnghttp2 AR_LDFLAGS+=-L/usr/local/lib AR_LDFLAGS+='-Wl,-rpath,$$ORIGIN/../../lib' PRECOMPILED_OS:=freebsd + CC?=cc else ifeq (${uname_S},NetBSD) DEFINES+=-DNetBSD @@ -436,7 +441,6 @@ OSSEC_CFLAGS+=${DEFINES} OSSEC_CFLAGS+=-pipe -Wall -Wextra -std=gnu99 -OSSEC_CFLAGS+=-I./ -I./headers/ -I${EXTERNAL_OPENSSL}include -I$(EXTERNAL_JSON) -I${EXTERNAL_LIBYAML}include -I${EXTERNAL_CURL}include -I${EXTERNAL_MSGPACK}include -I${EXTERNAL_BZIP2} -I${SHARED_MODULES}common -I${DBSYNC}include -I${RSYNC}include -I${SYSCOLLECTOR}include -I${SYSINFO}include -I${EXTERNAL_LIBPCRE2}include -I${EXTERNAL_RPM}/builddir/output/include -I${SYSCHECK}include -I${ROUTER}include -I${CONTENT_MANAGER}include -I${VULNERABILITY_SCANNER}include -I${INVENTORY_HARVESTER}include -I./shared_modules/ OSSEC_CFLAGS += ${CFLAGS} OSSEC_LDFLAGS += ${LDFLAGS} @@ -533,8 +537,8 @@ ifneq (,$(filter ${USE_INOTIFY},YES auto yes y Y 1)) DEFINES+=-DINOTIFY_ENABLED ifeq (${uname_S},FreeBSD) - OSSEC_LDFLAGS+=-L/usr/local/lib -I/usr/local/include - OSSEC_LIBS+=-linotify + OSSEC_LDFLAGS+=-I/usr/local/include -L/usr/local/lib + OSSEC_LIBS+=-L/usr/local/lib -linotify OSSEC_CFLAGS+=-I/usr/local/include endif endif @@ -960,6 +964,8 @@ EXTERNAL_LIBS += $(LIBCURL_LIB) else ifeq (${uname_S},Linux) EXTERNAL_LIBS += $(LIBCURL_LIB) +else ifeq (${uname_S},FreeBSD) + EXTERNAL_LIBS += $(LIBCURL_LIB) else ifeq (${uname_S},Darwin) EXTERNAL_LIBS += $(LIBCURL_LIB) endif -@@ -1193,9 +1199,13 @@ +@@ -1032,7 +1038,7 @@ endif + + #### OpenSSL ########## + +-OPENSSL_FLAGS = enable-weak-ssl-ciphers no-shared ++OPENSSL_FLAGS = enable-weak-ssl-ciphers no-shared $(OSSL_TARGET) + + ifeq (${uname_M}, i386) + ifeq ($(findstring BSD,${uname_S}), BSD) +@@ -1196,9 +1202,13 @@ else cd $(EXTERNAL_CURL) && CPPFLAGS="-fPIC -I${ROUTE_PATH}/${EXTERNAL_OPENSSL}include" LDFLAGS="-L${ROUTE_PATH}/${EXTERNAL_OPENSSL}" LIBS="-ldl -lpthread" ./configure --with-openssl="${ROUTE_PATH}/${EXTERNAL_OPENSSL}" --disable-ldap --without-libidn2 --without-libpsl --without-brotli --without-nghttp2 --without-zstd endif else +ifeq (${uname_S},FreeBSD) + cd $(EXTERNAL_CURL) && CPPFLAGS="-fPIC -I${ROUTE_PATH}/${EXTERNAL_OPENSSL}include" LDFLAGS="-L${ROUTE_PATH}/${EXTERNAL_OPENSSL}" LIBS="-pthread" ./configure --with-ssl="${ROUTE_PATH}/${EXTERNAL_OPENSSL}" --disable-ldap --without-libidn2 --without-brotli --without-nghttp2 --without-librtmp --without-zstd --without-libpsl +else cd $(EXTERNAL_CURL) && CPPFLAGS="-fPIC -I${ROUTE_PATH}/${EXTERNAL_OPENSSL}include" LDFLAGS="-L${ROUTE_PATH}/${EXTERNAL_OPENSSL}" LIBS="-lpthread" ./configure --with-openssl="${ROUTE_PATH}/${EXTERNAL_OPENSSL}" --disable-ldap --without-libidn2 --without-brotli --without-nghttp2 --without-librtmp --without-zstd --without-libpsl endif endif +endif #### procps ######### @@ -2308,7 +2318,7 @@ #### FIM ###### wazuh-syscheckd: librootcheck.a libwazuh.a ${WAZUHEXT_LIB} build_shared_modules - cd syscheckd && mkdir -p build && cd build && cmake ${SYSCHECK_OS} ${CMAKE_OPTS} -DCMAKE_C_FLAGS="${DEFINES} -pipe -Wall -Wextra -std=gnu99" ${SYSCHECK_TEST} ${SYSCHECK_RELEASE_TYPE} .. && ${MAKE} + cd syscheckd && mkdir -p build && cd build && cmake ${CMAKE_OPTS} -DCMAKE_C_FLAGS="${DEFINES} ${OSSEC_CFLAGS} -pipe -Wall -Wextra -std=gnu99" -DCMAKE_EXE_LINKER_FLAGS="${OSSEC_LDFLAGS} ${OSSEC_LIBS}" ${SYSCHECK_TEST} ${SYSCHECK_RELEASE_TYPE} .. && ${MAKE} #### Monitor ####### @@ -2340,13 +2350,13 @@ os_auth_o := $(os_auth_c:.c=.o) os_auth/%.o: os_auth/%.c - ${OSSEC_CC} ${OSSEC_CFLAGS} -I./os_auth -DARGV0=\"wazuh-authd\" -c $^ -o $@ + ${OSSEC_CC} -I${LOCALBASE}/include/libepoll-shim ${OSSEC_CFLAGS} -I./os_auth -DARGV0=\"wazuh-authd\" -c $^ -o $@ agent-auth: addagent/validate.o os_auth/main-client.o os_auth/ssl.o os_auth/check_cert.o ${OSSEC_CCBIN} ${OSSEC_LDFLAGS} $^ ${OSSEC_LIBS} -o $@ wazuh-authd: addagent/validate.o os_auth/main-server.o os_auth/local-server.o os_auth/ssl.o os_auth/check_cert.o os_auth/config.o os_auth/authcom.o os_auth/auth.o os_auth/key_request.o os_auth/generate_cert.o - ${OSSEC_CCBIN} ${OSSEC_LDFLAGS} $^ ${OSSEC_LIBS} -o $@ + ${OSSEC_CCBIN} ${OSSEC_LDFLAGS} $^ ${OSSEC_LIBS} -lepoll-shim -o $@ #### integratord ##### @@ -2486,7 +2496,7 @@ WPYTHON_DIR := ${INSTALLDIR}/framework/python OPTIMIZE_CPYTHON?=no WPYTHON_TAR=cpython.tar.gz -WLIBPYTHON=libpython3.10.so.1.0 +WLIBPYTHON=libpython3.11.so.1.0 ifneq (,$(filter ${OPTIMIZE_CPYTHON},YES yes y Y 1)) CPYTHON_FLAGS=--enable-optimizations @@ -2500,22 +2510,45 @@ endif ifeq (,$(wildcard ${EXTERNAL_CPYTHON}/python)) - export WPATH_LIB="'\$$\$$ORIGIN/../../../lib'" && export SOURCE_PATH=${ROUTE_PATH} && export WAZUH_FFI_PATH=${EXTERNAL_LIBFFI} && export LD_LIBRARY_PATH=${ROUTE_PATH} && cd ${EXTERNAL_CPYTHON} && ./configure --prefix="${WPYTHON_DIR}" --libdir="${WPYTHON_DIR}/lib" --enable-shared --with-openssl="${ROUTE_PATH}/${EXTERNAL_OPENSSL}" LDFLAGS="${ARCH_FLAGS} -L${ROUTE_PATH} -lwazuhext -Wl,-rpath,'\$$\$$ORIGIN/../../../lib',--disable-new-dtags" CPPFLAGS="-I${ROUTE_PATH}/${EXTERNAL_OPENSSL}" $(CPYTHON_FLAGS) && ${MAKE} + export WPATH_LIB="'\$$\$$ORIGIN/../../../lib'" && export SOURCE_PATH=${ROUTE_PATH} && export WAZUH_FFI_PATH=${EXTERNAL_LIBFFI} && export LD_LIBRARY_PATH=${ROUTE_PATH} && cd ${EXTERNAL_CPYTHON} && ./configure --prefix="${WPYTHON_DIR}" --libdir="${WPYTHON_DIR}/lib" --enable-shared --with-openssl="${ROUTE_PATH}/${EXTERNAL_OPENSSL}" LIBSQLITE3_CFLAGS="-I${LOCALBASE}/include" LIBSQLITE3_LIBS="-L${LOCALBASE}/lib -lsqlite3" LDFLAGS="${ARCH_FLAGS} -L${ROUTE_PATH} -lwazuhext -Wl,-rpath,'\$$\$$ORIGIN/../../../lib',--disable-new-dtags" CPPFLAGS="-I${ROUTE_PATH}/${EXTERNAL_OPENSSL}" $(CPYTHON_FLAGS) && ${MAKE} endif build_python: $(WAZUHEXT_LIB) install_python: ifneq (,$(wildcard ${EXTERNAL_CPYTHON})) - cd ${EXTERNAL_CPYTHON} && export WPATH_LIB=${INSTALLDIR}/lib && export SOURCE_PATH=${ROUTE_PATH} && export WAZUH_FFI_PATH=${EXTERNAL_LIBFFI} && ${MAKE} install + cd ${EXTERNAL_CPYTHON} && export WPATH_LIB=${INSTALLDIR}/lib && export SOURCE_PATH=${ROUTE_PATH} && export WAZUH_FFI_PATH=${EXTERNAL_LIBFFI} && export LD_LIBRARY_PATH=${ROUTE_PATH} && ${MAKE} install else mkdir -p ${WPYTHON_DIR} cp external/${WPYTHON_TAR} ${WPYTHON_DIR}/${WPYTHON_TAR} && ${TAR} ${WPYTHON_DIR}/${WPYTHON_TAR} -C ${WPYTHON_DIR} && rm -rf ${WPYTHON_DIR}/${WPYTHON_TAR} endif +ifeq (${uname_S},FreeBSD) + mkdir -p $(STAGEDIR)${INSTALLDIR}/lib + find $(STAGEDIR)${WPYTHON_DIR} -name "*${WLIBPYTHON}" -exec ln -f {} $(STAGEDIR)${INSTALLDIR}/lib/${WLIBPYTHON} \; +else find ${WPYTHON_DIR} -name "*${WLIBPYTHON}" -exec ln -f {} ${INSTALLDIR}/lib/${WLIBPYTHON} \; +endif python_dependencies := requirements.txt +ifeq (${uname_S},FreeBSD) +install_dependencies: +ifneq (,$(wildcard ${EXTERNAL_CPYTHON})) + $(STAGEDIR)${WPYTHON_DIR}/bin/python3 -B -m pip install --upgrade pip --prefix=${WPYTHON_DIR} --root=$(STAGEDIR) --no-index --find-links=wazuh-cache/ --cache-dir=wazuh-cache/ --no-compile + LD_LIBRARY_PATH="$(STAGEDIR)${INSTALLDIR}/lib" LDFLAGS="-L$(STAGEDIR)${INSTALLDIR}/lib" $(STAGEDIR)${WPYTHON_DIR}/bin/python3 -m pip install wazuh-cache-any/*.whl --root=$(STAGEDIR) --prefix=${WPYTHON_DIR} --no-deps --no-compile + LD_LIBRARY_PATH="$(STAGEDIR)${INSTALLDIR}/lib" LDFLAGS="-L$(STAGEDIR)${INSTALLDIR}/lib" $(STAGEDIR)${WPYTHON_DIR}/bin/python3 -m pip install wazuh-cache/*.whl --root=$(STAGEDIR) --prefix=${WPYTHON_DIR} --no-deps --no-compile +endif + +install_framework: + LD_LIBRARY_PATH="$(STAGEDIR)${INSTALLDIR}/lib" LDFLAGS="-L$(STAGEDIR)${INSTALLDIR}/lib" $(STAGEDIR)${WPYTHON_DIR}/bin/python3 -m pip install wazuh-python/wazuh*.whl --root=$(STAGEDIR) --prefix=${WPYTHON_DIR} --no-deps --no-compile + chmod -R o=- $(STAGEDIR)${WPYTHON_DIR} + +install_api: + LD_LIBRARY_PATH="$(STAGEDIR)${INSTALLDIR}/lib" LDFLAGS="-L$(STAGEDIR)${INSTALLDIR}/lib" $(STAGEDIR)${WPYTHON_DIR}/bin/python3 -m pip install wazuh-python/api*.whl --root=$(STAGEDIR) --prefix=${WPYTHON_DIR} --no-deps --no-compile + +install_mitre: + export CRYPTOGRAPHY_OPENSSL_NO_LEGACY=1 && cd ../tools/mitre && $(STAGEDIR)${WPYTHON_DIR}/bin/python3 mitredb.py -d $(STAGEDIR)${INSTALLDIR}/var/db/mitre.db +else install_dependencies: install_python ifneq (,$(wildcard ${EXTERNAL_CPYTHON})) ${WPYTHON_DIR}/bin/python3 -m pip install --upgrade pip --index-url=file://${ROUTE_PATH}/${EXTERNAL_CPYTHON}/Dependencies/simple @@ -2532,6 +2565,7 @@ install_mitre: install_python cd ../tools/mitre && ${WPYTHON_DIR}/bin/python3 mitredb.py -d ${INSTALLDIR}/var/db/mitre.db +endif #################### #### test ##########