OpenBSD bro-1.1

Zeek
1

Hi all,

I previously run bro 0.9 on OpenBSD, everything is compiled correctly, however when I compile 1.1, I get this error

source=‘smb_pac.cc’ object=‘smb_pac.o’ libtool=no depfile=’.deps/smb_pac.Po’ tm pdepfile=’.deps/smb_pac.TPo’ depmode=gcc3 /bin/sh …/depcomp g++ -DHAVE_CONFIG _H -I. -I. -I… -I. -I…/src/binpac -I…/src -I. -I… -Ilibedit -I/usr/includ e -O -W -Wall -Wno-unused -I/usr/include -g -O2 -I/usr/include -c -o smb_pac.o test -f smb_pac.cc || echo './'smb_pac.cc
source=‘main.cc’ object=‘main.o’ libtool=no depfile=’.deps/main.Po’ tmpdepfile= ‘.deps/main.TPo’ depmode=gcc3 /bin/sh …/depcomp g++ -DHAVE_CONFIG_H -I. -I. - I… -I. -I…/src/binpac -I…/src -I. -I… -Ilibedit -I/usr/include -O -W -Wal l -Wno-unused -I/usr/include -g -O2 -I/usr/include -c -o main.o test -f main.c c || echo './'main.cc
In file included from Sessions.h:28,
from RuleMatcher.h:12,
from main.cc:59:
ARP.h:28:26: net/ethernet.h: No such file or directory
*** Error code 1

Stop in /nsm/addon-software/bro-1.1/src.
*** Error code 1

Stop in /nsm/addon-software/bro-1.1/src (line 1112 of Makefile).
*** Error code 1

Stop in /nsm/addon-software/bro-1.1/src (line 867 of Makefile).
*** Error code 1

Stop in /nsm/addon-software/bro-1.1 (line 214 of Makefile).
*** Error code 1

Stop in /nsm/addon-software/bro-1.1 (line 129 of Makefile).

I don’t know how to solve this error, anyone who run bro on OpenBSD might help?

Thanks.

2

Hi Lee,

I can confirm this. Arrrrrrrgh OpenBSD. The ARP issue is just a matter
of figuring out the right headers, but there are more issues later in
the build. We'll let get back to you.

Cheers,
Christian.

3

After patching the src/ files with the attached diff's bro-1.1 compiles
fine on OpenBSD-sparc64 but as soon as I'm starting bro with
# bin/bro -i ... mt
the following error occures:
"""
policy/hot.bro, line 78: error: unknown identifier is_local_addr, at or near "is_local_addr"
"""
-> site.bro is @load'ed.

-Stephan

P.S.:
More or less the sames patches are needed for my Solaris 8 but after the
compilation bro core dump during startup.

ARP.h.diff (272 Bytes)

DNS_Mgr.cc.diff (526 Bytes)

TCP_Rewriter.cc.diff (438 Bytes)

4

Hello all,

Christian, Open isn't so bad.... :-))

5

Hello all,

Christian, Open isn't so bad.... :-))

I'm not going to comment on the quality of the OS, but it sure as hell
is regularly causing me build headaches!

===

Beside of this, while playing with the new release i too run into the problem
Lee is talking about.

To solve the problem with ARP.h, we just need to include/use :
#include <net/ethertypes.h>,

Ah, but that is available neither on Linux, nor on FreeBSD, nor MacOS. I
got it to work using this instead:

--- ARP.h 20 Dec 2005 00:48:12 -0000 1.3
+++ ARP.h 22 May 2006 15:11:16 -0000
@@ -24,8 +24,10 @@

#include <sys/types.h>
#include <sys/socket.h>
+#include <netinet/in.h>
+#include <net/if.h>
#include <net/if_arp.h>
-#include <net/ethernet.h>
+#include <netinet/if_ether.h>

I was hoping that'd be portable enough so we can do without an ifdef,
but haven't tried the other platforms yet.

i guess using an #ifdef (HAVE_OPENBSD) should
be a solution.

Yeah, if we have to.

So the question is : is this definition directly available upon running
./configure ?

Sure, look at configure.in, most of that stuff is checked for already.
It's just a matter of translating it down into the code with the least
amount of clutter.

Another thing i'm working into is the non blocking DNS. I discovered using

So non-blocking DNS in Bro is actually currently broken on OpenBSD?

the following OpenBSD's package (considering the 3.9 release) :

libbind-9.2.3p1 BIND 8 compatible stub resolver library

should give us the various ns_... definition. I'm now fighting with
"m4" in order to implement something as

--with-bind-lib=
--with-bind-includes=

into configure.am, should this sound right ?

Yeah, though I don't think you need to fight at the m4 level but rather
at the level of what autoconf already gives you (like AC_LINK_IFELSE).

Thanks for your efforts!

Cheers,
Christian.

6

Hello,

> Christian, Open isn't so bad.... :-))

I'm not going to comment on the quality of the OS, but it sure as hell
is regularly causing me build headaches!

  You're right, i've the same problem from time to time... :slight_smile:

> Beside of this, while playing with the new release i too run into the problem
> Lee is talking about.
>
> To solve the problem with ARP.h, we just need to include/use :
> #include <net/ethertypes.h>,

Ah, but that is available neither on Linux, nor on FreeBSD, nor MacOS. I
got it to work using this instead:

--- ARP.h 20 Dec 2005 00:48:12 -0000 1.3
+++ ARP.h 22 May 2006 15:11:16 -0000
@@ -24,8 +24,10 @@

#include <sys/types.h>
#include <sys/socket.h>
+#include <netinet/in.h>
+#include <net/if.h>
#include <net/if_arp.h>
-#include <net/ethernet.h>
+#include <netinet/if_ether.h>

I was hoping that'd be portable enough so we can do without an ifdef,
but haven't tried the other platforms yet.

  That's right, i'll use it.

> So the question is : is this definition directly available upon running
> ./configure ?

Sure, look at configure.in, most of that stuff is checked for already.
It's just a matter of translating it down into the code with the least
amount of clutter.

  Ok.

> Another thing i'm working into is the non blocking DNS. I discovered using

So non-blocking DNS in Bro is actually currently broken on OpenBSD?

  I may be wrong but i don't think it ever worked ?
  Without the package i'm talking about, we don't have the correct definitions.

> the following OpenBSD's package (considering the 3.9 release) :
>
> libbind-9.2.3p1 BIND 8 compatible stub resolver library
>
> should give us the various ns_... definition. I'm now fighting with
> "m4" in order to implement something as
>
> --with-bind-lib=
> --with-bind-includes=
>
> into configure.am, should this sound right ?

Yeah, though I don't think you need to fight at the m4 level but rather
at the level of what autoconf already gives you (like AC_LINK_IFELSE).

  Ok, i'll check here.
  

Thanks for your efforts!

  Just normal considering the whole effort of all.
  
  Best regards.

7

Hi,

I have applied the diff and seems stuck somewhere though, may I know what kind of flags been used for configure and do you guy use gmake instead of make.

Here’s the stuck -

net_util.o(.text+0x2ee): In function dotted_net(unsigned)': /nsm/addon-software/bro-1.1/src/net_util.cc:225: warning: sprintf() is often mis used, please use snprintf() main.o(.text+0xb7a): In function main’:
/nsm/addon-software/bro-1.1/src/main.cc:482: warning: strcat() is almost always misused, please use strlcat()
DNS_Mgr.o(.text+0x2e9c): In function DNS_Mgr::GetFds(int*, int*, int*)': /nsm/addon-software/bro-1.1/src/DNS_Mgr.cc:933: undefined reference to nb_dns_f d’
DNS_Mgr.o(.text+0x2efe): In function DNS_Mgr::AnswerAvailable(int)': /nsm/addon-software/bro-1.1/src/DNS_Mgr.cc:1007: undefined reference to nb_dns_ fd’
collect2: ld returned 1 exit status
gmake[4]: *** [bro] Error 1
gmake[4]: Leaving directory /nsm/addon-software/bro-1.1/src' gmake[3]: *** [all-recursive] Error 1 gmake[3]: Leaving directory /nsm/addon-software/bro-1.1/src’
gmake[2]: *** [all] Error 2
gmake[2]: Leaving directory /nsm/addon-software/bro-1.1/src' gmake[1]: *** [all-recursive] Error 1 gmake[1]: Leaving directory /nsm/addon-software/bro-1.1’
gmake: *** [all] Error 2

Thanks for putting effort to solve the issue.

8

Hi -- you've just bumped into exactly the issue Jean-Phillipe points
out. I wasn't aware of the non-blocking DNS issues on OpenBSD.

Regarding gmake: you should never need that for the normal build. The
only situation in which you might currently need gmake is when you run
make distcheck, and then only with older automake/autoconf setups.

Cheers,
Christian.

9

Hello Lee,

It's just normal <g> as OpenBSD doesn't support (yet) non blocking DNS.

I'm working on the topic in order to solve this problem.

Best regards.

10

Hello,

The previous version (1.0) worked perfectly without non blocking DNS
and now we've two options :

- Make change into the various ".c" with the help of "#ifdef HAVE_NB_DNS"
as Stephan did (see a previous mail) in order to exclude the offending
functions to ever been used with OpenBSD.

- Install/Use the non blocking DNS library (with the package i talked about)
and make change into ./configure in order to specify the place where
the various definitions needed are.

Note that i prefer the second one even if it requires more job.

Best regards.

11

Hi,

Hello,

The previous version (1.0) worked perfectly without non blocking DNS
and now we've two options :

- Make change into the various ".c" with the help of "#ifdef HAVE_NB_DNS"
as Stephan did (see a previous mail) in order to exclude the offending
functions to ever been used with OpenBSD.

HAVE_NB_DNS is exactly what we're still doing in 1.1, but the fact that
the build bombs on OpenBSD means that our configure check is somehow
broken since it thinks that non-blocking DNS lookups (nbDNS) support is
available while actually it isn't. Things should certainly still build
even if support for nbDNS is not available.

- Install/Use the non blocking DNS library (with the package i talked about)
and make change into ./configure in order to specify the place where
the various definitions needed are.

Note that i prefer the second one even if it requires more job.

Note that these options are not mutually exclusive. Configuration and
build should complete if nbDNS is not available, while allowing you to
specify any additional libraries/headers for getting this functionality
via configure flags.

We currently do some hard-coded guesswork to figure out the nbDNS
setting in configure, and it appears that we need more flexibility
there.

Cheers,
Christian.

12

Hello,

Hi,

> - Make change into the various ".c" with the help of "#ifdef HAVE_NB_DNS"
> as Stephan did (see a previous mail) in order to exclude the offending
> functions to ever been used with OpenBSD.

HAVE_NB_DNS is exactly what we're still doing in 1.1, but the fact that
the build bombs on OpenBSD means that our configure check is somehow
broken since it thinks that non-blocking DNS lookups (nbDNS) support is
available while actually it isn't. Things should certainly still build
even if support for nbDNS is not available.

  I think you point out the problem with the "configure". :slight_smile:

> - Install/Use the non blocking DNS library (with the package i talked about)
> and make change into ./configure in order to specify the place where
> the various definitions needed are.
>
> Note that i prefer the second one even if it requires more job.

Note that these options are not mutually exclusive. Configuration and
build should complete if nbDNS is not available, while allowing you to
specify any additional libraries/headers for getting this functionality
via configure flags.

  Yes, i just thought about this solution upon my last post <g>.
  With this, we still could use OpenBSD with/without non blocking DNS.
  

We currently do some hard-coded guesswork to figure out the nbDNS
setting in configure, and it appears that we need more flexibility
there.

  Sounds like good.
  I'm now trying to figure out how using correctly the non blocking
  DNS library given by the OpenBSD bind's package.
  
  Best regards.

13

Hello,

Hello,

...

  Sounds like good.
  I'm now trying to figure out how using correctly the non blocking
  DNS library given by the OpenBSD bind's package.
  
  Best regards.
  
One way to build bro with non-blocking DNS lib without changing configure is to install libbind (from /usr/ports/net/libbind) set CFLAGS and LDFLAGS:
- export CFLAGS=\-I/usr/local/bind/include \- export LDFLAGS=-L/usr/local/lib
Then you can use the normal ./configure (with non-blocking DNS).

But you get the following warning (looks like that some funktions are double-defined):

14

Hello,

15

Hello,