Merge pull request #180653 from tobim/pkgs/zeek-5.0.0

zeek: 4.2.2 -> 5.1.2

9 files changed, 340 insertions, 8 deletions

diff --git a/pkgs/applications/networking/ids/zeek/avoid-broken-tests.patch b/pkgs/applications/networking/ids/zeek/avoid-broken-tests.patch
new file mode 100644
index 0000000000000..4784e6790fc3f
--- /dev/null
+++ b/pkgs/applications/networking/ids/zeek/avoid-broken-tests.patch
@@ -0,0 +1,16 @@
+diff --git a/auxil/spicy/spicy/hilti/toolchain/CMakeLists.txt b/auxil/spicy/spicy/hilti/toolchain/CMakeLists.txt
+index bafbabf1..0579f20a 100644
+--- a/auxil/spicy/spicy/hilti/toolchain/CMakeLists.txt
++++ b/auxil/spicy/spicy/hilti/toolchain/CMakeLists.txt
+@@ -188,11 +188,3 @@ install_headers(include hilti)
+ install_headers(${PROJECT_BINARY_DIR}/include/hilti hilti)
+ install(CODE "file(REMOVE \"\$ENV\{DESTDIR\}${CMAKE_INSTALL_FULL_INCLUDEDIR}/hilti/hilti\")"
+ )# Get rid of symlink.
+-
+-##### Tests
+-
+-add_executable(hilti-toolchain-tests tests/main.cc tests/id-base.cc tests/visitor.cc tests/util.cc)
+-hilti_link_executable_in_tree(hilti-toolchain-tests PRIVATE)
+-target_link_libraries(hilti-toolchain-tests PRIVATE doctest)
+-target_compile_options(hilti-toolchain-tests PRIVATE "-Wall")
+-add_test(NAME hilti-toolchain-tests COMMAND ${PROJECT_BINARY_DIR}/bin/hilti-toolchain-tests)
diff --git a/pkgs/applications/networking/ids/zeek/broker/0001-Fix-include-path-in-exported-CMake-targets.patch b/pkgs/applications/networking/ids/zeek/broker/0001-Fix-include-path-in-exported-CMake-targets.patch
new file mode 100644
index 0000000000000..07b95960ef857
--- /dev/null
+++ b/pkgs/applications/networking/ids/zeek/broker/0001-Fix-include-path-in-exported-CMake-targets.patch
@@ -0,0 +1,75 @@
+From 889ee4dd9e778511e2fb850e6467f55a331cded9 Mon Sep 17 00:00:00 2001
+From: Tobias Mayer <tobim@fastmail.fm>
+Date: Sun, 13 Nov 2022 19:06:00 +0100
+Subject: [PATCH] Fix include path in exported CMake targets
+
+---
+ CMakeLists.txt | 23 ++++++++++++++---------
+ 1 file changed, 14 insertions(+), 9 deletions(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index e22b77aa..77a15314 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -209,7 +209,6 @@ if (CAF_ROOT)
+   else()
+     find_package(CAF REQUIRED COMPONENTS openssl test io core net)
+   endif()
+-  list(APPEND LINK_LIBS CAF::core CAF::io CAF::net)
+   set(BROKER_USE_EXTERNAL_CAF ON)
+ else ()
+   message(STATUS "Using bundled CAF")
+@@ -243,22 +242,18 @@ endif ()
+ 
+ # Make sure there are no old header versions on disk.
+ install(
+-  CODE "MESSAGE(STATUS \"Removing: ${CMAKE_INSTALL_PREFIX}/include/broker\")"
+-  CODE "file(REMOVE_RECURSE \"${CMAKE_INSTALL_PREFIX}/include/broker\")")
++  CODE "MESSAGE(STATUS \"Removing: ${CMAKE_FULL_INSTALL_INCLUDEDIR}/broker\")"
++  CODE "file(REMOVE_RECURSE \"${CMAKE_FULL_INSTALL_INCLUDEDIR}/broker\")")
+ 
+ # Install all headers except the files from broker/internal.
+ install(DIRECTORY include/broker
+-        DESTINATION include
++        DESTINATION "${CMAKE_INSTALL_INCLUDEDIR}"
+         FILES_MATCHING PATTERN "*.hh"
+                        PATTERN "include/broker/internal" EXCLUDE)
+ 
+-include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR}/include)
+-
+-include_directories(${CMAKE_CURRENT_BINARY_DIR}/include)
+-
+ configure_file(${CMAKE_CURRENT_SOURCE_DIR}/src/config.hh.in
+                ${CMAKE_CURRENT_BINARY_DIR}/include/broker/config.hh)
+-install(FILES ${CMAKE_CURRENT_BINARY_DIR}/include/broker/config.hh DESTINATION include/broker)
++install(FILES ${CMAKE_CURRENT_BINARY_DIR}/include/broker/config.hh DESTINATION "${CMAKE_INSTALL_INCLUDEDIR}/broker")
+ 
+ if (NOT BROKER_EXTERNAL_SQLITE_TARGET)
+   include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR}/3rdparty)
+@@ -360,6 +355,11 @@ if (ENABLE_SHARED)
+                         OUTPUT_NAME broker)
+   target_link_libraries(broker PUBLIC ${LINK_LIBS})
+   target_link_libraries(broker PRIVATE CAF::core CAF::io CAF::net)
++  target_include_directories(
++    broker PUBLIC
++      $<BUILD_INTERFACE:${CMAKE_CURRENT_BINARY_DIR}/include>
++      $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include>
++      $<INSTALL_INTERFACE:${CMAKE_INSTALL_INCLUDEDIR}>)
+   install(TARGETS broker
+           EXPORT BrokerTargets
+           DESTINATION ${CMAKE_INSTALL_LIBDIR})
+@@ -373,6 +373,11 @@ if (ENABLE_STATIC)
+   endif()
+   target_link_libraries(broker_static PUBLIC ${LINK_LIBS})
+   target_link_libraries(broker_static PRIVATE CAF::core CAF::io CAF::net)
++  target_include_directories(
++    broker_static PUBLIC
++      $<BUILD_INTERFACE:${CMAKE_CURRENT_BINARY_DIR}/include>
++      $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include>
++      $<INSTALL_INTERFACE:${CMAKE_INSTALL_INCLUDEDIR}>)
+   install(TARGETS broker_static
+           EXPORT BrokerTargets
+           DESTINATION ${CMAKE_INSTALL_LIBDIR})
+-- 
+2.38.1
+
diff --git a/pkgs/applications/networking/ids/zeek/broker/default.nix b/pkgs/applications/networking/ids/zeek/broker/default.nix
new file mode 100644
index 0000000000000..cb10e43933aa7
--- /dev/null
+++ b/pkgs/applications/networking/ids/zeek/broker/default.nix
@@ -0,0 +1,88 @@
+{ stdenv
+, lib
+, callPackage
+, fetchFromGitHub
+, cmake
+, pkg-config
+, python3
+, caf
+, openssl
+}:
+let
+  inherit (stdenv.hostPlatform) isStatic;
+
+  src-cmake = fetchFromGitHub {
+    owner = "zeek";
+    repo = "cmake";
+    rev = "0b7a543554622600bc0a42b57a22f291a4fbd86c";
+    hash = "sha256-kaBOBTpfR3XyuF4PW5NQKca/UhXXxJJcXVsErFU1VYY=";
+  };
+  src-3rdparty = fetchFromGitHub {
+    owner = "zeek";
+    repo = "zeek-3rdparty";
+    rev = "eb87829547270eab13c223e6de58b25bc9a0282e";
+    hash = "sha256-AVaKcRjF5ZiSR8aPSLBzSTeWVwGWW/aSyQJcN0Yhza0=";
+  };
+  caf' = caf.overrideAttrs (old: {
+    version = "unstable-2022-11-17-zeek";
+    src = fetchFromGitHub {
+      owner = "zeek";
+      repo = "actor-framework";
+      rev = "dbb68b4573736d7aeb69268cc73aa766c998b3dd";
+      hash = "sha256-RV2mKF3B47h/hDgK/D1UJN/ll2G5rcPkHaLVY1/C/Pg=";
+    };
+    checkPhase = ''
+      runHook preCheck
+      libcaf_core/caf-core-test
+      libcaf_io/caf-io-test
+      libcaf_openssl/caf-openssl-test
+      libcaf_net/caf-net-test --not-suites='net.*'
+      runHook postCheck
+    '';
+  });
+in
+stdenv.mkDerivation rec {
+  pname = "zeek-broker";
+  version = "2.4.2";
+  outputs = [ "out" "py" ];
+
+  strictDeps = true;
+
+  src = fetchFromGitHub {
+    owner = "zeek";
+    repo = "broker";
+    rev = "v${version}";
+    hash = "sha256-y07fJEVPDGPv5VThE45SwM342VS6LnEtMvazZHadM/k=";
+  };
+  postUnpack = ''
+    rmdir $sourceRoot/cmake $sourceRoot/3rdparty
+    ln -s ${src-cmake} ''${sourceRoot}/cmake
+    ln -s ${src-3rdparty} ''${sourceRoot}/3rdparty
+
+    # Refuses to build the bindings unless this file is present, but never
+    # actually uses it.
+    touch $sourceRoot/bindings/python/3rdparty/pybind11/CMakeLists.txt
+  '';
+
+  patches = [
+    ./0001-Fix-include-path-in-exported-CMake-targets.patch
+  ];
+
+  nativeBuildInputs = [ cmake ];
+  buildInputs = [ openssl python3.pkgs.pybind11 ];
+  propagatedBuildInputs = [ caf' ];
+
+  cmakeFlags = [
+    "-DCAF_ROOT=${caf'}"
+    "-DENABLE_STATIC_ONLY:BOOL=${if isStatic then "ON" else "OFF"}"
+    "-DPY_MOD_INSTALL_DIR=${placeholder "py"}/${python3.sitePackages}/"
+  ];
+
+  meta = with lib; {
+    description = "Zeek's Messaging Library";
+    homepage = "https://github.com/zeek/broker";
+    license = licenses.bsd3;
+    platforms = platforms.unix;
+    maintainers = with maintainers; [ tobim ];
+  };
+}
diff --git a/pkgs/applications/networking/ids/zeek/debug-runtime-undef-fortify-source.patch b/pkgs/applications/networking/ids/zeek/debug-runtime-undef-fortify-source.patch
new file mode 100644
index 0000000000000..18aef601325dc
--- /dev/null
+++ b/pkgs/applications/networking/ids/zeek/debug-runtime-undef-fortify-source.patch
@@ -0,0 +1,26 @@
+diff --git a/auxil/spicy/spicy/hilti/runtime/CMakeLists.txt b/auxil/spicy/spicy/hilti/runtime/CMakeLists.txt
+index f154901c..76563717 100644
+--- a/auxil/spicy/spicy/hilti/runtime/CMakeLists.txt
++++ b/auxil/spicy/spicy/hilti/runtime/CMakeLists.txt
+@@ -69,7 +69,7 @@ target_compile_definitions(hilti-rt-objects PRIVATE "HILTI_RT_BUILD_TYPE_RELEASE
+ # Build hilti-rt-debug with debug flags.
+ string(REPLACE " " ";" cxx_flags_debug ${CMAKE_CXX_FLAGS_DEBUG})
+ target_compile_options(hilti-rt-debug-objects PRIVATE ${cxx_flags_debug})
+-target_compile_options(hilti-rt-debug-objects PRIVATE "-UNDEBUG;-O0;-Wall")
++target_compile_options(hilti-rt-debug-objects PRIVATE "-UNDEBUG;-O0;-Wall;-U_FORTIFY_SOURCE")
+ target_compile_definitions(hilti-rt-debug-objects PRIVATE "HILTI_RT_BUILD_TYPE_DEBUG")
+ 
+ add_library(hilti-rt-tests-library-dummy1 SHARED src/tests/library-dummy.cc)
+diff --git a/auxil/spicy/spicy/spicy/runtime/CMakeLists.txt b/auxil/spicy/spicy/spicy/runtime/CMakeLists.txt
+index 20e7d291..9712341f 100644
+--- a/auxil/spicy/spicy/spicy/runtime/CMakeLists.txt
++++ b/auxil/spicy/spicy/spicy/runtime/CMakeLists.txt
+@@ -48,7 +48,7 @@ target_link_libraries(spicy-rt-objects PUBLIC hilti-rt-objects)
+ # Build spicy-rt-debug with debug flags.
+ string(REPLACE " " ";" cxx_flags_debug ${CMAKE_CXX_FLAGS_DEBUG})
+ target_compile_options(spicy-rt-debug-objects PRIVATE ${cxx_flags_debug})
+-target_compile_options(spicy-rt-debug-objects PRIVATE "-UNDEBUG;-O0;-Wall")
++target_compile_options(spicy-rt-debug-objects PRIVATE "-UNDEBUG;-O0;-Wall;-U_FORTIFY_SOURCE")
+ target_compile_definitions(spicy-rt-debug-objects PRIVATE "HILTI_RT_BUILD_TYPE_DEBUG")
+ target_link_libraries(spicy-rt-debug-objects PUBLIC hilti-rt-debug-objects)
+ 
diff --git a/pkgs/applications/networking/ids/zeek/default.nix b/pkgs/applications/networking/ids/zeek/default.nix
index ddeb03698e953..0bacf8ce03c4c 100644
--- a/pkgs/applications/networking/ids/zeek/default.nix
+++ b/pkgs/applications/networking/ids/zeek/default.nix
@@ -1,10 +1,13 @@
 { lib
 , stdenv
+, callPackage
 , fetchurl
 , cmake
 , flex
 , bison
+, spicy-parser-generator
 , openssl
+, libkqueue
 , libpcap
 , zlib
 , file
@@ -16,46 +19,69 @@
 , gettext
 , coreutils
 , ncurses
-, caf
 }:
 
+let
+  broker = callPackage ./broker { };
+in
 stdenv.mkDerivation rec {
   pname = "zeek";
-  version = "4.2.2";
+  version = "5.1.2";
 
   src = fetchurl {
     url = "https://download.zeek.org/zeek-${version}.tar.gz";
-    sha256 = "sha256-9Q3X24uAmnSnLUAklK+gC0Mu8eh81ZE2h/7uIVc8cAw=";
+    sha256 = "sha256-1DvXUcTbLBm9UjJXuk8DjGEj+lED+s9D+SNnSqA3bwU=";
   };
 
+  strictDeps = true;
+
+  patches = [
+    ./avoid-broken-tests.patch
+    ./debug-runtime-undef-fortify-source.patch
+    ./fix-installation.patch
+  ];
+
   nativeBuildInputs = [
     bison
     cmake
     file
     flex
+    python3
   ];
 
   buildInputs = [
+    broker
+    spicy-parser-generator
     curl
     gperftools
+    libkqueue
     libmaxminddb
     libpcap
     ncurses
     openssl
-    python3
     swig
     zlib
   ] ++ lib.optionals stdenv.isDarwin [
     gettext
   ];
 
-  outputs = [ "out" "lib" "py" ];
+  postPatch = ''
+    patchShebangs ./auxil/spicy/spicy/scripts
+
+    substituteInPlace auxil/spicy/CMakeLists.txt --replace "hilti-toolchain-tests" ""
+    substituteInPlace auxil/spicy/spicy/hilti/CMakeLists.txt --replace "hilti-toolchain-tests" ""
+  '';
 
   cmakeFlags = [
-    "-DCAF_ROOT=${caf}"
-    "-DZEEK_PYTHON_DIR=${placeholder "py"}/lib/${python3.libPrefix}/site-packages"
+    "-DBroker_ROOT=${broker}"
+    "-DSPICY_ROOT_DIR=${spicy-parser-generator}"
+    "-DLIBKQUEUE_ROOT_DIR=${libkqueue}"
     "-DENABLE_PERFTOOLS=true"
     "-DINSTALL_AUX_TOOLS=true"
+    "-DZEEK_ETC_INSTALL_DIR=/etc/zeek"
+    "-DZEEK_LOG_DIR=/var/log/zeek"
+    "-DZEEK_STATE_DIR=/var/lib/zeek"
+    "-DZEEK_SPOOL_DIR=/var/spool/zeek"
   ];
 
   postInstall = ''
@@ -70,6 +96,10 @@ stdenv.mkDerivation rec {
     done
   '';
 
+  passthru = {
+    inherit broker;
+  };
+
   meta = with lib; {
     description = "Network analysis framework much different from a typical IDS";
     homepage = "https://www.zeek.org";
diff --git a/pkgs/applications/networking/ids/zeek/fix-installation.patch b/pkgs/applications/networking/ids/zeek/fix-installation.patch
new file mode 100644
index 0000000000000..6360a11730517
--- /dev/null
+++ b/pkgs/applications/networking/ids/zeek/fix-installation.patch
@@ -0,0 +1,28 @@
+From f8c42a712db42cfd00fca75be2ce63c3aad2aad1 Mon Sep 17 00:00:00 2001
+From: Tobias Mayer <tobim@fastmail.fm>
+Date: Sun, 13 Nov 2022 21:48:36 +0100
+Subject: [PATCH] Fix installation
+
+---
+ CMakeLists.txt | 5 -----
+ 1 file changed, 5 deletions(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index 846b65efd..d8b0be169 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -81,11 +81,6 @@ if ( NOT ZEEK_LOG_DIR )
+     set(ZEEK_LOG_DIR ${ZEEK_ROOT_DIR}/logs)
+ endif ()
+ 
+-install(DIRECTORY DESTINATION ${ZEEK_ETC_INSTALL_DIR})
+-install(DIRECTORY DESTINATION ${ZEEK_STATE_DIR})
+-install(DIRECTORY DESTINATION ${ZEEK_SPOOL_DIR})
+-install(DIRECTORY DESTINATION ${ZEEK_LOG_DIR})
+-
+ configure_file(zeek-path-dev.in ${CMAKE_CURRENT_BINARY_DIR}/zeek-path-dev)
+ execute_process(COMMAND "${CMAKE_COMMAND}" -E create_symlink
+                 "${CMAKE_CURRENT_BINARY_DIR}/zeek-wrapper.in"
+-- 
+2.37.3
+
diff --git a/pkgs/development/tools/parsing/spicy/default.nix b/pkgs/development/tools/parsing/spicy/default.nix
new file mode 100644
index 0000000000000..f379a1ed05175
--- /dev/null
+++ b/pkgs/development/tools/parsing/spicy/default.nix
@@ -0,0 +1,67 @@
+{ lib
+, stdenv
+, fetchFromGitHub
+, cmake
+, makeWrapper
+, python3
+, bison
+, flex
+, zlib
+}:
+
+stdenv.mkDerivation rec {
+  pname = "spicy";
+  version = "1.5.3";
+
+  strictDeps = true;
+
+  src = fetchFromGitHub {
+    owner = "zeek";
+    repo = "spicy";
+    rev = "v${version}";
+    hash = "sha256-eCF914QEBBqg3LfM3N22c7W0TMOhuHqLxncpAG+8FjU=";
+    fetchSubmodules = true;
+  };
+
+  nativeBuildInputs = [
+    cmake
+    makeWrapper
+    python3
+  ];
+
+  buildInputs = [
+    bison
+    flex
+    zlib
+  ];
+
+  postPatch = ''
+    patchShebangs scripts tests/scripts
+  '';
+
+  cmakeFlags = [
+    "-DHILTI_DEV_PRECOMPILE_HEADERS=OFF"
+  ];
+
+  preFixup = ''
+    for b in $out/bin/*
+      do wrapProgram "$b" --prefix PATH : "${lib.makeBinPath [ bison flex ]}"
+    done
+  '';
+
+  meta = with lib; {
+    homepage = "https://github.com/zeek/spicy";
+    description = "A C++ parser generator for dissecting protocols & files";
+    longDescription = ''
+      Spicy is a parser generator that makes it easy to create robust C++
+      parsers for network protocols, file formats, and more. Spicy is a bit
+      like a "yacc for protocols", but it's much more than that: It's an
+      all-in-one system enabling developers to write attributed grammars that
+      describe both syntax and semantics of an input format using a single,
+      unified language. Think of Spicy as a domain-specific scripting language
+      for all your parsing needs.
+    '';
+    license = licenses.bsd3;
+    maintainers = with maintainers; [ tobim ];
+  };
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 9ad4750ce3992..1c3879d83676f 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -18515,6 +18515,8 @@ with pkgs;
 
   speedtest-cli = with python3Packages; toPythonApplication speedtest-cli;
 
+  spicy-parser-generator = callPackage ../development/tools/parsing/spicy { };
+
   spin = callPackage ../development/tools/analysis/spin { };
 
   spirv-headers = callPackage ../development/libraries/spirv-headers { };
diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix
index 012367aba7082..6413eba3ba01e 100644
--- a/pkgs/top-level/python-packages.nix
+++ b/pkgs/top-level/python-packages.nix
@@ -12588,7 +12588,7 @@ self: super: with self; {
 
   zdaemon = callPackage ../development/python-modules/zdaemon { };
 
-  zeek = (toPythonModule (pkgs.zeek.override {
+  zeek = (toPythonModule (pkgs.zeek.broker.override {
     python3 = python;
   })).py;