- Add fallback url to download the openssl tar.gz from the "old" archives
- Add URL_HASH to the openssl external project,
to avoid to redownload the archive if it has been alredy downloaded
and the integrity is verified
- Update curl_certificate table to use the newer openssl API,
so that it builds.
Remove a level of indirection when configuring and building formulas.
This should simplify working with them and also remove some issues
encountered when trying to build on Windows.
- Update libarchive to build from source on Windows and macOS
- Update yara to build from source on macOS
- Update librdkafka to build from source on macOS
- Build librdkafka with SSL and SASL_SCRAM support on Linux
- Update librpm to 4.15.1 to support the newer openssl
- Update libxml2 to build from source on Windows and macOS
- Update lzma to build from source on Windows and macOS
- Use ICU library not only for boost but libxml2 too
- Implement a workaround to have Buck builds still compile
with the old openssl version
Implements the Community ID hash that will allow correlating network connections detected by osquery with other tools that support the standard (Zeek, Suricata, etc.).
* Add sccache to the Windows job
Also fix debug symbols on googletest,
so that it doesn't try to create a separate pdb.
* Fix uploading the submodule cache
sccache needs its cache to be uploaded as normal files,
not with a tar, otherwise the cache when extracted
will contain extraneous files and folders (PaxHeader).
The Files mode though by default ignores the .git folder,
so we have to use the .artifactignore file to unignore it,
and we have to copy in the cached path for the cache task to see it.
When using Boost.Process on Windows with Boost.Asio for async_pipe,
the build fails because Asio requires BOOST_ASIO_WINDOWS define
to enable access to async_pipe.
This only partially solves the issue since it's necessary that
Asio users will also include the "sdkddkver.h" header
before the "boost/asio.hpp" header to properly define
_WIN32_WINNT_WIN7, used by osquery.
The move assignment operator of boost::basic_ipstream is bugged.
It has been fixed on upstream in commit
ca994c1972
which is not on any stable build, so we will patch boost with that commit.
CMake 3.16 doesn't set Python3_EXECUTABLE as cache variable anymore,
it has changed to _Python3_EXECUTABLE which is for internal use.
The module returns Python3_EXECUTABLE as a local variable,
so we share that value through a new custom cache variable,
OSQUERY_PYTHON_EXECUTABLE.
Both libraries use the xxhash library,
compiling its source files directly.
The version they use though it's different so to avoid the linker
resolve the collision by removing one of the two implementations,
we prefix the functions with the respective library name.
Moreover we make the xxhash API private, by declaring the static
so that any unused function is not included anymore in the binary
and only the used one are present.
test_base.py received several fixes and now supports and requires
a custom folder where to find the config files that the tests need.
It has been also updated to use Python 3.
Fixed the gen_api function in genapi.py missing the path to the spec
file when evaluating blacklisted tables.
Co-Authored-By: SS <sahil.suneja@trailofbits.com>
This is needed by some third party libraries and
when using Ninja on Windows.
CMake complains that it cannot find the internal variable
for CMAKE_ASM_MASM_COMPILE_OBJECT if it's not active for the whole
project.
CMake doesn't support reading and therefore copying Windows symlinks.
A recent update to Thrift creates a symlink in its tutorial folder,
which makes the copy after patch process fail.
As a workaround we avoid copying the tutorial folder,
since we don't care about it anyway.
While in the end the osqueryd binary will require almost all libraries
built and linked, having each intermediate library depend on the whole
set of AWS libraries might result in higher compiling time.
Especially since on some platforms not all libraries are used.
This should speed up the compilation speed on Windows.
CMake utility functions(generateOsqueryExtensionGroup,addOsqueryExtensioni{Ex},
addOsqueryModule) to add extensions.
Updates the boost library submodules needed for extensions build.
Use cache variable(OSQUERY_EXTENSION_GROUP_NAME) for the grouping of extensions
and fix the linkage with osquery interface library.
Instead of moving a patched submodule from source to build directory,
we copy it and then hard reset the submodule to its original HEAD.
Minor message change when a library fails to be imported.
During the first configuration, the git command is searched
when submodules are initialized and it's then saved into a cache variable.
If though we delete the build folder and run configure again,
the submodules won't be initialized again, so the git command
won't be cached and visible to CMake.
Therefore we need to search for it each time.
Cleanup dead/deprecated code.
Keep patched source in the build directory instead of the source.
A new variable with the format OSQUERY_<submodule name>_ROOT_DIR
is set to the directory of where the submodule is, in case it's patched.
A new option PATCH has been added to importSourceModule
to let the patching system know that the submodule has to be patched
and which is the main submodule folder.
Mitigates recent CVEs in SQLite. It was already this version on Linux.
Establish a pattern for migrating source dependency builds to macOS and Windows.
