Update to 4.1.3 shown as latest version available by portroach. Builds for me on amd64,
java has been disabled. Configuration would have tried looking for various java versions. The java bindings might be added as a subpackage in the future. libewf/afflib are not available on OpenBSD, in case added at some future time the configure argument disable these. Builds on other than amd64? Comments Ok?
Index: Makefile =================================================================== RCS file: /home/cvs/ports/sysutils/sleuthkit/Makefile,v retrieving revision 1.15 diff -u -p -r1.15 Makefile --- Makefile 11 Mar 2013 11:41:32 -0000 1.15 +++ Makefile 7 Oct 2014 22:48:31 -0000 @@ -2,11 +2,10 @@ COMMENT= forensic toolkit based on TCT -DISTNAME= sleuthkit-3.0.1 -REVISION = 0 +DISTNAME= sleuthkit-4.1.3 CATEGORIES= sysutils security -SHARED_LIBS= tsk3 4.3 +SHARED_LIBS= tsk 11.1 HOMEPAGE= http://www.sleuthkit.org/ @@ -18,9 +17,13 @@ PERMIT_PACKAGE_FTP= Yes MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=sleuthkit/} -WANTLIB= c m stdc++ +WANTLIB= c m stdc++ pthread z CONFIGURE_STYLE= simple +CONFIGURE_ARGS = --mandir=${PREFIX}/man \ + --disable-java \ + --without-afflib \ + --without-libewf USE_GROFF = Yes RUN_DEPENDS= converters/p5-DateManip Index: distinfo =================================================================== RCS file: /home/cvs/ports/sysutils/sleuthkit/distinfo,v retrieving revision 1.9 diff -u -p -r1.9 distinfo --- distinfo 17 May 2009 19:54:40 -0000 1.9 +++ distinfo 7 Oct 2014 22:23:01 -0000 @@ -1,5 +1,2 @@ -MD5 (sleuthkit-3.0.1.tar.gz) = VZVt07v6bJ4uvMaFwqlWnQ== -RMD160 (sleuthkit-3.0.1.tar.gz) = lmYT74elUjE0stZILug0//uYse4= -SHA1 (sleuthkit-3.0.1.tar.gz) = pXjQLAJsy0OJ/UY0Rdnn0ymu6vk= -SHA256 (sleuthkit-3.0.1.tar.gz) = cPrFTDn4YxpuztxEs5OV3bPRf5I21x1QvL+r9ei2Dd0= -SIZE (sleuthkit-3.0.1.tar.gz) = 814032 +SHA256 (sleuthkit-4.1.3.tar.gz) = Z/nSoxqIhNWGmNYSL8Ghv6m/I4WCveK0kijsm4mfAyc= +SIZE (sleuthkit-4.1.3.tar.gz) = 7952733 Index: patches/patch-man_hfind_1 =================================================================== RCS file: /home/cvs/ports/sysutils/sleuthkit/patches/patch-man_hfind_1,v retrieving revision 1.2 diff -u -p -r1.2 patch-man_hfind_1 --- patches/patch-man_hfind_1 5 Jan 2009 22:15:56 -0000 1.2 +++ patches/patch-man_hfind_1 1 Oct 2013 21:51:32 -0000 @@ -1,6 +1,6 @@ $OpenBSD: patch-man_hfind_1,v 1.2 2009/01/05 22:15:56 rui Exp $ ---- man/hfind.1.orig Mon Sep 29 00:02:46 2008 -+++ man/hfind.1 Sun Dec 28 14:02:02 2008 +--- man/hfind.1.orig Wed Sep 25 10:26:29 2013 ++++ man/hfind.1 Mon Sep 30 17:18:36 2013 @@ -13,7 +13,7 @@ hfind \- Lookup a hash value in a hash database looks up hash values in a database using a binary search algorithm. This allows one to easily create a hash database and identify if a file @@ -9,7 +9,7 @@ $OpenBSD: patch-man_hfind_1,v 1.2 2009/0 +Library (NSRL) and the output of 'md5'. Before the database can be used by 'hfind', an index file must be created - with the '-i' option. + with the '\-i' option. @@ -28,7 +28,7 @@ search algorithm instead of a linear search such as 'g .IP "-i db_type" Create an index file for the database. This step must be done before @@ -28,7 +28,7 @@ $OpenBSD: patch-man_hfind_1,v 1.2 2009/0 databases. 'hfind' can take data in both common formats: MD5 (test.txt) = 76b1f4de1522c20b67acc132937cf82e -@@ -100,11 +100,11 @@ You can even do both SHA-1 and MD5 if you want: +@@ -101,11 +101,11 @@ You can even do both SHA-1 and MD5 if you want: 80001A80B3F1B80076B297CEE8805AAA04E1B5BA thrdcore.cpp @@ -36,28 +36,28 @@ $OpenBSD: patch-man_hfind_1,v 1.2 2009/0 +To make a database of critical binaries of a trusted system, use 'md5': - # md5sum /bin/* /sbin/* /usr/bin/* /usr/bin/* /usr/local/bin/* /usr/local/sbin/* > system.md5 -+ # md5 -s /bin/* /sbin/* /usr/bin/* /usr/bin/* /usr/local/bin/* /usr/local/sbin/* > system.md5 ++ # md5 /bin/* /sbin/* /usr/bin/* /usr/bin/* /usr/local/bin/* /usr/local/sbin/* > system.md5 -- # hfind -i md5sum system.md5 -+ # hfind -i md5 -s system.md5 +- # hfind \-i md5sum system.md5 ++ # hfind \-i md5 system.md5 To look entries up, the following will work: -@@ -114,7 +114,7 @@ To look entries up, the following will work: +@@ -115,7 +115,7 @@ To look entries up, the following will work: or -- # md5sum -q /bin/* | hfind system.md5 -+ # md5 -s /bin/* | hfind system.md5 +- # md5sum \-q /bin/* | hfind system.md5 ++ # md5 \-s /bin/* | hfind system.md5 928682269cd3edb1acdf9a7f7e606ff2 /bin/bash -@@ -122,7 +122,7 @@ or +@@ -123,7 +123,7 @@ or or -- # md5sum -q /bin/* > bin.md5 -+ # md5 -s /bin/* > bin.md5 +- # md5sum \-q /bin/* > bin.md5 ++ # md5 \-s /bin/* > bin.md5 - # hfind -f bin.md5 system.md5 + # hfind \-f bin.md5 system.md5 Index: patches/patch-man_sorter_1 =================================================================== RCS file: /home/cvs/ports/sysutils/sleuthkit/patches/patch-man_sorter_1,v retrieving revision 1.2 diff -u -p -r1.2 patch-man_sorter_1 --- patches/patch-man_sorter_1 5 Jan 2009 22:15:56 -0000 1.2 +++ patches/patch-man_sorter_1 1 Oct 2013 21:51:32 -0000 @@ -1,13 +1,13 @@ $OpenBSD: patch-man_sorter_1,v 1.2 2009/01/05 22:15:56 rui Exp $ ---- man/sorter.1.orig Mon Sep 29 00:02:46 2008 -+++ man/sorter.1 Sun Dec 28 14:02:02 2008 -@@ -76,7 +76,7 @@ have priority over the standard files. +--- man/sorter.1.orig Wed Sep 25 10:26:29 2013 ++++ man/sorter.1 Mon Sep 30 17:23:58 2013 +@@ -78,7 +78,7 @@ have priority over the standard files. .IP "-C config" Specify the location of the ONLY configuration file. The standard config files will not be loaded if this option is given. For example, in the -\'share/sort\' directory there is a file called 'images.sort'. This file +\'%%PREFIX%%/share/tsk/sorter/\' directory there is a file called 'images.sort'. This file - contains only rules about graphic images. If it is specified with -C, then + contains only rules about graphic images. If it is specified with \-C, then only images will be saved about the image. .IP "-m mnt" @@ -201,7 +201,7 @@ file systems will produce data from this step). @@ -23,8 +23,8 @@ $OpenBSD: patch-man_sorter_1,v 1.2 2009/ To just identify images using the supplied 'images.sort' file: -- # sorter -f ntfs -C /usr/local/sleuthkit/share/sort/images.sort \ -+ # sorter -f ntfs -C %%PREFIX%%/share/tsk/sort/images.sort \ - -d data/sorter -h -s images/hda1.dd +- # sorter \-f ntfs \-C /usr/local/sleuthkit/share/sort/images.sort \ ++ # sorter \-f ntfs \-C %%PREFIX%%/share/tsk/sort/images.sort \ + \-d data/sorter \-h \-s images/hda1.dd .SH REQUIREMENTS Index: pkg/PLIST =================================================================== RCS file: /home/cvs/ports/sysutils/sleuthkit/pkg/PLIST,v retrieving revision 1.7 diff -u -p -r1.7 PLIST --- pkg/PLIST 5 Jan 2009 22:15:56 -0000 1.7 +++ pkg/PLIST 7 Oct 2014 23:14:28 -0000 @@ -6,7 +6,9 @@ @bin bin/blkstat @comment bin/disk_sreset @comment bin/disk_stat +@bin bin/fcat @bin bin/ffind +@bin bin/fiwalk @bin bin/fls @bin bin/fsstat @bin bin/hfind @@ -18,6 +20,7 @@ @bin bin/istat @bin bin/jcat @bin bin/jls +@bin bin/jpeg_extract bin/mactime @bin bin/mmcat @bin bin/mmls @@ -25,40 +28,45 @@ bin/mactime @bin bin/sigfind bin/sorter @bin bin/srch_strings -include/tsk3/ -include/tsk3/base/ -include/tsk3/base/tsk_base.h -include/tsk3/base/tsk_os.h -include/tsk3/fs/ -include/tsk3/fs/tsk_ext2fs.h -include/tsk3/fs/tsk_fatfs.h -include/tsk3/fs/tsk_ffs.h -include/tsk3/fs/tsk_fs.h -include/tsk3/fs/tsk_hfs.h -include/tsk3/fs/tsk_iso9660.h -include/tsk3/fs/tsk_ntfs.h -include/tsk3/hashdb/ -include/tsk3/hashdb/tsk_hashdb.h -include/tsk3/img/ -include/tsk3/img/tsk_img.h -include/tsk3/libtsk.h -include/tsk3/tsk_incs.h -include/tsk3/vs/ -include/tsk3/vs/tsk_bsd.h -include/tsk3/vs/tsk_dos.h -include/tsk3/vs/tsk_gpt.h -include/tsk3/vs/tsk_mac.h -include/tsk3/vs/tsk_sun.h -include/tsk3/vs/tsk_vs.h -lib/libtsk3.a -lib/libtsk3.la -@lib lib/libtsk3.so.${LIBtsk3_VERSION} +@bin bin/tsk_comparedir +@bin bin/tsk_gettimes +@bin bin/tsk_loaddb +@bin bin/tsk_recover +include/tsk/ +include/tsk/auto/ +include/tsk/auto/tsk_auto.h +include/tsk/base/ +include/tsk/base/tsk_base.h +include/tsk/base/tsk_os.h +include/tsk/fs/ +include/tsk/fs/tsk_ext2fs.h +include/tsk/fs/tsk_fatfs.h +include/tsk/fs/tsk_ffs.h +include/tsk/fs/tsk_fs.h +include/tsk/fs/tsk_hfs.h +include/tsk/fs/tsk_iso9660.h +include/tsk/fs/tsk_ntfs.h +include/tsk/fs/tsk_yaffs.h +include/tsk/hashdb/ +include/tsk/hashdb/tsk_hashdb.h +include/tsk/img/ +include/tsk/img/tsk_img.h +include/tsk/libtsk.h +include/tsk/tsk_incs.h +include/tsk/vs/ +include/tsk/vs/tsk_bsd.h +include/tsk/vs/tsk_dos.h +include/tsk/vs/tsk_gpt.h +include/tsk/vs/tsk_mac.h +include/tsk/vs/tsk_sun.h +include/tsk/vs/tsk_vs.h +lib/libtsk.a +lib/libtsk.la +@lib lib/libtsk.so.${LIBtsk_VERSION} @man man/man1/blkcalc.1 @man man/man1/blkcat.1 @man man/man1/blkls.1 @man man/man1/blkstat.1 -@man man/man1/disk_sreset.1 -@man man/man1/disk_stat.1 @man man/man1/ffind.1 @man man/man1/fls.1 @man man/man1/fsstat.1 @@ -77,12 +85,16 @@ lib/libtsk3.la @man man/man1/mmstat.1 @man man/man1/sigfind.1 @man man/man1/sorter.1 -share/tsk3/ -share/tsk3/sorter/ -share/tsk3/sorter/default.sort -share/tsk3/sorter/freebsd.sort -share/tsk3/sorter/images.sort -share/tsk3/sorter/linux.sort -share/tsk3/sorter/openbsd.sort -share/tsk3/sorter/solaris.sort -share/tsk3/sorter/windows.sort +@man man/man1/tsk_comparedir.1 +@man man/man1/tsk_gettimes.1 +@man man/man1/tsk_loaddb.1 +@man man/man1/tsk_recover.1 +share/tsk/ +share/tsk/sorter/ +share/tsk/sorter/default.sort +share/tsk/sorter/freebsd.sort +share/tsk/sorter/images.sort +share/tsk/sorter/linux.sort +share/tsk/sorter/openbsd.sort +share/tsk/sorter/solaris.sort +share/tsk/sorter/windows.sort
