[PATCH] download ET IDS rules via HTTPS

[PATCH] download ET IDS rules via HTTPS

[Peter Müller]

[-- Attachment #1: Type: text/plain, Size: 970 bytes --]

The Emerging Threats ruleset server supports HTTPS. It should
be used for downloading the ruleset in IPFire, too.

This also needs to be applied on the upcoming ids.cgi file for Suricata
which I will do in a second patch.

Signed-off-by: Peter Müller <peter.mueller(a)link38.eu>
---
 html/cgi-bin/ids.cgi | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index 9863251e2..d9d697deb 100644
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -265,7 +265,7 @@ if (!$errormessage) {
 	} elsif ($snortsettings{'RULES'} eq 'community') {
 		$url=" https://www.snort.org/rules/community";
 	} else {
-		$url="http://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz";
+		$url="https://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz";
 	}
 
 	if ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} eq "snort" ) {
-- 
2.16.4


[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [PATCH] download ET IDS rules via HTTPS

[Michael Tremer]

[-- Attachment #1: Type: text/plain, Size: 3415 bytes --]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi,

this is another patch that just doesn't to apply. I downloaded the
email in mbox format and got this:

[root(a)hughes ipfire-2.x]# git am -s /home/ms/Downloads/\[PATCH\]_download_ET_IDS_rules_via_HTTPS.mbox
Applying: download ET IDS rules via HTTPS
error: corrupt patch at line 14
Patch failed at 0001 download ET IDS rules via HTTPS
Use 'git am --show-current-patch' to see the failed patch
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".

Looking at "git am --show-current-patch":

diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index 9863251e2..d9d697deb 100644
- --- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -265,7 +265,7 @@ if (!$errormessage) {
        } elsif ($snortsettings{'RULES'} eq 'community') {
                $url=3D" https://www.snort.org/rules/community";
        } else {
- -               $url=3D"http://rules.emergingthreats.net/open/snort-2.9.0/emerging.rul=
es.tar.gz";
+               $url=3D"https://rules.emergingthreats.net/open/snort-2.9.0/emerging.ru=
les.tar.gz";
        }
=20
        if ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'AC=
TION2'} eq "snort" ) {
- --=20
2.16.4

There are fancy line-wraps in that patch.

Is that the PGP stuff that is adding them?

Best,
- -Michael

On Sun, 2018-08-12 at 11:50 +0200, Peter Müller wrote:
> The Emerging Threats ruleset server supports HTTPS. It should
> be used for downloading the ruleset in IPFire, too.
> 
> This also needs to be applied on the upcoming ids.cgi file for Suricata
> which I will do in a second patch.
> 
> Signed-off-by: Peter Müller <peter.mueller(a)link38.eu>
> ---
>  html/cgi-bin/ids.cgi | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
> index 9863251e2..d9d697deb 100644
> --- a/html/cgi-bin/ids.cgi
> +++ b/html/cgi-bin/ids.cgi
> @@ -265,7 +265,7 @@ if (!$errormessage) {
>  	} elsif ($snortsettings{'RULES'} eq 'community') {
>  		$url=" https://www.snort.org/rules/community";
>  	} else {
> -		$url="http://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz";
> +		$url="https://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz";
>  	}
>  
>  	if ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} eq "snort" ) {
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE5/rW5l3GGe2ypktxgHnw/2+QCQcFAltx5K0ACgkQgHnw/2+Q
CQcddg//XjElESBx3KE4XNC0nDzNB4OBmUN6jXTYvud9CWuT3eTYvwRz9RQLuTrK
+R22I0L7ZZ9gegKiN/QrhLPqxSY5aGFDJxBiI4JQtpb6J+81hTheF9GINGqucBCw
ZpYaXBfVlFjKq7ryCaakr6gprtxuoyiUPdSrZ/G9GooRf252+XBtThyJ1yNJEiQH
VDLNkHF8CAtrp5UNlARfk+iC/dBhz8Tj3LihGOm7E4aHviGkVwF2M/rgPIQjAYJS
eQQ/iorFz0IaQzKIbyxeboZcxeyeQdzHDEnujfrNflgKHDfqeXnnWO0a13D27df6
cFNywMV5qm+zAy7KmuYqKlWpCQDEazZLidJz0pptcxV9+O5oQAEIBolXqNllBWXk
kwq+t6KToGMQAcBKs85fHUNUsNqOknkWg3KaNlC+n5OtbT7u4anunfhflswZj01t
73XyjjJ+L2T8eTluBhb2v5ug8uhmJwTEXSXTXWVRE/VYj4OCLP6JZktEsDeWdo49
G3Rg4bjK0AYC2YsNN/g/hu6e8wzhcexu4mMdxM1pfpAx+BFHzKS9ActAzjI08ZPk
333rqaRRz6XxMTSc8IMLsFjkazvChlbRWuM1hnR9AzDSY2wMh3Sgqs4ZQuPCKI7A
rAceVPqrvP6aoF9RuMKTbYXlUoxpxkgvdIL/y8wFvxDHvWdrVqg=
=l9h+
-----END PGP SIGNATURE-----

Re: [PATCH] download ET IDS rules via HTTPS

[Peter Müller]

[-- Attachment #1: Type: text/plain, Size: 1287 bytes --]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hello Michael,

thanks for the hint.

These linewraps did not occur again after switching to inline
PGP signatures, so I suspect it was because of a bug in PGP/MIME
implementation of my MUA.

Sorry for the delay. All affected patches were re-sent.

Let me know if there is any trouble with them.

Thanks, and best regards,
Peter Müller
- -- 
"We don't care.  We don't have to.  We're the Phone Company."
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEvP4SiGhEYDJyrRLk2UjyD317n2gFAlt0P2UACgkQ2UjyD317
n2gm/xAAqFNT6RprcdyGVJHDtf2cgQNyf4SrLkgQxKmIXDG02G/8GHx35vwi2mHT
gAL884a8pjANVgD39zfyyhLRdAtp25hrtWTixz7LnisyMO66yTwtUNTDBGeA5BfK
qKxOrQbZoRkYwmoJI63KDmqR6RrmgWaVQE9v4jaV76IcQP93zE+ehk4CfW/JJrPJ
W4aBw45AL6hGIDuShp1FdKhvZ7VNqIbrxmMzd34p5eLil2ZlRcvp3Gsac98coXMY
UP85k+/uLcO5iSKkT8kHjdVD+dE/REjsXpcXvdV53Qy/a4DenAKRCEtdccU2HmhT
su8MwtxgrqOz8pVd0Cq4ZVEoR6RN55Y/6MWfdwSvoS4WcxzQJ7LE1ilK5zS7qYhW
m8TwyM0ItLW05WlI/CRfpqLJ1r5Wcz4KiXxn/o4lC+Yo5EC3Z1qqKJXSibFEd6os
xBOZ7YxZQe85xr4gRpdH5T71ugTDsgUJipeBMqH7jk6lpPTP4ZYl+qZbI+PND7SG
xEQOBV69FLIhw+nzgyH1ECAT/fsTPxBVWE9q5LFu6u29p102kO7rElvzfo0lfjXs
FK0dRlzzNWX3EzCOLE37bSo7nN7jVWXfTLnjIsP9nm86+b96YHpHJtGC8NdWw6hi
kb3HjLseuJEg3SUCp87s5+t4AEnUaTSe6W0BM/2ZmrwsB0sGsqI=
=VYpy
-----END PGP SIGNATURE-----

Re: [PATCH] download ET IDS rules via HTTPS

[Michael Tremer]

[-- Attachment #1: Type: text/plain, Size: 1351 bytes --]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On Wed, 2018-08-15 at 16:57 +0200, Peter Müller wrote:
> Hello Michael,
> 
> thanks for the hint.
> 
> These linewraps did not occur again after switching to inline
> PGP signatures, so I suspect it was because of a bug in PGP/MIME
> implementation of my MUA.
> 
> Sorry for the delay. All affected patches were re-sent.
> 
> Let me know if there is any trouble with them.

Yes there was. I responded on another email.

> 
> Thanks, and best regards,
> Peter Müller
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE5/rW5l3GGe2ypktxgHnw/2+QCQcFAlt1cLcACgkQgHnw/2+Q
CQed5A/+OvTFprYCo6bzB49ek/BzM4xHfIyfTnu62nNfQYrUux5VmExRPdxZQhnd
woyAjBzI3cVNhU7NDHl+QrUbLbP56J77ZDVQDEmvLRbPjCf8WzngSLdlXhSR2UFI
pP4PK52uAeTcGqHHHd6CPlt2rSm7wJnaR2peEBTiNdwVFyfIiRboQnnGXtpg2kFB
BfPASTeJ/x6vMJ1Yy3cURNeD1ozS0ryCm/KJYJAZUvbFOVwd1xfeWxxHeJ/bRptG
4vLIZTGFgwfx/XBE+INhMoYFodvnSHA+ns6Nvt37D48sA7tr1wmNUuQav0dTaBe4
gZNaVpELqOMW1/0XubJFFceAE9A4AZw/SHOGlq3pgQ3CieVG916mRXX+WttgKmRR
EcReEARWJrJBt7igWOkdiLCYnf82eg/pq/CutIKvijdguIucfYT48JFk/pe8O6FC
BH40Bb7pZR8X/wVoeTq5Zskb4zmQr9XgKYTkSSA/gMA/yBb/PSK372FPCFr7WMcj
PqoUkCi2ebljJ26L5WofxNzmwMceCnHaPDXStGWVLh5X0dL96OBH7FEm4WpgH7G8
zaPgfmQmqctF3HGiFC2S5eey8lr72jcvrIg2cd8v5n5pb2nr+v8955qTGG4fg/NS
q/5Up82Ri3MtFP7S0kYt3D2dHhR7cOwPn9KnEPA85242I3lwz1Y=
=cs5l
-----END PGP SIGNATURE-----