security/suricata: Update to 7.0.0

* The (broken) Prelude support was removed upstream.
* Netmap API support requires version 14 now. Otherwise it has to be
  disabled to build.
* Caveats may still apply as no stable release was published yet.

  OPNsense users are reporting instability issues with Netmap compared to
  version 6.0.13, but as these things move quite slowly and demand is high
  the update shall go in since it is an official release.

ChangeLog:	https://suricata.io/2023/07/18/suricata-7-0-0-released/
PR:		267688

4 files changed, 10 insertions, 45 deletions

diff --git a/security/suricata/Makefile b/security/suricata/Makefile
index 660fc29b8328..92e6efcdd785 100644
--- a/security/suricata/Makefile
+++ b/security/suricata/Makefile
@@ -1,6 +1,5 @@
 PORTNAME=	suricata
-DISTVERSION=	6.0.13
-PORTREVISION=	3
+DISTVERSION=	7.0.0
 CATEGORIES=	security
 MASTER_SITES=	https://www.openinfosecfoundation.org/download/
 
@@ -15,7 +14,7 @@ BUILD_DEPENDS=	rustc:lang/${RUST_DEFAULT}
 LIB_DEPENDS=	libjansson.so:devel/jansson \
 		liblz4.so:archivers/liblz4 \
 		libnet.so:net/libnet \
-		libpcre.so:devel/pcre \
+		libpcre2-8.so:devel/pcre2 \
 		libyaml.so:textproc/libyaml
 
 USES=		autoreconf cpe gmake iconv:translit libtool localbase pathfix \
@@ -40,8 +39,7 @@ CONFLICTS_INSTALL=	libhtp
 
 SUB_FILES=	pkg-message
 
-OPTIONS_DEFINE=		GEOIP IPFW NETMAP NSS PORTS_PCAP PRELUDE PYTHON REDIS \
-			TESTS
+OPTIONS_DEFINE=		GEOIP IPFW NETMAP NSS PORTS_PCAP PYTHON REDIS TESTS
 OPTIONS_DEFINE_amd64=	HYPERSCAN
 OPTIONS_DEFAULT=	IPFW NETMAP PYTHON
 
@@ -50,8 +48,6 @@ OPTIONS_RADIO_SCRIPTS=	LUA LUAJIT
 
 OPTIONS_SUB=	yes
 
-PRELUDE_BROKEN=	Compilation broken, see https://redmine.openinfosecfoundation.org/issues/4065
-
 GEOIP_DESC=		GeoIP support
 HYPERSCAN_DESC=		Hyperscan support
 IPFW_DESC=		IPFW and IP Divert support for inline IDP
@@ -60,7 +56,6 @@ LUA_DESC=		LUA scripting support
 NETMAP_DESC=		Netmap support for inline IDP
 NSS_DESC=		File checksums and SSL/TLS fingerprinting
 PORTS_PCAP_DESC=	Use libpcap from ports
-PRELUDE_DESC=		Prelude support for NIDS alerts
 PYTHON_DESC=		Python-based update and control utilities
 REDIS_DESC=		Redis output support
 SCRIPTS_DESC=		Scripting
@@ -79,7 +74,7 @@ LUAJIT_CONFIGURE_ON=	--enable-luajit
 LUA_USES=		lua:51
 LUA_CONFIGURE_ON=	--enable-lua
 
-NETMAP_CONFIGURE_ENABLE=	netmap # netmap-v14
+NETMAP_CONFIGURE_ENABLE=	netmap
 
 NSS_LIB_DEPENDS=	libnspr4.so:devel/nspr \
 			libnss3.so:security/nss
@@ -88,14 +83,6 @@ NSS_CONFIGURE_OFF=	--disable-nspr \
 
 PORTS_PCAP_LIB_DEPENDS=	libpcap.so.1:net/libpcap
 
-PRELUDE_LIB_DEPENDS=		libgcrypt.so:security/libgcrypt \
-				libgnutls.so:security/gnutls \
-				libgpg-error.so:security/libgpg-error \
-				libltdl.so:devel/libltdl \
-				libprelude.so:security/libprelude
-PRELUDE_CONFIGURE_ON=		--with-libprelude-prefix=${LOCALBASE}
-PRELUDE_CONFIGURE_ENABLE=	prelude
-
 PYTHON_BUILD_DEPENDS=		${PYTHON_RUN_DEPENDS}
 PYTHON_RUN_DEPENDS=		${PYTHON_PKGNAMEPREFIX}yaml>0:devel/py-yaml@${PY_FLAVOR}
 PYTHON_USES=			python
diff --git a/security/suricata/distinfo b/security/suricata/distinfo
index e5e8e5bc46e5..5f09fca589d9 100644
--- a/security/suricata/distinfo
+++ b/security/suricata/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1686896524
-SHA256 (suricata-6.0.13.tar.gz) = e09f2f800d0e0cd2f97f21c505950ccc3dbb9ce5cfe808df9567b6d849a31055
-SIZE (suricata-6.0.13.tar.gz) = 27411308
+TIMESTAMP = 1689683356
+SHA256 (suricata-7.0.0.tar.gz) = 7bcd1313118366451465dc3f8385a3f6aadd084ffe44dd257dda8105863bb769
+SIZE (suricata-7.0.0.tar.gz) = 23426302
diff --git a/security/suricata/files/patch-configure.ac b/security/suricata/files/patch-configure.ac
deleted file mode 100644
index b1eece593d90..000000000000
--- a/security/suricata/files/patch-configure.ac
+++ /dev/null
@@ -1,24 +0,0 @@
---- configure.ac.orig	2021-03-01 16:13:22 UTC
-+++ configure.ac
-@@ -706,8 +706,6 @@
-                 # unittests when jit is enabled.
-                 pcre_jit_available="no, pcre 8.39/8.40 jit disabled for powerpc64"
-             fi
--            # hack: use libatomic
--            LIBS="${LIBS} -latomic"
-         ;;
-         *)
-             # bug 1693, libpcre 8.35 is broken and debian jessie is still using that
-@@ -1186,8 +1184,10 @@
-             AS_HELP_STRING([--enable-prelude], [Enable Prelude support for alerts]),[enable_prelude=$enableval],[enable_prelude=no])
-     # Prelude doesn't work with -Werror
-     STORECFLAGS="${CFLAGS}"
--    CFLAGS="${CFLAGS} -Wno-error=unused-result"
--
-+    AX_CHECK_COMPILE_FLAG([-Wno-error=unused-result], 
-+        [CFLAGS="${CFLAGS} -Wno-error=unused-result"],
-+        [])
-+       
-     AS_IF([test "x$enable_prelude" = "xyes"], [
-         AM_PATH_LIBPRELUDE(0.9.9, , AC_MSG_ERROR(Cannot find libprelude: Is libprelude-config in the path?), no)
-         if test "x${LIBPRELUDE_CFLAGS}" != "x"; then
diff --git a/security/suricata/pkg-plist b/security/suricata/pkg-plist
index 4a9c881fcc8f..2edbf8f69623 100644
--- a/security/suricata/pkg-plist
+++ b/security/suricata/pkg-plist
@@ -20,7 +20,6 @@ include/htp/htp_utf8_decoder.h
 include/htp/htp_version.h
 include/htp/lzma/7zTypes.h
 include/htp/lzma/LzmaDec.h
-include/suricata-plugin.h
 lib/libhtp.a
 lib/libhtp.so
 lib/libhtp.so.2
@@ -141,6 +140,7 @@ man/man1/suricata.1.gz
 %%DATADIR%%/rules/dnp3-events.rules
 %%DATADIR%%/rules/dns-events.rules
 %%DATADIR%%/rules/files.rules
+%%DATADIR%%/rules/ftp-events.rules
 %%DATADIR%%/rules/http-events.rules
 %%DATADIR%%/rules/http2-events.rules
 %%DATADIR%%/rules/ipsec-events.rules
@@ -149,6 +149,8 @@ man/man1/suricata.1.gz
 %%DATADIR%%/rules/mqtt-events.rules
 %%DATADIR%%/rules/nfs-events.rules
 %%DATADIR%%/rules/ntp-events.rules
+%%DATADIR%%/rules/quic-events.rules
+%%DATADIR%%/rules/rfb-events.rules
 %%DATADIR%%/rules/smb-events.rules
 %%DATADIR%%/rules/smtp-events.rules
 %%DATADIR%%/rules/ssh-events.rules