Error 500 when fetching https://www.snort.org/

[GoogleCodeExporter]

What steps will reproduce the problem?
What steps will reproduce the problem?
1. CentOS 5.5 64b
2. daq-0.5
3. libdnet-1.12
4. libpcap-1.1.1
5. PCRE 8.12
6. Perl 5.12.3
7. Snort 2.9.0.4
8. PulledPork-0.5.0
Added VRT License 

What is the expected output? What do you see instead?
Expecting Fly Piggy Fly
Got 

Checking latest MD5 for snortrules-snapshot-2904.tar.gz....
        Error 500 when fetching https://www.snort.org/reg-rules/snortrules-snapshot-2904.tar.gz.md5 at /usr/local/pulledpork-0.5.0/pulledpork.pl line 390
        main::md5file('0c9f1579a092e99ece5c4d875246f019e6b3b3c2', 'snortrules-snapshot-2904.tar.gz', '/tmp/', 'https://www.snort.org/reg-rules/') called at /usr/local/pulledpork-0.5.0/pulledpork.pl line 1386

What version of the product are you using? On what operating system?

Please provide any additional information below.

Original issue reported on code.google.com by jdpa...@gmail.com on 16 Mar 2011 at 4:07

[GoogleCodeExporter]

Can you provide (via email) your oinkcode so that I can test?

Original comment by Cummin...@gmail.com on 16 Mar 2011 at 2:29

[GoogleCodeExporter]

Issue 70 has been merged into this issue.

Original comment by Cummin...@gmail.com on 16 Mar 2011 at 2:30

[GoogleCodeExporter]

I am getting the same error:
Checking latest MD5 for snortrules-snapshot-2904.tar.gz....
        Error 500 when fetching https://www.snort.org/sub-rules/snortrules-snapshot-2904.tar.gz.md5 at /usr/local/pulledpork-0.5.0/pulledpork.pl line 390
        main::md5file('my oinkcode here', 'snortrules-snapshot-2904.tar.gz', '/tmp/', 'https://www.snort.org/sub-rules/') called at /usr/local/pulledpork-0.5.0/pulledpork.pl line 1386

I am running version 0.5.0

Original comment by powertoa...@gmail.com on 18 Mar 2011 at 9:15

[GoogleCodeExporter]

I did some further checking and I can enter the url manually into a browser and 
the download works perfectly.

Original comment by powertoa...@gmail.com on 18 Mar 2011 at 9:41

[GoogleCodeExporter]

Oh, And I am on Fedora Core 14.
Same Perl, Snort, and pulled pork as above.

Original comment by powertoa...@gmail.com on 18 Mar 2011 at 9:43

[GoogleCodeExporter]

please send your pulledpork config (including startup flags and oinkcode to me) 
jj<dot>cummings<at>snort<dot>org

Original comment by Cummin...@gmail.com on 18 Mar 2011 at 9:59

[GoogleCodeExporter]

The problem turned out to be an issue with https on line 372 you have 
https://www.snort.org/reg-rules/ hard coded, 

It could not verify the certificate and so would fail.

I changed every hard coded reference to http from https, although I think the 
right thing to do here would be to actually use the URL provided in the config 
instead of hard coding it.

This fixed the problem for me.

Original comment by powertoa...@gmail.com on 18 Mar 2011 at 10:09

[GoogleCodeExporter]

In that case it is likely that you have outdated root certs and need to update 
them

Original comment by Cummin...@gmail.com on 18 Mar 2011 at 10:26

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

Marking this as invalid as it was a certificate issue.

Original comment by Cummin...@gmail.com on 22 Mar 2011 at 9:33

• Changed state: Invalid

[GoogleCodeExporter]

I have seen a lot of these messages, the problem here is not the OS root 
certificates it is the certificates for perl.

Most people that are struggling with this have valid certs in the OS so they 
are able to use wget or their without a problem.

Try

cpan Mozilla::CA IO::Socket::SSL

Will fix it most times. The Mozilla::CA installs/updates the perl root 
certificates and IO::Socket::SSL enables ssl verification by hostname in 
Crypt::SSLeay.

Original comment by powertoa...@gmail.com on 19 May 2011 at 9:32

[GoogleCodeExporter]

dear ACE. 

I'm trying to use pulledpork to update my Snort rules, and I'm having 
a the problem specified in the subject line.  I'm wondering if I don't 
have Perl "installed." 

I'm a total Linux beginner, so it's likely that I'm missing something 
stupid here.  Any suggestions would be greatly appreciated. 

Specs: 

CentOS 5-8 (EasyIDS basically) 
Snort 2.9.2.2 

The exact error: 

/usr/local/pulledpork-0.6.1/pulledpork.pl -c /etc/snort/pulledpork.conf

    http://code.google.com/p/pulledpork/
      _____ ____
     `----,\    )
      `--==\\  /    PulledPork v0.6.1 the Smoking Pig <////~
       `--==\\/
     .-~~~~-.Y|\\_  Copyright (C) 2009-2011 JJ Cummings
  @_/        /  66\_  cummingsj@gmail.com
    |    \   \   _(")
     \   /-| ||'--'  Rules give me wings!
      \_\  \_\\

Checking latest MD5 for snortrules-snapshot-2922.tar.gz.... Error 500 when fetching https://www.snort.org/reg-rules/snortrules-snapshot-2922.tar.gz.md5 at /usr/local/pulledpork-0.6.1/pulledpork.pl line 453 main::md5file('', 'snortrules-snapshot-2922.tar.gz', '/tmp/', 'https://www.snort.org/reg-rules/') called at /usr/local/pulledpork-0.6.1/pulledpork.pl line 1758

someone help me

thanks

Original comment by `daodaivu...@gmail.com` on 7 Jun 2012 at 7:48

[GoogleCodeExporter]

I don't think this is invalid.  It looks like the reg-rules directory is no 
longer valid on www.snort.org

Original comment by John.Con...@gmail.com on 20 Jun 2012 at 7:45

[GoogleCodeExporter]

nevermind and RTFM.... need an oinkcode

Original comment by John.Con...@gmail.com on 20 Jun 2012 at 7:53

[GoogleCodeExporter]

Issue 118 has been merged into this issue.

Original comment by Cummin...@gmail.com on 13 Sep 2012 at 2:08