system/sleuthkit: Fix external type errors with EWF

Signed-off-by: Robby Workman <rworkman@slackbuilds.org>

system/sleuthkit/README

@@ -9,3 +9,7 @@ the command line tools can be directly used to find evidence.
 
 Sleuthkit can optionally use libewf (for Expert Witness files) 
 and afflib (for Advanced Forensic Format files).
+
+Note: If you are building TSK for use with Plaso or the DFVFS, it is
+strongly recommended that you build libewf support into TSK by 
+installing libewf first.

system/sleuthkit/sleuthkit.SlackBuild

@@ -22,11 +22,12 @@
 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-# Updated v4.1.3 Feb 2014 Barry J. Grundy <bgrundy(at)linuxleo.com>
+# Updated v4.1.3 (external type patch) December 2014 
+# Barry J. Grundy <bgrundy(at)linuxleo.com>
 
 PRGNAM=sleuthkit
 VERSION=${VERSION:-4.1.3}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 TAG=${TAG:-_SBo}
 
 if [ -z "$ARCH" ]; then
@@ -71,6 +72,9 @@ find -L . \
  \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
  -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \;
 
+# Fix external type errors with EWF, external and unsupported types:
+patch -p0 < $CWD/tsk4.1.3_external_type.patch
+
 CFLAGS="$SLKCFLAGS" \
 CXXFLAGS="$SLKCFLAGS" \
 ./configure \

system/sleuthkit/tsk4.1.3_external_type.patch

@@ -0,0 +1,11 @@
+--- tsk/img/tsk_img.h.orig	2014-02-02 09:56:12.947709027 +0100
++++ tsk/img/tsk_img.h	2014-02-02 09:55:34.569701897 +0100
+@@ -66,6 +66,8 @@
+ 
+         TSK_IMG_TYPE_EWF_EWF = 0x0040,  ///< EWF version
+ 
++        TSK_IMG_TYPE_EXTERNAL = 0x1000,  ///< external defined format which at least implements TSK_IMG_INFO, used by pytsk
++
+         TSK_IMG_TYPE_UNSUPP = 0xffff,   ///< Unsupported disk image type
+     } TSK_IMG_TYPE_ENUM;
+