Backup_Repos/pentoo-overlay
1
0
Fork 0
mirror of https://github.com/pentoo/pentoo-overlay synced 2026-05-08 12:30:44 +02:00
Code Issues Projects Releases Wiki Activity

openvas: unfork

Browse source
This commit is contained in:
blshkv 2020-07-31 15:38:41 +08:00
parent 570edd3bdc
commit 0e07a68efe
No known key found for this signature in database
GPG key ID: 32BDCED870788F04
84 changed files with 0 additions and 2382 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
dev-python/python-gvm/Manifest
View file

@ -1,2 +0,0 @@
DIST python-gvm-1.1.0.tar.gz 101700 BLAKE2B 53c0e2f443c8315e32e21910bc7387e396ac6ec45d9b0c380ba0a33c0ce0b1e872df978e9969dd21a893770555d0ca37e6e91e5c77000e23f6646b074266f980 SHA512 595753a5ff31080767891e72d23211f78088011ffe3713b5ad17477207b665e64520035c01e4e536b8e26113f93c8cf7eea0cfab84b2823ce4f38890c5549019
DIST python-gvm-1.5.0.tar.gz 120806 BLAKE2B abf7735d79cea0119d86bf96af7bede61993bc685e35aabd58dd3314a2f2896463d7a5539045d56a6b456ba9de772c3cedf040a0ce6aed19244b188343067d99 SHA512 a3439260a7d49949635ae9f62fa5347041fe448a083c05eaf094e87341fdfbe4316112f4aede4905bc38e96ff62e56f4723b06733cfbbe27823dcb2fd4c60d8e

21
dev-python/python-gvm/files/1.5.0-notests.patch
View file

@ -1,21 +0,0 @@
--- a/setup.py.orig 2020-05-12 16:02:44.412092000 +0800
+++ b/setup.py 2020-05-14 18:54:56.272896810 +0800
@@ -6,17 +6,7 @@
'gvm.protocols',
'gvm.protocols.gmpv7',
'gvm.protocols.gmpv8',
- 'gvm.protocols.gmpv9',
- 'tests',
- 'tests.connections',
- 'tests.protocols',
- 'tests.protocols.gmp',
- 'tests.protocols.gmpv7',
- 'tests.protocols.gmpv8',
- 'tests.protocols.gmpv9',
- 'tests.protocols.osp',
- 'tests.transforms',
- 'tests.utils']
+ 'gvm.protocols.gmpv9']
package_data = \
{'': ['*']}

8
dev-python/python-gvm/metadata.xml
View file

@ -1,8 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="person">
<email>unknown@pentoo.ch</email>
<name>Author Unknown</name>
</maintainer>
</pkgmetadata>

22
dev-python/python-gvm/python-gvm-1.1.0.ebuild
View file

@ -1,22 +0,0 @@
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
PYTHON_COMPAT=( python3_{6,7,8} )
inherit distutils-r1
DESCRIPTION="Library to communicate with remote servers over GMP or OSP"
HOMEPAGE="https://github.com/greenbone/python-gvm"
SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz"
KEYWORDS="~amd64 ~arm64 ~mips ~x86"
LICENSE="GPL-3+"
SLOT=0
IUSE=""
RDEPEND="${PYTHON_DEPS}
dev-python/paramiko[${PYTHON_USEDEP}]
dev-python/lxml[${PYTHON_USEDEP}]
dev-python/defusedxml[${PYTHON_USEDEP}]"

30
dev-python/python-gvm/python-gvm-1.5.0.ebuild
View file

@ -1,30 +0,0 @@
# Copyright 1999-2020 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
PYTHON_COMPAT=( python3_{6,7,8} )
inherit distutils-r1
DESCRIPTION="Library to communicate with remote servers over GMP or OSP"
HOMEPAGE="https://github.com/greenbone/python-gvm"
SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz"
KEYWORDS="~amd64 ~arm64 ~mips ~x86"
LICENSE="GPL-3+"
SLOT=0
IUSE=""
RDEPEND="${PYTHON_DEPS}
>=dev-python/defusedxml-0.6.0[${PYTHON_USEDEP}]
>=dev-python/lxml-4.5.0[${PYTHON_USEDEP}]
>=dev-python/paramiko-2.7.1[${PYTHON_USEDEP}]
"
PATCHES=( "${FILESDIR}/${PV}-notests.patch" )
#src_prepare(){
# rm -r tests
# eapply_user
#}

4
net-analyzer/greenbone-security-assistant/Manifest
View file

@ -1,4 +0,0 @@
DIST greenbone-security-assistant-9.0.0.tar.gz 1807537 BLAKE2B 00690e4f6dd1078a79c9309e19c751a6f31b856a2de762e0f1d0e8ce8601c82351b059a8995a9051a6fc1061d3ae9bf27c49fcaef6e76d3837f308eef06bf79f SHA512 5f2b955408e0231b96f4b2415df0c76e9003079acd65b9e1c771082999540121ff92a8c17d9529362be8f7fc632d91bd3f48854a5a2d9632efe10fb354361d8e
DIST greenbone-security-assistant-9.0.1.tar.gz 1936391 BLAKE2B 22b9020a97e79b31555d66826740ca49d1eba5d55324f0e80349dc571a7b45bcf2c6403ac311e78f742c51900921f3e61ef0740f11fd794069242e2ab21b1c3e SHA512 688bde97722f31416406e43230253c05dc8d05eb9fea6d8fd084ec4e748b67bab238f78cc11534e4fc948d911e468d43b5be0b224f17959db5e59faae7f5d086
DIST gsa-9.0.0-node_modules.tar.gz 43618847 BLAKE2B 6fe4da525d8e870ad7982bdbd3c470a0b352f31fe8d150355e415bc0c3659adeec5be6a61b61ec91a4243f4911e5977e0fb347dd6d973e7adf910c46825fefd8 SHA512 f9254d897fc295a7fa277d1f8abc92e560b4d5a3c8cbb96ae50cedea7207e3d1744be59aa8a647568673f2e426a242d7679385cb02e7372b318bd0eb67d30f43
DIST gsa-node-modules-9.0.1.tar 44176347 BLAKE2B c8d1195ddc8167ff7a228a4e013c6139524e8527310c65529d37de8fe5e984379ba783e10544caf81ac801ceb1199ad7249c96a0e6032ade8a519068e6cefb42 SHA512 1718f97d330f7868afe34bf172699b8aa8ce795dc2e4a6f20b28135434623a68022c36310e381bd55bacbb621fd9bf5c8595c8030f5d3dc32bb427cc2febd028

107
net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-7.0.3-auth.patch
View file

@ -1,107 +0,0 @@
--- gsa-7.0.3/src/gsad_omp.c 2019-02-02 03:22:19.297954361 +0300
+++ gsa-7.0.3/src/gsad_omp.c 2019-02-02 03:27:57.690214371 +0300
@@ -1366,7 +1366,8 @@
|| (strstr (param_name, "_id")
== param_name + strlen (param_name) - strlen ("_id"))
|| (strcmp (param_name, "name") == 0
- && strcasecmp (prev_action, "Run Wizard") == 0)
+ && (strcasecmp (prev_action, "Run Wizard") == 0
+ || strcasecmp (next_cmd, "auth_settings") == 0))
|| (strcmp (param_name, "get_name") == 0
&& strcasecmp (next_cmd, "wizard_get") == 0))
{
@@ -25984,7 +25976,7 @@
html = response_from_entity (connection, credentials, params, entity,
(no_redirect && strcmp (no_redirect, "0")),
- NULL, NULL,
+ NULL, "auth_settings",
NULL, "modify_auth",
"Save Authentication Configuration",
response_data);
--- gsa-7.0.3/src/html/classic/js/greenbone.js 2018-03-28 16:23:57.000000000 +0300
+++ gsa-7.0.3/src/html/classic/js/greenbone.js 2019-02-02 03:40:37.162714538 +0300
@@ -1559,6 +1559,9 @@
if (reload === 'next') {
reload_next(response);
}
+ else if (reload === 'window') {
+ location.reload();
+ }
},
function(jqXHR) {
if (jqXHR.status == 0 && jqXHR.readyState == 0) {
--- gsa-7.0.3/src/html/classic/omp.xsl 2018-03-28 16:23:57.000000000 +0300
+++ gsa-7.0.3/src/html/classic/omp.xsl 2019-02-02 03:44:28.470599715 +0300
@@ -36775,7 +36822,8 @@
<!-- AUTHENTICATION DESCRIPTION -->
<xsl:template match="group" mode="ldapauth">
- <div class="section-box" id="ldap-box">
+ <div class="section-box ajax-post" id="ldap-box"
+ data-button="form #save_button" data-reload="window">
<form action="/omp" method="post" enctype="multipart/form-data">
<input type="hidden" name="token" value="{/envelope/token}"/>
<input type="hidden" name="cmd" value="save_auth"/>
@@ -36784,6 +36832,15 @@
<input type="hidden" name="filter" value="{gsa:envelope-filter ()}"/>
<!-- group name is e.g. of method:ldap -->
<input type="hidden" name="group" value="{@name}"/>
+ <!-- Auth type name for next page -->
+ <input type="hidden" name="name" value="ldap"/>
+
+ <div class="error-dialog">
+ <div class="text-center">
+ <xsl:value-of select="gsa:i18n ('LDAP authentication config could not be modified.')"/>
+ </div>
+ </div>
+
<table class="gbntable">
<tr class="gbntablehead2">
<td><xsl:value-of select="gsa:i18n ('Setting')"/></td>
@@ -36838,7 +36895,8 @@
</tr>
<tr>
<td colspan="2" style="text-align:right;">
- <input type="submit" name="submit" value="{gsa:i18n ('Save')}"/>
+ <input type="submit" name="submit" id="save_button"
+ value="{gsa:i18n ('Save')}"/>
</td>
</tr>
</table>
@@ -36847,7 +36905,8 @@
</xsl:template>
<xsl:template match="group" mode="radiusauth">
- <div class="section-box" id="radius-box">
+ <div class="section-box ajax-post" id="radius-box"
+ data-button="form #save_button" data-reload="window">
<form action="/omp" method="post" enctype="multipart/form-data">
<input type="hidden" name="token" value="{/envelope/token}"/>
<input type="hidden" name="cmd" value="save_auth"/>
@@ -36856,6 +36915,15 @@
<input type="hidden" name="filter" value="{gsa:envelope-filter ()}"/>
<!-- group name is e.g. of method:radius_connect -->
<input type="hidden" name="group" value="{@name}"/>
+ <!-- Auth type name for next page -->
+ <input type="hidden" name="name" value="radius"/>
+
+ <div class="error-dialog">
+ <div class="text-center">
+ <xsl:value-of select="gsa:i18n ('Radius authentication config could not be modified.')"/>
+ </div>
+ </div>
+
<table class="gbntable">
<tr class="gbntablehead2">
<td><xsl:value-of select="gsa:i18n ('Setting')"/></td>
@@ -36890,7 +36958,8 @@
</tr>
<tr>
<td colspan="2" style="text-align:right;">
- <input type="submit" name="submit" value="{gsa:i18n ('Save')}"/>
+ <input type="submit" name="submit" id="save_button"
+ value="{gsa:i18n ('Save')}"/>
</td>
</tr>
</table>

42
net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-7.0.3-memleak.patch
View file

@ -1,42 +0,0 @@
--- gsa-7.0.3/src/gsad_omp.c 2018-03-28 16:23:57.000000000 +0300
+++ gsa-7.0.3/src/gsad_omp.c 2019-02-02 03:12:16.617046562 +0300
@@ -7737,16 +7738,21 @@
g_string_append (xml, command_escaped);
g_free (command_escaped);
+ response = NULL;
ret = omp (connection, credentials, &response, &entity, response_data,
command->str);
g_string_free (command, TRUE);
+
+ if (ret)
+ {
+ free_entity (entity);
+ g_string_free (xml, TRUE);
+ }
+
switch (ret)
{
case 0:
break;
- case -1:
- /* 'omp' set response. */
- return response;
case 1:
response_data->http_status_code = MHD_HTTP_INTERNAL_SERVER_ERROR;
return gsad_message (credentials,
@@ -7770,10 +7776,14 @@
"/omp?cmd=get_tasks", response_data);
}
+ if (omp_success (entity) == 0)
+ set_http_status_from_entity (entity, response_data);
g_string_append (xml, response);
g_string_append (xml, "</get_aggregate>");
+ free_entity (entity);
+ g_free (response);
return xsl_transform_omp (connection, credentials, params,
g_string_free (xml, FALSE), response_data);
}

30
net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-8.0.1-cmakelist.patch
View file

@ -1,30 +0,0 @@
--- a/gsad/config/CMakeLists.txt 2019-07-18 20:39:10.331949702 +0300
+++ b/gsad/config/CMakeLists.txt 2019-07-18 20:40:18.946830294 +0300
@@ -16,27 +16,3 @@
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-if (NOT SYSTEMD_SERVICE_DIR)
- set (SYSTEMD_SERVICE_DIR "${CMAKE_INSTALL_PREFIX}/lib/systemd/system")
-endif (NOT SYSTEMD_SERVICE_DIR)
-
-if (NOT DEFAULT_CONFIG_DIR)
- set (DEFAULT_CONFIG_DIR "${CMAKE_INSTALL_PREFIX}/etc/default")
-endif (NOT DEFAULT_CONFIG_DIR)
-
-if (NOT LOGROTATE_DIR)
- set (LOGROTATE_DIR "${CMAKE_INSTALL_PREFIX}/etc/logrotate.d")
-endif (NOT LOGROTATE_DIR)
-
-configure_file (gsad.service.in gsad.service)
-configure_file (gsad.logrotate.in gsad.logrotate)
-
-install (FILES ${CMAKE_CURRENT_BINARY_DIR}/gsad.service
- DESTINATION ${SYSTEMD_SERVICE_DIR}/)
-
-install (FILES ${CMAKE_CURRENT_SOURCE_DIR}/gsad.default
- DESTINATION ${DEFAULT_CONFIG_DIR}/ RENAME gsad)
-
-install (FILES ${CMAKE_CURRENT_BINARY_DIR}/gsad.logrotate
- DESTINATION ${LOGROTATE_DIR}/ RENAME gsad)
-

34
net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-8.0.1-node.patch
View file

@ -1,34 +0,0 @@
--- a/gsa/CMakeLists.txt 2019-07-17 16:45:39.000000000 +0300
+++ b/gsa/CMakeLists.txt 2019-07-17 22:24:49.466906757 +0300
@@ -1095,28 +1095,17 @@
${GSA_JS_SRC_FILES}
PARENT_SCOPE)
-
-add_custom_command (OUTPUT node-modules.stamp
- DEPENDS ${GSA_PKG_FILES}
- COMMAND ${INSTALLER} "${INSTALLER_ARGS}" "install"
- COMMAND ${CMAKE_COMMAND} -E touch ${CMAKE_CURRENT_BINARY_DIR}/node-modules.stamp
- WORKING_DIRECTORY ${GSA_SRC_DIR}
- COMMENT "Install gsa-ng js dependencies")
-
-
add_custom_command (OUTPUT bundle.stamp
- COMMAND ${CMAKE_COMMAND} -E env REACT_APP_VERSION=${PROJECT_VERSION_STRING} ${INSTALLER} "${INSTALLER_ARGS}" run build
+ COMMAND ${CMAKE_COMMAND} -E env REACT_APP_VERSION=${PROJECT_VERSION_STRING} ${INSTALLER} --offline run build
COMMAND ${CMAKE_COMMAND} -E touch ${CMAKE_CURRENT_BINARY_DIR}/bundle.stamp
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
- DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/node-modules.stamp
- ${GSA_PKG_FILES}
+ DEPENDS ${GSA_PKG_FILES}
${GSA_STATIC_SRC_FILES}
${GSA_JS_SRC_FILES}
COMMENT "Build gsa-ng install files")
add_custom_target (gsa-ng ALL
- DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/node-modules.stamp
- ${CMAKE_CURRENT_BINARY_DIR}/bundle.stamp)
+ DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/bundle.stamp)
set (GSA_STATIC_BUILD_FILES
${GSA_BUILD_DIR}/index.html)

11
net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-8.0.1-pid.patch
View file

@ -1,11 +0,0 @@
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -222,7 +222,7 @@ if (NOT DATADIR)
endif (NOT DATADIR)
if (NOT GSAD_PID_DIR)
- set (GSAD_PID_DIR "${LOCALSTATEDIR}/run")
+ set (GSAD_PID_DIR "/run")
endif (NOT GSAD_PID_DIR)
set (OPENVAS_STATE_DIR "${LOCALSTATEDIR}/lib/openvas")

20
net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-8.0.1-reactjs.patch
View file

@ -1,20 +0,0 @@
--- a/gsa/package.json 2019-07-17 16:45:39.000000000 +0300
+++ b/gsa/package.json 2019-07-17 22:40:31.371899489 +0300
@@ -66,12 +66,12 @@
"x2js": "^3.2.6"
},
"scripts": {
- "test": "react-scripts test",
- "test:coverage": "react-scripts test --coverage --maxWorkers 2",
+ "test": "NODE_ENV=production node_modules/react-scripts/bin/react-scripts.js test",
+ "test:coverage": "NODE_ENV=production node_modules/react-scripts/bin/react-scripts.js test --coverage --maxWorkers 2",
"lint": "eslint --max-warnings 0 src",
- "start": "react-scripts start",
- "build": "react-scripts build",
- "eject": "react-scripts eject"
+ "start": "NODE_ENV=production node_modules/react-scripts/bin/react-scripts.js start",
+ "build": "NODE_ENV=production node_modules/react-scripts/bin/react-scripts.js build",
+ "eject": "NODE_ENV=production node_modules/react-scripts/bin/react-scripts.js eject"
},
"devDependencies": {
"@types/jest": "^24.0.12",

12
net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-8.0.1-sbin.patch
View file

@ -1,12 +0,0 @@
--- a/gsad/src/CMakeLists.txt 2019-07-21 23:07:38.375683800 +0300
+++ a/gsad/src/CMakeLists.txt 2019-07-21 23:08:17.301651451 +0300
@@ -175,7 +175,7 @@
## Install
install (TARGETS gsad
- RUNTIME DESTINATION ${SBINDIR}
+ RUNTIME DESTINATION ${BINDIR}
LIBRARY DESTINATION ${LIBDIR}
ARCHIVE DESTINATION ${LIBDIR}/static)

12
net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-8.0.1-uninstall-snippet.patch
View file

@ -1,12 +0,0 @@
--- a/gsa/CMakeLists.txt 2019-07-18 23:14:04.639202986 +0300
+++ b/gsa/CMakeLists.txt 2019-07-18 23:21:54.568052589 +0300
@@ -1116,9 +1116,6 @@
install (FILES public/robots.txt
DESTINATION ${GSA_DEST_DIR})
-# remove old generated files
-install (CODE "file(REMOVE_RECURSE ${GSA_DEST_DIR}/static)")
-
install (DIRECTORY
${GSA_BUILD_DIR}/static
${GSA_BUILD_DIR}/img

20
net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-9.0.0-reactjs.patch
View file

@ -1,20 +0,0 @@
--- a/gsa/package.json.orig 2019-10-14 20:11:00.000000000 +0800
+++ b/gsa/package.json 2019-10-26 17:15:10.732305426 +0800
@@ -67,12 +67,12 @@
"whatwg-fetch": "^3.0.0"
},
"scripts": {
- "test": "react-scripts test",
- "test:coverage": "react-scripts test --coverage --maxWorkers 2",
+ "test": "NODE_ENV=production node_modules/react-scripts/bin/react-scripts.js test",
+ "test:coverage": "NODE_ENV=production node_modules/react-scripts/bin/react-scripts.js test --coverage --maxWorkers 2",
"lint": "eslint --max-warnings 0 src",
- "start": "react-scripts start",
- "build": "react-scripts build",
- "eject": "react-scripts eject",
+ "start": "NODE_ENV=production node_modules/react-scripts/bin/react-scripts.js start",
+ "build": "NODE_ENV=production node_modules/react-scripts/bin/react-scripts.js build",
+ "eject": "NODE_ENV=production node_modules/react-scripts/bin/react-scripts.js eject",
"storybook": "NODE_PATH=src start-storybook",
"build-storybook": "NODE_PATH=src build-storybook"
},

31
net-analyzer/greenbone-security-assistant/files/gsa-daemon.conf
View file

@ -1,31 +0,0 @@
# OpenVAS Security Assistant command args
# man page --> https://www.mankier.com/8/gsad
# e.g. --foreground | e.g. --no-redirect -- > Don't listen port 80 anymore
OPENVAS_SECURITY_ASSISTANT_OPTIONS="--no-redirect"
# WebUI adress
OPENVAS_SECURITY_ASSISTANT_LISTEN_ADDRESS="--listen=127.0.0.1"
# WebUI Port
OPENVAS_SECURITY_ASSISTANT_LISTEN_PORT="--port=9392"
# WebUI Manager Address
OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_ADDRESS="--mlisten=127.0.0.1"
# WebUI Manager Port
OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_PORT="--mport=9390"
# TLS Settings
OPENVAS_SECURITY_ASSISTANT_GNUTLS_PRIORITIES="--gnutls-priorities=NORMAL"
# If you use reverse proxy you must set OPENVAS_REVERSE_PROXY daemon arg
# otherwise you will get the below error.
# ---------------------------------------------------------------
# The request contained an unknown or invalid Host header.
# If you are trying to access GSA via its hostname or a proxy,
# make sure GSA is set up to allow it.
# ---------------------------------------------------------------
# Reverse Proxy Settings ( e.g. --allow-header-host=subdomain.example.com )
OPENVAS_REVERSE_PROXY="--allow-header-host="

14
net-analyzer/greenbone-security-assistant/files/gsa.init
View file

@ -1,14 +0,0 @@
#!/sbin/openrc-run
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
name="Greenbone Security Assistant Daemon"
command="/usr/sbin/gsad"
command_args="${OPENVAS_SECURITY_ASSISTANT_OPTIONS} ${OPENVAS_SECURITY_ASSISTANT_LISTEN_ADDRESS} ${OPENVAS_SECURITY_ASSISTANT_LISTEN_PORT} ${OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_ADDRESS} ${OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_PORT} ${OPENVAS_SECURITY_ASSISTANT_GNUTLS_PRIORITIES} ${OPENVAS_REVERSE_PROXY}"
pidfile="/var/run/gsad.pid"
command_background="true"
depend() {
after bootmisc
need localmount net openvas-scanner gvmd
}

9
net-analyzer/greenbone-security-assistant/files/gsa.logrotate
View file

@ -1,9 +0,0 @@
# logrotate for openvas security agent
/var/log/openvas/gsad.log {
daily
rotate 7
compress
missingok
notifempty
sharedscripts
}

78
net-analyzer/greenbone-security-assistant/files/gsa.nginx.reverse.proxy.example
View file

@ -1,78 +0,0 @@
upstream backend {
server 127.0.0.1:9392;
keepalive 64;
}
server {
listen IP:80;
server_name openvas.domain.tdl;
return 301 https://openvas.domain.tdl$request_uri;
}
server {
listen IP:443 ssl http2;
server_name openvas.domain.tdl;
access_log /var/log/nginx/openvas.domain.tdl.access.log;
error_log /var/log/nginx/openvas.domain.tdl.error.log;
# Not sourcing directly from file
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REQUEST_SCHEME $scheme;
fastcgi_param HTTPS $https;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param REDIRECT_STATUS 200;
fastcgi_param HTTP_PROXY "";
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
fastcgi_param DOCUMENT_ROOT $document_root;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE_HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-FORWARDED-PROTOCOL $scheme;
proxy_pass https://backend;
proxy_http_version 1.1;
proxy_pass_request_headers on;
proxy_set_header Connection "keep-alive";
proxy_store off;
gzip on;
gzip_proxied any;
gzip_types *;
}
resolver 127.0.0.1;
resolver_timeout 6s;
ssl_certificate /openvas.domain.tdl/fullchain.pem;
ssl_certificate_key /openvas.domain.tdl/privkey.pem;
ssl_trusted_certificate /openvas.domain.tdl/chain.pem;
ssl_dhparam /openvas.domain.tdl/dhparam.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
ssl_ecdh_curve secp384r1;
ssl_stapling on;
ssl_stapling_verify on;
ssl_session_cache shared:SSL:40m;
ssl_session_timeout 21h;
ssl_session_tickets off;
ssl_buffer_size 4k;
add_header Referrer-Policy no-referrer-when-downgrade;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
add_header X-XSS-Protection "1; mode=block";
}

19
net-analyzer/greenbone-security-assistant/files/gsa.service
View file

@ -1,19 +0,0 @@
[Unit]
Description=OpenVAS Manager
After=network.target
After=openvas-scanner.service
After=gvmd.service
Wants=gvmd.service
[Service]
Type=forking
EnvironmentFile=-/etc/openvas/sysconfig/gsa-daemon.conf
ExecStart=/usr/sbin/gsad $OPENVAS_SECURITY_ASSISTANT_OPTIONS $OPENVAS_SECURITY_ASSISTANT_LISTEN_ADDRESS $OPENVAS_SECURITY_ASSISTANT_LISTEN_PORT $OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_ADDRESS $OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_PORT $OPENVAS_SECURITY_ASSISTANT_GNUTLS_PRIORITIES $OPENVAS_REVERSE_PROXY
ExecReload=/bin/kill -HUP $MAINPID
KillMode=mixed
User=root
Group=root
TimeoutSec=1200
[Install]
WantedBy=multi-user.target

1
net-analyzer/greenbone-security-assistant/files/gsa.tmpfiles.d
View file

@ -1 +0,0 @@
d /var/cache/openvassd 0775

19
net-analyzer/greenbone-security-assistant/files/gsad-daemon.conf
View file

@ -1,19 +0,0 @@
# Greenbone Security Assistant command args
# e.g. --foreground | e.g. --no-redirect
GSAD_OPTIONS="--no-redirect"
# GSAD listen adress
GSAD_LISTEN_ADDRESS="--listen=127.0.0.1"
# GSAD listen port
GSAD_LISTEN_PORT="--port=9392"
# GVMD listen address
GVMD_LISTEN_ADDRESS="--mlisten=127.0.0.1"
# GVMD listen port
GVMD_LISTEN_PORT="--mport=9390"
# TLS Settings
GSAD_GNUTLS_PRIORITIES="--gnutls-priorities=NORMAL"

20
net-analyzer/greenbone-security-assistant/files/gsad.init
View file

@ -1,20 +0,0 @@
#!/sbin/openrc-run
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
: ${GSAD_USER:=gvm}
: ${GSAD_GROUP:=gvm}
: ${GSAD_TIMEOUT:=30}
name="Greenbone Security Assistant (GSA)"
command="/usr/bin/gsad"
command_args="${GSAD_OPTIONS} ${GSAD_LISTEN_ADDRESS} ${GSAD_LISTEN_PORT} ${GVMD_LISTEN_ADDRESS} ${GVMD_LISTEN_PORT} ${GSAD_GNUTLS_PRIORITIES}"
command_background="true"
command_user="${GSAD_USER}:${GSAD_GROUP}"
pidfile="/run/gsad.pid"
retry="${GSAD_TIMEOUT}"
depend() {
after bootmisc
need localmount net gvmd
}

13
net-analyzer/greenbone-security-assistant/files/gsad.logrotate
View file

@ -1,13 +0,0 @@
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
# Daemon ignore HUP so we use 'copytruncate' instead of 'create'
# with safe file size to prevent losing log entries.
/var/log/gvm/gsad.log {
compress
missingok
notifempty
sharedscripts
copytruncate
maxsize 10M
}

18
net-analyzer/greenbone-security-assistant/files/gsad.service
View file

@ -1,18 +0,0 @@
[Unit]
Description=Greenbone Security Assistant
After=network.target
After=openvassd.service
After=gvmd.service
Wants=gvmd.service
[Service]
Type=forking
User=gvm
Group=gvm
EnvironmentFile=-/etc/gvm/sysconfig/gsad-daemon.conf
ExecStart=/usr/bin/gsad $GSAD_OPTIONS $GSAD_LISTEN_ADDRESS $GSAD_LISTEN_PORT $GVMD_LISTEN_ADDRESS $GVMD_LISTEN_PORT $GSAD_GNUTLS_PRIORITIES
Restart=always
RestartSec=10
[Install]
WantedBy=multi-user.target

128
net-analyzer/greenbone-security-assistant/greenbone-security-assistant-9.0.0-r1.ebuild
View file

@ -1,128 +0,0 @@
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
CMAKE_MAKEFILE_GENERATOR="emake"
inherit cmake-utils flag-o-matic systemd toolchain-funcs
MY_PN="gsa"
MY_DN="gsad"
MY_NODE_N="node_modules"
DESCRIPTION="Greenbone Security Assistant"
HOMEPAGE="https://www.greenbone.net/en/"
SRC_URI="https://github.com/greenbone/${MY_PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz
https://dev.pentoo.ch/~blshkv/distfiles/gsa-${PV}-${MY_NODE_N}.tar.gz"
SLOT="0"
LICENSE="GPL-2+"
KEYWORDS="~amd64 ~x86"
IUSE="extras"
DEPEND="
dev-libs/libgcrypt:0=
dev-libs/libxslt
>=net-analyzer/gvm-libs-10.0.1
net-libs/gnutls:=
net-libs/libmicrohttpd[messages]"
RDEPEND="
${DEPEND}
!~net-analyzer/greenbone-security-assistant-7.0.3
>=net-analyzer/openvas-scanner-7.0.0
>=net-analyzer/gvmd-8.0.1"
BDEPEND="
>=net-libs/nodejs-8.12.0
>=sys-apps/yarn-1.15.2
virtual/pkgconfig
extras? ( app-doc/doxygen[dot]
app-doc/xmltoman
app-text/htmldoc
dev-python/polib
sys-devel/gettext
)"
BUILD_DIR="${WORKDIR}/${MY_PN}-${PV}_build"
S="${WORKDIR}/${MY_PN}-${PV}"
MY_NODE_DIR="${S}/${MY_PN}/"
PATCHES=(
# QA fix for 8.0.0.
# "${FILESDIR}/${PN}-8.0.1-pid.patch"
# Disable yarn-fetch during compile.
"${FILESDIR}/${PN}-8.0.1-node.patch"
# Fix react-env path for react.js.
"${FILESDIR}/${P}-reactjs.patch"
# Remove ugly uninstall-snippet that causes failing re-emerge.
"${FILESDIR}/${PN}-8.0.1-uninstall-snippet.patch"
# Remove unnecessary install paths/files.
"${FILESDIR}/${PN}-8.0.1-cmakelist.patch"
# Install exec. to /usr/bin instead of /usr/sbin
"${FILESDIR}/${PN}-8.0.1-sbin.patch"
)
src_prepare() {
cmake-utils_src_prepare
# We will use pre-generated npm stuff.
mv "${WORKDIR}/${MY_NODE_N}" "${MY_NODE_DIR}" || die "couldn't move node_modules"
# Update .yarnrc accordingly.
echo "--modules-folder ${MY_NODE_DIR}" >> "${S}/${MY_PN}/.yarnrc" || die "echo failed"
echo "SKIP_PREFLIGHT_CHECK=true" >> "${S}/${MY_PN}/.env" || die "echo with SKIP failed"
# QA-Fix | Remove !CLANG doxygen warnings for 8.0.1
if use extras; then
if ! tc-is-clang; then
local f
for f in gsad/doc/*.in
do
sed -i \
-e "s*CLANG_ASSISTED_PARSING = NO*#CLANG_ASSISTED_PARSING = NO*g" \
-e "s*CLANG_OPTIONS*#CLANG_OPTIONS*g" \
"${f}" || die "couldn't disable CLANG parsing"
done
fi
fi
}
src_configure() {
local mycmakeargs=(
"-DCMAKE_INSTALL_PREFIX=${EPREFIX}/usr"
"-DLOCALSTATEDIR=${EPREFIX}/var"
"-DSYSCONFDIR=${EPREFIX}/etc"
)
# Add release hardening flags for 8.0.1
append-cflags -D_FORTIFY_SOURCE=2 -fstack-protector
append-ldflags -Wl,-z,relro -Wl,-z,now
cmake-utils_src_configure
}
src_compile() {
cmake-utils_src_compile
if use extras; then
cmake-utils_src_make -C "${BUILD_DIR}" doc
cmake-utils_src_make doc-full -C "${BUILD_DIR}" doc
HTML_DOCS=( "${BUILD_DIR}/${MY_DN}/doc/generated/html/." )
fi
cmake-utils_src_make rebuild_cache
}
src_install() {
cmake-utils_src_install
insinto /etc/gvm/sysconfig
doins "${FILESDIR}/${MY_DN}-daemon.conf"
dodir /etc/gvm/reverse-proxy
insinto /etc/gvm/reverse-proxy
doins "${FILESDIR}/${MY_PN}.nginx.reverse.proxy.example"
fowners -R gvm:gvm /etc/gvm
newinitd "${FILESDIR}/${MY_DN}.init" "${MY_DN}"
newconfd "${FILESDIR}/${MY_DN}-daemon.conf" "${MY_DN}"
insinto /etc/logrotate.d
newins "${FILESDIR}/${MY_DN}.logrotate" "${MY_DN}"
systemd_dounit "${FILESDIR}/${MY_DN}.service"
}

130
net-analyzer/greenbone-security-assistant/greenbone-security-assistant-9.0.1.ebuild
View file

@ -1,130 +0,0 @@
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
CMAKE_MAKEFILE_GENERATOR="emake"
inherit cmake-utils flag-o-matic systemd toolchain-funcs
MY_PN="gsa"
MY_DN="gsad"
MY_NODE_N="node_modules"
DESCRIPTION="Greenbone Security Assistant"
HOMEPAGE="https://www.greenbone.net/en/"
SRC_URI="https://github.com/greenbone/${MY_PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz
https://github.com/greenbone/gsa/releases/download/v9.0.1/gsa-node-modules-9.0.1.tar.gz -> gsa-node-modules-9.0.1.tar"
# https://dev.pentoo.ch/~blshkv/distfiles/gsa-${PV}-${MY_NODE_N}.tar.gz"
SLOT="0"
LICENSE="GPL-2+"
KEYWORDS="~amd64 ~x86"
IUSE="extras"
DEPEND="
dev-libs/libgcrypt:0=
dev-libs/libxslt
>=net-analyzer/gvm-libs-10.0.1
net-libs/gnutls:=
net-libs/libmicrohttpd"
#[messages]"
RDEPEND="
${DEPEND}
!~net-analyzer/greenbone-security-assistant-7.0.3
>=net-analyzer/openvas-scanner-7.0.0
>=net-analyzer/gvmd-8.0.1"
BDEPEND="
>=net-libs/nodejs-8.12.0
>=sys-apps/yarn-1.15.2
virtual/pkgconfig
extras? ( app-doc/doxygen[dot]
app-doc/xmltoman
app-text/htmldoc
dev-python/polib
sys-devel/gettext
)"
BUILD_DIR="${WORKDIR}/${MY_PN}-${PV}_build"
S="${WORKDIR}/${MY_PN}-${PV}"
MY_NODE_DIR="${S}/${MY_PN}/"
PATCHES=(
# QA fix for 8.0.0.
# "${FILESDIR}/${PN}-8.0.1-pid.patch"
# Disable yarn-fetch during compile.
"${FILESDIR}/${PN}-8.0.1-node.patch"
# Fix react-env path for react.js.
"${FILESDIR}/${PN}-9.0.0-reactjs.patch"
# Remove ugly uninstall-snippet that causes failing re-emerge.
"${FILESDIR}/${PN}-8.0.1-uninstall-snippet.patch"
# Remove unnecessary install paths/files.
"${FILESDIR}/${PN}-8.0.1-cmakelist.patch"
# Install exec. to /usr/bin instead of /usr/sbin
"${FILESDIR}/${PN}-8.0.1-sbin.patch"
)
src_prepare() {
cmake-utils_src_prepare
# We will use pre-generated npm stuff.
mv "${WORKDIR}/${MY_NODE_N}" "${MY_NODE_DIR}" || die "couldn't move node_modules"
# Update .yarnrc accordingly.
echo "--modules-folder ${MY_NODE_DIR}" >> "${S}/${MY_PN}/.yarnrc" || die "echo failed"
echo "SKIP_PREFLIGHT_CHECK=true" >> "${S}/${MY_PN}/.env" || die "echo with SKIP failed"
# QA-Fix | Remove !CLANG doxygen warnings for 8.0.1
if use extras; then
if ! tc-is-clang; then
local f
for f in gsad/doc/*.in
do
sed -i \
-e "s*CLANG_ASSISTED_PARSING = NO*#CLANG_ASSISTED_PARSING = NO*g" \
-e "s*CLANG_OPTIONS*#CLANG_OPTIONS*g" \
"${f}" || die "couldn't disable CLANG parsing"
done
fi
fi
}
src_configure() {
local mycmakeargs=(
"-DCMAKE_INSTALL_PREFIX=${EPREFIX}/usr"
"-DLOCALSTATEDIR=${EPREFIX}/var"
"-DSYSCONFDIR=${EPREFIX}/etc"
)
# Add release hardening flags for 8.0.1
append-cflags -D_FORTIFY_SOURCE=2 -fstack-protector
append-ldflags -Wl,-z,relro -Wl,-z,now
cmake-utils_src_configure
}
src_compile() {
cmake-utils_src_compile
if use extras; then
cmake-utils_src_make -C "${BUILD_DIR}" doc
cmake-utils_src_make doc-full -C "${BUILD_DIR}" doc
HTML_DOCS=( "${BUILD_DIR}/${MY_DN}/doc/generated/html/." )
fi
cmake-utils_src_make rebuild_cache
}
src_install() {
cmake-utils_src_install
insinto /etc/gvm/sysconfig
doins "${FILESDIR}/${MY_DN}-daemon.conf"
dodir /etc/gvm/reverse-proxy
insinto /etc/gvm/reverse-proxy
doins "${FILESDIR}/${MY_PN}.nginx.reverse.proxy.example"
fowners -R gvm:gvm /etc/gvm
newinitd "${FILESDIR}/${MY_DN}.init" "${MY_DN}"
newconfd "${FILESDIR}/${MY_DN}-daemon.conf" "${MY_DN}"
insinto /etc/logrotate.d
newins "${FILESDIR}/${MY_DN}.logrotate" "${MY_DN}"
systemd_dounit "${FILESDIR}/${MY_DN}.service"
}

20
net-analyzer/greenbone-security-assistant/metadata.xml
View file

@ -1,20 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="person">
<email>unknown@pentoo.ch</email>
<name>Author Unknown</name>
</maintainer>
<use>
<flag name="extras">Pdf results, extra fonts, html docs support</flag>
</use>
<longdescription lang="en">
The Greenbone Security Assistant is the web interface developed for the Greenbone Security Manager appliances.
It connects to the Greenbone Vulnerability Manager GVM to provide a full-featured user interface for vulnerability management.
Greenbone Security Assistant consists of GSA - The webpage written in React and
GSAD - The HTTP server talking to the GVM daemon.
</longdescription>
<upstream>
<remote-id type="github">greenbone/gsa</remote-id>
</upstream>
</pkgmetadata>

2
net-analyzer/gvm-libs/Manifest
View file

@ -1,2 +0,0 @@
DIST gvm-libs-11.0.0.tar.gz 207205 BLAKE2B 026b999a48ad524df9305d219dd29f5deb71affb3f5d338ad1178924aa701f2fe698ee4009f4b5a6973de6e590a870871b3b708a2531aaba6e05755cd7f00f97 SHA512 ff981b4ca37b425a8d1f491e90bd1cef4701033886f9fd47dad34540b36fa275d4af8b176e63a07405cc1f29137851b96a6ce80c46ed92f809b089fb0cd928af
DIST gvm-libs-11.0.1.tar.gz 213553 BLAKE2B b7c8ffeca8682fcfe68afe0992632fac18a01fc9b0016fcbaf27c0340b5150337784caac2368a22789073714808ce2c0471efde668e6911dcd0cfceaf862b671 SHA512 159acbe8e24f172398a6396988b87676a214fa15c2985e67845dcad1ebcb92ba5e2a19cee2994dc7cd0cac706992e81e8c6a793e99216aaac87a91c1c72c9a46

10
net-analyzer/gvm-libs/files/gvm-libs-11.0.0-gnutls.patch
View file

@ -1,10 +0,0 @@
--- a/util/CMakeLists.txt.orig 2019-10-13 22:39:53.333743843 +0800
+++ b/util/CMakeLists.txt 2019-10-13 22:40:08.804743702 +0800
@@ -159,6 +159,7 @@
target_link_libraries (gvm_util_shared LINK_PRIVATE ${GLIB_LDFLAGS}
${GIO_LDFLAGS} ${GPGME_LDFLAGS} ${ZLIB_LDFLAGS}
${RADIUS_LDFLAGS} ${LIBSSH_LDFLAGS}
+ ${GNUTLS_LDFLAGS}
${GCRYPT_LDFLAGS} ${LDAP_LDFLAGS} ${REDIS_LDFLAGS}
${UUID_LDFLAGS} ${LINKER_HARDENING_FLAGS})
endif (BUILD_SHARED)

11
net-analyzer/gvm-libs/files/gvm-libs-11.0.0-pid.patch
View file

@ -1,11 +0,0 @@
--- a/CMakeLists.txt 2019-04-05 11:27:07.000000000 +0300
+++ b/CMakeLists.txt 2019-07-14 23:42:42.723081614 +0300
@@ -172,7 +172,7 @@
endif (NOT DATADIR)
if (NOT GVM_PID_DIR)
- set (GVM_PID_DIR "${LOCALSTATEDIR}/run")
+ set (GVM_PID_DIR "/var/lib/gvm")
endif (NOT GVM_PID_DIR)
if (NOT GVM_SYSCONF_DIR)

103
net-analyzer/gvm-libs/gvm-libs-11.0.0.ebuild
View file

@ -1,103 +0,0 @@
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
CMAKE_MAKEFILE_GENERATOR="emake"
inherit cmake-utils flag-o-matic toolchain-funcs user
DESCRIPTION="Greenbone vulnerability management libraries, previously named openvas-libraries"
HOMEPAGE="https://www.greenbone.net/en/"
SRC_URI="https://github.com/greenbone/gvm-libs/archive/v${PV}.tar.gz -> ${P}.tar.gz"
SLOT="0"
LICENSE="GPL-2+"
KEYWORDS="~amd64 ~x86"
IUSE="extras ldap radius"
DEPEND="
app-crypt/gpgme:=
dev-libs/hiredis
dev-libs/libgcrypt:=
dev-perl/UUID
net-libs/gnutls:=
net-libs/libssh:=
sys-libs/zlib
ldap? ( net-nds/openldap )
radius? ( net-dialup/freeradius-client )"
RDEPEND="
${DEPEND}
!net-analyzer/openvas-libraries"
BDEPEND="
sys-devel/bison
sys-devel/flex
virtual/pkgconfig
extras? ( app-doc/doxygen[dot]
app-doc/xmltoman
app-text/htmldoc
dev-perl/CGI
dev-perl/SQL-Translator
)"
PATCHES=(
# Creating pid on build time instead of relying daemon!
# QA fix for 10.0.1.
"${FILESDIR}/${P}-pid.patch"
"${FILESDIR}/${P}-gnutls.patch"
)
pkg_setup() {
enewgroup gvm 495
enewuser gvm 495 -1 /var/lib/gvm gvm
}
src_prepare() {
cmake-utils_src_prepare
# QA-Fix | Remove doxygen warnings for !CLANG
if use extras; then
if ! tc-is-clang; then
local f
for f in doc/*.in
do
sed -i \
-e "s*CLANG_ASSISTED_PARSING = NO*#CLANG_ASSISTED_PARSING = NO*g" \
-e "s*CLANG_OPTIONS*#CLANG_OPTIONS*g" \
"${f}" || die "couldn't disable CLANG parsing"
done
fi
fi
}
src_configure() {
local mycmakeargs=(
"-DCMAKE_INSTALL_PREFIX=${EPREFIX}/usr"
"-DLOCALSTATEDIR=${EPREFIX}/var"
"-DSYSCONFDIR=${EPREFIX}/etc"
$(usex ldap -DBUILD_WITHOUT_LDAP=0 -DBUILD_WITHOUT_LDAP=1)
$(usex radius -DBUILD_WITHOUT_RADIUS=0 -DBUILD_WITHOUT_RADIUS=1)
)
# Add release hardening flags for 10.0.1
# append-cflags -Wformat -Wformat-security -D_FORTIFY_SOURCE=2 -fstack-protector
# append-ldflags -Wl,-z,relro -Wl,-z,now
cmake-utils_src_configure
}
src_compile() {
cmake-utils_src_compile
if use extras; then
cmake-utils_src_make -C "${BUILD_DIR}" doc
cmake-utils_src_make doc-full -C "${BUILD_DIR}" doc
HTML_DOCS=( "${BUILD_DIR}"/doc/generated/html/. )
fi
cmake-utils_src_make rebuild_cache
}
src_install() {
cmake-utils_src_install
# Set proper permissions on required files/directories
keepdir /var/lib/gvm
fowners -R gvm:gvm /var/lib/gvm
}

103
net-analyzer/gvm-libs/gvm-libs-11.0.1.ebuild
View file

@ -1,103 +0,0 @@
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
CMAKE_MAKEFILE_GENERATOR="emake"
inherit cmake-utils flag-o-matic toolchain-funcs user
DESCRIPTION="Greenbone vulnerability management libraries, previously named openvas-libraries"
HOMEPAGE="https://www.greenbone.net/en/"
SRC_URI="https://github.com/greenbone/gvm-libs/archive/v${PV}.tar.gz -> ${P}.tar.gz"
SLOT="0"
LICENSE="GPL-2+"
KEYWORDS="~amd64 ~x86"
IUSE="extras ldap radius"
DEPEND="
app-crypt/gpgme:=
dev-libs/hiredis
dev-libs/libgcrypt:=
dev-perl/UUID
net-libs/gnutls:=
net-libs/libssh:=
sys-libs/zlib
ldap? ( net-nds/openldap )
radius? ( net-dialup/freeradius-client )"
RDEPEND="
${DEPEND}
!net-analyzer/openvas-libraries"
BDEPEND="
sys-devel/bison
sys-devel/flex
virtual/pkgconfig
extras? ( app-doc/doxygen[dot]
app-doc/xmltoman
app-text/htmldoc
dev-perl/CGI
dev-perl/SQL-Translator
)"
#PATCHES=(
# Creating pid on build time instead of relying daemon!
# QA fix for 10.0.1.
# "${FILESDIR}/${P}-pid.patch"
# "${FILESDIR}/${PN}-11.0.0-gnutls.patch"
#)
pkg_setup() {
enewgroup gvm 495
enewuser gvm 495 -1 /var/lib/gvm gvm
}
src_prepare() {
cmake-utils_src_prepare
# QA-Fix | Remove doxygen warnings for !CLANG
if use extras; then
if ! tc-is-clang; then
local f
for f in doc/*.in
do
sed -i \
-e "s*CLANG_ASSISTED_PARSING = NO*#CLANG_ASSISTED_PARSING = NO*g" \
-e "s*CLANG_OPTIONS*#CLANG_OPTIONS*g" \
"${f}" || die "couldn't disable CLANG parsing"
done
fi
fi
}
src_configure() {
local mycmakeargs=(
"-DCMAKE_INSTALL_PREFIX=${EPREFIX}/usr"
"-DLOCALSTATEDIR=${EPREFIX}/var"
"-DSYSCONFDIR=${EPREFIX}/etc"
$(usex ldap -DBUILD_WITHOUT_LDAP=0 -DBUILD_WITHOUT_LDAP=1)
$(usex radius -DBUILD_WITHOUT_RADIUS=0 -DBUILD_WITHOUT_RADIUS=1)
)
# Add release hardening flags for 10.0.1
# append-cflags -Wformat -Wformat-security -D_FORTIFY_SOURCE=2 -fstack-protector
# append-ldflags -Wl,-z,relro -Wl,-z,now
cmake-utils_src_configure
}
src_compile() {
cmake-utils_src_compile
if use extras; then
cmake-utils_src_make -C "${BUILD_DIR}" doc
cmake-utils_src_make doc-full -C "${BUILD_DIR}" doc
HTML_DOCS=( "${BUILD_DIR}"/doc/generated/html/. )
fi
cmake-utils_src_make rebuild_cache
}
src_install() {
cmake-utils_src_install
# Set proper permissions on required files/directories
keepdir /var/lib/gvm
fowners -R gvm:gvm /var/lib/gvm
}

19
net-analyzer/gvm-libs/metadata.xml
View file

@ -1,19 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="person">
<email>unknown@pentoo.ch</email>
<name>Author Unknown</name>
</maintainer>
<use>
<flag name="extras">Html docs support</flag>
</use>
<longdescription lang="en">
This is the libraries module for the Greenbone Vulnerability Management Solution.
It is used for the Greenbone Security Manager appliances and provides various
functionalities to support the integrated service daemons.
</longdescription>
<upstream>
<remote-id type="github">greenbone/gvm-libs</remote-id>
</upstream>
</pkgmetadata>

2
net-analyzer/gvm-tools/Manifest
View file

@ -1,2 +0,0 @@
DIST gvm-tools-2.0.0.tar.gz 114592 BLAKE2B 73532138f4153ce625e68d4feb477bea4504be910266d6dac113caff1da096bc6072649ddc456b3348e1aba79c9b7e147ba019a70e4163267c474850019a076e SHA512 0adf7e06b1208c91fbc02dab42593280c95f6572e27d96d6f8777d710747a9e427c79678d9aef785b7ecd6d4fd30e79a1c063fe4256025ac0616c1d242f45025
DIST gvm-tools-2.1.0.tar.gz 128144 BLAKE2B d9dd1857446912bd26a0b5efa38cc34c77bfe9959aaa9ab42ea8518ef9231e5877317319ac8e924b14a5382c80cb00c70d0413635506355eb111b84b5715bf4e SHA512 80933ab8303c1ff77451a9fafd9331b6a0b4c3ae40c4ea318171b6b9e969fb6f20c6970d021a14db1bf8ff816c7f779e2eb750bf84f9093055273f58ad04cda2

66
net-analyzer/gvm-tools/files/setup.py
View file

@ -1,66 +0,0 @@
# Copyright (C) 2017-2019 Greenbone Networks GmbH
#
# SPDX-License-Identifier: GPL-3.0-or-later
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# pylint: disable=invalid-name
import os
import sys
from setuptools import setup, find_packages
sys.path.insert(0, os.path.abspath(os.path.dirname(__file__)))
version = __import__('gvmtools').get_version()
with open('README.md', 'r') as f:
long_description = f.read()
setup(
name='gvm-tools',
version=version,
author='Greenbone Networks GmbH',
author_email='info@greenbone.net',
description='Tools to control a GSM/GVM over GMP or OSP',
long_description=long_description,
long_description_content_type='text/markdown',
url='https://github.com/greenbone/gvm-tools',
packages=find_packages(),
entry_points={
'console_scripts': [
'gvm-pyshell=gvmtools.pyshell:main',
'gvm-cli=gvmtools.cli:main',
'gvm-script=gvmtools.script:main',
],
},
install_requires=[
'python-gvm',
],
python_requires='>=3.5',
classifiers=[
# Full list: https://pypi.org/pypi?%3Aaction=list_classifiers
'Development Status :: 5 - Production/Stable',
'License :: OSI Approved :: GNU General Public License v3 (GPLv3)',
'Environment :: Console',
'Intended Audience :: Developers',
'Intended Audience :: System Administrators',
'Programming Language :: Python :: 3.5',
'Programming Language :: Python :: 3.6',
'Programming Language :: Python :: 3.7',
'Programming Language :: Python :: 3.8',
'Operating System :: OS Independent',
'Topic :: Software Development :: Libraries :: Python Modules',
],
)

29
net-analyzer/gvm-tools/gvm-tools-2.0.0.ebuild
View file

@ -1,29 +0,0 @@
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
PYTHON_COMPAT=( python3_{5,6} )
inherit distutils-r1
DESCRIPTION="Remote control for Greenbone Vulnerability Manager, previously named openvas-cli"
HOMEPAGE="https://www.greenbone.net/en/"
SRC_URI="https://github.com/greenbone/gvm-tools/archive/v${PV}.tar.gz -> ${P}.tar.gz"
SLOT="0"
LICENSE="GPL-3"
KEYWORDS="~amd64 ~x86"
IUSE=""
RDEPEND="dev-python/python-gvm[${PYTHON_USEDEP}]
!net-analyzer/openvas-cli"
DEPEND="
${RDEPEND}"
src_prepare() {
distutils-r1_python_prepare_all
# Exlude tests & correct FHS/Gentoo policy paths
sed -i "s/packages=find_packages(),.*/packages=find_packages(exclude=['tests*', 'docs']),/" "$S"/setup.py || die
sed -i -e "s*''*'/usr/share/doc/${P}'*g" "$S"/setup.py || die
}

31
net-analyzer/gvm-tools/gvm-tools-2.1.0.ebuild
View file

@ -1,31 +0,0 @@
# Copyright 1999-2020 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
DISTUTILS_USE_SETUPTOOLS=pyproject.toml
PYTHON_COMPAT=( python3_{6,7,8} )
inherit distutils-r1
DESCRIPTION="Remote control for Greenbone Vulnerability Manager, previously named openvas-cli"
HOMEPAGE="https://www.greenbone.net/en/"
SRC_URI="https://github.com/greenbone/gvm-tools/archive/v${PV}.tar.gz -> ${P}.tar.gz"
SLOT="0"
LICENSE="GPL-3"
KEYWORDS="~amd64 ~x86"
IUSE=""
RDEPEND="dev-python/python-gvm[${PYTHON_USEDEP}]
!net-analyzer/openvas-cli"
DEPEND="
${RDEPEND}"
src_prepare() {
cp "${FILESDIR}/setup.py" .
distutils-r1_python_prepare_all
# Exlude tests & correct FHS/Gentoo policy paths
sed -i "s/packages=find_packages(),.*/packages=find_packages(exclude=['tests*', 'docs']),/" "$S"/setup.py || die
sed -i -e "s*''*'/usr/share/doc/${P}'*g" "$S"/setup.py || die
}

19
net-analyzer/gvm-tools/metadata.xml
View file

@ -1,19 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="person">
<email>unknown@pentoo.ch</email>
<name>Author Unknown</name>
</maintainer>
<longdescription lang="en">
The Greenbone Vulnerability Management Tools or gvm-tools
in short are a collection of tools that help with remote controlling
a Greenbone Security Manager (GSM) appliance and its
underlying Greenbone Vulnerability Manager (GVM).
The tools essentially aid accessing the communication protocols
GMP (Greenbone Management Protocol) and OSP (Open Scanner Protocol).
</longdescription>
<upstream>
<remote-id type="github">greenbone/gvm-tools</remote-id>
</upstream>
</pkgmetadata>

47
net-analyzer/gvm/gvm-11.0.0-r5.ebuild
View file

@ -1,47 +0,0 @@
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
inherit eutils
DESCRIPTION="Greenbone Vulnerability Management, OpenVAS"
HOMEPAGE="https://www.greenbone.net/en/"
SLOT="0"
LICENSE="GPL-2"
KEYWORDS="~amd64 ~x86"
IUSE="cli cron extras +gsa ldap ospd radius"
RDEPEND="
>=net-analyzer/gvm-libs-11.0.0[extras?,ldap?,radius?]
>=net-analyzer/gvmd-9.0.0[extras?]
>=net-analyzer/openvas-scanner-7.0.0
!~net-analyzer/openvas-9.0.0
>=net-analyzer/ospd-openvas-1.0.0
cli? ( >=net-analyzer/gvm-tools-2.0.0 )
gsa? ( >=net-analyzer/greenbone-security-assistant-8.0.1[extras?] )
ospd? ( >=net-analyzer/ospd-2.0.0[extras?] )"
pkg_postinst() {
elog "We run openvas under 'gvm:gvm' user/group"
elog "Please prepend 'sudo -u gvm' to all cli commands, for example:"
elog "sudo -u gvm gvmd --create-user admin --password admin"
elog "sudo -u gvm greenbone-certdata-sync"
elog
elog "Please following the following URL to configure:"
elog "https://wiki.alpinelinux.org/wiki/Setting_up_GVM10"
elog "In the following manual, replace user 'mattm' with 'gvm'"
elog "https://github.com/greenbone/gvmd/blob/master/INSTALL.md"
elog
elog "Also, change permissions to the following:"
elog "chown -R gvm /var/lib/gvm"
elog
elog "Additional support for extra checks can be get from"
optfeature "Web server scanning and testing tool" net-analyzer/nikto
optfeature "Portscanner" net-analyzer/nmap
optfeature "IPsec VPN scanning, fingerprinting and testing tool" net-analyzer/ike-scan
optfeature "Application protocol detection tool" net-analyzer/amap
optfeature "ovaldi (OVAL) — an OVAL Interpreter" app-forensics/ovaldi
optfeature "Linux-kernel-based portscanner" net-analyzer/portbunny
}

23
net-analyzer/gvm/metadata.xml
View file

@ -1,23 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="person">
<email>unknown@pentoo.ch</email>
<name>Author Unknown</name>
</maintainer>
<use>
<flag name="cli">Command Line Interface for OpenVAS Scanner</flag>
<flag name="cron">A cron job to update GVM's vulnerability feeds daily</flag>
<flag name="extras">Extra fonts, pdf-results! and html docs support</flag>
<flag name="gsa">Greenbone Security Assistant (WebUI)</flag>
<flag name="ospd">Enable support for scanner wrappers</flag>
</use>
<longdescription lang="en">
GVM previously named OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner
with associated tools like a graphical user front-end.
The core component is a server with a set of network vulnerability tests (NVTs) to detect security problems in remote systems and applications.
</longdescription>
<upstream>
<remote-id type="github">greenbone</remote-id>
</upstream>
</pkgmetadata>

2
net-analyzer/gvmd/Manifest
View file

@ -1,2 +0,0 @@
DIST gvmd-9.0.0.tar.gz 1425724 BLAKE2B f44c14a660f2ee9986e5873011233a423565acfdaea479ac6749998da997343a97dabec0355d618fd9032b65871737ba0407525b8d2b49e88aaa58523b633cae SHA512 99faf4b4a9e0baf7993769efb30ef39e09d76173416b44baa1b0849c7b68bd07cd9f82404832136a3e1b37769c7d5e77e5da54275ff75fffc2e6e6fa7a8b9dac
DIST gvmd-9.0.1.tar.gz 1446748 BLAKE2B 7b7b4e8e4224e7a24964f39157bd0535fb4e6405b2813da7c827f4705c4b5df4d953783a3e21950c9196aa5878a09ce6eec7b4d906cc13730e508b0aa5d4be61 SHA512 4c4f0e1fdd2255be1a96967d61d9066d8860aecc5959f04c559b1a248bcc54d9cb75facd0156e223d674f038718f1e8ba0ee6b36cdc8ed88efe480acd1aa54cf

1
net-analyzer/gvmd/files/greenbone-certdata-sync.conf
View file

@ -1 +0,0 @@
COMMUNITY_CERT_RSYNC_FEED="rsync://feed.openvas.org:/cert-data"

1
net-analyzer/gvmd/files/greenbone-nvt-sync.conf
View file

@ -1 +0,0 @@
COMMUNITY_NVT_RSYNC_FEED="rsync://feed.openvas.org:/nvt-feed"

1
net-analyzer/gvmd/files/greenbone-scapdata-sync.conf
View file

@ -1 +0,0 @@
COMMUNITY_SCAP_RSYNC_FEED="rsync://feed.openvas.org:/scap-data"

11
net-analyzer/gvmd/files/gvmd-9.0.0-disable_scap.patch
View file

@ -1,11 +0,0 @@
--- a/src/manage.c.orig 2019-10-14 19:08:27.000000000 +0800
+++ b/src/manage.c 2019-10-30 10:38:56.089939734 +0800
@@ -6832,7 +6832,7 @@
int (*fork_update_nvt_cache) ())
{
manage_sync_nvts (fork_update_nvt_cache);
- manage_sync_scap (sigmask_current);
+ /* manage_sync_scap (sigmask_current); */
manage_sync_cert (sigmask_current);
}

11
net-analyzer/gvmd/files/gvmd-9.0.0-git.patch
View file

@ -1,11 +0,0 @@
--- a/src/gvmd.c.orig 2019-10-11 22:55:25.000000000 +0800
+++ b/src/gvmd.c 2019-10-12 11:04:55.689484481 +0800
@@ -104,7 +104,7 @@
#include "gmpd.h"
#include "utils.h"
-#ifdef GIT_REV_AVAILABLE
+#ifdef GIT_REVISION
#include "gitrevision.h"
#endif

11
net-analyzer/gvmd/files/gvmd-9.0.0-sbin.patch
View file

@ -1,11 +0,0 @@
--- a/src/CMakeLists.txt.orig 2019-10-12 10:38:59.892498660 +0800
+++ b/src/CMakeLists.txt 2019-10-12 10:39:10.105498567 +0800
@@ -315,7 +315,7 @@
## Install
install (TARGETS gvmd
- RUNTIME DESTINATION ${SBINDIR}
+ RUNTIME DESTINATION ${BINDIR}
LIBRARY DESTINATION ${LIBDIR}
ARCHIVE DESTINATION ${LIBDIR}/static)

34
net-analyzer/gvmd/files/gvmd-9.0.0-tmplock.patch
View file

@ -1,34 +0,0 @@
--- a/tools/greenbone-certdata-sync.in 2019-07-17 17:11:52.000000000 +0300
+++ b/tools/greenbone-certdata-sync.in 2019-07-22 21:11:36.173099530 +0300
@@ -494,13 +494,11 @@
fi
(
flock -n 9
- date > $LOCK_FILE
if [ $? -eq 1 ] ; then
log_notice "Sync in progress, exiting."
exit 1
fi
sync_certdata
- echo -n > $LOCK_FILE
-) 9>$LOCK_FILE
+)
exit 0
--- a/tools/greenbone-scapdata-sync.in 2019-07-17 17:11:52.000000000 +0300
+++ b/tools/greenbone-scapdata-sync.in 2019-07-22 21:12:49.193161531 +0300
@@ -517,13 +517,11 @@
fi
(
flock -n 9
- date > $LOCK_FILE
if [ $? -eq 1 ] ; then
log_notice "Sync in progress, exiting."
exit 1
fi
sync_scapdata
- echo -n > $LOCK_FILE
-) 9>$LOCK_FILE
+)
exit 0

28
net-analyzer/gvmd/files/gvmd-daemon9.conf
View file

@ -1,28 +0,0 @@
# GVMD command args
# e.g --foreground
GVMD_OPTIONS=""
# Manager listen address unix socket
GVMD_LISTEN_ADDRESS_UNIX="--unix-socket=/tmp/gvmd.sock"
# Manager listen address TCP
GVMD_LISTEN_ADDRESS_TCP="--listen=127.0.0.1"
# Manager listen port
GVMD_PORT="--port=9390"
# Manager unix socket listen owner
GVMD_LISTEN_OWNER="--listen-owner=gvm"
# Manager unix socket listen group
GVMD_LISTEN_GROUP="--listen-group=gvm"
# Manager unix socket listen mode
GVMD_LISTEN_MODE="--listen-mode=755"
# Scanner listen address unix socket
GVMD_SCANNER_HOST="--scanner-host=/tmp/ospd.sock"
# TLS settings
GVMD_GNUTLS_PRIORITIES="--gnutls-priorities=SECURE256:+SUITEB192:+SECURE192:+SECURE128:+SUITEB128:-MD5:-SHA1:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-SSL3.0"

5
net-analyzer/gvmd/files/gvmd-startpre.sh
View file

@ -1,5 +0,0 @@
#!/bin/sh
# Greenbone Vulnerability Manager Systemd ExecStartPre
touch /var/run/gvm-{checking,create-functions,helping,migrating,serving}
chown -R gvm:gvm /var/run/gvm-{checking,create-functions,helping,migrating,serving}

24
net-analyzer/gvmd/files/gvmd.init9
View file

@ -1,24 +0,0 @@
#!/sbin/openrc-run
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
: ${GVMD_USER:=gvm}
: ${GVMD_GROUP:=gvm}
: ${GVMD_TIMEOUT:=30}
name="Greenbone Vulnerability Manager"
command=/usr/bin/gvmd
command_args="${GVMD_OPTIONS} ${GVMD_LISTEN_ADDRESS_TCP} ${GVMD_PORT} ${GVMD_SCANNER_HOST} ${GVMD_GNUTLS_PRIORITIES}"
command_background="true"
command_user="${GVMD_USER}:${GVMD_GROUP}"
pidfile="/run/gvmd.pid"
retry="${GVMD_TIMEOUT}"
depend() {
after bootmisc
need localmount ospd-openvas postgresql
}
start_pre() {
/bin/bash /etc/gvm/gvmd-startpre.sh
}

13
net-analyzer/gvmd/files/gvmd.logrotate
View file

@ -1,13 +0,0 @@
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
# Daemon ignore HUP so we use 'copytruncate' instead of 'create'
# with safe file size to prevent losing log entries.
/var/log/gvm/gvmd.log {
compress
missingok
notifempty
sharedscripts
copytruncate
maxsize 10M
}

21
net-analyzer/gvmd/files/gvmd.service
View file

@ -1,21 +0,0 @@
[Unit]
Description=Greenbone Vulnerability Manager
After=network.target
After=openvassd.service
Wants=openvassd.service
Before=gsad.service
[Service]
Type=forking
PrivateTmp=yes
User=gvm
Group=gvm
PermissionsStartOnly=true
EnvironmentFile=-/etc/gvm/sysconfig/gvmd-daemon.conf
ExecStartPre=-/etc/gvm/gvmd-startpre.sh
ExecStart=/usr/bin/gvmd $GVMD_OPTIONS $GVMD_LISTEN_ADDRESS_TCP $GVMD_PORT $GVMD_SCANNER_HOST $GVMD_GNUTLS_PRIORITIES
Restart=on-failure
RestartSec=10
[Install]
WantedBy=multi-user.target

124
net-analyzer/gvmd/gvmd-9.0.0-r8.ebuild
View file

@ -1,124 +0,0 @@
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
CMAKE_MAKEFILE_GENERATOR="emake"
inherit cmake-utils flag-o-matic systemd toolchain-funcs
DESCRIPTION="Greenbone vulnerability manager, previously named openvas-manager"
HOMEPAGE="https://www.greenbone.net/en/"
SRC_URI="https://github.com/greenbone/gvmd/archive/v${PV}.tar.gz -> ${P}.tar.gz"
SLOT="0"
LICENSE="GPL-2+"
KEYWORDS="~amd64 ~x86"
IUSE="extras"
DEPEND="dev-libs/libgcrypt:0=
dev-libs/libical
>=net-analyzer/gvm-libs-11.0.0
net-libs/gnutls:=[tools]
dev-db/postgresql:*[uuid]
extras? ( app-text/xmlstarlet
dev-texlive/texlive-latexextra
)"
RDEPEND="
${DEPEND}
!net-analyzer/openvas-manager
>=net-analyzer/openvas-scanner-7.0.0
!~net-analyzer/openvas-9.0.0"
BDEPEND="
sys-devel/bison
sys-devel/flex
virtual/pkgconfig
extras? ( app-doc/doxygen[dot]
app-doc/xmltoman
app-text/htmldoc
dev-libs/libxslt
)"
PATCHES=(
# Install exec. to /usr/bin instead of /usr/sbin
"${FILESDIR}/${P}-sbin.patch"
# Fix permissions for user gvm.
"${FILESDIR}/${P}-tmplock.patch"
#https://github.com/greenbone/gsa/issues/1258
"${FILESDIR}/${P}-git.patch"
)
src_prepare() {
# sed -i -e "s|/tmp/ospd.sock|/var/run/ospd/ospd.sock|g" "$S"/src/manage_sql.c || die
cmake-utils_src_prepare
# QA-Fix | Use correct FHS/Gentoo policy paths for 8.0.1
sed -i -e "s*share/doc/gvm/html/*share/doc/gvmd-${PV}/html/*g" "$S"/doc/CMakeLists.txt || die
sed -i -e "s*/doc/gvm/*/doc/gvmd-${PV}/*g" "$S"/CMakeLists.txt || die
# QA-Fix | Remove !CLANG Doxygen warnings for 8.0.1
if use extras; then
if ! tc-is-clang; then
local f
for f in doc/*.in
do
sed -i \
-e "s*CLANG_ASSISTED_PARSING = NO*#CLANG_ASSISTED_PARSING = NO*g" \
-e "s*CLANG_OPTIONS*#CLANG_OPTIONS*g" \
"${f}" || die "couldn't disable CLANG parsing"
done
fi
fi
}
src_configure() {
local mycmakeargs=(
"-DCMAKE_INSTALL_PREFIX=${EPREFIX}/usr"
"-DLOCALSTATEDIR=${EPREFIX}/var"
"-DSYSCONFDIR=${EPREFIX}/etc"
"-DLIBDIR=${EPREFIX}/usr/$(get_libdir)"
)
# Add release hardening flags for 8.0.1
append-cflags -Wno-nonnull -Wformat -Wformat-security -D_FORTIFY_SOURCE=2 -fstack-protector
append-ldflags -Wl,-z,relro -Wl,-z,now
cmake-utils_src_configure
}
src_compile() {
cmake-utils_src_compile
if use extras; then
cmake-utils_src_make -C "${BUILD_DIR}" doc
cmake-utils_src_make doc-full -C "${BUILD_DIR}" doc
HTML_DOCS=( "${BUILD_DIR}"/doc/generated/html/. )
fi
cmake-utils_src_make rebuild_cache
}
src_install() {
cmake-utils_src_install
dodir /etc/gvm
insinto /etc/gvm
doins -r "${FILESDIR}"/*sync*
dodir /etc/gvm/sysconfig
insinto /etc/gvm/sysconfig
doins "${FILESDIR}/${PN}-daemon9.conf"
exeinto /etc/gvm
doexe "${FILESDIR}"/gvmd-startpre.sh
fowners -R gvm:gvm /etc/gvm
newinitd "${FILESDIR}/${PN}.init9" "${PN}"
newconfd "${FILESDIR}/${PN}-daemon9.conf" "${PN}"
insinto /etc/logrotate.d
newins "${FILESDIR}/${PN}.logrotate" "${PN}"
systemd_dounit "${FILESDIR}/${PN}.service"
# Set proper permissions on required files/directories
keepdir /var/lib/gvm/gvmd
fowners -R gvm:gvm /var/lib/gvm
}

124
net-analyzer/gvmd/gvmd-9.0.1.ebuild
View file

@ -1,124 +0,0 @@
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
CMAKE_MAKEFILE_GENERATOR="emake"
inherit cmake-utils flag-o-matic systemd toolchain-funcs
DESCRIPTION="Greenbone vulnerability manager, previously named openvas-manager"
HOMEPAGE="https://www.greenbone.net/en/"
SRC_URI="https://github.com/greenbone/gvmd/archive/v${PV}.tar.gz -> ${P}.tar.gz"
SLOT="0"
LICENSE="GPL-2+"
KEYWORDS="~amd64 ~x86"
IUSE="extras"
DEPEND="dev-libs/libgcrypt:0=
dev-libs/libical
>=net-analyzer/gvm-libs-11.0.0
net-libs/gnutls:=[tools]
dev-db/postgresql:*[uuid]
extras? ( app-text/xmlstarlet
dev-texlive/texlive-latexextra
)"
RDEPEND="
${DEPEND}
!net-analyzer/openvas-manager
>=net-analyzer/openvas-scanner-7.0.0
!~net-analyzer/openvas-9.0.0"
BDEPEND="
sys-devel/bison
sys-devel/flex
virtual/pkgconfig
extras? ( app-doc/doxygen[dot]
app-doc/xmltoman
app-text/htmldoc
dev-libs/libxslt
)"
PATCHES=(
# Install exec. to /usr/bin instead of /usr/sbin
"${FILESDIR}/${PN}-9.0.0-sbin.patch"
# Fix permissions for user gvm.
"${FILESDIR}/${PN}-9.0.0-tmplock.patch"
#https://github.com/greenbone/gsa/issues/1258
# "${FILESDIR}/${P}-git.patch"
)
src_prepare() {
# sed -i -e "s|/tmp/ospd.sock|/var/run/ospd/ospd.sock|g" "$S"/src/manage_sql.c || die
cmake-utils_src_prepare
# QA-Fix | Use correct FHS/Gentoo policy paths for 8.0.1
sed -i -e "s*share/doc/gvm/html/*share/doc/gvmd-${PV}/html/*g" "$S"/doc/CMakeLists.txt || die
sed -i -e "s*/doc/gvm/*/doc/gvmd-${PV}/*g" "$S"/CMakeLists.txt || die
# QA-Fix | Remove !CLANG Doxygen warnings for 8.0.1
if use extras; then
if ! tc-is-clang; then
local f
for f in doc/*.in
do
sed -i \
-e "s*CLANG_ASSISTED_PARSING = NO*#CLANG_ASSISTED_PARSING = NO*g" \
-e "s*CLANG_OPTIONS*#CLANG_OPTIONS*g" \
"${f}" || die "couldn't disable CLANG parsing"
done
fi
fi
}
src_configure() {
local mycmakeargs=(
"-DCMAKE_INSTALL_PREFIX=${EPREFIX}/usr"
"-DLOCALSTATEDIR=${EPREFIX}/var"
"-DSYSCONFDIR=${EPREFIX}/etc"
"-DLIBDIR=${EPREFIX}/usr/$(get_libdir)"
)
# Add release hardening flags for 8.0.1
append-cflags -Wno-nonnull -Wformat -Wformat-security -D_FORTIFY_SOURCE=2 -fstack-protector
append-ldflags -Wl,-z,relro -Wl,-z,now
cmake-utils_src_configure
}
src_compile() {
cmake-utils_src_compile
if use extras; then
cmake-utils_src_make -C "${BUILD_DIR}" doc
cmake-utils_src_make doc-full -C "${BUILD_DIR}" doc
HTML_DOCS=( "${BUILD_DIR}"/doc/generated/html/. )
fi
cmake-utils_src_make rebuild_cache
}
src_install() {
cmake-utils_src_install
dodir /etc/gvm
insinto /etc/gvm
doins -r "${FILESDIR}"/*sync*
dodir /etc/gvm/sysconfig
insinto /etc/gvm/sysconfig
doins "${FILESDIR}/${PN}-daemon9.conf"
exeinto /etc/gvm
doexe "${FILESDIR}"/gvmd-startpre.sh
fowners -R gvm:gvm /etc/gvm
newinitd "${FILESDIR}/${PN}.init9" "${PN}"
newconfd "${FILESDIR}/${PN}-daemon9.conf" "${PN}"
insinto /etc/logrotate.d
newins "${FILESDIR}/${PN}.logrotate" "${PN}"
systemd_dounit "${FILESDIR}/${PN}.service"
# Set proper permissions on required files/directories
keepdir /var/lib/gvm/gvmd
fowners -R gvm:gvm /var/lib/gvm
}

21
net-analyzer/gvmd/metadata.xml
View file

@ -1,21 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="person">
<email>unknown@pentoo.ch</email>
<name>Author Unknown</name>
</maintainer>
<use>
<flag name="extras">Html docs support</flag>
</use>
<longdescription lang="en">
The Greenbone Vulnerability Manager is the central management service between security scanners and the user clients.
It manages the storage of any vulnerability management configurations and of the scan results.
Access to data, control commands and workflows is offered via the XML-based Greenbone Management Protocol (GMP).
The primary scanner OpenVAS Scanner is controlled directly via protocol OTP while any other
remote scanner is coupled with the Open Scanner Protocol (OSP).
</longdescription>
<upstream>
<remote-id type="github">greenbone/gvmd</remote-id>
</upstream>
</pkgmetadata>

2
net-analyzer/openvas-scanner/Manifest
View file

@ -1,2 +0,0 @@
DIST openvas-scanner-7.0.0.tar.gz 428304 BLAKE2B fa0a21127edd2223dbbf533b6c188729a1b6de4977e5667fbc1a45b2c426045cdc73eb58d05df24b8b39d0e47fb445fa704bd1b827bb5ea6403fdb83c6b01fd9 SHA512 ce3e78ce5e1575c5c37b6c2aa77ec8955754029832bafb3fcedd75b48dff309906a97bac052d206f6e93e9e72b8461a131558e849f70b3afce6280a7b06924d1
DIST openvas-scanner-7.0.1.tar.gz 429012 BLAKE2B 13fd0fef2ce88f6789da9f00e8f35329e915ebc74a29b3bd52af93c6b70292d055fa1159aec4041d79a785971a583eb514e8700d1d38a76775446e40af9b2fac SHA512 201ea02b25bf247320437ae5c82bdc95db981cc6bd99fdece9403573434db122cdc8db7b82a08cba34b6d67d5794b2364f798847c79b421495666adc95a02571

1
net-analyzer/openvas-scanner/files/gvm-feed-sync.cron
View file

@ -1 +0,0 @@
0 2 * * * gvm [ -x /etc/gvm/gvm-feed-sync.sh ] && /bin/bash /etc/gvm/gvm-feed-sync.sh > /dev/null

45
net-analyzer/openvas-scanner/files/gvm-feed-sync.sh
View file

@ -1,45 +0,0 @@
#!/bin/sh
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
# GVM cron script that updates feed.
# Start to update FEED & First NVT.
try=0
until [ $try -ge 5 ]; do
greenbone-nvt-sync --curl &>/dev/null && break
try=$[$try+1]
sleep 30
done
# Check status
if [ $? -eq 0 ]; then
# Avoid your IP temporary banned because of multiple connection
sleep 5
# Try to update scapdata.
try=0
until [ $try -ge 5 ]; do
greenbone-scapdata-sync &>/dev/null && break
try=$[$try+1]
sleep 30
done
# Check status
if [ $? -eq 0 ]; then
# Avoid your IP temporary banned because of multiple connection
sleep 5
# Try to update certdata
try=0
until [ $try -ge 5 ]; do
greenbone-certdata-sync &>/dev/null && break
try=$[$try+1]
sleep 30
done
# Check status
if [ $? -eq 0 ]; then
exit 0
else
exit 1
fi
fi
fi

21
net-analyzer/openvas-scanner/files/openvas-scanner-6.0.1-sbin.patch
View file

@ -1,21 +0,0 @@
--- a/src/CMakeLists.txt 2019-07-21 23:16:18.608251465 +0300
+++ b/src/CMakeLists.txt 2019-07-21 23:17:08.434210058 +0300
@@ -175,7 +175,7 @@
## Install
install (TARGETS openvassd
- RUNTIME DESTINATION ${SBINDIR}
+ RUNTIME DESTINATION ${BINDIR}
PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE
GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
@@ -183,7 +183,7 @@
DESTINATION ${OPENVAS_SYSCONF_DIR})
install (FILES ${CMAKE_BINARY_DIR}/tools/greenbone-nvt-sync
- DESTINATION ${SBINDIR}
+ DESTINATION ${BINDIR}
PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE
GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)

9
net-analyzer/openvas-scanner/files/openvas-scanner-daemon.conf
View file

@ -1,9 +0,0 @@
# OpenVAS Scanner command args
# e.g --foreground
OPENVAS_SCANNER_OPTIONS=""
# Scanner listen socket
OPENVAS_SCANNER_LISTEN_SOCKET="--unix-socket=/var/run/openvassd.sock"

25
net-analyzer/openvas-scanner/files/openvas-scanner.init
View file

@ -1,25 +0,0 @@
#!/sbin/openrc-run
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
name="OpenVAS Scanner"
command="/usr/sbin/openvassd"
command_args="${OPENVAS_SCANNER_OPTIONS} ${OPENVAS_SCANNER_LISTEN_SOCKET}"
pidfile="/var/run/openvassd.pid"
command_background="true"
depend() {
after bootmisc
need localmount net redis
}
start_pre() {
checkpath --directory --mode 0775 --quiet /var/cache/openvas
}
create_cache() {
checkpath --directory --mode 0775 --quiet /var/cache/openvas
ebegin "Generating initial Cache"
/usr/sbin/openvassd --foreground --only-cache
eend $?
}

11
net-analyzer/openvas-scanner/files/openvas-scanner.logrotate
View file

@ -1,11 +0,0 @@
# logrotate for openvas scanner
/var/log/openvas/openvassd.messages {
rotate 4
weekly
compress
delaycompress
missingok
postrotate
/bin/kill -HUP `pidof openvassd`
endscript
}

21
net-analyzer/openvas-scanner/files/openvas-scanner.service
View file

@ -1,21 +0,0 @@
[Unit]
Description=OpenVAS Scanner
After=network.target
After=redis.service
Before=gvmd.service
Requires=redis.service
[Service]
Type=forking
EnvironmentFile=-/etc/openvas/sysconfig/openvas-scanner-daemon.conf
ExecStart=/usr/sbin/openvassd $OPENVAS_SCANNER_OPTIONS $OPENVAS_SCANNER_LISTEN_SOCKET
ExecReload=/bin/kill -HUP $MAINPID
Restart=on-failure
RestartSec=10
KillMode=mixed
User=root
Group=root
TimeoutSec=1200
[Install]
WantedBy=multi-user.target

1
net-analyzer/openvas-scanner/files/openvas-scanner.tmpfiles.d
View file

@ -1 +0,0 @@
d /var/cache/openvassd 0775

1
net-analyzer/openvas-scanner/files/openvas.conf
View file

@ -1 +0,0 @@
db_address = /tmp/redis.sock

20
net-analyzer/openvas-scanner/metadata.xml
View file

@ -1,20 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="person">
<email>unknown@pentoo.ch</email>
<name>Author Unknown</name>
</maintainer>
<use>
<flag name="cron">Install a cron job to update GVM's feed daily.</flag>
<flag name="extras">Html docs support</flag>
</use>
<longdescription lang="en">
Open Vulnerability Assessment System (OpenVAS) Scanner is the Greenbone Vulnerability Management (GVM) Solution.
It is used for the Greenbone Security Manager appliances and is a full-featured scan engine that executes a continuously
updated and extended feed of Network Vulnerability Tests (NVTs).
</longdescription>
<upstream>
<remote-id type="github">greenbone/openvas-scanner</remote-id>
</upstream>
</pkgmetadata>

57
net-analyzer/openvas-scanner/openvas-scanner-7.0.0.ebuild
View file

@ -1,57 +0,0 @@
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
inherit cmake-utils
MY_PN="openvas"
DESCRIPTION="Open Vulnerability Assessment Scanner"
HOMEPAGE="https://www.greenbone.net/en/"
SRC_URI="https://github.com/greenbone/openvas/archive/v${PV}.tar.gz -> ${P}.tar.gz"
SLOT="0"
LICENSE="GPL-2 GPL-2+"
KEYWORDS="~amd64 ~x86"
IUSE=""
DEPEND="app-crypt/gpgme:=
dev-db/redis
dev-libs/libgcrypt:=
dev-libs/libksba
>=net-analyzer/gvm-libs-11.0.0
net-analyzer/net-snmp
net-libs/gnutls:=
net-libs/libpcap
net-libs/libssh:="
RDEPEND="${DEPEND}
!net-analyzer/openvas
!net-analyzer/openvas-tools"
BDEPEND="sys-devel/bison
sys-devel/flex
virtual/pkgconfig"
S="${WORKDIR}/${MY_PN}-${PV}"
src_configure() {
local mycmakeargs=(
"-DCMAKE_INSTALL_PREFIX=${EPREFIX}/usr"
"-DLOCALSTATEDIR=${EPREFIX}/var"
"-DSYSCONFDIR=${EPREFIX}/etc"
)
# Add release hardening flags for 6.0.1
# append-cflags -Wno-format-truncation -Wformat -Wformat-security -D_FORTIFY_SOURCE=2 -fstack-protector
# append-ldflags -Wl,-z,relro -Wl,-z,now
cmake-utils_src_configure
}
src_install() {
cmake-utils_src_install
dodir /etc/${MY_PN}
insinto /etc/${MY_PN}
doins "${FILESDIR}/${MY_PN}.conf"
}

57
net-analyzer/openvas-scanner/openvas-scanner-7.0.1.ebuild
View file

@ -1,57 +0,0 @@
# Copyright 1999-2020 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
inherit cmake-utils
MY_PN="openvas"
DESCRIPTION="Open Vulnerability Assessment Scanner"
HOMEPAGE="https://www.greenbone.net/en/"
SRC_URI="https://github.com/greenbone/openvas/archive/v${PV}.tar.gz -> ${P}.tar.gz"
SLOT="0"
LICENSE="GPL-2 GPL-2+"
KEYWORDS="~amd64 ~x86"
IUSE=""
DEPEND="app-crypt/gpgme:=
dev-db/redis
dev-libs/libgcrypt:=
dev-libs/libksba
>=net-analyzer/gvm-libs-11.0.0
net-analyzer/net-snmp
net-libs/gnutls:=
net-libs/libpcap
net-libs/libssh:="
RDEPEND="${DEPEND}
!net-analyzer/openvas
!net-analyzer/openvas-tools"
BDEPEND="sys-devel/bison
sys-devel/flex
virtual/pkgconfig"
S="${WORKDIR}/${MY_PN}-${PV}"
src_configure() {
local mycmakeargs=(
"-DCMAKE_INSTALL_PREFIX=${EPREFIX}/usr"
"-DLOCALSTATEDIR=${EPREFIX}/var"
"-DSYSCONFDIR=${EPREFIX}/etc"
)
# Add release hardening flags for 6.0.1
# append-cflags -Wno-format-truncation -Wformat -Wformat-security -D_FORTIFY_SOURCE=2 -fstack-protector
# append-ldflags -Wl,-z,relro -Wl,-z,now
cmake-utils_src_configure
}
src_install() {
cmake-utils_src_install
dodir /etc/${MY_PN}
insinto /etc/${MY_PN}
doins "${FILESDIR}/${MY_PN}.conf"
}

2
net-analyzer/ospd-openvas/Manifest
View file

@ -1,2 +0,0 @@
DIST ospd-openvas-1.0.0.tar.gz 49725 BLAKE2B 230df2f572f345b9ed398e2af120a2fecee87f9f8d8d3c072ca314960f34f7329fe22b002ba0971ba6dc14cd3ca4543120653f89b3085a0f8a932fbeb6ef2682 SHA512 2b2e4f38843265a018a58b7fbd2fde0449d4f6cf3c5c1b7bec02d8390ab257020304f5be1bf2a77f7d28a04f4d1da611fc9b3066bef370dd686dfb8684fce534
DIST ospd-openvas-1.0.1.tar.gz 50455 BLAKE2B 06a4cdcc2f51351215fffa5517cb2cae620b9b7ffded738d3c63bda11fa8572fe93e0b5fc1c8c9a1bd27cbea65641b0586c329d1d05a022e1fba79c8782d091c SHA512 bdcdb1a8bc08fc27f1a85846ad944b3764a67c153cd75ffa607f69e0c07f223aa0e0965ee081e2398d4d47fc6faf1fd6fad90e6bc724952a0679de783dd2cc87

10
net-analyzer/ospd-openvas/files/ospd-openvas.confd
View file

@ -1,10 +0,0 @@
# OpenVAS Scanner command args
# e.g --foreground
OSPD_OPENVAS_OPTIONS=""
# Scanner listen socket
OSPD_OPENVAS_UNIX_SOCKET="--unix-socket=/tmp/ospd.sock"
# Scanner listen mode
OSPD_OPENVAS_SOCKET_MODE="--socket-mode=0o777"

3
net-analyzer/ospd-openvas/files/ospd-openvas.default
View file

@ -1,3 +0,0 @@
# The installation prefix to find the ospd-openvas binary.
PATH=<install-prefix>/bin:<install-prefix>/sbin:/usr/local/sbin:/usr/local/bin:/usr/bin:/bin:$PATH
PYTHONPATH=<install-prefix>/lib/python3.5/site-packages:$PYTHONPATH

19
net-analyzer/ospd-openvas/files/ospd-openvas.initd
View file

@ -1,19 +0,0 @@
#!/sbin/openrc-run
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
name="remotely control an OpenVAS Scanner"
command="/usr/bin/ospd-openvas"
pidfile="/run/${RC_SVCNAME}.pid"
command_args="${OSPD_OPENVAS_OPTIONS} \
${OSPD_OPENVAS_UNIX_SOCKET} \
${OSPD_OPENVAS_SOCKET_MODE} \
--pid-file ${pidfile} \
--config /etc/openvas/ospd.conf"
depend() {
after bootmisc
need localmount redis
}

21
net-analyzer/ospd-openvas/files/ospd-openvas.service
View file

@ -1,21 +0,0 @@
[Unit]
Description=OSPD OpenVAS
After=network.target networking.service dnsmasq.service redis-server@openvas.service systemd-tmpfiles.service
ConditionKernelCommandLine=!recovery
[Service]
Type=forking
EnvironmentFile=/etc/default/ospd-openvas.default
Environment="PATH=$PATH"
Environment="PYTHONPATH=$PYTHONPATH"
User=<username>
Group=<groupname>
ExecStart=<install-prefix>/bin/ospd-openvas
SuccessExitStatus=SIGKILL
# This works asynchronously, but does not take the daemon down during the reload so it's ok.
Restart=always
RestartSec=60
[Install]
WantedBy=multi-user.target
Alias=ospd-openvas.service

6
net-analyzer/ospd-openvas/files/ospd.conf
View file

@ -1,6 +0,0 @@
[OSPD - openvas]
log_level = DEBUG
socket_mode = 0o777
unix_socket = /tmp/ospd.sock
#log_file = <install-prefix>/var/log/gvm/openvas.log
log_file = /var/log/gvm/ospd-openvas.log

57
net-analyzer/ospd-openvas/files/redis.conf.example
View file

@ -1,57 +0,0 @@
bind 127.0.0.1
protected-mode yes
port 0
tcp-backlog 511
unixsocket /tmp/redis.sock
unixsocketperm 700
timeout 0
tcp-keepalive 300
daemonize no
supervised no
pidfile /run/redis/redis.pid
loglevel notice
logfile /var/log/redis/redis.log
databases 16
always-show-logo yes
stop-writes-on-bgsave-error yes
rdbcompression yes
rdbchecksum yes
dbfilename dump.rdb
dir /var/lib/redis/
slave-serve-stale-data yes
slave-read-only yes
repl-diskless-sync no
repl-diskless-sync-delay 5
repl-disable-tcp-nodelay no
slave-priority 100
lazyfree-lazy-eviction no
lazyfree-lazy-expire no
lazyfree-lazy-server-del no
slave-lazy-flush no
appendonly no
appendfilename "appendonly.aof"
appendfsync everysec
no-appendfsync-on-rewrite no
auto-aof-rewrite-percentage 100
auto-aof-rewrite-min-size 64mb
aof-load-truncated yes
aof-use-rdb-preamble no
lua-time-limit 5000
slowlog-log-slower-than 10000
slowlog-max-len 128
latency-monitor-threshold 0
notify-keyspace-events ""
hash-max-ziplist-entries 512
hash-max-ziplist-value 64
list-max-ziplist-size -2
list-compress-depth 0
set-max-intset-entries 512
zset-max-ziplist-entries 128
zset-max-ziplist-value 64
hll-sparse-max-bytes 3000
activerehashing yes
client-output-buffer-limit normal 0 0 0
client-output-buffer-limit slave 256mb 64mb 60
client-output-buffer-limit pubsub 32mb 8mb 60
hz 10
aof-rewrite-incremental-fsync yes

38
net-analyzer/ospd-openvas/ospd-openvas-1.0.0.ebuild
View file

@ -1,38 +0,0 @@
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
PYTHON_COMPAT=( python3_{5,6,7} )
inherit distutils-r1
DESCRIPTION="OSP server implementation to allow GVM to remotely control an OpenVAS Scanner"
HOMEPAGE="https://www.greenbone.net/en/"
SRC_URI="https://github.com/greenbone/ospd-openvas/archive/v${PV}.tar.gz -> ${P}.tar.gz"
SLOT="0"
LICENSE="MIT"
KEYWORDS="~amd64 ~x86"
IUSE=""
RDEPEND="
>=net-analyzer/ospd-2.0
>=dev-python/redis-py-3.0.1[${PYTHON_USEDEP}]
dev-python/psutil"
DEPEND="
${RDEPEND}"
python_install() {
distutils-r1_python_install
dodir /etc/openvas
insinto /etc/openvas
doins "${FILESDIR}"/redis.conf.example
doins "${FILESDIR}/ospd.conf"
newinitd "${FILESDIR}/${PN}.initd" "${PN}"
newconfd "${FILESDIR}/${PN}.confd" "${PN}"
}

39
net-analyzer/ospd-openvas/ospd-openvas-1.0.1.ebuild
View file

@ -1,39 +0,0 @@
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
DISTUTILS_USE_SETUPTOOLS=rdepend
PYTHON_COMPAT=( python3_{5,6,7} )
inherit distutils-r1
DESCRIPTION="OSP server implementation to allow GVM to remotely control an OpenVAS Scanner"
HOMEPAGE="https://www.greenbone.net/en/"
SRC_URI="https://github.com/greenbone/ospd-openvas/archive/v${PV}.tar.gz -> ${P}.tar.gz"
SLOT="0"
LICENSE="MIT"
KEYWORDS="~amd64 ~x86"
IUSE=""
RDEPEND="
>=net-analyzer/ospd-2.0
>=dev-python/redis-py-3.0.1[${PYTHON_USEDEP}]
dev-python/psutil[${PYTHON_USEDEP}]
dev-python/packaging[${PYTHON_USEDEP}]"
DEPEND="
${RDEPEND}"
python_install() {
distutils-r1_python_install
dodir /etc/openvas
insinto /etc/openvas
doins "${FILESDIR}"/redis.conf.example
doins "${FILESDIR}/ospd.conf"
newinitd "${FILESDIR}/${PN}.initd" "${PN}"
newconfd "${FILESDIR}/${PN}.confd" "${PN}"
}

2
net-analyzer/ospd/Manifest
View file

@ -1,2 +0,0 @@
DIST ospd-2.0.0.tar.gz 81645 BLAKE2B 4c0c7af3caf274ea9e6a43790eb1e9d386ce42d9976e5e9625b49ffe12d8db2e613109458dcc59f322bc00aee39a4a89045caf302182474d1fab4ca1c4ff1bcf SHA512 971b4b57c39844ef08a0ae56d4bf87f0440c993960b5ad37516c622ad41eb2ab30fabb9d0a05fd043a9a1d98e446eaab9d5018cc1607fd711c533475f4703012
DIST ospd-2.0.1.tar.gz 87313 BLAKE2B cf527742246ceb5acaf69900d48f1800ef98153026fa6aae2661e4a3aafad6f69221fa7c7f34a222a0972cf5550a9543696b1e7a4368ef050574ca08f72f0978 SHA512 4aed0e1a22ea6c0db26977e7b0bde9c9c37890422f3480ad83ef23ad193b7ae3dd7352872c4fe377808d2a398317a4c1d38d7ab2ef5a0266c544e0ef55a0365a

53
net-analyzer/ospd/files/8f359bb07901a18609974d5f3e587b8fe8c36177.patch
View file

@ -1,53 +0,0 @@
From 8f359bb07901a18609974d5f3e587b8fe8c36177 Mon Sep 17 00:00:00 2001
From: Juan Jose Nicola <juan.nicola@greenbone.net>
Date: Wed, 16 Oct 2019 11:45:30 +0200
Subject: [PATCH] Fix set permission on unix socket. It was trying to set the
permissions on the unix socket before creating it.
---
CHANGELOG.md | 7 +++++++
ospd/server.py | 6 +++---
2 files changed, 10 insertions(+), 3 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 56cb80f..0f173cb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,13 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
+## [2.0.1] (unreleased)
+
+### Fixed
+- Fix set permission in unix socket. [#157](https://github.com/greenbone/ospd/pull/157)
+
+[2.0.1]: https://github.com/greenbone/ospd/compare/v2.0.0...ospd-2.0
+
## [2.0.0] (2019-10-11)
### Added
diff --git a/ospd/server.py b/ospd/server.py
index 5523de3..9356abf 100644
--- a/ospd/server.py
+++ b/ospd/server.py
@@ -202,9 +202,6 @@ def start(self, stream_callback: StreamCallbackType):
self._cleanup_socket()
self._create_parent_dirs()
- if self.socket_path.exists():
- os.chmod(str(self.socket_path), self.socket_mode)
-
try:
self.stream_callback = stream_callback
self.server = ThreadedUnixSocketServer(self, str(self.socket_path))
@@ -217,6 +214,9 @@ def start(self, stream_callback: StreamCallbackType):
)
)
+ if self.socket_path.exists():
+ self.socket_path.chmod(self.socket_mode)
+
def close(self):
super().close()
self._cleanup_socket()

21
net-analyzer/ospd/metadata.xml
View file

@ -1,21 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="person">
<email>unknown@pentoo.ch</email>
<name>Author Unknown</name>
</maintainer>
<use>
<flag name="extras">Html docs support</flag>
</use>
<longdescription lang="en">
OSPD is a base class for scanner wrappers which share the same communication protocol:
OSP (Open Scanner Protocol). OSP creates a unified interface for different security scanners
and makes their control flow and scan results consistently available under the central
Greenbone Vulnerability Manager service.
</longdescription>
<upstream>
<remote-id type="github">greenbone/ospd</remote-id>
</upstream>
</pkgmetadata>

33
net-analyzer/ospd/ospd-2.0.0-r1.ebuild
View file

@ -1,33 +0,0 @@
# Copyright 1999-2020 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
PYTHON_COMPAT=( python3_{5,6,7} )
inherit distutils-r1
DESCRIPTION="Base class for scanner wrappers,communication protocol for GVM"
HOMEPAGE="https://www.greenbone.net/en/"
SRC_URI="https://github.com/greenbone/ospd/archive/v${PV}.tar.gz -> ${P}.tar.gz"
SLOT="0"
LICENSE="GPL-2+"
KEYWORDS="~amd64 ~x86"
IUSE="extras"
RDEPEND="dev-python/defusedxml[${PYTHON_USEDEP}]
dev-python/lxml[${PYTHON_USEDEP}]
dev-python/paramiko[${PYTHON_USEDEP}]"
DEPEND="${RDEPEND}
dev-python/setuptools[${PYTHON_USEDEP}]"
PATCHES=( "${FILESDIR}/"8f359bb07901a18609974d5f3e587b8fe8c36177.patch )
python_compile() {
if use extras; then
bash "${S}"/doc/generate || die
HTML_DOCS=( "${S}"/doc/. )
fi
distutils-r1_python_compile
}

35
net-analyzer/ospd/ospd-2.0.1.ebuild
View file

@ -1,35 +0,0 @@
# Copyright 1999-2020 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
DISTUTILS_USE_SETUPTOOLS=rdepend
PYTHON_COMPAT=( python3_{6,7,8} )
inherit distutils-r1
DESCRIPTION="Base class for scanner wrappers,communication protocol for GVM"
HOMEPAGE="https://www.greenbone.net/en/"
SRC_URI="https://github.com/greenbone/ospd/archive/v${PV}.tar.gz -> ${P}.tar.gz"
SLOT="0"
LICENSE="GPL-2+"
KEYWORDS="~amd64 ~x86"
IUSE="docs"
RDEPEND="dev-python/paramiko[${PYTHON_USEDEP}]
dev-python/defusedxml[${PYTHON_USEDEP}]
dev-python/lxml[${PYTHON_USEDEP}]
dev-python/psutil[${PYTHON_USEDEP}]"
DEPEND="${RDEPEND}
dev-python/setuptools[${PYTHON_USEDEP}]"
#PATCHES=( "${FILESDIR}/"8f359bb07901a18609974d5f3e587b8fe8c36177.patch )
python_compile() {
if use docs; then
bash "${S}"/doc/generate || die
HTML_DOCS=( "${S}"/doc/. )
fi
distutils-r1_python_compile
}