svn commit: r447445 - in head/security: greenbone-security-assistant8 greenbone-security-assistant8/files greenbone-security-assistant9 greenbone-security-assistant9/files openvas8-manager openvas8...
Jose Alonso Cardenas Marquez
acm at FreeBSD.org
Sun Aug 6 06:49:46 UTC 2017
Author: acm
Date: Sun Aug 6 06:49:42 2017
New Revision: 447445
URL: https://svnweb.freebsd.org/changeset/ports/447445
Log:
- security/openvas[89]-manager: Add PGSQL support
- security/greenbone-security-assistant[89]: Improve rc scripts
- security/openvas8-manager: Fix openvas-*-sync scripts
- security/openvas9-manager: Fix greenbone-*-sync scripts
- Add flags option to rc scripts
- Bump PORTREVISION
Added:
head/security/openvas8-manager/files/patch-src-sql_pg.c (contents, props changed)
head/security/openvas9-manager/files/patch-src-sql_pg.c (contents, props changed)
Modified:
head/security/greenbone-security-assistant8/Makefile
head/security/greenbone-security-assistant8/files/gsad.in
head/security/greenbone-security-assistant8/pkg-plist
head/security/greenbone-security-assistant9/files/gsad.in
head/security/greenbone-security-assistant9/pkg-plist
head/security/openvas8-manager/Makefile
head/security/openvas8-manager/files/patch-CMakeLists.txt
head/security/openvas8-manager/files/patch-src-CMakeLists.txt
head/security/openvas8-manager/files/patch-src-manage_sql.c
head/security/openvas8-manager/files/patch-tools+greenbone-scapdata-sync.in
head/security/openvas8-manager/files/patch-tools+openvas-scapdata-sync.in
head/security/openvas8-manager/pkg-plist
head/security/openvas8-scanner/Makefile
head/security/openvas8-scanner/files/openvassd.in
head/security/openvas9-manager/files/openvasmd.in
head/security/openvas9-manager/files/patch-src-manage_sql.c
head/security/openvas9-manager/files/patch-tools+greenbone-scapdata-sync.in
head/security/openvas9-manager/pkg-plist
Modified: head/security/greenbone-security-assistant8/Makefile
==============================================================================
--- head/security/greenbone-security-assistant8/Makefile Sun Aug 6 06:24:31 2017 (r447444)
+++ head/security/greenbone-security-assistant8/Makefile Sun Aug 6 06:49:42 2017 (r447445)
@@ -2,6 +2,7 @@
PORTNAME?= greenbone-security-assistant8
PORTVERSION?= 6.0.12
+PORTREVISION= 1
CATEGORIES= security
MASTER_SITES?= http://wald.intevation.org/frs/download.php/2442/
DISTNAME= ${PORTNAME:S/${OPENVAS_VER}//}-${PORTVERSION}
@@ -23,7 +24,11 @@ CONFLICTS?= ${PORTNAME:S/${OPENVAS_VER}/9/}-*
USES= cmake:outsource gettext gnome pkgconfig
USE_GNOME= glib20 libxml2 libxslt
USE_RC_SUBR= gsad
+ETCDIR= ${PREFIX}/etc/openvas
OPENVAS_VER?= 8
+
+post-install:
+ ${MV} ${STAGEDIR}${ETCDIR}/gsad_log.conf ${STAGEDIR}${ETCDIR}/gsad_log.conf.sample
.include <bsd.port.mk>
Modified: head/security/greenbone-security-assistant8/files/gsad.in
==============================================================================
--- head/security/greenbone-security-assistant8/files/gsad.in Sun Aug 6 06:24:31 2017 (r447444)
+++ head/security/greenbone-security-assistant8/files/gsad.in Sun Aug 6 06:49:42 2017 (r447445)
@@ -8,17 +8,20 @@
#
# Add the following to /etc/rc.conf[.local] to enable this service
#
-# gsad_enable="YES"
+# gsad_enable (bool): Set to NO by default.
+# Set it to YES to enable gsad.
+# gsad_flags (params): Set params used to start gsad.
#
. /etc/rc.subr
name=gsad
-rcvar=gsad_enable
+rcvar=${name}_enable
command="%%PREFIX%%/sbin/gsad"
pidfile=/var/run/gsad.pid
-: ${gsad_enable=NO}
+: ${gsad_enable="NO"}
+: ${gsad_flags="--listen=127.0.0.1 --port=8080 --http-only"}
load_rc_config $name
run_rc_command "$1"
Modified: head/security/greenbone-security-assistant8/pkg-plist
==============================================================================
--- head/security/greenbone-security-assistant8/pkg-plist Sun Aug 6 06:24:31 2017 (r447444)
+++ head/security/greenbone-security-assistant8/pkg-plist Sun Aug 6 06:49:42 2017 (r447445)
@@ -1,4 +1,4 @@
-etc/openvas/gsad_log.conf
+ at sample etc/openvas/gsad_log.conf.sample
man/man8/gsad.8.gz
sbin/gsad
share/locale/de/LC_MESSAGES/gsad_xsl.mo
Modified: head/security/greenbone-security-assistant9/files/gsad.in
==============================================================================
--- head/security/greenbone-security-assistant9/files/gsad.in Sun Aug 6 06:24:31 2017 (r447444)
+++ head/security/greenbone-security-assistant9/files/gsad.in Sun Aug 6 06:49:42 2017 (r447445)
@@ -8,17 +8,20 @@
#
# Add the following to /etc/rc.conf[.local] to enable this service
#
-# gsad_enable="YES"
+# gsad_enable (bool): Set to NO by default.
+# Set it to YES to enable gsad.
+# gsad_flags (params): Set params used to start gsad.
#
. /etc/rc.subr
name=gsad
-rcvar=gsad_enable
+rcvar=${name}_enable
command="%%PREFIX%%/sbin/gsad"
pidfile=/var/run/gsad.pid
-: ${gsad_enable=NO}
+: ${gsad_enable="NO"}
+: ${gsad_flags="--listen=127.0.0.1 --port=8080 --http-only"}
load_rc_config $name
run_rc_command "$1"
Modified: head/security/greenbone-security-assistant9/pkg-plist
==============================================================================
--- head/security/greenbone-security-assistant9/pkg-plist Sun Aug 6 06:24:31 2017 (r447444)
+++ head/security/greenbone-security-assistant9/pkg-plist Sun Aug 6 06:49:42 2017 (r447445)
@@ -1,5 +1,4 @@
-etc/openvas/gsad_log.conf
-etc/rc.d/gsad
+ at sample etc/openvas/gsad_log.conf.sample
man/man8/gsad.8.gz
sbin/gsad
share/openvas/gsa/classic/cpe-icons.xml
Modified: head/security/openvas8-manager/Makefile
==============================================================================
--- head/security/openvas8-manager/Makefile Sun Aug 6 06:24:31 2017 (r447444)
+++ head/security/openvas8-manager/Makefile Sun Aug 6 06:49:42 2017 (r447445)
@@ -2,6 +2,7 @@
PORTNAME?= openvas8-manager
PORTVERSION?= 6.0.11
+PORTREVISION= 1
CATEGORIES= security
MASTER_SITES?= http://wald.intevation.org/frs/download.php/2445/
DISTNAME= ${PORTNAME:S/${OPENVAS_VER}//}-${PORTVERSION}
@@ -13,27 +14,43 @@ COMMENT?= OpenVAS 8 manager
LICENSE= GPLv2+
LICENSE_FILE= ${WRKSRC}/COPYING
+BUILD_DEPENDS= p5-SQL-Translator>=0:databases/p5-SQL-Translator
LIB_DEPENDS= libgnutls.so:security/gnutls \
libgpgme.so:security/gpgme \
libgcrypt.so:security/libgcrypt \
libopenvas_base.so:security/openvas${OPENVAS_VER}-libraries
+RUN_DEPENDS:= ${BUILD_DEPENDS}
CONFLICTS?= ${PORTNAME:S/${OPENVAS_VER}/9/}-*
-USES= cmake:outsource execinfo gnome pkgconfig sqlite
-USE_GNOME= glib20
+USES= cmake:outsource execinfo gnome pkgconfig
+USE_GNOME= glib20 libxslt:run
+PGSQL_USES= pgsql
+SQLITE3_USES= sqlite
+PGSQL_CMAKE_ON+=-DBACKEND:STRING="POSTGRESQL"
+SQLITE3_CMAKE_ON+=-DBACKEND:STRING="SQLITE3"
USE_RC_SUBR= openvasmd
DOCSDIR= ${PREFIX}/share/doc/${PORTNAME:S/${OPENVAS_VER}//}
+ETCDIR= ${PREFIX}/etc/openvas
REINPLACE_ARGS= -i ''
OPENVAS_VER?= 8
OPTIONS_DEFINE= DOCS
+OPTIONS_DEFAULT=DOCS SQLITE3
+OPTIONS_SUB= yes
+OPTIONS_SINGLE_DATABASE=SQLITE3 PGSQL
+OPTIONS_SINGLE= DATABASE
+DATABASE_DESC= Database support
post-patch:
@${REINPLACE_CMD} -e '1d' ${WRKSRC}/tools/extra/xml_split
+ @${REINPLACE_CMD} -e 's|OPENVAS_STATE_DIR|OPENVAS_LIB_INSTALL_DIR|g' ${WRKSRC}/src/manage_pg.c
post-install:
${INSTALL_DATA} ${WRKSRC}/INSTALL ${STAGEDIR}${DOCSDIR}
+ ${INSTALL_DATA} ${WRKSRC}/doc/postgres-HOWTO ${STAGEDIR}${DOCSDIR}
+ ${MV} ${STAGEDIR}${ETCDIR}/openvasmd_log.conf ${STAGEDIR}${ETCDIR}/openvasmd_log.conf.sample
+ ${MV} ${STAGEDIR}${ETCDIR}/pwpolicy.conf ${STAGEDIR}${ETCDIR}/pwpolicy.conf.sample
.include <bsd.port.mk>
Modified: head/security/openvas8-manager/files/patch-CMakeLists.txt
==============================================================================
--- head/security/openvas8-manager/files/patch-CMakeLists.txt Sun Aug 6 06:24:31 2017 (r447444)
+++ head/security/openvas8-manager/files/patch-CMakeLists.txt Sun Aug 6 06:49:42 2017 (r447445)
@@ -1,6 +1,6 @@
---- CMakeLists.txt.orig 2015-12-21 09:42:05 UTC
-+++ CMakeLists.txt
-@@ -153,7 +153,7 @@ if (NOT LIBDIR)
+--- CMakeLists.txt 2017-06-21 05:04:50.000000000 -0500
++++ CMakeLists.txt 2017-08-04 00:45:04.904399000 -0500
+@@ -153,7 +153,7 @@
endif (NOT LIBDIR)
if (NOT LOCALSTATEDIR)
@@ -9,7 +9,16 @@
endif (NOT LOCALSTATEDIR)
if (NOT DATADIR)
-@@ -284,7 +284,7 @@ configure_file (tools/openvas-migrate-to
+@@ -196,6 +196,8 @@
+
+ set (OPENVAS_NVT_DIR "${OPENVAS_STATE_DIR}/plugins/")
+
++set (OPENVAS_LIB_INSTALL_DIR "${LIBDIR}")
++
+ message ("-- Install prefix: ${CMAKE_INSTALL_PREFIX}")
+
+ ## Dependency checks
+@@ -284,7 +286,7 @@
## Program
Modified: head/security/openvas8-manager/files/patch-src-CMakeLists.txt
==============================================================================
--- head/security/openvas8-manager/files/patch-src-CMakeLists.txt Sun Aug 6 06:24:31 2017 (r447444)
+++ head/security/openvas8-manager/files/patch-src-CMakeLists.txt Sun Aug 6 06:49:42 2017 (r447445)
@@ -1,6 +1,6 @@
---- src/CMakeLists.txt.orig 2015-12-08 07:09:32 UTC
-+++ src/CMakeLists.txt
-@@ -66,7 +66,7 @@ add_library (otp STATIC otp.c)
+--- src/CMakeLists.txt 2015-12-08 02:09:32.000000000 -0500
++++ src/CMakeLists.txt 2017-08-04 00:48:57.665021000 -0500
+@@ -66,7 +66,7 @@
## Program
add_executable (openvasmd openvasmd.c ompd.c)
@@ -9,3 +9,12 @@
set_target_properties (openvasmd PROPERTIES LINKER_LANGUAGE C)
+@@ -159,7 +159,7 @@
+
+ if (BACKEND STREQUAL POSTGRESQL)
+ install (TARGETS manage-pg-server
+- LIBRARY DESTINATION "${OPENVAS_STATE_DIR}/openvasmd/pg/")
++ LIBRARY DESTINATION "${OPENVAS_LIB_INSTALL_DIR}/openvasmd/pg/")
+ endif (BACKEND STREQUAL POSTGRESQL)
+
+ ## Static analysis
Modified: head/security/openvas8-manager/files/patch-src-manage_sql.c
==============================================================================
--- head/security/openvas8-manager/files/patch-src-manage_sql.c Sun Aug 6 06:24:31 2017 (r447444)
+++ head/security/openvas8-manager/files/patch-src-manage_sql.c Sun Aug 6 06:49:42 2017 (r447445)
@@ -1,5 +1,5 @@
---- src/manage_sql.c.orig 2016-02-26 13:38:52 UTC
-+++ src/manage_sql.c
+--- src/manage_sql.c 2017-06-19 08:14:58.000000000 -0500
++++ src/manage_sql.c 2017-08-05 19:47:05.407323000 -0500
@@ -58,6 +58,7 @@
#include <unistd.h>
#include <sys/time.h>
@@ -8,7 +8,7 @@
#include <openvas/base/openvas_string.h>
#include <openvas/base/openvas_file.h>
-@@ -940,7 +941,7 @@ iso_time_internal (time_t *epoch_time, c
+@@ -950,7 +951,7 @@
static char time_string[100];
tm = localtime (epoch_time);
@@ -17,7 +17,34 @@
{
if (strftime (time_string, 98, "%FT%TZ", tm) == 0)
return NULL;
-@@ -42378,12 +42379,12 @@ modify_schedule (const char *schedule_id
+@@ -24386,7 +24387,7 @@
+ {
+ return sql_int ("SELECT count (DISTINCT port) FROM results"
+ " WHERE report = %llu AND port != ''"
+- " AND port NOT LIKE 'general/%';",
++ " AND port NOT LIKE 'general/%%';",
+ report);
+ }
+
+@@ -24401,7 +24402,7 @@
+ {
+ return sql_int ("SELECT count (DISTINCT port) FROM results"
+ " WHERE report = %llu AND host = '%s'"
+- " AND port NOT LIKE 'general/%';",
++ " AND port NOT LIKE 'general/%%';",
+ report,
+ host);
+ }
+@@ -33237,7 +33238,7 @@
+ " WHERE config_preferences.config = %llu"
+ " AND config_preferences.type = '%s'"
+ " AND (config_preferences.name = nvt_preferences.name"
+- " OR config_preferences.name LIKE 'timeout.%')"
++ " OR config_preferences.name LIKE 'timeout.%%')"
+ " AND config_preferences.name != 'max_checks'"
+ " AND config_preferences.name != 'max_hosts'"
+ " UNION"
+@@ -43502,12 +43503,12 @@
if (duration == -1)
duration_string = NULL;
else
@@ -32,7 +59,7 @@
if ((period_months == -1) || (period_months == 0))
{
-@@ -42395,12 +42396,12 @@ modify_schedule (const char *schedule_id
+@@ -43519,12 +43520,12 @@
else
{
period_months_string = g_strdup ("0");
Added: head/security/openvas8-manager/files/patch-src-sql_pg.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/openvas8-manager/files/patch-src-sql_pg.c Sun Aug 6 06:49:42 2017 (r447445)
@@ -0,0 +1,17 @@
+--- src/sql_pg.c 2017-08-04 00:41:59.376627000 -0500
++++ src/sql_pg.c 2017-08-04 00:42:16.863937000 -0500
+@@ -27,12 +27,12 @@
+ #include "tracef.h"
+
+ #include <assert.h>
+-#include <endian.h>
++#include <sys/endian.h>
+ #include <arpa/inet.h>
+ #include <glib.h>
+ #include <inttypes.h>
+ #include <netinet/in.h>
+-#include <postgresql/libpq-fe.h>
++#include <libpq-fe.h>
+ #include <string.h>
+
+ #include <openvas/base/array.h>
Modified: head/security/openvas8-manager/files/patch-tools+greenbone-scapdata-sync.in
==============================================================================
--- head/security/openvas8-manager/files/patch-tools+greenbone-scapdata-sync.in Sun Aug 6 06:24:31 2017 (r447444)
+++ head/security/openvas8-manager/files/patch-tools+greenbone-scapdata-sync.in Sun Aug 6 06:49:42 2017 (r447445)
@@ -1,7 +1,40 @@
---- tools/greenbone-scapdata-sync.in.orig 2015-12-08 07:09:31 UTC
-+++ tools/greenbone-scapdata-sync.in
-@@ -962,7 +962,7 @@ update_scap_db_private () {
+--- tools/greenbone-scapdata-sync.in 2015-12-08 02:09:31.000000000 -0500
++++ tools/greenbone-scapdata-sync.in 2017-08-05 22:00:27.817110000 -0500
+@@ -297,7 +297,7 @@
then
+ log_err "Could not determine credentials, aborting synchronization."
+ rm -rf $FEED_INFO_TEMP_DIR
+- exit -1
++ exit 1
+ fi
+
+ # --protocol=29 is a workaround for a known bug in rsync 3.0.3
+@@ -321,12 +321,12 @@
+ then
+ log_err "rsync failed, aborting synchronization."
+ rm -rf $FEED_INFO_TEMP_DIR
+- exit -1
++ exit 1
+ fi
+ else
+ log_err "Could not find access key, aborting synchronization."
+ rm -rf $FEED_INFO_TEMP_DIR
+- exit -1
++ exit 1
+ fi
+
+ FEED_VERSION_SERVER=`cat $FEED_INFO_TEMP_DIR/timestamp`
+@@ -335,7 +335,7 @@
+ then
+ log_err "Could not determine server feed version."
+ rm -rf $FEED_INFO_TEMP_DIR
+- exit -1
++ exit 1
+ fi
+
+ # Check against FEED_VERSION
+@@ -962,11 +962,11 @@
+ then
for ovalfile in $oval_files_sorted_private
do
- filedate=`stat -c "%Y" "$ovalfile" | cut -d " " -f 1 | tr -d "-"`
@@ -9,7 +42,23 @@
filedate=$(( $filedate - ( $filedate % 60 ) ))
if [ $filedate -gt $DB_LASTUPDATE ] || [ 1 = "$REBUILD_OVAL" ]
then
-@@ -1090,12 +1090,12 @@ update_scap_db() {
+- oval_timestamp=`xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | date "+%s" -f -`
++ oval_timestamp=`date -j -f "%Y-%m-%dT%H:%M:%S" $(xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | cut -d "." -f1) +%s`
+
+ if [ 1 = "$REBUILD_OVAL" ]
+ then
+@@ -1068,8 +1068,8 @@
+ fi
+
+ # TODO: This is not quite accurate as it uses the timestamp of the non-private data.
+- LAST_UPDATE_TIMESTAMP=`sed 's/^\(.\{8\}\)/\1 /' $TIMESTAMP | date +%s -f -`
+-
++ LAST_UPDATE_TIMESTAMP=`date -j -f '%Y%m%d%H%M%S' $(sed 's/$/00/g' $TIMESTAMP) +%s`
++
+ reset_sql_tries
+ until [ "$try_sql" -eq 0 ]
+ do
+@@ -1090,12 +1090,12 @@
CPEBASE="$SCAP_DIR/official-cpe-dictionary_v2.2.xml"
if [ -e $CPEBASE ]
then
@@ -24,7 +73,7 @@
if [ "0" -ne "$SPLIT_PART_SIZE" ] && [ "$filesize" -gt $(($SPLIT_PART_SIZE * 1024)) ]
then
log_info "File is larger than ${SPLIT_PART_SIZE}k. Splitting into multiple parts"
-@@ -1152,13 +1152,13 @@ update_scap_db() {
+@@ -1152,13 +1152,13 @@
then
for cvefile in `ls $SCAP_DIR/nvdcve-2.0-*.xml`
do
@@ -40,7 +89,7 @@
if [ "0" -ne "$SPLIT_PART_SIZE" ] && [ "$filesize" -gt $(($SPLIT_PART_SIZE * 1024)) ]
then
log_info "File is larger than ${SPLIT_PART_SIZE}k. Splitting into multiple parts"
-@@ -1228,7 +1228,7 @@ update_scap_db() {
+@@ -1228,11 +1228,11 @@
for ovalfile in $oval_files_sorted
do
@@ -49,7 +98,21 @@
filedate=$(( $filedate - ( $filedate % 60 ) ))
if [ $filedate -gt $DB_LASTUPDATE ] || [ 1 = "$REBUILD_OVAL" ]
then
-@@ -1469,7 +1469,7 @@ then
+- oval_timestamp=`xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | date "+%s" -f -`
++ oval_timestamp=`date -j -f '%Y-%m-%dT%H:%M:%S' $(xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | cut -d "." -f1) +%s`
+
+ if [ 1 = "$REBUILD_OVAL" ]
+ then
+@@ -1284,7 +1284,7 @@
+ update_cvss
+ update_placeholders
+
+- LAST_UPDATE_TIMESTAMP=`sed 's/^\(.\{8\}\)/\1 /' $TIMESTAMP | env TZ="UTC" date +%s -f -`
++ LAST_UPDATE_TIMESTAMP=`date -j -f '%Y%m%d%H%M%S' $(sed 's/$/00/g' $TIMESTAMP) +%s`
+
+ reset_sql_tries
+ until [ "$try_sql" -eq 0 ]
+@@ -1469,7 +1469,7 @@
exit 1
fi
Modified: head/security/openvas8-manager/files/patch-tools+openvas-scapdata-sync.in
==============================================================================
--- head/security/openvas8-manager/files/patch-tools+openvas-scapdata-sync.in Sun Aug 6 06:24:31 2017 (r447444)
+++ head/security/openvas8-manager/files/patch-tools+openvas-scapdata-sync.in Sun Aug 6 06:49:42 2017 (r447445)
@@ -1,6 +1,15 @@
---- tools/openvas-scapdata-sync.in.orig 2015-08-03 05:52:10 UTC
-+++ tools/openvas-scapdata-sync.in
-@@ -885,7 +885,7 @@ update_sec_db_private () {
+--- tools/openvas-scapdata-sync.in 2017-05-02 02:32:45.000000000 -0500
++++ tools/openvas-scapdata-sync.in 2017-08-05 22:40:11.310734000 -0500
+@@ -63,7 +63,7 @@
+
+ # Delay between retries
+ if [ -z "$SQL_RETRY_DELAY" ]; then
+- SQL_RETRY_DELAY="10m" # allowed unit suffixes: see sleep command
++ SQL_RETRY_DELAY="600" # allowed unit suffixes: see sleep command
+ fi
+
+ TIMESTAMP="$SCAP_DIR/timestamp"
+@@ -885,11 +885,11 @@
then
for ovalfile in $oval_files_sorted_private
do
@@ -9,7 +18,39 @@
filedate=$(( $filedate - ( $filedate % 60 ) ))
if [ $filedate -gt $DB_LASTUPDATE ] || [ 1 = "$REBUILD_OVAL" ]
then
-@@ -1012,13 +1012,13 @@ update_sec_db () {
+- oval_timestamp=`xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | date "+%s" -f -`
++ oval_timestamp=`date -j -f "%Y-%m-%dT%H:%M:%S" $(xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | cut -d "." -f1) +%s`
+
+ if [ 1 = "$REBUILD_OVAL" ]
+ then
+@@ -958,7 +958,7 @@
+ DIR_STR_LENGTH=$((`echo "$SCAP_DIR" | wc -c` + 1))
+
+ oval_files_shortened=""
+- if [ 0 != "$xmlcount" ]
++ if [ "$xmlcount" -ne 0 ]
+ then
+ for ovalfile in $oval_files_sorted_private
+ do
+@@ -968,7 +968,7 @@
+ fi
+
+ oval_files_clause=""
+- if [ ! -z "$oval_files_shortened" ]
++ if [ "$oval_files_shortened" != "" ]
+ then
+ oval_files_clause="AND (xml_file NOT IN ($oval_files_shortened))"
+ fi
+@@ -993,7 +993,7 @@
+ fi
+
+ # TODO: This is not quite accurate as it uses the timestamp of the non-private data.
+- LAST_UPDATE_TIMESTAMP=`sed 's/^\(.\{8\}\)/\1 /' $TIMESTAMP | date +%s -f -`
++ LAST_UPDATE_TIMESTAMP=`date -j -f '%Y%m%d%H%M%S' $(sed 's/$/00/g' $TIMESTAMP) +%s`
+
+ reset_sql_tries
+ until [ "$try_sql" -eq 0 ]
+@@ -1012,13 +1012,13 @@
CPEBASE="$SCAP_DIR/official-cpe-dictionary_v2.2.xml"
if [ -e $CPEBASE ]
then
@@ -25,7 +66,7 @@
if [ "0" -ne "$SPLIT_PART_SIZE" ] && [ "$filesize" -gt $(($SPLIT_PART_SIZE * 1024)) ]
then
echo "[i] File is larger than ${SPLIT_PART_SIZE}k. Splitting into multiple parts"
-@@ -1075,13 +1075,13 @@ update_sec_db () {
+@@ -1075,13 +1075,13 @@
then
for cvefile in `ls $SCAP_DIR/nvdcve-2.0-*.xml`
do
@@ -41,7 +82,7 @@
if [ "0" -ne "$SPLIT_PART_SIZE" ] && [ "$filesize" -gt $(($SPLIT_PART_SIZE * 1024)) ]
then
echo "[i] File is larger than ${SPLIT_PART_SIZE}k. Splitting into multiple parts"
-@@ -1151,7 +1151,7 @@ update_sec_db () {
+@@ -1151,11 +1151,11 @@
for ovalfile in $oval_files_sorted
do
@@ -50,3 +91,17 @@
filedate=$(( $filedate - ( $filedate % 60 ) ))
if [ $filedate -gt $DB_LASTUPDATE ] || [ 1 = "$REBUILD_OVAL" ]
then
+- oval_timestamp=`xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | date "+%s" -f -`
++ oval_timestamp=`date -j -f '%Y-%m-%dT%H:%M:%S' $(xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | cut -d "." -f1) +%s`
+
+ if [ 1 = "$REBUILD_OVAL" ]
+ then
+@@ -1206,7 +1206,7 @@
+ update_cvss
+ update_placeholders
+
+- LAST_UPDATE_TIMESTAMP=`sed 's/^\(.\{8\}\)/\1 /' $TIMESTAMP | env TZ="UTC" date +%s -f -`
++ LAST_UPDATE_TIMESTAMP=`date -j -f '%Y%m%d%H%M%S' $(sed 's/$/00/g' $TIMESTAMP) +%s`
+ reset_sql_tries
+ until [ "$try_sql" -eq 0 ]
+ do
Modified: head/security/openvas8-manager/pkg-plist
==============================================================================
--- head/security/openvas8-manager/pkg-plist Sun Aug 6 06:24:31 2017 (r447444)
+++ head/security/openvas8-manager/pkg-plist Sun Aug 6 06:49:42 2017 (r447445)
@@ -1,5 +1,6 @@
-etc/openvas/openvasmd_log.conf
-etc/openvas/pwpolicy.conf
+ at sample etc/openvas/openvasmd_log.conf.sample
+ at sample etc/openvas/pwpolicy.conf.sample
+%%PGSQL%%lib/openvasmd/pg/libmanage-pg-server.so
man/man8/openvasmd.8.gz
sbin/greenbone-certdata-sync
sbin/greenbone-scapdata-sync
@@ -10,6 +11,7 @@ sbin/openvas-scapdata-sync
sbin/openvasmd
%%PORTDOCS%%%%DOCSDIR%%/INSTALL
%%PORTDOCS%%%%DOCSDIR%%/html/omp.html
+%%PORTDOCS%%%%DOCSDIR%%/postgres-HOWTO
share/openvas/cert/cert_bund_getbyname.xsl
share/openvas/cert/cert_bund_update.xsl
share/openvas/cert/cert_db_init.sql
Modified: head/security/openvas8-scanner/Makefile
==============================================================================
--- head/security/openvas8-scanner/Makefile Sun Aug 6 06:24:31 2017 (r447444)
+++ head/security/openvas8-scanner/Makefile Sun Aug 6 06:49:42 2017 (r447445)
@@ -3,6 +3,7 @@
PORTNAME?= openvas8-scanner
PORTVERSION?= 5.0.8
+PORTREVISION= 1
CATEGORIES= security
MASTER_SITES?= http://wald.intevation.org/frs/download.php/2436/
DISTNAME= ${PORTNAME:S/${OPENVAS_VER}//}-${PORTVERSION}
@@ -18,7 +19,8 @@ LIB_DEPENDS= libgcrypt.so:security/libgcrypt \
libopenvas_base.so:security/openvas${OPENVAS_VER}-libraries
RUN_DEPENDS= redis-server:databases/redis \
curl:ftp/curl \
- rsync:net/rsync
+ rsync:net/rsync \
+ nmap:security/nmap
CONFLICTS?= ${PORTNAME:S/${OPENVAS_VER}/9/}-*
Modified: head/security/openvas8-scanner/files/openvassd.in
==============================================================================
--- head/security/openvas8-scanner/files/openvassd.in Sun Aug 6 06:24:31 2017 (r447444)
+++ head/security/openvas8-scanner/files/openvassd.in Sun Aug 6 06:49:42 2017 (r447445)
@@ -8,18 +8,21 @@
#
# Add the following to /etc/rc.conf[.local] to enable this service
#
-# openvassd_enable="YES"
+# openvassd_enable (bool): Set to NO by default.
+# Set it to YES to enable openvassd.
+# openvassd_flags (params): Set params used to start openvassd.
#
. /etc/rc.subr
name=openvassd
-rcvar=openvassd_enable
+rcvar=${name}_enable
command="%%PREFIX%%/sbin/openvassd"
pidfile=/var/run/openvassd.pid
extra_commands="reload"
: ${openvassd_enable=NO}
+: ${openvassd_flags="--listen=127.0.0.1"}
load_rc_config $name
run_rc_command "$1"
Modified: head/security/openvas9-manager/files/openvasmd.in
==============================================================================
--- head/security/openvas9-manager/files/openvasmd.in Sun Aug 6 06:24:31 2017 (r447444)
+++ head/security/openvas9-manager/files/openvasmd.in Sun Aug 6 06:49:42 2017 (r447445)
@@ -8,18 +8,21 @@
#
# Add the following to /etc/rc.conf[.local] to enable this service
#
-# openvasmd_enable="YES"
+# openvasmd_enable (bool): Set to NO by default.
+# Set it to YES to enable bareos_dir.
+# openvasmd_flags (params): Set params used to start openvasmd.
#
. /etc/rc.subr
name=openvasmd
-rcvar=openvasmd_enable
+rcvar=${name}_enable
command="%%PREFIX%%/sbin/openvasmd"
pidfile=/var/run/openvasmd.pid
extra_commands="reload"
-: ${openvasmd_enable=NO}
+: ${openvasmd_enable="NO"}
+: ${openvasmd_flags="--listen=127.0.0.1"}
load_rc_config $name
run_rc_command "$1"
Modified: head/security/openvas9-manager/files/patch-src-manage_sql.c
==============================================================================
--- head/security/openvas9-manager/files/patch-src-manage_sql.c Sun Aug 6 06:24:31 2017 (r447444)
+++ head/security/openvas9-manager/files/patch-src-manage_sql.c Sun Aug 6 06:49:42 2017 (r447445)
@@ -1,6 +1,6 @@
---- src/manage_sql.c.orig 2016-02-26 13:38:52 UTC
-+++ src/manage_sql.c
-@@ -58,6 +58,7 @@
+--- src/manage_sql.c 2017-06-20 01:32:02.000000000 -0500
++++ src/manage_sql.c 2017-08-05 21:19:08.663354000 -0500
+@@ -57,6 +57,7 @@
#include <unistd.h>
#include <sys/time.h>
#include <grp.h>
@@ -8,7 +8,7 @@
#include <openvas/base/openvas_string.h>
#include <openvas/base/openvas_file.h>
-@@ -940,7 +941,7 @@ iso_time_internal (time_t *epoch_time, c
+@@ -1061,7 +1062,7 @@
static char time_string[100];
tm = localtime (epoch_time);
@@ -17,7 +17,34 @@
{
if (strftime (time_string, 98, "%FT%TZ", tm) == 0)
return NULL;
-@@ -42378,12 +42379,12 @@ modify_schedule (const char *schedule_id
+@@ -25384,7 +25385,7 @@
+ {
+ return sql_int ("SELECT count (DISTINCT port) FROM results"
+ " WHERE report = %llu AND port != ''"
+- " AND port NOT %s 'general/%';",
++ " AND port NOT %s 'general/%%';",
+ report,
+ sql_ilike_op ());
+ }
+@@ -25400,7 +25401,7 @@
+ {
+ return sql_int ("SELECT count (DISTINCT port) FROM results"
+ " WHERE report = %llu AND host = '%s'"
+- " AND port NOT %s 'general/%';",
++ " AND port NOT %s 'general/%%';",
+ report,
+ host,
+ sql_ilike_op ());
+@@ -35110,7 +35111,7 @@
+ " WHERE config_preferences.config = %llu"
+ " AND config_preferences.type = '%s'"
+ " AND (config_preferences.name = nvt_preferences.name"
+- " OR config_preferences.name LIKE 'timeout.%')"
++ " OR config_preferences.name LIKE 'timeout.%%')"
+ " AND config_preferences.name != 'max_checks'"
+ " AND config_preferences.name != 'max_hosts'"
+ " UNION"
+@@ -47821,12 +47822,12 @@
if (duration == -1)
duration_string = NULL;
else
@@ -32,7 +59,7 @@
if ((period_months == -1) || (period_months == 0))
{
-@@ -42395,12 +42396,12 @@ modify_schedule (const char *schedule_id
+@@ -47838,12 +47839,12 @@
else
{
period_months_string = g_strdup ("0");
Added: head/security/openvas9-manager/files/patch-src-sql_pg.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/openvas9-manager/files/patch-src-sql_pg.c Sun Aug 6 06:49:42 2017 (r447445)
@@ -0,0 +1,18 @@
+--- src/sql_pg.c 2017-08-06 01:12:18.411221000 -0500
++++ src/sql_pg.c 2017-08-06 01:13:41.241337000 -0500
+@@ -26,13 +26,13 @@
+ #include "sql.h"
+
+ #include <assert.h>
+-#include <endian.h>
++#include <sys/endian.h>
+ #include <errno.h>
+ #include <arpa/inet.h>
+ #include <glib.h>
+ #include <inttypes.h>
+ #include <netinet/in.h>
+-#include <postgresql/libpq-fe.h>
++#include <libpq-fe.h>
+ #include <stdlib.h>
+ #include <string.h>
+
Modified: head/security/openvas9-manager/files/patch-tools+greenbone-scapdata-sync.in
==============================================================================
--- head/security/openvas9-manager/files/patch-tools+greenbone-scapdata-sync.in Sun Aug 6 06:24:31 2017 (r447444)
+++ head/security/openvas9-manager/files/patch-tools+greenbone-scapdata-sync.in Sun Aug 6 06:49:42 2017 (r447445)
@@ -1,6 +1,6 @@
---- tools/greenbone-scapdata-sync.in.orig 2016-11-10 04:58:06.000000000 -0500
-+++ tools/greenbone-scapdata-sync.in 2017-07-29 00:09:17.272096000 -0500
-@@ -1080,7 +1080,7 @@
+--- tools/greenbone-scapdata-sync.in 2016-11-10 04:58:06.000000000 -0500
++++ tools/greenbone-scapdata-sync.in 2017-08-05 22:42:35.986283000 -0500
+@@ -1080,11 +1080,11 @@
then
for ovalfile in $oval_files_sorted_private
do
@@ -9,6 +9,38 @@
filedate=$(( $filedate - ( $filedate % 60 ) ))
if [ $filedate -gt $DB_LASTUPDATE ] || [ 1 = "$REBUILD_OVAL" ]
then
+- oval_timestamp=`xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | date "+%s" -f -`
++ oval_timestamp=`date -j -f "%Y-%m-%dT%H:%M:%S" $(xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | cut -d "." -f1) +%s`
+
+ if [ 1 = "$REBUILD_OVAL" ]
+ then
+@@ -1153,7 +1153,7 @@
+ DIR_STR_LENGTH=$((`echo "$SCAP_DIR" | wc -c` + 1))
+
+ oval_files_shortened=""
+- if [ 0 != "$xmlcount" ]
++ if [ "$xmlcount" -ne 0 ]
+ then
+ for ovalfile in $oval_files_sorted_private
+ do
+@@ -1163,7 +1163,7 @@
+ fi
+
+ oval_files_clause=""
+- if [ ! -z "$oval_files_shortened" ]
++ if [ "$oval_files_shortened" =! "" ]
+ then
+ oval_files_clause="AND (xml_file NOT IN ($oval_files_shortened))"
+ fi
+@@ -1186,7 +1186,7 @@
+ fi
+
+ # TODO: This is not quite accurate as it uses the timestamp of the non-private data.
+- LAST_UPDATE_TIMESTAMP=`sed 's/^\(.\{8\}\)/\1 /' $TIMESTAMP | date +%s -f -`
++ LAST_UPDATE_TIMESTAMP=`date -j -f '%Y%m%d%H%M%S' $(sed 's/$/00/g' $TIMESTAMP) +%s`
+
+ reset_sql_tries
+ until [ "$try_sql" -eq 0 ]
@@ -1208,12 +1208,12 @@
CPEBASE="$SCAP_DIR/official-cpe-dictionary_v2.2.xml"
if [ -e $CPEBASE ]
@@ -40,7 +72,7 @@
if [ "0" -ne "$SPLIT_PART_SIZE" ] && [ "$filesize" -gt $(($SPLIT_PART_SIZE * 1024)) ]
then
log_info "File is larger than ${SPLIT_PART_SIZE}k. Splitting into multiple parts"
-@@ -1347,7 +1347,7 @@
+@@ -1347,11 +1347,11 @@
for ovalfile in $oval_files_sorted
do
@@ -49,6 +81,20 @@
filedate=$(( $filedate - ( $filedate % 60 ) ))
if [ $filedate -gt $DB_LASTUPDATE ] || [ 1 = "$REBUILD_OVAL" ]
then
+- oval_timestamp=`xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | date "+%s" -f -`
++ oval_timestamp=`date -j -f '%Y-%m-%dT%H:%M:%S' $(xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | cut -d "." -f1) +%s`
+
+ if [ 1 = "$REBUILD_OVAL" ]
+ then
+@@ -1403,7 +1403,7 @@
+ update_cvss
+ update_placeholders
+
+- LAST_UPDATE_TIMESTAMP=`sed 's/^\(.\{8\}\)/\1 /' $TIMESTAMP | env TZ="UTC" date +%s -f -`
++ LAST_UPDATE_TIMESTAMP=`date -j -f '%Y%m%d%H%M%S' $(sed 's/$/00/g' $TIMESTAMP) +%s`
+
+ reset_sql_tries
+ until [ "$try_sql" -eq 0 ]
@@ -1635,7 +1635,7 @@
then
if [ -f "$SCAP_DB" ]
Modified: head/security/openvas9-manager/pkg-plist
==============================================================================
--- head/security/openvas9-manager/pkg-plist Sun Aug 6 06:24:31 2017 (r447444)
+++ head/security/openvas9-manager/pkg-plist Sun Aug 6 06:49:42 2017 (r447445)
@@ -1,23 +1,27 @@
bin/openvas-manage-certs
-etc/openvas/openvasmd_log.conf
-etc/openvas/pwpolicy.conf
-etc/rc.d/openvasmd
+ at sample etc/openvas/openvasmd_log.conf.sample
+ at sample etc/openvas/pwpolicy.conf.sample
+%%PGSQL%%lib/openvasmd/pg/libmanage-pg-server.so
+%%PGSQL%%lib/openvasmd/pg/libmanage-pg-server.so.0
+%%PGSQL%%lib/openvasmd/pg/libmanage-pg-server.so.7.0.2
man/man8/database-statistics-sqlite.8.gz
man/man8/greenbone-certdata-sync.8.gz
man/man8/greenbone-scapdata-sync.8.gz
man/man8/openvas-migrate-to-postgres.8.gz
man/man8/openvas-portnames-update.8.gz
man/man8/openvasmd.8.gz
-sbin/database-statistics-sqlite
+%%SQLITE3%%sbin/database-statistics-sqlite
sbin/greenbone-certdata-sync
sbin/greenbone-scapdata-sync
sbin/openvas-migrate-to-postgres
sbin/openvas-portnames-update
sbin/openvasmd
-sbin/openvasmd-sqlite
+%%SQLITE3%%sbin/openvasmd-sqlite
+%%PGSQL%%sbin/openvasmd-pg
%%PORTDOCS%%%%DOCSDIR%%/INSTALL
%%PORTDOCS%%%%DOCSDIR%%/example-openvas-manage-certs.conf
%%PORTDOCS%%%%DOCSDIR%%/html/omp.html
+%%PGSQL%%%%PORTDOCS%%%%DOCSDIR%%/postgres-HOWTO
share/man/man1/openvas-manage-certs.1
share/openvas/cert/cert_bund_getbyname.xsl
share/openvas/cert/cert_bund_update.xsl
More information about the svn-ports-all
mailing list