[gentoo-commits] repo/gentoo:master commit in: net-analyzer/openvas-scanner/, net-analyzer/openvas-scanner/files/

[gentoo-commits] repo/gentoo:master commit in: net-analyzer/openvas-scanner/, net-analyzer/openvas-scanner/files/

[Joonas Niilola]

commit:     b3055e30a568592223aef4ec728eda6da806eafe
Author:     Jonas Licht <jonas.licht <AT> fem <DOT> tu-ilmenau <DOT> de>
AuthorDate: Sun Mar 21 19:47:16 2021 +0000
Commit:     Joonas Niilola <juippis <AT> gentoo <DOT> org>
CommitDate: Mon Mar 22 13:33:47 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b3055e30

net-analyzer/openvas-scanner: add patch to disable cmake automagic dep

Closes: https://bugs.gentoo.org/733894
Package-Manager: Portage-3.0.13, Repoman-3.0.2
Signed-off-by: Jonas Licht <jonas.licht <AT> fem.tu-ilmenau.de>
Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org>

 ...envas-scanner-7.0.1-disable-automagic-dep.patch | 33 ++++++++++++++++++++++
 net-analyzer/openvas-scanner/metadata.xml          |  1 +
 .../openvas-scanner/openvas-scanner-7.0.1.ebuild   | 11 ++++++--
 3 files changed, 42 insertions(+), 3 deletions(-)

diff --git a/net-analyzer/openvas-scanner/files/openvas-scanner-7.0.1-disable-automagic-dep.patch b/net-analyzer/openvas-scanner/files/openvas-scanner-7.0.1-disable-automagic-dep.patch
new file mode 100644
index 00000000000..fd3e4610f8a
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/openvas-scanner-7.0.1-disable-automagic-dep.patch
@@ -0,0 +1,33 @@
+diff --git a/nasl/CMakeLists.txt b/nasl/CMakeLists.txt
+index b594679c..81c5e4a9 100644
+--- a/nasl/CMakeLists.txt
++++ b/nasl/CMakeLists.txt
+@@ -100,14 +100,20 @@ execute_process (COMMAND gpgme-config --cflags
+   OUTPUT_VARIABLE GPGME_CFLAGS
+   OUTPUT_STRIP_TRAILING_WHITESPACE)
+ 
+-message (STATUS "Looking for netsnmp...")
+-find_library (SNMP netsnmp)
+-message (STATUS "Looking for netsnmp... ${SNMP}")
+-if (SNMP)
+-  execute_process (COMMAND net-snmp-config --libs
+-    OUTPUT_VARIABLE SNMP_LDFLAGS
+-    OUTPUT_STRIP_TRAILING_WHITESPACE)
+-endif (SNMP)
++option(BUILD_WITH_SNMP "Build with SNMP Support" ON)
++if (BUILD_WITH_SNMP)
++  message (STATUS "Looking for netsnmp...")
++  find_library (SNMP netsnmp)
++  message (STATUS "Looking for netsnmp... ${SNMP}")
++  if (SNMP)
++    execute_process (COMMAND net-snmp-config --libs
++      OUTPUT_VARIABLE SNMP_LDFLAGS
++      OUTPUT_STRIP_TRAILING_WHITESPACE)
++  endif (SNMP)
++  if (NOT SNMP)
++    message (SEND_ERROR " netsnmp not found")
++  endif(NOT SNMP)
++endif (BUILD_WITH_SNMP)
+ 
+ message (STATUS "Looking for libgcrypt...")
+ find_library (GCRYPT gcrypt)

diff --git a/net-analyzer/openvas-scanner/metadata.xml b/net-analyzer/openvas-scanner/metadata.xml
index 7e35c8db968..35596363964 100644
--- a/net-analyzer/openvas-scanner/metadata.xml
+++ b/net-analyzer/openvas-scanner/metadata.xml
@@ -12,6 +12,7 @@
 	<use>
 		<flag name="cron">Install a cron job to update GVM's feed daily.</flag>
 		<flag name="extras">Html docs support</flag>
+		<flag name="snmp">Build againts net-analyzer/net-snmp for "improved SNMP support"</flag>
 	</use>
 	<longdescription lang="en">
 	Open Vulnerability Assessment System (OpenVAS) Scanner is the Greenbone Vulnerability Management (GVM) Solution.

diff --git a/net-analyzer/openvas-scanner/openvas-scanner-7.0.1.ebuild b/net-analyzer/openvas-scanner/openvas-scanner-7.0.1.ebuild
index 812b342a1ca..1fc5a911179 100644
--- a/net-analyzer/openvas-scanner/openvas-scanner-7.0.1.ebuild
+++ b/net-analyzer/openvas-scanner/openvas-scanner-7.0.1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2020 Gentoo Authors
+# Copyright 1999-2021 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=7
@@ -16,7 +16,7 @@ SRC_URI="https://github.com/greenbone/openvas-scanner/archive/v${PV}.tar.gz -> $
 SLOT="0"
 LICENSE="GPL-2 GPL-2+"
 KEYWORDS="~amd64 ~x86"
-IUSE="cron extras test"
+IUSE="cron extras snmp test"
 RESTRICT="!test? ( test )"
 
 DEPEND="
@@ -27,7 +27,7 @@ DEPEND="
 	dev-libs/libgcrypt:=
 	dev-libs/libksba
 	>=net-analyzer/gvm-libs-11.0.1
-	net-analyzer/net-snmp
+	snmp? ( net-analyzer/net-snmp:= )
 	net-libs/gnutls:=
 	net-libs/libpcap
 	net-libs/libssh:="
@@ -48,6 +48,10 @@ BDEPEND="
 	)
 	test? ( dev-libs/cgreen )"
 
+PATCHES=(
+	"${FILESDIR}"/${P}-disable-automagic-dep.patch
+)
+
 BUILD_DIR="${WORKDIR}/${MY_PN}-${PV}_build"
 S="${WORKDIR}/${MY_PN}-${PV}"
 
@@ -75,6 +79,7 @@ src_configure() {
 		"-DLOCALSTATEDIR=${EPREFIX}/var"
 		"-DSYSCONFDIR=${EPREFIX}/etc"
 		"-DSBINDIR=${EPREFIX}/usr/bin"
+		"-DBUILD_WITH_SNMP=$(usex snmp)"
 	)
 	cmake_src_configure
 }

[gentoo-commits] repo/gentoo:master commit in: net-analyzer/openvas-scanner/, net-analyzer/openvas-scanner/files/

[Florian Schmaus]

commit:     f163722c6b110b3f0ab3bf993d374686b52b017f
Author:     Giuseppe Foti <foti.giuseppe <AT> gmail <DOT> com>
AuthorDate: Sat May 18 17:17:51 2024 +0000
Commit:     Florian Schmaus <flow <AT> gentoo <DOT> org>
CommitDate: Tue May 21 08:58:06 2024 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f163722c

net-analyzer/openvas-scanner: add 23.3.0

Signed-off-by: Giuseppe Foti <foti.giuseppe <AT> gmail.com>
Closes: https://github.com/gentoo/gentoo/pull/36733
Signed-off-by: Florian Schmaus <flow <AT> gentoo.org>

 net-analyzer/openvas-scanner/Manifest              |   1 +
 .../files/openvas-scanner-23.3.0-link-curl.patch   |  69 +++++++++
 .../openvas-scanner/openvas-scanner-23.3.0.ebuild  | 161 +++++++++++++++++++++
 3 files changed, 231 insertions(+)

diff --git a/net-analyzer/openvas-scanner/Manifest b/net-analyzer/openvas-scanner/Manifest
index 678d032cb5a3..e1456d34ea39 100644
--- a/net-analyzer/openvas-scanner/Manifest
+++ b/net-analyzer/openvas-scanner/Manifest
@@ -1,2 +1,3 @@
 DIST openvas-scanner-22.7.9.tar.gz 1069904 BLAKE2B 908810997880d1267f41df59905acc2ac2d491ab8453001ae8e2cc6881958150e8866b07b4e335888e8e574b5a347b33880bd24c9b8d140edd6c384e498e5dc9 SHA512 279a781fe698496fb88efd28c0ee6ede66a0180237b60c4d7b083fe10c7b7ac054ec04b08c9b33e6dd142f60529faedfef4441421cc04e95eaa08865e47b58dd
 DIST openvas-scanner-23.0.1.tar.gz 1387550 BLAKE2B 22f0b7f10fbb8be7d0897ce1895035ec9e330adee2a56d7c724e9e9fd54808ed10de5f05b3bb02918e44e45a7f85035e7d63fdd89345dcdb09d5180740823c74 SHA512 e2107ca762abcbb20d4506d2cc4479d5fbf5efd744a598ec63ea3c66ae6a6f1743deeb4b7aa9863b78c186c8a4d4b5f2212d241cef51b91c6c5bcd0879c45dc7
+DIST openvas-scanner-23.3.0.tar.gz 1416508 BLAKE2B de5864183b19df7b825bb74a5c38493b484494c5ef0f871f83e77efd6f6ce9934fd0a2365c5e7fe2b53e0c3f0c6a0eccd57528571dcd8586cbe5ef575aa5ec4f SHA512 cebe73f376a0b7731ffcb3eb9eb6e223ad490d8c0b708f07f508c562f2cfea956fa61e2bfb9141d2bf826c727be901ef2f455b74c055032f72cd52b7591bd171

diff --git a/net-analyzer/openvas-scanner/files/openvas-scanner-23.3.0-link-curl.patch b/net-analyzer/openvas-scanner/files/openvas-scanner-23.3.0-link-curl.patch
new file mode 100644
index 000000000000..7fc9972a04b7
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/openvas-scanner-23.3.0-link-curl.patch
@@ -0,0 +1,69 @@
+Fixes underlinking curl lib in nasl/CMakeLists.txt
+Upstream PR: https://github.com/greenbone/openvas-scanner/pull/1647
+
+From d070e15547bf8377b90ed660c099c82fb30e2d32 Mon Sep 17 00:00:00 2001
+From: Giuseppe Foti <foti.giuseppe@gmail.com>
+Date: Sat, 18 May 2024 18:53:19 +0200
+Subject: [PATCH 1/2] link curl
+
+Signed-off-by: Giuseppe Foti <foti.giuseppe@gmail.com>
+--- a/nasl/CMakeLists.txt
++++ b/nasl/CMakeLists.txt
+@@ -188,7 +188,7 @@ set_target_properties (openvas_nasl_shared PROPERTIES CLEAN_DIRECT_OUTPUT 1)
+ set_target_properties (openvas_nasl_shared PROPERTIES SOVERSION "${PROJECT_VERSION_MAJOR}")
+ set_target_properties (openvas_nasl_shared PROPERTIES VERSION "${PROJECT_VERSION_STRING}")
+ # line below is needed so it also works with no-undefined which is e.g. used by Mandriva
+-target_link_libraries (openvas_nasl_shared openvas_misc_shared pcap ${GLIB_LDFLAGS}
++target_link_libraries (openvas_nasl_shared openvas_misc_shared curl pcap ${GLIB_LDFLAGS}
+                          ${LIBOPENVAS_MISC_LDFLAGS}
+                          ${GLIB_JSON_LDFLAGS} 
+                          ${GCRYPT_LDFLAGS} ${GPGME_LDFLAGS} m
+-- 
+2.43.2
+
+
+From 17475b6e7e3b0bf4ccc56915b1ea69adadfda0a5 Mon Sep 17 00:00:00 2001
+From: Giuseppe Foti <foti.giuseppe@gmail.com>
+Date: Sat, 18 May 2024 18:54:04 +0200
+Subject: [PATCH 2/2] Remove redundant whitespaces
+
+Signed-off-by: Giuseppe Foti <foti.giuseppe@gmail.com>
+--- a/nasl/CMakeLists.txt
++++ b/nasl/CMakeLists.txt
+@@ -172,7 +172,7 @@ add_definitions (-DOPENVAS_GPG_BASE_DIR="${OPENVAS_GPG_BASE_DIR}")
+ 
+ include_directories (${GLIB_INCLUDE_DIRS}
+                      ${LIBOPENVAS_MISC_INCLUDE_DIRS}
+-                     ${GLIB_JSON_INCLUDE_DIRS} 
++                     ${GLIB_JSON_INCLUDE_DIRS}
+                      ${GPGME_INCLUDE_DIRS}
+                      ${LIBSSH_INCLUDE_DIRS}
+                      ${LIBGVM_BASE_INCLUDE_DIRS}
+@@ -181,7 +181,7 @@ include_directories (${GLIB_INCLUDE_DIRS}
+                      ${GCRYPT_INCLUDE_DIRS})
+ 
+ 
+-# Build shared 
++# Build shared
+ add_library (openvas_nasl_shared SHARED ${FILES})
+ set_target_properties (openvas_nasl_shared PROPERTIES OUTPUT_NAME "openvas_nasl")
+ set_target_properties (openvas_nasl_shared PROPERTIES CLEAN_DIRECT_OUTPUT 1)
+@@ -190,7 +190,7 @@ set_target_properties (openvas_nasl_shared PROPERTIES VERSION "${PROJECT_VERSION
+ # line below is needed so it also works with no-undefined which is e.g. used by Mandriva
+ target_link_libraries (openvas_nasl_shared openvas_misc_shared curl pcap ${GLIB_LDFLAGS}
+                          ${LIBOPENVAS_MISC_LDFLAGS}
+-                         ${GLIB_JSON_LDFLAGS} 
++                         ${GLIB_JSON_LDFLAGS}
+                          ${GCRYPT_LDFLAGS} ${GPGME_LDFLAGS} m
+                          ${LIBGVM_BASE_LDFLAGS}
+                          ${LIBGVM_UTIL_LDFLAGS}
+@@ -219,5 +219,5 @@ install (FILES ${CMAKE_SOURCE_DIR}/doc/man/openvas-nasl.1
+          DESTINATION ${DATADIR}/man/man1 )
+ 
+ install (FILES ${CMAKE_SOURCE_DIR}/doc/man/openvas-nasl-lint.1
+-         DESTINATION ${DATADIR}/man/man1 )   
++         DESTINATION ${DATADIR}/man/man1 )
+ ## End
+-- 
+2.43.2
+

diff --git a/net-analyzer/openvas-scanner/openvas-scanner-23.3.0.ebuild b/net-analyzer/openvas-scanner/openvas-scanner-23.3.0.ebuild
new file mode 100644
index 000000000000..b26024cee8d1
--- /dev/null
+++ b/net-analyzer/openvas-scanner/openvas-scanner-23.3.0.ebuild
@@ -0,0 +1,161 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit cmake systemd tmpfiles toolchain-funcs readme.gentoo-r1 optfeature
+
+MY_DN="openvas"
+
+DESCRIPTION="Open Vulnerability Assessment Scanner"
+HOMEPAGE="https://www.greenbone.net https://github.com/greenbone/openvas-scanner/"
+SRC_URI="
+	https://github.com/greenbone/openvas-scanner/archive/v${PV}.tar.gz -> ${P}.tar.gz
+"
+
+LICENSE="GPL-2 GPL-2+"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="doc snmp test"
+RESTRICT="!test? ( test )"
+
+DEPEND="
+	acct-user/gvm
+	app-crypt/gpgme:=
+	>=dev-db/redis-5.0.3
+	>=dev-libs/glib-2.42:2
+	>=dev-libs/libgcrypt-1.6:=
+	dev-libs/libgpg-error
+	>=dev-libs/libksba-1.0.7
+	dev-libs/libbsd
+	>=net-libs/libssh-0.6.0:=
+	>=dev-libs/json-glib-1.4.4
+	>=net-analyzer/gvm-libs-22.4
+	>=net-libs/gnutls-3.6.4:=
+	net-libs/libpcap
+	>=net-misc/curl-7.74.0[ssl]
+	snmp? ( net-analyzer/net-snmp:= )
+"
+RDEPEND="${DEPEND}"
+BDEPEND="
+	>=sys-devel/bison-2.5
+	app-alternatives/lex
+	virtual/pkgconfig
+	doc? (
+		app-text/doxygen[dot]
+		app-text/xmltoman
+		app-text/htmldoc
+		dev-perl/CGI
+		dev-perl/SQL-Translator
+		virtual/pandoc
+	)
+	test? ( dev-libs/cgreen )
+"
+PATCHES=(
+	# See https://github.com/greenbone/openvas-scanner/pull/1647
+	"${FILESDIR}"/openvas-scanner-23.3.0-link-curl.patch
+)
+src_prepare() {
+	cmake_src_prepare
+	# QA-Fix | Remove -Werror compiler flag
+	sed -i -e "s/-Werror//" "${S}"/CMakeLists.txt || die #909560
+	# QA-Fix | Remove !CLANG doxygen warnings for 7.0.0
+	if use doc; then
+		if ! tc-is-clang; then
+		   local f
+		   for f in doc/*.in
+		   do
+			sed -i \
+				-e "s*CLANG_ASSISTED_PARSING = NO*#CLANG_ASSISTED_PARSING = NO*g" \
+				-e "s*CLANG_OPTIONS*#CLANG_OPTIONS*g" \
+				"${f}" || die "couldn't disable CLANG parsing"
+		   done
+		fi
+	fi
+
+	#Remove tests that doesn't work in the network sandbox
+	if use test; then
+		sed -i 's/add_test (pcap-test pcap-test)/ /g' misc/CMakeLists.txt || die
+	fi
+}
+
+src_configure() {
+	local mycmakeargs=(
+		"-DLOCALSTATEDIR=${EPREFIX}/var"
+		"-DSYSCONFDIR=${EPREFIX}/etc"
+		"-DSBINDIR=${EPREFIX}/usr/bin"
+		"-DOPENVAS_FEED_LOCK_PATH=${EPREFIX}/var/lib/openvas/feed-update.lock"
+		"-DOPENVAS_RUN_DIR=/run/ospd"
+		"-DBUILD_WITH_NETSNMP=$(usex snmp)"
+	)
+	cmake_src_configure
+}
+
+src_compile() {
+	cmake_src_compile
+	if use doc; then
+		cmake_build -C "${BUILD_DIR}" doxygen-full manual
+	fi
+	cmake_build rebuild_cache
+	if use test; then
+		cmake_build tests
+	fi
+}
+
+src_install() {
+	if use doc; then
+		mv "${BUILD_DIR}"/doc/html "${BUILD_DIR}"/doc/html-manual || die
+		local HTML_DOCS=(
+			"${BUILD_DIR}"/doc/generated/html/.
+			"${BUILD_DIR}"/doc/html-manual
+		)
+	fi
+	cmake_src_install
+
+	insinto /etc/logrotate.d
+	newins "${FILESDIR}/${MY_DN}.logrotate" "${MY_DN}"
+
+	# Set proper permissions on required files/directories
+	keepdir /var/log/gvm
+	if ! use prefix; then
+		fowners gvm:gvm /var/log/gvm
+	fi
+
+	keepdir /var/lib/openvas/{gnupg,plugins}
+	if ! use prefix; then
+		fowners -R gvm:gvm /var/lib/openvas
+	fi
+
+	insinto /etc/openvas
+	newins "${FILESDIR}/openvas.conf-22" openvas.conf
+
+	systemd_newunit "${FILESDIR}/redis-openvas.service" redis-openvas.service
+	newtmpfiles "${FILESDIR}/redis-openvas.tmpfiles" redis-openvas.conf
+
+	insinto /etc/gvm
+	doins config/redis-openvas.conf
+	if ! use prefix; then
+		fowners -R gvm:gvm /etc/gvm /etc/gvm/redis-openvas.conf
+	fi
+
+	fperms 0750 /etc/gvm
+	fperms 0640 /etc/gvm/redis-openvas.conf
+
+	newconfd "${FILESDIR}/redis-openvas.confd" redis-openvas
+	newinitd "${FILESDIR}/redis-openvas.initd" redis-openvas
+
+	if use prefix; then
+		diropts -m0750
+	else
+		diropts -m0750 -o gvm -g gvm
+	fi
+	keepdir /var/lib/openvas/redis
+
+	readme.gentoo_create_doc
+}
+
+pkg_postinst() {
+	tmpfiles_process redis-openvas.conf
+	optfeature "port scanner" net-analyzer/nmap
+	readme.gentoo_print_elog
+}

[gentoo-commits] repo/gentoo:master commit in: net-analyzer/openvas-scanner/, net-analyzer/openvas-scanner/files/

[Florian Schmaus]

commit:     afc85202ab1b002e5a235b13d7a130d3e2ed7bca
Author:     Giuseppe Foti <foti.giuseppe <AT> gmail <DOT> com>
AuthorDate: Sat May 20 17:25:01 2023 +0000
Commit:     Florian Schmaus <flow <AT> gentoo <DOT> org>
CommitDate: Mon Jul  3 08:15:23 2023 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=afc85202

net-analyzer/openvas-scanner: add 22.7.2

Signed-off-by: Giuseppe Foti <foti.giuseppe <AT> gmail.com>
Signed-off-by: Florian Schmaus <flow <AT> gentoo.org>

 net-analyzer/openvas-scanner/Manifest              |   1 +
 net-analyzer/openvas-scanner/files/README.gentoo   |   3 +
 net-analyzer/openvas-scanner/files/openvas.conf-22 |   1 +
 .../openvas-scanner/files/redis-openvas.confd      |  20 +++
 .../openvas-scanner/files/redis-openvas.initd      |  25 ++++
 .../openvas-scanner/files/redis-openvas.service    |  13 ++
 .../openvas-scanner/files/redis-openvas.tmpfiles   |   2 +
 net-analyzer/openvas-scanner/metadata.xml          |   4 +
 .../openvas-scanner/openvas-scanner-22.7.2.ebuild  | 154 +++++++++++++++++++++
 9 files changed, 223 insertions(+)

diff --git a/net-analyzer/openvas-scanner/Manifest b/net-analyzer/openvas-scanner/Manifest
index f305491728b5..ccffb76d4e52 100644
--- a/net-analyzer/openvas-scanner/Manifest
+++ b/net-analyzer/openvas-scanner/Manifest
@@ -1 +1,2 @@
 DIST openvas-scanner-21.4.4.tar.gz 460601 BLAKE2B 66d627e76912735539399aed637fdc07a7d13c9e4eb142498dcf181b8ea952dd93107bcc1f2ef577126178ff3dad1e5f6e50d67840692cd49f7352e3a726ce8f SHA512 f2fe1f802b14fc41ee0d7657d031d318b651c3ec9ef554b33379a7459d40c17b44525c8f666ccb9670868576c101766936dd0c700778e46683bf43f0683834b6
+DIST openvas-scanner-22.7.2.tar.gz 924274 BLAKE2B 71b954c717f0be1634cf3561aa82c3b66af160c81b2b403b2be0d1247cad4cdfbd6779677c7d23d35c0f0e4e45b5ab30b4e1687a6b5c1b460cb034a87592b09c SHA512 cced0b3dd56cc85aa69ca7de7229c9e1a1103afd38fbf15776d29a6558c04b3e361acc3fb872f77f7f23c69339ffa25ef5ecd217ef7dafa42534547d039d8f9b

diff --git a/net-analyzer/openvas-scanner/files/README.gentoo b/net-analyzer/openvas-scanner/files/README.gentoo
new file mode 100644
index 000000000000..16547c23c7b4
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/README.gentoo
@@ -0,0 +1,3 @@
+The redis configuration file is located in:
+/etc/gvm/redis-openvas.conf
+Please apply your changes to the new configuration files.

diff --git a/net-analyzer/openvas-scanner/files/openvas.conf-22 b/net-analyzer/openvas-scanner/files/openvas.conf-22
new file mode 100644
index 000000000000..b2d964ff4b53
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/openvas.conf-22
@@ -0,0 +1 @@
+db_address = /run/redis-openvas/redis.sock

diff --git a/net-analyzer/openvas-scanner/files/redis-openvas.confd b/net-analyzer/openvas-scanner/files/redis-openvas.confd
new file mode 100644
index 000000000000..2e9ec5cfbf16
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/redis-openvas.confd
@@ -0,0 +1,20 @@
+# Redis user.
+REDIS_USER="gvm"
+
+# Redis group.
+REDIS_GROUP="gvm"
+
+# Redis configuration file.
+REDIS_CONF="/etc/gvm/redis-openvas.conf"
+
+# Redis dump directory.
+REDIS_DIR="/var/lib/gvm/redis"
+
+# Redis options.
+# (Redis expects the first argument to be the configuration file.)
+REDIS_OPTS="${REDIS_CONF}"
+
+# Specify the network service that corresponds to the "bind" setting
+# in your redis.conf. For example, if you bind to 127.0.0.1, this should
+# be set to "net.lo" which provides the loopback interface.
+rc_need="net.lo"

diff --git a/net-analyzer/openvas-scanner/files/redis-openvas.initd b/net-analyzer/openvas-scanner/files/redis-openvas.initd
new file mode 100644
index 000000000000..5c50d29dae6a
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/redis-openvas.initd
@@ -0,0 +1,25 @@
+#!/sbin/openrc-run
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+: ${REDIS_DIR:=/var/lib/gvm/redis}
+: ${REDIS_CONF:=/etc/gvm/redis-openvas.conf}
+: ${REDIS_OPTS:="${REDIS_CONF}"}
+: ${REDIS_USER:=gvm}
+: ${REDIS_GROUP:=gvm}
+: ${REDIS_TIMEOUT:=30}
+
+# https://bugs.gentoo.org/631002#c10
+# Force '--daemonize no' to override the config file
+command="/usr/sbin/redis-server"
+command_args="${REDIS_OPTS} --daemonize no"
+command_background="true"
+command_user="${REDIS_USER}:${REDIS_GROUP}"
+pidfile="/run/${RC_SVCNAME}/redis-server.pid"
+retry="${REDIS_TIMEOUT}"
+start_stop_daemon_args="--chdir \"${REDIS_DIR}\""
+
+depend() {
+	use localmount logger
+	after keepalived
+}

diff --git a/net-analyzer/openvas-scanner/files/redis-openvas.service b/net-analyzer/openvas-scanner/files/redis-openvas.service
new file mode 100644
index 000000000000..5eb8dd29e287
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/redis-openvas.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=A persistent key-value database
+After=syslog.target network.target
+PartOf=gvm.target
+
+[Service]
+Type=forking
+PIDFile=/run/redis-openvas/redis-server.pid
+ExecStart=/usr/sbin/redis-server /etc/gvm/redis-openvas.conf
+User=gvm
+
+[Install]
+WantedBy=multi-user.target

diff --git a/net-analyzer/openvas-scanner/files/redis-openvas.tmpfiles b/net-analyzer/openvas-scanner/files/redis-openvas.tmpfiles
new file mode 100644
index 000000000000..6dea2932cc0b
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/redis-openvas.tmpfiles
@@ -0,0 +1,2 @@
+# redis runtime directory
+d /run/redis-openvas 0755 gvm root -

diff --git a/net-analyzer/openvas-scanner/metadata.xml b/net-analyzer/openvas-scanner/metadata.xml
index 20db261053a1..8b98cc0ee111 100644
--- a/net-analyzer/openvas-scanner/metadata.xml
+++ b/net-analyzer/openvas-scanner/metadata.xml
@@ -1,6 +1,10 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
 <pkgmetadata>
+	<maintainer type="person" proxied="yes">
+		<email>foti.giuseppe@gmail.com</email>
+		<name>Giuseppe Foti</name>
+	</maintainer>
 	<maintainer type="person" proxied="yes">
 		<email>jonas.licht@gmail.com</email>
 		<name>Jonas Licht</name>

diff --git a/net-analyzer/openvas-scanner/openvas-scanner-22.7.2.ebuild b/net-analyzer/openvas-scanner/openvas-scanner-22.7.2.ebuild
new file mode 100644
index 000000000000..fec03e1535be
--- /dev/null
+++ b/net-analyzer/openvas-scanner/openvas-scanner-22.7.2.ebuild
@@ -0,0 +1,154 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit cmake systemd tmpfiles toolchain-funcs readme.gentoo-r1 optfeature
+
+MY_PN="openvas"
+MY_DN="openvassd"
+
+DESCRIPTION="Open Vulnerability Assessment Scanner"
+HOMEPAGE="https://www.greenbone.net https://github.com/greenbone/openvas-scanner/"
+SRC_URI="https://github.com/greenbone/openvas-scanner/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+
+SLOT="0"
+LICENSE="GPL-2 GPL-2+"
+KEYWORDS="~amd64 ~x86"
+IUSE="doc snmp test"
+RESTRICT="!test? ( test )"
+
+DEPEND="
+	acct-user/gvm
+	dev-db/redis
+	dev-libs/glib:2
+	>=dev-libs/json-glib-1.4.4
+	>=net-libs/gnutls-3.2.15
+	>=net-analyzer/gvm-libs-22.4
+	net-libs/libpcap
+	app-crypt/gpgme:=
+	dev-libs/libgcrypt:=
+	dev-libs/libgpg-error
+	>=dev-libs/libksba-1.0.7
+	>=net-libs/libssh-0.6.0
+	dev-libs/libbsd
+	snmp? ( net-analyzer/net-snmp:= )
+"
+RDEPEND="${DEPEND}"
+BDEPEND="
+	>=sys-devel/bison-2.5
+	sys-devel/flex
+	virtual/pkgconfig
+	doc? (
+		app-doc/doxygen[dot]
+		app-doc/xmltoman
+		app-text/htmldoc
+		dev-perl/CGI
+		dev-perl/SQL-Translator
+		virtual/pandoc
+	)
+	test? ( dev-libs/cgreen )
+"
+
+src_prepare() {
+	cmake_src_prepare
+	# QA-Fix | Correct FHS/Gentoo policy paths for 7.0.0
+	sed -i -e "s*/doc/openvas-scanner/*/doc/openvas-scanner-${PV}/*g" "${S}"/src/CMakeLists.txt || die
+	# QA-Fix | Remove !CLANG doxygen warnings for 7.0.0
+	if use doc; then
+		if ! tc-is-clang; then
+		   local f
+		   for f in doc/*.in
+		   do
+			sed -i \
+				-e "s*CLANG_ASSISTED_PARSING = NO*#CLANG_ASSISTED_PARSING = NO*g" \
+				-e "s*CLANG_OPTIONS*#CLANG_OPTIONS*g" \
+				"${f}" || die "couldn't disable CLANG parsing"
+		   done
+		fi
+	fi
+
+	#Remove tests that doesn't work in the network sandbox
+	if use test; then
+		sed -i 's/add_test (pcap-test pcap-test)/ /g' misc/CMakeLists.txt || die
+	fi
+}
+
+src_configure() {
+	local mycmakeargs=(
+		"-DLOCALSTATEDIR=${EPREFIX}/var"
+		"-DSYSCONFDIR=${EPREFIX}/etc"
+		"-DSBINDIR=${EPREFIX}/usr/bin"
+		"-DOPENVAS_FEED_LOCK_PATH=${EPREFIX}/var/lib/openvas/feed-update.lock"
+		"-DBUILD_WITH_SNMP=$(usex snmp)"
+		"-DPENVAS_RUN_DIR=/run/ospd"
+		"-DINSTALL_OLD_SYNC_SCRIPT=OFF"
+	)
+	cmake_src_configure
+}
+
+src_compile() {
+	cmake_src_compile
+	if use doc; then
+		cmake_build -C "${BUILD_DIR}" doxygen-full manual
+	fi
+	cmake_build rebuild_cache
+	if use test; then
+		cmake_build tests
+	fi
+}
+
+src_install() {
+	if use doc; then
+		mv "${BUILD_DIR}"/doc/html "${BUILD_DIR}"/doc/html-manual || die
+		local HTML_DOCS=(
+			"${BUILD_DIR}"/doc/generated/html/.
+			"${BUILD_DIR}"/doc/html-manual
+		)
+	fi
+	cmake_src_install
+
+	insinto /etc/logrotate.d
+	newins "${FILESDIR}/${MY_DN}.logrotate" "${MY_DN}"
+
+	# Set proper permissions on required files/directories
+	keepdir /var/log/gvm
+	if ! use prefix; then
+		fowners gvm:gvm /var/log/gvm
+	fi
+
+	keepdir /var/lib/openvas/{gnupg,plugins}
+	if ! use prefix; then
+		fowners -R gvm:gvm /var/lib/openvas
+	fi
+
+	insinto /etc/openvas
+	newins "${FILESDIR}/openvas.conf-22" openvas.conf
+
+	systemd_newunit "${FILESDIR}/redis-openvas.service" redis-openvas.service
+	newtmpfiles "${FILESDIR}/redis-openvas.tmpfiles" redis-openvas.conf
+
+	insinto /etc/gvm
+	doins config/redis-openvas.conf
+	use prefix || fowners -R gvm:gvm /etc/gvm /etc/gvm/redis-openvas.conf
+	fperms 0750 /etc/gvm
+	fperms 0644 /etc/gvm/redis-openvas.conf
+
+	newconfd "${FILESDIR}/redis-openvas.confd" redis-openvas
+	newinitd "${FILESDIR}/redis-openvas.initd" redis-openvas
+
+	if use prefix; then
+		diropts -m0750
+	else
+		diropts -m0750 -o gvm -g gvm
+	fi
+	keepdir /var/lib/openvas/redis
+
+	readme.gentoo_create_doc
+}
+
+pkg_postinst() {
+	tmpfiles_process redis-openvas.conf
+	optfeature "port scanner" net-analyzer/nmap
+	readme.gentoo_print_elog
+}

[gentoo-commits] repo/gentoo:master commit in: net-analyzer/openvas-scanner/, net-analyzer/openvas-scanner/files/

[Joonas Niilola]

commit:     c0c542fa48334cdbc3be019d30cb7b26927fe356
Author:     Jonas Licht <jonas.licht <AT> fem <DOT> tu-ilmenau <DOT> de>
AuthorDate: Fri Mar 26 11:29:06 2021 +0000
Commit:     Joonas Niilola <juippis <AT> gentoo <DOT> org>
CommitDate: Wed Mar 31 06:28:56 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c0c542fa

net-analyzer/openvas-scanner: fix build with lld

Closes: https://bugs.gentoo.org/740560
Package-Manager: Portage-3.0.13, Repoman-3.0.2
Signed-off-by: Jonas Licht <jonas.licht <AT> fem.tu-ilmenau.de>
Closes: https://github.com/gentoo/gentoo/pull/20124
Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org>

 ...penvas-scanner-7.0.1-fix-linking-with-lld.patch | 33 ++++++++++++++++++++++
 .../openvas-scanner/openvas-scanner-20.8.1.ebuild  |  1 +
 .../openvas-scanner/openvas-scanner-7.0.1.ebuild   |  1 +
 3 files changed, 35 insertions(+)

diff --git a/net-analyzer/openvas-scanner/files/openvas-scanner-7.0.1-fix-linking-with-lld.patch b/net-analyzer/openvas-scanner/files/openvas-scanner-7.0.1-fix-linking-with-lld.patch
new file mode 100644
index 00000000000..2b31a7c7d22
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/openvas-scanner-7.0.1-fix-linking-with-lld.patch
@@ -0,0 +1,33 @@
+diff --git a/nasl/CMakeLists.txt b/nasl/CMakeLists.txt
+index b594679c..adf9a221 100644
+--- a/nasl/CMakeLists.txt
++++ b/nasl/CMakeLists.txt
+@@ -87,6 +87,28 @@ endif (NOT KSBA)
+ message (STATUS "Looking for pcap...")
+ find_library (PCAP pcap)
+ 
++message (STATUS "Looking for pcap... ${PCAP}")
++if (NOT PCAP)
++  message (SEND_ERROR "The pcap library is required.")
++endif (NOT PCAP)
++
++message (STATUS "Looking for pcap-config...")
++find_program (PCAP_CONFIG pcap-config)
++
++if (PCAP_CONFIG)
++  message (STATUS "Looking for pcap-config... ${PCAP_CONFIG}")
++  execute_process (COMMAND pcap-config --libs
++    OUTPUT_VARIABLE PCAP_LDFLAGS
++    OUTPUT_STRIP_TRAILING_WHITESPACE)
++  execute_process (COMMAND pcap-config --cflags
++    OUTPUT_VARIABLE PCAP_CFLAGS
++    OUTPUT_STRIP_TRAILING_WHITESPACE)
++else (PCAP_CONFIG)
++  message (STATUS "pcap-config not found, using defaults...")
++  set (PCAP_LDFLAGS "-L/usr/lib -lpcap")
++  set (PCAP_CFLAGS "-I/usr/include")
++endif (PCAP_CONFIG)
++
+ find_library (GPGME gpgme)
+ message (STATUS "Looking for gpgme... ${GPGME}")
+ if (NOT GPGME)

diff --git a/net-analyzer/openvas-scanner/openvas-scanner-20.8.1.ebuild b/net-analyzer/openvas-scanner/openvas-scanner-20.8.1.ebuild
index 22bdb9fec93..5d4642e49c5 100644
--- a/net-analyzer/openvas-scanner/openvas-scanner-20.8.1.ebuild
+++ b/net-analyzer/openvas-scanner/openvas-scanner-20.8.1.ebuild
@@ -51,6 +51,7 @@ BDEPEND="
 
 PATCHES=(
 	"${FILESDIR}"/${PN}-7.0.1-disable-automagic-dep.patch
+	"${FILESDIR}"/${PN}-7.0.1-fix-linking-with-lld.patch
 	#qa fix for rpath
 	"${FILESDIR}"/${P}-rpath-qa-fix.patch
 )

diff --git a/net-analyzer/openvas-scanner/openvas-scanner-7.0.1.ebuild b/net-analyzer/openvas-scanner/openvas-scanner-7.0.1.ebuild
index 1fc5a911179..6b20b2711f2 100644
--- a/net-analyzer/openvas-scanner/openvas-scanner-7.0.1.ebuild
+++ b/net-analyzer/openvas-scanner/openvas-scanner-7.0.1.ebuild
@@ -50,6 +50,7 @@ BDEPEND="
 
 PATCHES=(
 	"${FILESDIR}"/${P}-disable-automagic-dep.patch
+	"${FILESDIR}"/${P}-fix-linking-with-lld.patch
 )
 
 BUILD_DIR="${WORKDIR}/${MY_PN}-${PV}_build"

[gentoo-commits] repo/gentoo:master commit in: net-analyzer/openvas-scanner/, net-analyzer/openvas-scanner/files/

[Joonas Niilola]

commit:     6b0c3a7ab8e7ff7946f51b36fd2b8972785fd78f
Author:     Jonas Licht <jonas.licht <AT> fem <DOT> tu-ilmenau <DOT> de>
AuthorDate: Mon Mar 22 14:51:34 2021 +0000
Commit:     Joonas Niilola <juippis <AT> gentoo <DOT> org>
CommitDate: Mon Mar 22 17:25:43 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6b0c3a7a

net-analyzer/openvas-scanner: add qa fix for rpath

Closes: https://bugs.gentoo.org/777723
Package-Manager: Portage-3.0.13, Repoman-3.0.2
Signed-off-by: Jonas Licht <jonas.licht <AT> fem.tu-ilmenau.de>
Closes: https://github.com/gentoo/gentoo/pull/20060
Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org>

 .../files/openvas-scanner-20.8.1-rpath-qa-fix.patch        | 14 ++++++++++++++
 net-analyzer/openvas-scanner/openvas-scanner-20.8.1.ebuild |  2 ++
 2 files changed, 16 insertions(+)

diff --git a/net-analyzer/openvas-scanner/files/openvas-scanner-20.8.1-rpath-qa-fix.patch b/net-analyzer/openvas-scanner/files/openvas-scanner-20.8.1-rpath-qa-fix.patch
new file mode 100644
index 00000000000..79e8692f4d6
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/openvas-scanner-20.8.1-rpath-qa-fix.patch
@@ -0,0 +1,14 @@
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index 69c68375..5bc000c0 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -37,6 +37,8 @@ endif (NOT CMAKE_BUILD_TYPE)
+ 
+ OPTION (ENABLE_COVERAGE "Enable support for coverage analysis" OFF)
+ 
++set(CMAKE_BUILD_WITH_INSTALL_RPATH TRUE)
++
+ ## Retrieve git revision (at configure time)
+ include (GetGit)
+ 
+

diff --git a/net-analyzer/openvas-scanner/openvas-scanner-20.8.1.ebuild b/net-analyzer/openvas-scanner/openvas-scanner-20.8.1.ebuild
index 55309940528..22bdb9fec93 100644
--- a/net-analyzer/openvas-scanner/openvas-scanner-20.8.1.ebuild
+++ b/net-analyzer/openvas-scanner/openvas-scanner-20.8.1.ebuild
@@ -51,6 +51,8 @@ BDEPEND="
 
 PATCHES=(
 	"${FILESDIR}"/${PN}-7.0.1-disable-automagic-dep.patch
+	#qa fix for rpath
+	"${FILESDIR}"/${P}-rpath-qa-fix.patch
 )
 
 src_prepare() {

[gentoo-commits] repo/gentoo:master commit in: net-analyzer/openvas-scanner/, net-analyzer/openvas-scanner/files/

[Joonas Niilola]

commit:     1a2bfc6229dc6bfb181c7e580ff9746f3890ffd2
Author:     Jonas Licht <jonas.licht <AT> fem <DOT> tu-ilmenau <DOT> de>
AuthorDate: Thu Mar 18 22:00:38 2021 +0000
Commit:     Joonas Niilola <juippis <AT> gentoo <DOT> org>
CommitDate: Mon Mar 22 13:33:54 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1a2bfc62

net-analyzer/openvas-scanner: version bump to 20.8.1

Package-Manager: Portage-3.0.13, Repoman-3.0.2
Signed-off-by: Jonas Licht <jonas.licht <AT> fem.tu-ilmenau.de>
Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org>

 net-analyzer/openvas-scanner/Manifest              |   1 +
 .../openvas-scanner/files/gvm-feed-sync-20.8.1.sh  |  45 +++++++
 .../openvas-scanner/openvas-scanner-20.8.1.ebuild  | 129 +++++++++++++++++++++
 3 files changed, 175 insertions(+)

diff --git a/net-analyzer/openvas-scanner/Manifest b/net-analyzer/openvas-scanner/Manifest
index 45b50efee46..44d0ded741f 100644
--- a/net-analyzer/openvas-scanner/Manifest
+++ b/net-analyzer/openvas-scanner/Manifest
@@ -1,2 +1,3 @@
+DIST openvas-scanner-20.8.1.tar.gz 431985 BLAKE2B 60b328dc261bf48f37aa2727f4b63904c898467f989abef8f05e29329a24d0d98c13690005c5c7a8c93f899db709771ea60832927f169f6779707a1fac602368 SHA512 6114f37a91a3dd42c3693f10548a7727fb88fbe535ce511b164a440d5ace1c736d4c8a45db9a7e83b9abbd376c4d6b13afd3d23a995a5d089329a2bb8bd71cec
 DIST openvas-scanner-6.0.1.tar.gz 522100 BLAKE2B af82b41736329bd90ba1ea73a0ace36d4115375f81a7aaff5d3bd50f21cfa3195cdf4012aa952da52c4103a31475de5c5790ef3e2e36180aa06737371fa0e5a0 SHA512 db4087fffe1d50e232fa1e51325cf7f142237e2bd3cc5dcaa1e7058a4871300f352f2c0e700eae72ea9412c347b072e9d1f2eca508b27cb30f36c6895ec95147
 DIST openvas-scanner-7.0.1.tar.gz 429012 BLAKE2B 13fd0fef2ce88f6789da9f00e8f35329e915ebc74a29b3bd52af93c6b70292d055fa1159aec4041d79a785971a583eb514e8700d1d38a76775446e40af9b2fac SHA512 201ea02b25bf247320437ae5c82bdc95db981cc6bd99fdece9403573434db122cdc8db7b82a08cba34b6d67d5794b2364f798847c79b421495666adc95a02571

diff --git a/net-analyzer/openvas-scanner/files/gvm-feed-sync-20.8.1.sh b/net-analyzer/openvas-scanner/files/gvm-feed-sync-20.8.1.sh
new file mode 100644
index 00000000000..178f49eb049
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/gvm-feed-sync-20.8.1.sh
@@ -0,0 +1,45 @@
+#!/bin/sh
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+# GVM cron script that updates feed.
+
+# Start to update FEED & First NVT.
+try=0
+until [ $try -ge 5 ]; do
+      greenbone-feed-sync --type GVMD_DATA --curl &>/dev/null && break
+      try=$[$try+1]
+      sleep 30
+done
+
+# Check status
+if [ $? -eq 0 ]; then
+   # Avoid your IP temporary banned because of multiple connection
+   sleep 5
+   # Try to update scapdata.
+   try=0
+   until [ $try -ge 5 ]; do
+         greenbone-feed-sync --type SCAP &>/dev/null && break
+         try=$[$try+1]
+         sleep 30
+   done
+
+   # Check status
+   if [ $? -eq 0 ]; then
+      # Avoid your IP temporary banned because of multiple connection
+      sleep 5
+      # Try to update certdata
+      try=0
+      until [ $try -ge 5 ]; do
+            greenbone-feed-sync --type CERT &>/dev/null && break
+            try=$[$try+1]
+            sleep 30
+      done
+
+       # Check status
+       if [ $? -eq 0 ]; then
+          exit 0
+          else
+             exit 1
+       fi
+   fi
+fi

diff --git a/net-analyzer/openvas-scanner/openvas-scanner-20.8.1.ebuild b/net-analyzer/openvas-scanner/openvas-scanner-20.8.1.ebuild
new file mode 100644
index 00000000000..55309940528
--- /dev/null
+++ b/net-analyzer/openvas-scanner/openvas-scanner-20.8.1.ebuild
@@ -0,0 +1,129 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+CMAKE_MAKEFILE_GENERATOR="emake"
+inherit cmake flag-o-matic toolchain-funcs
+
+MY_PN="openvas"
+MY_DN="openvassd"
+
+DESCRIPTION="Open Vulnerability Assessment Scanner"
+HOMEPAGE="https://www.greenbone.net/en/ https://github.com/greenbone/openvas-scanner/"
+SRC_URI="https://github.com/greenbone/openvas-scanner/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+
+SLOT="0"
+LICENSE="GPL-2 GPL-2+"
+KEYWORDS="~amd64 ~x86"
+IUSE="cron extras snmp test"
+RESTRICT="!test? ( test )"
+
+DEPEND="
+	acct-group/gvm
+	acct-user/gvm
+	app-crypt/gpgme:=
+	dev-db/redis
+	dev-libs/glib
+	dev-libs/libgcrypt:=
+	dev-libs/libksba
+	>=net-analyzer/gvm-libs-20.8.0
+	snmp? ( net-analyzer/net-snmp:= )
+	net-libs/gnutls:=
+	net-libs/libpcap
+	net-libs/libssh:="
+
+RDEPEND="
+	${DEPEND}"
+
+BDEPEND="
+	sys-devel/bison
+	sys-devel/flex
+	virtual/pkgconfig
+	extras? (
+		app-doc/doxygen[dot]
+		app-doc/xmltoman
+		app-text/htmldoc
+		dev-perl/CGI
+		dev-perl/SQL-Translator
+	)
+	test? ( dev-libs/cgreen )"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-7.0.1-disable-automagic-dep.patch
+)
+
+src_prepare() {
+	cmake_src_prepare
+	# QA-Fix | Correct FHS/Gentoo policy paths for 7.0.0
+	sed -i -e "s*/doc/openvas-scanner/*/doc/openvas-scanner-${PV}/*g" "$S"/src/CMakeLists.txt || die
+	# QA-Fix | Remove !CLANG doxygen warnings for 7.0.0
+	if use extras; then
+		if ! tc-is-clang; then
+		   local f
+		   for f in doc/*.in
+		   do
+			sed -i \
+				-e "s*CLANG_ASSISTED_PARSING = NO*#CLANG_ASSISTED_PARSING = NO*g" \
+				-e "s*CLANG_OPTIONS*#CLANG_OPTIONS*g" \
+				"${f}" || die "couldn't disable CLANG parsing"
+		   done
+		fi
+	fi
+
+	#Remove tests that doesn't work in the network sandbox
+	if use test; then
+		sed -i 's/add_test (pcap-test pcap-test)/ /g' misc/CMakeLists.txt || die
+	fi
+}
+
+src_configure() {
+	local mycmakeargs=(
+		"-DLOCALSTATEDIR=${EPREFIX}/var"
+		"-DSYSCONFDIR=${EPREFIX}/etc"
+		"-DSBINDIR=${EPREFIX}/usr/bin"
+		"-DBUILD_WITH_SNMP=$(usex snmp)"
+	)
+	cmake_src_configure
+}
+
+src_compile() {
+	cmake_src_compile
+	if use extras; then
+		cmake_build -C "${BUILD_DIR}" doc
+		cmake_build doc-full -C "${BUILD_DIR}" doc
+	fi
+	cmake_build rebuild_cache
+	if use test; then
+		cmake_build tests
+	fi
+}
+
+src_install() {
+	if use extras; then
+		local HTML_DOCS=( "${BUILD_DIR}"/doc/generated/html/. )
+	fi
+	cmake_src_install
+
+	if use cron; then
+		# Install the cron job if they want it.
+		exeinto /etc/gvm
+		newexe "${FILESDIR}/gvm-feed-sync-${PV}.sh" gvm-feed-sync.sh
+		fowners gvm:gvm /etc/gvm/gvm-feed-sync.sh
+
+		insinto /etc/cron.d
+		newins "${FILESDIR}"/gvm-feed-sync.cron gvm
+	fi
+
+	insinto /etc/logrotate.d
+	newins "${FILESDIR}/${MY_DN}.logrotate" "${MY_DN}"
+
+	# Set proper permissions on required files/directories
+	keepdir /var/log/gvm
+	fowners gvm:gvm /var/log/gvm
+	keepdir /var/lib/openvas/{gnupg,plugins}
+	fowners -R gvm:gvm /var/lib/openvas
+
+	insinto /etc/openvas
+	doins "${FILESDIR}/openvas.conf"
+}

[gentoo-commits] repo/gentoo:master commit in: net-analyzer/openvas-scanner/, net-analyzer/openvas-scanner/files/

[Joonas Niilola]

commit:     128cbddef56f70454be4e187613843de1c847dc6
Author:     Hasan ÇALIŞIR <hasan.calisir <AT> psauxit <DOT> com>
AuthorDate: Wed Dec 18 20:33:42 2019 +0000
Commit:     Joonas Niilola <juippis <AT> gentoo <DOT> org>
CommitDate: Sat Dec 21 15:06:23 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=128cbdde

net-analyzer/openvas-scanner: drop old 5.1.3

Package-Manager: Portage-2.3.79, Repoman-2.3.16
Signed-off-by: Hasan ÇALIŞIR <hasan.calisir <AT> psauxit.com>
Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org>

 net-analyzer/openvas-scanner/Manifest              |  1 -
 .../files/openvas-scanner-5.1.3-cachedir.patch     | 42 ----------
 .../files/openvas-scanner-5.1.3-gcc8.patch         | 42 ----------
 .../files/openvas-scanner-5.1.3-nvt.patch          | 93 ----------------------
 .../files/openvas-scanner-daemon.conf              |  9 ---
 .../openvas-scanner/files/openvas-scanner.init     | 25 ------
 .../files/openvas-scanner.logrotate                | 11 ---
 .../openvas-scanner/files/openvas-scanner.service  | 21 -----
 .../files/openvas-scanner.tmpfiles.d               |  1 -
 net-analyzer/openvas-scanner/files/openvassd.conf  | 53 ------------
 .../openvas-scanner/openvas-scanner-5.1.3.ebuild   | 93 ----------------------
 11 files changed, 391 deletions(-)

diff --git a/net-analyzer/openvas-scanner/Manifest b/net-analyzer/openvas-scanner/Manifest
index 7d55d149a97..e9387af7ba6 100644
--- a/net-analyzer/openvas-scanner/Manifest
+++ b/net-analyzer/openvas-scanner/Manifest
@@ -1,2 +1 @@
-DIST openvas-scanner-5.1.3.tar.gz 254159 BLAKE2B d90fa15e143ead53abce66f933a3a4cac327176cca0f23bd88fe771ed7726b1891784ae980644c8335e560d348753115e43cfae83af9704e2d1d02827163563f SHA512 5712ab275058877cfd656e268ed09c81db6617ae247c17092f1fcd037f692f2018daf21b09b82401f99a7361bb485f0e0f7d63f8ff2387839cfdd5a3aaf8424e
 DIST openvas-scanner-6.0.1.tar.gz 522100 BLAKE2B af82b41736329bd90ba1ea73a0ace36d4115375f81a7aaff5d3bd50f21cfa3195cdf4012aa952da52c4103a31475de5c5790ef3e2e36180aa06737371fa0e5a0 SHA512 db4087fffe1d50e232fa1e51325cf7f142237e2bd3cc5dcaa1e7058a4871300f352f2c0e700eae72ea9412c347b072e9d1f2eca508b27cb30f36c6895ec95147

diff --git a/net-analyzer/openvas-scanner/files/openvas-scanner-5.1.3-cachedir.patch b/net-analyzer/openvas-scanner/files/openvas-scanner-5.1.3-cachedir.patch
deleted file mode 100644
index 98c65725019..00000000000
--- a/net-analyzer/openvas-scanner/files/openvas-scanner-5.1.3-cachedir.patch
+++ /dev/null
@@ -1,42 +0,0 @@
---- openvas-scanner-5.1.3/src/openvassd.c       2018-08-29 19:27:26.000000000 +0300
-+++ openvas-scanner-5.1.3/src/openvassd.c       2019-02-04 03:28:24.635539266 +0300
-@@ -103,7 +103,6 @@
-  */
- static openvassd_option openvassd_defaults[] = {
-   {"plugins_folder", OPENVAS_NVT_DIR},
--  {"cache_folder", OPENVAS_CACHE_DIR},
-   {"include_folders", OPENVAS_NVT_DIR},
-   {"max_hosts", "30"},
-   {"max_checks", "10"},
---- openvas-scanner-5.1.3/src/CMakeLists.txt    2018-08-29 19:27:26.000000000 +0300
-+++ openvas-scanner-5.1.3/src/CMakeLists.txt    2019-02-04 03:22:20.078824664 +0300
-@@ -68,10 +68,6 @@
-   add_definitions (-DOPENVAS_NVT_DIR=\\\"${OPENVAS_NVT_DIR}\\\")
- endif (OPENVAS_NVT_DIR)
- 
--if (OPENVAS_CACHE_DIR)
--  add_definitions (-DOPENVAS_CACHE_DIR=\\\"${OPENVAS_CACHE_DIR}\\\")
--endif (OPENVAS_CACHE_DIR)
--
- if (OPENVAS_LOG_DIR)
-   add_definitions (-DOPENVAS_LOG_DIR=\\\"${OPENVAS_LOG_DIR}\\\")
- endif (OPENVAS_LOG_DIR)
---- openvas-scanner-5.1.3/CMakeLists.txt	2018-08-29 19:27:26.000000000 +0300
-+++ openvas-scanner-5.1.3/CMakeLists.txt	2019-02-04 03:18:37.889999639 +0300
-@@ -166,7 +166,6 @@
- set (OPENVAS_DATA_DIR    "${DATADIR}/openvas")
- set (OPENVAS_STATE_DIR   "${LOCALSTATEDIR}/lib/openvas")
- set (OPENVAS_LOG_DIR     "${LOCALSTATEDIR}/log/openvas")
--set (OPENVAS_CACHE_DIR   "${LOCALSTATEDIR}/cache/openvas")
- set (OPENVAS_SYSCONF_DIR "${SYSCONFDIR}/openvas")
- 
- if (NOT OPENVAS_NVT_DIR)
-@@ -265,7 +264,6 @@
-          DESTINATION ${DATADIR}/doc/openvas-scanner/ )
- 
- install (DIRECTORY DESTINATION ${OPENVAS_NVT_DIR})
--install (DIRECTORY DESTINATION ${OPENVAS_CACHE_DIR})
- 
- ## Tests
- 
-

diff --git a/net-analyzer/openvas-scanner/files/openvas-scanner-5.1.3-gcc8.patch b/net-analyzer/openvas-scanner/files/openvas-scanner-5.1.3-gcc8.patch
deleted file mode 100644
index 4ec2e786e12..00000000000
--- a/net-analyzer/openvas-scanner/files/openvas-scanner-5.1.3-gcc8.patch
+++ /dev/null
@@ -1,42 +0,0 @@
---- openvas-scanner-5.1.3/src/ntp.c	2018-08-29 19:27:26.000000000 +0300
-+++ openvas-scanner-5.1.3/src/ntp.c	2019-02-02 00:57:56.832878754 +0300
-@@ -361,9 +361,7 @@
- }
- 
- /*----------------------------------------------------------
--
-    Communication protocol: timestamps
--
-  ----------------------------------------------------------*/
- 
- 
-@@ -391,7 +389,7 @@
- static int
- __ntp_timestamp_scan_host (int soc, char *msg, char *host)
- {
--  char timestr[1024];
-+  char timestr[64];
-   char *tmp;
-   time_t t;
-   int len;
---- openvas-scanner-5.1.3/src/pluginload.c      2018-08-29 19:27:26.000000000 +0300
-+++ openvas-scanner-5.1.3/src/pluginload.c      2019-02-02 00:59:24.494774959 +0300
-@@ -250,7 +250,7 @@
-   g_slist_free_full (oids, g_free);
- }
- 
--static int
-+static void
- plugins_reload_from_dir (void *folder)
- {
-   GSList *files = NULL, *f;
---- openvas-scanner-5.1.3/src/processes.h       2018-08-29 19:27:26.000000000 +0300
-+++ openvas-scanner-5.1.3/src/processes.h       2019-02-02 01:06:42.772908314 +0300
-@@ -28,7 +28,7 @@
- #ifndef _OPENVAS_THREADS_H
- #define _OPENVAS_THREADS_H
- 
--typedef int (*process_func_t) (void *);
-+typedef void (*process_func_t) (void *);
- pid_t create_process (process_func_t, void *);
- int terminate_process (pid_t);

diff --git a/net-analyzer/openvas-scanner/files/openvas-scanner-5.1.3-nvt.patch b/net-analyzer/openvas-scanner/files/openvas-scanner-5.1.3-nvt.patch
deleted file mode 100644
index 67091fcf3e3..00000000000
--- a/net-analyzer/openvas-scanner/files/openvas-scanner-5.1.3-nvt.patch
+++ /dev/null
@@ -1,93 +0,0 @@
---- openvas-scanner-5.1.3/src/attack.c	2018-08-29 19:27:26.000000000 +0300
-+++ openvas-scanner-5.1.3/src/attack.c	2019-02-02 00:44:12.834888067 +0300
-@@ -97,9 +97,7 @@
- };
- 
- /*******************************************************
--
- 		PRIVATE FUNCTIONS
--
- ********************************************************/
- 
- /**
-@@ -996,6 +994,14 @@
-   sched = plugins_scheduler_init
-            (prefs_get ("plugin_set"), prefs_get_bool ("auto_enable_dependencies"),
-             network_phase);
-+  if (sched == NULL)
-+    {
-+      error_message_to_client (global_socket,
-+                               "Failed to initialize the plugins scheduler.",
-+                               NULL, NULL);
-+      return;
-+    }
-+
- 
-   max_hosts = get_max_hosts_number ();
-   max_checks = get_max_checks_number ();
---- openvas-scanner-5.1.3/src/pluginscheduler.c	2018-08-29 19:27:26.000000000 +0300
-+++ openvas-scanner-5.1.3/src/pluginscheduler.c	2019-02-02 00:48:03.799598381 +0300
-@@ -486,7 +486,7 @@
-     }
- }
- 
--static void
-+static int
- plugins_scheduler_fill (plugins_scheduler_t sched)
- {
-   int i;
-@@ -500,6 +500,15 @@
-       int category;
- 
-       category = nvticache_get_category (element->data);
-+      if (category < 0)
-+        {
-+          log_write ("The NVT with oid %s has not category assigned. This is "
-+                     "considered a fatal error, since the NVTI Cache "
-+                     "structure stored in Redis is out dated or corrupted.",
-+                     (char *) element->data);
-+          g_slist_free_full (list, g_free);
-+          return 1;
-+        }
-       scheduler_plugin = g_malloc0 (sizeof (struct scheduler_plugin));
-       scheduler_plugin->running_state = PLUGIN_STATUS_UNRUN;
-       scheduler_plugin->oid = g_strdup (element->data);
-@@ -529,6 +538,7 @@
-         }
-     }
- 
-+  return 0;
- }
- 
- plugins_scheduler_t
-@@ -540,7 +550,11 @@
-   /* Fill our lists */
-   ret = g_malloc0 (sizeof (*ret));
-   ret->hash = hash_init ();
--  plugins_scheduler_fill (ret);
-+  if (plugins_scheduler_fill (ret))
-+    {
-+      plugins_scheduler_free (ret);
-+      return NULL;
-+    }
- 
-   plugins_scheduler_enable (ret, plugins_list, autoload);
- 
-@@ -729,9 +743,12 @@
- void
- plugins_scheduler_free (plugins_scheduler_t sched)
- {
--  int i;
--  hash_destroy (sched->hash);
--  for (i = ACT_FIRST; i <= ACT_LAST; i++)
--    list_destroy (sched->list[i]);
--  g_free (sched);
-+  if (sched)
-+    {
-+      int i;
-+      hash_destroy (sched->hash);
-+      for (i = ACT_FIRST; i <= ACT_LAST; i++)
-+        list_destroy (sched->list[i]);
-+      g_free (sched);
-+    }
- }

diff --git a/net-analyzer/openvas-scanner/files/openvas-scanner-daemon.conf b/net-analyzer/openvas-scanner/files/openvas-scanner-daemon.conf
deleted file mode 100644
index f14b5aae6f1..00000000000
--- a/net-analyzer/openvas-scanner/files/openvas-scanner-daemon.conf
+++ /dev/null
@@ -1,9 +0,0 @@
-# OpenVAS Scanner command args
-
-# e.g --foreground
-OPENVAS_SCANNER_OPTIONS=""
-
-# Scanner listen socket
-OPENVAS_SCANNER_LISTEN_SOCKET="--unix-socket=/var/run/openvassd.sock" 
-
-

diff --git a/net-analyzer/openvas-scanner/files/openvas-scanner.init b/net-analyzer/openvas-scanner/files/openvas-scanner.init
deleted file mode 100644
index 757b5801f29..00000000000
--- a/net-analyzer/openvas-scanner/files/openvas-scanner.init
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/sbin/openrc-run
-# Copyright 1999-2019 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-name="OpenVAS Scanner"
-command="/usr/sbin/openvassd"
-command_args="${OPENVAS_SCANNER_OPTIONS} ${OPENVAS_SCANNER_LISTEN_SOCKET}"
-pidfile="/var/run/openvassd.pid"
-command_background="true"
-
-depend() {
-	after bootmisc
-	need localmount net redis
-}
-
-start_pre() {
-	checkpath --directory --mode 0775 --quiet /var/cache/openvas
-}
-
-create_cache() {
-	checkpath --directory --mode 0775 --quiet /var/cache/openvas
-	ebegin "Generating initial Cache"
-	/usr/sbin/openvassd --foreground --only-cache
-	eend $?
-}

diff --git a/net-analyzer/openvas-scanner/files/openvas-scanner.logrotate b/net-analyzer/openvas-scanner/files/openvas-scanner.logrotate
deleted file mode 100644
index 89f9e6d264d..00000000000
--- a/net-analyzer/openvas-scanner/files/openvas-scanner.logrotate
+++ /dev/null
@@ -1,11 +0,0 @@
-# logrotate for openvas scanner
-/var/log/openvas/openvassd.messages {
-        rotate 4
-        weekly
-        compress
-        delaycompress
-        missingok
-	postrotate
-	    /bin/kill -HUP `pidof openvassd`
-	endscript
-}

diff --git a/net-analyzer/openvas-scanner/files/openvas-scanner.service b/net-analyzer/openvas-scanner/files/openvas-scanner.service
deleted file mode 100644
index 4f30586ab51..00000000000
--- a/net-analyzer/openvas-scanner/files/openvas-scanner.service
+++ /dev/null
@@ -1,21 +0,0 @@
-[Unit]
-Description=OpenVAS Scanner
-After=network.target
-After=redis.service
-Before=gvmd.service
-Requires=redis.service
-
-[Service]
-Type=forking
-EnvironmentFile=-/etc/openvas/sysconfig/openvas-scanner-daemon.conf
-ExecStart=/usr/sbin/openvassd $OPENVAS_SCANNER_OPTIONS $OPENVAS_SCANNER_LISTEN_SOCKET
-ExecReload=/bin/kill -HUP $MAINPID
-Restart=on-failure
-RestartSec=10
-KillMode=mixed
-User=root
-Group=root
-TimeoutSec=1200
-
-[Install]
-WantedBy=multi-user.target

diff --git a/net-analyzer/openvas-scanner/files/openvas-scanner.tmpfiles.d b/net-analyzer/openvas-scanner/files/openvas-scanner.tmpfiles.d
deleted file mode 100644
index 18e820caec1..00000000000
--- a/net-analyzer/openvas-scanner/files/openvas-scanner.tmpfiles.d
+++ /dev/null
@@ -1 +0,0 @@
-d	/var/cache/openvassd 0775

diff --git a/net-analyzer/openvas-scanner/files/openvassd.conf b/net-analyzer/openvas-scanner/files/openvassd.conf
deleted file mode 100644
index b218a4a27b0..00000000000
--- a/net-analyzer/openvas-scanner/files/openvassd.conf
+++ /dev/null
@@ -1,53 +0,0 @@
-#You can get detailed informations from https://linux.die.net/man/8/openvassd
-
-plugins_folder = /var/lib/openvas/plugins
-include_folders = /var/lib/openvas/plugins
-max_hosts = 30
-max_checks = 10
-
-#Resource friendly
-be_nice = no
-
-#Logfile
-logfile = /var/log/openvas/openvassd.messages
-
-log_whole_attack = no
-log_plugins_name_at_load = no
-dumpfile = /var/log/openvas/openvassd.dump
-cgi_path = /cgi-bin:/scripts
-
-#Turn off for push hard but increase false positive and slow down scans
-optimize_test = yes
-
-checks_read_timeout = 5
-network_scan = no
-non_simult_ports = 139, 445
-plugins_timeout = 320
-scanner_plugins_timeout = 36000
-
-#Push harder to target
-safe_checks = no
-
-auto_enable_dependencies = yes
-use_mac_addr = no
-nasl_no_signature_check = yes
-drop_privileges = no
-unscanned_closed = yes
-unscanned_closed_udp = yes
-vhosts = 
-vhosts_ip = 
-report_host_details = yes
-
-#Redis listening socket (must be same with redis socket)
-kb_location = /tmp/redis.sock
-
-timeout_retry = 3
-time_between_request = 0
-
-#Config File
-config_file = /etc/openvas/openvassd.conf
-
-#Certificates (default these are not needed here but setup-check script looking for them)
-cert_file = /var/lib/openvas/CA/servercert.pem
-key_file = /var/lib/openvas/private/CA/serverkey.pem
-ca_file = /var/lib/openvas/CA/cacert.pem

diff --git a/net-analyzer/openvas-scanner/openvas-scanner-5.1.3.ebuild b/net-analyzer/openvas-scanner/openvas-scanner-5.1.3.ebuild
deleted file mode 100644
index ece8f93f901..00000000000
--- a/net-analyzer/openvas-scanner/openvas-scanner-5.1.3.ebuild
+++ /dev/null
@@ -1,93 +0,0 @@
-# Copyright 1999-2019 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-CMAKE_MAKEFILE_GENERATOR="emake"
-inherit cmake-utils systemd
-MY_PN="openvas-scanner"
-
-DESCRIPTION="A remote security scanner for Linux (OpenVAS-scanner)"
-HOMEPAGE="http://www.openvas.org/"
-SRC_URI="https://github.com/greenbone/${MY_PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
-
-SLOT="0"
-LICENSE="GPL-2"
-KEYWORDS="~amd64 ~x86"
-IUSE="extras"
-
-DEPEND="
-	dev-db/redis
-	dev-libs/libgcrypt:0=
-	>=net-analyzer/openvas-libraries-9.0.3
-	net-libs/gnutls:=[tools]
-	net-libs/libssh:=
-	extras? ( dev-perl/CGI )"
-
-RDEPEND="
-	${DEPEND}
-	!net-analyzer/openvas-tools"
-
-BDEPEND="
-	sys-devel/bison
-	sys-devel/flex
-	virtual/pkgconfig
-	extras? ( app-doc/doxygen[dot]
-		  app-doc/xmltoman
-		  app-text/htmldoc
-		  dev-perl/SQL-Translator
-	)"
-
-PATCHES=(
-	"${FILESDIR}/${P}-gcc8.patch"
-	"${FILESDIR}/${P}-nvt.patch"
-	"${FILESDIR}/${P}-cachedir.patch"
-)
-
-src_prepare() {
-	cmake-utils_src_prepare
-	# Fix for correct FHS/Gentoo policy paths for 5.1.3
-	sed -i "s*/doc/openvas-scanner/*/doc/openvas-scanner-${PV}/*g" "$S"/CMakeLists.txt || die
-	if use extras; then
-		doxygen -u "$S"/doc/Doxyfile_full.in || die
-	fi
-}
-
-src_configure() {
-	local mycmakeargs=(
-		"-DCMAKE_INSTALL_PREFIX=${EPREFIX}/usr"
-		"-DLOCALSTATEDIR=${EPREFIX}/var"
-		"-DSYSCONFDIR=${EPREFIX}/etc"
-	)
-	cmake-utils_src_configure
-}
-
-src_compile() {
-	cmake-utils_src_compile
-	if use extras; then
-		cmake-utils_src_make -C "${BUILD_DIR}" doc
-		cmake-utils_src_make doc-full -C "${BUILD_DIR}" doc
-		HTML_DOCS=( "${BUILD_DIR}"/doc/generated/html/. )
-	fi
-}
-
-src_install() {
-	cmake-utils_src_install
-
-	insinto /etc/openvas
-	doins "${FILESDIR}"/openvassd.conf "${FILESDIR}"/redis.conf.example
-
-	insinto /etc/openvas/sysconfig
-	doins "${FILESDIR}"/${MY_PN}-daemon.conf
-
-	newinitd "${FILESDIR}/${MY_PN}.init" ${MY_PN}
-	newconfd "${FILESDIR}/${MY_PN}-daemon.conf" ${MY_PN}
-
-	insinto /etc/logrotate.d
-	newins "${FILESDIR}/${MY_PN}.logrotate" ${MY_PN}
-
-	systemd_newtmpfilesd "${FILESDIR}/${MY_PN}.tmpfiles.d" ${MY_PN}.conf
-	systemd_dounit "${FILESDIR}"/${MY_PN}.service
-
-	keepdir /var/lib/openvas/plugins
-}

[gentoo-commits] repo/gentoo:master commit in: net-analyzer/openvas-scanner/, net-analyzer/openvas-scanner/files/

[Joonas Niilola]

commit:     0a333bcfaacbad0dad5757cb0de488b952d694cc
Author:     Hasan ÇALIŞIR <hasan.calisir <AT> psauxit <DOT> com>
AuthorDate: Mon Aug 12 15:01:24 2019 +0000
Commit:     Joonas Niilola <juippis <AT> gentoo <DOT> org>
CommitDate: Mon Oct 28 04:01:56 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0a333bcf

net-analyzer/openvas-scanner: bump to 6.0.1 & update metadata.

Bump to 6.0.1. Update metadata.
This also fixes bug 684220 and
introduces the new USE flag 'cron'.

Closes: https://bugs.gentoo.org/684220
Reported-by: aleck <rickrick <AT> stachelkaktus.net>
Package-Manager: Portage-2.3.69, Repoman-2.3.16
Signed-off-by: Hasan ÇALIŞIR <hasan.calisir <AT> psauxit.com>
Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org>

 net-analyzer/openvas-scanner/Manifest              |   1 +
 .../openvas-scanner/files/gvm-feed-sync.cron       |   1 +
 .../openvas-scanner/files/gvm-feed-sync.sh         |  45 +++++++
 .../files/openvas-scanner-6.0.1-sbin.patch         |  21 ++++
 .../openvas-scanner/files/openvassd-daemon.conf    |  17 +++
 .../openvas-scanner/files/openvassd.gvm.conf       | 124 ++++++++++++++++++
 net-analyzer/openvas-scanner/files/openvassd.init  |  14 +++
 .../openvas-scanner/files/openvassd.logrotate      |  13 ++
 .../openvas-scanner/files/openvassd.service        |  16 +++
 net-analyzer/openvas-scanner/metadata.xml          |   9 ++
 .../openvas-scanner/openvas-scanner-6.0.1.ebuild   | 138 +++++++++++++++++++++
 11 files changed, 399 insertions(+)

diff --git a/net-analyzer/openvas-scanner/Manifest b/net-analyzer/openvas-scanner/Manifest
index 12763409b46..7d55d149a97 100644
--- a/net-analyzer/openvas-scanner/Manifest
+++ b/net-analyzer/openvas-scanner/Manifest
@@ -1 +1,2 @@
 DIST openvas-scanner-5.1.3.tar.gz 254159 BLAKE2B d90fa15e143ead53abce66f933a3a4cac327176cca0f23bd88fe771ed7726b1891784ae980644c8335e560d348753115e43cfae83af9704e2d1d02827163563f SHA512 5712ab275058877cfd656e268ed09c81db6617ae247c17092f1fcd037f692f2018daf21b09b82401f99a7361bb485f0e0f7d63f8ff2387839cfdd5a3aaf8424e
+DIST openvas-scanner-6.0.1.tar.gz 522100 BLAKE2B af82b41736329bd90ba1ea73a0ace36d4115375f81a7aaff5d3bd50f21cfa3195cdf4012aa952da52c4103a31475de5c5790ef3e2e36180aa06737371fa0e5a0 SHA512 db4087fffe1d50e232fa1e51325cf7f142237e2bd3cc5dcaa1e7058a4871300f352f2c0e700eae72ea9412c347b072e9d1f2eca508b27cb30f36c6895ec95147

diff --git a/net-analyzer/openvas-scanner/files/gvm-feed-sync.cron b/net-analyzer/openvas-scanner/files/gvm-feed-sync.cron
new file mode 100644
index 00000000000..5563b92929b
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/gvm-feed-sync.cron
@@ -0,0 +1 @@
+0 2 * * * gvm [ -x /etc/gvm/gvm-feed-sync.sh ] && /bin/bash /etc/gvm/gvm-feed-sync.sh > /dev/null

diff --git a/net-analyzer/openvas-scanner/files/gvm-feed-sync.sh b/net-analyzer/openvas-scanner/files/gvm-feed-sync.sh
new file mode 100644
index 00000000000..ba21632a4d6
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/gvm-feed-sync.sh
@@ -0,0 +1,45 @@
+#!/bin/sh
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+# GVM cron script that updates feed.
+
+# Start to update FEED & First NVT.
+try=0
+until [ $try -ge 5 ]; do
+      greenbone-nvt-sync --curl &>/dev/null && break
+      try=$[$try+1]
+      sleep 30
+done
+
+# Check status
+if [ $? -eq 0 ]; then
+   # Avoid your IP temporary banned because of multiple connection
+   sleep 5
+   # Try to update scapdata.
+   try=0
+   until [ $try -ge 5 ]; do
+         greenbone-scapdata-sync &>/dev/null && break
+         try=$[$try+1]
+         sleep 30
+   done
+
+   # Check status
+   if [ $? -eq 0 ]; then
+      # Avoid your IP temporary banned because of multiple connection
+      sleep 5
+      # Try to update certdata
+      try=0
+      until [ $try -ge 5 ]; do
+            greenbone-certdata-sync &>/dev/null && break
+            try=$[$try+1]
+            sleep 30
+      done
+
+       # Check status
+       if [ $? -eq 0 ]; then
+          exit 0
+          else
+             exit 1
+       fi
+   fi
+fi

diff --git a/net-analyzer/openvas-scanner/files/openvas-scanner-6.0.1-sbin.patch b/net-analyzer/openvas-scanner/files/openvas-scanner-6.0.1-sbin.patch
new file mode 100644
index 00000000000..d5b8a2a6b62
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/openvas-scanner-6.0.1-sbin.patch
@@ -0,0 +1,21 @@
+--- a/src/CMakeLists.txt	2019-07-21 23:16:18.608251465 +0300
++++ b/src/CMakeLists.txt	2019-07-21 23:17:08.434210058 +0300
+@@ -175,7 +175,7 @@
+ ## Install
+ 
+ install (TARGETS openvassd
+-         RUNTIME DESTINATION ${SBINDIR}
++         RUNTIME DESTINATION ${BINDIR}
+          PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE
+          GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ 
+@@ -183,7 +183,7 @@
+          DESTINATION ${OPENVAS_SYSCONF_DIR})
+ 
+ install (FILES ${CMAKE_BINARY_DIR}/tools/greenbone-nvt-sync
+-         DESTINATION ${SBINDIR}
++         DESTINATION ${BINDIR}
+          PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE
+                      GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ 
+

diff --git a/net-analyzer/openvas-scanner/files/openvassd-daemon.conf b/net-analyzer/openvas-scanner/files/openvassd-daemon.conf
new file mode 100644
index 00000000000..6bb70d16535
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/openvassd-daemon.conf
@@ -0,0 +1,17 @@
+# OpenVAS Scanner command args
+
+# e.g --foreground
+OPENVAS_SCANNER_OPTIONS=""
+
+# Scanner listen socket
+OPENVAS_SCANNER_LISTEN_SOCKET="--unix-socket=/var/run/openvassd.sock" 
+
+# Scanner listen owner
+OPENVAS_SCANNER_LISTEN_OWNER="--listen-owner=gvm"
+
+# Scanner listen group
+OPENVAS_SCANNER_LISTEN_GROUP="--listen-group=gvm"
+
+# Scanner listen mode
+OPENVAS_SCANNER_LISTEN_MODE="--listen-mode=755"
+

diff --git a/net-analyzer/openvas-scanner/files/openvassd.gvm.conf b/net-analyzer/openvas-scanner/files/openvassd.gvm.conf
new file mode 100644
index 00000000000..5dfb8b52745
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/openvassd.gvm.conf
@@ -0,0 +1,124 @@
+# You can get detailed informations from https://linux.die.net/man/8/openvassd
+# Configuration file of the OpenVAS Security Scanner
+# Every line starting with a '#' is a comment
+
+[Misc]
+
+# Path to the security checks folder:
+plugins_folder = /var/lib/openvas/plugins
+
+# Path to OpenVAS caching folder:
+cache_folder = /var/cache/openvas
+
+# Path to OpenVAS include directories:
+# (multiple entries are separated with colon ':')
+include_folders = /var/lib/openvas/plugins
+
+# Config File
+config_file = /etc/openvas/openvassd.conf
+
+# Maximum number of simultaneous hosts tested :
+max_hosts = 30
+
+# Maximum number of simultaneous checks against each host tested :
+max_checks = 10
+
+# Niceness. If set to 'yes', openvassd will renice itself to 10.
+be_nice = no
+
+# Log file (or 'syslog') :
+logfile = /var/log/gvm/openvassd.log
+
+# Shall we log every details of the attack ? (disk intensive)
+log_whole_attack = no
+
+# Log the name of the plugins that are loaded by the server ?
+log_plugins_name_at_load = no
+
+# Dump file for debugging output, use `-' for stdout
+dumpfile = /var/log/gvm/openvassd.dump
+
+# Rules file :
+rules = /etc/openvas/openvassd.rules
+
+# CGI paths to check for (cgi-bin:/cgi-aws:/ can do)
+cgi_path = /cgi-bin:/scripts
+
+# Range of the ports the port scanners will scan :
+# 'default' means that OpenVAS will scan ports found in its
+# services file.
+port_range = default
+
+# Optimize the test (recommended) :
+# Turn off for push hard but increase false positive and slow down scans
+optimize_test = yes
+
+# Optimization :
+# Read timeout for the sockets of the tests :
+checks_read_timeout = 5
+
+# Ports against which two plugins should not be run simultaneously :
+# non_simult_ports = Services/www, 139, Services/finger
+non_simult_ports = 139, 445
+
+# Maximum lifetime of a plugin (in seconds) :
+plugins_timeout = 320
+
+# Safe checks rely on banner grabbing & If enabled push harder to target:
+safe_checks = yes
+
+# Automatically activate the plugins that are depended on
+auto_enable_dependencies = yes
+
+# Do not echo data from plugins which have been automatically enabled
+silent_dependencies = no
+
+# Designate hosts by MAC address, not IP address (useful for DHCP networks)
+use_mac_addr = no
+
+
+#--- Knowledge base saving (can be configured by the client) :
+# Save the knowledge base on disk :
+save_knowledge_base = no
+
+# Restore the KB for each test :
+kb_restore = no
+
+# Only test hosts whose KB we do not have :
+only_test_hosts_whose_kb_we_dont_have = no
+
+# Only test hosts whose KB we already have :
+only_test_hosts_whose_kb_we_have = no
+
+# KB test replay :
+kb_dont_replay_scanners = no
+kb_dont_replay_info_gathering = no
+kb_dont_replay_attacks = no
+kb_dont_replay_denials = no
+kb_max_age = 864000
+#--- end of the KB section
+
+# Redis socket default setting
+db_address = /tmp/redis.sock
+
+# If this option is set, OpenVAS will not scan a network incrementally
+# (10.0.0.1, then 10.0.0.2, 10.0.0.3 and so on..) but will attempt to
+# slice the workload throughout the whole network (ie: it will scan
+# 10.0.0.1, then 10.0.0.127, then 10.0.0.2, then 10.0.0.128 and so on...
+slice_network_addresses = no
+
+# Should consider all the NASL scripts as being signed ? (unsafe if set to 'yes')
+nasl_no_signature_check = yes
+
+#Certificates
+cert_file=/var/lib/gvm/CA/servercert.pem
+key_file=/var/lib/gvm/private/CA/serverkey.pem
+ca_file=/var/lib/gvm/CA/cacert.pem
+
+# If you decide to protect your private key with a password,
+# uncomment and change next line
+# pem_password=password
+# If you want to force the use of a client certificate, uncomment next line
+# force_pubkey_auth = yes
+
+#end.

diff --git a/net-analyzer/openvas-scanner/files/openvassd.init b/net-analyzer/openvas-scanner/files/openvassd.init
new file mode 100644
index 00000000000..9bd7332134f
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/openvassd.init
@@ -0,0 +1,14 @@
+#!/sbin/openrc-run
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+name="Open Vulnerability Assessment Scanner"
+command="/usr/bin/openvassd"
+command_args="${OPENVAS_SCANNER_OPTIONS} ${OPENVAS_SCANNER_LISTEN_SOCKET} ${OPENVAS_SCANNER_LISTEN_OWNER} ${OPENVAS_SCANNER_LISTEN_GROUP} ${OPENVAS_SCANNER_LISTEN_MODE}"
+pidfile="/run/openvassd.pid"
+command_background="true"
+
+depend() {
+	after bootmisc
+	need localmount net redis
+}

diff --git a/net-analyzer/openvas-scanner/files/openvassd.logrotate b/net-analyzer/openvas-scanner/files/openvassd.logrotate
new file mode 100644
index 00000000000..9cf47d54763
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/openvassd.logrotate
@@ -0,0 +1,13 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+# Daemon ignore HUP so we use 'copytruncate' instead of 'create' 
+# with safe file size to prevent losing log entries.
+
+/var/log/gvm/openvassd.log {
+	compress
+	missingok
+	notifempty
+	sharedscripts
+	copytruncate
+	maxsize 10M
+}

diff --git a/net-analyzer/openvas-scanner/files/openvassd.service b/net-analyzer/openvas-scanner/files/openvassd.service
new file mode 100644
index 00000000000..b7d7df8bbab
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/openvassd.service
@@ -0,0 +1,16 @@
+[Unit]
+Description=Open Vulnerability Assessment Scanner
+After=network.target
+After=redis.service
+Before=gvmd.service
+Requires=redis.service
+
+[Service]
+Type=forking
+EnvironmentFile=-/etc/openvas/sysconfig/openvassd-daemon.conf
+ExecStart=/usr/bin/openvassd $OPENVAS_SCANNER_OPTIONS $OPENVAS_SCANNER_LISTEN_SOCKET $OPENVAS_SCANNER_LISTEN_OWNER $OPENVAS_SCANNER_LISTEN_GROUP $OPENVAS_SCANNER_LISTEN_MODE
+Restart=on-failure
+RestartSec=10
+
+[Install]
+WantedBy=multi-user.target

diff --git a/net-analyzer/openvas-scanner/metadata.xml b/net-analyzer/openvas-scanner/metadata.xml
index fa26aa942e1..50c99b9436c 100644
--- a/net-analyzer/openvas-scanner/metadata.xml
+++ b/net-analyzer/openvas-scanner/metadata.xml
@@ -10,6 +10,15 @@
 		<name>Proxy Maintainers</name>
 	</maintainer>
 	<use>
+		<flag name="cron">Install a cron job to update GVM's feed daily.</flag>
 		<flag name="extras">Html docs support</flag>
 	</use>
+	<longdescription lang="en">
+	Open Vulnerability Assessment System (OpenVAS) Scanner is the Greenbone Vulnerability Management (GVM) Solution.
+	It is used for the Greenbone Security Manager appliances and is a full-featured scan engine that executes a continuously 
+	updated and extended feed of Network Vulnerability Tests (NVTs).
+	</longdescription>
+	<upstream>
+		<remote-id type="github">greenbone/openvas-scanner</remote-id>
+	</upstream>
 </pkgmetadata>

diff --git a/net-analyzer/openvas-scanner/openvas-scanner-6.0.1.ebuild b/net-analyzer/openvas-scanner/openvas-scanner-6.0.1.ebuild
new file mode 100644
index 00000000000..1700d942181
--- /dev/null
+++ b/net-analyzer/openvas-scanner/openvas-scanner-6.0.1.ebuild
@@ -0,0 +1,138 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+CMAKE_MAKEFILE_GENERATOR="emake"
+inherit cmake-utils flag-o-matic systemd toolchain-funcs
+
+MY_PN="openvas"
+MY_DN="openvassd"
+
+DESCRIPTION="Open Vulnerability Assessment Scanner"
+HOMEPAGE="https://www.greenbone.net/en/"
+SRC_URI="https://github.com/greenbone/openvas-scanner/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+
+SLOT="0"
+LICENSE="GPL-2 GPL-2+"
+KEYWORDS="~amd64 ~x86"
+IUSE="cron extras"
+
+DEPEND="
+	app-crypt/gpgme:=
+	dev-db/redis
+	dev-libs/libgcrypt:=
+	dev-libs/libksba
+	>=net-analyzer/gvm-libs-10.0.1
+	net-analyzer/net-snmp
+	net-libs/gnutls:=
+	net-libs/libpcap
+	net-libs/libssh:=
+"
+
+RDEPEND="
+	${DEPEND}
+	!~net-analyzer/openvas-scanner-5.1.3
+	!net-analyzer/openvas-tools"
+
+BDEPEND="
+	sys-devel/bison
+	sys-devel/flex
+	virtual/pkgconfig
+	extras? ( app-doc/doxygen[dot]
+		  app-doc/xmltoman
+		  app-text/htmldoc
+		  dev-perl/CGI
+		  dev-perl/SQL-Translator
+	)"
+
+BUILD_DIR="${WORKDIR}/${MY_PN}-${PV}_build"
+S="${WORKDIR}/${MY_PN}-${PV}"
+
+PATCHES=(
+	# Install exec. to /usr/bin instead of /usr/sbin
+	"${FILESDIR}/${P}-sbin.patch"
+)
+
+src_prepare() {
+	cmake-utils_src_prepare
+	# QA-Fix | Correct FHS/Gentoo policy paths for 6.0.1
+	sed -i -e "s*/doc/openvas-scanner/*/doc/openvas-scanner-${PV}/*g" "$S"/src/CMakeLists.txt || die
+	# QA-Fix | Remove !CLANG doxygen warnings for 6.0.1
+	if use extras; then
+		if ! tc-is-clang; then
+		   local f
+		   for f in doc/*.in
+		   do
+			sed -i \
+				-e "s*CLANG_ASSISTED_PARSING = NO*#CLANG_ASSISTED_PARSING = NO*g" \
+				-e "s*CLANG_OPTIONS*#CLANG_OPTIONS*g" \
+				"${f}" || die "couldn't disable CLANG parsing"
+		   done
+		fi
+	fi
+}
+
+src_configure() {
+	local mycmakeargs=(
+		"-DCMAKE_INSTALL_PREFIX=${EPREFIX}/usr"
+		"-DLOCALSTATEDIR=${EPREFIX}/var"
+		"-DSYSCONFDIR=${EPREFIX}/etc"
+	)
+	# Add release hardening flags for 6.0.1
+	append-cflags -Wno-format-truncation -Wformat -Wformat-security -D_FORTIFY_SOURCE=2 -fstack-protector
+	append-ldflags -Wl,-z,relro -Wl,-z,now
+	cmake-utils_src_configure
+}
+
+src_compile() {
+	cmake-utils_src_compile
+	if use extras; then
+		cmake-utils_src_make -C "${BUILD_DIR}" doc
+		cmake-utils_src_make doc-full -C "${BUILD_DIR}" doc
+		HTML_DOCS=( "${BUILD_DIR}"/doc/generated/html/. )
+	fi
+	cmake-utils_src_make rebuild_cache
+}
+
+src_install() {
+	cmake-utils_src_install
+
+	dodir /etc/openvas
+	insinto /etc/openvas
+	newins "${FILESDIR}/${MY_DN}.gvm.conf" openvassd.conf
+
+	insinto /etc/openvas
+	doins "${FILESDIR}"/redis.conf.example
+
+	dodir /etc/openvas/sysconfig
+	insinto /etc/openvas/sysconfig
+	doins "${FILESDIR}/${MY_DN}-daemon.conf"
+
+	if use cron; then
+		# Install the cron job if they want it.
+		exeinto /etc/gvm
+		doexe "${FILESDIR}/gvm-feed-sync.sh"
+		fowners gvm:gvm /etc/gvm/gvm-feed-sync.sh
+
+		insinto /etc/cron.d
+		newins "${FILESDIR}"/gvm-feed-sync.cron gvm
+	fi
+
+	fowners -R gvm:gvm /etc/openvas
+
+	newinitd "${FILESDIR}/${MY_DN}.init" "${MY_DN}"
+	newconfd "${FILESDIR}/${MY_DN}-daemon.conf" "${MY_DN}"
+
+	dodir /etc/logrotate.d
+	insinto /etc/logrotate.d
+	newins "${FILESDIR}/${MY_DN}.logrotate" "${MY_DN}"
+
+	systemd_dounit "${FILESDIR}/${MY_DN}.service"
+
+	# Set proper permissions on required files/directories
+	keepdir /var/log/gvm
+	fowners gvm:gvm /var/log/gvm
+	keepdir /var/lib/openvas/{gnupg,plugins}
+	fowners -R gvm:gvm /var/lib/openvas
+}