Date: Sun, 6 Aug 2017 06:49:43 +0000 (UTC) From: Jose Alonso Cardenas Marquez <acm@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r447445 - in head/security: greenbone-security-assistant8 greenbone-security-assistant8/files greenbone-security-assistant9 greenbone-security-assistant9/files openvas8-manager openvas8... Message-ID: <201708060649.v766nhYs060414@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: acm Date: Sun Aug 6 06:49:42 2017 New Revision: 447445 URL: https://svnweb.freebsd.org/changeset/ports/447445 Log: - security/openvas[89]-manager: Add PGSQL support - security/greenbone-security-assistant[89]: Improve rc scripts - security/openvas8-manager: Fix openvas-*-sync scripts - security/openvas9-manager: Fix greenbone-*-sync scripts - Add flags option to rc scripts - Bump PORTREVISION Added: head/security/openvas8-manager/files/patch-src-sql_pg.c (contents, props changed) head/security/openvas9-manager/files/patch-src-sql_pg.c (contents, props changed) Modified: head/security/greenbone-security-assistant8/Makefile head/security/greenbone-security-assistant8/files/gsad.in head/security/greenbone-security-assistant8/pkg-plist head/security/greenbone-security-assistant9/files/gsad.in head/security/greenbone-security-assistant9/pkg-plist head/security/openvas8-manager/Makefile head/security/openvas8-manager/files/patch-CMakeLists.txt head/security/openvas8-manager/files/patch-src-CMakeLists.txt head/security/openvas8-manager/files/patch-src-manage_sql.c head/security/openvas8-manager/files/patch-tools+greenbone-scapdata-sync.in head/security/openvas8-manager/files/patch-tools+openvas-scapdata-sync.in head/security/openvas8-manager/pkg-plist head/security/openvas8-scanner/Makefile head/security/openvas8-scanner/files/openvassd.in head/security/openvas9-manager/files/openvasmd.in head/security/openvas9-manager/files/patch-src-manage_sql.c head/security/openvas9-manager/files/patch-tools+greenbone-scapdata-sync.in head/security/openvas9-manager/pkg-plist Modified: head/security/greenbone-security-assistant8/Makefile ============================================================================== --- head/security/greenbone-security-assistant8/Makefile Sun Aug 6 06:24:31 2017 (r447444) +++ head/security/greenbone-security-assistant8/Makefile Sun Aug 6 06:49:42 2017 (r447445) @@ -2,6 +2,7 @@ PORTNAME?= greenbone-security-assistant8 PORTVERSION?= 6.0.12 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES?= http://wald.intevation.org/frs/download.php/2442/ DISTNAME= ${PORTNAME:S/${OPENVAS_VER}//}-${PORTVERSION} @@ -23,7 +24,11 @@ CONFLICTS?= ${PORTNAME:S/${OPENVAS_VER}/9/}-* USES= cmake:outsource gettext gnome pkgconfig USE_GNOME= glib20 libxml2 libxslt USE_RC_SUBR= gsad +ETCDIR= ${PREFIX}/etc/openvas OPENVAS_VER?= 8 + +post-install: + ${MV} ${STAGEDIR}${ETCDIR}/gsad_log.conf ${STAGEDIR}${ETCDIR}/gsad_log.conf.sample .include <bsd.port.mk> Modified: head/security/greenbone-security-assistant8/files/gsad.in ============================================================================== --- head/security/greenbone-security-assistant8/files/gsad.in Sun Aug 6 06:24:31 2017 (r447444) +++ head/security/greenbone-security-assistant8/files/gsad.in Sun Aug 6 06:49:42 2017 (r447445) @@ -8,17 +8,20 @@ # # Add the following to /etc/rc.conf[.local] to enable this service # -# gsad_enable="YES" +# gsad_enable (bool): Set to NO by default. +# Set it to YES to enable gsad. +# gsad_flags (params): Set params used to start gsad. # . /etc/rc.subr name=gsad -rcvar=gsad_enable +rcvar=${name}_enable command="%%PREFIX%%/sbin/gsad" pidfile=/var/run/gsad.pid -: ${gsad_enable=NO} +: ${gsad_enable="NO"} +: ${gsad_flags="--listen=127.0.0.1 --port=8080 --http-only"} load_rc_config $name run_rc_command "$1" Modified: head/security/greenbone-security-assistant8/pkg-plist ============================================================================== --- head/security/greenbone-security-assistant8/pkg-plist Sun Aug 6 06:24:31 2017 (r447444) +++ head/security/greenbone-security-assistant8/pkg-plist Sun Aug 6 06:49:42 2017 (r447445) @@ -1,4 +1,4 @@ -etc/openvas/gsad_log.conf +@sample etc/openvas/gsad_log.conf.sample man/man8/gsad.8.gz sbin/gsad share/locale/de/LC_MESSAGES/gsad_xsl.mo Modified: head/security/greenbone-security-assistant9/files/gsad.in ============================================================================== --- head/security/greenbone-security-assistant9/files/gsad.in Sun Aug 6 06:24:31 2017 (r447444) +++ head/security/greenbone-security-assistant9/files/gsad.in Sun Aug 6 06:49:42 2017 (r447445) @@ -8,17 +8,20 @@ # # Add the following to /etc/rc.conf[.local] to enable this service # -# gsad_enable="YES" +# gsad_enable (bool): Set to NO by default. +# Set it to YES to enable gsad. +# gsad_flags (params): Set params used to start gsad. # . /etc/rc.subr name=gsad -rcvar=gsad_enable +rcvar=${name}_enable command="%%PREFIX%%/sbin/gsad" pidfile=/var/run/gsad.pid -: ${gsad_enable=NO} +: ${gsad_enable="NO"} +: ${gsad_flags="--listen=127.0.0.1 --port=8080 --http-only"} load_rc_config $name run_rc_command "$1" Modified: head/security/greenbone-security-assistant9/pkg-plist ============================================================================== --- head/security/greenbone-security-assistant9/pkg-plist Sun Aug 6 06:24:31 2017 (r447444) +++ head/security/greenbone-security-assistant9/pkg-plist Sun Aug 6 06:49:42 2017 (r447445) @@ -1,5 +1,4 @@ -etc/openvas/gsad_log.conf -etc/rc.d/gsad +@sample etc/openvas/gsad_log.conf.sample man/man8/gsad.8.gz sbin/gsad share/openvas/gsa/classic/cpe-icons.xml Modified: head/security/openvas8-manager/Makefile ============================================================================== --- head/security/openvas8-manager/Makefile Sun Aug 6 06:24:31 2017 (r447444) +++ head/security/openvas8-manager/Makefile Sun Aug 6 06:49:42 2017 (r447445) @@ -2,6 +2,7 @@ PORTNAME?= openvas8-manager PORTVERSION?= 6.0.11 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES?= http://wald.intevation.org/frs/download.php/2445/ DISTNAME= ${PORTNAME:S/${OPENVAS_VER}//}-${PORTVERSION} @@ -13,27 +14,43 @@ COMMENT?= OpenVAS 8 manager LICENSE= GPLv2+ LICENSE_FILE= ${WRKSRC}/COPYING +BUILD_DEPENDS= p5-SQL-Translator>=0:databases/p5-SQL-Translator LIB_DEPENDS= libgnutls.so:security/gnutls \ libgpgme.so:security/gpgme \ libgcrypt.so:security/libgcrypt \ libopenvas_base.so:security/openvas${OPENVAS_VER}-libraries +RUN_DEPENDS:= ${BUILD_DEPENDS} CONFLICTS?= ${PORTNAME:S/${OPENVAS_VER}/9/}-* -USES= cmake:outsource execinfo gnome pkgconfig sqlite -USE_GNOME= glib20 +USES= cmake:outsource execinfo gnome pkgconfig +USE_GNOME= glib20 libxslt:run +PGSQL_USES= pgsql +SQLITE3_USES= sqlite +PGSQL_CMAKE_ON+=-DBACKEND:STRING="POSTGRESQL" +SQLITE3_CMAKE_ON+=-DBACKEND:STRING="SQLITE3" USE_RC_SUBR= openvasmd DOCSDIR= ${PREFIX}/share/doc/${PORTNAME:S/${OPENVAS_VER}//} +ETCDIR= ${PREFIX}/etc/openvas REINPLACE_ARGS= -i '' OPENVAS_VER?= 8 OPTIONS_DEFINE= DOCS +OPTIONS_DEFAULT=DOCS SQLITE3 +OPTIONS_SUB= yes +OPTIONS_SINGLE_DATABASE=SQLITE3 PGSQL +OPTIONS_SINGLE= DATABASE +DATABASE_DESC= Database support post-patch: @${REINPLACE_CMD} -e '1d' ${WRKSRC}/tools/extra/xml_split + @${REINPLACE_CMD} -e 's|OPENVAS_STATE_DIR|OPENVAS_LIB_INSTALL_DIR|g' ${WRKSRC}/src/manage_pg.c post-install: ${INSTALL_DATA} ${WRKSRC}/INSTALL ${STAGEDIR}${DOCSDIR} + ${INSTALL_DATA} ${WRKSRC}/doc/postgres-HOWTO ${STAGEDIR}${DOCSDIR} + ${MV} ${STAGEDIR}${ETCDIR}/openvasmd_log.conf ${STAGEDIR}${ETCDIR}/openvasmd_log.conf.sample + ${MV} ${STAGEDIR}${ETCDIR}/pwpolicy.conf ${STAGEDIR}${ETCDIR}/pwpolicy.conf.sample .include <bsd.port.mk> Modified: head/security/openvas8-manager/files/patch-CMakeLists.txt ============================================================================== --- head/security/openvas8-manager/files/patch-CMakeLists.txt Sun Aug 6 06:24:31 2017 (r447444) +++ head/security/openvas8-manager/files/patch-CMakeLists.txt Sun Aug 6 06:49:42 2017 (r447445) @@ -1,6 +1,6 @@ ---- CMakeLists.txt.orig 2015-12-21 09:42:05 UTC -+++ CMakeLists.txt -@@ -153,7 +153,7 @@ if (NOT LIBDIR) +--- CMakeLists.txt 2017-06-21 05:04:50.000000000 -0500 ++++ CMakeLists.txt 2017-08-04 00:45:04.904399000 -0500 +@@ -153,7 +153,7 @@ endif (NOT LIBDIR) if (NOT LOCALSTATEDIR) @@ -9,7 +9,16 @@ endif (NOT LOCALSTATEDIR) if (NOT DATADIR) -@@ -284,7 +284,7 @@ configure_file (tools/openvas-migrate-to +@@ -196,6 +196,8 @@ + + set (OPENVAS_NVT_DIR "${OPENVAS_STATE_DIR}/plugins/") + ++set (OPENVAS_LIB_INSTALL_DIR "${LIBDIR}") ++ + message ("-- Install prefix: ${CMAKE_INSTALL_PREFIX}") + + ## Dependency checks +@@ -284,7 +286,7 @@ ## Program Modified: head/security/openvas8-manager/files/patch-src-CMakeLists.txt ============================================================================== --- head/security/openvas8-manager/files/patch-src-CMakeLists.txt Sun Aug 6 06:24:31 2017 (r447444) +++ head/security/openvas8-manager/files/patch-src-CMakeLists.txt Sun Aug 6 06:49:42 2017 (r447445) @@ -1,6 +1,6 @@ ---- src/CMakeLists.txt.orig 2015-12-08 07:09:32 UTC -+++ src/CMakeLists.txt -@@ -66,7 +66,7 @@ add_library (otp STATIC otp.c) +--- src/CMakeLists.txt 2015-12-08 02:09:32.000000000 -0500 ++++ src/CMakeLists.txt 2017-08-04 00:48:57.665021000 -0500 +@@ -66,7 +66,7 @@ ## Program add_executable (openvasmd openvasmd.c ompd.c) @@ -9,3 +9,12 @@ set_target_properties (openvasmd PROPERTIES LINKER_LANGUAGE C) +@@ -159,7 +159,7 @@ + + if (BACKEND STREQUAL POSTGRESQL) + install (TARGETS manage-pg-server +- LIBRARY DESTINATION "${OPENVAS_STATE_DIR}/openvasmd/pg/") ++ LIBRARY DESTINATION "${OPENVAS_LIB_INSTALL_DIR}/openvasmd/pg/") + endif (BACKEND STREQUAL POSTGRESQL) + + ## Static analysis Modified: head/security/openvas8-manager/files/patch-src-manage_sql.c ============================================================================== --- head/security/openvas8-manager/files/patch-src-manage_sql.c Sun Aug 6 06:24:31 2017 (r447444) +++ head/security/openvas8-manager/files/patch-src-manage_sql.c Sun Aug 6 06:49:42 2017 (r447445) @@ -1,5 +1,5 @@ ---- src/manage_sql.c.orig 2016-02-26 13:38:52 UTC -+++ src/manage_sql.c +--- src/manage_sql.c 2017-06-19 08:14:58.000000000 -0500 ++++ src/manage_sql.c 2017-08-05 19:47:05.407323000 -0500 @@ -58,6 +58,7 @@ #include <unistd.h> #include <sys/time.h> @@ -8,7 +8,7 @@ #include <openvas/base/openvas_string.h> #include <openvas/base/openvas_file.h> -@@ -940,7 +941,7 @@ iso_time_internal (time_t *epoch_time, c +@@ -950,7 +951,7 @@ static char time_string[100]; tm = localtime (epoch_time); @@ -17,7 +17,34 @@ { if (strftime (time_string, 98, "%FT%TZ", tm) == 0) return NULL; -@@ -42378,12 +42379,12 @@ modify_schedule (const char *schedule_id +@@ -24386,7 +24387,7 @@ + { + return sql_int ("SELECT count (DISTINCT port) FROM results" + " WHERE report = %llu AND port != ''" +- " AND port NOT LIKE 'general/%';", ++ " AND port NOT LIKE 'general/%%';", + report); + } + +@@ -24401,7 +24402,7 @@ + { + return sql_int ("SELECT count (DISTINCT port) FROM results" + " WHERE report = %llu AND host = '%s'" +- " AND port NOT LIKE 'general/%';", ++ " AND port NOT LIKE 'general/%%';", + report, + host); + } +@@ -33237,7 +33238,7 @@ + " WHERE config_preferences.config = %llu" + " AND config_preferences.type = '%s'" + " AND (config_preferences.name = nvt_preferences.name" +- " OR config_preferences.name LIKE 'timeout.%')" ++ " OR config_preferences.name LIKE 'timeout.%%')" + " AND config_preferences.name != 'max_checks'" + " AND config_preferences.name != 'max_hosts'" + " UNION" +@@ -43502,12 +43503,12 @@ if (duration == -1) duration_string = NULL; else @@ -32,7 +59,7 @@ if ((period_months == -1) || (period_months == 0)) { -@@ -42395,12 +42396,12 @@ modify_schedule (const char *schedule_id +@@ -43519,12 +43520,12 @@ else { period_months_string = g_strdup ("0"); Added: head/security/openvas8-manager/files/patch-src-sql_pg.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/openvas8-manager/files/patch-src-sql_pg.c Sun Aug 6 06:49:42 2017 (r447445) @@ -0,0 +1,17 @@ +--- src/sql_pg.c 2017-08-04 00:41:59.376627000 -0500 ++++ src/sql_pg.c 2017-08-04 00:42:16.863937000 -0500 +@@ -27,12 +27,12 @@ + #include "tracef.h" + + #include <assert.h> +-#include <endian.h> ++#include <sys/endian.h> + #include <arpa/inet.h> + #include <glib.h> + #include <inttypes.h> + #include <netinet/in.h> +-#include <postgresql/libpq-fe.h> ++#include <libpq-fe.h> + #include <string.h> + + #include <openvas/base/array.h> Modified: head/security/openvas8-manager/files/patch-tools+greenbone-scapdata-sync.in ============================================================================== --- head/security/openvas8-manager/files/patch-tools+greenbone-scapdata-sync.in Sun Aug 6 06:24:31 2017 (r447444) +++ head/security/openvas8-manager/files/patch-tools+greenbone-scapdata-sync.in Sun Aug 6 06:49:42 2017 (r447445) @@ -1,7 +1,40 @@ ---- tools/greenbone-scapdata-sync.in.orig 2015-12-08 07:09:31 UTC -+++ tools/greenbone-scapdata-sync.in -@@ -962,7 +962,7 @@ update_scap_db_private () { +--- tools/greenbone-scapdata-sync.in 2015-12-08 02:09:31.000000000 -0500 ++++ tools/greenbone-scapdata-sync.in 2017-08-05 22:00:27.817110000 -0500 +@@ -297,7 +297,7 @@ then + log_err "Could not determine credentials, aborting synchronization." + rm -rf $FEED_INFO_TEMP_DIR +- exit -1 ++ exit 1 + fi + + # --protocol=29 is a workaround for a known bug in rsync 3.0.3 +@@ -321,12 +321,12 @@ + then + log_err "rsync failed, aborting synchronization." + rm -rf $FEED_INFO_TEMP_DIR +- exit -1 ++ exit 1 + fi + else + log_err "Could not find access key, aborting synchronization." + rm -rf $FEED_INFO_TEMP_DIR +- exit -1 ++ exit 1 + fi + + FEED_VERSION_SERVER=`cat $FEED_INFO_TEMP_DIR/timestamp` +@@ -335,7 +335,7 @@ + then + log_err "Could not determine server feed version." + rm -rf $FEED_INFO_TEMP_DIR +- exit -1 ++ exit 1 + fi + + # Check against FEED_VERSION +@@ -962,11 +962,11 @@ + then for ovalfile in $oval_files_sorted_private do - filedate=`stat -c "%Y" "$ovalfile" | cut -d " " -f 1 | tr -d "-"` @@ -9,7 +42,23 @@ filedate=$(( $filedate - ( $filedate % 60 ) )) if [ $filedate -gt $DB_LASTUPDATE ] || [ 1 = "$REBUILD_OVAL" ] then -@@ -1090,12 +1090,12 @@ update_scap_db() { +- oval_timestamp=`xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | date "+%s" -f -` ++ oval_timestamp=`date -j -f "%Y-%m-%dT%H:%M:%S" $(xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | cut -d "." -f1) +%s` + + if [ 1 = "$REBUILD_OVAL" ] + then +@@ -1068,8 +1068,8 @@ + fi + + # TODO: This is not quite accurate as it uses the timestamp of the non-private data. +- LAST_UPDATE_TIMESTAMP=`sed 's/^\(.\{8\}\)/\1 /' $TIMESTAMP | date +%s -f -` +- ++ LAST_UPDATE_TIMESTAMP=`date -j -f '%Y%m%d%H%M%S' $(sed 's/$/00/g' $TIMESTAMP) +%s` ++ + reset_sql_tries + until [ "$try_sql" -eq 0 ] + do +@@ -1090,12 +1090,12 @@ CPEBASE="$SCAP_DIR/official-cpe-dictionary_v2.2.xml" if [ -e $CPEBASE ] then @@ -24,7 +73,7 @@ if [ "0" -ne "$SPLIT_PART_SIZE" ] && [ "$filesize" -gt $(($SPLIT_PART_SIZE * 1024)) ] then log_info "File is larger than ${SPLIT_PART_SIZE}k. Splitting into multiple parts" -@@ -1152,13 +1152,13 @@ update_scap_db() { +@@ -1152,13 +1152,13 @@ then for cvefile in `ls $SCAP_DIR/nvdcve-2.0-*.xml` do @@ -40,7 +89,7 @@ if [ "0" -ne "$SPLIT_PART_SIZE" ] && [ "$filesize" -gt $(($SPLIT_PART_SIZE * 1024)) ] then log_info "File is larger than ${SPLIT_PART_SIZE}k. Splitting into multiple parts" -@@ -1228,7 +1228,7 @@ update_scap_db() { +@@ -1228,11 +1228,11 @@ for ovalfile in $oval_files_sorted do @@ -49,7 +98,21 @@ filedate=$(( $filedate - ( $filedate % 60 ) )) if [ $filedate -gt $DB_LASTUPDATE ] || [ 1 = "$REBUILD_OVAL" ] then -@@ -1469,7 +1469,7 @@ then +- oval_timestamp=`xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | date "+%s" -f -` ++ oval_timestamp=`date -j -f '%Y-%m-%dT%H:%M:%S' $(xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | cut -d "." -f1) +%s` + + if [ 1 = "$REBUILD_OVAL" ] + then +@@ -1284,7 +1284,7 @@ + update_cvss + update_placeholders + +- LAST_UPDATE_TIMESTAMP=`sed 's/^\(.\{8\}\)/\1 /' $TIMESTAMP | env TZ="UTC" date +%s -f -` ++ LAST_UPDATE_TIMESTAMP=`date -j -f '%Y%m%d%H%M%S' $(sed 's/$/00/g' $TIMESTAMP) +%s` + + reset_sql_tries + until [ "$try_sql" -eq 0 ] +@@ -1469,7 +1469,7 @@ exit 1 fi Modified: head/security/openvas8-manager/files/patch-tools+openvas-scapdata-sync.in ============================================================================== --- head/security/openvas8-manager/files/patch-tools+openvas-scapdata-sync.in Sun Aug 6 06:24:31 2017 (r447444) +++ head/security/openvas8-manager/files/patch-tools+openvas-scapdata-sync.in Sun Aug 6 06:49:42 2017 (r447445) @@ -1,6 +1,15 @@ ---- tools/openvas-scapdata-sync.in.orig 2015-08-03 05:52:10 UTC -+++ tools/openvas-scapdata-sync.in -@@ -885,7 +885,7 @@ update_sec_db_private () { +--- tools/openvas-scapdata-sync.in 2017-05-02 02:32:45.000000000 -0500 ++++ tools/openvas-scapdata-sync.in 2017-08-05 22:40:11.310734000 -0500 +@@ -63,7 +63,7 @@ + + # Delay between retries + if [ -z "$SQL_RETRY_DELAY" ]; then +- SQL_RETRY_DELAY="10m" # allowed unit suffixes: see sleep command ++ SQL_RETRY_DELAY="600" # allowed unit suffixes: see sleep command + fi + + TIMESTAMP="$SCAP_DIR/timestamp" +@@ -885,11 +885,11 @@ then for ovalfile in $oval_files_sorted_private do @@ -9,7 +18,39 @@ filedate=$(( $filedate - ( $filedate % 60 ) )) if [ $filedate -gt $DB_LASTUPDATE ] || [ 1 = "$REBUILD_OVAL" ] then -@@ -1012,13 +1012,13 @@ update_sec_db () { +- oval_timestamp=`xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | date "+%s" -f -` ++ oval_timestamp=`date -j -f "%Y-%m-%dT%H:%M:%S" $(xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | cut -d "." -f1) +%s` + + if [ 1 = "$REBUILD_OVAL" ] + then +@@ -958,7 +958,7 @@ + DIR_STR_LENGTH=$((`echo "$SCAP_DIR" | wc -c` + 1)) + + oval_files_shortened="" +- if [ 0 != "$xmlcount" ] ++ if [ "$xmlcount" -ne 0 ] + then + for ovalfile in $oval_files_sorted_private + do +@@ -968,7 +968,7 @@ + fi + + oval_files_clause="" +- if [ ! -z "$oval_files_shortened" ] ++ if [ "$oval_files_shortened" != "" ] + then + oval_files_clause="AND (xml_file NOT IN ($oval_files_shortened))" + fi +@@ -993,7 +993,7 @@ + fi + + # TODO: This is not quite accurate as it uses the timestamp of the non-private data. +- LAST_UPDATE_TIMESTAMP=`sed 's/^\(.\{8\}\)/\1 /' $TIMESTAMP | date +%s -f -` ++ LAST_UPDATE_TIMESTAMP=`date -j -f '%Y%m%d%H%M%S' $(sed 's/$/00/g' $TIMESTAMP) +%s` + + reset_sql_tries + until [ "$try_sql" -eq 0 ] +@@ -1012,13 +1012,13 @@ CPEBASE="$SCAP_DIR/official-cpe-dictionary_v2.2.xml" if [ -e $CPEBASE ] then @@ -25,7 +66,7 @@ if [ "0" -ne "$SPLIT_PART_SIZE" ] && [ "$filesize" -gt $(($SPLIT_PART_SIZE * 1024)) ] then echo "[i] File is larger than ${SPLIT_PART_SIZE}k. Splitting into multiple parts" -@@ -1075,13 +1075,13 @@ update_sec_db () { +@@ -1075,13 +1075,13 @@ then for cvefile in `ls $SCAP_DIR/nvdcve-2.0-*.xml` do @@ -41,7 +82,7 @@ if [ "0" -ne "$SPLIT_PART_SIZE" ] && [ "$filesize" -gt $(($SPLIT_PART_SIZE * 1024)) ] then echo "[i] File is larger than ${SPLIT_PART_SIZE}k. Splitting into multiple parts" -@@ -1151,7 +1151,7 @@ update_sec_db () { +@@ -1151,11 +1151,11 @@ for ovalfile in $oval_files_sorted do @@ -50,3 +91,17 @@ filedate=$(( $filedate - ( $filedate % 60 ) )) if [ $filedate -gt $DB_LASTUPDATE ] || [ 1 = "$REBUILD_OVAL" ] then +- oval_timestamp=`xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | date "+%s" -f -` ++ oval_timestamp=`date -j -f '%Y-%m-%dT%H:%M:%S' $(xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | cut -d "." -f1) +%s` + + if [ 1 = "$REBUILD_OVAL" ] + then +@@ -1206,7 +1206,7 @@ + update_cvss + update_placeholders + +- LAST_UPDATE_TIMESTAMP=`sed 's/^\(.\{8\}\)/\1 /' $TIMESTAMP | env TZ="UTC" date +%s -f -` ++ LAST_UPDATE_TIMESTAMP=`date -j -f '%Y%m%d%H%M%S' $(sed 's/$/00/g' $TIMESTAMP) +%s` + reset_sql_tries + until [ "$try_sql" -eq 0 ] + do Modified: head/security/openvas8-manager/pkg-plist ============================================================================== --- head/security/openvas8-manager/pkg-plist Sun Aug 6 06:24:31 2017 (r447444) +++ head/security/openvas8-manager/pkg-plist Sun Aug 6 06:49:42 2017 (r447445) @@ -1,5 +1,6 @@ -etc/openvas/openvasmd_log.conf -etc/openvas/pwpolicy.conf +@sample etc/openvas/openvasmd_log.conf.sample +@sample etc/openvas/pwpolicy.conf.sample +%%PGSQL%%lib/openvasmd/pg/libmanage-pg-server.so man/man8/openvasmd.8.gz sbin/greenbone-certdata-sync sbin/greenbone-scapdata-sync @@ -10,6 +11,7 @@ sbin/openvas-scapdata-sync sbin/openvasmd %%PORTDOCS%%%%DOCSDIR%%/INSTALL %%PORTDOCS%%%%DOCSDIR%%/html/omp.html +%%PORTDOCS%%%%DOCSDIR%%/postgres-HOWTO share/openvas/cert/cert_bund_getbyname.xsl share/openvas/cert/cert_bund_update.xsl share/openvas/cert/cert_db_init.sql Modified: head/security/openvas8-scanner/Makefile ============================================================================== --- head/security/openvas8-scanner/Makefile Sun Aug 6 06:24:31 2017 (r447444) +++ head/security/openvas8-scanner/Makefile Sun Aug 6 06:49:42 2017 (r447445) @@ -3,6 +3,7 @@ PORTNAME?= openvas8-scanner PORTVERSION?= 5.0.8 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES?= http://wald.intevation.org/frs/download.php/2436/ DISTNAME= ${PORTNAME:S/${OPENVAS_VER}//}-${PORTVERSION} @@ -18,7 +19,8 @@ LIB_DEPENDS= libgcrypt.so:security/libgcrypt \ libopenvas_base.so:security/openvas${OPENVAS_VER}-libraries RUN_DEPENDS= redis-server:databases/redis \ curl:ftp/curl \ - rsync:net/rsync + rsync:net/rsync \ + nmap:security/nmap CONFLICTS?= ${PORTNAME:S/${OPENVAS_VER}/9/}-* Modified: head/security/openvas8-scanner/files/openvassd.in ============================================================================== --- head/security/openvas8-scanner/files/openvassd.in Sun Aug 6 06:24:31 2017 (r447444) +++ head/security/openvas8-scanner/files/openvassd.in Sun Aug 6 06:49:42 2017 (r447445) @@ -8,18 +8,21 @@ # # Add the following to /etc/rc.conf[.local] to enable this service # -# openvassd_enable="YES" +# openvassd_enable (bool): Set to NO by default. +# Set it to YES to enable openvassd. +# openvassd_flags (params): Set params used to start openvassd. # . /etc/rc.subr name=openvassd -rcvar=openvassd_enable +rcvar=${name}_enable command="%%PREFIX%%/sbin/openvassd" pidfile=/var/run/openvassd.pid extra_commands="reload" : ${openvassd_enable=NO} +: ${openvassd_flags="--listen=127.0.0.1"} load_rc_config $name run_rc_command "$1" Modified: head/security/openvas9-manager/files/openvasmd.in ============================================================================== --- head/security/openvas9-manager/files/openvasmd.in Sun Aug 6 06:24:31 2017 (r447444) +++ head/security/openvas9-manager/files/openvasmd.in Sun Aug 6 06:49:42 2017 (r447445) @@ -8,18 +8,21 @@ # # Add the following to /etc/rc.conf[.local] to enable this service # -# openvasmd_enable="YES" +# openvasmd_enable (bool): Set to NO by default. +# Set it to YES to enable bareos_dir. +# openvasmd_flags (params): Set params used to start openvasmd. # . /etc/rc.subr name=openvasmd -rcvar=openvasmd_enable +rcvar=${name}_enable command="%%PREFIX%%/sbin/openvasmd" pidfile=/var/run/openvasmd.pid extra_commands="reload" -: ${openvasmd_enable=NO} +: ${openvasmd_enable="NO"} +: ${openvasmd_flags="--listen=127.0.0.1"} load_rc_config $name run_rc_command "$1" Modified: head/security/openvas9-manager/files/patch-src-manage_sql.c ============================================================================== --- head/security/openvas9-manager/files/patch-src-manage_sql.c Sun Aug 6 06:24:31 2017 (r447444) +++ head/security/openvas9-manager/files/patch-src-manage_sql.c Sun Aug 6 06:49:42 2017 (r447445) @@ -1,6 +1,6 @@ ---- src/manage_sql.c.orig 2016-02-26 13:38:52 UTC -+++ src/manage_sql.c -@@ -58,6 +58,7 @@ +--- src/manage_sql.c 2017-06-20 01:32:02.000000000 -0500 ++++ src/manage_sql.c 2017-08-05 21:19:08.663354000 -0500 +@@ -57,6 +57,7 @@ #include <unistd.h> #include <sys/time.h> #include <grp.h> @@ -8,7 +8,7 @@ #include <openvas/base/openvas_string.h> #include <openvas/base/openvas_file.h> -@@ -940,7 +941,7 @@ iso_time_internal (time_t *epoch_time, c +@@ -1061,7 +1062,7 @@ static char time_string[100]; tm = localtime (epoch_time); @@ -17,7 +17,34 @@ { if (strftime (time_string, 98, "%FT%TZ", tm) == 0) return NULL; -@@ -42378,12 +42379,12 @@ modify_schedule (const char *schedule_id +@@ -25384,7 +25385,7 @@ + { + return sql_int ("SELECT count (DISTINCT port) FROM results" + " WHERE report = %llu AND port != ''" +- " AND port NOT %s 'general/%';", ++ " AND port NOT %s 'general/%%';", + report, + sql_ilike_op ()); + } +@@ -25400,7 +25401,7 @@ + { + return sql_int ("SELECT count (DISTINCT port) FROM results" + " WHERE report = %llu AND host = '%s'" +- " AND port NOT %s 'general/%';", ++ " AND port NOT %s 'general/%%';", + report, + host, + sql_ilike_op ()); +@@ -35110,7 +35111,7 @@ + " WHERE config_preferences.config = %llu" + " AND config_preferences.type = '%s'" + " AND (config_preferences.name = nvt_preferences.name" +- " OR config_preferences.name LIKE 'timeout.%')" ++ " OR config_preferences.name LIKE 'timeout.%%')" + " AND config_preferences.name != 'max_checks'" + " AND config_preferences.name != 'max_hosts'" + " UNION" +@@ -47821,12 +47822,12 @@ if (duration == -1) duration_string = NULL; else @@ -32,7 +59,7 @@ if ((period_months == -1) || (period_months == 0)) { -@@ -42395,12 +42396,12 @@ modify_schedule (const char *schedule_id +@@ -47838,12 +47839,12 @@ else { period_months_string = g_strdup ("0"); Added: head/security/openvas9-manager/files/patch-src-sql_pg.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/openvas9-manager/files/patch-src-sql_pg.c Sun Aug 6 06:49:42 2017 (r447445) @@ -0,0 +1,18 @@ +--- src/sql_pg.c 2017-08-06 01:12:18.411221000 -0500 ++++ src/sql_pg.c 2017-08-06 01:13:41.241337000 -0500 +@@ -26,13 +26,13 @@ + #include "sql.h" + + #include <assert.h> +-#include <endian.h> ++#include <sys/endian.h> + #include <errno.h> + #include <arpa/inet.h> + #include <glib.h> + #include <inttypes.h> + #include <netinet/in.h> +-#include <postgresql/libpq-fe.h> ++#include <libpq-fe.h> + #include <stdlib.h> + #include <string.h> + Modified: head/security/openvas9-manager/files/patch-tools+greenbone-scapdata-sync.in ============================================================================== --- head/security/openvas9-manager/files/patch-tools+greenbone-scapdata-sync.in Sun Aug 6 06:24:31 2017 (r447444) +++ head/security/openvas9-manager/files/patch-tools+greenbone-scapdata-sync.in Sun Aug 6 06:49:42 2017 (r447445) @@ -1,6 +1,6 @@ ---- tools/greenbone-scapdata-sync.in.orig 2016-11-10 04:58:06.000000000 -0500 -+++ tools/greenbone-scapdata-sync.in 2017-07-29 00:09:17.272096000 -0500 -@@ -1080,7 +1080,7 @@ +--- tools/greenbone-scapdata-sync.in 2016-11-10 04:58:06.000000000 -0500 ++++ tools/greenbone-scapdata-sync.in 2017-08-05 22:42:35.986283000 -0500 +@@ -1080,11 +1080,11 @@ then for ovalfile in $oval_files_sorted_private do @@ -9,6 +9,38 @@ filedate=$(( $filedate - ( $filedate % 60 ) )) if [ $filedate -gt $DB_LASTUPDATE ] || [ 1 = "$REBUILD_OVAL" ] then +- oval_timestamp=`xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | date "+%s" -f -` ++ oval_timestamp=`date -j -f "%Y-%m-%dT%H:%M:%S" $(xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | cut -d "." -f1) +%s` + + if [ 1 = "$REBUILD_OVAL" ] + then +@@ -1153,7 +1153,7 @@ + DIR_STR_LENGTH=$((`echo "$SCAP_DIR" | wc -c` + 1)) + + oval_files_shortened="" +- if [ 0 != "$xmlcount" ] ++ if [ "$xmlcount" -ne 0 ] + then + for ovalfile in $oval_files_sorted_private + do +@@ -1163,7 +1163,7 @@ + fi + + oval_files_clause="" +- if [ ! -z "$oval_files_shortened" ] ++ if [ "$oval_files_shortened" =! "" ] + then + oval_files_clause="AND (xml_file NOT IN ($oval_files_shortened))" + fi +@@ -1186,7 +1186,7 @@ + fi + + # TODO: This is not quite accurate as it uses the timestamp of the non-private data. +- LAST_UPDATE_TIMESTAMP=`sed 's/^\(.\{8\}\)/\1 /' $TIMESTAMP | date +%s -f -` ++ LAST_UPDATE_TIMESTAMP=`date -j -f '%Y%m%d%H%M%S' $(sed 's/$/00/g' $TIMESTAMP) +%s` + + reset_sql_tries + until [ "$try_sql" -eq 0 ] @@ -1208,12 +1208,12 @@ CPEBASE="$SCAP_DIR/official-cpe-dictionary_v2.2.xml" if [ -e $CPEBASE ] @@ -40,7 +72,7 @@ if [ "0" -ne "$SPLIT_PART_SIZE" ] && [ "$filesize" -gt $(($SPLIT_PART_SIZE * 1024)) ] then log_info "File is larger than ${SPLIT_PART_SIZE}k. Splitting into multiple parts" -@@ -1347,7 +1347,7 @@ +@@ -1347,11 +1347,11 @@ for ovalfile in $oval_files_sorted do @@ -49,6 +81,20 @@ filedate=$(( $filedate - ( $filedate % 60 ) )) if [ $filedate -gt $DB_LASTUPDATE ] || [ 1 = "$REBUILD_OVAL" ] then +- oval_timestamp=`xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | date "+%s" -f -` ++ oval_timestamp=`date -j -f '%Y-%m-%dT%H:%M:%S' $(xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | cut -d "." -f1) +%s` + + if [ 1 = "$REBUILD_OVAL" ] + then +@@ -1403,7 +1403,7 @@ + update_cvss + update_placeholders + +- LAST_UPDATE_TIMESTAMP=`sed 's/^\(.\{8\}\)/\1 /' $TIMESTAMP | env TZ="UTC" date +%s -f -` ++ LAST_UPDATE_TIMESTAMP=`date -j -f '%Y%m%d%H%M%S' $(sed 's/$/00/g' $TIMESTAMP) +%s` + + reset_sql_tries + until [ "$try_sql" -eq 0 ] @@ -1635,7 +1635,7 @@ then if [ -f "$SCAP_DB" ] Modified: head/security/openvas9-manager/pkg-plist ============================================================================== --- head/security/openvas9-manager/pkg-plist Sun Aug 6 06:24:31 2017 (r447444) +++ head/security/openvas9-manager/pkg-plist Sun Aug 6 06:49:42 2017 (r447445) @@ -1,23 +1,27 @@ bin/openvas-manage-certs -etc/openvas/openvasmd_log.conf -etc/openvas/pwpolicy.conf -etc/rc.d/openvasmd +@sample etc/openvas/openvasmd_log.conf.sample +@sample etc/openvas/pwpolicy.conf.sample +%%PGSQL%%lib/openvasmd/pg/libmanage-pg-server.so +%%PGSQL%%lib/openvasmd/pg/libmanage-pg-server.so.0 +%%PGSQL%%lib/openvasmd/pg/libmanage-pg-server.so.7.0.2 man/man8/database-statistics-sqlite.8.gz man/man8/greenbone-certdata-sync.8.gz man/man8/greenbone-scapdata-sync.8.gz man/man8/openvas-migrate-to-postgres.8.gz man/man8/openvas-portnames-update.8.gz man/man8/openvasmd.8.gz -sbin/database-statistics-sqlite +%%SQLITE3%%sbin/database-statistics-sqlite sbin/greenbone-certdata-sync sbin/greenbone-scapdata-sync sbin/openvas-migrate-to-postgres sbin/openvas-portnames-update sbin/openvasmd -sbin/openvasmd-sqlite +%%SQLITE3%%sbin/openvasmd-sqlite +%%PGSQL%%sbin/openvasmd-pg %%PORTDOCS%%%%DOCSDIR%%/INSTALL %%PORTDOCS%%%%DOCSDIR%%/example-openvas-manage-certs.conf %%PORTDOCS%%%%DOCSDIR%%/html/omp.html +%%PGSQL%%%%PORTDOCS%%%%DOCSDIR%%/postgres-HOWTO share/man/man1/openvas-manage-certs.1 share/openvas/cert/cert_bund_getbyname.xsl share/openvas/cert/cert_bund_update.xsl
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201708060649.v766nhYs060414>