Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 6 Aug 2017 06:49:43 +0000 (UTC)
From:      Jose Alonso Cardenas Marquez <acm@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r447445 - in head/security: greenbone-security-assistant8 greenbone-security-assistant8/files greenbone-security-assistant9 greenbone-security-assistant9/files openvas8-manager openvas8...
Message-ID:  <201708060649.v766nhYs060414@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: acm
Date: Sun Aug  6 06:49:42 2017
New Revision: 447445
URL: https://svnweb.freebsd.org/changeset/ports/447445

Log:
  - security/openvas[89]-manager: Add PGSQL support
  - security/greenbone-security-assistant[89]: Improve rc scripts
  - security/openvas8-manager: Fix openvas-*-sync scripts
  - security/openvas9-manager: Fix greenbone-*-sync scripts
  - Add flags option to rc scripts
  - Bump PORTREVISION

Added:
  head/security/openvas8-manager/files/patch-src-sql_pg.c   (contents, props changed)
  head/security/openvas9-manager/files/patch-src-sql_pg.c   (contents, props changed)
Modified:
  head/security/greenbone-security-assistant8/Makefile
  head/security/greenbone-security-assistant8/files/gsad.in
  head/security/greenbone-security-assistant8/pkg-plist
  head/security/greenbone-security-assistant9/files/gsad.in
  head/security/greenbone-security-assistant9/pkg-plist
  head/security/openvas8-manager/Makefile
  head/security/openvas8-manager/files/patch-CMakeLists.txt
  head/security/openvas8-manager/files/patch-src-CMakeLists.txt
  head/security/openvas8-manager/files/patch-src-manage_sql.c
  head/security/openvas8-manager/files/patch-tools+greenbone-scapdata-sync.in
  head/security/openvas8-manager/files/patch-tools+openvas-scapdata-sync.in
  head/security/openvas8-manager/pkg-plist
  head/security/openvas8-scanner/Makefile
  head/security/openvas8-scanner/files/openvassd.in
  head/security/openvas9-manager/files/openvasmd.in
  head/security/openvas9-manager/files/patch-src-manage_sql.c
  head/security/openvas9-manager/files/patch-tools+greenbone-scapdata-sync.in
  head/security/openvas9-manager/pkg-plist

Modified: head/security/greenbone-security-assistant8/Makefile
==============================================================================
--- head/security/greenbone-security-assistant8/Makefile	Sun Aug  6 06:24:31 2017	(r447444)
+++ head/security/greenbone-security-assistant8/Makefile	Sun Aug  6 06:49:42 2017	(r447445)
@@ -2,6 +2,7 @@
 
 PORTNAME?=	greenbone-security-assistant8
 PORTVERSION?=	6.0.12
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES?=	http://wald.intevation.org/frs/download.php/2442/
 DISTNAME=	${PORTNAME:S/${OPENVAS_VER}//}-${PORTVERSION}
@@ -23,7 +24,11 @@ CONFLICTS?=	${PORTNAME:S/${OPENVAS_VER}/9/}-*
 USES=		cmake:outsource gettext gnome pkgconfig
 USE_GNOME=	glib20 libxml2 libxslt
 USE_RC_SUBR=	gsad
+ETCDIR=		${PREFIX}/etc/openvas
 
 OPENVAS_VER?=	8
+
+post-install:
+	${MV} ${STAGEDIR}${ETCDIR}/gsad_log.conf ${STAGEDIR}${ETCDIR}/gsad_log.conf.sample
 
 .include <bsd.port.mk>

Modified: head/security/greenbone-security-assistant8/files/gsad.in
==============================================================================
--- head/security/greenbone-security-assistant8/files/gsad.in	Sun Aug  6 06:24:31 2017	(r447444)
+++ head/security/greenbone-security-assistant8/files/gsad.in	Sun Aug  6 06:49:42 2017	(r447445)
@@ -8,17 +8,20 @@
 #
 # Add the following to /etc/rc.conf[.local] to enable this service
 #
-# gsad_enable="YES"
+# gsad_enable  (bool):   Set to NO by default.
+#                Set it to YES to enable gsad.
+# gsad_flags (params):   Set params used to start gsad.
 #
 
 . /etc/rc.subr
 
 name=gsad
-rcvar=gsad_enable
+rcvar=${name}_enable
 command="%%PREFIX%%/sbin/gsad"
 pidfile=/var/run/gsad.pid
 
-: ${gsad_enable=NO}
+: ${gsad_enable="NO"}
+: ${gsad_flags="--listen=127.0.0.1 --port=8080 --http-only"}
 
 load_rc_config $name
 run_rc_command "$1"

Modified: head/security/greenbone-security-assistant8/pkg-plist
==============================================================================
--- head/security/greenbone-security-assistant8/pkg-plist	Sun Aug  6 06:24:31 2017	(r447444)
+++ head/security/greenbone-security-assistant8/pkg-plist	Sun Aug  6 06:49:42 2017	(r447445)
@@ -1,4 +1,4 @@
-etc/openvas/gsad_log.conf
+@sample etc/openvas/gsad_log.conf.sample
 man/man8/gsad.8.gz
 sbin/gsad
 share/locale/de/LC_MESSAGES/gsad_xsl.mo

Modified: head/security/greenbone-security-assistant9/files/gsad.in
==============================================================================
--- head/security/greenbone-security-assistant9/files/gsad.in	Sun Aug  6 06:24:31 2017	(r447444)
+++ head/security/greenbone-security-assistant9/files/gsad.in	Sun Aug  6 06:49:42 2017	(r447445)
@@ -8,17 +8,20 @@
 #
 # Add the following to /etc/rc.conf[.local] to enable this service
 #
-# gsad_enable="YES"
+# gsad_enable  (bool):   Set to NO by default.
+#                Set it to YES to enable gsad.
+# gsad_flags (params):   Set params used to start gsad.
 #
 
 . /etc/rc.subr
 
 name=gsad
-rcvar=gsad_enable
+rcvar=${name}_enable
 command="%%PREFIX%%/sbin/gsad"
 pidfile=/var/run/gsad.pid
 
-: ${gsad_enable=NO}
+: ${gsad_enable="NO"}
+: ${gsad_flags="--listen=127.0.0.1 --port=8080 --http-only"}
 
 load_rc_config $name
 run_rc_command "$1"

Modified: head/security/greenbone-security-assistant9/pkg-plist
==============================================================================
--- head/security/greenbone-security-assistant9/pkg-plist	Sun Aug  6 06:24:31 2017	(r447444)
+++ head/security/greenbone-security-assistant9/pkg-plist	Sun Aug  6 06:49:42 2017	(r447445)
@@ -1,5 +1,4 @@
-etc/openvas/gsad_log.conf
-etc/rc.d/gsad
+@sample etc/openvas/gsad_log.conf.sample
 man/man8/gsad.8.gz
 sbin/gsad
 share/openvas/gsa/classic/cpe-icons.xml

Modified: head/security/openvas8-manager/Makefile
==============================================================================
--- head/security/openvas8-manager/Makefile	Sun Aug  6 06:24:31 2017	(r447444)
+++ head/security/openvas8-manager/Makefile	Sun Aug  6 06:49:42 2017	(r447445)
@@ -2,6 +2,7 @@
 
 PORTNAME?=	openvas8-manager
 PORTVERSION?=	6.0.11
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES?=	http://wald.intevation.org/frs/download.php/2445/
 DISTNAME=	${PORTNAME:S/${OPENVAS_VER}//}-${PORTVERSION}
@@ -13,27 +14,43 @@ COMMENT?=	OpenVAS 8 manager
 LICENSE=	GPLv2+
 LICENSE_FILE=	${WRKSRC}/COPYING
 
+BUILD_DEPENDS=	p5-SQL-Translator>=0:databases/p5-SQL-Translator
 LIB_DEPENDS=	libgnutls.so:security/gnutls \
 		libgpgme.so:security/gpgme \
 		libgcrypt.so:security/libgcrypt \
 		libopenvas_base.so:security/openvas${OPENVAS_VER}-libraries
+RUN_DEPENDS:=	${BUILD_DEPENDS}
 
 CONFLICTS?=	${PORTNAME:S/${OPENVAS_VER}/9/}-*
 
-USES=		cmake:outsource execinfo gnome pkgconfig sqlite
-USE_GNOME=	glib20
+USES=		cmake:outsource execinfo gnome pkgconfig
+USE_GNOME=	glib20 libxslt:run
+PGSQL_USES=	pgsql
+SQLITE3_USES=	sqlite
+PGSQL_CMAKE_ON+=-DBACKEND:STRING="POSTGRESQL"
+SQLITE3_CMAKE_ON+=-DBACKEND:STRING="SQLITE3"
 USE_RC_SUBR=	openvasmd
 DOCSDIR=	${PREFIX}/share/doc/${PORTNAME:S/${OPENVAS_VER}//}
+ETCDIR=		${PREFIX}/etc/openvas
 REINPLACE_ARGS=	-i ''
 
 OPENVAS_VER?=	8
 
 OPTIONS_DEFINE=	DOCS
+OPTIONS_DEFAULT=DOCS SQLITE3
+OPTIONS_SUB=	yes
+OPTIONS_SINGLE_DATABASE=SQLITE3 PGSQL
+OPTIONS_SINGLE=		DATABASE
+DATABASE_DESC=		Database support
 
 post-patch:
 	@${REINPLACE_CMD} -e '1d' ${WRKSRC}/tools/extra/xml_split
+	@${REINPLACE_CMD} -e 's|OPENVAS_STATE_DIR|OPENVAS_LIB_INSTALL_DIR|g' ${WRKSRC}/src/manage_pg.c
 
 post-install:
 	${INSTALL_DATA} ${WRKSRC}/INSTALL ${STAGEDIR}${DOCSDIR}
+	${INSTALL_DATA} ${WRKSRC}/doc/postgres-HOWTO ${STAGEDIR}${DOCSDIR}
+	${MV} ${STAGEDIR}${ETCDIR}/openvasmd_log.conf ${STAGEDIR}${ETCDIR}/openvasmd_log.conf.sample
+	${MV} ${STAGEDIR}${ETCDIR}/pwpolicy.conf ${STAGEDIR}${ETCDIR}/pwpolicy.conf.sample
 
 .include <bsd.port.mk>

Modified: head/security/openvas8-manager/files/patch-CMakeLists.txt
==============================================================================
--- head/security/openvas8-manager/files/patch-CMakeLists.txt	Sun Aug  6 06:24:31 2017	(r447444)
+++ head/security/openvas8-manager/files/patch-CMakeLists.txt	Sun Aug  6 06:49:42 2017	(r447445)
@@ -1,6 +1,6 @@
---- CMakeLists.txt.orig	2015-12-21 09:42:05 UTC
-+++ CMakeLists.txt
-@@ -153,7 +153,7 @@ if (NOT LIBDIR)
+--- CMakeLists.txt	2017-06-21 05:04:50.000000000 -0500
++++ CMakeLists.txt	2017-08-04 00:45:04.904399000 -0500
+@@ -153,7 +153,7 @@
  endif (NOT LIBDIR)
  
  if (NOT LOCALSTATEDIR)
@@ -9,7 +9,16 @@
  endif (NOT LOCALSTATEDIR)
  
  if (NOT DATADIR)
-@@ -284,7 +284,7 @@ configure_file (tools/openvas-migrate-to
+@@ -196,6 +196,8 @@
+ 
+ set (OPENVAS_NVT_DIR             "${OPENVAS_STATE_DIR}/plugins/")
+ 
++set (OPENVAS_LIB_INSTALL_DIR     "${LIBDIR}")
++
+ message ("-- Install prefix: ${CMAKE_INSTALL_PREFIX}")
+ 
+ ## Dependency checks
+@@ -284,7 +286,7 @@
  
  ## Program
  

Modified: head/security/openvas8-manager/files/patch-src-CMakeLists.txt
==============================================================================
--- head/security/openvas8-manager/files/patch-src-CMakeLists.txt	Sun Aug  6 06:24:31 2017	(r447444)
+++ head/security/openvas8-manager/files/patch-src-CMakeLists.txt	Sun Aug  6 06:49:42 2017	(r447445)
@@ -1,6 +1,6 @@
---- src/CMakeLists.txt.orig	2015-12-08 07:09:32 UTC
-+++ src/CMakeLists.txt
-@@ -66,7 +66,7 @@ add_library (otp STATIC otp.c)
+--- src/CMakeLists.txt	2015-12-08 02:09:32.000000000 -0500
++++ src/CMakeLists.txt	2017-08-04 00:48:57.665021000 -0500
+@@ -66,7 +66,7 @@
  ## Program
  
  add_executable (openvasmd openvasmd.c ompd.c)
@@ -9,3 +9,12 @@
  
  set_target_properties (openvasmd PROPERTIES LINKER_LANGUAGE C)
  
+@@ -159,7 +159,7 @@
+ 
+ if (BACKEND STREQUAL POSTGRESQL)
+   install (TARGETS manage-pg-server
+-           LIBRARY DESTINATION "${OPENVAS_STATE_DIR}/openvasmd/pg/")
++           LIBRARY DESTINATION "${OPENVAS_LIB_INSTALL_DIR}/openvasmd/pg/")
+ endif (BACKEND STREQUAL POSTGRESQL)
+ 
+ ## Static analysis

Modified: head/security/openvas8-manager/files/patch-src-manage_sql.c
==============================================================================
--- head/security/openvas8-manager/files/patch-src-manage_sql.c	Sun Aug  6 06:24:31 2017	(r447444)
+++ head/security/openvas8-manager/files/patch-src-manage_sql.c	Sun Aug  6 06:49:42 2017	(r447445)
@@ -1,5 +1,5 @@
---- src/manage_sql.c.orig	2016-02-26 13:38:52 UTC
-+++ src/manage_sql.c
+--- src/manage_sql.c	2017-06-19 08:14:58.000000000 -0500
++++ src/manage_sql.c	2017-08-05 19:47:05.407323000 -0500
 @@ -58,6 +58,7 @@
  #include <unistd.h>
  #include <sys/time.h>
@@ -8,7 +8,7 @@
  
  #include <openvas/base/openvas_string.h>
  #include <openvas/base/openvas_file.h>
-@@ -940,7 +941,7 @@ iso_time_internal (time_t *epoch_time, c
+@@ -950,7 +951,7 @@
    static char time_string[100];
  
    tm = localtime (epoch_time);
@@ -17,7 +17,34 @@
      {
        if (strftime (time_string, 98, "%FT%TZ", tm) == 0)
          return NULL;
-@@ -42378,12 +42379,12 @@ modify_schedule (const char *schedule_id
+@@ -24386,7 +24387,7 @@
+ {
+   return sql_int ("SELECT count (DISTINCT port) FROM results"
+                   " WHERE report = %llu AND port != ''"
+-                  "  AND port NOT LIKE 'general/%';",
++                  "  AND port NOT LIKE 'general/%%';",
+                   report);
+ }
+ 
+@@ -24401,7 +24402,7 @@
+ {
+   return sql_int ("SELECT count (DISTINCT port) FROM results"
+                   " WHERE report = %llu AND host = '%s'"
+-                  "  AND port NOT LIKE 'general/%';",
++                  "  AND port NOT LIKE 'general/%%';",
+                   report,
+                   host);
+ }
+@@ -33237,7 +33238,7 @@
+                  " WHERE config_preferences.config = %llu"
+                  " AND config_preferences.type = '%s'"
+                  " AND (config_preferences.name = nvt_preferences.name"
+-                 "      OR config_preferences.name LIKE 'timeout.%')"
++                 "      OR config_preferences.name LIKE 'timeout.%%')"
+                  " AND config_preferences.name != 'max_checks'"
+                  " AND config_preferences.name != 'max_hosts'"
+                  " UNION"
+@@ -43502,12 +43503,12 @@
    if (duration == -1)
      duration_string = NULL;
    else
@@ -32,7 +59,7 @@
  
    if ((period_months == -1) || (period_months == 0))
      {
-@@ -42395,12 +42396,12 @@ modify_schedule (const char *schedule_id
+@@ -43519,12 +43520,12 @@
        else
          {
            period_months_string = g_strdup ("0");

Added: head/security/openvas8-manager/files/patch-src-sql_pg.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/openvas8-manager/files/patch-src-sql_pg.c	Sun Aug  6 06:49:42 2017	(r447445)
@@ -0,0 +1,17 @@
+--- src/sql_pg.c	2017-08-04 00:41:59.376627000 -0500
++++ src/sql_pg.c	2017-08-04 00:42:16.863937000 -0500
+@@ -27,12 +27,12 @@
+ #include "tracef.h"
+ 
+ #include <assert.h>
+-#include <endian.h>
++#include <sys/endian.h>
+ #include <arpa/inet.h>
+ #include <glib.h>
+ #include <inttypes.h>
+ #include <netinet/in.h>
+-#include <postgresql/libpq-fe.h>
++#include <libpq-fe.h>
+ #include <string.h>
+ 
+ #include <openvas/base/array.h>

Modified: head/security/openvas8-manager/files/patch-tools+greenbone-scapdata-sync.in
==============================================================================
--- head/security/openvas8-manager/files/patch-tools+greenbone-scapdata-sync.in	Sun Aug  6 06:24:31 2017	(r447444)
+++ head/security/openvas8-manager/files/patch-tools+greenbone-scapdata-sync.in	Sun Aug  6 06:49:42 2017	(r447445)
@@ -1,7 +1,40 @@
---- tools/greenbone-scapdata-sync.in.orig	2015-12-08 07:09:31 UTC
-+++ tools/greenbone-scapdata-sync.in
-@@ -962,7 +962,7 @@ update_scap_db_private () {
+--- tools/greenbone-scapdata-sync.in	2015-12-08 02:09:31.000000000 -0500
++++ tools/greenbone-scapdata-sync.in	2017-08-05 22:00:27.817110000 -0500
+@@ -297,7 +297,7 @@
        then
+         log_err "Could not determine credentials, aborting synchronization."
+         rm -rf $FEED_INFO_TEMP_DIR
+-        exit -1
++        exit 1
+       fi
+ 
+       # --protocol=29 is a workaround for a known bug in rsync 3.0.3
+@@ -321,12 +321,12 @@
+       then
+         log_err "rsync failed, aborting synchronization."
+         rm -rf $FEED_INFO_TEMP_DIR
+-        exit -1
++        exit 1
+       fi
+     else
+       log_err "Could not find access key, aborting synchronization."
+       rm -rf $FEED_INFO_TEMP_DIR
+-      exit -1
++      exit 1
+     fi
+ 
+     FEED_VERSION_SERVER=`cat $FEED_INFO_TEMP_DIR/timestamp`
+@@ -335,7 +335,7 @@
+     then
+       log_err "Could not determine server feed version."
+       rm -rf $FEED_INFO_TEMP_DIR
+-      exit -1
++      exit 1
+     fi
+ 
+     # Check against FEED_VERSION
+@@ -962,11 +962,11 @@
+       then
          for ovalfile in $oval_files_sorted_private
          do
 -          filedate=`stat -c "%Y" "$ovalfile" | cut -d " " -f 1 | tr -d "-"`
@@ -9,7 +42,23 @@
            filedate=$(( $filedate - ( $filedate % 60 ) ))
            if [ $filedate -gt $DB_LASTUPDATE ] || [ 1 = "$REBUILD_OVAL" ]
            then
-@@ -1090,12 +1090,12 @@ update_scap_db() {
+-            oval_timestamp=`xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | date "+%s" -f -`
++            oval_timestamp=`date -j -f "%Y-%m-%dT%H:%M:%S" $(xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | cut -d "." -f1) +%s`
+ 
+             if [ 1 = "$REBUILD_OVAL" ]
+             then
+@@ -1068,8 +1068,8 @@
+     fi
+ 
+     # TODO: This is not quite accurate as it uses the timestamp of the non-private data.
+-    LAST_UPDATE_TIMESTAMP=`sed 's/^\(.\{8\}\)/\1 /' $TIMESTAMP | date +%s -f -`
+-
++    LAST_UPDATE_TIMESTAMP=`date -j -f '%Y%m%d%H%M%S' $(sed 's/$/00/g' $TIMESTAMP) +%s`
++    
+     reset_sql_tries
+     until [ "$try_sql" -eq 0 ]
+     do
+@@ -1090,12 +1090,12 @@
      CPEBASE="$SCAP_DIR/official-cpe-dictionary_v2.2.xml"
      if [ -e $CPEBASE ]
      then
@@ -24,7 +73,7 @@
          if [ "0" -ne "$SPLIT_PART_SIZE" ] && [ "$filesize" -gt $(($SPLIT_PART_SIZE * 1024))  ]
          then
            log_info "File is larger than ${SPLIT_PART_SIZE}k. Splitting into multiple parts"
-@@ -1152,13 +1152,13 @@ update_scap_db() {
+@@ -1152,13 +1152,13 @@
      then
        for cvefile in `ls $SCAP_DIR/nvdcve-2.0-*.xml`
        do
@@ -40,7 +89,7 @@
            if [ "0" -ne "$SPLIT_PART_SIZE" ] && [ "$filesize" -gt $(($SPLIT_PART_SIZE * 1024)) ]
            then
              log_info "File is larger than ${SPLIT_PART_SIZE}k. Splitting into multiple parts"
-@@ -1228,7 +1228,7 @@ update_scap_db() {
+@@ -1228,11 +1228,11 @@
  
        for ovalfile in $oval_files_sorted
        do
@@ -49,7 +98,21 @@
          filedate=$(( $filedate - ( $filedate % 60 ) ))
          if [ $filedate -gt $DB_LASTUPDATE ] || [ 1 = "$REBUILD_OVAL" ]
          then
-@@ -1469,7 +1469,7 @@ then
+-          oval_timestamp=`xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | date "+%s" -f -`
++          oval_timestamp=`date -j -f '%Y-%m-%dT%H:%M:%S' $(xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | cut -d "." -f1) +%s`
+ 
+           if [ 1 = "$REBUILD_OVAL" ]
+           then
+@@ -1284,7 +1284,7 @@
+   update_cvss
+   update_placeholders
+ 
+-  LAST_UPDATE_TIMESTAMP=`sed 's/^\(.\{8\}\)/\1 /' $TIMESTAMP | env TZ="UTC" date +%s -f -`
++  LAST_UPDATE_TIMESTAMP=`date -j -f '%Y%m%d%H%M%S' $(sed 's/$/00/g' $TIMESTAMP) +%s`
+ 
+   reset_sql_tries
+   until [ "$try_sql" -eq 0 ]
+@@ -1469,7 +1469,7 @@
    exit 1
  fi
  

Modified: head/security/openvas8-manager/files/patch-tools+openvas-scapdata-sync.in
==============================================================================
--- head/security/openvas8-manager/files/patch-tools+openvas-scapdata-sync.in	Sun Aug  6 06:24:31 2017	(r447444)
+++ head/security/openvas8-manager/files/patch-tools+openvas-scapdata-sync.in	Sun Aug  6 06:49:42 2017	(r447445)
@@ -1,6 +1,15 @@
---- tools/openvas-scapdata-sync.in.orig	2015-08-03 05:52:10 UTC
-+++ tools/openvas-scapdata-sync.in
-@@ -885,7 +885,7 @@ update_sec_db_private () {
+--- tools/openvas-scapdata-sync.in	2017-05-02 02:32:45.000000000 -0500
++++ tools/openvas-scapdata-sync.in	2017-08-05 22:40:11.310734000 -0500
+@@ -63,7 +63,7 @@
+ 
+ # Delay between retries
+ if [ -z "$SQL_RETRY_DELAY" ]; then
+-  SQL_RETRY_DELAY="10m" # allowed unit suffixes: see sleep command
++  SQL_RETRY_DELAY="600" # allowed unit suffixes: see sleep command
+ fi
+ 
+ TIMESTAMP="$SCAP_DIR/timestamp"
+@@ -885,11 +885,11 @@
        then
          for ovalfile in $oval_files_sorted_private
          do
@@ -9,7 +18,39 @@
            filedate=$(( $filedate - ( $filedate % 60 ) ))
            if [ $filedate -gt $DB_LASTUPDATE ] || [ 1 = "$REBUILD_OVAL" ]
            then
-@@ -1012,13 +1012,13 @@ update_sec_db () {
+-            oval_timestamp=`xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | date "+%s" -f -`
++            oval_timestamp=`date -j -f "%Y-%m-%dT%H:%M:%S" $(xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | cut -d "." -f1) +%s`
+ 
+             if [ 1 = "$REBUILD_OVAL" ]
+             then
+@@ -958,7 +958,7 @@
+     DIR_STR_LENGTH=$((`echo "$SCAP_DIR" | wc -c` + 1))
+ 
+     oval_files_shortened=""
+-    if [ 0 != "$xmlcount" ]
++    if [ "$xmlcount" -ne 0 ]
+     then
+       for ovalfile in $oval_files_sorted_private
+       do
+@@ -968,7 +968,7 @@
+     fi
+ 
+     oval_files_clause=""
+-    if [ ! -z "$oval_files_shortened" ]
++    if [ "$oval_files_shortened" != "" ]
+     then
+       oval_files_clause="AND (xml_file NOT IN ($oval_files_shortened))"
+     fi
+@@ -993,7 +993,7 @@
+     fi
+ 
+     # TODO: This is not quite accurate as it uses the timestamp of the non-private data.
+-    LAST_UPDATE_TIMESTAMP=`sed 's/^\(.\{8\}\)/\1 /' $TIMESTAMP | date +%s -f -`
++    LAST_UPDATE_TIMESTAMP=`date -j -f '%Y%m%d%H%M%S' $(sed 's/$/00/g' $TIMESTAMP) +%s`
+ 
+     reset_sql_tries
+     until [ "$try_sql" -eq 0 ]
+@@ -1012,13 +1012,13 @@
    CPEBASE="$SCAP_DIR/official-cpe-dictionary_v2.2.xml"
    if [ -e $CPEBASE ]
    then
@@ -25,7 +66,7 @@
        if [ "0" -ne "$SPLIT_PART_SIZE" ] && [ "$filesize" -gt $(($SPLIT_PART_SIZE * 1024))  ]
        then
          echo "[i] File is larger than ${SPLIT_PART_SIZE}k. Splitting into multiple parts"
-@@ -1075,13 +1075,13 @@ update_sec_db () {
+@@ -1075,13 +1075,13 @@
    then
      for cvefile in `ls $SCAP_DIR/nvdcve-2.0-*.xml`
      do
@@ -41,7 +82,7 @@
          if [ "0" -ne "$SPLIT_PART_SIZE" ] && [ "$filesize" -gt $(($SPLIT_PART_SIZE * 1024))  ]
          then
            echo "[i] File is larger than ${SPLIT_PART_SIZE}k. Splitting into multiple parts"
-@@ -1151,7 +1151,7 @@ update_sec_db () {
+@@ -1151,11 +1151,11 @@
  
      for ovalfile in $oval_files_sorted
      do
@@ -50,3 +91,17 @@
        filedate=$(( $filedate - ( $filedate % 60 ) ))
        if [ $filedate -gt $DB_LASTUPDATE ] || [ 1 = "$REBUILD_OVAL" ]
        then
+-        oval_timestamp=`xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | date "+%s" -f -`
++        oval_timestamp=`date -j -f '%Y-%m-%dT%H:%M:%S' $(xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | cut -d "." -f1) +%s`
+ 
+         if [ 1 = "$REBUILD_OVAL" ]
+         then
+@@ -1206,7 +1206,7 @@
+   update_cvss
+   update_placeholders
+ 
+-  LAST_UPDATE_TIMESTAMP=`sed 's/^\(.\{8\}\)/\1 /' $TIMESTAMP | env TZ="UTC" date +%s -f -`
++  LAST_UPDATE_TIMESTAMP=`date -j -f '%Y%m%d%H%M%S' $(sed 's/$/00/g' $TIMESTAMP) +%s`
+   reset_sql_tries
+   until [ "$try_sql" -eq 0 ]
+   do

Modified: head/security/openvas8-manager/pkg-plist
==============================================================================
--- head/security/openvas8-manager/pkg-plist	Sun Aug  6 06:24:31 2017	(r447444)
+++ head/security/openvas8-manager/pkg-plist	Sun Aug  6 06:49:42 2017	(r447445)
@@ -1,5 +1,6 @@
-etc/openvas/openvasmd_log.conf
-etc/openvas/pwpolicy.conf
+@sample etc/openvas/openvasmd_log.conf.sample
+@sample etc/openvas/pwpolicy.conf.sample
+%%PGSQL%%lib/openvasmd/pg/libmanage-pg-server.so
 man/man8/openvasmd.8.gz
 sbin/greenbone-certdata-sync
 sbin/greenbone-scapdata-sync
@@ -10,6 +11,7 @@ sbin/openvas-scapdata-sync
 sbin/openvasmd
 %%PORTDOCS%%%%DOCSDIR%%/INSTALL
 %%PORTDOCS%%%%DOCSDIR%%/html/omp.html
+%%PORTDOCS%%%%DOCSDIR%%/postgres-HOWTO
 share/openvas/cert/cert_bund_getbyname.xsl
 share/openvas/cert/cert_bund_update.xsl
 share/openvas/cert/cert_db_init.sql

Modified: head/security/openvas8-scanner/Makefile
==============================================================================
--- head/security/openvas8-scanner/Makefile	Sun Aug  6 06:24:31 2017	(r447444)
+++ head/security/openvas8-scanner/Makefile	Sun Aug  6 06:49:42 2017	(r447445)
@@ -3,6 +3,7 @@
 
 PORTNAME?=	openvas8-scanner
 PORTVERSION?=	5.0.8
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES?=	http://wald.intevation.org/frs/download.php/2436/
 DISTNAME=	${PORTNAME:S/${OPENVAS_VER}//}-${PORTVERSION}
@@ -18,7 +19,8 @@ LIB_DEPENDS=	libgcrypt.so:security/libgcrypt \
 		libopenvas_base.so:security/openvas${OPENVAS_VER}-libraries
 RUN_DEPENDS=	redis-server:databases/redis \
 		curl:ftp/curl \
-		rsync:net/rsync
+		rsync:net/rsync \
+		nmap:security/nmap
 
 CONFLICTS?=	${PORTNAME:S/${OPENVAS_VER}/9/}-*
 

Modified: head/security/openvas8-scanner/files/openvassd.in
==============================================================================
--- head/security/openvas8-scanner/files/openvassd.in	Sun Aug  6 06:24:31 2017	(r447444)
+++ head/security/openvas8-scanner/files/openvassd.in	Sun Aug  6 06:49:42 2017	(r447445)
@@ -8,18 +8,21 @@
 #
 # Add the following to /etc/rc.conf[.local] to enable this service
 #
-# openvassd_enable="YES"
+# openvassd_enable  (bool):   Set to NO by default.
+#                Set it to YES to enable openvassd.
+# openvassd_flags (params):   Set params used to start openvassd.
 #
 
 . /etc/rc.subr
 
 name=openvassd
-rcvar=openvassd_enable
+rcvar=${name}_enable
 command="%%PREFIX%%/sbin/openvassd"
 pidfile=/var/run/openvassd.pid
 extra_commands="reload"
 
 : ${openvassd_enable=NO}
+: ${openvassd_flags="--listen=127.0.0.1"}
 
 load_rc_config $name
 run_rc_command "$1"

Modified: head/security/openvas9-manager/files/openvasmd.in
==============================================================================
--- head/security/openvas9-manager/files/openvasmd.in	Sun Aug  6 06:24:31 2017	(r447444)
+++ head/security/openvas9-manager/files/openvasmd.in	Sun Aug  6 06:49:42 2017	(r447445)
@@ -8,18 +8,21 @@
 #
 # Add the following to /etc/rc.conf[.local] to enable this service
 #
-# openvasmd_enable="YES"
+# openvasmd_enable  (bool):   Set to NO by default.
+#                Set it to YES to enable bareos_dir.
+# openvasmd_flags (params):   Set params used to start openvasmd.
 #
 
 . /etc/rc.subr
 
 name=openvasmd
-rcvar=openvasmd_enable
+rcvar=${name}_enable
 command="%%PREFIX%%/sbin/openvasmd"
 pidfile=/var/run/openvasmd.pid
 extra_commands="reload"
 
-: ${openvasmd_enable=NO}
+: ${openvasmd_enable="NO"}
+: ${openvasmd_flags="--listen=127.0.0.1"}
 
 load_rc_config $name
 run_rc_command "$1"

Modified: head/security/openvas9-manager/files/patch-src-manage_sql.c
==============================================================================
--- head/security/openvas9-manager/files/patch-src-manage_sql.c	Sun Aug  6 06:24:31 2017	(r447444)
+++ head/security/openvas9-manager/files/patch-src-manage_sql.c	Sun Aug  6 06:49:42 2017	(r447445)
@@ -1,6 +1,6 @@
---- src/manage_sql.c.orig	2016-02-26 13:38:52 UTC
-+++ src/manage_sql.c
-@@ -58,6 +58,7 @@
+--- src/manage_sql.c	2017-06-20 01:32:02.000000000 -0500
++++ src/manage_sql.c	2017-08-05 21:19:08.663354000 -0500
+@@ -57,6 +57,7 @@
  #include <unistd.h>
  #include <sys/time.h>
  #include <grp.h>
@@ -8,7 +8,7 @@
  
  #include <openvas/base/openvas_string.h>
  #include <openvas/base/openvas_file.h>
-@@ -940,7 +941,7 @@ iso_time_internal (time_t *epoch_time, c
+@@ -1061,7 +1062,7 @@
    static char time_string[100];
  
    tm = localtime (epoch_time);
@@ -17,7 +17,34 @@
      {
        if (strftime (time_string, 98, "%FT%TZ", tm) == 0)
          return NULL;
-@@ -42378,12 +42379,12 @@ modify_schedule (const char *schedule_id
+@@ -25384,7 +25385,7 @@
+ {
+   return sql_int ("SELECT count (DISTINCT port) FROM results"
+                   " WHERE report = %llu AND port != ''"
+-                  "  AND port NOT %s 'general/%';",
++                  "  AND port NOT %s 'general/%%';",
+                   report,
+                   sql_ilike_op ());
+ }
+@@ -25400,7 +25401,7 @@
+ {
+   return sql_int ("SELECT count (DISTINCT port) FROM results"
+                   " WHERE report = %llu AND host = '%s'"
+-                  "  AND port NOT %s 'general/%';",
++                  "  AND port NOT %s 'general/%%';",
+                   report,
+                   host,
+                   sql_ilike_op ());
+@@ -35110,7 +35111,7 @@
+                  " WHERE config_preferences.config = %llu"
+                  " AND config_preferences.type = '%s'"
+                  " AND (config_preferences.name = nvt_preferences.name"
+-                 "      OR config_preferences.name LIKE 'timeout.%')"
++                 "      OR config_preferences.name LIKE 'timeout.%%')"
+                  " AND config_preferences.name != 'max_checks'"
+                  " AND config_preferences.name != 'max_hosts'"
+                  " UNION"
+@@ -47821,12 +47822,12 @@
    if (duration == -1)
      duration_string = NULL;
    else
@@ -32,7 +59,7 @@
  
    if ((period_months == -1) || (period_months == 0))
      {
-@@ -42395,12 +42396,12 @@ modify_schedule (const char *schedule_id
+@@ -47838,12 +47839,12 @@
        else
          {
            period_months_string = g_strdup ("0");

Added: head/security/openvas9-manager/files/patch-src-sql_pg.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/openvas9-manager/files/patch-src-sql_pg.c	Sun Aug  6 06:49:42 2017	(r447445)
@@ -0,0 +1,18 @@
+--- src/sql_pg.c	2017-08-06 01:12:18.411221000 -0500
++++ src/sql_pg.c	2017-08-06 01:13:41.241337000 -0500
+@@ -26,13 +26,13 @@
+ #include "sql.h"
+ 
+ #include <assert.h>
+-#include <endian.h>
++#include <sys/endian.h>
+ #include <errno.h>
+ #include <arpa/inet.h>
+ #include <glib.h>
+ #include <inttypes.h>
+ #include <netinet/in.h>
+-#include <postgresql/libpq-fe.h>
++#include <libpq-fe.h>
+ #include <stdlib.h>
+ #include <string.h>
+ 

Modified: head/security/openvas9-manager/files/patch-tools+greenbone-scapdata-sync.in
==============================================================================
--- head/security/openvas9-manager/files/patch-tools+greenbone-scapdata-sync.in	Sun Aug  6 06:24:31 2017	(r447444)
+++ head/security/openvas9-manager/files/patch-tools+greenbone-scapdata-sync.in	Sun Aug  6 06:49:42 2017	(r447445)
@@ -1,6 +1,6 @@
---- tools/greenbone-scapdata-sync.in.orig	2016-11-10 04:58:06.000000000 -0500
-+++ tools/greenbone-scapdata-sync.in	2017-07-29 00:09:17.272096000 -0500
-@@ -1080,7 +1080,7 @@
+--- tools/greenbone-scapdata-sync.in	2016-11-10 04:58:06.000000000 -0500
++++ tools/greenbone-scapdata-sync.in	2017-08-05 22:42:35.986283000 -0500
+@@ -1080,11 +1080,11 @@
        then
          for ovalfile in $oval_files_sorted_private
          do
@@ -9,6 +9,38 @@
            filedate=$(( $filedate - ( $filedate % 60 ) ))
            if [ $filedate -gt $DB_LASTUPDATE ] || [ 1 = "$REBUILD_OVAL" ]
            then
+-            oval_timestamp=`xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | date "+%s" -f -`
++            oval_timestamp=`date -j -f "%Y-%m-%dT%H:%M:%S" $(xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | cut -d "." -f1) +%s`
+ 
+             if [ 1 = "$REBUILD_OVAL" ]
+             then
+@@ -1153,7 +1153,7 @@
+     DIR_STR_LENGTH=$((`echo "$SCAP_DIR" | wc -c` + 1))
+ 
+     oval_files_shortened=""
+-    if [ 0 != "$xmlcount" ]
++    if [ "$xmlcount" -ne 0 ]
+     then
+       for ovalfile in $oval_files_sorted_private
+       do
+@@ -1163,7 +1163,7 @@
+     fi
+ 
+     oval_files_clause=""
+-    if [ ! -z "$oval_files_shortened" ]
++    if [ "$oval_files_shortened" =! "" ]
+     then
+       oval_files_clause="AND (xml_file NOT IN ($oval_files_shortened))"
+     fi
+@@ -1186,7 +1186,7 @@
+     fi
+ 
+     # TODO: This is not quite accurate as it uses the timestamp of the non-private data.
+-    LAST_UPDATE_TIMESTAMP=`sed 's/^\(.\{8\}\)/\1 /' $TIMESTAMP | date +%s -f -`
++    LAST_UPDATE_TIMESTAMP=`date -j -f '%Y%m%d%H%M%S' $(sed 's/$/00/g' $TIMESTAMP) +%s`
+ 
+     reset_sql_tries
+     until [ "$try_sql" -eq 0 ]
 @@ -1208,12 +1208,12 @@
      CPEBASE="$SCAP_DIR/official-cpe-dictionary_v2.2.xml"
      if [ -e $CPEBASE ]
@@ -40,7 +72,7 @@
            if [ "0" -ne "$SPLIT_PART_SIZE" ] && [ "$filesize" -gt $(($SPLIT_PART_SIZE * 1024)) ]
            then
              log_info "File is larger than ${SPLIT_PART_SIZE}k. Splitting into multiple parts"
-@@ -1347,7 +1347,7 @@
+@@ -1347,11 +1347,11 @@
  
        for ovalfile in $oval_files_sorted
        do
@@ -49,6 +81,20 @@
          filedate=$(( $filedate - ( $filedate % 60 ) ))
          if [ $filedate -gt $DB_LASTUPDATE ] || [ 1 = "$REBUILD_OVAL" ]
          then
+-          oval_timestamp=`xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | date "+%s" -f -`
++          oval_timestamp=`date -j -f '%Y-%m-%dT%H:%M:%S' $(xsltproc "$SCAP_RES_DIR/oval_timestamp.xsl" "$ovalfile" | cut -d "." -f1) +%s`
+ 
+           if [ 1 = "$REBUILD_OVAL" ]
+           then
+@@ -1403,7 +1403,7 @@
+   update_cvss
+   update_placeholders
+ 
+-  LAST_UPDATE_TIMESTAMP=`sed 's/^\(.\{8\}\)/\1 /' $TIMESTAMP | env TZ="UTC" date +%s -f -`
++  LAST_UPDATE_TIMESTAMP=`date -j -f '%Y%m%d%H%M%S' $(sed 's/$/00/g' $TIMESTAMP) +%s`
+ 
+   reset_sql_tries
+   until [ "$try_sql" -eq 0 ]
 @@ -1635,7 +1635,7 @@
  then
    if [ -f "$SCAP_DB" ]

Modified: head/security/openvas9-manager/pkg-plist
==============================================================================
--- head/security/openvas9-manager/pkg-plist	Sun Aug  6 06:24:31 2017	(r447444)
+++ head/security/openvas9-manager/pkg-plist	Sun Aug  6 06:49:42 2017	(r447445)
@@ -1,23 +1,27 @@
 bin/openvas-manage-certs
-etc/openvas/openvasmd_log.conf
-etc/openvas/pwpolicy.conf
-etc/rc.d/openvasmd
+@sample etc/openvas/openvasmd_log.conf.sample
+@sample etc/openvas/pwpolicy.conf.sample
+%%PGSQL%%lib/openvasmd/pg/libmanage-pg-server.so
+%%PGSQL%%lib/openvasmd/pg/libmanage-pg-server.so.0
+%%PGSQL%%lib/openvasmd/pg/libmanage-pg-server.so.7.0.2
 man/man8/database-statistics-sqlite.8.gz
 man/man8/greenbone-certdata-sync.8.gz
 man/man8/greenbone-scapdata-sync.8.gz
 man/man8/openvas-migrate-to-postgres.8.gz
 man/man8/openvas-portnames-update.8.gz
 man/man8/openvasmd.8.gz
-sbin/database-statistics-sqlite
+%%SQLITE3%%sbin/database-statistics-sqlite
 sbin/greenbone-certdata-sync
 sbin/greenbone-scapdata-sync
 sbin/openvas-migrate-to-postgres
 sbin/openvas-portnames-update
 sbin/openvasmd
-sbin/openvasmd-sqlite
+%%SQLITE3%%sbin/openvasmd-sqlite
+%%PGSQL%%sbin/openvasmd-pg
 %%PORTDOCS%%%%DOCSDIR%%/INSTALL
 %%PORTDOCS%%%%DOCSDIR%%/example-openvas-manage-certs.conf
 %%PORTDOCS%%%%DOCSDIR%%/html/omp.html
+%%PGSQL%%%%PORTDOCS%%%%DOCSDIR%%/postgres-HOWTO
 share/man/man1/openvas-manage-certs.1
 share/openvas/cert/cert_bund_getbyname.xsl
 share/openvas/cert/cert_bund_update.xsl



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201708060649.v766nhYs060414>