Date: Wed, 6 Jan 2021 08:48:44 +0000 (UTC) From: Jose Alonso Cardenas Marquez <acm@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r560476 - in head/security/gvmd: . files Message-ID: <202101060848.1068miXj075551@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: acm Date: Wed Jan 6 08:48:43 2021 New Revision: 560476 URL: https://svnweb.freebsd.org/changeset/ports/560476 Log: - New port: security/gvmd The Greenbone Vulnerability Manager is the central management service between security scanners and the user clients. It manages the storage of any vulnerability management configurations and of the scan results. Access to data, control commands and workflows is offered via the XML-based Greenbone Management Protocol (GMP). Controlling scanners like OpenVAS is done via the Open Scanner Protocol (OSP). WWW: https://github.com/greenbone/gvmd Added: head/security/gvmd/ head/security/gvmd/Makefile (contents, props changed) head/security/gvmd/distinfo (contents, props changed) head/security/gvmd/files/ head/security/gvmd/files/gvmd.in (contents, props changed) head/security/gvmd/files/patch-CMakeLists.txt (contents, props changed) head/security/gvmd/files/patch-src_CMakeLists.txt (contents, props changed) head/security/gvmd/files/patch-src_gvmd.c (contents, props changed) head/security/gvmd/files/patch-src_manage.c (contents, props changed) head/security/gvmd/files/patch-src_manage_sql.c (contents, props changed) head/security/gvmd/files/patch-src_manage_sql_secinfo.c (contents, props changed) head/security/gvmd/files/patch-src_sql_pg.c (contents, props changed) head/security/gvmd/files/patch-src_utils.c (contents, props changed) head/security/gvmd/pkg-descr (contents, props changed) head/security/gvmd/pkg-plist (contents, props changed) Added: head/security/gvmd/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/gvmd/Makefile Wed Jan 6 08:48:43 2021 (r560476) @@ -0,0 +1,46 @@ +# $FreeBSD$ + +PORTNAME= gvmd +DISTVERSION= 20.8.0 +DISTVERSIONPREFIX= v +CATEGORIES= security + +MAINTAINER= acm@FreeBSD.org +COMMENT= Greenbone Vulnerability Manager central management service + +LICENSE= AGPLv3+ + +BUILD_DEPENDS= doxygen>0:devel/doxygen +LIB_DEPENDS= libgvm_base.so:security/gvm-libs \ + libgnutls.so:security/gnutls \ + libgpgme.so:security/gpgme \ + libical.so:devel/libical +RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}lxml>0:devel/py-lxml@${PY_FLAVOR} \ + doxygen>0:devel/doxygen \ + p5-XML-Twig>=0:textproc/p5-XML-Twig \ + snmpget:net-mgmt/net-snmp \ + rsync:net/rsync \ + wget:ftp/wget \ + gpg:security/gnupg \ + xml:textproc/xmlstarlet \ + sshpass:security/sshpass \ + socat:net/socat + +USE_GITHUB= yes +GH_ACCOUNT= greenbone + +USES= cmake gnome pkgconfig pgsql python samba:run zip +USE_GNOME= glib20 libxslt:build +USE_LDCONFIG= yes + +USERS= gvm +GROUPS= ${USERS} + +USE_RC_SUBR= gvmd + +post-install: + @${MKDIR} ${STAGEDIR}/var/lib/gvm/gvmd/gnupg + @${MKDIR} ${STAGEDIR}/var/log/gvm + @${MKDIR} ${STAGEDIR}/var/run/gvm + +.include <bsd.port.mk> Added: head/security/gvmd/distinfo ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/gvmd/distinfo Wed Jan 6 08:48:43 2021 (r560476) @@ -0,0 +1,3 @@ +TIMESTAMP = 1609399929 +SHA256 (greenbone-gvmd-v20.8.0_GH0.tar.gz) = 2e09df899234fbb8e4e3593c63e94ed6ad0c984c59246a74c76f601499e2a40a +SIZE (greenbone-gvmd-v20.8.0_GH0.tar.gz) = 1016622 Added: head/security/gvmd/files/gvmd.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/gvmd/files/gvmd.in Wed Jan 6 08:48:43 2021 (r560476) @@ -0,0 +1,32 @@ +#!/bin/sh +# +# $FreeBSD$ +# +# PROVIDE: gvmd +# REQUIRE: DAEMON +# KEYWORD: shutdown +# +# Add the following to /etc/rc.conf[.local] to enable this service +# +# gvmd_enable (bool): Set to NO by default. +# Set it to YES to enable gvmd. +# gvmd_flags (params): Set params used to start gvmd. +# + +. /etc/rc.subr + +name=gvmd +rcvar=${name}_enable + +load_rc_config $name + +: ${gvmd_enable=NO} +: ${gmvd_flags="--osp-vt-update=/var/run/ospd/ospd.sock --unix-socket=/var/run/gvm/gvmd.sock"} + +command="%%PREFIX%%/sbin/gvmd" +command_args="${gmvd_flags}" +gvmd_user="gvm" +gvmd_group="gvm" +pidfile=/var/run/gvm/gvmd.pid + +run_rc_command "$1" Added: head/security/gvmd/files/patch-CMakeLists.txt ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/gvmd/files/patch-CMakeLists.txt Wed Jan 6 08:48:43 2021 (r560476) @@ -0,0 +1,52 @@ +--- CMakeLists.txt 2020-08-11 10:05:36.000000000 -0500 ++++ CMakeLists.txt 2021-01-04 19:48:05.978938000 -0500 +@@ -132,7 +132,7 @@ + endif (NOT LIBDIR) + + if (NOT LOCALSTATEDIR) +- set (LOCALSTATEDIR "${CMAKE_INSTALL_PREFIX}/var") ++ set (LOCALSTATEDIR "/var") + endif (NOT LOCALSTATEDIR) + + if (NOT DATADIR) +@@ -183,7 +183,7 @@ + set (GVM_CA_CERTIFICATE "${GVM_STATE_DIR}/CA/cacert.pem") + + if (NOT GVM_RUN_DIR) +- set (GVM_RUN_DIR "${LOCALSTATEDIR}/run") ++ set (GVM_RUN_DIR "${LOCALSTATEDIR}/run/gvm") + endif (NOT GVM_RUN_DIR) + + if (NOT GVM_FEED_LOCK_PATH) +@@ -240,7 +240,7 @@ + configure_file (doc/Doxyfile_xml.in doc/Doxyfile_xml) + configure_file (doc/example-gvm-manage-certs.conf.in doc/example-gvm-manage-certs.conf @ONLY) + configure_file (VERSION.in VERSION) +-configure_file (src/gvmd_log_conf.cmake_in src/gvmd_log.conf) ++configure_file (src/gvmd_log_conf.cmake_in src/gvmd_log.conf.sample) + configure_file (src/schema_formats/XML/GMP.xml.in src/schema_formats/XML/GMP.xml @ONLY) + configure_file (tools/greenbone-feed-sync.in tools/greenbone-feed-sync @ONLY) + configure_file (tools/greenbone-scapdata-sync.in tools/greenbone-scapdata-sync @ONLY) +@@ -282,7 +282,7 @@ + + ## Configs (e.g. systemd service file) + +-add_subdirectory (config) ++# add_subdirectory (config) + + ## Documentation + +@@ -292,10 +292,11 @@ + + install (DIRECTORY DESTINATION ${GVMD_STATE_DIR}) + +-install (FILES ${CMAKE_BINARY_DIR}/src/gvmd_log.conf ++install (FILES ${CMAKE_BINARY_DIR}/src/gvmd_log.conf.sample + DESTINATION ${GVM_SYSCONF_DIR}) + +-install (FILES ${CMAKE_SOURCE_DIR}/src/pwpolicy.conf ++ ++install (FILES ${CMAKE_SOURCE_DIR}/src/pwpolicy.conf.sample + DESTINATION ${GVM_SYSCONF_DIR}) + + # Schema formats. Added: head/security/gvmd/files/patch-src_CMakeLists.txt ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/gvmd/files/patch-src_CMakeLists.txt Wed Jan 6 08:48:43 2021 (r560476) @@ -0,0 +1,19 @@ +--- src/CMakeLists.txt 2020-08-11 10:05:36.000000000 -0500 ++++ src/CMakeLists.txt 2021-01-04 19:53:06.893137000 -0500 +@@ -227,7 +227,7 @@ + ${GNUTLS_LDFLAGS} ${GPGME_LDFLAGS} ${CMAKE_THREAD_LIBS_INIT} ${LINKER_HARDENING_FLAGS} ${LINKER_DEBUG_FLAGS} + ${PostgreSQL_LIBRARIES} ${GLIB_LDFLAGS} ${GTHREAD_LDFLAGS} + ${LIBGVM_BASE_LDFLAGS} ${LIBGVM_UTIL_LDFLAGS} ${LIBGVM_OSP_LDFLAGS} ${LIBGVM_GMP_LDFLAGS} +- ${LIBICAL_LDFLAGS} ${LINKER_HARDENING_FLAGS}) ++ ${LIBICAL_LDFLAGS} ${LINKER_HARDENING_FLAGS} -lexecinfo) + target_link_libraries (manage-test cgreen m + ${GNUTLS_LDFLAGS} ${GPGME_LDFLAGS} ${CMAKE_THREAD_LIBS_INIT} ${LINKER_HARDENING_FLAGS} ${LINKER_DEBUG_FLAGS} + ${PostgreSQL_LIBRARIES} ${GLIB_LDFLAGS} ${GTHREAD_LDFLAGS} +@@ -441,5 +441,7 @@ + COMMAND ctags ${C_FILES}) + add_custom_target (tags COMMENT "Building tags files...") + add_dependencies (tags etags ctags) ++ ++file(RENAME "pwpolicy.conf" "pwpolicy.conf.sample") + + ## End Added: head/security/gvmd/files/patch-src_gvmd.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/gvmd/files/patch-src_gvmd.c Wed Jan 6 08:48:43 2021 (r560476) @@ -0,0 +1,71 @@ +--- src/gvmd.c 2020-08-11 10:05:36.000000000 -0500 ++++ src/gvmd.c 2021-01-03 16:50:30.707314000 -0500 +@@ -1362,6 +1362,7 @@ + struct sockaddr_un address_unix; + struct sockaddr_storage address_tls; + int address_size; ++ socklen_t addrlen; + + memset (&address_tls, 0, sizeof (struct sockaddr_storage)); + memset (&address_unix, 0, sizeof (struct sockaddr_un)); +@@ -1375,9 +1376,8 @@ + /* UNIX file socket. */ + + address_unix.sun_family = AF_UNIX; +- strncpy (address_unix.sun_path, +- address_str_unix, +- sizeof (address_unix.sun_path) - 1); ++ strcpy (address_unix.sun_path, ++ address_str_unix); + + g_debug ("%s: address_unix.sun_path: %s", + __func__, +@@ -1398,7 +1398,7 @@ + } + + address = (struct sockaddr *) &address_unix; +- address_size = sizeof (address_unix); ++ addrlen = sizeof(struct sockaddr_un); + + /* Ensure the path of the socket exists. */ + +@@ -1414,8 +1414,8 @@ + } + else if (address_str_tls) + { +- struct sockaddr_in *addr4; +- struct sockaddr_in6 *addr6; ++ struct sockaddr_in *addr4 = (struct sockaddr_in *) &address_tls; ++ struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *) &address_tls; + int port, optval; + + /* TLS TCP socket. */ +@@ -1440,17 +1440,17 @@ + port = htons (GVMD_PORT); + } + +- addr4 = (struct sockaddr_in *) &address_tls; +- addr6 = (struct sockaddr_in6 *) &address_tls; + if (inet_pton (AF_INET6, address_str_tls, &addr6->sin6_addr) > 0) + { + address_tls.ss_family = AF_INET6; + addr6->sin6_port = port; ++ addrlen = sizeof (*addr6); + } + else if (inet_pton (AF_INET, address_str_tls, &addr4->sin_addr) > 0) + { + address_tls.ss_family = AF_INET; + addr4->sin_port = port; ++ addrlen = sizeof (*addr4); + } + else + { +@@ -1491,7 +1491,7 @@ + return -1; + } + +- if (bind (*soc, address, address_size) == -1) ++ if (bind (*soc, address, addrlen) == -1) + { + g_warning ("Failed to bind manager socket: %s", strerror (errno)); + return -1; Added: head/security/gvmd/files/patch-src_manage.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/gvmd/files/patch-src_manage.c Wed Jan 6 08:48:43 2021 (r560476) @@ -0,0 +1,10 @@ +--- src/manage.c 2020-12-31 17:01:32.913198000 -0500 ++++ src/manage.c 2020-12-31 17:01:47.001860000 -0500 +@@ -75,6 +75,7 @@ + #include <sys/file.h> + #include <sys/stat.h> + #include <sys/types.h> ++#include <sys/socket.h> + #include <sys/wait.h> + #include <time.h> + #include <unistd.h> Added: head/security/gvmd/files/patch-src_manage_sql.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/gvmd/files/patch-src_manage_sql.c Wed Jan 6 08:48:43 2021 (r560476) @@ -0,0 +1,19 @@ +--- src/manage_sql.c 2020-08-11 10:05:36.000000000 -0500 ++++ src/manage_sql.c 2021-01-04 17:08:05.732803000 -0500 +@@ -51,7 +51,6 @@ + #include <dirent.h> + #include <errno.h> + #include <glib/gstdio.h> +-#include <malloc.h> + #include <pwd.h> + #include <stdlib.h> + #include <sys/socket.h> +@@ -15276,7 +15275,7 @@ + + cleanup_iterator (&nvts); + +- malloc_trim (0); ++ // malloc_trim (0); + } + + /** Added: head/security/gvmd/files/patch-src_manage_sql_secinfo.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/gvmd/files/patch-src_manage_sql_secinfo.c Wed Jan 6 08:48:43 2021 (r560476) @@ -0,0 +1,10 @@ +--- src/manage_sql_secinfo.c 2020-12-31 16:49:24.318202000 -0500 ++++ src/manage_sql_secinfo.c 2020-12-31 16:49:46.253146000 -0500 +@@ -44,6 +44,7 @@ + #include <sys/file.h> + #include <sys/stat.h> + #include <sys/types.h> ++#include <sys/wait.h> + #include <unistd.h> + + #include <gvm/base/proctitle.h> Added: head/security/gvmd/files/patch-src_sql_pg.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/gvmd/files/patch-src_sql_pg.c Wed Jan 6 08:48:43 2021 (r560476) @@ -0,0 +1,18 @@ +--- src/sql_pg.c 2020-12-31 16:50:03.471244000 -0500 ++++ src/sql_pg.c 2020-12-31 16:50:43.332754000 -0500 +@@ -26,13 +26,13 @@ + #include "sql.h" + + #include <assert.h> +-#include <endian.h> ++#include <sys/endian.h> + #include <errno.h> + #include <arpa/inet.h> + #include <glib.h> + #include <inttypes.h> + #include <netinet/in.h> +-#include <postgresql/libpq-fe.h> ++#include <libpq-fe.h> + #include <stdlib.h> + #include <string.h> + Added: head/security/gvmd/files/patch-src_utils.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/gvmd/files/patch-src_utils.c Wed Jan 6 08:48:43 2021 (r560476) @@ -0,0 +1,11 @@ +--- src/utils.c 2020-12-31 16:52:50.534962000 -0500 ++++ src/utils.c 2020-12-31 16:52:59.759527000 -0500 +@@ -34,7 +34,7 @@ + /** + * @brief Needed for nanosleep. + */ +-#define _POSIX_C_SOURCE 199309L ++//#define _POSIX_C_SOURCE 199309L + + #include "utils.h" + Added: head/security/gvmd/pkg-descr ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/gvmd/pkg-descr Wed Jan 6 08:48:43 2021 (r560476) @@ -0,0 +1,9 @@ +The Greenbone Vulnerability Manager is the central management service between +security scanners and the user clients. + +It manages the storage of any vulnerability management configurations and of +the scan results. Access to data, control commands and workflows is offered +via the XML-based Greenbone Management Protocol (GMP). Controlling scanners +like OpenVAS is done via the Open Scanner Protocol (OSP). + +WWW: https://github.com/greenbone/gvmd Added: head/security/gvmd/pkg-plist ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/gvmd/pkg-plist Wed Jan 6 08:48:43 2021 (r560476) @@ -0,0 +1,54 @@ +bin/gvm-manage-certs +@sample etc/gvm/gvmd_log.conf.sample +@sample etc/gvm/pwpolicy.conf.sample +lib/libgvm-pg-server.so +lib/libgvm-pg-server.so.20 +lib/libgvm-pg-server.so.20.08.0 +sbin/greenbone-certdata-sync +sbin/greenbone-feed-sync +sbin/greenbone-scapdata-sync +sbin/gvmd +share/doc/gvm/example-gvm-manage-certs.conf +share/doc/gvm/html/gmp.html +share/gvm/cert/cert_bund_getbyname.xsl +share/gvm/cert/dfn_cert_getbyname.xsl +share/gvm/gvm-lsc-deb-creator.sh +share/gvm/gvm-lsc-rpm-creator.sh +share/gvm/gvmd/global_alert_methods/159f79a5-fce8-4ec5-aa49-7d17a77739a3/alert +share/gvm/gvmd/global_alert_methods/2db07698-ec49-11e5-bcff-28d24461215b/alert +share/gvm/gvmd/global_alert_methods/4a398d42-87c0-11e5-a1c0-28d24461215b/alert +share/gvm/gvmd/global_alert_methods/5b39c481-9137-4876-b734-263849dd96ce/alert +share/gvm/gvmd/global_alert_methods/5b39c481-9137-4876-b734-263849dd96ce/report-convert.py +share/gvm/gvmd/global_alert_methods/9d435134-15d3-11e6-bf5c-28d24461215b/alert +share/gvm/gvmd/global_alert_methods/c427a688-b653-40ab-a9d0-d6ba842a9d63/alert +share/gvm/gvmd/global_alert_methods/cd1f5a34-6bdc-11e0-9827-002264764cea/alert +share/gvm/gvmd/global_alert_methods/f9d97653-f89b-41af-9ba1-0f6ee00e9c1a/alert +share/gvm/gvmd/global_schema_formats/02052818-dab6-11df-9be4-002264764cea/HTML.xsl +share/gvm/gvmd/global_schema_formats/02052818-dab6-11df-9be4-002264764cea/generate +share/gvm/gvmd/global_schema_formats/02052818-dab6-11df-9be4-002264764cea/rnc.xsl +share/gvm/gvmd/global_schema_formats/18e826fc-dab6-11df-b913-002264764cea/GMP.xml +share/gvm/gvmd/global_schema_formats/18e826fc-dab6-11df-b913-002264764cea/generate +share/gvm/gvmd/global_schema_formats/787a4a18-dabc-11df-9486-002264764cea/RNC.xsl +share/gvm/gvmd/global_schema_formats/787a4a18-dabc-11df-9486-002264764cea/generate +share/gvm/gvmd/global_schema_formats/787a4a18-dabc-11df-9486-002264764cea/rnc.xsl +share/gvm/gvmd/global_schema_formats/d6cf255e-947c-11e1-829a-406186ea4fc5/GMP.xsl +share/gvm/gvmd/global_schema_formats/d6cf255e-947c-11e1-829a-406186ea4fc5/generate +share/gvm/gvmd/wizards/delete_task_deep.xml +share/gvm/gvmd/wizards/get_tasks_deep.xml +share/gvm/gvmd/wizards/modify_task.xml +share/gvm/gvmd/wizards/quick_auth_scan.xml +share/gvm/gvmd/wizards/quick_first_scan.xml +share/gvm/gvmd/wizards/quick_task.xml +share/gvm/gvmd/wizards/reset_task.xml +share/gvm/scap/cpe_getbyname.xsl +share/gvm/scap/cve_getbyname.xsl +share/gvm/scap/ovaldef_getbyname.xsl +share/man/man1/gvm-manage-certs.1.gz +share/man/man8/greenbone-certdata-sync.8.gz +share/man/man8/greenbone-scapdata-sync.8.gz +share/man/man8/gvmd.8.gz +@dir(gvm,gvm,750) /var/lib/gvm/gvmd/gnupg +@dir(gvm,gvm,750) /var/lib/gvm/gvmd +@dir(gvm,gvm,750) /var/lib/gvm +@dir(gvm,gvm,750) /var/run/gvm +@dir(gvm,gvm,750) /var/log/gvm
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202101060848.1068miXj075551>