| 1 |
commit: 52aa196c5f6eaae0ca6639baa03a422aab2c7791 |
| 2 |
Author: Hasan ÇALIŞIR <hasan.calisir <AT> psauxit <DOT> com> |
| 3 |
AuthorDate: Thu Feb 7 01:52:55 2019 +0000 |
| 4 |
Commit: Patrice Clement <monsieurp <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Wed Mar 13 14:58:51 2019 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=52aa196c |
| 7 |
|
| 8 |
net-analyzer/greenbone-security-assistant: version bump to 7.0.3. |
| 9 |
|
| 10 |
Bump to 7.0.3. |
| 11 |
|
| 12 |
This also brings new improvements and introduces the new USE flag 'extras'. |
| 13 |
|
| 14 |
Introduces two new patches that fixes various issues: |
| 15 |
- auth patch fixes saving of auth config. |
| 16 |
- memleak patch fixes memleak issue. |
| 17 |
|
| 18 |
Introduces one new file that has proper nginx reverse proxy config |
| 19 |
for WebUI: gsad.nginx.reverse.proxy.example file |
| 20 |
|
| 21 |
systemd unit file & init script updated. |
| 22 |
|
| 23 |
Because of new dependencies ~arm ~ppc keywords have been dropped. |
| 24 |
|
| 25 |
This package is part of net-analyzer/openvas. |
| 26 |
|
| 27 |
Reported-by: NP-Hardass <np-hardass <AT> gentoo.org> |
| 28 |
Acked-by: Hasan ÇALIŞIR <hasan.calisir <AT> psauxit.com> |
| 29 |
Tested-by: Hasan ÇALIŞIR <hasan.calisir <AT> psauxit.com> |
| 30 |
Signed-off-by: Hasan ÇALIŞIR <hasan.calisir <AT> psauxit.com> |
| 31 |
Package-Manager: Portage-2.3.51, Repoman-2.3.11 |
| 32 |
Signed-off-by: Patrice Clement <monsieurp <AT> gentoo.org> |
| 33 |
|
| 34 |
net-analyzer/greenbone-security-assistant/Manifest | 1 + |
| 35 |
.../greenbone-security-assistant-7.0.3-auth.patch | 107 +++++++++++++++++++++ |
| 36 |
...reenbone-security-assistant-7.0.3-memleak.patch | 42 ++++++++ |
| 37 |
.../files/gsa-daemon.conf | 20 ++++ |
| 38 |
.../greenbone-security-assistant/files/gsa.init | 14 +++ |
| 39 |
.../files/gsa.logrotate | 9 ++ |
| 40 |
.../files/gsa.nginx.reverse.proxy.example | 78 +++++++++++++++ |
| 41 |
.../greenbone-security-assistant/files/gsa.service | 19 ++++ |
| 42 |
.../files/gsa.tmpfiles.d | 1 + |
| 43 |
.../greenbone-security-assistant-7.0.3.ebuild | 92 ++++++++++++++++++ |
| 44 |
.../greenbone-security-assistant/metadata.xml | 12 ++- |
| 45 |
11 files changed, 394 insertions(+), 1 deletion(-) |
| 46 |
|
| 47 |
diff --git a/net-analyzer/greenbone-security-assistant/Manifest b/net-analyzer/greenbone-security-assistant/Manifest |
| 48 |
index a8228051d49..15ef6d5326c 100644 |
| 49 |
--- a/net-analyzer/greenbone-security-assistant/Manifest |
| 50 |
+++ b/net-analyzer/greenbone-security-assistant/Manifest |
| 51 |
@@ -1 +1,2 @@ |
| 52 |
DIST greenbone-security-assistant-6.0.9.tar.gz 1476238 BLAKE2B 3311056256885102518e3b0e3106c23965e5a69ad4cfe13a2b34c68079a916466915b3296c80984656ff8a9f9b0aa35f5256c225250ae549d9727ad61f3a6b2b SHA512 4afb50f044b6853181c3c3e6466e7329915356bbcccecf98b89d9dc39a193392f45850f9073ac055ec826753af78e8a6368e7f9ac52734a3b5e254d124180d68 |
| 53 |
+DIST greenbone-security-assistant-7.0.3.tar.gz 2918954 BLAKE2B 4a6cd5d8378bcbb0a9df6cb5b8f6560060f15d0b0cb53d2c61692cb2bc2cd86af6e9cdeb5040c4d7020c3b016779a76ec517d54614388c62aaedd596f55fa3c4 SHA512 7e1c1ef939ba08dab3b78baf1aa9c110be2febfbed5d67eefe8110c60f5089a1af44bc26693657226f417c6bd516a4a656eb159dae2a78f878e1a1b6c222b117 |
| 54 |
|
| 55 |
diff --git a/net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-7.0.3-auth.patch b/net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-7.0.3-auth.patch |
| 56 |
new file mode 100644 |
| 57 |
index 00000000000..cce885e10e0 |
| 58 |
--- /dev/null |
| 59 |
+++ b/net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-7.0.3-auth.patch |
| 60 |
@@ -0,0 +1,107 @@ |
| 61 |
+--- gsa-7.0.3/src/gsad_omp.c 2019-02-02 03:22:19.297954361 +0300 |
| 62 |
++++ gsa-7.0.3/src/gsad_omp.c 2019-02-02 03:27:57.690214371 +0300 |
| 63 |
+@@ -1366,7 +1366,8 @@ |
| 64 |
+ || (strstr (param_name, "_id") |
| 65 |
+ == param_name + strlen (param_name) - strlen ("_id")) |
| 66 |
+ || (strcmp (param_name, "name") == 0 |
| 67 |
+- && strcasecmp (prev_action, "Run Wizard") == 0) |
| 68 |
++ && (strcasecmp (prev_action, "Run Wizard") == 0 |
| 69 |
++ || strcasecmp (next_cmd, "auth_settings") == 0)) |
| 70 |
+ || (strcmp (param_name, "get_name") == 0 |
| 71 |
+ && strcasecmp (next_cmd, "wizard_get") == 0)) |
| 72 |
+ { |
| 73 |
+@@ -25984,7 +25976,7 @@ |
| 74 |
+ |
| 75 |
+ html = response_from_entity (connection, credentials, params, entity, |
| 76 |
+ (no_redirect && strcmp (no_redirect, "0")), |
| 77 |
+- NULL, NULL, |
| 78 |
++ NULL, "auth_settings", |
| 79 |
+ NULL, "modify_auth", |
| 80 |
+ "Save Authentication Configuration", |
| 81 |
+ response_data); |
| 82 |
+--- gsa-7.0.3/src/html/classic/js/greenbone.js 2018-03-28 16:23:57.000000000 +0300 |
| 83 |
++++ gsa-7.0.3/src/html/classic/js/greenbone.js 2019-02-02 03:40:37.162714538 +0300 |
| 84 |
+@@ -1559,6 +1559,9 @@ |
| 85 |
+ if (reload === 'next') { |
| 86 |
+ reload_next(response); |
| 87 |
+ } |
| 88 |
++ else if (reload === 'window') { |
| 89 |
++ location.reload(); |
| 90 |
++ } |
| 91 |
+ }, |
| 92 |
+ function(jqXHR) { |
| 93 |
+ if (jqXHR.status == 0 && jqXHR.readyState == 0) { |
| 94 |
+--- gsa-7.0.3/src/html/classic/omp.xsl 2018-03-28 16:23:57.000000000 +0300 |
| 95 |
++++ gsa-7.0.3/src/html/classic/omp.xsl 2019-02-02 03:44:28.470599715 +0300 |
| 96 |
+@@ -36775,7 +36822,8 @@ |
| 97 |
+ <!-- AUTHENTICATION DESCRIPTION --> |
| 98 |
+ |
| 99 |
+ <xsl:template match="group" mode="ldapauth"> |
| 100 |
+- <div class="section-box" id="ldap-box"> |
| 101 |
++ <div class="section-box ajax-post" id="ldap-box" |
| 102 |
++ data-button="form #save_button" data-reload="window"> |
| 103 |
+ <form action="/omp" method="post" enctype="multipart/form-data"> |
| 104 |
+ <input type="hidden" name="token" value="{/envelope/token}"/> |
| 105 |
+ <input type="hidden" name="cmd" value="save_auth"/> |
| 106 |
+@@ -36784,6 +36832,15 @@ |
| 107 |
+ <input type="hidden" name="filter" value="{gsa:envelope-filter ()}"/> |
| 108 |
+ <!-- group name is e.g. of method:ldap --> |
| 109 |
+ <input type="hidden" name="group" value="{@name}"/> |
| 110 |
++ <!-- Auth type name for next page --> |
| 111 |
++ <input type="hidden" name="name" value="ldap"/> |
| 112 |
++ |
| 113 |
++ <div class="error-dialog"> |
| 114 |
++ <div class="text-center"> |
| 115 |
++ <xsl:value-of select="gsa:i18n ('LDAP authentication config could not be modified.')"/> |
| 116 |
++ </div> |
| 117 |
++ </div> |
| 118 |
++ |
| 119 |
+ <table class="gbntable"> |
| 120 |
+ <tr class="gbntablehead2"> |
| 121 |
+ <td><xsl:value-of select="gsa:i18n ('Setting')"/></td> |
| 122 |
+@@ -36838,7 +36895,8 @@ |
| 123 |
+ </tr> |
| 124 |
+ <tr> |
| 125 |
+ <td colspan="2" style="text-align:right;"> |
| 126 |
+- <input type="submit" name="submit" value="{gsa:i18n ('Save')}"/> |
| 127 |
++ <input type="submit" name="submit" id="save_button" |
| 128 |
++ value="{gsa:i18n ('Save')}"/> |
| 129 |
+ </td> |
| 130 |
+ </tr> |
| 131 |
+ </table> |
| 132 |
+@@ -36847,7 +36905,8 @@ |
| 133 |
+ </xsl:template> |
| 134 |
+ |
| 135 |
+ <xsl:template match="group" mode="radiusauth"> |
| 136 |
+- <div class="section-box" id="radius-box"> |
| 137 |
++ <div class="section-box ajax-post" id="radius-box" |
| 138 |
++ data-button="form #save_button" data-reload="window"> |
| 139 |
+ <form action="/omp" method="post" enctype="multipart/form-data"> |
| 140 |
+ <input type="hidden" name="token" value="{/envelope/token}"/> |
| 141 |
+ <input type="hidden" name="cmd" value="save_auth"/> |
| 142 |
+@@ -36856,6 +36915,15 @@ |
| 143 |
+ <input type="hidden" name="filter" value="{gsa:envelope-filter ()}"/> |
| 144 |
+ <!-- group name is e.g. of method:radius_connect --> |
| 145 |
+ <input type="hidden" name="group" value="{@name}"/> |
| 146 |
++ <!-- Auth type name for next page --> |
| 147 |
++ <input type="hidden" name="name" value="radius"/> |
| 148 |
++ |
| 149 |
++ <div class="error-dialog"> |
| 150 |
++ <div class="text-center"> |
| 151 |
++ <xsl:value-of select="gsa:i18n ('Radius authentication config could not be modified.')"/> |
| 152 |
++ </div> |
| 153 |
++ </div> |
| 154 |
++ |
| 155 |
+ <table class="gbntable"> |
| 156 |
+ <tr class="gbntablehead2"> |
| 157 |
+ <td><xsl:value-of select="gsa:i18n ('Setting')"/></td> |
| 158 |
+@@ -36890,7 +36958,8 @@ |
| 159 |
+ </tr> |
| 160 |
+ <tr> |
| 161 |
+ <td colspan="2" style="text-align:right;"> |
| 162 |
+- <input type="submit" name="submit" value="{gsa:i18n ('Save')}"/> |
| 163 |
++ <input type="submit" name="submit" id="save_button" |
| 164 |
++ value="{gsa:i18n ('Save')}"/> |
| 165 |
+ </td> |
| 166 |
+ </tr> |
| 167 |
+ </table> |
| 168 |
|
| 169 |
diff --git a/net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-7.0.3-memleak.patch b/net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-7.0.3-memleak.patch |
| 170 |
new file mode 100644 |
| 171 |
index 00000000000..5132e344a79 |
| 172 |
--- /dev/null |
| 173 |
+++ b/net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-7.0.3-memleak.patch |
| 174 |
@@ -0,0 +1,42 @@ |
| 175 |
+--- gsa-7.0.3/src/gsad_omp.c 2018-03-28 16:23:57.000000000 +0300 |
| 176 |
++++ gsa-7.0.3/src/gsad_omp.c 2019-02-02 03:12:16.617046562 +0300 |
| 177 |
+@@ -7737,16 +7738,21 @@ |
| 178 |
+ g_string_append (xml, command_escaped); |
| 179 |
+ g_free (command_escaped); |
| 180 |
+ |
| 181 |
++ response = NULL; |
| 182 |
+ ret = omp (connection, credentials, &response, &entity, response_data, |
| 183 |
+ command->str); |
| 184 |
+ g_string_free (command, TRUE); |
| 185 |
++ |
| 186 |
++ if (ret) |
| 187 |
++ { |
| 188 |
++ free_entity (entity); |
| 189 |
++ g_string_free (xml, TRUE); |
| 190 |
++ } |
| 191 |
++ |
| 192 |
+ switch (ret) |
| 193 |
+ { |
| 194 |
+ case 0: |
| 195 |
+ break; |
| 196 |
+- case -1: |
| 197 |
+- /* 'omp' set response. */ |
| 198 |
+- return response; |
| 199 |
+ case 1: |
| 200 |
+ response_data->http_status_code = MHD_HTTP_INTERNAL_SERVER_ERROR; |
| 201 |
+ return gsad_message (credentials, |
| 202 |
+@@ -7770,10 +7776,14 @@ |
| 203 |
+ "/omp?cmd=get_tasks", response_data); |
| 204 |
+ } |
| 205 |
+ |
| 206 |
++ if (omp_success (entity) == 0) |
| 207 |
++ set_http_status_from_entity (entity, response_data); |
| 208 |
+ g_string_append (xml, response); |
| 209 |
+ |
| 210 |
+ g_string_append (xml, "</get_aggregate>"); |
| 211 |
+ |
| 212 |
++ free_entity (entity); |
| 213 |
++ g_free (response); |
| 214 |
+ return xsl_transform_omp (connection, credentials, params, |
| 215 |
+ g_string_free (xml, FALSE), response_data); |
| 216 |
+ } |
| 217 |
|
| 218 |
diff --git a/net-analyzer/greenbone-security-assistant/files/gsa-daemon.conf b/net-analyzer/greenbone-security-assistant/files/gsa-daemon.conf |
| 219 |
new file mode 100644 |
| 220 |
index 00000000000..9d34da62659 |
| 221 |
--- /dev/null |
| 222 |
+++ b/net-analyzer/greenbone-security-assistant/files/gsa-daemon.conf |
| 223 |
@@ -0,0 +1,20 @@ |
| 224 |
+# OpenVAS Security Assistant command args |
| 225 |
+# man page --> https://www.mankier.com/8/gsad |
| 226 |
+ |
| 227 |
+# e.g. --foreground | e.g. --no-redirect -- > Don't listen port 80 anymore |
| 228 |
+OPENVAS_SECURITY_ASSISTANT_OPTIONS="--no-redirect" |
| 229 |
+ |
| 230 |
+# WebUI adress |
| 231 |
+OPENVAS_SECURITY_ASSISTANT_LISTEN_ADDRESS="--listen=127.0.0.1" |
| 232 |
+ |
| 233 |
+# WebUI Port |
| 234 |
+OPENVAS_SECURITY_ASSISTANT_LISTEN_PORT="--port=9392" |
| 235 |
+ |
| 236 |
+# WebUI Manager Address |
| 237 |
+OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_ADDRESS="--mlisten=127.0.0.1" |
| 238 |
+ |
| 239 |
+# WebUI Manager Port |
| 240 |
+OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_PORT="--mport=9390" |
| 241 |
+ |
| 242 |
+# TLS Settings |
| 243 |
+OPENVAS_SECURITY_ASSISTANT_GNUTLS_PRIORITIES="--gnutls-priorities=NORMAL" |
| 244 |
|
| 245 |
diff --git a/net-analyzer/greenbone-security-assistant/files/gsa.init b/net-analyzer/greenbone-security-assistant/files/gsa.init |
| 246 |
new file mode 100644 |
| 247 |
index 00000000000..6e625a96a25 |
| 248 |
--- /dev/null |
| 249 |
+++ b/net-analyzer/greenbone-security-assistant/files/gsa.init |
| 250 |
@@ -0,0 +1,14 @@ |
| 251 |
+#!/sbin/openrc-run |
| 252 |
+# Copyright 1999-2019 Gentoo Authors |
| 253 |
+# Distributed under the terms of the GNU General Public License v2 |
| 254 |
+ |
| 255 |
+name="Greenbone Security Assistant Daemon" |
| 256 |
+command="/usr/sbin/gsad" |
| 257 |
+command_args="${OPENVAS_SECURITY_ASSISTANT_OPTIONS} ${OPENVAS_SECURITY_ASSISTANT_LISTEN_ADDRESS} ${OPENVAS_SECURITY_ASSISTANT_LISTEN_PORT} ${OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_ADDRESS} ${OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_PORT} ${OPENVAS_SECURITY_ASSISTANT_GNUTLS_PRIORITIES}" |
| 258 |
+pidfile="/var/run/gsad.pid" |
| 259 |
+command_background="true" |
| 260 |
+ |
| 261 |
+depend() { |
| 262 |
+ after bootmisc |
| 263 |
+ need localmount net openvas-scanner gvmd |
| 264 |
+} |
| 265 |
|
| 266 |
diff --git a/net-analyzer/greenbone-security-assistant/files/gsa.logrotate b/net-analyzer/greenbone-security-assistant/files/gsa.logrotate |
| 267 |
new file mode 100644 |
| 268 |
index 00000000000..79e54e85431 |
| 269 |
--- /dev/null |
| 270 |
+++ b/net-analyzer/greenbone-security-assistant/files/gsa.logrotate |
| 271 |
@@ -0,0 +1,9 @@ |
| 272 |
+# logrotate for openvas security agent |
| 273 |
+/var/log/openvas/gsad.log { |
| 274 |
+ daily |
| 275 |
+ rotate 7 |
| 276 |
+ compress |
| 277 |
+ missingok |
| 278 |
+ notifempty |
| 279 |
+ sharedscripts |
| 280 |
+} |
| 281 |
|
| 282 |
diff --git a/net-analyzer/greenbone-security-assistant/files/gsa.nginx.reverse.proxy.example b/net-analyzer/greenbone-security-assistant/files/gsa.nginx.reverse.proxy.example |
| 283 |
new file mode 100644 |
| 284 |
index 00000000000..b233911a2f1 |
| 285 |
--- /dev/null |
| 286 |
+++ b/net-analyzer/greenbone-security-assistant/files/gsa.nginx.reverse.proxy.example |
| 287 |
@@ -0,0 +1,78 @@ |
| 288 |
+upstream backend { |
| 289 |
+ server 127.0.0.1:9392; |
| 290 |
+ keepalive 64; |
| 291 |
+} |
| 292 |
+ |
| 293 |
+server { |
| 294 |
+ listen IP:80; |
| 295 |
+ server_name openvas.domain.tdl; |
| 296 |
+ return 301 https://openvas.domain.tdl$request_uri; |
| 297 |
+} |
| 298 |
+ |
| 299 |
+server { |
| 300 |
+ listen IP:443 ssl http2; |
| 301 |
+ server_name openvas.domain.tdl; |
| 302 |
+ access_log /var/log/nginx/openvas.domain.tdl.access.log; |
| 303 |
+ error_log /var/log/nginx/openvas.domain.tdl.error.log; |
| 304 |
+ # Not sourcing directly from file |
| 305 |
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; |
| 306 |
+ fastcgi_param QUERY_STRING $query_string; |
| 307 |
+ fastcgi_param REQUEST_METHOD $request_method; |
| 308 |
+ fastcgi_param CONTENT_TYPE $content_type; |
| 309 |
+ fastcgi_param CONTENT_LENGTH $content_length; |
| 310 |
+ fastcgi_param SCRIPT_NAME $fastcgi_script_name; |
| 311 |
+ fastcgi_param REQUEST_URI $request_uri; |
| 312 |
+ fastcgi_param DOCUMENT_URI $document_uri; |
| 313 |
+ fastcgi_param SERVER_PROTOCOL $server_protocol; |
| 314 |
+ fastcgi_param REQUEST_SCHEME $scheme; |
| 315 |
+ fastcgi_param HTTPS $https; |
| 316 |
+ fastcgi_param GATEWAY_INTERFACE CGI/1.1; |
| 317 |
+ fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; |
| 318 |
+ fastcgi_param REMOTE_ADDR $remote_addr; |
| 319 |
+ fastcgi_param REMOTE_PORT $remote_port; |
| 320 |
+ fastcgi_param SERVER_ADDR $server_addr; |
| 321 |
+ fastcgi_param SERVER_PORT $server_port; |
| 322 |
+ fastcgi_param SERVER_NAME $server_name; |
| 323 |
+ fastcgi_param REDIRECT_STATUS 200; |
| 324 |
+ fastcgi_param HTTP_PROXY ""; |
| 325 |
+ fastcgi_param PATH_INFO $fastcgi_path_info; |
| 326 |
+ fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; |
| 327 |
+ fastcgi_param DOCUMENT_ROOT $document_root; |
| 328 |
+ |
| 329 |
+ location / { |
| 330 |
+ proxy_set_header Host $http_host; |
| 331 |
+ proxy_set_header X-Real-IP $remote_addr; |
| 332 |
+ proxy_set_header REMOTE_HOST $remote_addr; |
| 333 |
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
| 334 |
+ proxy_set_header X-FORWARDED-PROTOCOL $scheme; |
| 335 |
+ proxy_pass https://backend; |
| 336 |
+ proxy_http_version 1.1; |
| 337 |
+ proxy_pass_request_headers on; |
| 338 |
+ proxy_set_header Connection "keep-alive"; |
| 339 |
+ proxy_store off; |
| 340 |
+ gzip on; |
| 341 |
+ gzip_proxied any; |
| 342 |
+ gzip_types *; |
| 343 |
+ } |
| 344 |
+ |
| 345 |
+ resolver 127.0.0.1; |
| 346 |
+ resolver_timeout 6s; |
| 347 |
+ ssl_certificate /openvas.domain.tdl/fullchain.pem; |
| 348 |
+ ssl_certificate_key /openvas.domain.tdl/privkey.pem; |
| 349 |
+ ssl_trusted_certificate /openvas.domain.tdl/chain.pem; |
| 350 |
+ ssl_dhparam /openvas.domain.tdl/dhparam.pem; |
| 351 |
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2; |
| 352 |
+ ssl_prefer_server_ciphers on; |
| 353 |
+ ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS; |
| 354 |
+ ssl_ecdh_curve secp384r1; |
| 355 |
+ ssl_stapling on; |
| 356 |
+ ssl_stapling_verify on; |
| 357 |
+ ssl_session_cache shared:SSL:40m; |
| 358 |
+ ssl_session_timeout 21h; |
| 359 |
+ ssl_session_tickets off; |
| 360 |
+ ssl_buffer_size 4k; |
| 361 |
+ add_header Referrer-Policy no-referrer-when-downgrade; |
| 362 |
+ add_header X-Frame-Options "SAMEORIGIN"; |
| 363 |
+ add_header X-Content-Type-Options "nosniff"; |
| 364 |
+ add_header X-XSS-Protection "1; mode=block"; |
| 365 |
+} |
| 366 |
|
| 367 |
diff --git a/net-analyzer/greenbone-security-assistant/files/gsa.service b/net-analyzer/greenbone-security-assistant/files/gsa.service |
| 368 |
new file mode 100644 |
| 369 |
index 00000000000..3d0f2d37a45 |
| 370 |
--- /dev/null |
| 371 |
+++ b/net-analyzer/greenbone-security-assistant/files/gsa.service |
| 372 |
@@ -0,0 +1,19 @@ |
| 373 |
+[Unit] |
| 374 |
+Description=OpenVAS Manager |
| 375 |
+After=network.target |
| 376 |
+After=openvas-scanner.service |
| 377 |
+After=gvmd.service |
| 378 |
+Wants=gvmd.service |
| 379 |
+ |
| 380 |
+[Service] |
| 381 |
+Type=forking |
| 382 |
+EnvironmentFile=-/etc/openvas/sysconfig/gsa-daemon.conf |
| 383 |
+ExecStart=/usr/sbin/gsad $OPENVAS_SECURITY_ASSISTANT_OPTIONS $OPENVAS_SECURITY_ASSISTANT_LISTEN_ADDRESS $OPENVAS_SECURITY_ASSISTANT_LISTEN_PORT $OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_ADDRESS $OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_PORT $OPENVAS_SECURITY_ASSISTANT_GNUTLS_PRIORITIES |
| 384 |
+ExecReload=/bin/kill -HUP $MAINPID |
| 385 |
+KillMode=mixed |
| 386 |
+User=root |
| 387 |
+Group=root |
| 388 |
+TimeoutSec=1200 |
| 389 |
+ |
| 390 |
+[Install] |
| 391 |
+WantedBy=multi-user.target |
| 392 |
|
| 393 |
diff --git a/net-analyzer/greenbone-security-assistant/files/gsa.tmpfiles.d b/net-analyzer/greenbone-security-assistant/files/gsa.tmpfiles.d |
| 394 |
new file mode 100644 |
| 395 |
index 00000000000..18e820caec1 |
| 396 |
--- /dev/null |
| 397 |
+++ b/net-analyzer/greenbone-security-assistant/files/gsa.tmpfiles.d |
| 398 |
@@ -0,0 +1 @@ |
| 399 |
+d /var/cache/openvassd 0775 |
| 400 |
|
| 401 |
diff --git a/net-analyzer/greenbone-security-assistant/greenbone-security-assistant-7.0.3.ebuild b/net-analyzer/greenbone-security-assistant/greenbone-security-assistant-7.0.3.ebuild |
| 402 |
new file mode 100644 |
| 403 |
index 00000000000..c58b1ab920e |
| 404 |
--- /dev/null |
| 405 |
+++ b/net-analyzer/greenbone-security-assistant/greenbone-security-assistant-7.0.3.ebuild |
| 406 |
@@ -0,0 +1,92 @@ |
| 407 |
+# Copyright 1999-2019 Gentoo Authors |
| 408 |
+# Distributed under the terms of the GNU General Public License v2 |
| 409 |
+ |
| 410 |
+EAPI=7 |
| 411 |
+ |
| 412 |
+CMAKE_MAKEFILE_GENERATOR="emake" |
| 413 |
+inherit cmake-utils systemd |
| 414 |
+MY_PN="gsa" |
| 415 |
+ |
| 416 |
+DESCRIPTION="Greenbone Security Assistant for OpenVAS" |
| 417 |
+HOMEPAGE="http://www.openvas.org/" |
| 418 |
+SRC_URI="https://github.com/greenbone/${MY_PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" |
| 419 |
+ |
| 420 |
+SLOT="0" |
| 421 |
+LICENSE="GPL-2+ BSD MIT" |
| 422 |
+KEYWORDS="~amd64 ~x86" |
| 423 |
+IUSE="extras" |
| 424 |
+ |
| 425 |
+DEPEND=" |
| 426 |
+ dev-libs/libgcrypt:0= |
| 427 |
+ dev-libs/libxml2:2 |
| 428 |
+ dev-libs/libxslt |
| 429 |
+ >=net-analyzer/openvas-libraries-9.0.3 |
| 430 |
+ net-libs/gnutls:=[tools] |
| 431 |
+ net-libs/libmicrohttpd[messages] |
| 432 |
+ extras? ( dev-python/polib )" |
| 433 |
+ |
| 434 |
+RDEPEND=" |
| 435 |
+ ${DEPEND} |
| 436 |
+ >=net-analyzer/openvas-scanner-5.1.3 |
| 437 |
+ >=net-analyzer/openvas-manager-7.0.3 |
| 438 |
+ extras? ( dev-texlive/texlive-latexextra )" |
| 439 |
+ |
| 440 |
+BDEPEND=" |
| 441 |
+ virtual/pkgconfig |
| 442 |
+ extras? ( app-doc/doxygen[dot] |
| 443 |
+ app-doc/xmltoman |
| 444 |
+ app-text/htmldoc |
| 445 |
+ sys-devel/gettext |
| 446 |
+ )" |
| 447 |
+ |
| 448 |
+BUILD_DIR="${WORKDIR}/${MY_PN}-${PV}_build" |
| 449 |
+S="${WORKDIR}/${MY_PN}-${PV}" |
| 450 |
+ |
| 451 |
+PATCHES=( |
| 452 |
+ "${FILESDIR}/${P}-memleak.patch" |
| 453 |
+ "${FILESDIR}/${P}-auth.patch" |
| 454 |
+) |
| 455 |
+ |
| 456 |
+src_prepare() { |
| 457 |
+ cmake-utils_src_prepare |
| 458 |
+ if use extras; then |
| 459 |
+ doxygen -u "$S"/doc/Doxyfile_full.in || die |
| 460 |
+ fi |
| 461 |
+} |
| 462 |
+ |
| 463 |
+src_configure() { |
| 464 |
+ local mycmakeargs=( |
| 465 |
+ "-DCMAKE_INSTALL_PREFIX=${EPREFIX}/usr" |
| 466 |
+ "-DLOCALSTATEDIR=${EPREFIX}/var" |
| 467 |
+ "-DSYSCONFDIR=${EPREFIX}/etc" |
| 468 |
+ ) |
| 469 |
+ cmake-utils_src_configure |
| 470 |
+} |
| 471 |
+ |
| 472 |
+src_compile() { |
| 473 |
+ cmake-utils_src_compile |
| 474 |
+ if use extras; then |
| 475 |
+ cmake-utils_src_make -C "${BUILD_DIR}" doc |
| 476 |
+ cmake-utils_src_make doc-full -C "${BUILD_DIR}" doc |
| 477 |
+ HTML_DOCS=( "${BUILD_DIR}"/doc/generated/html/. ) |
| 478 |
+ fi |
| 479 |
+} |
| 480 |
+ |
| 481 |
+src_install() { |
| 482 |
+ cmake-utils_src_install |
| 483 |
+ |
| 484 |
+ insinto /etc/openvas/sysconfig |
| 485 |
+ doins "${FILESDIR}"/${MY_PN}-daemon.conf |
| 486 |
+ |
| 487 |
+ insinto /etc/openvas/reverse-proxy |
| 488 |
+ doins "${FILESDIR}"/gsa.nginx.reverse.proxy.example |
| 489 |
+ |
| 490 |
+ newinitd "${FILESDIR}/${MY_PN}.init" ${MY_PN} |
| 491 |
+ newconfd "${FILESDIR}/${MY_PN}-daemon.conf" ${MY_PN} |
| 492 |
+ |
| 493 |
+ insinto /etc/logrotate.d |
| 494 |
+ newins "${FILESDIR}/${MY_PN}.logrotate" ${MY_PN} |
| 495 |
+ |
| 496 |
+ systemd_newtmpfilesd "${FILESDIR}/${MY_PN}.tmpfiles.d" ${MY_PN}.conf |
| 497 |
+ systemd_dounit "${FILESDIR}"/${MY_PN}.service |
| 498 |
+} |
| 499 |
|
| 500 |
diff --git a/net-analyzer/greenbone-security-assistant/metadata.xml b/net-analyzer/greenbone-security-assistant/metadata.xml |
| 501 |
index 6f49eba8f49..6a3196eff3b 100644 |
| 502 |
--- a/net-analyzer/greenbone-security-assistant/metadata.xml |
| 503 |
+++ b/net-analyzer/greenbone-security-assistant/metadata.xml |
| 504 |
@@ -1,5 +1,15 @@ |
| 505 |
<?xml version="1.0" encoding="UTF-8"?> |
| 506 |
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
| 507 |
<pkgmetadata> |
| 508 |
-<!-- maintainer-needed --> |
| 509 |
+ <maintainer type="person"> |
| 510 |
+ <email>hasan.calisir@×××××××.com</email> |
| 511 |
+ <name>Hasan ÇALIŞIR</name> |
| 512 |
+ </maintainer> |
| 513 |
+ <maintainer type="project"> |
| 514 |
+ <email>proxy-maint@g.o</email> |
| 515 |
+ <name>Proxy Maintainers</name> |
| 516 |
+ </maintainer> |
| 517 |
+ <use> |
| 518 |
+ <flag name="extras">Pdf results, extra fonts, html docs support</flag> |
| 519 |
+ </use> |
| 520 |
</pkgmetadata> |
Archives