aboutsummaryrefslogtreecommitdiffstats
path: root/community/openvas-scanner
diff options
context:
space:
mode:
Diffstat (limited to 'community/openvas-scanner')
-rw-r--r--community/openvas-scanner/001-cmakelist-fortify.patch21
-rw-r--r--community/openvas-scanner/002-execinfo-musl-fix.patch40
-rw-r--r--community/openvas-scanner/APKBUILD100
-rw-r--r--community/openvas-scanner/openvas-nvt-sync.cron38
-rw-r--r--community/openvas-scanner/openvas-scanner.post-install3
-rw-r--r--community/openvas-scanner/openvassd.conf118
-rw-r--r--community/openvas-scanner/openvassd.confd27
-rw-r--r--community/openvas-scanner/openvassd.initd26
-rw-r--r--community/openvas-scanner/openvassd.logrotate11
9 files changed, 0 insertions, 384 deletions
diff --git a/community/openvas-scanner/001-cmakelist-fortify.patch b/community/openvas-scanner/001-cmakelist-fortify.patch
deleted file mode 100644
index e77214f945..0000000000
--- a/community/openvas-scanner/001-cmakelist-fortify.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-diff --git a/CMakeLists.txt b/CMakeLists.txt
-index 588f5d8..a98929f 100644
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -34,6 +34,7 @@ if (POLICY CMP0005)
- endif (POLICY CMP0005)
-
- include (FindPkgConfig)
-+include(CheckIncludeFile)
-
- if (NOT PKG_CONFIG_FOUND)
- message(FATAL_ERROR "pkg-config executable not found. Aborting.")
-@@ -225,7 +226,7 @@ configure_file (tools/greenbone-nvt-sync.in tools/greenbone-nvt-sync @ONLY)
-
- ## Program
-
--set (HARDENING_FLAGS "-Wformat -Wformat-security -O2 -D_FORTIFY_SOURCE=2 -fstack-protector -Wl,-z,relro -Wl,-z,now")
-+set (HARDENING_FLAGS "-Wformat -Wformat-security -O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fstack-protector -Wl,-z,relro -Wl,-z,now")
-
- set (CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -Werror")
- set (CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${HARDENING_FLAGS} -Wall -D_BSD_SOURCE -D_ISOC99_SOURCE -D_SVID_SOURCE -D_DEFAULT_SOURCE")
diff --git a/community/openvas-scanner/002-execinfo-musl-fix.patch b/community/openvas-scanner/002-execinfo-musl-fix.patch
deleted file mode 100644
index 8fd2164221..0000000000
--- a/community/openvas-scanner/002-execinfo-musl-fix.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-diff --git a/src/sighand.c b/src/sighand.c
-index 1ebf206..985e470 100644
---- a/src/sighand.c
-+++ b/src/sighand.c
-@@ -30,7 +30,10 @@
- #include <errno.h> /* for errno() */
- #include <sys/wait.h> /* for wait() */
- #include <sys/socket.h> /* for shutdown() */
-+
-+#ifdef HAVE_EXECINFO_H
- #include <execinfo.h>
-+#endif
-
- #include "log.h"
- #include "sighand.h"
-@@ -112,6 +115,7 @@ sighand_chld (pid_t pid)
- waitpid (pid, &status, WNOHANG);
- }
-
-+#ifdef HAVE_EXECINFO_H
- static void
- print_trace ()
- {
-@@ -126,13 +130,16 @@ print_trace ()
- log_write ("%s\n", symbols[i]);
- g_free (symbols);
- }
-+#endif
-
- void
- sighand_segv ()
- {
- signal (SIGSEGV, _exit);
- log_write ("SIGSEGV occured !");
-+ #ifdef HAVE_EXECINFO_H
- print_trace ();
-+ #endif
- make_em_die (SIGTERM);
- log_close ();
- _exit (0);
diff --git a/community/openvas-scanner/APKBUILD b/community/openvas-scanner/APKBUILD
deleted file mode 100644
index 09b3f3af50..0000000000
--- a/community/openvas-scanner/APKBUILD
+++ /dev/null
@@ -1,100 +0,0 @@
-# Contributor: Francesco Colista <fcolista@alpinelinux.org>
-# Maintainer: Francesco Colista <fcolista@alpinelinux.org>
-pkgname=openvas-scanner
-_pkgname=openvassd
-pkgver=5.0.5
-_pkgid=2266
-pkgrel=3
-pkgdesc="The OpenVAS scanning Daemon"
-url="http://www.openvas.org/"
-arch="all"
-license="GPL"
-depends="redis nmap coreutils openssl"
-depends_dev=""
-makedepends="$depends_dev cmake openvas-libraries-dev glib-dev
- doxygen xmltoman"
-install=""
-subpackages="$pkgname-doc"
-source="http://wald.intevation.org/frs/download.php/$_pkgid/$pkgname-$pkgver.tar.gz
- $_pkgname.initd
- $_pkgname.confd
- $_pkgname.conf
- $_pkgname.logrotate
- openvas-nvt-sync.cron
- 001-cmakelist-fortify.patch
- 002-execinfo-musl-fix.patch"
-
-_builddir="$srcdir"/$pkgname-$pkgver
-prepare() {
- local i
- cd "$_builddir"
- for i in $source; do
- case $i in
- *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
- esac
- done
-}
-
-build() {
- cd "$_builddir"
- cmake -DCMAKE_BUILD_TYPE=Release \
- -DSBINDIR=/usr/bin \
- -DCMAKE_INSTALL_PREFIX=/usr \
- -DSYSCONFDIR=/etc \
- -DLOCALSTATEDIR=/var .
- make || return 1
-}
-
-package() {
- cd "$_builddir"
- make DESTDIR="$pkgdir/" install
- install -Dm644 "$srcdir/$_pkgname.logrotate" "$pkgdir/etc/logrotate.d/$_pkgname"
- install -m755 -D "$srcdir"/$_pkgname.initd "$pkgdir"/etc/init.d/$_pkgname
- install -m755 -D "$srcdir"/$_pkgname.confd "$pkgdir"/etc/conf.d/$_pkgname
- install -m755 -D "$srcdir"/$_pkgname.conf "$pkgdir"/etc/openvas/$_pkgname.conf
- install -Dm744 "$srcdir"/openvas-nvt-sync.cron \
- "$pkgdir"/etc/periodic/daily/openvas-nvt-sync
-
- mkdir -p "$pkgdir"/usr/share/doc/$_pkgname
- cat >"$pkgdir"/usr/share/doc/$_pkgname/README.alpine <<EOF
- ** In order to make openvas-scanner daemon start, redis server needs to run and listen to a socket.
- ** This is a part of redis.conf that should be adjusted:
-
- unixsocket /tmp/redis.sock
- unixsocketperm 700
- port 0 # prevent redis from listening on a TCP socket
- timeout 0
- #DB = 1 + (#of parallel tasks) * (#of parallel hosts)
- databases 128
- #CLI = 1 + (#of parallel tasks) * (#of parallel hosts) * (#of concurrent NVTs)
- maxclients 512
- ** Further info can be found to:
- https://svn.wald.intevation.org/svn/openvas/tags/openvas-scanner-release-$pkgver/doc/redis_config.txt
-
-EOF
-}
-
-md5sums="8eb30120fa8f5aea3a55c729ca9d4939 openvas-scanner-5.0.5.tar.gz
-2343f34f83401016cb01f564e9c6c222 openvassd.initd
-2fe5c960c0e5e8db0e438de417a70e7a openvassd.confd
-9fbfafb3f5001240d2d869ac3d365adf openvassd.conf
-a9e8ef884da6a0b33d3b29867d2ffcea openvassd.logrotate
-99ec960c1646038b41dbac7a8073500c openvas-nvt-sync.cron
-4ccb1c805294a2ceff8c73bceaa8c064 001-cmakelist-fortify.patch
-12dc0fb6e1c1410ade5762744afaab71 002-execinfo-musl-fix.patch"
-sha256sums="108d8aba9f53ae58b187cb2e297fc5a3e77ac5c2cd9db421fb20598fdfb2ad0a openvas-scanner-5.0.5.tar.gz
-a842a6d29c5bf82296d771cfd44e152616277ed412b66f8a4ade81ac593d5615 openvassd.initd
-3664ee9dad3627259dafb9494d4a794ccd184a1aeaba06b3b283a7eccd1ee0b8 openvassd.confd
-c01dc363c4423dfa791690b6cef50df8ff46af02bbf008ac07575351ab94e0b3 openvassd.conf
-c4623fe22f777e722915b6a4cf19030fa54a1fb18fe2ee074e3fb2a2fe6b81ed openvassd.logrotate
-d3666d4cb7b639530a312b1dc49867b3b0de41209ea659924428df2d486cea40 openvas-nvt-sync.cron
-11bf3922c6ae25a5ed9fbc0b5c567c8106058ed424ba2c4c50959c44fee8dfd9 001-cmakelist-fortify.patch
-b5583f364f5b538634759c1df8f3bcd6b4218adcab2e9d18bdfd1904605ecf6d 002-execinfo-musl-fix.patch"
-sha512sums="e439c8abb39e397a9d3842846c09fe7cb13c57294f528ae738bed8f962ac776a10a87d0299145be33b88307a7ab8dcb519808e897457bedba5cf0d02918483c9 openvas-scanner-5.0.5.tar.gz
-528fc356c485daf3456e0e8f20ecd7bc93c772dd7afc8ec9d7a485cf89156f433fb4ae29a8b3cac7f126c8fa1ac4ca7f1cc4a10bd2388358fdd2e06a04a3c2e4 openvassd.initd
-a47cf3add7a0e14175ccbae1c24c0e63ea7daf92ffa3e4d1bb988a2342e9b1ebfb597f0d20075ad22219dc2970d69e92bf8a3608cc156d4b5ca84723879bac71 openvassd.confd
-0d203cd2dfcf0b77ce8d2546235de16f23ea71c7e601db557fcd67e9c8dc460029494f1a146daadb44101ae194d7fa4d511a488bb69094e5470de9e10acf008b openvassd.conf
-5934a31ef4b7267fd741c41bb97fe2e1e42735d2324cce07145de1942efae3f5e42e8652ec0c3482dd53477be420a58124eae943f254105547abf065febb9046 openvassd.logrotate
-92f1700ba15e04f0d830ac04db8c61bffb06104692fd91386a7f67ad8cc4bd1ea92651207a615c4bc56abc3a6c4f2fcf54fad52779fe5c6169d38f98b83513ea openvas-nvt-sync.cron
-0e0087477ec313709c1d84480e9f2896628807010d039eb066627229e7f694434b66ae7f7cd44d379e714bd7ff23458bc46f721e953c2603d568fc350d2f0572 001-cmakelist-fortify.patch
-5e63b56fc64867c5973eb3593afcf677dc4da900b20d0f82fa24659010da290c0cfc00fe1e67cd2fadd4c58af3df2059120edeef344eedf213ab8a87a0376e49 002-execinfo-musl-fix.patch"
diff --git a/community/openvas-scanner/openvas-nvt-sync.cron b/community/openvas-scanner/openvas-nvt-sync.cron
deleted file mode 100644
index ff1729f9f8..0000000000
--- a/community/openvas-scanner/openvas-nvt-sync.cron
+++ /dev/null
@@ -1,38 +0,0 @@
-#!/bin/sh
-
-if [ -f /etc/openvas/openvassd.conf ]; then
- . /etc/openvas/openvassd.conf
-fi
-
-if [ "$auto_plugin_update" != "yes" ]; then
- exit 0
-fi
-
-opts=""
-case "$update_method" in
- rsync)
- opts = "$opts --rsync"
- ;;
- wget)
- opts = "$opts --wget"
- ;;
- curl)
- opts = "$opts --curl"
- ;;
-esac
-
-# Export openvas-nvt-sync's environment variables if they are defined
-[ \! -z "$NVT_DIR" ] && export NVT_DIR
-[ \! -z "$OV_RSYNC_FEED" ] && export OV_RSYNC_FEED
-[ \! -z "$OV_HTTP_FEED" ] && export OV_HTTP_FEED
-
-/usr/sbin/openvas-nvt-sync $opts >& /dev/null
-
-if [ $? -ne 0 ]; then
- echo "Error updating OpenVAS plugins. Please run openvas-nvt-sync manually."
- exit 1
-fi
-
-if [ "$notify_openvas_scanner" == "yes" ]; then
- /etc/init.d/openvas-scanner reloadplugins
-fi
diff --git a/community/openvas-scanner/openvas-scanner.post-install b/community/openvas-scanner/openvas-scanner.post-install
deleted file mode 100644
index 1c27c059da..0000000000
--- a/community/openvas-scanner/openvas-scanner.post-install
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh
-echo "Remember to modify redis server in order to listen to a socket"
-exit 0
diff --git a/community/openvas-scanner/openvassd.conf b/community/openvas-scanner/openvassd.conf
deleted file mode 100644
index 88f83f4bed..0000000000
--- a/community/openvas-scanner/openvassd.conf
+++ /dev/null
@@ -1,118 +0,0 @@
-# Configuration file of the OpenVAS Security Scanner
-
-# Every line starting with a '#' is a comment
-
-[Misc]
-
-# Path to the security checks folder:
-plugins_folder = /var/lib/openvas/plugins
-
-# Path to OpenVAS caching folder:
-cache_folder = /var/cache/openvas
-
-# Path to OpenVAS include directories:
-# (multiple entries are separated with colon ':')
-include_folders = /var/lib/openvas/plugins
-
-# Maximum number of simultaneous hosts tested :
-max_hosts = 30
-
-# Maximum number of simultaneous checks against each host tested :
-max_checks = 10
-
-# Niceness. If set to 'yes', openvassd will renice itself to 10.
-be_nice = no
-
-# Log file (or 'syslog') :
-logfile = /var/log/openvas/openvassd.log
-
-# Shall we log every details of the attack ? (disk intensive)
-log_whole_attack = no
-
-# Log the name of the plugins that are loaded by the server ?
-log_plugins_name_at_load = no
-
-# Dump file for debugging output, use `-' for stdout
-dumpfile = /var/log/openvas/openvassd.dump
-
-# Rules file :
-rules = /etc/openvas/openvassd.rules
-
-# CGI paths to check for (cgi-bin:/cgi-aws:/ can do)
-cgi_path = /cgi-bin:/scripts
-
-# Range of the ports the port scanners will scan :
-# 'default' means that OpenVAS will scan ports found in its
-# services file.
-port_range = default
-
-# Optimize the test (recommended) :
-optimize_test = yes
-
-# Optimization :
-# Read timeout for the sockets of the tests :
-checks_read_timeout = 5
-
-# Ports against which two plugins should not be run simultaneously :
-# non_simult_ports = Services/www, 139, Services/finger
-non_simult_ports = 139, 445
-
-# Maximum lifetime of a plugin (in seconds) :
-plugins_timeout = 320
-
-# Safe checks rely on banner grabbing :
-safe_checks = yes
-
-# Automatically activate the plugins that are depended on
-auto_enable_dependencies = yes
-
-# Do not echo data from plugins which have been automatically enabled
-silent_dependencies = no
-
-# Designate hosts by MAC address, not IP address (useful for DHCP networks)
-use_mac_addr = no
-
-
-#--- Knowledge base saving (can be configured by the client) :
-# Save the knowledge base on disk :
-save_knowledge_base = no
-
-# Restore the KB for each test :
-kb_restore = no
-
-# Only test hosts whose KB we do not have :
-only_test_hosts_whose_kb_we_dont_have = no
-
-# Only test hosts whose KB we already have :
-only_test_hosts_whose_kb_we_have = no
-
-# KB test replay :
-kb_dont_replay_scanners = no
-kb_dont_replay_info_gathering = no
-kb_dont_replay_attacks = no
-kb_dont_replay_denials = no
-kb_max_age = 864000
-#--- end of the KB section
-
-
-# If this option is set, OpenVAS will not scan a network incrementally
-# (10.0.0.1, then 10.0.0.2, 10.0.0.3 and so on..) but will attempt to
-# slice the workload throughout the whole network (ie: it will scan
-# 10.0.0.1, then 10.0.0.127, then 10.0.0.2, then 10.0.0.128 and so on...
-slice_network_addresses = no
-
-# Should consider all the NASL scripts as being signed ? (unsafe if set to 'yes')
-nasl_no_signature_check = yes
-
-#Certificates
-cert_file=/var/lib/openvas/CA/servercert.pem
-key_file=/var/lib/openvas/private/CA/serverkey.pem
-ca_file=/var/lib/openvas/CA/cacert.pem
-
-# If you decide to protect your private key with a password,
-# uncomment and change next line
-# pem_password=password
-# If you want to force the use of a client certificate, uncomment next line
-# force_pubkey_auth = yes
-
-#end.
diff --git a/community/openvas-scanner/openvassd.confd b/community/openvas-scanner/openvassd.confd
deleted file mode 100644
index d48adef151..0000000000
--- a/community/openvas-scanner/openvassd.confd
+++ /dev/null
@@ -1,27 +0,0 @@
-#Listen on given address - by default scanner listens on all addresses
-#SCANNER_LISTEN=--listen=127.0.0.1
-
-#Listen on given port - by default 9391
-SCANNER_PORT=--port=9391
-
-#Send the packets with the source IP of IP1,IP2,IP3....
-#SCANNER_SRCIP=--src-ip=127.0.0.1,192.168.1.2
-
-# Extra Arguments
-# SCANNER_EXTRA_ARGS=""
-
-# Set to yes if plugins should be automatically updated via a cron job
-auto_plugin_update=no
-
-# Notify OpenVAS scanner after update by seding it SIGHUP?
-notify_openvas_scanner=yes
-
-# Method to use to get updates. The default is via rsync
-# Note that only wget and curl support retrieval via proxy
-# update_method=rsync|wget|curl
-
-# Additionaly, you can specify the following variables
-#NVT_DIR where to extract plugins (absolute path)
-#OV_RSYNC_FEED URL of rsync feed
-#OV_HTTP_FEED URL of http feed
-
diff --git a/community/openvas-scanner/openvassd.initd b/community/openvas-scanner/openvassd.initd
deleted file mode 100644
index 4b4de5e515..0000000000
--- a/community/openvas-scanner/openvassd.initd
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/sbin/openrc-run
-# Copyright 1999-2014 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-name="OpenVAS Scanner"
-command="/usr/bin/openvassd"
-command_args="${SCANNER_LISTEN} ${SCANNER_PORT} ${SCANNER_SRCIP} ${SCANNER_EXTRA_ARGS}"
-pidfile="/run/openvassd.pid"
-extra_stopped_commands="create_cache"
-
-depend() {
- after bootmisc
- need localmount net
-}
-
-start_pre() {
- checkpath --directory --mode 0775 --quiet /var/cache/openvas
-}
-
-create_cache() {
- checkpath --directory --mode 0775 --quiet /var/cache/openvas
- ebegin "Generating initial Cache"
- /usr/bin/openvassd --foreground --only-cache
- eend $?
-}
diff --git a/community/openvas-scanner/openvassd.logrotate b/community/openvas-scanner/openvassd.logrotate
deleted file mode 100644
index 9316ba8d96..0000000000
--- a/community/openvas-scanner/openvassd.logrotate
+++ /dev/null
@@ -1,11 +0,0 @@
-# logrotate for openvas
-/var/log/openvas/openvassd.log {
- rotate 4
- weekly
- compress
- delaycompress
- missingok
- postrotate
- /bin/kill -HUP `pidof openvassd`
- endscript
-}