gentoo resync : 19.03.2019

author: V3n3RiX <venerix@redcorelinux.org> 2019-03-19 11:37:34 +0000
committer: V3n3RiX <venerix@redcorelinux.org> 2019-03-19 11:37:34 +0000
commit: b7b97785ebbb2f11d24d14dab8b81ed274f4ce6a (patch)
tree: 9fd110f9fc996e8a4213eeda994a8c112491b86d /net-analyzer/greenbone-security-assistant
parent: 066d27181e9a797ad9f8fc43b49fc9a10ff2f707 (diff)
11 files changed, 404 insertions, 2 deletions
diff --git a/net-analyzer/greenbone-security-assistant/Manifest b/net-analyzer/greenbone-security-assistant/Manifest
index 545bd68c6ca0..9e693447b148 100644
--- a/net-analyzer/greenbone-security-assistant/Manifest
+++ b/net-analyzer/greenbone-security-assistant/Manifest
@@ -1,4 +1,12 @@
 AUX greenbone-security-assistant-5.0.3-run.patch 504 BLAKE2B 3e14a5e2d559bfa0f487760ebe081013627038a6ceb690b444c0eb680c05293e4a031074ba05438366a8b01fab4ad1a48f4e9fd97bb7150bdc288cacb718b999 SHA512 fead69c99f8cfb376d19c684495ed4cec7a90672fed378f3ae9ea245393ab3d52c34a2c8e5dd84ce7c5b844f1aa01d70b7a143f417e93f320a240bf1f683bb5d
+AUX greenbone-security-assistant-7.0.3-auth.patch 4606 BLAKE2B aa9698aea86c1f0253d4f9ce263c83bce8a440184693ec5e438435517a04a87e9e3df7990522a212e6509b61ee1455e4fb11ccb4aa434c01edb4027c8fb38e2d SHA512 8012de90a92518acd71716790730e7ca736e2b64be026a11fa648b569bfb4229813a39be134efa1b1c09ce394aaeb44db6d31687279a6f5468f7cc97bb1a54ba
+AUX greenbone-security-assistant-7.0.3-memleak.patch 1206 BLAKE2B 1349e2cf9d82fa9bc0b05bb471e4ad8c298a12c6ae0ecdc12a44f686440d5cc1b5f6bab8a7fb97a643e2457e99040da9aaf5f0285bbb6582131af3bda297803d SHA512 5ec8404ae8d8c40dc7d1d4cab7572888dc08cedf9c17e8e95e138b9441c34e5d0eeb24f066d15ef5b69d5da9f3a3bbc70ebb6eaf275763b3ec5583af9265652d
+AUX gsa-daemon.conf 632 BLAKE2B 9d255f3f9da1d06bb8f78a4ff2b58f304c3765b217dff23485fced7bcd91721e131fc6325b6cb43336c88b9ffab302545fa8c263682c6150279a2fd1f58c221a SHA512 d5ec560be28202bc43580dc215f5214cc73dd9c98fb5949b791e32507e9e593296c2b426c8fb598092d7f7a13dab1c1765458b42730f3a2e97d7cb5f8bcff954
+AUX gsa.init 609 BLAKE2B e25e0d010d9d42daef22daea08ef06581455dc992e75345fa8d5afaf616a39c5b53ab361ee136f29b226b81980cb398c49ba6564e55b097da5fb052b836d5d2d SHA512 ab2cd0f0c5a7999284cdb92e0213a978d2cb0df0196c1d2acd4eeded28dcd365d17e122024a754730942ab6e39eefa11f75df1caaaba0b797d9ff8c4954d9862
+AUX gsa.logrotate 134 BLAKE2B 56bd0128621688a1b1fc5cb0a96503e60b0a2975bfbe74b4db0853b45356610081996004923bc958b8d71ea8e5add097cc8083ce9cd83af38e87995d9386fc1d SHA512 e6164c4b494d87ad55a9b1120bad2cc8619a623382417e0301738e728c535ea78f89f935807eb7616ae7a17d05942f105a7c76795e636f9bcc672a04e3444149
+AUX gsa.nginx.reverse.proxy.example 3835 BLAKE2B c4ec87cd5f1a0e5aedb93f95c7010a3f19b9123355b24b2899c157a532b020ba192ee6f5a382448b17fe0ff1d8473be6a390e0779d3f8c3963d050d0f5c91775 SHA512 c323f37f4dd1bc4633213f9aede141e2a915344df7aa8e7be043583e6a5415ec8fefea707f1cab29f478423165f3285c629da683515f08d6e046385fb7177751
+AUX gsa.service 618 BLAKE2B 3fee74a879374bafa0ef9dd65dcddc0ee91c63649d32fcd6cb023b6ff4d881cb971b3db49931bcaaead7b293609a16207459cc803235c1854ee752b07b484582 SHA512 30b29a3503c3b9ee7d5e2bb4e59e28a58d43fcdb0587e820878ac809677c5a7929e119bfc52e569b41fafd4d15ad37d5f9c945bfc89e42ba91ba32d10f1dc192
+AUX gsa.tmpfiles.d 28 BLAKE2B b9343651fc4923451b02a5f72cad7da95e4d790a7b77eb72ca239588568a5d2b88cad1f9f698ad61403c332a44005989e8d6e67ff1ad06cab26abdf67f8d8621 SHA512 b5d98625495353d32bdcaecf5499e2cbe3a8b1a84b067018b61f2ce6e110b0e3a14a061e8791c08891a7058976555a2c7971b48c90f690605129deb457b7b754
 AUX gsad 440 BLAKE2B 30fcd923866fb7b17aac3a02a03bb5584c2a43b3cd2a0805706834a008a9f0107bb0553e0c51d180e080c1ec98f45ad58baaad709897110b80383cdbc3f4c924 SHA512 4fd03f00530253e824905a79b7f482b2307d181c8a182096d9fa694d0efce78bba12147961d35ed2616bbc5e5ea3adb0621b5bbacf8401db6d323a266c50ca76
 AUX gsad-daemon.conf 378 BLAKE2B ec130e95c087effff1e4f36037bd688583561fac4e3186cac8a4c9204488af60187221a84311cf15269baa61cfcaf765984a394a0b73121b538ae6c90758c1fe SHA512 a4802e41391b4ac51a88924dd3246390fe13c7119eac1130f34e8ff0f7b7df9096c9176569ac63fc2cc7ad8dae9e1bfa762f4853d2c3f7845208bdee0e8072e8
 AUX gsad.init 391 BLAKE2B d4167cc68208773dfee0b93930f40ffbf9f68ad70fcb8dc3e4ee42057148414bebc814f1269b8a1b0687462f3847dc5e111a7e5cd3789d0d82f414f6f8bd7c02 SHA512 3955aae20e32ceb61bef9a937ac6e63ec16e33994f88f0daa21cb4160feebabeefdec27dbd0451eabd07ee50d10ff02c1dedb8a37e69e6d5b93dd053d13925ba
@@ -6,5 +14,7 @@ AUX gsad.logrotate 199 BLAKE2B 1e1e68c2c5b0bcc097498e30fd007dc3e5b73b5e87592f844
 AUX gsad.service 386 BLAKE2B a87330e9d243b4cf951e5a9d21821a501ac2b4a4fbd37e951554ca4fe5ab5e5b84c23b19ff8a685c43d25db31df4b1bd269bd163cb4a522db0bcfba1cd4248ca SHA512 6a706bb3d9fe474818aad419ad50f315a144ac489af5e8225deee773439d12b1296d026ae38bcc3f7fa5b826e2fdcf902b1f072024dda40d9431e12026627a32
 AUX gsad.tmpfiles.d 28 BLAKE2B b9343651fc4923451b02a5f72cad7da95e4d790a7b77eb72ca239588568a5d2b88cad1f9f698ad61403c332a44005989e8d6e67ff1ad06cab26abdf67f8d8621 SHA512 b5d98625495353d32bdcaecf5499e2cbe3a8b1a84b067018b61f2ce6e110b0e3a14a061e8791c08891a7058976555a2c7971b48c90f690605129deb457b7b754
 DIST greenbone-security-assistant-6.0.9.tar.gz 1476238 BLAKE2B 3311056256885102518e3b0e3106c23965e5a69ad4cfe13a2b34c68079a916466915b3296c80984656ff8a9f9b0aa35f5256c225250ae549d9727ad61f3a6b2b SHA512 4afb50f044b6853181c3c3e6466e7329915356bbcccecf98b89d9dc39a193392f45850f9073ac055ec826753af78e8a6368e7f9ac52734a3b5e254d124180d68
+DIST greenbone-security-assistant-7.0.3.tar.gz 2918954 BLAKE2B 4a6cd5d8378bcbb0a9df6cb5b8f6560060f15d0b0cb53d2c61692cb2bc2cd86af6e9cdeb5040c4d7020c3b016779a76ec517d54614388c62aaedd596f55fa3c4 SHA512 7e1c1ef939ba08dab3b78baf1aa9c110be2febfbed5d67eefe8110c60f5089a1af44bc26693657226f417c6bd516a4a656eb159dae2a78f878e1a1b6c222b117
 EBUILD greenbone-security-assistant-6.0.9.ebuild 1308 BLAKE2B 3698cf939f27d441dbdc9feeb5b29be859e2b80360eec531e3a2e54b58d12f18d7be7f7f82d4152f0331e471cf8d862e8ffb942366391662b0706edfb3404f69 SHA512 c44a805020ed43474435946aa514a5cd712b7e0872d30600bbf4d875f8f9f8837bb43efab5104c263bf4bf05d10de89cdcf82ff0ad21e8e3f7b9b50b56c69905
-MISC metadata.xml 166 BLAKE2B c254f1fb642881aba57637be14fb0a89b10384f91a128feaec3a8c870d76efc2cbacb92caccc0dee2dd19a5ac5eaf8643080dafa05c4e2ac96a68568927e5afd SHA512 a56648c974a1d14dd4c18237532773c72057a13ab90c58b5da04f185e3c12a8bd8d5c21fb06053507f31766291a82dc7d87b34cd65fd94cfe2af7295c813ef84
+EBUILD greenbone-security-assistant-7.0.3.ebuild 2084 BLAKE2B 458e7fe2a2129d1862a20b4da13ba443267f7337bac016e41c611657d345882a7a8e0ee675d5a666f8c5ef0d9fd0165372659f086d4e49df1eb8e8ceffd5b635 SHA512 ff913784bab0ad214d6ec98ebf5411d6187313ef4c98b486d0655ab7203db123509c6fbfa1faaf66802be17858ee2931759e39f1adede00adc425f9ccfd44d6a
+MISC metadata.xml 461 BLAKE2B 734b873325f2519d61fe25c81061f2344cccffbbe7c6915b716dfa11cdbd09dabfdebe218749680c7bcca47899a8eba97e3152d2b9ac32f7246310408acd3a10 SHA512 87b57dc463871d595b3448b57d4038ad5391eaac1143ee3dc50800d736030abc9ee82387b4127c68b9b106c4972cf75acf42a6e8726c6eaa60cdcc1bde886896
diff --git a/net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-7.0.3-auth.patch b/net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-7.0.3-auth.patch
new file mode 100644
index 000000000000..cce885e10e01
--- /dev/null
+++ b/net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-7.0.3-auth.patch
@@ -0,0 +1,107 @@
+--- gsa-7.0.3/src/gsad_omp.c	2019-02-02 03:22:19.297954361 +0300
++++ gsa-7.0.3/src/gsad_omp.c	2019-02-02 03:27:57.690214371 +0300
+@@ -1366,7 +1366,8 @@
+           || (strstr (param_name, "_id")
+                 == param_name + strlen (param_name) - strlen ("_id"))
+           || (strcmp (param_name, "name") == 0
+-              && strcasecmp (prev_action, "Run Wizard") == 0)
++              && (strcasecmp (prev_action, "Run Wizard") == 0
++                  || strcasecmp (next_cmd, "auth_settings") == 0))
+           || (strcmp (param_name, "get_name") == 0
+               && strcasecmp (next_cmd, "wizard_get") == 0))
+         {
+@@ -25984,7 +25976,7 @@
+ 
+   html = response_from_entity (connection, credentials, params, entity,
+                                (no_redirect && strcmp (no_redirect, "0")),
+-                               NULL, NULL,
++                               NULL, "auth_settings",
+                                NULL, "modify_auth",
+                                "Save Authentication Configuration",
+                                response_data);
+--- gsa-7.0.3/src/html/classic/js/greenbone.js  2018-03-28 16:23:57.000000000 +0300
++++ gsa-7.0.3/src/html/classic/js/greenbone.js  2019-02-02 03:40:37.162714538 +0300
+@@ -1559,6 +1559,9 @@
+           if (reload === 'next') {
+             reload_next(response);
+           }
++          else if (reload === 'window') {
++            location.reload();
++          }
+         },
+         function(jqXHR) {
+           if (jqXHR.status == 0 && jqXHR.readyState == 0) {
+--- gsa-7.0.3/src/html/classic/omp.xsl	2018-03-28 16:23:57.000000000 +0300
++++ gsa-7.0.3/src/html/classic/omp.xsl	2019-02-02 03:44:28.470599715 +0300
+@@ -36775,7 +36822,8 @@
+ <!-- AUTHENTICATION DESCRIPTION -->
+ 
+ <xsl:template match="group" mode="ldapauth">
+-  <div class="section-box" id="ldap-box">
++  <div class="section-box ajax-post" id="ldap-box"
++      data-button="form #save_button" data-reload="window">
+     <form action="/omp" method="post" enctype="multipart/form-data">
+       <input type="hidden" name="token" value="{/envelope/token}"/>
+       <input type="hidden" name="cmd" value="save_auth"/>
+@@ -36784,6 +36832,15 @@
+       <input type="hidden" name="filter" value="{gsa:envelope-filter ()}"/>
+       <!-- group name is e.g. of method:ldap -->
+       <input type="hidden" name="group" value="{@name}"/>
++      <!-- Auth type name for next page -->
++      <input type="hidden" name="name" value="ldap"/>
++
++      <div class="error-dialog">
++        <div class="text-center">
++          <xsl:value-of select="gsa:i18n ('LDAP authentication config could not be modified.')"/>
++        </div>
++      </div>
++
+       <table class="gbntable">
+         <tr class="gbntablehead2">
+           <td><xsl:value-of select="gsa:i18n ('Setting')"/></td>
+@@ -36838,7 +36895,8 @@
+         </tr>
+         <tr>
+           <td colspan="2" style="text-align:right;">
+-            <input type="submit" name="submit" value="{gsa:i18n ('Save')}"/>
++            <input type="submit" name="submit" id="save_button"
++                   value="{gsa:i18n ('Save')}"/>
+           </td>
+         </tr>
+       </table>
+@@ -36847,7 +36905,8 @@
+ </xsl:template>
+ 
+ <xsl:template match="group" mode="radiusauth">
+-  <div class="section-box" id="radius-box">
++  <div class="section-box ajax-post" id="radius-box"
++      data-button="form #save_button" data-reload="window">
+     <form action="/omp" method="post" enctype="multipart/form-data">
+       <input type="hidden" name="token" value="{/envelope/token}"/>
+       <input type="hidden" name="cmd" value="save_auth"/>
+@@ -36856,6 +36915,15 @@
+       <input type="hidden" name="filter" value="{gsa:envelope-filter ()}"/>
+       <!-- group name is e.g. of method:radius_connect -->
+       <input type="hidden" name="group" value="{@name}"/>
++      <!-- Auth type name for next page -->
++      <input type="hidden" name="name" value="radius"/>
++
++      <div class="error-dialog">
++        <div class="text-center">
++          <xsl:value-of select="gsa:i18n ('Radius authentication config could not be modified.')"/>
++        </div>
++      </div>
++
+       <table class="gbntable">
+         <tr class="gbntablehead2">
+           <td><xsl:value-of select="gsa:i18n ('Setting')"/></td>
+@@ -36890,7 +36958,8 @@
+           </tr>
+         <tr>
+           <td colspan="2" style="text-align:right;">
+-            <input type="submit" name="submit" value="{gsa:i18n ('Save')}"/>
++            <input type="submit" name="submit" id="save_button"
++                   value="{gsa:i18n ('Save')}"/>
+           </td>
+         </tr>
+       </table>
diff --git a/net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-7.0.3-memleak.patch b/net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-7.0.3-memleak.patch
new file mode 100644
index 000000000000..5132e344a798
--- /dev/null
+++ b/net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-7.0.3-memleak.patch
@@ -0,0 +1,42 @@
+--- gsa-7.0.3/src/gsad_omp.c	2018-03-28 16:23:57.000000000 +0300
++++ gsa-7.0.3/src/gsad_omp.c	2019-02-02 03:12:16.617046562 +0300
+@@ -7737,16 +7738,21 @@
+   g_string_append (xml, command_escaped);
+   g_free (command_escaped);
+ 
++  response = NULL;
+   ret = omp (connection, credentials, &response, &entity, response_data,
+              command->str);
+   g_string_free (command, TRUE);
++
++  if (ret)
++    {
++      free_entity (entity);
++      g_string_free (xml, TRUE);
++    }
++
+   switch (ret)
+     {
+       case 0:
+         break;
+-      case -1:
+-        /* 'omp' set response. */
+-        return response;
+       case 1:
+         response_data->http_status_code = MHD_HTTP_INTERNAL_SERVER_ERROR;
+         return gsad_message (credentials,
+@@ -7770,10 +7776,14 @@
+                              "/omp?cmd=get_tasks", response_data);
+     }
+ 
++  if (omp_success (entity) == 0)
++    set_http_status_from_entity (entity, response_data);
+   g_string_append (xml, response);
+ 
+   g_string_append (xml, "</get_aggregate>");
+ 
++  free_entity (entity);
++  g_free (response);
+   return xsl_transform_omp (connection, credentials, params,
+                             g_string_free (xml, FALSE), response_data);
+ }
diff --git a/net-analyzer/greenbone-security-assistant/files/gsa-daemon.conf b/net-analyzer/greenbone-security-assistant/files/gsa-daemon.conf
new file mode 100644
index 000000000000..9d34da62659c
--- /dev/null
+++ b/net-analyzer/greenbone-security-assistant/files/gsa-daemon.conf
@@ -0,0 +1,20 @@
+# OpenVAS Security Assistant command args
+# man page --> https://www.mankier.com/8/gsad
+
+# e.g. --foreground | e.g. --no-redirect -- > Don't listen port 80 anymore
+OPENVAS_SECURITY_ASSISTANT_OPTIONS="--no-redirect"
+
+# WebUI adress
+OPENVAS_SECURITY_ASSISTANT_LISTEN_ADDRESS="--listen=127.0.0.1"
+
+# WebUI Port
+OPENVAS_SECURITY_ASSISTANT_LISTEN_PORT="--port=9392"
+
+# WebUI Manager Address
+OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_ADDRESS="--mlisten=127.0.0.1"
+
+# WebUI Manager Port
+OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_PORT="--mport=9390"
+
+# TLS Settings
+OPENVAS_SECURITY_ASSISTANT_GNUTLS_PRIORITIES="--gnutls-priorities=NORMAL"
diff --git a/net-analyzer/greenbone-security-assistant/files/gsa.init b/net-analyzer/greenbone-security-assistant/files/gsa.init
new file mode 100644
index 000000000000..6e625a96a25c
--- /dev/null
+++ b/net-analyzer/greenbone-security-assistant/files/gsa.init
@@ -0,0 +1,14 @@
+#!/sbin/openrc-run
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+name="Greenbone Security Assistant Daemon"
+command="/usr/sbin/gsad"
+command_args="${OPENVAS_SECURITY_ASSISTANT_OPTIONS} ${OPENVAS_SECURITY_ASSISTANT_LISTEN_ADDRESS} ${OPENVAS_SECURITY_ASSISTANT_LISTEN_PORT} ${OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_ADDRESS} ${OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_PORT} ${OPENVAS_SECURITY_ASSISTANT_GNUTLS_PRIORITIES}"
+pidfile="/var/run/gsad.pid"
+command_background="true"
+
+depend() {
+	after bootmisc
+	need localmount net openvas-scanner gvmd
+}
diff --git a/net-analyzer/greenbone-security-assistant/files/gsa.logrotate b/net-analyzer/greenbone-security-assistant/files/gsa.logrotate
new file mode 100644
index 000000000000..79e54e854319
--- /dev/null
+++ b/net-analyzer/greenbone-security-assistant/files/gsa.logrotate
@@ -0,0 +1,9 @@
+# logrotate for openvas security agent
+/var/log/openvas/gsad.log {
+	daily
+	rotate 7
+	compress
+	missingok
+	notifempty
+	sharedscripts
+}
diff --git a/net-analyzer/greenbone-security-assistant/files/gsa.nginx.reverse.proxy.example b/net-analyzer/greenbone-security-assistant/files/gsa.nginx.reverse.proxy.example
new file mode 100644
index 000000000000..b233911a2f1d
--- /dev/null
+++ b/net-analyzer/greenbone-security-assistant/files/gsa.nginx.reverse.proxy.example
@@ -0,0 +1,78 @@
+upstream backend {
+    server 127.0.0.1:9392;
+    keepalive 64;
+}
+
+server {
+        listen IP:80;
+        server_name openvas.domain.tdl;
+        return 301 https://openvas.domain.tdl$request_uri;
+}
+
+server {
+        listen IP:443 ssl http2;
+        server_name openvas.domain.tdl;
+        access_log /var/log/nginx/openvas.domain.tdl.access.log;
+        error_log  /var/log/nginx/openvas.domain.tdl.error.log;
+        # Not sourcing directly from file
+        fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
+	fastcgi_param  QUERY_STRING       $query_string;
+	fastcgi_param  REQUEST_METHOD     $request_method;
+	fastcgi_param  CONTENT_TYPE       $content_type;
+	fastcgi_param  CONTENT_LENGTH     $content_length;
+	fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
+	fastcgi_param  REQUEST_URI        $request_uri;
+	fastcgi_param  DOCUMENT_URI       $document_uri;
+	fastcgi_param  SERVER_PROTOCOL    $server_protocol;
+	fastcgi_param  REQUEST_SCHEME     $scheme;
+	fastcgi_param  HTTPS              $https;
+	fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
+	fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
+	fastcgi_param  REMOTE_ADDR        $remote_addr;
+	fastcgi_param  REMOTE_PORT        $remote_port;
+	fastcgi_param  SERVER_ADDR        $server_addr;
+	fastcgi_param  SERVER_PORT        $server_port;
+	fastcgi_param  SERVER_NAME        $server_name;
+	fastcgi_param  REDIRECT_STATUS    200;
+        fastcgi_param  HTTP_PROXY "";
+        fastcgi_param  PATH_INFO          $fastcgi_path_info;
+	fastcgi_param  PATH_TRANSLATED    $document_root$fastcgi_path_info;
+        fastcgi_param  DOCUMENT_ROOT	  $document_root;
+
+        location / {        
+                proxy_set_header   Host             $http_host;
+                proxy_set_header   X-Real-IP        $remote_addr;
+                proxy_set_header   REMOTE_HOST      $remote_addr;
+                proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
+                proxy_set_header   X-FORWARDED-PROTOCOL $scheme;
+                proxy_pass https://backend;
+                proxy_http_version 1.1;
+                proxy_pass_request_headers on;
+                proxy_set_header Connection "keep-alive";
+                proxy_store off;
+                gzip on;
+                gzip_proxied any;
+                gzip_types *;
+        }
+
+	resolver 127.0.0.1;
+        resolver_timeout 6s;
+	ssl_certificate /openvas.domain.tdl/fullchain.pem;
+	ssl_certificate_key /openvas.domain.tdl/privkey.pem;
+        ssl_trusted_certificate /openvas.domain.tdl/chain.pem;        
+        ssl_dhparam /openvas.domain.tdl/dhparam.pem;
+        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+        ssl_prefer_server_ciphers on;
+        ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
+        ssl_ecdh_curve  secp384r1;
+        ssl_stapling on;
+        ssl_stapling_verify on;
+        ssl_session_cache shared:SSL:40m;
+        ssl_session_timeout 21h;
+        ssl_session_tickets off;
+        ssl_buffer_size 4k;
+        add_header Referrer-Policy no-referrer-when-downgrade;
+        add_header X-Frame-Options "SAMEORIGIN";
+        add_header X-Content-Type-Options "nosniff";
+        add_header X-XSS-Protection "1; mode=block";
+}
diff --git a/net-analyzer/greenbone-security-assistant/files/gsa.service b/net-analyzer/greenbone-security-assistant/files/gsa.service
new file mode 100644
index 000000000000..3d0f2d37a45e
--- /dev/null
+++ b/net-analyzer/greenbone-security-assistant/files/gsa.service
@@ -0,0 +1,19 @@
+[Unit]
+Description=OpenVAS Manager
+After=network.target
+After=openvas-scanner.service
+After=gvmd.service
+Wants=gvmd.service
+
+[Service]
+Type=forking
+EnvironmentFile=-/etc/openvas/sysconfig/gsa-daemon.conf
+ExecStart=/usr/sbin/gsad $OPENVAS_SECURITY_ASSISTANT_OPTIONS $OPENVAS_SECURITY_ASSISTANT_LISTEN_ADDRESS $OPENVAS_SECURITY_ASSISTANT_LISTEN_PORT $OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_ADDRESS $OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_PORT $OPENVAS_SECURITY_ASSISTANT_GNUTLS_PRIORITIES
+ExecReload=/bin/kill -HUP $MAINPID
+KillMode=mixed
+User=root
+Group=root
+TimeoutSec=1200
+
+[Install]
+WantedBy=multi-user.target
diff --git a/net-analyzer/greenbone-security-assistant/files/gsa.tmpfiles.d b/net-analyzer/greenbone-security-assistant/files/gsa.tmpfiles.d
new file mode 100644
index 000000000000..18e820caec1b
--- /dev/null
+++ b/net-analyzer/greenbone-security-assistant/files/gsa.tmpfiles.d
@@ -0,0 +1 @@
+d	/var/cache/openvassd 0775
diff --git a/net-analyzer/greenbone-security-assistant/greenbone-security-assistant-7.0.3.ebuild b/net-analyzer/greenbone-security-assistant/greenbone-security-assistant-7.0.3.ebuild
new file mode 100644
index 000000000000..c58b1ab920e2
--- /dev/null
+++ b/net-analyzer/greenbone-security-assistant/greenbone-security-assistant-7.0.3.ebuild
@@ -0,0 +1,92 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+CMAKE_MAKEFILE_GENERATOR="emake"
+inherit cmake-utils systemd
+MY_PN="gsa"
+
+DESCRIPTION="Greenbone Security Assistant for OpenVAS"
+HOMEPAGE="http://www.openvas.org/"
+SRC_URI="https://github.com/greenbone/${MY_PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+
+SLOT="0"
+LICENSE="GPL-2+ BSD MIT"
+KEYWORDS="~amd64 ~x86"
+IUSE="extras"
+
+DEPEND="
+	dev-libs/libgcrypt:0=
+	dev-libs/libxml2:2
+	dev-libs/libxslt
+	>=net-analyzer/openvas-libraries-9.0.3
+	net-libs/gnutls:=[tools]
+	net-libs/libmicrohttpd[messages]
+	extras? ( dev-python/polib )"
+
+RDEPEND="
+	${DEPEND}
+	>=net-analyzer/openvas-scanner-5.1.3
+	>=net-analyzer/openvas-manager-7.0.3
+	extras? ( dev-texlive/texlive-latexextra )"
+
+BDEPEND="
+	virtual/pkgconfig
+	extras? ( app-doc/doxygen[dot]
+		  app-doc/xmltoman
+		  app-text/htmldoc
+		  sys-devel/gettext
+	)"
+
+BUILD_DIR="${WORKDIR}/${MY_PN}-${PV}_build"
+S="${WORKDIR}/${MY_PN}-${PV}"
+
+PATCHES=(
+	"${FILESDIR}/${P}-memleak.patch"
+	"${FILESDIR}/${P}-auth.patch"
+)
+
+src_prepare() {
+	cmake-utils_src_prepare
+	if use extras; then
+		doxygen -u "$S"/doc/Doxyfile_full.in || die
+	fi
+}
+
+src_configure() {
+	local mycmakeargs=(
+		"-DCMAKE_INSTALL_PREFIX=${EPREFIX}/usr"
+		"-DLOCALSTATEDIR=${EPREFIX}/var"
+		"-DSYSCONFDIR=${EPREFIX}/etc"
+	)
+	cmake-utils_src_configure
+}
+
+src_compile() {
+	cmake-utils_src_compile
+	if use extras; then
+		cmake-utils_src_make -C "${BUILD_DIR}" doc
+		cmake-utils_src_make doc-full -C "${BUILD_DIR}" doc
+		HTML_DOCS=( "${BUILD_DIR}"/doc/generated/html/. )
+	fi
+}
+
+src_install() {
+	cmake-utils_src_install
+
+	insinto /etc/openvas/sysconfig
+	doins "${FILESDIR}"/${MY_PN}-daemon.conf
+
+	insinto /etc/openvas/reverse-proxy
+	doins "${FILESDIR}"/gsa.nginx.reverse.proxy.example
+
+	newinitd "${FILESDIR}/${MY_PN}.init" ${MY_PN}
+	newconfd "${FILESDIR}/${MY_PN}-daemon.conf" ${MY_PN}
+
+	insinto /etc/logrotate.d
+	newins "${FILESDIR}/${MY_PN}.logrotate" ${MY_PN}
+
+	systemd_newtmpfilesd "${FILESDIR}/${MY_PN}.tmpfiles.d" ${MY_PN}.conf
+	systemd_dounit "${FILESDIR}"/${MY_PN}.service
+}
diff --git a/net-analyzer/greenbone-security-assistant/metadata.xml b/net-analyzer/greenbone-security-assistant/metadata.xml
index 6f49eba8f496..6a3196eff3b2 100644
--- a/net-analyzer/greenbone-security-assistant/metadata.xml
+++ b/net-analyzer/greenbone-security-assistant/metadata.xml
@@ -1,5 +1,15 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
 <pkgmetadata>
-<!-- maintainer-needed -->
+	<maintainer type="person">
+		<email>hasan.calisir@psauxit.com</email>
+		<name>Hasan ÇALIŞIR</name>
+	</maintainer>
+	<maintainer type="project">
+		<email>proxy-maint@gentoo.org</email>
+		<name>Proxy Maintainers</name>
+	</maintainer>
+	<use>
+		<flag name="extras">Pdf results, extra fonts, html docs support</flag>
+	</use>
 </pkgmetadata>
author	V3n3RiX <venerix@redcorelinux.org>	2019-03-19 11:37:34 +0000
committer	V3n3RiX <venerix@redcorelinux.org>	2019-03-19 11:37:34 +0000
commit	b7b97785ebbb2f11d24d14dab8b81ed274f4ce6a (patch)
tree	9fd110f9fc996e8a4213eeda994a8c112491b86d /net-analyzer/greenbone-security-assistant
parent	066d27181e9a797ad9f8fc43b49fc9a10ff2f707 (diff)