summaryrefslogtreecommitdiff
path: root/net-analyzer/greenbone-security-assistant
diff options
context:
space:
mode:
authorV3n3RiX <venerix@redcorelinux.org>2019-03-19 11:37:34 +0000
committerV3n3RiX <venerix@redcorelinux.org>2019-03-19 11:37:34 +0000
commitb7b97785ebbb2f11d24d14dab8b81ed274f4ce6a (patch)
tree9fd110f9fc996e8a4213eeda994a8c112491b86d /net-analyzer/greenbone-security-assistant
parent066d27181e9a797ad9f8fc43b49fc9a10ff2f707 (diff)
gentoo resync : 19.03.2019
Diffstat (limited to 'net-analyzer/greenbone-security-assistant')
-rw-r--r--net-analyzer/greenbone-security-assistant/Manifest12
-rw-r--r--net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-7.0.3-auth.patch107
-rw-r--r--net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-7.0.3-memleak.patch42
-rw-r--r--net-analyzer/greenbone-security-assistant/files/gsa-daemon.conf20
-rw-r--r--net-analyzer/greenbone-security-assistant/files/gsa.init14
-rw-r--r--net-analyzer/greenbone-security-assistant/files/gsa.logrotate9
-rw-r--r--net-analyzer/greenbone-security-assistant/files/gsa.nginx.reverse.proxy.example78
-rw-r--r--net-analyzer/greenbone-security-assistant/files/gsa.service19
-rw-r--r--net-analyzer/greenbone-security-assistant/files/gsa.tmpfiles.d1
-rw-r--r--net-analyzer/greenbone-security-assistant/greenbone-security-assistant-7.0.3.ebuild92
-rw-r--r--net-analyzer/greenbone-security-assistant/metadata.xml12
11 files changed, 404 insertions, 2 deletions
diff --git a/net-analyzer/greenbone-security-assistant/Manifest b/net-analyzer/greenbone-security-assistant/Manifest
index 545bd68c6ca0..9e693447b148 100644
--- a/net-analyzer/greenbone-security-assistant/Manifest
+++ b/net-analyzer/greenbone-security-assistant/Manifest
@@ -1,4 +1,12 @@
AUX greenbone-security-assistant-5.0.3-run.patch 504 BLAKE2B 3e14a5e2d559bfa0f487760ebe081013627038a6ceb690b444c0eb680c05293e4a031074ba05438366a8b01fab4ad1a48f4e9fd97bb7150bdc288cacb718b999 SHA512 fead69c99f8cfb376d19c684495ed4cec7a90672fed378f3ae9ea245393ab3d52c34a2c8e5dd84ce7c5b844f1aa01d70b7a143f417e93f320a240bf1f683bb5d
+AUX greenbone-security-assistant-7.0.3-auth.patch 4606 BLAKE2B aa9698aea86c1f0253d4f9ce263c83bce8a440184693ec5e438435517a04a87e9e3df7990522a212e6509b61ee1455e4fb11ccb4aa434c01edb4027c8fb38e2d SHA512 8012de90a92518acd71716790730e7ca736e2b64be026a11fa648b569bfb4229813a39be134efa1b1c09ce394aaeb44db6d31687279a6f5468f7cc97bb1a54ba
+AUX greenbone-security-assistant-7.0.3-memleak.patch 1206 BLAKE2B 1349e2cf9d82fa9bc0b05bb471e4ad8c298a12c6ae0ecdc12a44f686440d5cc1b5f6bab8a7fb97a643e2457e99040da9aaf5f0285bbb6582131af3bda297803d SHA512 5ec8404ae8d8c40dc7d1d4cab7572888dc08cedf9c17e8e95e138b9441c34e5d0eeb24f066d15ef5b69d5da9f3a3bbc70ebb6eaf275763b3ec5583af9265652d
+AUX gsa-daemon.conf 632 BLAKE2B 9d255f3f9da1d06bb8f78a4ff2b58f304c3765b217dff23485fced7bcd91721e131fc6325b6cb43336c88b9ffab302545fa8c263682c6150279a2fd1f58c221a SHA512 d5ec560be28202bc43580dc215f5214cc73dd9c98fb5949b791e32507e9e593296c2b426c8fb598092d7f7a13dab1c1765458b42730f3a2e97d7cb5f8bcff954
+AUX gsa.init 609 BLAKE2B e25e0d010d9d42daef22daea08ef06581455dc992e75345fa8d5afaf616a39c5b53ab361ee136f29b226b81980cb398c49ba6564e55b097da5fb052b836d5d2d SHA512 ab2cd0f0c5a7999284cdb92e0213a978d2cb0df0196c1d2acd4eeded28dcd365d17e122024a754730942ab6e39eefa11f75df1caaaba0b797d9ff8c4954d9862
+AUX gsa.logrotate 134 BLAKE2B 56bd0128621688a1b1fc5cb0a96503e60b0a2975bfbe74b4db0853b45356610081996004923bc958b8d71ea8e5add097cc8083ce9cd83af38e87995d9386fc1d SHA512 e6164c4b494d87ad55a9b1120bad2cc8619a623382417e0301738e728c535ea78f89f935807eb7616ae7a17d05942f105a7c76795e636f9bcc672a04e3444149
+AUX gsa.nginx.reverse.proxy.example 3835 BLAKE2B c4ec87cd5f1a0e5aedb93f95c7010a3f19b9123355b24b2899c157a532b020ba192ee6f5a382448b17fe0ff1d8473be6a390e0779d3f8c3963d050d0f5c91775 SHA512 c323f37f4dd1bc4633213f9aede141e2a915344df7aa8e7be043583e6a5415ec8fefea707f1cab29f478423165f3285c629da683515f08d6e046385fb7177751
+AUX gsa.service 618 BLAKE2B 3fee74a879374bafa0ef9dd65dcddc0ee91c63649d32fcd6cb023b6ff4d881cb971b3db49931bcaaead7b293609a16207459cc803235c1854ee752b07b484582 SHA512 30b29a3503c3b9ee7d5e2bb4e59e28a58d43fcdb0587e820878ac809677c5a7929e119bfc52e569b41fafd4d15ad37d5f9c945bfc89e42ba91ba32d10f1dc192
+AUX gsa.tmpfiles.d 28 BLAKE2B b9343651fc4923451b02a5f72cad7da95e4d790a7b77eb72ca239588568a5d2b88cad1f9f698ad61403c332a44005989e8d6e67ff1ad06cab26abdf67f8d8621 SHA512 b5d98625495353d32bdcaecf5499e2cbe3a8b1a84b067018b61f2ce6e110b0e3a14a061e8791c08891a7058976555a2c7971b48c90f690605129deb457b7b754
AUX gsad 440 BLAKE2B 30fcd923866fb7b17aac3a02a03bb5584c2a43b3cd2a0805706834a008a9f0107bb0553e0c51d180e080c1ec98f45ad58baaad709897110b80383cdbc3f4c924 SHA512 4fd03f00530253e824905a79b7f482b2307d181c8a182096d9fa694d0efce78bba12147961d35ed2616bbc5e5ea3adb0621b5bbacf8401db6d323a266c50ca76
AUX gsad-daemon.conf 378 BLAKE2B ec130e95c087effff1e4f36037bd688583561fac4e3186cac8a4c9204488af60187221a84311cf15269baa61cfcaf765984a394a0b73121b538ae6c90758c1fe SHA512 a4802e41391b4ac51a88924dd3246390fe13c7119eac1130f34e8ff0f7b7df9096c9176569ac63fc2cc7ad8dae9e1bfa762f4853d2c3f7845208bdee0e8072e8
AUX gsad.init 391 BLAKE2B d4167cc68208773dfee0b93930f40ffbf9f68ad70fcb8dc3e4ee42057148414bebc814f1269b8a1b0687462f3847dc5e111a7e5cd3789d0d82f414f6f8bd7c02 SHA512 3955aae20e32ceb61bef9a937ac6e63ec16e33994f88f0daa21cb4160feebabeefdec27dbd0451eabd07ee50d10ff02c1dedb8a37e69e6d5b93dd053d13925ba
@@ -6,5 +14,7 @@ AUX gsad.logrotate 199 BLAKE2B 1e1e68c2c5b0bcc097498e30fd007dc3e5b73b5e87592f844
AUX gsad.service 386 BLAKE2B a87330e9d243b4cf951e5a9d21821a501ac2b4a4fbd37e951554ca4fe5ab5e5b84c23b19ff8a685c43d25db31df4b1bd269bd163cb4a522db0bcfba1cd4248ca SHA512 6a706bb3d9fe474818aad419ad50f315a144ac489af5e8225deee773439d12b1296d026ae38bcc3f7fa5b826e2fdcf902b1f072024dda40d9431e12026627a32
AUX gsad.tmpfiles.d 28 BLAKE2B b9343651fc4923451b02a5f72cad7da95e4d790a7b77eb72ca239588568a5d2b88cad1f9f698ad61403c332a44005989e8d6e67ff1ad06cab26abdf67f8d8621 SHA512 b5d98625495353d32bdcaecf5499e2cbe3a8b1a84b067018b61f2ce6e110b0e3a14a061e8791c08891a7058976555a2c7971b48c90f690605129deb457b7b754
DIST greenbone-security-assistant-6.0.9.tar.gz 1476238 BLAKE2B 3311056256885102518e3b0e3106c23965e5a69ad4cfe13a2b34c68079a916466915b3296c80984656ff8a9f9b0aa35f5256c225250ae549d9727ad61f3a6b2b SHA512 4afb50f044b6853181c3c3e6466e7329915356bbcccecf98b89d9dc39a193392f45850f9073ac055ec826753af78e8a6368e7f9ac52734a3b5e254d124180d68
+DIST greenbone-security-assistant-7.0.3.tar.gz 2918954 BLAKE2B 4a6cd5d8378bcbb0a9df6cb5b8f6560060f15d0b0cb53d2c61692cb2bc2cd86af6e9cdeb5040c4d7020c3b016779a76ec517d54614388c62aaedd596f55fa3c4 SHA512 7e1c1ef939ba08dab3b78baf1aa9c110be2febfbed5d67eefe8110c60f5089a1af44bc26693657226f417c6bd516a4a656eb159dae2a78f878e1a1b6c222b117
EBUILD greenbone-security-assistant-6.0.9.ebuild 1308 BLAKE2B 3698cf939f27d441dbdc9feeb5b29be859e2b80360eec531e3a2e54b58d12f18d7be7f7f82d4152f0331e471cf8d862e8ffb942366391662b0706edfb3404f69 SHA512 c44a805020ed43474435946aa514a5cd712b7e0872d30600bbf4d875f8f9f8837bb43efab5104c263bf4bf05d10de89cdcf82ff0ad21e8e3f7b9b50b56c69905
-MISC metadata.xml 166 BLAKE2B c254f1fb642881aba57637be14fb0a89b10384f91a128feaec3a8c870d76efc2cbacb92caccc0dee2dd19a5ac5eaf8643080dafa05c4e2ac96a68568927e5afd SHA512 a56648c974a1d14dd4c18237532773c72057a13ab90c58b5da04f185e3c12a8bd8d5c21fb06053507f31766291a82dc7d87b34cd65fd94cfe2af7295c813ef84
+EBUILD greenbone-security-assistant-7.0.3.ebuild 2084 BLAKE2B 458e7fe2a2129d1862a20b4da13ba443267f7337bac016e41c611657d345882a7a8e0ee675d5a666f8c5ef0d9fd0165372659f086d4e49df1eb8e8ceffd5b635 SHA512 ff913784bab0ad214d6ec98ebf5411d6187313ef4c98b486d0655ab7203db123509c6fbfa1faaf66802be17858ee2931759e39f1adede00adc425f9ccfd44d6a
+MISC metadata.xml 461 BLAKE2B 734b873325f2519d61fe25c81061f2344cccffbbe7c6915b716dfa11cdbd09dabfdebe218749680c7bcca47899a8eba97e3152d2b9ac32f7246310408acd3a10 SHA512 87b57dc463871d595b3448b57d4038ad5391eaac1143ee3dc50800d736030abc9ee82387b4127c68b9b106c4972cf75acf42a6e8726c6eaa60cdcc1bde886896
diff --git a/net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-7.0.3-auth.patch b/net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-7.0.3-auth.patch
new file mode 100644
index 000000000000..cce885e10e01
--- /dev/null
+++ b/net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-7.0.3-auth.patch
@@ -0,0 +1,107 @@
+--- gsa-7.0.3/src/gsad_omp.c 2019-02-02 03:22:19.297954361 +0300
++++ gsa-7.0.3/src/gsad_omp.c 2019-02-02 03:27:57.690214371 +0300
+@@ -1366,7 +1366,8 @@
+ || (strstr (param_name, "_id")
+ == param_name + strlen (param_name) - strlen ("_id"))
+ || (strcmp (param_name, "name") == 0
+- && strcasecmp (prev_action, "Run Wizard") == 0)
++ && (strcasecmp (prev_action, "Run Wizard") == 0
++ || strcasecmp (next_cmd, "auth_settings") == 0))
+ || (strcmp (param_name, "get_name") == 0
+ && strcasecmp (next_cmd, "wizard_get") == 0))
+ {
+@@ -25984,7 +25976,7 @@
+
+ html = response_from_entity (connection, credentials, params, entity,
+ (no_redirect && strcmp (no_redirect, "0")),
+- NULL, NULL,
++ NULL, "auth_settings",
+ NULL, "modify_auth",
+ "Save Authentication Configuration",
+ response_data);
+--- gsa-7.0.3/src/html/classic/js/greenbone.js 2018-03-28 16:23:57.000000000 +0300
++++ gsa-7.0.3/src/html/classic/js/greenbone.js 2019-02-02 03:40:37.162714538 +0300
+@@ -1559,6 +1559,9 @@
+ if (reload === 'next') {
+ reload_next(response);
+ }
++ else if (reload === 'window') {
++ location.reload();
++ }
+ },
+ function(jqXHR) {
+ if (jqXHR.status == 0 && jqXHR.readyState == 0) {
+--- gsa-7.0.3/src/html/classic/omp.xsl 2018-03-28 16:23:57.000000000 +0300
++++ gsa-7.0.3/src/html/classic/omp.xsl 2019-02-02 03:44:28.470599715 +0300
+@@ -36775,7 +36822,8 @@
+ <!-- AUTHENTICATION DESCRIPTION -->
+
+ <xsl:template match="group" mode="ldapauth">
+- <div class="section-box" id="ldap-box">
++ <div class="section-box ajax-post" id="ldap-box"
++ data-button="form #save_button" data-reload="window">
+ <form action="/omp" method="post" enctype="multipart/form-data">
+ <input type="hidden" name="token" value="{/envelope/token}"/>
+ <input type="hidden" name="cmd" value="save_auth"/>
+@@ -36784,6 +36832,15 @@
+ <input type="hidden" name="filter" value="{gsa:envelope-filter ()}"/>
+ <!-- group name is e.g. of method:ldap -->
+ <input type="hidden" name="group" value="{@name}"/>
++ <!-- Auth type name for next page -->
++ <input type="hidden" name="name" value="ldap"/>
++
++ <div class="error-dialog">
++ <div class="text-center">
++ <xsl:value-of select="gsa:i18n ('LDAP authentication config could not be modified.')"/>
++ </div>
++ </div>
++
+ <table class="gbntable">
+ <tr class="gbntablehead2">
+ <td><xsl:value-of select="gsa:i18n ('Setting')"/></td>
+@@ -36838,7 +36895,8 @@
+ </tr>
+ <tr>
+ <td colspan="2" style="text-align:right;">
+- <input type="submit" name="submit" value="{gsa:i18n ('Save')}"/>
++ <input type="submit" name="submit" id="save_button"
++ value="{gsa:i18n ('Save')}"/>
+ </td>
+ </tr>
+ </table>
+@@ -36847,7 +36905,8 @@
+ </xsl:template>
+
+ <xsl:template match="group" mode="radiusauth">
+- <div class="section-box" id="radius-box">
++ <div class="section-box ajax-post" id="radius-box"
++ data-button="form #save_button" data-reload="window">
+ <form action="/omp" method="post" enctype="multipart/form-data">
+ <input type="hidden" name="token" value="{/envelope/token}"/>
+ <input type="hidden" name="cmd" value="save_auth"/>
+@@ -36856,6 +36915,15 @@
+ <input type="hidden" name="filter" value="{gsa:envelope-filter ()}"/>
+ <!-- group name is e.g. of method:radius_connect -->
+ <input type="hidden" name="group" value="{@name}"/>
++ <!-- Auth type name for next page -->
++ <input type="hidden" name="name" value="radius"/>
++
++ <div class="error-dialog">
++ <div class="text-center">
++ <xsl:value-of select="gsa:i18n ('Radius authentication config could not be modified.')"/>
++ </div>
++ </div>
++
+ <table class="gbntable">
+ <tr class="gbntablehead2">
+ <td><xsl:value-of select="gsa:i18n ('Setting')"/></td>
+@@ -36890,7 +36958,8 @@
+ </tr>
+ <tr>
+ <td colspan="2" style="text-align:right;">
+- <input type="submit" name="submit" value="{gsa:i18n ('Save')}"/>
++ <input type="submit" name="submit" id="save_button"
++ value="{gsa:i18n ('Save')}"/>
+ </td>
+ </tr>
+ </table>
diff --git a/net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-7.0.3-memleak.patch b/net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-7.0.3-memleak.patch
new file mode 100644
index 000000000000..5132e344a798
--- /dev/null
+++ b/net-analyzer/greenbone-security-assistant/files/greenbone-security-assistant-7.0.3-memleak.patch
@@ -0,0 +1,42 @@
+--- gsa-7.0.3/src/gsad_omp.c 2018-03-28 16:23:57.000000000 +0300
++++ gsa-7.0.3/src/gsad_omp.c 2019-02-02 03:12:16.617046562 +0300
+@@ -7737,16 +7738,21 @@
+ g_string_append (xml, command_escaped);
+ g_free (command_escaped);
+
++ response = NULL;
+ ret = omp (connection, credentials, &response, &entity, response_data,
+ command->str);
+ g_string_free (command, TRUE);
++
++ if (ret)
++ {
++ free_entity (entity);
++ g_string_free (xml, TRUE);
++ }
++
+ switch (ret)
+ {
+ case 0:
+ break;
+- case -1:
+- /* 'omp' set response. */
+- return response;
+ case 1:
+ response_data->http_status_code = MHD_HTTP_INTERNAL_SERVER_ERROR;
+ return gsad_message (credentials,
+@@ -7770,10 +7776,14 @@
+ "/omp?cmd=get_tasks", response_data);
+ }
+
++ if (omp_success (entity) == 0)
++ set_http_status_from_entity (entity, response_data);
+ g_string_append (xml, response);
+
+ g_string_append (xml, "</get_aggregate>");
+
++ free_entity (entity);
++ g_free (response);
+ return xsl_transform_omp (connection, credentials, params,
+ g_string_free (xml, FALSE), response_data);
+ }
diff --git a/net-analyzer/greenbone-security-assistant/files/gsa-daemon.conf b/net-analyzer/greenbone-security-assistant/files/gsa-daemon.conf
new file mode 100644
index 000000000000..9d34da62659c
--- /dev/null
+++ b/net-analyzer/greenbone-security-assistant/files/gsa-daemon.conf
@@ -0,0 +1,20 @@
+# OpenVAS Security Assistant command args
+# man page --> https://www.mankier.com/8/gsad
+
+# e.g. --foreground | e.g. --no-redirect -- > Don't listen port 80 anymore
+OPENVAS_SECURITY_ASSISTANT_OPTIONS="--no-redirect"
+
+# WebUI adress
+OPENVAS_SECURITY_ASSISTANT_LISTEN_ADDRESS="--listen=127.0.0.1"
+
+# WebUI Port
+OPENVAS_SECURITY_ASSISTANT_LISTEN_PORT="--port=9392"
+
+# WebUI Manager Address
+OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_ADDRESS="--mlisten=127.0.0.1"
+
+# WebUI Manager Port
+OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_PORT="--mport=9390"
+
+# TLS Settings
+OPENVAS_SECURITY_ASSISTANT_GNUTLS_PRIORITIES="--gnutls-priorities=NORMAL"
diff --git a/net-analyzer/greenbone-security-assistant/files/gsa.init b/net-analyzer/greenbone-security-assistant/files/gsa.init
new file mode 100644
index 000000000000..6e625a96a25c
--- /dev/null
+++ b/net-analyzer/greenbone-security-assistant/files/gsa.init
@@ -0,0 +1,14 @@
+#!/sbin/openrc-run
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+name="Greenbone Security Assistant Daemon"
+command="/usr/sbin/gsad"
+command_args="${OPENVAS_SECURITY_ASSISTANT_OPTIONS} ${OPENVAS_SECURITY_ASSISTANT_LISTEN_ADDRESS} ${OPENVAS_SECURITY_ASSISTANT_LISTEN_PORT} ${OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_ADDRESS} ${OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_PORT} ${OPENVAS_SECURITY_ASSISTANT_GNUTLS_PRIORITIES}"
+pidfile="/var/run/gsad.pid"
+command_background="true"
+
+depend() {
+ after bootmisc
+ need localmount net openvas-scanner gvmd
+}
diff --git a/net-analyzer/greenbone-security-assistant/files/gsa.logrotate b/net-analyzer/greenbone-security-assistant/files/gsa.logrotate
new file mode 100644
index 000000000000..79e54e854319
--- /dev/null
+++ b/net-analyzer/greenbone-security-assistant/files/gsa.logrotate
@@ -0,0 +1,9 @@
+# logrotate for openvas security agent
+/var/log/openvas/gsad.log {
+ daily
+ rotate 7
+ compress
+ missingok
+ notifempty
+ sharedscripts
+}
diff --git a/net-analyzer/greenbone-security-assistant/files/gsa.nginx.reverse.proxy.example b/net-analyzer/greenbone-security-assistant/files/gsa.nginx.reverse.proxy.example
new file mode 100644
index 000000000000..b233911a2f1d
--- /dev/null
+++ b/net-analyzer/greenbone-security-assistant/files/gsa.nginx.reverse.proxy.example
@@ -0,0 +1,78 @@
+upstream backend {
+ server 127.0.0.1:9392;
+ keepalive 64;
+}
+
+server {
+ listen IP:80;
+ server_name openvas.domain.tdl;
+ return 301 https://openvas.domain.tdl$request_uri;
+}
+
+server {
+ listen IP:443 ssl http2;
+ server_name openvas.domain.tdl;
+ access_log /var/log/nginx/openvas.domain.tdl.access.log;
+ error_log /var/log/nginx/openvas.domain.tdl.error.log;
+ # Not sourcing directly from file
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_param QUERY_STRING $query_string;
+ fastcgi_param REQUEST_METHOD $request_method;
+ fastcgi_param CONTENT_TYPE $content_type;
+ fastcgi_param CONTENT_LENGTH $content_length;
+ fastcgi_param SCRIPT_NAME $fastcgi_script_name;
+ fastcgi_param REQUEST_URI $request_uri;
+ fastcgi_param DOCUMENT_URI $document_uri;
+ fastcgi_param SERVER_PROTOCOL $server_protocol;
+ fastcgi_param REQUEST_SCHEME $scheme;
+ fastcgi_param HTTPS $https;
+ fastcgi_param GATEWAY_INTERFACE CGI/1.1;
+ fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
+ fastcgi_param REMOTE_ADDR $remote_addr;
+ fastcgi_param REMOTE_PORT $remote_port;
+ fastcgi_param SERVER_ADDR $server_addr;
+ fastcgi_param SERVER_PORT $server_port;
+ fastcgi_param SERVER_NAME $server_name;
+ fastcgi_param REDIRECT_STATUS 200;
+ fastcgi_param HTTP_PROXY "";
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
+ fastcgi_param DOCUMENT_ROOT $document_root;
+
+ location / {
+ proxy_set_header Host $http_host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header REMOTE_HOST $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-FORWARDED-PROTOCOL $scheme;
+ proxy_pass https://backend;
+ proxy_http_version 1.1;
+ proxy_pass_request_headers on;
+ proxy_set_header Connection "keep-alive";
+ proxy_store off;
+ gzip on;
+ gzip_proxied any;
+ gzip_types *;
+ }
+
+ resolver 127.0.0.1;
+ resolver_timeout 6s;
+ ssl_certificate /openvas.domain.tdl/fullchain.pem;
+ ssl_certificate_key /openvas.domain.tdl/privkey.pem;
+ ssl_trusted_certificate /openvas.domain.tdl/chain.pem;
+ ssl_dhparam /openvas.domain.tdl/dhparam.pem;
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_prefer_server_ciphers on;
+ ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
+ ssl_ecdh_curve secp384r1;
+ ssl_stapling on;
+ ssl_stapling_verify on;
+ ssl_session_cache shared:SSL:40m;
+ ssl_session_timeout 21h;
+ ssl_session_tickets off;
+ ssl_buffer_size 4k;
+ add_header Referrer-Policy no-referrer-when-downgrade;
+ add_header X-Frame-Options "SAMEORIGIN";
+ add_header X-Content-Type-Options "nosniff";
+ add_header X-XSS-Protection "1; mode=block";
+}
diff --git a/net-analyzer/greenbone-security-assistant/files/gsa.service b/net-analyzer/greenbone-security-assistant/files/gsa.service
new file mode 100644
index 000000000000..3d0f2d37a45e
--- /dev/null
+++ b/net-analyzer/greenbone-security-assistant/files/gsa.service
@@ -0,0 +1,19 @@
+[Unit]
+Description=OpenVAS Manager
+After=network.target
+After=openvas-scanner.service
+After=gvmd.service
+Wants=gvmd.service
+
+[Service]
+Type=forking
+EnvironmentFile=-/etc/openvas/sysconfig/gsa-daemon.conf
+ExecStart=/usr/sbin/gsad $OPENVAS_SECURITY_ASSISTANT_OPTIONS $OPENVAS_SECURITY_ASSISTANT_LISTEN_ADDRESS $OPENVAS_SECURITY_ASSISTANT_LISTEN_PORT $OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_ADDRESS $OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_PORT $OPENVAS_SECURITY_ASSISTANT_GNUTLS_PRIORITIES
+ExecReload=/bin/kill -HUP $MAINPID
+KillMode=mixed
+User=root
+Group=root
+TimeoutSec=1200
+
+[Install]
+WantedBy=multi-user.target
diff --git a/net-analyzer/greenbone-security-assistant/files/gsa.tmpfiles.d b/net-analyzer/greenbone-security-assistant/files/gsa.tmpfiles.d
new file mode 100644
index 000000000000..18e820caec1b
--- /dev/null
+++ b/net-analyzer/greenbone-security-assistant/files/gsa.tmpfiles.d
@@ -0,0 +1 @@
+d /var/cache/openvassd 0775
diff --git a/net-analyzer/greenbone-security-assistant/greenbone-security-assistant-7.0.3.ebuild b/net-analyzer/greenbone-security-assistant/greenbone-security-assistant-7.0.3.ebuild
new file mode 100644
index 000000000000..c58b1ab920e2
--- /dev/null
+++ b/net-analyzer/greenbone-security-assistant/greenbone-security-assistant-7.0.3.ebuild
@@ -0,0 +1,92 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+CMAKE_MAKEFILE_GENERATOR="emake"
+inherit cmake-utils systemd
+MY_PN="gsa"
+
+DESCRIPTION="Greenbone Security Assistant for OpenVAS"
+HOMEPAGE="http://www.openvas.org/"
+SRC_URI="https://github.com/greenbone/${MY_PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+
+SLOT="0"
+LICENSE="GPL-2+ BSD MIT"
+KEYWORDS="~amd64 ~x86"
+IUSE="extras"
+
+DEPEND="
+ dev-libs/libgcrypt:0=
+ dev-libs/libxml2:2
+ dev-libs/libxslt
+ >=net-analyzer/openvas-libraries-9.0.3
+ net-libs/gnutls:=[tools]
+ net-libs/libmicrohttpd[messages]
+ extras? ( dev-python/polib )"
+
+RDEPEND="
+ ${DEPEND}
+ >=net-analyzer/openvas-scanner-5.1.3
+ >=net-analyzer/openvas-manager-7.0.3
+ extras? ( dev-texlive/texlive-latexextra )"
+
+BDEPEND="
+ virtual/pkgconfig
+ extras? ( app-doc/doxygen[dot]
+ app-doc/xmltoman
+ app-text/htmldoc
+ sys-devel/gettext
+ )"
+
+BUILD_DIR="${WORKDIR}/${MY_PN}-${PV}_build"
+S="${WORKDIR}/${MY_PN}-${PV}"
+
+PATCHES=(
+ "${FILESDIR}/${P}-memleak.patch"
+ "${FILESDIR}/${P}-auth.patch"
+)
+
+src_prepare() {
+ cmake-utils_src_prepare
+ if use extras; then
+ doxygen -u "$S"/doc/Doxyfile_full.in || die
+ fi
+}
+
+src_configure() {
+ local mycmakeargs=(
+ "-DCMAKE_INSTALL_PREFIX=${EPREFIX}/usr"
+ "-DLOCALSTATEDIR=${EPREFIX}/var"
+ "-DSYSCONFDIR=${EPREFIX}/etc"
+ )
+ cmake-utils_src_configure
+}
+
+src_compile() {
+ cmake-utils_src_compile
+ if use extras; then
+ cmake-utils_src_make -C "${BUILD_DIR}" doc
+ cmake-utils_src_make doc-full -C "${BUILD_DIR}" doc
+ HTML_DOCS=( "${BUILD_DIR}"/doc/generated/html/. )
+ fi
+}
+
+src_install() {
+ cmake-utils_src_install
+
+ insinto /etc/openvas/sysconfig
+ doins "${FILESDIR}"/${MY_PN}-daemon.conf
+
+ insinto /etc/openvas/reverse-proxy
+ doins "${FILESDIR}"/gsa.nginx.reverse.proxy.example
+
+ newinitd "${FILESDIR}/${MY_PN}.init" ${MY_PN}
+ newconfd "${FILESDIR}/${MY_PN}-daemon.conf" ${MY_PN}
+
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}/${MY_PN}.logrotate" ${MY_PN}
+
+ systemd_newtmpfilesd "${FILESDIR}/${MY_PN}.tmpfiles.d" ${MY_PN}.conf
+ systemd_dounit "${FILESDIR}"/${MY_PN}.service
+}
diff --git a/net-analyzer/greenbone-security-assistant/metadata.xml b/net-analyzer/greenbone-security-assistant/metadata.xml
index 6f49eba8f496..6a3196eff3b2 100644
--- a/net-analyzer/greenbone-security-assistant/metadata.xml
+++ b/net-analyzer/greenbone-security-assistant/metadata.xml
@@ -1,5 +1,15 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
-<!-- maintainer-needed -->
+ <maintainer type="person">
+ <email>hasan.calisir@psauxit.com</email>
+ <name>Hasan ÇALIŞIR</name>
+ </maintainer>
+ <maintainer type="project">
+ <email>proxy-maint@gentoo.org</email>
+ <name>Proxy Maintainers</name>
+ </maintainer>
+ <use>
+ <flag name="extras">Pdf results, extra fonts, html docs support</flag>
+ </use>
</pkgmetadata>