Commit e909d367 authored by Sophie Brun's avatar Sophie Brun

Merge remote-tracking branch 'debian/master' into kali/master

parents efd26103 12c4398f
This diff is collapsed.
...@@ -7,7 +7,7 @@ ...@@ -7,7 +7,7 @@
# Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net> # Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
# #
# Copyright: # Copyright:
# Copyright (C) 2011-2015 Greenbone Networks GmbH # Copyright (C) 2011-2016 Greenbone Networks GmbH
# #
# This program is free software; you can redistribute it and/or # This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License # modify it under the terms of the GNU General Public License
...@@ -27,7 +27,7 @@ message ("-- Configuring the Scanner...") ...@@ -27,7 +27,7 @@ message ("-- Configuring the Scanner...")
project (openvas-scanner C) project (openvas-scanner C)
cmake_minimum_required (VERSION 2.6) cmake_minimum_required (VERSION 2.8)
if (POLICY CMP0005) if (POLICY CMP0005)
cmake_policy (SET CMP0005 OLD) cmake_policy (SET CMP0005 OLD)
...@@ -56,18 +56,45 @@ macro (Subversion_GET_REVISION dir variable) ...@@ -56,18 +56,45 @@ macro (Subversion_GET_REVISION dir variable)
endmacro (Subversion_GET_REVISION) endmacro (Subversion_GET_REVISION)
if (NOT CMAKE_BUILD_TYPE MATCHES "Release") if (NOT CMAKE_BUILD_TYPE MATCHES "Release")
if (EXISTS "${CMAKE_SOURCE_DIR}/.svn/") if (EXISTS "${CMAKE_SOURCE_DIR}/.svn/" OR EXISTS "${CMAKE_SOURCE_DIR}/../.svn/")
if (SVN_EXECUTABLE) if (SVN_EXECUTABLE)
Subversion_GET_REVISION(. ProjectRevision) Subversion_GET_REVISION(. ProjectRevision)
set (SVN_REVISION ".SVN.r${ProjectRevision}") set (SVN_REVISION "~svn${ProjectRevision}")
else (SVN_EXECUTABLE) else (SVN_EXECUTABLE)
set (SVN_REVISION ".SVN") set (SVN_REVISION "~svn")
endif (SVN_EXECUTABLE) endif (SVN_EXECUTABLE)
endif (EXISTS "${CMAKE_SOURCE_DIR}/.svn/") endif (EXISTS "${CMAKE_SOURCE_DIR}/.svn/" OR EXISTS "${CMAKE_SOURCE_DIR}/../.svn/")
endif (NOT CMAKE_BUILD_TYPE MATCHES "Release") endif (NOT CMAKE_BUILD_TYPE MATCHES "Release")
# TODO: Check pkg-config (maybe with code like in gsa/CMakeLists.txt). # TODO: Check pkg-config (maybe with code like in gsa/CMakeLists.txt).
## Project version
# The following three variables should be set through the project command once
# we require CMake >= 3.0
set (PROJECT_VERSION_MAJOR 5)
set (PROJECT_VERSION_MINOR 1)
set (PROJECT_VERSION_PATCH 0)
# Set beta version if this is a beta release series,
# unset if this is a stable release series.
#set (PROJECT_BETA_RELEASE 1)
if (SVN_REVISION)
set (PROJECT_VERSION_SVN "${SVN_REVISION}")
endif (SVN_REVISION)
# If PROJECT_BETA_RELEASE is set, the version string will be set to:
# "major.minor+beta${PROJECT_BETA_RELEASE}"
# If PROJECT_BETA_RELEASE is NOT set, the version string will be set to:
# "major.minor.patch"
if (PROJECT_BETA_RELEASE)
set (PROJECT_VERSION_SUFFIX "+beta${PROJECT_BETA_RELEASE}")
else (PROJECT_BETA_RELEASE)
set (PROJECT_VERSION_SUFFIX ".${PROJECT_VERSION_PATCH}")
endif (PROJECT_BETA_RELEASE)
set (PROJECT_VERSION_STRING "${PROJECT_VERSION_MAJOR}.${PROJECT_VERSION_MINOR}${PROJECT_VERSION_SUFFIX}")
## CPack configuration ## CPack configuration
set (CPACK_CMAKE_GENERATOR "Unix Makefiles") set (CPACK_CMAKE_GENERATOR "Unix Makefiles")
...@@ -81,41 +108,16 @@ set (CPACK_SOURCE_GENERATOR "TGZ") ...@@ -81,41 +108,16 @@ set (CPACK_SOURCE_GENERATOR "TGZ")
set (CPACK_SOURCE_TOPLEVEL_TAG "") set (CPACK_SOURCE_TOPLEVEL_TAG "")
set (CPACK_SYSTEM_NAME "") set (CPACK_SYSTEM_NAME "")
set (CPACK_TOPLEVEL_TAG "") set (CPACK_TOPLEVEL_TAG "")
set (CPACK_PACKAGE_VERSION_MAJOR "5")
set (CPACK_PACKAGE_VERSION_MINOR "0")
# Use this scheme for stable releases set (CPACK_PACKAGE_VERSION "${PROJECT_VERSION_STRING}${PROJECT_VERSION_SVN}")
set (CPACK_PACKAGE_VERSION_PATCH "7${SVN_REVISION}")
set (CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}")
# Use this scheme for +betaN and +rcN releases:
#set (CPACK_PACKAGE_VERSION_PATCH "+beta1${SVN_REVISION}")
#set (CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}${CPACK_PACKAGE_VERSION_PATCH}")
set (CPACK_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") set (CPACK_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}")
set (CPACK_SOURCE_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") set (CPACK_SOURCE_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}")
set (CPACK_PACKAGE_VENDOR "The OpenVAS Project") set (CPACK_PACKAGE_VENDOR "The OpenVAS Project")
set (CPACK_SOURCE_IGNORE_FILES set (CPACK_SOURCE_IGNORE_FILES
"${CMAKE_BINARY_DIR}"
"/.svn/" "/.svn/"
"/_CPack_Packages/"
"/CMakeFiles/"
"cmake$"
"swp$" "swp$"
"Cache.txt$"
".tar.gz"
"install_manifest.txt"
"Makefile"
"/doc/generated/"
"log.conf$"
"Doxyfile$"
"Doxyfile_full$"
"openvassd.8$"
"VERSION$"
"tools/openvas-mkcert$"
"tools/openvas-mkcert-client$"
"tools/openvas-nvt-sync$"
"tools/greenbone-nvt-sync$"
"doc/example_redis_2_4.conf$"
"doc/example_redis_2_6.conf$"
) )
include (CPack) include (CPack)
...@@ -157,22 +159,21 @@ endif (NOT DATADIR) ...@@ -157,22 +159,21 @@ endif (NOT DATADIR)
#if (NOT SYSCONFDIR) #if (NOT SYSCONFDIR)
# set (SYSCONFDIR "${CMAKE_INSTALL_PREFIX}/etc") # set (SYSCONFDIR "${CMAKE_INSTALL_PREFIX}/etc")
#endif (NOT SYSCONFDIR) #endif (NOT SYSCONFDIR)
if (NOT OPENVAS_RUN_DIR)
set (OPENVAS_RUN_DIR "${LOCALSTATEDIR}/run")
endif (NOT OPENVAS_RUN_DIR)
set (OPENVAS_DATA_DIR "${DATADIR}/openvas") set (OPENVAS_DATA_DIR "${DATADIR}/openvas")
set (OPENVAS_STATE_DIR "${LOCALSTATEDIR}/lib/openvas") set (OPENVAS_STATE_DIR "${LOCALSTATEDIR}/lib/openvas")
set (OPENVAS_LOG_DIR "${LOCALSTATEDIR}/log/openvas") set (OPENVAS_LOG_DIR "${LOCALSTATEDIR}/log/openvas")
set (OPENVAS_CACHE_DIR "${LOCALSTATEDIR}/cache/openvas") set (OPENVAS_CACHE_DIR "${LOCALSTATEDIR}/cache/openvas")
set (OPENVAS_PID_DIR "${LOCALSTATEDIR}/run")
set (OPENVAS_SYSCONF_DIR "${SYSCONFDIR}/openvas") set (OPENVAS_SYSCONF_DIR "${SYSCONFDIR}/openvas")
set (OPENVAS_NVT_DIR "${OPENVAS_STATE_DIR}/plugins") if (NOT OPENVAS_NVT_DIR)
set (OPENVAS_NVT_DIR "${OPENVAS_STATE_DIR}/plugins")
endif (NOT OPENVAS_NVT_DIR)
set (OPENVAS_LIB_INSTALL_DIR "${LIBDIR}") set (OPENVAS_LIB_INSTALL_DIR "${LIBDIR}")
set (OPENVAS_SCANNER_CERTIFICATE "${OPENVAS_STATE_DIR}/CA/servercert.pem")
set (OPENVAS_SCANNER_KEY "${OPENVAS_STATE_DIR}/private/CA/serverkey.pem")
set (OPENVAS_CLIENT_CERTIFICATE "${OPENVAS_STATE_DIR}/CA/clientcert.pem")
set (OPENVAS_CLIENT_KEY "${OPENVAS_STATE_DIR}/private/CA/clientkey.pem")
set (OPENVAS_CA_CERTIFICATE "${OPENVAS_STATE_DIR}/CA/cacert.pem")
set (OPENVASSD_MESSAGES "${OPENVAS_LOG_DIR}/openvassd.messages") set (OPENVASSD_MESSAGES "${OPENVAS_LOG_DIR}/openvassd.messages")
set (OPENVASSD_DEBUGMSG "${OPENVAS_LOG_DIR}/openvassd.dump") set (OPENVASSD_DEBUGMSG "${OPENVAS_LOG_DIR}/openvassd.dump")
...@@ -185,11 +186,10 @@ message ("-- Install prefix: ${CMAKE_INSTALL_PREFIX}") ...@@ -185,11 +186,10 @@ message ("-- Install prefix: ${CMAKE_INSTALL_PREFIX}")
## Dependency checks ## Dependency checks
pkg_check_modules (LIBOPENVAS_NASL REQUIRED libopenvas_nasl>=8.0.2) pkg_check_modules (LIBOPENVAS_NASL REQUIRED libopenvas_nasl>=9.0.0)
pkg_check_modules (LIBOPENVAS_BASE REQUIRED libopenvas_base>=8.0.2) pkg_check_modules (LIBOPENVAS_BASE REQUIRED libopenvas_base>=9.0.0)
pkg_check_modules (LIBOPENVAS_MISC REQUIRED libopenvas_misc>=8.0.2) pkg_check_modules (LIBOPENVAS_MISC REQUIRED libopenvas_misc>=9.0.0)
pkg_check_modules (LIBOPENVAS_OMP REQUIRED libopenvas_omp>=8.0.2) pkg_check_modules (GLIB REQUIRED glib-2.0>=2.32)
pkg_check_modules (GLIB REQUIRED glib-2.0>=2.16)
message (STATUS "Looking for libgcrypt...") message (STATUS "Looking for libgcrypt...")
find_library (GCRYPT gcrypt) find_library (GCRYPT gcrypt)
...@@ -207,8 +207,7 @@ endif (NOT GCRYPT) ...@@ -207,8 +207,7 @@ endif (NOT GCRYPT)
## Version ## Version
string (REPLACE " set (OPENVASSD_VERSION "${PROJECT_VERSION_STRING}")
" "" OPENVASSD_VERSION ${CPACK_PACKAGE_VERSION})
# Configure Doxyfile with version number # Configure Doxyfile with version number
configure_file (doc/Doxyfile.in doc/Doxyfile @ONLY) configure_file (doc/Doxyfile.in doc/Doxyfile @ONLY)
...@@ -217,19 +216,18 @@ configure_file (doc/openvassd.8.in doc/openvassd.8 @ONLY) ...@@ -217,19 +216,18 @@ configure_file (doc/openvassd.8.in doc/openvassd.8 @ONLY)
configure_file (doc/example_redis_2_4.conf.in doc/example_redis_2_4.conf @ONLY) configure_file (doc/example_redis_2_4.conf.in doc/example_redis_2_4.conf @ONLY)
configure_file (doc/example_redis_2_6.conf.in doc/example_redis_2_6.conf @ONLY) configure_file (doc/example_redis_2_6.conf.in doc/example_redis_2_6.conf @ONLY)
configure_file (VERSION.in VERSION @ONLY) configure_file (VERSION.in VERSION @ONLY)
configure_file (tools/openvas-mkcert.in tools/openvas-mkcert @ONLY)
configure_file (tools/openvas-mkcert-client.in tools/openvas-mkcert-client @ONLY)
configure_file (tools/openvas-nvt-sync.in tools/openvas-nvt-sync @ONLY)
configure_file (tools/greenbone-nvt-sync.in tools/greenbone-nvt-sync @ONLY) configure_file (tools/greenbone-nvt-sync.in tools/greenbone-nvt-sync @ONLY)
# TODO: Once Scanner has a proper logging mechanism like Manager. # TODO: Once Scanner has a proper logging mechanism like Manager.
#configure_file (src/openvassd_log_conf.cmake_in src/openvassd_log.conf) #configure_file (src/openvassd_log_conf.cmake_in src/openvassd_log.conf)
## Program ## Program
set (HARDENING_FLAGS "-Wformat -Wformat-security -O2 -D_FORTIFY_SOURCE=2 -fstack-protector -Wl,-z,relro -Wl,-z,now") set (HARDENING_FLAGS "-Wformat -Wformat-security -O2 -D_FORTIFY_SOURCE=2 -fstack-protector")
set (LINKER_HARDENING_FLAGS "-Wl,-z,relro -Wl,-z,now")
set (GPGME_C_FLAGS "-D_FILE_OFFSET_BITS=64 -DLARGEFILE_SOURCE=1")
set (CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -Werror") set (CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} ${GPGME_C_FLAGS} -Werror -Wextra")
set (CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${HARDENING_FLAGS} -Wall -D_BSD_SOURCE -D_ISOC99_SOURCE -D_SVID_SOURCE -D_DEFAULT_SOURCE") set (CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${HARDENING_FLAGS} ${GPGME_C_FLAGS} -Wall -D_BSD_SOURCE -D_ISOC99_SOURCE -D_SVID_SOURCE -D_DEFAULT_SOURCE")
add_subdirectory (src) add_subdirectory (src)
...@@ -251,27 +249,15 @@ install (FILES ${CMAKE_BINARY_DIR}/src/openvassd ...@@ -251,27 +249,15 @@ install (FILES ${CMAKE_BINARY_DIR}/src/openvassd
#install (FILES openvassd_log.conf #install (FILES openvassd_log.conf
# DESTINATION ${OPENVAS_SYSCONF_DIR}) # DESTINATION ${OPENVAS_SYSCONF_DIR})
install (FILES ${CMAKE_BINARY_DIR}/tools/openvas-mkcert install (FILES ${CMAKE_BINARY_DIR}/tools/greenbone-nvt-sync
${CMAKE_BINARY_DIR}/tools/openvas-nvt-sync
${CMAKE_BINARY_DIR}/tools/greenbone-nvt-sync
DESTINATION ${SBINDIR} DESTINATION ${SBINDIR}
PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE
GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
install (FILES ${CMAKE_BINARY_DIR}/tools/openvas-mkcert-client
DESTINATION ${BINDIR}
PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE
GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
install (FILES ${CMAKE_SOURCE_DIR}/doc/openvas-mkcert-client.1
DESTINATION ${DATADIR}/man/man1 )
install (FILES ${CMAKE_BINARY_DIR}/doc/openvassd.8 install (FILES ${CMAKE_BINARY_DIR}/doc/openvassd.8
DESTINATION ${DATADIR}/man/man8 ) DESTINATION ${DATADIR}/man/man8 )
install (FILES ${CMAKE_SOURCE_DIR}/doc/openvas-mkcert.8 install (FILES ${CMAKE_SOURCE_DIR}/doc/greenbone-nvt-sync.8
${CMAKE_SOURCE_DIR}/doc/openvas-nvt-sync.8
${CMAKE_SOURCE_DIR}/doc/greenbone-nvt-sync.8
DESTINATION ${DATADIR}/man/man8 ) DESTINATION ${DATADIR}/man/man8 )
install (FILES ${CMAKE_BINARY_DIR}/doc/example_redis_2_4.conf install (FILES ${CMAKE_BINARY_DIR}/doc/example_redis_2_4.conf
......
...@@ -30,7 +30,4 @@ src/processes.[c|h]: GPLv2 ...@@ -30,7 +30,4 @@ src/processes.[c|h]: GPLv2
src/sighand.[c|h]: GPLv2 src/sighand.[c|h]: GPLv2
src/utils.[c|h]: GPLv2 src/utils.[c|h]: GPLv2
tools/greenbone-nvt-sync: GPLv2+ tools/greenbone-nvt-sync.in: GPLv2+
tools/openvas-mkcert-client.in: GPLv2
tools/openvas-mkcert.in: GPLv2
tools/openvas-nvt-sync.in: GPLv2
This diff is collapsed.
...@@ -2,7 +2,7 @@ INSTALLATION INSTRUCTIONS FOR OPENVAS-SCANNER ...@@ -2,7 +2,7 @@ INSTALLATION INSTRUCTIONS FOR OPENVAS-SCANNER
============================================= =============================================
Please note: The reference system used by most of the developers is Debian Please note: The reference system used by most of the developers is Debian
Debian GNU/Linux 'Wheezy' 7. The build might fail on any other systems. Debian GNU/Linux 'Jessie' 8. The build might fail on any other systems.
Also it is necessary to install dependent development packages. Also it is necessary to install dependent development packages.
...@@ -10,10 +10,10 @@ Prerequisites for openvas-scanner ...@@ -10,10 +10,10 @@ Prerequisites for openvas-scanner
--------------------------------- ---------------------------------
Prerequisites: Prerequisites:
* cmake * cmake >= 2.8
* glib-2.0 >= 2.16 * libopenvas_nasl, libopenvas_base, libopenvas_misc >= 9.0.0
* glib-2.0 >= 2.32
* libgcrypt * libgcrypt
* openvas-libraries >= 8.0.2
* pkg-config * pkg-config
* redis >= 2.4.0 * redis >= 2.4.0
...@@ -67,17 +67,7 @@ Setting up openvas-scanner ...@@ -67,17 +67,7 @@ Setting up openvas-scanner
Setting up an openvas-scanner requires the following steps: Setting up an openvas-scanner requires the following steps:
1) The scanner service communicate through an SSL connection. 1) (optional) You may decide to change the default scanner preferences
In order to establish this connection, the scanner needs to have
an SSL certificate it can present to the client to prove its identity. You
can interactively create this certificate by using the following command:
$ openvas-mkcert
This command will guide you through the certificate creation and place the
certificates in the correct locations on your system.
2) (optional) You may decide to change the default scanner preferences
by setting them in the file $prefix/etc/openvassd.conf. If that file does by setting them in the file $prefix/etc/openvassd.conf. If that file does
not exist (default), then the default settings are used. You can view not exist (default), then the default settings are used. You can view
them with "openvassd -s". The output of that command is a valid configuration them with "openvassd -s". The output of that command is a valid configuration
...@@ -85,27 +75,42 @@ Setting up an openvas-scanner requires the following steps: ...@@ -85,27 +75,42 @@ Setting up an openvas-scanner requires the following steps:
settings, among these opportunities to restrict access of scanner regarding settings, among these opportunities to restrict access of scanner regarding
scan targets and interfaces. scan targets and interfaces.
3) In order to run vulnerability scans, you will need a collection of Network 2) In order to run vulnerability scans, you will need a collection of Network
Vulnerability Tests (NVTs) that can be run by openvas-scanner. Initially, Vulnerability Tests (NVTs) that can be run by openvas-scanner. Initially,
your NVT collection will be empty. It is recommended that you synchronize your NVT collection will be empty. It is recommended that you synchronize
with an NVT feed service before starting openvas-scanner for the first time. with an NVT feed service before starting openvas-scanner for the first time.
Your installation is preconfigured to synchronize with the OpenVAS NVT Feed. Simply execute the following command. It will retrieve over 50,000 NVTs.
Simply execute the following command to receive thousands of NVTs from this
feed service:
$ openvas-nvt-sync $ greenbone-nvt-sync
This tool will use the Greenbone Security Feed in case a Greenbone
subscription key is present. Else, the Community Feed will be used.
Please note that you will need at least one of the following tools for a Please note that you will need at least one of the following tools for a
successful synchronization: successful synchronization:
* rsync * rsync
* wget * wget
* curl * curl
NVT feeds are usually updated a few times per week. Be sure to update your NVT feeds are updated on a regular basis. Be sure to update your NVT collection
NVT collection regularly to detect the latest threats. regularly to detect the latest threats.
Please visit the OpenVAS website for more information on available NVT feeds
and instructions for integrating feeds into your scanner installation. 3) The scanner needs a running redis server to temporarily store information
gathered on the scanned hosts. Redis 2.4 and newer is supported but 2.6
is recommended. See doc/redis_config.txt to see how to setup and run a redis
server.
Two examples are installed which you may use directly for a quick start:
$ redis-server /share/doc/openvas-scanner/example_redis_2_4.conf
or
$ redis-server /share/doc/openvas-scanner/example_redis_2_6.conf
or copy the example to another location, edit and use the copy instead.
4) You can launch openvas-scanner using the following command: 4) You can launch openvas-scanner using the following command:
...@@ -126,37 +131,18 @@ Setting up an openvas-scanner requires the following steps: ...@@ -126,37 +131,18 @@ Setting up an openvas-scanner requires the following steps:
privileges, it is recommended that you start openvassd as root since a number privileges, it is recommended that you start openvassd as root since a number
of Network Vulnerability Tests (NVTs) require root privileges to perform of Network Vulnerability Tests (NVTs) require root privileges to perform
certain operations like packet forgery. If you run openvassd as a user certain operations like packet forgery. If you run openvassd as a user
without permission to perform these operations, your scan results are very without permission to perform these operations, your scan results are likely
likely to be incomplete. to be incomplete.
5) The scanner needs a running redis server to temporarily store information
gathered on the scanned hosts. Redis 2.4 and newer is supported but 2.6
is recommended. See doc/redis_config.txt to see how to setup and run a redis
server.
Two examples are installed which you may use directly for a quick start:
$ redis-server /share/doc/openvas-scanner/example_redis_2_4.conf
or 5) Once the scanner has started, openvas-manager can act as a client and control
$ redis-server /share/doc/openvas-scanner/example_redis_2_6.conf
or copy the example to another location, edit and use the copy instead.
6) Once the scanner has started, openvas-manager can act as a client and control
the scanner. The actual user interfaces (for example GSA or CLI-OMP) the scanner. The actual user interfaces (for example GSA or CLI-OMP)
will only interact with the manager, not the scanner. will only interact with the manager, not the scanner.
You will be guided through creation of user accounts by the INSTALL file
of OpenVAS Manager.
If you encounter problems, the files /var/log/openvas/openvassd.messages and If you encounter problems, the files /var/log/openvas/openvassd.messages and
/var/log/openvas/openvassd.dump may contain useful information. (The exact /var/log/openvas/openvassd.dump may contain useful information. The exact
location of these files may differ depending on your distribution and location of these files may differ depending on your distribution and
installation method.) Please have these files ready when contacting the OpenVAS installation method. Please have these files ready when contacting the OpenVAS
developers through the OpenVAS mailing list or the online chat or submitting bug developers through the OpenVAS mailing list or the online chat or submitting bug
reports at http://bugs.openvas.org/ as they may help to pinpoint the source of reports at http://bugs.openvas.org/ as they may help to pinpoint the source of
your issue. your issue.
......
# see git-dpm(1) from git-dpm package
f9cb833d36f059e291a8bb18d63c89d296204ac3
f9cb833d36f059e291a8bb18d63c89d296204ac3
f9cb833d36f059e291a8bb18d63c89d296204ac3
f9cb833d36f059e291a8bb18d63c89d296204ac3
openvas-scanner_5.1.0.orig.tar.gz
3e22be534053d2306c196045aea1ae624088ad71
256594
debianTag="debian/%e%v"
patchedTag="patched/%e%v"
upstreamTag="upstream/%e%u"
openvas-scanner (5.1.0-2) UNRELEASED; urgency=medium
* Team upload.
* Add es.po from jathan (Closes: #855612, #856245)
-- Gianfranco Costamagna <locutusofborg@debian.org> Tue, 21 Feb 2017 11:47:21 +0100
openvas-scanner (5.1.0-1) unstable; urgency=medium
* Import new upstream release
* Add German debconf templates translation (Closes: #843771)
-- SZ Lin (林上智) <szlin@cs.nctu.edu.tw> Mon, 14 Nov 2016 15:04:56 +0800
openvas-scanner (5.0.7-2) unstable; urgency=medium
* Fix typo in zh_TW.po
* Add French debconf templates translation (Closes: #843625)
* Add lsb-base dependency
-- SZ Lin (林上智) <szlin@cs.nctu.edu.tw> Tue, 08 Nov 2016 22:45:17 +0800
openvas-scanner (5.0.7-1) unstable; urgency=medium
* Import upstream version to Debian (Closes: #838124)
-- SZ Lin (林上智) <szlin@cs.nctu.edu.tw> Tue, 20 Sep 2016 14:33:27 +0800
openvas-scanner (5.0.7-0kali1) kali-dev; urgency=medium openvas-scanner (5.0.7-0kali1) kali-dev; urgency=medium
* Import new upstream release * Import new upstream release
......
#!/bin/sh
set -e
. /usr/share/debconf/confmodule
db_input high openvas-scanner/enable_redis || true
db_go
exit 0
Source: openvas-scanner Source: openvas-scanner
Section: admin Section: admin
Priority: optional Priority: optional
Maintainer: Stephan Kleine <bitshuffler@opensuse.org> Maintainer: Debian Security Tools Packaging Team <pkg-security-team@lists.alioth.debian.org>
Build-Depends: debhelper (>= 9), dh-systemd, cmake, libopenvas-dev (>= 8.0.2), libwrap0-dev, pkg-config, po-debconf, doxygen Uploaders: Stephan Kleine <bitshuffler@opensuse.org>,
ChangZhuo Chen (陳昌倬) <czchen@debian.org>,
SZ Lin (林上智) <szlin@cs.nctu.edu.tw>
Build-Depends: debhelper (>= 9.20160709~),
dh-systemd,
cmake (>= 2.8),
pkg-config,
libglib2.0-dev (>= 2.32),
libgcrypt11-dev,
libgnutls28-dev,
libpcap-dev,
libopenvas-dev (>= 9),
po-debconf,
doxygen
Standards-Version: 3.9.8
Homepage: http://www.openvas.org/ Homepage: http://www.openvas.org/
Standards-Version: 3.9.5 Vcs-Browser: https://anonscm.debian.org/cgit/pkg-security/openvas-scanner.git
Vcs-Git: https://anonscm.debian.org/cgit/pkg-security/openvas-scanner.git
Package: openvas-scanner Package: openvas-scanner
Section: net Section: net
Architecture: any Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends}, openssl, redis-server (>= 2.4.0) Depends: ${shlibs:Depends}, ${misc:Depends}, openssl, redis-server,
lsb-base (>= 3.0-6)
Replaces: openvas-server, openvas-plugins Replaces: openvas-server, openvas-plugins
Conflicts: openvas-server, openvas-plugins Conflicts: openvas-server, openvas-plugins
Recommends: rsync, nmap Recommends: rsync, nmap
...@@ -24,19 +40,3 @@ Description: remote network security auditor - scanner ...@@ -24,19 +40,3 @@ Description: remote network security auditor - scanner
OpenVAS-Client, provides an X11/GTK+ user interface. OpenVAS-Client, provides an X11/GTK+ user interface.
. .
This package provides the scanner. This package provides the scanner.
Package: openvas-scanner-dbg
Section: debug
Priority: extra
Architecture: any
Depends: ${misc:Depends}, openvas-scanner (= ${binary:Version})
Description: remote network security auditor - scanner (debug)
The Open Vulnerability Assessment System is a modular security auditing
tool, used for testing remote systems for vulnerabilities that should be
fixed.
.
It is made up of two parts: a scan server, and a client. The scanner/daemon,
openvassd, is in charge of the attacks, whereas the client,
OpenVAS-Client, provides an X11/GTK+ user interface.
.
This package provides the debugging symbols for the scanner.
...@@ -3,8 +3,27 @@ Upstream-Name: openvas-scanner ...@@ -3,8 +3,27 @@ Upstream-Name: openvas-scanner
Source: https://wald.intevation.org/scm/viewvc.php/branches/?root=openvas Source: https://wald.intevation.org/scm/viewvc.php/branches/?root=openvas
Files: * Files: *
Copyright: 1998-2006 Tenable Network Security, Inc Copyright: 2009-2016 Greenbone Networks GmbH
2006 Software in the Public Interest, Inc 2006 Software in the Public Interest, Inc.
1998-2006 Tenable Network Security, Inc.
and others
License: GPL-2
Files: tools/greenbone-nvt-sync.in src/otp.*
Copyright: 2009-2016 Greenbone Networks GmbH
License: GPL-2+
Files: debian/*
Copyright: 2009-2011 Stephan Kleine <bitshuffler@opensuse.org>
2012 Mati Aharoni <muts@kali.org>
2013-2015 Raphaël Hertzog <hertzog@debian.org>
2014-2016 Sophie Brun <sophie@freexian.com>
2016 ChangZhuo Chen (陳昌倬) <czchen@debian.org>
2016 SZ Lin (林上智) <szlin@cs.nctu.edu.tw>
License: GPL-2
License: GPL-2 License: GPL-2
This program is free software; you can redistribute it This program is free software; you can redistribute it
and/or modify it under the terms of the GNU General Public and/or modify it under the terms of the GNU General Public
...@@ -25,23 +44,23 @@ License: GPL-2 ...@@ -25,23 +44,23 @@ License: GPL-2
License version 2 can be found in the file License version 2 can be found in the file
`/usr/share/common-licenses/GPL-2'. `/usr/share/common-licenses/GPL-2'.
Files: src/otp.* tools/greenbone-nvt-sync tools/openvas-manage-certs.sh
Copyright: 2009-2015 Greenbone Networks GmbH
License: GPL-2+ License: GPL-2+
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it
it under the terms of the GNU General Public License as published by and/or modify it under the terms of the GNU General Public
the Free Software Foundation; either version 2 of the License, or License as published by the Free Software Foundation; either
(at your option) any later version. version 2 of the License, or (at your option) any later
version.
. .
This program is distributed in the hope that it will be useful, This program is distributed in the hope that it will be
but WITHOUT ANY WARRANTY; without even the implied warranty of useful, but WITHOUT ANY WARRANTY; without even the implied
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
GNU General Public License for more details. PURPOSE. See the GNU General Public License for more
details.
. .
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public
along with this program; if not, write to the Free Software License along with this package; if not, write to the Free
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA Software Foundation, Inc., 51 Franklin St, Fifth Floor,
02110-1301 USA Boston, MA 02110-1301 USA
. .
On Debian systems, the full text of the GNU General Public On Debian systems, the full text of the GNU General Public
License version 2 can be found in the file License version 2 can be found in the file
......
...@@ -6,8 +6,5 @@ ...@@ -6,8 +6,5 @@
# ExecStart= # ExecStart=
# ExecStart=/usr/sbin/openvassd <your desired options> # ExecStart=/usr/sbin/openvassd <your desired options>
# The address the OpenVAS Scanner is listening on. # The Path of unix socket to listen on.
SCANNER_ADDRESS=127.0.0.1 SCANNER_SOCKET=/tmp/redis.sock
# The port the OpenVAS Scanner is listening on.
SCANNER_PORT=9391
...@@ -26,12 +26,12 @@ ...@@ -26,12 +26,12 @@
# don't set it too low or you might not let openvassd die gracefully # don't set it too low or you might not let openvassd die gracefully
DODTIME=25 DODTIME=25
. /lib/lsb/init-functions
[ -r /etc/default/openvas-scanner ] && . /etc/default/openvas-scanner [ -r /etc/default/openvas-scanner ] && . /etc/default/openvas-scanner
# daemon options # daemon options
DAEMONOPTS="" DAEMONOPTS=""
[ "$SCANNER_ADDRESS" ] && DAEMONOPTS="$DAEMONOPTS --listen=$SCANNER_ADDRESS" [ "$SCANNER_SOCKET" ] && DAEMONOPTS="$DAEMONOPTS --unix-socket=$SCANNER_SOCKET"
[ "$SCANNER_PORT" ] && DAEMONOPTS="$DAEMONOPTS --port=$SCANNER_PORT"
DAEMON=/usr/sbin/openvassd DAEMON=/usr/sbin/openvassd
PIDFILE=/var/run/openvassd.pid PIDFILE=/var/run/openvassd.pid
......
#!/bin/sh
set -e
. /usr/share/debconf/confmodule
#DEBHELPER#
exit 0
...@@ -10,7 +10,7 @@ WantedBy=multi-user.target ...@@ -10,7 +10,7 @@ WantedBy=multi-user.target
[Service] [Service]
Type=forking Type=forking
PIDFile=/var/run/openvassd.pid PIDFile=/var/run/openvassd.pid
ExecStart=/usr/sbin/openvassd --listen=127.0.0.1 --port=9391 ExecStart=/usr/sbin/openvassd --unix-socket=/tmp/redis.sock
ExecReload=/bin/kill -HUP $MAINPID ExecReload=/bin/kill -HUP $MAINPID
# Kill the main process with SIGTERM and after TimeoutStopSec (defaults to # Kill the main process with SIGTERM and after TimeoutStopSec (defaults to
# 1m30) kill remaining processes with SIGKILL # 1m30) kill remaining processes with SIGKILL
......
[type: gettext/rfc822deb] templates
# German openvas-scanner debconf translation.
# Copyright (C) 2009-2016 Greenbone Networks GmbH.
# This file is distributed under the same license as the openvas-scanner package.
# Copyright (C) of this file Chris Leick <c.leick@vollbio.de> 2016.
#
msgid ""
msgstr ""
"Project-Id-Version: openvas-scanner 5.0.7-1\n"
"Report-Msgid-Bugs-To: openvas-scanner@packages.debian.org\n"
"POT-Creation-Date: 2016-09-14 17:49+0800\n"
"PO-Revision-Date: 2016-11-03 23:47+0100\n"
"Last-Translator: Chris Leick <c.leick@vollbio.de>\n"
"Language-Team: de <debian-l10n-german@lists.debian.org>\n"
"Language: de\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
#. Type: boolean
#. Description