OpenVAS stands for Open Vulnerability Assessment System and is a

network security scanner with associated tools like a graphical
user front-end. The core component is a server with a set of network
vulnerability tests (NVTs) to detect security problems in remote
systems and applications.

12 files changed, 252 insertions, 0 deletions

diff --git a/security/openvas-libraries/DESCR b/security/openvas-libraries/DESCR
new file mode 100644
index 00000000000..c6339b9eb98
--- /dev/null
+++ b/security/openvas-libraries/DESCR
@@ -0,0 +1,5 @@
+OpenVAS stands for Open Vulnerability Assessment System and is a
+network security scanner with associated tools like a graphical
+user front-end. The core component is a server with a set of network
+vulnerability tests (NVTs) to detect security problems in remote
+systems and applications.
diff --git a/security/openvas-libraries/MESSAGE b/security/openvas-libraries/MESSAGE
new file mode 100644
index 00000000000..9f6fb03b1c0
--- /dev/null
+++ b/security/openvas-libraries/MESSAGE
@@ -0,0 +1,10 @@
+===========================================================================
+$NetBSD: MESSAGE,v 1.1.1.1 2009/01/04 01:08:52 adrianp Exp $
+
+If you are running a BPF-enabled operating system BPFs are used to capture
+incoming packets without using the operating system.  OpenVAS uses those
+for some of its security checks and port scanners.
+
+OpenVAS recommands that you get about 100 of them or else it might miss
+some hosts or produce inaccurate port scans.
+===========================================================================
diff --git a/security/openvas-libraries/Makefile b/security/openvas-libraries/Makefile
new file mode 100644
index 00000000000..73609743309
--- /dev/null
+++ b/security/openvas-libraries/Makefile
@@ -0,0 +1,26 @@
+# $NetBSD: Makefile,v 1.1.1.1 2009/01/04 01:08:52 adrianp Exp $
+#
+
+DISTNAME=	openvas-libraries-2.0.0
+CATEGORIES=	security
+MASTER_SITES=	http://wald.intevation.org/frs/download.php/548/
+
+MAINTAINER=	adrianp@NetBSD.org
+HOMEPAGE=	http://www.openvas.org/
+COMMENT=	Libraries for the Open Vulnerability Assessment System
+
+GNU_CONFIGURE=	YES
+USE_LIBTOOL=	YES
+MAKE_JOBS_SAFE=	NO
+BUILD_DEFS+=	VARBASE
+USE_LANGUAGES+=	c++ c
+USE_TOOLS=	pkg-config
+
+CONFIGURE_ARGS+=	--localstatedir=${VARBASE}
+
+.include "../../security/libgcrypt/buildlink3.mk"
+.include "../../security/gnutls/buildlink3.mk"
+.include "../../security/gpgme/buildlink3.mk"
+.include "../../net/libpcap/buildlink3.mk"
+.include "../../devel/glib2/buildlink3.mk"
+.include "../../mk/bsd.pkg.mk"
diff --git a/security/openvas-libraries/PLIST b/security/openvas-libraries/PLIST
new file mode 100644
index 00000000000..86b5238027f
--- /dev/null
+++ b/security/openvas-libraries/PLIST
@@ -0,0 +1,29 @@
+@comment $NetBSD: PLIST,v 1.1.1.1 2009/01/04 01:08:52 adrianp Exp $
+bin/libopenvas-config
+include/openvas/arglists.h
+include/openvas/bpf_share.h
+include/openvas/ftp_funcs.h
+include/openvas/harglists.h
+include/openvas/hg_utils.h
+include/openvas/hosts_gatherer.h
+include/openvas/kb.h
+include/openvas/libopenvas.h
+include/openvas/libvers.h
+include/openvas/network.h
+include/openvas/ntp.h
+include/openvas/pcap_openvas.h
+include/openvas/plugutils.h
+include/openvas/popen.h
+include/openvas/proctitle.h
+include/openvas/rand.h
+include/openvas/resolve.h
+include/openvas/scanners_utils.h
+include/openvas/services1.h
+include/openvas/share_fd.h
+include/openvas/store.h
+include/openvas/system.h
+include/openvas/www_funcs.h
+lib/libopenvas.la
+lib/libopenvas_hg.la
+man/man1/libopenvas-config.1
+@unexec ${RMDIR} %D/include/openvas 2>/dev/null || ${TRUE}
diff --git a/security/openvas-libraries/buildlink3.mk b/security/openvas-libraries/buildlink3.mk
new file mode 100644
index 00000000000..e92d1b82446
--- /dev/null
+++ b/security/openvas-libraries/buildlink3.mk
@@ -0,0 +1,19 @@
+# $NetBSD: buildlink3.mk,v 1.1.1.1 2009/01/04 01:08:52 adrianp Exp $
+
+BUILDLINK_DEPTH:=			${BUILDLINK_DEPTH}+
+OPENVAS_LIBRARIES_BUILDLINK3_MK:=	${OPENVAS_LIBRARIES_BUILDLINK3_MK}+
+
+.if ${BUILDLINK_DEPTH} == "+"
+BUILDLINK_DEPENDS+=	openvas-libraries
+.endif
+
+BUILDLINK_PACKAGES:=	${BUILDLINK_PACKAGES:Nopenvas-libraries}
+BUILDLINK_PACKAGES+=	openvas-libraries
+BUILDLINK_ORDER:=	${BUILDLINK_ORDER} ${BUILDLINK_DEPTH}openvas-libraries
+
+.if ${OPENVAS_LIBRARIES_BUILDLINK3_MK} == "+"
+BUILDLINK_API_DEPENDS.openvas-libraries+=	openvas-libraries>=2.0.0
+BUILDLINK_PKGSRCDIR.openvas-libraries?=	../../security/openvas-libraries
+.endif	# OPENVAS_LIBRARIES_BUILDLINK3_MK
+
+BUILDLINK_DEPTH:=			${BUILDLINK_DEPTH:S/+$//}
diff --git a/security/openvas-libraries/distinfo b/security/openvas-libraries/distinfo
new file mode 100644
index 00000000000..ea95fbfd6fc
--- /dev/null
+++ b/security/openvas-libraries/distinfo
@@ -0,0 +1,11 @@
+$NetBSD: distinfo,v 1.1.1.1 2009/01/04 01:08:52 adrianp Exp $
+
+SHA1 (openvas-libraries-2.0.0.tar.gz) = e3b5614e8fa4721ad93a9eb483f4f0a23242d84b
+RMD160 (openvas-libraries-2.0.0.tar.gz) = c7365d81289bca625ae984fceab901ced0626ce0
+Size (openvas-libraries-2.0.0.tar.gz) = 425670 bytes
+SHA1 (patch-aa) = a308f1af94cd5524745d2b1c4d311f10ec442de4
+SHA1 (patch-ab) = 35935f39ad9c0a432abc1d6fc1ed93fb52a7218f
+SHA1 (patch-ac) = 50e33c8d9571e8c67052f3e0462d5ccd1f60eb0e
+SHA1 (patch-ad) = 9a66d6ffad12edbc09176b390325065011abafa3
+SHA1 (patch-ae) = e2d36036d2043fb0a4ad1ada281ec165ed9c08ea
+SHA1 (patch-af) = edbabcc8b5f3a3a654f52ab678c932471f2fb1a7
diff --git a/security/openvas-libraries/patches/patch-aa b/security/openvas-libraries/patches/patch-aa
new file mode 100644
index 00000000000..63e52527ed2
--- /dev/null
+++ b/security/openvas-libraries/patches/patch-aa
@@ -0,0 +1,13 @@
+$NetBSD: patch-aa,v 1.1.1.1 2009/01/04 01:08:52 adrianp Exp $
+
+--- libopenvas/plugutils.c.orig	2008-12-16 13:03:21.000000000 +0000
++++ libopenvas/plugutils.c
+@@ -35,7 +35,7 @@
+ #include <unistd.h>
+ #include <errno.h>
+ #include <signal.h>
+-#include <wait.h>
++#include <sys/wait.h>
+ #include <time.h>
+ 
+ #include <glib.h>
diff --git a/security/openvas-libraries/patches/patch-ab b/security/openvas-libraries/patches/patch-ab
new file mode 100644
index 00000000000..3ffc530e015
--- /dev/null
+++ b/security/openvas-libraries/patches/patch-ab
@@ -0,0 +1,13 @@
+$NetBSD: patch-ab,v 1.1.1.1 2009/01/04 01:08:52 adrianp Exp $
+
+--- libopenvas/bpf_share.h.orig	2008-12-29 14:39:05.000000000 +0000
++++ libopenvas/bpf_share.h
+@@ -26,6 +26,8 @@
+ #ifndef OPENVAS_BPF_SHARE_H
+ #define OPENVAS_BPF_SHARE_H
+ 
++#include <sys/types.h>
++
+ int bpf_server();
+ int bpf_open_live(char*, char*);
+ u_char* bpf_next(int, int *);
diff --git a/security/openvas-libraries/patches/patch-ac b/security/openvas-libraries/patches/patch-ac
new file mode 100644
index 00000000000..8cca6d063b1
--- /dev/null
+++ b/security/openvas-libraries/patches/patch-ac
@@ -0,0 +1,12 @@
+$NetBSD: patch-ac,v 1.1.1.1 2009/01/04 01:08:52 adrianp Exp $
+
+--- libopenvas/pcap.c.orig	2008-12-16 13:03:21.000000000 +0000
++++ libopenvas/pcap.c
+@@ -16,6 +16,7 @@
+  * Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+  */
+ 
++#include <netinet/in.h>
+ #include <resolv.h>
+ #include <pcap.h>
+ #include <net/if.h>
diff --git a/security/openvas-libraries/patches/patch-ad b/security/openvas-libraries/patches/patch-ad
new file mode 100644
index 00000000000..7580c77406c
--- /dev/null
+++ b/security/openvas-libraries/patches/patch-ad
@@ -0,0 +1,12 @@
+$NetBSD: patch-ad,v 1.1.1.1 2009/01/04 01:08:52 adrianp Exp $
+
+--- libopenvas/popen.c.orig	2008-12-16 13:03:21.000000000 +0000
++++ libopenvas/popen.c
+@@ -19,6 +19,7 @@
+ 
+ #include <stdlib.h>
+ #include <stdio.h>
++#include <sys/resource.h>
+ #include <sys/types.h>
+ #include <sys/socket.h>
+ #include <sys/wait.h>
diff --git a/security/openvas-libraries/patches/patch-ae b/security/openvas-libraries/patches/patch-ae
new file mode 100644
index 00000000000..c4180c3f449
--- /dev/null
+++ b/security/openvas-libraries/patches/patch-ae
@@ -0,0 +1,16 @@
+$NetBSD: patch-ae,v 1.1.1.1 2009/01/04 01:08:52 adrianp Exp $
+
+--- configure.in.orig	2008-12-16 13:03:22.000000000 +0000
++++ configure.in
+@@ -97,8 +97,9 @@ AC_SUBST(GLIB_LIBS)
+ 
+ dnl Check for extra libraries
+ 
+-AC_CHECK_LIB(resolv, __dn_expand, LIBS="-lresolv $LIBS",
+-  AC_MSG_ERROR(you need to install resolve library with development files))
++AC_CHECK_LIB(resolv, dn_expand, LIBS="-lresolv $LIBS",
++  [AC_CHECK_LIB(resolv, __dn_expand, LIBS="-lresolv $LIBS",
++    AC_MSG_ERROR(you need to install resolve library with development files))])
+ 
+ AC_CHECK_LIB(gnutls, gnutls_init, LIBS="-lgnutls $LIBS",
+   AC_MSG_ERROR(you need to install gnutls library with development files))
diff --git a/security/openvas-libraries/patches/patch-af b/security/openvas-libraries/patches/patch-af
new file mode 100644
index 00000000000..6d4abbf6113
--- /dev/null
+++ b/security/openvas-libraries/patches/patch-af
@@ -0,0 +1,86 @@
+$NetBSD: patch-af,v 1.1.1.1 2009/01/04 01:08:52 adrianp Exp $
+
+--- configure.orig	2008-12-29 20:29:55.000000000 +0000
++++ configure
+@@ -19073,8 +19073,71 @@ fi
+ 
+ 
+ 
++{ echo "$as_me:$LINENO: checking for dn_expand in -lresolv" >&5
++echo $ECHO_N "checking for dn_expand in -lresolv... $ECHO_C" >&6; }
++if test "${ac_cv_lib_resolv_dn_expand+set}" = set; then
++  echo $ECHO_N "(cached) $ECHO_C" >&6
++else
++  ac_check_lib_save_LIBS=$LIBS
++LIBS="-lresolv  $LIBS"
++cat >conftest.$ac_ext <<_ACEOF
++/* confdefs.h.  */
++_ACEOF
++cat confdefs.h >>conftest.$ac_ext
++cat >>conftest.$ac_ext <<_ACEOF
++/* end confdefs.h.  */
+ 
+-{ echo "$as_me:$LINENO: checking for __dn_expand in -lresolv" >&5
++/* Override any GCC internal prototype to avoid an error.
++   Use char because int might match the return type of a GCC
++   builtin and then its argument prototype would still apply.  */
++#ifdef __cplusplus
++extern "C"
++#endif
++char dn_expand ();
++int
++main ()
++{
++return dn_expand ();
++  ;
++  return 0;
++}
++_ACEOF
++rm -f conftest.$ac_objext conftest$ac_exeext
++if { (ac_try="$ac_link"
++case "(($ac_try" in
++  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
++  *) ac_try_echo=$ac_try;;
++esac
++eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++  (eval "$ac_link") 2>conftest.er1
++  ac_status=$?
++  grep -v '^ *+' conftest.er1 >conftest.err
++  rm -f conftest.er1
++  cat conftest.err >&5
++  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  (exit $ac_status); } && {
++	 test -z "$ac_c_werror_flag" ||
++	 test ! -s conftest.err
++       } && test -s conftest$ac_exeext &&
++       $as_test_x conftest$ac_exeext; then
++  ac_cv_lib_resolv_dn_expand=yes
++else
++  echo "$as_me: failed program was:" >&5
++sed 's/^/| /' conftest.$ac_ext >&5
++
++	ac_cv_lib_resolv_dn_expand=no
++fi
++
++rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
++      conftest$ac_exeext conftest.$ac_ext
++LIBS=$ac_check_lib_save_LIBS
++fi
++{ echo "$as_me:$LINENO: result: $ac_cv_lib_resolv_dn_expand" >&5
++echo "${ECHO_T}$ac_cv_lib_resolv_dn_expand" >&6; }
++if test $ac_cv_lib_resolv_dn_expand = yes; then
++  LIBS="-lresolv $LIBS"
++else
++  { echo "$as_me:$LINENO: checking for __dn_expand in -lresolv" >&5
+ echo $ECHO_N "checking for __dn_expand in -lresolv... $ECHO_C" >&6; }
+ if test "${ac_cv_lib_resolv___dn_expand+set}" = set; then
+   echo $ECHO_N "(cached) $ECHO_C" >&6
+@@ -19143,6 +19206,8 @@ echo "$as_me: error: you need to install
+    { (exit 1); exit 1; }; }
+ fi
+ 
++fi
++
+ 
+ { echo "$as_me:$LINENO: checking for gnutls_init in -lgnutls" >&5
+ echo $ECHO_N "checking for gnutls_init in -lgnutls... $ECHO_C" >&6; }