13 files changed, 354 insertions, 0 deletions

diff --git a/security/gvmd/Makefile b/security/gvmd/Makefile
new file mode 100644
index 000000000000..588813314d3a
--- /dev/null
+++ b/security/gvmd/Makefile
@@ -0,0 +1,46 @@
+# $FreeBSD$
+
+PORTNAME=	gvmd
+DISTVERSION=	20.8.0
+DISTVERSIONPREFIX=	v
+CATEGORIES=	security
+
+MAINTAINER=	acm@FreeBSD.org
+COMMENT=	Greenbone Vulnerability Manager central management service
+
+LICENSE=	AGPLv3+
+
+BUILD_DEPENDS=	doxygen>0:devel/doxygen
+LIB_DEPENDS=	libgvm_base.so:security/gvm-libs \
+		libgnutls.so:security/gnutls \
+		libgpgme.so:security/gpgme \
+		libical.so:devel/libical
+RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}lxml>0:devel/py-lxml@${PY_FLAVOR} \
+		doxygen>0:devel/doxygen \
+		p5-XML-Twig>=0:textproc/p5-XML-Twig \
+		snmpget:net-mgmt/net-snmp \
+		rsync:net/rsync \
+		wget:ftp/wget \
+		gpg:security/gnupg \
+		xml:textproc/xmlstarlet \
+		sshpass:security/sshpass \
+		socat:net/socat
+
+USE_GITHUB=	yes
+GH_ACCOUNT=	greenbone
+
+USES=		cmake gnome pkgconfig pgsql python samba:run zip
+USE_GNOME=	glib20 libxslt:build
+USE_LDCONFIG=	yes
+
+USERS=		gvm
+GROUPS=		${USERS}
+
+USE_RC_SUBR=	gvmd
+
+post-install:
+	@${MKDIR} ${STAGEDIR}/var/lib/gvm/gvmd/gnupg
+	@${MKDIR} ${STAGEDIR}/var/log/gvm
+	@${MKDIR} ${STAGEDIR}/var/run/gvm
+
+.include <bsd.port.mk>
diff --git a/security/gvmd/distinfo b/security/gvmd/distinfo
new file mode 100644
index 000000000000..1ac013bff19d
--- /dev/null
+++ b/security/gvmd/distinfo
@@ -0,0 +1,3 @@
+TIMESTAMP = 1609399929
+SHA256 (greenbone-gvmd-v20.8.0_GH0.tar.gz) = 2e09df899234fbb8e4e3593c63e94ed6ad0c984c59246a74c76f601499e2a40a
+SIZE (greenbone-gvmd-v20.8.0_GH0.tar.gz) = 1016622
diff --git a/security/gvmd/files/gvmd.in b/security/gvmd/files/gvmd.in
new file mode 100644
index 000000000000..0336e200a917
--- /dev/null
+++ b/security/gvmd/files/gvmd.in
@@ -0,0 +1,32 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+# PROVIDE: gvmd
+# REQUIRE: DAEMON
+# KEYWORD: shutdown
+#
+# Add the following to /etc/rc.conf[.local] to enable this service
+#
+# gvmd_enable  (bool):   Set to NO by default.
+#                Set it to YES to enable gvmd.
+# gvmd_flags (params):   Set params used to start gvmd.
+#
+
+. /etc/rc.subr
+
+name=gvmd
+rcvar=${name}_enable
+
+load_rc_config $name
+
+: ${gvmd_enable=NO}
+: ${gmvd_flags="--osp-vt-update=/var/run/ospd/ospd.sock --unix-socket=/var/run/gvm/gvmd.sock"}
+
+command="%%PREFIX%%/sbin/gvmd"
+command_args="${gmvd_flags}"
+gvmd_user="gvm"
+gvmd_group="gvm"
+pidfile=/var/run/gvm/gvmd.pid
+
+run_rc_command "$1"
diff --git a/security/gvmd/files/patch-CMakeLists.txt b/security/gvmd/files/patch-CMakeLists.txt
new file mode 100644
index 000000000000..10a249550366
--- /dev/null
+++ b/security/gvmd/files/patch-CMakeLists.txt
@@ -0,0 +1,52 @@
+--- CMakeLists.txt	2020-08-11 10:05:36.000000000 -0500
++++ CMakeLists.txt	2021-01-04 19:48:05.978938000 -0500
+@@ -132,7 +132,7 @@
+ endif (NOT LIBDIR)
+ 
+ if (NOT LOCALSTATEDIR)
+-  set (LOCALSTATEDIR "${CMAKE_INSTALL_PREFIX}/var")
++  set (LOCALSTATEDIR "/var")
+ endif (NOT LOCALSTATEDIR)
+ 
+ if (NOT DATADIR)
+@@ -183,7 +183,7 @@
+ set (GVM_CA_CERTIFICATE      "${GVM_STATE_DIR}/CA/cacert.pem")
+ 
+ if (NOT GVM_RUN_DIR)
+-  set (GVM_RUN_DIR      "${LOCALSTATEDIR}/run")
++  set (GVM_RUN_DIR      "${LOCALSTATEDIR}/run/gvm")
+ endif (NOT GVM_RUN_DIR)
+ 
+ if (NOT GVM_FEED_LOCK_PATH)
+@@ -240,7 +240,7 @@
+ configure_file (doc/Doxyfile_xml.in doc/Doxyfile_xml)
+ configure_file (doc/example-gvm-manage-certs.conf.in doc/example-gvm-manage-certs.conf @ONLY)
+ configure_file (VERSION.in VERSION)
+-configure_file (src/gvmd_log_conf.cmake_in src/gvmd_log.conf)
++configure_file (src/gvmd_log_conf.cmake_in src/gvmd_log.conf.sample)
+ configure_file (src/schema_formats/XML/GMP.xml.in src/schema_formats/XML/GMP.xml @ONLY)
+ configure_file (tools/greenbone-feed-sync.in tools/greenbone-feed-sync @ONLY)
+ configure_file (tools/greenbone-scapdata-sync.in tools/greenbone-scapdata-sync @ONLY)
+@@ -282,7 +282,7 @@
+ 
+ ## Configs (e.g. systemd service file)
+ 
+-add_subdirectory (config)
++# add_subdirectory (config)
+ 
+ ## Documentation
+ 
+@@ -292,10 +292,11 @@
+ 
+ install (DIRECTORY DESTINATION ${GVMD_STATE_DIR})
+ 
+-install (FILES ${CMAKE_BINARY_DIR}/src/gvmd_log.conf
++install (FILES ${CMAKE_BINARY_DIR}/src/gvmd_log.conf.sample
+          DESTINATION ${GVM_SYSCONF_DIR})
+ 
+-install (FILES ${CMAKE_SOURCE_DIR}/src/pwpolicy.conf
++
++install (FILES ${CMAKE_SOURCE_DIR}/src/pwpolicy.conf.sample
+          DESTINATION ${GVM_SYSCONF_DIR})
+ 
+ # Schema formats.
diff --git a/security/gvmd/files/patch-src_CMakeLists.txt b/security/gvmd/files/patch-src_CMakeLists.txt
new file mode 100644
index 000000000000..5e6801a41ca9
--- /dev/null
+++ b/security/gvmd/files/patch-src_CMakeLists.txt
@@ -0,0 +1,19 @@
+--- src/CMakeLists.txt	2020-08-11 10:05:36.000000000 -0500
++++ src/CMakeLists.txt	2021-01-04 19:53:06.893137000 -0500
+@@ -227,7 +227,7 @@
+                        ${GNUTLS_LDFLAGS} ${GPGME_LDFLAGS} ${CMAKE_THREAD_LIBS_INIT} ${LINKER_HARDENING_FLAGS} ${LINKER_DEBUG_FLAGS}
+                        ${PostgreSQL_LIBRARIES} ${GLIB_LDFLAGS} ${GTHREAD_LDFLAGS}
+                        ${LIBGVM_BASE_LDFLAGS} ${LIBGVM_UTIL_LDFLAGS} ${LIBGVM_OSP_LDFLAGS} ${LIBGVM_GMP_LDFLAGS}
+-                       ${LIBICAL_LDFLAGS} ${LINKER_HARDENING_FLAGS})
++                       ${LIBICAL_LDFLAGS} ${LINKER_HARDENING_FLAGS} -lexecinfo)
+ target_link_libraries (manage-test cgreen m
+                        ${GNUTLS_LDFLAGS} ${GPGME_LDFLAGS} ${CMAKE_THREAD_LIBS_INIT} ${LINKER_HARDENING_FLAGS} ${LINKER_DEBUG_FLAGS}
+                        ${PostgreSQL_LIBRARIES} ${GLIB_LDFLAGS} ${GTHREAD_LDFLAGS}
+@@ -441,5 +441,7 @@
+                    COMMAND ctags ${C_FILES})
+ add_custom_target (tags COMMENT "Building tags files...")
+ add_dependencies (tags etags ctags)
++
++file(RENAME "pwpolicy.conf" "pwpolicy.conf.sample")
+ 
+ ## End
diff --git a/security/gvmd/files/patch-src_gvmd.c b/security/gvmd/files/patch-src_gvmd.c
new file mode 100644
index 000000000000..49ea71bfe998
--- /dev/null
+++ b/security/gvmd/files/patch-src_gvmd.c
@@ -0,0 +1,71 @@
+--- src/gvmd.c	2020-08-11 10:05:36.000000000 -0500
++++ src/gvmd.c	2021-01-03 16:50:30.707314000 -0500
+@@ -1362,6 +1362,7 @@
+   struct sockaddr_un address_unix;
+   struct sockaddr_storage address_tls;
+   int address_size;
++  socklen_t addrlen;
+ 
+   memset (&address_tls, 0, sizeof (struct sockaddr_storage));
+   memset (&address_unix, 0, sizeof (struct sockaddr_un));
+@@ -1375,9 +1376,8 @@
+       /* UNIX file socket. */
+ 
+       address_unix.sun_family = AF_UNIX;
+-      strncpy (address_unix.sun_path,
+-               address_str_unix,
+-               sizeof (address_unix.sun_path) - 1);
++      strcpy (address_unix.sun_path,
++               address_str_unix);
+ 
+       g_debug ("%s: address_unix.sun_path: %s",
+                __func__,
+@@ -1398,7 +1398,7 @@
+         }
+ 
+       address = (struct sockaddr *) &address_unix;
+-      address_size = sizeof (address_unix);
++      addrlen = sizeof(struct sockaddr_un);
+ 
+       /* Ensure the path of the socket exists. */
+ 
+@@ -1414,8 +1414,8 @@
+     }
+   else if (address_str_tls)
+     {
+-      struct sockaddr_in *addr4;
+-      struct sockaddr_in6 *addr6;
++      struct sockaddr_in *addr4 = (struct sockaddr_in *) &address_tls;
++      struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *) &address_tls;
+       int port, optval;
+ 
+       /* TLS TCP socket. */
+@@ -1440,17 +1440,17 @@
+             port = htons (GVMD_PORT);
+         }
+ 
+-      addr4 = (struct sockaddr_in *) &address_tls;
+-      addr6 = (struct sockaddr_in6 *) &address_tls;
+       if (inet_pton (AF_INET6, address_str_tls, &addr6->sin6_addr) > 0)
+         {
+           address_tls.ss_family = AF_INET6;
+           addr6->sin6_port = port;
++	  addrlen = sizeof (*addr6);
+         }
+       else if (inet_pton (AF_INET, address_str_tls, &addr4->sin_addr) > 0)
+         {
+           address_tls.ss_family = AF_INET;
+           addr4->sin_port = port;
++	  addrlen = sizeof (*addr4);
+         }
+       else
+         {
+@@ -1491,7 +1491,7 @@
+       return -1;
+     }
+ 
+-  if (bind (*soc, address, address_size) == -1)
++  if (bind (*soc, address, addrlen) == -1)
+     {
+       g_warning ("Failed to bind manager socket: %s", strerror (errno));
+       return -1;
diff --git a/security/gvmd/files/patch-src_manage.c b/security/gvmd/files/patch-src_manage.c
new file mode 100644
index 000000000000..85f58ef903cf
--- /dev/null
+++ b/security/gvmd/files/patch-src_manage.c
@@ -0,0 +1,10 @@
+--- src/manage.c	2020-12-31 17:01:32.913198000 -0500
++++ src/manage.c	2020-12-31 17:01:47.001860000 -0500
+@@ -75,6 +75,7 @@
+ #include <sys/file.h>
+ #include <sys/stat.h>
+ #include <sys/types.h>
++#include <sys/socket.h>
+ #include <sys/wait.h>
+ #include <time.h>
+ #include <unistd.h>
diff --git a/security/gvmd/files/patch-src_manage_sql.c b/security/gvmd/files/patch-src_manage_sql.c
new file mode 100644
index 000000000000..b84efda2bca7
--- /dev/null
+++ b/security/gvmd/files/patch-src_manage_sql.c
@@ -0,0 +1,19 @@
+--- src/manage_sql.c	2020-08-11 10:05:36.000000000 -0500
++++ src/manage_sql.c	2021-01-04 17:08:05.732803000 -0500
+@@ -51,7 +51,6 @@
+ #include <dirent.h>
+ #include <errno.h>
+ #include <glib/gstdio.h>
+-#include <malloc.h>
+ #include <pwd.h>
+ #include <stdlib.h>
+ #include <sys/socket.h>
+@@ -15276,7 +15275,7 @@
+ 
+   cleanup_iterator (&nvts);
+ 
+-  malloc_trim (0);
++ // malloc_trim (0);
+ }
+ 
+ /**
diff --git a/security/gvmd/files/patch-src_manage_sql_secinfo.c b/security/gvmd/files/patch-src_manage_sql_secinfo.c
new file mode 100644
index 000000000000..64e96501bd87
--- /dev/null
+++ b/security/gvmd/files/patch-src_manage_sql_secinfo.c
@@ -0,0 +1,10 @@
+--- src/manage_sql_secinfo.c	2020-12-31 16:49:24.318202000 -0500
++++ src/manage_sql_secinfo.c	2020-12-31 16:49:46.253146000 -0500
+@@ -44,6 +44,7 @@
+ #include <sys/file.h>
+ #include <sys/stat.h>
+ #include <sys/types.h>
++#include <sys/wait.h>
+ #include <unistd.h>
+ 
+ #include <gvm/base/proctitle.h>
diff --git a/security/gvmd/files/patch-src_sql_pg.c b/security/gvmd/files/patch-src_sql_pg.c
new file mode 100644
index 000000000000..ab311fbc3767
--- /dev/null
+++ b/security/gvmd/files/patch-src_sql_pg.c
@@ -0,0 +1,18 @@
+--- src/sql_pg.c	2020-12-31 16:50:03.471244000 -0500
++++ src/sql_pg.c	2020-12-31 16:50:43.332754000 -0500
+@@ -26,13 +26,13 @@
+ #include "sql.h"
+ 
+ #include <assert.h>
+-#include <endian.h>
++#include <sys/endian.h>
+ #include <errno.h>
+ #include <arpa/inet.h>
+ #include <glib.h>
+ #include <inttypes.h>
+ #include <netinet/in.h>
+-#include <postgresql/libpq-fe.h>
++#include <libpq-fe.h>
+ #include <stdlib.h>
+ #include <string.h>
+ 
diff --git a/security/gvmd/files/patch-src_utils.c b/security/gvmd/files/patch-src_utils.c
new file mode 100644
index 000000000000..00bcbffaace2
--- /dev/null
+++ b/security/gvmd/files/patch-src_utils.c
@@ -0,0 +1,11 @@
+--- src/utils.c	2020-12-31 16:52:50.534962000 -0500
++++ src/utils.c	2020-12-31 16:52:59.759527000 -0500
+@@ -34,7 +34,7 @@
+ /**
+  * @brief Needed for nanosleep.
+  */
+-#define _POSIX_C_SOURCE 199309L
++//#define _POSIX_C_SOURCE 199309L
+ 
+ #include "utils.h"
+ 
diff --git a/security/gvmd/pkg-descr b/security/gvmd/pkg-descr
new file mode 100644
index 000000000000..08df113ed7c2
--- /dev/null
+++ b/security/gvmd/pkg-descr
@@ -0,0 +1,9 @@
+The Greenbone Vulnerability Manager is the central management service between 
+security scanners and the user clients.
+
+It manages the storage of any vulnerability management configurations and of 
+the scan results. Access to data, control commands and workflows is offered 
+via the XML-based Greenbone Management Protocol (GMP). Controlling scanners 
+like OpenVAS is done via the Open Scanner Protocol (OSP).
+
+WWW: https://github.com/greenbone/gvmd
diff --git a/security/gvmd/pkg-plist b/security/gvmd/pkg-plist
new file mode 100644
index 000000000000..0b8fc9660487
--- /dev/null
+++ b/security/gvmd/pkg-plist
@@ -0,0 +1,54 @@
+bin/gvm-manage-certs
+@sample etc/gvm/gvmd_log.conf.sample
+@sample etc/gvm/pwpolicy.conf.sample
+lib/libgvm-pg-server.so
+lib/libgvm-pg-server.so.20
+lib/libgvm-pg-server.so.20.08.0
+sbin/greenbone-certdata-sync
+sbin/greenbone-feed-sync
+sbin/greenbone-scapdata-sync
+sbin/gvmd
+share/doc/gvm/example-gvm-manage-certs.conf
+share/doc/gvm/html/gmp.html
+share/gvm/cert/cert_bund_getbyname.xsl
+share/gvm/cert/dfn_cert_getbyname.xsl
+share/gvm/gvm-lsc-deb-creator.sh
+share/gvm/gvm-lsc-rpm-creator.sh
+share/gvm/gvmd/global_alert_methods/159f79a5-fce8-4ec5-aa49-7d17a77739a3/alert
+share/gvm/gvmd/global_alert_methods/2db07698-ec49-11e5-bcff-28d24461215b/alert
+share/gvm/gvmd/global_alert_methods/4a398d42-87c0-11e5-a1c0-28d24461215b/alert
+share/gvm/gvmd/global_alert_methods/5b39c481-9137-4876-b734-263849dd96ce/alert
+share/gvm/gvmd/global_alert_methods/5b39c481-9137-4876-b734-263849dd96ce/report-convert.py
+share/gvm/gvmd/global_alert_methods/9d435134-15d3-11e6-bf5c-28d24461215b/alert
+share/gvm/gvmd/global_alert_methods/c427a688-b653-40ab-a9d0-d6ba842a9d63/alert
+share/gvm/gvmd/global_alert_methods/cd1f5a34-6bdc-11e0-9827-002264764cea/alert
+share/gvm/gvmd/global_alert_methods/f9d97653-f89b-41af-9ba1-0f6ee00e9c1a/alert
+share/gvm/gvmd/global_schema_formats/02052818-dab6-11df-9be4-002264764cea/HTML.xsl
+share/gvm/gvmd/global_schema_formats/02052818-dab6-11df-9be4-002264764cea/generate
+share/gvm/gvmd/global_schema_formats/02052818-dab6-11df-9be4-002264764cea/rnc.xsl
+share/gvm/gvmd/global_schema_formats/18e826fc-dab6-11df-b913-002264764cea/GMP.xml
+share/gvm/gvmd/global_schema_formats/18e826fc-dab6-11df-b913-002264764cea/generate
+share/gvm/gvmd/global_schema_formats/787a4a18-dabc-11df-9486-002264764cea/RNC.xsl
+share/gvm/gvmd/global_schema_formats/787a4a18-dabc-11df-9486-002264764cea/generate
+share/gvm/gvmd/global_schema_formats/787a4a18-dabc-11df-9486-002264764cea/rnc.xsl
+share/gvm/gvmd/global_schema_formats/d6cf255e-947c-11e1-829a-406186ea4fc5/GMP.xsl
+share/gvm/gvmd/global_schema_formats/d6cf255e-947c-11e1-829a-406186ea4fc5/generate
+share/gvm/gvmd/wizards/delete_task_deep.xml
+share/gvm/gvmd/wizards/get_tasks_deep.xml
+share/gvm/gvmd/wizards/modify_task.xml
+share/gvm/gvmd/wizards/quick_auth_scan.xml
+share/gvm/gvmd/wizards/quick_first_scan.xml
+share/gvm/gvmd/wizards/quick_task.xml
+share/gvm/gvmd/wizards/reset_task.xml
+share/gvm/scap/cpe_getbyname.xsl
+share/gvm/scap/cve_getbyname.xsl
+share/gvm/scap/ovaldef_getbyname.xsl
+share/man/man1/gvm-manage-certs.1.gz
+share/man/man8/greenbone-certdata-sync.8.gz
+share/man/man8/greenbone-scapdata-sync.8.gz
+share/man/man8/gvmd.8.gz
+@dir(gvm,gvm,750) /var/lib/gvm/gvmd/gnupg
+@dir(gvm,gvm,750) /var/lib/gvm/gvmd
+@dir(gvm,gvm,750) /var/lib/gvm
+@dir(gvm,gvm,750) /var/run/gvm
+@dir(gvm,gvm,750) /var/log/gvm