diff options
-rw-r--r-- | README | 191 | ||||
-rw-r--r-- | recipes-security/Mail-SpamAssasin/Mail-SpamAssassin_3.3.2.bb | 19 | ||||
-rw-r--r-- | recipes-security/bastille/bastille_3.2.1.bb | 1 | ||||
-rw-r--r-- | recipes-security/nikto/files/location.patch | 36 | ||||
-rw-r--r-- | recipes-security/nikto/nikto_2.1.5.bb | 101 | ||||
-rw-r--r-- | recipes-security/nmap/nmap_6.25.bb | 3 | ||||
-rw-r--r-- | recipes-security/openvas-cli/openvas-cli_1.2.0.bb | 13 | ||||
-rw-r--r-- | recipes-security/openvas-libraries/files/g_type_init.patch | 36 | ||||
-rw-r--r-- | recipes-security/openvas-libraries/openvas-libraries_6.0.0.bb | 14 | ||||
-rw-r--r-- | recipes-security/perl/files/libwhisker2.patch | 73 | ||||
-rw-r--r-- | recipes-security/perl/libhtml-parser-perl_3.71.bb | 25 | ||||
-rw-r--r-- | recipes-security/perl/libnet-dns-perl_0.72.bb | 25 | ||||
-rw-r--r-- | recipes-security/perl/libnet-ssleay-perl_1.55.bb | 24 | ||||
-rw-r--r-- | recipes-security/perl/libnetaddr-ip-perl_4.069.bb | 24 | ||||
-rw-r--r-- | recipes-security/perl/libwhisker2-perl_2.5.bb | 24 |
15 files changed, 525 insertions, 84 deletions
@@ -15,7 +15,7 @@ This layer depends on: prio: default Adding the security layer to your build -================================================= +======================================== In order to use this layer, you need to make the build system aware of it. @@ -29,8 +29,195 @@ other layers needed. e.g.: /path/to/yocto/meta \ /path/to/poky/meta-security \ +Contents and Help +================= + +In this section the contents of the layer is listed, along with a short +help for each package. + + == bastille == + + Bastille is a system hardening / lockdown program which enhances the + security of a Unix host. It configures daemons, system settings and + firewalls to be more secure. It can shut off unneeded services + like rcp and rlogin, and helps create "chroot jails" that help limit the + vulnerability of common Internet services like Web services and DNS. + + usage : Bastille can be used via meta-security layer only in command line mode. + To start Bastille simply write in a terminal : + + bastille -c + + If this is the first usage of Bastille on the system, the user will be + guided through a list of questions which need to be answered. In the end, + a config file will be created and run. After these steps, you will have a + hardened system. + + If you only want to run the config file, without stepping through the + list of questions, simply write in a terminal : + + bastille -b + + More information can be found in the package readme and manual. + + + == redhat-security == + + Sometimes you want to check different aspects of a distribution for security problems. + This can be anything from file permissions to correctness of code. This is a collection of those tools. + Depending on what information the tool has to access, it may need to be run as root. + + - rpm-chksec.sh : This will take an rpm name as input and verify each ELF file to see if its compiled with the intended flags + to most effectively use PIE and RELRO. Green is good, Orange could use work but is acceptable, and Red needs fixing. + It has a mode --all that is the equivalent of using rpm -qa and feeding the packages to it. + In this mode it will only give a summary result for the package. To find which files don't comply, + re-run using just the package name. + + - find-nodrop-groups.sh : This will scan a whole file system to see if a program makes calls to change UID + and GID without also calling setgroups or initgroups. + + - rpm-drop-groups.sh : Same as above, but takes an rpm name instead. + + - find-chroot.sh : This script scans the whole file system looking for ELF files that calls chroot(2) that also do not include a call to chdir. + Programs that fail to do this do not have the cwd inside the chroot. This means the app can escape the protection that was intended. + + - find-chroot-py.sh : This test is like the one above except it examines python scripts for the same problem. + + - find-execstack.sh : This program scans the whole file system for ELF programs that have marked the stack as being executable. + This means that if the program has another vulnerablity such as stack buffer overflow, + any code the attacker places there is executable. Any program found must be fixed. + + - find-hidden-exec.sh : This program scans the whole file system looking for excutables that are hidden. + Anything found must be investigated since its highly unusual for executables to be hidden. + + - find-sh4errors.sh : This program scans the whole file system looking for shell scripts. + It then does a sh -n on the script which causes bash to parse the file to see if there are any mistakes. + + - selinux-check-devices.sh : This script checks the /dev directory to see if there are any devices that are not correctly labeled. + Anything found by this test should be reported so that selinux policy can be fixed. + This test is very hardware specific, so to be effective a lot of people with different hardware + should run this test each upstream kernel version release. + + - selinux-ls-unconfined.sh : This script scans the running processes and looks for anything labeled with initrc_t or inetd. + These both mean that there are daemons that do not have policy and are therefore running unconfined. + These should be reported as SE Linux policy problems. Because it checks currently running daemons, + the more you have running, the better the test is. + + - find-sh4tmp.sh : This script scans the whole filesystem to check if shell scripts are using well known tmp file names + instead of obscure ones created by something like mktemp. + + - find-elf4tmp.sh : This script scans the whole file system for ELF files using /tmp. When it finds this, + it also looks to see if any of the known good random name generator functions is called by looking + at the symbol table. If not, it will output the string. + + - lib-bin-check.sh : This will check all installed library packages to see if an application is also part of the package. + The relationship to security is that the SHA256 hash check will fail if a 32 bit version overwrites it. + Also, the less binaries on a system, the more secure it is by virtue of removing the chance for an exploitable bug. + + + usage : simply invoke the script name in the terminal. + + + == pax-utils == + + pax-utils is a small set of various PaX aware and related utilities for + ELF binaries. + + - scanelf : With this application you can print out information specific to the ELF structure of a binary. + For more help please consult the man pages or the readme file. + + - pspax : is a user-space utility that scans the proc directory and list + ELF types, as well as their respective PaX flags and filenames and + attributes. Depending on build options, it may additionaly display the + process running set of capabilities. + + - scanmacho : is a user-space utility to quickly scan given + Mach-Os, directories, or common system paths for different information. This + may include Mach-O types, their install_names, etc. + + - dumpelf : is a user-space utility to dump all of the internal + ELF structures into the equivalent C structures for fun debugging and/or + reference purposes. + + + usage : simply invoke the script name in the terminal. + + + == buck-security == + + Buck-Security is a security scanner for Debian and Ubuntu Linux. It runs a couple of important checks and helps you to harden your Linux + system. This enables you to quickly overview the security status of your Linux system. + + usage : switch to directory /usr/local/buck-security. + before running the script, you should check the activated checks in conf/buck-security.conf file. + after altering the changes, save the file and simply run : + + ./buck-security + + you can choose between different outputs : 1, 2(default) or 3. + + More detailed usage can be found typing ./buck-security --help + + + == libseccomp == + + The libseccomp library provides and easy to use, platform independent, interface to the Linux Kernel's syscall filtering mechanism: seccomp. + The libseccomp API is designed to abstract away the underlying BPF based syscall filter language and present a more conventional + function-call based filtering interface that should be familiar to, and easily adopted by application developers. + + usage : More detailed usage can be found in the man pages and README file of the package. + + + + == checksecurity == + + checksecurity is a simple package which will scan your system for several simple security holes. + It uses a simple collection of plugins, all of which are shell scripts which are configured by environmental variables. + + !! IMPORTANT !! + + When including this package in the image, please consider adding the following line to the end of the conf/local.conf file: + + CORE_IMAGE_EXTRA_INSTALL = "coreutils" + + usage : To start checksecurity simply write in the terminal : + + checksecurity + + More detailed usage can be found in the man pages and README file of the package. + + + == nikto == + + Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, + including over 6500 potentially dangerous files/CGIs, checks for outdated versions of over 1250 servers, and version specific + problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, + HTTP server options, and will attempt to identify installed web servers and software. + + usage : To start nikto simply write in the terminal : + + nikto + + More detailed usage can be found in the man pages and README file of the package. + + + == nmap == + + Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. + Many systems and network administrators also find it useful for tasks such as network inventory, + managing service upgrade schedules, and monitoring host or service uptime. + + usage : To start nikto simply write in the terminal : + + nmap + + More detailed usage can be found in the man pages and README file of the package. + + + + License -------- +======= All metadata is MIT licensed unless otherwise stated. Source code included in tree for individual recipes is under the LICENSE stated in each recipe diff --git a/recipes-security/Mail-SpamAssasin/Mail-SpamAssassin_3.3.2.bb b/recipes-security/Mail-SpamAssasin/Mail-SpamAssassin_3.3.2.bb deleted file mode 100644 index af5907f..0000000 --- a/recipes-security/Mail-SpamAssasin/Mail-SpamAssassin_3.3.2.bb +++ /dev/null @@ -1,19 +0,0 @@ -SUMMARY = "e-mail filter" -DESCRIPTION = "SpamAssassin is a mail filter which attempts to identify spam using a variety of mechanisms including text analysis, Bayesian filtering, DNS blocklists, and collaborative filtering databases." -SECTION = "security" -LICENSE = "GPL-2.0" -LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10" -DEPENDS = "perl" - -SRC_URI = "http://apache.mirrors.hoobly.com/spamassassin/source/${PN}-${PV}.tar.gz" - -SRC_URI[md5sum] = "d1d62cc5c6eac57e88c4006d9633b81e" -SRC_URI[sha256sum] = "5323038939a0ef9fc97d5264defce3ae1d95e98b3a94c4c3b583341c927f32df" - -EXTRA_CPANFLAGS = "EXPATLIBPATH=${STAGING_LIBDIR} EXPATINCPATH=${STAGING_INCDIR}" -inherit cpan - -do_compile(){ - export LIBC="$(find ${STAGING_DIR_TARGET}/${base_libdir}/ -name 'libc-*.so')" - cpan_do_compile -} diff --git a/recipes-security/bastille/bastille_3.2.1.bb b/recipes-security/bastille/bastille_3.2.1.bb index ef754c2..36c30e5 100644 --- a/recipes-security/bastille/bastille_3.2.1.bb +++ b/recipes-security/bastille/bastille_3.2.1.bb @@ -4,6 +4,7 @@ LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://${S}/COPYING;md5=c93c0550bd3173f4504b2cbd8991e50b" # Bash is needed for set +o privileged (check busybox), might also need ncurses RDEPENDS_${PN} = "perl bash tcl perl-module-getopt-long perl-module-text-wrap lib-perl perl-module-file-path perl-module-mime-base64 perl-module-file-find perl-module-errno perl-module-file-glob perl-module-tie-hash-namedcapture perl-module-file-copy perl-module-english perl-module-exporter perl-module-cwd curses-perl coreutils" +FILES_${PN} += "/run/lock/subsys/bastille" inherit allarch diff --git a/recipes-security/nikto/files/location.patch b/recipes-security/nikto/files/location.patch new file mode 100644 index 0000000..a95b062 --- /dev/null +++ b/recipes-security/nikto/files/location.patch @@ -0,0 +1,36 @@ +From e10b9b1f6704057ace39956ae1dc5c7caca07ff1 Mon Sep 17 00:00:00 2001 +From: Andrei Dinu <andrei.adrianx.dinu@intel.com> +Date: Mon, 8 Jul 2013 11:53:54 +0300 +Subject: [PATCH] Setting the location of nikto on the image + +Upstream Status: Inapropriate + +Signed-off-by: Andrei Dinu <andrei.adrianx.dinu@intel.com> +--- + nikto.conf | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/nikto.conf b/nikto.conf +index 25b784d..9577033 100644 +--- a/nikto.conf ++++ b/nikto.conf +@@ -61,11 +61,11 @@ CIRT=174.142.17.165 + CHECKMETHODS=HEAD GET + + # If you want to specify the location of any of the files, specify them here +-# EXECDIR=/opt/nikto # Location of Nikto +-# PLUGINDIR=/opt/nikto/plugins # Location of plugin dir +-# DBDIR=/opt/nikto/databases # Location of plugin dir +-# TEMPLATEDIR=/opt/nikto/templates # Location of tempmlate dir +-# DOCDIR=/opt/nikto/docs # Location of docs dir ++EXECDIR=/usr/bin/nikto # Location of Nikto ++PLUGINDIR=/etc/nikto/plugins # Location of plugin dir ++DBDIR=/etc/nikto/databases # Location of plugin dir ++TEMPLATEDIR=/etc/nikto/templates # Location of tempmlate dir ++DOCDIR=/usr/share/doc/nikto # Location of docs dir + + # Default plugin macros + @@MUTATE=dictionary;subdomain +-- +1.7.9.5 + diff --git a/recipes-security/nikto/nikto_2.1.5.bb b/recipes-security/nikto/nikto_2.1.5.bb new file mode 100644 index 0000000..3ca31ca --- /dev/null +++ b/recipes-security/nikto/nikto_2.1.5.bb @@ -0,0 +1,101 @@ +SUMMARY = "web server scanner" +DESCRIPTION = "Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potentially dangerous \ + files/CGIs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers." +SECTION = "security" +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6" +RDEPENDS_${PN} = "perl libnet-ssleay-perl perl-module-getopt-long perl-module-time-local perl-module-io-socket nikto-doc" + +SRC_URI = "http://cirt.net/nikto/${PN}-${PV}.tar.gz \ + file://location.patch" + +SRC_URI[md5sum] = "efcc98a918becb77471ee9a5df0a7b1e" +SRC_URI[sha256sum] = "0e672a6a46bf2abde419a0e8ea846696d7f32e99ad18a6b405736ee6af07509f" + +do_install() { + install -d ${D}${bindir} + install -d ${D}${datadir} + install -d ${D}${datadir}/man/man1 + install -d ${D}${datadir}/doc/nikto + install -d ${D}${sysconfdir}/nikto + install -d ${D}${sysconfdir}/nikto/databases + install -d ${D}${sysconfdir}/nikto/plugins + install -d ${D}${sysconfdir}/nikto/templates + + install -m 0644 databases/db_404_strings ${D}${sysconfdir}/nikto/databases + install -m 0644 databases/db_content_search ${D}${sysconfdir}/nikto/databases + install -m 0644 databases/db_dictionary ${D}${sysconfdir}/nikto/databases + install -m 0644 databases/db_embedded ${D}${sysconfdir}/nikto/databases + install -m 0644 databases/db_favicon ${D}${sysconfdir}/nikto/databases + install -m 0644 databases/db_headers ${D}${sysconfdir}/nikto/databases + install -m 0644 databases/db_httpoptions ${D}${sysconfdir}/nikto/databases + install -m 0644 databases/db_multiple_index ${D}${sysconfdir}/nikto/databases + install -m 0644 databases/db_outdated ${D}${sysconfdir}/nikto/databases + install -m 0644 databases/db_parked_strings ${D}${sysconfdir}/nikto/databases + install -m 0644 databases/db_realms ${D}${sysconfdir}/nikto/databases + install -m 0644 databases/db_server_msgs ${D}${sysconfdir}/nikto/databases + install -m 0644 databases/db_subdomains ${D}${sysconfdir}/nikto/databases + install -m 0644 databases/db_tests ${D}${sysconfdir}/nikto/databases + install -m 0644 databases/db_variables ${D}${sysconfdir}/nikto/databases + + install -m 0644 plugins/JSON-PP.pm ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/LW2.pm ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_apache_expect_xss.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_apacheusers.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_auth.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_cgi.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_clientaccesspolicy.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_content_search.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_cookies.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_core.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_dictionary_attack.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_embedded.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_favicon.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_fileops.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_headers.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_httpoptions.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_msgs.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_multiple_index.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_outdated.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_parked.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_paths.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_put_del_test.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_report_csv.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_report_html.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_report_msf.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_report_nbe.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_report_text.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_report_xml.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_robots.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_siebel.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_ssl.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_subdomain.plugin ${D}${sysconfdir}/nikto/plugins + install -m 0644 plugins/nikto_tests.plugin ${D}${sysconfdir}/nikto/plugins + + install -m 0644 templates/htm_close.tmpl ${D}${sysconfdir}/nikto/templates + install -m 0644 templates/htm_end.tmpl ${D}${sysconfdir}/nikto/templates + install -m 0644 templates/htm_host_head.tmpl ${D}${sysconfdir}/nikto/templates + install -m 0644 templates/htm_host_im.tmpl ${D}${sysconfdir}/nikto/templates + install -m 0644 templates/htm_host_item.tmpl ${D}${sysconfdir}/nikto/templates + install -m 0644 templates/htm_start.tmpl ${D}${sysconfdir}/nikto/templates + install -m 0644 templates/htm_stop.tmpl ${D}${sysconfdir}/nikto/templates + install -m 0644 templates/htm_start.tmpl ${D}${sysconfdir}/nikto/templates + install -m 0644 templates/htm_summary.tmpl ${D}${sysconfdir}/nikto/templates + install -m 0644 templates/xml_end.tmpl ${D}${sysconfdir}/nikto/templates + install -m 0644 templates/xml_host_head.tmpl ${D}${sysconfdir}/nikto/templates + install -m 0644 templates/xml_host_im.tmpl ${D}${sysconfdir}/nikto/templates + install -m 0644 templates/xml_host_item.tmpl ${D}${sysconfdir}/nikto/templates + install -m 0644 templates/xml_start.tmpl ${D}${sysconfdir}/nikto/templates + install -m 0644 templates/xml_summary.tmpl ${D}${sysconfdir}/nikto/templates + + install -m 0644 nikto.conf ${D}${sysconfdir} + + install -m 0755 nikto.pl ${D}${bindir}/nikto + install -m 0644 replay.pl ${D}${bindir} + install -m 0644 docs/nikto.1 ${D}${datadir}/man/man1 + + install -m 0644 docs/CHANGES.txt ${D}${datadir}/doc/nikto + install -m 0644 docs/LICENSE.txt ${D}${datadir}/doc/nikto + install -m 0644 docs/nikto.dtd ${D}${datadir}/doc/nikto + install -m 0644 docs/nikto_manual.html ${D}${datadir}/doc/nikto +} diff --git a/recipes-security/nmap/nmap_6.25.bb b/recipes-security/nmap/nmap_6.25.bb index ff0caa7..cb5f7d3 100644 --- a/recipes-security/nmap/nmap_6.25.bb +++ b/recipes-security/nmap/nmap_6.25.bb @@ -3,6 +3,7 @@ DESCRIPTION = "Nmap ("Network Mapper") is a free and open source (license) utili SECTION = "security" LICENSE = "GPL-2.0" LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6" +FILES_${PN} += "${target_datadir}/ncat" SRC_URI = "http://nmap.org/dist/${PN}-${PV}.tar.bz2 \ file://lua.patch" @@ -12,6 +13,8 @@ SRC_URI[sha256sum] = "3349cc6d36b86b95ca2b8075d16615a3a598cef494920d6652f9a8bf9f inherit autotools +DEPENDS = "libpcap" + EXTRA_OECONF = "--without-liblua --without-zenmap" do_configure() { diff --git a/recipes-security/openvas-cli/openvas-cli_1.2.0.bb b/recipes-security/openvas-cli/openvas-cli_1.2.0.bb deleted file mode 100644 index d755578..0000000 --- a/recipes-security/openvas-cli/openvas-cli_1.2.0.bb +++ /dev/null @@ -1,13 +0,0 @@ -DESCRIPTION = "The module OpenVAS-CLI collects command line tools to handle with the OpenVAS services via the respective protocols." -SECTION = "security" -LICENSE = "GPL-2.0" -LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6" - -DEPENDS = "gnutls openvas-libraries glib-2.0" - -SRC_URI = "http://wald.intevation.org/frs/download.php/1323/${PN}-${PV}.tar.gz" - -SRC_URI[md5sum] = "e712eb71f3a13cc1b70b50f696465f8e" -SRC_URI[sha256sum] = "d195ca01a44940d1e6fd2ad54ee4fc9b57a3d103235f0a1f05a8b35d97db6be8" - -inherit cmake pkgconfig diff --git a/recipes-security/openvas-libraries/files/g_type_init.patch b/recipes-security/openvas-libraries/files/g_type_init.patch deleted file mode 100644 index db55057..0000000 --- a/recipes-security/openvas-libraries/files/g_type_init.patch +++ /dev/null @@ -1,36 +0,0 @@ -From f498503889b8178f165afa66dc33aa8ad8901371 Mon Sep 17 00:00:00 2001 -From: Andrei Dinu <andrei.adrianx.dinu@intel.com> -Date: Fri, 28 Jun 2013 09:38:08 +0300 -Subject: [PATCH] removed the g_type_init() - -The function is depricated in glib >= 2.35.0 and is -automatically called. - -Signed-off-by: Andrei Dinu <andrei.adrianx.dinu@intel.com> ---- - base/openvas_file.c | 2 -- - 1 file changed, 2 deletions(-) - -diff --git a/base/openvas_file.c b/base/openvas_file.c -index 8597198..d110c7f 100644 ---- a/base/openvas_file.c -+++ b/base/openvas_file.c -@@ -164,7 +164,6 @@ openvas_file_copy (const gchar *source_file, const gchar *dest_file) - GFile *sfile, *dfile; - GError *error; - -- g_type_init (); - sfile = g_file_new_for_path (source_file); - dfile = g_file_new_for_path (dest_file); - error = NULL; -@@ -200,7 +199,6 @@ openvas_file_move (const gchar *source_file, const gchar *dest_file) - GFile *sfile, *dfile; - GError *error; - -- g_type_init (); - sfile = g_file_new_for_path (source_file); - dfile = g_file_new_for_path (dest_file); - error = NULL; --- -1.7.9.5 - diff --git a/recipes-security/openvas-libraries/openvas-libraries_6.0.0.bb b/recipes-security/openvas-libraries/openvas-libraries_6.0.0.bb deleted file mode 100644 index caf96f1..0000000 --- a/recipes-security/openvas-libraries/openvas-libraries_6.0.0.bb +++ /dev/null @@ -1,14 +0,0 @@ -DESCRIPTION = "This is the libraries module for the Open Vulnerability Assessment System (OpenVAS)." -SECTION = "security" -LICENSE = "GPL-2.0" -LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6" - -DEPENDS = "bison flex gpgme glib-2.0" - -SRC_URI = "http://wald.intevation.org/frs/download.php/1303/${PN}-${PV}.tar.gz \ - file://g_type_init.patch" - -SRC_URI[md5sum] = "0e8b73ee4ad5b36984b5d7be5d6bdfc0" -SRC_URI[sha256sum] = "50d23afd46f7b49c4cb82a6500b0fe1fb53378af5efce95fd275ea33c879e1dd" - -inherit cmake pkgconfig diff --git a/recipes-security/perl/files/libwhisker2.patch b/recipes-security/perl/files/libwhisker2.patch new file mode 100644 index 0000000..c066366 --- /dev/null +++ b/recipes-security/perl/files/libwhisker2.patch @@ -0,0 +1,73 @@ +From 34698c7f561fb575293a1c991a71e1b4ddc5ae73 Mon Sep 17 00:00:00 2001 +From: Andrei Dinu <andrei.adrianx.dinu@intel.com> +Date: Fri, 5 Jul 2013 11:56:58 +0300 +Subject: [PATCH] Mandir and perl install dir were overwritten with faulty + information in the Makefile. Now the Mandir and perl + install dir are sent via paramters from the recipe. + +Signed-off-by: Andrei Dinu <andrei.adrianx.dinu@intel.com> +--- + Makefile.pl | 12 +++++++----- + 1 file changed, 7 insertions(+), 5 deletions(-) + +diff --git a/Makefile.pl b/Makefile.pl +index 9ca5602..8776e18 100644 +--- a/Makefile.pl ++++ b/Makefile.pl +@@ -131,6 +131,8 @@ foreach (keys %MODULES){ + + # adjust DESTDIR, if needed + $DESTDIR = $ENV{DESTDIR} if(defined $ENV{DESTDIR}); ++$MANDIR = $ENV{MANDIR} if(defined $ENV{MANDIR}); ++$INSTALLDIR = $ENV{INSTALLDIR} if(defined $ENV{INSTALLDIR}); + + # parse command line build options + while($COMMAND = shift @ARGV){ +@@ -171,7 +173,7 @@ sub command_install_pod { + command_build() if(!-e $TARGET); + die("Can not install without Config.pm") if($MODULES{Config}==0); + $CWD=&cwd if($MODULES{Cwd}>0); +- my $where=$DESTDIR . $Config{'man3direxp'}; ++ my $where=$DESTDIR . $MANDIR; + my $t = $TARGET; + if($LIBRARY){ + $t="$PACKAGE.3pm"; +@@ -219,7 +221,7 @@ sub command_install_pod { + sub command_uninstall_pod { + die("Can not uninstall without Config.pm") if($MODULES{Config}==0); + $CWD=&cwd if($MODULES{Cwd}>0); +- my $where=$DESTDIR . $Config{'man3direxp'}; ++ my $where=$DESTDIR . $MANDIR; + my $t = $TARGET; + if($LIBRARY){ + $t="$PACKAGE.3pm"; +@@ -243,7 +245,7 @@ sub command_install_library { + command_build() if(!-e $TARGET); + die("Can not install without Config.pm") if($MODULES{Config}==0); + $CWD=&cwd if($MODULES{Cwd}>0); +- my $where=$DESTDIR . $Config{'installsitelib'}; ++ my $where=$DESTDIR . $INSTALLDIR; + if(!-e $where){ + print STDOUT "WARNING!\n\n", + "The local perl site directory does not exist:\n", +@@ -271,7 +273,7 @@ sub command_install_library { + sub command_uninstall_library { + die("Can not uninstall without Config.pm") if($MODULES{Config}==0); + $CWD=&cwd if($MODULES{Cwd}>0); +- my $where=$DESTDIR . $Config{'installsitelib'}; ++ my $where=$DESTDIR . $INSTALLDIR; + chdir($where); + if(-e $TARGET){ + unlink $TARGET; +@@ -401,7 +403,7 @@ sub command_socket_diag { + sub command_install_compat { + die("Can not install without Config.pm") if($MODULES{Config}==0); + $CWD=&cwd if($MODULES{Cwd}>0); +- my $where=$DESTDIR . $Config{'installsitelib'}; ++ my $where=$DESTDIR . $INSTALLDIR; + if(!-e $where){ + print STDOUT "WARNING!\n\n", + "The local perl site directory does not exist:\n", +-- +1.7.9.5 + diff --git a/recipes-security/perl/libhtml-parser-perl_3.71.bb b/recipes-security/perl/libhtml-parser-perl_3.71.bb new file mode 100644 index 0000000..be0f4b2 --- /dev/null +++ b/recipes-security/perl/libhtml-parser-perl_3.71.bb @@ -0,0 +1,25 @@ +DESCRIPTION = "This package contains the Parser.pm module with friends." + +SECTION = "libs" +LICENSE = "Artistic-1.0 | GPL-1.0+" + +LIC_FILES_CHKSUM = "file://README;md5=6c3dacf9f405c7483870ab5f148770c3" + +DEPENDS += "perl" + +SRC_URI = "http://search.cpan.org/CPAN/authors/id/G/GA/GAAS/HTML-Parser-${PV}.tar.gz" + +SRC_URI[md5sum] = "9128a45893097dfa3bf03301b19c5efe" +SRC_URI[sha256sum] = "be918b3749d3ff93627f72ee4b825683332ecb4c81c67a3a8d72b0435ffbd802" + +S = "${WORKDIR}/HTML-Parser-${PV}" + +EXTRA_CPANFLAGS = "EXPATLIBPATH=${STAGING_LIBDIR} EXPATINCPATH=${STAGING_INCDIR}" + +inherit cpan + +do_compile() { + export LIBC="$(find ${STAGING_DIR_TARGET}/${base_libdir}/ -name 'libc-*.so')" + cpan_do_compile +} +BBCLASSEXTEND = "native" diff --git a/recipes-security/perl/libnet-dns-perl_0.72.bb b/recipes-security/perl/libnet-dns-perl_0.72.bb new file mode 100644 index 0000000..5c218b8 --- /dev/null +++ b/recipes-security/perl/libnet-dns-perl_0.72.bb @@ -0,0 +1,25 @@ +DESCRIPTION = "This package contains the DNS.pm module with friends." + +SECTION = "libs" +LICENSE = "Artistic-1.0 | GPL-1.0+" + +LIC_FILES_CHKSUM = "file://README;md5=f21d77d9c6b56a07470bbce561b169e3" + +DEPENDS += "perl" + +SRC_URI = "http://search.cpan.org/CPAN/authors/id/N/NL/NLNETLABS/Net-DNS-${PV}.tar.gz" + +SRC_URI[md5sum] = "393e48ec6f28abe5ed30204276e02775" +SRC_URI[sha256sum] = "a62cae0be54a9684c305456cb95515a0bd3128d6ef3093b6069fe8e8e8d5943f" + +S = "${WORKDIR}/Net-DNS-${PV}" + +EXTRA_CPANFLAGS = "EXPATLIBPATH=${STAGING_LIBDIR} EXPATINCPATH=${STAGING_INCDIR}" + +inherit cpan + +do_compile() { + export LIBC="$(find ${STAGING_DIR_TARGET}/${base_libdir}/ -name 'libc-*.so')" + cpan_do_compile +} +BBCLASSEXTEND = "native" diff --git a/recipes-security/perl/libnet-ssleay-perl_1.55.bb b/recipes-security/perl/libnet-ssleay-perl_1.55.bb new file mode 100644 index 0000000..1dd59f4 --- /dev/null +++ b/recipes-security/perl/libnet-ssleay-perl_1.55.bb @@ -0,0 +1,24 @@ +DESCRIPTION = "Perl module for using OpenSSL" + +SECTION = "libs" +LICENSE = "Artistic-1.0 | GPL-1.0+" + +LIC_FILES_CHKSUM = "file://README;md5=94ec8036b939a2e3c9b5e7f10af8f4ee" + +DEPENDS += "perl openssl" + +SRC_URI = "http://search.cpan.org/CPAN/authors/id/M/MI/MIKEM/Net-SSLeay-${PV}.tar.gz" + +SRC_URI[md5sum] = "473b8d66ca69d5784bb0e428721f58e0" +SRC_URI[sha256sum] = "8cd5f09722e07b4e436102cb3a4b93623d753c171665ca9752c3b39a62ea3a79" + +S = "${WORKDIR}/Net-SSLeay-${PV}" + +EXTRA_CPANFLAGS = "INC='-I${STAGING_INCDIR}' LIBS='-L${STAGING_LIBDIR} -lssl -lcrypto -lz'" + +inherit cpan + +do_compile() { + export LIBC="$(find ${STAGING_DIR_TARGET}/${base_libdir}/ -name 'libc-*.so')" + cpan_do_compile +} diff --git a/recipes-security/perl/libnetaddr-ip-perl_4.069.bb b/recipes-security/perl/libnetaddr-ip-perl_4.069.bb new file mode 100644 index 0000000..99c11b2 --- /dev/null +++ b/recipes-security/perl/libnetaddr-ip-perl_4.069.bb @@ -0,0 +1,24 @@ +DESCRIPTION = "This package contains the IP.pm module with friends." + +SECTION = "libs" +LICENSE = "Artistic-1.0 | GPL-1.0+" + +LIC_FILES_CHKSUM = "file://Copying;md5=cde580764a0fbc0f02fafde4c65d6227" + +DEPENDS += "perl" + +SRC_URI = "http://search.cpan.org/CPAN/authors/id/M/MI/MIKER/NetAddr-IP-${PV}.tar.gz" + +SRC_URI[md5sum] = "7721135fcea390327f75421a6b701144" +SRC_URI[sha256sum] = "96739afc484eca1597c4f4b520864b342169c8fdeef486778511e5a1527ba4e7" + +S = "${WORKDIR}/NetAddr-IP-${PV}" + +EXTRA_CPANFLAGS = "EXPATLIBPATH=${STAGING_LIBDIR} EXPATINCPATH=${STAGING_INCDIR}" + +inherit cpan + +do_compile() { + cpan_do_compile +} +BBCLASSEXTEND = "native" diff --git a/recipes-security/perl/libwhisker2-perl_2.5.bb b/recipes-security/perl/libwhisker2-perl_2.5.bb new file mode 100644 index 0000000..477f995 --- /dev/null +++ b/recipes-security/perl/libwhisker2-perl_2.5.bb @@ -0,0 +1,24 @@ +DESCRIPTION = "Libwhisker is a Perl module geared specificly for HTTP testing." + +SECTION = "libs" +LICENSE = "Artistic-1.0 | GPL-1.0+" + +LIC_FILES_CHKSUM = "file://LICENSE;md5=254b8e29606fce6d1c1a4c9e32354573" + +DEPENDS = "perl" + +SRC_URI = "http://sourceforge.net/projects/whisker/files/libwhisker/${PV}/libwhisker2-${PV}.tar.gz \ + file://libwhisker2.patch" + +SRC_URI[md5sum] = "7cc1718dddde8f9a439d5622ae2f37eb" +SRC_URI[sha256sum] = "f45a1cf2ad2637b29dd1b13d7221ea12e3923ea09d107ced446400f19070a42f" + +S = "${WORKDIR}/libwhisker2-2.5" + +inherit cpan-base perlnative + +do_install() { + install -d 755 ${D}${PERLLIBDIRS}/vendor_perl/${PERLVERSION} + install -d 755 ${D}${datadir}/perl/${PERLVERSION} + oe_runmake install DESTDIR=${D} INSTALLDIR=${PERLLIBDIRS}/vendor_perl/${PERLVERSION} MANDIR=${datadir}/perl/${PERLVERSION} +} |