File openvas-scanner.spec of Package openvas-scanner

#
# spec file for package openvas-scanner
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#


Name:           openvas-scanner
Version:        3.4.0
Release:        3.1
License:        GPL-2.0
Group:          Productivity/Networking/Security
URL:            http://www.openvas.org
Source0:        %{name}-%{version}.tar.gz
Source1:        openvassd.logrotate
Source2:        debian.openvas-scanner.default
Source3:        openvassd.init.suse
Source4:        openvassd.init.fedora
Source5:        openvassd.init.mandriva
Source6:	openvas-scanner.service
BuildRoot:      %{_tmppath}/%{name}-%{version}-build

%if 0%{?mandriva_version}
BuildRequires:  pinentry-gtk2
%endif

%if 0%{?suse_version}
PreReq:         %insserv_prereq
PreReq:         %fillup_prereq
%if 0%{?suse_version} > 1220
BuildRequires:  systemd
%systemd_requires
%endif
%endif

BuildRequires:  cmake
BuildRequires:  glib2-devel
BuildRequires:  libopenvas-devel >= 5.0.0
BuildRequires:  libgcrypt-devel
BuildRequires:  pkgconfig
Requires:       logrotate
Requires:       openssl
Requires:       rsync
Requires:	openvas-scanner-doc
Summary:        The Scanner Module for OpenVAS

%description
This is the scanner module for the Open Vulnerability Assessment System (OpenVAS).

%package doc
Summary:        Additional Package Documentation
Group:          Documentation/Other
BuildArch:      noarch

%description doc
This package contains optional documentation provided in addition to
this package's base documentation.

%prep
%setup -q

%build
%if 0%{?mandriva_version}
%serverbuild
%endif

export CFLAGS="$RPM_OPT_FLAGS"

cmake -DCMAKE_VERBOSE_MAKEFILE=ON \
        -DCMAKE_INSTALL_PREFIX=%{_prefix} \
        -DSYSCONFDIR=%{_sysconfdir} \
        -DLIBDIR=%{_libdir} \
        -DLOCALSTATEDIR=%{_localstatedir} \
        -DCMAKE_BUILD_TYPE=release
%__make %{?_smp_mflags}

%install
%__make install DESTDIR=%{buildroot}
%__install -Dm 0644 %{_sourcedir}/openvassd.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/openvas-scanner

%if 0%{?suse_version}
%__install -Dm 0755 %{_sourcedir}/openvassd.init.suse %{buildroot}%{_initrddir}/openvas-scanner
%__ln_s %{_initrddir}/openvas-scanner %{buildroot}%{_sbindir}/rcopenvas-scanner
%__install -Dm 0644 %{_sourcedir}/debian.openvas-scanner.default %{buildroot}%{_var}/adm/fillup-templates/sysconfig.openvas-scanner
%if 0%{?suse_version} > 1220
mkdir -p $RPM_BUILD_ROOT/usr/lib/systemd/
mkdir -p $RPM_BUILD_ROOT/usr/lib/systemd/system
install -m 644 $RPM_SOURCE_DIR/openvas-scanner.service $RPM_BUILD_ROOT/usr/lib/systemd/system/openvas-scanner.service
%endif
%__ln_s %{_mandir}/man8/openvas-mkcert.8.gz %{buildroot}%{_mandir}/man8/openvas-mkcert-client.8.gz
%endif

%if 0%{?fedora_version} || 0%{?scientificlinux_version} || 0%{?centos_version}
%__install -Dm 0755 %{_sourcedir}/openvassd.init.fedora %{buildroot}%{_initrddir}/openvas-scanner
%__install -Dm 0644 %{_sourcedir}/debian.openvas-scanner.default %{buildroot}%{_sysconfdir}/sysconfig/openvas-scanner
%endif

%if 0%{?mandriva_version}
%__install -Dm 0755 %{_sourcedir}/openvassd.init.mandriva %{buildroot}%{_initrddir}/openvas-scanner
%__install -Dm 0644 %{_sourcedir}/debian.openvas-scanner.default %{buildroot}%{_sysconfdir}/sysconfig/openvas-scanner
%endif

%__mkdir_p %{buildroot}%{_localstatedir}/cache/openvas
%__mkdir_p %{buildroot}%{_localstatedir}/lib/openvas
%__mkdir_p %{buildroot}%{_localstatedir}/log/openvas
touch %{buildroot}%{_localstatedir}/log/openvas/greenbone-nvt-sync.log
touch %{buildroot}%{_localstatedir}/log/openvas/openvassd.dump
touch %{buildroot}%{_localstatedir}/log/openvas/openvassd.messages

%clean
test "%{buildroot}" != "/" && %__rm -rf %{buildroot}

%pre
%if 0%{?suse_version} > 1220
%service_add_pre openvas-scanner.service
%endif

%post
# Generate cert
if [ ! -f  %{_localstatedir}/lib/openvas/CA/servercert.pem ] ; then
	%{_sbindir}/openvas-mkcert -q > /dev/null 2>&1
fi

%if 0%{?suse_version}
%fillup_and_insserv openvas-scanner
%if 0%{?suse_version} > 1220
%service_add_post openvas-scanner.service
%endif
%endif

%if 0%{?mandriva_version}
%_post_service openvas-scanner
%endif

%if 0%{?fedora_version} || 0%{?scientificlinux_version} || 0%{?centos_version}
# only rpm -i (not rpm {-U|-F})
if [ $1 = 1 ]; then
	/sbin/chkconfig --add openvas-scanner
fi
%endif

%preun
%if 0%{?suse_version}
%stop_on_removal openvas-scanner
%if 0%{?suse_version} > 1220
%service_del_preun openvas-scanner.service 
%endif
%endif

%if 0%{?mandriva_version}
%_preun_service openvas-scanner
%endif

%if 0%{?fedora_version} || 0%{?scientificlinux_version} || 0%{?centos_version}
# only rpm -e (not rpm {-U|-F})
if [ $1 = 0 ]; then
    /sbin/service openvas-scanner stop > /dev/null 2>&1 || :
    /sbin/chkconfig --del openvas-scanner
fi
%endif

%postun
%if 0%{?suse_version}
%restart_on_update openvas-scanner
%insserv_cleanup
%if 0%{?suse_version} > 1220
%service_del_postun openvas-scanner.service
%endif
%endif

%if 0%{?fedora_version} || 0%{?scientificlinux_version} || 0%{?centos_version}
# only rpm {-U|-F} (not rpm -e)
if [ $1 = 1 ]; then
    /sbin/service openvas-scanner condrestart
fi
%endif

%files
%defattr(-,root,root)
%config(noreplace) %{_sysconfdir}/logrotate.d/openvas-scanner
%{_initrddir}/openvas-scanner
%{_sbindir}/greenbone-nvt-sync
%{_sbindir}/openvas-adduser
%{_sbindir}/openvas-mkcert
%{_sbindir}/openvas-mkcert-client
%{_sbindir}/openvas-nvt-sync
%{_sbindir}/openvas-rmuser
%{_sbindir}/openvassd
%ghost %{_localstatedir}/cache/openvas
%dir %{_localstatedir}/lib/openvas
%dir %{_localstatedir}/log/openvas
%ghost %{_localstatedir}/log/openvas/greenbone-nvt-sync.log
%ghost %{_localstatedir}/log/openvas/openvassd.dump
%ghost %{_localstatedir}/log/openvas/openvassd.messages
%{_mandir}/man8/greenbone-nvt-sync.8*
%{_mandir}/man8/openvas-adduser.8*
%{_mandir}/man8/openvas-mkcert.8*
%{_mandir}/man8/openvas-nvt-sync.8*
%{_mandir}/man8/openvas-rmuser.8*
%{_mandir}/man8/openvassd.8*
%{_mandir}/man8/openvas-mkcert-client.8*
%if 0%{?suse_version}
%{_sbindir}/rcopenvas-scanner
%{_var}/adm/fillup-templates/sysconfig.openvas-scanner
%if 0%{?suse_version} > 1220
   /usr/lib/systemd/system/openvas-scanner.service
%endif
%else
%config(noreplace) %{_sysconfdir}/sysconfig/openvas-scanner
%endif

%files doc
%defattr(-,root,root)
%doc CHANGES COPYING ChangeLog README
%changelog
* Wed Aug 28 2013 johann.luce@wanadoo.fr
- Fix OBS Warning
* Tue Aug 27 2013 johann.luce@wanadoo.fr
- Adding systemd natif init script
  Adding doc package
  cleaning spec files
* Thu Apr 18 2013 johann.luce@wanadoo.fr
- Update to 3.4.0
  +2013-04-11  Michael Wiegand <michael.wiegand@greenbone.net>
  * INSTALL: Note increased GnuTLS dependency.
  2013-04-05  Matthew Mundell <matthew.mundell@greenbone.net>
  * src/log.c (log_init): Print fail messages about log file to stderr, so
  that tools wanting to parse "openvassd -s" output can separate out the
  the actual settings.
  2013-04-05  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  Remove scanner preference "silent_dependencies".
  This setting advised the scanner to hold back results of those NVTs
  that were not explicitely selected but were only executed because they
  appeared as dependencies of selected ones.
  It is removed because it is actually task of the user or the
  controlling unit of the scanner (OpenVAS Manager) to filter whatever
  is of interest.
  The actual scan result should better remain complete inside the
  result databse. Dropping for example detection details makes a
  report less clear.
  Another aspect is, that use of this preference is too error-prone
  because users too easily combine a selection of NVT with this
  preference and accidently switch of results they actually would
  have expected (leading to False Negatives).
  So, for comprehensibility and consistency a scan result should
  always be complete. It is not the task of a scanner to drop any
  information.
  This patch may require some adjustments or improved ways of handling
  results in the Scanner clients. This change will change default
  behaviour of scan configurations that were setting
  silent_dependencies to yes.
  * src/pluginscheduler.c (enable_plugin_and_dependencies): Removed
  parameter "silent" and its handling.
  (plugins_scheduler_init): Call enable_plugin_and_dependencies without
  "silent" parameter. Also remove parameter "silent_dependencies".
  * src/pluginscheduler.h: Adjust proto accordingly.
  * src/attack.c (attack_network): Adjust call of plugins_scheduler_init
  accordingly.
  * src/preferences.c (openvassd_defaults): Removed "silent_dependencies".
  (preferences_silent_dependencies): Removed.
  (preferences_reset_cache): Removed handling of silent_dependencies.
  * src/preferences.h: Removed proto accordingly.
  * src/pluginlaunch.c (process_internal_msg): Don't consider LAUNCH_SILENT anymore.
  * src/pluginscheduler.h: Remove LAUNCH_SILENT.
  2013-03-28  Hani Benhabiles  <hani.benhabiles@greenbone.net>
  * src/attack.c (attack_host): Adjust setproctitle call argument to start
  with "openvassd:".
  * src/openvassd.c (scanner_thread, main_loop): Adjust setproctitle call
  argument to start with "openvassd:".
  * src/nasl_plugins.c (nasl_thread): Adjust setproctitle call argument to
  start with "openvassd:".
  * src/oval_plugins.c (oval_thread): Adjust setproctitle call argument to
  start with "openvassd:".
  2013-03-24  Hani Benhabiles  <hani.benhabiles@greenbone.net>
  * src/utils.c (version_check, is_symlink, check_symlink)
  (is_socket_connected, set_linger): Remove unused functions.
  * src/utils.h: Remove unused headers and declarations accordingly.
  2013-03-21  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  Removing the shell scripts to add and to remove a user.
  This is the first part of moving the user management into
  OpenVAS Manager module. The Scanner should eventually only
  be accessed with certificates. For the time being,
  OpenVAS Administrator can manager traditional user accounts
  for the Scanner.
  * tools/openvas-adduser.in, tools/openvas-rmuser.in: Removed.
  * doc/openvas-adduser.8, doc/openvas-rmuser.8: Removed.
  * COPYING: Removed entries accordingly.
  * CMakeLists.txt: Removed handling of the two scritps.
  * doc/openvassd.8.in: Removed references to the documentation
  for the two scripts.
  * tools/openvas-mkcert-client.in: Removed reference to
  openvas-adduser documentation.
  2013-03-20  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  * po/openvas-scripts-de.po, po/Makefile, po/README, po/: Removed.
  The i18n support for scripts has not proven and the scripts
  will undergo a major change anyway.
  2013-03-20  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  * INSTALL: Removed notes on OpenVAS-Client which is not
  compatible anymore with the OTP changes.
  2013-03-15  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  * CMakeLists.txt: Increased dependency to gnutls from 2.2 to 2.8.
  2013-03-14  Hani Benhabiles  <hani.benhabiles@greenbone.net>
  * src/comm.c (is_valid_feed_version): New function.
  (nvt_feed_version): Test fgets() return value correctly.
  (comm_send_nvt_info): Validate feed version before sending it.
  2013-03-14  Hani Benhabiles  <hani.benhabiles@greenbone.net>
  * src/comm.c (nvt_feed_version): New function.
  (comm_send_nvt_info): Send nvt feed version instead of DUMMY value.
  2013-03-06  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  Reverting parts of the previous patch because under certain
  conditions (network_scan_status == busy) the kb_saving
  is still needed.
  * src/save_kb.c: Removed unneeded include.
  (save_kb): Re-added a simplified version.
  * src/save_kb.h: Re-added proto accordingly.
  * src/piic.c (kb_parse): Re-added handling for case "save_kb".
  * src/attack.c (attack_network, launch_plugin, init_host_kb):
  Re-adding, partly simplified, handling for case "save_kb", in
  other words for network scan situations.
  2013-03-05  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  Third part of removing kb-saving feature. This completes
  the removal of the user-driven kb saving.
  * src/preferences.c (openvassd_defaults): Removed "kb_max_age".
  * src/save_kb.c (save_kb_max_age): Removed.
  (save_kb_load_kb): Apply the default 864000 for max_age
  directly (the old default, 10 days).
  * src/save_kb.h: Removed proto accordingly.
  2013-03-05  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  Second part of removing kb-saving feature.
  This removes the scanner configs for advising to save kb.
  Thus no kb files are stored anymore under users/$user/kbs/
  during a non-network scan. Network scans will still save
  KBs.
  * src/preferences.c (openvassd_defaults): Removed
  "save_knowledge_base", "kb_restore",
  "only_test_hosts_whose_kb_we_dont_have" and
  "only_test_hosts_whose_kb_we_have".
  * src/save_kb.c (save_kb, save_kb_pref_untested_hosts_only,
  save_kb_pref_tested_hosts_only, save_kb_pref_restore): Removed.
  * src/save_kb.h: Removed protos accordingly.
  * src/attack.c (attack_network, launch_plugin, init_host_kb):
  Removed handling for case "save_kb".
  * src/piic.c (kb_parse): Removed handling for case "save_kb".
  2013-03-05  Hani Benhabiles  <hani.benhabiles@greenbone.net>
  * src/comm.c (plugin_is_newstyle): Remove function. Now part of
  plugutils.c in libraries.
  2013-04-05  Matthew Mundell <matthew.mundell@greenbone.net>
  * src/nasl_plugins.c (plugin_is_newstyle): Check tag in case it is NULL.
  Also move &&'s to front of line for consistency.
  2013-03-04  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  First part of removing kb-saving feature.
  This removes the scanner configs for selecting which NVT categories
  should be replayed. Now all will be replayed regardless of the
  category. However, this is temporary.
  * src/preferences.c (openvassd_defaults): Removed
  "kb_dont_replay_scanners", "kb_dont_replay_denials",
  "kb_dont_replay_info_gathering", "kb_dont_replay_attacks".
  * src/save_kb.c (save_kb_replay_check): Removed.
  * src/save_kb.h: Removed proto accordingly.
  * src/attack.c (launch_plugin): In case of using save_kb,
  any NVT will be replayed now.
  2013-03-03  Hani Benhabiles  <hani.benhabiles@greenbone.net>
  * src/comm.c (send_plug_info): Send NOSUMMARY instead of whole summary
  when script tag summary is present.
  (plug_is_newstyle): Rename to plugin_is_newstyle.
  2013-03-02  Hani Benhabiles  <hani.benhabiles@greenbone.net>
  * src/comm.c (plug_is_newstyle): New function to check if plugin has all
  newly added tags (summary, affected, insight, detection, impact,
  solution).
  (send_plug_info): Send NODESC instead of whole description when plugin
  has all new style tags.
  2013-03-01  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  * src/openvassd.c (main): Don't initialize services
  (openvas_init_svc) anymore. It is not needed anymore because removed
  from openvas-libraries (see there for rationale).
  2013-03-01  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  The port_range "default" is not allowed anymore. It is now
  mandatory that the client sends an explicit one.
  Ratonale: "default" is an intransparent behaviour from user
  perspective.
  * src/preferences.c (openvassd_option openvassd_defaults): Removed
  port_range from the default settings.
  * src/attack.c (attack_network): Check port_range directly as found in
  preferences. Don't assume "1-15000" in absense of port_range and don't
  consider port_range == "-1" as something valid.
  2013-03-01  Timo Pollmeier <timo.pollmeier@greenbone.net>
  * tools/greenbone-nvt-sync (RSYNC_DELETE): Remove quotes causing
  exclude of private directory to be ignored.
  2013-02-28  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  * src/comm.c (comm_send_nvti_info): Renamed OTP command
  "PLUGINS_MD5" to "NVT_INFO" which is more apropriate as
  no MD5 is handled at all anymore. The parameter is kept
  as static text "DUMMY".
  2013-02-28  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  * src/comm.c (comm_send_md5_plugins): Renamed to comm_send_nvt_info.
  * src/comm.h: Updated proto accordingly.
  * src/openvassd.c (scanner_thread): Renamed call accordingly.
  2013-02-28  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  Remove handling of MD5 for NVTs from OTP. Those checksums have
  no meaning to the client because the client can not verify
  them as it has no access to the actual NVT files.
  So, the MD5 could serve as version/change indicator at best, but
  that is already redundant with the revisioning in the tags.
  The MD5 checksums could be used to determine which plugins
  are changed since last contact (provided the client stores them)
  in order to use PLUGIN_INFO for getting the changed ones
  instead of downloading all. In practice it has shown that
  it is simpler to just download all always.
  This removes the command SEND_PLUGINS_MD5 from OTP.
  * src/comm.c (comm_send_md5_plugins): Remove md5 computations
  and rather just send "DUMMY" as md5 value for command PLUGINS_MD5
  for the time being. Removed answering on SEND_PLUGINS_MD5.
  * src/plugs_hash.c, src/plugs_hash.h: Removed.
  * COPYING: Removed module plugs_hash.
  * src/CMakeLists.txt: Removed handling of plugs_hash.
  * src/nasl_plugins.c: Removed include of plugs_hash.h,
  2013-02-27  Timo Pollmeier <timo.pollmeier@greenbone.net>
  * tools/greenbone-nvt-sync: Update version number.
  2013-02-27  Timo Pollmeier <timo.pollmeier@greenbone.net>
  * tools/greenbone-nvt-sync: Add PRIVATE_SUBDIR and private directory
  functionality to RSYNC_DELETE.
  2013-02-27  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  Post branch version bump.
  * CMakeLists.txt: Set to version to 4.0.0 and beta status.
  2013-02-22  Michael Wiegand <michael.wiegand@greenbone.net>
  * src/openvassd.c (main): Update year in copyright notice.
  2013-02-20  Michael Wiegand <michael.wiegand@greenbone.net>
  Post release version bump.
  * CMakeLists.txt: Set version to 3.4+beta3.
  2013-02-20  Michael Wiegand <michael.wiegand@greenbone.net>
  Move "-Werror" flag to the "Debug" build type.
  * CMakeLists.txt: Move "-Werror" from CMAKE_C_FLAGS to
  CMAKE_C_FLAGS_DEBUG to keep it out of the "Release" build type.
  2013-02-20  Michael Wiegand <michael.wiegand@greenbone.net>
  * CHANGES: Updated.
  2013-02-18  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  Preparing the openvas-scanner 3.4+beta2 release.
  * CHANGES: Updated.
  2013-02-11  Hani Benhabiles  <hani.benhabiles@greenbone.net>
  * src/comm.c (send_plug_info): Refactor code to remove fixed size of
  string regrouping nvt elements and calculate size dynamically.
  Rename variables to be more readable.
  2013-02-11  Hani Benhabiles  <hani.benhabiles@greenbone.net>
  * src/comm.c (send_plug_info): Escape new lines in script tags when
  sending plugin information.
  2013-02-07  Timo Pollmeier <timo.pollmeier@greenbone.net>
  * tools/openvas-nvt-sync.in: Will now delete scripts not part of the
  feed like greenbone-nvt-sync when using rsync, except for a private
  directory. These scripts should be migrated by calling the sync script
  with option --migrate-to-private.
  (): Add new command line option --migrate-to-private.
  (IFS0, NEWLINE, PRIVATE_SUBDIR, OPENVAS_KEY_ID, RSYNC_DELETE, CMD_GPG):
  New variables.
  (do_help): Add new option and variable PRIVATE_SUBDIR.
  Change indentation.
  (chk_system_tools): Add warning if GPG is not found.
  (do_rsync): Add RSYNC_DELETE to delete files not part of the feed and
  prompt for migration if no private directory is found.
  (do_migrate_to_private): New function to migrate files without
  an OpenVAS signature to a private subdirectory.
  (check_signature): New helper function to check if a file has an
  OpenVAS signature.
  (move_file): New helper function to move files.
  2013-02-06  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  * tools/greenbone-nvt-sync: Extended license from GPLv2 to
  GPLv2+. Removed special exception for .nes binaries. These will
  from now on be deleted.
  2013-01-25  Matthew Mundell <matthew.mundell@greenbone.net>
  * src/nasl_plugins.c (nasl_plugin_add): Revert second plugin_args if
  block that I wrongly merged with the first one, and that Jan
  subsequently removed.  plugin_args is assigned within the first if
  block, so it is valid to recheck it for the second block.
  2013-01-24  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  * src/nasl_plugins.c (nasl_plugin_add): Removed (leftover?)
  error message and too early exit. The error message and exit
  was executed always when a new NVT (not in cache) is parsed.
  2013-01-24  Werner Koch  <wk@gnupg.org>
  Improve bug tracking by directing diagnostics to the log file.
  * src/openvassd.c: Include openvas_logging.h.
  (init_openvassd): Add arg DONT_FORK and call
  setup_legacy_log_handler.
  (main): Pass DONT_FORK to init_openvassd.
  * src/log.c (log_write): Factor most code out to ..
  (log_vwrite): new function.
  * src/log.h: Add prototype for log_vwrite.
  * src/pluginload.c (plugins_reload_from_dir): fflush stdout to not
  mess up output to stderr.
  2013-01-22  Matthew Mundell <matthew.mundell@greenbone.net>
  * src/nasl_plugins.c (nasl_plugin_add): Remove NULL initialisation of
  nvti which is actually initialised lower down, as this gives the wrong
  impression of how the variable will be used.  Remove free of nvti before
  plugins_args block.  Enable free of nvti after plugin_args block and
  remove note about crash -- free'ing twice leads to crashes.  Free nvti
  in plugin_arg block now that the free before plugin_arg block is gone.
  Free nvti in plugin_arg block before reassigning to it, otherwise the
  memory will leak.  Remove free that follows this reassignment because
  the nvti is freed after the plugin block.  Merge duplicate plugin_args
  block into first one, because having two is just confusing.
  2013-01-11  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  * src/ntp_11.c: Resolved some overlong lines.
  2013-01-11  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  * src/attack.c (launch_plugin): Retrieve src of nvti directly.
  * src/plugs_hash.c (plugins_send_md5): Retrieve src of nvti directly.
  2013-01-11  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  * src/attack.c (launch_plugin): Fix wrong reference. name was
  truncated in rare cases.
  2013-01-07  Michael Wiegand <michael.wiegand@greenbone.net>
  * tools/greenbone-nvt-sync: Add support for proxy authentication.
  Patch submitted by Christian Schmidt.
  2013-01-06  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  Third part towards clean separation of NVTI into the NVTI Cache:
  Copyies are returned, so these need to be free'd.
  * src/nasl_plugins.c (nasl_plugin_add, nasl_plugin_launch): Free the
  nvti object once it is not needed anymore.
  * src/ntp_11.c (_find_plugin): Free the nvti object once it is not
  needed anymore.
  (ntp_1x_send_dependencies): The filename needs to be free'd because
  it was strdup'ed before. Free the nvti object once it is note
  needed anymore.
  * src/attack.c (launch_plugin): We need the oid later on and have
  many exits, so better store it locally without need to free it.
  Free the nvti.
  * src/plugs_hash.c (plugins_send_md5): Free the nvti object.
  * src/oval_plugins.c (oval_plugin_add): Free the nvti object.
  * src/comm.c (send_plug_info): Free the nvti object.
  * src/pluginscheduler.c (hash_add): Free the nvti object.
  (plugins_scheduler_init): Added safety heck for missing OID.
  2013-01-06  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  Second part towards clean separation of NVTI into the NVTI Cache:
  All remaining access to NVTI object via "NVTI" is replaced
  by access via OID.
  The only exception is the parsing code for the description
  block where the OID is not necessarily known at the beginning
  and therefore can not be relied on.
  * src/nasl_plugins.c (nasl_plugin_add): Remove the NVTI object
  after we added it for parsing the NASL file.
  (nasl_plugin_add): Use OID instead of NVTI.
  (nasl_plugin_launch): Use OID instead of NVTI. Fix setting of
  "name" and "preferences".
  * src/ntp_11.c (_find_plugin, ntp_1x_send_dependencies): Use OID
  instead of NVTI.
  * src/attack.c (launch_plugin): Use OID instead of NVTI.
  * src/pluginlaunch.c (plugin_launch): Use OID instead of NVTI.
  * src/plugs_hash.c (plugins_send_md5): Use OID instead of NVTI.
  * src/comm.c (send_plug_info): Use OID instead of NVTI.
  * src/pluginscheduler.c (hash_add, plugins_scheduler_init): Use OID
  instead of NVTI.
  2013-01-06  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  First part towards clean separation of NVTI into the NVTI Cache:
  Plugin arg_list are provided with explicit OID element.
  And whereever only the OID is required, it is directly retrieved
  instead via NVTI.
  * src/pluginlaunch.c (update_running_processes): Use OID element
  directly instead of NVTI.
  * src/comm.c (plugin_send_infos, _get_plug_by_oid): Use OID element
  directly instead of NVTI.
  2013-01-04  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  * src/pluginscheduler.c (plugins_scheduler_init): Fixed a
  memleak.
  2012-11-09  Michael Wiegand <michael.wiegand@greenbone.net>
  * doc/CMakeLists.txt: Remove configuration no longer necessary for
  out-of-source builds.
  2012-10-26  Michael Wiegand <michael.wiegand@greenbone.net>
  Post release version bump.
  * CMakeLists.txt: Set version to 3.4+beta2.
  2012-10-26  Michael Wiegand <michael.wiegand@greenbone.net>
  Preparing the openvas-scanner 3.4+beta1 release.
  * CHANGES: Updated.
  2012-10-26  Michael Wiegand <michael.wiegand@greenbone.net>
  * CMakeLists.txt: Update CPACK_SOURCE_IGNORE_FILES.
  2012-10-26  Michael Wiegand <michael.wiegand@greenbone.net>
  * INSTALL: Update instructions to use out-of-source building, remove
  outdated information.
  2012-10-26  Michael Wiegand <michael.wiegand@greenbone.net>
  Update "doc" and "doc-full" targets for out-of-source builds.
  * doc/CMakeLists.txt: Update commands and targets to work with
  out-of-source builds.
  * doc/Doxyfile.in: Updated to work with out-of-source builds.
  * doc/Doxyfile_full.in: Harmonized with Doxyfile.in.
  2012-10-25  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  * src/pluginscheduler.c (hash_link_destroy): Closed memleak.
  2012-10-25  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  * src/pluginscheduler.c (hash_add): Closed memleak. Thanks to Felix
  Wolfsteller for spotting.
  2012-10-23  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  * INSTALL: Updated for upcoming release.
  2012-10-23  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  * CHANGES: Prepared for soon release of first 3.4 beta.
  2012-10-08  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  * src/pluginscheduler.c (plugins_scheduler_init): Removed the
  cleverness feature to enable ACT_SETTINGS that were explicitely
  disabled. This behaviour is too clever for its own good.
  This means that clients can not rely on this behaviour anymore
  and must select the NVTs with corresponding care from now on.
  2012-10-01  Michael Wiegand <michael.wiegand@greenbone.net>
  * src/openvassd.c (main): Add command line switch to exit once the NVT
  cache has been initialized or updated.
  2012-09-10  Thomas reinke <reinke@securityspace.com>
  * src/comm.c (send_plug_info): Fixed SIGSEGV coredump that would
  occur if no family specified in a nasl script (would core dump
  if client connected and requested complete nasl test list)
  2012-09-07  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  * src/ntp_11.c (ntp_1x_send_dependencies): Use str2arglist
  directly instead of plug_get_deps.
  * src/pluginscheduler.c (hash_add, plugins_scheduler_init):
  Use str2arglist directly instead of plug_get_*.
  2012-07-19  Michael Meyer <michael.meyer@greenbone.net>
  * src/openvassd.c:
  store.h was deleted in r13728. So don't include it.
  2012-07-19  Matthew Mundell <matthew.mundell@greenbone.net>
  Add new OTP version 1.1 which is like 1.0 but sends less info to the
  client initially.  Patch by Jan-Oliver Wagner.
  * src/comm.c (comm_init): Add OTP/1.1 case.
  * src/openvassd.c (scanner_thread): Skip sending some of the init info for
  OTP > 1.0.
  2012-07-18  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  * src/openvassd.c (deny_severity, allow_severity): Removed. Global
  vars are never used.
  2012-07-16  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  Removed built-in logfile rotation. It is not a good idea to try
  to circumvent system enviroment technology for logrotate.
  * src/log.c (MAX_LOG_SIZE_MEGS, rotate_log_file): Removed.
  (log_init): Removed call of rotate_log_file).
  2012-07-13  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  * src/comm.c (comm_send_preferences): Removed deprectated prefs sind 3.0.
  2012-07-12  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  * src/nasl_plugins.c, src/oval_plugins.c: Replace calls
  of store_load_plugin by subsequent calls of nvticache_get
  and plug_create_from_nvti_and_prefs.
  2012-07-12  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  Use nvticache API instead of store_* API in a first step.
  Now it is mandatory that a cache directory really exists.
  * src/nasl_plugins.c (nasl_plugin_add): Replace use of store_
  API by nvticache API.
  * src/oval_plugins.c (oval_plugin_add): Replace use of store_
  API by nvticache API.
  * src/openvassd.c (init_openvassd): Replaced init via store_
  by direct nvtichache calls. Make it mandatory that a
  cache directory exists. Fallback of nvi directory not
  used anymore.
  * CMakeLists.txt: Increase dependency to openvas-libaries
  to 6.0.0.
  2012-07-10  Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
  Post branch version bump.
  * CMakeLists.txt: Set to version to 3.4.0 and beta status.
  2012-04-24  Michael Wiegand <michael.wiegand@greenbone.net>
  Post release version bump.
  * CMakeLists.txt: Set version to 3.3.2.
  2012-04-24  Michael Wiegand <michael.wiegand@greenbone.net>
* Sat May 12 2012 bitshuffler@opensuse.org
- Updated to 3.3.1
  * The CMake infrastructure has been cleaned up to ensure that compilation with
    modern gccs works.
  * The greenbone-nvt-sync script has been updated.
  * OpenVAS Scanner now requires at least glib 2.16 and gnutls 2.2, matching the
    requirements of OpenVAS Libraries.
  * New scanner preference "reverse_lookup", defaulting to "no" (the previous
    behaviour)
  * For network wide scanning, mandatory keys are ignored.
  * Don't start the second scan phase when network scan is enabled and
    user requests "stop" during the first phase.
  * Send an ERRMSG to the client when terminating a process.
  * Furter improvements to the build system.
* Sat Nov 12 2011 bitshuffler@opensuse.org
- Updated to 3.3+beta2
  * NVT management code has been updated to reflect the updated openvas-libraries
    API.
  * The optional use of the external tool "ovaldi" has been made more secure.
  * OpenVAS Scanner now uses UTC internally.
  * The greenbone-nvt-sync script has been updated.
  * Changed: Do not force execution of ACT_INIT category.
  * Fixed: A number of potential resource leaks.
  * Fixed: A number of compiler warnings when compiling with gcc 4.6.
  * Fixed: Usage of the mktemp template in openvas-nvt-sync.
  * Removed: Support for shared sockets.
  * New: The scanner options "network_scan" and "report_host_details" have been
    added to the default scanner options.
* Fri Nov  4 2011 bitshuffler@opensuse.org
- Updated to 3.2.5
  * The optional use of the external tool "ovaldi" has been made more secure.
* Thu Aug 25 2011 crrodriguez@opensuse.org
- Fix build.
* Wed Jun  8 2011 bitshuffler@opensuse.org
- Updated to 3.2.4
  * Fixed: Two potential resource leaks.
  * Fixed: A number of compiler warning when compiling with gcc 4.6.
  * Fixed: Usage of the mktemp template in openvas-nvt-sync.
* Mon Apr 11 2011 bitshuffler@opensuse.org
- Updated to 3.2.3
  * Fixed: Three potential resource leaks.
  * Fixed: Generation of code documentation.
  * Updated: Feed synchronization scripts.
  * Changed: The openvas-nvt-sync script will now perform the initial feed
    synchronization via HTTP instead of rsync.
  * Changed: The openvas-nvt-sync script will now default to synchronize into the
    NVT directory used by the OpenVAS Scanner instead of the one defined at
    compile time.
* Wed Feb 23 2011 bitshuffler@opensuse.org
- Updated to 3.2.2
  * The last bashism has been removed from the openvas-nvt-sync synchronization
    script.
  * The greenbone-nvt-sync script now logs additional information during
    synchronization.
  * An unimplemented and superfluous function declaration has been removed.
  * The openvassd man page has been updated.
  * The build environment has been consolidated.
  * The greenbone-nvt-sync script has been improved.
  * OpenVAS Scanner now sets a default value for the "unscanned_closed"
    preference.
* Fri Feb  4 2011 bitshuffler@opensuse.org
- Updated to 3.2.0
  * The sync scripts have been updated.
  * OpenVAS Scanner now uses pkg-config to find libraries.
  * Installation of the openvas-services file has been moved to openvas-libraries.
  * Filesystem Hierarchy Standard (FHS 2.3) compliance has been improved.
* Wed Jan 26 2011 bitshuffler@opensuse.org
- Updated to 3.1.99.2
  * Improved output of --version
  * Comprehensive code cleanup
  * Binary (.nes) plugins we moved to libraries and turned into builtin
    NASL methods.
  * Removed handling of binary plugins as we don't want to have them ever
    again.
  * Added preferences for the vhost feature so that clients get them
    and can offer them to the user. In other words: unhide the vhost feature.
  * Default port is now 9391 where the OpenVAS Manager expects the
    Scanner by default.
  * Command line options "--dump-cfg" and "--gen-config" are removed.
  * openvassd does not need anymore a "openvassd.conf" file. It uses
    its defaults and a possibly present conf-file can overwrite settings.
  * openvas-mkcert got a additional switch "-f" to force overwriting
    certificates.
  * openvas-mkcert does not create a openvassd.conf anymore as it shares
    the defaults with openvassd.
* Mon Dec 20 2010 bitshuffler@opensuse.org
- Updated to 3.1.99.1
  * Debug messages during the use of shared sockets are no longer logged unless
    requested during compile time.
  * A number of compiler warnings from gcc 4.4 has been addressed.
  * Hardening flags are now enabled during compile time to increase code quality.
  * openvas-scanner now listens on an IPv4 socket by default, even when IPv6
    support is present.
* Mon Dec  6 2010 bitshuffler@opensuse.org
- Updated to 3.1.98.2
  * A compiler warning regarding an incorrect function declaration in
    openvas_tcp_scanner has been addressed.
  * A compiler warning regarding incorrect pointer casts in find_service has been
    addressed.
  * A compiler warning regarding the type of a return value in openvassd has been
    addressed.
  * An issue which caused openvassd to refuse to scan certain hosts even when
    permitted by rules has been fixed.
  * An issue which caused openvassd to abort the scan process prematurely under
    certain circumstances has been fixed.
* Fri Dec  3 2010 bitshuffler@opensuse.org
- Updated to 3.1.98.1
  * Network level scan support.
  * Removed unnecessary log entries.
  * Include paths have been updated to match with openvas-libraries 4.0.
* Sun Oct 31 2010 bitshuffler@opensuse.org
- Updated to 3.1.1
  * The code documentation infrastructure has been improved.
  * The license situation of the individual source code files has been clarified.
  * Obsolete support for systems without entropy generation has been removed.
  * A bug which caused the client certificate generation to fail under certain
    circumstances has been fixed.
* Wed Jul 14 2010 bitshuffler@opensuse.org
- Updated to 3.1.0
  * Support for storing scanner passwords in plaintext has been removed.
  * Support for dropping privileges in NASL and NES NVTs had been added.
  * Support for scanning virtual web hosts has been added.
  * The handling of NVTs with an invalid timestamp has been improved.
  * A bug in the openvas-nvt-sync script which prevented synchronization via http
    under certain circumstances has been fixed.
  * Support for retrieving the version of the NVT collection has been added to the
    openvas-nvt-sync and greenbone-nvt-sync scripts.
  * Support for soft pausing of scans has been added.
  * Support for automatically installing generated certificate file has been added
    to the openvas-mkcert-client script.
  * The obsolete C based NVT "ssl_cipher" has been removed from the
    openvas-scanner module. It has been replaced by the NASL implementation
    "secpod_ssl_ciphers.nasl".
  * Support for storing an uploaded preference file in memory instead of on disk
    has been added.
* Fri Jul  2 2010 bitshuffler@opensuse.org
- Updated to 3.1.0.rc3
  * Support for storing scanner passwords in plaintext has been removed.
* Mon Jun 28 2010 bitshuffler@opensuse.org
- Updated to 3.1.0.rc2
  * The support scripts for feed synchronization have been updated.
  * Support for dropping privileges in NASL and NES NVTs had been added.
  * Support for scanning virtual web hosts has been added.
  * The handling of NVTs with an invalid timestamp has been improved.
* Wed May 19 2010 bitshuffler@opensuse.org
- Updated to 3.1.0.rc1
  * A bug in the openvas-nvt-sync script which prevented synchronization via http
    under certain circumstances has been fixed.
  * The build environment for C based NVTs has been cleaned up.
  * Code formatting has been improved in a number of files to match the coding
    style.
  * Support for retrieving the version of the NVT collection has been added to the
    openvas-nvt-sync and greenbone-nvt-sync scripts.
  * Support for soft pausing of scans has been added.
  * Support for automatically installing generated certificate file has been added
    to the openvas-mkcert-client script.
  * The obsolete C based NVT "ssl_cipher" has been removed from the
    openvas-scanner module. It has been replaced by the NASL implementation
    "secpod_ssl_ciphers.nasl".
  * Support for storing an uploaded preference file in memory instead of on disk
    has been added.
* Mon Mar 22 2010 bitshuffler@opensuse.org
- Updated to 3.0.2
* Fri Mar 12 2010 felix.wolfsteller@intevation.de
- Added greenbone nvt sync script.
* Fri Feb  5 2010 felix.wolfsteller@intevation.de
- Reenabled Scanner Certificate Creation with openvas-mkcert
  at install time, if no certificate is present already.
* Tue Jan 26 2010 bitshuffler@opensuse.org
- Updated to 3.0.1
* Sun Jan 24 2010 bitshuffler@opensuse.org
- Added %%ghost entries for log files.
- Added /etc/sysconfig/openvas-scanner for configuration
* Fri Jan  8 2010 felix.wolfsteller@intevation.de
- Added patch from  Vladimir Nadvornik fixing wrong NVT directory
  in openvassd.conf on 64-Bit systems.
* Mon Dec 21 2009 felix.wolfsteller@intevation.de
- Added logrotate- dependency.
* Fri Dec 18 2009 felix.wolfsteller@intevation.de
- Updated to version 3.0.0
* Sun Dec  6 2009 felix.wolfsteller@intevation.de
- Added sysconfdir/openvas/gnupg directory to files section.
- Install logrotate and init script to locations that match the package name (suse conditioned).
- Updated to 3.0.0.rc1
* Wed Dec  2 2009 felix.wolfsteller@intevation.de
- Added and install configuration file, uncommented cache and log directories.
* Tue Jun  2 2009 bitshuffler@opensuse.org
- Updated to 2.0.2
* Tue Feb 17 2009 bitshuffler@opensuse.org
- Updated to 2.0.1
* Sat Dec 20 2008 bitshuffler@opensuse.org
- Updated to 2.0.0
* Sun Aug 24 2008 bitshuffler@opensuse.org
- Updated to 1.0.2
* Sun Aug 10 2008 bitshuffler@opensuse.org
- Init.d script added
* Wed Jul  2 2008 bitshuffler@opensuse.org
- Updated to 1.0.1
* Tue Jun 10 2008 bitshuffler@opensuse.org
- Initial RPM