65 #include <sys/types.h> 70 #include <openvas/base/cvss.h> 71 #include <openvas/base/gpgme_util.h> 72 #include <openvas/base/openvas_string.h> 73 #include <openvas/base/openvas_file.h> 74 #include <openvas/base/openvas_hosts.h> 75 #include <openvas/omp/omp.h> 76 #include <openvas/misc/openvas_server.h> 77 #include <openvas/misc/nvt_categories.h> 78 #include <openvas/misc/openvas_uuid.h> 79 #include <openvas/misc/openvas_proctitle.h> 85 #define G_LOG_DOMAIN "md manage" 90 #define CPE_GETBYNAME_XSL OPENVAS_SCAP_RES_DIR "/cpe_getbyname.xsl" 95 #define CVE_GETBYNAME_XSL OPENVAS_SCAP_RES_DIR "/cve_getbyname.xsl" 100 #define OVALDEF_GETBYNAME_XSL OPENVAS_SCAP_RES_DIR "/ovaldef_getbyname.xsl" 105 #define CERT_BUND_ADV_GETBYNAME_XSL OPENVAS_CERT_RES_DIR "/cert_bund_getbyname.xsl" 110 #define DFN_CERT_ADV_GETBYNAME_XSL OPENVAS_CERT_RES_DIR "/dfn_cert_getbyname.xsl" 115 #define CPE_DICT_FILENAME OPENVAS_SCAP_DATA_DIR "/official-cpe-dictionary_v2.2.xml" 122 #define CVE_FILENAME_FMT OPENVAS_SCAP_DATA_DIR "/nvdcve-2.0-%d.xml" 129 #define CERT_BUND_ADV_FILENAME_FMT OPENVAS_CERT_DATA_DIR "/CB-K%02d.xml" 137 #define DFN_CERT_ADV_FILENAME_FMT OPENVAS_CERT_DATA_DIR "/dfn-cert-%04d.xml" 142 #define SCAP_TIMESTAMP_FILENAME OPENVAS_SCAP_DATA_DIR "/timestamp" 147 #define CERT_TIMESTAMP_FILENAME OPENVAS_CERT_DATA_DIR "/timestamp" 152 #define MAX_CHECKS_DEFAULT "4" 157 #define MAX_HOSTS_DEFAULT "20" 176 gchar *cert_start, *cert_end;
177 cert_start = strstr (certificate,
"-----BEGIN CERTIFICATE-----");
180 cert_end = strstr (cert_start,
"-----END CERTIFICATE-----");
182 if (cert_end == NULL)
185 cert_end += strlen (
"-----END CERTIFICATE-----");
187 if (cert_end[0] ==
'\n')
190 return g_strndup (cert_start, cert_end - cert_start);
205 gchar *key_start, *key_end;
207 key_start = strstr (private_key,
"-----BEGIN RSA PRIVATE KEY-----");
210 key_end = strstr (key_start,
"-----END RSA PRIVATE KEY-----");
213 key_end += strlen (
"-----END RSA PRIVATE KEY-----");
219 key_start = strstr (private_key,
"-----BEGIN DSA PRIVATE KEY-----");
222 key_end = strstr (key_start,
"-----END DSA PRIVATE KEY-----");
225 key_end += strlen (
"-----END DSA PRIVATE KEY-----");
231 if (key_end && key_end[0] ==
'\n')
234 if (key_start == NULL || key_end == NULL)
237 return g_strndup (key_start, key_end - key_start);
253 time_t* activation_time, time_t* expiration_time,
254 gchar** fingerprint, gchar** issuer)
256 gchar *cert_truncated;
258 cert_truncated = NULL;
260 *activation_time = -1;
262 *expiration_time = -1;
271 gnutls_datum_t cert_datum;
272 gnutls_x509_crt_t gnutls_cert;
275 if (cert_truncated == NULL)
279 cert_datum.data = (
unsigned char*) cert_truncated;
280 cert_datum.size = strlen (cert_truncated);
282 gnutls_x509_crt_init (&gnutls_cert);
283 err = gnutls_x509_crt_import (gnutls_cert, &cert_datum,
284 GNUTLS_X509_FMT_PEM);
287 g_free (cert_truncated);
294 = gnutls_x509_crt_get_activation_time (gnutls_cert);
300 = gnutls_x509_crt_get_expiration_time (gnutls_cert);
305 size_t buffer_size = 16;
306 unsigned char buffer[buffer_size];
309 string = g_string_new (
"");
311 gnutls_x509_crt_get_fingerprint(gnutls_cert, GNUTLS_DIG_MD5,
312 buffer, &buffer_size);
314 for (i = 0; i < buffer_size; i++)
318 g_string_append_c (
string,
':');
320 g_string_append_printf(
string,
"%02x", buffer[i]);
323 *fingerprint =
string->str;
324 g_string_free (
string, FALSE);
331 gnutls_x509_crt_get_issuer_dn(gnutls_cert, NULL, &buffer_size);
332 buffer = g_malloc(buffer_size);
333 gnutls_x509_crt_get_issuer_dn(gnutls_cert, buffer, &buffer_size);
338 gnutls_x509_crt_deinit (gnutls_cert);
339 g_free (cert_truncated);
355 return (g_strdup (
"unlimited"));
357 return (g_strdup (
"unknown"));
359 return (g_strdup (
iso_time (&time)));
376 if (activates == -1 || expires == -1)
378 else if (activates > now)
380 else if (expires != 0 && expires < now)
403 list = g_slist_next (list);
421 if (strcasecmp (type,
"cpe") == 0)
423 if (strcasecmp (type,
"cve") == 0)
425 if (strcasecmp (type,
"cert_bund_adv") == 0)
426 return "CERT-Bund Advisories";
427 if (strcasecmp (type,
"dfn_cert_adv") == 0)
428 return "DFN-CERT Advisories";
429 if (strcasecmp (type,
"nvt") == 0)
431 if (strcasecmp (type,
"ovaldef") == 0)
432 return "OVAL Definitions";
450 if (strcasecmp (type,
"cpe") == 0)
452 if (strcasecmp (type,
"cve") == 0)
454 if (strcasecmp (type,
"cert_bund_adv") == 0)
455 return "CERT-Bund Advisory";
456 if (strcasecmp (type,
"dfn_cert_adv") == 0)
457 return "DFN-CERT Advisory";
458 if (strcasecmp (type,
"nvt") == 0)
460 if (strcasecmp (type,
"ovaldef") == 0)
461 return "OVAL Definition";
476 return (strcasecmp (type,
"cpe") == 0)
477 || (strcasecmp (type,
"cve") == 0)
478 || (strcasecmp (type,
"ovaldef") == 0);
491 check_available (
const gchar *type,
resource_t resource,
492 const gchar *permission)
528 if (strcasecmp (threat,
"High") == 0)
530 if (strcasecmp (threat,
"Medium") == 0)
532 if (strcasecmp (threat,
"Low") == 0)
534 if (strcasecmp (threat,
"Log") == 0)
535 return "Log Message";
536 if (strcasecmp (threat,
"Debug") == 0)
537 return "Debug Message";
538 if (strcasecmp (threat,
"Error") == 0)
539 return "Error Message";
540 if (strcasecmp (threat,
"False Positive") == 0)
541 return "False Positive";
555 if (strcasecmp (type,
"Alarm") == 0)
557 if (strcasecmp (type,
"Security Hole") == 0)
559 if (strcasecmp (type,
"Security Warning") == 0)
561 if (strcasecmp (type,
"Security Note") == 0)
563 if (strcasecmp (type,
"Log Message") == 0)
565 if (strcasecmp (type,
"Debug Message") == 0)
567 if (strcasecmp (type,
"Error Message") == 0)
569 if (strcasecmp (type,
"False Positive") == 0)
570 return "False Positive";
588 if (strcmp (
class,
"classic") == 0)
590 if (strcmp (level,
"high") == 0)
591 return severity > 5 && severity <= 10;
592 else if (strcmp (level,
"medium") == 0)
593 return severity > 2 && severity <= 5;
594 else if (strcmp (level,
"low") == 0)
595 return severity > 0 && severity <= 2;
596 else if (strcmp (level,
"none") == 0 || strcmp (level,
"log") == 0)
597 return severity == 0;
601 else if (strcmp (
class,
"pci-dss") == 0)
603 if (strcmp (level,
"high") == 0)
604 return severity >= 4.0;
605 else if (strcmp (level,
"none") == 0 || strcmp (level,
"log") == 0)
606 return severity >= 0.0 && severity < 4.0;
613 if (strcmp (level,
"high") == 0)
614 return severity >= 7 && severity <= 10;
615 else if (strcmp (level,
"medium") == 0)
616 return severity >= 4 && severity < 7;
617 else if (strcmp (level,
"low") == 0)
618 return severity > 0 && severity < 4;
619 else if (strcmp (level,
"none") == 0 || strcmp (level,
"log") == 0)
620 return severity == 0;
637 if (ov_severity <= 0.0)
638 return severity == ov_severity;
640 return severity >= ov_severity;
657 return "False Positive";
662 else if (severity > 0.0 && severity <= 10.0)
677 g_warning (
"%s: Invalid severity score given: %f",
678 __FUNCTION__, severity);
694 return "Log Message";
696 return "False Positive";
698 return "Debug Message";
700 return "Error Message";
701 else if (severity > 0.0 && severity <= 10.0)
705 g_warning (
"%s: Invalid severity score given: %f",
706 __FUNCTION__, severity);
753 int apply_overrides,
int autofp,
int min_qod)
755 return g_strdup_printf (
"first=%d rows=%d" 756 " apply_overrides=%d autofp=%d min_qod=%d",
758 apply_overrides, autofp, min_qod);
767 int apply_overrides,
int autofp,
int min_qod)
771 get->type = g_strdup (
"result");
773 apply_overrides, autofp, min_qod);
779 #define ZERO_SEVERITY_INDEX 4 814 if (index <= ZERO_SEVERITY_INDEX && index > 0)
836 data->
counts = g_malloc0 (
sizeof (
int) * (max_i + 1));
864 if (severity_data->
total == 0 || severity_data->
max <= severity)
865 severity_data->
max = severity;
867 (severity_data->
total)++;
883 if (severity_data->
total == 0 || severity_data->
max <= severity)
884 severity_data->
max = severity;
886 (severity_data->
total) += count;
900 double min_severity,
double max_severity)
911 count += (severity_data->
counts)[i];
931 const gchar *severity_class,
932 int *errors,
int *debugs,
int *false_positives,
933 int *logs,
int *lows,
int *mediums,
int *highs)
1023 return "Filter count at least";
1025 return "Filter count changed";
1027 return "Severity at least";
1029 return "Severity changed";
1031 return "Internal Error";
1050 default:
return "Internal Error";
1069 return g_strdup (
"Always");
1075 level =
alert_data (alert,
"condition",
"severity");
1076 ret = g_strdup_printf (
"Filter count at least %s",
1077 level ? level :
"0");
1082 return g_strdup (
"Filter count changed");
1085 char *level =
alert_data (alert,
"condition",
"severity");
1086 gchar *ret = g_strdup_printf (
"Task severity is at least '%s'",
1094 direction =
alert_data (alert,
"condition",
"direction");
1095 gchar *ret = g_strdup_printf (
"Task severity %s", direction);
1100 return g_strdup (
"Internal Error");
1120 return g_strdup_printf
1121 (
"The security scan task '%s' changed status to '%s'",
1124 return g_strdup_printf (
"Task status changed to '%s'",
1128 return g_strdup_printf (
"New SecInfo arrived");
1131 return g_strdup_printf (
"Updated SecInfo arrived");
1134 return g_strdup (
"Internal Error");
1161 default:
return "Internal Error";
1175 if (strcasecmp (name,
"Always") == 0)
1177 if (strcasecmp (name,
"Filter count at least") == 0)
1179 if (strcasecmp (name,
"Filter count changed") == 0)
1181 if (strcasecmp (name,
"Severity at least") == 0)
1183 if (strcasecmp (name,
"Severity changed") == 0)
1198 if (strcasecmp (name,
"Task run status changed") == 0)
1200 if (strcasecmp (name,
"New SecInfo arrived") == 0)
1202 if (strcasecmp (name,
"Updated SecInfo arrived") == 0)
1217 if (strcasecmp (name,
"Email") == 0)
1219 if (strcasecmp (name,
"HTTP Get") == 0)
1221 if (strcasecmp (name,
"SCP") == 0)
1223 if (strcasecmp (name,
"Send") == 0)
1225 if (strcasecmp (name,
"SMB") == 0)
1227 if (strcasecmp (name,
"SNMP") == 0)
1229 if (strcasecmp (name,
"Sourcefire Connector") == 0)
1231 if (strcasecmp (name,
"Start Task") == 0)
1233 if (strcasecmp (name,
"Syslog") == 0)
1235 if (strcasecmp (name,
"TippingPoint SMS") == 0)
1237 if (strcasecmp (name,
"verinice Connector") == 0)
1259 return "Delete Requested";
1262 return "Ultimate Delete Requested";
1273 return "Stop Requested";
1276 default:
return "Internal Error";
1294 return "Ultimate Delete Requested";
1296 return "Ultimate Delete Waiting";
1307 return "Stop Requested";
1310 return "Stop Waiting";
1313 default:
return "Internal Error";
1326 get_files_to_send (
task_t task)
1329 GSList* filelist = NULL;
1332 while (
next (&files))
1335 filelist = g_slist_append (filelist, g_strdup (file_path));
1350 nvt_selector_plugins (
config_t config)
1352 GString *plugins, *setting_nvts;
1357 plugins = g_string_new (
"");
1358 setting_nvts = g_string_new (
"");
1361 while (
next (&families))
1367 while (
next (&nvts))
1372 g_string_append_c (plugins,
';');
1396 while (
next (&nvts))
1400 if (strstr (plugins->str, oid_str) == NULL
1401 && strstr (
"1.3.6.1.4.1.25623.1.0.90022;" 1402 "1.3.6.1.4.1.25623.1.0.90023;" 1403 "1.3.6.1.4.1.25623.1.0.103591;" 1404 "1.3.6.1.4.1.25623.1.0.105058;" 1405 "1.3.6.1.4.1.25623.1.0.105076;",
1409 g_string_append (setting_nvts, oid_str);
1410 g_string_append_c (setting_nvts,
';');
1414 if (strlen (setting_nvts->str))
1415 g_info (
"%s: NVTs not explicitly activated anymore for this config: %s." 1416 " Please adjust the config if you think this is wrong.",
1419 g_string_free (setting_nvts, TRUE);
1421 return g_string_free (plugins, FALSE);
1435 preference_value (
const char* name,
const char* full_value)
1437 char *bracket = strchr (name,
'[');
1440 if (strncmp (bracket,
"[radio]:", strlen (
"[radio]:")) == 0)
1442 char *semicolon = strchr (full_value,
';');
1444 return g_strndup (full_value, semicolon - full_value);
1447 return g_strdup (full_value);
1461 send_config_preferences (
config_t config,
const char* section_name,
1462 GSList *task_files, GPtrArray *pref_files)
1467 while (
next (&prefs))
1472 if (strcmp (pref_name,
"port_range") == 0)
1487 value = preference_value (pref_name,
1492 int type_start = -1, type_end = -1, count;
1495 count = sscanf (pref_name,
"%*[^[][%n%*[^]]%n]:", &type_start,
1500 && (strncmp (pref_name + type_start,
1502 type_end - type_start)
1517 if (strcmp (value,
"") == 0)
1531 if (strcmp (head->data, value) == 0)
1533 head = g_slist_next (head);
1538 uuid = openvas_uuid_make ();
1546 g_ptr_array_add (pref_files, (gpointer) uuid);
1547 g_ptr_array_add (pref_files, (gpointer) value);
1596 send_task_preferences (
task_t task)
1635 send_ifaces_access_preferences (
void)
1643 if (ifaces && strlen (ifaces))
1647 if (ifaces_allow == 1)
1648 pref =
"ifaces_allow";
1649 else if (ifaces_allow == 0)
1650 pref =
"ifaces_deny";
1673 send_hosts_access_preferences (
void)
1681 if (hosts && strlen (hosts))
1685 if (hosts_allow == 1)
1686 pref =
"hosts_allow";
1687 else if (hosts_allow == 0)
1688 pref =
"hosts_deny";
1711 finished_hosts_str (
report_t stopped_report)
1716 if (stopped_report == 0)
1719 while (
next (&hosts))
1723 if (end_time && strlen (end_time))
1725 char *new_str = str ?
1726 g_strdup_printf (
"%s, %s", str,
1728 : g_strdup_printf (
"%s",
1749 char *hosts_ordering, *exclude_hosts, *reverse_lookup_only;
1750 char *reverse_lookup_unify;
1753 if (send_ifaces_access_preferences ())
1757 if (send_hosts_access_preferences ())
1766 free (hosts_ordering);
1769 free (hosts_ordering);
1776 char *finished, *str;
1778 finished = finished_hosts_str (stopped_report);
1781 str = g_strdup_printf (
"%s, %s", exclude_hosts, finished);
1782 g_free (exclude_hosts);
1784 exclude_hosts = str;
1788 exclude_hosts = finished_hosts_str (stopped_report);
1794 free (exclude_hosts);
1797 free (exclude_hosts);
1802 if (reverse_lookup_only == NULL || strcmp (reverse_lookup_only,
"0") == 0)
1803 reverse_lookup_only =
"no";
1805 reverse_lookup_only =
"yes";
1806 if (
sendf_to_server (
"reverse_lookup_only <|> %s\n", reverse_lookup_only))
1811 if (reverse_lookup_unify == NULL || strcmp (reverse_lookup_unify,
"0") == 0)
1812 reverse_lookup_unify =
"no";
1814 reverse_lookup_unify =
"yes";
1815 if (
sendf_to_server (
"reverse_lookup_unify <|> %s\n", reverse_lookup_unify))
1830 send_file (
const char* name,
const char* content)
1832 size_t content_len = strlen (content);
1836 "content: octet/stream\n" 1857 send_task_file (
task_t task,
const char* file)
1862 while (
next (&files))
1868 content = g_base64_decode (content_64, &content_len);
1872 "content: octet/stream\n" 1902 send_alive_test_preferences (
target_t target)
1908 if (alive_test == 0)
1918 if (
sendf_to_server (
"Ping Host[checkbox]:TCP ping tries also TCP-SYN ping" 1920 (alive_test & ALIVE_TEST_TCP_SYN_SERVICE)
1938 "Mark unrechable Hosts as dead (not scanning) <|> %s\n",
1944 if (alive_test == ALIVE_TEST_CONSIDER_ALIVE)
1965 #define RUN_SLAVE_TASK_SLEEP_SECONDS 25 2029 entity = entity_child (get_tasks,
"task");
2032 entity = entity_child (entity,
"progress");
2040 atoi (entity_text (entity)));
2053 connection_authenticate (openvas_connection_t *connection)
2055 omp_authenticate_info_opts_t auth_opts;
2057 auth_opts = omp_authenticate_info_opts_defaults;
2058 auth_opts.username = connection->username;
2059 auth_opts.password = connection->password;
2060 if (omp_authenticate_info_ext_c (connection, auth_opts))
2077 gchar *login, *password;
2084 if (password == NULL)
2090 ret = omp_authenticate (session, login, password);
2106 slave_connect (openvas_connection_t *connection)
2110 connection->tls = 1;
2111 if (connection->ca_cert == NULL)
2115 connection->socket = openvas_server_open_verify
2116 (&connection->session,
2117 connection->host_string,
2119 ca_cert ? ca_cert : connection->ca_cert,
2120 connection->pub_key,
2121 connection->priv_key,
2123 if (connection->socket == -1)
2125 g_warning (
"%s: failed to open connection to %s on %i",
2127 connection->host_string,
2135 if (setsockopt (connection->socket,
2136 SOL_SOCKET, SO_KEEPALIVE,
2137 &optval, sizeof (
int)))
2139 g_warning (
"%s: failed to set SO_KEEPALIVE on slave socket: %s\n",
2142 openvas_connection_close (connection);
2147 g_debug (
" %s: connected\n", __FUNCTION__);
2151 if (connection_authenticate (connection))
2153 openvas_connection_close (connection);
2157 g_debug (
" %s: authenticated\n", __FUNCTION__);
2171 slave_sleep_connect (openvas_connection_t *connection,
task_t task)
2179 g_debug (
" %s: task stopped for giveup\n", __FUNCTION__);
2181 g_debug (
" %s: task stopped\n", __FUNCTION__);
2185 g_debug (
" %s: sleeping for %i\n", __FUNCTION__,
2189 while (slave_connect (connection));
2190 g_debug (
" %s: connected\n", __FUNCTION__);
2205 entities_t entities;
2209 entities = report->entities;
2210 while ((end = first_entity (entities)))
2212 if (strcmp (entity_name (end),
"scan_end") == 0)
2215 text = entity_text (end);
2216 while (*text && isspace (*text)) text++;
2220 g_strdup (entity_text (end)));
2224 entities = next_entities (entities);
2229 entities = report->entities;
2230 while ((end = first_entity (entities)))
2232 if (strcmp (entity_name (end),
"host_end") == 0)
2240 host = entity_child (end,
"host");
2244 text = entity_text (end);
2245 while (*text && isspace (*text)) text++;
2252 if (strcmp (entity_name (end),
"host") == 0)
2257 ip = entity_child (end,
"ip");
2261 time = entity_child (end,
"end");
2265 text = entity_text (time);
2266 while (*text && isspace (*text)) text++;
2272 entity_text (time));
2280 entities = next_entities (entities);
2308 get_tasks_last_report (entity_t get_tasks)
2311 task = entity_child (get_tasks,
"task");
2315 current_report = entity_child (task,
"current_report");
2319 report = entity_child (current_report,
"report");
2320 if (report && entity_attribute (report,
"id"))
2321 return g_strdup (entity_attribute (report,
"id"));
2325 entity_t last_report;
2326 last_report = entity_child (task,
"last_report");
2330 report = entity_child (last_report,
"report");
2331 if (report && entity_attribute (report,
"id"))
2332 return g_strdup (entity_attribute (report,
"id"));
2356 setup_ids (openvas_connection_t *connection,
task_t task,
2363 entity_t get_tasks_task;
2371 assert (slave_snmp_credential_uuid);
2373 get_tasks_task = entity_child (get_tasks,
"task");
2378 entity = entity_child (get_tasks_task,
"config");
2379 if (entity && entity_attribute (entity,
"id"))
2382 entity = entity_child (get_tasks_task,
"target");
2383 if (entity && entity_attribute (entity,
"id"))
2388 entity_t get_targets;
2391 while ((ret = omp_get_targets (&connection->session,
2402 openvas_connection_close (connection);
2403 ret = slave_sleep_connect (connection, task);
2411 target = entity_child (get_targets,
"target");
2414 entity = entity_child (target,
"port_list");
2415 if (entity && entity_attribute (entity,
"id"))
2419 entity = entity_child (target,
"ssh_credential");
2420 if (entity && entity_attribute (entity,
"id"))
2424 entity = entity_child (target,
"smb_credential");
2425 if (entity && entity_attribute (entity,
"id"))
2429 entity = entity_child (target,
"esxi_credential");
2430 if (entity && entity_attribute (entity,
"id"))
2434 entity = entity_child (target,
"snmp_credential");
2435 if (entity && entity_attribute (entity,
"id"))
2436 *slave_snmp_credential_uuid = g_strdup (entity_attribute
2439 free_entity (get_targets);
2462 slave_setup (openvas_connection_t *connection,
const char *name,
task_t task,
2469 const int ret_giveup = 3;
2470 int ret, ret_fail, next_result;
2472 omp_delete_opts_t del_opts;
2475 del_opts = omp_delete_opts_ultimate_defaults;
2481 if (atexit (&cleanup_slave))
2483 g_critical (
"%s: failed to register `atexit' slave_cleanup function\n",
2488 if (last_stopped_report)
2498 last_stopped_report = 0;
2517 last_stopped_report = 0;
2522 openvas_connection_close (connection);
2523 ret = slave_sleep_connect (connection, task);
2531 status = omp_task_status (get_tasks);
2537 last_stopped_report = 0;
2539 else if ((strcmp (status,
"Running") == 0)
2540 || (strcmp (status,
"Done") == 0))
2548 g_warning (
"%s: slave report %s missing UUID\n", __FUNCTION__,
2553 setup_ids (connection, task,
2564 switch (omp_resume_task_report (&connection->session,
2571 setup_ids (connection, task,
2590 last_stopped_report = 0;
2601 if (last_stopped_report == 0)
2609 if (
next (&credentials))
2611 const char *user, *password, *private_key;
2612 gchar *user_copy, *password_copy, *private_key_copy;
2613 omp_create_lsc_credential_opts_t opts;
2620 || (private_key == NULL && password == NULL))
2626 user_copy = g_strdup (user);
2627 password_copy = g_strdup (password);
2629 opts = omp_create_lsc_credential_opts_defaults;
2631 opts.login = user_copy;
2632 opts.passphrase = password_copy;
2635 private_key_copy = g_strdup (private_key);
2636 opts.private_key = private_key_copy;
2639 private_key_copy = NULL;
2640 opts.comment =
"Slave SSH credential created by Master";
2644 ret = omp_create_lsc_credential_ext (&connection->session, opts,
2647 g_free (password_copy);
2648 g_free (private_key_copy);
2652 g_warning (
"Could not create slave SSH credential" 2654 " Continuing without credential.",
2665 if (
next (&credentials))
2667 const char *user, *password;
2668 gchar *user_copy, *password_copy, *smb_name;
2669 omp_create_lsc_credential_opts_t opts;
2674 if (user == NULL || password == NULL)
2677 goto fail_ssh_credential;
2680 user_copy = g_strdup (user);
2681 password_copy = g_strdup (password);
2683 opts = omp_create_lsc_credential_opts_defaults;
2684 smb_name = g_strdup_printf (
"%ssmb", name);
2685 opts.name = smb_name;
2686 opts.login = user_copy;
2687 opts.passphrase = password_copy;
2688 opts.comment =
"Slave SMB credential created by Master";
2692 ret = omp_create_lsc_credential_ext (&connection->session, opts,
2696 g_free (password_copy);
2699 g_warning (
"Could not create slave SMB credential" 2701 " Continuing without credential.",
2712 if (
next (&credentials))
2714 const char *user, *password;
2715 gchar *user_copy, *password_copy, *esxi_name;
2716 omp_create_lsc_credential_opts_t opts;
2721 if (user == NULL || password == NULL)
2724 goto fail_smb_credential;
2727 user_copy = g_strdup (user);
2728 password_copy = g_strdup (password);
2730 opts = omp_create_lsc_credential_opts_defaults;
2731 esxi_name = g_strdup_printf (
"%sesxi", name);
2732 opts.name = esxi_name;
2733 opts.login = user_copy;
2734 opts.passphrase = password_copy;
2735 opts.comment =
"Slave ESXi credential created by Master";
2739 ret = omp_create_lsc_credential_ext (&connection->session, opts,
2743 g_free (password_copy);
2746 g_warning (
"Could not create slave ESXi credential" 2748 " Continuing without credential.",
2755 if (target_snmp_credential)
2758 target_snmp_credential);
2759 if (
next (&credentials))
2761 const char *community, *user, *password, *auth_algorithm;
2762 const char *privacy_password, *privacy_algorithm;
2763 gchar *community_copy, *user_copy, *password_copy;
2764 gchar *auth_algorithm_copy, *privacy_password_copy;
2765 gchar *privacy_algorithm_copy, *snmp_name;
2766 omp_create_lsc_credential_opts_t opts;
2778 if (community == NULL || user == NULL || password == NULL
2779 || auth_algorithm == NULL || privacy_password == NULL
2780 || privacy_algorithm == NULL)
2783 goto fail_esxi_credential;
2786 community_copy = g_strdup (community);
2787 user_copy = g_strdup (user);
2788 password_copy = g_strdup (password);
2789 auth_algorithm_copy = g_strdup (auth_algorithm);
2790 privacy_password_copy = g_strdup (privacy_password);
2791 privacy_algorithm_copy = g_strdup (privacy_algorithm);
2793 opts = omp_create_lsc_credential_opts_defaults;
2794 snmp_name = g_strdup_printf (
"%ssnmp", name);
2795 opts.name = snmp_name;
2796 opts.community = community_copy;
2797 opts.login = user_copy;
2798 opts.passphrase = password_copy;
2799 opts.auth_algorithm = auth_algorithm_copy;
2800 opts.privacy_password = privacy_password_copy;
2801 opts.privacy_algorithm = privacy_algorithm_copy;
2802 opts.comment =
"Slave SNMP credential created by Master";
2806 ret = omp_create_lsc_credential_ext (&connection->session, opts,
2809 g_free (community_copy);
2811 g_free (password_copy);
2812 g_free (auth_algorithm_copy);
2813 g_free (privacy_password_copy);
2814 g_free (privacy_algorithm_copy);
2817 g_warning (
"Could not create slave SNMP credential" 2819 " Continuing without credential.",
2826 g_debug (
" %s: slave SSH credential uuid: %s\n", __FUNCTION__,
2829 g_debug (
" %s: slave SMB credential uuid: %s\n", __FUNCTION__,
2832 g_debug (
" %s: slave ESXi credential uuid: %s\n", __FUNCTION__,
2835 g_debug (
" %s: slave SNMP credential uuid: %s\n", __FUNCTION__,
2841 if (
next (&targets))
2843 const char *hosts, *port, *exclude_hosts, *alive_tests;
2844 const char *reverse_lookup_only, *reverse_lookup_unify;
2846 gchar *hosts_copy, *exclude_hosts_copy;
2847 gchar *alive_tests_copy, *port_range;
2848 omp_create_target_opts_t opts;
2850 entity_t get_targets, child;
2857 reverse_lookup_unify
2862 goto fail_snmp_credential;
2869 ssh_port = atoi (port);
2871 hosts_copy = g_strdup (hosts);
2872 exclude_hosts_copy = g_strdup (exclude_hosts);
2873 alive_tests_copy = g_strdup (alive_tests);
2877 opts = omp_create_target_opts_defaults;
2878 opts.hosts = hosts_copy;
2879 opts.exclude_hosts = exclude_hosts_copy;
2880 opts.alive_tests = alive_tests_copy;
2882 opts.ssh_credential_port = ssh_port;
2886 opts.port_range = port_range;
2888 opts.comment =
"Slave target created by Master";
2889 opts.reverse_lookup_only
2890 = reverse_lookup_only ? atoi (reverse_lookup_only) : 0;
2891 opts.reverse_lookup_unify
2892 = reverse_lookup_unify ? atoi (reverse_lookup_unify) : 0;
2894 ret = omp_create_target_ext (&connection->session, opts,
2896 g_free (hosts_copy);
2897 g_free (exclude_hosts_copy);
2898 g_free (alive_tests_copy);
2899 g_free (port_range);
2901 goto fail_snmp_credential;
2905 ret_fail = ret_giveup;
2906 goto fail_snmp_credential;
2912 child = entity_child (get_targets,
"target");
2915 free_entity (get_targets);
2918 child = entity_child (child,
"port_list");
2921 free_entity (get_targets);
2924 port_list_uuid = entity_attribute (child,
"id");
2925 if (port_list_uuid == NULL)
2927 free_entity (get_targets);
2931 free_entity (get_targets);
2936 goto fail_esxi_credential;
2953 if (openvas_server_sendf (&connection->session,
2955 "<get_configs_response" 2957 " status_text=\"OK\">" 2958 "<config id=\"XXX\">" 2962 "Slave config created by Master" 2971 while (
next (&prefs))
2973 const char *timeout;
2977 if (timeout && strlen (timeout)
2978 && openvas_server_sendf (&connection->session,
2983 "<name>Timeout</name>" 2984 "<type>entry</type>" 2998 while (
next (&prefs))
3000 GString *buffer = g_string_new (
"");
3002 if (openvas_server_sendf (&connection->session,
"%s", buffer->str))
3007 g_string_free (buffer, TRUE);
3011 if (openvas_server_sendf (&connection->session,
3023 while (
next (&selectors))
3026 if (openvas_server_sendf
3027 (&connection->session,
3030 "<include>%i</include>" 3032 "<family_or_nvt>%s</family_or_nvt>" 3044 if (openvas_server_sendf (&connection->session,
3047 "</get_configs_response>" 3049 || (omp_read_create_response (&connection->session,
3060 gchar *max_checks, *max_hosts, *source_iface;
3061 gchar *hosts_ordering, *comment;
3062 omp_create_task_opts_t opts;
3063 char *name_task, *uuid_report, *uuid_task;
3065 opts = omp_create_task_opts_defaults;
3072 comment = g_strdup_printf (
"Slave task for master task %s (%s)" 3077 opts.comment = comment;
3088 opts.in_assets =
"no";
3091 opts.source_iface = source_iface;
3092 opts.hosts_ordering = hosts_ordering;
3094 opts.alert_ids = NULL;
3095 opts.observers = NULL;
3096 opts.observer_groups = NULL;
3097 opts.scanner_id = NULL;
3098 opts.schedule_id = NULL;
3099 opts.slave_id = NULL;
3101 ret = omp_create_task_ext (&connection->session, opts, &
slave_task_uuid);
3103 g_free (max_checks);
3105 g_free (source_iface);
3106 g_free (hosts_ordering);
3117 goto fail_stop_task;
3131 entity_t get_tasks, report, get_report;
3152 g_warning (
"%s: Task missing on slave", __FUNCTION__);
3158 goto fail_stop_task;
3171 g_debug (
" %s: task stopped for giveup\n", __FUNCTION__);
3177 goto fail_stop_task;
3195 g_warning (
"%s: Task missing on slave", __FUNCTION__);
3201 openvas_connection_close (connection);
3202 ret = slave_sleep_connect (connection, task);
3208 status = omp_task_status (get_tasks);
3211 g_warning (
"%s: Slave task status was NULL", __FUNCTION__);
3215 status_done = (strcmp (status,
"Done") == 0);
3216 if ((strcmp (status,
"Running") == 0)
3220 omp_get_report_opts_t opts;
3225 if ((strcmp (status,
"Running") == 0)
3228 free_entity (get_tasks);
3229 goto fail_stop_task;
3232 opts = omp_get_report_opts_defaults;
3234 opts.format_id =
"a994b278-1f62-11e1-96ac-406186ea4fc5";
3235 opts.filter = g_strdup_printf
3236 (
"first=%i rows=-1 levels=hmlgd apply_overrides=0" 3237 " min_qod=0 autofp=0 result_hosts_only=%i" 3245 ret = omp_get_report_ext (&connection->session, opts, &get_report);
3248 opts.format_id =
"d5da9f67-8551-4e51-807b-b6a873d70e34";
3249 ret2 = omp_get_report_ext (&connection->session, opts,
3252 g_free (opts.filter);
3253 if ((ret == 404) && (ret2 == 404))
3256 g_warning (
"%s: Task report missing on slave", __FUNCTION__);
3262 free_entity (get_tasks);
3263 openvas_connection_close (connection);
3264 ret = slave_sleep_connect (connection, task);
3272 free_entity (get_tasks);
3273 free_entity (get_report);
3274 goto fail_stop_task;
3277 if (strcmp (status,
"Running") == 0)
3280 goto fail_stop_task;
3281 free_entity (get_report);
3284 else if (strcmp (status,
"Stopped") == 0)
3287 goto succeed_stopped;
3289 else if (strcmp (status,
"Stop Requested") == 0)
3291 else if ((strcmp (status,
"Internal Error") == 0)
3292 || (strcmp (status,
"Delete Requested") == 0))
3294 free_entity (get_tasks);
3295 goto fail_stop_task;
3302 free_entity (get_tasks);
3303 free_entity (get_report);
3304 goto fail_stop_task;
3306 free_entity (get_report);
3309 free_entity (get_report);
3310 free_entity (get_tasks);
3311 goto fail_stop_task;
3313 free_entity (get_tasks);
3327 free_entity (get_tasks);
3336 omp_delete_task_ext (&connection->session,
slave_task_uuid, del_opts);
3372 openvas_connection_close (connection);
3374 g_debug (
" %s: succeed\n", __FUNCTION__);
3381 omp_delete_task_ext (&connection->session,
slave_task_uuid, del_opts);
3392 fail_snmp_credential:
3397 fail_esxi_credential:
3402 fail_smb_credential:
3407 fail_ssh_credential:
3413 g_debug (
" %s: fail (%i)\n", __FUNCTION__, ret_fail);
3414 openvas_connection_close (connection);
3419 g_debug (
" %s: giveup (%i)\n", __FUNCTION__, ret_giveup);
3420 openvas_connection_close (connection);
3448 openvas_connection_t *connection,
3449 const gchar *slave_id,
3450 const gchar *slave_name)
3454 gchar *slave_task_name;
3462 g_debug (
" Running slave task %llu\n", task);
3471 uuid = openvas_uuid_make ();
3474 g_warning (
"%s: Failed to make UUID", __FUNCTION__);
3482 g_warning (
"%s: Failed to get task name", __FUNCTION__);
3485 slave_task_name = g_strdup_printf (
"%s for %s", uuid, name);
3489 while ((ret = slave_connect (connection)))
3497 port_string = g_strdup_printf (
"%i", connection->port);
3499 connection->host_string,
3502 "1.3.6.1.4.1.25623.1.0.12288",
3504 "Authentication with the slave failed.");
3505 g_free (port_string);
3509 g_free (slave_task_name);
3517 || termination_signal)
3519 if (termination_signal)
3521 g_debug (
"%s: Received %s signal.",
3531 g_free (slave_task_name);
3540 if (termination_signal)
3542 g_debug (
"%s: Received %s signal.",
3551 g_free (slave_task_name);
3555 ret = slave_setup (connection, slave_task_name,
3558 target_snmp_credential, last_stopped_report);
3561 ret = slave_sleep_connect (connection, task);
3571 g_free (slave_task_name);
3596 table = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free);
3597 while (
next (&prefs))
3599 char *name, *value = NULL;
3605 if (g_str_has_prefix (type,
"credential_"))
3615 g_warning (
"Error getting credential for osp parameter %s", name);
3619 if (credential == 0)
3621 g_warning (
"No credential for osp parameter %s", name);
3629 g_warning (
"No credential for credential_id %llu", credential);
3633 if (!strcmp (type,
"credential_up")
3637 else if (!strcmp (type,
"credential_up"))
3639 g_warning (
"OSP Parameter %s requires credentials of type" 3640 " username+password", name);
3649 g_warning (
"No adequate %s for parameter %s", type, name);
3654 else if (!strcmp (name,
"definitions_file"))
3660 fname = g_strdup_printf (
"%s/%s", OPENVAS_SCAP_DATA_DIR
"/",
3662 value = openvas_file_as_base64 (fname);
3668 g_hash_table_insert (table, name, value);
3675 delete_osp_scan (
const char *report_id,
const char *host,
int port,
3676 const char *ca_pub,
const char *key_pub,
const char *key_priv)
3678 osp_connection_t *connection;
3680 connection = osp_connection_new (host, port, ca_pub, key_pub, key_priv);
3683 g_warning (
"Couldn't connect to OSP scanner on %s:%d\n", host, port);
3686 osp_delete_scan (connection, report_id);
3687 osp_connection_close (connection);
3705 get_osp_scan_report (
const char *scan_id,
const char *host,
int port,
3706 const char *ca_pub,
const char *key_pub,
const char 3707 *key_priv,
int details,
char **report_xml)
3709 osp_connection_t *connection;
3713 connection = osp_connection_new (host, port, ca_pub, key_pub, key_priv);
3716 g_warning (
"Couldn't connect to OSP scanner on %s:%d\n", host, port);
3719 progress = osp_get_scan (connection, scan_id, report_xml, details, &error);
3720 if (progress > 100 || progress < 0)
3722 g_warning (
"OSP get_scan %s: %s", scan_id, error);
3727 osp_connection_close (connection);
3741 handle_osp_scan (
task_t task,
report_t report,
const char *scan_id)
3743 char *host, *ca_pub, *key_pub, *key_priv;
3755 char *report_xml = NULL;
3765 int progress = get_osp_scan_report (scan_id, host, port, ca_pub, key_pub,
3771 "Erroneous scan progress value",
"",
"",
3777 else if (progress < 100)
3782 else if (progress == 100)
3785 progress = get_osp_scan_report (scan_id, host, port, ca_pub, key_pub,
3786 key_priv, 1, &report_xml);
3787 assert (progress == 100);
3789 g_free (report_xml);
3790 delete_osp_scan (scan_id, host, port, ca_pub, key_pub, key_priv);
3815 const char *user, *pass;
3818 GHashTable *options = task_scanner_options (task, target);
3827 g_hash_table_insert (options, g_strdup (
"port"), ssh_port);
3832 g_warning (
"%s: LSC Credential not found.", __FUNCTION__);
3833 g_hash_table_destroy (options);
3839 g_warning (
"%s: LSC Credential not a user/pass pair.", __FUNCTION__);
3840 g_hash_table_destroy (options);
3846 g_hash_table_insert (options, g_strdup (
"username"), g_strdup (user));
3847 g_hash_table_insert (options, g_strdup (
"password"), g_strdup (pass));
3864 launch_osp_task (
task_t task,
target_t target,
const char *scan_id,
3867 osp_connection_t *connection;
3868 char *target_str, *ports_str;
3869 GHashTable *options;
3872 options = get_osp_task_options (task, target);
3878 g_hash_table_destroy (options);
3883 ret = osp_start_scan (connection, target_str, ports_str, options, scan_id,
3886 g_hash_table_destroy (options);
3887 osp_connection_close (connection);
3888 g_free (target_str);
3905 char *report_id, title[128], *error = NULL;
3913 g_debug (
" %s: failed to create report.\n", __FUNCTION__);
3925 g_warning (
"%s: Failed to fork: %s\n",
3944 if (launch_osp_task (task, target, report_id, &error))
3948 g_warning (
"OSP start_scan %s: %s", report_id, error);
3965 snprintf (title,
sizeof (title),
"openvasmd: OSP: Handling scan %s", report_id);
3966 proctitle_set (title);
3975 else if (rc == -1 || rc == -2)
4017 if (fork_osp_scan_handler (task, target))
4019 g_warning (
"Couldn't fork OSP scan handler.\n");
4037 cve_scan_host (
task_t task, openvas_host_t *openvas_host)
4042 host = openvas_host_value_str (openvas_host);
4046 ip = g_strdup (host);
4048 g_debug (
"%s: ip: %s", __FUNCTION__, ip);
4054 g_warning (
"%s: Failed to get nthlast report.\n", __FUNCTION__);
4059 g_debug (
"%s: report_host: %llu", __FUNCTION__, report_host);
4068 if (
next (&report_hosts))
4071 int prognosis_report_host, start_time;
4075 start_time = time (NULL);
4076 prognosis_report_host = 0;
4078 NULL, NULL, 0, NULL);
4079 while (
next (&prognosis))
4081 const char *app, *cve;
4083 gchar *desc, *location;
4098 desc = g_strdup_printf (
"The host carries the product: %s\n" 4099 "It is vulnerable according to: %s.\n" 4106 ?
"The product was found at: " 4108 location ? location :
"",
4109 location ?
".\n" :
"",
4113 g_debug (
"%s: making result with severity %1.1f desc [%s]",
4114 __FUNCTION__, severity, desc);
4123 "CVE Scanner",
"App", app);
4128 "CVE Scanner", app, location);
4131 "CVE Scanner",
"detected_at",
4134 "CVE Scanner",
"detected_by",
4143 if (prognosis_report_host)
4149 "CVE Scanner",
"CVE Scan",
"1");
4172 char *report_id, title[128], *hosts;
4173 openvas_hosts_t *openvas_hosts;
4174 openvas_host_t *openvas_host;
4181 g_debug (
" %s: failed to create report.\n", __FUNCTION__);
4194 g_warning (
"%s: Failed to fork: %s\n",
4204 g_debug (
"%s: %i forked %i", __FUNCTION__, getpid (), pid);
4219 snprintf (title,
sizeof (title),
"openvasmd: CVE: Handling scan %s", report_id);
4221 proctitle_set (title);
4226 g_warning (
"%s: target hosts is NULL", __FUNCTION__);
4238 openvas_hosts = openvas_hosts_new (hosts);
4240 while ((openvas_host = openvas_hosts_next (openvas_hosts)))
4241 if (cve_scan_host (task, openvas_host))
4243 g_warning (
"%s: cve_scan_host failed", __FUNCTION__);
4246 openvas_hosts_free (openvas_hosts);
4249 openvas_hosts_free (openvas_hosts);
4270 run_cve_task (
task_t task)
4291 if (fork_cve_scan_handler (task, target))
4293 g_warning (
"Couldn't fork CVE scan handler.\n");
4312 set_certs (
const char *ca_pub,
const char *key_pub,
const char *key_priv)
4314 const char *fallback;
4323 if (ca_pub || fallback)
4339 char *host, *ca_pub, *key_pub, *key_priv;
4343 if (host && *host ==
'/')
4358 if (
set_certs (ca_pub, key_pub, key_priv))
4396 ret = check_available (
"config", *config,
"get_configs");
4400 ret = check_available (
"target", *target,
"get_targets");
4404 ret = check_available (
"port_list", *port_list,
"get_port_lists");
4409 && ((ret = check_available (
"credential",
4411 "get_credentials"))))
4415 && ((ret = check_available (
"credential",
4417 "get_credentials"))))
4420 if (*esxi_credential
4421 && ((ret = check_available (
"credential",
4423 "get_credentials"))))
4426 if (*snmp_credential
4427 && ((ret = check_available (
"credential",
4429 "get_credentials"))))
4448 run_task_prepare_report (
task_t task,
char **report_id,
int from,
4458 g_debug (
" error getting last stopped report.\n");
4463 if (report_id) *report_id =
report_uuid (*last_stopped_report);
4479 else if ((from == 0) || (from == 2))
4481 *last_stopped_report = 0;
4515 run_slave_or_omp_task (
task_t task,
int from,
char **report_id,
4516 openvas_connection_t *connection,
4517 const gchar *slave_id,
4518 const gchar *slave_name)
4523 char title[128], *uuid;
4526 credential_t ssh_credential, smb_credential, esxi_credential, snmp_credential;
4529 ret = run_task_setup (task, &config, &target, &port_list, &ssh_credential,
4530 &smb_credential, &esxi_credential, &snmp_credential);
4548 ret = run_task_prepare_report (task, report_id, from, run_status,
4549 &last_stopped_report);
4560 g_debug (
" target hosts is NULL.\n");
4592 g_warning (
"%s: Failed to fork task child: %s\n",
4601 g_debug (
"%s: forked %i to run slave/omp task\n",
4623 snprintf (title,
sizeof (title),
4624 "openvasmd: OTP: Handling slave scan %s",
4627 proctitle_set (title);
4629 switch (handle_slave_task (task, target, ssh_credential, smb_credential,
4630 esxi_credential, snmp_credential,
4631 last_stopped_report, connection, slave_id,
4642 g_warning (
"%s: handle_slave_task failed", __FUNCTION__);
4645 exit (EXIT_FAILURE);
4647 exit (EXIT_SUCCESS);
4663 run_omp_task (
task_t task,
scanner_t scanner,
int from,
char **report_id)
4666 openvas_connection_t connection;
4667 char *scanner_id, *name;
4669 memset (&connection, 0,
sizeof (connection));
4672 if (connection.host_string == NULL)
4674 g_warning (
"%s: Scanner has no host", __FUNCTION__);
4678 g_debug (
" %s: connection.host: %s\n", __FUNCTION__,
4679 connection.host_string);
4682 if (connection.port == -1)
4684 free (connection.host_string);
4685 g_warning (
"%s: Scanner has no port", __FUNCTION__);
4690 if (connection.username == NULL)
4692 free (connection.host_string);
4693 g_warning (
"%s: Scanner has no login username", __FUNCTION__);
4698 if (connection.password == NULL)
4700 free (connection.username);
4701 free (connection.host_string);
4702 g_warning (
"%s: Scanner has no login password", __FUNCTION__);
4713 ret = run_slave_or_omp_task (task, from, report_id, &connection, scanner_id,
4716 free (connection.host_string);
4717 free (connection.username);
4718 free (connection.password);
4719 free (connection.ca_cert);
4740 char title[128], *hosts, *port_range, *port, *uuid;
4743 GSList *files = NULL;
4744 GPtrArray *preference_files;
4749 credential_t ssh_credential, smb_credential, esxi_credential, snmp_credential;
4754 ret = run_task_setup (task, &config, &target, &port_list, &ssh_credential,
4755 &smb_credential, &esxi_credential, &snmp_credential);
4766 switch (scanner_setup (scanner))
4795 ret = run_task_prepare_report (task, report_id, from, run_status,
4796 &last_stopped_report);
4807 g_debug (
" target hosts is NULL.\n");
4839 g_warning (
"%s: Failed to fork task child: %s\n",
4867 snprintf (title,
sizeof (title),
"openvasmd: OTP: Handling scan %s", uuid);
4869 proctitle_set (title);
4880 g_warning (
"%s: Failed to send OTP PREFERENCES", __FUNCTION__);
4889 plugins = nvt_selector_plugins (config);
4892 if (ssh_credential == 0 && smb_credential == 0 && esxi_credential == 0)
4896 GString *auth_plugins = g_string_new (
"");
4898 g_string_append (auth_plugins,
"1.3.6.1.4.1.25623.1.0.90022;");
4900 g_string_append (auth_plugins,
"1.3.6.1.4.1.25623.1.0.90023;");
4901 if (esxi_credential)
4902 g_string_append (auth_plugins,
"1.3.6.1.4.1.25623.1.0.105058;");
4903 if (snmp_credential)
4904 g_string_append (auth_plugins,
"1.3.6.1.4.1.25623.1.0.105076;");
4909 g_string_free (auth_plugins, TRUE);
4917 g_warning (
"%s: Failed to send OTP plugin_set", __FUNCTION__);
4926 if (send_config_preferences (config,
"SERVER_PREFS", NULL, NULL))
4928 g_warning (
"%s: Failed to send OTP SERVER_PREFS", __FUNCTION__);
4935 if (send_task_preferences (task))
4937 g_warning (
"%s: Failed to send OTP task preferences", __FUNCTION__);
4948 port_range ? port_range :
"default"))
4951 g_warning (
"%s: Failed to send OTP port_range", __FUNCTION__);
4965 g_warning (
"%s: Failed to send OTP auth_port_ssh", __FUNCTION__);
4975 files = get_files_to_send (task);
4979 preference_files = g_ptr_array_new ();
4980 if (send_config_preferences (config,
"PLUGINS_PREFS", files, preference_files))
4982 g_ptr_array_free (preference_files, TRUE);
4984 g_warning (
"%s: Failed to send OTP PLUGINS_PREFS", __FUNCTION__);
4993 if (send_scanner_preferences (task, target, last_stopped_report))
4995 g_ptr_array_add (preference_files, NULL);
4996 array_free (preference_files);
4998 g_warning (
"%s: Failed to send OTP scanner preferences", __FUNCTION__);
5012 if (
next (&credentials))
5022 "SSH key passphrase:" 5024 password ? password :
"")
5026 "SSH password (unsafe!):" 5028 password ? password :
"")))
5033 g_ptr_array_add (preference_files, NULL);
5034 array_free (preference_files);
5036 g_warning (
"%s: Failed to send OTP SSH preferences",
5046 char *uuid = openvas_uuid_make ();
5050 g_ptr_array_add (preference_files, (gpointer) uuid);
5071 if (
next (&credentials))
5080 password ? password :
""))
5083 g_ptr_array_add (preference_files, NULL);
5084 array_free (preference_files);
5086 g_warning (
"%s: Failed to send OTP SMB preferences",
5097 if (esxi_credential)
5102 if (
next (&credentials))
5110 ||
sendf_to_server (
"ESXi Authorization[password]:ESXi login password:" 5112 password ? password :
""))
5115 g_ptr_array_add (preference_files, NULL);
5116 array_free (preference_files);
5118 g_warning (
"%s: Failed to send OTP ESXi preferences",
5129 if (snmp_credential)
5134 if (
next (&credentials))
5139 const char *auth_algorithm
5141 const char *privacy_password
5143 const char *privacy_algorithm
5148 community ? community :
"")
5155 password ? password :
"")
5157 "SNMPv3 Authentication Algorithm:" 5159 auth_algorithm ? auth_algorithm :
"")
5161 "SNMPv3 Privacy Password:" 5163 privacy_password ? privacy_password :
"")
5165 "SNMPv3 Privacy Algorithm:" 5167 privacy_algorithm ? privacy_algorithm :
""))
5170 g_ptr_array_add (preference_files, NULL);
5171 array_free (preference_files);
5173 g_warning (
"%s: Failed to send OTP SNMP preferences",
5184 g_ptr_array_add (preference_files, NULL);
5188 if (send_alive_test_preferences (target))
5190 array_free (preference_files);
5192 g_warning (
"%s: Failed to send OTP alive test preferences", __FUNCTION__);
5206 g_ptr_array_add (preference_files, NULL);
5207 array_free (preference_files);
5209 g_warning (
"%s: Failed to send OTP network_targets", __FUNCTION__);
5221 array_free (preference_files);
5223 g_warning (
"%s: Failed to send OTP CLIENT", __FUNCTION__);
5235 while ((file = g_ptr_array_index (preference_files, index)))
5244 value = g_ptr_array_index (preference_files, index);
5248 if (strcmp (head->data, value) == 0)
5250 head = g_slist_next (head);
5253 if (head == NULL && send_file (file, value))
5256 array_free (preference_files);
5258 g_warning (
"%s: Failed to send an OTP file", __FUNCTION__);
5267 array_free (preference_files);
5274 GSList *last = files;
5275 if (send_task_file (task, files->data))
5279 g_warning (
"%s: Failed to send an OTP task file", __FUNCTION__);
5285 files = g_slist_next (files);
5286 g_free (last->data);
5287 g_slist_free_1 (last);
5301 g_warning (
"%s: Failed to send OTP LONG_ATTACK", __FUNCTION__);
5335 run_task (
const char *
task_id,
char **report_id,
int from)
5340 const char *permission;
5346 permission =
"start_task";
5348 permission =
"resume_task";
5352 permission =
"internal_error";
5363 ret = check_available (
"scanner", scanner,
"get_scanners");
5368 return run_cve_task (task);
5371 return run_omp_task (task, scanner, from, report_id);
5404 return run_task (task_id, report_id, 0);
5408 stop_osp_task (
task_t task)
5410 osp_connection_t *connection;
5421 ret = osp_stop_scan (connection, scan_id, NULL);
5422 osp_connection_close (connection);
5460 switch (scanner_setup (scanner))
5528 return stop_osp_task (task);
5559 return run_task (task_id, report_id, 1);
5579 int task_scanner_type, slave_scanner_type;
5582 int should_resume_task = 0;
5584 if (task_id == NULL)
5586 if (slave_id == NULL)
5601 if (strcmp (slave_id,
"") == 0)
5648 should_resume_task = 1;
5683 if (should_resume_task)
5685 pid_t pid = getpid ();
5689 if (getpid () != pid)
5799 if (abbreviation == NULL)
5801 else if (strcasecmp (abbreviation,
"cc") == 0)
5802 return "client certificate";
5803 else if (strcasecmp (abbreviation,
"snmp") == 0)
5805 else if (strcasecmp (abbreviation,
"up") == 0)
5806 return "username + password";
5807 else if (strcasecmp (abbreviation,
"usk") == 0)
5808 return "username + SSH key";
5810 return abbreviation;
5829 get_slave_system_report_types (
const char *required_type, gchar ***start,
5830 gchar ***types,
const char *slave_id)
5835 gnutls_session_t session;
5836 entity_t
get, report;
5846 if (host == NULL)
return -1;
5848 g_debug (
" %s: host: %s\n", __FUNCTION__, host);
5857 socket = openvas_server_open (&session, host, port);
5859 if (socket == -1)
return 4;
5861 g_debug (
" %s: connected\n", __FUNCTION__);
5871 g_debug (
" %s: authenticated\n", __FUNCTION__);
5873 if (omp_get_system_reports (&session, required_type, 1, &
get))
5879 openvas_server_close (socket, session);
5881 reports =
get->entities;
5882 end = *types = *start = g_malloc ((xml_count_entities (reports) + 1)
5884 while ((report = first_entity (reports)))
5886 if (strcmp (entity_name (report),
"system_report") == 0)
5888 entity_t name, title;
5890 char *name_text, *title_text;
5891 name = entity_child (report,
"name");
5892 title = entity_child (report,
"title");
5893 if (name == NULL || title == NULL)
5896 g_strfreev (*start);
5900 name_text = entity_text (name);
5901 title_text = entity_text (title);
5902 *end = pair = g_malloc (strlen (name_text) + strlen (title_text) + 2);
5903 strcpy (pair, name_text);
5904 pair += strlen (name_text) + 1;
5905 strcpy (pair, title_text);
5908 reports = next_entities (reports);
5917 openvas_server_close (socket, session);
5924 #define COMMAND "openvasmr 0 titles" 5940 get_system_report_types (
const char *required_type, gchar ***start,
5941 gchar ***types,
const char *slave_id)
5943 gchar *astdout = NULL;
5944 gchar *astderr = NULL;
5948 if (slave_id && strcmp (slave_id,
"0"))
5949 return get_slave_system_report_types (required_type, start, types,
5952 g_debug (
" command: " COMMAND);
5954 if ((g_spawn_command_line_sync (
COMMAND,
5960 || (WIFEXITED (exit_status) == 0)
5961 || WEXITSTATUS (exit_status))
5963 g_debug (
"%s: openvasmr failed with %d", __FUNCTION__, exit_status);
5964 g_debug (
"%s: stdout: %s", __FUNCTION__, astdout);
5965 g_debug (
"%s: stderr: %s", __FUNCTION__, astderr);
5968 *start = *types = g_malloc0 (
sizeof (gchar*) * 2);
5969 (*start)[0] = g_strdup (
"fallback Fallback Report");
5970 (*start)[0][strlen (
"fallback")] =
'\0';
5976 *start = *types = type = g_strsplit (g_strchomp (astdout),
"\n", 0);
5980 space = strchr (*type,
' ');
5983 g_strfreev (*types);
5990 if (required_type && (strcmp (*type, required_type) == 0))
6014 g_strfreev (*types);
6019 *start = *types = g_malloc0 (
sizeof (gchar*));
6043 const char* slave_id)
6050 ret = get_system_report_types (type, &iterator->
start, &iterator->
current,
6052 if (ret == 0 || ret == 3)
6068 g_strfreev (iterator->
start);
6084 if (*iterator->
current == NULL)
return FALSE;
6098 return (
const char*) *iterator->
current;
6111 const char *name = *iterator->
current;
6112 return name + strlen (name) + 1;
6132 slave_system_report (
const char *name,
const char *duration,
6133 const char *start_time,
const char *end_time,
6134 const char *slave_id,
char **report)
6139 gnutls_session_t session;
6140 entity_t
get, entity;
6142 omp_get_system_reports_opts_t opts;
6151 if (host == NULL)
return -1;
6153 g_debug (
" %s: host: %s\n", __FUNCTION__, host);
6162 socket = openvas_server_open (&session, host, port);
6164 if (socket == -1)
return 4;
6166 g_debug (
" %s: connected\n", __FUNCTION__);
6176 g_debug (
" %s: authenticated\n", __FUNCTION__);
6178 opts = omp_get_system_reports_opts_defaults;
6180 opts.duration = duration;
6181 opts.start_time = start_time;
6182 opts.end_time = end_time;
6185 if (omp_get_system_reports_ext (&session, opts, &
get))
6191 openvas_server_close (socket, session);
6193 reports =
get->entities;
6194 if ((entity = first_entity (reports))
6195 && (strcmp (entity_name (entity),
"system_report") == 0))
6197 entity = entity_child (entity,
"report");
6200 *report = g_strdup (entity_text (entity));
6206 g_warning (
" %s: error getting entity\n", __FUNCTION__);
6210 openvas_server_close (socket, session);
6217 #define FALLBACK_SYSTEM_REPORT_HEADER \ 6218 "This is the most basic, fallback report. The system can be configured to\n" \ 6219 "produce more powerful reports. Please contact your system administrator\n" \ 6220 "for more information.\n\n" 6222 #define DEFAULT_DURATION 86400L 6241 const char *start_time,
const char *end_time,
6242 const char *slave_id,
char **report)
6244 gchar *astdout = NULL;
6245 gchar *astderr = NULL;
6249 time_t start_time_num, end_time_num, duration_num;
6256 if (duration && strcmp (duration,
""))
6258 duration_num = atol (duration);
6259 if (duration_num == 0)
6263 if (start_time && strcmp (start_time,
""))
6266 if (start_time_num == 0)
6270 if (end_time && strcmp (end_time,
""))
6273 if (end_time_num == 0)
6278 if (slave_id && strcmp (slave_id,
"0"))
6279 return slave_system_report (name, duration, start_time, end_time,
6283 if (start_time && strcmp (start_time,
""))
6285 if (end_time && strcmp (end_time,
""))
6287 command = g_strdup_printf (
"openvasmr %ld %ld %s",
6292 else if (duration && strcmp (duration,
""))
6294 command = g_strdup_printf (
"openvasmr %ld %ld %s",
6296 start_time_num + duration_num,
6301 command = g_strdup_printf (
"openvasmr %ld %ld %s",
6307 else if (end_time && strcmp (end_time,
""))
6309 if (duration && strcmp (duration,
""))
6311 command = g_strdup_printf (
"openvasmr %ld %ld %s",
6312 end_time_num - duration_num,
6318 command = g_strdup_printf (
"openvasmr %ld %ld %s",
6326 if (duration && strcmp (duration,
""))
6328 command = g_strdup_printf (
"openvasmr %ld %s",
6334 command = g_strdup_printf (
"openvasmr %ld %s",
6340 g_debug (
" command: %s", command);
6342 if ((g_spawn_command_line_sync (command,
6348 || (WIFEXITED (exit_status) == 0)
6349 || WEXITSTATUS (exit_status))
6358 g_debug (
"%s: openvasmr failed with %d", __FUNCTION__, exit_status);
6359 g_debug (
"%s: stdout: %s", __FUNCTION__, astdout);
6360 g_debug (
"%s: stderr: %s", __FUNCTION__, astderr);
6367 ret = getloadavg (load, 3);
6370 g_string_append_printf (buffer,
6371 "Load average for past minute: %.1f\n",
6373 g_string_append_printf (buffer,
6374 "Load average for past 5 minutes: %.1f\n",
6376 g_string_append_printf (buffer,
6377 "Load average for past 15 minutes: %.1f\n",
6381 g_string_append (buffer,
"Error getting load averages.\n");
6384 g_file_get_contents (
"/proc/meminfo",
6389 g_error_free (get_error);
6393 g_string_append (buffer,
"\n/proc/meminfo:\n\n");
6394 safe = g_markup_escape_text (output, strlen (output));
6396 g_string_append (buffer, safe);
6400 *report = g_string_free (buffer, FALSE);
6405 if (astdout == NULL || strlen (astdout) == 0)
6408 if (strcmp (name,
"blank") == 0)
6483 sigset_t *sigmask_current)
6486 GSList *starts = NULL, *stops = NULL;
6488 task_t previous_start_task = 0;
6489 task_t previous_stop_task = 0;
6496 g_warning (
"%s: manage_update_nvti_cache error" 6497 " (Perhaps the db went down?)",
6517 g_warning (
"%s: iterator init error" 6518 " (Perhaps the db went down?)",
6527 while (
next (&schedules))
6530 time_t first_time, period, period_months;
6531 const char* timezone;
6546 next_time (first_time, period, period_months, timezone, 0));
6557 g_message (
" %s: Task timed out: %s",
6567 starts = g_slist_prepend
6570 starts = g_slist_prepend
6573 starts = g_slist_prepend
6589 stops = g_slist_prepend
6592 stops = g_slist_prepend
6595 stops = g_slist_prepend
6606 openvas_connection_t connection;
6609 omp_authenticate_info_opts_t auth_opts;
6611 owner = starts->data;
6612 assert (starts->next);
6613 owner_uuid = starts->next->data;
6614 assert (starts->next->next);
6615 task_uuid = starts->next->next->data;
6618 starts = starts->next->next->next;
6619 g_slist_free_1 (head->next->next);
6620 g_slist_free_1 (head->next);
6621 g_slist_free_1 (head);
6634 pthread_sigmask (SIG_SETMASK, sigmask_current, NULL);
6640 g_free (starts->data);
6641 starts = g_slist_delete_link (starts, starts);
6647 g_warning (
"%s: fork failed\n", __FUNCTION__);
6651 g_free (owner_uuid);
6656 g_debug (
"%s: %i forked %i", __FUNCTION__, getpid (), pid);
6659 g_free (owner_uuid);
6666 pid = fork_connection (&connection, owner_uuid);
6671 g_free (owner_uuid);
6676 g_warning (
"%s: fork_connection failed\n", __FUNCTION__);
6680 g_free (owner_uuid);
6681 exit (EXIT_FAILURE);
6690 g_debug (
"%s: %i fork_connectioned %i",
6691 __FUNCTION__, getpid (), pid);
6694 g_free (owner_uuid);
6696 if (signal (SIGCHLD, SIG_DFL) == SIG_ERR)
6697 g_warning (
"%s: failed to set SIGCHLD", __FUNCTION__);
6698 while (waitpid (pid, &status, 0) < 0)
6700 if (errno == ECHILD)
6702 g_warning (
"%s: Failed to get child exit," 6703 " so task '%s' may not have been scheduled",
6707 exit (EXIT_FAILURE);
6711 g_warning (
"%s: waitpid: %s",
6714 g_warning (
"%s: As a result, task '%s' may not have been" 6719 exit (EXIT_FAILURE);
6721 if (WIFEXITED (status))
6722 switch (WEXITSTATUS (status))
6753 else if (periods == 1
6760 else if (periods == 1)
6767 exit (EXIT_SUCCESS);
6776 g_warning (
"%s: child failed\n", __FUNCTION__);
6780 exit (EXIT_FAILURE);
6786 auth_opts = omp_authenticate_info_opts_defaults;
6787 auth_opts.username = owner;
6788 if (omp_authenticate_info_ext_c (&connection, auth_opts))
6790 g_warning (
"%s: omp_authenticate failed", __FUNCTION__);
6793 openvas_connection_free (&connection);
6794 exit (EXIT_FAILURE);
6799 if (omp_resume_task_report_c (&connection, task_uuid, NULL))
6801 if (omp_start_task_report_c (&connection, task_uuid, NULL))
6803 g_warning (
"%s: omp_start_task and omp_resume_task failed", __FUNCTION__);
6805 openvas_connection_free (&connection);
6806 exit (EXIT_FAILURE);
6811 openvas_connection_free (&connection);
6812 exit (EXIT_SUCCESS);
6819 openvas_connection_t connection;
6822 omp_authenticate_info_opts_t auth_opts;
6824 owner = stops->data;
6825 assert (stops->next);
6826 owner_uuid = stops->next->data;
6827 assert (stops->next->next);
6828 task_uuid = stops->next->next->data;
6831 stops = stops->next->next->next;
6832 g_slist_free_1 (head->next->next);
6833 g_slist_free_1 (head->next);
6834 g_slist_free_1 (head);
6840 switch (fork_connection (&connection, owner_uuid))
6846 g_free (stops->data);
6847 stops = g_slist_delete_link (stops, stops);
6855 g_free (owner_uuid);
6858 g_free (stops->data);
6859 stops = g_slist_delete_link (stops, stops);
6861 g_warning (
"%s: stop fork failed\n", __FUNCTION__);
6869 g_free (owner_uuid);
6876 auth_opts = omp_authenticate_info_opts_defaults;
6877 auth_opts.username = owner;
6878 if (omp_authenticate_info_ext_c (&connection, auth_opts))
6882 g_free (owner_uuid);
6883 openvas_connection_free (&connection);
6884 exit (EXIT_FAILURE);
6887 if (omp_stop_task_c (&connection, task_uuid))
6891 g_free (owner_uuid);
6892 openvas_connection_free (&connection);
6893 exit (EXIT_FAILURE);
6898 g_free (owner_uuid);
6899 openvas_connection_free (&connection);
6900 exit (EXIT_SUCCESS);
6919 return schedule_timeout;
6930 if (new_timeout < 0)
6931 schedule_timeout = -1;
6933 schedule_timeout = new_timeout;
6962 return "report_format_list";
6980 if (strcmp (name,
"boolean") == 0)
6982 if (strcmp (name,
"integer") == 0)
6984 if (strcmp (name,
"selection") == 0)
6986 if (strcmp (name,
"string") == 0)
6988 if (strcmp (name,
"text") == 0)
6990 if (strcmp (name,
"report_format_list") == 0)
7001 backup_file_name (
const char *name)
7003 int length = strlen (name);
7005 if (length && (name[length - 1] ==
'~'))
7009 && (name[length - 4] ==
'.'))
7010 return ((name[length - 3] ==
'b')
7011 && (name[length - 2] ==
'a')
7012 && (name[length - 1] ==
'k'))
7013 || ((name[length - 3] ==
'B')
7014 && (name[length - 2] ==
'A')
7015 && (name[length - 1] ==
'K'))
7016 || ((name[length - 3] ==
'C')
7017 && (name[length - 2] ==
'K')
7018 && (name[length - 1] ==
'P'));
7032 get_report_format_files (
const char *dir_name, GPtrArray **start)
7035 struct dirent **names;
7039 files = g_ptr_array_new ();
7041 locale = setlocale (LC_ALL,
"C");
7042 n = scandir (dir_name, &names, NULL, alphasort);
7043 setlocale (LC_ALL, locale);
7046 g_warning (
"%s: failed to open dir %s: %s\n",
7053 for (index = 0; index < n; index++)
7055 if (strcmp (names[index]->d_name,
".")
7056 && strcmp (names[index]->d_name,
"..")
7057 && (backup_file_name (names[index]->d_name) == 0))
7058 g_ptr_array_add (files, g_strdup (names[index]->d_name));
7059 free (names[index]);
7063 g_ptr_array_add (files, NULL);
7079 return g_build_filename (OPENVAS_DATA_DIR,
7099 gchar *dir_name, *uuid;
7112 if (owner_uuid == NULL)
7114 dir_name = g_build_filename (OPENVAS_STATE_DIR,
7120 g_free (owner_uuid);
7125 if (get_report_format_files (dir_name, &iterator->
start))
7145 array_free (iterator->
start);
7162 if (*iterator->
current == NULL)
return FALSE;
7176 return (
const char*) *iterator->
current;
7189 gchar *path_name, *content;
7193 path_name = g_build_filename (iterator->
dir_name,
7200 if (g_file_get_contents (path_name,
7208 g_debug (
"%s: failed to read %s: %s",
7209 __FUNCTION__, path_name, error->message);
7210 g_error_free (error);
7220 if (content && (content_size > 0))
7222 gchar *base64 = g_base64_encode ((guchar*) content, content_size);
7241 parse_tags (
const char *scanner_tags, gchar **tags, gchar **cvss_base)
7243 gchar **split, **point;
7244 GString *tags_buffer;
7247 tags_buffer = g_string_new (
"");
7248 split = g_strsplit (scanner_tags,
"|", 0);
7255 if (strncmp (*point,
"cvss_base=", strlen (
"cvss_base=")) == 0)
7259 else if (strncmp (*point,
7260 "cvss_base_vector=",
7261 strlen (
"cvss_base_vector="))
7264 if (*cvss_base == NULL)
7265 *cvss_base = g_strdup_printf (
"%.1f",
7266 get_cvss_score_from_base_metrics
7268 + strlen (
"cvss_base_vector=")));
7272 g_string_append_c (tags_buffer,
'|');
7273 g_string_append (tags_buffer, *point);
7280 g_string_append_c (tags_buffer,
'|');
7281 g_string_append (tags_buffer, *point);
7286 if (tags_buffer->len == 0)
7288 g_string_free (tags_buffer, TRUE);
7289 *tags = g_strdup (
"NOTAG");
7292 *tags = g_string_free (tags_buffer, FALSE);
7315 gnutls_session_t session;
7316 entity_t get_tasks, get_targets, entity, task, credential, port_list;
7320 omp_delete_opts_t del_opts = omp_delete_opts_ultimate_defaults;
7324 g_debug (
" %s: host: %s\n", __FUNCTION__, host);
7326 socket = openvas_server_open (&session, host, port);
7327 if (socket == -1)
return -1;
7329 g_debug (
" %s: connected\n", __FUNCTION__);
7333 if (omp_authenticate (&session, username, password))
7336 g_debug (
" %s: authenticated\n", __FUNCTION__);
7340 if (omp_get_tasks (&session, slave_task_uuid, 0, 0, &get_tasks))
7343 task = entity_child (get_tasks,
"task");
7345 goto fail_free_task;
7347 entity = entity_child (task,
"config");
7349 goto fail_free_task;
7350 slave_config_uuid = entity_attribute (entity,
"id");
7352 entity = entity_child (task,
"target");
7354 goto fail_free_task;
7355 slave_target_uuid = entity_attribute (entity,
"id");
7357 if (omp_get_targets (&session, slave_target_uuid, 0, 0, &get_targets))
7358 goto fail_free_task;
7360 entity = entity_child (get_targets,
"target");
7364 port_list = entity_child (entity,
"port_list");
7365 if (port_list == NULL)
7367 slave_port_list_uuid = entity_attribute (port_list,
"id");
7369 credential = entity_child (entity,
"ssh_credential");
7370 if (credential == NULL)
7372 slave_ssh_credential_uuid = entity_attribute (credential,
"id");
7374 credential = entity_child (entity,
"smb_credential");
7375 if (credential == NULL)
7377 slave_smb_credential_uuid = entity_attribute (credential,
"id");
7381 omp_stop_task (&session, slave_task_uuid);
7382 if (omp_delete_task_ext (&session, slave_task_uuid, del_opts))
7384 if (omp_delete_config_ext (&session, slave_config_uuid, del_opts))
7386 if (omp_delete_target_ext (&session, slave_target_uuid, del_opts))
7387 goto fail_credential;
7388 if (omp_delete_port_list_ext (&session, slave_port_list_uuid, del_opts))
7389 goto fail_credential;
7390 if (omp_delete_lsc_credential_ext (&session, slave_smb_credential_uuid,
7393 if (omp_delete_lsc_credential_ext (&session, slave_ssh_credential_uuid,
7399 free_entity (get_targets);
7400 free_entity (get_tasks);
7401 openvas_server_close (socket, session);
7405 omp_delete_config_ext (&session, slave_config_uuid, del_opts);
7407 omp_delete_target_ext (&session, slave_target_uuid, del_opts);
7408 omp_delete_port_list_ext (&session, slave_port_list_uuid, del_opts);
7410 omp_delete_lsc_credential_ext (&session, slave_smb_credential_uuid, del_opts);
7411 omp_delete_lsc_credential_ext (&session, slave_ssh_credential_uuid, del_opts);
7413 free_entity (get_targets);
7415 free_entity (get_tasks);
7417 openvas_server_close (socket, session);
7442 get_cve_filename (
char *item_id)
7446 if (sscanf (item_id,
"%*3s-%d-%*d", &year) == 1)
7465 get_ovaldef_filename (
char *item_id)
7467 char *result, *short_filename;
7472 if (*short_filename)
7474 result = g_strdup_printf (
"%s/%s", OPENVAS_SCAP_DATA_DIR, short_filename);
7476 free (short_filename);
7490 get_cert_bund_adv_filename (
char *item_id)
7494 if (sscanf (item_id,
"CB-K%d-%*s", &year) == 1)
7510 get_dfn_cert_adv_filename (
char *item_id)
7514 if (sscanf (item_id,
"DFN-CERT-%d-%*s", &year) == 1)
7536 gchar **param_values)
7539 gchar **cmd, *cmd_full;
7542 gchar *standard_out = NULL, *standard_err = NULL;
7545 if (param_names && param_values)
7546 while (param_names[param_idx] && param_values[param_idx])
7549 cmd = (gchar **)g_malloc ((4 + param_idx * 3) *
sizeof (gchar *));
7552 cmd[i++] =
"xsltproc";
7557 for (j = 0; j < param_idx; j++)
7559 cmd[i++] =
"--stringparam";
7560 cmd[i++] = param_names[j];
7561 cmd[i++] = param_values[j];
7564 cmd[i++] = stylesheet;
7570 cmd_full = g_strjoinv (
" ", cmd);
7571 g_debug (
"%s: Spawning in parent dir: %s\n",
7572 __FUNCTION__, cmd_full);
7576 if ((g_spawn_sync (NULL,
7579 G_SPAWN_SEARCH_PATH,
7587 || (WIFEXITED (exit_status) == 0)
7588 || WEXITSTATUS (exit_status))
7590 g_debug (
"%s: failed to transform the xml: %d (WIF %i, WEX %i)",
7593 WIFEXITED (exit_status),
7594 WEXITSTATUS (exit_status));
7595 g_debug (
"%s: stderr: %s\n", __FUNCTION__, standard_err);
7596 g_debug (
"%s: stdout: %s\n", __FUNCTION__, standard_out);
7599 else if (strlen (standard_out) == 0)
7606 g_free (standard_err);
7609 return standard_out;
7611 g_free (standard_out);
7623 category_name (
int category)
7625 static const char *categories[] = { ACT_STRING_LIST_ALL };
7626 if (category >= ACT_FIRST && category <= ACT_END)
7628 return categories[category];
7630 return categories[ACT_UNKNOWN];
7639 const char* x = nvt_iterator_ ## x (nvts); \ 7640 gchar* x ## _text = x \ 7641 ? g_markup_escape_text (x, -1) \ 7659 int preferences,
const char *timeout,
config_t config,
7666 gchar* name_text = g_markup_escape_text (name, strlen (name));
7669 GString *cert_refs_str, *tags_str, *buffer;
7671 gchar *tag_name_esc, *tag_value_esc, *tag_comment_esc;
7681 cert_refs_str = g_string_new (
"");
7685 while (
next (&cert_refs_iterator))
7687 g_string_append_printf (cert_refs_str,
7688 "<cert_ref type=\"CERT-Bund\" id=\"%s\"/>",
7694 while (
next (&cert_refs_iterator))
7696 g_string_append_printf (cert_refs_str,
7697 "<cert_ref type=\"DFN-CERT\" id=\"%s\"/>",
7704 g_string_append (cert_refs_str,
"<warning>database not available</warning>");
7707 tags_str = g_string_new (
"");
7708 g_string_append_printf (tags_str,
7709 "<count>%i</count>",
7718 while (
next (&tags))
7729 g_string_append_printf (tags_str,
7733 "<comment>%s</comment>" 7739 g_free (tag_name_esc);
7740 g_free (tag_value_esc);
7741 g_free (tag_comment_esc);
7745 buffer = g_string_new (
"");
7747 g_string_append_printf (buffer,
7750 "<creation_time>%s</creation_time>" 7751 "<modification_time>%s</modification_time>" 7752 "<user_tags>%s</user_tags>" 7753 "<category>%s</category>" 7754 "<copyright>%s</copyright>" 7755 "<family>%s</family>" 7756 "<version>%s</version>" 7757 "<cvss_base>%s</cvss_base>" 7762 "<cve_id>%s</cve_id>" 7763 "<bugtraq_id>%s</bugtraq_id>" 7764 "<cert_refs>%s</cert_refs>" 7767 "<preference_count>%i</preference_count>" 7768 "<timeout>%s</timeout>",
7793 timeout ? timeout :
"");
7794 g_free (copyright_text);
7795 g_free (family_text);
7796 g_free (version_text);
7799 g_string_free(cert_refs_str, 1);
7800 g_string_free(tags_str, 1);
7809 xml_string_append (buffer,
7811 "<timeout>%s</timeout>",
7812 timeout ? timeout :
"");
7815 while (
next (&prefs))
7819 xml_string_append (buffer,
"</preferences>");
7822 xml_string_append (buffer, close_tag ?
"</nvt>" :
"");
7823 msg = g_string_free (buffer, FALSE);
7826 msg = g_strdup_printf
7827 (
"<nvt oid=\"%s\"><name>%s</name>" 7828 "<user_tags><count>%i</count></user_tags>%s",
7831 close_tag ?
"</nvt>" :
"");
7847 struct tm update_time;
7860 g_debug (
"%s: failed to read %s: %s",
7862 g_error_free (error);
7867 memset (&update_time, 0,
sizeof (
struct tm));
7868 if (strptime (content,
"%Y%m%d%H%M", &update_time))
7870 static char time_string[100];
7871 strftime (time_string, 99,
"%FT%T.000%z", &update_time);
7892 gchar *pnames[2] = {
"refname", NULL };
7893 gchar *pvalues[2] = { name, NULL };
7895 assert (result != NULL);
7898 if (g_ascii_strcasecmp (
"CPE", type) == 0)
7900 fname = get_cpe_filename ();
7910 else if (g_ascii_strcasecmp (
"CVE", type) == 0)
7912 fname = get_cve_filename (uid);
7922 else if (g_ascii_strcasecmp (
"NVT", type) == 0)
7927 if (!
find_nvt (name ? name : uid, &nvt) && nvt)
7943 else if (g_ascii_strcasecmp (
"OVALDEF", type) == 0)
7945 fname = get_ovaldef_filename (uid);
7956 else if (g_ascii_strcasecmp (
"CERT_BUND_ADV", type) == 0)
7958 fname = get_cert_bund_adv_filename (uid);
7969 else if (g_ascii_strcasecmp (
"DFN_CERT_ADV", type) == 0)
7971 fname = get_dfn_cert_adv_filename (uid);
7983 if (*result == NULL)
8003 if (g_regex_match_simple (
"^[[:alnum:]-_.]+$", name, 0, 0))
8020 g_free (sort_data->
field);
8021 g_free (sort_data->
stat);
8043 g_assert (sync_script);
8044 g_assert_cmpstr (*result, ==, NULL);
8046 gchar *script_working_dir = g_path_get_dirname (sync_script);
8048 gchar **argv = (gchar **) g_malloc (3 *
sizeof (gchar *));
8049 argv[0] = g_strdup (sync_script);
8050 argv[1] = g_strdup (
"--selftest");
8056 GError *error = NULL;
8059 (script_working_dir, argv, NULL, 0, NULL, NULL, &script_out, &script_err,
8060 &script_exit, &error))
8062 if (*result != NULL)
8065 g_strdup_printf (
"Failed to execute synchronization " "script: %s",
8069 g_free (script_working_dir);
8071 g_free (script_out);
8072 g_free (script_err);
8073 g_error_free (error);
8078 if (script_exit != 0)
8080 if (script_err != NULL)
8082 *result = g_strdup_printf (
"%s", script_err);
8085 g_free (script_working_dir);
8087 g_free (script_out);
8088 g_free (script_err);
8093 g_free (script_working_dir);
8095 g_free (script_out);
8096 g_free (script_err);
8113 gchar ** identification,
8116 g_assert (sync_script);
8118 g_assert_cmpstr (*identification, ==, NULL);
8120 gchar *script_working_dir = g_path_get_dirname (sync_script);
8122 gchar **argv = (gchar **) g_malloc (3 *
sizeof (gchar *));
8123 argv[0] = g_strdup (sync_script);
8124 argv[1] = g_strdup (
"--identify");
8130 GError *error = NULL;
8132 gchar **script_identification;
8135 (script_working_dir, argv, NULL, 0, NULL, NULL, &script_out, &script_err,
8136 &script_exit, &error))
8138 g_warning (
"Failed to execute %s: %s", sync_script, error->message);
8140 g_free (script_working_dir);
8142 g_free (script_out);
8143 g_free (script_err);
8144 g_error_free (error);
8149 if (script_exit != 0)
8151 g_warning (
"%s returned a non-zero exit code.", sync_script);
8153 g_free (script_working_dir);
8155 g_free (script_out);
8156 g_free (script_err);
8161 script_identification = g_strsplit (script_out,
"|", 6);
8163 if ((script_identification[0] == NULL)
8165 && g_ascii_strncasecmp (script_identification[0],
"NVTSYNC", 7))
8167 && g_ascii_strncasecmp (script_identification[0],
"SCAPSYNC", 7))
8169 && g_ascii_strncasecmp (script_identification[0],
"CERTSYNC", 7))
8170 || g_ascii_strncasecmp (script_identification[0], script_identification[5], 7))
8172 g_warning (
"%s is not a feed synchronization script", sync_script);
8174 g_free (script_working_dir);
8176 g_free (script_out);
8177 g_free (script_err);
8179 g_strfreev (script_identification);
8185 *identification = g_strdup (script_out);
8187 g_free (script_working_dir);
8189 g_free (script_out);
8190 g_free (script_err);
8192 g_strfreev (script_identification);
8208 gchar ** description)
8210 g_assert (sync_script);
8211 g_assert_cmpstr (*description, ==, NULL);
8213 gchar *script_working_dir = g_path_get_dirname (sync_script);
8215 gchar **argv = (gchar **) g_malloc (3 *
sizeof (gchar *));
8216 argv[0] = g_strdup (sync_script);
8217 argv[1] = g_strdup (
"--describe");
8223 GError *error = NULL;
8226 (script_working_dir, argv, NULL, 0, NULL, NULL, &script_out, &script_err,
8227 &script_exit, &error))
8229 g_warning (
"Failed to execute %s: %s", sync_script, error->message);
8231 g_free (script_working_dir);
8233 g_free (script_out);
8234 g_free (script_err);
8235 g_error_free (error);
8240 if (script_exit != 0)
8242 g_warning (
"%s returned a non-zero exit code.", sync_script);
8244 g_free (script_working_dir);
8246 g_free (script_out);
8247 g_free (script_err);
8252 *description = g_strdup (script_out);
8254 g_free (script_working_dir);
8256 g_free (script_out);
8257 g_free (script_err);
8274 gchar ** feed_version)
8276 g_assert (sync_script);
8277 g_assert_cmpstr (*feed_version, ==, NULL);
8279 gchar *script_working_dir = g_path_get_dirname (sync_script);
8281 gchar **argv = (gchar **) g_malloc (3 *
sizeof (gchar *));
8282 argv[0] = g_strdup (sync_script);
8283 argv[1] = g_strdup (
"--feedversion");
8289 GError *error = NULL;
8292 (script_working_dir, argv, NULL, 0, NULL, NULL, &script_out, &script_err,
8293 &script_exit, &error))
8295 g_warning (
"Failed to execute %s: %s", sync_script, error->message);
8297 g_free (script_working_dir);
8299 g_free (script_out);
8300 g_free (script_err);
8301 g_error_free (error);
8306 if (script_exit != 0)
8308 g_warning (
"%s returned a non-zero exit code.", sync_script);
8310 g_free (script_working_dir);
8312 g_free (script_out);
8313 g_free (script_err);
8318 *feed_version = g_strdup (script_out);
8320 g_free (script_working_dir);
8322 g_free (script_out);
8323 g_free (script_err);
8346 gchar *lockfile_name, *lockfile_dirname;
8347 gchar *script_identification_string = NULL;
8351 g_assert (sync_script);
8352 g_assert (current_user);
8358 :
"sync_cert") == 0)
8362 (sync_script, &script_identification_string, feed_type))
8364 g_warning (
"No valid synchronization script supplied!");
8371 g_build_filename (g_get_tmp_dir (),
"openvas-feed-sync", sync_script, NULL);
8372 lockfile_dirname = g_path_get_dirname (lockfile_name);
8373 old_mask = umask (0);
8374 if (g_mkdir_with_parents (lockfile_dirname,
8376 S_IRWXU | S_IRWXG | S_IRWXO))
8379 g_warning (
"Failed to create lock dir '%s': %s", lockfile_dirname,
8381 g_free (lockfile_name);
8382 g_free (lockfile_dirname);
8386 g_free (lockfile_dirname);
8389 open (lockfile_name, O_RDWR | O_CREAT | O_EXCL,
8390 S_IWUSR | S_IRUSR | S_IROTH | S_IRGRP );
8393 if (errno == EEXIST)
8395 g_warning (
"Failed to open lock file '%s': %s", lockfile_name,
8397 g_free (lockfile_name);
8407 g_free (lockfile_name);
8408 g_warning (
"Failed to close lock file: %s", strerror (errno));
8412 if (unlink (lockfile_name))
8414 g_free (lockfile_name);
8415 g_warning (
"Failed to remove lock file: %s", strerror (errno));
8421 if (signal (SIGCHLD, SIG_DFL) == SIG_ERR)
8423 g_warning (
"Failed to set SIG_DFL");
8438 g_warning (
"%s: failed to fork sync child: %s\n", __FUNCTION__,
8451 open (lockfile_name, O_RDWR | O_CREAT | O_EXCL,
8452 S_IWUSR | S_IRUSR | S_IROTH | S_IRGRP );
8455 if (errno == EEXIST)
8457 g_warning (
"Failed to open lock file '%s' (child): %s", lockfile_name,
8459 g_free (lockfile_name);
8471 output = ctime (&now);
8472 left = strlen (output);
8475 count = write (fd, output, left);
8478 if (errno == EINTR || errno == EAGAIN)
8480 g_warning (
"%s: write: %s", __FUNCTION__, strerror (errno));
8489 output = current_user;
8490 left = strlen (output);
8493 count = write (fd, output, left);
8496 if (errno == EINTR || errno == EAGAIN)
8498 g_warning (
"%s: write: %s", __FUNCTION__, strerror (errno));
8509 count = write (fd,
"\n", 1);
8512 if (errno == EINTR || errno == EAGAIN)
8514 g_warning (
"%s: write: %s", __FUNCTION__, strerror (errno));
8529 FILE *sync_err, *sync_out;
8533 sync_out = freopen (
"/tmp/openvasad_sync_out",
"w", stdout);
8534 if (sync_out == NULL)
8536 g_warning (
"Failed to reopen stdout: %s", strerror (errno));
8537 exit (EXIT_FAILURE);
8540 sync_err = freopen (
"/tmp/openvasad_sync_err",
"w", stderr);
8541 if (sync_err == NULL)
8543 g_warning (
"Failed to reopen stderr: %s", strerror (errno));
8545 exit (EXIT_FAILURE);
8548 if (execl (sync_script, sync_script, (
char *) NULL))
8550 g_warning (
"Failed to execl %s: %s", sync_script, strerror (errno));
8553 exit (EXIT_FAILURE);
8558 exit (EXIT_FAILURE);
8563 g_warning (
"%s: failed to fork syncer: %s\n", __FUNCTION__,
8574 while (wait (&status) < 0)
8576 if (errno == ECHILD)
8578 g_warning (
"Failed to get child exit status");
8584 g_warning (
"wait: %s", strerror (errno));
8588 if (WIFEXITED (status))
8589 switch (WEXITSTATUS (status))
8595 g_warning (
"Error during synchronization.");
8601 g_message (
"Error during synchronization.");
8615 g_free (lockfile_name);
8616 g_warning (
"Failed to close lock file (child): %s", strerror (errno));
8622 if (unlink (lockfile_name))
8624 g_free (lockfile_name);
8625 g_warning (
"Failed to remove lock file (child): %s", strerror (errno));
8629 g_free (lockfile_name);
8648 gchar *lockfile_name, *lockfile_dirname;
8652 g_assert (sync_script);
8656 g_warning (
"Unsupported feed_type!");
8661 (sync_script, NULL, feed_type))
8663 g_warning (
"No valid synchronization script supplied!");
8670 g_build_filename (g_get_tmp_dir (),
"openvas-feed-sync", sync_script, NULL);
8671 lockfile_dirname = g_path_get_dirname (lockfile_name);
8672 old_mask = umask (0);
8673 if (g_mkdir_with_parents (lockfile_dirname,
8675 S_IRWXU | S_IRWXG | S_IRWXO))
8678 g_warning (
"Failed to create lock dir '%s': %s", lockfile_dirname,
8680 g_free (lockfile_name);
8681 g_free (lockfile_dirname);
8685 g_free (lockfile_dirname);
8688 open (lockfile_name, O_RDWR | O_CREAT | O_EXCL,
8689 S_IWUSR | S_IRUSR | S_IROTH | S_IRGRP );
8692 if (errno == EEXIST)
8694 g_warning (
"Failed to open lock file '%s': %s", lockfile_name,
8696 g_free (lockfile_name);
8707 output = ctime (&now);
8708 left = strlen (output);
8711 count = write (fd, output, left);
8714 if (errno == EINTR || errno == EAGAIN)
8716 g_warning (
"%s: write: %s", __FUNCTION__, strerror (errno));
8726 left = strlen (output);
8729 count = write (fd, output, left);
8732 if (errno == EINTR || errno == EAGAIN)
8734 g_warning (
"%s: write: %s", __FUNCTION__, strerror (errno));
8745 count = write (fd,
"\n", 1);
8748 if (errno == EINTR || errno == EAGAIN)
8750 g_warning (
"%s: write: %s", __FUNCTION__, strerror (errno));
8765 FILE *sync_err, *sync_out;
8769 sync_out = freopen (
"/tmp/openvasad_sync_out",
"w", stdout);
8770 if (sync_out == NULL)
8772 g_warning (
"Failed to reopen stdout: %s", strerror (errno));
8773 exit (EXIT_FAILURE);
8776 sync_err = freopen (
"/tmp/openvasad_sync_err",
"w", stderr);
8777 if (sync_err == NULL)
8779 g_warning (
"Failed to reopen stderr: %s", strerror (errno));
8781 exit (EXIT_FAILURE);
8784 if (execl (sync_script, sync_script,
"--migrate", (
char *) NULL))
8786 g_warning (
"Failed to execl %s: %s", sync_script, strerror (errno));
8789 exit (EXIT_FAILURE);
8794 exit (EXIT_FAILURE);
8799 g_warning (
"%s: failed to fork syncer: %s\n", __FUNCTION__,
8810 while (wait (&status) < 0)
8812 if (errno == ECHILD)
8814 g_warning (
"Failed to get child exit status");
8820 g_warning (
"wait: %s", strerror (errno));
8824 if (WIFEXITED (status))
8825 switch (WEXITSTATUS (status))
8831 g_warning (
"Error during SecInfo migration.");
8837 g_message (
"Error during SecInfo migration.");
8851 g_free (lockfile_name);
8852 g_warning (
"Failed to close lock file: %s", strerror (errno));
8858 if (unlink (lockfile_name))
8860 g_free (lockfile_name);
8861 g_warning (
"Failed to remove lock file: %s", strerror (errno));
8865 g_free (lockfile_name);
8883 gchar *lockfile_name, *content, **lines;
8884 GError *error = NULL;
8886 g_assert (sync_script);
8889 g_build_filename (g_get_tmp_dir (),
"openvas-feed-sync", sync_script, NULL);
8890 if (!g_file_get_contents (lockfile_name, &content, NULL, &error))
8892 if (g_error_matches (error, G_FILE_ERROR, G_FILE_ERROR_NOENT)
8893 || g_error_matches (error, G_FILE_ERROR, G_FILE_ERROR_ACCES))
8895 g_error_free (error);
8896 g_free (lockfile_name);
8900 g_warning (
"%s: %s", __FUNCTION__, error->message);
8901 g_error_free (error);
8902 g_free (lockfile_name);
8906 lines = g_strsplit (content,
"\n", 2);
8908 if (lines[0] && lines[1])
8910 *timestamp = g_strdup (lines[0]);
8911 *user = g_strdup (lines[1]);
8913 g_free (lockfile_name);
8918 g_free (lockfile_name);
8950 int (*run_command) (
void*, gchar*, gchar**),
8951 void *run_command_data,
8955 gchar **command_error,
8956 gchar **command_error_code,
8957 gchar **ret_response)
8959 GString *params_xml;
8960 gchar *file, *file_name, *response, *extra, *extra_wrapped, *wizard;
8963 entity_t entity, mode_entity, params_entity, read_only_entity;
8964 entity_t param_def, step;
8965 entities_t modes, steps, param_defs;
8975 *command_error = NULL;
8977 if (command_error_code)
8978 *command_error_code = NULL;
8981 *ret_response = NULL;
8984 while (*point && (isalnum (*point) || *point ==
'_')) point++;
8990 file_name = g_strdup_printf (
"%s.xml", name);
8991 file = g_build_filename (OPENVAS_DATA_DIR,
8999 g_file_get_contents (file,
9006 g_warning (
"%s: Failed to read wizard: %s\n",
9008 get_error->message);
9009 g_error_free (get_error);
9016 if (parse_entity (wizard, &entity))
9018 g_warning (
"%s: Failed to parse wizard\n", __FUNCTION__);
9025 if (mode && strcmp (mode,
""))
9027 modes = entity->entities;
9029 while (mode_found == 0 && (mode_entity = first_entity (modes)))
9031 if (strcasecmp (entity_name (mode_entity),
"mode") == 0)
9033 entity_t name_entity;
9034 name_entity = entity_child (mode_entity,
"name");
9036 if (strcmp (entity_text (name_entity), mode) == 0)
9039 modes = next_entities (modes);
9042 if (mode_found == 0)
9044 free_entity (entity);
9046 *ret_response = g_strdup (
"");
9056 mode_entity = entity;
9064 read_only_entity = entity_child (mode_entity,
"read_only");
9065 if (read_only_entity == NULL)
9067 free_entity (entity);
9073 params_xml = g_string_new (
"");
9074 params_entity = entity_child (mode_entity,
"params");
9076 param_defs = params_entity->entities;
9078 while (params_entity && (param_def = first_entity (param_defs)))
9080 if (strcasecmp (entity_name (param_def),
"param") == 0)
9082 entity_t name_entity, regex_entity, optional_entity;
9083 const char *name, *regex;
9085 int param_found = 0;
9087 name_entity = entity_child (param_def,
"name");
9088 if ((name_entity == NULL)
9089 || (strcmp (entity_text (name_entity),
"") == 0))
9091 g_warning (
"%s: Wizard PARAM missing NAME\n",
9093 free_entity (entity);
9097 name = entity_text (name_entity);
9099 regex_entity = entity_child (param_def,
"regex");
9100 if ((regex_entity == NULL)
9101 || (strcmp (entity_text (regex_entity),
"") == 0))
9103 g_warning (
"%s: Wizard PARAM missing REGEX\n",
9105 free_entity (entity);
9109 regex = entity_text (regex_entity);
9111 optional_entity = entity_child (param_def,
"optional");
9112 optional = (optional_entity
9113 && strcmp (entity_text (optional_entity),
"")
9114 && strcmp (entity_text (optional_entity),
"0"));
9118 guint index = params->len;
9123 pair = (
name_value_t*) g_ptr_array_index (params, index);
9130 && (strcmp (pair->
name, name) == 0))
9135 if (g_regex_match_simple (regex, pair->
value, 0, 0) == 0)
9138 = g_strdup_printf (
"Value '%s' is not valid for" 9141 free_entity (entity);
9142 g_string_free (params_xml, TRUE);
9149 if (optional == 0 && param_found == 0)
9151 *command_error = g_strdup_printf (
"Mandatory wizard param '%s'" 9154 free_entity (entity);
9160 param_defs = next_entities (param_defs);
9166 guint index = params->len;
9171 pair = (
name_value_t*) g_ptr_array_index (params, index);
9172 xml_string_append (params_xml,
9186 steps = mode_entity->entities;
9187 while ((step = first_entity (steps)))
9189 if (strcasecmp (entity_name (step),
"step") == 0)
9191 entity_t command, extra_xsl;
9194 char xsl_file_name[] =
"/tmp/openvasmd-xsl-XXXXXX";
9195 FILE *xsl_file, *xml_file;
9196 char xml_file_name[] =
"/tmp/openvasmd-xml-XXXXXX";
9197 char extra_xsl_file_name[] =
"/tmp/openvasmd-extra-xsl-XXXXXX";
9198 char extra_xml_file_name[] =
"/tmp/openvasmd-extra-xml-XXXXXX";
9202 command = entity_child (step,
"command");
9203 if (command == NULL)
9205 g_warning (
"%s: Wizard STEP missing COMMAND\n",
9207 free_entity (entity);
9210 g_string_free (params_xml, TRUE);
9216 xsl_fd = mkstemp (xsl_file_name);
9219 g_warning (
"%s: Wizard XSL file create failed\n",
9221 free_entity (entity);
9224 g_string_free (params_xml, TRUE);
9228 xsl_file = fdopen (xsl_fd,
"w");
9229 if (xsl_file == NULL)
9231 g_warning (
"%s: Wizard XSL file open failed\n",
9234 free_entity (entity);
9237 g_string_free (params_xml, TRUE);
9241 if (first_entity (command->entities))
9242 print_entity (xsl_file, first_entity (command->entities));
9246 xml_fd = mkstemp (xml_file_name);
9249 g_warning (
"%s: Wizard XML file create failed\n",
9252 unlink (xsl_file_name);
9253 free_entity (entity);
9256 g_string_free (params_xml, TRUE);
9260 xml_file = fdopen (xml_fd,
"w");
9261 if (xml_file == NULL)
9263 g_warning (
"%s: Wizard XML file open failed\n",
9266 unlink (xsl_file_name);
9268 free_entity (entity);
9271 g_string_free (params_xml, TRUE);
9275 if (fprintf (xml_file,
9277 "<params>%s</params>" 9279 "<response>%s</response>" 9280 "<extra_data>%s</extra_data>" 9283 params_xml->str ? params_xml->str :
"",
9284 response ? response :
"",
9289 unlink (xsl_file_name);
9291 unlink (xml_file_name);
9292 free_entity (entity);
9293 g_warning (
"%s: Wizard failed to write XML\n",
9297 g_string_free (params_xml, TRUE);
9308 unlink (xsl_file_name);
9310 unlink (xml_file_name);
9313 g_warning (
"%s: Wizard XSL transform failed\n",
9315 free_entity (entity);
9318 g_string_free (params_xml, TRUE);
9326 ret = run_command (run_command_data, omp, &response);
9339 free_entity (entity);
9342 g_string_free (params_xml, TRUE);
9345 else if (ret == -10)
9348 free_entity (entity);
9351 g_string_free (params_xml, TRUE);
9357 free_entity (entity);
9360 g_string_free (params_xml, TRUE);
9365 free_entity (entity);
9368 g_string_free (params_xml, TRUE);
9377 entity_t response_entity;
9379 response_entity = NULL;
9380 if (parse_entity (response, &response_entity))
9382 g_warning (
"%s: Wizard failed to parse response\n",
9384 free_entity (entity);
9387 g_string_free (params_xml, TRUE);
9391 status = entity_attribute (response_entity,
"status");
9392 if ((status == NULL)
9393 || (strlen (status) == 0)
9394 || (status[0] !=
'2'))
9396 g_debug (
"response was %s\n", response);
9400 text = entity_attribute (response_entity,
"status_text");
9402 *command_error = g_strdup (text);
9404 if (command_error_code)
9406 *command_error_code = g_strdup (status);
9408 free_entity (response_entity);
9409 free_entity (entity);
9412 g_string_free (params_xml, TRUE);
9416 free_entity (response_entity);
9421 extra_xsl = entity_child (step,
"extra_data");
9426 xsl_fd = mkstemp (extra_xsl_file_name);
9429 g_warning (
"%s: Wizard extra_data XSL file create failed\n",
9431 free_entity (entity);
9434 g_string_free (params_xml, TRUE);
9438 xsl_file = fdopen (xsl_fd,
"w");
9439 if (xsl_file == NULL)
9441 g_warning (
"%s: Wizard extra_data XSL file open failed\n",
9444 free_entity (entity);
9447 g_string_free (params_xml, TRUE);
9451 if (first_entity (extra_xsl->entities))
9452 print_entity (xsl_file, first_entity (extra_xsl->entities));
9456 xml_fd = mkstemp (extra_xml_file_name);
9459 g_warning (
"%s: Wizard XML file create failed\n",
9462 unlink (xsl_file_name);
9463 free_entity (entity);
9466 g_string_free (params_xml, TRUE);
9470 xml_file = fdopen (xml_fd,
"w");
9471 if (xml_file == NULL)
9473 g_warning (
"%s: Wizard XML file open failed\n",
9476 unlink (xsl_file_name);
9478 free_entity (entity);
9481 g_string_free (params_xml, TRUE);
9485 if (fprintf (xml_file,
9487 "<params>%s</params>" 9489 "<response>%s</response>" 9492 "<extra_data>%s</extra_data>" 9495 params_xml->str ? params_xml->str :
"",
9496 response ? response :
"",
9501 unlink (extra_xsl_file_name);
9503 unlink (extra_xml_file_name);
9504 free_entity (entity);
9505 g_warning (
"%s: Wizard failed to write XML\n",
9509 g_string_free (params_xml, TRUE);
9516 extra =
xsl_transform (extra_xsl_file_name, extra_xml_file_name,
9519 unlink (extra_xsl_file_name);
9521 unlink (extra_xml_file_name);
9524 steps = next_entities (steps);
9528 extra_wrapped = g_strdup_printf (
"<extra_data>%s</extra_data>",
9531 extra_wrapped = NULL;
9535 *ret_response = response;
9537 if (extra_wrapped && (forked == 0))
9539 entity_t extra_entity, status_entity, status_text_entity;
9540 ret = parse_entity (extra_wrapped, &extra_entity);
9543 status_entity = entity_child (extra_entity,
"status");
9544 status_text_entity = entity_child (extra_entity,
"status_text");
9546 if (status_text_entity && command_error)
9548 *command_error = g_strdup (entity_text (status_text_entity));
9551 if (status_entity && command_error_code)
9553 *command_error_code = g_strdup (entity_text (status_entity));
9555 free_entity (extra_entity);
9559 g_warning (
"%s: failed to parse extra data", __FUNCTION__);
9560 free_entity (entity);
9561 g_string_free (params_xml, TRUE);
9566 free_entity (entity);
9567 g_string_free (params_xml, TRUE);
int move_task(const char *task_id, const char *slave_id)
Reassign a task to another slave.
char * target_port_range(target_t)
Return the port range of a target, in OTP format.
void severity_data_add_count(severity_data_t *severity_data, double severity, int count)
Add a multiple severity occurrences to the counts of a severity_data_t.
int report_format_predefined(report_format_t)
Return whether a report format is predefined.
Protos for communication between openvas-manager and openvas-server.
int task_schedule_periods_uuid(const gchar *)
Set the next time a scheduled task will be due.
alert_condition_t
Types of alert conditions.
const char * preference_iterator_name(iterator_t *)
int start_task(const char *task_id, char **report_id)
Start a task.
const char * task_file_iterator_name(iterator_t *)
gchar * slave_smb_credential_uuid
Slave credential UUID.
const char * credential_iterator_auth_algorithm(iterator_t *)
void report_set_slave_name(report_t, const gchar *)
Set the name of the slave on a report.
const char * target_iterator_alive_tests(iterator_t *)
Get the alive test description from a target iterator.
void report_add_result(report_t, result_t)
Add a result to a report.
void trim_report(report_t report)
Prepare a partial report for restarting the scan from the beginning.
task_status_t
Task statuses, also used as scan/report statuses.
const char * resource_tag_iterator_value(iterator_t *)
int manage_report_host_details(report_t report, const char *ip, entity_t entity)
Add host details to a report host.
char * alert_data(alert_t alert, const char *type, const char *name)
Return data associated with an alert.
#define COMMAND
Command called by get_system_report_types.
const char * nvt_iterator_qod(iterator_t *)
alert_condition_t alert_condition_from_name(const char *name)
Get an alert condition from a name.
char * target_hosts(target_t)
Return the hosts associated with a target.
void report_set_slave_port(report_t, int)
Set the port of the slave of a report.
gboolean openvas_get_sync_script_identification(const gchar *sync_script, gchar **identification, int feed_type)
Retrieves the ID string of a feed sync script, with basic validation.
int resume_task(const char *task_id, char **report_id)
Resume a task.
result_t make_cve_result(task_t, const char *, const char *, double, const char *)
Make a CVE result.
void init_nvt_cert_bund_adv_iterator(iterator_t *, const char *, int, const char *)
Initialise an CERT-Bund iterator, for advisories relevant to a NVT.
int openvas_sync_feed(const gchar *sync_script, const gchar *current_user, int feed_type)
Forks a child to synchronize the local feed collection.
#define CPE_GETBYNAME_XSL
CPE selection stylesheet location.
char * user_uuid(user_t)
Return the UUID of a user.
int severity_data_range_count(const severity_data_t *severity_data, double min_severity, double max_severity)
Calculate the total of severity counts in a range.
long long int credential_t
const char * type_name_plural(const char *type)
Return the plural name of a resource type.
gchar * file_iterator_content_64(file_iterator_t *iterator)
Return the file contents from a file iterator.
gchar * user_hosts(const char *)
Return the hosts of a user.
char * target_ssh_port(target_t)
Return the SSH LSC port of a target.
int slave_authenticate(gnutls_session_t *session, scanner_t slave)
Authenticate with a slave.
int run_otp_task(task_t task, scanner_t scanner, int from, char **report_id)
Start an OTP scanner task.
gchar * report_host_ip(const char *host)
Get the IP of a host, using the 'hostname' report host details.
schedule_t task_schedule_uuid(const gchar *)
Return the schedule of a task.
char * report_format_owner_uuid(report_format_t)
Return the UUID of the owner of a report format.
int get_certificate_info(const gchar *certificate, time_t *activation_time, time_t *expiration_time, gchar **fingerprint, gchar **issuer)
Gathers info from a certificate.
const char * credential_iterator_password(iterator_t *)
Get the password from a Credential iterator.
void init_family_iterator(iterator_t *, int, const char *, int)
Initialise an NVT selector family iterator.
gchar * stat
The statistic to sort by.
gchar * slave_report_uuid
Slave report UUID.
void parse_tags(const char *scanner_tags, gchar **tags, gchar **cvss_base)
Split up the tags received from the scanner.
gpointer * current
Current file.
const char * prognosis_iterator_cve(iterator_t *)
void openvas_scanner_set_certs(const char *ca_pub, const char *key_pub, const char *key_priv)
Set the scanner's CA Certificate, and public/private key pair.
resource_t get_iterator_resource(iterator_t *)
Get the resource from a GET iterator.
void reinit_manage_process()
Reinitialize the manage library for a process.
const char * manage_scap_update_time()
GET SCAP update time, as a string.
const char * event_name(event_t event)
Get the name of an alert event.
const char * get_iterator_name(iterator_t *)
const char * severity_to_type(double severity)
Get the message type matching a severity score.
int nvt_iterator_category(iterator_t *)
Get the category from an NVT iterator.
char * report_slave_task_uuid(report_t)
Return the UUID of the task on the slave.
const char * resource_tag_iterator_uuid(iterator_t *)
void init_host_prognosis_iterator(iterator_t *, report_host_t, int, int, const char *, const char *, int, const char *)
Initialise a report host prognosis iterator.
void cleanup_report_type_iterator(report_type_iterator_t *iterator)
Cleanup a report type iterator.
const char * get_iterator_modification_time(iterator_t *)
const char * credential_iterator_type(iterator_t *)
gboolean host_nthlast_report_host(const char *host, report_host_t *report_host, int position)
Get N'th last report_host given a host.
gchar * get_ovaldef_short_filename(char *item_id)
Get the short file name for an OVALDEF.
#define OVALDEF_GETBYNAME_XSL
OVALDEF selection stylesheet location.
port_list_t target_port_list(target_t target)
Return the port list associated with a target, if any.
double prognosis_iterator_cvss_double(iterator_t *)
Get the CVSS from a result iterator as a double.
A report format file iterator.
void init_severity_data(severity_data_t *data)
Initialize a severity data structure.
int init_system_report_type_iterator(report_type_iterator_t *iterator, const char *type, const char *slave_id)
Initialise a system report type iterator.
int scan_host_end_time(report_t, const char *)
Get the end time of a scanned host.
credential_t target_ssh_credential(target_t target)
Return the SSH credential associated with a target, if any.
gchar * alert_condition_description(alert_condition_t condition, alert_t alert)
Get a description of an alert condition.
const char * otp_pref_iterator_name(iterator_t *)
int config_type(config_t)
Return the type of a config.
int user_hosts_allow(const char *)
Return whether hosts value of a user denotes allowed.
const char * preference_iterator_value(iterator_t *)
#define SEVERITY_SUBDIVISIONS
int openvas_sleep(unsigned int seconds)
Sleep for some number of seconds, handling interrupts.
gchar * truncate_certificate(const gchar *certificate)
Truncate a certificate, removing extra data.
int sendn_to_server(const void *msg, size_t n)
Send a number of bytes to the server.
void set_task_run_status(task_t, task_status_t)
Set the run state of a task.
#define NVT_SELECTOR_TYPE_ANY
Special NVT selector type for selecting all types in interfaces.
int scan_start_time_epoch(report_t)
Get the start time of a scan, in seconds since the epoch.
const char * config_timeout_iterator_value(iterator_t *)
void init_task_file_iterator(iterator_t *iterator, task_t task, const char *file)
Initialise a task file iterator.
void init_report_host_iterator(iterator_t *, report_t, const char *, report_host_t)
Initialise a host iterator.
time_t task_schedule_iterator_period(iterator_t *iterator)
Get the period from a task schedule iterator.
#define MAX_CHECKS_DEFAULT
Default for Scanner max_checks preference.
#define CVE_FILENAME_FMT
CVE data files location format string.
const char * nvt_iterator_cvss_base(iterator_t *)
gchar * get_nvti_xml(iterator_t *nvts, int details, int pref_count, int preferences, const char *timeout, config_t config, int close_tag)
Create and return XML description for an NVT.
char * task_hosts_ordering(task_t)
Return the hosts ordering of a task.
const char * resource_tag_iterator_comment(iterator_t *)
#define QOD_DEFAULT
Default quality of detection percentage.
int manage_cert_loaded()
Check whether CERT is available.
int sendf_to_server(const char *format,...)
Format and send a message to the server.
#define CVE_GETBYNAME_XSL
CVE selection stylesheet location.
task_t current_scanner_task
The task currently running on the scanner.
int acl_user_has_access_uuid(const char *type, const char *uuid, const char *permission, int trash)
Test whether the user may access a resource.
void hosts_set_max_severity(report_t, int *, int *)
Set the maximum severity of each host in a scan.
const char * threat_message_type(const char *threat)
Get the message type of a threat.
void init_report_iterator_task(iterator_t *, task_t)
Initialise a report iterator.
result_t make_osp_result(task_t, const char *, const char *, const char *, const char *, const char *, const char *, int)
Make an OSP result.
void set_scan_host_end_time(report_t, const char *, const char *)
Set the end time of a scanned host.
void report_set_source_iface(report_t, const gchar *)
Set the source interface of a report.
const char * alert_method_name(alert_method_t method)
Get the name of an alert method.
const char * nvt_iterator_cve(iterator_t *)
const char * nvt_iterator_name(iterator_t *)
void report_set_slave_uuid(report_t, const gchar *)
Set the UUID of the slave on a report.
void manage_auth_allow_all(int scheduled)
Ensure that any subsequent authentications succeed.
int set_task_requested(task_t task, task_status_t *status)
Atomically set the run state of a task to requested.
void set_task_scanner(task_t, scanner_t)
Set the scanner of a task.
gchar * certificate_iso_time(time_t time)
Converts a certificate time to an ISO time string.
void cleanup_task_schedule_iterator(iterator_t *iterator)
Cleanup a task schedule iterator.
alert_method_t
Types of alerts.
int task_uuid(task_t, char **)
Return the UUID of a task.
int openvas_scanner_connected()
Whether we have started a connection to the Scanner using openvas_scanner_connect().
int update_from_slave(task_t task, entity_t get_report, entity_t *report, int *next_result)
Update the local task from the slave task.
const char * credential_iterator_private_key(iterator_t *)
Get the private_key from a Credential iterator.
int manage_update_nvti_cache()
Update the memory cache of NVTs, if this has been requested.
gchar * slave_target_uuid
Slave target UUID.
const char * host_iterator_host(iterator_t *)
const char * nvt_iterator_bid(iterator_t *)
int parse_iso_time(const char *text_time)
Convert an ISO time into seconds since epoch.
int run_osp_task(task_t task)
Start a task on an OSP scanner.
int severity_matches_ov(double severity, double ov_severity)
Check whether a severity matches an override's severity.
void reset_task(task_t)
Reset all running information for a task.
void reschedule_task(const gchar *task_id)
Set a task's schedule so that it runs again next scheduling round.
GPtrArray * start
Array of files.
config_t task_config(task_t)
Return the config of a task.
credential_t target_esxi_credential(target_t target)
Return the ESXi credential associated with a target, if any.
char * target_exclude_hosts(target_t)
Return the excluded hosts associated with a target.
task_status_t task_run_status(task_t)
Return the run state of a task.
const char * task_schedule_iterator_task_uuid(iterator_t *)
report_format_param_type_t report_format_param_type_from_name(const char *name)
Get a report format param type from a name.
const char * credential_iterator_privacy_password(iterator_t *)
Get the privacy password from a Credential iterator.
void set_task_schedule_next_time_uuid(const gchar *task_id, time_t time)
Set the next time a scheduled task will be due.
const char * credential_full_type(const char *abbreviation)
Get the written-out name of an LSC Credential type.
gchar * app_location(report_host_t, const gchar *)
Get the location of an App for a report's host.
int get_schedule_timeout()
Get the current schedule timeout.
const char * nvt_selector_iterator_nvt(iterator_t *)
const char * target_iterator_hosts(iterator_t *)
gboolean find_target_with_permission(const char *, target_t *, const char *)
Find a target for a specific permission, given a UUID.
void(* progress)()
Function to mark progress.
credential_t target_credential(target_t, const char *)
Get a credential from a target.
const char * host_iterator_end_time(iterator_t *)
char * task_preference_value(task_t, const char *)
Get the value of a task preference.
gboolean openvas_get_sync_script_feed_version(const gchar *sync_script, gchar **feed_version)
Retrieves the version of a feed handled by the sync, with basic validation.
gchar * field
The field to sort by.
#define ZERO_SEVERITY_INDEX
volatile int termination_signal
Flag for signal handlers.
void clear_duration_schedules(task_t)
Clear once-off schedules from tasks where the duration has passed.
Command data for a get command.
char * scanner_login(scanner_t)
Return the login associated with a scanner.
gboolean openvas_get_sync_script_description(const gchar *sync_script, gchar **description)
Retrieves description of a feed sync script, with basic validation.
gchar * slave_port_list_uuid
Slave target UUID.
gboolean find_nvt(const char *, nvt_t *)
Find an NVT given an identifier.
void set_task_start_time_epoch(task_t, int)
Set the start time of a task.
void hosts_set_identifiers()
Setup hosts and their identifiers after a scan, from host details.
#define MAX_HOSTS_DEFAULT
Default for Scanner max_hosts preference.
gchar * event_description(event_t event, const void *event_data, const char *task_name)
Get a description of an alert event.
const char * task_schedule_iterator_owner_uuid(iterator_t *)
void manage_session_init(const char *uuid)
Setup session.
int create_current_report(task_t task, char **report_id, task_status_t status)
Create the current report for a task.
int delete_slave_task(const gchar *host, int port, const gchar *username, const gchar *password, const char *slave_task_uuid)
Delete a task on a slave.
void set_scan_end_time(report_t, const char *)
Set the end time of a scan.
char * scanner_uuid(scanner_t)
Return the UUID of a scanner.
int update_end_times(entity_t report)
Update end times, and optionally add host details.
gboolean task_schedule_iterator_stop_due(iterator_t *iterator)
Get the stop due state from a task schedule iterator.
char * scanner_password(scanner_t)
Return the password associated with a scanner.
result_t make_result(task_t, const char *, const char *, const char *, const char *, const char *)
Make a result.
void init_nvt_dfn_cert_adv_iterator(iterator_t *, const char *, int, const char *)
Initialise an DFN-CERT iterator, for advisories relevant to a NVT.
int send_to_server(const char *msg)
Send a message to the server.
void set_report_slave_task_uuid(report_t report, const char *uuid)
Set the UUID of the slave task, on the local task.
int update_slave_progress(entity_t get_tasks)
Update the locally cached task progress from the slave.
const char * prognosis_iterator_cpe(iterator_t *)
void set_scan_start_time_epoch(report_t, time_t)
Set the start time of a scan.
unsigned int task_id(task_t)
Return the identifier of a task.
target_t task_target(task_t)
Return the target of a task.
void init_credential_iterator_one(iterator_t *, credential_t)
Initialise a Credential iterator, given a single Credential.
double level_max_severity(const char *level, const char *class)
Get the minimum severity for a severity level and class.
const char * nvt_iterator_qod_type(iterator_t *iterator)
int openvas_scanner_is_loading()
Checks whether the connected to OpenVAS Scanner is still loading plugins. To be called right after op...
gchar * slave_ssh_credential_uuid
Slave credential UUID.
gboolean next_report(iterator_t *, report_t *)
Read the next report from an iterator.
#define SCANNER_UUID_DEFAULT
UUID of 'OpenVAS Default' scanner.
#define SCAP_TIMESTAMP_FILENAME
SCAP timestamp location.
void cleanup_severity_data(severity_data_t *data)
Clean up a severity data structure.
int init_report_format_file_iterator(file_iterator_t *iterator, report_format_t report_format)
Initialise a report format file iterator.
int openvas_scanner_set_address(const char *addr, int port)
Set the scanner's address and port. Will try to resolve addr if it is a hostname. ...
char * manage_default_ca_cert()
Get the default CA cert.
gchar * xsl_transform(gchar *stylesheet, gchar *xmlfile, gchar **param_names, gchar **param_values)
Run xsltproc in an external process.
#define NVT_SELECTOR_TYPE_ALL
NVT selector type for "all" rule.
void insert_report_host_detail(report_t, const char *, const char *, const char *, const char *, const char *, const char *)
Insert a host detail into a report.
void hosts_set_details(report_t report)
Store certain host details in the assets after a scan.
task_t task_schedule_iterator_task(iterator_t *iterator)
Get the task from a task schedule iterator.
time_t task_schedule_iterator_period_months(iterator_t *iterator)
Get the period months from a task schedule iterator.
void parse_osp_report(task_t task, report_t report, const char *report_xml)
Parse an OSP report.
gboolean openvas_sync_script_perform_selftest(const gchar *sync_script, gchar **result)
Request a feed synchronization script selftest.
openvas_connection_t * slave_connection
Slave session.
void set_schedule_timeout(int new_timeout)
Set the schedule timeout.
#define RUN_SLAVE_TASK_SLEEP_SECONDS
Number of seconds to sleep between polls to slave.
char * scanner_host(scanner_t)
Return the host of a scanner.
void init_config_timeout_iterator(iterator_t *, config_t)
Initialise a config timeout iterator.
#define DEF(x)
Define a code snippet for get_nvti_xml.
void init_preference_iterator(iterator_t *, config_t)
Initialise a preference iterator.
const char * otp_pref_iterator_value(iterator_t *)
int scanner_port(scanner_t)
Return the port of a scanner.
int set_certs(const char *ca_pub, const char *key_pub, const char *key_priv)
Initialise OpenVAS scanner variables, checking for defaults.
const gchar * certificate_time_status(time_t activates, time_t expires)
Tests the activation and expiration time of a certificate.
long long int port_list_t
gchar * report_results_filter_term(int first, int rows, int apply_overrides, int autofp, int min_qod)
Create a basic filter term to get report results.
const char * task_file_iterator_content(iterator_t *)
char * scanner_ca_pub(scanner_t)
Return the CA Certificate of a scanner.
const char * get_iterator_creation_time(iterator_t *)
void slist_free(GSList *list)
Free an slist of pointers, including the pointers.
void severity_data_level_counts(const severity_data_t *severity_data, const gchar *severity_class, int *errors, int *debugs, int *false_positives, int *logs, int *lows, int *mediums, int *highs)
Count the occurrences of severities in the levels.
const char * config_timeout_iterator_nvt_name(iterator_t *)
char * iso_time(time_t *)
Create an ISO time from seconds since epoch.
void severity_data_add(severity_data_t *severity_data, double severity)
Add a severity occurrence to the counts of a severity_data_t.
int stop_task_internal(task_t task)
Initiate stopping a task.
const char * run_status_name(task_status_t status)
Get the name of a run status.
int openvas_current_sync(const gchar *sync_script, gchar **timestamp, gchar **user)
Determine if the administrator is synchronizing with a feed.
void init_otp_pref_iterator(iterator_t *iterator, config_t config, const char *section)
Initialise an "OTP" preference iterator.
void update_duration_schedule_periods(task_t)
Update tasks with limited run schedules which have durations.
const char * report_format_param_type_name(report_format_param_type_t type)
Get the name of a report format param type.
gboolean task_schedule_iterator_start_due(iterator_t *iterator)
Get the start due state from a task schedule iterator.
void buffer_config_preference_xml(GString *, iterator_t *, config_t, int)
Buffer XML for the NVT preference of a config.
void set_task_end_time_epoch(task_t, time_t)
Set the end time of a task.
gboolean find_task_with_permission(const char *, task_t *, const char *)
Find a task for a specific permission, given a UUID.
const char * type_name(const char *type)
Return the name of a resource type.
char * target_reverse_lookup_unify(target_t)
Return the reverse_lookup_unify value of a target.
gchar * resource_uuid(const gchar *type, resource_t resource)
Get the UUID of a resource.
time_t task_schedule_iterator_first_time(iterator_t *iterator)
Get the first time from a task schedule iterator.
int delete_report_internal(report_t report)
Delete a report.
int openvas_scanner_connect()
Create a new connection to the scanner and set it as current scanner.
void init_nvt_preference_iterator(iterator_t *, const char *)
Initialise an NVT preference iterator.
int set_report_scan_run_status(report_t report, task_status_t status)
Return the run status of the scan associated with a report.
report_t task_running_report(task_t)
Return the running report of a task.
int validate_username(const gchar *name)
Validates a username.
gboolean next_file(file_iterator_t *iterator)
Increment a report type iterator.
gchar * truncate_private_key(const gchar *private_key)
Truncate a private key, removing extra data.
int init_resource_tag_iterator(iterator_t *, const char *, resource_t, int, const char *, int)
Initialise a iterator of tags attached to a resource.
report_t current_report
The report of the current task.
const char * file_iterator_name(file_iterator_t *iterator)
Return the name from a file iterator.
int set_task_schedule_uuid(const gchar *task_id, schedule_t schedule, int periods)
Set the schedule of a task.
gchar ** current
Current type.
#define CPE_DICT_FILENAME
CPE dictionary location.
double severity_data_value(int index)
Convert an index in the counts array to a severity value.
int nvt_selector_iterator_type(iterator_t *)
Get the type from an NVT selector.
int severity_data_index(double severity)
Convert a severity value into an index in the counts array.
double level_min_severity(const char *level, const char *class)
Get the minimum severity for a severity level and class.
void report_host_set_end_time(report_host_t, time_t)
Set end time of a report host.
const char * setting_severity()
Return the Severity Class user setting.
char * scanner_key_priv(scanner_t)
Return the private key of a scanner.
int get_termination_signal()
Gets the last termination signal or 0.
scanner_t task_scanner(task_t)
Return the scanner of a task.
gchar * schedule_user_uuid
UUID of user whose scheduled task is to be started (in connection with authenticate_allow_all).
void init_nvt_selector_iterator(iterator_t *, const char *, config_t, int)
Initialise an NVT selector iterator.
int init_task_schedule_iterator(iterator_t *iterator)
Initialise a task schedule iterator.
gchar * user_ifaces(const char *)
Return the ifaces of a user.
const char * prognosis_iterator_description(iterator_t *)
int set_report_slave_progress(report_t report, int progress)
Set slave progress of a report.
int manage_check_current_task()
Handle state changes to current task made by other processes.
char * target_reverse_lookup_only(target_t)
Return the reverse_lookup_only value of a target.
const char * task_schedule_iterator_owner_name(iterator_t *)
void cleanup_iterator(iterator_t *)
Cleanup an iterator.
const char * credential_iterator_login(iterator_t *)
int authenticate_allow_all
Flag for manage_auth_allow_all.
int openvas_scanner_init(int cache_mode)
Initializes the already setup connection with the Scanner.
int schedule_duration(schedule_t)
Return the duration of a schedule.
int user_ifaces_allow(const char *)
Return whether ifaces value of a user denotes allowed.
const char * report_type_iterator_title(report_type_iterator_t *iterator)
Return the title from a report type iterator.
gboolean find_resource(const char *, const char *, resource_t *)
Find a resource given a UUID.
int resource_tag_count(const char *, resource_t, int)
Count number of tags attached to a resource.
gchar * predefined_report_format_dir(const gchar *uuid)
Get the directory of a report format.
int acl_user_may(const char *operation)
Test whether a user may perform an operation.
long long int report_host_t
gboolean find_scanner(const char *, scanner_t *)
Find a scanner given a UUID.
int openvas_scanner_set_unix(const char *path)
Set the scanner's unix socket path.
const char * alert_condition_name(alert_condition_t condition)
Get the name of an alert condition.
const char * target_iterator_ssh_port(iterator_t *)
void set_task_schedule_next_time(task_t task, time_t time)
Set the next time a scheduled task will be due.
credentials_t current_credentials
Current credentials during any OMP command.
#define g_info(...)
Defines g_info for glib versions older than 2.40.
void set_task_end_time(task_t task, char *time)
Set the end time of a task.
void cleanup_file_iterator(file_iterator_t *iterator)
Cleanup a report type iterator.
char * report_uuid(report_t)
Return the UUID of a report.
const char * family_iterator_name(iterator_t *)
void init_target_iterator_one(iterator_t *, target_t)
Initialise a target iterator, given a single target.
int task_last_stopped_report(task_t, report_t *)
Get the report from the most recently stopped invocation of task.
void manage_transaction_stop(gboolean)
Commit the current transaction, if any.
gchar * slave_task_uuid
Slave task UUID.
void auto_delete_reports()
Auto delete reports.
int acknowledge_bye()
Acknowledge a scanner BYE.
void trim_partial_report(report_t)
Prepare a partial report for resumption of the scan.
const char * message_type_threat(const char *type)
Get the threat of a message type.
const char * nvt_iterator_oid(iterator_t *)
report_host_t manage_report_host_add(report_t, const char *, time_t, time_t)
Add a report host.
const char * run_status_name_internal(task_status_t status)
Get the unique name of a run status.
int delete_reports(task_t task)
Delete all the reports for a task.
void sort_data_free(sort_data_t *sort_data)
Free a sort_data_t struct and its related resources.
#define DFN_CERT_ADV_FILENAME_FMT
DFN-CERT data files location format string.
char * port_list_uuid(port_list_t)
Return the UUID of a port_list.
gboolean find_resource_with_permission(const char *type, const char *uuid, resource_t *resource, const char *permission, int trash)
Find a resource given a UUID and a permission.
char * scanner_name(scanner_t)
Return the name of a scanner.
#define DFN_CERT_ADV_GETBYNAME_XSL
DFN_CERT_ADV selection stylesheet location.
char * report_format_uuid(report_format_t)
Return the UUID of a report format.
scanner_type
Scanner types.
void set_report_scheduled(report_t report)
Set a report's scheduled flag.
A system report type iterator.
gchar * slave_snmp_credential_uuid
Slave credential UUID.
alert_method_t alert_method_from_name(const char *name)
Get an alert method from a name.
const char * target_iterator_reverse_lookup_only(iterator_t *)
const char * credential_iterator_privacy_algorithm(iterator_t *)
int forked
Hack for returning fork status to caller.
time_t next_time(time_t first, int period, int period_months, const char *timezone, int periods_offset)
Calculate the next time from now given a start time and a period.
credential_t target_smb_credential(target_t target)
Return the SMB credential associated with a target, if any.
gboolean next(iterator_t *)
Increment an iterator.
int manage_system_report(const char *name, const char *duration, const char *start_time, const char *end_time, const char *slave_id, char **report)
Get a system report.
const char * severity_to_level(double severity, int mode)
Get the threat level matching a severity score.
char * target_uuid(target_t)
Return the UUID of a target.
#define SCHEDULE_TIMEOUT_DEFAULT
Default for schedule_timeout in minutes.
gboolean next_report_type(report_type_iterator_t *iterator)
Increment a report type iterator.
int type_is_scap(const char *type)
Check if a type is a SCAP type.
const char * target_iterator_exclude_hosts(iterator_t *)
void init_nvt_iterator(iterator_t *, nvt_t, config_t, const char *, const char *, int, const char *)
Initialise an NVT iterator.
int nvt_selector_iterator_include(iterator_t *)
Get whether the selector rule is an include rule.
gchar ** start
First type.
get_data_t * report_results_get_data(int first, int rows, int apply_overrides, int autofp, int min_qod)
Create a new basic get_data_t struct to get report results.
int acknowledge_feed_version_info()
Acknowledge scanner PLUGINS_FEED_VERSION message,.
int manage_schedule(int(*fork_connection)(openvas_connection_t *, gchar *), gboolean run_tasks, sigset_t *sigmask_current)
Schedule any actions that are due.
const char * report_type_iterator_name(report_type_iterator_t *iterator)
Return the name from a report type iterator.
int stop_task(const char *task_id)
Initiate stopping a task.
event_t event_from_name(const char *name)
Get an event from a name.
const char * target_iterator_reverse_lookup_unify(iterator_t *)
gboolean find_scanner_with_permission(const char *, scanner_t *, const char *)
Find a scanner for a specific permission, given a UUID.
#define CERT_BUND_ADV_FILENAME_FMT
CERT-Bund data files location format string.
gchar * slave_esxi_credential_uuid
Slave credential UUID.
alive_test_t target_alive_tests(target_t target)
Return a target's alive tests.
int manage_run_wizard(const gchar *name, int(*run_command)(void *, gchar *, gchar **), void *run_command_data, array_t *params, int read_only, const char *mode, gchar **command_error, gchar **command_error_code, gchar **ret_response)
Run a wizard.
gchar * dir_name
Dir holding files.
const char * resource_tag_iterator_name(iterator_t *)
int severity_in_level(double severity, const char *level)
Check whether a severity falls within a threat level.
void report_set_slave_host(report_t, const gchar *)
Set the host of the slave of a report.
event_t
Types of task events.
int openvas_migrate_secinfo(const gchar *sync_script, int feed_type)
Migrates SCAP or CERT database, waiting until migration terminates.
#define CERT_BUND_ADV_GETBYNAME_XSL
CERT_BUND_ADV selection stylesheet location.
char * task_name(task_t)
Return the name of a task.
char * scanner_key_pub(scanner_t)
Return the Certificate of a scanner.
const char * preference_iterator_type(iterator_t *)
int set_task_schedule_periods(const gchar *, int)
Set the schedule periods of a task, given a UUID.
osp_connection_t * osp_scanner_connect(scanner_t)
Create a new connection to an OSP scanner.
#define FALLBACK_SYSTEM_REPORT_HEADER
Header for fallback system report.
report_format_param_type_t
Report format param types.
void set_scan_end_time_epoch(report_t, time_t)
Set the end time of a scan.
const char * nvt_selector_iterator_name(iterator_t *)
gchar * value
Param value.
void set_scheduled_user_uuid(gchar *user_uuid)
Set UUID of user that scheduled the current task.
gchar * get_scheduled_user_uuid()
Access UUID of user that scheduled the current task.
const char * task_schedule_iterator_timezone(iterator_t *)
const char * config_timeout_iterator_oid(iterator_t *)
gboolean task_schedule_iterator_timed_out(iterator_t *iterator)
Get if schedule of task in iterator is timed out.
long long int resource_t
A resource, like a task or target.
int manage_read_info(gchar *type, gchar *uid, gchar *name, gchar **result)
Read raw information.
int openvas_scanner_close()
Finish the connection to the Scanner and free internal buffers.
long long int report_format_t
const char * credential_iterator_community(iterator_t *)
Get the SNMP community from a Credential iterator.
int schedule_period(schedule_t)
Return the period of a schedule.
gchar * slave_config_uuid
Slave config UUID.
time_t task_schedule_next_time_uuid(const gchar *)
Set the next time a scheduled task will be due.