OpenVAS Manager  7.0.3~git
manage.c File Reference

The OpenVAS Manager management library. More...

#include "manage.h"
#include "scanner.h"
#include "manage_acl.h"
#include "manage_sql.h"
#include "ovas-mngr-comm.h"
#include "utils.h"
#include <assert.h>
#include <ctype.h>
#include <errno.h>
#include <dirent.h>
#include <fcntl.h>
#include <glib.h>
#include <math.h>
#include <locale.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <strings.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <time.h>
#include <unistd.h>
#include <openvas/base/cvss.h>
#include <openvas/base/gpgme_util.h>
#include <openvas/base/openvas_string.h>
#include <openvas/base/openvas_file.h>
#include <openvas/base/openvas_hosts.h>
#include <openvas/omp/omp.h>
#include <openvas/misc/openvas_server.h>
#include <openvas/misc/nvt_categories.h>
#include <openvas/misc/openvas_uuid.h>
#include <openvas/misc/openvas_proctitle.h>
Include dependency graph for manage.c:

Go to the source code of this file.

Macros

#define _XOPEN_SOURCE
 
#define _GNU_SOURCE
 
#define G_LOG_DOMAIN   "md manage"
 GLib log domain. More...
 
#define CPE_GETBYNAME_XSL   OPENVAS_SCAP_RES_DIR "/cpe_getbyname.xsl"
 CPE selection stylesheet location. More...
 
#define CVE_GETBYNAME_XSL   OPENVAS_SCAP_RES_DIR "/cve_getbyname.xsl"
 CVE selection stylesheet location. More...
 
#define OVALDEF_GETBYNAME_XSL   OPENVAS_SCAP_RES_DIR "/ovaldef_getbyname.xsl"
 OVALDEF selection stylesheet location. More...
 
#define CERT_BUND_ADV_GETBYNAME_XSL   OPENVAS_CERT_RES_DIR "/cert_bund_getbyname.xsl"
 CERT_BUND_ADV selection stylesheet location. More...
 
#define DFN_CERT_ADV_GETBYNAME_XSL   OPENVAS_CERT_RES_DIR "/dfn_cert_getbyname.xsl"
 DFN_CERT_ADV selection stylesheet location. More...
 
#define CPE_DICT_FILENAME   OPENVAS_SCAP_DATA_DIR "/official-cpe-dictionary_v2.2.xml"
 CPE dictionary location. More...
 
#define CVE_FILENAME_FMT   OPENVAS_SCAP_DATA_DIR "/nvdcve-2.0-%d.xml"
 CVE data files location format string. More...
 
#define CERT_BUND_ADV_FILENAME_FMT   OPENVAS_CERT_DATA_DIR "/CB-K%02d.xml"
 CERT-Bund data files location format string. More...
 
#define DFN_CERT_ADV_FILENAME_FMT   OPENVAS_CERT_DATA_DIR "/dfn-cert-%04d.xml"
 DFN-CERT data files location format string. More...
 
#define SCAP_TIMESTAMP_FILENAME   OPENVAS_SCAP_DATA_DIR "/timestamp"
 SCAP timestamp location. More...
 
#define CERT_TIMESTAMP_FILENAME   OPENVAS_CERT_DATA_DIR "/timestamp"
 CERT timestamp location. More...
 
#define MAX_CHECKS_DEFAULT   "4"
 Default for Scanner max_checks preference. More...
 
#define MAX_HOSTS_DEFAULT   "20"
 Default for Scanner max_hosts preference. More...
 
#define ZERO_SEVERITY_INDEX   4
 
#define RUN_SLAVE_TASK_SLEEP_SECONDS   25
 Number of seconds to sleep between polls to slave. More...
 
#define COMMAND   "openvasmr 0 titles"
 Command called by get_system_report_types. More...
 
#define FALLBACK_SYSTEM_REPORT_HEADER
 Header for fallback system report. More...
 
#define DEFAULT_DURATION   86400L
 
#define DEF(x)
 Define a code snippet for get_nvti_xml. More...
 

Functions

gchar * truncate_certificate (const gchar *certificate)
 Truncate a certificate, removing extra data. More...
 
gchar * truncate_private_key (const gchar *private_key)
 Truncate a private key, removing extra data. More...
 
int get_certificate_info (const gchar *certificate, time_t *activation_time, time_t *expiration_time, gchar **fingerprint, gchar **issuer)
 Gathers info from a certificate. More...
 
gchar * certificate_iso_time (time_t time)
 Converts a certificate time to an ISO time string. More...
 
const gchar * certificate_time_status (time_t activates, time_t expires)
 Tests the activation and expiration time of a certificate. More...
 
void slist_free (GSList *list)
 Free an slist of pointers, including the pointers. More...
 
const char * type_name_plural (const char *type)
 Return the plural name of a resource type. More...
 
const char * type_name (const char *type)
 Return the name of a resource type. More...
 
int type_is_scap (const char *type)
 Check if a type is a SCAP type. More...
 
const char * threat_message_type (const char *threat)
 Get the message type of a threat. More...
 
const char * message_type_threat (const char *type)
 Get the threat of a message type. More...
 
int severity_in_level (double severity, const char *level)
 Check whether a severity falls within a threat level. More...
 
int severity_matches_ov (double severity, double ov_severity)
 Check whether a severity matches an override's severity. More...
 
const char * severity_to_level (double severity, int mode)
 Get the threat level matching a severity score. More...
 
const char * severity_to_type (double severity)
 Get the message type matching a severity score. More...
 
int delete_reports (task_t task)
 Delete all the reports for a task. More...
 
gchar * report_results_filter_term (int first, int rows, int apply_overrides, int autofp, int min_qod)
 Create a basic filter term to get report results. More...
 
get_data_treport_results_get_data (int first, int rows, int apply_overrides, int autofp, int min_qod)
 Create a new basic get_data_t struct to get report results. More...
 
int severity_data_index (double severity)
 Convert a severity value into an index in the counts array. More...
 
double severity_data_value (int index)
 Convert an index in the counts array to a severity value. More...
 
void init_severity_data (severity_data_t *data)
 Initialize a severity data structure. More...
 
void cleanup_severity_data (severity_data_t *data)
 Clean up a severity data structure. More...
 
void severity_data_add (severity_data_t *severity_data, double severity)
 Add a severity occurrence to the counts of a severity_data_t. More...
 
void severity_data_add_count (severity_data_t *severity_data, double severity, int count)
 Add a multiple severity occurrences to the counts of a severity_data_t. More...
 
int severity_data_range_count (const severity_data_t *severity_data, double min_severity, double max_severity)
 Calculate the total of severity counts in a range. More...
 
void severity_data_level_counts (const severity_data_t *severity_data, const gchar *severity_class, int *errors, int *debugs, int *false_positives, int *logs, int *lows, int *mediums, int *highs)
 Count the occurrences of severities in the levels. More...
 
const char * alert_condition_name (alert_condition_t condition)
 Get the name of an alert condition. More...
 
const char * event_name (event_t event)
 Get the name of an alert event. More...
 
gchar * alert_condition_description (alert_condition_t condition, alert_t alert)
 Get a description of an alert condition. More...
 
gchar * event_description (event_t event, const void *event_data, const char *task_name)
 Get a description of an alert event. More...
 
const char * alert_method_name (alert_method_t method)
 Get the name of an alert method. More...
 
alert_condition_t alert_condition_from_name (const char *name)
 Get an alert condition from a name. More...
 
event_t event_from_name (const char *name)
 Get an event from a name. More...
 
alert_method_t alert_method_from_name (const char *name)
 Get an alert method from a name. More...
 
const char * run_status_name (task_status_t status)
 Get the name of a run status. More...
 
const char * run_status_name_internal (task_status_t status)
 Get the unique name of a run status. More...
 
void buffer_config_preference_xml (GString *, iterator_t *, config_t, int)
 Buffer XML for the NVT preference of a config. More...
 
int update_slave_progress (entity_t get_tasks)
 Update the locally cached task progress from the slave. More...
 
int slave_authenticate (gnutls_session_t *session, scanner_t slave)
 Authenticate with a slave. More...
 
int update_end_times (entity_t report)
 Update end times, and optionally add host details. More...
 
int run_osp_task (task_t task)
 Start a task on an OSP scanner. More...
 
int set_certs (const char *ca_pub, const char *key_pub, const char *key_priv)
 Initialise OpenVAS scanner variables, checking for defaults. More...
 
int run_otp_task (task_t task, scanner_t scanner, int from, char **report_id)
 Start an OTP scanner task. More...
 
int start_task (const char *task_id, char **report_id)
 Start a task. More...
 
int stop_task_internal (task_t task)
 Initiate stopping a task. More...
 
int stop_task (const char *task_id)
 Initiate stopping a task. More...
 
int resume_task (const char *task_id, char **report_id)
 Resume a task. More...
 
int move_task (const char *task_id, const char *slave_id)
 Reassign a task to another slave. More...
 
int acknowledge_bye ()
 Acknowledge a scanner BYE. More...
 
int acknowledge_feed_version_info ()
 Acknowledge scanner PLUGINS_FEED_VERSION message,. More...
 
int manage_check_current_task ()
 Handle state changes to current task made by other processes. More...
 
const char * credential_full_type (const char *abbreviation)
 Get the written-out name of an LSC Credential type. More...
 
int init_system_report_type_iterator (report_type_iterator_t *iterator, const char *type, const char *slave_id)
 Initialise a system report type iterator. More...
 
void cleanup_report_type_iterator (report_type_iterator_t *iterator)
 Cleanup a report type iterator. More...
 
gboolean next_report_type (report_type_iterator_t *iterator)
 Increment a report type iterator. More...
 
const char * report_type_iterator_name (report_type_iterator_t *iterator)
 Return the name from a report type iterator. More...
 
const char * report_type_iterator_title (report_type_iterator_t *iterator)
 Return the title from a report type iterator. More...
 
int manage_system_report (const char *name, const char *duration, const char *start_time, const char *end_time, const char *slave_id, char **report)
 Get a system report. More...
 
void manage_auth_allow_all (int scheduled)
 Ensure that any subsequent authentications succeed. More...
 
gchar * get_scheduled_user_uuid ()
 Access UUID of user that scheduled the current task. More...
 
void set_scheduled_user_uuid (gchar *user_uuid)
 Set UUID of user that scheduled the current task. More...
 
int manage_schedule (int(*fork_connection)(openvas_connection_t *, gchar *), gboolean run_tasks, sigset_t *sigmask_current)
 Schedule any actions that are due. More...
 
int get_schedule_timeout ()
 Get the current schedule timeout. More...
 
void set_schedule_timeout (int new_timeout)
 Set the schedule timeout. More...
 
const char * report_format_param_type_name (report_format_param_type_t type)
 Get the name of a report format param type. More...
 
report_format_param_type_t report_format_param_type_from_name (const char *name)
 Get a report format param type from a name. More...
 
gchar * predefined_report_format_dir (const gchar *uuid)
 Get the directory of a report format. More...
 
int init_report_format_file_iterator (file_iterator_t *iterator, report_format_t report_format)
 Initialise a report format file iterator. More...
 
void cleanup_file_iterator (file_iterator_t *iterator)
 Cleanup a report type iterator. More...
 
gboolean next_file (file_iterator_t *iterator)
 Increment a report type iterator. More...
 
const char * file_iterator_name (file_iterator_t *iterator)
 Return the name from a file iterator. More...
 
gchar * file_iterator_content_64 (file_iterator_t *iterator)
 Return the file contents from a file iterator. More...
 
void parse_tags (const char *scanner_tags, gchar **tags, gchar **cvss_base)
 Split up the tags received from the scanner. More...
 
int delete_slave_task (const gchar *host, int port, const gchar *username, const gchar *password, const char *slave_task_uuid)
 Delete a task on a slave. More...
 
gchar * xsl_transform (gchar *stylesheet, gchar *xmlfile, gchar **param_names, gchar **param_values)
 Run xsltproc in an external process. More...
 
gchar * get_nvti_xml (iterator_t *nvts, int details, int pref_count, int preferences, const char *timeout, config_t config, int close_tag)
 Create and return XML description for an NVT. More...
 
const char * manage_scap_update_time ()
 GET SCAP update time, as a string. More...
 
int manage_read_info (gchar *type, gchar *uid, gchar *name, gchar **result)
 Read raw information. More...
 
int validate_username (const gchar *name)
 Validates a username. More...
 
void sort_data_free (sort_data_t *sort_data)
 Free a sort_data_t struct and its related resources. More...
 
gboolean openvas_sync_script_perform_selftest (const gchar *sync_script, gchar **result)
 Request a feed synchronization script selftest. More...
 
gboolean openvas_get_sync_script_identification (const gchar *sync_script, gchar **identification, int feed_type)
 Retrieves the ID string of a feed sync script, with basic validation. More...
 
gboolean openvas_get_sync_script_description (const gchar *sync_script, gchar **description)
 Retrieves description of a feed sync script, with basic validation. More...
 
gboolean openvas_get_sync_script_feed_version (const gchar *sync_script, gchar **feed_version)
 Retrieves the version of a feed handled by the sync, with basic validation. More...
 
int openvas_sync_feed (const gchar *sync_script, const gchar *current_user, int feed_type)
 Forks a child to synchronize the local feed collection. More...
 
int openvas_migrate_secinfo (const gchar *sync_script, int feed_type)
 Migrates SCAP or CERT database, waiting until migration terminates. More...
 
int openvas_current_sync (const gchar *sync_script, gchar **timestamp, gchar **user)
 Determine if the administrator is synchronizing with a feed. More...
 
int manage_run_wizard (const gchar *name, int(*run_command)(void *, gchar *, gchar **), void *run_command_data, array_t *params, int read_only, const char *mode, gchar **command_error, gchar **command_error_code, gchar **ret_response)
 Run a wizard. More...
 
int get_termination_signal ()
 Gets the last termination signal or 0. More...
 

Variables

volatile int termination_signal
 Flag for signal handlers. More...
 
credentials_t current_credentials
 Current credentials during any OMP command. More...
 
task_t current_scanner_task = (task_t) 0
 The task currently running on the scanner. More...
 
report_t current_report = (report_t) 0
 The report of the current task. More...
 
gchar * slave_ssh_credential_uuid = NULL
 Slave credential UUID. More...
 
gchar * slave_smb_credential_uuid = NULL
 Slave credential UUID. More...
 
gchar * slave_esxi_credential_uuid = NULL
 Slave credential UUID. More...
 
gchar * slave_snmp_credential_uuid = NULL
 Slave credential UUID. More...
 
gchar * slave_target_uuid = NULL
 Slave target UUID. More...
 
gchar * slave_port_list_uuid = NULL
 Slave target UUID. More...
 
gchar * slave_config_uuid = NULL
 Slave config UUID. More...
 
gchar * slave_task_uuid = NULL
 Slave task UUID. More...
 
gchar * slave_report_uuid = NULL
 Slave report UUID. More...
 
openvas_connection_t * slave_connection = NULL
 Slave session. More...
 
int authenticate_allow_all = 0
 Flag for manage_auth_allow_all. More...
 
gchar * schedule_user_uuid = NULL
 UUID of user whose scheduled task is to be started (in connection with authenticate_allow_all). More...
 

Detailed Description

The OpenVAS Manager management library.

This file defines a management library, for implementing OpenVAS Managers such as the OpenVAS Manager daemon.

This library provides facilities for storing and manipulating credential and task information, and manipulating reports. Task manipulation includes sending task commands to the OTP server (the "scanner") that is running the tasks.

Definition in file manage.c.

Macro Definition Documentation

◆ _GNU_SOURCE

#define _GNU_SOURCE

Definition at line 43 of file manage.c.

◆ _XOPEN_SOURCE

#define _XOPEN_SOURCE

Definition at line 41 of file manage.c.

◆ CERT_BUND_ADV_FILENAME_FMT

#define CERT_BUND_ADV_FILENAME_FMT   OPENVAS_CERT_DATA_DIR "/CB-K%02d.xml"

CERT-Bund data files location format string.

d should be the year without the century (expressed as YY),

Definition at line 129 of file manage.c.

◆ CERT_BUND_ADV_GETBYNAME_XSL

#define CERT_BUND_ADV_GETBYNAME_XSL   OPENVAS_CERT_RES_DIR "/cert_bund_getbyname.xsl"

CERT_BUND_ADV selection stylesheet location.

Definition at line 105 of file manage.c.

◆ CERT_TIMESTAMP_FILENAME

#define CERT_TIMESTAMP_FILENAME   OPENVAS_CERT_DATA_DIR "/timestamp"

CERT timestamp location.

Definition at line 147 of file manage.c.

◆ COMMAND

#define COMMAND   "openvasmr 0 titles"

Command called by get_system_report_types.

Definition at line 5924 of file manage.c.

◆ CPE_DICT_FILENAME

#define CPE_DICT_FILENAME   OPENVAS_SCAP_DATA_DIR "/official-cpe-dictionary_v2.2.xml"

CPE dictionary location.

Definition at line 115 of file manage.c.

◆ CPE_GETBYNAME_XSL

#define CPE_GETBYNAME_XSL   OPENVAS_SCAP_RES_DIR "/cpe_getbyname.xsl"

CPE selection stylesheet location.

Definition at line 90 of file manage.c.

◆ CVE_FILENAME_FMT

#define CVE_FILENAME_FMT   OPENVAS_SCAP_DATA_DIR "/nvdcve-2.0-%d.xml"

CVE data files location format string.

d should be the year expressed as YYYY.

Definition at line 122 of file manage.c.

◆ CVE_GETBYNAME_XSL

#define CVE_GETBYNAME_XSL   OPENVAS_SCAP_RES_DIR "/cve_getbyname.xsl"

CVE selection stylesheet location.

Definition at line 95 of file manage.c.

◆ DEF

#define DEF (   x)
Value:
const char* x = nvt_iterator_ ## x (nvts); \
gchar* x ## _text = x \
? g_markup_escape_text (x, -1) \
: g_strdup ("");

Define a code snippet for get_nvti_xml.

Parameters
xPrefix for names in snippet.

Definition at line 7638 of file manage.c.

Referenced by get_nvti_xml().

◆ DEFAULT_DURATION

#define DEFAULT_DURATION   86400L

Definition at line 6222 of file manage.c.

◆ DFN_CERT_ADV_FILENAME_FMT

#define DFN_CERT_ADV_FILENAME_FMT   OPENVAS_CERT_DATA_DIR "/dfn-cert-%04d.xml"

DFN-CERT data files location format string.

First d should be the year expressed as YYYY, second d should be should be Month expressed as MM.

Definition at line 137 of file manage.c.

◆ DFN_CERT_ADV_GETBYNAME_XSL

#define DFN_CERT_ADV_GETBYNAME_XSL   OPENVAS_CERT_RES_DIR "/dfn_cert_getbyname.xsl"

DFN_CERT_ADV selection stylesheet location.

Definition at line 110 of file manage.c.

◆ FALLBACK_SYSTEM_REPORT_HEADER

#define FALLBACK_SYSTEM_REPORT_HEADER
Value:
"This is the most basic, fallback report. The system can be configured to\n" \
"produce more powerful reports. Please contact your system administrator\n" \
"for more information.\n\n"

Header for fallback system report.

Definition at line 6217 of file manage.c.

◆ G_LOG_DOMAIN

#define G_LOG_DOMAIN   "md manage"

GLib log domain.

Definition at line 85 of file manage.c.

◆ MAX_CHECKS_DEFAULT

#define MAX_CHECKS_DEFAULT   "4"

Default for Scanner max_checks preference.

Definition at line 152 of file manage.c.

◆ MAX_HOSTS_DEFAULT

#define MAX_HOSTS_DEFAULT   "20"

Default for Scanner max_hosts preference.

Definition at line 157 of file manage.c.

◆ OVALDEF_GETBYNAME_XSL

#define OVALDEF_GETBYNAME_XSL   OPENVAS_SCAP_RES_DIR "/ovaldef_getbyname.xsl"

OVALDEF selection stylesheet location.

Definition at line 100 of file manage.c.

◆ RUN_SLAVE_TASK_SLEEP_SECONDS

#define RUN_SLAVE_TASK_SLEEP_SECONDS   25

Number of seconds to sleep between polls to slave.

Definition at line 1965 of file manage.c.

◆ SCAP_TIMESTAMP_FILENAME

#define SCAP_TIMESTAMP_FILENAME   OPENVAS_SCAP_DATA_DIR "/timestamp"

SCAP timestamp location.

Definition at line 142 of file manage.c.

Referenced by manage_scap_update_time().

◆ ZERO_SEVERITY_INDEX

#define ZERO_SEVERITY_INDEX   4

Definition at line 779 of file manage.c.

Referenced by init_severity_data(), severity_data_index(), and severity_data_value().

Function Documentation

◆ acknowledge_bye()

int acknowledge_bye ( )

Acknowledge a scanner BYE.

Returns
0 on success, -1 if out of space in scanner output buffer.

Definition at line 5705 of file manage.c.

References send_to_server().

5706 {
5707  if (send_to_server ("CLIENT <|> BYE <|> ACK\n"))
5708  return -1;
5709  return 0;
5710 }
int send_to_server(const char *msg)
Send a message to the server.
Here is the call graph for this function:

◆ acknowledge_feed_version_info()

int acknowledge_feed_version_info ( )

Acknowledge scanner PLUGINS_FEED_VERSION message,.

requesting all plugin info.

Returns
0 on success, -1 if out of space in scanner output buffer.

Definition at line 5719 of file manage.c.

References send_to_server().

5720 {
5721  if (send_to_server ("CLIENT <|> COMPLETE_LIST <|> CLIENT\n"))
5722  return -1;
5723  return 0;
5724 }
int send_to_server(const char *msg)
Send a message to the server.
Here is the call graph for this function:

◆ alert_condition_description()

gchar* alert_condition_description ( alert_condition_t  condition,
alert_t  alert 
)

Get a description of an alert condition.

Parameters
[in]conditionCondition.
[in]alertAlert.
Returns
Freshly allocated description of condition.

Definition at line 1063 of file manage.c.

References ALERT_CONDITION_ALWAYS, ALERT_CONDITION_FILTER_COUNT_AT_LEAST, ALERT_CONDITION_FILTER_COUNT_CHANGED, ALERT_CONDITION_SEVERITY_AT_LEAST, ALERT_CONDITION_SEVERITY_CHANGED, and alert_data().

1065 {
1066  switch (condition)
1067  {
1069  return g_strdup ("Always");
1071  {
1072  char *level;
1073  gchar *ret;
1074 
1075  level = alert_data (alert, "condition", "severity");
1076  ret = g_strdup_printf ("Filter count at least %s",
1077  level ? level : "0");
1078  free (level);
1079  return ret;
1080  }
1082  return g_strdup ("Filter count changed");
1084  {
1085  char *level = alert_data (alert, "condition", "severity");
1086  gchar *ret = g_strdup_printf ("Task severity is at least '%s'",
1087  level);
1088  free (level);
1089  return ret;
1090  }
1092  {
1093  char *direction;
1094  direction = alert_data (alert, "condition", "direction");
1095  gchar *ret = g_strdup_printf ("Task severity %s", direction);
1096  free (direction);
1097  return ret;
1098  }
1099  default:
1100  return g_strdup ("Internal Error");
1101  }
1102 }
char * alert_data(alert_t alert, const char *type, const char *name)
Return data associated with an alert.
Definition: manage_sql.c:8810
Here is the call graph for this function:

◆ alert_condition_from_name()

alert_condition_t alert_condition_from_name ( const char *  name)

Get an alert condition from a name.

Parameters
[in]nameCondition name.
Returns
The condition.

Definition at line 1173 of file manage.c.

References ALERT_CONDITION_ALWAYS, ALERT_CONDITION_ERROR, ALERT_CONDITION_FILTER_COUNT_AT_LEAST, ALERT_CONDITION_FILTER_COUNT_CHANGED, ALERT_CONDITION_SEVERITY_AT_LEAST, and ALERT_CONDITION_SEVERITY_CHANGED.

1174 {
1175  if (strcasecmp (name, "Always") == 0)
1176  return ALERT_CONDITION_ALWAYS;
1177  if (strcasecmp (name, "Filter count at least") == 0)
1179  if (strcasecmp (name, "Filter count changed") == 0)
1181  if (strcasecmp (name, "Severity at least") == 0)
1183  if (strcasecmp (name, "Severity changed") == 0)
1185  return ALERT_CONDITION_ERROR;
1186 }
char name[1]
Definition: lsc_crypt.c:78

◆ alert_condition_name()

const char* alert_condition_name ( alert_condition_t  condition)

Get the name of an alert condition.

Parameters
[in]conditionCondition.
Returns
The name of the condition (for example, "Always").

Definition at line 1016 of file manage.c.

References ALERT_CONDITION_ALWAYS, ALERT_CONDITION_FILTER_COUNT_AT_LEAST, ALERT_CONDITION_FILTER_COUNT_CHANGED, ALERT_CONDITION_SEVERITY_AT_LEAST, and ALERT_CONDITION_SEVERITY_CHANGED.

1017 {
1018  switch (condition)
1019  {
1021  return "Always";
1023  return "Filter count at least";
1025  return "Filter count changed";
1027  return "Severity at least";
1029  return "Severity changed";
1030  default:
1031  return "Internal Error";
1032  }
1033 }

◆ alert_method_from_name()

alert_method_t alert_method_from_name ( const char *  name)

Get an alert method from a name.

Parameters
[in]nameMethod name.
Returns
The method.

Definition at line 1215 of file manage.c.

References ALERT_METHOD_EMAIL, ALERT_METHOD_ERROR, ALERT_METHOD_HTTP_GET, ALERT_METHOD_SCP, ALERT_METHOD_SEND, ALERT_METHOD_SMB, ALERT_METHOD_SNMP, ALERT_METHOD_SOURCEFIRE, ALERT_METHOD_START_TASK, ALERT_METHOD_SYSLOG, ALERT_METHOD_TIPPINGPOINT, and ALERT_METHOD_VERINICE.

1216 {
1217  if (strcasecmp (name, "Email") == 0)
1218  return ALERT_METHOD_EMAIL;
1219  if (strcasecmp (name, "HTTP Get") == 0)
1220  return ALERT_METHOD_HTTP_GET;
1221  if (strcasecmp (name, "SCP") == 0)
1222  return ALERT_METHOD_SCP;
1223  if (strcasecmp (name, "Send") == 0)
1224  return ALERT_METHOD_SEND;
1225  if (strcasecmp (name, "SMB") == 0)
1226  return ALERT_METHOD_SMB;
1227  if (strcasecmp (name, "SNMP") == 0)
1228  return ALERT_METHOD_SNMP;
1229  if (strcasecmp (name, "Sourcefire Connector") == 0)
1230  return ALERT_METHOD_SOURCEFIRE;
1231  if (strcasecmp (name, "Start Task") == 0)
1232  return ALERT_METHOD_START_TASK;
1233  if (strcasecmp (name, "Syslog") == 0)
1234  return ALERT_METHOD_SYSLOG;
1235  if (strcasecmp (name, "TippingPoint SMS") == 0)
1237  if (strcasecmp (name, "verinice Connector") == 0)
1238  return ALERT_METHOD_VERINICE;
1239  return ALERT_METHOD_ERROR;
1240 }
char name[1]
Definition: lsc_crypt.c:78

◆ alert_method_name()

const char* alert_method_name ( alert_method_t  method)

Get the name of an alert method.

Parameters
[in]methodMethod.
Returns
The name of the method (for example, "Email" or "SNMP").

Definition at line 1146 of file manage.c.

References ALERT_METHOD_EMAIL, ALERT_METHOD_HTTP_GET, ALERT_METHOD_SCP, ALERT_METHOD_SEND, ALERT_METHOD_SMB, ALERT_METHOD_SNMP, ALERT_METHOD_SOURCEFIRE, ALERT_METHOD_START_TASK, ALERT_METHOD_SYSLOG, ALERT_METHOD_TIPPINGPOINT, and ALERT_METHOD_VERINICE.

1147 {
1148  switch (method)
1149  {
1150  case ALERT_METHOD_EMAIL: return "Email";
1151  case ALERT_METHOD_HTTP_GET: return "HTTP Get";
1152  case ALERT_METHOD_SCP: return "SCP";
1153  case ALERT_METHOD_SEND: return "Send";
1154  case ALERT_METHOD_SMB: return "SMB";
1155  case ALERT_METHOD_SNMP: return "SNMP";
1156  case ALERT_METHOD_SOURCEFIRE: return "Sourcefire Connector";
1157  case ALERT_METHOD_START_TASK: return "Start Task";
1158  case ALERT_METHOD_SYSLOG: return "Syslog";
1159  case ALERT_METHOD_TIPPINGPOINT:return "TippingPoint SMS";
1160  case ALERT_METHOD_VERINICE: return "verinice Connector";
1161  default: return "Internal Error";
1162  }
1163 }

◆ buffer_config_preference_xml()

void buffer_config_preference_xml ( GString *  buffer,
iterator_t prefs,
config_t  config,
int  hide_passwords 
)

Buffer XML for the NVT preference of a config.

Todo:
g_convert back to ISO-8559-1 for scanner?
Parameters
[in]bufferBuffer.
[in]prefsNVT preference iterator.
[in]configConfig.
[in]hide_passwordsWhether to hide passwords.

Definition at line 11120 of file omp.c.

References nvt_oid(), nvt_preference_iterator_config_value(), nvt_preference_iterator_nvt(), nvt_preference_iterator_real_name(), nvt_preference_iterator_type(), nvt_preference_iterator_value(), and create_port_list_range::type.

11122 {
11123  char *real_name, *type, *value, *nvt;
11124  const char *default_value;
11125  char *oid = NULL;
11126 
11127  real_name = nvt_preference_iterator_real_name (prefs);
11128  type = nvt_preference_iterator_type (prefs);
11129  value = nvt_preference_iterator_config_value (prefs, config);
11130  nvt = nvt_preference_iterator_nvt (prefs);
11131 
11132  default_value = nvt_preference_iterator_value (prefs);
11133 
11134  if (nvt) oid = nvt_oid (nvt);
11135 
11136  buffer_xml_append_printf (buffer,
11137  "<preference>"
11138  "<nvt oid=\"%s\"><name>%s</name></nvt>"
11139  "<hr_name>%s</hr_name>"
11140  "<name>%s</name>"
11141  "<type>%s</type>",
11142  oid ? oid : "",
11143  nvt ? nvt : "",
11144  real_name ? real_name : "",
11145  real_name ? real_name : "",
11146  type ? type : "");
11147 
11148  if (value
11149  && type
11150  && (strcmp (type, "radio") == 0))
11151  {
11152  /* Handle the other possible values. */
11153  char *pos = strchr (value, ';');
11154  if (pos) *pos = '\0';
11155  buffer_xml_append_printf (buffer, "<value>%s</value>", value);
11156  while (pos)
11157  {
11158  char *pos2 = strchr (++pos, ';');
11159  if (pos2) *pos2 = '\0';
11160  buffer_xml_append_printf (buffer, "<alt>%s</alt>", pos);
11161  pos = pos2;
11162  }
11163  }
11164  else if (value
11165  && type
11166  && hide_passwords
11167  && (strcmp (type, "password") == 0))
11168  buffer_xml_append_printf (buffer, "<value></value>");
11169  else
11170  buffer_xml_append_printf (buffer, "<value>%s</value>", value ? value : "");
11171 
11172  if (default_value
11173  && type
11174  && (strcmp (type, "radio") == 0))
11175  {
11176  /* Handle the other possible values. */
11177  char *pos = strchr (default_value, ';');
11178  if (pos) *pos = '\0';
11179  buffer_xml_append_printf (buffer, "<default>%s</default>", default_value);
11180  }
11181  else if (default_value
11182  && type
11183  && (strcmp (type, "password") == 0))
11184  buffer_xml_append_printf (buffer, "<default></default>");
11185  else
11186  buffer_xml_append_printf (buffer, "<default>%s</default>", default_value
11187  ? default_value
11188  : "");
11189 
11190  buffer_xml_append_printf (buffer, "</preference>");
11191 
11192  free (real_name);
11193  free (type);
11194  free (value);
11195  free (nvt);
11196  free (oid);
11197 }
char * nvt_oid(const char *)
Guess the OID of an NVT given a name.
Definition: manage_sql.c:37386
const char * nvt_preference_iterator_value(iterator_t *)
char * value
Definition: lsc_crypt.c:77
char * nvt_preference_iterator_type(iterator_t *)
Get the type from an NVT preference iterator.
Definition: manage_sql.c:41084
char * nvt_preference_iterator_real_name(iterator_t *)
Get the real name from an NVT preference iterator.
Definition: manage_sql.c:41056
char * nvt_preference_iterator_nvt(iterator_t *)
Get the NVT from an NVT preference iterator.
Definition: manage_sql.c:41111
char * nvt_preference_iterator_config_value(iterator_t *, config_t)
Get the config value from an NVT preference iterator.
Definition: manage_sql.c:41138
Here is the call graph for this function:

◆ certificate_iso_time()

gchar* certificate_iso_time ( time_t  time)

Converts a certificate time to an ISO time string.

Parameters
[in]timeThe time as a time_t.
Returns
Newly allocated string.

Definition at line 352 of file manage.c.

References iso_time().

353 {
354  if (time == 0)
355  return (g_strdup ("unlimited"));
356  else if (time == -1)
357  return (g_strdup ("unknown"));
358  else
359  return (g_strdup (iso_time (&time)));
360 }
char * iso_time(time_t *)
Create an ISO time from seconds since epoch.
Definition: manage_sql.c:1138
Here is the call graph for this function:

◆ certificate_time_status()

const gchar* certificate_time_status ( time_t  activates,
time_t  expires 
)

Tests the activation and expiration time of a certificate.

Parameters
[in]activatesActivation time.
[in]expiresExpiration time.
Returns
Static status string.

Definition at line 371 of file manage.c.

372 {
373  time_t now;
374  time (&now);
375 
376  if (activates == -1 || expires == -1)
377  return "unknown";
378  else if (activates > now)
379  return "inactive";
380  else if (expires != 0 && expires < now)
381  return "expired";
382  else
383  return "valid";
384 }

◆ cleanup_file_iterator()

void cleanup_file_iterator ( file_iterator_t iterator)

Cleanup a report type iterator.

Parameters
[in]iteratorIterator.

Definition at line 7143 of file manage.c.

References file_iterator_t::dir_name, and file_iterator_t::start.

7144 {
7145  array_free (iterator->start);
7146  g_free (iterator->dir_name);
7147 }
GPtrArray * start
Array of files.
Definition: manage.h:3053
gchar * dir_name
Dir holding files.
Definition: manage.h:3055

◆ cleanup_report_type_iterator()

void cleanup_report_type_iterator ( report_type_iterator_t iterator)

Cleanup a report type iterator.

Parameters
[in]iteratorIterator.

Definition at line 6066 of file manage.c.

References report_type_iterator_t::start.

6067 {
6068  g_strfreev (iterator->start);
6069 }
gchar ** start
First type.
Definition: manage.h:2615

◆ cleanup_severity_data()

void cleanup_severity_data ( severity_data_t data)

Clean up a severity data structure.

Parameters
[in]dataThe data structure to initialize.

Definition at line 848 of file manage.c.

References severity_data_t::counts.

849 {
850  g_free (data->counts);
851 }
int * counts
Definition: manage.h:988

◆ credential_full_type()

const char* credential_full_type ( const char *  abbreviation)

Get the written-out name of an LSC Credential type.

Parameters
[in]abbreviationThe type abbreviation.
Returns
The written-out type name.

Definition at line 5797 of file manage.c.

5798 {
5799  if (abbreviation == NULL)
5800  return NULL;
5801  else if (strcasecmp (abbreviation, "cc") == 0)
5802  return "client certificate";
5803  else if (strcasecmp (abbreviation, "snmp") == 0)
5804  return "SNMP";
5805  else if (strcasecmp (abbreviation, "up") == 0)
5806  return "username + password";
5807  else if (strcasecmp (abbreviation, "usk") == 0)
5808  return "username + SSH key";
5809  else
5810  return abbreviation;
5811 }

◆ delete_reports()

int delete_reports ( task_t  task)

Delete all the reports for a task.

It's up to the caller to ensure that this runs in a contention safe context (for example within an SQL transaction).

Parameters
[in]taskA task descriptor.
Returns
0 on success, -1 on error.

Definition at line 733 of file manage.c.

References cleanup_iterator(), delete_report_internal(), init_report_iterator_task(), and next_report().

Referenced by delete_task(), and request_delete_task_uuid().

734 {
735  report_t report;
737  init_report_iterator_task (&iterator, task);
738  while (next_report (&iterator, &report))
739  if (delete_report_internal (report))
740  {
741  cleanup_iterator (&iterator);
742  return -1;
743  }
744  cleanup_iterator (&iterator);
745  return 0;
746 }
A generic SQL iterator.
Definition: iterator.h:52
void init_report_iterator_task(iterator_t *, task_t)
Initialise a report iterator.
Definition: manage_sql.c:21997
long long int report_t
Definition: manage.h:288
gboolean next_report(iterator_t *, report_t *)
Read the next report from an iterator.
Definition: manage_sql.c:22036
int delete_report_internal(report_t report)
Delete a report.
Definition: manage_sql.c:25198
void cleanup_iterator(iterator_t *)
Cleanup an iterator.
Definition: sql.c:664
Here is the call graph for this function:
Here is the caller graph for this function:

◆ delete_slave_task()

int delete_slave_task ( const gchar *  host,
int  port,
const gchar *  username,
const gchar *  password,
const char *  slave_task_uuid 
)

Delete a task on a slave.

Parameters
[in]hostSlave host.
[in]portSlave port.
[in]usernameSlave username.
[in]passwordSlave password.
[in]slave_task_uuidUUID of task on slave.
Returns
0 success, -1 error.

Definition at line 7311 of file manage.c.

References slave_config_uuid, slave_port_list_uuid, slave_smb_credential_uuid, slave_ssh_credential_uuid, and slave_target_uuid.

7313 {
7314  int socket;
7315  gnutls_session_t session;
7316  entity_t get_tasks, get_targets, entity, task, credential, port_list;
7319 
7320  omp_delete_opts_t del_opts = omp_delete_opts_ultimate_defaults;
7321 
7322  /* Connect to the slave. */
7323 
7324  g_debug (" %s: host: %s\n", __FUNCTION__, host);
7325 
7326  socket = openvas_server_open (&session, host, port);
7327  if (socket == -1) return -1;
7328 
7329  g_debug (" %s: connected\n", __FUNCTION__);
7330 
7331  /* Authenticate using the slave login. */
7332 
7333  if (omp_authenticate (&session, username, password))
7334  return -1;
7335 
7336  g_debug (" %s: authenticated\n", __FUNCTION__);
7337 
7338  /* Get the UUIDs of the slave resources. */
7339 
7340  if (omp_get_tasks (&session, slave_task_uuid, 0, 0, &get_tasks))
7341  goto fail;
7342 
7343  task = entity_child (get_tasks, "task");
7344  if (task == NULL)
7345  goto fail_free_task;
7346 
7347  entity = entity_child (task, "config");
7348  if (entity == NULL)
7349  goto fail_free_task;
7350  slave_config_uuid = entity_attribute (entity, "id");
7351 
7352  entity = entity_child (task, "target");
7353  if (entity == NULL)
7354  goto fail_free_task;
7355  slave_target_uuid = entity_attribute (entity, "id");
7356 
7357  if (omp_get_targets (&session, slave_target_uuid, 0, 0, &get_targets))
7358  goto fail_free_task;
7359 
7360  entity = entity_child (get_targets, "target");
7361  if (entity == NULL)
7362  goto fail_free;
7363 
7364  port_list = entity_child (entity, "port_list");
7365  if (port_list == NULL)
7366  goto fail_free;
7367  slave_port_list_uuid = entity_attribute (port_list, "id");
7368 
7369  credential = entity_child (entity, "ssh_credential");
7370  if (credential == NULL)
7371  goto fail_free;
7372  slave_ssh_credential_uuid = entity_attribute (credential, "id");
7373 
7374  credential = entity_child (entity, "smb_credential");
7375  if (credential == NULL)
7376  goto fail_free;
7377  slave_smb_credential_uuid = entity_attribute (credential, "id");
7378 
7379  /* Remove the slave resources. */
7380 
7381  omp_stop_task (&session, slave_task_uuid);
7382  if (omp_delete_task_ext (&session, slave_task_uuid, del_opts))
7383  goto fail_config;
7384  if (omp_delete_config_ext (&session, slave_config_uuid, del_opts))
7385  goto fail_target;
7386  if (omp_delete_target_ext (&session, slave_target_uuid, del_opts))
7387  goto fail_credential;
7388  if (omp_delete_port_list_ext (&session, slave_port_list_uuid, del_opts))
7389  goto fail_credential;
7390  if (omp_delete_lsc_credential_ext (&session, slave_smb_credential_uuid,
7391  del_opts))
7392  goto fail;
7393  if (omp_delete_lsc_credential_ext (&session, slave_ssh_credential_uuid,
7394  del_opts))
7395  goto fail;
7396 
7397  /* Cleanup. */
7398 
7399  free_entity (get_targets);
7400  free_entity (get_tasks);
7401  openvas_server_close (socket, session);
7402  return 0;
7403 
7404  fail_config:
7405  omp_delete_config_ext (&session, slave_config_uuid, del_opts);
7406  fail_target:
7407  omp_delete_target_ext (&session, slave_target_uuid, del_opts);
7408  omp_delete_port_list_ext (&session, slave_port_list_uuid, del_opts);
7409  fail_credential:
7410  omp_delete_lsc_credential_ext (&session, slave_smb_credential_uuid, del_opts);
7411  omp_delete_lsc_credential_ext (&session, slave_ssh_credential_uuid, del_opts);
7412  fail_free:
7413  free_entity (get_targets);
7414  fail_free_task:
7415  free_entity (get_tasks);
7416  fail:
7417  openvas_server_close (socket, session);
7418  return -1;
7419 }
gchar * slave_smb_credential_uuid
Slave credential UUID.
Definition: manage.c:1975
gchar * slave_target_uuid
Slave target UUID.
Definition: manage.c:1990
gchar * slave_port_list_uuid
Slave target UUID.
Definition: manage.c:1995
gchar * slave_ssh_credential_uuid
Slave credential UUID.
Definition: manage.c:1970
gchar * slave_task_uuid
Slave task UUID.
Definition: manage.c:2005
gchar * slave_config_uuid
Slave config UUID.
Definition: manage.c:2000

◆ event_description()

gchar* event_description ( event_t  event,
const void *  event_data,
const char *  task_name 
)

Get a description of an alert event.

Parameters
[in]eventEvent.
[in]event_dataEvent data.
[in]task_nameName of task if required in description, else NULL.
Returns
Freshly allocated description of event.

Definition at line 1114 of file manage.c.

1115 {
1116  switch (event)
1117  {
1119  if (task_name)
1120  return g_strdup_printf
1121  ("The security scan task '%s' changed status to '%s'",
1122  task_name,
1123  run_status_name ((task_status_t) event_data));
1124  return g_strdup_printf ("Task status changed to '%s'",
1125  run_status_name ((task_status_t) event_data));
1126  break;
1127  case EVENT_NEW_SECINFO:
1128  return g_strdup_printf ("New SecInfo arrived");
1129  break;
1130  case EVENT_UPDATED_SECINFO:
1131  return g_strdup_printf ("Updated SecInfo arrived");
1132  break;
1133  default:
1134  return g_strdup ("Internal Error");
1135  }
1136 }
task_status_t
Task statuses, also used as scan/report statuses.
Definition: manage.h:218
const char * run_status_name(task_status_t status)
Get the name of a run status.
Definition: manage.c:1253
char * task_name(task_t)
Return the name of a task.
Definition: manage_sql.c:17945

◆ event_from_name()

event_t event_from_name ( const char *  name)

Get an event from a name.

Parameters
[in]nameEvent name.
Returns
The event.

Definition at line 1196 of file manage.c.

References EVENT_ERROR, EVENT_NEW_SECINFO, EVENT_TASK_RUN_STATUS_CHANGED, and EVENT_UPDATED_SECINFO.

1197 {
1198  if (strcasecmp (name, "Task run status changed") == 0)
1200  if (strcasecmp (name, "New SecInfo arrived") == 0)
1201  return EVENT_NEW_SECINFO;
1202  if (strcasecmp (name, "Updated SecInfo arrived") == 0)
1203  return EVENT_UPDATED_SECINFO;
1204  return EVENT_ERROR;
1205 }
char name[1]
Definition: lsc_crypt.c:78

◆ event_name()

const char* event_name ( event_t  event)

Get the name of an alert event.

Parameters
[in]eventEvent.
Returns
The name of the event (for example, "Run status changed").

Definition at line 1043 of file manage.c.

1044 {
1045  switch (event)
1046  {
1047  case EVENT_TASK_RUN_STATUS_CHANGED: return "Task run status changed";
1048  case EVENT_NEW_SECINFO: return "New SecInfo arrived";
1049  case EVENT_UPDATED_SECINFO: return "Updated SecInfo arrived";
1050  default: return "Internal Error";
1051  }
1052 }

◆ file_iterator_content_64()

gchar* file_iterator_content_64 ( file_iterator_t iterator)

Return the file contents from a file iterator.

Parameters
[in]iteratorIterator.
Returns
Freshly allocated file contents, in base64.

Definition at line 7187 of file manage.c.

References file_iterator_t::current, and file_iterator_t::dir_name.

7188 {
7189  gchar *path_name, *content;
7190  GError *error;
7191  gsize content_size;
7192 
7193  path_name = g_build_filename (iterator->dir_name,
7194  (gchar*) *iterator->current,
7195  NULL);
7196 
7197  /* Read in the contents. */
7198 
7199  error = NULL;
7200  if (g_file_get_contents (path_name,
7201  &content,
7202  &content_size,
7203  &error)
7204  == FALSE)
7205  {
7206  if (error)
7207  {
7208  g_debug ("%s: failed to read %s: %s",
7209  __FUNCTION__, path_name, error->message);
7210  g_error_free (error);
7211  }
7212  g_free (path_name);
7213  return NULL;
7214  }
7215 
7216  g_free (path_name);
7217 
7218  /* Base64 encode the contents. */
7219 
7220  if (content && (content_size > 0))
7221  {
7222  gchar *base64 = g_base64_encode ((guchar*) content, content_size);
7223  g_free (content);
7224  return base64;
7225  }
7226 
7227  return content;
7228 }
gpointer * current
Current file.
Definition: manage.h:3054
gchar * dir_name
Dir holding files.
Definition: manage.h:3055

◆ file_iterator_name()

const char* file_iterator_name ( file_iterator_t iterator)

Return the name from a file iterator.

Parameters
[in]iteratorIterator.
Returns
File name.

Definition at line 7174 of file manage.c.

References file_iterator_t::current.

7175 {
7176  return (const char*) *iterator->current;
7177 }
gpointer * current
Current file.
Definition: manage.h:3054

◆ get_certificate_info()

int get_certificate_info ( const gchar *  certificate,
time_t *  activation_time,
time_t *  expiration_time,
gchar **  fingerprint,
gchar **  issuer 
)

Gathers info from a certificate.

Parameters
[in]certificateThe certificate to get data from.
[out]activation_timePointer to write activation time to.
[out]expiration_timePointer to write expiration time to.
[out]fingerprintPointer for newly allocated fingerprint.
[out]issuerPointer for newly allocated issuer DN.
Returns
0 success, -1 error.

Definition at line 252 of file manage.c.

References truncate_certificate().

255 {
256  gchar *cert_truncated;
257 
258  cert_truncated = NULL;
259  if (activation_time)
260  *activation_time = -1;
261  if (expiration_time)
262  *expiration_time = -1;
263  if (fingerprint)
264  *fingerprint = NULL;
265  if (issuer)
266  *issuer = NULL;
267 
268  if (certificate)
269  {
270  int err;
271  gnutls_datum_t cert_datum;
272  gnutls_x509_crt_t gnutls_cert;
273 
274  cert_truncated = truncate_certificate (certificate);
275  if (cert_truncated == NULL)
276  {
277  return -1;
278  }
279  cert_datum.data = (unsigned char*) cert_truncated;
280  cert_datum.size = strlen (cert_truncated);
281 
282  gnutls_x509_crt_init (&gnutls_cert);
283  err = gnutls_x509_crt_import (gnutls_cert, &cert_datum,
284  GNUTLS_X509_FMT_PEM);
285  if (err)
286  {
287  g_free (cert_truncated);
288  return -1;
289  }
290 
291  if (activation_time)
292  {
293  *activation_time
294  = gnutls_x509_crt_get_activation_time (gnutls_cert);
295  }
296 
297  if (expiration_time)
298  {
299  *expiration_time
300  = gnutls_x509_crt_get_expiration_time (gnutls_cert);
301  }
302 
303  if (fingerprint) {
304  int i;
305  size_t buffer_size = 16;
306  unsigned char buffer[buffer_size];
307  GString *string;
308 
309  string = g_string_new ("");
310 
311  gnutls_x509_crt_get_fingerprint(gnutls_cert, GNUTLS_DIG_MD5,
312  buffer, &buffer_size);
313 
314  for (i = 0; i < buffer_size; i++)
315  {
316  if (i != 0)
317  {
318  g_string_append_c (string, ':');
319  }
320  g_string_append_printf(string, "%02x", buffer[i]);
321  }
322 
323  *fingerprint = string->str;
324  g_string_free (string, FALSE);
325  }
326 
327  if (issuer)
328  {
329  size_t buffer_size;
330  gchar *buffer;
331  gnutls_x509_crt_get_issuer_dn(gnutls_cert, NULL, &buffer_size);
332  buffer = g_malloc(buffer_size);
333  gnutls_x509_crt_get_issuer_dn(gnutls_cert, buffer, &buffer_size);
334 
335  *issuer = buffer;
336  }
337 
338  gnutls_x509_crt_deinit (gnutls_cert);
339  g_free (cert_truncated);
340  }
341  return 0;
342 }
gchar * truncate_certificate(const gchar *certificate)
Truncate a certificate, removing extra data.
Definition: manage.c:174
Here is the call graph for this function:

◆ get_nvti_xml()

gchar* get_nvti_xml ( iterator_t nvts,
int  details,
int  pref_count,
int  preferences,
const char *  timeout,
config_t  config,
int  close_tag 
)

Create and return XML description for an NVT.

Parameters
[in]nvtsThe NVT.
[in]detailsIf true, detailed XML, else simple XML.
[in]pref_countPreference count. Used if details is true.
[in]preferencesIf true, included preferences.
[in]timeoutTimeout. Used if details is true.
[in]configConfig, used if preferences is true.
[in]close_tagWhether to close the NVT tag or not.
Returns
A dynamically allocated string containing the XML description.

Definition at line 7658 of file manage.c.

References cleanup_iterator(), DEF, get_iterator_creation_time(), get_iterator_modification_time(), get_iterator_name(), get_iterator_resource(), init_nvt_cert_bund_adv_iterator(), init_nvt_dfn_cert_adv_iterator(), init_resource_tag_iterator(), manage_cert_loaded(), next(), nvt_iterator_name(), nvt_iterator_oid(), resource_tag_count(), resource_tag_iterator_comment(), resource_tag_iterator_name(), resource_tag_iterator_uuid(), and resource_tag_iterator_value().

7661 {
7662  const char* oid = nvt_iterator_oid (nvts);
7663  const char* name = nvt_iterator_name (nvts);
7664  gchar* msg;
7665 
7666  gchar* name_text = g_markup_escape_text (name, strlen (name));
7667  if (details)
7668  {
7669  GString *cert_refs_str, *tags_str, *buffer;
7670  iterator_t cert_refs_iterator, tags;
7671  gchar *tag_name_esc, *tag_value_esc, *tag_comment_esc;
7672 
7673  DEF (copyright);
7674  DEF (family);
7675  DEF (version);
7676  DEF (xref);
7677  DEF (tag);
7678 
7679 #undef DEF
7680 
7681  cert_refs_str = g_string_new ("");
7682  if (manage_cert_loaded())
7683  {
7684  init_nvt_cert_bund_adv_iterator (&cert_refs_iterator, oid, 0, 0);
7685  while (next (&cert_refs_iterator))
7686  {
7687  g_string_append_printf (cert_refs_str,
7688  "<cert_ref type=\"CERT-Bund\" id=\"%s\"/>",
7689  get_iterator_name (&cert_refs_iterator));
7690  }
7691  cleanup_iterator (&cert_refs_iterator);
7692 
7693  init_nvt_dfn_cert_adv_iterator (&cert_refs_iterator, oid, 0, 0);
7694  while (next (&cert_refs_iterator))
7695  {
7696  g_string_append_printf (cert_refs_str,
7697  "<cert_ref type=\"DFN-CERT\" id=\"%s\"/>",
7698  get_iterator_name (&cert_refs_iterator));
7699  }
7700  cleanup_iterator (&cert_refs_iterator);
7701  }
7702  else
7703  {
7704  g_string_append (cert_refs_str, "<warning>database not available</warning>");
7705  }
7706 
7707  tags_str = g_string_new ("");
7708  g_string_append_printf (tags_str,
7709  "<count>%i</count>",
7710  resource_tag_count ("nvt",
7712  (nvts),
7713  1));
7714 
7715  init_resource_tag_iterator (&tags, "nvt",
7716  get_iterator_resource (nvts),
7717  1, NULL, 1);
7718  while (next (&tags))
7719  {
7720  tag_name_esc = g_markup_escape_text (resource_tag_iterator_name
7721  (&tags),
7722  -1);
7723  tag_value_esc = g_markup_escape_text (resource_tag_iterator_value
7724  (&tags),
7725  -1);
7726  tag_comment_esc = g_markup_escape_text (resource_tag_iterator_comment
7727  (&tags),
7728  -1);
7729  g_string_append_printf (tags_str,
7730  "<tag id=\"%s\">"
7731  "<name>%s</name>"
7732  "<value>%s</value>"
7733  "<comment>%s</comment>"
7734  "</tag>",
7736  tag_name_esc,
7737  tag_value_esc,
7738  tag_comment_esc);
7739  g_free (tag_name_esc);
7740  g_free (tag_value_esc);
7741  g_free (tag_comment_esc);
7742  }
7743  cleanup_iterator (&tags);
7744 
7745  buffer = g_string_new ("");
7746 
7747  g_string_append_printf (buffer,
7748  "<nvt oid=\"%s\">"
7749  "<name>%s</name>"
7750  "<creation_time>%s</creation_time>"
7751  "<modification_time>%s</modification_time>"
7752  "<user_tags>%s</user_tags>"
7753  "<category>%s</category>"
7754  "<copyright>%s</copyright>"
7755  "<family>%s</family>"
7756  "<version>%s</version>"
7757  "<cvss_base>%s</cvss_base>"
7758  "<qod>"
7759  "<value>%s</value>"
7760  "<type>%s</type>"
7761  "</qod>"
7762  "<cve_id>%s</cve_id>"
7763  "<bugtraq_id>%s</bugtraq_id>"
7764  "<cert_refs>%s</cert_refs>"
7765  "<xrefs>%s</xrefs>"
7766  "<tags>%s</tags>"
7767  "<preference_count>%i</preference_count>"
7768  "<timeout>%s</timeout>",
7769  oid,
7770  name_text,
7773  : "",
7776  : "",
7777  tags_str->str,
7778  category_name (nvt_iterator_category (nvts)),
7779  copyright_text,
7780  family_text,
7781  version_text,
7782  nvt_iterator_cvss_base (nvts)
7783  ? nvt_iterator_cvss_base (nvts)
7784  : "",
7785  nvt_iterator_qod (nvts),
7786  nvt_iterator_qod_type (nvts),
7787  nvt_iterator_cve (nvts),
7788  nvt_iterator_bid (nvts),
7789  cert_refs_str->str,
7790  xref_text,
7791  tag_text,
7792  pref_count,
7793  timeout ? timeout : "");
7794  g_free (copyright_text);
7795  g_free (family_text);
7796  g_free (version_text);
7797  g_free (xref_text);
7798  g_free (tag_text);
7799  g_string_free(cert_refs_str, 1);
7800  g_string_free(tags_str, 1);
7801 
7802  if (preferences)
7803  {
7804  iterator_t prefs;
7805  const char *nvt_name = nvt_iterator_name (nvts);
7806 
7807  /* Send the preferences for the NVT. */
7808 
7809  xml_string_append (buffer,
7810  "<preferences>"
7811  "<timeout>%s</timeout>",
7812  timeout ? timeout : "");
7813 
7814  init_nvt_preference_iterator (&prefs, nvt_name);
7815  while (next (&prefs))
7816  buffer_config_preference_xml (buffer, &prefs, config, 1);
7817  cleanup_iterator (&prefs);
7818 
7819  xml_string_append (buffer, "</preferences>");
7820  }
7821 
7822  xml_string_append (buffer, close_tag ? "</nvt>" : "");
7823  msg = g_string_free (buffer, FALSE);
7824  }
7825  else
7826  msg = g_strdup_printf
7827  ("<nvt oid=\"%s\"><name>%s</name>"
7828  "<user_tags><count>%i</count></user_tags>%s",
7829  oid, name_text,
7830  resource_tag_count ("nvt", get_iterator_resource (nvts), 1),
7831  close_tag ? "</nvt>" : "");
7832  g_free (name_text);
7833  return msg;
7834 }
const char * resource_tag_iterator_value(iterator_t *)
const char * nvt_iterator_qod(iterator_t *)
void init_nvt_cert_bund_adv_iterator(iterator_t *, const char *, int, const char *)
Initialise an CERT-Bund iterator, for advisories relevant to a NVT.
Definition: manage_sql.c:64094
resource_t get_iterator_resource(iterator_t *)
Get the resource from a GET iterator.
Definition: manage_sql.c:44322
const char * get_iterator_name(iterator_t *)
int nvt_iterator_category(iterator_t *)
Get the category from an NVT iterator.
Definition: manage_sql.c:38026
const char * resource_tag_iterator_uuid(iterator_t *)
const char * get_iterator_modification_time(iterator_t *)
A generic SQL iterator.
Definition: iterator.h:52
const char * nvt_iterator_cvss_base(iterator_t *)
const char * resource_tag_iterator_comment(iterator_t *)
int manage_cert_loaded()
Check whether CERT is available.
Definition: manage_pg.c:2643
const char * nvt_iterator_cve(iterator_t *)
const char * nvt_iterator_name(iterator_t *)
const char * nvt_iterator_bid(iterator_t *)
void init_nvt_dfn_cert_adv_iterator(iterator_t *, const char *, int, const char *)
Initialise an DFN-CERT iterator, for advisories relevant to a NVT.
Definition: manage_sql.c:64272
const char * nvt_iterator_qod_type(iterator_t *iterator)
#define DEF(x)
Define a code snippet for get_nvti_xml.
Definition: manage.c:7638
const char * get_iterator_creation_time(iterator_t *)
void buffer_config_preference_xml(GString *, iterator_t *, config_t, int)
Buffer XML for the NVT preference of a config.
Definition: omp.c:11120
void init_nvt_preference_iterator(iterator_t *, const char *)
Initialise an NVT preference iterator.
Definition: manage_sql.c:40989
int init_resource_tag_iterator(iterator_t *, const char *, resource_t, int, const char *, int)
Initialise a iterator of tags attached to a resource.
Definition: manage_sql.c:67664
void cleanup_iterator(iterator_t *)
Cleanup an iterator.
Definition: sql.c:664
int resource_tag_count(const char *, resource_t, int)
Count number of tags attached to a resource.
Definition: manage_sql.c:67743
const char * nvt_iterator_oid(iterator_t *)
gboolean next(iterator_t *)
Increment an iterator.
Definition: sql.c:689
char name[1]
Definition: lsc_crypt.c:78
const char * resource_tag_iterator_name(iterator_t *)
Here is the call graph for this function:

◆ get_schedule_timeout()

int get_schedule_timeout ( )

Get the current schedule timeout.

Returns
The schedule timeout in minutes.

Definition at line 6917 of file manage.c.

Referenced by task_schedule_iterator_timed_out().

6918 {
6919  return schedule_timeout;
6920 }
Here is the caller graph for this function:

◆ get_scheduled_user_uuid()

gchar* get_scheduled_user_uuid ( )

Access UUID of user that scheduled the current task.

Returns
UUID of user that scheduled the current task.

Definition at line 6451 of file manage.c.

References schedule_user_uuid.

Referenced by authenticate().

6452 {
6453  return schedule_user_uuid;
6454 }
gchar * schedule_user_uuid
UUID of user whose scheduled task is to be started (in connection with authenticate_allow_all).
Definition: manage.c:6432
Here is the caller graph for this function:

◆ get_termination_signal()

int get_termination_signal ( )

Gets the last termination signal or 0.

Returns
The last termination signal or 0 if there was none.

Definition at line 9582 of file manage.c.

References termination_signal.

9583 {
9584  return termination_signal;
9585 }
volatile int termination_signal
Flag for signal handlers.
Definition: openvasmd.c:256

◆ init_report_format_file_iterator()

int init_report_format_file_iterator ( file_iterator_t iterator,
report_format_t  report_format 
)

Initialise a report format file iterator.

Parameters
[in]iteratorIterator.
[in]report_formatSingle report format to iterate over, NULL for all.
Returns
0 on success, -1 on error.

Definition at line 7096 of file manage.c.

References predefined_report_format_dir(), report_format_owner_uuid(), report_format_predefined(), and report_format_uuid().

7098 {
7099  gchar *dir_name, *uuid;
7100 
7101  uuid = report_format_uuid (report_format);
7102  if (uuid == NULL)
7103  return -1;
7104 
7105  if (report_format_predefined (report_format))
7106  dir_name = predefined_report_format_dir (uuid);
7107  else
7108  {
7109  gchar *owner_uuid;
7110 
7111  owner_uuid = report_format_owner_uuid (report_format);
7112  if (owner_uuid == NULL)
7113  return -1;
7114  dir_name = g_build_filename (OPENVAS_STATE_DIR,
7115  "openvasmd",
7116  "report_formats",
7117  owner_uuid,
7118  uuid,
7119  NULL);
7120  g_free (owner_uuid);
7121  }
7122 
7123  g_free (uuid);
7124 
7125  if (get_report_format_files (dir_name, &iterator->start))
7126  {
7127  g_free (dir_name);
7128  return -1;
7129  }
7130 
7131  iterator->current = iterator->start->pdata;
7132  iterator->current--;
7133  iterator->dir_name = dir_name;
7134  return 0;
7135 }
int report_format_predefined(report_format_t)
Return whether a report format is predefined.
Definition: manage_sql.c:51674
char * report_format_owner_uuid(report_format_t)
Return the UUID of the owner of a report format.
Definition: manage_sql.c:51501
gpointer * current
Current file.
Definition: manage.h:3054
GPtrArray * start
Array of files.
Definition: manage.h:3053
gchar * predefined_report_format_dir(const gchar *uuid)
Get the directory of a report format.
Definition: manage.c:7077
char * report_format_uuid(report_format_t)
Return the UUID of a report format.
Definition: manage_sql.c:51487
gchar * dir_name
Dir holding files.
Definition: manage.h:3055
Here is the call graph for this function:

◆ init_severity_data()

void init_severity_data ( severity_data_t data)

Initialize a severity data structure.

Parameters
[in]dataThe data structure to initialize.

Definition at line 831 of file manage.c.

References severity_data_t::counts, severity_data_t::max, SEVERITY_MAX, SEVERITY_MISSING, SEVERITY_SUBDIVISIONS, severity_data_t::total, and ZERO_SEVERITY_INDEX.

832 {
833  int max_i;
835 
836  data->counts = g_malloc0 (sizeof (int) * (max_i + 1));
837 
838  data->total = 0;
839  data->max = SEVERITY_MISSING;
840 }
#define SEVERITY_SUBDIVISIONS
Definition: manage_utils.h:46
int * counts
Definition: manage.h:988
double max
Definition: manage.h:990
#define ZERO_SEVERITY_INDEX
Definition: manage.c:779
#define SEVERITY_MISSING
Definition: manage_utils.h:40
#define SEVERITY_MAX
Definition: manage_utils.h:44

◆ init_system_report_type_iterator()

int init_system_report_type_iterator ( report_type_iterator_t iterator,
const char *  type,
const char *  slave_id 
)

Initialise a system report type iterator.

Parameters
[in]iteratorIterator.
[in]typeSingle report type to iterate over, NULL for all.
[in]slave_idID of slave to get reports from. 0 for local.
Returns
0 on success, 1 failed to find report type, 2 failed to find slave, 3 used the fallback report, 4 could not connect to slave, 5 authentication failed, 6 failed to get system report, 99 permission denied, -1 on error.

Definition at line 6041 of file manage.c.

References acl_user_may().

6044 {
6045  int ret;
6046 
6047  if (acl_user_may ("get_system_reports") == 0)
6048  return 99;
6049 
6050  ret = get_system_report_types (type, &iterator->start, &iterator->current,
6051  slave_id);
6052  if (ret == 0 || ret == 3)
6053  {
6054  iterator->current--;
6055  return ret;
6056  }
6057  return ret;
6058 }
gchar ** current
Current type.
Definition: manage.h:2616
int acl_user_may(const char *operation)
Test whether a user may perform an operation.
Definition: manage_acl.c:56
gchar ** start
First type.
Definition: manage.h:2615
Here is the call graph for this function:

◆ manage_auth_allow_all()

void manage_auth_allow_all ( int  scheduled)

Ensure that any subsequent authentications succeed.

Parameters
[in]scheduledWhether this is happening from the scheduler.

Definition at line 6440 of file manage.c.

References authenticate_allow_all.

6441 {
6442  authenticate_allow_all = scheduled ? 1 : 2;
6443 }
int authenticate_allow_all
Flag for manage_auth_allow_all.
Definition: manage.c:6426

◆ manage_check_current_task()

int manage_check_current_task ( )

Handle state changes to current task made by other processes.

Returns
0 on success, -1 if out of space in scanner output buffer, 1 if queued to scanner.

Definition at line 5733 of file manage.c.

References current_scanner_task, manage_transaction_stop(), send_to_server(), set_task_run_status(), task_run_status(), TASK_STATUS_DELETE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_WAITING, TASK_STATUS_DELETE_WAITING, TASK_STATUS_DONE, TASK_STATUS_INTERNAL_ERROR, TASK_STATUS_NEW, TASK_STATUS_REQUESTED, TASK_STATUS_RUNNING, TASK_STATUS_STOP_REQUESTED, TASK_STATUS_STOP_REQUESTED_GIVEUP, TASK_STATUS_STOP_WAITING, and TASK_STATUS_STOPPED.

Referenced by process_omp_change(), and process_otp_scanner_input().

5734 {
5736  {
5737  task_status_t run_status;
5738 
5739  /* Commit pending transaction if needed. */
5740  manage_transaction_stop (FALSE);
5741 
5742  /* Check if some other process changed the status. */
5743 
5744  run_status = task_run_status (current_scanner_task);
5745  switch (run_status)
5746  {
5748  /* This should only happen for slave tasks. */
5749  assert (0);
5751  if (send_to_server ("CLIENT <|> STOP_WHOLE_TEST <|> CLIENT\n"))
5752  return -1;
5755  return 1;
5756  break;
5758  if (send_to_server ("CLIENT <|> STOP_WHOLE_TEST <|> CLIENT\n"))
5759  return -1;
5762  return 1;
5763  break;
5765  if (send_to_server ("CLIENT <|> STOP_WHOLE_TEST <|> CLIENT\n"))
5766  return -1;
5769  return 1;
5770  break;
5773  case TASK_STATUS_DONE:
5774  case TASK_STATUS_NEW:
5775  case TASK_STATUS_REQUESTED:
5776  case TASK_STATUS_RUNNING:
5778  case TASK_STATUS_STOPPED:
5780  break;
5781  }
5782  }
5783  return 0;
5784 }
task_status_t
Task statuses, also used as scan/report statuses.
Definition: manage.h:218
void set_task_run_status(task_t, task_status_t)
Set the run state of a task.
Definition: manage_sql.c:18307
task_t current_scanner_task
The task currently running on the scanner.
Definition: manage.c:998
task_status_t task_run_status(task_t)
Return the run state of a task.
Definition: manage_sql.c:18238
int send_to_server(const char *msg)
Send a message to the server.
void manage_transaction_stop(gboolean)
Commit the current transaction, if any.
Definition: manage_sql.c:32976
Here is the call graph for this function:
Here is the caller graph for this function:

◆ manage_read_info()

int manage_read_info ( gchar *  type,
gchar *  uid,
gchar *  name,
gchar **  result 
)

Read raw information.

Parameters
[in]typeType of the requested information.
[in]uidUnique identifier of the requested information
[in]nameName or identifier of the requested information.
[out]resultPointer to the read information location. Will point to NULL on error.
Returns
1 success, -1 error.

Definition at line 7889 of file manage.c.

7890 {
7891  gchar *fname;
7892  gchar *pnames[2] = { "refname", NULL };
7893  gchar *pvalues[2] = { name, NULL };
7894 
7895  assert (result != NULL);
7896  *result = NULL;
7897 
7898  if (g_ascii_strcasecmp ("CPE", type) == 0)
7899  {
7900  fname = get_cpe_filename ();
7901  if (fname)
7902  {
7903  gchar *cpe;
7904  cpe = xsl_transform (CPE_GETBYNAME_XSL, fname, pnames, pvalues);
7905  g_free (fname);
7906  if (cpe)
7907  *result = cpe;
7908  }
7909  }
7910  else if (g_ascii_strcasecmp ("CVE", type) == 0)
7911  {
7912  fname = get_cve_filename (uid);
7913  if (fname)
7914  {
7915  gchar *cve;
7916  cve = xsl_transform (CVE_GETBYNAME_XSL, fname, pnames, pvalues);
7917  g_free (fname);
7918  if (cve)
7919  *result = cve;
7920  }
7921  }
7922  else if (g_ascii_strcasecmp ("NVT", type) == 0)
7923  {
7924  iterator_t nvts;
7925  nvt_t nvt;
7926 
7927  if (!find_nvt (name ? name : uid, &nvt) && nvt)
7928  {
7929  init_nvt_iterator (&nvts, nvt, 0, NULL, NULL, 0, NULL);
7930 
7931  if (next (&nvts))
7932  *result = get_nvti_xml (&nvts,
7933  1, /* Include details. */
7934  0, /* Preference count. */
7935  1, /* Include preferences. */
7936  NULL, /* Timeout. */
7937  0, /* Config. */
7938  1); /* Close tag. */
7939 
7940  cleanup_iterator (&nvts);
7941  }
7942  }
7943  else if (g_ascii_strcasecmp ("OVALDEF", type) == 0)
7944  {
7945  fname = get_ovaldef_filename (uid);
7946  if (fname)
7947  {
7948  gchar *ovaldef;
7949  ovaldef = xsl_transform (OVALDEF_GETBYNAME_XSL, fname,
7950  pnames, pvalues);
7951  g_free (fname);
7952  if (ovaldef)
7953  *result = ovaldef;
7954  }
7955  }
7956  else if (g_ascii_strcasecmp ("CERT_BUND_ADV", type) == 0)
7957  {
7958  fname = get_cert_bund_adv_filename (uid);
7959  if (fname)
7960  {
7961  gchar *adv;
7963  pnames, pvalues);
7964  g_free (fname);
7965  if (adv)
7966  *result = adv;
7967  }
7968  }
7969  else if (g_ascii_strcasecmp ("DFN_CERT_ADV", type) == 0)
7970  {
7971  fname = get_dfn_cert_adv_filename (uid);
7972  if (fname)
7973  {
7974  gchar *adv;
7976  pnames, pvalues);
7977  g_free (fname);
7978  if (adv)
7979  *result = adv;
7980  }
7981  }
7982 
7983  if (*result == NULL)
7984  return -1;
7985 
7986  return 1;
7987 }
#define CPE_GETBYNAME_XSL
CPE selection stylesheet location.
Definition: manage.c:90
#define OVALDEF_GETBYNAME_XSL
OVALDEF selection stylesheet location.
Definition: manage.c:100
A generic SQL iterator.
Definition: iterator.h:52
gchar * get_nvti_xml(iterator_t *nvts, int details, int pref_count, int preferences, const char *timeout, config_t config, int close_tag)
Create and return XML description for an NVT.
Definition: manage.c:7658
#define CVE_GETBYNAME_XSL
CVE selection stylesheet location.
Definition: manage.c:95
long long int nvt_t
Definition: manage.h:294
gboolean find_nvt(const char *, nvt_t *)
Find an NVT given an identifier.
Definition: manage_sql.c:37440
gchar * xsl_transform(gchar *stylesheet, gchar *xmlfile, gchar **param_names, gchar **param_values)
Run xsltproc in an external process.
Definition: manage.c:7535
void cleanup_iterator(iterator_t *)
Cleanup an iterator.
Definition: sql.c:664
#define DFN_CERT_ADV_GETBYNAME_XSL
DFN_CERT_ADV selection stylesheet location.
Definition: manage.c:110
gboolean next(iterator_t *)
Increment an iterator.
Definition: sql.c:689
void init_nvt_iterator(iterator_t *, nvt_t, config_t, const char *, const char *, int, const char *)
Initialise an NVT iterator.
Definition: manage_sql.c:37843
char name[1]
Definition: lsc_crypt.c:78
#define CERT_BUND_ADV_GETBYNAME_XSL
CERT_BUND_ADV selection stylesheet location.
Definition: manage.c:105

◆ manage_run_wizard()

int manage_run_wizard ( const gchar *  name,
int(*)(void *, gchar *, gchar **)  run_command,
void *  run_command_data,
array_t *  params,
int  read_only,
const char *  mode,
gchar **  command_error,
gchar **  command_error_code,
gchar **  ret_response 
)

Run a wizard.

Parameters
[in]nameWizard name.
[in]run_commandFunction to run OMP command.
[in]run_command_dataArgument for run_command.
[in]paramsWizard params. Array of name_value_t.
[in]read_onlyWhether to only allow wizards marked as read only.
[in]modeName of the mode to run the wizard in.
[out]command_errorAddress for error message from failed command when return is 4, or NULL.
[out]command_error_codeAddress for status code from failed command when return is 4, or NULL.
[out]ret_responseAddress for response string of last command.
Returns
0 success, 1 name error, 2 process forked to run task, -10 process forked to run task where task start failed, -2 to_scanner buffer full, 4 command in wizard failed, 5 wizard not read only, 6 Parameter validation failed, -1 internal error, 99 permission denied.

Definition at line 8949 of file manage.c.

References acl_user_may(), forked, name_value_t::name, name_value_t::value, and xsl_transform().

8958 {
8959  GString *params_xml;
8960  gchar *file, *file_name, *response, *extra, *extra_wrapped, *wizard;
8961  gsize wizard_len;
8962  GError *get_error;
8963  entity_t entity, mode_entity, params_entity, read_only_entity;
8964  entity_t param_def, step;
8965  entities_t modes, steps, param_defs;
8966  int ret, forked;
8967  const gchar *point;
8968 
8969  forked = 0;
8970 
8971  if (acl_user_may ("run_wizard") == 0)
8972  return 99;
8973 
8974  if (command_error)
8975  *command_error = NULL;
8976 
8977  if (command_error_code)
8978  *command_error_code = NULL;
8979 
8980  if (ret_response)
8981  *ret_response = NULL;
8982 
8983  point = name;
8984  while (*point && (isalnum (*point) || *point == '_')) point++;
8985  if (*point)
8986  return 1;
8987 
8988  /* Read wizard from file. */
8989 
8990  file_name = g_strdup_printf ("%s.xml", name);
8991  file = g_build_filename (OPENVAS_DATA_DIR,
8992  "openvasmd",
8993  "wizards",
8994  file_name,
8995  NULL);
8996  g_free (file_name);
8997 
8998  get_error = NULL;
8999  g_file_get_contents (file,
9000  &wizard,
9001  &wizard_len,
9002  &get_error);
9003  g_free (file);
9004  if (get_error)
9005  {
9006  g_warning ("%s: Failed to read wizard: %s\n",
9007  __FUNCTION__,
9008  get_error->message);
9009  g_error_free (get_error);
9010  return -1;
9011  }
9012 
9013  /* Parse wizard. */
9014 
9015  entity = NULL;
9016  if (parse_entity (wizard, &entity))
9017  {
9018  g_warning ("%s: Failed to parse wizard\n", __FUNCTION__);
9019  g_free (wizard);
9020  return -1;
9021  }
9022  g_free (wizard);
9023 
9024  /* Select mode */
9025  if (mode && strcmp (mode, ""))
9026  {
9027  modes = entity->entities;
9028  int mode_found = 0;
9029  while (mode_found == 0 && (mode_entity = first_entity (modes)))
9030  {
9031  if (strcasecmp (entity_name (mode_entity), "mode") == 0)
9032  {
9033  entity_t name_entity;
9034  name_entity = entity_child (mode_entity, "name");
9035 
9036  if (strcmp (entity_text (name_entity), mode) == 0)
9037  mode_found = 1;
9038  }
9039  modes = next_entities (modes);
9040  }
9041 
9042  if (mode_found == 0)
9043  {
9044  free_entity (entity);
9045  if (ret_response)
9046  *ret_response = g_strdup ("");
9047 
9048  if (forked)
9049  return 3;
9050  else
9051  return 0;
9052  }
9053  }
9054  else
9055  {
9056  mode_entity = entity;
9057  }
9058 
9059  /* If needed, check if wizard is marked as read only.
9060  * This does not check the actual commands.
9061  */
9062  if (read_only)
9063  {
9064  read_only_entity = entity_child (mode_entity, "read_only");
9065  if (read_only_entity == NULL)
9066  {
9067  free_entity (entity);
9068  return 5;
9069  }
9070  }
9071 
9072  /* Check params */
9073  params_xml = g_string_new ("");
9074  params_entity = entity_child (mode_entity, "params");
9075  if (params_entity)
9076  param_defs = params_entity->entities;
9077 
9078  while (params_entity && (param_def = first_entity (param_defs)))
9079  {
9080  if (strcasecmp (entity_name (param_def), "param") == 0)
9081  {
9082  entity_t name_entity, regex_entity, optional_entity;
9083  const char *name, *regex;
9084  int optional;
9085  int param_found = 0;
9086 
9087  name_entity = entity_child (param_def, "name");
9088  if ((name_entity == NULL)
9089  || (strcmp (entity_text (name_entity), "") == 0))
9090  {
9091  g_warning ("%s: Wizard PARAM missing NAME\n",
9092  __FUNCTION__);
9093  free_entity (entity);
9094  return -1;
9095  }
9096  else
9097  name = entity_text (name_entity);
9098 
9099  regex_entity = entity_child (param_def, "regex");
9100  if ((regex_entity == NULL)
9101  || (strcmp (entity_text (regex_entity), "") == 0))
9102  {
9103  g_warning ("%s: Wizard PARAM missing REGEX\n",
9104  __FUNCTION__);
9105  free_entity (entity);
9106  return -1;
9107  }
9108  else
9109  regex = entity_text (regex_entity);
9110 
9111  optional_entity = entity_child (param_def, "optional");
9112  optional = (optional_entity
9113  && strcmp (entity_text (optional_entity), "")
9114  && strcmp (entity_text (optional_entity), "0"));
9115 
9116  if (params)
9117  {
9118  guint index = params->len;
9119  while (index--)
9120  {
9121  name_value_t *pair;
9122 
9123  pair = (name_value_t*) g_ptr_array_index (params, index);
9124 
9125  if (pair == NULL)
9126  continue;
9127 
9128  if ((pair->name)
9129  && (pair->value)
9130  && (strcmp (pair->name, name) == 0))
9131  {
9132  index = 0; // end loop;
9133  param_found = 1;
9134 
9135  if (g_regex_match_simple (regex, pair->value, 0, 0) == 0)
9136  {
9137  *command_error
9138  = g_strdup_printf ("Value '%s' is not valid for"
9139  " parameter '%s'.",
9140  pair->value, name);
9141  free_entity (entity);
9142  g_string_free (params_xml, TRUE);
9143  return 6;
9144  }
9145  }
9146  }
9147  }
9148 
9149  if (optional == 0 && param_found == 0)
9150  {
9151  *command_error = g_strdup_printf ("Mandatory wizard param '%s'"
9152  " missing",
9153  name);
9154  free_entity (entity);
9155  return 6;
9156  }
9157 
9158 
9159  }
9160  param_defs = next_entities (param_defs);
9161  }
9162 
9163  /* Buffer params */
9164  if (params)
9165  {
9166  guint index = params->len;
9167  while (index--)
9168  {
9169  name_value_t *pair;
9170 
9171  pair = (name_value_t*) g_ptr_array_index (params, index);
9172  xml_string_append (params_xml,
9173  "<param>"
9174  "<name>%s</name>"
9175  "<value>%s</value>"
9176  "</param>",
9177  pair->name ? pair->name : "",
9178  pair->value ? pair->value : "");
9179  }
9180  }
9181 
9182  /* Run each step of the wizard. */
9183 
9184  response = NULL;
9185  extra = NULL;
9186  steps = mode_entity->entities;
9187  while ((step = first_entity (steps)))
9188  {
9189  if (strcasecmp (entity_name (step), "step") == 0)
9190  {
9191  entity_t command, extra_xsl;
9192  gchar *omp;
9193  int xsl_fd, xml_fd;
9194  char xsl_file_name[] = "/tmp/openvasmd-xsl-XXXXXX";
9195  FILE *xsl_file, *xml_file;
9196  char xml_file_name[] = "/tmp/openvasmd-xml-XXXXXX";
9197  char extra_xsl_file_name[] = "/tmp/openvasmd-extra-xsl-XXXXXX";
9198  char extra_xml_file_name[] = "/tmp/openvasmd-extra-xml-XXXXXX";
9199 
9200  /* Get the command element. */
9201 
9202  command = entity_child (step, "command");
9203  if (command == NULL)
9204  {
9205  g_warning ("%s: Wizard STEP missing COMMAND\n",
9206  __FUNCTION__);
9207  free_entity (entity);
9208  g_free (response);
9209  g_free (extra);
9210  g_string_free (params_xml, TRUE);
9211  return -1;
9212  }
9213 
9214  /* Save the command XSL from the element to a file. */
9215 
9216  xsl_fd = mkstemp (xsl_file_name);
9217  if (xsl_fd == -1)
9218  {
9219  g_warning ("%s: Wizard XSL file create failed\n",
9220  __FUNCTION__);
9221  free_entity (entity);
9222  g_free (response);
9223  g_free (extra);
9224  g_string_free (params_xml, TRUE);
9225  return -1;
9226  }
9227 
9228  xsl_file = fdopen (xsl_fd, "w");
9229  if (xsl_file == NULL)
9230  {
9231  g_warning ("%s: Wizard XSL file open failed\n",
9232  __FUNCTION__);
9233  close (xsl_fd);
9234  free_entity (entity);
9235  g_free (response);
9236  g_free (extra);
9237  g_string_free (params_xml, TRUE);
9238  return -1;
9239  }
9240 
9241  if (first_entity (command->entities))
9242  print_entity (xsl_file, first_entity (command->entities));
9243 
9244  /* Write the params as XML to a file. */
9245 
9246  xml_fd = mkstemp (xml_file_name);
9247  if (xml_fd == -1)
9248  {
9249  g_warning ("%s: Wizard XML file create failed\n",
9250  __FUNCTION__);
9251  fclose (xsl_file);
9252  unlink (xsl_file_name);
9253  free_entity (entity);
9254  g_free (response);
9255  g_free (extra);
9256  g_string_free (params_xml, TRUE);
9257  return -1;
9258  }
9259 
9260  xml_file = fdopen (xml_fd, "w");
9261  if (xml_file == NULL)
9262  {
9263  g_warning ("%s: Wizard XML file open failed\n",
9264  __FUNCTION__);
9265  fclose (xsl_file);
9266  unlink (xsl_file_name);
9267  close (xml_fd);
9268  free_entity (entity);
9269  g_free (response);
9270  g_free (extra);
9271  g_string_free (params_xml, TRUE);
9272  return -1;
9273  }
9274 
9275  if (fprintf (xml_file,
9276  "<wizard>"
9277  "<params>%s</params>"
9278  "<previous>"
9279  "<response>%s</response>"
9280  "<extra_data>%s</extra_data>"
9281  "</previous>"
9282  "</wizard>\n",
9283  params_xml->str ? params_xml->str : "",
9284  response ? response : "",
9285  extra ? extra : "")
9286  < 0)
9287  {
9288  fclose (xsl_file);
9289  unlink (xsl_file_name);
9290  fclose (xml_file);
9291  unlink (xml_file_name);
9292  free_entity (entity);
9293  g_warning ("%s: Wizard failed to write XML\n",
9294  __FUNCTION__);
9295  g_free (response);
9296  g_free (extra);
9297  g_string_free (params_xml, TRUE);
9298  return -1;
9299  }
9300 
9301  fflush (xml_file);
9302 
9303  /* Combine XSL and XML to get the OMP command. */
9304 
9305  omp = xsl_transform (xsl_file_name, xml_file_name, NULL,
9306  NULL);
9307  fclose (xsl_file);
9308  unlink (xsl_file_name);
9309  fclose (xml_file);
9310  unlink (xml_file_name);
9311  if (omp == NULL)
9312  {
9313  g_warning ("%s: Wizard XSL transform failed\n",
9314  __FUNCTION__);
9315  free_entity (entity);
9316  g_free (response);
9317  g_free (extra);
9318  g_string_free (params_xml, TRUE);
9319  return -1;
9320  }
9321 
9322  /* Run the OMP command. */
9323 
9324  g_free (response);
9325  response = NULL;
9326  ret = run_command (run_command_data, omp, &response);
9327  if (ret == 3)
9328  {
9329  /* Parent after a start_task fork. */
9330  forked = 1;
9331  }
9332  else if (ret == 0)
9333  {
9334  /* Command succeeded. */
9335  }
9336  else if (ret == 2)
9337  {
9338  /* Process forked to run a task. */
9339  free_entity (entity);
9340  g_free (response);
9341  g_free (extra);
9342  g_string_free (params_xml, TRUE);
9343  return 2;
9344  }
9345  else if (ret == -10)
9346  {
9347  /* Process forked to run a task. Task start failed. */
9348  free_entity (entity);
9349  g_free (response);
9350  g_free (extra);
9351  g_string_free (params_xml, TRUE);
9352  return -10;
9353  }
9354  else if (ret == -2)
9355  {
9356  /* to_scanner buffer full. */
9357  free_entity (entity);
9358  g_free (response);
9359  g_free (extra);
9360  g_string_free (params_xml, TRUE);
9361  return -2;
9362  }
9363  else
9364  {
9365  free_entity (entity);
9366  g_free (response);
9367  g_free (extra);
9368  g_string_free (params_xml, TRUE);
9369  return -1;
9370  }
9371 
9372  /* Exit if the command failed. */
9373 
9374  if (response)
9375  {
9376  const char *status;
9377  entity_t response_entity;
9378 
9379  response_entity = NULL;
9380  if (parse_entity (response, &response_entity))
9381  {
9382  g_warning ("%s: Wizard failed to parse response\n",
9383  __FUNCTION__);
9384  free_entity (entity);
9385  g_free (response);
9386  g_free (extra);
9387  g_string_free (params_xml, TRUE);
9388  return -1;
9389  }
9390 
9391  status = entity_attribute (response_entity, "status");
9392  if ((status == NULL)
9393  || (strlen (status) == 0)
9394  || (status[0] != '2'))
9395  {
9396  g_debug ("response was %s\n", response);
9397  if (command_error)
9398  {
9399  const char *text;
9400  text = entity_attribute (response_entity, "status_text");
9401  if (text)
9402  *command_error = g_strdup (text);
9403  }
9404  if (command_error_code)
9405  {
9406  *command_error_code = g_strdup (status);
9407  }
9408  free_entity (response_entity);
9409  free_entity (entity);
9410  g_free (response);
9411  g_free (extra);
9412  g_string_free (params_xml, TRUE);
9413  return 4;
9414  }
9415 
9416  free_entity (response_entity);
9417  }
9418 
9419  /* Get the extra_data element. */
9420 
9421  extra_xsl = entity_child (step, "extra_data");
9422  if (extra_xsl)
9423  {
9424  /* Save the extra_data XSL from the element to a file. */
9425 
9426  xsl_fd = mkstemp (extra_xsl_file_name);
9427  if (xsl_fd == -1)
9428  {
9429  g_warning ("%s: Wizard extra_data XSL file create failed\n",
9430  __FUNCTION__);
9431  free_entity (entity);
9432  g_free (response);
9433  g_free (extra);
9434  g_string_free (params_xml, TRUE);
9435  return -1;
9436  }
9437 
9438  xsl_file = fdopen (xsl_fd, "w");
9439  if (xsl_file == NULL)
9440  {
9441  g_warning ("%s: Wizard extra_data XSL file open failed\n",
9442  __FUNCTION__);
9443  close (xsl_fd);
9444  free_entity (entity);
9445  g_free (response);
9446  g_free (extra);
9447  g_string_free (params_xml, TRUE);
9448  return -1;
9449  }
9450 
9451  if (first_entity (extra_xsl->entities))
9452  print_entity (xsl_file, first_entity (extra_xsl->entities));
9453 
9454  /* Write the params as XML to a file. */
9455 
9456  xml_fd = mkstemp (extra_xml_file_name);
9457  if (xml_fd == -1)
9458  {
9459  g_warning ("%s: Wizard XML file create failed\n",
9460  __FUNCTION__);
9461  fclose (xsl_file);
9462  unlink (xsl_file_name);
9463  free_entity (entity);
9464  g_free (response);
9465  g_free (extra);
9466  g_string_free (params_xml, TRUE);
9467  return -1;
9468  }
9469 
9470  xml_file = fdopen (xml_fd, "w");
9471  if (xml_file == NULL)
9472  {
9473  g_warning ("%s: Wizard XML file open failed\n",
9474  __FUNCTION__);
9475  fclose (xsl_file);
9476  unlink (xsl_file_name);
9477  close (xml_fd);
9478  free_entity (entity);
9479  g_free (response);
9480  g_free (extra);
9481  g_string_free (params_xml, TRUE);
9482  return -1;
9483  }
9484 
9485  if (fprintf (xml_file,
9486  "<wizard>"
9487  "<params>%s</params>"
9488  "<current>"
9489  "<response>%s</response>"
9490  "</current>"
9491  "<previous>"
9492  "<extra_data>%s</extra_data>"
9493  "</previous>"
9494  "</wizard>\n",
9495  params_xml->str ? params_xml->str : "",
9496  response ? response : "",
9497  extra ? extra : "")
9498  < 0)
9499  {
9500  fclose (xsl_file);
9501  unlink (extra_xsl_file_name);
9502  fclose (xml_file);
9503  unlink (extra_xml_file_name);
9504  free_entity (entity);
9505  g_warning ("%s: Wizard failed to write XML\n",
9506  __FUNCTION__);
9507  g_free (response);
9508  g_free (extra);
9509  g_string_free (params_xml, TRUE);
9510  return -1;
9511  }
9512 
9513  fflush (xml_file);
9514 
9515  g_free (extra);
9516  extra = xsl_transform (extra_xsl_file_name, extra_xml_file_name,
9517  NULL, NULL);
9518  fclose (xsl_file);
9519  unlink (extra_xsl_file_name);
9520  fclose (xml_file);
9521  unlink (extra_xml_file_name);
9522  }
9523  }
9524  steps = next_entities (steps);
9525  }
9526 
9527  if (extra)
9528  extra_wrapped = g_strdup_printf ("<extra_data>%s</extra_data>",
9529  extra);
9530  else
9531  extra_wrapped = NULL;
9532  g_free (extra);
9533 
9534  if (ret_response)
9535  *ret_response = response;
9536 
9537  if (extra_wrapped && (forked == 0))
9538  {
9539  entity_t extra_entity, status_entity, status_text_entity;
9540  ret = parse_entity (extra_wrapped, &extra_entity);
9541  if (ret == 0)
9542  {
9543  status_entity = entity_child (extra_entity, "status");
9544  status_text_entity = entity_child (extra_entity, "status_text");
9545 
9546  if (status_text_entity && command_error)
9547  {
9548  *command_error = g_strdup (entity_text (status_text_entity));
9549  }
9550 
9551  if (status_entity && command_error_code)
9552  {
9553  *command_error_code = g_strdup (entity_text (status_entity));
9554  }
9555  free_entity (extra_entity);
9556  }
9557  else
9558  {
9559  g_warning ("%s: failed to parse extra data", __FUNCTION__);
9560  free_entity (entity);
9561  g_string_free (params_xml, TRUE);
9562  return -1;
9563  }
9564  }
9565 
9566  free_entity (entity);
9567  g_string_free (params_xml, TRUE);
9568 
9569  /* All the steps succeeded. */
9570 
9571  if (forked)
9572  return 3;
9573  return 0;
9574 }
gchar * name
Name.
Definition: manage.h:65
gchar * xsl_transform(gchar *stylesheet, gchar *xmlfile, gchar **param_names, gchar **param_values)
Run xsltproc in an external process.
Definition: manage.c:7535
int acl_user_may(const char *operation)
Test whether a user may perform an operation.
Definition: manage_acl.c:56
int forked
Hack for returning fork status to caller.
Definition: omp.c:4974
char name[1]
Definition: lsc_crypt.c:78
Name value pair.
Definition: manage.h:63
gchar * value
Param value.
Definition: manage.h:66
Here is the call graph for this function:

◆ manage_scap_update_time()

const char* manage_scap_update_time ( )

GET SCAP update time, as a string.

Returns
Last update time as a static string, or "" on error.

Definition at line 7842 of file manage.c.

References SCAP_TIMESTAMP_FILENAME.

7843 {
7844  gchar *content;
7845  GError *error;
7846  gsize content_size;
7847  struct tm update_time;
7848 
7849  /* Read in the contents. */
7850 
7851  error = NULL;
7852  if (g_file_get_contents (SCAP_TIMESTAMP_FILENAME,
7853  &content,
7854  &content_size,
7855  &error)
7856  == FALSE)
7857  {
7858  if (error)
7859  {
7860  g_debug ("%s: failed to read %s: %s",
7861  __FUNCTION__, SCAP_TIMESTAMP_FILENAME, error->message);
7862  g_error_free (error);
7863  }
7864  return "";
7865  }
7866 
7867  memset (&update_time, 0, sizeof (struct tm));
7868  if (strptime (content, "%Y%m%d%H%M", &update_time))
7869  {
7870  static char time_string[100];
7871  strftime (time_string, 99, "%FT%T.000%z", &update_time);
7872  return time_string;
7873  }
7874  return "";
7875 }
#define SCAP_TIMESTAMP_FILENAME
SCAP timestamp location.
Definition: manage.c:142

◆ manage_schedule()

int manage_schedule ( int(*)(openvas_connection_t *, gchar *)  fork_connection,
gboolean  run_tasks,
sigset_t *  sigmask_current 
)

Schedule any actions that are due.

In openvasmd, periodically called from the main daemon loop.

Parameters
[in]fork_connectionFunction that forks a child which is connected to the Manager. Must return PID in parent, 0 in child, or -1 on error.
[in]run_tasksWhether to run scheduled tasks.
[in]sigmask_currentSigmask to restore in child.
Returns
0 success, 1 failed to get lock, -1 error.

Definition at line 6481 of file manage.c.

References auto_delete_reports(), cleanup_task_schedule_iterator(), clear_duration_schedules(), current_credentials, init_task_schedule_iterator(), manage_session_init(), manage_update_nvti_cache(), next(), next_time(), reinit_manage_process(), reschedule_task(), schedule_duration(), schedule_period(), set_task_schedule_next_time(), set_task_schedule_next_time_uuid(), set_task_schedule_periods(), set_task_schedule_uuid(), task_schedule_iterator_first_time(), task_schedule_iterator_owner_name(), task_schedule_iterator_owner_uuid(), task_schedule_iterator_period(), task_schedule_iterator_period_months(), task_schedule_iterator_start_due(), task_schedule_iterator_stop_due(), task_schedule_iterator_task(), task_schedule_iterator_task_uuid(), task_schedule_iterator_timed_out(), task_schedule_iterator_timezone(), task_schedule_next_time_uuid(), task_schedule_periods_uuid(), task_schedule_uuid(), task_uuid(), and update_duration_schedule_periods().

6484 {
6485  iterator_t schedules;
6486  GSList *starts = NULL, *stops = NULL;
6487  int ret;
6488  task_t previous_start_task = 0;
6489  task_t previous_stop_task = 0;
6490 
6491  ret = manage_update_nvti_cache ();
6492  if (ret)
6493  {
6494  if (ret == -1)
6495  {
6496  g_warning ("%s: manage_update_nvti_cache error"
6497  " (Perhaps the db went down?)",
6498  __FUNCTION__);
6499  /* Just ignore, in case the db went down temporarily. */
6500  return 0;
6501  }
6502 
6503  return ret;
6504  }
6505 
6506  if (run_tasks == 0)
6507  return 0;
6508 
6509  /* Assemble "starts" and "stops" list containing task uuid and owner name
6510  * for each (scheduled) task to start or stop. */
6511 
6512  ret = init_task_schedule_iterator (&schedules);
6513  if (ret)
6514  {
6515  if (ret == -1)
6516  {
6517  g_warning ("%s: iterator init error"
6518  " (Perhaps the db went down?)",
6519  __FUNCTION__);
6520  /* Just ignore, in case the db went down temporarily. */
6521  return 0;
6522  }
6523 
6524  return ret;
6525  }
6526  /* This iterator runs in an exclusive transaction, so this loop is atomic. */
6527  while (next (&schedules))
6528  if (task_schedule_iterator_start_due (&schedules))
6529  {
6530  time_t first_time, period, period_months;
6531  const char* timezone;
6532  int timed_out;
6533 
6534  /* Check if task schedule is timed out before updating next due time */
6535  timed_out = task_schedule_iterator_timed_out (&schedules);
6536 
6537  /* Update the task schedule info to prevent multiple schedules. */
6538 
6539  first_time = task_schedule_iterator_first_time (&schedules);
6540  period = task_schedule_iterator_period (&schedules);
6541  period_months = task_schedule_iterator_period_months (&schedules);
6542  timezone = task_schedule_iterator_timezone (&schedules);
6543 
6545  (task_schedule_iterator_task (&schedules),
6546  next_time (first_time, period, period_months, timezone, 0));
6547 
6548  /* Skip this task if it was already added to the starts list
6549  * to avoid conflicts between multiple users with permissions.
6550  */
6551 
6552  if (previous_start_task == task_schedule_iterator_task (&schedules))
6553  continue;
6554 
6555  if (timed_out)
6556  {
6557  g_message (" %s: Task timed out: %s",
6558  __FUNCTION__,
6559  task_schedule_iterator_task_uuid (&schedules));
6560  continue;
6561  }
6562 
6563  previous_start_task = task_schedule_iterator_task (&schedules);
6564 
6565  /* Add task UUID and owner name and UUID to the list. */
6566 
6567  starts = g_slist_prepend
6568  (starts,
6569  g_strdup (task_schedule_iterator_task_uuid (&schedules)));
6570  starts = g_slist_prepend
6571  (starts,
6572  g_strdup (task_schedule_iterator_owner_uuid (&schedules)));
6573  starts = g_slist_prepend
6574  (starts,
6575  g_strdup (task_schedule_iterator_owner_name (&schedules)));
6576  }
6577  else if (task_schedule_iterator_stop_due (&schedules))
6578  {
6579  /* Skip this task if it was already added to the stops list
6580  * to avoid conflicts between multiple users with permissions.
6581  */
6582 
6583  if (previous_stop_task == task_schedule_iterator_task (&schedules))
6584  continue;
6585  previous_stop_task = task_schedule_iterator_task (&schedules);
6586 
6587  /* Add task UUID and owner name and UUID to the list. */
6588 
6589  stops = g_slist_prepend
6590  (stops,
6591  g_strdup (task_schedule_iterator_task_uuid (&schedules)));
6592  stops = g_slist_prepend
6593  (stops,
6594  g_strdup (task_schedule_iterator_owner_uuid (&schedules)));
6595  stops = g_slist_prepend
6596  (stops,
6597  g_strdup (task_schedule_iterator_owner_name (&schedules)));
6598  }
6599  cleanup_task_schedule_iterator (&schedules);
6600 
6601  /* Start tasks in forked processes, now that the SQL statement is closed. */
6602 
6603  while (starts)
6604  {
6605  int pid;
6606  openvas_connection_t connection;
6607  gchar *task_uuid, *owner, *owner_uuid;
6608  GSList *head;
6609  omp_authenticate_info_opts_t auth_opts;
6610 
6611  owner = starts->data;
6612  assert (starts->next);
6613  owner_uuid = starts->next->data;
6614  assert (starts->next->next);
6615  task_uuid = starts->next->next->data;
6616 
6617  head = starts;
6618  starts = starts->next->next->next;
6619  g_slist_free_1 (head->next->next);
6620  g_slist_free_1 (head->next);
6621  g_slist_free_1 (head);
6622 
6623  /* Fork a child to start the task and wait for the response, so that the
6624  * parent can return to the main loop. */
6625 
6626  pid = fork ();
6627  switch (pid)
6628  {
6629  case 0:
6630  /* Child. Carry on to start the task, reopen the database (required
6631  * after fork). */
6632 
6633  /* Restore the sigmask that was blanked for pselect. */
6634  pthread_sigmask (SIG_SETMASK, sigmask_current, NULL);
6635 
6638  while (starts)
6639  {
6640  g_free (starts->data);
6641  starts = g_slist_delete_link (starts, starts);
6642  }
6643  break;
6644 
6645  case -1:
6646  /* Parent on error. Reschedule and continue to next task. */
6647  g_warning ("%s: fork failed\n", __FUNCTION__);
6648  reschedule_task (task_uuid);
6649  g_free (task_uuid);
6650  g_free (owner);
6651  g_free (owner_uuid);
6652  continue;
6653 
6654  default:
6655  /* Parent. Continue to next task. */
6656  g_debug ("%s: %i forked %i", __FUNCTION__, getpid (), pid);
6657  g_free (task_uuid);
6658  g_free (owner);
6659  g_free (owner_uuid);
6660  continue;
6661 
6662  }
6663 
6664  /* Run the callback to fork a child connected to the Manager. */
6665 
6666  pid = fork_connection (&connection, owner_uuid);
6667  switch (pid)
6668  {
6669  case 0:
6670  /* Child. Break, start task, exit. */
6671  g_free (owner_uuid);
6672  break;
6673 
6674  case -1:
6675  /* Parent on error. */
6676  g_warning ("%s: fork_connection failed\n", __FUNCTION__);
6677  reschedule_task (task_uuid);
6678  g_free (task_uuid);
6679  g_free (owner);
6680  g_free (owner_uuid);
6681  exit (EXIT_FAILURE);
6682  break;
6683 
6684  default:
6685  {
6686  int status;
6687 
6688  /* Parent. Wait for child, to check return. */
6689 
6690  g_debug ("%s: %i fork_connectioned %i",
6691  __FUNCTION__, getpid (), pid);
6692 
6693  g_free (owner);
6694  g_free (owner_uuid);
6695 
6696  if (signal (SIGCHLD, SIG_DFL) == SIG_ERR)
6697  g_warning ("%s: failed to set SIGCHLD", __FUNCTION__);
6698  while (waitpid (pid, &status, 0) < 0)
6699  {
6700  if (errno == ECHILD)
6701  {
6702  g_warning ("%s: Failed to get child exit,"
6703  " so task '%s' may not have been scheduled",
6704  __FUNCTION__,
6705  task_uuid);
6706  g_free (task_uuid);
6707  exit (EXIT_FAILURE);
6708  }
6709  if (errno == EINTR)
6710  continue;
6711  g_warning ("%s: waitpid: %s",
6712  __FUNCTION__,
6713  strerror (errno));
6714  g_warning ("%s: As a result, task '%s' may not have been"
6715  " scheduled",
6716  __FUNCTION__,
6717  task_uuid);
6718  g_free (task_uuid);
6719  exit (EXIT_FAILURE);
6720  }
6721  if (WIFEXITED (status))
6722  switch (WEXITSTATUS (status))
6723  {
6724  case EXIT_SUCCESS:
6725  {
6726  schedule_t schedule;
6727  int periods;
6728 
6729  /* Child succeeded. */
6730 
6731  schedule = task_schedule_uuid (task_uuid);
6732  if (schedule
6733  && schedule_period (schedule) == 0
6734  && schedule_duration (schedule) == 0
6735  /* Check next time too, in case the user changed
6736  * the schedule after this task was added to the
6737  * "starts" list. */
6738  && task_schedule_next_time_uuid (task_uuid) == 0)
6739  /* A once-off schedule without a duration, remove
6740  * it from the task. If it has a duration it
6741  * will be removed below, after the duration. */
6742  set_task_schedule_uuid (task_uuid, 0, 0);
6743  else if ((periods = task_schedule_periods_uuid
6744  (task_uuid)))
6745  {
6746  /* A task restricted to a certain number of
6747  * scheduled runs. */
6748  if (periods > 1)
6749  {
6750  set_task_schedule_periods (task_uuid,
6751  periods - 1);
6752  }
6753  else if (periods == 1
6754  && schedule_duration (schedule) == 0)
6755  {
6756  /* Last run of a task restricted to a certain
6757  * number of scheduled runs. */
6758  set_task_schedule_uuid (task_uuid, 0, 1);
6759  }
6760  else if (periods == 1)
6761  /* Flag that the task has started, for
6762  * update_duration_schedule_periods. */
6763  set_task_schedule_next_time_uuid (task_uuid, 0);
6764  }
6765  }
6766  g_free (task_uuid);
6767  exit (EXIT_SUCCESS);
6768 
6769  case EXIT_FAILURE:
6770  default:
6771  break;
6772  }
6773 
6774  /* Child failed, reset task schedule time and exit. */
6775 
6776  g_warning ("%s: child failed\n", __FUNCTION__);
6777  reschedule_task (task_uuid);
6778  g_free (task_uuid);
6779 
6780  exit (EXIT_FAILURE);
6781  }
6782  }
6783 
6784  /* Start the task. */
6785 
6786  auth_opts = omp_authenticate_info_opts_defaults;
6787  auth_opts.username = owner;
6788  if (omp_authenticate_info_ext_c (&connection, auth_opts))
6789  {
6790  g_warning ("%s: omp_authenticate failed", __FUNCTION__);
6791  g_free (task_uuid);
6792  g_free (owner);
6793  openvas_connection_free (&connection);
6794  exit (EXIT_FAILURE);
6795  }
6796 
6797  g_free (owner);
6798 
6799  if (omp_resume_task_report_c (&connection, task_uuid, NULL))
6800  {
6801  if (omp_start_task_report_c (&connection, task_uuid, NULL))
6802  {
6803  g_warning ("%s: omp_start_task and omp_resume_task failed", __FUNCTION__);
6804  g_free (task_uuid);
6805  openvas_connection_free (&connection);
6806  exit (EXIT_FAILURE);
6807  }
6808  }
6809 
6810  g_free (task_uuid);
6811  openvas_connection_free (&connection);
6812  exit (EXIT_SUCCESS);
6813  }
6814 
6815  /* Stop tasks in forked processes, now that the SQL statement is closed. */
6816 
6817  while (stops)
6818  {
6819  openvas_connection_t connection;
6820  gchar *task_uuid, *owner, *owner_uuid;
6821  GSList *head;
6822  omp_authenticate_info_opts_t auth_opts;
6823 
6824  owner = stops->data;
6825  assert (stops->next);
6826  owner_uuid = stops->next->data;
6827  assert (stops->next->next);
6828  task_uuid = stops->next->next->data;
6829 
6830  head = stops;
6831  stops = stops->next->next->next;
6832  g_slist_free_1 (head->next->next);
6833  g_slist_free_1 (head->next);
6834  g_slist_free_1 (head);
6835 
6836  /* TODO As with starts above, this should retry if the stop failed. */
6837 
6838  /* Run the callback to fork a child connected to the Manager. */
6839 
6840  switch (fork_connection (&connection, owner_uuid))
6841  {
6842  case 0:
6843  /* Child. Break, stop task, exit. */
6844  while (stops)
6845  {
6846  g_free (stops->data);
6847  stops = g_slist_delete_link (stops, stops);
6848  }
6849  break;
6850 
6851  case -1:
6852  /* Parent on error. */
6853  g_free (task_uuid);
6854  g_free (owner);
6855  g_free (owner_uuid);
6856  while (stops)
6857  {
6858  g_free (stops->data);
6859  stops = g_slist_delete_link (stops, stops);
6860  }
6861  g_warning ("%s: stop fork failed\n", __FUNCTION__);
6862  return -1;
6863  break;
6864 
6865  default:
6866  /* Parent. Continue to next task. */
6867  g_free (task_uuid);
6868  g_free (owner);
6869  g_free (owner_uuid);
6870  continue;
6871  break;
6872  }
6873 
6874  /* Stop the task. */
6875 
6876  auth_opts = omp_authenticate_info_opts_defaults;
6877  auth_opts.username = owner;
6878  if (omp_authenticate_info_ext_c (&connection, auth_opts))
6879  {
6880  g_free (task_uuid);
6881  g_free (owner);
6882  g_free (owner_uuid);
6883  openvas_connection_free (&connection);
6884  exit (EXIT_FAILURE);
6885  }
6886 
6887  if (omp_stop_task_c (&connection, task_uuid))
6888  {
6889  g_free (task_uuid);
6890  g_free (owner);
6891  g_free (owner_uuid);
6892  openvas_connection_free (&connection);
6893  exit (EXIT_FAILURE);
6894  }
6895 
6896  g_free (task_uuid);
6897  g_free (owner);
6898  g_free (owner_uuid);
6899  openvas_connection_free (&connection);
6900  exit (EXIT_SUCCESS);
6901  }
6902 
6905 
6907 
6908  return 0;
6909 }
int task_schedule_periods_uuid(const gchar *)
Set the next time a scheduled task will be due.
Definition: manage_sql.c:19000
long long int schedule_t
Definition: manage.h:299
schedule_t task_schedule_uuid(const gchar *)
Return the schedule of a task.
Definition: manage_sql.c:18938
void reinit_manage_process()
Reinitialize the manage library for a process.
Definition: manage_sql.c:14347
A generic SQL iterator.
Definition: iterator.h:52
time_t task_schedule_iterator_period(iterator_t *iterator)
Get the period from a task schedule iterator.
Definition: manage_sql.c:49407
void cleanup_task_schedule_iterator(iterator_t *iterator)
Cleanup a task schedule iterator.
Definition: manage_sql.c:49341
int task_uuid(task_t, char **)
Return the UUID of a task.
Definition: manage_sql.c:17885
int manage_update_nvti_cache()
Update the memory cache of NVTs, if this has been requested.
Definition: manage_sql.c:14475
void reschedule_task(const gchar *task_id)
Set a task&#39;s schedule so that it runs again next scheduling round.
Definition: manage_sql.c:19482
const char * task_schedule_iterator_task_uuid(iterator_t *)
void set_task_schedule_next_time_uuid(const gchar *task_id, time_t time)
Set the next time a scheduled task will be due.
Definition: manage_sql.c:19071
void clear_duration_schedules(task_t)
Clear once-off schedules from tasks where the duration has passed.
Definition: manage_sql.c:19289
const char * task_schedule_iterator_owner_uuid(iterator_t *)
void manage_session_init(const char *uuid)
Setup session.
Definition: manage_pg.c:46
gboolean task_schedule_iterator_stop_due(iterator_t *iterator)
Get the stop due state from a task schedule iterator.
Definition: manage_sql.c:49539
task_t task_schedule_iterator_task(iterator_t *iterator)
Get the task from a task schedule iterator.
Definition: manage_sql.c:49355
time_t task_schedule_iterator_period_months(iterator_t *iterator)
Get the period months from a task schedule iterator.
Definition: manage_sql.c:49421
void update_duration_schedule_periods(task_t)
Update tasks with limited run schedules which have durations.
Definition: manage_sql.c:19334
gboolean task_schedule_iterator_start_due(iterator_t *iterator)
Get the start due state from a task schedule iterator.
Definition: manage_sql.c:49507
time_t task_schedule_iterator_first_time(iterator_t *iterator)
Get the first time from a task schedule iterator.
Definition: manage_sql.c:49435
int set_task_schedule_uuid(const gchar *task_id, schedule_t schedule, int periods)
Set the schedule of a task.
Definition: manage_sql.c:18836
int init_task_schedule_iterator(iterator_t *iterator)
Initialise a task schedule iterator.
Definition: manage_sql.c:49284
const char * task_schedule_iterator_owner_name(iterator_t *)
int schedule_duration(schedule_t)
Return the duration of a schedule.
Definition: manage_sql.c:49034
void set_task_schedule_next_time(task_t task, time_t time)
Set the next time a scheduled task will be due.
Definition: manage_sql.c:19058
credentials_t current_credentials
Current credentials during any OMP command.
Definition: manage.c:717
void auto_delete_reports()
Auto delete reports.
Definition: manage_sql.c:19380
time_t next_time(time_t first, int period, int period_months, const char *timezone, int periods_offset)
Calculate the next time from now given a start time and a period.
Definition: manage_utils.c:287
gboolean next(iterator_t *)
Increment an iterator.
Definition: sql.c:689
long long int task_t
Definition: manage.h:286
int set_task_schedule_periods(const gchar *, int)
Set the schedule periods of a task, given a UUID.
Definition: manage_sql.c:18869
const char * task_schedule_iterator_timezone(iterator_t *)
gboolean task_schedule_iterator_timed_out(iterator_t *iterator)
Get if schedule of task in iterator is timed out.
Definition: manage_sql.c:49587
int schedule_period(schedule_t)
Return the period of a schedule.
Definition: manage_sql.c:49020
time_t task_schedule_next_time_uuid(const gchar *)
Set the next time a scheduled task will be due.
Definition: manage_sql.c:19038
Here is the call graph for this function:

◆ manage_system_report()

int manage_system_report ( const char *  name,
const char *  duration,
const char *  start_time,
const char *  end_time,
const char *  slave_id,
char **  report 
)

Get a system report.

Parameters
[in]nameName of report.
[in]durationTime range of report, in seconds.
[in]start_timeTime of first data point in report.
[in]end_timeTime of last data point in report.
[in]slave_idID of slave to get report from. 0 for local.
[out]reportOn success, report in base64 if such a report exists else NULL. Arbitrary on error.
Returns
0 if successful (including failure to find report), -1 on error, 3 if used the fallback report, 4 could not connect to slave, 5 authentication failed, 6 failed to get system report.

Definition at line 6240 of file manage.c.

References manage_system_report(), and parse_iso_time().

Referenced by manage_system_report().

6243 {
6244  gchar *astdout = NULL;
6245  gchar *astderr = NULL;
6246  GError *err = NULL;
6247  gint exit_status;
6248  gchar *command;
6249  time_t start_time_num, end_time_num, duration_num;
6250  start_time_num = 0;
6251  end_time_num = 0;
6252  duration_num = 0;
6253 
6254  assert (name);
6255 
6256  if (duration && strcmp (duration, ""))
6257  {
6258  duration_num = atol (duration);
6259  if (duration_num == 0)
6260  return manage_system_report ("blank", NULL, NULL, NULL,
6261  NULL, report);
6262  }
6263  if (start_time && strcmp (start_time, ""))
6264  {
6265  start_time_num = parse_iso_time (start_time);
6266  if (start_time_num == 0)
6267  return manage_system_report ("blank", NULL, NULL, NULL,
6268  NULL, report);
6269  }
6270  if (end_time && strcmp (end_time, ""))
6271  {
6272  end_time_num = parse_iso_time (end_time);
6273  if (end_time_num == 0)
6274  return manage_system_report ("blank", NULL, NULL, NULL,
6275  NULL, report);
6276  }
6277 
6278  if (slave_id && strcmp (slave_id, "0"))
6279  return slave_system_report (name, duration, start_time, end_time,
6280  slave_id, report);
6281 
6282  /* For simplicity, it's up to the command to do the base64 encoding. */
6283  if (start_time && strcmp (start_time, ""))
6284  {
6285  if (end_time && strcmp (end_time, ""))
6286  {
6287  command = g_strdup_printf ("openvasmr %ld %ld %s",
6288  start_time_num,
6289  end_time_num,
6290  name);
6291  }
6292  else if (duration && strcmp (duration, ""))
6293  {
6294  command = g_strdup_printf ("openvasmr %ld %ld %s",
6295  start_time_num,
6296  start_time_num + duration_num,
6297  name);
6298  }
6299  else
6300  {
6301  command = g_strdup_printf ("openvasmr %ld %ld %s",
6302  start_time_num,
6303  start_time_num + DEFAULT_DURATION,
6304  name);
6305  }
6306  }
6307  else if (end_time && strcmp (end_time, ""))
6308  {
6309  if (duration && strcmp (duration, ""))
6310  {
6311  command = g_strdup_printf ("openvasmr %ld %ld %s",
6312  end_time_num - duration_num,
6313  end_time_num,
6314  name);
6315  }
6316  else
6317  {
6318  command = g_strdup_printf ("openvasmr %ld %ld %s",
6319  end_time_num - DEFAULT_DURATION,
6320  end_time_num,
6321  name);
6322  }
6323  }
6324  else
6325  {
6326  if (duration && strcmp (duration, ""))
6327  {
6328  command = g_strdup_printf ("openvasmr %ld %s",
6329  duration_num,
6330  name);
6331  }
6332  else
6333  {
6334  command = g_strdup_printf ("openvasmr %ld %s",
6336  name);
6337  }
6338  }
6339 
6340  g_debug (" command: %s", command);
6341 
6342  if ((g_spawn_command_line_sync (command,
6343  &astdout,
6344  &astderr,
6345  &exit_status,
6346  &err)
6347  == FALSE)
6348  || (WIFEXITED (exit_status) == 0)
6349  || WEXITSTATUS (exit_status))
6350  {
6351  int ret;
6352  double load[3];
6353  GError *get_error;
6354  gchar *output;
6355  gsize output_len;
6356  GString *buffer;
6357 
6358  g_debug ("%s: openvasmr failed with %d", __FUNCTION__, exit_status);
6359  g_debug ("%s: stdout: %s", __FUNCTION__, astdout);
6360  g_debug ("%s: stderr: %s", __FUNCTION__, astderr);
6361  g_free (astdout);
6362  g_free (astderr);
6363  g_free (command);
6364 
6365  buffer = g_string_new (FALLBACK_SYSTEM_REPORT_HEADER);
6366 
6367  ret = getloadavg (load, 3);
6368  if (ret == 3)
6369  {
6370  g_string_append_printf (buffer,
6371  "Load average for past minute: %.1f\n",
6372  load[0]);
6373  g_string_append_printf (buffer,
6374  "Load average for past 5 minutes: %.1f\n",
6375  load[1]);
6376  g_string_append_printf (buffer,
6377  "Load average for past 15 minutes: %.1f\n",
6378  load[2]);
6379  }
6380  else
6381  g_string_append (buffer, "Error getting load averages.\n");
6382 
6383  get_error = NULL;
6384  g_file_get_contents ("/proc/meminfo",
6385  &output,
6386  &output_len,
6387  &get_error);
6388  if (get_error)
6389  g_error_free (get_error);
6390  else
6391  {
6392  gchar *safe;
6393  g_string_append (buffer, "\n/proc/meminfo:\n\n");
6394  safe = g_markup_escape_text (output, strlen (output));
6395  g_free (output);
6396  g_string_append (buffer, safe);
6397  g_free (safe);
6398  }
6399 
6400  *report = g_string_free (buffer, FALSE);
6401  return 3;
6402  }
6403  g_free (astderr);
6404  g_free (command);
6405  if (astdout == NULL || strlen (astdout) == 0)
6406  {
6407  g_free (astdout);
6408  if (strcmp (name, "blank") == 0)
6409  return -1;
6410  return manage_system_report ("blank", NULL, NULL, NULL,
6411  NULL, report);
6412  }
6413  else
6414  *report = astdout;
6415  return 0;
6416 }
int parse_iso_time(const char *text_time)
Convert an ISO time into seconds since epoch.
Definition: manage_sql.c:875
#define DEFAULT_DURATION
Definition: manage.c:6222
int manage_system_report(const char *name, const char *duration, const char *start_time, const char *end_time, const char *slave_id, char **report)
Get a system report.
Definition: manage.c:6240
#define FALLBACK_SYSTEM_REPORT_HEADER
Header for fallback system report.
Definition: manage.c:6217
Here is the call graph for this function:
Here is the caller graph for this function:

◆ message_type_threat()

const char* message_type_threat ( const char *  type)

Get the threat of a message type.

Parameters
typeMessage type.
Returns
Static threat name if type names a message type, else NULL.

Definition at line 553 of file manage.c.

Referenced by note_iterator_threat().

554 {
555  if (strcasecmp (type, "Alarm") == 0)
556  return "Alarm";
557  if (strcasecmp (type, "Security Hole") == 0)
558  return "High";
559  if (strcasecmp (type, "Security Warning") == 0)
560  return "Medium";
561  if (strcasecmp (type, "Security Note") == 0)
562  return "Low";
563  if (strcasecmp (type, "Log Message") == 0)
564  return "Log";
565  if (strcasecmp (type, "Debug Message") == 0)
566  return "Debug";
567  if (strcasecmp (type, "Error Message") == 0)
568  return "Error";
569  if (strcasecmp (type, "False Positive") == 0)
570  return "False Positive";
571  return NULL;
572 }
Here is the caller graph for this function:

◆ move_task()

int move_task ( const char *  task_id,
const char *  slave_id 
)

Reassign a task to another slave.

Parameters
[in]task_idUUID of task.
[in]slave_idUUID of slave.
Returns
0 success, 1 success, process forked, 2 task not found, 3 slave not found, 4 slaves not supported by scanner, 5 task cannot be stopped currently, 6 scanner does not allow stopping, 7 new scanner does not support slaves, 98 stop and resume permission denied, 99 permission denied, -1 error.

Definition at line 5576 of file manage.c.

References acl_user_has_access_uuid(), acl_user_may(), find_scanner_with_permission(), find_task_with_permission(), resume_task(), SCANNER_TYPE_CVE, SCANNER_TYPE_OMP, SCANNER_TYPE_OPENVAS, SCANNER_UUID_DEFAULT, set_task_scanner(), stop_task_internal(), task_run_status(), task_scanner(), TASK_STATUS_DELETE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_WAITING, TASK_STATUS_DELETE_WAITING, TASK_STATUS_REQUESTED, TASK_STATUS_RUNNING, TASK_STATUS_STOP_REQUESTED, TASK_STATUS_STOP_REQUESTED_GIVEUP, and TASK_STATUS_STOP_WAITING.

5577 {
5578  task_t task;
5579  int task_scanner_type, slave_scanner_type;
5580  scanner_t slave, scanner;
5581  task_status_t status;
5582  int should_resume_task = 0;
5583 
5584  if (task_id == NULL)
5585  return -1;
5586  if (slave_id == NULL)
5587  return -1;
5588 
5589  if (acl_user_may ("modify_task") == 0)
5590  return 99;
5591 
5592  /* Find the task. */
5593 
5594  if (find_task_with_permission (task_id, &task, "get_tasks"))
5595  return -1;
5596  if (task == 0)
5597  return 2;
5598 
5599  /* Make sure destination scanner supports slavery. */
5600 
5601  if (strcmp (slave_id, "") == 0)
5602  slave_id = SCANNER_UUID_DEFAULT;
5603 
5604  if (find_scanner_with_permission (slave_id, &slave, "get_scanners"))
5605  return -1;
5606  if (slave == 0)
5607  return 3;
5608 
5609  slave_scanner_type = scanner_type (slave);
5610  if (slave_scanner_type != SCANNER_TYPE_OPENVAS
5611  && slave_scanner_type != SCANNER_TYPE_OMP)
5612  return 7;
5613 
5614  /* Make sure current scanner supports slavery. */
5615 
5616  scanner = task_scanner (task);
5617  if (scanner == 0)
5618  return -1;
5619 
5620  task_scanner_type = scanner_type (scanner);
5621  if (task_scanner_type != SCANNER_TYPE_OPENVAS
5622  && task_scanner_type != SCANNER_TYPE_OMP)
5623  return 4;
5624 
5625  /* Stop task if required. */
5626 
5627  status = task_run_status (task);
5628 
5629  switch (status)
5630  {
5635  case TASK_STATUS_REQUESTED:
5636  // Task cannot be stopped now
5637  return 5;
5638  break;
5639  case TASK_STATUS_RUNNING:
5640  if (task_scanner_type == SCANNER_TYPE_CVE)
5641  return 6;
5642  // Check permissions to stop and resume task
5643  if (acl_user_has_access_uuid ("task", task_id, "stop_task", 0)
5644  && acl_user_has_access_uuid ("task", task_id, "resume_task", 0))
5645  {
5646  // Stop the task, wait and resume after changes
5647  stop_task_internal (task);
5648  should_resume_task = 1;
5649 
5650  status = task_run_status (task);
5651  while (status == TASK_STATUS_STOP_REQUESTED
5653  || status == TASK_STATUS_STOP_WAITING)
5654  {
5655  sleep (5);
5656  status = task_run_status (task);
5657  }
5658  }
5659  else
5660  return 98;
5661  break;
5665  while (status == TASK_STATUS_STOP_REQUESTED
5667  || status == TASK_STATUS_STOP_WAITING)
5668  {
5669  sleep (5);
5670  status = task_run_status (task);
5671  }
5672  break;
5673  default:
5674  break;
5675  }
5676 
5677  /* Update scanner. */
5678 
5679  set_task_scanner (task, slave);
5680 
5681  /* Resume task if required. */
5682 
5683  if (should_resume_task)
5684  {
5685  pid_t pid = getpid ();
5686 
5687  resume_task (task_id, NULL);
5688 
5689  if (getpid () != pid)
5690  return 1;
5691  }
5692 
5693  return 0;
5694 }
task_status_t
Task statuses, also used as scan/report statuses.
Definition: manage.h:218
int resume_task(const char *task_id, char **report_id)
Resume a task.
Definition: manage.c:5543
int acl_user_has_access_uuid(const char *type, const char *uuid, const char *permission, int trash)
Test whether the user may access a resource.
Definition: manage_acl.c:758
void set_task_scanner(task_t, scanner_t)
Set the scanner of a task.
Definition: manage_sql.c:18208
task_status_t task_run_status(task_t)
Return the run state of a task.
Definition: manage_sql.c:18238
unsigned int task_id(task_t)
Return the identifier of a task.
Definition: manage_sql.c:17869
#define SCANNER_UUID_DEFAULT
UUID of &#39;OpenVAS Default&#39; scanner.
Definition: manage_sql.h:203
int stop_task_internal(task_t task)
Initiate stopping a task.
Definition: manage.c:5447
gboolean find_task_with_permission(const char *, task_t *, const char *)
Find a task for a specific permission, given a UUID.
Definition: manage_sql.c:32587
scanner_t task_scanner(task_t)
Return the scanner of a task.
Definition: manage_sql.c:18183
int acl_user_may(const char *operation)
Test whether a user may perform an operation.
Definition: manage_acl.c:56
scanner_type
Scanner types.
Definition: manage.h:267
gboolean find_scanner_with_permission(const char *, scanner_t *, const char *)
Find a scanner for a specific permission, given a UUID.
Definition: manage_sql.c:47309
long long int task_t
Definition: manage.h:286
long long int scanner_t
Definition: manage.h:300
Here is the call graph for this function:

◆ next_file()

gboolean next_file ( file_iterator_t iterator)

Increment a report type iterator.

The caller must stop using this after it returns FALSE.

Parameters
[in]iteratorTask iterator.
Returns
TRUE if there was a next item, else FALSE.

Definition at line 7159 of file manage.c.

References file_iterator_t::current.

7160 {
7161  iterator->current++;
7162  if (*iterator->current == NULL) return FALSE;
7163  return TRUE;
7164 }
gpointer * current
Current file.
Definition: manage.h:3054

◆ next_report_type()

gboolean next_report_type ( report_type_iterator_t iterator)

Increment a report type iterator.

The caller must stop using this after it returns FALSE.

Parameters
[in]iteratorTask iterator.
Returns
TRUE if there was a next item, else FALSE.

Definition at line 6081 of file manage.c.

References report_type_iterator_t::current.

6082 {
6083  iterator->current++;
6084  if (*iterator->current == NULL) return FALSE;
6085  return TRUE;
6086 }
gchar ** current
Current type.
Definition: manage.h:2616

◆ openvas_current_sync()

int openvas_current_sync ( const gchar *  sync_script,
gchar **  timestamp,
gchar **  user 
)

Determine if the administrator is synchronizing with a feed.

Parameters
[in]sync_scriptThe file name of the synchronization script.
[out]timestampNewly allocated time that sync started, if syncing.
[out]userNewly allocated user who started sync, if syncing.
Returns
0 success, 1 success when sync in progress, -1 error.

Definition at line 8880 of file manage.c.

8882 {
8883  gchar *lockfile_name, *content, **lines;
8884  GError *error = NULL;
8885 
8886  g_assert (sync_script);
8887 
8888  lockfile_name =
8889  g_build_filename (g_get_tmp_dir (), "openvas-feed-sync", sync_script, NULL);
8890  if (!g_file_get_contents (lockfile_name, &content, NULL, &error))
8891  {
8892  if (g_error_matches (error, G_FILE_ERROR, G_FILE_ERROR_NOENT)
8893  || g_error_matches (error, G_FILE_ERROR, G_FILE_ERROR_ACCES))
8894  {
8895  g_error_free (error);
8896  g_free (lockfile_name);
8897  return 0;
8898  }
8899 
8900  g_warning ("%s: %s", __FUNCTION__, error->message);
8901  g_error_free (error);
8902  g_free (lockfile_name);
8903  return -1;
8904  }
8905 
8906  lines = g_strsplit (content, "\n", 2);
8907  g_free (content);
8908  if (lines[0] && lines[1])
8909  {
8910  *timestamp = g_strdup (lines[0]);
8911  *user = g_strdup (lines[1]);
8912 
8913  g_free (lockfile_name);
8914  g_strfreev (lines);
8915  return 1;
8916  }
8917 
8918  g_free (lockfile_name);
8919  g_strfreev (lines);
8920  return -1;
8921 }

◆ openvas_get_sync_script_description()

gboolean openvas_get_sync_script_description ( const gchar *  sync_script,
gchar **  description 
)

Retrieves description of a feed sync script, with basic validation.

Parameters
[in]sync_scriptThe file name of the synchronization script.
[out]descriptionReturn location of the description string.
Returns
TRUE if the description was retrieved, or FALSE if an error occurred.

Definition at line 8207 of file manage.c.

8209 {
8210  g_assert (sync_script);
8211  g_assert_cmpstr (*description, ==, NULL);
8212 
8213  gchar *script_working_dir = g_path_get_dirname (sync_script);
8214 
8215  gchar **argv = (gchar **) g_malloc (3 * sizeof (gchar *));
8216  argv[0] = g_strdup (sync_script);
8217  argv[1] = g_strdup ("--describe");
8218  argv[2] = NULL;
8219 
8220  gchar *script_out;
8221  gchar *script_err;
8222  gint script_exit;
8223  GError *error = NULL;
8224 
8225  if (!g_spawn_sync
8226  (script_working_dir, argv, NULL, 0, NULL, NULL, &script_out, &script_err,
8227  &script_exit, &error))
8228  {
8229  g_warning ("Failed to execute %s: %s", sync_script, error->message);
8230 
8231  g_free (script_working_dir);
8232  g_strfreev (argv);
8233  g_free (script_out);
8234  g_free (script_err);
8235  g_error_free (error);
8236 
8237  return FALSE;
8238  }
8239 
8240  if (script_exit != 0)
8241  {
8242  g_warning ("%s returned a non-zero exit code.", sync_script);
8243 
8244  g_free (script_working_dir);
8245  g_strfreev (argv);
8246  g_free (script_out);
8247  g_free (script_err);
8248 
8249  return FALSE;
8250  }
8251 
8252  *description = g_strdup (script_out);
8253 
8254  g_free (script_working_dir);
8255  g_strfreev (argv);
8256  g_free (script_out);
8257  g_free (script_err);
8258 
8259  return TRUE;
8260 }

◆ openvas_get_sync_script_feed_version()

gboolean openvas_get_sync_script_feed_version ( const gchar *  sync_script,
gchar **  feed_version 
)

Retrieves the version of a feed handled by the sync, with basic validation.

Parameters
[in]sync_scriptThe file name of the synchronization script.
[out]feed_versionReturn location of the feed version string.
Returns
TRUE if the feed version was retrieved, or FALSE if an error occurred.

Definition at line 8273 of file manage.c.

8275 {
8276  g_assert (sync_script);
8277  g_assert_cmpstr (*feed_version, ==, NULL);
8278 
8279  gchar *script_working_dir = g_path_get_dirname (sync_script);
8280 
8281  gchar **argv = (gchar **) g_malloc (3 * sizeof (gchar *));
8282  argv[0] = g_strdup (sync_script);
8283  argv[1] = g_strdup ("--feedversion");
8284  argv[2] = NULL;
8285 
8286  gchar *script_out;
8287  gchar *script_err;
8288  gint script_exit;
8289  GError *error = NULL;
8290 
8291  if (!g_spawn_sync
8292  (script_working_dir, argv, NULL, 0, NULL, NULL, &script_out, &script_err,
8293  &script_exit, &error))
8294  {
8295  g_warning ("Failed to execute %s: %s", sync_script, error->message);
8296 
8297  g_free (script_working_dir);
8298  g_strfreev (argv);
8299  g_free (script_out);
8300  g_free (script_err);
8301  g_error_free (error);
8302 
8303  return FALSE;
8304  }
8305 
8306  if (script_exit != 0)
8307  {
8308  g_warning ("%s returned a non-zero exit code.", sync_script);
8309 
8310  g_free (script_working_dir);
8311  g_strfreev (argv);
8312  g_free (script_out);
8313  g_free (script_err);
8314 
8315  return FALSE;
8316  }
8317 
8318  *feed_version = g_strdup (script_out);
8319 
8320  g_free (script_working_dir);
8321  g_strfreev (argv);
8322  g_free (script_out);
8323  g_free (script_err);
8324 
8325  return TRUE;
8326 }

◆ openvas_get_sync_script_identification()

gboolean openvas_get_sync_script_identification ( const gchar *  sync_script,
gchar **  identification,
int  feed_type 
)

Retrieves the ID string of a feed sync script, with basic validation.

Parameters
[in]sync_scriptThe file name of the synchronization script.
[out]identificationReturn location of the identification string.
[in]feed_typeCould be NVT_FEED, SCAP_FEED or CERT_FEED.
Returns
TRUE if the identification string was retrieved, or FALSE if an error occurred.

Definition at line 8112 of file manage.c.

References CERT_FEED, NVT_FEED, and SCAP_FEED.

Referenced by openvas_migrate_secinfo(), and openvas_sync_feed().

8115 {
8116  g_assert (sync_script);
8117  if (identification)
8118  g_assert_cmpstr (*identification, ==, NULL);
8119 
8120  gchar *script_working_dir = g_path_get_dirname (sync_script);
8121 
8122  gchar **argv = (gchar **) g_malloc (3 * sizeof (gchar *));
8123  argv[0] = g_strdup (sync_script);
8124  argv[1] = g_strdup ("--identify");
8125  argv[2] = NULL;
8126 
8127  gchar *script_out;
8128  gchar *script_err;
8129  gint script_exit;
8130  GError *error = NULL;
8131 
8132  gchar **script_identification;
8133 
8134  if (!g_spawn_sync
8135  (script_working_dir, argv, NULL, 0, NULL, NULL, &script_out, &script_err,
8136  &script_exit, &error))
8137  {
8138  g_warning ("Failed to execute %s: %s", sync_script, error->message);
8139 
8140  g_free (script_working_dir);
8141  g_strfreev (argv);
8142  g_free (script_out);
8143  g_free (script_err);
8144  g_error_free (error);
8145 
8146  return FALSE;
8147  }
8148 
8149  if (script_exit != 0)
8150  {
8151  g_warning ("%s returned a non-zero exit code.", sync_script);
8152 
8153  g_free (script_working_dir);
8154  g_strfreev (argv);
8155  g_free (script_out);
8156  g_free (script_err);
8157 
8158  return FALSE;
8159  }
8160 
8161  script_identification = g_strsplit (script_out, "|", 6);
8162 
8163  if ((script_identification[0] == NULL)
8164  || (feed_type == NVT_FEED
8165  && g_ascii_strncasecmp (script_identification[0], "NVTSYNC", 7))
8166  || (feed_type == SCAP_FEED
8167  && g_ascii_strncasecmp (script_identification[0], "SCAPSYNC", 7))
8168  || (feed_type == CERT_FEED
8169  && g_ascii_strncasecmp (script_identification[0], "CERTSYNC", 7))
8170  || g_ascii_strncasecmp (script_identification[0], script_identification[5], 7))
8171  {
8172  g_warning ("%s is not a feed synchronization script", sync_script);
8173 
8174  g_free (script_working_dir);
8175  g_strfreev (argv);
8176  g_free (script_out);
8177  g_free (script_err);
8178 
8179  g_strfreev (script_identification);
8180 
8181  return FALSE;
8182  }
8183 
8184  if (identification)
8185  *identification = g_strdup (script_out);
8186 
8187  g_free (script_working_dir);
8188  g_strfreev (argv);
8189  g_free (script_out);
8190  g_free (script_err);
8191 
8192  g_strfreev (script_identification);
8193 
8194  return TRUE;
8195 }
#define NVT_FEED
Definition: manage.h:4141
#define SCAP_FEED
Definition: manage.h:4142
#define CERT_FEED
Definition: manage.h:4143
Here is the caller graph for this function:

◆ openvas_migrate_secinfo()

int openvas_migrate_secinfo ( const gchar *  sync_script,
int  feed_type 
)

Migrates SCAP or CERT database, waiting until migration terminates.

Calls a sync script to migrate the SCAP or CERT database.

Parameters
[in]sync_scriptThe file name of the synchronization script.
[in]feed_typeCould be SCAP_FEED or CERT_FEED.
Returns
0 sync complete, 1 sync already in progress, -1 error

Definition at line 8645 of file manage.c.

References CERT_FEED, openvas_get_sync_script_identification(), and SCAP_FEED.

8646 {
8647  int fd, ret = 0;
8648  gchar *lockfile_name, *lockfile_dirname;
8649  pid_t pid;
8650  mode_t old_mask;
8651 
8652  g_assert (sync_script);
8653 
8654  if (feed_type != SCAP_FEED && feed_type != CERT_FEED)
8655  {
8656  g_warning ("Unsupported feed_type!");
8657  return -1;
8658  }
8659 
8661  (sync_script, NULL, feed_type))
8662  {
8663  g_warning ("No valid synchronization script supplied!");
8664  return -1;
8665  }
8666 
8667  /* Open the lock file. */
8668 
8669  lockfile_name =
8670  g_build_filename (g_get_tmp_dir (), "openvas-feed-sync", sync_script, NULL);
8671  lockfile_dirname = g_path_get_dirname (lockfile_name);
8672  old_mask = umask (0);
8673  if (g_mkdir_with_parents (lockfile_dirname,
8674  /* "-rwxrwxrwx" */
8675  S_IRWXU | S_IRWXG | S_IRWXO))
8676  {
8677  umask (old_mask);
8678  g_warning ("Failed to create lock dir '%s': %s", lockfile_dirname,
8679  strerror (errno));
8680  g_free (lockfile_name);
8681  g_free (lockfile_dirname);
8682  return -1;
8683  }
8684  umask (old_mask);
8685  g_free (lockfile_dirname);
8686 
8687  fd =
8688  open (lockfile_name, O_RDWR | O_CREAT | O_EXCL,
8689  S_IWUSR | S_IRUSR | S_IROTH | S_IRGRP /* "-rw-r--r--" */ );
8690  if (fd == -1)
8691  {
8692  if (errno == EEXIST)
8693  return 1;
8694  g_warning ("Failed to open lock file '%s': %s", lockfile_name,
8695  strerror (errno));
8696  g_free (lockfile_name);
8697  return -1;
8698  }
8699 
8700  /* Write the current time and user to the lock file. */
8701  {
8702  const char *output;
8703  int count, left;
8704  time_t now;
8705 
8706  time (&now);
8707  output = ctime (&now);
8708  left = strlen (output);
8709  while (1)
8710  {
8711  count = write (fd, output, left);
8712  if (count < 0)
8713  {
8714  if (errno == EINTR || errno == EAGAIN)
8715  continue;
8716  g_warning ("%s: write: %s", __FUNCTION__, strerror (errno));
8717  goto exit;
8718  }
8719  if (count == left)
8720  break;
8721  left -= count;
8722  output += count;
8723  }
8724 
8725  output = ""; // user name
8726  left = strlen (output);
8727  while (1)
8728  {
8729  count = write (fd, output, left);
8730  if (count < 0)
8731  {
8732  if (errno == EINTR || errno == EAGAIN)
8733  continue;
8734  g_warning ("%s: write: %s", __FUNCTION__, strerror (errno));
8735  goto exit;
8736  }
8737  if (count == left)
8738  break;
8739  left -= count;
8740  output += count;
8741  }
8742 
8743  while (1)
8744  {
8745  count = write (fd, "\n", 1);
8746  if (count < 0)
8747  {
8748  if (errno == EINTR || errno == EAGAIN)
8749  continue;
8750  g_warning ("%s: write: %s", __FUNCTION__, strerror (errno));
8751  goto exit;
8752  }
8753  if (count == 1)
8754  break;
8755  }
8756  }
8757 
8758  /* Fork a child to be the sync process. */
8759 
8760  pid = fork ();
8761  switch (pid)
8762  {
8763  case 0:
8764  {
8765  FILE *sync_err, *sync_out;
8766 
8767  /* Child. Become the sync process. */
8768 
8769  sync_out = freopen ("/tmp/openvasad_sync_out", "w", stdout);
8770  if (sync_out == NULL)
8771  {
8772  g_warning ("Failed to reopen stdout: %s", strerror (errno));
8773  exit (EXIT_FAILURE);
8774  }
8775 
8776  sync_err = freopen ("/tmp/openvasad_sync_err", "w", stderr);
8777  if (sync_err == NULL)
8778  {
8779  g_warning ("Failed to reopen stderr: %s", strerror (errno));
8780  fclose (sync_out);
8781  exit (EXIT_FAILURE);
8782  }
8783 
8784  if (execl (sync_script, sync_script, "--migrate", (char *) NULL))
8785  {
8786  g_warning ("Failed to execl %s: %s", sync_script, strerror (errno));
8787  fclose (sync_out);
8788  fclose (sync_err);
8789  exit (EXIT_FAILURE);
8790  }
8791 
8792  fclose (sync_out);
8793  fclose (sync_err);
8794  exit (EXIT_FAILURE);
8795  }
8796  case -1:
8797  /* Parent when error. */
8798 
8799  g_warning ("%s: failed to fork syncer: %s\n", __FUNCTION__,
8800  strerror (errno));
8801  ret = -1;
8802  goto exit;
8803  break;
8804  default:
8805  {
8806  int status;
8807 
8808  /* Parent on success. Wait for child, and handle result. */
8809 
8810  while (wait (&status) < 0)
8811  {
8812  if (errno == ECHILD)
8813  {
8814  g_warning ("Failed to get child exit status");
8815  ret = -1;
8816  goto exit;
8817  }
8818  if (errno == EINTR)
8819  continue;
8820  g_warning ("wait: %s", strerror (errno));
8821  ret = -1;
8822  goto exit;
8823  }
8824  if (WIFEXITED (status))
8825  switch (WEXITSTATUS (status))
8826  {
8827  case EXIT_SUCCESS:
8828  break;
8829  case EXIT_FAILURE:
8830  default:
8831  g_warning ("Error during SecInfo migration.");
8832  ret = -1;
8833  break;
8834  }
8835  else
8836  {
8837  g_message ("Error during SecInfo migration.");
8838  ret = -1;
8839  }
8840 
8841  break;
8842  }
8843  }
8844 
8845 exit:
8846 
8847  /* Close the lock file. */
8848 
8849  if (close (fd))
8850  {
8851  g_free (lockfile_name);
8852  g_warning ("Failed to close lock file: %s", strerror (errno));
8853  return -1;
8854  }
8855 
8856  /* Remove the lock file. */
8857 
8858  if (unlink (lockfile_name))
8859  {
8860  g_free (lockfile_name);
8861  g_warning ("Failed to remove lock file: %s", strerror (errno));
8862  return -1;
8863  }
8864 
8865  g_free (lockfile_name);
8866 
8867  return ret;
8868 }
gboolean openvas_get_sync_script_identification(const gchar *sync_script, gchar **identification, int feed_type)
Retrieves the ID string of a feed sync script, with basic validation.
Definition: manage.c:8112
#define SCAP_FEED
Definition: manage.h:4142
#define CERT_FEED
Definition: manage.h:4143
Here is the call graph for this function:

◆ openvas_sync_feed()

int openvas_sync_feed ( const gchar *  sync_script,
const gchar *  current_user,
int  feed_type 
)

Forks a child to synchronize the local feed collection.

The forked process calls a sync script to sync the feed.

Parameters
[in]sync_scriptThe file name of the synchronization script.
[in]current_userThe user currently authenticated.
[in]feed_typeCould be NVT_FEED, SCAP_FEED or CERT_FEED.
Returns
0 sync requested (parent), 1 sync already in progress (parent), -1 error (parent), 2 sync complete (child), 11 sync in progress (child), -10 error (child), 99 permission denied.

Definition at line 8342 of file manage.c.

References acl_user_may(), NVT_FEED, openvas_get_sync_script_identification(), and SCAP_FEED.

8344 {
8345  int fd, ret = 2;
8346  gchar *lockfile_name, *lockfile_dirname;
8347  gchar *script_identification_string = NULL;
8348  pid_t pid;
8349  mode_t old_mask;
8350 
8351  g_assert (sync_script);
8352  g_assert (current_user);
8353 
8354  if (acl_user_may (feed_type == NVT_FEED
8355  ? "sync_feed"
8356  : (feed_type == SCAP_FEED)
8357  ? "sync_scap"
8358  : "sync_cert") == 0)
8359  return 99;
8360 
8362  (sync_script, &script_identification_string, feed_type))
8363  {
8364  g_warning ("No valid synchronization script supplied!");
8365  return -1;
8366  }
8367 
8368  /* Open the lock file. */
8369 
8370  lockfile_name =
8371  g_build_filename (g_get_tmp_dir (), "openvas-feed-sync", sync_script, NULL);
8372  lockfile_dirname = g_path_get_dirname (lockfile_name);
8373  old_mask = umask (0);
8374  if (g_mkdir_with_parents (lockfile_dirname,
8375  /* "-rwxrwxrwx" */
8376  S_IRWXU | S_IRWXG | S_IRWXO))
8377  {
8378  umask (old_mask);
8379  g_warning ("Failed to create lock dir '%s': %s", lockfile_dirname,
8380  strerror (errno));
8381  g_free (lockfile_name);
8382  g_free (lockfile_dirname);
8383  return -1;
8384  }
8385  umask (old_mask);
8386  g_free (lockfile_dirname);
8387 
8388  fd =
8389  open (lockfile_name, O_RDWR | O_CREAT | O_EXCL,
8390  S_IWUSR | S_IRUSR | S_IROTH | S_IRGRP /* "-rw-r--r--" */ );
8391  if (fd == -1)
8392  {
8393  if (errno == EEXIST)
8394  return 1;
8395  g_warning ("Failed to open lock file '%s': %s", lockfile_name,
8396  strerror (errno));
8397  g_free (lockfile_name);
8398  return -1;
8399  }
8400 
8401  /* Close and remove the lock file around the fork. Another process may get
8402  * the lock here, in which case the child will simply fail to get the
8403  * lock. */
8404 
8405  if (close (fd))
8406  {
8407  g_free (lockfile_name);
8408  g_warning ("Failed to close lock file: %s", strerror (errno));
8409  return -1;
8410  }
8411 
8412  if (unlink (lockfile_name))
8413  {
8414  g_free (lockfile_name);
8415  g_warning ("Failed to remove lock file: %s", strerror (errno));
8416  return -1;
8417  }
8418 
8419  /* Setup SIGCHLD for waiting. */
8420 
8421  if (signal (SIGCHLD, SIG_DFL) == SIG_ERR)
8422  {
8423  g_warning ("Failed to set SIG_DFL");
8424  return -1;
8425  }
8426 
8427  /* Fork a child to run the sync while the parent responds to
8428  * the client. */
8429 
8430  pid = fork ();
8431  switch (pid)
8432  {
8433  case 0:
8434  /* Child. Carry on to sync. */
8435  break;
8436  case -1:
8437  /* Parent when error. */
8438  g_warning ("%s: failed to fork sync child: %s\n", __FUNCTION__,
8439  strerror (errno));
8440  return -1;
8441  break;
8442  default:
8443  /* Parent. Return in order to respond to client. */
8444  return 0;
8445  break;
8446  }
8447 
8448  /* Open the lock file. */
8449 
8450  fd =
8451  open (lockfile_name, O_RDWR | O_CREAT | O_EXCL,
8452  S_IWUSR | S_IRUSR | S_IROTH | S_IRGRP /* "-rw-r--r--" */ );
8453  if (fd == -1)
8454  {
8455  if (errno == EEXIST)
8456  return 11;
8457  g_warning ("Failed to open lock file '%s' (child): %s", lockfile_name,
8458  strerror (errno));
8459  g_free (lockfile_name);
8460  return -10;
8461  }
8462 
8463  /* Write the current time and user to the lock file. */
8464 
8465  {
8466  const char *output;
8467  int count, left;
8468  time_t now;
8469 
8470  time (&now);
8471  output = ctime (&now);
8472  left = strlen (output);
8473  while (1)
8474  {
8475  count = write (fd, output, left);
8476  if (count < 0)
8477  {
8478  if (errno == EINTR || errno == EAGAIN)
8479  continue;
8480  g_warning ("%s: write: %s", __FUNCTION__, strerror (errno));
8481  goto exit;
8482  }
8483  if (count == left)
8484  break;
8485  left -= count;
8486  output += count;
8487  }
8488 
8489  output = current_user;
8490  left = strlen (output);
8491  while (1)
8492  {
8493  count = write (fd, output, left);
8494  if (count < 0)
8495  {
8496  if (errno == EINTR || errno == EAGAIN)
8497  continue;
8498  g_warning ("%s: write: %s", __FUNCTION__, strerror (errno));
8499  goto exit;
8500  }
8501  if (count == left)
8502  break;
8503  left -= count;
8504  output += count;
8505  }
8506 
8507  while (1)
8508  {
8509  count = write (fd, "\n", 1);
8510  if (count < 0)
8511  {
8512  if (errno == EINTR || errno == EAGAIN)
8513  continue;
8514  g_warning ("%s: write: %s", __FUNCTION__, strerror (errno));
8515  goto exit;
8516  }
8517  if (count == 1)
8518  break;
8519  }
8520  }
8521 
8522  /* Fork a child to be the sync process. */
8523 
8524  pid = fork ();
8525  switch (pid)
8526  {
8527  case 0:
8528  {
8529  FILE *sync_err, *sync_out;
8530 
8531  /* Child. Become the sync process. */
8532 
8533  sync_out = freopen ("/tmp/openvasad_sync_out", "w", stdout);
8534  if (sync_out == NULL)
8535  {
8536  g_warning ("Failed to reopen stdout: %s", strerror (errno));
8537  exit (EXIT_FAILURE);
8538  }
8539 
8540  sync_err = freopen ("/tmp/openvasad_sync_err", "w", stderr);
8541  if (sync_err == NULL)
8542  {
8543  g_warning ("Failed to reopen stderr: %s", strerror (errno));
8544  fclose (sync_out);
8545  exit (EXIT_FAILURE);
8546  }
8547 
8548  if (execl (sync_script, sync_script, (char *) NULL))
8549  {
8550  g_warning ("Failed to execl %s: %s", sync_script, strerror (errno));
8551  fclose (sync_out);
8552  fclose (sync_err);
8553  exit (EXIT_FAILURE);
8554  }
8555 
8556  fclose (sync_out);
8557  fclose (sync_err);
8558  exit (EXIT_FAILURE);
8559  }
8560  case -1:
8561  /* Parent when error. */
8562 
8563  g_warning ("%s: failed to fork syncer: %s\n", __FUNCTION__,
8564  strerror (errno));
8565  ret = -1;
8566  goto exit;
8567  break;
8568  default:
8569  {
8570  int status;
8571 
8572  /* Parent on success. Wait for child, and handle result. */
8573 
8574  while (wait (&status) < 0)
8575  {
8576  if (errno == ECHILD)
8577  {
8578  g_warning ("Failed to get child exit status");
8579  ret = -10;
8580  goto exit;
8581  }
8582  if (errno == EINTR)
8583  continue;
8584  g_warning ("wait: %s", strerror (errno));
8585  ret = -10;
8586  goto exit;
8587  }
8588  if (WIFEXITED (status))
8589  switch (WEXITSTATUS (status))
8590  {
8591  case EXIT_SUCCESS:
8592  break;
8593  case EXIT_FAILURE:
8594  default:
8595  g_warning ("Error during synchronization.");
8596  ret = -10;
8597  break;
8598  }
8599  else
8600  {
8601  g_message ("Error during synchronization.");
8602  ret = -10;
8603  }
8604 
8605  break;
8606  }
8607  }
8608 
8609 exit:
8610 
8611  /* Close the lock file. */
8612 
8613  if (close (fd))
8614  {
8615  g_free (lockfile_name);
8616  g_warning ("Failed to close lock file (child): %s", strerror (errno));
8617  return -10;
8618  }
8619 
8620  /* Remove the lock file. */
8621 
8622  if (unlink (lockfile_name))
8623  {
8624  g_free (lockfile_name);
8625  g_warning ("Failed to remove lock file (child): %s", strerror (errno));
8626  return -10;
8627  }
8628 
8629  g_free (lockfile_name);
8630 
8631  return ret;
8632 }
gboolean openvas_get_sync_script_identification(const gchar *sync_script, gchar **identification, int feed_type)
Retrieves the ID string of a feed sync script, with basic validation.
Definition: manage.c:8112
#define NVT_FEED
Definition: manage.h:4141
#define SCAP_FEED
Definition: manage.h:4142
int acl_user_may(const char *operation)
Test whether a user may perform an operation.
Definition: manage_acl.c:56
Here is the call graph for this function:

◆ openvas_sync_script_perform_selftest()

gboolean openvas_sync_script_perform_selftest ( const gchar *  sync_script,
gchar **  result 
)

Request a feed synchronization script selftest.

Ask a feed synchronization script to perform a selftest and report the results.

Parameters
[in]sync_scriptThe file name of the synchronization script.
[out]resultReturn location for selftest errors, or NULL.
Returns
TRUE if the selftest was successful, or FALSE if an error occurred.

Definition at line 8040 of file manage.c.

8042 {
8043  g_assert (sync_script);
8044  g_assert_cmpstr (*result, ==, NULL);
8045 
8046  gchar *script_working_dir = g_path_get_dirname (sync_script);
8047 
8048  gchar **argv = (gchar **) g_malloc (3 * sizeof (gchar *));
8049  argv[0] = g_strdup (sync_script);
8050  argv[1] = g_strdup ("--selftest");
8051  argv[2] = NULL;
8052 
8053  gchar *script_out;
8054  gchar *script_err;
8055  gint script_exit;
8056  GError *error = NULL;
8057 
8058  if (!g_spawn_sync
8059  (script_working_dir, argv, NULL, 0, NULL, NULL, &script_out, &script_err,
8060  &script_exit, &error))
8061  {
8062  if (*result != NULL)
8063  {
8064  *result =
8065  g_strdup_printf ("Failed to execute synchronization " "script: %s",
8066  error->message);
8067  }
8068 
8069  g_free (script_working_dir);
8070  g_strfreev (argv);
8071  g_free (script_out);
8072  g_free (script_err);
8073  g_error_free (error);
8074 
8075  return FALSE;
8076  }
8077 
8078  if (script_exit != 0)
8079  {
8080  if (script_err != NULL)
8081  {
8082  *result = g_strdup_printf ("%s", script_err);
8083  }
8084 
8085  g_free (script_working_dir);
8086  g_strfreev (argv);
8087  g_free (script_out);
8088  g_free (script_err);
8089 
8090  return FALSE;
8091  }
8092 
8093  g_free (script_working_dir);
8094  g_strfreev (argv);
8095  g_free (script_out);
8096  g_free (script_err);
8097 
8098  return TRUE;
8099 }

◆ parse_tags()

void parse_tags ( const char *  scanner_tags,
gchar **  tags,
gchar **  cvss_base 
)

Split up the tags received from the scanner.

Parameters
[in]scanner_tagsThe tags sent by the scanner.
[out]tagsTags.
[out]cvss_baseCVSS base.

Definition at line 7241 of file manage.c.

Referenced by migrate_16_to_17().

7242 {
7243  gchar **split, **point;
7244  GString *tags_buffer;
7245  gboolean first;
7246 
7247  tags_buffer = g_string_new ("");
7248  split = g_strsplit (scanner_tags, "|", 0);
7249  point = split;
7250  *cvss_base = NULL;
7251  first = TRUE;
7252 
7253  while (*point)
7254  {
7255  if (strncmp (*point, "cvss_base=", strlen ("cvss_base=")) == 0)
7256  {
7257  /* Skip this tag. */
7258  }
7259  else if (strncmp (*point,
7260  "cvss_base_vector=",
7261  strlen ("cvss_base_vector="))
7262  == 0)
7263  {
7264  if (*cvss_base == NULL)
7265  *cvss_base = g_strdup_printf ("%.1f",
7266  get_cvss_score_from_base_metrics
7267  (*point
7268  + strlen ("cvss_base_vector=")));
7269  if (first)
7270  first = FALSE;
7271  else
7272  g_string_append_c (tags_buffer, '|');
7273  g_string_append (tags_buffer, *point);
7274  }
7275  else
7276  {
7277  if (first)
7278  first = FALSE;
7279  else
7280  g_string_append_c (tags_buffer, '|');
7281  g_string_append (tags_buffer, *point);
7282  }
7283  point++;
7284  }
7285 
7286  if (tags_buffer->len == 0)
7287  {
7288  g_string_free (tags_buffer, TRUE);
7289  *tags = g_strdup ("NOTAG");
7290  }
7291  else
7292  *tags = g_string_free (tags_buffer, FALSE);
7293  g_strfreev (split);
7294 }
Here is the caller graph for this function:

◆ predefined_report_format_dir()

gchar* predefined_report_format_dir ( const gchar *  uuid)

Get the directory of a report format.

Parameters
[in]uuidReport format UUID. NULL to get parent dir.
Returns
Freshly allocated dir name.

Definition at line 7077 of file manage.c.

Referenced by init_report_format_file_iterator().

7078 {
7079  return g_build_filename (OPENVAS_DATA_DIR,
7080  "openvasmd",
7081  "report_formats",
7082  uuid,
7083  NULL);
7084 }
Here is the caller graph for this function:

◆ report_format_param_type_from_name()

report_format_param_type_t report_format_param_type_from_name ( const char *  name)

Get a report format param type from a name.

Parameters
[in]nameParam type name.
Returns
The param type.

Definition at line 6978 of file manage.c.

References REPORT_FORMAT_PARAM_TYPE_BOOLEAN, REPORT_FORMAT_PARAM_TYPE_ERROR, REPORT_FORMAT_PARAM_TYPE_INTEGER, REPORT_FORMAT_PARAM_TYPE_REPORT_FORMAT_LIST, REPORT_FORMAT_PARAM_TYPE_SELECTION, REPORT_FORMAT_PARAM_TYPE_STRING, and REPORT_FORMAT_PARAM_TYPE_TEXT.

6979 {
6980  if (strcmp (name, "boolean") == 0)
6982  if (strcmp (name, "integer") == 0)
6984  if (strcmp (name, "selection") == 0)
6986  if (strcmp (name, "string") == 0)
6988  if (strcmp (name, "text") == 0)
6990  if (strcmp (name, "report_format_list") == 0)
6993 }

◆ report_format_param_type_name()

const char* report_format_param_type_name ( report_format_param_type_t  type)

Get the name of a report format param type.

Parameters
[in]typeParam type.
Returns
The name of the param type.

Definition at line 6947 of file manage.c.

References REPORT_FORMAT_PARAM_TYPE_BOOLEAN, REPORT_FORMAT_PARAM_TYPE_ERROR, REPORT_FORMAT_PARAM_TYPE_INTEGER, REPORT_FORMAT_PARAM_TYPE_REPORT_FORMAT_LIST, REPORT_FORMAT_PARAM_TYPE_SELECTION, REPORT_FORMAT_PARAM_TYPE_STRING, and REPORT_FORMAT_PARAM_TYPE_TEXT.

Referenced by report_format_param_iterator_type_name().

6948 {
6949  switch (type)
6950  {
6952  return "boolean";
6954  return "integer";
6956  return "selection";
6958  return "string";
6960  return "text";
6962  return "report_format_list";
6963  default:
6964  assert (0);
6966  return "ERROR";
6967  }
6968 }
Here is the caller graph for this function:

◆ report_results_filter_term()

gchar* report_results_filter_term ( int  first,
int  rows,
int  apply_overrides,
int  autofp,
int  min_qod 
)

Create a basic filter term to get report results.

Definition at line 752 of file manage.c.

Referenced by report_results_get_data().

754 {
755  return g_strdup_printf ("first=%d rows=%d"
756  " apply_overrides=%d autofp=%d min_qod=%d",
757  first, rows,
758  apply_overrides, autofp, min_qod);
759 }
Here is the caller graph for this function:

◆ report_results_get_data()

get_data_t* report_results_get_data ( int  first,
int  rows,
int  apply_overrides,
int  autofp,
int  min_qod 
)

Create a new basic get_data_t struct to get report results.

Definition at line 766 of file manage.c.

References report_results_filter_term().

Referenced by report_cache_counts(), report_counts(), report_severity(), and task_trend().

768 {
769  get_data_t* get = malloc (sizeof (get_data_t));
770  memset (get, 0, sizeof (get_data_t));
771  get->type = g_strdup ("result");
772  get->filter = report_results_filter_term (first, rows,
773  apply_overrides, autofp, min_qod);
774 
775  return get;
776 }
Command data for a get command.
Definition: manage.h:310
gchar * report_results_filter_term(int first, int rows, int apply_overrides, int autofp, int min_qod)
Create a basic filter term to get report results.
Definition: manage.c:752
Here is the call graph for this function:
Here is the caller graph for this function:

◆ report_type_iterator_name()

const char* report_type_iterator_name ( report_type_iterator_t iterator)

Return the name from a report type iterator.

Parameters
[in]iteratorIterator.
Returns
Name.

Definition at line 6096 of file manage.c.

References report_type_iterator_t::current.

6097 {
6098  return (const char*) *iterator->current;
6099 }
gchar ** current
Current type.
Definition: manage.h:2616

◆ report_type_iterator_title()

const char* report_type_iterator_title ( report_type_iterator_t iterator)

Return the title from a report type iterator.

Parameters
[in]iteratorIterator.
Returns
Title.

Definition at line 6109 of file manage.c.

References report_type_iterator_t::current.

6110 {
6111  const char *name = *iterator->current;
6112  return name + strlen (name) + 1;
6113 }
gchar ** current
Current type.
Definition: manage.h:2616

◆ resume_task()

int resume_task ( const char *  task_id,
char **  report_id 
)

Resume a task.

Parameters
[in]task_idTask UUID.
[out]report_idIf successful, ID of the resultant report.
Returns
22 caller error (task must be in "stopped" state), or any start_task error.

Definition at line 5543 of file manage.c.

References acl_user_may(), find_task_with_permission(), task_run_status(), and TASK_STATUS_STOPPED.

Referenced by move_task().

5544 {
5545  task_t task;
5546  task_status_t run_status;
5547 
5548  if (acl_user_may ("resume_task") == 0)
5549  return 99;
5550 
5551  task = 0;
5552  if (find_task_with_permission (task_id, &task, "resume_task"))
5553  return -1;
5554  if (task == 0)
5555  return 3;
5556 
5557  run_status = task_run_status (task);
5558  if (run_status == TASK_STATUS_STOPPED)
5559  return run_task (task_id, report_id, 1);
5560  return 22;
5561 }
task_status_t
Task statuses, also used as scan/report statuses.
Definition: manage.h:218
task_status_t task_run_status(task_t)
Return the run state of a task.
Definition: manage_sql.c:18238
unsigned int task_id(task_t)
Return the identifier of a task.
Definition: manage_sql.c:17869
gboolean find_task_with_permission(const char *, task_t *, const char *)
Find a task for a specific permission, given a UUID.
Definition: manage_sql.c:32587
int acl_user_may(const char *operation)
Test whether a user may perform an operation.
Definition: manage_acl.c:56
long long int task_t
Definition: manage.h:286
Here is the call graph for this function:
Here is the caller graph for this function:

◆ run_osp_task()

int run_osp_task ( task_t  task)

Start a task on an OSP scanner.

Parameters
[in]taskThe task.
Returns
0 success, 99 permission denied, -1 error.

Definition at line 3996 of file manage.c.

References find_target_with_permission(), target_uuid(), and task_target().

3997 {
3998  target_t target;
3999 
4000  target = task_target (task);
4001  if (target)
4002  {
4003  char *uuid;
4004  target_t found;
4005 
4006  uuid = target_uuid (target);
4007  if (find_target_with_permission (uuid, &found, "get_targets"))
4008  {
4009  g_free (uuid);
4010  return -1;
4011  }
4012  g_free (uuid);
4013  if (found == 0)
4014  return 99;
4015  }
4016 
4017  if (fork_osp_scan_handler (task, target))
4018  {
4019  g_warning ("Couldn't fork OSP scan handler.\n");
4020  return -1;
4021  }
4022  return 0;
4023 }
long long int target_t
Definition: manage.h:285
gboolean find_target_with_permission(const char *, target_t *, const char *)
Find a target for a specific permission, given a UUID.
Definition: manage_sql.c:32834
target_t task_target(task_t)
Return the target of a task.
Definition: manage_sql.c:18111
char * target_uuid(target_t)
Return the UUID of a target.
Definition: manage_sql.c:34773
Here is the call graph for this function:

◆ run_otp_task()

int run_otp_task ( task_t  task,
scanner_t  scanner,
int  from,
char **  report_id 
)

Start an OTP scanner task.

Parameters
[in]taskThe task.
[in]scannerScanner to use.
[in]from0 start from beginning, 1 continue from stopped, 2 continue if stopped else start from beginning.
[out]report_idThe report ID.
Returns
Before forking: 1 task is active already, 3 failed to find task,
Todo:
On fail exits only, may need to honour request states that one of the other processes has set on the task (stop_task, request_delete_task).
Todo:
Also reset status on report, as current_scanner_task is 0 here.

Definition at line 4738 of file manage.c.

4739 {
4740  char title[128], *hosts, *port_range, *port, *uuid;
4741  gchar *plugins;
4742  int fail, pid, ret;
4743  GSList *files = NULL;
4744  GPtrArray *preference_files;
4745  task_status_t run_status;
4746  report_t last_stopped_report;
4747  target_t target;
4748  config_t config;
4749  credential_t ssh_credential, smb_credential, esxi_credential, snmp_credential;
4750  port_list_t port_list;
4751 
4752  /* Setup the task info required for the scan. */
4753 
4754  ret = run_task_setup (task, &config, &target, &port_list, &ssh_credential,
4755  &smb_credential, &esxi_credential, &snmp_credential);
4756  if (ret)
4757  return ret;
4758 
4759  /* When resuming, check that the scanner supports it. */
4760 
4761  if (from > 0 && config_type (config) > 0)
4762  return 4;
4763 
4764  /* For local scans, setup the scanner. */
4765 
4766  switch (scanner_setup (scanner))
4767  {
4768  case 0:
4769  break;
4770  case 1:
4771  return -7;
4772  default:
4773  return -5;
4774  }
4775 
4778  return -5;
4779 
4781  {
4783  return -5;
4784  }
4785 
4786  /* Mark task "Requested".
4787  *
4788  * Every fail exit from here must reset the run status. */
4789 
4790  if (set_task_requested (task, &run_status))
4791  return 1;
4792 
4793  /* Prepare the report. */
4794 
4795  ret = run_task_prepare_report (task, report_id, from, run_status,
4796  &last_stopped_report);
4797  if (ret)
4798  {
4799  set_task_run_status (task, run_status);
4800  return ret;
4801  }
4802 
4803  /* Check target. */
4804 
4805  if (target_hosts (target) == NULL)
4806  {
4807  g_debug (" target hosts is NULL.\n");
4808  set_task_run_status (task, run_status);
4809  return -4;
4810  }
4811 
4813 
4814  /* Every fail exit from here must reset to this run status, and must
4815  * clear current_report. */
4816 
4823  run_status = TASK_STATUS_INTERNAL_ERROR;
4824 
4825  /* Fork a child to start and handle the task while the parent responds to
4826  * the client. */
4827 
4828  pid = fork ();
4829  switch (pid)
4830  {
4831  case 0:
4832  /* Child. Carry on starting the task, reopen the database (required
4833  * after fork). */
4836  break;
4837  case -1:
4838  /* Parent when error. */
4839  g_warning ("%s: Failed to fork task child: %s\n",
4840  __FUNCTION__,
4841  strerror (errno));
4842  set_task_run_status (task, run_status);
4844  current_report = (report_t) 0;
4845  return -9;
4846  break;
4847  default:
4848  /* Parent. Return, in order to respond to client. */
4849  current_report = (report_t) 0;
4850  return 0;
4851  break;
4852  }
4853 
4854  /* Reset any running information. */
4855 
4856  {
4857  char *iface;
4858  iface = task_preference_value (task, "source_iface");
4859  if (iface)
4861  else
4863  free (iface);
4864  }
4865 
4866  uuid = report_uuid (current_report);
4867  snprintf (title, sizeof (title), "openvasmd: OTP: Handling scan %s", uuid);
4868  free (uuid);
4869  proctitle_set (title);
4870 
4875 
4876  /* Send the preferences header. */
4877 
4878  if (send_to_server ("CLIENT <|> PREFERENCES <|>\n"))
4879  {
4880  g_warning ("%s: Failed to send OTP PREFERENCES", __FUNCTION__);
4881  set_task_run_status (task, run_status);
4883  current_report = (report_t) 0;
4884  return -10;
4885  }
4886 
4887  /* Send the plugin list. */
4888 
4889  plugins = nvt_selector_plugins (config);
4890  if (plugins)
4891  {
4892  if (ssh_credential == 0 && smb_credential == 0 && esxi_credential == 0)
4893  fail = sendf_to_server ("plugin_set <|> %s\n", plugins);
4894  else
4895  {
4896  GString *auth_plugins = g_string_new ("");
4897  if (ssh_credential)
4898  g_string_append (auth_plugins, "1.3.6.1.4.1.25623.1.0.90022;");
4899  if (smb_credential)
4900  g_string_append (auth_plugins, "1.3.6.1.4.1.25623.1.0.90023;");
4901  if (esxi_credential)
4902  g_string_append (auth_plugins, "1.3.6.1.4.1.25623.1.0.105058;");
4903  if (snmp_credential)
4904  g_string_append (auth_plugins, "1.3.6.1.4.1.25623.1.0.105076;");
4905 
4906  fail = sendf_to_server ("plugin_set <|> %s%s\n",
4907  auth_plugins->str,
4908  plugins);
4909  g_string_free (auth_plugins, TRUE);
4910  }
4911  }
4912  else
4913  fail = send_to_server ("plugin_set <|> 0\n");
4914  free (plugins);
4915  if (fail)
4916  {
4917  g_warning ("%s: Failed to send OTP plugin_set", __FUNCTION__);
4918  set_task_run_status (task, run_status);
4920  current_report = (report_t) 0;
4921  return -10;
4922  }
4923 
4924  /* Send the scanner and task preferences. */
4925 
4926  if (send_config_preferences (config, "SERVER_PREFS", NULL, NULL))
4927  {
4928  g_warning ("%s: Failed to send OTP SERVER_PREFS", __FUNCTION__);
4929  set_task_run_status (task, run_status);
4931  current_report = (report_t) 0;
4932  return -10;
4933  }
4934 
4935  if (send_task_preferences (task))
4936  {
4937  g_warning ("%s: Failed to send OTP task preferences", __FUNCTION__);
4938  set_task_run_status (task, run_status);
4940  current_report = (report_t) 0;
4941  return -10;
4942  }
4943 
4944  /* Send the port range. */
4945 
4946  port_range = target_port_range (target);
4947  if (sendf_to_server ("port_range <|> %s\n",
4948  port_range ? port_range : "default"))
4949  {
4950  free (port_range);
4951  g_warning ("%s: Failed to send OTP port_range", __FUNCTION__);
4952  set_task_run_status (task, run_status);
4954  current_report = (report_t) 0;
4955  return -10;
4956  }
4957  free (port_range);
4958 
4959  /* Send the SSH LSC port. */
4960 
4961  port = target_ssh_port (target);
4962  if (port && sendf_to_server ("auth_port_ssh <|> %s\n", port))
4963  {
4964  free (port);
4965  g_warning ("%s: Failed to send OTP auth_port_ssh", __FUNCTION__);
4966  set_task_run_status (task, run_status);
4968  current_report = (report_t) 0;
4969  return -10;
4970  }
4971  free (port);
4972 
4973  /* Collect task files to send. */
4974 
4975  files = get_files_to_send (task);
4976 
4977  /* Send the plugins preferences. */
4978 
4979  preference_files = g_ptr_array_new ();
4980  if (send_config_preferences (config, "PLUGINS_PREFS", files, preference_files))
4981  {
4982  g_ptr_array_free (preference_files, TRUE);
4983  slist_free (files);
4984  g_warning ("%s: Failed to send OTP PLUGINS_PREFS", __FUNCTION__);
4985  set_task_run_status (task, run_status);
4987  current_report = (report_t) 0;
4988  return -10;
4989  }
4990 
4991  /* Send other scanner preferences. */
4992 
4993  if (send_scanner_preferences (task, target, last_stopped_report))
4994  {
4995  g_ptr_array_add (preference_files, NULL);
4996  array_free (preference_files);
4997  slist_free (files);
4998  g_warning ("%s: Failed to send OTP scanner preferences", __FUNCTION__);
4999  set_task_run_status (task, run_status);
5001  current_report = (report_t) 0;
5002  return -10;
5003  }
5004 
5005  /* Send credential preferences if there are credentials linked to target. */
5006 
5007  if (ssh_credential)
5008  {
5009  iterator_t credentials;
5010 
5011  init_credential_iterator_one (&credentials, ssh_credential);
5012  if (next (&credentials))
5013  {
5014  const char *user = credential_iterator_login (&credentials);
5015  const char *password = credential_iterator_password (&credentials);
5016 
5017  if (sendf_to_server ("SSH Authorization[entry]:SSH login name:"
5018  " <|> %s\n",
5019  user ? user : "")
5020  || (credential_iterator_private_key (&credentials)
5021  ? sendf_to_server ("SSH Authorization[password]:"
5022  "SSH key passphrase:"
5023  " <|> %s\n",
5024  password ? password : "")
5025  : sendf_to_server ("SSH Authorization[password]:"
5026  "SSH password (unsafe!):"
5027  " <|> %s\n",
5028  password ? password : "")))
5029 
5030  {
5031  fail:
5032  cleanup_iterator (&credentials);
5033  g_ptr_array_add (preference_files, NULL);
5034  array_free (preference_files);
5035  slist_free (files);
5036  g_warning ("%s: Failed to send OTP SSH preferences",
5037  __FUNCTION__);
5038  set_task_run_status (task, run_status);
5040  current_report = (report_t) 0;
5041  return -10;
5042  }
5043 
5044  if (credential_iterator_private_key (&credentials))
5045  {
5046  char *uuid = openvas_uuid_make ();
5047  if (uuid == NULL)
5048  goto fail;
5049 
5050  g_ptr_array_add (preference_files, (gpointer) uuid);
5051  g_ptr_array_add
5052  (preference_files,
5053  (gpointer) g_strdup (credential_iterator_private_key
5054  (&credentials)));
5055 
5056  if (sendf_to_server ("SSH Authorization[file]:"
5057  "SSH private key:"
5058  " <|> %s\n",
5059  uuid))
5060  goto fail;
5061  }
5062  }
5063  cleanup_iterator (&credentials);
5064  }
5065 
5066  if (smb_credential)
5067  {
5068  iterator_t credentials;
5069 
5070  init_credential_iterator_one (&credentials, smb_credential);
5071  if (next (&credentials))
5072  {
5073  const char *user = credential_iterator_login (&credentials);
5074  const char *password = credential_iterator_password (&credentials);
5075 
5076  if (sendf_to_server ("SMB Authorization[entry]:SMB login: <|> %s\n",
5077  user ? user : "")
5078  || sendf_to_server ("SMB Authorization[password]:SMB password:"
5079  " <|> %s\n",
5080  password ? password : ""))
5081  {
5082  cleanup_iterator (&credentials);
5083  g_ptr_array_add (preference_files, NULL);
5084  array_free (preference_files);
5085  slist_free (files);
5086  g_warning ("%s: Failed to send OTP SMB preferences",
5087  __FUNCTION__);
5088  set_task_run_status (task, run_status);
5090  current_report = (report_t) 0;
5091  return -10;
5092  }
5093  }
5094  cleanup_iterator (&credentials);
5095  }
5096 
5097  if (esxi_credential)
5098  {
5099  iterator_t credentials;
5100 
5101  init_credential_iterator_one (&credentials, esxi_credential);
5102  if (next (&credentials))
5103  {
5104  const char *user = credential_iterator_login (&credentials);
5105  const char *password = credential_iterator_password (&credentials);
5106 
5107  if (sendf_to_server ("ESXi Authorization[entry]:ESXi login name:"
5108  " <|> %s\n",
5109  user ? user : "")
5110  || sendf_to_server ("ESXi Authorization[password]:ESXi login password:"
5111  " <|> %s\n",
5112  password ? password : ""))
5113  {
5114  cleanup_iterator (&credentials);
5115  g_ptr_array_add (preference_files, NULL);
5116  array_free (preference_files);
5117  slist_free (files);
5118  g_warning ("%s: Failed to send OTP ESXi preferences",
5119  __FUNCTION__);
5120  set_task_run_status (task, run_status);
5122  current_report = (report_t) 0;
5123  return -10;
5124  }
5125  }
5126  cleanup_iterator (&credentials);
5127  }
5128 
5129  if (snmp_credential)
5130  {
5131  iterator_t credentials;
5132 
5133  init_credential_iterator_one (&credentials, snmp_credential);
5134  if (next (&credentials))
5135  {
5136  const char *community = credential_iterator_community (&credentials);
5137  const char *user = credential_iterator_login (&credentials);
5138  const char *password = credential_iterator_password (&credentials);
5139  const char *auth_algorithm
5140  = credential_iterator_auth_algorithm (&credentials);
5141  const char *privacy_password
5142  = credential_iterator_privacy_password (&credentials);
5143  const char *privacy_algorithm
5144  = credential_iterator_privacy_algorithm (&credentials);
5145 
5146  if (sendf_to_server ("SNMP Authorization[password]:SNMP Community:"
5147  " <|> %s\n",
5148  community ? community : "")
5149  || sendf_to_server ("SNMP Authorization[entry]:SNMPv3 Username:"
5150  " <|> %s\n",
5151  user ? user : "")
5152  || sendf_to_server ("SNMP Authorization[password]:"
5153  "SNMPv3 Password:"
5154  " <|> %s\n",
5155  password ? password : "")
5156  || sendf_to_server ("SNMP Authorization[radio]:"
5157  "SNMPv3 Authentication Algorithm:"
5158  " <|> %s\n",
5159  auth_algorithm ? auth_algorithm : "")
5160  || sendf_to_server ("SNMP Authorization[password]:"
5161  "SNMPv3 Privacy Password:"
5162  " <|> %s\n",
5163  privacy_password ? privacy_password : "")
5164  || sendf_to_server ("SNMP Authorization[radio]:"
5165  "SNMPv3 Privacy Algorithm:"
5166  " <|> %s\n",
5167  privacy_algorithm ? privacy_algorithm : ""))
5168  {
5169  cleanup_iterator (&credentials);
5170  g_ptr_array_add (preference_files, NULL);
5171  array_free (preference_files);
5172  slist_free (files);
5173  g_warning ("%s: Failed to send OTP SNMP preferences",
5174  __FUNCTION__);
5175  set_task_run_status (task, run_status);
5177  current_report = (report_t) 0;
5178  return -10;
5179  }
5180  }
5181  cleanup_iterator (&credentials);
5182  }
5183 
5184  g_ptr_array_add (preference_files, NULL);
5185 
5186  /* Send preferences for target "Alive Test", overriding config values. */
5187 
5188  if (send_alive_test_preferences (target))
5189  {
5190  array_free (preference_files);
5191  slist_free (files);
5192  g_warning ("%s: Failed to send OTP alive test preferences", __FUNCTION__);
5193  set_task_run_status (task, run_status);
5195  current_report = (report_t) 0;
5196  return -10;
5197  }
5198 
5199  /* Send network_targets preference. */
5200 
5201  hosts = target_hosts (target);
5202  assert (hosts);
5203  if (sendf_to_server ("network_targets <|> %s\n", hosts ? hosts : ""))
5204  {
5205  free (hosts);
5206  g_ptr_array_add (preference_files, NULL);
5207  array_free (preference_files);
5208  slist_free (files);
5209  g_warning ("%s: Failed to send OTP network_targets", __FUNCTION__);
5210  set_task_run_status (task, run_status);
5212  current_report = (report_t) 0;
5213  return -10;
5214  }
5215 
5216  /* End off preferences. */
5217 
5218  if (send_to_server ("<|> CLIENT\n"))
5219  {
5220  free (hosts);
5221  array_free (preference_files);
5222  slist_free (files);
5223  g_warning ("%s: Failed to send OTP CLIENT", __FUNCTION__);
5224  set_task_run_status (task, run_status);
5226  current_report = (report_t) 0;
5227  return -10;
5228  }
5229 
5230  /* Send any files stored in the config preferences. */
5231 
5232  {
5233  gchar *file;
5234  int index = 0;
5235  while ((file = g_ptr_array_index (preference_files, index)))
5236  {
5237  GSList *head;
5238  gchar *value;
5239 
5240  index++;
5241 
5242  /* Skip the file if the value of the preference is the name of a
5243  * file associated with the task. */
5244  value = g_ptr_array_index (preference_files, index);
5245  head = files;
5246  while (head)
5247  {
5248  if (strcmp (head->data, value) == 0)
5249  break;
5250  head = g_slist_next (head);
5251  }
5252 
5253  if (head == NULL && send_file (file, value))
5254  {
5255  free (hosts);
5256  array_free (preference_files);
5257  slist_free (files);
5258  g_warning ("%s: Failed to send an OTP file", __FUNCTION__);
5259  set_task_run_status (task, run_status);
5261  current_report = (report_t) 0;
5262  return -10;
5263  }
5264  index++;
5265  }
5266 
5267  array_free (preference_files);
5268  }
5269 
5270  /* Send any files. */
5271 
5272  while (files)
5273  {
5274  GSList *last = files;
5275  if (send_task_file (task, files->data))
5276  {
5277  free (hosts);
5278  slist_free (files);
5279  g_warning ("%s: Failed to send an OTP task file", __FUNCTION__);
5280  set_task_run_status (task, run_status);
5282  current_report = (report_t) 0;
5283  return -10;
5284  }
5285  files = g_slist_next (files);
5286  g_free (last->data);
5287  g_slist_free_1 (last);
5288  }
5289 
5290  /* Send the attack command. */
5291 
5292  /* Send all the hosts to the Scanner. When resuming a stopped task,
5293  * the hosts that have been completely scanned are excluded by being
5294  * included in exclude_hosts preference. */
5295  fail = sendf_to_server ("CLIENT <|> LONG_ATTACK <|>\n%d\n%s\n",
5296  strlen (hosts),
5297  hosts);
5298  free (hosts);
5299  if (fail)
5300  {
5301  g_warning ("%s: Failed to send OTP LONG_ATTACK", __FUNCTION__);
5302  set_task_run_status (task, run_status);
5304  current_report = (report_t) 0;
5305  return -10;
5306  }
5307 
5308  current_scanner_task = task;
5309 
5310  return 2;
5311 }
char * target_port_range(target_t)
Return the port range of a target, in OTP format.
Definition: manage_sql.c:35030
const char * credential_iterator_auth_algorithm(iterator_t *)
void report_set_slave_name(report_t, const gchar *)
Set the name of the slave on a report.
Definition: manage_sql.c:21525
task_status_t
Task statuses, also used as scan/report statuses.
Definition: manage.h:218
char * target_hosts(target_t)
Return the hosts associated with a target.
Definition: manage_sql.c:34855
void report_set_slave_port(report_t, int)
Set the port of the slave of a report.
Definition: manage_sql.c:21559
long long int credential_t
Definition: manage.h:279
char * target_ssh_port(target_t)
Return the SSH LSC port of a target.
Definition: manage_sql.c:34943
const char * credential_iterator_password(iterator_t *)
Get the password from a Credential iterator.
Definition: manage_sql.c:42963
void reinit_manage_process()
Reinitialize the manage library for a process.
Definition: manage_sql.c:14347
long long int target_t
Definition: manage.h:285
long long int config_t
Definition: manage.h:278
int config_type(config_t)
Return the type of a config.
Definition: manage_sql.c:35710
void set_task_run_status(task_t, task_status_t)
Set the run state of a task.
Definition: manage_sql.c:18307
A generic SQL iterator.
Definition: iterator.h:52
int sendf_to_server(const char *format,...)
Format and send a message to the server.
task_t current_scanner_task
The task currently running on the scanner.
Definition: manage.c:998
void report_set_source_iface(report_t, const gchar *)
Set the source interface of a report.
Definition: manage_sql.c:21573
void report_set_slave_uuid(report_t, const gchar *)
Set the UUID of the slave on a report.
Definition: manage_sql.c:21508
int set_task_requested(task_t task, task_status_t *status)
Atomically set the run state of a task to requested.
Definition: manage_sql.c:18336
int openvas_scanner_connected()
Whether we have started a connection to the Scanner using openvas_scanner_connect().
Definition: scanner.c:764
const char * credential_iterator_private_key(iterator_t *)
Get the private_key from a Credential iterator.
Definition: manage_sql.c:42978
const char * credential_iterator_privacy_password(iterator_t *)
Get the privacy password from a Credential iterator.
Definition: manage_sql.c:43008
char * task_preference_value(task_t, const char *)
Get the value of a task preference.
Definition: manage_sql.c:41190
void manage_session_init(const char *uuid)
Setup session.
Definition: manage_pg.c:46
long long int report_t
Definition: manage.h:288
int send_to_server(const char *msg)
Send a message to the server.
void init_credential_iterator_one(iterator_t *, credential_t)
Initialise a Credential iterator, given a single Credential.
Definition: manage_sql.c:42803
int openvas_scanner_is_loading()
Checks whether the connected to OpenVAS Scanner is still loading plugins. To be called right after op...
Definition: scanner.c:876
long long int port_list_t
Definition: manage.h:297
void slist_free(GSList *list)
Free an slist of pointers, including the pointers.
Definition: manage.c:397
int openvas_scanner_connect()
Create a new connection to the scanner and set it as current scanner.
Definition: scanner.c:619
int set_report_scan_run_status(report_t report, task_status_t status)
Return the run status of the scan associated with a report.
Definition: manage_sql.c:24512
report_t current_report
The report of the current task.
Definition: manage.c:1003
void cleanup_iterator(iterator_t *)
Cleanup an iterator.
Definition: sql.c:664
const char * credential_iterator_login(iterator_t *)
int openvas_scanner_init(int cache_mode)
Initializes the already setup connection with the Scanner.
Definition: scanner.c:778
credentials_t current_credentials
Current credentials during any OMP command.
Definition: manage.c:717
char * report_uuid(report_t)
Return the UUID of a report.
Definition: manage_sql.c:21382
void set_report_scheduled(report_t report)
Set a report&#39;s scheduled flag.
Definition: manage_sql.c:18252
const char * credential_iterator_privacy_algorithm(iterator_t *)
gboolean next(iterator_t *)
Increment an iterator.
Definition: sql.c:689
void report_set_slave_host(report_t, const gchar *)
Set the host of the slave of a report.
Definition: manage_sql.c:21542
int openvas_scanner_close()
Finish the connection to the Scanner and free internal buffers.
Definition: scanner.c:551
const char * credential_iterator_community(iterator_t *)
Get the SNMP community from a Credential iterator.
Definition: manage_sql.c:42993

◆ run_status_name()

const char* run_status_name ( task_status_t  status)

Get the name of a run status.

Parameters
[in]statusRun status.
Returns
The name of the status (for example, "Done" or "Running").

Definition at line 1253 of file manage.c.

References TASK_STATUS_DELETE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_WAITING, TASK_STATUS_DELETE_WAITING, TASK_STATUS_DONE, TASK_STATUS_NEW, TASK_STATUS_REQUESTED, TASK_STATUS_RUNNING, TASK_STATUS_STOP_REQUESTED, TASK_STATUS_STOP_REQUESTED_GIVEUP, TASK_STATUS_STOP_WAITING, and TASK_STATUS_STOPPED.

Referenced by sql_run_status_name().

1254 {
1255  switch (status)
1256  {
1259  return "Delete Requested";
1262  return "Ultimate Delete Requested";
1263  case TASK_STATUS_DONE: return "Done";
1264  case TASK_STATUS_NEW: return "New";
1265 
1266  case TASK_STATUS_REQUESTED: return "Requested";
1267 
1268  case TASK_STATUS_RUNNING: return "Running";
1269 
1273  return "Stop Requested";
1274 
1275  case TASK_STATUS_STOPPED: return "Stopped";
1276  default: return "Internal Error";
1277  }
1278 }
Here is the caller graph for this function:

◆ run_status_name_internal()

const char* run_status_name_internal ( task_status_t  status)

Get the unique name of a run status.

Parameters
[in]statusRun status.
Returns
The name of the status (for example, "Done" or "Running").

Definition at line 1288 of file manage.c.

References TASK_STATUS_DELETE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_WAITING, TASK_STATUS_DELETE_WAITING, TASK_STATUS_DONE, TASK_STATUS_NEW, TASK_STATUS_REQUESTED, TASK_STATUS_RUNNING, TASK_STATUS_STOP_REQUESTED, TASK_STATUS_STOP_REQUESTED_GIVEUP, TASK_STATUS_STOP_WAITING, and TASK_STATUS_STOPPED.

1289 {
1290  switch (status)
1291  {
1292  case TASK_STATUS_DELETE_REQUESTED: return "Delete Requested";
1294  return "Ultimate Delete Requested";
1296  return "Ultimate Delete Waiting";
1297  case TASK_STATUS_DELETE_WAITING: return "Delete Waiting";
1298  case TASK_STATUS_DONE: return "Done";
1299  case TASK_STATUS_NEW: return "New";
1300 
1301  case TASK_STATUS_REQUESTED: return "Requested";
1302 
1303  case TASK_STATUS_RUNNING: return "Running";
1304 
1307  return "Stop Requested";
1308 
1310  return "Stop Waiting";
1311 
1312  case TASK_STATUS_STOPPED: return "Stopped";
1313  default: return "Internal Error";
1314  }
1315 }

◆ set_certs()

int set_certs ( const char *  ca_pub,
const char *  key_pub,
const char *  key_priv 
)

Initialise OpenVAS scanner variables, checking for defaults.

Parameters
[in]ca_pubCA Certificate.
[in]key_pubScanner Certificate.
[in]key_privScanner private key.
Returns
0 success, 1 both default CA cert setting and ca_pub were NULL.

Definition at line 4312 of file manage.c.

References manage_default_ca_cert(), and openvas_scanner_set_certs().

Referenced by manage_scanner_set().

4313 {
4314  const char *fallback;
4315 
4316  if (ca_pub == NULL)
4317  fallback = manage_default_ca_cert ();
4318  else
4319  fallback = NULL;
4320 
4321  openvas_scanner_set_certs (fallback ? fallback : ca_pub, key_pub, key_priv);
4322 
4323  if (ca_pub || fallback)
4324  return 0;
4325  return 1;
4326 }
void openvas_scanner_set_certs(const char *ca_pub, const char *key_pub, const char *key_priv)
Set the scanner&#39;s CA Certificate, and public/private key pair.
Definition: scanner.c:853
char * manage_default_ca_cert()
Get the default CA cert.
Definition: manage_sql.c:63139
Here is the call graph for this function:
Here is the caller graph for this function:

◆ set_schedule_timeout()

void set_schedule_timeout ( int  new_timeout)

Set the schedule timeout.

Parameters
new_timeoutThe new schedule timeout in minutes.

Definition at line 6928 of file manage.c.

6929 {
6930  if (new_timeout < 0)
6931  schedule_timeout = -1;
6932  else
6933  schedule_timeout = new_timeout;
6934 }

◆ set_scheduled_user_uuid()

void set_scheduled_user_uuid ( gchar *  user_uuid)

Set UUID of user that scheduled the current task.

Parameters
user_uuidUUID of user that scheduled the current task.

Definition at line 6462 of file manage.c.

References schedule_user_uuid, and user_uuid().

6463 {
6465 }
char * user_uuid(user_t)
Return the UUID of a user.
Definition: manage_sql.c:66308
gchar * schedule_user_uuid
UUID of user whose scheduled task is to be started (in connection with authenticate_allow_all).
Definition: manage.c:6432
Here is the call graph for this function:

◆ severity_data_add()

void severity_data_add ( severity_data_t severity_data,
double  severity 
)

Add a severity occurrence to the counts of a severity_data_t.

Parameters
[in]severity_dataThe severity count struct to add to.
[in]severityThe severity to add.

Definition at line 860 of file manage.c.

References severity_data_t::counts, severity_data_t::max, severity_data_index(), and severity_data_t::total.

861 {
862  (severity_data->counts)[severity_data_index (severity)]++;
863 
864  if (severity_data->total == 0 || severity_data->max <= severity)
865  severity_data->max = severity;
866 
867  (severity_data->total)++;
868 }
int * counts
Definition: manage.h:988
double max
Definition: manage.h:990
int severity_data_index(double severity)
Convert a severity value into an index in the counts array.
Definition: manage.c:789
Here is the call graph for this function:

◆ severity_data_add_count()

void severity_data_add_count ( severity_data_t severity_data,
double  severity,
int  count 
)

Add a multiple severity occurrences to the counts of a severity_data_t.

Parameters
[in]severity_dataThe severity count struct to add to.
[in]severityThe severity to add.
[in]countThe number of occurrences to add.

Definition at line 878 of file manage.c.

880 {
881  (severity_data->counts)[severity_data_index (severity)] += count;
882 
883  if (severity_data->total == 0 || severity_data->max <= severity)
884  severity_data->max = severity;
885 
886  (severity_data->total) += count;
887 }
int * counts
Definition: manage.h:988
double max
Definition: manage.h:990
int severity_data_index(double severity)
Convert a severity value into an index in the counts array.
Definition: manage.c:789

◆ severity_data_index()

int severity_data_index ( double  severity)

Convert a severity value into an index in the counts array.

Parameters
[in]severitySeverity value.
Returns
The index, 0 for invalid severity scores.

Definition at line 789 of file manage.c.

References SEVERITY_DEBUG, SEVERITY_ERROR, SEVERITY_FP, SEVERITY_SUBDIVISIONS, and ZERO_SEVERITY_INDEX.

Referenced by severity_data_add().

790 {
791  int ret;
792  if (severity >= 0.0)
793  ret = (int)(round (severity * SEVERITY_SUBDIVISIONS)) + ZERO_SEVERITY_INDEX;
794  else if (severity == SEVERITY_FP || severity == SEVERITY_DEBUG
795  || severity == SEVERITY_ERROR)
796  ret = (int)(round (severity)) + ZERO_SEVERITY_INDEX;
797  else
798  ret = 0;
799 
800  return ret;
801 }
#define SEVERITY_SUBDIVISIONS
Definition: manage_utils.h:46
#define ZERO_SEVERITY_INDEX
Definition: manage.c:779
#define SEVERITY_ERROR
Definition: manage_utils.h:38
#define SEVERITY_FP
Definition: manage_utils.h:34
#define SEVERITY_DEBUG
Definition: manage_utils.h:36
Here is the caller graph for this function:

◆ severity_data_level_counts()

void severity_data_level_counts ( const severity_data_t severity_data,
const gchar *  severity_class,
int *  errors,
int *  debugs,
int *  false_positives,
int *  logs,
int *  lows,
int *  mediums,
int *  highs 
)

Count the occurrences of severities in the levels.

Parameters
[in]severity_dataThe severity counts data to evaluate.
[in]severity_classThe severity class setting to use.
[out]errorsThe number of error messages.
[out]debugsThe number of debug messages.
[out]false_positivesThe number of False Positives.
[out]logsThe number of Log messages.
[out]lowsThe number of Low severity results.
[out]mediumsThe number of Medium severity results.
[out]highsThe number of High severity results.

Definition at line 930 of file manage.c.

References level_max_severity(), level_min_severity(), and severity_data_range_count().

934 {
935  if (errors)
936  *errors
937  = severity_data_range_count (severity_data,
938  level_min_severity ("Error",
939  severity_class),
940  level_max_severity ("Error",
941  severity_class));
942 
943  if (debugs)
944  *debugs
945  = severity_data_range_count (severity_data,
946  level_min_severity ("Debug",
947  severity_class),
948  level_max_severity ("Debug",
949  severity_class));
950 
951  if (false_positives)
952  *false_positives
953  = severity_data_range_count (severity_data,
954  level_min_severity ("False Positive",
955  severity_class),
956  level_max_severity ("False Positive",
957  severity_class));
958 
959  if (logs)
960  *logs
961  = severity_data_range_count (severity_data,
962  level_min_severity ("Log",
963  severity_class),
964  level_max_severity ("Log",
965  severity_class));
966 
967  if (lows)
968  *lows
969  = severity_data_range_count (severity_data,
970  level_min_severity ("low",
971  severity_class),
972  level_max_severity ("low",
973  severity_class));
974 
975  if (mediums)
976  *mediums
977  = severity_data_range_count (severity_data,
978  level_min_severity ("medium",
979  severity_class),
980  level_max_severity ("medium",
981  severity_class));
982 
983  if (highs)
984  *highs
985  = severity_data_range_count (severity_data,
986  level_min_severity ("high",
987  severity_class),
988  level_max_severity ("high",
989  severity_class));
990 }
int severity_data_range_count(const severity_data_t *severity_data, double min_severity, double max_severity)
Calculate the total of severity counts in a range.
Definition: manage.c:899
double level_max_severity(const char *level, const char *class)
Get the minimum severity for a severity level and class.
Definition: manage_utils.c:454
double level_min_severity(const char *level, const char *class)
Get the minimum severity for a severity level and class.
Definition: manage_utils.c:403
Here is the call graph for this function:

◆ severity_data_range_count()

int severity_data_range_count ( const severity_data_t severity_data,
double  min_severity,
double  max_severity 
)

Calculate the total of severity counts in a range.

Parameters
[in]severity_dataThe severity data struct to get counts from.
[in]min_severityThe minimum severity included in the range.
[in]max_severityThe maximum severity included in the range.
Returns
The total of severity counts in the specified range.

Definition at line 899 of file manage.c.

Referenced by severity_data_level_counts().

901 {
902  int i, i_max, count;
903 
904  i_max = severity_data_index (max_severity);
905  count = 0;
906 
907  for (i = severity_data_index (min_severity);
908  i <= i_max;
909  i++)
910  {
911  count += (severity_data->counts)[i];
912  }
913  return count;
914 }
int * counts
Definition: manage.h:988
int severity_data_index(double severity)
Convert a severity value into an index in the counts array.
Definition: manage.c:789
Here is the caller graph for this function:

◆ severity_data_value()

double severity_data_value ( int  index)

Convert an index in the counts array to a severity value.

Parameters
[in]indexIndex in the counts array.
Returns
The corresponding severity value.

Definition at line 811 of file manage.c.

References SEVERITY_MAX, SEVERITY_MISSING, SEVERITY_SUBDIVISIONS, and ZERO_SEVERITY_INDEX.

812 {
813  double ret;
814  if (index <= ZERO_SEVERITY_INDEX && index > 0)
815  ret = ((double) index) - ZERO_SEVERITY_INDEX;
816  else if (index <= (ZERO_SEVERITY_INDEX
818  ret = (((double) (index - ZERO_SEVERITY_INDEX)) / SEVERITY_SUBDIVISIONS);
819  else
820  ret = SEVERITY_MISSING;
821 
822  return ret;
823 }
#define SEVERITY_SUBDIVISIONS
Definition: manage_utils.h:46
#define ZERO_SEVERITY_INDEX
Definition: manage.c:779
#define SEVERITY_MISSING
Definition: manage_utils.h:40
#define SEVERITY_MAX
Definition: manage_utils.h:44

◆ severity_in_level()

int severity_in_level ( double  severity,
const char *  level 
)

Check whether a severity falls within a threat level.

Parameters
[in]severitySeverity.
[in]levelThreat level.
Returns
1 if in level, else 0.

Definition at line 583 of file manage.c.

References setting_severity().

Referenced by severity_to_level(), and sql_severity_in_level().

584 {
585  const char *class;
586 
587  class = setting_severity ();
588  if (strcmp (class, "classic") == 0)
589  {
590  if (strcmp (level, "high") == 0)
591  return severity > 5 && severity <= 10;
592  else if (strcmp (level, "medium") == 0)
593  return severity > 2 && severity <= 5;
594  else if (strcmp (level, "low") == 0)
595  return severity > 0 && severity <= 2;
596  else if (strcmp (level, "none") == 0 || strcmp (level, "log") == 0)
597  return severity == 0;
598  else
599  return 0;
600  }
601  else if (strcmp (class, "pci-dss") == 0)
602  {
603  if (strcmp (level, "high") == 0)
604  return severity >= 4.0;
605  else if (strcmp (level, "none") == 0 || strcmp (level, "log") == 0)
606  return severity >= 0.0 && severity < 4.0;
607  else
608  return 0;
609  }
610  else
611  {
612  /* NIST/BSI. */
613  if (strcmp (level, "high") == 0)
614  return severity >= 7 && severity <= 10;
615  else if (strcmp (level, "medium") == 0)
616  return severity >= 4 && severity < 7;
617  else if (strcmp (level, "low") == 0)
618  return severity > 0 && severity < 4;
619  else if (strcmp (level, "none") == 0 || strcmp (level, "log") == 0)
620  return severity == 0;
621  else
622  return 0;
623  }
624 }
const char * setting_severity()
Return the Severity Class user setting.
Definition: manage_sql.c:62125
Here is the call graph for this function:
Here is the caller graph for this function:

◆ severity_matches_ov()

int severity_matches_ov ( double  severity,
double  ov_severity 
)

Check whether a severity matches an override's severity.

Parameters
[in]severityseverity score
[in]ov_severityoverride severity score to match
Returns
1 if matches, else 0.

Definition at line 635 of file manage.c.

Referenced by sql_severity_matches_ov().

636 {
637  if (ov_severity <= 0.0)
638  return severity == ov_severity;
639  else
640  return severity >= ov_severity;
641 }
Here is the caller graph for this function:

◆ severity_to_level()

const char* severity_to_level ( double  severity,
int  mode 
)

Get the threat level matching a severity score.

Parameters
[in]severityseverity score
[in]mode0 for normal levels, 1 to use "Alarm" for severity > 0.0
Returns
the level as a static string

Definition at line 652 of file manage.c.

References SEVERITY_DEBUG, SEVERITY_ERROR, SEVERITY_FP, severity_in_level(), and SEVERITY_LOG.

Referenced by result_iterator_level(), result_iterator_original_level(), and sql_severity_to_level().

653 {
654  if (severity == SEVERITY_LOG)
655  return "Log";
656  else if (severity == SEVERITY_FP)
657  return "False Positive";
658  else if (severity == SEVERITY_DEBUG)
659  return "Debug";
660  else if (severity == SEVERITY_ERROR)
661  return "Error";
662  else if (severity > 0.0 && severity <= 10.0)
663  {
664  if (mode == 1)
665  return ("Alarm");
666  else if (severity_in_level (severity, "high"))
667  return ("High");
668  else if (severity_in_level (severity, "medium"))
669  return ("Medium");
670  else if (severity_in_level (severity, "low"))
671  return ("Low");
672  else
673  return ("Log");
674  }
675  else
676  {
677  g_warning ("%s: Invalid severity score given: %f",
678  __FUNCTION__, severity);
679  return (NULL);
680  }
681 }
#define SEVERITY_ERROR
Definition: manage_utils.h:38
#define SEVERITY_FP
Definition: manage_utils.h:34
#define SEVERITY_DEBUG
Definition: manage_utils.h:36
int severity_in_level(double severity, const char *level)
Check whether a severity falls within a threat level.
Definition: manage.c:583
#define SEVERITY_LOG
Definition: manage_utils.h:32
Here is the call graph for this function:
Here is the caller graph for this function:

◆ severity_to_type()

const char* severity_to_type ( double  severity)

Get the message type matching a severity score.

Parameters
[in]severityseverity score
Returns
the message type as a static string

Definition at line 691 of file manage.c.

References SEVERITY_DEBUG, SEVERITY_ERROR, SEVERITY_FP, and SEVERITY_LOG.

Referenced by make_cve_result(), make_osp_result(), and sql_severity_to_type().

692 {
693  if (severity == SEVERITY_LOG)
694  return "Log Message";
695  else if (severity == SEVERITY_FP)
696  return "False Positive";
697  else if (severity == SEVERITY_DEBUG)
698  return "Debug Message";
699  else if (severity == SEVERITY_ERROR)
700  return "Error Message";
701  else if (severity > 0.0 && severity <= 10.0)
702  return "Alarm";
703  else
704  {
705  g_warning ("%s: Invalid severity score given: %f",
706  __FUNCTION__, severity);
707  return (NULL);
708  }
709 }
#define SEVERITY_ERROR
Definition: manage_utils.h:38
#define SEVERITY_FP
Definition: manage_utils.h:34
#define SEVERITY_DEBUG
Definition: manage_utils.h:36
#define SEVERITY_LOG
Definition: manage_utils.h:32
Here is the caller graph for this function:

◆ slave_authenticate()

int slave_authenticate ( gnutls_session_t *  session,
scanner_t  slave 
)

Authenticate with a slave.

Parameters
[in]sessionGNUTLS session.
[in]slaveSlave.
Returns
0 success, -1 error.

Definition at line 2074 of file manage.c.

References scanner_login(), and scanner_password().

2075 {
2076  int ret;
2077  gchar *login, *password;
2078 
2079  login = scanner_login (slave);
2080  if (login == NULL)
2081  return -1;
2082 
2083  password = scanner_password (slave);
2084  if (password == NULL)
2085  {
2086  g_free (login);
2087  return -1;
2088  }
2089 
2090  ret = omp_authenticate (session, login, password);
2091  g_free (login);
2092  g_free (password);
2093  if (ret)
2094  return -1;
2095  return 0;
2096 }
char * scanner_login(scanner_t)
Return the login associated with a scanner.
Definition: manage_sql.c:48269
char * scanner_password(scanner_t)
Return the password associated with a scanner.
Definition: manage_sql.c:48287
Here is the call graph for this function:

◆ slist_free()

void slist_free ( GSList *  list)

Free an slist of pointers, including the pointers.

Parameters
[in]listThe list.
Todo:
Duplicate in openvas_string module (openvas_string_list_free) . Find proper module to place this function.

Definition at line 397 of file manage.c.

398 {
399  GSList *head = list;
400  while (list)
401  {
402  g_free (list->data);
403  list = g_slist_next (list);
404  }
405  g_slist_free (head);
406 }

◆ sort_data_free()

void sort_data_free ( sort_data_t sort_data)

Free a sort_data_t struct and its related resources.

Parameters
[in]sort_dataThe sort_data struct to free.

Definition at line 8018 of file manage.c.

References sort_data_t::field, and sort_data_t::stat.

8019 {
8020  g_free (sort_data->field);
8021  g_free (sort_data->stat);
8022  g_free (sort_data);
8023 }
gchar * stat
The statistic to sort by.
Definition: manage.h:4101
gchar * field
The field to sort by.
Definition: manage.h:4100

◆ start_task()

int start_task ( const char *  task_id,
char **  report_id 
)

Start a task.

Use send_to_server to queue the task start sequence in the scanner output buffer.

Only one task can run at a time in a process.

Parameters
[in]task_idThe task ID.
[out]report_idThe report ID.
Returns
Before forking: 1 task is active already, 3 failed to find task, 99 permission denied, -1 internal error, -2 task is missing a target, -3 creating the report failed, -4 target missing hosts, -6 already a task running in this process, -7 no CA cert, -9 fork failed. After forking: 0 success (parent), 2 success (child), -10 error (child).

Definition at line 5399 of file manage.c.

References acl_user_may().

5400 {
5401  if (acl_user_may ("start_task") == 0)
5402  return 99;
5403 
5404  return run_task (task_id, report_id, 0);
5405 }
unsigned int task_id(task_t)
Return the identifier of a task.
Definition: manage_sql.c:17869
int acl_user_may(const char *operation)
Test whether a user may perform an operation.
Definition: manage_acl.c:56
Here is the call graph for this function:

◆ stop_task()

int stop_task ( const char *  task_id)

Initiate stopping a task.

Use send_to_server to queue the task stop sequence in the scanner output buffer.

Parameters
[in]task_idTask UUID.
Returns
0 on success, 1 if stop requested, 3 failed to find task, 99 permission denied, -1 if out of space in scanner output buffer, -5 scanner down.

Definition at line 5514 of file manage.c.

References acl_user_may(), config_type(), find_task_with_permission(), and task_config().

5515 {
5516  task_t task;
5517 
5518  if (acl_user_may ("stop_task") == 0)
5519  return 99;
5520 
5521  task = 0;
5522  if (find_task_with_permission (task_id, &task, "stop_task"))
5523  return -1;
5524  if (task == 0)
5525  return 3;
5526 
5527  if (config_type (task_config (task)) != 0)
5528  return stop_osp_task (task);
5529 
5530  return stop_task_internal (task);
5531 }
int config_type(config_t)
Return the type of a config.
Definition: manage_sql.c:35710
config_t task_config(task_t)
Return the config of a task.
Definition: manage_sql.c:18016
unsigned int task_id(task_t)
Return the identifier of a task.
Definition: manage_sql.c:17869
int stop_task_internal(task_t task)
Initiate stopping a task.
Definition: manage.c:5447
gboolean find_task_with_permission(const char *, task_t *, const char *)
Find a task for a specific permission, given a UUID.
Definition: manage_sql.c:32587
int acl_user_may(const char *operation)
Test whether a user may perform an operation.
Definition: manage_acl.c:56
long long int task_t
Definition: manage.h:286
Here is the call graph for this function:

◆ stop_task_internal()

int stop_task_internal ( task_t  task)

Initiate stopping a task.

Use send_to_server to queue the task stop sequence in the scanner output buffer.

Parameters
[in]taskTask.
Returns
0 on success, 1 if stop requested, -1 if out of space in scanner output buffer, -5 scanner down, -7 no CA cert.

Definition at line 5447 of file manage.c.

References current_scanner_task, task_run_status(), task_scanner(), TASK_STATUS_REQUESTED, and TASK_STATUS_RUNNING.

Referenced by move_task(), request_delete_task(), and request_delete_task_uuid().

5448 {
5449  task_status_t run_status;
5450 
5451  run_status = task_run_status (task);
5452  if (run_status == TASK_STATUS_REQUESTED
5453  || run_status == TASK_STATUS_RUNNING)
5454  {
5455  if (current_scanner_task == task)
5456  {
5457  scanner_t scanner = task_scanner (task);
5458 
5459  assert (scanner);
5460  switch (scanner_setup (scanner))
5461  {
5462  case 0:
5463  break;
5464  case 1:
5465  return -7;
5466  default:
5467  return -5;
5468  }
5471  return -5;
5472  if (send_to_server ("CLIENT <|> STOP_WHOLE_TEST <|> CLIENT\n"))
5473  return -1;
5474  }
5476  return 1;
5477  }
5478  else if (run_status == TASK_STATUS_DELETE_REQUESTED
5479  || run_status == TASK_STATUS_DELETE_WAITING
5480  || run_status == TASK_STATUS_DELETE_ULTIMATE_REQUESTED
5481  || run_status == TASK_STATUS_DELETE_ULTIMATE_WAITING
5482  || run_status == TASK_STATUS_STOP_REQUESTED
5483  || run_status == TASK_STATUS_STOP_WAITING)
5484  {
5485  scanner_t scanner;
5486 
5487  scanner = task_scanner (task);
5488  assert (scanner);
5489  if (scanner_type (scanner) == SCANNER_TYPE_OMP)
5490  {
5491  /* A special request from the user to get the task out of a requested
5492  * state when contact with the slave is lost. */
5494  return 1;
5495  }
5496  }
5497 
5498  return 0;
5499 }
task_status_t
Task statuses, also used as scan/report statuses.
Definition: manage.h:218
void set_task_run_status(task_t, task_status_t)
Set the run state of a task.
Definition: manage_sql.c:18307
task_t current_scanner_task
The task currently running on the scanner.
Definition: manage.c:998
int openvas_scanner_connected()
Whether we have started a connection to the Scanner using openvas_scanner_connect().
Definition: scanner.c:764
task_status_t task_run_status(task_t)
Return the run state of a task.
Definition: manage_sql.c:18238
int send_to_server(const char *msg)
Send a message to the server.
int openvas_scanner_connect()
Create a new connection to the scanner and set it as current scanner.
Definition: scanner.c:619
scanner_t task_scanner(task_t)
Return the scanner of a task.
Definition: manage_sql.c:18183
int openvas_scanner_init(int cache_mode)
Initializes the already setup connection with the Scanner.
Definition: scanner.c:778
scanner_type
Scanner types.
Definition: manage.h:267
long long int scanner_t
Definition: manage.h:300
Here is the call graph for this function:
Here is the caller graph for this function:

◆ threat_message_type()

const char* threat_message_type ( const char *  threat)

Get the message type of a threat.

Parameters
threatThreat.
Returns
Static message type name if threat names a threat, else NULL.

Definition at line 526 of file manage.c.

Referenced by update_from_slave().

527 {
528  if (strcasecmp (threat, "High") == 0)
529  return "Alarm";
530  if (strcasecmp (threat, "Medium") == 0)
531  return "Alarm";
532  if (strcasecmp (threat, "Low") == 0)
533  return "Alarm";
534  if (strcasecmp (threat, "Log") == 0)
535  return "Log Message";
536  if (strcasecmp (threat, "Debug") == 0)
537  return "Debug Message";
538  if (strcasecmp (threat, "Error") == 0)
539  return "Error Message";
540  if (strcasecmp (threat, "False Positive") == 0)
541  return "False Positive";
542  return NULL;
543 }
Here is the caller graph for this function:

◆ truncate_certificate()

gchar* truncate_certificate ( const gchar *  certificate)

Truncate a certificate, removing extra data.

Parameters
[in]certificateThe certificate.
Returns
The truncated private key as a newly allocated string or NULL.

Definition at line 174 of file manage.c.

Referenced by get_certificate_info().

175 {
176  gchar *cert_start, *cert_end;
177  cert_start = strstr (certificate, "-----BEGIN CERTIFICATE-----");
178  if (cert_start)
179  {
180  cert_end = strstr (cert_start, "-----END CERTIFICATE-----");
181 
182  if (cert_end == NULL)
183  return NULL;
184 
185  cert_end += strlen ("-----END CERTIFICATE-----");
186 
187  if (cert_end[0] == '\n')
188  cert_end++;
189 
190  return g_strndup (cert_start, cert_end - cert_start);
191  }
192  return NULL;
193 }
Here is the caller graph for this function:

◆ truncate_private_key()

gchar* truncate_private_key ( const gchar *  private_key)

Truncate a private key, removing extra data.

Parameters
[in]private_keyThe private key.
Returns
The truncated private key as a newly allocated string or NULL.

Definition at line 203 of file manage.c.

204 {
205  gchar *key_start, *key_end;
206  key_end = NULL;
207  key_start = strstr (private_key, "-----BEGIN RSA PRIVATE KEY-----");
208  if (key_start)
209  {
210  key_end = strstr (key_start, "-----END RSA PRIVATE KEY-----");
211 
212  if (key_end)
213  key_end += strlen ("-----END RSA PRIVATE KEY-----");
214  else
215  return NULL;
216  }
217  else
218  {
219  key_start = strstr (private_key, "-----BEGIN DSA PRIVATE KEY-----");
220  if (key_start)
221  {
222  key_end = strstr (key_start, "-----END DSA PRIVATE KEY-----");
223 
224  if (key_end)
225  key_end += strlen ("-----END DSA PRIVATE KEY-----");
226  else
227  return NULL;
228  }
229  }
230 
231  if (key_end && key_end[0] == '\n')
232  key_end++;
233 
234  if (key_start == NULL || key_end == NULL)
235  return NULL;
236  else
237  return g_strndup (key_start, key_end - key_start);
238 }

◆ type_is_scap()

int type_is_scap ( const char *  type)

Check if a type is a SCAP type.

Parameters
[in]typeResource type.
Returns
Name of type.

Definition at line 474 of file manage.c.

475 {
476  return (strcasecmp (type, "cpe") == 0)
477  || (strcasecmp (type, "cve") == 0)
478  || (strcasecmp (type, "ovaldef") == 0);
479 }

◆ type_name()

const char* type_name ( const char *  type)

Return the name of a resource type.

Parameters
[in]typeResource type.
Returns
Name of type.

Definition at line 445 of file manage.c.

446 {
447  if (type == NULL)
448  return "ERROR";
449 
450  if (strcasecmp (type, "cpe") == 0)
451  return "CPE";
452  if (strcasecmp (type, "cve") == 0)
453  return "CVE";
454  if (strcasecmp (type, "cert_bund_adv") == 0)
455  return "CERT-Bund Advisory";
456  if (strcasecmp (type, "dfn_cert_adv") == 0)
457  return "DFN-CERT Advisory";
458  if (strcasecmp (type, "nvt") == 0)
459  return "NVT";
460  if (strcasecmp (type, "ovaldef") == 0)
461  return "OVAL Definition";
462 
463  return "ERROR";
464 }

◆ type_name_plural()

const char* type_name_plural ( const char *  type)

Return the plural name of a resource type.

Parameters
[in]typeResource type.
Returns
Plural name of type.

Definition at line 416 of file manage.c.

417 {
418  if (type == NULL)
419  return "ERROR";
420 
421  if (strcasecmp (type, "cpe") == 0)
422  return "CPEs";
423  if (strcasecmp (type, "cve") == 0)
424  return "CVEs";
425  if (strcasecmp (type, "cert_bund_adv") == 0)
426  return "CERT-Bund Advisories";
427  if (strcasecmp (type, "dfn_cert_adv") == 0)
428  return "DFN-CERT Advisories";
429  if (strcasecmp (type, "nvt") == 0)
430  return "NVTs";
431  if (strcasecmp (type, "ovaldef") == 0)
432  return "OVAL Definitions";
433 
434  return "ERROR";
435 }

◆ update_end_times()

int update_end_times ( entity_t  report)

Update end times, and optionally add host details.

Parameters
[in]reportReport.
Returns
0 success, -1 error.

Definition at line 2202 of file manage.c.

References current_report, current_scanner_task, manage_report_host_details(), scan_host_end_time(), set_scan_end_time(), set_scan_host_end_time(), and set_task_end_time().

2203 {
2204  entity_t end;
2205  entities_t entities;
2206 
2207  /* Set the scan end time. */
2208 
2209  entities = report->entities;
2210  while ((end = first_entity (entities)))
2211  {
2212  if (strcmp (entity_name (end), "scan_end") == 0)
2213  {
2214  char *text;
2215  text = entity_text (end);
2216  while (*text && isspace (*text)) text++;
2217  if (*text == '\0')
2218  break;
2220  g_strdup (entity_text (end)));
2221  set_scan_end_time (current_report, entity_text (end));
2222  break;
2223  }
2224  entities = next_entities (entities);
2225  }
2226 
2227  /* Add host details and set the host end times. */
2228 
2229  entities = report->entities;
2230  while ((end = first_entity (entities)))
2231  {
2232  if (strcmp (entity_name (end), "host_end") == 0)
2233  {
2234  entity_t host;
2235  char *text;
2236 
2237  /* Set the end time this way first, in case the slave is
2238  * very old. */
2239 
2240  host = entity_child (end, "host");
2241  if (host == NULL)
2242  return -1;
2243 
2244  text = entity_text (end);
2245  while (*text && isspace (*text)) text++;
2246  if (*text != '\0')
2248  entity_text (host),
2249  entity_text (end));
2250  }
2251 
2252  if (strcmp (entity_name (end), "host") == 0)
2253  {
2254  entity_t ip, time;
2255  char *text;
2256 
2257  ip = entity_child (end, "ip");
2258  if (ip == NULL)
2259  return -1;
2260 
2261  time = entity_child (end, "end");
2262  if (time == NULL)
2263  return -1;
2264 
2265  text = entity_text (time);
2266  while (*text && isspace (*text)) text++;
2267  if ((*text != '\0')
2268  && (scan_host_end_time (current_report, entity_text (ip)) == 0))
2269  {
2271  entity_text (ip),
2272  entity_text (time));
2274  entity_text (ip),
2275  end))
2276  return -1;
2277  }
2278  }
2279 
2280  entities = next_entities (entities);
2281  }
2282 
2283  return 0;
2284 }
int manage_report_host_details(report_t report, const char *ip, entity_t entity)
Add host details to a report host.
Definition: manage_sql.c:60642
int scan_host_end_time(report_t, const char *)
Get the end time of a scanned host.
Definition: manage_sql.c:24353
task_t current_scanner_task
The task currently running on the scanner.
Definition: manage.c:998
void set_scan_host_end_time(report_t, const char *, const char *)
Set the end time of a scanned host.
Definition: manage_sql.c:24374
void set_scan_end_time(report_t, const char *)
Set the end time of a scan.
Definition: manage_sql.c:24318
report_t current_report
The report of the current task.
Definition: manage.c:1003
void set_task_end_time(task_t task, char *time)
Set the end time of a task.
Definition: manage_sql.c:24145
Here is the call graph for this function:

◆ update_slave_progress()

int update_slave_progress ( entity_t  get_tasks)

Update the locally cached task progress from the slave.

Parameters
[in]get_tasksSlave GET_TASKS response.
Returns
0 success, -1 error.

Definition at line 2025 of file manage.c.

References current_report, and set_report_slave_progress().

2026 {
2027  entity_t entity;
2028 
2029  entity = entity_child (get_tasks, "task");
2030  if (entity == NULL)
2031  return -1;
2032  entity = entity_child (entity, "progress");
2033  if (entity == NULL)
2034  return -1;
2035 
2036  if (current_report == 0)
2037  return -1;
2038 
2040  atoi (entity_text (entity)));
2041 
2042  return 0;
2043 }
report_t current_report
The report of the current task.
Definition: manage.c:1003
int set_report_slave_progress(report_t report, int progress)
Set slave progress of a report.
Definition: manage_sql.c:25451
Here is the call graph for this function:

◆ validate_username()

int validate_username ( const gchar *  name)

Validates a username.

Parameters
[in]nameThe name.
Returns
0 if the username is valid, 1 if not.

Definition at line 8001 of file manage.c.

Referenced by create_user(), and modify_user().

8002 {
8003  if (g_regex_match_simple ("^[[:alnum:]-_.]+$", name, 0, 0))
8004  return 0;
8005  else
8006  return 1;
8007 }
Here is the caller graph for this function:

◆ xsl_transform()

gchar* xsl_transform ( gchar *  stylesheet,
gchar *  xmlfile,
gchar **  param_names,
gchar **  param_values 
)

Run xsltproc in an external process.

Parameters
[in]stylesheetXSL stylesheet to use.
[in]xmlfileXML file to process.
[in]param_namesNULL terminated array of stringparam names (can be NULL).
[in]param_valuesNULL terminated array of stringparam values (can be NULL).
Returns
A dynamically allocated (to be g_free'd) string containing the result of the operation of NULL on failure.

Definition at line 7535 of file manage.c.

Referenced by manage_run_wizard().

7537 {
7538  int i, param_idx;
7539  gchar **cmd, *cmd_full;
7540  gint exit_status;
7541  gboolean success;
7542  gchar *standard_out = NULL, *standard_err = NULL;
7543 
7544  param_idx = 0;
7545  if (param_names && param_values)
7546  while (param_names[param_idx] && param_values[param_idx])
7547  param_idx++;
7548 
7549  cmd = (gchar **)g_malloc ((4 + param_idx * 3) * sizeof (gchar *));
7550 
7551  i = 0;
7552  cmd[i++] = "xsltproc";
7553  if (param_idx)
7554  {
7555  int j;
7556 
7557  for (j = 0; j < param_idx; j++)
7558  {
7559  cmd[i++] = "--stringparam";
7560  cmd[i++] = param_names[j];
7561  cmd[i++] = param_values[j];
7562  }
7563  }
7564  cmd[i++] = stylesheet;
7565  cmd[i++] = xmlfile;
7566  cmd[i] = NULL;
7567 
7568 
7569  /* DEBUG: display the final command line. */
7570  cmd_full = g_strjoinv (" ", cmd);
7571  g_debug ("%s: Spawning in parent dir: %s\n",
7572  __FUNCTION__, cmd_full);
7573  g_free (cmd_full);
7574  /* --- */
7575 
7576  if ((g_spawn_sync (NULL,
7577  cmd,
7578  NULL, /* Environment. */
7579  G_SPAWN_SEARCH_PATH,
7580  NULL, /* Setup function. */
7581  NULL,
7582  &standard_out,
7583  &standard_err,
7584  &exit_status,
7585  NULL)
7586  == FALSE)
7587  || (WIFEXITED (exit_status) == 0)
7588  || WEXITSTATUS (exit_status))
7589  {
7590  g_debug ("%s: failed to transform the xml: %d (WIF %i, WEX %i)",
7591  __FUNCTION__,
7592  exit_status,
7593  WIFEXITED (exit_status),
7594  WEXITSTATUS (exit_status));
7595  g_debug ("%s: stderr: %s\n", __FUNCTION__, standard_err);
7596  g_debug ("%s: stdout: %s\n", __FUNCTION__, standard_out);
7597  success = FALSE;
7598  }
7599  else if (strlen (standard_out) == 0)
7600  success = FALSE; /* execution succeeded but nothing was found */
7601  else
7602  success = TRUE; /* execution succeeded and we have a result */
7603 
7604  /* Cleanup. */
7605  g_free (cmd);
7606  g_free (standard_err);
7607 
7608  if (success)
7609  return standard_out;
7610 
7611  g_free (standard_out);
7612  return NULL;
7613 }
Here is the caller graph for this function:

Variable Documentation

◆ authenticate_allow_all

int authenticate_allow_all = 0

Flag for manage_auth_allow_all.

1 if set via scheduler, 2 if set via event, else 0.

Definition at line 6426 of file manage.c.

Referenced by manage_auth_allow_all().

◆ current_credentials

credentials_t current_credentials

Current credentials during any OMP command.

Definition at line 717 of file manage.c.

Referenced by acl_user_has_access_uuid(), acl_user_has_super_on(), acl_user_has_super_on_resource(), acl_user_is_owner(), acl_user_may(), acl_user_owns(), acl_user_owns_name(), acl_user_owns_trash_uuid(), acl_user_owns_uuid(), acl_users_with_access_sql(), acl_where_owned(), acl_where_owned_for_get(), copy_alert(), copy_config(), copy_report_format(), copy_resource(), copy_task(), create_agent(), create_asset_host(), create_config(), create_config_from_scanner(), create_credential(), create_filter(), create_group(), create_port_list(), create_port_list_lock(), create_port_list_unique(), create_report_format(), create_role(), create_scanner(), create_schedule(), create_tag(), create_target(), delete_task(), delete_task_lock(), delete_user(), find_port_range_with_permission(), host_notice(), host_nthlast_report_host(), hosts_set_identifiers(), hosts_set_max_severity(), init_host_identifier_iterator(), init_note_iterator(), init_override_iterator(), init_port_range_iterator(), init_resource_tag_iterator(), init_schedule_task_iterator(), init_setting_iterator(), init_user_config_iterator(), lookup_report_format(), manage_create_scanner(), manage_delete_scanner(), manage_delete_user(), manage_empty_trashcan(), manage_max_rows(), manage_modify_scanner(), manage_restore(), manage_scanner_set(), manage_schedule(), manage_set_config(), manage_verify_scanner(), migrate_168_to_169(), modify_agent(), modify_credential(), modify_filter(), modify_group(), modify_port_list(), modify_report(), modify_report_format(), modify_role(), modify_scanner(), modify_schedule(), modify_tag(), modify_target(), modify_user(), report_cache_counts(), report_severity(), request_delete_task(), request_delete_task_uuid(), set_credential_data(), set_task_groups(), set_task_observers(), setting_auto_cache_rebuild_int(), setting_count(), setting_default_severity_dbl(), setting_dynamic_severity_int(), setting_filter(), setting_severity(), setting_timezone(), setting_value_int(), stop_active_tasks(), sync_config(), task_severity_double(), task_trend(), and user_ensure_in_db().

◆ current_report

report_t current_report = (report_t) 0

The report of the current task.

Definition at line 1003 of file manage.c.

Referenced by create_current_report(), manage_reset_currents(), update_end_times(), update_from_slave(), and update_slave_progress().

◆ current_scanner_task

task_t current_scanner_task = (task_t) 0

The task currently running on the scanner.

Definition at line 998 of file manage.c.

Referenced by manage_check_current_task(), manage_cleanup_process_error(), manage_reset_currents(), stop_task_internal(), update_end_times(), and update_from_slave().

◆ schedule_user_uuid

gchar* schedule_user_uuid = NULL

UUID of user whose scheduled task is to be started (in connection with authenticate_allow_all).

Definition at line 6432 of file manage.c.

Referenced by get_scheduled_user_uuid(), and set_scheduled_user_uuid().

◆ slave_config_uuid

gchar* slave_config_uuid = NULL

Slave config UUID.

Definition at line 2000 of file manage.c.

Referenced by delete_slave_task().

◆ slave_connection

openvas_connection_t* slave_connection = NULL

Slave session.

Definition at line 2015 of file manage.c.

◆ slave_esxi_credential_uuid

gchar* slave_esxi_credential_uuid = NULL

Slave credential UUID.

Definition at line 1980 of file manage.c.

◆ slave_port_list_uuid

gchar* slave_port_list_uuid = NULL

Slave target UUID.

Definition at line 1995 of file manage.c.

Referenced by delete_slave_task().

◆ slave_report_uuid

gchar* slave_report_uuid = NULL

Slave report UUID.

Definition at line 2010 of file manage.c.

◆ slave_smb_credential_uuid

gchar* slave_smb_credential_uuid = NULL

Slave credential UUID.

Definition at line 1975 of file manage.c.

Referenced by delete_slave_task().

◆ slave_snmp_credential_uuid

gchar* slave_snmp_credential_uuid = NULL

Slave credential UUID.

Definition at line 1985 of file manage.c.

◆ slave_ssh_credential_uuid

gchar* slave_ssh_credential_uuid = NULL

Slave credential UUID.

Definition at line 1970 of file manage.c.

Referenced by delete_slave_task().

◆ slave_target_uuid

gchar* slave_target_uuid = NULL

Slave target UUID.

Definition at line 1990 of file manage.c.

Referenced by delete_slave_task().

◆ slave_task_uuid

gchar* slave_task_uuid = NULL

Slave task UUID.

Definition at line 2005 of file manage.c.

Referenced by delete_report_internal().

◆ termination_signal

volatile int termination_signal

Flag for signal handlers.

Definition at line 256 of file openvasmd.c.

Referenced by get_termination_signal(), and handle_termination_signal().