OpenVAS Manager  7.0.3~git
manage.c File Reference

The OpenVAS Manager management library. More...

#include "manage.h"
#include "scanner.h"
#include "manage_acl.h"
#include "manage_sql.h"
#include "ovas-mngr-comm.h"
#include "utils.h"
#include <assert.h>
#include <ctype.h>
#include <errno.h>
#include <dirent.h>
#include <fcntl.h>
#include <glib.h>
#include <math.h>
#include <locale.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <strings.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <time.h>
#include <unistd.h>
#include <openvas/base/cvss.h>
#include <openvas/base/gpgme_util.h>
#include <openvas/base/openvas_string.h>
#include <openvas/base/openvas_file.h>
#include <openvas/base/openvas_hosts.h>
#include <openvas/omp/omp.h>
#include <openvas/misc/openvas_server.h>
#include <openvas/misc/nvt_categories.h>
#include <openvas/misc/openvas_uuid.h>
#include <openvas/misc/openvas_proctitle.h>
Include dependency graph for manage.c:

Go to the source code of this file.

Macros

#define _XOPEN_SOURCE
 
#define _GNU_SOURCE
 
#define G_LOG_DOMAIN   "md manage"
 GLib log domain. More...
 
#define CPE_GETBYNAME_XSL   OPENVAS_SCAP_RES_DIR "/cpe_getbyname.xsl"
 CPE selection stylesheet location. More...
 
#define CVE_GETBYNAME_XSL   OPENVAS_SCAP_RES_DIR "/cve_getbyname.xsl"
 CVE selection stylesheet location. More...
 
#define OVALDEF_GETBYNAME_XSL   OPENVAS_SCAP_RES_DIR "/ovaldef_getbyname.xsl"
 OVALDEF selection stylesheet location. More...
 
#define CERT_BUND_ADV_GETBYNAME_XSL   OPENVAS_CERT_RES_DIR "/cert_bund_getbyname.xsl"
 CERT_BUND_ADV selection stylesheet location. More...
 
#define DFN_CERT_ADV_GETBYNAME_XSL   OPENVAS_CERT_RES_DIR "/dfn_cert_getbyname.xsl"
 DFN_CERT_ADV selection stylesheet location. More...
 
#define CPE_DICT_FILENAME   OPENVAS_SCAP_DATA_DIR "/official-cpe-dictionary_v2.2.xml"
 CPE dictionary location. More...
 
#define CVE_FILENAME_FMT   OPENVAS_SCAP_DATA_DIR "/nvdcve-2.0-%d.xml"
 CVE data files location format string. More...
 
#define CERT_BUND_ADV_FILENAME_FMT   OPENVAS_CERT_DATA_DIR "/CB-K%02d.xml"
 CERT-Bund data files location format string. More...
 
#define DFN_CERT_ADV_FILENAME_FMT   OPENVAS_CERT_DATA_DIR "/dfn-cert-%04d.xml"
 DFN-CERT data files location format string. More...
 
#define SCAP_TIMESTAMP_FILENAME   OPENVAS_SCAP_DATA_DIR "/timestamp"
 SCAP timestamp location. More...
 
#define CERT_TIMESTAMP_FILENAME   OPENVAS_CERT_DATA_DIR "/timestamp"
 CERT timestamp location. More...
 
#define MAX_CHECKS_DEFAULT   "4"
 Default for Scanner max_checks preference. More...
 
#define MAX_HOSTS_DEFAULT   "20"
 Default for Scanner max_hosts preference. More...
 
#define ZERO_SEVERITY_INDEX   4
 
#define RUN_SLAVE_TASK_SLEEP_SECONDS   25
 Number of seconds to sleep between polls to slave. More...
 
#define COMMAND   "openvasmr 0 titles"
 Command called by get_system_report_types. More...
 
#define FALLBACK_SYSTEM_REPORT_HEADER
 Header for fallback system report. More...
 
#define DEFAULT_DURATION   86400L
 
#define DEF(x)
 Define a code snippet for get_nvti_xml. More...
 

Functions

gchar * truncate_certificate (const gchar *certificate)
 Truncate a certificate, removing extra data. More...
 
gchar * truncate_private_key (const gchar *private_key)
 Truncate a private key, removing extra data. More...
 
int get_certificate_info (const gchar *certificate, time_t *activation_time, time_t *expiration_time, gchar **fingerprint, gchar **issuer)
 Gathers info from a certificate. More...
 
gchar * certificate_iso_time (time_t time)
 Converts a certificate time to an ISO time string. More...
 
const gchar * certificate_time_status (time_t activates, time_t expires)
 Tests the activation and expiration time of a certificate. More...
 
void slist_free (GSList *list)
 Free an slist of pointers, including the pointers. More...
 
const char * type_name_plural (const char *type)
 Return the plural name of a resource type. More...
 
const char * type_name (const char *type)
 Return the name of a resource type. More...
 
int type_is_scap (const char *type)
 Check if a type is a SCAP type. More...
 
const char * threat_message_type (const char *threat)
 Get the message type of a threat. More...
 
const char * message_type_threat (const char *type)
 Get the threat of a message type. More...
 
int severity_in_level (double severity, const char *level)
 Check whether a severity falls within a threat level. More...
 
int severity_matches_ov (double severity, double ov_severity)
 Check whether a severity matches an override's severity. More...
 
const char * severity_to_level (double severity, int mode)
 Get the threat level matching a severity score. More...
 
const char * severity_to_type (double severity)
 Get the message type matching a severity score. More...
 
int delete_reports (task_t task)
 Delete all the reports for a task. More...
 
gchar * report_results_filter_term (int first, int rows, int apply_overrides, int autofp, int min_qod)
 Create a basic filter term to get report results. More...
 
get_data_treport_results_get_data (int first, int rows, int apply_overrides, int autofp, int min_qod)
 Create a new basic get_data_t struct to get report results. More...
 
int severity_data_index (double severity)
 Convert a severity value into an index in the counts array. More...
 
double severity_data_value (int index)
 Convert an index in the counts array to a severity value. More...
 
void init_severity_data (severity_data_t *data)
 Initialize a severity data structure. More...
 
void cleanup_severity_data (severity_data_t *data)
 Clean up a severity data structure. More...
 
void severity_data_add (severity_data_t *severity_data, double severity)
 Add a severity occurrence to the counts of a severity_data_t. More...
 
void severity_data_add_count (severity_data_t *severity_data, double severity, int count)
 Add a multiple severity occurrences to the counts of a severity_data_t. More...
 
int severity_data_range_count (const severity_data_t *severity_data, double min_severity, double max_severity)
 Calculate the total of severity counts in a range. More...
 
void severity_data_level_counts (const severity_data_t *severity_data, const gchar *severity_class, int *errors, int *debugs, int *false_positives, int *logs, int *lows, int *mediums, int *highs)
 Count the occurrences of severities in the levels. More...
 
const char * alert_condition_name (alert_condition_t condition)
 Get the name of an alert condition. More...
 
const char * event_name (event_t event)
 Get the name of an alert event. More...
 
gchar * alert_condition_description (alert_condition_t condition, alert_t alert)
 Get a description of an alert condition. More...
 
gchar * event_description (event_t event, const void *event_data, const char *task_name)
 Get a description of an alert event. More...
 
const char * alert_method_name (alert_method_t method)
 Get the name of an alert method. More...
 
alert_condition_t alert_condition_from_name (const char *name)
 Get an alert condition from a name. More...
 
event_t event_from_name (const char *name)
 Get an event from a name. More...
 
alert_method_t alert_method_from_name (const char *name)
 Get an alert method from a name. More...
 
const char * run_status_name (task_status_t status)
 Get the name of a run status. More...
 
const char * run_status_name_internal (task_status_t status)
 Get the unique name of a run status. More...
 
void buffer_config_preference_xml (GString *, iterator_t *, config_t, int)
 Buffer XML for the NVT preference of a config. More...
 
int update_slave_progress (entity_t get_tasks)
 Update the locally cached task progress from the slave. More...
 
int slave_authenticate (gnutls_session_t *session, scanner_t slave)
 Authenticate with a slave. More...
 
int update_end_times (entity_t report)
 Update end times, and optionally add host details. More...
 
int run_osp_task (task_t task)
 Start a task on an OSP scanner. More...
 
int set_certs (const char *ca_pub, const char *key_pub, const char *key_priv)
 Initialise OpenVAS scanner variables, checking for defaults. More...
 
int run_otp_task (task_t task, scanner_t scanner, int from, char **report_id)
 Start an OTP scanner task. More...
 
int start_task (const char *task_id, char **report_id)
 Start a task. More...
 
int stop_task_internal (task_t task)
 Initiate stopping a task. More...
 
int stop_task (const char *task_id)
 Initiate stopping a task. More...
 
int resume_task (const char *task_id, char **report_id)
 Resume a task. More...
 
int move_task (const char *task_id, const char *slave_id)
 Reassign a task to another slave. More...
 
int acknowledge_bye ()
 Acknowledge a scanner BYE. More...
 
int acknowledge_feed_version_info ()
 Acknowledge scanner PLUGINS_FEED_VERSION message,. More...
 
int manage_check_current_task ()
 Handle state changes to current task made by other processes. More...
 
const char * credential_full_type (const char *abbreviation)
 Get the written-out name of an LSC Credential type. More...
 
int init_system_report_type_iterator (report_type_iterator_t *iterator, const char *type, const char *slave_id)
 Initialise a system report type iterator. More...
 
void cleanup_report_type_iterator (report_type_iterator_t *iterator)
 Cleanup a report type iterator. More...
 
gboolean next_report_type (report_type_iterator_t *iterator)
 Increment a report type iterator. More...
 
const char * report_type_iterator_name (report_type_iterator_t *iterator)
 Return the name from a report type iterator. More...
 
const char * report_type_iterator_title (report_type_iterator_t *iterator)
 Return the title from a report type iterator. More...
 
int manage_system_report (const char *name, const char *duration, const char *start_time, const char *end_time, const char *slave_id, char **report)
 Get a system report. More...
 
void manage_auth_allow_all (int scheduled)
 Ensure that any subsequent authentications succeed. More...
 
gchar * get_scheduled_user_uuid ()
 Access UUID of user that scheduled the current task. More...
 
void set_scheduled_user_uuid (gchar *user_uuid)
 Set UUID of user that scheduled the current task. More...
 
int manage_schedule (int(*fork_connection)(openvas_connection_t *, gchar *), gboolean run_tasks, sigset_t *sigmask_current)
 Schedule any actions that are due. More...
 
int get_schedule_timeout ()
 Get the current schedule timeout. More...
 
void set_schedule_timeout (int new_timeout)
 Set the schedule timeout. More...
 
const char * report_format_param_type_name (report_format_param_type_t type)
 Get the name of a report format param type. More...
 
report_format_param_type_t report_format_param_type_from_name (const char *name)
 Get a report format param type from a name. More...
 
gchar * predefined_report_format_dir (const gchar *uuid)
 Get the directory of a report format. More...
 
int init_report_format_file_iterator (file_iterator_t *iterator, report_format_t report_format)
 Initialise a report format file iterator. More...
 
void cleanup_file_iterator (file_iterator_t *iterator)
 Cleanup a report type iterator. More...
 
gboolean next_file (file_iterator_t *iterator)
 Increment a report type iterator. More...
 
const char * file_iterator_name (file_iterator_t *iterator)
 Return the name from a file iterator. More...
 
gchar * file_iterator_content_64 (file_iterator_t *iterator)
 Return the file contents from a file iterator. More...
 
void parse_tags (const char *scanner_tags, gchar **tags, gchar **cvss_base)
 Split up the tags received from the scanner. More...
 
int delete_slave_task (const gchar *host, int port, const gchar *username, const gchar *password, const char *slave_task_uuid)
 Delete a task on a slave. More...
 
gchar * xsl_transform (gchar *stylesheet, gchar *xmlfile, gchar **param_names, gchar **param_values)
 Run xsltproc in an external process. More...
 
gchar * get_nvti_xml (iterator_t *nvts, int details, int pref_count, int preferences, const char *timeout, config_t config, int close_tag)
 Create and return XML description for an NVT. More...
 
const char * manage_scap_update_time ()
 GET SCAP update time, as a string. More...
 
int manage_read_info (gchar *type, gchar *uid, gchar *name, gchar **result)
 Read raw information. More...
 
int validate_username (const gchar *name)
 Validates a username. More...
 

Variables

volatile int termination_signal
 Flag for signal handlers. More...
 
credentials_t current_credentials
 Current credentials during any OMP command. More...
 
task_t current_scanner_task = (task_t) 0
 The task currently running on the scanner. More...
 
report_t current_report = (report_t) 0
 The report of the current task. More...
 
gchar * slave_ssh_credential_uuid = NULL
 Slave credential UUID. More...
 
gchar * slave_smb_credential_uuid = NULL
 Slave credential UUID. More...
 
gchar * slave_esxi_credential_uuid = NULL
 Slave credential UUID. More...
 
gchar * slave_snmp_credential_uuid = NULL
 Slave credential UUID. More...
 
gchar * slave_target_uuid = NULL
 Slave target UUID. More...
 
gchar * slave_port_list_uuid = NULL
 Slave target UUID. More...
 
gchar * slave_config_uuid = NULL
 Slave config UUID. More...
 
gchar * slave_task_uuid = NULL
 Slave task UUID. More...
 
gchar * slave_report_uuid = NULL
 Slave report UUID. More...
 
openvas_connection_t * slave_connection = NULL
 Slave session. More...
 
int authenticate_allow_all = 0
 Flag for manage_auth_allow_all. More...
 
gchar * schedule_user_uuid = NULL
 UUID of user whose scheduled task is to be started (in connection with authenticate_allow_all). More...
 

Detailed Description

The OpenVAS Manager management library.

This file defines a management library, for implementing OpenVAS Managers such as the OpenVAS Manager daemon.

This library provides facilities for storing and manipulating credential and task information, and manipulating reports. Task manipulation includes sending task commands to the OTP server (the "scanner") that is running the tasks.

Definition in file manage.c.

Macro Definition Documentation

◆ _GNU_SOURCE

#define _GNU_SOURCE

Definition at line 43 of file manage.c.

◆ _XOPEN_SOURCE

#define _XOPEN_SOURCE

Definition at line 41 of file manage.c.

◆ CERT_BUND_ADV_FILENAME_FMT

#define CERT_BUND_ADV_FILENAME_FMT   OPENVAS_CERT_DATA_DIR "/CB-K%02d.xml"

CERT-Bund data files location format string.

d should be the year without the century (expressed as YY),

Definition at line 129 of file manage.c.

◆ CERT_BUND_ADV_GETBYNAME_XSL

#define CERT_BUND_ADV_GETBYNAME_XSL   OPENVAS_CERT_RES_DIR "/cert_bund_getbyname.xsl"

CERT_BUND_ADV selection stylesheet location.

Definition at line 105 of file manage.c.

◆ CERT_TIMESTAMP_FILENAME

#define CERT_TIMESTAMP_FILENAME   OPENVAS_CERT_DATA_DIR "/timestamp"

CERT timestamp location.

Definition at line 147 of file manage.c.

◆ COMMAND

#define COMMAND   "openvasmr 0 titles"

Command called by get_system_report_types.

Definition at line 5924 of file manage.c.

◆ CPE_DICT_FILENAME

#define CPE_DICT_FILENAME   OPENVAS_SCAP_DATA_DIR "/official-cpe-dictionary_v2.2.xml"

CPE dictionary location.

Definition at line 115 of file manage.c.

◆ CPE_GETBYNAME_XSL

#define CPE_GETBYNAME_XSL   OPENVAS_SCAP_RES_DIR "/cpe_getbyname.xsl"

CPE selection stylesheet location.

Definition at line 90 of file manage.c.

◆ CVE_FILENAME_FMT

#define CVE_FILENAME_FMT   OPENVAS_SCAP_DATA_DIR "/nvdcve-2.0-%d.xml"

CVE data files location format string.

d should be the year expressed as YYYY.

Definition at line 122 of file manage.c.

◆ CVE_GETBYNAME_XSL

#define CVE_GETBYNAME_XSL   OPENVAS_SCAP_RES_DIR "/cve_getbyname.xsl"

CVE selection stylesheet location.

Definition at line 95 of file manage.c.

◆ DEF

#define DEF (   x)
Value:
const char* x = nvt_iterator_ ## x (nvts); \
gchar* x ## _text = x \
? g_markup_escape_text (x, -1) \
: g_strdup ("");

Define a code snippet for get_nvti_xml.

Parameters
xPrefix for names in snippet.

Definition at line 7638 of file manage.c.

◆ DEFAULT_DURATION

#define DEFAULT_DURATION   86400L

Definition at line 6222 of file manage.c.

◆ DFN_CERT_ADV_FILENAME_FMT

#define DFN_CERT_ADV_FILENAME_FMT   OPENVAS_CERT_DATA_DIR "/dfn-cert-%04d.xml"

DFN-CERT data files location format string.

First d should be the year expressed as YYYY, second d should be should be Month expressed as MM.

Definition at line 137 of file manage.c.

◆ DFN_CERT_ADV_GETBYNAME_XSL

#define DFN_CERT_ADV_GETBYNAME_XSL   OPENVAS_CERT_RES_DIR "/dfn_cert_getbyname.xsl"

DFN_CERT_ADV selection stylesheet location.

Definition at line 110 of file manage.c.

◆ FALLBACK_SYSTEM_REPORT_HEADER

#define FALLBACK_SYSTEM_REPORT_HEADER
Value:
"This is the most basic, fallback report. The system can be configured to\n" \
"produce more powerful reports. Please contact your system administrator\n" \
"for more information.\n\n"

Header for fallback system report.

Definition at line 6217 of file manage.c.

◆ G_LOG_DOMAIN

#define G_LOG_DOMAIN   "md manage"

GLib log domain.

Definition at line 85 of file manage.c.

◆ MAX_CHECKS_DEFAULT

#define MAX_CHECKS_DEFAULT   "4"

Default for Scanner max_checks preference.

Definition at line 152 of file manage.c.

◆ MAX_HOSTS_DEFAULT

#define MAX_HOSTS_DEFAULT   "20"

Default for Scanner max_hosts preference.

Definition at line 157 of file manage.c.

◆ OVALDEF_GETBYNAME_XSL

#define OVALDEF_GETBYNAME_XSL   OPENVAS_SCAP_RES_DIR "/ovaldef_getbyname.xsl"

OVALDEF selection stylesheet location.

Definition at line 100 of file manage.c.

◆ RUN_SLAVE_TASK_SLEEP_SECONDS

#define RUN_SLAVE_TASK_SLEEP_SECONDS   25

Number of seconds to sleep between polls to slave.

Definition at line 1965 of file manage.c.

◆ SCAP_TIMESTAMP_FILENAME

#define SCAP_TIMESTAMP_FILENAME   OPENVAS_SCAP_DATA_DIR "/timestamp"

SCAP timestamp location.

Definition at line 142 of file manage.c.

◆ ZERO_SEVERITY_INDEX

#define ZERO_SEVERITY_INDEX   4

Definition at line 779 of file manage.c.

Function Documentation

◆ acknowledge_bye()

int acknowledge_bye ( )

Acknowledge a scanner BYE.

Returns
0 on success, -1 if out of space in scanner output buffer.

Definition at line 5705 of file manage.c.

5706 {
5707  if (send_to_server ("CLIENT <|> BYE <|> ACK\n"))
5708  return -1;
5709  return 0;
5710 }
int send_to_server(const char *msg)
Send a message to the server.

References send_to_server().

Here is the call graph for this function:

◆ acknowledge_feed_version_info()

int acknowledge_feed_version_info ( )

Acknowledge scanner PLUGINS_FEED_VERSION message,.

requesting all plugin info.

Returns
0 on success, -1 if out of space in scanner output buffer.

Definition at line 5719 of file manage.c.

5720 {
5721  if (send_to_server ("CLIENT <|> COMPLETE_LIST <|> CLIENT\n"))
5722  return -1;
5723  return 0;
5724 }
int send_to_server(const char *msg)
Send a message to the server.

References send_to_server().

Here is the call graph for this function:

◆ alert_condition_description()

gchar* alert_condition_description ( alert_condition_t  condition,
alert_t  alert 
)

Get a description of an alert condition.

Parameters
[in]conditionCondition.
[in]alertAlert.
Returns
Freshly allocated description of condition.

Definition at line 1063 of file manage.c.

1065 {
1066  switch (condition)
1067  {
1069  return g_strdup ("Always");
1071  {
1072  char *level;
1073  gchar *ret;
1074 
1075  level = alert_data (alert, "condition", "severity");
1076  ret = g_strdup_printf ("Filter count at least %s",
1077  level ? level : "0");
1078  free (level);
1079  return ret;
1080  }
1082  return g_strdup ("Filter count changed");
1084  {
1085  char *level = alert_data (alert, "condition", "severity");
1086  gchar *ret = g_strdup_printf ("Task severity is at least '%s'",
1087  level);
1088  free (level);
1089  return ret;
1090  }
1092  {
1093  char *direction;
1094  direction = alert_data (alert, "condition", "direction");
1095  gchar *ret = g_strdup_printf ("Task severity %s", direction);
1096  free (direction);
1097  return ret;
1098  }
1099  default:
1100  return g_strdup ("Internal Error");
1101  }
1102 }
char * alert_data(alert_t alert, const char *type, const char *name)
Return data associated with an alert.
Definition: manage_sql.c:8810

References ALERT_CONDITION_ALWAYS, ALERT_CONDITION_FILTER_COUNT_AT_LEAST, ALERT_CONDITION_FILTER_COUNT_CHANGED, ALERT_CONDITION_SEVERITY_AT_LEAST, ALERT_CONDITION_SEVERITY_CHANGED, and alert_data().

Here is the call graph for this function:

◆ alert_condition_from_name()

alert_condition_t alert_condition_from_name ( const char *  name)

Get an alert condition from a name.

Parameters
[in]nameCondition name.
Returns
The condition.

Definition at line 1173 of file manage.c.

1174 {
1175  if (strcasecmp (name, "Always") == 0)
1176  return ALERT_CONDITION_ALWAYS;
1177  if (strcasecmp (name, "Filter count at least") == 0)
1179  if (strcasecmp (name, "Filter count changed") == 0)
1181  if (strcasecmp (name, "Severity at least") == 0)
1183  if (strcasecmp (name, "Severity changed") == 0)
1185  return ALERT_CONDITION_ERROR;
1186 }
char name[1]
Definition: lsc_crypt.c:78

References ALERT_CONDITION_ALWAYS, ALERT_CONDITION_ERROR, ALERT_CONDITION_FILTER_COUNT_AT_LEAST, ALERT_CONDITION_FILTER_COUNT_CHANGED, ALERT_CONDITION_SEVERITY_AT_LEAST, and ALERT_CONDITION_SEVERITY_CHANGED.

◆ alert_condition_name()

const char* alert_condition_name ( alert_condition_t  condition)

Get the name of an alert condition.

Parameters
[in]conditionCondition.
Returns
The name of the condition (for example, "Always").

Definition at line 1016 of file manage.c.

1017 {
1018  switch (condition)
1019  {
1021  return "Always";
1023  return "Filter count at least";
1025  return "Filter count changed";
1027  return "Severity at least";
1029  return "Severity changed";
1030  default:
1031  return "Internal Error";
1032  }
1033 }

References ALERT_CONDITION_ALWAYS, ALERT_CONDITION_FILTER_COUNT_AT_LEAST, ALERT_CONDITION_FILTER_COUNT_CHANGED, ALERT_CONDITION_SEVERITY_AT_LEAST, and ALERT_CONDITION_SEVERITY_CHANGED.

◆ alert_method_from_name()

alert_method_t alert_method_from_name ( const char *  name)

Get an alert method from a name.

Parameters
[in]nameMethod name.
Returns
The method.

Definition at line 1215 of file manage.c.

1216 {
1217  if (strcasecmp (name, "Email") == 0)
1218  return ALERT_METHOD_EMAIL;
1219  if (strcasecmp (name, "HTTP Get") == 0)
1220  return ALERT_METHOD_HTTP_GET;
1221  if (strcasecmp (name, "SCP") == 0)
1222  return ALERT_METHOD_SCP;
1223  if (strcasecmp (name, "Send") == 0)
1224  return ALERT_METHOD_SEND;
1225  if (strcasecmp (name, "SMB") == 0)
1226  return ALERT_METHOD_SMB;
1227  if (strcasecmp (name, "SNMP") == 0)
1228  return ALERT_METHOD_SNMP;
1229  if (strcasecmp (name, "Sourcefire Connector") == 0)
1230  return ALERT_METHOD_SOURCEFIRE;
1231  if (strcasecmp (name, "Start Task") == 0)
1232  return ALERT_METHOD_START_TASK;
1233  if (strcasecmp (name, "Syslog") == 0)
1234  return ALERT_METHOD_SYSLOG;
1235  if (strcasecmp (name, "TippingPoint SMS") == 0)
1237  if (strcasecmp (name, "verinice Connector") == 0)
1238  return ALERT_METHOD_VERINICE;
1239  return ALERT_METHOD_ERROR;
1240 }
char name[1]
Definition: lsc_crypt.c:78

References ALERT_METHOD_EMAIL, ALERT_METHOD_ERROR, ALERT_METHOD_HTTP_GET, ALERT_METHOD_SCP, ALERT_METHOD_SEND, ALERT_METHOD_SMB, ALERT_METHOD_SNMP, ALERT_METHOD_SOURCEFIRE, ALERT_METHOD_START_TASK, ALERT_METHOD_SYSLOG, ALERT_METHOD_TIPPINGPOINT, and ALERT_METHOD_VERINICE.

◆ alert_method_name()

const char* alert_method_name ( alert_method_t  method)

Get the name of an alert method.

Parameters
[in]methodMethod.
Returns
The name of the method (for example, "Email" or "SNMP").

Definition at line 1146 of file manage.c.

1147 {
1148  switch (method)
1149  {
1150  case ALERT_METHOD_EMAIL: return "Email";
1151  case ALERT_METHOD_HTTP_GET: return "HTTP Get";
1152  case ALERT_METHOD_SCP: return "SCP";
1153  case ALERT_METHOD_SEND: return "Send";
1154  case ALERT_METHOD_SMB: return "SMB";
1155  case ALERT_METHOD_SNMP: return "SNMP";
1156  case ALERT_METHOD_SOURCEFIRE: return "Sourcefire Connector";
1157  case ALERT_METHOD_START_TASK: return "Start Task";
1158  case ALERT_METHOD_SYSLOG: return "Syslog";
1159  case ALERT_METHOD_TIPPINGPOINT:return "TippingPoint SMS";
1160  case ALERT_METHOD_VERINICE: return "verinice Connector";
1161  default: return "Internal Error";
1162  }
1163 }

References ALERT_METHOD_EMAIL, ALERT_METHOD_HTTP_GET, ALERT_METHOD_SCP, ALERT_METHOD_SEND, ALERT_METHOD_SMB, ALERT_METHOD_SNMP, ALERT_METHOD_SOURCEFIRE, ALERT_METHOD_START_TASK, ALERT_METHOD_SYSLOG, ALERT_METHOD_TIPPINGPOINT, and ALERT_METHOD_VERINICE.

◆ buffer_config_preference_xml()

void buffer_config_preference_xml ( GString *  buffer,
iterator_t prefs,
config_t  config,
int  hide_passwords 
)

Buffer XML for the NVT preference of a config.

Todo:
g_convert back to ISO-8559-1 for scanner?
Parameters
[in]bufferBuffer.
[in]prefsNVT preference iterator.
[in]configConfig.
[in]hide_passwordsWhether to hide passwords.

Definition at line 11120 of file omp.c.

11122 {
11123  char *real_name, *type, *value, *nvt;
11124  const char *default_value;
11125  char *oid = NULL;
11126 
11127  real_name = nvt_preference_iterator_real_name (prefs);
11128  type = nvt_preference_iterator_type (prefs);
11129  value = nvt_preference_iterator_config_value (prefs, config);
11130  nvt = nvt_preference_iterator_nvt (prefs);
11131 
11132  default_value = nvt_preference_iterator_value (prefs);
11133 
11134  if (nvt) oid = nvt_oid (nvt);
11135 
11136  buffer_xml_append_printf (buffer,
11137  "<preference>"
11138  "<nvt oid=\"%s\"><name>%s</name></nvt>"
11139  "<hr_name>%s</hr_name>"
11140  "<name>%s</name>"
11141  "<type>%s</type>",
11142  oid ? oid : "",
11143  nvt ? nvt : "",
11144  real_name ? real_name : "",
11145  real_name ? real_name : "",
11146  type ? type : "");
11147 
11148  if (value
11149  && type
11150  && (strcmp (type, "radio") == 0))
11151  {
11152  /* Handle the other possible values. */
11153  char *pos = strchr (value, ';');
11154  if (pos) *pos = '\0';
11155  buffer_xml_append_printf (buffer, "<value>%s</value>", value);
11156  while (pos)
11157  {
11158  char *pos2 = strchr (++pos, ';');
11159  if (pos2) *pos2 = '\0';
11160  buffer_xml_append_printf (buffer, "<alt>%s</alt>", pos);
11161  pos = pos2;
11162  }
11163  }
11164  else if (value
11165  && type
11166  && hide_passwords
11167  && (strcmp (type, "password") == 0))
11168  buffer_xml_append_printf (buffer, "<value></value>");
11169  else
11170  buffer_xml_append_printf (buffer, "<value>%s</value>", value ? value : "");
11171 
11172  if (default_value
11173  && type
11174  && (strcmp (type, "radio") == 0))
11175  {
11176  /* Handle the other possible values. */
11177  char *pos = strchr (default_value, ';');
11178  if (pos) *pos = '\0';
11179  buffer_xml_append_printf (buffer, "<default>%s</default>", default_value);
11180  }
11181  else if (default_value
11182  && type
11183  && (strcmp (type, "password") == 0))
11184  buffer_xml_append_printf (buffer, "<default></default>");
11185  else
11186  buffer_xml_append_printf (buffer, "<default>%s</default>", default_value
11187  ? default_value
11188  : "");
11189 
11190  buffer_xml_append_printf (buffer, "</preference>");
11191 
11192  free (real_name);
11193  free (type);
11194  free (value);
11195  free (nvt);
11196  free (oid);
11197 }
char * nvt_oid(const char *)
const char * nvt_preference_iterator_value(iterator_t *)
char * value
Definition: lsc_crypt.c:77
char * nvt_preference_iterator_type(iterator_t *)
char * nvt_preference_iterator_real_name(iterator_t *)
char * nvt_preference_iterator_nvt(iterator_t *)
char * nvt_preference_iterator_config_value(iterator_t *, config_t)

References nvt_oid(), nvt_preference_iterator_config_value(), nvt_preference_iterator_nvt(), nvt_preference_iterator_real_name(), nvt_preference_iterator_type(), nvt_preference_iterator_value(), and create_port_list_range::type.

Here is the call graph for this function:

◆ certificate_iso_time()

gchar* certificate_iso_time ( time_t  time)

Converts a certificate time to an ISO time string.

Parameters
[in]timeThe time as a time_t.
Returns
Newly allocated string.

Definition at line 352 of file manage.c.

353 {
354  if (time == 0)
355  return (g_strdup ("unlimited"));
356  else if (time == -1)
357  return (g_strdup ("unknown"));
358  else
359  return (g_strdup (iso_time (&time)));
360 }
char * iso_time(time_t *)
Create an ISO time from seconds since epoch.
Definition: manage_sql.c:1138

References iso_time().

Here is the call graph for this function:

◆ certificate_time_status()

const gchar* certificate_time_status ( time_t  activates,
time_t  expires 
)

Tests the activation and expiration time of a certificate.

Parameters
[in]activatesActivation time.
[in]expiresExpiration time.
Returns
Static status string.

Definition at line 371 of file manage.c.

372 {
373  time_t now;
374  time (&now);
375 
376  if (activates == -1 || expires == -1)
377  return "unknown";
378  else if (activates > now)
379  return "inactive";
380  else if (expires != 0 && expires < now)
381  return "expired";
382  else
383  return "valid";
384 }

◆ cleanup_file_iterator()

void cleanup_file_iterator ( file_iterator_t iterator)

Cleanup a report type iterator.

Parameters
[in]iteratorIterator.

Definition at line 7143 of file manage.c.

7144 {
7145  array_free (iterator->start);
7146  g_free (iterator->dir_name);
7147 }
A generic SQL iterator.
Definition: iterator.h:52

◆ cleanup_report_type_iterator()

void cleanup_report_type_iterator ( report_type_iterator_t iterator)

Cleanup a report type iterator.

Parameters
[in]iteratorIterator.

Definition at line 6066 of file manage.c.

6067 {
6068  g_strfreev (iterator->start);
6069 }
A generic SQL iterator.
Definition: iterator.h:52

◆ cleanup_severity_data()

void cleanup_severity_data ( severity_data_t data)

Clean up a severity data structure.

Parameters
[in]dataThe data structure to initialize.

Definition at line 848 of file manage.c.

849 {
850  g_free (data->counts);
851 }
int * counts
Definition: manage.h:988

References severity_data_t::counts.

◆ credential_full_type()

const char* credential_full_type ( const char *  abbreviation)

Get the written-out name of an LSC Credential type.

Parameters
[in]abbreviationThe type abbreviation.
Returns
The written-out type name.

Definition at line 5797 of file manage.c.

5798 {
5799  if (abbreviation == NULL)
5800  return NULL;
5801  else if (strcasecmp (abbreviation, "cc") == 0)
5802  return "client certificate";
5803  else if (strcasecmp (abbreviation, "snmp") == 0)
5804  return "SNMP";
5805  else if (strcasecmp (abbreviation, "up") == 0)
5806  return "username + password";
5807  else if (strcasecmp (abbreviation, "usk") == 0)
5808  return "username + SSH key";
5809  else
5810  return abbreviation;
5811 }

◆ delete_reports()

int delete_reports ( task_t  task)

Delete all the reports for a task.

It's up to the caller to ensure that this runs in a contention safe context (for example within an SQL transaction).

Parameters
[in]taskA task descriptor.
Returns
0 on success, -1 on error.

Definition at line 733 of file manage.c.

734 {
735  report_t report;
738  while (next_report (&iterator, &report))
739  if (delete_report_internal (report))
740  {
742  return -1;
743  }
745  return 0;
746 }
A generic SQL iterator.
Definition: iterator.h:52
void init_report_iterator_task(iterator_t *, task_t)
long long int report_t
Definition: manage.h:288
gboolean next_report(iterator_t *, report_t *)
int delete_report_internal(report_t)
void cleanup_iterator(iterator_t *)
Cleanup an iterator.
Definition: sql.c:664

References cleanup_iterator(), delete_report_internal(), init_report_iterator_task(), and next_report().

Here is the call graph for this function:

◆ delete_slave_task()

int delete_slave_task ( const gchar *  host,
int  port,
const gchar *  username,
const gchar *  password,
const char *  slave_task_uuid 
)

Delete a task on a slave.

Parameters
[in]hostSlave host.
[in]portSlave port.
[in]usernameSlave username.
[in]passwordSlave password.
[in]slave_task_uuidUUID of task on slave.
Returns
0 success, -1 error.

Definition at line 7311 of file manage.c.

7313 {
7314  int socket;
7315  gnutls_session_t session;
7316  entity_t get_tasks, get_targets, entity, task, credential, port_list;
7319 
7320  omp_delete_opts_t del_opts = omp_delete_opts_ultimate_defaults;
7321 
7322  /* Connect to the slave. */
7323 
7324  g_debug (" %s: host: %s\n", __FUNCTION__, host);
7325 
7326  socket = openvas_server_open (&session, host, port);
7327  if (socket == -1) return -1;
7328 
7329  g_debug (" %s: connected\n", __FUNCTION__);
7330 
7331  /* Authenticate using the slave login. */
7332 
7333  if (omp_authenticate (&session, username, password))
7334  return -1;
7335 
7336  g_debug (" %s: authenticated\n", __FUNCTION__);
7337 
7338  /* Get the UUIDs of the slave resources. */
7339 
7340  if (omp_get_tasks (&session, slave_task_uuid, 0, 0, &get_tasks))
7341  goto fail;
7342 
7343  task = entity_child (get_tasks, "task");
7344  if (task == NULL)
7345  goto fail_free_task;
7346 
7347  entity = entity_child (task, "config");
7348  if (entity == NULL)
7349  goto fail_free_task;
7350  slave_config_uuid = entity_attribute (entity, "id");
7351 
7352  entity = entity_child (task, "target");
7353  if (entity == NULL)
7354  goto fail_free_task;
7355  slave_target_uuid = entity_attribute (entity, "id");
7356 
7357  if (omp_get_targets (&session, slave_target_uuid, 0, 0, &get_targets))
7358  goto fail_free_task;
7359 
7360  entity = entity_child (get_targets, "target");
7361  if (entity == NULL)
7362  goto fail_free;
7363 
7364  port_list = entity_child (entity, "port_list");
7365  if (port_list == NULL)
7366  goto fail_free;
7367  slave_port_list_uuid = entity_attribute (port_list, "id");
7368 
7369  credential = entity_child (entity, "ssh_credential");
7370  if (credential == NULL)
7371  goto fail_free;
7372  slave_ssh_credential_uuid = entity_attribute (credential, "id");
7373 
7374  credential = entity_child (entity, "smb_credential");
7375  if (credential == NULL)
7376  goto fail_free;
7377  slave_smb_credential_uuid = entity_attribute (credential, "id");
7378 
7379  /* Remove the slave resources. */
7380 
7381  omp_stop_task (&session, slave_task_uuid);
7382  if (omp_delete_task_ext (&session, slave_task_uuid, del_opts))
7383  goto fail_config;
7384  if (omp_delete_config_ext (&session, slave_config_uuid, del_opts))
7385  goto fail_target;
7386  if (omp_delete_target_ext (&session, slave_target_uuid, del_opts))
7387  goto fail_credential;
7388  if (omp_delete_port_list_ext (&session, slave_port_list_uuid, del_opts))
7389  goto fail_credential;
7390  if (omp_delete_lsc_credential_ext (&session, slave_smb_credential_uuid,
7391  del_opts))
7392  goto fail;
7393  if (omp_delete_lsc_credential_ext (&session, slave_ssh_credential_uuid,
7394  del_opts))
7395  goto fail;
7396 
7397  /* Cleanup. */
7398 
7399  free_entity (get_targets);
7400  free_entity (get_tasks);
7401  openvas_server_close (socket, session);
7402  return 0;
7403 
7404  fail_config:
7405  omp_delete_config_ext (&session, slave_config_uuid, del_opts);
7406  fail_target:
7407  omp_delete_target_ext (&session, slave_target_uuid, del_opts);
7408  omp_delete_port_list_ext (&session, slave_port_list_uuid, del_opts);
7409  fail_credential:
7410  omp_delete_lsc_credential_ext (&session, slave_smb_credential_uuid, del_opts);
7411  omp_delete_lsc_credential_ext (&session, slave_ssh_credential_uuid, del_opts);
7412  fail_free:
7413  free_entity (get_targets);
7414  fail_free_task:
7415  free_entity (get_tasks);
7416  fail:
7417  openvas_server_close (socket, session);
7418  return -1;
7419 }
gchar * slave_smb_credential_uuid
Slave credential UUID.
Definition: manage.c:1975
gchar * slave_target_uuid
Slave target UUID.
Definition: manage.c:1990
gchar * slave_port_list_uuid
Slave target UUID.
Definition: manage.c:1995
gchar * slave_ssh_credential_uuid
Slave credential UUID.
Definition: manage.c:1970
gchar * slave_task_uuid
Slave task UUID.
Definition: manage.c:2005
gchar * slave_config_uuid
Slave config UUID.
Definition: manage.c:2000

References slave_config_uuid, slave_port_list_uuid, slave_smb_credential_uuid, slave_ssh_credential_uuid, slave_target_uuid, and slave_task_uuid.

◆ event_description()

gchar* event_description ( event_t  event,
const void *  event_data,
const char *  task_name 
)

Get a description of an alert event.

Parameters
[in]eventEvent.
[in]event_dataEvent data.
[in]task_nameName of task if required in description, else NULL.
Returns
Freshly allocated description of event.

Definition at line 1114 of file manage.c.

1115 {
1116  switch (event)
1117  {
1119  if (task_name)
1120  return g_strdup_printf
1121  ("The security scan task '%s' changed status to '%s'",
1122  task_name,
1123  run_status_name ((task_status_t) event_data));
1124  return g_strdup_printf ("Task status changed to '%s'",
1125  run_status_name ((task_status_t) event_data));
1126  break;
1127  case EVENT_NEW_SECINFO:
1128  return g_strdup_printf ("New SecInfo arrived");
1129  break;
1130  case EVENT_UPDATED_SECINFO:
1131  return g_strdup_printf ("Updated SecInfo arrived");
1132  break;
1133  default:
1134  return g_strdup ("Internal Error");
1135  }
1136 }
task_status_t
Task statuses, also used as scan/report statuses.
Definition: manage.h:218
const char * run_status_name(task_status_t status)
Get the name of a run status.
Definition: manage.c:1253
char * task_name(task_t)
Return the name of a task.
Definition: manage_sql.c:17945

◆ event_from_name()

event_t event_from_name ( const char *  name)

Get an event from a name.

Parameters
[in]nameEvent name.
Returns
The event.

Definition at line 1196 of file manage.c.

1197 {
1198  if (strcasecmp (name, "Task run status changed") == 0)
1200  if (strcasecmp (name, "New SecInfo arrived") == 0)
1201  return EVENT_NEW_SECINFO;
1202  if (strcasecmp (name, "Updated SecInfo arrived") == 0)
1203  return EVENT_UPDATED_SECINFO;
1204  return EVENT_ERROR;
1205 }
char name[1]
Definition: lsc_crypt.c:78

References EVENT_ERROR, EVENT_NEW_SECINFO, EVENT_TASK_RUN_STATUS_CHANGED, and EVENT_UPDATED_SECINFO.

◆ event_name()

const char* event_name ( event_t  event)

Get the name of an alert event.

Parameters
[in]eventEvent.
Returns
The name of the event (for example, "Run status changed").

Definition at line 1043 of file manage.c.

1044 {
1045  switch (event)
1046  {
1047  case EVENT_TASK_RUN_STATUS_CHANGED: return "Task run status changed";
1048  case EVENT_NEW_SECINFO: return "New SecInfo arrived";
1049  case EVENT_UPDATED_SECINFO: return "Updated SecInfo arrived";
1050  default: return "Internal Error";
1051  }
1052 }

◆ file_iterator_content_64()

gchar* file_iterator_content_64 ( file_iterator_t iterator)

Return the file contents from a file iterator.

Parameters
[in]iteratorIterator.
Returns
Freshly allocated file contents, in base64.

Definition at line 7187 of file manage.c.

7188 {
7189  gchar *path_name, *content;
7190  GError *error;
7191  gsize content_size;
7192 
7193  path_name = g_build_filename (iterator->dir_name,
7194  (gchar*) *iterator->current,
7195  NULL);
7196 
7197  /* Read in the contents. */
7198 
7199  error = NULL;
7200  if (g_file_get_contents (path_name,
7201  &content,
7202  &content_size,
7203  &error)
7204  == FALSE)
7205  {
7206  if (error)
7207  {
7208  g_debug ("%s: failed to read %s: %s",
7209  __FUNCTION__, path_name, error->message);
7210  g_error_free (error);
7211  }
7212  g_free (path_name);
7213  return NULL;
7214  }
7215 
7216  g_free (path_name);
7217 
7218  /* Base64 encode the contents. */
7219 
7220  if (content && (content_size > 0))
7221  {
7222  gchar *base64 = g_base64_encode ((guchar*) content, content_size);
7223  g_free (content);
7224  return base64;
7225  }
7226 
7227  return content;
7228 }
A generic SQL iterator.
Definition: iterator.h:52

◆ file_iterator_name()

const char* file_iterator_name ( file_iterator_t iterator)

Return the name from a file iterator.

Parameters
[in]iteratorIterator.
Returns
File name.

Definition at line 7174 of file manage.c.

7175 {
7176  return (const char*) *iterator->current;
7177 }
A generic SQL iterator.
Definition: iterator.h:52

◆ get_certificate_info()

int get_certificate_info ( const gchar *  certificate,
time_t *  activation_time,
time_t *  expiration_time,
gchar **  fingerprint,
gchar **  issuer 
)

Gathers info from a certificate.

Parameters
[in]certificateThe certificate to get data from.
[out]activation_timePointer to write activation time to.
[out]expiration_timePointer to write expiration time to.
[out]fingerprintPointer for newly allocated fingerprint.
[out]issuerPointer for newly allocated issuer DN.
Returns
0 success, -1 error.

Definition at line 252 of file manage.c.

255 {
256  gchar *cert_truncated;
257 
258  cert_truncated = NULL;
259  if (activation_time)
260  *activation_time = -1;
261  if (expiration_time)
262  *expiration_time = -1;
263  if (fingerprint)
264  *fingerprint = NULL;
265  if (issuer)
266  *issuer = NULL;
267 
268  if (certificate)
269  {
270  int err;
271  gnutls_datum_t cert_datum;
272  gnutls_x509_crt_t gnutls_cert;
273 
274  cert_truncated = truncate_certificate (certificate);
275  if (cert_truncated == NULL)
276  {
277  return -1;
278  }
279  cert_datum.data = (unsigned char*) cert_truncated;
280  cert_datum.size = strlen (cert_truncated);
281 
282  gnutls_x509_crt_init (&gnutls_cert);
283  err = gnutls_x509_crt_import (gnutls_cert, &cert_datum,
284  GNUTLS_X509_FMT_PEM);
285  if (err)
286  {
287  g_free (cert_truncated);
288  return -1;
289  }
290 
291  if (activation_time)
292  {
293  *activation_time
294  = gnutls_x509_crt_get_activation_time (gnutls_cert);
295  }
296 
297  if (expiration_time)
298  {
299  *expiration_time
300  = gnutls_x509_crt_get_expiration_time (gnutls_cert);
301  }
302 
303  if (fingerprint) {
304  int i;
305  size_t buffer_size = 16;
306  unsigned char buffer[buffer_size];
307  GString *string;
308 
309  string = g_string_new ("");
310 
311  gnutls_x509_crt_get_fingerprint(gnutls_cert, GNUTLS_DIG_MD5,
312  buffer, &buffer_size);
313 
314  for (i = 0; i < buffer_size; i++)
315  {
316  if (i != 0)
317  {
318  g_string_append_c (string, ':');
319  }
320  g_string_append_printf(string, "%02x", buffer[i]);
321  }
322 
323  *fingerprint = string->str;
324  g_string_free (string, FALSE);
325  }
326 
327  if (issuer)
328  {
329  size_t buffer_size;
330  gchar *buffer;
331  gnutls_x509_crt_get_issuer_dn(gnutls_cert, NULL, &buffer_size);
332  buffer = g_malloc(buffer_size);
333  gnutls_x509_crt_get_issuer_dn(gnutls_cert, buffer, &buffer_size);
334 
335  *issuer = buffer;
336  }
337 
338  gnutls_x509_crt_deinit (gnutls_cert);
339  g_free (cert_truncated);
340  }
341  return 0;
342 }
gchar * truncate_certificate(const gchar *certificate)
Truncate a certificate, removing extra data.
Definition: manage.c:174

References truncate_certificate().

Here is the call graph for this function:

◆ get_nvti_xml()

gchar* get_nvti_xml ( iterator_t nvts,
int  details,
int  pref_count,
int  preferences,
const char *  timeout,
config_t  config,
int  close_tag 
)

Create and return XML description for an NVT.

Parameters
[in]nvtsThe NVT.
[in]detailsIf true, detailed XML, else simple XML.
[in]pref_countPreference count. Used if details is true.
[in]preferencesIf true, included preferences.
[in]timeoutTimeout. Used if details is true.
[in]configConfig, used if preferences is true.
[in]close_tagWhether to close the NVT tag or not.
Returns
A dynamically allocated string containing the XML description.

Definition at line 7658 of file manage.c.

7661 {
7662  const char* oid = nvt_iterator_oid (nvts);
7663  const char* name = nvt_iterator_name (nvts);
7664  gchar* msg;
7665 
7666  gchar* name_text = g_markup_escape_text (name, strlen (name));
7667  if (details)
7668  {
7669  GString *cert_refs_str, *tags_str, *buffer;
7670  iterator_t cert_refs_iterator, tags;
7671  gchar *tag_name_esc, *tag_value_esc, *tag_comment_esc;
7672 
7673  DEF (copyright);
7674  DEF (family);
7675  DEF (version);
7676  DEF (xref);
7677  DEF (tag);
7678 
7679 #undef DEF
7680 
7681  cert_refs_str = g_string_new ("");
7682  if (manage_cert_loaded())
7683  {
7684  init_nvt_cert_bund_adv_iterator (&cert_refs_iterator, oid, 0, 0);
7685  while (next (&cert_refs_iterator))
7686  {
7687  g_string_append_printf (cert_refs_str,
7688  "<cert_ref type=\"CERT-Bund\" id=\"%s\"/>",
7689  get_iterator_name (&cert_refs_iterator));
7690  }
7691  cleanup_iterator (&cert_refs_iterator);
7692 
7693  init_nvt_dfn_cert_adv_iterator (&cert_refs_iterator, oid, 0, 0);
7694  while (next (&cert_refs_iterator))
7695  {
7696  g_string_append_printf (cert_refs_str,
7697  "<cert_ref type=\"DFN-CERT\" id=\"%s\"/>",
7698  get_iterator_name (&cert_refs_iterator));
7699  }
7700  cleanup_iterator (&cert_refs_iterator);
7701  }
7702  else
7703  {
7704  g_string_append (cert_refs_str, "<warning>database not available</warning>");
7705  }
7706 
7707  tags_str = g_string_new ("");
7708  g_string_append_printf (tags_str,
7709  "<count>%i</count>",
7710  resource_tag_count ("nvt",
7712  (nvts),
7713  1));
7714 
7715  init_resource_tag_iterator (&tags, "nvt",
7716  get_iterator_resource (nvts),
7717  1, NULL, 1);
7718  while (next (&tags))
7719  {
7720  tag_name_esc = g_markup_escape_text (resource_tag_iterator_name
7721  (&tags),
7722  -1);
7723  tag_value_esc = g_markup_escape_text (resource_tag_iterator_value
7724  (&tags),
7725  -1);
7726  tag_comment_esc = g_markup_escape_text (resource_tag_iterator_comment
7727  (&tags),
7728  -1);
7729  g_string_append_printf (tags_str,
7730  "<tag id=\"%s\">"
7731  "<name>%s</name>"
7732  "<value>%s</value>"
7733  "<comment>%s</comment>"
7734  "</tag>",
7736  tag_name_esc,
7737  tag_value_esc,
7738  tag_comment_esc);
7739  g_free (tag_name_esc);
7740  g_free (tag_value_esc);
7741  g_free (tag_comment_esc);
7742  }
7743  cleanup_iterator (&tags);
7744 
7745  buffer = g_string_new ("");
7746 
7747  g_string_append_printf (buffer,
7748  "<nvt oid=\"%s\">"
7749  "<name>%s</name>"
7750  "<creation_time>%s</creation_time>"
7751  "<modification_time>%s</modification_time>"
7752  "<user_tags>%s</user_tags>"
7753  "<category>%s</category>"
7754  "<copyright>%s</copyright>"
7755  "<family>%s</family>"
7756  "<version>%s</version>"
7757  "<cvss_base>%s</cvss_base>"
7758  "<qod>"
7759  "<value>%s</value>"
7760  "<type>%s</type>"
7761  "</qod>"
7762  "<cve_id>%s</cve_id>"
7763  "<bugtraq_id>%s</bugtraq_id>"
7764  "<cert_refs>%s</cert_refs>"
7765  "<xrefs>%s</xrefs>"
7766  "<tags>%s</tags>"
7767  "<preference_count>%i</preference_count>"
7768  "<timeout>%s</timeout>",
7769  oid,
7770  name_text,
7773  : "",
7776  : "",
7777  tags_str->str,
7778  category_name (nvt_iterator_category (nvts)),
7779  copyright_text,
7780  family_text,
7781  version_text,
7782  nvt_iterator_cvss_base (nvts)
7783  ? nvt_iterator_cvss_base (nvts)
7784  : "",
7785  nvt_iterator_qod (nvts),
7786  nvt_iterator_qod_type (nvts),
7787  nvt_iterator_cve (nvts),
7788  nvt_iterator_bid (nvts),
7789  cert_refs_str->str,
7790  xref_text,
7791  tag_text,
7792  pref_count,
7793  timeout ? timeout : "");
7794  g_free (copyright_text);
7795  g_free (family_text);
7796  g_free (version_text);
7797  g_free (xref_text);
7798  g_free (tag_text);
7799  g_string_free(cert_refs_str, 1);
7800  g_string_free(tags_str, 1);
7801 
7802  if (preferences)
7803  {
7804  iterator_t prefs;
7805  const char *nvt_name = nvt_iterator_name (nvts);
7806 
7807  /* Send the preferences for the NVT. */
7808 
7809  xml_string_append (buffer,
7810  "<preferences>"
7811  "<timeout>%s</timeout>",
7812  timeout ? timeout : "");
7813 
7814  init_nvt_preference_iterator (&prefs, nvt_name);
7815  while (next (&prefs))
7816  buffer_config_preference_xml (buffer, &prefs, config, 1);
7817  cleanup_iterator (&prefs);
7818 
7819  xml_string_append (buffer, "</preferences>");
7820  }
7821 
7822  xml_string_append (buffer, close_tag ? "</nvt>" : "");
7823  msg = g_string_free (buffer, FALSE);
7824  }
7825  else
7826  msg = g_strdup_printf
7827  ("<nvt oid=\"%s\"><name>%s</name>"
7828  "<user_tags><count>%i</count></user_tags>%s",
7829  oid, name_text,
7830  resource_tag_count ("nvt", get_iterator_resource (nvts), 1),
7831  close_tag ? "</nvt>" : "");
7832  g_free (name_text);
7833  return msg;
7834 }
const char * resource_tag_iterator_value(iterator_t *)
const char * nvt_iterator_qod(iterator_t *)
void init_nvt_cert_bund_adv_iterator(iterator_t *, const char *, int, const char *)
resource_t get_iterator_resource(iterator_t *)
const char * get_iterator_name(iterator_t *)
int nvt_iterator_category(iterator_t *)
const char * resource_tag_iterator_uuid(iterator_t *)
const char * get_iterator_modification_time(iterator_t *)
A generic SQL iterator.
Definition: iterator.h:52
const char * nvt_iterator_cvss_base(iterator_t *)
const char * resource_tag_iterator_comment(iterator_t *)
int manage_cert_loaded()
Check whether CERT is available.
Definition: manage_pg.c:2643
const char * nvt_iterator_cve(iterator_t *)
const char * nvt_iterator_name(iterator_t *)
const char * nvt_iterator_bid(iterator_t *)
void init_nvt_dfn_cert_adv_iterator(iterator_t *, const char *, int, const char *)
const char * nvt_iterator_qod_type(iterator_t *iterator)
#define DEF(x)
Define a code snippet for get_nvti_xml.
Definition: manage.c:7638
const char * get_iterator_creation_time(iterator_t *)
void buffer_config_preference_xml(GString *, iterator_t *, config_t, int)
Buffer XML for the NVT preference of a config.
Definition: omp.c:11120
void init_nvt_preference_iterator(iterator_t *, const char *)
int init_resource_tag_iterator(iterator_t *, const char *, resource_t, int, const char *, int)
void cleanup_iterator(iterator_t *)
Cleanup an iterator.
Definition: sql.c:664
int resource_tag_count(const char *, resource_t, int)
const char * nvt_iterator_oid(iterator_t *)
gboolean next(iterator_t *)
Increment an iterator.
Definition: sql.c:689
char name[1]
Definition: lsc_crypt.c:78
const char * resource_tag_iterator_name(iterator_t *)

References cleanup_iterator(), DEF, get_iterator_creation_time(), get_iterator_modification_time(), get_iterator_name(), get_iterator_resource(), init_nvt_cert_bund_adv_iterator(), init_nvt_dfn_cert_adv_iterator(), init_resource_tag_iterator(), manage_cert_loaded(), next(), nvt_iterator_name(), nvt_iterator_oid(), resource_tag_count(), resource_tag_iterator_comment(), resource_tag_iterator_name(), resource_tag_iterator_uuid(), and resource_tag_iterator_value().

Here is the call graph for this function:

◆ get_schedule_timeout()

int get_schedule_timeout ( )

Get the current schedule timeout.

Returns
The schedule timeout in minutes.

Definition at line 6917 of file manage.c.

6918 {
6919  return schedule_timeout;
6920 }

◆ get_scheduled_user_uuid()

gchar* get_scheduled_user_uuid ( )

Access UUID of user that scheduled the current task.

Returns
UUID of user that scheduled the current task.

Definition at line 6451 of file manage.c.

6452 {
6453  return schedule_user_uuid;
6454 }
gchar * schedule_user_uuid
UUID of user whose scheduled task is to be started (in connection with authenticate_allow_all).
Definition: manage.c:6432

References schedule_user_uuid.

Referenced by authenticate().

Here is the caller graph for this function:

◆ init_report_format_file_iterator()

int init_report_format_file_iterator ( file_iterator_t iterator,
report_format_t  report_format 
)

Initialise a report format file iterator.

Parameters
[in]iteratorIterator.
[in]report_formatSingle report format to iterate over, NULL for all.
Returns
0 on success, -1 on error.

Definition at line 7096 of file manage.c.

7098 {
7099  gchar *dir_name, *uuid;
7100 
7101  uuid = report_format_uuid (report_format);
7102  if (uuid == NULL)
7103  return -1;
7104 
7105  if (report_format_predefined (report_format))
7106  dir_name = predefined_report_format_dir (uuid);
7107  else
7108  {
7109  gchar *owner_uuid;
7110 
7111  owner_uuid = report_format_owner_uuid (report_format);
7112  if (owner_uuid == NULL)
7113  return -1;
7114  dir_name = g_build_filename (OPENVAS_STATE_DIR,
7115  "openvasmd",
7116  "report_formats",
7117  owner_uuid,
7118  uuid,
7119  NULL);
7120  g_free (owner_uuid);
7121  }
7122 
7123  g_free (uuid);
7124 
7125  if (get_report_format_files (dir_name, &iterator->start))
7126  {
7127  g_free (dir_name);
7128  return -1;
7129  }
7130 
7131  iterator->current = iterator->start->pdata;
7132  iterator->current--;
7133  iterator->dir_name = dir_name;
7134  return 0;
7135 }
int report_format_predefined(report_format_t)
char * report_format_owner_uuid(report_format_t)
A generic SQL iterator.
Definition: iterator.h:52
gchar * predefined_report_format_dir(const gchar *uuid)
Get the directory of a report format.
Definition: manage.c:7077
char * report_format_uuid(report_format_t)

References predefined_report_format_dir(), report_format_owner_uuid(), report_format_predefined(), and report_format_uuid().

Here is the call graph for this function:

◆ init_severity_data()

void init_severity_data ( severity_data_t data)

Initialize a severity data structure.

Parameters
[in]dataThe data structure to initialize.

Definition at line 831 of file manage.c.

832 {
833  int max_i;
835 
836  data->counts = g_malloc0 (sizeof (int) * (max_i + 1));
837 
838  data->total = 0;
839  data->max = SEVERITY_MISSING;
840 }
#define SEVERITY_SUBDIVISIONS
Definition: manage_utils.h:46
int * counts
Definition: manage.h:988
double max
Definition: manage.h:990
#define ZERO_SEVERITY_INDEX
Definition: manage.c:779
#define SEVERITY_MISSING
Definition: manage_utils.h:40
#define SEVERITY_MAX
Definition: manage_utils.h:44

References severity_data_t::counts, severity_data_t::max, SEVERITY_MAX, SEVERITY_MISSING, SEVERITY_SUBDIVISIONS, severity_data_t::total, and ZERO_SEVERITY_INDEX.

◆ init_system_report_type_iterator()

int init_system_report_type_iterator ( report_type_iterator_t iterator,
const char *  type,
const char *  slave_id 
)

Initialise a system report type iterator.

Parameters
[in]iteratorIterator.
[in]typeSingle report type to iterate over, NULL for all.
[in]slave_idID of slave to get reports from. 0 for local.
Returns
0 on success, 1 failed to find report type, 2 failed to find slave, 3 used the fallback report, 4 could not connect to slave, 5 authentication failed, 6 failed to get system report, 99 permission denied, -1 on error.

Definition at line 6041 of file manage.c.

6044 {
6045  int ret;
6046 
6047  if (acl_user_may ("get_system_reports") == 0)
6048  return 99;
6049 
6050  ret = get_system_report_types (type, &iterator->start, &iterator->current,
6051  slave_id);
6052  if (ret == 0 || ret == 3)
6053  {
6054  iterator->current--;
6055  return ret;
6056  }
6057  return ret;
6058 }
A generic SQL iterator.
Definition: iterator.h:52
int acl_user_may(const char *operation)
Test whether a user may perform an operation.
Definition: manage_acl.c:56

References acl_user_may().

Here is the call graph for this function:

◆ manage_auth_allow_all()

void manage_auth_allow_all ( int  scheduled)

Ensure that any subsequent authentications succeed.

Parameters
[in]scheduledWhether this is happening from the scheduler.

Definition at line 6440 of file manage.c.

6441 {
6442  authenticate_allow_all = scheduled ? 1 : 2;
6443 }
int authenticate_allow_all
Flag for manage_auth_allow_all.
Definition: manage.c:6426

References authenticate_allow_all.

◆ manage_check_current_task()

int manage_check_current_task ( )

Handle state changes to current task made by other processes.

Returns
0 on success, -1 if out of space in scanner output buffer, 1 if queued to scanner.

Definition at line 5733 of file manage.c.

5734 {
5736  {
5737  task_status_t run_status;
5738 
5739  /* Commit pending transaction if needed. */
5740  manage_transaction_stop (FALSE);
5741 
5742  /* Check if some other process changed the status. */
5743 
5744  run_status = task_run_status (current_scanner_task);
5745  switch (run_status)
5746  {
5748  /* This should only happen for slave tasks. */
5749  assert (0);
5751  if (send_to_server ("CLIENT <|> STOP_WHOLE_TEST <|> CLIENT\n"))
5752  return -1;
5755  return 1;
5756  break;
5758  if (send_to_server ("CLIENT <|> STOP_WHOLE_TEST <|> CLIENT\n"))
5759  return -1;
5762  return 1;
5763  break;
5765  if (send_to_server ("CLIENT <|> STOP_WHOLE_TEST <|> CLIENT\n"))
5766  return -1;
5769  return 1;
5770  break;
5773  case TASK_STATUS_DONE:
5774  case TASK_STATUS_NEW:
5775  case TASK_STATUS_REQUESTED:
5776  case TASK_STATUS_RUNNING:
5778  case TASK_STATUS_STOPPED:
5780  break;
5781  }
5782  }
5783  return 0;
5784 }
task_status_t
Task statuses, also used as scan/report statuses.
Definition: manage.h:218
void set_task_run_status(task_t, task_status_t)
Set the run state of a task.
Definition: manage_sql.c:18307
task_t current_scanner_task
The task currently running on the scanner.
Definition: manage.c:998
task_status_t task_run_status(task_t)
Return the run state of a task.
Definition: manage_sql.c:18238
int send_to_server(const char *msg)
Send a message to the server.
void manage_transaction_stop(gboolean)

References current_scanner_task, manage_transaction_stop(), send_to_server(), set_task_run_status(), task_run_status(), TASK_STATUS_DELETE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_WAITING, TASK_STATUS_DELETE_WAITING, TASK_STATUS_DONE, TASK_STATUS_INTERNAL_ERROR, TASK_STATUS_NEW, TASK_STATUS_REQUESTED, TASK_STATUS_RUNNING, TASK_STATUS_STOP_REQUESTED, TASK_STATUS_STOP_REQUESTED_GIVEUP, TASK_STATUS_STOP_WAITING, and TASK_STATUS_STOPPED.

Referenced by process_omp_change(), and process_otp_scanner_input().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ manage_read_info()

int manage_read_info ( gchar *  type,
gchar *  uid,
gchar *  name,
gchar **  result 
)

Read raw information.

Parameters
[in]typeType of the requested information.
[in]uidUnique identifier of the requested information
[in]nameName or identifier of the requested information.
[out]resultPointer to the read information location. Will point to NULL on error.
Returns
1 success, -1 error.

Definition at line 7889 of file manage.c.

7890 {
7891  gchar *fname;
7892  gchar *pnames[2] = { "refname", NULL };
7893  gchar *pvalues[2] = { name, NULL };
7894 
7895  assert (result != NULL);
7896  *result = NULL;
7897 
7898  if (g_ascii_strcasecmp ("CPE", type) == 0)
7899  {
7900  fname = get_cpe_filename ();
7901  if (fname)
7902  {
7903  gchar *cpe;
7904  cpe = xsl_transform (CPE_GETBYNAME_XSL, fname, pnames, pvalues);
7905  g_free (fname);
7906  if (cpe)
7907  *result = cpe;
7908  }
7909  }
7910  else if (g_ascii_strcasecmp ("CVE", type) == 0)
7911  {
7912  fname = get_cve_filename (uid);
7913  if (fname)
7914  {
7915  gchar *cve;
7916  cve = xsl_transform (CVE_GETBYNAME_XSL, fname, pnames, pvalues);
7917  g_free (fname);
7918  if (cve)
7919  *result = cve;
7920  }
7921  }
7922  else if (g_ascii_strcasecmp ("NVT", type) == 0)
7923  {
7924  iterator_t nvts;
7925  nvt_t nvt;
7926 
7927  if (!find_nvt (name ? name : uid, &nvt) && nvt)
7928  {
7929  init_nvt_iterator (&nvts, nvt, 0, NULL, NULL, 0, NULL);
7930 
7931  if (next (&nvts))
7932  *result = get_nvti_xml (&nvts,
7933  1, /* Include details. */
7934  0, /* Preference count. */
7935  1, /* Include preferences. */
7936  NULL, /* Timeout. */
7937  0, /* Config. */
7938  1); /* Close tag. */
7939 
7940  cleanup_iterator (&nvts);
7941  }
7942  }
7943  else if (g_ascii_strcasecmp ("OVALDEF", type) == 0)
7944  {
7945  fname = get_ovaldef_filename (uid);
7946  if (fname)
7947  {
7948  gchar *ovaldef;
7949  ovaldef = xsl_transform (OVALDEF_GETBYNAME_XSL, fname,
7950  pnames, pvalues);
7951  g_free (fname);
7952  if (ovaldef)
7953  *result = ovaldef;
7954  }
7955  }
7956  else if (g_ascii_strcasecmp ("CERT_BUND_ADV", type) == 0)
7957  {
7958  fname = get_cert_bund_adv_filename (uid);
7959  if (fname)
7960  {
7961  gchar *adv;
7963  pnames, pvalues);
7964  g_free (fname);
7965  if (adv)
7966  *result = adv;
7967  }
7968  }
7969  else if (g_ascii_strcasecmp ("DFN_CERT_ADV", type) == 0)
7970  {
7971  fname = get_dfn_cert_adv_filename (uid);
7972  if (fname)
7973  {
7974  gchar *adv;
7976  pnames, pvalues);
7977  g_free (fname);
7978  if (adv)
7979  *result = adv;
7980  }
7981  }
7982 
7983  if (*result == NULL)
7984  return -1;
7985 
7986  return 1;
7987 }
#define CPE_GETBYNAME_XSL
CPE selection stylesheet location.
Definition: manage.c:90
#define OVALDEF_GETBYNAME_XSL
OVALDEF selection stylesheet location.
Definition: manage.c:100
A generic SQL iterator.
Definition: iterator.h:52
gchar * get_nvti_xml(iterator_t *nvts, int details, int pref_count, int preferences, const char *timeout, config_t config, int close_tag)
Create and return XML description for an NVT.
Definition: manage.c:7658
#define CVE_GETBYNAME_XSL
CVE selection stylesheet location.
Definition: manage.c:95
long long int nvt_t
Definition: manage.h:294
gboolean find_nvt(const char *, nvt_t *)
gchar * xsl_transform(gchar *stylesheet, gchar *xmlfile, gchar **param_names, gchar **param_values)
Run xsltproc in an external process.
Definition: manage.c:7535
void cleanup_iterator(iterator_t *)
Cleanup an iterator.
Definition: sql.c:664
#define DFN_CERT_ADV_GETBYNAME_XSL
DFN_CERT_ADV selection stylesheet location.
Definition: manage.c:110
gboolean next(iterator_t *)
Increment an iterator.
Definition: sql.c:689
void init_nvt_iterator(iterator_t *, nvt_t, config_t, const char *, const char *, int, const char *)
char name[1]
Definition: lsc_crypt.c:78
#define CERT_BUND_ADV_GETBYNAME_XSL
CERT_BUND_ADV selection stylesheet location.
Definition: manage.c:105

◆ manage_scap_update_time()

const char* manage_scap_update_time ( )

GET SCAP update time, as a string.

Returns
Last update time as a static string, or "" on error.

Definition at line 7842 of file manage.c.

7843 {
7844  gchar *content;
7845  GError *error;
7846  gsize content_size;
7847  struct tm update_time;
7848 
7849  /* Read in the contents. */
7850 
7851  error = NULL;
7852  if (g_file_get_contents (SCAP_TIMESTAMP_FILENAME,
7853  &content,
7854  &content_size,
7855  &error)
7856  == FALSE)
7857  {
7858  if (error)
7859  {
7860  g_debug ("%s: failed to read %s: %s",
7861  __FUNCTION__, SCAP_TIMESTAMP_FILENAME, error->message);
7862  g_error_free (error);
7863  }
7864  return "";
7865  }
7866 
7867  memset (&update_time, 0, sizeof (struct tm));
7868  if (strptime (content, "%Y%m%d%H%M", &update_time))
7869  {
7870  static char time_string[100];
7871  strftime (time_string, 99, "%FT%T.000%z", &update_time);
7872  return time_string;
7873  }
7874  return "";
7875 }
#define SCAP_TIMESTAMP_FILENAME
SCAP timestamp location.
Definition: manage.c:142

References SCAP_TIMESTAMP_FILENAME.

◆ manage_schedule()

int manage_schedule ( int(*)(openvas_connection_t *, gchar *)  fork_connection,
gboolean  run_tasks,
sigset_t *  sigmask_current 
)

Schedule any actions that are due.

In openvasmd, periodically called from the main daemon loop.

Parameters
[in]fork_connectionFunction that forks a child which is connected to the Manager. Must return PID in parent, 0 in child, or -1 on error.
[in]run_tasksWhether to run scheduled tasks.
[in]sigmask_currentSigmask to restore in child.
Returns
0 success, 1 failed to get lock, -1 error.

Definition at line 6481 of file manage.c.

6484 {
6485  iterator_t schedules;
6486  GSList *starts = NULL, *stops = NULL;
6487  int ret;
6488  task_t previous_start_task = 0;
6489  task_t previous_stop_task = 0;
6490 
6491  ret = manage_update_nvti_cache ();
6492  if (ret)
6493  {
6494  if (ret == -1)
6495  {
6496  g_warning ("%s: manage_update_nvti_cache error"
6497  " (Perhaps the db went down?)",
6498  __FUNCTION__);
6499  /* Just ignore, in case the db went down temporarily. */
6500  return 0;
6501  }
6502 
6503  return ret;
6504  }
6505 
6506  if (run_tasks == 0)
6507  return 0;
6508 
6509  /* Assemble "starts" and "stops" list containing task uuid and owner name
6510  * for each (scheduled) task to start or stop. */
6511 
6512  ret = init_task_schedule_iterator (&schedules);
6513  if (ret)
6514  {
6515  if (ret == -1)
6516  {
6517  g_warning ("%s: iterator init error"
6518  " (Perhaps the db went down?)",
6519  __FUNCTION__);
6520  /* Just ignore, in case the db went down temporarily. */
6521  return 0;
6522  }
6523 
6524  return ret;
6525  }
6526  /* This iterator runs in an exclusive transaction, so this loop is atomic. */
6527  while (next (&schedules))
6528  if (task_schedule_iterator_start_due (&schedules))
6529  {
6530  time_t first_time, period, period_months;
6531  const char* timezone;
6532  int timed_out;
6533 
6534  /* Check if task schedule is timed out before updating next due time */
6535  timed_out = task_schedule_iterator_timed_out (&schedules);
6536 
6537  /* Update the task schedule info to prevent multiple schedules. */
6538 
6539  first_time = task_schedule_iterator_first_time (&schedules);
6540  period = task_schedule_iterator_period (&schedules);
6541  period_months = task_schedule_iterator_period_months (&schedules);
6542  timezone = task_schedule_iterator_timezone (&schedules);
6543 
6545  (task_schedule_iterator_task (&schedules),
6546  next_time (first_time, period, period_months, timezone, 0));
6547 
6548  /* Skip this task if it was already added to the starts list
6549  * to avoid conflicts between multiple users with permissions.
6550  */
6551 
6552  if (previous_start_task == task_schedule_iterator_task (&schedules))
6553  continue;
6554 
6555  if (timed_out)
6556  {
6557  g_message (" %s: Task timed out: %s",
6558  __FUNCTION__,
6559  task_schedule_iterator_task_uuid (&schedules));
6560  continue;
6561  }
6562 
6563  previous_start_task = task_schedule_iterator_task (&schedules);
6564 
6565  /* Add task UUID and owner name and UUID to the list. */
6566 
6567  starts = g_slist_prepend
6568  (starts,
6569  g_strdup (task_schedule_iterator_task_uuid (&schedules)));
6570  starts = g_slist_prepend
6571  (starts,
6572  g_strdup (task_schedule_iterator_owner_uuid (&schedules)));
6573  starts = g_slist_prepend
6574  (starts,
6575  g_strdup (task_schedule_iterator_owner_name (&schedules)));
6576  }
6577  else if (task_schedule_iterator_stop_due (&schedules))
6578  {
6579  /* Skip this task if it was already added to the stops list
6580  * to avoid conflicts between multiple users with permissions.
6581  */
6582 
6583  if (previous_stop_task == task_schedule_iterator_task (&schedules))
6584  continue;
6585  previous_stop_task = task_schedule_iterator_task (&schedules);
6586 
6587  /* Add task UUID and owner name and UUID to the list. */
6588 
6589  stops = g_slist_prepend
6590  (stops,
6591  g_strdup (task_schedule_iterator_task_uuid (&schedules)));
6592  stops = g_slist_prepend
6593  (stops,
6594  g_strdup (task_schedule_iterator_owner_uuid (&schedules)));
6595  stops = g_slist_prepend
6596  (stops,
6597  g_strdup (task_schedule_iterator_owner_name (&schedules)));
6598  }
6599  cleanup_task_schedule_iterator (&schedules);
6600 
6601  /* Start tasks in forked processes, now that the SQL statement is closed. */
6602 
6603  while (starts)
6604  {
6605  int pid;
6606  openvas_connection_t connection;
6607  gchar *task_uuid, *owner, *owner_uuid;
6608  GSList *head;
6609  omp_authenticate_info_opts_t auth_opts;
6610 
6611  owner = starts->data;
6612  assert (starts->next);
6613  owner_uuid = starts->next->data;
6614  assert (starts->next->next);
6615  task_uuid = starts->next->next->data;
6616 
6617  head = starts;
6618  starts = starts->next->next->next;
6619  g_slist_free_1 (head->next->next);
6620  g_slist_free_1 (head->next);
6621  g_slist_free_1 (head);
6622 
6623  /* Fork a child to start the task and wait for the response, so that the
6624  * parent can return to the main loop. */
6625 
6626  pid = fork ();
6627  switch (pid)
6628  {
6629  case 0:
6630  /* Child. Carry on to start the task, reopen the database (required
6631  * after fork). */
6632 
6633  /* Restore the sigmask that was blanked for pselect. */
6634  pthread_sigmask (SIG_SETMASK, sigmask_current, NULL);
6635 
6638  while (starts)
6639  {
6640  g_free (starts->data);
6641  starts = g_slist_delete_link (starts, starts);
6642  }
6643  break;
6644 
6645  case -1:
6646  /* Parent on error. Reschedule and continue to next task. */
6647  g_warning ("%s: fork failed\n", __FUNCTION__);
6649  g_free (task_uuid);
6650  g_free (owner);
6651  g_free (owner_uuid);
6652  continue;
6653 
6654  default:
6655  /* Parent. Continue to next task. */
6656  g_debug ("%s: %i forked %i", __FUNCTION__, getpid (), pid);
6657  g_free (task_uuid);
6658  g_free (owner);
6659  g_free (owner_uuid);
6660  continue;
6661 
6662  }
6663 
6664  /* Run the callback to fork a child connected to the Manager. */
6665 
6666  pid = fork_connection (&connection, owner_uuid);
6667  switch (pid)
6668  {
6669  case 0:
6670  /* Child. Break, start task, exit. */
6671  g_free (owner_uuid);
6672  break;
6673 
6674  case -1:
6675  /* Parent on error. */
6676  g_warning ("%s: fork_connection failed\n", __FUNCTION__);
6678  g_free (task_uuid);
6679  g_free (owner);
6680  g_free (owner_uuid);
6681  exit (EXIT_FAILURE);
6682  break;
6683 
6684  default:
6685  {
6686  int status;
6687 
6688  /* Parent. Wait for child, to check return. */
6689 
6690  g_debug ("%s: %i fork_connectioned %i",
6691  __FUNCTION__, getpid (), pid);
6692 
6693  g_free (owner);
6694  g_free (owner_uuid);
6695 
6696  if (signal (SIGCHLD, SIG_DFL) == SIG_ERR)
6697  g_warning ("%s: failed to set SIGCHLD", __FUNCTION__);
6698  while (waitpid (pid, &status, 0) < 0)
6699  {
6700  if (errno == ECHILD)
6701  {
6702  g_warning ("%s: Failed to get child exit,"
6703  " so task '%s' may not have been scheduled",
6704  __FUNCTION__,
6705  task_uuid);
6706  g_free (task_uuid);
6707  exit (EXIT_FAILURE);
6708  }
6709  if (errno == EINTR)
6710  continue;
6711  g_warning ("%s: waitpid: %s",
6712  __FUNCTION__,
6713  strerror (errno));
6714  g_warning ("%s: As a result, task '%s' may not have been"
6715  " scheduled",
6716  __FUNCTION__,
6717  task_uuid);
6718  g_free (task_uuid);
6719  exit (EXIT_FAILURE);
6720  }
6721  if (WIFEXITED (status))
6722  switch (WEXITSTATUS (status))
6723  {
6724  case EXIT_SUCCESS:
6725  {
6726  schedule_t schedule;
6727  int periods;
6728 
6729  /* Child succeeded. */
6730 
6731  schedule = task_schedule_uuid (task_uuid);
6732  if (schedule
6733  && schedule_period (schedule) == 0
6734  && schedule_duration (schedule) == 0
6735  /* Check next time too, in case the user changed
6736  * the schedule after this task was added to the
6737  * "starts" list. */
6739  /* A once-off schedule without a duration, remove
6740  * it from the task. If it has a duration it
6741  * will be removed below, after the duration. */
6743  else if ((periods = task_schedule_periods_uuid
6744  (task_uuid)))
6745  {
6746  /* A task restricted to a certain number of
6747  * scheduled runs. */
6748  if (periods > 1)
6749  {
6751  periods - 1);
6752  }
6753  else if (periods == 1
6754  && schedule_duration (schedule) == 0)
6755  {
6756  /* Last run of a task restricted to a certain
6757  * number of scheduled runs. */
6759  }
6760  else if (periods == 1)
6761  /* Flag that the task has started, for
6762  * update_duration_schedule_periods. */
6764  }
6765  }
6766  g_free (task_uuid);
6767  exit (EXIT_SUCCESS);
6768 
6769  case EXIT_FAILURE:
6770  default:
6771  break;
6772  }
6773 
6774  /* Child failed, reset task schedule time and exit. */
6775 
6776  g_warning ("%s: child failed\n", __FUNCTION__);
6778  g_free (task_uuid);
6779 
6780  exit (EXIT_FAILURE);
6781  }
6782  }
6783 
6784  /* Start the task. */
6785 
6786  auth_opts = omp_authenticate_info_opts_defaults;
6787  auth_opts.username = owner;
6788  if (omp_authenticate_info_ext_c (&connection, auth_opts))
6789  {
6790  g_warning ("%s: omp_authenticate failed", __FUNCTION__);
6791  g_free (task_uuid);
6792  g_free (owner);
6793  openvas_connection_free (&connection);
6794  exit (EXIT_FAILURE);
6795  }
6796 
6797  g_free (owner);
6798 
6799  if (omp_resume_task_report_c (&connection, task_uuid, NULL))
6800  {
6801  if (omp_start_task_report_c (&connection, task_uuid, NULL))
6802  {
6803  g_warning ("%s: omp_start_task and omp_resume_task failed", __FUNCTION__);
6804  g_free (task_uuid);
6805  openvas_connection_free (&connection);
6806  exit (EXIT_FAILURE);
6807  }
6808  }
6809 
6810  g_free (task_uuid);
6811  openvas_connection_free (&connection);
6812  exit (EXIT_SUCCESS);
6813  }
6814 
6815  /* Stop tasks in forked processes, now that the SQL statement is closed. */
6816 
6817  while (stops)
6818  {
6819  openvas_connection_t connection;
6820  gchar *task_uuid, *owner, *owner_uuid;
6821  GSList *head;
6822  omp_authenticate_info_opts_t auth_opts;
6823 
6824  owner = stops->data;
6825  assert (stops->next);
6826  owner_uuid = stops->next->data;
6827  assert (stops->next->next);
6828  task_uuid = stops->next->next->data;
6829 
6830  head = stops;
6831  stops = stops->next->next->next;
6832  g_slist_free_1 (head->next->next);
6833  g_slist_free_1 (head->next);
6834  g_slist_free_1 (head);
6835 
6836  /* TODO As with starts above, this should retry if the stop failed. */
6837 
6838  /* Run the callback to fork a child connected to the Manager. */
6839 
6840  switch (fork_connection (&connection, owner_uuid))
6841  {
6842  case 0:
6843  /* Child. Break, stop task, exit. */
6844  while (stops)
6845  {
6846  g_free (stops->data);
6847  stops = g_slist_delete_link (stops, stops);
6848  }
6849  break;
6850 
6851  case -1:
6852  /* Parent on error. */
6853  g_free (task_uuid);
6854  g_free (owner);
6855  g_free (owner_uuid);
6856  while (stops)
6857  {
6858  g_free (stops->data);
6859  stops = g_slist_delete_link (stops, stops);
6860  }
6861  g_warning ("%s: stop fork failed\n", __FUNCTION__);
6862  return -1;
6863  break;
6864 
6865  default:
6866  /* Parent. Continue to next task. */
6867  g_free (task_uuid);
6868  g_free (owner);
6869  g_free (owner_uuid);
6870  continue;
6871  break;
6872  }
6873 
6874  /* Stop the task. */
6875 
6876  auth_opts = omp_authenticate_info_opts_defaults;
6877  auth_opts.username = owner;
6878  if (omp_authenticate_info_ext_c (&connection, auth_opts))
6879  {
6880  g_free (task_uuid);
6881  g_free (owner);
6882  g_free (owner_uuid);
6883  openvas_connection_free (&connection);
6884  exit (EXIT_FAILURE);
6885  }
6886 
6887  if (omp_stop_task_c (&connection, task_uuid))
6888  {
6889  g_free (task_uuid);
6890  g_free (owner);
6891  g_free (owner_uuid);
6892  openvas_connection_free (&connection);
6893  exit (EXIT_FAILURE);
6894  }
6895 
6896  g_free (task_uuid);
6897  g_free (owner);
6898  g_free (owner_uuid);
6899  openvas_connection_free (&connection);
6900  exit (EXIT_SUCCESS);
6901  }
6902 
6905 
6907 
6908  return 0;
6909 }
void auto_delete_reports()
int task_schedule_periods_uuid(const gchar *)
Set the next time a scheduled task will be due.
Definition: manage_sql.c:19000
long long int schedule_t
Definition: manage.h:299
schedule_t task_schedule_uuid(const gchar *)
Return the schedule of a task.
Definition: manage_sql.c:18938
void reinit_manage_process()
Reinitialize the manage library for a process.
Definition: manage_sql.c:14347
void reschedule_task(const gchar *)
A generic SQL iterator.
Definition: iterator.h:52
int task_uuid(task_t, char **)
Return the UUID of a task.
Definition: manage_sql.c:17885
int manage_update_nvti_cache()
Update the memory cache of NVTs, if this has been requested.
Definition: manage_sql.c:14475
const char * task_schedule_iterator_task_uuid(iterator_t *)
void set_task_schedule_next_time_uuid(const gchar *task_id, time_t time)
Set the next time a scheduled task will be due.
Definition: manage_sql.c:19071
void clear_duration_schedules(task_t)
const char * task_schedule_iterator_owner_uuid(iterator_t *)
void manage_session_init(const char *uuid)
Setup session.
Definition: manage_pg.c:46
task_t task_schedule_iterator_task(iterator_t *)
void update_duration_schedule_periods(task_t)
time_t task_schedule_iterator_period_months(iterator_t *)
gboolean task_schedule_iterator_stop_due(iterator_t *)
time_t task_schedule_iterator_period(iterator_t *)
int set_task_schedule_uuid(const gchar *task_id, schedule_t schedule, int periods)
Set the schedule of a task.
Definition: manage_sql.c:18836
int init_task_schedule_iterator(iterator_t *)
const char * task_schedule_iterator_owner_name(iterator_t *)
time_t task_schedule_iterator_first_time(iterator_t *)
int schedule_duration(schedule_t)
gboolean task_schedule_iterator_start_due(iterator_t *)
void set_task_schedule_next_time(task_t task, time_t time)
Set the next time a scheduled task will be due.
Definition: manage_sql.c:19058
credentials_t current_credentials
Current credentials during any OMP command.
Definition: manage.c:717
gboolean task_schedule_iterator_timed_out(iterator_t *)
time_t next_time(time_t first, int period, int period_months, const char *timezone, int periods_offset)
Calculate the next time from now given a start time and a period.
Definition: manage_utils.c:287
gboolean next(iterator_t *)
Increment an iterator.
Definition: sql.c:689
void cleanup_task_schedule_iterator(iterator_t *)
long long int task_t
Definition: manage.h:286
int set_task_schedule_periods(const gchar *, int)
Set the schedule periods of a task, given a UUID.
Definition: manage_sql.c:18869
const char * task_schedule_iterator_timezone(iterator_t *)
int schedule_period(schedule_t)
time_t task_schedule_next_time_uuid(const gchar *)
Set the next time a scheduled task will be due.
Definition: manage_sql.c:19038

References auto_delete_reports(), cleanup_task_schedule_iterator(), clear_duration_schedules(), current_credentials, init_task_schedule_iterator(), manage_session_init(), manage_update_nvti_cache(), next(), next_time(), reinit_manage_process(), reschedule_task(), schedule_duration(), schedule_period(), set_task_schedule_next_time(), set_task_schedule_next_time_uuid(), set_task_schedule_periods(), set_task_schedule_uuid(), task_schedule_iterator_first_time(), task_schedule_iterator_owner_name(), task_schedule_iterator_owner_uuid(), task_schedule_iterator_period(), task_schedule_iterator_period_months(), task_schedule_iterator_start_due(), task_schedule_iterator_stop_due(), task_schedule_iterator_task(), task_schedule_iterator_task_uuid(), task_schedule_iterator_timed_out(), task_schedule_iterator_timezone(), task_schedule_next_time_uuid(), task_schedule_periods_uuid(), task_schedule_uuid(), task_uuid(), and update_duration_schedule_periods().

Here is the call graph for this function:

◆ manage_system_report()

int manage_system_report ( const char *  name,
const char *  duration,
const char *  start_time,
const char *  end_time,
const char *  slave_id,
char **  report 
)

Get a system report.

Parameters
[in]nameName of report.
[in]durationTime range of report, in seconds.
[in]start_timeTime of first data point in report.
[in]end_timeTime of last data point in report.
[in]slave_idID of slave to get report from. 0 for local.
[out]reportOn success, report in base64 if such a report exists else NULL. Arbitrary on error.
Returns
0 if successful (including failure to find report), -1 on error, 3 if used the fallback report, 4 could not connect to slave, 5 authentication failed, 6 failed to get system report.

Definition at line 6240 of file manage.c.

6243 {
6244  gchar *astdout = NULL;
6245  gchar *astderr = NULL;
6246  GError *err = NULL;
6247  gint exit_status;
6248  gchar *command;
6249  time_t start_time_num, end_time_num, duration_num;
6250  start_time_num = 0;
6251  end_time_num = 0;
6252  duration_num = 0;
6253 
6254  assert (name);
6255 
6256  if (duration && strcmp (duration, ""))
6257  {
6258  duration_num = atol (duration);
6259  if (duration_num == 0)
6260  return manage_system_report ("blank", NULL, NULL, NULL,
6261  NULL, report);
6262  }
6263  if (start_time && strcmp (start_time, ""))
6264  {
6265  start_time_num = parse_iso_time (start_time);
6266  if (start_time_num == 0)
6267  return manage_system_report ("blank", NULL, NULL, NULL,
6268  NULL, report);
6269  }
6270  if (end_time && strcmp (end_time, ""))
6271  {
6272  end_time_num = parse_iso_time (end_time);
6273  if (end_time_num == 0)
6274  return manage_system_report ("blank", NULL, NULL, NULL,
6275  NULL, report);
6276  }
6277 
6278  if (slave_id && strcmp (slave_id, "0"))
6279  return slave_system_report (name, duration, start_time, end_time,
6280  slave_id, report);
6281 
6282  /* For simplicity, it's up to the command to do the base64 encoding. */
6283  if (start_time && strcmp (start_time, ""))
6284  {
6285  if (end_time && strcmp (end_time, ""))
6286  {
6287  command = g_strdup_printf ("openvasmr %ld %ld %s",
6288  start_time_num,
6289  end_time_num,
6290  name);
6291  }
6292  else if (duration && strcmp (duration, ""))
6293  {
6294  command = g_strdup_printf ("openvasmr %ld %ld %s",
6295  start_time_num,
6296  start_time_num + duration_num,
6297  name);
6298  }
6299  else
6300  {
6301  command = g_strdup_printf ("openvasmr %ld %ld %s",
6302  start_time_num,
6303  start_time_num + DEFAULT_DURATION,
6304  name);
6305  }
6306  }
6307  else if (end_time && strcmp (end_time, ""))
6308  {
6309  if (duration && strcmp (duration, ""))
6310  {
6311  command = g_strdup_printf ("openvasmr %ld %ld %s",
6312  end_time_num - duration_num,
6313  end_time_num,
6314  name);
6315  }
6316  else
6317  {
6318  command = g_strdup_printf ("openvasmr %ld %ld %s",
6319  end_time_num - DEFAULT_DURATION,
6320  end_time_num,
6321  name);
6322  }
6323  }
6324  else
6325  {
6326  if (duration && strcmp (duration, ""))
6327  {
6328  command = g_strdup_printf ("openvasmr %ld %s",
6329  duration_num,
6330  name);
6331  }
6332  else
6333  {
6334  command = g_strdup_printf ("openvasmr %ld %s",
6336  name);
6337  }
6338  }
6339 
6340  g_debug (" command: %s", command);
6341 
6342  if ((g_spawn_command_line_sync (command,
6343  &astdout,
6344  &astderr,
6345  &exit_status,
6346  &err)
6347  == FALSE)
6348  || (WIFEXITED (exit_status) == 0)
6349  || WEXITSTATUS (exit_status))
6350  {
6351  int ret;
6352  double load[3];
6353  GError *get_error;
6354  gchar *output;
6355  gsize output_len;
6356  GString *buffer;
6357 
6358  g_debug ("%s: openvasmr failed with %d", __FUNCTION__, exit_status);
6359  g_debug ("%s: stdout: %s", __FUNCTION__, astdout);
6360  g_debug ("%s: stderr: %s", __FUNCTION__, astderr);
6361  g_free (astdout);
6362  g_free (astderr);
6363  g_free (command);
6364 
6365  buffer = g_string_new (FALLBACK_SYSTEM_REPORT_HEADER);
6366 
6367  ret = getloadavg (load, 3);
6368  if (ret == 3)
6369  {
6370  g_string_append_printf (buffer,
6371  "Load average for past minute: %.1f\n",
6372  load[0]);
6373  g_string_append_printf (buffer,
6374  "Load average for past 5 minutes: %.1f\n",
6375  load[1]);
6376  g_string_append_printf (buffer,
6377  "Load average for past 15 minutes: %.1f\n",
6378  load[2]);
6379  }
6380  else
6381  g_string_append (buffer, "Error getting load averages.\n");
6382 
6383  get_error = NULL;
6384  g_file_get_contents ("/proc/meminfo",
6385  &output,
6386  &output_len,
6387  &get_error);
6388  if (get_error)
6389  g_error_free (get_error);
6390  else
6391  {
6392  gchar *safe;
6393  g_string_append (buffer, "\n/proc/meminfo:\n\n");
6394  safe = g_markup_escape_text (output, strlen (output));
6395  g_free (output);
6396  g_string_append (buffer, safe);
6397  g_free (safe);
6398  }
6399 
6400  *report = g_string_free (buffer, FALSE);
6401  return 3;
6402  }
6403  g_free (astderr);
6404  g_free (command);
6405  if (astdout == NULL || strlen (astdout) == 0)
6406  {
6407  g_free (astdout);
6408  if (strcmp (name, "blank") == 0)
6409  return -1;
6410  return manage_system_report ("blank", NULL, NULL, NULL,
6411  NULL, report);
6412  }
6413  else
6414  *report = astdout;
6415  return 0;
6416 }
int parse_iso_time(const char *text_time)
Convert an ISO time into seconds since epoch.
Definition: manage_sql.c:875
#define DEFAULT_DURATION
Definition: manage.c:6222
int manage_system_report(const char *name, const char *duration, const char *start_time, const char *end_time, const char *slave_id, char **report)
Get a system report.
Definition: manage.c:6240
#define FALLBACK_SYSTEM_REPORT_HEADER
Header for fallback system report.
Definition: manage.c:6217

References manage_system_report(), and parse_iso_time().

Referenced by manage_system_report().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ message_type_threat()

const char* message_type_threat ( const char *  type)

Get the threat of a message type.

Parameters
typeMessage type.
Returns
Static threat name if type names a message type, else NULL.

Definition at line 553 of file manage.c.

554 {
555  if (strcasecmp (type, "Alarm") == 0)
556  return "Alarm";
557  if (strcasecmp (type, "Security Hole") == 0)
558  return "High";
559  if (strcasecmp (type, "Security Warning") == 0)
560  return "Medium";
561  if (strcasecmp (type, "Security Note") == 0)
562  return "Low";
563  if (strcasecmp (type, "Log Message") == 0)
564  return "Log";
565  if (strcasecmp (type, "Debug Message") == 0)
566  return "Debug";
567  if (strcasecmp (type, "Error Message") == 0)
568  return "Error";
569  if (strcasecmp (type, "False Positive") == 0)
570  return "False Positive";
571  return NULL;
572 }

◆ move_task()

int move_task ( const char *  task_id,
const char *  slave_id 
)

Reassign a task to another slave.

Parameters
[in]task_idUUID of task.
[in]slave_idUUID of slave.
Returns
0 success, 1 success, process forked, 2 task not found, 3 slave not found, 4 slaves not supported by scanner, 5 task cannot be stopped currently, 6 scanner does not allow stopping, 7 new scanner does not support slaves, 98 stop and resume permission denied, 99 permission denied, -1 error.

Definition at line 5576 of file manage.c.

5577 {
5578  task_t task;
5579  int task_scanner_type, slave_scanner_type;
5580  scanner_t slave, scanner;
5581  task_status_t status;
5582  int should_resume_task = 0;
5583 
5584  if (task_id == NULL)
5585  return -1;
5586  if (slave_id == NULL)
5587  return -1;
5588 
5589  if (acl_user_may ("modify_task") == 0)
5590  return 99;
5591 
5592  /* Find the task. */
5593 
5594  if (find_task_with_permission (task_id, &task, "get_tasks"))
5595  return -1;
5596  if (task == 0)
5597  return 2;
5598 
5599  /* Make sure destination scanner supports slavery. */
5600 
5601  if (strcmp (slave_id, "") == 0)
5602  slave_id = SCANNER_UUID_DEFAULT;
5603 
5604  if (find_scanner_with_permission (slave_id, &slave, "get_scanners"))
5605  return -1;
5606  if (slave == 0)
5607  return 3;
5608 
5609  slave_scanner_type = scanner_type (slave);
5610  if (slave_scanner_type != SCANNER_TYPE_OPENVAS
5611  && slave_scanner_type != SCANNER_TYPE_OMP)
5612  return 7;
5613 
5614  /* Make sure current scanner supports slavery. */
5615 
5616  scanner = task_scanner (task);
5617  if (scanner == 0)
5618  return -1;
5619 
5620  task_scanner_type = scanner_type (scanner);
5621  if (task_scanner_type != SCANNER_TYPE_OPENVAS
5622  && task_scanner_type != SCANNER_TYPE_OMP)
5623  return 4;
5624 
5625  /* Stop task if required. */
5626 
5627  status = task_run_status (task);
5628 
5629  switch (status)
5630  {
5635  case TASK_STATUS_REQUESTED:
5636  // Task cannot be stopped now
5637  return 5;
5638  break;
5639  case TASK_STATUS_RUNNING:
5640  if (task_scanner_type == SCANNER_TYPE_CVE)
5641  return 6;
5642  // Check permissions to stop and resume task
5643  if (acl_user_has_access_uuid ("task", task_id, "stop_task", 0)
5644  && acl_user_has_access_uuid ("task", task_id, "resume_task", 0))
5645  {
5646  // Stop the task, wait and resume after changes
5647  stop_task_internal (task);
5648  should_resume_task = 1;
5649 
5650  status = task_run_status (task);
5651  while (status == TASK_STATUS_STOP_REQUESTED
5653  || status == TASK_STATUS_STOP_WAITING)
5654  {
5655  sleep (5);
5656  status = task_run_status (task);
5657  }
5658  }
5659  else
5660  return 98;
5661  break;
5665  while (status == TASK_STATUS_STOP_REQUESTED
5667  || status == TASK_STATUS_STOP_WAITING)
5668  {
5669  sleep (5);
5670  status = task_run_status (task);
5671  }
5672  break;
5673  default:
5674  break;
5675  }
5676 
5677  /* Update scanner. */
5678 
5679  set_task_scanner (task, slave);
5680 
5681  /* Resume task if required. */
5682 
5683  if (should_resume_task)
5684  {
5685  pid_t pid = getpid ();
5686 
5687  resume_task (task_id, NULL);
5688 
5689  if (getpid () != pid)
5690  return 1;
5691  }
5692 
5693  return 0;
5694 }
task_status_t
Task statuses, also used as scan/report statuses.
Definition: manage.h:218
int resume_task(const char *task_id, char **report_id)
Resume a task.
Definition: manage.c:5543
int acl_user_has_access_uuid(const char *type, const char *uuid, const char *permission, int trash)
Test whether the user may access a resource.
Definition: manage_acl.c:758
void set_task_scanner(task_t, scanner_t)
Set the scanner of a task.
Definition: manage_sql.c:18208
task_status_t task_run_status(task_t)
Return the run state of a task.
Definition: manage_sql.c:18238
unsigned int task_id(task_t)
Return the identifier of a task.
Definition: manage_sql.c:17869
#define SCANNER_UUID_DEFAULT
UUID of 'OpenVAS Default' scanner.
Definition: manage_sql.h:203
int stop_task_internal(task_t task)
Initiate stopping a task.
Definition: manage.c:5447
gboolean find_task_with_permission(const char *, task_t *, const char *)
scanner_t task_scanner(task_t)
Return the scanner of a task.
Definition: manage_sql.c:18183
int acl_user_may(const char *operation)
Test whether a user may perform an operation.
Definition: manage_acl.c:56
scanner_type
Scanner types.
Definition: manage.h:267
gboolean find_scanner_with_permission(const char *, scanner_t *, const char *)
long long int task_t
Definition: manage.h:286
long long int scanner_t
Definition: manage.h:300

References acl_user_has_access_uuid(), acl_user_may(), find_scanner_with_permission(), find_task_with_permission(), resume_task(), SCANNER_TYPE_CVE, SCANNER_TYPE_OMP, SCANNER_TYPE_OPENVAS, SCANNER_UUID_DEFAULT, set_task_scanner(), stop_task_internal(), task_id(), task_run_status(), task_scanner(), TASK_STATUS_DELETE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_WAITING, TASK_STATUS_DELETE_WAITING, TASK_STATUS_REQUESTED, TASK_STATUS_RUNNING, TASK_STATUS_STOP_REQUESTED, TASK_STATUS_STOP_REQUESTED_GIVEUP, and TASK_STATUS_STOP_WAITING.

Here is the call graph for this function:

◆ next_file()

gboolean next_file ( file_iterator_t iterator)

Increment a report type iterator.

The caller must stop using this after it returns FALSE.

Parameters
[in]iteratorTask iterator.
Returns
TRUE if there was a next item, else FALSE.

Definition at line 7159 of file manage.c.

7160 {
7161  iterator->current++;
7162  if (*iterator->current == NULL) return FALSE;
7163  return TRUE;
7164 }
A generic SQL iterator.
Definition: iterator.h:52

◆ next_report_type()

gboolean next_report_type ( report_type_iterator_t iterator)

Increment a report type iterator.

The caller must stop using this after it returns FALSE.

Parameters
[in]iteratorTask iterator.
Returns
TRUE if there was a next item, else FALSE.

Definition at line 6081 of file manage.c.

6082 {
6083  iterator->current++;
6084  if (*iterator->current == NULL) return FALSE;
6085  return TRUE;
6086 }
A generic SQL iterator.
Definition: iterator.h:52

◆ parse_tags()

void parse_tags ( const char *  scanner_tags,
gchar **  tags,
gchar **  cvss_base 
)

Split up the tags received from the scanner.

Parameters
[in]scanner_tagsThe tags sent by the scanner.
[out]tagsTags.
[out]cvss_baseCVSS base.

Definition at line 7241 of file manage.c.

7242 {
7243  gchar **split, **point;
7244  GString *tags_buffer;
7245  gboolean first;
7246 
7247  tags_buffer = g_string_new ("");
7248  split = g_strsplit (scanner_tags, "|", 0);
7249  point = split;
7250  *cvss_base = NULL;
7251  first = TRUE;
7252 
7253  while (*point)
7254  {
7255  if (strncmp (*point, "cvss_base=", strlen ("cvss_base=")) == 0)
7256  {
7257  /* Skip this tag. */
7258  }
7259  else if (strncmp (*point,
7260  "cvss_base_vector=",
7261  strlen ("cvss_base_vector="))
7262  == 0)
7263  {
7264  if (*cvss_base == NULL)
7265  *cvss_base = g_strdup_printf ("%.1f",
7266  get_cvss_score_from_base_metrics
7267  (*point
7268  + strlen ("cvss_base_vector=")));
7269  if (first)
7270  first = FALSE;
7271  else
7272  g_string_append_c (tags_buffer, '|');
7273  g_string_append (tags_buffer, *point);
7274  }
7275  else
7276  {
7277  if (first)
7278  first = FALSE;
7279  else
7280  g_string_append_c (tags_buffer, '|');
7281  g_string_append (tags_buffer, *point);
7282  }
7283  point++;
7284  }
7285 
7286  if (tags_buffer->len == 0)
7287  {
7288  g_string_free (tags_buffer, TRUE);
7289  *tags = g_strdup ("NOTAG");
7290  }
7291  else
7292  *tags = g_string_free (tags_buffer, FALSE);
7293  g_strfreev (split);
7294 }

Referenced by migrate_16_to_17().

Here is the caller graph for this function:

◆ predefined_report_format_dir()

gchar* predefined_report_format_dir ( const gchar *  uuid)

Get the directory of a report format.

Parameters
[in]uuidReport format UUID. NULL to get parent dir.
Returns
Freshly allocated dir name.

Definition at line 7077 of file manage.c.

7078 {
7079  return g_build_filename (OPENVAS_DATA_DIR,
7080  "openvasmd",
7081  "report_formats",
7082  uuid,
7083  NULL);
7084 }

Referenced by init_report_format_file_iterator().

Here is the caller graph for this function:

◆ report_format_param_type_from_name()

report_format_param_type_t report_format_param_type_from_name ( const char *  name)

Get a report format param type from a name.

Parameters
[in]nameParam type name.
Returns
The param type.

Definition at line 6978 of file manage.c.

6979 {
6980  if (strcmp (name, "boolean") == 0)
6982  if (strcmp (name, "integer") == 0)
6984  if (strcmp (name, "selection") == 0)
6986  if (strcmp (name, "string") == 0)
6988  if (strcmp (name, "text") == 0)
6990  if (strcmp (name, "report_format_list") == 0)
6993 }

References REPORT_FORMAT_PARAM_TYPE_BOOLEAN, REPORT_FORMAT_PARAM_TYPE_ERROR, REPORT_FORMAT_PARAM_TYPE_INTEGER, REPORT_FORMAT_PARAM_TYPE_REPORT_FORMAT_LIST, REPORT_FORMAT_PARAM_TYPE_SELECTION, REPORT_FORMAT_PARAM_TYPE_STRING, and REPORT_FORMAT_PARAM_TYPE_TEXT.

◆ report_format_param_type_name()

const char* report_format_param_type_name ( report_format_param_type_t  type)

Get the name of a report format param type.

Parameters
[in]typeParam type.
Returns
The name of the param type.

Definition at line 6947 of file manage.c.

6948 {
6949  switch (type)
6950  {
6952  return "boolean";
6954  return "integer";
6956  return "selection";
6958  return "string";
6960  return "text";
6962  return "report_format_list";
6963  default:
6964  assert (0);
6966  return "ERROR";
6967  }
6968 }

References REPORT_FORMAT_PARAM_TYPE_BOOLEAN, REPORT_FORMAT_PARAM_TYPE_ERROR, REPORT_FORMAT_PARAM_TYPE_INTEGER, REPORT_FORMAT_PARAM_TYPE_REPORT_FORMAT_LIST, REPORT_FORMAT_PARAM_TYPE_SELECTION, REPORT_FORMAT_PARAM_TYPE_STRING, and REPORT_FORMAT_PARAM_TYPE_TEXT.

◆ report_results_filter_term()

gchar* report_results_filter_term ( int  first,
int  rows,
int  apply_overrides,
int  autofp,
int  min_qod 
)

Create a basic filter term to get report results.

Definition at line 752 of file manage.c.

754 {
755  return g_strdup_printf ("first=%d rows=%d"
756  " apply_overrides=%d autofp=%d min_qod=%d",
757  first, rows,
758  apply_overrides, autofp, min_qod);
759 }

Referenced by report_results_get_data().

Here is the caller graph for this function:

◆ report_results_get_data()

get_data_t* report_results_get_data ( int  first,
int  rows,
int  apply_overrides,
int  autofp,
int  min_qod 
)

Create a new basic get_data_t struct to get report results.

Definition at line 766 of file manage.c.

768 {
769  get_data_t* get = malloc (sizeof (get_data_t));
770  memset (get, 0, sizeof (get_data_t));
771  get->type = g_strdup ("result");
772  get->filter = report_results_filter_term (first, rows,
773  apply_overrides, autofp, min_qod);
774 
775  return get;
776 }
Command data for a get command.
Definition: manage.h:310
gchar * type
Type of resource.
Definition: manage.h:319
gchar * report_results_filter_term(int first, int rows, int apply_overrides, int autofp, int min_qod)
Create a basic filter term to get report results.
Definition: manage.c:752
char * filter
Filter term.
Definition: manage.h:314

References get_data_t::filter, report_results_filter_term(), and get_data_t::type.

Here is the call graph for this function:

◆ report_type_iterator_name()

const char* report_type_iterator_name ( report_type_iterator_t iterator)

Return the name from a report type iterator.

Parameters
[in]iteratorIterator.
Returns
Name.

Definition at line 6096 of file manage.c.

6097 {
6098  return (const char*) *iterator->current;
6099 }
A generic SQL iterator.
Definition: iterator.h:52

◆ report_type_iterator_title()

const char* report_type_iterator_title ( report_type_iterator_t iterator)

Return the title from a report type iterator.

Parameters
[in]iteratorIterator.
Returns
Title.

Definition at line 6109 of file manage.c.

6110 {
6111  const char *name = *iterator->current;
6112  return name + strlen (name) + 1;
6113 }
A generic SQL iterator.
Definition: iterator.h:52

◆ resume_task()

int resume_task ( const char *  task_id,
char **  report_id 
)

Resume a task.

Parameters
[in]task_idTask UUID.
[out]report_idIf successful, ID of the resultant report.
Returns
22 caller error (task must be in "stopped" state), or any start_task error.

Definition at line 5543 of file manage.c.

5544 {
5545  task_t task;
5546  task_status_t run_status;
5547 
5548  if (acl_user_may ("resume_task") == 0)
5549  return 99;
5550 
5551  task = 0;
5552  if (find_task_with_permission (task_id, &task, "resume_task"))
5553  return -1;
5554  if (task == 0)
5555  return 3;
5556 
5557  run_status = task_run_status (task);
5558  if (run_status == TASK_STATUS_STOPPED)
5559  return run_task (task_id, report_id, 1);
5560  return 22;
5561 }
task_status_t
Task statuses, also used as scan/report statuses.
Definition: manage.h:218
task_status_t task_run_status(task_t)
Return the run state of a task.
Definition: manage_sql.c:18238
unsigned int task_id(task_t)
Return the identifier of a task.
Definition: manage_sql.c:17869
gboolean find_task_with_permission(const char *, task_t *, const char *)
int acl_user_may(const char *operation)
Test whether a user may perform an operation.
Definition: manage_acl.c:56
long long int task_t
Definition: manage.h:286

References acl_user_may(), find_task_with_permission(), task_id(), task_run_status(), and TASK_STATUS_STOPPED.

Referenced by move_task().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ run_osp_task()

int run_osp_task ( task_t  task)

Start a task on an OSP scanner.

Parameters
[in]taskThe task.
Returns
0 success, 99 permission denied, -1 error.

Definition at line 3996 of file manage.c.

3997 {
3998  target_t target;
3999 
4000  target = task_target (task);
4001  if (target)
4002  {
4003  char *uuid;
4004  target_t found;
4005 
4006  uuid = target_uuid (target);
4007  if (find_target_with_permission (uuid, &found, "get_targets"))
4008  {
4009  g_free (uuid);
4010  return -1;
4011  }
4012  g_free (uuid);
4013  if (found == 0)
4014  return 99;
4015  }
4016 
4017  if (fork_osp_scan_handler (task, target))
4018  {
4019  g_warning ("Couldn't fork OSP scan handler.\n");
4020  return -1;
4021  }
4022  return 0;
4023 }
long long int target_t
Definition: manage.h:285
gboolean find_target_with_permission(const char *, target_t *, const char *)
target_t task_target(task_t)
Return the target of a task.
Definition: manage_sql.c:18111
char * target_uuid(target_t)

References find_target_with_permission(), target_uuid(), and task_target().

Here is the call graph for this function:

◆ run_otp_task()

int run_otp_task ( task_t  task,
scanner_t  scanner,
int  from,
char **  report_id 
)

Start an OTP scanner task.

Parameters
[in]taskThe task.
[in]scannerScanner to use.
[in]from0 start from beginning, 1 continue from stopped, 2 continue if stopped else start from beginning.
[out]report_idThe report ID.
Returns
Before forking: 1 task is active already, 3 failed to find task,
Todo:
On fail exits only, may need to honour request states that one of the other processes has set on the task (stop_task, request_delete_task).
Todo:
Also reset status on report, as current_scanner_task is 0 here.

Definition at line 4738 of file manage.c.

4739 {
4740  char title[128], *hosts, *port_range, *port, *uuid;
4741  gchar *plugins;
4742  int fail, pid, ret;
4743  GSList *files = NULL;
4744  GPtrArray *preference_files;
4745  task_status_t run_status;
4746  report_t last_stopped_report;
4747  target_t target;
4748  config_t config;
4749  credential_t ssh_credential, smb_credential, esxi_credential, snmp_credential;
4750  port_list_t port_list;
4751 
4752  /* Setup the task info required for the scan. */
4753 
4754  ret = run_task_setup (task, &config, &target, &port_list, &ssh_credential,
4755  &smb_credential, &esxi_credential, &snmp_credential);
4756  if (ret)
4757  return ret;
4758 
4759  /* When resuming, check that the scanner supports it. */
4760 
4761  if (from > 0 && config_type (config) > 0)
4762  return 4;
4763 
4764  /* For local scans, setup the scanner. */
4765 
4766  switch (scanner_setup (scanner))
4767  {
4768  case 0:
4769  break;
4770  case 1:
4771  return -7;
4772  default:
4773  return -5;
4774  }
4775 
4778  return -5;
4779 
4781  {
4783  return -5;
4784  }
4785 
4786  /* Mark task "Requested".
4787  *
4788  * Every fail exit from here must reset the run status. */
4789 
4790  if (set_task_requested (task, &run_status))
4791  return 1;
4792 
4793  /* Prepare the report. */
4794 
4795  ret = run_task_prepare_report (task, report_id, from, run_status,
4796  &last_stopped_report);
4797  if (ret)
4798  {
4799  set_task_run_status (task, run_status);
4800  return ret;
4801  }
4802 
4803  /* Check target. */
4804 
4805  if (target_hosts (target) == NULL)
4806  {
4807  g_debug (" target hosts is NULL.\n");
4808  set_task_run_status (task, run_status);
4809  return -4;
4810  }
4811 
4813 
4814  /* Every fail exit from here must reset to this run status, and must
4815  * clear current_report. */
4816 
4823  run_status = TASK_STATUS_INTERNAL_ERROR;
4824 
4825  /* Fork a child to start and handle the task while the parent responds to
4826  * the client. */
4827 
4828  pid = fork ();
4829  switch (pid)
4830  {
4831  case 0:
4832  /* Child. Carry on starting the task, reopen the database (required
4833  * after fork). */
4836  break;
4837  case -1:
4838  /* Parent when error. */
4839  g_warning ("%s: Failed to fork task child: %s\n",
4840  __FUNCTION__,
4841  strerror (errno));
4842  set_task_run_status (task, run_status);
4844  current_report = (report_t) 0;
4845  return -9;
4846  break;
4847  default:
4848  /* Parent. Return, in order to respond to client. */
4849  current_report = (report_t) 0;
4850  return 0;
4851  break;
4852  }
4853 
4854  /* Reset any running information. */
4855 
4856  {
4857  char *iface;
4858  iface = task_preference_value (task, "source_iface");
4859  if (iface)
4861  else
4863  free (iface);
4864  }
4865 
4866  uuid = report_uuid (current_report);
4867  snprintf (title, sizeof (title), "openvasmd: OTP: Handling scan %s", uuid);
4868  free (uuid);
4869  proctitle_set (title);
4870 
4875 
4876  /* Send the preferences header. */
4877 
4878  if (send_to_server ("CLIENT <|> PREFERENCES <|>\n"))
4879  {
4880  g_warning ("%s: Failed to send OTP PREFERENCES", __FUNCTION__);
4881  set_task_run_status (task, run_status);
4883  current_report = (report_t) 0;
4884  return -10;
4885  }
4886 
4887  /* Send the plugin list. */
4888 
4889  plugins = nvt_selector_plugins (config);
4890  if (plugins)
4891  {
4892  if (ssh_credential == 0 && smb_credential == 0 && esxi_credential == 0)
4893  fail = sendf_to_server ("plugin_set <|> %s\n", plugins);
4894  else
4895  {
4896  GString *auth_plugins = g_string_new ("");
4897  if (ssh_credential)
4898  g_string_append (auth_plugins, "1.3.6.1.4.1.25623.1.0.90022;");
4899  if (smb_credential)
4900  g_string_append (auth_plugins, "1.3.6.1.4.1.25623.1.0.90023;");
4901  if (esxi_credential)
4902  g_string_append (auth_plugins, "1.3.6.1.4.1.25623.1.0.105058;");
4903  if (snmp_credential)
4904  g_string_append (auth_plugins, "1.3.6.1.4.1.25623.1.0.105076;");
4905 
4906  fail = sendf_to_server ("plugin_set <|> %s%s\n",
4907  auth_plugins->str,
4908  plugins);
4909  g_string_free (auth_plugins, TRUE);
4910  }
4911  }
4912  else
4913  fail = send_to_server ("plugin_set <|> 0\n");
4914  free (plugins);
4915  if (fail)
4916  {
4917  g_warning ("%s: Failed to send OTP plugin_set", __FUNCTION__);
4918  set_task_run_status (task, run_status);
4920  current_report = (report_t) 0;
4921  return -10;
4922  }
4923 
4924  /* Send the scanner and task preferences. */
4925 
4926  if (send_config_preferences (config, "SERVER_PREFS", NULL, NULL))
4927  {
4928  g_warning ("%s: Failed to send OTP SERVER_PREFS", __FUNCTION__);
4929  set_task_run_status (task, run_status);
4931  current_report = (report_t) 0;
4932  return -10;
4933  }
4934 
4935  if (send_task_preferences (task))
4936  {
4937  g_warning ("%s: Failed to send OTP task preferences", __FUNCTION__);
4938  set_task_run_status (task, run_status);
4940  current_report = (report_t) 0;
4941  return -10;
4942  }
4943 
4944  /* Send the port range. */
4945 
4946  port_range = target_port_range (target);
4947  if (sendf_to_server ("port_range <|> %s\n",
4948  port_range ? port_range : "default"))
4949  {
4950  free (port_range);
4951  g_warning ("%s: Failed to send OTP port_range", __FUNCTION__);
4952  set_task_run_status (task, run_status);
4954  current_report = (report_t) 0;
4955  return -10;
4956  }
4957  free (port_range);
4958 
4959  /* Send the SSH LSC port. */
4960 
4961  port = target_ssh_port (target);
4962  if (port && sendf_to_server ("auth_port_ssh <|> %s\n", port))
4963  {
4964  free (port);
4965  g_warning ("%s: Failed to send OTP auth_port_ssh", __FUNCTION__);
4966  set_task_run_status (task, run_status);
4968  current_report = (report_t) 0;
4969  return -10;
4970  }
4971  free (port);
4972 
4973  /* Collect task files to send. */
4974 
4975  files = get_files_to_send (task);
4976 
4977  /* Send the plugins preferences. */
4978 
4979  preference_files = g_ptr_array_new ();
4980  if (send_config_preferences (config, "PLUGINS_PREFS", files, preference_files))
4981  {
4982  g_ptr_array_free (preference_files, TRUE);
4983  slist_free (files);
4984  g_warning ("%s: Failed to send OTP PLUGINS_PREFS", __FUNCTION__);
4985  set_task_run_status (task, run_status);
4987  current_report = (report_t) 0;
4988  return -10;
4989  }
4990 
4991  /* Send other scanner preferences. */
4992 
4993  if (send_scanner_preferences (task, target, last_stopped_report))
4994  {
4995  g_ptr_array_add (preference_files, NULL);
4996  array_free (preference_files);
4997  slist_free (files);
4998  g_warning ("%s: Failed to send OTP scanner preferences", __FUNCTION__);
4999  set_task_run_status (task, run_status);
5001  current_report = (report_t) 0;
5002  return -10;
5003  }
5004 
5005  /* Send credential preferences if there are credentials linked to target. */
5006 
5007  if (ssh_credential)
5008  {
5009  iterator_t credentials;
5010 
5011  init_credential_iterator_one (&credentials, ssh_credential);
5012  if (next (&credentials))
5013  {
5014  const char *user = credential_iterator_login (&credentials);
5015  const char *password = credential_iterator_password (&credentials);
5016 
5017  if (sendf_to_server ("SSH Authorization[entry]:SSH login name:"
5018  " <|> %s\n",
5019  user ? user : "")
5020  || (credential_iterator_private_key (&credentials)
5021  ? sendf_to_server ("SSH Authorization[password]:"
5022  "SSH key passphrase:"
5023  " <|> %s\n",
5024  password ? password : "")
5025  : sendf_to_server ("SSH Authorization[password]:"
5026  "SSH password (unsafe!):"
5027  " <|> %s\n",
5028  password ? password : "")))
5029 
5030  {
5031  fail:
5032  cleanup_iterator (&credentials);
5033  g_ptr_array_add (preference_files, NULL);
5034  array_free (preference_files);
5035  slist_free (files);
5036  g_warning ("%s: Failed to send OTP SSH preferences",
5037  __FUNCTION__);
5038  set_task_run_status (task, run_status);
5040  current_report = (report_t) 0;
5041  return -10;
5042  }
5043 
5044  if (credential_iterator_private_key (&credentials))
5045  {
5046  char *uuid = openvas_uuid_make ();
5047  if (uuid == NULL)
5048  goto fail;
5049 
5050  g_ptr_array_add (preference_files, (gpointer) uuid);
5051  g_ptr_array_add
5052  (preference_files,
5053  (gpointer) g_strdup (credential_iterator_private_key
5054  (&credentials)));
5055 
5056  if (sendf_to_server ("SSH Authorization[file]:"
5057  "SSH private key:"
5058  " <|> %s\n",
5059  uuid))
5060  goto fail;
5061  }
5062  }
5063  cleanup_iterator (&credentials);
5064  }
5065 
5066  if (smb_credential)
5067  {
5068  iterator_t credentials;
5069 
5070  init_credential_iterator_one (&credentials, smb_credential);
5071  if (next (&credentials))
5072  {
5073  const char *user = credential_iterator_login (&credentials);
5074  const char *password = credential_iterator_password (&credentials);
5075 
5076  if (sendf_to_server ("SMB Authorization[entry]:SMB login: <|> %s\n",
5077  user ? user : "")
5078  || sendf_to_server ("SMB Authorization[password]:SMB password:"
5079  " <|> %s\n",
5080  password ? password : ""))
5081  {
5082  cleanup_iterator (&credentials);
5083  g_ptr_array_add (preference_files, NULL);
5084  array_free (preference_files);
5085  slist_free (files);
5086  g_warning ("%s: Failed to send OTP SMB preferences",
5087  __FUNCTION__);
5088  set_task_run_status (task, run_status);
5090  current_report = (report_t) 0;
5091  return -10;
5092  }
5093  }
5094  cleanup_iterator (&credentials);
5095  }
5096 
5097  if (esxi_credential)
5098  {
5099  iterator_t credentials;
5100 
5101  init_credential_iterator_one (&credentials, esxi_credential);
5102  if (next (&credentials))
5103  {
5104  const char *user = credential_iterator_login (&credentials);
5105  const char *password = credential_iterator_password (&credentials);
5106 
5107  if (sendf_to_server ("ESXi Authorization[entry]:ESXi login name:"
5108  " <|> %s\n",
5109  user ? user : "")
5110  || sendf_to_server ("ESXi Authorization[password]:ESXi login password:"
5111  " <|> %s\n",
5112  password ? password : ""))
5113  {
5114  cleanup_iterator (&credentials);
5115  g_ptr_array_add (preference_files, NULL);
5116  array_free (preference_files);
5117  slist_free (files);
5118  g_warning ("%s: Failed to send OTP ESXi preferences",
5119  __FUNCTION__);
5120  set_task_run_status (task, run_status);
5122  current_report = (report_t) 0;
5123  return -10;
5124  }
5125  }
5126  cleanup_iterator (&credentials);
5127  }
5128 
5129  if (snmp_credential)
5130  {
5131  iterator_t credentials;
5132 
5133  init_credential_iterator_one (&credentials, snmp_credential);
5134  if (next (&credentials))
5135  {
5136  const char *community = credential_iterator_community (&credentials);
5137  const char *user = credential_iterator_login (&credentials);
5138  const char *password = credential_iterator_password (&credentials);
5139  const char *auth_algorithm
5140  = credential_iterator_auth_algorithm (&credentials);
5141  const char *privacy_password
5142  = credential_iterator_privacy_password (&credentials);
5143  const char *privacy_algorithm
5144  = credential_iterator_privacy_algorithm (&credentials);
5145 
5146  if (sendf_to_server ("SNMP Authorization[password]:SNMP Community:"
5147  " <|> %s\n",
5148  community ? community : "")
5149  || sendf_to_server ("SNMP Authorization[entry]:SNMPv3 Username:"
5150  " <|> %s\n",
5151  user ? user : "")
5152  || sendf_to_server ("SNMP Authorization[password]:"
5153  "SNMPv3 Password:"
5154  " <|> %s\n",
5155  password ? password : "")
5156  || sendf_to_server ("SNMP Authorization[radio]:"
5157  "SNMPv3 Authentication Algorithm:"
5158  " <|> %s\n",
5159  auth_algorithm ? auth_algorithm : "")
5160  || sendf_to_server ("SNMP Authorization[password]:"
5161  "SNMPv3 Privacy Password:"
5162  " <|> %s\n",
5163  privacy_password ? privacy_password : "")
5164  || sendf_to_server ("SNMP Authorization[radio]:"
5165  "SNMPv3 Privacy Algorithm:"
5166  " <|> %s\n",
5167  privacy_algorithm ? privacy_algorithm : ""))
5168  {
5169  cleanup_iterator (&credentials);
5170  g_ptr_array_add (preference_files, NULL);
5171  array_free (preference_files);
5172  slist_free (files);
5173  g_warning ("%s: Failed to send OTP SNMP preferences",
5174  __FUNCTION__);
5175  set_task_run_status (task, run_status);
5177  current_report = (report_t) 0;
5178  return -10;
5179  }
5180  }
5181  cleanup_iterator (&credentials);
5182  }
5183 
5184  g_ptr_array_add (preference_files, NULL);
5185 
5186  /* Send preferences for target "Alive Test", overriding config values. */
5187 
5188  if (send_alive_test_preferences (target))
5189  {
5190  array_free (preference_files);
5191  slist_free (files);
5192  g_warning ("%s: Failed to send OTP alive test preferences", __FUNCTION__);
5193  set_task_run_status (task, run_status);
5195  current_report = (report_t) 0;
5196  return -10;
5197  }
5198 
5199  /* Send network_targets preference. */
5200 
5201  hosts = target_hosts (target);
5202  assert (hosts);
5203  if (sendf_to_server ("network_targets <|> %s\n", hosts ? hosts : ""))
5204  {
5205  free (hosts);
5206  g_ptr_array_add (preference_files, NULL);
5207  array_free (preference_files);
5208  slist_free (files);
5209  g_warning ("%s: Failed to send OTP network_targets", __FUNCTION__);
5210  set_task_run_status (task, run_status);
5212  current_report = (report_t) 0;
5213  return -10;
5214  }
5215 
5216  /* End off preferences. */
5217 
5218  if (send_to_server ("<|> CLIENT\n"))
5219  {
5220  free (hosts);
5221  array_free (preference_files);
5222  slist_free (files);
5223  g_warning ("%s: Failed to send OTP CLIENT", __FUNCTION__);
5224  set_task_run_status (task, run_status);
5226  current_report = (report_t) 0;
5227  return -10;
5228  }
5229 
5230  /* Send any files stored in the config preferences. */
5231 
5232  {
5233  gchar *file;
5234  int index = 0;
5235  while ((file = g_ptr_array_index (preference_files, index)))
5236  {
5237  GSList *head;
5238  gchar *value;
5239 
5240  index++;
5241 
5242  /* Skip the file if the value of the preference is the name of a
5243  * file associated with the task. */
5244  value = g_ptr_array_index (preference_files, index);
5245  head = files;
5246  while (head)
5247  {
5248  if (strcmp (head->data, value) == 0)
5249  break;
5250  head = g_slist_next (head);
5251  }
5252 
5253  if (head == NULL && send_file (file, value))
5254  {
5255  free (hosts);
5256  array_free (preference_files);
5257  slist_free (files);
5258  g_warning ("%s: Failed to send an OTP file", __FUNCTION__);
5259  set_task_run_status (task, run_status);
5261  current_report = (report_t) 0;
5262  return -10;
5263  }
5264  index++;
5265  }
5266 
5267  array_free (preference_files);
5268  }
5269 
5270  /* Send any files. */
5271 
5272  while (files)
5273  {
5274  GSList *last = files;
5275  if (send_task_file (task, files->data))
5276  {
5277  free (hosts);
5278  slist_free (files);
5279  g_warning ("%s: Failed to send an OTP task file", __FUNCTION__);
5280  set_task_run_status (task, run_status);
5282  current_report = (report_t) 0;
5283  return -10;
5284  }
5285  files = g_slist_next (files);
5286  g_free (last->data);
5287  g_slist_free_1 (last);
5288  }
5289 
5290  /* Send the attack command. */
5291 
5292  /* Send all the hosts to the Scanner. When resuming a stopped task,
5293  * the hosts that have been completely scanned are excluded by being
5294  * included in exclude_hosts preference. */
5295  fail = sendf_to_server ("CLIENT <|> LONG_ATTACK <|>\n%d\n%s\n",
5296  strlen (hosts),
5297  hosts);
5298  free (hosts);
5299  if (fail)
5300  {
5301  g_warning ("%s: Failed to send OTP LONG_ATTACK", __FUNCTION__);
5302  set_task_run_status (task, run_status);
5304  current_report = (report_t) 0;
5305  return -10;
5306  }
5307 
5308  current_scanner_task = task;
5309 
5310  return 2;
5311 }
char * target_port_range(target_t)
const char * credential_iterator_auth_algorithm(iterator_t *)
void report_set_slave_name(report_t, const gchar *)
task_status_t
Task statuses, also used as scan/report statuses.
Definition: manage.h:218
char * target_hosts(target_t)
void report_set_slave_port(report_t, int)
long long int credential_t
Definition: manage.h:279
char * target_ssh_port(target_t)
const char * credential_iterator_password(iterator_t *)
void reinit_manage_process()
Reinitialize the manage library for a process.
Definition: manage_sql.c:14347
long long int target_t
Definition: manage.h:285
long long int config_t
Definition: manage.h:278
int config_type(config_t)
int set_report_scan_run_status(report_t, task_status_t)
void set_task_run_status(task_t, task_status_t)
Set the run state of a task.
Definition: manage_sql.c:18307
A generic SQL iterator.
Definition: iterator.h:52
int sendf_to_server(const char *format,...)
Format and send a message to the server.
task_t current_scanner_task
The task currently running on the scanner.
Definition: manage.c:998
void report_set_source_iface(report_t, const gchar *)
void report_set_slave_uuid(report_t, const gchar *)
int set_task_requested(task_t task, task_status_t *status)
Atomically set the run state of a task to requested.
Definition: manage_sql.c:18336
int openvas_scanner_connected()
Whether we have started a connection to the Scanner using openvas_scanner_connect().
Definition: scanner.c:764
const char * credential_iterator_private_key(iterator_t *)
const char * credential_iterator_privacy_password(iterator_t *)
char * task_preference_value(task_t, const char *)
void manage_session_init(const char *uuid)
Setup session.
Definition: manage_pg.c:46
long long int report_t
Definition: manage.h:288
int send_to_server(const char *msg)
Send a message to the server.
void init_credential_iterator_one(iterator_t *, credential_t)
int openvas_scanner_is_loading()
Checks whether the connected to OpenVAS Scanner is still loading plugins. To be called right after op...
Definition: scanner.c:876
long long int port_list_t
Definition: manage.h:297
void slist_free(GSList *list)
Free an slist of pointers, including the pointers.
Definition: manage.c:397
int openvas_scanner_connect()
Create a new connection to the scanner and set it as current scanner.
Definition: scanner.c:619
report_t current_report
The report of the current task.
Definition: manage.c:1003
void cleanup_iterator(iterator_t *)
Cleanup an iterator.
Definition: sql.c:664
const char * credential_iterator_login(iterator_t *)
int openvas_scanner_init(int cache_mode)
Initializes the already setup connection with the Scanner.
Definition: scanner.c:778
credentials_t current_credentials
Current credentials during any OMP command.
Definition: manage.c:717
char * report_uuid(report_t)
void set_report_scheduled(report_t report)
Set a report's scheduled flag.
Definition: manage_sql.c:18252
const char * credential_iterator_privacy_algorithm(iterator_t *)
gboolean next(iterator_t *)
Increment an iterator.
Definition: sql.c:689
void report_set_slave_host(report_t, const gchar *)
int openvas_scanner_close()
Finish the connection to the Scanner and free internal buffers.
Definition: scanner.c:551
const char * credential_iterator_community(iterator_t *)

◆ run_status_name()

const char* run_status_name ( task_status_t  status)

Get the name of a run status.

Parameters
[in]statusRun status.
Returns
The name of the status (for example, "Done" or "Running").

Definition at line 1253 of file manage.c.

1254 {
1255  switch (status)
1256  {
1259  return "Delete Requested";
1262  return "Ultimate Delete Requested";
1263  case TASK_STATUS_DONE: return "Done";
1264  case TASK_STATUS_NEW: return "New";
1265 
1266  case TASK_STATUS_REQUESTED: return "Requested";
1267 
1268  case TASK_STATUS_RUNNING: return "Running";
1269 
1273  return "Stop Requested";
1274 
1275  case TASK_STATUS_STOPPED: return "Stopped";
1276  default: return "Internal Error";
1277  }
1278 }

References TASK_STATUS_DELETE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_WAITING, TASK_STATUS_DELETE_WAITING, TASK_STATUS_DONE, TASK_STATUS_NEW, TASK_STATUS_REQUESTED, TASK_STATUS_RUNNING, TASK_STATUS_STOP_REQUESTED, TASK_STATUS_STOP_REQUESTED_GIVEUP, TASK_STATUS_STOP_WAITING, and TASK_STATUS_STOPPED.

Referenced by sql_run_status_name().

Here is the caller graph for this function:

◆ run_status_name_internal()

const char* run_status_name_internal ( task_status_t  status)

Get the unique name of a run status.

Parameters
[in]statusRun status.
Returns
The name of the status (for example, "Done" or "Running").

Definition at line 1288 of file manage.c.

1289 {
1290  switch (status)
1291  {
1292  case TASK_STATUS_DELETE_REQUESTED: return "Delete Requested";
1294  return "Ultimate Delete Requested";
1296  return "Ultimate Delete Waiting";
1297  case TASK_STATUS_DELETE_WAITING: return "Delete Waiting";
1298  case TASK_STATUS_DONE: return "Done";
1299  case TASK_STATUS_NEW: return "New";
1300 
1301  case TASK_STATUS_REQUESTED: return "Requested";
1302 
1303  case TASK_STATUS_RUNNING: return "Running";
1304 
1307  return "Stop Requested";
1308 
1310  return "Stop Waiting";
1311 
1312  case TASK_STATUS_STOPPED: return "Stopped";
1313  default: return "Internal Error";
1314  }
1315 }

References TASK_STATUS_DELETE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_WAITING, TASK_STATUS_DELETE_WAITING, TASK_STATUS_DONE, TASK_STATUS_NEW, TASK_STATUS_REQUESTED, TASK_STATUS_RUNNING, TASK_STATUS_STOP_REQUESTED, TASK_STATUS_STOP_REQUESTED_GIVEUP, TASK_STATUS_STOP_WAITING, and TASK_STATUS_STOPPED.

◆ set_certs()

int set_certs ( const char *  ca_pub,
const char *  key_pub,
const char *  key_priv 
)

Initialise OpenVAS scanner variables, checking for defaults.

Parameters
[in]ca_pubCA Certificate.
[in]key_pubScanner Certificate.
[in]key_privScanner private key.
Returns
0 success, 1 both default CA cert setting and ca_pub were NULL.

Definition at line 4312 of file manage.c.

4313 {
4314  const char *fallback;
4315 
4316  if (ca_pub == NULL)
4317  fallback = manage_default_ca_cert ();
4318  else
4319  fallback = NULL;
4320 
4321  openvas_scanner_set_certs (fallback ? fallback : ca_pub, key_pub, key_priv);
4322 
4323  if (ca_pub || fallback)
4324  return 0;
4325  return 1;
4326 }
void openvas_scanner_set_certs(const char *ca_pub, const char *key_pub, const char *key_priv)
Set the scanner's CA Certificate, and public/private key pair.
Definition: scanner.c:853
char * manage_default_ca_cert()

References manage_default_ca_cert(), and openvas_scanner_set_certs().

Referenced by manage_scanner_set().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ set_schedule_timeout()

void set_schedule_timeout ( int  new_timeout)

Set the schedule timeout.

Parameters
new_timeoutThe new schedule timeout in minutes.

Definition at line 6928 of file manage.c.

6929 {
6930  if (new_timeout < 0)
6931  schedule_timeout = -1;
6932  else
6933  schedule_timeout = new_timeout;
6934 }

◆ set_scheduled_user_uuid()

void set_scheduled_user_uuid ( gchar *  user_uuid)

Set UUID of user that scheduled the current task.

Parameters
user_uuidUUID of user that scheduled the current task.

Definition at line 6462 of file manage.c.

6463 {
6465 }
char * user_uuid(user_t)
gchar * schedule_user_uuid
UUID of user whose scheduled task is to be started (in connection with authenticate_allow_all).
Definition: manage.c:6432

References schedule_user_uuid, and user_uuid().

Here is the call graph for this function:

◆ severity_data_add()

void severity_data_add ( severity_data_t severity_data,
double  severity 
)

Add a severity occurrence to the counts of a severity_data_t.

Parameters
[in]severity_dataThe severity count struct to add to.
[in]severityThe severity to add.

Definition at line 860 of file manage.c.

861 {
862  (severity_data->counts)[severity_data_index (severity)]++;
863 
864  if (severity_data->total == 0 || severity_data->max <= severity)
865  severity_data->max = severity;
866 
867  (severity_data->total)++;
868 }
int * counts
Definition: manage.h:988
double max
Definition: manage.h:990
int severity_data_index(double severity)
Convert a severity value into an index in the counts array.
Definition: manage.c:789

References severity_data_t::counts, severity_data_t::max, severity_data_index(), and severity_data_t::total.

Here is the call graph for this function:

◆ severity_data_add_count()

void severity_data_add_count ( severity_data_t severity_data,
double  severity,
int  count 
)

Add a multiple severity occurrences to the counts of a severity_data_t.

Parameters
[in]severity_dataThe severity count struct to add to.
[in]severityThe severity to add.
[in]countThe number of occurrences to add.

Definition at line 878 of file manage.c.

880 {
881  (severity_data->counts)[severity_data_index (severity)] += count;
882 
883  if (severity_data->total == 0 || severity_data->max <= severity)
884  severity_data->max = severity;
885 
886  (severity_data->total) += count;
887 }
int * counts
Definition: manage.h:988
double max
Definition: manage.h:990
int severity_data_index(double severity)
Convert a severity value into an index in the counts array.
Definition: manage.c:789

◆ severity_data_index()

int severity_data_index ( double  severity)

Convert a severity value into an index in the counts array.

Parameters
[in]severitySeverity value.
Returns
The index, 0 for invalid severity scores.

Definition at line 789 of file manage.c.

790 {
791  int ret;
792  if (severity >= 0.0)
793  ret = (int)(round (severity * SEVERITY_SUBDIVISIONS)) + ZERO_SEVERITY_INDEX;
794  else if (severity == SEVERITY_FP || severity == SEVERITY_DEBUG
795  || severity == SEVERITY_ERROR)
796  ret = (int)(round (severity)) + ZERO_SEVERITY_INDEX;
797  else
798  ret = 0;
799 
800  return ret;
801 }
#define SEVERITY_SUBDIVISIONS
Definition: manage_utils.h:46
#define ZERO_SEVERITY_INDEX
Definition: manage.c:779
#define SEVERITY_ERROR
Definition: manage_utils.h:38
#define SEVERITY_FP
Definition: manage_utils.h:34
#define SEVERITY_DEBUG
Definition: manage_utils.h:36

References SEVERITY_DEBUG, SEVERITY_ERROR, SEVERITY_FP, SEVERITY_SUBDIVISIONS, and ZERO_SEVERITY_INDEX.

Referenced by severity_data_add().

Here is the caller graph for this function:

◆ severity_data_level_counts()

void severity_data_level_counts ( const severity_data_t severity_data,
const gchar *  severity_class,
int *  errors,
int *  debugs,
int *  false_positives,
int *  logs,
int *  lows,
int *  mediums,
int *  highs 
)

Count the occurrences of severities in the levels.

Parameters
[in]severity_dataThe severity counts data to evaluate.
[in]severity_classThe severity class setting to use.
[out]errorsThe number of error messages.
[out]debugsThe number of debug messages.
[out]false_positivesThe number of False Positives.
[out]logsThe number of Log messages.
[out]lowsThe number of Low severity results.
[out]mediumsThe number of Medium severity results.
[out]highsThe number of High severity results.

Definition at line 930 of file manage.c.

934 {
935  if (errors)
936  *errors
937  = severity_data_range_count (severity_data,
938  level_min_severity ("Error",
939  severity_class),
940  level_max_severity ("Error",
941  severity_class));
942 
943  if (debugs)
944  *debugs
945  = severity_data_range_count (severity_data,
946  level_min_severity ("Debug",
947  severity_class),
948  level_max_severity ("Debug",
949  severity_class));
950 
951  if (false_positives)
952  *false_positives
953  = severity_data_range_count (severity_data,
954  level_min_severity ("False Positive",
955  severity_class),
956  level_max_severity ("False Positive",
957  severity_class));
958 
959  if (logs)
960  *logs
961  = severity_data_range_count (severity_data,
962  level_min_severity ("Log",
963  severity_class),
964  level_max_severity ("Log",
965  severity_class));
966 
967  if (lows)
968  *lows
969  = severity_data_range_count (severity_data,
970  level_min_severity ("low",
971  severity_class),
972  level_max_severity ("low",
973  severity_class));
974 
975  if (mediums)
976  *mediums
977  = severity_data_range_count (severity_data,
978  level_min_severity ("medium",
979  severity_class),
980  level_max_severity ("medium",
981  severity_class));
982 
983  if (highs)
984  *highs
985  = severity_data_range_count (severity_data,
986  level_min_severity ("high",
987  severity_class),
988  level_max_severity ("high",
989  severity_class));
990 }
int severity_data_range_count(const severity_data_t *severity_data, double min_severity, double max_severity)
Calculate the total of severity counts in a range.
Definition: manage.c:899
double level_max_severity(const char *level, const char *class)
Get the minimum severity for a severity level and class.
Definition: manage_utils.c:454
double level_min_severity(const char *level, const char *class)
Get the minimum severity for a severity level and class.
Definition: manage_utils.c:403

References level_max_severity(), level_min_severity(), and severity_data_range_count().

Here is the call graph for this function:

◆ severity_data_range_count()

int severity_data_range_count ( const severity_data_t severity_data,
double  min_severity,
double  max_severity 
)

Calculate the total of severity counts in a range.

Parameters
[in]severity_dataThe severity data struct to get counts from.
[in]min_severityThe minimum severity included in the range.
[in]max_severityThe maximum severity included in the range.
Returns
The total of severity counts in the specified range.

Definition at line 899 of file manage.c.

901 {
902  int i, i_max, count;
903 
904  i_max = severity_data_index (max_severity);
905  count = 0;
906 
907  for (i = severity_data_index (min_severity);
908  i <= i_max;
909  i++)
910  {
911  count += (severity_data->counts)[i];
912  }
913  return count;
914 }
int * counts
Definition: manage.h:988
int severity_data_index(double severity)
Convert a severity value into an index in the counts array.
Definition: manage.c:789

Referenced by severity_data_level_counts().

Here is the caller graph for this function:

◆ severity_data_value()

double severity_data_value ( int  index)

Convert an index in the counts array to a severity value.

Parameters
[in]indexIndex in the counts array.
Returns
The corresponding severity value.

Definition at line 811 of file manage.c.

812 {
813  double ret;
814  if (index <= ZERO_SEVERITY_INDEX && index > 0)
815  ret = ((double) index) - ZERO_SEVERITY_INDEX;
816  else if (index <= (ZERO_SEVERITY_INDEX
818  ret = (((double) (index - ZERO_SEVERITY_INDEX)) / SEVERITY_SUBDIVISIONS);
819  else
820  ret = SEVERITY_MISSING;
821 
822  return ret;
823 }
#define SEVERITY_SUBDIVISIONS
Definition: manage_utils.h:46
#define ZERO_SEVERITY_INDEX
Definition: manage.c:779
#define SEVERITY_MISSING
Definition: manage_utils.h:40
#define SEVERITY_MAX
Definition: manage_utils.h:44

References SEVERITY_MAX, SEVERITY_MISSING, SEVERITY_SUBDIVISIONS, and ZERO_SEVERITY_INDEX.

◆ severity_in_level()

int severity_in_level ( double  severity,
const char *  level 
)

Check whether a severity falls within a threat level.

Parameters
[in]severitySeverity.
[in]levelThreat level.
Returns
1 if in level, else 0.

Definition at line 583 of file manage.c.

584 {
585  const char *class;
586 
587  class = setting_severity ();
588  if (strcmp (class, "classic") == 0)
589  {
590  if (strcmp (level, "high") == 0)
591  return severity > 5 && severity <= 10;
592  else if (strcmp (level, "medium") == 0)
593  return severity > 2 && severity <= 5;
594  else if (strcmp (level, "low") == 0)
595  return severity > 0 && severity <= 2;
596  else if (strcmp (level, "none") == 0 || strcmp (level, "log") == 0)
597  return severity == 0;
598  else
599  return 0;
600  }
601  else if (strcmp (class, "pci-dss") == 0)
602  {
603  if (strcmp (level, "high") == 0)
604  return severity >= 4.0;
605  else if (strcmp (level, "none") == 0 || strcmp (level, "log") == 0)
606  return severity >= 0.0 && severity < 4.0;
607  else
608  return 0;
609  }
610  else
611  {
612  /* NIST/BSI. */
613  if (strcmp (level, "high") == 0)
614  return severity >= 7 && severity <= 10;
615  else if (strcmp (level, "medium") == 0)
616  return severity >= 4 && severity < 7;
617  else if (strcmp (level, "low") == 0)
618  return severity > 0 && severity < 4;
619  else if (strcmp (level, "none") == 0 || strcmp (level, "log") == 0)
620  return severity == 0;
621  else
622  return 0;
623  }
624 }
const char * setting_severity()

References setting_severity().

Referenced by severity_to_level(), and sql_severity_in_level().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ severity_matches_ov()

int severity_matches_ov ( double  severity,
double  ov_severity 
)

Check whether a severity matches an override's severity.

Parameters
[in]severityseverity score
[in]ov_severityoverride severity score to match
Returns
1 if matches, else 0.

Definition at line 635 of file manage.c.

636 {
637  if (ov_severity <= 0.0)
638  return severity == ov_severity;
639  else
640  return severity >= ov_severity;
641 }

Referenced by sql_severity_matches_ov().

Here is the caller graph for this function:

◆ severity_to_level()

const char* severity_to_level ( double  severity,
int  mode 
)

Get the threat level matching a severity score.

Parameters
[in]severityseverity score
[in]mode0 for normal levels, 1 to use "Alarm" for severity > 0.0
Returns
the level as a static string

Definition at line 652 of file manage.c.

653 {
654  if (severity == SEVERITY_LOG)
655  return "Log";
656  else if (severity == SEVERITY_FP)
657  return "False Positive";
658  else if (severity == SEVERITY_DEBUG)
659  return "Debug";
660  else if (severity == SEVERITY_ERROR)
661  return "Error";
662  else if (severity > 0.0 && severity <= 10.0)
663  {
664  if (mode == 1)
665  return ("Alarm");
666  else if (severity_in_level (severity, "high"))
667  return ("High");
668  else if (severity_in_level (severity, "medium"))
669  return ("Medium");
670  else if (severity_in_level (severity, "low"))
671  return ("Low");
672  else
673  return ("Log");
674  }
675  else
676  {
677  g_warning ("%s: Invalid severity score given: %f",
678  __FUNCTION__, severity);
679  return (NULL);
680  }
681 }
#define SEVERITY_ERROR
Definition: manage_utils.h:38
#define SEVERITY_FP
Definition: manage_utils.h:34
#define SEVERITY_DEBUG
Definition: manage_utils.h:36
int severity_in_level(double severity, const char *level)
Check whether a severity falls within a threat level.
Definition: manage.c:583
#define SEVERITY_LOG
Definition: manage_utils.h:32

References SEVERITY_DEBUG, SEVERITY_ERROR, SEVERITY_FP, severity_in_level(), and SEVERITY_LOG.

Referenced by sql_severity_to_level().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ severity_to_type()

const char* severity_to_type ( double  severity)

Get the message type matching a severity score.

Parameters
[in]severityseverity score
Returns
the message type as a static string

Definition at line 691 of file manage.c.

692 {
693  if (severity == SEVERITY_LOG)
694  return "Log Message";
695  else if (severity == SEVERITY_FP)
696  return "False Positive";
697  else if (severity == SEVERITY_DEBUG)
698  return "Debug Message";
699  else if (severity == SEVERITY_ERROR)
700  return "Error Message";
701  else if (severity > 0.0 && severity <= 10.0)
702  return "Alarm";
703  else
704  {
705  g_warning ("%s: Invalid severity score given: %f",
706  __FUNCTION__, severity);
707  return (NULL);
708  }
709 }
#define SEVERITY_ERROR
Definition: manage_utils.h:38
#define SEVERITY_FP
Definition: manage_utils.h:34
#define SEVERITY_DEBUG
Definition: manage_utils.h:36
#define SEVERITY_LOG
Definition: manage_utils.h:32

References SEVERITY_DEBUG, SEVERITY_ERROR, SEVERITY_FP, and SEVERITY_LOG.

Referenced by sql_severity_to_type().

Here is the caller graph for this function:

◆ slave_authenticate()

int slave_authenticate ( gnutls_session_t *  session,
scanner_t  slave 
)

Authenticate with a slave.

Parameters
[in]sessionGNUTLS session.
[in]slaveSlave.
Returns
0 success, -1 error.

Definition at line 2074 of file manage.c.

2075 {
2076  int ret;
2077  gchar *login, *password;
2078 
2079  login = scanner_login (slave);
2080  if (login == NULL)
2081  return -1;
2082 
2083  password = scanner_password (slave);
2084  if (password == NULL)
2085  {
2086  g_free (login);
2087  return -1;
2088  }
2089 
2090  ret = omp_authenticate (session, login, password);
2091  g_free (login);
2092  g_free (password);
2093  if (ret)
2094  return -1;
2095  return 0;
2096 }
char * scanner_login(scanner_t)
char * scanner_password(scanner_t)

References scanner_login(), and scanner_password().

Here is the call graph for this function:

◆ slist_free()

void slist_free ( GSList *  list)

Free an slist of pointers, including the pointers.

Parameters
[in]listThe list.
Todo:
Duplicate in openvas_string module (openvas_string_list_free) . Find proper module to place this function.

Definition at line 397 of file manage.c.

398 {
399  GSList *head = list;
400  while (list)
401  {
402  g_free (list->data);
403  list = g_slist_next (list);
404  }
405  g_slist_free (head);
406 }

◆ start_task()

int start_task ( const char *  task_id,
char **  report_id 
)

Start a task.

Use send_to_server to queue the task start sequence in the scanner output buffer.

Only one task can run at a time in a process.

Parameters
[in]task_idThe task ID.
[out]report_idThe report ID.
Returns
Before forking: 1 task is active already, 3 failed to find task, 99 permission denied, -1 internal error, -2 task is missing a target, -3 creating the report failed, -4 target missing hosts, -6 already a task running in this process, -7 no CA cert, -9 fork failed. After forking: 0 success (parent), 2 success (child), -10 error (child).

Definition at line 5399 of file manage.c.

5400 {
5401  if (acl_user_may ("start_task") == 0)
5402  return 99;
5403 
5404  return run_task (task_id, report_id, 0);
5405 }
unsigned int task_id(task_t)
Return the identifier of a task.
Definition: manage_sql.c:17869
int acl_user_may(const char *operation)
Test whether a user may perform an operation.
Definition: manage_acl.c:56

References acl_user_may().

Here is the call graph for this function:

◆ stop_task()

int stop_task ( const char *  task_id)

Initiate stopping a task.

Use send_to_server to queue the task stop sequence in the scanner output buffer.

Parameters
[in]task_idTask UUID.
Returns
0 on success, 1 if stop requested, 3 failed to find task, 99 permission denied, -1 if out of space in scanner output buffer, -5 scanner down.

Definition at line 5514 of file manage.c.

5515 {
5516  task_t task;
5517 
5518  if (acl_user_may ("stop_task") == 0)
5519  return 99;
5520 
5521  task = 0;
5522  if (find_task_with_permission (task_id, &task, "stop_task"))
5523  return -1;
5524  if (task == 0)
5525  return 3;
5526 
5527  if (config_type (task_config (task)) != 0)
5528  return stop_osp_task (task);
5529 
5530  return stop_task_internal (task);
5531 }
int config_type(config_t)
config_t task_config(task_t)
Return the config of a task.
Definition: manage_sql.c:18016
unsigned int task_id(task_t)
Return the identifier of a task.
Definition: manage_sql.c:17869
int stop_task_internal(task_t task)
Initiate stopping a task.
Definition: manage.c:5447
gboolean find_task_with_permission(const char *, task_t *, const char *)
int acl_user_may(const char *operation)
Test whether a user may perform an operation.
Definition: manage_acl.c:56
long long int task_t
Definition: manage.h:286

References acl_user_may(), config_type(), find_task_with_permission(), task_config(), and task_id().

Here is the call graph for this function:

◆ stop_task_internal()

int stop_task_internal ( task_t  task)

Initiate stopping a task.

Use send_to_server to queue the task stop sequence in the scanner output buffer.

Parameters
[in]taskTask.
Returns
0 on success, 1 if stop requested, -1 if out of space in scanner output buffer, -5 scanner down, -7 no CA cert.

Definition at line 5447 of file manage.c.

5448 {
5449  task_status_t run_status;
5450 
5451  run_status = task_run_status (task);
5452  if (run_status == TASK_STATUS_REQUESTED
5453  || run_status == TASK_STATUS_RUNNING)
5454  {
5455  if (current_scanner_task == task)
5456  {
5457  scanner_t scanner = task_scanner (task);
5458 
5459  assert (scanner);
5460  switch (scanner_setup (scanner))
5461  {
5462  case 0:
5463  break;
5464  case 1:
5465  return -7;
5466  default:
5467  return -5;
5468  }
5471  return -5;
5472  if (send_to_server ("CLIENT <|> STOP_WHOLE_TEST <|> CLIENT\n"))
5473  return -1;
5474  }
5476  return 1;
5477  }
5478  else if (run_status == TASK_STATUS_DELETE_REQUESTED
5479  || run_status == TASK_STATUS_DELETE_WAITING
5480  || run_status == TASK_STATUS_DELETE_ULTIMATE_REQUESTED
5481  || run_status == TASK_STATUS_DELETE_ULTIMATE_WAITING
5482  || run_status == TASK_STATUS_STOP_REQUESTED
5483  || run_status == TASK_STATUS_STOP_WAITING)
5484  {
5485  scanner_t scanner;
5486 
5487  scanner = task_scanner (task);
5488  assert (scanner);
5489  if (scanner_type (scanner) == SCANNER_TYPE_OMP)
5490  {
5491  /* A special request from the user to get the task out of a requested
5492  * state when contact with the slave is lost. */
5494  return 1;
5495  }
5496  }
5497 
5498  return 0;
5499 }
task_status_t
Task statuses, also used as scan/report statuses.
Definition: manage.h:218
void set_task_run_status(task_t, task_status_t)
Set the run state of a task.
Definition: manage_sql.c:18307
task_t current_scanner_task
The task currently running on the scanner.
Definition: manage.c:998
int openvas_scanner_connected()
Whether we have started a connection to the Scanner using openvas_scanner_connect().
Definition: scanner.c:764
task_status_t task_run_status(task_t)
Return the run state of a task.
Definition: manage_sql.c:18238
int send_to_server(const char *msg)
Send a message to the server.
int openvas_scanner_connect()
Create a new connection to the scanner and set it as current scanner.
Definition: scanner.c:619
scanner_t task_scanner(task_t)
Return the scanner of a task.
Definition: manage_sql.c:18183
int openvas_scanner_init(int cache_mode)
Initializes the already setup connection with the Scanner.
Definition: scanner.c:778
scanner_type
Scanner types.
Definition: manage.h:267
long long int scanner_t
Definition: manage.h:300

References current_scanner_task, task_run_status(), task_scanner(), TASK_STATUS_REQUESTED, and TASK_STATUS_RUNNING.

Referenced by move_task().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ threat_message_type()

const char* threat_message_type ( const char *  threat)

Get the message type of a threat.

Parameters
threatThreat.
Returns
Static message type name if threat names a threat, else NULL.

Definition at line 526 of file manage.c.

527 {
528  if (strcasecmp (threat, "High") == 0)
529  return "Alarm";
530  if (strcasecmp (threat, "Medium") == 0)
531  return "Alarm";
532  if (strcasecmp (threat, "Low") == 0)
533  return "Alarm";
534  if (strcasecmp (threat, "Log") == 0)
535  return "Log Message";
536  if (strcasecmp (threat, "Debug") == 0)
537  return "Debug Message";
538  if (strcasecmp (threat, "Error") == 0)
539  return "Error Message";
540  if (strcasecmp (threat, "False Positive") == 0)
541  return "False Positive";
542  return NULL;
543 }

◆ truncate_certificate()

gchar* truncate_certificate ( const gchar *  certificate)

Truncate a certificate, removing extra data.

Parameters
[in]certificateThe certificate.
Returns
The truncated private key as a newly allocated string or NULL.

Definition at line 174 of file manage.c.

175 {
176  gchar *cert_start, *cert_end;
177  cert_start = strstr (certificate, "-----BEGIN CERTIFICATE-----");
178  if (cert_start)
179  {
180  cert_end = strstr (cert_start, "-----END CERTIFICATE-----");
181 
182  if (cert_end == NULL)
183  return NULL;
184 
185  cert_end += strlen ("-----END CERTIFICATE-----");
186 
187  if (cert_end[0] == '\n')
188  cert_end++;
189 
190  return g_strndup (cert_start, cert_end - cert_start);
191  }
192  return NULL;
193 }

Referenced by get_certificate_info().

Here is the caller graph for this function:

◆ truncate_private_key()

gchar* truncate_private_key ( const gchar *  private_key)

Truncate a private key, removing extra data.

Parameters
[in]private_keyThe private key.
Returns
The truncated private key as a newly allocated string or NULL.

Definition at line 203 of file manage.c.

204 {
205  gchar *key_start, *key_end;
206  key_end = NULL;
207  key_start = strstr (private_key, "-----BEGIN RSA PRIVATE KEY-----");
208  if (key_start)
209  {
210  key_end = strstr (key_start, "-----END RSA PRIVATE KEY-----");
211 
212  if (key_end)
213  key_end += strlen ("-----END RSA PRIVATE KEY-----");
214  else
215  return NULL;
216  }
217  else
218  {
219  key_start = strstr (private_key, "-----BEGIN DSA PRIVATE KEY-----");
220  if (key_start)
221  {
222  key_end = strstr (key_start, "-----END DSA PRIVATE KEY-----");
223 
224  if (key_end)
225  key_end += strlen ("-----END DSA PRIVATE KEY-----");
226  else
227  return NULL;
228  }
229  }
230 
231  if (key_end && key_end[0] == '\n')
232  key_end++;
233 
234  if (key_start == NULL || key_end == NULL)
235  return NULL;
236  else
237  return g_strndup (key_start, key_end - key_start);
238 }

◆ type_is_scap()

int type_is_scap ( const char *  type)

Check if a type is a SCAP type.

Parameters
[in]typeResource type.
Returns
Name of type.

Definition at line 474 of file manage.c.

475 {
476  return (strcasecmp (type, "cpe") == 0)
477  || (strcasecmp (type, "cve") == 0)
478  || (strcasecmp (type, "ovaldef") == 0);
479 }

◆ type_name()

const char* type_name ( const char *  type)

Return the name of a resource type.

Parameters
[in]typeResource type.
Returns
Name of type.

Definition at line 445 of file manage.c.

446 {
447  if (type == NULL)
448  return "ERROR";
449 
450  if (strcasecmp (type, "cpe") == 0)
451  return "CPE";
452  if (strcasecmp (type, "cve") == 0)
453  return "CVE";
454  if (strcasecmp (type, "cert_bund_adv") == 0)
455  return "CERT-Bund Advisory";
456  if (strcasecmp (type, "dfn_cert_adv") == 0)
457  return "DFN-CERT Advisory";
458  if (strcasecmp (type, "nvt") == 0)
459  return "NVT";
460  if (strcasecmp (type, "ovaldef") == 0)
461  return "OVAL Definition";
462 
463  return "ERROR";
464 }

◆ type_name_plural()

const char* type_name_plural ( const char *  type)

Return the plural name of a resource type.

Parameters
[in]typeResource type.
Returns
Plural name of type.

Definition at line 416 of file manage.c.

417 {
418  if (type == NULL)
419  return "ERROR";
420 
421  if (strcasecmp (type, "cpe") == 0)
422  return "CPEs";
423  if (strcasecmp (type, "cve") == 0)
424  return "CVEs";
425  if (strcasecmp (type, "cert_bund_adv") == 0)
426  return "CERT-Bund Advisories";
427  if (strcasecmp (type, "dfn_cert_adv") == 0)
428  return "DFN-CERT Advisories";
429  if (strcasecmp (type, "nvt") == 0)
430  return "NVTs";
431  if (strcasecmp (type, "ovaldef") == 0)
432  return "OVAL Definitions";
433 
434  return "ERROR";
435 }

◆ update_end_times()

int update_end_times ( entity_t  report)

Update end times, and optionally add host details.

Parameters
[in]reportReport.
Returns
0 success, -1 error.

Definition at line 2202 of file manage.c.

2203 {
2204  entity_t end;
2205  entities_t entities;
2206 
2207  /* Set the scan end time. */
2208 
2209  entities = report->entities;
2210  while ((end = first_entity (entities)))
2211  {
2212  if (strcmp (entity_name (end), "scan_end") == 0)
2213  {
2214  char *text;
2215  text = entity_text (end);
2216  while (*text && isspace (*text)) text++;
2217  if (*text == '\0')
2218  break;
2220  g_strdup (entity_text (end)));
2221  set_scan_end_time (current_report, entity_text (end));
2222  break;
2223  }
2224  entities = next_entities (entities);
2225  }
2226 
2227  /* Add host details and set the host end times. */
2228 
2229  entities = report->entities;
2230  while ((end = first_entity (entities)))
2231  {
2232  if (strcmp (entity_name (end), "host_end") == 0)
2233  {
2234  entity_t host;
2235  char *text;
2236 
2237  /* Set the end time this way first, in case the slave is
2238  * very old. */
2239 
2240  host = entity_child (end, "host");
2241  if (host == NULL)
2242  return -1;
2243 
2244  text = entity_text (end);
2245  while (*text && isspace (*text)) text++;
2246  if (*text != '\0')
2248  entity_text (host),
2249  entity_text (end));
2250  }
2251 
2252  if (strcmp (entity_name (end), "host") == 0)
2253  {
2254  entity_t ip, time;
2255  char *text;
2256 
2257  ip = entity_child (end, "ip");
2258  if (ip == NULL)
2259  return -1;
2260 
2261  time = entity_child (end, "end");
2262  if (time == NULL)
2263  return -1;
2264 
2265  text = entity_text (time);
2266  while (*text && isspace (*text)) text++;
2267  if ((*text != '\0')
2268  && (scan_host_end_time (current_report, entity_text (ip)) == 0))
2269  {
2271  entity_text (ip),
2272  entity_text (time));
2274  entity_text (ip),
2275  end))
2276  return -1;
2277  }
2278  }
2279 
2280  entities = next_entities (entities);
2281  }
2282 
2283  return 0;
2284 }
int scan_host_end_time(report_t, const char *)
task_t current_scanner_task
The task currently running on the scanner.
Definition: manage.c:998
void set_scan_host_end_time(report_t, const char *, const char *)
void set_scan_end_time(report_t, const char *)
report_t current_report
The report of the current task.
Definition: manage.c:1003
void set_task_end_time(task_t task, char *time)
int manage_report_host_details(report_t, const char *, entity_t)

References current_report, current_scanner_task, manage_report_host_details(), scan_host_end_time(), set_scan_end_time(), set_scan_host_end_time(), and set_task_end_time().

Here is the call graph for this function:

◆ update_slave_progress()

int update_slave_progress ( entity_t  get_tasks)

Update the locally cached task progress from the slave.

Parameters
[in]get_tasksSlave GET_TASKS response.
Returns
0 success, -1 error.

Definition at line 2025 of file manage.c.

2026 {
2027  entity_t entity;
2028 
2029  entity = entity_child (get_tasks, "task");
2030  if (entity == NULL)
2031  return -1;
2032  entity = entity_child (entity, "progress");
2033  if (entity == NULL)
2034  return -1;
2035 
2036  if (current_report == 0)
2037  return -1;
2038 
2040  atoi (entity_text (entity)));
2041 
2042  return 0;
2043 }
int set_report_slave_progress(report_t, int)
report_t current_report
The report of the current task.
Definition: manage.c:1003

References current_report, and set_report_slave_progress().

Here is the call graph for this function:

◆ validate_username()

int validate_username ( const gchar *  name)

Validates a username.

Parameters
[in]nameThe name.
Returns
0 if the username is valid, 1 if not.

Definition at line 8001 of file manage.c.

◆ xsl_transform()

gchar* xsl_transform ( gchar *  stylesheet,
gchar *  xmlfile,
gchar **  param_names,
gchar **  param_values 
)

Run xsltproc in an external process.

Parameters
[in]stylesheetXSL stylesheet to use.
[in]xmlfileXML file to process.
[in]param_namesNULL terminated array of stringparam names (can be NULL).
[in]param_valuesNULL terminated array of stringparam values (can be NULL).
Returns
A dynamically allocated (to be g_free'd) string containing the result of the operation of NULL on failure.

Definition at line 7535 of file manage.c.

7537 {
7538  int i, param_idx;
7539  gchar **cmd, *cmd_full;
7540  gint exit_status;
7541  gboolean success;
7542  gchar *standard_out = NULL, *standard_err = NULL;
7543 
7544  param_idx = 0;
7545  if (param_names && param_values)
7546  while (param_names[param_idx] && param_values[param_idx])
7547  param_idx++;
7548 
7549  cmd = (gchar **)g_malloc ((4 + param_idx * 3) * sizeof (gchar *));
7550 
7551  i = 0;
7552  cmd[i++] = "xsltproc";
7553  if (param_idx)
7554  {
7555  int j;
7556 
7557  for (j = 0; j < param_idx; j++)
7558  {
7559  cmd[i++] = "--stringparam";
7560  cmd[i++] = param_names[j];
7561  cmd[i++] = param_values[j];
7562  }
7563  }
7564  cmd[i++] = stylesheet;
7565  cmd[i++] = xmlfile;
7566  cmd[i] = NULL;
7567 
7568 
7569  /* DEBUG: display the final command line. */
7570  cmd_full = g_strjoinv (" ", cmd);
7571  g_debug ("%s: Spawning in parent dir: %s\n",
7572  __FUNCTION__, cmd_full);
7573  g_free (cmd_full);
7574  /* --- */
7575 
7576  if ((g_spawn_sync (NULL,
7577  cmd,
7578  NULL, /* Environment. */
7579  G_SPAWN_SEARCH_PATH,
7580  NULL, /* Setup function. */
7581  NULL,
7582  &standard_out,
7583  &standard_err,
7584  &exit_status,
7585  NULL)
7586  == FALSE)
7587  || (WIFEXITED (exit_status) == 0)
7588  || WEXITSTATUS (exit_status))
7589  {
7590  g_debug ("%s: failed to transform the xml: %d (WIF %i, WEX %i)",
7591  __FUNCTION__,
7592  exit_status,
7593  WIFEXITED (exit_status),
7594  WEXITSTATUS (exit_status));
7595  g_debug ("%s: stderr: %s\n", __FUNCTION__, standard_err);
7596  g_debug ("%s: stdout: %s\n", __FUNCTION__, standard_out);
7597  success = FALSE;
7598  }
7599  else if (strlen (standard_out) == 0)
7600  success = FALSE; /* execution succeeded but nothing was found */
7601  else
7602  success = TRUE; /* execution succeeded and we have a result */
7603 
7604  /* Cleanup. */
7605  g_free (cmd);
7606  g_free (standard_err);
7607 
7608  if (success)
7609  return standard_out;
7610 
7611  g_free (standard_out);
7612  return NULL;
7613 }

Variable Documentation

◆ authenticate_allow_all

int authenticate_allow_all = 0

Flag for manage_auth_allow_all.

1 if set via scheduler, 2 if set via event, else 0.

Definition at line 6426 of file manage.c.

Referenced by manage_auth_allow_all().

◆ current_credentials

◆ current_report

report_t current_report = (report_t) 0

The report of the current task.

Definition at line 1003 of file manage.c.

Referenced by manage_reset_currents(), update_end_times(), and update_slave_progress().

◆ current_scanner_task

task_t current_scanner_task = (task_t) 0

The task currently running on the scanner.

Definition at line 998 of file manage.c.

Referenced by manage_check_current_task(), manage_cleanup_process_error(), manage_reset_currents(), stop_task_internal(), and update_end_times().

◆ schedule_user_uuid

gchar* schedule_user_uuid = NULL

UUID of user whose scheduled task is to be started (in connection with authenticate_allow_all).

Definition at line 6432 of file manage.c.

Referenced by get_scheduled_user_uuid(), and set_scheduled_user_uuid().

◆ slave_config_uuid

gchar* slave_config_uuid = NULL

Slave config UUID.

Definition at line 2000 of file manage.c.

Referenced by delete_slave_task().

◆ slave_connection

openvas_connection_t* slave_connection = NULL

Slave session.

Definition at line 2015 of file manage.c.

◆ slave_esxi_credential_uuid

gchar* slave_esxi_credential_uuid = NULL

Slave credential UUID.

Definition at line 1980 of file manage.c.

◆ slave_port_list_uuid

gchar* slave_port_list_uuid = NULL

Slave target UUID.

Definition at line 1995 of file manage.c.

Referenced by delete_slave_task().

◆ slave_report_uuid

gchar* slave_report_uuid = NULL

Slave report UUID.

Definition at line 2010 of file manage.c.

◆ slave_smb_credential_uuid

gchar* slave_smb_credential_uuid = NULL

Slave credential UUID.

Definition at line 1975 of file manage.c.

Referenced by delete_slave_task().

◆ slave_snmp_credential_uuid

gchar* slave_snmp_credential_uuid = NULL

Slave credential UUID.

Definition at line 1985 of file manage.c.

◆ slave_ssh_credential_uuid

gchar* slave_ssh_credential_uuid = NULL

Slave credential UUID.

Definition at line 1970 of file manage.c.

Referenced by delete_slave_task().

◆ slave_target_uuid

gchar* slave_target_uuid = NULL

Slave target UUID.

Definition at line 1990 of file manage.c.

Referenced by delete_slave_task().

◆ slave_task_uuid

gchar* slave_task_uuid = NULL

Slave task UUID.

Definition at line 2005 of file manage.c.

Referenced by delete_slave_task().

◆ termination_signal

volatile int termination_signal

Flag for signal handlers.

Definition at line 256 of file openvasmd.c.

Referenced by handle_termination_signal().