37 #include <openvas/misc/openvas_uuid.h> 43 #define G_LOG_DOMAIN "md manage" 82 tag_value (
const gchar *tags,
const gchar *tag);
95 sql (
"CREATE TEMPORARY TABLE IF NOT EXISTS current_credentials" 96 " (id INTEGER PRIMARY KEY," 97 " uuid text UNIQUE NOT NULL," 98 " tz_override text);");
99 sql (
"DELETE FROM current_credentials;");
101 sql (
"INSERT INTO current_credentials (uuid) VALUES ('%s');", uuid);
126 return sql_int (
"SELECT count (*) FROM main.sqlite_master" 127 " WHERE type = 'table'" 128 " AND name = 'meta';")
145 sql_t (sqlite3_context *context,
int argc, sqlite3_value** argv)
149 sqlite3_result_int (context, 1);
165 sqlite3_value** argv)
167 const unsigned char *str, *substr, *substr_in_str;
171 str = sqlite3_value_text (argv[0]);
172 substr = sqlite3_value_text (argv[1]);
176 sqlite3_result_error (context,
"Failed to get string argument", -1);
182 sqlite3_result_error (context,
"Failed to get substring argument", -1);
186 substr_in_str = (
const unsigned char *)g_strrstr ((
const gchar*)str,
187 (
const gchar*)substr);
189 sqlite3_result_int (context,
190 substr_in_str ? substr_in_str - str + 1 : 0);
206 unsigned int one, two, three, four;
207 one = two = three = four = 0;
212 ip = (
const char *) sqlite3_value_text (argv[0]);
214 sqlite3_result_int (context, 0);
217 if (g_regex_match_simple (
"^[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+$",
219 && sscanf (ip,
"%u.%u.%u.%u", &one, &two, &three, &four) == 4)
221 ip_expanded = g_strdup_printf (
"%03u.%03u.%03u.%03u",
222 one, two, three, four);
223 sqlite3_result_text (context,
225 -1, SQLITE_TRANSIENT);
226 g_free (ip_expanded);
229 sqlite3_result_text (context, ip, -1, SQLITE_TRANSIENT);
244 sqlite3_value** argv)
250 type = (
const char *) sqlite3_value_text (argv[0]);
252 sqlite3_result_int (context, 8);
253 else if (strcmp (type,
"Security Hole") == 0)
254 sqlite3_result_int (context, 1);
255 else if (strcmp (type,
"Security Warning") == 0)
256 sqlite3_result_int (context, 2);
257 else if (strcmp (type,
"Security Note") == 0)
258 sqlite3_result_int (context, 3);
259 else if (strcmp (type,
"Log Message") == 0)
260 sqlite3_result_int (context, 4);
261 else if (strcmp (type,
"Debug Message") == 0)
262 sqlite3_result_int (context, 5);
263 else if (strcmp (type,
"Error Message") == 0)
264 sqlite3_result_int (context, 6);
266 sqlite3_result_int (context, 7);
286 port = (
const char *) sqlite3_value_text (argv[0]);
288 port_num = atoi (port);
290 sqlite3_result_int (context, port_num);
291 else if (sscanf (port,
"%*s (%i/%*s)", &port_num) == 1)
292 sqlite3_result_int (context, port_num);
294 sqlite3_result_int (context, 0);
313 name = (
const char *) sqlite3_value_text (argv[0]);
315 sqlite3_result_text (context,
"", -1, SQLITE_TRANSIENT);
316 else if (strcmp (name,
"Admin") == 0)
317 sqlite3_result_text (context,
" !", -1, SQLITE_TRANSIENT);
319 sqlite3_result_text (context, name, -1, SQLITE_TRANSIENT);
338 type = (
const char *) sqlite3_value_text (argv[0]);
340 sqlite3_result_int (context, 9);
341 else if (strcmp (type,
"High") == 0)
342 sqlite3_result_int (context, 1);
343 else if (strcmp (type,
"Medium") == 0)
344 sqlite3_result_int (context, 2);
345 else if (strcmp (type,
"Low") == 0)
346 sqlite3_result_int (context, 3);
347 else if (strcmp (type,
"Log") == 0)
348 sqlite3_result_int (context, 4);
349 else if (strcmp (type,
"Debug") == 0)
350 sqlite3_result_int (context, 5);
351 else if (strcmp (type,
"False Positive") == 0)
352 sqlite3_result_int (context, 6);
353 else if (strcmp (type,
"None") == 0)
354 sqlite3_result_int (context, 7);
356 sqlite3_result_int (context, 8);
375 uuid = openvas_uuid_make ();
378 sqlite3_result_error (context,
"Failed to create UUID", -1);
382 sqlite3_result_text (context, uuid, -1, free);
397 gchar **split, **point, *stripped_host;
398 const unsigned char *hosts, *host;
402 hosts = sqlite3_value_text (argv[0]);
405 sqlite3_result_error (context,
"Failed to get hosts argument", -1);
409 host = sqlite3_value_text (argv[1]);
412 sqlite3_result_error (context,
"Failed to get host argument", -1);
416 stripped_host = g_strstrip (g_strdup ((gchar*) host));
417 split = g_strsplit ((gchar*) hosts,
",", 0);
421 if (strcmp (g_strstrip (*point), stripped_host) == 0)
424 g_free (stripped_host);
425 sqlite3_result_int (context, 1);
431 g_free (stripped_host);
433 sqlite3_result_int (context, 0);
448 const unsigned char *hosts;
453 hosts = sqlite3_value_text (argv[0]);
456 sqlite3_result_error (context,
"Failed to get hosts argument", -1);
461 sqlite3_result_text (context, clean, -1, SQLITE_TRANSIENT);
477 sql_uniquify (sqlite3_context *context,
int argc, sqlite3_value** argv)
479 const unsigned char *proposed_name, *type, *suffix;
480 gchar *candidate_name, *quoted_candidate_name;
486 type = sqlite3_value_text (argv[0]);
489 sqlite3_result_error (context,
"Failed to get type argument", -1);
493 proposed_name = sqlite3_value_text (argv[1]);
494 if (proposed_name == NULL)
496 sqlite3_result_error (context,
497 "Failed to get proposed name argument",
502 owner = sqlite3_value_int64 (argv[2]);
504 suffix = sqlite3_value_text (argv[3]);
507 sqlite3_result_error (context,
508 "Failed to get suffix argument",
514 candidate_name = g_strdup_printf (
"%s%s%c%i", proposed_name, suffix,
515 strcmp ((
char*) type,
"user") ?
' ' :
'_',
517 quoted_candidate_name =
sql_quote (candidate_name);
519 while (
sql_int (
"SELECT COUNT (*) FROM %ss WHERE name = '%s'" 520 " AND ((owner IS NULL) OR (owner = %llu));",
522 quoted_candidate_name,
525 g_free (candidate_name);
526 g_free (quoted_candidate_name);
527 candidate_name = g_strdup_printf (
"%s%s%c%u", proposed_name, suffix,
528 strcmp ((
char*) type,
"user")
532 quoted_candidate_name =
sql_quote (candidate_name);
535 g_free (quoted_candidate_name);
537 sqlite3_result_text (context, candidate_name, -1, SQLITE_TRANSIENT);
538 g_free (candidate_name);
551 sql_iso_time (sqlite3_context *context,
int argc, sqlite3_value** argv)
557 epoch_time = sqlite3_value_int (argv[0]);
559 sqlite3_result_text (context,
"", -1, SQLITE_TRANSIENT);
566 sqlite3_result_text (context, iso, -1, SQLITE_TRANSIENT);
568 sqlite3_result_error (context,
"Failed to format time", -1);
588 epoch_time = sqlite3_value_int (argv[0]);
590 sqlite3_result_int (context, -2);
596 sqlite3_result_int (context, days);
619 string = (
const gchar *) sqlite3_value_text (argv[0]);
624 g_warning (
"%s: Failed to parse time: %s", __FUNCTION__,
string);
625 sqlite3_result_int (context, 0);
628 g_warning (
"%s: Failed to make time: %s", __FUNCTION__,
string);
629 sqlite3_result_int (context, 0);
632 g_warning (
"%s: Failed to parse timezone offset: %s",
635 sqlite3_result_int (context, 0);
638 sqlite3_result_int (context, epoch_time);
656 int period_months, periods_offset;
657 const char *timezone;
659 assert (argc == 3 || argc == 4 || argc == 5);
661 first = sqlite3_value_int (argv[0]);
662 period = sqlite3_value_int (argv[1]);
663 period_months = sqlite3_value_int (argv[2]);
664 if (argc < 4 || sqlite3_value_type (argv[3]) == SQLITE_NULL)
667 timezone = (
char*) sqlite3_value_text (argv[3]);
669 if (argc < 5 || sqlite3_value_type (argv[4]) == SQLITE_NULL)
672 periods_offset = sqlite3_value_int (argv[4]);
674 sqlite3_result_int (context,
675 next_time (first, period, period_months, timezone,
689 sql_now (sqlite3_context *context,
int argc, sqlite3_value** argv)
692 sqlite3_result_int (context, time (NULL));
705 sql_tag (sqlite3_context *context,
int argc, sqlite3_value** argv)
707 const char *tags, *tag;
712 tags = (
char*) sqlite3_value_text (argv[0]);
715 sqlite3_result_error (context,
"Failed to get tags argument", -1);
719 tag = (
char*) sqlite3_value_text (argv[1]);
722 sqlite3_result_error (context,
"Failed to get tag argument", -1);
727 sqlite3_result_text (context, value, -1, SQLITE_TRANSIENT);
745 const unsigned char *hosts, *exclude_hosts;
750 hosts = sqlite3_value_text (argv[0]);
754 sqlite3_result_text (context,
"0", -1, SQLITE_TRANSIENT);
757 exclude_hosts = sqlite3_value_text (argv[1]);
760 (gchar *) exclude_hosts));
761 sqlite3_result_text (context, max, -1, SQLITE_TRANSIENT);
775 const char *old_name,
const char *new_name)
781 init_iterator (&rows,
"SELECT * FROM %s LIMIT 1;", old_table);
785 int end, column, first;
789 one = g_string_new (
"");
790 g_string_append_printf (one,
"INSERT INTO %s (", new_table);
792 two = g_string_new (
") SELECT ");
796 for (column = 0; column < end; column++)
800 g_string_append_printf (one,
"%s%s",
802 (strcmp (name, old_name) == 0
808 g_string_append (two,
", ");
809 g_string_append (two, name);
813 g_string_append_printf (one,
"%s FROM %s;", two->str, old_table);
819 g_string_free (one, TRUE);
820 g_string_free (two, TRUE);
838 gchar **split_1, **split_2, **point_1, **point_2;
839 const unsigned char *cve1, *cve2;
843 g_debug (
" %s: top\n", __FUNCTION__);
845 cve1 = sqlite3_value_text (argv[0]);
848 sqlite3_result_error (context,
"Failed to get first CVE argument", -1);
852 cve2 = sqlite3_value_text (argv[1]);
855 sqlite3_result_error (context,
"Failed to get second CVE argument", -1);
859 split_1 = g_strsplit ((gchar*) cve1,
",", 0);
860 split_2 = g_strsplit ((gchar*) cve2,
",", 0);
867 g_debug (
" %s: %s vs %s\n", __FUNCTION__, g_strstrip (*point_1), g_strstrip (*point_2));
868 if (strcmp (g_strstrip (*point_1), g_strstrip (*point_2)) == 0)
870 g_strfreev (split_1);
871 g_strfreev (split_2);
872 sqlite3_result_int (context, 1);
879 g_strfreev (split_1);
880 g_strfreev (split_2);
882 sqlite3_result_int (context, 0);
897 const unsigned char *cpe_id;
898 gchar *quoted_cpe_id;
903 cpe_id = sqlite3_value_text (argv[0]);
906 && sqlite3_value_type(argv[0]) != SQLITE_NULL)
908 quoted_cpe_id =
sql_quote ((gchar*) cpe_id);
909 cpe_title =
sql_string (
"SELECT title FROM scap.cpes" 910 " WHERE uuid = '%s';",
912 g_free (quoted_cpe_id);
916 sqlite3_result_text (context, cpe_title, -1, SQLITE_TRANSIENT);
921 sqlite3_result_null (context);
926 sqlite3_result_null (context);
944 const unsigned char* type;
945 gchar *quoted_type, *result;
949 credential = sqlite3_value_int64 (argv[0]);
950 trash = sqlite3_value_int (argv[1]);
951 type = sqlite3_value_text (argv[2]);
953 quoted_type =
sql_quote ((
const char*) type);
956 result =
sql_string (
"SELECT value FROM credentials_trash_data" 957 " WHERE credential = %llu AND type = '%s';",
958 credential, quoted_type);
962 result =
sql_string (
"SELECT value FROM credentials_data" 963 " WHERE credential = %llu AND type = '%s';",
964 credential, quoted_type);
968 sqlite3_result_text (context, result, -1, SQLITE_TRANSIENT);
970 sqlite3_result_null (context);
990 (
int)
current_offset ((
const char *) sqlite3_value_text (argv[0])));
1005 unsigned int overrides;
1011 task = sqlite3_value_int64 (argv[0]);
1014 sqlite3_result_text (context,
"", -1, SQLITE_TRANSIENT);
1018 overrides = sqlite3_value_int (argv[1]);
1020 if (sqlite3_value_type (argv[2]) == SQLITE_NULL)
1023 min_qod = sqlite3_value_int (argv[2]);
1025 sqlite3_result_text (context,
task_trend (task, overrides, min_qod), -1,
1047 clear_cache (
void *cache_arg)
1078 cached_task_severity (sqlite3_context *context,
task_t task,
int overrides,
1083 .overrides_task = 0,
1084 .overrides_severity = NULL };
1088 cache = sqlite3_get_auxdata (context, 1);
1103 if (cache->
task == task && cache->
min_qod == min_qod)
1114 cache = &static_cache;
1125 sqlite3_set_auxdata (context, 1, cache, clear_cache);
1144 unsigned int overrides;
1147 double severity_dbl;
1151 task = sqlite3_value_int64 (argv[0]);
1154 sqlite3_result_text (context,
"", -1, SQLITE_TRANSIENT);
1158 overrides = sqlite3_value_int (argv[1]);
1160 if (sqlite3_value_type (argv[2]) == SQLITE_NULL)
1163 min_qod = sqlite3_value_int (argv[2]);
1165 severity = cached_task_severity (context, task, overrides, min_qod);
1167 if (severity == NULL
1168 || sscanf (severity,
"%lf", &severity_dbl) != 1)
1173 g_debug (
" %s: %llu: %s\n", __FUNCTION__, task, threat);
1176 sqlite3_result_text (context, threat, -1, SQLITE_TRANSIENT);
1181 if (last_report == 0)
1183 sqlite3_result_text (context,
"", -1, SQLITE_TRANSIENT);
1187 sqlite3_result_text (context,
"None", -1, SQLITE_TRANSIENT);
1208 report = sqlite3_value_int64 (argv[0]);
1211 sqlite3_result_int (context, -1);
1217 sqlite3_result_int (context, -1);
1239 unsigned int overrides;
1244 report = sqlite3_value_int64 (argv[0]);
1247 sqlite3_result_text (context,
"", -1, SQLITE_TRANSIENT);
1251 overrides = sqlite3_value_int (argv[1]);
1253 if (sqlite3_value_type (argv[2]) == SQLITE_NULL)
1256 min_qod = sqlite3_value_int (argv[2]);
1260 sqlite3_result_double (context, severity);
1275 report_severity_count (
report_t report,
int overrides,
int min_qod,
1278 int debugs, false_positives, logs, lows, mediums, highs;
1290 &false_positives, NULL, get, NULL);
1294 if (strcasecmp (level,
"Debug") == 0)
1296 if (strcasecmp (level,
"False Positive") == 0)
1297 return false_positives;
1298 else if (strcasecmp (level,
"Log") == 0)
1300 else if (strcasecmp (level,
"Low") == 0)
1302 else if (strcasecmp (level,
"Medium") == 0)
1304 else if (strcasecmp (level,
"High") == 0)
1321 sqlite3_value** argv)
1324 unsigned int overrides;
1331 report = sqlite3_value_int64 (argv[0]);
1334 sqlite3_result_text (context,
"", -1, SQLITE_TRANSIENT);
1338 overrides = sqlite3_value_int (argv[1]);
1340 if (sqlite3_value_type (argv[2]) == SQLITE_NULL)
1343 min_qod = sqlite3_value_int (argv[2]);
1345 level = (
char*) sqlite3_value_text (argv[3]);
1348 sqlite3_result_text (context,
"", -1, SQLITE_TRANSIENT);
1352 count = report_severity_count (report, overrides, min_qod, level);
1354 sqlite3_result_int (context, count);
1369 int argc, sqlite3_value** argv)
1376 report = sqlite3_value_int64 (argv[0]);
1379 sqlite3_result_text (context,
"", -1, SQLITE_TRANSIENT);
1385 sqlite3_result_int (context, host_count);
1400 int argc, sqlite3_value** argv)
1408 report = sqlite3_value_int64 (argv[0]);
1411 sqlite3_result_text (context,
"", -1, SQLITE_TRANSIENT);
1415 if (sqlite3_value_type (argv[1]) == SQLITE_NULL)
1418 min_qod = sqlite3_value_int (argv[1]);
1422 sqlite3_result_int (context, host_count);
1441 double severity_double;
1442 unsigned int overrides;
1447 task = sqlite3_value_int64 (argv[0]);
1450 sqlite3_result_text (context,
"", -1, SQLITE_TRANSIENT);
1454 overrides = sqlite3_value_int (argv[1]);
1456 if (sqlite3_value_type (argv[2]) == SQLITE_NULL)
1459 min_qod = sqlite3_value_int (argv[2]);
1461 severity = cached_task_severity (context, task, overrides, min_qod);
1462 severity_double = severity ? g_strtod (severity, 0) : 0.0;
1463 g_debug (
" %s: %llu: %s\n", __FUNCTION__, task, severity);
1466 sqlite3_result_double (context, severity_double);
1471 if (last_report == 0)
1473 sqlite3_result_null (context);
1477 sqlite3_result_null (context);
1496 task = sqlite3_value_int64 (argv[0]);
1498 sqlite3_result_int64 (context, 0);
1500 sqlite3_result_int64 (context, 0);
1502 sqlite3_result_int64 (context, report);
1516 sqlite3_value** argv)
1518 double severity, ov_severity;
1522 if (sqlite3_value_type (argv[0]) == SQLITE_NULL)
1524 sqlite3_result_int (context, 0);
1528 if (sqlite3_value_type (argv[1]) == SQLITE_NULL
1529 || strcmp ((
const char*) (sqlite3_value_text (argv[1])),
"") == 0)
1531 sqlite3_result_int (context, 1);
1536 severity = sqlite3_value_double (argv[0]);
1537 ov_severity = sqlite3_value_double (argv[1]);
1539 sqlite3_result_int (context,
1556 sqlite3_value** argv)
1563 if (sqlite3_value_type (argv[0]) == SQLITE_NULL
1564 || strcmp ((
const char*)(sqlite3_value_text (argv[0])),
"") == 0)
1566 sqlite3_result_null (context);
1570 mode = sqlite3_value_int (argv[1]);
1572 severity = sqlite3_value_double (argv[0]);
1575 -1, SQLITE_TRANSIENT);
1590 sqlite3_value** argv)
1596 if (sqlite3_value_type (argv[0]) == SQLITE_NULL
1597 || strcmp ((
const char*)(sqlite3_value_text (argv[0])),
"") == 0)
1599 sqlite3_result_null (context);
1603 severity = sqlite3_value_double (argv[0]);
1606 -1, SQLITE_TRANSIENT);
1620 sql_regexp (sqlite3_context *context,
int argc, sqlite3_value** argv)
1622 const unsigned char *string, *regexp;
1626 regexp = sqlite3_value_text (argv[0]);
1630 sqlite3_result_int (context, 0);
1634 string = sqlite3_value_text (argv[1]);
1638 sqlite3_result_int (context, 0);
1642 if (g_regex_match_simple ((gchar *) regexp, (gchar *)
string, 0, 0))
1644 sqlite3_result_int (context, 1);
1647 sqlite3_result_int (context, 0);
1667 status = sqlite3_value_int (argv[0]);
1670 sqlite3_result_text (context, name ? name :
"", -1, SQLITE_TRANSIENT);
1691 int location, exists;
1695 type = (
char*) sqlite3_value_text (argv[0]);
1698 sqlite3_result_int (context, 0);
1703 sqlite3_result_error (context,
"Invalid resource type argument", -1);
1707 resource = sqlite3_value_int64 (argv[1]);
1710 sqlite3_result_int (context, 0);
1714 location = sqlite3_value_int (argv[2]);
1720 msg = g_strdup_printf (
"Invalid resource type argument: %s", type);
1721 sqlite3_result_error (context, msg, -1);
1725 sqlite3_result_int (context, exists);
1741 const char *type, *id;
1747 type = (
char*) sqlite3_value_text (argv[0]);
1750 sqlite3_result_null (context);
1754 id = (
char*) sqlite3_value_text (argv[1]);
1757 sqlite3_result_null (context);
1761 location = sqlite3_value_int (argv[2]);
1766 msg = g_strdup_printf (
"Invalid resource type argument: %s", type);
1767 sqlite3_result_error (context, msg, -1);
1773 sqlite3_result_text (context, name, -1, SQLITE_TRANSIENT);
1775 sqlite3_result_text (context,
"", -1, SQLITE_TRANSIENT);
1799 severity = sqlite3_value_double (argv[0]);
1801 threat = (
char*) sqlite3_value_text (argv[1]);
1804 sqlite3_result_null (context);
1831 target = sqlite3_value_int64 (argv[0]);
1832 trash = sqlite3_value_int (argv[1]);
1833 type = (
char*) sqlite3_value_text (argv[2]);
1837 sqlite3_result_null (context);
1860 int argc, sqlite3_value** argv)
1867 target = sqlite3_value_int64 (argv[0]);
1868 type = (
char*) sqlite3_value_text (argv[1]);
1872 sqlite3_result_null (context);
1899 target = sqlite3_value_int64 (argv[0]);
1900 trash = sqlite3_value_int (argv[1]);
1901 type = (
char*) sqlite3_value_text (argv[2]);
1905 sqlite3_result_null (context);
1910 sqlite3_result_int64 (context,
1929 sqlite3_value** argv)
1931 const unsigned char *uuid;
1935 uuid = sqlite3_value_text (argv[0]);
1938 sqlite3_result_error (context,
"Failed to get uuid argument", -1);
1956 sqlite3_value** argv)
1958 const unsigned char *type;
1963 type = sqlite3_value_text (argv[0]);
1966 sqlite3_result_error (context,
"Failed to get type argument", -1);
1970 resource = sqlite3_value_int64 (argv[1]);
1973 sqlite3_result_int (context, 0);
1977 sqlite3_result_int (context,
acl_user_owns ((
char *) type, resource, 0));
1988 if (sqlite3_create_function (
task_db,
1998 g_warning (
"%s: failed to t", __FUNCTION__);
2002 if (sqlite3_create_function (
task_db,
2012 g_warning (
"%s: failed to create strpos", __FUNCTION__);
2016 if (sqlite3_create_function (
task_db,
2026 g_warning (
"%s: failed to create order_inet", __FUNCTION__);
2030 if (sqlite3_create_function (
task_db,
2031 "order_message_type",
2040 g_warning (
"%s: failed to create order_message_type", __FUNCTION__);
2044 if (sqlite3_create_function (
task_db,
2054 g_warning (
"%s: failed to create order_port", __FUNCTION__);
2058 if (sqlite3_create_function (
task_db,
2068 g_warning (
"%s: failed to create order_role", __FUNCTION__);
2072 if (sqlite3_create_function (
task_db,
2082 g_warning (
"%s: failed to create order_threat", __FUNCTION__);
2086 if (sqlite3_create_function (
task_db,
2096 g_warning (
"%s: failed to create make_uuid", __FUNCTION__);
2100 if (sqlite3_create_function (
task_db,
2110 g_warning (
"%s: failed to create hosts_contains", __FUNCTION__);
2114 if (sqlite3_create_function (
task_db,
2124 g_warning (
"%s: failed to create clean_hosts", __FUNCTION__);
2128 if (sqlite3_create_function (
task_db,
2138 g_warning (
"%s: failed to create iso_time", __FUNCTION__);
2142 if (sqlite3_create_function (
task_db,
2152 g_warning (
"%s: failed to create days_from_now", __FUNCTION__);
2156 if (sqlite3_create_function (
task_db,
2166 g_warning (
"%s: failed to create parse_time", __FUNCTION__);
2170 if (sqlite3_create_function (
task_db,
2180 g_warning (
"%s: failed to create tag", __FUNCTION__);
2184 if (sqlite3_create_function (
task_db,
2194 g_warning (
"%s: failed to create uniquify", __FUNCTION__);
2198 if (sqlite3_create_function (
task_db,
2208 g_warning (
"%s: failed to create next_time", __FUNCTION__);
2212 if (sqlite3_create_function (
task_db,
2222 g_warning (
"%s: failed to create next_time", __FUNCTION__);
2226 if (sqlite3_create_function (
task_db,
2236 g_warning (
"%s: failed to create next_time", __FUNCTION__);
2240 if (sqlite3_create_function (
task_db,
2250 g_warning (
"%s: failed to create m_now", __FUNCTION__);
2254 if (sqlite3_create_function (
task_db,
2264 g_warning (
"%s: failed to create max_hosts", __FUNCTION__);
2268 if (sqlite3_create_function (
task_db,
2278 g_warning (
"%s: failed to create common_cve", __FUNCTION__);
2282 if (sqlite3_create_function (
task_db,
2292 g_warning (
"%s: failed to create cpe_title", __FUNCTION__);
2296 if (sqlite3_create_function (
task_db,
2306 g_warning (
"%s: failed to create credential_value", __FUNCTION__);
2310 if (sqlite3_create_function (
task_db,
2320 g_warning (
"%s: failed to create current_offset", __FUNCTION__);
2324 if (sqlite3_create_function (
task_db,
2334 g_warning (
"%s: failed to create task_trend", __FUNCTION__);
2338 if (sqlite3_create_function (
task_db,
2339 "task_threat_level",
2348 g_warning (
"%s: failed to create task_threat_level", __FUNCTION__);
2352 if (sqlite3_create_function (
task_db,
2362 g_warning (
"%s: failed to create report_progress", __FUNCTION__);
2366 if (sqlite3_create_function (
task_db,
2376 g_warning (
"%s: failed to create report_severity", __FUNCTION__);
2380 if (sqlite3_create_function (
task_db,
2381 "report_severity_count",
2390 g_warning (
"%s: failed to create report_severity_count", __FUNCTION__);
2394 if (sqlite3_create_function (
task_db,
2395 "report_host_count",
2404 g_warning (
"%s: failed to create report_result_host_count", __FUNCTION__);
2408 if (sqlite3_create_function (
task_db,
2409 "report_result_host_count",
2418 g_warning (
"%s: failed to create report_result_host_count", __FUNCTION__);
2422 if (sqlite3_create_function (
task_db,
2432 g_warning (
"%s: failed to create task_severity", __FUNCTION__);
2436 if (sqlite3_create_function (
task_db,
2446 g_warning (
"%s: failed to create task_last_report", __FUNCTION__);
2450 if (sqlite3_create_function (
task_db,
2451 "severity_matches_ov",
2460 g_warning (
"%s: failed to create severity_matches_ov", __FUNCTION__);
2464 if (sqlite3_create_function (
task_db,
2465 "severity_to_level",
2474 g_warning (
"%s: failed to create severity_to_level", __FUNCTION__);
2478 if (sqlite3_create_function (
task_db,
2479 "severity_to_level",
2488 g_warning (
"%s: failed to create severity_to_level", __FUNCTION__);
2492 if (sqlite3_create_function (
task_db,
2502 g_warning (
"%s: failed to create severity_to_type", __FUNCTION__);
2506 if (sqlite3_create_function (
task_db,
2516 g_warning (
"%s: failed to create run_status_name", __FUNCTION__);
2520 if (sqlite3_create_function (
task_db,
2530 g_warning (
"%s: failed to create resource_exists", __FUNCTION__);
2534 if (sqlite3_create_function (
task_db,
2544 g_warning (
"%s: failed to create regexp", __FUNCTION__);
2548 if (sqlite3_create_function (
task_db,
2558 g_warning (
"%s: failed to create resource_name", __FUNCTION__);
2562 if (sqlite3_create_function (
task_db,
2563 "severity_in_level",
2572 g_warning (
"%s: failed to create severity_in_level", __FUNCTION__);
2576 if (sqlite3_create_function (
task_db,
2577 "target_credential",
2586 g_warning (
"%s: failed to create target_login_data", __FUNCTION__);
2590 if (sqlite3_create_function (
task_db,
2591 "trash_target_credential_location",
2600 g_warning (
"%s: failed to create target_login_data", __FUNCTION__);
2604 if (sqlite3_create_function (
task_db,
2605 "target_login_port",
2614 g_warning (
"%s: failed to create target_login_data", __FUNCTION__);
2618 if (sqlite3_create_function (
task_db,
2619 "user_can_everything",
2628 g_warning (
"%s: failed to create user_can_everything", __FUNCTION__);
2632 if (sqlite3_create_function (
task_db,
2642 g_warning (
"%s: failed to create user_owns", __FUNCTION__);
2658 gchar *owned_clause;
2660 sql (
"CREATE TABLE IF NOT EXISTS agents" 2661 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, name, comment," 2662 " installer TEXT, installer_64 TEXT, installer_filename," 2663 " installer_signature_64 TEXT, installer_trust INTEGER," 2664 " installer_trust_time, howto_install TEXT, howto_use TEXT," 2665 " creation_time, modification_time);");
2666 sql (
"CREATE TABLE IF NOT EXISTS agents_trash" 2667 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, name, comment," 2668 " installer TEXT, installer_64 TEXT, installer_filename," 2669 " installer_signature_64 TEXT, installer_trust INTEGER," 2670 " installer_trust_time, howto_install TEXT, howto_use TEXT," 2671 " creation_time, modification_time);");
2672 sql (
"CREATE TABLE IF NOT EXISTS config_preferences" 2673 " (id INTEGER PRIMARY KEY, config INTEGER, type, name, value," 2674 " default_value, hr_name TEXT);");
2675 sql (
"CREATE TABLE IF NOT EXISTS config_preferences_trash" 2676 " (id INTEGER PRIMARY KEY, config INTEGER, type, name, value," 2677 " default_value, hr_name TEXT);");
2678 sql (
"CREATE TABLE IF NOT EXISTS configs" 2679 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, name," 2680 " nvt_selector, comment, family_count INTEGER, nvt_count INTEGER," 2681 " families_growing INTEGER, nvts_growing INTEGER, type, scanner," 2682 " creation_time, modification_time);");
2683 sql (
"CREATE TABLE IF NOT EXISTS configs_trash" 2684 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, name," 2685 " nvt_selector, comment, family_count INTEGER, nvt_count INTEGER," 2686 " families_growing INTEGER, nvts_growing INTEGER, type, scanner," 2687 " creation_time, modification_time);");
2688 sql (
"CREATE TABLE IF NOT EXISTS alert_condition_data" 2689 " (id INTEGER PRIMARY KEY, alert INTEGER, name, data);");
2690 sql (
"CREATE TABLE IF NOT EXISTS alert_condition_data_trash" 2691 " (id INTEGER PRIMARY KEY, alert INTEGER, name, data);");
2692 sql (
"CREATE TABLE IF NOT EXISTS alert_event_data" 2693 " (id INTEGER PRIMARY KEY, alert INTEGER, name, data);");
2694 sql (
"CREATE TABLE IF NOT EXISTS alert_event_data_trash" 2695 " (id INTEGER PRIMARY KEY, alert INTEGER, name, data);");
2696 sql (
"CREATE TABLE IF NOT EXISTS alert_method_data" 2697 " (id INTEGER PRIMARY KEY, alert INTEGER, name, data);");
2698 sql (
"CREATE TABLE IF NOT EXISTS alert_method_data_trash" 2699 " (id INTEGER PRIMARY KEY, alert INTEGER, name, data);");
2700 sql (
"CREATE TABLE IF NOT EXISTS alerts" 2701 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, name, comment," 2702 " event INTEGER, condition INTEGER, method INTEGER, filter INTEGER," 2703 " creation_time, modification_time);");
2704 sql (
"CREATE TABLE IF NOT EXISTS alerts_trash" 2705 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, name, comment," 2706 " event INTEGER, condition INTEGER, method INTEGER, filter INTEGER," 2707 " filter_location INTEGER, creation_time, modification_time);");
2708 sql (
"CREATE TABLE IF NOT EXISTS credentials" 2709 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, name, comment," 2710 " creation_time, modification_time, type TEXT," 2711 " allow_insecure integer);");
2712 sql (
"CREATE TABLE IF NOT EXISTS credentials_trash" 2713 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, name, comment," 2714 " creation_time, modification_time, type TEXT," 2715 " allow_insecure integer);");
2716 sql (
"CREATE TABLE IF NOT EXISTS credentials_data" 2717 " (id INTEGER PRIMARY KEY, credential INTEGER, type TEXT, value TEXT);");
2718 sql (
"CREATE TABLE IF NOT EXISTS credentials_trash_data" 2719 " (id INTEGER PRIMARY KEY, credential INTEGER, type TEXT, value TEXT);");
2720 sql (
"CREATE TABLE IF NOT EXISTS filters" 2721 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, name, comment," 2722 " type, term, creation_time, modification_time);");
2723 sql (
"CREATE TABLE IF NOT EXISTS filters_trash" 2724 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, name, comment," 2725 " type, term, creation_time, modification_time);");
2726 sql (
"CREATE TABLE IF NOT EXISTS groups" 2727 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, name, comment," 2728 " creation_time, modification_time);");
2729 sql (
"CREATE TABLE IF NOT EXISTS groups_trash" 2730 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, name, comment," 2731 " type, term, creation_time, modification_time);");
2732 sql (
"CREATE TABLE IF NOT EXISTS group_users" 2733 " (id INTEGER PRIMARY KEY, `group` INTEGER, user INTEGER);");
2734 sql (
"CREATE TABLE IF NOT EXISTS group_users_trash" 2735 " (id INTEGER PRIMARY KEY, `group` INTEGER, user INTEGER);");
2736 sql (
"CREATE TABLE IF NOT EXISTS hosts" 2737 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, name, comment," 2738 " creation_time, modification_time);");
2739 sql (
"CREATE TABLE IF NOT EXISTS host_identifiers" 2740 " (id INTEGER PRIMARY KEY, uuid UNIQUE, host INTEGER, owner INTEGER, name," 2741 " comment, value, source_type, source_id, source_data, creation_time," 2742 " modification_time);");
2743 sql (
"CREATE INDEX IF NOT EXISTS host_identifiers_by_host" 2744 " ON host_identifiers (host);");
2745 sql (
"CREATE INDEX IF NOT EXISTS host_identifiers_by_value" 2746 " ON host_identifiers (value);");
2747 sql (
"CREATE TABLE IF NOT EXISTS oss" 2748 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, name, comment," 2749 " creation_time, modification_time);");
2750 sql (
"CREATE TABLE IF NOT EXISTS host_oss" 2751 " (id INTEGER PRIMARY KEY, uuid UNIQUE, host INTEGER, owner INTEGER," 2752 " name, comment, os INTEGER, source_type, source_id, source_data," 2753 " creation_time, modification_time);");
2754 sql (
"CREATE TABLE IF NOT EXISTS host_max_severities" 2755 " (id INTEGER PRIMARY KEY, host INTEGER, severity REAL, source_type," 2756 " source_id, creation_time);");
2757 sql (
"CREATE TABLE IF NOT EXISTS host_details" 2758 " (id INTEGER PRIMARY KEY, host INTEGER," 2763 " detail_source_type," 2764 " detail_source_name," 2765 " detail_source_description," 2768 sql (
"CREATE INDEX IF NOT EXISTS host_details_by_host" 2769 " ON host_details (host);");
2770 sql (
"CREATE TABLE IF NOT EXISTS auth_cache" 2771 " (id INTEGER PRIMARY KEY, username, hash, method, creation_time);");
2772 sql (
"CREATE TABLE IF NOT EXISTS meta" 2773 " (id INTEGER PRIMARY KEY, name UNIQUE, value);");
2774 sql (
"CREATE TABLE IF NOT EXISTS notes" 2775 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, nvt," 2776 " creation_time, modification_time, text, hosts, port, severity," 2777 " task INTEGER, result INTEGER, end_time);");
2778 sql (
"CREATE TABLE IF NOT EXISTS notes_trash" 2779 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, nvt," 2780 " creation_time, modification_time, text, hosts, port, severity," 2781 " task INTEGER, result INTEGER, end_time);");
2782 sql (
"CREATE TABLE IF NOT EXISTS nvt_preferences" 2783 " (id INTEGER PRIMARY KEY, name, value);");
2786 sql (
"CREATE TABLE IF NOT EXISTS nvt_selectors" 2787 " (id INTEGER PRIMARY KEY, name, exclude INTEGER, type INTEGER," 2788 " family_or_nvt, family);");
2789 sql (
"CREATE INDEX IF NOT EXISTS nvt_selectors_by_name" 2790 " ON nvt_selectors (name);");
2791 sql (
"CREATE INDEX IF NOT EXISTS nvt_selectors_by_family_or_nvt" 2792 " ON nvt_selectors (type, family_or_nvt);");
2793 sql (
"CREATE TABLE IF NOT EXISTS nvts" 2794 " (id INTEGER PRIMARY KEY, uuid, oid, version, name, comment," 2795 " copyright, cve, bid, xref, tag, category INTEGER, family, cvss_base," 2796 " creation_time, modification_time, solution_type TEXT, qod INTEGER," 2797 " qod_type TEXT);");
2798 sql (
"CREATE INDEX IF NOT EXISTS nvts_by_oid" 2800 sql (
"CREATE INDEX IF NOT EXISTS nvts_by_name" 2801 " ON nvts (name);");
2802 sql (
"CREATE INDEX IF NOT EXISTS nvts_by_family" 2803 " ON nvts (family);");
2804 sql (
"CREATE TABLE IF NOT EXISTS nvt_cves" 2805 " (nvt, oid, cve_name)");
2806 sql (
"CREATE INDEX IF NOT EXISTS nvts_by_creation_time" 2807 " ON nvts (creation_time);");
2808 sql (
"CREATE INDEX IF NOT EXISTS nvts_by_modification_time" 2809 " ON nvts (modification_time);");
2810 sql (
"CREATE INDEX IF NOT EXISTS nvts_by_cvss_base" 2811 " ON nvts (cvss_base);");
2812 sql (
"CREATE INDEX IF NOT EXISTS nvts_by_solution_type" 2813 " ON nvts (solution_type);");
2814 sql (
"CREATE INDEX IF NOT EXISTS nvt_cves_by_oid" 2815 " ON nvt_cves (oid);");
2816 sql (
"CREATE TABLE IF NOT EXISTS overrides" 2817 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, nvt," 2818 " creation_time, modification_time, text, hosts, port, severity," 2819 " new_severity, task INTEGER, result INTEGER, end_time);");
2820 sql (
"CREATE TABLE IF NOT EXISTS overrides_trash" 2821 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, nvt," 2822 " creation_time, modification_time, text, hosts, port, severity," 2823 " new_severity, task INTEGER, result INTEGER, end_time);");
2824 sql (
"CREATE TABLE IF NOT EXISTS permissions" 2825 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner, name, comment," 2826 " resource_type, resource, resource_uuid, resource_location," 2827 " subject_type, subject, subject_location," 2828 " creation_time, modification_time);");
2829 sql (
"CREATE TABLE IF NOT EXISTS permissions_trash" 2830 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner, name, comment," 2831 " resource_type, resource, resource_uuid, resource_location," 2832 " subject_type, subject, subject_location," 2833 " creation_time, modification_time);");
2837 sql (
"CREATE TABLE IF NOT EXISTS port_lists" 2838 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, name, comment," 2839 " creation_time, modification_time);");
2840 sql (
"CREATE TABLE IF NOT EXISTS port_lists_trash" 2841 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, name, comment," 2842 " creation_time, modification_time);");
2843 sql (
"CREATE TABLE IF NOT EXISTS port_names" 2844 " (id INTEGER PRIMARY KEY, number INTEGER, protocol, name," 2845 " UNIQUE (number, protocol) ON CONFLICT REPLACE);");
2846 sql (
"CREATE TABLE IF NOT EXISTS port_ranges" 2847 " (id INTEGER PRIMARY KEY, uuid UNIQUE, port_list INTEGER, type, start," 2848 " end, comment, exclude);");
2849 sql (
"CREATE TABLE IF NOT EXISTS port_ranges_trash" 2850 " (id INTEGER PRIMARY KEY, uuid UNIQUE, port_list INTEGER, type, start," 2851 " end, comment, exclude);");
2852 sql (
"CREATE TABLE IF NOT EXISTS report_host_details" 2853 " (id INTEGER PRIMARY KEY, report_host INTEGER, source_type, source_name," 2854 " source_description, name, value);");
2855 sql (
"CREATE INDEX IF NOT EXISTS" 2856 " report_host_details_by_report_host_and_name_and_value" 2857 " ON report_host_details (report_host, name, value);");
2858 sql (
"CREATE TABLE IF NOT EXISTS report_hosts" 2859 " (id INTEGER PRIMARY KEY, report INTEGER, host, start_time, end_time," 2860 " current_port, max_port);");
2861 sql (
"CREATE INDEX IF NOT EXISTS report_hosts_by_host" 2862 " ON report_hosts (host);");
2863 sql (
"CREATE INDEX IF NOT EXISTS report_hosts_by_report" 2864 " ON report_hosts (report);");
2865 sql (
"CREATE TABLE IF NOT EXISTS report_format_param_options" 2866 " (id INTEGER PRIMARY KEY, report_format_param, value);");
2867 sql (
"CREATE TABLE IF NOT EXISTS report_format_param_options_trash" 2868 " (id INTEGER PRIMARY KEY, report_format_param, value);");
2869 sql (
"CREATE TABLE IF NOT EXISTS report_format_params" 2870 " (id INTEGER PRIMARY KEY, report_format, name, type INTEGER, value," 2871 " type_min, type_max, type_regex, fallback);");
2872 sql (
"CREATE TABLE IF NOT EXISTS report_format_params_trash" 2873 " (id INTEGER PRIMARY KEY, report_format, name, type INTEGER, value," 2874 " type_min, type_max, type_regex, fallback);");
2875 sql (
"CREATE TABLE IF NOT EXISTS report_formats" 2876 " (id INTEGER PRIMARY KEY, uuid, owner INTEGER, name, extension," 2877 " content_type, summary, description, signature, trust INTEGER," 2878 " trust_time, flags INTEGER, creation_time, modification_time);");
2879 sql (
"CREATE TABLE IF NOT EXISTS report_formats_trash" 2880 " (id INTEGER PRIMARY KEY, uuid, owner INTEGER, name, extension," 2881 " content_type, summary, description, signature, trust INTEGER," 2882 " trust_time, flags INTEGER, original_uuid, creation_time," 2883 " modification_time);");
2884 sql (
"CREATE TABLE IF NOT EXISTS reports" 2885 " (id INTEGER PRIMARY KEY, uuid, owner INTEGER, hidden INTEGER," 2886 " task INTEGER, date INTEGER, start_time, end_time, nbefile, comment," 2887 " scan_run_status INTEGER, slave_progress, slave_task_uuid," 2888 " slave_uuid, slave_name, slave_host, slave_port, source_iface," 2889 " flags INTEGER);");
2890 sql (
"CREATE TABLE IF NOT EXISTS report_counts" 2891 " (id INTEGER PRIMARY KEY, report INTEGER, user INTEGER," 2892 " severity, count, override, end_time INTEGER, min_qod INTEGER);");
2893 sql (
"CREATE INDEX IF NOT EXISTS report_counts_by_report_and_override" 2894 " ON report_counts (report, override);");
2895 sql (
"CREATE TABLE IF NOT EXISTS resources_predefined" 2896 " (id INTEGER PRIMARY KEY, resource_type, resource INTEGER)");
2897 sql (
"CREATE TABLE IF NOT EXISTS results" 2898 " (id INTEGER PRIMARY KEY, uuid, task INTEGER, host, port, nvt," 2899 " type, description, report, nvt_version, severity REAL," 2900 " qod INTEGER, qod_type TEXT, owner INTEGER, date INTEGER)");
2901 sql (
"CREATE INDEX IF NOT EXISTS results_by_uuid" 2902 " ON results (uuid);");
2903 sql (
"CREATE INDEX IF NOT EXISTS results_by_host" 2904 " ON results (host);");
2905 sql (
"CREATE INDEX IF NOT EXISTS results_by_host_and_qod" 2906 " ON results(host, qod);");
2907 sql (
"CREATE INDEX IF NOT EXISTS results_by_nvt" 2908 " ON results (nvt);");
2909 sql (
"CREATE INDEX IF NOT EXISTS results_by_report" 2910 " ON results (report);");
2911 sql (
"CREATE INDEX IF NOT EXISTS results_by_report_host" 2912 " ON results (report, host);");
2913 sql (
"CREATE INDEX IF NOT EXISTS results_by_task" 2914 " ON results (task);");
2915 sql (
"CREATE INDEX IF NOT EXISTS results_by_task_qod_severity" 2916 " ON results (task, qod, severity);");
2917 sql (
"CREATE INDEX IF NOT EXISTS results_by_type" 2918 " ON results (type);");
2919 sql (
"CREATE TABLE IF NOT EXISTS roles" 2920 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, name, comment," 2921 " creation_time, modification_time);");
2922 sql (
"CREATE TABLE IF NOT EXISTS roles_trash" 2923 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, name, comment," 2924 " creation_time, modification_time);");
2925 sql (
"CREATE TABLE IF NOT EXISTS role_users" 2926 " (id INTEGER PRIMARY KEY, role INTEGER, user INTEGER);");
2927 sql (
"CREATE TABLE IF NOT EXISTS role_users_trash" 2928 " (id INTEGER PRIMARY KEY, role INTEGER, user INTEGER);");
2929 sql (
"CREATE TABLE IF NOT EXISTS scanners" 2930 " (id INTEGER PRIMARY KEY, uuid, owner INTEGER, name, comment," 2931 " host, port, type, ca_pub, credential INTEGER," 2932 " creation_time, modification_time);");
2933 sql (
"CREATE TABLE IF NOT EXISTS scanners_trash" 2934 " (id INTEGER PRIMARY KEY, uuid, owner INTEGER, name, comment," 2935 " host, port, type, ca_pub, credential INTEGER," 2936 " credential_location INTEGER, creation_time, modification_time);");
2937 sql (
"CREATE TABLE IF NOT EXISTS schedules" 2938 " (id INTEGER PRIMARY KEY, uuid, owner INTEGER, name, comment," 2939 " first_time, period, period_months, duration, timezone," 2940 " initial_offset, creation_time, modification_time);");
2941 sql (
"CREATE TABLE IF NOT EXISTS schedules_trash" 2942 " (id INTEGER PRIMARY KEY, uuid, owner INTEGER, name, comment," 2943 " first_time, period, period_months, duration, timezone," 2944 " initial_offset, creation_time, modification_time);");
2945 sql (
"CREATE TABLE IF NOT EXISTS settings" 2946 " (id INTEGER PRIMARY KEY, uuid, owner INTEGER, name, comment, value);");
2947 sql (
"CREATE TABLE IF NOT EXISTS tags" 2948 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner, name, comment," 2949 " creation_time, modification_time, resource_type, resource," 2950 " resource_uuid, resource_location, active, value);");
2951 sql (
"CREATE INDEX IF NOT EXISTS tags_by_resource" 2952 " ON tags (resource_type, resource);");
2953 sql (
"CREATE INDEX IF NOT EXISTS tags_by_name" 2954 " ON tags (name);");
2955 sql (
"CREATE UNIQUE INDEX IF NOT EXISTS tags_by_uuid" 2956 " ON tags (uuid);");
2957 sql (
"CREATE TABLE IF NOT EXISTS tags_trash" 2958 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner, name, comment," 2959 " creation_time, modification_time, resource_type, resource," 2960 " resource_uuid, resource_location, active, value);");
2961 sql (
"CREATE TABLE IF NOT EXISTS targets" 2962 " (id INTEGER PRIMARY KEY, uuid text UNIQUE NOT NULL," 2963 " owner integer, name text NOT NULL," 2964 " hosts text, exclude_hosts text," 2965 " reverse_lookup_only integer, reverse_lookup_unify integer," 2966 " comment text, port_list integer, alive_test integer," 2967 " creation_time integer, modification_time integer);");
2968 sql (
"CREATE TABLE IF NOT EXISTS targets_trash" 2969 " (id INTEGER PRIMARY KEY, uuid text UNIQUE NOT NULL," 2970 " owner integer, name text NOT NULL," 2971 " hosts text, exclude_hosts text," 2972 " reverse_lookup_only integer, reverse_lookup_unify integer," 2973 " comment text, port_list integer, port_list_location integer," 2974 " alive_test integer," 2975 " creation_time integer, modification_time integer);");
2976 sql (
"CREATE TABLE IF NOT EXISTS targets_login_data" 2977 " (id INTEGER PRIMARY KEY, target INTEGER, type TEXT," 2978 " credential INTEGER, port INTEGER);");
2979 sql (
"CREATE TABLE IF NOT EXISTS targets_trash_login_data" 2980 " (id INTEGER PRIMARY KEY, target INTEGER, type TEXT," 2981 " credential INTEGER, port INTEGER, credential_location INTEGER);");
2982 sql (
"CREATE TABLE IF NOT EXISTS task_files" 2983 " (id INTEGER PRIMARY KEY, task INTEGER, name, content);");
2984 sql (
"CREATE TABLE IF NOT EXISTS task_alerts" 2985 " (id INTEGER PRIMARY KEY, task INTEGER, alert INTEGER," 2986 " alert_location INTEGER);");
2987 sql (
"CREATE TABLE IF NOT EXISTS task_preferences" 2988 " (id INTEGER PRIMARY KEY, task INTEGER, name, value);");
2989 sql (
"CREATE TABLE IF NOT EXISTS tasks" 2990 " (id INTEGER PRIMARY KEY, uuid, owner INTEGER, name, hidden INTEGER," 2991 " comment, run_status INTEGER, start_time, end_time," 2992 " config INTEGER, target INTEGER, schedule INTEGER, schedule_next_time," 2993 " schedule_periods INTEGER, config_location INTEGER," 2994 " target_location INTEGER, schedule_location INTEGER," 2995 " scanner_location INTEGER, upload_result_count INTEGER," 2996 " hosts_ordering, scanner, alterable, creation_time," 2997 " modification_time);");
3001 sql (
"CREATE TABLE IF NOT EXISTS users" 3002 " (id INTEGER PRIMARY KEY, uuid UNIQUE, owner INTEGER, name, comment," 3003 " password, timezone, hosts, hosts_allow, ifaces, ifaces_allow," 3004 " method, creation_time, modification_time);");
3010 sql (
"DROP VIEW IF EXISTS result_overrides;");
3011 sql (
"CREATE VIEW result_overrides AS" 3012 " SELECT users.id AS user," 3013 " results.id as result," 3014 " overrides.id AS override," 3015 " overrides.severity AS ov_old_severity," 3016 " overrides.new_severity AS ov_new_severity" 3017 " FROM users, results, overrides" 3018 " WHERE overrides.nvt = results.nvt" 3019 " AND (overrides.result = 0 OR overrides.result = results.id)" 3021 " AND ((overrides.end_time = 0)" 3022 " OR (overrides.end_time >= m_now ()))" 3023 " AND (overrides.task =" 3024 " (SELECT reports.task FROM reports" 3025 " WHERE results.report = reports.id)" 3026 " OR overrides.task = 0)" 3027 " AND (overrides.result = results.id" 3028 " OR overrides.result = 0)" 3029 " AND (overrides.hosts is NULL" 3030 " OR overrides.hosts = ''" 3031 " OR hosts_contains (overrides.hosts, results.host))" 3032 " AND (overrides.port is NULL" 3033 " OR overrides.port = ''" 3034 " OR overrides.port = results.port)" 3035 " ORDER BY overrides.result DESC, overrides.task DESC," 3036 " overrides.port DESC, overrides.severity ASC," 3037 " overrides.creation_time DESC",
3040 g_free (owned_clause);
3042 sql (
"DROP VIEW IF EXISTS result_new_severities;");
3043 sql (
"CREATE VIEW result_new_severities AS" 3044 " SELECT results.id as result, users.id as user, dynamic, override," 3045 " CASE WHEN dynamic THEN" 3046 " CASE WHEN override THEN" 3047 " coalesce ((SELECT ov_new_severity FROM result_overrides" 3048 " WHERE result = results.id" 3049 " AND result_overrides.user = users.id" 3050 " AND severity_matches_ov" 3051 " (coalesce ((CASE WHEN results.severity" 3054 " THEN (SELECT cvss_base" 3056 " WHERE nvts.oid = results.nvt)" 3057 " ELSE results.severity" 3059 " results.severity)," 3060 " ov_old_severity))," 3061 " coalesce ((CASE WHEN results.severity" 3063 " THEN (SELECT cvss_base" 3065 " WHERE nvts.oid = results.nvt)" 3066 " ELSE results.severity" 3068 " results.severity))" 3070 " coalesce ((CASE WHEN results.severity" 3072 " THEN (SELECT cvss_base" 3074 " WHERE nvts.oid = results.nvt)" 3075 " ELSE results.severity" 3077 " results.severity)" 3080 " CASE WHEN override THEN" 3081 " coalesce ((SELECT ov_new_severity FROM result_overrides" 3082 " WHERE result = results.id" 3083 " AND result_overrides.user = users.id" 3084 " AND severity_matches_ov" 3085 " (results.severity," 3086 " ov_old_severity))," 3087 " results.severity)" 3091 " END AS new_severity" 3092 " FROM results, users" 3093 " JOIN (SELECT 0 AS override UNION SELECT 1 AS override_opts)" 3094 " JOIN (SELECT 0 AS dynamic UNION SELECT 1 AS dynamic_opts);");
3096 sql (
"DROP VIEW IF EXISTS results_autofp;");
3097 sql (
"CREATE VIEW results_autofp AS" 3098 " SELECT results.id as result, autofp_selection," 3099 " (CASE autofp_selection" 3102 " (((SELECT family FROM nvts WHERE oid = results.nvt)" 3104 " OR results.nvt = '0'" 3106 " (SELECT id FROM nvts" 3107 " WHERE oid = results.nvt" 3110 " OR cve NOT IN (SELECT cve FROM nvts" 3111 " WHERE oid IN (SELECT source_name" 3112 " FROM report_host_details" 3113 " WHERE report_host" 3115 " FROM report_hosts" 3116 " WHERE report = %llu" 3117 " AND host = results.host)" 3118 " AND name = 'EXIT_CODE'" 3119 " AND value = 'EXIT_NOTVULN')" 3126 " (((SELECT family FROM nvts WHERE oid = results.nvt)" 3128 " OR results.nvt = '0'" 3130 " (SELECT id FROM nvts AS outer_nvts" 3131 " WHERE oid = results.nvt" 3135 " (SELECT cve FROM nvts" 3136 " WHERE oid IN (SELECT source_name" 3137 " FROM report_host_details" 3138 " WHERE report_host" 3140 " FROM report_hosts" 3141 " WHERE report = results.report" 3142 " AND host = results.host)" 3143 " AND name = 'EXIT_CODE'" 3144 " AND value = 'EXIT_NOTVULN')" 3149 " AND common_cve (nvts.cve, outer_nvts.cve)))))" 3153 " ELSE 0 END) AS autofp" 3155 " (SELECT 0 AS autofp_selection" 3156 " UNION SELECT 1 AS autofp_selection" 3157 " UNION SELECT 2 AS autofp_selection) AS autofp_opts;");
3180 if (access (OPENVAS_SCAP_DATA_DIR
"/scap.db", R_OK))
3186 g_warning (
"%s: failed to stat SCAP database: %s\n",
3192 sql_error (
"ATTACH DATABASE '" OPENVAS_SCAP_DATA_DIR
"/scap.db'" 3197 if (access (OPENVAS_CERT_DATA_DIR
"/cert.db", R_OK))
3203 g_warning (
"%s: failed to stat CERT database: %s\n",
3209 sql_error (
"ATTACH DATABASE '" OPENVAS_CERT_DATA_DIR
"/cert.db'" 3221 static int loaded = 0;
3226 if (access (OPENVAS_CERT_DATA_DIR
"/cert.db", R_OK))
3233 g_warning (
"%s: failed to stat CERT database: %s\n",
3239 if (
sql_error (
"SELECT count(*) FROM cert.sqlite_master" 3240 " WHERE type = 'table' AND name = 'dfn_cert_advs';"))
3244 loaded = !!
sql_int (
"SELECT count(*) FROM cert.sqlite_master" 3245 " WHERE type = 'table' AND name = 'dfn_cert_advs';");
3257 static int loaded = 0;
3262 if (access (OPENVAS_SCAP_DATA_DIR
"/scap.db", R_OK))
3269 g_warning (
"%s: failed to stat SCAP database: %s\n",
3275 if (
sql_error (
"SELECT count(*) FROM scap.sqlite_master" 3276 " WHERE type = 'table' AND name = 'cves';"))
3280 loaded = !!
sql_int (
"SELECT count(*) FROM scap.sqlite_master" 3281 " WHERE type = 'table' AND name = 'cves';");
3298 backup_db (
const gchar *database, gchar **backup_file_arg)
3301 sqlite3 *backup_db, *actual_task_db;
3302 sqlite3_backup *backup;
3304 backup_file = g_strdup_printf (
"%s.bak", database);
3306 if (sqlite3_open (backup_file, &backup_db) != SQLITE_OK)
3308 g_warning (
"%s: sqlite3_open failed: %s\n",
3317 sql (
"PRAGMA journal_mode=DELETE;");
3320 backup = sqlite3_backup_init (backup_db,
"main",
task_db,
"main");
3323 g_warning (
"%s: sqlite3_backup_init failed: %s\n",
3325 sqlite3_errmsg (backup_db));
3333 ret = sqlite3_backup_step (backup, 20 );
3334 if (ret == SQLITE_DONE)
3336 if (ret == SQLITE_OK)
3338 if (ret == SQLITE_BUSY || ret == SQLITE_LOCKED)
3340 sqlite3_sleep (250);
3343 g_warning (
"%s: sqlite3_backup_step failed: %s\n",
3345 sqlite3_errmsg (backup_db));
3346 sqlite3_backup_finish (backup);
3349 sqlite3_backup_finish (backup);
3350 sqlite3_close (backup_db);
3352 if (backup_file_arg)
3353 *backup_file_arg = backup_file;
3355 g_free (backup_file);
3359 sqlite3_close (backup_db);
3360 g_free (backup_file);
3379 ret = backup_db (db, NULL);
3400 sqlite3_value** argv)
3402 const unsigned char *text_time;
3408 text_time = sqlite3_value_text (argv[0]);
3422 if (text_time && (strlen ((
char*) text_time) > 0))
3424 memset (&tm, 0,
sizeof (
struct tm));
3425 if (strptime ((
char*) text_time,
"%a %b %d %H:%M:%S %Y", &tm) == NULL)
3427 sqlite3_result_error (context,
"Failed to parse time", -1);
3430 epoch_time = mktime (&tm);
3431 if (epoch_time == -1)
3433 sqlite3_result_error (context,
"Failed to make time", -1);
3442 sqlite3_result_int (context, epoch_time);
3453 if (sqlite3_create_function (
task_db,
3463 g_warning (
"%s: failed to create convert", __FUNCTION__);
int trash_target_credential_location(target_t, const char *)
void init_manage_process(int, const gchar *)
Initialize the manage library for a process.
void sql_make_uuid(sqlite3_context *context, int argc, sqlite3_value **argv)
Make a UUID.
int report_counts_id(report_t, int *, int *, int *, int *, int *, int *, double *, const get_data_t *, const char *)
void sql_target_login_port(sqlite3_context *context, int argc, sqlite3_value **argv)
Get a target port.
void sql_run_status_name(sqlite3_context *context, int argc, sqlite3_value **argv)
Get the name of a task run status.
long long int credential_t
void sql_uniquify(sqlite3_context *context, int argc, sqlite3_value **argv)
Make a name unique.
#define MIN_QOD_DEFAULT
Default min quality of detection percentage for filters.
void sql_clean_hosts(sqlite3_context *context, int argc, sqlite3_value **argv)
Clean a host list.
gchar * severity
Severity.
void sql_common_cve(sqlite3_context *context, int argc, sqlite3_value **argv)
Check if two CVE lists contain a common CVE.
void sql_t(sqlite3_context *context, int argc, sqlite3_value **argv)
Return 1.
void sql_resource_exists(sqlite3_context *context, int argc, sqlite3_value **argv)
Get if a resource exists by its type and ID.
void sql_regexp(sqlite3_context *context, int argc, sqlite3_value **argv)
Do a regexp match. Implements SQL REGEXP.
gchar * overrides_severity
Severity.
double report_severity(report_t, int, int)
const char * severity_to_type(double severity)
Get the message type matching a severity score.
gchar * tag_value(const gchar *tags, const gchar *tag)
Extract a tag from an OTP tag list.
char * iso_time(time_t *)
Create an ISO time from seconds since epoch.
int sql_int(char *sql,...)
Get a particular cell from a SQL query, as an int.
int manage_count_hosts(const char *, const char *)
void sql_tag(sqlite3_context *context, int argc, sqlite3_value **argv)
Extract a tag from an OTP tag list.
void sql_report_severity(sqlite3_context *context, int argc, sqlite3_value **argv)
Calculate the severity of a report.
int report_result_host_count(report_t, int)
void sql_parse_time(sqlite3_context *context, int argc, sqlite3_value **argv)
Try convert an OTP NVT tag time string into epoch time.
void manage_attach_databases()
Attach external databases.
void sql_max_hosts(sqlite3_context *context, int argc, sqlite3_value **argv)
Return number of hosts.
#define LSC_FAMILY_LIST
SQL list of LSC families.
void sql_order_inet(sqlite3_context *context, int argc, sqlite3_value **argv)
Convert an IP address into a sortable form.
gchar * clean_hosts(const char *, int *)
void cleanup_manage_process(gboolean)
Cleanup the manage library.
void sql(char *sql,...)
Perform an SQL statement, retrying if database is busy or locked.
gchar * acl_where_owned_for_get(const char *type, const char *user_sql)
Generate ownership part of WHERE, for getting a type of resource.
int manage_backup_db(const gchar *database)
Backup the database to a file.
gboolean report_task(report_t, task_t *)
int parse_time(const gchar *, int *)
Try convert an OTP NVT tag time string into epoch time.
void sql_report_result_host_count(sqlite3_context *context, int argc, sqlite3_value **argv)
Count the number of hosts of a report with results.
int severity_matches_ov(double severity, double ov_severity)
Check whether a severity matches an override's severity.
void sql_task_trend(sqlite3_context *context, int argc, sqlite3_value **argv)
Calculate the trend of a task.
void sql_user_can_everything(sqlite3_context *context, int argc, sqlite3_value **argv)
Check if a user can do anything.
void sql_report_host_count(sqlite3_context *context, int argc, sqlite3_value **argv)
Count the number of hosts of a report.
gchar * sql_quote(const char *string)
Quotes a string to be passed to sql statements.
void sql_cpe_title(sqlite3_context *context, int argc, sqlite3_value **argv)
Check if two CVE lists contain a common CVE.
credential_t target_credential(target_t, const char *)
int manage_create_migrate_51_to_52_convert()
Setup SQL function for migrate_51_to_52.
void sql_current_offset(sqlite3_context *context, int argc, sqlite3_value **argv)
Get the offset from UTC of the current time for a timezone.
const char * iterator_column_name(iterator_t *, int)
Get a column name from an iterator.
int task_last_report(task_t, report_t *)
Get the report from the most recently completed invocation of task.
Command data for a get command.
void check_db_sequences()
Ensure sequences for automatic ids are in a consistent state.
credential_t trash_target_credential(target_t, const char *)
int manage_create_sql_functions()
Create functions.
void sql_target_credential(sqlite3_context *context, int argc, sqlite3_value **argv)
Get a target credential.
int acl_user_can_everything(const char *user_id)
Test whether a user may perform any operation.
void sql_now(sqlite3_context *context, int argc, sqlite3_value **argv)
Get the current time as an epoch integer.
int resource_name(const char *, const char *, int, gchar **)
void sql_days_from_now(sqlite3_context *context, int argc, sqlite3_value **argv)
Calculate difference between now and epoch time in days.
void sql_task_severity(sqlite3_context *context, int argc, sqlite3_value **argv)
Calculate the severity of a task.
void get_data_reset(get_data_t *)
Reset command data.
void sql_hosts_contains(sqlite3_context *context, int argc, sqlite3_value **argv)
Check if a host list contains a host.
void sql_credential_value(sqlite3_context *context, int argc, sqlite3_value **argv)
Get a value from the data of a credential.
const char * run_status_name(task_status_t status)
Get the name of a run status.
int sql_error(char *sql,...)
Perform an SQL statement, retrying if database is busy or locked.
void sql_task_last_report(sqlite3_context *context, int argc, sqlite3_value **argv)
Get the last report of a task.
void migrate_51_to_52_sql_convert(sqlite3_context *context, int argc, sqlite3_value **argv)
Convert a UTC text time to an integer time since the Epoch.
void sql_rename_column(const char *old_table, const char *new_table, const char *old_name, const char *new_name)
Move data from a table to a new table, heeding column rename.
void sql_order_role(sqlite3_context *context, int argc, sqlite3_value **argv)
Convert a role for sorting.
void sql_next_time(sqlite3_context *context, int argc, sqlite3_value **argv)
Calculate the next time from now given a start time and a period.
int manage_db_empty()
Check whether database is empty.
const char * sql_default_database()
Return name of default database.
void sql_resource_name(sqlite3_context *context, int argc, sqlite3_value **argv)
Get the name of a resource by its type and ID.
void sql_severity_matches_ov(sqlite3_context *context, int argc, sqlite3_value **argv)
Test if a severity score matches an override's severity.
void cleanup_iterator(iterator_t *)
Cleanup an iterator.
void manage_session_set_timezone(const char *timezone)
Setup session timezone.
void sql_task_threat_level(sqlite3_context *context, int argc, sqlite3_value **argv)
Calculate the threat level of a task.
void sql_report_progress(sqlite3_context *context, int argc, sqlite3_value **argv)
Calculate the progress of a report.
int report_progress(report_t, task_t, gchar **)
int days_from_now(time_t *)
Calculate difference between now and epoch_time in days.
int resource_exists(const char *, resource_t, int)
Get whether a resource exists.
int report_host_count(report_t)
credentials_t current_credentials
Current credentials during any OMP command.
int manage_scap_loaded()
Check whether SCAP is available.
void sql_user_owns(sqlite3_context *context, int argc, sqlite3_value **argv)
Check if a user owns or effectively owns a resource.
char * task_severity(task_t, int, int, int)
Return the severity score of a task, taking overrides into account.
void create_tables()
Create all tables.
void sql_severity_in_level(sqlite3_context *context, int argc, sqlite3_value **argv)
Check whether a severity falls within a threat level.
task_t overrides_task
Task.
int iterator_column_count(iterator_t *)
Get number of columns from an iterator.
char * sql_string(char *sql,...)
Get a particular cell from a SQL query, as an string.
void sql_order_port(sqlite3_context *context, int argc, sqlite3_value **argv)
Convert a port into an integer for sorting.
void sql_order_threat(sqlite3_context *context, int argc, sqlite3_value **argv)
Convert a threat into an integer for sorting.
long current_offset(const char *)
Get the current offset from UTC of a timezone.
int user_can_everything(const char *)
time_t next_time(time_t first, int period, int period_months, const char *timezone, int periods_offset)
Calculate the next time from now given a start time and a period.
void sql_trash_target_credential_location(sqlite3_context *context, int argc, sqlite3_value **argv)
Get the location of a trash target credential.
gboolean next(iterator_t *)
Increment an iterator.
void sql_order_message_type(sqlite3_context *context, int argc, sqlite3_value **argv)
Convert a message type into an integer for sorting.
const char * severity_to_level(double severity, int mode)
Get the threat level matching a severity score.
void manage_session_init(const char *uuid)
Setup session.
void sql_report_severity_count(sqlite3_context *context, int argc, sqlite3_value **argv)
Get the number of results of a given severity level in a report.
int user_owns(const char *, resource_t, int)
get_data_t * report_results_get_data(int first, int rows, int apply_overrides, int autofp, int min_qod)
Create a new basic get_data_t struct to get report results.
void init_iterator(iterator_t *iterator, const char *sql,...)
Initialise an iterator.
int valid_db_resource_type(const char *)
Check whether a resource type table name is valid.
void sql_iso_time(sqlite3_context *context, int argc, sqlite3_value **argv)
Convert an epoch time into a string in ISO format.
void sql_strpos(sqlite3_context *context, int argc, sqlite3_value **argv)
Get position of a substring like the strpos function in PostgreSQL.
sqlite3 * task_db
Handle on the database.
int severity_in_level(double severity, const char *level)
Check whether a severity falls within a threat level.
void sql_severity_to_type(sqlite3_context *context, int argc, sqlite3_value **argv)
Get the message type matching a severity score.
int manage_cert_loaded()
Check whether CERT is available.
int trash_target_login_port(target_t, const char *)
int target_login_port(target_t, const char *)
int acl_user_owns(const char *type, resource_t resource, int trash)
Test whether a user effectively owns a resource.
void sql_severity_to_level(sqlite3_context *context, int argc, sqlite3_value **argv)
Get the threat level matching a severity score.
long long int resource_t
A resource, like a task or target.
const char * task_trend(task_t, int, int)