OpenVAS Manager
7.0.3~git
|
The OpenVAS Manager management library. More...
#include "manage.h"
#include "scanner.h"
#include "manage_acl.h"
#include "manage_sql.h"
#include "ovas-mngr-comm.h"
#include "utils.h"
#include <assert.h>
#include <ctype.h>
#include <errno.h>
#include <dirent.h>
#include <fcntl.h>
#include <glib.h>
#include <math.h>
#include <locale.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <strings.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <time.h>
#include <unistd.h>
#include <openvas/base/cvss.h>
#include <openvas/base/gpgme_util.h>
#include <openvas/base/openvas_string.h>
#include <openvas/base/openvas_file.h>
#include <openvas/base/openvas_hosts.h>
#include <openvas/omp/omp.h>
#include <openvas/misc/openvas_server.h>
#include <openvas/misc/nvt_categories.h>
#include <openvas/misc/openvas_uuid.h>
#include <openvas/misc/openvas_proctitle.h>
Go to the source code of this file.
Macros | |
#define | _XOPEN_SOURCE |
#define | _GNU_SOURCE |
#define | G_LOG_DOMAIN "md manage" |
GLib log domain. More... | |
#define | CPE_GETBYNAME_XSL OPENVAS_SCAP_RES_DIR "/cpe_getbyname.xsl" |
CPE selection stylesheet location. More... | |
#define | CVE_GETBYNAME_XSL OPENVAS_SCAP_RES_DIR "/cve_getbyname.xsl" |
CVE selection stylesheet location. More... | |
#define | OVALDEF_GETBYNAME_XSL OPENVAS_SCAP_RES_DIR "/ovaldef_getbyname.xsl" |
OVALDEF selection stylesheet location. More... | |
#define | CERT_BUND_ADV_GETBYNAME_XSL OPENVAS_CERT_RES_DIR "/cert_bund_getbyname.xsl" |
CERT_BUND_ADV selection stylesheet location. More... | |
#define | DFN_CERT_ADV_GETBYNAME_XSL OPENVAS_CERT_RES_DIR "/dfn_cert_getbyname.xsl" |
DFN_CERT_ADV selection stylesheet location. More... | |
#define | CPE_DICT_FILENAME OPENVAS_SCAP_DATA_DIR "/official-cpe-dictionary_v2.2.xml" |
CPE dictionary location. More... | |
#define | CVE_FILENAME_FMT OPENVAS_SCAP_DATA_DIR "/nvdcve-2.0-%d.xml" |
CVE data files location format string. More... | |
#define | CERT_BUND_ADV_FILENAME_FMT OPENVAS_CERT_DATA_DIR "/CB-K%02d.xml" |
CERT-Bund data files location format string. More... | |
#define | DFN_CERT_ADV_FILENAME_FMT OPENVAS_CERT_DATA_DIR "/dfn-cert-%04d.xml" |
DFN-CERT data files location format string. More... | |
#define | SCAP_TIMESTAMP_FILENAME OPENVAS_SCAP_DATA_DIR "/timestamp" |
SCAP timestamp location. More... | |
#define | CERT_TIMESTAMP_FILENAME OPENVAS_CERT_DATA_DIR "/timestamp" |
CERT timestamp location. More... | |
#define | MAX_CHECKS_DEFAULT "4" |
Default for Scanner max_checks preference. More... | |
#define | MAX_HOSTS_DEFAULT "20" |
Default for Scanner max_hosts preference. More... | |
#define | ZERO_SEVERITY_INDEX 4 |
#define | RUN_SLAVE_TASK_SLEEP_SECONDS 25 |
Number of seconds to sleep between polls to slave. More... | |
#define | COMMAND "openvasmr 0 titles" |
Command called by get_system_report_types. More... | |
#define | FALLBACK_SYSTEM_REPORT_HEADER |
Header for fallback system report. More... | |
#define | DEFAULT_DURATION 86400L |
#define | DEF(x) |
Define a code snippet for get_nvti_xml. More... | |
Functions | |
gchar * | truncate_certificate (const gchar *certificate) |
Truncate a certificate, removing extra data. More... | |
gchar * | truncate_private_key (const gchar *private_key) |
Truncate a private key, removing extra data. More... | |
int | get_certificate_info (const gchar *certificate, time_t *activation_time, time_t *expiration_time, gchar **fingerprint, gchar **issuer) |
Gathers info from a certificate. More... | |
gchar * | certificate_iso_time (time_t time) |
Converts a certificate time to an ISO time string. More... | |
const gchar * | certificate_time_status (time_t activates, time_t expires) |
Tests the activation and expiration time of a certificate. More... | |
void | slist_free (GSList *list) |
Free an slist of pointers, including the pointers. More... | |
const char * | type_name_plural (const char *type) |
Return the plural name of a resource type. More... | |
const char * | type_name (const char *type) |
Return the name of a resource type. More... | |
int | type_is_scap (const char *type) |
Check if a type is a SCAP type. More... | |
const char * | threat_message_type (const char *threat) |
Get the message type of a threat. More... | |
const char * | message_type_threat (const char *type) |
Get the threat of a message type. More... | |
int | severity_in_level (double severity, const char *level) |
Check whether a severity falls within a threat level. More... | |
int | severity_matches_ov (double severity, double ov_severity) |
Check whether a severity matches an override's severity. More... | |
const char * | severity_to_level (double severity, int mode) |
Get the threat level matching a severity score. More... | |
const char * | severity_to_type (double severity) |
Get the message type matching a severity score. More... | |
int | delete_reports (task_t task) |
Delete all the reports for a task. More... | |
gchar * | report_results_filter_term (int first, int rows, int apply_overrides, int autofp, int min_qod) |
Create a basic filter term to get report results. More... | |
get_data_t * | report_results_get_data (int first, int rows, int apply_overrides, int autofp, int min_qod) |
Create a new basic get_data_t struct to get report results. More... | |
int | severity_data_index (double severity) |
Convert a severity value into an index in the counts array. More... | |
double | severity_data_value (int index) |
Convert an index in the counts array to a severity value. More... | |
void | init_severity_data (severity_data_t *data) |
Initialize a severity data structure. More... | |
void | cleanup_severity_data (severity_data_t *data) |
Clean up a severity data structure. More... | |
void | severity_data_add (severity_data_t *severity_data, double severity) |
Add a severity occurrence to the counts of a severity_data_t. More... | |
void | severity_data_add_count (severity_data_t *severity_data, double severity, int count) |
Add a multiple severity occurrences to the counts of a severity_data_t. More... | |
int | severity_data_range_count (const severity_data_t *severity_data, double min_severity, double max_severity) |
Calculate the total of severity counts in a range. More... | |
void | severity_data_level_counts (const severity_data_t *severity_data, const gchar *severity_class, int *errors, int *debugs, int *false_positives, int *logs, int *lows, int *mediums, int *highs) |
Count the occurrences of severities in the levels. More... | |
const char * | alert_condition_name (alert_condition_t condition) |
Get the name of an alert condition. More... | |
const char * | event_name (event_t event) |
Get the name of an alert event. More... | |
gchar * | alert_condition_description (alert_condition_t condition, alert_t alert) |
Get a description of an alert condition. More... | |
gchar * | event_description (event_t event, const void *event_data, const char *task_name) |
Get a description of an alert event. More... | |
const char * | alert_method_name (alert_method_t method) |
Get the name of an alert method. More... | |
alert_condition_t | alert_condition_from_name (const char *name) |
Get an alert condition from a name. More... | |
event_t | event_from_name (const char *name) |
Get an event from a name. More... | |
alert_method_t | alert_method_from_name (const char *name) |
Get an alert method from a name. More... | |
const char * | run_status_name (task_status_t status) |
Get the name of a run status. More... | |
const char * | run_status_name_internal (task_status_t status) |
Get the unique name of a run status. More... | |
void | buffer_config_preference_xml (GString *, iterator_t *, config_t, int) |
Buffer XML for the NVT preference of a config. More... | |
int | update_slave_progress (entity_t get_tasks) |
Update the locally cached task progress from the slave. More... | |
int | slave_authenticate (gnutls_session_t *session, scanner_t slave) |
Authenticate with a slave. More... | |
int | update_end_times (entity_t report) |
Update end times, and optionally add host details. More... | |
int | run_osp_task (task_t task) |
Start a task on an OSP scanner. More... | |
int | set_certs (const char *ca_pub, const char *key_pub, const char *key_priv) |
Initialise OpenVAS scanner variables, checking for defaults. More... | |
int | run_otp_task (task_t task, scanner_t scanner, int from, char **report_id) |
Start an OTP scanner task. More... | |
int | start_task (const char *task_id, char **report_id) |
Start a task. More... | |
int | stop_task_internal (task_t task) |
Initiate stopping a task. More... | |
int | stop_task (const char *task_id) |
Initiate stopping a task. More... | |
int | resume_task (const char *task_id, char **report_id) |
Resume a task. More... | |
int | move_task (const char *task_id, const char *slave_id) |
Reassign a task to another slave. More... | |
int | acknowledge_bye () |
Acknowledge a scanner BYE. More... | |
int | acknowledge_feed_version_info () |
Acknowledge scanner PLUGINS_FEED_VERSION message,. More... | |
int | manage_check_current_task () |
Handle state changes to current task made by other processes. More... | |
const char * | credential_full_type (const char *abbreviation) |
Get the written-out name of an LSC Credential type. More... | |
int | init_system_report_type_iterator (report_type_iterator_t *iterator, const char *type, const char *slave_id) |
Initialise a system report type iterator. More... | |
void | cleanup_report_type_iterator (report_type_iterator_t *iterator) |
Cleanup a report type iterator. More... | |
gboolean | next_report_type (report_type_iterator_t *iterator) |
Increment a report type iterator. More... | |
const char * | report_type_iterator_name (report_type_iterator_t *iterator) |
Return the name from a report type iterator. More... | |
const char * | report_type_iterator_title (report_type_iterator_t *iterator) |
Return the title from a report type iterator. More... | |
int | manage_system_report (const char *name, const char *duration, const char *start_time, const char *end_time, const char *slave_id, char **report) |
Get a system report. More... | |
void | manage_auth_allow_all (int scheduled) |
Ensure that any subsequent authentications succeed. More... | |
gchar * | get_scheduled_user_uuid () |
Access UUID of user that scheduled the current task. More... | |
void | set_scheduled_user_uuid (gchar *user_uuid) |
Set UUID of user that scheduled the current task. More... | |
int | manage_schedule (int(*fork_connection)(openvas_connection_t *, gchar *), gboolean run_tasks, sigset_t *sigmask_current) |
Schedule any actions that are due. More... | |
int | get_schedule_timeout () |
Get the current schedule timeout. More... | |
void | set_schedule_timeout (int new_timeout) |
Set the schedule timeout. More... | |
const char * | report_format_param_type_name (report_format_param_type_t type) |
Get the name of a report format param type. More... | |
report_format_param_type_t | report_format_param_type_from_name (const char *name) |
Get a report format param type from a name. More... | |
gchar * | predefined_report_format_dir (const gchar *uuid) |
Get the directory of a report format. More... | |
int | init_report_format_file_iterator (file_iterator_t *iterator, report_format_t report_format) |
Initialise a report format file iterator. More... | |
void | cleanup_file_iterator (file_iterator_t *iterator) |
Cleanup a report type iterator. More... | |
gboolean | next_file (file_iterator_t *iterator) |
Increment a report type iterator. More... | |
const char * | file_iterator_name (file_iterator_t *iterator) |
Return the name from a file iterator. More... | |
gchar * | file_iterator_content_64 (file_iterator_t *iterator) |
Return the file contents from a file iterator. More... | |
void | parse_tags (const char *scanner_tags, gchar **tags, gchar **cvss_base) |
Split up the tags received from the scanner. More... | |
int | delete_slave_task (const gchar *host, int port, const gchar *username, const gchar *password, const char *slave_task_uuid) |
Delete a task on a slave. More... | |
gchar * | xsl_transform (gchar *stylesheet, gchar *xmlfile, gchar **param_names, gchar **param_values) |
Run xsltproc in an external process. More... | |
gchar * | get_nvti_xml (iterator_t *nvts, int details, int pref_count, int preferences, const char *timeout, config_t config, int close_tag) |
Create and return XML description for an NVT. More... | |
const char * | manage_scap_update_time () |
GET SCAP update time, as a string. More... | |
int | manage_read_info (gchar *type, gchar *uid, gchar *name, gchar **result) |
Read raw information. More... | |
int | validate_username (const gchar *name) |
Validates a username. More... | |
Variables | |
volatile int | termination_signal |
Flag for signal handlers. More... | |
credentials_t | current_credentials |
Current credentials during any OMP command. More... | |
task_t | current_scanner_task = (task_t) 0 |
The task currently running on the scanner. More... | |
report_t | current_report = (report_t) 0 |
The report of the current task. More... | |
gchar * | slave_ssh_credential_uuid = NULL |
Slave credential UUID. More... | |
gchar * | slave_smb_credential_uuid = NULL |
Slave credential UUID. More... | |
gchar * | slave_esxi_credential_uuid = NULL |
Slave credential UUID. More... | |
gchar * | slave_snmp_credential_uuid = NULL |
Slave credential UUID. More... | |
gchar * | slave_target_uuid = NULL |
Slave target UUID. More... | |
gchar * | slave_port_list_uuid = NULL |
Slave target UUID. More... | |
gchar * | slave_config_uuid = NULL |
Slave config UUID. More... | |
gchar * | slave_task_uuid = NULL |
Slave task UUID. More... | |
gchar * | slave_report_uuid = NULL |
Slave report UUID. More... | |
openvas_connection_t * | slave_connection = NULL |
Slave session. More... | |
int | authenticate_allow_all = 0 |
Flag for manage_auth_allow_all. More... | |
gchar * | schedule_user_uuid = NULL |
UUID of user whose scheduled task is to be started (in connection with authenticate_allow_all). More... | |
The OpenVAS Manager management library.
This file defines a management library, for implementing OpenVAS Managers such as the OpenVAS Manager daemon.
This library provides facilities for storing and manipulating credential and task information, and manipulating reports. Task manipulation includes sending task commands to the OTP server (the "scanner") that is running the tasks.
Definition in file manage.c.
#define CERT_BUND_ADV_FILENAME_FMT OPENVAS_CERT_DATA_DIR "/CB-K%02d.xml" |
#define CERT_BUND_ADV_GETBYNAME_XSL OPENVAS_CERT_RES_DIR "/cert_bund_getbyname.xsl" |
#define CERT_TIMESTAMP_FILENAME OPENVAS_CERT_DATA_DIR "/timestamp" |
#define COMMAND "openvasmr 0 titles" |
#define CPE_DICT_FILENAME OPENVAS_SCAP_DATA_DIR "/official-cpe-dictionary_v2.2.xml" |
#define CPE_GETBYNAME_XSL OPENVAS_SCAP_RES_DIR "/cpe_getbyname.xsl" |
#define CVE_FILENAME_FMT OPENVAS_SCAP_DATA_DIR "/nvdcve-2.0-%d.xml" |
#define CVE_GETBYNAME_XSL OPENVAS_SCAP_RES_DIR "/cve_getbyname.xsl" |
#define DEF | ( | x | ) |
#define DFN_CERT_ADV_FILENAME_FMT OPENVAS_CERT_DATA_DIR "/dfn-cert-%04d.xml" |
#define DFN_CERT_ADV_GETBYNAME_XSL OPENVAS_CERT_RES_DIR "/dfn_cert_getbyname.xsl" |
#define FALLBACK_SYSTEM_REPORT_HEADER |
#define MAX_CHECKS_DEFAULT "4" |
#define MAX_HOSTS_DEFAULT "20" |
#define OVALDEF_GETBYNAME_XSL OPENVAS_SCAP_RES_DIR "/ovaldef_getbyname.xsl" |
#define RUN_SLAVE_TASK_SLEEP_SECONDS 25 |
#define SCAP_TIMESTAMP_FILENAME OPENVAS_SCAP_DATA_DIR "/timestamp" |
int acknowledge_bye | ( | ) |
Acknowledge a scanner BYE.
Definition at line 5705 of file manage.c.
References send_to_server().
int acknowledge_feed_version_info | ( | ) |
Acknowledge scanner PLUGINS_FEED_VERSION message,.
requesting all plugin info.
Definition at line 5719 of file manage.c.
References send_to_server().
gchar* alert_condition_description | ( | alert_condition_t | condition, |
alert_t | alert | ||
) |
Get a description of an alert condition.
[in] | condition | Condition. |
[in] | alert | Alert. |
Definition at line 1063 of file manage.c.
References ALERT_CONDITION_ALWAYS, ALERT_CONDITION_FILTER_COUNT_AT_LEAST, ALERT_CONDITION_FILTER_COUNT_CHANGED, ALERT_CONDITION_SEVERITY_AT_LEAST, ALERT_CONDITION_SEVERITY_CHANGED, and alert_data().
alert_condition_t alert_condition_from_name | ( | const char * | name | ) |
Get an alert condition from a name.
[in] | name | Condition name. |
Definition at line 1173 of file manage.c.
References ALERT_CONDITION_ALWAYS, ALERT_CONDITION_ERROR, ALERT_CONDITION_FILTER_COUNT_AT_LEAST, ALERT_CONDITION_FILTER_COUNT_CHANGED, ALERT_CONDITION_SEVERITY_AT_LEAST, and ALERT_CONDITION_SEVERITY_CHANGED.
const char* alert_condition_name | ( | alert_condition_t | condition | ) |
Get the name of an alert condition.
[in] | condition | Condition. |
Definition at line 1016 of file manage.c.
References ALERT_CONDITION_ALWAYS, ALERT_CONDITION_FILTER_COUNT_AT_LEAST, ALERT_CONDITION_FILTER_COUNT_CHANGED, ALERT_CONDITION_SEVERITY_AT_LEAST, and ALERT_CONDITION_SEVERITY_CHANGED.
alert_method_t alert_method_from_name | ( | const char * | name | ) |
Get an alert method from a name.
[in] | name | Method name. |
Definition at line 1215 of file manage.c.
References ALERT_METHOD_EMAIL, ALERT_METHOD_ERROR, ALERT_METHOD_HTTP_GET, ALERT_METHOD_SCP, ALERT_METHOD_SEND, ALERT_METHOD_SMB, ALERT_METHOD_SNMP, ALERT_METHOD_SOURCEFIRE, ALERT_METHOD_START_TASK, ALERT_METHOD_SYSLOG, ALERT_METHOD_TIPPINGPOINT, and ALERT_METHOD_VERINICE.
const char* alert_method_name | ( | alert_method_t | method | ) |
Get the name of an alert method.
[in] | method | Method. |
Definition at line 1146 of file manage.c.
References ALERT_METHOD_EMAIL, ALERT_METHOD_HTTP_GET, ALERT_METHOD_SCP, ALERT_METHOD_SEND, ALERT_METHOD_SMB, ALERT_METHOD_SNMP, ALERT_METHOD_SOURCEFIRE, ALERT_METHOD_START_TASK, ALERT_METHOD_SYSLOG, ALERT_METHOD_TIPPINGPOINT, and ALERT_METHOD_VERINICE.
void buffer_config_preference_xml | ( | GString * | buffer, |
iterator_t * | prefs, | ||
config_t | config, | ||
int | hide_passwords | ||
) |
Buffer XML for the NVT preference of a config.
[in] | buffer | Buffer. |
[in] | prefs | NVT preference iterator. |
[in] | config | Config. |
[in] | hide_passwords | Whether to hide passwords. |
Definition at line 11120 of file omp.c.
References nvt_oid(), nvt_preference_iterator_config_value(), nvt_preference_iterator_nvt(), nvt_preference_iterator_real_name(), nvt_preference_iterator_type(), nvt_preference_iterator_value(), and create_port_list_range::type.
gchar* certificate_iso_time | ( | time_t | time | ) |
Converts a certificate time to an ISO time string.
[in] | time | The time as a time_t. |
Definition at line 352 of file manage.c.
References iso_time().
const gchar* certificate_time_status | ( | time_t | activates, |
time_t | expires | ||
) |
Tests the activation and expiration time of a certificate.
[in] | activates | Activation time. |
[in] | expires | Expiration time. |
void cleanup_file_iterator | ( | file_iterator_t * | iterator | ) |
void cleanup_report_type_iterator | ( | report_type_iterator_t * | iterator | ) |
void cleanup_severity_data | ( | severity_data_t * | data | ) |
Clean up a severity data structure.
[in] | data | The data structure to initialize. |
Definition at line 848 of file manage.c.
References severity_data_t::counts.
const char* credential_full_type | ( | const char * | abbreviation | ) |
int delete_reports | ( | task_t | task | ) |
Delete all the reports for a task.
It's up to the caller to ensure that this runs in a contention safe context (for example within an SQL transaction).
[in] | task | A task descriptor. |
Definition at line 733 of file manage.c.
References cleanup_iterator(), delete_report_internal(), init_report_iterator_task(), and next_report().
int delete_slave_task | ( | const gchar * | host, |
int | port, | ||
const gchar * | username, | ||
const gchar * | password, | ||
const char * | slave_task_uuid | ||
) |
Delete a task on a slave.
[in] | host | Slave host. |
[in] | port | Slave port. |
[in] | username | Slave username. |
[in] | password | Slave password. |
[in] | slave_task_uuid | UUID of task on slave. |
Definition at line 7311 of file manage.c.
References slave_config_uuid, slave_port_list_uuid, slave_smb_credential_uuid, slave_ssh_credential_uuid, slave_target_uuid, and slave_task_uuid.
gchar* event_description | ( | event_t | event, |
const void * | event_data, | ||
const char * | task_name | ||
) |
Get a description of an alert event.
[in] | event | Event. |
[in] | event_data | Event data. |
[in] | task_name | Name of task if required in description, else NULL. |
Definition at line 1114 of file manage.c.
event_t event_from_name | ( | const char * | name | ) |
Get an event from a name.
[in] | name | Event name. |
Definition at line 1196 of file manage.c.
References EVENT_ERROR, EVENT_NEW_SECINFO, EVENT_TASK_RUN_STATUS_CHANGED, and EVENT_UPDATED_SECINFO.
const char* event_name | ( | event_t | event | ) |
Get the name of an alert event.
[in] | event | Event. |
gchar* file_iterator_content_64 | ( | file_iterator_t * | iterator | ) |
const char* file_iterator_name | ( | file_iterator_t * | iterator | ) |
int get_certificate_info | ( | const gchar * | certificate, |
time_t * | activation_time, | ||
time_t * | expiration_time, | ||
gchar ** | fingerprint, | ||
gchar ** | issuer | ||
) |
Gathers info from a certificate.
[in] | certificate | The certificate to get data from. |
[out] | activation_time | Pointer to write activation time to. |
[out] | expiration_time | Pointer to write expiration time to. |
[out] | fingerprint | Pointer for newly allocated fingerprint. |
[out] | issuer | Pointer for newly allocated issuer DN. |
Definition at line 252 of file manage.c.
References truncate_certificate().
gchar* get_nvti_xml | ( | iterator_t * | nvts, |
int | details, | ||
int | pref_count, | ||
int | preferences, | ||
const char * | timeout, | ||
config_t | config, | ||
int | close_tag | ||
) |
Create and return XML description for an NVT.
[in] | nvts | The NVT. |
[in] | details | If true, detailed XML, else simple XML. |
[in] | pref_count | Preference count. Used if details is true. |
[in] | preferences | If true, included preferences. |
[in] | timeout | Timeout. Used if details is true. |
[in] | config | Config, used if preferences is true. |
[in] | close_tag | Whether to close the NVT tag or not. |
Definition at line 7658 of file manage.c.
References cleanup_iterator(), DEF, get_iterator_creation_time(), get_iterator_modification_time(), get_iterator_name(), get_iterator_resource(), init_nvt_cert_bund_adv_iterator(), init_nvt_dfn_cert_adv_iterator(), init_resource_tag_iterator(), manage_cert_loaded(), next(), nvt_iterator_name(), nvt_iterator_oid(), resource_tag_count(), resource_tag_iterator_comment(), resource_tag_iterator_name(), resource_tag_iterator_uuid(), and resource_tag_iterator_value().
int get_schedule_timeout | ( | ) |
gchar* get_scheduled_user_uuid | ( | ) |
Access UUID of user that scheduled the current task.
Definition at line 6451 of file manage.c.
References schedule_user_uuid.
Referenced by authenticate().
int init_report_format_file_iterator | ( | file_iterator_t * | iterator, |
report_format_t | report_format | ||
) |
Initialise a report format file iterator.
[in] | iterator | Iterator. |
[in] | report_format | Single report format to iterate over, NULL for all. |
Definition at line 7096 of file manage.c.
References predefined_report_format_dir(), report_format_owner_uuid(), report_format_predefined(), and report_format_uuid().
void init_severity_data | ( | severity_data_t * | data | ) |
Initialize a severity data structure.
[in] | data | The data structure to initialize. |
Definition at line 831 of file manage.c.
References severity_data_t::counts, severity_data_t::max, SEVERITY_MAX, SEVERITY_MISSING, SEVERITY_SUBDIVISIONS, severity_data_t::total, and ZERO_SEVERITY_INDEX.
int init_system_report_type_iterator | ( | report_type_iterator_t * | iterator, |
const char * | type, | ||
const char * | slave_id | ||
) |
Initialise a system report type iterator.
[in] | iterator | Iterator. |
[in] | type | Single report type to iterate over, NULL for all. |
[in] | slave_id | ID of slave to get reports from. 0 for local. |
Definition at line 6041 of file manage.c.
References acl_user_may().
void manage_auth_allow_all | ( | int | scheduled | ) |
Ensure that any subsequent authentications succeed.
[in] | scheduled | Whether this is happening from the scheduler. |
Definition at line 6440 of file manage.c.
References authenticate_allow_all.
int manage_check_current_task | ( | ) |
Handle state changes to current task made by other processes.
Definition at line 5733 of file manage.c.
References current_scanner_task, manage_transaction_stop(), send_to_server(), set_task_run_status(), task_run_status(), TASK_STATUS_DELETE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_WAITING, TASK_STATUS_DELETE_WAITING, TASK_STATUS_DONE, TASK_STATUS_INTERNAL_ERROR, TASK_STATUS_NEW, TASK_STATUS_REQUESTED, TASK_STATUS_RUNNING, TASK_STATUS_STOP_REQUESTED, TASK_STATUS_STOP_REQUESTED_GIVEUP, TASK_STATUS_STOP_WAITING, and TASK_STATUS_STOPPED.
Referenced by process_omp_change(), and process_otp_scanner_input().
int manage_read_info | ( | gchar * | type, |
gchar * | uid, | ||
gchar * | name, | ||
gchar ** | result | ||
) |
Read raw information.
[in] | type | Type of the requested information. |
[in] | uid | Unique identifier of the requested information |
[in] | name | Name or identifier of the requested information. |
[out] | result | Pointer to the read information location. Will point to NULL on error. |
Definition at line 7889 of file manage.c.
const char* manage_scap_update_time | ( | ) |
GET SCAP update time, as a string.
Definition at line 7842 of file manage.c.
References SCAP_TIMESTAMP_FILENAME.
int manage_schedule | ( | int(*)(openvas_connection_t *, gchar *) | fork_connection, |
gboolean | run_tasks, | ||
sigset_t * | sigmask_current | ||
) |
Schedule any actions that are due.
In openvasmd, periodically called from the main daemon loop.
[in] | fork_connection | Function that forks a child which is connected to the Manager. Must return PID in parent, 0 in child, or -1 on error. |
[in] | run_tasks | Whether to run scheduled tasks. |
[in] | sigmask_current | Sigmask to restore in child. |
Definition at line 6481 of file manage.c.
References auto_delete_reports(), cleanup_task_schedule_iterator(), clear_duration_schedules(), current_credentials, init_task_schedule_iterator(), manage_session_init(), manage_update_nvti_cache(), next(), next_time(), reinit_manage_process(), reschedule_task(), schedule_duration(), schedule_period(), set_task_schedule_next_time(), set_task_schedule_next_time_uuid(), set_task_schedule_periods(), set_task_schedule_uuid(), task_schedule_iterator_first_time(), task_schedule_iterator_owner_name(), task_schedule_iterator_owner_uuid(), task_schedule_iterator_period(), task_schedule_iterator_period_months(), task_schedule_iterator_start_due(), task_schedule_iterator_stop_due(), task_schedule_iterator_task(), task_schedule_iterator_task_uuid(), task_schedule_iterator_timed_out(), task_schedule_iterator_timezone(), task_schedule_next_time_uuid(), task_schedule_periods_uuid(), task_schedule_uuid(), task_uuid(), and update_duration_schedule_periods().
int manage_system_report | ( | const char * | name, |
const char * | duration, | ||
const char * | start_time, | ||
const char * | end_time, | ||
const char * | slave_id, | ||
char ** | report | ||
) |
Get a system report.
[in] | name | Name of report. |
[in] | duration | Time range of report, in seconds. |
[in] | start_time | Time of first data point in report. |
[in] | end_time | Time of last data point in report. |
[in] | slave_id | ID of slave to get report from. 0 for local. |
[out] | report | On success, report in base64 if such a report exists else NULL. Arbitrary on error. |
Definition at line 6240 of file manage.c.
References manage_system_report(), and parse_iso_time().
Referenced by manage_system_report().
const char* message_type_threat | ( | const char * | type | ) |
int move_task | ( | const char * | task_id, |
const char * | slave_id | ||
) |
Reassign a task to another slave.
[in] | task_id | UUID of task. |
[in] | slave_id | UUID of slave. |
Definition at line 5576 of file manage.c.
References acl_user_has_access_uuid(), acl_user_may(), find_scanner_with_permission(), find_task_with_permission(), resume_task(), SCANNER_TYPE_CVE, SCANNER_TYPE_OMP, SCANNER_TYPE_OPENVAS, SCANNER_UUID_DEFAULT, set_task_scanner(), stop_task_internal(), task_id(), task_run_status(), task_scanner(), TASK_STATUS_DELETE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_WAITING, TASK_STATUS_DELETE_WAITING, TASK_STATUS_REQUESTED, TASK_STATUS_RUNNING, TASK_STATUS_STOP_REQUESTED, TASK_STATUS_STOP_REQUESTED_GIVEUP, and TASK_STATUS_STOP_WAITING.
gboolean next_file | ( | file_iterator_t * | iterator | ) |
gboolean next_report_type | ( | report_type_iterator_t * | iterator | ) |
void parse_tags | ( | const char * | scanner_tags, |
gchar ** | tags, | ||
gchar ** | cvss_base | ||
) |
Split up the tags received from the scanner.
[in] | scanner_tags | The tags sent by the scanner. |
[out] | tags | Tags. |
[out] | cvss_base | CVSS base. |
Definition at line 7241 of file manage.c.
Referenced by migrate_16_to_17().
gchar* predefined_report_format_dir | ( | const gchar * | uuid | ) |
Get the directory of a report format.
[in] | uuid | Report format UUID. NULL to get parent dir. |
Definition at line 7077 of file manage.c.
Referenced by init_report_format_file_iterator().
report_format_param_type_t report_format_param_type_from_name | ( | const char * | name | ) |
Get a report format param type from a name.
[in] | name | Param type name. |
Definition at line 6978 of file manage.c.
References REPORT_FORMAT_PARAM_TYPE_BOOLEAN, REPORT_FORMAT_PARAM_TYPE_ERROR, REPORT_FORMAT_PARAM_TYPE_INTEGER, REPORT_FORMAT_PARAM_TYPE_REPORT_FORMAT_LIST, REPORT_FORMAT_PARAM_TYPE_SELECTION, REPORT_FORMAT_PARAM_TYPE_STRING, and REPORT_FORMAT_PARAM_TYPE_TEXT.
const char* report_format_param_type_name | ( | report_format_param_type_t | type | ) |
Get the name of a report format param type.
[in] | type | Param type. |
Definition at line 6947 of file manage.c.
References REPORT_FORMAT_PARAM_TYPE_BOOLEAN, REPORT_FORMAT_PARAM_TYPE_ERROR, REPORT_FORMAT_PARAM_TYPE_INTEGER, REPORT_FORMAT_PARAM_TYPE_REPORT_FORMAT_LIST, REPORT_FORMAT_PARAM_TYPE_SELECTION, REPORT_FORMAT_PARAM_TYPE_STRING, and REPORT_FORMAT_PARAM_TYPE_TEXT.
gchar* report_results_filter_term | ( | int | first, |
int | rows, | ||
int | apply_overrides, | ||
int | autofp, | ||
int | min_qod | ||
) |
Create a basic filter term to get report results.
Definition at line 752 of file manage.c.
Referenced by report_results_get_data().
get_data_t* report_results_get_data | ( | int | first, |
int | rows, | ||
int | apply_overrides, | ||
int | autofp, | ||
int | min_qod | ||
) |
Create a new basic get_data_t struct to get report results.
Definition at line 766 of file manage.c.
References get_data_t::filter, report_results_filter_term(), and get_data_t::type.
const char* report_type_iterator_name | ( | report_type_iterator_t * | iterator | ) |
const char* report_type_iterator_title | ( | report_type_iterator_t * | iterator | ) |
int resume_task | ( | const char * | task_id, |
char ** | report_id | ||
) |
Resume a task.
[in] | task_id | Task UUID. |
[out] | report_id | If successful, ID of the resultant report. |
Definition at line 5543 of file manage.c.
References acl_user_may(), find_task_with_permission(), task_id(), task_run_status(), and TASK_STATUS_STOPPED.
Referenced by move_task().
int run_osp_task | ( | task_t | task | ) |
Start a task on an OSP scanner.
[in] | task | The task. |
Definition at line 3996 of file manage.c.
References find_target_with_permission(), target_uuid(), and task_target().
Start an OTP scanner task.
[in] | task | The task. |
[in] | scanner | Scanner to use. |
[in] | from | 0 start from beginning, 1 continue from stopped, 2 continue if stopped else start from beginning. |
[out] | report_id | The report ID. |
Definition at line 4738 of file manage.c.
const char* run_status_name | ( | task_status_t | status | ) |
Get the name of a run status.
[in] | status | Run status. |
Definition at line 1253 of file manage.c.
References TASK_STATUS_DELETE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_WAITING, TASK_STATUS_DELETE_WAITING, TASK_STATUS_DONE, TASK_STATUS_NEW, TASK_STATUS_REQUESTED, TASK_STATUS_RUNNING, TASK_STATUS_STOP_REQUESTED, TASK_STATUS_STOP_REQUESTED_GIVEUP, TASK_STATUS_STOP_WAITING, and TASK_STATUS_STOPPED.
Referenced by sql_run_status_name().
const char* run_status_name_internal | ( | task_status_t | status | ) |
Get the unique name of a run status.
[in] | status | Run status. |
Definition at line 1288 of file manage.c.
References TASK_STATUS_DELETE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_REQUESTED, TASK_STATUS_DELETE_ULTIMATE_WAITING, TASK_STATUS_DELETE_WAITING, TASK_STATUS_DONE, TASK_STATUS_NEW, TASK_STATUS_REQUESTED, TASK_STATUS_RUNNING, TASK_STATUS_STOP_REQUESTED, TASK_STATUS_STOP_REQUESTED_GIVEUP, TASK_STATUS_STOP_WAITING, and TASK_STATUS_STOPPED.
int set_certs | ( | const char * | ca_pub, |
const char * | key_pub, | ||
const char * | key_priv | ||
) |
Initialise OpenVAS scanner variables, checking for defaults.
[in] | ca_pub | CA Certificate. |
[in] | key_pub | Scanner Certificate. |
[in] | key_priv | Scanner private key. |
Definition at line 4312 of file manage.c.
References manage_default_ca_cert(), and openvas_scanner_set_certs().
Referenced by manage_scanner_set().
void set_schedule_timeout | ( | int | new_timeout | ) |
void set_scheduled_user_uuid | ( | gchar * | user_uuid | ) |
Set UUID of user that scheduled the current task.
user_uuid | UUID of user that scheduled the current task. |
Definition at line 6462 of file manage.c.
References schedule_user_uuid, and user_uuid().
void severity_data_add | ( | severity_data_t * | severity_data, |
double | severity | ||
) |
Add a severity occurrence to the counts of a severity_data_t.
[in] | severity_data | The severity count struct to add to. |
[in] | severity | The severity to add. |
Definition at line 860 of file manage.c.
References severity_data_t::counts, severity_data_t::max, severity_data_index(), and severity_data_t::total.
void severity_data_add_count | ( | severity_data_t * | severity_data, |
double | severity, | ||
int | count | ||
) |
Add a multiple severity occurrences to the counts of a severity_data_t.
[in] | severity_data | The severity count struct to add to. |
[in] | severity | The severity to add. |
[in] | count | The number of occurrences to add. |
Definition at line 878 of file manage.c.
int severity_data_index | ( | double | severity | ) |
Convert a severity value into an index in the counts array.
[in] | severity | Severity value. |
Definition at line 789 of file manage.c.
References SEVERITY_DEBUG, SEVERITY_ERROR, SEVERITY_FP, SEVERITY_SUBDIVISIONS, and ZERO_SEVERITY_INDEX.
Referenced by severity_data_add().
void severity_data_level_counts | ( | const severity_data_t * | severity_data, |
const gchar * | severity_class, | ||
int * | errors, | ||
int * | debugs, | ||
int * | false_positives, | ||
int * | logs, | ||
int * | lows, | ||
int * | mediums, | ||
int * | highs | ||
) |
Count the occurrences of severities in the levels.
[in] | severity_data | The severity counts data to evaluate. |
[in] | severity_class | The severity class setting to use. |
[out] | errors | The number of error messages. |
[out] | debugs | The number of debug messages. |
[out] | false_positives | The number of False Positives. |
[out] | logs | The number of Log messages. |
[out] | lows | The number of Low severity results. |
[out] | mediums | The number of Medium severity results. |
[out] | highs | The number of High severity results. |
Definition at line 930 of file manage.c.
References level_max_severity(), level_min_severity(), and severity_data_range_count().
int severity_data_range_count | ( | const severity_data_t * | severity_data, |
double | min_severity, | ||
double | max_severity | ||
) |
Calculate the total of severity counts in a range.
[in] | severity_data | The severity data struct to get counts from. |
[in] | min_severity | The minimum severity included in the range. |
[in] | max_severity | The maximum severity included in the range. |
Definition at line 899 of file manage.c.
Referenced by severity_data_level_counts().
double severity_data_value | ( | int | index | ) |
Convert an index in the counts array to a severity value.
[in] | index | Index in the counts array. |
Definition at line 811 of file manage.c.
References SEVERITY_MAX, SEVERITY_MISSING, SEVERITY_SUBDIVISIONS, and ZERO_SEVERITY_INDEX.
int severity_in_level | ( | double | severity, |
const char * | level | ||
) |
Check whether a severity falls within a threat level.
[in] | severity | Severity. |
[in] | level | Threat level. |
Definition at line 583 of file manage.c.
References setting_severity().
Referenced by severity_to_level(), and sql_severity_in_level().
int severity_matches_ov | ( | double | severity, |
double | ov_severity | ||
) |
Check whether a severity matches an override's severity.
[in] | severity | severity score |
[in] | ov_severity | override severity score to match |
Definition at line 635 of file manage.c.
Referenced by sql_severity_matches_ov().
const char* severity_to_level | ( | double | severity, |
int | mode | ||
) |
Get the threat level matching a severity score.
[in] | severity | severity score |
[in] | mode | 0 for normal levels, 1 to use "Alarm" for severity > 0.0 |
Definition at line 652 of file manage.c.
References SEVERITY_DEBUG, SEVERITY_ERROR, SEVERITY_FP, severity_in_level(), and SEVERITY_LOG.
Referenced by sql_severity_to_level().
const char* severity_to_type | ( | double | severity | ) |
Get the message type matching a severity score.
[in] | severity | severity score |
Definition at line 691 of file manage.c.
References SEVERITY_DEBUG, SEVERITY_ERROR, SEVERITY_FP, and SEVERITY_LOG.
Referenced by sql_severity_to_type().
int slave_authenticate | ( | gnutls_session_t * | session, |
scanner_t | slave | ||
) |
Authenticate with a slave.
[in] | session | GNUTLS session. |
[in] | slave | Slave. |
Definition at line 2074 of file manage.c.
References scanner_login(), and scanner_password().
void slist_free | ( | GSList * | list | ) |
Free an slist of pointers, including the pointers.
[in] | list | The list. |
int start_task | ( | const char * | task_id, |
char ** | report_id | ||
) |
Start a task.
Use send_to_server to queue the task start sequence in the scanner output buffer.
Only one task can run at a time in a process.
[in] | task_id | The task ID. |
[out] | report_id | The report ID. |
Definition at line 5399 of file manage.c.
References acl_user_may().
int stop_task | ( | const char * | task_id | ) |
Initiate stopping a task.
Use send_to_server to queue the task stop sequence in the scanner output buffer.
[in] | task_id | Task UUID. |
Definition at line 5514 of file manage.c.
References acl_user_may(), config_type(), find_task_with_permission(), task_config(), and task_id().
int stop_task_internal | ( | task_t | task | ) |
Initiate stopping a task.
Use send_to_server to queue the task stop sequence in the scanner output buffer.
[in] | task | Task. |
Definition at line 5447 of file manage.c.
References current_scanner_task, task_run_status(), task_scanner(), TASK_STATUS_REQUESTED, and TASK_STATUS_RUNNING.
Referenced by move_task().
const char* threat_message_type | ( | const char * | threat | ) |
gchar* truncate_certificate | ( | const gchar * | certificate | ) |
Truncate a certificate, removing extra data.
[in] | certificate | The certificate. |
Definition at line 174 of file manage.c.
Referenced by get_certificate_info().
gchar* truncate_private_key | ( | const gchar * | private_key | ) |
int type_is_scap | ( | const char * | type | ) |
const char* type_name | ( | const char * | type | ) |
const char* type_name_plural | ( | const char * | type | ) |
int update_end_times | ( | entity_t | report | ) |
Update end times, and optionally add host details.
[in] | report | Report. |
Definition at line 2202 of file manage.c.
References current_report, current_scanner_task, manage_report_host_details(), scan_host_end_time(), set_scan_end_time(), set_scan_host_end_time(), and set_task_end_time().
int update_slave_progress | ( | entity_t | get_tasks | ) |
Update the locally cached task progress from the slave.
[in] | get_tasks | Slave GET_TASKS response. |
Definition at line 2025 of file manage.c.
References current_report, and set_report_slave_progress().
int validate_username | ( | const gchar * | name | ) |
gchar* xsl_transform | ( | gchar * | stylesheet, |
gchar * | xmlfile, | ||
gchar ** | param_names, | ||
gchar ** | param_values | ||
) |
Run xsltproc in an external process.
[in] | stylesheet | XSL stylesheet to use. |
[in] | xmlfile | XML file to process. |
[in] | param_names | NULL terminated array of stringparam names (can be NULL). |
[in] | param_values | NULL terminated array of stringparam values (can be NULL). |
Definition at line 7535 of file manage.c.
int authenticate_allow_all = 0 |
Flag for manage_auth_allow_all.
1 if set via scheduler, 2 if set via event, else 0.
Definition at line 6426 of file manage.c.
Referenced by manage_auth_allow_all().
credentials_t current_credentials |
Current credentials during any OMP command.
Definition at line 717 of file manage.c.
Referenced by acl_user_has_access_uuid(), acl_user_has_super_on(), acl_user_has_super_on_resource(), acl_user_is_owner(), acl_user_may(), acl_user_owns(), acl_user_owns_name(), acl_user_owns_trash_uuid(), acl_user_owns_uuid(), acl_users_with_access_sql(), acl_where_owned(), acl_where_owned_for_get(), copy_alert(), copy_resource(), manage_scanner_set(), manage_schedule(), migrate_168_to_169(), set_task_groups(), set_task_observers(), stop_active_tasks(), task_severity_double(), and user_ensure_in_db().
The report of the current task.
Definition at line 1003 of file manage.c.
Referenced by manage_reset_currents(), update_end_times(), and update_slave_progress().
The task currently running on the scanner.
Definition at line 998 of file manage.c.
Referenced by manage_check_current_task(), manage_cleanup_process_error(), manage_reset_currents(), stop_task_internal(), and update_end_times().
gchar* schedule_user_uuid = NULL |
UUID of user whose scheduled task is to be started (in connection with authenticate_allow_all).
Definition at line 6432 of file manage.c.
Referenced by get_scheduled_user_uuid(), and set_scheduled_user_uuid().
gchar* slave_config_uuid = NULL |
openvas_connection_t* slave_connection = NULL |
gchar* slave_esxi_credential_uuid = NULL |
gchar* slave_port_list_uuid = NULL |
gchar* slave_smb_credential_uuid = NULL |
gchar* slave_snmp_credential_uuid = NULL |
gchar* slave_ssh_credential_uuid = NULL |
gchar* slave_target_uuid = NULL |
gchar* slave_task_uuid = NULL |
volatile int termination_signal |
Flag for signal handlers.
Definition at line 256 of file openvasmd.c.
Referenced by handle_termination_signal().