Greenbone Security Assistant
Macros | Functions | Variables
gsad.c File Reference

Main module of Greenbone Security Assistant daemon. More...

#include <arpa/inet.h>
#include <assert.h>
#include <errno.h>
#include <gcrypt.h>
#include <glib.h>
#include <gnutls/gnutls.h>
#include <grp.h>
#include <netinet/in.h>
#include <pthread.h>
#include <pwd.h>
#include <signal.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/socket.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/un.h>
#include <unistd.h>
#include "gsad_base.h"
#include "gsad_credentials.h"
#include "gsad_gmp.h"
#include "gsad_gmp_auth.h"
#include "gsad_http.h"
#include "gsad_http_handler.h"
#include "gsad_i18n.h"
#include "gsad_params.h"
#include "gsad_session.h"
#include "gsad_settings.h"
#include "gsad_user.h"
#include "utils.h"
#include "validator.h"
#include <gvm/base/logging.h>
#include <gvm/base/networking.h>
#include <gvm/base/pidfile.h>
#include <gvm/util/fileutils.h>
#include <microhttpd.h>

Macros

#define _GNU_SOURCE   /* for strcasecmp */
 The Glib fatal mask, redefined to leave out G_LOG_FLAG_RECURSION. More...
 
#define G_LOG_DOMAIN   "gsad main"
 GLib log domain. More...
 
#define G_LOG_FATAL_MASK   G_LOG_LEVEL_ERROR
 
#define MHD_USE_INTERNAL_POLLING_THREAD   0
 
#define DEFAULT_GSAD_HTTPS_PORT   443
 Fallback GSAD port for HTTPS. More...
 
#define DEFAULT_GSAD_HTTP_PORT   80
 Fallback GSAD port for HTTP. More...
 
#define DEFAULT_GSAD_PORT   9392
 Fallback unprivileged GSAD port. More...
 
#define DEFAULT_GSAD_REDIRECT_PORT   80
 Fallback GSAD port. More...
 
#define DEFAULT_GVM_PORT   9390
 Fallback Manager port. More...
 
#define SESSION_TIMEOUT   15
 Max number of minutes between activity in a session. More...
 
#define MAX_SESSION_TIMEOUT   40320
 Upper limit of minutes for a session timeout. Currently 4 weeks. More...
 
#define DEFAULT_CLIENT_WATCH_INTERVAL   1
 Default value for client_watch_interval. More...
 
#define DEFAULT_WEB_DIRECTORY   "web"
 Default directory for web content. More...
 
#define DEFAULT_GSAD_X_FRAME_OPTIONS   "SAMEORIGIN"
 Default value for HTTP header "X-Frame-Options". More...
 
#define DEFAULT_GSAD_CONTENT_SECURITY_POLICY
 Default value for HTTP header "Content-Security-Policy". More...
 
#define DEFAULT_GSAD_HSTS_MAX_AGE   31536000
 Default "max-age" for HTTP header "Strict-Transport-Security". More...
 
#define DEFAULT_GSAD_PER_IP_CONNECTION_LIMIT   30
 Default value for the maximum number of connection per IP address. More...
 
#define COPYRIGHT
 
#define ELSE(name)
 
#define ELSE(name)
 

Functions

void init_validator ()
 Initialise the parameter validator. More...
 

Variables

volatile int termination_signal = 0
 Flag for signal handler. More...
 
 GCRY_THREAD_OPTION_PTHREAD_IMPL
 Libgcrypt thread callback definition for libgcrypt < 1.6.0. More...
 
struct MHD_Daemon * gsad_daemon
 The handle on the embedded HTTP daemon. More...
 
GSList * address_list = NULL
 The IP addresses of this program, "the GSAD". More...
 
gchar * redirect_location = NULL
 Location for redirection server. More...
 
pid_t redirect_pid = 0
 PID of redirect child in parent, 0 in child. More...
 
pid_t unix_pid = 0
 PID of unix socket child in parent, 0 in child. More...
 
GSList * log_config = NULL
 Logging parameters, as passed to setup_log_handlers. More...
 
int chroot_state = 0
 Whether chroot is used. More...
 
int client_watch_interval = DEFAULT_CLIENT_WATCH_INTERVAL
 Interval in seconds to check whether client connection was closed. More...
 
validator_t validator
 Parameter validator. More...
 

Detailed Description

Main module of Greenbone Security Assistant daemon.

This file contains the core of the GSA server process that handles HTTPS requests and communicates with Greenbone Vulnerability Manager via the GMP protocol.

Macro Definition Documentation

◆ _GNU_SOURCE

#define _GNU_SOURCE   /* for strcasecmp */

The Glib fatal mask, redefined to leave out G_LOG_FLAG_RECURSION.

◆ COPYRIGHT

#define COPYRIGHT
Value:
"Copyright (C) 2010 - 2020 Greenbone Networks GmbH\n" \
"License: AGPL-3.0-or-later\n" \
"This is free software: you are free to change and redistribute it.\n" \
"There is NO WARRANTY, to the extent permitted by law.\n\n"

◆ DEFAULT_CLIENT_WATCH_INTERVAL

#define DEFAULT_CLIENT_WATCH_INTERVAL   1

Default value for client_watch_interval.

◆ DEFAULT_GSAD_CONTENT_SECURITY_POLICY

#define DEFAULT_GSAD_CONTENT_SECURITY_POLICY
Value:
"default-src 'self' 'unsafe-inline';" \
" img-src 'self' blob:;" \
" frame-ancestors 'self'"

Default value for HTTP header "Content-Security-Policy".

◆ DEFAULT_GSAD_HSTS_MAX_AGE

#define DEFAULT_GSAD_HSTS_MAX_AGE   31536000

Default "max-age" for HTTP header "Strict-Transport-Security".

◆ DEFAULT_GSAD_HTTP_PORT

#define DEFAULT_GSAD_HTTP_PORT   80

Fallback GSAD port for HTTP.

◆ DEFAULT_GSAD_HTTPS_PORT

#define DEFAULT_GSAD_HTTPS_PORT   443

Fallback GSAD port for HTTPS.

◆ DEFAULT_GSAD_PER_IP_CONNECTION_LIMIT

#define DEFAULT_GSAD_PER_IP_CONNECTION_LIMIT   30

Default value for the maximum number of connection per IP address.

◆ DEFAULT_GSAD_PORT

#define DEFAULT_GSAD_PORT   9392

Fallback unprivileged GSAD port.

◆ DEFAULT_GSAD_REDIRECT_PORT

#define DEFAULT_GSAD_REDIRECT_PORT   80

Fallback GSAD port.

◆ DEFAULT_GSAD_X_FRAME_OPTIONS

#define DEFAULT_GSAD_X_FRAME_OPTIONS   "SAMEORIGIN"

Default value for HTTP header "X-Frame-Options".

◆ DEFAULT_GVM_PORT

#define DEFAULT_GVM_PORT   9390

Fallback Manager port.

◆ DEFAULT_WEB_DIRECTORY

#define DEFAULT_WEB_DIRECTORY   "web"

Default directory for web content.

◆ ELSE [1/2]

#define ELSE (   name)
Value:
else if (!strcmp (cmd, G_STRINGIFY (name))) res = \
name##_gmp (&connection, credentials, con_info->params, response_data);
Structure of credential related information.
Definition: gsad_credentials.c:34

◆ ELSE [2/2]

#define ELSE (   name)
Value:
else if (!strcmp (cmd, G_STRINGIFY (name))) res = \
name##_gmp (&connection, credentials, params, response_data);

◆ G_LOG_DOMAIN

#define G_LOG_DOMAIN   "gsad main"

GLib log domain.

◆ G_LOG_FATAL_MASK

#define G_LOG_FATAL_MASK   G_LOG_LEVEL_ERROR

◆ MAX_SESSION_TIMEOUT

#define MAX_SESSION_TIMEOUT   40320

Upper limit of minutes for a session timeout. Currently 4 weeks.

◆ MHD_USE_INTERNAL_POLLING_THREAD

#define MHD_USE_INTERNAL_POLLING_THREAD   0

◆ SESSION_TIMEOUT

#define SESSION_TIMEOUT   15

Max number of minutes between activity in a session.

Function Documentation

◆ init_validator()

void init_validator ( )

Initialise the parameter validator.

Variable Documentation

◆ address_list

GSList* address_list = NULL

The IP addresses of this program, "the GSAD".

◆ chroot_state

int chroot_state = 0

Whether chroot is used.

◆ client_watch_interval

int client_watch_interval = DEFAULT_CLIENT_WATCH_INTERVAL

Interval in seconds to check whether client connection was closed.

◆ GCRY_THREAD_OPTION_PTHREAD_IMPL

GCRY_THREAD_OPTION_PTHREAD_IMPL

Libgcrypt thread callback definition for libgcrypt < 1.6.0.

◆ gsad_daemon

struct MHD_Daemon* gsad_daemon

The handle on the embedded HTTP daemon.

◆ log_config

GSList* log_config = NULL

Logging parameters, as passed to setup_log_handlers.

Todo:
Ensure the accesses to these are thread safe.

◆ redirect_location

gchar* redirect_location = NULL

Location for redirection server.

◆ redirect_pid

pid_t redirect_pid = 0

PID of redirect child in parent, 0 in child.

◆ termination_signal

volatile int termination_signal = 0

Flag for signal handler.

◆ unix_pid

pid_t unix_pid = 0

PID of unix socket child in parent, 0 in child.

◆ validator

validator_t validator

Parameter validator.