Greenbone Vulnerability Manager  8.0.0~git
Data Structures | Macros | Functions | Variables
manage.c File Reference

The Greenbone Vulnerability Manager management library. More...

#include "manage.h"
#include "comm.h"
#include "manage_acl.h"
#include "manage_sql.h"
#include "manage_sql_nvts.h"
#include "manage_sql_secinfo.h"
#include "manage_sql_tickets.h"
#include "scanner.h"
#include "utils.h"
#include <assert.h>
#include <ctype.h>
#include <dirent.h>
#include <errno.h>
#include <fcntl.h>
#include <glib.h>
#include <gnutls/x509.h>
#include <gvm/base/cvss.h>
#include <gvm/base/hosts.h>
#include <gvm/base/proctitle.h>
#include <gvm/gmp/gmp.h>
#include <gvm/util/fileutils.h>
#include <gvm/util/serverutils.h>
#include <gvm/util/uuidutils.h>
#include <locale.h>
#include <math.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <strings.h>
#include <sys/file.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <time.h>
#include <unistd.h>

Data Structures

struct  scheduled_task_t
 Task info, for scheduler. More...
 

Macros

#define _XOPEN_SOURCE
 Enable extra functions. More...
 
#define _GNU_SOURCE
 Enable extra GNU functions. More...
 
#define G_LOG_DOMAIN   "md manage"
 GLib log domain.
 
#define CPE_GETBYNAME_XSL   GVM_SCAP_RES_DIR "/cpe_getbyname.xsl"
 CPE selection stylesheet location.
 
#define CVE_GETBYNAME_XSL   GVM_SCAP_RES_DIR "/cve_getbyname.xsl"
 CVE selection stylesheet location.
 
#define OVALDEF_GETBYNAME_XSL   GVM_SCAP_RES_DIR "/ovaldef_getbyname.xsl"
 OVALDEF selection stylesheet location.
 
#define CERT_BUND_ADV_GETBYNAME_XSL   GVM_CERT_RES_DIR "/cert_bund_getbyname.xsl"
 CERT_BUND_ADV selection stylesheet location.
 
#define DFN_CERT_ADV_GETBYNAME_XSL   GVM_CERT_RES_DIR "/dfn_cert_getbyname.xsl"
 DFN_CERT_ADV selection stylesheet location.
 
#define CPE_DICT_FILENAME   GVM_SCAP_DATA_DIR "/official-cpe-dictionary_v2.2.xml"
 CPE dictionary location.
 
#define CVE_FILENAME_FMT   GVM_SCAP_DATA_DIR "/nvdcve-2.0-%d.xml"
 CVE data files location format string. More...
 
#define CERT_BUND_ADV_FILENAME_FMT   GVM_CERT_DATA_DIR "/CB-K%02d.xml"
 CERT-Bund data files location format string. More...
 
#define DFN_CERT_ADV_FILENAME_FMT   GVM_CERT_DATA_DIR "/dfn-cert-%04d.xml"
 DFN-CERT data files location format string. More...
 
#define SCAP_TIMESTAMP_FILENAME   GVM_SCAP_DATA_DIR "/timestamp"
 SCAP timestamp location.
 
#define CERT_TIMESTAMP_FILENAME   GVM_CERT_DATA_DIR "/timestamp"
 CERT timestamp location.
 
#define MAX_CHECKS_DEFAULT   "4"
 Default for Scanner max_checks preference.
 
#define MAX_HOSTS_DEFAULT   "20"
 Default for Scanner max_hosts preference.
 
#define ZERO_SEVERITY_INDEX   4
 Array index of severity 0.0 in the severity_data_t.counts array.
 
#define RUN_SLAVE_TASK_SLEEP_SECONDS   25
 Number of seconds to sleep between polls to slave.
 
#define COMMAND   "gvmcg 0 titles"
 Command called by get_system_report_types. gvmcg stands for gvm-create-graphs.
 
#define FALLBACK_SYSTEM_REPORT_HEADER
 Header for fallback system report. More...
 
#define DEFAULT_DURATION   86400L
 Default duration for system reports.
 
#define DEF(x)
 Define a code snippet for get_nvti_xml. More...
 

Functions

gchar * truncate_certificate (const gchar *certificate)
 Truncate a certificate, removing extra data. More...
 
gchar * truncate_private_key (const gchar *private_key)
 Truncate a private key, removing extra data. More...
 
int get_certificate_info (const gchar *certificate, time_t *activation_time, time_t *expiration_time, gchar **fingerprint, gchar **issuer)
 Gathers info from a certificate. More...
 
gchar * certificate_iso_time (time_t time)
 Converts a certificate time to an ISO time string. More...
 
const gchar * certificate_time_status (time_t activates, time_t expires)
 Tests the activation and expiration time of a certificate. More...
 
static void truncate_text (gchar *string, size_t max_len, gboolean xml, const char *suffix)
 Truncates text to a maximum length, optionally appends a suffix. More...
 
gchar * xml_escape_text_truncated (const char *string, size_t max_len, const char *suffix)
 XML escapes text truncating to a maximum length with a suffix. More...
 
static void slist_free (GSList *list)
 Free an slist of pointers, including the pointers. More...
 
const char * type_name_plural (const char *type)
 Return the plural name of a resource type. More...
 
const char * type_name (const char *type)
 Return the name of a resource type. More...
 
int type_is_scap (const char *type)
 Check if a type is a SCAP type. More...
 
static int check_available (const gchar *type, resource_t resource, const gchar *permission)
 Check whether a resource is available. More...
 
const char * threat_message_type (const char *threat)
 Get the message type of a threat. More...
 
const char * message_type_threat (const char *type)
 Get the threat of a message type. More...
 
int severity_in_level (double severity, const char *level)
 Check whether a severity falls within a threat level. More...
 
int severity_matches_ov (double severity, double ov_severity)
 Check whether a severity matches an override's severity. More...
 
const char * severity_to_level (double severity, int mode)
 Get the threat level matching a severity score. More...
 
const char * severity_to_type (double severity)
 Get the message type matching a severity score. More...
 
int delete_reports (task_t task)
 Delete all the reports for a task. More...
 
static gchar * report_results_filter_term (int first, int rows, int apply_overrides, int autofp, int min_qod)
 Create a basic filter term to get report results. More...
 
get_data_treport_results_get_data (int first, int rows, int apply_overrides, int autofp, int min_qod)
 Create a new basic get_data_t struct to get report results. More...
 
static int severity_data_index (double severity)
 Convert a severity value into an index in the counts array. More...
 
double severity_data_value (int index)
 Convert an index in the counts array to a severity value. More...
 
void init_severity_data (severity_data_t *data)
 Initialize a severity data structure. More...
 
void cleanup_severity_data (severity_data_t *data)
 Clean up a severity data structure. More...
 
void severity_data_add (severity_data_t *severity_data, double severity)
 Add a severity occurrence to the counts of a severity_data_t. More...
 
void severity_data_add_count (severity_data_t *severity_data, double severity, int count)
 Add a multiple severity occurrences to the counts of a severity_data_t. More...
 
static int severity_data_range_count (const severity_data_t *severity_data, double min_severity, double max_severity)
 Calculate the total of severity counts in a range. More...
 
void severity_data_level_counts (const severity_data_t *severity_data, const gchar *severity_class, int *errors, int *debugs, int *false_positives, int *logs, int *lows, int *mediums, int *highs)
 Count the occurrences of severities in the levels. More...
 
void alert_report_data_free (alert_report_data_t *data)
 Frees a alert_report_data_t struct, including contained data. More...
 
void alert_report_data_reset (alert_report_data_t *data)
 Frees content of an alert_report_data_t, but not the struct itself. More...
 
const char * alert_condition_name (alert_condition_t condition)
 Get the name of an alert condition. More...
 
const char * event_name (event_t event)
 Get the name of an alert event. More...
 
gchar * alert_condition_description (alert_condition_t condition, alert_t alert)
 Get a description of an alert condition. More...
 
gchar * event_description (event_t event, const void *event_data, const char *task_name)
 Get a description of an alert event. More...
 
const char * alert_method_name (alert_method_t method)
 Get the name of an alert method. More...
 
alert_condition_t alert_condition_from_name (const char *name)
 Get an alert condition from a name. More...
 
event_t event_from_name (const char *name)
 Get an event from a name. More...
 
alert_method_t alert_method_from_name (const char *name)
 Get an alert method from a name. More...
 
const char * run_status_name (task_status_t status)
 Get the name of a run status. More...
 
const char * run_status_name_internal (task_status_t status)
 Get the unique name of a run status. More...
 
static GSList * get_files_to_send (task_t task)
 Get files to send. More...
 
static gchar * nvt_selector_plugins (config_t config)
 Return the plugins of a config, as a semicolon separated string. More...
 
static gchar * preference_value (const char *name, const char *full_value)
 Return the real value of a preference. More...
 
static int send_config_preferences (config_t config, const char *section_name, GSList *task_files, GPtrArray *pref_files)
 Send the preferences from a config to the scanner. More...
 
static int send_task_preferences (task_t task)
 Send task preferences to the scanner. More...
 
static int send_ifaces_access_preferences (void)
 Send ifaces_allow and ifaces_deny preferences to scanner. More...
 
static int send_hosts_access_preferences (void)
 Send ifaces_allow and ifaces_deny preferences to scanner. More...
 
static char * finished_hosts_str (report_t stopped_report)
 Gives a comma-separated list of a report's finished hosts. More...
 
static int send_scanner_preferences (task_t task, target_t target, report_t stopped_report)
 Send some scanner preferences to the scanner. More...
 
static int send_file (const char *name, const char *content)
 Send a file to the scanner. More...
 
static int send_task_file (task_t task, const char *file)
 Send a file from a task to the scanner. More...
 
static int send_alive_test_preferences (target_t target)
 Send target "Alive Test" preferences to the scanner. More...
 
void buffer_config_preference_xml (GString *, iterator_t *, config_t, int)
 Buffer XML for the NVT preference of a config. More...
 
static int update_slave_progress (entity_t get_tasks)
 Update the locally cached task progress from the slave. More...
 
static int connection_authenticate (gvm_connection_t *connection)
 Authenticate with a slave. More...
 
static int slave_authenticate (gnutls_session_t *session, scanner_t slave)
 Authenticate with a slave. More...
 
static int slave_connect (gvm_connection_t *connection)
 Connect to a slave. More...
 
static int slave_sleep_connect (gvm_connection_t *connection, task_t task)
 Sleep then connect to slave. Retry until success or giveup requested. More...
 
static int update_end_times (entity_t report)
 Update end times, and optionally add host details. More...
 
static void cleanup_slave ()
 Cleanup slave. Callback for atexit.
 
static gchar * get_tasks_last_report (entity_t get_tasks)
 Get last report from GET_TASKS response. More...
 
static int setup_ids (gvm_connection_t *connection, task_t task, entity_t get_tasks, gchar **slave_config_uuid, gchar **slave_target_uuid, gchar **slave_port_list_uuid, gchar **slave_ssh_credential_uuid, gchar **slave_smb_credential_uuid, gchar **slave_esxi_credential_uuid, gchar **slave_snmp_credential_uuid)
 Setup ID variables for slave_setup. More...
 
void set_task_interrupted (task_t task, const gchar *message)
 Set a task to interrupted. More...
 
static int slave_setup (gvm_connection_t *connection, const char *name, task_t task, target_t target, credential_t target_ssh_credential, credential_t target_smb_credential, credential_t target_esxi_credential, credential_t target_snmp_credential, report_t last_stopped_report)
 Setup a task on a slave. More...
 
static int handle_slave_task (task_t task, target_t target, credential_t target_ssh_credential, credential_t target_smb_credential, credential_t target_esxi_credential, credential_t target_snmp_credential, report_t last_stopped_report, gvm_connection_t *connection, const gchar *slave_id, const gchar *slave_name)
 Start a task on a slave. More...
 
static GHashTable * task_scanner_options (task_t task, target_t target)
 Give a task's OSP scan options in a hash table. More...
 
static void delete_osp_scan (const char *report_id, const char *host, int port, const char *ca_pub, const char *key_pub, const char *key_priv)
 Delete an OSP scan. More...
 
static int get_osp_scan_report (const char *scan_id, const char *host, int port, const char *ca_pub, const char *key_pub, const char *key_priv, int details, char **report_xml)
 Get an OSP scan's report. More...
 
static int handle_osp_scan (task_t task, report_t report, const char *scan_id)
 Handle an ongoing OSP scan, until success or failure. More...
 
static GHashTable * get_osp_task_options (task_t task, target_t target)
 Get an OSP Task's scan options. More...
 
static int launch_osp_task (task_t task, target_t target, const char *scan_id, char **error)
 Launch an OSP task. More...
 
static int fork_osp_scan_handler (task_t task, target_t target)
 Fork a child to handle an OSP scan's fetching and inserting. More...
 
static int run_osp_task (task_t task)
 Start a task on an OSP scanner. More...
 
static int cve_scan_host (task_t task, gvm_host_t *gvm_host)
 Perform a CVE "scan" on a host. More...
 
static int fork_cve_scan_handler (task_t task, target_t target)
 Fork a child to handle a CVE scan's calculating and inserting. More...
 
static int run_cve_task (task_t task)
 Start a CVE task. More...
 
int set_certs (const char *ca_pub, const char *key_pub, const char *key_priv)
 Initialise OpenVAS scanner variables, checking for defaults. More...
 
static int scanner_setup (scanner_t scanner)
 Initialise some values of the OpenVAS scanner. More...
 
static int run_task_setup (task_t task, config_t *config, target_t *target, port_list_t *port_list, credential_t *ssh_credential, credential_t *smb_credential, credential_t *esxi_credential, credential_t *snmp_credential)
 Initialise variables required for running a scan. More...
 
static int run_task_prepare_report (task_t task, char **report_id, int from, task_status_t run_status, report_t *last_stopped_report)
 Prepare report for running a task. More...
 
static int run_slave_or_gmp_task (task_t task, int from, char **report_id, gvm_connection_t *connection, const gchar *slave_id, const gchar *slave_name)
 Start a slave/GMP task. More...
 
static int run_gmp_task (task_t task, scanner_t scanner, int from, char **report_id)
 Start a task on a GMP scanner. More...
 
static int run_otp_task (task_t task, scanner_t scanner, int from, char **report_id)
 Start an OTP scanner task. More...
 
static int run_task (const char *task_id, char **report_id, int from)
 Start or resume a task. More...
 
int start_task (const char *task_id, char **report_id)
 Start a task. More...
 
static int stop_osp_task (task_t task)
 Stop an OSP task. More...
 
int stop_task_internal (task_t task)
 Initiate stopping a task. More...
 
int stop_task (const char *task_id)
 Initiate stopping a task. More...
 
int resume_task (const char *task_id, char **report_id)
 Resume a task. More...
 
int move_task (const char *task_id, const char *slave_id)
 Reassign a task to another slave. More...
 
int acknowledge_bye ()
 Acknowledge a scanner BYE. More...
 
int acknowledge_feed_version_info ()
 Acknowledge scanner PLUGINS_FEED_VERSION message,. More...
 
int manage_check_current_task ()
 Handle state changes to current task made by other processes. More...
 
const char * credential_full_type (const char *abbreviation)
 Get the written-out name of an LSC Credential type. More...
 
static int get_slave_system_report_types (const char *required_type, gchar ***start, gchar ***types, const char *slave_id)
 Get system report types from a slave. More...
 
static int get_system_report_types (const char *required_type, gchar ***start, gchar ***types, const char *slave_id)
 Get system report types. More...
 
int init_system_report_type_iterator (report_type_iterator_t *iterator, const char *type, const char *slave_id)
 Initialise a system report type iterator. More...
 
void cleanup_report_type_iterator (report_type_iterator_t *iterator)
 Cleanup a report type iterator. More...
 
gboolean next_report_type (report_type_iterator_t *iterator)
 Increment a report type iterator. More...
 
const char * report_type_iterator_name (report_type_iterator_t *iterator)
 Return the name from a report type iterator. More...
 
const char * report_type_iterator_title (report_type_iterator_t *iterator)
 Return the title from a report type iterator. More...
 
static int slave_system_report (const char *name, const char *duration, const char *start_time, const char *end_time, const char *slave_id, char **report)
 Get a system report from a slave. More...
 
int manage_system_report (const char *name, const char *duration, const char *start_time, const char *end_time, const char *slave_id, char **report)
 Get a system report. More...
 
void manage_auth_allow_all (int scheduled)
 Ensure that any subsequent authentications succeed. More...
 
const gchar * get_scheduled_user_uuid ()
 Access UUID of user that scheduled the current task. More...
 
void set_scheduled_user_uuid (const gchar *user_uuid)
 Set UUID of user that scheduled the current task. The previous value is freed and a copy of the UUID is created. More...
 
static scheduled_task_tscheduled_task_new (const gchar *task_uuid, const gchar *owner_uuid, const gchar *owner_name)
 Create a schedule task structure. More...
 
static void scheduled_task_free (scheduled_task_t *scheduled_task)
 Set UUID of user that scheduled the current task. More...
 
static int scheduled_task_start (scheduled_task_t *scheduled_task, manage_connection_forker_t fork_connection, sigset_t *sigmask_current)
 Start a task, for the scheduler. More...
 
static int scheduled_task_stop (scheduled_task_t *scheduled_task, manage_connection_forker_t fork_connection, sigset_t *sigmask_current)
 Stop a task, for the scheduler. More...
 
void manage_sync (sigset_t *sigmask_current, int(*fork_update_nvt_cache)())
 Perform any syncing that is due. More...
 
int manage_schedule (manage_connection_forker_t fork_connection, gboolean run_tasks, sigset_t *sigmask_current)
 Schedule any actions that are due. More...
 
int get_schedule_timeout ()
 Get the current schedule timeout. More...
 
void set_schedule_timeout (int new_timeout)
 Set the schedule timeout. More...
 
const char * report_format_param_type_name (report_format_param_type_t type)
 Get the name of a report format param type. More...
 
report_format_param_type_t report_format_param_type_from_name (const char *name)
 Get a report format param type from a name. More...
 
static int backup_file_name (const char *name)
 Return whether a name is a backup file name. More...
 
static int get_report_format_files (const char *dir_name, GPtrArray **start)
 Get files associated with a report format. More...
 
gchar * predefined_report_format_dir (const gchar *uuid)
 Get the directory of a report format. More...
 
int init_report_format_file_iterator (file_iterator_t *iterator, report_format_t report_format)
 Initialise a report format file iterator. More...
 
void cleanup_file_iterator (file_iterator_t *iterator)
 Cleanup a report type iterator. More...
 
gboolean next_file (file_iterator_t *iterator)
 Increment a report type iterator. More...
 
const char * file_iterator_name (file_iterator_t *iterator)
 Return the name from a file iterator. More...
 
gchar * file_iterator_content_64 (file_iterator_t *iterator)
 Return the file contents from a file iterator. More...
 
void parse_tags (const char *scanner_tags, gchar **tags, gchar **cvss_base)
 Split up the tags received from the scanner. More...
 
int delete_slave_task (const gchar *host, int port, const gchar *username, const gchar *password, const char *slave_task_uuid)
 Delete a task on a slave. More...
 
static char * get_cpe_filename ()
 Return the path to the CPE dictionary. More...
 
static char * get_cve_filename (char *item_id)
 Compute the filename where a given CVE can be found. More...
 
static char * get_ovaldef_filename (char *item_id)
 Get the filename where a given OVAL definition can be found. More...
 
static char * get_cert_bund_adv_filename (char *item_id)
 Compute the filename where a given CERT-Bund Advisory can be found. More...
 
static char * get_dfn_cert_adv_filename (char *item_id)
 Compute the filename where a given DFN-CERT Advisory can be found. More...
 
static gchar * xsl_transform (gchar *stylesheet, gchar *xmlfile, gchar **param_names, gchar **param_values)
 Run xsltproc in an external process. More...
 
gchar * get_nvti_xml (iterator_t *nvts, int details, int pref_count, int preferences, const char *timeout, config_t config, int close_tag)
 Create and return XML description for an NVT. More...
 
const char * manage_scap_update_time ()
 GET SCAP update time, as a string. More...
 
int manage_read_info (gchar *type, gchar *uid, gchar *name, gchar **result)
 Read raw information. More...
 
int validate_username (const gchar *name)
 Validates a username. More...
 

Variables

volatile int termination_signal
 Flag for signal handlers.
 
static int schedule_timeout = SCHEDULE_TIMEOUT_DEFAULT
 Number of minutes before overdue tasks timeout.
 
credentials_t current_credentials
 Current credentials during any GMP command.
 
task_t current_scanner_task = (task_t) 0
 The task currently running on the scanner.
 
report_t global_current_report = (report_t) 0
 The report of the current task.
 
static gchar * global_slave_ssh_credential_uuid = NULL
 Slave credential UUID.
 
static gchar * global_slave_smb_credential_uuid = NULL
 Slave credential UUID.
 
static gchar * global_slave_esxi_credential_uuid = NULL
 Slave credential UUID.
 
static gchar * global_slave_snmp_credential_uuid = NULL
 Slave credential UUID.
 
static gchar * global_slave_target_uuid = NULL
 Slave target UUID.
 
static gchar * global_slave_port_list_uuid = NULL
 Slave target UUID.
 
static gchar * global_slave_config_uuid = NULL
 Slave config UUID.
 
static gchar * global_slave_task_uuid = NULL
 Slave task UUID.
 
static gchar * global_slave_report_uuid = NULL
 Slave report UUID.
 
static gvm_connection_t * global_slave_connection = NULL
 Slave session.
 
int authenticate_allow_all = 0
 Flag for manage_auth_allow_all. More...
 
static gchar * schedule_user_uuid = NULL
 UUID of user whose scheduled task is to be started (in connection with authenticate_allow_all).
 

Detailed Description

The Greenbone Vulnerability Manager management library.

This file defines a management library, for implementing Managers such as the Greenbone Vulnerability Manager daemon.

This library provides facilities for storing and manipulating credential and task information, and manipulating reports. Task manipulation includes sending task commands to the OTP server (the "scanner") that is running the tasks.

Macro Definition Documentation

◆ _GNU_SOURCE

#define _GNU_SOURCE

Enable extra GNU functions.

pthread_sigmask () needs this with glibc < 2.19

◆ _XOPEN_SOURCE

#define _XOPEN_SOURCE

Enable extra functions.

time.h in glibc2 needs this for strptime.

◆ CERT_BUND_ADV_FILENAME_FMT

#define CERT_BUND_ADV_FILENAME_FMT   GVM_CERT_DATA_DIR "/CB-K%02d.xml"

CERT-Bund data files location format string.

d should be the year without the century (expressed as YY),

◆ CVE_FILENAME_FMT

#define CVE_FILENAME_FMT   GVM_SCAP_DATA_DIR "/nvdcve-2.0-%d.xml"

CVE data files location format string.

d should be the year expressed as YYYY.

◆ DEF

#define DEF (   x)
Value:
const char *x = nvt_iterator_##x (nvts); \
gchar *x##_text = x ? g_markup_escape_text (x, -1) : g_strdup ("");

Define a code snippet for get_nvti_xml.

Parameters
xPrefix for names in snippet.

◆ DFN_CERT_ADV_FILENAME_FMT

#define DFN_CERT_ADV_FILENAME_FMT   GVM_CERT_DATA_DIR "/dfn-cert-%04d.xml"

DFN-CERT data files location format string.

First d should be the year expressed as YYYY, second d should be should be Month expressed as MM.

◆ FALLBACK_SYSTEM_REPORT_HEADER

#define FALLBACK_SYSTEM_REPORT_HEADER
Value:
"This is the most basic, fallback report. The system can be configured " \
"to\n" \
"produce more powerful reports. Please contact your system administrator\n" \
"for more information.\n\n"

Header for fallback system report.

Function Documentation

◆ acknowledge_bye()

int acknowledge_bye ( )

Acknowledge a scanner BYE.

Returns
0 on success, -1 if out of space in scanner output buffer.

◆ acknowledge_feed_version_info()

int acknowledge_feed_version_info ( )

Acknowledge scanner PLUGINS_FEED_VERSION message,.

requesting all plugin info.

Returns
0 on success, -1 if out of space in scanner output buffer.

◆ alert_condition_description()

gchar* alert_condition_description ( alert_condition_t  condition,
alert_t  alert 
)

Get a description of an alert condition.

Parameters
[in]conditionCondition.
[in]alertAlert.
Returns
Freshly allocated description of condition.

◆ alert_condition_from_name()

alert_condition_t alert_condition_from_name ( const char *  name)

Get an alert condition from a name.

Parameters
[in]nameCondition name.
Returns
The condition.

◆ alert_condition_name()

const char* alert_condition_name ( alert_condition_t  condition)

Get the name of an alert condition.

Parameters
[in]conditionCondition.
Returns
The name of the condition (for example, "Always").

◆ alert_method_from_name()

alert_method_t alert_method_from_name ( const char *  name)

Get an alert method from a name.

Parameters
[in]nameMethod name.
Returns
The method.

◆ alert_method_name()

const char* alert_method_name ( alert_method_t  method)

Get the name of an alert method.

Parameters
[in]methodMethod.
Returns
The name of the method (for example, "Email" or "SNMP").

◆ alert_report_data_free()

void alert_report_data_free ( alert_report_data_t data)

Frees a alert_report_data_t struct, including contained data.

Parameters
[in]dataThe struct to free.

◆ alert_report_data_reset()

void alert_report_data_reset ( alert_report_data_t data)

Frees content of an alert_report_data_t, but not the struct itself.

Parameters
[in]dataThe struct to free.

◆ backup_file_name()

static int backup_file_name ( const char *  name)
static

Return whether a name is a backup file name.

Parameters
[in]nameName.
Returns
0 if normal file name, 1 if backup file name.

◆ buffer_config_preference_xml()

void buffer_config_preference_xml ( GString *  buffer,
iterator_t prefs,
config_t  config,
int  hide_passwords 
)

Buffer XML for the NVT preference of a config.

Todo:
g_convert back to ISO-8559-1 for scanner?
Parameters
[in]bufferBuffer.
[in]prefsNVT preference iterator.
[in]configConfig.
[in]hide_passwordsWhether to hide passwords.

◆ certificate_iso_time()

gchar* certificate_iso_time ( time_t  time)

Converts a certificate time to an ISO time string.

Parameters
[in]timeThe time as a time_t.
Returns
Newly allocated string.

◆ certificate_time_status()

const gchar* certificate_time_status ( time_t  activates,
time_t  expires 
)

Tests the activation and expiration time of a certificate.

Parameters
[in]activatesActivation time.
[in]expiresExpiration time.
Returns
Static status string.

◆ check_available()

static int check_available ( const gchar *  type,
resource_t  resource,
const gchar *  permission 
)
static

Check whether a resource is available.

Parameters
[in]typeType.
[out]resourceResource.
[out]permissionPermission required for this operation.
Returns
0 success, -1 error, 99 permission denied.

◆ cleanup_file_iterator()

void cleanup_file_iterator ( file_iterator_t iterator)

Cleanup a report type iterator.

Parameters
[in]iteratorIterator.

◆ cleanup_report_type_iterator()

void cleanup_report_type_iterator ( report_type_iterator_t iterator)

Cleanup a report type iterator.

Parameters
[in]iteratorIterator.

◆ cleanup_severity_data()

void cleanup_severity_data ( severity_data_t data)

Clean up a severity data structure.

Parameters
[in]dataThe data structure to initialize.

◆ connection_authenticate()

static int connection_authenticate ( gvm_connection_t *  connection)
static

Authenticate with a slave.

Parameters
[in]connectionConnection.
Returns
0 success, -1 error.

◆ credential_full_type()

const char* credential_full_type ( const char *  abbreviation)

Get the written-out name of an LSC Credential type.

Parameters
[in]abbreviationThe type abbreviation.
Returns
The written-out type name.

◆ cve_scan_host()

static int cve_scan_host ( task_t  task,
gvm_host_t *  gvm_host 
)
static

Perform a CVE "scan" on a host.

Parameters
[in]taskTask.
[in]gvm_hostHost.
Returns
0 success, 1 failed to get nthlast report for a host.

◆ delete_osp_scan()

static void delete_osp_scan ( const char *  report_id,
const char *  host,
int  port,
const char *  ca_pub,
const char *  key_pub,
const char *  key_priv 
)
static

Delete an OSP scan.

Parameters
[in]report_idReport ID.
[in]hostScanner host.
[in]portScanner port.
[in]ca_pubCA Certificate.
[in]key_pubCertificate.
[in]key_privPrivate key.

◆ delete_reports()

int delete_reports ( task_t  task)

Delete all the reports for a task.

It's up to the caller to ensure that this runs in a contention safe context (for example within an SQL transaction).

Parameters
[in]taskA task descriptor.
Returns
0 on success, -1 on error.

◆ delete_slave_task()

int delete_slave_task ( const gchar *  host,
int  port,
const gchar *  username,
const gchar *  password,
const char *  slave_task_uuid 
)

Delete a task on a slave.

Parameters
[in]hostSlave host.
[in]portSlave port.
[in]usernameSlave username.
[in]passwordSlave password.
[in]slave_task_uuidUUID of task on slave.
Returns
0 success, -1 error.

◆ event_description()

gchar* event_description ( event_t  event,
const void *  event_data,
const char *  task_name 
)

Get a description of an alert event.

Parameters
[in]eventEvent.
[in]event_dataEvent data.
[in]task_nameName of task if required in description, else NULL.
Returns
Freshly allocated description of event.

◆ event_from_name()

event_t event_from_name ( const char *  name)

Get an event from a name.

Parameters
[in]nameEvent name.
Returns
The event.

◆ event_name()

const char* event_name ( event_t  event)

Get the name of an alert event.

Parameters
[in]eventEvent.
Returns
The name of the event (for example, "Run status changed").

◆ file_iterator_content_64()

gchar* file_iterator_content_64 ( file_iterator_t iterator)

Return the file contents from a file iterator.

Parameters
[in]iteratorIterator.
Returns
Freshly allocated file contents, in base64.

◆ file_iterator_name()

const char* file_iterator_name ( file_iterator_t iterator)

Return the name from a file iterator.

Parameters
[in]iteratorIterator.
Returns
File name.

◆ finished_hosts_str()

static char* finished_hosts_str ( report_t  stopped_report)
static

Gives a comma-separated list of a report's finished hosts.

Parameters
[in]stopped_reportReport.
Returns
String of finished hosts if found, NULL otherwise.

◆ fork_cve_scan_handler()

static int fork_cve_scan_handler ( task_t  task,
target_t  target 
)
static

Fork a child to handle a CVE scan's calculating and inserting.

Parameters
[in]taskThe task.
[in]targetThe target.
Returns
Parent returns with 0 if success, -1 if failure. Child process doesn't return and simply exits.

◆ fork_osp_scan_handler()

static int fork_osp_scan_handler ( task_t  task,
target_t  target 
)
static

Fork a child to handle an OSP scan's fetching and inserting.

Parameters
[in]taskThe task.
[in]targetThe target.
Returns
Parent returns with 0 if success, -1 if failure. Child process doesn't return and simply exits.

◆ get_cert_bund_adv_filename()

static char* get_cert_bund_adv_filename ( char *  item_id)
static

Compute the filename where a given CERT-Bund Advisory can be found.

Parameters
[in]item_idCERT-Bund identifier without version ("CB-K??/????").
Returns
A dynamically allocated string (to be g_free'd) containing the path to the desired file or NULL on error.

◆ get_certificate_info()

int get_certificate_info ( const gchar *  certificate,
time_t *  activation_time,
time_t *  expiration_time,
gchar **  fingerprint,
gchar **  issuer 
)

Gathers info from a certificate.

Parameters
[in]certificateThe certificate to get data from.
[out]activation_timePointer to write activation time to.
[out]expiration_timePointer to write expiration time to.
[out]fingerprintPointer for newly allocated fingerprint.
[out]issuerPointer for newly allocated issuer DN.
Returns
0 success, -1 error.

◆ get_cpe_filename()

static char* get_cpe_filename ( )
static

Return the path to the CPE dictionary.

Returns
A dynamically allocated string (to be g_free'd) containing the path to the desired file.

◆ get_cve_filename()

static char* get_cve_filename ( char *  item_id)
static

Compute the filename where a given CVE can be found.

Parameters
[in]item_idFull CVE identifier ("CVE-YYYY-ZZZZ").
Returns
A dynamically allocated string (to be g_free'd) containing the path to the desired file or NULL on error.

◆ get_dfn_cert_adv_filename()

static char* get_dfn_cert_adv_filename ( char *  item_id)
static

Compute the filename where a given DFN-CERT Advisory can be found.

Parameters
[in]item_idFull DFN-CERT identifier ("DFN-CERT-YYYY-ZZZZ").
Returns
A dynamically allocated string (to be g_free'd) containing the path to the desired file or NULL on error.

◆ get_files_to_send()

static GSList* get_files_to_send ( task_t  task)
static

Get files to send.

Parameters
taskTask of interest.
Returns
List of files to send, (NULL if none), data has to be freed with g_free.

◆ get_nvti_xml()

gchar* get_nvti_xml ( iterator_t nvts,
int  details,
int  pref_count,
int  preferences,
const char *  timeout,
config_t  config,
int  close_tag 
)

Create and return XML description for an NVT.

Parameters
[in]nvtsThe NVT.
[in]detailsIf true, detailed XML, else simple XML.
[in]pref_countPreference count. Used if details is true.
[in]preferencesIf true, included preferences.
[in]timeoutTimeout. Used if details is true.
[in]configConfig, used if preferences is true.
[in]close_tagWhether to close the NVT tag or not.
Returns
A dynamically allocated string containing the XML description.

◆ get_osp_scan_report()

static int get_osp_scan_report ( const char *  scan_id,
const char *  host,
int  port,
const char *  ca_pub,
const char *  key_pub,
const char *  key_priv,
int  details,
char **  report_xml 
)
static

Get an OSP scan's report.

Parameters
[in]scan_idScan ID.
[in]hostScanner host.
[in]portScanner port.
[in]ca_pubCA Certificate.
[in]key_pubCertificate.
[in]key_privPrivate key.
[in]details1 for detailed report, 0 otherwise.
[out]report_xmlScan report.
Returns
-1 on error, progress value between 0 and 100 on success.

◆ get_osp_task_options()

static GHashTable* get_osp_task_options ( task_t  task,
target_t  target 
)
static

Get an OSP Task's scan options.

Parameters
[in]taskThe task.
[in]targetThe target.
Returns
OSP Task options, NULL if failure.

◆ get_ovaldef_filename()

static char* get_ovaldef_filename ( char *  item_id)
static

Get the filename where a given OVAL definition can be found.

Parameters
[in]item_idFull OVAL identifier with file suffix.
Returns
A dynamically allocated string (to be g_free'd) containing the path to the desired file or NULL on error.

◆ get_report_format_files()

static int get_report_format_files ( const char *  dir_name,
GPtrArray **  start 
)
static

Get files associated with a report format.

Parameters
[in]dir_nameLocation of files.
[out]startFiles on success.
Returns
0 if successful, -1 otherwise.

◆ get_schedule_timeout()

int get_schedule_timeout ( )

Get the current schedule timeout.

Returns
The schedule timeout in minutes.

◆ get_scheduled_user_uuid()

const gchar* get_scheduled_user_uuid ( )

Access UUID of user that scheduled the current task.

Returns
UUID of user that scheduled the current task.

◆ get_slave_system_report_types()

static int get_slave_system_report_types ( const char *  required_type,
gchar ***  start,
gchar ***  types,
const char *  slave_id 
)
static

Get system report types from a slave.

Parameters
[in]required_typeSingle type to limit types to.
[out]typesTypes on success.
[out]startActual start of types, which caller must free.
[out]slave_idID of GMP slave.
Returns
0 if successful, 2 failed to find slave, 3 unused, 4 could not connect to slave, 5 authentication failed, 6 failed to get system report, -1 otherwise.

◆ get_system_report_types()

static int get_system_report_types ( const char *  required_type,
gchar ***  start,
gchar ***  types,
const char *  slave_id 
)
static

Get system report types.

Parameters
[in]required_typeSingle type to limit types to.
[out]typesTypes on success.
[out]startActual start of types, which caller must free.
[out]slave_idID of slave.
Returns
0 if successful, 1 failed to find report type, 2 failed to find slave, 3 serving the fallback, 4 could not connect to slave, 5 authentication failed, 6 failed to get system report, -1 otherwise.

◆ get_tasks_last_report()

static gchar* get_tasks_last_report ( entity_t  get_tasks)
static

Get last report from GET_TASKS response.

Parameters
[in]get_tasksGET_TASKS response.
Returns
Freshly allocated UUID of last report, or NULL.

◆ handle_osp_scan()

static int handle_osp_scan ( task_t  task,
report_t  report,
const char *  scan_id 
)
static

Handle an ongoing OSP scan, until success or failure.

Parameters
[in]taskThe task.
[in]reportThe report.
[in]scan_idThe UUID of the scan on the scanner.
Returns
0 if success, -1 if error, -2 if scan was stopped.

◆ handle_slave_task()

static int handle_slave_task ( task_t  task,
target_t  target,
credential_t  target_ssh_credential,
credential_t  target_smb_credential,
credential_t  target_esxi_credential,
credential_t  target_snmp_credential,
report_t  last_stopped_report,
gvm_connection_t *  connection,
const gchar *  slave_id,
const gchar *  slave_name 
)
static

Start a task on a slave.

Parameters
[in]taskThe task.
[in]targetTask target.
[in]target_ssh_credentialTarget SSH credential.
[in]target_smb_credentialTarget SMB credential.
[in]target_esxi_credentialTarget ESXi credential.
[in]target_snmp_credentialTarget SNMP credential.
[in]last_stopped_reportLast stopped report if any, else 0.
[in]connectionConnection, with slave info.
[in]slave_idUUID of slave.
[in]slave_nameName of slave.
Returns
0 success, 1 login failed, -1 failed to make UUID, -2 Failed to get task name.

◆ init_report_format_file_iterator()

int init_report_format_file_iterator ( file_iterator_t iterator,
report_format_t  report_format 
)

Initialise a report format file iterator.

Parameters
[in]iteratorIterator.
[in]report_formatSingle report format to iterate over, NULL for all.
Returns
0 on success, -1 on error.

◆ init_severity_data()

void init_severity_data ( severity_data_t data)

Initialize a severity data structure.

Parameters
[in]dataThe data structure to initialize.

◆ init_system_report_type_iterator()

int init_system_report_type_iterator ( report_type_iterator_t iterator,
const char *  type,
const char *  slave_id 
)

Initialise a system report type iterator.

Parameters
[in]iteratorIterator.
[in]typeSingle report type to iterate over, NULL for all.
[in]slave_idID of slave to get reports from. 0 for local.
Returns
0 on success, 1 failed to find report type, 2 failed to find slave, 3 used the fallback report, 4 could not connect to slave, 5 authentication failed, 6 failed to get system report, 99 permission denied, -1 on error.

◆ launch_osp_task()

static int launch_osp_task ( task_t  task,
target_t  target,
const char *  scan_id,
char **  error 
)
static

Launch an OSP task.

Parameters
[in]taskThe task.
[in]targetThe target.
[out]scan_idThe new scan uuid.
[out]errorError return.
Returns
0 success, -1 if scanner is down.

◆ manage_auth_allow_all()

void manage_auth_allow_all ( int  scheduled)

Ensure that any subsequent authentications succeed.

Parameters
[in]scheduledWhether this is happening from the scheduler.

◆ manage_check_current_task()

int manage_check_current_task ( )

Handle state changes to current task made by other processes.

Returns
0 on success, -1 if out of space in scanner output buffer, 1 if queued to scanner.

◆ manage_read_info()

int manage_read_info ( gchar *  type,
gchar *  uid,
gchar *  name,
gchar **  result 
)

Read raw information.

Parameters
[in]typeType of the requested information.
[in]uidUnique identifier of the requested information
[in]nameName or identifier of the requested information.
[out]resultPointer to the read information location. Will point to NULL on error.
Returns
1 success, -1 error.

◆ manage_scap_update_time()

const char* manage_scap_update_time ( )

GET SCAP update time, as a string.

Returns
Last update time as a static string, or "" on error.

◆ manage_schedule()

int manage_schedule ( manage_connection_forker_t  fork_connection,
gboolean  run_tasks,
sigset_t *  sigmask_current 
)

Schedule any actions that are due.

In gvmd, periodically called from the main daemon loop.

Parameters
[in]fork_connectionFunction that forks a child which is connected to the Manager. Must return PID in parent, 0 in child, or -1 on error.
[in]run_tasksWhether to run scheduled tasks.
[in]sigmask_currentSigmask to restore in child.
Returns
0 success, 1 failed to get lock, -1 error.

◆ manage_sync()

void manage_sync ( sigset_t *  sigmask_current,
int(*)()  fork_update_nvt_cache 
)

Perform any syncing that is due.

In gvmd, periodically called from the main daemon loop.

Parameters
[in]sigmask_currentSigmask to restore in child.
[in]fork_update_nvt_cacheFunction that forks a child that syncs the NVTS. Child does not return.

◆ manage_system_report()

int manage_system_report ( const char *  name,
const char *  duration,
const char *  start_time,
const char *  end_time,
const char *  slave_id,
char **  report 
)

Get a system report.

Parameters
[in]nameName of report.
[in]durationTime range of report, in seconds.
[in]start_timeTime of first data point in report.
[in]end_timeTime of last data point in report.
[in]slave_idID of slave to get report from. 0 for local.
[out]reportOn success, report in base64 if such a report exists else NULL. Arbitrary on error.
Returns
0 if successful (including failure to find report), -1 on error, 3 if used the fallback report, 4 could not connect to slave, 5 authentication failed, 6 failed to get system report.

◆ message_type_threat()

const char* message_type_threat ( const char *  type)

Get the threat of a message type.

Parameters
typeMessage type.
Returns
Static threat name if type names a message type, else NULL.

◆ move_task()

int move_task ( const char *  task_id,
const char *  slave_id 
)

Reassign a task to another slave.

Parameters
[in]task_idUUID of task.
[in]slave_idUUID of slave.
Returns
0 success, 1 success, process forked, 2 task not found, 3 slave not found, 4 slaves not supported by scanner, 5 task cannot be stopped currently, 6 scanner does not allow stopping, 7 new scanner does not support slaves, 98 stop and resume permission denied, 99 permission denied, -1 error.

◆ next_file()

gboolean next_file ( file_iterator_t iterator)

Increment a report type iterator.

The caller must stop using this after it returns FALSE.

Parameters
[in]iteratorTask iterator.
Returns
TRUE if there was a next item, else FALSE.

◆ next_report_type()

gboolean next_report_type ( report_type_iterator_t iterator)

Increment a report type iterator.

The caller must stop using this after it returns FALSE.

Parameters
[in]iteratorTask iterator.
Returns
TRUE if there was a next item, else FALSE.

◆ nvt_selector_plugins()

static gchar* nvt_selector_plugins ( config_t  config)
static

Return the plugins of a config, as a semicolon separated string.

Parameters
[in]configConfig.
Returns
A string of semi-colon separated plugin IDS.

◆ parse_tags()

void parse_tags ( const char *  scanner_tags,
gchar **  tags,
gchar **  cvss_base 
)

Split up the tags received from the scanner.

Parameters
[in]scanner_tagsThe tags sent by the scanner.
[out]tagsTags.
[out]cvss_baseCVSS base.

◆ predefined_report_format_dir()

gchar* predefined_report_format_dir ( const gchar *  uuid)

Get the directory of a report format.

Parameters
[in]uuidReport format UUID. NULL to get parent dir.
Returns
Freshly allocated dir name.

◆ preference_value()

static gchar* preference_value ( const char *  name,
const char *  full_value 
)
static

Return the real value of a preference.

Take care of radio button options.

Parameters
[in]nameName of preference.
[in]full_valueEntire value of preference.
Returns
Real value of the preference.

◆ report_format_param_type_from_name()

report_format_param_type_t report_format_param_type_from_name ( const char *  name)

Get a report format param type from a name.

Parameters
[in]nameParam type name.
Returns
The param type.

◆ report_format_param_type_name()

const char* report_format_param_type_name ( report_format_param_type_t  type)

Get the name of a report format param type.

Parameters
[in]typeParam type.
Returns
The name of the param type.

◆ report_results_filter_term()

static gchar* report_results_filter_term ( int  first,
int  rows,
int  apply_overrides,
int  autofp,
int  min_qod 
)
static

Create a basic filter term to get report results.

Parameters
[in]firstFirst row.
[in]rowsNumber of rows.
[in]apply_overridesWhether to apply overrides.
[in]autofpAuto-FP value.
[in]min_qodMinimum QOD.
Returns
Filter term.

◆ report_results_get_data()

get_data_t* report_results_get_data ( int  first,
int  rows,
int  apply_overrides,
int  autofp,
int  min_qod 
)

Create a new basic get_data_t struct to get report results.

Parameters
[in]firstFirst row.
[in]rowsNumber of rows.
[in]apply_overridesWhether to apply overrides.
[in]autofpAuto-FP value.
[in]min_qodMinimum QOD.
Returns
GET data struct.

◆ report_type_iterator_name()

const char* report_type_iterator_name ( report_type_iterator_t iterator)

Return the name from a report type iterator.

Parameters
[in]iteratorIterator.
Returns
Name.

◆ report_type_iterator_title()

const char* report_type_iterator_title ( report_type_iterator_t iterator)

Return the title from a report type iterator.

Parameters
[in]iteratorIterator.
Returns
Title.

◆ resume_task()

int resume_task ( const char *  task_id,
char **  report_id 
)

Resume a task.

Parameters
[in]task_idTask UUID.
[out]report_idIf successful, ID of the resultant report.
Returns
22 caller error (task must be in "stopped" or "interrupted" state), or any start_task error.

◆ run_cve_task()

static int run_cve_task ( task_t  task)
static

Start a CVE task.

Parameters
[in]taskThe task.
Returns
0 success, 99 permission denied, -1 error.

◆ run_gmp_task()

static int run_gmp_task ( task_t  task,
scanner_t  scanner,
int  from,
char **  report_id 
)
static

Start a task on a GMP scanner.

Parameters
[in]taskThe task.
[in]scannerSlave scanner to run task on.
[in]from0 start from beginning, 1 continue from stopped, 2 continue if stopped else start from beginning.
[out]report_idThe report ID.
Returns
Before forking: 1 task is active already, 3 failed to find task, -1 error.

◆ run_osp_task()

static int run_osp_task ( task_t  task)
static

Start a task on an OSP scanner.

Parameters
[in]taskThe task.
Returns
0 success, 99 permission denied, -1 error.

◆ run_otp_task()

static int run_otp_task ( task_t  task,
scanner_t  scanner,
int  from,
char **  report_id 
)
static

Start an OTP scanner task.

Parameters
[in]taskThe task.
[in]scannerScanner to use.
[in]from0 start from beginning, 1 continue from stopped, 2 continue if stopped else start from beginning.
[out]report_idThe report ID.
Returns
Before forking: 1 task is active already, 3 failed to find task,
Todo:
On fail exits only, may need to honour request states that one of the other processes has set on the task (stop_task, request_delete_task).
Todo:
Also reset status on report, as current_scanner_task is 0 here.

◆ run_slave_or_gmp_task()

static int run_slave_or_gmp_task ( task_t  task,
int  from,
char **  report_id,
gvm_connection_t *  connection,
const gchar *  slave_id,
const gchar *  slave_name 
)
static

Start a slave/GMP task.

Parameters
[in]taskThe task.
[in]from0 start from beginning, 1 continue from stopped, 2 continue if stopped else start from beginning.
[out]report_idThe report ID.
[in]connectionConnection, with slave info.
[in]slave_idUUID of slave.
[in]slave_nameName of slave.
Returns
Before forking: 1 task is active already, 3 failed to find task, -1 error.
Todo:
On fail exits only, may need to honour request states that one of the other processes has set on the task (stop_task, request_delete_task).
Todo:
Also reset status on report, as current_scanner_task is 0 here.

◆ run_status_name()

const char* run_status_name ( task_status_t  status)

Get the name of a run status.

Parameters
[in]statusRun status.
Returns
The name of the status (for example, "Done" or "Running").

◆ run_status_name_internal()

const char* run_status_name_internal ( task_status_t  status)

Get the unique name of a run status.

Parameters
[in]statusRun status.
Returns
The name of the status (for example, "Done" or "Running").

◆ run_task()

static int run_task ( const char *  task_id,
char **  report_id,
int  from 
)
static

Start or resume a task.

Use send_to_server to queue the task start sequence in the scanner output buffer.

Only one task can run at a time in a process.

Parameters
[in]task_idThe task ID.
[out]report_idThe report ID.
[in]from0 start from beginning, 1 continue from stopped, 2 continue if stopped else start from beginning.
Returns
Before forking: 1 task is active already, 3 failed to find task, 4 resuming task not supported, 99 permission denied, -1 error, -2 task is missing a target, -3 creating the report failed, -4 target missing hosts, -5 scanner is down or still loading, -6 already a task running in this process, -7 no CA cert, -9 fork failed. After forking: 0 success (parent), 2 success (child), -10 error (child).

◆ run_task_prepare_report()

static int run_task_prepare_report ( task_t  task,
char **  report_id,
int  from,
task_status_t  run_status,
report_t *  last_stopped_report 
)
static

Prepare report for running a task.

Parameters
[in]taskThe task.
[out]report_idThe report ID.
[in]from0 start from beginning, 1 continue from stopped, 2 continue if stopped else start from beginning.
[in]run_statusThe task's run status.
[in]last_stopped_reportLast stopped report of task.
Returns
0 success, -1 error, -3 creating the report failed.

◆ run_task_setup()

static int run_task_setup ( task_t  task,
config_t *  config,
target_t *  target,
port_list_t *  port_list,
credential_t *  ssh_credential,
credential_t *  smb_credential,
credential_t *  esxi_credential,
credential_t *  snmp_credential 
)
static

Initialise variables required for running a scan.

Parameters
[in]taskTask.
[out]configConfig.
[out]targetTarget.
[out]port_listPort list.
[out]ssh_credentialSSH credential.
[out]smb_credentialSMB credential.
[out]esxi_credentialESXI credential.
[out]snmp_credentialSNMP credential.
Returns
0 success, -1 error, 99 permission denied.

◆ scanner_setup()

static int scanner_setup ( scanner_t  scanner)
static

Initialise some values of the OpenVAS scanner.

Parameters
[in]scannerScanner.
Returns
0 success, -1 error, 1 no CA cert.

◆ scheduled_task_free()

static void scheduled_task_free ( scheduled_task_t scheduled_task)
static

Set UUID of user that scheduled the current task.

Parameters
[in]scheduled_taskScheduled task.

◆ scheduled_task_new()

static scheduled_task_t* scheduled_task_new ( const gchar *  task_uuid,
const gchar *  owner_uuid,
const gchar *  owner_name 
)
static

Create a schedule task structure.

Parameters
[in]task_uuidUUID of task.
[in]owner_uuidUUID of owner.
[in]owner_nameName of owner.
Returns
Scheduled task structure.

◆ scheduled_task_start()

static int scheduled_task_start ( scheduled_task_t scheduled_task,
manage_connection_forker_t  fork_connection,
sigset_t *  sigmask_current 
)
static

Start a task, for the scheduler.

Parameters
[in]scheduled_taskScheduled task.
[in]fork_connectionFunction that forks a child which is connected to the Manager. Must return PID in parent, 0 in child, or -1 on error.
[in]sigmask_currentSigmask to restore in child.
Returns
0 success, -1 error. Child does not return.

◆ scheduled_task_stop()

static int scheduled_task_stop ( scheduled_task_t scheduled_task,
manage_connection_forker_t  fork_connection,
sigset_t *  sigmask_current 
)
static

Stop a task, for the scheduler.

Parameters
[in]scheduled_taskScheduled task.
[in]fork_connectionFunction that forks a child which is connected to the Manager. Must return PID in parent, 0 in child, or -1 on error.
[in]sigmask_currentSigmask to restore in child.
Returns
0 success, -1 error. Child does not return.

◆ send_alive_test_preferences()

static int send_alive_test_preferences ( target_t  target)
static

Send target "Alive Test" preferences to the scanner.

Parameters
[in]targetScan target.
Returns
0 on success, -1 on failure.

◆ send_config_preferences()

static int send_config_preferences ( config_t  config,
const char *  section_name,
GSList *  task_files,
GPtrArray *  pref_files 
)
static

Send the preferences from a config to the scanner.

Parameters
[in]configConfig.
[in]section_nameName of preference section to send.
[in]task_filesFiles associated with the task.
[out]pref_filesFiles associated with config (UUID, contents, ...).
Returns
0 on success, -1 on failure.

◆ send_file()

static int send_file ( const char *  name,
const char *  content 
)
static

Send a file to the scanner.

Parameters
[in]nameFile name.
[in]contentFile contents.
Returns
0 on success, -1 on failure.

◆ send_hosts_access_preferences()

static int send_hosts_access_preferences ( void  )
static

Send ifaces_allow and ifaces_deny preferences to scanner.

Returns
0 on success, -1 on failure.

◆ send_ifaces_access_preferences()

static int send_ifaces_access_preferences ( void  )
static

Send ifaces_allow and ifaces_deny preferences to scanner.

Returns
0 on success, -1 on failure.

◆ send_scanner_preferences()

static int send_scanner_preferences ( task_t  task,
target_t  target,
report_t  stopped_report 
)
static

Send some scanner preferences to the scanner.

Parameters
[in]taskTask.
[in]targetScan target.
[in]stopped_reportPreviously stopped report, if any, else 0.
Returns
0 on success, -1 on failure.

◆ send_task_file()

static int send_task_file ( task_t  task,
const char *  file 
)
static

Send a file from a task to the scanner.

Parameters
[in]taskThe task.
[in]fileFile name.
Returns
0 on success, -1 on failure.

◆ send_task_preferences()

static int send_task_preferences ( task_t  task)
static

Send task preferences to the scanner.

Parameters
[in]taskTask.
Returns
0 on success, -1 on failure.

◆ set_certs()

int set_certs ( const char *  ca_pub,
const char *  key_pub,
const char *  key_priv 
)

Initialise OpenVAS scanner variables, checking for defaults.

Parameters
[in]ca_pubCA Certificate.
[in]key_pubScanner Certificate.
[in]key_privScanner private key.
Returns
0 success, 1 both default CA cert setting and ca_pub were NULL.

◆ set_schedule_timeout()

void set_schedule_timeout ( int  new_timeout)

Set the schedule timeout.

Parameters
new_timeoutThe new schedule timeout in minutes.

◆ set_scheduled_user_uuid()

void set_scheduled_user_uuid ( const gchar *  user_uuid)

Set UUID of user that scheduled the current task. The previous value is freed and a copy of the UUID is created.

Parameters
user_uuidUUID of user that scheduled the current task.

◆ set_task_interrupted()

void set_task_interrupted ( task_t  task,
const gchar *  message 
)

Set a task to interrupted.

Expects global_current_report to match the task.

Parameters
[in]taskTask
[in]messageMessage for error result.

◆ setup_ids()

static int setup_ids ( gvm_connection_t *  connection,
task_t  task,
entity_t  get_tasks,
gchar **  slave_config_uuid,
gchar **  slave_target_uuid,
gchar **  slave_port_list_uuid,
gchar **  slave_ssh_credential_uuid,
gchar **  slave_smb_credential_uuid,
gchar **  slave_esxi_credential_uuid,
gchar **  slave_snmp_credential_uuid 
)
static

Setup ID variables for slave_setup.

Parameters
[in]connectionConnection to slave.
[in]taskThe task.
[in]get_tasksGET_TASKS response.
[out]slave_config_uuidUUID of slave config.
[out]slave_target_uuidUUID of slave target.
[out]slave_port_list_uuidUUID of slave port list.
[out]slave_ssh_credential_uuidUUID of slave SSH credential.
[out]slave_smb_credential_uuidUUID of slave SMB credential.
[out]slave_esxi_credential_uuidUUID of slave ESXi credential.
[out]slave_snmp_credential_uuidUUID of slave SNMP credential.
Returns
0 success, 1 giveup.

◆ severity_data_add()

void severity_data_add ( severity_data_t severity_data,
double  severity 
)

Add a severity occurrence to the counts of a severity_data_t.

Parameters
[in]severity_dataThe severity count struct to add to.
[in]severityThe severity to add.

◆ severity_data_add_count()

void severity_data_add_count ( severity_data_t severity_data,
double  severity,
int  count 
)

Add a multiple severity occurrences to the counts of a severity_data_t.

Parameters
[in]severity_dataThe severity count struct to add to.
[in]severityThe severity to add.
[in]countThe number of occurrences to add.

◆ severity_data_index()

static int severity_data_index ( double  severity)
static

Convert a severity value into an index in the counts array.

Parameters
[in]severitySeverity value.
Returns
The index, 0 for invalid severity scores.

◆ severity_data_level_counts()

void severity_data_level_counts ( const severity_data_t severity_data,
const gchar *  severity_class,
int *  errors,
int *  debugs,
int *  false_positives,
int *  logs,
int *  lows,
int *  mediums,
int *  highs 
)

Count the occurrences of severities in the levels.

Parameters
[in]severity_dataThe severity counts data to evaluate.
[in]severity_classThe severity class setting to use.
[out]errorsThe number of error messages.
[out]debugsThe number of debug messages.
[out]false_positivesThe number of False Positives.
[out]logsThe number of Log messages.
[out]lowsThe number of Low severity results.
[out]mediumsThe number of Medium severity results.
[out]highsThe number of High severity results.

◆ severity_data_range_count()

static int severity_data_range_count ( const severity_data_t severity_data,
double  min_severity,
double  max_severity 
)
static

Calculate the total of severity counts in a range.

Parameters
[in]severity_dataThe severity data struct to get counts from.
[in]min_severityThe minimum severity included in the range.
[in]max_severityThe maximum severity included in the range.
Returns
The total of severity counts in the specified range.

◆ severity_data_value()

double severity_data_value ( int  index)

Convert an index in the counts array to a severity value.

Parameters
[in]indexIndex in the counts array.
Returns
The corresponding severity value.

◆ severity_in_level()

int severity_in_level ( double  severity,
const char *  level 
)

Check whether a severity falls within a threat level.

Parameters
[in]severitySeverity.
[in]levelThreat level.
Returns
1 if in level, else 0.

◆ severity_matches_ov()

int severity_matches_ov ( double  severity,
double  ov_severity 
)

Check whether a severity matches an override's severity.

Only used by SQLite backend.

Parameters
[in]severityseverity score
[in]ov_severityoverride severity score to match
Returns
1 if matches, else 0.

◆ severity_to_level()

const char* severity_to_level ( double  severity,
int  mode 
)

Get the threat level matching a severity score.

Parameters
[in]severityseverity score
[in]mode0 for normal levels, 1 to use "Alarm" for severity > 0.0
Returns
the level as a static string

◆ severity_to_type()

const char* severity_to_type ( double  severity)

Get the message type matching a severity score.

Parameters
[in]severityseverity score
Returns
the message type as a static string

◆ slave_authenticate()

static int slave_authenticate ( gnutls_session_t *  session,
scanner_t  slave 
)
static

Authenticate with a slave.

Parameters
[in]sessionGNUTLS session.
[in]slaveSlave.
Returns
0 success, -1 error.

◆ slave_connect()

static int slave_connect ( gvm_connection_t *  connection)
static

Connect to a slave.

Parameters
[in]connectionConnection.
Returns
0 success, -1 error, 1 auth failure.

◆ slave_setup()

static int slave_setup ( gvm_connection_t *  connection,
const char *  name,
task_t  task,
target_t  target,
credential_t  target_ssh_credential,
credential_t  target_smb_credential,
credential_t  target_esxi_credential,
credential_t  target_snmp_credential,
report_t  last_stopped_report 
)
static

Setup a task on a slave.

Parameters
[in]connectionConnection to slave.
[in]nameName of task on slave.
[in]taskThe task.
[out]targetTask target.
[out]target_ssh_credentialTarget SSH credential.
[out]target_smb_credentialTarget SMB credential.
[out]target_esxi_credentialTarget ESXi credential.
[out]target_snmp_credentialTarget SNMP credential.
[out]last_stopped_reportLast stopped report if any, else 0.
Returns
0 success, 1 retry, 3 giveup.

◆ slave_sleep_connect()

static int slave_sleep_connect ( gvm_connection_t *  connection,
task_t  task 
)
static

Sleep then connect to slave. Retry until success or giveup requested.

Parameters
[in]connectionConnection.
[in]taskLocal task.
Returns
0 success, 3 giveup.

◆ slave_system_report()

static int slave_system_report ( const char *  name,
const char *  duration,
const char *  start_time,
const char *  end_time,
const char *  slave_id,
char **  report 
)
static

Get a system report from a slave.

Parameters
[in]nameName of report.
[in]durationTime range of report, in seconds.
[in]start_timeTime of first data point in report.
[in]end_timeTime of last data point in report.
[in]slave_idID of GMP scanner slave to get report from. 0 for local.
[out]reportOn success, report in base64 if such a report exists else NULL. Arbitrary on error.
Returns
0 if successful, 2 failed to find slave, 3 unused, 4 could not connect to slave, 5 authentication failed, 6 failed to get system report, -1 otherwise.

◆ slist_free()

static void slist_free ( GSList *  list)
static

Free an slist of pointers, including the pointers.

Parameters
[in]listThe list.

◆ start_task()

int start_task ( const char *  task_id,
char **  report_id 
)

Start a task.

Use send_to_server to queue the task start sequence in the scanner output buffer.

Only one task can run at a time in a process.

Parameters
[in]task_idThe task ID.
[out]report_idThe report ID.
Returns
Before forking: 1 task is active already, 3 failed to find task, 99 permission denied, -1 internal error, -2 task is missing a target, -3 creating the report failed, -4 target missing hosts, -6 already a task running in this process, -7 no CA cert, -9 fork failed. After forking: 0 success (parent), 2 success (child), -10 error (child).

◆ stop_osp_task()

static int stop_osp_task ( task_t  task)
static

Stop an OSP task.

Parameters
[in]taskThe task.
Returns
0 on success, else -1.

◆ stop_task()

int stop_task ( const char *  task_id)

Initiate stopping a task.

Use send_to_server to queue the task stop sequence in the scanner output buffer.

Parameters
[in]task_idTask UUID.
Returns
0 on success, 1 if stop requested, 3 failed to find task, 99 permission denied, -1 if out of space in scanner output buffer, -5 scanner down.

◆ stop_task_internal()

int stop_task_internal ( task_t  task)

Initiate stopping a task.

Use send_to_server to queue the task stop sequence in the scanner output buffer.

Parameters
[in]taskTask.
Returns
0 on success, 1 if stop requested, -1 if out of space in scanner output buffer, -5 scanner down, -7 no CA cert.

◆ task_scanner_options()

static GHashTable* task_scanner_options ( task_t  task,
target_t  target 
)
static

Give a task's OSP scan options in a hash table.

Parameters
[in]taskThe task.
[in]targetThe target.
Returns
Hash table with options names and their values.

◆ threat_message_type()

const char* threat_message_type ( const char *  threat)

Get the message type of a threat.

Parameters
threatThreat.
Returns
Static message type name if threat names a threat, else NULL.

◆ truncate_certificate()

gchar* truncate_certificate ( const gchar *  certificate)

Truncate a certificate, removing extra data.

Parameters
[in]certificateThe certificate.
Returns
The truncated certificate as a newly allocated string or NULL.

◆ truncate_private_key()

gchar* truncate_private_key ( const gchar *  private_key)

Truncate a private key, removing extra data.

Parameters
[in]private_keyThe private key.
Returns
The truncated private key as a newly allocated string or NULL.

◆ truncate_text()

static void truncate_text ( gchar *  string,
size_t  max_len,
gboolean  xml,
const char *  suffix 
)
static

Truncates text to a maximum length, optionally appends a suffix.

Note: The string is modified in place instead of allocating a new one. With the xml option the function will avoid cutting the string in the middle of XML entities, but element tags will be ignored.

Parameters
[in,out]stringThe string to truncate.
[in]max_lenThe maximum length in bytes.
[in]xmlWhether to preserve XML entities.
[in]suffixThe suffix to append when the string is shortened.

◆ type_is_scap()

int type_is_scap ( const char *  type)

Check if a type is a SCAP type.

Parameters
[in]typeResource type.
Returns
Name of type.

◆ type_name()

const char* type_name ( const char *  type)

Return the name of a resource type.

Parameters
[in]typeResource type.
Returns
Name of type.

◆ type_name_plural()

const char* type_name_plural ( const char *  type)

Return the plural name of a resource type.

Parameters
[in]typeResource type.
Returns
Plural name of type.

◆ update_end_times()

static int update_end_times ( entity_t  report)
static

Update end times, and optionally add host details.

Parameters
[in]reportReport.
Returns
0 success, -1 error.

◆ update_slave_progress()

static int update_slave_progress ( entity_t  get_tasks)
static

Update the locally cached task progress from the slave.

Parameters
[in]get_tasksSlave GET_TASKS response.
Returns
0 success, -1 error.

◆ validate_username()

int validate_username ( const gchar *  name)

Validates a username.

Parameters
[in]nameThe name.
Returns
0 if the username is valid, 1 if not.

◆ xml_escape_text_truncated()

gchar* xml_escape_text_truncated ( const char *  string,
size_t  max_len,
const char *  suffix 
)

XML escapes text truncating to a maximum length with a suffix.

Note: The function will avoid cutting the string in the middle of XML entities.

Parameters
[in]stringThe string to truncate.
[in]max_lenThe maximum length in bytes.
[in]suffixThe suffix to append when the string is shortened.
Returns
Newly allocated string with XML escaped, truncated text.

◆ xsl_transform()

static gchar* xsl_transform ( gchar *  stylesheet,
gchar *  xmlfile,
gchar **  param_names,
gchar **  param_values 
)
static

Run xsltproc in an external process.

Parameters
[in]stylesheetXSL stylesheet to use.
[in]xmlfileXML file to process.
[in]param_namesNULL terminated array of stringparam names (can be NULL).
[in]param_valuesNULL terminated array of stringparam values (can be NULL).
Returns
A dynamically allocated (to be g_free'd) string containing the result of the operation of NULL on failure.

Variable Documentation

◆ authenticate_allow_all

int authenticate_allow_all = 0

Flag for manage_auth_allow_all.

Flag to force authentication to succeed.

1 if set via scheduler, 2 if set via event, else 0.