Greenbone Vulnerability Manager  22.4.0~dev1
Data Structures | Macros | Functions | Variables
manage.c File Reference

The Greenbone Vulnerability Manager management layer. More...

#include "debug_utils.h"
#include "gmp_base.h"
#include "manage.h"
#include "manage_acl.h"
#include "manage_configs.h"
#include "manage_port_lists.h"
#include "manage_report_formats.h"
#include "manage_sql.h"
#include "manage_sql_secinfo.h"
#include "manage_sql_nvts.h"
#include "manage_sql_tickets.h"
#include "manage_sql_tls_certificates.h"
#include "utils.h"
#include <assert.h>
#include <ctype.h>
#include <errno.h>
#include <dirent.h>
#include <fcntl.h>
#include <glib.h>
#include <gnutls/x509.h>
#include <math.h>
#include <locale.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <strings.h>
#include <sys/file.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <time.h>
#include <unistd.h>
#include <gvm/base/gvm_sentry.h>
#include <gvm/base/hosts.h>
#include <bsd/unistd.h>
#include <gvm/osp/osp.h>
#include <gvm/util/fileutils.h>
#include <gvm/util/serverutils.h>
#include <gvm/util/uuidutils.h>
#include <gvm/gmp/gmp.h>

Data Structures

struct  scheduled_task_t
 Task info, for scheduler. More...
 

Macros

#define _XOPEN_SOURCE
 Enable extra functions. More...
 
#define _GNU_SOURCE
 Enable extra GNU functions. More...
 
#define G_LOG_DOMAIN   "md manage"
 GLib log domain.
 
#define CPE_GETBYNAME_XSL   GVM_SCAP_RES_DIR "/cpe_getbyname.xsl"
 CPE selection stylesheet location.
 
#define CVE_GETBYNAME_XSL   GVM_SCAP_RES_DIR "/cve_getbyname.xsl"
 CVE selection stylesheet location.
 
#define CERT_BUND_ADV_GETBYNAME_XSL   GVM_CERT_RES_DIR "/cert_bund_getbyname.xsl"
 CERT_BUND_ADV selection stylesheet location.
 
#define DFN_CERT_ADV_GETBYNAME_XSL   GVM_CERT_RES_DIR "/dfn_cert_getbyname.xsl"
 DFN_CERT_ADV selection stylesheet location.
 
#define CPE_DICT_FILENAME   GVM_SCAP_DATA_DIR "/official-cpe-dictionary_v2.2.xml"
 CPE dictionary location.
 
#define CVE_FILENAME_FMT   GVM_SCAP_DATA_DIR "/nvdcve-2.0-%d.xml"
 CVE data files location format string. More...
 
#define CERT_BUND_ADV_FILENAME_FMT   GVM_CERT_DATA_DIR "/CB-K%02d.xml"
 CERT-Bund data files location format string. More...
 
#define DFN_CERT_ADV_FILENAME_FMT   GVM_CERT_DATA_DIR "/dfn-cert-%04d.xml"
 DFN-CERT data files location format string. More...
 
#define SCAP_TIMESTAMP_FILENAME   GVM_SCAP_DATA_DIR "/timestamp"
 SCAP timestamp location.
 
#define CERT_TIMESTAMP_FILENAME   GVM_CERT_DATA_DIR "/timestamp"
 CERT timestamp location.
 
#define MAX_CHECKS_DEFAULT   "4"
 Default for Scanner max_checks preference.
 
#define MAX_HOSTS_DEFAULT   "20"
 Default for Scanner max_hosts preference.
 
#define ZERO_SEVERITY_INDEX   4
 Array index of severity 0.0 in the severity_data_t.counts array.
 
#define FALLBACK_SYSTEM_REPORT_HEADER
 Header for fallback system report. More...
 
#define COMMAND   "gvmcg 0 titles"
 Command called by get_system_report_types. gvmcg stands for gvm-create-graphs.
 
#define DEFAULT_DURATION   86400L
 Default duration for system reports.
 
#define REBUILD_SWITCH(type)
 Adds a switch statement for handling the return value of a gvmd data rebuild. More...
 
#define DEF(x)
 Define a code snippet for get_nvti_xml. More...
 

Functions

gchar * truncate_certificate (const gchar *certificate)
 Truncate a certificate, removing extra data. More...
 
gchar * truncate_private_key (const gchar *private_key)
 Truncate a private key, removing extra data. More...
 
int get_certificate_info (const gchar *certificate, gssize certificate_len, time_t *activation_time, time_t *expiration_time, gchar **md5_fingerprint, gchar **sha256_fingerprint, gchar **subject, gchar **issuer, gchar **serial, gnutls_x509_crt_fmt_t *certificate_format)
 Gathers info from a certificate. More...
 
gchar * certificate_iso_time (time_t time)
 Converts a certificate time to an ISO time string. More...
 
const gchar * certificate_time_status (time_t activates, time_t expires)
 Tests the activation and expiration time of a certificate. More...
 
static void truncate_text (gchar *string, size_t max_len, gboolean xml, const char *suffix)
 Truncates text to a maximum length, optionally appends a suffix. More...
 
gchar * xml_escape_text_truncated (const char *string, size_t max_len, const char *suffix)
 XML escapes text truncating to a maximum length with a suffix. More...
 
const char * type_name_plural (const char *type)
 Return the plural name of a resource type. More...
 
const char * type_name (const char *type)
 Return the name of a resource type. More...
 
int type_is_scap (const char *type)
 Check if a type is a SCAP type. More...
 
static int check_available (const gchar *type, resource_t resource, const gchar *permission)
 Check whether a resource is available. More...
 
int scanner_type_valid (scanner_type_t scanner_type)
 Check if a scanner type is valid. More...
 
const char * threat_message_type (const char *threat)
 Get the message type of a threat. More...
 
int severity_in_level (double severity, const char *level)
 Check whether a severity falls within a threat level. More...
 
const char * severity_to_level (double severity, int mode)
 Get the threat level matching a severity score. More...
 
const char * severity_to_type (double severity)
 Get the message type matching a severity score. More...
 
int delete_reports (task_t task)
 Delete all the reports for a task. More...
 
static gchar * report_results_filter_term (int first, int rows, int apply_overrides, int min_qod)
 Create a basic filter term to get report results. More...
 
get_data_treport_results_get_data (int first, int rows, int apply_overrides, int min_qod)
 Create a new basic get_data_t struct to get report results. More...
 
static int severity_data_index (double severity)
 Convert a severity value into an index in the counts array. More...
 
double severity_data_value (int index)
 Convert an index in the counts array to a severity value. More...
 
void init_severity_data (severity_data_t *data)
 Initialize a severity data structure. More...
 
void cleanup_severity_data (severity_data_t *data)
 Clean up a severity data structure. More...
 
void severity_data_add (severity_data_t *severity_data, double severity)
 Add a severity occurrence to the counts of a severity_data_t. More...
 
void severity_data_add_count (severity_data_t *severity_data, double severity, int count)
 Add a multiple severity occurrences to the counts of a severity_data_t. More...
 
static int severity_data_range_count (const severity_data_t *severity_data, double min_severity, double max_severity)
 Calculate the total of severity counts in a range. More...
 
void severity_data_level_counts (const severity_data_t *severity_data, int *errors, int *false_positives, int *logs, int *lows, int *mediums, int *highs)
 Count the occurrences of severities in the levels. More...
 
void alert_report_data_free (alert_report_data_t *data)
 Frees a alert_report_data_t struct, including contained data. More...
 
void alert_report_data_reset (alert_report_data_t *data)
 Frees content of an alert_report_data_t, but not the struct itself. More...
 
const char * alert_condition_name (alert_condition_t condition)
 Get the name of an alert condition. More...
 
const char * event_name (event_t event)
 Get the name of an alert event. More...
 
gchar * alert_condition_description (alert_condition_t condition, alert_t alert)
 Get a description of an alert condition. More...
 
gchar * event_description (event_t event, const void *event_data, const char *task_name)
 Get a description of an alert event. More...
 
const char * alert_method_name (alert_method_t method)
 Get the name of an alert method. More...
 
alert_condition_t alert_condition_from_name (const char *name)
 Get an alert condition from a name. More...
 
event_t event_from_name (const char *name)
 Get an event from a name. More...
 
alert_method_t alert_method_from_name (const char *name)
 Get an alert method from a name. More...
 
const char * run_status_name (task_status_t status)
 Get the name of a run status. More...
 
const char * run_status_name_internal (task_status_t status)
 Get the unique name of a run status. More...
 
void set_task_interrupted (task_t task, const gchar *message)
 Set a task to interrupted. More...
 
static void delete_osp_scan (const char *report_id, const char *host, int port, const char *ca_pub, const char *key_pub, const char *key_priv)
 Delete an OSP scan. More...
 
static int get_osp_scan_report (const char *scan_id, const char *host, int port, const char *ca_pub, const char *key_pub, const char *key_priv, int details, int pop_results, char **report_xml)
 Get an OSP scan's report. More...
 
static osp_scan_status_t get_osp_scan_status (const char *scan_id, const char *host, int port, const char *ca_pub, const char *key_pub, const char *key_priv)
 Get an OSP scan's status. More...
 
static int handle_osp_scan (task_t task, report_t report, const char *scan_id)
 Handle an ongoing OSP scan, until success or failure. More...
 
static osp_credential_t * target_osp_ssh_credential (target_t target)
 Get the SSH credential of a target as an osp_credential_t. More...
 
static osp_credential_t * target_osp_smb_credential (target_t target)
 Get the SMB credential of a target as an osp_credential_t. More...
 
static osp_credential_t * target_osp_esxi_credential (target_t target)
 Get the SMB credential of a target as an osp_credential_t. More...
 
static osp_credential_t * target_osp_snmp_credential (target_t target)
 Get the SMB credential of a target as an osp_credential_t. More...
 
static int prepare_osp_scan_for_resume (task_t task, const char *scan_id, char **error)
 Prepare a report for resuming an OSP scan. More...
 
static void add_user_scan_preferences (GHashTable *scanner_options)
 Add OSP preferences for limiting hosts for users. More...
 
static int launch_osp_openvas_task (task_t task, target_t target, const char *scan_id, int from, char **error)
 Launch an OpenVAS via OSP task. More...
 
static int run_osp_scan_get_report (task_t task, int from, char **report_id)
 Get the last stopped report or a new one for an OSP scan. More...
 
static int fork_osp_scan_handler (task_t task, target_t target, int from, char **report_id_return)
 Fork a child to handle an OSP scan's fetching and inserting. More...
 
static int run_osp_task (task_t task, int from, char **report_id)
 Start a task on an OSP or OpenVAS via OSP scanner. More...
 
int get_scanner_connection_retry ()
 Get the number of retries on a scanner connection lost. More...
 
void set_scanner_connection_retry (int new_retry)
 Set the number of retries on a scanner connection lost. More...
 
static int cve_scan_host (task_t task, report_t report, gvm_host_t *gvm_host)
 Perform a CVE "scan" on a host. More...
 
static int fork_cve_scan_handler (task_t task, target_t target)
 Fork a child to handle a CVE scan's calculating and inserting. More...
 
static int run_cve_task (task_t task)
 Start a CVE task. More...
 
const char * get_relay_mapper_path ()
 Gets the current path of the relay mapper executable. More...
 
void set_relay_mapper_path (const char *new_path)
 Gets the current path of the relay mapper executable. More...
 
int get_relay_migrate_sensors ()
 Gets whether to migrate sensors if relays do not match. More...
 
void set_relay_migrate_sensors (int new_value)
 Sets whether to migrate sensors if relays do not match. More...
 
static int get_relay_info_entity (const char *original_host, int original_port, const char *protocol, entity_t *ret_entity)
 Gets the info about a scanner relay as an XML entity_t. More...
 
gboolean relay_supports_scanner_type (const char *original_host, int original_port, scanner_type_t type)
 Gets whether there is a relay supporting the scanner type. More...
 
int slave_get_relay (const char *original_host, int original_port, const char *original_ca_cert, const char *protocol, gchar **new_host, int *new_port, gchar **new_ca_cert)
 Gets a relay hostname and port for a sensor scanner. More...
 
static int run_task (const char *task_id, char **report_id, int from)
 Start or resume a task. More...
 
int start_task (const char *task_id, char **report_id)
 Start a task. More...
 
static int stop_osp_task (task_t task)
 Stop an OSP task. More...
 
int stop_task_internal (task_t task)
 Initiate stopping a task. More...
 
int stop_task (const char *task_id)
 Initiate stopping a task. More...
 
int resume_task (const char *task_id, char **report_id)
 Resume a task. More...
 
int move_task (const char *task_id, const char *slave_id)
 Reassign a task to another slave. More...
 
const char * credential_full_type (const char *abbreviation)
 Get the written-out name of an LSC Credential type. More...
 
static int get_osp_performance_string (scanner_t scanner, int start, int end, const char *titles, gchar **performance_str, gchar **error)
 Get a performance report from an OSP scanner. More...
 
static void get_fallback_report_string (GString *fallback_report)
 Get the fallback report as a string. More...
 
static int get_system_report_types (const char *required_type, gchar ***start, gchar ***types, const char *slave_id)
 Get system report types. More...
 
int init_system_report_type_iterator (report_type_iterator_t *iterator, const char *type, const char *slave_id)
 Initialise a system report type iterator. More...
 
void cleanup_report_type_iterator (report_type_iterator_t *iterator)
 Cleanup a report type iterator. More...
 
gboolean next_report_type (report_type_iterator_t *iterator)
 Increment a report type iterator. More...
 
const char * report_type_iterator_name (report_type_iterator_t *iterator)
 Return the name from a report type iterator. More...
 
const char * report_type_iterator_title (report_type_iterator_t *iterator)
 Return the title from a report type iterator. More...
 
void parse_performance_params (const char *duration, const char *start_time, const char *end_time, time_t *param_1, time_t *param_2, int *params_count)
 Generate params for gvmcg or OSP get_performance. More...
 
int manage_system_report (const char *name, const char *duration, const char *start_time, const char *end_time, const char *slave_id, char **report)
 Get a system report. More...
 
void manage_auth_allow_all (int scheduled)
 Ensure that any subsequent authentications succeed. More...
 
const gchar * get_scheduled_user_uuid ()
 Access UUID of user that scheduled the current task. More...
 
void set_scheduled_user_uuid (const gchar *user_uuid)
 Set UUID of user that scheduled the current task. The previous value is freed and a copy of the UUID is created. More...
 
static scheduled_task_tscheduled_task_new (const gchar *task_uuid, const gchar *owner_uuid, const gchar *owner_name)
 Create a schedule task structure. More...
 
static void scheduled_task_free (scheduled_task_t *scheduled_task)
 Set UUID of user that scheduled the current task. More...
 
static int scheduled_task_start (scheduled_task_t *scheduled_task, manage_connection_forker_t fork_connection, sigset_t *sigmask_current)
 Start a task, for the scheduler. More...
 
static int scheduled_task_stop (scheduled_task_t *scheduled_task, manage_connection_forker_t fork_connection, sigset_t *sigmask_current)
 Stop a task, for the scheduler. More...
 
gboolean feed_sync_required ()
 Check if a feed sync is needed without acquiring the feed lock. More...
 
void manage_sync (sigset_t *sigmask_current, int(*fork_update_nvt_cache)(), gboolean try_gvmd_data_sync)
 Perform any syncing that is due. More...
 
int manage_rebuild_gvmd_data_from_feed (const char *types, GSList *log_config, const db_conn_info_t *database, gchar **error_msg)
 Rebuild configs, port lists and report formats from feed. More...
 
int manage_schedule (manage_connection_forker_t fork_connection, gboolean run_tasks, sigset_t *sigmask_current)
 Schedule any actions that are due. More...
 
int get_schedule_timeout ()
 Get the current schedule timeout. More...
 
void set_schedule_timeout (int new_timeout)
 Set the schedule timeout. More...
 
void buffer_config_preference_xml (GString *, iterator_t *, config_t, int)
 Buffer XML for the NVT preference of a config. More...
 
static char * get_cpe_filename ()
 Return the path to the CPE dictionary. More...
 
static char * get_cve_filename (char *item_id)
 Compute the filename where a given CVE can be found. More...
 
static char * get_cert_bund_adv_filename (char *item_id)
 Compute the filename where a given CERT-Bund Advisory can be found. More...
 
static char * get_dfn_cert_adv_filename (char *item_id)
 Compute the filename where a given DFN-CERT Advisory can be found. More...
 
static gchar * xsl_transform (gchar *stylesheet, gchar *xmlfile, gchar **param_names, gchar **param_values)
 Run xsltproc in an external process. More...
 
gchar * get_nvt_xml (iterator_t *nvts, int details, int pref_count, int preferences, const char *timeout, config_t config, int close_tag)
 Create and return XML description for an NVT. More...
 
const char * manage_scap_update_time ()
 GET SCAP update time, as a string. More...
 
int manage_read_info (gchar *type, gchar *uid, gchar *name, gchar **result)
 Read raw information. More...
 
int validate_username (const gchar *name)
 Validates a username. More...
 

Variables

static gchar * broker_address = NULL
 Address of the broker used for publish-subscribe messaging (MQTT).
 
static gchar * feed_lock_path = NULL
 Path to the feed lock file.
 
static int feed_lock_timeout = 0
 Number of seconds to wait for the feed lock to be released.
 
static gchar * relay_mapper_path = NULL
 Path to the relay mapper executable, NULL to disable relays.
 
static int relay_migrate_sensors = 0
 Whether to migrate sensors if relays do not match.
 
static int schedule_timeout = SCHEDULE_TIMEOUT_DEFAULT
 Number of minutes before overdue tasks timeout.
 
static int scanner_connection_retry = SCANNER_CONNECTION_RETRY_DEFAULT
 Default number of auto retries if scanner connection is lost in a running task.
 
credentials_t current_credentials
 Current credentials during any GMP command.
 
task_t current_scanner_task = (task_t) 0
 The task currently running on the scanner.
 
report_t global_current_report = (report_t) 0
 The report of the current task.
 
int authenticate_allow_all = 0
 Flag for manage_auth_allow_all. More...
 
static gchar * schedule_user_uuid = NULL
 UUID of user whose scheduled task is to be started (in connection with authenticate_allow_all).
 

Detailed Description

The Greenbone Vulnerability Manager management layer.

This file defines a management layer, for implementing Managers such as the Greenbone Vulnerability Manager daemon.

This layer provides facilities for storing and manipulating user data (credentials, targets, tasks, reports, schedules, roles, etc) and general security data (NVTs, CVEs, etc). Task manipulation includes controlling external facilities such as OSP scanners.

Simply put, the daemon's GMP implementation uses this layer to do the work.

Macro Definition Documentation

◆ _GNU_SOURCE

#define _GNU_SOURCE

Enable extra GNU functions.

pthread_sigmask () needs this with glibc < 2.19

◆ _XOPEN_SOURCE

#define _XOPEN_SOURCE

Enable extra functions.

time.h in glibc2 needs this for strptime.

◆ CERT_BUND_ADV_FILENAME_FMT

#define CERT_BUND_ADV_FILENAME_FMT   GVM_CERT_DATA_DIR "/CB-K%02d.xml"

CERT-Bund data files location format string.

d should be the year without the century (expressed as YY),

◆ CVE_FILENAME_FMT

#define CVE_FILENAME_FMT   GVM_SCAP_DATA_DIR "/nvdcve-2.0-%d.xml"

CVE data files location format string.

d should be the year expressed as YYYY.

◆ DEF

#define DEF (   x)
Value:
const char* x = nvt_iterator_ ## x (nvts); \
gchar* x ## _text = x \
? g_markup_escape_text (x, -1) \
: g_strdup ("");

Define a code snippet for get_nvti_xml.

Parameters
xPrefix for names in snippet.

◆ DFN_CERT_ADV_FILENAME_FMT

#define DFN_CERT_ADV_FILENAME_FMT   GVM_CERT_DATA_DIR "/dfn-cert-%04d.xml"

DFN-CERT data files location format string.

First d should be the year expressed as YYYY, second d should be should be Month expressed as MM.

◆ FALLBACK_SYSTEM_REPORT_HEADER

#define FALLBACK_SYSTEM_REPORT_HEADER
Value:
"This is the most basic, fallback report. The system can be configured to\n" \
"produce more powerful reports. Please contact your system administrator\n" \
"for more information.\n\n"

Header for fallback system report.

◆ REBUILD_SWITCH

#define REBUILD_SWITCH (   type)
Value:
switch (ret) \
{ \
case 0: \
g_message ("Rebuilt %s from feed.", type); \
break; \
case 1: \
if (error_msg) \
*error_msg = g_strdup_printf ("No %s feed directory.", \
type); \
return -1; \
case 2: \
if (error_msg) \
*error_msg = g_strdup_printf ("Feed owner not set or invalid" \
" while rebuilding %s.", \
type); \
return -1; \
case 3: \
if (error_msg) \
*error_msg = g_strdup_printf ("NVTs must be available" \
" while rebuilding %s.", \
type); \
return -1; \
default: \
if (error_msg) \
*error_msg = g_strdup_printf ("Internal error" \
" while rebuilding %s.", \
type); \
return -1; \
}

Adds a switch statement for handling the return value of a gvmd data rebuild.

Parameters
typeThe type as a description string, e.g. "port lists"

Function Documentation

◆ add_user_scan_preferences()

static void add_user_scan_preferences ( GHashTable *  scanner_options)
static

Add OSP preferences for limiting hosts for users.

Parameters
[in]scanner_optionsThe scanner preferences table to add to.

◆ alert_condition_description()

gchar* alert_condition_description ( alert_condition_t  condition,
alert_t  alert 
)

Get a description of an alert condition.

Parameters
[in]conditionCondition.
[in]alertAlert.
Returns
Freshly allocated description of condition.

◆ alert_condition_from_name()

alert_condition_t alert_condition_from_name ( const char *  name)

Get an alert condition from a name.

Parameters
[in]nameCondition name.
Returns
The condition.

◆ alert_condition_name()

const char* alert_condition_name ( alert_condition_t  condition)

Get the name of an alert condition.

Parameters
[in]conditionCondition.
Returns
The name of the condition (for example, "Always").

◆ alert_method_from_name()

alert_method_t alert_method_from_name ( const char *  name)

Get an alert method from a name.

Parameters
[in]nameMethod name.
Returns
The method.

◆ alert_method_name()

const char* alert_method_name ( alert_method_t  method)

Get the name of an alert method.

Parameters
[in]methodMethod.
Returns
The name of the method (for example, "Email" or "SNMP").

◆ alert_report_data_free()

void alert_report_data_free ( alert_report_data_t data)

Frees a alert_report_data_t struct, including contained data.

Parameters
[in]dataThe struct to free.

◆ alert_report_data_reset()

void alert_report_data_reset ( alert_report_data_t data)

Frees content of an alert_report_data_t, but not the struct itself.

Parameters
[in]dataThe struct to free.

◆ buffer_config_preference_xml()

void buffer_config_preference_xml ( GString *  buffer,
iterator_t prefs,
config_t  config,
int  hide_passwords 
)

Buffer XML for the NVT preference of a config.

Parameters
[in]bufferBuffer.
[in]prefsNVT preference iterator.
[in]configConfig.
[in]hide_passwordsWhether to hide passwords.

◆ certificate_iso_time()

gchar* certificate_iso_time ( time_t  time)

Converts a certificate time to an ISO time string.

Parameters
[in]timeThe time as a time_t.
Returns
Newly allocated string.

◆ certificate_time_status()

const gchar* certificate_time_status ( time_t  activates,
time_t  expires 
)

Tests the activation and expiration time of a certificate.

Parameters
[in]activatesActivation time.
[in]expiresExpiration time.
Returns
Static status string.

◆ check_available()

static int check_available ( const gchar *  type,
resource_t  resource,
const gchar *  permission 
)
static

Check whether a resource is available.

Parameters
[in]typeType.
[out]resourceResource.
[out]permissionPermission required for this operation.
Returns
0 success, -1 error, 99 permission denied.

◆ cleanup_report_type_iterator()

void cleanup_report_type_iterator ( report_type_iterator_t iterator)

Cleanup a report type iterator.

Parameters
[in]iteratorIterator.

◆ cleanup_severity_data()

void cleanup_severity_data ( severity_data_t data)

Clean up a severity data structure.

Parameters
[in]dataThe data structure to initialize.

◆ credential_full_type()

const char* credential_full_type ( const char *  abbreviation)

Get the written-out name of an LSC Credential type.

Parameters
[in]abbreviationThe type abbreviation.
Returns
The written-out type name.

◆ cve_scan_host()

static int cve_scan_host ( task_t  task,
report_t  report,
gvm_host_t *  gvm_host 
)
static

Perform a CVE "scan" on a host.

Parameters
[in]taskTask.
[in]reportThe report to add the host, results and details to.
[in]gvm_hostHost.
Returns
0 success, 1 failed to get nthlast report for a host.

◆ delete_osp_scan()

static void delete_osp_scan ( const char *  report_id,
const char *  host,
int  port,
const char *  ca_pub,
const char *  key_pub,
const char *  key_priv 
)
static

Delete an OSP scan.

Parameters
[in]report_idReport ID.
[in]hostScanner host.
[in]portScanner port.
[in]ca_pubCA Certificate.
[in]key_pubCertificate.
[in]key_privPrivate key.

◆ delete_reports()

int delete_reports ( task_t  task)

Delete all the reports for a task.

It's up to the caller to ensure that this runs in a contention safe context (for example within an SQL transaction).

Parameters
[in]taskA task descriptor.
Returns
0 on success, -1 on error.

◆ event_description()

gchar* event_description ( event_t  event,
const void *  event_data,
const char *  task_name 
)

Get a description of an alert event.

Parameters
[in]eventEvent.
[in]event_dataEvent data.
[in]task_nameName of task if required in description, else NULL.
Returns
Freshly allocated description of event.

◆ event_from_name()

event_t event_from_name ( const char *  name)

Get an event from a name.

Parameters
[in]nameEvent name.
Returns
The event.

◆ event_name()

const char* event_name ( event_t  event)

Get the name of an alert event.

Parameters
[in]eventEvent.
Returns
The name of the event (for example, "Run status changed").

◆ feed_sync_required()

gboolean feed_sync_required ( )

Check if a feed sync is needed without acquiring the feed lock.

Returns
TRUE if a feed sync is needed, FALSE otherwise.

◆ fork_cve_scan_handler()

static int fork_cve_scan_handler ( task_t  task,
target_t  target 
)
static

Fork a child to handle a CVE scan's calculating and inserting.

A process is forked to run the task, but the forked process never returns.

Parameters
[in]taskThe task.
[in]targetThe target.
Returns
0 success, -1 error, -9 failed to fork.

◆ fork_osp_scan_handler()

static int fork_osp_scan_handler ( task_t  task,
target_t  target,
int  from,
char **  report_id_return 
)
static

Fork a child to handle an OSP scan's fetching and inserting.

Parameters
[in]taskThe task.
[in]targetThe target.
[in]from0 start from beginning, 1 continue from stopped, 2 continue if stopped else start from beginning.
[out]report_id_returnUUID of the report.
Returns
Parent returns with 0 if success, -1 if failure. Child process doesn't return and simply exits.

◆ get_cert_bund_adv_filename()

static char* get_cert_bund_adv_filename ( char *  item_id)
static

Compute the filename where a given CERT-Bund Advisory can be found.

Parameters
[in]item_idCERT-Bund identifier without version ("CB-K??/????").
Returns
A dynamically allocated string (to be g_free'd) containing the path to the desired file or NULL on error.

◆ get_certificate_info()

int get_certificate_info ( const gchar *  certificate,
gssize  certificate_len,
time_t *  activation_time,
time_t *  expiration_time,
gchar **  md5_fingerprint,
gchar **  sha256_fingerprint,
gchar **  subject,
gchar **  issuer,
gchar **  serial,
gnutls_x509_crt_fmt_t *  certificate_format 
)

Gathers info from a certificate.

Parameters
[in]certificateThe certificate to get data from.
[in]certificate_lenLength of certificate, -1: null-terminated
[out]activation_timePointer to write activation time to.
[out]expiration_timePointer to write expiration time to.
[out]md5_fingerprintPointer for newly allocated MD5 fingerprint.
[out]sha256_fingerprintPointer for newly allocated SHA-256 fingerprint.
[out]subjectPointer for newly allocated subject DN.
[out]issuerPointer for newly allocated issuer DN.
[out]serialPointer for newly allocated serial.
[out]certificate_formatPointer to certificate format.
Returns
0 success, -1 error.

◆ get_cpe_filename()

static char* get_cpe_filename ( )
static

Return the path to the CPE dictionary.

Returns
A dynamically allocated string (to be g_free'd) containing the path to the desired file.

◆ get_cve_filename()

static char* get_cve_filename ( char *  item_id)
static

Compute the filename where a given CVE can be found.

Parameters
[in]item_idFull CVE identifier ("CVE-YYYY-ZZZZ").
Returns
A dynamically allocated string (to be g_free'd) containing the path to the desired file or NULL on error.

◆ get_dfn_cert_adv_filename()

static char* get_dfn_cert_adv_filename ( char *  item_id)
static

Compute the filename where a given DFN-CERT Advisory can be found.

Parameters
[in]item_idFull DFN-CERT identifier ("DFN-CERT-YYYY-ZZZZ").
Returns
A dynamically allocated string (to be g_free'd) containing the path to the desired file or NULL on error.

◆ get_fallback_report_string()

static void get_fallback_report_string ( GString *  fallback_report)
static

Get the fallback report as a string.

Parameters
[in]fallback_reportThe string for the fallback report.

◆ get_nvt_xml()

gchar* get_nvt_xml ( iterator_t nvts,
int  details,
int  pref_count,
int  preferences,
const char *  timeout,
config_t  config,
int  close_tag 
)

Create and return XML description for an NVT.

Parameters
[in]nvtsThe NVT.
[in]detailsIf true, detailed XML, else simple XML.
[in]pref_countPreference count. Used if details is true.
[in]preferencesIf true, included preferences.
[in]timeoutTimeout. Used if details is true.
[in]configConfig, used if preferences is true.
[in]close_tagWhether to close the NVT tag or not.
Returns
A dynamically allocated string containing the XML description.

◆ get_osp_performance_string()

static int get_osp_performance_string ( scanner_t  scanner,
int  start,
int  end,
const char *  titles,
gchar **  performance_str,
gchar **  error 
)
static

Get a performance report from an OSP scanner.

Parameters
[in]scannerThe scanner to get the performance report from.
[in]startThe start time of the performance report.
[in]endThe end time of the performance report.
[in]titlesThe end titles for the performance report.
[in]performance_strThe performance string.
Returns
0 if successful, 6 could not connect to scanner or failed to get performance report

◆ get_osp_scan_report()

static int get_osp_scan_report ( const char *  scan_id,
const char *  host,
int  port,
const char *  ca_pub,
const char *  key_pub,
const char *  key_priv,
int  details,
int  pop_results,
char **  report_xml 
)
static

Get an OSP scan's report.

Parameters
[in]scan_idScan ID.
[in]hostScanner host.
[in]portScanner port.
[in]ca_pubCA Certificate.
[in]key_pubCertificate.
[in]key_privPrivate key.
[in]details1 for detailed report, 0 otherwise.
[in]pop_results1 to pop results, 0 to leave results intact.
[out]report_xmlScan report.
Returns
-1 on connection error, -2 on fail to find scan, progress value between 0 and 100 on success.

◆ get_osp_scan_status()

static osp_scan_status_t get_osp_scan_status ( const char *  scan_id,
const char *  host,
int  port,
const char *  ca_pub,
const char *  key_pub,
const char *  key_priv 
)
static

Get an OSP scan's status.

Parameters
[in]scan_idScan ID.
[in]hostScanner host.
[in]portScanner port.
[in]ca_pubCA Certificate.
[in]key_pubCertificate.
[in]key_privPrivate key.
Returns
0 in success, -1 otherwise.

◆ get_relay_info_entity()

static int get_relay_info_entity ( const char *  original_host,
int  original_port,
const char *  protocol,
entity_t *  ret_entity 
)
static

Gets the info about a scanner relay as an XML entity_t.

Parameters
[in]original_hostThe original hostname or IP address.
[in]original_portThe original port number.
[in]protocolThe protocol to look for, e.g. "GMP" or "OSP".
[out]ret_entityReturn location for the parsed XML.
Returns
0: success, -1 error.

◆ get_relay_mapper_path()

const char* get_relay_mapper_path ( )

Gets the current path of the relay mapper executable.

Returns
The current relay mapper path.

◆ get_relay_migrate_sensors()

int get_relay_migrate_sensors ( )

Gets whether to migrate sensors if relays do not match.

Returns
Whether to migrate sensors if relays do not match.

◆ get_scanner_connection_retry()

int get_scanner_connection_retry ( )

Get the number of retries on a scanner connection lost.

Returns
The number of retries on a scanner connection lost.

◆ get_schedule_timeout()

int get_schedule_timeout ( )

Get the current schedule timeout.

Returns
The schedule timeout in minutes.

◆ get_scheduled_user_uuid()

const gchar* get_scheduled_user_uuid ( )

Access UUID of user that scheduled the current task.

Returns
UUID of user that scheduled the current task.

◆ get_system_report_types()

static int get_system_report_types ( const char *  required_type,
gchar ***  start,
gchar ***  types,
const char *  slave_id 
)
static

Get system report types.

Parameters
[in]required_typeSingle type to limit types to.
[out]typesTypes on success.
[out]startActual start of types, which caller must free.
[out]slave_idID of slave.
Returns
0 if successful, 1 failed to find report type, 2 failed to find slave, 3 serving the fallback, 4 could not connect to slave, 5 authentication failed, 6 failed to get system report, -1 otherwise.

◆ handle_osp_scan()

static int handle_osp_scan ( task_t  task,
report_t  report,
const char *  scan_id 
)
static

Handle an ongoing OSP scan, until success or failure.

Parameters
[in]taskThe task.
[in]reportThe report.
[in]scan_idThe UUID of the scan on the scanner.
Returns
0 if success, -1 if error, -2 if scan was stopped, -3 if the scan was interrupted, -4 already stopped.

◆ init_severity_data()

void init_severity_data ( severity_data_t data)

Initialize a severity data structure.

Parameters
[in]dataThe data structure to initialize.

◆ init_system_report_type_iterator()

int init_system_report_type_iterator ( report_type_iterator_t iterator,
const char *  type,
const char *  slave_id 
)

Initialise a system report type iterator.

Parameters
[in]iteratorIterator.
[in]typeSingle report type to iterate over, NULL for all.
[in]slave_idID of slave to get reports from. 0 for local.
Returns
0 on success, 1 failed to find report type, 2 failed to find slave, 3 used the fallback report, 4 could not connect to slave, 5 authentication failed, 6 failed to get system report, 99 permission denied, -1 on error.

◆ launch_osp_openvas_task()

static int launch_osp_openvas_task ( task_t  task,
target_t  target,
const char *  scan_id,
int  from,
char **  error 
)
static

Launch an OpenVAS via OSP task.

Parameters
[in]taskThe task.
[in]targetThe target.
[in]scan_idThe scan uuid.
[in]from0 start from beginning, 1 continue from stopped, 2 continue if stopped else start from beginning.
[out]errorError return.
Returns
0 success, -1 if scanner is down.

◆ manage_auth_allow_all()

void manage_auth_allow_all ( int  scheduled)

Ensure that any subsequent authentications succeed.

Parameters
[in]scheduledWhether this is happening from the scheduler.

◆ manage_read_info()

int manage_read_info ( gchar *  type,
gchar *  uid,
gchar *  name,
gchar **  result 
)

Read raw information.

Parameters
[in]typeType of the requested information.
[in]uidUnique identifier of the requested information
[in]nameName or identifier of the requested information.
[out]resultPointer to the read information location. Will point to NULL on error.
Returns
1 success, -1 error.

◆ manage_rebuild_gvmd_data_from_feed()

int manage_rebuild_gvmd_data_from_feed ( const char *  types,
GSList *  log_config,
const db_conn_info_t database,
gchar **  error_msg 
)

Rebuild configs, port lists and report formats from feed.

Parameters
[in]typesComma-separated lists of types to rebuild or "all".
[in]log_configLogging configuration list.
[in]databaseConnection info for manage database.
[out]error_msgError message.
Returns
0 success, -1 failed.

◆ manage_scap_update_time()

const char* manage_scap_update_time ( )

GET SCAP update time, as a string.

Returns
Last update time as a static string, or "" on error.

◆ manage_schedule()

int manage_schedule ( manage_connection_forker_t  fork_connection,
gboolean  run_tasks,
sigset_t *  sigmask_current 
)

Schedule any actions that are due.

In gvmd, periodically called from the main daemon loop.

Parameters
[in]fork_connectionFunction that forks a child which is connected to the Manager. Must return PID in parent, 0 in child, or -1 on error.
[in]run_tasksWhether to run scheduled tasks.
[in]sigmask_currentSigmask to restore in child.
Returns
0 success, 1 failed to get lock, -1 error.

◆ manage_sync()

void manage_sync ( sigset_t *  sigmask_current,
int(*)()  fork_update_nvt_cache,
gboolean  try_gvmd_data_sync 
)

Perform any syncing that is due.

In gvmd, periodically called from the main daemon loop.

Parameters
[in]sigmask_currentSigmask to restore in child.
[in]fork_update_nvt_cacheFunction that forks a child that syncs the NVTS. Child does not return.
[in]try_gvmd_data_syncWhether to try to sync gvmd data objects.

◆ manage_system_report()

int manage_system_report ( const char *  name,
const char *  duration,
const char *  start_time,
const char *  end_time,
const char *  slave_id,
char **  report 
)

Get a system report.

Parameters
[in]nameName of report.
[in]durationTime range of report, in seconds.
[in]start_timeTime of first data point in report.
[in]end_timeTime of last data point in report.
[in]slave_idID of slave to get report from. 0 for local.
[out]reportOn success, report in base64 if such a report exists else NULL. Arbitrary on error.
Returns
0 if successful (including failure to find report), -1 on error, 2 could not find slave scanner, 3 if used the fallback report or got an error message to print

◆ move_task()

int move_task ( const char *  task_id,
const char *  slave_id 
)

Reassign a task to another slave.

Parameters
[in]task_idUUID of task.
[in]slave_idUUID of slave.
Returns
0 success, 2 task not found, 3 slave not found, 4 slaves not supported by scanner, 5 task cannot be stopped currently, 6 scanner does not allow stopping, 7 new scanner does not support slaves, 98 stop and resume permission denied, 99 permission denied, -1 error.

◆ next_report_type()

gboolean next_report_type ( report_type_iterator_t iterator)

Increment a report type iterator.

The caller must stop using this after it returns FALSE.

Parameters
[in]iteratorTask iterator.
Returns
TRUE if there was a next item, else FALSE.

◆ parse_performance_params()

void parse_performance_params ( const char *  duration,
const char *  start_time,
const char *  end_time,
time_t *  param_1,
time_t *  param_2,
int *  params_count 
)

Generate params for gvmcg or OSP get_performance.

Parameters
[in]durationThe duration as a string
[in]start_timeThe start time as a string
[in]end_timeThe end time as a string
[out]param_1Output of the first parameter (start or duration)
[out]param_2Output of the second parameter (end time)
[out]params_countThe number of valid parameters

◆ prepare_osp_scan_for_resume()

static int prepare_osp_scan_for_resume ( task_t  task,
const char *  scan_id,
char **  error 
)
static

Prepare a report for resuming an OSP scan.

Parameters
[in]taskThe task of the scan.
[in]scan_idThe scan uuid.
[out]errorError return.
Returns
0 scan finished or still running, 1 scan must be started, -1 error

◆ relay_supports_scanner_type()

gboolean relay_supports_scanner_type ( const char *  original_host,
int  original_port,
scanner_type_t  type 
)

Gets whether there is a relay supporting the scanner type.

Parameters
[in]original_hostThe original hostname or IP address.
[in]original_portThe original port number.
[in]typeThe scanner type to check.
Returns
Whether there is a relay supporting the scanner type.

◆ report_results_filter_term()

static gchar* report_results_filter_term ( int  first,
int  rows,
int  apply_overrides,
int  min_qod 
)
static

Create a basic filter term to get report results.

Parameters
[in]firstFirst row.
[in]rowsNumber of rows.
[in]apply_overridesWhether to apply overrides.
[in]min_qodMinimum QOD.
Returns
Filter term.

◆ report_results_get_data()

get_data_t* report_results_get_data ( int  first,
int  rows,
int  apply_overrides,
int  min_qod 
)

Create a new basic get_data_t struct to get report results.

Parameters
[in]firstFirst row.
[in]rowsNumber of rows.
[in]apply_overridesWhether to apply overrides.
[in]min_qodMinimum QOD.
Returns
GET data struct.

◆ report_type_iterator_name()

const char* report_type_iterator_name ( report_type_iterator_t iterator)

Return the name from a report type iterator.

Parameters
[in]iteratorIterator.
Returns
Name.

◆ report_type_iterator_title()

const char* report_type_iterator_title ( report_type_iterator_t iterator)

Return the title from a report type iterator.

Parameters
[in]iteratorIterator.
Returns
Title.

◆ resume_task()

int resume_task ( const char *  task_id,
char **  report_id 
)

Resume a task.

A process will be forked to handle the task, but the forked process will never return.

Parameters
[in]task_idTask UUID.
[out]report_idIf successful, ID of the resultant report.
Returns
1 task is active already, 3 failed to find task, 4 resuming task not supported, 22 caller error (task must be in "stopped" or "interrupted" state), 99 permission denied, -1 error, -2 task is missing a target, -3 creating the report failed, -4 target missing hosts, -6 already a task running in this process, -9 fork failed.

◆ run_cve_task()

static int run_cve_task ( task_t  task)
static

Start a CVE task.

Parameters
[in]taskThe task.
Returns
0 success, 99 permission denied, -1 error, -9 failed to fork.

◆ run_osp_scan_get_report()

static int run_osp_scan_get_report ( task_t  task,
int  from,
char **  report_id 
)
static

Get the last stopped report or a new one for an OSP scan.

Parameters
[in]taskThe task.
[in]from0 start from beginning, 1 continue from stopped, 2 continue if stopped else start from beginning.
[out]report_idUUID of the report.
Returns
0 success, -1 error

◆ run_osp_task()

static int run_osp_task ( task_t  task,
int  from,
char **  report_id 
)
static

Start a task on an OSP or OpenVAS via OSP scanner.

Parameters
[in]taskThe task.
[in]from0 start from beginning, 1 continue from stopped, 2 continue if stopped else start from beginning.
[out]report_idThe report ID.
Returns
0 success, 99 permission denied, -1 error.

◆ run_status_name()

const char* run_status_name ( task_status_t  status)

Get the name of a run status.

Parameters
[in]statusRun status.
Returns
The name of the status (for example, "Done" or "Running").

◆ run_status_name_internal()

const char* run_status_name_internal ( task_status_t  status)

Get the unique name of a run status.

Parameters
[in]statusRun status.
Returns
The name of the status (for example, "Done" or "Running").

◆ run_task()

static int run_task ( const char *  task_id,
char **  report_id,
int  from 
)
static

Start or resume a task.

A process will be forked to handle the task, but the forked process will never return.

Parameters
[in]task_idThe task ID.
[out]report_idThe report ID.
[in]from0 start from beginning, 1 continue from stopped, 2 continue if stopped else start from beginning.
Returns
1 task is active already, 3 failed to find task, 4 resuming task not supported, 99 permission denied, -1 error, -2 task is missing a target, -3 creating the report failed, -4 target missing hosts, -6 already a task running in this process, -9 fork failed.

◆ scanner_type_valid()

int scanner_type_valid ( scanner_type_t  scanner_type)

Check if a scanner type is valid.

Parameters
[in]scanner_typeScanner type.
Returns
1 if valid, else 0.

◆ scheduled_task_free()

static void scheduled_task_free ( scheduled_task_t scheduled_task)
static

Set UUID of user that scheduled the current task.

Parameters
[in]scheduled_taskScheduled task.

◆ scheduled_task_new()

static scheduled_task_t* scheduled_task_new ( const gchar *  task_uuid,
const gchar *  owner_uuid,
const gchar *  owner_name 
)
static

Create a schedule task structure.

Parameters
[in]task_uuidUUID of task.
[in]owner_uuidUUID of owner.
[in]owner_nameName of owner.
Returns
Scheduled task structure.

◆ scheduled_task_start()

static int scheduled_task_start ( scheduled_task_t scheduled_task,
manage_connection_forker_t  fork_connection,
sigset_t *  sigmask_current 
)
static

Start a task, for the scheduler.

Parameters
[in]scheduled_taskScheduled task.
[in]fork_connectionFunction that forks a child which is connected to the Manager. Must return PID in parent, 0 in child, or -1 on error.
[in]sigmask_currentSigmask to restore in child.
Returns
0 success, -1 error. Child does not return.

◆ scheduled_task_stop()

static int scheduled_task_stop ( scheduled_task_t scheduled_task,
manage_connection_forker_t  fork_connection,
sigset_t *  sigmask_current 
)
static

Stop a task, for the scheduler.

Parameters
[in]scheduled_taskScheduled task.
[in]fork_connectionFunction that forks a child which is connected to the Manager. Must return PID in parent, 0 in child, or -1 on error.
[in]sigmask_currentSigmask to restore in child.
Returns
0 success, -1 error. Child does not return.

◆ set_relay_mapper_path()

void set_relay_mapper_path ( const char *  new_path)

Gets the current path of the relay mapper executable.

Parameters
[in]new_pathThe new relay mapper path.

◆ set_relay_migrate_sensors()

void set_relay_migrate_sensors ( int  new_value)

Sets whether to migrate sensors if relays do not match.

Parameters
[in]new_valueThe new value.

◆ set_scanner_connection_retry()

void set_scanner_connection_retry ( int  new_retry)

Set the number of retries on a scanner connection lost.

Parameters
new_retryThe number of retries on a scanner connection lost.

◆ set_schedule_timeout()

void set_schedule_timeout ( int  new_timeout)

Set the schedule timeout.

Parameters
new_timeoutThe new schedule timeout in minutes.

◆ set_scheduled_user_uuid()

void set_scheduled_user_uuid ( const gchar *  user_uuid)

Set UUID of user that scheduled the current task. The previous value is freed and a copy of the UUID is created.

Parameters
user_uuidUUID of user that scheduled the current task.

◆ set_task_interrupted()

void set_task_interrupted ( task_t  task,
const gchar *  message 
)

Set a task to interrupted.

Expects global_current_report to match the task.

Parameters
[in]taskTask
[in]messageMessage for error result.

◆ severity_data_add()

void severity_data_add ( severity_data_t severity_data,
double  severity 
)

Add a severity occurrence to the counts of a severity_data_t.

Parameters
[in]severity_dataThe severity count struct to add to.
[in]severityThe severity to add.

◆ severity_data_add_count()

void severity_data_add_count ( severity_data_t severity_data,
double  severity,
int  count 
)

Add a multiple severity occurrences to the counts of a severity_data_t.

Parameters
[in]severity_dataThe severity count struct to add to.
[in]severityThe severity to add.
[in]countThe number of occurrences to add.

◆ severity_data_index()

static int severity_data_index ( double  severity)
static

Convert a severity value into an index in the counts array.

Parameters
[in]severitySeverity value.
Returns
The index, 0 for invalid severity scores.

◆ severity_data_level_counts()

void severity_data_level_counts ( const severity_data_t severity_data,
int *  errors,
int *  false_positives,
int *  logs,
int *  lows,
int *  mediums,
int *  highs 
)

Count the occurrences of severities in the levels.

Parameters
[in]severity_dataThe severity counts data to evaluate.
[out]errorsThe number of error messages.
[out]false_positivesThe number of False Positives.
[out]logsThe number of Log messages.
[out]lowsThe number of Low severity results.
[out]mediumsThe number of Medium severity results.
[out]highsThe number of High severity results.

◆ severity_data_range_count()

static int severity_data_range_count ( const severity_data_t severity_data,
double  min_severity,
double  max_severity 
)
static

Calculate the total of severity counts in a range.

Parameters
[in]severity_dataThe severity data struct to get counts from.
[in]min_severityThe minimum severity included in the range.
[in]max_severityThe maximum severity included in the range.
Returns
The total of severity counts in the specified range.

◆ severity_data_value()

double severity_data_value ( int  index)

Convert an index in the counts array to a severity value.

Parameters
[in]indexIndex in the counts array.
Returns
The corresponding severity value.

◆ severity_in_level()

int severity_in_level ( double  severity,
const char *  level 
)

Check whether a severity falls within a threat level.

Parameters
[in]severitySeverity.
[in]levelThreat level.
Returns
1 if in level, else 0.

◆ severity_to_level()

const char* severity_to_level ( double  severity,
int  mode 
)

Get the threat level matching a severity score.

Parameters
[in]severityseverity score
[in]mode0 for normal levels, 1 to use "Alarm" for severity > 0.0
Returns
the level as a static string

◆ severity_to_type()

const char* severity_to_type ( double  severity)

Get the message type matching a severity score.

Parameters
[in]severityseverity score
Returns
the message type as a static string

◆ slave_get_relay()

int slave_get_relay ( const char *  original_host,
int  original_port,
const char *  original_ca_cert,
const char *  protocol,
gchar **  new_host,
int *  new_port,
gchar **  new_ca_cert 
)

Gets a relay hostname and port for a sensor scanner.

If no mapper is available, a copy of the original host, port and CA certificate are returned.

Parameters
[in]original_hostThe original hostname or IP address.
[in]original_portThe original port number.
[in]original_ca_certThe original CA certificate.
[in]protocolThe protocol to look for, e.g. "GMP" or "OSP".
[out]new_hostThe hostname or IP address of the relay.
[out]new_portThe port number of the relay.
[out]new_ca_certThe CA certificate of the relay.
Returns
0 success, 1 relay not found, -1 error.

◆ start_task()

int start_task ( const char *  task_id,
char **  report_id 
)

Start a task.

A process will be forked to handle the task, but the forked process will never return.

Parameters
[in]task_idThe task ID.
[out]report_idThe report ID.
Returns
1 task is active already, 3 failed to find task, 4 resuming task not supported, 99 permission denied, -1 error, -2 task is missing a target, -3 creating the report failed, -4 target missing hosts, -6 already a task running in this process, -9 fork failed.

◆ stop_osp_task()

static int stop_osp_task ( task_t  task)
static

Stop an OSP task.

Parameters
[in]taskThe task.
Returns
0 on success, else -1.

◆ stop_task()

int stop_task ( const char *  task_id)

Initiate stopping a task.

Parameters
[in]task_idTask UUID.
Returns
0 on success, 1 if stop requested, 3 failed to find task, 99 permission denied, -1 error.

◆ stop_task_internal()

int stop_task_internal ( task_t  task)

Initiate stopping a task.

Parameters
[in]taskTask.
Returns
0 on success, 1 if stop requested.

◆ target_osp_esxi_credential()

static osp_credential_t* target_osp_esxi_credential ( target_t  target)
static

Get the SMB credential of a target as an osp_credential_t.

Parameters
[in]targetThe target to get the credential from.
Returns
Pointer to a newly allocated osp_credential_t

◆ target_osp_smb_credential()

static osp_credential_t* target_osp_smb_credential ( target_t  target)
static

Get the SMB credential of a target as an osp_credential_t.

Parameters
[in]targetThe target to get the credential from.
Returns
Pointer to a newly allocated osp_credential_t

◆ target_osp_snmp_credential()

static osp_credential_t* target_osp_snmp_credential ( target_t  target)
static

Get the SMB credential of a target as an osp_credential_t.

Parameters
[in]targetThe target to get the credential from.
Returns
Pointer to a newly allocated osp_credential_t

◆ target_osp_ssh_credential()

static osp_credential_t* target_osp_ssh_credential ( target_t  target)
static

Get the SSH credential of a target as an osp_credential_t.

Parameters
[in]targetThe target to get the credential from.
Returns
Pointer to a newly allocated osp_credential_t

◆ threat_message_type()

const char* threat_message_type ( const char *  threat)

Get the message type of a threat.

Parameters
threatThreat.
Returns
Static message type name if threat names a threat, else NULL.

◆ truncate_certificate()

gchar* truncate_certificate ( const gchar *  certificate)

Truncate a certificate, removing extra data.

Parameters
[in]certificateThe certificate.
Returns
The truncated certificate as a newly allocated string or NULL.

◆ truncate_private_key()

gchar* truncate_private_key ( const gchar *  private_key)

Truncate a private key, removing extra data.

Parameters
[in]private_keyThe private key.
Returns
The truncated private key as a newly allocated string or NULL.

◆ truncate_text()

static void truncate_text ( gchar *  string,
size_t  max_len,
gboolean  xml,
const char *  suffix 
)
static

Truncates text to a maximum length, optionally appends a suffix.

Note: The string is modified in place instead of allocating a new one. With the xml option the function will avoid cutting the string in the middle of XML entities, but element tags will be ignored.

Parameters
[in,out]stringThe string to truncate.
[in]max_lenThe maximum length in bytes.
[in]xmlWhether to preserve XML entities.
[in]suffixThe suffix to append when the string is shortened.

◆ type_is_scap()

int type_is_scap ( const char *  type)

Check if a type is a SCAP type.

Parameters
[in]typeResource type.
Returns
Name of type.

◆ type_name()

const char* type_name ( const char *  type)

Return the name of a resource type.

Parameters
[in]typeResource type.
Returns
Name of type.

◆ type_name_plural()

const char* type_name_plural ( const char *  type)

Return the plural name of a resource type.

Parameters
[in]typeResource type.
Returns
Plural name of type.

◆ validate_username()

int validate_username ( const gchar *  name)

Validates a username.

Parameters
[in]nameThe name.
Returns
0 if the username is valid, 1 if not.

◆ xml_escape_text_truncated()

gchar* xml_escape_text_truncated ( const char *  string,
size_t  max_len,
const char *  suffix 
)

XML escapes text truncating to a maximum length with a suffix.

Note: The function will avoid cutting the string in the middle of XML entities.

Parameters
[in]stringThe string to truncate.
[in]max_lenThe maximum length in bytes.
[in]suffixThe suffix to append when the string is shortened.
Returns
Newly allocated string with XML escaped, truncated text.

◆ xsl_transform()

static gchar* xsl_transform ( gchar *  stylesheet,
gchar *  xmlfile,
gchar **  param_names,
gchar **  param_values 
)
static

Run xsltproc in an external process.

Parameters
[in]stylesheetXSL stylesheet to use.
[in]xmlfileXML file to process.
[in]param_namesNULL terminated array of stringparam names (can be NULL).
[in]param_valuesNULL terminated array of stringparam values (can be NULL).
Returns
A dynamically allocated (to be g_free'd) string containing the result of the operation of NULL on failure.

Variable Documentation

◆ authenticate_allow_all

int authenticate_allow_all = 0

Flag for manage_auth_allow_all.

Flag to force authentication to succeed.

1 if set via scheduler, 2 if set via event, else 0.