├── .clang-format ├── .codecov.yml ├── .devcontainer ├── Dockerfile └── devcontainer.json ├── .docker ├── build.Dockerfile ├── entrypoint.sh ├── prod.Dockerfile ├── setup-mta.sh └── start-gvmd.sh ├── .dockerignore ├── .gersemirc ├── .github ├── CODEOWNERS ├── build-dependencies.list ├── dependabot.yml ├── install-dependencies.sh ├── runtime-dependencies.list └── workflows │ ├── build-and-test.yml │ ├── build-docs.yml │ ├── changelog.yml │ ├── codeql-analysis-c.yml │ ├── container.yml │ ├── conventional-commits.yml │ ├── dependency-review.yml │ ├── release.yml │ └── sbom-upload.yml ├── .gitignore ├── .mergify.yml ├── CMakeLists.txt ├── CMakePresets.json ├── COPYING ├── INSTALL.md ├── README.md ├── VERSION.in ├── cliff.toml ├── cmake ├── FindPackageHandleStandardArgs.cmake ├── FindPackageMessage.cmake ├── FindPostgreSQL.cmake ├── GetGit.cmake └── SelectLibraryConfigurations.cmake ├── config ├── CMakeLists.txt ├── gvmd.logrotate.in └── gvmd.service.in ├── doc ├── CMakeLists.txt ├── Doxyfile.in ├── Doxyfile_full.in ├── Doxyfile_xml.in ├── about-cert-feed.txt ├── db-schema-documentation-HOWTO.md ├── example-gvm-manage-certs.conf.in ├── greenbone-certdata-sync.8 ├── greenbone-certdata-sync.8.xml ├── greenbone-scapdata-sync.8 ├── greenbone-scapdata-sync.8.xml ├── gvm-manage-certs.1 ├── gvmd.8 ├── gvmd.8.xml ├── gvmd.html ├── icalendar-schedules ├── report-format-HOWTO ├── user-scap-data-HOWTO └── vfire-data-xml.rnc ├── src ├── CMakeLists.txt ├── alert_methods │ ├── SCP │ │ └── alert │ ├── SMB │ │ └── alert │ ├── SNMP │ │ └── alert │ ├── Send │ │ └── alert │ ├── Sourcefire │ │ └── alert │ ├── TippingPoint │ │ ├── alert │ │ └── report-convert.py │ ├── vFire │ │ └── alert │ └── verinice │ │ └── alert ├── debug_utils.c ├── debug_utils.h ├── gmp.c ├── gmp.h ├── gmp_base.c ├── gmp_base.h ├── gmp_configs.c ├── gmp_configs.h ├── gmp_delete.c ├── gmp_delete.h ├── gmp_get.c ├── gmp_get.h ├── gmp_license.c ├── gmp_license.h ├── gmp_logout.c ├── gmp_logout.h ├── gmp_port_lists.c ├── gmp_port_lists.h ├── gmp_report_configs.c ├── gmp_report_configs.h ├── gmp_report_formats.c ├── gmp_report_formats.h ├── gmp_tickets.c ├── gmp_tickets.h ├── gmp_tickets_tests.c ├── gmp_tls_certificates.c ├── gmp_tls_certificates.h ├── gmpd.c ├── gmpd.h ├── gvmd.c ├── gvmd.h ├── gvmd_log_conf.cmake_in ├── ipc.c ├── ipc.h ├── iterator.h ├── lsc_crypt.c ├── lsc_crypt.h ├── lsc_user.c ├── lsc_user.h ├── main.c ├── manage.c ├── manage.h ├── manage_acl.c ├── manage_acl.h ├── manage_alerts.c ├── manage_alerts.h ├── manage_authentication.c ├── manage_authentication.h ├── manage_commands.c ├── manage_commands.h ├── manage_configs.c ├── manage_configs.h ├── manage_events.c ├── manage_events.h ├── manage_filter_utils.c ├── manage_filter_utils.h ├── manage_get.c ├── manage_get.h ├── manage_license.c ├── manage_license.h ├── manage_migrators.c ├── manage_migrators_219_to_220_names.h ├── manage_pg.c ├── manage_pg_server.c ├── manage_port_lists.c ├── manage_port_lists.h ├── manage_preferences.c ├── manage_preferences.h ├── manage_report_configs.c ├── manage_report_configs.h ├── manage_report_formats.c ├── manage_report_formats.h ├── manage_resources.c ├── manage_resources.h ├── manage_settings.c ├── manage_settings.h ├── manage_sql.c ├── manage_sql.h ├── manage_sql_alerts.c ├── manage_sql_alerts.h ├── manage_sql_configs.c ├── manage_sql_configs.h ├── manage_sql_copy.c ├── manage_sql_copy.h ├── manage_sql_events.c ├── manage_sql_events.h ├── manage_sql_nvts.c ├── manage_sql_nvts.h ├── manage_sql_nvts_common.c ├── manage_sql_nvts_common.h ├── manage_sql_nvts_openvasd.c ├── manage_sql_nvts_openvasd.h ├── manage_sql_nvts_osp.c ├── manage_sql_nvts_osp.h ├── manage_sql_port_lists.c ├── manage_sql_port_lists.h ├── manage_sql_report_configs.c ├── manage_sql_report_configs.h ├── manage_sql_report_formats.c ├── manage_sql_report_formats.h ├── manage_sql_secinfo.c ├── manage_sql_secinfo.h ├── manage_sql_tests.c ├── manage_sql_tickets.c ├── manage_sql_tickets.h ├── manage_sql_tls_certificates.c ├── manage_sql_tls_certificates.h ├── manage_tasks.h ├── manage_tests.c ├── manage_tickets.h ├── manage_tls_certificates.c ├── manage_tls_certificates.h ├── manage_utils.c ├── manage_utils.h ├── manage_utils_tests.c ├── pwpolicy.conf ├── schema_formats │ ├── HTML │ │ ├── HTML.xsl │ │ └── generate │ ├── RNC │ │ ├── RNC.xsl │ │ └── generate │ ├── XML-brief │ │ ├── GMP.xsl │ │ └── generate │ ├── XML │ │ ├── GMP.xml.in │ │ └── generate │ └── rnc.xsl ├── sql.c ├── sql.h ├── sql_pg.c ├── theia_dummy.h ├── types.h ├── utils.c ├── utils.h ├── utils_tests.c └── wizards │ ├── delete_task_deep.xml │ ├── get_tasks_deep.xml │ ├── modify_task.xml │ ├── quick_auth_scan.xml │ ├── quick_first_scan.xml │ ├── quick_task.xml │ └── reset_task.xml └── tools ├── cert_bund_getbyname.xsl ├── cpe_getbyname.xsl ├── create-gvm-migrate-config ├── cve_getbyname.xsl ├── dfn_cert_getbyname.xsl ├── gvm-export-config ├── gvm-lsc-deb-creator ├── gvm-lsc-exe-creator ├── gvm-lsc-rpm-creator ├── gvm-manage-certs.in ├── gvm-migrate-config └── template.nsis /.clang-format: -------------------------------------------------------------------------------- 1 | # clang-format configuration for Greenbone C code 2 | # 3 | # Minimum required clang-format version: 6.0 4 | 5 | --- 6 | AlignAfterOpenBracket: Align 7 | AlignConsecutiveAssignments: 'false' 8 | AlignConsecutiveDeclarations: 'false' 9 | AlignEscapedNewlines: Left 10 | AlignOperands: 'true' 11 | AlignTrailingComments: 'true' 12 | AllowAllParametersOfDeclarationOnNextLine: 'false' 13 | AllowShortBlocksOnASingleLine: 'false' 14 | AllowShortCaseLabelsOnASingleLine: 'false' 15 | AllowShortFunctionsOnASingleLine: None 16 | AllowShortIfStatementsOnASingleLine: 'false' 17 | AllowShortLoopsOnASingleLine: 'false' 18 | AlwaysBreakAfterReturnType: All 19 | AlwaysBreakBeforeMultilineStrings: 'false' 20 | BinPackArguments: 'true' 21 | BinPackParameters: 'true' 22 | BreakBeforeBinaryOperators: NonAssignment 23 | BreakBeforeBraces: GNU 24 | BreakBeforeTernaryOperators: 'true' 25 | BreakStringLiterals: 'true' 26 | ColumnLimit: '80' 27 | ContinuationIndentWidth: '2' 28 | DerivePointerAlignment: 'false' 29 | IncludeBlocks: Regroup 30 | IndentCaseLabels: 'false' 31 | IndentWidth: '2' 32 | IndentWrappedFunctionNames: 'false' 33 | KeepEmptyLinesAtTheStartOfBlocks: 'false' 34 | Language: Cpp 35 | MaxEmptyLinesToKeep: '1' 36 | PointerAlignment: Right 37 | ReflowComments: 'true' 38 | SortIncludes: 'true' 39 | SpaceAfterCStyleCast: 'true' 40 | SpaceBeforeAssignmentOperators: 'true' 41 | SpaceBeforeParens: Always 42 | SpaceInEmptyParentheses: 'false' 43 | SpacesInCStyleCastParentheses: 'false' 44 | SpacesInParentheses: 'false' 45 | SpacesInSquareBrackets: 'false' 46 | UseTab: Never 47 | 48 | ... 49 | -------------------------------------------------------------------------------- /.codecov.yml: -------------------------------------------------------------------------------- 1 | comment: off 2 | -------------------------------------------------------------------------------- /.devcontainer/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM registry.community.greenbone.net/community/gvm-libs:edge 2 | 3 | ARG DEBIAN_FRONTEND=noninteractive 4 | ARG CGREEN_VERSION=1.6.2 5 | ARG CGREEN_HASH=fe6be434cbe280330420106bd5d667f1bc84ae9468960053100dbf17071036b9 6 | 7 | ARG USERNAME=dev 8 | ARG USER_UID=1000 9 | ARG USER_GID=$USER_UID 10 | 11 | # install dependencies 12 | RUN --mount=type=bind,source=.github,target=/source/ \ 13 | sh /source/install-dependencies.sh /source/build-dependencies.list 14 | RUN apt-get install -y --no-install-recommends \ 15 | clang-format 16 | 17 | # add non-root user 18 | RUN groupadd --gid $USER_GID $USERNAME \ 19 | && useradd --uid $USER_UID --gid $USER_GID -m $USERNAME -s /bin/bash \ 20 | && apt-get update \ 21 | && apt-get install -y --no-install-recommends sudo \ 22 | && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ 23 | && chmod 0440 /etc/sudoers.d/$USERNAME 24 | 25 | # install cgreen 26 | RUN curl -sSL -o cgreen.tar.gz https://github.com/cgreen-devs/cgreen/archive/refs/tags/$CGREEN_VERSION.tar.gz \ 27 | && echo "$CGREEN_HASH cgreen.tar.gz" | sha256sum -c - \ 28 | && tar -xzf cgreen.tar.gz \ 29 | && cd cgreen-* \ 30 | && cmake -Bbuild -DCMAKE_BUILD_TYPE=Release \ 31 | && cmake --build build -j$(nproc) -- install \ 32 | && ldconfig 33 | 34 | CMD ["/bin/bash"] 35 | -------------------------------------------------------------------------------- /.devcontainer/devcontainer.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "gvmd stable", 3 | "build": { 4 | "dockerfile": "Dockerfile", 5 | "context": ".." 6 | }, 7 | "remoteUser": "dev", 8 | "customizations": { 9 | "vscode": { 10 | "extensions": [ 11 | "ms-vscode.cpptools-extension-pack" 12 | ] 13 | } 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /.docker/build.Dockerfile: -------------------------------------------------------------------------------- 1 | # Define ARG we use through the build 2 | ARG GVM_LIBS_VERSION=oldstable 3 | 4 | # We want gvm-libs to be ready so we use the build docker image of gvm-libs 5 | FROM registry.community.greenbone.net/community/gvm-libs:${GVM_LIBS_VERSION} 6 | 7 | # This will make apt-get install without question 8 | ARG DEBIAN_FRONTEND=noninteractive 9 | 10 | # Redefine ARG we use through the build 11 | ARG VERSION 12 | 13 | WORKDIR /usr/local/src 14 | 15 | # Install Debian core dependencies required for building gvm with PostgreSQL 16 | # support and not yet installed as dependencies of gvm-libs-core 17 | RUN apt-get update && \ 18 | apt-get install -y --no-install-recommends \ 19 | build-essential \ 20 | cmake \ 21 | gcc \ 22 | libcjson-dev \ 23 | libglib2.0-dev \ 24 | libgnutls28-dev \ 25 | libpq-dev \ 26 | postgresql-server-dev-13 \ 27 | pkg-config \ 28 | libical-dev \ 29 | xsltproc \ 30 | libcgreen1-dev \ 31 | lcov \ 32 | libbsd-dev \ 33 | libgpgme-dev && \ 34 | rm -rf /var/lib/apt/lists/* 35 | 36 | RUN ldconfig 37 | -------------------------------------------------------------------------------- /.docker/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Copyright (C) 2022 Greenbone AG 3 | # 4 | # SPDX-License-Identifier: GPL-3.0-or-later 5 | # 6 | # This program is free software: you can redistribute it and/or modify 7 | # it under the terms of the GNU General Public License as published by 8 | # the Free Software Foundation, either version 3 of the License, or 9 | # (at your option) any later version. 10 | # 11 | # This program is distributed in the hope that it will be useful, 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | # GNU General Public License for more details. 15 | # 16 | # You should have received a copy of the GNU General Public License 17 | # along with this program. If not, see . 18 | 19 | #!/bin/bash 20 | 21 | . setup-mta 22 | exec gosu gvmd "$@" 23 | -------------------------------------------------------------------------------- /.docker/prod.Dockerfile: -------------------------------------------------------------------------------- 1 | ARG GVM_LIBS_VERSION=stable 2 | ARG DEBIAN_FRONTEND=noninteractive 3 | # when set it will added to the cmake command 4 | # As an example: 5 | # FEATURE_TOGGLES="-DOPENVASD=1" 6 | # enables openvasd feature toggle. 7 | ARG FEATURE_TOGGLE="" 8 | 9 | FROM registry.community.greenbone.net/community/gvm-libs:${GVM_LIBS_VERSION} AS builder 10 | ARG FEATURE_TOGGLE 11 | 12 | COPY . /source 13 | WORKDIR /source 14 | 15 | RUN sh /source/.github/install-dependencies.sh \ 16 | /source/.github/build-dependencies.list \ 17 | && rm -rf /var/lib/apt/lists/* 18 | 19 | RUN cmake -DCMAKE_BUILD_TYPE=Release -B/build /source && \ 20 | DESTDIR=/install cmake --build /build -j$(nproc) -- install 21 | 22 | FROM registry.community.greenbone.net/community/gvm-libs:${GVM_LIBS_VERSION} 23 | 24 | ARG DEBIAN_FRONTEND=noninteractive 25 | 26 | RUN --mount=type=bind,source=.github,target=/source/ \ 27 | sh /source/install-dependencies.sh /source/runtime-dependencies.list \ 28 | && rm -rf /var/lib/apt/lists/* 29 | 30 | COPY --from=builder /install/ / 31 | 32 | COPY .docker/start-gvmd.sh /usr/local/bin/start-gvmd 33 | COPY .docker/entrypoint.sh /usr/local/bin/entrypoint 34 | COPY .docker/setup-mta.sh /usr/local/bin/setup-mta 35 | 36 | RUN addgroup --gid 1001 --system gvmd && \ 37 | adduser --no-create-home --shell /bin/false --disabled-password --uid 1001 --system --group gvmd 38 | 39 | RUN mkdir -p /run/gvmd && \ 40 | mkdir -p /var/lib/gvm && \ 41 | mkdir -p /var/log/gvm && \ 42 | chown -R gvmd:gvmd /etc/gvm && \ 43 | chown -R gvmd:gvmd /run/gvmd && \ 44 | chown -R gvmd:gvmd /var/lib/gvm && \ 45 | chown -R gvmd:gvmd /var/log/gvm && \ 46 | chmod 755 /usr/local/bin/entrypoint && \ 47 | chmod 755 /usr/local/bin/start-gvmd 48 | 49 | ENTRYPOINT [ "/usr/local/bin/entrypoint" ] 50 | 51 | CMD [ "/usr/local/bin/start-gvmd" ] 52 | -------------------------------------------------------------------------------- /.docker/setup-mta.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Make any changes only when MTA_HOST has been set 4 | if [ -n "$MTA_HOST" ]; then 5 | echo "setting up configuration file for mail agent" 6 | CONFIG="/etc/msmtprc" 7 | echo "host $MTA_HOST" > $CONFIG 8 | [ -n "$MTA_PORT" ] && echo "port $MTA_PORT" >> $CONFIG 9 | [ -n "$MTA_TLS" ] && echo "tls $MTA_TLS" >> $CONFIG 10 | [ -n "$MTA_STARTTLS" ] && echo "tls_starttls $MTA_STARTTLS" >> $CONFIG 11 | [ -n "$MTA_TLS_CERTCHECK" ] && echo "tls_certcheck $MTA_TLS_CERTCHECK" >> $CONFIG 12 | [ -n "$MTA_AUTH" ] && echo "auth $MTA_AUTH" >> $CONFIG 13 | [ -n "$MTA_USER" ] && echo "user $MTA_USER" >> $CONFIG 14 | [ -n "$MTA_FROM" ] && echo "from $MTA_FROM" >> $CONFIG 15 | [ -n "$MTA_PASSWORD" ] && echo "password $MTA_PASSWORD" >> $CONFIG 16 | [ -n "$MTA_LOGFILE" ] && echo "logfile $MTA_LOGFILE" >> $CONFIG 17 | chown gvmd:mail $CONFIG 18 | chmod 750 $CONFIG 19 | fi 20 | -------------------------------------------------------------------------------- /.docker/start-gvmd.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Copyright (C) 2022 Greenbone AG 3 | # 4 | # SPDX-License-Identifier: GPL-3.0-or-later 5 | # 6 | # This program is free software: you can redistribute it and/or modify 7 | # it under the terms of the GNU General Public License as published by 8 | # the Free Software Foundation, either version 3 of the License, or 9 | # (at your option) any later version. 10 | # 11 | # This program is distributed in the hope that it will be useful, 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | # GNU General Public License for more details. 15 | # 16 | # You should have received a copy of the GNU General Public License 17 | # along with this program. If not, see . 18 | 19 | [ -z "$USER" ] && USER="admin" 20 | [ -z "$PASSWORD" ] && PASSWORD="admin" 21 | [ -z "$GVMD_ARGS" ] && GVMD_ARGS="-f --listen-mode=666" 22 | [ -z "$GVMD_USER" ] && GVMD_USER="gvmd" 23 | [ -z "$PGRES_DATA" ] && PGRES_DATA="/var/lib/postgresql" 24 | 25 | if [ -n "$GVM_CERTS" ] && [ "$GVM_CERTS" = true ]; then 26 | echo "Generating certs" 27 | gvm-manage-certs -a 28 | fi 29 | 30 | # check for psql connection 31 | FILE=$PGRES_DATA/started 32 | until test -f "$FILE"; do 33 | echo "waiting 1 second for ready postgres container" 34 | sleep 1 35 | done 36 | until psql -U "$GVMD_USER" -d gvmd -c "SELECT 'connected' as connection"; do 37 | echo "waiting 1 second to retry psql connection" 38 | sleep 1 39 | done 40 | 41 | # migrate db if necessary 42 | gvmd --migrate || true 43 | 44 | gvmd --create-user=$USER --password=$PASSWORD || true 45 | 46 | # set the feed import owner 47 | uid=$(gvmd --get-users --verbose | grep "^$USER " | awk '{print $2}') 48 | gvmd --modify-setting 78eceaec-3385-11ea-b237-28d24461215b --value "$uid" 49 | 50 | echo "starting gvmd" 51 | gvmd $GVMD_ARGS || 52 | (echo "Starting gvmd failed" && exit 1) -------------------------------------------------------------------------------- /.dockerignore: -------------------------------------------------------------------------------- 1 | .git 2 | .vscode 3 | build 4 | -------------------------------------------------------------------------------- /.gersemirc: -------------------------------------------------------------------------------- 1 | indent: 2 2 | definitions: [./cmake/] 3 | -------------------------------------------------------------------------------- /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | # default reviewers 2 | * @greenbone/gea @greenbone/team-matt 3 | 4 | # dev ops 5 | .github/ @greenbone/devops @greenbone/gea @greenbone/team-matt 6 | .docker/ @greenbone/devops @greenbone/gea @greenbone/team-matt 7 | -------------------------------------------------------------------------------- /.github/build-dependencies.list: -------------------------------------------------------------------------------- 1 | build-essential 2 | ca-certificates 3 | cmake 4 | curl 5 | git 6 | lcov 7 | libbsd-dev 8 | libcjson-dev 9 | libglib2.0-dev 10 | libgnutls28-dev 11 | libgpgme-dev 12 | libical-dev 13 | libpq-dev 14 | pkg-config 15 | postgresql-server-dev-all 16 | xsltproc 17 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | updates: 3 | - package-ecosystem: "github-actions" 4 | directory: "/" 5 | schedule: 6 | interval: "weekly" 7 | -------------------------------------------------------------------------------- /.github/install-dependencies.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # This script installs the dependencies of gvmd 3 | set -e 4 | 5 | BASEDIR=$(dirname "$0") 6 | DEFAULT_DEPENDENCIES_FILE="$BASEDIR/build-dependencies.list" 7 | DEPENDENCIES_FILE=${1:-$DEFAULT_DEPENDENCIES_FILE} 8 | 9 | if [[ ! -f "$DEPENDENCIES_FILE" ]]; then 10 | echo "Dependencies file not found: $DEPENDENCIES_FILE" 11 | exit 1 12 | fi 13 | 14 | apt-get update && \ 15 | apt-get install -y --no-install-recommends --no-install-suggests \ 16 | $(grep -v '#' "$DEPENDENCIES_FILE") 17 | -------------------------------------------------------------------------------- /.github/runtime-dependencies.list: -------------------------------------------------------------------------------- 1 | # Runtime dependencies 2 | 3 | # PDF Report 4 | # texlive-fonts-recommended 5 | # texlive-latex-extra 6 | 7 | # HTML Reports, cert data and scan data details 8 | # xsltproc 9 | 10 | # verinice report 11 | # xsltproc 12 | # xmlstarlet 13 | # zip 14 | 15 | # RPM credential packages 16 | # rpm 17 | # fakeroot 18 | 19 | # DEB credential packages 20 | # dpkg 21 | # fakeroot 22 | 23 | # Windows Executable (.exe) credential installer 24 | # nsis 25 | 26 | # signature verification 27 | # gnupg 28 | 29 | # HTTP alerts 30 | # wget 31 | 32 | # SCP alert 33 | # sshpass 34 | # openssh-client 35 | 36 | # Send alert 37 | # socat 38 | 39 | # SNMP alert 40 | # snmp 41 | 42 | # SMB alert 43 | # python3 44 | # smbclient 45 | 46 | # s/mime email encryption 47 | # gpgsm 48 | 49 | # Required for set up certificates for GVM 50 | # gnutls-bin 51 | 52 | # SSL/TLS verification 53 | # ca-certificates 54 | 55 | ca-certificates 56 | dpkg 57 | fakeroot 58 | nsis 59 | gosu 60 | gnupg 61 | gpgsm 62 | gnutls-bin 63 | libbsd0 64 | libcjson1 65 | libgpgme11 66 | libical3 67 | libpq5 68 | msmtp 69 | msmtp-mta 70 | openssh-client 71 | postgresql-client 72 | postgresql-client-common 73 | python3 74 | rpm 75 | rsync 76 | socat 77 | smbclient 78 | snmp 79 | sshpass 80 | texlive-fonts-recommended 81 | texlive-latex-extra 82 | wget 83 | xmlstarlet 84 | xsltproc 85 | zip 86 | -------------------------------------------------------------------------------- /.github/workflows/build-docs.yml: -------------------------------------------------------------------------------- 1 | name: 'Build Documentation' 2 | 3 | on: 4 | push: 5 | branches: [ main, stable, oldstable ] 6 | 7 | concurrency: 8 | group: ${{ github.workflow }}-${{ github.ref }} 9 | cancel-in-progress: true 10 | 11 | jobs: 12 | generate-doc-and-upload-coverage: 13 | name: Build XML documentation and upload coverage 14 | runs-on: ubuntu-latest 15 | container: greenbone/doxygen 16 | steps: 17 | - name: Run the c lang coverage action 18 | uses: greenbone/actions/doc-coverage-clang@v3 19 | with: 20 | token: ${{ secrets.CODECOV_TOKEN }} 21 | 22 | build-gmp-doc: 23 | name: Build GMP documentation 24 | runs-on: ubuntu-latest 25 | container: ${{ vars.IMAGE_REGISTRY }}/greenbone/gvmd-build:stable 26 | steps: 27 | - name: Check out gvmd 28 | uses: actions/checkout@v4 29 | - name: Generate GMP documentation (HTML) 30 | run: | 31 | mkdir build 32 | cd build 33 | cmake -DSKIP_SRC=1 .. 34 | make doc-gmp 35 | - name: Upload GMP documentation artifact 36 | uses: actions/upload-artifact@v4 37 | with: 38 | name: gmp.html 39 | path: build/doc/gmp.html 40 | retention-days: 14 41 | -------------------------------------------------------------------------------- /.github/workflows/changelog.yml: -------------------------------------------------------------------------------- 1 | name: Show changelog since last release 2 | 3 | on: 4 | workflow_dispatch: 5 | 6 | jobs: 7 | changelog: 8 | name: Show changelog since last release 9 | runs-on: 'ubuntu-latest' 10 | steps: 11 | - name: Checkout code 12 | uses: actions/checkout@v4 13 | with: 14 | fetch-depth: 0 # for conventional commits and getting all git tags 15 | persist-credentials: false 16 | - name: Install git-cliff 17 | uses: greenbone/actions/uv@v3 18 | with: 19 | install: git-cliff 20 | - name: Determine changelog 21 | env: 22 | GITHUB_REPO: ${{ github.repository }} 23 | GITHUB_TOKEN: ${{ github.token }} 24 | run: | 25 | git-cliff -v --strip header --unreleased -o /tmp/changelog.md 26 | - name: Show changelog 27 | run: | 28 | cat /tmp/changelog.md 29 | cat /tmp/changelog.md >> $GITHUB_STEP_SUMMARY 30 | -------------------------------------------------------------------------------- /.github/workflows/codeql-analysis-c.yml: -------------------------------------------------------------------------------- 1 | name: "CodeQL" 2 | 3 | on: 4 | push: 5 | branches: [ main, stable, oldstable ] 6 | pull_request: 7 | branches: [ main, stable, oldstable ] 8 | paths-ignore: 9 | - '**/*.md' 10 | - '**/*.txt' 11 | schedule: 12 | - cron: '30 5 * * 0' # 5:30h on Sundays 13 | 14 | concurrency: 15 | group: ${{ github.workflow }}-${{ github.ref }} 16 | cancel-in-progress: true 17 | 18 | jobs: 19 | analyze: 20 | name: Analyze 21 | runs-on: ubuntu-latest 22 | permissions: 23 | actions: read 24 | contents: read 25 | security-events: write 26 | container: ${{ vars.SELF_HOSTED_REGISTRY }}/community/gvm-libs:stable 27 | 28 | strategy: 29 | fail-fast: false 30 | matrix: 31 | language: [ 'c' ] 32 | 33 | steps: 34 | - name: Checkout repository 35 | uses: actions/checkout@v4 36 | - name: Install build dependencies 37 | run: sh .github/install-dependencies.sh .github/build-dependencies.list 38 | - name: Initialize CodeQL 39 | uses: github/codeql-action/init@v3 40 | with: 41 | languages: ${{ matrix.language }} 42 | # build between init and analyze ... 43 | - name: Configure and compile gvmd 44 | run: | 45 | mkdir build 46 | cd build/ 47 | cmake -DCMAKE_BUILD_TYPE=Debug .. 48 | make install 49 | - name: Perform CodeQL Analysis 50 | uses: github/codeql-action/analyze@v3 51 | -------------------------------------------------------------------------------- /.github/workflows/container.yml: -------------------------------------------------------------------------------- 1 | name: Build and Push Container Images 2 | 3 | on: 4 | push: 5 | branches: [ main ] 6 | tags: ["v*"] 7 | pull_request: 8 | branches: [ main ] 9 | workflow_dispatch: 10 | inputs: 11 | ref-name: 12 | type: string 13 | description: "The ref to build a container image from. For example a tag v23.0.0." 14 | required: true 15 | 16 | concurrency: 17 | group: ${{ github.workflow }}-${{ github.ref }} 18 | cancel-in-progress: true 19 | 20 | jobs: 21 | build: 22 | name: Build and Push to Greenbone Registry 23 | uses: greenbone/workflows/.github/workflows/container-build-push-2nd-gen.yml@main 24 | with: 25 | image-url: community/gvmd 26 | base-image-label: stable 27 | build-args: GVM_LIBS_VERSION=stable 28 | image-labels: | 29 | org.opencontainers.image.vendor=Greenbone 30 | org.opencontainers.image.base.name=greenbone/gvm-libs 31 | ref-name: ${{ inputs.ref-name }} 32 | secrets: inherit 33 | -------------------------------------------------------------------------------- /.github/workflows/conventional-commits.yml: -------------------------------------------------------------------------------- 1 | name: Conventional Commits 2 | 3 | on: 4 | pull_request_target: 5 | 6 | concurrency: 7 | group: ${{ github.workflow }}-${{ github.ref }} 8 | cancel-in-progress: true 9 | 10 | permissions: 11 | pull-requests: write 12 | contents: read 13 | 14 | jobs: 15 | conventional-commits: 16 | name: Conventional Commits 17 | runs-on: ubuntu-latest 18 | steps: 19 | - name: Report Conventional Commits 20 | uses: greenbone/actions/conventional-commits@v3 21 | -------------------------------------------------------------------------------- /.github/workflows/dependency-review.yml: -------------------------------------------------------------------------------- 1 | name: 'Dependency Review' 2 | 3 | on: [pull_request] 4 | 5 | concurrency: 6 | group: ${{ github.workflow }}-${{ github.ref }} 7 | cancel-in-progress: true 8 | 9 | permissions: 10 | contents: read 11 | 12 | jobs: 13 | dependency-review: 14 | runs-on: ubuntu-latest 15 | steps: 16 | - name: 'Dependency Review' 17 | uses: greenbone/actions/dependency-review@v3 18 | -------------------------------------------------------------------------------- /.github/workflows/release.yml: -------------------------------------------------------------------------------- 1 | name: Release gvmd 2 | 3 | on: 4 | pull_request: 5 | types: [closed] 6 | workflow_dispatch: 7 | inputs: 8 | release-type: 9 | type: choice 10 | description: What kind of release do you want to do? 11 | options: 12 | - patch 13 | - minor 14 | - major 15 | release-version: 16 | type: string 17 | description: Set an explicit version, that will overwrite release-type. Fails if version is not compliant. 18 | 19 | concurrency: 20 | group: ${{ github.workflow }}-${{ github.ref }} 21 | cancel-in-progress: true 22 | 23 | jobs: 24 | build-and-release: 25 | name: Create a new release 26 | # If the event is a workflow_dispatch or on of the labels 'pre release', 27 | # 'patch release', 'minor release' or 'major release' is set and PR is 28 | # closed because of a merge 29 | # NOTE: priority of set labes will be alpha > release-candidate > patch > minor > major, 30 | # so if 'major' and 'patch' labes are set, it will create a patch release. 31 | if: | 32 | ( github.event_name == 'workflow_dispatch') || ( 33 | ( contains(github.event.pull_request.labels.*.name, 'alpha release') || 34 | contains(github.event.pull_request.labels.*.name, 'rc release') || 35 | contains(github.event.pull_request.labels.*.name, 'patch release') || 36 | contains(github.event.pull_request.labels.*.name, 'minor release') || 37 | contains(github.event.pull_request.labels.*.name, 'major release')) && 38 | github.event.pull_request.merged == true ) 39 | runs-on: "ubuntu-latest" 40 | steps: 41 | - name: Selecting the Release type 42 | id: release-type 43 | uses: greenbone/actions/release-type@v3 44 | with: 45 | release-type-input: ${{ inputs.release-type }} 46 | - name: Checkout code 47 | uses: actions/checkout@v4 48 | with: 49 | fetch-depth: 0 # for conventional commits and getting all git tags 50 | persist-credentials: false 51 | ref: ${{ steps.release-type.outputs.release-ref }} 52 | - name: Determine release version 53 | id: release-version 54 | uses: greenbone/actions/release-version@v3 55 | with: 56 | release-type: ${{ steps.release-type.outputs.release-type }} 57 | release-version: ${{ inputs.release-version }} 58 | versioning-scheme: "semver" 59 | - name: Install git-cliff 60 | uses: greenbone/actions/uv@v3 61 | with: 62 | install: git-cliff 63 | - name: Determine changelog 64 | env: 65 | GITHUB_REPO: ${{ github.repository }} 66 | GITHUB_TOKEN: ${{ github.token }} 67 | run: | 68 | git-cliff -v --strip header -o /tmp/changelog.md --unreleased --tag ${{ steps.release-version.outputs.release-version }} ${{ steps.release-version.outputs.last-release-version }}..HEAD 69 | - name: Release with release action 70 | id: release 71 | uses: greenbone/actions/release@v3 72 | with: 73 | github-user: ${{ secrets.GREENBONE_BOT }} 74 | github-user-mail: ${{ secrets.GREENBONE_BOT_MAIL }} 75 | github-user-token: ${{ secrets.GREENBONE_BOT_TOKEN }} 76 | gpg-key: ${{ secrets.GPG_KEY }} 77 | gpg-fingerprint: ${{ secrets.GPG_FINGERPRINT }} 78 | gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }} 79 | release-version: ${{ steps.release-version.outputs.release-version }} 80 | changelog: /tmp/changelog.md 81 | ref: ${{ steps.release-type.outputs.release-ref }} 82 | versioning-scheme: "semver" 83 | -------------------------------------------------------------------------------- /.github/workflows/sbom-upload.yml: -------------------------------------------------------------------------------- 1 | name: SBOM upload 2 | on: 3 | workflow_dispatch: 4 | push: 5 | branches: ["main"] 6 | 7 | concurrency: 8 | group: ${{ github.workflow }}-${{ github.ref }} 9 | cancel-in-progress: true 10 | 11 | jobs: 12 | SBOM-upload: 13 | runs-on: ubuntu-latest 14 | permissions: 15 | id-token: write 16 | contents: write 17 | steps: 18 | - name: 'SBOM upload' 19 | uses: greenbone/actions/sbom-upload@v3 20 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | build/ 2 | tags 3 | .ccls 4 | .vscode 5 | .venv 6 | -------------------------------------------------------------------------------- /.mergify.yml: -------------------------------------------------------------------------------- 1 | pull_request_rules: 2 | # backports from main branch 3 | - name: backport main patches to stable branch 4 | conditions: 5 | - base=main 6 | - label=backport-to-stable 7 | actions: 8 | backport: 9 | branches: 10 | - stable 11 | 12 | - name: backport main patches to oldstable branch 13 | conditions: 14 | - base=main 15 | - label=backport-to-oldstable 16 | actions: 17 | backport: 18 | branches: 19 | - oldstable 20 | 21 | # backports from upcoming release branch 22 | - name: backport stable patches to main branch 23 | conditions: 24 | - base=stable 25 | - label=backport-to-main 26 | actions: 27 | backport: 28 | branches: 29 | - main 30 | 31 | - name: backport stable patches to oldstable branch 32 | conditions: 33 | - base=stable 34 | - label=backport-to-oldstable 35 | actions: 36 | backport: 37 | branches: 38 | - oldstable 39 | 40 | # backports from current release branch 41 | - name: backport oldstable patches to main branch 42 | conditions: 43 | - base=oldstable 44 | - label=backport-to-main 45 | actions: 46 | backport: 47 | branches: 48 | - main 49 | 50 | - name: backport oldstable patches to stable branch 51 | conditions: 52 | - base=oldstable 53 | - label=backport-to-stable 54 | actions: 55 | backport: 56 | branches: 57 | - stable 58 | -------------------------------------------------------------------------------- /CMakePresets.json: -------------------------------------------------------------------------------- 1 | { 2 | "version": 3, 3 | "configurePresets": [ 4 | { 5 | "name": "default", 6 | "hidden": false, 7 | "generator": "Unix Makefiles", 8 | "binaryDir": "${sourceDir}/build", 9 | "cacheVariables": { 10 | "CMAKE_BUILD_TYPE": "Debug", 11 | "BUILD_TESTS": "ON" 12 | } 13 | } 14 | ], 15 | "buildPresets": [ 16 | { 17 | "name": "default", 18 | "hidden": false, 19 | "configurePreset": "default" 20 | } 21 | ], 22 | "testPresets": [ 23 | { 24 | "name": "default", 25 | "hidden": false, 26 | "configurePreset": "default" 27 | } 28 | ] 29 | } 30 | -------------------------------------------------------------------------------- /VERSION.in: -------------------------------------------------------------------------------- 1 | @PROJECT_VERSION_STRING@ -------------------------------------------------------------------------------- /cliff.toml: -------------------------------------------------------------------------------- 1 | [changelog] 2 | # template for the changelog header 3 | header = """ 4 | # Changelog\n 5 | All notable changes to this project will be documented in this file. 6 | 7 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), 8 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).\n 9 | """ 10 | # template for the changelog body 11 | # https://keats.github.io/tera/docs/#introduction 12 | body = """ 13 | {%- macro remote_url() -%} 14 | https://github.com/{{ remote.github.owner }}/{{ remote.github.repo }} 15 | {%- endmacro -%} 16 | 17 | {% if version -%} 18 | ## [{{ version | trim_start_matches(pat="v") }}] - {{ timestamp | date(format="%Y-%m-%d") }} 19 | {% else -%} 20 | ## [Unreleased] 21 | {% endif -%} 22 | 23 | {% for group, commits in commits | group_by(attribute="group") %} 24 | ### {{ group | upper_first }} 25 | {% for commit in commits %} 26 | - {{ commit.message | split(pat="\n") | first | upper_first | trim }}\ 27 | {% if commit.remote.username %} by [@{{ commit.remote.username }}](https://github.com/{{ commit.remote.username }}){%- endif -%} 28 | {% if commit.remote.pr_number %} in \ 29 | [#{{ commit.remote.pr_number }}]({{ self::remote_url() }}/pull/{{ commit.remote.pr_number }}) \ 30 | {% elif commit.id %} in \ 31 | [{{ commit.id | truncate(length=7, end="") }}]({{ self::remote_url() }}/commit/{{ commit.id }})\ 32 | {%- endif -%} 33 | {% endfor %} 34 | {% endfor -%} 35 | """ 36 | # template for the changelog footer 37 | footer = """ 38 | {%- macro remote_url() -%} 39 | https://github.com/{{ remote.github.owner }}/{{ remote.github.repo }} 40 | {%- endmacro -%} 41 | 42 | {% for release in releases %} 43 | {% if release.version -%} 44 | {% if release.previous.version -%} 45 | [{{ release.version | trim_start_matches(pat="v") }}]: \ 46 | {{ self::remote_url() }}/compare/{{ release.previous.version }}..{{ release.version }} 47 | {% endif -%} 48 | {% else -%} 49 | [unreleased]: {{ self::remote_url() }}/compare/{{ release.previous.version }}..HEAD 50 | {% endif -%} 51 | {%- endfor -%} 52 | """ 53 | # remove the leading and trailing whitespace from the templates 54 | trim = true 55 | 56 | [git] 57 | # parse the commits based on https://www.conventionalcommits.org 58 | conventional_commits = true 59 | # filter out the commits that are not following the conventional commits format 60 | filter_unconventional = false 61 | # process each line of a commit as an individual commit 62 | split_commits = false 63 | # regex for preprocessing the commit messages 64 | commit_preprocessors = [ 65 | # remove issue numbers from commits 66 | { pattern = '\((\w+\s)?#([0-9]+)\)', replace = "" }, 67 | ] 68 | # regex for parsing and grouping commits 69 | commit_parsers = [ 70 | { message = "^[a|A]dd", group = ":sparkles: Added" }, 71 | { message = "^[c|C]hange", group = ":construction_worker: Changed" }, 72 | { message = "^[f|F]ix", group = ":bug: Bug Fixes" }, 73 | { message = "^[r|R]emove", group = ":fire: Removed" }, 74 | { message = "^[d|D]rop", group = ":fire: Removed" }, 75 | { message = "^[d|D]oc", group = ":books: Documentation" }, 76 | { message = "^[t|T]est", group = ":white_check_mark: Testing" }, 77 | { message = "^[c|C]hore", group = ":wrench: Miscellaneous" }, 78 | { message = "^[c|C]i", group = "️:wrench: Miscellaneous" }, 79 | { message = "^[m|M]isc", group = ":wrench: Miscellaneous" }, 80 | { message = "^[d|D]eps", group = ":ship: Dependencies" }, 81 | ] 82 | # filter out the commits that are not matched by commit parsers 83 | filter_commits = true 84 | # sort the tags topologically 85 | topo_order = false 86 | # sort the commits inside sections by oldest/newest order 87 | sort_commits = "oldest" 88 | -------------------------------------------------------------------------------- /cmake/FindPackageMessage.cmake: -------------------------------------------------------------------------------- 1 | # Distributed under the OSI-approved BSD 3-Clause License. See accompanying 2 | # file Copyright.txt or https://cmake.org/licensing for details. 3 | 4 | #[=======================================================================[.rst: 5 | FindPackageMessage 6 | ------------------ 7 | 8 | .. code-block:: cmake 9 | 10 | find_package_message( "message for user" "find result details") 11 | 12 | This function is intended to be used in FindXXX.cmake modules files. 13 | It will print a message once for each unique find result. This is 14 | useful for telling the user where a package was found. The first 15 | argument specifies the name (XXX) of the package. The second argument 16 | specifies the message to display. The third argument lists details 17 | about the find result so that if they change the message will be 18 | displayed again. The macro also obeys the QUIET argument to the 19 | find_package command. 20 | 21 | Example: 22 | 23 | .. code-block:: cmake 24 | 25 | if(X11_FOUND) 26 | find_package_message(X11 "Found X11: ${X11_X11_LIB}" 27 | "[${X11_X11_LIB}][${X11_INCLUDE_DIR}]") 28 | else() 29 | ... 30 | endif() 31 | #]=======================================================================] 32 | 33 | function(find_package_message pkg msg details) 34 | # Avoid printing a message repeatedly for the same find result. 35 | if(NOT ${pkg}_FIND_QUIETLY) 36 | string(REPLACE "\n" "" details "${details}") 37 | set(DETAILS_VAR FIND_PACKAGE_MESSAGE_DETAILS_${pkg}) 38 | if(NOT "${details}" STREQUAL "${${DETAILS_VAR}}") 39 | # The message has not yet been printed. 40 | message(STATUS "${msg}") 41 | 42 | # Save the find details in the cache to avoid printing the same 43 | # message again. 44 | set( 45 | "${DETAILS_VAR}" 46 | "${details}" 47 | CACHE INTERNAL 48 | "Details about finding ${pkg}" 49 | ) 50 | endif() 51 | endif() 52 | endfunction() 53 | -------------------------------------------------------------------------------- /cmake/GetGit.cmake: -------------------------------------------------------------------------------- 1 | # Copyright (C) 2018-2022 Greenbone AG 2 | # 3 | # SPDX-License-Identifier: GPL-2.0-or-later 4 | # 5 | # This program is free software; you can redistribute it and/or 6 | # modify it under the terms of the GNU General Public License 7 | # as published by the Free Software Foundation; either version 2 8 | # of the License, or (at your option) any later version. 9 | # 10 | # This program is distributed in the hope that it will be useful, 11 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | # GNU General Public License for more details. 14 | # 15 | # You should have received a copy of the GNU General Public License 16 | # along with this program; if not, write to the Free Software 17 | # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 | 19 | # This script attempts to determine the Git commit ID and writes or updates 20 | # a "gitrevision.h" file if successful. 21 | 22 | find_package(Git) 23 | 24 | macro(git_get_revision dir variable) 25 | execute_process( 26 | COMMAND ${GIT_EXECUTABLE} rev-parse --abbrev-ref HEAD 27 | WORKING_DIRECTORY ${dir} 28 | OUTPUT_VARIABLE GIT_BRANCH 29 | OUTPUT_STRIP_TRAILING_WHITESPACE 30 | ) 31 | execute_process( 32 | COMMAND ${GIT_EXECUTABLE} log -1 --format=%h 33 | WORKING_DIRECTORY ${dir} 34 | OUTPUT_VARIABLE GIT_COMMIT_HASH 35 | OUTPUT_STRIP_TRAILING_WHITESPACE 36 | ) 37 | string(REPLACE "/" "_" GIT_BRANCH ${GIT_BRANCH}) 38 | set(${variable} "${GIT_COMMIT_HASH}-${GIT_BRANCH}") 39 | endmacro() 40 | 41 | if(EXISTS "${SOURCE_DIR}/.git/") 42 | if(GIT_EXECUTABLE) 43 | git_get_revision(${SOURCE_DIR} GIT_REVISION) 44 | endif(GIT_EXECUTABLE) 45 | endif(EXISTS "${SOURCE_DIR}/.git/") 46 | 47 | if(GIT_REVISION) 48 | file(WRITE gitrevision.h.in "#define GVMD_GIT_REVISION \"${GIT_REVISION}\"\n") 49 | execute_process( 50 | COMMAND ${CMAKE_COMMAND} -E copy_if_different gitrevision.h.in gitrevision.h 51 | ) 52 | file(REMOVE gitrevision.h.in) 53 | endif() 54 | -------------------------------------------------------------------------------- /cmake/SelectLibraryConfigurations.cmake: -------------------------------------------------------------------------------- 1 | # Distributed under the OSI-approved BSD 3-Clause License. See accompanying 2 | # file Copyright.txt or https://cmake.org/licensing for details. 3 | 4 | #[=======================================================================[.rst: 5 | SelectLibraryConfigurations 6 | --------------------------- 7 | 8 | .. code-block:: cmake 9 | 10 | select_library_configurations(basename) 11 | 12 | This macro takes a library base name as an argument, and will choose 13 | good values for the variables 14 | 15 | :: 16 | 17 | basename_LIBRARY 18 | basename_LIBRARIES 19 | basename_LIBRARY_DEBUG 20 | basename_LIBRARY_RELEASE 21 | 22 | depending on what has been found and set. 23 | 24 | If only ``basename_LIBRARY_RELEASE`` is defined, ``basename_LIBRARY`` will 25 | be set to the release value, and ``basename_LIBRARY_DEBUG`` will be set 26 | to ``basename_LIBRARY_DEBUG-NOTFOUND``. If only ``basename_LIBRARY_DEBUG`` 27 | is defined, then ``basename_LIBRARY`` will take the debug value, and 28 | ``basename_LIBRARY_RELEASE`` will be set to ``basename_LIBRARY_RELEASE-NOTFOUND``. 29 | 30 | If the generator supports configuration types, then ``basename_LIBRARY`` 31 | and ``basename_LIBRARIES`` will be set with debug and optimized flags 32 | specifying the library to be used for the given configuration. If no 33 | build type has been set or the generator in use does not support 34 | configuration types, then ``basename_LIBRARY`` and ``basename_LIBRARIES`` 35 | will take only the release value, or the debug value if the release one 36 | is not set. 37 | #]=======================================================================] 38 | 39 | # This macro was adapted from the FindQt4 CMake module and is maintained by Will 40 | # Dicharry . 41 | 42 | macro(select_library_configurations basename) 43 | if(NOT ${basename}_LIBRARY_RELEASE) 44 | set( 45 | ${basename}_LIBRARY_RELEASE 46 | "${basename}_LIBRARY_RELEASE-NOTFOUND" 47 | CACHE FILEPATH 48 | "Path to a library." 49 | ) 50 | endif() 51 | if(NOT ${basename}_LIBRARY_DEBUG) 52 | set( 53 | ${basename}_LIBRARY_DEBUG 54 | "${basename}_LIBRARY_DEBUG-NOTFOUND" 55 | CACHE FILEPATH 56 | "Path to a library." 57 | ) 58 | endif() 59 | 60 | get_property(_isMultiConfig GLOBAL PROPERTY GENERATOR_IS_MULTI_CONFIG) 61 | if( 62 | ${basename}_LIBRARY_DEBUG 63 | AND ${basename}_LIBRARY_RELEASE 64 | AND NOT ${basename}_LIBRARY_DEBUG STREQUAL ${basename}_LIBRARY_RELEASE 65 | AND (_isMultiConfig OR CMAKE_BUILD_TYPE) 66 | ) 67 | # if the generator is multi-config or if CMAKE_BUILD_TYPE is set for 68 | # single-config generators, set optimized and debug libraries 69 | set(${basename}_LIBRARY "") 70 | foreach(_libname IN LISTS ${basename}_LIBRARY_RELEASE) 71 | list(APPEND ${basename}_LIBRARY optimized "${_libname}") 72 | endforeach() 73 | foreach(_libname IN LISTS ${basename}_LIBRARY_DEBUG) 74 | list(APPEND ${basename}_LIBRARY debug "${_libname}") 75 | endforeach() 76 | elseif(${basename}_LIBRARY_RELEASE) 77 | set(${basename}_LIBRARY ${${basename}_LIBRARY_RELEASE}) 78 | elseif(${basename}_LIBRARY_DEBUG) 79 | set(${basename}_LIBRARY ${${basename}_LIBRARY_DEBUG}) 80 | else() 81 | set(${basename}_LIBRARY "${basename}_LIBRARY-NOTFOUND") 82 | endif() 83 | 84 | set(${basename}_LIBRARIES "${${basename}_LIBRARY}") 85 | 86 | if(${basename}_LIBRARY) 87 | set(${basename}_FOUND TRUE) 88 | endif() 89 | 90 | mark_as_advanced(${basename}_LIBRARY_RELEASE ${basename}_LIBRARY_DEBUG) 91 | endmacro() 92 | -------------------------------------------------------------------------------- /config/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | # Copyright (C) 2020-2022 Greenbone AG 2 | # 3 | # SPDX-License-Identifier: AGPL-3.0-or-later 4 | # 5 | # This program is free software: you can redistribute it and/or modify 6 | # it under the terms of the GNU Affero General Public License as 7 | # published by the Free Software Foundation, either version 3 of the 8 | # License, or (at your option) any later version. 9 | # 10 | # This program is distributed in the hope that it will be useful, 11 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | # GNU Affero General Public License for more details. 14 | # 15 | # You should have received a copy of the GNU Affero General Public License 16 | # along with this program. If not, see . 17 | 18 | if(NOT SYSTEMD_SERVICE_DIR) 19 | set(SYSTEMD_SERVICE_DIR "${LIBDIR}/systemd/system") 20 | endif(NOT SYSTEMD_SERVICE_DIR) 21 | 22 | if(NOT LOGROTATE_DIR) 23 | set(LOGROTATE_DIR "${SYSCONFDIR}/logrotate.d") 24 | endif(NOT LOGROTATE_DIR) 25 | 26 | configure_file(gvmd.service.in gvmd.service) 27 | configure_file(gvmd.logrotate.in gvmd.logrotate) 28 | 29 | install( 30 | FILES ${CMAKE_CURRENT_BINARY_DIR}/gvmd.service 31 | DESTINATION ${SYSTEMD_SERVICE_DIR}/ 32 | ) 33 | 34 | install( 35 | FILES ${CMAKE_CURRENT_BINARY_DIR}/gvmd.logrotate 36 | DESTINATION ${LOGROTATE_DIR}/ 37 | RENAME gvmd 38 | ) 39 | -------------------------------------------------------------------------------- /config/gvmd.logrotate.in: -------------------------------------------------------------------------------- 1 | ${GVM_LOG_DIR}/gvmd.log { 2 | compress 3 | missingok 4 | notifempty 5 | sharedscripts 6 | copytruncate 7 | } 8 | 9 | -------------------------------------------------------------------------------- /config/gvmd.service.in: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Greenbone Vulnerability Manager daemon (gvmd) 3 | After=network.target networking.service postgresql.service ospd-openvas.service 4 | Wants=postgresql.service ospd-openvas.service 5 | Documentation=man:gvmd(8) 6 | ConditionKernelCommandLine=!recovery 7 | 8 | [Service] 9 | Type=forking 10 | User=gvm 11 | PIDFile=${GVMD_PID_PATH} 12 | RuntimeDirectory=gvmd 13 | RuntimeDirectoryMode=2775 14 | ExecStart=${SBINDIR}/gvmd --osp-vt-update=/run/ospd/ospd-openvas.sock --listen-group=gvm 15 | Restart=always 16 | TimeoutStopSec=10 17 | 18 | [Install] 19 | WantedBy=multi-user.target 20 | -------------------------------------------------------------------------------- /doc/db-schema-documentation-HOWTO.md: -------------------------------------------------------------------------------- 1 | # Generating Database Schema Documentation 2 | 3 | If a visual representation of the relationship between the various entities in 4 | the database is required, documentation in different formats can be generated 5 | with a number of third-party tools. 6 | 7 | As the schema documentation is based on an already initialized database, a 8 | running PostgreSQL server is required to generate a new documentation. 9 | 10 | The documentation can be generated with 11 | [postgresql_autodoc](https://github.com/cbbrowne/autodoc). Provided 12 | `postgresql_autodoc` is running as the same user who created the database, it is 13 | sufficient to execute the following command to generate the HTML documentation: 14 | 15 | postgresql_autodoc -t html -d gvmd 16 | 17 | The PNG documentation can be created by creating a documentation in the `dot` 18 | format and then using the `dot` command provided by 19 | [GraphViz](https://www.graphviz.org/) to generate a PNG file: 20 | 21 | postgresql_autodoc -t dot -d gvmd 22 | dot -Tpng gvmd.dot > gvmd.png 23 | -------------------------------------------------------------------------------- /doc/example-gvm-manage-certs.conf.in: -------------------------------------------------------------------------------- 1 | # Configuration file for gvm-manage-certs 2 | # All options listed below can also be set as environment variables 3 | # Options set in this file take precedence over environment variables 4 | 5 | # Certificate options 6 | # Lifetime in days 7 | # GVM_CERTIFICATE_LIFETIME=730 8 | # Country 9 | # GVM_CERTIFICATE_COUNTRY="DE" 10 | # State 11 | # GVM_CERTIFICATE_STATE="" 12 | # Locality 13 | # GVM_CERTIFICATE_LOCALITY="Osnabrueck" 14 | # Organization 15 | # GVM_CERTIFICATE_ORG="GVM Users" 16 | # (Organization unit) 17 | # GVM_CERTIFICATE_ORG_UNIT="" 18 | 19 | # Hostname 20 | # If not set, gvm-manage-certs will try to guess the hostname and 21 | # default to "localhost" if it cannot be guessed 22 | # GVM_CERTIFICATE_HOSTNAME= 23 | 24 | # Certificate Authority (CA) certificate options 25 | # CA Lifetime in days 26 | # GVM_CA_CERTIFICATE_LIFETIME=3652 27 | # Country 28 | # GVM_CA_CERTIFICATE_COUNTRY="$GVM_CERTIFICATE_COUNTRY" 29 | # State 30 | # GVM_CA_CERTIFICATE_STATE="$GVM_CERTIFICATE_STATE" 31 | # Locality 32 | # GVM_CA_CERTIFICATE_LOCALITY="$GVM_CERTIFICATE_LOCALITY" 33 | # Organization 34 | # GVM_CA_CERTIFICATE_ORG="$GVM_CERTIFICATE_ORG" 35 | # (Organization unit) 36 | # GVM_CA_CERTIFICATE_ORG_UNIT="Certificate Authority for $GVM_CERTIFICATE_HOSTNAME" 37 | 38 | # Key size for private keys in byte 39 | # If not set, gvm-manage-certs will take the default from the 40 | # GnuTLS security level (see below) 41 | # GVM_CERTIFICATE_KEYSIZE= 42 | 43 | # GnuTLS security level for private key generation 44 | # Valid values are: 45 | # low, legacy, medium, high, ultra 46 | # GVM_CERTIFICATE_SECPARAM="high" 47 | 48 | # Hash algorithm to use for certificate signatures 49 | # Valid values are: 50 | # SHA1, RMD160, SHA256, SHA384, SHA512 51 | # GVM_CERTIFICATE_SIGNALG="SHA256" 52 | 53 | # Location in file system where private keys are stored 54 | # GVM_KEY_LOCATION="@GVM_STATE_DIR@/private/CA" 55 | # Location in file system where certificates are stored 56 | # GVM_CERT_LOCATION="@GVM_STATE_DIR@/CA" 57 | 58 | # Prefix for generated files 59 | # If not set, files will be named "key.pem" and "cert.pem" 60 | # If set to "server", files will be named "serverkey.pem" and "servercert.pem" 61 | # GVM_CERT_PREFIX="" 62 | 63 | # Directory to use for keys and certificates before installation 64 | # This directory has to exist and has to be writable 65 | # If not set, gvm-manage-certs will use a temporary directory 66 | # GVM_CERT_DIR= 67 | 68 | # Filename to use for generated private key 69 | # GVM_KEY_FILENAME="$GVM_CERT_DIR/${GVM_CERT_PREFIX}key.pem" 70 | # Filename to use for generated certificate 71 | # GVM_CERT_FILENAME="$GVM_CERT_DIR/${GVM_CERT_PREFIX}cert.pem" 72 | # Filename to use for generated certificate request 73 | # GVM_CERT_REQUEST_FILENAME="$GVM_CERT_DIR/${GVM_CERT_PREFIX}request.pem" 74 | # Filename to use for generated certificate template 75 | # GVM_CERT_TEMPLATE_FILENAME=cert.cfg" 76 | 77 | # Filename of CA private key used for signing certificates 78 | # GVM_SIGNING_CA_KEY_FILENAME="$GVM_KEY_LOCATION/cakey.pem" 79 | # Filename of CA certificate used for signing certificates 80 | # GVM_SIGNING_CA_CERT_FILENAME="$GVM_CERT_LOCATION/cacert.pem" 81 | -------------------------------------------------------------------------------- /doc/greenbone-certdata-sync.8: -------------------------------------------------------------------------------- 1 | .TH greenbone-certdata-sync 8 User Manuals 2 | .SH NAME 3 | greenbone-certdata-sync \- Greenbone Vulnerability Manager SCAP sync script 4 | .SH SYNOPSIS 5 | \fBgreenbone-certdata-sync OPTIONS 6 | \f1 7 | .SH DESCRIPTION 8 | Update the CERT data from the feed server. 9 | .SH OPTIONS 10 | .TP 11 | \fB--version\f1 12 | Print version and exit. 13 | .TP 14 | \fB--identify\f1 15 | Print machine readable identity information and exit. 16 | .TP 17 | \fB--describe\f1 18 | Print human readable description. 19 | .TP 20 | \fB--feedversion\f1 21 | Print feed version and exit. 22 | .TP 23 | \fB--help\f1 24 | Print help message and exit. 25 | .TP 26 | \fB--refresh\f1 27 | Only refresh the database. Do not fetch any files. 28 | .TP 29 | \fB--migrate\f1 30 | Only migrate the database. Do not fetch any files. 31 | .TP 32 | \fB--selftest\f1 33 | Perform self-test and exit. 34 | .TP 35 | \fB--feedcurrent\f1 36 | Check whether feed is current. 37 | .TP 38 | \fB--database=\fIDATABASE\fB\f1 39 | The name of the database. For Posgres backend only. Default is tasks. 40 | .SH SEE ALSO 41 | \fBgvmd(8)\f1, \fBgreenbone-scapdata-sync(8)\f1 42 | .SH MORE INFORMATION 43 | 44 | The canonical places where you will find more information 45 | about the Greenbone Vulnerability Management are: 46 | 47 | .RS 48 | .UR https://community.greenbone.net 49 | Community Portal 50 | .UE 51 | .br 52 | .UR https://github.com/greenbone 53 | Development Platform 54 | .UE 55 | .br 56 | .UR https://www.greenbone.net 57 | Greenbone Website 58 | .UE 59 | .RE 60 | 61 | .SH COPYRIGHT 62 | The Greenbone Vulnerability Manager is released under the GNU GPL, version 2, or, at your option, any later version. 63 | -------------------------------------------------------------------------------- /doc/greenbone-certdata-sync.8.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | greenbone-certdata-sync OPTIONS 30 | 31 | 32 | 33 |

34 | Update the CERT data from the feed server. 35 |

36 | 37 | 38 | 39 | 43 | 44 | 48 | 49 | 53 | 54 | 58 | 59 | 63 | 64 | 68 | 69 | 75 | 76 | 82 | 83 | 87 | 88 | 92 | 93 | 94 |
95 |

96 | , 97 | 98 |

99 |
100 | 101 |
102 |

103 | The canonical places where you will find more information 104 | about the Greenbone Vulnerability Management are: 105 | 106 | 107 | (Community Portal) 108 | 109 | 110 | (Development Platform) 111 | 112 | 113 | (Greenbone Website) 114 |

115 |
116 | 117 |
118 |

119 | The Greenbone Vulnerability Manager is released under the GNU GPL, version 2, 120 | or, at your option, any later version. 121 |

122 |
123 | 124 | 125 | -------------------------------------------------------------------------------- /doc/greenbone-scapdata-sync.8: -------------------------------------------------------------------------------- 1 | .TH greenbone-scapdata-sync 8 User Manuals 2 | .SH NAME 3 | greenbone-scapdata-sync \- Greenbone Vulnerability Manager SCAP sync script 4 | .SH SYNOPSIS 5 | \fBgreenbone-scapdata-sync OPTIONS 6 | \f1 7 | .SH DESCRIPTION 8 | Update the SCAP data from the feed server. 9 | .SH OPTIONS 10 | .TP 11 | \fB--version\f1 12 | Print version and exit. 13 | .TP 14 | \fB--identify\f1 15 | Print machine readable identity information and exit. 16 | .TP 17 | \fB--describe\f1 18 | Print human readable description. 19 | .TP 20 | \fB--feedversion\f1 21 | Print feed version and exit. 22 | .TP 23 | \fB--help\f1 24 | Print help message and exit. 25 | .TP 26 | \fB--verbose\f1 27 | Print exta messages about what's going on. 28 | .TP 29 | \fB--refresh\f1 30 | Only refresh the database. Do not fetch any files. 31 | .TP 32 | \fB--refresh-private\f1 33 | Only refresh the database. Do not fetch any files. 34 | .TP 35 | \fB--migrate\f1 36 | Only migrate the database. Do not fetch any files. 37 | .TP 38 | \fB--selftest\f1 39 | Perform self-test and exit. 40 | .TP 41 | \fB--feedcurrent\f1 42 | Check whether feed is current. 43 | .SH SEE ALSO 44 | \fBgvmd(8)\f1, \fBgreenbone-certdata-sync(8)\f1 45 | .SH MORE INFORMATION 46 | 47 | The canonical places where you will find more information 48 | about the Greenbone Vulnerability Management are: 49 | 50 | .RS 51 | .UR https://community.greenbone.net 52 | Community Portal 53 | .UE 54 | .br 55 | .UR https://github.com/greenbone 56 | Development Platform 57 | .UE 58 | .br 59 | .UR https://www.greenbone.net 60 | Greenbone Website 61 | .UE 62 | .RE 63 | 64 | .SH COPYRIGHT 65 | The Greenbone Vulnerability Manager is released under the GNU GPL, version 2, or, at your option, any later version. 66 | -------------------------------------------------------------------------------- /doc/icalendar-schedules: -------------------------------------------------------------------------------- 1 | NOTES ON ICALENDAR SCHEDULES IN GREENBONE VULNERABILITY MANAGER 2 | =============================================================== 3 | 4 | General usage 5 | ------------- 6 | 7 | Schedules in Greenbone Vulnerability Manager 8.0 and newer will support a 8 | subset of the iCalendar format as defined in RFC 5545 to define the 9 | first run time, recurrence and duration of the schedule. 10 | The iCalendar text should consist of an VCALENDAR component containing 11 | a single VEVENT. If the VEVENT uses a TZID, the corresponding VTIMEZONE 12 | should be included as well. 13 | 14 | GVM will modify the iCalendar text to optimize it for its internal functions. 15 | See the following sections for some of the changes made. 16 | 17 | 18 | Timezones 19 | --------- 20 | 21 | Schedules using iCalendar will use the timezone set in their timezone field by 22 | default. 23 | However, if the optimized iCalendar contains an explicit TZID and it is defined 24 | by a valid VTIMEZONE component in the same VCALENDAR, this timezone will be 25 | used instead. 26 | Note that if the TZID is undefined within the VCALENDAR, it will be removed. 27 | 28 | 29 | Other restrictions and caveats 30 | ------------------------------ 31 | 32 | - Only the first VEVENT component will be considered. Any other VEVENT, VTODO 33 | or VJOURNAL components will be removed. 34 | - Only the first RRULE property of the VEVENT will be used. Any following 35 | occurrences will be removed. 36 | - If a DTEND property is given in the VEVENT, it will be converted to a 37 | DURATION property. 38 | - RDATE properties specifying a time period will be reduced to a simple start 39 | time, discarding the end time or duration of the RDATE period. 40 | - Any property besides DTSTART, DTEND, DURATION and RRULE will be removed. 41 | This includes the deprecated EXRULE property. 42 | - Some properties like PRODID, UID and DTSTAMP may be modified. 43 | 44 | 45 | Compatibility with old GMP syntax 46 | --------------------------------- 47 | 48 | Schedules can still be created and modified using the old GMP syntax 49 | and when fetching the schedules with the get_schedules command, an 50 | approximation of the old fields will be included in the response. 51 | When modifying schedules using the old GMP syntax, only the data available to 52 | the old syntax will be used, so some information may be lost. 53 | It is therefore recommended to use iCalendar when modifying schedules with 54 | more complex recurrence or timezone information. 55 | 56 | The elements in the old syntax are mapped to VEVENT properties as follows: 57 | - first_time => DTSTART 58 | - duration => DURATION 59 | - period => FREQ and COUNT in RRULE 60 | - byday => BYDAY in RRULE (with restrictions, see below) 61 | 62 | The restrictions of the old syntax include: 63 | - The "byday" GMP element only supports simple weekdays, but no number of the 64 | week, e.g. only "MO" for "every Monday" but not "2MO" for "every second Monday 65 | of the month". 66 | - There are no corresponding elements for several other recurrence related 67 | rules and rule parts like BYMONTH. 68 | - iCalendar timezone information is only included in the iCalendar text, so 69 | only the default timezone of the schedule will be used. 70 | -------------------------------------------------------------------------------- /doc/user-scap-data-HOWTO: -------------------------------------------------------------------------------- 1 | GVM USER SCAP DATA HOWTO 2 | ======================== 3 | 4 | The SCAP data sync script ("greenbone-scapdata-sync") do download SCAP data for 5 | the respective feed service. Additionalle they support the import of 6 | user-defined SCAP data. Currently only OVAL definitions are supported. 7 | However, a few things must be kept in mind for this to work correctly: 8 | 9 | The "private" subdirectory 10 | -------------------------- 11 | User defined data has to be placed into a special subdirectory of the SCAP 12 | data directory of your GVM installation, which will be called the private 13 | directory from now on. 14 | By default this subdirectory is named "private". 15 | 16 | Placing your files there also ensures that they are not deleted during the sync 17 | when they are recognized not to be part of the feed content. 18 | 19 | Updating the database 20 | --------------------- 21 | The SCAP database will be updated when a SCAP data sync script is run. 22 | If you just want to update your user-defined data without syncing with the feed, 23 | you can run the scripts with the option --refresh-private. 24 | 25 | User OVAL data 26 | -------------- 27 | To import OVAL definitions into the SCAP database, move the XML files containing 28 | the definitions into the subdirectory "oval" of the private directory or a 29 | subdirectory of this and run the SCAP sync script as described above. 30 | 31 | Before any data is added from a file, it must pass a few tests: 32 | - The filename must match the pattern "*.xml" or match "*.asc" while another 33 | file with the same name excluding the ".asc" suffix exists in the same 34 | directory. 35 | - The file must be valid XML and contain a valid OVAL generator timestamp. 36 | - The file must not include definitions for any identifiers that are also 37 | defined in a file that is part of the feed. This is done to ensure 38 | consistency of the data provided by the feed. 39 | - The file must be newer than the date of the last database update. 40 | 41 | The sync script will insert all definitions with a newer timestamp than 42 | the latest one from that file already in the database or all definitions if 43 | the file is newly added. 44 | 45 | If a file is removed, all definitions from that file are also removed from the 46 | database at the end of the sync. 47 | -------------------------------------------------------------------------------- /doc/vfire-data-xml.rnc: -------------------------------------------------------------------------------- 1 | start = 2 | 3 | ## Root container for vFire alert data 4 | element alert_data { 5 | 6 | ## The base URL of the vFire server to connect to 7 | element base_url { text }, 8 | 9 | ## The username used for authentication 10 | element username { text }, 11 | 12 | ## The password used for authentication 13 | element password { text }, 14 | 15 | ## The Alemba API client ID used for authentication 16 | element client_id { text }, 17 | 18 | ## The parameters used for creating the new ticket 19 | element call_input { 20 | 21 | ## The description text to use for the ticket 22 | element description { text }, 23 | 24 | ## Optional name of the partition to create the new ticket in 25 | element partition_name { text }?, 26 | 27 | ## Optional name of the call template to use 28 | element template_name { text }?, 29 | 30 | ## Optional name of the call type to use 31 | element type_name { text }?, 32 | 33 | ## Optional name of the impact to use 34 | element impact_name { text }?, 35 | 36 | ## Optional name of the urgency to use 37 | element urgency_name { text }? 38 | }, 39 | 40 | ## Info about the reports to attach 41 | element attach_reports { 42 | 43 | ## Info about one report attachment 44 | element report { 45 | 46 | ## Path to the report file on the local filesystem 47 | element src_path { text }, 48 | 49 | ## Filename to use in vFire 50 | element dest_filename { text }, 51 | 52 | ## MIME content type of the file 53 | element content_type { text }, 54 | 55 | ## Name of the report format used 56 | element report_format { text } 57 | }* 58 | } 59 | } 60 | -------------------------------------------------------------------------------- /src/alert_methods/SCP/alert: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright (C) 2016-2022 Greenbone AG 3 | # 4 | # SPDX-License-Identifier: AGPL-3.0-or-later 5 | # 6 | # This program is free software: you can redistribute it and/or modify 7 | # it under the terms of the GNU Affero General Public License as 8 | # published by the Free Software Foundation, either version 3 of the 9 | # License, or (at your option) any later version. 10 | # 11 | # This program is distributed in the hope that it will be useful, 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | # GNU Affero General Public License for more details. 15 | # 16 | # You should have received a copy of the GNU Affero General Public License 17 | # along with this program. If not, see . 18 | 19 | # Escalator method script: SCP. 20 | 21 | USERNAME=$1 22 | HOST=$2 23 | PORT=$3 24 | DEST=$4 25 | KNOWN_HOSTS=$5 26 | PRIVATE_KEY_FILE=$6 27 | PASSWORD_FILE=$7 28 | REPORT_FILE=$8 29 | 30 | KNOWN_HOSTS_FILE=`mktemp` || exit 1 31 | echo $KNOWN_HOSTS > $KNOWN_HOSTS_FILE 32 | 33 | ERROR_FILE=`mktemp` || exit 1 34 | 35 | log_error() { 36 | # remove \r used in line feed by scp or sshpass (\r\n) 37 | # which can make journalctl interpret the output as blob data 38 | MESSAGE=`echo "$1" | tr -d '\r'` 39 | logger "SCP alert: $MESSAGE" 40 | echo "$MESSAGE" >&2 41 | } 42 | 43 | shell_esc() { 44 | printf "%q" "$1" 45 | } 46 | 47 | if [ -z "$GVMD_SCP_ALERT_TIMEOUT" ] 48 | then 49 | TIMEOUT="15m" 50 | else 51 | TIMEOUT="$GVMD_SCP_ALERT_TIMEOUT" 52 | fi 53 | 54 | # Escape destination because it is also expanded on the remote end. 55 | DEST_ESC=`shell_esc "$DEST"` 56 | 57 | if [ -z "$PRIVATE_KEY_FILE" ] 58 | then 59 | timeout $TIMEOUT sshpass -f ${PASSWORD_FILE} scp -P "$PORT" -o HashKnownHosts=no -o UserKnownHostsFile="${KNOWN_HOSTS_FILE} ~/.ssh/known_hosts ~/.ssh/known_hosts2 /etc/ssh/ssh_known_hosts" "${REPORT_FILE}" "${USERNAME}@${HOST}:${DEST_ESC}" 2>$ERROR_FILE 60 | else 61 | timeout $TIMEOUT sshpass -f ${PASSWORD_FILE} -P "passphrase" scp -P "$PORT" -i "$PRIVATE_KEY_FILE" -o PasswordAuthentication=no -o HashKnownHosts=no -o UserKnownHostsFile="${KNOWN_HOSTS_FILE} ~/.ssh/known_hosts ~/.ssh/known_hosts2 /etc/ssh/ssh_known_hosts" "${REPORT_FILE}" "${USERNAME}@${HOST}:${DEST_ESC}" 2>$ERROR_FILE 62 | fi 63 | 64 | EXIT_CODE=$? 65 | 66 | ERROR_SHORT=`head -n 3 $ERROR_FILE` 67 | 68 | if [ $EXIT_CODE -eq 1 ] 69 | then 70 | log_error "sshpass failed with exit code ${EXIT_CODE}: Invalid command line argument: $ERROR_SHORT" 71 | elif [ $EXIT_CODE -eq 2 ] 72 | then 73 | log_error "sshpass failed with exit code ${EXIT_CODE}: Conflicting arguments given: $ERROR_SHORT" 74 | elif [ $EXIT_CODE -eq 3 ] 75 | then 76 | log_error "sshpass failed with exit code ${EXIT_CODE}: General runtime error: $ERROR_SHORT" 77 | elif [ $EXIT_CODE -eq 4 ] 78 | then 79 | log_error "sshpass failed with exit code ${EXIT_CODE}: Unrecognized response from ssh (parse error): $ERROR_SHORT" 80 | elif [ $EXIT_CODE -eq 5 ] 81 | then 82 | log_error "sshpass failed with exit code ${EXIT_CODE}: Invalid/incorrect password: $ERROR_SHORT" 83 | elif [ $EXIT_CODE -eq 6 ] 84 | then 85 | log_error "sshpass failed with exit code ${EXIT_CODE}: Host public key is unknown: $ERROR_SHORT" 86 | elif [ $EXIT_CODE -eq 124 ] 87 | then 88 | log_error "sshpass failed with exit code ${EXIT_CODE}: Timeout after $TIMEOUT: $ERROR_SHORT" 89 | elif [ $EXIT_CODE -eq 127 ] 90 | then 91 | log_error "sshpass failed with exit code ${EXIT_CODE}: Command not found: $ERROR_SHORT" 92 | elif [ $EXIT_CODE -ne 0 ] 93 | then 94 | log_error "sshpass failed with exit code ${EXIT_CODE}: $ERROR_SHORT" 95 | fi 96 | 97 | rm $KNOWN_HOSTS_FILE 98 | rm $PASSWORD_FILE 99 | rm $ERROR_FILE 100 | 101 | exit $EXIT_CODE 102 | -------------------------------------------------------------------------------- /src/alert_methods/SNMP/alert: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Copyright (C) 2016-2022 Greenbone AG 3 | # 4 | # SPDX-License-Identifier: AGPL-3.0-or-later 5 | # 6 | # This program is free software: you can redistribute it and/or modify 7 | # it under the terms of the GNU Affero General Public License as 8 | # published by the Free Software Foundation, either version 3 of the 9 | # License, or (at your option) any later version. 10 | # 11 | # This program is distributed in the hope that it will be useful, 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | # GNU Affero General Public License for more details. 15 | # 16 | # You should have received a copy of the GNU Affero General Public License 17 | # along with this program. If not, see . 18 | 19 | # Escalator method script: SNMP. 20 | 21 | COMMUNITY=$1 22 | AGENT=$2 # Host. 23 | MESSAGE=$3 24 | 25 | OUTPUT=$(snmptrap -v 2c -c $COMMUNITY $AGENT '' .1.3.6.1.6.3 0 s "$MESSAGE" 2>&1) 26 | 27 | EXIT_CODE=$? 28 | 29 | if [ "0" -ne "$EXIT_CODE" ] 30 | then 31 | echo "snmptrap failed with code $EXIT_CODE:\n$OUTPUT" >&2 32 | exit $EXIT_CODE 33 | fi 34 | -------------------------------------------------------------------------------- /src/alert_methods/Send/alert: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Copyright (C) 2015-2022 Greenbone AG 3 | # 4 | # SPDX-License-Identifier: AGPL-3.0-or-later 5 | # 6 | # This program is free software: you can redistribute it and/or modify 7 | # it under the terms of the GNU Affero General Public License as 8 | # published by the Free Software Foundation, either version 3 of the 9 | # License, or (at your option) any later version. 10 | # 11 | # This program is distributed in the hope that it will be useful, 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | # GNU Affero General Public License for more details. 15 | # 16 | # You should have received a copy of the GNU Affero General Public License 17 | # along with this program. If not, see . 18 | 19 | # Escalator method script: Send. 20 | 21 | cat $3 | socat -t 0 - TCP:$1:$2 22 | EXIT_CODE=$? 23 | exit $EXIT_CODE 24 | -------------------------------------------------------------------------------- /src/alert_methods/Sourcefire/alert: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Copyright (C) 2011-2022 Greenbone AG 3 | # 4 | # SPDX-License-Identifier: AGPL-3.0-or-later 5 | # 6 | # This program is free software: you can redistribute it and/or modify 7 | # it under the terms of the GNU Affero General Public License as 8 | # published by the Free Software Foundation, either version 3 of the 9 | # License, or (at your option) any later version. 10 | # 11 | # This program is distributed in the hope that it will be useful, 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | # GNU Affero General Public License for more details. 15 | # 16 | # You should have received a copy of the GNU Affero General Public License 17 | # along with this program. If not, see . 18 | 19 | # Escalator method script: Sourcefire connector. 20 | 21 | greenbone_sourcefire_connector -server=$1 -port=$2 -pkcs12=$3 -password="$5" $4 22 | EXIT_CODE=$? 23 | exit $EXIT_CODE 24 | -------------------------------------------------------------------------------- /src/alert_methods/TippingPoint/alert: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Copyright (C) 2018-2022 Greenbone AG 3 | # 4 | # SPDX-License-Identifier: AGPL-3.0-or-later 5 | # 6 | # This program is free software: you can redistribute it and/or modify 7 | # it under the terms of the GNU Affero General Public License as 8 | # published by the Free Software Foundation, either version 3 of the 9 | # License, or (at your option) any later version. 10 | # 11 | # This program is distributed in the hope that it will be useful, 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | # GNU Affero General Public License for more details. 15 | # 16 | # You should have received a copy of the GNU Affero General Public License 17 | # along with this program. If not, see . 18 | 19 | # Escalator method script: TippingPoint SMS upload. 20 | 21 | SMS_ADDRESS=$1 22 | CERT_PATH=$2 23 | CERT_WORKAROUND=$3 24 | CONVERT_SCRIPT=$4 25 | AUTH_PATH=$5 26 | REPORT_PATH=$6 27 | 28 | # Create temp file for converted report 29 | REPORT_DATE=$(xmlstarlet sel -t -v "report/timestamp" < $REPORT_PATH) 30 | EXIT_CODE=$? 31 | if [ 0 -ne $EXIT_CODE ] 32 | then 33 | exit $EXIT_CODE 34 | fi 35 | 36 | REPORT_DATE=$(date -d "$REPORT_DATE" +%Y%m%d%H%M%S) 37 | 38 | CONVERTED_PATH=$(mktemp "$(dirname ${REPORT_PATH})/report-${REPORT_DATE}-XXXXXX.csv") 39 | EXIT_CODE=$? 40 | if [ 0 -ne $EXIT_CODE ] 41 | then 42 | exit $EXIT_CODE 43 | fi 44 | 45 | # Convert the report 46 | $CONVERT_SCRIPT "$REPORT_PATH" "$CONVERTED_PATH" 47 | 48 | EXIT_CODE=$? 49 | if [ 0 -ne $EXIT_CODE ] 50 | then 51 | exit $EXIT_CODE 52 | fi 53 | 54 | # Get and reformat scan run times 55 | START_TIME=$(xmlstarlet sel -t -v "report/scan_start" < $REPORT_PATH) 56 | EXIT_CODE=$? 57 | if [ 0 -ne $EXIT_CODE ] 58 | then 59 | exit $EXIT_CODE 60 | fi 61 | START_TIME=$(TZ=UTC date -d "$START_TIME" +%Y-%m-%dT%H:%M:%S.000Z) 62 | 63 | END_TIME=$(xmlstarlet sel -t -v "report/scan_end" < $REPORT_PATH) 64 | EXIT_CODE=$? 65 | if [ 0 -ne $EXIT_CODE ] 66 | then 67 | exit $EXIT_CODE 68 | fi 69 | END_TIME=$(TZ=UTC date -d "$END_TIME" +%Y-%m-%dT%H:%M:%S.000Z) 70 | RUNTIME="$START_TIME/$END_TIME" 71 | 72 | # Upload the report 73 | VENDOR="Greenbone" 74 | PRODUCT="Greenbone%20Vulnerability%20Manager" 75 | FORMAT_VERSION="1.0.0" 76 | CN_REPLACEMENT="Tippingpoint" 77 | 78 | if [ "1" = $CERT_WORKAROUND ] 79 | then 80 | HTTP_CODE=$(curl -s -w ' - Status code %{http_code}' -F "file=@$CONVERTED_PATH" --netrc-file "$AUTH_PATH" "https://$CN_REPLACEMENT/vulnscanner/import?vendor=$VENDOR&product=$PRODUCT&version=$FORMAT_VERSION&runtime=$RUNTIME" --cacert "$CERT_PATH" --resolve "$CN_REPLACEMENT:443:$SMS_ADDRESS") 81 | CURL_EXIT="$?" 82 | else 83 | HTTP_CODE=$(curl -s -w ' - Status code %{http_code}' -F "file=@$CONVERTED_PATH" --netrc-file "$AUTH_PATH" "https://$SMS_ADDRESS/vulnscanner/import?vendor=$VENDOR&product=$PRODUCT&version=$FORMAT_VERSION&runtime=$RUNTIME" --cacert "$CERT_PATH") 84 | CURL_EXIT="$?" 85 | fi 86 | 87 | if [ " - Status code 200" = "$HTTP_CODE" ] 88 | then 89 | echo "Upload successful" 90 | elif [ " - Status code 302" = "$HTTP_CODE" ] 91 | then 92 | echo "Host returned: $HTTP_CODE - credentials may be incorrect" >&2 93 | exit 1 94 | elif [ -n "$HTTP_CODE" ] && [ " - Status code 000" != "$HTTP_CODE" ] 95 | then 96 | echo "Host returned: $HTTP_CODE" >&2 97 | exit 1 98 | elif [ "6" = "$CURL_EXIT" ] 99 | then 100 | echo "curl failed: Couldn't resolve host (code $CURL_EXIT)" >&2 101 | exit 1 102 | elif [ "7" = "$CURL_EXIT" ] 103 | then 104 | echo "curl failed: Failed to connect to host (code $CURL_EXIT)" >&2 105 | exit 1 106 | elif [ "51" = "$CURL_EXIT" ] 107 | then 108 | echo "curl failed: The peer's SSL certificate or SSH MD5 fingerprint was not OK (code $CURL_EXIT)" >&2 109 | exit 1 110 | elif [ "77" = "$CURL_EXIT" ] 111 | then 112 | echo "curl failed: Problem with reading the SSL CA cert. (code $CURL_EXIT)" >&2 113 | exit 1 114 | else 115 | echo "curl failed with exit code $CURL_EXIT" >&2 116 | exit 1 117 | fi 118 | -------------------------------------------------------------------------------- /src/alert_methods/vFire/alert: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Copyright (C) 2018-2022 Greenbone AG 3 | # 4 | # SPDX-License-Identifier: AGPL-3.0-or-later 5 | # 6 | # This program is free software: you can redistribute it and/or modify 7 | # it under the terms of the GNU Affero General Public License as 8 | # published by the Free Software Foundation, either version 3 of the 9 | # License, or (at your option) any later version. 10 | # 11 | # This program is distributed in the hope that it will be useful, 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | # GNU Affero General Public License for more details. 15 | # 16 | # You should have received a copy of the GNU Affero General Public License 17 | # along with this program. If not, see . 18 | 19 | ALERT_CONFIG="$1" 20 | CONNECTOR=`which greenbone_vfire_connector` 21 | 22 | if [ -z "$ALERT_CONFIG" ] 23 | then 24 | echo "No alert config given." >&2 25 | exit 1 26 | fi 27 | 28 | if [ ! -f "$ALERT_CONFIG" ] 29 | then 30 | echo "Alert config file not found." >&2 31 | exit 1 32 | fi 33 | 34 | if [ -z "$CONNECTOR" ] 35 | then 36 | echo "Connector script 'greenbone_vfire_connector' not found." >&2 37 | exit 1 38 | fi 39 | 40 | "$CONNECTOR" "$ALERT_CONFIG" 41 | EXIT_CODE=$? 42 | exit $EXIT_CODE 43 | -------------------------------------------------------------------------------- /src/alert_methods/verinice/alert: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Copyright (C) 2012-2022 Greenbone AG 3 | # 4 | # SPDX-License-Identifier: AGPL-3.0-or-later 5 | # 6 | # This program is free software: you can redistribute it and/or modify 7 | # it under the terms of the GNU Affero General Public License as 8 | # published by the Free Software Foundation, either version 3 of the 9 | # License, or (at your option) any later version. 10 | # 11 | # This program is distributed in the hope that it will be useful, 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | # GNU Affero General Public License for more details. 15 | # 16 | # You should have received a copy of the GNU Affero General Public License 17 | # along with this program. If not, see . 18 | 19 | # Escalator method script: verinice connector. 20 | 21 | greenbone_verinice_connector $1 $2 $3 $4 22 | EXIT_CODE=$? 23 | exit $EXIT_CODE 24 | -------------------------------------------------------------------------------- /src/debug_utils.c: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2021-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /** 20 | * @file debug_utils.c 21 | * @brief Debug utilties and Sentry integration 22 | */ 23 | 24 | #include "debug_utils.h" 25 | 26 | #include 27 | #include /* for snprintf */ 28 | #include 29 | 30 | /** 31 | * @brief Initialize Sentry using the current gvmd version and DSN. 32 | * 33 | * The DSN is set via the environment variable SENTRY_DSN_GVMD. 34 | * 35 | * @return 1 if sentry support was enabled, 0 if not. 36 | */ 37 | int 38 | init_sentry (void) 39 | { 40 | char *sentry_dsn_gvmd = NULL; 41 | char version[96]; 42 | 43 | snprintf (version, sizeof (version), "gvmd@%s", GVMD_VERSION); 44 | 45 | sentry_dsn_gvmd = getenv ("SENTRY_DSN_GVMD"); 46 | if (gvm_has_sentry_support () && sentry_dsn_gvmd && *sentry_dsn_gvmd) 47 | { 48 | gvm_sentry_init (sentry_dsn_gvmd, version); 49 | return 1; 50 | } 51 | return 0; 52 | } 53 | -------------------------------------------------------------------------------- /src/debug_utils.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2021-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | 20 | /** 21 | * @file debug_utils.h 22 | * @brief Headers for debug utilties and Sentry integration 23 | */ 24 | 25 | #ifndef _OPENVAS_DEBUG_UTILS_H 26 | #define _OPENVAS_DEBUG_UTILS_H 27 | 28 | #include /* for gvm_sentry_init */ 29 | 30 | int 31 | init_sentry (void); 32 | 33 | #endif -------------------------------------------------------------------------------- /src/gmp.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2009-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /** 20 | * @file gmp.h 21 | * @brief Headers for the GMP library. 22 | */ 23 | 24 | #ifndef _GVMD_GMP_H 25 | #define _GVMD_GMP_H 26 | 27 | #include "manage.h" 28 | #include "types.h" 29 | 30 | #include 31 | #include 32 | #include 33 | #include 34 | 35 | /** 36 | * @brief The size of the \ref to_client data buffer, in bytes. 37 | */ 38 | #define TO_CLIENT_BUFFER_SIZE 26214400 39 | 40 | /** 41 | * @brief The maximum length in bytes for long result text like the description. 42 | */ 43 | #define TRUNCATE_TEXT_LENGTH 10000000 44 | 45 | /** 46 | * @brief The text to append when text is truncated. 47 | */ 48 | #define TRUNCATE_TEXT_SUFFIX "[...]\n(text truncated)" 49 | 50 | int 51 | init_gmp (GSList *, const db_conn_info_t *, int, int, int, int, 52 | manage_connection_forker_t, int); 53 | 54 | void 55 | init_gmp_process (const db_conn_info_t *, int (*) (const char *, void *), 56 | void *, gchar **); 57 | 58 | int 59 | process_gmp_client_input (); 60 | 61 | /** @todo As described in gmp.c, probably should be replaced by gmp_parser_t. */ 62 | extern char to_client[]; 63 | extern buffer_size_t to_client_start; 64 | extern buffer_size_t to_client_end; 65 | 66 | #endif /* not _GVMD_MANAGE_H */ 67 | -------------------------------------------------------------------------------- /src/gmp_configs.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2019-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | #ifndef _GVMD_GMP_CONFIGS_H 20 | #define _GVMD_GMP_CONFIGS_H 21 | 22 | #include "gmp_base.h" 23 | 24 | #include 25 | #include 26 | 27 | /* create_config */ 28 | 29 | void 30 | create_config_start (gmp_parser_t *, const gchar **, const gchar **); 31 | 32 | void 33 | create_config_element_start (gmp_parser_t *, const gchar *, const gchar **, 34 | const gchar **); 35 | 36 | int 37 | create_config_element_end (gmp_parser_t *, GError **error, const gchar *); 38 | 39 | void 40 | create_config_element_text (const gchar *, gsize); 41 | 42 | int 43 | parse_config_entity (entity_t, const char **, char **, char **, 44 | char **, int *, array_t **, array_t **, char **); 45 | 46 | /* modify_config */ 47 | 48 | void 49 | modify_config_start (gmp_parser_t *, const gchar **, const gchar **); 50 | 51 | void 52 | modify_config_element_start (gmp_parser_t *, const gchar *, const gchar **, 53 | const gchar **); 54 | 55 | int 56 | modify_config_element_end (gmp_parser_t *, GError **error, const gchar *); 57 | 58 | void 59 | modify_config_element_text (const gchar *, gsize); 60 | 61 | #endif /* not _GVMD_GMP_CONFIGS_H */ 62 | -------------------------------------------------------------------------------- /src/gmp_delete.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2018-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | #ifndef _GVMD_GMP_DELETE_H 20 | #define _GVMD_GMP_DELETE_H 21 | 22 | #include "gmp_base.h" 23 | 24 | #include 25 | 26 | void 27 | delete_start (const gchar *, const gchar *, const gchar **, const gchar **); 28 | 29 | void 30 | delete_run (gmp_parser_t *, GError **); 31 | 32 | #endif /* not _GVMD_GMP_DELETE_H */ 33 | -------------------------------------------------------------------------------- /src/gmp_license.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2021-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | #include "gmp_base.h" 20 | 21 | #include 22 | #include 23 | 24 | 25 | /** 26 | * @file gmp_tls_certificates.h 27 | * @brief GVM GMP layer: License information headers 28 | * 29 | * Headers for GMP handling of license information. 30 | */ 31 | 32 | /* GET_LICENSE. */ 33 | 34 | void 35 | get_license_start (gmp_parser_t *, 36 | const gchar **, 37 | const gchar **); 38 | 39 | void 40 | get_license_element_start (gmp_parser_t *, 41 | const gchar *, 42 | const gchar **, 43 | const gchar **); 44 | 45 | int 46 | get_license_element_end (gmp_parser_t *, 47 | GError **, 48 | const gchar *); 49 | 50 | void 51 | get_license_element_text (const gchar *, 52 | gsize); 53 | 54 | 55 | /* MODIFY_LICENSE. */ 56 | 57 | void 58 | modify_license_start (gmp_parser_t *, 59 | const gchar **, 60 | const gchar **); 61 | 62 | void 63 | modify_license_element_start (gmp_parser_t *, 64 | const gchar *, 65 | const gchar **, 66 | const gchar **); 67 | 68 | int 69 | modify_license_element_end (gmp_parser_t *, 70 | GError **, 71 | const gchar *); 72 | 73 | void 74 | modify_license_element_text (const gchar *, 75 | gsize); 76 | -------------------------------------------------------------------------------- /src/gmp_logout.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2021-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | #include "gmp_base.h" 20 | 21 | #include 22 | #include 23 | 24 | void 25 | logout_start (gmp_parser_t *, 26 | const gchar **, 27 | const gchar **); 28 | 29 | void 30 | logout_element_start (gmp_parser_t *, const gchar *, 31 | const gchar **, const gchar **); 32 | 33 | int 34 | logout_element_end (gmp_parser_t *, GError **, const gchar *); 35 | -------------------------------------------------------------------------------- /src/gmp_port_lists.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2020-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | #ifndef _GVMD_GMP_PORT_LISTS_H 20 | #define _GVMD_GMP_PORT_LISTS_H 21 | 22 | #include "gmp_base.h" 23 | 24 | #include 25 | #include 26 | 27 | void 28 | create_port_list_start (gmp_parser_t *, const gchar **, const gchar **); 29 | 30 | void 31 | create_port_list_element_start (gmp_parser_t *, const gchar *, const gchar **, 32 | const gchar **); 33 | 34 | int 35 | create_port_list_element_end (gmp_parser_t *, GError **error, const gchar *); 36 | 37 | void 38 | create_port_list_element_text (const gchar *, gsize); 39 | 40 | void 41 | parse_port_list_entity (entity_t, const char **, char **, char **, array_t **, 42 | char **); 43 | 44 | #endif /* not _GVMD_GMP_PORT_LISTS_H */ 45 | -------------------------------------------------------------------------------- /src/gmp_report_configs.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2024 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /** 20 | * @file gmp_report_formats.h 21 | * @brief GVM GMP layer: Report Configs headers 22 | * 23 | * Headers for GMP report configurations. 24 | */ 25 | 26 | #ifndef _GVMD_GMP_REPORT_CONFIGS_H 27 | #define _GVMD_GMP_REPORT_CONFIGS_H 28 | 29 | #include "gmp_base.h" 30 | 31 | #include 32 | #include 33 | 34 | void 35 | create_report_config_start (gmp_parser_t *, const gchar **, const gchar **); 36 | 37 | void 38 | create_report_config_element_start (gmp_parser_t *, const gchar *, const gchar **, 39 | const gchar **); 40 | 41 | int create_report_config_element_end (gmp_parser_t*, GError**, const gchar*); 42 | 43 | void 44 | create_report_config_element_text (const gchar *, gsize); 45 | 46 | void 47 | modify_report_config_start (gmp_parser_t *, const gchar **, const gchar **); 48 | 49 | void 50 | modify_report_config_element_start (gmp_parser_t *, const gchar *, const gchar **, 51 | const gchar **); 52 | 53 | int 54 | modify_report_config_element_end (gmp_parser_t *, GError **error, const gchar *); 55 | 56 | void 57 | modify_report_config_element_text (const gchar *, gsize); 58 | 59 | #endif /* not _GVMD_GMP_REPORT_CONFIGS_H */ -------------------------------------------------------------------------------- /src/gmp_report_formats.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2020-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | #ifndef _GVMD_GMP_REPORT_FORMATS_H 20 | #define _GVMD_GMP_REPORT_FORMATS_H 21 | 22 | #include "gmp_base.h" 23 | 24 | #include 25 | #include 26 | 27 | void 28 | create_report_format_start (gmp_parser_t *, const gchar **, const gchar **); 29 | 30 | void 31 | create_report_format_element_start (gmp_parser_t *, const gchar *, const gchar **, 32 | const gchar **); 33 | 34 | int 35 | create_report_format_element_end (gmp_parser_t *, GError **error, const gchar *); 36 | 37 | void 38 | create_report_format_element_text (const gchar *, gsize); 39 | 40 | void 41 | params_options_free (array_t *); 42 | 43 | void 44 | parse_report_format_entity (entity_t, const char **, char **, char **, 45 | char **, char **, char **, char **, 46 | array_t **, array_t **, array_t **, char **, 47 | char **); 48 | 49 | #endif /* not _GVMD_GMP_REPORT_FORMATS_H */ 50 | -------------------------------------------------------------------------------- /src/gmp_tickets.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2018-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | #ifndef _GVMD_GMP_TICKETS_H 20 | #define _GVMD_GMP_TICKETS_H 21 | 22 | #include "gmp_base.h" 23 | /* This is only needed for result_t, which ideally would come from a smaller 24 | * include file. */ 25 | #include "manage.h" 26 | 27 | void 28 | get_tickets_start (const gchar **, const gchar **); 29 | 30 | void 31 | get_tickets_run (gmp_parser_t *, GError **); 32 | 33 | void 34 | create_ticket_start (gmp_parser_t *, const gchar **, const gchar **); 35 | 36 | void 37 | create_ticket_element_start (gmp_parser_t *, const gchar *, const gchar **, 38 | const gchar **); 39 | 40 | int 41 | create_ticket_element_end (gmp_parser_t *, GError **error, const gchar *); 42 | 43 | void 44 | create_ticket_element_text (const gchar *, gsize); 45 | 46 | void 47 | modify_ticket_start (gmp_parser_t *, const gchar **, const gchar **); 48 | 49 | void 50 | modify_ticket_element_start (gmp_parser_t *, const gchar *, const gchar **, 51 | const gchar **); 52 | 53 | int 54 | modify_ticket_element_end (gmp_parser_t *, GError **error, const gchar *); 55 | 56 | void 57 | modify_ticket_element_text (const gchar *, gsize); 58 | 59 | int 60 | buffer_result_tickets_xml (GString *, result_t); 61 | 62 | #endif /* not _GVMD_GMP_TICKETS_H */ 63 | -------------------------------------------------------------------------------- /src/gmp_tickets_tests.c: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2019-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | #include "gmp_tickets.c" 20 | 21 | #include 22 | #include 23 | 24 | Describe (gmp_tickets); 25 | BeforeEach (gmp_tickets) {} 26 | AfterEach (gmp_tickets) {} 27 | 28 | /* create_ticket_run */ 29 | 30 | int 31 | dummy_client_writer (const char *message, void *data) 32 | { 33 | return 0; 34 | } 35 | 36 | void 37 | log_event (const char *type, const char *type_name, const char *id, 38 | const char *action) 39 | { 40 | return; 41 | } 42 | 43 | gchar * 44 | ticket_uuid (ticket_t ticket) 45 | { 46 | return g_strdup ("9b5da19e-86b4-11e9-b0d2-28d24461215b"); 47 | } 48 | 49 | int 50 | copy_ticket (const char *comment, const char *ticket_id, ticket_t *new_ticket) 51 | { 52 | mock (); 53 | return 0; 54 | } 55 | 56 | int 57 | create_ticket (const char *comment, const char *result_id, 58 | const char *user_id, const char *open_note, 59 | ticket_t *ticket) 60 | { 61 | mock (); 62 | return 0; 63 | } 64 | 65 | Ensure (gmp_tickets, create_ticket_run_calls_copy_ticket_when_given_copy) 66 | { 67 | gmp_parser_t gmp_parser; 68 | GError *error; 69 | const gchar *uuid; 70 | 71 | /* Check that create_ticket_run calls only copy_ticket when given COPY. */ 72 | 73 | uuid = "9b5da19e-86b4-11e9-b0d2-28d24461215b"; 74 | gmp_parser.client_writer = dummy_client_writer; 75 | 76 | /* */ 77 | create_ticket_start (&gmp_parser, NULL, NULL); 78 | 79 | create_ticket_element_start (&gmp_parser, "copy", NULL, NULL); 80 | create_ticket_element_text (uuid, strlen (uuid)); 81 | create_ticket_element_end (&gmp_parser, &error, "copy"); 82 | 83 | create_ticket_element_start (&gmp_parser, "comment", NULL, NULL); 84 | create_ticket_element_text (uuid, strlen (uuid)); 85 | create_ticket_element_end (&gmp_parser, &error, "comment"); 86 | 87 | /* */ 88 | xml_handle_end_element (create_ticket_data.context, "create_ticket"); 89 | assert_that (create_ticket_data.context->done, is_not_equal_to (0)); 90 | 91 | expect (copy_ticket); 92 | never_expect (create_ticket); 93 | create_ticket_run (&gmp_parser, &error); 94 | } 95 | 96 | /* Test suite. */ 97 | 98 | int 99 | main (int argc, char **argv) 100 | { 101 | TestSuite *suite; 102 | 103 | suite = create_test_suite (); 104 | 105 | add_test_with_context (suite, gmp_tickets, create_ticket_run_calls_copy_ticket_when_given_copy); 106 | 107 | if (argc > 1) 108 | return run_single_test (suite, argv[1], create_text_reporter ()); 109 | 110 | return run_test_suite (suite, create_text_reporter ()); 111 | } 112 | -------------------------------------------------------------------------------- /src/gmp_tls_certificates.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2019-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /** 20 | * @file gmp_tls_certificates.h 21 | * @brief GVM GMP layer: TLS Certificates headers 22 | * 23 | * Headers for GMP handling of TLS Certificates. 24 | */ 25 | 26 | #ifndef _GVMD_GMP_TLS_CERTIFICATES_H 27 | #define _GVMD_GMP_TLS_CERTIFICATES_H 28 | 29 | #include "gmp_base.h" 30 | #include "manage.h" 31 | 32 | void 33 | get_tls_certificates_start (const gchar **, const gchar **); 34 | 35 | void 36 | get_tls_certificates_run (gmp_parser_t *, GError **); 37 | 38 | void 39 | create_tls_certificate_start (gmp_parser_t *, const gchar **, const gchar **); 40 | 41 | void 42 | create_tls_certificate_element_start (gmp_parser_t *, const gchar *, 43 | const gchar **, const gchar **); 44 | 45 | int 46 | create_tls_certificate_element_end (gmp_parser_t *, GError **error, 47 | const gchar *); 48 | 49 | void 50 | create_tls_certificate_element_text (const gchar *, gsize); 51 | 52 | void 53 | modify_tls_certificate_start (gmp_parser_t *, const gchar **, const gchar **); 54 | 55 | void 56 | modify_tls_certificate_element_start (gmp_parser_t *, const gchar *, 57 | const gchar **, const gchar **); 58 | 59 | int 60 | modify_tls_certificate_element_end (gmp_parser_t *, GError **error, 61 | const gchar *); 62 | 63 | void 64 | modify_tls_certificate_element_text (const gchar *, gsize); 65 | 66 | gchar * 67 | tls_certificate_origin_extra_xml (const char *, const char *, const char *); 68 | 69 | #endif /* not _GVMD_GMP_TLS_CERTIFICATES_H */ 70 | -------------------------------------------------------------------------------- /src/gmpd.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2009-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /** 20 | * @file gmpd.h 21 | * @brief Headers for the GMP daemon. 22 | */ 23 | 24 | #ifndef _GVMD_GMPD_H 25 | #define _GVMD_GMPD_H 26 | 27 | #include "manage.h" 28 | #include "types.h" 29 | 30 | #include 31 | #include 32 | #include 33 | #include 34 | 35 | /** 36 | * @brief Maximum number of seconds spent trying to read the protocol. 37 | */ 38 | #ifndef READ_PROTOCOL_TIMEOUT 39 | #define READ_PROTOCOL_TIMEOUT 300 40 | #endif 41 | 42 | /** 43 | * @brief Size of \ref from_client data buffers, in bytes. 44 | */ 45 | #define FROM_BUFFER_SIZE 1048576 46 | 47 | int 48 | init_gmpd (GSList *, const db_conn_info_t *, int, int, int, int, 49 | manage_connection_forker_t, int); 50 | 51 | void 52 | init_gmpd_process (const db_conn_info_t *, gchar **); 53 | 54 | int 55 | serve_gmp (gvm_connection_t *, const db_conn_info_t *, gchar **); 56 | 57 | #endif /* not _GVMD_GMPD_H */ 58 | -------------------------------------------------------------------------------- /src/gvmd.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2009-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /* 20 | * @file gvmd.h 21 | * @brief Headers for Greenbone Vulnerability Manager entry point. 22 | */ 23 | 24 | #ifndef _GVMD_H 25 | #define _GVMD_H 26 | 27 | int 28 | gvmd (int, char **, char **); 29 | 30 | #endif /* not _GVMD_H */ 31 | -------------------------------------------------------------------------------- /src/gvmd_log_conf.cmake_in: -------------------------------------------------------------------------------- 1 | # Greenbone Vulnerability Manager logging configuration 2 | # 3 | # WARNING: Setting the level of any group (besides event*) to include debug 4 | # may reveal passwords in the logs. 5 | 6 | [md main] 7 | prepend=%t %s %p 8 | separator=: 9 | prepend_time_format=%Y-%m-%d %Hh%M.%S %Z 10 | file=${GVMD_LOG_FILE} 11 | level=127 12 | 13 | [md manage] 14 | prepend=%t %s %p 15 | separator=: 16 | prepend_time_format=%Y-%m-%d %Hh%M.%S %Z 17 | file=${GVMD_LOG_FILE} 18 | level=127 19 | 20 | [md gmp] 21 | prepend=%t %s %p 22 | separator=: 23 | prepend_time_format=%Y-%m-%d %Hh%M.%S %Z 24 | file=${GVMD_LOG_FILE} 25 | level=127 26 | 27 | [md crypt] 28 | prepend=%t %s %p 29 | separator=: 30 | prepend_time_format=%Y-%m-%d %Hh%M.%S %Z 31 | file=${GVMD_LOG_FILE} 32 | level=127 33 | 34 | [md utils] 35 | prepend=%t %s %p 36 | separator=: 37 | prepend_time_format=%Y-%m-%d %Hh%M.%S %Z 38 | file=${GVMD_LOG_FILE} 39 | level=127 40 | 41 | [libgvm base] 42 | prepend=%t %s %p 43 | separator=: 44 | prepend_time_format=%Y-%m-%d %Hh%M.%S %Z 45 | file=${GVMD_LOG_FILE} 46 | level=127 47 | 48 | [libgvm gmp] 49 | prepend=%t %s %p 50 | separator=: 51 | prepend_time_format=%Y-%m-%d %Hh%M.%S %Z 52 | file=${GVMD_LOG_FILE} 53 | level=127 54 | 55 | [libgvm osp] 56 | prepend=%t %s %p 57 | separator=: 58 | prepend_time_format=%Y-%m-%d %Hh%M.%S %Z 59 | file=${GVMD_LOG_FILE} 60 | level=127 61 | 62 | [libgvm util] 63 | prepend=%t %s %p 64 | separator=: 65 | prepend_time_format=%Y-%m-%d %Hh%M.%S %Z 66 | file=${GVMD_LOG_FILE} 67 | level=127 68 | 69 | [event syslog] 70 | prepend=%t %s %p 71 | separator=: 72 | prepend_time_format=%Y-%m-%d %Hh%M.%S %Z 73 | file=syslog 74 | syslog_facility=daemon 75 | level=128 76 | 77 | [event snmp] 78 | prepend=%t %s %p 79 | separator=: 80 | prepend_time_format=%Y-%m-%d %Hh%M.%S %Z 81 | file=syslog 82 | syslog_facility=local0 83 | level=128 84 | 85 | [*] 86 | prepend=%t %s %p 87 | separator=: 88 | prepend_time_format=%Y-%m-%d %Hh%M.%S %Z 89 | file=${GVMD_LOG_FILE} 90 | level=127 91 | -------------------------------------------------------------------------------- /src/ipc.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2024 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /** 20 | * @file ipc.h 21 | * @brief Headers for inter-process communitcation (IPC) 22 | */ 23 | 24 | #ifndef _GVMD_IPC_H 25 | #define _GVMD_IPC_H 26 | 27 | typedef enum { 28 | SEMAPHORE_SCAN_UPDATE = 0 29 | } semaphore_index_t; 30 | 31 | int 32 | init_semaphore_set (); 33 | 34 | int 35 | semaphore_op (semaphore_index_t, short int, time_t); 36 | 37 | #endif /* not _GVMD_IPC_H */ 38 | -------------------------------------------------------------------------------- /src/iterator.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2016-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /** 20 | * @file iterator.h 21 | * @brief Headers for Iterators. 22 | * 23 | * The interface here is for "external" use. The SQL parts of the interface 24 | * are in sql.h. Both are defined in sql.c. 25 | */ 26 | 27 | #ifndef _GVMD_ITERATOR_H 28 | #define _GVMD_ITERATOR_H 29 | 30 | #include "lsc_crypt.h" 31 | 32 | #include 33 | 34 | /* Types. */ 35 | 36 | /** 37 | * @brief A resource, like a task or target. 38 | */ 39 | typedef long long int resource_t; 40 | 41 | /** 42 | * @brief A prepared SQL statement. 43 | */ 44 | typedef struct sql_stmt sql_stmt_t; 45 | 46 | /** 47 | * @brief A generic SQL iterator structure. 48 | */ 49 | struct iterator 50 | { 51 | sql_stmt_t *stmt; ///< SQL statement. 52 | gboolean done; ///< End flag. 53 | lsc_crypt_ctx_t crypt_ctx; ///< Encryption context. 54 | }; 55 | 56 | /** 57 | * @brief A generic SQL iterator type. 58 | */ 59 | typedef struct iterator iterator_t; 60 | 61 | /* Functions. */ 62 | 63 | void 64 | cleanup_iterator (iterator_t *); 65 | 66 | gboolean 67 | next (iterator_t *); 68 | 69 | #endif /* not _GVMD_ITERATOR_H */ 70 | -------------------------------------------------------------------------------- /src/lsc_crypt.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2013-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /* 20 | * @file lsc_crypt.h 21 | * @brief LSC credentials encryption support 22 | */ 23 | 24 | #ifndef _GVMD_LSC_CRYPT_H 25 | #define _GVMD_LSC_CRYPT_H 26 | 27 | #include 28 | 29 | /// @brief Default length for RSA encryption keys 30 | #define DEFAULT_ENCRYPTION_RSA_KEY_LENGTH 4096 31 | 32 | /** 33 | * @brief The name of the old encryption key. 34 | * 35 | * Note that the code will use the "=" prefix flag to indicate an 36 | * exact search. Thus when creating the key it should not have a 37 | * comment or email address part. 38 | */ 39 | #define OLD_ENCRYPTION_KEY_UID "GVM Credential Encryption" 40 | 41 | /** 42 | * @brief Template for the name of the encryption key. 43 | * 44 | * It must contain a single %s that will be replaced with the current 45 | * date and time. 46 | * 47 | * Note that the code will use the "=" prefix flag to indicate an 48 | * exact search. Thus when creating the key it should not have a 49 | * comment or email address part. 50 | */ 51 | #define ENCRYPTION_KEY_UID_TEMPLATE "GVM Credential Encryption - %s" 52 | 53 | /* (Defined in gvmd.c) */ 54 | extern int disable_encrypted_credentials; 55 | 56 | 57 | struct lsc_crypt_ctx_s; 58 | typedef struct lsc_crypt_ctx_s *lsc_crypt_ctx_t; 59 | 60 | int lsc_crypt_enckey_parms_init (const char *, int); 61 | 62 | lsc_crypt_ctx_t lsc_crypt_new (const char*); 63 | void lsc_crypt_release (lsc_crypt_ctx_t); 64 | 65 | int lsc_crypt_create_key (); 66 | 67 | void lsc_crypt_flush (lsc_crypt_ctx_t); 68 | 69 | gboolean lsc_crypt_enckey_exists (lsc_crypt_ctx_t); 70 | 71 | int lsc_crypt_create_enckey (lsc_crypt_ctx_t ctx); 72 | 73 | char *lsc_crypt_encrypt_hashtable (lsc_crypt_ctx_t, GHashTable*); 74 | 75 | char *lsc_crypt_encrypt (lsc_crypt_ctx_t, 76 | const char *, ...) G_GNUC_NULL_TERMINATED; 77 | 78 | const char *lsc_crypt_decrypt (lsc_crypt_ctx_t, const char *, const char *); 79 | const char *lsc_crypt_get_password (lsc_crypt_ctx_t, const char *); 80 | const char *lsc_crypt_get_private_key (lsc_crypt_ctx_t, const char *); 81 | 82 | 83 | #endif /* not _GVMD_LSC_CRYPT_H */ 84 | -------------------------------------------------------------------------------- /src/lsc_user.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2009-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /* 20 | * @file lsc_user.h 21 | * @brief LSC user credentials package generation. 22 | */ 23 | 24 | #ifndef _GVMD_LSC_USER_H 25 | #define _GVMD_LSC_USER_H 26 | 27 | #include 28 | 29 | int 30 | lsc_user_keys_create (const gchar *, gchar **); 31 | 32 | int 33 | lsc_user_rpm_recreate (const gchar *, const gchar *, 34 | void **, gsize *); 35 | 36 | int 37 | lsc_user_deb_recreate (const gchar *, const char *, const char *, 38 | void **, gsize *); 39 | 40 | int 41 | lsc_user_exe_recreate (const gchar *, const gchar *, void **, gsize *); 42 | 43 | #endif /* not _GVMD_LSC_USER_H */ 44 | -------------------------------------------------------------------------------- /src/main.c: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2009-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /** 20 | * @file main.c 21 | * @brief Main function of gvmd. 22 | * 23 | * This file separates out the "main" function of gvmd. 24 | */ 25 | 26 | #include "gvmd.h" 27 | 28 | /** 29 | * @brief Main function. 30 | * 31 | * @param[in] argc The number of arguments in argv. 32 | * @param[in] argv The list of arguments to the program. 33 | * @param[in] env The program's environment arguments. 34 | * 35 | * @return EXIT_SUCCESS on success, EXIT_FAILURE on failure. 36 | */ 37 | int 38 | main (int argc, char **argv, char *env[]) 39 | { 40 | return gvmd (argc, argv, env); 41 | } 42 | -------------------------------------------------------------------------------- /src/manage_authentication.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: GPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | #ifndef _GVMD_MANAGE_AUTHENTICATION_H 20 | #define _GVMD_MANAGE_AUTHENTICATION_H 21 | 22 | 23 | enum manage_authentication_rc 24 | { 25 | GMA_SUCCESS, 26 | GMA_HASH_VALID_BUT_DATED, 27 | GMA_HASH_INVALID, 28 | GMA_ERR, 29 | }; 30 | 31 | enum manage_authentication_rc 32 | manage_authentication_setup (const char *pepper, unsigned int pepper_size, 33 | unsigned int count, char *prefix); 34 | char * 35 | manage_authentication_hash (const char *password); 36 | 37 | enum manage_authentication_rc 38 | manage_authentication_verify (const char *hash, const char *password); 39 | 40 | #endif 41 | 42 | -------------------------------------------------------------------------------- /src/manage_commands.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2025 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | */ 5 | 6 | /** 7 | * @file manage_commands.h 8 | * @brief GVM management layer: Generic command handling headers. 9 | * 10 | * Non-SQL generic command handling headers for the GVM management layer. 11 | */ 12 | 13 | #ifndef GVMD_MANAGE_COMMANDS_H 14 | #define GVMD_MANAGE_COMMANDS_H 15 | 16 | #include 17 | 18 | /** 19 | * @brief A command. 20 | */ 21 | typedef struct 22 | { 23 | gchar *name; ///< Command name. 24 | gchar *summary; ///< Summary of command. 25 | } command_t; 26 | 27 | /** 28 | * @brief The GMP command list. 29 | */ 30 | extern command_t gmp_commands[]; 31 | 32 | int 33 | valid_gmp_command (const char*); 34 | 35 | gchar * 36 | gmp_command_type (const char*); 37 | 38 | int 39 | gmp_command_takes_resource (const char*); 40 | 41 | 42 | #endif /* GVMD_MANAGE_COMMANDS_H */ 43 | -------------------------------------------------------------------------------- /src/manage_events.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2025 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | #ifndef _GVMD_MANAGE_EVENTS_H 20 | #define _GVMD_MANAGE_EVENTS_H 21 | 22 | #include "iterator.h" 23 | 24 | /** 25 | * @brief Types of task events. 26 | */ 27 | typedef enum 28 | { 29 | EVENT_ERROR, 30 | EVENT_TASK_RUN_STATUS_CHANGED, 31 | EVENT_NEW_SECINFO, 32 | EVENT_UPDATED_SECINFO, 33 | EVENT_TICKET_RECEIVED, 34 | EVENT_ASSIGNED_TICKET_CHANGED, 35 | EVENT_OWNED_TICKET_CHANGED 36 | } event_t; 37 | 38 | const char* 39 | event_name (event_t); 40 | 41 | gchar* 42 | event_description (event_t, const void *, const char *); 43 | 44 | event_t 45 | event_from_name (const char*); 46 | 47 | void 48 | event (event_t, void *, resource_t, resource_t); 49 | 50 | int 51 | manage_alert (const char *, const char *, event_t, const void *, gchar **); 52 | 53 | #endif /* not _GVMD_MANAGE_EVENTS_H */ 54 | -------------------------------------------------------------------------------- /src/manage_filter_utils.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2025 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | */ 5 | 6 | /** 7 | * @file manage_filter_utils.h 8 | * @brief GVM management layer: Filter utilities headers. 9 | * 10 | * Filter parser and handling utilities headers for the GVM management layer. 11 | */ 12 | 13 | #ifndef GVMD_MANAGE_FILTER_UTILS_H 14 | #define GVMD_MANAGE_FILTER_UTILS_H 15 | 16 | #include "manage_resources.h" 17 | #include 18 | 19 | /** 20 | * @brief Function type for getting a filter term by filter UUID. 21 | */ 22 | typedef char* (*filter_term_func)(const char*); 23 | 24 | /** 25 | * @brief Keyword type. 26 | */ 27 | typedef enum 28 | { 29 | KEYWORD_TYPE_UNKNOWN, 30 | KEYWORD_TYPE_INTEGER, 31 | KEYWORD_TYPE_DOUBLE, 32 | KEYWORD_TYPE_STRING 33 | } keyword_type_t; 34 | 35 | /** 36 | * @brief Comparison returns. 37 | */ 38 | typedef enum 39 | { 40 | KEYWORD_RELATION_APPROX, 41 | KEYWORD_RELATION_COLUMN_ABOVE, 42 | KEYWORD_RELATION_COLUMN_APPROX, 43 | KEYWORD_RELATION_COLUMN_EQUAL, 44 | KEYWORD_RELATION_COLUMN_BELOW, 45 | KEYWORD_RELATION_COLUMN_REGEXP 46 | } keyword_relation_t; 47 | 48 | /** 49 | * @brief Keyword. 50 | */ 51 | struct keyword 52 | { 53 | gchar *column; ///< The column prefix, or NULL. 54 | int approx; ///< Whether the keyword is like "~example". 55 | int equal; ///< Whether the keyword is like "=example". 56 | int integer_value; ///< Integer value of the keyword. 57 | double double_value; ///< Floating point value of the keyword. 58 | int quoted; ///< Whether the keyword was quoted. 59 | gchar *string; ///< The keyword string, outer quotes removed. 60 | keyword_type_t type; ///< Type of keyword. 61 | keyword_relation_t relation; ///< The relation. 62 | }; 63 | 64 | /** 65 | * @brief Keyword type. 66 | */ 67 | typedef struct keyword keyword_t; 68 | 69 | 70 | extern int table_order_if_sort_not_specified; 71 | 72 | 73 | /** 74 | * @brief Default apply_overrides setting for filters. 75 | */ 76 | #define APPLY_OVERRIDES_DEFAULT 0 77 | 78 | /** 79 | * @brief Default min quality of detection percentage for filters. 80 | */ 81 | #define MIN_QOD_DEFAULT 70 82 | 83 | 84 | int 85 | keyword_special (keyword_t *); 86 | 87 | const char * 88 | keyword_relation_symbol (keyword_relation_t); 89 | 90 | void 91 | filter_free (array_t*); 92 | 93 | array_t * 94 | split_filter (const gchar*); 95 | 96 | gchar* 97 | filter_term (const char *); 98 | 99 | gchar* 100 | filter_term_value (const char *, const char *); 101 | 102 | int 103 | filter_term_apply_overrides (const char *term); 104 | 105 | int 106 | filter_term_min_qod (const char *term); 107 | 108 | void 109 | init_manage_filter_utils_funcs (filter_term_func filter_term_f); 110 | 111 | 112 | #endif /* GVMD_MANAGE_FILTER_UTILS_H */ -------------------------------------------------------------------------------- /src/manage_license.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2020-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /** 20 | * @file manage_license.c 21 | * @brief GVM management layer: License information headers. 22 | * 23 | * Headers for non-SQL license information code for the GVM management layer. 24 | */ 25 | 26 | #include 27 | 28 | #ifdef HAS_LIBTHEIA 29 | #include 30 | #else 31 | #include "theia_dummy.h" 32 | #endif 33 | 34 | /* Actions */ 35 | 36 | int 37 | manage_update_license_file (const char *, char **); 38 | 39 | int 40 | manage_get_license (gchar **, theia_license_t **); 41 | -------------------------------------------------------------------------------- /src/manage_port_lists.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2020-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | #ifndef _GVMD_MANAGE_PORT_LISTS_H 20 | #define _GVMD_MANAGE_PORT_LISTS_H 21 | 22 | #include "manage.h" 23 | 24 | #include 25 | 26 | gboolean 27 | find_port_list (const char*, port_list_t*); 28 | 29 | gboolean 30 | find_port_list_with_permission (const char *, port_list_t *, const char *); 31 | 32 | gboolean 33 | find_port_range (const char*, port_list_t*); 34 | 35 | int 36 | trash_port_list_predefined (port_list_t); 37 | 38 | int 39 | port_list_predefined (port_list_t); 40 | 41 | int 42 | create_port_list (const char *, const char *, const char *, const char *, 43 | array_t *, port_list_t *); 44 | 45 | int 46 | copy_port_list (const char *, const char *, const char *, port_list_t *); 47 | 48 | int 49 | modify_port_list (const char *, const char *, const char *); 50 | 51 | int 52 | create_port_range (const char *, const char *, const char *, const char *, 53 | const char *, port_range_t *); 54 | 55 | int 56 | delete_port_list (const char *, int); 57 | 58 | int 59 | delete_port_range (const char *, int); 60 | 61 | int 62 | port_list_count (const get_data_t *); 63 | 64 | int 65 | init_port_list_iterator (iterator_t *, get_data_t *); 66 | 67 | int 68 | port_list_iterator_count_all (iterator_t *); 69 | 70 | int 71 | port_list_iterator_count_tcp (iterator_t *); 72 | 73 | int 74 | port_list_iterator_count_udp (iterator_t *); 75 | 76 | int 77 | port_list_iterator_predefined (iterator_t *); 78 | 79 | char* 80 | port_list_uuid (port_list_t); 81 | 82 | char* 83 | port_range_uuid (port_range_t); 84 | 85 | int 86 | port_list_in_use (port_list_t); 87 | 88 | int 89 | trash_port_list_in_use (port_list_t); 90 | 91 | int 92 | trash_port_list_writable (port_list_t); 93 | 94 | int 95 | port_list_writable (port_list_t); 96 | 97 | int 98 | trash_port_list_readable_uuid (const gchar *); 99 | 100 | void 101 | init_port_range_iterator (iterator_t *, port_range_t, int, int, const char *); 102 | 103 | const char* 104 | port_range_iterator_uuid (iterator_t *); 105 | 106 | const char* 107 | port_range_iterator_comment (iterator_t*); 108 | 109 | const char* 110 | port_range_iterator_start (iterator_t *); 111 | 112 | const char* 113 | port_range_iterator_end (iterator_t *); 114 | 115 | const char* 116 | port_range_iterator_type (iterator_t *); 117 | 118 | void 119 | init_port_list_target_iterator (iterator_t *, port_list_t, int); 120 | 121 | const char* 122 | port_list_target_iterator_uuid (iterator_t *); 123 | 124 | const char* 125 | port_list_target_iterator_name (iterator_t *); 126 | 127 | int 128 | port_list_target_iterator_readable (iterator_t *); 129 | 130 | gboolean 131 | port_lists_feed_dir_exists (); 132 | 133 | void 134 | manage_sync_port_lists (); 135 | 136 | int 137 | manage_rebuild_port_lists (); 138 | 139 | gboolean 140 | should_sync_port_lists (); 141 | 142 | #endif /* not _GVMD_MANAGE_PORT_LISTS_H */ 143 | -------------------------------------------------------------------------------- /src/manage_preferences.c: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2019-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /** 20 | * @file 21 | * @brief GVM manage layer: Preference utils. 22 | */ 23 | 24 | #include "manage_preferences.h" 25 | 26 | #include 27 | 28 | /** 29 | * @brief Create a new preference. 30 | * 31 | * @param[in] id ID of preference. 32 | * @param[in] name Name of preference. 33 | * @param[in] type Type of preference. 34 | * @param[in] value Value of preference. 35 | * @param[in] nvt_name Name of NVT of preference. 36 | * @param[in] nvt_oid OID of NVT of preference. 37 | * @param[in] alts Array of gchar's. Alternative values for type radio. 38 | * @param[in] default_value Default value of preference. 39 | * @param[in] hr_name The hr_name of the nvt_preference. 40 | * @param[in] free_strings Whether string fields are freed by preference_free. 41 | * 42 | * @return Newly allocated preference. 43 | */ 44 | gpointer 45 | preference_new (char *id, char *name, char *type, char *value, char *nvt_name, 46 | char *nvt_oid, array_t *alts, char* default_value, 47 | char *hr_name, int free_strings) 48 | { 49 | preference_t *preference; 50 | 51 | preference = (preference_t*) g_malloc0 (sizeof (preference_t)); 52 | preference->id = id; 53 | preference->name = name; 54 | preference->type = type; 55 | preference->value = value; 56 | preference->nvt_name = nvt_name; 57 | preference->nvt_oid = nvt_oid; 58 | preference->alts = alts; 59 | preference->default_value = default_value; 60 | preference->hr_name = hr_name; 61 | preference->free_strings = free_strings; 62 | 63 | return preference; 64 | } 65 | 66 | /** 67 | * @brief Frees a preference including its assigned values. 68 | * 69 | * @param[in] preference The preference to free. 70 | */ 71 | void 72 | preference_free (preference_t *preference) 73 | { 74 | if (preference == NULL) 75 | return; 76 | 77 | if (preference->alts) 78 | g_ptr_array_free (preference->alts, TRUE); 79 | if (preference->free_strings) 80 | { 81 | free (preference->id); 82 | free (preference->name); 83 | free (preference->pref_name); 84 | free (preference->type); 85 | free (preference->value); 86 | free (preference->nvt_name); 87 | free (preference->nvt_oid); 88 | free (preference->default_value); 89 | } 90 | 91 | g_free (preference); 92 | } 93 | 94 | /** 95 | * @brief Cleanup preferences array. 96 | * 97 | * @param[in] import_preferences Import preferences. 98 | */ 99 | void 100 | cleanup_import_preferences (array_t *import_preferences) 101 | { 102 | if (import_preferences) 103 | { 104 | guint index; 105 | 106 | for (index = 0; index < import_preferences->len; index++) 107 | { 108 | preference_t *pref; 109 | pref = (preference_t*) g_ptr_array_index (import_preferences, 110 | index); 111 | if (pref) 112 | preference_free (pref); 113 | } 114 | g_ptr_array_free (import_preferences, TRUE); 115 | } 116 | } 117 | -------------------------------------------------------------------------------- /src/manage_preferences.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2020-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /* 20 | * @file manage_preferences.h 21 | * @brief Headers for Greenbone Vulnerability Manager: Manage lib: Preferences. 22 | */ 23 | 24 | #ifndef _GVMD_MANAGE_PREFERENCES_H 25 | #define _GVMD_MANAGE_PREFERENCES_H 26 | 27 | #include 28 | 29 | /** 30 | * @brief An NVT preference. 31 | */ 32 | typedef struct 33 | { 34 | char *name; ///< Full name of preference, including OID etc. 35 | char *pref_name; ///< Name of preference. 36 | char *id; ///< ID of preference. 37 | char *type; ///< Type of preference (radio, password, ...). 38 | char *value; ///< Value of preference. 39 | char *nvt_name; ///< Name of NVT preference affects. 40 | char *nvt_oid; ///< OID of NVT preference affects. 41 | array_t *alts; ///< Array of gchar's. Alternate values for radio type. 42 | char *default_value; ///< Default value of preference. 43 | char *hr_name; ///< Extended, more human-readable name. 44 | int free_strings; ///< Whether string fields are freed by preference_free. 45 | } preference_t; 46 | 47 | gpointer 48 | preference_new (char *, char *, char *, char *, char *, 49 | char *, array_t *, char*, char *, int); 50 | 51 | void 52 | preference_free (preference_t *); 53 | 54 | void 55 | cleanup_import_preferences (array_t *); 56 | 57 | #endif /* not _GVMD_MANAGE_PREFERENCES_H */ 58 | -------------------------------------------------------------------------------- /src/manage_report_configs.c: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2024 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /** 20 | * @file manage_report_configs.c 21 | * @brief GVM management layer: Report configs. 22 | * 23 | * Non-SQL report config code for the GVM management layer. 24 | */ 25 | 26 | #include "manage_sql.h" 27 | #include "manage_report_configs.h" 28 | 29 | #undef G_LOG_DOMAIN 30 | /** 31 | * @brief GLib log domain. 32 | */ 33 | #define G_LOG_DOMAIN "md manage" 34 | 35 | /** 36 | * @brief Find a report config for a specific permission, given a UUID. 37 | * 38 | * @param[in] uuid UUID of report config. 39 | * @param[out] report_config Report config return, 0 if successfully failed to 40 | * find report_config. 41 | * @param[in] permission Permission. 42 | * 43 | * @return FALSE on success (including if failed to find report_config), TRUE 44 | * on error. 45 | */ 46 | gboolean 47 | find_report_config_with_permission (const char *uuid, 48 | report_config_t *report_config, 49 | const char *permission) 50 | { 51 | return find_resource_with_permission ("report_config", uuid, report_config, 52 | permission, 0); 53 | } 54 | 55 | /** 56 | * @brief Free a report config parameter data struct. 57 | * 58 | * @param[in] param The parameter to free. 59 | */ 60 | void 61 | report_config_param_data_free (report_config_param_data_t *param) 62 | { 63 | if (param == NULL) 64 | return; 65 | 66 | g_free (param->name); 67 | g_free (param->value); 68 | g_free (param); 69 | } 70 | 71 | /** 72 | * @brief Return whether a report config is writable. 73 | * 74 | * @param[in] report_config Report Config. 75 | * 76 | * @return 1 if writable, else 0. 77 | */ 78 | int 79 | report_config_writable (report_config_t report_config) 80 | { 81 | return report_config_in_use (report_config) == 0; 82 | } 83 | 84 | /** 85 | * @brief Return whether a trashcan report config is writable. 86 | * 87 | * @param[in] report_config Report Config. 88 | * 89 | * @return 1 if writable, else 0. 90 | */ 91 | int 92 | trash_report_config_writable (report_config_t report_config) 93 | { 94 | return trash_report_config_in_use (report_config) == 0; 95 | } 96 | -------------------------------------------------------------------------------- /src/manage_resources.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2025 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | */ 5 | 6 | /** 7 | * @file manage_resources.h 8 | * @brief GVM management layer: Generic resource type handling headers. 9 | * 10 | * Non-SQL generic resource type handling headers for the GVM management layer. 11 | */ 12 | 13 | #ifndef GVMD_MANAGE_RESOURCES_H 14 | #define GVMD_MANAGE_RESOURCES_H 15 | 16 | #include "iterator.h" 17 | 18 | 19 | /* Resource types */ 20 | 21 | typedef resource_t alert_t; 22 | typedef resource_t config_t; 23 | typedef resource_t credential_t; 24 | typedef resource_t filter_t; 25 | typedef resource_t group_t; 26 | typedef resource_t host_t; 27 | typedef resource_t tag_t; 28 | typedef resource_t target_t; 29 | typedef resource_t ticket_t; 30 | typedef resource_t tls_certificate_t; 31 | typedef resource_t result_t; 32 | typedef resource_t report_t; 33 | typedef resource_t report_host_t; 34 | typedef resource_t report_config_t; 35 | typedef resource_t report_config_param_t; 36 | typedef resource_t report_format_t; 37 | typedef resource_t report_format_param_t; 38 | typedef resource_t role_t; 39 | typedef resource_t note_t; 40 | typedef resource_t nvt_t; 41 | typedef resource_t override_t; 42 | typedef resource_t permission_t; 43 | typedef resource_t port_list_t; 44 | typedef resource_t port_range_t; 45 | typedef resource_t schedule_t; 46 | typedef resource_t scanner_t; 47 | typedef resource_t setting_t; 48 | typedef resource_t task_t; 49 | typedef resource_t user_t; 50 | 51 | 52 | /* Resource type information. */ 53 | 54 | int 55 | valid_type (const char*); 56 | 57 | int 58 | valid_subtype (const char*); 59 | 60 | const char * 61 | type_db_name (const char*); 62 | 63 | int 64 | type_is_asset_subtype (const char *); 65 | 66 | int 67 | type_is_info_subtype (const char *); 68 | 69 | int 70 | type_is_report_subtype (const char *); 71 | 72 | int 73 | type_is_task_subtype (const char *); 74 | 75 | int 76 | type_is_config_subtype (const char *); 77 | 78 | int 79 | type_named (const char *); 80 | 81 | int 82 | type_globally_unique (const char *); 83 | 84 | int 85 | type_has_comment (const char *); 86 | 87 | int 88 | type_has_trash (const char *); 89 | 90 | int 91 | type_owned (const char *); 92 | 93 | int 94 | type_trash_in_table (const char *); 95 | 96 | 97 | /* SecInfo specific resource type information. */ 98 | 99 | const char * 100 | secinfo_type_name_plural (const char*); 101 | 102 | const char * 103 | secinfo_type_name (const char*); 104 | 105 | int 106 | secinfo_type_is_scap (const char*); 107 | 108 | 109 | #endif /* GVMD_MANAGE_RESOURCES_H */ 110 | -------------------------------------------------------------------------------- /src/manage_settings.c: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2025 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | */ 5 | 6 | /** 7 | * @file manage_filter_utils.c 8 | * @brief GVM management layer: Filter utilities. 9 | * 10 | * Filter parser and handling utilities code for the GVM management layer. 11 | */ 12 | 13 | #include 14 | #include "manage_settings.h" 15 | 16 | /** 17 | * @brief Internal function for getting a setting value as a string. 18 | * 19 | * Should be set by init_manage_settings_funcs. 20 | */ 21 | static setting_value_func setting_value_internal; 22 | 23 | /** 24 | * @brief Internal function for getting a setting value as an integer. 25 | * 26 | * Should be set by init_manage_settings_funcs. 27 | */ 28 | static setting_value_int_func setting_value_int_internal; 29 | 30 | /** 31 | * @brief Get the value of a setting as a string. 32 | * 33 | * @param[in] uuid UUID of setting. 34 | * @param[out] value Freshly allocated value. 35 | * 36 | * @return 0 success, -1 error. 37 | */ 38 | int 39 | setting_value (const char *uuid, char **value) 40 | { 41 | assert (setting_value_internal); 42 | return setting_value_internal (uuid, value); 43 | } 44 | 45 | /** 46 | * @brief Get the value of a setting. 47 | * 48 | * @param[in] uuid UUID of setting. 49 | * @param[out] value Value. 50 | * 51 | * @return 0 success, -1 error. 52 | */ 53 | int 54 | setting_value_int (const char *uuid, int *value) 55 | { 56 | assert (setting_value_int_internal); 57 | return setting_value_int_internal (uuid, value); 58 | } 59 | 60 | /** 61 | * @brief Initialize functions of the manage_settings submodule. 62 | * 63 | * @param[in] setting_value_f Function for getting setting string values. 64 | * @param[in] setting_value_int_f Function for getting setting int values. 65 | */ 66 | void 67 | init_manage_settings_funcs (setting_value_func setting_value_f, 68 | setting_value_int_func setting_value_int_f) 69 | { 70 | setting_value_internal = setting_value_f; 71 | setting_value_int_internal = setting_value_int_f; 72 | } -------------------------------------------------------------------------------- /src/manage_settings.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2025 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | */ 5 | 6 | /** 7 | * @file manage_settings.h 8 | * @brief GVM management layer: User Settings headers. 9 | * 10 | * User settings headers for the GVM management layer. 11 | */ 12 | 13 | #ifndef GVMD_MANAGE_SETTINGS_H 14 | #define GVMD_MANAGE_SETTINGS_H 15 | 16 | /** 17 | * @brief UUID of setting. 18 | */ 19 | #define SETTING_UUID_AUTO_CACHE_REBUILD "a09285b0-2d47-49b6-a4ef-946ee71f1d5c" 20 | 21 | /** 22 | * @brief UUID of setting. 23 | */ 24 | #define SETTING_UUID_AUTO_REFRESH "578a1c14-e2dc-45ef-a591-89d31391d007" 25 | 26 | /** 27 | * @brief UUID of 'CVE-CPE Matching Version' setting. 28 | */ 29 | #define SETTING_UUID_CVE_CPE_MATCHING_VERSION "2e8a8ccc-219f-4a82-824a-3ad88b6d4029" 30 | 31 | /** 32 | * @brief UUID of setting. 33 | */ 34 | #define SETTING_UUID_DEFAULT_SEVERITY "7eda49c5-096c-4bef-b1ab-d080d87300df" 35 | 36 | /** 37 | * @brief UUID of 'Default CA Cert' setting. 38 | */ 39 | #define SETTING_UUID_DEFAULT_CA_CERT "9ac801ea-39f8-11e6-bbaa-28d24461215b" 40 | 41 | /** 42 | * @brief UUID of setting. 43 | */ 44 | #define SETTING_UUID_DYNAMIC_SEVERITY "77ec2444-e7f2-4a80-a59b-f4237782d93f" 45 | 46 | /** 47 | * @brief UUID of 'Note/Override Excerpt Size' setting. 48 | */ 49 | #define SETTING_UUID_EXCERPT_SIZE "9246a0f6-c6ad-44bc-86c2-557a527c8fb3" 50 | 51 | /** 52 | * @brief UUID of 'Feed Import Owner' setting. 53 | */ 54 | #define SETTING_UUID_FEED_IMPORT_OWNER "78eceaec-3385-11ea-b237-28d24461215b" 55 | 56 | /** 57 | * @brief UUID of 'Feed Import Roles' setting. 58 | */ 59 | #define SETTING_UUID_FEED_IMPORT_ROLES "ff000362-338f-11ea-9051-28d24461215b" 60 | 61 | /** 62 | * @brief UUID of setting. 63 | */ 64 | #define SETTING_UUID_FILE_DETAILS "a6ac88c5-729c-41ba-ac0a-deea4a3441f2" 65 | 66 | /** 67 | * @brief UUID of setting. 68 | */ 69 | #define SETTING_UUID_FILE_LIST "0872a6ed-4f85-48c5-ac3f-a5ef5e006745" 70 | 71 | /** 72 | * @brief UUID of setting. 73 | */ 74 | #define SETTING_UUID_FILE_REPORT "e1a2ae0b-736e-4484-b029-330c9e15b900" 75 | 76 | /** 77 | * @brief UUID of 'Debian LSC Package Maintainer' setting. 78 | */ 79 | #define SETTING_UUID_LSC_DEB_MAINTAINER "2fcbeac8-4237-438f-b52a-540a23e7af97" 80 | 81 | /** 82 | * @brief UUID of 'Max Rows Per Page' setting. 83 | */ 84 | #define SETTING_UUID_MAX_ROWS_PER_PAGE "76374a7a-0569-11e6-b6da-28d24461215b" 85 | 86 | /** 87 | * @brief UUID of setting. 88 | */ 89 | #define SETTING_UUID_PREFERRED_LANG "6765549a-934e-11e3-b358-406186ea4fc5" 90 | 91 | /** 92 | * @brief UUID of 'Rows Per Page' setting. 93 | */ 94 | #define SETTING_UUID_ROWS_PER_PAGE "5f5a8712-8017-11e1-8556-406186ea4fc5" 95 | 96 | /** 97 | * @brief UUID of 'SecInfo SQL Buffer Threshold' setting. 98 | */ 99 | #define SETTING_UUID_SECINFO_SQL_BUFFER_THRESHOLD "316275a9-3629-49ad-9cea-5b3ab155b93f" 100 | 101 | /** 102 | * @brief UUID of 'User Interface Date Format' setting. 103 | */ 104 | #define SETTING_UUID_USER_INTERFACE_DATE_FORMAT "d9857b7c-1159-4193-9bc0-18fae5473a69" 105 | 106 | /** 107 | * @brief UUID of 'User Interface Time Format' setting. 108 | */ 109 | #define SETTING_UUID_USER_INTERFACE_TIME_FORMAT "11deb7ff-550b-4950-aacf-06faeb7c61b9" 110 | 111 | /** 112 | * @brief Type for a function getting a setting value as a string. 113 | */ 114 | typedef int (*setting_value_func)(const char*, char **); 115 | 116 | /** 117 | * @brief Type for a function getting a setting value as an integer. 118 | */ 119 | typedef int (*setting_value_int_func)(const char*, int *); 120 | 121 | 122 | int 123 | setting_value (const char *, char **); 124 | 125 | int 126 | setting_value_int (const char *, int *); 127 | 128 | void 129 | init_manage_settings_funcs (setting_value_func, 130 | setting_value_int_func); 131 | 132 | 133 | #endif /* GVMD_MANAGE_SETTINGS_H */ 134 | -------------------------------------------------------------------------------- /src/manage_sql_alerts.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2019-2025 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | #ifndef _GVMD_MANAGE_SQL_ALERTS_H 20 | #define _GVMD_MANAGE_SQL_ALERTS_H 21 | 22 | #include "manage.h" 23 | 24 | /** 25 | * @brief Filter columns for alert iterator. 26 | */ 27 | #define ALERT_ITERATOR_FILTER_COLUMNS \ 28 | { GET_ITERATOR_FILTER_COLUMNS, "event", "condition", "method", \ 29 | "filter", NULL } 30 | 31 | /** 32 | * @brief Alert iterator columns. 33 | */ 34 | #define ALERT_ITERATOR_COLUMNS \ 35 | { \ 36 | GET_ITERATOR_COLUMNS (alerts), \ 37 | { "event", NULL, KEYWORD_TYPE_INTEGER }, \ 38 | { "condition", NULL, KEYWORD_TYPE_INTEGER }, \ 39 | { "method", NULL, KEYWORD_TYPE_INTEGER }, \ 40 | { "filter", NULL, KEYWORD_TYPE_INTEGER }, \ 41 | { G_STRINGIFY (LOCATION_TABLE), NULL, KEYWORD_TYPE_INTEGER }, \ 42 | { "active", NULL, KEYWORD_TYPE_INTEGER }, \ 43 | { NULL, NULL, KEYWORD_TYPE_UNKNOWN } \ 44 | } 45 | 46 | /** 47 | * @brief Alert iterator columns for trash case. 48 | */ 49 | #define ALERT_ITERATOR_TRASH_COLUMNS \ 50 | { \ 51 | GET_ITERATOR_COLUMNS (alerts_trash), \ 52 | { "event", NULL, KEYWORD_TYPE_INTEGER }, \ 53 | { "condition", NULL, KEYWORD_TYPE_INTEGER }, \ 54 | { "method", NULL, KEYWORD_TYPE_INTEGER }, \ 55 | { "filter", NULL, KEYWORD_TYPE_STRING }, \ 56 | { "filter_location", NULL, KEYWORD_TYPE_INTEGER}, \ 57 | { "active", NULL, KEYWORD_TYPE_INTEGER }, \ 58 | { NULL, NULL, KEYWORD_TYPE_UNKNOWN } \ 59 | } 60 | 61 | user_t 62 | alert_owner (alert_t); 63 | 64 | char * 65 | alert_owner_uuid (alert_t); 66 | 67 | char* 68 | alert_owner_name (alert_t); 69 | 70 | char * 71 | alert_name (alert_t); 72 | 73 | event_t 74 | alert_event (alert_t); 75 | 76 | char * 77 | alert_data (alert_t, const char *, const char *); 78 | 79 | int 80 | alert_applies_to_task (alert_t, task_t); 81 | 82 | #endif /* not _GVMD_MANAGE_SQL_ALERTS_H */ 83 | -------------------------------------------------------------------------------- /src/manage_sql_copy.c: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2025 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | */ 5 | 6 | /** 7 | * @file manage_sql_copy.c 8 | * @brief GVM management layer: SQL COPY. 9 | * 10 | * Helper functions for using SQL COPY statements. 11 | */ 12 | 13 | #include "manage_sql_copy.h" 14 | #include "sql.h" 15 | 16 | #undef G_LOG_DOMAIN 17 | /** 18 | * @brief GLib log domain. 19 | */ 20 | #define G_LOG_DOMAIN "md manage" 21 | 22 | /** 23 | * @brief Initialize a database COPY statement buffer. 24 | * 25 | * The SQL "COPY" statement must use "FROM STDIN". 26 | * 27 | * @param[in] copy_buffer The buffer data structure to initialize 28 | * @param[in] max_data_size Data size above which buffer is auto-committed 29 | * @param[in] copy_sql SQL COPY statement run on buffer commit 30 | */ 31 | void 32 | db_copy_buffer_init (db_copy_buffer_t *copy_buffer, 33 | int max_data_size, 34 | const gchar *copy_sql) 35 | { 36 | copy_buffer->data = g_string_new (""); 37 | copy_buffer->max_data_size = max_data_size; 38 | copy_buffer->copy_sql = g_strdup (copy_sql); 39 | } 40 | 41 | /** 42 | * @brief Frees all allocated fields in a COPY statement buffer 43 | * 44 | * @param[in] copy_buffer The COPY buffer to clean up. 45 | */ 46 | void 47 | db_copy_buffer_cleanup (db_copy_buffer_t *copy_buffer) 48 | { 49 | if (copy_buffer->data) 50 | g_string_free (copy_buffer->data, TRUE); 51 | copy_buffer->data = NULL; 52 | 53 | g_free (copy_buffer->copy_sql); 54 | copy_buffer->copy_sql = NULL; 55 | } 56 | 57 | /** 58 | * @brief Sends the data from a COPY buffer to the DB and clears the buffer. 59 | * 60 | * @param[in] copy_buffer The COPY buffer to commit the data from 61 | * @param[in] finalize Whether to free all allocated fields of the buffer 62 | * 63 | * @return 0 success, -1 error. 64 | */ 65 | int 66 | db_copy_buffer_commit (db_copy_buffer_t *copy_buffer, gboolean finalize) 67 | { 68 | if (copy_buffer->data->len) 69 | { 70 | sql ("%s", copy_buffer->copy_sql); 71 | 72 | if (sql_copy_write_str (copy_buffer->data->str, 73 | copy_buffer->data->len)) 74 | { 75 | g_warning ("%s: failed to write to database copy buffer", 76 | __func__); 77 | if (sql_copy_end ()) 78 | { 79 | g_warning ("%s: failed to close to database copy buffer", 80 | __func__); 81 | } 82 | return -1; 83 | } 84 | 85 | if (sql_copy_end ()) 86 | { 87 | g_warning ("%s: failed to commit database copy buffer", __func__); 88 | return -1; 89 | } 90 | } 91 | 92 | if (finalize) 93 | db_copy_buffer_cleanup (copy_buffer); 94 | else 95 | g_string_truncate (copy_buffer->data, 0); 96 | 97 | return 0; 98 | } 99 | 100 | /** 101 | * @brief Adds data to a COPY buffer with a printf-like format string. 102 | * 103 | * @param[in] copy_buffer The COPY buffer to commit the data from 104 | * @param[in] format The format string for the data to add 105 | * @param[in] ... Extra arguments to insert into the format string 106 | * 107 | * @return 0 success, -1 error. 108 | */ 109 | int 110 | db_copy_buffer_append_printf (db_copy_buffer_t *copy_buffer, 111 | const char *format, 112 | ...) 113 | { 114 | va_list args; 115 | va_start (args, format); 116 | g_string_append_vprintf (copy_buffer->data, format, args); 117 | va_end (args); 118 | 119 | if (copy_buffer->data->len >= copy_buffer->max_data_size) 120 | return db_copy_buffer_commit (copy_buffer, FALSE); 121 | 122 | return 0; 123 | } 124 | -------------------------------------------------------------------------------- /src/manage_sql_copy.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2025 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | */ 5 | 6 | /** 7 | * @file manage_sql_copy.h 8 | * @brief GVM management layer: SQL COPY headers. 9 | * 10 | * SQL COPY headers for the GVM management layer. 11 | */ 12 | 13 | #ifndef GVMD_MANAGE_SQL_COPY_H 14 | #define GVMD_MANAGE_SQL_COPY_H 15 | 16 | #include 17 | 18 | /** 19 | * @brief Buffer for COPY statements. 20 | */ 21 | typedef struct 22 | { 23 | GString *data; ///< The table contents to send to the database 24 | gchar *copy_sql; ///< SQL COPY statement run on buffer commit 25 | int max_data_size; ///< Data size above which buffer is auto-committed 26 | } db_copy_buffer_t; 27 | 28 | void 29 | db_copy_buffer_init (db_copy_buffer_t *, int, const gchar *); 30 | 31 | void 32 | db_copy_buffer_cleanup (db_copy_buffer_t *); 33 | 34 | int 35 | db_copy_buffer_commit (db_copy_buffer_t *, gboolean); 36 | 37 | int 38 | db_copy_buffer_append_printf (db_copy_buffer_t *, const char *, ...); 39 | 40 | #endif /* GVMD_MANAGE_SQL_COPY_H */ -------------------------------------------------------------------------------- /src/manage_sql_events.c: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2025 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /** 20 | * @file manage_sql_events.c 21 | * @brief GVM management layer: Events SQL 22 | * 23 | * The Events SQL for the GVM management layer. 24 | */ 25 | 26 | #include "manage_sql_events.h" 27 | #include "manage_acl.h" 28 | 29 | #include 30 | 31 | #include 32 | 33 | /** 34 | * @brief Initialise an event alert iterator. 35 | * 36 | * @param[in] iterator Iterator. 37 | * @param[in] event Event. 38 | */ 39 | void 40 | init_event_alert_iterator (iterator_t* iterator, event_t event) 41 | { 42 | gchar *owned_clause, *with_clause; 43 | get_data_t get; 44 | array_t *permissions; 45 | 46 | assert (event); 47 | 48 | get.trash = 0; 49 | permissions = make_array (); 50 | array_add (permissions, g_strdup ("get_alerts")); 51 | owned_clause = acl_where_owned ("alert", &get, 0, "any", 0, permissions, 0, 52 | &with_clause); 53 | array_free (permissions); 54 | 55 | init_iterator (iterator, 56 | "%s" 57 | " SELECT alerts.id, alerts.active" 58 | " FROM alerts" 59 | " WHERE event = %i" 60 | " AND %s;", 61 | with_clause ? with_clause : "", 62 | event, 63 | owned_clause); 64 | 65 | g_free (with_clause); 66 | g_free (owned_clause); 67 | } 68 | 69 | /** 70 | * @brief Get the alert from a event alert iterator. 71 | * 72 | * @param[in] iterator Iterator. 73 | * 74 | * @return alert. 75 | */ 76 | alert_t 77 | event_alert_iterator_alert (iterator_t* iterator) 78 | { 79 | if (iterator->done) return 0; 80 | return (task_t) iterator_int64 (iterator, 0); 81 | } 82 | 83 | /** 84 | * @brief Get the active state from an event alert iterator. 85 | * 86 | * @param[in] iterator Iterator. 87 | * 88 | * @return Active state. 89 | */ 90 | int 91 | event_alert_iterator_active (iterator_t* iterator) 92 | { 93 | int ret; 94 | if (iterator->done) return -1; 95 | ret = iterator_int (iterator, 1); 96 | return ret; 97 | } 98 | -------------------------------------------------------------------------------- /src/manage_sql_events.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2025 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | #ifndef _GVMD_MANAGE_SQL_EVENTS_H 20 | #define _GVMD_MANAGE_SQL_EVENTS_H 21 | 22 | #include "iterator.h" 23 | #include "manage_alerts.h" 24 | #include "manage_events.h" 25 | 26 | void 27 | init_event_alert_iterator (iterator_t *, event_t); 28 | 29 | alert_t 30 | event_alert_iterator_alert (iterator_t *); 31 | 32 | int 33 | event_alert_iterator_active (iterator_t *); 34 | 35 | #endif /* not _GVMD_MANAGE_SQL_EVENTS_H */ 36 | -------------------------------------------------------------------------------- /src/manage_sql_nvts_common.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2010-2025 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /** 20 | * @file manage_sql_nvts_common.h 21 | * @brief Manager Manage library: Common SQL backend headers. 22 | */ 23 | 24 | #ifndef MANAGE_SQL_NVTS_COMMON_H 25 | #define MANAGE_SQL_NVTS_COMMON_H 26 | 27 | #include 28 | #include 29 | 30 | /** 31 | * @brief Default for vt_ref_insert_size. 32 | */ 33 | #define VT_REF_INSERT_SIZE_DEFAULT 50000 34 | 35 | /** 36 | * @brief Default for vt_sev_insert_size. 37 | * 38 | * There are about 80k vt_severities. 39 | */ 40 | #define VT_SEV_INSERT_SIZE_DEFAULT 100000 41 | 42 | /** 43 | * @brief SQL batch. 44 | */ 45 | typedef struct 46 | { 47 | GString *sql; ///< SQL buffer. 48 | int max; ///< Max number of inserts. 49 | int size; ///< Number of inserts. 50 | } batch_t; 51 | 52 | batch_t * 53 | batch_start (int max); 54 | 55 | int 56 | batch_check (batch_t *b); 57 | 58 | void 59 | batch_end (batch_t *b); 60 | 61 | void 62 | insert_nvt (const nvti_t *nvti, int rebuild, batch_t *vt_refs_batch, 63 | batch_t *vt_sevs_batch); 64 | void 65 | insert_nvt_preferences_list (GList *nvt_preferences_list, int rebuild); 66 | 67 | void 68 | set_nvts_check_time (int count_new, int count_modified); 69 | 70 | void 71 | check_old_preference_names (const gchar *table); 72 | 73 | void 74 | check_preference_names (int trash, time_t modification_time); 75 | 76 | void 77 | prepare_nvts_insert (int rebuild); 78 | 79 | void 80 | finalize_nvts_insert (int count_new_vts, int count_modified_vts, 81 | const gchar *scanner_feed_version, int rebuild); 82 | 83 | int 84 | update_preferences_from_nvti (nvti_t *nvti, GList **preferences); 85 | 86 | void 87 | update_nvt_end (const time_t old_nvts_last_modified); 88 | 89 | #endif //MANAGE_SQL_NVTS_COMMON_H 90 | -------------------------------------------------------------------------------- /src/manage_sql_nvts_openvasd.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2010-2025 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /** 20 | * @file manage_sql_nvts_openvasd.h 21 | * @brief Manager Manage library: openvasd SQL backend headers. 22 | */ 23 | 24 | #if OPENVASD 25 | #ifndef MANAGE_NVTS_OPENVASD_H 26 | #define MANAGE_NVTS_OPENVASD_H 27 | 28 | #include "manage_sql_nvts_common.h" 29 | 30 | int 31 | manage_update_nvt_cache_openvasd (); 32 | 33 | int 34 | nvts_feed_info_internal_from_openvasd (const gchar *scanner_uuid, 35 | gchar **vts_version); 36 | 37 | int 38 | update_or_rebuild_nvts_openvasd (int update); 39 | 40 | int 41 | nvts_feed_version_status_internal_openvasd (gchar **db_feed_version_out, 42 | gchar **scanner_feed_version_out); 43 | 44 | int 45 | update_scanner_preferences_openvasd (scanner_t scanner); 46 | 47 | #endif //MANAGE_NVTS_OPENVASD_H 48 | #endif 49 | -------------------------------------------------------------------------------- /src/manage_sql_nvts_osp.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2010-2025 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /** 20 | * @file manage_sql_nvts_osp.h 21 | * @brief Manager Manage library: OSP SQL backend headers. 22 | */ 23 | 24 | #ifndef MANAGE_NVTS_OSP_H 25 | #define MANAGE_NVTS_OSP_H 26 | 27 | #include "manage_sql_nvts_common.h" 28 | 29 | const char * 30 | get_osp_vt_update_socket (); 31 | 32 | void 33 | set_osp_vt_update_socket (const char *new_socket); 34 | 35 | int 36 | check_osp_vt_update_socket (); 37 | 38 | int 39 | update_or_rebuild_nvts_osp (int update); 40 | 41 | char * 42 | osp_scanner_feed_version (const gchar *update_socket); 43 | 44 | int 45 | update_nvt_cache_osp (const gchar *update_socket, gchar *db_feed_version, 46 | gchar *scanner_feed_version, int rebuild); 47 | int 48 | manage_update_nvt_cache_osp (const gchar *update_socket); 49 | 50 | int 51 | nvts_feed_version_status_internal_osp (const gchar *update_socket, 52 | gchar **db_feed_version_out, 53 | gchar **scanner_feed_version_out); 54 | 55 | int 56 | update_scanner_preferences_osp (const gchar *update_socket); 57 | 58 | #endif //MANAGE_NVTS_OSP_H 59 | -------------------------------------------------------------------------------- /src/manage_sql_port_lists.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2020-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | #ifndef _GVMD_MANAGE_SQL_PORT_LISTS_H 20 | #define _GVMD_MANAGE_SQL_PORT_LISTS_H 21 | 22 | #include "manage.h" 23 | #include "manage_sql.h" 24 | 25 | column_t* 26 | port_list_select_columns (); 27 | 28 | const char** 29 | port_list_filter_columns (); 30 | 31 | int 32 | create_port_list_no_acl (const char *, const char *, const char *, 33 | const char *, array_t *, port_list_t *); 34 | 35 | int 36 | create_port_list_unique (const char *, const char *, const char *, 37 | port_list_t *); 38 | 39 | gboolean 40 | find_port_list_no_acl (const char *, port_list_t *); 41 | 42 | gboolean 43 | find_trash_port_list_no_acl (const char *, port_list_t *); 44 | 45 | int 46 | port_list_is_predefined (port_list_t); 47 | 48 | port_protocol_t 49 | port_range_iterator_type_int (iterator_t *); 50 | 51 | int 52 | restore_port_list (const char *); 53 | 54 | void 55 | empty_trashcan_port_lists (); 56 | 57 | void 58 | inherit_port_lists (user_t, user_t); 59 | 60 | void 61 | delete_port_lists_user (user_t); 62 | 63 | void 64 | migrate_predefined_port_lists (); 65 | 66 | int 67 | port_list_updated_in_feed (port_list_t, const gchar *); 68 | 69 | int 70 | deprecated_port_list_id_updated_in_feed (const char *, const gchar *); 71 | 72 | void 73 | update_port_list (port_list_t, const gchar *, const gchar *, array_t *, 74 | const gchar *); 75 | 76 | void 77 | check_db_port_lists (int); 78 | 79 | #endif /* not _GVMD_MANAGE_SQL_PORT_LISTS_H */ 80 | -------------------------------------------------------------------------------- /src/manage_sql_report_configs.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2024 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /** 20 | * @file manage_sql_report_configs.h 21 | * @brief GVM management layer: Report configs SQL. 22 | * 23 | * SQL report config code for the GVM management layer. 24 | */ 25 | 26 | #ifndef _GVMD_MANAGE_SQL_REPORT_CONFIGS_H 27 | #define _GVMD_MANAGE_SQL_REPORT_CONFIGS_H 28 | 29 | #include "manage.h" 30 | #include "manage_sql.h" 31 | 32 | #include 33 | 34 | 35 | const char** 36 | report_config_filter_columns (); 37 | 38 | column_t* 39 | report_config_select_columns (); 40 | 41 | int 42 | restore_report_config (const char *); 43 | 44 | void 45 | delete_report_configs_user (user_t); 46 | 47 | #endif /* not _GVMD_MANAGE_SQL_REPORT_CONFIGS_H */ 48 | -------------------------------------------------------------------------------- /src/manage_sql_report_formats.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2020-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | #ifndef _GVMD_MANAGE_SQL_REPORT_FORMATS_H 20 | #define _GVMD_MANAGE_SQL_REPORT_FORMATS_H 21 | 22 | #include "manage.h" 23 | #include "manage_sql.h" 24 | 25 | #include 26 | 27 | gboolean 28 | lookup_report_format (const char*, report_format_t*); 29 | 30 | gboolean 31 | find_report_format_no_acl (const char *, report_format_t *); 32 | 33 | gboolean 34 | find_trash_report_format_no_acl (const char *, report_format_t *); 35 | 36 | int 37 | create_report_format_no_acl (const char *, const char *, const char *, 38 | const char *, const char *, const char *, 39 | array_t *, array_t *, array_t *, const char *, 40 | int, const char *, report_format_t *); 41 | 42 | const char** 43 | report_format_filter_columns (); 44 | 45 | column_t* 46 | report_format_select_columns (); 47 | 48 | int 49 | restore_report_format (const char *); 50 | 51 | gchar * 52 | apply_report_format (gchar *, report_config_t, gchar *, gchar *, gchar *, 53 | GList **); 54 | 55 | gboolean 56 | delete_report_formats_user (user_t, iterator_t *); 57 | 58 | void 59 | delete_report_format_dirs_user (const gchar *, iterator_t *); 60 | 61 | int 62 | empty_trashcan_report_formats (); 63 | 64 | gboolean 65 | inherit_report_formats (user_t, user_t, iterator_t *); 66 | 67 | void 68 | inherit_report_format_dir (const gchar *, const gchar *, user_t); 69 | 70 | void 71 | update_report_format (report_format_t, const gchar *, const gchar *, 72 | const gchar *, const gchar *, const gchar *, 73 | const gchar *, const gchar *, array_t *, array_t *, 74 | array_t *, const gchar *, const gchar *); 75 | 76 | int 77 | report_format_updated_in_feed (report_format_t, const gchar *); 78 | 79 | int 80 | deprecated_report_format_id_updated_in_feed (const char*, const gchar *); 81 | 82 | int 83 | migrate_predefined_report_formats (); 84 | 85 | int 86 | check_db_report_formats (int); 87 | 88 | int 89 | check_db_report_formats_trash (); 90 | 91 | int 92 | print_report_xml_end (gchar *, gchar *, report_format_t, report_config_t); 93 | 94 | #endif /* not _GVMD_MANAGE_SQL_REPORT_FORMATS_H */ 95 | -------------------------------------------------------------------------------- /src/manage_sql_tests.c: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2020-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | #include "manage_sql.c" 20 | 21 | #include 22 | 23 | Describe (manage_sql); 24 | BeforeEach (manage_sql) {} 25 | AfterEach (manage_sql) {} 26 | 27 | /* truncate_text */ 28 | 29 | #define PASS(port) assert_that (validate_results_port (port), is_equal_to (0)) 30 | #define FAIL(port) assert_that (validate_results_port (port), is_equal_to (1)) 31 | 32 | Ensure (manage_sql, validate_results_port_validates) 33 | { 34 | PASS ("cpe:/a:.joomclan:com_joomclip"); 35 | PASS ("cpe:two"); 36 | PASS ("general/tcp"); 37 | PASS ("general/udp"); 38 | PASS ("general/Host_Details"); 39 | PASS ("20/udp"); 40 | PASS ("20/UDP"); 41 | PASS ("20/dccp"); 42 | PASS ("1/tcp"); 43 | PASS ("8080/tcp"); 44 | PASS ("65535/tcp"); 45 | PASS ("package"); 46 | 47 | FAIL (NULL); 48 | FAIL ("cpe:/a:.joomclan:com_joomclip cpe:two"); 49 | FAIL ("0/tcp"); 50 | FAIL ("65536/tcp"); 51 | FAIL ("20/tcp (IANA: ftp-data)"); 52 | FAIL ("20/tcp,21/tcp"); 53 | FAIL ("20/tcp;21/tcp"); 54 | FAIL ("20/tcp 21/tcp"); 55 | FAIL ("20-21/tcp"); 56 | FAIL ("20/tcp-21/tcp"); 57 | FAIL ("-1/tcp"); 58 | FAIL ("ftp-data (20/tcp)"); 59 | FAIL ("80"); 60 | FAIL ("ftp-data"); 61 | FAIL ("udp"); 62 | } 63 | 64 | /* Test suite. */ 65 | 66 | int 67 | main (int argc, char **argv) 68 | { 69 | TestSuite *suite; 70 | 71 | suite = create_test_suite (); 72 | 73 | add_test_with_context (suite, manage_sql, validate_results_port_validates); 74 | 75 | if (argc > 1) 76 | return run_single_test (suite, argv[1], create_text_reporter ()); 77 | 78 | return run_test_suite (suite, create_text_reporter ()); 79 | } 80 | -------------------------------------------------------------------------------- /src/manage_sql_tickets.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2019-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | #ifndef _GVMD_MANAGE_SQL_TICKETS_H 20 | #define _GVMD_MANAGE_SQL_TICKETS_H 21 | 22 | #include "manage.h" 23 | 24 | /** 25 | * @brief SQL to check if a result may have tickets. 26 | */ 27 | #define TICKET_SQL_RESULT_MAY_HAVE_TICKETS(result_col) \ 28 | "(SELECT EXISTS (SELECT * FROM tickets" \ 29 | " WHERE id IN (SELECT ticket FROM ticket_results" \ 30 | " WHERE result = " result_col \ 31 | " AND result_location" \ 32 | " = " G_STRINGIFY (LOCATION_TABLE) ")))" 33 | 34 | user_t 35 | ticket_owner (ticket_t); 36 | 37 | user_t 38 | ticket_assigned_to (ticket_t); 39 | 40 | gchar * 41 | ticket_nvt_name (ticket_t); 42 | 43 | int 44 | delete_ticket (const char *, int); 45 | 46 | int 47 | restore_ticket (const char *); 48 | 49 | void 50 | empty_trashcan_tickets (); 51 | 52 | void 53 | check_tickets (); 54 | 55 | void 56 | delete_tickets_user (user_t); 57 | 58 | void 59 | inherit_tickets (user_t, user_t); 60 | 61 | void 62 | tickets_remove_task (task_t); 63 | 64 | void 65 | tickets_remove_report (report_t); 66 | 67 | void 68 | tickets_remove_tasks_user (user_t); 69 | 70 | void 71 | tickets_trash_task (task_t); 72 | 73 | void 74 | tickets_restore_task (task_t); 75 | 76 | #endif /* not _GVMD_MANAGE_SQL_TICKETS_H */ 77 | -------------------------------------------------------------------------------- /src/manage_sql_tls_certificates.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2019-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /** 20 | * @file manage_sql_tls_certificates.h 21 | * @brief GVM management layer: TLS Certificates SQL headers 22 | * 23 | * Headers for TLS Certificates SQL for the GVM management layer. 24 | */ 25 | 26 | #ifndef _GVMD_MANAGE_SQL_TLS_CERTIFICATES_H 27 | #define _GVMD_MANAGE_SQL_TLS_CERTIFICATES_H 28 | 29 | const char** 30 | tls_certificate_filter_columns (); 31 | 32 | column_t* 33 | tls_certificate_select_columns (); 34 | 35 | gchar * 36 | tls_certificate_extra_where (const char *); 37 | 38 | int 39 | delete_tls_certificate (const char *, int); 40 | 41 | void 42 | delete_tls_certificates_user (user_t); 43 | 44 | void 45 | inherit_tls_certificates (user_t, user_t); 46 | 47 | int 48 | user_has_tls_certificate (tls_certificate_t, user_t); 49 | 50 | int 51 | add_tls_certificates_from_report_host (report_host_t, 52 | const char*, 53 | const char*); 54 | 55 | int 56 | cleanup_tls_certificate_encoding (); 57 | 58 | #endif /* not _GVMD_MANAGE_SQL_TLS_CERTIFICATES_H */ 59 | -------------------------------------------------------------------------------- /src/manage_tasks.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2025 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | #ifndef _GVMD_MANAGE_TASKS_H 20 | #define _GVMD_MANAGE_TASKS_H 21 | 22 | 23 | 24 | #endif /* not _GVMD_MANAGE_TASKS_H */ 25 | -------------------------------------------------------------------------------- /src/manage_tickets.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2019-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | #ifndef _GVMD_MANAGE_TICKETS_H 20 | #define _GVMD_MANAGE_TICKETS_H 21 | 22 | #include "manage.h" 23 | #include "iterator.h" 24 | 25 | int 26 | ticket_count (const get_data_t *); 27 | 28 | int 29 | init_ticket_iterator (iterator_t *, get_data_t *); 30 | 31 | const char* 32 | ticket_iterator_user_id (iterator_t*); 33 | 34 | const char* 35 | ticket_iterator_user_name (iterator_t*); 36 | 37 | const char* 38 | ticket_iterator_task_id (iterator_t*); 39 | 40 | const char* 41 | ticket_iterator_task_name (iterator_t*); 42 | 43 | const char* 44 | ticket_iterator_report_id (iterator_t*); 45 | 46 | double 47 | ticket_iterator_severity (iterator_t*); 48 | 49 | const char* 50 | ticket_iterator_host (iterator_t*); 51 | 52 | const char* 53 | ticket_iterator_location (iterator_t*); 54 | 55 | const char* 56 | ticket_iterator_solution_type (iterator_t*); 57 | 58 | const char* 59 | ticket_iterator_status (iterator_t*); 60 | 61 | const char* 62 | ticket_iterator_open_time (iterator_t*); 63 | 64 | const char* 65 | ticket_iterator_fixed_time (iterator_t*); 66 | 67 | const char* 68 | ticket_iterator_closed_time (iterator_t*); 69 | 70 | const char* 71 | ticket_iterator_fix_verified_time (iterator_t*); 72 | 73 | int 74 | ticket_iterator_orphan (iterator_t*); 75 | 76 | const char* 77 | ticket_iterator_open_note (iterator_t*); 78 | 79 | const char* 80 | ticket_iterator_fixed_note (iterator_t*); 81 | 82 | const char* 83 | ticket_iterator_closed_note (iterator_t*); 84 | 85 | const char* 86 | ticket_iterator_fix_verified_report_id (iterator_t*); 87 | 88 | const char* 89 | ticket_iterator_nvt_oid (iterator_t*); 90 | 91 | int 92 | init_ticket_result_iterator (iterator_t *, const gchar *, int); 93 | 94 | const char* 95 | ticket_result_iterator_result_id (iterator_t*); 96 | 97 | int 98 | init_result_ticket_iterator (iterator_t *, result_t); 99 | 100 | const char* 101 | result_ticket_iterator_ticket_id (iterator_t*); 102 | 103 | int 104 | ticket_in_use (ticket_t); 105 | 106 | int 107 | trash_ticket_in_use (ticket_t); 108 | 109 | int 110 | ticket_writable (ticket_t); 111 | 112 | int 113 | trash_ticket_writable (ticket_t); 114 | 115 | int 116 | create_ticket (const char *, const char *, const char *, const char *, ticket_t *) __attribute__((weak)); 117 | 118 | int 119 | copy_ticket (const char *, const char *, ticket_t *) __attribute__((weak)); 120 | 121 | char* 122 | ticket_uuid (ticket_t) __attribute__((weak)); 123 | 124 | int 125 | modify_ticket (const gchar *, const gchar *, const gchar *, 126 | const gchar *, const gchar *, const gchar *, 127 | const gchar *); 128 | 129 | #endif /* not _GVMD_MANAGE_TICKETS_H */ 130 | -------------------------------------------------------------------------------- /src/manage_utils.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2014-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /* 20 | * @file manage_utils.h 21 | * @brief Module for Greenbone Vulnerability Manager: Manage library utilities. 22 | */ 23 | 24 | #ifndef _GVMD_MANAGE_UTILS_H 25 | #define _GVMD_MANAGE_UTILS_H 26 | 27 | /* For strptime in time.h. */ 28 | #undef _XOPEN_SOURCE 29 | #define _XOPEN_SOURCE 30 | #include 31 | #include 32 | #include 33 | 34 | // Log message severity constant 35 | #define SEVERITY_LOG 0.0 36 | // False positive severity constant 37 | #define SEVERITY_FP -1.0 38 | // Error message severity constant 39 | #define SEVERITY_ERROR -3.0 40 | // Constant for missing or invalid severity 41 | #define SEVERITY_MISSING -99.0 42 | // Constant for undefined severity (for ranges) 43 | #define SEVERITY_UNDEFINED -98.0 44 | // Maximum possible severity 45 | #define SEVERITY_MAX 10.0 46 | // Number of subdivisions for 1 severity point (10 => step size 0.1) 47 | #define SEVERITY_SUBDIVISIONS 10 48 | 49 | long 50 | current_offset (const char *); 51 | 52 | time_t 53 | add_months (time_t, int); 54 | 55 | time_t 56 | next_time (time_t, int, int, int, const char *, int); 57 | 58 | int 59 | manage_count_hosts_max (const char *, const char *, int); 60 | 61 | double 62 | level_min_severity (const char *); 63 | 64 | double 65 | level_max_severity (const char *); 66 | 67 | int 68 | valid_db_resource_type (const char *); 69 | 70 | int 71 | hosts_str_contains (const char *, const char *, int); 72 | 73 | void 74 | blank_control_chars (char *); 75 | 76 | icaltimezone * 77 | icalendar_timezone_from_string (const char *); 78 | 79 | icalcomponent * 80 | icalendar_from_old_schedule_data (time_t, time_t, time_t, time_t, int); 81 | 82 | icalcomponent * 83 | icalendar_from_string (const char *, icaltimezone *, gchar **); 84 | 85 | int 86 | icalendar_approximate_rrule_from_vcalendar (icalcomponent *, time_t *, time_t *, 87 | int *); 88 | 89 | time_t 90 | icalendar_next_time_from_vcalendar (icalcomponent *, time_t, const char *, int); 91 | 92 | time_t 93 | icalendar_next_time_from_string (const char *, time_t, const char *, int); 94 | 95 | int 96 | icalendar_duration_from_vcalendar (icalcomponent *); 97 | 98 | time_t 99 | icalendar_first_time_from_vcalendar (icalcomponent *, icaltimezone *); 100 | 101 | gchar * 102 | clean_hosts_string (const char *); 103 | 104 | #endif /* not _GVMD_MANAGE_UTILS_H */ 105 | -------------------------------------------------------------------------------- /src/pwpolicy.conf: -------------------------------------------------------------------------------- 1 | # pwpolicy.conf -*- coding: utf-8 -*- 2 | # 3 | # This is an example for a pattern file used to validate passwords. 4 | # Passwords matching an entry in this file are considered weak and 5 | # will be rejected. 6 | # 7 | # The file is line based with comment lines beginning on the *first* 8 | # position with a '#' and followed by at least one white space. Empty 9 | # lines and lines with only white space are ignored. The other lines 10 | # may either be verbatim patterns and match as they are (trailing 11 | # spaces are ignored) or Perl compatible regular expressions (pcre) 12 | # indicated by a '/' in the first column and terminated by another '/' 13 | # or end of line. To reverse the meaning of a regular expression 14 | # prefix it with an exclamation mark like this: 15 | # 16 | # !/^.{6,}$/ 17 | # 18 | # This will reject a passphrase with less than 6 characters. All 19 | # comparisons are case insensitive; utf-8 encoding must be used. A 20 | # few processing instructions are supported: 21 | # 22 | # #+desc[:] A string describing the next pattern 23 | # 24 | # This is used to return meaningful error messages. To end a group of 25 | # pattern with the same description either a new "#+desc:" line may be 26 | # used or the instruction: 27 | # 28 | # #+nodesc 29 | # 30 | # To include a list of simple pattern use: 31 | # 32 | # #+search[:] FILENAME 33 | # 34 | # Note that this is a simple linear search and stops at the first 35 | # match. Comments are not allowed in that file. A line in the 36 | # dictionary may not be longer than 255 characters. 37 | # 38 | # To perform checks on the username/password combination, you should 39 | # use: 40 | # 41 | # #+username 42 | # 43 | # Currently this checks whether the password matches or is included in 44 | # the password. It may eventually be extended to further tests. 45 | 46 | ############################ 47 | # This is an example file where all lines are explicitly prefixed with 48 | # an additional "#" to comment out anything. 49 | # On your own decision you may activiate policies and modify them. 50 | # Be aware: By default any password is allowed. 51 | ############################ 52 | 53 | 54 | ## Let's start with a simple test 55 | ##+desc: Too short (at least 8 characters are required) 56 | #!/^.{8,}$/ 57 | # 58 | ## Check that the user name does not match the password. 59 | ## (The desc string is not used here.) 60 | ##+username 61 | # 62 | ##+desc: Only digits 63 | #/^[[:digit:]]+$/ 64 | # 65 | ##+desc: Not a mix of letters digits and control characters 66 | #!/[[:alpha:]]+/ 67 | #!/[[:digit:]]+/ 68 | #!/[[:punct:]]+/ 69 | # 70 | ##+desc: No mixed case 71 | #!/(?-i)([[:lower:]]+.*[[:upper:]]+)|([[:upper:]]+.*[[:lower:]]+)/ 72 | # 73 | ##+desc: Date string 74 | ## A limited check for ISO date strings 75 | #/^[012][0-9]{3}-?[012][0-9]-?[0123][0-9]$/ 76 | # 77 | ## Reject the usual metavariables. 78 | ##+desc: Meta variable 79 | #foo 80 | #bar 81 | #baz 82 | # 83 | ##+desc: Common test password 84 | #password 85 | #passwort 86 | #passphrase 87 | #mantra 88 | #test 89 | #abc 90 | #egal 91 | # 92 | ## Arbitrary strings 93 | ##+nodesc 94 | #12345678 95 | #87654321 96 | #qwerty 97 | #qwertyuiop 98 | #asdfghjkl 99 | #zxcvbnm 100 | #qwertzuiop 101 | #yxcvbnm 102 | #no-password 103 | #no password 104 | # 105 | ##+desc: Test string used by RTTY hams 106 | #the quick brown fox jumps over the lazy dogs back 107 | # 108 | ##+desc: German number plate 109 | #/^[A-Z]{1,3}\s*-\s*[A-Z]{1,2}\s*[0-9]+$/ 110 | # 111 | ##+desc: Dictionary word 112 | ##+search: /usr/share/dict/words 113 | ## Note that searching a large dictionary may take some time, it might 114 | ## be better to use an offline password auditing tool instead. 115 | 116 | 117 | # end of policy file 118 | -------------------------------------------------------------------------------- /src/schema_formats/HTML/generate: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Copyright (C) 2010-2022 Greenbone AG 3 | # 4 | # SPDX-License-Identifier: AGPL-3.0-or-later 5 | # 6 | # This program is free software: you can redistribute it and/or modify 7 | # it under the terms of the GNU Affero General Public License as 8 | # published by the Free Software Foundation, either version 3 of the 9 | # License, or (at your option) any later version. 10 | # 11 | # This program is distributed in the hope that it will be useful, 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | # GNU Affero General Public License for more details. 15 | # 16 | # You should have received a copy of the GNU Affero General Public License 17 | # along with this program. If not, see . 18 | 19 | # Schema generator script: HTML. 20 | # 21 | # This schema generator creates a single HTML file from the XML schema using 22 | # an XSL transformation via the tool xsltproc. 23 | 24 | xsltproc ./HTML.xsl $1 25 | -------------------------------------------------------------------------------- /src/schema_formats/RNC/generate: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Copyright (C) 2010-2022 Greenbone AG 3 | # 4 | # SPDX-License-Identifier: AGPL-3.0-or-later 5 | # 6 | # This program is free software: you can redistribute it and/or modify 7 | # it under the terms of the GNU Affero General Public License as 8 | # published by the Free Software Foundation, either version 3 of the 9 | # License, or (at your option) any later version. 10 | # 11 | # This program is distributed in the hope that it will be useful, 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | # GNU Affero General Public License for more details. 15 | # 16 | # You should have received a copy of the GNU Affero General Public License 17 | # along with this program. If not, see . 18 | 19 | # Schema generator script: RNC. 20 | # 21 | # This schema generator creates a single RNC file from the XML schema using 22 | # an XSL transformation via the tool xsltproc. 23 | 24 | xsltproc ./RNC.xsl $1 25 | -------------------------------------------------------------------------------- /src/schema_formats/XML-brief/GMP.xsl: -------------------------------------------------------------------------------- 1 | 2 | 8 | 9 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | -------------------------------------------------------------------------------- /src/schema_formats/XML-brief/generate: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Copyright (C) 2012-2022 Greenbone AG 3 | # 4 | # SPDX-License-Identifier: AGPL-3.0-or-later 5 | # 6 | # This program is free software: you can redistribute it and/or modify 7 | # it under the terms of the GNU Affero General Public License as 8 | # published by the Free Software Foundation, either version 3 of the 9 | # License, or (at your option) any later version. 10 | # 11 | # This program is distributed in the hope that it will be useful, 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | # GNU Affero General Public License for more details. 15 | # 16 | # You should have received a copy of the GNU Affero General Public License 17 | # along with this program. If not, see . 18 | 19 | # Schema generator script: Brief XML. 20 | # 21 | # This schema generator creates a brief XML description of the protocol. 22 | # Basically just the command list. 23 | 24 | xsltproc ./GMP.xsl $1 25 | -------------------------------------------------------------------------------- /src/schema_formats/XML/generate: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Copyright (C) 2010-2022 Greenbone AG 3 | # 4 | # SPDX-License-Identifier: AGPL-3.0-or-later 5 | # 6 | # This program is free software: you can redistribute it and/or modify 7 | # it under the terms of the GNU Affero General Public License as 8 | # published by the Free Software Foundation, either version 3 of the 9 | # License, or (at your option) any later version. 10 | # 11 | # This program is distributed in the hope that it will be useful, 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | # GNU Affero General Public License for more details. 15 | # 16 | # You should have received a copy of the GNU Affero General Public License 17 | # along with this program. If not, see . 18 | 19 | # Schema generator script: GMP XML. 20 | # 21 | # This schema generator is the most trivial one as it simply passes on the 22 | # GMP XML schema as is. 23 | 24 | cat $1 25 | exit 0 26 | -------------------------------------------------------------------------------- /src/theia_dummy.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2021-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /** 20 | * @file theia_dummy.h 21 | * @brief Dummy definitions and headers for libtheia. 22 | */ 23 | 24 | /** 25 | * @brief Dummy for license information struct. 26 | */ 27 | typedef void theia_license_t; -------------------------------------------------------------------------------- /src/types.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2009-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /* 20 | * @file types.h 21 | * @brief Headers for Greenbone Vulnerability Manager: types. 22 | */ 23 | 24 | #ifndef _GVMD_TYPES_H 25 | #define _GVMD_TYPES_H 26 | 27 | #define BUFFER_SIZE_T_FORMAT "u" 28 | 29 | typedef unsigned int buffer_size_t; 30 | 31 | #endif /* not _GVMD_TYPES_H */ 32 | -------------------------------------------------------------------------------- /src/utils.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2012-2022 Greenbone AG 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-or-later 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU Affero General Public License as 7 | * published by the Free Software Foundation, either version 3 of the 8 | * License, or (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU Affero General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Affero General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | /** 20 | * @file utils.h 21 | * @brief Headers for Greenbone Vulnerability Manager: General utilities. 22 | */ 23 | 24 | #ifndef _GVMD_UTILS_H 25 | #define _GVMD_UTILS_H 26 | 27 | #include 28 | #include 29 | #include 30 | 31 | int 32 | gvm_usleep (unsigned int); 33 | 34 | int 35 | gvm_sleep (unsigned int); 36 | 37 | int 38 | parse_utc_ctime (const char *); 39 | 40 | int 41 | parse_feed_timestamp (const char *); 42 | 43 | int 44 | parse_ctime (const char *); 45 | 46 | int 47 | days_from_now (time_t *); 48 | 49 | time_t 50 | parse_iso_time_tz (const char *, const char *); 51 | 52 | char * 53 | iso_time (time_t *); 54 | 55 | char * 56 | iso_time_tz (time_t *, const char *, const char **); 57 | 58 | char * 59 | iso_if_time (time_t epoch_time); 60 | 61 | /** 62 | * @brief Lockfile. 63 | */ 64 | typedef struct 65 | { 66 | int fd; ///< File descriptor. 67 | gchar *name; ///< Name. 68 | } lockfile_t; 69 | 70 | int 71 | lockfile_lock (lockfile_t *, const gchar *); 72 | 73 | int 74 | lockfile_lock_nb (lockfile_t *, const gchar *); 75 | 76 | int 77 | lockfile_lock_path_nb (lockfile_t *, const gchar *); 78 | 79 | int 80 | lockfile_lock_shared_nb (lockfile_t *, const gchar *); 81 | 82 | int 83 | lockfile_unlock (lockfile_t *); 84 | 85 | int 86 | lockfile_locked (const gchar *); 87 | 88 | int 89 | is_uuid (const char *); 90 | 91 | gchar * 92 | strescape_check_utf8 (const char *, const char *); 93 | 94 | gchar * 95 | strescape_without_utf8 (const char *, const char *); 96 | 97 | int 98 | parse_xml_file (const gchar *, entity_t *); 99 | 100 | void 101 | setup_signal_handler (int, void (*) (int), int); 102 | 103 | void 104 | setup_signal_handler_info (int, void (*) (int, siginfo_t *, void *), int); 105 | 106 | int 107 | fork_with_handlers (); 108 | 109 | void 110 | wait_for_pid (pid_t, const char *); 111 | 112 | guint64 113 | phys_mem_available (); 114 | 115 | guint64 116 | phys_mem_total (); 117 | 118 | #endif /* not _GVMD_UTILS_H */ 119 | -------------------------------------------------------------------------------- /src/wizards/delete_task_deep.xml: -------------------------------------------------------------------------------- 1 | 19 | 20 | 30 | 31 | 32 | 33 | 34 | 37 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 51 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 66 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | -------------------------------------------------------------------------------- /src/wizards/reset_task.xml: -------------------------------------------------------------------------------- 1 | 19 | 20 | 34 | 35 | 36 | 37 | 38 | 41 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 55 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 72 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | -------------------------------------------------------------------------------- /tools/cert_bund_getbyname.xsl: -------------------------------------------------------------------------------- 1 | 2 | 20 | 21 | 22 | 23 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | -------------------------------------------------------------------------------- /tools/cpe_getbyname.xsl: -------------------------------------------------------------------------------- 1 | 2 | 20 | 21 | 22 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 43 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | -------------------------------------------------------------------------------- /tools/cve_getbyname.xsl: -------------------------------------------------------------------------------- 1 | 2 | 20 | 21 | 22 | 23 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | -------------------------------------------------------------------------------- /tools/dfn_cert_getbyname.xsl: -------------------------------------------------------------------------------- 1 | 2 | 20 | 21 | 22 | 23 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | -------------------------------------------------------------------------------- /tools/gvm-export-config: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Copyright (C) 2020-2025 Greenbone AG 3 | # 4 | # SPDX-License-Identifier: AGPL-3.0-or-later 5 | # 6 | # This program is free software: you can redistribute it and/or modify 7 | # it under the terms of the GNU Affero General Public License as 8 | # published by the Free Software Foundation, either version 3 of the 9 | # License, or (at your option) any later version. 10 | # 11 | # This program is distributed in the hope that it will be useful, 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | # GNU Affero General Public License for more details. 15 | # 16 | # You should have received a copy of the GNU Affero General Public License 17 | # along with this program. If not, see . 18 | 19 | # Export a config in the XML format required by the feed. 20 | 21 | VERSION=20200311 22 | 23 | UUID=$1 24 | 25 | PSQL="psql -v ON_ERROR_STOP=1 -A -q --pset pager=off -d gvmd -t" 26 | 27 | LOG_CMD="logger -s -t $SCRIPT_NAME" 28 | LOG_CMD="echo" 29 | 30 | log_debug () { 31 | $LOG_CMD $1 2>&1 > /dev/null 32 | } 33 | 34 | sql () { 35 | log_debug " SQL: $1" 36 | $PSQL -c "$1" 37 | exit_code=$? 38 | if [ 0 -ne "$exit_code" ] 39 | then 40 | log_err "$1: psql exited with code $exit_code for sql: $1." 41 | exit 1 42 | fi 43 | } 44 | 45 | echo "" 46 | 47 | echo -n " " 48 | echo -n `sql "SELECT name FROM configs WHERE uuid = '$UUID'"` 49 | echo "" 50 | 51 | echo -n " " 52 | echo -n `sql "SELECT comment FROM configs WHERE uuid = '$UUID'"` 53 | echo "" 54 | 55 | echo -n " " 56 | echo -n `sql "SELECT usage_type FROM configs WHERE uuid = '$UUID'"` 57 | echo "" 58 | 59 | echo " " 60 | 61 | # 1.3.6.1.4.1.25623.1.0.100315:5:checkbox:Mark unrechable Hosts as dead (not scanning) 62 | # 1.3.6.1.4.1.25623.1.0.100315:11:checkbox:nmap: try also with only -sP 63 | sql "SELECT E' \n \n ' || (SELECT name FROM nvts WHERE oid = split_part (config_preferences.name, ':', 1)) || E'\n \n ' || regexp_replace(name, E'([^:]*:){3}(.*)', '\2') || E'\n ' || split_part (name, ':', 3) || E'\n ' || xmlelement(name value, value) || E'\n ' || xmlelement(name default, (SELECT value FROM nvt_preferences WHERE nvt_preferences.name = config_preferences.name)) || E'\n ' || split_part (name, ':', 2) || E'\n ' FROM config_preferences WHERE type = 'PLUGINS_PREFS' AND config = (SELECT id FROM configs WHERE uuid='${UUID}');" 64 | 65 | echo " " 66 | 67 | echo " " 68 | 69 | SELECTOR=`sql "SELECT nvt_selector FROM configs WHERE uuid='${UUID}';"` 70 | if [ "$SELECTOR" = "54b45713-d4f4-4435-b20d-304c175ed8c5" ]; then 71 | echo " " 72 | else 73 | sql "SELECT E' \n ' || CASE WHEN exclude = 0 THEN '1' ELSE '0' END || E'\n ' || type || E'\n ' || CASE WHEN family_or_nvt IS NULL THEN '' ELSE family_or_nvt END || E'\n ' FROM nvt_selectors WHERE name = (SELECT nvt_selector FROM configs WHERE uuid='${UUID}');" 74 | fi 75 | 76 | echo " " 77 | 78 | echo "" 79 | -------------------------------------------------------------------------------- /tools/gvm-lsc-exe-creator: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | # Copyright (C) 2020-2022 Greenbone AG 3 | # 4 | # SPDX-License-Identifier: AGPL-3.0-or-later 5 | # 6 | # This program is free software: you can redistribute it and/or modify 7 | # it under the terms of the GNU Affero General Public License as 8 | # published by the Free Software Foundation, either version 3 of the 9 | # License, or (at your option) any later version. 10 | # 11 | # This program is distributed in the hope that it will be useful, 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | # GNU Affero General Public License for more details. 15 | # 16 | # You should have received a copy of the GNU Affero General Public License 17 | # along with this program. If not, see . 18 | 19 | # This script generates a Windows installer that creates a user for GVM 20 | # local security checks. 21 | 22 | import argparse 23 | import os 24 | import string 25 | import subprocess 26 | import sys 27 | import tempfile 28 | 29 | def main(): 30 | # Parse command line arguments 31 | description = "Generate a Windows EXE credential installer" 32 | argparser = argparse.ArgumentParser(description=description) 33 | argparser.add_argument("username", 34 | help="Name of the user to create") 35 | argparser.add_argument("password_file_path", 36 | help="Path to a file containing the user's password") 37 | argparser.add_argument("temp_dir", 38 | help="Directory to create temporary files in") 39 | argparser.add_argument("output_path", 40 | help="Path for finished installer") 41 | argparser.add_argument("template_path", 42 | help="Path of the NSIS script template file") 43 | args = argparser.parse_args() 44 | 45 | # Read password 46 | with open(args.password_file_path, "r") as password_file: 47 | password = password_file.read().rstrip("\n") 48 | 49 | # Read NSIS script template 50 | with open(args.template_path, "r") as template_file: 51 | template_string = template_file.read() 52 | 53 | template = string.Template(template_string) 54 | 55 | # Create NSIS script by replacing placeholders in the given template 56 | substitutions = { 57 | "__USERNAME__" : args.username, 58 | "__PASSWORD__" : password, 59 | "__OUTPUT_PATH__" : args.output_path, 60 | } 61 | nsis_script = template.safe_substitute(substitutions) 62 | nsis_script_path = os.path.join(args.temp_dir, "script.nsis") 63 | with open(nsis_script_path, "w") as nsis_script_file: 64 | nsis_script_file.write(nsis_script) 65 | 66 | run = subprocess.run(["makensis", nsis_script_path]) 67 | sys.exit(run.returncode) 68 | 69 | if __name__ == "__main__": 70 | main() 71 | -------------------------------------------------------------------------------- /tools/template.nsis: -------------------------------------------------------------------------------- 1 | ; Copyright (C) 2020-2022 Greenbone AG 2 | ; 3 | ; SPDX-License-Identifier: AGPL-3.0-or-later 4 | ; 5 | ; This program is free software: you can redistribute it and/or modify 6 | ; it under the terms of the GNU Affero General Public License as 7 | ; published by the Free Software Foundation, either version 3 of the 8 | ; License, or (at your option) any later version. 9 | ; 10 | ; This program is distributed in the hope that it will be useful, 11 | ; but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | ; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | ; GNU Affero General Public License for more details. 14 | ; 15 | ; You should have received a copy of the GNU Affero General Public License 16 | ; along with this program. If not, see . 17 | 18 | ; 19 | ; NSIS script for installing a user for GVM scans 20 | ; 21 | ; The gvm-lsc-exe-creator script will replace the following placeholders: 22 | ; - ${__OUTPUT_PATH__} : The output path of the EXE file 23 | ; - ${__USERNAME__} : The name of the user to create 24 | ; - ${__PASSWORD__} : The password of the user to create 25 | ; 26 | 27 | OutFile "${__OUTPUT_PATH__}" 28 | InstallDir $DESKTOP 29 | 30 | ; Main installer section 31 | Section 32 | 33 | ; Create Uninstaller 34 | SetOutPath $INSTDIR 35 | WriteUninstaller "$INSTDIR\gvm_lsc_remove_${__USERNAME__}.exe" 36 | 37 | ; Declare admin group handling variables 38 | Var /GLOBAL TEMPVBSFILE 39 | Var /GLOBAL TEMPADMINGROUPFILE 40 | Var /GLOBAL FH 41 | Var /GLOBAL ADMINGROUPNAME 42 | 43 | ; Generate temporary files for getting localized Administrators group name 44 | GetTempFileName $TEMPVBSFILE 45 | GetTempFileName $TEMPADMINGROUPFILE 46 | 47 | ; Create Thomas Rotter's GetAdminGroupName VB script 48 | DetailPrint `Creating GetAdminGroupName script $TEMPVBSFILE` 49 | FileOpen $FH $TEMPVBSFILE w 50 | FileWrite $FH `Set objWMIService = GetObject("winmgmts:\\.\root\cimv2")$\n` 51 | FileWrite $FH `Set colAccounts = objWMIService.ExecQuery ("Select * From Win32_Group Where SID = 'S-1-5-32-544'")$\n` 52 | FileWrite $FH `For Each objAccount in colAccounts$\n` 53 | FileWrite $FH ` Wscript.Echo objAccount.Name$\n` 54 | FileWrite $FH `Next$\n` 55 | FileClose $FH 56 | 57 | ; Run script to find localized Administrators group 58 | ExecWait `cmd /C cscript /e:vbscript /nologo $TEMPVBSFILE > $TEMPADMINGROUPFILE` 59 | FileOpen $FH $TEMPADMINGROUPFILE r 60 | FileRead $FH $ADMINGROUPNAME 61 | FileClose $FH 62 | ; Remove line break from output 63 | StrCpy $ADMINGROUPNAME `$ADMINGROUPNAME` -2 64 | 65 | ; Create user and add it to the Administrators group 66 | DetailPrint `Creating user ${__USERNAME__}` 67 | SetDetailsPrint none 68 | ExecWait 'cmd /C net user ${__USERNAME__} "${__PASSWORD__}" /add /active:yes' 69 | SetDetailsPrint both 70 | ExecWait 'cmd /C net localgroup $ADMINGROUPNAME %COMPUTERNAME%\${__USERNAME__} /add' 71 | 72 | ; Remove temporary files for localized admin group names 73 | Delete $TEMPVBSFILE 74 | Delete $TEMPADMINGROUPFILE 75 | 76 | ; Display message that everything seems to be fine 77 | MessageBox MB_OK "A user has been added. An uninstaller is placed on your Desktop." 78 | 79 | SectionEnd 80 | 81 | ; Uninstaller section 82 | Section Uninstall 83 | 84 | ExecWait 'net user ${__USERNAME__} /delete' 85 | 86 | ; Display message that everything seems to be fine 87 | MessageBox MB_OK "A user has been removed. You can now safely remove the uninstaller from your Desktop." 88 | 89 | SectionEnd 90 | --------------------------------------------------------------------------------