Skip to content

Commit

Permalink
Merge pull request #394 from kroosec/nvt-pref-name
Browse files Browse the repository at this point in the history 
Nvt pref name
  • Loading branch information
@kroosec
kroosec authored Feb 20, 2019
2 parents cc8f3bb + 4e2d21a commit b6d078e
Show file tree
Hide file tree
Showing 11 changed files with 286 additions and 156 deletions.
2 changes: 1 addition & 1 deletion CMakeLists.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -117,7 +117,7 @@ include (CPack)

## Variables

set (GVMD_DATABASE_VERSION 205)
set (GVMD_DATABASE_VERSION 206)

set (GVMD_SCAP_DATABASE_VERSION 15)

Expand Down
39 changes: 18 additions & 21 deletions src/gmp.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10120,19 +10120,17 @@ void
buffer_config_preference_xml (GString *buffer, iterator_t *prefs,
config_t config, int hide_passwords)
{
char *real_name, *type, *value, *nvt;
char *real_name, *type, *value, *oid, *nvt = NULL;
const char *default_value;
char *oid = NULL;

real_name = nvt_preference_iterator_real_name (prefs);
oid = nvt_preference_iterator_oid (prefs);
type = nvt_preference_iterator_type (prefs);
value = nvt_preference_iterator_config_value (prefs, config);
nvt = nvt_preference_iterator_nvt (prefs);

real_name = nvt_preference_iterator_real_name (prefs);
default_value = nvt_preference_iterator_value (prefs);
value = nvt_preference_iterator_config_value (prefs, config);

if (nvt) oid = nvt_oid (nvt);

if (oid)
nvt = nvt_name (oid);
buffer_xml_append_printf (buffer,
"<preference>"
"<nvt oid=\"%s\"><name>%s</name></nvt>"
Expand Down Expand Up @@ -10189,11 +10187,11 @@ buffer_config_preference_xml (GString *buffer, iterator_t *prefs,

buffer_xml_append_printf (buffer, "</preference>");

free (real_name);
free (type);
free (value);
free (nvt);
free (oid);
g_free (real_name);
g_free (type);
g_free (value);
g_free (nvt);
g_free (oid);
}

/**
Expand Down Expand Up @@ -15639,20 +15637,19 @@ handle_get_preferences (gmp_parser_t *gmp_parser, GError **error)
}
else
{
char *nvt_name = manage_nvt_name (nvt);
char *nvt_oid = get_preferences_data->nvt_oid;
SEND_TO_CLIENT_OR_FAIL ("<get_preferences_response"
" status=\"" STATUS_OK "\""
" status_text=\"" STATUS_OK_TEXT "\">");
init_nvt_preference_iterator (&prefs, nvt_name);
free (nvt_name);
init_nvt_preference_iterator (&prefs, nvt_oid);
if (get_preferences_data->preference)
while (next (&prefs))
{
char *name = strstr (nvt_preference_iterator_name (&prefs), "]:");
if (name
&& (strcmp (name + 2,
get_preferences_data->preference)
== 0))
char *name = strstr (nvt_preference_iterator_name (&prefs), ":");
if (name)
name = strstr (name + 1, ":");
if (name && (strcmp (name + 1, get_preferences_data->preference)
== 0))
{
GString *buffer = g_string_new ("");
buffer_config_preference_xml (buffer, &prefs, config, 1);
Expand Down
72 changes: 34 additions & 38 deletions src/manage.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1621,10 +1621,10 @@ nvt_selector_plugins (config_t config)
static gchar*
preference_value (const char* name, const char* full_value)
{
char *bracket = strchr (name, '[');
char *bracket = strchr (name, ':');
if (bracket)
{
if (strncmp (bracket, "[radio]:", strlen ("[radio]:")) == 0)
if (strncmp (bracket, ":radio:", strlen (":radio:")) == 0)
{
char *semicolon = strchr (full_value, ';');
if (semicolon)
Expand Down Expand Up @@ -1676,18 +1676,15 @@ send_config_preferences (config_t config, const char* section_name,

if (pref_files)
{
int type_start = -1, type_end = -1, count;

/* LDAPsearch[entry]:Timeout value */
count = sscanf (pref_name, "%*[^[][%n%*[^]]%n]:", &type_start,
&type_end);
if (count == 0
&& type_start > 0
&& type_end > 0
&& (strncmp (pref_name + type_start,
"file",
type_end - type_start)
== 0))
char **splits;
int is_file = 0;
/* OID:PrefType:PrefName value */
splits = g_strsplit (pref_name, ":", 3);
if (splits && g_strv_length (splits) == 3
&& strcmp (splits[1], "file") == 0)
is_file = 1;
g_strfreev (splits);
if (is_file)
{
GSList *head;
char *uuid;
Expand Down Expand Up @@ -2097,42 +2094,42 @@ send_alive_test_preferences (target_t target)
if (alive_test == 0)
return 0;

if (sendf_to_server ("Ping Host[checkbox]:Do a TCP ping <|> %s\n",
if (sendf_to_server (OID_PING_HOST ":checkbox:Do a TCP ping <|> %s\n",
alive_test & ALIVE_TEST_TCP_ACK_SERVICE
|| alive_test & ALIVE_TEST_TCP_SYN_SERVICE
? "yes"
: "no"))
return -1;

if (sendf_to_server ("Ping Host[checkbox]:TCP ping tries also TCP-SYN ping"
if (sendf_to_server (OID_PING_HOST ":checkbox:TCP ping tries also TCP-SYN ping"
" <|> %s\n",
((alive_test & ALIVE_TEST_TCP_SYN_SERVICE)
&& (alive_test & ALIVE_TEST_TCP_ACK_SERVICE))
? "yes"
: "no"))
return -1;

if (sendf_to_server ("Ping Host[checkbox]:TCP ping tries only TCP-SYN ping"
if (sendf_to_server (OID_PING_HOST ":checkbox:TCP ping tries only TCP-SYN ping"
" <|> %s\n",
((alive_test & ALIVE_TEST_TCP_SYN_SERVICE)
&& !(alive_test & ALIVE_TEST_TCP_ACK_SERVICE))
? "yes"
: "no"))
return -1;

if (sendf_to_server ("Ping Host[checkbox]:Do an ICMP ping <|> %s\n",
if (sendf_to_server (OID_PING_HOST ":checkbox:Do an ICMP ping <|> %s\n",
(alive_test & ALIVE_TEST_ICMP)
? "yes"
: "no"))
return -1;

if (sendf_to_server ("Ping Host[checkbox]:Use ARP <|> %s\n",
if (sendf_to_server (OID_PING_HOST ":checkbox:Use ARP <|> %s\n",
(alive_test & ALIVE_TEST_ARP)
? "yes"
: "no"))
return -1;

if (sendf_to_server ("Ping Host[checkbox]:"
if (sendf_to_server (OID_PING_HOST ":checkbox:"
"Mark unrechable Hosts as dead (not scanning) <|> %s\n",
(alive_test & ALIVE_TEST_CONSIDER_ALIVE)
? "no"
Expand All @@ -2142,7 +2139,7 @@ send_alive_test_preferences (target_t target)
if (alive_test == ALIVE_TEST_CONSIDER_ALIVE)
{
/* Also select a method, otherwise Ping Host logs a warning. */
if (sendf_to_server ("Ping Host[checkbox]:Do a TCP ping <|> yes\n"))
if (sendf_to_server (OID_PING_HOST ":checkbox:Do a TCP ping <|> yes\n"))
return -1;
}

Expand Down Expand Up @@ -5357,15 +5354,15 @@ run_otp_task (task_t task, scanner_t scanner, int from, char **report_id)
const char *user = credential_iterator_login (&credentials);
const char *password = credential_iterator_password (&credentials);

if (sendf_to_server ("SSH Authorization[entry]:SSH login name:"
if (sendf_to_server (OID_SSH_AUTH ":entry:SSH login name:"
" <|> %s\n",
user ? user : "")
|| (credential_iterator_private_key (&credentials)
? sendf_to_server ("SSH Authorization[password]:"
? sendf_to_server (OID_SSH_AUTH ":password:"
"SSH key passphrase:"
" <|> %s\n",
password ? password : "")
: sendf_to_server ("SSH Authorization[password]:"
: sendf_to_server (OID_SSH_AUTH ":password:"
"SSH password (unsafe!):"
" <|> %s\n",
password ? password : "")))
Expand Down Expand Up @@ -5396,8 +5393,7 @@ run_otp_task (task_t task, scanner_t scanner, int from, char **report_id)
(gpointer) g_strdup (credential_iterator_private_key
(&credentials)));

if (sendf_to_server ("SSH Authorization[file]:"
"SSH private key:"
if (sendf_to_server (OID_SSH_AUTH ":file:SSH private key:"
" <|> %s\n",
file_uuid))
goto fail;
Expand All @@ -5416,9 +5412,9 @@ run_otp_task (task_t task, scanner_t scanner, int from, char **report_id)
const char *user = credential_iterator_login (&credentials);
const char *password = credential_iterator_password (&credentials);

if (sendf_to_server ("SMB Authorization[entry]:SMB login: <|> %s\n",
if (sendf_to_server (OID_SMB_AUTH ":entry:SMB login: <|> %s\n",
user ? user : "")
|| sendf_to_server ("SMB Authorization[password]:SMB password:"
|| sendf_to_server (OID_SMB_AUTH ":password:SMB password:"
" <|> %s\n",
password ? password : ""))
{
Expand Down Expand Up @@ -5447,10 +5443,10 @@ run_otp_task (task_t task, scanner_t scanner, int from, char **report_id)
const char *user = credential_iterator_login (&credentials);
const char *password = credential_iterator_password (&credentials);

if (sendf_to_server ("ESXi Authorization[entry]:ESXi login name:"
if (sendf_to_server (OID_ESXI_AUTH ":entry:ESXi login name:"
" <|> %s\n",
user ? user : "")
|| sendf_to_server ("ESXi Authorization[password]:ESXi login password:"
|| sendf_to_server (OID_ESXI_AUTH ":password:ESXi login password:"
" <|> %s\n",
password ? password : ""))
{
Expand Down Expand Up @@ -5486,25 +5482,25 @@ run_otp_task (task_t task, scanner_t scanner, int from, char **report_id)
const char *privacy_algorithm
= credential_iterator_privacy_algorithm (&credentials);

if (sendf_to_server ("SNMP Authorization[password]:SNMP Community:"
if (sendf_to_server (OID_SNMP_AUTH ":password:SNMP Community:"
" <|> %s\n",
community ? community : "")
|| sendf_to_server ("SNMP Authorization[entry]:SNMPv3 Username:"
|| sendf_to_server (OID_SNMP_AUTH ":entry:SNMPv3 Username:"
" <|> %s\n",
user ? user : "")
|| sendf_to_server ("SNMP Authorization[password]:"
|| sendf_to_server (OID_SNMP_AUTH ":password:"
"SNMPv3 Password:"
" <|> %s\n",
password ? password : "")
|| sendf_to_server ("SNMP Authorization[radio]:"
|| sendf_to_server (OID_SNMP_AUTH ":radio:"
"SNMPv3 Authentication Algorithm:"
" <|> %s\n",
auth_algorithm ? auth_algorithm : "")
|| sendf_to_server ("SNMP Authorization[password]:"
|| sendf_to_server (OID_SNMP_AUTH ":password:"
"SNMPv3 Privacy Password:"
" <|> %s\n",
privacy_password ? privacy_password : "")
|| sendf_to_server ("SNMP Authorization[radio]:"
|| sendf_to_server (OID_SNMP_AUTH ":radio:"
"SNMPv3 Privacy Algorithm:"
" <|> %s\n",
privacy_algorithm ? privacy_algorithm : ""))
Expand Down Expand Up @@ -8238,7 +8234,7 @@ get_nvti_xml (iterator_t *nvts, int details, int pref_count,
if (preferences)
{
iterator_t prefs;
const char *nvt_name = nvt_iterator_name (nvts);
const char *nvt_oid = nvt_iterator_oid (nvts);

/* Send the preferences for the NVT. */

Expand All @@ -8249,7 +8245,7 @@ get_nvti_xml (iterator_t *nvts, int details, int pref_count,
timeout ? timeout : "",
default_timeout ? default_timeout : "");

init_nvt_preference_iterator (&prefs, nvt_name);
init_nvt_preference_iterator (&prefs, nvt_oid);
while (next (&prefs))
buffer_config_preference_xml (buffer, &prefs, config, 1);
cleanup_iterator (&prefs);
Expand Down
45 changes: 43 additions & 2 deletions src/manage.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,47 @@
#include <gvm/osp/osp.h> /* for osp_connection_t */



/**
* @brief OID of ping_host.nasl
*/
#define OID_PING_HOST "1.3.6.1.4.1.25623.1.0.100315"

/**
* @brief OID of ssh_authorization_init.nasl
*/
#define OID_SSH_AUTH "1.3.6.1.4.1.25623.1.0.103591"

/**
* @brief OID of smb_authorization.nasl
*/
#define OID_SMB_AUTH "1.3.6.1.4.1.25623.1.0.90023"

/**
* @brief OID of gb_esxi_authorization.nasl
*/
#define OID_ESXI_AUTH "1.3.6.1.4.1.25623.1.0.105058"

/**
* @brief OID of gb_snmp_authorization.nasl
*/
#define OID_SNMP_AUTH "1.3.6.1.4.1.25623.1.0.105076"

/**
* @brief OID of find_services.nasl
*/
#define OID_SERVICES "1.3.6.1.4.1.25623.1.0.10330"

/**
* @brief OID of logins.nasl
*/
#define OID_LOGINS "1.3.6.1.4.1.25623.1.0.10870"

/**
* @brief OID of global_settings.nasl
*/
#define OID_GLOBAL_SETTINGS "1.3.6.1.4.1.25623.1.0.12288"

/**
* @brief Flag with all Glib log levels.
*/
Expand Down Expand Up @@ -1901,7 +1942,7 @@ char *
manage_nvt_name (nvt_t);

char *
nvt_oid (const char *);
nvt_name (const char *);

char*
nvts_feed_version ();
Expand Down Expand Up @@ -2060,7 +2101,7 @@ char*
nvt_preference_iterator_type (iterator_t*);

char*
nvt_preference_iterator_nvt (iterator_t*);
nvt_preference_iterator_oid (iterator_t*);

int
nvt_preference_count (const char *);
Expand Down
8 changes: 4 additions & 4 deletions src/manage_config_discovery.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -941,21 +941,21 @@ make_config_discovery (char *const uuid, char *const selector_name)
sql ("INSERT INTO config_preferences (config, type, name, value)"
" VALUES ((SELECT id FROM configs WHERE uuid = '%s'),"
" 'PLUGINS_PREFS',"
" 'Ping Host[checkbox]:Mark unrechable Hosts as dead (not scanning)',"
" '" OID_PING_HOST ":checkbox:Mark unrechable Hosts as dead (not scanning)',"
" 'yes');",
uuid);
sql ("INSERT INTO config_preferences (config, type, name, value)"
" VALUES ((SELECT id FROM configs WHERE uuid = '%s'),"
" 'PLUGINS_PREFS',"
" 'Ping Host[checkbox]:Report about unrechable Hosts',"
" '" OID_PING_HOST ":checkbox:Report about unrechable Hosts',"
" 'no');",
uuid);

/* Add preferences for "Services" nvt in Discovery Scan Config. */
sql ("INSERT INTO config_preferences (config, type, name, value)"
" VALUES ((SELECT id FROM configs WHERE uuid = '%s'),"
" 'PLUGINS_PREFS',"
" 'Services[radio]:Test SSL based services',"
" '" OID_SERVICES ":radio:Test SSL based services',"
" 'All;Known SSL ports;None');",
uuid);
}
Expand All @@ -975,7 +975,7 @@ check_config_discovery (const char *uuid)
sql ("UPDATE config_preferences SET value = 'no'"
" WHERE config = (SELECT id FROM configs WHERE uuid = '%s')"
" AND type = 'PLUGINS_PREFS'"
" AND name = 'Ping Host[checkbox]:Report about unrechable Hosts'"
" AND name = '" OID_PING_HOST ":checkbox:Report about unrechable Hosts'"
" AND value = 'yes';",
uuid);

Expand Down
Loading

0 comments on commit b6d078e

Please sign in to comment.