Merge pull request #849 from janowagner/unified_vt_solution

Unified vt solution

CHANGELOG.md

@@ -16,6 +16,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 ### Changed
 - Update SCAP and CERT feed info in sync scripts [#810](https://github.com/greenbone/gvmd/pull/810)
+- Extend GMP API for nvt object to carry a explicit solution element [#849](https://github.com/greenbone/gvmd/pull/849)
 
 ### Fixed
 - Add NULL check in nvts_feed_version_epoch [#768](https://github.com/greenbone/gvmd/pull/768)

CMakeLists.txt

@@ -113,7 +113,7 @@ include (CPack)
 
 ## Variables
 
-set (GVMD_DATABASE_VERSION 221)
+set (GVMD_DATABASE_VERSION 223)
 
 set (GVMD_SCAP_DATABASE_VERSION 15)
 

src/gmp.c

@@ -10246,6 +10246,27 @@ results_xml_append_nvt (iterator_t *results, GString *buffer, int cert_loaded)
                                     cvss_base ?: "",
                                     tags->str ?: "");
 
+          if (result_iterator_nvt_solution (results)
+              || result_iterator_nvt_solution_type (results)
+              || result_iterator_nvt_solution_method (results))
+            {
+              buffer_xml_append_printf (buffer, "<solution");
+
+              if (result_iterator_nvt_solution_type (results))
+                buffer_xml_append_printf (buffer, " type='%s'",
+                  result_iterator_nvt_solution_type (results));
+
+              if (result_iterator_nvt_solution_method (results))
+                buffer_xml_append_printf (buffer, " method='%s'",
+                  result_iterator_nvt_solution_method (results));
+
+              if (result_iterator_nvt_solution (results))
+                buffer_xml_append_printf (buffer, ">%s</solution>",
+                                          result_iterator_nvt_solution (results));
+              else
+                buffer_xml_append_printf (buffer, "/>");
+            }
+
           first = 1;
           result_iterator_nvt_refs_append (buffer, results, &first);
           results_xml_append_cert (buffer, results, oid, cert_loaded, &first);

src/manage.c

@@ -7908,6 +7908,28 @@ get_nvti_xml (iterator_t *nvts, int details, int pref_count,
       g_string_free(refs_str, 1);
       g_string_free(tags_str, 1);
 
+      if (nvt_iterator_solution (nvts) ||
+          nvt_iterator_solution_type (nvts) ||
+          nvt_iterator_solution_method (nvts))
+        {
+          g_string_append_printf (buffer, "<solution");
+
+          if (nvt_iterator_solution_type (nvts))
+            g_string_append_printf (buffer, " type='%s'",
+              nvt_iterator_solution_type (nvts));
+
+          if (nvt_iterator_solution_method (nvts))
+            g_string_append_printf (buffer, " method='%s'",
+              nvt_iterator_solution_method (nvts));
+
+          if (nvt_iterator_solution (nvts))
+            g_string_append_printf (buffer, ">%s</solution>",
+              nvt_iterator_solution (nvts));
+          else
+            g_string_append_printf (buffer, "/>");
+        }
+
+
       if (preferences)
         {
           iterator_t prefs;

src/manage.h

@@ -1429,6 +1429,9 @@ result_iterator_nvt_solution (iterator_t *);
 const char*
 result_iterator_nvt_solution_type (iterator_t *);
 
+const char*
+result_iterator_nvt_solution_method (iterator_t *);
+
 const char*
 result_iterator_nvt_detection (iterator_t *);
 
@@ -2023,6 +2026,9 @@ nvt_iterator_solution (iterator_t*);
 const char*
 nvt_iterator_solution_type (iterator_t*);
 
+const char*
+nvt_iterator_solution_method (iterator_t*);
+
 char*
 nvt_default_timeout (const char *);
 

src/manage_migrators.c

@@ -1597,6 +1597,38 @@ migrate_221_to_222 ()
   return 0;
 }
 
+/**
+ * @brief Migrate the database from version 222 to version 223.
+ *
+ * @return 0 success, -1 error.
+ */
+int
+migrate_222_to_223 ()
+{
+  sql_begin_immediate ();
+
+  /* Ensure that the database is currently version 222. */
+
+  if (manage_db_version () != 222)
+    {
+      sql_rollback ();
+      return -1;
+    }
+
+  /* Update the database. */
+
+  /* Extend table "nvts" with additional column "solution_method" */
+  sql ("ALTER TABLE IF EXISTS nvts ADD COLUMN solution_method text;");
+
+  /* Set the database version to 223. */
+
+  set_db_version (223);
+
+  sql_commit ();
+
+  return 0;
+}
+
 #undef UPDATE_DASHBOARD_SETTINGS
 
 /**
@@ -1625,6 +1657,7 @@ static migrator_t database_migrators[] = {
   {220, migrate_219_to_220},
   {221, migrate_220_to_221},
   {222, migrate_221_to_222},
+  {223, migrate_222_to_223},
   /* End marker. */
   {-1, NULL}};
 

src/manage_pg.c

@@ -2919,6 +2919,7 @@ create_tables ()
        "  modification_time integer,"
        "  solution text,"
        "  solution_type text,"
+       "  solution_method text,"
        "  detection text,"
        "  qod integer,"
        "  qod_type text);");

src/manage_sql.c

@@ -24294,6 +24294,25 @@ result_iterator_nvt_solution_type (iterator_t *iterator)
   return NULL;
 }
 
+/**
+ * @brief Get the NVT solution_method from a result iterator.
+ *
+ * @param[in]  iterator  Iterator.
+ *
+ * @return The solution_method of the NVT that produced the result,
+ *         or NULL on error.
+ */
+const char*
+result_iterator_nvt_solution_method (iterator_t *iterator)
+{
+  nvti_t *nvti;
+  if (iterator->done) return NULL;
+  nvti = lookup_nvti (result_iterator_nvt_oid (iterator));
+  if (nvti)
+    return nvti_solution_method (nvti);
+  return NULL;
+}
+
 /**
  * @brief Get the NVT detection from a result iterator.
  *

src/manage_sql_nvts.c

@@ -253,7 +253,7 @@ insert_nvt (const nvti_t *nvti)
   gchar *quoted_name, *quoted_summary, *quoted_insight, *quoted_affected;
   gchar *quoted_impact, *quoted_detection, *quoted_cve, *quoted_tag;
   gchar *quoted_cvss_base, *quoted_qod_type, *quoted_family;
-  gchar *quoted_solution, *quoted_solution_type;
+  gchar *quoted_solution, *quoted_solution_type, *quoted_solution_method;
   int qod, i;
 
   cve = nvti_refs (nvti, "cve", "", 0);
@@ -272,6 +272,8 @@ insert_nvt (const nvti_t *nvti)
                                nvti_solution (nvti) : "");
   quoted_solution_type = sql_quote (nvti_solution_type (nvti) ?
                                     nvti_solution_type (nvti) : "");
+  quoted_solution_method = sql_quote (nvti_solution_method (nvti) ?
+                                      nvti_solution_method (nvti) : "");
   quoted_detection = sql_quote (nvti_detection (nvti) ?
                                 nvti_detection (nvti) : "");
 
@@ -298,14 +300,14 @@ insert_nvt (const nvti_t *nvti)
   sql ("INSERT into nvts (oid, name, summary, insight, affected,"
        " impact, cve, tag, category, family, cvss_base,"
        " creation_time, modification_time, uuid, solution_type,"
-       " solution, detection, qod, qod_type)"
+       " solution_method, solution, detection, qod, qod_type)"
        " VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s',"
-       " '%s', %i, '%s', '%s', %i, %i, '%s', '%s', '%s', '%s', %d, '%s');",
+       " '%s', %i, '%s', '%s', %i, %i, '%s', '%s', '%s', '%s', '%s', %d, '%s');",
        nvti_oid (nvti), quoted_name, quoted_summary, quoted_insight,
        quoted_affected, quoted_impact, quoted_cve, quoted_tag,
        nvti_category (nvti), quoted_family, quoted_cvss_base,
        nvti_creation_time (nvti), nvti_modification_time (nvti),
-       nvti_oid (nvti), quoted_solution_type,
+       nvti_oid (nvti), quoted_solution_type, quoted_solution_method,
        quoted_solution, quoted_detection, qod, quoted_qod_type);
 
   sql ("DELETE FROM vt_refs where vt_oid = '%s';", nvti_oid (nvti));
@@ -338,6 +340,7 @@ insert_nvt (const nvti_t *nvti)
   g_free (quoted_family);
   g_free (quoted_solution);
   g_free (quoted_solution_type);
+  g_free (quoted_solution_method);
   g_free (quoted_detection);
   g_free (quoted_qod_type);
 }
@@ -909,6 +912,16 @@ DEF_ACCESS (nvt_iterator_impact, GET_ITERATOR_COLUMN_COUNT + 18);
  */
 DEF_ACCESS (nvt_iterator_detection, GET_ITERATOR_COLUMN_COUNT + 19);
 
+/**
+ * @brief Get the solution method from an NVT iterator.
+ *
+ * @param[in]  iterator  Iterator.
+ *
+ * @return Solution method, or NULL if iteration is complete.  Freed by
+ *         cleanup_iterator.
+ */
+DEF_ACCESS (nvt_iterator_solution_method, GET_ITERATOR_COLUMN_COUNT + 20);
+
 /**
  * @brief Get the default timeout of an NVT.
  *
@@ -1183,7 +1196,7 @@ nvti_from_vt (entity_t vt)
   solution = entity_child (vt, "solution");
   if (solution)
     {
-      const gchar *type;
+      const gchar *type, *method;
 
       nvti_set_solution (nvti, entity_text (solution));
 
@@ -1192,6 +1205,10 @@ nvti_from_vt (entity_t vt)
         g_debug ("%s: SOLUTION missing type", __func__);
       else
         nvti_set_solution_type (nvti, type);
+
+      method = entity_attribute (solution, "method");
+      if (method)
+        nvti_set_solution_method (nvti, method);
     }
 
   refs = entity_child (vt, "refs");

src/manage_sql_nvts.h

@@ -61,6 +61,7 @@
    { "affected", NULL, KEYWORD_TYPE_STRING },                               \
    { "impact", NULL, KEYWORD_TYPE_STRING },                                 \
    { "detection", NULL, KEYWORD_TYPE_STRING },                              \
+   { "solution_method", NULL, KEYWORD_TYPE_STRING },                        \
    { NULL, NULL, KEYWORD_TYPE_UNKNOWN }                                     \
  }
 

src/report_formats/CSV_Results/CSV_Results.xsl

@@ -186,8 +186,8 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
   <xsl:text>,</xsl:text>
   <xsl:value-of select="gvm:formula_quote (threat)"/>
   <xsl:text>,"</xsl:text>
-  <xsl:if test="gvm:get-nvt-tag (nvt/tags, 'solution_type') != ''">
-    <xsl:value-of select="gvm:formula_quote (str:replace (gvm:get-nvt-tag (nvt/tags, 'solution_type'), $quote, $two-quotes))"/>
+  <xsl:if test="nvt/solution/@type">
+    <xsl:value-of select="gvm:formula_quote (str:replace (nvt/solution/@type, $quote, $two-quotes))"/>
   </xsl:if>
   <xsl:text>","</xsl:text>
   <xsl:call-template name="nvt_name"/>
@@ -229,8 +229,8 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
     <xsl:value-of select="gvm:formula_quote (str:replace (gvm:get-nvt-tag (nvt/tags, 'impact'), $quote, $two-quotes))"/>
   </xsl:if>
   <xsl:text>","</xsl:text>
-  <xsl:if test="gvm:get-nvt-tag (nvt/tags, 'solution') != 'N/A'">
-    <xsl:value-of select="gvm:formula_quote (str:replace (gvm:get-nvt-tag (nvt/tags, 'solution'), $quote, $two-quotes))"/>
+  <xsl:if test="nvt/solution/text()">
+    <xsl:value-of select="gvm:formula_quote (str:replace (nvt/solution/text(), $quote, $two-quotes))"/>
   </xsl:if>
   <xsl:text>","</xsl:text>
   <xsl:if test="gvm:get-nvt-tag (nvt/tags, 'affected') != 'N/A'">

src/report_formats/LaTeX/latex.xsl

@@ -1254,19 +1254,26 @@ advice given in each description, in order to rectify the issue.
           </xsl:call-template>
         </xsl:if>
 
-        <xsl:if test="(string-length (gvm:get-nvt-tag (nvt/tags, 'solution')) &gt; 0 and gvm:get-nvt-tag (nvt/tags, 'solution') != 'N/A') or (string-length (gvm:get-nvt-tag (nvt/tags, 'solution_type')) &gt; 0)">
+        <xsl:if test="nvt/solution/text() or nvt/solution/@type or nvt/solution/@method">
           \hline
           <xsl:call-template name="latex-newline"/>
           <xsl:text>\textbf{Solution}</xsl:text>
           <xsl:call-template name="latex-newline"/>
-          <xsl:if test="string-length (gvm:get-nvt-tag (nvt/tags, 'solution_type')) &gt; 0">
+          <xsl:if test="nvt/solution/@type">
             \textbf{Solution type:}
-            <xsl:value-of select="gvm:get-nvt-tag (nvt/tags, 'solution_type')"/>
+            <xsl:value-of select="nvt/solution/@type"/>
             <xsl:call-template name="latex-newline"/>
           </xsl:if>
-          <xsl:call-template name="structured-text">
-            <xsl:with-param name="string" select="gvm:get-nvt-tag (nvt/tags, 'solution')"/>
-          </xsl:call-template>
+          <xsl:if test="nvt/solution/@method">
+            \textbf{Solution method:}
+            <xsl:value-of select="nvt/solution/@method"/>
+            <xsl:call-template name="latex-newline"/>
+          </xsl:if>
+          <xsl:if test="nvt/solution/text()">
+            <xsl:call-template name="structured-text">
+              <xsl:with-param name="string" select="nvt/solution/text()"/>
+            </xsl:call-template>
+          </xsl:if>
         </xsl:if>
 
         <xsl:if test="string-length (gvm:get-nvt-tag (nvt/tags, 'affected')) &gt; 0 and gvm:get-nvt-tag (nvt/tags, 'affected') != 'N/A'">

src/report_formats/NBE/NBE.xsl

@@ -163,16 +163,23 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
     <xsl:text>\n\n</xsl:text>
   </xsl:if>
 
-  <xsl:if test="(string-length (gvm:get-nvt-tag (nvt/tags, 'solution')) &gt; 0 and gvm:get-nvt-tag (nvt/tags, 'solution') != 'N/A') or (string-length (gvm:get-nvt-tag (nvt/tags, 'solution_type')))">
+  <xsl:if test="nvt/solution/text() or nvt/solution/@type or nvt/solution/@method">
     <xsl:text>Solution:</xsl:text>
     <xsl:text>\n</xsl:text>
-    <xsl:if test="string-length (gvm:get-nvt-tag (nvt/tags, 'solution_type')) &gt; 0">
+    <xsl:if test="nvt/solution/@type">
       <xsl:text>Solution type: </xsl:text>
-      <xsl:value-of select="gvm:get-nvt-tag (nvt/tags, 'solution_type')"/>
+      <xsl:value-of select="nvt/solution/@type"/>
       <xsl:text>\n</xsl:text>
     </xsl:if>
-    <xsl:value-of select="str:replace (gvm:get-nvt-tag (nvt/tags, 'solution'), '&#10;', '\n')"/>
-    <xsl:text>\n\n</xsl:text>
+    <xsl:if test="nvt/solution/@method">
+      <xsl:text>Solution method: </xsl:text>
+      <xsl:value-of select="nvt/solution/@method"/>
+      <xsl:text>\n</xsl:text>
+    </xsl:if>
+    <xsl:if test="nvt/solution/text()">
+      <xsl:value-of select="str:replace (nvt/solution/text(), '&#10;', '\n')"/>
+      <xsl:text>\n\n</xsl:text>
+    </xsl:if>
   </xsl:if>
 
   <xsl:if test="string-length (gvm:get-nvt-tag (nvt/tags, 'affected')) &gt; 0 and gvm:get-nvt-tag (nvt/tags, 'affected') != 'N/A'">

src/report_formats/TXT/TXT.xsl

@@ -456,18 +456,25 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
       <xsl:call-template name="newline"/>
     </xsl:if>
 
-    <xsl:if test="(string-length (gvm:get-nvt-tag (nvt/tags, 'solution')) &gt; 0 and gvm:get-nvt-tag (nvt/tags, 'solution') != 'N/A') or string-length (gvm:get-nvt-tag (nvt/tags, 'solution_type')) &gt; 0">
+    <xsl:if test="nvt/solution/text() or nvt/solution/@type or nvt/solution/@method">
       <xsl:text>Solution:</xsl:text>
       <xsl:call-template name="newline"/>
-      <xsl:if test="string-length (gvm:get-nvt-tag (nvt/tags, 'solution_type')) &gt; 0">
+      <xsl:if test="nvt/solution/@type">
         <xsl:text>Solution type: </xsl:text>
-        <xsl:value-of select="gvm:get-nvt-tag (nvt/tags, 'solution_type')"/>
+        <xsl:value-of select="nvt/solution/@type"/>
+        <xsl:call-template name="newline"/>
+      </xsl:if>
+      <xsl:if test="nvt/solution/@method">
+        <xsl:text>Solution method: </xsl:text>
+        <xsl:value-of select="nvt/solution/@method"/>
+        <xsl:call-template name="newline"/>
+      </xsl:if>
+      <xsl:if test="nvt/solution/text()">
+        <xsl:call-template name="wrap">
+          <xsl:with-param name="string" select="nvt/solution/text()"/>
+        </xsl:call-template>
         <xsl:call-template name="newline"/>
       </xsl:if>
-      <xsl:call-template name="wrap">
-        <xsl:with-param name="string" select="gvm:get-nvt-tag (nvt/tags, 'solution')"/>
-      </xsl:call-template>
-      <xsl:call-template name="newline"/>
     </xsl:if>
 
     <xsl:if test="string-length (gvm:get-nvt-tag (nvt/tags, 'affected')) &gt; 0 and gvm:get-nvt-tag (nvt/tags, 'affected') != 'N/A'">