From e7459e555715876094dcc5ede5dd1421a78079bf Mon Sep 17 00:00:00 2001 From: Timo Pollmeier Date: Mon, 1 Jul 2024 12:19:44 +0200 Subject: [PATCH] Add: GET_FEATURES command and CVSS3_RATINGS toggle The GMP command GET_FEATURES has been added to get the status of optional features that can be enabled or disabled at build time. This includes the OPENVASD toggle as well as a new one (CVSS3_RATINGS) that will later be used to toggle CVSS3 / CVSS4 severity ratings. The new command will allow GSA to get the current state of these feature toggles. --- CMakeLists.txt | 10 +++++- src/gmp.c | 35 +++++++++++++++++++ src/gvmd.c | 3 ++ src/schema_formats/XML/GMP.xml.in | 58 +++++++++++++++++++++++++++++++ 4 files changed, 105 insertions(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 2c9561cb6..cf44b15e4 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -236,9 +236,17 @@ if (NOT GVM_DEFAULT_DROP_USER) endif (NOT GVM_DEFAULT_DROP_USER) +# Feature toggles if (NOT OPENVASD) set (OPENVASD 0) endif (NOT OPENVASD) +add_definitions (-DOPENVASD=${OPENVASD}) + +if (NOT CVSS3_RATINGS) + set (CVSS3_RATINGS 0) +endif (NOT CVSS3_RATINGS) +add_definitions (-DCVSS3_RATINGS=${CVSS3_RATINGS}) + message ("-- Install prefix: ${CMAKE_INSTALL_PREFIX}") @@ -286,7 +294,7 @@ set (HARDENING_FLAGS "-Wformat -Wformat-security -D_FORTIFY_SOURCE=2 set (LINKER_HARDENING_FLAGS "-Wl,-z,relro -Wl,-z,now") # To find unused functions, add: -flto -fwhole-program -ffunction-sections -Wl,--gc-sections -Wl,--print-gc-sections -set (CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -D_BSD_SOURCE -D_ISOC99_SOURCE -D_SVID_SOURCE -D_DEFAULT_SOURCE -D_FILE_OFFSET_BITS=64 -DOPENVASD=${OPENVASD} ${COVERAGE_FLAGS}") +set (CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -D_BSD_SOURCE -D_ISOC99_SOURCE -D_SVID_SOURCE -D_DEFAULT_SOURCE -D_FILE_OFFSET_BITS=64 ${COVERAGE_FLAGS}") set (CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -Werror -Wshadow ${COVERAGE_FLAGS} ${DEBUG_FUNCTION_NAMES_FLAGS}") set (CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} ${HARDENING_FLAGS} ${COVERAGE_FLAGS}") diff --git a/src/gmp.c b/src/gmp.c index 0e8fda239..e846eec84 100644 --- a/src/gmp.c +++ b/src/gmp.c @@ -4360,6 +4360,7 @@ typedef enum CLIENT_GET_ASSETS, CLIENT_GET_CONFIGS, CLIENT_GET_CREDENTIALS, + CLIENT_GET_FEATURES, CLIENT_GET_FEEDS, CLIENT_GET_FILTERS, CLIENT_GET_GROUPS, @@ -5295,6 +5296,10 @@ gmp_xml_handle_start_element (/* unused */ GMarkupParseContext* context, &get_credentials_data->format); set_client_state (CLIENT_GET_CREDENTIALS); } + else if (strcasecmp ("GET_FEATURES", element_name) == 0) + { + set_client_state (CLIENT_GET_FEATURES); + } else if (strcasecmp ("GET_FEEDS", element_name) == 0) { append_attribute (attribute_names, attribute_values, "type", @@ -12879,6 +12884,32 @@ get_feed (gmp_parser_t *gmp_parser, GError **error, int feed_type) SEND_TO_CLIENT_OR_FAIL (""); } +/** + * @brief Handle end of GET_FEATURES element. + * + * @param[in] gmp_parser GMP parser. + * @param[in] error Error parameter. + */ +static void +handle_get_features (gmp_parser_t *gmp_parser, GError **error) +{ + SEND_TO_CLIENT_OR_FAIL (""); + + SENDF_TO_CLIENT_OR_FAIL ("" + "CVSS3_RATINGS" + "", + CVSS3_RATINGS ? 1 : 0); + + SENDF_TO_CLIENT_OR_FAIL ("" + "OPENVASD" + "", + OPENVASD ? 1 : 0); + + SEND_TO_CLIENT_OR_FAIL (""); +} + /** * @brief Handle end of GET_FEEDS element. * @@ -19960,6 +19991,10 @@ gmp_xml_handle_end_element (/* unused */ GMarkupParseContext* context, handle_get_credentials (gmp_parser, error); break; + case CLIENT_GET_FEATURES: + handle_get_features (gmp_parser, error); + break; + case CLIENT_GET_FEEDS: handle_get_feeds (gmp_parser, error); break; diff --git a/src/gvmd.c b/src/gvmd.c index d2492c407..4ffdab4e8 100644 --- a/src/gvmd.c +++ b/src/gvmd.c @@ -2302,6 +2302,9 @@ gvmd (int argc, char** argv, char *env[]) } #if OPENVASD == 1 printf ("OpenVASD is enabled\n"); +#endif +#if CVSS3_RATINGS == 1 + printf ("CVSS3 severity ratings enabled\n"); #endif printf ("Copyright (C) 2009-2021 Greenbone AG\n"); printf ("License: AGPL-3.0-or-later\n"); diff --git a/src/schema_formats/XML/GMP.xml.in b/src/schema_formats/XML/GMP.xml.in index a2adfc117..859f1ded4 100644 --- a/src/schema_formats/XML/GMP.xml.in +++ b/src/schema_formats/XML/GMP.xml.in @@ -11163,6 +11163,64 @@ END:VCALENDAR + + get_features + Get a list of optional features + +

+ The client uses the get_feeds command to get a list of optional + features. + If the command sent by the client was valid, the manager will + reply with a list of feeds to the client. +

+
+ + + + status + status + 1 + + + status_text + text + 1 + + feature + + + feature + + + enabled + boolean + Whether the feature is enabled + 1 + + name + + + name + The name of the feature + text + + + + + Get the optional features + + + + + + + + OPENVASD + + + + +
get_feeds Get one or many feeds