Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add user limits on hosts and ifaces to OSP prefs (master) #1033

Merged
merged 2 commits into from
Apr 6, 2020
Merged

Add user limits on hosts and ifaces to OSP prefs (master) #1033

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
9333cac
Add user limits on hosts and ifaces to OSP prefs
timopollmeier Apr 3, 2020
265da81
Add CHANGELOG entry for OSP hosts/ifaces prefs
timopollmeier Apr 3, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Ensure parent exists when moving report format dir [#1019](https://github.com/greenbone/gvmd/pull/1019)
- Use nvti_qod instead of the old nvti_get_tag() [#1022](https://github.com/greenbone/gvmd/pull/1022)
- Remove active clause when filtering resources by tag [#1025](https://github.com/greenbone/gvmd/pull/1025)
- Add user limits on hosts and ifaces to OSP prefs [#1033](https://github.com/greenbone/gvmd/pull/1033)

### Removed
- Remove support for "All SecInfo": removal of "allinfo" for type in get_info [#790](https://github.com/greenbone/gvmd/pull/790)
Expand Down
47 changes: 47 additions & 0 deletions src/manage.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4066,6 +4066,50 @@ prepare_osp_scan_for_resume (task_t task, const char *scan_id, char **error)
return -1;
}

/**
* @brief Add OSP preferences for limiting ifaces and hosts for users.
*
* @param[in] scanner_options The scanner preferences table to add to.
*/
static void
add_user_scan_preferences (GHashTable *scanner_options)
{
gchar *hosts, *ifaces, *name;
int hosts_allow, ifaces_allow;

// Limit access to hosts
hosts = user_hosts (current_credentials.uuid);
hosts_allow = user_hosts_allow (current_credentials.uuid);

if (hosts_allow == 1)
name = g_strdup ("hosts_allow");
else if (hosts_allow == 0)
name = g_strdup ("hosts_deny");
else
name = NULL;

if (name)
g_hash_table_replace (scanner_options, name, hosts);
else
g_free (hosts);

// Limit access to ifaces
ifaces = user_ifaces (current_credentials.uuid);
ifaces_allow = user_ifaces_allow (current_credentials.uuid);

if (ifaces_allow == 1)
name = g_strdup ("ifaces_allow");
else if (ifaces_allow == 0)
name = g_strdup ("ifaces_deny");
else
name = NULL;

if (name)
g_hash_table_replace (scanner_options, name, ifaces);
else
g_free (ifaces);
}

/**
* @brief Launch an OpenVAS via OSP task.
*
Expand Down Expand Up @@ -4196,6 +4240,9 @@ launch_osp_openvas_task (task_t task, target_t target, const char *scan_id,
}
}

/* Setup user-specific scanner preference */
add_user_scan_preferences (scanner_options);

/* Setup vulnerability tests (without preferences) */
vts = NULL;
vts_hash_table
Expand Down