From fd0bca161cbd777776bf915d821eb855dba5ab8a Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Wed, 24 Jun 2020 15:31:08 +0200 Subject: [PATCH 1/8] Remove defaulting of CREATE_TARGET port list --- src/manage_sql.h | 7 ------- src/manage_sql_port_lists.c | 12 +----------- 2 files changed, 1 insertion(+), 18 deletions(-) diff --git a/src/manage_sql.h b/src/manage_sql.h index dfa7b7b33..b979b4b39 100644 --- a/src/manage_sql.h +++ b/src/manage_sql.h @@ -57,13 +57,6 @@ */ #define PERMISSION_UUID_SUPER_ADMIN_EVERYTHING "a9801074-6fe2-11e4-9d81-406186ea4fc5" -/** - * @brief UUID of 'OpenVAS Default' port list. - * - * Required for the default port list case of CREATE_PORT_LIST. - */ -#define PORT_LIST_UUID_DEFAULT "c7e03b6c-3bbe-11e1-a057-406186ea4fc5" - /** * @brief Predefined role UUID. */ diff --git a/src/manage_sql_port_lists.c b/src/manage_sql_port_lists.c index da8788da3..5111c38ca 100644 --- a/src/manage_sql_port_lists.c +++ b/src/manage_sql_port_lists.c @@ -1077,7 +1077,7 @@ create_port_list_lock (const char *quoted_id, const char *quoted_name, * * @param[in] name Name of port list. * @param[in] comment Comment on port list. - * @param[in] port_range GMP style port range list. NULL for "default". + * @param[in] port_range GMP style port range list. * @param[out] port_list Created port list. * * @return 0 success, 4 error in port range. @@ -1092,16 +1092,6 @@ create_port_list_unique (const char *name, const char *comment, assert (current_credentials.uuid); - if (port_range == NULL || (strcmp (port_range, "default") == 0)) - { - if (find_port_list_with_permission (PORT_LIST_UUID_DEFAULT, - port_list, - "get_port_lists") - || (*port_list == 0)) - return -1; - return 0; - } - if (validate_port_range (port_range)) return 4; From 7df49fe0137d88572f8b2631903590d7884b9ed9 Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Wed, 24 Jun 2020 15:34:39 +0200 Subject: [PATCH 2/8] Quote name later --- src/manage_sql.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/src/manage_sql.c b/src/manage_sql.c index 29ee57907..85ad1ddd4 100644 --- a/src/manage_sql.c +++ b/src/manage_sql.c @@ -30898,7 +30898,6 @@ create_target (const char* name, const char* asset_hosts_filter, sql_rollback (); return 1; } - quoted_name = sql_quote (name ?: ""); if (asset_hosts_filter) { @@ -30943,7 +30942,6 @@ create_target (const char* name, const char* asset_hosts_filter, max = manage_count_hosts (clean, clean_exclude); if (max <= 0) { - g_free (quoted_name); g_free (clean); g_free (clean_exclude); sql_rollback (); @@ -30951,7 +30949,6 @@ create_target (const char* name, const char* asset_hosts_filter, } if (max > max_hosts) { - g_free (quoted_name); g_free (clean); g_free (clean_exclude); sql_rollback (); @@ -30968,7 +30965,6 @@ create_target (const char* name, const char* asset_hosts_filter, "get_port_lists") || (port_list == 0)) { - g_free (quoted_name); g_free (quoted_exclude_hosts); g_free (quoted_hosts); return 6; @@ -30982,7 +30978,6 @@ create_target (const char* name, const char* asset_hosts_filter, g_free (port_list_comment); if (ret) { - g_free (quoted_name); g_free (quoted_exclude_hosts); g_free (quoted_hosts); sql_rollback (); @@ -31004,6 +30999,8 @@ create_target (const char* name, const char* asset_hosts_filter, else reverse_lookup_unify = "1"; + quoted_name = sql_quote (name ?: ""); + if (comment) quoted_comment = sql_quote (comment); else From 19b00fb67ac45a8f4cd220664eee4b9770c7f863 Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Wed, 24 Jun 2020 15:39:14 +0200 Subject: [PATCH 3/8] Check port list earlier to avoid frees --- src/manage_sql.c | 48 ++++++++++++++++++++++-------------------------- 1 file changed, 22 insertions(+), 26 deletions(-) diff --git a/src/manage_sql.c b/src/manage_sql.c index 85ad1ddd4..34ee386e7 100644 --- a/src/manage_sql.c +++ b/src/manage_sql.c @@ -30899,6 +30899,28 @@ create_target (const char* name, const char* asset_hosts_filter, return 1; } + if (port_list_id) + { + if (find_port_list_with_permission (port_list_id, &port_list, + "get_port_lists") + || (port_list == 0)) + { + return 6; + } + } + else + { + port_list_comment = g_strdup_printf ("Autogenerated for target %s.", name); + ret = create_port_list_unique (name, port_list_comment, port_range, + &port_list); + g_free (port_list_comment); + if (ret) + { + sql_rollback (); + return ret; + } + } + if (asset_hosts_filter) { iterator_t asset_hosts; @@ -30959,32 +30981,6 @@ create_target (const char* name, const char* asset_hosts_filter, g_free (clean); g_free (clean_exclude); - if (port_list_id) - { - if (find_port_list_with_permission (port_list_id, &port_list, - "get_port_lists") - || (port_list == 0)) - { - g_free (quoted_exclude_hosts); - g_free (quoted_hosts); - return 6; - } - } - else - { - port_list_comment = g_strdup_printf ("Autogenerated for target %s.", name); - ret = create_port_list_unique (name, port_list_comment, port_range, - &port_list); - g_free (port_list_comment); - if (ret) - { - g_free (quoted_exclude_hosts); - g_free (quoted_hosts); - sql_rollback (); - return ret; - } - } - if (ssh_credential) quoted_ssh_port = sql_insert (ssh_port ? ssh_port : "22"); else From 934885a2928f3932ce6a5cd35333f08c92ba371c Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Wed, 24 Jun 2020 15:39:44 +0200 Subject: [PATCH 4/8] Add missing rollback --- src/manage_sql.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/manage_sql.c b/src/manage_sql.c index 34ee386e7..b314fedf6 100644 --- a/src/manage_sql.c +++ b/src/manage_sql.c @@ -30905,6 +30905,7 @@ create_target (const char* name, const char* asset_hosts_filter, "get_port_lists") || (port_list == 0)) { + sql_rollback (); return 6; } } From 86e777e12b8c665276a718f7a0b6de9069078647 Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Wed, 24 Jun 2020 15:44:22 +0200 Subject: [PATCH 5/8] Add error about missing port list and range --- src/gmp.c | 7 +++++++ src/manage_sql.c | 7 ++++++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/src/gmp.c b/src/gmp.c index bad2ca1a9..158c4abba 100644 --- a/src/gmp.c +++ b/src/gmp.c @@ -21849,6 +21849,13 @@ gmp_xml_handle_end_element (/* unused */ GMarkupParseContext* context, " 'snmp'")); log_event_fail ("target", "Target", NULL, "created"); break; + case 12: + SEND_TO_CLIENT_OR_FAIL + (XML_ERROR_SYNTAX ("create_target", + "One of PORT_LIST and PORT_RANGE are" + " required")); + log_event_fail ("target", "Target", NULL, "created"); + break; case 99: SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX ("create_target", diff --git a/src/manage_sql.c b/src/manage_sql.c index b314fedf6..599f5827b 100644 --- a/src/manage_sql.c +++ b/src/manage_sql.c @@ -30853,7 +30853,7 @@ target_login_port (target_t target, const char* type) * 6 failed to find port list, 7 error in alive tests, * 8 invalid SSH credential type, 9 invalid SMB credential type, * 10 invalid ESXi credential type, 11 invalid SNMP credential type, - * 99 permission denied, -1 error. + * 12 port range or port list required, 99 permission denied, -1 error. */ int create_target (const char* name, const char* asset_hosts_filter, @@ -30909,6 +30909,11 @@ create_target (const char* name, const char* asset_hosts_filter, return 6; } } + else if (port_range == NULL) + { + sql_rollback (); + return 12; + } else { port_list_comment = g_strdup_printf ("Autogenerated for target %s.", name); From 63a37401f171a00012b03826a039c400cb00f0af Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Wed, 24 Jun 2020 16:55:10 +0200 Subject: [PATCH 6/8] Use All IANA assigned TCP as default port list in wizards --- src/wizards/quick_auth_scan.xml | 1 + src/wizards/quick_first_scan.xml | 12 +++++++++--- src/wizards/quick_task.xml | 11 ++++++++--- 3 files changed, 18 insertions(+), 6 deletions(-) diff --git a/src/wizards/quick_auth_scan.xml b/src/wizards/quick_auth_scan.xml index a59bad312..2b9d7e21e 100644 --- a/src/wizards/quick_auth_scan.xml +++ b/src/wizards/quick_auth_scan.xml @@ -127,6 +127,7 @@ along with this program. If not, see . + diff --git a/src/wizards/quick_first_scan.xml b/src/wizards/quick_first_scan.xml index 20dcfe60e..9e2805054 100644 --- a/src/wizards/quick_first_scan.xml +++ b/src/wizards/quick_first_scan.xml @@ -120,9 +120,15 @@ along with this program. If not, see . - - - + + + + + + + + + diff --git a/src/wizards/quick_task.xml b/src/wizards/quick_task.xml index 940484444..74bd1d470 100644 --- a/src/wizards/quick_task.xml +++ b/src/wizards/quick_task.xml @@ -254,9 +254,14 @@ along with this program. If not, see . Automatically generated by wizard - - - + + + + + + + + From 239cf6103792eb2c113afe7eb75e6d9dfc621f70 Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Wed, 24 Jun 2020 17:04:14 +0200 Subject: [PATCH 7/8] Add change to GMP doc --- src/schema_formats/XML/GMP.xml.in | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/src/schema_formats/XML/GMP.xml.in b/src/schema_formats/XML/GMP.xml.in index bf50f5188..2bd9e202c 100644 --- a/src/schema_formats/XML/GMP.xml.in +++ b/src/schema_formats/XML/GMP.xml.in @@ -5242,8 +5242,10 @@ along with this program. If not, see . alive_tests reverse_lookup_only reverse_lookup_unify - port_range - port_list + + port_range + port_list + name @@ -25968,6 +25970,23 @@ along with this program. If not, see . + + CREATE_TARGET, RUN_WIZARD + Default port list removed from CREATE_TARGET + +

+ CREATE_TARGET will no longer automatically add a port list to the + target if a port list or range is not given. In other words, it + is now mandatory to supply either PORT_LIST or PORT_RANGE. +

+

+ As a side effect wizards that use CREATE_TARGET now provide their + own default if no "port_list_id" param is given: "All IANA assigned + TCP", which has UUID 33d0cd82-57c6-11e1-8ed1-406186ea4fc5. +

+ + 20.08 + CREATE_SCHEDULE, GET_SCHEDULES, MODIFY_SCHEDULE Classic schedule elements removed From 6b7a6e499fa16fb84de1e18c929c3bf563ed547d Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Wed, 24 Jun 2020 17:07:22 +0200 Subject: [PATCH 8/8] Update changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 36543fdef..f0bf54a2d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -136,6 +136,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Add migrator to remove dead hosts [#1071](https://github.com/greenbone/gvmd/pull/1071) - Remove classic schedules elements from GMP [#1116](https://github.com/greenbone/gvmd/pull/1116) [#1121](https://github.com/greenbone/gvmd/pull/1121) - Remove parallel from target options. [#1119](https://github.com/greenbone/gvmd/pull/1119) +- Remove default port list from CREATE_TARGET [#1151](https://github.com/greenbone/gvmd/pull/1151) [20.4]: https://github.com/greenbone/gvmd/compare/v9.0.0...master