From 98c2333978f000a8ea0aca4b1b2ef1fd707ee87c Mon Sep 17 00:00:00 2001 From: Timo Pollmeier Date: Tue, 1 Oct 2019 16:06:19 +0200 Subject: [PATCH 1/5] Get scanner preferences from OSP-OpenVAS scanner The preferences of the OpenVAS scanner are expected to be in the nvt_preferences table, so they have to be added there. --- src/manage_sql_nvts.c | 60 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) diff --git a/src/manage_sql_nvts.c b/src/manage_sql_nvts.c index dd73f0aa1..34c1a6c1f 100644 --- a/src/manage_sql_nvts.c +++ b/src/manage_sql_nvts.c @@ -1415,6 +1415,7 @@ manage_update_nvt_cache_osp (const gchar *update_socket) { osp_connection_t *connection; gchar *db_feed_version, *scanner_feed_version; + GSList *scanner_prefs; /* Re-open DB after fork. */ @@ -1496,6 +1497,65 @@ manage_update_nvt_cache_osp (const gchar *update_socket) " VALUES ('checked_preferences', 1)" " ON CONFLICT (name) DO UPDATE SET value = EXCLUDED.value;"); } + + /* Update scanner preferences */ + connection = osp_connection_new (update_socket, 0, NULL, NULL, NULL); + if (!connection) + { + g_warning ("%s: failed to connect to %s (3)", + __FUNCTION__, update_socket); + return -1; + } + + scanner_prefs = NULL; + if (osp_get_scanner_details (connection, NULL, &scanner_prefs)) + { + g_warning ("%s: failed to get scanner preferences", __FUNCTION__); + osp_connection_close (connection); + return -1; + } + else + { + GString *prefs_sql; + GSList *point; + int first; + + point = scanner_prefs; + first = 1; + + osp_connection_close (connection); + prefs_sql = g_string_new ("INSERT INTO nvt_preferences (name, value)" + " VALUES"); + while (point) + { + osp_param_t *param; + gchar *quoted_name, *quoted_value; + + param = point->data; + quoted_name = sql_quote (osp_param_name (param)); + quoted_value = sql_quote (osp_param_default (param)); + + g_string_append_printf (prefs_sql, + "%s ('%s', '%s')", + first ? "" : ",", + quoted_name, + quoted_value); + first = 0; + point = g_slist_next (point); + g_free (quoted_name); + g_free (quoted_value); + } + g_string_append (prefs_sql, + " ON CONFLICT (name)" + " DO UPDATE SET value = EXCLUDED.value;"); + + if (first == 0) + { + sql ("%s", prefs_sql->str); + } + + g_string_free (prefs_sql, TRUE); + } } return 0; From 05d0b3cdae7a2cd39a43548974f69a8064c7f830 Mon Sep 17 00:00:00 2001 From: Timo Pollmeier Date: Tue, 1 Oct 2019 16:11:31 +0200 Subject: [PATCH 2/5] Amend CHANGELOG for scanner prefs fix --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 26319012a..551b260fc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -21,7 +21,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ### Added - Added TLS certificates as a new resource type [#585](https://github.com/greenbone/gvmd/pull/585) [#663](https://github.com/greenbone/gvmd/pull/663) [#673](https://github.com/greenbone/gvmd/pull/673) [#674](https://github.com/greenbone/gvmd/pull/674) [#689](https://github.com/greenbone/gvmd/pull/689) [#695](https://github.com/greenbone/gvmd/pull/695) [#703](https://github.com/greenbone/gvmd/pull/703) [#728](https://github.com/greenbone/gvmd/pull/728) [#732](https://github.com/greenbone/gvmd/pull/732) [#750](https://github.com/greenbone/gvmd/pull/750) [#752](https://github.com/greenbone/gvmd/pull/752) -- Update NVTs via OSP [#392](https://github.com/greenbone/gvmd/pull/392) [#609](https://github.com/greenbone/gvmd/pull/609) [#626](https://github.com/greenbone/gvmd/pull/626) [#753](https://github.com/greenbone/gvmd/pull/753) +- Update NVTs via OSP [#392](https://github.com/greenbone/gvmd/pull/392) [#609](https://github.com/greenbone/gvmd/pull/609) [#626](https://github.com/greenbone/gvmd/pull/626) [#753](https://github.com/greenbone/gvmd/pull/753) [#766](https://github.com/greenbone/gvmd/pull/766) - Handle addition of ID to NVT preferences. [#413](https://github.com/greenbone/gvmd/pull/413) [#744](https://github.com/greenbone/gvmd/pull/744) - Add setting 'OMP Slave Check Period' [#491](https://github.com/greenbone/gvmd/pull/491) - Document switching between releases when using Postgres. [#563](https://github.com/greenbone/gvmd/pull/563) From daa969520825068f563c0a03752b730ba7e0c4ab Mon Sep 17 00:00:00 2001 From: Timo Pollmeier Date: Tue, 1 Oct 2019 16:50:23 +0200 Subject: [PATCH 3/5] Move scanner_prefs in manage_update_nvt_cache_osp This reduces the scope of the variable to the block it is used in. --- src/manage_sql_nvts.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/manage_sql_nvts.c b/src/manage_sql_nvts.c index 34c1a6c1f..61fcc7764 100644 --- a/src/manage_sql_nvts.c +++ b/src/manage_sql_nvts.c @@ -1415,7 +1415,6 @@ manage_update_nvt_cache_osp (const gchar *update_socket) { osp_connection_t *connection; gchar *db_feed_version, *scanner_feed_version; - GSList *scanner_prefs; /* Re-open DB after fork. */ @@ -1446,6 +1445,7 @@ manage_update_nvt_cache_osp (const gchar *update_socket) if ((db_feed_version == NULL) || strcmp (scanner_feed_version, db_feed_version)) { + GSList *scanner_prefs; entity_t vts; osp_get_vts_opts_t get_vts_opts; From 188e38bf9ea95129cc036d5c185823e9b25f8c8d Mon Sep 17 00:00:00 2001 From: Timo Pollmeier Date: Tue, 1 Oct 2019 16:55:02 +0200 Subject: [PATCH 4/5] Update NVTi cache after scanner prefs update --- src/manage_sql_nvts.c | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/src/manage_sql_nvts.c b/src/manage_sql_nvts.c index 61fcc7764..174dc96f0 100644 --- a/src/manage_sql_nvts.c +++ b/src/manage_sql_nvts.c @@ -1477,27 +1477,6 @@ manage_update_nvt_cache_osp (const gchar *update_socket) update_nvts_from_vts (&vts, scanner_feed_version); free_entity (vts); - /* Tell the main process to update its NVTi cache. */ - sql ("UPDATE %s.meta SET value = 1 WHERE name = 'update_nvti_cache';", - sql_schema ()); - - g_info ("Updating VTs in database ... done (%i VTs).", - sql_int ("SELECT count (*) FROM nvts;")); - - if (sql_int ("SELECT coalesce ((SELECT CAST (value AS INTEGER)" - " FROM meta" - " WHERE name = 'checked_preferences')," - " 0);") - == 0) - { - check_preference_names ("config_preferences"); - check_preference_names ("config_preferences_trash"); - - sql ("INSERT INTO meta (name, value)" - " VALUES ('checked_preferences', 1)" - " ON CONFLICT (name) DO UPDATE SET value = EXCLUDED.value;"); - } - /* Update scanner preferences */ connection = osp_connection_new (update_socket, 0, NULL, NULL, NULL); if (!connection) @@ -1556,6 +1535,27 @@ manage_update_nvt_cache_osp (const gchar *update_socket) g_string_free (prefs_sql, TRUE); } + + /* Tell the main process to update its NVTi cache. */ + sql ("UPDATE %s.meta SET value = 1 WHERE name = 'update_nvti_cache';", + sql_schema ()); + + g_info ("Updating VTs in database ... done (%i VTs).", + sql_int ("SELECT count (*) FROM nvts;")); + + if (sql_int ("SELECT coalesce ((SELECT CAST (value AS INTEGER)" + " FROM meta" + " WHERE name = 'checked_preferences')," + " 0);") + == 0) + { + check_preference_names ("config_preferences"); + check_preference_names ("config_preferences_trash"); + + sql ("INSERT INTO meta (name, value)" + " VALUES ('checked_preferences', 1)" + " ON CONFLICT (name) DO UPDATE SET value = EXCLUDED.value;"); + } } return 0; From bf4b700804dd4c35c02609d54cdd5dd18869adf4 Mon Sep 17 00:00:00 2001 From: Timo Pollmeier Date: Tue, 1 Oct 2019 17:15:15 +0200 Subject: [PATCH 5/5] Use osp_param_id in manage_update_nvt_cache_osp The id has to be used instead of the name here. --- src/manage_sql_nvts.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/manage_sql_nvts.c b/src/manage_sql_nvts.c index 174dc96f0..d2bb53f30 100644 --- a/src/manage_sql_nvts.c +++ b/src/manage_sql_nvts.c @@ -1511,7 +1511,7 @@ manage_update_nvt_cache_osp (const gchar *update_socket) gchar *quoted_name, *quoted_value; param = point->data; - quoted_name = sql_quote (osp_param_name (param)); + quoted_name = sql_quote (osp_param_id (param)); quoted_value = sql_quote (osp_param_default (param)); g_string_append_printf (prefs_sql,