Skip to content

Commit

Permalink
Merge pull request #2077 from mattmundell/get-nvts-lean
Browse files Browse the repository at this point in the history
Add: GET_NVTS attribute lean
  • Loading branch information
timopollmeier authored Oct 5, 2023
2 parents 172e024 + cb18c69 commit 215c313
Show file tree
Hide file tree
Showing 4 changed files with 109 additions and 67 deletions.
23 changes: 19 additions & 4 deletions src/gmp.c
Original file line number Diff line number Diff line change
Expand Up @@ -1821,6 +1821,7 @@ typedef struct
char *preferences_config_id; ///< ID of config to get preference values from.
int details; ///< Boolean. Whether to include full NVT details.
char *family; ///< Name of family to which to limit NVT selection.
int lean; ///< Boolean. Whether to send fewer details.
char *nvt_oid; ///< Name of single NVT to get.
int preference_count; ///< Boolean. Whether to include NVT preference count.
int preferences; ///< Boolean. Whether to include NVT preferences.
Expand Down Expand Up @@ -5303,6 +5304,11 @@ gmp_xml_handle_start_element (/* unused */ GMarkupParseContext* context,
get_nvts_data->details = 0;
append_attribute (attribute_names, attribute_values, "family",
&get_nvts_data->family);
if (find_attribute (attribute_names, attribute_values,
"lean", &attribute))
get_nvts_data->lean = strcmp (attribute, "0");
else
get_nvts_data->lean = 0;
if (find_attribute (attribute_names, attribute_values,
"preferences", &attribute))
get_nvts_data->preferences = strcmp (attribute, "0");
Expand Down Expand Up @@ -7868,6 +7874,7 @@ gmp_xml_handle_start_element (/* unused */ GMarkupParseContext* context,
* @param[in] config Config, used if preferences is true.
* @param[in] skip_cert_refs If true, exclude CERT refs.
* @param[in] skip_tags If true, exclude tags.
* @param[in] lean If true, send fewer details.
* @param[in] write_to_client Function to write to client.
* @param[in] write_to_client_data Argument to \p write_to_client.
*
Expand All @@ -7876,14 +7883,14 @@ gmp_xml_handle_start_element (/* unused */ GMarkupParseContext* context,
static gboolean
send_nvt (iterator_t *nvts, int details, int preferences, int pref_count,
const char *timeout, config_t config, int skip_cert_refs,
int skip_tags,
int skip_tags, int lean,
int (*write_to_client) (const char *, void*),
void* write_to_client_data)
{
gchar *msg;

msg = get_nvt_xml (nvts, details, pref_count, preferences, timeout, config,
0, skip_cert_refs, skip_tags);
0, skip_cert_refs, skip_tags, lean);
if (send_to_client (msg, write_to_client, write_to_client_data))
{
g_free (msg);
Expand Down Expand Up @@ -13184,7 +13191,7 @@ handle_get_info (gmp_parser_t *gmp_parser, GError **error)
dfn_cert_adv_info_iterator_cve_refs (&info));
else if (g_strcmp0 ("nvt", get_info_data->type) == 0)
{
if (send_nvt (&info, 1, 1, -1, NULL, 0, 0, 0,
if (send_nvt (&info, 1, 1, -1, NULL, 0, 0, 0, 0,
gmp_parser->client_writer,
gmp_parser->client_writer_data))
{
Expand Down Expand Up @@ -13405,6 +13412,12 @@ handle_get_nvts (gmp_parser_t *gmp_parser, GError **error)
(XML_ERROR_SYNTAX ("get_nvts",
"The skip_tags attribute"
" requires the details attribute"));
else if ((get_nvts_data->details == 0)
&& get_nvts_data->lean)
SEND_TO_CLIENT_OR_FAIL
(XML_ERROR_SYNTAX ("get_nvts",
"The lean attribute"
" requires the details attribute"));
else if (((get_nvts_data->details == 0)
|| ((get_nvts_data->config_id == NULL)
&& (get_nvts_data->preferences_config_id == NULL)))
Expand Down Expand Up @@ -13515,6 +13528,7 @@ handle_get_nvts (gmp_parser_t *gmp_parser, GError **error)
pref_count, timeout, config,
get_nvts_data->skip_cert_refs,
get_nvts_data->skip_tags,
get_nvts_data->lean,
gmp_parser->client_writer,
gmp_parser->client_writer_data))
{
Expand All @@ -13530,7 +13544,7 @@ handle_get_nvts (gmp_parser_t *gmp_parser, GError **error)
else
while (next (&nvts))
{
if (send_nvt (&nvts, 0, 0, -1, NULL, 0, 0, 0,
if (send_nvt (&nvts, 0, 0, -1, NULL, 0, 0, 0, 0,
gmp_parser->client_writer,
gmp_parser->client_writer_data))
{
Expand Down Expand Up @@ -26803,6 +26817,7 @@ process_gmp_client_input ()
return err;
}
from_client_end = from_client_start = 0;

return 0;
}

Expand Down
146 changes: 84 additions & 62 deletions src/manage.c
Original file line number Diff line number Diff line change
Expand Up @@ -5639,13 +5639,14 @@ xsl_transform (gchar *stylesheet, gchar *xmlfile, gchar **param_names,
* @param[in] close_tag Whether to close the NVT tag or not.
* @param[in] skip_cert_refs Whether to exclude the CERT REFs.
* @param[in] skip_tags Whether to exclude the tags.
* @param[in] lean Whether to send fewer details.
*
* @return A dynamically allocated string containing the XML description.
*/
gchar *
get_nvt_xml (iterator_t *nvts, int details, int pref_count,
int preferences, const char *timeout, config_t config,
int close_tag, int skip_cert_refs, int skip_tags)
int close_tag, int skip_cert_refs, int skip_tags, int lean)
{
const char* oid = nvt_iterator_oid (nvts);
const char* name = nvt_iterator_name (nvts);
Expand All @@ -5658,9 +5659,8 @@ get_nvt_xml (iterator_t *nvts, int details, int pref_count,
{
int tag_count;
GString *refs_str, *tags_str, *buffer, *nvt_tags;
iterator_t cert_refs_iterator, tags, severities;
iterator_t cert_refs_iterator, tags;
gchar *tag_name_esc, *tag_value_esc, *tag_comment_esc;
char *default_timeout = nvt_default_timeout (oid);

DEF (family);
DEF (tag);
Expand Down Expand Up @@ -5811,77 +5811,95 @@ get_nvt_xml (iterator_t *nvts, int details, int pref_count,
g_string_append_printf (buffer,
"<nvt oid=\"%s\">"
"<name>%s</name>"
"<creation_time>%s</creation_time>"
"<modification_time>%s</modification_time>"
"%s" // user_tags
"<category>%d</category>"
"<family>%s</family>"
"<cvss_base>%s</cvss_base>"
"<severities score=\"%s\">",
"<preference_count>%i</preference_count>"
"<timeout>%s</timeout>",
oid,
name_text,
get_iterator_creation_time (nvts)
? get_iterator_creation_time (nvts)
: "",
get_iterator_modification_time (nvts)
? get_iterator_modification_time (nvts)
: "",
tags_str ? tags_str->str : "",
nvt_iterator_category (nvts),
family_text,
nvt_iterator_cvss_base (nvts)
? nvt_iterator_cvss_base (nvts)
: "",
pref_count,
timeout ? timeout : "");

if (lean == 0)
{
char *default_timeout;

default_timeout = nvt_default_timeout (oid);
g_string_append_printf (buffer,
"<default_timeout>%s</default_timeout>"
"<creation_time>%s</creation_time>"
"<modification_time>%s</modification_time>"
"<category>%d</category>"
"<family>%s</family>"
"<cvss_base>%s</cvss_base>"
"<qod>"
"<value>%s</value>"
"<type>%s</type>"
"</qod>"
"<refs>%s</refs>"
"<tags>%s</tags>",
default_timeout ? default_timeout : "",
get_iterator_creation_time (nvts)
? get_iterator_creation_time (nvts)
: "",
get_iterator_modification_time (nvts)
? get_iterator_modification_time (nvts)
: "",
nvt_iterator_category (nvts),
family_text,
nvt_iterator_cvss_base (nvts)
? nvt_iterator_cvss_base (nvts)
: "",
nvt_iterator_qod (nvts),
nvt_iterator_qod_type (nvts),
refs_str->str,
nvt_tags->str);
free (default_timeout);
}

g_string_append_printf (buffer,
"<severities score=\"%s\">",
nvt_iterator_cvss_base (nvts)
? nvt_iterator_cvss_base (nvts)
: "");
? nvt_iterator_cvss_base (nvts)
: "");

init_nvt_severity_iterator (&severities, oid);
while (next (&severities))
if (lean == 0)
{
buffer_xml_append_printf
(buffer,
"<severity type=\"%s\">"
"<origin>%s</origin>"
"<date>%s</date>"
"<score>%0.1f</score>"
"<value>%s</value>"
"</severity>",
nvt_severity_iterator_type (&severities),
nvt_severity_iterator_origin (&severities),
nvt_severity_iterator_date (&severities),
nvt_severity_iterator_score (&severities),
nvt_severity_iterator_value (&severities));
iterator_t severities;

init_nvt_severity_iterator (&severities, oid);
while (next (&severities))
{
buffer_xml_append_printf
(buffer,
"<severity type=\"%s\">"
"<origin>%s</origin>"
"<date>%s</date>"
"<score>%0.1f</score>"
"<value>%s</value>"
"</severity>",
nvt_severity_iterator_type (&severities),
nvt_severity_iterator_origin (&severities),
nvt_severity_iterator_date (&severities),
nvt_severity_iterator_score (&severities),
nvt_severity_iterator_value (&severities));
}
cleanup_iterator (&severities);
}
cleanup_iterator (&severities);

g_string_append_printf (buffer,
"</severities>"
"<qod>"
"<value>%s</value>"
"<type>%s</type>"
"</qod>"
"<refs>%s</refs>"
"<tags>%s</tags>"
"<preference_count>%i</preference_count>"
"<timeout>%s</timeout>"
"<default_timeout>%s</default_timeout>",
nvt_iterator_qod (nvts),
nvt_iterator_qod_type (nvts),
refs_str->str,
nvt_tags->str,
pref_count,
timeout ? timeout : "",
default_timeout ? default_timeout : "");
"</severities>");

g_free (family_text);
g_string_free (nvt_tags, 1);
g_string_free (refs_str, 1);
if (tags_str)
g_string_free (tags_str, 1);

if (nvt_iterator_solution (nvts) ||
nvt_iterator_solution_type (nvts) ||
nvt_iterator_solution_method (nvts))
if (lean == 0
&& (nvt_iterator_solution (nvts)
|| nvt_iterator_solution_type (nvts)
|| nvt_iterator_solution_method (nvts)))
{
buffer_xml_append_printf (buffer, "<solution");

Expand All @@ -5900,11 +5918,14 @@ get_nvt_xml (iterator_t *nvts, int details, int pref_count,
buffer_xml_append_printf (buffer, "/>");
}


if (preferences)
{
iterator_t prefs;
const char *nvt_oid = nvt_iterator_oid (nvts);
char *default_timeout;
const char *nvt_oid;

default_timeout = nvt_default_timeout (oid);
nvt_oid = nvt_iterator_oid (nvts);

/* Send the preferences for the NVT. */

Expand All @@ -5921,11 +5942,11 @@ get_nvt_xml (iterator_t *nvts, int details, int pref_count,
cleanup_iterator (&prefs);

xml_string_append (buffer, "</preferences>");
free (default_timeout);
}

xml_string_append (buffer, close_tag ? "</nvt>" : "");
msg = g_string_free (buffer, FALSE);
free (default_timeout);
}
else
{
Expand Down Expand Up @@ -6055,7 +6076,8 @@ manage_read_info (gchar *type, gchar *uid, gchar *name, gchar **result)
0, /* Config. */
1, /* Close tag. */
0, /* Skip CERT refs. */
0); /* Skip tags. */
0, /* Skip tags. */
0); /* Lean. */

cleanup_iterator (&nvts);
}
Expand Down
2 changes: 1 addition & 1 deletion src/manage.h
Original file line number Diff line number Diff line change
Expand Up @@ -1998,7 +1998,7 @@ void
xml_append_nvt_refs (GString *, const char *, int *);

gchar*
get_nvt_xml (iterator_t*, int, int, int, const char*, config_t, int, int, int);
get_nvt_xml (iterator_t*, int, int, int, const char*, config_t, int, int, int, int);

char*
task_preference_value (task_t, const char *);
Expand Down
5 changes: 5 additions & 0 deletions src/schema_formats/XML/GMP.xml.in
Original file line number Diff line number Diff line change
Expand Up @@ -13236,6 +13236,11 @@ END:VCALENDAR
<summary>Whether to include full details</summary>
<type>boolean</type>
</attrib>
<attrib>
<name>lean</name>
<summary>Whether to send fewer details</summary>
<type>boolean</type>
</attrib>
<attrib>
<name>preferences</name>
<summary>Whether to include preference</summary>
Expand Down

0 comments on commit 215c313

Please sign in to comment.