Skip to content

Commit

Permalink
Merge branch 'main' into faster-trash-creds
Browse files Browse the repository at this point in the history
  • Loading branch information
mattmundell authored Mar 11, 2024
2 parents f800094 + 54a0645 commit a6f3aec
Show file tree
Hide file tree
Showing 2 changed files with 75 additions and 34 deletions.
77 changes: 49 additions & 28 deletions src/manage_sql.c
Original file line number Diff line number Diff line change
Expand Up @@ -27930,23 +27930,41 @@ init_v2_delta_iterator (report_t report, iterator_t *results, report_t delta,
"nvts_cols");

extra_with = g_strdup_printf(" comparison AS ("
" WITH r1 as (SELECT results.id, description, host, report, port,"
" WITH r1a as (SELECT results.id, description, host, report, port,"
" severity, nvt, results.qod, results.uuid, hostname,"
" path, r1_lateral.new_severity as new_severity "
" FROM results "
" LEFT JOIN (SELECT cvss_base, oid AS nvts_oid from nvts)"
" LEFT JOIN (SELECT cvss_base, oid AS nvts_oid FROM nvts)"
" AS nvts_cols"
" ON nvts_cols.nvts_oid = results.nvt"
" %s, LATERAL %s AS r1_lateral"
" WHERE report = %llu),"
" r2 as (SELECT results.*, r2_lateral.new_severity AS new_severity"
" r2a as (SELECT results.*, r2_lateral.new_severity AS new_severity"
" FROM results"
" LEFT JOIN (SELECT cvss_base, oid AS nvts_oid from nvts)"
" LEFT JOIN (SELECT cvss_base, oid AS nvts_oid FROM nvts)"
" AS nvts_cols"
" ON nvts_cols.nvts_oid = results.nvt"
" %s, LATERAL %s AS r2_lateral"
" WHERE report = %llu)"
" SELECT r1.id AS result1_id,"
" WHERE report = %llu),"
" r1 as (SELECT DISTINCT ON (r1a.id) r1a.*, r2a.id as r2id, row_number() over w1 as r1_rank"
" FROM r1a LEFT JOIN r2a ON r1a.host = r2a.host"
" AND normalize_port(r1a.port) = normalize_port(r2a.port)"
" AND r1a.nvt = r2a.nvt "
" AND (r1a.new_severity = 0) = (r2a.new_severity = 0)"
" AND (r1a.description = r2a.description)"
" WINDOW w1 AS (PARTITION BY r1a.host, normalize_port(r1a.port),"
" r1a.nvt, r1a.new_severity = 0, r2a.id is null ORDER BY r2a.id)"
" ORDER BY r1a.id),"
" r2 as (SELECT DISTINCT ON (r2a.id) r2a.*, r1a.id as r1id, row_number() over w2 as r2_rank"
" FROM r2a LEFT JOIN r1a ON r2a.host = r1a.host"
" AND normalize_port(r2a.port) = normalize_port(r1a.port)"
" AND r2a.nvt = r1a.nvt "
" AND (r2a.new_severity = 0) = (r1a.new_severity = 0)"
" AND (r2a.description = r1a.description)"
" WINDOW w2 AS (PARTITION BY r2a.host, normalize_port(r2a.port),"
" r2a.nvt, r2a.new_severity = 0, r1a.id is null ORDER BY r1a.id)"
" ORDER BY r2a.id)"
" (SELECT r1.id AS result1_id,"
" r2.id AS result2_id,"
" compare_results("
" r1.description,"
Expand All @@ -27972,28 +27990,18 @@ init_v2_delta_iterator (report_t report, iterator_t *results, report_t delta,
" r2.path AS delta_path,"
" r2.host AS delta_host,"
RESULT_HOSTNAME_SQL("r2.hostname", "r2.host", "r2.report")
" AS delta_hostname,"
" AS delta_hostname,"
" r2.nvt_version AS delta_nvt_version"
" FROM r1"
" FULL OUTER JOIN r2"
" ON r1.host = r2.host"
" AND normalize_port(r1.port) = normalize_port(r2.port)"
" AND r1.nvt = r2.nvt "
" AND (r1.new_severity = 0) = (r2.new_severity = 0)"
" AND (r1.description = r2.description"
" OR NOT EXISTS (SELECT * FROM r2"
" WHERE r1.description = r2.description"
" AND r1.host = r2.host"
" AND normalize_port(r1.port) = normalize_port(r2.port)"
" AND r1.nvt = r2.nvt"
" AND (r1.new_severity = 0) = (r2.new_severity = 0))"
" OR NOT EXISTS (SELECT * FROM r1"
" WHERE r1.description = r2.description"
" AND r1.host = r2.host"
" AND normalize_port(r1.port) = normalize_port(r2.port)"
" AND r1.nvt = r2.nvt"
" AND (r1.new_severity = 0) = (r2.new_severity = 0)))"
" )",
" AND ((r1id IS NULL AND r2id IS NULL) OR"
" r2id = r2.id OR r1id = r1.id)"
" AND r1_rank = r2_rank"
" ) ) ",
opts_tables,
with_lateral,
report,
Expand Down Expand Up @@ -58423,23 +58431,36 @@ manage_optimize (GSList *log_config, const db_conn_info_t *database,
}
else if (strcasecmp (name, "cleanup-config-prefs") == 0)
{
int removed, fixed_values;
sql ("DELETE FROM config_preferences WHERE id NOT IN"
" (SELECT min(id) FROM config_preferences"
" GROUP BY config, type, name, value);");
removed = sql_changes();

sql ("UPDATE config_preferences"
" SET value = (SELECT value FROM nvt_preferences"
" WHERE name='scanner_plugins_timeout')"
" WHERE name = 'scanner_plugins_timeout'"
" AND value = 'SCANNER_NVT_TIMEOUT';");
fixed_values = sql_changes();

success_text = g_strdup_printf ("Optimized: cleanup-config-prefs."
" Duplicate config preferences removed:"
" %d. Corrected preference values: %d",
removed, fixed_values);
sql ("UPDATE config_preferences"
" SET pref_nvt = NULL,"
" pref_id = NULL,"
" pref_type = NULL,"
" pref_name = NULL"
" WHERE type = 'SERVER_PREFS' AND pref_nvt IS NOT NULL;");

sql ("UPDATE config_preferences"
" SET pref_nvt = substring (name, '^([^:]*)'),"
" pref_id = CAST(substring (name, '^[^:]*:([0-9]+)') AS integer),"
" pref_type = substring (name, '^[^:]*:[0-9]+:([^:]*):'),"
" pref_name = substring (name, '^[^:]*:[0-9]+:[^:]*:(.*)')"
" WHERE type = 'PLUGINS_PREFS'"
" AND (pref_nvt = '(null)' OR pref_nvt IS NULL"
" OR pref_type = '(null)' OR pref_type IS NULL"
" OR pref_name = '(null)' OR pref_name IS NULL)"
" AND name ~ '^[^:]*:[0-9]+:[^:]*:.*'"
" AND type = 'PLUGINS_PREFS';");

success_text = g_strdup_printf ("Optimized: cleanup-config-prefs.");
}
else if (strcasecmp (name, "cleanup-feed-permissions") == 0)
{
Expand Down
32 changes: 26 additions & 6 deletions src/manage_sql_configs.c
Original file line number Diff line number Diff line change
Expand Up @@ -3627,6 +3627,13 @@ modify_config_preference (config_t config, const char* nvt,
g_free (quoted_name);
quoted_name = sql_quote (splits[3]);
}
else
{
quoted_pref_nvt = sql_quote (splits[0]);
pref_id = atoi (splits[1]);
quoted_pref_type = sql_quote (splits[2]);
quoted_pref_name = sql_quote (splits[3]);
}
}
g_strfreev (splits);

Expand All @@ -3639,12 +3646,25 @@ modify_config_preference (config_t config, const char* nvt,
config,
nvt ? "= 'PLUGINS_PREFS'" : "= 'SERVER_PREFS'",
quoted_name);
sql ("INSERT INTO config_preferences"
" (config, type, name, value, pref_nvt, pref_id, pref_type, pref_name)"
" VALUES (%llu, %s, '%s', '%s', '%s', %i, '%s', '%s');",
config, nvt ? "'PLUGINS_PREFS'" : "'SERVER_PREFS'", quoted_name,
quoted_value, quoted_pref_nvt, pref_id, quoted_pref_type,
quoted_pref_name);
if (nvt)
{
sql ("INSERT INTO config_preferences"
" (config, type, name, value,"
" pref_nvt, pref_id, pref_type, pref_name)"
" VALUES (%llu, 'PLUGINS_PREFS', '%s', '%s',"
" '%s', %i, '%s', '%s');",
config, quoted_name, quoted_value,
quoted_pref_nvt, pref_id, quoted_pref_type, quoted_pref_name);
}
else
{
sql ("INSERT INTO config_preferences"
" (config, type, name, value,"
" pref_nvt, pref_id, pref_type, pref_name)"
" VALUES (%llu, 'SERVER_PREFS', '%s', '%s',"
" NULL, NULL, NULL, NULL);",
config, quoted_name, quoted_value);
}

g_free (quoted_value);
g_free (quoted_name);
Expand Down

0 comments on commit a6f3aec

Please sign in to comment.