diff --git a/CMakeLists.txt b/CMakeLists.txt index 945272c27..dd7396c90 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -247,6 +247,10 @@ if (NOT CVSS3_RATINGS) endif (NOT CVSS3_RATINGS) add_definitions (-DCVSS3_RATINGS=${CVSS3_RATINGS}) +if (NOT COMPLIANCE_REPORTS) + set (COMPLIANCE_REPORTS 0) +endif (NOT COMPLIANCE_REPORTS) +add_definitions (-DCOMPLIANCE_REPORTS=${COMPLIANCE_REPORTS}) message ("-- Install prefix: ${CMAKE_INSTALL_PREFIX}") @@ -254,6 +258,14 @@ message ("-- Install prefix: ${CMAKE_INSTALL_PREFIX}") set (GVMD_VERSION "${PROJECT_VERSION_STRING}") +if (COMPLIANCE_REPORTS EQUAL 1) + set(IF_COMPLIANCE_REPORTS "") + set(ENDIF_COMPLIANCE_REPORTS "") +elseif (COMPLIANCE_REPORTS EQUAL 0) + set(IF_COMPLIANCE_REPORTS "") +endif() + # Configure Doxyfile with version number configure_file (doc/Doxyfile.in doc/Doxyfile) configure_file (doc/Doxyfile_full.in doc/Doxyfile_full) diff --git a/src/gmp.c b/src/gmp.c index 196f00f1e..4ae04b006 100644 --- a/src/gmp.c +++ b/src/gmp.c @@ -12955,6 +12955,11 @@ handle_get_features (gmp_parser_t *gmp_parser, GError **error) " status=\"" STATUS_OK "\"" " status_text=\"" STATUS_OK_TEXT "\">"); + SENDF_TO_CLIENT_OR_FAIL ("" + "COMPLIANCE_REPORTS" + "", + COMPLIANCE_REPORTS ? 1 : 0); + SENDF_TO_CLIENT_OR_FAIL ("" "CVSS3_RATINGS" "", @@ -14831,7 +14836,7 @@ handle_get_reports (gmp_parser_t *gmp_parser, GError **error) || (strlen (get_reports_data->report_get.id) == 0)) { int overrides, min_qod; - gchar *filter, *levels, *compliance_levels; + gchar *filter, *levels; get_data_t * get; /* For simplicity, use a fixed result filter when filtering @@ -14853,22 +14858,33 @@ handle_get_reports (gmp_parser_t *gmp_parser, GError **error) overrides = filter_term_apply_overrides (filter ? filter : get->filter); min_qod = filter_term_min_qod (filter ? filter : get->filter); levels = filter_term_value (filter ? filter : get->filter, "levels"); - compliance_levels = filter_term_value (filter - ? filter - : get->filter, - "compliance_levels"); + #if COMPLIANCE_REPORTS == 1 + gchar *compliance_levels; + compliance_levels = filter_term_value (filter + ? filter + : get->filter, + "compliance_levels"); + + /* Setup result filter from overrides. */ + get_reports_data->get.filter + = g_strdup_printf + ("apply_overrides=%i min_qod=%i levels=%s compliance_levels=%s", + overrides, + min_qod, + levels ? levels : "hmlgdf", + compliance_levels ? compliance_levels : "yniu"); + g_free (compliance_levels); + #else + /* Setup result filter from overrides. */ + get_reports_data->get.filter + = g_strdup_printf + ("apply_overrides=%i min_qod=%i levels=%s", + overrides, + min_qod, + levels ? levels : "hmlgdf"); + #endif g_free (filter); - - /* Setup result filter from overrides. */ - get_reports_data->get.filter - = g_strdup_printf - ("apply_overrides=%i min_qod=%i levels=%s compliance_levels=%s", - overrides, - min_qod, - levels ? levels : "hmlgdf", - compliance_levels ? compliance_levels : "yniu"); g_free (levels); - g_free (compliance_levels); } ret = init_report_iterator (&reports, &get_reports_data->report_get); @@ -15914,6 +15930,7 @@ select_resource_iterator (get_resource_names_data_t *resource_names_data, else if (g_strcmp0 ("report", resource_names_data->type) == 0) { *iterator = (int (*) (iterator_t*, get_data_t *))init_report_iterator; +#if COMPLIANCE_REPORTS == 1 get_data_set_extra (&resource_names_data->get, "usage_type", g_strdup ("scan")); @@ -15924,6 +15941,7 @@ select_resource_iterator (get_resource_names_data_t *resource_names_data, get_data_set_extra (&resource_names_data->get, "usage_type", g_strdup ("audit")); +#endif } else if (g_strcmp0 ("report_config", resource_names_data->type) == 0) { diff --git a/src/gvmd.c b/src/gvmd.c index 05bc8c43c..9be3ecc8e 100644 --- a/src/gvmd.c +++ b/src/gvmd.c @@ -2317,6 +2317,9 @@ gvmd (int argc, char** argv, char *env[]) #endif #if CVSS3_RATINGS == 1 printf ("CVSS3 severity ratings enabled\n"); +#endif +#if COMPLIANCE_REPORTS == 1 + printf ("Compliance reports enabled\n"); #endif printf ("Copyright (C) 2009-2021 Greenbone AG\n"); printf ("License: AGPL-3.0-or-later\n"); diff --git a/src/manage_sql.c b/src/manage_sql.c index 6abe7f43e..83e3ddc6b 100644 --- a/src/manage_sql.c +++ b/src/manage_sql.c @@ -3980,9 +3980,14 @@ valid_type (const char* type) int valid_subtype (const char* type) { - return (strcasecmp (type, "audit_report") == 0) - || (strcasecmp (type, "audit") == 0) - || (strcasecmp (type, "policy") == 0); + #if COMPLIANCE_REPORTS == 1 + return (strcasecmp (type, "audit_report") == 0) + || (strcasecmp (type, "audit") == 0) + || (strcasecmp (type, "policy") == 0); + #else + return (strcasecmp (type, "audit") == 0) + || (strcasecmp (type, "policy") == 0); + #endif } /** @@ -22033,6 +22038,7 @@ report_iterator_opts_table (int override, int min_qod) min_qod); } +#if COMPLIANCE_REPORTS == 1 /** * @brief Return SQL WHERE for restricting a SELECT to compliance statuses. * @@ -22090,7 +22096,7 @@ where_compliance_status (const char *compliance) return g_string_free (compliance_sql, FALSE);; } - +#endif /** * @brief Generate an extra WHERE clause for selecting reports @@ -22104,9 +22110,9 @@ where_compliance_status (const char *compliance) static gchar * reports_extra_where (int trash, const gchar *filter, const char *usage_type) { - gchar *extra_where = NULL; - gchar *usage_type_clause, *trash_clause, *compliance_clause = NULL; - gchar *compliance_filter = NULL; + + GString *extra_where = g_string_new (""); + gchar *trash_clause; if (trash) { @@ -22122,36 +22128,37 @@ reports_extra_where (int trash, const gchar *filter, const char *usage_type) } - if (usage_type && strcmp (usage_type, "")) - { - gchar *quoted_usage_type; - quoted_usage_type = sql_quote (usage_type); - usage_type_clause = g_strdup_printf (" AND task in (SELECT id from tasks" - " WHERE usage_type='%s')", - quoted_usage_type); - - g_free (quoted_usage_type); - } - else - usage_type_clause = NULL; + g_string_append_printf(extra_where, "%s", trash_clause); + g_free (trash_clause); - if (filter) - compliance_filter = filter_term_value(filter, "report_compliance_levels"); + #if COMPLIANCE_REPORTS == 1 + gchar *usage_type_clause, *compliance_clause = NULL; + gchar *compliance_filter = NULL; + if (usage_type && strcmp (usage_type, "")) + { + gchar *quoted_usage_type; + quoted_usage_type = sql_quote (usage_type); + usage_type_clause = g_strdup_printf (" AND task in (SELECT id from tasks" + " WHERE usage_type='%s')", + quoted_usage_type); - compliance_clause = where_compliance_status (compliance_filter ?: "yniu"); - + g_free (quoted_usage_type); + } + else + usage_type_clause = NULL; - extra_where = g_strdup_printf("%s%s%s", - trash_clause, - usage_type_clause ?: "", - compliance_clause ?: ""); + if (filter) + compliance_filter = filter_term_value(filter, "report_compliance_levels"); - g_free (compliance_filter); - g_free (trash_clause); - g_free (compliance_clause); - g_free (usage_type_clause); + compliance_clause = where_compliance_status (compliance_filter ?: "yniu"); - return extra_where; + g_string_append_printf (extra_where, "%s%s", usage_type_clause ?: "", compliance_clause ?: ""); + g_free (compliance_filter); + g_free (compliance_clause); + g_free (usage_type_clause); + #endif + + return g_string_free (extra_where, FALSE); } /** @@ -25967,6 +25974,7 @@ report_counts_id_full (report_t report, int* holes, int* infos, return 0; } +#if COMPLIANCE_REPORTS == 1 /** * @brief Get the compliance state from compliance counts. * @@ -26111,7 +26119,7 @@ report_compliance_counts (report_t report, return 0; } - +#endif /** @@ -28437,7 +28445,52 @@ print_report_host_xml (FILE *stream, PRINT (stream, ""); - if (strcmp (usage_type, "audit")) + #if COMPLIANCE_REPORTS == 1 + if (strcmp (usage_type, "audit") == 0) + { + int yes_count, no_count, incomplete_count, undefined_count; + + yes_count + = GPOINTER_TO_INT + (g_hash_table_lookup (f_host_compliant, current_host)); + no_count + = GPOINTER_TO_INT + (g_hash_table_lookup (f_host_notcompliant, current_host)); + incomplete_count + = GPOINTER_TO_INT + (g_hash_table_lookup (f_host_incomplete, current_host)); + undefined_count + = GPOINTER_TO_INT + (g_hash_table_lookup (f_host_undefined, current_host)); + + PRINT (stream, + "%s" + "%s" + "%d" + "" + "%d" + "%d" + "%d" + "%d" + "%d" + "" + "%s", + host_iterator_start_time (hosts), + host_iterator_end_time (hosts) + ? host_iterator_end_time (hosts) + : "", + ports_count, + (yes_count + no_count + incomplete_count + undefined_count), + yes_count, + no_count, + incomplete_count, + undefined_count, + report_compliance_from_counts (&yes_count, + &no_count, + &incomplete_count, + &undefined_count)); + } else + #endif { int holes_count, warnings_count, infos_count; int logs_count, false_positives_count; @@ -28484,50 +28537,6 @@ print_report_host_xml (FILE *stream, logs_count, false_positives_count); } - else - { - int yes_count, no_count, incomplete_count, undefined_count; - - yes_count - = GPOINTER_TO_INT - (g_hash_table_lookup (f_host_compliant, current_host)); - no_count - = GPOINTER_TO_INT - (g_hash_table_lookup (f_host_notcompliant, current_host)); - incomplete_count - = GPOINTER_TO_INT - (g_hash_table_lookup (f_host_incomplete, current_host)); - undefined_count - = GPOINTER_TO_INT - (g_hash_table_lookup (f_host_undefined, current_host)); - - PRINT (stream, - "%s" - "%s" - "%d" - "" - "%d" - "%d" - "%d" - "%d" - "%d" - "" - "%s", - host_iterator_start_time (hosts), - host_iterator_end_time (hosts) - ? host_iterator_end_time (hosts) - : "", - ports_count, - (yes_count + no_count + incomplete_count + undefined_count), - yes_count, - no_count, - incomplete_count, - undefined_count, - report_compliance_from_counts (&yes_count, - &no_count, - &incomplete_count, - &undefined_count)); - } if (print_report_host_details_xml (host_iterator_report_host (hosts), stream, lean)) @@ -29641,7 +29650,8 @@ print_v2_report_delta_xml (FILE *out, iterator_t *results, *orig_filtered_result_count = *filtered_result_count; gchar *usage_type = NULL; - if (task && task_usage_type(task, &usage_type)) return -1; + if (task && task_usage_type(task, &usage_type)) + return -1; ports = g_tree_new_full ((GCompareDataFunc) strcmp, NULL, g_free, (GDestroyNotify) free_host_ports); @@ -29652,7 +29662,30 @@ print_v2_report_delta_xml (FILE *out, iterator_t *results, if (strchr (delta_states, state[0]) == NULL) continue; - if (strcmp (usage_type, "audit")) + #if COMPLIANCE_REPORTS == 1 + if (strcmp (usage_type, "audit") == 0) + { + const char* compliance; + compliance = result_iterator_compliance (results); + (*f_compliance_count)++; + if (strcasecmp (compliance, "yes") == 0) + { + (*f_compliance_yes)++; + } + else if (strcasecmp (compliance, "no") == 0) + { + (*f_compliance_no)++; + } + else if (strcasecmp (compliance, "incomplete") == 0) + { + (*f_compliance_incomplete)++; + } + else if (strcasecmp (compliance, "undefined") == 0) + { + (*f_compliance_undefined)++; + } + } else + #endif { const char *level; /* Increase the result count. */ @@ -29685,28 +29718,6 @@ print_v2_report_delta_xml (FILE *out, iterator_t *results, (*f_false_positives)++; } } - else - { - const char* compliance; - compliance = result_iterator_compliance (results); - (*f_compliance_count)++; - if (strcasecmp (compliance, "yes") == 0) - { - (*f_compliance_yes)++; - } - else if (strcasecmp (compliance, "no") == 0) - { - (*f_compliance_no)++; - } - else if (strcasecmp (compliance, "incomplete") == 0) - { - (*f_compliance_incomplete)++; - } - else if (strcasecmp (compliance, "undefined") == 0) - { - (*f_compliance_undefined)++; - } - } buffer_results_xml (buffer, results, @@ -29839,11 +29850,9 @@ print_report_xml_start (report_t report, report_t delta, task_t task, GHashTable *f_host_incomplete, *f_host_undefined; task_status_t run_status; gchar *tsk_usage_type = NULL; - int compliance_yes, compliance_no; - int compliance_incomplete, compliance_undefined; int f_compliance_yes, f_compliance_no; int f_compliance_incomplete, f_compliance_undefined; - int total_compliance_count, f_compliance_count; + int f_compliance_count; int delta_reports_version = 0; @@ -29856,7 +29865,7 @@ print_report_xml_start (report_t report, report_t delta, task_t task, min_qod = NULL; search_phrase = NULL; total_result_count = filtered_result_count = 0; - total_compliance_count = f_compliance_count = 0; + f_compliance_count = 0; orig_filtered_result_count = 0; orig_f_false_positives = orig_f_warnings = orig_f_logs = orig_f_infos = 0; orig_f_holes = 0; @@ -29947,14 +29956,11 @@ print_report_xml_start (report_t report, report_t delta, task_t task, levels = levels ? levels : g_strdup ("hmlgdf"); - compliance_levels = compliance_levels ? compliance_levels : g_strdup ("yniu"); - if (task && (task_uuid (task, &tsk_uuid) || task_usage_type(task, &tsk_usage_type))) { fclose (out); g_free (term); g_free (levels); - g_free (compliance_levels); g_free (search_phrase); g_free (min_qod); g_free (delta_states); @@ -30027,7 +30033,6 @@ print_report_xml_start (report_t report, report_t delta, task_t task, { free (uuid); g_free (levels); - g_free (compliance_levels); g_free (search_phrase); g_free (min_qod); g_free (delta_states); @@ -30062,7 +30067,9 @@ print_report_xml_start (report_t report, report_t delta, task_t task, if (report) { /* Get total counts of full results. */ - if (strcmp (tsk_usage_type, "audit")) + #if COMPLIANCE_REPORTS == 1 + if (strcmp (tsk_usage_type, "audit")) + #endif { if (delta == 0) { @@ -30200,7 +30207,22 @@ print_report_xml_start (report_t report, report_t delta, task_t task, filters_extra_buffer = g_string_new (""); - if (strcmp (tsk_usage_type, "audit")) + #if COMPLIANCE_REPORTS == 1 + if (strcmp (tsk_usage_type, "audit") == 0) + { + compliance_levels = compliance_levels ? compliance_levels : g_strdup ("yniu"); + + if (strchr (compliance_levels, 'y')) + g_string_append (filters_extra_buffer, "Yes"); + if (strchr (compliance_levels, 'n')) + g_string_append (filters_extra_buffer, "No"); + if (strchr (compliance_levels, 'i')) + g_string_append (filters_extra_buffer, "Incomplete"); + if (strchr (compliance_levels, 'u')) + g_string_append (filters_extra_buffer, "Undefined"); + } + else + #endif { if (strchr (levels, 'h')) g_string_append (filters_extra_buffer, "High"); @@ -30213,17 +30235,6 @@ print_report_xml_start (report_t report, report_t delta, task_t task, if (strchr (levels, 'f')) g_string_append (filters_extra_buffer, "False Positive"); } - else - { - if (strchr (compliance_levels, 'y')) - g_string_append (filters_extra_buffer, "Yes"); - if (strchr (compliance_levels, 'n')) - g_string_append (filters_extra_buffer, "No"); - if (strchr (compliance_levels, 'i')) - g_string_append (filters_extra_buffer, "Incomplete"); - if (strchr (compliance_levels, 'u')) - g_string_append (filters_extra_buffer, "Undefined"); - } if (delta) { @@ -30488,56 +30499,60 @@ print_report_xml_start (report_t report, report_t delta, task_t task, } /* Prepare result counts. */ + #if COMPLIANCE_REPORTS == 1 + int compliance_yes, compliance_no; + int compliance_incomplete, compliance_undefined; + int total_compliance_count = 0; - if (strcmp (tsk_usage_type, "audit") == 0) - { - report_compliance_counts (report, get, &compliance_yes, &compliance_no, - &compliance_incomplete, &compliance_undefined); + if (strcmp (tsk_usage_type, "audit") == 0) + { + report_compliance_counts (report, get, &compliance_yes, &compliance_no, + &compliance_incomplete, &compliance_undefined); - total_compliance_count = compliance_yes - + compliance_no - + compliance_incomplete - + compliance_undefined; + total_compliance_count = compliance_yes + + compliance_no + + compliance_incomplete + + compliance_undefined; - f_compliance_yes = f_compliance_no = 0; - f_compliance_incomplete = f_compliance_undefined = 0; + f_compliance_yes = f_compliance_no = 0; + f_compliance_incomplete = f_compliance_undefined = 0; - if (count_filtered == 0) - { - report_compliance_f_counts (report, - get, - &f_compliance_yes, - &f_compliance_no, - &f_compliance_incomplete, - &f_compliance_undefined); - - f_compliance_count = f_compliance_yes - + f_compliance_no - + f_compliance_incomplete - + f_compliance_undefined; - } - } - else - { - if (count_filtered) - { - /* We're getting all the filtered results, so we can count them as we - * print them, to save time. */ + if (count_filtered == 0) + { + report_compliance_f_counts (report, + get, + &f_compliance_yes, + &f_compliance_no, + &f_compliance_incomplete, + &f_compliance_undefined); - report_counts_id_full (report, &holes, &infos, &logs, - &warnings, &false_positives, &severity, - get, NULL, NULL, NULL, NULL, NULL, NULL, NULL); + f_compliance_count = f_compliance_yes + + f_compliance_no + + f_compliance_incomplete + + f_compliance_undefined; + } + } else + #endif + { + if (count_filtered) + { + /* We're getting all the filtered results, so we can count them as we + * print them, to save time. */ - f_holes = f_infos = f_logs = f_warnings = 0; - f_false_positives = f_severity = 0; - } - else - report_counts_id_full (report, &holes, &infos, &logs, - &warnings, &false_positives, &severity, - get, NULL, - &f_holes, &f_infos, &f_logs, &f_warnings, - &f_false_positives, &f_severity); - } + report_counts_id_full (report, &holes, &infos, &logs, + &warnings, &false_positives, &severity, + get, NULL, NULL, NULL, NULL, NULL, NULL, NULL); + + f_holes = f_infos = f_logs = f_warnings = 0; + f_false_positives = f_severity = 0; + } + else + report_counts_id_full (report, &holes, &infos, &logs, + &warnings, &false_positives, &severity, + get, NULL, + &f_holes, &f_infos, &f_logs, &f_warnings, + &f_false_positives, &f_severity); + } /* Results. */ @@ -30602,31 +30617,31 @@ print_report_xml_start (report_t report, report_t delta, task_t task, /* Quiet erroneous compiler warning. */ result_hosts = NULL; - if (strcmp (tsk_usage_type, "audit")) - { - f_host_holes = g_hash_table_new_full (g_str_hash, g_str_equal, - g_free, NULL); - f_host_warnings = g_hash_table_new_full (g_str_hash, g_str_equal, - g_free, NULL); - f_host_infos = g_hash_table_new_full (g_str_hash, g_str_equal, - g_free, NULL); - f_host_logs = g_hash_table_new_full (g_str_hash, g_str_equal, + #if COMPLIANCE_REPORTS == 1 + if (strcmp (tsk_usage_type, "audit") == 0) + { + f_host_compliant = g_hash_table_new_full (g_str_hash, g_str_equal, + g_free, NULL); + f_host_notcompliant = g_hash_table_new_full (g_str_hash, g_str_equal, + g_free, NULL); + f_host_incomplete = g_hash_table_new_full (g_str_hash, g_str_equal, + g_free, NULL); + f_host_undefined = g_hash_table_new_full (g_str_hash, g_str_equal, + g_free, NULL); + } else + #endif + { + f_host_holes = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL); - f_host_false_positives = g_hash_table_new_full (g_str_hash, g_str_equal, - g_free, NULL); - } - else - { - f_host_compliant = g_hash_table_new_full (g_str_hash, g_str_equal, - g_free, NULL); - f_host_notcompliant = g_hash_table_new_full (g_str_hash, g_str_equal, - g_free, NULL); - f_host_incomplete = g_hash_table_new_full (g_str_hash, g_str_equal, - g_free, NULL); - f_host_undefined = g_hash_table_new_full (g_str_hash, g_str_equal, - g_free, NULL); - } - + f_host_warnings = g_hash_table_new_full (g_str_hash, g_str_equal, + g_free, NULL); + f_host_infos = g_hash_table_new_full (g_str_hash, g_str_equal, + g_free, NULL); + f_host_logs = g_hash_table_new_full (g_str_hash, g_str_equal, + g_free, NULL); + f_host_false_positives = g_hash_table_new_full (g_str_hash, g_str_equal, + g_free, NULL); + } if (delta && get->details) { @@ -30649,36 +30664,7 @@ print_report_xml_start (report_t report, report_t delta, task_t task, &orig_f_false_positives, &f_false_positives, result_hosts)) - { - fclose (out); - g_free (sort_field); - g_free (levels); - g_free (compliance_levels); - g_free (search_phrase); - g_free (min_qod); - g_free (delta_states); - cleanup_iterator (&results); - cleanup_iterator (&delta_results); - tz_revert (zone, tz, old_tz_override); - g_hash_table_destroy (f_host_ports); - if (strcmp (tsk_usage_type, "audit")) - { - g_hash_table_destroy (f_host_holes); - g_hash_table_destroy (f_host_warnings); - g_hash_table_destroy (f_host_infos); - g_hash_table_destroy (f_host_logs); - g_hash_table_destroy (f_host_false_positives); - - } - else - { - g_hash_table_destroy (f_host_compliant); - g_hash_table_destroy (f_host_notcompliant); - g_hash_table_destroy (f_host_incomplete); - g_hash_table_destroy (f_host_undefined); - } - return -1; - } + goto failed_delta_report; } else { @@ -30703,35 +30689,7 @@ print_report_xml_start (report_t report, report_t delta, task_t task, &f_compliance_undefined, &f_compliance_count, result_hosts)) - { - fclose (out); - g_free (sort_field); - g_free (levels); - g_free (compliance_levels); - g_free (search_phrase); - g_free (min_qod); - g_free (delta_states); - cleanup_iterator (&results); - cleanup_iterator (&delta_results); - tz_revert (zone, tz, old_tz_override); - g_hash_table_destroy (f_host_ports); - if (strcmp (tsk_usage_type, "audit")) - { - g_hash_table_destroy (f_host_holes); - g_hash_table_destroy (f_host_warnings); - g_hash_table_destroy (f_host_infos); - g_hash_table_destroy (f_host_logs); - g_hash_table_destroy (f_host_false_positives); - } - else - { - g_hash_table_destroy (f_host_compliant); - g_hash_table_destroy (f_host_notcompliant); - g_hash_table_destroy (f_host_incomplete); - g_hash_table_destroy (f_host_undefined); - } - return -1; - } + goto failed_delta_report; } } else if (get->details) @@ -30767,107 +30725,108 @@ print_report_xml_start (report_t report, report_t delta, task_t task, array_add_new_string (result_hosts, result_iterator_host (&results)); - if (strcmp (tsk_usage_type, "audit")) - { - double result_severity; - result_severity = result_iterator_severity_double (&results); - if (result_severity > f_severity) - f_severity = result_severity; + #if COMPLIANCE_REPORTS == 1 + if (strcmp (tsk_usage_type, "audit") == 0) + { + const char* compliance; + compliance = result_iterator_compliance (&results); - level = result_iterator_level (&results); + if (strcasecmp (compliance, "yes") == 0) + { + f_host_result_counts = f_host_compliant; + if (count_filtered) + f_compliance_yes++; + } + else if (strcasecmp (compliance, "no") == 0) + { + f_host_result_counts = f_host_notcompliant; + if (count_filtered) + f_compliance_no++; + } + else if (strcasecmp (compliance, "incomplete") == 0) + { + f_host_result_counts = f_host_incomplete; + if (count_filtered) + f_compliance_incomplete++; + } + else if (strcasecmp (compliance, "undefined") == 0) + { + f_host_result_counts = f_host_undefined; + if (count_filtered) + f_compliance_undefined++; + } + else + { + f_host_result_counts = NULL; + } - if (strcasecmp (level, "log") == 0) - { - f_host_result_counts = f_host_logs; - if (count_filtered) - f_logs++; - } - else if (strcasecmp (level, "high") == 0) - { - f_host_result_counts = f_host_holes; - if (count_filtered) - f_holes++; - } - else if (strcasecmp (level, "medium") == 0) - { - f_host_result_counts = f_host_warnings; - if (count_filtered) - f_warnings++; - } - else if (strcasecmp (level, "low") == 0) - { - f_host_result_counts = f_host_infos; - if (count_filtered) - f_infos++; - } - else if (strcasecmp (level, "false positive") == 0) - { - f_host_result_counts = f_host_false_positives; - if (count_filtered) - f_false_positives++; + if (f_host_result_counts) + { + const char *result_host = result_iterator_host (&results); + int result_count + = GPOINTER_TO_INT + (g_hash_table_lookup (f_host_result_counts, + result_host)); + + g_hash_table_replace (f_host_result_counts, + g_strdup (result_host), + GINT_TO_POINTER (result_count + 1)); } - else - f_host_result_counts = NULL; + } else + #endif + { + double result_severity; + result_severity = result_iterator_severity_double (&results); + if (result_severity > f_severity) + f_severity = result_severity; - if (f_host_result_counts) - { - const char *result_host = result_iterator_host (&results); - int result_count - = GPOINTER_TO_INT - (g_hash_table_lookup (f_host_result_counts, result_host)); - - g_hash_table_replace (f_host_result_counts, - g_strdup (result_host), - GINT_TO_POINTER (result_count + 1)); - } - } - else - { - const char* compliance; - compliance = result_iterator_compliance (&results); + level = result_iterator_level (&results); - if (strcasecmp (compliance, "yes") == 0) - { - f_host_result_counts = f_host_compliant; - if (count_filtered) - f_compliance_yes++; - } - else if (strcasecmp (compliance, "no") == 0) - { - f_host_result_counts = f_host_notcompliant; - if (count_filtered) - f_compliance_no++; - } - else if (strcasecmp (compliance, "incomplete") == 0) - { - f_host_result_counts = f_host_incomplete; - if (count_filtered) - f_compliance_incomplete++; - } - else if (strcasecmp (compliance, "undefined") == 0) - { - f_host_result_counts = f_host_undefined; - if (count_filtered) - f_compliance_undefined++; - } - else - { - f_host_result_counts = NULL; - } + if (strcasecmp (level, "log") == 0) + { + f_host_result_counts = f_host_logs; + if (count_filtered) + f_logs++; + } + else if (strcasecmp (level, "high") == 0) + { + f_host_result_counts = f_host_holes; + if (count_filtered) + f_holes++; + } + else if (strcasecmp (level, "medium") == 0) + { + f_host_result_counts = f_host_warnings; + if (count_filtered) + f_warnings++; + } + else if (strcasecmp (level, "low") == 0) + { + f_host_result_counts = f_host_infos; + if (count_filtered) + f_infos++; + } + else if (strcasecmp (level, "false positive") == 0) + { + f_host_result_counts = f_host_false_positives; + if (count_filtered) + f_false_positives++; + } + else + f_host_result_counts = NULL; - if (f_host_result_counts) - { - const char *result_host = result_iterator_host (&results); - int result_count - = GPOINTER_TO_INT - (g_hash_table_lookup (f_host_result_counts, - result_host)); - - g_hash_table_replace (f_host_result_counts, - g_strdup (result_host), - GINT_TO_POINTER (result_count + 1)); - } - } + if (f_host_result_counts) + { + const char *result_host = result_iterator_host (&results); + int result_count + = GPOINTER_TO_INT + (g_hash_table_lookup (f_host_result_counts, result_host)); + + g_hash_table_replace (f_host_result_counts, + g_strdup (result_host), + GINT_TO_POINTER (result_count + 1)); + } + } } PRINT (out, ""); @@ -30879,131 +30838,131 @@ print_report_xml_start (report_t report, report_t delta, task_t task, /* Print result counts and severity. */ - if (strcmp (tsk_usage_type, "audit")) - { - if (delta) - /** @todo The f_holes, etc. vars are setup to give the page count. */ - PRINT (out, - "" - "%i" - "%i" - "%i" - "%i" - "%i" - "" - "%i" - "" - "", - orig_filtered_result_count, - (strchr (levels, 'h') ? orig_f_holes : 0), - (strchr (levels, 'l') ? orig_f_infos : 0), - (strchr (levels, 'g') ? orig_f_logs : 0), - (strchr (levels, 'm') ? orig_f_warnings : 0), - (strchr (levels, 'f') ? orig_f_false_positives : 0)); - else - { - if (count_filtered) - filtered_result_count = f_holes + f_infos + f_logs - + f_warnings + false_positives; - + #if COMPLIANCE_REPORTS == 1 + if (strcmp (tsk_usage_type, "audit") == 0) + { + if (delta) PRINT (out, - "" - "%i" - "%i" + "" "%i" - "%i%i" - "%i%i" - "%i%i" - "%i%i" - "" + "%i" + "%i" + "%i" + "%i" + "", + f_compliance_count, + (strchr (compliance_levels, 'y') ? f_compliance_yes : 0), + (strchr (compliance_levels, 'n') ? f_compliance_no : 0), + (strchr (compliance_levels, 'i') ? f_compliance_incomplete : 0), + (strchr (compliance_levels, 'u') ? f_compliance_undefined : 0)); + else + { + if (count_filtered) + f_compliance_count = f_compliance_yes + + f_compliance_no + + f_compliance_incomplete + + f_compliance_undefined; + PRINT (out, + "" + "%i" "%i" "%i" - "" - "", - total_result_count, - total_result_count, - filtered_result_count, - holes, - (strchr (levels, 'h') ? f_holes : 0), - infos, - (strchr (levels, 'l') ? f_infos : 0), - logs, - (strchr (levels, 'g') ? f_logs : 0), - warnings, - (strchr (levels, 'm') ? f_warnings : 0), - false_positives, - (strchr (levels, 'f') ? f_false_positives : 0)); + "%i%i" + "%i%i" + "%i%i" + "%i%i" + "", + total_compliance_count, + total_compliance_count, + f_compliance_count, + compliance_yes, + (strchr (compliance_levels, 'y') ? f_compliance_yes : 0), + compliance_no, + (strchr (compliance_levels, 'n') ? f_compliance_no : 0), + compliance_incomplete, + (strchr (compliance_levels, 'i') ? f_compliance_incomplete : 0), + compliance_undefined, + (strchr (compliance_levels, 'i') ? f_compliance_undefined : 0)); + + PRINT (out, + "" + "%s" + "%s" + "", + report_compliance_from_counts (&compliance_yes, + &compliance_no, + &compliance_incomplete, + &compliance_undefined), + report_compliance_from_counts (&f_compliance_yes, + &f_compliance_no, + &f_compliance_incomplete, + &f_compliance_undefined)); + } + } else + #endif + { + if (delta) + /** @todo The f_holes, etc. vars are setup to give the page count. */ + PRINT (out, + "" + "%i" + "%i" + "%i" + "%i" + "%i" + "" + "%i" + "" + "", + orig_filtered_result_count, + (strchr (levels, 'h') ? orig_f_holes : 0), + (strchr (levels, 'l') ? orig_f_infos : 0), + (strchr (levels, 'g') ? orig_f_logs : 0), + (strchr (levels, 'm') ? orig_f_warnings : 0), + (strchr (levels, 'f') ? orig_f_false_positives : 0)); + else + { + if (count_filtered) + filtered_result_count = f_holes + f_infos + f_logs + + f_warnings + false_positives; - PRINT (out, - "" - "%1.1f" - "%1.1f" - "", - severity, - f_severity); - } - } - else - { - if (delta) PRINT (out, - "" - "%i" - "%i" - "%i" - "%i" - "%i" - "", - f_compliance_count, - (strchr (compliance_levels, 'y') ? f_compliance_yes : 0), - (strchr (compliance_levels, 'n') ? f_compliance_no : 0), - (strchr (compliance_levels, 'i') ? f_compliance_incomplete : 0), - (strchr (compliance_levels, 'u') ? f_compliance_undefined : 0)); - else - { - if (count_filtered) - f_compliance_count = f_compliance_yes - + f_compliance_no - + f_compliance_incomplete - + f_compliance_undefined; - PRINT (out, - "" + "" "%i" "%i" "%i" - "%i%i" - "%i%i" - "%i%i" - "%i%i" - "", - total_compliance_count, - total_compliance_count, - f_compliance_count, - compliance_yes, - (strchr (compliance_levels, 'y') ? f_compliance_yes : 0), - compliance_no, - (strchr (compliance_levels, 'n') ? f_compliance_no : 0), - compliance_incomplete, - (strchr (compliance_levels, 'i') ? f_compliance_incomplete : 0), - compliance_undefined, - (strchr (compliance_levels, 'i') ? f_compliance_undefined : 0)); - - PRINT (out, - "" - "%s" - "%s" - "", - report_compliance_from_counts (&compliance_yes, - &compliance_no, - &compliance_incomplete, - &compliance_undefined), - report_compliance_from_counts (&f_compliance_yes, - &f_compliance_no, - &f_compliance_incomplete, - &f_compliance_undefined)); - } - } + "%i%i" + "%i%i" + "%i%i" + "%i%i" + "" + "%i" + "%i" + "" + "", + total_result_count, + total_result_count, + filtered_result_count, + holes, + (strchr (levels, 'h') ? f_holes : 0), + infos, + (strchr (levels, 'l') ? f_infos : 0), + logs, + (strchr (levels, 'g') ? f_logs : 0), + warnings, + (strchr (levels, 'm') ? f_warnings : 0), + false_positives, + (strchr (levels, 'f') ? f_false_positives : 0)); + PRINT (out, + "" + "%1.1f" + "%1.1f" + "", + severity, + f_severity); + } + } if (host_summary) { @@ -31034,45 +30993,25 @@ print_report_xml_start (report_t report, report_t delta, task_t task, } if (present) { - - if (print_report_host_xml (out, - &hosts, - result_host, - tsk_usage_type, - lean, - host_summary_buffer, - f_host_ports, - f_host_holes, - f_host_warnings, - f_host_infos, - f_host_logs, - f_host_false_positives, - f_host_compliant, - f_host_notcompliant, - f_host_incomplete, - f_host_undefined)) - { - tz_revert (zone, tz, old_tz_override); - if (host_summary_buffer) - g_string_free (host_summary_buffer, TRUE); - g_hash_table_destroy (f_host_ports); - if (strcmp (tsk_usage_type, "audit")) - { - g_hash_table_destroy (f_host_holes); - g_hash_table_destroy (f_host_warnings); - g_hash_table_destroy (f_host_infos); - g_hash_table_destroy (f_host_logs); - g_hash_table_destroy (f_host_false_positives); + if (print_report_host_xml (out, + &hosts, + result_host, + tsk_usage_type, + lean, + host_summary_buffer, + f_host_ports, + f_host_holes, + f_host_warnings, + f_host_infos, + f_host_logs, + f_host_false_positives, + f_host_compliant, + f_host_notcompliant, + f_host_incomplete, + f_host_undefined)) - } - else - { - g_hash_table_destroy (f_host_compliant); - g_hash_table_destroy (f_host_notcompliant); - g_hash_table_destroy (f_host_incomplete); - g_hash_table_destroy (f_host_undefined); - } - return -1; + { + goto failed_print_report_host; } } cleanup_iterator (&hosts); @@ -31084,67 +31023,43 @@ print_report_xml_start (report_t report, report_t delta, task_t task, init_report_host_iterator (&hosts, report, NULL, 0); while (next (&hosts)) { - if (print_report_host_xml (out, - &hosts, - NULL, - tsk_usage_type, - lean, - host_summary_buffer, - f_host_ports, - f_host_holes, - f_host_warnings, - f_host_infos, - f_host_logs, - f_host_false_positives, - f_host_compliant, - f_host_notcompliant, - f_host_incomplete, - f_host_undefined)) - { - tz_revert (zone, tz, old_tz_override); - if (host_summary_buffer) - g_string_free (host_summary_buffer, TRUE); - g_hash_table_destroy (f_host_ports); - if (strcmp (tsk_usage_type, "audit")) - { - g_hash_table_destroy (f_host_holes); - g_hash_table_destroy (f_host_warnings); - g_hash_table_destroy (f_host_infos); - g_hash_table_destroy (f_host_logs); - g_hash_table_destroy (f_host_false_positives); - - } - else - { - g_hash_table_destroy (f_host_compliant); - g_hash_table_destroy (f_host_notcompliant); - g_hash_table_destroy (f_host_incomplete); - g_hash_table_destroy (f_host_undefined); - } - return -1; - } + &hosts, + NULL, + tsk_usage_type, + lean, + host_summary_buffer, + f_host_ports, + f_host_holes, + f_host_warnings, + f_host_infos, + f_host_logs, + f_host_false_positives, + f_host_compliant, + f_host_notcompliant, + f_host_incomplete, + f_host_undefined)) + goto failed_print_report_host; } cleanup_iterator (&hosts); } - - if (strcmp (tsk_usage_type, "audit")) - { - g_hash_table_destroy (f_host_holes); - g_hash_table_destroy (f_host_warnings); - g_hash_table_destroy (f_host_infos); - g_hash_table_destroy (f_host_logs); - g_hash_table_destroy (f_host_false_positives); - - } - else - { - g_hash_table_destroy (f_host_compliant); - g_hash_table_destroy (f_host_notcompliant); - g_hash_table_destroy (f_host_incomplete); - g_hash_table_destroy (f_host_undefined); - } - g_hash_table_destroy (f_host_ports); + #if COMPLIANCE_REPORTS == 1 + if (strcmp (tsk_usage_type, "audit") == 0) + { + g_hash_table_destroy (f_host_compliant); + g_hash_table_destroy (f_host_notcompliant); + g_hash_table_destroy (f_host_incomplete); + g_hash_table_destroy (f_host_undefined); + } else + #endif + { + g_hash_table_destroy (f_host_holes); + g_hash_table_destroy (f_host_warnings); + g_hash_table_destroy (f_host_infos); + g_hash_table_destroy (f_host_logs); + g_hash_table_destroy (f_host_false_positives); + } + g_hash_table_destroy (f_host_ports); /* Print TLS certificates */ @@ -31239,6 +31154,39 @@ print_report_xml_start (report_t report, report_t delta, task_t task, } return 0; + + failed_delta_report: + fclose (out); + g_free (sort_field); + g_free (levels); + g_free (search_phrase); + g_free (min_qod); + g_free (delta_states); + cleanup_iterator (&results); + cleanup_iterator (&delta_results); + failed_print_report_host: + if (host_summary_buffer) + g_string_free (host_summary_buffer, TRUE); + tz_revert (zone, tz, old_tz_override); + g_hash_table_destroy (f_host_ports); + #if COMPLIANCE_REPORTS == 1 + g_free (compliance_levels); + if (strcmp (tsk_usage_type, "audit") == 0) + { + g_hash_table_destroy (f_host_compliant); + g_hash_table_destroy (f_host_notcompliant); + g_hash_table_destroy (f_host_incomplete); + g_hash_table_destroy (f_host_undefined); + } else + #endif + { + g_hash_table_destroy (f_host_holes); + g_hash_table_destroy (f_host_warnings); + g_hash_table_destroy (f_host_infos); + g_hash_table_destroy (f_host_logs); + g_hash_table_destroy (f_host_false_positives); + } + return -1; } /** @@ -53545,8 +53493,10 @@ modify_setting (const gchar *uuid, const gchar *name, setting_name = g_strdup ("Alerts Filter"); else if (strcmp (uuid, "0f040d06-abf9-43a2-8f94-9de178b0e978") == 0) setting_name = g_strdup ("Assets Filter"); - else if (strcmp (uuid, "45414da7-55f0-44c1-abbb-6b7d1126fbdf") == 0) - setting_name = g_strdup ("Audit Reports Filter"); + #if COMPLIANCE_REPORTS == 1 + else if (strcmp (uuid, "45414da7-55f0-44c1-abbb-6b7d1126fbdf") == 0) + setting_name = g_strdup ("Audit Reports Filter"); + #endif else if (strcmp (uuid, "1a9fbd91-0182-44cd-bc88-a13a9b3b1bef") == 0) setting_name = g_strdup ("Configs Filter"); else if (strcmp (uuid, "186a5ac8-fe5a-4fb1-aa22-44031fb339f3") == 0) @@ -53670,9 +53620,10 @@ modify_setting (const gchar *uuid, const gchar *name, setting_name = g_strdup ("Reports Top Dashboard Configuration"); /* Audit Reports dashboard settings */ - else if (strcmp (uuid, "8083d77b-05bb-4b17-ab39-c81175cb512c") == 0) - setting_name = g_strdup ("Audit Reports Top Dashboard Configuration"); - + #if COMPLIANCE_REPORTS == 1 + else if (strcmp (uuid, "8083d77b-05bb-4b17-ab39-c81175cb512c") == 0) + setting_name = g_strdup ("Audit Reports Top Dashboard Configuration"); + #endif /* Results dashboard settings */ else if (strcmp (uuid, "0b8ae70d-d8fc-4418-8a72-e65ac8d2828e") == 0) setting_name = g_strdup ("Results Top Dashboard Configuration"); diff --git a/src/schema_formats/XML/GMP.xml.in b/src/schema_formats/XML/GMP.xml.in index 96be5f2a4..31d24711a 100644 --- a/src/schema_formats/XML/GMP.xml.in +++ b/src/schema_formats/XML/GMP.xml.in @@ -68,13 +68,15 @@ along with this program. If not, see . xsd:token { pattern = "y?n?i?u?" } + @IF_COMPLIANCE_REPORTS@ compliance_status A compliance status xsd:token { pattern = "yes|no|incomplete|undefined" } - + + @ENDIF_COMPLIANCE_REPORTS@ ctime A date and time, in the C `ctime' format @@ -2214,10 +2216,16 @@ along with this program. If not, see . permissions user_tags scan_run_status - result_count + @IF_COMPLIANCE_REPORTS@ + + @ENDIF_COMPLIANCE_REPORTS@ + result_count + severity + @IF_COMPLIANCE_REPORTS@ + compliance_count - severity compliance + @ENDIF_COMPLIANCE_REPORTS@ task ports results @@ -2544,7 +2552,7 @@ along with this program. If not, see . result_count - Counts of results produced by scan. Only for reports of a scan task + Counts of results produced by scan

The text contains the full count -- the total number of results @@ -2651,12 +2659,13 @@ along with this program. If not, see . + @IF_COMPLIANCE_REPORTS@ compliance_count

Counts of compliance results. Only for reports of an audit task.

- The text contains the full count -- the total number of compliance results. + The text contains the full count. The total number of compliance results.

@@ -2758,7 +2767,8 @@ along with this program. If not, see . integer - + + @ENDIF_COMPLIANCE_REPORTS@ severity @@ -2776,6 +2786,7 @@ along with this program. If not, see . Maximum severity of the report after filtering + @IF_COMPLIANCE_REPORTS@ compliance @@ -2792,7 +2803,8 @@ along with this program. If not, see . compliance_status Compliance of the report after filtering ("yes", "no", "incomplete" or "undefined") - + + @ENDIF_COMPLIANCE_REPORTS@ task @@ -3054,9 +3066,15 @@ along with this program. If not, see . start end port_count - result_count + @IF_COMPLIANCE_REPORTS@ + + @ENDIF_COMPLIANCE_REPORTS@ + result_count + @IF_COMPLIANCE_REPORTS@ + compliance_count host_compliance + @ENDIF_COMPLIANCE_REPORTS@ detail @@ -3099,7 +3117,7 @@ along with this program. If not, see . result_count - Only for scan reports + page hole @@ -3174,6 +3192,7 @@ along with this program. If not, see . + @IF_COMPLIANCE_REPORTS@ compliance_count Only for audit reports @@ -3242,7 +3261,8 @@ along with this program. If not, see . host_compliance Only for audit reports. Host compliance compliance_status - + + @ENDIF_COMPLIANCE_REPORTS@ detail A detail associated with the host @@ -18125,11 +18145,13 @@ END:VCALENDAR integer Minimum QoD of the results + @IF_COMPLIANCE_REPORTS@ + + @ENDIF_COMPLIANCE_REPORTS@ tag text @@ -18275,6 +18297,7 @@ END:VCALENDAR iso_time Scan end time + @IF_COMPLIANCE_REPORTS@ compliance_yes integer @@ -18294,7 +18317,8 @@ END:VCALENDAR compliant compliance_status Compliance state of the report. Can be yes, no, incomplete or undefined - + + @ENDIF_COMPLIANCE_REPORTS@ @@ -18364,6 +18388,7 @@ END:VCALENDAR boolean + @IF_COMPLIANCE_REPORTS@ usage_type Optional usage type to limit the reports to. Affects total count unlike filter @@ -18374,7 +18399,8 @@ END:VCALENDAR - + + @ENDIF_COMPLIANCE_REPORTS@ @@ -23153,9 +23179,15 @@ END:VCALENDAR timestamp scan_end - result_count - severity + @IF_COMPLIANCE_REPORTS@ + + @ENDIF_COMPLIANCE_REPORTS@ + result_count + severity + @IF_COMPLIANCE_REPORTS@ + compliance_count + @ENDIF_COMPLIANCE_REPORTS@ timestamp @@ -23167,7 +23199,7 @@ END:VCALENDAR result_count - Result counts for this report. Only for scan tasks + Result counts for this report false_positive log @@ -23199,8 +23231,9 @@ END:VCALENDAR severity severity - Maximum severity of the report. Only for scan tasks + Maximum severity of the report + @IF_COMPLIANCE_REPORTS@ compliance_count Complaince counts. Only for audit tasks @@ -23226,7 +23259,8 @@ END:VCALENDAR undefined integer - + + @ENDIF_COMPLIANCE_REPORTS@