greenbone · timopollmeier · Oct 5, 2023 · Aug 29, 2023 · Sep 4, 2023 · Sep 5, 2023
@@ -1821,6 +1821,7 @@ typedef struct
   char *preferences_config_id;  ///< ID of config to get preference values from.
   int details;           ///< Boolean.  Whether to include full NVT details.
   char *family;          ///< Name of family to which to limit NVT selection.
+  int lean;              ///< Boolean.  Whether to send fewer details.
   char *nvt_oid;         ///< Name of single NVT to get.
   int preference_count;  ///< Boolean.  Whether to include NVT preference count.
   int preferences;       ///< Boolean.  Whether to include NVT preferences.
@@ -5303,6 +5304,11 @@ gmp_xml_handle_start_element (/* unused */ GMarkupParseContext* context,
               get_nvts_data->details = 0;
             append_attribute (attribute_names, attribute_values, "family",
                               &get_nvts_data->family);
+            if (find_attribute (attribute_names, attribute_values,
+                                "lean", &attribute))
+              get_nvts_data->lean = strcmp (attribute, "0");
+            else
+              get_nvts_data->lean = 0;
             if (find_attribute (attribute_names, attribute_values,
                                 "preferences", &attribute))
               get_nvts_data->preferences = strcmp (attribute, "0");
@@ -7868,6 +7874,7 @@ gmp_xml_handle_start_element (/* unused */ GMarkupParseContext* context,
  * @param[in]  config      Config, used if preferences is true.
  * @param[in]  skip_cert_refs        If true, exclude CERT refs.
  * @param[in]  skip_tags             If true, exclude tags.
+ * @param[in]  lean                  If true, send fewer details.
  * @param[in]  write_to_client       Function to write to client.
  * @param[in]  write_to_client_data  Argument to \p write_to_client.
  *
@@ -7876,14 +7883,14 @@ gmp_xml_handle_start_element (/* unused */ GMarkupParseContext* context,
 static gboolean
 send_nvt (iterator_t *nvts, int details, int preferences, int pref_count,
           const char *timeout, config_t config, int skip_cert_refs,
-          int skip_tags,
+          int skip_tags, int lean,
           int (*write_to_client) (const char *, void*),
           void* write_to_client_data)
 {
   gchar *msg;
 
   msg = get_nvt_xml (nvts, details, pref_count, preferences, timeout, config,
-                     0, skip_cert_refs, skip_tags);
+                     0, skip_cert_refs, skip_tags, lean);
   if (send_to_client (msg, write_to_client, write_to_client_data))
     {
       g_free (msg);
@@ -13184,7 +13191,7 @@ handle_get_info (gmp_parser_t *gmp_parser, GError **error)
                            dfn_cert_adv_info_iterator_cve_refs (&info));
       else if (g_strcmp0 ("nvt", get_info_data->type) == 0)
         {
-          if (send_nvt (&info, 1, 1, -1, NULL, 0, 0, 0,
+          if (send_nvt (&info, 1, 1, -1, NULL, 0, 0, 0, 0,
                         gmp_parser->client_writer,
                         gmp_parser->client_writer_data))
             {
@@ -13405,6 +13412,12 @@ handle_get_nvts (gmp_parser_t *gmp_parser, GError **error)
          (XML_ERROR_SYNTAX ("get_nvts",
                             "The skip_tags attribute"
                             " requires the details attribute"));
+      else if ((get_nvts_data->details == 0)
+               && get_nvts_data->lean)
+        SEND_TO_CLIENT_OR_FAIL
+         (XML_ERROR_SYNTAX ("get_nvts",
+                            "The lean attribute"
+                            " requires the details attribute"));
       else if (((get_nvts_data->details == 0)
                 || ((get_nvts_data->config_id == NULL)
                     && (get_nvts_data->preferences_config_id == NULL)))
@@ -13515,6 +13528,7 @@ handle_get_nvts (gmp_parser_t *gmp_parser, GError **error)
                               pref_count, timeout, config,
                               get_nvts_data->skip_cert_refs,
                               get_nvts_data->skip_tags,
+                              get_nvts_data->lean,
                               gmp_parser->client_writer,
                               gmp_parser->client_writer_data))
                   {
@@ -13530,7 +13544,7 @@ handle_get_nvts (gmp_parser_t *gmp_parser, GError **error)
           else
             while (next (&nvts))
               {
-                if (send_nvt (&nvts, 0, 0, -1, NULL, 0, 0, 0,
+                if (send_nvt (&nvts, 0, 0, -1, NULL, 0, 0, 0, 0,
                               gmp_parser->client_writer,
                               gmp_parser->client_writer_data))
                   {
@@ -26803,6 +26817,7 @@ process_gmp_client_input ()
       return err;
     }
   from_client_end = from_client_start = 0;
+
   return 0;
 }
 

@@ -5639,13 +5639,14 @@ xsl_transform (gchar *stylesheet, gchar *xmlfile, gchar **param_names,
  * @param[in]  close_tag   Whether to close the NVT tag or not.
  * @param[in]  skip_cert_refs  Whether to exclude the CERT REFs.
  * @param[in]  skip_tags       Whether to exclude the tags.
+ * @param[in]  lean            Whether to send fewer details.
  *
  * @return A dynamically allocated string containing the XML description.
  */
 gchar *
 get_nvt_xml (iterator_t *nvts, int details, int pref_count,
              int preferences, const char *timeout, config_t config,
-             int close_tag, int skip_cert_refs, int skip_tags)
+             int close_tag, int skip_cert_refs, int skip_tags, int lean)
 {
   const char* oid = nvt_iterator_oid (nvts);
   const char* name = nvt_iterator_name (nvts);
@@ -5658,9 +5659,8 @@ get_nvt_xml (iterator_t *nvts, int details, int pref_count,
     {
       int tag_count;
       GString *refs_str, *tags_str, *buffer, *nvt_tags;
-      iterator_t cert_refs_iterator, tags, severities;
+      iterator_t cert_refs_iterator, tags;
       gchar *tag_name_esc, *tag_value_esc, *tag_comment_esc;
-      char *default_timeout = nvt_default_timeout (oid);
 
       DEF (family);
       DEF (tag);
@@ -5811,77 +5811,95 @@ get_nvt_xml (iterator_t *nvts, int details, int pref_count,
       g_string_append_printf (buffer,
                               "<nvt oid=\"%s\">"
                               "<name>%s</name>"
-                              "<creation_time>%s</creation_time>"
-                              "<modification_time>%s</modification_time>"
                               "%s" // user_tags
-                              "<category>%d</category>"
-                              "<family>%s</family>"
-                              "<cvss_base>%s</cvss_base>"
-                              "<severities score=\"%s\">",
+                              "<preference_count>%i</preference_count>"
+                              "<timeout>%s</timeout>",
                               oid,
                               name_text,
-                              get_iterator_creation_time (nvts)
-                               ? get_iterator_creation_time (nvts)
-                               : "",
-                              get_iterator_modification_time (nvts)
-                               ? get_iterator_modification_time (nvts)
-                               : "",
                               tags_str ? tags_str->str : "",
-                              nvt_iterator_category (nvts),
-                              family_text,
-                              nvt_iterator_cvss_base (nvts)
-                               ? nvt_iterator_cvss_base (nvts)
-                               : "",
+                              pref_count,
+                              timeout ? timeout : "");
+
+      if (lean == 0)
+        {
+          char *default_timeout;
+
+          default_timeout = nvt_default_timeout (oid);
+          g_string_append_printf (buffer,
+                                  "<default_timeout>%s</default_timeout>"
+                                  "<creation_time>%s</creation_time>"
+                                  "<modification_time>%s</modification_time>"
+                                  "<category>%d</category>"
+                                  "<family>%s</family>"
+                                  "<cvss_base>%s</cvss_base>"
+                                  "<qod>"
+                                  "<value>%s</value>"
+                                  "<type>%s</type>"
+                                  "</qod>"
+                                  "<refs>%s</refs>"
+                                  "<tags>%s</tags>",
+                                  default_timeout ? default_timeout : "",
+                                  get_iterator_creation_time (nvts)
+                                  ? get_iterator_creation_time (nvts)
+                                  : "",
+                                  get_iterator_modification_time (nvts)
+                                  ? get_iterator_modification_time (nvts)
+                                  : "",
+                                  nvt_iterator_category (nvts),
+                                  family_text,
+                                  nvt_iterator_cvss_base (nvts)
+                                  ? nvt_iterator_cvss_base (nvts)
+                                  : "",
+                                  nvt_iterator_qod (nvts),
+                                  nvt_iterator_qod_type (nvts),
+                                  refs_str->str,
+                                  nvt_tags->str);
+          free (default_timeout);
+        }
+
+      g_string_append_printf (buffer,
+                              "<severities score=\"%s\">",
                               nvt_iterator_cvss_base (nvts)
-                               ? nvt_iterator_cvss_base (nvts)
-                               : "");
+                              ? nvt_iterator_cvss_base (nvts)
+                              : "");
 
-      init_nvt_severity_iterator (&severities, oid);
-      while (next (&severities))
+      if (lean == 0)
         {
-          buffer_xml_append_printf
-              (buffer,
-               "<severity type=\"%s\">"
-               "<origin>%s</origin>"
-               "<date>%s</date>"
-               "<score>%0.1f</score>"
-               "<value>%s</value>"
-               "</severity>",
-               nvt_severity_iterator_type (&severities),
-               nvt_severity_iterator_origin (&severities),
-               nvt_severity_iterator_date (&severities),
-               nvt_severity_iterator_score (&severities),
-               nvt_severity_iterator_value (&severities));
+          iterator_t severities;
+
+          init_nvt_severity_iterator (&severities, oid);
+          while (next (&severities))
+            {
+              buffer_xml_append_printf
+                (buffer,
+                 "<severity type=\"%s\">"
+                 "<origin>%s</origin>"
+                 "<date>%s</date>"
+                 "<score>%0.1f</score>"
+                 "<value>%s</value>"
+                 "</severity>",
+                 nvt_severity_iterator_type (&severities),
+                 nvt_severity_iterator_origin (&severities),
+                 nvt_severity_iterator_date (&severities),
+                 nvt_severity_iterator_score (&severities),
+                 nvt_severity_iterator_value (&severities));
+            }
+          cleanup_iterator (&severities);
         }
-      cleanup_iterator (&severities);
 
       g_string_append_printf (buffer,
-                              "</severities>"
-                              "<qod>"
-                              "<value>%s</value>"
-                              "<type>%s</type>"
-                              "</qod>"
-                              "<refs>%s</refs>"
-                              "<tags>%s</tags>"
-                              "<preference_count>%i</preference_count>"
-                              "<timeout>%s</timeout>"
-                              "<default_timeout>%s</default_timeout>",
-                              nvt_iterator_qod (nvts),
-                              nvt_iterator_qod_type (nvts),
-                              refs_str->str,
-                              nvt_tags->str,
-                              pref_count,
-                              timeout ? timeout : "",
-                              default_timeout ? default_timeout : "");
+                              "</severities>");
+
       g_free (family_text);
       g_string_free (nvt_tags, 1);
       g_string_free (refs_str, 1);
       if (tags_str)
         g_string_free (tags_str, 1);
 
-      if (nvt_iterator_solution (nvts) ||
-          nvt_iterator_solution_type (nvts) ||
-          nvt_iterator_solution_method (nvts))
+      if (lean == 0
+          && (nvt_iterator_solution (nvts)
+              || nvt_iterator_solution_type (nvts)
+              || nvt_iterator_solution_method (nvts)))
         {
           buffer_xml_append_printf (buffer, "<solution");
 
@@ -5900,11 +5918,14 @@ get_nvt_xml (iterator_t *nvts, int details, int pref_count,
             buffer_xml_append_printf (buffer, "/>");
         }
 
-
       if (preferences)
         {
           iterator_t prefs;
-          const char *nvt_oid = nvt_iterator_oid (nvts);
+          char *default_timeout;
+          const char *nvt_oid;
+
+          default_timeout = nvt_default_timeout (oid);
+          nvt_oid = nvt_iterator_oid (nvts);
 
           /* Send the preferences for the NVT. */
 
@@ -5921,11 +5942,11 @@ get_nvt_xml (iterator_t *nvts, int details, int pref_count,
           cleanup_iterator (&prefs);
 
           xml_string_append (buffer, "</preferences>");
+          free (default_timeout);
         }
 
       xml_string_append (buffer, close_tag ? "</nvt>" : "");
       msg = g_string_free (buffer, FALSE);
-      free (default_timeout);
     }
   else
     {
@@ -6055,7 +6076,8 @@ manage_read_info (gchar *type, gchar *uid, gchar *name, gchar **result)
                                    0,    /* Config. */
                                    1,    /* Close tag. */
                                    0,    /* Skip CERT refs. */
-                                   0);   /* Skip tags. */
+                                   0,    /* Skip tags. */
+                                   0);   /* Lean. */
 
           cleanup_iterator (&nvts);
         }

@@ -1998,7 +1998,7 @@ void
 xml_append_nvt_refs (GString *, const char *, int *);
 
 gchar*
-get_nvt_xml (iterator_t*, int, int, int, const char*, config_t, int, int, int);
+get_nvt_xml (iterator_t*, int, int, int, const char*, config_t, int, int, int, int);
 
 char*
 task_preference_value (task_t, const char *);

@@ -13236,6 +13236,11 @@ END:VCALENDAR
         <summary>Whether to include full details</summary>
         <type>boolean</type>
       </attrib>
+      <attrib>
+        <name>lean</name>
+        <summary>Whether to send fewer details</summary>
+        <type>boolean</type>
+      </attrib>
       <attrib>
         <name>preferences</name>
         <summary>Whether to include preference</summary>