1 /* Copyright (C) 2009-2021 Greenbone Networks GmbH
2 *
3 * SPDX-License-Identifier: AGPL-3.0-or-later
4 *
5 * This program is free software: you can redistribute it and/or modify
6 * it under the terms of the GNU Affero General Public License as
7 * published by the Free Software Foundation, either version 3 of the
8 * License, or (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU Affero General Public License for more details.
14 *
15 * You should have received a copy of the GNU Affero General Public License
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
17 */
18
19 /**
20 * @file gmp.c
21 * @brief The Greenbone Vulnerability Manager GMP library.
22 *
23 * This file defines a Greenbone Management Protocol (GMP) library, for
24 * implementing managers such as the Greenbone Vulnerability Manager
25 * daemon.
26 *
27 * The library provides \ref process_gmp_client_input.
28 * This function parses a given string of GMP XML and tracks and manipulates
29 * tasks in reaction to the GMP commands in the string.
30 */
31
32 /**
33 * @internal
34 * The GMP-"Processor" is always in a state (\ref client_state_t
35 * \ref client_state ) and currently looking at the opening of a GMP element
36 * (\ref gmp_xml_handle_start_element ), at the text of a GMP element
37 * (\ref gmp_xml_handle_text ) or at the closing of a GMP element
38 * (\ref gmp_xml_handle_end_element ).
39 *
40 * The state usually represents the current location of the parser within the
41 * XML (GMP) tree. There has to be one state for every GMP element.
42 *
43 * State transitions occur in the start and end element handler callbacks.
44 *
45 * Generally, the strategy is to wait until the closing of an element before
46 * doing any action or sending a response. Also, error cases are to be detected
47 * in the end element handler.
48 *
49 * If data has to be stored, it goes to \ref command_data (_t) , which is a
50 * union.
51 * More specific incarnations of this union are e.g. \ref create_user_data (_t)
52 * , where the data to create a new user is stored (until the end element of
53 * that command is reached).
54 *
55 * For implementing new commands that have to store data (e.g. not
56 * "\<help_extended/\>"), \ref command_data has to be freed and NULL'ed in case
57 * of errors and the \ref current_state has to be reset.
58 * It can then be assumed that it is NULL'ed at the start of every new
59 * command element. To implement a new start element handler, be sure to just
60 * copy an existing case and keep its structure.
61 *
62 * Attributes are easier to implement than elements.
63 * E.g.
64 * @code
65 * <key_value_pair key="k" value="v"/>
66 * @endcode
67 * is obviously easier to handle than
68 * @code
69 * <key><attribute name="k"/><value>v</value></key>
70 * @endcode
71 * .
72 * For this reason the GET commands like GET_TASKS all use attributes only.
73 *
74 * However, for the other commands it is preferred to avoid attributes and use
75 * the text of elements
76 * instead, like in
77 * @code
78 * <key_value_pair><key>k</key><value>v</value></key_value_pair>
79 * @endcode
80 * .
81 *
82 * If new elements are built of multiple words, separate the words with an
83 * underscore.
84 */
85
86 #include "gmp.h"
87 #include "gmp_base.h"
88 #include "gmp_delete.h"
89 #include "gmp_get.h"
90 #include "gmp_configs.h"
91 #include "gmp_port_lists.h"
92 #include "gmp_report_formats.h"
93 #include "gmp_tickets.h"
94 #include "gmp_tls_certificates.h"
95 #include "manage.h"
96 #include "manage_acl.h"
97 #include "manage_port_lists.h"
98 #include "manage_report_formats.h"
99 #include "utils.h"
100
101 #include <arpa/inet.h>
102 #include <assert.h>
103 #include <errno.h>
104 #include <fcntl.h>
105 #include <glib/gstdio.h>
106 #include <math.h>
107 #include <netinet/in.h>
108 #include <string.h>
109 #include <stdlib.h>
110 #include <sys/file.h>
111 #include <sys/socket.h>
112 #include <sys/stat.h>
113 #include <sys/types.h>
114 #include <sys/wait.h>
115 #include <unistd.h>
116
117 #include <gnutls/x509.h>
118
119 #include <gvm/base/strings.h>
120 #include <gvm/base/logging.h>
121 #include <gvm/base/pwpolicy.h>
122 #include <gvm/util/gpgmeutils.h>
123 #include <gvm/util/fileutils.h>
124 #include <gvm/util/sshutils.h>
125 #include <gvm/util/authutils.h>
126
127 #undef G_LOG_DOMAIN
128 /**
129 * @brief GLib log domain.
130 */
131 #define G_LOG_DOMAIN "md gmp"
132
133
134 /* Static headers. */
135
136 /** @todo Exported for manage_sql.c. */
137 void
138 buffer_results_xml (GString *, iterator_t *, task_t, int, int, int, int, int,
139 int, int, const char *, iterator_t *, int, int, int);
140
141
142 /* Helper functions. */
143
144 /**
145 * @brief A simple key/value-pair.
146 */
147 typedef struct
148 {
149 gchar *key; ///< The key.
150 gchar *value; ///< The value.
151 } auth_conf_setting_t;
152
153 /**
154 * @brief Check that a string represents a valid x509 Certificate.
155 *
156 * @param[in] cert_str Certificate string.
157 *
158 * @return 0 if valid, 1 otherwise.
159 */
160 static int
check_certificate_x509(const char * cert_str)161 check_certificate_x509 (const char *cert_str)
162 {
163 gnutls_x509_crt_t crt;
164 gnutls_datum_t data;
165 int ret = 0;
166
167 assert (cert_str);
168 if (gnutls_x509_crt_init (&crt))
169 return 1;
170 data.size = strlen (cert_str);
171 data.data = (void *) g_strdup (cert_str);
172 if (gnutls_x509_crt_import (crt, &data, GNUTLS_X509_FMT_PEM))
173 {
174 gnutls_x509_crt_deinit (crt);
175 g_free (data.data);
176 return 1;
177 }
178
179 if (time (NULL) > gnutls_x509_crt_get_expiration_time (crt))
180 {
181 g_warning ("Certificate expiration time passed");
182 ret = 1;
183 }
184 if (time (NULL) < gnutls_x509_crt_get_activation_time (crt))
185 {
186 g_warning ("Certificate activation time in the future");
187 ret = 1;
188 }
189 g_free (data.data);
190 gnutls_x509_crt_deinit (crt);
191 return ret;
192 }
193
194 /**
195 * @brief Check that a string represents a valid public key or certificate.
196 *
197 * @param[in] key_str Key string.
198 * @param[in] key_types GArray of the data types to check for.
199 * @param[in] protocol The GPG protocol to check.
200 *
201 * @return 0 if valid, 1 otherwise.
202 */
203 static int
try_gpgme_import(const char * key_str,GArray * key_types,gpgme_protocol_t protocol)204 try_gpgme_import (const char *key_str, GArray *key_types,
205 gpgme_protocol_t protocol)
206 {
207 int ret = 0;
208 gpgme_ctx_t ctx;
209 char gpg_temp_dir[] = "/tmp/gvmd-gpg-XXXXXX";
210
211 if (mkdtemp (gpg_temp_dir) == NULL)
212 {
213 g_warning ("%s: mkdtemp failed", __func__);
214 return -1;
215 }
216
217 gpgme_new (&ctx);
218 gpgme_ctx_set_engine_info (ctx, protocol, NULL, gpg_temp_dir);
219 gpgme_set_protocol (ctx, protocol);
220
221 ret = gvm_gpg_import_many_types_from_string (ctx, key_str, -1, key_types);
222
223 gpgme_release (ctx);
224 gvm_file_remove_recurse (gpg_temp_dir);
225
226 return ret != 0;
227 }
228
229 /**
230 * @brief Check that a string represents a valid S/MIME Certificate.
231 *
232 * @param[in] cert_str Certificate string.
233 *
234 * @return 0 if valid, 1 otherwise.
235 */
236 static int
check_certificate_smime(const char * cert_str)237 check_certificate_smime (const char *cert_str)
238 {
239 int ret;
240 const gpgme_data_type_t types_ptr[2] = {GPGME_DATA_TYPE_X509_CERT,
241 GPGME_DATA_TYPE_CMS_OTHER};
242 GArray *key_types = g_array_new (FALSE, FALSE, sizeof (gpgme_data_type_t));
243
244 g_array_append_vals (key_types, types_ptr, 2);
245 ret = try_gpgme_import (cert_str, key_types, GPGME_PROTOCOL_CMS);
246 g_array_free (key_types, TRUE);
247
248 return ret;
249 }
250
251 /**
252 * @brief Check that a string represents a valid certificate.
253 *
254 * The type of certificate accepted depends on the credential_type.
255 *
256 * @param[in] cert_str Certificate string.
257 * @param[in] credential_type The credential type to assume.
258 *
259 * @return 0 if valid, 1 otherwise.
260 */
261 static int
check_certificate(const char * cert_str,const char * credential_type)262 check_certificate (const char *cert_str, const char *credential_type)
263 {
264 if (credential_type && strcmp (credential_type, "smime") == 0)
265 return check_certificate_smime (cert_str);
266 else
267 return check_certificate_x509 (cert_str);
268 }
269
270 /**
271 * @brief Check that a string represents a valid Public Key.
272 *
273 * @param[in] key_str Public Key string.
274 *
275 * @return 0 if valid, 1 otherwise.
276 */
277 static int
check_public_key(const char * key_str)278 check_public_key (const char *key_str)
279 {
280 int ret;
281 const gpgme_data_type_t types_ptr[1] = {GPGME_DATA_TYPE_PGP_KEY};
282 GArray *key_types = g_array_new (FALSE, FALSE, sizeof (gpgme_data_type_t));
283
284 g_array_append_vals (key_types, types_ptr, 1);
285 ret = try_gpgme_import (key_str, key_types, GPGME_PROTOCOL_OPENPGP);
286 g_array_free (key_types, TRUE);
287
288 return ret;
289 }
290
291
292 /* GMP parser. */
293
294 static int
295 process_gmp (gmp_parser_t *, const gchar *, gchar **);
296
297 /**
298 * @brief Create a GMP parser.
299 *
300 * @param[in] write_to_client Function to write to client.
301 * @param[in] write_to_client_data Argument to \p write_to_client.
302 * @param[in] disable Commands to disable. Copied, and freed by
303 * gmp_parser_free.
304 *
305 * @return A GMP parser.
306 */
307 static gmp_parser_t *
gmp_parser_new(int (* write_to_client)(const char *,void *),void * write_to_client_data,gchar ** disable)308 gmp_parser_new (int (*write_to_client) (const char*, void*), void* write_to_client_data,
309 gchar **disable)
310 {
311 gmp_parser_t *gmp_parser = (gmp_parser_t*) g_malloc0 (sizeof (gmp_parser_t));
312 gmp_parser->client_writer = write_to_client;
313 gmp_parser->client_writer_data = write_to_client_data;
314 gmp_parser->read_over = 0;
315 gmp_parser->disabled_commands = g_strdupv (disable);
316 return gmp_parser;
317 }
318
319 /**
320 * @brief Free a GMP parser.
321 *
322 * @param[in] gmp_parser GMP parser.
323 */
324 static void
gmp_parser_free(gmp_parser_t * gmp_parser)325 gmp_parser_free (gmp_parser_t *gmp_parser)
326 {
327 g_strfreev (gmp_parser->disabled_commands);
328 g_free (gmp_parser);
329 }
330
331 /**
332 * @brief Check if command has been disabled.
333 *
334 * @param[in] gmp_parser Parser.
335 * @param[in] name Command name.
336 *
337 * @return 1 disabled, 0 enabled.
338 */
339 static int
command_disabled(gmp_parser_t * gmp_parser,const gchar * name)340 command_disabled (gmp_parser_t *gmp_parser, const gchar *name)
341 {
342 gchar **disabled;
343 disabled = gmp_parser->disabled_commands;
344 if (disabled)
345 while (*disabled)
346 {
347 if (strcasecmp (*disabled, name) == 0)
348 return 1;
349 disabled++;
350 }
351 return 0;
352 }
353
354
355 /* Command data passed between parser callbacks. */
356
357 /**
358 * @brief Command data for the create_asset command.
359 */
360 typedef struct
361 {
362 char *name; ///< Name of asset.
363 char *comment; ///< Comment on asset.
364 char *filter_term; ///< Filter term, for report.
365 char *report_id; ///< Report UUID.
366 char *type; ///< Type of asset.
367 } create_asset_data_t;
368
369 /**
370 * @brief Reset command data.
371 *
372 * @param[in] data Command data.
373 */
374 static void
create_asset_data_reset(create_asset_data_t * data)375 create_asset_data_reset (create_asset_data_t *data)
376 {
377 free (data->comment);
378 free (data->filter_term);
379 free (data->report_id);
380 free (data->type);
381 free (data->name);
382
383 memset (data, 0, sizeof (create_asset_data_t));
384 }
385
386 /**
387 * @brief Command data for the create_alert command.
388 *
389 * The pointers in the *_data arrays point to memory that contains two
390 * strings concatenated, with a single \\0 between them. The first string
391 * is the name of the extra data (for example "To Address"), the second is
392 * the value the the data (for example "alice@example.org").
393 */
394 typedef struct
395 {
396 char *active; ///< Whether the alert is active.
397 char *comment; ///< Comment.
398 char *copy; ///< UUID of alert to copy.
399 char *condition; ///< Condition for alert, e.g. "Always".
400 array_t *condition_data; ///< Array of pointers. Extra data for condition.
401 char *event; ///< Event that will cause alert.
402 array_t *event_data; ///< Array of pointers. Extra data for event.
403 char *filter_id; ///< UUID of filter.
404 char *method; ///< Method of alert, e.g. "Email".
405 array_t *method_data; ///< Array of pointer. Extra data for method.
406 char *name; ///< Name of alert.
407 char *part_data; ///< Second part of data during *_data: value.
408 char *part_name; ///< First part of data during *_data: name.
409 } create_alert_data_t;
410
411 /**
412 * @brief Reset command data.
413 *
414 * @param[in] data Command data.
415 */
416 static void
create_alert_data_reset(create_alert_data_t * data)417 create_alert_data_reset (create_alert_data_t *data)
418 {
419 free (data->active);
420 free (data->comment);
421 free (data->copy);
422 free (data->condition);
423 array_free (data->condition_data);
424 free (data->event);
425 array_free (data->event_data);
426 free (data->filter_id);
427 free (data->method);
428 array_free (data->method_data);
429 free (data->name);
430 free (data->part_data);
431 free (data->part_name);
432
433 memset (data, 0, sizeof (create_alert_data_t));
434 }
435
436 /**
437 * @brief Command data for the create_credential command.
438 */
439 typedef struct
440 {
441 char *allow_insecure; ///< Whether to allow insecure use.
442 char *certificate; ///< Certificate for client certificate auth.
443 char *comment; ///< Comment.
444 char *copy; ///< UUID of resource to copy.
445 int key; ///< Whether the command included a key element.
446 char *key_phrase; ///< Passphrase for key.
447 char *key_private; ///< Private key from key.
448 char *key_public; ///< Public key from key.
449 char *login; ///< Login name.
450 char *name; ///< Credential name.
451 char *password; ///< Password associated with login name.
452 char *community; ///< SNMP Community string.
453 char *auth_algorithm; ///< SNMP Authentication algorithm.
454 char *privacy_password; ///< SNMP Privacy password.
455 char *privacy_algorithm; ///< SNMP Privacy algorithm.
456 char *type; ///< Type of credential.
457 } create_credential_data_t;
458
459 /**
460 * @brief Reset command data.
461 *
462 * @param[in] data Command data.
463 */
464 static void
create_credential_data_reset(create_credential_data_t * data)465 create_credential_data_reset (create_credential_data_t *data)
466 {
467 free (data->allow_insecure);
468 free (data->certificate);
469 free (data->comment);
470 free (data->copy);
471 free (data->key_phrase);
472 free (data->key_private);
473 free (data->key_public);
474 free (data->login);
475 free (data->name);
476 free (data->password);
477 free (data->community);
478 free (data->auth_algorithm);
479 free (data->privacy_password);
480 free (data->privacy_algorithm);
481 free (data->type);
482
483 memset (data, 0, sizeof (create_credential_data_t));
484 }
485
486 /**
487 * @brief Command data for the create_filter command.
488 */
489 typedef struct
490 {
491 char *comment; ///< Comment.
492 char *copy; ///< UUID of resource to copy.
493 char *name; ///< Name of new filter.
494 char *term; ///< Filter term.
495 char *type; ///< Type of new filter.
496 } create_filter_data_t;
497
498 /**
499 * @brief Reset command data.
500 *
501 * @param[in] data Command data.
502 */
503 static void
create_filter_data_reset(create_filter_data_t * data)504 create_filter_data_reset (create_filter_data_t *data)
505 {
506 free (data->comment);
507 free (data->copy);
508 free (data->name);
509 free (data->term);
510 free (data->type);
511
512 memset (data, 0, sizeof (create_filter_data_t));
513 }
514
515 /**
516 * @brief Command data for the create_group command.
517 */
518 typedef struct
519 {
520 char *comment; ///< Comment.
521 char *copy; ///< UUID of resource to copy.
522 char *name; ///< Name of new group.
523 char *users; ///< Users belonging to new group.
524 int special_full; ///< Boolean. Give group Super on itself.
525 } create_group_data_t;
526
527 /**
528 * @brief Reset command data.
529 *
530 * @param[in] data Command data.
531 */
532 static void
create_group_data_reset(create_group_data_t * data)533 create_group_data_reset (create_group_data_t *data)
534 {
535 free (data->comment);
536 free (data->copy);
537 free (data->name);
538 free (data->users);
539
540 memset (data, 0, sizeof (create_group_data_t));
541 }
542
543 /**
544 * @brief Command data for the create_note command.
545 */
546 typedef struct
547 {
548 char *active; ///< Whether the note is active.
549 char *copy; ///< UUID of resource to copy.
550 char *hosts; ///< Hosts to which to limit override.
551 char *nvt_oid; ///< NVT to which to limit override.
552 char *port; ///< Port to which to limit override.
553 char *result_id; ///< ID of result to which to limit override.
554 char *severity; ///< Severity score to which to limit note.
555 char *task_id; ///< ID of task to which to limit override.
556 char *text; ///< Text of override.
557 char *threat; ///< Threat to which to limit override.
558 } create_note_data_t;
559
560 /**
561 * @brief Reset command data.
562 *
563 * @param[in] data Command data.
564 */
565 static void
create_note_data_reset(create_note_data_t * data)566 create_note_data_reset (create_note_data_t *data)
567 {
568 free (data->active);
569 free (data->copy);
570 free (data->hosts);
571 free (data->nvt_oid);
572 free (data->port);
573 free (data->result_id);
574 free (data->severity);
575 free (data->task_id);
576 free (data->text);
577 free (data->threat);
578
579 memset (data, 0, sizeof (create_note_data_t));
580 }
581
582 /**
583 * @brief Command data for the create_override command.
584 */
585 typedef struct
586 {
587 char *active; ///< Whether the override is active.
588 char *copy; ///< UUID of resource to copy.
589 char *hosts; ///< Hosts to which to limit override.
590 char *new_threat; ///< New threat value of overridden results.
591 char *new_severity; ///< New severity score of overridden results.
592 char *nvt_oid; ///< NVT to which to limit override.
593 char *port; ///< Port to which to limit override.
594 char *result_id; ///< ID of result to which to limit override.
595 char *severity; ///< Severity score of results to override.
596 char *task_id; ///< ID of task to which to limit override.
597 char *text; ///< Text of override.
598 char *threat; ///< Threat to which to limit override.
599 } create_override_data_t;
600
601 /**
602 * @brief Reset command data.
603 *
604 * @param[in] data Command data.
605 */
606 static void
create_override_data_reset(create_override_data_t * data)607 create_override_data_reset (create_override_data_t *data)
608 {
609 free (data->active);
610 free (data->copy);
611 free (data->hosts);
612 free (data->new_threat);
613 free (data->new_severity);
614 free (data->nvt_oid);
615 free (data->port);
616 free (data->result_id);
617 free (data->task_id);
618 free (data->text);
619 free (data->threat);
620 free (data->severity);
621
622 memset (data, 0, sizeof (create_override_data_t));
623 }
624
625 /**
626 * @brief Command data for the create_permission command.
627 */
628 typedef struct
629 {
630 char *comment; ///< Comment.
631 char *copy; ///< UUID of resource to copy.
632 char *name; ///< Permission name.
633 char *resource_type; ///< Resource type, for special permissions.
634 char *resource_id; ///< Resource permission applies to.
635 char *subject_type; ///< Subject type permission applies to.
636 char *subject_id; ///< Subject permission applies to.
637 } create_permission_data_t;
638
639 /**
640 * @brief Reset command data.
641 *
642 * @param[in] data Command data.
643 */
644 static void
create_permission_data_reset(create_permission_data_t * data)645 create_permission_data_reset (create_permission_data_t *data)
646 {
647 free (data->comment);
648 free (data->copy);
649 free (data->name);
650 free (data->resource_type);
651 free (data->resource_id);
652 free (data->subject_type);
653 free (data->subject_id);
654
655 memset (data, 0, sizeof (create_permission_data_t));
656 }
657
658 /**
659 * @brief Command data for the create_port_range command.
660 */
661 typedef struct
662 {
663 char *comment; ///< Comment.
664 char *end; ///< Last port.
665 char *port_list_id; ///< Port list for new port range.
666 char *start; ///< First port.
667 char *type; ///< Type of new port range.
668 } create_port_range_data_t;
669
670 /**
671 * @brief Reset command data.
672 *
673 * @param[in] data Command data.
674 */
675 static void
create_port_range_data_reset(create_port_range_data_t * data)676 create_port_range_data_reset (create_port_range_data_t *data)
677 {
678 free (data->comment);
679 free (data->end);
680 free (data->port_list_id);
681 free (data->start);
682 free (data->type);
683
684 memset (data, 0, sizeof (create_port_range_data_t));
685 }
686
687 /**
688 * @brief Command data for the create_report command.
689 */
690 typedef struct
691 {
692 char *detail_name; ///< Name of current host detail.
693 char *detail_value; ///< Value of current host detail.
694 char *detail_source_name; ///< Name of source of current host detail.
695 char *detail_source_type; ///< Type of source of current host detail.
696 char *detail_source_desc; ///< Description of source of current detail.
697 array_t *details; ///< Host details.
698 char *host_end; ///< End time for a host.
699 char *host_end_host; ///< Host name for end time.
700 array_t *host_ends; ///< All host ends.
701 char *host_start; ///< Start time for a host.
702 char *host_start_host; ///< Host name for start time.
703 array_t *host_starts; ///< All host starts.
704 char *in_assets; ///< Whether to create assets from report.
705 char *ip; ///< Current host for host details.
706 char *result_description; ///< Description of NVT for current result.
707 char *result_host; ///< Host for current result.
708 char *result_hostname; ///< Hostname for current result.
709 char *result_nvt_oid; ///< OID of NVT for current result.
710 char *result_port; ///< Port for current result.
711 char *result_qod; ///< QoD value of current result.
712 char *result_qod_type; ///< QoD type of current result.
713 char *result_scan_nvt_version; ///< Version of NVT used in scan.
714 char *result_severity; ///< Severity score for current result.
715 char *result_threat; ///< Message type for current result.
716 char *result_detection_name; ///< Name of detection in result.
717 char *result_detection_product; ///< product of detection in result.
718 char *result_detection_source_name; ///< source_name of detection in result.
719 char *result_detection_source_oid; ///< source_oid of detection in result.
720 char *result_detection_location; ///< location of detection in result.
721 array_t *result_detection; ///< Detections for current result
722 array_t *results; ///< All results.
723 char *scan_end; ///< End time for a scan.
724 char *scan_start; ///< Start time for a scan.
725 char *task_id; ///< ID of container task.
726 char *type; ///< Type of report.
727 int wrapper; ///< Whether there was a wrapper REPORT.
728 } create_report_data_t;
729
730 /**
731 * @brief Reset command data.
732 *
733 * @param[in] data Command data.
734 */
735 static void
create_report_data_reset(create_report_data_t * data)736 create_report_data_reset (create_report_data_t *data)
737 {
738 if (data->details)
739 {
740 guint index = data->details->len;
741 while (index--)
742 {
743 host_detail_t *detail;
744 detail = (host_detail_t*) g_ptr_array_index (data->details, index);
745 if (detail)
746 host_detail_free (detail);
747 }
748 array_free (data->details);
749 }
750 free (data->host_end);
751 if (data->host_ends)
752 {
753 guint index = data->host_ends->len;
754 while (index--)
755 {
756 create_report_result_t *result;
757 result = (create_report_result_t*) g_ptr_array_index
758 (data->host_ends,
759 index);
760 if (result)
761 {
762 free (result->description);
763 free (result->host);
764 }
765 }
766 array_free (data->host_ends);
767 }
768 free (data->host_start);
769 if (data->host_starts)
770 {
771 guint index = data->host_starts->len;
772 while (index--)
773 {
774 create_report_result_t *result;
775 result = (create_report_result_t*) g_ptr_array_index
776 (data->host_starts,
777 index);
778 if (result)
779 {
780 free (result->description);
781 free (result->host);
782 }
783 }
784 array_free (data->host_starts);
785 }
786 free (data->in_assets);
787 free (data->ip);
788 free (data->result_description);
789 free (data->result_host);
790 free (data->result_hostname);
791 free (data->result_nvt_oid);
792 free (data->result_port);
793 free (data->result_threat);
794 if (data->results)
795 {
796 guint index = data->results->len;
797 while (index--)
798 {
799 create_report_result_t *result;
800 result = (create_report_result_t*) g_ptr_array_index (data->results,
801 index);
802 if (result)
803 {
804 free (result->host);
805 free (result->hostname);
806 free (result->description);
807 free (result->nvt_oid);
808 free (result->port);
809 free (result->qod);
810 free (result->qod_type);
811 free (result->scan_nvt_version);
812 free (result->severity);
813 }
814 }
815 array_free (data->results);
816 }
817 free (data->scan_end);
818 free (data->scan_start);
819 free (data->task_id);
820 free (data->type);
821
822 memset (data, 0, sizeof (create_report_data_t));
823 }
824
825 /**
826 * @brief Command data for the create_role command.
827 */
828 typedef struct
829 {
830 char *comment; ///< Comment.
831 char *copy; ///< UUID of resource to copy.
832 char *name; ///< Name of new role.
833 char *users; ///< Users belonging to new role.
834 } create_role_data_t;
835
836 /**
837 * @brief Reset command data.
838 *
839 * @param[in] data Command data.
840 */
841 static void
create_role_data_reset(create_role_data_t * data)842 create_role_data_reset (create_role_data_t *data)
843 {
844 free (data->comment);
845 free (data->copy);
846 free (data->name);
847 free (data->users);
848
849 memset (data, 0, sizeof (create_role_data_t));
850 }
851
852 /**
853 * @brief Command data for the create_scanner command.
854 */
855 typedef struct
856 {
857 char *name; ///< Name for new scanner.
858 char *copy; ///< UUID of scanner to copy.
859 char *comment; ///< Comment.
860 char *host; ///< Host of new scanner.
861 char *port; ///< Port of new scanner.
862 char *type; ///< Type of new scanner.
863 char *ca_pub; ///< CA Certificate of new scanner.
864 char *credential_id; ///< UUID of credential for new scanner.
865 } create_scanner_data_t;
866
867 /**
868 * @brief Reset command data.
869 *
870 * @param[in] data Command data.
871 */
872 static void
create_scanner_data_reset(create_scanner_data_t * data)873 create_scanner_data_reset (create_scanner_data_t *data)
874 {
875 free (data->name);
876 free (data->copy);
877 free (data->comment);
878 free (data->host);
879 free (data->port);
880 free (data->type);
881 free (data->ca_pub);
882 free (data->credential_id);
883
884 memset (data, 0, sizeof (create_scanner_data_t));
885 }
886
887 /**
888 * @brief Command data for the create_schedule command.
889 */
890 typedef struct
891 {
892 char *name; ///< Name for new schedule.
893 char *comment; ///< Comment.
894 char *copy; ///< UUID of resource to copy.
895 char *timezone; ///< Time zone of the schedule
896 char *icalendar; ///< iCalendar string
897 } create_schedule_data_t;
898
899 /**
900 * @brief Reset command data.
901 *
902 * @param[in] data Command data.
903 */
904 static void
create_schedule_data_reset(create_schedule_data_t * data)905 create_schedule_data_reset (create_schedule_data_t *data)
906 {
907 free (data->name);
908 free (data->copy);
909 free (data->comment);
910 free (data->timezone);
911 free (data->icalendar);
912
913 memset (data, 0, sizeof (create_schedule_data_t));
914 }
915
916 /**
917 * @brief Command data for the create_target command.
918 */
919 typedef struct
920 {
921 char *alive_tests; ///< Alive tests.
922 char *allow_simultaneous_ips; ///< Boolean. Whether to scan multiple IPs of a host simultaneously.
923 char *asset_hosts_filter; ///< Asset hosts.
924 char *comment; ///< Comment.
925 char *exclude_hosts; ///< Hosts to exclude from set.
926 char *reverse_lookup_only; ///< Boolean. Whether to consider only hosts that reverse lookup.
927 char *reverse_lookup_unify; ///< Boolean. Whether to unify based on reverse lookup.
928 char *copy; ///< UUID of resource to copy.
929 char *hosts; ///< Hosts for new target.
930 char *port_list_id; ///< Port list for new target.
931 char *port_range; ///< Port range for new target.
932 char *ssh_credential_id; ///< SSH credential for new target.
933 char *ssh_lsc_credential_id; ///< SSH credential (deprecated).
934 char *ssh_elevate_credential_id; ///< SSH elevation credential.
935 char *ssh_port; ///< Port for SSH.
936 char *ssh_lsc_port; ///< Port for SSH (deprecated).
937 char *smb_credential_id; ///< SMB credential for new target.
938 char *smb_lsc_credential_id; ///< SMB credential (deprecated).
939 char *esxi_credential_id; ///< ESXi credential for new target.
940 char *esxi_lsc_credential_id; ///< ESXi credential (deprecated).
941 char *snmp_credential_id; ///< SNMP credential for new target.
942 char *name; ///< Name of new target.
943 } create_target_data_t;
944
945 /**
946 * @brief Reset command data.
947 *
948 * @param[in] data Command data.
949 */
950 static void
create_target_data_reset(create_target_data_t * data)951 create_target_data_reset (create_target_data_t *data)
952 {
953 free (data->alive_tests);
954 free (data->allow_simultaneous_ips);
955 free (data->asset_hosts_filter);
956 free (data->comment);
957 free (data->exclude_hosts);
958 free (data->reverse_lookup_only);
959 free (data->reverse_lookup_unify);
960 free (data->copy);
961 free (data->hosts);
962 free (data->port_list_id);
963 free (data->port_range);
964 free (data->ssh_credential_id);
965 free (data->ssh_lsc_credential_id);
966 free (data->ssh_elevate_credential_id);
967 free (data->ssh_port);
968 free (data->ssh_lsc_port);
969 free (data->smb_credential_id);
970 free (data->smb_lsc_credential_id);
971 free (data->esxi_credential_id);
972 free (data->esxi_lsc_credential_id);
973 free (data->snmp_credential_id);
974 free (data->name);
975
976 memset (data, 0, sizeof (create_target_data_t));
977 }
978
979 /**
980 * @brief Command data for the create_tag command.
981 */
982 typedef struct
983 {
984 char *active; ///< Whether the tag is active.
985 array_t *resource_ids; ///< IDs of the resource to which to attach the tag.
986 char *resource_type; ///< Type of the resource to which to attach the tag.
987 char *resources_filter; ///< Filter used to select resources.
988 char *comment; ///< Comment to add to the tag.
989 char *name; ///< Name of the tag.
990 char *value; ///< Value of the tag.
991 char *copy; ///< UUID of resource to copy.
992 } create_tag_data_t;
993
994 /**
995 * @brief Reset command data.
996 *
997 * @param[in] data Command data.
998 */
999 static void
create_tag_data_reset(create_tag_data_t * data)1000 create_tag_data_reset (create_tag_data_t *data)
1001 {
1002 free (data->active);
1003 array_free (data->resource_ids);
1004 free (data->resource_type);
1005 free (data->resources_filter);
1006 free (data->comment);
1007 free (data->name);
1008 free (data->value);
1009 free (data->copy);
1010 memset (data, 0, sizeof (create_tag_data_t));
1011 }
1012
1013 /**
1014 * @brief Command data for the create_task command.
1015 */
1016 typedef struct
1017 {
1018 char *alterable; ///< Boolean. Whether task is alterable.
1019 char *config_id; ///< ID of task config.
1020 char *hosts_ordering; ///< Order for scanning target hosts.
1021 char *scanner_id; ///< ID of task scanner.
1022 array_t *alerts; ///< IDs of alerts.
1023 char *copy; ///< UUID of resource to copy.
1024 array_t *groups; ///< IDs of groups.
1025 char *name; ///< Name of task.
1026 char *observers; ///< Space separated names of observer users.
1027 name_value_t *preference; ///< Current preference.
1028 array_t *preferences; ///< Preferences.
1029 char *schedule_id; ///< ID of task schedule.
1030 char *schedule_periods; ///< Number of periods the schedule must run for.
1031 char *target_id; ///< ID of task target.
1032 task_t task; ///< ID of new task.
1033 char *usage_type; ///< Usage type ("scan" or "audit")
1034 } create_task_data_t;
1035
1036 /**
1037 * @brief Reset command data.
1038 *
1039 * @param[in] data Command data.
1040 */
1041 static void
create_task_data_reset(create_task_data_t * data)1042 create_task_data_reset (create_task_data_t *data)
1043 {
1044 free (data->alterable);
1045 free (data->config_id);
1046 free (data->hosts_ordering);
1047 free (data->scanner_id);
1048 free (data->copy);
1049 array_free (data->alerts);
1050 array_free (data->groups);
1051 free (data->name);
1052 free (data->observers);
1053 if (data->preferences)
1054 {
1055 guint index = data->preferences->len;
1056 while (index--)
1057 {
1058 name_value_t *pair;
1059 pair = (name_value_t*) g_ptr_array_index (data->preferences, index);
1060 if (pair)
1061 {
1062 g_free (pair->name);
1063 g_free (pair->value);
1064 }
1065 }
1066 }
1067 array_free (data->preferences);
1068 free (data->schedule_id);
1069 free (data->schedule_periods);
1070 free (data->target_id);
1071 free (data->usage_type);
1072
1073 memset (data, 0, sizeof (create_task_data_t));
1074 }
1075
1076 /* Command data passed between parser callbacks. */
1077
1078 /**
1079 * @brief Command data for the create_user command.
1080 */
1081 typedef struct
1082 {
1083 char *copy; ///< UUID of resource to copy.
1084 array_t *groups; ///< IDs of groups.
1085 char *hosts; ///< Hosts.
1086 int hosts_allow; ///< Whether hosts are allowed.
1087 char *ifaces; ///< Interfaces.
1088 int ifaces_allow; ///< Whether interfaces are allowed.
1089 char *name; ///< User name.
1090 char *password; ///< Password.
1091 char *comment; ///< Comment.
1092 array_t *roles; ///< User's roles.
1093 gchar *current_source; ///< Current source, for collecting sources.
1094 array_t *sources; ///< Sources.
1095 } create_user_data_t;
1096
1097 /**
1098 * @brief Reset command data.
1099 *
1100 * @param[in] data Command data.
1101 */
1102 static void
create_user_data_reset(create_user_data_t * data)1103 create_user_data_reset (create_user_data_t * data)
1104 {
1105 g_free (data->copy);
1106 array_free (data->groups);
1107 g_free (data->name);
1108 g_free (data->password);
1109 g_free (data->comment);
1110 g_free (data->hosts);
1111 g_free (data->ifaces);
1112 array_free (data->roles);
1113 if (data->sources)
1114 {
1115 array_free (data->sources);
1116 }
1117 g_free (data->current_source);
1118 memset (data, 0, sizeof (create_user_data_t));
1119 }
1120
1121 /**
1122 * @brief Command data for the delete_asset command.
1123 */
1124 typedef struct
1125 {
1126 char *asset_id; ///< ID of asset to delete.
1127 char *report_id; ///< ID of report from which to delete assets.
1128 int ultimate; ///< Dummy field for generic macros.
1129 } delete_asset_data_t;
1130
1131 /**
1132 * @brief Reset command data.
1133 *
1134 * @param[in] data Command data.
1135 */
1136 static void
delete_asset_data_reset(delete_asset_data_t * data)1137 delete_asset_data_reset (delete_asset_data_t *data)
1138 {
1139 free (data->asset_id);
1140 free (data->report_id);
1141
1142 memset (data, 0, sizeof (delete_asset_data_t));
1143 }
1144
1145 /**
1146 * @brief Command data for the delete_config command.
1147 */
1148 typedef struct
1149 {
1150 char *config_id; ///< ID of config to delete.
1151 int ultimate; ///< Boolean. Whether to remove entirely or to trashcan.
1152 } delete_config_data_t;
1153
1154 /**
1155 * @brief Reset command data.
1156 *
1157 * @param[in] data Command data.
1158 */
1159 static void
delete_config_data_reset(delete_config_data_t * data)1160 delete_config_data_reset (delete_config_data_t *data)
1161 {
1162 free (data->config_id);
1163
1164 memset (data, 0, sizeof (delete_config_data_t));
1165 }
1166
1167 /**
1168 * @brief Command data for the delete_alert command.
1169 */
1170 typedef struct
1171 {
1172 char *alert_id; ///< ID of alert to delete.
1173 int ultimate; ///< Boolean. Whether to remove entirely or to trashcan.
1174 } delete_alert_data_t;
1175
1176 /**
1177 * @brief Reset command data.
1178 *
1179 * @param[in] data Command data.
1180 */
1181 static void
delete_alert_data_reset(delete_alert_data_t * data)1182 delete_alert_data_reset (delete_alert_data_t *data)
1183 {
1184 free (data->alert_id);
1185
1186 memset (data, 0, sizeof (delete_alert_data_t));
1187 }
1188
1189 /**
1190 * @brief Command data for the delete_credential command.
1191 */
1192 typedef struct
1193 {
1194 char *credential_id; ///< ID of Credential to delete.
1195 int ultimate; ///< Boolean. Whether to remove entirely or to trashcan.
1196 } delete_credential_data_t;
1197
1198 /**
1199 * @brief Reset command data.
1200 *
1201 * @param[in] data Command data.
1202 */
1203 static void
delete_credential_data_reset(delete_credential_data_t * data)1204 delete_credential_data_reset (delete_credential_data_t *data)
1205 {
1206 free (data->credential_id);
1207
1208 memset (data, 0, sizeof (delete_credential_data_t));
1209 }
1210
1211 /**
1212 * @brief Command data for the delete_filter command.
1213 */
1214 typedef struct
1215 {
1216 char *filter_id; ///< ID of filter to delete.
1217 int ultimate; ///< Boolean. Whether to remove entirely or to trashcan.
1218 } delete_filter_data_t;
1219
1220 /**
1221 * @brief Reset command data.
1222 *
1223 * @param[in] data Command data.
1224 */
1225 static void
delete_filter_data_reset(delete_filter_data_t * data)1226 delete_filter_data_reset (delete_filter_data_t *data)
1227 {
1228 free (data->filter_id);
1229
1230 memset (data, 0, sizeof (delete_filter_data_t));
1231 }
1232
1233 /**
1234 * @brief Command data for the delete_group command.
1235 */
1236 typedef struct
1237 {
1238 char *group_id; ///< ID of group to delete.
1239 int ultimate; ///< Boolean. Whether to remove entirely or to trashcan.
1240 } delete_group_data_t;
1241
1242 /**
1243 * @brief Reset command data.
1244 *
1245 * @param[in] data Command data.
1246 */
1247 static void
delete_group_data_reset(delete_group_data_t * data)1248 delete_group_data_reset (delete_group_data_t *data)
1249 {
1250 free (data->group_id);
1251
1252 memset (data, 0, sizeof (delete_group_data_t));
1253 }
1254
1255 /**
1256 * @brief Command data for the delete_note command.
1257 */
1258 typedef struct
1259 {
1260 char *note_id; ///< ID of note to delete.
1261 int ultimate; ///< Boolean. Whether to remove entirely or to trashcan.
1262 } delete_note_data_t;
1263
1264 /**
1265 * @brief Reset command data.
1266 *
1267 * @param[in] data Command data.
1268 */
1269 static void
delete_note_data_reset(delete_note_data_t * data)1270 delete_note_data_reset (delete_note_data_t *data)
1271 {
1272 free (data->note_id);
1273
1274 memset (data, 0, sizeof (delete_note_data_t));
1275 }
1276
1277 /**
1278 * @brief Command data for the delete_override command.
1279 */
1280 typedef struct
1281 {
1282 char *override_id; ///< ID of override to delete.
1283 int ultimate; ///< Boolean. Whether to remove entirely or to trashcan.
1284 } delete_override_data_t;
1285
1286 /**
1287 * @brief Command data for the delete_permission command.
1288 */
1289 typedef struct
1290 {
1291 char *permission_id; ///< ID of permission to delete.
1292 int ultimate; ///< Boolean. Whether to remove entirely or to trashcan.
1293 } delete_permission_data_t;
1294
1295 /**
1296 * @brief Reset command data.
1297 *
1298 * @param[in] data Command data.
1299 */
1300 static void
delete_permission_data_reset(delete_permission_data_t * data)1301 delete_permission_data_reset (delete_permission_data_t *data)
1302 {
1303 free (data->permission_id);
1304
1305 memset (data, 0, sizeof (delete_permission_data_t));
1306 }
1307
1308 /**
1309 * @brief Command data for the delete_port_list command.
1310 */
1311 typedef struct
1312 {
1313 char *port_list_id; ///< ID of port list to delete.
1314 int ultimate; ///< Boolean. Whether to remove entirely or to trashcan.
1315 } delete_port_list_data_t;
1316
1317 /**
1318 * @brief Reset command data.
1319 *
1320 * @param[in] data Command data.
1321 */
1322 static void
delete_port_list_data_reset(delete_port_list_data_t * data)1323 delete_port_list_data_reset (delete_port_list_data_t *data)
1324 {
1325 free (data->port_list_id);
1326
1327 memset (data, 0, sizeof (delete_port_list_data_t));
1328 }
1329
1330 /**
1331 * @brief Command data for the delete_port_range command.
1332 */
1333 typedef struct
1334 {
1335 char *port_range_id; ///< ID of port range to delete.
1336 int ultimate; ///< Dummy field for generic macros.
1337 } delete_port_range_data_t;
1338
1339 /**
1340 * @brief Reset command data.
1341 *
1342 * @param[in] data Command data.
1343 */
1344 static void
delete_port_range_data_reset(delete_port_range_data_t * data)1345 delete_port_range_data_reset (delete_port_range_data_t *data)
1346 {
1347 free (data->port_range_id);
1348
1349 memset (data, 0, sizeof (delete_port_range_data_t));
1350 }
1351
1352 /**
1353 * @brief Reset command data.
1354 *
1355 * @param[in] data Command data.
1356 */
1357 static void
delete_override_data_reset(delete_override_data_t * data)1358 delete_override_data_reset (delete_override_data_t *data)
1359 {
1360 free (data->override_id);
1361
1362 memset (data, 0, sizeof (delete_override_data_t));
1363 }
1364
1365 /**
1366 * @brief Command data for the delete_report command.
1367 */
1368 typedef struct
1369 {
1370 char *report_id; ///< ID of report to delete.
1371 int ultimate; ///< Dummy field for generic macros.
1372 } delete_report_data_t;
1373
1374 /**
1375 * @brief Reset command data.
1376 *
1377 * @param[in] data Command data.
1378 */
1379 static void
delete_report_data_reset(delete_report_data_t * data)1380 delete_report_data_reset (delete_report_data_t *data)
1381 {
1382 free (data->report_id);
1383
1384 memset (data, 0, sizeof (delete_report_data_t));
1385 }
1386
1387 /**
1388 * @brief Command data for the delete_report_format command.
1389 */
1390 typedef struct
1391 {
1392 char *report_format_id; ///< ID of report format to delete.
1393 int ultimate; ///< Boolean. Whether to remove entirely or to trashcan.
1394 } delete_report_format_data_t;
1395
1396 /**
1397 * @brief Reset command data.
1398 *
1399 * @param[in] data Command data.
1400 */
1401 static void
delete_report_format_data_reset(delete_report_format_data_t * data)1402 delete_report_format_data_reset (delete_report_format_data_t *data)
1403 {
1404 free (data->report_format_id);
1405
1406 memset (data, 0, sizeof (delete_report_format_data_t));
1407 }
1408
1409 /**
1410 * @brief Command data for the delete_role command.
1411 */
1412 typedef struct
1413 {
1414 char *role_id; ///< ID of role to delete.
1415 int ultimate; ///< Dummy field for generic macros.
1416 } delete_role_data_t;
1417
1418 /**
1419 * @brief Reset command data.
1420 *
1421 * @param[in] data Command data.
1422 */
1423 static void
delete_role_data_reset(delete_role_data_t * data)1424 delete_role_data_reset (delete_role_data_t *data)
1425 {
1426 free (data->role_id);
1427
1428 memset (data, 0, sizeof (delete_role_data_t));
1429 }
1430
1431 /**
1432 * @brief Command data for the delete_schedule command.
1433 */
1434 typedef struct
1435 {
1436 char *schedule_id; ///< ID of schedule to delete.
1437 int ultimate; ///< Boolean. Whether to remove entirely or to trashcan.
1438 } delete_schedule_data_t;
1439
1440 /**
1441 * @brief Command data for the delete_scanner command.
1442 */
1443 typedef struct
1444 {
1445 char *scanner_id; ///< ID of scanner to delete.
1446 int ultimate; ///< Boolean. Whether to remove entirely or to trashcan.
1447 } delete_scanner_data_t;
1448
1449 /**
1450 * @brief Reset command data.
1451 *
1452 * @param[in] data Command data.
1453 */
1454 static void
delete_scanner_data_reset(delete_scanner_data_t * data)1455 delete_scanner_data_reset (delete_scanner_data_t *data)
1456 {
1457 g_free (data->scanner_id);
1458
1459 memset (data, 0, sizeof (delete_scanner_data_t));
1460 }
1461
1462 /**
1463 * @brief Reset command data.
1464 *
1465 * @param[in] data Command data.
1466 */
1467 static void
delete_schedule_data_reset(delete_schedule_data_t * data)1468 delete_schedule_data_reset (delete_schedule_data_t *data)
1469 {
1470 free (data->schedule_id);
1471
1472 memset (data, 0, sizeof (delete_schedule_data_t));
1473 }
1474
1475 /**
1476 * @brief Command data for the delete_tag command.
1477 */
1478 typedef struct
1479 {
1480 char *tag_id; ///< ID of tag to delete.
1481 int ultimate; ///< Boolean. Whether to remove entirely or to trashcan.
1482 } delete_tag_data_t;
1483
1484 /**
1485 * @brief Reset command data.
1486 *
1487 * @param[in] data Command data.
1488 */
1489 static void
delete_tag_data_reset(delete_tag_data_t * data)1490 delete_tag_data_reset (delete_tag_data_t *data)
1491 {
1492 free (data->tag_id);
1493
1494 memset (data, 0, sizeof (delete_tag_data_t));
1495 }
1496
1497 /**
1498 * @brief Command data for the delete_target command.
1499 */
1500 typedef struct
1501 {
1502 char *target_id; ///< ID of target to delete.
1503 int ultimate; ///< Boolean. Whether to remove entirely or to trashcan.
1504 } delete_target_data_t;
1505
1506 /**
1507 * @brief Reset command data.
1508 *
1509 * @param[in] data Command data.
1510 */
1511 static void
delete_target_data_reset(delete_target_data_t * data)1512 delete_target_data_reset (delete_target_data_t *data)
1513 {
1514 free (data->target_id);
1515
1516 memset (data, 0, sizeof (delete_target_data_t));
1517 }
1518
1519 /**
1520 * @brief Command data for the delete_task command.
1521 */
1522 typedef struct
1523 {
1524 char *task_id; ///< ID of task to delete.
1525 int ultimate; ///< Boolean. Whether to remove entirely or to trashcan.
1526 } delete_task_data_t;
1527
1528 /**
1529 * @brief Reset command data.
1530 *
1531 * @param[in] data Command data.
1532 */
1533 static void
delete_task_data_reset(delete_task_data_t * data)1534 delete_task_data_reset (delete_task_data_t *data)
1535 {
1536 free (data->task_id);
1537
1538 memset (data, 0, sizeof (delete_task_data_t));
1539 }
1540
1541 /**
1542 * @brief Command data for the delete_user command.
1543 */
1544 typedef struct
1545 {
1546 char *name; ///< Name of user to delete.
1547 char *user_id; ///< ID of user to delete.
1548 int ultimate; ///< Boolean. Whether to remove entirely or to trashcan.
1549 char *inheritor_id; ///< ID of user that will inherit owned objects.
1550 char *inheritor_name; ///< Name of user that will inherit owned objects.
1551 } delete_user_data_t;
1552
1553 /**
1554 * @brief Reset command data.
1555 *
1556 * @param[in] data Command data.
1557 */
1558 static void
delete_user_data_reset(delete_user_data_t * data)1559 delete_user_data_reset (delete_user_data_t *data)
1560 {
1561 free (data->name);
1562 free (data->user_id);
1563 free (data->inheritor_id);
1564 free (data->inheritor_name);
1565
1566 memset (data, 0, sizeof (delete_user_data_t));
1567 }
1568
1569 /**
1570 * @brief Command data for the get_feeds command.
1571 */
1572 typedef struct
1573 {
1574 char *type; ///< Type of feed.
1575 } get_feeds_data_t;
1576
1577 /**
1578 * @brief Reset command data.
1579 *
1580 * @param[in] data Command data.
1581 */
1582 static void
get_feeds_data_reset(get_feeds_data_t * data)1583 get_feeds_data_reset (get_feeds_data_t *data)
1584 {
1585 free (data->type);
1586
1587 memset (data, 0, sizeof (get_feeds_data_t));
1588 }
1589
1590 /**
1591 * @brief Command data for the get_aggregates command.
1592 */
1593 typedef struct
1594 {
1595 get_data_t get; ///< Get args.
1596 char *type; ///< Resource type.
1597 char *subtype; ///< Resource subtype.
1598 GList *data_columns; ///< Columns to calculate aggregate for.
1599 GList *text_columns; ///< Columns to get simple text from.
1600 char *group_column; ///< Column to group data by.
1601 char *subgroup_column; ///< Column to further group data by.
1602 GList *sort_data; ///< List of Sort data.
1603 int first_group; ///< Skip over groups before this group number.
1604 int max_groups; ///< Maximum number of aggregate groups to return.
1605 char *mode; ///< Special aggregate mode.
1606 } get_aggregates_data_t;
1607
1608 /**
1609 * @brief Reset command data.
1610 *
1611 * @param[in] data Command data.
1612 */
1613 static void
get_aggregates_data_reset(get_aggregates_data_t * data)1614 get_aggregates_data_reset (get_aggregates_data_t *data)
1615 {
1616 get_data_reset (&data->get);
1617 free (data->type);
1618 g_list_free_full (data->data_columns, g_free);
1619 data->data_columns = NULL;
1620 g_list_free_full (data->text_columns, g_free);
1621 data->text_columns = NULL;
1622 free (data->group_column);
1623 free (data->subgroup_column);
1624 g_list_free_full (data->sort_data, (GDestroyNotify)sort_data_free);
1625 data->sort_data = NULL;
1626 free (data->mode);
1627
1628 memset (data, 0, sizeof (get_aggregates_data_t));
1629 }
1630
1631 /**
1632 * @brief Command data for the get_assets command.
1633 */
1634 typedef struct
1635 {
1636 char *type; ///< Requested asset type.
1637 get_data_t get; ///< Get Args.
1638 int details; ///< Boolean. Whether to include full details.
1639 } get_assets_data_t;
1640
1641 /**
1642 * @brief Reset command data.
1643 *
1644 * @param[in] data Command data.
1645 */
1646 static void
get_assets_data_reset(get_assets_data_t * data)1647 get_assets_data_reset (get_assets_data_t *data)
1648 {
1649 free (data->type);
1650 get_data_reset (&data->get);
1651
1652 memset (data, 0, sizeof (get_assets_data_t));
1653 }
1654
1655 /**
1656 * @brief Command data for the get_configs command.
1657 */
1658 typedef struct
1659 {
1660 int families; ///< Boolean. Whether to include config families.
1661 int preferences; ///< Boolean. Whether to include config preferences.
1662 get_data_t get; ///< Get args.
1663 int tasks; ///< Boolean. Whether to include tasks that use scan config.
1664 } get_configs_data_t;
1665
1666 /**
1667 * @brief Reset command data.
1668 *
1669 * @param[in] data Command data.
1670 */
1671 static void
get_configs_data_reset(get_configs_data_t * data)1672 get_configs_data_reset (get_configs_data_t *data)
1673 {
1674 get_data_reset (&data->get);
1675 memset (data, 0, sizeof (get_configs_data_t));
1676 }
1677
1678 /**
1679 * @brief Command data for the get_alerts command.
1680 */
1681 typedef struct
1682 {
1683 get_data_t get; ///< Get args.
1684 int tasks; ///< Boolean. Whether to include tasks that use alert.
1685 } get_alerts_data_t;
1686
1687 /**
1688 * @brief Reset command data.
1689 *
1690 * @param[in] data Command data.
1691 */
1692 static void
get_alerts_data_reset(get_alerts_data_t * data)1693 get_alerts_data_reset (get_alerts_data_t *data)
1694 {
1695 get_data_reset (&data->get);
1696 memset (data, 0, sizeof (get_alerts_data_t));
1697 }
1698
1699 /**
1700 * @brief Command data for the get_credentials command.
1701 */
1702 typedef struct
1703 {
1704 char *format; ///< Format requested: "key", "deb", ....
1705 get_data_t get; ///< Get Args.
1706 int scanners; ///< Boolean. Whether to return scanners using credential.
1707 int targets; ///< Boolean. Whether to return targets using credential.
1708 } get_credentials_data_t;
1709
1710 /**
1711 * @brief Reset command data.
1712 *
1713 * @param[in] data Command data.
1714 */
1715 static void
get_credentials_data_reset(get_credentials_data_t * data)1716 get_credentials_data_reset (get_credentials_data_t *data)
1717 {
1718 get_data_reset (&data->get);
1719 memset (data, 0, sizeof (get_credentials_data_t));
1720 }
1721
1722 /**
1723 * @brief Command data for the get_filters command.
1724 */
1725 typedef struct
1726 {
1727 get_data_t get; ///< Get args.
1728 int alerts; ///< Boolean. Whether to include alerts that use filter.
1729 } get_filters_data_t;
1730
1731 /**
1732 * @brief Reset command data.
1733 *
1734 * @param[in] data Command data.
1735 */
1736 static void
get_filters_data_reset(get_filters_data_t * data)1737 get_filters_data_reset (get_filters_data_t *data)
1738 {
1739 get_data_reset (&data->get);
1740 memset (data, 0, sizeof (get_filters_data_t));
1741 }
1742
1743 /**
1744 * @brief Command data for the get_groups command.
1745 */
1746 typedef struct
1747 {
1748 get_data_t get; ///< Get args.
1749 } get_groups_data_t;
1750
1751 /**
1752 * @brief Reset command data.
1753 *
1754 * @param[in] data Command data.
1755 */
1756 static void
get_groups_data_reset(get_groups_data_t * data)1757 get_groups_data_reset (get_groups_data_t *data)
1758 {
1759 get_data_reset (&data->get);
1760 memset (data, 0, sizeof (get_groups_data_t));
1761 }
1762
1763 /**
1764 * @brief Command data for the get_info command.
1765 */
1766 typedef struct
1767 {
1768 char *type; ///< Requested information type.
1769 char *name; ///< Name of the info
1770 get_data_t get; ///< Get Args.
1771 int details; ///< Boolean. Weather to include full details.
1772 } get_info_data_t;
1773
1774 /**
1775 * @brief Reset command data.
1776 *
1777 * @param[in] data Command data.
1778 */
1779 static void
get_info_data_reset(get_info_data_t * data)1780 get_info_data_reset (get_info_data_t *data)
1781 {
1782 free (data->type);
1783 free (data->name);
1784 get_data_reset (&data->get);
1785
1786 memset (data, 0, sizeof (get_info_data_t));
1787 }
1788
1789 /**
1790 * @brief Command data for the get_notes command.
1791 */
1792 typedef struct
1793 {
1794 get_data_t get; ///< Get args.
1795 char *note_id; ///< ID of single note to get.
1796 char *nvt_oid; ///< OID of NVT to which to limit listing.
1797 char *task_id; ///< ID of task to which to limit listing.
1798 int result; ///< Boolean. Whether to include associated results.
1799 } get_notes_data_t;
1800
1801 /**
1802 * @brief Reset command data.
1803 *
1804 * @param[in] data Command data.
1805 */
1806 static void
get_notes_data_reset(get_notes_data_t * data)1807 get_notes_data_reset (get_notes_data_t *data)
1808 {
1809 free (data->note_id);
1810 free (data->nvt_oid);
1811 free (data->task_id);
1812
1813 memset (data, 0, sizeof (get_notes_data_t));
1814 }
1815
1816 /**
1817 * @brief Command data for the get_nvts command.
1818 */
1819 typedef struct
1820 {
1821 char *config_id; ///< ID of config to which to limit NVT selection.
1822 char *preferences_config_id; ///< ID of config to get preference values from.
1823 int details; ///< Boolean. Whether to include full NVT details.
1824 char *family; ///< Name of family to which to limit NVT selection.
1825 char *nvt_oid; ///< Name of single NVT to get.
1826 int preference_count; ///< Boolean. Whether to include NVT preference count.
1827 int preferences; ///< Boolean. Whether to include NVT preferences.
1828 char *sort_field; ///< Field to sort results on.
1829 int sort_order; ///< Result sort order: 0 descending, else ascending.
1830 int timeout; ///< Boolean. Whether to include timeout preference.
1831 } get_nvts_data_t;
1832
1833 /**
1834 * @brief Reset command data.
1835 *
1836 * @param[in] data Command data.
1837 */
1838 static void
get_nvts_data_reset(get_nvts_data_t * data)1839 get_nvts_data_reset (get_nvts_data_t *data)
1840 {
1841 free (data->config_id);
1842 free (data->preferences_config_id);
1843 free (data->family);
1844 free (data->nvt_oid);
1845 free (data->sort_field);
1846
1847 memset (data, 0, sizeof (get_nvts_data_t));
1848 }
1849
1850 /**
1851 * @brief Command data for the get_nvt_families command.
1852 */
1853 typedef struct
1854 {
1855 int sort_order; ///< Result sort order: 0 descending, else ascending.
1856 } get_nvt_families_data_t;
1857
1858 /**
1859 * @brief Reset command data.
1860 *
1861 * @param[in] data Command data.
1862 */
1863 static void
get_nvt_families_data_reset(get_nvt_families_data_t * data)1864 get_nvt_families_data_reset (get_nvt_families_data_t *data)
1865 {
1866 memset (data, 0, sizeof (get_nvt_families_data_t));
1867 }
1868
1869 /**
1870 * @brief Command data for the get_overrides command.
1871 */
1872 typedef struct
1873 {
1874 get_data_t get; ///< Get args.
1875 char *override_id; ///< ID of override to get.
1876 char *nvt_oid; ///< OID of NVT to which to limit listing.
1877 char *task_id; ///< ID of task to which to limit listing.
1878 int result; ///< Boolean. Whether to include associated results.
1879 } get_overrides_data_t;
1880
1881 /**
1882 * @brief Reset command data.
1883 *
1884 * @param[in] data Command data.
1885 */
1886 static void
get_overrides_data_reset(get_overrides_data_t * data)1887 get_overrides_data_reset (get_overrides_data_t *data)
1888 {
1889 free (data->override_id);
1890 free (data->nvt_oid);
1891 free (data->task_id);
1892
1893 memset (data, 0, sizeof (get_overrides_data_t));
1894 }
1895
1896 /**
1897 * @brief Command data for the get_permissions command.
1898 */
1899 typedef struct
1900 {
1901 get_data_t get; ///< Get args.
1902 char *resource_id; ///< Resource whose permissions to get.
1903 } get_permissions_data_t;
1904
1905 /**
1906 * @brief Reset command data.
1907 *
1908 * @param[in] data Command data.
1909 */
1910 static void
get_permissions_data_reset(get_permissions_data_t * data)1911 get_permissions_data_reset (get_permissions_data_t *data)
1912 {
1913 free (data->resource_id);
1914
1915 get_data_reset (&data->get);
1916 memset (data, 0, sizeof (get_permissions_data_t));
1917 }
1918
1919 /**
1920 * @brief Command data for the get_port_lists command.
1921 */
1922 typedef struct
1923 {
1924 int targets; ///< Boolean. Include targets that use Port List or not.
1925 get_data_t get; ///< Get args.
1926 } get_port_lists_data_t;
1927
1928 /**
1929 * @brief Reset command data.
1930 *
1931 * @param[in] data Command data.
1932 */
1933 static void
get_port_lists_data_reset(get_port_lists_data_t * data)1934 get_port_lists_data_reset (get_port_lists_data_t *data)
1935 {
1936 get_data_reset (&data->get);
1937 memset (data, 0, sizeof (get_port_lists_data_t));
1938 }
1939
1940 /**
1941 * @brief Command data for the get_preferences command.
1942 */
1943 typedef struct
1944 {
1945 char *config_id; ///< Config whose preference values to get.
1946 char *nvt_oid; ///< Single NVT whose preferences to get.
1947 char *preference; ///< Single preference to get.
1948 } get_preferences_data_t;
1949
1950 /**
1951 * @brief Reset command data.
1952 *
1953 * @param[in] data Command data.
1954 */
1955 static void
get_preferences_data_reset(get_preferences_data_t * data)1956 get_preferences_data_reset (get_preferences_data_t *data)
1957 {
1958 free (data->config_id);
1959 free (data->nvt_oid);
1960 free (data->preference);
1961
1962 memset (data, 0, sizeof (get_preferences_data_t));
1963 }
1964
1965 /**
1966 * @brief Command data for the get_reports command.
1967 */
1968 typedef struct
1969 {
1970 get_data_t get; ///< Get args with result filtering.
1971 get_data_t report_get; ///< Get args with report filtering.
1972 char *delta_report_id; ///< ID of report to compare single report to.
1973 char *format_id; ///< ID of report format.
1974 char *alert_id; ///< ID of alert.
1975 char *report_id; ///< ID of single report to get.
1976 int lean; ///< Boolean. Whether to return lean report.
1977 int notes_details; ///< Boolean. Whether to include details of above.
1978 int overrides_details; ///< Boolean. Whether to include details of above.
1979 int result_tags; ///< Boolean. Whether to include result tags.
1980 int ignore_pagination; ///< Boolean. Whether to ignore pagination filters.
1981 } get_reports_data_t;
1982
1983 /**
1984 * @brief Reset command data.
1985 *
1986 * @param[in] data Command data.
1987 */
1988 static void
get_reports_data_reset(get_reports_data_t * data)1989 get_reports_data_reset (get_reports_data_t *data)
1990 {
1991 get_data_reset (&data->get);
1992 get_data_reset (&data->report_get);
1993 free (data->delta_report_id);
1994 free (data->format_id);
1995 free (data->alert_id);
1996 free (data->report_id);
1997
1998 memset (data, 0, sizeof (get_reports_data_t));
1999 }
2000
2001 /**
2002 * @brief Command data for the get_report_formats command.
2003 */
2004 typedef struct
2005 {
2006 get_data_t get; ///< Get args.
2007 int alerts; ///< Boolean. Whether to include alerts that use Report Format
2008 int params; ///< Boolean. Whether to include params.
2009 } get_report_formats_data_t;
2010
2011 /**
2012 * @brief Reset command data.
2013 *
2014 * @param[in] data Command data.
2015 */
2016 static void
get_report_formats_data_reset(get_report_formats_data_t * data)2017 get_report_formats_data_reset (get_report_formats_data_t *data)
2018 {
2019 get_data_reset (&data->get);
2020 memset (data, 0, sizeof (get_report_formats_data_t));
2021 }
2022
2023 /**
2024 * @brief Command data for the get_results command.
2025 */
2026 typedef struct
2027 {
2028 get_data_t get; ///< Get args.
2029 char *task_id; ///< Task associated with results.
2030 int notes_details; ///< Boolean. Whether to include details of above.
2031 int overrides_details; ///< Boolean. Whether to include details of above.
2032 int get_counts; ///< Boolean. Whether to include result counts.
2033 } get_results_data_t;
2034
2035 /**
2036 * @brief Reset command data.
2037 *
2038 * @param[in] data Command data.
2039 */
2040 static void
get_results_data_reset(get_results_data_t * data)2041 get_results_data_reset (get_results_data_t *data)
2042 {
2043 get_data_reset (&data->get);
2044 free (data->task_id);
2045
2046 memset (data, 0, sizeof (get_results_data_t));
2047 }
2048
2049 /**
2050 * @brief Command data for the get_roles command.
2051 */
2052 typedef struct
2053 {
2054 get_data_t get; ///< Get args.
2055 } get_roles_data_t;
2056
2057 /**
2058 * @brief Reset command data.
2059 *
2060 * @param[in] data Command data.
2061 */
2062 static void
get_roles_data_reset(get_roles_data_t * data)2063 get_roles_data_reset (get_roles_data_t *data)
2064 {
2065 get_data_reset (&data->get);
2066 memset (data, 0, sizeof (get_roles_data_t));
2067 }
2068
2069 /**
2070 * @brief Command data for the get_schedules command.
2071 */
2072 typedef struct
2073 {
2074 get_data_t get; ///< Get args.
2075 int tasks; ///< Boolean. Whether to include tasks that use this schedule.
2076 } get_schedules_data_t;
2077
2078 /**
2079 * @brief Command data for the get_scanners command.
2080 */
2081 typedef struct
2082 {
2083 get_data_t get; ///< Get args.
2084 } get_scanners_data_t;
2085
2086 /**
2087 * @brief Reset command data.
2088 *
2089 * @param[in] data Command data.
2090 */
2091 static void
get_scanners_data_reset(get_scanners_data_t * data)2092 get_scanners_data_reset (get_scanners_data_t *data)
2093 {
2094 get_data_reset (&data->get);
2095
2096 memset (data, 0, sizeof (get_scanners_data_t));
2097 }
2098
2099 /**
2100 * @brief Reset command data.
2101 *
2102 * @param[in] data Command data.
2103 */
2104 static void
get_schedules_data_reset(get_schedules_data_t * data)2105 get_schedules_data_reset (get_schedules_data_t *data)
2106 {
2107 get_data_reset (&data->get);
2108 memset (data, 0, sizeof (get_schedules_data_t));
2109 }
2110
2111 /**
2112 * @brief Command data.
2113 */
2114 typedef struct
2115 {
2116 char *filter; ///< Filter term.
2117 int first; ///< Skip over rows before this number.
2118 int max; ///< Maximum number of rows returned.
2119 char *sort_field; ///< Field to sort results on.
2120 int sort_order; ///< Result sort order: 0 descending, else ascending.
2121 char *setting_id; ///< UUID of single setting to get.
2122 } get_settings_data_t;
2123
2124 /**
2125 * @brief Reset command data.
2126 *
2127 * @param[in] data Command data.
2128 */
2129 static void
get_settings_data_reset(get_settings_data_t * data)2130 get_settings_data_reset (get_settings_data_t *data)
2131 {
2132 free (data->filter);
2133 free (data->setting_id);
2134 free (data->sort_field);
2135
2136 memset (data, 0, sizeof (get_settings_data_t));
2137 }
2138
2139 /**
2140 * @brief Command data for the get_system_reports command.
2141 */
2142 typedef struct
2143 {
2144 int brief; ///< Boolean. Whether respond in brief.
2145 char *name; ///< Name of single report to get.
2146 char *duration; ///< Duration into the past to report on.
2147 char *end_time; ///< Time of the last data point to report on.
2148 char *slave_id; ///< Slave that reports apply to, 0 for local Manager.
2149 char *start_time; ///< Time of the first data point to report on.
2150 } get_system_reports_data_t;
2151
2152 /**
2153 * @brief Reset command data.
2154 *
2155 * @param[in] data Command data.
2156 */
2157 static void
get_system_reports_data_reset(get_system_reports_data_t * data)2158 get_system_reports_data_reset (get_system_reports_data_t *data)
2159 {
2160 free (data->name);
2161 free (data->duration);
2162 free (data->end_time);
2163 free (data->slave_id);
2164 free (data->start_time);
2165
2166 memset (data, 0, sizeof (get_system_reports_data_t));
2167 }
2168
2169 /**
2170 * @brief Command data for the get_tags command.
2171 */
2172 typedef struct
2173 {
2174 get_data_t get; ///< Get args.
2175 int names_only; ///< Boolean. Whether to get only distinct names.
2176 } get_tags_data_t;
2177
2178 /**
2179 * @brief Reset command data.
2180 *
2181 * @param[in] data Command data.
2182 */
2183 static void
get_tags_data_reset(get_tags_data_t * data)2184 get_tags_data_reset (get_tags_data_t *data)
2185 {
2186 get_data_reset (&data->get);
2187 memset (data, 0, sizeof (get_tags_data_t));
2188 }
2189
2190 /**
2191 * @brief Command data for the get_targets command.
2192 */
2193 typedef struct
2194 {
2195 get_data_t get; ///< Get args.
2196 int tasks; ///< Boolean. Whether to include tasks that use target.
2197 } get_targets_data_t;
2198
2199 /**
2200 * @brief Reset command data.
2201 *
2202 * @param[in] data Command data.
2203 */
2204 static void
get_targets_data_reset(get_targets_data_t * data)2205 get_targets_data_reset (get_targets_data_t *data)
2206 {
2207 get_data_reset (&data->get);
2208 memset (data, 0, sizeof (get_targets_data_t));
2209 }
2210
2211 /**
2212 * @brief Command data for the get_users command.
2213 */
2214 typedef struct
2215 {
2216 get_data_t get; ///< Get args.
2217 } get_users_data_t;
2218
2219 /**
2220 * @brief Reset command data.
2221 *
2222 * @param[in] data Command data.
2223 */
2224 static void
get_users_data_reset(get_users_data_t * data)2225 get_users_data_reset (get_users_data_t * data)
2226 {
2227 get_data_reset (&data->get);
2228 memset (data, 0, sizeof (get_users_data_t));
2229 }
2230
2231 /**
2232 * @brief Command data for the get_vulns command.
2233 */
2234 typedef struct
2235 {
2236 get_data_t get; ///< Get args.
2237 } get_vulns_data_t;
2238
2239 /**
2240 * @brief Reset command data.
2241 *
2242 * @param[in] data Command data.
2243 */
2244 static void
get_vulns_data_reset(get_vulns_data_t * data)2245 get_vulns_data_reset (get_vulns_data_t * data)
2246 {
2247 get_data_reset (&data->get);
2248 memset (data, 0, sizeof (get_vulns_data_t));
2249 }
2250
2251 /**
2252 * @brief Command data for the modify_config command.
2253 */
2254 typedef struct
2255 {
2256 char *comment; ///< New comment for config.
2257 char *config_id; ///< ID of config to modify.
2258 array_t *families_growing_empty; ///< New family selection: growing, empty.
2259 array_t *families_growing_all; ///< New family selection: growing, all NVTs.
2260 array_t *families_static_all; ///< New family selection: static, all NVTs.
2261 int family_selection_family_all; ///< All flag in FAMILY_SELECTION/FAMILY.
2262 char *family_selection_family_all_text; ///< Text version of above.
2263 int family_selection_family_growing; ///< FAMILY_SELECTION/FAMILY growing flag.
2264 char *family_selection_family_growing_text; ///< Text version of above.
2265 char *family_selection_family_name; ///< FAMILY_SELECTION/FAMILY family name.
2266 int family_selection_growing; ///< Whether families in selection grow.
2267 char *family_selection_growing_text; ///< Text version of above.
2268 char *name; ///< New name for config.
2269 char *scanner_id; ///< New scanner UUID for config.
2270 array_t *nvt_selection; ///< OID array. New NVT set for config.
2271 char *nvt_selection_family; ///< Family of NVT selection.
2272 char *nvt_selection_nvt_oid; ///< OID during NVT_selection/NVT.
2273 char *preference_id; ///< Config preference to modify.
2274 char *preference_name; ///< Config preference to modify.
2275 char *preference_nvt_oid; ///< OID of NVT of preference.
2276 char *preference_value; ///< New value for preference.
2277 } modify_config_data_t;
2278
2279 /**
2280 * @brief Command data for the get_tasks command.
2281 */
2282 typedef struct
2283 {
2284 get_data_t get; ///< Get args.
2285 int schedules_only; ///< Whether to to get only schedules and basic info.
2286 } get_tasks_data_t;
2287
2288 /**
2289 * @brief Reset command data.
2290 *
2291 * @param[in] data Command data.
2292 */
2293 static void
get_tasks_data_reset(get_tasks_data_t * data)2294 get_tasks_data_reset (get_tasks_data_t *data)
2295 {
2296 get_data_reset (&data->get);
2297
2298 memset (data, 0, sizeof (get_tasks_data_t));
2299 }
2300
2301 /**
2302 * @brief Command data for the help command.
2303 */
2304 typedef struct
2305 {
2306 char *format; ///< Format.
2307 char *type; ///< Type of help.
2308 } help_data_t;
2309
2310 /**
2311 * @brief Reset command data.
2312 *
2313 * @param[in] data Command data.
2314 */
2315 static void
help_data_reset(help_data_t * data)2316 help_data_reset (help_data_t *data)
2317 {
2318 free (data->format);
2319 free (data->type);
2320
2321 memset (data, 0, sizeof (help_data_t));
2322 }
2323
2324 /**
2325 * @brief Command data for the modify_alert command.
2326 */
2327 typedef struct
2328 {
2329 char *alert_id; ///< alert UUID.
2330 char *name; ///< Name of alert.
2331 char *comment; ///< Comment.
2332 char *event; ///< Event that will cause alert.
2333 array_t *event_data; ///< Array of pointers. Extra data for event.
2334 char *filter_id; ///< UUID of filter.
2335 char *active; ///< Boolean. Whether alert is active.
2336 char *condition; ///< Condition for alert, e.g. "Always".
2337 array_t *condition_data; ///< Array of pointers. Extra data for condition.
2338 char *method; ///< Method of alert, e.g. "Email".
2339 array_t *method_data; ///< Array of pointer. Extra data for method.
2340 char *part_data; ///< Second part of data during *_data: value.
2341 char *part_name; ///< First part of data during *_data: name.
2342 } modify_alert_data_t;
2343
2344 /**
2345 * @brief Reset command data.
2346 *
2347 * @param[in] data Command data.
2348 */
2349 static void
modify_alert_data_reset(modify_alert_data_t * data)2350 modify_alert_data_reset (modify_alert_data_t *data)
2351 {
2352 free (data->alert_id);
2353 free (data->name);
2354 free (data->comment);
2355 free (data->filter_id);
2356 free (data->active);
2357 free (data->event);
2358 array_free (data->event_data);
2359 free (data->condition);
2360 array_free (data->condition_data);
2361 free (data->method);
2362 array_free (data->method_data);
2363
2364 memset (data, 0, sizeof (modify_alert_data_t));
2365 }
2366
2367 /**
2368 * @brief Command data for the modify_asset command.
2369 */
2370 typedef struct
2371 {
2372 char *comment; ///< Comment.
2373 char *asset_id; ///< asset UUID.
2374 } modify_asset_data_t;
2375
2376 /**
2377 * @brief Reset command data.
2378 *
2379 * @param[in] data Command data.
2380 */
2381 static void
modify_asset_data_reset(modify_asset_data_t * data)2382 modify_asset_data_reset (modify_asset_data_t *data)
2383 {
2384 free (data->comment);
2385 free (data->asset_id);
2386
2387 memset (data, 0, sizeof (modify_asset_data_t));
2388 }
2389
2390 /**
2391 * @brief Authentication method settings.
2392 */
2393 typedef struct
2394 {
2395 gchar *group_name; ///< Name of the current group
2396 GSList *settings; ///< List of auth_conf_setting_t.
2397 } auth_group_t;
2398
2399 /**
2400 * @brief Command data for the modify_auth command.
2401 */
2402 typedef struct
2403 {
2404 gchar *key; ///< Key for current auth_conf_setting.
2405 gchar *value; ///< Value for current auth_conf_setting.
2406 GSList *groups; ///< List of auth_group_t
2407 GSList *curr_group_settings; ///< Settings of currently parsed group.
2408 } modify_auth_data_t;
2409
2410 /**
2411 * @brief Reset command data.
2412 *
2413 * @param[in] data Command data.
2414 */
2415 static void
modify_auth_data_reset(modify_auth_data_t * data)2416 modify_auth_data_reset (modify_auth_data_t * data)
2417 {
2418 GSList *item, *subitem;
2419
2420 g_free (data->key);
2421 g_free (data->value);
2422
2423 item = data->groups;
2424 subitem = NULL;
2425 while (item)
2426 {
2427 auth_group_t *group = (auth_group_t *) item->data;
2428 g_free (group->group_name);
2429 /* Free settings. */
2430 subitem = group->settings;
2431 while (subitem)
2432 {
2433 auth_conf_setting_t *kvp = (auth_conf_setting_t *) subitem->data;
2434 g_free (kvp->key);
2435 g_free (kvp->value);
2436 g_free (kvp);
2437 subitem = g_slist_next (subitem);
2438 }
2439 item = g_slist_next (item);
2440 }
2441 g_slist_free (data->groups);
2442
2443 if (data->curr_group_settings)
2444 {
2445 item = data->curr_group_settings;
2446 while (item)
2447 {
2448 /* Free settings. */
2449 auth_conf_setting_t *kvp = (auth_conf_setting_t *) item->data;
2450 g_free (kvp->key);
2451 g_free (kvp->value);
2452 g_free (kvp);
2453 item = g_slist_next (item);
2454 }
2455 g_slist_free (data->curr_group_settings);
2456 }
2457 memset (data, 0, sizeof (modify_auth_data_t));
2458 }
2459
2460 /**
2461 * @brief Command data for the modify_credential command.
2462 */
2463 typedef struct
2464 {
2465 char *allow_insecure; ///< Whether to allow insecure use.
2466 char *auth_algorithm; ///< SNMP Authentication algorithm.
2467 char *certificate; ///< Certificate.
2468 char *comment; ///< Comment.
2469 char *community; ///< SNMP Community string.
2470 char *credential_id; ///< ID of credential to modify.
2471 int key; ///< Whether the command included a key element.
2472 char *key_phrase; ///< Passphrase for key.
2473 char *key_private; ///< Private key from key.
2474 char *key_public; ///< Public key from key.
2475 char *login; ///< Login name.
2476 char *name; ///< Name.
2477 char *password; ///< Password associated with login name.
2478 char *privacy_algorithm; ///< SNMP Privacy algorithm.
2479 char *privacy_password; ///< SNMP Privacy password.
2480 } modify_credential_data_t;
2481
2482 /**
2483 * @brief Reset command data.
2484 *
2485 * @param[in] data Command data.
2486 */
2487 static void
modify_credential_data_reset(modify_credential_data_t * data)2488 modify_credential_data_reset (modify_credential_data_t *data)
2489 {
2490 free (data->allow_insecure);
2491 free (data->auth_algorithm);
2492 free (data->certificate);
2493 free (data->comment);
2494 free (data->community);
2495 free (data->credential_id);
2496 free (data->key_phrase);
2497 free (data->key_private);
2498 free (data->key_public);
2499 free (data->login);
2500 free (data->name);
2501 free (data->password);
2502 free (data->privacy_algorithm);
2503 free (data->privacy_password);
2504
2505 memset (data, 0, sizeof (modify_credential_data_t));
2506 }
2507
2508 /**
2509 * @brief Command data for the modify_filter command.
2510 */
2511 typedef struct
2512 {
2513 char *comment; ///< Comment.
2514 char *name; ///< Name of filter.
2515 char *filter_id; ///< Filter UUID.
2516 char *term; ///< Term for filter.
2517 char *type; ///< Type of filter.
2518 } modify_filter_data_t;
2519
2520 /**
2521 * @brief Reset command data.
2522 *
2523 * @param[in] data Command data.
2524 */
2525 static void
modify_filter_data_reset(modify_filter_data_t * data)2526 modify_filter_data_reset (modify_filter_data_t *data)
2527 {
2528 free (data->comment);
2529 free (data->name);
2530 free (data->filter_id);
2531 free (data->term);
2532 free (data->type);
2533
2534 memset (data, 0, sizeof (modify_filter_data_t));
2535 }
2536
2537 /**
2538 * @brief Command data for the modify_group command.
2539 */
2540 typedef struct
2541 {
2542 char *comment; ///< Comment.
2543 char *name; ///< Name of group.
2544 char *group_id; ///< Group UUID.
2545 char *users; ///< Users for group.
2546 } modify_group_data_t;
2547
2548 /**
2549 * @brief Reset command data.
2550 *
2551 * @param[in] data Command data.
2552 */
2553 static void
modify_group_data_reset(modify_group_data_t * data)2554 modify_group_data_reset (modify_group_data_t *data)
2555 {
2556 free (data->comment);
2557 free (data->name);
2558 free (data->group_id);
2559 free (data->users);
2560
2561 memset (data, 0, sizeof (modify_group_data_t));
2562 }
2563
2564 /**
2565 * @brief Command data for the modify_permission command.
2566 */
2567 typedef struct
2568 {
2569 char *comment; ///< Comment.
2570 char *name; ///< Name of permission.
2571 char *permission_id; ///< Permission UUID.
2572 char *resource_id; ///< Resource.
2573 char *resource_type; ///< Resource type, for Super permissions.
2574 char *subject_type; ///< Subject type.
2575 char *subject_id; ///< Subject UUID.
2576 } modify_permission_data_t;
2577
2578 /**
2579 * @brief Reset command data.
2580 *
2581 * @param[in] data Command data.
2582 */
2583 static void
modify_permission_data_reset(modify_permission_data_t * data)2584 modify_permission_data_reset (modify_permission_data_t *data)
2585 {
2586 free (data->comment);
2587 free (data->name);
2588 free (data->resource_id);
2589 free (data->resource_type);
2590 free (data->permission_id);
2591 free (data->subject_type);
2592 free (data->subject_id);
2593
2594 memset (data, 0, sizeof (modify_permission_data_t));
2595 }
2596
2597 /**
2598 * @brief Command data for the modify_port_list command.
2599 */
2600 typedef struct
2601 {
2602 char *comment; ///< Comment.
2603 char *name; ///< Name of Port List.
2604 char *port_list_id; ///< UUID of Port List.
2605 } modify_port_list_data_t;
2606
2607 /**
2608 * @brief Reset command data.
2609 *
2610 * @param[in] data Command data.
2611 */
2612 static void
modify_port_list_data_reset(modify_port_list_data_t * data)2613 modify_port_list_data_reset (modify_port_list_data_t *data)
2614 {
2615 free (data->comment);
2616 free (data->name);
2617 free (data->port_list_id);
2618
2619 memset (data, 0, sizeof (modify_port_list_data_t));
2620 }
2621
2622 /**
2623 * @brief Command data for the modify_report_format command.
2624 */
2625 typedef struct
2626 {
2627 char *active; ///< Boolean. Whether report format is active.
2628 char *name; ///< Name.
2629 char *param_name; ///< Param name.
2630 char *param_value; ///< Param value.
2631 char *report_format_id; ///< ID of report format to modify.
2632 char *summary; ///< Summary.
2633 } modify_report_format_data_t;
2634
2635 /**
2636 * @brief Reset command data.
2637 *
2638 * @param[in] data Command data.
2639 */
2640 static void
modify_report_format_data_reset(modify_report_format_data_t * data)2641 modify_report_format_data_reset (modify_report_format_data_t *data)
2642 {
2643 free (data->active);
2644 free (data->name);
2645 free (data->param_name);
2646 free (data->param_value);
2647 free (data->report_format_id);
2648 free (data->summary);
2649
2650 memset (data, 0, sizeof (modify_report_format_data_t));
2651 }
2652
2653 /**
2654 * @brief Command data for the modify_role command.
2655 */
2656 typedef struct
2657 {
2658 char *comment; ///< Comment.
2659 char *name; ///< Name of role.
2660 char *role_id; ///< Role UUID.
2661 char *users; ///< Users for role.
2662 } modify_role_data_t;
2663
2664 /**
2665 * @brief Reset command data.
2666 *
2667 * @param[in] data Command data.
2668 */
2669 static void
modify_role_data_reset(modify_role_data_t * data)2670 modify_role_data_reset (modify_role_data_t *data)
2671 {
2672 free (data->comment);
2673 free (data->name);
2674 free (data->role_id);
2675 free (data->users);
2676
2677 memset (data, 0, sizeof (modify_role_data_t));
2678 }
2679
2680 /**
2681 * @brief Command data for the modify_scanner command.
2682 */
2683 typedef struct
2684 {
2685 char *comment; ///< Comment.
2686 char *name; ///< Name of scanner.
2687 char *host; ///< Host of scanner.
2688 char *port; ///< Port of scanner.
2689 char *type; ///< Type of scanner.
2690 char *scanner_id; ///< scanner UUID.
2691 char *ca_pub; ///< CA Certificate of scanner.
2692 char *credential_id; ///< UUID of credential of scanner.
2693 } modify_scanner_data_t;
2694
2695 /**
2696 * @brief Reset command data.
2697 *
2698 * @param[in] data Command data.
2699 */
2700 static void
modify_scanner_data_reset(modify_scanner_data_t * data)2701 modify_scanner_data_reset (modify_scanner_data_t *data)
2702 {
2703 g_free (data->comment);
2704 g_free (data->name);
2705 g_free (data->host);
2706 g_free (data->port);
2707 g_free (data->type);
2708 g_free (data->scanner_id);
2709 free (data->ca_pub);
2710 free (data->credential_id);
2711
2712 memset (data, 0, sizeof (modify_scanner_data_t));
2713 }
2714
2715 /**
2716 * @brief Command data for the modify_schedule command.
2717 */
2718 typedef struct
2719 {
2720 char *comment; ///< Comment.
2721 char *name; ///< Name of schedule.
2722 char *schedule_id; ///< Schedule UUID.
2723 char *timezone; ///< Timezone.
2724 char *icalendar; ///< iCalendar string.
2725 } modify_schedule_data_t;
2726
2727 /**
2728 * @brief Reset command data.
2729 *
2730 * @param[in] data Command data.
2731 */
2732 static void
modify_schedule_data_reset(modify_schedule_data_t * data)2733 modify_schedule_data_reset (modify_schedule_data_t *data)
2734 {
2735 free (data->comment);
2736 free (data->name);
2737 free (data->schedule_id);
2738 free (data->timezone);
2739 free (data->icalendar);
2740
2741 memset (data, 0, sizeof (modify_schedule_data_t));
2742 }
2743
2744 /**
2745 * @brief Command data for the modify_tag command.
2746 */
2747 typedef struct
2748 {
2749 char *tag_id; ///< UUID of the tag.
2750 char *active; ///< Whether the tag is active.
2751 array_t *resource_ids; ///< IDs of the resource to which to attach the tag.
2752 char *resource_type; ///< Type of the resource to which to attach the tag.
2753 char *resources_action; ///< Resources edit action, e.g. "remove" or "add".
2754 char *resources_filter; ///< Filter used to select resources.
2755 char *comment; ///< Comment to add to the tag.
2756 char *name; ///< Name of the tag.
2757 char *value; ///< Value of the tag.
2758 int resource_count; ///< Number of attach tags.
2759 } modify_tag_data_t;
2760
2761 /**
2762 * @brief Reset command data.
2763 *
2764 * @param[in] data Command data.
2765 */
2766 static void
modify_tag_data_reset(modify_tag_data_t * data)2767 modify_tag_data_reset (modify_tag_data_t *data)
2768 {
2769 free (data->tag_id);
2770 free (data->active);
2771 array_free (data->resource_ids);
2772 free (data->resource_type);
2773 free (data->resources_action);
2774 free (data->resources_filter);
2775 free (data->comment);
2776 free (data->name);
2777 free (data->value);
2778
2779 memset (data, 0, sizeof (modify_tag_data_t));
2780 }
2781
2782 /**
2783 * @brief Command data for the modify_setting command.
2784 */
2785 typedef struct
2786 {
2787 char *name; ///< Name.
2788 char *setting_id; ///< Setting.
2789 char *value; ///< Value.
2790 } modify_setting_data_t;
2791
2792 /**
2793 * @brief Reset command data.
2794 *
2795 * @param[in] data Command data.
2796 */
2797 static void
modify_setting_data_reset(modify_setting_data_t * data)2798 modify_setting_data_reset (modify_setting_data_t *data)
2799 {
2800 free (data->name);
2801 free (data->setting_id);
2802 free (data->value);
2803
2804 memset (data, 0, sizeof (modify_setting_data_t));
2805 }
2806
2807 /**
2808 * @brief Command data for the modify_target command.
2809 */
2810 typedef struct
2811 {
2812 char *alive_tests; ///< Alive tests.
2813 char *allow_simultaneous_ips; ///< Boolean. Whether to scan multiple IPs of a host simultaneously.
2814 char *comment; ///< Comment.
2815 char *exclude_hosts; ///< Hosts to exclude from set.
2816 char *reverse_lookup_only; ///< Boolean. Whether to consider only hosts that reverse lookup.
2817 char *reverse_lookup_unify; ///< Boolean. Whether to unify based on reverse lookup.
2818 char *hosts; ///< Hosts for target.
2819 char *name; ///< Name of target.
2820 char *port_list_id; ///< Port list for target.
2821 char *ssh_credential_id; ///< SSH credential for target.
2822 char *ssh_lsc_credential_id; ///< SSH credential for target (deprecated).
2823 char *ssh_elevate_credential_id; ///< SSH credential for target (deprecated).
2824 char *ssh_port; ///< Port for SSH.
2825 char *ssh_lsc_port; ///< Port for SSH (deprecated).
2826 char *smb_credential_id; ///< SMB credential for target.
2827 char *smb_lsc_credential_id; ///< SMB credential for target (deprecated).
2828 char *esxi_credential_id; ///< ESXi credential for target.
2829 char *esxi_lsc_credential_id; ///< ESXi credential for target (deprecated).
2830 char *snmp_credential_id; ///< SNMP credential for target.
2831 char *target_id; ///< Target UUID.
2832 } modify_target_data_t;
2833
2834 /**
2835 * @brief Reset command data.
2836 *
2837 * @param[in] data Command data.
2838 */
2839 static void
modify_target_data_reset(modify_target_data_t * data)2840 modify_target_data_reset (modify_target_data_t *data)
2841 {
2842 free (data->alive_tests);
2843 free (data->allow_simultaneous_ips);
2844 free (data->exclude_hosts);
2845 free (data->reverse_lookup_only);
2846 free (data->reverse_lookup_unify);
2847 free (data->comment);
2848 free (data->hosts);
2849 free (data->name);
2850 free (data->port_list_id);
2851 free (data->ssh_credential_id);
2852 free (data->ssh_lsc_credential_id);
2853 free (data->ssh_elevate_credential_id);
2854 free (data->ssh_port);
2855 free (data->ssh_lsc_port);
2856 free (data->smb_credential_id);
2857 free (data->smb_lsc_credential_id);
2858 free (data->esxi_credential_id);
2859 free (data->esxi_lsc_credential_id);
2860 free (data->snmp_credential_id);
2861 free (data->target_id);
2862
2863 memset (data, 0, sizeof (modify_target_data_t));
2864 }
2865
2866 /**
2867 * @brief Command data for the modify_task command.
2868 */
2869 typedef struct
2870 {
2871 char *action; ///< What to do to file: "update" or "remove".
2872 char *alterable; ///< Boolean. Whether the task is alterable.
2873 char *comment; ///< Comment.
2874 char *hosts_ordering; ///< Order for scanning of target hosts.
2875 char *scanner_id; ///< ID of new scanner for task.
2876 char *config_id; ///< ID of new config for task.
2877 array_t *alerts; ///< IDs of new alerts for task.
2878 char *file; ///< File to attach to task.
2879 char *file_name; ///< Name of file to attach to task.
2880 array_t *groups; ///< IDs of new groups for task.
2881 char *name; ///< New name for task.
2882 char *observers; ///< Space separated list of observer user names.
2883 name_value_t *preference; ///< Current preference.
2884 array_t *preferences; ///< Preferences.
2885 char *schedule_id; ///< ID of new schedule for task.
2886 char *schedule_periods; ///< Number of periods the schedule must run for.
2887 char *target_id; ///< ID of new target for task.
2888 char *task_id; ///< ID of task to modify.
2889 } modify_task_data_t;
2890
2891 /**
2892 * @brief Reset command data.
2893 *
2894 * @param[in] data Command data.
2895 */
2896 static void
modify_task_data_reset(modify_task_data_t * data)2897 modify_task_data_reset (modify_task_data_t *data)
2898 {
2899 free (data->action);
2900 free (data->alterable);
2901 array_free (data->alerts);
2902 array_free (data->groups);
2903 free (data->comment);
2904 free (data->hosts_ordering);
2905 free (data->scanner_id);
2906 free (data->config_id);
2907 free (data->file);
2908 free (data->file_name);
2909 free (data->name);
2910 free (data->observers);
2911 if (data->preferences)
2912 {
2913 guint index = data->preferences->len;
2914 while (index--)
2915 {
2916 name_value_t *pair;
2917 pair = (name_value_t*) g_ptr_array_index (data->preferences, index);
2918 if (pair)
2919 {
2920 g_free (pair->name);
2921 g_free (pair->value);
2922 }
2923 }
2924 }
2925 array_free (data->preferences);
2926 free (data->schedule_id);
2927 free (data->schedule_periods);
2928 free (data->target_id);
2929 free (data->task_id);
2930
2931 memset (data, 0, sizeof (modify_task_data_t));
2932 }
2933
2934 /**
2935 * @brief Command data for the modify_note command.
2936 */
2937 typedef struct
2938 {
2939 char *active; ///< Whether the note is active.
2940 char *hosts; ///< Hosts to which to limit override.
2941 char *note_id; ///< ID of note to modify.
2942 char *nvt_oid; ///< NVT to which to limit override.
2943 char *port; ///< Port to which to limit override.
2944 char *result_id; ///< ID of result to which to limit override.
2945 char *severity; ///< Severity score to which to limit note.
2946 char *task_id; ///< ID of task to which to limit override.
2947 char *text; ///< Text of override.
2948 char *threat; ///< Threat to which to limit override.
2949 } modify_note_data_t;
2950
2951 /**
2952 * @brief Reset command data.
2953 *
2954 * @param[in] data Command data.
2955 */
2956 static void
modify_note_data_reset(modify_note_data_t * data)2957 modify_note_data_reset (modify_note_data_t *data)
2958 {
2959 free (data->active);
2960 free (data->hosts);
2961 free (data->note_id);
2962 free (data->nvt_oid);
2963 free (data->port);
2964 free (data->result_id);
2965 free (data->severity);
2966 free (data->task_id);
2967 free (data->text);
2968 free (data->threat);
2969
2970 memset (data, 0, sizeof (modify_note_data_t));
2971 }
2972
2973 /**
2974 * @brief Command data for the modify_override command.
2975 */
2976 typedef struct
2977 {
2978 char *active; ///< Whether the override is active.
2979 char *hosts; ///< Hosts to which to limit override.
2980 char *new_severity; ///< New severity score of overridden results.
2981 char *new_threat; ///< New threat value of overridden results.
2982 char *nvt_oid; ///< NVT to which to limit override.
2983 char *override_id; ///< ID of override to modify.
2984 char *port; ///< Port to which to limit override.
2985 char *result_id; ///< ID of result to which to limit override.
2986 char *severity; ///< Severity score of results to override.
2987 char *task_id; ///< ID of task to which to limit override.
2988 char *text; ///< Text of override.
2989 char *threat; ///< Threat to which to limit override.
2990 } modify_override_data_t;
2991
2992 /**
2993 * @brief Reset command data.
2994 *
2995 * @param[in] data Command data.
2996 */
2997 static void
modify_override_data_reset(modify_override_data_t * data)2998 modify_override_data_reset (modify_override_data_t *data)
2999 {
3000 free (data->active);
3001 free (data->hosts);
3002 free (data->new_severity);
3003 free (data->new_threat);
3004 free (data->nvt_oid);
3005 free (data->override_id);
3006 free (data->port);
3007 free (data->result_id);
3008 free (data->severity);
3009 free (data->task_id);
3010 free (data->text);
3011 free (data->threat);
3012
3013 memset (data, 0, sizeof (modify_override_data_t));
3014 }
3015
3016 /**
3017 * @brief Command data for the modify_user command.
3018 */
3019 typedef struct
3020 {
3021 array_t *groups; ///< IDs of groups.
3022 gchar *hosts; ///< Hosts.
3023 int hosts_allow; ///< Whether hosts are allowed.
3024 char *ifaces; ///< Interfaces.
3025 int ifaces_allow; ///< Whether interfaces are allowed.
3026 gboolean modify_password; ///< Whether to modify password.
3027 gchar *name; ///< User name.
3028 gchar *new_name; ///< New user name.
3029 gchar *password; ///< Password.
3030 gchar *comment; ///< Comment.
3031 array_t *roles; ///< IDs of roles.
3032 array_t *sources; ///< Sources.
3033 gchar *current_source; ///< Current source, for collecting sources.
3034 gchar *user_id; ///< ID of user.
3035 } modify_user_data_t;
3036
3037 /**
3038 * @brief Reset command data.
3039 *
3040 * @param[in] data Command data.
3041 */
3042 static void
modify_user_data_reset(modify_user_data_t * data)3043 modify_user_data_reset (modify_user_data_t * data)
3044 {
3045 array_free (data->groups);
3046 g_free (data->name);
3047 g_free (data->new_name);
3048 g_free (data->user_id);
3049 g_free (data->password);
3050 g_free (data->comment);
3051 g_free (data->hosts);
3052 g_free (data->ifaces);
3053 array_free (data->roles);
3054 if (data->sources)
3055 {
3056 array_free (data->sources);
3057 }
3058 g_free (data->current_source);
3059 memset (data, 0, sizeof (modify_user_data_t));
3060 }
3061
3062 /**
3063 * @brief Command data for the move_task command.
3064 */
3065 typedef struct
3066 {
3067 gchar *task_id; ///< ID of the task to move.
3068 gchar *slave_id; ///< ID of the slave to move to.
3069 } move_task_data_t;
3070
3071 /**
3072 * @brief Reset command data.
3073 *
3074 * @param[in] data Command data.
3075 */
3076 static void
move_task_data_reset(move_task_data_t * data)3077 move_task_data_reset (move_task_data_t *data)
3078 {
3079 g_free (data->task_id);
3080 g_free (data->slave_id);
3081
3082 memset (data, 0, sizeof (move_task_data_t));
3083 }
3084
3085 /**
3086 * @brief Command data for the restore command.
3087 */
3088 typedef struct
3089 {
3090 char *id; ///< ID of resource to restore.
3091 } restore_data_t;
3092
3093 /**
3094 * @brief Reset command data.
3095 *
3096 * @param[in] data Command data.
3097 */
3098 static void
restore_data_reset(restore_data_t * data)3099 restore_data_reset (restore_data_t *data)
3100 {
3101 free (data->id);
3102
3103 memset (data, 0, sizeof (restore_data_t));
3104 }
3105
3106 /**
3107 * @brief Command data for the resume_task command.
3108 */
3109 typedef struct
3110 {
3111 char *task_id; ///< ID of task to resume.
3112 } resume_task_data_t;
3113
3114 /**
3115 * @brief Reset command data.
3116 *
3117 * @param[in] data Command data.
3118 */
3119 static void
resume_task_data_reset(resume_task_data_t * data)3120 resume_task_data_reset (resume_task_data_t *data)
3121 {
3122 free (data->task_id);
3123
3124 memset (data, 0, sizeof (resume_task_data_t));
3125 }
3126
3127 /**
3128 * @brief Command data for the start_task command.
3129 */
3130 typedef struct
3131 {
3132 char *task_id; ///< ID of task to start.
3133 } start_task_data_t;
3134
3135 /**
3136 * @brief Reset command data.
3137 *
3138 * @param[in] data Command data.
3139 */
3140 static void
start_task_data_reset(start_task_data_t * data)3141 start_task_data_reset (start_task_data_t *data)
3142 {
3143 free (data->task_id);
3144
3145 memset (data, 0, sizeof (start_task_data_t));
3146 }
3147
3148 /**
3149 * @brief Command data for the stop_task command.
3150 */
3151 typedef struct
3152 {
3153 char *task_id; ///< ID of task to stop.
3154 } stop_task_data_t;
3155
3156 /**
3157 * @brief Reset command data.
3158 *
3159 * @param[in] data Command data.
3160 */
3161 static void
stop_task_data_reset(stop_task_data_t * data)3162 stop_task_data_reset (stop_task_data_t *data)
3163 {
3164 free (data->task_id);
3165
3166 memset (data, 0, sizeof (stop_task_data_t));
3167 }
3168
3169 /**
3170 * @brief Command data for the sync_config command.
3171 */
3172 typedef struct
3173 {
3174 char *config_id; ///< Config UUID.
3175 } sync_config_data_t;
3176
3177 /**
3178 * @brief Reset command data.
3179 *
3180 * @param[in] data Command data.
3181 */
3182 static void
sync_config_data_reset(sync_config_data_t * data)3183 sync_config_data_reset (sync_config_data_t *data)
3184 {
3185 g_free (data->config_id);
3186
3187 memset (data, 0, sizeof (sync_config_data_t));
3188 }
3189
3190 /**
3191 * @brief Command data for the test_alert command.
3192 */
3193 typedef struct
3194 {
3195 char *alert_id; ///< ID of alert to test.
3196 } test_alert_data_t;
3197
3198 /**
3199 * @brief Reset command data.
3200 *
3201 * @param[in] data Command data.
3202 */
3203 static void
test_alert_data_reset(test_alert_data_t * data)3204 test_alert_data_reset (test_alert_data_t *data)
3205 {
3206 free (data->alert_id);
3207
3208 memset (data, 0, sizeof (test_alert_data_t));
3209 }
3210
3211 /**
3212 * @brief Command data for the verify_report_format command.
3213 */
3214 typedef struct
3215 {
3216 char *report_format_id; ///< ID of report format to verify.
3217 } verify_report_format_data_t;
3218
3219 /**
3220 * @brief Reset command data.
3221 *
3222 * @param[in] data Command data.
3223 */
3224 static void
verify_report_format_data_reset(verify_report_format_data_t * data)3225 verify_report_format_data_reset (verify_report_format_data_t *data)
3226 {
3227 free (data->report_format_id);
3228
3229 memset (data, 0, sizeof (verify_report_format_data_t));
3230 }
3231
3232 /**
3233 * @brief Command data for the verify_scanner command.
3234 */
3235 typedef struct
3236 {
3237 char *scanner_id; ///< ID of scanner to verify.
3238 } verify_scanner_data_t;
3239
3240 /**
3241 * @brief Reset command data.
3242 *
3243 * @param[in] data Command data.
3244 */
3245 static void
verify_scanner_data_reset(verify_scanner_data_t * data)3246 verify_scanner_data_reset (verify_scanner_data_t *data)
3247 {
3248 g_free (data->scanner_id);
3249
3250 memset (data, 0, sizeof (verify_scanner_data_t));
3251 }
3252
3253 /**
3254 * @brief Command data for the wizard command.
3255 */
3256 typedef struct
3257 {
3258 char *mode; ///< Mode to run the wizard in.
3259 char *name; ///< Name of the wizard.
3260 name_value_t *param; ///< Current param.
3261 array_t *params; ///< Parameters.
3262 char *read_only; ///< Read only flag.
3263 } run_wizard_data_t;
3264
3265 /**
3266 * @brief Reset command data.
3267 *
3268 * @param[in] data Command data.
3269 */
3270 static void
run_wizard_data_reset(run_wizard_data_t * data)3271 run_wizard_data_reset (run_wizard_data_t *data)
3272 {
3273 free (data->mode);
3274 free (data->name);
3275 free (data->read_only);
3276 if (data->params)
3277 {
3278 guint index = data->params->len;
3279 while (index--)
3280 {
3281 name_value_t *pair;
3282 pair = (name_value_t*) g_ptr_array_index (data->params, index);
3283 if (pair)
3284 {
3285 g_free (pair->name);
3286 g_free (pair->value);
3287 }
3288 }
3289 }
3290 array_free (data->params);
3291
3292 memset (data, 0, sizeof (run_wizard_data_t));
3293 }
3294
3295 /**
3296 * @brief Command data, as passed between GMP parser callbacks.
3297 */
3298 typedef union
3299 {
3300 create_asset_data_t create_asset; ///< create_asset
3301 create_alert_data_t create_alert; ///< create_alert
3302 create_credential_data_t create_credential; ///< create_credential
3303 create_filter_data_t create_filter; ///< create_filter
3304 create_group_data_t create_group; ///< create_group
3305 create_note_data_t create_note; ///< create_note
3306 create_override_data_t create_override; ///< create_override
3307 create_permission_data_t create_permission; ///< create_permission
3308 create_port_range_data_t create_port_range; ///< create_port_range
3309 create_report_data_t create_report; ///< create_report
3310 create_role_data_t create_role; ///< create_role
3311 create_scanner_data_t create_scanner; ///< create_scanner
3312 create_schedule_data_t create_schedule; ///< create_schedule
3313 create_tag_data_t create_tag; ///< create_tag
3314 create_target_data_t create_target; ///< create_target
3315 create_task_data_t create_task; ///< create_task
3316 create_user_data_t create_user; ///< create_user
3317 delete_asset_data_t delete_asset; ///< delete_asset
3318 delete_credential_data_t delete_credential; ///< delete_credential
3319 delete_config_data_t delete_config; ///< delete_config
3320 delete_alert_data_t delete_alert; ///< delete_alert
3321 delete_filter_data_t delete_filter; ///< delete_filter
3322 delete_group_data_t delete_group; ///< delete_group
3323 delete_note_data_t delete_note; ///< delete_note
3324 delete_override_data_t delete_override; ///< delete_override
3325 delete_permission_data_t delete_permission; ///< delete_permission
3326 delete_port_list_data_t delete_port_list; ///< delete_port_list
3327 delete_port_range_data_t delete_port_range; ///< delete_port_range
3328 delete_report_data_t delete_report; ///< delete_report
3329 delete_report_format_data_t delete_report_format; ///< delete_report_format
3330 delete_role_data_t delete_role; ///< delete_role
3331 delete_scanner_data_t delete_scanner; ///< delete_scanner
3332 delete_schedule_data_t delete_schedule; ///< delete_schedule
3333 delete_tag_data_t delete_tag; ///< delete_tag
3334 delete_target_data_t delete_target; ///< delete_target
3335 delete_task_data_t delete_task; ///< delete_task
3336 delete_user_data_t delete_user; ///< delete_user
3337 get_aggregates_data_t get_aggregates; ///< get_aggregates
3338 get_configs_data_t get_configs; ///< get_configs
3339 get_alerts_data_t get_alerts; ///< get_alerts
3340 get_assets_data_t get_assets; ///< get_assets
3341 get_credentials_data_t get_credentials; ///< get_credentials
3342 get_feeds_data_t get_feeds; ///< get_feeds
3343 get_filters_data_t get_filters; ///< get_filters
3344 get_groups_data_t get_groups; ///< get_groups
3345 get_info_data_t get_info; ///< get_info
3346 get_notes_data_t get_notes; ///< get_notes
3347 get_nvts_data_t get_nvts; ///< get_nvts
3348 get_nvt_families_data_t get_nvt_families; ///< get_nvt_families
3349 get_overrides_data_t get_overrides; ///< get_overrides
3350 get_permissions_data_t get_permissions; ///< get_permissions
3351 get_port_lists_data_t get_port_lists; ///< get_port_lists
3352 get_preferences_data_t get_preferences; ///< get_preferences
3353 get_reports_data_t get_reports; ///< get_reports
3354 get_report_formats_data_t get_report_formats; ///< get_report_formats
3355 get_results_data_t get_results; ///< get_results
3356 get_roles_data_t get_roles; ///< get_roles
3357 get_schedules_data_t get_schedules; ///< get_schedules
3358 get_scanners_data_t get_scanners; ///< get_scanners
3359 get_settings_data_t get_settings; ///< get_settings
3360 get_system_reports_data_t get_system_reports; ///< get_system_reports
3361 get_tags_data_t get_tags; ///< get_tags
3362 get_targets_data_t get_targets; ///< get_targets
3363 get_tasks_data_t get_tasks; ///< get_tasks
3364 get_users_data_t get_users; ///< get_users
3365 get_vulns_data_t get_vulns; ///< get_vulns
3366 help_data_t help; ///< help
3367 modify_alert_data_t modify_alert; ///< modify_alert
3368 modify_asset_data_t modify_asset; ///< modify_asset
3369 modify_auth_data_t modify_auth; ///< modify_auth
3370 modify_config_data_t modify_config; ///< modify_config
3371 modify_credential_data_t modify_credential; ///< modify_credential
3372 modify_filter_data_t modify_filter; ///< modify_filter
3373 modify_group_data_t modify_group; ///< modify_group
3374 modify_permission_data_t modify_permission; ///< modify_permission
3375 modify_port_list_data_t modify_port_list; ///< modify_port_list
3376 modify_report_format_data_t modify_report_format; ///< modify_report_format
3377 modify_role_data_t modify_role; ///< modify_role
3378 modify_scanner_data_t modify_scanner; ///< modify_scanner
3379 modify_schedule_data_t modify_schedule; ///< modify_schedule
3380 modify_setting_data_t modify_setting; ///< modify_setting
3381 modify_tag_data_t modify_tag; ///< modify_tag
3382 modify_target_data_t modify_target; ///< modify_target
3383 modify_task_data_t modify_task; ///< modify_task
3384 modify_user_data_t modify_user; ///< modify_user
3385 move_task_data_t move_task; ///< move_task
3386 restore_data_t restore; ///< restore
3387 resume_task_data_t resume_task; ///< resume_task
3388 start_task_data_t start_task; ///< start_task
3389 stop_task_data_t stop_task; ///< stop_task
3390 sync_config_data_t sync_config; ///< sync_config
3391 test_alert_data_t test_alert; ///< test_alert
3392 verify_report_format_data_t verify_report_format; ///< verify_report_format
3393 verify_scanner_data_t verify_scanner; ///< verify_scanner
3394 run_wizard_data_t wizard; ///< run_wizard
3395 } command_data_t;
3396
3397 /**
3398 * @brief Initialise command data.
3399 *
3400 * @param[in] data Command data.
3401 */
3402 static void
command_data_init(command_data_t * data)3403 command_data_init (command_data_t *data)
3404 {
3405 memset (data, 0, sizeof (command_data_t));
3406 }
3407
3408
3409 /* Global variables. */
3410
3411 /**
3412 * @brief Parser callback data.
3413 */
3414 static command_data_t command_data;
3415
3416 /**
3417 * @brief Parser callback data for CREATE_ASSET.
3418 */
3419 static create_asset_data_t *create_asset_data
3420 = (create_asset_data_t*) &(command_data.create_asset);
3421
3422 /**
3423 * @brief Parser callback data for CREATE_ALERT.
3424 */
3425 static create_alert_data_t *create_alert_data
3426 = (create_alert_data_t*) &(command_data.create_alert);
3427
3428 /**
3429 * @brief Parser callback data for CREATE_CREDENTIAL.
3430 */
3431 static create_credential_data_t *create_credential_data
3432 = (create_credential_data_t*) &(command_data.create_credential);
3433
3434 /**
3435 * @brief Parser callback data for CREATE_FILTER.
3436 */
3437 static create_filter_data_t *create_filter_data
3438 = (create_filter_data_t*) &(command_data.create_filter);
3439
3440 /**
3441 * @brief Parser callback data for CREATE_GROUP.
3442 */
3443 static create_group_data_t *create_group_data
3444 = (create_group_data_t*) &(command_data.create_group);
3445
3446 /**
3447 * @brief Parser callback data for CREATE_NOTE.
3448 */
3449 static create_note_data_t *create_note_data
3450 = (create_note_data_t*) &(command_data.create_note);
3451
3452 /**
3453 * @brief Parser callback data for CREATE_OVERRIDE.
3454 */
3455 static create_override_data_t *create_override_data
3456 = (create_override_data_t*) &(command_data.create_override);
3457
3458 /**
3459 * @brief Parser callback data for CREATE_PERMISSION.
3460 */
3461 static create_permission_data_t *create_permission_data
3462 = (create_permission_data_t*) &(command_data.create_permission);
3463
3464 /**
3465 * @brief Parser callback data for CREATE_PORT_RANGE.
3466 */
3467 static create_port_range_data_t *create_port_range_data
3468 = (create_port_range_data_t*) &(command_data.create_port_range);
3469
3470 /**
3471 * @brief Parser callback data for CREATE_ROLE.
3472 */
3473 static create_role_data_t *create_role_data
3474 = (create_role_data_t*) &(command_data.create_role);
3475
3476 /**
3477 * @brief Parser callback data for CREATE_REPORT.
3478 */
3479 static create_report_data_t *create_report_data
3480 = (create_report_data_t*) &(command_data.create_report);
3481
3482 /**
3483 * @brief Parser callback data for CREATE_SCANNER.
3484 */
3485 static create_scanner_data_t *create_scanner_data
3486 = (create_scanner_data_t*) &(command_data.create_scanner);
3487
3488 /**
3489 * @brief Parser callback data for CREATE_SCHEDULE.
3490 */
3491 static create_schedule_data_t *create_schedule_data
3492 = (create_schedule_data_t*) &(command_data.create_schedule);
3493
3494 /**
3495 * @brief Parser callback data for CREATE_TAG.
3496 */
3497 static create_tag_data_t *create_tag_data
3498 = (create_tag_data_t*) &(command_data.create_tag);
3499
3500 /**
3501 * @brief Parser callback data for CREATE_TARGET.
3502 */
3503 static create_target_data_t *create_target_data
3504 = (create_target_data_t*) &(command_data.create_target);
3505
3506 /**
3507 * @brief Parser callback data for CREATE_TASK.
3508 */
3509 static create_task_data_t *create_task_data
3510 = (create_task_data_t*) &(command_data.create_task);
3511
3512 /**
3513 * @brief Parser callback data for CREATE_USER.
3514 */
3515 static create_user_data_t *create_user_data
3516 = &(command_data.create_user);
3517
3518 /**
3519 * @brief Parser callback data for DELETE_ASSET.
3520 */
3521 static delete_asset_data_t *delete_asset_data
3522 = (delete_asset_data_t*) &(command_data.delete_asset);
3523
3524 /**
3525 * @brief Parser callback data for DELETE_CONFIG.
3526 */
3527 static delete_config_data_t *delete_config_data
3528 = (delete_config_data_t*) &(command_data.delete_config);
3529
3530 /**
3531 * @brief Parser callback data for DELETE_ALERT.
3532 */
3533 static delete_alert_data_t *delete_alert_data
3534 = (delete_alert_data_t*) &(command_data.delete_alert);
3535
3536 /**
3537 * @brief Parser callback data for DELETE_CREDENTIAL.
3538 */
3539 static delete_credential_data_t *delete_credential_data
3540 = (delete_credential_data_t*) &(command_data.delete_credential);
3541
3542 /**
3543 * @brief Parser callback data for DELETE_FILTER.
3544 */
3545 static delete_filter_data_t *delete_filter_data
3546 = (delete_filter_data_t*) &(command_data.delete_filter);
3547
3548 /**
3549 * @brief Parser callback data for DELETE_GROUP.
3550 */
3551 static delete_group_data_t *delete_group_data
3552 = (delete_group_data_t*) &(command_data.delete_group);
3553
3554 /**
3555 * @brief Parser callback data for DELETE_NOTE.
3556 */
3557 static delete_note_data_t *delete_note_data
3558 = (delete_note_data_t*) &(command_data.delete_note);
3559
3560 /**
3561 * @brief Parser callback data for DELETE_OVERRIDE.
3562 */
3563 static delete_override_data_t *delete_override_data
3564 = (delete_override_data_t*) &(command_data.delete_override);
3565
3566 /**
3567 * @brief Parser callback data for DELETE_PERMISSION.
3568 */
3569 static delete_permission_data_t *delete_permission_data
3570 = (delete_permission_data_t*) &(command_data.delete_permission);
3571
3572 /**
3573 * @brief Parser callback data for DELETE_PORT_LIST.
3574 */
3575 static delete_port_list_data_t *delete_port_list_data
3576 = (delete_port_list_data_t*) &(command_data.delete_port_list);
3577
3578 /**
3579 * @brief Parser callback data for DELETE_PORT_RANGE.
3580 */
3581 static delete_port_range_data_t *delete_port_range_data
3582 = (delete_port_range_data_t*) &(command_data.delete_port_range);
3583
3584 /**
3585 * @brief Parser callback data for DELETE_REPORT.
3586 */
3587 static delete_report_data_t *delete_report_data
3588 = (delete_report_data_t*) &(command_data.delete_report);
3589
3590 /**
3591 * @brief Parser callback data for DELETE_REPORT_FORMAT.
3592 */
3593 static delete_report_format_data_t *delete_report_format_data
3594 = (delete_report_format_data_t*) &(command_data.delete_report_format);
3595
3596 /**
3597 * @brief Parser callback data for DELETE_ROLE.
3598 */
3599 static delete_role_data_t *delete_role_data
3600 = (delete_role_data_t*) &(command_data.delete_role);
3601
3602 /**
3603 * @brief Parser callback data for DELETE_SCANNER.
3604 */
3605 static delete_scanner_data_t *delete_scanner_data
3606 = (delete_scanner_data_t*) &(command_data.delete_scanner);
3607
3608 /**
3609 * @brief Parser callback data for DELETE_SCHEDULE.
3610 */
3611 static delete_schedule_data_t *delete_schedule_data
3612 = (delete_schedule_data_t*) &(command_data.delete_schedule);
3613
3614 /**
3615 * @brief Parser callback data for DELETE_TAG.
3616 */
3617 static delete_tag_data_t *delete_tag_data
3618 = (delete_tag_data_t*) &(command_data.delete_tag);
3619
3620 /**
3621 * @brief Parser callback data for DELETE_TARGET.
3622 */
3623 static delete_target_data_t *delete_target_data
3624 = (delete_target_data_t*) &(command_data.delete_target);
3625
3626 /**
3627 * @brief Parser callback data for DELETE_TASK.
3628 */
3629 static delete_task_data_t *delete_task_data
3630 = (delete_task_data_t*) &(command_data.delete_task);
3631
3632 /**
3633 * @brief Parser callback data for DELETE_USER.
3634 */
3635 static delete_user_data_t *delete_user_data
3636 = (delete_user_data_t*) &(command_data.delete_user);
3637
3638 /**
3639 * @brief Parser callback data for GET_AGGREGATES.
3640 */
3641 static get_aggregates_data_t *get_aggregates_data
3642 = &(command_data.get_aggregates);
3643
3644 /**
3645 * @brief Parser callback data for GET_CONFIGS.
3646 */
3647 static get_configs_data_t *get_configs_data
3648 = &(command_data.get_configs);
3649
3650 /**
3651 * @brief Parser callback data for GET_ALERTS.
3652 */
3653 static get_alerts_data_t *get_alerts_data
3654 = &(command_data.get_alerts);
3655
3656 /**
3657 * @brief Parser callback data for GET_ASSETS.
3658 */
3659 static get_assets_data_t *get_assets_data
3660 = &(command_data.get_assets);
3661
3662 /**
3663 * @brief Parser callback data for GET_CREDENTIALS.
3664 */
3665 static get_credentials_data_t *get_credentials_data
3666 = &(command_data.get_credentials);
3667
3668 /**
3669 * @brief Parser callback data for GET_FEEDS.
3670 */
3671 static get_feeds_data_t *get_feeds_data
3672 = &(command_data.get_feeds);
3673
3674 /**
3675 * @brief Parser callback data for GET_FILTERS.
3676 */
3677 static get_filters_data_t *get_filters_data
3678 = &(command_data.get_filters);
3679
3680 /**
3681 * @brief Parser callback data for GET_GROUPS.
3682 */
3683 static get_groups_data_t *get_groups_data
3684 = &(command_data.get_groups);
3685
3686 /**
3687 * @brief Parser callback data for GET_INFO.
3688 */
3689 static get_info_data_t *get_info_data
3690 = &(command_data.get_info);
3691
3692 /**
3693 * @brief Parser callback data for GET_NOTES.
3694 */
3695 static get_notes_data_t *get_notes_data
3696 = &(command_data.get_notes);
3697
3698 /**
3699 * @brief Parser callback data for GET_NVTS.
3700 */
3701 static get_nvts_data_t *get_nvts_data
3702 = &(command_data.get_nvts);
3703
3704 /**
3705 * @brief Parser callback data for GET_NVT_FAMILIES.
3706 */
3707 static get_nvt_families_data_t *get_nvt_families_data
3708 = &(command_data.get_nvt_families);
3709
3710 /**
3711 * @brief Parser callback data for GET_OVERRIDES.
3712 */
3713 static get_overrides_data_t *get_overrides_data
3714 = &(command_data.get_overrides);
3715
3716 /**
3717 * @brief Parser callback data for GET_PERMISSIONS.
3718 */
3719 static get_permissions_data_t *get_permissions_data
3720 = &(command_data.get_permissions);
3721
3722 /**
3723 * @brief Parser callback data for GET_PORT_LISTS.
3724 */
3725 static get_port_lists_data_t *get_port_lists_data
3726 = &(command_data.get_port_lists);
3727
3728 /**
3729 * @brief Parser callback data for GET_PREFERENCES.
3730 */
3731 static get_preferences_data_t *get_preferences_data
3732 = &(command_data.get_preferences);
3733
3734 /**
3735 * @brief Parser callback data for GET_REPORTS.
3736 */
3737 static get_reports_data_t *get_reports_data
3738 = &(command_data.get_reports);
3739
3740 /**
3741 * @brief Parser callback data for GET_REPORT_FORMATS.
3742 */
3743 static get_report_formats_data_t *get_report_formats_data
3744 = &(command_data.get_report_formats);
3745
3746 /**
3747 * @brief Parser callback data for GET_RESULTS.
3748 */
3749 static get_results_data_t *get_results_data
3750 = &(command_data.get_results);
3751
3752 /**
3753 * @brief Parser callback data for GET_ROLES.
3754 */
3755 static get_roles_data_t *get_roles_data
3756 = &(command_data.get_roles);
3757
3758 /**
3759 * @brief Parser callback data for GET_scannerS.
3760 */
3761 static get_scanners_data_t *get_scanners_data
3762 = &(command_data.get_scanners);
3763
3764 /**
3765 * @brief Parser callback data for GET_SCHEDULES.
3766 */
3767 static get_schedules_data_t *get_schedules_data
3768 = &(command_data.get_schedules);
3769
3770 /**
3771 * @brief Parser callback data for GET_SETTINGS.
3772 */
3773 static get_settings_data_t *get_settings_data
3774 = &(command_data.get_settings);
3775
3776 /**
3777 * @brief Parser callback data for GET_SYSTEM_REPORTS.
3778 */
3779 static get_system_reports_data_t *get_system_reports_data
3780 = &(command_data.get_system_reports);
3781
3782 /**
3783 * @brief Parser callback data for GET_TAGS.
3784 */
3785 static get_tags_data_t *get_tags_data
3786 = &(command_data.get_tags);
3787
3788 /**
3789 * @brief Parser callback data for GET_TARGETS.
3790 */
3791 static get_targets_data_t *get_targets_data
3792 = &(command_data.get_targets);
3793
3794 /**
3795 * @brief Parser callback data for GET_TASKS.
3796 */
3797 static get_tasks_data_t *get_tasks_data
3798 = &(command_data.get_tasks);
3799
3800 /**
3801 * @brief Parser callback data for GET_USERS.
3802 */
3803 static get_users_data_t *get_users_data
3804 = &(command_data.get_users);
3805
3806 /**
3807 * @brief Parser callback data for GET_VULNS.
3808 */
3809 static get_vulns_data_t *get_vulns_data
3810 = &(command_data.get_vulns);
3811
3812 /**
3813 * @brief Parser callback data for HELP.
3814 */
3815 static help_data_t *help_data
3816 = &(command_data.help);
3817
3818 /**
3819 * @brief Parser callback data for MODIFY_ALERT.
3820 */
3821 static modify_alert_data_t *modify_alert_data
3822 = &(command_data.modify_alert);
3823
3824 /**
3825 * @brief Parser callback data for MODIFY_ASSET.
3826 */
3827 static modify_asset_data_t *modify_asset_data
3828 = &(command_data.modify_asset);
3829
3830 /**
3831 * @brief Parser callback data for MODIFY_AUTH.
3832 */
3833 static modify_auth_data_t *modify_auth_data
3834 = &(command_data.modify_auth);
3835
3836 /**
3837 * @brief Parser callback data for MODIFY_CREDENTIAL.
3838 */
3839 static modify_credential_data_t *modify_credential_data
3840 = &(command_data.modify_credential);
3841
3842 /**
3843 * @brief Parser callback data for MODIFY_FILTER.
3844 */
3845 static modify_filter_data_t *modify_filter_data
3846 = &(command_data.modify_filter);
3847
3848 /**
3849 * @brief Parser callback data for MODIFY_GROUP.
3850 */
3851 static modify_group_data_t *modify_group_data
3852 = &(command_data.modify_group);
3853
3854 /**
3855 * @brief Parser callback data for MODIFY_NOTE.
3856 */
3857 static modify_note_data_t *modify_note_data
3858 = (modify_note_data_t*) &(command_data.create_note);
3859
3860 /**
3861 * @brief Parser callback data for MODIFY_OVERRIDE.
3862 */
3863 static modify_override_data_t *modify_override_data
3864 = (modify_override_data_t*) &(command_data.create_override);
3865
3866 /**
3867 * @brief Parser callback data for MODIFY_PERMISSION.
3868 */
3869 static modify_permission_data_t *modify_permission_data
3870 = &(command_data.modify_permission);
3871
3872 /**
3873 * @brief Parser callback data for MODIFY_PORT_LIST.
3874 */
3875 static modify_port_list_data_t *modify_port_list_data
3876 = &(command_data.modify_port_list);
3877
3878 /**
3879 * @brief Parser callback data for MODIFY_REPORT_FORMAT.
3880 */
3881 static modify_report_format_data_t *modify_report_format_data
3882 = &(command_data.modify_report_format);
3883
3884 /**
3885 * @brief Parser callback data for MODIFY_ROLE.
3886 */
3887 static modify_role_data_t *modify_role_data
3888 = &(command_data.modify_role);
3889
3890 /**
3891 * @brief Parser callback data for MODIFY_SCANNER.
3892 */
3893 static modify_scanner_data_t *modify_scanner_data
3894 = &(command_data.modify_scanner);
3895
3896 /**
3897 * @brief Parser callback data for MODIFY_SCHEDULE.
3898 */
3899 static modify_schedule_data_t *modify_schedule_data
3900 = &(command_data.modify_schedule);
3901
3902 /**
3903 * @brief Parser callback data for MODIFY_SETTING.
3904 */
3905 static modify_setting_data_t *modify_setting_data
3906 = &(command_data.modify_setting);
3907
3908 /**
3909 * @brief Parser callback data for MODIFY_TAG.
3910 */
3911 static modify_tag_data_t *modify_tag_data
3912 = (modify_tag_data_t*) &(command_data.modify_tag);
3913
3914 /**
3915 * @brief Parser callback data for MODIFY_TARGET.
3916 */
3917 static modify_target_data_t *modify_target_data
3918 = &(command_data.modify_target);
3919
3920 /**
3921 * @brief Parser callback data for MODIFY_TASK.
3922 */
3923 static modify_task_data_t *modify_task_data
3924 = &(command_data.modify_task);
3925
3926 /**
3927 * @brief Parser callback data for MODIFY_USER.
3928 */
3929 static modify_user_data_t *modify_user_data = &(command_data.modify_user);
3930
3931 /**
3932 * @brief Parser callback data for MOVE_TASK.
3933 */
3934 static move_task_data_t *move_task_data = &(command_data.move_task);
3935
3936 /**
3937 * @brief Parser callback data for RESTORE.
3938 */
3939 static restore_data_t *restore_data
3940 = (restore_data_t*) &(command_data.restore);
3941
3942 /**
3943 * @brief Parser callback data for RESUME_TASK.
3944 */
3945 static resume_task_data_t *resume_task_data
3946 = (resume_task_data_t*) &(command_data.resume_task);
3947
3948 /**
3949 * @brief Parser callback data for START_TASK.
3950 */
3951 static start_task_data_t *start_task_data
3952 = (start_task_data_t*) &(command_data.start_task);
3953
3954 /**
3955 * @brief Parser callback data for STOP_TASK.
3956 */
3957 static stop_task_data_t *stop_task_data
3958 = (stop_task_data_t*) &(command_data.stop_task);
3959
3960 /**
3961 * @brief Parser callback data for SYNC_CONFIG.
3962 */
3963 static sync_config_data_t *sync_config_data
3964 = (sync_config_data_t*) &(command_data.sync_config);
3965
3966 /**
3967 * @brief Parser callback data for TEST_ALERT.
3968 */
3969 static test_alert_data_t *test_alert_data
3970 = (test_alert_data_t*) &(command_data.test_alert);
3971
3972 /**
3973 * @brief Parser callback data for VERIFY_REPORT_FORMAT.
3974 */
3975 static verify_report_format_data_t *verify_report_format_data
3976 = (verify_report_format_data_t*) &(command_data.verify_report_format);
3977
3978 /**
3979 * @brief Parser callback data for VERIFY_SCANNER.
3980 */
3981 static verify_scanner_data_t *verify_scanner_data
3982 = (verify_scanner_data_t*) &(command_data.verify_scanner);
3983
3984 /**
3985 * @brief Parser callback data for WIZARD.
3986 */
3987 static run_wizard_data_t *run_wizard_data
3988 = (run_wizard_data_t*) &(command_data.wizard);
3989
3990 /**
3991 * @brief Buffer of output to the client.
3992 */
3993 char to_client[TO_CLIENT_BUFFER_SIZE];
3994
3995 /**
3996 * @brief The start of the data in the \ref to_client buffer.
3997 */
3998 buffer_size_t to_client_start = 0;
3999 /**
4000 * @brief The end of the data in the \ref to_client buffer.
4001 */
4002 buffer_size_t to_client_end = 0;
4003
4004 /**
4005 * @brief Client input parsing context.
4006 */
4007 static GMarkupParseContext*
4008 xml_context = NULL;
4009
4010 /**
4011 * @brief Client input parser.
4012 */
4013 static GMarkupParser xml_parser;
4014
4015 /**
4016 * @brief The nvt synchronization script for this daemon.
4017 */
4018 static const gchar *nvt_sync_script = BINDIR "/greenbone-nvt-sync";
4019
4020
4021 /* Client state. */
4022
4023 /**
4024 * @brief Possible states of the client.
4025 */
4026 typedef enum
4027 {
4028 CLIENT_TOP,
4029 CLIENT_AUTHENTIC,
4030
4031 CLIENT_AUTHENTICATE,
4032 CLIENT_AUTHENTICATE_CREDENTIALS,
4033 CLIENT_AUTHENTICATE_CREDENTIALS_PASSWORD,
4034 CLIENT_AUTHENTICATE_CREDENTIALS_USERNAME,
4035 CLIENT_CREATE_ALERT,
4036 CLIENT_CREATE_ALERT_ACTIVE,
4037 CLIENT_CREATE_ALERT_COMMENT,
4038 CLIENT_CREATE_ALERT_CONDITION,
4039 CLIENT_CREATE_ALERT_CONDITION_DATA,
4040 CLIENT_CREATE_ALERT_CONDITION_DATA_NAME,
4041 CLIENT_CREATE_ALERT_COPY,
4042 CLIENT_CREATE_ALERT_EVENT,
4043 CLIENT_CREATE_ALERT_EVENT_DATA,
4044 CLIENT_CREATE_ALERT_EVENT_DATA_NAME,
4045 CLIENT_CREATE_ALERT_FILTER,
4046 CLIENT_CREATE_ALERT_METHOD,
4047 CLIENT_CREATE_ALERT_METHOD_DATA,
4048 CLIENT_CREATE_ALERT_METHOD_DATA_NAME,
4049 CLIENT_CREATE_ALERT_NAME,
4050 CLIENT_CREATE_ASSET,
4051 CLIENT_CREATE_ASSET_REPORT,
4052 CLIENT_CREATE_ASSET_REPORT_FILTER,
4053 CLIENT_CREATE_ASSET_REPORT_FILTER_TERM,
4054 CLIENT_CREATE_ASSET_ASSET,
4055 CLIENT_CREATE_ASSET_ASSET_COMMENT,
4056 CLIENT_CREATE_ASSET_ASSET_NAME,
4057 CLIENT_CREATE_ASSET_ASSET_TYPE,
4058 CLIENT_CREATE_CONFIG,
4059 CLIENT_CREATE_CREDENTIAL,
4060 CLIENT_CREATE_CREDENTIAL_ALLOW_INSECURE,
4061 CLIENT_CREATE_CREDENTIAL_AUTH_ALGORITHM,
4062 CLIENT_CREATE_CREDENTIAL_CERTIFICATE,
4063 CLIENT_CREATE_CREDENTIAL_COMMENT,
4064 CLIENT_CREATE_CREDENTIAL_COMMUNITY,
4065 CLIENT_CREATE_CREDENTIAL_COPY,
4066 CLIENT_CREATE_CREDENTIAL_KEY,
4067 CLIENT_CREATE_CREDENTIAL_KEY_PHRASE,
4068 CLIENT_CREATE_CREDENTIAL_KEY_PRIVATE,
4069 CLIENT_CREATE_CREDENTIAL_KEY_PUBLIC,
4070 CLIENT_CREATE_CREDENTIAL_LOGIN,
4071 CLIENT_CREATE_CREDENTIAL_NAME,
4072 CLIENT_CREATE_CREDENTIAL_PASSWORD,
4073 CLIENT_CREATE_CREDENTIAL_PRIVACY,
4074 CLIENT_CREATE_CREDENTIAL_PRIVACY_ALGORITHM,
4075 CLIENT_CREATE_CREDENTIAL_PRIVACY_PASSWORD,
4076 CLIENT_CREATE_CREDENTIAL_TYPE,
4077 CLIENT_CREATE_FILTER,
4078 CLIENT_CREATE_FILTER_COMMENT,
4079 CLIENT_CREATE_FILTER_COPY,
4080 CLIENT_CREATE_FILTER_NAME,
4081 CLIENT_CREATE_FILTER_TERM,
4082 CLIENT_CREATE_FILTER_TYPE,
4083 CLIENT_CREATE_GROUP,
4084 CLIENT_CREATE_GROUP_COMMENT,
4085 CLIENT_CREATE_GROUP_COPY,
4086 CLIENT_CREATE_GROUP_NAME,
4087 CLIENT_CREATE_GROUP_USERS,
4088 CLIENT_CREATE_GROUP_SPECIALS,
4089 CLIENT_CREATE_GROUP_SPECIALS_FULL,
4090 CLIENT_CREATE_NOTE,
4091 CLIENT_CREATE_NOTE_ACTIVE,
4092 CLIENT_CREATE_NOTE_COPY,
4093 CLIENT_CREATE_NOTE_HOSTS,
4094 CLIENT_CREATE_NOTE_NVT,
4095 CLIENT_CREATE_NOTE_PORT,
4096 CLIENT_CREATE_NOTE_RESULT,
4097 CLIENT_CREATE_NOTE_SEVERITY,
4098 CLIENT_CREATE_NOTE_TASK,
4099 CLIENT_CREATE_NOTE_TEXT,
4100 CLIENT_CREATE_NOTE_THREAT,
4101 CLIENT_CREATE_OVERRIDE,
4102 CLIENT_CREATE_OVERRIDE_ACTIVE,
4103 CLIENT_CREATE_OVERRIDE_COPY,
4104 CLIENT_CREATE_OVERRIDE_HOSTS,
4105 CLIENT_CREATE_OVERRIDE_NEW_SEVERITY,
4106 CLIENT_CREATE_OVERRIDE_NEW_THREAT,
4107 CLIENT_CREATE_OVERRIDE_NVT,
4108 CLIENT_CREATE_OVERRIDE_PORT,
4109 CLIENT_CREATE_OVERRIDE_RESULT,
4110 CLIENT_CREATE_OVERRIDE_SEVERITY,
4111 CLIENT_CREATE_OVERRIDE_TASK,
4112 CLIENT_CREATE_OVERRIDE_TEXT,
4113 CLIENT_CREATE_OVERRIDE_THREAT,
4114 CLIENT_CREATE_PERMISSION,
4115 CLIENT_CREATE_PERMISSION_COMMENT,
4116 CLIENT_CREATE_PERMISSION_COPY,
4117 CLIENT_CREATE_PERMISSION_NAME,
4118 CLIENT_CREATE_PERMISSION_RESOURCE,
4119 CLIENT_CREATE_PERMISSION_RESOURCE_TYPE,
4120 CLIENT_CREATE_PERMISSION_SUBJECT,
4121 CLIENT_CREATE_PERMISSION_SUBJECT_TYPE,
4122 CLIENT_CREATE_PORT_LIST,
4123 CLIENT_CREATE_PORT_RANGE,
4124 CLIENT_CREATE_PORT_RANGE_COMMENT,
4125 CLIENT_CREATE_PORT_RANGE_END,
4126 CLIENT_CREATE_PORT_RANGE_PORT_LIST,
4127 CLIENT_CREATE_PORT_RANGE_START,
4128 CLIENT_CREATE_PORT_RANGE_TYPE,
4129 CLIENT_CREATE_REPORT_FORMAT,
4130 /* CREATE_REPORT. */
4131 CLIENT_CREATE_REPORT,
4132 CLIENT_CREATE_REPORT_IN_ASSETS,
4133 CLIENT_CREATE_REPORT_REPORT,
4134 CLIENT_CREATE_REPORT_RR,
4135 CLIENT_CREATE_REPORT_RR_FILTERS,
4136 CLIENT_CREATE_REPORT_RR_ERRORS,
4137 CLIENT_CREATE_REPORT_RR_ERRORS_COUNT,
4138 CLIENT_CREATE_REPORT_RR_ERRORS_ERROR,
4139 CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_DESCRIPTION,
4140 CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_HOST,
4141 CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_HOST_ASSET,
4142 CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_HOST_HOSTNAME,
4143 CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_NVT,
4144 CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_NVT_CVSS_BASE,
4145 CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_NVT_NAME,
4146 CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_PORT,
4147 CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_SCAN_NVT_VERSION,
4148 CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_SEVERITY,
4149 /* RR_H is for RR_HOST because it clashes with entities like HOST_START. */
4150 CLIENT_CREATE_REPORT_RR_H,
4151 CLIENT_CREATE_REPORT_RR_HOSTS,
4152 CLIENT_CREATE_REPORT_RR_HOST_COUNT,
4153 CLIENT_CREATE_REPORT_RR_HOST_END,
4154 CLIENT_CREATE_REPORT_RR_HOST_END_HOST,
4155 CLIENT_CREATE_REPORT_RR_HOST_START,
4156 CLIENT_CREATE_REPORT_RR_HOST_START_HOST,
4157 CLIENT_CREATE_REPORT_RR_H_DETAIL,
4158 CLIENT_CREATE_REPORT_RR_H_DETAIL_NAME,
4159 CLIENT_CREATE_REPORT_RR_H_DETAIL_SOURCE,
4160 CLIENT_CREATE_REPORT_RR_H_DETAIL_SOURCE_DESC,
4161 CLIENT_CREATE_REPORT_RR_H_DETAIL_SOURCE_NAME,
4162 CLIENT_CREATE_REPORT_RR_H_DETAIL_SOURCE_TYPE,
4163 CLIENT_CREATE_REPORT_RR_H_DETAIL_VALUE,
4164 CLIENT_CREATE_REPORT_RR_H_END,
4165 CLIENT_CREATE_REPORT_RR_H_IP,
4166 CLIENT_CREATE_REPORT_RR_H_START,
4167 CLIENT_CREATE_REPORT_RR_PORTS,
4168 CLIENT_CREATE_REPORT_RR_REPORT_FORMAT,
4169 CLIENT_CREATE_REPORT_RR_RESULTS,
4170 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT,
4171 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_COMMENT,
4172 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_CREATION_TIME,
4173 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DESCRIPTION,
4174
4175 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION,
4176 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION_RESULT,
4177 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION_RESULT_DETAILS,
4178 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION_RESULT_DETAILS_DETAIL,
4179 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION_RESULT_DETAILS_DETAIL_NAME,
4180 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION_RESULT_DETAILS_DETAIL_VALUE,
4181
4182
4183 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_HOST,
4184 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_HOST_ASSET,
4185 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_HOST_HOSTNAME,
4186 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_MODIFICATION_TIME,
4187 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NAME,
4188 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NOTES,
4189 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT,
4190 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT_BID,
4191 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT_CERT,
4192 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT_CERT_CERT_REF,
4193 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT_CVE,
4194 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT_CVSS_BASE,
4195 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT_FAMILY,
4196 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT_NAME,
4197 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT_XREF,
4198 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_OWNER,
4199 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_ORIGINAL_SEVERITY,
4200 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_ORIGINAL_THREAT,
4201 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_OVERRIDES,
4202 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_PORT,
4203 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_QOD,
4204 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_QOD_TYPE,
4205 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_QOD_VALUE,
4206 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_SCAN_NVT_VERSION,
4207 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_SEVERITY,
4208 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_THREAT,
4209 CLIENT_CREATE_REPORT_RR_RESULT_COUNT,
4210 CLIENT_CREATE_REPORT_RR_SCAN_END,
4211 CLIENT_CREATE_REPORT_RR_SCAN_RUN_STATUS,
4212 CLIENT_CREATE_REPORT_RR_SCAN_START,
4213 CLIENT_CREATE_REPORT_RR_SORT,
4214 CLIENT_CREATE_REPORT_RR_TASK,
4215 CLIENT_CREATE_REPORT_TASK,
4216 CLIENT_CREATE_REPORT_TASK_COMMENT,
4217 CLIENT_CREATE_REPORT_TASK_NAME,
4218 CLIENT_CREATE_ROLE,
4219 CLIENT_CREATE_ROLE_COMMENT,
4220 CLIENT_CREATE_ROLE_COPY,
4221 CLIENT_CREATE_ROLE_NAME,
4222 CLIENT_CREATE_ROLE_USERS,
4223 CLIENT_CREATE_SCANNER,
4224 CLIENT_CREATE_SCANNER_COMMENT,
4225 CLIENT_CREATE_SCANNER_COPY,
4226 CLIENT_CREATE_SCANNER_NAME,
4227 CLIENT_CREATE_SCANNER_HOST,
4228 CLIENT_CREATE_SCANNER_PORT,
4229 CLIENT_CREATE_SCANNER_TYPE,
4230 CLIENT_CREATE_SCANNER_CA_PUB,
4231 CLIENT_CREATE_SCANNER_CREDENTIAL,
4232 CLIENT_CREATE_SCHEDULE,
4233 CLIENT_CREATE_SCHEDULE_COMMENT,
4234 CLIENT_CREATE_SCHEDULE_COPY,
4235 CLIENT_CREATE_SCHEDULE_ICALENDAR,
4236 CLIENT_CREATE_SCHEDULE_NAME,
4237 CLIENT_CREATE_SCHEDULE_TIMEZONE,
4238 CLIENT_CREATE_TAG,
4239 CLIENT_CREATE_TAG_ACTIVE,
4240 CLIENT_CREATE_TAG_COMMENT,
4241 CLIENT_CREATE_TAG_COPY,
4242 CLIENT_CREATE_TAG_NAME,
4243 CLIENT_CREATE_TAG_RESOURCES,
4244 CLIENT_CREATE_TAG_RESOURCES_RESOURCE,
4245 CLIENT_CREATE_TAG_RESOURCES_TYPE,
4246 CLIENT_CREATE_TAG_VALUE,
4247 CLIENT_CREATE_TARGET,
4248 CLIENT_CREATE_TARGET_ALIVE_TESTS,
4249 CLIENT_CREATE_TARGET_ALLOW_SIMULTANEOUS_IPS,
4250 CLIENT_CREATE_TARGET_ASSET_HOSTS,
4251 CLIENT_CREATE_TARGET_EXCLUDE_HOSTS,
4252 CLIENT_CREATE_TARGET_REVERSE_LOOKUP_ONLY,
4253 CLIENT_CREATE_TARGET_REVERSE_LOOKUP_UNIFY,
4254 CLIENT_CREATE_TARGET_COMMENT,
4255 CLIENT_CREATE_TARGET_COPY,
4256 CLIENT_CREATE_TARGET_ESXI_CREDENTIAL,
4257 CLIENT_CREATE_TARGET_ESXI_LSC_CREDENTIAL,
4258 CLIENT_CREATE_TARGET_HOSTS,
4259 CLIENT_CREATE_TARGET_NAME,
4260 CLIENT_CREATE_TARGET_PORT_LIST,
4261 CLIENT_CREATE_TARGET_PORT_RANGE,
4262 CLIENT_CREATE_TARGET_SMB_CREDENTIAL,
4263 CLIENT_CREATE_TARGET_SNMP_CREDENTIAL,
4264 CLIENT_CREATE_TARGET_SSH_CREDENTIAL,
4265 CLIENT_CREATE_TARGET_SSH_CREDENTIAL_PORT,
4266 CLIENT_CREATE_TARGET_SMB_LSC_CREDENTIAL,
4267 CLIENT_CREATE_TARGET_SSH_LSC_CREDENTIAL,
4268 CLIENT_CREATE_TARGET_SSH_LSC_CREDENTIAL_PORT,
4269 CLIENT_CREATE_TARGET_SSH_ELEVATE_CREDENTIAL,
4270 CLIENT_CREATE_TASK,
4271 CLIENT_CREATE_TASK_ALERT,
4272 CLIENT_CREATE_TASK_ALTERABLE,
4273 CLIENT_CREATE_TASK_COMMENT,
4274 CLIENT_CREATE_TASK_CONFIG,
4275 CLIENT_CREATE_TASK_COPY,
4276 CLIENT_CREATE_TASK_HOSTS_ORDERING,
4277 CLIENT_CREATE_TASK_NAME,
4278 CLIENT_CREATE_TASK_OBSERVERS,
4279 CLIENT_CREATE_TASK_OBSERVERS_GROUP,
4280 CLIENT_CREATE_TASK_PREFERENCES,
4281 CLIENT_CREATE_TASK_PREFERENCES_PREFERENCE,
4282 CLIENT_CREATE_TASK_PREFERENCES_PREFERENCE_NAME,
4283 CLIENT_CREATE_TASK_PREFERENCES_PREFERENCE_VALUE,
4284 CLIENT_CREATE_TASK_SCANNER,
4285 CLIENT_CREATE_TASK_SCHEDULE,
4286 CLIENT_CREATE_TASK_SCHEDULE_PERIODS,
4287 CLIENT_CREATE_TASK_TARGET,
4288 CLIENT_CREATE_TASK_USAGE_TYPE,
4289 CLIENT_CREATE_TICKET,
4290 CLIENT_CREATE_TLS_CERTIFICATE,
4291 CLIENT_CREATE_USER,
4292 CLIENT_CREATE_USER_COMMENT,
4293 CLIENT_CREATE_USER_COPY,
4294 CLIENT_CREATE_USER_GROUPS,
4295 CLIENT_CREATE_USER_GROUPS_GROUP,
4296 CLIENT_CREATE_USER_HOSTS,
4297 CLIENT_CREATE_USER_IFACES,
4298 CLIENT_CREATE_USER_NAME,
4299 CLIENT_CREATE_USER_PASSWORD,
4300 CLIENT_CREATE_USER_ROLE,
4301 CLIENT_CREATE_USER_SOURCES,
4302 CLIENT_CREATE_USER_SOURCES_SOURCE,
4303 CLIENT_DELETE_ALERT,
4304 CLIENT_DELETE_ASSET,
4305 CLIENT_DELETE_CONFIG,
4306 CLIENT_DELETE_CREDENTIAL,
4307 CLIENT_DELETE_FILTER,
4308 CLIENT_DELETE_GROUP,
4309 CLIENT_DELETE_NOTE,
4310 CLIENT_DELETE_OVERRIDE,
4311 CLIENT_DELETE_PERMISSION,
4312 CLIENT_DELETE_PORT_LIST,
4313 CLIENT_DELETE_PORT_RANGE,
4314 CLIENT_DELETE_REPORT,
4315 CLIENT_DELETE_REPORT_FORMAT,
4316 CLIENT_DELETE_ROLE,
4317 CLIENT_DELETE_SCANNER,
4318 CLIENT_DELETE_SCHEDULE,
4319 CLIENT_DELETE_TAG,
4320 CLIENT_DELETE_TARGET,
4321 CLIENT_DELETE_TASK,
4322 CLIENT_DELETE_TICKET,
4323 CLIENT_DELETE_TLS_CERTIFICATE,
4324 CLIENT_DELETE_USER,
4325 CLIENT_DESCRIBE_AUTH,
4326 CLIENT_EMPTY_TRASHCAN,
4327 CLIENT_GET_AGGREGATES,
4328 CLIENT_GET_AGGREGATES_DATA_COLUMN,
4329 CLIENT_GET_AGGREGATES_SORT,
4330 CLIENT_GET_AGGREGATES_TEXT_COLUMN,
4331 CLIENT_GET_ALERTS,
4332 CLIENT_GET_ASSETS,
4333 CLIENT_GET_CONFIGS,
4334 CLIENT_GET_CREDENTIALS,
4335 CLIENT_GET_FEEDS,
4336 CLIENT_GET_FILTERS,
4337 CLIENT_GET_GROUPS,
4338 CLIENT_GET_INFO,
4339 CLIENT_GET_NOTES,
4340 CLIENT_GET_NVTS,
4341 CLIENT_GET_NVT_FAMILIES,
4342 CLIENT_GET_OVERRIDES,
4343 CLIENT_GET_PERMISSIONS,
4344 CLIENT_GET_PORT_LISTS,
4345 CLIENT_GET_PREFERENCES,
4346 CLIENT_GET_REPORTS,
4347 CLIENT_GET_REPORT_FORMATS,
4348 CLIENT_GET_RESULTS,
4349 CLIENT_GET_ROLES,
4350 CLIENT_GET_SCANNERS,
4351 CLIENT_GET_SCHEDULES,
4352 CLIENT_GET_SETTINGS,
4353 CLIENT_GET_SYSTEM_REPORTS,
4354 CLIENT_GET_TAGS,
4355 CLIENT_GET_TARGETS,
4356 CLIENT_GET_TASKS,
4357 CLIENT_GET_TICKETS,
4358 CLIENT_GET_TLS_CERTIFICATES,
4359 CLIENT_GET_USERS,
4360 CLIENT_GET_VERSION,
4361 CLIENT_GET_VERSION_AUTHENTIC,
4362 CLIENT_GET_VULNS,
4363 CLIENT_HELP,
4364 CLIENT_MODIFY_ALERT,
4365 CLIENT_MODIFY_ALERT_ACTIVE,
4366 CLIENT_MODIFY_ALERT_COMMENT,
4367 CLIENT_MODIFY_ALERT_CONDITION,
4368 CLIENT_MODIFY_ALERT_CONDITION_DATA,
4369 CLIENT_MODIFY_ALERT_CONDITION_DATA_NAME,
4370 CLIENT_MODIFY_ALERT_EVENT,
4371 CLIENT_MODIFY_ALERT_EVENT_DATA,
4372 CLIENT_MODIFY_ALERT_EVENT_DATA_NAME,
4373 CLIENT_MODIFY_ALERT_FILTER,
4374 CLIENT_MODIFY_ALERT_METHOD,
4375 CLIENT_MODIFY_ALERT_METHOD_DATA,
4376 CLIENT_MODIFY_ALERT_METHOD_DATA_NAME,
4377 CLIENT_MODIFY_ALERT_NAME,
4378 CLIENT_MODIFY_ASSET,
4379 CLIENT_MODIFY_ASSET_COMMENT,
4380 CLIENT_MODIFY_AUTH,
4381 CLIENT_MODIFY_AUTH_GROUP,
4382 CLIENT_MODIFY_AUTH_GROUP_AUTH_CONF_SETTING,
4383 CLIENT_MODIFY_AUTH_GROUP_AUTH_CONF_SETTING_KEY,
4384 CLIENT_MODIFY_AUTH_GROUP_AUTH_CONF_SETTING_VALUE,
4385 CLIENT_MODIFY_CONFIG,
4386 CLIENT_MODIFY_CREDENTIAL,
4387 CLIENT_MODIFY_CREDENTIAL_ALLOW_INSECURE,
4388 CLIENT_MODIFY_CREDENTIAL_AUTH_ALGORITHM,
4389 CLIENT_MODIFY_CREDENTIAL_CERTIFICATE,
4390 CLIENT_MODIFY_CREDENTIAL_COMMENT,
4391 CLIENT_MODIFY_CREDENTIAL_COMMUNITY,
4392 CLIENT_MODIFY_CREDENTIAL_KEY,
4393 CLIENT_MODIFY_CREDENTIAL_KEY_PHRASE,
4394 CLIENT_MODIFY_CREDENTIAL_KEY_PRIVATE,
4395 CLIENT_MODIFY_CREDENTIAL_KEY_PUBLIC,
4396 CLIENT_MODIFY_CREDENTIAL_LOGIN,
4397 CLIENT_MODIFY_CREDENTIAL_NAME,
4398 CLIENT_MODIFY_CREDENTIAL_PASSWORD,
4399 CLIENT_MODIFY_CREDENTIAL_PRIVACY,
4400 CLIENT_MODIFY_CREDENTIAL_PRIVACY_ALGORITHM,
4401 CLIENT_MODIFY_CREDENTIAL_PRIVACY_PASSWORD,
4402 CLIENT_MODIFY_FILTER,
4403 CLIENT_MODIFY_FILTER_COMMENT,
4404 CLIENT_MODIFY_FILTER_NAME,
4405 CLIENT_MODIFY_FILTER_TERM,
4406 CLIENT_MODIFY_FILTER_TYPE,
4407 CLIENT_MODIFY_GROUP,
4408 CLIENT_MODIFY_GROUP_COMMENT,
4409 CLIENT_MODIFY_GROUP_NAME,
4410 CLIENT_MODIFY_GROUP_USERS,
4411 CLIENT_MODIFY_NOTE,
4412 CLIENT_MODIFY_NOTE_ACTIVE,
4413 CLIENT_MODIFY_NOTE_HOSTS,
4414 CLIENT_MODIFY_NOTE_PORT,
4415 CLIENT_MODIFY_NOTE_RESULT,
4416 CLIENT_MODIFY_NOTE_SEVERITY,
4417 CLIENT_MODIFY_NOTE_TASK,
4418 CLIENT_MODIFY_NOTE_TEXT,
4419 CLIENT_MODIFY_NOTE_THREAT,
4420 CLIENT_MODIFY_NOTE_NVT,
4421 CLIENT_MODIFY_OVERRIDE,
4422 CLIENT_MODIFY_OVERRIDE_ACTIVE,
4423 CLIENT_MODIFY_OVERRIDE_HOSTS,
4424 CLIENT_MODIFY_OVERRIDE_NEW_SEVERITY,
4425 CLIENT_MODIFY_OVERRIDE_NEW_THREAT,
4426 CLIENT_MODIFY_OVERRIDE_PORT,
4427 CLIENT_MODIFY_OVERRIDE_RESULT,
4428 CLIENT_MODIFY_OVERRIDE_SEVERITY,
4429 CLIENT_MODIFY_OVERRIDE_TASK,
4430 CLIENT_MODIFY_OVERRIDE_TEXT,
4431 CLIENT_MODIFY_OVERRIDE_THREAT,
4432 CLIENT_MODIFY_OVERRIDE_NVT,
4433 CLIENT_MODIFY_PERMISSION,
4434 CLIENT_MODIFY_PERMISSION_COMMENT,
4435 CLIENT_MODIFY_PERMISSION_NAME,
4436 CLIENT_MODIFY_PERMISSION_RESOURCE,
4437 CLIENT_MODIFY_PERMISSION_RESOURCE_TYPE,
4438 CLIENT_MODIFY_PERMISSION_SUBJECT,
4439 CLIENT_MODIFY_PERMISSION_SUBJECT_TYPE,
4440 CLIENT_MODIFY_PORT_LIST,
4441 CLIENT_MODIFY_PORT_LIST_COMMENT,
4442 CLIENT_MODIFY_PORT_LIST_NAME,
4443 CLIENT_MODIFY_REPORT_FORMAT,
4444 CLIENT_MODIFY_REPORT_FORMAT_ACTIVE,
4445 CLIENT_MODIFY_REPORT_FORMAT_NAME,
4446 CLIENT_MODIFY_REPORT_FORMAT_PARAM,
4447 CLIENT_MODIFY_REPORT_FORMAT_PARAM_NAME,
4448 CLIENT_MODIFY_REPORT_FORMAT_PARAM_VALUE,
4449 CLIENT_MODIFY_REPORT_FORMAT_SUMMARY,
4450 CLIENT_MODIFY_ROLE,
4451 CLIENT_MODIFY_ROLE_COMMENT,
4452 CLIENT_MODIFY_ROLE_NAME,
4453 CLIENT_MODIFY_ROLE_USERS,
4454 CLIENT_MODIFY_SCANNER,
4455 CLIENT_MODIFY_SCANNER_COMMENT,
4456 CLIENT_MODIFY_SCANNER_NAME,
4457 CLIENT_MODIFY_SCANNER_HOST,
4458 CLIENT_MODIFY_SCANNER_PORT,
4459 CLIENT_MODIFY_SCANNER_TYPE,
4460 CLIENT_MODIFY_SCANNER_CA_PUB,
4461 CLIENT_MODIFY_SCANNER_CREDENTIAL,
4462 CLIENT_MODIFY_SCHEDULE,
4463 CLIENT_MODIFY_SCHEDULE_COMMENT,
4464 CLIENT_MODIFY_SCHEDULE_ICALENDAR,
4465 CLIENT_MODIFY_SCHEDULE_NAME,
4466 CLIENT_MODIFY_SCHEDULE_TIMEZONE,
4467 CLIENT_MODIFY_SETTING,
4468 CLIENT_MODIFY_SETTING_NAME,
4469 CLIENT_MODIFY_SETTING_VALUE,
4470 CLIENT_MODIFY_TAG,
4471 CLIENT_MODIFY_TAG_ACTIVE,
4472 CLIENT_MODIFY_TAG_COMMENT,
4473 CLIENT_MODIFY_TAG_NAME,
4474 CLIENT_MODIFY_TAG_RESOURCES,
4475 CLIENT_MODIFY_TAG_RESOURCES_RESOURCE,
4476 CLIENT_MODIFY_TAG_RESOURCES_TYPE,
4477 CLIENT_MODIFY_TAG_VALUE,
4478 CLIENT_MODIFY_TARGET,
4479 CLIENT_MODIFY_TARGET_ALIVE_TESTS,
4480 CLIENT_MODIFY_TARGET_ALLOW_SIMULTANEOUS_IPS,
4481 CLIENT_MODIFY_TARGET_COMMENT,
4482 CLIENT_MODIFY_TARGET_ESXI_CREDENTIAL,
4483 CLIENT_MODIFY_TARGET_ESXI_LSC_CREDENTIAL,
4484 CLIENT_MODIFY_TARGET_HOSTS,
4485 CLIENT_MODIFY_TARGET_EXCLUDE_HOSTS,
4486 CLIENT_MODIFY_TARGET_REVERSE_LOOKUP_ONLY,
4487 CLIENT_MODIFY_TARGET_REVERSE_LOOKUP_UNIFY,
4488 CLIENT_MODIFY_TARGET_NAME,
4489 CLIENT_MODIFY_TARGET_PORT_LIST,
4490 CLIENT_MODIFY_TARGET_SMB_CREDENTIAL,
4491 CLIENT_MODIFY_TARGET_SNMP_CREDENTIAL,
4492 CLIENT_MODIFY_TARGET_SSH_CREDENTIAL,
4493 CLIENT_MODIFY_TARGET_SSH_ELEVATE_CREDENTIAL,
4494 CLIENT_MODIFY_TARGET_SSH_CREDENTIAL_PORT,
4495 CLIENT_MODIFY_TARGET_SMB_LSC_CREDENTIAL,
4496 CLIENT_MODIFY_TARGET_SSH_LSC_CREDENTIAL,
4497 CLIENT_MODIFY_TARGET_SSH_LSC_CREDENTIAL_PORT,
4498 CLIENT_MODIFY_TASK,
4499 CLIENT_MODIFY_TASK_ALERT,
4500 CLIENT_MODIFY_TASK_ALTERABLE,
4501 CLIENT_MODIFY_TASK_COMMENT,
4502 CLIENT_MODIFY_TASK_CONFIG,
4503 CLIENT_MODIFY_TASK_FILE,
4504 CLIENT_MODIFY_TASK_NAME,
4505 CLIENT_MODIFY_TASK_OBSERVERS,
4506 CLIENT_MODIFY_TASK_OBSERVERS_GROUP,
4507 CLIENT_MODIFY_TASK_PREFERENCES,
4508 CLIENT_MODIFY_TASK_PREFERENCES_PREFERENCE,
4509 CLIENT_MODIFY_TASK_PREFERENCES_PREFERENCE_NAME,
4510 CLIENT_MODIFY_TASK_PREFERENCES_PREFERENCE_VALUE,
4511 CLIENT_MODIFY_TASK_SCHEDULE,
4512 CLIENT_MODIFY_TASK_SCHEDULE_PERIODS,
4513 CLIENT_MODIFY_TASK_TARGET,
4514 CLIENT_MODIFY_TASK_HOSTS_ORDERING,
4515 CLIENT_MODIFY_TASK_SCANNER,
4516 CLIENT_MODIFY_TICKET,
4517 CLIENT_MODIFY_TLS_CERTIFICATE,
4518 CLIENT_MODIFY_USER,
4519 CLIENT_MODIFY_USER_COMMENT,
4520 CLIENT_MODIFY_USER_GROUPS,
4521 CLIENT_MODIFY_USER_GROUPS_GROUP,
4522 CLIENT_MODIFY_USER_HOSTS,
4523 CLIENT_MODIFY_USER_IFACES,
4524 CLIENT_MODIFY_USER_NAME,
4525 CLIENT_MODIFY_USER_NEW_NAME,
4526 CLIENT_MODIFY_USER_PASSWORD,
4527 CLIENT_MODIFY_USER_ROLE,
4528 CLIENT_MODIFY_USER_SOURCES,
4529 CLIENT_MODIFY_USER_SOURCES_SOURCE,
4530 CLIENT_MOVE_TASK,
4531 CLIENT_RESTORE,
4532 CLIENT_RESUME_TASK,
4533 CLIENT_RUN_WIZARD,
4534 CLIENT_RUN_WIZARD_MODE,
4535 CLIENT_RUN_WIZARD_NAME,
4536 CLIENT_RUN_WIZARD_PARAMS,
4537 CLIENT_RUN_WIZARD_PARAMS_PARAM,
4538 CLIENT_RUN_WIZARD_PARAMS_PARAM_NAME,
4539 CLIENT_RUN_WIZARD_PARAMS_PARAM_VALUE,
4540 CLIENT_START_TASK,
4541 CLIENT_STOP_TASK,
4542 CLIENT_SYNC_CONFIG,
4543 CLIENT_TEST_ALERT,
4544 CLIENT_VERIFY_REPORT_FORMAT,
4545 CLIENT_VERIFY_SCANNER,
4546 } client_state_t;
4547
4548 /**
4549 * @brief The state of the client.
4550 */
4551 static client_state_t client_state = CLIENT_TOP;
4552
4553 /**
4554 * @brief Set the client state.
4555 *
4556 * @param[in] state New state.
4557 */
4558 static void
set_client_state(client_state_t state)4559 set_client_state (client_state_t state)
4560 {
4561 client_state = state;
4562 g_debug (" client state set: %i", client_state);
4563 }
4564
4565
4566 /* XML parser handlers. */
4567
4568 /**
4569 * @brief Expand to XML for a STATUS_ERROR_SYNTAX response.
4570 *
4571 * This is a variant of the XML_ERROR_SYNTAX macro to allow for a
4572 * runtime defined syntax_text attribute value.
4573 *
4574 * @param tag Name of the command generating the response.
4575 * @param text Value for the status_text attribute of the response.
4576 * The function takes care of proper quoting.
4577 *
4578 * @return A malloced XML string. The caller must use g_free to
4579 * release it.
4580 */
4581 static char *
make_xml_error_syntax(const char * tag,const char * text)4582 make_xml_error_syntax (const char *tag, const char *text)
4583 {
4584 char *textbuf;
4585 char *ret;
4586
4587 textbuf = g_markup_escape_text (text, -1);
4588 ret = g_strdup_printf ("<%s_response status=\"" STATUS_ERROR_SYNTAX "\""
4589 " status_text=\"%s\"/>", tag, textbuf);
4590 g_free (textbuf);
4591 return ret;
4592 }
4593
4594 /**
4595 * @brief Insert else clause for GET command in gmp_xml_handle_start_element.
4596 *
4597 * @param[in] lower What to get, in lowercase.
4598 * @param[in] upper What to get, in uppercase.
4599 */
4600 #define ELSE_GET_START(lower, upper) \
4601 else if (strcasecmp ("GET_" G_STRINGIFY (upper), element_name) == 0) \
4602 { \
4603 get_ ## lower ## _start (attribute_names, attribute_values); \
4604 set_client_state (CLIENT_GET_ ## upper); \
4605 }
4606
4607 /**
4608 * @brief Set read_over flag on a parser.
4609 *
4610 * @param[in] gmp_parser Parser.
4611 */
4612 static void
set_read_over(gmp_parser_t * gmp_parser)4613 set_read_over (gmp_parser_t *gmp_parser)
4614 {
4615 if (gmp_parser->read_over == 0)
4616 {
4617 gmp_parser->read_over = 1;
4618 gmp_parser->parent_state = client_state;
4619 }
4620 }
4621
4622 /**
4623 * @brief Insert else clause for error in gmp_xml_handle_start_element.
4624 */
4625 #define ELSE_READ_OVER \
4626 else \
4627 { \
4628 set_read_over (gmp_parser); \
4629 } \
4630 break
4631
4632 /**
4633 * @brief Insert else clause for gmp_xml_handle_start_element in create_task.
4634 */
4635 #define ELSE_READ_OVER_CREATE_TASK \
4636 else \
4637 { \
4638 request_delete_task (&create_task_data->task); \
4639 set_read_over (gmp_parser); \
4640 } \
4641 break
4642
4643 /** @todo Free globals when tags open, in case of duplicate tags. */
4644 /**
4645 * @brief Handle the start of a GMP XML element.
4646 *
4647 * React to the start of an XML element according to the current value
4648 * of \ref client_state, usually adjusting \ref client_state to indicate
4649 * the change (with \ref set_client_state). Call \ref send_to_client to
4650 * queue any responses for the client.
4651 *
4652 * Set error parameter on encountering an error.
4653 *
4654 * @param[in] context Parser context.
4655 * @param[in] element_name XML element name.
4656 * @param[in] attribute_names XML attribute names.
4657 * @param[in] attribute_values XML attribute values.
4658 * @param[in] user_data GMP parser.
4659 * @param[in] error Error parameter.
4660 */
4661 static void
gmp_xml_handle_start_element(GMarkupParseContext * context,const gchar * element_name,const gchar ** attribute_names,const gchar ** attribute_values,gpointer user_data,GError ** error)4662 gmp_xml_handle_start_element (/* unused */ GMarkupParseContext* context,
4663 const gchar *element_name,
4664 const gchar **attribute_names,
4665 const gchar **attribute_values,
4666 gpointer user_data,
4667 GError **error)
4668 {
4669 gmp_parser_t *gmp_parser = (gmp_parser_t*) user_data;
4670 int (*write_to_client) (const char *, void*)
4671 = (int (*) (const char *, void*)) gmp_parser->client_writer;
4672 void* write_to_client_data = (void*) gmp_parser->client_writer_data;
4673
4674 g_debug (" XML start: %s (%i)", element_name, client_state);
4675
4676 if (gmp_parser->read_over)
4677 gmp_parser->read_over++;
4678 else switch (client_state)
4679 {
4680 case CLIENT_TOP:
4681 if (strcasecmp ("GET_VERSION", element_name) == 0)
4682 set_client_state (CLIENT_GET_VERSION);
4683 else if (strcasecmp ("AUTHENTICATE", element_name) == 0)
4684 set_client_state (CLIENT_AUTHENTICATE);
4685 else
4686 {
4687 /** @todo If a real GMP command, return STATUS_ERROR_MUST_AUTH. */
4688 if (send_to_client
4689 (XML_ERROR_SYNTAX ("gmp",
4690 "Only command GET_VERSION is"
4691 " allowed before AUTHENTICATE"),
4692 write_to_client,
4693 write_to_client_data))
4694 {
4695 error_send_to_client (error);
4696 return;
4697 }
4698 g_set_error (error, G_MARKUP_ERROR, G_MARKUP_ERROR_UNKNOWN_ELEMENT,
4699 "Must authenticate first.");
4700 }
4701 break;
4702
4703 case CLIENT_AUTHENTIC:
4704 if (command_disabled (gmp_parser, element_name))
4705 {
4706 SEND_TO_CLIENT_OR_FAIL
4707 (XML_ERROR_UNAVAILABLE ("gmp",
4708 "Service unavailable: Command disabled"));
4709 g_set_error (error,
4710 G_MARKUP_ERROR,
4711 G_MARKUP_ERROR_UNKNOWN_ELEMENT,
4712 "Command Unavailable");
4713 }
4714 else if (strcasecmp ("AUTHENTICATE", element_name) == 0)
4715 {
4716 free_credentials (¤t_credentials);
4717 set_client_state (CLIENT_AUTHENTICATE);
4718 }
4719 else if (strcasecmp ("CREATE_ASSET", element_name) == 0)
4720 set_client_state (CLIENT_CREATE_ASSET);
4721 else if (strcasecmp ("CREATE_CONFIG", element_name) == 0)
4722 {
4723 create_config_start (gmp_parser, attribute_names,
4724 attribute_values);
4725 set_client_state (CLIENT_CREATE_CONFIG);
4726 }
4727 else if (strcasecmp ("CREATE_ALERT", element_name) == 0)
4728 {
4729 create_alert_data->condition_data = make_array ();
4730 create_alert_data->event_data = make_array ();
4731 create_alert_data->method_data = make_array ();
4732
4733 gvm_append_string (&create_alert_data->part_data, "");
4734 gvm_append_string (&create_alert_data->part_name, "");
4735 gvm_append_string (&create_alert_data->comment, "");
4736 gvm_append_string (&create_alert_data->name, "");
4737 gvm_append_string (&create_alert_data->condition, "");
4738 gvm_append_string (&create_alert_data->method, "");
4739 gvm_append_string (&create_alert_data->event, "");
4740
4741 set_client_state (CLIENT_CREATE_ALERT);
4742 }
4743 else if (strcasecmp ("CREATE_CREDENTIAL", element_name) == 0)
4744 {
4745 gvm_append_string (&create_credential_data->comment, "");
4746 gvm_append_string (&create_credential_data->name, "");
4747 set_client_state (CLIENT_CREATE_CREDENTIAL);
4748 }
4749 else if (strcasecmp ("CREATE_FILTER", element_name) == 0)
4750 {
4751 gvm_append_string (&create_filter_data->comment, "");
4752 gvm_append_string (&create_filter_data->term, "");
4753 set_client_state (CLIENT_CREATE_FILTER);
4754 }
4755 else if (strcasecmp ("CREATE_GROUP", element_name) == 0)
4756 {
4757 gvm_append_string (&create_group_data->users, "");
4758 set_client_state (CLIENT_CREATE_GROUP);
4759 }
4760 else if (strcasecmp ("CREATE_ROLE", element_name) == 0)
4761 {
4762 gvm_append_string (&create_role_data->users, "");
4763 set_client_state (CLIENT_CREATE_ROLE);
4764 }
4765 else if (strcasecmp ("CREATE_NOTE", element_name) == 0)
4766 set_client_state (CLIENT_CREATE_NOTE);
4767 else if (strcasecmp ("CREATE_OVERRIDE", element_name) == 0)
4768 set_client_state (CLIENT_CREATE_OVERRIDE);
4769 else if (strcasecmp ("CREATE_PORT_LIST", element_name) == 0)
4770 {
4771 create_port_list_start (gmp_parser, attribute_names,
4772 attribute_values);
4773 set_client_state (CLIENT_CREATE_PORT_LIST);
4774 }
4775 else if (strcasecmp ("CREATE_PORT_RANGE", element_name) == 0)
4776 set_client_state (CLIENT_CREATE_PORT_RANGE);
4777 else if (strcasecmp ("CREATE_PERMISSION", element_name) == 0)
4778 {
4779 gvm_append_string (&create_permission_data->comment, "");
4780 set_client_state (CLIENT_CREATE_PERMISSION);
4781 }
4782 else if (strcasecmp ("CREATE_REPORT", element_name) == 0)
4783 set_client_state (CLIENT_CREATE_REPORT);
4784 else if (strcasecmp ("CREATE_REPORT_FORMAT", element_name) == 0)
4785 {
4786 create_report_format_start (gmp_parser, attribute_names,
4787 attribute_values);
4788 set_client_state (CLIENT_CREATE_REPORT_FORMAT);
4789 }
4790 else if (strcasecmp ("CREATE_SCANNER", element_name) == 0)
4791 set_client_state (CLIENT_CREATE_SCANNER);
4792 else if (strcasecmp ("CREATE_SCHEDULE", element_name) == 0)
4793 set_client_state (CLIENT_CREATE_SCHEDULE);
4794 else if (strcasecmp ("CREATE_TAG", element_name) == 0)
4795 {
4796 create_tag_data->resource_ids = NULL;
4797 set_client_state (CLIENT_CREATE_TAG);
4798 }
4799 else if (strcasecmp ("CREATE_TARGET", element_name) == 0)
4800 {
4801 gvm_append_string (&create_target_data->comment, "");
4802 set_client_state (CLIENT_CREATE_TARGET);
4803 }
4804 else if (strcasecmp ("CREATE_TASK", element_name) == 0)
4805 {
4806 create_task_data->task = make_task (NULL, NULL, 1, 1);
4807 create_task_data->alerts = make_array ();
4808 create_task_data->groups = make_array ();
4809 set_client_state (CLIENT_CREATE_TASK);
4810 }
4811 else if (strcasecmp ("CREATE_TICKET", element_name) == 0)
4812 {
4813 create_ticket_start (gmp_parser, attribute_names,
4814 attribute_values);
4815 set_client_state (CLIENT_CREATE_TICKET);
4816 }
4817 else if (strcasecmp ("CREATE_TLS_CERTIFICATE", element_name) == 0)
4818 {
4819 create_tls_certificate_start (gmp_parser, attribute_names,
4820 attribute_values);
4821 set_client_state (CLIENT_CREATE_TLS_CERTIFICATE);
4822 }
4823 else if (strcasecmp ("CREATE_USER", element_name) == 0)
4824 {
4825 set_client_state (CLIENT_CREATE_USER);
4826 create_user_data->groups = make_array ();
4827 create_user_data->roles = make_array ();
4828 create_user_data->hosts_allow = 0;
4829 create_user_data->ifaces_allow = 0;
4830 }
4831 else if (strcasecmp ("DELETE_ASSET", element_name) == 0)
4832 {
4833 append_attribute (attribute_names, attribute_values, "asset_id",
4834 &delete_asset_data->asset_id);
4835 append_attribute (attribute_names, attribute_values, "report_id",
4836 &delete_asset_data->report_id);
4837 set_client_state (CLIENT_DELETE_ASSET);
4838 }
4839 else if (strcasecmp ("DELETE_CONFIG", element_name) == 0)
4840 {
4841 const gchar* attribute;
4842 append_attribute (attribute_names, attribute_values,
4843 "config_id", &delete_config_data->config_id);
4844 if (find_attribute (attribute_names, attribute_values,
4845 "ultimate", &attribute))
4846 delete_config_data->ultimate = strcmp (attribute, "0");
4847 else
4848 delete_config_data->ultimate = 0;
4849 set_client_state (CLIENT_DELETE_CONFIG);
4850 }
4851 else if (strcasecmp ("DELETE_ALERT", element_name) == 0)
4852 {
4853 const gchar* attribute;
4854 append_attribute (attribute_names, attribute_values,
4855 "alert_id",
4856 &delete_alert_data->alert_id);
4857 if (find_attribute (attribute_names, attribute_values,
4858 "ultimate", &attribute))
4859 delete_alert_data->ultimate = strcmp (attribute, "0");
4860 else
4861 delete_alert_data->ultimate = 0;
4862 set_client_state (CLIENT_DELETE_ALERT);
4863 }
4864 else if (strcasecmp ("DELETE_CREDENTIAL", element_name) == 0)
4865 {
4866 const gchar* attribute;
4867 append_attribute (attribute_names, attribute_values,
4868 "credential_id",
4869 &delete_credential_data->credential_id);
4870 if (find_attribute (attribute_names, attribute_values,
4871 "ultimate", &attribute))
4872 delete_credential_data->ultimate
4873 = strcmp (attribute, "0");
4874 else
4875 delete_credential_data->ultimate = 0;
4876 set_client_state (CLIENT_DELETE_CREDENTIAL);
4877 }
4878 else if (strcasecmp ("DELETE_FILTER", element_name) == 0)
4879 {
4880 const gchar* attribute;
4881 append_attribute (attribute_names, attribute_values, "filter_id",
4882 &delete_filter_data->filter_id);
4883 if (find_attribute (attribute_names, attribute_values,
4884 "ultimate", &attribute))
4885 delete_filter_data->ultimate = strcmp (attribute, "0");
4886 else
4887 delete_filter_data->ultimate = 0;
4888 set_client_state (CLIENT_DELETE_FILTER);
4889 }
4890 else if (strcasecmp ("DELETE_GROUP", element_name) == 0)
4891 {
4892 const gchar* attribute;
4893 append_attribute (attribute_names, attribute_values, "group_id",
4894 &delete_group_data->group_id);
4895 if (find_attribute (attribute_names, attribute_values,
4896 "ultimate", &attribute))
4897 delete_group_data->ultimate = strcmp (attribute, "0");
4898 else
4899 delete_group_data->ultimate = 0;
4900 set_client_state (CLIENT_DELETE_GROUP);
4901 }
4902 else if (strcasecmp ("DELETE_NOTE", element_name) == 0)
4903 {
4904 const gchar* attribute;
4905 append_attribute (attribute_names, attribute_values, "note_id",
4906 &delete_note_data->note_id);
4907 if (find_attribute (attribute_names, attribute_values,
4908 "ultimate", &attribute))
4909 delete_note_data->ultimate = strcmp (attribute, "0");
4910 else
4911 delete_note_data->ultimate = 0;
4912 set_client_state (CLIENT_DELETE_NOTE);
4913 }
4914 else if (strcasecmp ("DELETE_OVERRIDE", element_name) == 0)
4915 {
4916 const gchar* attribute;
4917 append_attribute (attribute_names, attribute_values, "override_id",
4918 &delete_override_data->override_id);
4919 if (find_attribute (attribute_names, attribute_values,
4920 "ultimate", &attribute))
4921 delete_override_data->ultimate = strcmp (attribute, "0");
4922 else
4923 delete_override_data->ultimate = 0;
4924 set_client_state (CLIENT_DELETE_OVERRIDE);
4925 }
4926 else if (strcasecmp ("DELETE_PERMISSION", element_name) == 0)
4927 {
4928 const gchar* attribute;
4929 append_attribute (attribute_names, attribute_values,
4930 "permission_id",
4931 &delete_permission_data->permission_id);
4932 if (find_attribute (attribute_names, attribute_values,
4933 "ultimate", &attribute))
4934 delete_permission_data->ultimate = strcmp (attribute, "0");
4935 else
4936 delete_permission_data->ultimate = 0;
4937 set_client_state (CLIENT_DELETE_PERMISSION);
4938 }
4939 else if (strcasecmp ("DELETE_PORT_LIST", element_name) == 0)
4940 {
4941 const gchar* attribute;
4942 append_attribute (attribute_names, attribute_values, "port_list_id",
4943 &delete_port_list_data->port_list_id);
4944 if (find_attribute (attribute_names, attribute_values,
4945 "ultimate", &attribute))
4946 delete_port_list_data->ultimate = strcmp (attribute, "0");
4947 else
4948 delete_port_list_data->ultimate = 0;
4949 set_client_state (CLIENT_DELETE_PORT_LIST);
4950 }
4951 else if (strcasecmp ("DELETE_PORT_RANGE", element_name) == 0)
4952 {
4953 append_attribute (attribute_names, attribute_values, "port_range_id",
4954 &delete_port_range_data->port_range_id);
4955 set_client_state (CLIENT_DELETE_PORT_RANGE);
4956 }
4957 else if (strcasecmp ("DELETE_REPORT", element_name) == 0)
4958 {
4959 append_attribute (attribute_names, attribute_values, "report_id",
4960 &delete_report_data->report_id);
4961 set_client_state (CLIENT_DELETE_REPORT);
4962 }
4963 else if (strcasecmp ("DELETE_REPORT_FORMAT", element_name) == 0)
4964 {
4965 const gchar* attribute;
4966 append_attribute (attribute_names, attribute_values, "report_format_id",
4967 &delete_report_format_data->report_format_id);
4968 if (find_attribute (attribute_names, attribute_values,
4969 "ultimate", &attribute))
4970 delete_report_format_data->ultimate = strcmp (attribute,
4971 "0");
4972 else
4973 delete_report_format_data->ultimate = 0;
4974 set_client_state (CLIENT_DELETE_REPORT_FORMAT);
4975 }
4976 else if (strcasecmp ("DELETE_ROLE", element_name) == 0)
4977 {
4978 const gchar* attribute;
4979 append_attribute (attribute_names, attribute_values, "role_id",
4980 &delete_role_data->role_id);
4981 if (find_attribute (attribute_names, attribute_values,
4982 "ultimate", &attribute))
4983 delete_role_data->ultimate = strcmp (attribute, "0");
4984 else
4985 delete_role_data->ultimate = 0;
4986 set_client_state (CLIENT_DELETE_ROLE);
4987 }
4988 else if (strcasecmp ("DELETE_SCANNER", element_name) == 0)
4989 {
4990 const gchar* attribute;
4991 append_attribute (attribute_names, attribute_values,
4992 "scanner_id", &delete_scanner_data->scanner_id);
4993 if (find_attribute (attribute_names, attribute_values, "ultimate",
4994 &attribute))
4995 delete_scanner_data->ultimate = strcmp (attribute, "0");
4996 else
4997 delete_scanner_data->ultimate = 0;
4998 set_client_state (CLIENT_DELETE_SCANNER);
4999 }
5000 else if (strcasecmp ("DELETE_SCHEDULE", element_name) == 0)
5001 {
5002 const gchar* attribute;
5003 append_attribute (attribute_names, attribute_values, "schedule_id",
5004 &delete_schedule_data->schedule_id);
5005 if (find_attribute (attribute_names, attribute_values,
5006 "ultimate", &attribute))
5007 delete_schedule_data->ultimate = strcmp (attribute, "0");
5008 else
5009 delete_schedule_data->ultimate = 0;
5010 set_client_state (CLIENT_DELETE_SCHEDULE);
5011 }
5012 else if (strcasecmp ("DELETE_TAG", element_name) == 0)
5013 {
5014 const gchar* attribute;
5015 append_attribute (attribute_names, attribute_values, "tag_id",
5016 &delete_tag_data->tag_id);
5017 if (find_attribute (attribute_names, attribute_values,
5018 "ultimate", &attribute))
5019 delete_tag_data->ultimate = strcmp (attribute, "0");
5020 else
5021 delete_tag_data->ultimate = 0;
5022 set_client_state (CLIENT_DELETE_TAG);
5023 }
5024 else if (strcasecmp ("DELETE_TARGET", element_name) == 0)
5025 {
5026 const gchar* attribute;
5027 append_attribute (attribute_names, attribute_values, "target_id",
5028 &delete_target_data->target_id);
5029 if (find_attribute (attribute_names, attribute_values,
5030 "ultimate", &attribute))
5031 delete_target_data->ultimate = strcmp (attribute, "0");
5032 else
5033 delete_target_data->ultimate = 0;
5034 set_client_state (CLIENT_DELETE_TARGET);
5035 }
5036 else if (strcasecmp ("DELETE_TASK", element_name) == 0)
5037 {
5038 const gchar* attribute;
5039 append_attribute (attribute_names, attribute_values, "task_id",
5040 &delete_task_data->task_id);
5041 if (find_attribute (attribute_names, attribute_values,
5042 "ultimate", &attribute))
5043 delete_task_data->ultimate = strcmp (attribute, "0");
5044 else
5045 delete_task_data->ultimate = 0;
5046 set_client_state (CLIENT_DELETE_TASK);
5047 }
5048 else if (strcasecmp ("DELETE_TICKET", element_name) == 0)
5049 {
5050 delete_start ("ticket", "Ticket",
5051 attribute_names, attribute_values);
5052 set_client_state (CLIENT_DELETE_TICKET);
5053 }
5054 else if (strcasecmp ("DELETE_TLS_CERTIFICATE", element_name) == 0)
5055 {
5056 delete_start ("tls_certificate", "TLS Certificate",
5057 attribute_names, attribute_values);
5058 set_client_state (CLIENT_DELETE_TLS_CERTIFICATE);
5059 }
5060 else if (strcasecmp ("DELETE_USER", element_name) == 0)
5061 {
5062 const gchar* attribute;
5063 append_attribute (attribute_names, attribute_values, "name",
5064 &delete_user_data->name);
5065 append_attribute (attribute_names, attribute_values, "user_id",
5066 &delete_user_data->user_id);
5067 append_attribute (attribute_names, attribute_values,
5068 "inheritor_id",
5069 &delete_user_data->inheritor_id);
5070 append_attribute (attribute_names, attribute_values,
5071 "inheritor_name",
5072 &delete_user_data->inheritor_name);
5073 if (find_attribute (attribute_names, attribute_values,
5074 "ultimate", &attribute))
5075 delete_user_data->ultimate = strcmp (attribute, "0");
5076 else
5077 delete_user_data->ultimate = 0;
5078 set_client_state (CLIENT_DELETE_USER);
5079 }
5080 else if (strcasecmp ("DESCRIBE_AUTH", element_name) == 0)
5081 set_client_state (CLIENT_DESCRIBE_AUTH);
5082 else if (strcasecmp ("EMPTY_TRASHCAN", element_name) == 0)
5083 set_client_state (CLIENT_EMPTY_TRASHCAN);
5084 else if (strcasecmp ("GET_AGGREGATES", element_name) == 0)
5085 {
5086 gchar *data_column = g_strdup ("");
5087 sort_data_t *sort_data;
5088 const gchar *attribute;
5089 int sort_order_given;
5090
5091 sort_data = g_malloc0 (sizeof (sort_data_t));
5092 sort_data->field = g_strdup ("");
5093 sort_data->stat = g_strdup ("");
5094
5095 append_attribute (attribute_names, attribute_values, "type",
5096 &get_aggregates_data->type);
5097
5098 if (get_aggregates_data->type
5099 && strcasecmp (get_aggregates_data->type, "info") == 0)
5100 {
5101 append_attribute (attribute_names, attribute_values, "info_type",
5102 &get_aggregates_data->subtype);
5103 }
5104
5105 append_attribute (attribute_names, attribute_values, "data_column",
5106 &data_column);
5107 get_aggregates_data->data_columns
5108 = g_list_append (get_aggregates_data->data_columns,
5109 data_column);
5110
5111 append_attribute (attribute_names, attribute_values, "group_column",
5112 &get_aggregates_data->group_column);
5113
5114 append_attribute (attribute_names, attribute_values,
5115 "subgroup_column",
5116 &get_aggregates_data->subgroup_column);
5117
5118 append_attribute (attribute_names, attribute_values, "sort_field",
5119 &(sort_data->field));
5120 append_attribute (attribute_names, attribute_values, "sort_stat",
5121 &(sort_data->stat));
5122 if (find_attribute (attribute_names, attribute_values,
5123 "sort_order", &attribute))
5124 {
5125 sort_data->order = strcmp (attribute, "descending");
5126 sort_order_given = 1;
5127 }
5128 else
5129 {
5130 sort_data->order = 1;
5131 sort_order_given = 0;
5132 }
5133
5134 if (strcmp (sort_data->field, "") || sort_order_given)
5135 {
5136 get_aggregates_data->sort_data
5137 = g_list_append (get_aggregates_data->sort_data,
5138 sort_data);
5139 }
5140
5141 append_attribute (attribute_names, attribute_values, "mode",
5142 &get_aggregates_data->mode);
5143
5144 if (find_attribute (attribute_names, attribute_values,
5145 "first_group", &attribute))
5146 get_aggregates_data->first_group = atoi (attribute) - 1;
5147 else
5148 get_aggregates_data->first_group = 0;
5149
5150 if (find_attribute (attribute_names, attribute_values,
5151 "max_groups", &attribute))
5152 get_aggregates_data->max_groups = atoi (attribute);
5153 else
5154 get_aggregates_data->max_groups = -1;
5155
5156 get_data_parse_attributes (&get_aggregates_data->get,
5157 get_aggregates_data->type
5158 ? get_aggregates_data->type
5159 : "",
5160 attribute_names,
5161 attribute_values);
5162
5163 // get_aggregates ignores pagination by default
5164 if (find_attribute (attribute_names, attribute_values,
5165 "ignore_pagination", &attribute) == 0)
5166 get_aggregates_data->get.ignore_pagination = 1;
5167
5168 // Extra selection attribute for configs and tasks
5169 if (find_attribute (attribute_names, attribute_values,
5170 "usage_type", &attribute))
5171 {
5172 get_data_set_extra (&get_aggregates_data->get,
5173 "usage_type",
5174 attribute);
5175 }
5176
5177 set_client_state (CLIENT_GET_AGGREGATES);
5178 }
5179 else if (strcasecmp ("GET_CONFIGS", element_name) == 0)
5180 {
5181 const gchar* attribute;
5182
5183 get_data_parse_attributes (&get_configs_data->get,
5184 "config",
5185 attribute_names,
5186 attribute_values);
5187
5188 if (find_attribute (attribute_names, attribute_values,
5189 "tasks", &attribute))
5190 get_configs_data->tasks = strcmp (attribute, "0");
5191 else
5192 get_configs_data->tasks = 0;
5193
5194 if (find_attribute (attribute_names, attribute_values,
5195 "families", &attribute))
5196 get_configs_data->families = strcmp (attribute, "0");
5197 else
5198 get_configs_data->families = 0;
5199
5200 if (find_attribute (attribute_names, attribute_values,
5201 "preferences", &attribute))
5202 get_configs_data->preferences = strcmp (attribute, "0");
5203 else
5204 get_configs_data->preferences = 0;
5205
5206 if (find_attribute (attribute_names, attribute_values,
5207 "usage_type", &attribute))
5208 {
5209 get_data_set_extra (&get_configs_data->get,
5210 "usage_type",
5211 attribute);
5212 }
5213
5214 set_client_state (CLIENT_GET_CONFIGS);
5215 }
5216 else if (strcasecmp ("GET_ALERTS", element_name) == 0)
5217 {
5218 const gchar* attribute;
5219
5220 get_data_parse_attributes (&get_alerts_data->get,
5221 "alert",
5222 attribute_names,
5223 attribute_values);
5224 if (find_attribute (attribute_names, attribute_values,
5225 "tasks", &attribute))
5226 get_alerts_data->tasks = strcmp (attribute, "0");
5227 else
5228 get_alerts_data->tasks = 0;
5229
5230 set_client_state (CLIENT_GET_ALERTS);
5231 }
5232 else if (strcasecmp ("GET_ASSETS", element_name) == 0)
5233 {
5234 const gchar* typebuf;
5235 get_data_parse_attributes (&get_assets_data->get, "asset",
5236 attribute_names,
5237 attribute_values);
5238 if (find_attribute (attribute_names, attribute_values,
5239 "type", &typebuf))
5240 get_assets_data->type = g_ascii_strdown (typebuf, -1);
5241 set_client_state (CLIENT_GET_ASSETS);
5242 }
5243 else if (strcasecmp ("GET_CREDENTIALS", element_name) == 0)
5244 {
5245 const gchar* attribute;
5246
5247 get_data_parse_attributes (&get_credentials_data->get,
5248 "credential",
5249 attribute_names,
5250 attribute_values);
5251
5252 if (find_attribute (attribute_names, attribute_values,
5253 "scanners", &attribute))
5254 get_credentials_data->scanners = strcmp (attribute, "0");
5255 else
5256 get_credentials_data->scanners = 0;
5257
5258 if (find_attribute (attribute_names, attribute_values,
5259 "targets", &attribute))
5260 get_credentials_data->targets = strcmp (attribute, "0");
5261 else
5262 get_credentials_data->targets = 0;
5263
5264 append_attribute (attribute_names, attribute_values, "format",
5265 &get_credentials_data->format);
5266 set_client_state (CLIENT_GET_CREDENTIALS);
5267 }
5268 else if (strcasecmp ("GET_FEEDS", element_name) == 0)
5269 {
5270 append_attribute (attribute_names, attribute_values, "type",
5271 &get_feeds_data->type);
5272 set_client_state (CLIENT_GET_FEEDS);
5273 }
5274 else if (strcasecmp ("GET_FILTERS", element_name) == 0)
5275 {
5276 const gchar* attribute;
5277 get_data_parse_attributes (&get_filters_data->get, "filter",
5278 attribute_names,
5279 attribute_values);
5280 if (find_attribute (attribute_names, attribute_values,
5281 "alerts", &attribute))
5282 get_filters_data->alerts = strcmp (attribute, "0");
5283 else
5284 get_filters_data->alerts = 0;
5285 set_client_state (CLIENT_GET_FILTERS);
5286 }
5287 else if (strcasecmp ("GET_GROUPS", element_name) == 0)
5288 {
5289 get_data_parse_attributes (&get_groups_data->get, "group",
5290 attribute_names,
5291 attribute_values);
5292 set_client_state (CLIENT_GET_GROUPS);
5293 }
5294 else if (strcasecmp ("GET_NOTES", element_name) == 0)
5295 {
5296 const gchar* attribute;
5297
5298 get_data_parse_attributes (&get_notes_data->get, "note",
5299 attribute_names,
5300 attribute_values);
5301
5302 append_attribute (attribute_names, attribute_values, "note_id",
5303 &get_notes_data->note_id);
5304
5305 append_attribute (attribute_names, attribute_values, "nvt_oid",
5306 &get_notes_data->nvt_oid);
5307
5308 append_attribute (attribute_names, attribute_values, "task_id",
5309 &get_notes_data->task_id);
5310
5311 if (find_attribute (attribute_names, attribute_values,
5312 "result", &attribute))
5313 get_notes_data->result = strcmp (attribute, "0");
5314 else
5315 get_notes_data->result = 0;
5316
5317 set_client_state (CLIENT_GET_NOTES);
5318 }
5319 else if (strcasecmp ("GET_NVTS", element_name) == 0)
5320 {
5321 const gchar* attribute;
5322 append_attribute (attribute_names, attribute_values, "nvt_oid",
5323 &get_nvts_data->nvt_oid);
5324 append_attribute (attribute_names, attribute_values, "config_id",
5325 &get_nvts_data->config_id);
5326 append_attribute (attribute_names, attribute_values,
5327 "preferences_config_id",
5328 &get_nvts_data->preferences_config_id);
5329 if (find_attribute (attribute_names, attribute_values,
5330 "details", &attribute))
5331 get_nvts_data->details = strcmp (attribute, "0");
5332 else
5333 get_nvts_data->details = 0;
5334 append_attribute (attribute_names, attribute_values, "family",
5335 &get_nvts_data->family);
5336 if (find_attribute (attribute_names, attribute_values,
5337 "preferences", &attribute))
5338 get_nvts_data->preferences = strcmp (attribute, "0");
5339 else
5340 get_nvts_data->preferences = 0;
5341 if (find_attribute (attribute_names, attribute_values,
5342 "preference_count", &attribute))
5343 get_nvts_data->preference_count = strcmp (attribute, "0");
5344 else
5345 get_nvts_data->preference_count = 0;
5346 if (find_attribute (attribute_names, attribute_values,
5347 "timeout", &attribute))
5348 get_nvts_data->timeout = strcmp (attribute, "0");
5349 else
5350 get_nvts_data->timeout = 0;
5351 append_attribute (attribute_names, attribute_values, "sort_field",
5352 &get_nvts_data->sort_field);
5353 if (find_attribute (attribute_names, attribute_values,
5354 "sort_order", &attribute))
5355 get_nvts_data->sort_order = strcmp (attribute,
5356 "descending");
5357 else
5358 get_nvts_data->sort_order = 1;
5359 set_client_state (CLIENT_GET_NVTS);
5360 }
5361 else if (strcasecmp ("GET_NVT_FAMILIES", element_name) == 0)
5362 {
5363 const gchar* attribute;
5364 if (find_attribute (attribute_names, attribute_values,
5365 "sort_order", &attribute))
5366 get_nvt_families_data->sort_order = strcmp (attribute,
5367 "descending");
5368 else
5369 get_nvt_families_data->sort_order = 1;
5370 set_client_state (CLIENT_GET_NVT_FAMILIES);
5371 }
5372 else if (strcasecmp ("GET_OVERRIDES", element_name) == 0)
5373 {
5374 const gchar* attribute;
5375
5376 get_data_parse_attributes (&get_overrides_data->get, "override",
5377 attribute_names,
5378 attribute_values);
5379
5380 append_attribute (attribute_names, attribute_values, "override_id",
5381 &get_overrides_data->override_id);
5382
5383 append_attribute (attribute_names, attribute_values, "nvt_oid",
5384 &get_overrides_data->nvt_oid);
5385
5386 append_attribute (attribute_names, attribute_values, "task_id",
5387 &get_overrides_data->task_id);
5388
5389 if (find_attribute (attribute_names, attribute_values,
5390 "result", &attribute))
5391 get_overrides_data->result = strcmp (attribute, "0");
5392 else
5393 get_overrides_data->result = 0;
5394
5395 set_client_state (CLIENT_GET_OVERRIDES);
5396 }
5397 else if (strcasecmp ("GET_PORT_LISTS", element_name) == 0)
5398 {
5399 const gchar* attribute;
5400
5401 get_data_parse_attributes (&get_port_lists_data->get,
5402 "port_list",
5403 attribute_names,
5404 attribute_values);
5405 if (find_attribute (attribute_names, attribute_values,
5406 "targets", &attribute))
5407 get_port_lists_data->targets = strcmp (attribute, "0");
5408 else
5409 get_port_lists_data->targets = 0;
5410 set_client_state (CLIENT_GET_PORT_LISTS);
5411 }
5412 else if (strcasecmp ("GET_PERMISSIONS", element_name) == 0)
5413 {
5414 get_data_parse_attributes (&get_permissions_data->get, "permission",
5415 attribute_names,
5416 attribute_values);
5417 append_attribute (attribute_names, attribute_values, "resource_id",
5418 &get_permissions_data->resource_id);
5419 set_client_state (CLIENT_GET_PERMISSIONS);
5420 }
5421 else if (strcasecmp ("GET_PREFERENCES", element_name) == 0)
5422 {
5423 append_attribute (attribute_names, attribute_values, "nvt_oid",
5424 &get_preferences_data->nvt_oid);
5425 append_attribute (attribute_names, attribute_values, "config_id",
5426 &get_preferences_data->config_id);
5427 append_attribute (attribute_names, attribute_values, "preference",
5428 &get_preferences_data->preference);
5429 set_client_state (CLIENT_GET_PREFERENCES);
5430 }
5431 else if (strcasecmp ("GET_REPORTS", element_name) == 0)
5432 {
5433 const gchar* attribute;
5434
5435 get_data_parse_attributes (&get_reports_data->get, "report",
5436 attribute_names,
5437 attribute_values);
5438
5439 get_data_parse_attributes (&get_reports_data->report_get, "report",
5440 attribute_names,
5441 attribute_values);
5442
5443 g_free (get_reports_data->report_get.filt_id);
5444 get_reports_data->report_get.filt_id = NULL;
5445 append_attribute (attribute_names, attribute_values,
5446 "report_filt_id",
5447 &get_reports_data->report_get.filt_id);
5448
5449 g_free (get_reports_data->report_get.filter);
5450 get_reports_data->report_get.filter = NULL;
5451 append_attribute (attribute_names, attribute_values,
5452 "report_filter",
5453 &get_reports_data->report_get.filter);
5454
5455 append_attribute (attribute_names, attribute_values, "report_id",
5456 &get_reports_data->report_id);
5457
5458 append_attribute (attribute_names, attribute_values,
5459 "delta_report_id",
5460 &get_reports_data->delta_report_id);
5461
5462 append_attribute (attribute_names, attribute_values, "alert_id",
5463 &get_reports_data->alert_id);
5464
5465 append_attribute (attribute_names, attribute_values, "format_id",
5466 &get_reports_data->format_id);
5467
5468 if (find_attribute (attribute_names, attribute_values,
5469 "lean", &attribute))
5470 get_reports_data->lean = atoi (attribute);
5471 else
5472 get_reports_data->lean = 0;
5473
5474 if (find_attribute (attribute_names, attribute_values,
5475 "notes_details", &attribute))
5476 get_reports_data->notes_details = strcmp (attribute, "0");
5477 else
5478 get_reports_data->notes_details = 0;
5479
5480 if (find_attribute (attribute_names, attribute_values,
5481 "overrides_details", &attribute))
5482 get_reports_data->overrides_details = strcmp (attribute, "0");
5483 else
5484 get_reports_data->overrides_details = 0;
5485
5486 if (find_attribute (attribute_names, attribute_values,
5487 "result_tags", &attribute))
5488 get_reports_data->result_tags = strcmp (attribute, "0");
5489 else
5490 get_reports_data->result_tags = 0;
5491
5492 if (find_attribute (attribute_names, attribute_values,
5493 "ignore_pagination", &attribute))
5494 get_reports_data->ignore_pagination = atoi (attribute);
5495 else
5496 get_reports_data->ignore_pagination = 0;
5497
5498 set_client_state (CLIENT_GET_REPORTS);
5499 }
5500 else if (strcasecmp ("GET_REPORT_FORMATS", element_name) == 0)
5501 {
5502 const gchar* attribute;
5503
5504 get_data_parse_attributes (&get_report_formats_data->get,
5505 "report_format",
5506 attribute_names,
5507 attribute_values);
5508 if (find_attribute (attribute_names, attribute_values,
5509 "alerts", &attribute))
5510 get_report_formats_data->alerts = strcmp (attribute, "0");
5511 else
5512 get_report_formats_data->alerts = 0;
5513
5514 if (find_attribute (attribute_names, attribute_values,
5515 "params", &attribute))
5516 get_report_formats_data->params = strcmp (attribute, "0");
5517 else
5518 get_report_formats_data->params = 0;
5519
5520 set_client_state (CLIENT_GET_REPORT_FORMATS);
5521 }
5522 else if (strcasecmp ("GET_RESULTS", element_name) == 0)
5523 {
5524 const gchar* attribute;
5525 get_data_parse_attributes (&get_results_data->get,
5526 "result",
5527 attribute_names,
5528 attribute_values);
5529
5530 append_attribute (attribute_names, attribute_values, "task_id",
5531 &get_results_data->task_id);
5532
5533 if (find_attribute (attribute_names, attribute_values,
5534 "notes_details", &attribute))
5535 get_results_data->notes_details = strcmp (attribute, "0");
5536 else
5537 get_results_data->notes_details = 0;
5538
5539 if (find_attribute (attribute_names, attribute_values,
5540 "overrides_details", &attribute))
5541 get_results_data->overrides_details = strcmp (attribute, "0");
5542 else
5543 get_results_data->overrides_details = 0;
5544
5545 if (find_attribute (attribute_names, attribute_values,
5546 "get_counts", &attribute))
5547 get_results_data->get_counts = strcmp (attribute, "0");
5548 else
5549 get_results_data->get_counts = 1;
5550
5551 set_client_state (CLIENT_GET_RESULTS);
5552 }
5553 else if (strcasecmp ("GET_ROLES", element_name) == 0)
5554 {
5555 get_data_parse_attributes (&get_roles_data->get, "role",
5556 attribute_names,
5557 attribute_values);
5558 set_client_state (CLIENT_GET_ROLES);
5559 }
5560 else if (strcasecmp ("GET_SCANNERS", element_name) == 0)
5561 {
5562 get_data_parse_attributes (&get_scanners_data->get, "scanner",
5563 attribute_names, attribute_values);
5564 set_client_state (CLIENT_GET_SCANNERS);
5565 }
5566 else if (strcasecmp ("GET_SCHEDULES", element_name) == 0)
5567 {
5568 const gchar *attribute;
5569 get_data_parse_attributes (&get_schedules_data->get, "schedule",
5570 attribute_names,
5571 attribute_values);
5572 if (find_attribute (attribute_names, attribute_values,
5573 "tasks", &attribute))
5574 get_schedules_data->tasks = strcmp (attribute, "0");
5575 else
5576 get_schedules_data->tasks = 0;
5577 set_client_state (CLIENT_GET_SCHEDULES);
5578 }
5579 else if (strcasecmp ("GET_SETTINGS", element_name) == 0)
5580 {
5581 const gchar* attribute;
5582
5583 append_attribute (attribute_names, attribute_values, "setting_id",
5584 &get_settings_data->setting_id);
5585
5586 append_attribute (attribute_names, attribute_values, "filter",
5587 &get_settings_data->filter);
5588
5589 if (find_attribute (attribute_names, attribute_values,
5590 "first", &attribute))
5591 /* Subtract 1 to switch from 1 to 0 indexing. */
5592 get_settings_data->first = atoi (attribute) - 1;
5593 else
5594 get_settings_data->first = 0;
5595 if (get_settings_data->first < 0)
5596 get_settings_data->first = 0;
5597
5598 if (find_attribute (attribute_names, attribute_values,
5599 "max", &attribute))
5600 get_settings_data->max = atoi (attribute);
5601 else
5602 get_settings_data->max = -1;
5603 if (get_settings_data->max < 1)
5604 get_settings_data->max = -1;
5605
5606 append_attribute (attribute_names, attribute_values, "sort_field",
5607 &get_settings_data->sort_field);
5608
5609 if (find_attribute (attribute_names, attribute_values,
5610 "sort_order", &attribute))
5611 get_settings_data->sort_order = strcmp (attribute, "descending");
5612 else
5613 get_settings_data->sort_order = 1;
5614
5615 set_client_state (CLIENT_GET_SETTINGS);
5616 }
5617 else if (strcasecmp ("GET_TAGS", element_name) == 0)
5618 {
5619 const gchar* attribute;
5620 get_data_parse_attributes (&get_tags_data->get, "tag",
5621 attribute_names,
5622 attribute_values);
5623
5624 if (find_attribute (attribute_names, attribute_values,
5625 "names_only", &attribute))
5626 get_tags_data->names_only = strcmp (attribute, "0");
5627 else
5628 get_tags_data->names_only = 0;
5629
5630 set_client_state (CLIENT_GET_TAGS);
5631 }
5632 else if (strcasecmp ("GET_SYSTEM_REPORTS", element_name) == 0)
5633 {
5634 const gchar* attribute;
5635 append_attribute (attribute_names, attribute_values, "name",
5636 &get_system_reports_data->name);
5637 append_attribute (attribute_names, attribute_values, "duration",
5638 &get_system_reports_data->duration);
5639 append_attribute (attribute_names, attribute_values, "end_time",
5640 &get_system_reports_data->end_time);
5641 append_attribute (attribute_names, attribute_values, "slave_id",
5642 &get_system_reports_data->slave_id);
5643 append_attribute (attribute_names, attribute_values, "start_time",
5644 &get_system_reports_data->start_time);
5645 if (find_attribute (attribute_names, attribute_values,
5646 "brief", &attribute))
5647 get_system_reports_data->brief = strcmp (attribute, "0");
5648 else
5649 get_system_reports_data->brief = 0;
5650 set_client_state (CLIENT_GET_SYSTEM_REPORTS);
5651 }
5652 else if (strcasecmp ("GET_TARGETS", element_name) == 0)
5653 {
5654 const gchar *attribute;
5655 get_data_parse_attributes (&get_targets_data->get, "target",
5656 attribute_names,
5657 attribute_values);
5658 if (find_attribute (attribute_names, attribute_values,
5659 "tasks", &attribute))
5660 get_targets_data->tasks = strcmp (attribute, "0");
5661 else
5662 get_targets_data->tasks = 0;
5663 set_client_state (CLIENT_GET_TARGETS);
5664 }
5665 else if (strcasecmp ("GET_TASKS", element_name) == 0)
5666 {
5667 const gchar *attribute;
5668 get_data_parse_attributes (&get_tasks_data->get, "task",
5669 attribute_names,
5670 attribute_values);
5671 if (find_attribute (attribute_names, attribute_values,
5672 "schedules_only", &attribute))
5673 get_tasks_data->schedules_only = strcmp (attribute, "0");
5674 else
5675 get_tasks_data->schedules_only = 0;
5676
5677 if (find_attribute (attribute_names, attribute_values,
5678 "usage_type", &attribute))
5679 {
5680 get_data_set_extra (&get_tasks_data->get,
5681 "usage_type",
5682 attribute);
5683 }
5684
5685 set_client_state (CLIENT_GET_TASKS);
5686 }
5687 ELSE_GET_START (tickets, TICKETS)
5688 ELSE_GET_START (tls_certificates, TLS_CERTIFICATES)
5689 else if (strcasecmp ("GET_USERS", element_name) == 0)
5690 {
5691 get_data_parse_attributes (&get_users_data->get, "user",
5692 attribute_names,
5693 attribute_values);
5694 set_client_state (CLIENT_GET_USERS);
5695 }
5696 else if (strcasecmp ("GET_INFO", element_name) == 0)
5697 {
5698 const gchar* attribute;
5699 const gchar* typebuf;
5700 get_data_parse_attributes (&get_info_data->get, "info",
5701 attribute_names,
5702 attribute_values);
5703 append_attribute (attribute_names, attribute_values, "name",
5704 &get_info_data->name);
5705 if (find_attribute (attribute_names, attribute_values,
5706 "details", &attribute))
5707 get_info_data->details = strcmp (attribute, "0");
5708 else
5709 get_info_data->details = 0;
5710
5711 if (find_attribute (attribute_names, attribute_values,
5712 "type", &typebuf))
5713 get_info_data->type = g_ascii_strdown (typebuf, -1);
5714 set_client_state (CLIENT_GET_INFO);
5715 }
5716 else if (strcasecmp ("GET_VERSION", element_name) == 0)
5717 set_client_state (CLIENT_GET_VERSION_AUTHENTIC);
5718 else if (strcasecmp ("GET_VULNS", element_name) == 0)
5719 {
5720 get_data_parse_attributes (&get_vulns_data->get, "vuln",
5721 attribute_names,
5722 attribute_values);
5723 set_client_state (CLIENT_GET_VULNS);
5724 }
5725 else if (strcasecmp ("HELP", element_name) == 0)
5726 {
5727 append_attribute (attribute_names, attribute_values, "format",
5728 &help_data->format);
5729 append_attribute (attribute_names, attribute_values, "type",
5730 &help_data->type);
5731 set_client_state (CLIENT_HELP);
5732 }
5733 else if (strcasecmp ("MODIFY_ALERT", element_name) == 0)
5734 {
5735 modify_alert_data->event_data = make_array ();
5736
5737 gvm_append_string (&modify_alert_data->part_data, "");
5738 gvm_append_string (&modify_alert_data->part_name, "");
5739 gvm_append_string (&modify_alert_data->event, "");
5740 modify_alert_data->condition_data = make_array ();
5741 gvm_append_string (&modify_alert_data->condition, "");
5742 modify_alert_data->method_data = make_array ();
5743 gvm_append_string (&modify_alert_data->method, "");
5744
5745 append_attribute (attribute_names, attribute_values, "alert_id",
5746 &modify_alert_data->alert_id);
5747 set_client_state (CLIENT_MODIFY_ALERT);
5748 }
5749 else if (strcasecmp ("MODIFY_ASSET", element_name) == 0)
5750 {
5751 append_attribute (attribute_names, attribute_values, "asset_id",
5752 &modify_asset_data->asset_id);
5753 set_client_state (CLIENT_MODIFY_ASSET);
5754 }
5755 else if (strcasecmp ("MODIFY_AUTH", element_name) == 0)
5756 set_client_state (CLIENT_MODIFY_AUTH);
5757 else if (strcasecmp ("MODIFY_CONFIG", element_name) == 0)
5758 {
5759 modify_config_start (gmp_parser, attribute_names,
5760 attribute_values);
5761 set_client_state (CLIENT_MODIFY_CONFIG);
5762 }
5763 else if (strcasecmp ("MODIFY_CREDENTIAL", element_name) == 0)
5764 {
5765 append_attribute (attribute_names, attribute_values,
5766 "credential_id",
5767 &modify_credential_data->credential_id);
5768 set_client_state (CLIENT_MODIFY_CREDENTIAL);
5769 }
5770 else if (strcasecmp ("MODIFY_FILTER", element_name) == 0)
5771 {
5772 append_attribute (attribute_names, attribute_values, "filter_id",
5773 &modify_filter_data->filter_id);
5774 set_client_state (CLIENT_MODIFY_FILTER);
5775 }
5776 else if (strcasecmp ("MODIFY_GROUP", element_name) == 0)
5777 {
5778 append_attribute (attribute_names, attribute_values, "group_id",
5779 &modify_group_data->group_id);
5780 set_client_state (CLIENT_MODIFY_GROUP);
5781 }
5782 else if (strcasecmp ("MODIFY_PORT_LIST", element_name) == 0)
5783 {
5784 append_attribute (attribute_names, attribute_values,
5785 "port_list_id",
5786 &modify_port_list_data->port_list_id);
5787 set_client_state (CLIENT_MODIFY_PORT_LIST);
5788 }
5789 else if (strcasecmp ("MODIFY_NOTE", element_name) == 0)
5790 {
5791 append_attribute (attribute_names, attribute_values, "note_id",
5792 &modify_note_data->note_id);
5793 set_client_state (CLIENT_MODIFY_NOTE);
5794 }
5795 else if (strcasecmp ("MODIFY_OVERRIDE", element_name) == 0)
5796 {
5797 append_attribute (attribute_names, attribute_values, "override_id",
5798 &modify_override_data->override_id);
5799 set_client_state (CLIENT_MODIFY_OVERRIDE);
5800 }
5801 else if (strcasecmp ("MODIFY_PERMISSION", element_name) == 0)
5802 {
5803 append_attribute (attribute_names, attribute_values,
5804 "permission_id",
5805 &modify_permission_data->permission_id);
5806 set_client_state (CLIENT_MODIFY_PERMISSION);
5807 }
5808 else if (strcasecmp ("MODIFY_REPORT_FORMAT", element_name) == 0)
5809 {
5810 append_attribute (attribute_names, attribute_values,
5811 "report_format_id",
5812 &modify_report_format_data->report_format_id);
5813 set_client_state (CLIENT_MODIFY_REPORT_FORMAT);
5814 }
5815 else if (strcasecmp ("MODIFY_ROLE", element_name) == 0)
5816 {
5817 append_attribute (attribute_names, attribute_values, "role_id",
5818 &modify_role_data->role_id);
5819 set_client_state (CLIENT_MODIFY_ROLE);
5820 }
5821 else if (strcasecmp ("MODIFY_SCANNER", element_name) == 0)
5822 {
5823 append_attribute (attribute_names, attribute_values, "scanner_id",
5824 &modify_scanner_data->scanner_id);
5825 set_client_state (CLIENT_MODIFY_SCANNER);
5826 }
5827 else if (strcasecmp ("MODIFY_SCHEDULE", element_name) == 0)
5828 {
5829 append_attribute (attribute_names, attribute_values, "schedule_id",
5830 &modify_schedule_data->schedule_id);
5831 set_client_state (CLIENT_MODIFY_SCHEDULE);
5832 }
5833 else if (strcasecmp ("MODIFY_SETTING", element_name) == 0)
5834 {
5835 append_attribute (attribute_names, attribute_values,
5836 "setting_id",
5837 &modify_setting_data->setting_id);
5838 set_client_state (CLIENT_MODIFY_SETTING);
5839 }
5840 else if (strcasecmp ("MODIFY_TAG", element_name) == 0)
5841 {
5842 modify_tag_data->resource_ids = NULL;
5843 append_attribute (attribute_names, attribute_values, "tag_id",
5844 &modify_tag_data->tag_id);
5845 set_client_state (CLIENT_MODIFY_TAG);
5846 }
5847 else if (strcasecmp ("MODIFY_TARGET", element_name) == 0)
5848 {
5849 append_attribute (attribute_names, attribute_values, "target_id",
5850 &modify_target_data->target_id);
5851 set_client_state (CLIENT_MODIFY_TARGET);
5852 }
5853 else if (strcasecmp ("MODIFY_TASK", element_name) == 0)
5854 {
5855 append_attribute (attribute_names, attribute_values, "task_id",
5856 &modify_task_data->task_id);
5857 modify_task_data->alerts = make_array ();
5858 modify_task_data->groups = make_array ();
5859 set_client_state (CLIENT_MODIFY_TASK);
5860 }
5861 else if (strcasecmp ("MODIFY_TICKET", element_name) == 0)
5862 {
5863 modify_ticket_start (gmp_parser, attribute_names,
5864 attribute_values);
5865 set_client_state (CLIENT_MODIFY_TICKET);
5866 }
5867 else if (strcasecmp ("MODIFY_TLS_CERTIFICATE", element_name) == 0)
5868 {
5869 modify_tls_certificate_start (gmp_parser, attribute_names,
5870 attribute_values);
5871 set_client_state (CLIENT_MODIFY_TLS_CERTIFICATE);
5872 }
5873 else if (strcasecmp ("MODIFY_USER", element_name) == 0)
5874 {
5875 append_attribute (attribute_names, attribute_values, "user_id",
5876 &modify_user_data->user_id);
5877 set_client_state (CLIENT_MODIFY_USER);
5878 }
5879 else if (strcasecmp ("MOVE_TASK", element_name) == 0)
5880 {
5881 append_attribute (attribute_names, attribute_values, "task_id",
5882 &move_task_data->task_id);
5883 append_attribute (attribute_names, attribute_values, "slave_id",
5884 &move_task_data->slave_id);
5885 set_client_state (CLIENT_MOVE_TASK);
5886 }
5887 else if (strcasecmp ("RESTORE", element_name) == 0)
5888 {
5889 append_attribute (attribute_names, attribute_values, "id",
5890 &restore_data->id);
5891 set_client_state (CLIENT_RESTORE);
5892 }
5893 else if (strcasecmp ("RESUME_TASK", element_name) == 0)
5894 {
5895 append_attribute (attribute_names, attribute_values, "task_id",
5896 &resume_task_data->task_id);
5897 set_client_state (CLIENT_RESUME_TASK);
5898 }
5899 else if (strcasecmp ("RUN_WIZARD", element_name) == 0)
5900 {
5901 append_attribute (attribute_names, attribute_values, "name",
5902 &run_wizard_data->name);
5903 append_attribute (attribute_names, attribute_values, "read_only",
5904 &run_wizard_data->read_only);
5905 set_client_state (CLIENT_RUN_WIZARD);
5906 }
5907 else if (strcasecmp ("START_TASK", element_name) == 0)
5908 {
5909 append_attribute (attribute_names, attribute_values, "task_id",
5910 &start_task_data->task_id);
5911 set_client_state (CLIENT_START_TASK);
5912 }
5913 else if (strcasecmp ("STOP_TASK", element_name) == 0)
5914 {
5915 append_attribute (attribute_names, attribute_values, "task_id",
5916 &stop_task_data->task_id);
5917 set_client_state (CLIENT_STOP_TASK);
5918 }
5919 else if (strcasecmp ("SYNC_CONFIG", element_name) == 0)
5920 {
5921 append_attribute (attribute_names, attribute_values, "config_id",
5922 &sync_config_data->config_id);
5923 set_client_state (CLIENT_SYNC_CONFIG);
5924 }
5925 else if (strcasecmp ("TEST_ALERT", element_name) == 0)
5926 {
5927 append_attribute (attribute_names, attribute_values,
5928 "alert_id",
5929 &test_alert_data->alert_id);
5930 set_client_state (CLIENT_TEST_ALERT);
5931 }
5932 else if (strcasecmp ("VERIFY_REPORT_FORMAT", element_name) == 0)
5933 {
5934 append_attribute (attribute_names, attribute_values, "report_format_id",
5935 &verify_report_format_data->report_format_id);
5936 set_client_state (CLIENT_VERIFY_REPORT_FORMAT);
5937 }
5938 else if (strcasecmp ("VERIFY_SCANNER", element_name) == 0)
5939 {
5940 append_attribute (attribute_names, attribute_values, "scanner_id",
5941 &verify_scanner_data->scanner_id);
5942 set_client_state (CLIENT_VERIFY_SCANNER);
5943 }
5944 else
5945 {
5946 if (send_to_client (XML_ERROR_SYNTAX ("gmp", "Bogus command name"),
5947 write_to_client,
5948 write_to_client_data))
5949 {
5950 error_send_to_client (error);
5951 return;
5952 }
5953 g_set_error (error,
5954 G_MARKUP_ERROR,
5955 G_MARKUP_ERROR_UNKNOWN_ELEMENT,
5956 "Error");
5957 }
5958 break;
5959
5960 case CLIENT_AUTHENTICATE:
5961 if (strcasecmp ("CREDENTIALS", element_name) == 0)
5962 {
5963 /* Init, so it's the empty string when the entity is empty. */
5964 append_to_credentials_password (¤t_credentials, "", 0);
5965 set_client_state (CLIENT_AUTHENTICATE_CREDENTIALS);
5966 }
5967 ELSE_READ_OVER;
5968
5969 case CLIENT_AUTHENTICATE_CREDENTIALS:
5970 if (strcasecmp ("USERNAME", element_name) == 0)
5971 set_client_state (CLIENT_AUTHENTICATE_CREDENTIALS_USERNAME);
5972 else if (strcasecmp ("PASSWORD", element_name) == 0)
5973 set_client_state (CLIENT_AUTHENTICATE_CREDENTIALS_PASSWORD);
5974 ELSE_READ_OVER;
5975
5976 case CLIENT_CREATE_SCANNER:
5977 if (strcasecmp ("COMMENT", element_name) == 0)
5978 set_client_state (CLIENT_CREATE_SCANNER_COMMENT);
5979 else if (strcasecmp ("COPY", element_name) == 0)
5980 set_client_state (CLIENT_CREATE_SCANNER_COPY);
5981 else if (strcasecmp ("NAME", element_name) == 0)
5982 set_client_state (CLIENT_CREATE_SCANNER_NAME);
5983 else if (strcasecmp ("HOST", element_name) == 0)
5984 set_client_state (CLIENT_CREATE_SCANNER_HOST);
5985 else if (strcasecmp ("PORT", element_name) == 0)
5986 set_client_state (CLIENT_CREATE_SCANNER_PORT);
5987 else if (strcasecmp ("TYPE", element_name) == 0)
5988 set_client_state (CLIENT_CREATE_SCANNER_TYPE);
5989 else if (strcasecmp ("CA_PUB", element_name) == 0)
5990 set_client_state (CLIENT_CREATE_SCANNER_CA_PUB);
5991 else if (strcasecmp ("CREDENTIAL", element_name) == 0)
5992 {
5993 append_attribute (attribute_names, attribute_values, "id",
5994 &create_scanner_data->credential_id);
5995 set_client_state (CLIENT_CREATE_SCANNER_CREDENTIAL);
5996 }
5997 ELSE_READ_OVER;
5998
5999 case CLIENT_CREATE_SCHEDULE:
6000 if (strcasecmp ("COMMENT", element_name) == 0)
6001 set_client_state (CLIENT_CREATE_SCHEDULE_COMMENT);
6002 else if (strcasecmp ("COPY", element_name) == 0)
6003 set_client_state (CLIENT_CREATE_SCHEDULE_COPY);
6004 else if (strcasecmp ("ICALENDAR", element_name) == 0)
6005 set_client_state (CLIENT_CREATE_SCHEDULE_ICALENDAR);
6006 else if (strcasecmp ("NAME", element_name) == 0)
6007 set_client_state (CLIENT_CREATE_SCHEDULE_NAME);
6008 else if (strcasecmp ("TIMEZONE", element_name) == 0)
6009 set_client_state (CLIENT_CREATE_SCHEDULE_TIMEZONE);
6010 ELSE_READ_OVER;
6011
6012 case CLIENT_GET_AGGREGATES:
6013 if (strcasecmp ("DATA_COLUMN", element_name) == 0)
6014 {
6015 get_aggregates_data->data_columns
6016 = g_list_append (get_aggregates_data->data_columns,
6017 g_strdup (""));
6018 set_client_state (CLIENT_GET_AGGREGATES_DATA_COLUMN);
6019 }
6020 else if (strcasecmp ("SORT", element_name) == 0)
6021 {
6022 int sort_order_given;
6023 const gchar* attribute;
6024 sort_data_t *sort_data;
6025 sort_data = g_malloc0 (sizeof (sort_data_t));
6026 sort_data->field = g_strdup ("");
6027 sort_data->stat = g_strdup ("");
6028
6029 append_attribute (attribute_names, attribute_values, "field",
6030 &(sort_data->field));
6031 append_attribute (attribute_names, attribute_values, "stat",
6032 &(sort_data->stat));
6033 if (find_attribute (attribute_names, attribute_values,
6034 "order", &attribute))
6035 {
6036 sort_order_given = 1;
6037 sort_data->order = strcmp (attribute, "descending");
6038 }
6039 else
6040 {
6041 sort_order_given = 0;
6042 sort_data->order = 1;
6043 }
6044
6045 if (strcmp (sort_data->field, "") || sort_order_given)
6046 {
6047 get_aggregates_data->sort_data
6048 = g_list_append (get_aggregates_data->sort_data,
6049 sort_data);
6050 }
6051
6052 set_client_state (CLIENT_GET_AGGREGATES_SORT);
6053 }
6054 else if (strcasecmp ("TEXT_COLUMN", element_name) == 0)
6055 {
6056 get_aggregates_data->text_columns
6057 = g_list_append (get_aggregates_data->text_columns,
6058 g_strdup (""));
6059 set_client_state (CLIENT_GET_AGGREGATES_TEXT_COLUMN);
6060 }
6061 ELSE_READ_OVER;
6062
6063 case CLIENT_MODIFY_ALERT:
6064 if (strcasecmp ("NAME", element_name) == 0)
6065 {
6066 gvm_append_string (&modify_alert_data->name, "");
6067 set_client_state (CLIENT_MODIFY_ALERT_NAME);
6068 }
6069 else if (strcasecmp ("COMMENT", element_name) == 0)
6070 {
6071 gvm_append_string (&modify_alert_data->comment, "");
6072 set_client_state (CLIENT_MODIFY_ALERT_COMMENT);
6073 }
6074 else if (strcasecmp ("EVENT", element_name) == 0)
6075 set_client_state (CLIENT_MODIFY_ALERT_EVENT);
6076 else if (strcasecmp ("FILTER", element_name) == 0)
6077 {
6078 append_attribute (attribute_names, attribute_values, "id",
6079 &modify_alert_data->filter_id);
6080 set_client_state (CLIENT_MODIFY_ALERT_FILTER);
6081 }
6082 else if (strcasecmp ("ACTIVE", element_name) == 0)
6083 set_client_state (CLIENT_MODIFY_ALERT_ACTIVE);
6084 else if (strcasecmp ("CONDITION", element_name) == 0)
6085 set_client_state (CLIENT_MODIFY_ALERT_CONDITION);
6086 else if (strcasecmp ("METHOD", element_name) == 0)
6087 set_client_state (CLIENT_MODIFY_ALERT_METHOD);
6088 ELSE_READ_OVER;
6089
6090 case CLIENT_MODIFY_ALERT_EVENT:
6091 if (strcasecmp ("DATA", element_name) == 0)
6092 set_client_state (CLIENT_MODIFY_ALERT_EVENT_DATA);
6093 ELSE_READ_OVER;
6094
6095 case CLIENT_MODIFY_ALERT_EVENT_DATA:
6096 if (strcasecmp ("NAME", element_name) == 0)
6097 set_client_state (CLIENT_MODIFY_ALERT_EVENT_DATA_NAME);
6098 ELSE_READ_OVER;
6099
6100 case CLIENT_MODIFY_ALERT_CONDITION:
6101 if (strcasecmp ("DATA", element_name) == 0)
6102 set_client_state (CLIENT_MODIFY_ALERT_CONDITION_DATA);
6103 ELSE_READ_OVER;
6104
6105 case CLIENT_MODIFY_ALERT_CONDITION_DATA:
6106 if (strcasecmp ("NAME", element_name) == 0)
6107 set_client_state (CLIENT_MODIFY_ALERT_CONDITION_DATA_NAME);
6108 ELSE_READ_OVER;
6109
6110 case CLIENT_MODIFY_ALERT_METHOD:
6111 if (strcasecmp ("DATA", element_name) == 0)
6112 set_client_state (CLIENT_MODIFY_ALERT_METHOD_DATA);
6113 ELSE_READ_OVER;
6114
6115 case CLIENT_MODIFY_ALERT_METHOD_DATA:
6116 if (strcasecmp ("NAME", element_name) == 0)
6117 set_client_state (CLIENT_MODIFY_ALERT_METHOD_DATA_NAME);
6118 ELSE_READ_OVER;
6119
6120 case CLIENT_MODIFY_ASSET:
6121 if (strcasecmp ("COMMENT", element_name) == 0)
6122 {
6123 gvm_append_string (&modify_asset_data->comment, "");
6124 set_client_state (CLIENT_MODIFY_ASSET_COMMENT);
6125 }
6126 ELSE_READ_OVER;
6127
6128 case CLIENT_MODIFY_AUTH:
6129 if (strcasecmp ("GROUP", element_name) == 0)
6130 {
6131 const gchar* attribute;
6132 auth_group_t *new_group;
6133
6134 new_group = g_malloc0 (sizeof (auth_group_t));
6135 if (find_attribute (attribute_names, attribute_values, "name",
6136 &attribute))
6137 new_group->group_name = g_strdup (attribute);
6138 modify_auth_data->groups =
6139 g_slist_prepend (modify_auth_data->groups, new_group);
6140 set_client_state (CLIENT_MODIFY_AUTH_GROUP);
6141 }
6142 ELSE_READ_OVER;
6143
6144 case CLIENT_MODIFY_AUTH_GROUP:
6145 if (strcasecmp ("AUTH_CONF_SETTING", element_name) == 0)
6146 set_client_state (CLIENT_MODIFY_AUTH_GROUP_AUTH_CONF_SETTING);
6147 ELSE_READ_OVER;
6148
6149 case CLIENT_MODIFY_AUTH_GROUP_AUTH_CONF_SETTING:
6150 if (strcasecmp ("KEY", element_name) == 0)
6151 set_client_state (CLIENT_MODIFY_AUTH_GROUP_AUTH_CONF_SETTING_KEY);
6152 else if (strcasecmp ("VALUE", element_name) == 0)
6153 set_client_state (CLIENT_MODIFY_AUTH_GROUP_AUTH_CONF_SETTING_VALUE);
6154 ELSE_READ_OVER;
6155
6156 case CLIENT_MODIFY_CONFIG:
6157 modify_config_element_start (gmp_parser, element_name,
6158 attribute_names,
6159 attribute_values);
6160 break;
6161
6162 case CLIENT_MODIFY_CREDENTIAL:
6163 if (strcasecmp ("ALLOW_INSECURE", element_name) == 0)
6164 set_client_state (CLIENT_MODIFY_CREDENTIAL_ALLOW_INSECURE);
6165 else if (strcasecmp ("AUTH_ALGORITHM", element_name) == 0)
6166 {
6167 set_client_state (CLIENT_MODIFY_CREDENTIAL_AUTH_ALGORITHM);
6168 }
6169 else if (strcasecmp ("NAME", element_name) == 0)
6170 set_client_state (CLIENT_MODIFY_CREDENTIAL_NAME);
6171 else if (strcasecmp ("COMMENT", element_name) == 0)
6172 {
6173 gvm_free_string_var (&modify_credential_data->comment);
6174 gvm_append_string (&modify_credential_data->comment, "");
6175 set_client_state (CLIENT_MODIFY_CREDENTIAL_COMMENT);
6176 }
6177 else if (strcasecmp ("CERTIFICATE", element_name) == 0)
6178 {
6179 set_client_state (CLIENT_MODIFY_CREDENTIAL_CERTIFICATE);
6180 }
6181 else if (strcasecmp ("COMMUNITY", element_name) == 0)
6182 {
6183 gvm_append_string (&modify_credential_data->community, "");
6184 set_client_state (CLIENT_MODIFY_CREDENTIAL_COMMUNITY);
6185 }
6186 else if (strcasecmp ("KEY", element_name) == 0)
6187 {
6188 modify_credential_data->key = 1;
6189 set_client_state (CLIENT_MODIFY_CREDENTIAL_KEY);
6190 }
6191 else if (strcasecmp ("LOGIN", element_name) == 0)
6192 set_client_state (CLIENT_MODIFY_CREDENTIAL_LOGIN);
6193 else if (strcasecmp ("PASSWORD", element_name) == 0)
6194 {
6195 gvm_free_string_var (&modify_credential_data->password);
6196 gvm_append_string (&modify_credential_data->password, "");
6197 set_client_state (CLIENT_MODIFY_CREDENTIAL_PASSWORD);
6198 }
6199 else if (strcasecmp ("PRIVACY", element_name) == 0)
6200 {
6201 set_client_state (CLIENT_MODIFY_CREDENTIAL_PRIVACY);
6202 gvm_append_string (&modify_credential_data->privacy_algorithm,
6203 "");
6204 }
6205 ELSE_READ_OVER;
6206
6207 case CLIENT_MODIFY_CREDENTIAL_KEY:
6208 if (strcasecmp ("PHRASE", element_name) == 0)
6209 {
6210 gvm_free_string_var (&modify_credential_data->key_phrase);
6211 gvm_append_string (&modify_credential_data->key_phrase, "");
6212 set_client_state (CLIENT_MODIFY_CREDENTIAL_KEY_PHRASE);
6213 }
6214 else if (strcasecmp ("PRIVATE", element_name) == 0)
6215 {
6216 set_client_state (CLIENT_MODIFY_CREDENTIAL_KEY_PRIVATE);
6217 }
6218 else if (strcasecmp ("PUBLIC", element_name) == 0)
6219 {
6220 set_client_state (CLIENT_MODIFY_CREDENTIAL_KEY_PUBLIC);
6221 }
6222 ELSE_READ_OVER;
6223
6224 case CLIENT_MODIFY_CREDENTIAL_PRIVACY:
6225 if (strcasecmp ("ALGORITHM", element_name) == 0)
6226 {
6227 set_client_state (CLIENT_MODIFY_CREDENTIAL_PRIVACY_ALGORITHM);
6228 }
6229 else if (strcasecmp ("PASSWORD", element_name) == 0)
6230 {
6231 gvm_free_string_var (&modify_credential_data->privacy_password);
6232 gvm_append_string (&modify_credential_data->privacy_password, "");
6233 set_client_state (CLIENT_MODIFY_CREDENTIAL_PRIVACY_PASSWORD);
6234 }
6235 ELSE_READ_OVER;
6236
6237 case CLIENT_MODIFY_FILTER:
6238 if (strcasecmp ("COMMENT", element_name) == 0)
6239 {
6240 gvm_append_string (&modify_filter_data->comment, "");
6241 set_client_state (CLIENT_MODIFY_FILTER_COMMENT);
6242 }
6243 else if (strcasecmp ("NAME", element_name) == 0)
6244 {
6245 gvm_append_string (&modify_filter_data->name, "");
6246 set_client_state (CLIENT_MODIFY_FILTER_NAME);
6247 }
6248 else if (strcasecmp ("TERM", element_name) == 0)
6249 {
6250 gvm_append_string (&modify_filter_data->term, "");
6251 set_client_state (CLIENT_MODIFY_FILTER_TERM);
6252 }
6253 else if (strcasecmp ("TYPE", element_name) == 0)
6254 {
6255 gvm_append_string (&modify_filter_data->type, "");
6256 set_client_state (CLIENT_MODIFY_FILTER_TYPE);
6257 }
6258 ELSE_READ_OVER;
6259
6260 case CLIENT_MODIFY_GROUP:
6261 if (strcasecmp ("COMMENT", element_name) == 0)
6262 {
6263 gvm_append_string (&modify_group_data->comment, "");
6264 set_client_state (CLIENT_MODIFY_GROUP_COMMENT);
6265 }
6266 else if (strcasecmp ("NAME", element_name) == 0)
6267 {
6268 gvm_append_string (&modify_group_data->name, "");
6269 set_client_state (CLIENT_MODIFY_GROUP_NAME);
6270 }
6271 else if (strcasecmp ("USERS", element_name) == 0)
6272 {
6273 gvm_append_string (&modify_group_data->users, "");
6274 set_client_state (CLIENT_MODIFY_GROUP_USERS);
6275 }
6276 ELSE_READ_OVER;
6277
6278 case CLIENT_MODIFY_PERMISSION:
6279 if (strcasecmp ("COMMENT", element_name) == 0)
6280 {
6281 gvm_append_string (&modify_permission_data->comment, "");
6282 set_client_state (CLIENT_MODIFY_PERMISSION_COMMENT);
6283 }
6284 else if (strcasecmp ("NAME", element_name) == 0)
6285 set_client_state (CLIENT_MODIFY_PERMISSION_NAME);
6286 else if (strcasecmp ("RESOURCE", element_name) == 0)
6287 {
6288 append_attribute (attribute_names, attribute_values, "id",
6289 &modify_permission_data->resource_id);
6290 set_client_state (CLIENT_MODIFY_PERMISSION_RESOURCE);
6291 }
6292 else if (strcasecmp ("SUBJECT", element_name) == 0)
6293 {
6294 append_attribute (attribute_names, attribute_values, "id",
6295 &modify_permission_data->subject_id);
6296 set_client_state (CLIENT_MODIFY_PERMISSION_SUBJECT);
6297 }
6298 ELSE_READ_OVER;
6299
6300 case CLIENT_MODIFY_PERMISSION_RESOURCE:
6301 if (strcasecmp ("TYPE", element_name) == 0)
6302 set_client_state (CLIENT_MODIFY_PERMISSION_RESOURCE_TYPE);
6303 ELSE_READ_OVER;
6304
6305 case CLIENT_MODIFY_PERMISSION_SUBJECT:
6306 if (strcasecmp ("TYPE", element_name) == 0)
6307 set_client_state (CLIENT_MODIFY_PERMISSION_SUBJECT_TYPE);
6308 ELSE_READ_OVER;
6309
6310 case CLIENT_MODIFY_PORT_LIST:
6311 if (strcasecmp ("NAME", element_name) == 0)
6312 set_client_state (CLIENT_MODIFY_PORT_LIST_NAME);
6313 else if (strcasecmp ("COMMENT", element_name) == 0)
6314 {
6315 gvm_free_string_var (&modify_port_list_data->comment);
6316 gvm_append_string (&modify_port_list_data->comment, "");
6317 set_client_state (CLIENT_MODIFY_PORT_LIST_COMMENT);
6318 }
6319 ELSE_READ_OVER;
6320
6321 case CLIENT_MODIFY_REPORT_FORMAT:
6322 if (strcasecmp ("ACTIVE", element_name) == 0)
6323 set_client_state (CLIENT_MODIFY_REPORT_FORMAT_ACTIVE);
6324 else if (strcasecmp ("NAME", element_name) == 0)
6325 set_client_state (CLIENT_MODIFY_REPORT_FORMAT_NAME);
6326 else if (strcasecmp ("SUMMARY", element_name) == 0)
6327 set_client_state (CLIENT_MODIFY_REPORT_FORMAT_SUMMARY);
6328 else if (strcasecmp ("PARAM", element_name) == 0)
6329 set_client_state (CLIENT_MODIFY_REPORT_FORMAT_PARAM);
6330 ELSE_READ_OVER;
6331
6332 case CLIENT_MODIFY_REPORT_FORMAT_PARAM:
6333 if (strcasecmp ("NAME", element_name) == 0)
6334 set_client_state (CLIENT_MODIFY_REPORT_FORMAT_PARAM_NAME);
6335 else if (strcasecmp ("VALUE", element_name) == 0)
6336 set_client_state (CLIENT_MODIFY_REPORT_FORMAT_PARAM_VALUE);
6337 ELSE_READ_OVER;
6338
6339 case CLIENT_MODIFY_ROLE:
6340 if (strcasecmp ("COMMENT", element_name) == 0)
6341 {
6342 gvm_append_string (&modify_role_data->comment, "");
6343 set_client_state (CLIENT_MODIFY_ROLE_COMMENT);
6344 }
6345 else if (strcasecmp ("NAME", element_name) == 0)
6346 {
6347 gvm_append_string (&modify_role_data->name, "");
6348 set_client_state (CLIENT_MODIFY_ROLE_NAME);
6349 }
6350 else if (strcasecmp ("USERS", element_name) == 0)
6351 {
6352 gvm_append_string (&modify_role_data->users, "");
6353 set_client_state (CLIENT_MODIFY_ROLE_USERS);
6354 }
6355 ELSE_READ_OVER;
6356
6357 case CLIENT_MODIFY_SCANNER:
6358 if (strcasecmp ("COMMENT", element_name) == 0)
6359 {
6360 gvm_append_string (&modify_scanner_data->comment, "");
6361 set_client_state (CLIENT_MODIFY_SCANNER_COMMENT);
6362 }
6363 else if (strcasecmp ("NAME", element_name) == 0)
6364 {
6365 gvm_append_string (&modify_scanner_data->name, "");
6366 set_client_state (CLIENT_MODIFY_SCANNER_NAME);
6367 }
6368 else if (strcasecmp ("HOST", element_name) == 0)
6369 {
6370 gvm_append_string (&modify_scanner_data->host, "");
6371 set_client_state (CLIENT_MODIFY_SCANNER_HOST);
6372 }
6373 else if (strcasecmp ("PORT", element_name) == 0)
6374 {
6375 gvm_append_string (&modify_scanner_data->port, "");
6376 set_client_state (CLIENT_MODIFY_SCANNER_PORT);
6377 }
6378 else if (strcasecmp ("TYPE", element_name) == 0)
6379 {
6380 gvm_append_string (&modify_scanner_data->type, "");
6381 set_client_state (CLIENT_MODIFY_SCANNER_TYPE);
6382 }
6383 else if (strcasecmp ("CA_PUB", element_name) == 0)
6384 {
6385 gvm_append_string (&modify_scanner_data->ca_pub, "");
6386 set_client_state (CLIENT_MODIFY_SCANNER_CA_PUB);
6387 }
6388 else if (strcasecmp ("CREDENTIAL", element_name) == 0)
6389 {
6390 append_attribute (attribute_names, attribute_values, "id",
6391 &modify_scanner_data->credential_id);
6392 set_client_state (CLIENT_MODIFY_SCANNER_CREDENTIAL);
6393 }
6394 ELSE_READ_OVER;
6395
6396 case CLIENT_MODIFY_SCHEDULE:
6397 if (strcasecmp ("COMMENT", element_name) == 0)
6398 {
6399 gvm_append_string (&modify_schedule_data->comment, "");
6400 set_client_state (CLIENT_MODIFY_SCHEDULE_COMMENT);
6401 }
6402 else if (strcasecmp ("NAME", element_name) == 0)
6403 {
6404 gvm_append_string (&modify_schedule_data->name, "");
6405 set_client_state (CLIENT_MODIFY_SCHEDULE_NAME);
6406 }
6407 else if (strcasecmp ("ICALENDAR", element_name) == 0)
6408 set_client_state (CLIENT_MODIFY_SCHEDULE_ICALENDAR);
6409 else if (strcasecmp ("TIMEZONE", element_name) == 0)
6410 set_client_state (CLIENT_MODIFY_SCHEDULE_TIMEZONE);
6411 ELSE_READ_OVER;
6412
6413 case CLIENT_MODIFY_SETTING:
6414 if (strcasecmp ("NAME", element_name) == 0)
6415 set_client_state (CLIENT_MODIFY_SETTING_NAME);
6416 else if (strcasecmp ("VALUE", element_name) == 0)
6417 {
6418 gvm_append_string (&modify_setting_data->value, "");
6419 set_client_state (CLIENT_MODIFY_SETTING_VALUE);
6420 }
6421 ELSE_READ_OVER;
6422
6423 case CLIENT_MODIFY_TAG:
6424 if (strcasecmp ("ACTIVE", element_name) == 0)
6425 {
6426 gvm_append_string (&modify_tag_data->active, "");
6427 set_client_state (CLIENT_MODIFY_TAG_ACTIVE);
6428 }
6429 else if (strcasecmp ("RESOURCES", element_name) == 0)
6430 {
6431 modify_tag_data->resource_ids = make_array ();
6432 append_attribute (attribute_names, attribute_values, "filter",
6433 &modify_tag_data->resources_filter);
6434 append_attribute (attribute_names, attribute_values, "action",
6435 &modify_tag_data->resources_action);
6436 set_client_state (CLIENT_MODIFY_TAG_RESOURCES);
6437 }
6438 else if (strcasecmp ("COMMENT", element_name) == 0)
6439 {
6440 gvm_append_string (&modify_tag_data->comment, "");
6441 set_client_state (CLIENT_MODIFY_TAG_COMMENT);
6442 }
6443 else if (strcasecmp ("NAME", element_name) == 0)
6444 {
6445 gvm_append_string (&modify_tag_data->name, "");
6446 set_client_state (CLIENT_MODIFY_TAG_NAME);
6447 }
6448 else if (strcasecmp ("VALUE", element_name) == 0)
6449 {
6450 gvm_append_string (&modify_tag_data->value, "");
6451 set_client_state (CLIENT_MODIFY_TAG_VALUE);
6452 }
6453 ELSE_READ_OVER;
6454
6455 case CLIENT_MODIFY_TAG_RESOURCES:
6456 if (strcasecmp ("RESOURCE", element_name) == 0)
6457 {
6458 const gchar* attribute;
6459 if (find_attribute (attribute_names, attribute_values, "id",
6460 &attribute))
6461 array_add (modify_tag_data->resource_ids, g_strdup (attribute));
6462 set_client_state (CLIENT_MODIFY_TAG_RESOURCES_RESOURCE);
6463 }
6464 else if (strcasecmp ("TYPE", element_name) == 0)
6465 {
6466 gvm_append_string (&modify_tag_data->resource_type, "");
6467 set_client_state (CLIENT_MODIFY_TAG_RESOURCES_TYPE);
6468 }
6469 ELSE_READ_OVER;
6470
6471 case CLIENT_MODIFY_TARGET:
6472 if (strcasecmp ("EXCLUDE_HOSTS", element_name) == 0)
6473 {
6474 gvm_append_string (&modify_target_data->exclude_hosts, "");
6475 set_client_state (CLIENT_MODIFY_TARGET_EXCLUDE_HOSTS);
6476 }
6477 else if (strcasecmp ("REVERSE_LOOKUP_ONLY", element_name) == 0)
6478 set_client_state (CLIENT_MODIFY_TARGET_REVERSE_LOOKUP_ONLY);
6479 else if (strcasecmp ("REVERSE_LOOKUP_UNIFY", element_name) == 0)
6480 set_client_state (CLIENT_MODIFY_TARGET_REVERSE_LOOKUP_UNIFY);
6481 else if (strcasecmp ("ALIVE_TESTS", element_name) == 0)
6482 set_client_state (CLIENT_MODIFY_TARGET_ALIVE_TESTS);
6483 else if (strcasecmp ("ALLOW_SIMULTANEOUS_IPS", element_name) == 0)
6484 set_client_state (CLIENT_MODIFY_TARGET_ALLOW_SIMULTANEOUS_IPS);
6485 else if (strcasecmp ("COMMENT", element_name) == 0)
6486 {
6487 gvm_append_string (&modify_target_data->comment, "");
6488 set_client_state (CLIENT_MODIFY_TARGET_COMMENT);
6489 }
6490 else if (strcasecmp ("ESXI_CREDENTIAL", element_name) == 0)
6491 {
6492 append_attribute (attribute_names, attribute_values, "id",
6493 &modify_target_data->esxi_credential_id);
6494 set_client_state (CLIENT_MODIFY_TARGET_ESXI_CREDENTIAL);
6495 }
6496 else if (strcasecmp ("ESXI_LSC_CREDENTIAL", element_name) == 0)
6497 {
6498 append_attribute (attribute_names, attribute_values, "id",
6499 &modify_target_data->esxi_lsc_credential_id);
6500 set_client_state (CLIENT_MODIFY_TARGET_ESXI_LSC_CREDENTIAL);
6501 }
6502 else if (strcasecmp ("HOSTS", element_name) == 0)
6503 {
6504 gvm_append_string (&modify_target_data->hosts, "");
6505 set_client_state (CLIENT_MODIFY_TARGET_HOSTS);
6506 }
6507 else if (strcasecmp ("PORT_LIST", element_name) == 0)
6508 {
6509 append_attribute (attribute_names, attribute_values, "id",
6510 &modify_target_data->port_list_id);
6511 set_client_state (CLIENT_MODIFY_TARGET_PORT_LIST);
6512 }
6513 else if (strcasecmp ("SSH_CREDENTIAL", element_name) == 0)
6514 {
6515 append_attribute (attribute_names, attribute_values, "id",
6516 &modify_target_data->ssh_credential_id);
6517 set_client_state (CLIENT_MODIFY_TARGET_SSH_CREDENTIAL);
6518 }
6519 else if (strcasecmp ("SSH_LSC_CREDENTIAL", element_name) == 0)
6520 {
6521 append_attribute (attribute_names, attribute_values, "id",
6522 &modify_target_data->ssh_lsc_credential_id);
6523 set_client_state (CLIENT_MODIFY_TARGET_SSH_LSC_CREDENTIAL);
6524 }
6525 else if (strcasecmp ("SSH_ELEVATE_CREDENTIAL", element_name) == 0)
6526 {
6527 append_attribute (attribute_names, attribute_values, "id",
6528 &modify_target_data->ssh_elevate_credential_id);
6529 set_client_state (CLIENT_MODIFY_TARGET_SSH_ELEVATE_CREDENTIAL);
6530 }
6531 else if (strcasecmp ("SMB_CREDENTIAL", element_name) == 0)
6532 {
6533 append_attribute (attribute_names, attribute_values, "id",
6534 &modify_target_data->smb_credential_id);
6535 set_client_state (CLIENT_MODIFY_TARGET_SMB_CREDENTIAL);
6536 }
6537 else if (strcasecmp ("SMB_LSC_CREDENTIAL", element_name) == 0)
6538 {
6539 append_attribute (attribute_names, attribute_values, "id",
6540 &modify_target_data->smb_lsc_credential_id);
6541 set_client_state (CLIENT_MODIFY_TARGET_SMB_LSC_CREDENTIAL);
6542 }
6543 else if (strcasecmp ("SNMP_CREDENTIAL", element_name) == 0)
6544 {
6545 append_attribute (attribute_names, attribute_values, "id",
6546 &modify_target_data->snmp_credential_id);
6547 set_client_state (CLIENT_MODIFY_TARGET_SNMP_CREDENTIAL);
6548 }
6549 else if (strcasecmp ("NAME", element_name) == 0)
6550 {
6551 gvm_append_string (&modify_target_data->name, "");
6552 set_client_state (CLIENT_MODIFY_TARGET_NAME);
6553 }
6554 ELSE_READ_OVER;
6555
6556 case CLIENT_MODIFY_TARGET_SSH_CREDENTIAL:
6557 if (strcasecmp ("PORT", element_name) == 0)
6558 set_client_state (CLIENT_MODIFY_TARGET_SSH_CREDENTIAL_PORT);
6559 ELSE_READ_OVER;
6560
6561 case CLIENT_MODIFY_TARGET_SSH_LSC_CREDENTIAL:
6562 if (strcasecmp ("PORT", element_name) == 0)
6563 set_client_state (CLIENT_MODIFY_TARGET_SSH_LSC_CREDENTIAL_PORT);
6564 ELSE_READ_OVER;
6565
6566 case CLIENT_MODIFY_TASK:
6567 if (strcasecmp ("ALTERABLE", element_name) == 0)
6568 set_client_state (CLIENT_MODIFY_TASK_ALTERABLE);
6569 else if (strcasecmp ("COMMENT", element_name) == 0)
6570 {
6571 gvm_append_string (&modify_task_data->comment, "");
6572 set_client_state (CLIENT_MODIFY_TASK_COMMENT);
6573 }
6574 else if (strcasecmp ("HOSTS_ORDERING", element_name) == 0)
6575 set_client_state (CLIENT_MODIFY_TASK_HOSTS_ORDERING);
6576 else if (strcasecmp ("SCANNER", element_name) == 0)
6577 {
6578 append_attribute (attribute_names, attribute_values, "id",
6579 &modify_task_data->scanner_id);
6580 set_client_state (CLIENT_MODIFY_TASK_SCANNER);
6581 }
6582 else if (strcasecmp ("ALERT", element_name) == 0)
6583 {
6584 const gchar* attribute;
6585 if (find_attribute (attribute_names, attribute_values, "id",
6586 &attribute))
6587 array_add (modify_task_data->alerts, g_strdup (attribute));
6588 set_client_state (CLIENT_MODIFY_TASK_ALERT);
6589 }
6590 else if (strcasecmp ("CONFIG", element_name) == 0)
6591 {
6592 append_attribute (attribute_names, attribute_values, "id",
6593 &modify_task_data->config_id);
6594 set_client_state (CLIENT_MODIFY_TASK_CONFIG);
6595 }
6596 else if (strcasecmp ("NAME", element_name) == 0)
6597 set_client_state (CLIENT_MODIFY_TASK_NAME);
6598 else if (strcasecmp ("OBSERVERS", element_name) == 0)
6599 {
6600 gvm_append_string (&modify_task_data->observers, "");
6601 set_client_state (CLIENT_MODIFY_TASK_OBSERVERS);
6602 }
6603 else if (strcasecmp ("PREFERENCES", element_name) == 0)
6604 {
6605 modify_task_data->preferences = make_array ();
6606 set_client_state (CLIENT_MODIFY_TASK_PREFERENCES);
6607 }
6608 else if (strcasecmp ("SCHEDULE", element_name) == 0)
6609 {
6610 append_attribute (attribute_names, attribute_values, "id",
6611 &modify_task_data->schedule_id);
6612 set_client_state (CLIENT_MODIFY_TASK_SCHEDULE);
6613 }
6614 else if (strcasecmp ("SCHEDULE_PERIODS", element_name) == 0)
6615 set_client_state (CLIENT_MODIFY_TASK_SCHEDULE_PERIODS);
6616 else if (strcasecmp ("TARGET", element_name) == 0)
6617 {
6618 append_attribute (attribute_names, attribute_values, "id",
6619 &modify_task_data->target_id);
6620 set_client_state (CLIENT_MODIFY_TASK_TARGET);
6621 }
6622 else if (strcasecmp ("FILE", element_name) == 0)
6623 {
6624 const gchar* attribute;
6625 append_attribute (attribute_names, attribute_values, "name",
6626 &modify_task_data->file_name);
6627 if (find_attribute (attribute_names, attribute_values,
6628 "action", &attribute))
6629 gvm_append_string (&modify_task_data->action, attribute);
6630 else
6631 gvm_append_string (&modify_task_data->action, "update");
6632 set_client_state (CLIENT_MODIFY_TASK_FILE);
6633 }
6634 ELSE_READ_OVER;
6635
6636 case CLIENT_MODIFY_TASK_OBSERVERS:
6637 if (strcasecmp ("GROUP", element_name) == 0)
6638 {
6639 const gchar* attribute;
6640 if (find_attribute (attribute_names, attribute_values, "id",
6641 &attribute))
6642 array_add (modify_task_data->groups, g_strdup (attribute));
6643 set_client_state (CLIENT_MODIFY_TASK_OBSERVERS_GROUP);
6644 }
6645 ELSE_READ_OVER;
6646
6647 case CLIENT_MODIFY_TASK_PREFERENCES:
6648 if (strcasecmp ("PREFERENCE", element_name) == 0)
6649 {
6650 assert (modify_task_data->preference == NULL);
6651 modify_task_data->preference = g_malloc (sizeof (name_value_t));
6652 modify_task_data->preference->name = NULL;
6653 modify_task_data->preference->value = NULL;
6654 set_client_state (CLIENT_MODIFY_TASK_PREFERENCES_PREFERENCE);
6655 }
6656 ELSE_READ_OVER;
6657
6658 case CLIENT_MODIFY_TASK_PREFERENCES_PREFERENCE:
6659 if (strcasecmp ("SCANNER_NAME", element_name) == 0)
6660 set_client_state (CLIENT_MODIFY_TASK_PREFERENCES_PREFERENCE_NAME);
6661 else if (strcasecmp ("VALUE", element_name) == 0)
6662 set_client_state (CLIENT_MODIFY_TASK_PREFERENCES_PREFERENCE_VALUE);
6663 ELSE_READ_OVER;
6664
6665 case CLIENT_MODIFY_TICKET:
6666 modify_ticket_element_start (gmp_parser, element_name,
6667 attribute_names,
6668 attribute_values);
6669 break;
6670
6671 case CLIENT_MODIFY_TLS_CERTIFICATE:
6672 modify_tls_certificate_element_start (gmp_parser, element_name,
6673 attribute_names,
6674 attribute_values);
6675 break;
6676
6677 case CLIENT_MODIFY_USER:
6678 if (strcasecmp ("COMMENT", element_name) == 0)
6679 {
6680 gvm_append_string (&modify_user_data->comment, "");
6681 set_client_state (CLIENT_MODIFY_USER_COMMENT);
6682 }
6683 else if (strcasecmp ("GROUPS", element_name) == 0)
6684 {
6685 if (modify_user_data->groups)
6686 array_free (modify_user_data->groups);
6687 modify_user_data->groups = make_array ();
6688 set_client_state (CLIENT_MODIFY_USER_GROUPS);
6689 }
6690 else if (strcasecmp ("HOSTS", element_name) == 0)
6691 {
6692 const gchar *attribute;
6693 if (find_attribute
6694 (attribute_names, attribute_values, "allow", &attribute))
6695 modify_user_data->hosts_allow = strcmp (attribute, "0");
6696 else
6697 modify_user_data->hosts_allow = 1;
6698 /* Init, so that modify_user clears hosts if HOSTS is empty. */
6699 gvm_append_string (&modify_user_data->hosts, "");
6700 set_client_state (CLIENT_MODIFY_USER_HOSTS);
6701 }
6702 else if (strcasecmp ("IFACES", element_name) == 0)
6703 {
6704 const gchar *attribute;
6705 if (find_attribute
6706 (attribute_names, attribute_values, "allow", &attribute))
6707 modify_user_data->ifaces_allow = strcmp (attribute, "0");
6708 else
6709 modify_user_data->ifaces_allow = 1;
6710 gvm_append_string (&modify_user_data->ifaces, "");
6711 set_client_state (CLIENT_MODIFY_USER_IFACES);
6712 }
6713 else if (strcasecmp ("NAME", element_name) == 0)
6714 set_client_state (CLIENT_MODIFY_USER_NAME);
6715 else if (strcasecmp ("NEW_NAME", element_name) == 0)
6716 set_client_state (CLIENT_MODIFY_USER_NEW_NAME);
6717 else if (strcasecmp ("PASSWORD", element_name) == 0)
6718 {
6719 const gchar *attribute;
6720 if (find_attribute
6721 (attribute_names, attribute_values, "modify", &attribute))
6722 modify_user_data->modify_password = strcmp (attribute, "0");
6723 else
6724 modify_user_data->modify_password = 1;
6725 set_client_state (CLIENT_MODIFY_USER_PASSWORD);
6726 }
6727 else if (strcasecmp ("ROLE", element_name) == 0)
6728 {
6729 const gchar* attribute;
6730 /* Init array here, so it's NULL if there are no ROLEs. */
6731 if (modify_user_data->roles == NULL)
6732 {
6733 array_free (modify_user_data->roles);
6734 modify_user_data->roles = make_array ();
6735 }
6736 if (find_attribute (attribute_names, attribute_values, "id",
6737 &attribute))
6738 array_add (modify_user_data->roles, g_strdup (attribute));
6739 set_client_state (CLIENT_MODIFY_USER_ROLE);
6740 }
6741 else if (strcasecmp ("SOURCES", element_name) == 0)
6742 {
6743 modify_user_data->sources = make_array ();
6744 set_client_state (CLIENT_MODIFY_USER_SOURCES);
6745 }
6746 else
6747 set_read_over (gmp_parser);
6748 break;
6749
6750 case CLIENT_MODIFY_USER_GROUPS:
6751 if (strcasecmp ("GROUP", element_name) == 0)
6752 {
6753 const gchar* attribute;
6754 if (find_attribute (attribute_names, attribute_values, "id",
6755 &attribute))
6756 array_add (modify_user_data->groups, g_strdup (attribute));
6757 set_client_state (CLIENT_MODIFY_USER_GROUPS_GROUP);
6758 }
6759 ELSE_READ_OVER;
6760
6761 case CLIENT_MODIFY_USER_SOURCES:
6762 if (strcasecmp ("SOURCE", element_name) == 0)
6763 {
6764 set_client_state (CLIENT_MODIFY_USER_SOURCES_SOURCE);
6765 }
6766 else
6767 set_read_over (gmp_parser);
6768 break;
6769
6770 case CLIENT_CREATE_ASSET:
6771 if (strcasecmp ("ASSET", element_name) == 0)
6772 set_client_state (CLIENT_CREATE_ASSET_ASSET);
6773 else if (strcasecmp ("REPORT", element_name) == 0)
6774 {
6775 append_attribute (attribute_names, attribute_values, "id",
6776 &create_asset_data->report_id);
6777 set_client_state (CLIENT_CREATE_ASSET_REPORT);
6778 }
6779 ELSE_READ_OVER;
6780
6781 case CLIENT_CREATE_ASSET_ASSET:
6782 if (strcasecmp ("COMMENT", element_name) == 0)
6783 set_client_state (CLIENT_CREATE_ASSET_ASSET_COMMENT);
6784 else if (strcasecmp ("NAME", element_name) == 0)
6785 set_client_state (CLIENT_CREATE_ASSET_ASSET_NAME);
6786 else if (strcasecmp ("TYPE", element_name) == 0)
6787 set_client_state (CLIENT_CREATE_ASSET_ASSET_TYPE);
6788 ELSE_READ_OVER;
6789
6790 case CLIENT_CREATE_ASSET_REPORT:
6791 if (strcasecmp ("FILTER", element_name) == 0)
6792 set_client_state (CLIENT_CREATE_ASSET_REPORT_FILTER);
6793 ELSE_READ_OVER;
6794
6795 case CLIENT_CREATE_ASSET_REPORT_FILTER:
6796 if (strcasecmp ("TERM", element_name) == 0)
6797 set_client_state (CLIENT_CREATE_ASSET_REPORT_FILTER_TERM);
6798 ELSE_READ_OVER;
6799
6800 case CLIENT_CREATE_CONFIG:
6801 create_config_element_start (gmp_parser, element_name,
6802 attribute_names,
6803 attribute_values);
6804 break;
6805
6806 case CLIENT_CREATE_ALERT:
6807 if (strcasecmp ("ACTIVE", element_name) == 0)
6808 set_client_state (CLIENT_CREATE_ALERT_ACTIVE);
6809 else if (strcasecmp ("COMMENT", element_name) == 0)
6810 set_client_state (CLIENT_CREATE_ALERT_COMMENT);
6811 else if (strcasecmp ("COPY", element_name) == 0)
6812 set_client_state (CLIENT_CREATE_ALERT_COPY);
6813 else if (strcasecmp ("CONDITION", element_name) == 0)
6814 set_client_state (CLIENT_CREATE_ALERT_CONDITION);
6815 else if (strcasecmp ("EVENT", element_name) == 0)
6816 set_client_state (CLIENT_CREATE_ALERT_EVENT);
6817 else if (strcasecmp ("FILTER", element_name) == 0)
6818 {
6819 append_attribute (attribute_names, attribute_values, "id",
6820 &create_alert_data->filter_id);
6821 set_client_state (CLIENT_CREATE_ALERT_FILTER);
6822 }
6823 else if (strcasecmp ("METHOD", element_name) == 0)
6824 set_client_state (CLIENT_CREATE_ALERT_METHOD);
6825 else if (strcasecmp ("NAME", element_name) == 0)
6826 set_client_state (CLIENT_CREATE_ALERT_NAME);
6827 ELSE_READ_OVER;
6828
6829 case CLIENT_CREATE_ALERT_CONDITION:
6830 if (strcasecmp ("DATA", element_name) == 0)
6831 set_client_state (CLIENT_CREATE_ALERT_CONDITION_DATA);
6832 ELSE_READ_OVER;
6833
6834 case CLIENT_CREATE_ALERT_CONDITION_DATA:
6835 if (strcasecmp ("NAME", element_name) == 0)
6836 set_client_state (CLIENT_CREATE_ALERT_CONDITION_DATA_NAME);
6837 ELSE_READ_OVER;
6838
6839 case CLIENT_CREATE_ALERT_EVENT:
6840 if (strcasecmp ("DATA", element_name) == 0)
6841 set_client_state (CLIENT_CREATE_ALERT_EVENT_DATA);
6842 ELSE_READ_OVER;
6843
6844 case CLIENT_CREATE_ALERT_EVENT_DATA:
6845 if (strcasecmp ("NAME", element_name) == 0)
6846 set_client_state (CLIENT_CREATE_ALERT_EVENT_DATA_NAME);
6847 ELSE_READ_OVER;
6848
6849 case CLIENT_CREATE_ALERT_METHOD:
6850 if (strcasecmp ("DATA", element_name) == 0)
6851 set_client_state (CLIENT_CREATE_ALERT_METHOD_DATA);
6852 ELSE_READ_OVER;
6853
6854 case CLIENT_CREATE_ALERT_METHOD_DATA:
6855 if (strcasecmp ("NAME", element_name) == 0)
6856 set_client_state (CLIENT_CREATE_ALERT_METHOD_DATA_NAME);
6857 ELSE_READ_OVER;
6858
6859 case CLIENT_CREATE_CREDENTIAL:
6860 if (strcasecmp ("ALLOW_INSECURE", element_name) == 0)
6861 set_client_state (CLIENT_CREATE_CREDENTIAL_ALLOW_INSECURE);
6862 else if (strcasecmp ("AUTH_ALGORITHM", element_name) == 0)
6863 set_client_state (CLIENT_CREATE_CREDENTIAL_AUTH_ALGORITHM);
6864 else if (strcasecmp ("CERTIFICATE", element_name) == 0)
6865 set_client_state (CLIENT_CREATE_CREDENTIAL_CERTIFICATE);
6866 else if (strcasecmp ("COMMENT", element_name) == 0)
6867 set_client_state (CLIENT_CREATE_CREDENTIAL_COMMENT);
6868 else if (strcasecmp ("COMMUNITY", element_name) == 0)
6869 set_client_state (CLIENT_CREATE_CREDENTIAL_COMMUNITY);
6870 else if (strcasecmp ("KEY", element_name) == 0)
6871 {
6872 create_credential_data->key = 1;
6873 set_client_state (CLIENT_CREATE_CREDENTIAL_KEY);
6874 }
6875 else if (strcasecmp ("LOGIN", element_name) == 0)
6876 set_client_state (CLIENT_CREATE_CREDENTIAL_LOGIN);
6877 else if (strcasecmp ("COPY", element_name) == 0)
6878 set_client_state (CLIENT_CREATE_CREDENTIAL_COPY);
6879 else if (strcasecmp ("NAME", element_name) == 0)
6880 set_client_state (CLIENT_CREATE_CREDENTIAL_NAME);
6881 else if (strcasecmp ("PASSWORD", element_name) == 0)
6882 {
6883 gvm_append_string (&create_credential_data->password, "");
6884 set_client_state (CLIENT_CREATE_CREDENTIAL_PASSWORD);
6885 }
6886 else if (strcasecmp ("PRIVACY", element_name) == 0)
6887 set_client_state (CLIENT_CREATE_CREDENTIAL_PRIVACY);
6888 else if (strcasecmp ("TYPE", element_name) == 0)
6889 set_client_state (CLIENT_CREATE_CREDENTIAL_TYPE);
6890 ELSE_READ_OVER;
6891
6892 case CLIENT_CREATE_CREDENTIAL_KEY:
6893 if (strcasecmp ("PHRASE", element_name) == 0)
6894 {
6895 gvm_append_string (&create_credential_data->key_phrase, "");
6896 set_client_state (CLIENT_CREATE_CREDENTIAL_KEY_PHRASE);
6897 }
6898 else if (strcasecmp ("PRIVATE", element_name) == 0)
6899 set_client_state (CLIENT_CREATE_CREDENTIAL_KEY_PRIVATE);
6900 else if (strcasecmp ("PUBLIC", element_name) == 0)
6901 set_client_state (CLIENT_CREATE_CREDENTIAL_KEY_PUBLIC);
6902 ELSE_READ_OVER;
6903
6904 case CLIENT_CREATE_CREDENTIAL_PRIVACY:
6905 if (strcasecmp ("ALGORITHM", element_name) == 0)
6906 set_client_state (CLIENT_CREATE_CREDENTIAL_PRIVACY_ALGORITHM);
6907 else if (strcasecmp ("PASSWORD", element_name) == 0)
6908 set_client_state (CLIENT_CREATE_CREDENTIAL_PRIVACY_PASSWORD);
6909 ELSE_READ_OVER;
6910
6911 case CLIENT_CREATE_FILTER:
6912 if (strcasecmp ("COMMENT", element_name) == 0)
6913 set_client_state (CLIENT_CREATE_FILTER_COMMENT);
6914 else if (strcasecmp ("COPY", element_name) == 0)
6915 set_client_state (CLIENT_CREATE_FILTER_COPY);
6916 else if (strcasecmp ("NAME", element_name) == 0)
6917 {
6918 gvm_append_string (&create_filter_data->name, "");
6919 set_client_state (CLIENT_CREATE_FILTER_NAME);
6920 }
6921 else if (strcasecmp ("TERM", element_name) == 0)
6922 set_client_state (CLIENT_CREATE_FILTER_TERM);
6923 else if (strcasecmp ("TYPE", element_name) == 0)
6924 set_client_state (CLIENT_CREATE_FILTER_TYPE);
6925 ELSE_READ_OVER;
6926
6927 case CLIENT_CREATE_GROUP:
6928 if (strcasecmp ("COMMENT", element_name) == 0)
6929 set_client_state (CLIENT_CREATE_GROUP_COMMENT);
6930 else if (strcasecmp ("COPY", element_name) == 0)
6931 set_client_state (CLIENT_CREATE_GROUP_COPY);
6932 else if (strcasecmp ("NAME", element_name) == 0)
6933 {
6934 gvm_append_string (&create_group_data->name, "");
6935 set_client_state (CLIENT_CREATE_GROUP_NAME);
6936 }
6937 else if (strcasecmp ("SPECIALS", element_name) == 0)
6938 set_client_state (CLIENT_CREATE_GROUP_SPECIALS);
6939 else if (strcasecmp ("USERS", element_name) == 0)
6940 set_client_state (CLIENT_CREATE_GROUP_USERS);
6941 ELSE_READ_OVER;
6942
6943 case CLIENT_CREATE_GROUP_SPECIALS:
6944 if (strcasecmp ("FULL", element_name) == 0)
6945 {
6946 create_group_data->special_full = 1;
6947 set_client_state (CLIENT_CREATE_GROUP_SPECIALS_FULL);
6948 }
6949 ELSE_READ_OVER;
6950
6951 case CLIENT_CREATE_NOTE:
6952 if (strcasecmp ("ACTIVE", element_name) == 0)
6953 set_client_state (CLIENT_CREATE_NOTE_ACTIVE);
6954 else if (strcasecmp ("COPY", element_name) == 0)
6955 set_client_state (CLIENT_CREATE_NOTE_COPY);
6956 else if (strcasecmp ("HOSTS", element_name) == 0)
6957 set_client_state (CLIENT_CREATE_NOTE_HOSTS);
6958 else if (strcasecmp ("NVT", element_name) == 0)
6959 {
6960 append_attribute (attribute_names, attribute_values, "oid",
6961 &create_note_data->nvt_oid);
6962 set_client_state (CLIENT_CREATE_NOTE_NVT);
6963 }
6964 else if (strcasecmp ("PORT", element_name) == 0)
6965 set_client_state (CLIENT_CREATE_NOTE_PORT);
6966 else if (strcasecmp ("RESULT", element_name) == 0)
6967 {
6968 append_attribute (attribute_names, attribute_values, "id",
6969 &create_note_data->result_id);
6970 if (create_note_data->result_id
6971 && create_note_data->result_id[0] == '\0')
6972 {
6973 g_free (create_note_data->result_id);
6974 create_note_data->result_id = NULL;
6975 }
6976 set_client_state (CLIENT_CREATE_NOTE_RESULT);
6977 }
6978 else if (strcasecmp ("SEVERITY", element_name) == 0)
6979 set_client_state (CLIENT_CREATE_NOTE_SEVERITY);
6980 else if (strcasecmp ("TASK", element_name) == 0)
6981 {
6982 append_attribute (attribute_names, attribute_values, "id",
6983 &create_note_data->task_id);
6984 if (create_note_data->task_id
6985 && create_note_data->task_id[0] == '\0')
6986 {
6987 g_free (create_note_data->task_id);
6988 create_note_data->task_id = NULL;
6989 }
6990 set_client_state (CLIENT_CREATE_NOTE_TASK);
6991 }
6992 else if (strcasecmp ("TEXT", element_name) == 0)
6993 set_client_state (CLIENT_CREATE_NOTE_TEXT);
6994 else if (strcasecmp ("THREAT", element_name) == 0)
6995 set_client_state (CLIENT_CREATE_NOTE_THREAT);
6996 ELSE_READ_OVER;
6997
6998 case CLIENT_CREATE_PERMISSION:
6999 if (strcasecmp ("COMMENT", element_name) == 0)
7000 set_client_state (CLIENT_CREATE_PERMISSION_COMMENT);
7001 else if (strcasecmp ("COPY", element_name) == 0)
7002 set_client_state (CLIENT_CREATE_PERMISSION_COPY);
7003 else if (strcasecmp ("NAME", element_name) == 0)
7004 {
7005 gvm_append_string (&create_permission_data->name, "");
7006 set_client_state (CLIENT_CREATE_PERMISSION_NAME);
7007 }
7008 else if (strcasecmp ("RESOURCE", element_name) == 0)
7009 {
7010 append_attribute (attribute_names, attribute_values, "id",
7011 &create_permission_data->resource_id);
7012 set_client_state (CLIENT_CREATE_PERMISSION_RESOURCE);
7013 }
7014 else if (strcasecmp ("SUBJECT", element_name) == 0)
7015 {
7016 append_attribute (attribute_names, attribute_values, "id",
7017 &create_permission_data->subject_id);
7018 set_client_state (CLIENT_CREATE_PERMISSION_SUBJECT);
7019 }
7020 ELSE_READ_OVER;
7021
7022 case CLIENT_CREATE_PERMISSION_RESOURCE:
7023 if (strcasecmp ("TYPE", element_name) == 0)
7024 set_client_state (CLIENT_CREATE_PERMISSION_RESOURCE_TYPE);
7025 ELSE_READ_OVER;
7026
7027 case CLIENT_CREATE_PERMISSION_SUBJECT:
7028 if (strcasecmp ("TYPE", element_name) == 0)
7029 set_client_state (CLIENT_CREATE_PERMISSION_SUBJECT_TYPE);
7030 ELSE_READ_OVER;
7031
7032 case CLIENT_CREATE_PORT_LIST:
7033 create_port_list_element_start (gmp_parser, element_name,
7034 attribute_names,
7035 attribute_values);
7036 break;
7037
7038 case CLIENT_CREATE_PORT_RANGE:
7039 if (strcasecmp ("COMMENT", element_name) == 0)
7040 set_client_state (CLIENT_CREATE_PORT_RANGE_COMMENT);
7041 else if (strcasecmp ("END", element_name) == 0)
7042 set_client_state (CLIENT_CREATE_PORT_RANGE_END);
7043 else if (strcasecmp ("PORT_LIST", element_name) == 0)
7044 {
7045 append_attribute (attribute_names, attribute_values, "id",
7046 &create_port_range_data->port_list_id);
7047 set_client_state (CLIENT_CREATE_PORT_RANGE_PORT_LIST);
7048 }
7049 else if (strcasecmp ("START", element_name) == 0)
7050 set_client_state (CLIENT_CREATE_PORT_RANGE_START);
7051 else if (strcasecmp ("TYPE", element_name) == 0)
7052 set_client_state (CLIENT_CREATE_PORT_RANGE_TYPE);
7053 ELSE_READ_OVER;
7054
7055 case CLIENT_CREATE_ROLE:
7056 if (strcasecmp ("COMMENT", element_name) == 0)
7057 set_client_state (CLIENT_CREATE_ROLE_COMMENT);
7058 else if (strcasecmp ("COPY", element_name) == 0)
7059 set_client_state (CLIENT_CREATE_ROLE_COPY);
7060 else if (strcasecmp ("NAME", element_name) == 0)
7061 {
7062 gvm_append_string (&create_role_data->name, "");
7063 set_client_state (CLIENT_CREATE_ROLE_NAME);
7064 }
7065 else if (strcasecmp ("USERS", element_name) == 0)
7066 set_client_state (CLIENT_CREATE_ROLE_USERS);
7067 ELSE_READ_OVER;
7068
7069 case CLIENT_CREATE_REPORT:
7070 if (strcasecmp ("IN_ASSETS", element_name) == 0)
7071 {
7072 set_client_state (CLIENT_CREATE_REPORT_IN_ASSETS);
7073 }
7074 else if (strcasecmp ("REPORT", element_name) == 0)
7075 {
7076 const gchar* attribute;
7077
7078 append_attribute (attribute_names, attribute_values,
7079 "type", &create_report_data->type);
7080
7081 if (find_attribute (attribute_names, attribute_values, "format_id",
7082 &attribute))
7083 {
7084 /* Assume this is the wrapper REPORT. */
7085 create_report_data->wrapper = 1;
7086 set_client_state (CLIENT_CREATE_REPORT_REPORT);
7087 }
7088 else
7089 {
7090 /* Assume the report is immediately inside the CREATE_REPORT. */
7091 create_report_data->wrapper = 0;
7092 create_report_data->details = make_array ();
7093 create_report_data->host_ends = make_array ();
7094 create_report_data->host_starts = make_array ();
7095 create_report_data->results = make_array ();
7096 create_report_data->result_detection = make_array ();
7097 set_client_state (CLIENT_CREATE_REPORT_RR);
7098 }
7099 }
7100 else if (strcasecmp ("TASK", element_name) == 0)
7101 {
7102 append_attribute (attribute_names, attribute_values, "id",
7103 &create_report_data->task_id);
7104 set_client_state (CLIENT_CREATE_REPORT_TASK);
7105 }
7106 ELSE_READ_OVER;
7107
7108 case CLIENT_CREATE_REPORT_REPORT:
7109 if (strcasecmp ("REPORT", element_name) == 0)
7110 {
7111 create_report_data->details = make_array ();
7112 create_report_data->host_ends = make_array ();
7113 create_report_data->host_starts = make_array ();
7114 create_report_data->results = make_array ();
7115 create_report_data->result_detection = make_array ();
7116 set_client_state (CLIENT_CREATE_REPORT_RR);
7117 }
7118 ELSE_READ_OVER;
7119
7120 case CLIENT_CREATE_REPORT_RR:
7121 if (strcasecmp ("ERRORS", element_name) == 0)
7122 {
7123 set_client_state (CLIENT_CREATE_REPORT_RR_ERRORS);
7124 }
7125 else if (strcasecmp ("HOST", element_name) == 0)
7126 {
7127 set_client_state (CLIENT_CREATE_REPORT_RR_H);
7128 }
7129 else if (strcasecmp ("HOST_END", element_name) == 0)
7130 set_client_state (CLIENT_CREATE_REPORT_RR_HOST_END);
7131 else if (strcasecmp ("HOST_START", element_name) == 0)
7132 set_client_state (CLIENT_CREATE_REPORT_RR_HOST_START);
7133 else if (strcasecmp ("RESULTS", element_name) == 0)
7134 set_client_state (CLIENT_CREATE_REPORT_RR_RESULTS);
7135 else if (strcasecmp ("SCAN_END", element_name) == 0)
7136 {
7137 set_client_state (CLIENT_CREATE_REPORT_RR_SCAN_END);
7138 }
7139 else if (strcasecmp ("SCAN_START", element_name) == 0)
7140 {
7141 set_client_state (CLIENT_CREATE_REPORT_RR_SCAN_START);
7142 }
7143 ELSE_READ_OVER;
7144
7145 case CLIENT_CREATE_REPORT_RR_ERRORS:
7146 if (strcasecmp ("ERROR", element_name) == 0)
7147 {
7148 set_client_state (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR);
7149 }
7150 ELSE_READ_OVER;
7151
7152 case CLIENT_CREATE_REPORT_RR_ERRORS_ERROR:
7153 if (strcasecmp ("DESCRIPTION", element_name) == 0)
7154 set_client_state
7155 (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_DESCRIPTION);
7156 else if (strcasecmp ("HOST", element_name) == 0)
7157 {
7158 set_client_state (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_HOST);
7159 }
7160 else if (strcasecmp ("NVT", element_name) == 0)
7161 {
7162 append_attribute (attribute_names, attribute_values, "oid",
7163 &create_report_data->result_nvt_oid);
7164 set_client_state (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_NVT);
7165 }
7166 else if (strcasecmp ("PORT", element_name) == 0)
7167 set_client_state (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_PORT);
7168 else if (strcasecmp ("SCAN_NVT_VERSION", element_name) == 0)
7169 set_client_state
7170 (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_SCAN_NVT_VERSION);
7171 else if (strcasecmp ("SEVERITY", element_name) == 0)
7172 set_client_state (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_SEVERITY);
7173 ELSE_READ_OVER;
7174
7175 case CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_HOST:
7176 if (strcasecmp ("ASSET", element_name) == 0)
7177 set_client_state
7178 (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_HOST_ASSET);
7179 else if (strcasecmp ("HOSTNAME", element_name) == 0)
7180 set_client_state
7181 (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_HOST_HOSTNAME);
7182 ELSE_READ_OVER;
7183
7184 case CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_NVT:
7185 if (strcasecmp ("CVSS_BASE", element_name) == 0)
7186 set_client_state
7187 (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_NVT_CVSS_BASE);
7188 else if (strcasecmp ("NAME", element_name) == 0)
7189 set_client_state (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_NVT_NAME);
7190 ELSE_READ_OVER;
7191
7192 case CLIENT_CREATE_REPORT_RR_HOST_END:
7193 if (strcasecmp ("HOST", element_name) == 0)
7194 set_client_state (CLIENT_CREATE_REPORT_RR_HOST_END_HOST);
7195 ELSE_READ_OVER;
7196
7197 case CLIENT_CREATE_REPORT_RR_HOST_START:
7198 if (strcasecmp ("HOST", element_name) == 0)
7199 set_client_state (CLIENT_CREATE_REPORT_RR_HOST_START_HOST);
7200 ELSE_READ_OVER;
7201
7202 case CLIENT_CREATE_REPORT_RR_H:
7203 if (strcasecmp ("IP", element_name) == 0)
7204 {
7205 set_client_state (CLIENT_CREATE_REPORT_RR_H_IP);
7206 }
7207 else if (strcasecmp ("DETAIL", element_name) == 0)
7208 {
7209 set_client_state (CLIENT_CREATE_REPORT_RR_H_DETAIL);
7210 }
7211 else if (strcasecmp ("END", element_name) == 0)
7212 {
7213 set_client_state (CLIENT_CREATE_REPORT_RR_H_END);
7214 }
7215 else if (strcasecmp ("START", element_name) == 0)
7216 {
7217 set_client_state (CLIENT_CREATE_REPORT_RR_H_START);
7218 }
7219 ELSE_READ_OVER;
7220
7221 case CLIENT_CREATE_REPORT_RR_H_DETAIL:
7222 if (strcasecmp ("NAME", element_name) == 0)
7223 {
7224 set_client_state (CLIENT_CREATE_REPORT_RR_H_DETAIL_NAME);
7225 }
7226 else if (strcasecmp ("VALUE", element_name) == 0)
7227 {
7228 set_client_state (CLIENT_CREATE_REPORT_RR_H_DETAIL_VALUE);
7229 }
7230 else if (strcasecmp ("SOURCE", element_name) == 0)
7231 {
7232 set_client_state (CLIENT_CREATE_REPORT_RR_H_DETAIL_SOURCE);
7233 }
7234 ELSE_READ_OVER;
7235
7236 case CLIENT_CREATE_REPORT_RR_H_DETAIL_SOURCE:
7237 if (strcasecmp ("DESCRIPTION", element_name) == 0)
7238 {
7239 set_client_state (CLIENT_CREATE_REPORT_RR_H_DETAIL_SOURCE_DESC);
7240 }
7241 else if (strcasecmp ("NAME", element_name) == 0)
7242 {
7243 set_client_state (CLIENT_CREATE_REPORT_RR_H_DETAIL_SOURCE_NAME);
7244 }
7245 else if (strcasecmp ("TYPE", element_name) == 0)
7246 {
7247 set_client_state (CLIENT_CREATE_REPORT_RR_H_DETAIL_SOURCE_TYPE);
7248 }
7249 ELSE_READ_OVER;
7250
7251 case CLIENT_CREATE_REPORT_RR_RESULTS:
7252 if (strcasecmp ("RESULT", element_name) == 0)
7253 set_client_state
7254 (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT);
7255 ELSE_READ_OVER;
7256
7257 case CLIENT_CREATE_REPORT_RR_RESULTS_RESULT:
7258 if (strcasecmp ("DESCRIPTION", element_name) == 0)
7259 set_client_state (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DESCRIPTION);
7260 else if (strcasecmp ("HOST", element_name) == 0)
7261 {
7262 set_client_state (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_HOST);
7263 }
7264 else if (strcasecmp ("NVT", element_name) == 0)
7265 {
7266 append_attribute (attribute_names, attribute_values, "oid",
7267 &create_report_data->result_nvt_oid);
7268 set_client_state (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT);
7269 }
7270 else if (strcasecmp ("ORIGINAL_SEVERITY", element_name) == 0)
7271 set_client_state (
7272 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_ORIGINAL_SEVERITY);
7273 else if (strcasecmp ("ORIGINAL_THREAT", element_name) == 0)
7274 set_client_state (
7275 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_ORIGINAL_THREAT);
7276 else if (strcasecmp ("PORT", element_name) == 0)
7277 set_client_state (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_PORT);
7278 else if (strcasecmp ("QOD", element_name) == 0)
7279 set_client_state (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_QOD);
7280 else if (strcasecmp ("SCAN_NVT_VERSION", element_name) == 0)
7281 set_client_state (
7282 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_SCAN_NVT_VERSION);
7283 else if (strcasecmp ("SEVERITY", element_name) == 0)
7284 set_client_state (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_SEVERITY);
7285 else if (strcasecmp ("THREAT", element_name) == 0)
7286 set_client_state (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_THREAT);
7287 else if (strcasecmp ("DETECTION", element_name) == 0)
7288 set_client_state (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION);
7289 ELSE_READ_OVER;
7290 case CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION:
7291 if (strcasecmp ("RESULT", element_name) == 0)
7292 {
7293 set_client_state (
7294 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION_RESULT);
7295 }
7296 ELSE_READ_OVER;
7297 case CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION_RESULT:
7298 if (strcasecmp ("DETAILS", element_name) == 0)
7299 {
7300 set_client_state (
7301 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION_RESULT_DETAILS);
7302 }
7303 ELSE_READ_OVER;
7304 case CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION_RESULT_DETAILS:
7305 if (strcasecmp ("DETAIL", element_name) == 0)
7306 {
7307 set_client_state (
7308 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION_RESULT_DETAILS_DETAIL);
7309 }
7310 ELSE_READ_OVER;
7311 case CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION_RESULT_DETAILS_DETAIL:
7312 if (strcasecmp ("NAME", element_name) == 0)
7313 {
7314 set_client_state (
7315 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION_RESULT_DETAILS_DETAIL_NAME);
7316 }
7317 else if (strcasecmp ("VALUE", element_name) == 0)
7318 {
7319 set_client_state (
7320 CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION_RESULT_DETAILS_DETAIL_VALUE);
7321 }
7322 ELSE_READ_OVER;
7323
7324 case CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_HOST:
7325 if (strcasecmp ("ASSET", element_name) == 0)
7326 set_client_state
7327 (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_HOST_ASSET);
7328 else if (strcasecmp ("HOSTNAME", element_name) == 0)
7329 set_client_state
7330 (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_HOST_HOSTNAME);
7331 ELSE_READ_OVER;
7332
7333 case CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT:
7334 if (strcasecmp ("BID", element_name) == 0)
7335 set_client_state (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT_BID);
7336 else if (strcasecmp ("CVE", element_name) == 0)
7337 set_client_state (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT_CVE);
7338 else if (strcasecmp ("CVSS_BASE", element_name) == 0)
7339 set_client_state
7340 (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT_CVSS_BASE);
7341 else if (strcasecmp ("FAMILY", element_name) == 0)
7342 set_client_state (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT_FAMILY);
7343 else if (strcasecmp ("NAME", element_name) == 0)
7344 set_client_state (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT_NAME);
7345 else if (strcasecmp ("XREF", element_name) == 0)
7346 set_client_state (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT_XREF);
7347 else if (strcasecmp ("CERT", element_name) == 0)
7348 set_client_state (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT_CERT);
7349 ELSE_READ_OVER;
7350
7351 case (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT_CERT):
7352 if (strcasecmp ("CERT_REF", element_name) == 0)
7353 set_client_state
7354 (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT_CERT_CERT_REF);
7355 ELSE_READ_OVER;
7356
7357 case CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_QOD:
7358 if (strcasecmp ("TYPE", element_name) == 0)
7359 set_client_state (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_QOD_TYPE);
7360 else if (strcasecmp ("VALUE", element_name) == 0)
7361 set_client_state (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_QOD_VALUE);
7362 ELSE_READ_OVER;
7363
7364 case CLIENT_CREATE_REPORT_TASK:
7365 if (strcasecmp ("COMMENT", element_name) == 0)
7366 set_client_state (CLIENT_CREATE_REPORT_TASK_COMMENT);
7367 else if (strcasecmp ("NAME", element_name) == 0)
7368 set_client_state (CLIENT_CREATE_REPORT_TASK_NAME);
7369 ELSE_READ_OVER;
7370
7371 case CLIENT_CREATE_REPORT_FORMAT:
7372 create_report_format_element_start (gmp_parser, element_name,
7373 attribute_names,
7374 attribute_values);
7375 break;
7376
7377 case CLIENT_CREATE_OVERRIDE:
7378 if (strcasecmp ("ACTIVE", element_name) == 0)
7379 set_client_state (CLIENT_CREATE_OVERRIDE_ACTIVE);
7380 else if (strcasecmp ("COPY", element_name) == 0)
7381 set_client_state (CLIENT_CREATE_OVERRIDE_COPY);
7382 else if (strcasecmp ("HOSTS", element_name) == 0)
7383 set_client_state (CLIENT_CREATE_OVERRIDE_HOSTS);
7384 else if (strcasecmp ("NEW_SEVERITY", element_name) == 0)
7385 set_client_state (CLIENT_CREATE_OVERRIDE_NEW_SEVERITY);
7386 else if (strcasecmp ("NEW_THREAT", element_name) == 0)
7387 set_client_state (CLIENT_CREATE_OVERRIDE_NEW_THREAT);
7388 else if (strcasecmp ("NVT", element_name) == 0)
7389 {
7390 append_attribute (attribute_names, attribute_values, "oid",
7391 &create_override_data->nvt_oid);
7392 set_client_state (CLIENT_CREATE_OVERRIDE_NVT);
7393 }
7394 else if (strcasecmp ("PORT", element_name) == 0)
7395 set_client_state (CLIENT_CREATE_OVERRIDE_PORT);
7396 else if (strcasecmp ("RESULT", element_name) == 0)
7397 {
7398 append_attribute (attribute_names, attribute_values, "id",
7399 &create_override_data->result_id);
7400 if (create_override_data->result_id
7401 && create_override_data->result_id[0] == '\0')
7402 {
7403 g_free (create_override_data->result_id);
7404 create_override_data->result_id = NULL;
7405 }
7406 set_client_state (CLIENT_CREATE_OVERRIDE_RESULT);
7407 }
7408 else if (strcasecmp ("SEVERITY", element_name) == 0)
7409 set_client_state (CLIENT_CREATE_OVERRIDE_SEVERITY);
7410 else if (strcasecmp ("TASK", element_name) == 0)
7411 {
7412 append_attribute (attribute_names, attribute_values, "id",
7413 &create_override_data->task_id);
7414 if (create_override_data->task_id
7415 && create_override_data->task_id[0] == '\0')
7416 {
7417 g_free (create_override_data->task_id);
7418 create_override_data->task_id = NULL;
7419 }
7420 set_client_state (CLIENT_CREATE_OVERRIDE_TASK);
7421 }
7422 else if (strcasecmp ("TEXT", element_name) == 0)
7423 set_client_state (CLIENT_CREATE_OVERRIDE_TEXT);
7424 else if (strcasecmp ("THREAT", element_name) == 0)
7425 set_client_state (CLIENT_CREATE_OVERRIDE_THREAT);
7426 ELSE_READ_OVER;
7427
7428 case CLIENT_CREATE_TAG:
7429 if (strcasecmp ("ACTIVE", element_name) == 0)
7430 {
7431 gvm_append_string (&create_tag_data->active, "");
7432 set_client_state (CLIENT_CREATE_TAG_ACTIVE);
7433 }
7434 else if (strcasecmp ("RESOURCES", element_name) == 0)
7435 {
7436 create_tag_data->resource_ids = make_array ();
7437 append_attribute (attribute_names, attribute_values, "filter",
7438 &create_tag_data->resources_filter);
7439 set_client_state (CLIENT_CREATE_TAG_RESOURCES);
7440 }
7441 else if (strcasecmp ("COMMENT", element_name) == 0)
7442 {
7443 gvm_append_string (&create_tag_data->comment, "");
7444 set_client_state (CLIENT_CREATE_TAG_COMMENT);
7445 }
7446 else if (strcasecmp ("COPY", element_name) == 0)
7447 {
7448 gvm_append_string (&create_tag_data->copy, "");
7449 set_client_state (CLIENT_CREATE_TAG_COPY);
7450 }
7451 else if (strcasecmp ("NAME", element_name) == 0)
7452 {
7453 gvm_append_string (&create_tag_data->name, "");
7454 set_client_state (CLIENT_CREATE_TAG_NAME);
7455 }
7456 else if (strcasecmp ("VALUE", element_name) == 0)
7457 {
7458 gvm_append_string (&create_tag_data->value, "");
7459 set_client_state (CLIENT_CREATE_TAG_VALUE);
7460 }
7461 ELSE_READ_OVER;
7462
7463 case CLIENT_CREATE_TAG_RESOURCES:
7464 if (strcasecmp ("RESOURCE", element_name) == 0)
7465 {
7466 const gchar* attribute;
7467 if (find_attribute (attribute_names, attribute_values, "id",
7468 &attribute))
7469 array_add (create_tag_data->resource_ids, g_strdup (attribute));
7470 set_client_state (CLIENT_CREATE_TAG_RESOURCES_RESOURCE);
7471 }
7472 else if (strcasecmp ("TYPE", element_name) == 0)
7473 {
7474 gvm_append_string (&create_tag_data->resource_type, "");
7475 set_client_state (CLIENT_CREATE_TAG_RESOURCES_TYPE);
7476 }
7477 ELSE_READ_OVER;
7478
7479 case CLIENT_CREATE_TARGET:
7480 if (strcasecmp ("ASSET_HOSTS", element_name) == 0)
7481 {
7482 append_attribute (attribute_names, attribute_values, "filter",
7483 &create_target_data->asset_hosts_filter);
7484 set_client_state (CLIENT_CREATE_TARGET_ASSET_HOSTS);
7485 }
7486 else if (strcasecmp ("EXCLUDE_HOSTS", element_name) == 0)
7487 set_client_state (CLIENT_CREATE_TARGET_EXCLUDE_HOSTS);
7488 else if (strcasecmp ("REVERSE_LOOKUP_ONLY", element_name) == 0)
7489 set_client_state (CLIENT_CREATE_TARGET_REVERSE_LOOKUP_ONLY);
7490 else if (strcasecmp ("REVERSE_LOOKUP_UNIFY", element_name) == 0)
7491 set_client_state (CLIENT_CREATE_TARGET_REVERSE_LOOKUP_UNIFY);
7492 else if (strcasecmp ("ALIVE_TESTS", element_name) == 0)
7493 set_client_state (CLIENT_CREATE_TARGET_ALIVE_TESTS);
7494 else if (strcasecmp ("ALLOW_SIMULTANEOUS_IPS", element_name) == 0)
7495 set_client_state (CLIENT_CREATE_TARGET_ALLOW_SIMULTANEOUS_IPS);
7496 else if (strcasecmp ("COMMENT", element_name) == 0)
7497 set_client_state (CLIENT_CREATE_TARGET_COMMENT);
7498 else if (strcasecmp ("COPY", element_name) == 0)
7499 set_client_state (CLIENT_CREATE_TARGET_COPY);
7500 else if (strcasecmp ("ESXI_CREDENTIAL", element_name) == 0)
7501 {
7502 append_attribute (attribute_names, attribute_values, "id",
7503 &create_target_data->esxi_credential_id);
7504 set_client_state (CLIENT_CREATE_TARGET_ESXI_CREDENTIAL);
7505 }
7506 else if (strcasecmp ("ESXI_LSC_CREDENTIAL", element_name) == 0)
7507 {
7508 append_attribute (attribute_names, attribute_values, "id",
7509 &create_target_data->esxi_lsc_credential_id);
7510 set_client_state (CLIENT_CREATE_TARGET_ESXI_LSC_CREDENTIAL);
7511 }
7512 else if (strcasecmp ("HOSTS", element_name) == 0)
7513 set_client_state (CLIENT_CREATE_TARGET_HOSTS);
7514 else if (strcasecmp ("PORT_LIST", element_name) == 0)
7515 {
7516 append_attribute (attribute_names, attribute_values, "id",
7517 &create_target_data->port_list_id);
7518 set_client_state (CLIENT_CREATE_TARGET_PORT_LIST);
7519 }
7520 else if (strcasecmp ("PORT_RANGE", element_name) == 0)
7521 {
7522 gvm_append_string (&create_target_data->port_range, "");
7523 set_client_state (CLIENT_CREATE_TARGET_PORT_RANGE);
7524 }
7525 else if (strcasecmp ("SSH_CREDENTIAL", element_name) == 0)
7526 {
7527 append_attribute (attribute_names, attribute_values, "id",
7528 &create_target_data->ssh_credential_id);
7529 set_client_state (CLIENT_CREATE_TARGET_SSH_CREDENTIAL);
7530 }
7531 else if (strcasecmp ("SSH_LSC_CREDENTIAL", element_name) == 0)
7532 {
7533 append_attribute (attribute_names, attribute_values, "id",
7534 &create_target_data->ssh_lsc_credential_id);
7535 set_client_state (CLIENT_CREATE_TARGET_SSH_LSC_CREDENTIAL);
7536 }
7537 else if (strcasecmp ("SSH_ELEVATE_CREDENTIAL", element_name) == 0)
7538 {
7539 append_attribute (attribute_names, attribute_values, "id",
7540 &create_target_data->ssh_elevate_credential_id);
7541 set_client_state (CLIENT_CREATE_TARGET_SSH_ELEVATE_CREDENTIAL);
7542 }
7543 else if (strcasecmp ("SMB_CREDENTIAL", element_name) == 0)
7544 {
7545 append_attribute (attribute_names, attribute_values, "id",
7546 &create_target_data->smb_credential_id);
7547 set_client_state (CLIENT_CREATE_TARGET_SMB_CREDENTIAL);
7548 }
7549 else if (strcasecmp ("SMB_LSC_CREDENTIAL", element_name) == 0)
7550 {
7551 append_attribute (attribute_names, attribute_values, "id",
7552 &create_target_data->smb_lsc_credential_id);
7553 set_client_state (CLIENT_CREATE_TARGET_SMB_LSC_CREDENTIAL);
7554 }
7555 else if (strcasecmp ("SNMP_CREDENTIAL", element_name) == 0)
7556 {
7557 append_attribute (attribute_names, attribute_values, "id",
7558 &create_target_data->snmp_credential_id);
7559 set_client_state (CLIENT_CREATE_TARGET_SNMP_CREDENTIAL);
7560 }
7561 else if (strcasecmp ("NAME", element_name) == 0)
7562 {
7563 gvm_append_string (&create_target_data->name, "");
7564 set_client_state (CLIENT_CREATE_TARGET_NAME);
7565 }
7566 ELSE_READ_OVER;
7567
7568 case CLIENT_CREATE_TARGET_SSH_CREDENTIAL:
7569 if (strcasecmp ("PORT", element_name) == 0)
7570 set_client_state (CLIENT_CREATE_TARGET_SSH_CREDENTIAL_PORT);
7571 ELSE_READ_OVER;
7572
7573 case CLIENT_CREATE_TARGET_SSH_LSC_CREDENTIAL:
7574 if (strcasecmp ("PORT", element_name) == 0)
7575 set_client_state (CLIENT_CREATE_TARGET_SSH_LSC_CREDENTIAL_PORT);
7576 ELSE_READ_OVER;
7577
7578 case CLIENT_CREATE_TASK:
7579 if (strcasecmp ("ALTERABLE", element_name) == 0)
7580 set_client_state (CLIENT_CREATE_TASK_ALTERABLE);
7581 else if (strcasecmp ("COPY", element_name) == 0)
7582 set_client_state (CLIENT_CREATE_TASK_COPY);
7583 else if (strcasecmp ("PREFERENCES", element_name) == 0)
7584 {
7585 create_task_data->preferences = make_array ();
7586 set_client_state (CLIENT_CREATE_TASK_PREFERENCES);
7587 }
7588 else if (strcasecmp ("NAME", element_name) == 0)
7589 set_client_state (CLIENT_CREATE_TASK_NAME);
7590 else if (strcasecmp ("COMMENT", element_name) == 0)
7591 set_client_state (CLIENT_CREATE_TASK_COMMENT);
7592 else if (strcasecmp ("HOSTS_ORDERING", element_name) == 0)
7593 set_client_state (CLIENT_CREATE_TASK_HOSTS_ORDERING);
7594 else if (strcasecmp ("SCANNER", element_name) == 0)
7595 {
7596 append_attribute (attribute_names, attribute_values, "id",
7597 &create_task_data->scanner_id);
7598 set_client_state (CLIENT_CREATE_TASK_SCANNER);
7599 }
7600 else if (strcasecmp ("CONFIG", element_name) == 0)
7601 {
7602 append_attribute (attribute_names, attribute_values, "id",
7603 &create_task_data->config_id);
7604 set_client_state (CLIENT_CREATE_TASK_CONFIG);
7605 }
7606 else if (strcasecmp ("ALERT", element_name) == 0)
7607 {
7608 const gchar* attribute;
7609 if (find_attribute (attribute_names, attribute_values, "id",
7610 &attribute))
7611 array_add (create_task_data->alerts, g_strdup (attribute));
7612 set_client_state (CLIENT_CREATE_TASK_ALERT);
7613 }
7614 else if (strcasecmp ("OBSERVERS", element_name) == 0)
7615 set_client_state (CLIENT_CREATE_TASK_OBSERVERS);
7616 else if (strcasecmp ("SCHEDULE", element_name) == 0)
7617 {
7618 append_attribute (attribute_names, attribute_values, "id",
7619 &create_task_data->schedule_id);
7620 set_client_state (CLIENT_CREATE_TASK_SCHEDULE);
7621 }
7622 else if (strcasecmp ("SCHEDULE_PERIODS", element_name) == 0)
7623 set_client_state (CLIENT_CREATE_TASK_SCHEDULE_PERIODS);
7624 else if (strcasecmp ("TARGET", element_name) == 0)
7625 {
7626 append_attribute (attribute_names, attribute_values, "id",
7627 &create_task_data->target_id);
7628 set_client_state (CLIENT_CREATE_TASK_TARGET);
7629 }
7630 else if (strcasecmp ("USAGE_TYPE", element_name) == 0)
7631 set_client_state (CLIENT_CREATE_TASK_USAGE_TYPE);
7632 ELSE_READ_OVER_CREATE_TASK;
7633
7634 case CLIENT_CREATE_TASK_OBSERVERS:
7635 if (strcasecmp ("GROUP", element_name) == 0)
7636 {
7637 const gchar* attribute;
7638 if (find_attribute (attribute_names, attribute_values, "id",
7639 &attribute))
7640 array_add (create_task_data->groups, g_strdup (attribute));
7641 set_client_state (CLIENT_CREATE_TASK_OBSERVERS_GROUP);
7642 }
7643 ELSE_READ_OVER_CREATE_TASK;
7644
7645 case CLIENT_CREATE_TASK_PREFERENCES:
7646 if (strcasecmp ("PREFERENCE", element_name) == 0)
7647 {
7648 assert (create_task_data->preference == NULL);
7649 create_task_data->preference = g_malloc (sizeof (name_value_t));
7650 create_task_data->preference->name = NULL;
7651 create_task_data->preference->value = NULL;
7652 set_client_state (CLIENT_CREATE_TASK_PREFERENCES_PREFERENCE);
7653 }
7654 ELSE_READ_OVER_CREATE_TASK;
7655
7656 case CLIENT_CREATE_TASK_PREFERENCES_PREFERENCE:
7657 if (strcasecmp ("SCANNER_NAME", element_name) == 0)
7658 set_client_state (CLIENT_CREATE_TASK_PREFERENCES_PREFERENCE_NAME);
7659 else if (strcasecmp ("VALUE", element_name) == 0)
7660 set_client_state (CLIENT_CREATE_TASK_PREFERENCES_PREFERENCE_VALUE);
7661 ELSE_READ_OVER_CREATE_TASK;
7662
7663 case CLIENT_CREATE_TICKET:
7664 create_ticket_element_start (gmp_parser, element_name,
7665 attribute_names,
7666 attribute_values);
7667 break;
7668
7669 case CLIENT_CREATE_TLS_CERTIFICATE:
7670 create_tls_certificate_element_start (gmp_parser, element_name,
7671 attribute_names,
7672 attribute_values);
7673 break;
7674
7675 case CLIENT_CREATE_USER:
7676 if (strcasecmp ("COMMENT", element_name) == 0)
7677 set_client_state (CLIENT_CREATE_USER_COMMENT);
7678 else if (strcasecmp ("COPY", element_name) == 0)
7679 set_client_state (CLIENT_CREATE_USER_COPY);
7680 else if (strcasecmp ("GROUPS", element_name) == 0)
7681 set_client_state (CLIENT_CREATE_USER_GROUPS);
7682 else if (strcasecmp ("HOSTS", element_name) == 0)
7683 {
7684 const gchar *attribute;
7685 if (find_attribute
7686 (attribute_names, attribute_values, "allow", &attribute))
7687 create_user_data->hosts_allow = strcmp (attribute, "0");
7688 else
7689 create_user_data->hosts_allow = 1;
7690 set_client_state (CLIENT_CREATE_USER_HOSTS);
7691 }
7692 else if (strcasecmp ("IFACES", element_name) == 0)
7693 {
7694 const gchar *attribute;
7695 if (find_attribute
7696 (attribute_names, attribute_values, "allow", &attribute))
7697 create_user_data->ifaces_allow = strcmp (attribute, "0");
7698 else
7699 create_user_data->ifaces_allow = 1;
7700 set_client_state (CLIENT_CREATE_USER_IFACES);
7701 }
7702 else if (strcasecmp ("NAME", element_name) == 0)
7703 set_client_state (CLIENT_CREATE_USER_NAME);
7704 else if (strcasecmp ("PASSWORD", element_name) == 0)
7705 set_client_state (CLIENT_CREATE_USER_PASSWORD);
7706 else if (strcasecmp ("ROLE", element_name) == 0)
7707 {
7708 const gchar* attribute;
7709 if (find_attribute (attribute_names, attribute_values, "id",
7710 &attribute))
7711 array_add (create_user_data->roles, g_strdup (attribute));
7712 set_client_state (CLIENT_CREATE_USER_ROLE);
7713 }
7714 else if (strcasecmp ("SOURCES", element_name) == 0)
7715 {
7716 create_user_data->sources = make_array ();
7717 set_client_state (CLIENT_CREATE_USER_SOURCES);
7718 }
7719 else
7720 set_read_over (gmp_parser);
7721 break;
7722
7723 case CLIENT_CREATE_USER_GROUPS:
7724 if (strcasecmp ("GROUP", element_name) == 0)
7725 {
7726 const gchar* attribute;
7727 if (find_attribute (attribute_names, attribute_values, "id",
7728 &attribute))
7729 array_add (create_user_data->groups, g_strdup (attribute));
7730 set_client_state (CLIENT_CREATE_USER_GROUPS_GROUP);
7731 }
7732 ELSE_READ_OVER;
7733
7734 case CLIENT_CREATE_USER_SOURCES:
7735 if (strcasecmp ("SOURCE", element_name) == 0)
7736 set_client_state (CLIENT_CREATE_USER_SOURCES_SOURCE);
7737 else
7738 set_read_over (gmp_parser);
7739 break;
7740
7741 case CLIENT_MODIFY_NOTE:
7742 if (strcasecmp ("ACTIVE", element_name) == 0)
7743 set_client_state (CLIENT_MODIFY_NOTE_ACTIVE);
7744 else if (strcasecmp ("HOSTS", element_name) == 0)
7745 set_client_state (CLIENT_MODIFY_NOTE_HOSTS);
7746 else if (strcasecmp ("PORT", element_name) == 0)
7747 set_client_state (CLIENT_MODIFY_NOTE_PORT);
7748 else if (strcasecmp ("RESULT", element_name) == 0)
7749 {
7750 append_attribute (attribute_names, attribute_values, "id",
7751 &modify_note_data->result_id);
7752 if (modify_note_data->result_id
7753 && modify_note_data->result_id[0] == '\0')
7754 {
7755 g_free (modify_note_data->result_id);
7756 modify_note_data->result_id = NULL;
7757 }
7758 set_client_state (CLIENT_MODIFY_NOTE_RESULT);
7759 }
7760 else if (strcasecmp ("SEVERITY", element_name) == 0)
7761 set_client_state (CLIENT_MODIFY_NOTE_SEVERITY);
7762 else if (strcasecmp ("TASK", element_name) == 0)
7763 {
7764 append_attribute (attribute_names, attribute_values, "id",
7765 &modify_note_data->task_id);
7766 if (modify_note_data->task_id
7767 && modify_note_data->task_id[0] == '\0')
7768 {
7769 g_free (modify_note_data->task_id);
7770 modify_note_data->task_id = NULL;
7771 }
7772 set_client_state (CLIENT_MODIFY_NOTE_TASK);
7773 }
7774 else if (strcasecmp ("TEXT", element_name) == 0)
7775 set_client_state (CLIENT_MODIFY_NOTE_TEXT);
7776 else if (strcasecmp ("THREAT", element_name) == 0)
7777 set_client_state (CLIENT_MODIFY_NOTE_THREAT);
7778 else if (strcasecmp ("NVT", element_name) == 0)
7779 {
7780 append_attribute (attribute_names, attribute_values, "oid",
7781 &modify_note_data->nvt_oid);
7782 set_client_state (CLIENT_MODIFY_NOTE_NVT);
7783 }
7784 ELSE_READ_OVER;
7785
7786 case CLIENT_MODIFY_OVERRIDE:
7787 if (strcasecmp ("ACTIVE", element_name) == 0)
7788 set_client_state (CLIENT_MODIFY_OVERRIDE_ACTIVE);
7789 else if (strcasecmp ("HOSTS", element_name) == 0)
7790 set_client_state (CLIENT_MODIFY_OVERRIDE_HOSTS);
7791 else if (strcasecmp ("NEW_SEVERITY", element_name) == 0)
7792 set_client_state (CLIENT_MODIFY_OVERRIDE_NEW_SEVERITY);
7793 else if (strcasecmp ("NEW_THREAT", element_name) == 0)
7794 set_client_state (CLIENT_MODIFY_OVERRIDE_NEW_THREAT);
7795 else if (strcasecmp ("PORT", element_name) == 0)
7796 set_client_state (CLIENT_MODIFY_OVERRIDE_PORT);
7797 else if (strcasecmp ("RESULT", element_name) == 0)
7798 {
7799 append_attribute (attribute_names, attribute_values, "id",
7800 &modify_override_data->result_id);
7801 if (modify_override_data->result_id
7802 && modify_override_data->result_id[0] == '\0')
7803 {
7804 g_free (modify_override_data->result_id);
7805 modify_override_data->result_id = NULL;
7806 }
7807 set_client_state (CLIENT_MODIFY_OVERRIDE_RESULT);
7808 }
7809 else if (strcasecmp ("SEVERITY", element_name) == 0)
7810 set_client_state (CLIENT_MODIFY_OVERRIDE_SEVERITY);
7811 else if (strcasecmp ("TASK", element_name) == 0)
7812 {
7813 append_attribute (attribute_names, attribute_values, "id",
7814 &modify_override_data->task_id);
7815 if (modify_override_data->task_id
7816 && modify_override_data->task_id[0] == '\0')
7817 {
7818 g_free (modify_override_data->task_id);
7819 modify_override_data->task_id = NULL;
7820 }
7821 set_client_state (CLIENT_MODIFY_OVERRIDE_TASK);
7822 }
7823 else if (strcasecmp ("TEXT", element_name) == 0)
7824 set_client_state (CLIENT_MODIFY_OVERRIDE_TEXT);
7825 else if (strcasecmp ("THREAT", element_name) == 0)
7826 set_client_state (CLIENT_MODIFY_OVERRIDE_THREAT);
7827 else if (strcasecmp ("NVT", element_name) == 0)
7828 {
7829 append_attribute (attribute_names, attribute_values, "oid",
7830 &modify_override_data->nvt_oid);
7831 set_client_state (CLIENT_MODIFY_OVERRIDE_NVT);
7832 }
7833 ELSE_READ_OVER;
7834
7835 case CLIENT_RUN_WIZARD:
7836 if (strcasecmp ("MODE", element_name) == 0)
7837 {
7838 set_client_state (CLIENT_RUN_WIZARD_MODE);
7839 }
7840 else if (strcasecmp ("NAME", element_name) == 0)
7841 {
7842 set_client_state (CLIENT_RUN_WIZARD_NAME);
7843 }
7844 else if (strcasecmp ("PARAMS", element_name) == 0)
7845 {
7846 run_wizard_data->params = make_array ();
7847 set_client_state (CLIENT_RUN_WIZARD_PARAMS);
7848 }
7849 ELSE_READ_OVER;
7850
7851 case CLIENT_RUN_WIZARD_PARAMS:
7852 if (strcasecmp ("PARAM", element_name) == 0)
7853 {
7854 assert (run_wizard_data->param == NULL);
7855 run_wizard_data->param = g_malloc (sizeof (name_value_t));
7856 run_wizard_data->param->name = NULL;
7857 run_wizard_data->param->value = NULL;
7858 set_client_state (CLIENT_RUN_WIZARD_PARAMS_PARAM);
7859 }
7860 ELSE_READ_OVER;
7861
7862 case CLIENT_RUN_WIZARD_PARAMS_PARAM:
7863 if (strcasecmp ("NAME", element_name) == 0)
7864 {
7865 set_client_state (CLIENT_RUN_WIZARD_PARAMS_PARAM_NAME);
7866 }
7867 else if (strcasecmp ("VALUE", element_name) == 0)
7868 {
7869 set_client_state (CLIENT_RUN_WIZARD_PARAMS_PARAM_VALUE);
7870 }
7871 ELSE_READ_OVER;
7872
7873 default:
7874 /* Read over this element. */
7875 set_read_over (gmp_parser);
7876 break;
7877 }
7878
7879 return;
7880 }
7881
7882 /**
7883 * @brief Send XML for an NVT.
7884 *
7885 * The caller must send the closing NVT tag.
7886 *
7887 * @param[in] nvts The NVT.
7888 * @param[in] details If true, detailed XML, else simple XML.
7889 * @param[in] preferences If true, included preferences.
7890 * @param[in] pref_count Preference count. Used if details is true.
7891 * @param[in] timeout Timeout. Used if details is true.
7892 * @param[in] config Config, used if preferences is true.
7893 * @param[in] write_to_client Function to write to client.
7894 * @param[in] write_to_client_data Argument to \p write_to_client.
7895 *
7896 * @return TRUE if out of space in to_client buffer, else FALSE.
7897 */
7898 static gboolean
send_nvt(iterator_t * nvts,int details,int preferences,int pref_count,const char * timeout,config_t config,int (* write_to_client)(const char *,void *),void * write_to_client_data)7899 send_nvt (iterator_t *nvts, int details, int preferences, int pref_count,
7900 const char *timeout, config_t config,
7901 int (*write_to_client) (const char *, void*),
7902 void* write_to_client_data)
7903 {
7904 gchar *msg;
7905
7906 msg = get_nvt_xml (nvts, details, pref_count, preferences, timeout, config,
7907 0);
7908 if (send_to_client (msg, write_to_client, write_to_client_data))
7909 {
7910 g_free (msg);
7911 return TRUE;
7912 }
7913 g_free (msg);
7914 return FALSE;
7915 }
7916
7917 /**
7918 * @brief Convert \n's to real newline's.
7919 *
7920 * @param[in] text The text in which to insert newlines.
7921 *
7922 * @return A newly allocated version of text.
7923 */
7924 static gchar*
convert_to_newlines(const char * text)7925 convert_to_newlines (const char *text)
7926 {
7927 char *nptr, *new;
7928
7929 new = g_malloc (strlen (text) + 1);
7930 nptr = new;
7931 while (*text)
7932 if (*text == '\\')
7933 {
7934 /* Convert "\\n" to '\n' */
7935 if (*(text+1) == 'n')
7936 {
7937 text += 2;
7938 *nptr++ = '\n';
7939 }
7940 /* Skip "\\r" */
7941 else if (*(text+1) == 'r')
7942 text += 2;
7943 else
7944 *nptr++ = *text++;
7945 }
7946 else
7947 *nptr++ = *text++;
7948 *nptr = '\0';
7949
7950 return new;
7951 }
7952
7953 /**
7954 * @brief Get substring of UTF8 string.
7955 *
7956 * @param[in] str String
7957 * @param[in] start_pos Start.
7958 * @param[in] end_pos End.
7959 *
7960 * @return Substring.
7961 */
7962 static gchar *
utf8_substring(const gchar * str,glong start_pos,glong end_pos)7963 utf8_substring (const gchar *str, glong start_pos, glong end_pos)
7964 {
7965 gchar *start, *end, *out;
7966
7967 /* TODO This is a copy of g_utf8_substring from glib 2.38.2. Once our glib
7968 * minimum goes past 2.30 we can just use g_utf8_substring. */
7969
7970 start = g_utf8_offset_to_pointer (str, start_pos);
7971 end = g_utf8_offset_to_pointer (start, end_pos - start_pos);
7972
7973 out = g_malloc (end - start + 1);
7974 memcpy (out, start, end - start);
7975 out[end - start] = 0;
7976
7977 return out;
7978 }
7979
7980 /**
7981 * @brief Buffer XML for some notes.
7982 *
7983 * @param[in] buffer Buffer into which to buffer notes.
7984 * @param[in] notes Notes iterator.
7985 * @param[in] include_notes_details Whether to include details of notes.
7986 * @param[in] include_result Whether to include associated result.
7987 * @param[out] count Number of notes.
7988 */
7989 static void
buffer_notes_xml(GString * buffer,iterator_t * notes,int include_notes_details,int include_result,int * count)7990 buffer_notes_xml (GString *buffer, iterator_t *notes, int include_notes_details,
7991 int include_result, int *count)
7992 {
7993 while (next (notes))
7994 {
7995 int tag_count;
7996 char *uuid_task, *uuid_result;
7997
7998 tag_count = resource_tag_count ("note",
7999 get_iterator_resource (notes),
8000 1);
8001
8002 if (count)
8003 (*count)++;
8004
8005 if (note_iterator_task (notes))
8006 task_uuid (note_iterator_task (notes),
8007 &uuid_task);
8008 else
8009 uuid_task = NULL;
8010
8011 if (note_iterator_result (notes))
8012 result_uuid (note_iterator_result (notes),
8013 &uuid_result);
8014 else
8015 uuid_result = NULL;
8016
8017 buffer_xml_append_printf (buffer,
8018 "<note id=\"%s\">"
8019 "<permissions>",
8020 get_iterator_uuid (notes));
8021
8022 if (/* The user is the owner. */
8023 (current_credentials.username
8024 && get_iterator_owner_name (notes)
8025 && (strcmp (get_iterator_owner_name (notes),
8026 current_credentials.username)
8027 == 0))
8028 /* Or the user is effectively the owner. */
8029 || acl_user_has_super (current_credentials.uuid,
8030 get_iterator_owner (notes)))
8031 buffer_xml_append_printf (buffer,
8032 "<permission><name>Everything</name></permission>"
8033 "</permissions>");
8034 else
8035 {
8036 iterator_t perms;
8037 get_data_t perms_get;
8038
8039 memset (&perms_get, '\0', sizeof (perms_get));
8040 perms_get.filter = g_strdup_printf ("resource_uuid=%s"
8041 " owner=any"
8042 " permission=any",
8043 get_iterator_uuid (notes));
8044 init_permission_iterator (&perms, &perms_get);
8045 g_free (perms_get.filter);
8046 while (next (&perms))
8047 buffer_xml_append_printf (buffer,
8048 "<permission><name>%s</name></permission>",
8049 get_iterator_name (&perms));
8050 cleanup_iterator (&perms);
8051
8052 buffer_xml_append_printf (buffer, "</permissions>");
8053 }
8054
8055 if (include_notes_details == 0)
8056 {
8057 const char *text = note_iterator_text (notes);
8058 gchar *excerpt = utf8_substring (text, 0, 60);
8059 /* This must match send_get_common. */
8060 buffer_xml_append_printf (buffer,
8061 "<owner><name>%s</name></owner>"
8062 "<nvt oid=\"%s\">"
8063 "<name>%s</name>"
8064 "<type>%s</type>"
8065 "</nvt>"
8066 "<creation_time>%s</creation_time>"
8067 "<modification_time>%s</modification_time>"
8068 "<writable>1</writable>"
8069 "<in_use>0</in_use>"
8070 "<active>%i</active>"
8071 "<text excerpt=\"%i\">%s</text>"
8072 "<orphan>%i</orphan>",
8073 get_iterator_owner_name (notes)
8074 ? get_iterator_owner_name (notes)
8075 : "",
8076 note_iterator_nvt_oid (notes),
8077 note_iterator_nvt_name (notes),
8078 note_iterator_nvt_type (notes),
8079 get_iterator_creation_time (notes),
8080 get_iterator_modification_time (notes),
8081 note_iterator_active (notes),
8082 strlen (excerpt) < strlen (text),
8083 excerpt,
8084 ((note_iterator_task (notes)
8085 && (uuid_task == NULL))
8086 || (note_iterator_result (notes)
8087 && (uuid_result == NULL))));
8088
8089 if (tag_count)
8090 {
8091 buffer_xml_append_printf (buffer,
8092 "<user_tags>"
8093 "<count>%i</count>"
8094 "</user_tags>",
8095 tag_count);
8096 }
8097
8098 g_string_append (buffer, "</note>");
8099
8100 g_free (excerpt);
8101 }
8102 else
8103 {
8104 char *name_task;
8105 int trash_task;
8106 time_t end_time;
8107 iterator_t tags;
8108
8109 if (uuid_task)
8110 {
8111 name_task = task_name (note_iterator_task (notes));
8112 trash_task = task_in_trash (note_iterator_task (notes));
8113 }
8114 else
8115 {
8116 name_task = NULL;
8117 trash_task = 0;
8118 }
8119
8120 end_time = note_iterator_end_time (notes);
8121
8122 /* This must match send_get_common. */
8123 buffer_xml_append_printf
8124 (buffer,
8125 "<owner><name>%s</name></owner>"
8126 "<nvt oid=\"%s\">"
8127 "<name>%s</name>"
8128 "<type>%s</type>"
8129 "</nvt>"
8130 "<creation_time>%s</creation_time>"
8131 "<modification_time>%s</modification_time>"
8132 "<writable>1</writable>"
8133 "<in_use>0</in_use>"
8134 "<active>%i</active>"
8135 "<end_time>%s</end_time>"
8136 "<text>%s</text>"
8137 "<hosts>%s</hosts>"
8138 "<port>%s</port>"
8139 "<severity>%s</severity>"
8140 "<task id=\"%s\"><name>%s</name><trash>%i</trash></task>"
8141 "<orphan>%i</orphan>",
8142 get_iterator_owner_name (notes)
8143 ? get_iterator_owner_name (notes)
8144 : "",
8145 note_iterator_nvt_oid (notes),
8146 note_iterator_nvt_name (notes),
8147 note_iterator_nvt_type (notes),
8148 get_iterator_creation_time (notes),
8149 get_iterator_modification_time (notes),
8150 note_iterator_active (notes),
8151 end_time > 1 ? iso_time (&end_time) : "",
8152 note_iterator_text (notes),
8153 note_iterator_hosts (notes)
8154 ? note_iterator_hosts (notes) : "",
8155 note_iterator_port (notes)
8156 ? note_iterator_port (notes) : "",
8157 note_iterator_severity (notes)
8158 ? note_iterator_severity (notes) : "",
8159 uuid_task ? uuid_task : "",
8160 name_task ? name_task : "",
8161 trash_task,
8162 ((note_iterator_task (notes) && (uuid_task == NULL))
8163 || (note_iterator_result (notes) && (uuid_result == NULL))));
8164
8165 free (name_task);
8166
8167 if (include_result && uuid_result && note_iterator_result (notes))
8168 {
8169 iterator_t results;
8170 get_data_t *result_get;
8171 result_get = report_results_get_data (1, 1,
8172 1, /* apply_overrides */
8173 0 /* min_qod */);
8174 result_get->id = g_strdup (uuid_result);
8175 init_result_get_iterator (&results, result_get,
8176 0, /* No report restriction */
8177 NULL, /* No host restriction */
8178 NULL); /* No extra order SQL. */
8179 get_data_reset (result_get);
8180 free (result_get);
8181
8182 while (next (&results))
8183 buffer_results_xml (buffer,
8184 &results,
8185 0,
8186 0, /* Notes. */
8187 0, /* Note details. */
8188 0, /* Overrides. */
8189 0, /* Override details. */
8190 0, /* Tags. */
8191 0, /* Tag details. */
8192 0, /* Result details. */
8193 NULL,
8194 NULL,
8195 0,
8196 -1,
8197 0); /* Lean. */
8198 cleanup_iterator (&results);
8199 }
8200 else
8201 buffer_xml_append_printf (buffer,
8202 "<result id=\"%s\"/>",
8203 uuid_result ? uuid_result : "");
8204 if (tag_count)
8205 {
8206 buffer_xml_append_printf (buffer,
8207 "<user_tags>"
8208 "<count>%i</count>",
8209 tag_count);
8210
8211 init_resource_tag_iterator (&tags, "note",
8212 get_iterator_resource (notes),
8213 1, NULL, 1);
8214
8215 while (next (&tags))
8216 {
8217 buffer_xml_append_printf
8218 (buffer,
8219 "<tag id=\"%s\">"
8220 "<name>%s</name>"
8221 "<value>%s</value>"
8222 "<comment>%s</comment>"
8223 "</tag>",
8224 resource_tag_iterator_uuid (&tags),
8225 resource_tag_iterator_name (&tags),
8226 resource_tag_iterator_value (&tags),
8227 resource_tag_iterator_comment (&tags));
8228 }
8229
8230 cleanup_iterator (&tags);
8231
8232 g_string_append (buffer, "</user_tags>");
8233 }
8234
8235 g_string_append (buffer, "</note>");
8236 }
8237 free (uuid_task);
8238 free (uuid_result);
8239 }
8240 }
8241
8242 /**
8243 * @brief Buffer XML for some overrides.
8244 *
8245 * @param[in] buffer Buffer into which to buffer overrides.
8246 * @param[in] overrides Overrides iterator.
8247 * @param[in] include_overrides_details Whether to include details of overrides.
8248 * @param[in] include_result Whether to include associated result.
8249 * @param[out] count Number of overrides.
8250 */
8251 static void
buffer_overrides_xml(GString * buffer,iterator_t * overrides,int include_overrides_details,int include_result,int * count)8252 buffer_overrides_xml (GString *buffer, iterator_t *overrides,
8253 int include_overrides_details, int include_result,
8254 int *count)
8255 {
8256 while (next (overrides))
8257 {
8258 int tag_count;
8259 char *uuid_task, *uuid_result;
8260 tag_count = resource_tag_count ("override",
8261 get_iterator_resource (overrides),
8262 1);
8263
8264 if (count)
8265 (*count)++;
8266
8267 if (override_iterator_task (overrides))
8268 task_uuid (override_iterator_task (overrides),
8269 &uuid_task);
8270 else
8271 uuid_task = NULL;
8272
8273 if (override_iterator_result (overrides))
8274 result_uuid (override_iterator_result (overrides),
8275 &uuid_result);
8276 else
8277 uuid_result = NULL;
8278
8279 buffer_xml_append_printf (buffer,
8280 "<override id=\"%s\">"
8281 "<permissions>",
8282 get_iterator_uuid (overrides));
8283
8284 if (/* The user is the owner. */
8285 (current_credentials.username
8286 && get_iterator_owner_name (overrides)
8287 && (strcmp (get_iterator_owner_name (overrides),
8288 current_credentials.username)
8289 == 0))
8290 /* Or the user is effectively the owner. */
8291 || acl_user_has_super (current_credentials.uuid,
8292 get_iterator_owner (overrides)))
8293 buffer_xml_append_printf (buffer,
8294 "<permission><name>Everything</name></permission>"
8295 "</permissions>");
8296 else
8297 {
8298 iterator_t perms;
8299 get_data_t perms_get;
8300
8301 memset (&perms_get, '\0', sizeof (perms_get));
8302 perms_get.filter = g_strdup_printf ("resource_uuid=%s"
8303 " owner=any"
8304 " permission=any",
8305 get_iterator_uuid (overrides));
8306 init_permission_iterator (&perms, &perms_get);
8307 g_free (perms_get.filter);
8308 while (next (&perms))
8309 buffer_xml_append_printf (buffer,
8310 "<permission><name>%s</name></permission>",
8311 get_iterator_name (&perms));
8312 cleanup_iterator (&perms);
8313
8314 buffer_xml_append_printf (buffer, "</permissions>");
8315 }
8316
8317 if (include_overrides_details == 0)
8318 {
8319 const char *text = override_iterator_text (overrides);
8320 gchar *excerpt = utf8_substring (text, 0, 60);
8321 /* This must match send_get_common. */
8322 buffer_xml_append_printf (buffer,
8323 "<owner><name>%s</name></owner>"
8324 "<nvt oid=\"%s\">"
8325 "<name>%s</name>"
8326 "<type>%s</type>"
8327 "</nvt>"
8328 "<creation_time>%s</creation_time>"
8329 "<modification_time>%s</modification_time>"
8330 "<writable>1</writable>"
8331 "<in_use>0</in_use>"
8332 "<active>%i</active>"
8333 "<text excerpt=\"%i\">%s</text>"
8334 "<threat>%s</threat>"
8335 "<severity>%s</severity>"
8336 "<new_threat>%s</new_threat>"
8337 "<new_severity>%s</new_severity>"
8338 "<orphan>%i</orphan>",
8339 get_iterator_owner_name (overrides)
8340 ? get_iterator_owner_name (overrides)
8341 : "",
8342 override_iterator_nvt_oid (overrides),
8343 override_iterator_nvt_name (overrides),
8344 override_iterator_nvt_type (overrides),
8345 get_iterator_creation_time (overrides),
8346 get_iterator_modification_time (overrides),
8347 override_iterator_active (overrides),
8348 strlen (excerpt) < strlen (text),
8349 excerpt,
8350 override_iterator_threat (overrides)
8351 ? override_iterator_threat (overrides)
8352 : "",
8353 override_iterator_severity (overrides)
8354 ? override_iterator_severity (overrides)
8355 : "",
8356 override_iterator_new_threat (overrides),
8357 override_iterator_new_severity (overrides),
8358 ((override_iterator_task (overrides)
8359 && (uuid_task == NULL))
8360 || (override_iterator_result (overrides)
8361 && (uuid_result == NULL))));
8362
8363 if (tag_count)
8364 {
8365 buffer_xml_append_printf (buffer,
8366 "<user_tags>"
8367 "<count>%i</count>"
8368 "</user_tags>",
8369 tag_count);
8370 }
8371
8372 g_string_append (buffer, "</override>");
8373
8374 g_free (excerpt);
8375 }
8376 else
8377 {
8378 char *name_task;
8379 int trash_task;
8380 time_t end_time;
8381 iterator_t tags;
8382
8383 if (uuid_task)
8384 {
8385 name_task = task_name (override_iterator_task (overrides));
8386 trash_task = task_in_trash (override_iterator_task (overrides));
8387 }
8388 else
8389 {
8390 name_task = NULL;
8391 trash_task = 0;
8392 }
8393
8394 end_time = override_iterator_end_time (overrides);
8395
8396 /* This must match send_get_common. */
8397 buffer_xml_append_printf
8398 (buffer,
8399 "<owner><name>%s</name></owner>"
8400 "<nvt oid=\"%s\">"
8401 "<name>%s</name>"
8402 "<type>%s</type>"
8403 "</nvt>"
8404 "<creation_time>%s</creation_time>"
8405 "<modification_time>%s</modification_time>"
8406 "<writable>1</writable>"
8407 "<in_use>0</in_use>"
8408 "<active>%i</active>"
8409 "<end_time>%s</end_time>"
8410 "<text>%s</text>"
8411 "<hosts>%s</hosts>"
8412 "<port>%s</port>"
8413 "<threat>%s</threat>"
8414 "<severity>%s</severity>"
8415 "<new_threat>%s</new_threat>"
8416 "<new_severity>%s</new_severity>"
8417 "<task id=\"%s\"><name>%s</name><trash>%i</trash></task>"
8418 "<orphan>%i</orphan>",
8419 get_iterator_owner_name (overrides)
8420 ? get_iterator_owner_name (overrides)
8421 : "",
8422 override_iterator_nvt_oid (overrides),
8423 override_iterator_nvt_name (overrides),
8424 override_iterator_nvt_type (overrides),
8425 get_iterator_creation_time (overrides),
8426 get_iterator_modification_time (overrides),
8427 override_iterator_active (overrides),
8428 end_time > 1 ? iso_time (&end_time) : "",
8429 override_iterator_text (overrides),
8430 override_iterator_hosts (overrides)
8431 ? override_iterator_hosts (overrides) : "",
8432 override_iterator_port (overrides)
8433 ? override_iterator_port (overrides) : "",
8434 override_iterator_threat (overrides)
8435 ? override_iterator_threat (overrides) : "",
8436 override_iterator_severity (overrides)
8437 ? override_iterator_severity (overrides) : "",
8438 override_iterator_new_threat (overrides),
8439 override_iterator_new_severity (overrides),
8440 uuid_task ? uuid_task : "",
8441 name_task ? name_task : "",
8442 trash_task,
8443 ((override_iterator_task (overrides) && (uuid_task == NULL))
8444 || (override_iterator_result (overrides) && (uuid_result == NULL))));
8445
8446 free (name_task);
8447
8448 if (include_result && uuid_result
8449 && override_iterator_result (overrides))
8450 {
8451 iterator_t results;
8452 get_data_t *result_get;
8453 result_get = report_results_get_data (1, 1,
8454 1, /* apply_overrides */
8455 0 /* min_qod */);
8456 result_get->id = g_strdup (uuid_result);
8457 init_result_get_iterator (&results, result_get,
8458 0, /* No report restriction */
8459 NULL, /* No host restriction */
8460 NULL); /* No extra order SQL. */
8461 get_data_reset (result_get);
8462 free (result_get);
8463
8464 while (next (&results))
8465 buffer_results_xml (buffer,
8466 &results,
8467 0,
8468 0, /* Overrides. */
8469 0, /* Override details. */
8470 0, /* Overrides. */
8471 0, /* Override details. */
8472 0, /* Tags. */
8473 0, /* Tag details. */
8474 0, /* Result details. */
8475 NULL,
8476 NULL,
8477 0,
8478 -1,
8479 0); /* Lean. */
8480 cleanup_iterator (&results);
8481 }
8482 else
8483 buffer_xml_append_printf (buffer,
8484 "<result id=\"%s\"/>",
8485 uuid_result ? uuid_result : "");
8486
8487 if (tag_count)
8488 {
8489 buffer_xml_append_printf (buffer,
8490 "<user_tags>"
8491 "<count>%i</count>",
8492 tag_count);
8493
8494 init_resource_tag_iterator (&tags, "override",
8495 get_iterator_resource (overrides),
8496 1, NULL, 1);
8497
8498 while (next (&tags))
8499 {
8500 buffer_xml_append_printf
8501 (buffer,
8502 "<tag id=\"%s\">"
8503 "<name>%s</name>"
8504 "<value>%s</value>"
8505 "<comment>%s</comment>"
8506 "</tag>",
8507 resource_tag_iterator_uuid (&tags),
8508 resource_tag_iterator_name (&tags),
8509 resource_tag_iterator_value (&tags),
8510 resource_tag_iterator_comment (&tags));
8511 }
8512
8513 cleanup_iterator (&tags);
8514
8515 g_string_append (buffer, "</user_tags>");
8516 }
8517
8518 g_string_append (buffer, "</override>");
8519 }
8520 free (uuid_task);
8521 free (uuid_result);
8522 }
8523 }
8524
8525 /* External for manage.c. */
8526 /**
8527 * @brief Buffer XML for the NVT preference of a config.
8528 *
8529 * @param[in] buffer Buffer.
8530 * @param[in] prefs NVT preference iterator.
8531 * @param[in] config Config.
8532 * @param[in] hide_passwords Whether to hide passwords.
8533 */
8534 void
buffer_config_preference_xml(GString * buffer,iterator_t * prefs,config_t config,int hide_passwords)8535 buffer_config_preference_xml (GString *buffer, iterator_t *prefs,
8536 config_t config, int hide_passwords)
8537 {
8538 char *real_name, *type, *value, *oid, *id, *nvt = NULL;
8539 const char *default_value;
8540
8541 oid = nvt_preference_iterator_oid (prefs);
8542 type = nvt_preference_iterator_type (prefs);
8543 real_name = nvt_preference_iterator_real_name (prefs);
8544 default_value = nvt_preference_iterator_value (prefs);
8545 value = nvt_preference_iterator_config_value (prefs, config);
8546 id = nvt_preference_iterator_id (prefs);
8547
8548 if (oid)
8549 nvt = nvt_name (oid);
8550 buffer_xml_append_printf (buffer,
8551 "<preference>"
8552 "<nvt oid=\"%s\"><name>%s</name></nvt>"
8553 "<id>%s</id>"
8554 "<hr_name>%s</hr_name>"
8555 "<name>%s</name>"
8556 "<type>%s</type>",
8557 oid ? oid : "",
8558 nvt ? nvt : "",
8559 id ? id : "",
8560 real_name ? real_name : "",
8561 real_name ? real_name : "",
8562 type ? type : "");
8563
8564 if (value
8565 && type
8566 && (strcmp (type, "radio") == 0))
8567 {
8568 /* Handle the other possible values. */
8569 char *pos = strchr (value, ';');
8570 if (pos) *pos = '\0';
8571 buffer_xml_append_printf (buffer, "<value>%s</value>", value);
8572 }
8573 else if (value
8574 && type
8575 && hide_passwords
8576 && (strcmp (type, "password") == 0))
8577 buffer_xml_append_printf (buffer, "<value></value>");
8578 else
8579 buffer_xml_append_printf (buffer, "<value>%s</value>", value ? value : "");
8580
8581 if (default_value
8582 && type
8583 && (strcmp (type, "radio") == 0))
8584 {
8585 char *pos;
8586 gchar *alts;
8587
8588 /* Handle the other possible values. */
8589
8590 alts = g_strdup (default_value);
8591
8592 pos = strchr (default_value, ';');
8593 if (pos) *pos = '\0';
8594 buffer_xml_append_printf (buffer, "<default>%s</default>", default_value);
8595
8596 pos = alts;
8597 while (1)
8598 {
8599 char *pos2 = strchr (pos, ';');
8600 if (pos2) *pos2 = '\0';
8601 if (value == NULL || strcmp (pos, value))
8602 buffer_xml_append_printf (buffer, "<alt>%s</alt>", pos);
8603 if (pos2 == NULL)
8604 break;
8605 pos = pos2 + 1;
8606 }
8607 g_free (alts);
8608 }
8609 else if (default_value
8610 && type
8611 && (strcmp (type, "password") == 0))
8612 buffer_xml_append_printf (buffer, "<default></default>");
8613 else
8614 buffer_xml_append_printf (buffer, "<default>%s</default>", default_value
8615 ? default_value
8616 : "");
8617
8618 buffer_xml_append_printf (buffer, "</preference>");
8619
8620 g_free (real_name);
8621 g_free (type);
8622 g_free (value);
8623 g_free (nvt);
8624 g_free (oid);
8625 }
8626
8627 /**
8628 * @brief Compare two string with the "diff" command.
8629 *
8630 * @param[in] one First string.
8631 * @param[in] two Second string.
8632 *
8633 * @return Output of "diff", or NULL on error.
8634 */
8635 static gchar *
strdiff(const gchar * one,const gchar * two)8636 strdiff (const gchar *one, const gchar *two)
8637 {
8638 gchar **cmd, *ret, *one_file, *two_file, *old_lc_all, *old_language;
8639 gint exit_status;
8640 gchar *standard_out = NULL;
8641 gchar *standard_err = NULL;
8642 char dir[] = "/tmp/gvmd-strdiff-XXXXXX";
8643 GError *error = NULL;
8644 gchar *c_one, *c_two;
8645
8646 if (mkdtemp (dir) == NULL)
8647 return NULL;
8648
8649 one_file = g_build_filename (dir, "Report 1", NULL);
8650
8651 c_one = g_strdup_printf ("%s\n", one);
8652
8653 g_file_set_contents (one_file, c_one, strlen (c_one), &error);
8654
8655 g_free (c_one);
8656
8657 if (error)
8658 {
8659 g_warning ("%s", error->message);
8660 g_error_free (error);
8661 gvm_file_remove_recurse (dir);
8662 g_free (one_file);
8663 return NULL;
8664 }
8665
8666 two_file = g_build_filename (dir, "Report 2", NULL);
8667
8668 c_two = g_strdup_printf ("%s\n", two);
8669
8670 g_file_set_contents (two_file, c_two, strlen (c_two), &error);
8671
8672 g_free (c_two);
8673
8674 if (error)
8675 {
8676 g_warning ("%s", error->message);
8677 g_error_free (error);
8678 gvm_file_remove_recurse (dir);
8679 g_free (one_file);
8680 g_free (two_file);
8681 return NULL;
8682 }
8683
8684 old_lc_all = getenv ("LC_ALL") ? g_strdup (getenv ("LC_ALL")) : NULL;
8685 if (setenv ("LC_ALL", "C", 1) == -1)
8686 {
8687 g_warning ("%s: failed to set LC_ALL", __func__);
8688 return NULL;
8689 }
8690
8691 old_language = getenv ("LANGUAGE") ? g_strdup (getenv ("LANGUAGE")) : NULL;
8692 if (setenv ("LANGUAGE", "C", 1) == -1)
8693 {
8694 g_warning ("%s: failed to set LANGUAGE", __func__);
8695 return NULL;
8696 }
8697
8698 cmd = (gchar **) g_malloc (7 * sizeof (gchar *));
8699
8700 cmd[0] = g_strdup ("diff");
8701 cmd[1] = g_strdup ("--ignore-all-space");
8702 cmd[2] = g_strdup ("--ignore-blank-lines");
8703 cmd[3] = g_strdup ("-u");
8704 cmd[4] = g_strdup ("Report 1");
8705 cmd[5] = g_strdup ("Report 2");
8706 cmd[6] = NULL;
8707 g_debug ("%s: Spawning in %s: %s \"%s\" \"%s\"",
8708 __func__, dir,
8709 cmd[0], cmd[1], cmd[2]);
8710 if ((g_spawn_sync (dir,
8711 cmd,
8712 NULL, /* Environment. */
8713 G_SPAWN_SEARCH_PATH,
8714 NULL, /* Setup func. */
8715 NULL,
8716 &standard_out,
8717 &standard_err,
8718 &exit_status,
8719 NULL) == FALSE)
8720 || (WIFEXITED (exit_status) == 0)
8721 || WEXITSTATUS (exit_status))
8722 {
8723 if (WEXITSTATUS (exit_status) == 1)
8724 ret = standard_out;
8725 else
8726 {
8727 g_debug ("%s: failed to run diff: %d (WIF %i, WEX %i)",
8728 __func__,
8729 exit_status,
8730 WIFEXITED (exit_status),
8731 WEXITSTATUS (exit_status));
8732 g_debug ("%s: stdout: %s", __func__, standard_out);
8733 g_debug ("%s: stderr: %s", __func__, standard_err);
8734 ret = NULL;
8735 g_free (standard_out);
8736 }
8737 }
8738 else
8739 ret = standard_out;
8740
8741 if (old_lc_all && (setenv ("LC_ALL", old_lc_all, 1) == -1))
8742 {
8743 g_warning ("%s: failed to reset LC_ALL", __func__);
8744 ret = NULL;
8745 }
8746 else if (old_language && (setenv ("LANGUAGE", old_language, 1) == -1))
8747 {
8748 g_warning ("%s: failed to reset LANGUAGE", __func__);
8749 ret = NULL;
8750 }
8751
8752 g_free (old_lc_all);
8753 g_free (old_language);
8754 g_free (cmd[0]);
8755 g_free (cmd[1]);
8756 g_free (cmd[2]);
8757 g_free (cmd[3]);
8758 g_free (cmd[4]);
8759 g_free (cmd[5]);
8760 g_free (cmd);
8761 g_free (standard_err);
8762 g_free (one_file);
8763 g_free (two_file);
8764 gvm_file_remove_recurse (dir);
8765
8766 return ret;
8767 }
8768
8769 /**
8770 * @brief Buffer XML for notes of a result.
8771 *
8772 * @param[in] buffer Buffer into which to buffer results.
8773 * @param[in] result Result.
8774 * @param[in] task Task associated with result.
8775 * @param[in] include_notes_details Whether to include details of notes.
8776 * @param[in] lean Whether to include less info.
8777 */
8778 static void
buffer_result_notes_xml(GString * buffer,result_t result,task_t task,int include_notes_details,int lean)8779 buffer_result_notes_xml (GString *buffer, result_t result, task_t task,
8780 int include_notes_details, int lean)
8781 {
8782 if (task)
8783 {
8784 get_data_t get;
8785 iterator_t notes;
8786 GString *temp_buffer;
8787
8788 memset (&get, '\0', sizeof (get));
8789 /* Most recent first. */
8790 get.filter = "sort-reverse=created owner=any permission=any";
8791
8792 if (note_count (&get, 0, result, task) == 0)
8793 return;
8794
8795 init_note_iterator (¬es,
8796 &get,
8797 0,
8798 result,
8799 task);
8800
8801 temp_buffer = g_string_new ("");
8802 buffer_notes_xml (temp_buffer,
8803 ¬es,
8804 include_notes_details,
8805 0,
8806 NULL);
8807
8808 if (lean == 0 || strlen (temp_buffer->str))
8809 {
8810 g_string_append (buffer, "<notes>");
8811 g_string_append (buffer, temp_buffer->str);
8812 g_string_append (buffer, "</notes>");
8813 }
8814 g_string_free (temp_buffer, TRUE);
8815
8816 cleanup_iterator (¬es);
8817 }
8818 }
8819
8820 /**
8821 * @brief Buffer XML for overrides of a result.
8822 *
8823 * @param[in] buffer Buffer into which to buffer results.
8824 * @param[in] result Result.
8825 * @param[in] task Task associated with result.
8826 * @param[in] include_overrides_details Whether to include details of overrides.
8827 * @param[in] lean Whether to include less info.
8828 */
8829 static void
buffer_result_overrides_xml(GString * buffer,result_t result,task_t task,int include_overrides_details,int lean)8830 buffer_result_overrides_xml (GString *buffer, result_t result, task_t task,
8831 int include_overrides_details, int lean)
8832 {
8833 if (task)
8834 {
8835 get_data_t get;
8836 iterator_t overrides;
8837 GString *temp_buffer;
8838
8839 memset (&get, '\0', sizeof (get));
8840 /* Most recent first. */
8841 get.filter = "sort-reverse=created owner=any permission=any";
8842
8843 if (override_count (&get, 0, result, task) == 0)
8844 return;
8845
8846 init_override_iterator (&overrides,
8847 &get,
8848 0,
8849 result,
8850 task);
8851
8852 temp_buffer = g_string_new ("");
8853 buffer_overrides_xml (temp_buffer,
8854 &overrides,
8855 include_overrides_details,
8856 0,
8857 NULL);
8858 if (lean == 0 || strlen (temp_buffer->str))
8859 {
8860 g_string_append (buffer, "<overrides>");
8861 g_string_append (buffer, temp_buffer->str);
8862 g_string_append (buffer, "</overrides>");
8863 }
8864 g_string_free (temp_buffer, TRUE);
8865
8866 cleanup_iterator (&overrides);
8867 }
8868 }
8869
8870 /**
8871 * @brief Add a detail block to a XML buffer.
8872 *
8873 * @param[in] buffer Buffer.
8874 * @param[in] name Name.
8875 * @param[in] value Value.
8876 */
8877 static void
add_detail(GString * buffer,const gchar * name,const gchar * value)8878 add_detail (GString *buffer, const gchar *name, const gchar *value)
8879 {
8880 buffer_xml_append_printf (buffer,
8881 "<detail>"
8882 "<name>%s</name>"
8883 "<value>%s</value>"
8884 "</detail>",
8885 name,
8886 value);
8887 }
8888
8889 /**
8890 * @brief Append a REFS element to an XML buffer.
8891 *
8892 * @param[in] buffer Buffer.
8893 * @param[in] results Result iterator.
8894 * @param[in] oid OID.
8895 * @param[in] cert_loaded Whether CERT db is loaded.
8896 * @param[in] first Marker for first element.
8897 */
8898 static void
results_xml_append_cert(GString * buffer,iterator_t * results,const char * oid,int cert_loaded,int * first)8899 results_xml_append_cert (GString *buffer, iterator_t *results, const char *oid,
8900 int cert_loaded, int *first)
8901 {
8902 if (cert_loaded)
8903 {
8904 gchar **cert_bunds, **dfn_certs;
8905
8906 cert_bunds = result_iterator_cert_bunds (results);
8907 if (cert_bunds)
8908 {
8909 gchar **point;
8910
8911 point = cert_bunds;
8912 while (*point)
8913 {
8914 if (first && *first)
8915 {
8916 buffer_xml_append_printf (buffer, "<refs>");
8917 *first = 0;
8918 }
8919 g_string_append_printf
8920 (buffer, "<ref type=\"cert-bund\" id=\"%s\"/>", *point);
8921
8922 point++;
8923 }
8924 g_strfreev (cert_bunds);
8925 }
8926
8927 dfn_certs = result_iterator_dfn_certs (results);
8928 if (dfn_certs)
8929 {
8930 gchar **point;
8931
8932 point = dfn_certs;
8933 while (*point)
8934 {
8935 if (first && *first)
8936 {
8937 buffer_xml_append_printf (buffer, "<refs>");
8938 *first = 0;
8939 }
8940 g_string_append_printf
8941 (buffer, "<ref type=\"dfn-cert\" id=\"%s\"/>", *point);
8942
8943 point++;
8944 }
8945 g_strfreev (dfn_certs);
8946 }
8947 }
8948 else
8949 {
8950 if (*first)
8951 {
8952 buffer_xml_append_printf (buffer, "<refs>");
8953 *first = 0;
8954 }
8955 g_string_append_printf (buffer,
8956 "<warning>database not available</warning>");
8957 }
8958 }
8959
8960 /**
8961 * @brief Append an NVT element to an XML buffer.
8962 *
8963 * @param[in] results Results.
8964 * @param[in] buffer Buffer.
8965 * @param[in] cert_loaded Whether CERT db is loaded.
8966 */
8967 static void
results_xml_append_nvt(iterator_t * results,GString * buffer,int cert_loaded)8968 results_xml_append_nvt (iterator_t *results, GString *buffer, int cert_loaded)
8969 {
8970 const char *oid = result_iterator_nvt_oid (results);
8971
8972 assert (results);
8973 assert (buffer);
8974
8975 if (oid)
8976 {
8977 if (g_str_has_prefix (oid, "CVE-"))
8978 {
8979 gchar *severity;
8980
8981 severity = cve_cvss_base (oid);
8982 buffer_xml_append_printf (buffer,
8983 "<nvt oid=\"%s\">"
8984 "<type>cve</type>"
8985 "<name>%s</name>"
8986 "<cvss_base>%s</cvss_base>"
8987 "<severities score=\"%s\">"
8988 "</severities>"
8989 "<cpe id='%s'/>"
8990 "<cve>%s</cve>"
8991 "</nvt>",
8992 oid,
8993 oid,
8994 severity ? severity : "",
8995 severity ? severity : "",
8996 result_iterator_port (results),
8997 oid);
8998 g_free (severity);
8999 return;
9000 }
9001
9002 if (g_str_has_prefix (oid, "oval:"))
9003 {
9004 int ret, first;
9005 char *cves;
9006 gchar **split, **item;
9007 get_data_t get;
9008 iterator_t iterator;
9009 const char *severity;
9010
9011 memset (&get, '\0', sizeof (get));
9012 get.id = g_strdup (oid);
9013 ret = init_ovaldef_info_iterator (&iterator, &get, NULL);
9014 if (ret)
9015 assert (0);
9016 if (!next (&iterator))
9017 abort ();
9018 severity = ovaldef_info_iterator_severity (&iterator);
9019 buffer_xml_append_printf (buffer,
9020 "<nvt oid=\"%s\">"
9021 "<type>ovaldef</type>"
9022 "<name>%s</name>"
9023 "<cvss_base>%s</cvss_base>"
9024 "<severities score=\"%s\">"
9025 "</severities>"
9026 "<tags>summary=%s</tags>",
9027 oid,
9028 ovaldef_info_iterator_title (&iterator),
9029 severity ? severity : "",
9030 severity ? severity : "",
9031 ovaldef_info_iterator_description (&iterator));
9032 g_free (get.id);
9033 cleanup_iterator (&iterator);
9034
9035 first = 1;
9036 cves = ovaldef_cves (oid);
9037 split = g_strsplit (cves, ",", 0);
9038 item = split;
9039 while (*item)
9040 {
9041 gchar *id;
9042
9043 id = *item;
9044 g_strstrip (id);
9045
9046 if (strcmp (id, "") == 0)
9047 {
9048 item++;
9049 continue;
9050 }
9051
9052 if (first)
9053 {
9054 buffer_xml_append_printf (buffer, "<refs>");
9055 first = 0;
9056 }
9057 buffer_xml_append_printf (buffer, "<ref type=\"cve\" id=\"%s\"/>", id);
9058
9059 item++;
9060 }
9061 g_strfreev (split);
9062 g_free (cves);
9063
9064 results_xml_append_cert (buffer, results, oid, cert_loaded, &first);
9065
9066 if (first == 0)
9067 buffer_xml_append_printf (buffer, "</refs>");
9068 }
9069 else
9070 {
9071 const char *cvss_base = result_iterator_nvt_cvss_base (results);
9072 GString *tags = g_string_new (result_iterator_nvt_tag (results));
9073 int first;
9074 iterator_t severities;
9075
9076 if (!cvss_base && !strcmp (oid, "0"))
9077 cvss_base = "0.0";
9078
9079 /* Add the elements that are expected as part of the pipe-separated
9080 * tag list via API although internally already explicitly stored.
9081 * Once the API is extended to have these elements explicitly, they
9082 * do not need to be added to this tag string anymore. */
9083 if (result_iterator_nvt_summary (results))
9084 {
9085 if (tags->str)
9086 g_string_append_printf (tags, "|summary=%s",
9087 result_iterator_nvt_summary (results));
9088 else
9089 g_string_append_printf (tags, "summary=%s",
9090 result_iterator_nvt_summary (results));
9091 }
9092 if (result_iterator_nvt_insight (results))
9093 {
9094 if (tags->str)
9095 g_string_append_printf (tags, "|insight=%s",
9096 result_iterator_nvt_insight (results));
9097 else
9098 g_string_append_printf (tags, "insight=%s",
9099 result_iterator_nvt_insight (results));
9100 }
9101 if (result_iterator_nvt_affected (results))
9102 {
9103 if (tags->str)
9104 g_string_append_printf (tags, "|affected=%s",
9105 result_iterator_nvt_affected (results));
9106 else
9107 g_string_append_printf (tags, "affected=%s",
9108 result_iterator_nvt_affected (results));
9109 }
9110 if (result_iterator_nvt_impact (results))
9111 {
9112 if (tags->str)
9113 g_string_append_printf (tags, "|impact=%s",
9114 result_iterator_nvt_impact (results));
9115 else
9116 g_string_append_printf (tags, "impact=%s",
9117 result_iterator_nvt_impact (results));
9118 }
9119 if (result_iterator_nvt_solution (results))
9120 {
9121 if (tags->str)
9122 g_string_append_printf (tags, "|solution=%s",
9123 result_iterator_nvt_solution (results));
9124 else
9125 g_string_append_printf (tags, "solution=%s",
9126 result_iterator_nvt_solution (results));
9127 }
9128 if (result_iterator_nvt_detection (results))
9129 {
9130 if (tags->str)
9131 g_string_append_printf (tags, "|vuldetect=%s",
9132 result_iterator_nvt_detection (results));
9133 else
9134 g_string_append_printf (tags, "vuldetect=%s",
9135 result_iterator_nvt_detection (results));
9136 }
9137 if (result_iterator_nvt_solution_type (results))
9138 {
9139 if (tags->str)
9140 g_string_append_printf (tags, "|solution_type=%s",
9141 result_iterator_nvt_solution_type (results));
9142 else
9143 g_string_append_printf (tags, "solution_type=%s",
9144 result_iterator_nvt_solution_type (results));
9145 }
9146
9147 buffer_xml_append_printf (buffer,
9148 "<nvt oid=\"%s\">"
9149 "<type>nvt</type>"
9150 "<name>%s</name>"
9151 "<family>%s</family>"
9152 "<cvss_base>%s</cvss_base>"
9153 "<severities score=\"%s\">",
9154 oid,
9155 result_iterator_nvt_name (results) ?: oid,
9156 result_iterator_nvt_family (results) ?: "",
9157 cvss_base ?: "",
9158 cvss_base ?: "");
9159
9160 init_nvt_severity_iterator (&severities, oid);
9161 while (next (&severities))
9162 {
9163 buffer_xml_append_printf
9164 (buffer,
9165 "<severity type=\"%s\">"
9166 "<origin>%s</origin>"
9167 "<date>%s</date>"
9168 "<score>%0.1f</score>"
9169 "<value>%s</value>"
9170 "</severity>",
9171 nvt_severity_iterator_type (&severities),
9172 nvt_severity_iterator_origin (&severities),
9173 nvt_severity_iterator_date (&severities),
9174 nvt_severity_iterator_score (&severities),
9175 nvt_severity_iterator_value (&severities));
9176 }
9177 cleanup_iterator (&severities);
9178
9179 buffer_xml_append_printf (buffer,
9180 "</severities>"
9181 "<tags>%s</tags>",
9182 tags->str ?: "");
9183
9184 if (result_iterator_nvt_solution (results)
9185 || result_iterator_nvt_solution_type (results)
9186 || result_iterator_nvt_solution_method (results))
9187 {
9188 buffer_xml_append_printf (buffer, "<solution");
9189
9190 if (result_iterator_nvt_solution_type (results))
9191 buffer_xml_append_printf (buffer, " type='%s'",
9192 result_iterator_nvt_solution_type (results));
9193
9194 if (result_iterator_nvt_solution_method (results))
9195 buffer_xml_append_printf (buffer, " method='%s'",
9196 result_iterator_nvt_solution_method (results));
9197
9198 if (result_iterator_nvt_solution (results))
9199 buffer_xml_append_printf (buffer, ">%s</solution>",
9200 result_iterator_nvt_solution (results));
9201 else
9202 buffer_xml_append_printf (buffer, "/>");
9203 }
9204
9205 first = 1;
9206 xml_append_nvt_refs (buffer, result_iterator_nvt_oid (results),
9207 &first);
9208
9209 results_xml_append_cert (buffer, results, oid, cert_loaded, &first);
9210 if (first == 0)
9211 buffer_xml_append_printf (buffer, "</refs>");
9212
9213 g_string_free (tags, TRUE);
9214 }
9215
9216 }
9217
9218 buffer_xml_append_printf (buffer, "</nvt>");
9219 }
9220
9221 /** @todo Exported for manage_sql.c. */
9222 /**
9223 * @brief Buffer XML for some results.
9224 *
9225 * Includes cert_loaded arg.
9226 *
9227 * @param[in] buffer Buffer into which to buffer results.
9228 * @param[in] results Result iterator.
9229 * @param[in] task Task associated with results. Only
9230 * needed with include_notes or
9231 * include_overrides.
9232 * @param[in] include_notes Whether to include notes.
9233 * @param[in] include_notes_details Whether to include details of notes.
9234 * @param[in] include_overrides Whether to include overrides.
9235 * @param[in] include_overrides_details Whether to include details of overrides.
9236 * @param[in] include_tags Whether to include user tag count.
9237 * @param[in] include_tags_details Whether to include details of tags.
9238 * @param[in] include_details Whether to include details of the result.
9239 * @param[in] delta_state Delta state of result, or NULL.
9240 * @param[in] delta_results Iterator for delta result to include, or
9241 * NULL.
9242 * @param[in] changed Whether the result is a "changed" delta.
9243 * @param[in] cert_loaded Whether the CERT db is loaded. 0 not loaded,
9244 * -1 needs to be checked, else loaded.
9245 * @param[in] lean Whether to include less info.
9246 */
9247 void
buffer_results_xml(GString * buffer,iterator_t * results,task_t task,int include_notes,int include_notes_details,int include_overrides,int include_overrides_details,int include_tags,int include_tags_details,int include_details,const char * delta_state,iterator_t * delta_results,int changed,int cert_loaded,int lean)9248 buffer_results_xml (GString *buffer, iterator_t *results, task_t task,
9249 int include_notes, int include_notes_details,
9250 int include_overrides, int include_overrides_details,
9251 int include_tags, int include_tags_details,
9252 int include_details,
9253 const char *delta_state, iterator_t *delta_results,
9254 int changed, int cert_loaded, int lean)
9255 {
9256 const char *descr = result_iterator_descr (results);
9257 const char *name, *comment, *creation_time;
9258 const char *port, *path;
9259 const char *asset_id;
9260 gchar *nl_descr, *nl_descr_escaped;
9261 const char *qod = result_iterator_qod (results);
9262 const char *qod_type = result_iterator_qod_type (results);
9263 result_t result = result_iterator_result (results);
9264 char *detect_oid, *detect_ref, *detect_cpe, *detect_loc, *detect_name;
9265 task_t selected_task;
9266
9267 if (descr)
9268 {
9269 nl_descr = convert_to_newlines (descr);
9270 nl_descr_escaped = xml_escape_text_truncated (nl_descr,
9271 TRUNCATE_TEXT_LENGTH,
9272 TRUNCATE_TEXT_SUFFIX);
9273 }
9274 else
9275 {
9276 nl_descr = NULL;
9277 nl_descr_escaped = NULL;
9278 }
9279
9280 buffer_xml_append_printf (buffer,
9281 "<result id=\"%s\">",
9282 get_iterator_uuid (results));
9283
9284 selected_task = task;
9285
9286 name = get_iterator_name (results);
9287 if (name)
9288 buffer_xml_append_printf (buffer,
9289 "<name>%s</name>",
9290 name);
9291
9292 if (lean == 0)
9293 {
9294 const char *owner_name, *modification_time;
9295
9296 owner_name = get_iterator_owner_name (results);
9297 if (owner_name)
9298 buffer_xml_append_printf (buffer,
9299 "<owner><name>%s</name></owner>",
9300 owner_name);
9301
9302 modification_time = get_iterator_modification_time (results);
9303 if (modification_time)
9304 buffer_xml_append_printf (buffer,
9305 "<modification_time>%s</modification_time>",
9306 modification_time);
9307 }
9308
9309 comment = get_iterator_comment (results);
9310 if (comment
9311 && (lean == 0 || strlen (comment)))
9312 buffer_xml_append_printf (buffer,
9313 "<comment>%s</comment>",
9314 comment);
9315
9316 creation_time = get_iterator_creation_time (results);
9317 if (creation_time)
9318 buffer_xml_append_printf (buffer,
9319 "<creation_time>%s</creation_time>",
9320 creation_time);
9321
9322 if (include_details)
9323 {
9324 char *result_report_id, *result_task_id, *result_task_name;
9325
9326 if (task == 0)
9327 selected_task = result_iterator_task (results);
9328
9329 task_uuid (selected_task, &result_task_id);
9330 result_task_name = task_name (result_iterator_task (results));
9331 result_report_id = report_uuid (result_iterator_report (results));
9332
9333 buffer_xml_append_printf (buffer,
9334 "<report id=\"%s\"/>"
9335 "<task id=\"%s\"><name>%s</name></task>",
9336 result_report_id,
9337 result_task_id,
9338 result_task_name);
9339
9340 free (result_report_id);
9341 free (result_task_id);
9342 free (result_task_name);
9343 }
9344
9345 if (include_tags)
9346 {
9347 if (resource_tag_exists ("result", result, 1))
9348 {
9349 buffer_xml_append_printf (buffer,
9350 "<user_tags>"
9351 "<count>%i</count>",
9352 resource_tag_count ("result", result, 1));
9353
9354 if (include_tags_details)
9355 {
9356 iterator_t tags;
9357
9358 init_resource_tag_iterator (&tags, "result", result, 1, NULL, 1);
9359
9360 while (next (&tags))
9361 {
9362 buffer_xml_append_printf
9363 (buffer,
9364 "<tag id=\"%s\">"
9365 "<name>%s</name>"
9366 "<value>%s</value>"
9367 "<comment>%s</comment>"
9368 "</tag>",
9369 resource_tag_iterator_uuid (&tags),
9370 resource_tag_iterator_name (&tags),
9371 resource_tag_iterator_value (&tags),
9372 resource_tag_iterator_comment (&tags));
9373 }
9374
9375 cleanup_iterator (&tags);
9376 }
9377
9378 buffer_xml_append_printf (buffer, "</user_tags>");
9379 }
9380 }
9381
9382 port = result_iterator_port (results);
9383 path = result_iterator_path (results);
9384
9385 detect_oid = detect_ref = detect_cpe = detect_loc = detect_name = NULL;
9386 if (result_detection_reference (result, result_iterator_report (results),
9387 result_iterator_host (results), port, path,
9388 &detect_oid, &detect_ref, &detect_cpe,
9389 &detect_loc, &detect_name)
9390 == 0)
9391 {
9392 buffer_xml_append_printf (buffer,
9393 "<detection>"
9394 "<result id=\"%s\">"
9395 "<details>",
9396 detect_ref);
9397
9398 add_detail (buffer, "product", detect_cpe);
9399 add_detail (buffer, "location", detect_loc);
9400 add_detail (buffer, "source_oid", detect_oid);
9401 add_detail (buffer, "source_name", detect_name);
9402
9403 buffer_xml_append_printf (buffer,
9404 "</details>"
9405 "</result>"
9406 "</detection>");
9407 }
9408 g_free (detect_ref);
9409 g_free (detect_cpe);
9410 g_free (detect_loc);
9411 g_free (detect_name);
9412
9413 if (result_iterator_host (results))
9414 asset_id = result_iterator_asset_host_id (results);
9415 else
9416 asset_id = NULL;
9417
9418 buffer_xml_append_printf (buffer,
9419 "<host>"
9420 "%s",
9421 result_iterator_host (results) ?: "");
9422
9423 if (asset_id && strlen (asset_id))
9424 buffer_xml_append_printf (buffer,
9425 "<asset asset_id=\"%s\"/>",
9426 asset_id);
9427 else if (lean == 0)
9428 buffer_xml_append_printf (buffer,
9429 "<asset asset_id=\"\"/>");
9430
9431 buffer_xml_append_printf (buffer,
9432 "<hostname>%s</hostname>"
9433 "</host>",
9434 result_iterator_hostname (results) ?: "");
9435
9436 buffer_xml_append_printf (buffer,
9437 "<port>%s</port>",
9438 port);
9439
9440 if (path && strcmp (path, ""))
9441 buffer_xml_append_printf (buffer,
9442 "<path>%s</path>",
9443 path);
9444
9445 if (cert_loaded == -1)
9446 cert_loaded = manage_cert_loaded ();
9447 results_xml_append_nvt (results, buffer, cert_loaded);
9448
9449 if (lean == 0)
9450 buffer_xml_append_printf
9451 (buffer,
9452 "<scan_nvt_version>%s</scan_nvt_version>"
9453 "<threat>%s</threat>",
9454 result_iterator_scan_nvt_version (results),
9455 result_iterator_level (results));
9456
9457 buffer_xml_append_printf
9458 (buffer,
9459 "<severity>%.1f</severity>"
9460 "<qod><value>%s</value>",
9461 result_iterator_severity_double (results),
9462 qod ? qod : "");
9463
9464 if (qod_type && strlen (qod_type))
9465 buffer_xml_append_printf (buffer, "<type>%s</type>", qod_type);
9466 else if (lean == 0)
9467 buffer_xml_append_printf (buffer, "<type></type>");
9468
9469 buffer_xml_append_printf (buffer, "</qod>");
9470
9471 g_string_append_printf (buffer,
9472 "<description>%s</description>",
9473 descr ? nl_descr_escaped : "");
9474
9475 if (include_overrides && lean)
9476 {
9477 /* Only send the original severity if it has changed. */
9478 if (strncmp (result_iterator_original_severity (results),
9479 result_iterator_severity (results),
9480 /* Avoid rounding differences. */
9481 3))
9482 buffer_xml_append_printf (buffer,
9483 "<original_severity>%s</original_severity>",
9484 result_iterator_original_severity (results));
9485 }
9486 else if (include_overrides)
9487 buffer_xml_append_printf (buffer,
9488 "<original_threat>%s</original_threat>"
9489 "<original_severity>%s</original_severity>",
9490 result_iterator_original_level (results),
9491 result_iterator_original_severity (results));
9492
9493 if (include_notes
9494 && result_iterator_may_have_notes (results))
9495 buffer_result_notes_xml (buffer, result,
9496 selected_task, include_notes_details, lean);
9497
9498 if (include_overrides
9499 && result_iterator_may_have_overrides (results))
9500 buffer_result_overrides_xml (buffer, result,
9501 selected_task, include_overrides_details,
9502 lean);
9503
9504 if (delta_state || delta_results)
9505 {
9506 g_string_append (buffer, "<delta>");
9507 if (delta_state)
9508 g_string_append_printf (buffer, "%s", delta_state);
9509 if (changed && delta_results)
9510 {
9511 gchar *diff, *delta_nl_descr;
9512 const char *delta_descr;
9513 buffer_results_xml (buffer, delta_results, selected_task,
9514 include_notes, include_notes_details,
9515 include_overrides, include_overrides_details,
9516 include_tags, include_tags_details,
9517 include_details, delta_state, NULL, 0, -1, lean);
9518 delta_descr = result_iterator_descr (delta_results);
9519 delta_nl_descr = delta_descr ? convert_to_newlines (delta_descr)
9520 : NULL;
9521 diff = strdiff (descr ? nl_descr : "",
9522 delta_descr ? delta_nl_descr : "");
9523 g_free (delta_nl_descr);
9524 if (diff)
9525 {
9526 gchar **split, *diff_xml;
9527 /* Remove the leading filename lines. */
9528 split = g_strsplit ((gchar*) diff, "\n", 3);
9529 if (split[0] && split[1] && split[2])
9530 diff_xml = xml_escape_text_truncated (split[2],
9531 TRUNCATE_TEXT_LENGTH,
9532 TRUNCATE_TEXT_SUFFIX);
9533 else
9534 diff_xml = xml_escape_text_truncated (diff,
9535 TRUNCATE_TEXT_LENGTH,
9536 TRUNCATE_TEXT_SUFFIX);
9537 g_strfreev (split);
9538 g_string_append_printf (buffer, "<diff>%s</diff>", diff_xml);
9539 g_free (diff_xml);
9540 g_free (diff);
9541 }
9542 else
9543 g_string_append (buffer, "<diff>Error creating diff.</diff>");
9544 }
9545
9546 if (delta_results)
9547 {
9548 if (include_notes)
9549 buffer_result_notes_xml (buffer,
9550 result_iterator_result (delta_results),
9551 selected_task,
9552 include_notes_details,
9553 lean);
9554
9555 if (include_overrides)
9556 buffer_result_overrides_xml (buffer,
9557 result_iterator_result (delta_results),
9558 selected_task,
9559 include_overrides_details,
9560 lean);
9561 }
9562 g_string_append (buffer, "</delta>");
9563 }
9564
9565 if (descr)
9566 {
9567 g_free (nl_descr);
9568 g_free (nl_descr_escaped);
9569 }
9570
9571 if (result_iterator_may_have_tickets (results))
9572 buffer_result_tickets_xml (buffer, result);
9573
9574 g_string_append (buffer, "</result>");
9575 }
9576
9577 #undef ADD_DETAIL
9578
9579 /**
9580 * @brief Initialize lists for aggregates.
9581 *
9582 * @param[in] group_column Column the data are grouped by.
9583 * @param[in] subgroup_column Second column the data grouped by.
9584 * @param[in] data_column_list GList of columns statistics are calculated for.
9585 * @param[in] text_column_list GList of columns used for labels.
9586 * @param[in] sort_data_list GList of sort data.
9587 * @param[out] group_column_type Type of the group_column.
9588 * @param[out] subgroup_column_type Type of the group_column.
9589 * @param[out] data_column_types Types of the data_column.
9590 * @param[out] data_columns data_column_list copied to a GArray.
9591 * @param[out] text_column_types Types of the text_columns.
9592 * @param[out] text_columns text_column_list copied to a GArray.
9593 * @param[out] sort_data sort_data_list copied to a GArray.
9594 * @param[out] c_sums Array for calculating cumulative sums.
9595 */
9596 static void
init_aggregate_lists(const gchar * group_column,const gchar * subgroup_column,GList * data_column_list,GList * text_column_list,GList * sort_data_list,gchar ** group_column_type,gchar ** subgroup_column_type,GArray ** data_column_types,GArray ** data_columns,GArray ** text_column_types,GArray ** text_columns,GArray ** sort_data,GArray ** c_sums)9597 init_aggregate_lists (const gchar* group_column,
9598 const gchar* subgroup_column,
9599 GList *data_column_list,
9600 GList *text_column_list,
9601 GList *sort_data_list,
9602 gchar **group_column_type,
9603 gchar **subgroup_column_type,
9604 GArray **data_column_types,
9605 GArray **data_columns,
9606 GArray **text_column_types,
9607 GArray **text_columns,
9608 GArray **sort_data,
9609 GArray **c_sums)
9610 {
9611 if (group_column == NULL)
9612 *group_column_type = "";
9613 else if (strcmp (group_column, "severity") == 0)
9614 *group_column_type = "cvss";
9615 else if (strcmp (group_column, "created") == 0
9616 || strcmp (group_column, "modified") == 0)
9617 *group_column_type = "unix_time";
9618 else
9619 *group_column_type = "text";
9620
9621 if (subgroup_column == NULL)
9622 *subgroup_column_type = "";
9623 else if (strcmp (subgroup_column, "severity") == 0)
9624 *subgroup_column_type = "cvss";
9625 else if (strcmp (subgroup_column, "created") == 0
9626 || strcmp (subgroup_column, "modified") == 0)
9627 *subgroup_column_type = "unix_time";
9628 else
9629 *subgroup_column_type = "text";
9630
9631 *data_columns = g_array_new (TRUE, TRUE, sizeof (gchar*));
9632 *data_column_types = g_array_new (TRUE, TRUE, sizeof (char*));
9633 *text_columns = g_array_new (TRUE, TRUE, sizeof (gchar*));
9634 *text_column_types = g_array_new (TRUE, TRUE, sizeof (char*));
9635 *c_sums = g_array_new (TRUE, TRUE, sizeof (double));
9636 *sort_data = g_array_new (TRUE, TRUE, sizeof (sort_data_t*));
9637
9638 data_column_list = g_list_first (data_column_list);
9639 while (data_column_list)
9640 {
9641 gchar *data_column = data_column_list->data;
9642 if (strcmp (data_column, ""))
9643 {
9644 gchar *current_column = g_strdup (data_column);
9645 gchar *current_column_type;
9646 double c_sum = 0.0;
9647 g_array_append_val (*data_columns,
9648 current_column);
9649
9650 if (strcmp (data_column, "severity") == 0)
9651 current_column_type = g_strdup ("cvss");
9652 else if (strcmp (data_column, "created") == 0
9653 || strcmp (data_column, "modified") == 0)
9654 current_column_type = g_strdup ("unix_time");
9655 else
9656 current_column_type = g_strdup ("decimal");
9657
9658 g_array_append_val (*data_column_types, current_column_type);
9659
9660 g_array_append_val (*c_sums, c_sum);
9661 }
9662 data_column_list = data_column_list->next;
9663 }
9664
9665 text_column_list = g_list_first (text_column_list);
9666 while (text_column_list)
9667 {
9668 gchar *text_column = text_column_list->data;
9669 if (strcmp (text_column, ""))
9670 {
9671 gchar *current_column = g_strdup (text_column);
9672 gchar *current_column_type;
9673
9674 current_column_type = g_strdup ("text");
9675
9676 g_array_append_val (*text_columns, current_column);
9677 g_array_append_val (*text_column_types, current_column_type);
9678 }
9679 text_column_list = text_column_list->next;
9680 }
9681
9682 sort_data_list = g_list_first (sort_data_list);
9683 while (sort_data_list)
9684 {
9685 sort_data_t *sort_data_item = sort_data_list->data;
9686 sort_data_t *sort_data_copy = g_malloc0 (sizeof (sort_data_t));
9687
9688 sort_data_copy->field = g_strdup (sort_data_item->field);
9689 sort_data_copy->stat = g_strdup (sort_data_item->stat);
9690 sort_data_copy->order = sort_data_item->order;
9691 g_array_append_val (*sort_data, sort_data_copy);
9692
9693 sort_data_list = sort_data_list->next;
9694 }
9695 }
9696
9697 /**
9698 * @brief Helper data structure for word counts.
9699 */
9700 typedef struct
9701 {
9702 gchar *string; ///< The string counted.
9703 int count; ///< The number of occurrences.
9704 } count_data_t;
9705
9706 /**
9707 * @brief Helper data structure for buffering word counts.
9708 */
9709 typedef struct
9710 {
9711 GString *buffer; ///< The GString buffer to write to
9712 int skip; ///< The amount of entries to skip at start.
9713 int limit; ///< The maximum number of entries to output or -1 for all.
9714 } buffer_counts_data_t;
9715
9716 /**
9717 * @brief Helper function for comparing strings in reverse order.
9718 *
9719 * @param[in] s1 The first string to compare
9720 * @param[in] s2 The second string to compare
9721 *
9722 * @return The result of g_ascii_strcasecmp with string order reversed.
9723 */
9724 static int
strcasecmp_reverse(gchar * s1,gchar * s2)9725 strcasecmp_reverse (gchar *s1, gchar *s2)
9726 {
9727 return g_ascii_strcasecmp (s2, s1);
9728 }
9729
9730 /**
9731 * @brief Helper function for comparing word count structs by count.
9732 *
9733 * @param[in] c1 The first count struct to compare
9734 * @param[in] c2 The second count struct to compare
9735 * @param[in] dummy Dummy parameter required by glib.
9736 *
9737 * @return A value > 0 if c1 > c2, a value < 0 if c1 < c2, 0 if c1 = c2.
9738 */
9739 static int
compare_count_data(gconstpointer c1,gconstpointer c2,gpointer dummy)9740 compare_count_data (gconstpointer c1, gconstpointer c2, gpointer dummy)
9741 {
9742 return ((count_data_t*)c2)->count - ((count_data_t*)c1)->count;
9743 }
9744
9745 /**
9746 * @brief Helper function for comparing word count structs by count in reverse.
9747 *
9748 * @param[in] c1 The first count struct to compare
9749 * @param[in] c2 The second count struct to compare
9750 * @param[in] dummy Dummy parameter required by glib.
9751 *
9752 * @return A value > 0 if c1 < c2, a value < 0 if c1 > c2, 0 if c1 = c2.
9753 */
9754 static int
compare_count_data_reverse(gconstpointer c1,gconstpointer c2,gpointer dummy)9755 compare_count_data_reverse (gconstpointer c1, gconstpointer c2, gpointer dummy)
9756 {
9757 return ((count_data_t*)c1)->count - ((count_data_t*)c2)->count;
9758 }
9759
9760 /**
9761 * @brief Copy word counts to a GSequence of count_data_t structs (ascending).
9762 *
9763 * @param[in] key The key (word).
9764 * @param[in] value The value (count).
9765 * @param data The GSequence object to insert into.
9766 *
9767 * @return Always FALSE.
9768 */
9769 static gboolean
copy_word_counts_asc(gpointer key,gpointer value,gpointer data)9770 copy_word_counts_asc (gpointer key, gpointer value, gpointer data)
9771 {
9772 count_data_t* new_count = g_malloc (sizeof (count_data_t));
9773
9774 new_count->string = (gchar*)key;
9775 new_count->count = GPOINTER_TO_INT (value);
9776
9777 g_sequence_insert_sorted ((GSequence*) data,
9778 new_count,
9779 compare_count_data_reverse,
9780 NULL);
9781
9782 return FALSE;
9783 }
9784
9785 /**
9786 * @brief Copy word counts to a GSequence of count_data_t structs (descending).
9787 *
9788 * @param[in] key The key (word).
9789 * @param[in] value The value (count).
9790 * @param data The GSequence object to insert into.
9791 *
9792 * @return Always FALSE.
9793 */
9794 static gboolean
copy_word_counts_desc(gpointer key,gpointer value,gpointer data)9795 copy_word_counts_desc (gpointer key, gpointer value, gpointer data)
9796 {
9797 count_data_t* new_count = g_malloc (sizeof (count_data_t));
9798
9799 new_count->string = (gchar*)key;
9800 new_count->count = GPOINTER_TO_INT (value);
9801
9802 g_sequence_insert_sorted ((GSequence*) data,
9803 new_count,
9804 compare_count_data,
9805 NULL);
9806
9807 return FALSE;
9808 }
9809
9810 /**
9811 * @brief Buffer word count data
9812 *
9813 * @param[in] key The key (word).
9814 * @param[in] value The value (count).
9815 * @param data The buffer_counts_data_t struct containing info.
9816 *
9817 * @return TRUE if the limit has been reached, FALSE otherwise
9818 */
9819 static gboolean
buffer_word_counts_tree(gpointer key,gpointer value,gpointer data)9820 buffer_word_counts_tree (gpointer key, gpointer value, gpointer data)
9821 {
9822 buffer_counts_data_t* count_data = (buffer_counts_data_t*) data;
9823 if (count_data->skip)
9824 {
9825 count_data->skip--;
9826 return FALSE;
9827 }
9828 xml_string_append (count_data->buffer,
9829 "<group>"
9830 "<value>%s</value>"
9831 "<count>%d</count>"
9832 "</group>",
9833 (gchar*) key,
9834 GPOINTER_TO_INT (value));
9835 if (count_data->limit > 0)
9836 count_data->limit--;
9837
9838 return count_data->limit == 0;
9839 }
9840
9841 /**
9842 * @brief Buffer word count data
9843 *
9844 * @param[in] value The value
9845 * @param buffer The buffer object
9846 */
9847 static void
buffer_word_counts_seq(gpointer value,gpointer buffer)9848 buffer_word_counts_seq (gpointer value, gpointer buffer)
9849 {
9850 xml_string_append ((GString*) buffer,
9851 "<group>"
9852 "<value>%s</value>"
9853 "<count>%d</count>"
9854 "</group>",
9855 ((count_data_t*) value)->string,
9856 ((count_data_t*) value)->count);
9857 }
9858
9859 /**
9860 * @brief Count words of an aggregate and buffer as XML.
9861 *
9862 * @param[in] xml Buffer into which to buffer aggregate.
9863 * @param[in] aggregate The aggregate iterator.
9864 * @param[in] type The aggregated type.
9865 * @param[in] group_column Column the data are grouped by.
9866 * @param[in] sort_data Sort data.
9867 * @param[in] first_group Index of the first word to output, starting at 0.
9868 * @param[in] max_groups Maximum number of words to output or -1 for all.
9869 */
9870 static void
buffer_aggregate_wc_xml(GString * xml,iterator_t * aggregate,const gchar * type,const char * group_column,GArray * sort_data,int first_group,int max_groups)9871 buffer_aggregate_wc_xml (GString *xml, iterator_t* aggregate,
9872 const gchar* type, const char* group_column,
9873 GArray* sort_data,
9874 int first_group, int max_groups)
9875 {
9876 sort_data_t *first_sort_data;
9877 const char *sort_stat;
9878 int sort_order;
9879
9880 if (sort_data && sort_data->len)
9881 {
9882 first_sort_data = g_array_index (sort_data, sort_data_t*, 0);
9883 sort_stat = first_sort_data->stat;
9884 sort_order = first_sort_data->order;
9885 }
9886 else
9887 {
9888 sort_stat = "value";
9889 sort_order = 0;
9890 }
9891
9892 GTree *word_counts, *ignore_words;
9893 GRegex *word_regex;
9894
9895 // Word regex: Words must contain at least 1 letter
9896 word_regex = g_regex_new ("[[:alpha:]]", 0, 0, NULL);
9897
9898 ignore_words = g_tree_new_full ((GCompareDataFunc) g_ascii_strcasecmp, NULL,
9899 g_free, NULL);
9900 g_tree_insert (ignore_words, g_strdup ("an"), GINT_TO_POINTER (1));
9901 g_tree_insert (ignore_words, g_strdup ("the"), GINT_TO_POINTER (1));
9902 g_tree_insert (ignore_words, g_strdup ("and"), GINT_TO_POINTER (1));
9903 g_tree_insert (ignore_words, g_strdup ("or"), GINT_TO_POINTER (1));
9904 g_tree_insert (ignore_words, g_strdup ("not"), GINT_TO_POINTER (1));
9905 g_tree_insert (ignore_words, g_strdup ("is"), GINT_TO_POINTER (1));
9906 g_tree_insert (ignore_words, g_strdup ("are"), GINT_TO_POINTER (1));
9907 g_tree_insert (ignore_words, g_strdup ("was"), GINT_TO_POINTER (1));
9908 g_tree_insert (ignore_words, g_strdup ("were"), GINT_TO_POINTER (1));
9909 g_tree_insert (ignore_words, g_strdup ("you"), GINT_TO_POINTER (1));
9910 g_tree_insert (ignore_words, g_strdup ("your"), GINT_TO_POINTER (1));
9911 g_tree_insert (ignore_words, g_strdup ("it"), GINT_TO_POINTER (1));
9912 g_tree_insert (ignore_words, g_strdup ("its"), GINT_TO_POINTER (1));
9913 g_tree_insert (ignore_words, g_strdup ("they"), GINT_TO_POINTER (1));
9914 g_tree_insert (ignore_words, g_strdup ("this"), GINT_TO_POINTER (1));
9915 g_tree_insert (ignore_words, g_strdup ("that"), GINT_TO_POINTER (1));
9916 g_tree_insert (ignore_words, g_strdup ("which"), GINT_TO_POINTER (1));
9917 g_tree_insert (ignore_words, g_strdup ("when"), GINT_TO_POINTER (1));
9918 g_tree_insert (ignore_words, g_strdup ("if"), GINT_TO_POINTER (1));
9919 g_tree_insert (ignore_words, g_strdup ("do"), GINT_TO_POINTER (1));
9920 g_tree_insert (ignore_words, g_strdup ("does"), GINT_TO_POINTER (1));
9921 g_tree_insert (ignore_words, g_strdup ("did"), GINT_TO_POINTER (1));
9922 g_tree_insert (ignore_words, g_strdup ("at"), GINT_TO_POINTER (1));
9923 g_tree_insert (ignore_words, g_strdup ("where"), GINT_TO_POINTER (1));
9924 g_tree_insert (ignore_words, g_strdup ("in"), GINT_TO_POINTER (1));
9925 g_tree_insert (ignore_words, g_strdup ("will"), GINT_TO_POINTER (1));
9926 g_tree_insert (ignore_words, g_strdup ("as"), GINT_TO_POINTER (1));
9927 g_tree_insert (ignore_words, g_strdup ("has"), GINT_TO_POINTER (1));
9928 g_tree_insert (ignore_words, g_strdup ("have"), GINT_TO_POINTER (1));
9929 g_tree_insert (ignore_words, g_strdup ("can"), GINT_TO_POINTER (1));
9930 g_tree_insert (ignore_words, g_strdup ("cannot"), GINT_TO_POINTER (1));
9931 g_tree_insert (ignore_words, g_strdup ("been"), GINT_TO_POINTER (1));
9932 g_tree_insert (ignore_words, g_strdup ("with"), GINT_TO_POINTER (1));
9933 g_tree_insert (ignore_words, g_strdup ("under"), GINT_TO_POINTER (1));
9934 g_tree_insert (ignore_words, g_strdup ("for"), GINT_TO_POINTER (1));
9935 g_tree_insert (ignore_words, g_strdup ("than"), GINT_TO_POINTER (1));
9936 g_tree_insert (ignore_words, g_strdup ("seen"), GINT_TO_POINTER (1));
9937 g_tree_insert (ignore_words, g_strdup ("full"), GINT_TO_POINTER (1));
9938 g_tree_insert (ignore_words, g_strdup ("use"), GINT_TO_POINTER (1));
9939 g_tree_insert (ignore_words, g_strdup ("see"), GINT_TO_POINTER (1));
9940 g_tree_insert (ignore_words, g_strdup ("more"), GINT_TO_POINTER (1));
9941
9942 if (sort_order)
9943 word_counts = g_tree_new_full ((GCompareDataFunc) g_ascii_strcasecmp, NULL,
9944 g_free, NULL);
9945 else
9946 word_counts = g_tree_new_full ((GCompareDataFunc) strcasecmp_reverse, NULL,
9947 g_free, NULL);
9948
9949 g_string_append_printf (xml, "<aggregate>");
9950
9951 g_string_append_printf (xml,
9952 "<group_column>%s</group_column>",
9953 group_column);
9954
9955 while (next (aggregate))
9956 {
9957 const gchar *value = aggregate_iterator_value (aggregate);
9958 int count = aggregate_iterator_count (aggregate);
9959
9960 int current_index = 0;
9961 gchar **split_string;
9962
9963 if (!value)
9964 continue;
9965
9966 split_string = g_strsplit_set (value, " \t\n.,:;\"'()[]{}<>&", -1);
9967 while (split_string [current_index])
9968 {
9969 gchar *word = split_string [current_index];
9970 if (strlen (word) >= 3
9971 && g_regex_match (word_regex, word, 0, NULL)
9972 && g_tree_lookup (ignore_words, word) == 0)
9973 {
9974 int word_count
9975 = GPOINTER_TO_INT (g_tree_lookup (word_counts, word));
9976 if (word_count)
9977 {
9978 g_tree_insert (word_counts, word,
9979 GINT_TO_POINTER (word_count + count));
9980 }
9981 else
9982 {
9983 g_tree_insert (word_counts, g_strdup (word),
9984 GINT_TO_POINTER (count));
9985 }
9986 }
9987 current_index++;
9988 }
9989 }
9990
9991 if (sort_stat && strcasecmp (sort_stat, "count") == 0)
9992 {
9993 GSequence *word_counts_sorted;
9994 GSequenceIter *start, *end;
9995 word_counts_sorted = g_sequence_new (g_free);
9996 g_tree_foreach (word_counts,
9997 sort_order
9998 ? copy_word_counts_asc
9999 : copy_word_counts_desc,
10000 word_counts_sorted);
10001
10002 start = g_sequence_get_iter_at_pos (word_counts_sorted, first_group);
10003 if (max_groups < 0)
10004 end = g_sequence_get_end_iter (word_counts_sorted);
10005 else
10006 end = g_sequence_get_iter_at_pos (word_counts_sorted,
10007 first_group + max_groups);
10008
10009 g_sequence_foreach_range (start, end, buffer_word_counts_seq, xml);
10010
10011 g_sequence_free (word_counts_sorted);
10012 }
10013 else
10014 {
10015 // value: use default alphabetical sorting
10016 buffer_counts_data_t counts_data;
10017 counts_data.buffer = xml;
10018 counts_data.skip = first_group;
10019 counts_data.limit = max_groups;
10020 g_tree_foreach (word_counts, buffer_word_counts_tree, &counts_data);
10021 }
10022
10023 g_tree_destroy (word_counts);
10024 g_tree_destroy (ignore_words);
10025
10026 g_string_append (xml, "<column_info>");
10027
10028 g_string_append_printf (xml,
10029 "<aggregate_column>"
10030 "<name>value</name>"
10031 "<stat>value</stat>"
10032 "<type>%s</type>"
10033 "<column>%s</column>"
10034 "<data_type>text</data_type>"
10035 "</aggregate_column>",
10036 type,
10037 group_column);
10038
10039 g_string_append_printf (xml,
10040 "<aggregate_column>"
10041 "<name>count</name>"
10042 "<stat>count</stat>"
10043 "<type>%s</type>"
10044 "<column></column>"
10045 "<data_type>integer</data_type>"
10046 "</aggregate_column>",
10047 type);
10048
10049 g_string_append (xml, "</column_info>");
10050
10051 g_string_append_printf (xml, "</aggregate>");
10052 }
10053
10054 /**
10055 * @brief Buffer a get_aggregates subgroup value from a cumulative count GTree.
10056 *
10057 * @param[in] key The subgroup value used as key in the GTree.
10058 * @param[in] value The cumulative count used as value in the GTree.
10059 * @param[in,out] buffer A GString buffer to output the XML to.
10060 *
10061 * @return Always FALSE.
10062 */
10063 static gboolean
buffer_aggregate_subgroup_value(gchar * key,long int * value,GString * buffer)10064 buffer_aggregate_subgroup_value (gchar *key,
10065 long int *value,
10066 GString *buffer)
10067 {
10068 xml_string_append (buffer, "<value>%s</value>", key ? key : "");
10069 return FALSE;
10070 }
10071
10072 /**
10073 * @brief Buffer XML for an aggregate.
10074 *
10075 * @param[in] xml Buffer into which to buffer aggregate.
10076 * @param[in] aggregate The aggregate iterator.
10077 * @param[in] type The aggregated type.
10078 * @param[in] group_column Column the data are grouped by.
10079 * @param[in] group_column_type Type of the group_column.
10080 * @param[in] subgroup_column Column the data are further grouped by.
10081 * @param[in] subgroup_column_type
10082 * @param[in] data_columns Columns statistics are calculated for.
10083 * @param[in] data_column_types Types of the data_columns.
10084 * @param[in] text_columns Columns used for labels.
10085 * @param[in] text_column_types Types of the text_columns.
10086 * @param[in] c_sums Array for calculating cumulative sums.
10087 */
10088 static void
buffer_aggregate_xml(GString * xml,iterator_t * aggregate,const gchar * type,const char * group_column,const char * group_column_type,const char * subgroup_column,const char * subgroup_column_type,GArray * data_columns,GArray * data_column_types,GArray * text_columns,GArray * text_column_types,GArray * c_sums)10089 buffer_aggregate_xml (GString *xml, iterator_t* aggregate, const gchar* type,
10090 const char* group_column, const char* group_column_type,
10091 const char* subgroup_column,
10092 const char* subgroup_column_type,
10093 GArray *data_columns, GArray *data_column_types,
10094 GArray *text_columns, GArray *text_column_types,
10095 GArray *c_sums)
10096 {
10097 int index;
10098 long c_count, previous_c_count;
10099 gchar *previous_group_value;
10100 long int aggregate_group_count;
10101 GArray *group_mins, *group_maxs, *group_mean_sums, *group_sums, *group_c_sums;
10102 GTree *subgroup_c_counts;
10103 int has_groups = 0;
10104
10105 g_string_append_printf (xml, "<aggregate>");
10106
10107 for (index = 0; index < data_columns->len ;index ++)
10108 {
10109 gchar *column_name = g_array_index (data_columns, gchar*, index);
10110 if (column_name && strcmp (column_name, ""))
10111 {
10112 g_string_append_printf (xml,
10113 "<data_column>%s</data_column>",
10114 column_name);
10115 }
10116 }
10117
10118 for (index = 0; index < text_columns->len ;index ++)
10119 {
10120 gchar *column_name = g_array_index (text_columns, gchar*, index);
10121 if (column_name && strcmp (column_name, ""))
10122 {
10123 g_string_append_printf (xml,
10124 "<text_column>%s</text_column>",
10125 column_name);
10126 }
10127 }
10128
10129 if (group_column)
10130 g_string_append_printf (xml,
10131 "<group_column>%s</group_column>",
10132 group_column);
10133
10134 if (subgroup_column)
10135 g_string_append_printf (xml,
10136 "<subgroup_column>%s</subgroup_column>",
10137 subgroup_column);
10138
10139 previous_group_value = NULL;
10140 aggregate_group_count = 0L;
10141 c_count = 0L;
10142 previous_c_count = 0L;
10143
10144 if (subgroup_column)
10145 {
10146 group_mins = g_array_new (TRUE, TRUE, sizeof (double));
10147 group_maxs = g_array_new (TRUE, TRUE, sizeof (double));
10148 group_mean_sums = g_array_new (TRUE, TRUE, sizeof (double));
10149 group_sums = g_array_new (TRUE, TRUE, sizeof (double));
10150
10151 group_c_sums = g_array_new (TRUE, TRUE, sizeof (GTree*));
10152 for (index = 0; index < data_columns->len; index++)
10153 {
10154 g_array_index (group_c_sums, GTree*, index)
10155 = g_tree_new_full ((GCompareDataFunc) g_strcmp0, NULL,
10156 g_free, g_free);
10157 }
10158
10159 subgroup_c_counts = g_tree_new_full ((GCompareDataFunc) g_strcmp0, NULL,
10160 g_free, g_free);
10161 }
10162 else
10163 {
10164 group_mins = NULL;
10165 group_maxs = NULL;
10166 group_mean_sums = NULL;
10167 group_sums = NULL;
10168 group_c_sums = NULL;
10169 subgroup_c_counts = NULL;
10170 }
10171
10172 while (next (aggregate))
10173 {
10174 const char *value = aggregate_iterator_value (aggregate);
10175 const char *subgroup_value
10176 = aggregate_iterator_subgroup_value (aggregate);
10177 gchar *value_escaped, *subgroup_value_escaped;
10178
10179 has_groups = 1;
10180
10181 c_count += aggregate_iterator_count (aggregate);
10182
10183 if (value && column_is_timestamp (group_column))
10184 {
10185 time_t value_int;
10186 if (sscanf (value, "%ld", &value_int) == 1)
10187 value_escaped = g_strdup (iso_time (&value_int));
10188 else
10189 value_escaped = g_markup_escape_text (value, -1);
10190 }
10191 else if (value && group_column_type
10192 && strcmp (group_column_type, "cvss") == 0)
10193 {
10194 double dbl_value;
10195 sscanf (value, "%lf", &dbl_value);
10196 value_escaped = g_strdup_printf ("%0.1lf", dbl_value);
10197 }
10198 else if (group_column && value)
10199 value_escaped = g_markup_escape_text (value, -1);
10200 else
10201 value_escaped = NULL;
10202
10203 if (subgroup_column && column_is_timestamp (subgroup_column))
10204 {
10205 time_t value_int;
10206 if (sscanf (subgroup_value, "%ld", &value_int) == 1)
10207 subgroup_value_escaped = g_strdup (iso_time (&value_int));
10208 else
10209 subgroup_value_escaped = g_markup_escape_text (subgroup_value, -1);
10210 }
10211 else if (subgroup_value && subgroup_column_type
10212 && strcmp (subgroup_column_type, "cvss") == 0)
10213 {
10214 double dbl_value;
10215 sscanf (subgroup_value, "%lf", &dbl_value);
10216 subgroup_value_escaped = g_strdup_printf ("%0.1lf", dbl_value);
10217 }
10218 else if (subgroup_column && subgroup_value)
10219 subgroup_value_escaped = g_markup_escape_text (subgroup_value, -1);
10220 else
10221 subgroup_value_escaped = NULL;
10222
10223 if (group_column)
10224 {
10225 if (subgroup_column)
10226 {
10227 long int *subgroup_c_count;
10228
10229 // Update cumulative count for subgroup value
10230 subgroup_c_count
10231 = g_tree_lookup (subgroup_c_counts, subgroup_value);
10232 if (subgroup_c_count == NULL)
10233 {
10234 subgroup_c_count = g_malloc0 (sizeof (long int*));
10235 g_tree_insert (subgroup_c_counts,
10236 g_strdup (subgroup_value),
10237 subgroup_c_count);
10238 }
10239 *subgroup_c_count += aggregate_iterator_count (aggregate);
10240
10241 // Output of group elements
10242 if (previous_group_value == NULL)
10243 {
10244 // Output start of first group
10245 g_string_append_printf (xml,
10246 "<group>"
10247 "<value>%s</value>",
10248 value_escaped);
10249 }
10250 else if (strcmp (previous_group_value, value))
10251 {
10252 // First subgroup of a new group:
10253 // output collected data of previous group and close it, ...
10254 g_string_append_printf (xml,
10255 "<count>%ld</count>"
10256 "<c_count>%ld</c_count>",
10257 aggregate_group_count,
10258 previous_c_count);
10259
10260 for (index = 0; index < data_columns->len; index++)
10261 {
10262 gchar *data_column = g_array_index (data_columns,
10263 gchar*, index);
10264 double c_sum = g_array_index (c_sums, double, index);
10265
10266 if (column_is_timestamp (data_column))
10267 {
10268 time_t min, max, mean;
10269 min = (time_t)(g_array_index (group_mins,
10270 double, index));
10271 max = (time_t)(g_array_index (group_maxs,
10272 double, index));
10273 mean = (time_t)(g_array_index (group_mean_sums,
10274 double, index)
10275 / aggregate_group_count);
10276
10277 g_string_append_printf (xml,
10278 "<stats column=\"%s\">"
10279 "<min>%s</min>"
10280 "<max>%s</max>"
10281 "<mean>%s</mean>"
10282 "<sum></sum>"
10283 "<c_sum></c_sum>"
10284 "</stats>",
10285 data_column,
10286 iso_time (&min),
10287 iso_time (&max),
10288 iso_time (&mean));
10289 }
10290 else
10291 g_string_append_printf (xml,
10292 "<stats column=\"%s\">"
10293 "<min>%g</min>"
10294 "<max>%g</max>"
10295 "<mean>%g</mean>"
10296 "<sum>%g</sum>"
10297 "<c_sum>%g</c_sum>"
10298 "</stats>",
10299 data_column,
10300 g_array_index (group_mins,
10301 double, index),
10302 g_array_index (group_maxs,
10303 double, index),
10304 (g_array_index (group_mean_sums,
10305 double, index)
10306 / aggregate_group_count),
10307 g_array_index (group_sums,
10308 double, index),
10309 c_sum);
10310 }
10311
10312 g_string_append_printf (xml,
10313 "</group>");
10314
10315 // ... then start new group
10316 g_string_append_printf (xml,
10317 "<group>"
10318 "<value>%s</value>",
10319 value_escaped);
10320 }
10321
10322 // Update group statistics using current subgroup after output
10323 if (previous_group_value == NULL
10324 || strcmp (previous_group_value, value))
10325 {
10326 // First subgroup of any group:
10327 // Reset group statistics using current subgroup data
10328 aggregate_group_count = aggregate_iterator_count (aggregate);
10329
10330 for (index = 0; index < data_columns->len; index++)
10331 {
10332 g_array_index (group_mins, double, index)
10333 = aggregate_iterator_min (aggregate, index);
10334 g_array_index (group_maxs, double, index)
10335 = aggregate_iterator_max (aggregate, index);
10336 g_array_index (group_mean_sums, double, index)
10337 = (aggregate_iterator_mean (aggregate, index)
10338 * aggregate_iterator_count (aggregate));
10339 g_array_index (group_sums, double, index)
10340 = aggregate_iterator_sum (aggregate, index);
10341 }
10342 }
10343 else
10344 {
10345 // Subgroup, but no new group: Update statistics
10346 aggregate_group_count += aggregate_iterator_count (aggregate);
10347
10348 for (index = 0; index < data_columns->len; index++)
10349 {
10350 g_array_index (group_mins, double, index)
10351 = fmin (aggregate_iterator_min (aggregate, index),
10352 g_array_index (group_mins, double, index));
10353 g_array_index (group_maxs, double, index)
10354 = fmax (aggregate_iterator_max (aggregate, index),
10355 g_array_index (group_maxs, double, index));
10356 g_array_index (group_mean_sums, double, index)
10357 += (aggregate_iterator_mean (aggregate, index)
10358 * aggregate_iterator_count (aggregate));
10359 g_array_index (group_sums, double, index)
10360 += aggregate_iterator_sum (aggregate, index);
10361 }
10362 }
10363
10364 g_free (previous_group_value);
10365 previous_group_value = g_strdup (value);
10366
10367 // Add subgroup values
10368 g_string_append_printf (xml,
10369 "<subgroup>"
10370 "<value>%s</value>"
10371 "<count>%d</count>"
10372 "<c_count>%ld</c_count>",
10373 subgroup_value_escaped
10374 ? subgroup_value_escaped : "",
10375 aggregate_iterator_count (aggregate),
10376 *subgroup_c_count);
10377 }
10378 else
10379 {
10380 // No subgrouping
10381 g_string_append_printf (xml,
10382 "<group>"
10383 "<value>%s</value>"
10384 "<count>%d</count>"
10385 "<c_count>%ld</c_count>",
10386 value_escaped ? value_escaped : "",
10387 aggregate_iterator_count (aggregate),
10388 c_count);
10389 }
10390
10391 previous_c_count = c_count;
10392 }
10393 else
10394 {
10395 g_string_append_printf (xml,
10396 "<overall>"
10397 "<count>%d</count>"
10398 "<c_count>%ld</c_count>",
10399 aggregate_iterator_count (aggregate),
10400 c_count);
10401 }
10402
10403 for (index = 0; index < data_columns->len; index++)
10404 {
10405 gchar *data_column = g_array_index (data_columns, gchar*, index);;
10406 double c_sum;
10407 double *subgroup_c_sum = NULL;
10408
10409 if (subgroup_column && column_is_timestamp (data_column) == FALSE)
10410 {
10411 GTree *c_sum_tree;
10412
10413 c_sum_tree = g_array_index (group_c_sums, GTree*, index);
10414 subgroup_c_sum = g_tree_lookup (c_sum_tree, subgroup_value);
10415
10416 if (subgroup_c_sum == NULL)
10417 {
10418 subgroup_c_sum = g_malloc (sizeof (double *));
10419 *subgroup_c_sum = 0;
10420
10421 g_tree_insert (c_sum_tree,
10422 g_strdup (subgroup_value),
10423 subgroup_c_sum);
10424 }
10425
10426 *subgroup_c_sum += aggregate_iterator_sum (aggregate, index);
10427 }
10428
10429 c_sum = g_array_index (c_sums, double, index);
10430 c_sum += aggregate_iterator_sum (aggregate, index);
10431 g_array_index (c_sums, double, index) = c_sum;
10432
10433 if (column_is_timestamp (data_column))
10434 {
10435 time_t min, max, mean;
10436 min = (time_t)(aggregate_iterator_min (aggregate, index));
10437 max = (time_t)(aggregate_iterator_max (aggregate, index));
10438 mean = (time_t)(aggregate_iterator_mean (aggregate, index));
10439
10440 g_string_append_printf (xml,
10441 "<stats column=\"%s\">"
10442 "<min>%s</min>"
10443 "<max>%s</max>"
10444 "<mean>%s</mean>"
10445 "<sum></sum>"
10446 "<c_sum></c_sum>"
10447 "</stats>",
10448 data_column,
10449 iso_time (&min),
10450 iso_time (&max),
10451 iso_time (&mean));
10452 }
10453 else
10454 {
10455 g_string_append_printf (xml,
10456 "<stats column=\"%s\">"
10457 "<min>%g</min>"
10458 "<max>%g</max>"
10459 "<mean>%g</mean>"
10460 "<sum>%g</sum>"
10461 "<c_sum>%g</c_sum>"
10462 "</stats>",
10463 data_column,
10464 aggregate_iterator_min (aggregate, index),
10465 aggregate_iterator_max (aggregate, index),
10466 aggregate_iterator_mean (aggregate, index),
10467 aggregate_iterator_sum (aggregate, index),
10468 subgroup_column && subgroup_c_sum
10469 ? *subgroup_c_sum : c_sum);
10470 }
10471 }
10472
10473 for (index = 0; index < text_columns->len; index++)
10474 {
10475 const char *text = aggregate_iterator_text (aggregate, index,
10476 data_columns->len);
10477 gchar *text_escaped;
10478 gchar *text_column = g_array_index (text_columns, gchar*, index);
10479
10480 if (text && column_is_timestamp (text_column))
10481 {
10482 time_t text_int;
10483 if (sscanf (text, "%ld", &text_int) == 1)
10484 text_escaped = g_strdup (iso_time (&text_int));
10485 else
10486 text_escaped = g_markup_escape_text (text, -1);
10487 }
10488 else if (text)
10489 text_escaped = g_markup_escape_text (text, -1);
10490 else
10491 text_escaped = NULL;
10492
10493 g_string_append_printf (xml,
10494 "<text column=\"%s\">%s</text>",
10495 text_column,
10496 text_escaped ? text_escaped : "");
10497 g_free (text_escaped);
10498 }
10499
10500 if (subgroup_column)
10501 {
10502 g_string_append_printf (xml, "</subgroup>");
10503 }
10504 else if (group_column)
10505 {
10506 g_string_append_printf (xml, "</group>");
10507 }
10508 else
10509 {
10510 g_string_append_printf (xml, "</overall>");
10511 }
10512 g_free (value_escaped);
10513 g_free (subgroup_value_escaped);
10514 }
10515
10516 if (subgroup_column)
10517 {
10518 // Add elements for last group in case subgroups are used
10519 if (has_groups)
10520 {
10521 g_string_append_printf (xml,
10522 "<count>%ld</count>"
10523 "<c_count>%ld</c_count>"
10524 "</group>",
10525 aggregate_group_count,
10526 previous_c_count);
10527 }
10528
10529 // Also add overview of all subgroup values
10530 g_string_append_printf (xml,
10531 "<subgroups>");
10532
10533 g_tree_foreach (subgroup_c_counts,
10534 (GTraverseFunc) buffer_aggregate_subgroup_value,
10535 xml);
10536
10537 g_string_append_printf (xml,
10538 "</subgroups>");
10539 }
10540
10541 g_string_append (xml, "<column_info>");
10542
10543 if (group_column)
10544 {
10545 g_string_append_printf (xml,
10546 "<aggregate_column>"
10547 "<name>value</name>"
10548 "<stat>value</stat>"
10549 "<type>%s</type>"
10550 "<column>%s</column>"
10551 "<data_type>%s</data_type>"
10552 "</aggregate_column>",
10553 type,
10554 group_column,
10555 group_column_type);
10556 }
10557
10558 if (subgroup_column)
10559 {
10560 g_string_append_printf (xml,
10561 "<aggregate_column>"
10562 "<name>subgroup_value</name>"
10563 "<stat>value</stat>"
10564 "<type>%s</type>"
10565 "<column>%s</column>"
10566 "<data_type>%s</data_type>"
10567 "</aggregate_column>",
10568 type,
10569 subgroup_column,
10570 subgroup_column_type);
10571 }
10572
10573 g_string_append_printf (xml,
10574 "<aggregate_column>"
10575 "<name>count</name>"
10576 "<stat>count</stat>"
10577 "<type>%s</type>"
10578 "<column></column>"
10579 "<data_type>integer</data_type>"
10580 "</aggregate_column>",
10581 type);
10582
10583 g_string_append_printf (xml,
10584 "<aggregate_column>"
10585 "<name>c_count</name>"
10586 "<stat>c_count</stat>"
10587 "<type>%s</type>"
10588 "<column></column>"
10589 "<data_type>integer</data_type>"
10590 "</aggregate_column>",
10591 type);
10592
10593 for (index = 0; index < data_columns->len; index++)
10594 {
10595 gchar *column_name, *column_type;
10596 column_name = g_array_index (data_columns, gchar*, index);
10597 column_type = g_array_index (data_column_types, gchar*, index);
10598 g_string_append_printf (xml,
10599 "<aggregate_column>"
10600 "<name>%s_min</name>"
10601 "<stat>min</stat>"
10602 "<type>%s</type>"
10603 "<column>%s</column>"
10604 "<data_type>%s</data_type>"
10605 "</aggregate_column>",
10606 column_name,
10607 type,
10608 column_name,
10609 column_type);
10610 g_string_append_printf (xml,
10611 "<aggregate_column>"
10612 "<name>%s_max</name>"
10613 "<stat>max</stat>"
10614 "<type>%s</type>"
10615 "<column>%s</column>"
10616 "<data_type>%s</data_type>"
10617 "</aggregate_column>",
10618 column_name,
10619 type,
10620 column_name,
10621 column_type);
10622 g_string_append_printf (xml,
10623 "<aggregate_column>"
10624 "<name>%s_mean</name>"
10625 "<stat>mean</stat>"
10626 "<type>%s</type>"
10627 "<column>%s</column>"
10628 "<data_type>%s</data_type>"
10629 "</aggregate_column>",
10630 column_name,
10631 type,
10632 column_name,
10633 column_type);
10634 g_string_append_printf (xml,
10635 "<aggregate_column>"
10636 "<name>%s_sum</name>"
10637 "<stat>sum</stat>"
10638 "<type>%s</type>"
10639 "<column>%s</column>"
10640 "<data_type>%s</data_type>"
10641 "</aggregate_column>",
10642 column_name,
10643 type,
10644 column_name,
10645 column_type);
10646 g_string_append_printf (xml,
10647 "<aggregate_column>"
10648 "<name>%s_c_sum</name>"
10649 "<stat>c_sum</stat>"
10650 "<type>%s</type>"
10651 "<column>%s</column>"
10652 "<data_type>%s</data_type>"
10653 "</aggregate_column>",
10654 column_name,
10655 type,
10656 column_name,
10657 column_type);
10658 }
10659
10660 for (index = 0; index < text_columns->len; index++)
10661 {
10662 gchar *column_name, *column_type;
10663 column_name = g_array_index (text_columns, gchar*, index);
10664 column_type = g_array_index (text_column_types, gchar*, index);
10665 g_string_append_printf (xml,
10666 "<aggregate_column>"
10667 "<name>%s</name>"
10668 "<stat>text</stat>"
10669 "<type>%s</type>"
10670 "<column>%s</column>"
10671 "<data_type>%s</data_type>"
10672 "</aggregate_column>",
10673 column_name,
10674 type,
10675 column_name,
10676 column_type);
10677 }
10678
10679 g_string_append (xml, "</column_info>");
10680
10681 g_string_append (xml, "</aggregate>");
10682
10683 if (subgroup_column)
10684 {
10685 g_array_free (group_mins, TRUE);
10686 g_array_free (group_maxs, TRUE);
10687 g_array_free (group_mean_sums, TRUE);
10688 g_array_free (group_sums, TRUE);
10689
10690 for (index = 0; index < data_columns->len; index++)
10691 {
10692 g_tree_destroy (g_array_index (group_c_sums, GTree*, index));
10693 }
10694
10695 g_array_free (group_c_sums, TRUE);
10696
10697 g_tree_destroy(subgroup_c_counts);
10698 };
10699 }
10700
10701 /**
10702 * @brief Insert else clause for gmp_xml_handle_start_element.
10703 *
10704 * @param[in] parent Parent element.
10705 * @param[in] element Element.
10706 */
10707 #define CLOSE(parent, element) \
10708 case parent ## _ ## element: \
10709 set_client_state (parent); \
10710 break
10711
10712 /**
10713 * @brief Insert GET case for gmp_xml_handle_end_element.
10714 *
10715 * @param[in] upper What to GET, in uppercase.
10716 * @param[in] lower What to GET, in lowercase.
10717 */
10718 #define CASE_GET_END(upper, lower) \
10719 case CLIENT_GET_ ## upper: \
10720 get_ ## lower ## _run (gmp_parser, error); \
10721 set_client_state (CLIENT_AUTHENTIC); \
10722 break;
10723
10724 /**
10725 * @brief Insert DELETE case for gmp_xml_handle_end_element.
10726 *
10727 * @param[in] upper Resource type in uppercase.
10728 * @param[in] type Resource type.
10729 * @param[in] capital Resource type capitalised.
10730 */
10731 #define CASE_DELETE(upper, type, capital) \
10732 case CLIENT_DELETE_ ## upper : \
10733 if (delete_ ## type ## _data-> type ## _id) \
10734 switch (delete_ ## type (delete_ ## type ## _data-> type ## _id, \
10735 delete_ ## type ## _data->ultimate)) \
10736 { \
10737 case 0: \
10738 SEND_TO_CLIENT_OR_FAIL (XML_OK ("delete_" G_STRINGIFY (type))); \
10739 log_event (G_STRINGIFY(type), capital, \
10740 delete_ ## type ## _data-> type ## _id, "deleted"); \
10741 break; \
10742 case 1: \
10743 SEND_TO_CLIENT_OR_FAIL \
10744 (XML_ERROR_SYNTAX ("delete_" G_STRINGIFY (type), \
10745 capital " is in use")); \
10746 log_event_fail (G_STRINGIFY(type), capital, \
10747 delete_ ## type ## _data-> type ## _id, \
10748 "deleted"); \
10749 break; \
10750 case 2: \
10751 if (send_find_error_to_client \
10752 ("delete_" G_STRINGIFY (type), \
10753 G_STRINGIFY (type), \
10754 delete_ ## type ## _data-> type ## _id, \
10755 gmp_parser)) \
10756 { \
10757 error_send_to_client (error); \
10758 return; \
10759 } \
10760 log_event_fail (G_STRINGIFY(type), capital, \
10761 delete_ ## type ## _data-> type ## _id, \
10762 "deleted"); \
10763 break; \
10764 case 3: \
10765 SEND_TO_CLIENT_OR_FAIL \
10766 (XML_ERROR_SYNTAX ("delete_" G_STRINGIFY (type), \
10767 "Attempt to delete a predefined" \
10768 " " G_STRINGIFY (type))); \
10769 break; \
10770 case 99: \
10771 SEND_TO_CLIENT_OR_FAIL \
10772 (XML_ERROR_SYNTAX ("delete_" G_STRINGIFY (type), \
10773 "Permission denied")); \
10774 log_event_fail (G_STRINGIFY(type), capital, \
10775 delete_ ## type ## _data-> type ## _id, \
10776 "deleted"); \
10777 break; \
10778 default: \
10779 SEND_TO_CLIENT_OR_FAIL \
10780 (XML_INTERNAL_ERROR ("delete_" G_STRINGIFY (type))); \
10781 log_event_fail (G_STRINGIFY(type), capital, \
10782 delete_ ## type ## _data-> type ## _id, \
10783 "deleted"); \
10784 } \
10785 else \
10786 SEND_TO_CLIENT_OR_FAIL \
10787 (XML_ERROR_SYNTAX ("delete_" G_STRINGIFY (type), \
10788 "Attribute " G_STRINGIFY (type) "_id is" \
10789 " required")); \
10790 delete_ ## type ## _data_reset (delete_ ## type ## _data); \
10791 set_client_state (CLIENT_AUTHENTIC); \
10792 break
10793
10794 /**
10795 * @brief Get list of ovaldi definitions files from the SCAP ovaldefs table.
10796 *
10797 * @return String of |-concatenated file names. Free with g_free().
10798 */
10799 static char *
get_ovaldi_files()10800 get_ovaldi_files ()
10801 {
10802 iterator_t iterator;
10803 char *result = NULL;
10804
10805 init_ovaldi_file_iterator (&iterator);
10806 while (next (&iterator))
10807 {
10808 char *tmp;
10809 const char *fname = ovaldi_file_iterator_name (&iterator);
10810
10811 if (!fname)
10812 continue;
10813 tmp = g_strconcat (fname, result ? "|" : "", result, NULL);
10814 g_free (result);
10815 result = tmp;
10816 }
10817 cleanup_iterator (&iterator);
10818 return result;
10819 }
10820
10821 /**
10822 * @brief Handle end of GET_AGGREGATES element.
10823 *
10824 * @param[in] gmp_parser GMP parser.
10825 * @param[in] error Error parameter.
10826 */
10827 static void
handle_get_aggregates(gmp_parser_t * gmp_parser,GError ** error)10828 handle_get_aggregates (gmp_parser_t *gmp_parser, GError **error)
10829 {
10830 iterator_t aggregate;
10831 const char *type;
10832 get_data_t *get;
10833 GArray *data_columns, *data_column_types;
10834 GArray *text_columns, *text_column_types;
10835 GArray *sort_data;
10836 GArray *c_sums;
10837 const char *group_column, *subgroup_column;
10838 char *group_column_type, *subgroup_column_type;
10839 int ret, index;
10840 GString *xml;
10841 gchar *sort_field, *filter;
10842 int first, sort_order;
10843 GString *type_many;
10844
10845 type = get_aggregates_data->type;
10846 if (type == NULL)
10847 {
10848 SEND_TO_CLIENT_OR_FAIL
10849 (XML_ERROR_SYNTAX ("get_aggregates",
10850 "A 'type' attribute is required"));
10851 return;
10852 }
10853
10854 get = &get_aggregates_data->get;
10855
10856 ret = init_get ("get_aggregates",
10857 &get_aggregates_data->get,
10858 "Aggregates",
10859 &first);
10860 if (ret)
10861 {
10862 switch (ret)
10863 {
10864 case 99:
10865 SEND_TO_CLIENT_OR_FAIL
10866 (XML_ERROR_SYNTAX ("get_aggregates",
10867 "Permission denied"));
10868 break;
10869 default:
10870 internal_error_send_to_client (error);
10871 return;
10872 }
10873 get_aggregates_data_reset (get_aggregates_data);
10874 set_client_state (CLIENT_AUTHENTIC);
10875 return;
10876 }
10877
10878 group_column = get_aggregates_data->group_column;
10879 subgroup_column = get_aggregates_data->subgroup_column;
10880
10881 init_aggregate_lists (group_column,
10882 subgroup_column,
10883 get_aggregates_data->data_columns,
10884 get_aggregates_data->text_columns,
10885 get_aggregates_data->sort_data,
10886 &group_column_type, &subgroup_column_type,
10887 &data_column_types, &data_columns,
10888 &text_column_types, &text_columns,
10889 &sort_data,
10890 &c_sums);
10891
10892 if (get_aggregates_data->mode
10893 && strcasecmp (get_aggregates_data->mode, "word_counts") == 0)
10894 {
10895 ret = init_aggregate_iterator (&aggregate, type, get,
10896 0 /* distinct */,
10897 data_columns,
10898 group_column, subgroup_column,
10899 text_columns,
10900 NULL, /* ignore sorting */
10901 0, /* get all groups */
10902 -1,
10903 NULL /* extra_tables */,
10904 NULL /* extra_where */);
10905 }
10906 else
10907 {
10908 ret = init_aggregate_iterator (&aggregate, type, get,
10909 0 /* distinct */,
10910 data_columns,
10911 group_column, subgroup_column,
10912 text_columns,
10913 sort_data,
10914 get_aggregates_data->first_group,
10915 get_aggregates_data->max_groups,
10916 NULL /* extra_tables */,
10917 NULL /* extra_where */);
10918 }
10919
10920 switch (ret)
10921 {
10922 case 0:
10923 break;
10924 case 1:
10925 SEND_TO_CLIENT_OR_FAIL
10926 (XML_ERROR_SYNTAX ("get_aggregates",
10927 "Failed to find resource"));
10928 break;
10929 case 2:
10930 SEND_TO_CLIENT_OR_FAIL
10931 (XML_ERROR_SYNTAX ("get_aggregates",
10932 "Failed to find filter"));
10933 break;
10934 case 3:
10935 SEND_TO_CLIENT_OR_FAIL
10936 (XML_ERROR_SYNTAX ("get_aggregates",
10937 "Invalid data_column"));
10938 break;
10939 case 4:
10940 SEND_TO_CLIENT_OR_FAIL
10941 (XML_ERROR_SYNTAX ("get_aggregates",
10942 "Invalid group_column"));
10943 break;
10944 case 5:
10945 SEND_TO_CLIENT_OR_FAIL
10946 (XML_ERROR_SYNTAX ("get_aggregates",
10947 "Invalid resource type"));
10948 break;
10949 case 6:
10950 SEND_TO_CLIENT_OR_FAIL
10951 (XML_ERROR_SYNTAX ("get_aggregates",
10952 "Trashcan not used by resource type"));
10953 break;
10954 case 7:
10955 SEND_TO_CLIENT_OR_FAIL
10956 (XML_ERROR_SYNTAX ("get_aggregates",
10957 "Invalid text_column"));
10958 break;
10959 case 8:
10960 SEND_TO_CLIENT_OR_FAIL
10961 (XML_ERROR_SYNTAX ("get_aggregates",
10962 "Invalid subgroup_column"));
10963 break;
10964 case 99:
10965 SEND_TO_CLIENT_OR_FAIL
10966 (XML_ERROR_SYNTAX ("get_aggregates",
10967 "Permission denied"));
10968 break;
10969 default:
10970 assert (0);
10971 /* fallthrough */
10972 case -1:
10973 SEND_TO_CLIENT_OR_FAIL
10974 (XML_INTERNAL_ERROR ("get_aggregates"));
10975 break;
10976 }
10977
10978 if (ret)
10979 {
10980 g_array_free (data_columns, TRUE);
10981 g_array_free (data_column_types, TRUE);
10982 for (index = 0; index < sort_data->len; index++)
10983 sort_data_free (g_array_index (sort_data, sort_data_t*, index));
10984 g_array_free (sort_data, TRUE);
10985 g_array_free (c_sums, TRUE);
10986 return;
10987 }
10988
10989 xml = g_string_new ("<get_aggregates_response"
10990 " status_text=\"" STATUS_OK_TEXT "\""
10991 " status=\"" STATUS_OK "\">");
10992
10993 if (get_aggregates_data->mode
10994 && strcasecmp (get_aggregates_data->mode, "word_counts") == 0)
10995 {
10996 buffer_aggregate_wc_xml (xml, &aggregate, type, group_column,
10997 sort_data,
10998 get_aggregates_data->first_group,
10999 get_aggregates_data->max_groups);
11000 }
11001 else
11002 {
11003 buffer_aggregate_xml (xml, &aggregate, type,
11004 group_column, group_column_type,
11005 subgroup_column, subgroup_column_type,
11006 data_columns, data_column_types,
11007 text_columns, text_column_types,
11008 c_sums);
11009 }
11010
11011 if (get->filt_id && strcmp (get->filt_id, FILT_ID_NONE))
11012 {
11013 if (get->filter_replacement)
11014 filter = g_strdup (get->filter_replacement);
11015 else
11016 filter = filter_term (get->filt_id);
11017 if (filter == NULL)
11018 SEND_TO_CLIENT_OR_FAIL
11019 (XML_ERROR_SYNTAX ("get_aggregates",
11020 "Failed to find filter"));
11021 }
11022 else
11023 filter = NULL;
11024
11025 manage_filter_controls (filter ? filter : get->filter,
11026 &first, NULL, &sort_field, &sort_order);
11027
11028 if (filter || get->filter)
11029 {
11030 gchar *new_filter;
11031 new_filter = manage_clean_filter (filter ? filter : get->filter);
11032 g_free (filter);
11033 if ((strcmp (type, "task") == 0)
11034 && (filter_term_value (new_filter, "apply_overrides")
11035 == NULL))
11036 {
11037 filter = new_filter;
11038 new_filter = g_strdup_printf ("apply_overrides=%i %s",
11039 APPLY_OVERRIDES_DEFAULT,
11040 filter);
11041 g_free (filter);
11042 }
11043 filter = new_filter;
11044 }
11045 else
11046 filter = manage_clean_filter ("");
11047
11048 type_many = g_string_new (type);
11049
11050 if (strcmp (type, "info") != 0)
11051 g_string_append (type_many, "s");
11052
11053 buffer_get_filter_xml (xml, type, get, filter, NULL);
11054
11055 g_string_append (xml, "</get_aggregates_response>");
11056
11057 for (index = 0; index < data_columns->len; index++)
11058 g_free (g_array_index (data_columns, gchar*, index));
11059 g_array_free (data_columns, TRUE);
11060 for (index = 0; index < data_column_types->len; index++)
11061 g_free (g_array_index (data_column_types, gchar*, index));
11062 g_array_free (data_column_types, TRUE);
11063 for (index = 0; index < sort_data->len; index++)
11064 sort_data_free (g_array_index (sort_data, sort_data_t*, index));
11065 g_array_free (sort_data, TRUE);
11066 g_array_free (c_sums, TRUE);
11067
11068 SEND_TO_CLIENT_OR_FAIL (xml->str);
11069
11070 cleanup_iterator (&aggregate);
11071 g_string_free (xml, TRUE);
11072 get_aggregates_data_reset (get_aggregates_data);
11073 set_client_state (CLIENT_AUTHENTIC);
11074 }
11075
11076 /**
11077 * @brief Handle end of GET_ALERTS element.
11078 *
11079 * @param[in] gmp_parser GMP parser.
11080 * @param[in] error Error parameter.
11081 */
11082 static void
handle_get_alerts(gmp_parser_t * gmp_parser,GError ** error)11083 handle_get_alerts (gmp_parser_t *gmp_parser, GError **error)
11084 {
11085 iterator_t alerts;
11086 int count, filtered, ret, first;
11087
11088 INIT_GET (alert, Alert);
11089
11090 ret = init_alert_iterator (&alerts, &get_alerts_data->get);
11091 if (ret)
11092 {
11093 switch (ret)
11094 {
11095 case 1:
11096 if (send_find_error_to_client ("get_alerts", "alert",
11097 get_alerts_data->get.id,
11098 gmp_parser))
11099 {
11100 error_send_to_client (error);
11101 return;
11102 }
11103 break;
11104 case 2:
11105 if (send_find_error_to_client
11106 ("get_alerts", "filter", get_alerts_data->get.filt_id,
11107 gmp_parser))
11108 {
11109 error_send_to_client (error);
11110 return;
11111 }
11112 break;
11113 case -1:
11114 SEND_TO_CLIENT_OR_FAIL
11115 (XML_INTERNAL_ERROR ("get_alerts"));
11116 break;
11117 }
11118 get_alerts_data_reset (get_alerts_data);
11119 set_client_state (CLIENT_AUTHENTIC);
11120 return;
11121 }
11122
11123 SEND_GET_START ("alert");
11124 while (1)
11125 {
11126 iterator_t data;
11127 char *filter_uuid;
11128 int notice, message, has_secinfo_type;
11129 const char *method;
11130
11131 ret = get_next (&alerts, &get_alerts_data->get, &first,
11132 &count, init_alert_iterator);
11133 if (ret == 1)
11134 break;
11135 if (ret == -1)
11136 {
11137 internal_error_send_to_client (error);
11138 return;
11139 }
11140 SEND_GET_COMMON (alert, &get_alerts_data->get,
11141 &alerts);
11142
11143 /* Filter. */
11144
11145 filter_uuid = alert_iterator_filter_uuid (&alerts);
11146 if (filter_uuid)
11147 {
11148 SENDF_TO_CLIENT_OR_FAIL ("<filter id=\"%s\">"
11149 "<name>%s</name>"
11150 "<trash>%i</trash>",
11151 filter_uuid,
11152 alert_iterator_filter_name (&alerts),
11153 alert_iterator_filter_trash (&alerts));
11154 if (alert_iterator_filter_readable (&alerts))
11155 SEND_TO_CLIENT_OR_FAIL ("</filter>");
11156 else
11157 SEND_TO_CLIENT_OR_FAIL ("<permissions/>"
11158 "</filter>");
11159 }
11160
11161 /* Condition. */
11162
11163 SENDF_TO_CLIENT_OR_FAIL ("<condition>%s",
11164 alert_condition_name
11165 (alert_iterator_condition (&alerts)));
11166 init_alert_data_iterator (&data, get_iterator_resource (&alerts),
11167 get_alerts_data->get.trash,
11168 "condition");
11169 while (next (&data))
11170 SENDF_TO_CLIENT_OR_FAIL ("<data>"
11171 "<name>%s</name>"
11172 "%s"
11173 "</data>",
11174 alert_data_iterator_name (&data),
11175 alert_data_iterator_data (&data));
11176 cleanup_iterator (&data);
11177
11178 SEND_TO_CLIENT_OR_FAIL ("</condition>");
11179
11180 /* Event. */
11181
11182 SENDF_TO_CLIENT_OR_FAIL ("<event>%s",
11183 event_name (alert_iterator_event (&alerts)));
11184 init_alert_data_iterator (&data, get_iterator_resource (&alerts),
11185 get_alerts_data->get.trash, "event");
11186 has_secinfo_type = 0;
11187 while (next (&data))
11188 {
11189 if (strcmp (alert_data_iterator_name (&data), "secinfo_type")
11190 == 0)
11191 has_secinfo_type = 1;
11192 SENDF_TO_CLIENT_OR_FAIL ("<data>"
11193 "<name>%s</name>"
11194 "%s"
11195 "</data>",
11196 alert_data_iterator_name (&data),
11197 alert_data_iterator_data (&data));
11198 }
11199 if ((alert_iterator_event (&alerts) == EVENT_NEW_SECINFO
11200 || alert_iterator_event (&alerts) == EVENT_UPDATED_SECINFO)
11201 && (has_secinfo_type == 0))
11202 SENDF_TO_CLIENT_OR_FAIL ("<data>"
11203 "<name>secinfo_type</name>"
11204 "NVT"
11205 "</data>");
11206 cleanup_iterator (&data);
11207 SEND_TO_CLIENT_OR_FAIL ("</event>");
11208
11209 /* Method. */
11210
11211 method = alert_method_name (alert_iterator_method (&alerts));
11212 SENDF_TO_CLIENT_OR_FAIL ("<method>%s", method);
11213 init_alert_data_iterator (&data, get_iterator_resource (&alerts),
11214 get_alerts_data->get.trash, "method");
11215 notice = -1;
11216 message = 0;
11217 while (next (&data))
11218 {
11219 const char *name;
11220 name = alert_data_iterator_name (&data);
11221 if (strcmp (name, "notice") == 0)
11222 notice = atoi (alert_data_iterator_data (&data));
11223 else if (strcmp (method, "Email") == 0
11224 && strcmp (name, "message") == 0)
11225 {
11226 if (strlen (alert_data_iterator_data (&data)) == 0)
11227 continue;
11228 message = 1;
11229 }
11230
11231 if (strcmp (name, "scp_credential") == 0
11232 || strcmp (name, "verinice_server_credential") == 0)
11233 {
11234 // Username + Password credentials
11235 const char *credential_id;
11236 credential_t credential;
11237 credential_id = alert_data_iterator_data (&data);
11238 if (find_credential_with_permission (credential_id,
11239 &credential,
11240 "get_credentials"))
11241 {
11242 abort ();
11243 }
11244 else if (credential == 0)
11245 {
11246 SENDF_TO_CLIENT_OR_FAIL ("<data>"
11247 "<name>%s</name>"
11248 "%s"
11249 "</data>",
11250 name,
11251 credential_id);
11252 }
11253 else
11254 {
11255 gchar *cred_name, *username;
11256 cred_name = credential_name (credential);
11257 username = credential_value (credential, "username");
11258
11259 SENDF_TO_CLIENT_OR_FAIL ("<data>"
11260 "<name>%s</name>"
11261 "<credential id=\"%s\">"
11262 "<name>%s</name>"
11263 "<login>%s</login>"
11264 "</credential>"
11265 "%s"
11266 "</data>",
11267 name,
11268 credential_id,
11269 cred_name,
11270 username,
11271 credential_id);
11272
11273 g_free (cred_name);
11274 g_free (username);
11275 }
11276 }
11277 else
11278 {
11279 SENDF_TO_CLIENT_OR_FAIL ("<data>"
11280 "<name>%s</name>"
11281 "%s"
11282 "</data>",
11283 name,
11284 alert_data_iterator_data (&data));
11285 }
11286 }
11287 /* If there is no email message data, send the default. */
11288 if (strcmp (method, "Email") == 0
11289 && message == 0
11290 && (notice == 0 || notice == 2))
11291 SENDF_TO_CLIENT_OR_FAIL ("<data>"
11292 "<name>message</name>"
11293 "%s"
11294 "</data>",
11295 notice == 0
11296 ? ALERT_MESSAGE_INCLUDE
11297 : ALERT_MESSAGE_ATTACH);
11298 cleanup_iterator (&data);
11299 SEND_TO_CLIENT_OR_FAIL ("</method>");
11300
11301 if (get_alerts_data->tasks)
11302 {
11303 iterator_t tasks;
11304
11305 SEND_TO_CLIENT_OR_FAIL ("<tasks>");
11306 init_alert_task_iterator (&tasks,
11307 get_iterator_resource (&alerts), 0);
11308 while (next (&tasks))
11309 {
11310 SENDF_TO_CLIENT_OR_FAIL ("<task id=\"%s\">"
11311 "<name>%s</name>",
11312 alert_task_iterator_uuid (&tasks),
11313 alert_task_iterator_name (&tasks));
11314
11315 if (alert_task_iterator_readable (&tasks))
11316 SEND_TO_CLIENT_OR_FAIL ("</task>");
11317 else
11318 SEND_TO_CLIENT_OR_FAIL ("<permissions/>"
11319 "</task>");
11320 }
11321 cleanup_iterator (&tasks);
11322 SEND_TO_CLIENT_OR_FAIL ("</tasks>");
11323 }
11324
11325 SENDF_TO_CLIENT_OR_FAIL ("<active>%i</active>"
11326 "</alert>",
11327 alert_iterator_active (&alerts));
11328 count++;
11329 }
11330 cleanup_iterator (&alerts);
11331 filtered = get_alerts_data->get.id
11332 ? 1
11333 : alert_count (&get_alerts_data->get);
11334 SEND_GET_END ("alert", &get_alerts_data->get, count, filtered);
11335
11336 get_alerts_data_reset (get_alerts_data);
11337 set_client_state (CLIENT_AUTHENTIC);
11338 }
11339
11340 /**
11341 * @brief Handle end of GET_ASSETS element.
11342 *
11343 * @param[in] gmp_parser GMP parser.
11344 * @param[in] error Error parameter.
11345 */
11346 static void
handle_get_assets(gmp_parser_t * gmp_parser,GError ** error)11347 handle_get_assets (gmp_parser_t *gmp_parser, GError **error)
11348 {
11349 iterator_t assets;
11350 int count, first, filtered, ret;
11351 int (*init_asset_iterator) (iterator_t *, const get_data_t *);
11352 int (*asset_count) (const get_data_t *get);
11353
11354 if (acl_user_may ("get_assets") == 0)
11355 {
11356 SEND_TO_CLIENT_OR_FAIL
11357 (XML_ERROR_SYNTAX ("get_assets",
11358 "Permission denied"));
11359 get_assets_data_reset (get_assets_data);
11360 set_client_state (CLIENT_AUTHENTIC);
11361 return;
11362 }
11363
11364 if (get_assets_data->type == NULL)
11365 {
11366 SEND_TO_CLIENT_OR_FAIL
11367 (XML_ERROR_SYNTAX ("get_assets",
11368 "No type specified."));
11369 get_assets_data_reset (get_assets_data);
11370 set_client_state (CLIENT_AUTHENTIC);
11371 return;
11372 }
11373
11374 /* Set type specific functions. */
11375 if (g_strcmp0 ("host", get_assets_data->type) == 0)
11376 {
11377 INIT_GET (asset, Host);
11378 init_asset_iterator = init_asset_host_iterator;
11379 asset_count = asset_host_count;
11380 get_assets_data->get.subtype = g_strdup ("host");
11381 }
11382 else if (g_strcmp0 ("os", get_assets_data->type) == 0)
11383 {
11384 INIT_GET (asset, Operating System);
11385 init_asset_iterator = init_asset_os_iterator;
11386 asset_count = asset_os_count;
11387 get_assets_data->get.subtype = g_strdup ("os");
11388 }
11389 else
11390 {
11391 if (send_find_error_to_client ("get_assets", "type",
11392 get_assets_data->type, gmp_parser))
11393 {
11394 error_send_to_client (error);
11395 }
11396 get_assets_data_reset (get_assets_data);
11397 set_client_state (CLIENT_AUTHENTIC);
11398 return;
11399 }
11400
11401 ret = init_asset_iterator (&assets, &get_assets_data->get);
11402 if (ret)
11403 {
11404 switch (ret)
11405 {
11406 case 1:
11407 if (send_find_error_to_client ("get_assets", "type",
11408 get_assets_data->type,
11409 gmp_parser))
11410 {
11411 error_send_to_client (error);
11412 return;
11413 }
11414 break;
11415 case 2:
11416 if (send_find_error_to_client
11417 ("get_assets", "filter", get_assets_data->get.filt_id,
11418 gmp_parser))
11419 {
11420 error_send_to_client (error);
11421 return;
11422 }
11423 break;
11424 case -1:
11425 SEND_TO_CLIENT_OR_FAIL
11426 (XML_INTERNAL_ERROR ("get_assets"));
11427 break;
11428 }
11429 get_assets_data_reset (get_assets_data);
11430 set_client_state (CLIENT_AUTHENTIC);
11431 return;
11432 }
11433
11434 count = 0;
11435 manage_filter_controls (get_assets_data->get.filter, &first, NULL, NULL, NULL);
11436 SEND_GET_START ("asset");
11437 while (next (&assets))
11438 {
11439 GString *result;
11440 iterator_t identifiers;
11441 resource_t asset;
11442 gchar *routes_xml;
11443
11444 asset = get_iterator_resource (&assets);
11445 /* Assets are currently always writable. */
11446 if (send_get_common ("asset", &get_assets_data->get, &assets,
11447 gmp_parser->client_writer,
11448 gmp_parser->client_writer_data,
11449 asset_iterator_writable (&assets),
11450 asset_iterator_in_use (&assets)))
11451 {
11452 error_send_to_client (error);
11453 return;
11454 }
11455
11456 result = g_string_new ("");
11457
11458 /* Information depending on type. */
11459
11460 if (g_strcmp0 ("host", get_assets_data->type) == 0)
11461 {
11462 xml_string_append (result, "<identifiers>");
11463 init_host_identifier_iterator (&identifiers,
11464 get_iterator_resource (&assets),
11465 0, NULL);
11466 while (next (&identifiers))
11467 {
11468 const char *source_type;
11469 gchar *name;
11470
11471 source_type = host_identifier_iterator_source_type
11472 (&identifiers);
11473 if (strcmp (source_type, "User") == 0)
11474 name = user_name (host_identifier_iterator_source_id
11475 (&identifiers));
11476 else
11477 name = NULL;
11478
11479 xml_string_append (result,
11480 "<identifier id=\"%s\">"
11481 "<name>%s</name>"
11482 "<value>%s</value>"
11483 "<creation_time>%s</creation_time>"
11484 "<modification_time>%s</modification_time>"
11485 "<source id=\"%s\">"
11486 "<type>%s</type>"
11487 "<data>%s</data>"
11488 "<deleted>%i</deleted>"
11489 "<name>%s</name>"
11490 "</source>",
11491 get_iterator_uuid (&identifiers),
11492 get_iterator_name (&identifiers),
11493 host_identifier_iterator_value (&identifiers),
11494 get_iterator_creation_time (&identifiers),
11495 get_iterator_modification_time (&identifiers),
11496 host_identifier_iterator_source_id
11497 (&identifiers),
11498 source_type,
11499 host_identifier_iterator_source_data
11500 (&identifiers),
11501 host_identifier_iterator_source_orphan
11502 (&identifiers),
11503 name ? name : "");
11504
11505 g_free (name);
11506
11507 if (strcmp (get_iterator_name (&identifiers), "OS") == 0)
11508 xml_string_append (result,
11509 "<os id=\"%s\">"
11510 "<title>%s</title>"
11511 "</os>",
11512 host_identifier_iterator_os_id
11513 (&identifiers),
11514 host_identifier_iterator_os_title
11515 (&identifiers));
11516
11517 xml_string_append (result, "</identifier>");
11518 }
11519 cleanup_iterator (&identifiers);
11520 xml_string_append (result, "</identifiers>");
11521 }
11522
11523 g_string_append_printf (result, "<type>%s</type>",
11524 get_assets_data->type);
11525 g_string_append_printf (result, "<%s>", get_assets_data->type);
11526
11527 if (g_strcmp0 ("os", get_assets_data->type) == 0)
11528 {
11529 iterator_t os_hosts;
11530 const char *latest, *highest, *average;
11531
11532 latest = asset_os_iterator_latest_severity (&assets);
11533 highest = asset_os_iterator_highest_severity (&assets);
11534 average = asset_os_iterator_average_severity (&assets);
11535 g_string_append_printf (result,
11536 "<latest_severity>"
11537 "<value>%s</value>"
11538 "</latest_severity>"
11539 "<highest_severity>"
11540 "<value>%s</value>"
11541 "</highest_severity>"
11542 "<average_severity>"
11543 "<value>%s</value>"
11544 "</average_severity>",
11545 latest ? latest : "",
11546 highest ? highest : "",
11547 average ? average : "");
11548
11549 g_string_append_printf (result,
11550 "<title>%s</title>"
11551 "<installs>%i</installs>"
11552 "<hosts>"
11553 "%i",
11554 asset_os_iterator_title (&assets),
11555 asset_os_iterator_installs (&assets),
11556 asset_os_iterator_installs (&assets));
11557 init_os_host_iterator (&os_hosts,
11558 get_iterator_resource (&assets));
11559 while (next (&os_hosts))
11560 {
11561 const char *severity;
11562 severity = os_host_iterator_severity (&os_hosts);
11563 g_string_append_printf (result,
11564 "<asset id=\"%s\">"
11565 "<name>%s</name>"
11566 "<severity>"
11567 "<value>%s</value>"
11568 "</severity>"
11569 "</asset>",
11570 get_iterator_uuid (&os_hosts),
11571 get_iterator_name (&os_hosts),
11572 severity ? severity : "");
11573 }
11574 cleanup_iterator (&os_hosts);
11575 g_string_append_printf (result, "</hosts>");
11576 }
11577 else if (g_strcmp0 ("host", get_assets_data->type) == 0)
11578 {
11579 const char *severity;
11580 iterator_t details;
11581
11582 severity = asset_host_iterator_severity (&assets);
11583 g_string_append_printf (result,
11584 "<severity>"
11585 "<value>%s</value>"
11586 "</severity>",
11587 severity ? severity : "");
11588
11589 init_host_detail_iterator (&details,
11590 get_iterator_resource (&assets));
11591 while (next (&details))
11592 g_string_append_printf (result,
11593 "<detail>"
11594 "<name>%s</name>"
11595 "<value>%s</value>"
11596 "<source id=\"%s\">"
11597 "<type>%s</type>"
11598 "</source>"
11599 "</detail>",
11600 host_detail_iterator_name
11601 (&details),
11602 host_detail_iterator_value
11603 (&details),
11604 host_detail_iterator_source_id
11605 (&details),
11606 host_detail_iterator_source_type
11607 (&details));
11608 cleanup_iterator (&details);
11609
11610 if (get_assets_data->details || get_assets_data->get.id)
11611 {
11612 routes_xml = host_routes_xml (asset);
11613 g_string_append (result, routes_xml);
11614 g_free (routes_xml);
11615 }
11616 }
11617
11618 g_string_append_printf (result,
11619 "</%s>"
11620 "</asset>",
11621 get_assets_data->type);
11622 SEND_TO_CLIENT_OR_FAIL (result->str);
11623 count++;
11624 g_string_free (result, TRUE);
11625 }
11626 cleanup_iterator (&assets);
11627
11628 if (get_assets_data->details == 1)
11629 SEND_TO_CLIENT_OR_FAIL ("<details>1</details>");
11630
11631 filtered = get_assets_data->get.id
11632 ? 1
11633 : asset_count (&get_assets_data->get);
11634
11635 SEND_GET_END ("asset", &get_assets_data->get, count, filtered);
11636
11637 get_assets_data_reset (get_assets_data);
11638 set_client_state (CLIENT_AUTHENTIC);
11639 }
11640
11641 /**
11642 * @brief Handle end of GET_CONFIGS element.
11643 *
11644 * @param[in] gmp_parser GMP parser.
11645 * @param[in] error Error parameter.
11646 */
11647 static void
handle_get_configs(gmp_parser_t * gmp_parser,GError ** error)11648 handle_get_configs (gmp_parser_t *gmp_parser, GError **error)
11649 {
11650 iterator_t configs;
11651 int ret, filtered, first, count;
11652
11653 INIT_GET (config, Config);
11654 ret = init_config_iterator (&configs, &get_configs_data->get);
11655 if (ret)
11656 {
11657 switch (ret)
11658 {
11659 case 1:
11660 if (send_find_error_to_client
11661 ("get_configs", "config", get_configs_data->get.id,
11662 gmp_parser))
11663 {
11664 error_send_to_client (error);
11665 return;
11666 }
11667 break;
11668 case 2:
11669 if (send_find_error_to_client
11670 ("get_configs", "filter", get_configs_data->get.filt_id,
11671 gmp_parser))
11672 {
11673 error_send_to_client (error);
11674 return;
11675 }
11676 break;
11677 case -1:
11678 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_configs"));
11679 break;
11680 }
11681 get_configs_data_reset (get_configs_data);
11682 set_client_state (CLIENT_AUTHENTIC);
11683 return;
11684 }
11685
11686 SEND_GET_START ("config");
11687 while (1)
11688 {
11689 int config_nvts_growing, config_families_growing, config_type;
11690 const char *selector, *usage_type;
11691 config_t config;
11692
11693 ret = get_next (&configs, &get_configs_data->get, &first,
11694 &count, init_config_iterator);
11695 if (ret == 1)
11696 break;
11697 if (ret == -1)
11698 {
11699 internal_error_send_to_client (error);
11700 return;
11701 }
11702 SEND_GET_COMMON (config, &get_configs_data->get, &configs);
11703
11704 /** @todo This should really be an nvt_selector_t. */
11705 selector = config_iterator_nvt_selector (&configs);
11706 config = get_iterator_resource (&configs);
11707 config_nvts_growing = config_iterator_nvts_growing (&configs);
11708 config_type = config_iterator_type (&configs);
11709 usage_type = config_iterator_usage_type (&configs);
11710 config_families_growing = config_iterator_families_growing
11711 (&configs);
11712
11713 SENDF_TO_CLIENT_OR_FAIL ("<family_count>"
11714 "%i<growing>%i</growing>"
11715 "</family_count>"
11716 /* The number of NVT's selected
11717 * by the selector. */
11718 "<nvt_count>"
11719 "%i<growing>%i</growing>"
11720 "</nvt_count>"
11721 "<type>%i</type>"
11722 "<usage_type>%s</usage_type>"
11723 "<predefined>%i</predefined>",
11724 config_iterator_family_count (&configs),
11725 config_families_growing,
11726 config_iterator_nvt_count (&configs),
11727 config_nvts_growing,
11728 config_type,
11729 usage_type,
11730 config_iterator_predefined (&configs));
11731
11732 if (config_type == 0 && (get_configs_data->families
11733 || get_configs_data->get.details))
11734 {
11735 iterator_t families;
11736 int max_nvt_count = 0, known_nvt_count = 0;
11737
11738 SENDF_TO_CLIENT_OR_FAIL ("<families>");
11739 init_family_iterator (&families, config_families_growing, selector,
11740 1);
11741 while (next (&families))
11742 {
11743 int family_growing, family_max;
11744 int family_selected_count;
11745 const char *family;
11746
11747 family = family_iterator_name (&families);
11748 if (family)
11749 {
11750 family_growing = nvt_selector_family_growing
11751 (selector, family, config_families_growing);
11752 family_max = family_nvt_count (family);
11753 family_selected_count
11754 = nvt_selector_nvt_count (selector, family, family_growing);
11755 known_nvt_count += family_selected_count;
11756 }
11757 else
11758 {
11759 /* The family can be NULL if an RC adds an
11760 * NVT to a config and the NVT is missing
11761 * from the NVT cache. */
11762 family_growing = 0;
11763 family_max = -1;
11764 family_selected_count = nvt_selector_nvt_count
11765 (selector, NULL, 0);
11766 }
11767
11768 SENDF_TO_CLIENT_OR_FAIL
11769 ("<family>"
11770 "<name>%s</name>"
11771 /* The number of selected NVT's. */
11772 "<nvt_count>%i</nvt_count>"
11773 /* The total number of NVT's in the family. */
11774 "<max_nvt_count>%i</max_nvt_count>"
11775 "<growing>%i</growing>"
11776 "</family>",
11777 family ? family : "",
11778 family_selected_count,
11779 family_max,
11780 family_growing);
11781 if (family_max > 0)
11782 max_nvt_count += family_max;
11783 }
11784 cleanup_iterator (&families);
11785 SENDF_TO_CLIENT_OR_FAIL
11786 ("</families>"
11787 /* The total number of NVT's in all the
11788 * families for selector selects at least one
11789 * NVT. */
11790 "<max_nvt_count>%i</max_nvt_count>"
11791 /* Total number of selected known NVT's. */
11792 "<known_nvt_count>"
11793 "%i"
11794 "</known_nvt_count>",
11795 max_nvt_count,
11796 known_nvt_count);
11797 }
11798
11799 if (config_type > 0)
11800 {
11801 iterator_t prefs;
11802 scanner_t scanner;
11803 char *s_uuid, *s_name;
11804
11805 assert (config);
11806 scanner = config_iterator_scanner (&configs);
11807
11808 if (config_iterator_scanner_trash (&configs))
11809 {
11810 s_uuid = trash_scanner_uuid (scanner);
11811 s_name = trash_scanner_name (scanner);
11812 }
11813 else
11814 {
11815 s_uuid = scanner_uuid (scanner);
11816 s_name = scanner_name (scanner);
11817 }
11818
11819 SENDF_TO_CLIENT_OR_FAIL ("<scanner id='%s'>"
11820 "%s"
11821 "<trash>%d</trash>"
11822 "</scanner>",
11823 s_uuid, s_name,
11824 config_iterator_scanner_trash (&configs));
11825
11826 g_free (s_uuid);
11827 g_free (s_name);
11828 SEND_TO_CLIENT_OR_FAIL ("<preferences>");
11829
11830 init_config_preference_iterator (&prefs, config);
11831 while (next (&prefs))
11832 {
11833 const char *name, *hr_name, *value, *type, *def;
11834 char *ovaldi_files = NULL;
11835
11836 hr_name = config_preference_iterator_hr_name (&prefs);
11837 name = config_preference_iterator_name (&prefs);
11838 value = config_preference_iterator_value (&prefs);
11839 def = config_preference_iterator_default (&prefs);
11840 if (!strcmp (name, "definitions_file"))
11841 ovaldi_files = get_ovaldi_files ();
11842 type = config_preference_iterator_type (&prefs);
11843 SENDF_TO_CLIENT_OR_FAIL
11844 ("<preference>"
11845 "<nvt oid=\"\"><name/></nvt>"
11846 "<hr_name>%s</hr_name>"
11847 "<id/>"
11848 "<name>%s</name>"
11849 "<type>osp_%s</type>"
11850 "<value>%s</value>"
11851 "<default>%s</default>"
11852 "</preference>",
11853 hr_name, name, type, value ?: "", ovaldi_files ?: def);
11854 g_free (ovaldi_files);
11855 }
11856 cleanup_iterator (&prefs);
11857 SEND_TO_CLIENT_OR_FAIL ("</preferences>");
11858 }
11859 else if (get_configs_data->preferences
11860 || get_configs_data->get.details)
11861 {
11862 iterator_t prefs;
11863
11864 assert (config);
11865
11866 SEND_TO_CLIENT_OR_FAIL ("<preferences>");
11867
11868 /* Send NVT timeout preferences where a timeout has been
11869 * specified. */
11870 init_config_timeout_iterator (&prefs, config);
11871 while (next (&prefs))
11872 {
11873 const char *timeout;
11874
11875 timeout = config_timeout_iterator_value (&prefs);
11876
11877 if (timeout && strlen (timeout))
11878 SENDF_TO_CLIENT_OR_FAIL
11879 ("<preference>"
11880 "<nvt oid=\"%s\">"
11881 "<name>%s</name>"
11882 "</nvt>"
11883 "<id>0</id>"
11884 "<name>Timeout</name>"
11885 "<type>entry</type>"
11886 "<value>%s</value>"
11887 "</preference>",
11888 config_timeout_iterator_oid (&prefs),
11889 config_timeout_iterator_nvt_name (&prefs),
11890 timeout);
11891 }
11892 cleanup_iterator (&prefs);
11893
11894 init_nvt_preference_iterator (&prefs, NULL);
11895 while (next (&prefs))
11896 {
11897 GString *buffer = g_string_new ("");
11898 buffer_config_preference_xml (buffer, &prefs, config, 1);
11899 SEND_TO_CLIENT_OR_FAIL (buffer->str);
11900 g_string_free (buffer, TRUE);
11901 }
11902 cleanup_iterator (&prefs);
11903
11904 SEND_TO_CLIENT_OR_FAIL ("</preferences>");
11905 }
11906
11907 if (config_type == 0 && get_configs_data->get.details)
11908 {
11909 iterator_t selectors;
11910
11911 SEND_TO_CLIENT_OR_FAIL ("<nvt_selectors>");
11912
11913 init_nvt_selector_iterator (&selectors, NULL, config,
11914 NVT_SELECTOR_TYPE_ANY);
11915 while (next (&selectors))
11916 {
11917 int type = nvt_selector_iterator_type (&selectors);
11918 SENDF_TO_CLIENT_OR_FAIL
11919 ("<nvt_selector>"
11920 "<name>%s</name>"
11921 "<include>%i</include>"
11922 "<type>%i</type>"
11923 "<family_or_nvt>%s</family_or_nvt>"
11924 "</nvt_selector>",
11925 nvt_selector_iterator_name (&selectors),
11926 nvt_selector_iterator_include (&selectors),
11927 type,
11928 (type == NVT_SELECTOR_TYPE_ALL
11929 ? "" : nvt_selector_iterator_nvt (&selectors)));
11930 }
11931 cleanup_iterator (&selectors);
11932
11933 SEND_TO_CLIENT_OR_FAIL ("</nvt_selectors>");
11934 }
11935
11936 if (get_configs_data->tasks)
11937 {
11938 iterator_t tasks;
11939
11940 SEND_TO_CLIENT_OR_FAIL ("<tasks>");
11941 init_config_task_iterator
11942 (&tasks, get_iterator_resource (&configs), 0);
11943 while (next (&tasks))
11944 {
11945 if (config_task_iterator_readable (&tasks) == 0)
11946 /* Only show tasks the user may see. */
11947 continue;
11948
11949 SENDF_TO_CLIENT_OR_FAIL
11950 ("<task id=\"%s\">"
11951 "<name>%s</name>",
11952 config_task_iterator_uuid (&tasks),
11953 config_task_iterator_name (&tasks));
11954 if (config_task_iterator_readable (&tasks))
11955 SEND_TO_CLIENT_OR_FAIL ("</task>");
11956 else
11957 SEND_TO_CLIENT_OR_FAIL ("<permissions/>"
11958 "</task>");
11959 }
11960 cleanup_iterator (&tasks);
11961 SEND_TO_CLIENT_OR_FAIL ("</tasks>");
11962 }
11963
11964 SEND_TO_CLIENT_OR_FAIL ("</config>");
11965 count++;
11966 }
11967 cleanup_iterator (&configs);
11968 filtered = get_configs_data->get.id
11969 ? 1 : config_count (&get_configs_data->get);
11970 SEND_GET_END ("config", &get_configs_data->get, count, filtered);
11971
11972 get_configs_data_reset (get_configs_data);
11973 set_client_state (CLIENT_AUTHENTIC);
11974 }
11975
11976 /**
11977 * @brief Handle end of GET_CREDENTIALS element.
11978 *
11979 * @param[in] gmp_parser GMP parser.
11980 * @param[in] error Error parameter.
11981 */
11982 static void
handle_get_credentials(gmp_parser_t * gmp_parser,GError ** error)11983 handle_get_credentials (gmp_parser_t *gmp_parser, GError **error)
11984 {
11985 iterator_t credentials;
11986 int count, filtered, ret, first;
11987 credential_format_t format;
11988 char *data_format;
11989
11990 data_format = get_credentials_data->format;
11991 if (data_format)
11992 {
11993 if (strlen (data_format))
11994 {
11995 if (strcasecmp (data_format, "key") == 0)
11996 format = CREDENTIAL_FORMAT_KEY;
11997 else if (strcasecmp (data_format, "rpm") == 0)
11998 format = CREDENTIAL_FORMAT_RPM;
11999 else if (strcasecmp (data_format, "deb") == 0)
12000 format = CREDENTIAL_FORMAT_DEB;
12001 else if (strcasecmp (data_format, "exe") == 0)
12002 format = CREDENTIAL_FORMAT_EXE;
12003 else if (strcasecmp (data_format, "pem") == 0)
12004 format = CREDENTIAL_FORMAT_PEM;
12005 else
12006 format = CREDENTIAL_FORMAT_ERROR;
12007 }
12008 else
12009 format = CREDENTIAL_FORMAT_NONE;
12010 }
12011 else
12012 format = CREDENTIAL_FORMAT_NONE;
12013
12014 if (format == CREDENTIAL_FORMAT_ERROR)
12015 SEND_TO_CLIENT_OR_FAIL
12016 (XML_ERROR_SYNTAX ("get_credentials",
12017 "Format attribute should"
12018 " be 'key', 'rpm', 'deb', 'exe' or 'pem'"));
12019
12020 INIT_GET (credential, Credential);
12021
12022 ret = init_credential_iterator (&credentials,
12023 &get_credentials_data->get);
12024 if (ret)
12025 {
12026 switch (ret)
12027 {
12028 case 1:
12029 if (send_find_error_to_client ("get_credentials",
12030 "credential",
12031 get_credentials_data->get.id,
12032 gmp_parser))
12033 {
12034 error_send_to_client (error);
12035 return;
12036 }
12037 break;
12038 case 2:
12039 if (send_find_error_to_client ("get_credentials",
12040 "filter",
12041 get_credentials_data->get.filt_id,
12042 gmp_parser))
12043 {
12044 error_send_to_client (error);
12045 return;
12046 }
12047 break;
12048 case -1:
12049 SEND_TO_CLIENT_OR_FAIL
12050 (XML_INTERNAL_ERROR ("get_credentials"));
12051 break;
12052 }
12053 get_credentials_data_reset (get_credentials_data);
12054 set_client_state (CLIENT_AUTHENTIC);
12055 return;
12056 }
12057
12058 SEND_GET_START("credential");
12059 while (1)
12060 {
12061 const char *private_key, *public_key, *login, *type, *cert;
12062 gchar *formats_xml;
12063
12064 ret = get_next (&credentials, &get_credentials_data->get,
12065 &first, &count, init_credential_iterator);
12066 if (ret == 1)
12067 break;
12068 if (ret == -1)
12069 {
12070 internal_error_send_to_client (error);
12071 return;
12072 }
12073
12074 SEND_GET_COMMON (credential, &get_credentials_data->get, &credentials);
12075 private_key = credential_iterator_private_key (&credentials);
12076 public_key = credential_iterator_public_key (&credentials);
12077 login = credential_iterator_login (&credentials);
12078 type = credential_iterator_type (&credentials);
12079 cert = credential_iterator_certificate (&credentials);
12080
12081 SENDF_TO_CLIENT_OR_FAIL
12082 ("<allow_insecure>%d</allow_insecure>"
12083 "<login>%s</login>"
12084 "<type>%s</type>"
12085 "<full_type>%s</full_type>",
12086 credential_iterator_allow_insecure (&credentials),
12087 login ? login : "",
12088 type ? type : "",
12089 type ? credential_full_type (type) : "");
12090
12091 formats_xml = credential_iterator_formats_xml (&credentials);
12092 SEND_TO_CLIENT_OR_FAIL (formats_xml);
12093 g_free (formats_xml);
12094
12095 if (type && (strcmp (type, "snmp") == 0))
12096 {
12097 const char *auth_algorithm, *privacy_algorithm;
12098 auth_algorithm
12099 = credential_iterator_auth_algorithm (&credentials);
12100 privacy_algorithm
12101 = credential_iterator_privacy_algorithm (&credentials);
12102
12103 SENDF_TO_CLIENT_OR_FAIL
12104 ("<auth_algorithm>%s</auth_algorithm>"
12105 "<privacy><algorithm>%s</algorithm></privacy>",
12106 auth_algorithm ? auth_algorithm : "",
12107 privacy_algorithm ? privacy_algorithm : "");
12108 }
12109
12110 if (cert && get_credentials_data->get.details)
12111 {
12112 /* get certificate info */
12113 time_t activation_time, expiration_time;
12114 gchar *activation_time_str, *expiration_time_str;
12115 gchar *md5_fingerprint, *issuer;
12116
12117 get_certificate_info (cert,
12118 -1,
12119 &activation_time,
12120 &expiration_time,
12121 &md5_fingerprint,
12122 NULL, /* sha256_fingerprint */
12123 NULL, /* subject */
12124 &issuer,
12125 NULL, /* serial */
12126 NULL); /* certificate_format */
12127
12128 activation_time_str = certificate_iso_time (activation_time);
12129 expiration_time_str = certificate_iso_time (expiration_time);
12130 SENDF_TO_CLIENT_OR_FAIL
12131 ("<certificate_info>"
12132 "<time_status>%s</time_status>"
12133 "<activation_time>%s</activation_time>"
12134 "<expiration_time>%s</expiration_time>"
12135 "<md5_fingerprint>%s</md5_fingerprint>"
12136 "<issuer>%s</issuer>"
12137 "</certificate_info>",
12138 certificate_time_status (activation_time, expiration_time),
12139 activation_time_str,
12140 expiration_time_str,
12141 md5_fingerprint ? md5_fingerprint : "",
12142 issuer ? issuer : "");
12143 g_free (activation_time_str);
12144 g_free (expiration_time_str);
12145 g_free (md5_fingerprint);
12146 g_free (issuer);
12147 }
12148
12149 switch (format)
12150 {
12151 char *package;
12152
12153 case CREDENTIAL_FORMAT_KEY:
12154 {
12155 if (public_key && strcmp (public_key, ""))
12156 {
12157 SENDF_TO_CLIENT_OR_FAIL
12158 ("<public_key>%s</public_key>", public_key);
12159 }
12160 else
12161 {
12162 char *pub;
12163 const char *pass;
12164
12165 pass = credential_iterator_password (&credentials);
12166 pub = gvm_ssh_public_from_private (private_key, pass);
12167 SENDF_TO_CLIENT_OR_FAIL
12168 ("<public_key>%s</public_key>", pub ?: "");
12169 g_free (pub);
12170 }
12171 break;
12172 }
12173 case CREDENTIAL_FORMAT_RPM:
12174 package = credential_iterator_rpm (&credentials);
12175 SENDF_TO_CLIENT_OR_FAIL
12176 ("<package format=\"rpm\">%s</package>", package ?: "");
12177 g_free (package);
12178 break;
12179 case CREDENTIAL_FORMAT_DEB:
12180 package = credential_iterator_deb (&credentials);
12181 SENDF_TO_CLIENT_OR_FAIL
12182 ("<package format=\"deb\">%s</package>", package ?: "");
12183 g_free (package);
12184 break;
12185 case CREDENTIAL_FORMAT_EXE:
12186 package = credential_iterator_exe (&credentials);
12187 SENDF_TO_CLIENT_OR_FAIL
12188 ("<package format=\"exe\">%s</package>", package ?: "");
12189 g_free (package);
12190 break;
12191 case CREDENTIAL_FORMAT_PEM:
12192 {
12193 SENDF_TO_CLIENT_OR_FAIL
12194 ("<certificate>%s</certificate>", cert ?: "");
12195 break;
12196 }
12197 case CREDENTIAL_FORMAT_NONE:
12198 break;
12199 default:
12200 g_warning ("%s: Unexpected credential format.", __func__);
12201 }
12202
12203 if (get_credentials_data->scanners)
12204 {
12205 iterator_t scanners;
12206
12207 SENDF_TO_CLIENT_OR_FAIL ("<scanners>");
12208 init_credential_scanner_iterator
12209 (&scanners, get_iterator_resource (&credentials), 0);
12210 while (next (&scanners))
12211 {
12212 SENDF_TO_CLIENT_OR_FAIL
12213 ("<scanner id=\"%s\">"
12214 "<name>%s</name>",
12215 credential_scanner_iterator_uuid (&scanners),
12216 credential_scanner_iterator_name (&scanners));
12217 if (credential_scanner_iterator_readable (&scanners))
12218 SEND_TO_CLIENT_OR_FAIL ("</scanner>");
12219 else
12220 SEND_TO_CLIENT_OR_FAIL ("<permissions/>"
12221 "</scanner>");
12222 }
12223 cleanup_iterator (&scanners);
12224
12225 SEND_TO_CLIENT_OR_FAIL ("</scanners>");
12226 }
12227
12228 if (get_credentials_data->targets)
12229 {
12230 iterator_t targets;
12231
12232 SENDF_TO_CLIENT_OR_FAIL ("<targets>");
12233 init_credential_target_iterator
12234 (&targets, get_iterator_resource (&credentials), 0);
12235 while (next (&targets))
12236 {
12237 SENDF_TO_CLIENT_OR_FAIL
12238 ("<target id=\"%s\">"
12239 "<name>%s</name>",
12240 credential_target_iterator_uuid (&targets),
12241 credential_target_iterator_name (&targets));
12242 if (credential_target_iterator_readable (&targets))
12243 SEND_TO_CLIENT_OR_FAIL ("</target>");
12244 else
12245 SEND_TO_CLIENT_OR_FAIL ("<permissions/>"
12246 "</target>");
12247 }
12248 cleanup_iterator (&targets);
12249
12250 SEND_TO_CLIENT_OR_FAIL ("</targets>");
12251 }
12252
12253 SEND_TO_CLIENT_OR_FAIL ("</credential>");
12254 count++;
12255 }
12256
12257 cleanup_iterator (&credentials);
12258 filtered = get_credentials_data->get.id
12259 ? 1
12260 : credential_count (&get_credentials_data->get);
12261 SEND_GET_END ("credential", &get_credentials_data->get,
12262 count, filtered);
12263 get_credentials_data_reset (get_credentials_data);
12264 set_client_state (CLIENT_AUTHENTIC);
12265 }
12266
12267 /**
12268 * @brief Get a single feed.
12269 *
12270 * @param[in] feed_type Feed type.
12271 *
12272 * @return Name of feed type.
12273 */
12274 static const char*
feed_type_name(int feed_type)12275 feed_type_name (int feed_type)
12276 {
12277 switch (feed_type)
12278 {
12279 case NVT_FEED:
12280 return "NVT";
12281 case CERT_FEED:
12282 return "CERT";
12283 case SCAP_FEED:
12284 return "SCAP";
12285 case GVMD_DATA_FEED:
12286 return "GVMD_DATA";
12287 default:
12288 return "Error";
12289 }
12290 }
12291
12292 /**
12293 * @brief Gets the status and timestamp of a feed lockfile.
12294 *
12295 * @param[in] lockfile_name Path to the lockfile.
12296 * @param[out] timestamp Optional output o timestamp string.
12297 *
12298 * @return 0 lockfile was not locked, 1 lockfile was locked.
12299 */
12300 static int
get_feed_lock_status(const char * lockfile_name,gchar ** timestamp)12301 get_feed_lock_status (const char *lockfile_name, gchar **timestamp)
12302 {
12303 mode_t old_umask;
12304 int lockfile;
12305 int ret;
12306
12307 if (timestamp)
12308 *timestamp = NULL;
12309 ret = 0;
12310
12311 old_umask = umask(0);
12312 lockfile = open (lockfile_name,
12313 O_RDWR | O_CREAT,
12314 /* "-rw-rw-r--" */
12315 S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH);
12316 if (lockfile == -1)
12317 {
12318 g_warning ("%s: failed to open lock file '%s': %s", __func__,
12319 lockfile_name, strerror (errno));
12320 umask (old_umask);
12321 }
12322 else
12323 {
12324 umask (old_umask);
12325 if (flock (lockfile, LOCK_EX | LOCK_NB)) /* Exclusive, Non blocking. */
12326 {
12327 if (errno == EWOULDBLOCK)
12328 {
12329 gchar *content;
12330 GError *file_error;
12331
12332 /* File is locked, must be a sync in process. */
12333
12334 ret = 1;
12335
12336 if (!g_file_get_contents (lockfile_name, &content, NULL,
12337 &file_error))
12338 {
12339 if (g_error_matches (file_error, G_FILE_ERROR,
12340 G_FILE_ERROR_NOENT)
12341 || g_error_matches (file_error, G_FILE_ERROR,
12342 G_FILE_ERROR_ACCES))
12343 {
12344 g_error_free (file_error);
12345 }
12346 else
12347 {
12348 g_warning ("%s: %s", __func__, file_error->message);
12349 g_error_free (file_error);
12350 }
12351 }
12352 else
12353 {
12354 gchar **lines;
12355
12356 lines = g_strsplit (content, "\n", 2);
12357 g_free (content);
12358 if (timestamp)
12359 *timestamp = g_strdup(lines[0]);
12360 g_strfreev (lines);
12361 }
12362 }
12363 else
12364 {
12365 g_warning ("%s: flock: %s", __func__, strerror (errno));
12366 }
12367 }
12368 else
12369 /* Got the lock, so no sync is in progress. */
12370 flock (lockfile, LOCK_UN);
12371 }
12372
12373 if (close (lockfile))
12374 g_warning ("%s: failed to close lock file '%s': %s", __func__,
12375 lockfile_name, strerror (errno));
12376
12377 return ret;
12378 }
12379
12380 /**
12381 * @brief Get NVT feed.
12382 *
12383 * @param[in] gmp_parser GMP parser.
12384 * @param[in] error Error parameter.
12385 */
12386 static void
get_nvt_feed(gmp_parser_t * gmp_parser,GError ** error)12387 get_nvt_feed (gmp_parser_t *gmp_parser, GError **error)
12388 {
12389 gchar *feed_description, *feed_identification, *feed_version;
12390
12391 feed_description = NULL;
12392 feed_identification = NULL;
12393 feed_version = NULL;
12394
12395 if (gvm_get_sync_script_description (nvt_sync_script, &feed_description)
12396 && gvm_get_sync_script_identification (nvt_sync_script,
12397 &feed_identification,
12398 NVT_FEED)
12399 && gvm_get_sync_script_feed_version (nvt_sync_script,
12400 &feed_version))
12401 {
12402 gchar **ident = g_strsplit (feed_identification, "|", 6);
12403 gchar *selftest_result = NULL;
12404 const char *lockfile_name;
12405 gchar *timestamp;
12406
12407 if (ident[0] == NULL || ident[1] == NULL
12408 || ident[2] == NULL || ident[3] == NULL)
12409 {
12410 g_strfreev (ident);
12411 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_feeds"));
12412 }
12413 else
12414 {
12415 SENDF_TO_CLIENT_OR_FAIL
12416 ("<feed>"
12417 "<type>NVT</type>"
12418 "<name>%s</name>"
12419 "<version>%s</version>"
12420 "<description>%s</description>",
12421 ident[3],
12422 feed_version,
12423 feed_description);
12424 g_strfreev (ident);
12425 if (gvm_sync_script_perform_selftest (nvt_sync_script,
12426 &selftest_result)
12427 == FALSE)
12428 {
12429 SENDF_TO_CLIENT_OR_FAIL ("<sync_not_available>"
12430 "<error>%s</error>"
12431 "</sync_not_available>",
12432 selftest_result ? selftest_result : "");
12433 g_free (selftest_result);
12434 }
12435
12436 /* Note: Checking the feed lockfile assumes that the default scanner
12437 * is running locally.
12438 */
12439 lockfile_name = get_feed_lock_path ();
12440 if (get_feed_lock_status (lockfile_name, ×tamp))
12441 {
12442 SENDF_TO_CLIENT_OR_FAIL ("<currently_syncing>"
12443 "<timestamp>%s</timestamp>"
12444 "</currently_syncing>",
12445 timestamp);
12446 g_free (timestamp);
12447 }
12448
12449 SEND_TO_CLIENT_OR_FAIL ("</feed>");
12450 }
12451
12452 g_free (feed_version);
12453 }
12454 g_free (feed_identification);
12455 g_free (feed_description);
12456 }
12457
12458 /**
12459 * @brief Parse feed info entity.
12460 *
12461 * @param[in] entity Config XML.
12462 * @param[in] config_path Path to config XML file.
12463 * @param[out] name Name of feed.
12464 * @param[out] version Version of feed.
12465 * @param[out] description Description of feed.
12466 *
12467 * @return 0 success, -1 error.
12468 */
12469 static int
get_feed_info_parse(entity_t entity,const gchar * config_path,gchar ** name,gchar ** version,gchar ** description)12470 get_feed_info_parse (entity_t entity, const gchar *config_path,
12471 gchar **name, gchar **version, gchar **description)
12472 {
12473 entity_t child;
12474
12475 assert (name && version && description);
12476
12477 child = entity_child (entity, "name");
12478 if (child == NULL)
12479 {
12480 g_warning ("%s: Missing name in '%s'", __func__, config_path);
12481 return -1;
12482 }
12483 *name = entity_text (child);
12484
12485 child = entity_child (entity, "description");
12486 if (child == NULL)
12487 {
12488 g_warning ("%s: Missing description in '%s'",
12489 __func__, config_path);
12490 return -1;
12491 }
12492 *description = entity_text (child);
12493
12494 child = entity_child (entity, "version");
12495 if (child == NULL)
12496 {
12497 g_warning ("%s: Missing version in '%s'", __func__, config_path);
12498 return -1;
12499 }
12500 *version = entity_text (child);
12501
12502 return 0;
12503 }
12504
12505 /**
12506 * @brief Get feed info.
12507 *
12508 * @param[in] feed_type Type of feed.
12509 * @param[out] feed_name Name of feed.
12510 * @param[out] feed_version Version of feed.
12511 * @param[out] feed_description Description of feed.
12512 *
12513 * @return 0 success, -1 error.
12514 */
12515 static int
get_feed_info(int feed_type,gchar ** feed_name,gchar ** feed_version,gchar ** feed_description)12516 get_feed_info (int feed_type, gchar **feed_name, gchar **feed_version,
12517 gchar **feed_description)
12518 {
12519 GError *error;
12520 const char *feed_data_dir;
12521 gchar *config_path, *xml, *name, *version, *description;
12522 gsize xml_len;
12523 entity_t entity;
12524
12525 assert (feed_type == SCAP_FEED
12526 || feed_type == CERT_FEED
12527 || feed_type == GVMD_DATA_FEED);
12528
12529 switch (feed_type)
12530 {
12531 case SCAP_FEED:
12532 feed_data_dir = GVM_SCAP_DATA_DIR;
12533 break;
12534 case CERT_FEED:
12535 feed_data_dir = GVM_CERT_DATA_DIR;
12536 break;
12537 case GVMD_DATA_FEED:
12538 feed_data_dir = GVMD_FEED_DIR;
12539 break;
12540 default :
12541 return -1;
12542 }
12543
12544 config_path = g_build_filename (feed_data_dir,
12545 "feed.xml",
12546 NULL);
12547 g_debug ("%s: config_path: %s", __func__, config_path);
12548
12549 /* Read the file in. */
12550
12551 error = NULL;
12552 g_file_get_contents (config_path, &xml, &xml_len, &error);
12553 if (error)
12554 {
12555 g_warning ("%s: Failed to read '%s': %s",
12556 __func__,
12557 config_path,
12558 error->message);
12559 g_error_free (error);
12560 g_free (config_path);
12561 return -1;
12562 }
12563
12564 /* Parse it as XML. */
12565
12566 if (parse_entity (xml, &entity))
12567 {
12568 g_warning ("%s: Failed to parse '%s'", __func__, config_path);
12569 g_free (config_path);
12570 return -1;
12571 }
12572
12573 /* Get the report format properties from the XML. */
12574
12575 if (get_feed_info_parse (entity, config_path, &name, &version, &description))
12576 {
12577 g_free (config_path);
12578 free_entity (entity);
12579 return -1;
12580 }
12581 g_free (config_path);
12582
12583 if (feed_name)
12584 *feed_name = g_strdup (name);
12585 if (feed_description)
12586 *feed_description = g_strdup (description);
12587 if (feed_version)
12588 *feed_version = g_strdup (version);
12589
12590 free_entity (entity);
12591
12592 return 0;
12593 }
12594
12595 /**
12596 * @brief Get a single feed.
12597 *
12598 * @param[in] gmp_parser GMP parser.
12599 * @param[in] error Error parameter.
12600 * @param[in] feed_type Type of feed.
12601 */
12602 static void
get_feed(gmp_parser_t * gmp_parser,GError ** error,int feed_type)12603 get_feed (gmp_parser_t *gmp_parser, GError **error, int feed_type)
12604 {
12605 gchar *feed_name, *feed_description, *feed_version;
12606 const char *lockfile_name;
12607 gchar *timestamp;
12608
12609 if (feed_type == NVT_FEED)
12610 {
12611 get_nvt_feed (gmp_parser, error);
12612 return;
12613 }
12614
12615 if (get_feed_info (feed_type, &feed_name, &feed_version, &feed_description))
12616 return;
12617
12618 SENDF_TO_CLIENT_OR_FAIL
12619 ("<feed>"
12620 "<type>%s</type>"
12621 "<name>%s</name>"
12622 "<version>%s</version>"
12623 "<description>%s</description>",
12624 feed_type_name (feed_type),
12625 feed_name,
12626 feed_version,
12627 feed_description);
12628
12629 lockfile_name = get_feed_lock_path ();
12630
12631 if (get_feed_lock_status (lockfile_name, ×tamp))
12632 {
12633 SENDF_TO_CLIENT_OR_FAIL ("<currently_syncing>"
12634 "<timestamp>%s</timestamp>"
12635 "</currently_syncing>",
12636 timestamp);
12637 g_free (timestamp);
12638 }
12639
12640 g_free (feed_name);
12641 g_free (feed_version);
12642 g_free (feed_description);
12643
12644 SEND_TO_CLIENT_OR_FAIL ("</feed>");
12645 }
12646
12647 /**
12648 * @brief Handle end of GET_FEEDS element.
12649 *
12650 * @param[in] gmp_parser GMP parser.
12651 * @param[in] error Error parameter.
12652 */
12653 static void
handle_get_feeds(gmp_parser_t * gmp_parser,GError ** error)12654 handle_get_feeds (gmp_parser_t *gmp_parser, GError **error)
12655 {
12656 assert (current_credentials.username);
12657
12658 if (acl_user_may ("get_feeds") == 0)
12659 {
12660 SEND_TO_CLIENT_OR_FAIL
12661 (XML_ERROR_SYNTAX ("get_feeds",
12662 "Permission denied"));
12663 set_client_state (CLIENT_AUTHENTIC);
12664 return;
12665 }
12666
12667 SEND_TO_CLIENT_OR_FAIL ("<get_feeds_response"
12668 " status=\"" STATUS_OK "\""
12669 " status_text=\"" STATUS_OK_TEXT "\">");
12670
12671 if ((get_feeds_data->type == NULL)
12672 || (strcasecmp (get_feeds_data->type, "nvt") == 0))
12673 get_feed (gmp_parser, error, NVT_FEED);
12674
12675 if ((get_feeds_data->type == NULL)
12676 || (strcasecmp (get_feeds_data->type, "scap") == 0))
12677 get_feed (gmp_parser, error, SCAP_FEED);
12678
12679 if ((get_feeds_data->type == NULL)
12680 || (strcasecmp (get_feeds_data->type, "cert") == 0))
12681 get_feed (gmp_parser, error, CERT_FEED);
12682
12683 if ((get_feeds_data->type == NULL)
12684 || (strcasecmp (get_feeds_data->type, "gvmd_data") == 0))
12685 get_feed (gmp_parser, error, GVMD_DATA_FEED);
12686
12687 SEND_TO_CLIENT_OR_FAIL ("</get_feeds_response>");
12688
12689 get_feeds_data_reset (get_feeds_data);
12690 set_client_state (CLIENT_AUTHENTIC);
12691 }
12692
12693 /**
12694 * @brief Handle end of GET_FILTERS element.
12695 *
12696 * @param[in] gmp_parser GMP parser.
12697 * @param[in] error Error parameter.
12698 */
12699 static void
handle_get_filters(gmp_parser_t * gmp_parser,GError ** error)12700 handle_get_filters (gmp_parser_t *gmp_parser, GError **error)
12701 {
12702 iterator_t filters;
12703 int count, filtered, ret, first;
12704
12705 INIT_GET (filter, Filter);
12706
12707 ret = init_filter_iterator (&filters, &get_filters_data->get);
12708 if (ret)
12709 {
12710 switch (ret)
12711 {
12712 case 1:
12713 if (send_find_error_to_client ("get_filters", "filter",
12714 get_filters_data->get.id,
12715 gmp_parser))
12716 {
12717 error_send_to_client (error);
12718 return;
12719 }
12720 break;
12721 case 2:
12722 if (send_find_error_to_client
12723 ("get_filters", "filter",
12724 get_filters_data->get.filt_id, gmp_parser))
12725 {
12726 error_send_to_client (error);
12727 return;
12728 }
12729 break;
12730 case -1:
12731 SEND_TO_CLIENT_OR_FAIL
12732 (XML_INTERNAL_ERROR ("get_filters"));
12733 break;
12734 }
12735 get_filters_data_reset (get_filters_data);
12736 set_client_state (CLIENT_AUTHENTIC);
12737 return;
12738 }
12739
12740 SEND_GET_START ("filter");
12741 while (1)
12742 {
12743 ret = get_next (&filters, &get_filters_data->get, &first, &count,
12744 init_filter_iterator);
12745 if (ret == 1)
12746 break;
12747 if (ret == -1)
12748 {
12749 internal_error_send_to_client (error);
12750 return;
12751 }
12752
12753 SEND_GET_COMMON (filter, &get_filters_data->get, &filters);
12754
12755 SENDF_TO_CLIENT_OR_FAIL ("<type>%s</type>"
12756 "<term>%s</term>",
12757 filter_iterator_type (&filters),
12758 filter_iterator_term (&filters));
12759
12760 if (get_filters_data->alerts)
12761 {
12762 iterator_t alerts;
12763
12764 SEND_TO_CLIENT_OR_FAIL ("<alerts>");
12765 init_filter_alert_iterator (&alerts,
12766 get_iterator_resource
12767 (&filters));
12768 while (next (&alerts))
12769 {
12770 SENDF_TO_CLIENT_OR_FAIL
12771 ("<alert id=\"%s\">"
12772 "<name>%s</name>",
12773 filter_alert_iterator_uuid (&alerts),
12774 filter_alert_iterator_name (&alerts));
12775 if (filter_alert_iterator_readable (&alerts))
12776 SEND_TO_CLIENT_OR_FAIL ("</alert>");
12777 else
12778 SEND_TO_CLIENT_OR_FAIL ("<permissions/>"
12779 "</alert>");
12780 }
12781 cleanup_iterator (&alerts);
12782 SEND_TO_CLIENT_OR_FAIL ("</alerts>");
12783 }
12784
12785 SEND_TO_CLIENT_OR_FAIL ("</filter>");
12786
12787 count++;
12788 }
12789 cleanup_iterator (&filters);
12790 filtered = get_filters_data->get.id
12791 ? 1
12792 : filter_count (&get_filters_data->get);
12793 SEND_GET_END ("filter", &get_filters_data->get, count, filtered);
12794
12795 get_filters_data_reset (get_filters_data);
12796 set_client_state (CLIENT_AUTHENTIC);
12797 }
12798
12799 /**
12800 * @brief Handle end of GET_GROUPS element.
12801 *
12802 * @param[in] gmp_parser GMP parser.
12803 * @param[in] error Error parameter.
12804 */
12805 static void
handle_get_groups(gmp_parser_t * gmp_parser,GError ** error)12806 handle_get_groups (gmp_parser_t *gmp_parser, GError **error)
12807 {
12808 iterator_t groups;
12809 int count, filtered, ret, first;
12810
12811 INIT_GET (group, Group);
12812
12813 ret = init_group_iterator (&groups, &get_groups_data->get);
12814 if (ret)
12815 {
12816 switch (ret)
12817 {
12818 case 1:
12819 if (send_find_error_to_client ("get_groups", "group",
12820 get_groups_data->get.id,
12821 gmp_parser))
12822 {
12823 error_send_to_client (error);
12824 return;
12825 }
12826 break;
12827 case 2:
12828 if (send_find_error_to_client
12829 ("get_groups", "filter", get_groups_data->get.filt_id,
12830 gmp_parser))
12831 {
12832 error_send_to_client (error);
12833 return;
12834 }
12835 break;
12836 case -1:
12837 SEND_TO_CLIENT_OR_FAIL
12838 (XML_INTERNAL_ERROR ("get_groups"));
12839 break;
12840 }
12841 get_groups_data_reset (get_groups_data);
12842 set_client_state (CLIENT_AUTHENTIC);
12843 return;
12844 }
12845
12846 SEND_GET_START ("group");
12847 while (1)
12848 {
12849 gchar *users;
12850
12851 ret = get_next (&groups, &get_groups_data->get, &first, &count,
12852 init_group_iterator);
12853 if (ret == 1)
12854 break;
12855 if (ret == -1)
12856 {
12857 internal_error_send_to_client (error);
12858 return;
12859 }
12860
12861 SEND_GET_COMMON (group, &get_groups_data->get, &groups);
12862
12863 users = group_users (get_iterator_resource (&groups));
12864 SENDF_TO_CLIENT_OR_FAIL ("<users>%s</users>", users ? users : "");
12865 g_free (users);
12866
12867 SEND_TO_CLIENT_OR_FAIL ("</group>");
12868
12869 count++;
12870 }
12871 cleanup_iterator (&groups);
12872 filtered = get_groups_data->get.id
12873 ? 1
12874 : group_count (&get_groups_data->get);
12875 SEND_GET_END ("group", &get_groups_data->get, count, filtered);
12876
12877 get_groups_data_reset (get_groups_data);
12878 set_client_state (CLIENT_AUTHENTIC);
12879 }
12880
12881 /**
12882 * @brief Handle end of GET_INFO element.
12883 *
12884 * @param[in] gmp_parser GMP parser.
12885 * @param[in] error Error parameter.
12886 */
12887 static void
handle_get_info(gmp_parser_t * gmp_parser,GError ** error)12888 handle_get_info (gmp_parser_t *gmp_parser, GError **error)
12889 {
12890 iterator_t info;
12891 int count, first, filtered, ret;
12892 int (*init_info_iterator) (iterator_t*, get_data_t *, const char *);
12893 int (*info_count) (const get_data_t *get);
12894 const char *update_time;
12895 get_data_t *get;
12896
12897 if (acl_user_may ("get_info") == 0)
12898 {
12899 SEND_TO_CLIENT_OR_FAIL
12900 (XML_ERROR_SYNTAX ("get_info",
12901 "Permission denied"));
12902 get_info_data_reset (get_info_data);
12903 set_client_state (CLIENT_AUTHENTIC);
12904 return;
12905 }
12906
12907 if (manage_scap_loaded () == 0)
12908 {
12909 SEND_TO_CLIENT_OR_FAIL
12910 (XML_ERROR_SYNTAX ("get_info",
12911 "The SCAP database is required"));
12912 get_info_data_reset (get_info_data);
12913 set_client_state (CLIENT_AUTHENTIC);
12914 return;
12915 }
12916 if (manage_cert_loaded () == 0)
12917 {
12918 SEND_TO_CLIENT_OR_FAIL
12919 (XML_ERROR_SYNTAX ("get_info",
12920 "The CERT database is required"));
12921 get_info_data_reset (get_info_data);
12922 set_client_state (CLIENT_AUTHENTIC);
12923 return;
12924 }
12925
12926 if (get_info_data->name && get_info_data->get.id)
12927 {
12928 SEND_TO_CLIENT_OR_FAIL
12929 (XML_ERROR_SYNTAX ("get_info",
12930 "Only one of name and the id attribute"
12931 " may be given."));
12932 get_info_data_reset (get_info_data);
12933 set_client_state (CLIENT_AUTHENTIC);
12934 return;
12935 }
12936 if (get_info_data->type == NULL)
12937 {
12938 SEND_TO_CLIENT_OR_FAIL
12939 (XML_ERROR_SYNTAX ("get_info",
12940 "No type specified."));
12941 get_info_data_reset (get_info_data);
12942 set_client_state (CLIENT_AUTHENTIC);
12943 return;
12944 }
12945
12946 get = &get_info_data->get;
12947 if (get->filt_id && strcmp (get->filt_id, FILT_ID_USER_SETTING) == 0)
12948 {
12949 char *user_filter;
12950 gchar *name;
12951
12952 if (strcmp (get_info_data->type, "cpe") == 0)
12953 name = g_strdup ("CPE");
12954 else if (strcmp (get_info_data->type, "cve") == 0)
12955 name = g_strdup ("CVE");
12956 else if (strcmp (get_info_data->type, "ovaldef") == 0)
12957 name = g_strdup ("OVAL");
12958 else if (strcmp (get_info_data->type, "cert_bund_adv") == 0)
12959 name = g_strdup ("CERT-Bund");
12960 else if (strcmp (get_info_data->type, "dfn_cert_adv") == 0)
12961 name = g_strdup ("DFN-CERT");
12962 else if (strcmp (get_info_data->type, "nvt") == 0)
12963 name = g_strdup ("NVT");
12964 else
12965 {
12966 if (send_find_error_to_client ("get_info", "type",
12967 get_info_data->type,
12968 gmp_parser))
12969 {
12970 error_send_to_client (error);
12971 return;
12972 }
12973 get_info_data_reset (get_info_data);
12974 set_client_state (CLIENT_AUTHENTIC);
12975 return;
12976 }
12977
12978 user_filter = setting_filter (name);
12979 g_free (name);
12980
12981 if (user_filter && strlen (user_filter))
12982 {
12983 get->filt_id = user_filter;
12984 get->filter = filter_term (user_filter);
12985 }
12986 else
12987 get->filt_id = g_strdup("0");
12988 }
12989
12990 /* Set type specific functions */
12991 if (g_strcmp0 ("cpe", get_info_data->type) == 0)
12992 {
12993 init_info_iterator = init_cpe_info_iterator;
12994 info_count = cpe_info_count;
12995 get_info_data->get.subtype = g_strdup ("cpe");
12996 }
12997 else if (g_strcmp0 ("cve", get_info_data->type) == 0)
12998 {
12999 init_info_iterator = init_cve_info_iterator;
13000 info_count = cve_info_count;
13001 get_info_data->get.subtype = g_strdup ("cve");
13002 }
13003 else if (g_strcmp0 ("nvt", get_info_data->type) == 0)
13004 {
13005 init_info_iterator = init_nvt_info_iterator;
13006 info_count = nvt_info_count;
13007 get_info_data->get.subtype = g_strdup ("nvt");
13008 }
13009 else if (g_strcmp0 ("ovaldef", get_info_data->type) == 0)
13010 {
13011 init_info_iterator = init_ovaldef_info_iterator;
13012 info_count = ovaldef_info_count;
13013 get_info_data->get.subtype = g_strdup ("ovaldef");
13014 }
13015 else if (g_strcmp0 ("cert_bund_adv", get_info_data->type) == 0)
13016 {
13017 init_info_iterator = init_cert_bund_adv_info_iterator;
13018 info_count = cert_bund_adv_info_count;
13019 get_info_data->get.subtype = g_strdup ("cert_bund_adv");
13020 }
13021 else if (g_strcmp0 ("dfn_cert_adv", get_info_data->type) == 0)
13022 {
13023 init_info_iterator = init_dfn_cert_adv_info_iterator;
13024 info_count = dfn_cert_adv_info_count;
13025 get_info_data->get.subtype = g_strdup ("dfn_cert_adv");
13026 }
13027 else
13028 {
13029 if (send_find_error_to_client ("get_info", "type",
13030 get_info_data->type, gmp_parser))
13031 {
13032 error_send_to_client (error);
13033 }
13034 return;
13035 }
13036
13037 ret = init_info_iterator (&info, &get_info_data->get, get_info_data->name);
13038 if (ret)
13039 {
13040 switch (ret)
13041 {
13042 case 1:
13043 if (send_find_error_to_client ("get_info",
13044 get_info_data->name
13045 ? "name"
13046 : "ID",
13047 get_info_data->name
13048 ? get_info_data->name
13049 : get_info_data->get.id,
13050 gmp_parser))
13051 {
13052 error_send_to_client (error);
13053 return;
13054 }
13055 break;
13056 case 2:
13057 if (send_find_error_to_client
13058 ("get_info", "filter", get_info_data->get.filt_id,
13059 gmp_parser))
13060 {
13061 error_send_to_client (error);
13062 return;
13063 }
13064 break;
13065 case -1:
13066 SEND_TO_CLIENT_OR_FAIL
13067 (XML_INTERNAL_ERROR ("get_info"));
13068 break;
13069 }
13070 get_info_data_reset (get_info_data);
13071 set_client_state (CLIENT_AUTHENTIC);
13072 return;
13073 }
13074
13075 count = 0;
13076 manage_filter_controls (get_info_data->get.filter, &first, NULL, NULL, NULL);
13077 SEND_GET_START ("info");
13078 update_time = manage_scap_update_time ();
13079 while (next (&info))
13080 {
13081 GString *result;
13082
13083 /* Info's are currently always read only */
13084 if (send_get_common ("info", &get_info_data->get, &info,
13085 gmp_parser->client_writer,
13086 gmp_parser->client_writer_data, 0, 0))
13087 {
13088 error_send_to_client (error);
13089 return;
13090 }
13091
13092 SENDF_TO_CLIENT_OR_FAIL ("<update_time>%s</update_time>",
13093 update_time);
13094
13095 result = g_string_new ("");
13096
13097 /* Information depending on type */
13098
13099 if (g_strcmp0 ("cpe", get_info_data->type) == 0)
13100 {
13101 const char *title;
13102
13103 xml_string_append (result, "<cpe>");
13104 title = cpe_info_iterator_title (&info);
13105 if (title)
13106 xml_string_append (result,
13107 "<title>%s</title>",
13108 cpe_info_iterator_title (&info));
13109 xml_string_append (result,
13110 "<nvd_id>%s</nvd_id>"
13111 "<severity>%s</severity>"
13112 "<cve_refs>%s</cve_refs>"
13113 "<status>%s</status>",
13114 cpe_info_iterator_nvd_id (&info)
13115 ? cpe_info_iterator_nvd_id (&info)
13116 : "",
13117 cpe_info_iterator_severity (&info)
13118 ? cpe_info_iterator_severity (&info)
13119 : "",
13120 cpe_info_iterator_cve_refs (&info),
13121 cpe_info_iterator_status (&info)
13122 ? cpe_info_iterator_status (&info)
13123 : "");
13124
13125 if (get_info_data->details == 1)
13126 {
13127 iterator_t cves;
13128 g_string_append (result, "<cves>");
13129 init_cpe_cve_iterator (&cves, get_iterator_name (&info), 0, NULL);
13130 while (next (&cves))
13131 xml_string_append (result,
13132 "<cve>"
13133 "<entry"
13134 " xmlns:cpe-lang=\"http://cpe.mitre.org/language/2.0\""
13135 " xmlns:vuln=\"http://scap.nist.gov/schema/vulnerability/0.4\""
13136 " xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\""
13137 " xmlns:patch=\"http://scap.nist.gov/schema/patch/0.1\""
13138 " xmlns:scap-core=\"http://scap.nist.gov/schema/scap-core/0.1\""
13139 " xmlns:cvss=\"http://scap.nist.gov/schema/cvss-v2/0.2\""
13140 " xmlns=\"http://scap.nist.gov/schema/feed/vulnerability/2.0\""
13141 " id=\"%s\">"
13142 "<vuln:cvss>"
13143 "<cvss:base_metrics>"
13144 "<cvss:score>%s</cvss:score>"
13145 "</cvss:base_metrics>"
13146 "</vuln:cvss>"
13147 "</entry>"
13148 "</cve>",
13149 cve_iterator_name (&cves),
13150 cve_iterator_cvss_score (&cves)
13151 ? cve_iterator_cvss_score (&cves)
13152 : "");
13153 cleanup_iterator (&cves);
13154 g_string_append (result, "</cves>");
13155 }
13156 }
13157 else if (g_strcmp0 ("cve", get_info_data->type) == 0)
13158 {
13159 xml_string_append (result,
13160 "<cve>"
13161 "<severity>%s</severity>"
13162 "<cvss_vector>%s</cvss_vector>"
13163 "<description>%s</description>"
13164 "<products>%s</products>",
13165 cve_info_iterator_severity (&info)
13166 ? cve_info_iterator_severity (&info)
13167 : "",
13168 cve_info_iterator_vector (&info),
13169 cve_info_iterator_description (&info),
13170 cve_info_iterator_products (&info));
13171 if (get_info_data->details == 1)
13172 {
13173 iterator_t nvts;
13174 iterator_t cert_advs;
13175 init_cve_nvt_iterator (&nvts, get_iterator_name (&info), 1, NULL);
13176 g_string_append (result, "<nvts>");
13177 while (next (&nvts))
13178 xml_string_append (result,
13179 "<nvt oid=\"%s\">"
13180 "<name>%s</name>"
13181 "</nvt>",
13182 nvt_iterator_oid (&nvts),
13183 nvt_iterator_name (&nvts));
13184 g_string_append (result, "</nvts>");
13185 cleanup_iterator (&nvts);
13186
13187 g_string_append (result, "<cert>");
13188 if (manage_cert_loaded())
13189 {
13190 init_cve_cert_bund_adv_iterator (&cert_advs,
13191 get_iterator_name (&info),
13192 1, NULL);
13193 while (next (&cert_advs))
13194 {
13195 xml_string_append
13196 (result,
13197 "<cert_ref type=\"CERT-Bund\">"
13198 "<name>%s</name>"
13199 "<title>%s</title>"
13200 "</cert_ref>",
13201 get_iterator_name (&cert_advs),
13202 cert_bund_adv_info_iterator_title (&cert_advs));
13203 };
13204 cleanup_iterator (&cert_advs);
13205
13206 init_cve_dfn_cert_adv_iterator (&cert_advs,
13207 get_iterator_name
13208 (&info),
13209 1, NULL);
13210 while (next (&cert_advs))
13211 {
13212 xml_string_append (result,
13213 "<cert_ref type=\"DFN-CERT\">"
13214 "<name>%s</name>"
13215 "<title>%s</title>"
13216 "</cert_ref>",
13217 get_iterator_name (&cert_advs),
13218 dfn_cert_adv_info_iterator_title
13219 (&cert_advs));
13220 };
13221 cleanup_iterator (&cert_advs);
13222 }
13223 else
13224 {
13225 g_string_append(result, "<warning>"
13226 "database not available"
13227 "</warning>");
13228 }
13229 g_string_append (result, "</cert>");
13230 }
13231 }
13232 else if (g_strcmp0 ("ovaldef", get_info_data->type) == 0)
13233 {
13234 const char *description;
13235 xml_string_append (result,
13236 "<ovaldef>"
13237 "<version>%s</version>"
13238 "<deprecated>%s</deprecated>"
13239 "<status>%s</status>"
13240 "<class>%s</class>"
13241 "<title>%s</title>"
13242 "<severity>%s</severity>"
13243 "<cve_refs>%s</cve_refs>"
13244 "<file>%s</file>",
13245 ovaldef_info_iterator_version (&info),
13246 ovaldef_info_iterator_deprecated (&info),
13247 ovaldef_info_iterator_status (&info),
13248 ovaldef_info_iterator_class (&info),
13249 ovaldef_info_iterator_title (&info),
13250 ovaldef_info_iterator_severity (&info)
13251 ? ovaldef_info_iterator_severity (&info)
13252 : "",
13253 ovaldef_info_iterator_cve_refs (&info),
13254 ovaldef_info_iterator_file (&info));
13255 description = ovaldef_info_iterator_description (&info);
13256 if (get_info_data->details == 1)
13257 xml_string_append (result,
13258 "<description>%s</description>",
13259 description);
13260 }
13261 else if (g_strcmp0 ("cert_bund_adv", get_info_data->type) == 0)
13262 xml_string_append (result,
13263 "<cert_bund_adv>"
13264 "<title>%s</title>"
13265 "<summary>%s</summary>"
13266 "<severity>%s</severity>"
13267 "<cve_refs>%s</cve_refs>",
13268 cert_bund_adv_info_iterator_title (&info),
13269 cert_bund_adv_info_iterator_summary (&info),
13270 cert_bund_adv_info_iterator_severity(&info)
13271 ? cert_bund_adv_info_iterator_severity(&info)
13272 : "",
13273 cert_bund_adv_info_iterator_cve_refs (&info));
13274 else if (g_strcmp0 ("dfn_cert_adv", get_info_data->type) == 0)
13275 xml_string_append (result,
13276 "<dfn_cert_adv>"
13277 "<title>%s</title>"
13278 "<summary>%s</summary>"
13279 "<severity>%s</severity>"
13280 "<cve_refs>%s</cve_refs>",
13281 dfn_cert_adv_info_iterator_title (&info),
13282 dfn_cert_adv_info_iterator_summary (&info),
13283 dfn_cert_adv_info_iterator_severity(&info)
13284 ? dfn_cert_adv_info_iterator_severity(&info)
13285 : "",
13286 dfn_cert_adv_info_iterator_cve_refs (&info));
13287 else if (g_strcmp0 ("nvt", get_info_data->type) == 0)
13288 {
13289 if (send_nvt (&info, 1, 1, -1, NULL, 0,
13290 gmp_parser->client_writer,
13291 gmp_parser->client_writer_data))
13292 {
13293 cleanup_iterator (&info);
13294 error_send_to_client (error);
13295 return;
13296 }
13297 }
13298
13299 /* Append raw data if full details are requested */
13300
13301 if (get_info_data->details == 1)
13302 {
13303 gchar *raw_data = NULL;
13304 gchar *nonconst_id = g_strdup(get_iterator_uuid (&info));
13305 gchar *nonconst_name = g_strdup(get_iterator_name (&info));
13306 manage_read_info (get_info_data->type, nonconst_id,
13307 nonconst_name, &raw_data);
13308 g_string_append_printf (result, "<raw_data>%s</raw_data>",
13309 raw_data);
13310 g_free(nonconst_id);
13311 g_free(nonconst_name);
13312 g_free(raw_data);
13313 }
13314
13315 g_string_append_printf (result, "</%s></info>", get_info_data->type);
13316 SEND_TO_CLIENT_OR_FAIL (result->str);
13317 count++;
13318 g_string_free (result, TRUE);
13319 }
13320 cleanup_iterator (&info);
13321
13322 if (get_info_data->details == 1)
13323 SEND_TO_CLIENT_OR_FAIL ("<details>1</details>");
13324
13325 filtered = get_info_data->get.id
13326 ? 1
13327 : (get_info_data->name
13328 ? info_name_count (get_info_data->type, get_info_data->name)
13329 : info_count (&get_info_data->get));
13330
13331 SEND_GET_END ("info", &get_info_data->get, count, filtered);
13332
13333 get_info_data_reset (get_info_data);
13334 set_client_state (CLIENT_AUTHENTIC);
13335 }
13336
13337 /**
13338 * @brief Handle end of GET_NOTES element.
13339 *
13340 * @param[in] gmp_parser GMP parser.
13341 * @param[in] error Error parameter.
13342 */
13343 static void
handle_get_notes(gmp_parser_t * gmp_parser,GError ** error)13344 handle_get_notes (gmp_parser_t *gmp_parser, GError **error)
13345 {
13346 nvt_t nvt = 0;
13347 task_t task = 0;
13348
13349 if (get_notes_data->note_id && get_notes_data->nvt_oid)
13350 SEND_TO_CLIENT_OR_FAIL
13351 (XML_ERROR_SYNTAX ("get_notes",
13352 "Only one of NVT and the note_id attribute"
13353 " may be given"));
13354 else if (get_notes_data->note_id && get_notes_data->task_id)
13355 SEND_TO_CLIENT_OR_FAIL
13356 (XML_ERROR_SYNTAX ("get_notes",
13357 "Only one of the note_id and task_id"
13358 " attributes may be given"));
13359 else if (get_notes_data->task_id
13360 && find_task_with_permission (get_notes_data->task_id, &task,
13361 "get_tasks"))
13362 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_notes"));
13363 else if (get_notes_data->task_id && task == 0)
13364 {
13365 if (send_find_error_to_client ("get_notes",
13366 "task", get_notes_data->task_id,
13367 gmp_parser))
13368 {
13369 error_send_to_client (error);
13370 return;
13371 }
13372 }
13373 else if (get_notes_data->nvt_oid
13374 && find_nvt (get_notes_data->nvt_oid, &nvt))
13375 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_notes"));
13376 else if (get_notes_data->nvt_oid && nvt == 0)
13377 {
13378 if (send_find_error_to_client ("get_notes", "NVT",
13379 get_notes_data->nvt_oid,
13380 gmp_parser))
13381 {
13382 error_send_to_client (error);
13383 return;
13384 }
13385 }
13386 else
13387 {
13388 iterator_t notes;
13389 GString *buffer;
13390 int count, filtered, ret, first;
13391
13392 INIT_GET (note, Note);
13393
13394 ret = init_note_iterator (¬es, &get_notes_data->get, nvt, 0,
13395 task);
13396 if (ret)
13397 {
13398 switch (ret)
13399 {
13400 case 1:
13401 if (send_find_error_to_client ("get_notes", "note",
13402 get_notes_data->get.id,
13403 gmp_parser))
13404 {
13405 error_send_to_client (error);
13406 return;
13407 }
13408 break;
13409 case 2:
13410 if (send_find_error_to_client
13411 ("get_notes", "filter",
13412 get_notes_data->get.filt_id, gmp_parser))
13413 {
13414 error_send_to_client (error);
13415 return;
13416 }
13417 break;
13418 case -1:
13419 SEND_TO_CLIENT_OR_FAIL
13420 (XML_INTERNAL_ERROR ("get_notes"));
13421 break;
13422 }
13423 get_notes_data_reset (get_notes_data);
13424 set_client_state (CLIENT_AUTHENTIC);
13425 return;
13426 }
13427
13428 SEND_GET_START ("note");
13429
13430 buffer = g_string_new ("");
13431
13432 // TODO: Do the iteration with get_next so it checks "first".
13433 buffer_notes_xml (buffer, ¬es, get_notes_data->get.details,
13434 get_notes_data->result, &count);
13435
13436 SEND_TO_CLIENT_OR_FAIL (buffer->str);
13437 g_string_free (buffer, TRUE);
13438
13439 cleanup_iterator (¬es);
13440 filtered = get_notes_data->get.id
13441 ? 1
13442 : note_count (&get_notes_data->get, nvt, 0, task);
13443 SEND_GET_END ("note", &get_notes_data->get, count, filtered);
13444 }
13445 get_notes_data_reset (get_notes_data);
13446 set_client_state (CLIENT_AUTHENTIC);
13447
13448 }
13449
13450 /**
13451 * @brief Handle end of GET_NVTS element.
13452 *
13453 * @param[in] gmp_parser GMP parser.
13454 * @param[in] error Error parameter.
13455 */
13456 static void
handle_get_nvts(gmp_parser_t * gmp_parser,GError ** error)13457 handle_get_nvts (gmp_parser_t *gmp_parser, GError **error)
13458 {
13459 char *feed_version;
13460
13461 if (acl_user_may ("get_nvts") == 0)
13462 {
13463 SEND_TO_CLIENT_OR_FAIL
13464 (XML_ERROR_SYNTAX ("get_nvts",
13465 "Permission denied"));
13466 get_nvts_data_reset (get_nvts_data);
13467 set_client_state (CLIENT_AUTHENTIC);
13468 return;
13469 }
13470
13471 feed_version = nvts_feed_version ();
13472 if (feed_version)
13473 {
13474 config_t config, preferences_config;
13475 nvt_t nvt = 0;
13476
13477 config = preferences_config = 0;
13478
13479 free (feed_version);
13480
13481 if (get_nvts_data->nvt_oid && get_nvts_data->family)
13482 SEND_TO_CLIENT_OR_FAIL
13483 (XML_ERROR_SYNTAX ("get_nvts",
13484 "Too many parameters at once"));
13485 else if ((get_nvts_data->details == 0)
13486 && get_nvts_data->preference_count)
13487 SEND_TO_CLIENT_OR_FAIL
13488 (XML_ERROR_SYNTAX ("get_nvts",
13489 "The preference_count attribute"
13490 " requires the details attribute"));
13491 else if ((get_nvts_data->details == 0)
13492 && get_nvts_data->preferences)
13493 SEND_TO_CLIENT_OR_FAIL
13494 (XML_ERROR_SYNTAX ("get_nvts",
13495 "The preferences attribute"
13496 " requires the details attribute"));
13497 else if (((get_nvts_data->details == 0)
13498 || ((get_nvts_data->config_id == NULL)
13499 && (get_nvts_data->preferences_config_id == NULL)))
13500 && get_nvts_data->timeout)
13501 SEND_TO_CLIENT_OR_FAIL
13502 (XML_ERROR_SYNTAX ("get_nvts",
13503 "The timeout attribute"
13504 " requires the details and config_id"
13505 " attributes"));
13506 else if (get_nvts_data->nvt_oid
13507 && find_nvt (get_nvts_data->nvt_oid, &nvt))
13508 SEND_TO_CLIENT_OR_FAIL
13509 (XML_INTERNAL_ERROR ("get_nvts"));
13510 else if (get_nvts_data->nvt_oid && nvt == 0)
13511 {
13512 if (send_find_error_to_client ("get_nvts", "NVT",
13513 get_nvts_data->nvt_oid,
13514 gmp_parser))
13515 {
13516 error_send_to_client (error);
13517 return;
13518 }
13519 }
13520 else if (get_nvts_data->config_id
13521 && get_nvts_data->preferences_config_id)
13522 SEND_TO_CLIENT_OR_FAIL
13523 (XML_ERROR_SYNTAX ("get_nvts",
13524 "config_id and"
13525 " preferences_config_id both given"));
13526 else if (get_nvts_data->config_id
13527 && find_config_with_permission (get_nvts_data->config_id,
13528 &config,
13529 NULL))
13530 SEND_TO_CLIENT_OR_FAIL
13531 (XML_INTERNAL_ERROR ("get_nvts"));
13532 else if (get_nvts_data->config_id && (config == 0))
13533 {
13534 if (send_find_error_to_client
13535 ("get_nvts", "config", get_nvts_data->config_id,
13536 gmp_parser))
13537 {
13538 error_send_to_client (error);
13539 return;
13540 }
13541 }
13542 else if (get_nvts_data->preferences_config_id
13543 && find_config_with_permission
13544 (get_nvts_data->preferences_config_id,
13545 &preferences_config,
13546 NULL))
13547 SEND_TO_CLIENT_OR_FAIL
13548 (XML_INTERNAL_ERROR ("get_nvts"));
13549 else if (get_nvts_data->preferences_config_id
13550 && (preferences_config == 0))
13551 {
13552 if (send_find_error_to_client
13553 ("get_nvts", "config",
13554 get_nvts_data->preferences_config_id,
13555 gmp_parser))
13556 {
13557 error_send_to_client (error);
13558 return;
13559 }
13560 }
13561 else
13562 {
13563 iterator_t nvts;
13564
13565 SENDF_TO_CLIENT_OR_FAIL
13566 ("<get_nvts_response"
13567 " status=\"" STATUS_OK "\""
13568 " status_text=\"" STATUS_OK_TEXT "\">");
13569
13570 init_nvt_iterator (&nvts,
13571 nvt,
13572 get_nvts_data->nvt_oid
13573 /* Presume the NVT is in the config (if
13574 * a config was given). */
13575 ? 0
13576 : config,
13577 get_nvts_data->family,
13578 NULL,
13579 get_nvts_data->sort_order,
13580 get_nvts_data->sort_field);
13581 if (preferences_config)
13582 config = preferences_config;
13583 if (get_nvts_data->details)
13584 while (next (&nvts))
13585 {
13586 int pref_count = -1;
13587 char *timeout = NULL;
13588
13589 if (get_nvts_data->timeout)
13590 timeout = config_nvt_timeout (config,
13591 nvt_iterator_oid (&nvts));
13592
13593 if (get_nvts_data->preferences && (timeout == NULL))
13594 timeout = config_nvt_timeout
13595 (config,
13596 nvt_iterator_oid (&nvts));
13597
13598 if (get_nvts_data->preference_count)
13599 {
13600 const char *nvt_oid = nvt_iterator_oid (&nvts);
13601 pref_count = nvt_preference_count (nvt_oid);
13602 }
13603 if (send_nvt (&nvts, 1, get_nvts_data->preferences,
13604 pref_count, timeout, config,
13605 gmp_parser->client_writer,
13606 gmp_parser->client_writer_data))
13607 {
13608 free (timeout);
13609 cleanup_iterator (&nvts);
13610 error_send_to_client (error);
13611 return;
13612 }
13613 free (timeout);
13614
13615 SEND_TO_CLIENT_OR_FAIL ("</nvt>");
13616 }
13617 else
13618 while (next (&nvts))
13619 {
13620 if (send_nvt (&nvts, 0, 0, -1, NULL, 0,
13621 gmp_parser->client_writer,
13622 gmp_parser->client_writer_data))
13623 {
13624 cleanup_iterator (&nvts);
13625 error_send_to_client (error);
13626 return;
13627 }
13628 SEND_TO_CLIENT_OR_FAIL ("</nvt>");
13629 }
13630 cleanup_iterator (&nvts);
13631
13632 SEND_TO_CLIENT_OR_FAIL ("</get_nvts_response>");
13633 }
13634 }
13635 else
13636 SEND_XML_SERVICE_DOWN ("get_nvts");
13637
13638 get_nvts_data_reset (get_nvts_data);
13639 set_client_state (CLIENT_AUTHENTIC);
13640 }
13641
13642 /**
13643 * @brief Handle end of GET_NVT_FAMILIES element.
13644 *
13645 * @param[in] gmp_parser GMP parser.
13646 * @param[in] error Error parameter.
13647 */
13648 static void
handle_get_nvt_families(gmp_parser_t * gmp_parser,GError ** error)13649 handle_get_nvt_families (gmp_parser_t *gmp_parser, GError **error)
13650 {
13651 iterator_t families;
13652
13653 if (acl_user_may ("get_nvt_families") == 0)
13654 {
13655 SEND_TO_CLIENT_OR_FAIL
13656 (XML_ERROR_SYNTAX ("get_nvt_families",
13657 "Permission denied"));
13658 get_nvt_families_data_reset (get_nvt_families_data);
13659 set_client_state (CLIENT_AUTHENTIC);
13660 return;
13661 }
13662
13663 SEND_TO_CLIENT_OR_FAIL ("<get_nvt_families_response"
13664 " status=\"" STATUS_OK "\""
13665 " status_text=\"" STATUS_OK_TEXT "\">"
13666 "<families>");
13667
13668 init_family_iterator (&families,
13669 1,
13670 NULL,
13671 get_nvt_families_data->sort_order);
13672 while (next (&families))
13673 {
13674 int family_max;
13675 const char *family;
13676
13677 family = family_iterator_name (&families);
13678 if (family)
13679 family_max = family_nvt_count (family);
13680 else
13681 family_max = -1;
13682
13683 SENDF_TO_CLIENT_OR_FAIL
13684 ("<family>"
13685 "<name>%s</name>"
13686 /* The total number of NVT's in the family. */
13687 "<max_nvt_count>%i</max_nvt_count>"
13688 "</family>",
13689 family ? family : "",
13690 family_max);
13691 }
13692 cleanup_iterator (&families);
13693
13694 SEND_TO_CLIENT_OR_FAIL ("</families>"
13695 "</get_nvt_families_response>");
13696
13697 get_nvt_families_data_reset (get_nvt_families_data);
13698 set_client_state (CLIENT_AUTHENTIC);
13699 }
13700
13701 /**
13702 * @brief Handle end of GET_OVERRIDES element.
13703 *
13704 * @param[in] gmp_parser GMP parser.
13705 * @param[in] error Error parameter.
13706 */
13707 static void
handle_get_overrides(gmp_parser_t * gmp_parser,GError ** error)13708 handle_get_overrides (gmp_parser_t *gmp_parser, GError **error)
13709 {
13710 nvt_t nvt = 0;
13711 task_t task = 0;
13712
13713 if (get_overrides_data->override_id && get_overrides_data->nvt_oid)
13714 SEND_TO_CLIENT_OR_FAIL
13715 (XML_ERROR_SYNTAX ("get_overrides",
13716 "Only one of NVT and the override_id attribute"
13717 " may be given"));
13718 else if (get_overrides_data->override_id
13719 && get_overrides_data->task_id)
13720 SEND_TO_CLIENT_OR_FAIL
13721 (XML_ERROR_SYNTAX ("get_overrides",
13722 "Only one of the override_id and task_id"
13723 " attributes may be given"));
13724 else if (get_overrides_data->task_id
13725 && find_task_with_permission (get_overrides_data->task_id, &task,
13726 "get_tasks"))
13727 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_overrides"));
13728 else if (get_overrides_data->task_id && task == 0)
13729 {
13730 if (send_find_error_to_client ("get_overrides", "task",
13731 get_overrides_data->task_id,
13732 gmp_parser))
13733 {
13734 error_send_to_client (error);
13735 return;
13736 }
13737 }
13738 else if (get_overrides_data->nvt_oid
13739 && find_nvt (get_overrides_data->nvt_oid, &nvt))
13740 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_overrides"));
13741 else if (get_overrides_data->nvt_oid && nvt == 0)
13742 {
13743 if (send_find_error_to_client ("get_overrides",
13744 "NVT", get_overrides_data->nvt_oid,
13745 gmp_parser))
13746 {
13747 error_send_to_client (error);
13748 return;
13749 }
13750 }
13751 else
13752 {
13753 iterator_t overrides;
13754 GString *buffer;
13755 int count, filtered, ret, first;
13756
13757 INIT_GET (override, Override);
13758
13759 ret = init_override_iterator (&overrides,
13760 &get_overrides_data->get, nvt, 0,
13761 task);
13762 if (ret)
13763 {
13764 switch (ret)
13765 {
13766 case 1:
13767 if (send_find_error_to_client
13768 ("get_overrides", "override",
13769 get_overrides_data->get.id, gmp_parser))
13770 {
13771 error_send_to_client (error);
13772 return;
13773 }
13774 break;
13775 case 2:
13776 if (send_find_error_to_client
13777 ("get_overrides", "filter",
13778 get_overrides_data->get.filt_id, gmp_parser))
13779 {
13780 error_send_to_client (error);
13781 return;
13782 }
13783 break;
13784 case -1:
13785 SEND_TO_CLIENT_OR_FAIL
13786 (XML_INTERNAL_ERROR ("get_overrides"));
13787 break;
13788 }
13789 get_overrides_data_reset (get_overrides_data);
13790 set_client_state (CLIENT_AUTHENTIC);
13791 return;
13792 }
13793
13794 SEND_GET_START ("override");
13795
13796 buffer = g_string_new ("");
13797
13798 // TODO: Do the iteration with get_next so it checks "first".
13799 buffer_overrides_xml (buffer, &overrides,
13800 get_overrides_data->get.details,
13801 get_overrides_data->result, &count);
13802
13803 SEND_TO_CLIENT_OR_FAIL (buffer->str);
13804 g_string_free (buffer, TRUE);
13805
13806 cleanup_iterator (&overrides);
13807 filtered = get_overrides_data->get.id
13808 ? 1
13809 : override_count (&get_overrides_data->get, nvt, 0,
13810 task);
13811 SEND_GET_END ("override", &get_overrides_data->get, count,
13812 filtered);
13813 }
13814 get_overrides_data_reset (get_overrides_data);
13815 set_client_state (CLIENT_AUTHENTIC);
13816 }
13817
13818 /**
13819 * @brief Handle end of GET_PERMISSIONS element.
13820 *
13821 * @param[in] gmp_parser GMP parser.
13822 * @param[in] error Error parameter.
13823 */
13824 static void
handle_get_permissions(gmp_parser_t * gmp_parser,GError ** error)13825 handle_get_permissions (gmp_parser_t *gmp_parser, GError **error)
13826 {
13827 iterator_t permissions;
13828 int count, filtered, ret, first;
13829
13830 INIT_GET (permission, Permission);
13831
13832 ret = init_permission_iterator (&permissions,
13833 &get_permissions_data->get);
13834 if (ret)
13835 {
13836 switch (ret)
13837 {
13838 case 1:
13839 if (send_find_error_to_client ("get_permissions",
13840 "permission",
13841 get_permissions_data->get.id,
13842 gmp_parser))
13843 {
13844 error_send_to_client (error);
13845 return;
13846 }
13847 break;
13848 case 2:
13849 if (send_find_error_to_client
13850 ("get_permissions", "filter",
13851 get_permissions_data->get.filt_id, gmp_parser))
13852 {
13853 error_send_to_client (error);
13854 return;
13855 }
13856 break;
13857 case -1:
13858 SEND_TO_CLIENT_OR_FAIL
13859 (XML_INTERNAL_ERROR ("get_permissions"));
13860 break;
13861 }
13862 get_permissions_data_reset (get_permissions_data);
13863 set_client_state (CLIENT_AUTHENTIC);
13864 return;
13865 }
13866
13867 SEND_GET_START ("permission");
13868 while (1)
13869 {
13870 const char *resource_type;
13871
13872 ret = get_next (&permissions, &get_permissions_data->get, &first,
13873 &count, init_permission_iterator);
13874 if (ret == 1)
13875 break;
13876 if (ret == -1)
13877 {
13878 internal_error_send_to_client (error);
13879 return;
13880 }
13881
13882 SEND_GET_COMMON (permission, &get_permissions_data->get, &permissions);
13883
13884 resource_type = permission_iterator_resource_type (&permissions);
13885 SENDF_TO_CLIENT_OR_FAIL
13886 ("<resource id=\"%s\">"
13887 "<name>%s</name>"
13888 "<type>%s</type>"
13889 "<trash>%i</trash>"
13890 "<deleted>%i</deleted>",
13891 permission_iterator_resource_uuid (&permissions),
13892 resource_type && strcmp (resource_type, "")
13893 ? permission_iterator_resource_name (&permissions)
13894 : "",
13895 permission_iterator_resource_type (&permissions),
13896 permission_iterator_resource_in_trash (&permissions),
13897 permission_iterator_resource_orphan (&permissions));
13898
13899 if (permission_iterator_resource_readable (&permissions))
13900 SEND_TO_CLIENT_OR_FAIL ("</resource>");
13901 else
13902 SEND_TO_CLIENT_OR_FAIL ("<permissions/>"
13903 "</resource>");
13904
13905 SENDF_TO_CLIENT_OR_FAIL
13906 ("<subject id=\"%s\">"
13907 "<name>%s</name>"
13908 "<type>%s</type>"
13909 "<trash>%i</trash>",
13910 permission_iterator_subject_uuid (&permissions),
13911 permission_iterator_subject_name (&permissions),
13912 permission_iterator_subject_type (&permissions),
13913 permission_iterator_subject_in_trash (&permissions));
13914
13915 if (permission_iterator_subject_readable (&permissions))
13916 SEND_TO_CLIENT_OR_FAIL ("</subject>");
13917 else
13918 SEND_TO_CLIENT_OR_FAIL ("<permissions/>"
13919 "</subject>");
13920
13921 SEND_TO_CLIENT_OR_FAIL ("</permission>");
13922 count++;
13923 }
13924 cleanup_iterator (&permissions);
13925 filtered = get_permissions_data->get.id
13926 ? 1
13927 : permission_count (&get_permissions_data->get);
13928 SEND_GET_END ("permission", &get_permissions_data->get, count, filtered);
13929
13930 get_permissions_data_reset (get_permissions_data);
13931 set_client_state (CLIENT_AUTHENTIC);
13932 }
13933
13934 /**
13935 * @brief Handle end of GET_PORT_LISTS element.
13936 *
13937 * @param[in] gmp_parser GMP parser.
13938 * @param[in] error Error parameter.
13939 */
13940 static void
handle_get_port_lists(gmp_parser_t * gmp_parser,GError ** error)13941 handle_get_port_lists (gmp_parser_t *gmp_parser, GError **error)
13942 {
13943 iterator_t port_lists;
13944 int count, filtered, ret, first;
13945
13946 INIT_GET (port_list, Port List);
13947
13948 ret = init_port_list_iterator (&port_lists,
13949 &get_port_lists_data->get);
13950 if (ret)
13951 {
13952 switch (ret)
13953 {
13954 case 1:
13955 if (send_find_error_to_client ("get_port_lists",
13956 "port_list",
13957 get_port_lists_data->get.id,
13958 gmp_parser))
13959 {
13960 error_send_to_client (error);
13961 return;
13962 }
13963 break;
13964 case 2:
13965 if (send_find_error_to_client
13966 ("get_port_lists", "filter",
13967 get_port_lists_data->get.filt_id, gmp_parser))
13968 {
13969 error_send_to_client (error);
13970 return;
13971 }
13972 break;
13973 case -1:
13974 SEND_TO_CLIENT_OR_FAIL
13975 (XML_INTERNAL_ERROR ("get_port_lists"));
13976 break;
13977 }
13978 get_port_lists_data_reset (get_port_lists_data);
13979 set_client_state (CLIENT_AUTHENTIC);
13980 return;
13981 }
13982
13983 SEND_GET_START ("port_list");
13984 while (1)
13985 {
13986 ret = get_next (&port_lists, &get_port_lists_data->get, &first,
13987 &count, init_port_list_iterator);
13988 if (ret == 1)
13989 break;
13990 if (ret == -1)
13991 {
13992 internal_error_send_to_client (error);
13993 return;
13994 }
13995
13996 SEND_GET_COMMON (port_list, &get_port_lists_data->get,
13997 &port_lists);
13998
13999 SENDF_TO_CLIENT_OR_FAIL ("<port_count>"
14000 "<all>%i</all>"
14001 "<tcp>%i</tcp>"
14002 "<udp>%i</udp>"
14003 "</port_count>"
14004 "<predefined>%i</predefined>",
14005 port_list_iterator_count_all (&port_lists),
14006 port_list_iterator_count_tcp (&port_lists),
14007 port_list_iterator_count_udp (&port_lists),
14008 port_list_iterator_predefined (&port_lists));
14009
14010 if (get_port_lists_data->get.details)
14011 {
14012 iterator_t ranges;
14013
14014 SEND_TO_CLIENT_OR_FAIL ("<port_ranges>");
14015
14016 init_port_range_iterator (&ranges,
14017 get_iterator_resource (&port_lists),
14018 0, 1, NULL);
14019 while (next (&ranges))
14020 SENDF_TO_CLIENT_OR_FAIL
14021 ("<port_range id=\"%s\">"
14022 "<start>%s</start>"
14023 "<end>%s</end>"
14024 "<type>%s</type>"
14025 "<comment>%s</comment>"
14026 "</port_range>",
14027 port_range_iterator_uuid (&ranges),
14028 port_range_iterator_start (&ranges),
14029 port_range_iterator_end (&ranges)
14030 ? port_range_iterator_end (&ranges)
14031 : port_range_iterator_start (&ranges),
14032 port_range_iterator_type (&ranges),
14033 port_range_iterator_comment (&ranges));
14034 cleanup_iterator (&ranges);
14035
14036 SENDF_TO_CLIENT_OR_FAIL ("</port_ranges>");
14037 }
14038
14039 if (get_port_lists_data->targets)
14040 {
14041 iterator_t targets;
14042
14043 SEND_TO_CLIENT_OR_FAIL ("<targets>");
14044
14045 init_port_list_target_iterator (&targets,
14046 get_iterator_resource
14047 (&port_lists), 0);
14048 while (next (&targets))
14049 {
14050 if (port_list_target_iterator_readable (&targets) == 0)
14051 /* Only show targets the user may see. */
14052 continue;
14053
14054 SENDF_TO_CLIENT_OR_FAIL
14055 ("<target id=\"%s\">"
14056 "<name>%s</name>",
14057 port_list_target_iterator_uuid (&targets),
14058 port_list_target_iterator_name (&targets));
14059 if (port_list_target_iterator_readable (&targets))
14060 SEND_TO_CLIENT_OR_FAIL ("</target>");
14061 else
14062 SEND_TO_CLIENT_OR_FAIL ("<permissions/>"
14063 "</target>");
14064 }
14065
14066 cleanup_iterator (&targets);
14067
14068 SEND_TO_CLIENT_OR_FAIL ("</targets>");
14069 }
14070
14071 SEND_TO_CLIENT_OR_FAIL ("</port_list>");
14072
14073 count++;
14074 }
14075
14076 cleanup_iterator (&port_lists);
14077 filtered = get_port_lists_data->get.id
14078 ? 1
14079 : port_list_count (&get_port_lists_data->get);
14080 SEND_GET_END ("port_list", &get_port_lists_data->get, count, filtered);
14081
14082 get_port_lists_data_reset (get_port_lists_data);
14083 set_client_state (CLIENT_AUTHENTIC);
14084 }
14085
14086 /**
14087 * @brief Handle end of GET_PREFERENCES element.
14088 *
14089 * @param[in] gmp_parser GMP parser.
14090 * @param[in] error Error parameter.
14091 */
14092 static void
handle_get_preferences(gmp_parser_t * gmp_parser,GError ** error)14093 handle_get_preferences (gmp_parser_t *gmp_parser, GError **error)
14094 {
14095 iterator_t prefs;
14096 nvt_t nvt = 0;
14097 config_t config = 0;
14098
14099 if (acl_user_may ("get_preferences") == 0)
14100 {
14101 SEND_TO_CLIENT_OR_FAIL
14102 (XML_ERROR_SYNTAX ("get_preferences",
14103 "Permission denied"));
14104 get_preferences_data_reset (get_preferences_data);
14105 set_client_state (CLIENT_AUTHENTIC);
14106 return;
14107 }
14108
14109 if (get_preferences_data->nvt_oid
14110 && find_nvt (get_preferences_data->nvt_oid, &nvt))
14111 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_preferences"));
14112 else if (get_preferences_data->nvt_oid && nvt == 0)
14113 {
14114 if (send_find_error_to_client ("get_preferences", "NVT",
14115 get_preferences_data->nvt_oid,
14116 gmp_parser))
14117 {
14118 error_send_to_client (error);
14119 return;
14120 }
14121 }
14122 else if (get_preferences_data->config_id
14123 && find_config_with_permission (get_preferences_data->config_id,
14124 &config,
14125 "get_configs"))
14126 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_preferences"));
14127 else if (get_preferences_data->config_id && config == 0)
14128 {
14129 if (send_find_error_to_client ("get_preferences", "config",
14130 get_preferences_data->config_id,
14131 gmp_parser))
14132 {
14133 error_send_to_client (error);
14134 return;
14135 }
14136 }
14137 else
14138 {
14139 char *nvt_oid = get_preferences_data->nvt_oid;
14140 SEND_TO_CLIENT_OR_FAIL ("<get_preferences_response"
14141 " status=\"" STATUS_OK "\""
14142 " status_text=\"" STATUS_OK_TEXT "\">");
14143 init_nvt_preference_iterator (&prefs, nvt_oid);
14144 if (get_preferences_data->preference)
14145 while (next (&prefs))
14146 {
14147 char *name = strstr (nvt_preference_iterator_name (&prefs), ":");
14148 if (name)
14149 name = strstr (name + 1, ":");
14150 if (name && (strcmp (name + 1, get_preferences_data->preference)
14151 == 0))
14152 {
14153 GString *buffer = g_string_new ("");
14154 buffer_config_preference_xml (buffer, &prefs, config, 1);
14155 SEND_TO_CLIENT_OR_FAIL (buffer->str);
14156 g_string_free (buffer, TRUE);
14157 break;
14158 }
14159 }
14160 else
14161 while (next (&prefs))
14162 {
14163 GString *buffer = g_string_new ("");
14164 buffer_config_preference_xml (buffer, &prefs, config, 1);
14165 SEND_TO_CLIENT_OR_FAIL (buffer->str);
14166 g_string_free (buffer, TRUE);
14167 }
14168
14169 cleanup_iterator (&prefs);
14170 SEND_TO_CLIENT_OR_FAIL ("</get_preferences_response>");
14171 }
14172 get_preferences_data_reset (get_preferences_data);
14173 set_client_state (CLIENT_AUTHENTIC);
14174 }
14175
14176 /**
14177 * @brief Handle end of GET_REPORTS element.
14178 *
14179 * @param[in] gmp_parser GMP parser.
14180 * @param[in] error Error parameter.
14181 */
14182 static void
handle_get_reports(gmp_parser_t * gmp_parser,GError ** error)14183 handle_get_reports (gmp_parser_t *gmp_parser, GError **error)
14184 {
14185 report_t request_report = 0, delta_report = 0, report;
14186 char no_report_format;
14187 report_format_t report_format;
14188 iterator_t reports;
14189 int count, filtered, ret, first;
14190
14191 if (current_credentials.username == NULL)
14192 {
14193 get_reports_data_reset (get_reports_data);
14194 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_reports"));
14195 set_client_state (CLIENT_AUTHENTIC);
14196 return;
14197 }
14198
14199 if (acl_user_may ("get_reports") == 0)
14200 {
14201 SEND_TO_CLIENT_OR_FAIL
14202 (XML_ERROR_SYNTAX ("get_reports",
14203 "Permission denied"));
14204 get_reports_data_reset (get_reports_data);
14205 set_client_state (CLIENT_AUTHENTIC);
14206 return;
14207 }
14208
14209 if (get_reports_data->get.trash)
14210 {
14211 SEND_TO_CLIENT_OR_FAIL
14212 (XML_ERROR_SYNTAX ("get_reports",
14213 "Getting reports from the trashcan"
14214 " is not supported"));
14215 get_reports_data_reset (get_reports_data);
14216 set_client_state (CLIENT_AUTHENTIC);
14217 return;
14218 }
14219
14220 /** @todo Respond in all error cases.
14221 *
14222 * When something fails mid-way through the report, we can only close
14223 * the connection. It would be nice to instead prepare everything
14224 * before trying to send it, so that we could send an error response
14225 * when there is a problem. Buffering the entire report before sending
14226 * it would probably take too long and/or use to much memory. */
14227
14228 if (get_reports_data->report_id
14229 && find_report_with_permission (get_reports_data->report_id,
14230 &request_report,
14231 NULL))
14232 {
14233 get_reports_data_reset (get_reports_data);
14234 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_reports"));
14235 set_client_state (CLIENT_AUTHENTIC);
14236 return;
14237 }
14238
14239 if (get_reports_data->delta_report_id
14240 && strcmp (get_reports_data->delta_report_id, "0")
14241 && find_report_with_permission (get_reports_data->delta_report_id,
14242 &delta_report,
14243 NULL))
14244 {
14245 get_reports_data_reset (get_reports_data);
14246 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_reports"));
14247 set_client_state (CLIENT_AUTHENTIC);
14248 return;
14249 }
14250
14251 no_report_format = (get_reports_data->format_id == NULL)
14252 || (strcmp(get_reports_data->format_id, "") == 0);
14253
14254 if ((!no_report_format)
14255 && find_report_format_with_permission (get_reports_data->format_id,
14256 &report_format,
14257 "get_report_formats"))
14258 {
14259 get_reports_data_reset (get_reports_data);
14260 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_reports"));
14261 set_client_state (CLIENT_AUTHENTIC);
14262 return;
14263 }
14264
14265 if ((!no_report_format) && (report_format == 0))
14266 {
14267 if (send_find_error_to_client ("get_reports", "report format",
14268 get_reports_data->format_id,
14269 gmp_parser))
14270 {
14271 error_send_to_client (error);
14272 return;
14273 }
14274 get_reports_data_reset (get_reports_data);
14275 set_client_state (CLIENT_AUTHENTIC);
14276 return;
14277 }
14278
14279 if (get_reports_data->get.filt_id
14280 && strcmp (get_reports_data->get.filt_id, FILT_ID_NONE)
14281 && strcmp (get_reports_data->get.filt_id, FILT_ID_USER_SETTING))
14282 {
14283 filter_t filter;
14284 if (find_filter_with_permission (get_reports_data->get.filt_id,
14285 &filter,
14286 "get_filters"))
14287 {
14288 get_reports_data_reset (get_reports_data);
14289 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_reports"));
14290 set_client_state (CLIENT_AUTHENTIC);
14291 return;
14292 }
14293
14294 if (filter == 0)
14295 {
14296 if (send_find_error_to_client ("get_reports", "filter",
14297 get_reports_data->get.filt_id,
14298 gmp_parser))
14299 {
14300 error_send_to_client (error);
14301 return;
14302 }
14303 get_reports_data_reset (get_reports_data);
14304 set_client_state (CLIENT_AUTHENTIC);
14305 return;
14306 }
14307 }
14308
14309 if (get_reports_data->report_id
14310 && request_report == 0)
14311 {
14312 if (send_find_error_to_client ("get_reports", "report",
14313 get_reports_data->report_id,
14314 gmp_parser))
14315 {
14316 error_send_to_client (error);
14317 return;
14318 }
14319 get_reports_data_reset (get_reports_data);
14320 set_client_state (CLIENT_AUTHENTIC);
14321 return;
14322 }
14323
14324 if (get_reports_data->delta_report_id
14325 && strcmp (get_reports_data->delta_report_id, "0")
14326 && delta_report == 0)
14327 {
14328 if (send_find_error_to_client ("get_reports", "report",
14329 get_reports_data->delta_report_id,
14330 gmp_parser))
14331 {
14332 error_send_to_client (error);
14333 return;
14334 }
14335 get_reports_data_reset (get_reports_data);
14336 set_client_state (CLIENT_AUTHENTIC);
14337 return;
14338 }
14339
14340 if ((!no_report_format) && (report_format_active (report_format) == 0))
14341 {
14342 get_reports_data_reset (get_reports_data);
14343 SEND_TO_CLIENT_OR_FAIL
14344 (XML_ERROR_SYNTAX ("get_reports",
14345 "Report format must be active"));
14346 set_client_state (CLIENT_AUTHENTIC);
14347 return;
14348 }
14349
14350 if ((!no_report_format) &&
14351 ((report_format_predefined (report_format) == 0)
14352 && (report_format_trust (report_format) > 1)))
14353 {
14354 get_reports_data_reset (get_reports_data);
14355 SEND_TO_CLIENT_OR_FAIL
14356 (XML_ERROR_SYNTAX ("get_reports",
14357 "Report format must be trusted"));
14358 set_client_state (CLIENT_AUTHENTIC);
14359 return;
14360 }
14361
14362 if (get_reports_data->get.id)
14363 {
14364 /* Showing requested report, use Results Filter setting. */
14365 INIT_GET (report, Result);
14366 }
14367 else
14368 {
14369 /* Showing multiple reports. Use Report Filter setting. Expand
14370 * INIT_GET here to pass the get_reports_data->report_get to
14371 * init_get. */
14372 ret = init_get ("get_reports",
14373 &get_reports_data->report_get,
14374 "Reports",
14375 &first);
14376 if (ret)
14377 {
14378 switch (ret)
14379 {
14380 case 99:
14381 SEND_TO_CLIENT_OR_FAIL
14382 (XML_ERROR_SYNTAX ("get_reports",
14383 "Permission denied"));
14384 break;
14385 default:
14386 internal_error_send_to_client (error);
14387 return;
14388 }
14389 get_reports_data_reset (get_reports_data);
14390 set_client_state (CLIENT_AUTHENTIC);
14391 return;
14392 }
14393 }
14394
14395 if ((get_reports_data->report_get.id == NULL)
14396 || (strlen (get_reports_data->report_get.id) == 0))
14397 {
14398 int overrides, min_qod;
14399 gchar *filter;
14400 get_data_t * get;
14401
14402 /* For simplicity, use a fixed result filter when filtering
14403 * reports. A given result filter is only applied when getting
14404 * a single specified report. */
14405
14406 get = &get_reports_data->report_get;
14407
14408 /* Get overrides value from report filter. */
14409 if (get->filt_id && strcmp (get->filt_id, FILT_ID_NONE))
14410 {
14411 filter = filter_term (get->filt_id);
14412 if (filter == NULL)
14413 assert (0);
14414 }
14415 else
14416 filter = NULL;
14417 g_free (get_reports_data->get.filter);
14418 overrides = filter_term_apply_overrides (filter ? filter : get->filter);
14419 min_qod = filter_term_min_qod (filter ? filter : get->filter);
14420 g_free (filter);
14421
14422 /* Setup result filter from overrides. */
14423 get_reports_data->get.filter
14424 = g_strdup_printf ("apply_overrides=%i min_qod=%i",
14425 overrides, min_qod);
14426 }
14427
14428 ret = init_report_iterator (&reports, &get_reports_data->report_get);
14429 if (ret)
14430 {
14431 switch (ret)
14432 {
14433 case 1:
14434 if (send_find_error_to_client ("get_reports", "report",
14435 get_reports_data->get.id,
14436 gmp_parser))
14437 {
14438 error_send_to_client (error);
14439 return;
14440 }
14441 break;
14442 case 2:
14443 if (send_find_error_to_client
14444 ("get_reports", "filter",
14445 get_reports_data->get.filt_id, gmp_parser))
14446 {
14447 error_send_to_client (error);
14448 return;
14449 }
14450 break;
14451 case -1:
14452 SEND_TO_CLIENT_OR_FAIL
14453 (XML_INTERNAL_ERROR ("get_reports"));
14454 break;
14455 }
14456 get_reports_data_reset (get_reports_data);
14457 set_client_state (CLIENT_AUTHENTIC);
14458 return;
14459 }
14460
14461 count = 0;
14462 if (get_reports_data->alert_id == NULL)
14463 SEND_GET_START ("report");
14464 while (next_report (&reports, &report))
14465 {
14466 gchar *extension, *content_type;
14467 GString *prefix;
14468
14469 prefix = g_string_new ("");
14470 content_type = no_report_format
14471 ? g_strdup("application/xml")
14472 : report_format_content_type (report_format);
14473 extension = no_report_format
14474 ? g_strdup("")
14475 : report_format_extension (report_format);
14476
14477 if (get_reports_data->alert_id == NULL)
14478 g_string_append_printf (prefix,
14479 "<report"
14480 " id=\"%s\""
14481 " format_id=\"%s\""
14482 " extension=\"%s\""
14483 " content_type=\"%s\">",
14484 report_iterator_uuid (&reports),
14485 no_report_format
14486 ? ""
14487 : get_reports_data->format_id,
14488 extension,
14489 content_type);
14490
14491 g_free (extension);
14492 g_free (content_type);
14493
14494 if (get_reports_data->alert_id == NULL)
14495 {
14496 task_t task;
14497
14498 /* Send the standard elements. Should match send_get_common. */
14499 buffer_xml_append_printf
14500 (prefix,
14501 "<owner><name>%s</name></owner>"
14502 "<name>%s</name>"
14503 "<comment>%s</comment>"
14504 "<creation_time>%s</creation_time>"
14505 "<modification_time>"
14506 "%s"
14507 "</modification_time>"
14508 "<writable>0</writable>"
14509 "<in_use>0</in_use>",
14510 get_iterator_owner_name (&reports)
14511 ? get_iterator_owner_name (&reports)
14512 : "",
14513 get_iterator_name (&reports)
14514 ? get_iterator_name (&reports)
14515 : "",
14516 get_iterator_comment (&reports)
14517 ? get_iterator_comment (&reports)
14518 : "",
14519 get_iterator_creation_time (&reports)
14520 ? get_iterator_creation_time (&reports)
14521 : "",
14522 get_iterator_modification_time (&reports)
14523 ? get_iterator_modification_time (&reports)
14524 : "");
14525 /* Send short task and report format info */
14526 report_task (report, &task);
14527 if (task)
14528 {
14529 gchar *report_task_uuid;
14530 task_uuid (task, &report_task_uuid);
14531
14532 buffer_xml_append_printf (prefix,
14533 "<task id=\"%s\">",
14534 report_task_uuid);
14535
14536 /* Skip task name for Anonymous XML report format. */
14537 if (get_reports_data->format_id == NULL
14538 || strcmp (get_reports_data->format_id,
14539 "5057e5cc-b825-11e4-9d0e-28d24461215b"))
14540 {
14541 gchar *report_task_name;
14542 report_task_name = task_name (task);
14543 buffer_xml_append_printf (prefix,
14544 "<name>%s</name>",
14545 report_task_name);
14546 g_free (report_task_name);
14547 }
14548
14549 buffer_xml_append_printf (prefix, "</task>");
14550
14551 g_free (report_task_uuid);
14552 }
14553
14554 if (get_reports_data->format_id)
14555 {
14556 gchar *format_name = NULL;
14557 format_name = report_format_name (report_format);
14558
14559 buffer_xml_append_printf
14560 (prefix,
14561 "<report_format id=\"%s\">"
14562 "<name>%s</name>"
14563 "</report_format>",
14564 get_reports_data->format_id,
14565 format_name ? format_name : "");
14566 // g_free (report_format_name);
14567 }
14568
14569 }
14570 /* If there's just one report then cleanup the iterator early. This
14571 * closes the iterator transaction, allowing manage_schedule to lock
14572 * the db during generation of large reports. */
14573 if (request_report)
14574 cleanup_iterator (&reports);
14575
14576 /* Always enable details when using a report to test an alert. */
14577 if (get_reports_data->alert_id)
14578 get_reports_data->get.details = 1;
14579
14580 ret = manage_send_report (report,
14581 delta_report,
14582 no_report_format ? -1 : report_format,
14583 &get_reports_data->get,
14584 get_reports_data->notes_details,
14585 get_reports_data->overrides_details,
14586 get_reports_data->result_tags,
14587 get_reports_data->ignore_pagination,
14588 get_reports_data->lean,
14589 /* Special case the XML report, bah. */
14590 (!no_report_format)
14591 && get_reports_data->format_id
14592 && strcmp
14593 (get_reports_data->format_id,
14594 "a994b278-1f62-11e1-96ac-406186ea4fc5")
14595 && strcmp
14596 (get_reports_data->format_id,
14597 "5057e5cc-b825-11e4-9d0e-28d24461215b"),
14598 send_to_client,
14599 gmp_parser->client_writer,
14600 gmp_parser->client_writer_data,
14601 get_reports_data->alert_id,
14602 prefix->str);
14603 g_string_free (prefix, TRUE);
14604 if (ret)
14605 {
14606 if (get_reports_data->alert_id)
14607 switch (ret)
14608 {
14609 case 0:
14610 break;
14611 case 1:
14612 if (send_find_error_to_client
14613 ("get_reports", "alert",
14614 get_reports_data->alert_id, gmp_parser))
14615 {
14616 error_send_to_client (error);
14617 return;
14618 }
14619 /* Close the connection with the client, as part of the
14620 * response may have been sent before the error
14621 * occurred. */
14622 internal_error_send_to_client (error);
14623 if (request_report == 0)
14624 cleanup_iterator (&reports);
14625 get_reports_data_reset (get_reports_data);
14626 set_client_state (CLIENT_AUTHENTIC);
14627 return;
14628 break;
14629 case 2:
14630 if (send_find_error_to_client
14631 ("get_reports", "filter",
14632 get_reports_data->get.filt_id, gmp_parser))
14633 {
14634 error_send_to_client (error);
14635 return;
14636 }
14637 /* This error always occurs before anything is sent
14638 * to the client, so the connection can stay up. */
14639 if (request_report == 0)
14640 cleanup_iterator (&reports);
14641 get_reports_data_reset (get_reports_data);
14642 set_client_state (CLIENT_AUTHENTIC);
14643 return;
14644 break;
14645 case -2:
14646 SEND_TO_CLIENT_OR_FAIL
14647 (XML_ERROR_SYNTAX ("get_reports",
14648 "Failed to find report format for"
14649 " alert"));
14650 if (request_report == 0)
14651 cleanup_iterator (&reports);
14652 get_reports_data_reset (get_reports_data);
14653 set_client_state (CLIENT_AUTHENTIC);
14654 return;
14655 break;
14656 case -3:
14657 SEND_TO_CLIENT_OR_FAIL
14658 (XML_INTERNAL_ERROR ("get_reports"));
14659 if (request_report == 0)
14660 cleanup_iterator (&reports);
14661 get_reports_data_reset (get_reports_data);
14662 set_client_state (CLIENT_AUTHENTIC);
14663 return;
14664 break;
14665 case -4:
14666 SEND_TO_CLIENT_OR_FAIL
14667 (XML_ERROR_SYNTAX ("get_reports",
14668 "Failed to find filter for"
14669 " alert"));
14670 if (request_report == 0)
14671 cleanup_iterator (&reports);
14672 get_reports_data_reset (get_reports_data);
14673 set_client_state (CLIENT_AUTHENTIC);
14674 return;
14675 break;
14676 default:
14677 case -1:
14678 SEND_TO_CLIENT_OR_FAIL
14679 (XML_INTERNAL_ERROR ("get_reports"));
14680 /* Close the connection with the client, as part of the
14681 * response may have been sent before the error
14682 * occurred. */
14683 internal_error_send_to_client (error);
14684 if (request_report == 0)
14685 cleanup_iterator (&reports);
14686 get_reports_data_reset (get_reports_data);
14687 set_client_state (CLIENT_AUTHENTIC);
14688 return;
14689 break;
14690 }
14691 else if (ret == 2)
14692 {
14693 if (send_find_error_to_client
14694 ("get_reports", "filter",
14695 get_reports_data->get.filt_id, gmp_parser))
14696 {
14697 error_send_to_client (error);
14698 return;
14699 }
14700 /* This error always occurs before anything is sent
14701 * to the client, so the connection can stay up. */
14702 if (request_report == 0)
14703 cleanup_iterator (&reports);
14704 get_reports_data_reset (get_reports_data);
14705 set_client_state (CLIENT_AUTHENTIC);
14706 return;
14707 }
14708 else
14709 {
14710 /* Close the connection with the client, as part of the
14711 * response may have been sent before the error
14712 * occurred. */
14713 internal_error_send_to_client (error);
14714 if (request_report == 0)
14715 cleanup_iterator (&reports);
14716 get_reports_data_reset (get_reports_data);
14717 set_client_state (CLIENT_AUTHENTIC);
14718 return;
14719 }
14720 }
14721 if (get_reports_data->alert_id == NULL)
14722 SEND_TO_CLIENT_OR_FAIL ("</report>");
14723
14724 count++;
14725
14726 if (request_report)
14727 /* Just to be safe, because iterator has been freed. */
14728 break;
14729 }
14730 if (request_report == 0)
14731 cleanup_iterator (&reports);
14732
14733 if (get_reports_data->alert_id)
14734 SEND_TO_CLIENT_OR_FAIL (XML_OK ("get_reports"));
14735 else
14736 {
14737 filtered = get_reports_data->get.id
14738 ? 1
14739 : report_count (&get_reports_data->report_get);
14740 SEND_GET_END ("report", &get_reports_data->report_get, count,
14741 filtered);
14742 }
14743
14744 get_reports_data_reset (get_reports_data);
14745 set_client_state (CLIENT_AUTHENTIC);
14746 }
14747
14748 /**
14749 * @brief Handle end of GET_REPORT_FORMATS element.
14750 *
14751 * @param[in] gmp_parser GMP parser.
14752 * @param[in] error Error parameter.
14753 */
14754 static void
handle_get_report_formats(gmp_parser_t * gmp_parser,GError ** error)14755 handle_get_report_formats (gmp_parser_t *gmp_parser, GError **error)
14756 {
14757 if (get_report_formats_data->params &&
14758 get_report_formats_data->get.trash)
14759 SEND_TO_CLIENT_OR_FAIL
14760 (XML_ERROR_SYNTAX ("get_report_formats",
14761 "Params given with trash"));
14762 else
14763 {
14764 iterator_t report_formats;
14765 int count, filtered, ret, first;
14766
14767 INIT_GET (report_format, Report Format);
14768
14769 ret = init_report_format_iterator (&report_formats,
14770 &get_report_formats_data->get);
14771 if (ret)
14772 {
14773 switch (ret)
14774 {
14775 case 1:
14776 if (send_find_error_to_client ("get_report_formats",
14777 "report_format",
14778 get_report_formats_data->get.id,
14779 gmp_parser))
14780 {
14781 error_send_to_client (error);
14782 return;
14783 }
14784 break;
14785 case 2:
14786 if (send_find_error_to_client
14787 ("get_report_formats", "filter",
14788 get_report_formats_data->get.filt_id, gmp_parser))
14789 {
14790 error_send_to_client (error);
14791 return;
14792 }
14793 break;
14794 case -1:
14795 SEND_TO_CLIENT_OR_FAIL
14796 (XML_INTERNAL_ERROR ("get_report_formats"));
14797 break;
14798 }
14799 get_report_formats_data_reset (get_report_formats_data);
14800 set_client_state (CLIENT_AUTHENTIC);
14801 return;
14802 }
14803
14804 SEND_GET_START ("report_format");
14805 while (1)
14806 {
14807 time_t trust_time;
14808
14809 ret = get_next (&report_formats,
14810 &get_report_formats_data->get, &first, &count,
14811 init_report_format_iterator);
14812 if (ret == 1)
14813 break;
14814 if (ret == -1)
14815 {
14816 internal_error_send_to_client (error);
14817 return;
14818 }
14819
14820 SEND_GET_COMMON (report_format,
14821 &get_report_formats_data->get,
14822 &report_formats);
14823
14824 trust_time = report_format_iterator_trust_time
14825 (&report_formats);
14826
14827 SENDF_TO_CLIENT_OR_FAIL
14828 ("<extension>%s</extension>"
14829 "<content_type>%s</content_type>"
14830 "<summary>%s</summary>"
14831 "<description>%s</description>"
14832 "<predefined>%i</predefined>",
14833 report_format_iterator_extension (&report_formats),
14834 report_format_iterator_content_type (&report_formats),
14835 report_format_iterator_summary (&report_formats),
14836 report_format_iterator_description (&report_formats),
14837 get_report_formats_data->get.trash
14838 ? trash_report_format_predefined
14839 (get_iterator_resource (&report_formats))
14840 : report_format_predefined
14841 (get_iterator_resource (&report_formats)));
14842
14843 if (get_report_formats_data->alerts)
14844 {
14845 iterator_t alerts;
14846
14847 SEND_TO_CLIENT_OR_FAIL ("<alerts>");
14848 init_report_format_alert_iterator (&alerts,
14849 get_iterator_resource
14850 (&report_formats));
14851 while (next (&alerts))
14852 {
14853 if (report_format_alert_iterator_readable (&alerts) == 0)
14854 /* Only show alerts the user may see. */
14855 continue;
14856
14857 SENDF_TO_CLIENT_OR_FAIL
14858 ("<alert id=\"%s\">"
14859 "<name>%s</name>",
14860 report_format_alert_iterator_uuid (&alerts),
14861 report_format_alert_iterator_name (&alerts));
14862 if (report_format_alert_iterator_readable (&alerts))
14863 SEND_TO_CLIENT_OR_FAIL ("</alert>");
14864 else
14865 SEND_TO_CLIENT_OR_FAIL ("<permissions/>"
14866 "</alert>");
14867 }
14868 cleanup_iterator (&alerts);
14869 SEND_TO_CLIENT_OR_FAIL ("</alerts>");
14870 }
14871
14872 if (get_report_formats_data->params
14873 || get_report_formats_data->get.details)
14874 {
14875 iterator_t params;
14876 init_report_format_param_iterator
14877 (¶ms, get_iterator_resource (&report_formats),
14878 get_report_formats_data->get.trash, 1, NULL);
14879 while (next (¶ms))
14880 {
14881 long long int min, max;
14882 iterator_t options;
14883
14884 SENDF_TO_CLIENT_OR_FAIL
14885 ("<param>"
14886 "<name>%s</name>"
14887 "<type>%s",
14888 report_format_param_iterator_name (¶ms),
14889 report_format_param_iterator_type_name (¶ms));
14890
14891 min = report_format_param_iterator_type_min (¶ms);
14892 if (min > LLONG_MIN)
14893 SENDF_TO_CLIENT_OR_FAIL ("<min>%lli</min>", min);
14894
14895 max = report_format_param_iterator_type_max (¶ms);
14896 if (max < LLONG_MAX)
14897 SENDF_TO_CLIENT_OR_FAIL ("<max>%lli</max>", max);
14898
14899 if (report_format_param_iterator_type (¶ms)
14900 == REPORT_FORMAT_PARAM_TYPE_REPORT_FORMAT_LIST)
14901 {
14902 const char *value;
14903 const char *fallback;
14904 value = report_format_param_iterator_value (¶ms);
14905 fallback = report_format_param_iterator_fallback
14906 (¶ms);
14907
14908 SENDF_TO_CLIENT_OR_FAIL
14909 ("</type><value>%s",
14910 value ? value : "");
14911 if (value)
14912 {
14913 gchar **ids, **current_id;
14914 ids = g_strsplit (value, ",", -1);
14915 current_id = ids;
14916 while (*current_id)
14917 {
14918 report_format_t value_rf;
14919 gchar *name;
14920 find_report_format_with_permission
14921 (*current_id, &value_rf,
14922 "get_report_formats");
14923 name = value_rf ? report_format_name (value_rf)
14924 : NULL;
14925
14926 SENDF_TO_CLIENT_OR_FAIL
14927 ("<report_format id=\"%s\">"
14928 "<name>%s</name>"
14929 "</report_format>",
14930 *current_id,
14931 name ? name : "");
14932
14933 g_free (name);
14934 current_id ++;
14935 }
14936 g_strfreev (ids);
14937 }
14938
14939 SENDF_TO_CLIENT_OR_FAIL
14940 ("</value><default>%s",
14941 fallback ? fallback : "");
14942 if (fallback)
14943 {
14944 gchar **ids, **current_id;
14945 ids = g_strsplit (fallback, ",", -1);
14946 current_id = ids;
14947 while (*current_id)
14948 {
14949 report_format_t value_rf;
14950 gchar *name;
14951 find_report_format_with_permission
14952 (*current_id, &value_rf,
14953 "get_report_formats");
14954 name = value_rf ? report_format_name (value_rf)
14955 : NULL;
14956
14957 SENDF_TO_CLIENT_OR_FAIL
14958 ("<report_format id=\"%s\">"
14959 "<name>%s</name>"
14960 "</report_format>",
14961 *current_id,
14962 name ? name : "");
14963
14964 g_free (name);
14965 current_id ++;
14966 }
14967 g_strfreev (ids);
14968 }
14969
14970 SENDF_TO_CLIENT_OR_FAIL
14971 ("</default>");
14972 }
14973 else
14974 {
14975 SENDF_TO_CLIENT_OR_FAIL
14976 ("</type>"
14977 "<value>%s</value>"
14978 "<default>%s</default>",
14979 report_format_param_iterator_value (¶ms),
14980 report_format_param_iterator_fallback (¶ms));
14981 }
14982
14983 if (report_format_param_iterator_type (¶ms)
14984 == REPORT_FORMAT_PARAM_TYPE_SELECTION)
14985 {
14986 SEND_TO_CLIENT_OR_FAIL ("<options>");
14987 init_param_option_iterator
14988 (&options,
14989 report_format_param_iterator_param
14990 (¶ms),
14991 1,
14992 NULL);
14993 while (next (&options))
14994 SENDF_TO_CLIENT_OR_FAIL
14995 ("<option>%s</option>",
14996 param_option_iterator_value (&options));
14997 cleanup_iterator (&options);
14998 SEND_TO_CLIENT_OR_FAIL ("</options>");
14999 }
15000
15001 SEND_TO_CLIENT_OR_FAIL ("</param>");
15002 }
15003 cleanup_iterator (¶ms);
15004 }
15005
15006 if (get_report_formats_data->get.details)
15007 {
15008 file_iterator_t files;
15009 if (init_report_format_file_iterator
15010 (&files, get_iterator_resource (&report_formats)))
15011 {
15012 cleanup_iterator (&report_formats);
15013 error_send_to_client (error);
15014 return;
15015 }
15016 while (next_file (&files))
15017 {
15018 gchar *content = file_iterator_content_64 (&files);
15019 SENDF_TO_CLIENT_OR_FAIL
15020 ("<file name=\"%s\">%s</file>",
15021 file_iterator_name (&files),
15022 content);
15023 g_free (content);
15024 }
15025 cleanup_file_iterator (&files);
15026
15027 SENDF_TO_CLIENT_OR_FAIL
15028 ("<signature>%s</signature>",
15029 report_format_iterator_signature (&report_formats));
15030 }
15031
15032 SENDF_TO_CLIENT_OR_FAIL
15033 ("<trust>%s<time>%s</time></trust>"
15034 "<active>%i</active>",
15035 get_report_formats_data->get.trash
15036 ? report_format_iterator_trust (&report_formats)
15037 : (report_format_predefined (get_iterator_resource
15038 (&report_formats))
15039 ? "yes"
15040 : report_format_iterator_trust (&report_formats)),
15041 iso_time (&trust_time),
15042 report_format_iterator_active (&report_formats));
15043
15044 SEND_TO_CLIENT_OR_FAIL ("</report_format>");
15045 count++;
15046 }
15047 cleanup_iterator (&report_formats);
15048 filtered = get_report_formats_data->get.id
15049 ? 1
15050 : report_format_count (&get_report_formats_data->get);
15051 SEND_GET_END ("report_format", &get_report_formats_data->get,
15052 count, filtered);
15053 }
15054 get_report_formats_data_reset (get_report_formats_data);
15055 set_client_state (CLIENT_AUTHENTIC);
15056 }
15057
15058 /**
15059 * @brief Handle end of GET_RESULTS element.
15060 *
15061 * @param[in] gmp_parser GMP parser.
15062 * @param[in] error Error parameter.
15063 */
15064 static void
handle_get_results(gmp_parser_t * gmp_parser,GError ** error)15065 handle_get_results (gmp_parser_t *gmp_parser, GError **error)
15066 {
15067 result_t result = 0;
15068 task_t task = 0;
15069
15070 if (acl_user_may ("get_results") == 0)
15071 {
15072 SEND_TO_CLIENT_OR_FAIL
15073 (XML_ERROR_SYNTAX ("get_results",
15074 "Permission denied"));
15075 get_results_data_reset (get_results_data);
15076 set_client_state (CLIENT_AUTHENTIC);
15077 return;
15078 }
15079
15080 if (current_credentials.username == NULL)
15081 {
15082 get_results_data_reset (get_results_data);
15083 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_results"));
15084 set_client_state (CLIENT_AUTHENTIC);
15085 return;
15086 }
15087
15088 if (get_results_data->get.trash)
15089 {
15090 SEND_TO_CLIENT_OR_FAIL
15091 (XML_ERROR_SYNTAX ("get_results",
15092 "Getting results from the trashcan is not"
15093 " supported"));
15094 get_results_data_reset (get_results_data);
15095 set_client_state (CLIENT_AUTHENTIC);
15096 return;
15097 }
15098
15099 if (get_results_data->get.id
15100 && find_result_with_permission (get_results_data->get.id,
15101 &result,
15102 NULL))
15103 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_results"));
15104 else if (get_results_data->get.id && result == 0)
15105 {
15106 if (send_find_error_to_client ("get_results", "result",
15107 get_results_data->get.id,
15108 gmp_parser))
15109 {
15110 error_send_to_client (error);
15111 return;
15112 }
15113 }
15114 else if (get_results_data->task_id
15115 && find_task_with_permission (get_results_data->task_id,
15116 &task,
15117 NULL))
15118 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_results"));
15119 else if (get_results_data->task_id && task == 0)
15120 {
15121 if (send_find_error_to_client ("get_results", "task",
15122 get_results_data->task_id,
15123 gmp_parser))
15124 {
15125 error_send_to_client (error);
15126 return;
15127 }
15128 }
15129 else
15130 {
15131 const char* filter;
15132 iterator_t results;
15133 int notes, overrides;
15134 int count, ret, first;
15135 gchar *report_id;
15136 report_t report;
15137
15138 if (get_results_data->get.filt_id
15139 && strcmp (get_results_data->get.filt_id, FILT_ID_NONE))
15140 {
15141 filter = filter_term (get_results_data->get.filt_id);
15142 }
15143 else
15144 filter = get_results_data->get.filter;
15145
15146 SEND_TO_CLIENT_OR_FAIL ("<get_results_response"
15147 " status=\"" STATUS_OK "\""
15148 " status_text=\"" STATUS_OK_TEXT "\">");
15149 INIT_GET (result, Result);
15150
15151 // Do not allow ignore_pagination here
15152 get_results_data->get.ignore_pagination = 0;
15153
15154 /* Note: This keyword may be removed or renamed at any time once there
15155 * is a better solution like an operator for conditions that must always
15156 * apply or support for parentheses in filters. */
15157 report_id = filter_term_value (filter,
15158 "_and_report_id");
15159 report = 0;
15160
15161 if (report_id)
15162 {
15163 if (find_report_with_permission (report_id,
15164 &report,
15165 NULL))
15166 {
15167 g_free (report_id);
15168 g_warning ("Failed to get report");
15169 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_results"));
15170 return;
15171 }
15172
15173 if (report == 0)
15174 report = -1;
15175 }
15176 g_free (report_id);
15177
15178 init_result_get_iterator (&results, &get_results_data->get,
15179 report, /* report restriction */
15180 NULL, /* No host restriction */
15181 NULL); /* No extra order SQL. */
15182
15183 manage_report_filter_controls (filter,
15184 NULL, /* first */
15185 NULL, /* max */
15186 NULL, /* sort_field */
15187 NULL, /* sort_order */
15188 NULL, /* result_hosts_only */
15189 NULL, /* min_qod */
15190 NULL, /* levels */
15191 NULL, /* delta_states */
15192 NULL, /* search_phrase */
15193 NULL, /* search_phrase_exact */
15194 ¬es,
15195 &overrides,
15196 NULL, /* apply_overrides */
15197 NULL);/* zone */
15198
15199 if (next (&results))
15200 {
15201 if (get_results_data->get.id && (task == 0))
15202 {
15203 char *task_id;
15204 task_uuid (result_iterator_task (&results), &task_id);
15205 if (find_task_with_permission (task_id, &task, NULL))
15206 {
15207 free (task_id);
15208 internal_error_send_to_client (error);
15209 cleanup_iterator (&results);
15210 return;
15211 }
15212 free (task_id);
15213 }
15214
15215 count = 0;
15216 do
15217 {
15218 GString *buffer = g_string_new ("");
15219 buffer_results_xml (buffer,
15220 &results,
15221 task,
15222 notes,
15223 get_results_data->notes_details,
15224 overrides,
15225 get_results_data->overrides_details,
15226 1,
15227 /* show tag details if selected by ID */
15228 get_results_data->get.id != NULL,
15229 get_results_data->get.details,
15230 NULL,
15231 NULL,
15232 0,
15233 -1,
15234 0); /* Lean. */
15235 SEND_TO_CLIENT_OR_FAIL (buffer->str);
15236 g_string_free (buffer, TRUE);
15237 count ++;
15238 }
15239 while (next (&results));
15240 }
15241 cleanup_iterator (&results);
15242
15243 manage_filter_controls (get_results_data->get.filter,
15244 &first, NULL, NULL, NULL);
15245
15246 if (get_results_data->get_counts)
15247 {
15248 int filtered;
15249
15250 filtered = get_results_data->get.id
15251 ? 1 : result_count (&get_results_data->get,
15252 report /* No report */,
15253 NULL /* No host */);
15254
15255 if (send_get_end ("result", &get_results_data->get, count, filtered,
15256 resource_count ("result", &get_results_data->get),
15257 gmp_parser->client_writer,
15258 gmp_parser->client_writer_data))
15259 {
15260 error_send_to_client (error);
15261 return;
15262 }
15263 }
15264 else if (send_get_end_no_counts ("result",
15265 &get_results_data->get,
15266 gmp_parser->client_writer,
15267 gmp_parser->client_writer_data))
15268 {
15269 error_send_to_client (error);
15270 return;
15271 }
15272 }
15273
15274 get_results_data_reset (get_results_data);
15275 set_client_state (CLIENT_AUTHENTIC);
15276 }
15277
15278 /**
15279 * @brief Handle end of GET_ROLES element.
15280 *
15281 * @param[in] gmp_parser GMP parser.
15282 * @param[in] error Error parameter.
15283 */
15284 static void
handle_get_roles(gmp_parser_t * gmp_parser,GError ** error)15285 handle_get_roles (gmp_parser_t *gmp_parser, GError **error)
15286 {
15287 iterator_t roles;
15288 int count, filtered, ret, first;
15289
15290 INIT_GET (role, Role);
15291
15292 ret = init_role_iterator (&roles, &get_roles_data->get);
15293 if (ret)
15294 {
15295 switch (ret)
15296 {
15297 case 1:
15298 if (send_find_error_to_client ("get_roles", "role",
15299 get_roles_data->get.id,
15300 gmp_parser))
15301 {
15302 error_send_to_client (error);
15303 return;
15304 }
15305 break;
15306 case 2:
15307 if (send_find_error_to_client
15308 ("get_roles", "filter", get_roles_data->get.filt_id,
15309 gmp_parser))
15310 {
15311 error_send_to_client (error);
15312 return;
15313 }
15314 break;
15315 case -1:
15316 SEND_TO_CLIENT_OR_FAIL
15317 (XML_INTERNAL_ERROR ("get_roles"));
15318 break;
15319 }
15320 get_roles_data_reset (get_roles_data);
15321 set_client_state (CLIENT_AUTHENTIC);
15322 return;
15323 }
15324
15325 SEND_GET_START ("role");
15326 while (1)
15327 {
15328 gchar *users;
15329
15330 ret = get_next (&roles, &get_roles_data->get, &first, &count,
15331 init_role_iterator);
15332 if (ret == 1)
15333 break;
15334 if (ret == -1)
15335 {
15336 internal_error_send_to_client (error);
15337 return;
15338 }
15339
15340 SEND_GET_COMMON (role, &get_roles_data->get, &roles);
15341
15342 users = role_users (get_iterator_resource (&roles));
15343 SENDF_TO_CLIENT_OR_FAIL ("<users>%s</users>", users ? users : "");
15344 g_free (users);
15345
15346 SEND_TO_CLIENT_OR_FAIL ("</role>");
15347
15348 count++;
15349 }
15350 cleanup_iterator (&roles);
15351 filtered = get_roles_data->get.id
15352 ? 1
15353 : role_count (&get_roles_data->get);
15354 SEND_GET_END ("role", &get_roles_data->get, count, filtered);
15355
15356 get_roles_data_reset (get_roles_data);
15357 set_client_state (CLIENT_AUTHENTIC);
15358 }
15359
15360 /**
15361 * @brief Handle end of GET_SCANNERS element.
15362 *
15363 * @param[in] gmp_parser GMP parser.
15364 * @param[in] error Error parameter.
15365 */
15366 static void
handle_get_scanners(gmp_parser_t * gmp_parser,GError ** error)15367 handle_get_scanners (gmp_parser_t *gmp_parser, GError **error)
15368 {
15369 iterator_t scanners;
15370 int ret, count, filtered, first;
15371
15372 INIT_GET (scanner, Scanner);
15373 ret = init_scanner_iterator (&scanners, &get_scanners_data->get);
15374 switch (ret)
15375 {
15376 case 0:
15377 break;
15378 case 1:
15379 if (send_find_error_to_client
15380 ("get_scanners", "scanners", get_scanners_data->get.id,
15381 gmp_parser))
15382 {
15383 error_send_to_client (error);
15384 break;
15385 }
15386 break;
15387 case 2:
15388 if (send_find_error_to_client
15389 ("get_scanners", "filter", get_scanners_data->get.filt_id,
15390 gmp_parser))
15391 {
15392 error_send_to_client (error);
15393 break;
15394 }
15395 break;
15396 case -1:
15397 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_scanners"));
15398 break;
15399 }
15400 if (ret)
15401 {
15402 get_scanners_data_reset (get_scanners_data);
15403 set_client_state (CLIENT_AUTHENTIC);
15404 return;
15405 }
15406
15407 SEND_GET_START ("scanner");
15408 while (1)
15409 {
15410 gchar *credential_id;
15411 ret = get_next (&scanners, &get_scanners_data->get, &first, &count,
15412 init_scanner_iterator);
15413 if (ret == 1)
15414 break;
15415 if (ret == -1)
15416 {
15417 internal_error_send_to_client (error);
15418 break;
15419 }
15420
15421 SEND_GET_COMMON (scanner, &get_scanners_data->get, &scanners);
15422
15423 SENDF_TO_CLIENT_OR_FAIL
15424 ("<host>%s</host>"
15425 "<port>%d</port>"
15426 "<type>%d</type>"
15427 "<ca_pub>%s</ca_pub>",
15428 scanner_iterator_host (&scanners) ?: "",
15429 scanner_iterator_port (&scanners) ?: 0,
15430 scanner_iterator_type (&scanners),
15431 scanner_iterator_ca_pub (&scanners) ?: "");
15432
15433 if (get_scanners_data->get.details)
15434 {
15435 time_t activation_time, expiration_time;
15436 gchar *activation_time_str, *expiration_time_str;
15437
15438 if (scanner_iterator_ca_pub (&scanners))
15439 {
15440 /* CA Certificate */
15441 gchar *md5_fingerprint, *issuer;
15442
15443 get_certificate_info (scanner_iterator_ca_pub (&scanners),
15444 -1,
15445 &activation_time,
15446 &expiration_time,
15447 &md5_fingerprint,
15448 NULL, /* sha256_fingerprint */
15449 NULL, /* subject */
15450 &issuer,
15451 NULL, /* serial */
15452 NULL); /* certificate_format */
15453
15454 activation_time_str = certificate_iso_time (activation_time);
15455 expiration_time_str = certificate_iso_time (expiration_time);
15456 SENDF_TO_CLIENT_OR_FAIL
15457 ("<ca_pub_info>"
15458 "<time_status>%s</time_status>"
15459 "<activation_time>%s</activation_time>"
15460 "<expiration_time>%s</expiration_time>"
15461 "<md5_fingerprint>%s</md5_fingerprint>"
15462 "<issuer>%s</issuer>"
15463 "</ca_pub_info>",
15464 certificate_time_status (activation_time, expiration_time),
15465 activation_time_str,
15466 expiration_time_str,
15467 md5_fingerprint,
15468 issuer);
15469 g_free (activation_time_str);
15470 g_free (expiration_time_str);
15471 g_free (md5_fingerprint);
15472 g_free (issuer);
15473 }
15474 }
15475
15476 credential_id = credential_uuid (scanner_iterator_credential (&scanners));
15477 SENDF_TO_CLIENT_OR_FAIL
15478 ("<credential id=\"%s\">"
15479 "<name>%s</name>"
15480 "<type>%s</type>"
15481 "<trash>%d</trash>",
15482 credential_id ? credential_id : "",
15483 scanner_iterator_credential_name (&scanners) ?: "",
15484 scanner_iterator_credential_type (&scanners) ?: "",
15485 scanner_iterator_credential_trash (&scanners));
15486
15487 if (get_scanners_data->get.details)
15488 {
15489 time_t activation_time, expiration_time;
15490 gchar *activation_time_str, *expiration_time_str;
15491
15492 if (scanner_iterator_key_pub (&scanners))
15493 {
15494 /* Certificate */
15495 gchar *md5_fingerprint, *issuer;
15496
15497 get_certificate_info (scanner_iterator_key_pub (&scanners),
15498 -1,
15499 &activation_time,
15500 &expiration_time,
15501 &md5_fingerprint,
15502 NULL, /* sha256_fingerprint */
15503 NULL, /* subject */
15504 &issuer,
15505 NULL, /* serial */
15506 NULL); /* certificate_format */
15507
15508 activation_time_str = certificate_iso_time (activation_time);
15509 expiration_time_str = certificate_iso_time (expiration_time);
15510 SENDF_TO_CLIENT_OR_FAIL
15511 ("<certificate_info>"
15512 "<time_status>%s</time_status>"
15513 "<activation_time>%s</activation_time>"
15514 "<expiration_time>%s</expiration_time>"
15515 "<md5_fingerprint>%s</md5_fingerprint>"
15516 "<issuer>%s</issuer>"
15517 "</certificate_info>",
15518 certificate_time_status (activation_time, expiration_time),
15519 activation_time_str,
15520 expiration_time_str,
15521 md5_fingerprint,
15522 issuer);
15523 g_free (activation_time_str);
15524 g_free (expiration_time_str);
15525 g_free (md5_fingerprint);
15526 g_free (issuer);
15527 }
15528 }
15529
15530 SENDF_TO_CLIENT_OR_FAIL
15531 ("</credential>");
15532 g_free (credential_id);
15533 count++;
15534 if (get_scanners_data->get.details)
15535 {
15536 iterator_t configs, tasks;
15537
15538 SEND_TO_CLIENT_OR_FAIL ("<configs>");
15539 init_scanner_config_iterator (&configs,
15540 get_iterator_resource (&scanners));
15541 while (next (&configs))
15542 {
15543 if (scanner_task_iterator_readable (&configs) == 0)
15544 /* Only show configs the user may see. */
15545 continue;
15546
15547 SENDF_TO_CLIENT_OR_FAIL
15548 ("<config id=\"%s\">"
15549 "<name>%s</name>",
15550 scanner_config_iterator_uuid (&configs),
15551 scanner_config_iterator_name (&configs));
15552
15553 if (scanner_config_iterator_readable (&configs))
15554 SEND_TO_CLIENT_OR_FAIL ("</config>");
15555 else
15556 SEND_TO_CLIENT_OR_FAIL ("<permissions/>"
15557 "</config>");
15558 }
15559 cleanup_iterator (&configs);
15560 SEND_TO_CLIENT_OR_FAIL ("</configs>");
15561
15562 SEND_TO_CLIENT_OR_FAIL ("<tasks>");
15563 init_scanner_task_iterator (&tasks,
15564 get_iterator_resource (&scanners));
15565 while (next (&tasks))
15566 {
15567 if (scanner_task_iterator_readable (&tasks) == 0)
15568 /* Only show tasks the user may see. */
15569 continue;
15570
15571 SENDF_TO_CLIENT_OR_FAIL
15572 ("<task id=\"%s\">"
15573 "<name>%s</name>",
15574 scanner_task_iterator_uuid (&tasks),
15575 scanner_task_iterator_name (&tasks));
15576
15577 if (scanner_task_iterator_readable (&tasks))
15578 SEND_TO_CLIENT_OR_FAIL ("</task>");
15579 else
15580 SEND_TO_CLIENT_OR_FAIL ("<permissions/>"
15581 "</task>");
15582 }
15583 cleanup_iterator (&tasks);
15584 SEND_TO_CLIENT_OR_FAIL ("</tasks>");
15585 }
15586 if ((scanner_iterator_type (&scanners) == SCANNER_TYPE_OSP
15587 || scanner_iterator_type (&scanners) == SCANNER_TYPE_OPENVAS)
15588 && get_scanners_data->get.details)
15589 {
15590 char *s_name = NULL, *s_ver = NULL;
15591 char *d_name = NULL, *d_ver = NULL;
15592 char *p_name = NULL, *p_ver = NULL, *desc = NULL;
15593 GSList *params = NULL, *nodes;
15594
15595 if (!osp_get_version_from_iterator
15596 (&scanners, &s_name, &s_ver, &d_name, &d_ver, &p_name, &p_ver)
15597 && !osp_get_details_from_iterator (&scanners, &desc, ¶ms))
15598 {
15599 SENDF_TO_CLIENT_OR_FAIL
15600 ("<info><scanner><name>%s</name><version>%s</version>"
15601 "</scanner><daemon><name>%s</name><version>%s</version>"
15602 "</daemon><protocol><name>%s</name><version>%s"
15603 "</version></protocol><description>%s</description>",
15604 s_name, s_ver, d_name, d_ver, p_name, p_ver, desc);
15605
15606 SENDF_TO_CLIENT_OR_FAIL ("<params>");
15607 nodes = params;
15608 while (nodes)
15609 {
15610 osp_param_t *param = nodes->data;
15611
15612 SENDF_TO_CLIENT_OR_FAIL
15613 ("<param><id>%s</id><name>%s</name>"
15614 "<default>%s</default><description>%s</description>"
15615 "<type>osp_%s</type><mandatory>%d</mandatory></param>",
15616 osp_param_id (param), osp_param_name (param),
15617 osp_param_default (param), osp_param_desc (param),
15618 osp_param_type_str (param), osp_param_mandatory (param));
15619
15620 osp_param_free (nodes->data);
15621 nodes = nodes->next;
15622 }
15623 SENDF_TO_CLIENT_OR_FAIL ("</params></info>");
15624 }
15625 else
15626 SENDF_TO_CLIENT_OR_FAIL
15627 ("<info><scanner><name/><version/></scanner>"
15628 "<daemon><name/><version/></daemon>"
15629 "<protocol><name/><version/></protocol><description/><params/>"
15630 "</info>");
15631 g_free (s_name);
15632 g_free (s_ver);
15633 g_free (d_name);
15634 g_free (d_ver);
15635 g_free (p_name);
15636 g_free (p_ver);
15637 g_free (desc);
15638 g_slist_free (params);
15639 }
15640 else if (get_scanners_data->get.details)
15641 {
15642 SENDF_TO_CLIENT_OR_FAIL
15643 ("<info><scanner><name>OpenVAS</name><version/></scanner>"
15644 "<daemon><name/><version/></daemon>"
15645 "<protocol><name/><version/></protocol><description/><params/>"
15646 "</info>");
15647 }
15648 SEND_TO_CLIENT_OR_FAIL ("</scanner>");
15649 }
15650 cleanup_iterator (&scanners);
15651 filtered = get_scanners_data->get.id
15652 ? 1 : scanner_count (&get_scanners_data->get);
15653 SEND_GET_END ("scanner", &get_scanners_data->get, count, filtered);
15654 get_scanners_data_reset (get_scanners_data);
15655 set_client_state (CLIENT_AUTHENTIC);
15656 }
15657
15658 /**
15659 * @brief Handle end of GET_SCHEDULES element.
15660 *
15661 * @param[in] gmp_parser GMP parser.
15662 * @param[in] error Error parameter.
15663 */
15664 static void
handle_get_schedules(gmp_parser_t * gmp_parser,GError ** error)15665 handle_get_schedules (gmp_parser_t *gmp_parser, GError **error)
15666 {
15667 if (get_schedules_data->tasks && get_schedules_data->get.trash)
15668 SEND_TO_CLIENT_OR_FAIL
15669 (XML_ERROR_SYNTAX ("get_schedules",
15670 "Attributes tasks and trash both given"));
15671 else
15672 {
15673 iterator_t schedules;
15674 int count, filtered, ret, first;
15675
15676 INIT_GET (schedule, Schedule);
15677
15678 ret = init_schedule_iterator (&schedules, &get_schedules_data->get);
15679 if (ret)
15680 {
15681 switch (ret)
15682 {
15683 case 1:
15684 if (send_find_error_to_client ("get_schedules",
15685 "schedule",
15686 get_schedules_data->get.id,
15687 gmp_parser))
15688 {
15689 error_send_to_client (error);
15690 return;
15691 }
15692 break;
15693 case 2:
15694 if (send_find_error_to_client
15695 ("get_schedules", "filter",
15696 get_schedules_data->get.filt_id, gmp_parser))
15697 {
15698 error_send_to_client (error);
15699 return;
15700 }
15701 break;
15702 case -1:
15703 SEND_TO_CLIENT_OR_FAIL
15704 (XML_INTERNAL_ERROR ("get_schedules"));
15705 break;
15706 }
15707 get_schedules_data_reset (get_schedules_data);
15708 set_client_state (CLIENT_AUTHENTIC);
15709 return;
15710 }
15711
15712 SEND_GET_START ("schedule");
15713 while (1)
15714 {
15715 const char *icalendar;
15716
15717 ret = get_next (&schedules, &get_schedules_data->get, &first,
15718 &count, init_schedule_iterator);
15719 if (ret == 1)
15720 break;
15721 if (ret == -1)
15722 {
15723 internal_error_send_to_client (error);
15724 return;
15725 }
15726
15727 SEND_GET_COMMON (schedule, &get_schedules_data->get, &schedules);
15728
15729 icalendar = schedule_iterator_icalendar (&schedules);
15730
15731 SENDF_TO_CLIENT_OR_FAIL
15732 ("<icalendar>%s</icalendar>"
15733 "<timezone>%s</timezone>",
15734 icalendar ? icalendar : "",
15735 schedule_iterator_timezone (&schedules)
15736 ? schedule_iterator_timezone (&schedules)
15737 : "UTC");
15738
15739 if (get_schedules_data->tasks)
15740 {
15741 iterator_t tasks;
15742
15743 SEND_TO_CLIENT_OR_FAIL ("<tasks>");
15744 init_schedule_task_iterator (&tasks,
15745 get_iterator_resource
15746 (&schedules));
15747 while (next (&tasks))
15748 {
15749 SENDF_TO_CLIENT_OR_FAIL ("<task id=\"%s\">"
15750 "<name>%s</name>",
15751 schedule_task_iterator_uuid (&tasks),
15752 schedule_task_iterator_name
15753 (&tasks));
15754 if (schedule_task_iterator_readable (&tasks))
15755 SEND_TO_CLIENT_OR_FAIL ("</task>");
15756 else
15757 SEND_TO_CLIENT_OR_FAIL ("<permissions/>"
15758 "</task>");
15759 }
15760 cleanup_iterator (&tasks);
15761 SEND_TO_CLIENT_OR_FAIL ("</tasks>");
15762 }
15763 SEND_TO_CLIENT_OR_FAIL ("</schedule>");
15764 count++;
15765 }
15766 cleanup_iterator (&schedules);
15767 filtered = get_schedules_data->get.id
15768 ? 1
15769 : schedule_count (&get_schedules_data->get);
15770 SEND_GET_END ("schedule", &get_schedules_data->get, count, filtered);
15771 }
15772 get_schedules_data_reset (get_schedules_data);
15773 set_client_state (CLIENT_AUTHENTIC);
15774 }
15775
15776 /**
15777 * @brief Handle end of CREATE_SCHEDULE element.
15778 *
15779 * @param[in] gmp_parser GMP parser.
15780 * @param[in] error Error parameter.
15781 */
15782 static void
handle_create_schedule(gmp_parser_t * gmp_parser,GError ** error)15783 handle_create_schedule (gmp_parser_t *gmp_parser, GError **error)
15784 {
15785 schedule_t new_schedule;
15786 gchar *ical_error = NULL;
15787
15788 // Copy the schedule
15789 if (create_schedule_data->copy)
15790 {
15791 switch (copy_schedule (create_schedule_data->name,
15792 create_schedule_data->comment,
15793 create_schedule_data->copy,
15794 &new_schedule))
15795 {
15796 case 0:
15797 {
15798 char *uuid;
15799 uuid = schedule_uuid (new_schedule);
15800 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_schedule"),
15801 uuid);
15802 log_event ("schedule", "Schedule", uuid, "created");
15803 free (uuid);
15804 break;
15805 }
15806 case 1:
15807 SEND_TO_CLIENT_OR_FAIL
15808 (XML_ERROR_SYNTAX ("create_schedule",
15809 "Schedule exists already"));
15810 log_event_fail ("schedule", "Schedule", NULL, "created");
15811 break;
15812 case 2:
15813 if (send_find_error_to_client ("create_schedule", "schedule",
15814 create_schedule_data->copy,
15815 gmp_parser))
15816 {
15817 error_send_to_client (error);
15818 return;
15819 }
15820 log_event_fail ("schedule", "Schedule", NULL, "created");
15821 break;
15822 case 99:
15823 SEND_TO_CLIENT_OR_FAIL
15824 (XML_ERROR_SYNTAX ("create_schedule",
15825 "Permission denied"));
15826 log_event_fail ("schedule", "Schedule", NULL, "created");
15827 break;
15828 case -1:
15829 default:
15830 SEND_TO_CLIENT_OR_FAIL
15831 (XML_INTERNAL_ERROR ("create_schedule"));
15832 log_event_fail ("schedule", "Schedule", NULL, "created");
15833 break;
15834 }
15835 goto create_schedule_leave;
15836 }
15837 else if (create_schedule_data->name == NULL)
15838 {
15839 SEND_TO_CLIENT_OR_FAIL
15840 (XML_ERROR_SYNTAX ("create_schedule",
15841 "A NAME entity is required"));
15842 goto create_schedule_leave;
15843 }
15844 else if (create_schedule_data->icalendar == NULL
15845 || strcmp (create_schedule_data->icalendar, "") == 0)
15846 {
15847 SEND_TO_CLIENT_OR_FAIL
15848 (XML_ERROR_SYNTAX ("create_schedule",
15849 "An ICALENDAR entity is required"));
15850 goto create_schedule_leave;
15851 }
15852
15853 switch (create_schedule (create_schedule_data->name,
15854 create_schedule_data->comment,
15855 create_schedule_data->icalendar,
15856 create_schedule_data->timezone,
15857 &new_schedule,
15858 &ical_error))
15859 {
15860 case 0:
15861 {
15862 char *uuid = schedule_uuid (new_schedule);
15863 SENDF_TO_CLIENT_OR_FAIL
15864 ("<create_schedule_response status=\"201\""
15865 " status_text=\"OK, resource created\""
15866 " id=\"%s\">",
15867 uuid);
15868 if (ical_error)
15869 {
15870 SEND_TO_CLIENT_OR_FAIL
15871 ("<status_details>");
15872 SEND_TO_CLIENT_OR_FAIL
15873 (ical_error ? ical_error : "");
15874 SEND_TO_CLIENT_OR_FAIL
15875 ("</status_details>");
15876 }
15877 SEND_TO_CLIENT_OR_FAIL
15878 ("</create_schedule_response>");
15879 log_event ("schedule", "Schedule", uuid, "created");
15880 free (uuid);
15881 break;
15882 }
15883 case 1:
15884 SEND_TO_CLIENT_OR_FAIL
15885 (XML_ERROR_SYNTAX ("create_schedule",
15886 "Schedule exists already"));
15887 log_event_fail ("schedule", "Schedule", NULL, "created");
15888 break;
15889 case 3:
15890 {
15891 SENDF_TO_CLIENT_OR_FAIL
15892 ("<create_schedule_response status=\"400\""
15893 " status_text=\"Invalid ICALENDAR: %s\">"
15894 "</create_schedule_response>", ical_error);
15895 log_event_fail ("schedule", "Schedule", NULL, "created");
15896 }
15897 break;
15898 case 4:
15899 SEND_TO_CLIENT_OR_FAIL
15900 (XML_ERROR_SYNTAX ("create_schedule",
15901 "Error in TIMEZONE"));
15902 log_event_fail ("schedule", "Schedule", NULL, "created");
15903 break;
15904 case 99:
15905 SEND_TO_CLIENT_OR_FAIL
15906 (XML_ERROR_SYNTAX ("create_schedule",
15907 "Permission denied"));
15908 log_event_fail ("schedule", "Schedule", NULL, "created");
15909 break;
15910 case -1:
15911 SEND_TO_CLIENT_OR_FAIL
15912 (XML_INTERNAL_ERROR ("create_schedule"));
15913 log_event_fail ("schedule", "Schedule", NULL, "created");
15914 break;
15915 default:
15916 assert (0);
15917 SEND_TO_CLIENT_OR_FAIL
15918 (XML_INTERNAL_ERROR ("create_schedule"));
15919 log_event_fail ("schedule", "Schedule", NULL, "created");
15920 break;
15921 }
15922
15923 create_schedule_leave:
15924 create_schedule_data_reset (create_schedule_data);
15925 set_client_state (CLIENT_AUTHENTIC);
15926 }
15927
15928 /**
15929 * @brief Handle end of MODIFY_SCHEDULE element.
15930 *
15931 * @param[in] gmp_parser GMP parser.
15932 * @param[in] error Error parameter.
15933 */
15934 static void
handle_modify_schedule(gmp_parser_t * gmp_parser,GError ** error)15935 handle_modify_schedule (gmp_parser_t *gmp_parser, GError **error)
15936 {
15937 gchar *ical_error = NULL;
15938
15939 if (modify_schedule_data->icalendar == NULL
15940 || strcmp (modify_schedule_data->icalendar, "") == 0)
15941 {
15942 SEND_TO_CLIENT_OR_FAIL
15943 (XML_ERROR_SYNTAX ("modify_schedule",
15944 "ICALENDAR element is required"));
15945 modify_schedule_data_reset (modify_schedule_data);
15946 set_client_state (CLIENT_AUTHENTIC);
15947 return;
15948 }
15949
15950 switch (modify_schedule
15951 (modify_schedule_data->schedule_id,
15952 modify_schedule_data->name,
15953 modify_schedule_data->comment,
15954 modify_schedule_data->icalendar,
15955 modify_schedule_data->timezone,
15956 &ical_error))
15957 {
15958 case 0:
15959 SENDF_TO_CLIENT_OR_FAIL
15960 ("<modify_schedule_response status=\"200\""
15961 " status_text=\"OK\">"
15962 "<status_details>%s</status_details>"
15963 "</modify_schedule_response>",
15964 ical_error ? ical_error : "");
15965 log_event ("schedule", "Schedule",
15966 modify_schedule_data->schedule_id, "modified");
15967 break;
15968 case 1:
15969 if (send_find_error_to_client ("modify_schedule", "schedule",
15970 modify_schedule_data->schedule_id,
15971 gmp_parser))
15972 {
15973 error_send_to_client (error);
15974 return;
15975 }
15976 log_event_fail ("schedule", "Schedule",
15977 modify_schedule_data->schedule_id,
15978 "modified");
15979 break;
15980 case 2:
15981 SEND_TO_CLIENT_OR_FAIL
15982 (XML_ERROR_SYNTAX ("modify_schedule",
15983 "Schedule with new name exists already"));
15984 log_event_fail ("schedule", "Schedule",
15985 modify_schedule_data->schedule_id,
15986 "modified");
15987 break;
15988 case 3:
15989 SEND_TO_CLIENT_OR_FAIL
15990 (XML_ERROR_SYNTAX ("modify_schedule",
15991 "Error in type name"));
15992 log_event_fail ("schedule", "Schedule",
15993 modify_schedule_data->schedule_id,
15994 "modified");
15995 break;
15996 case 4:
15997 SEND_TO_CLIENT_OR_FAIL
15998 (XML_ERROR_SYNTAX ("modify_schedule",
15999 "MODIFY_SCHEDULE requires a schedule_id"));
16000 log_event_fail ("schedule", "Schedule",
16001 modify_schedule_data->schedule_id,
16002 "modified");
16003 break;
16004 case 6:
16005 {
16006 SENDF_TO_CLIENT_OR_FAIL
16007 ("<modify_schedule_response status=\"400\""
16008 " status_text=\"Invalid ICALENDAR: %s\">"
16009 "</modify_schedule_response>", ical_error);
16010 log_event_fail ("schedule", "Schedule",
16011 modify_schedule_data->schedule_id, "modified");
16012 }
16013 break;
16014 case 7:
16015 SEND_TO_CLIENT_OR_FAIL
16016 (XML_ERROR_SYNTAX ("modify_schedule",
16017 "Error in TIMEZONE"));
16018 log_event_fail ("schedule", "Schedule",
16019 modify_schedule_data->schedule_id, "modified");
16020 break;
16021 case 99:
16022 SEND_TO_CLIENT_OR_FAIL
16023 (XML_ERROR_SYNTAX ("modify_schedule",
16024 "Permission denied"));
16025 log_event_fail ("schedule", "Schedule",
16026 modify_schedule_data->schedule_id,
16027 "modified");
16028 break;
16029 default:
16030 case -1:
16031 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("modify_schedule"));
16032 log_event_fail ("schedule", "Schedule",
16033 modify_schedule_data->schedule_id,
16034 "modified");
16035 break;
16036 }
16037
16038 modify_schedule_data_reset (modify_schedule_data);
16039 set_client_state (CLIENT_AUTHENTIC);
16040 }
16041
16042 /**
16043 * @brief Handle end of GET_SCHEDULES element.
16044 *
16045 * @param[in] gmp_parser GMP parser.
16046 * @param[in] error Error parameter.
16047 */
16048 static void
handle_get_settings(gmp_parser_t * gmp_parser,GError ** error)16049 handle_get_settings (gmp_parser_t *gmp_parser, GError **error)
16050 {
16051 setting_t setting = 0;
16052 iterator_t settings;
16053 int count, filtered;
16054
16055 if (acl_user_may ("get_settings") == 0)
16056 {
16057 SEND_TO_CLIENT_OR_FAIL
16058 (XML_ERROR_SYNTAX ("get_settings",
16059 "Permission denied"));
16060 get_settings_data_reset (get_settings_data);
16061 set_client_state (CLIENT_AUTHENTIC);
16062 return;
16063 }
16064
16065 init_setting_iterator (&settings,
16066 get_settings_data->setting_id,
16067 get_settings_data->filter,
16068 get_settings_data->first,
16069 get_settings_data->max,
16070 get_settings_data->sort_order,
16071 get_settings_data->sort_field);
16072
16073 SEND_TO_CLIENT_OR_FAIL ("<get_settings_response"
16074 " status=\"" STATUS_OK "\""
16075 " status_text=\"" STATUS_OK_TEXT "\">");
16076 SENDF_TO_CLIENT_OR_FAIL ("<filters>"
16077 "<term>%s</term>"
16078 "</filters>"
16079 "<settings start=\"%i\" max=\"%i\"/>",
16080 get_settings_data->filter
16081 ? get_settings_data->filter
16082 : "",
16083 /* Add 1 for 1 indexing. */
16084 get_settings_data->first + 1,
16085 get_settings_data->max);
16086 count = 0;
16087 while (next (&settings))
16088 {
16089 SENDF_TO_CLIENT_OR_FAIL ("<setting id=\"%s\">"
16090 "<name>%s</name>"
16091 "<comment>%s</comment>"
16092 "<value>%s</value>",
16093 setting_iterator_uuid (&settings),
16094 setting_iterator_name (&settings),
16095 setting_iterator_comment (&settings),
16096 setting_iterator_value (&settings));
16097
16098 if (setting_is_default_ca_cert (setting_iterator_uuid (&settings))
16099 && setting_iterator_value (&settings)
16100 && strlen (setting_iterator_value (&settings)))
16101 {
16102 time_t activation_time, expiration_time;
16103 gchar *activation_time_str, *expiration_time_str, *md5_fingerprint;
16104 gchar *issuer;
16105
16106 get_certificate_info (setting_iterator_value (&settings),
16107 -1,
16108 &activation_time,
16109 &expiration_time,
16110 &md5_fingerprint,
16111 NULL, /* sha256_fingerprint */
16112 NULL, /* subject */
16113 &issuer,
16114 NULL, /* serial */
16115 NULL); /* certificate_format */
16116
16117 activation_time_str = certificate_iso_time (activation_time);
16118 expiration_time_str = certificate_iso_time (expiration_time);
16119 SENDF_TO_CLIENT_OR_FAIL
16120 ("<certificate_info>"
16121 "<time_status>%s</time_status>"
16122 "<activation_time>%s</activation_time>"
16123 "<expiration_time>%s</expiration_time>"
16124 "<md5_fingerprint>%s</md5_fingerprint>"
16125 "<issuer>%s</issuer>"
16126 "</certificate_info>",
16127 certificate_time_status (activation_time, expiration_time),
16128 activation_time_str,
16129 expiration_time_str,
16130 md5_fingerprint,
16131 issuer);
16132 g_free (activation_time_str);
16133 g_free (expiration_time_str);
16134 g_free (md5_fingerprint);
16135 g_free (issuer);
16136 }
16137
16138 SEND_TO_CLIENT_OR_FAIL ("</setting>");
16139
16140 count++;
16141 }
16142 filtered = setting
16143 ? 1
16144 : setting_count (get_settings_data->filter);
16145 SENDF_TO_CLIENT_OR_FAIL ("<setting_count>"
16146 "<filtered>%i</filtered>"
16147 "<page>%i</page>"
16148 "</setting_count>",
16149 filtered,
16150 count);
16151 cleanup_iterator (&settings);
16152 SEND_TO_CLIENT_OR_FAIL ("</get_settings_response>");
16153
16154 get_settings_data_reset (get_settings_data);
16155 set_client_state (CLIENT_AUTHENTIC);
16156 }
16157
16158 /**
16159 * @brief Handle end of GET_SYSTEM_REPORTS element.
16160 *
16161 * @param[in] gmp_parser GMP parser.
16162 * @param[in] error Error parameter.
16163 */
16164 static void
handle_get_system_reports(gmp_parser_t * gmp_parser,GError ** error)16165 handle_get_system_reports (gmp_parser_t *gmp_parser, GError **error)
16166 {
16167 int ret;
16168 report_type_iterator_t types;
16169
16170 ret = init_system_report_type_iterator
16171 (&types,
16172 get_system_reports_data->name,
16173 get_system_reports_data->slave_id);
16174
16175 switch (ret)
16176 {
16177 case 1:
16178 if (send_find_error_to_client ("get_system_reports",
16179 "system report",
16180 get_system_reports_data->name,
16181 gmp_parser))
16182 {
16183 error_send_to_client (error);
16184 return;
16185 }
16186 break;
16187 case 2:
16188 if (send_find_error_to_client
16189 ("get_system_reports", "slave",
16190 get_system_reports_data->slave_id, gmp_parser))
16191 {
16192 error_send_to_client (error);
16193 return;
16194 }
16195 break;
16196 case 4:
16197 SEND_TO_CLIENT_OR_FAIL
16198 (XML_ERROR_UNAVAILABLE ("get_system_reports",
16199 "Could not connect to slave"));
16200 break;
16201 case 5:
16202 SEND_TO_CLIENT_OR_FAIL
16203 (XML_ERROR_UNAVAILABLE ("get_system_reports",
16204 "Authentication to slave failed"));
16205 break;
16206 case 6:
16207 SEND_TO_CLIENT_OR_FAIL
16208 (XML_ERROR_UNAVAILABLE ("get_system_reports",
16209 "Failed to get system report from slave"));
16210 break;
16211 case 99:
16212 SEND_TO_CLIENT_OR_FAIL
16213 (XML_ERROR_SYNTAX ("get_system_reports",
16214 "Permission denied"));
16215 break;
16216 default:
16217 assert (0);
16218 /* fallthrough */
16219 case -1:
16220 SEND_TO_CLIENT_OR_FAIL
16221 (XML_INTERNAL_ERROR ("get_system_reports"));
16222 break;
16223 case 0:
16224 case 3:
16225 {
16226 int report_ret;
16227 char *report;
16228 SEND_TO_CLIENT_OR_FAIL ("<get_system_reports_response"
16229 " status=\"" STATUS_OK "\""
16230 " status_text=\"" STATUS_OK_TEXT "\">");
16231 while (next_report_type (&types))
16232 if (get_system_reports_data->brief
16233 && (ret != 3))
16234 SENDF_TO_CLIENT_OR_FAIL
16235 ("<system_report>"
16236 "<name>%s</name>"
16237 "<title>%s</title>"
16238 "</system_report>",
16239 report_type_iterator_name (&types),
16240 report_type_iterator_title (&types));
16241 else if ((report_ret = manage_system_report
16242 (report_type_iterator_name (&types),
16243 get_system_reports_data->duration,
16244 get_system_reports_data->start_time,
16245 get_system_reports_data->end_time,
16246 get_system_reports_data->slave_id,
16247 &report))
16248 && (report_ret != 3))
16249 {
16250 cleanup_report_type_iterator (&types);
16251 internal_error_send_to_client (error);
16252 return;
16253 }
16254 else if (report)
16255 {
16256 SENDF_TO_CLIENT_OR_FAIL
16257 ("<system_report>"
16258 "<name>%s</name>"
16259 "<title>%s</title>"
16260 "<report format=\"%s\""
16261 " start_time=\"%s\" end_time=\"%s\""
16262 " duration=\"%s\">"
16263 "%s"
16264 "</report>"
16265 "</system_report>",
16266 report_type_iterator_name (&types),
16267 report_type_iterator_title (&types),
16268 (report_ret == 3 ? "txt" : "png"),
16269 get_system_reports_data->start_time
16270 ? get_system_reports_data->start_time : "",
16271 get_system_reports_data->end_time
16272 ? get_system_reports_data->end_time : "",
16273 get_system_reports_data->duration
16274 ? get_system_reports_data->duration
16275 : (get_system_reports_data->start_time
16276 && get_system_reports_data->end_time)
16277 ? ""
16278 : "86400",
16279 report);
16280 free (report);
16281 }
16282 cleanup_report_type_iterator (&types);
16283 SEND_TO_CLIENT_OR_FAIL ("</get_system_reports_response>");
16284 }
16285 }
16286
16287 get_system_reports_data_reset (get_system_reports_data);
16288 set_client_state (CLIENT_AUTHENTIC);
16289 }
16290
16291 /**
16292 * @brief Handle end of GET_TAGS element.
16293 *
16294 * @param[in] gmp_parser GMP parser.
16295 * @param[in] error Error parameter.
16296 */
16297 static void
handle_get_tags(gmp_parser_t * gmp_parser,GError ** error)16298 handle_get_tags (gmp_parser_t *gmp_parser, GError **error)
16299 {
16300 iterator_t tags;
16301 int ret, count, first, filtered;
16302
16303 INIT_GET (tag, Tag);
16304
16305 if (get_tags_data->names_only)
16306 ret = init_tag_name_iterator (&tags, &get_tags_data->get);
16307 else
16308 ret = init_tag_iterator (&tags, &get_tags_data->get);
16309
16310 if (ret)
16311 {
16312 switch (ret)
16313 {
16314 case 1:
16315 if (send_find_error_to_client ("get_tags",
16316 "tag", get_tags_data->get.id,
16317 gmp_parser))
16318 {
16319 error_send_to_client (error);
16320 return;
16321 }
16322 break;
16323 case 2:
16324 if (send_find_error_to_client
16325 ("get_tags", "filter", get_tags_data->get.filt_id,
16326 gmp_parser))
16327 {
16328 error_send_to_client (error);
16329 return;
16330 }
16331 break;
16332 default:
16333 SEND_TO_CLIENT_OR_FAIL
16334 (XML_INTERNAL_ERROR ("get_tags"));
16335 }
16336 get_tags_data_reset (get_tags_data);
16337 set_client_state (CLIENT_AUTHENTIC);
16338 return;
16339 }
16340
16341 SEND_GET_START ("tag");
16342 while (1)
16343 {
16344 ret = get_next (&tags, &get_tags_data->get, &first, &count,
16345 get_tags_data->names_only
16346 ? init_tag_name_iterator
16347 : init_tag_iterator);
16348 if (ret == 1)
16349 break;
16350 if (ret == -1)
16351 {
16352 internal_error_send_to_client (error);
16353 return;
16354 }
16355
16356 if (get_tags_data->names_only)
16357 SENDF_TO_CLIENT_OR_FAIL ("<tag>"
16358 "<name>%s</name>"
16359 "</tag>",
16360 tag_name_iterator_name (&tags));
16361 else
16362 {
16363 gchar* value;
16364
16365 value = g_markup_escape_text (tag_iterator_value (&tags), -1);
16366
16367 SEND_GET_COMMON (tag, &get_tags_data->get, &tags);
16368
16369 SENDF_TO_CLIENT_OR_FAIL ("<resources>"
16370 "<type>%s</type>"
16371 "<count><total>%d</total></count>"
16372 "</resources>"
16373 "<value>%s</value>"
16374 "<active>%d</active>"
16375 "</tag>",
16376 tag_iterator_resource_type (&tags),
16377 tag_iterator_resources (&tags),
16378 value,
16379 tag_iterator_active (&tags));
16380
16381 g_free (value);
16382 }
16383 count++;
16384 }
16385 cleanup_iterator (&tags);
16386 filtered = get_tags_data->get.id
16387 ? 1
16388 : tag_count (&get_tags_data->get);
16389 SEND_GET_END ("tag", &get_tags_data->get, count, filtered);
16390
16391 get_tags_data_reset (get_tags_data);
16392 set_client_state (CLIENT_AUTHENTIC);
16393 }
16394
16395 /**
16396 * @brief Handle end of GET_TARGETS element.
16397 *
16398 * @param[in] gmp_parser GMP parser.
16399 * @param[in] error Error parameter.
16400 */
16401 static void
handle_get_targets(gmp_parser_t * gmp_parser,GError ** error)16402 handle_get_targets (gmp_parser_t *gmp_parser, GError **error)
16403 {
16404 if (get_targets_data->tasks && get_targets_data->get.trash)
16405 SEND_TO_CLIENT_OR_FAIL
16406 (XML_ERROR_SYNTAX ("get_target",
16407 "GET_TARGETS tasks given with trash"));
16408 else
16409 {
16410 iterator_t targets;
16411 int count, filtered, ret, first;
16412
16413 INIT_GET (target, Target);
16414
16415 ret = init_target_iterator (&targets, &get_targets_data->get);
16416 if (ret)
16417 {
16418 switch (ret)
16419 {
16420 case 1:
16421 if (send_find_error_to_client ("get_targets",
16422 "target",
16423 get_targets_data->get.id,
16424 gmp_parser))
16425 {
16426 error_send_to_client (error);
16427 return;
16428 }
16429 break;
16430 case 2:
16431 if (send_find_error_to_client
16432 ("get_targets", "filter",
16433 get_targets_data->get.filt_id, gmp_parser))
16434 {
16435 error_send_to_client (error);
16436 return;
16437 }
16438 break;
16439 case -1:
16440 SEND_TO_CLIENT_OR_FAIL
16441 (XML_INTERNAL_ERROR ("get_targets"));
16442 break;
16443 }
16444 get_targets_data_reset (get_targets_data);
16445 set_client_state (CLIENT_AUTHENTIC);
16446 return;
16447 }
16448
16449 SEND_GET_START ("target");
16450 while (1)
16451 {
16452 char *ssh_name, *ssh_uuid, *smb_name, *smb_uuid;
16453 char *esxi_name, *esxi_uuid, *snmp_name, *snmp_uuid;
16454 char *ssh_elevate_name, *ssh_elevate_uuid;
16455 const char *port_list_uuid, *port_list_name, *ssh_port;
16456 const char *hosts, *exclude_hosts, *reverse_lookup_only;
16457 const char *reverse_lookup_unify, *allow_simultaneous_ips;
16458 credential_t ssh_credential, smb_credential;
16459 credential_t esxi_credential, snmp_credential;
16460 credential_t ssh_elevate_credential;
16461 int port_list_trash, max_hosts, port_list_available;
16462 int ssh_credential_available;
16463 int smb_credential_available;
16464 int esxi_credential_available;
16465 int snmp_credential_available;
16466 int ssh_elevate_credential_available;
16467
16468 ret = get_next (&targets, &get_targets_data->get, &first,
16469 &count, init_target_iterator);
16470 if (ret == 1)
16471 break;
16472 if (ret == -1)
16473 {
16474 internal_error_send_to_client (error);
16475 return;
16476 }
16477
16478 ssh_credential = target_iterator_ssh_credential (&targets);
16479 smb_credential = target_iterator_smb_credential (&targets);
16480 esxi_credential = target_iterator_esxi_credential (&targets);
16481 snmp_credential = target_iterator_snmp_credential (&targets);
16482 ssh_elevate_credential
16483 = target_iterator_ssh_elevate_credential (&targets);
16484 ssh_credential_available = 1;
16485 if (get_targets_data->get.trash
16486 && target_iterator_ssh_trash (&targets))
16487 {
16488 ssh_name = trash_credential_name (ssh_credential);
16489 ssh_uuid = trash_credential_uuid (ssh_credential);
16490 ssh_credential_available
16491 = trash_credential_readable (ssh_credential);
16492 }
16493 else if (ssh_credential)
16494 {
16495 credential_t found;
16496
16497 ssh_name = credential_name (ssh_credential);
16498 ssh_uuid = credential_uuid (ssh_credential);
16499 if (find_credential_with_permission
16500 (ssh_uuid,
16501 &found,
16502 "get_credentials"))
16503 abort ();
16504 ssh_credential_available = (found > 0);
16505 }
16506 else
16507 {
16508 ssh_name = NULL;
16509 ssh_uuid = NULL;
16510 }
16511 smb_credential_available = 1;
16512 if (get_targets_data->get.trash
16513 && target_iterator_smb_trash (&targets))
16514 {
16515 smb_name = trash_credential_name (smb_credential);
16516 smb_uuid = trash_credential_uuid (smb_credential);
16517 smb_credential_available
16518 = trash_credential_readable (smb_credential);
16519 }
16520 else if (smb_credential)
16521 {
16522 credential_t found;
16523
16524 smb_name = credential_name (smb_credential);
16525 smb_uuid = credential_uuid (smb_credential);
16526 if (find_credential_with_permission
16527 (smb_uuid,
16528 &found,
16529 "get_credentials"))
16530 abort ();
16531 smb_credential_available = (found > 0);
16532 }
16533 else
16534 {
16535 smb_name = NULL;
16536 smb_uuid = NULL;
16537 }
16538 esxi_credential_available = 1;
16539 if (get_targets_data->get.trash
16540 && target_iterator_esxi_trash (&targets))
16541 {
16542 esxi_name
16543 = trash_credential_name (esxi_credential);
16544 esxi_uuid
16545 = trash_credential_uuid (esxi_credential);
16546 esxi_credential_available
16547 = trash_credential_readable (esxi_credential);
16548 }
16549 else if (esxi_credential)
16550 {
16551 credential_t found;
16552
16553 esxi_name = credential_name (esxi_credential);
16554 esxi_uuid = credential_uuid (esxi_credential);
16555 if (find_credential_with_permission
16556 (esxi_uuid,
16557 &found,
16558 "get_credentials"))
16559 abort ();
16560 esxi_credential_available = (found > 0);
16561 }
16562 else
16563 {
16564 esxi_name = NULL;
16565 esxi_uuid = NULL;
16566 }
16567 snmp_credential_available = 1;
16568 if (get_targets_data->get.trash
16569 && target_iterator_snmp_trash (&targets))
16570 {
16571 snmp_name
16572 = trash_credential_name (snmp_credential);
16573 snmp_uuid
16574 = trash_credential_uuid (snmp_credential);
16575 snmp_credential_available
16576 = trash_credential_readable (snmp_credential);
16577 }
16578 else if (snmp_credential)
16579 {
16580 credential_t found;
16581
16582 snmp_name = credential_name (snmp_credential);
16583 snmp_uuid = credential_uuid (snmp_credential);
16584 if (find_credential_with_permission
16585 (snmp_uuid,
16586 &found,
16587 "get_credentials"))
16588 abort ();
16589 snmp_credential_available = (found > 0);
16590 }
16591 else
16592 {
16593 snmp_name = NULL;
16594 snmp_uuid = NULL;
16595 }
16596 ssh_elevate_credential_available = 1;
16597 if (get_targets_data->get.trash
16598 && target_iterator_ssh_elevate_trash (&targets))
16599 {
16600 ssh_elevate_name
16601 = trash_credential_name (ssh_elevate_credential);
16602 ssh_elevate_uuid
16603 = trash_credential_uuid (ssh_elevate_credential);
16604 ssh_elevate_credential_available
16605 = trash_credential_readable (ssh_elevate_credential);
16606 }
16607 else if (ssh_elevate_credential)
16608 {
16609 credential_t found;
16610
16611 ssh_elevate_name = credential_name (ssh_elevate_credential);
16612 ssh_elevate_uuid = credential_uuid (ssh_elevate_credential);
16613 if (find_credential_with_permission
16614 (ssh_elevate_uuid,
16615 &found,
16616 "get_credentials"))
16617 abort ();
16618 ssh_elevate_credential_available = (found > 0);
16619 }
16620 else
16621 {
16622 ssh_elevate_name = NULL;
16623 ssh_elevate_uuid = NULL;
16624 }
16625 port_list_uuid = target_iterator_port_list_uuid (&targets);
16626 port_list_name = target_iterator_port_list_name (&targets);
16627 port_list_trash = target_iterator_port_list_trash (&targets);
16628 ssh_port = target_iterator_ssh_port (&targets);
16629
16630 port_list_available = 1;
16631 if (port_list_trash)
16632 port_list_available = trash_port_list_readable_uuid
16633 (port_list_uuid);
16634 else if (port_list_uuid)
16635 {
16636 port_list_t found;
16637 if (find_port_list_with_permission (port_list_uuid,
16638 &found,
16639 "get_port_lists"))
16640 abort ();
16641 port_list_available = (found > 0);
16642 }
16643
16644 SEND_GET_COMMON (target, &get_targets_data->get, &targets);
16645
16646 hosts = target_iterator_hosts (&targets);
16647 exclude_hosts = target_iterator_exclude_hosts (&targets);
16648 max_hosts = manage_count_hosts_max (hosts, exclude_hosts, 0);
16649 reverse_lookup_only = target_iterator_reverse_lookup_only
16650 (&targets);
16651 reverse_lookup_unify = target_iterator_reverse_lookup_unify
16652 (&targets);
16653 allow_simultaneous_ips
16654 = target_iterator_allow_simultaneous_ips (&targets);
16655
16656 SENDF_TO_CLIENT_OR_FAIL ("<hosts>%s</hosts>"
16657 "<exclude_hosts>%s</exclude_hosts>"
16658 "<max_hosts>%i</max_hosts>"
16659 "<port_list id=\"%s\">"
16660 "<name>%s</name>"
16661 "<trash>%i</trash>",
16662 hosts,
16663 exclude_hosts ? exclude_hosts : "",
16664 max_hosts,
16665 port_list_uuid ? port_list_uuid : "",
16666 port_list_name ? port_list_name : "",
16667 port_list_trash);
16668
16669 if (port_list_available == 0)
16670 SEND_TO_CLIENT_OR_FAIL ("<permissions/>");
16671
16672 SENDF_TO_CLIENT_OR_FAIL ("</port_list>"
16673 "<ssh_credential id=\"%s\">"
16674 "<name>%s</name>"
16675 "<port>%s</port>"
16676 "<trash>%i</trash>",
16677 ssh_uuid ? ssh_uuid : "",
16678 ssh_name ? ssh_name : "",
16679 ssh_port ? ssh_port : "",
16680 (get_targets_data->get.trash
16681 && target_iterator_ssh_trash (&targets)));
16682
16683 if (ssh_credential_available == 0)
16684 SEND_TO_CLIENT_OR_FAIL ("<permissions/>");
16685
16686 SENDF_TO_CLIENT_OR_FAIL ("</ssh_credential>"
16687 "<smb_credential id=\"%s\">"
16688 "<name>%s</name>"
16689 "<trash>%i</trash>",
16690 smb_uuid ? smb_uuid : "",
16691 smb_name ? smb_name : "",
16692 (get_targets_data->get.trash
16693 && target_iterator_smb_trash (&targets)));
16694
16695 if (smb_credential_available == 0)
16696 SEND_TO_CLIENT_OR_FAIL ("<permissions/>");
16697
16698 SENDF_TO_CLIENT_OR_FAIL ("</smb_credential>"
16699 "<esxi_credential id=\"%s\">"
16700 "<name>%s</name>"
16701 "<trash>%i</trash>",
16702 esxi_uuid ? esxi_uuid : "",
16703 esxi_name ? esxi_name : "",
16704 (get_targets_data->get.trash
16705 && target_iterator_esxi_trash (&targets)));
16706
16707 if (esxi_credential_available == 0)
16708 SEND_TO_CLIENT_OR_FAIL ("<permissions/>");
16709
16710 SENDF_TO_CLIENT_OR_FAIL ("</esxi_credential>"
16711 "<snmp_credential id=\"%s\">"
16712 "<name>%s</name>"
16713 "<trash>%i</trash>",
16714 snmp_uuid ? snmp_uuid : "",
16715 snmp_name ? snmp_name : "",
16716 (get_targets_data->get.trash
16717 && target_iterator_snmp_trash (&targets)));
16718
16719 if (snmp_credential_available == 0)
16720 SEND_TO_CLIENT_OR_FAIL ("<permissions/>");
16721
16722 SENDF_TO_CLIENT_OR_FAIL ("</snmp_credential>"
16723 "<ssh_elevate_credential id=\"%s\">"
16724 "<name>%s</name>"
16725 "<trash>%i</trash>",
16726 ssh_elevate_uuid ? ssh_elevate_uuid : "",
16727 ssh_elevate_name ? ssh_elevate_name : "",
16728 (get_targets_data->get.trash
16729 && target_iterator_ssh_elevate_trash (&targets)));
16730
16731 if (ssh_elevate_credential_available == 0)
16732 SEND_TO_CLIENT_OR_FAIL ("<permissions/>");
16733
16734 SENDF_TO_CLIENT_OR_FAIL ("</ssh_elevate_credential>"
16735 "<reverse_lookup_only>"
16736 "%s"
16737 "</reverse_lookup_only>"
16738 "<reverse_lookup_unify>"
16739 "%s"
16740 "</reverse_lookup_unify>"
16741 "<alive_tests>%s</alive_tests>"
16742 "<allow_simultaneous_ips>"
16743 "%s"
16744 "</allow_simultaneous_ips>",
16745 reverse_lookup_only,
16746 reverse_lookup_unify,
16747 target_iterator_alive_tests (&targets),
16748 allow_simultaneous_ips);
16749
16750 if (get_targets_data->get.details)
16751 SENDF_TO_CLIENT_OR_FAIL ("<port_range>%s</port_range>",
16752 target_port_range
16753 (get_iterator_resource (&targets)));
16754
16755 if (get_targets_data->tasks)
16756 {
16757 iterator_t tasks;
16758
16759 SEND_TO_CLIENT_OR_FAIL ("<tasks>");
16760 init_target_task_iterator (&tasks,
16761 get_iterator_resource (&targets));
16762 while (next (&tasks))
16763 {
16764 if (target_task_iterator_readable (&tasks) == 0)
16765 /* Only show tasks the user may see. */
16766 continue;
16767
16768 SENDF_TO_CLIENT_OR_FAIL ("<task id=\"%s\">"
16769 "<name>%s</name>",
16770 target_task_iterator_uuid (&tasks),
16771 target_task_iterator_name (&tasks));
16772 if (target_task_iterator_readable (&tasks))
16773 SEND_TO_CLIENT_OR_FAIL ("</task>");
16774 else
16775 SEND_TO_CLIENT_OR_FAIL ("<permissions/>"
16776 "</task>");
16777 }
16778 cleanup_iterator (&tasks);
16779 SEND_TO_CLIENT_OR_FAIL ("</tasks>");
16780 }
16781
16782 SEND_TO_CLIENT_OR_FAIL ("</target>");
16783 count++;
16784 free (ssh_name);
16785 free (ssh_uuid);
16786 free (smb_name);
16787 free (smb_uuid);
16788 free (esxi_name);
16789 free (esxi_uuid);
16790 free (ssh_elevate_name);
16791 free (ssh_elevate_uuid);
16792 }
16793 cleanup_iterator (&targets);
16794 filtered = get_targets_data->get.id
16795 ? 1
16796 : target_count (&get_targets_data->get);
16797 SEND_GET_END ("target", &get_targets_data->get, count, filtered);
16798 }
16799 get_targets_data_reset (get_targets_data);
16800 set_client_state (CLIENT_AUTHENTIC);
16801 }
16802
16803 /**
16804 * @brief Gets task schedule data of a task as XML.
16805 *
16806 * @param[in] task The task to get schedule data for.
16807 *
16808 * @return Newly allocated XML string.
16809 */
16810 static gchar*
get_task_schedule_xml(task_t task)16811 get_task_schedule_xml (task_t task)
16812 {
16813 schedule_t schedule;
16814 int schedule_in_trash, schedule_available;
16815 char *task_schedule_uuid, *task_schedule_name;
16816 GString *xml;
16817
16818 xml = g_string_new ("");
16819
16820 schedule_available = 1;
16821 schedule = task_schedule (task);
16822 if (schedule)
16823 {
16824 schedule_in_trash = task_schedule_in_trash (task);
16825 if (schedule_in_trash)
16826 {
16827 task_schedule_uuid = trash_schedule_uuid (schedule);
16828 task_schedule_name = trash_schedule_name (schedule);
16829 schedule_available = trash_schedule_readable (schedule);
16830 }
16831 else
16832 {
16833 schedule_t found;
16834 task_schedule_uuid = schedule_uuid (schedule);
16835 task_schedule_name = schedule_name (schedule);
16836 if (find_schedule_with_permission (task_schedule_uuid,
16837 &found,
16838 "get_schedules"))
16839 g_error ("%s: GET_TASKS: error finding"
16840 " task schedule, aborting",
16841 __func__);
16842 schedule_available = (found > 0);
16843 }
16844 }
16845 else
16846 {
16847 task_schedule_uuid = (char*) g_strdup ("");
16848 task_schedule_name = (char*) g_strdup ("");
16849 schedule_in_trash = 0;
16850 }
16851
16852 if (schedule_available && schedule)
16853 {
16854 gchar *icalendar, *zone;
16855
16856 icalendar = zone = NULL;
16857
16858 if (schedule_info (schedule, schedule_in_trash, &icalendar, &zone) == 0)
16859 xml_string_append (xml,
16860 "<schedule id=\"%s\">"
16861 "<name>%s</name>"
16862 "<trash>%d</trash>"
16863 "<icalendar>%s</icalendar>"
16864 "<timezone>%s</timezone>"
16865 "</schedule>",
16866 task_schedule_uuid,
16867 task_schedule_name,
16868 schedule_in_trash,
16869 icalendar ? icalendar : "",
16870 zone ? zone : "");
16871
16872 g_free (icalendar);
16873 g_free (zone);
16874 }
16875 else
16876 {
16877 xml_string_append (xml,
16878 "<schedule id=\"%s\">"
16879 "<name>%s</name>"
16880 "<trash>%d</trash>"
16881 "</schedule>",
16882 task_schedule_uuid,
16883 task_schedule_name,
16884 schedule_in_trash);
16885 }
16886
16887 xml_string_append (xml,
16888 "<schedule_periods>"
16889 "%d"
16890 "</schedule_periods>",
16891 task_schedule_periods (task));
16892
16893 return g_string_free (xml, FALSE);
16894 }
16895
16896
16897 /**
16898 * @brief Handle end of GET_TASKS element.
16899 *
16900 * @param[in] gmp_parser GMP parser.
16901 * @param[in] error Error parameter.
16902 */
16903 static void
handle_get_tasks(gmp_parser_t * gmp_parser,GError ** error)16904 handle_get_tasks (gmp_parser_t *gmp_parser, GError **error)
16905 {
16906 iterator_t tasks;
16907 int count, filtered, ret, first;
16908 get_data_t *get;
16909 const char *filter;
16910 gchar *clean_filter;
16911 int apply_overrides, min_qod;
16912
16913 if (get_tasks_data->get.details && get_tasks_data->get.trash)
16914 {
16915 SEND_TO_CLIENT_OR_FAIL
16916 (XML_ERROR_SYNTAX ("get_task",
16917 "GET_TASKS details given with trash"));
16918 get_tasks_data_reset (get_tasks_data);
16919 set_client_state (CLIENT_AUTHENTIC);
16920 return;
16921 }
16922
16923 INIT_GET (task, Task);
16924
16925 get_tasks_data->get.minimal = get_tasks_data->schedules_only;
16926 ret = init_task_iterator (&tasks, &get_tasks_data->get);
16927 if (ret)
16928 {
16929 switch (ret)
16930 {
16931 case 1:
16932 if (send_find_error_to_client ("get_tasks",
16933 "task",
16934 get_tasks_data->get.id,
16935 gmp_parser))
16936 {
16937 error_send_to_client (error);
16938 return;
16939 }
16940 break;
16941 case 2:
16942 if (send_find_error_to_client
16943 ("get_tasks", "filter", get_tasks_data->get.filt_id,
16944 gmp_parser))
16945 {
16946 error_send_to_client (error);
16947 return;
16948 }
16949 break;
16950 case -1:
16951 SEND_TO_CLIENT_OR_FAIL
16952 (XML_INTERNAL_ERROR ("get_tasks"));
16953 break;
16954 }
16955 get_tasks_data_reset (get_tasks_data);
16956 set_client_state (CLIENT_AUTHENTIC);
16957 return;
16958 }
16959
16960 SEND_GET_START ("task");
16961
16962 get = &get_tasks_data->get;
16963 if (get->filt_id && strcmp (get->filt_id, FILT_ID_NONE))
16964 {
16965 filter = filter_term (get->filt_id);
16966 if (filter == NULL)
16967 {
16968 error_send_to_client (error);
16969 return;
16970 }
16971 }
16972 else
16973 filter = NULL;
16974
16975 clean_filter = manage_clean_filter (filter ? filter : get->filter);
16976 apply_overrides = filter_term_apply_overrides (clean_filter);
16977 min_qod = filter_term_min_qod (clean_filter);
16978 g_free (clean_filter);
16979
16980 SENDF_TO_CLIENT_OR_FAIL ("<apply_overrides>%i</apply_overrides>",
16981 apply_overrides);
16982
16983 while (1)
16984 {
16985 task_t index;
16986 gchar *progress_xml;
16987 target_t target;
16988 scanner_t scanner;
16989 const char *first_report_id, *last_report_id;
16990 char *config_name, *config_uuid;
16991 gchar *config_name_escaped;
16992 char *task_target_uuid, *task_target_name;
16993 gchar *task_target_name_escaped;
16994 gchar *task_schedule_xml;
16995 char *task_scanner_uuid, *task_scanner_name;
16996 gchar *task_scanner_name_escaped;
16997 gchar *last_report;
16998 gchar *second_last_report_id;
16999 gchar *current_report;
17000 report_t running_report;
17001 char *owner, *observers;
17002 int target_in_trash, scanner_in_trash;
17003 int holes = 0, infos = 0, logs = 0, warnings = 0;
17004 int holes_2 = 0, infos_2 = 0, warnings_2 = 0;
17005 int false_positives = 0, task_scanner_type;
17006 int target_available, config_available;
17007 int scanner_available;
17008 double severity = 0, severity_2 = 0;
17009 gchar *response;
17010 iterator_t alerts, groups, roles;
17011 gchar *in_assets, *max_checks, *max_hosts, *source_iface;
17012 gchar *auto_delete, *auto_delete_data, *assets_apply_overrides;
17013 gchar *assets_min_qod;
17014
17015 ret = get_next (&tasks, &get_tasks_data->get, &first, &count,
17016 init_task_iterator);
17017 if (ret == 1)
17018 break;
17019 if (ret == -1)
17020 {
17021 internal_error_send_to_client (error);
17022 return;
17023 }
17024
17025 index = get_iterator_resource (&tasks);
17026 target = task_target (index);
17027
17028 task_schedule_xml = get_task_schedule_xml (index);
17029
17030 if (get_tasks_data->schedules_only)
17031 {
17032 SENDF_TO_CLIENT_OR_FAIL ("<task id=\"%s\">"
17033 "<name>%s</name>",
17034 get_iterator_uuid (&tasks),
17035 get_iterator_name (&tasks));
17036
17037 SEND_TO_CLIENT_OR_FAIL (task_schedule_xml);
17038 g_free (task_schedule_xml);
17039
17040 SENDF_TO_CLIENT_OR_FAIL ("</task>");
17041
17042 }
17043 else
17044 {
17045 SEND_GET_COMMON (task, &get_tasks_data->get, &tasks);
17046 target_in_trash = task_target_in_trash (index);
17047 if ((target == 0)
17048 && (task_iterator_run_status (&tasks)
17049 == TASK_STATUS_RUNNING))
17050 {
17051 progress_xml = g_strdup_printf
17052 ("%i",
17053 task_upload_progress (index));
17054 running_report = 0;
17055 }
17056 else
17057 {
17058 int progress;
17059
17060 running_report = task_iterator_current_report (&tasks);
17061 progress
17062 = report_progress (running_report);
17063 progress_xml
17064 = g_strdup_printf ("%i", progress);
17065 }
17066
17067 if (running_report)
17068 {
17069 gchar *timestamp;
17070 char *scan_start, *scan_end, *current_report_id;
17071
17072 current_report_id = report_uuid (running_report);
17073
17074 if (report_timestamp (current_report_id, ×tamp))
17075 g_error ("%s: GET_TASKS: error getting timestamp"
17076 " of report, aborting",
17077 __func__);
17078
17079 scan_start = scan_start_time_uuid (current_report_id),
17080 scan_end = scan_end_time_uuid (current_report_id),
17081
17082 current_report = g_strdup_printf ("<current_report>"
17083 "<report id=\"%s\">"
17084 "<timestamp>"
17085 "%s"
17086 "</timestamp>"
17087 "<scan_start>"
17088 "%s"
17089 "</scan_start>"
17090 "<scan_end>"
17091 "%s"
17092 "</scan_end>"
17093 "</report>"
17094 "</current_report>",
17095 current_report_id,
17096 timestamp,
17097 scan_start,
17098 scan_end);
17099 free (current_report_id);
17100 free (scan_start);
17101 free (scan_end);
17102 g_free (timestamp);
17103 }
17104 else
17105 current_report = g_strdup ("");
17106
17107 first_report_id = task_iterator_first_report (&tasks);
17108 if (first_report_id && (get_tasks_data->get.trash == 0))
17109 {
17110 // TODO Could skip this count for tasks page.
17111 if (report_counts (first_report_id,
17112 &holes_2, &infos_2, &logs,
17113 &warnings_2, &false_positives,
17114 &severity_2, apply_overrides, min_qod))
17115 g_error ("%s: GET_TASKS: error getting counts for"
17116 " first report, aborting",
17117 __func__);
17118 }
17119
17120 second_last_report_id = task_second_last_report_id (index);
17121 if (second_last_report_id && (get_tasks_data->get.trash == 0))
17122 {
17123 /* If the first report is the second last report then skip
17124 * doing the count again. */
17125 if (((first_report_id == NULL)
17126 || (strcmp (second_last_report_id, first_report_id)))
17127 && report_counts (second_last_report_id,
17128 &holes_2, &infos_2,
17129 &logs, &warnings_2,
17130 &false_positives, &severity_2,
17131 apply_overrides, min_qod))
17132 g_error ("%s: GET_TASKS: error getting counts for"
17133 " second report, aborting",
17134 __func__);
17135 }
17136
17137 last_report_id = task_iterator_last_report (&tasks);
17138 if (get_tasks_data->get.trash && last_report_id)
17139 {
17140 gchar *timestamp;
17141 char *scan_start, *scan_end;
17142
17143 if (report_timestamp (last_report_id, ×tamp))
17144 g_error ("%s: GET_TASKS: error getting timestamp for"
17145 " last report, aborting",
17146 __func__);
17147
17148 scan_start = scan_start_time_uuid (last_report_id);
17149 scan_end = scan_end_time_uuid (last_report_id);
17150
17151 last_report = g_strdup_printf ("<last_report>"
17152 "<report id=\"%s\">"
17153 "<timestamp>%s</timestamp>"
17154 "<scan_start>%s</scan_start>"
17155 "<scan_end>%s</scan_end>"
17156 "</report>"
17157 "</last_report>",
17158 last_report_id,
17159 timestamp,
17160 scan_start,
17161 scan_end);
17162
17163 free (scan_start);
17164 free (scan_end);
17165 g_free (timestamp);
17166 }
17167 else if (last_report_id)
17168 {
17169 gchar *timestamp;
17170 char *scan_start, *scan_end;
17171
17172 /* If the last report is the first report or the second
17173 * last report, then reuse the counts from before. */
17174 if ((first_report_id == NULL)
17175 || (second_last_report_id == NULL)
17176 || (strcmp (last_report_id, first_report_id)
17177 && strcmp (last_report_id,
17178 second_last_report_id)))
17179 {
17180 if (report_counts
17181 (last_report_id,
17182 &holes, &infos, &logs,
17183 &warnings, &false_positives, &severity,
17184 apply_overrides, min_qod))
17185 g_error ("%s: GET_TASKS: error getting counts for"
17186 " last report, aborting",
17187 __func__);
17188 }
17189 else
17190 {
17191 holes = holes_2;
17192 infos = infos_2;
17193 warnings = warnings_2;
17194 severity = severity_2;
17195 }
17196
17197 if (report_timestamp (last_report_id, ×tamp))
17198 g_error ("%s: GET_TASKS: error getting timestamp for"
17199 " last report, aborting",
17200 __func__);
17201
17202 scan_start = scan_start_time_uuid (last_report_id);
17203 scan_end = scan_end_time_uuid (last_report_id);
17204
17205 if (strcmp (task_iterator_usage_type (&tasks), "audit") == 0)
17206 {
17207 int compliance_yes, compliance_no, compliance_incomplete;
17208
17209 report_compliance_by_uuid (last_report_id,
17210 &compliance_yes,
17211 &compliance_no,
17212 &compliance_incomplete);
17213
17214 last_report
17215 = g_strdup_printf ("<last_report>"
17216 "<report id=\"%s\">"
17217 "<timestamp>%s</timestamp>"
17218 "<scan_start>%s</scan_start>"
17219 "<scan_end>%s</scan_end>"
17220 "<compliance_count>"
17221 "<yes>%d</yes>"
17222 "<no>%d</no>"
17223 "<incomplete>%d</incomplete>"
17224 "</compliance_count>"
17225 "</report>"
17226 "</last_report>",
17227 last_report_id,
17228 timestamp,
17229 scan_start,
17230 scan_end,
17231 compliance_yes,
17232 compliance_no,
17233 compliance_incomplete);
17234 }
17235 else
17236 last_report
17237 = g_strdup_printf ("<last_report>"
17238 "<report id=\"%s\">"
17239 "<timestamp>%s</timestamp>"
17240 "<scan_start>%s</scan_start>"
17241 "<scan_end>%s</scan_end>"
17242 "<result_count>"
17243 "<hole>%i</hole>"
17244 "<info>%i</info>"
17245 "<log>%i</log>"
17246 "<warning>%i</warning>"
17247 "<false_positive>"
17248 "%i"
17249 "</false_positive>"
17250 "</result_count>"
17251 "<severity>"
17252 "%1.1f"
17253 "</severity>"
17254 "</report>"
17255 "</last_report>",
17256 last_report_id,
17257 timestamp,
17258 scan_start,
17259 scan_end,
17260 holes,
17261 infos,
17262 logs,
17263 warnings,
17264 false_positives,
17265 severity);
17266 free (scan_start);
17267 free (scan_end);
17268 g_free (timestamp);
17269 }
17270 else
17271 last_report = g_strdup ("");
17272
17273 g_free (second_last_report_id);
17274
17275 owner = task_owner_name (index);
17276 observers = task_observers (index);
17277 config_name = task_config_name (index);
17278 config_uuid = task_config_uuid (index);
17279 target_available = 1;
17280 if (target_in_trash)
17281 {
17282 task_target_uuid = trash_target_uuid (target);
17283 task_target_name = trash_target_name (target);
17284 target_available = trash_target_readable (target);
17285 }
17286 else if (target)
17287 {
17288 target_t found;
17289 task_target_uuid = target_uuid (target);
17290 task_target_name = target_name (target);
17291 if (find_target_with_permission (task_target_uuid,
17292 &found,
17293 "get_targets"))
17294 g_error ("%s: GET_TASKS: error finding task target,"
17295 " aborting",
17296 __func__);
17297 target_available = (found > 0);
17298 }
17299 else
17300 {
17301 task_target_uuid = NULL;
17302 task_target_name = NULL;
17303 }
17304 config_available = 1;
17305 if (task_config_in_trash (index))
17306 config_available = trash_config_readable_uuid (config_uuid);
17307 else if (config_uuid)
17308 {
17309 config_t found;
17310 if (find_config_with_permission (config_uuid,
17311 &found,
17312 "get_configs"))
17313 g_error ("%s: GET_TASKS: error finding task config,"
17314 " aborting",
17315 __func__);
17316 config_available = (found > 0);
17317 }
17318 scanner_available = 1;
17319 scanner = task_iterator_scanner (&tasks);
17320 if (scanner)
17321 {
17322 scanner_in_trash = task_scanner_in_trash (index);
17323
17324 task_scanner_uuid = scanner_uuid (scanner);
17325 task_scanner_name = scanner_name (scanner);
17326 task_scanner_type = scanner_type (scanner);
17327 if (scanner_in_trash)
17328 scanner_available = trash_scanner_readable (scanner);
17329 else
17330 {
17331 scanner_t found;
17332
17333 if (find_scanner_with_permission
17334 (task_scanner_uuid, &found, "get_scanners"))
17335 g_error ("%s: GET_TASKS: error finding"
17336 " task scanner, aborting",
17337 __func__);
17338 scanner_available = (found > 0);
17339 }
17340 }
17341 else
17342 {
17343 /* Container tasks have no associated scanner. */
17344 task_scanner_uuid = g_strdup ("");
17345 task_scanner_name = g_strdup ("");
17346 task_scanner_type = 0;
17347 scanner_in_trash = 0;
17348 }
17349
17350 config_name_escaped
17351 = config_name
17352 ? g_markup_escape_text (config_name, -1)
17353 : NULL;
17354 task_target_name_escaped
17355 = task_target_name
17356 ? g_markup_escape_text (task_target_name, -1)
17357 : NULL;
17358 task_scanner_name_escaped
17359 = task_scanner_name
17360 ? g_markup_escape_text (task_scanner_name, -1)
17361 : NULL;
17362
17363 response = g_strdup_printf
17364 ("<alterable>%i</alterable>"
17365 "<usage_type>%s</usage_type>"
17366 "<config id=\"%s\">"
17367 "<name>%s</name>"
17368 "<type>%i</type>"
17369 "<trash>%i</trash>"
17370 "%s"
17371 "</config>"
17372 "<target id=\"%s\">"
17373 "<name>%s</name>"
17374 "<trash>%i</trash>"
17375 "%s"
17376 "</target>"
17377 "<hosts_ordering>%s</hosts_ordering>"
17378 "<scanner id='%s'>"
17379 "<name>%s</name>"
17380 "<type>%d</type>"
17381 "<trash>%i</trash>"
17382 "%s"
17383 "</scanner>"
17384 "<status>%s</status>"
17385 "<progress>%s</progress>"
17386 "<report_count>"
17387 "%u<finished>%u</finished>"
17388 "</report_count>"
17389 "<trend>%s</trend>"
17390 "%s" // Schedule XML
17391 "%s%s",
17392 get_tasks_data->get.trash
17393 ? 0
17394 : task_alterable (index),
17395 task_iterator_usage_type (&tasks),
17396 config_uuid ?: "",
17397 config_name_escaped ?: "",
17398 config_type (task_config (index)),
17399 task_config_in_trash (index),
17400 config_available ? "" : "<permissions/>",
17401 task_target_uuid ?: "",
17402 task_target_name_escaped ?: "",
17403 target_in_trash,
17404 target_available ? "" : "<permissions/>",
17405 task_iterator_hosts_ordering (&tasks)
17406 ? task_iterator_hosts_ordering (&tasks)
17407 : "",
17408 task_scanner_uuid,
17409 task_scanner_name_escaped,
17410 task_scanner_type,
17411 scanner_in_trash,
17412 scanner_available ? "" : "<permissions/>",
17413 task_iterator_run_status_name (&tasks),
17414 progress_xml,
17415 task_iterator_total_reports (&tasks),
17416 task_iterator_finished_reports (&tasks),
17417 get_tasks_data->get.trash
17418 ? ""
17419 : task_iterator_trend_counts
17420 (&tasks, holes, warnings, infos, severity,
17421 holes_2, warnings_2, infos_2, severity_2),
17422 task_schedule_xml,
17423 current_report,
17424 last_report);
17425 g_free (config_name);
17426 g_free (config_uuid);
17427 g_free (config_name_escaped);
17428 free (task_target_name);
17429 free (task_target_uuid);
17430 g_free (task_target_name_escaped);
17431 g_free (progress_xml);
17432 g_free (current_report);
17433 g_free (last_report);
17434 g_free (task_schedule_xml);
17435 g_free (task_scanner_uuid);
17436 g_free (task_scanner_name);
17437 g_free (task_scanner_name_escaped);
17438 if (send_to_client (response,
17439 gmp_parser->client_writer,
17440 gmp_parser->client_writer_data))
17441 {
17442 g_free (response);
17443 cleanup_iterator (&tasks);
17444 error_send_to_client (error);
17445 cleanup_iterator (&tasks);
17446 return;
17447 }
17448 g_free (response);
17449
17450 SENDF_TO_CLIENT_OR_FAIL
17451 ("<observers>%s",
17452 ((owner == NULL)
17453 || (strcmp (owner,
17454 current_credentials.username)))
17455 ? ""
17456 : observers);
17457 free (owner);
17458 free (observers);
17459
17460 init_task_group_iterator (&groups, index);
17461 while (next (&groups))
17462 SENDF_TO_CLIENT_OR_FAIL
17463 ("<group id=\"%s\">"
17464 "<name>%s</name>"
17465 "</group>",
17466 task_group_iterator_uuid (&groups),
17467 task_group_iterator_name (&groups));
17468 cleanup_iterator (&groups);
17469
17470 init_task_role_iterator (&roles, index);
17471 while (next (&roles))
17472 SENDF_TO_CLIENT_OR_FAIL
17473 ("<role id=\"%s\">"
17474 "<name>%s</name>"
17475 "</role>",
17476 task_role_iterator_uuid (&roles),
17477 task_role_iterator_name (&roles));
17478 cleanup_iterator (&roles);
17479
17480 SENDF_TO_CLIENT_OR_FAIL ("</observers>");
17481
17482 init_task_alert_iterator (&alerts, index);
17483 while (next (&alerts))
17484 {
17485 alert_t found;
17486
17487 if (find_alert_with_permission (task_alert_iterator_uuid
17488 (&alerts),
17489 &found,
17490 "get_alerts"))
17491 abort ();
17492
17493 SENDF_TO_CLIENT_OR_FAIL
17494 ("<alert id=\"%s\">"
17495 "<name>%s</name>",
17496 task_alert_iterator_uuid (&alerts),
17497 task_alert_iterator_name (&alerts));
17498
17499 if (found)
17500 SENDF_TO_CLIENT_OR_FAIL
17501 ("</alert>");
17502 else
17503 SENDF_TO_CLIENT_OR_FAIL
17504 ("<permissions/>"
17505 "</alert>");
17506 }
17507 cleanup_iterator (&alerts);
17508
17509 if (get_tasks_data->get.details
17510 || get_tasks_data->get.id)
17511 {
17512 SENDF_TO_CLIENT_OR_FAIL ("<average_duration>"
17513 "%d"
17514 "</average_duration>",
17515 task_average_scan_duration (index));
17516 }
17517
17518 if (get_tasks_data->get.details)
17519 {
17520 /* The detailed version. */
17521
17522 SENDF_TO_CLIENT_OR_FAIL ("<result_count>%i</result_count>",
17523 task_result_count (index, min_qod));
17524 }
17525
17526 in_assets = task_preference_value (index, "in_assets");
17527 assets_apply_overrides = task_preference_value
17528 (index, "assets_apply_overrides");
17529 assets_min_qod = task_preference_value (index, "assets_min_qod");
17530 max_checks = task_preference_value (index, "max_checks");
17531 max_hosts = task_preference_value (index, "max_hosts");
17532 source_iface = task_preference_value (index, "source_iface");
17533 auto_delete = task_preference_value (index, "auto_delete");
17534 auto_delete_data = task_preference_value (index, "auto_delete_data");
17535
17536 SENDF_TO_CLIENT_OR_FAIL
17537 ("<preferences>"
17538 "<preference>"
17539 "<name>"
17540 "Maximum concurrently executed NVTs per host"
17541 "</name>"
17542 "<scanner_name>max_checks</scanner_name>"
17543 "<value>%s</value>"
17544 "</preference>"
17545 "<preference>"
17546 "<name>"
17547 "Maximum concurrently scanned hosts"
17548 "</name>"
17549 "<scanner_name>max_hosts</scanner_name>"
17550 "<value>%s</value>"
17551 "</preference>"
17552 "<preference>"
17553 "<name>"
17554 "Network Source Interface"
17555 "</name>"
17556 "<scanner_name>source_iface</scanner_name>"
17557 "<value>%s</value>"
17558 "</preference>"
17559 "<preference>"
17560 "<name>"
17561 "Add results to Asset Management"
17562 "</name>"
17563 "<scanner_name>in_assets</scanner_name>"
17564 "<value>%s</value>"
17565 "</preference>"
17566 "<preference>"
17567 "<name>"
17568 "Apply Overrides when adding Assets"
17569 "</name>"
17570 "<scanner_name>assets_apply_overrides</scanner_name>"
17571 "<value>%s</value>"
17572 "</preference>"
17573 "<preference>"
17574 "<name>"
17575 "Min QOD when adding Assets"
17576 "</name>"
17577 "<scanner_name>assets_min_qod</scanner_name>"
17578 "<value>%s</value>"
17579 "</preference>"
17580 "<preference>"
17581 "<name>"
17582 "Auto Delete Reports"
17583 "</name>"
17584 "<scanner_name>auto_delete</scanner_name>"
17585 "<value>%s</value>"
17586 "</preference>"
17587 "<preference>"
17588 "<name>"
17589 "Auto Delete Reports Data"
17590 "</name>"
17591 "<scanner_name>auto_delete_data</scanner_name>"
17592 "<value>%s</value>"
17593 "</preference>"
17594 "</preferences>"
17595 "</task>",
17596 max_checks ? max_checks : "4",
17597 max_hosts ? max_hosts : "20",
17598 source_iface ? source_iface : "",
17599 in_assets ? in_assets : "yes",
17600 assets_apply_overrides ? assets_apply_overrides : "yes",
17601 assets_min_qod
17602 ? assets_min_qod
17603 : G_STRINGIFY (MIN_QOD_DEFAULT),
17604 auto_delete ? auto_delete : "0",
17605 auto_delete_data ? auto_delete_data : "0");
17606
17607 g_free (in_assets);
17608 g_free (max_checks);
17609 g_free (max_hosts);
17610 g_free (source_iface);
17611 }
17612
17613 count++;
17614 }
17615 cleanup_iterator (&tasks);
17616 filtered = get_tasks_data->get.id
17617 ? 1
17618 : task_count (&get_tasks_data->get);
17619 SEND_GET_END ("task", &get_tasks_data->get, count, filtered);
17620
17621 get_tasks_data_reset (get_tasks_data);
17622 set_client_state (CLIENT_AUTHENTIC);
17623 }
17624
17625 /**
17626 * @brief Handle end of GET_USER element.
17627 *
17628 * @param[in] gmp_parser GMP parser.
17629 * @param[in] error Error parameter.
17630 */
17631 static void
handle_get_users(gmp_parser_t * gmp_parser,GError ** error)17632 handle_get_users (gmp_parser_t *gmp_parser, GError **error)
17633 {
17634 iterator_t users;
17635 int count, filtered, ret, first;
17636
17637 INIT_GET (user, User);
17638
17639 ret = init_user_iterator (&users, &get_users_data->get);
17640 if (ret)
17641 {
17642 switch (ret)
17643 {
17644 case 1:
17645 if (send_find_error_to_client ("get_users",
17646 "user",
17647 get_users_data->get.id,
17648 gmp_parser))
17649 {
17650 error_send_to_client (error);
17651 return;
17652 }
17653 break;
17654 case 2:
17655 if (send_find_error_to_client
17656 ("get_users", "filter", get_users_data->get.filt_id,
17657 gmp_parser))
17658 {
17659 error_send_to_client (error);
17660 return;
17661 }
17662 break;
17663 case -1:
17664 SEND_TO_CLIENT_OR_FAIL
17665 (XML_INTERNAL_ERROR ("get_users"));
17666 break;
17667 }
17668 get_users_data_reset (get_users_data);
17669 set_client_state (CLIENT_AUTHENTIC);
17670 return;
17671 }
17672
17673 SEND_GET_START ("user");
17674 while (1)
17675 {
17676 iterator_t groups, roles;
17677 const char *hosts, *ifaces;
17678 int hosts_allow, ifaces_allow;
17679
17680 ret = get_next (&users, &get_users_data->get, &first, &count,
17681 init_user_iterator);
17682 if (ret == 1)
17683 break;
17684 if (ret == -1)
17685 {
17686 internal_error_send_to_client (error);
17687 return;
17688 }
17689
17690 SEND_GET_COMMON (user, &get_users_data->get, &users);
17691
17692 hosts = user_iterator_hosts (&users);
17693 hosts_allow = user_iterator_hosts_allow (&users);
17694
17695 SENDF_TO_CLIENT_OR_FAIL ("<hosts allow=\"%i\">%s</hosts>"
17696 "<sources><source>%s</source></sources>",
17697 hosts_allow,
17698 hosts ? hosts : "",
17699 user_iterator_method (&users)
17700 ? user_iterator_method (&users)
17701 : "file");
17702
17703 /* Interfaces Access */
17704 ifaces = user_iterator_ifaces (&users);
17705 ifaces_allow = user_iterator_ifaces_allow (&users);
17706 SENDF_TO_CLIENT_OR_FAIL ("<ifaces allow=\"%i\">%s</ifaces>",
17707 ifaces_allow,
17708 ifaces ? ifaces : "");
17709
17710 /* User Roles */
17711 init_user_role_iterator (&roles,
17712 get_iterator_resource (&users));
17713 while (next (&roles))
17714 {
17715 SENDF_TO_CLIENT_OR_FAIL ("<role id=\"%s\">"
17716 "<name>%s</name>",
17717 user_role_iterator_uuid (&roles),
17718 user_role_iterator_name (&roles));
17719 if (user_role_iterator_readable (&roles))
17720 SEND_TO_CLIENT_OR_FAIL ("</role>");
17721 else
17722 SEND_TO_CLIENT_OR_FAIL ("<permissions/>"
17723 "</role>");
17724 }
17725 cleanup_iterator (&roles);
17726
17727 SEND_TO_CLIENT_OR_FAIL ("<groups>");
17728 init_user_group_iterator (&groups,
17729 get_iterator_resource (&users));
17730 while (next (&groups))
17731 {
17732 SENDF_TO_CLIENT_OR_FAIL ("<group id=\"%s\">"
17733 "<name>%s</name>",
17734 user_group_iterator_uuid (&groups),
17735 user_group_iterator_name (&groups));
17736 if (user_group_iterator_readable (&groups))
17737 SEND_TO_CLIENT_OR_FAIL ("</group>");
17738 else
17739 SEND_TO_CLIENT_OR_FAIL ("<permissions/>"
17740 "</group>");
17741 }
17742 cleanup_iterator (&groups);
17743 SEND_TO_CLIENT_OR_FAIL ("</groups>"
17744 "</user>");
17745 count++;
17746 }
17747 cleanup_iterator (&users);
17748 filtered = get_users_data->get.id
17749 ? 1
17750 : user_count (&get_users_data->get);
17751 SEND_GET_END ("user", &get_users_data->get, count, filtered);
17752
17753 get_users_data_reset (get_users_data);
17754 set_client_state (CLIENT_AUTHENTIC);
17755 }
17756
17757 /**
17758 * @brief Handle end of GET_VERSION element.
17759 *
17760 * @param[in] gmp_parser GMP parser.
17761 * @param[in] error Error parameter.
17762 */
17763 static void
handle_get_version(gmp_parser_t * gmp_parser,GError ** error)17764 handle_get_version (gmp_parser_t *gmp_parser, GError **error)
17765 {
17766 SEND_TO_CLIENT_OR_FAIL ("<get_version_response"
17767 " status=\"" STATUS_OK "\""
17768 " status_text=\"" STATUS_OK_TEXT "\">"
17769 "<version>" GMP_VERSION "</version>"
17770 "</get_version_response>");
17771 if (client_state == CLIENT_GET_VERSION_AUTHENTIC)
17772 set_client_state (CLIENT_AUTHENTIC);
17773 else
17774 set_client_state (CLIENT_TOP);
17775 }
17776
17777 /**
17778 * @brief Handle end of GET_VULNS element.
17779 *
17780 * @param[in] gmp_parser GMP parser.
17781 * @param[in] error Error parameter.
17782 */
17783 static void
handle_get_vulns(gmp_parser_t * gmp_parser,GError ** error)17784 handle_get_vulns (gmp_parser_t *gmp_parser, GError **error)
17785 {
17786 get_data_t *get;
17787 int count, filtered, first;
17788 int ret;
17789 iterator_t vulns;
17790
17791 get = &get_vulns_data->get;
17792
17793 // Assumes that second param is only used for plural
17794 INIT_GET (vuln, Vulnerabilitie);
17795
17796 ret = init_vuln_iterator (&vulns, get);
17797 if (ret)
17798 {
17799 switch (ret)
17800 {
17801 case 1:
17802 if (send_find_error_to_client ("get_vulns",
17803 "vuln",
17804 get_vulns_data->get.id,
17805 gmp_parser))
17806 {
17807 error_send_to_client (error);
17808 return;
17809 }
17810 break;
17811 case 2:
17812 if (send_find_error_to_client
17813 ("get_vulns", "filter",
17814 get_vulns_data->get.filt_id, gmp_parser))
17815 {
17816 error_send_to_client (error);
17817 return;
17818 }
17819 break;
17820 case -1:
17821 SEND_TO_CLIENT_OR_FAIL
17822 (XML_INTERNAL_ERROR ("get_vulns"));
17823 break;
17824 }
17825 get_vulns_data_reset (get_vulns_data);
17826 set_client_state (CLIENT_AUTHENTIC);
17827 return;
17828 }
17829
17830 SEND_GET_START ("vuln");
17831
17832 while (next (&vulns))
17833 {
17834 time_t oldest, newest;
17835
17836 count ++;
17837 SENDF_TO_CLIENT_OR_FAIL ("<vuln id=\"%s\">"
17838 "<name>%s</name>"
17839 "<type>%s</type>"
17840 "<creation_time>%s</creation_time>"
17841 "<modification_time>%s</modification_time>"
17842 "<severity>%1.1f</severity>"
17843 "<qod>%d</qod>",
17844 get_iterator_uuid (&vulns),
17845 get_iterator_name (&vulns),
17846 vuln_iterator_type (&vulns),
17847 get_iterator_creation_time (&vulns),
17848 get_iterator_modification_time (&vulns),
17849 vuln_iterator_severity (&vulns),
17850 vuln_iterator_qod (&vulns));
17851
17852 // results for the vulnerability
17853 oldest = vuln_iterator_oldest (&vulns);
17854 SENDF_TO_CLIENT_OR_FAIL ("<results>"
17855 "<count>%d</count>"
17856 "<oldest>%s</oldest>",
17857 vuln_iterator_results (&vulns),
17858 iso_time (&oldest));
17859
17860 newest = vuln_iterator_newest (&vulns);
17861 SENDF_TO_CLIENT_OR_FAIL ("<newest>%s</newest>",
17862 iso_time (&newest));
17863
17864 SEND_TO_CLIENT_OR_FAIL ("</results>");
17865
17866 // hosts with the vulnerability
17867 SENDF_TO_CLIENT_OR_FAIL ("<hosts>"
17868 "<count>%d</count>",
17869 vuln_iterator_hosts (&vulns));
17870
17871 SEND_TO_CLIENT_OR_FAIL ("</hosts>");
17872
17873 // closing tag
17874 SEND_TO_CLIENT_OR_FAIL ("</vuln>");
17875 }
17876
17877 cleanup_iterator (&vulns);
17878
17879 filtered = vuln_count (get);
17880
17881 SEND_GET_END ("vuln", &get_vulns_data->get, count, filtered);
17882
17883 get_vulns_data_reset (get_vulns_data);
17884 set_client_state (CLIENT_AUTHENTIC);
17885 }
17886
17887 /**
17888 * @brief Handle end of SYNC_CONFIG element.
17889 *
17890 * @param[in] gmp_parser GMP parser.
17891 * @param[in] error Error parameter.
17892 */
17893 static void
handle_sync_config(gmp_parser_t * gmp_parser,GError ** error)17894 handle_sync_config (gmp_parser_t *gmp_parser, GError **error)
17895 {
17896 assert (current_credentials.username);
17897 if (!sync_config_data->config_id)
17898 {
17899 SEND_TO_CLIENT_OR_FAIL
17900 (XML_ERROR_SYNTAX ("sync_config",
17901 "SYNC_CONFIG requires a config_id attribute"));
17902 sync_config_data_reset (sync_config_data);
17903 set_client_state (CLIENT_AUTHENTIC);
17904 return;
17905 }
17906 switch (sync_config (sync_config_data->config_id))
17907 {
17908 case 0:
17909 log_event ("config", "config", sync_config_data->config_id,
17910 "synchronized");
17911 SEND_TO_CLIENT_OR_FAIL (XML_OK ("sync_config"));
17912 break;
17913 case 1:
17914 if (send_find_error_to_client
17915 ("sync_config", "config", sync_config_data->config_id, gmp_parser))
17916 {
17917 error_send_to_client (error);
17918 return;
17919 }
17920 log_event_fail ("config", "Config", sync_config_data->config_id,
17921 "synchronized");
17922 break;
17923 case 2:
17924 SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX
17925 ("sync_config", "Config not of type OSP"));
17926 log_event_fail ("config", "Config", sync_config_data->config_id,
17927 "synchronized");
17928 break;
17929 case 3:
17930 SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX
17931 ("sync_config", "Config has no scanner"));
17932 log_event_fail ("config", "Config", sync_config_data->config_id,
17933 "synchronized");
17934 break;
17935 case 4:
17936 SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX
17937 ("sync_config",
17938 "Couldn't get parameters from scanner"));
17939 log_event_fail ("config", "Config", sync_config_data->config_id,
17940 "synchronized");
17941 break;
17942 case 99:
17943 SEND_TO_CLIENT_OR_FAIL
17944 (XML_ERROR_SYNTAX ("sync_config", "Permission denied"));
17945 log_event_fail ("config", "Config", sync_config_data->config_id,
17946 "synchronized");
17947 break;
17948 case -1:
17949 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("sync_config"));
17950 log_event_fail ("config", "Config", sync_config_data->config_id,
17951 "synchronized");
17952 break;
17953 default:
17954 abort ();
17955 break;
17956 }
17957
17958 sync_config_data_reset (sync_config_data);
17959 set_client_state (CLIENT_AUTHENTIC);
17960 }
17961
17962 /**
17963 * @brief Handle end of CREATE_SCANNER element.
17964 *
17965 * @param[in] gmp_parser GMP parser.
17966 * @param[in] error Error parameter.
17967 */
17968 static void
handle_create_scanner(gmp_parser_t * gmp_parser,GError ** error)17969 handle_create_scanner (gmp_parser_t *gmp_parser, GError **error)
17970 {
17971 scanner_t new_scanner;
17972
17973 if (create_scanner_data->copy)
17974 switch (copy_scanner (create_scanner_data->name,
17975 create_scanner_data->comment,
17976 create_scanner_data->copy, &new_scanner))
17977 {
17978 case 0:
17979 {
17980 char *uuid;
17981 uuid = scanner_uuid (new_scanner);
17982 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_scanner"),
17983 uuid);
17984 log_event ("scanner", "scanner", uuid, "created");
17985 g_free (uuid);
17986 goto create_scanner_leave;
17987 }
17988 case 1:
17989 SEND_TO_CLIENT_OR_FAIL
17990 (XML_ERROR_SYNTAX ("create_scanner", "Scanner name exists already"));
17991 log_event_fail ("scanner", "Scanner", NULL, "created");
17992 goto create_scanner_leave;
17993 case 2:
17994 if (send_find_error_to_client ("create_scanner", "scanner",
17995 create_scanner_data->copy, gmp_parser))
17996 {
17997 error_send_to_client (error);
17998 goto create_scanner_leave;
17999 }
18000 log_event_fail ("scanner", "Scanner", NULL, "created");
18001 goto create_scanner_leave;
18002 case 98:
18003 SEND_TO_CLIENT_OR_FAIL
18004 (XML_ERROR_SYNTAX ("create_scanner", "It is not possible to clone a "
18005 "CVE scanner "));
18006 log_event_fail ("scanner", "Scanner", NULL, "created");
18007 goto create_scanner_leave;
18008 case 99:
18009 SEND_TO_CLIENT_OR_FAIL
18010 (XML_ERROR_SYNTAX ("create_scanner", "Permission denied"));
18011 log_event_fail ("scanner", "Scanner", NULL, "created");
18012 goto create_scanner_leave;
18013 case -1:
18014 default:
18015 SEND_TO_CLIENT_OR_FAIL
18016 (XML_INTERNAL_ERROR ("create_scanner"));
18017 log_event_fail ("scanner", "Scanner", NULL, "created");
18018 goto create_scanner_leave;
18019 }
18020
18021 if (!create_scanner_data->name)
18022 {
18023 SEND_TO_CLIENT_OR_FAIL
18024 (XML_ERROR_SYNTAX ("create_scanner", "Missing NAME"));
18025 goto create_scanner_leave;
18026 }
18027
18028 if (!create_scanner_data->host)
18029 {
18030 SEND_TO_CLIENT_OR_FAIL
18031 (XML_ERROR_SYNTAX ("create_scanner", "Missing HOST"));
18032 goto create_scanner_leave;
18033 }
18034
18035 if (!create_scanner_data->port)
18036 {
18037 SEND_TO_CLIENT_OR_FAIL
18038 (XML_ERROR_SYNTAX ("create_scanner", "Missing PORT"));
18039 goto create_scanner_leave;
18040 }
18041
18042 if (!create_scanner_data->type)
18043 {
18044 SEND_TO_CLIENT_OR_FAIL
18045 (XML_ERROR_SYNTAX ("create_scanner", "Missing TYPE"));
18046 goto create_scanner_leave;
18047 }
18048
18049 /* Specifying unix file socket over GMP is not allowed. */
18050 if (*create_scanner_data->host == '/')
18051 {
18052 SEND_TO_CLIENT_OR_FAIL
18053 (XML_ERROR_SYNTAX ("create_scanner", "Erroneous host value."));
18054 goto create_scanner_leave;
18055 }
18056 if (create_scanner_data->ca_pub
18057 && check_certificate_x509 (create_scanner_data->ca_pub))
18058 {
18059 SEND_TO_CLIENT_OR_FAIL
18060 (XML_ERROR_SYNTAX ("create_scanner", "Erroneous CA Certificate."));
18061 goto create_scanner_leave;
18062 }
18063 switch (create_scanner
18064 (create_scanner_data->name, create_scanner_data->comment,
18065 create_scanner_data->host, create_scanner_data->port,
18066 create_scanner_data->type, &new_scanner,
18067 create_scanner_data->ca_pub, create_scanner_data->credential_id))
18068 {
18069 case 0:
18070 {
18071 char *uuid = scanner_uuid (new_scanner);
18072 SENDF_TO_CLIENT_OR_FAIL
18073 (XML_OK_CREATED_ID ("create_scanner"), uuid);
18074 log_event ("scanner", "Scanner", uuid, "created");
18075 g_free (uuid);
18076 break;
18077 }
18078 case 1:
18079 SEND_TO_CLIENT_OR_FAIL
18080 (XML_ERROR_SYNTAX ("create_scanner", "Scanner exists already"));
18081 log_event_fail ("scanner", "Scanner", NULL, "created");
18082 break;
18083 case 2:
18084 SEND_TO_CLIENT_OR_FAIL
18085 (XML_ERROR_SYNTAX ("create_scanner", "Invalid entity value"));
18086 log_event_fail ("scanner", "Scanner", NULL, "created");
18087 break;
18088 case 3:
18089 if (send_find_error_to_client ("create_scanner", "credential",
18090 create_scanner_data->credential_id,
18091 gmp_parser))
18092 {
18093 error_send_to_client (error);
18094 return;
18095 }
18096 log_event_fail ("scanner", "Scanner", NULL, "created");
18097 break;
18098 case 4:
18099 SEND_TO_CLIENT_OR_FAIL
18100 (XML_ERROR_SYNTAX ("create_scanner",
18101 "Credential must be of type 'up'"
18102 " (username + password)"));
18103 log_event_fail ("scanner", "Scanner", NULL, "created");
18104 break;
18105 case 5:
18106 SEND_TO_CLIENT_OR_FAIL
18107 (XML_ERROR_SYNTAX ("create_scanner",
18108 "Credential must be of type 'cc'"
18109 " (client certificate)"));
18110 log_event_fail ("scanner", "Scanner", NULL, "created");
18111 break;
18112 case 6:
18113 SEND_TO_CLIENT_OR_FAIL
18114 (XML_ERROR_SYNTAX ("create_scanner",
18115 "Scanner type requires a credential"));
18116 log_event_fail ("scanner", "Scanner", NULL, "created");
18117 break;
18118 case 99:
18119 SEND_TO_CLIENT_OR_FAIL
18120 (XML_ERROR_SYNTAX ("create_scanner", "Permission denied"));
18121 log_event_fail ("scanner", "Scanner", NULL, "created");
18122 break;
18123 case -1:
18124 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_scanner"));
18125 log_event_fail ("scanner", "Scanner", NULL, "created");
18126 break;
18127 default:
18128 assert (0);
18129 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_scanner"));
18130 log_event_fail ("scanner", "Scanner", NULL, "created");
18131 break;
18132 }
18133
18134 create_scanner_leave:
18135 create_scanner_data_reset (create_scanner_data);
18136 set_client_state (CLIENT_AUTHENTIC);
18137 }
18138
18139 /**
18140 * @brief Handle end of MODIFY_SCANNER element.
18141 *
18142 * @param[in] gmp_parser GMP parser.
18143 * @param[in] error Error parameter.
18144 */
18145 static void
handle_modify_scanner(gmp_parser_t * gmp_parser,GError ** error)18146 handle_modify_scanner (gmp_parser_t *gmp_parser, GError **error)
18147 {
18148 if (modify_scanner_data->ca_pub && *modify_scanner_data->ca_pub
18149 && check_certificate_x509 (modify_scanner_data->ca_pub))
18150 {
18151 SEND_TO_CLIENT_OR_FAIL
18152 (XML_ERROR_SYNTAX ("modify_scanner", "Erroneous CA Certificate."));
18153 goto modify_scanner_leave;
18154 }
18155
18156 /* Specifying unix file socket over GMP is not allowed. */
18157 if (modify_scanner_data->host
18158 && *modify_scanner_data->host == '/')
18159 {
18160 SEND_TO_CLIENT_OR_FAIL
18161 (XML_ERROR_SYNTAX ("create_scanner", "Erroneous host value."));
18162 goto modify_scanner_leave;
18163 }
18164 switch (modify_scanner
18165 (modify_scanner_data->scanner_id, modify_scanner_data->name,
18166 modify_scanner_data->comment, modify_scanner_data->host,
18167 modify_scanner_data->port, modify_scanner_data->type,
18168 modify_scanner_data->ca_pub, modify_scanner_data->credential_id))
18169 {
18170 case 0:
18171 SENDF_TO_CLIENT_OR_FAIL (XML_OK ("modify_scanner"));
18172 log_event ("scanner", "Scanner", modify_scanner_data->scanner_id,
18173 "modified");
18174 break;
18175 case 1:
18176 if (send_find_error_to_client ("modify_scanner", "scanner",
18177 modify_scanner_data->scanner_id,
18178 gmp_parser))
18179 {
18180 error_send_to_client (error);
18181 return;
18182 }
18183 log_event_fail ("scanner", "Scanner", modify_scanner_data->scanner_id,
18184 "modified");
18185 break;
18186 case 2:
18187 SEND_TO_CLIENT_OR_FAIL
18188 (XML_ERROR_SYNTAX ("modify_scanner",
18189 "Scanner with new name exists already"));
18190 log_event_fail ("scanner", "Scanner", modify_scanner_data->scanner_id,
18191 "modified");
18192 break;
18193 case 3:
18194 SEND_TO_CLIENT_OR_FAIL
18195 (XML_ERROR_SYNTAX ("modify_scanner", "Missing scanner_id"));
18196 log_event_fail ("scanner", "Scanner", modify_scanner_data->scanner_id,
18197 "modified");
18198 break;
18199 case 4:
18200 SEND_TO_CLIENT_OR_FAIL
18201 (XML_ERROR_SYNTAX ("modify_scanner", "Invalid value"));
18202 log_event_fail ("scanner", "Scanner", modify_scanner_data->scanner_id,
18203 "modified");
18204 break;
18205 case 5:
18206 if (send_find_error_to_client ("create_scanner", "credential",
18207 modify_scanner_data->credential_id,
18208 gmp_parser))
18209 {
18210 error_send_to_client (error);
18211 return;
18212 }
18213 log_event_fail ("scanner", "Scanner", modify_scanner_data->scanner_id,
18214 "modified");
18215 break;
18216 case 6:
18217 SEND_TO_CLIENT_OR_FAIL
18218 (XML_ERROR_SYNTAX ("modify_scanner",
18219 "Credential must be of type 'cc'"
18220 " (client certificate)"));
18221 log_event_fail ("scanner", "Scanner", modify_scanner_data->scanner_id,
18222 "modified");
18223 break;
18224 case 7:
18225 SEND_TO_CLIENT_OR_FAIL
18226 (XML_ERROR_SYNTAX ("modify_scanner",
18227 "Credential must be of type 'up'"
18228 " (username + password)"));
18229 log_event_fail ("scanner", "Scanner", modify_scanner_data->scanner_id,
18230 "modified");
18231 break;
18232 case 8:
18233 SEND_TO_CLIENT_OR_FAIL
18234 (XML_ERROR_SYNTAX ("modify_scanner",
18235 "Scanner type requires a credential"));
18236 log_event_fail ("scanner", "Scanner", modify_scanner_data->scanner_id,
18237 "modified");
18238 break;
18239 case 99:
18240 SEND_TO_CLIENT_OR_FAIL
18241 (XML_ERROR_SYNTAX ("modify_scanner", "Permission denied"));
18242 log_event_fail ("scanner", "Scanner", modify_scanner_data->scanner_id,
18243 "modified");
18244 break;
18245 default:
18246 case -1:
18247 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("modify_scanner"));
18248 log_event_fail ("scanner", "Scanner", modify_scanner_data->scanner_id,
18249 "modified");
18250 break;
18251 }
18252 modify_scanner_leave:
18253 modify_scanner_data_reset (modify_scanner_data);
18254 set_client_state (CLIENT_AUTHENTIC);
18255 }
18256
18257 extern char client_address[];
18258
18259 /**
18260 * @brief Handle create_report_data->results_* for gmp_xml_handle_end_element
18261 *
18262 * Uses data:
18263 * create_report_data->result_description
18264 * create_report_data->result_host
18265 * create_report_data->result_hostname
18266 * create_report_data->result_nvt_oid
18267 * create_report_data->result_port
18268 * create_report_data->result_qod
18269 * create_report_data->result_qod_type
18270 * create_report_data->result_scan_nvt_version
18271 * create_report_data->result_severity
18272 * create_report_data->result_threat
18273 * create_report_data->result_detection_name
18274 * create_report_data->result_detection_product
18275 * create_report_data->result_detection_source_name
18276 * create_report_data->result_detection_source_oid
18277 * create_report_data->result_detection_location
18278 * create_report_data->result_detection
18279 *
18280 * to create a create_report_data->result and add it into
18281 * create_report_data->results
18282 *
18283 */
18284 static void
gmp_xml_handle_result()18285 gmp_xml_handle_result ()
18286 {
18287 create_report_result_t *result;
18288
18289 assert (create_report_data->results);
18290
18291 if (create_report_data->result_scan_nvt_version == NULL)
18292 create_report_data->result_scan_nvt_version = strdup ("");
18293
18294 if (create_report_data->result_severity == NULL)
18295 {
18296 if (create_report_data->result_threat == NULL)
18297 {
18298 create_report_data->result_severity = strdup ("");
18299 }
18300 else if (strcasecmp (create_report_data->result_threat, "High") == 0)
18301 {
18302 create_report_data->result_severity = strdup ("10.0");
18303 }
18304 else if (strcasecmp (create_report_data->result_threat, "Medium") == 0)
18305 {
18306 create_report_data->result_severity = strdup ("5.0");
18307 }
18308 else if (strcasecmp (create_report_data->result_threat, "Low") == 0)
18309 {
18310 create_report_data->result_severity = strdup ("2.0");
18311 }
18312 else if (strcasecmp (create_report_data->result_threat, "Log") == 0)
18313 {
18314 create_report_data->result_severity = strdup ("0.0");
18315 }
18316 else if (strcasecmp (create_report_data->result_threat, "False Positive")
18317 == 0)
18318 {
18319 create_report_data->result_severity = strdup ("-1.0");
18320 }
18321 else
18322 {
18323 create_report_data->result_severity = strdup ("");
18324 }
18325 }
18326
18327 result = g_malloc (sizeof (create_report_result_t));
18328 result->description = create_report_data->result_description;
18329 // sometimes host has newlines in it, so we 0 terminate first newline
18330 // According to
18331 // https://www.freebsd.org/cgi/man.cgi?query=strcspn&sektion=3
18332 // strcspn returns the number of chars spanned so it should be safe
18333 // without double checking.
18334 if (create_report_data->result_host)
18335 create_report_data
18336 ->result_host[strcspn (create_report_data->result_host, "\n")] = 0;
18337 result->host = create_report_data->result_host;
18338 result->hostname = create_report_data->result_hostname;
18339 result->nvt_oid = create_report_data->result_nvt_oid;
18340 result->scan_nvt_version = create_report_data->result_scan_nvt_version;
18341 result->port = create_report_data->result_port;
18342 result->qod = create_report_data->result_qod;
18343 result->qod_type = create_report_data->result_qod_type;
18344 result->severity = create_report_data->result_severity;
18345 result->threat = create_report_data->result_threat;
18346 if (result->host)
18347 {
18348 for (unsigned int i = 0; i < create_report_data->result_detection->len;
18349 i++)
18350 {
18351 host_detail_t *detail;
18352 // prepare detection to be found within
18353 // result_detection_reference
18354 detection_detail_t *detection =
18355 (detection_detail_t *) g_ptr_array_index (
18356 create_report_data->result_detection, i);
18357
18358 // used to find location within report_host_details via
18359 // - oid as source_name
18360 // - detected_at as name
18361 detail = g_malloc (sizeof (host_detail_t));
18362 detail->ip = g_strdup (result->host);
18363 detail->name = g_strdup ("detected_at");
18364 detail->source_desc = g_strdup ("create_report_import");
18365 detail->source_name = g_strdup (
18366 detection->source_oid); // verify when detected_at || detected_by
18367 detail->source_type = g_strdup ("create_report_import");
18368 detail->value = g_strdup (detection->location);
18369 array_add (create_report_data->details, detail);
18370 // used to find oid within report_host_details via
18371 // - oid as source_name
18372 // - detected_by as name
18373 detail = g_malloc (sizeof (host_detail_t));
18374 detail->ip = g_strdup (result->host);
18375 detail->name = g_strconcat ("detected_by@", detection->location, NULL);
18376 detail->source_desc = g_strdup ("create_report_import");
18377 detail->source_name = g_strdup (result->nvt_oid);
18378 detail->source_type = g_strdup ("create_report_import");
18379 detail->value = g_strdup (detection->source_oid);
18380 array_add (create_report_data->details, detail);
18381 g_free (detection->location);
18382 g_free (detection->product);
18383 g_free (detection->source_name);
18384 g_free (detection->source_oid);
18385 g_free (detection);
18386 }
18387 }
18388 array_add (create_report_data->results, result);
18389
18390 create_report_data->result_description = NULL;
18391 create_report_data->result_host = NULL;
18392 create_report_data->result_hostname = NULL;
18393 create_report_data->result_nvt_oid = NULL;
18394 create_report_data->result_port = NULL;
18395 create_report_data->result_qod = NULL;
18396 create_report_data->result_qod_type = NULL;
18397 create_report_data->result_scan_nvt_version = NULL;
18398 create_report_data->result_severity = NULL;
18399 create_report_data->result_threat = NULL;
18400 create_report_data->result_detection = NULL;
18401 create_report_data->result_detection = make_array ();
18402 }
18403
18404 /**
18405 * @brief Handle the end of a GMP XML element.
18406 *
18407 * React to the end of an XML element according to the current value
18408 * of \ref client_state, usually adjusting \ref client_state to indicate
18409 * the change (with \ref set_client_state). Call \ref send_to_client to queue
18410 * any responses for the client. Call the task utilities to adjust the
18411 * tasks (for example \ref start_task, \ref stop_task, \ref modify_task,
18412 * \ref delete_task and \ref find_task_with_permission ).
18413 *
18414 * Set error parameter on encountering an error.
18415 *
18416 * @param[in] context Parser context.
18417 * @param[in] element_name XML element name.
18418 * @param[in] user_data GMP parser.
18419 * @param[in] error Error parameter.
18420 */
18421 static void
gmp_xml_handle_end_element(GMarkupParseContext * context,const gchar * element_name,gpointer user_data,GError ** error)18422 gmp_xml_handle_end_element (/* unused */ GMarkupParseContext* context,
18423 const gchar *element_name,
18424 gpointer user_data,
18425 GError **error)
18426 {
18427 gmp_parser_t *gmp_parser = (gmp_parser_t*) user_data;
18428 int (*write_to_client) (const char *, void*)
18429 = (int (*) (const char *, void*)) gmp_parser->client_writer;
18430 void* write_to_client_data = (void*) gmp_parser->client_writer_data;
18431
18432 g_debug (" XML end: %s", element_name);
18433
18434 if (gmp_parser->read_over > 1)
18435 {
18436 gmp_parser->read_over--;
18437 }
18438 else if (gmp_parser->read_over == 1)
18439 {
18440 assert (gmp_parser->parent_state);
18441 client_state = gmp_parser->parent_state;
18442 gmp_parser->parent_state = 0;
18443 gmp_parser->read_over = 0;
18444 }
18445 else switch (client_state)
18446 {
18447 case CLIENT_TOP:
18448 assert (0);
18449 break;
18450
18451 case CLIENT_AUTHENTICATE:
18452 switch (authenticate (¤t_credentials))
18453 {
18454 case 0: /* Authentication succeeded. */
18455 {
18456 const char *zone;
18457 char *pw_warning;
18458
18459 zone = (current_credentials.timezone
18460 && strlen (current_credentials.timezone))
18461 ? current_credentials.timezone
18462 : "UTC";
18463
18464 if (setenv ("TZ", zone, 1) == -1)
18465 {
18466 free_credentials (¤t_credentials);
18467 g_warning ("Timezone setting failure for %s",
18468 current_credentials.username);
18469 SEND_TO_CLIENT_OR_FAIL
18470 (XML_INTERNAL_ERROR ("authenticate"));
18471 set_client_state (CLIENT_TOP);
18472 break;
18473 }
18474 tzset ();
18475
18476 manage_session_set_timezone (zone);
18477
18478 pw_warning = gvm_validate_password
18479 (current_credentials.password,
18480 current_credentials.username);
18481
18482 if (pw_warning)
18483 SENDF_TO_CLIENT_OR_FAIL
18484 ("<authenticate_response"
18485 " status=\"" STATUS_OK "\""
18486 " status_text=\"" STATUS_OK_TEXT "\">"
18487 "<role>%s</role>"
18488 "<timezone>%s</timezone>"
18489 "<password_warning>%s</password_warning>"
18490 "</authenticate_response>",
18491 current_credentials.role
18492 ? current_credentials.role
18493 : "",
18494 zone,
18495 pw_warning ? pw_warning : "");
18496 else
18497 SENDF_TO_CLIENT_OR_FAIL
18498 ("<authenticate_response"
18499 " status=\"" STATUS_OK "\""
18500 " status_text=\"" STATUS_OK_TEXT "\">"
18501 "<role>%s</role>"
18502 "<timezone>%s</timezone>"
18503 "</authenticate_response>",
18504 current_credentials.role
18505 ? current_credentials.role
18506 : "",
18507 zone);
18508
18509 free (pw_warning);
18510 set_client_state (CLIENT_AUTHENTIC);
18511
18512 break;
18513 }
18514 case 1: /* Authentication failed. */
18515 g_warning ("Authentication failure for '%s' from %s",
18516 current_credentials.username ?: "", client_address);
18517 free_credentials (¤t_credentials);
18518 SEND_TO_CLIENT_OR_FAIL (XML_ERROR_AUTH_FAILED ("authenticate"));
18519 set_client_state (CLIENT_TOP);
18520 break;
18521 case 99: /* Authentication failed. */
18522 g_warning ("Authentication failure for '%s' from %s",
18523 current_credentials.username ?: "", client_address);
18524 free_credentials (¤t_credentials);
18525 SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX ("authenticate",
18526 "Permission denied"));
18527 set_client_state (CLIENT_TOP);
18528 break;
18529 case -1: /* Error while authenticating. */
18530 default:
18531 g_warning ("Authentication failure for '%s' from %s",
18532 current_credentials.username ?: "", client_address);
18533 free_credentials (¤t_credentials);
18534 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("authenticate"));
18535 set_client_state (CLIENT_TOP);
18536 break;
18537 }
18538 break;
18539
18540 case CLIENT_AUTHENTICATE_CREDENTIALS:
18541 set_client_state (CLIENT_AUTHENTICATE);
18542 break;
18543
18544 case CLIENT_AUTHENTICATE_CREDENTIALS_USERNAME:
18545 set_client_state (CLIENT_AUTHENTICATE_CREDENTIALS);
18546 break;
18547
18548 case CLIENT_AUTHENTICATE_CREDENTIALS_PASSWORD:
18549 set_client_state (CLIENT_AUTHENTICATE_CREDENTIALS);
18550 break;
18551
18552 CASE_DELETE (ALERT, alert, "Alert");
18553
18554 case CLIENT_DELETE_ASSET:
18555 if (delete_asset_data->asset_id
18556 || delete_asset_data->report_id)
18557 switch (delete_asset (delete_asset_data->asset_id,
18558 delete_asset_data->report_id,
18559 delete_asset_data->ultimate))
18560 {
18561 case 0:
18562 SEND_TO_CLIENT_OR_FAIL (XML_OK ("delete_asset"));
18563 log_event ("asset", "Asset",
18564 delete_asset_data->asset_id, "deleted");
18565 break;
18566 case 1:
18567 SEND_TO_CLIENT_OR_FAIL
18568 (XML_ERROR_SYNTAX ("delete_asset",
18569 "Asset is in use"));
18570 log_event_fail ("asset", "Asset",
18571 delete_asset_data->asset_id,
18572 "deleted");
18573 break;
18574 case 2:
18575 if (send_find_error_to_client
18576 ("delete_asset",
18577 "asset",
18578 delete_asset_data->asset_id,
18579 gmp_parser))
18580 {
18581 error_send_to_client (error);
18582 return;
18583 }
18584 log_event_fail ("asset", "Asset",
18585 delete_asset_data->asset_id,
18586 "deleted");
18587 break;
18588 case 3:
18589 SEND_TO_CLIENT_OR_FAIL
18590 (XML_ERROR_SYNTAX ("delete_asset",
18591 "Attempt to delete a predefined asset"));
18592 log_event_fail ("asset", "Asset",
18593 delete_asset_data->asset_id,
18594 "deleted");
18595 break;
18596 case 4:
18597 SEND_TO_CLIENT_OR_FAIL
18598 (XML_ERROR_SYNTAX ("delete_asset",
18599 "An asset_id or a"
18600 "report_id is required"));
18601 log_event_fail ("asset", "Asset",
18602 delete_asset_data->asset_id,
18603 "deleted");
18604 break;
18605 case 99:
18606 SEND_TO_CLIENT_OR_FAIL
18607 (XML_ERROR_SYNTAX ("delete_asset",
18608 "Permission denied"));
18609 log_event_fail ("asset", "Asset",
18610 delete_asset_data->asset_id,
18611 "deleted");
18612 break;
18613 default:
18614 SEND_TO_CLIENT_OR_FAIL
18615 (XML_INTERNAL_ERROR ("delete_asset"));
18616 log_event_fail ("asset", "Asset",
18617 delete_asset_data->asset_id,
18618 "deleted");
18619 }
18620 else
18621 SEND_TO_CLIENT_OR_FAIL
18622 (XML_ERROR_SYNTAX ("delete_asset",
18623 "An asset_id attribute is required"));
18624 delete_asset_data_reset (delete_asset_data);
18625 set_client_state (CLIENT_AUTHENTIC);
18626 break;
18627
18628 CASE_DELETE (CONFIG, config, "Config");
18629 CASE_DELETE (CREDENTIAL, credential, "Credential");
18630 CASE_DELETE (FILTER, filter, "Filter");
18631 CASE_DELETE (GROUP, group, "Group");
18632 CASE_DELETE (NOTE, note, "Note");
18633 CASE_DELETE (OVERRIDE, override, "Override");
18634 CASE_DELETE (PERMISSION, permission, "Permission");
18635 CASE_DELETE (PORT_LIST, port_list, "Port list");
18636 CASE_DELETE (PORT_RANGE, port_range, "Port range");
18637 CASE_DELETE (REPORT, report, "Report");
18638 CASE_DELETE (REPORT_FORMAT, report_format, "Report format");
18639 CASE_DELETE (ROLE, role, "Role");
18640 CASE_DELETE (SCANNER, scanner, "Scanner");
18641 CASE_DELETE (SCHEDULE, schedule, "Schedule");
18642 CASE_DELETE (TAG, tag, "Tag");
18643 CASE_DELETE (TARGET, target, "Target");
18644
18645 case CLIENT_DELETE_TASK:
18646 if (delete_task_data->task_id)
18647 {
18648 switch (request_delete_task_uuid (delete_task_data->task_id,
18649 delete_task_data->ultimate))
18650 {
18651 case 0: /* Deleted. */
18652 SEND_TO_CLIENT_OR_FAIL (XML_OK ("delete_task"));
18653 log_event ("task", "Task", delete_task_data->task_id,
18654 "deleted");
18655 break;
18656 case 1: /* Delete requested. */
18657 SEND_TO_CLIENT_OR_FAIL (XML_OK_REQUESTED ("delete_task"));
18658 log_event ("task", "Task", delete_task_data->task_id,
18659 "requested for delete");
18660 break;
18661 case 2: /* Hidden task. */
18662 SEND_TO_CLIENT_OR_FAIL
18663 (XML_ERROR_SYNTAX ("delete_task",
18664 "Attempt to delete a hidden task"));
18665 log_event_fail ("task", "Task", delete_task_data->task_id,
18666 "deleted");
18667 break;
18668 case 3: /* Failed to find task. */
18669 if (send_find_error_to_client
18670 ("delete_task", "task", delete_task_data->task_id,
18671 gmp_parser))
18672 {
18673 error_send_to_client (error);
18674 return;
18675 }
18676 break;
18677 case 99:
18678 SEND_TO_CLIENT_OR_FAIL
18679 (XML_ERROR_SYNTAX ("delete_task",
18680 "Permission denied"));
18681 log_event_fail ("task", "Task", delete_task_data->task_id,
18682 "deleted");
18683 break;
18684 default: /* Programming error. */
18685 assert (0);
18686 case -1:
18687 /* Some other error occurred. */
18688 /** @todo Should respond with internal error. */
18689 g_debug ("delete_task failed");
18690 abort ();
18691 break;
18692 case -5:
18693 SEND_XML_SERVICE_DOWN ("delete_task");
18694 log_event_fail ("task", "Task",
18695 delete_task_data->task_id,
18696 "deleted");
18697 break;
18698 case -7:
18699 SEND_TO_CLIENT_OR_FAIL
18700 (XML_ERROR_SYNTAX ("delete_task", "No CA certificate"));
18701 log_event_fail ("task", "Task",
18702 delete_task_data->task_id,
18703 "deleted");
18704 break;
18705 }
18706 }
18707 else
18708 SEND_TO_CLIENT_OR_FAIL
18709 (XML_ERROR_SYNTAX ("delete_task",
18710 "A task_id attribute is required"));
18711 delete_task_data_reset (delete_task_data);
18712 set_client_state (CLIENT_AUTHENTIC);
18713 break;
18714
18715 case CLIENT_DELETE_TICKET:
18716 case CLIENT_DELETE_TLS_CERTIFICATE:
18717 delete_run (gmp_parser, error);
18718 set_client_state (CLIENT_AUTHENTIC);
18719 break;
18720
18721 case CLIENT_DELETE_USER:
18722 if (delete_user_data->user_id || delete_user_data->name)
18723 switch (delete_user (delete_user_data->user_id,
18724 delete_user_data->name,
18725 delete_user_data->ultimate,
18726 1,
18727 delete_user_data->inheritor_id,
18728 delete_user_data->inheritor_name))
18729 {
18730 case 0:
18731 SEND_TO_CLIENT_OR_FAIL (XML_OK ("delete_user"));
18732 log_event ("user", "User", delete_user_data->user_id,
18733 "deleted");
18734 break;
18735 case 2:
18736 if (send_find_error_to_client ("delete_user",
18737 "user",
18738 delete_user_data->user_id
18739 ? delete_user_data->user_id
18740 : delete_user_data->name,
18741 gmp_parser))
18742 {
18743 error_send_to_client (error);
18744 return;
18745 }
18746 log_event_fail ("user", "User", delete_user_data->user_id,
18747 "deleted");
18748 break;
18749 case 3:
18750 SEND_TO_CLIENT_OR_FAIL
18751 (XML_ERROR_SYNTAX ("delete_user",
18752 "Attempt to delete a predefined"
18753 " user"));
18754 break;
18755 case 4:
18756 SEND_TO_CLIENT_OR_FAIL
18757 (XML_ERROR_SYNTAX ("delete_user",
18758 "User has an active task"));
18759 break;
18760 case 5:
18761 SEND_TO_CLIENT_OR_FAIL
18762 (XML_ERROR_SYNTAX ("delete_user",
18763 "Attempt to delete current user"));
18764 break;
18765 case 6:
18766 if (send_find_error_to_client ("delete_user", "inheriting user",
18767 delete_user_data->inheritor_id,
18768 gmp_parser))
18769 {
18770 error_send_to_client (error);
18771 return;
18772 }
18773 break;
18774 case 7:
18775 SEND_TO_CLIENT_OR_FAIL
18776 (XML_ERROR_SYNTAX ("delete_user",
18777 "Inheritor is the same as the deleted"
18778 " user."));
18779 break;
18780 case 8:
18781 SEND_TO_CLIENT_OR_FAIL
18782 (XML_ERROR_SYNTAX ("delete_user",
18783 "Invalid inheritor."));
18784 break;
18785 case 9:
18786 SEND_TO_CLIENT_OR_FAIL
18787 (XML_ERROR_SYNTAX ("delete_user",
18788 "Resources owned by the user are still"
18789 " in use by others."));
18790 break;
18791 case 10:
18792 SEND_TO_CLIENT_OR_FAIL
18793 (XML_ERROR_SYNTAX ("delete_user",
18794 "User is Feed Import Owner"));
18795 break;
18796 case 99:
18797 SEND_TO_CLIENT_OR_FAIL
18798 (XML_ERROR_SYNTAX ("delete_user",
18799 "Permission denied"));
18800 log_event_fail ("user", "User", delete_user_data->user_id,
18801 "deleted");
18802 break;
18803 default:
18804 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("delete_user"));
18805 log_event_fail ("user", "User", delete_user_data->user_id,
18806 "deleted");
18807 }
18808 else
18809 SEND_TO_CLIENT_OR_FAIL
18810 (XML_ERROR_SYNTAX ("delete_user",
18811 "A user_id attribute is required"));
18812 delete_user_data_reset (delete_user_data);
18813 set_client_state (CLIENT_AUTHENTIC);
18814 break;
18815
18816 case CLIENT_DESCRIBE_AUTH:
18817 {
18818 if (acl_user_may ("describe_auth") == 0)
18819 {
18820 SEND_TO_CLIENT_OR_FAIL
18821 (XML_ERROR_SYNTAX ("describe_auth",
18822 "Permission denied"));
18823 set_client_state (CLIENT_AUTHENTIC);
18824 break;
18825 }
18826
18827 SEND_TO_CLIENT_OR_FAIL ("<describe_auth_response"
18828 " status=\"" STATUS_OK "\""
18829 " status_text=\"" STATUS_OK_TEXT "\">"
18830 "<group name=\"method:file\">"
18831 "<auth_conf_setting>"
18832 "<key>enable</key>"
18833 "<value>true</value>"
18834 "</auth_conf_setting>"
18835 "<auth_conf_setting>"
18836 "<key>order</key>"
18837 "<value>1</value>"
18838 "</auth_conf_setting>"
18839 "</group>");
18840
18841 if (gvm_auth_ldap_enabled ())
18842 {
18843 gchar *ldap_host, *ldap_authdn, *ldap_cacert;
18844 int ldap_enabled, ldap_allow_plaintext;
18845 manage_get_ldap_info (&ldap_enabled, &ldap_host, &ldap_authdn,
18846 &ldap_allow_plaintext, &ldap_cacert);
18847 SENDF_TO_CLIENT_OR_FAIL
18848 ("<group name=\"method:ldap_connect\">"
18849 "<auth_conf_setting>"
18850 "<key>enable</key>"
18851 "<value>%s</value>"
18852 "</auth_conf_setting>"
18853 "<auth_conf_setting>"
18854 "<key>order</key>"
18855 "<value>0</value>"
18856 "</auth_conf_setting>"
18857 "<auth_conf_setting>"
18858 "<key>ldaphost</key>"
18859 "<value>%s</value>"
18860 "</auth_conf_setting>"
18861 "<auth_conf_setting>"
18862 "<key>authdn</key>"
18863 "<value>%s</value>"
18864 "</auth_conf_setting>"
18865 "<auth_conf_setting>"
18866 "<key>allow-plaintext</key>"
18867 "<value>%i</value>"
18868 "</auth_conf_setting>",
18869 ldap_enabled ? "true" : "false",
18870 ldap_host,
18871 ldap_authdn,
18872 ldap_allow_plaintext);
18873
18874 g_free (ldap_host);
18875 g_free (ldap_authdn);
18876
18877 if (ldap_cacert)
18878 {
18879 time_t activation_time, expiration_time;
18880 gchar *activation_time_str, *expiration_time_str;
18881 gchar *md5_fingerprint, *issuer;
18882
18883 SENDF_TO_CLIENT_OR_FAIL
18884 ("<auth_conf_setting>"
18885 "<key>cacert</key>"
18886 "<value>%s</value>",
18887 ldap_cacert);
18888
18889 get_certificate_info (ldap_cacert,
18890 -1,
18891 &activation_time,
18892 &expiration_time,
18893 &md5_fingerprint,
18894 NULL, /* sha256_fingerprint */
18895 NULL, /* subject */
18896 &issuer,
18897 NULL, /* serial */
18898 NULL); /* certificate_format */
18899
18900 activation_time_str = certificate_iso_time (activation_time);
18901 expiration_time_str = certificate_iso_time (expiration_time);
18902 SENDF_TO_CLIENT_OR_FAIL
18903 ("<certificate_info>"
18904 "<time_status>%s</time_status>"
18905 "<activation_time>%s</activation_time>"
18906 "<expiration_time>%s</expiration_time>"
18907 "<md5_fingerprint>%s</md5_fingerprint>"
18908 "<issuer>%s</issuer>"
18909 "</certificate_info>",
18910 certificate_time_status (activation_time, expiration_time),
18911 activation_time_str,
18912 expiration_time_str,
18913 md5_fingerprint,
18914 issuer);
18915 g_free (activation_time_str);
18916 g_free (expiration_time_str);
18917 g_free (md5_fingerprint);
18918 g_free (issuer);
18919
18920 SEND_TO_CLIENT_OR_FAIL ("</auth_conf_setting>");
18921
18922 g_free (ldap_cacert);
18923 }
18924
18925 SEND_TO_CLIENT_OR_FAIL ("</group>");
18926 }
18927
18928 if (gvm_auth_radius_enabled ())
18929 {
18930 char *radius_host, *radius_key;
18931 int radius_enabled;
18932 manage_get_radius_info (&radius_enabled, &radius_host,
18933 &radius_key);
18934 SENDF_TO_CLIENT_OR_FAIL
18935 ("<group name=\"method:radius_connect\">"
18936 "<auth_conf_setting>"
18937 "<key>enable</key>"
18938 "<value>%s</value>"
18939 "</auth_conf_setting>"
18940 "<auth_conf_setting>"
18941 "<key>radiushost</key>"
18942 "<value>%s</value>"
18943 "</auth_conf_setting>"
18944 "<auth_conf_setting>"
18945 "<key>radiuskey</key>"
18946 "<value>%s</value>"
18947 "</auth_conf_setting>"
18948 "</group>",
18949 radius_enabled ? "true" : "false", radius_host, radius_key);
18950 g_free (radius_host);
18951 g_free (radius_key);
18952 }
18953
18954 SEND_TO_CLIENT_OR_FAIL ("</describe_auth_response>");
18955
18956 set_client_state (CLIENT_AUTHENTIC);
18957 break;
18958 }
18959
18960 case CLIENT_GET_AGGREGATES:
18961 handle_get_aggregates (gmp_parser, error);
18962 break;
18963
18964 CLOSE (CLIENT_GET_AGGREGATES, DATA_COLUMN);
18965 CLOSE (CLIENT_GET_AGGREGATES, SORT);
18966 CLOSE (CLIENT_GET_AGGREGATES, TEXT_COLUMN);
18967
18968 case CLIENT_GET_ALERTS:
18969 handle_get_alerts (gmp_parser, error);
18970 break;
18971
18972 case CLIENT_GET_ASSETS:
18973 handle_get_assets (gmp_parser, error);
18974 break;
18975
18976 case CLIENT_GET_CONFIGS:
18977 handle_get_configs (gmp_parser, error);
18978 break;
18979
18980 case CLIENT_GET_CREDENTIALS:
18981 handle_get_credentials (gmp_parser, error);
18982 break;
18983
18984 case CLIENT_GET_FEEDS:
18985 handle_get_feeds (gmp_parser, error);
18986 break;
18987
18988 case CLIENT_GET_FILTERS:
18989 handle_get_filters (gmp_parser, error);
18990 break;
18991
18992 case CLIENT_GET_GROUPS:
18993 handle_get_groups (gmp_parser, error);
18994 break;
18995
18996 case CLIENT_GET_INFO:
18997 handle_get_info (gmp_parser, error);
18998 break;
18999
19000 case CLIENT_GET_NOTES:
19001 handle_get_notes (gmp_parser, error);
19002 break;
19003
19004 case CLIENT_GET_NVTS:
19005 handle_get_nvts (gmp_parser, error);
19006 break;
19007
19008 case CLIENT_GET_NVT_FAMILIES:
19009 handle_get_nvt_families (gmp_parser, error);
19010 break;
19011
19012 case CLIENT_GET_OVERRIDES:
19013 handle_get_overrides (gmp_parser, error);
19014 break;
19015
19016 case CLIENT_GET_PERMISSIONS:
19017 handle_get_permissions (gmp_parser, error);
19018 break;
19019
19020 case CLIENT_GET_PORT_LISTS:
19021 handle_get_port_lists (gmp_parser, error);
19022 break;
19023
19024 case CLIENT_GET_PREFERENCES:
19025 handle_get_preferences (gmp_parser, error);
19026 break;
19027
19028 case CLIENT_GET_REPORTS:
19029 handle_get_reports (gmp_parser, error);
19030 break;
19031
19032 case CLIENT_GET_REPORT_FORMATS:
19033 handle_get_report_formats (gmp_parser, error);
19034 break;
19035
19036 case CLIENT_GET_RESULTS:
19037 handle_get_results (gmp_parser, error);
19038 break;
19039
19040 case CLIENT_GET_ROLES:
19041 handle_get_roles (gmp_parser, error);
19042 break;
19043
19044 case CLIENT_GET_SCANNERS:
19045 handle_get_scanners (gmp_parser, error);
19046 break;
19047
19048 case CLIENT_GET_SCHEDULES:
19049 handle_get_schedules (gmp_parser, error);
19050 break;
19051
19052 case CLIENT_GET_SETTINGS:
19053 handle_get_settings (gmp_parser, error);
19054 break;
19055
19056 case CLIENT_GET_SYSTEM_REPORTS:
19057 handle_get_system_reports (gmp_parser, error);
19058 break;
19059
19060 case CLIENT_GET_TAGS:
19061 handle_get_tags (gmp_parser, error);
19062 break;
19063
19064 case CLIENT_GET_TARGETS:
19065 handle_get_targets (gmp_parser, error);
19066 break;
19067
19068 case CLIENT_GET_TASKS:
19069 handle_get_tasks (gmp_parser, error);
19070 break;
19071
19072 CASE_GET_END (TICKETS, tickets);
19073
19074 CASE_GET_END (TLS_CERTIFICATES, tls_certificates);
19075
19076 case CLIENT_GET_USERS:
19077 handle_get_users (gmp_parser, error);
19078 break;
19079
19080 case CLIENT_GET_VERSION:
19081 case CLIENT_GET_VERSION_AUTHENTIC:
19082 handle_get_version (gmp_parser, error);
19083 break;
19084
19085 case CLIENT_GET_VULNS:
19086 handle_get_vulns (gmp_parser, error);
19087 break;
19088
19089 case CLIENT_HELP:
19090 if (acl_user_may ("help") == 0)
19091 {
19092 SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX ("help",
19093 "Permission denied"));
19094 help_data_reset (help_data);
19095 set_client_state (CLIENT_AUTHENTIC);
19096 break;
19097 }
19098
19099 if (help_data->format == NULL
19100 || (strcmp (help_data->format, "text") == 0))
19101 {
19102 command_t *commands;
19103 SEND_TO_CLIENT_OR_FAIL ("<help_response"
19104 " status=\"" STATUS_OK "\""
19105 " status_text=\"" STATUS_OK_TEXT "\">\n");
19106 commands = gmp_commands;
19107 while ((*commands).name)
19108 {
19109 if (command_disabled (gmp_parser, (*commands).name) == 0)
19110 {
19111 int count;
19112 SENDF_TO_CLIENT_OR_FAIL (" %s",
19113 (*commands).name);
19114 for (count = 23 - strlen ((*commands).name);
19115 count > 0;
19116 count--)
19117 SEND_TO_CLIENT_OR_FAIL (" ");
19118 SENDF_TO_CLIENT_OR_FAIL ("%s\n",
19119 (*commands).summary);
19120 }
19121 commands++;
19122 }
19123 SEND_TO_CLIENT_OR_FAIL ("</help_response>");
19124 }
19125 else if (help_data->type && (strcmp (help_data->type, "brief") == 0))
19126 {
19127 command_t *commands;
19128 int index;
19129
19130 SEND_TO_CLIENT_OR_FAIL ("<help_response"
19131 " status=\"" STATUS_OK "\""
19132 " status_text=\"" STATUS_OK_TEXT "\">\n"
19133 "<schema"
19134 " format=\"XML\""
19135 " extension=\"xml\""
19136 " content_type=\"text/xml\">");
19137 commands = acl_commands (gmp_parser->disabled_commands);
19138 for (index = 0; commands[index].name; index++)
19139 SENDF_TO_CLIENT_OR_FAIL ("<command>"
19140 "<name>%s</name>"
19141 "<summary>%s</summary>"
19142 "</command>",
19143 commands[index].name,
19144 commands[index].summary);
19145 g_free (commands);
19146 SEND_TO_CLIENT_OR_FAIL ("</schema>"
19147 "</help_response>");
19148 }
19149 else
19150 {
19151 gchar *extension, *content_type, *output;
19152 gsize output_len;
19153
19154 switch (manage_schema (help_data->format,
19155 &output,
19156 &output_len,
19157 &extension,
19158 &content_type))
19159 {
19160 case 0:
19161 {
19162
19163 SENDF_TO_CLIENT_OR_FAIL ("<help_response"
19164 " status=\"" STATUS_OK "\""
19165 " status_text=\"" STATUS_OK_TEXT "\">"
19166 "<schema"
19167 " format=\"%s\""
19168 " extension=\"%s\""
19169 " content_type=\"%s\">",
19170 help_data->format
19171 ? help_data->format
19172 : "XML",
19173 extension,
19174 content_type);
19175 g_free (extension);
19176 g_free (content_type);
19177
19178 if (output && strlen (output))
19179 {
19180 /* Encode and send the output. */
19181
19182 if (help_data->format
19183 && strcasecmp (help_data->format, "XML"))
19184 {
19185 gchar *base64;
19186
19187 base64 = g_base64_encode ((guchar*) output, output_len);
19188 if (send_to_client (base64,
19189 write_to_client,
19190 write_to_client_data))
19191 {
19192 g_free (output);
19193 g_free (base64);
19194 error_send_to_client (error);
19195 return;
19196 }
19197 g_free (base64);
19198 }
19199 else
19200 {
19201 /* Special case the XML schema, bah. */
19202 if (send_to_client (output,
19203 write_to_client,
19204 write_to_client_data))
19205 {
19206 g_free (output);
19207 error_send_to_client (error);
19208 return;
19209 }
19210 }
19211 }
19212 g_free (output);
19213 SEND_TO_CLIENT_OR_FAIL ("</schema>"
19214 "</help_response>");
19215 }
19216 break;
19217 case 1:
19218 assert (help_data->format);
19219 if (send_find_error_to_client ("help", "schema_format",
19220 help_data->format, gmp_parser))
19221 {
19222 error_send_to_client (error);
19223 return;
19224 }
19225 break;
19226 default:
19227 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("help"));
19228 break;
19229 }
19230 }
19231 help_data_reset (help_data);
19232 set_client_state (CLIENT_AUTHENTIC);
19233 break;
19234
19235 case CLIENT_CREATE_ASSET:
19236 {
19237 resource_t asset;
19238
19239 if (create_asset_data->report_id == NULL
19240 && (create_asset_data->name == NULL
19241 || create_asset_data->type == NULL))
19242 SEND_TO_CLIENT_OR_FAIL
19243 (XML_ERROR_SYNTAX ("create_asset",
19244 "A report ID or an"
19245 " ASSET with TYPE and NAME is required"));
19246 else if (create_asset_data->report_id)
19247 switch (create_asset_report (create_asset_data->report_id,
19248 create_asset_data->filter_term))
19249 {
19250 case 0:
19251 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED ("create_asset"));
19252 log_event ("asset", "Asset", NULL, "created");
19253 break;
19254 case 1:
19255 SEND_TO_CLIENT_OR_FAIL
19256 (XML_ERROR_SYNTAX ("create_asset",
19257 "Asset exists already"));
19258 log_event_fail ("asset", "Asset", NULL, "created");
19259 break;
19260 case 2:
19261 SEND_TO_CLIENT_OR_FAIL
19262 (XML_ERROR_SYNTAX ("create_asset",
19263 "Name may only contain alphanumeric"
19264 " characters"));
19265 log_event_fail ("asset", "Asset", NULL, "created");
19266 break;
19267 case 99:
19268 SEND_TO_CLIENT_OR_FAIL
19269 (XML_ERROR_SYNTAX ("create_asset",
19270 "Permission denied"));
19271 log_event_fail ("asset", "Asset", NULL, "created");
19272 break;
19273 default:
19274 assert (0);
19275 case -1:
19276 SEND_TO_CLIENT_OR_FAIL
19277 (XML_INTERNAL_ERROR ("create_asset"));
19278 log_event_fail ("asset", "Asset", NULL, "created");
19279 break;
19280 }
19281 else if (strcasecmp (create_asset_data->type, "host") == 0)
19282 {
19283 switch (create_asset_host (create_asset_data->name,
19284 create_asset_data->comment,
19285 &asset))
19286 {
19287 case 0:
19288 {
19289 char *uuid;
19290 uuid = host_uuid (asset);
19291 SENDF_TO_CLIENT_OR_FAIL
19292 (XML_OK_CREATED_ID ("create_asset"), uuid);
19293 log_event ("asset", "Asset", uuid, "created");
19294 g_free (uuid);
19295 break;
19296 }
19297 case 1:
19298 SEND_TO_CLIENT_OR_FAIL
19299 (XML_ERROR_SYNTAX ("create_asset",
19300 "Asset exists already"));
19301 log_event_fail ("asset", "Asset", NULL, "created");
19302 break;
19303 case 2:
19304 SEND_TO_CLIENT_OR_FAIL
19305 (XML_ERROR_SYNTAX ("create_asset",
19306 "Name must be an IP address"));
19307 log_event_fail ("asset", "Asset", NULL, "created");
19308 break;
19309 case 99:
19310 SEND_TO_CLIENT_OR_FAIL
19311 (XML_ERROR_SYNTAX ("create_asset",
19312 "Permission denied"));
19313 log_event_fail ("asset", "Asset", NULL, "created");
19314 break;
19315 default:
19316 assert (0);
19317 case -1:
19318 SEND_TO_CLIENT_OR_FAIL
19319 (XML_INTERNAL_ERROR ("create_asset"));
19320 log_event_fail ("asset", "Asset", NULL, "created");
19321 break;
19322 }
19323 }
19324 else
19325 {
19326 SEND_TO_CLIENT_OR_FAIL
19327 (XML_ERROR_SYNTAX ("create_asset",
19328 "ASSET TYPE must be 'host'"));
19329 log_event_fail ("asset", "Asset", NULL, "created");
19330 break;
19331 }
19332 create_asset_data_reset (create_asset_data);
19333 set_client_state (CLIENT_AUTHENTIC);
19334 break;
19335 }
19336 CLOSE (CLIENT_CREATE_ASSET, REPORT);
19337 CLOSE (CLIENT_CREATE_ASSET, ASSET);
19338 CLOSE (CLIENT_CREATE_ASSET_ASSET, COMMENT);
19339 CLOSE (CLIENT_CREATE_ASSET_ASSET, NAME);
19340 CLOSE (CLIENT_CREATE_ASSET_ASSET, TYPE);
19341 CLOSE (CLIENT_CREATE_ASSET_REPORT, FILTER);
19342 CLOSE (CLIENT_CREATE_ASSET_REPORT_FILTER, TERM);
19343
19344 case CLIENT_CREATE_CONFIG:
19345 if (create_config_element_end (gmp_parser, error, element_name))
19346 set_client_state (CLIENT_AUTHENTIC);
19347 break;
19348
19349 case CLIENT_CREATE_ALERT:
19350 {
19351 event_t event;
19352 alert_condition_t condition;
19353 alert_method_t method;
19354 alert_t new_alert;
19355
19356 assert (create_alert_data->name != NULL);
19357 assert (create_alert_data->condition != NULL);
19358 assert (create_alert_data->method != NULL);
19359 assert (create_alert_data->event != NULL);
19360
19361 array_terminate (create_alert_data->condition_data);
19362 array_terminate (create_alert_data->event_data);
19363 array_terminate (create_alert_data->method_data);
19364
19365 if (create_alert_data->copy)
19366 switch (copy_alert (create_alert_data->name,
19367 create_alert_data->comment,
19368 create_alert_data->copy,
19369 &new_alert))
19370 {
19371 case 0:
19372 {
19373 char *uuid;
19374 uuid = alert_uuid (new_alert);
19375 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_alert"),
19376 uuid);
19377 log_event ("alert", "Alert", uuid, "created");
19378 free (uuid);
19379 break;
19380 }
19381 case 1:
19382 SEND_TO_CLIENT_OR_FAIL
19383 (XML_ERROR_SYNTAX ("create_alert",
19384 "Alert exists already"));
19385 log_event_fail ("alert", "Alert", NULL, "created");
19386 break;
19387 case 2:
19388 if (send_find_error_to_client ("create_alert", "alert",
19389 create_alert_data->copy,
19390 gmp_parser))
19391 {
19392 error_send_to_client (error);
19393 return;
19394 }
19395 log_event_fail ("alert", "Alert", NULL, "created");
19396 break;
19397 case 99:
19398 SEND_TO_CLIENT_OR_FAIL
19399 (XML_ERROR_SYNTAX ("create_alert",
19400 "Permission denied"));
19401 log_event_fail ("alert", "Alert", NULL, "created");
19402 break;
19403 case -1:
19404 default:
19405 SEND_TO_CLIENT_OR_FAIL
19406 (XML_INTERNAL_ERROR ("create_alert"));
19407 log_event_fail ("alert", "Alert", NULL, "created");
19408 break;
19409 }
19410 else if (strlen (create_alert_data->name) == 0)
19411 SEND_TO_CLIENT_OR_FAIL
19412 (XML_ERROR_SYNTAX ("create_alert",
19413 "A NAME element which"
19414 " is at least one character long is required"));
19415 else if (strlen (create_alert_data->condition) == 0)
19416 SEND_TO_CLIENT_OR_FAIL
19417 (XML_ERROR_SYNTAX ("create_alert",
19418 "A value in a"
19419 " CONDITION element is required"));
19420 else if (strlen (create_alert_data->event) == 0)
19421 SEND_TO_CLIENT_OR_FAIL
19422 (XML_ERROR_SYNTAX ("create_alert",
19423 "A value in an"
19424 " EVENT element is required"));
19425 else if (strlen (create_alert_data->method) == 0)
19426 SEND_TO_CLIENT_OR_FAIL
19427 (XML_ERROR_SYNTAX ("create_alert",
19428 "A value in a"
19429 " METHOD element is required"));
19430 else if ((condition = alert_condition_from_name
19431 (create_alert_data->condition))
19432 == 0)
19433 SEND_TO_CLIENT_OR_FAIL
19434 (XML_ERROR_SYNTAX ("create_alert",
19435 "Failed to recognise condition name"));
19436 else if ((event = event_from_name (create_alert_data->event))
19437 == 0)
19438 SEND_TO_CLIENT_OR_FAIL
19439 (XML_ERROR_SYNTAX ("create_alert",
19440 "Failed to recognise event name"));
19441 else if ((method = alert_method_from_name
19442 (create_alert_data->method))
19443 == 0)
19444 SEND_TO_CLIENT_OR_FAIL
19445 (XML_ERROR_SYNTAX ("create_alert",
19446 "Failed to recognise method name"));
19447 else
19448 {
19449 switch (create_alert (create_alert_data->name,
19450 create_alert_data->comment,
19451 create_alert_data->filter_id,
19452 create_alert_data->active,
19453 event,
19454 create_alert_data->event_data,
19455 condition,
19456 create_alert_data->condition_data,
19457 method,
19458 create_alert_data->method_data,
19459 &new_alert))
19460 {
19461 case 0:
19462 {
19463 char *uuid;
19464 uuid = alert_uuid (new_alert);
19465 SENDF_TO_CLIENT_OR_FAIL
19466 (XML_OK_CREATED_ID ("create_alert"), uuid);
19467 log_event ("alert", "Alert", uuid, "created");
19468 free (uuid);
19469 break;
19470 }
19471 case 1:
19472 SEND_TO_CLIENT_OR_FAIL
19473 (XML_ERROR_SYNTAX ("create_alert",
19474 "Alert exists already"));
19475 log_event_fail ("alert", "Alert", NULL, "created");
19476 break;
19477 case 2:
19478 SEND_TO_CLIENT_OR_FAIL
19479 (XML_ERROR_SYNTAX ("create_alert",
19480 "Validation of email address failed"));
19481 log_event_fail ("alert", "Alert", NULL, "created");
19482 break;
19483 case 3:
19484 if (send_find_error_to_client ("create_alert", "filter",
19485 create_alert_data->filter_id,
19486 gmp_parser))
19487 {
19488 error_send_to_client (error);
19489 return;
19490 }
19491 log_event_fail ("alert", "Alert", NULL, "created");
19492 break;
19493 case 4:
19494 SEND_TO_CLIENT_OR_FAIL
19495 (XML_ERROR_SYNTAX ("create_alert",
19496 "Filter type must be result if"
19497 " specified"));
19498 log_event_fail ("alert", "Alert", NULL, "created");
19499 break;
19500 case 5:
19501 SEND_TO_CLIENT_OR_FAIL
19502 (XML_ERROR_SYNTAX ("create_alert",
19503 "Invalid or unexpected condition data"
19504 " name"));
19505 log_event_fail ("alert", "Alert", NULL, "created");
19506 break;
19507 case 6:
19508 SEND_TO_CLIENT_OR_FAIL
19509 (XML_ERROR_SYNTAX ("create_alert",
19510 "Syntax error in condition data"));
19511 log_event_fail ("alert", "Alert", NULL, "created");
19512 break;
19513 case 7:
19514 SEND_TO_CLIENT_OR_FAIL
19515 (XML_ERROR_SYNTAX ("create_alert",
19516 "Email subject too long"));
19517 log_event_fail ("alert", "Alert", NULL, "created");
19518 break;
19519 case 8:
19520 SEND_TO_CLIENT_OR_FAIL
19521 (XML_ERROR_SYNTAX ("create_alert",
19522 "Email message too long"));
19523 log_event_fail ("alert", "Alert", NULL, "created");
19524 break;
19525 case 9:
19526 SEND_TO_CLIENT_OR_FAIL
19527 (XML_ERROR_SYNTAX ("create_alert",
19528 "Failed to find filter for condition"));
19529 log_event_fail ("alert", "Alert", NULL, "created");
19530 break;
19531 case 12:
19532 SEND_TO_CLIENT_OR_FAIL
19533 (XML_ERROR_SYNTAX ("create_alert",
19534 "Error in Send host"));
19535 log_event_fail ("alert", "Alert", NULL, "created");
19536 break;
19537 case 13:
19538 SEND_TO_CLIENT_OR_FAIL
19539 (XML_ERROR_SYNTAX ("create_alert",
19540 "Error in Send port"));
19541 log_event_fail ("alert", "Alert", NULL, "created");
19542 break;
19543 case 14:
19544 SEND_TO_CLIENT_OR_FAIL
19545 (XML_ERROR_SYNTAX ("create_alert",
19546 "Failed to find report format for Send"
19547 " method"));
19548 log_event_fail ("alert", "Alert", NULL, "created");
19549 break;
19550 case 15:
19551 SEND_TO_CLIENT_OR_FAIL
19552 (XML_ERROR_SYNTAX ("create_alert",
19553 "Error in SCP host"));
19554 log_event_fail ("alert", "Alert", NULL, "created");
19555 break;
19556 case 17:
19557 SEND_TO_CLIENT_OR_FAIL
19558 (XML_ERROR_SYNTAX ("create_alert",
19559 "Failed to find report format for SCP"
19560 " method"));
19561 log_event_fail ("alert", "Alert", NULL, "created");
19562 break;
19563 case 18:
19564 SEND_TO_CLIENT_OR_FAIL
19565 (XML_ERROR_SYNTAX ("create_alert",
19566 "Error in SCP credential"));
19567 log_event_fail ("alert", "Alert", NULL, "created");
19568 break;
19569 case 19:
19570 SEND_TO_CLIENT_OR_FAIL
19571 (XML_ERROR_SYNTAX ("create_alert",
19572 "Error in SCP path"));
19573 log_event_fail ("alert", "Alert", NULL, "created");
19574 break;
19575 case 20:
19576 SEND_TO_CLIENT_OR_FAIL
19577 (XML_ERROR_SYNTAX ("create_alert",
19578 "Method does not match event type"));
19579 log_event_fail ("alert", "Alert", NULL, "created");
19580 break;
19581 case 21:
19582 SEND_TO_CLIENT_OR_FAIL
19583 (XML_ERROR_SYNTAX ("create_alert",
19584 "Condition does not match event type"));
19585 log_event_fail ("alert", "Alert", NULL, "created");
19586 break;
19587 case 31:
19588 SEND_TO_CLIENT_OR_FAIL
19589 (XML_ERROR_SYNTAX ("create_alert",
19590 "Unexpected event data name"));
19591 log_event_fail ("alert", "Alert", NULL, "created");
19592 break;
19593 case 32:
19594 SEND_TO_CLIENT_OR_FAIL
19595 (XML_ERROR_SYNTAX ("create_alert",
19596 "Syntax error in event data"));
19597 log_event_fail ("alert", "Alert", NULL, "created");
19598 break;
19599 case 40:
19600 SEND_TO_CLIENT_OR_FAIL
19601 (XML_ERROR_SYNTAX ("create_alert",
19602 "Error in SMB credential"));
19603 log_event_fail ("alert", "Alert", NULL, "created");
19604 break;
19605 case 41:
19606 SEND_TO_CLIENT_OR_FAIL
19607 (XML_ERROR_SYNTAX ("create_alert",
19608 "Error in SMB share path"));
19609 log_event_fail ("alert", "Alert", NULL, "created");
19610 break;
19611 case 42:
19612 SEND_TO_CLIENT_OR_FAIL
19613 (XML_ERROR_SYNTAX ("create_alert",
19614 "Error in SMB file path"));
19615 log_event_fail ("alert", "Alert", NULL, "created");
19616 break;
19617 case 43:
19618 SEND_TO_CLIENT_OR_FAIL
19619 (XML_ERROR_SYNTAX ("create_alert",
19620 "SMB file path must not contain"
19621 " any file or subdirectory ending in"
19622 " a dot (.)."));
19623 log_event_fail ("alert", "Alert", NULL, "created");
19624 break;
19625 case 50:
19626 SEND_TO_CLIENT_OR_FAIL
19627 (XML_ERROR_SYNTAX ("create_alert",
19628 "Error in TippingPoint credential"));
19629 log_event_fail ("alert", "Alert", NULL, "created");
19630 break;
19631 case 51:
19632 SEND_TO_CLIENT_OR_FAIL
19633 (XML_ERROR_SYNTAX ("create_alert",
19634 "Error in TippingPoint hostname"));
19635 log_event_fail ("alert", "Alert", NULL, "created");
19636 break;
19637 case 52:
19638 SEND_TO_CLIENT_OR_FAIL
19639 (XML_ERROR_SYNTAX ("create_alert",
19640 "Error in TippingPoint TLS"
19641 " certificate"));
19642 log_event_fail ("alert", "Alert", NULL, "created");
19643 break;
19644 case 53:
19645 SEND_TO_CLIENT_OR_FAIL
19646 (XML_ERROR_SYNTAX ("create_alert",
19647 "TippingPoint TLS workaround must be"
19648 " set to 0 or 1"));
19649 log_event_fail ("alert", "Alert", NULL, "created");
19650 break;
19651 case 60:
19652 {
19653 SEND_TO_CLIENT_OR_FAIL
19654 ("<create_alert_response"
19655 " status=\"" STATUS_ERROR_MISSING "\""
19656 " status_text=\"Recipient credential not found\"/>");
19657 log_event_fail ("alert", "Alert", NULL, "created");
19658 }
19659 break;
19660 case 61:
19661 SEND_TO_CLIENT_OR_FAIL
19662 (XML_ERROR_SYNTAX ("create_alert",
19663 "Email recipient credential must have"
19664 " type 'pgp' or 'smime'"));
19665 log_event_fail ("alert", "Alert", NULL, "created");
19666 break;
19667 case 70:
19668 {
19669 SEND_TO_CLIENT_OR_FAIL
19670 ("<create_alert_response"
19671 " status=\"" STATUS_ERROR_MISSING "\""
19672 " status_text=\"Credential for vFire not found\"/>");
19673 log_event_fail ("alert", "Alert", NULL, "created");
19674 }
19675 break;
19676 case 71:
19677 SEND_TO_CLIENT_OR_FAIL
19678 (XML_ERROR_SYNTAX ("create_alert",
19679 "vFire credential must have"
19680 " type 'up'"));
19681 log_event_fail ("alert", "Alert", NULL, "created");
19682 break;
19683 case 80:
19684 {
19685 SEND_TO_CLIENT_OR_FAIL
19686 ("<create_alert_response"
19687 " status=\"" STATUS_ERROR_MISSING "\""
19688 " status_text=\"Credential for Sourcefire"
19689 " PKCS12 password not found\"/>");
19690 log_event_fail ("alert", "Alert", NULL, "created");
19691 }
19692 break;
19693 case 81:
19694 SEND_TO_CLIENT_OR_FAIL
19695 (XML_ERROR_SYNTAX ("create_alert",
19696 "Sourcefire credential must have"
19697 " type 'pw' or 'up'"));
19698 log_event_fail ("alert", "Alert", NULL, "created");
19699 break;
19700 case 99:
19701 SEND_TO_CLIENT_OR_FAIL
19702 (XML_ERROR_SYNTAX ("create_alert",
19703 "Permission denied"));
19704 log_event_fail ("alert", "Alert", NULL, "created");
19705 break;
19706 default:
19707 assert (0);
19708 case -1:
19709 SEND_TO_CLIENT_OR_FAIL
19710 (XML_INTERNAL_ERROR ("create_alert"));
19711 log_event_fail ("alert", "Alert", NULL, "created");
19712 break;
19713 }
19714 }
19715 create_alert_data_reset (create_alert_data);
19716 set_client_state (CLIENT_AUTHENTIC);
19717 break;
19718 }
19719 CLOSE (CLIENT_CREATE_ALERT, ACTIVE);
19720 CLOSE (CLIENT_CREATE_ALERT, COMMENT);
19721 CLOSE (CLIENT_CREATE_ALERT, COPY);
19722 CLOSE (CLIENT_CREATE_ALERT, CONDITION);
19723 CLOSE (CLIENT_CREATE_ALERT, EVENT);
19724 CLOSE (CLIENT_CREATE_ALERT, FILTER);
19725 CLOSE (CLIENT_CREATE_ALERT, METHOD);
19726 CLOSE (CLIENT_CREATE_ALERT, NAME);
19727
19728 case CLIENT_CREATE_ALERT_CONDITION_DATA:
19729 {
19730 gchar *string;
19731
19732 assert (create_alert_data->condition_data);
19733 assert (create_alert_data->part_data);
19734 assert (create_alert_data->part_name);
19735
19736 string = g_strconcat (create_alert_data->part_name,
19737 "0",
19738 create_alert_data->part_data,
19739 NULL);
19740 string[strlen (create_alert_data->part_name)] = '\0';
19741 array_add (create_alert_data->condition_data, string);
19742
19743 gvm_free_string_var (&create_alert_data->part_data);
19744 gvm_free_string_var (&create_alert_data->part_name);
19745 gvm_append_string (&create_alert_data->part_data, "");
19746 gvm_append_string (&create_alert_data->part_name, "");
19747 set_client_state (CLIENT_CREATE_ALERT_CONDITION);
19748 break;
19749 }
19750 case CLIENT_CREATE_ALERT_CONDITION_DATA_NAME:
19751 set_client_state (CLIENT_CREATE_ALERT_CONDITION_DATA);
19752 break;
19753
19754 case CLIENT_CREATE_ALERT_EVENT_DATA:
19755 {
19756 gchar *string;
19757
19758 assert (create_alert_data->event_data);
19759 assert (create_alert_data->part_data);
19760 assert (create_alert_data->part_name);
19761
19762 string = g_strconcat (create_alert_data->part_name,
19763 "0",
19764 create_alert_data->part_data,
19765 NULL);
19766 string[strlen (create_alert_data->part_name)] = '\0';
19767 array_add (create_alert_data->event_data, string);
19768
19769 gvm_free_string_var (&create_alert_data->part_data);
19770 gvm_free_string_var (&create_alert_data->part_name);
19771 gvm_append_string (&create_alert_data->part_data, "");
19772 gvm_append_string (&create_alert_data->part_name, "");
19773 set_client_state (CLIENT_CREATE_ALERT_EVENT);
19774 break;
19775 }
19776 CLOSE (CLIENT_CREATE_ALERT_EVENT_DATA, NAME);
19777
19778 case CLIENT_CREATE_ALERT_METHOD_DATA:
19779 {
19780 gchar *string;
19781
19782 assert (create_alert_data->method_data);
19783 assert (create_alert_data->part_data);
19784 assert (create_alert_data->part_name);
19785
19786 string = g_strconcat (create_alert_data->part_name,
19787 "0",
19788 create_alert_data->part_data,
19789 NULL);
19790 string[strlen (create_alert_data->part_name)] = '\0';
19791 array_add (create_alert_data->method_data, string);
19792
19793 gvm_free_string_var (&create_alert_data->part_data);
19794 gvm_free_string_var (&create_alert_data->part_name);
19795 gvm_append_string (&create_alert_data->part_data, "");
19796 gvm_append_string (&create_alert_data->part_name, "");
19797 set_client_state (CLIENT_CREATE_ALERT_METHOD);
19798 break;
19799 }
19800 CLOSE (CLIENT_CREATE_ALERT_METHOD_DATA, NAME);
19801
19802 case CLIENT_CREATE_CREDENTIAL:
19803 {
19804 credential_t new_credential;
19805
19806 assert (create_credential_data->name != NULL);
19807
19808 if (create_credential_data->copy)
19809 switch (copy_credential (create_credential_data->name,
19810 create_credential_data->comment,
19811 create_credential_data->copy,
19812 &new_credential))
19813 {
19814 case 0:
19815 {
19816 char *uuid;
19817 uuid = credential_uuid (new_credential);
19818 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_credential"),
19819 uuid);
19820 log_event ("credential", "Credential", uuid, "created");
19821 free (uuid);
19822 break;
19823 }
19824 case 1:
19825 SEND_TO_CLIENT_OR_FAIL
19826 (XML_ERROR_SYNTAX ("create_credential",
19827 "Credential exists already"));
19828 log_event_fail ("credential", "Credential", NULL, "created");
19829 break;
19830 case 2:
19831 if (send_find_error_to_client ("create_credential",
19832 "credential",
19833 create_credential_data->copy,
19834 gmp_parser))
19835 {
19836 error_send_to_client (error);
19837 return;
19838 }
19839 log_event_fail ("credential", "Credential", NULL, "created");
19840 break;
19841 case 99:
19842 SEND_TO_CLIENT_OR_FAIL
19843 (XML_ERROR_SYNTAX ("create_credential",
19844 "Permission denied"));
19845 log_event_fail ("credential", "Credential", NULL, "created");
19846 break;
19847 case -1:
19848 default:
19849 SEND_TO_CLIENT_OR_FAIL
19850 (XML_INTERNAL_ERROR ("create_credential"));
19851 log_event_fail ("credential", "Credential", NULL, "created");
19852 break;
19853 }
19854 else if (strlen (create_credential_data->name) == 0)
19855 {
19856 SEND_TO_CLIENT_OR_FAIL
19857 (XML_ERROR_SYNTAX ("create_credential",
19858 "Name must be at"
19859 " least one character long"));
19860 }
19861 else if (create_credential_data->login
19862 && strlen (create_credential_data->login) == 0)
19863 {
19864 SEND_TO_CLIENT_OR_FAIL
19865 (XML_ERROR_SYNTAX ("create_credential",
19866 "Login must be at"
19867 " least one character long"));
19868 }
19869 else if (create_credential_data->key
19870 && create_credential_data->key_private == NULL
19871 && create_credential_data->key_public == NULL)
19872 {
19873 SEND_TO_CLIENT_OR_FAIL
19874 (XML_ERROR_SYNTAX ("create_credential",
19875 "KEY requires a PRIVATE"
19876 " or PUBLIC key"));
19877 }
19878 else if (create_credential_data->key
19879 && create_credential_data->key_private
19880 && check_private_key (create_credential_data->key_private,
19881 create_credential_data->key_phrase))
19882 {
19883 SEND_TO_CLIENT_OR_FAIL
19884 (XML_ERROR_SYNTAX ("create_credential",
19885 "Erroneous Private Key."));
19886 }
19887 else if (create_credential_data->key
19888 && create_credential_data->key_public
19889 && check_public_key (create_credential_data->key_public))
19890 {
19891 SEND_TO_CLIENT_OR_FAIL
19892 (XML_ERROR_SYNTAX ("create_credential",
19893 "Erroneous Public Key."));
19894 }
19895 else if (create_credential_data->certificate
19896 && check_certificate
19897 (create_credential_data->certificate,
19898 create_credential_data->type))
19899 {
19900 SEND_TO_CLIENT_OR_FAIL
19901 (XML_ERROR_SYNTAX ("create_credential",
19902 "Erroneous Certificate."));
19903 }
19904 else switch (create_credential
19905 (create_credential_data->name,
19906 create_credential_data->comment,
19907 create_credential_data->login,
19908 create_credential_data->key_private
19909 ? create_credential_data->key_phrase
19910 : create_credential_data->password,
19911 create_credential_data->key_private,
19912 create_credential_data->key_public,
19913 create_credential_data->certificate,
19914 create_credential_data->community,
19915 create_credential_data->auth_algorithm,
19916 create_credential_data->privacy_password,
19917 create_credential_data->privacy_algorithm,
19918 create_credential_data->type,
19919 create_credential_data->allow_insecure,
19920 &new_credential))
19921 {
19922 case 0:
19923 {
19924 char *uuid = credential_uuid (new_credential);
19925 SENDF_TO_CLIENT_OR_FAIL
19926 (XML_OK_CREATED_ID ("create_credential"), uuid);
19927 log_event ("credential", "Credential", uuid, "created");
19928 free (uuid);
19929 break;
19930 }
19931 case 1:
19932 SEND_TO_CLIENT_OR_FAIL
19933 (XML_ERROR_SYNTAX ("create_credential",
19934 "Credential exists already"));
19935 break;
19936 case 2:
19937 SEND_TO_CLIENT_OR_FAIL
19938 (XML_ERROR_SYNTAX ("create_credential",
19939 "Login may only contain alphanumeric"
19940 " characters or the following:"
19941 " - _ \\ . @"));
19942 break;
19943 case 3:
19944 SEND_TO_CLIENT_OR_FAIL
19945 (XML_ERROR_SYNTAX ("create_credential",
19946 "Erroneous private key or associated"
19947 " passphrase"));
19948 break;
19949 case 4:
19950 SEND_TO_CLIENT_OR_FAIL
19951 (XML_ERROR_SYNTAX ("create_credential",
19952 "Erroneous credential type"));
19953 break;
19954 case 5:
19955 SEND_TO_CLIENT_OR_FAIL
19956 (XML_ERROR_SYNTAX ("create_credential",
19957 "Selected type requires a login username"));
19958 break;
19959 case 6:
19960 SEND_TO_CLIENT_OR_FAIL
19961 (XML_ERROR_SYNTAX ("create_credential",
19962 "Selected type requires a password"));
19963 break;
19964 case 7:
19965 SEND_TO_CLIENT_OR_FAIL
19966 (XML_ERROR_SYNTAX ("create_credential",
19967 "Selected type requires a private key"));
19968 break;
19969 case 8:
19970 SEND_TO_CLIENT_OR_FAIL
19971 (XML_ERROR_SYNTAX ("create_credential",
19972 "Selected type requires a certificate"));
19973 break;
19974 case 9:
19975 SEND_TO_CLIENT_OR_FAIL
19976 (XML_ERROR_SYNTAX ("create_credential",
19977 "Selected type requires a public key"));
19978 break;
19979 case 10:
19980 SEND_TO_CLIENT_OR_FAIL
19981 (XML_ERROR_SYNTAX ("create_credential",
19982 "Selected type cannot be generated"
19983 " automatically"));
19984 break;
19985 case 11:
19986 SEND_TO_CLIENT_OR_FAIL
19987 (XML_ERROR_SYNTAX ("create_credential",
19988 "Selected type requires a community and/or"
19989 " username + password"));
19990 break;
19991 case 12:
19992 SEND_TO_CLIENT_OR_FAIL
19993 (XML_ERROR_SYNTAX ("create_credential",
19994 "Selected type requires an"
19995 " auth_algorithm"));
19996 break;
19997 case 14:
19998 SEND_TO_CLIENT_OR_FAIL
19999 (XML_ERROR_SYNTAX ("create_credential",
20000 "Selected type requires an"
20001 " algorithm in the privacy element"
20002 " if a password is given"));
20003 break;
20004 case 15:
20005 SEND_TO_CLIENT_OR_FAIL
20006 (XML_ERROR_SYNTAX ("create_credential",
20007 "auth algorithm must be 'md5' or 'sha1'"));
20008 break;
20009 case 16:
20010 SEND_TO_CLIENT_OR_FAIL
20011 (XML_ERROR_SYNTAX ("create_credential",
20012 "privacy algorithm must be 'aes', 'des'"
20013 " or empty"));
20014 break;
20015 case 17:
20016 SEND_TO_CLIENT_OR_FAIL
20017 (XML_ERROR_SYNTAX ("create_credential",
20018 "Erroneous certificate"));
20019 break;
20020 case 99:
20021 SEND_TO_CLIENT_OR_FAIL
20022 (XML_ERROR_SYNTAX ("create_credential",
20023 "Permission denied"));
20024 break;
20025 default:
20026 assert (0);
20027 case -1:
20028 SEND_TO_CLIENT_OR_FAIL
20029 (XML_INTERNAL_ERROR ("create_credential"));
20030 break;
20031 }
20032 create_credential_data_reset (create_credential_data);
20033 set_client_state (CLIENT_AUTHENTIC);
20034 break;
20035 }
20036 CLOSE (CLIENT_CREATE_CREDENTIAL, ALLOW_INSECURE);
20037 CLOSE (CLIENT_CREATE_CREDENTIAL, AUTH_ALGORITHM);
20038 CLOSE (CLIENT_CREATE_CREDENTIAL, CERTIFICATE);
20039 CLOSE (CLIENT_CREATE_CREDENTIAL, COMMENT);
20040 CLOSE (CLIENT_CREATE_CREDENTIAL, COMMUNITY);
20041 CLOSE (CLIENT_CREATE_CREDENTIAL, COPY);
20042 CLOSE (CLIENT_CREATE_CREDENTIAL, KEY);
20043 CLOSE (CLIENT_CREATE_CREDENTIAL_KEY, PHRASE);
20044 CLOSE (CLIENT_CREATE_CREDENTIAL_KEY, PRIVATE);
20045 CLOSE (CLIENT_CREATE_CREDENTIAL_KEY, PUBLIC);
20046 CLOSE (CLIENT_CREATE_CREDENTIAL, LOGIN);
20047 CLOSE (CLIENT_CREATE_CREDENTIAL, NAME);
20048 CLOSE (CLIENT_CREATE_CREDENTIAL, PASSWORD);
20049 CLOSE (CLIENT_CREATE_CREDENTIAL, PRIVACY);
20050 CLOSE (CLIENT_CREATE_CREDENTIAL_PRIVACY, ALGORITHM);
20051 CLOSE (CLIENT_CREATE_CREDENTIAL_PRIVACY, PASSWORD);
20052 CLOSE (CLIENT_CREATE_CREDENTIAL, TYPE);
20053
20054 case CLIENT_CREATE_FILTER:
20055 {
20056 filter_t new_filter;
20057
20058 assert (create_filter_data->term != NULL);
20059
20060 if (create_filter_data->copy)
20061 switch (copy_filter (create_filter_data->name,
20062 create_filter_data->comment,
20063 create_filter_data->copy,
20064 &new_filter))
20065 {
20066 case 0:
20067 {
20068 char *uuid;
20069 uuid = filter_uuid (new_filter);
20070 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_filter"),
20071 uuid);
20072 log_event ("filter", "Filter", uuid, "created");
20073 free (uuid);
20074 break;
20075 }
20076 case 1:
20077 SEND_TO_CLIENT_OR_FAIL
20078 (XML_ERROR_SYNTAX ("create_filter",
20079 "Filter exists already"));
20080 log_event_fail ("filter", "Filter", NULL, "created");
20081 break;
20082 case 2:
20083 if (send_find_error_to_client ("create_filter", "filter",
20084 create_filter_data->copy,
20085 gmp_parser))
20086 {
20087 error_send_to_client (error);
20088 return;
20089 }
20090 log_event_fail ("filter", "Filter", NULL, "created");
20091 break;
20092 case 99:
20093 SEND_TO_CLIENT_OR_FAIL
20094 (XML_ERROR_SYNTAX ("create_filter",
20095 "Permission denied"));
20096 log_event_fail ("filter", "Filter", NULL, "created");
20097 break;
20098 case -1:
20099 default:
20100 SEND_TO_CLIENT_OR_FAIL
20101 (XML_INTERNAL_ERROR ("create_filter"));
20102 log_event_fail ("filter", "Filter", NULL, "created");
20103 break;
20104 }
20105 else if (create_filter_data->name == NULL)
20106 SEND_TO_CLIENT_OR_FAIL
20107 (XML_ERROR_SYNTAX ("create_filter",
20108 "A NAME is required"));
20109 else if (strlen (create_filter_data->name) == 0)
20110 SEND_TO_CLIENT_OR_FAIL
20111 (XML_ERROR_SYNTAX ("create_filter",
20112 "Name must be at"
20113 " least one character long"));
20114 else switch (create_filter
20115 (create_filter_data->name,
20116 create_filter_data->comment,
20117 create_filter_data->type,
20118 create_filter_data->term,
20119 &new_filter))
20120 {
20121 case 0:
20122 {
20123 char *uuid = filter_uuid (new_filter);
20124 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_filter"),
20125 uuid);
20126 log_event ("filter", "Filter", uuid, "created");
20127 free (uuid);
20128 break;
20129 }
20130 case 1:
20131 SEND_TO_CLIENT_OR_FAIL
20132 (XML_ERROR_SYNTAX ("create_filter",
20133 "Filter exists already"));
20134 log_event_fail ("filter", "Filter", NULL, "created");
20135 break;
20136 case 2:
20137 SEND_TO_CLIENT_OR_FAIL
20138 (XML_ERROR_SYNTAX ("create_filter",
20139 "Type must be a valid GMP type"));
20140 log_event_fail ("filter", "Filter", NULL, "created");
20141 break;
20142 case 99:
20143 SEND_TO_CLIENT_OR_FAIL
20144 (XML_ERROR_SYNTAX ("create_filter",
20145 "Permission denied"));
20146 log_event_fail ("filter", "Filter", NULL, "created");
20147 break;
20148 default:
20149 SEND_TO_CLIENT_OR_FAIL
20150 (XML_INTERNAL_ERROR ("create_filter"));
20151 log_event_fail ("filter", "Filter", NULL, "created");
20152 break;
20153 }
20154
20155 create_filter_data_reset (create_filter_data);
20156 set_client_state (CLIENT_AUTHENTIC);
20157 break;
20158 }
20159 CLOSE (CLIENT_CREATE_FILTER, COMMENT);
20160 CLOSE (CLIENT_CREATE_FILTER, COPY);
20161 CLOSE (CLIENT_CREATE_FILTER, NAME);
20162 CLOSE (CLIENT_CREATE_FILTER, TERM);
20163 CLOSE (CLIENT_CREATE_FILTER, TYPE);
20164
20165 case CLIENT_CREATE_GROUP:
20166 {
20167 group_t new_group;
20168
20169 assert (create_group_data->users != NULL);
20170
20171 if (create_group_data->copy)
20172 switch (copy_group (create_group_data->name,
20173 create_group_data->comment,
20174 create_group_data->copy,
20175 &new_group))
20176 {
20177 case 0:
20178 {
20179 char *uuid;
20180 uuid = group_uuid (new_group);
20181 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_group"),
20182 uuid);
20183 log_event ("group", "Group", uuid, "created");
20184 free (uuid);
20185 break;
20186 }
20187 case 1:
20188 SEND_TO_CLIENT_OR_FAIL
20189 (XML_ERROR_SYNTAX ("create_group",
20190 "Group exists already"));
20191 log_event_fail ("group", "Group", NULL, "created");
20192 break;
20193 case 2:
20194 if (send_find_error_to_client ("create_group", "group",
20195 create_group_data->copy,
20196 gmp_parser))
20197 {
20198 error_send_to_client (error);
20199 return;
20200 }
20201 log_event_fail ("group", "Group", NULL, "created");
20202 break;
20203 case 4:
20204 SEND_TO_CLIENT_OR_FAIL
20205 (XML_ERROR_SYNTAX ("create_group",
20206 "Syntax error in group name"));
20207 log_event_fail ("group", "Group", NULL, "created");
20208 break;
20209 case 99:
20210 SEND_TO_CLIENT_OR_FAIL
20211 (XML_ERROR_SYNTAX ("create_group",
20212 "Permission denied"));
20213 log_event_fail ("group", "Group", NULL, "created");
20214 break;
20215 case -1:
20216 default:
20217 SEND_TO_CLIENT_OR_FAIL
20218 (XML_INTERNAL_ERROR ("create_group"));
20219 log_event_fail ("group", "Group", NULL, "created");
20220 break;
20221 }
20222 else if (create_group_data->name == NULL)
20223 SEND_TO_CLIENT_OR_FAIL
20224 (XML_ERROR_SYNTAX ("create_group",
20225 "A NAME is required"));
20226 else if (strlen (create_group_data->name) == 0)
20227 SEND_TO_CLIENT_OR_FAIL
20228 (XML_ERROR_SYNTAX ("create_group",
20229 "Name must be at"
20230 " least one character long"));
20231 else switch (create_group
20232 (create_group_data->name,
20233 create_group_data->comment,
20234 create_group_data->users,
20235 create_group_data->special_full,
20236 &new_group))
20237 {
20238 case 0:
20239 {
20240 char *uuid = group_uuid (new_group);
20241 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_group"),
20242 uuid);
20243 log_event ("group", "Group", uuid, "created");
20244 free (uuid);
20245 break;
20246 }
20247 case 1:
20248 SEND_TO_CLIENT_OR_FAIL
20249 (XML_ERROR_SYNTAX ("create_group",
20250 "Group exists already"));
20251 log_event_fail ("group", "Group", NULL, "created");
20252 break;
20253 case 2:
20254 SEND_TO_CLIENT_OR_FAIL
20255 (XML_ERROR_SYNTAX ("create_group",
20256 "Failed to find user"));
20257 log_event_fail ("group", "Group", NULL, "created");
20258 break;
20259 case 4:
20260 SEND_TO_CLIENT_OR_FAIL
20261 (XML_ERROR_SYNTAX ("create_group",
20262 "Error in user name"));
20263 log_event_fail ("group", "Group", NULL, "created");
20264 break;
20265 case 99:
20266 SEND_TO_CLIENT_OR_FAIL
20267 (XML_ERROR_SYNTAX ("create_group",
20268 "Permission denied"));
20269 log_event_fail ("group", "Group", NULL, "created");
20270 break;
20271 default:
20272 SEND_TO_CLIENT_OR_FAIL
20273 (XML_INTERNAL_ERROR ("create_group"));
20274 log_event_fail ("group", "Group", NULL, "created");
20275 break;
20276 }
20277
20278 create_group_data_reset (create_group_data);
20279 set_client_state (CLIENT_AUTHENTIC);
20280 break;
20281 }
20282 CLOSE (CLIENT_CREATE_GROUP, COMMENT);
20283 CLOSE (CLIENT_CREATE_GROUP, COPY);
20284 CLOSE (CLIENT_CREATE_GROUP, NAME);
20285 CLOSE (CLIENT_CREATE_GROUP, SPECIALS);
20286 CLOSE (CLIENT_CREATE_GROUP_SPECIALS, FULL);
20287 CLOSE (CLIENT_CREATE_GROUP, USERS);
20288
20289 case CLIENT_CREATE_NOTE:
20290 {
20291 task_t task = 0;
20292 result_t result = 0;
20293 note_t new_note;
20294 int max;
20295
20296 if (create_note_data->copy)
20297 switch (copy_note (create_note_data->copy, &new_note))
20298 {
20299 case 0:
20300 {
20301 char *uuid;
20302 note_uuid (new_note, &uuid);
20303 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_note"),
20304 uuid);
20305 log_event ("note", "Note", uuid, "created");
20306 free (uuid);
20307 break;
20308 }
20309 case 1:
20310 SEND_TO_CLIENT_OR_FAIL
20311 (XML_ERROR_SYNTAX ("create_note",
20312 "Note exists already"));
20313 log_event_fail ("note", "Note", NULL, "created");
20314 break;
20315 case 2:
20316 if (send_find_error_to_client ("create_note", "note",
20317 create_note_data->copy,
20318 gmp_parser))
20319 {
20320 error_send_to_client (error);
20321 return;
20322 }
20323 log_event_fail ("note", "Note", NULL, "created");
20324 break;
20325 case 99:
20326 SEND_TO_CLIENT_OR_FAIL
20327 (XML_ERROR_SYNTAX ("create_note",
20328 "Permission denied"));
20329 log_event_fail ("note", "Note", NULL, "created");
20330 break;
20331 case -1:
20332 default:
20333 SEND_TO_CLIENT_OR_FAIL
20334 (XML_INTERNAL_ERROR ("create_note"));
20335 log_event_fail ("note", "Note", NULL, "created");
20336 break;
20337 }
20338 else if (create_note_data->nvt_oid == NULL)
20339 SEND_TO_CLIENT_OR_FAIL
20340 (XML_ERROR_SYNTAX ("create_note",
20341 "An NVT entity is required"));
20342 else if (create_note_data->text == NULL)
20343 SEND_TO_CLIENT_OR_FAIL
20344 (XML_ERROR_SYNTAX ("create_note",
20345 "A TEXT entity is required"));
20346 else if (create_note_data->hosts
20347 && ((max = manage_count_hosts (create_note_data->hosts, NULL))
20348 == -1))
20349 SEND_TO_CLIENT_OR_FAIL
20350 (XML_ERROR_SYNTAX ("create_note",
20351 "Error in host specification"));
20352 else if (create_note_data->hosts && (max > manage_max_hosts ()))
20353 SEND_TO_CLIENT_OR_FAIL
20354 (XML_ERROR_SYNTAX ("create_note",
20355 "Host specification exceeds maximum number of"
20356 " hosts"));
20357 else if (create_note_data->task_id
20358 && find_task_with_permission (create_note_data->task_id,
20359 &task,
20360 NULL))
20361 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_note"));
20362 else if (create_note_data->task_id && task == 0)
20363 {
20364 if (send_find_error_to_client ("create_note", "task",
20365 create_note_data->task_id,
20366 gmp_parser))
20367 {
20368 error_send_to_client (error);
20369 return;
20370 }
20371 }
20372 else if (create_note_data->result_id
20373 && find_result_with_permission (create_note_data->result_id,
20374 &result,
20375 NULL))
20376 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_note"));
20377 else if (create_note_data->result_id && result == 0)
20378 {
20379 if (send_find_error_to_client ("create_note", "result",
20380 create_note_data->result_id,
20381 gmp_parser))
20382 {
20383 error_send_to_client (error);
20384 return;
20385 }
20386 }
20387 else switch (create_note (create_note_data->active,
20388 create_note_data->nvt_oid,
20389 create_note_data->text,
20390 create_note_data->hosts,
20391 create_note_data->port,
20392 create_note_data->severity,
20393 create_note_data->threat,
20394 task,
20395 result,
20396 &new_note))
20397 {
20398 case 0:
20399 {
20400 char *uuid;
20401 note_uuid (new_note, &uuid);
20402 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_note"),
20403 uuid);
20404 log_event ("note", "Note", uuid, "created");
20405 free (uuid);
20406 break;
20407 }
20408 case 1:
20409 if (send_find_error_to_client ("create_note", "nvt",
20410 create_note_data->nvt_oid,
20411 gmp_parser))
20412 {
20413 error_send_to_client (error);
20414 return;
20415 }
20416 break;
20417 case 2:
20418 SEND_TO_CLIENT_OR_FAIL
20419 (XML_ERROR_SYNTAX ("create_note",
20420 "Error in port specification"));
20421 log_event_fail ("note", "Note", NULL, "created");
20422 break;
20423 case 99:
20424 SEND_TO_CLIENT_OR_FAIL
20425 (XML_ERROR_SYNTAX ("create_note",
20426 "Permission denied"));
20427 break;
20428 case -1:
20429 SEND_TO_CLIENT_OR_FAIL
20430 (XML_INTERNAL_ERROR ("create_note"));
20431 break;
20432 default:
20433 assert (0);
20434 SEND_TO_CLIENT_OR_FAIL
20435 (XML_INTERNAL_ERROR ("create_note"));
20436 break;
20437 }
20438 create_note_data_reset (create_note_data);
20439 set_client_state (CLIENT_AUTHENTIC);
20440 break;
20441 }
20442 CLOSE (CLIENT_CREATE_NOTE, ACTIVE);
20443 CLOSE (CLIENT_CREATE_NOTE, COPY);
20444 CLOSE (CLIENT_CREATE_NOTE, HOSTS);
20445 CLOSE (CLIENT_CREATE_NOTE, NVT);
20446 CLOSE (CLIENT_CREATE_NOTE, PORT);
20447 CLOSE (CLIENT_CREATE_NOTE, SEVERITY);
20448 CLOSE (CLIENT_CREATE_NOTE, RESULT);
20449 CLOSE (CLIENT_CREATE_NOTE, TASK);
20450 CLOSE (CLIENT_CREATE_NOTE, TEXT);
20451 CLOSE (CLIENT_CREATE_NOTE, THREAT);
20452
20453 case CLIENT_CREATE_OVERRIDE:
20454 {
20455 task_t task = 0;
20456 result_t result = 0;
20457 override_t new_override;
20458 int max;
20459
20460 if (create_override_data->copy)
20461 switch (copy_override (create_override_data->copy, &new_override))
20462 {
20463 case 0:
20464 {
20465 char *uuid;
20466 override_uuid (new_override, &uuid);
20467 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_override"),
20468 uuid);
20469 log_event ("override", "Override", uuid, "created");
20470 free (uuid);
20471 break;
20472 }
20473 case 1:
20474 SEND_TO_CLIENT_OR_FAIL
20475 (XML_ERROR_SYNTAX ("create_override",
20476 "Override exists already"));
20477 log_event_fail ("override", "Override", NULL, "created");
20478 break;
20479 case 2:
20480 if (send_find_error_to_client ("create_override", "override",
20481 create_override_data->copy,
20482 gmp_parser))
20483 {
20484 error_send_to_client (error);
20485 return;
20486 }
20487 log_event_fail ("override", "Override", NULL, "created");
20488 break;
20489 case 99:
20490 SEND_TO_CLIENT_OR_FAIL
20491 (XML_ERROR_SYNTAX ("create_override",
20492 "Permission denied"));
20493 log_event_fail ("override", "Override", NULL, "created");
20494 break;
20495 case -1:
20496 default:
20497 SEND_TO_CLIENT_OR_FAIL
20498 (XML_INTERNAL_ERROR ("create_override"));
20499 log_event_fail ("override", "Override", NULL, "created");
20500 break;
20501 }
20502 else if (create_override_data->nvt_oid == NULL)
20503 SEND_TO_CLIENT_OR_FAIL
20504 (XML_ERROR_SYNTAX ("create_override",
20505 "An NVT entity is required"));
20506 else if (create_override_data->text == NULL)
20507 SEND_TO_CLIENT_OR_FAIL
20508 (XML_ERROR_SYNTAX ("create_override",
20509 "A TEXT entity is required"));
20510 else if (create_override_data->hosts
20511 && ((max = manage_count_hosts (create_override_data->hosts,
20512 NULL))
20513 == -1))
20514 SEND_TO_CLIENT_OR_FAIL
20515 (XML_ERROR_SYNTAX ("create_override",
20516 "Error in host specification"));
20517 else if (create_override_data->hosts && (max > manage_max_hosts ()))
20518 SEND_TO_CLIENT_OR_FAIL
20519 (XML_ERROR_SYNTAX ("create_override",
20520 "Host specification exceeds maximum number"
20521 " of hosts"));
20522 else if (create_override_data->new_threat == NULL
20523 && create_override_data->new_severity == NULL)
20524 SEND_TO_CLIENT_OR_FAIL
20525 (XML_ERROR_SYNTAX ("create_override",
20526 "A NEW_THREAT"
20527 " or NEW_SEVERITY entity is required"));
20528 else if (create_override_data->task_id
20529 && find_task_with_permission (create_override_data->task_id,
20530 &task,
20531 NULL))
20532 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_override"));
20533 else if (create_override_data->task_id && task == 0)
20534 {
20535 if (send_find_error_to_client ("create_override", "task",
20536 create_override_data->task_id,
20537 gmp_parser))
20538 {
20539 error_send_to_client (error);
20540 return;
20541 }
20542 }
20543 else if (create_override_data->result_id
20544 && find_result_with_permission (create_override_data->result_id,
20545 &result,
20546 NULL))
20547 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_override"));
20548 else if (create_override_data->result_id && result == 0)
20549 {
20550 if (send_find_error_to_client ("create_override", "result",
20551 create_override_data->result_id,
20552 gmp_parser))
20553 {
20554 error_send_to_client (error);
20555 return;
20556 }
20557 }
20558 else switch (create_override (create_override_data->active,
20559 create_override_data->nvt_oid,
20560 create_override_data->text,
20561 create_override_data->hosts,
20562 create_override_data->port,
20563 create_override_data->threat,
20564 create_override_data->new_threat,
20565 create_override_data->severity,
20566 create_override_data->new_severity,
20567 task,
20568 result,
20569 &new_override))
20570 {
20571 case 0:
20572 {
20573 char *uuid;
20574 override_uuid (new_override, &uuid);
20575 SENDF_TO_CLIENT_OR_FAIL
20576 (XML_OK_CREATED_ID ("create_override"), uuid);
20577 log_event ("override", "Override", uuid, "created");
20578 free (uuid);
20579 break;
20580 }
20581 case 1:
20582 if (send_find_error_to_client ("create_override", "nvt",
20583 create_override_data->nvt_oid,
20584 gmp_parser))
20585 {
20586 error_send_to_client (error);
20587 return;
20588 }
20589 break;
20590 case 2:
20591 SEND_TO_CLIENT_OR_FAIL
20592 (XML_ERROR_SYNTAX ("create_override",
20593 "Error in port specification"));
20594 log_event_fail ("override", "Override", NULL, "created");
20595 break;
20596 case 3:
20597 SEND_TO_CLIENT_OR_FAIL
20598 (XML_ERROR_SYNTAX ("create_override",
20599 "Error in new_severity specification"));
20600 log_event_fail ("override", "Override", NULL, "created");
20601 break;
20602 case 99:
20603 SEND_TO_CLIENT_OR_FAIL
20604 (XML_ERROR_SYNTAX ("create_override",
20605 "Permission denied"));
20606 break;
20607 case -1:
20608 SEND_TO_CLIENT_OR_FAIL
20609 (XML_INTERNAL_ERROR ("create_override"));
20610 break;
20611 default:
20612 assert (0);
20613 SEND_TO_CLIENT_OR_FAIL
20614 (XML_INTERNAL_ERROR ("create_override"));
20615 break;
20616 }
20617 create_override_data_reset (create_override_data);
20618 set_client_state (CLIENT_AUTHENTIC);
20619 break;
20620 }
20621 CLOSE (CLIENT_CREATE_OVERRIDE, ACTIVE);
20622 CLOSE (CLIENT_CREATE_OVERRIDE, COPY);
20623 CLOSE (CLIENT_CREATE_OVERRIDE, HOSTS);
20624 CLOSE (CLIENT_CREATE_OVERRIDE, NEW_SEVERITY);
20625 CLOSE (CLIENT_CREATE_OVERRIDE, NEW_THREAT);
20626 CLOSE (CLIENT_CREATE_OVERRIDE, NVT);
20627 CLOSE (CLIENT_CREATE_OVERRIDE, PORT);
20628 CLOSE (CLIENT_CREATE_OVERRIDE, SEVERITY);
20629 CLOSE (CLIENT_CREATE_OVERRIDE, RESULT);
20630 CLOSE (CLIENT_CREATE_OVERRIDE, TASK);
20631 CLOSE (CLIENT_CREATE_OVERRIDE, TEXT);
20632 CLOSE (CLIENT_CREATE_OVERRIDE, THREAT);
20633
20634 case CLIENT_CREATE_PERMISSION:
20635 {
20636 permission_t new_permission;
20637
20638 if (create_permission_data->copy)
20639 switch (copy_permission (create_permission_data->comment,
20640 create_permission_data->copy,
20641 &new_permission))
20642 {
20643 case 0:
20644 {
20645 char *uuid;
20646 uuid = permission_uuid (new_permission);
20647 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_permission"),
20648 uuid);
20649 log_event ("permission", "Permission", uuid, "created");
20650 free (uuid);
20651 break;
20652 }
20653 case 1:
20654 SEND_TO_CLIENT_OR_FAIL
20655 (XML_ERROR_SYNTAX ("create_permission",
20656 "Permission exists already"));
20657 log_event_fail ("permission", "Permission", NULL, "created");
20658 break;
20659 case 2:
20660 if (send_find_error_to_client ("create_permission",
20661 "permission",
20662 create_permission_data->copy,
20663 gmp_parser))
20664 {
20665 error_send_to_client (error);
20666 return;
20667 }
20668 log_event_fail ("permission", "Permission", NULL, "created");
20669 break;
20670 case 99:
20671 SEND_TO_CLIENT_OR_FAIL
20672 (XML_ERROR_SYNTAX ("create_permission",
20673 "Permission denied"));
20674 log_event_fail ("permission", "Permission", NULL, "created");
20675 break;
20676 case -1:
20677 default:
20678 SEND_TO_CLIENT_OR_FAIL
20679 (XML_INTERNAL_ERROR ("create_permission"));
20680 log_event_fail ("permission", "Permission", NULL, "created");
20681 break;
20682 }
20683 else if (create_permission_data->name == NULL)
20684 SEND_TO_CLIENT_OR_FAIL
20685 (XML_ERROR_SYNTAX ("create_permission",
20686 "A NAME is required"));
20687 else if (strlen (create_permission_data->name) == 0)
20688 SEND_TO_CLIENT_OR_FAIL
20689 (XML_ERROR_SYNTAX ("create_permission",
20690 "Name must be at"
20691 " least one character long"));
20692 else switch (create_permission
20693 (create_permission_data->name,
20694 create_permission_data->comment,
20695 create_permission_data->resource_type,
20696 create_permission_data->resource_id,
20697 create_permission_data->subject_type,
20698 create_permission_data->subject_id,
20699 &new_permission))
20700 {
20701 case 0:
20702 {
20703 char *uuid = permission_uuid (new_permission);
20704 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID
20705 ("create_permission"),
20706 uuid);
20707 log_event ("permission", "Permission", uuid, "created");
20708 free (uuid);
20709 break;
20710 }
20711 case 2:
20712 if (send_find_error_to_client
20713 ("create_permission", "subject",
20714 create_permission_data->subject_id, gmp_parser))
20715 {
20716 error_send_to_client (error);
20717 return;
20718 }
20719 log_event_fail ("permission", "Permission", NULL, "created");
20720 break;
20721 case 3:
20722 if (send_find_error_to_client
20723 ("create_permission", "resource",
20724 create_permission_data->resource_id, gmp_parser))
20725 {
20726 error_send_to_client (error);
20727 return;
20728 }
20729 log_event_fail ("permission", "Permission", NULL, "created");
20730 break;
20731 case 5:
20732 SEND_TO_CLIENT_OR_FAIL
20733 (XML_ERROR_SYNTAX ("create_permission",
20734 "Error in RESOURCE"));
20735 log_event_fail ("permission", "Permission", NULL, "created");
20736 break;
20737 case 6:
20738 SEND_TO_CLIENT_OR_FAIL
20739 (XML_ERROR_SYNTAX ("create_permission",
20740 "Error in SUBJECT"));
20741 log_event_fail ("permission", "Permission", NULL, "created");
20742 break;
20743 case 7:
20744 SEND_TO_CLIENT_OR_FAIL
20745 (XML_ERROR_SYNTAX ("create_permission",
20746 "Error in NAME"));
20747 log_event_fail ("permission", "Permission", NULL, "created");
20748 break;
20749 case 8:
20750 SEND_TO_CLIENT_OR_FAIL
20751 (XML_ERROR_SYNTAX ("create_permission",
20752 "Attempt to create permission on"
20753 " permission"));
20754 log_event_fail ("permission", "Permission", NULL, "created");
20755 break;
20756 case 9:
20757 SEND_TO_CLIENT_OR_FAIL
20758 (XML_ERROR_SYNTAX ("create_permission",
20759 "Permission does not accept a resource"));
20760 log_event_fail ("permission", "Permission", NULL, "created");
20761 break;
20762 case 99:
20763 SEND_TO_CLIENT_OR_FAIL
20764 (XML_ERROR_SYNTAX ("create_permission",
20765 "Permission denied"));
20766 log_event_fail ("permission", "Permission", NULL, "created");
20767 break;
20768 case -1:
20769 default:
20770 SEND_TO_CLIENT_OR_FAIL
20771 (XML_INTERNAL_ERROR ("create_permission"));
20772 log_event_fail ("permission", "Permission", NULL, "created");
20773 break;
20774 }
20775
20776 create_permission_data_reset (create_permission_data);
20777 set_client_state (CLIENT_AUTHENTIC);
20778 break;
20779 }
20780 CLOSE (CLIENT_CREATE_PERMISSION, COMMENT);
20781 CLOSE (CLIENT_CREATE_PERMISSION, COPY);
20782 CLOSE (CLIENT_CREATE_PERMISSION, NAME);
20783 CLOSE (CLIENT_CREATE_PERMISSION, RESOURCE);
20784 CLOSE (CLIENT_CREATE_PERMISSION_RESOURCE, TYPE);
20785 CLOSE (CLIENT_CREATE_PERMISSION, SUBJECT);
20786 CLOSE (CLIENT_CREATE_PERMISSION_SUBJECT, TYPE);
20787
20788 case CLIENT_CREATE_PORT_LIST:
20789 if (create_port_list_element_end (gmp_parser, error, element_name))
20790 set_client_state (CLIENT_AUTHENTIC);
20791 break;
20792
20793 case CLIENT_CREATE_PORT_RANGE:
20794 {
20795 port_range_t new_port_range;
20796
20797 if (create_port_range_data->start == NULL
20798 || create_port_range_data->end == NULL
20799 || create_port_range_data->port_list_id == NULL)
20800 SEND_TO_CLIENT_OR_FAIL
20801 (XML_ERROR_SYNTAX ("create_port_range",
20802 "A START, END and"
20803 " PORT_LIST ID are required"));
20804 else switch (create_port_range
20805 (create_port_range_data->port_list_id,
20806 create_port_range_data->type,
20807 create_port_range_data->start,
20808 create_port_range_data->end,
20809 create_port_range_data->comment,
20810 &new_port_range))
20811 {
20812 case 1:
20813 SEND_TO_CLIENT_OR_FAIL
20814 (XML_ERROR_SYNTAX ("create_port_range",
20815 "Port range START must be a number"
20816 " 1-65535"));
20817 log_event_fail ("port_range", "Port Range", NULL, "created");
20818 break;
20819 case 2:
20820 SEND_TO_CLIENT_OR_FAIL
20821 (XML_ERROR_SYNTAX ("create_port_range",
20822 "Port range END must be a number"
20823 " 1-65535"));
20824 log_event_fail ("port_range", "Port Range", NULL, "created");
20825 break;
20826 case 3:
20827 if (send_find_error_to_client
20828 ("create_port_range", "port_range",
20829 create_port_range_data->port_list_id, gmp_parser))
20830 {
20831 error_send_to_client (error);
20832 return;
20833 }
20834 log_event_fail ("port_range", "Port Range", NULL, "created");
20835 break;
20836 case 4:
20837 SEND_TO_CLIENT_OR_FAIL
20838 (XML_ERROR_SYNTAX ("create_port_range",
20839 "Port range TYPE must be TCP or UDP"));
20840 log_event_fail ("port_range", "Port Range", NULL, "created");
20841 break;
20842 case 5:
20843 SEND_TO_CLIENT_OR_FAIL
20844 (XML_ERROR_SYNTAX ("create_port_range",
20845 "Port list is in use"));
20846 break;
20847 case 6:
20848 SEND_TO_CLIENT_OR_FAIL
20849 (XML_ERROR_SYNTAX ("create_port_range",
20850 "New range overlaps an existing"
20851 " range"));
20852 break;
20853 case 99:
20854 SEND_TO_CLIENT_OR_FAIL
20855 (XML_ERROR_SYNTAX ("create_port_range",
20856 "Permission denied"));
20857 break;
20858 case -1:
20859 SEND_TO_CLIENT_OR_FAIL
20860 (XML_INTERNAL_ERROR ("create_port_range"));
20861 log_event_fail ("port_range", "Port Range", NULL, "created");
20862 break;
20863 default:
20864 {
20865 char *uuid;
20866 uuid = port_range_uuid (new_port_range);
20867 SENDF_TO_CLIENT_OR_FAIL
20868 (XML_OK_CREATED_ID ("create_port_range"), uuid);
20869 log_event ("port_range", "Port range", uuid, "created");
20870 free (uuid);
20871 break;
20872 }
20873 }
20874
20875 create_port_range_data_reset (create_port_range_data);
20876 set_client_state (CLIENT_AUTHENTIC);
20877 break;
20878 }
20879 CLOSE (CLIENT_CREATE_PORT_RANGE, COMMENT);
20880 CLOSE (CLIENT_CREATE_PORT_RANGE, END);
20881 CLOSE (CLIENT_CREATE_PORT_RANGE, START);
20882 CLOSE (CLIENT_CREATE_PORT_RANGE, TYPE);
20883 CLOSE (CLIENT_CREATE_PORT_RANGE, PORT_LIST);
20884
20885 case CLIENT_CREATE_REPORT:
20886 {
20887 char *uuid;
20888
20889 array_terminate (create_report_data->results);
20890 array_terminate (create_report_data->host_ends);
20891 array_terminate (create_report_data->host_starts);
20892 array_terminate (create_report_data->details);
20893
20894 if (create_report_data->results == NULL)
20895 SEND_TO_CLIENT_OR_FAIL
20896 (XML_ERROR_SYNTAX ("create_report",
20897 "A REPORT element is required"));
20898 else if (create_report_data->type
20899 && strcmp (create_report_data->type, "scan"))
20900 SEND_TO_CLIENT_OR_FAIL
20901 (XML_ERROR_SYNTAX ("create_report",
20902 "Type must be 'scan'"));
20903 else switch (create_report
20904 (create_report_data->results,
20905 create_report_data->task_id,
20906 create_report_data->in_assets,
20907 create_report_data->scan_start,
20908 create_report_data->scan_end,
20909 create_report_data->host_starts,
20910 create_report_data->host_ends,
20911 create_report_data->details,
20912 &uuid))
20913 {
20914 case 99:
20915 SEND_TO_CLIENT_OR_FAIL
20916 (XML_ERROR_SYNTAX ("create_report",
20917 "Permission denied"));
20918 log_event_fail ("report", "Report", NULL, "created");
20919 break;
20920 case -1:
20921 case -2:
20922 SEND_TO_CLIENT_OR_FAIL
20923 (XML_INTERNAL_ERROR ("create_report"));
20924 log_event_fail ("report", "Report", NULL, "created");
20925 break;
20926 case -3:
20927 SEND_TO_CLIENT_OR_FAIL
20928 (XML_ERROR_SYNTAX ("create_report",
20929 "A TASK id attribute is required"));
20930 log_event_fail ("report", "Report", NULL, "created");
20931 break;
20932 case -4:
20933 log_event_fail ("report", "Report", NULL, "created");
20934 if (send_find_error_to_client
20935 ("create_report", "task",
20936 create_report_data->task_id, gmp_parser))
20937 {
20938 error_send_to_client (error);
20939 return;
20940 }
20941 break;
20942 case -5:
20943 SEND_TO_CLIENT_OR_FAIL
20944 (XML_ERROR_SYNTAX ("create_report",
20945 "TASK must be a container"));
20946 log_event_fail ("report", "Report", NULL, "created");
20947 break;
20948 case -6:
20949 SEND_TO_CLIENT_OR_FAIL
20950 (XML_ERROR_SYNTAX ("create_report",
20951 "Permission to add to Assets denied"));
20952 log_event_fail ("report", "Report", NULL, "created");
20953 break;
20954 default:
20955 {
20956 SENDF_TO_CLIENT_OR_FAIL
20957 (XML_OK_CREATED_ID ("create_report"),
20958 uuid);
20959 log_event ("report", "Report", uuid, "created");
20960 free (uuid);
20961 break;
20962 }
20963 }
20964
20965 create_report_data_reset (create_report_data);
20966 set_client_state (CLIENT_AUTHENTIC);
20967 break;
20968 }
20969 CLOSE (CLIENT_CREATE_REPORT, IN_ASSETS);
20970 CLOSE (CLIENT_CREATE_REPORT, REPORT);
20971 case CLIENT_CREATE_REPORT_RR:
20972 if (create_report_data->wrapper)
20973 set_client_state (CLIENT_CREATE_REPORT_REPORT);
20974 else
20975 set_client_state (CLIENT_CREATE_REPORT);
20976 break;
20977
20978 CLOSE (CLIENT_CREATE_REPORT_RR, ERRORS);
20979 case CLIENT_CREATE_REPORT_RR_ERRORS_ERROR:
20980 {
20981 if (create_report_data->result_severity == NULL)
20982 {
20983 create_report_data->result_severity = strdup ("-3.0");
20984 }
20985 if (create_report_data->result_threat == NULL)
20986 {
20987 create_report_data->result_threat = strdup ("Error");
20988 }
20989 gmp_xml_handle_result();
20990 set_client_state (CLIENT_CREATE_REPORT_RR_ERRORS);
20991 break;
20992 }
20993 CLOSE (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR, DESCRIPTION);
20994 CLOSE (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR, HOST);
20995 CLOSE (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_HOST, ASSET);
20996 CLOSE (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_HOST, HOSTNAME);
20997 CLOSE (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR, NVT);
20998 CLOSE (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR, PORT);
20999 CLOSE (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR, SCAN_NVT_VERSION);
21000 CLOSE (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR, SEVERITY);
21001
21002 CLOSE (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_NVT, CVSS_BASE);
21003 CLOSE (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_NVT, NAME);
21004
21005 case CLIENT_CREATE_REPORT_RR_HOST_END:
21006 if (create_report_data->host_end_host)
21007 {
21008 create_report_result_t *result;
21009
21010 assert (create_report_data->host_ends);
21011 assert (create_report_data->host_end_host);
21012
21013 result = g_malloc (sizeof (create_report_result_t));
21014 result->description = create_report_data->host_end;
21015 result->host = create_report_data->host_end_host;
21016
21017 array_add (create_report_data->host_ends, result);
21018
21019 create_report_data->host_end = NULL;
21020 create_report_data->host_end_host = NULL;
21021 }
21022 else
21023 gvm_free_string_var (&create_report_data->host_end);
21024
21025 set_client_state (CLIENT_CREATE_REPORT_RR);
21026 break;
21027 case CLIENT_CREATE_REPORT_RR_HOST_START:
21028 if (create_report_data->host_start_host)
21029 {
21030 create_report_result_t *result;
21031
21032 assert (create_report_data->host_starts);
21033 assert (create_report_data->host_start);
21034 assert (create_report_data->host_start_host);
21035
21036 result = g_malloc (sizeof (create_report_result_t));
21037 result->description = create_report_data->host_start;
21038 result->host = create_report_data->host_start_host;
21039
21040 array_add (create_report_data->host_starts, result);
21041
21042 create_report_data->host_start = NULL;
21043 create_report_data->host_start_host = NULL;
21044 }
21045 else
21046 gvm_free_string_var (&create_report_data->host_start);
21047
21048 set_client_state (CLIENT_CREATE_REPORT_RR);
21049 break;
21050 CLOSE (CLIENT_CREATE_REPORT_RR, RESULTS);
21051 CLOSE (CLIENT_CREATE_REPORT_RR, SCAN_END);
21052 CLOSE (CLIENT_CREATE_REPORT_RR, SCAN_START);
21053
21054 CLOSE (CLIENT_CREATE_REPORT_RR_HOST_END, HOST);
21055 CLOSE (CLIENT_CREATE_REPORT_RR_HOST_START, HOST);
21056
21057 case CLIENT_CREATE_REPORT_RR_H:
21058 {
21059 if (create_report_data->host_start)
21060 {
21061 create_report_result_t *result;
21062
21063 result = g_malloc (sizeof (create_report_result_t));
21064 result->description = create_report_data->host_start;
21065 result->host = strdup (create_report_data->ip);
21066
21067 array_add (create_report_data->host_starts, result);
21068
21069 create_report_data->host_start = NULL;
21070 }
21071
21072 if (create_report_data->host_end)
21073 {
21074 create_report_result_t *result;
21075
21076 result = g_malloc (sizeof (create_report_result_t));
21077 result->description = create_report_data->host_end;
21078 result->host = strdup (create_report_data->ip);
21079
21080 array_add (create_report_data->host_ends, result);
21081
21082 create_report_data->host_end = NULL;
21083 }
21084
21085 gvm_free_string_var (&create_report_data->ip);
21086 set_client_state (CLIENT_CREATE_REPORT_RR);
21087 break;
21088 }
21089
21090 CLOSE (CLIENT_CREATE_REPORT_RR_H, IP);
21091 CLOSE (CLIENT_CREATE_REPORT_RR_H, START);
21092 CLOSE (CLIENT_CREATE_REPORT_RR_H, END);
21093
21094 case CLIENT_CREATE_REPORT_RR_H_DETAIL:
21095 {
21096 assert (create_report_data->details);
21097
21098 if (create_report_data->ip)
21099 {
21100 host_detail_t *detail;
21101
21102 detail = g_malloc (sizeof (host_detail_t));
21103 detail->ip = g_strdup (create_report_data->ip);
21104 detail->name = create_report_data->detail_name;
21105 detail->source_desc = create_report_data->detail_source_desc;
21106 detail->source_name = create_report_data->detail_source_name;
21107 detail->source_type = create_report_data->detail_source_type;
21108 detail->value = create_report_data->detail_value;
21109
21110 array_add (create_report_data->details, detail);
21111
21112 create_report_data->detail_name = NULL;
21113 create_report_data->detail_source_desc = NULL;
21114 create_report_data->detail_source_name = NULL;
21115 create_report_data->detail_source_type = NULL;
21116 create_report_data->detail_value = NULL;
21117 }
21118
21119 set_client_state (CLIENT_CREATE_REPORT_RR_H);
21120 break;
21121 }
21122
21123 CLOSE (CLIENT_CREATE_REPORT_RR_H_DETAIL, NAME);
21124 CLOSE (CLIENT_CREATE_REPORT_RR_H_DETAIL, VALUE);
21125 CLOSE (CLIENT_CREATE_REPORT_RR_H_DETAIL, SOURCE);
21126
21127 CLOSE (CLIENT_CREATE_REPORT_RR_H_DETAIL_SOURCE, TYPE);
21128 CLOSE (CLIENT_CREATE_REPORT_RR_H_DETAIL_SOURCE, NAME);
21129 case CLIENT_CREATE_REPORT_RR_H_DETAIL_SOURCE_DESC:
21130 set_client_state (CLIENT_CREATE_REPORT_RR_H_DETAIL_SOURCE);
21131 break;
21132
21133 case CLIENT_CREATE_REPORT_RR_RESULTS_RESULT:
21134 {
21135 gmp_xml_handle_result();
21136 set_client_state (CLIENT_CREATE_REPORT_RR_RESULTS);
21137 break;
21138 }
21139 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT, DESCRIPTION);
21140 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT, DETECTION);
21141 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION, RESULT);
21142 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION_RESULT, DETAILS);
21143 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION_RESULT_DETAILS, DETAIL);
21144 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION_RESULT_DETAILS_DETAIL, NAME);
21145 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION_RESULT_DETAILS_DETAIL, VALUE);
21146
21147 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT, HOST);
21148 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_HOST, ASSET);
21149 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_HOST, HOSTNAME);
21150 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT, NVT);
21151 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT, ORIGINAL_SEVERITY);
21152 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT, ORIGINAL_THREAT);
21153 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT, PORT);
21154 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT, QOD);
21155 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_QOD, TYPE);
21156 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_QOD, VALUE);
21157 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT, SCAN_NVT_VERSION);
21158 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT, SEVERITY);
21159 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT, THREAT);
21160
21161 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT, BID);
21162 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT, CVE);
21163 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT, CVSS_BASE);
21164 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT, FAMILY);
21165 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT, NAME);
21166 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT, XREF);
21167 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT, CERT);
21168
21169 CLOSE (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_NVT_CERT, CERT_REF);
21170
21171 CLOSE (CLIENT_CREATE_REPORT, TASK);
21172 CLOSE (CLIENT_CREATE_REPORT_TASK, COMMENT);
21173 CLOSE (CLIENT_CREATE_REPORT_TASK, NAME);
21174
21175 case CLIENT_CREATE_REPORT_FORMAT:
21176 if (create_report_format_element_end (gmp_parser, error, element_name))
21177 set_client_state (CLIENT_AUTHENTIC);
21178 break;
21179
21180 case CLIENT_CREATE_ROLE:
21181 {
21182 role_t new_role;
21183
21184 assert (create_role_data->users != NULL);
21185
21186 if (create_role_data->copy)
21187 switch (copy_role (create_role_data->name,
21188 create_role_data->comment,
21189 create_role_data->copy,
21190 &new_role))
21191 {
21192 case 0:
21193 {
21194 char *uuid;
21195 uuid = role_uuid (new_role);
21196 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_role"),
21197 uuid);
21198 log_event ("role", "Role", uuid, "created");
21199 free (uuid);
21200 break;
21201 }
21202 case 1:
21203 SEND_TO_CLIENT_OR_FAIL
21204 (XML_ERROR_SYNTAX ("create_role",
21205 "Role exists already"));
21206 log_event_fail ("role", "Role", NULL, "created");
21207 break;
21208 case 2:
21209 if (send_find_error_to_client ("create_role", "role",
21210 create_role_data->copy,
21211 gmp_parser))
21212 {
21213 error_send_to_client (error);
21214 return;
21215 }
21216 log_event_fail ("role", "Role", NULL, "created");
21217 break;
21218 case 4:
21219 SEND_TO_CLIENT_OR_FAIL
21220 (XML_ERROR_SYNTAX ("create_role",
21221 "Syntax error in role name"));
21222 log_event_fail ("role", "Role", NULL, "created");
21223 break;
21224 case 99:
21225 SEND_TO_CLIENT_OR_FAIL
21226 (XML_ERROR_SYNTAX ("create_role",
21227 "Permission denied"));
21228 log_event_fail ("role", "Role", NULL, "created");
21229 break;
21230 case -1:
21231 SEND_TO_CLIENT_OR_FAIL
21232 (XML_INTERNAL_ERROR ("create_role"));
21233 log_event_fail ("role", "Role", NULL, "created");
21234 break;
21235 }
21236 else if (create_role_data->name == NULL)
21237 SEND_TO_CLIENT_OR_FAIL
21238 (XML_ERROR_SYNTAX ("create_role",
21239 "A NAME is required"));
21240 else if (strlen (create_role_data->name) == 0)
21241 SEND_TO_CLIENT_OR_FAIL
21242 (XML_ERROR_SYNTAX ("create_role",
21243 "Name must be at"
21244 " least one character long"));
21245 else switch (create_role
21246 (create_role_data->name,
21247 create_role_data->comment,
21248 create_role_data->users,
21249 &new_role))
21250 {
21251 case 0:
21252 {
21253 char *uuid = role_uuid (new_role);
21254 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_role"),
21255 uuid);
21256 log_event ("role", "Role", NULL, "created");
21257 free (uuid);
21258 break;
21259 }
21260 case 1:
21261 SEND_TO_CLIENT_OR_FAIL
21262 (XML_ERROR_SYNTAX ("create_role",
21263 "Role exists already"));
21264 log_event_fail ("role", "Role", NULL, "created");
21265 break;
21266 case 2:
21267 SEND_TO_CLIENT_OR_FAIL
21268 (XML_ERROR_SYNTAX ("create_role",
21269 "Failed to find user"));
21270 log_event_fail ("role", "Role", NULL, "created");
21271 break;
21272 case 4:
21273 SEND_TO_CLIENT_OR_FAIL
21274 (XML_ERROR_SYNTAX ("create_role",
21275 "Error in user name"));
21276 log_event_fail ("group", "Group", NULL, "created");
21277 break;
21278 case 99:
21279 SEND_TO_CLIENT_OR_FAIL
21280 (XML_ERROR_SYNTAX ("create_role",
21281 "Permission denied"));
21282 log_event_fail ("role", "Role", NULL, "created");
21283 break;
21284 default:
21285 SEND_TO_CLIENT_OR_FAIL
21286 (XML_INTERNAL_ERROR ("create_role"));
21287 log_event_fail ("role", "Role", NULL, "created");
21288 break;
21289 }
21290
21291 create_role_data_reset (create_role_data);
21292 set_client_state (CLIENT_AUTHENTIC);
21293 break;
21294 }
21295 CLOSE (CLIENT_CREATE_ROLE, COMMENT);
21296 CLOSE (CLIENT_CREATE_ROLE, COPY);
21297 CLOSE (CLIENT_CREATE_ROLE, NAME);
21298 CLOSE (CLIENT_CREATE_ROLE, USERS);
21299
21300 case CLIENT_CREATE_SCANNER:
21301 handle_create_scanner (gmp_parser, error);
21302 break;
21303 CLOSE (CLIENT_CREATE_SCANNER, COMMENT);
21304 CLOSE (CLIENT_CREATE_SCANNER, COPY);
21305 CLOSE (CLIENT_CREATE_SCANNER, NAME);
21306 CLOSE (CLIENT_CREATE_SCANNER, HOST);
21307 CLOSE (CLIENT_CREATE_SCANNER, PORT);
21308 CLOSE (CLIENT_CREATE_SCANNER, TYPE);
21309 CLOSE (CLIENT_CREATE_SCANNER, CA_PUB);
21310 CLOSE (CLIENT_CREATE_SCANNER, CREDENTIAL);
21311
21312 case CLIENT_CREATE_SCHEDULE:
21313 {
21314 handle_create_schedule (gmp_parser, error);
21315 break;
21316 }
21317 CLOSE (CLIENT_CREATE_SCHEDULE, COMMENT);
21318 CLOSE (CLIENT_CREATE_SCHEDULE, COPY);
21319 CLOSE (CLIENT_CREATE_SCHEDULE, ICALENDAR);
21320 CLOSE (CLIENT_CREATE_SCHEDULE, NAME);
21321 CLOSE (CLIENT_CREATE_SCHEDULE, TIMEZONE);
21322
21323 case CLIENT_CREATE_TAG:
21324 {
21325 tag_t new_tag;
21326
21327 if (create_tag_data->resource_ids)
21328 array_terminate (create_tag_data->resource_ids);
21329
21330 if (create_tag_data->copy)
21331 switch (copy_tag (create_tag_data->name,
21332 create_tag_data->comment,
21333 create_tag_data->copy,
21334 &new_tag))
21335 {
21336 case 0:
21337 {
21338 char *uuid;
21339 uuid = tag_uuid (new_tag);
21340 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_tag"),
21341 uuid);
21342 log_event ("tag", "Tag", uuid, "created");
21343 free (uuid);
21344 break;
21345 }
21346 case 1:
21347 SEND_TO_CLIENT_OR_FAIL
21348 (XML_ERROR_SYNTAX ("create_tag",
21349 "Tag exists already"));
21350 log_event_fail ("tag", "Tag", NULL, "created");
21351 break;
21352 case 2:
21353 if (send_find_error_to_client ("create_tag", "tag",
21354 create_tag_data->copy,
21355 gmp_parser))
21356 {
21357 error_send_to_client (error);
21358 return;
21359 }
21360 log_event_fail ("tag", "Tag", NULL, "created");
21361 break;
21362 case 99:
21363 SEND_TO_CLIENT_OR_FAIL
21364 (XML_ERROR_SYNTAX ("create_tag",
21365 "Permission denied"));
21366 log_event_fail ("tag", "Tag", NULL, "created");
21367 break;
21368 case -1:
21369 default:
21370 SEND_TO_CLIENT_OR_FAIL
21371 (XML_INTERNAL_ERROR ("create_tag"));
21372 log_event_fail ("tag", "Tag", NULL, "created");
21373 break;
21374 }
21375 else if (create_tag_data->name == NULL)
21376 SEND_TO_CLIENT_OR_FAIL
21377 (XML_ERROR_SYNTAX ("create_tag",
21378 "A NAME element is required"));
21379 else if (strlen (create_tag_data->name) == 0)
21380 SEND_TO_CLIENT_OR_FAIL
21381 (XML_ERROR_SYNTAX ("create_tag",
21382 "Name must be"
21383 " at least one character long"));
21384 else if (create_tag_data->resource_ids == NULL)
21385 SEND_TO_CLIENT_OR_FAIL
21386 (XML_ERROR_SYNTAX ("create_tag",
21387 "A RESOURCES element with TYPE element"
21388 " is required"));
21389 else if (create_tag_data->resource_type == NULL)
21390 SEND_TO_CLIENT_OR_FAIL
21391 (XML_ERROR_SYNTAX ("create_tag",
21392 "RESOURCES requires"
21393 " a TYPE element"));
21394 else if (valid_db_resource_type (create_tag_data->resource_type)
21395 == 0)
21396 SEND_TO_CLIENT_OR_FAIL
21397 (XML_ERROR_SYNTAX ("create_tag",
21398 "TYPE in RESOURCES must be"
21399 " a valid resource type."));
21400 else if (strcasecmp (create_tag_data->resource_type, "tag") == 0)
21401 SEND_TO_CLIENT_OR_FAIL
21402 (XML_ERROR_SYNTAX ("create_tag",
21403 "TYPE in RESOURCES must not"
21404 " be 'tag'."));
21405 else
21406 {
21407 gchar *error_extra = NULL;
21408 switch (create_tag (create_tag_data->name,
21409 create_tag_data->comment,
21410 create_tag_data->value,
21411 create_tag_data->resource_type,
21412 create_tag_data->resource_ids,
21413 create_tag_data->resources_filter,
21414 create_tag_data->active,
21415 &new_tag, &error_extra))
21416 {
21417 case 0:
21418 {
21419 char *uuid;
21420 uuid = tag_uuid (new_tag);
21421 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_tag"),
21422 uuid);
21423 log_event ("tag", "Tag", uuid, "created");
21424 free (uuid);
21425 break;
21426 }
21427 case 1:
21428 if (send_find_error_to_client ("create_tag", "resource",
21429 error_extra,
21430 gmp_parser))
21431 {
21432 error_send_to_client (error);
21433 g_free (error_extra);
21434 return;
21435 }
21436 g_free (error_extra);
21437 log_event_fail ("tag", "Tag", NULL, "created");
21438 break;
21439 case 2:
21440 SEND_TO_CLIENT_OR_FAIL
21441 ("<create_tag_response"
21442 " status=\"" STATUS_ERROR_MISSING "\""
21443 " status_text=\"No resources found for filter\"/>");
21444 log_event_fail ("tag", "Tag", NULL, "created");
21445 break;
21446 case 3:
21447 SEND_TO_CLIENT_OR_FAIL
21448 (XML_ERROR_SYNTAX ("create_tag",
21449 "Too many resources selected"));
21450 log_event_fail ("tag", "Tag", NULL, "created");
21451 break;
21452 case 99:
21453 SEND_TO_CLIENT_OR_FAIL
21454 (XML_ERROR_SYNTAX ("create_tag",
21455 "Permission denied"));
21456 log_event_fail ("tag", "Tag", NULL, "created");
21457 break;
21458 case -1:
21459 SEND_TO_CLIENT_OR_FAIL
21460 (XML_INTERNAL_ERROR ("create_tag"));
21461 log_event_fail ("tag", "Tag", NULL, "created");
21462 break;
21463 }
21464 }
21465 g_debug ("trying reset");
21466 create_tag_data_reset (create_tag_data);
21467 g_debug ("trying set client state");
21468 set_client_state (CLIENT_AUTHENTIC);
21469
21470 break;
21471 }
21472
21473 CLOSE (CLIENT_CREATE_TAG, ACTIVE);
21474 CLOSE (CLIENT_CREATE_TAG, RESOURCES);
21475 CLOSE (CLIENT_CREATE_TAG, COPY);
21476 CLOSE (CLIENT_CREATE_TAG, COMMENT);
21477 CLOSE (CLIENT_CREATE_TAG, NAME);
21478 CLOSE (CLIENT_CREATE_TAG, VALUE);
21479
21480 CLOSE (CLIENT_CREATE_TAG_RESOURCES, TYPE);
21481 CLOSE (CLIENT_CREATE_TAG_RESOURCES, RESOURCE);
21482
21483 case CLIENT_CREATE_TARGET:
21484 {
21485 credential_t ssh_credential = 0, ssh_elevate_credential = 0;
21486 credential_t smb_credential = 0;
21487 credential_t esxi_credential = 0, snmp_credential = 0;
21488 target_t new_target;
21489
21490 if (create_target_data->copy)
21491 switch (copy_target (create_target_data->name,
21492 create_target_data->comment,
21493 create_target_data->copy,
21494 &new_target))
21495 {
21496 case 0:
21497 {
21498 char *uuid;
21499 uuid = target_uuid (new_target);
21500 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_target"),
21501 uuid);
21502 log_event ("target", "Target", uuid, "created");
21503 free (uuid);
21504 break;
21505 }
21506 case 1:
21507 SEND_TO_CLIENT_OR_FAIL
21508 (XML_ERROR_SYNTAX ("create_target",
21509 "Target exists already"));
21510 log_event_fail ("target", "Target", NULL, "created");
21511 break;
21512 case 2:
21513 if (send_find_error_to_client ("create_target", "target",
21514 create_target_data->copy,
21515 gmp_parser))
21516 {
21517 error_send_to_client (error);
21518 return;
21519 }
21520 log_event_fail ("target", "Target", NULL, "created");
21521 break;
21522 case 99:
21523 SEND_TO_CLIENT_OR_FAIL
21524 (XML_ERROR_SYNTAX ("create_target",
21525 "Permission denied"));
21526 log_event_fail ("target", "Target", NULL, "created");
21527 break;
21528 case -1:
21529 default:
21530 SEND_TO_CLIENT_OR_FAIL
21531 (XML_INTERNAL_ERROR ("create_target"));
21532 log_event_fail ("target", "Target", NULL, "created");
21533 break;
21534 }
21535 else if (create_target_data->name == NULL)
21536 SEND_TO_CLIENT_OR_FAIL
21537 (XML_ERROR_SYNTAX ("create_target",
21538 "A NAME is required"));
21539 else if (strlen (create_target_data->name) == 0)
21540 SEND_TO_CLIENT_OR_FAIL
21541 (XML_ERROR_SYNTAX ("create_target",
21542 "Name must be at"
21543 " least one character long"));
21544 else if (create_target_data->asset_hosts_filter == NULL
21545 && create_target_data->hosts == NULL)
21546 SEND_TO_CLIENT_OR_FAIL
21547 (XML_ERROR_SYNTAX ("create_target",
21548 "A host is required"));
21549 else if (create_target_data->asset_hosts_filter == NULL
21550 && strlen (create_target_data->hosts) == 0)
21551 /** @todo Legitimate to pass an empty hosts element? */
21552 SEND_TO_CLIENT_OR_FAIL
21553 (XML_ERROR_SYNTAX ("create_target",
21554 "Hosts must be at least one"
21555 " character long"));
21556 else if (create_target_data->ssh_credential_id
21557 && find_credential_with_permission
21558 (create_target_data->ssh_credential_id,
21559 &ssh_credential,
21560 "get_credentials"))
21561 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_target"));
21562 else if (create_target_data->ssh_credential_id == NULL
21563 && create_target_data->ssh_lsc_credential_id
21564 && find_credential_with_permission
21565 (create_target_data->ssh_lsc_credential_id,
21566 &ssh_credential,
21567 "get_credentials"))
21568 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_target"));
21569 else if ((create_target_data->ssh_credential_id
21570 || create_target_data->ssh_lsc_credential_id)
21571 && ssh_credential == 0)
21572 {
21573 if (send_find_error_to_client
21574 ("create_target", "Credential",
21575 create_target_data->ssh_credential_id
21576 ? create_target_data->ssh_credential_id
21577 : create_target_data->ssh_lsc_credential_id,
21578 gmp_parser))
21579 {
21580 error_send_to_client (error);
21581 return;
21582 }
21583 }
21584 else if (create_target_data->ssh_elevate_credential_id
21585 && find_credential_with_permission
21586 (create_target_data->ssh_elevate_credential_id,
21587 &ssh_elevate_credential,
21588 "get_credentials"))
21589 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_target"));
21590 else if (create_target_data->smb_credential_id
21591 && find_credential_with_permission
21592 (create_target_data->smb_credential_id,
21593 &smb_credential,
21594 "get_credentials"))
21595 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_target"));
21596 else if (create_target_data->smb_credential_id == NULL
21597 && create_target_data->smb_lsc_credential_id
21598 && find_credential_with_permission
21599 (create_target_data->smb_lsc_credential_id,
21600 &smb_credential,
21601 "get_credentials"))
21602 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_target"));
21603 else if ((create_target_data->smb_credential_id
21604 || create_target_data->smb_lsc_credential_id)
21605 && smb_credential == 0)
21606 {
21607 if (send_find_error_to_client
21608 ("create_target", "Credential",
21609 create_target_data->smb_credential_id
21610 ? create_target_data->smb_credential_id
21611 : create_target_data->smb_lsc_credential_id,
21612 gmp_parser))
21613 {
21614 error_send_to_client (error);
21615 return;
21616 }
21617 }
21618 else if (create_target_data->esxi_credential_id
21619 && find_credential_with_permission
21620 (create_target_data->esxi_credential_id,
21621 &esxi_credential,
21622 "get_credentials"))
21623 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_target"));
21624 else if (create_target_data->esxi_credential_id == NULL
21625 && create_target_data->esxi_lsc_credential_id
21626 && find_credential_with_permission
21627 (create_target_data->esxi_lsc_credential_id,
21628 &esxi_credential,
21629 "get_credentials"))
21630 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_target"));
21631 else if ((create_target_data->esxi_credential_id
21632 || create_target_data->esxi_lsc_credential_id)
21633 && esxi_credential == 0)
21634 {
21635 if (send_find_error_to_client
21636 ("create_target", "Credential",
21637 create_target_data->esxi_credential_id
21638 ? create_target_data->esxi_credential_id
21639 : create_target_data->esxi_lsc_credential_id,
21640 gmp_parser))
21641 {
21642 error_send_to_client (error);
21643 return;
21644 }
21645 }
21646 else if (create_target_data->snmp_credential_id
21647 && find_credential_with_permission
21648 (create_target_data->snmp_credential_id,
21649 &snmp_credential,
21650 "get_credentials"))
21651 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_target"));
21652 else if (create_target_data->snmp_credential_id
21653 && snmp_credential == 0)
21654 {
21655 if (send_find_error_to_client
21656 ("create_target", "Credential",
21657 create_target_data->snmp_credential_id,
21658 gmp_parser))
21659 {
21660 error_send_to_client (error);
21661 return;
21662 }
21663 }
21664 /* Create target from host string. */
21665 else switch (create_target
21666 (create_target_data->name,
21667 create_target_data->asset_hosts_filter,
21668 create_target_data->hosts,
21669 create_target_data->exclude_hosts,
21670 create_target_data->comment,
21671 create_target_data->port_list_id,
21672 create_target_data->port_range,
21673 ssh_credential,
21674 ssh_elevate_credential,
21675 create_target_data->ssh_credential_id
21676 ? create_target_data->ssh_port
21677 : create_target_data->ssh_lsc_port,
21678 smb_credential,
21679 esxi_credential,
21680 snmp_credential,
21681 create_target_data->reverse_lookup_only,
21682 create_target_data->reverse_lookup_unify,
21683 create_target_data->alive_tests,
21684 create_target_data->allow_simultaneous_ips,
21685 &new_target))
21686 {
21687 case 1:
21688 SEND_TO_CLIENT_OR_FAIL
21689 (XML_ERROR_SYNTAX ("create_target",
21690 "Target exists already"));
21691 log_event_fail ("target", "Target", NULL, "created");
21692 break;
21693 case 2:
21694 SEND_TO_CLIENT_OR_FAIL
21695 (XML_ERROR_SYNTAX ("create_target",
21696 "Error in host specification"));
21697 log_event_fail ("target", "Target", NULL, "created");
21698 break;
21699 case 3:
21700 SEND_TO_CLIENT_OR_FAIL
21701 (XML_ERROR_SYNTAX ("create_target",
21702 "Host specification exceeds maximum number"
21703 " of hosts"));
21704 log_event_fail ("target", "Target", NULL, "created");
21705 break;
21706 case 4:
21707 SEND_TO_CLIENT_OR_FAIL
21708 (XML_ERROR_SYNTAX ("create_target",
21709 "Error in port range"));
21710 log_event_fail ("target", "Target", NULL, "created");
21711 break;
21712 case 5:
21713 SEND_TO_CLIENT_OR_FAIL
21714 (XML_ERROR_SYNTAX ("create_target",
21715 "Error in SSH port"));
21716 log_event_fail ("target", "Target", NULL, "created");
21717 break;
21718 case 6:
21719 log_event_fail ("target", "Target", NULL, "created");
21720 if (send_find_error_to_client
21721 ("create_target", "port_list",
21722 create_target_data->port_list_id, gmp_parser))
21723 {
21724 error_send_to_client (error);
21725 return;
21726 }
21727 break;
21728 case 7:
21729 SEND_TO_CLIENT_OR_FAIL
21730 (XML_ERROR_SYNTAX ("create_target",
21731 "Error in alive test"));
21732 log_event_fail ("target", "Target", NULL, "created");
21733 break;
21734 case 8:
21735 SEND_TO_CLIENT_OR_FAIL
21736 (XML_ERROR_SYNTAX ("create_target",
21737 "SSH credential must be of type"
21738 " 'up' or 'usk'"));
21739 log_event_fail ("target", "Target", NULL, "created");
21740 break;
21741 case 9:
21742 SEND_TO_CLIENT_OR_FAIL
21743 (XML_ERROR_SYNTAX ("create_target",
21744 "ELEVATE credential must be of type"
21745 " 'up'"));
21746 log_event_fail ("target", "Target", NULL, "created");
21747 break;
21748 case 10:
21749 SEND_TO_CLIENT_OR_FAIL
21750 (XML_ERROR_SYNTAX ("create_target",
21751 "SMB credential must be of type"
21752 " 'up'"));
21753 log_event_fail ("target", "Target", NULL, "created");
21754 break;
21755 case 11:
21756 SEND_TO_CLIENT_OR_FAIL
21757 (XML_ERROR_SYNTAX ("create_target",
21758 "ESXi credential must be of type"
21759 " 'up'"));
21760 log_event_fail ("target", "Target", NULL, "created");
21761 break;
21762 case 12:
21763 SEND_TO_CLIENT_OR_FAIL
21764 (XML_ERROR_SYNTAX ("create_target",
21765 "SNMP credential must be of type"
21766 " 'snmp'"));
21767 log_event_fail ("target", "Target", NULL, "created");
21768 break;
21769 case 13:
21770 SEND_TO_CLIENT_OR_FAIL
21771 (XML_ERROR_SYNTAX ("create_target",
21772 "One of PORT_LIST and PORT_RANGE are"
21773 " required"));
21774 log_event_fail ("target", "Target", NULL, "created");
21775 break;
21776 case 14:
21777 SEND_TO_CLIENT_OR_FAIL
21778 (XML_ERROR_SYNTAX ("create_target",
21779 "The elevate credential requires"
21780 " an SSH credential"));
21781 log_event_fail ("target", "Target", NULL, "created");
21782 break;
21783 case 15:
21784 SEND_TO_CLIENT_OR_FAIL
21785 (XML_ERROR_SYNTAX ("create_target",
21786 "The elevate credential must be"
21787 " different from the SSH credential"));
21788 log_event_fail ("target", "Target", NULL, "created");
21789 break;
21790 case 99:
21791 SEND_TO_CLIENT_OR_FAIL
21792 (XML_ERROR_SYNTAX ("create_target",
21793 "Permission denied"));
21794 log_event_fail ("target", "Target", NULL, "created");
21795 break;
21796 case -1:
21797 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_target"));
21798 log_event_fail ("target", "Target", NULL, "created");
21799 break;
21800 default:
21801 {
21802 char *uuid = target_uuid (new_target);
21803 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_target"),
21804 uuid);
21805 log_event ("target", "Target", uuid, "created");
21806 free (uuid);
21807 break;
21808 }
21809 }
21810
21811 create_target_data_reset (create_target_data);
21812 set_client_state (CLIENT_AUTHENTIC);
21813 break;
21814 }
21815 CLOSE (CLIENT_CREATE_TARGET, ASSET_HOSTS);
21816 CLOSE (CLIENT_CREATE_TARGET, COMMENT);
21817 CLOSE (CLIENT_CREATE_TARGET, ESXI_CREDENTIAL);
21818 CLOSE (CLIENT_CREATE_TARGET, ESXI_LSC_CREDENTIAL);
21819 CLOSE (CLIENT_CREATE_TARGET, EXCLUDE_HOSTS);
21820 CLOSE (CLIENT_CREATE_TARGET, REVERSE_LOOKUP_ONLY);
21821 CLOSE (CLIENT_CREATE_TARGET, REVERSE_LOOKUP_UNIFY);
21822 CLOSE (CLIENT_CREATE_TARGET, ALIVE_TESTS);
21823 CLOSE (CLIENT_CREATE_TARGET, ALLOW_SIMULTANEOUS_IPS);
21824 CLOSE (CLIENT_CREATE_TARGET, COPY);
21825 CLOSE (CLIENT_CREATE_TARGET, HOSTS);
21826 CLOSE (CLIENT_CREATE_TARGET, NAME);
21827 CLOSE (CLIENT_CREATE_TARGET, PORT_LIST);
21828 CLOSE (CLIENT_CREATE_TARGET, PORT_RANGE);
21829 CLOSE (CLIENT_CREATE_TARGET, SSH_CREDENTIAL);
21830 CLOSE (CLIENT_CREATE_TARGET, SSH_LSC_CREDENTIAL);
21831 CLOSE (CLIENT_CREATE_TARGET, SSH_ELEVATE_CREDENTIAL);
21832 CLOSE (CLIENT_CREATE_TARGET, SMB_CREDENTIAL);
21833 CLOSE (CLIENT_CREATE_TARGET, SMB_LSC_CREDENTIAL);
21834 CLOSE (CLIENT_CREATE_TARGET, SNMP_CREDENTIAL);
21835
21836 CLOSE (CLIENT_CREATE_TARGET_SSH_CREDENTIAL, PORT);
21837
21838 CLOSE (CLIENT_CREATE_TARGET_SSH_LSC_CREDENTIAL, PORT);
21839
21840 case CLIENT_CREATE_TASK:
21841 {
21842 config_t config = 0;
21843 target_t target = 0;
21844 scanner_t scanner = 0;
21845 char *tsk_uuid = NULL;
21846 guint index;
21847
21848 /* @todo Buffer the entire task creation and pass everything to a
21849 * libmanage function, so that libmanage can do the locking
21850 * properly instead of exposing the task_t. Probably easier
21851 * after removing the option to create a task from an RC
21852 * file. */
21853
21854 assert (create_task_data->task != (task_t) 0);
21855
21856 /* The task already exists in the database at this point, so on
21857 * failure be sure to call request_delete_task to remove the
21858 * task. */
21859 /** @todo Any fail cases of the CLIENT_CREATE_TASK_* states must do
21860 * so too. */
21861
21862 if (create_task_data->copy)
21863 {
21864 int ret;
21865 gchar *name, *comment;
21866 task_t new_task;
21867 int alterable;
21868
21869 name = task_name (create_task_data->task);
21870 comment = task_comment (create_task_data->task);
21871
21872 if(create_task_data->alterable)
21873 alterable = strcmp (create_task_data->alterable, "0") ? 1 : 0;
21874 else
21875 alterable = -1;
21876
21877 ret = copy_task (name,
21878 comment,
21879 create_task_data->copy,
21880 alterable,
21881 &new_task);
21882
21883 g_free (name);
21884 g_free (comment);
21885 /* Remove the task that was created while parsing elements. */
21886 request_delete_task (&create_task_data->task);
21887 switch (ret)
21888 {
21889 case 0:
21890 {
21891 char *uuid;
21892 task_uuid (new_task, &uuid);
21893 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_task"),
21894 uuid);
21895 log_event ("task", "Task", uuid, "created");
21896 free (uuid);
21897 break;
21898 }
21899 case 1:
21900 SEND_TO_CLIENT_OR_FAIL
21901 (XML_ERROR_SYNTAX ("create_task",
21902 "Task exists already"));
21903 log_event_fail ("task", "Task", NULL, "created");
21904 break;
21905 case 2:
21906 if (send_find_error_to_client ("create_task", "task",
21907 create_task_data->copy,
21908 gmp_parser))
21909 {
21910 error_send_to_client (error);
21911 return;
21912 }
21913 log_event_fail ("task", "Task", NULL, "created");
21914 break;
21915 case 99:
21916 SEND_TO_CLIENT_OR_FAIL
21917 (XML_ERROR_SYNTAX ("create_task",
21918 "Permission denied"));
21919 log_event_fail ("task", "Task", NULL, "created");
21920 break;
21921 case -1:
21922 SEND_TO_CLIENT_OR_FAIL
21923 (XML_INTERNAL_ERROR ("create_task"));
21924 log_event_fail ("task", "Task", NULL, "created");
21925 break;
21926 }
21927 create_task_data_reset (create_task_data);
21928 set_client_state (CLIENT_AUTHENTIC);
21929 break;
21930 }
21931
21932 if (create_task_data->scanner_id == NULL)
21933 create_task_data->scanner_id = g_strdup (scanner_uuid_default ());
21934
21935 /* Check permissions. */
21936
21937 if (acl_user_may ("create_task") == 0)
21938 {
21939 SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX ("create_task",
21940 "Permission denied"));
21941 goto create_task_fail;
21942 }
21943
21944 /* Check and set name. */
21945
21946 if (create_task_data->name == NULL)
21947 {
21948 SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX ("create_task",
21949 "A NAME is required"));
21950 goto create_task_fail;
21951 }
21952 else
21953 set_task_name (create_task_data->task, create_task_data->name);
21954
21955 /* Get the task ID. */
21956
21957 if (task_uuid (create_task_data->task, &tsk_uuid))
21958 {
21959 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_task"));
21960 goto create_task_fail;
21961 }
21962
21963 /* Check for the right combination of target and config. */
21964
21965 if (create_task_data->target_id == NULL)
21966 {
21967 SEND_TO_CLIENT_OR_FAIL
21968 (XML_ERROR_SYNTAX ("create_task",
21969 "A target is required"));
21970 goto create_task_fail;
21971 }
21972
21973 if (strcmp (create_task_data->target_id, "0") == 0)
21974 {
21975 /* Container task. */
21976
21977 set_task_target (create_task_data->task, 0);
21978 set_task_usage_type (create_task_data->task,
21979 create_task_data->usage_type);
21980 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_task"),
21981 tsk_uuid);
21982 make_task_complete (create_task_data->task);
21983 log_event ("task", "Task", tsk_uuid, "created");
21984 g_free (tsk_uuid);
21985 create_task_data_reset (create_task_data);
21986 set_client_state (CLIENT_AUTHENTIC);
21987 break;
21988 }
21989
21990 if (create_task_data->config_id == NULL)
21991 {
21992 SEND_TO_CLIENT_OR_FAIL
21993 (XML_ERROR_SYNTAX ("create_task",
21994 "A config is required"));
21995 goto create_task_fail;
21996 }
21997
21998 /* Set any alert. */
21999
22000 assert (create_task_data->alerts);
22001 index = create_task_data->alerts->len;
22002 while (index--)
22003 {
22004 alert_t alert;
22005 gchar *alert_id;
22006
22007 alert_id = (gchar*) g_ptr_array_index (create_task_data->alerts,
22008 index);
22009 if (strcmp (alert_id, "0") == 0)
22010 continue;
22011 if (find_alert_with_permission (alert_id, &alert, "get_alerts"))
22012 {
22013 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_task"));
22014 goto create_task_fail;
22015 }
22016 if (alert == 0)
22017 {
22018 SEND_TO_CLIENT_OR_FAIL
22019 (XML_ERROR_SYNTAX ("create_task",
22020 "Alert must exist"));
22021 goto create_task_fail;
22022 }
22023 add_task_alert (create_task_data->task, alert);
22024 }
22025
22026 /* Set alterable state. */
22027
22028 if (create_task_data->alterable
22029 && strcmp (create_task_data->alterable, "0"))
22030 set_task_alterable (create_task_data->task, 1);
22031
22032 /* Set any schedule. */
22033
22034 if (create_task_data->schedule_id)
22035 {
22036 schedule_t schedule;
22037 int periods;
22038
22039 periods = create_task_data->schedule_periods
22040 ? atoi (create_task_data->schedule_periods)
22041 : 0;
22042 if (find_schedule_with_permission (create_task_data->schedule_id,
22043 &schedule,
22044 "get_schedules"))
22045 {
22046 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_task"));
22047 goto create_task_fail;
22048 }
22049 if (schedule == 0)
22050 {
22051 SEND_TO_CLIENT_OR_FAIL
22052 (XML_ERROR_SYNTAX ("create_task",
22053 "Schedule must exist"));
22054 goto create_task_fail;
22055 }
22056 /** @todo
22057 *
22058 * This is a contention hole. Some other process could remove
22059 * the schedule at this point. The variable "schedule" would
22060 * still refer to the removed schedule.
22061 *
22062 * This happens all over the place. Anywhere that a libmanage
22063 * client gets a reference to a resource, in fact.
22064 *
22065 * Possibly libmanage should lock the db whenever it hands out a
22066 * reference, and the client should call something to release
22067 * the lock when it's done.
22068 *
22069 * In many cases, like this one, the client could pass the UUID
22070 * directly to libmanage, instead of getting the reference. In
22071 * this case the client would then need something like
22072 * set_task_schedule_uuid.
22073 */
22074 set_task_schedule (create_task_data->task, schedule, periods);
22075 }
22076 else if (create_task_data->schedule_periods
22077 && strlen (create_task_data->schedule_periods))
22078 set_task_schedule_periods_id
22079 (create_task_data->task,
22080 atoi (create_task_data->schedule_periods));
22081
22082 /* Set any observers. */
22083
22084 if (create_task_data->observers)
22085 {
22086 int fail;
22087 fail = set_task_observers (create_task_data->task,
22088 create_task_data->observers);
22089 switch (fail)
22090 {
22091 case 0:
22092 break;
22093 case 1:
22094 case 2:
22095 SEND_TO_CLIENT_OR_FAIL
22096 (XML_ERROR_SYNTAX ("create_task",
22097 "User name error in observers"));
22098 goto create_task_fail;
22099 case -1:
22100 default:
22101 SEND_TO_CLIENT_OR_FAIL
22102 (XML_INTERNAL_ERROR ("create_task"));
22103 goto create_task_fail;
22104 }
22105 }
22106
22107 /* Set any observer groups. */
22108
22109 if (create_task_data->groups->len)
22110 {
22111 gchar *fail_group_id;
22112
22113 switch (set_task_groups (create_task_data->task,
22114 create_task_data->groups,
22115 &fail_group_id))
22116 {
22117 case 0:
22118 break;
22119 case 1:
22120 if (send_find_error_to_client
22121 ("create_task", "group", fail_group_id, gmp_parser))
22122 {
22123 error_send_to_client (error);
22124 return;
22125 }
22126 log_event_fail ("task", "Task", NULL, "created");
22127 goto create_task_fail;
22128 case -1:
22129 default:
22130 SEND_TO_CLIENT_OR_FAIL
22131 (XML_INTERNAL_ERROR ("create_task"));
22132 log_event_fail ("task", "Task", NULL, "created");
22133 goto create_task_fail;
22134 }
22135 }
22136
22137 if (find_scanner_with_permission (create_task_data->scanner_id,
22138 &scanner,
22139 "get_scanners"))
22140 {
22141 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_task"));
22142 goto create_task_fail;
22143 }
22144 if (create_task_data->scanner_id && scanner == 0)
22145 {
22146 if (send_find_error_to_client ("create_task", "scanner",
22147 create_task_data->scanner_id,
22148 gmp_parser))
22149 error_send_to_client (error);
22150 goto create_task_fail;
22151 }
22152 if ((scanner == 0) || (scanner_type (scanner) != SCANNER_TYPE_CVE))
22153 {
22154 if (find_config_with_permission (create_task_data->config_id,
22155 &config,
22156 "get_configs"))
22157 {
22158 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_task"));
22159 goto create_task_fail;
22160 }
22161 if (config == 0)
22162 {
22163 if (send_find_error_to_client ("create_task", "config",
22164 create_task_data->config_id,
22165 gmp_parser))
22166 error_send_to_client (error);
22167 goto create_task_fail;
22168 }
22169
22170 if (!create_task_check_config_scanner (config, scanner))
22171 {
22172 SEND_TO_CLIENT_OR_FAIL
22173 (XML_ERROR_SYNTAX ("create_task",
22174 "Scanner and config mismatched types."));
22175 goto create_task_fail;
22176 }
22177 }
22178 if (find_target_with_permission (create_task_data->target_id,
22179 &target,
22180 "get_targets"))
22181 {
22182 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_task"));
22183 goto create_task_fail;
22184 }
22185 if (target == 0)
22186 {
22187 if (send_find_error_to_client ("create_task", "target",
22188 create_task_data->target_id,
22189 gmp_parser))
22190 error_send_to_client (error);
22191 goto create_task_fail;
22192 }
22193
22194 set_task_config (create_task_data->task, config);
22195 set_task_target (create_task_data->task, target);
22196 set_task_scanner (create_task_data->task, scanner);
22197 set_task_hosts_ordering (create_task_data->task,
22198 create_task_data->hosts_ordering);
22199 set_task_usage_type (create_task_data->task,
22200 create_task_data->usage_type);
22201 if (create_task_data->preferences)
22202 switch (set_task_preferences (create_task_data->task,
22203 create_task_data->preferences))
22204 {
22205 case 0:
22206 break;
22207 case 1:
22208 SEND_TO_CLIENT_OR_FAIL
22209 (XML_ERROR_SYNTAX ("create_task",
22210 "Invalid auto_delete value"));
22211 goto create_task_fail;
22212 case 2:
22213 SENDF_TO_CLIENT_OR_FAIL
22214 (XML_ERROR_SYNTAX ("create_task",
22215 "Auto Delete count out of range"
22216 " (must be from %d to %d)"),
22217 AUTO_DELETE_KEEP_MIN, AUTO_DELETE_KEEP_MAX);
22218 goto create_task_fail;
22219 default:
22220 SEND_TO_CLIENT_OR_FAIL
22221 (XML_INTERNAL_ERROR ("create_task"));
22222 goto create_task_fail;
22223 }
22224
22225 /* Send success response. */
22226
22227 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_task"),
22228 tsk_uuid);
22229 make_task_complete (create_task_data->task);
22230 log_event ("task", "Task", tsk_uuid, "created");
22231 g_free (tsk_uuid);
22232 create_task_data_reset (create_task_data);
22233 set_client_state (CLIENT_AUTHENTIC);
22234 break;
22235
22236 create_task_fail:
22237 request_delete_task (&create_task_data->task);
22238 g_free (tsk_uuid);
22239 create_task_data_reset (create_task_data);
22240 set_client_state (CLIENT_AUTHENTIC);
22241 break;
22242 }
22243 CLOSE (CLIENT_CREATE_TASK, ALTERABLE);
22244 CLOSE (CLIENT_CREATE_TASK, COMMENT);
22245 CLOSE (CLIENT_CREATE_TASK, HOSTS_ORDERING);
22246 CLOSE (CLIENT_CREATE_TASK, SCANNER);
22247 CLOSE (CLIENT_CREATE_TASK, CONFIG);
22248 CLOSE (CLIENT_CREATE_TASK, COPY);
22249 CLOSE (CLIENT_CREATE_TASK, ALERT);
22250 CLOSE (CLIENT_CREATE_TASK, NAME);
22251 CLOSE (CLIENT_CREATE_TASK, OBSERVERS);
22252 CLOSE (CLIENT_CREATE_TASK, PREFERENCES);
22253 CLOSE (CLIENT_CREATE_TASK, TARGET);
22254 CLOSE (CLIENT_CREATE_TASK, USAGE_TYPE);
22255 CLOSE (CLIENT_CREATE_TASK, SCHEDULE);
22256 CLOSE (CLIENT_CREATE_TASK, SCHEDULE_PERIODS);
22257
22258 CLOSE (CLIENT_CREATE_TASK_OBSERVERS, GROUP);
22259
22260 case CLIENT_CREATE_TASK_PREFERENCES_PREFERENCE:
22261 array_add (create_task_data->preferences,
22262 create_task_data->preference);
22263 create_task_data->preference = NULL;
22264 set_client_state (CLIENT_CREATE_TASK_PREFERENCES);
22265 break;
22266 case CLIENT_CREATE_TASK_PREFERENCES_PREFERENCE_NAME:
22267 set_client_state (CLIENT_CREATE_TASK_PREFERENCES_PREFERENCE);
22268 break;
22269 CLOSE (CLIENT_CREATE_TASK_PREFERENCES_PREFERENCE, VALUE);
22270
22271 case CLIENT_CREATE_TICKET:
22272 if (create_ticket_element_end (gmp_parser, error, element_name))
22273 set_client_state (CLIENT_AUTHENTIC);
22274 break;
22275
22276 case CLIENT_CREATE_TLS_CERTIFICATE:
22277 if (create_tls_certificate_element_end (gmp_parser, error,
22278 element_name))
22279 set_client_state (CLIENT_AUTHENTIC);
22280 break;
22281
22282 case CLIENT_CREATE_USER:
22283 {
22284 gchar *errdesc;
22285 gchar *fail_group_id, *fail_role_id;
22286 user_t new_user;
22287
22288 errdesc = NULL;
22289 if (create_user_data->copy)
22290 switch (copy_user (create_user_data->name,
22291 NULL,
22292 create_user_data->copy,
22293 &new_user))
22294 {
22295 case 0:
22296 {
22297 char *uuid;
22298 uuid = user_uuid (new_user);
22299 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_user"),
22300 uuid);
22301 log_event ("user", "User", uuid, "created");
22302 free (uuid);
22303 break;
22304 }
22305 case 1:
22306 SEND_TO_CLIENT_OR_FAIL
22307 (XML_ERROR_SYNTAX ("create_user",
22308 "User exists already"));
22309 log_event_fail ("user", "User", NULL, "created");
22310 break;
22311 case 2:
22312 if (send_find_error_to_client ("create_user", "user",
22313 create_user_data->copy,
22314 gmp_parser))
22315 {
22316 error_send_to_client (error);
22317 return;
22318 }
22319 log_event_fail ("user", "User", NULL, "created");
22320 break;
22321 case 99:
22322 SEND_TO_CLIENT_OR_FAIL
22323 (XML_ERROR_SYNTAX ("create_user",
22324 "Permission denied"));
22325 log_event_fail ("user", "User", NULL, "created");
22326 break;
22327 case -1:
22328 default:
22329 SEND_TO_CLIENT_OR_FAIL
22330 (XML_INTERNAL_ERROR ("create_user"));
22331 log_event_fail ("user", "User", NULL, "created");
22332 break;
22333 }
22334 else if (create_user_data->name == NULL
22335 || strlen (create_user_data->name) == 0)
22336 SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX
22337 ("create_user",
22338 "A name is required"));
22339 else
22340 switch (create_user
22341 (create_user_data->name,
22342 create_user_data->password
22343 ? create_user_data->password : "",
22344 create_user_data->comment
22345 ? create_user_data->comment : "",
22346 create_user_data->hosts,
22347 create_user_data->hosts_allow,
22348 create_user_data->ifaces,
22349 create_user_data->ifaces_allow,
22350 create_user_data->sources,
22351 create_user_data->groups,
22352 &fail_group_id,
22353 create_user_data->roles,
22354 &fail_role_id,
22355 &errdesc,
22356 &new_user,
22357 1))
22358 {
22359 case 0:
22360 {
22361 char *uuid;
22362 uuid = user_uuid (new_user);
22363 SENDF_TO_CLIENT_OR_FAIL (XML_OK_CREATED_ID ("create_user"),
22364 uuid);
22365 log_event ("user", "User", create_user_data->name, "created");
22366 free (uuid);
22367 break;
22368 }
22369 case 1:
22370 if (send_find_error_to_client
22371 ("create_user", "group", fail_group_id, gmp_parser))
22372 {
22373 error_send_to_client (error);
22374 return;
22375 }
22376 log_event_fail ("user", "User", NULL, "created");
22377 break;
22378 case 2:
22379 if (send_find_error_to_client
22380 ("create_user", "role", fail_role_id, gmp_parser))
22381 {
22382 error_send_to_client (error);
22383 return;
22384 }
22385 log_event_fail ("user", "User", NULL, "created");
22386 break;
22387 case 3:
22388 SEND_TO_CLIENT_OR_FAIL
22389 (XML_ERROR_SYNTAX ("create_user",
22390 "Error in host specification"));
22391 log_event_fail ("user", "User", NULL, "created");
22392 break;
22393 case 99:
22394 SEND_TO_CLIENT_OR_FAIL
22395 (XML_ERROR_SYNTAX ("create_user",
22396 "Permission denied"));
22397 log_event_fail ("user", "User", NULL, "created");
22398 break;
22399 case -2:
22400 SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX
22401 ("create_user", "User already exists"));
22402 log_event_fail ("user", "User", NULL, "created");
22403 break;
22404 case -3:
22405 SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX
22406 ("create_user", "Error in SOURCE"));
22407 log_event_fail ("user", "User", NULL, "created");
22408 break;
22409 case -1:
22410 if (errdesc)
22411 {
22412 char *buf = make_xml_error_syntax ("create_user", errdesc);
22413 SEND_TO_CLIENT_OR_FAIL (buf);
22414 g_free (buf);
22415 break;
22416 }
22417 /* Fall through. */
22418 default:
22419 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_user"));
22420 log_event_fail ("user", "User", NULL, "created");
22421 break;
22422 }
22423 create_user_data_reset (create_user_data);
22424 set_client_state (CLIENT_AUTHENTIC);
22425 g_free (errdesc);
22426 break;
22427 }
22428 CLOSE (CLIENT_CREATE_USER, COMMENT);
22429 CLOSE (CLIENT_CREATE_USER, COPY);
22430 CLOSE (CLIENT_CREATE_USER, GROUPS);
22431 CLOSE (CLIENT_CREATE_USER_GROUPS, GROUP);
22432 CLOSE (CLIENT_CREATE_USER, HOSTS);
22433 CLOSE (CLIENT_CREATE_USER, IFACES);
22434 CLOSE (CLIENT_CREATE_USER, NAME);
22435 CLOSE (CLIENT_CREATE_USER, PASSWORD);
22436 CLOSE (CLIENT_CREATE_USER, ROLE);
22437 case CLIENT_CREATE_USER_SOURCES:
22438 array_terminate (create_user_data->sources);
22439 set_client_state (CLIENT_CREATE_USER);
22440 break;
22441 case CLIENT_CREATE_USER_SOURCES_SOURCE:
22442 if (create_user_data->current_source)
22443 array_add (create_user_data->sources,
22444 g_strdup (create_user_data->current_source));
22445 g_free (create_user_data->current_source);
22446 create_user_data->current_source = NULL;
22447 set_client_state (CLIENT_CREATE_USER_SOURCES);
22448 break;
22449
22450 case CLIENT_EMPTY_TRASHCAN:
22451 switch (manage_empty_trashcan ())
22452 {
22453 case 0:
22454 SEND_TO_CLIENT_OR_FAIL (XML_OK ("empty_trashcan"));
22455 log_event ("trashcan", "Trashcan", NULL, "emptied");
22456 break;
22457 case 99:
22458 SEND_TO_CLIENT_OR_FAIL
22459 (XML_ERROR_SYNTAX ("empty_trashcan",
22460 "Permission denied"));
22461 break;
22462 default: /* Programming error. */
22463 assert (0);
22464 case -1:
22465 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("empty_trashcan"));
22466 break;
22467 }
22468 set_client_state (CLIENT_AUTHENTIC);
22469 break;
22470
22471 case CLIENT_MODIFY_ALERT:
22472 {
22473 event_t event;
22474 alert_condition_t condition;
22475 alert_method_t method;
22476
22477 event = EVENT_ERROR;
22478 condition = ALERT_CONDITION_ERROR;
22479 method = ALERT_METHOD_ERROR;
22480
22481 array_terminate (modify_alert_data->event_data);
22482 array_terminate (modify_alert_data->condition_data);
22483 array_terminate (modify_alert_data->method_data);
22484
22485 if (strlen (modify_alert_data->event)
22486 && (event = event_from_name (modify_alert_data->event)) == 0)
22487 SEND_TO_CLIENT_OR_FAIL
22488 (XML_ERROR_SYNTAX ("modify_alert",
22489 "Failed to recognise event name"));
22490 else if (strlen (modify_alert_data->condition) &&
22491 (condition = alert_condition_from_name
22492 (modify_alert_data->condition))
22493 == 0)
22494 SEND_TO_CLIENT_OR_FAIL
22495 (XML_ERROR_SYNTAX ("modify_alert",
22496 "Failed to recognise condition name"));
22497 else if (strlen (modify_alert_data->method) &&
22498 (method = alert_method_from_name
22499 (modify_alert_data->method))
22500 == 0)
22501 SEND_TO_CLIENT_OR_FAIL
22502 (XML_ERROR_SYNTAX ("modify_alert",
22503 "Failed to recognise method name"));
22504 else switch (modify_alert
22505 (modify_alert_data->alert_id,
22506 modify_alert_data->name,
22507 modify_alert_data->comment,
22508 modify_alert_data->filter_id,
22509 modify_alert_data->active,
22510 event,
22511 modify_alert_data->event_data,
22512 condition,
22513 modify_alert_data->condition_data,
22514 method,
22515 modify_alert_data->method_data))
22516 {
22517 case 0:
22518 SENDF_TO_CLIENT_OR_FAIL (XML_OK ("modify_alert"));
22519 log_event ("alert", "Alert", modify_alert_data->alert_id,
22520 "modified");
22521 break;
22522 case 1:
22523 if (send_find_error_to_client ("modify_alert", "alert",
22524 modify_alert_data->alert_id,
22525 gmp_parser))
22526 {
22527 error_send_to_client (error);
22528 return;
22529 }
22530 log_event_fail ("alert", "Alert", modify_alert_data->alert_id,
22531 "modified");
22532 break;
22533 case 2:
22534 SEND_TO_CLIENT_OR_FAIL
22535 (XML_ERROR_SYNTAX ("modify_alert",
22536 "alert with new name exists already"));
22537 log_event_fail ("alert", "Alert", modify_alert_data->alert_id,
22538 "modified");
22539 break;
22540 case 3:
22541 SEND_TO_CLIENT_OR_FAIL
22542 (XML_ERROR_SYNTAX ("modify_alert",
22543 "An alert_id is required"));
22544 log_event_fail ("alert", "Alert", modify_alert_data->alert_id,
22545 "modified");
22546 break;
22547 case 4:
22548 if (send_find_error_to_client ("modify_alert", "filter",
22549 modify_alert_data->filter_id,
22550 gmp_parser))
22551 {
22552 error_send_to_client (error);
22553 return;
22554 }
22555 log_event_fail ("alert", "Alert", modify_alert_data->alert_id,
22556 "modified");
22557 break;
22558 case 5:
22559 SEND_TO_CLIENT_OR_FAIL
22560 (XML_ERROR_SYNTAX ("modify_alert",
22561 "Filter type must be result if"
22562 " specified"));
22563 log_event_fail ("alert", "Alert", modify_alert_data->alert_id,
22564 "modified");
22565 break;
22566 case 6:
22567 SEND_TO_CLIENT_OR_FAIL
22568 (XML_ERROR_SYNTAX ("modify_alert",
22569 "Validation of email address failed"));
22570 log_event_fail ("alert", "Alert", modify_alert_data->alert_id,
22571 "modified");
22572 break;
22573 case 7:
22574 SEND_TO_CLIENT_OR_FAIL
22575 (XML_ERROR_SYNTAX ("modify_alert",
22576 "Invalid or unexpected condition data"
22577 " name"));
22578 log_event_fail ("alert", "Alert", NULL, "modified");
22579 break;
22580 case 8:
22581 SEND_TO_CLIENT_OR_FAIL
22582 (XML_ERROR_SYNTAX ("modify_alert",
22583 "Syntax error in condition data"));
22584 log_event_fail ("alert", "Alert", NULL, "modified");
22585 break;
22586 case 9:
22587 SEND_TO_CLIENT_OR_FAIL
22588 (XML_ERROR_SYNTAX ("modify_alert",
22589 "Email subject too long"));
22590 log_event_fail ("alert", "Alert", NULL, "modified");
22591 break;
22592 case 10:
22593 SEND_TO_CLIENT_OR_FAIL
22594 (XML_ERROR_SYNTAX ("modify_alert",
22595 "Email message too long"));
22596 log_event_fail ("alert", "Alert", NULL, "modified");
22597 break;
22598 case 11:
22599 SEND_TO_CLIENT_OR_FAIL
22600 (XML_ERROR_SYNTAX ("modify_alert",
22601 "Failed to find filter for condition"));
22602 log_event_fail ("alert", "Alert", NULL, "modified");
22603 break;
22604 case 12:
22605 SEND_TO_CLIENT_OR_FAIL
22606 (XML_ERROR_SYNTAX ("modify_alert",
22607 "Error in Send host"));
22608 log_event_fail ("alert", "Alert", NULL, "modify");
22609 break;
22610 case 13:
22611 SEND_TO_CLIENT_OR_FAIL
22612 (XML_ERROR_SYNTAX ("modify_alert",
22613 "Error in Send port"));
22614 log_event_fail ("alert", "Alert", NULL, "modify");
22615 break;
22616 case 14:
22617 SEND_TO_CLIENT_OR_FAIL
22618 (XML_ERROR_SYNTAX ("modify_alert",
22619 "Failed to find report format for Send"
22620 " method"));
22621 log_event_fail ("alert", "Alert", NULL, "modify");
22622 break;
22623 case 15:
22624 SEND_TO_CLIENT_OR_FAIL
22625 (XML_ERROR_SYNTAX ("modify_alert",
22626 "Error in SCP host"));
22627 log_event_fail ("alert", "Alert", NULL, "modify");
22628 break;
22629 case 17:
22630 SEND_TO_CLIENT_OR_FAIL
22631 (XML_ERROR_SYNTAX ("modify_alert",
22632 "Failed to find report format for SCP"
22633 " method"));
22634 log_event_fail ("alert", "Alert", NULL, "modify");
22635 break;
22636 case 18:
22637 SEND_TO_CLIENT_OR_FAIL
22638 (XML_ERROR_SYNTAX ("modify_alert",
22639 "Error in SCP credential"));
22640 log_event_fail ("alert", "Alert", NULL, "modify");
22641 break;
22642 case 19:
22643 SEND_TO_CLIENT_OR_FAIL
22644 (XML_ERROR_SYNTAX ("modify_alert",
22645 "Error in SCP path"));
22646 log_event_fail ("alert", "Alert", NULL, "modify");
22647 break;
22648 case 20:
22649 SEND_TO_CLIENT_OR_FAIL
22650 (XML_ERROR_SYNTAX ("modify_alert",
22651 "Method does not match event type"));
22652 log_event_fail ("alert", "Alert", NULL, "modify");
22653 break;
22654 case 21:
22655 SEND_TO_CLIENT_OR_FAIL
22656 (XML_ERROR_SYNTAX ("modify_alert",
22657 "Condition does not match event type"));
22658 log_event_fail ("alert", "Alert", NULL, "modify");
22659 break;
22660 case 31:
22661 SEND_TO_CLIENT_OR_FAIL
22662 (XML_ERROR_SYNTAX ("modify_alert",
22663 "Unexpected event data name"));
22664 log_event_fail ("alert", "Alert", NULL, "modified");
22665 break;
22666 case 32:
22667 SEND_TO_CLIENT_OR_FAIL
22668 (XML_ERROR_SYNTAX ("modify_alert",
22669 "Syntax error in event data"));
22670 log_event_fail ("alert", "Alert", NULL, "modified");
22671 break;
22672 case 40:
22673 SEND_TO_CLIENT_OR_FAIL
22674 (XML_ERROR_SYNTAX ("modify_alert",
22675 "Error in SMB credential"));
22676 log_event_fail ("alert", "Alert", NULL, "modified");
22677 break;
22678 case 41:
22679 SEND_TO_CLIENT_OR_FAIL
22680 (XML_ERROR_SYNTAX ("modify_alert",
22681 "Error in SMB share path"));
22682 log_event_fail ("alert", "Alert", NULL, "modified");
22683 break;
22684 case 42:
22685 SEND_TO_CLIENT_OR_FAIL
22686 (XML_ERROR_SYNTAX ("modify_alert",
22687 "Error in SMB file path"));
22688 log_event_fail ("alert", "Alert", NULL, "modified");
22689 break;
22690 case 43:
22691 SEND_TO_CLIENT_OR_FAIL
22692 (XML_ERROR_SYNTAX ("modify_alert",
22693 "SMB file path must not contain"
22694 " any file or subdirectory ending in"
22695 " a dot (.)."));
22696 log_event_fail ("alert", "Alert", NULL, "modified");
22697 break;
22698 case 50:
22699 SEND_TO_CLIENT_OR_FAIL
22700 (XML_ERROR_SYNTAX ("create_alert",
22701 "Error in TippingPoint credential"));
22702 log_event_fail ("alert", "Alert", NULL, "created");
22703 break;
22704 case 51:
22705 SEND_TO_CLIENT_OR_FAIL
22706 (XML_ERROR_SYNTAX ("create_alert",
22707 "Error in TippingPoint hostname"));
22708 log_event_fail ("alert", "Alert", NULL, "created");
22709 break;
22710 case 52:
22711 SEND_TO_CLIENT_OR_FAIL
22712 (XML_ERROR_SYNTAX ("create_alert",
22713 "Error in TippingPoint TLS"
22714 " certificate"));
22715 log_event_fail ("alert", "Alert", NULL, "created");
22716 break;
22717 case 53:
22718 SEND_TO_CLIENT_OR_FAIL
22719 (XML_ERROR_SYNTAX ("create_alert",
22720 "TippingPoint TLS workaround must be"
22721 " set to 0 or 1"));
22722 log_event_fail ("alert", "Alert", NULL, "created");
22723 break;
22724 case 60:
22725 SEND_TO_CLIENT_OR_FAIL
22726 ("<create_alert_response"
22727 " status=\"" STATUS_ERROR_MISSING "\""
22728 " status_text=\"Recipient credential not found\"/>");
22729 log_event_fail ("alert", "Alert", NULL, "created");
22730 break;
22731 case 61:
22732 SEND_TO_CLIENT_OR_FAIL
22733 (XML_ERROR_SYNTAX ("create_alert",
22734 "Email recipient credential must have"
22735 " type 'pgp' or 'smime'"));
22736 log_event_fail ("alert", "Alert", NULL, "created");
22737 break;
22738 case 70:
22739 {
22740 SEND_TO_CLIENT_OR_FAIL
22741 ("<create_alert_response"
22742 " status=\"" STATUS_ERROR_MISSING "\""
22743 " status_text=\"Credential for vFire not found\"/>");
22744 log_event_fail ("alert", "Alert", NULL, "created");
22745 }
22746 break;
22747 case 71:
22748 SEND_TO_CLIENT_OR_FAIL
22749 (XML_ERROR_SYNTAX ("create_alert",
22750 "vFire credential must have"
22751 " type 'up'"));
22752 log_event_fail ("alert", "Alert", NULL, "created");
22753 break;
22754 case 80:
22755 {
22756 SEND_TO_CLIENT_OR_FAIL
22757 ("<create_alert_response"
22758 " status=\"" STATUS_ERROR_MISSING "\""
22759 " status_text=\"Credential for Sourcefire"
22760 " PKCS12 password not found\"/>");
22761 log_event_fail ("alert", "Alert", NULL, "modified");
22762 }
22763 break;
22764 case 81:
22765 SEND_TO_CLIENT_OR_FAIL
22766 (XML_ERROR_SYNTAX ("create_alert",
22767 "Sourcefire credential must have"
22768 " type 'up'"));
22769 log_event_fail ("alert", "Alert", NULL, "modified");
22770 break;
22771 case 99:
22772 SEND_TO_CLIENT_OR_FAIL
22773 (XML_ERROR_SYNTAX ("modify_alert",
22774 "Permission denied"));
22775 log_event_fail ("alert", "Alert", modify_alert_data->alert_id,
22776 "modified");
22777 break;
22778 default:
22779 case -1:
22780 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("modify_alert"));
22781 log_event_fail ("alert", "Alert", modify_alert_data->alert_id,
22782 "modified");
22783 break;
22784 }
22785
22786 modify_alert_data_reset (modify_alert_data);
22787 set_client_state (CLIENT_AUTHENTIC);
22788 break;
22789 }
22790 CLOSE (CLIENT_MODIFY_ALERT, COMMENT);
22791 CLOSE (CLIENT_MODIFY_ALERT, NAME);
22792 CLOSE (CLIENT_MODIFY_ALERT, FILTER);
22793 CLOSE (CLIENT_MODIFY_ALERT, ACTIVE);
22794 CLOSE (CLIENT_MODIFY_ALERT, EVENT);
22795 CLOSE (CLIENT_MODIFY_ALERT, CONDITION);
22796 CLOSE (CLIENT_MODIFY_ALERT, METHOD);
22797
22798 case CLIENT_MODIFY_ALERT_EVENT_DATA:
22799 {
22800 gchar *string;
22801
22802 assert (modify_alert_data->event_data);
22803 assert (modify_alert_data->part_data);
22804 assert (modify_alert_data->part_name);
22805
22806 string = g_strconcat (modify_alert_data->part_name,
22807 "0",
22808 modify_alert_data->part_data,
22809 NULL);
22810 string[strlen (modify_alert_data->part_name)] = '\0';
22811 array_add (modify_alert_data->event_data, string);
22812
22813 gvm_free_string_var (&modify_alert_data->part_data);
22814 gvm_free_string_var (&modify_alert_data->part_name);
22815 gvm_append_string (&modify_alert_data->part_data, "");
22816 gvm_append_string (&modify_alert_data->part_name, "");
22817 set_client_state (CLIENT_MODIFY_ALERT_EVENT);
22818 break;
22819 }
22820 CLOSE (CLIENT_MODIFY_ALERT_EVENT_DATA, NAME);
22821
22822 case CLIENT_MODIFY_ALERT_CONDITION_DATA:
22823 {
22824 gchar *string;
22825
22826 assert (modify_alert_data->condition_data);
22827 assert (modify_alert_data->part_data);
22828 assert (modify_alert_data->part_name);
22829
22830 string = g_strconcat (modify_alert_data->part_name,
22831 "0",
22832 modify_alert_data->part_data,
22833 NULL);
22834 string[strlen (modify_alert_data->part_name)] = '\0';
22835 array_add (modify_alert_data->condition_data, string);
22836
22837 gvm_free_string_var (&modify_alert_data->part_data);
22838 gvm_free_string_var (&modify_alert_data->part_name);
22839 gvm_append_string (&modify_alert_data->part_data, "");
22840 gvm_append_string (&modify_alert_data->part_name, "");
22841 set_client_state (CLIENT_MODIFY_ALERT_CONDITION);
22842 break;
22843 }
22844 CLOSE (CLIENT_MODIFY_ALERT_CONDITION_DATA, NAME);
22845
22846 case CLIENT_MODIFY_ALERT_METHOD_DATA:
22847 {
22848 gchar *string;
22849
22850 assert (modify_alert_data->method_data);
22851 assert (modify_alert_data->part_data);
22852 assert (modify_alert_data->part_name);
22853
22854 string = g_strconcat (modify_alert_data->part_name,
22855 "0",
22856 modify_alert_data->part_data,
22857 NULL);
22858 string[strlen (modify_alert_data->part_name)] = '\0';
22859 array_add (modify_alert_data->method_data, string);
22860
22861 gvm_free_string_var (&modify_alert_data->part_data);
22862 gvm_free_string_var (&modify_alert_data->part_name);
22863 gvm_append_string (&modify_alert_data->part_data, "");
22864 gvm_append_string (&modify_alert_data->part_name, "");
22865 set_client_state (CLIENT_MODIFY_ALERT_METHOD);
22866 break;
22867 }
22868 CLOSE (CLIENT_MODIFY_ALERT_METHOD_DATA, NAME);
22869
22870 case CLIENT_MODIFY_ASSET:
22871 {
22872 switch (modify_asset
22873 (modify_asset_data->asset_id,
22874 modify_asset_data->comment))
22875 {
22876 case 0:
22877 SENDF_TO_CLIENT_OR_FAIL (XML_OK ("modify_asset"));
22878 log_event ("asset", "Asset", modify_asset_data->asset_id,
22879 "modified");
22880 break;
22881 case 1:
22882 if (send_find_error_to_client ("modify_asset", "asset",
22883 modify_asset_data->asset_id,
22884 gmp_parser))
22885 {
22886 error_send_to_client (error);
22887 return;
22888 }
22889 log_event_fail ("asset", "Asset", modify_asset_data->asset_id,
22890 "modified");
22891 break;
22892 case 2:
22893 SEND_TO_CLIENT_OR_FAIL
22894 (XML_ERROR_SYNTAX ("modify_asset",
22895 "asset with new name exists already"));
22896 log_event_fail ("asset", "Asset", modify_asset_data->asset_id,
22897 "modified");
22898 break;
22899 case 3:
22900 SEND_TO_CLIENT_OR_FAIL
22901 (XML_ERROR_SYNTAX ("modify_asset",
22902 "MODIFY_asset requires a asset_id"));
22903 log_event_fail ("asset", "Asset", modify_asset_data->asset_id,
22904 "modified");
22905 break;
22906 case 99:
22907 SEND_TO_CLIENT_OR_FAIL
22908 (XML_ERROR_SYNTAX ("modify_asset",
22909 "Permission denied"));
22910 log_event_fail ("asset", "Asset", modify_asset_data->asset_id,
22911 "modified");
22912 break;
22913 default:
22914 case -1:
22915 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("modify_asset"));
22916 log_event_fail ("asset", "Asset", modify_asset_data->asset_id,
22917 "modified");
22918 break;
22919 }
22920
22921 modify_asset_data_reset (modify_asset_data);
22922 set_client_state (CLIENT_AUTHENTIC);
22923 break;
22924 }
22925 CLOSE (CLIENT_MODIFY_ASSET, COMMENT);
22926
22927 case CLIENT_MODIFY_AUTH:
22928 {
22929 GSList *item;
22930
22931 if (acl_user_may ("modify_auth") == 0)
22932 {
22933 SEND_TO_CLIENT_OR_FAIL
22934 (XML_ERROR_SYNTAX ("modify_auth",
22935 "Permission denied"));
22936 modify_auth_data_reset (modify_auth_data);
22937 set_client_state (CLIENT_AUTHENTIC);
22938 break;
22939 }
22940
22941 item = modify_auth_data->groups;
22942 while (item)
22943 {
22944 auth_group_t *auth_group;
22945 gchar *group;
22946
22947 auth_group = (auth_group_t *) item->data;
22948 group = auth_group->group_name;
22949 if (group == NULL)
22950 {
22951 SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX
22952 ("modify_auth",
22953 "GROUP requires a name attribute"));
22954 set_client_state (CLIENT_AUTHENTIC);
22955 modify_auth_data_reset (modify_auth_data);
22956 break;
22957 }
22958 if (strcmp (group, "method:ldap_connect") == 0)
22959 {
22960 GSList *setting;
22961 gchar *ldap_host, *ldap_authdn, *ldap_cacert;
22962 int ldap_enabled, ldap_plaintext;
22963
22964 ldap_enabled = ldap_plaintext = -1;
22965 ldap_host = ldap_authdn = ldap_cacert = NULL;
22966 setting = auth_group->settings;
22967 while (setting)
22968 {
22969 auth_conf_setting_t *kvp =
22970 (auth_conf_setting_t *) setting->data;
22971
22972 if (kvp->key == NULL || kvp->value == NULL)
22973 /* Skip this one. */;
22974 else if (strcmp (kvp->key, "enable") == 0)
22975 ldap_enabled = (strcmp (kvp->value, "true") == 0);
22976 else if (strcmp (kvp->key, "ldaphost") == 0)
22977 ldap_host = g_strdup (kvp->value);
22978 else if (strcmp (kvp->key, "authdn") == 0)
22979 ldap_authdn = g_strdup (kvp->value);
22980 else if (strcmp (kvp->key, "allow-plaintext") == 0)
22981 ldap_plaintext = (strcmp (kvp->value, "true") == 0);
22982 else if (strcmp (kvp->key, "cacert") == 0)
22983 ldap_cacert = g_strdup (kvp->value);
22984
22985 setting = g_slist_next (setting);
22986 }
22987
22988 manage_set_ldap_info (ldap_enabled, ldap_host, ldap_authdn,
22989 ldap_plaintext, ldap_cacert);
22990 }
22991 if (strcmp (group, "method:radius_connect") == 0)
22992 {
22993 GSList *setting;
22994 char *radius_host, *radius_key;
22995 int radius_enabled;
22996
22997 radius_enabled = -1;
22998 radius_host = radius_key = NULL;
22999 setting = auth_group->settings;
23000 while (setting)
23001 {
23002 auth_conf_setting_t *kvp =
23003 (auth_conf_setting_t *) setting->data;
23004
23005 if (kvp->key == NULL || kvp->value == NULL)
23006 /* Skip this one. */;
23007 else if (strcmp (kvp->key, "enable") == 0)
23008 radius_enabled = (strcmp (kvp->value, "true") == 0);
23009 else if (strcmp (kvp->key, "radiushost") == 0)
23010 radius_host = g_strdup (kvp->value);
23011 else if (strcmp (kvp->key, "radiuskey") == 0)
23012 radius_key = g_strdup (kvp->value);
23013
23014 setting = g_slist_next (setting);
23015 }
23016
23017 manage_set_radius_info (radius_enabled, radius_host,
23018 radius_key);
23019 }
23020 item = g_slist_next (item);
23021 }
23022
23023 SEND_TO_CLIENT_OR_FAIL (XML_OK ("modify_auth"));
23024 modify_auth_data_reset (modify_auth_data);
23025 set_client_state (CLIENT_AUTHENTIC);
23026
23027 break;
23028 }
23029
23030 case CLIENT_MODIFY_AUTH_GROUP:
23031 {
23032 /* Add settings to group. */
23033 if (modify_auth_data->curr_group_settings)
23034 {
23035 auth_group_t *new_group;
23036 assert (modify_auth_data->groups);
23037 new_group = modify_auth_data->groups->data;
23038 assert (new_group);
23039 new_group->settings = modify_auth_data->curr_group_settings;
23040 }
23041
23042 modify_auth_data->curr_group_settings = NULL;
23043 set_client_state (CLIENT_MODIFY_AUTH);
23044 break;
23045 }
23046 case CLIENT_MODIFY_AUTH_GROUP_AUTH_CONF_SETTING:
23047 {
23048 auth_conf_setting_t *setting;
23049
23050 setting = g_malloc0 (sizeof (auth_conf_setting_t));
23051 setting->key = modify_auth_data->key;
23052 modify_auth_data->key = NULL;
23053 setting->value = modify_auth_data->value;
23054 modify_auth_data->value = NULL;
23055
23056 /* Add setting to settings. */
23057 modify_auth_data->curr_group_settings
23058 = g_slist_prepend (modify_auth_data->curr_group_settings, setting);
23059
23060 set_client_state (CLIENT_MODIFY_AUTH_GROUP);
23061 break;
23062 }
23063 CLOSE (CLIENT_MODIFY_AUTH_GROUP_AUTH_CONF_SETTING, KEY);
23064 CLOSE (CLIENT_MODIFY_AUTH_GROUP_AUTH_CONF_SETTING, VALUE);
23065
23066 case CLIENT_MODIFY_CONFIG:
23067 if (modify_config_element_end (gmp_parser, error, element_name))
23068 set_client_state (CLIENT_AUTHENTIC);
23069 break;
23070
23071 case CLIENT_MODIFY_CREDENTIAL:
23072 {
23073 switch (modify_credential
23074 (modify_credential_data->credential_id,
23075 modify_credential_data->name,
23076 modify_credential_data->comment,
23077 modify_credential_data->login,
23078 (modify_credential_data->key_phrase
23079 || modify_credential_data->key_private)
23080 ? modify_credential_data->key_phrase
23081 : modify_credential_data->password,
23082 modify_credential_data->key_private,
23083 modify_credential_data->key_public,
23084 modify_credential_data->certificate,
23085 modify_credential_data->community,
23086 modify_credential_data->auth_algorithm,
23087 modify_credential_data->privacy_password,
23088 modify_credential_data->privacy_algorithm,
23089 modify_credential_data->allow_insecure))
23090 {
23091 case 0:
23092 SENDF_TO_CLIENT_OR_FAIL (XML_OK ("modify_credential"));
23093 log_event ("credential", "Credential",
23094 modify_credential_data->credential_id,
23095 "modified");
23096 break;
23097 case 1:
23098 if (send_find_error_to_client
23099 ("modify_credential", "credential",
23100 modify_credential_data->credential_id,
23101 gmp_parser))
23102 {
23103 error_send_to_client (error);
23104 return;
23105 }
23106 log_event_fail ("credential", "Credential",
23107 modify_credential_data->credential_id,
23108 "modified");
23109 break;
23110 case 2:
23111 SEND_TO_CLIENT_OR_FAIL
23112 (XML_ERROR_SYNTAX ("modify_credential",
23113 "credential with new name"
23114 " exists already"));
23115 log_event_fail ("credential", "Credential",
23116 modify_credential_data->credential_id,
23117 "modified");
23118 break;
23119 case 3:
23120 SEND_TO_CLIENT_OR_FAIL
23121 (XML_ERROR_SYNTAX ("modify_credential",
23122 "A credential_id is required"));
23123 log_event_fail ("credential", "Credential",
23124 modify_credential_data->credential_id,
23125 "modified");
23126 break;
23127 case 4:
23128 SEND_TO_CLIENT_OR_FAIL
23129 (XML_ERROR_SYNTAX ("modify_credential",
23130 "Login name must not be empty and may"
23131 " contain only alphanumeric characters"
23132 " or the following: - _ \\ . @"));
23133 log_event_fail ("credential", "Credential",
23134 modify_credential_data->credential_id,
23135 "modified");
23136 break;
23137 case 5:
23138 SEND_TO_CLIENT_OR_FAIL
23139 (XML_ERROR_SYNTAX ("modify_credential",
23140 "Invalid or empty certificate"));
23141 log_event_fail ("credential", "Credential",
23142 modify_credential_data->credential_id,
23143 "modified");
23144 break;
23145 case 6:
23146 SEND_TO_CLIENT_OR_FAIL
23147 (XML_ERROR_SYNTAX ("modify_credential",
23148 "Invalid or empty auth_algorithm"));
23149 log_event_fail ("credential", "Credential",
23150 modify_credential_data->credential_id,
23151 "modified");
23152 break;
23153 case 7:
23154 SEND_TO_CLIENT_OR_FAIL
23155 (XML_ERROR_SYNTAX ("modify_credential",
23156 "Invalid or empty privacy_algorithm"));
23157 log_event_fail ("credential", "Credential",
23158 modify_credential_data->credential_id,
23159 "modified");
23160 break;
23161 case 8:
23162 SEND_TO_CLIENT_OR_FAIL
23163 (XML_ERROR_SYNTAX ("modify_credential",
23164 "Invalid or empty private key"));
23165 log_event_fail ("credential", "Credential",
23166 modify_credential_data->credential_id,
23167 "modified");
23168 break;
23169 case 9:
23170 SEND_TO_CLIENT_OR_FAIL
23171 (XML_ERROR_SYNTAX ("modify_credential",
23172 "Invalid or empty public key"));
23173 log_event_fail ("credential", "Credential",
23174 modify_credential_data->credential_id,
23175 "modified");
23176 break;
23177 case 10:
23178 SEND_TO_CLIENT_OR_FAIL
23179 (XML_ERROR_SYNTAX ("modify_credential",
23180 "Privacy password must also be empty"
23181 " if privacy algorithm is empty"));
23182 log_event_fail ("credential", "Credential",
23183 modify_credential_data->credential_id,
23184 "modified");
23185 break;
23186 case 99:
23187 SEND_TO_CLIENT_OR_FAIL
23188 (XML_ERROR_SYNTAX ("modify_credential",
23189 "Permission denied"));
23190 log_event_fail ("credential", "Credential",
23191 modify_credential_data->credential_id,
23192 "modified");
23193 break;
23194 default:
23195 case -1:
23196 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("modify_credential"));
23197 log_event_fail ("credential", "Credential",
23198 modify_credential_data->credential_id,
23199 "modified");
23200 break;
23201 }
23202
23203 modify_credential_data_reset (modify_credential_data);
23204 set_client_state (CLIENT_AUTHENTIC);
23205 break;
23206 }
23207 modify_credential_data_reset (modify_credential_data);
23208 set_client_state (CLIENT_AUTHENTIC);
23209 break;
23210 CLOSE (CLIENT_MODIFY_CREDENTIAL, ALLOW_INSECURE);
23211 CLOSE (CLIENT_MODIFY_CREDENTIAL, AUTH_ALGORITHM);
23212 CLOSE (CLIENT_MODIFY_CREDENTIAL, CERTIFICATE);
23213 CLOSE (CLIENT_MODIFY_CREDENTIAL, COMMENT);
23214 CLOSE (CLIENT_MODIFY_CREDENTIAL, COMMUNITY);
23215 CLOSE (CLIENT_MODIFY_CREDENTIAL, KEY);
23216 CLOSE (CLIENT_MODIFY_CREDENTIAL_KEY, PHRASE);
23217 CLOSE (CLIENT_MODIFY_CREDENTIAL_KEY, PRIVATE);
23218 CLOSE (CLIENT_MODIFY_CREDENTIAL_KEY, PUBLIC);
23219 CLOSE (CLIENT_MODIFY_CREDENTIAL, LOGIN);
23220 CLOSE (CLIENT_MODIFY_CREDENTIAL, NAME);
23221 CLOSE (CLIENT_MODIFY_CREDENTIAL, PASSWORD);
23222 CLOSE (CLIENT_MODIFY_CREDENTIAL, PRIVACY);
23223 CLOSE (CLIENT_MODIFY_CREDENTIAL_PRIVACY, ALGORITHM);
23224 CLOSE (CLIENT_MODIFY_CREDENTIAL_PRIVACY, PASSWORD);
23225
23226 case CLIENT_MODIFY_FILTER:
23227 {
23228 switch (modify_filter
23229 (modify_filter_data->filter_id,
23230 modify_filter_data->name,
23231 modify_filter_data->comment,
23232 modify_filter_data->term,
23233 modify_filter_data->type))
23234 {
23235 case 0:
23236 SENDF_TO_CLIENT_OR_FAIL (XML_OK ("modify_filter"));
23237 log_event ("filter", "Filter", modify_filter_data->filter_id,
23238 "modified");
23239 break;
23240 case 1:
23241 if (send_find_error_to_client ("modify_filter", "filter",
23242 modify_filter_data->filter_id,
23243 gmp_parser))
23244 {
23245 error_send_to_client (error);
23246 return;
23247 }
23248 log_event_fail ("filter", "Filter",
23249 modify_filter_data->filter_id, "modified");
23250 break;
23251 case 2:
23252 SEND_TO_CLIENT_OR_FAIL
23253 (XML_ERROR_SYNTAX ("modify_filter",
23254 "Filter with new name exists already"));
23255 log_event_fail ("filter", "Filter",
23256 modify_filter_data->filter_id, "modified");
23257 break;
23258 case 3:
23259 SEND_TO_CLIENT_OR_FAIL
23260 (XML_ERROR_SYNTAX ("modify_filter",
23261 "Error in type name"));
23262 log_event_fail ("filter", "Filter",
23263 modify_filter_data->filter_id, "modified");
23264 break;
23265 case 4:
23266 SEND_TO_CLIENT_OR_FAIL
23267 (XML_ERROR_SYNTAX ("modify_filter",
23268 "A filter_id is required"));
23269 log_event_fail ("filter", "Filter",
23270 modify_filter_data->filter_id, "modified");
23271 break;
23272 case 5:
23273 SEND_TO_CLIENT_OR_FAIL
23274 (XML_ERROR_SYNTAX ("modify_filter",
23275 "Filter is used by an alert so type must be"
23276 " 'result' if specified"));
23277 log_event_fail ("filter", "Filter",
23278 modify_filter_data->filter_id, "modified");
23279 break;
23280 case 6:
23281 SEND_TO_CLIENT_OR_FAIL
23282 (XML_ERROR_SYNTAX ("modify_filter",
23283 "Filter is used by an alert so type must be"
23284 " 'info' if specified"));
23285 log_event_fail ("filter", "Filter",
23286 modify_filter_data->filter_id, "modified");
23287 break;
23288 case 99:
23289 SEND_TO_CLIENT_OR_FAIL
23290 (XML_ERROR_SYNTAX ("modify_filter",
23291 "Permission denied"));
23292 log_event_fail ("filter", "Filter",
23293 modify_filter_data->filter_id, "modified");
23294 break;
23295 default:
23296 case -1:
23297 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("modify_filter"));
23298 log_event_fail ("filter", "Filter",
23299 modify_filter_data->filter_id, "modified");
23300 break;
23301 }
23302
23303 modify_filter_data_reset (modify_filter_data);
23304 set_client_state (CLIENT_AUTHENTIC);
23305 break;
23306 }
23307 CLOSE (CLIENT_MODIFY_FILTER, COMMENT);
23308 CLOSE (CLIENT_MODIFY_FILTER, NAME);
23309 CLOSE (CLIENT_MODIFY_FILTER, TYPE);
23310 CLOSE (CLIENT_MODIFY_FILTER, TERM);
23311
23312 case CLIENT_MODIFY_GROUP:
23313 {
23314 switch (modify_group
23315 (modify_group_data->group_id,
23316 modify_group_data->name,
23317 modify_group_data->comment,
23318 modify_group_data->users))
23319 {
23320 case 0:
23321 SENDF_TO_CLIENT_OR_FAIL (XML_OK ("modify_group"));
23322 log_event ("group", "Group", modify_group_data->group_id,
23323 "modified");
23324 break;
23325 case 1:
23326 if (send_find_error_to_client ("modify_group", "group",
23327 modify_group_data->group_id,
23328 gmp_parser))
23329 {
23330 error_send_to_client (error);
23331 return;
23332 }
23333 log_event_fail ("group", "Group",
23334 modify_group_data->group_id, "modified");
23335 break;
23336 case 2:
23337 SEND_TO_CLIENT_OR_FAIL
23338 (XML_ERROR_SYNTAX ("modify_group",
23339 "Failed to find user"));
23340 log_event_fail ("group", "Group",
23341 modify_group_data->group_id, "modified");
23342 break;
23343 case 3:
23344 SEND_TO_CLIENT_OR_FAIL
23345 (XML_ERROR_SYNTAX ("modify_group",
23346 "A group_id attribute is required"));
23347 log_event_fail ("group", "Group",
23348 modify_group_data->group_id, "modified");
23349 break;
23350 case 4:
23351 SEND_TO_CLIENT_OR_FAIL
23352 (XML_ERROR_SYNTAX ("modify_group",
23353 "Error in user name"));
23354 log_event_fail ("group", "Group",
23355 modify_group_data->group_id, "modified");
23356 break;
23357 case 5:
23358 SEND_TO_CLIENT_OR_FAIL
23359 (XML_ERROR_SYNTAX ("modify_group",
23360 "Group with new name exists already"));
23361 log_event_fail ("group", "Group",
23362 modify_group_data->group_id, "modified");
23363 break;
23364 case 99:
23365 SEND_TO_CLIENT_OR_FAIL
23366 (XML_ERROR_SYNTAX ("modify_group",
23367 "Permission denied"));
23368 log_event_fail ("group", "Group",
23369 modify_group_data->group_id, "modified");
23370 break;
23371 default:
23372 case -1:
23373 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("modify_group"));
23374 log_event_fail ("group", "Group",
23375 modify_group_data->group_id, "modified");
23376 break;
23377 }
23378
23379 modify_group_data_reset (modify_group_data);
23380 set_client_state (CLIENT_AUTHENTIC);
23381 break;
23382 }
23383 CLOSE (CLIENT_MODIFY_GROUP, COMMENT);
23384 CLOSE (CLIENT_MODIFY_GROUP, NAME);
23385 CLOSE (CLIENT_MODIFY_GROUP, USERS);
23386
23387 case CLIENT_MODIFY_NOTE:
23388 {
23389 if (acl_user_may ("modify_note") == 0)
23390 {
23391 SEND_TO_CLIENT_OR_FAIL
23392 (XML_ERROR_SYNTAX ("modify_note",
23393 "Permission denied"));
23394 modify_note_data_reset (modify_note_data);
23395 set_client_state (CLIENT_AUTHENTIC);
23396 break;
23397 }
23398
23399 if (modify_note_data->note_id == NULL)
23400 SEND_TO_CLIENT_OR_FAIL
23401 (XML_ERROR_SYNTAX ("modify_note",
23402 "A note_id attribute is required"));
23403 else if (modify_note_data->text == NULL)
23404 SEND_TO_CLIENT_OR_FAIL
23405 (XML_ERROR_SYNTAX ("modify_note",
23406 "A TEXT entity is required"));
23407 else switch (modify_note (modify_note_data->note_id,
23408 modify_note_data->active,
23409 modify_note_data->nvt_oid,
23410 modify_note_data->text,
23411 modify_note_data->hosts,
23412 modify_note_data->port,
23413 modify_note_data->severity,
23414 modify_note_data->threat,
23415 modify_note_data->task_id,
23416 modify_note_data->result_id))
23417 {
23418 case 0:
23419 SENDF_TO_CLIENT_OR_FAIL (XML_OK ("modify_note"));
23420 break;
23421 case -1:
23422 SEND_TO_CLIENT_OR_FAIL
23423 (XML_INTERNAL_ERROR ("modify_note"));
23424 break;
23425 case 2:
23426 SEND_TO_CLIENT_OR_FAIL
23427 (XML_ERROR_SYNTAX ("modify_note",
23428 "Error in port specification"));
23429 log_event_fail ("note", "Note", modify_note_data->note_id,
23430 "modified");
23431 break;
23432 case 3:
23433 SEND_TO_CLIENT_OR_FAIL
23434 (XML_ERROR_SYNTAX ("modify_note",
23435 "Error in severity specification"));
23436 log_event_fail ("note", "Note", modify_note_data->note_id,
23437 "modified");
23438 break;
23439 case 4:
23440 SEND_TO_CLIENT_OR_FAIL
23441 (XML_ERROR_SYNTAX ("modify_note",
23442 "Invalid nvt oid"));
23443 log_event_fail ("note", "Note", modify_note_data->note_id,
23444 "modified");
23445 break;
23446 case 5:
23447 if (send_find_error_to_client ("modify_note", "note",
23448 modify_note_data->note_id,
23449 gmp_parser))
23450 {
23451 error_send_to_client (error);
23452 return;
23453 }
23454 log_event_fail ("note", "Note", modify_note_data->note_id,
23455 "modified");
23456 break;
23457 case 6:
23458 if (send_find_error_to_client ("modify_note", "task",
23459 modify_note_data->task_id,
23460 gmp_parser))
23461 {
23462 error_send_to_client (error);
23463 return;
23464 }
23465 log_event_fail ("note", "Note", modify_note_data->note_id,
23466 "modified");
23467 break;
23468 case 7:
23469 if (send_find_error_to_client ("modify_note", "result",
23470 modify_note_data->result_id,
23471 gmp_parser))
23472 {
23473 error_send_to_client (error);
23474 return;
23475 }
23476 log_event_fail ("note", "Note", modify_note_data->note_id,
23477 "modified");
23478 break;
23479 default:
23480 assert (0);
23481 SEND_TO_CLIENT_OR_FAIL
23482 (XML_INTERNAL_ERROR ("modify_note"));
23483 break;
23484 }
23485 modify_note_data_reset (modify_note_data);
23486 set_client_state (CLIENT_AUTHENTIC);
23487 break;
23488 }
23489 CLOSE (CLIENT_MODIFY_NOTE, ACTIVE);
23490 CLOSE (CLIENT_MODIFY_NOTE, HOSTS);
23491 CLOSE (CLIENT_MODIFY_NOTE, PORT);
23492 CLOSE (CLIENT_MODIFY_NOTE, RESULT);
23493 CLOSE (CLIENT_MODIFY_NOTE, SEVERITY);
23494 CLOSE (CLIENT_MODIFY_NOTE, TASK);
23495 CLOSE (CLIENT_MODIFY_NOTE, TEXT);
23496 CLOSE (CLIENT_MODIFY_NOTE, THREAT);
23497 CLOSE (CLIENT_MODIFY_NOTE, NVT);
23498
23499 case CLIENT_MODIFY_OVERRIDE:
23500 {
23501 int max;
23502
23503 if (acl_user_may ("modify_override") == 0)
23504 {
23505 SEND_TO_CLIENT_OR_FAIL
23506 (XML_ERROR_SYNTAX ("modify_override",
23507 "Permission denied"));
23508 modify_override_data_reset (modify_override_data);
23509 set_client_state (CLIENT_AUTHENTIC);
23510 break;
23511 }
23512
23513 if (modify_override_data->override_id == NULL)
23514 SEND_TO_CLIENT_OR_FAIL
23515 (XML_ERROR_SYNTAX ("modify_override",
23516 "An override_id attribute is required"));
23517 else if (modify_override_data->text == NULL)
23518 SEND_TO_CLIENT_OR_FAIL
23519 (XML_ERROR_SYNTAX ("modify_override",
23520 "A TEXT entity is required"));
23521 else if (modify_override_data->hosts
23522 && ((max = manage_count_hosts (modify_override_data->hosts,
23523 NULL))
23524 == -1))
23525 SEND_TO_CLIENT_OR_FAIL
23526 (XML_ERROR_SYNTAX ("modify_override",
23527 "Error in host specification"));
23528 else if (modify_override_data->hosts && (max > manage_max_hosts ()))
23529 SEND_TO_CLIENT_OR_FAIL
23530 (XML_ERROR_SYNTAX ("modify_override",
23531 "Host specification exceeds maximum number"
23532 " of hosts"));
23533 else switch (modify_override (modify_override_data->override_id,
23534 modify_override_data->active,
23535 modify_override_data->nvt_oid,
23536 modify_override_data->text,
23537 modify_override_data->hosts,
23538 modify_override_data->port,
23539 modify_override_data->threat,
23540 modify_override_data->new_threat,
23541 modify_override_data->severity,
23542 modify_override_data->new_severity,
23543 modify_override_data->task_id,
23544 modify_override_data->result_id))
23545 {
23546 case 0:
23547 SENDF_TO_CLIENT_OR_FAIL (XML_OK ("modify_override"));
23548 break;
23549 case 1:
23550 SEND_TO_CLIENT_OR_FAIL
23551 (XML_ERROR_SYNTAX ("modify_override",
23552 "ACTIVE must be an integer >= -2"));
23553 break;
23554 case 2:
23555 SEND_TO_CLIENT_OR_FAIL
23556 (XML_ERROR_SYNTAX ("modify_override",
23557 "Error in port specification"));
23558 log_event_fail ("override", "Override",
23559 modify_override_data->override_id,
23560 "modified");
23561 break;
23562 case 3:
23563 SEND_TO_CLIENT_OR_FAIL
23564 (XML_ERROR_SYNTAX ("modify_override",
23565 "Error in severity specification"));
23566 log_event_fail ("override", "Override",
23567 modify_override_data->override_id,
23568 "modified");
23569 break;
23570 case 4:
23571 SEND_TO_CLIENT_OR_FAIL
23572 (XML_ERROR_SYNTAX ("modify_override",
23573 "Invalid nvt oid"));
23574 log_event_fail ("override", "Override",
23575 modify_override_data->override_id,
23576 "modified");
23577 break;
23578 case 5:
23579 if (send_find_error_to_client ("modify_override", "override",
23580 modify_override_data->override_id,
23581 gmp_parser))
23582 {
23583 error_send_to_client (error);
23584 return;
23585 }
23586 log_event_fail ("override", "Override",
23587 modify_override_data->override_id,
23588 "modified");
23589 break;
23590 case 6:
23591 if (send_find_error_to_client ("modify_override", "task",
23592 modify_override_data->task_id,
23593 gmp_parser))
23594 {
23595 error_send_to_client (error);
23596 return;
23597 }
23598 log_event_fail ("override", "Override",
23599 modify_override_data->override_id,
23600 "modified");
23601 break;
23602 case 7:
23603 if (send_find_error_to_client ("modify_override", "result",
23604 modify_override_data->result_id,
23605 gmp_parser))
23606 {
23607 error_send_to_client (error);
23608 return;
23609 }
23610 log_event_fail ("override", "Override",
23611 modify_override_data->override_id,
23612 "modified");
23613 break;
23614 case 8:
23615 SEND_TO_CLIENT_OR_FAIL
23616 (XML_ERROR_SYNTAX ("modify_override",
23617 "Error in threat specification"));
23618 log_event_fail ("override", "Override",
23619 modify_override_data->override_id,
23620 "modified");
23621 break;
23622 case 9:
23623 SEND_TO_CLIENT_OR_FAIL
23624 (XML_ERROR_SYNTAX ("modify_override",
23625 "Error in new_threat specification"));
23626 log_event_fail ("override", "Override",
23627 modify_override_data->override_id,
23628 "modified");
23629 break;
23630 case 10:
23631 SEND_TO_CLIENT_OR_FAIL
23632 (XML_ERROR_SYNTAX ("modify_override",
23633 "Error in new_severity specification"));
23634 log_event_fail ("override", "Override",
23635 modify_override_data->override_id,
23636 "modified");
23637 break;
23638 case 11:
23639 SEND_TO_CLIENT_OR_FAIL
23640 (XML_ERROR_SYNTAX ("modify_override",
23641 "new_severity is required"));
23642 log_event_fail ("override", "Override",
23643 modify_override_data->override_id,
23644 "modified");
23645 break;
23646 case -1:
23647 SEND_TO_CLIENT_OR_FAIL
23648 (XML_INTERNAL_ERROR ("modify_override"));
23649 break;
23650 default:
23651 assert (0);
23652 SEND_TO_CLIENT_OR_FAIL
23653 (XML_INTERNAL_ERROR ("modify_override"));
23654 break;
23655 }
23656 modify_override_data_reset (modify_override_data);
23657 set_client_state (CLIENT_AUTHENTIC);
23658 break;
23659 }
23660 CLOSE (CLIENT_MODIFY_OVERRIDE, ACTIVE);
23661 CLOSE (CLIENT_MODIFY_OVERRIDE, HOSTS);
23662 CLOSE (CLIENT_MODIFY_OVERRIDE, NEW_SEVERITY);
23663 CLOSE (CLIENT_MODIFY_OVERRIDE, NEW_THREAT);
23664 CLOSE (CLIENT_MODIFY_OVERRIDE, PORT);
23665 CLOSE (CLIENT_MODIFY_OVERRIDE, RESULT);
23666 CLOSE (CLIENT_MODIFY_OVERRIDE, SEVERITY);
23667 CLOSE (CLIENT_MODIFY_OVERRIDE, TASK);
23668 CLOSE (CLIENT_MODIFY_OVERRIDE, TEXT);
23669 CLOSE (CLIENT_MODIFY_OVERRIDE, THREAT);
23670 CLOSE (CLIENT_MODIFY_OVERRIDE, NVT);
23671
23672 case CLIENT_MODIFY_PERMISSION:
23673 {
23674 if (modify_permission_data->permission_id == NULL)
23675 SEND_TO_CLIENT_OR_FAIL
23676 (XML_ERROR_SYNTAX ("modify_permission",
23677 "A permission_id attribute is required"));
23678 else switch (modify_permission
23679 (modify_permission_data->permission_id,
23680 modify_permission_data->name,
23681 modify_permission_data->comment,
23682 modify_permission_data->resource_id,
23683 modify_permission_data->resource_type,
23684 modify_permission_data->subject_type,
23685 modify_permission_data->subject_id))
23686 {
23687 case 1:
23688 SEND_TO_CLIENT_OR_FAIL
23689 (XML_ERROR_SYNTAX ("modify_permission",
23690 "Permission exists already"));
23691 log_event_fail ("permission", "Permission",
23692 modify_permission_data->permission_id,
23693 "modified");
23694 break;
23695 case 2:
23696 if (send_find_error_to_client
23697 ("modify_permission", "subject",
23698 modify_permission_data->subject_id, gmp_parser))
23699 {
23700 error_send_to_client (error);
23701 return;
23702 }
23703 log_event_fail ("permission", "Permission",
23704 modify_permission_data->permission_id,
23705 "modified");
23706 break;
23707 case 3:
23708 if (send_find_error_to_client
23709 ("modify_permission", "resource",
23710 modify_permission_data->resource_id, gmp_parser))
23711 {
23712 error_send_to_client (error);
23713 return;
23714 }
23715 log_event_fail ("permission", "Permission",
23716 modify_permission_data->permission_id,
23717 "modified");
23718 break;
23719 case 4:
23720 SEND_TO_CLIENT_OR_FAIL
23721 (XML_ERROR_SYNTAX ("modify_permission",
23722 "A PERMISSION"
23723 " ID is required"));
23724 log_event_fail ("permission", "Permission",
23725 modify_permission_data->permission_id,
23726 "modified");
23727 break;
23728 case 5:
23729 SEND_TO_CLIENT_OR_FAIL
23730 (XML_ERROR_SYNTAX ("modify_permission",
23731 "Error in RESOURCE"));
23732 log_event_fail ("permission", "Permission",
23733 modify_permission_data->permission_id,
23734 "modified");
23735 break;
23736 case 6:
23737 SEND_TO_CLIENT_OR_FAIL
23738 (XML_ERROR_SYNTAX ("modify_permission",
23739 "Error in SUBJECT"));
23740 log_event_fail ("permission", "Permission",
23741 modify_permission_data->permission_id,
23742 "modified");
23743 break;
23744 case 7:
23745 SEND_TO_CLIENT_OR_FAIL
23746 (XML_ERROR_SYNTAX ("modify_permission",
23747 "Error in NAME"));
23748 log_event_fail ("permission", "Permission",
23749 modify_permission_data->permission_id,
23750 "modified");
23751 break;
23752 case 8:
23753 SEND_TO_CLIENT_OR_FAIL
23754 (XML_ERROR_SYNTAX ("modify_permission",
23755 "NAME required to find resource"));
23756 log_event_fail ("permission", "Permission",
23757 modify_permission_data->permission_id,
23758 "modified");
23759 break;
23760 case 9:
23761 SEND_TO_CLIENT_OR_FAIL
23762 (XML_ERROR_SYNTAX ("modify_permission",
23763 "Permission does not accept a resource"));
23764 log_event_fail ("permission", "Permission", NULL, "modified");
23765 break;
23766 case 99:
23767 SEND_TO_CLIENT_OR_FAIL
23768 (XML_ERROR_SYNTAX ("modify_permission",
23769 "Permission denied"));
23770 log_event_fail ("permission", "Permission",
23771 modify_permission_data->permission_id,
23772 "modified");
23773 break;
23774 case -1:
23775 SEND_TO_CLIENT_OR_FAIL
23776 (XML_INTERNAL_ERROR ("modify_permission"));
23777 log_event_fail ("permission", "Permission",
23778 modify_permission_data->permission_id,
23779 "modified");
23780 break;
23781 default:
23782 {
23783 SENDF_TO_CLIENT_OR_FAIL (XML_OK ("modify_permission"));
23784 log_event ("permission", "Permission",
23785 modify_permission_data->permission_id, "modified");
23786 break;
23787 }
23788 }
23789
23790 modify_permission_data_reset (modify_permission_data);
23791 set_client_state (CLIENT_AUTHENTIC);
23792 break;
23793 }
23794 CLOSE (CLIENT_MODIFY_PERMISSION, COMMENT);
23795 CLOSE (CLIENT_MODIFY_PERMISSION, SUBJECT);
23796 CLOSE (CLIENT_MODIFY_PERMISSION_SUBJECT, TYPE);
23797 CLOSE (CLIENT_MODIFY_PERMISSION, NAME);
23798 CLOSE (CLIENT_MODIFY_PERMISSION, RESOURCE);
23799 CLOSE (CLIENT_MODIFY_PERMISSION_RESOURCE, TYPE);
23800
23801 case CLIENT_MODIFY_PORT_LIST:
23802 {
23803 switch (modify_port_list
23804 (modify_port_list_data->port_list_id,
23805 modify_port_list_data->name,
23806 modify_port_list_data->comment))
23807 {
23808 case 0:
23809 SENDF_TO_CLIENT_OR_FAIL (XML_OK ("modify_port_list"));
23810 log_event ("port_list", "Port List",
23811 modify_port_list_data->port_list_id, "modified");
23812 break;
23813 case 1:
23814 if (send_find_error_to_client ("modify_port_list", "port_list",
23815 modify_port_list_data->port_list_id,
23816 gmp_parser))
23817 {
23818 error_send_to_client (error);
23819 return;
23820 }
23821 log_event_fail ("port_list", "Port List",
23822 modify_port_list_data->port_list_id,
23823 "modified");
23824 break;
23825 case 2:
23826 SEND_TO_CLIENT_OR_FAIL
23827 (XML_ERROR_SYNTAX ("modify_port_list",
23828 "Port List with new name exists already"));
23829 log_event_fail ("port_list", "Port List",
23830 modify_port_list_data->port_list_id,
23831 "modified");
23832 break;
23833 case 3:
23834 SEND_TO_CLIENT_OR_FAIL
23835 (XML_ERROR_SYNTAX ("modify_port_list",
23836 "A port_list_id is required"));
23837 log_event_fail ("port_list", "Port List",
23838 modify_port_list_data->port_list_id,
23839 "modified");
23840 break;
23841 case 99:
23842 SEND_TO_CLIENT_OR_FAIL
23843 (XML_ERROR_SYNTAX ("modify_port_list",
23844 "Permission denied"));
23845 log_event_fail ("port_list", "Port List",
23846 modify_port_list_data->port_list_id,
23847 "modified");
23848 break;
23849 default:
23850 case -1:
23851 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("modify_port_list"));
23852 log_event_fail ("port_list", "Port List",
23853 modify_port_list_data->port_list_id,
23854 "modified");
23855 break;
23856 }
23857
23858 modify_port_list_data_reset (modify_port_list_data);
23859 set_client_state (CLIENT_AUTHENTIC);
23860 break;
23861 }
23862 CLOSE (CLIENT_MODIFY_PORT_LIST, COMMENT);
23863 CLOSE (CLIENT_MODIFY_PORT_LIST, NAME);
23864
23865 case CLIENT_MODIFY_REPORT_FORMAT:
23866 {
23867 switch (modify_report_format
23868 (modify_report_format_data->report_format_id,
23869 modify_report_format_data->name,
23870 modify_report_format_data->summary,
23871 modify_report_format_data->active,
23872 modify_report_format_data->param_name,
23873 modify_report_format_data->param_value))
23874 {
23875 case 0:
23876 SENDF_TO_CLIENT_OR_FAIL (XML_OK ("modify_report_format"));
23877 log_event ("report_format", "Report Format",
23878 modify_report_format_data->report_format_id,
23879 "modified");
23880 break;
23881 case 1:
23882 if (send_find_error_to_client
23883 ("modify_report_format", "report_format",
23884 modify_report_format_data->report_format_id,
23885 gmp_parser))
23886 {
23887 error_send_to_client (error);
23888 return;
23889 }
23890 log_event_fail ("report_format", "Report Format",
23891 modify_report_format_data->report_format_id,
23892 "modified");
23893 break;
23894 case 2:
23895 SEND_TO_CLIENT_OR_FAIL
23896 (XML_ERROR_SYNTAX
23897 ("modify_report_format",
23898 "A report_format_id is required"));
23899 log_event_fail ("report_format", "Report Format",
23900 modify_report_format_data->report_format_id,
23901 "modified");
23902 break;
23903 case 3:
23904 if (send_find_error_to_client
23905 ("modify_report_format", "report format param",
23906 modify_report_format_data->param_name, gmp_parser))
23907 {
23908 error_send_to_client (error);
23909 return;
23910 }
23911 log_event_fail ("report_format", "Report Format",
23912 modify_report_format_data->report_format_id,
23913 "modified");
23914 break;
23915 case 4:
23916 SEND_TO_CLIENT_OR_FAIL
23917 (XML_ERROR_SYNTAX ("modify_report_format",
23918 "Parameter validation failed"));
23919 log_event_fail ("report_format", "Report Format",
23920 modify_report_format_data->report_format_id,
23921 "modified");
23922 break;
23923 case 99:
23924 SEND_TO_CLIENT_OR_FAIL
23925 (XML_ERROR_SYNTAX ("modify_report_format",
23926 "Permission denied"));
23927 log_event_fail ("report_format", "Report Format",
23928 modify_report_format_data->report_format_id,
23929 "modified");
23930 break;
23931 default:
23932 case -1:
23933 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR
23934 ("modify_report_format"));
23935 log_event_fail ("report_format", "Report Format",
23936 modify_report_format_data->report_format_id,
23937 "modified");
23938 break;
23939 }
23940
23941 modify_report_format_data_reset (modify_report_format_data);
23942 set_client_state (CLIENT_AUTHENTIC);
23943 break;
23944 }
23945 CLOSE (CLIENT_MODIFY_REPORT_FORMAT, ACTIVE);
23946 CLOSE (CLIENT_MODIFY_REPORT_FORMAT, NAME);
23947 CLOSE (CLIENT_MODIFY_REPORT_FORMAT, SUMMARY);
23948 CLOSE (CLIENT_MODIFY_REPORT_FORMAT, PARAM);
23949 CLOSE (CLIENT_MODIFY_REPORT_FORMAT_PARAM, NAME);
23950 CLOSE (CLIENT_MODIFY_REPORT_FORMAT_PARAM, VALUE);
23951
23952 case CLIENT_MODIFY_ROLE:
23953 {
23954 switch (modify_role
23955 (modify_role_data->role_id,
23956 modify_role_data->name,
23957 modify_role_data->comment,
23958 modify_role_data->users))
23959 {
23960 case 0:
23961 SENDF_TO_CLIENT_OR_FAIL (XML_OK ("modify_role"));
23962 log_event ("role", "Role", modify_role_data->role_id,
23963 "modified");
23964 break;
23965 case 1:
23966 if (send_find_error_to_client ("modify_role", "role",
23967 modify_role_data->role_id,
23968 gmp_parser))
23969 {
23970 error_send_to_client (error);
23971 return;
23972 }
23973 log_event_fail ("role", "Role",
23974 modify_role_data->role_id, "modified");
23975 break;
23976 case 2:
23977 SEND_TO_CLIENT_OR_FAIL
23978 (XML_ERROR_SYNTAX ("modify_role",
23979 "Failed to find user"));
23980 log_event_fail ("role", "Role",
23981 modify_role_data->role_id, "modified");
23982 break;
23983 case 3:
23984 SEND_TO_CLIENT_OR_FAIL
23985 (XML_ERROR_SYNTAX ("modify_role",
23986 "A role_id"
23987 " attribute is required"));
23988 log_event_fail ("role", "Role",
23989 modify_role_data->role_id, "modified");
23990 break;
23991 case 4:
23992 SEND_TO_CLIENT_OR_FAIL
23993 (XML_ERROR_SYNTAX ("modify_role",
23994 "Error in user name"));
23995 log_event_fail ("role", "Role",
23996 modify_role_data->role_id, "modified");
23997 break;
23998 case 5:
23999 SEND_TO_CLIENT_OR_FAIL
24000 (XML_ERROR_SYNTAX ("modify_role",
24001 "Role with new name exists already"));
24002 log_event_fail ("role", "Role",
24003 modify_role_data->role_id, "modified");
24004 break;
24005 case 99:
24006 SEND_TO_CLIENT_OR_FAIL
24007 (XML_ERROR_SYNTAX ("modify_role",
24008 "Permission denied"));
24009 log_event_fail ("role", "Role",
24010 modify_role_data->role_id, "modified");
24011 break;
24012 default:
24013 case -1:
24014 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("modify_role"));
24015 log_event_fail ("role", "Role",
24016 modify_role_data->role_id, "modified");
24017 break;
24018 }
24019
24020 modify_role_data_reset (modify_role_data);
24021 set_client_state (CLIENT_AUTHENTIC);
24022 break;
24023 }
24024 CLOSE (CLIENT_MODIFY_ROLE, COMMENT);
24025 CLOSE (CLIENT_MODIFY_ROLE, NAME);
24026 CLOSE (CLIENT_MODIFY_ROLE, USERS);
24027
24028 case CLIENT_MODIFY_SCANNER:
24029 handle_modify_scanner (gmp_parser, error);
24030 break;
24031 CLOSE (CLIENT_MODIFY_SCANNER, TYPE);
24032 CLOSE (CLIENT_MODIFY_SCANNER, PORT);
24033 CLOSE (CLIENT_MODIFY_SCANNER, HOST);
24034 CLOSE (CLIENT_MODIFY_SCANNER, COMMENT);
24035 CLOSE (CLIENT_MODIFY_SCANNER, NAME);
24036 CLOSE (CLIENT_MODIFY_SCANNER, CA_PUB);
24037 CLOSE (CLIENT_MODIFY_SCANNER, CREDENTIAL);
24038
24039 case CLIENT_MODIFY_SCHEDULE:
24040 {
24041 handle_modify_schedule (gmp_parser, error);
24042 break;
24043 }
24044 CLOSE (CLIENT_MODIFY_SCHEDULE, COMMENT);
24045 CLOSE (CLIENT_MODIFY_SCHEDULE, ICALENDAR);
24046 CLOSE (CLIENT_MODIFY_SCHEDULE, NAME);
24047 CLOSE (CLIENT_MODIFY_SCHEDULE, TIMEZONE);
24048
24049 case CLIENT_MODIFY_SETTING:
24050 {
24051 gchar *errdesc = NULL;
24052
24053 if (((modify_setting_data->name == NULL)
24054 && (modify_setting_data->setting_id == NULL))
24055 || (modify_setting_data->value == NULL))
24056 SEND_TO_CLIENT_OR_FAIL
24057 (XML_ERROR_SYNTAX ("modify_setting",
24058 "A NAME or setting_id"
24059 " and a VALUE is required"));
24060 else switch (modify_setting (modify_setting_data->setting_id,
24061 modify_setting_data->name,
24062 modify_setting_data->value,
24063 &errdesc))
24064 {
24065 case 0:
24066 SEND_TO_CLIENT_OR_FAIL (XML_OK ("modify_setting"));
24067 break;
24068 case 1:
24069 SEND_TO_CLIENT_OR_FAIL
24070 (XML_ERROR_SYNTAX ("modify_setting",
24071 "Failed to find setting"));
24072 break;
24073 case 2:
24074 SEND_TO_CLIENT_OR_FAIL
24075 (XML_ERROR_SYNTAX ("modify_setting",
24076 "Value validation failed"));
24077 break;
24078 case 99:
24079 SEND_TO_CLIENT_OR_FAIL
24080 (XML_ERROR_SYNTAX ("modify_setting",
24081 "Permission denied"));
24082 break;
24083 case -1:
24084 if (errdesc)
24085 {
24086 char *buf = make_xml_error_syntax ("modify_setting",
24087 errdesc);
24088 SEND_TO_CLIENT_OR_FAIL (buf);
24089 g_free (buf);
24090 break;
24091 }
24092 /* Fall through. */
24093 default:
24094 SEND_TO_CLIENT_OR_FAIL
24095 (XML_INTERNAL_ERROR ("modify_setting"));
24096 break;
24097 }
24098 g_free (errdesc);
24099 }
24100 modify_setting_data_reset (modify_setting_data);
24101 set_client_state (CLIENT_AUTHENTIC);
24102 break;
24103 CLOSE (CLIENT_MODIFY_SETTING, NAME);
24104 CLOSE (CLIENT_MODIFY_SETTING, VALUE);
24105
24106 case CLIENT_MODIFY_TAG:
24107 {
24108 gchar *error_extra = NULL;
24109
24110 if (modify_tag_data->resource_ids)
24111 array_terminate (modify_tag_data->resource_ids);
24112
24113 if (modify_tag_data->tag_id == NULL)
24114 SEND_TO_CLIENT_OR_FAIL
24115 (XML_ERROR_SYNTAX ("modify_tag",
24116 "A tag_id attribute is required"));
24117 else if (modify_tag_data->name
24118 && strcmp(modify_tag_data->name, "") == 0)
24119 SEND_TO_CLIENT_OR_FAIL
24120 (XML_ERROR_SYNTAX ("modify_tag",
24121 "name must be at least one"
24122 " character long or omitted completely"));
24123 else if (modify_tag_data->resource_type &&
24124 valid_db_resource_type (modify_tag_data->resource_type) == 0)
24125 SEND_TO_CLIENT_OR_FAIL
24126 (XML_ERROR_SYNTAX ("modify_tag",
24127 "TYPE in RESOURCES must be"
24128 " a valid resource type."));
24129 else if (modify_tag_data->resource_type
24130 && strcasecmp (modify_tag_data->resource_type, "tag") == 0)
24131 SEND_TO_CLIENT_OR_FAIL
24132 (XML_ERROR_SYNTAX ("modify_tag",
24133 "TYPE in RESOURCES must not"
24134 " be 'tag'."));
24135 else switch (modify_tag (modify_tag_data->tag_id,
24136 modify_tag_data->name,
24137 modify_tag_data->comment,
24138 modify_tag_data->value,
24139 modify_tag_data->resource_type,
24140 modify_tag_data->resource_ids,
24141 modify_tag_data->resources_filter,
24142 modify_tag_data->resources_action,
24143 modify_tag_data->active,
24144 &error_extra))
24145 {
24146 case 0:
24147 SENDF_TO_CLIENT_OR_FAIL (XML_OK ("modify_tag"));
24148 log_event ("tag", "Tag", modify_tag_data->tag_id,
24149 "modified");
24150 break;
24151 case 1:
24152 if (send_find_error_to_client ("modify_tag", "tag",
24153 modify_tag_data->tag_id,
24154 gmp_parser))
24155 {
24156 error_send_to_client (error);
24157 return;
24158 }
24159 log_event_fail ("tag", "Tag", modify_tag_data->tag_id,
24160 "modified");
24161 break;
24162 case 2:
24163 SEND_TO_CLIENT_OR_FAIL
24164 (XML_ERROR_SYNTAX ("modify_tag",
24165 "A tag_id is required"));
24166 log_event_fail ("tag", "Tag", modify_tag_data->tag_id,
24167 "modified");
24168 break;
24169 case 3:
24170 SEND_TO_CLIENT_OR_FAIL
24171 (XML_ERROR_SYNTAX ("modify_tag",
24172 "RESOURCES action must be"
24173 " 'add', 'set', 'remove'"
24174 " or empty."));
24175 log_event_fail ("tag", "Tag", modify_tag_data->tag_id,
24176 "modified");
24177 break;
24178 case 4:
24179 if (send_find_error_to_client ("modify_tag", "resource",
24180 error_extra,
24181 gmp_parser))
24182 {
24183 error_send_to_client (error);
24184 g_free (error_extra);
24185 return;
24186 }
24187 g_free (error_extra);
24188 log_event_fail ("tag", "Tag", NULL, "modified");
24189 break;
24190 case 5:
24191 SEND_TO_CLIENT_OR_FAIL
24192 ("<modify_tag_response"
24193 " status=\"" STATUS_ERROR_MISSING "\""
24194 " status_text=\"No resources found for filter\"/>");
24195 log_event_fail ("tag", "Tag", NULL, "modified");
24196 break;
24197 case 6:
24198 SEND_TO_CLIENT_OR_FAIL
24199 (XML_ERROR_SYNTAX ("modify_tag",
24200 "Too many resources selected"));
24201 log_event_fail ("tag", "Tag", NULL, "modified");
24202 break;
24203 case 99:
24204 SEND_TO_CLIENT_OR_FAIL
24205 (XML_ERROR_SYNTAX ("modify_tag",
24206 "Permission denied"));
24207 log_event_fail ("tag", "Tag", modify_tag_data->tag_id,
24208 "modified");
24209 break;
24210 default:
24211 SEND_TO_CLIENT_OR_FAIL
24212 (XML_INTERNAL_ERROR ("modify_tag"));
24213 log_event_fail ("tag", "Tag", modify_tag_data->tag_id,
24214 "modified");
24215 break;
24216 }
24217
24218 modify_tag_data_reset (modify_tag_data);
24219 set_client_state (CLIENT_AUTHENTIC);
24220 break;
24221 }
24222
24223 CLOSE (CLIENT_MODIFY_TAG, ACTIVE);
24224 CLOSE (CLIENT_MODIFY_TAG, RESOURCES);
24225 CLOSE (CLIENT_MODIFY_TAG, COMMENT);
24226 CLOSE (CLIENT_MODIFY_TAG, NAME);
24227 CLOSE (CLIENT_MODIFY_TAG, VALUE);
24228
24229 CLOSE (CLIENT_MODIFY_TAG_RESOURCES, RESOURCE);
24230 CLOSE (CLIENT_MODIFY_TAG_RESOURCES, TYPE);
24231
24232 case CLIENT_MODIFY_TARGET:
24233 {
24234 if (modify_target_data->target_id == NULL)
24235 SEND_TO_CLIENT_OR_FAIL
24236 (XML_ERROR_SYNTAX ("modify_target",
24237 "A target_id"
24238 " attribute is required"));
24239 else switch (modify_target
24240 (modify_target_data->target_id,
24241 modify_target_data->name,
24242 modify_target_data->hosts,
24243 modify_target_data->exclude_hosts,
24244 modify_target_data->comment,
24245 modify_target_data->port_list_id,
24246 modify_target_data->ssh_credential_id
24247 ? modify_target_data->ssh_credential_id
24248 : modify_target_data->ssh_lsc_credential_id,
24249 modify_target_data->ssh_elevate_credential_id,
24250 modify_target_data->ssh_credential_id
24251 ? modify_target_data->ssh_port
24252 : modify_target_data->ssh_lsc_port,
24253 modify_target_data->smb_credential_id
24254 ? modify_target_data->smb_credential_id
24255 : modify_target_data->smb_lsc_credential_id,
24256 modify_target_data->esxi_credential_id
24257 ? modify_target_data->esxi_credential_id
24258 : modify_target_data->esxi_lsc_credential_id,
24259 modify_target_data->snmp_credential_id,
24260 modify_target_data->reverse_lookup_only,
24261 modify_target_data->reverse_lookup_unify,
24262 modify_target_data->alive_tests,
24263 modify_target_data->allow_simultaneous_ips))
24264 {
24265 case 1:
24266 SEND_TO_CLIENT_OR_FAIL
24267 (XML_ERROR_SYNTAX ("modify_target",
24268 "Target exists already"));
24269 log_event_fail ("target", "Target",
24270 modify_target_data->target_id,
24271 "modified");
24272 break;
24273 case 2:
24274 SEND_TO_CLIENT_OR_FAIL
24275 (XML_ERROR_SYNTAX ("modify_target",
24276 "Error in host specification"));
24277 log_event_fail ("target", "Target",
24278 modify_target_data->target_id,
24279 "modified");
24280 break;
24281 case 3:
24282 SEND_TO_CLIENT_OR_FAIL
24283 (XML_ERROR_SYNTAX ("modify_target",
24284 "Host specification exceeds maximum number"
24285 " of hosts"));
24286 log_event_fail ("target", "Target",
24287 modify_target_data->target_id,
24288 "modified");
24289 break;
24290 case 4:
24291 SEND_TO_CLIENT_OR_FAIL
24292 (XML_ERROR_SYNTAX ("modify_target",
24293 "Error in port range"));
24294 log_event_fail ("target", "Target",
24295 modify_target_data->target_id,
24296 "modified");
24297 break;
24298 case 5:
24299 SEND_TO_CLIENT_OR_FAIL
24300 (XML_ERROR_SYNTAX ("modify_target",
24301 "Error in SSH port"));
24302 log_event_fail ("target", "Target",
24303 modify_target_data->target_id,
24304 "modified");
24305 break;
24306 case 6:
24307 log_event_fail ("target", "Target",
24308 modify_target_data->target_id,
24309 "modified");
24310 if (send_find_error_to_client
24311 ("modify_target", "port_list",
24312 modify_target_data->port_list_id, gmp_parser))
24313 {
24314 error_send_to_client (error);
24315 return;
24316 }
24317 break;
24318 case 7:
24319 log_event_fail ("target", "Target",
24320 modify_target_data->target_id,
24321 "modified");
24322 if (send_find_error_to_client
24323 ("modify_target", "Credential",
24324 modify_target_data->ssh_credential_id
24325 ? modify_target_data->ssh_credential_id
24326 : modify_target_data->ssh_lsc_credential_id,
24327 gmp_parser))
24328 {
24329 error_send_to_client (error);
24330 return;
24331 }
24332 break;
24333 case 8:
24334 log_event_fail ("target", "Target",
24335 modify_target_data->target_id,
24336 "modified");
24337 if (send_find_error_to_client
24338 ("modify_target", "Credential",
24339 modify_target_data->smb_credential_id
24340 ? modify_target_data->smb_credential_id
24341 : modify_target_data->smb_lsc_credential_id,
24342 gmp_parser))
24343 {
24344 error_send_to_client (error);
24345 return;
24346 }
24347 break;
24348 case 9:
24349 log_event_fail ("target", "Target",
24350 modify_target_data->target_id,
24351 "modified");
24352 if (send_find_error_to_client
24353 ("modify_target", "target", modify_target_data->target_id,
24354 gmp_parser))
24355 {
24356 error_send_to_client (error);
24357 return;
24358 }
24359 break;
24360 case 10:
24361 SEND_TO_CLIENT_OR_FAIL
24362 (XML_ERROR_SYNTAX ("modify_target",
24363 "Error in alive test"));
24364 log_event_fail ("target", "Target",
24365 modify_target_data->target_id,
24366 "modified");
24367 break;
24368 case 11:
24369 SEND_TO_CLIENT_OR_FAIL
24370 (XML_ERROR_SYNTAX ("modify_target",
24371 "Name must be at"
24372 " least one character long"));
24373 log_event_fail ("target", "Target",
24374 modify_target_data->target_id,
24375 "modified");
24376 break;
24377 case 12:
24378 SEND_TO_CLIENT_OR_FAIL
24379 (XML_ERROR_SYNTAX ("modify_target",
24380 "EXCLUDE_HOSTS requires"
24381 " a HOSTS"));
24382 log_event_fail ("target", "Target",
24383 modify_target_data->target_id,
24384 "modified");
24385 break;
24386 case 13:
24387 SEND_TO_CLIENT_OR_FAIL
24388 (XML_ERROR_SYNTAX ("modify_target",
24389 "HOSTS requires an"
24390 " EXCLUDE_HOSTS"));
24391 log_event_fail ("target", "Target",
24392 modify_target_data->target_id,
24393 "modified");
24394 break;
24395 case 14:
24396 SEND_TO_CLIENT_OR_FAIL
24397 (XML_ERROR_SYNTAX ("modify_target",
24398 "HOSTS must be at least one"
24399 "character long"));
24400 log_event_fail ("target", "Target",
24401 modify_target_data->target_id,
24402 "modified");
24403 break;
24404 case 15:
24405 SEND_TO_CLIENT_OR_FAIL
24406 (XML_ERROR_SYNTAX ("modify_target",
24407 "Target is in use"));
24408 log_event_fail ("target", "Target",
24409 modify_target_data->target_id,
24410 "modified");
24411 break;
24412 case 16:
24413 log_event_fail ("target", "Target",
24414 modify_target_data->target_id,
24415 "modified");
24416 if (send_find_error_to_client
24417 ("modify_target", "Credential",
24418 modify_target_data->esxi_credential_id
24419 ? modify_target_data->esxi_credential_id
24420 : modify_target_data->esxi_lsc_credential_id,
24421 gmp_parser))
24422 {
24423 error_send_to_client (error);
24424 return;
24425 }
24426 break;
24427 case 17:
24428 log_event_fail ("target", "Target",
24429 modify_target_data->target_id,
24430 "modified");
24431 if (send_find_error_to_client
24432 ("modify_target", "Credential",
24433 modify_target_data->snmp_credential_id,
24434 gmp_parser))
24435 {
24436 error_send_to_client (error);
24437 return;
24438 }
24439 break;
24440 case 18:
24441 SEND_TO_CLIENT_OR_FAIL
24442 (XML_ERROR_SYNTAX ("modify_target",
24443 "SSH credential must be of type"
24444 " 'up' or 'usk'"));
24445 log_event_fail ("target", "Target",
24446 modify_target_data->target_id, "modified");
24447 break;
24448 case 19:
24449 SEND_TO_CLIENT_OR_FAIL
24450 (XML_ERROR_SYNTAX ("modify_target",
24451 "SMB credential must be of type"
24452 " 'up'"));
24453 log_event_fail ("target", "Target",
24454 modify_target_data->target_id, "modified");
24455 break;
24456 case 20:
24457 SEND_TO_CLIENT_OR_FAIL
24458 (XML_ERROR_SYNTAX ("modify_target",
24459 "ESXi credential must be of type"
24460 " 'up'"));
24461 log_event_fail ("target", "Target",
24462 modify_target_data->target_id, "modified");
24463 break;
24464 case 21:
24465 SEND_TO_CLIENT_OR_FAIL
24466 (XML_ERROR_SYNTAX ("modify_target",
24467 "SNMP credential must be of type"
24468 " 'snmp'"));
24469 log_event_fail ("target", "Target",
24470 modify_target_data->target_id, "modified");
24471 break;
24472 case 22:
24473 log_event_fail ("target", "Target",
24474 modify_target_data->target_id,
24475 "modified");
24476 if (send_find_error_to_client
24477 ("modify_target", "Credential",
24478 modify_target_data->ssh_elevate_credential_id,
24479 gmp_parser))
24480 {
24481 error_send_to_client (error);
24482 return;
24483 }
24484 break;
24485 case 23:
24486 SEND_TO_CLIENT_OR_FAIL
24487 (XML_ERROR_SYNTAX ("modify_target",
24488 "ELEVATE credential must be of type"
24489 " 'up'"));
24490 log_event_fail ("target", "Target",
24491 modify_target_data->target_id, "modified");
24492 break;
24493 case 24:
24494 SEND_TO_CLIENT_OR_FAIL
24495 (XML_ERROR_SYNTAX ("modify_target",
24496 "The elevate credential requires"
24497 " an SSH credential"));
24498 log_event_fail ("target", "Target",
24499 modify_target_data->target_id, "modified");
24500 break;
24501 case 25:
24502 SEND_TO_CLIENT_OR_FAIL
24503 (XML_ERROR_SYNTAX ("modify_target",
24504 "The elevate credential must be different"
24505 " from the SSH credential"));
24506 log_event_fail ("target", "Target",
24507 modify_target_data->target_id, "modified");
24508 break;
24509 case 99:
24510 SEND_TO_CLIENT_OR_FAIL
24511 (XML_ERROR_SYNTAX ("modify_target",
24512 "Permission denied"));
24513 log_event_fail ("target", "Target",
24514 modify_target_data->target_id,
24515 "modified");
24516 break;
24517 case -1:
24518 SEND_TO_CLIENT_OR_FAIL
24519 (XML_INTERNAL_ERROR ("modify_target"));
24520 log_event_fail ("target", "Target",
24521 modify_target_data->target_id,
24522 "modified");
24523 break;
24524 default:
24525 {
24526 SENDF_TO_CLIENT_OR_FAIL (XML_OK ("modify_target"));
24527 log_event ("target", "Target", modify_target_data->target_id,
24528 "modified");
24529 break;
24530 }
24531 }
24532
24533 modify_target_data_reset (modify_target_data);
24534 set_client_state (CLIENT_AUTHENTIC);
24535 break;
24536 }
24537 CLOSE (CLIENT_MODIFY_TARGET, ESXI_CREDENTIAL);
24538 CLOSE (CLIENT_MODIFY_TARGET, ESXI_LSC_CREDENTIAL);
24539 CLOSE (CLIENT_MODIFY_TARGET, EXCLUDE_HOSTS);
24540 CLOSE (CLIENT_MODIFY_TARGET, REVERSE_LOOKUP_ONLY);
24541 CLOSE (CLIENT_MODIFY_TARGET, REVERSE_LOOKUP_UNIFY);
24542 CLOSE (CLIENT_MODIFY_TARGET, ALIVE_TESTS);
24543 CLOSE (CLIENT_MODIFY_TARGET, ALLOW_SIMULTANEOUS_IPS);
24544 CLOSE (CLIENT_MODIFY_TARGET, COMMENT);
24545 CLOSE (CLIENT_MODIFY_TARGET, HOSTS);
24546 CLOSE (CLIENT_MODIFY_TARGET, NAME);
24547 CLOSE (CLIENT_MODIFY_TARGET, PORT_LIST);
24548 CLOSE (CLIENT_MODIFY_TARGET, SSH_CREDENTIAL);
24549 CLOSE (CLIENT_MODIFY_TARGET, SSH_LSC_CREDENTIAL);
24550 CLOSE (CLIENT_MODIFY_TARGET, SSH_ELEVATE_CREDENTIAL);
24551 CLOSE (CLIENT_MODIFY_TARGET, SMB_CREDENTIAL);
24552 CLOSE (CLIENT_MODIFY_TARGET, SMB_LSC_CREDENTIAL);
24553 CLOSE (CLIENT_MODIFY_TARGET, SNMP_CREDENTIAL);
24554
24555 CLOSE (CLIENT_MODIFY_TARGET_SSH_CREDENTIAL, PORT);
24556
24557 CLOSE (CLIENT_MODIFY_TARGET_SSH_LSC_CREDENTIAL, PORT);
24558
24559 case CLIENT_MODIFY_TASK:
24560 if (acl_user_may ("modify_task") == 0)
24561 {
24562 SEND_TO_CLIENT_OR_FAIL
24563 (XML_ERROR_SYNTAX ("modify_task",
24564 "Permission denied"));
24565 modify_task_data_reset (modify_task_data);
24566 set_client_state (CLIENT_AUTHENTIC);
24567 break;
24568 }
24569
24570 if (modify_task_data->task_id)
24571 {
24572 gchar *fail_alert_id, *fail_group_id;
24573
24574 if (modify_task_data->action && (modify_task_data->comment
24575 || modify_task_data->alerts->len
24576 || modify_task_data->groups->len
24577 || modify_task_data->name))
24578 SEND_TO_CLIENT_OR_FAIL
24579 (XML_ERROR_SYNTAX ("modify_task",
24580 "Too many parameters at once"));
24581 else if (modify_task_data->action)
24582 {
24583 if (modify_task_data->file_name == NULL)
24584 SEND_TO_CLIENT_OR_FAIL
24585 (XML_ERROR_SYNTAX ("modify_task",
24586 "FILE requires a name"
24587 " attribute"));
24588 else if (strcmp (modify_task_data->action, "update") == 0)
24589 {
24590 switch (manage_task_update_file (modify_task_data->task_id,
24591 modify_task_data->file_name,
24592 modify_task_data->file
24593 ? modify_task_data->file
24594 : ""))
24595 {
24596 case 0:
24597 log_event ("task", "Task", modify_task_data->task_id,
24598 "modified");
24599 SEND_TO_CLIENT_OR_FAIL (XML_OK ("modify_task"));
24600 break;
24601 case 1:
24602 if (send_find_error_to_client ("modify_task", "Task",
24603 modify_task_data->task_id,
24604 gmp_parser))
24605 {
24606 error_send_to_client (error);
24607 return;
24608 }
24609 break;
24610 default:
24611 case -1:
24612 SEND_TO_CLIENT_OR_FAIL
24613 (XML_INTERNAL_ERROR ("modify_task"));
24614 log_event_fail ("task", "Task",
24615 modify_task_data->task_id,
24616 "modified");
24617 }
24618 }
24619 else if (strcmp (modify_task_data->action, "remove") == 0)
24620 {
24621 switch (manage_task_remove_file (modify_task_data->task_id,
24622 modify_task_data->file_name))
24623 {
24624 case 0:
24625 log_event ("task", "Task", modify_task_data->task_id,
24626 "modified");
24627 SEND_TO_CLIENT_OR_FAIL (XML_OK ("modify_task"));
24628 break;
24629 case 1:
24630 if (send_find_error_to_client ("modify_task", "Task",
24631 modify_task_data->task_id,
24632 gmp_parser))
24633 {
24634 error_send_to_client (error);
24635 return;
24636 }
24637 break;
24638 default:
24639 case -1:
24640 SEND_TO_CLIENT_OR_FAIL
24641 (XML_INTERNAL_ERROR ("modify_task"));
24642 log_event_fail ("task", "Task",
24643 modify_task_data->task_id,
24644 "modified");
24645 }
24646 }
24647 else
24648 {
24649 SEND_TO_CLIENT_OR_FAIL
24650 (XML_ERROR_SYNTAX ("modify_task",
24651 "Action must be"
24652 " \"update\" or \"remove\""));
24653 log_event_fail ("task", "Task",
24654 modify_task_data->task_id,
24655 "modified");
24656 }
24657 }
24658 else switch (modify_task (modify_task_data->task_id,
24659 modify_task_data->name,
24660 modify_task_data->comment,
24661 modify_task_data->scanner_id,
24662 modify_task_data->target_id,
24663 modify_task_data->config_id,
24664 modify_task_data->observers,
24665 modify_task_data->alerts,
24666 modify_task_data->alterable,
24667 modify_task_data->groups,
24668 modify_task_data->schedule_id,
24669 modify_task_data->schedule_periods,
24670 modify_task_data->preferences,
24671 modify_task_data->hosts_ordering,
24672 &fail_alert_id,
24673 &fail_group_id))
24674 {
24675 case 0:
24676 log_event ("task", "Task", modify_task_data->task_id,
24677 "modified");
24678 SEND_TO_CLIENT_OR_FAIL (XML_OK ("modify_task"));
24679 break;
24680 case 1:
24681 if (send_find_error_to_client ("modify_task", "Task",
24682 modify_task_data->task_id,
24683 gmp_parser))
24684 {
24685 error_send_to_client (error);
24686 return;
24687 }
24688 break;
24689 case 2:
24690 SEND_TO_CLIENT_OR_FAIL
24691 (XML_ERROR_SYNTAX
24692 ("modify_task",
24693 "Status must be New to edit scanner"));
24694 break;
24695 case 3:
24696 if (send_find_error_to_client
24697 ("modify_task", "scanner",
24698 modify_task_data->scanner_id, gmp_parser))
24699 {
24700 error_send_to_client (error);
24701 return;
24702 }
24703 break;
24704 case 4:
24705 if (send_find_error_to_client
24706 ("modify_task", "config",
24707 modify_task_data->config_id, gmp_parser))
24708 {
24709 error_send_to_client (error);
24710 return;
24711 }
24712 break;
24713 case 5:
24714 SEND_TO_CLIENT_OR_FAIL
24715 (XML_ERROR_SYNTAX
24716 ("modify_task",
24717 "Status must be New to edit config"));
24718 break;
24719 case 6:
24720 case 7:
24721 SEND_TO_CLIENT_OR_FAIL
24722 (XML_ERROR_SYNTAX ("modify_task",
24723 "User name error"));
24724 log_event_fail ("task", "Task",
24725 modify_task_data->task_id,
24726 "modified");
24727 break;
24728 case 8:
24729 if (send_find_error_to_client ("modify_task", "alert",
24730 fail_alert_id, gmp_parser))
24731 {
24732 error_send_to_client (error);
24733 return;
24734 }
24735 log_event_fail ("task", "Task",
24736 modify_task_data->task_id,
24737 "modified");
24738 break;
24739 case 9:
24740 SEND_TO_CLIENT_OR_FAIL
24741 (XML_ERROR_SYNTAX ("modify_task",
24742 "Task must be New to modify"
24743 " Alterable state"));
24744 log_event_fail ("task", "Task",
24745 modify_task_data->task_id,
24746 "modified");
24747 break;
24748 case 10:
24749 if (send_find_error_to_client ("modify_task", "group",
24750 fail_group_id, gmp_parser))
24751 {
24752 error_send_to_client (error);
24753 return;
24754 }
24755 log_event_fail ("task", "Task",
24756 modify_task_data->task_id,
24757 "modified");
24758 break;
24759 case 11:
24760 if (send_find_error_to_client
24761 ("modify_task", "schedule",
24762 modify_task_data->schedule_id, gmp_parser))
24763 {
24764 error_send_to_client (error);
24765 return;
24766 }
24767 log_event_fail ("task", "Task",
24768 modify_task_data->task_id,
24769 "modified");
24770 break;
24771 case 12:
24772 if (send_find_error_to_client
24773 ("modify_task", "target",
24774 modify_task_data->target_id, gmp_parser))
24775 {
24776 error_send_to_client (error);
24777 return;
24778 }
24779 log_event_fail ("task", "Task",
24780 modify_task_data->task_id,
24781 "modified");
24782 break;
24783 case 13:
24784 SEND_TO_CLIENT_OR_FAIL
24785 (XML_ERROR_SYNTAX ("modify_task",
24786 "Invalid auto_delete value"));
24787 log_event_fail ("task", "Task",
24788 modify_task_data->task_id,
24789 "modified");
24790 break;
24791 case 14:
24792 SENDF_TO_CLIENT_OR_FAIL
24793 (XML_ERROR_SYNTAX ("modify_task",
24794 "Auto Delete count out of range"
24795 " (must be from %d to %d)"),
24796 AUTO_DELETE_KEEP_MIN, AUTO_DELETE_KEEP_MAX);
24797 log_event_fail ("task", "Task",
24798 modify_task_data->task_id,
24799 "modified");
24800 break;
24801 case 15:
24802 SEND_TO_CLIENT_OR_FAIL
24803 (XML_ERROR_SYNTAX ("modify_task",
24804 "Config and Scanner types mismatch"));
24805 log_event_fail ("task", "Task",
24806 modify_task_data->task_id,
24807 "modified");
24808 break;
24809 case 16:
24810 SEND_TO_CLIENT_OR_FAIL
24811 (XML_ERROR_SYNTAX ("modify_task",
24812 "Status must be New to edit Target"));
24813 log_event_fail ("task", "Task",
24814 modify_task_data->task_id,
24815 "modified");
24816 break;
24817 case 17:
24818 SEND_TO_CLIENT_OR_FAIL
24819 (XML_ERROR_SYNTAX ("modify_task",
24820 "For container tasks only name, comment"
24821 " and observers can be modified"));
24822 log_event_fail ("task", "Task",
24823 modify_task_data->task_id,
24824 "modified");
24825 break;
24826 default:
24827 case -1:
24828 SEND_TO_CLIENT_OR_FAIL
24829 (XML_INTERNAL_ERROR ("modify_task"));
24830 log_event_fail ("task", "Task",
24831 modify_task_data->task_id,
24832 "modified");
24833 break;
24834 }
24835 }
24836 else
24837 SEND_TO_CLIENT_OR_FAIL
24838 (XML_ERROR_SYNTAX ("modify_task",
24839 "A task_id attribute is required"));
24840 modify_task_data_reset (modify_task_data);
24841 set_client_state (CLIENT_AUTHENTIC);
24842 break;
24843 CLOSE (CLIENT_MODIFY_TASK, ALTERABLE);
24844 CLOSE (CLIENT_MODIFY_TASK, COMMENT);
24845 CLOSE (CLIENT_MODIFY_TASK, HOSTS_ORDERING);
24846 CLOSE (CLIENT_MODIFY_TASK, SCANNER);
24847 CLOSE (CLIENT_MODIFY_TASK, CONFIG);
24848 CLOSE (CLIENT_MODIFY_TASK, ALERT);
24849 CLOSE (CLIENT_MODIFY_TASK, NAME);
24850 CLOSE (CLIENT_MODIFY_TASK, OBSERVERS);
24851 CLOSE (CLIENT_MODIFY_TASK, PREFERENCES);
24852 CLOSE (CLIENT_MODIFY_TASK, SCHEDULE);
24853 CLOSE (CLIENT_MODIFY_TASK, SCHEDULE_PERIODS);
24854 CLOSE (CLIENT_MODIFY_TASK, TARGET);
24855 CLOSE (CLIENT_MODIFY_TASK, FILE);
24856
24857 CLOSE (CLIENT_MODIFY_TASK_OBSERVERS, GROUP);
24858
24859 case CLIENT_MODIFY_TASK_PREFERENCES_PREFERENCE:
24860 array_add (modify_task_data->preferences,
24861 modify_task_data->preference);
24862 modify_task_data->preference = NULL;
24863 set_client_state (CLIENT_MODIFY_TASK_PREFERENCES);
24864 break;
24865 case CLIENT_MODIFY_TASK_PREFERENCES_PREFERENCE_NAME:
24866 set_client_state (CLIENT_MODIFY_TASK_PREFERENCES_PREFERENCE);
24867 break;
24868 CLOSE (CLIENT_MODIFY_TASK_PREFERENCES_PREFERENCE, VALUE);
24869
24870 case CLIENT_MODIFY_TICKET:
24871 if (modify_ticket_element_end (gmp_parser, error, element_name))
24872 set_client_state (CLIENT_AUTHENTIC);
24873 break;
24874
24875 case CLIENT_MODIFY_TLS_CERTIFICATE:
24876 if (modify_tls_certificate_element_end (gmp_parser,
24877 error,
24878 element_name))
24879 set_client_state (CLIENT_AUTHENTIC);
24880 break;
24881
24882 case CLIENT_MODIFY_USER:
24883 {
24884 if ((modify_user_data->name == NULL
24885 && modify_user_data->user_id == NULL)
24886 || (modify_user_data->name
24887 && (strlen (modify_user_data->name) == 0))
24888 || (modify_user_data->user_id
24889 && (strlen (modify_user_data->user_id) == 0)))
24890 SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX
24891 ("modify_user",
24892 "A NAME or user_id is required"));
24893 else
24894 {
24895 gchar *fail_group_id, *fail_role_id, *errdesc;
24896
24897 errdesc = NULL;
24898
24899 switch (modify_user
24900 (modify_user_data->user_id,
24901 &modify_user_data->name,
24902 modify_user_data->new_name,
24903 ((modify_user_data->modify_password
24904 && modify_user_data->password)
24905 ? modify_user_data->password
24906 /* Leave the password as it is. */
24907 : NULL),
24908 modify_user_data->comment,
24909 modify_user_data->hosts,
24910 modify_user_data->hosts_allow,
24911 modify_user_data->ifaces,
24912 modify_user_data->ifaces_allow,
24913 modify_user_data->sources,
24914 modify_user_data->groups, &fail_group_id,
24915 modify_user_data->roles, &fail_role_id,
24916 &errdesc))
24917 {
24918 case 0:
24919 SEND_TO_CLIENT_OR_FAIL (XML_OK ("modify_user"));
24920 break;
24921 case 1:
24922 if (send_find_error_to_client
24923 ("modify_user", "group", fail_group_id, gmp_parser))
24924 {
24925 error_send_to_client (error);
24926 return;
24927 }
24928 break;
24929 case 2:
24930 if (send_find_error_to_client
24931 ("modify_user", "user",
24932 modify_user_data->user_id ?: modify_user_data->name,
24933 gmp_parser))
24934 {
24935 error_send_to_client (error);
24936 return;
24937 }
24938 break;
24939 case 3:
24940 SEND_TO_CLIENT_OR_FAIL (XML_OK ("modify_user"));
24941 log_event ("user", "User", modify_user_data->name,
24942 "raised to Admin role");
24943 break;
24944 case 4:
24945 SEND_TO_CLIENT_OR_FAIL (XML_OK ("modify_user"));
24946 log_event ("user", "User", modify_user_data->name,
24947 "downgraded from Admin role");
24948 break;
24949 case 5:
24950 if (send_find_error_to_client
24951 ("modify_user", "role", fail_role_id, gmp_parser))
24952 {
24953 error_send_to_client (error);
24954 return;
24955 }
24956 break;
24957 case 6:
24958 SEND_TO_CLIENT_OR_FAIL
24959 (XML_ERROR_SYNTAX ("modify_user",
24960 "Error in host specification"));
24961 log_event_fail ("user", "User", NULL, "modified");
24962 break;
24963 case 7:
24964 SEND_TO_CLIENT_OR_FAIL
24965 (XML_ERROR_SYNTAX ("modify_user",
24966 "Error in user name"));
24967 log_event_fail ("user", "User", NULL, "modified");
24968 break;
24969 case 8:
24970 SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX
24971 ("modify_user",
24972 "User with name exists already"));
24973 log_event_fail ("user", "User", NULL, "modified");
24974 break;
24975 case 99:
24976 SEND_TO_CLIENT_OR_FAIL
24977 (XML_ERROR_SYNTAX ("modify_user",
24978 "Permission denied"));
24979 break;
24980 case -2:
24981 SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX
24982 ("modify_user", "Unknown role"));
24983 break;
24984 case -3:
24985 SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX
24986 ("modify_user", "Error in SOURCES"));
24987 break;
24988 case -1:
24989 if (errdesc)
24990 {
24991 char *buf = make_xml_error_syntax ("modify_user", errdesc);
24992 SEND_TO_CLIENT_OR_FAIL (buf);
24993 g_free (buf);
24994 break;
24995 }
24996 /* Fall through. */
24997 default:
24998 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("modify_user"));
24999 break;
25000 }
25001 g_free (errdesc);
25002 }
25003 modify_user_data_reset (modify_user_data);
25004 set_client_state (CLIENT_AUTHENTIC);
25005 break;
25006 }
25007 CLOSE (CLIENT_MODIFY_USER, COMMENT);
25008 CLOSE (CLIENT_MODIFY_USER, GROUPS);
25009 CLOSE (CLIENT_MODIFY_USER_GROUPS, GROUP);
25010 CLOSE (CLIENT_MODIFY_USER, HOSTS);
25011 CLOSE (CLIENT_MODIFY_USER, IFACES);
25012 CLOSE (CLIENT_MODIFY_USER, NAME);
25013 CLOSE (CLIENT_MODIFY_USER, NEW_NAME);
25014 CLOSE (CLIENT_MODIFY_USER, PASSWORD);
25015 CLOSE (CLIENT_MODIFY_USER, ROLE);
25016 case CLIENT_MODIFY_USER_SOURCES:
25017 array_terminate (modify_user_data->sources);
25018 set_client_state (CLIENT_MODIFY_USER);
25019 break;
25020 case CLIENT_MODIFY_USER_SOURCES_SOURCE:
25021 array_add (modify_user_data->sources,
25022 g_strdup (modify_user_data->current_source));
25023 g_free (modify_user_data->current_source);
25024 modify_user_data->current_source = NULL;
25025 set_client_state (CLIENT_MODIFY_USER_SOURCES);
25026 break;
25027
25028 case CLIENT_MOVE_TASK:
25029 if (move_task_data->task_id == NULL
25030 || strcmp (move_task_data->task_id, "") == 0)
25031 {
25032 SEND_TO_CLIENT_OR_FAIL
25033 (XML_ERROR_SYNTAX ("move_task",
25034 "A non-empty task_id"
25035 " attribute is required"));
25036 break;
25037 }
25038
25039 if (move_task_data->slave_id == NULL)
25040 {
25041 SEND_TO_CLIENT_OR_FAIL
25042 (XML_ERROR_SYNTAX ("move_task",
25043 "A slave_id attribute is required"));
25044 break;
25045 }
25046
25047 switch (move_task (move_task_data->task_id,
25048 move_task_data->slave_id))
25049 {
25050 case 0:
25051 SEND_TO_CLIENT_OR_FAIL (XML_OK ("move_task"));
25052 break;
25053 case 2:
25054 if (send_find_error_to_client ("move_task",
25055 "Task",
25056 move_task_data->task_id,
25057 gmp_parser))
25058 {
25059 error_send_to_client (error);
25060 return;
25061 }
25062 break;
25063 case 3:
25064 if (send_find_error_to_client ("move_task",
25065 "Slave",
25066 move_task_data->slave_id,
25067 gmp_parser))
25068 {
25069 error_send_to_client (error);
25070 return;
25071 }
25072 break;
25073 case 4:
25074 SEND_TO_CLIENT_OR_FAIL
25075 (XML_ERROR_SYNTAX ("move_task",
25076 "Task must use an OpenVAS scanner to assign"
25077 " a slave."));
25078 break;
25079 case 5:
25080 SEND_TO_CLIENT_OR_FAIL
25081 (XML_ERROR_SYNTAX ("move_task",
25082 "Task cannot be stopped at the moment."));
25083 break;
25084 case 6:
25085 SEND_TO_CLIENT_OR_FAIL
25086 (XML_ERROR_SYNTAX ("move_task",
25087 "Scanner does not allow stopping"
25088 " the Task."));
25089 break;
25090 case 7:
25091 SEND_TO_CLIENT_OR_FAIL
25092 (XML_ERROR_SYNTAX ("move_task",
25093 "Destination scanner does not support"
25094 " slaves."));
25095 break;
25096 case 98:
25097 SEND_TO_CLIENT_OR_FAIL
25098 (XML_ERROR_SYNTAX ("move_task",
25099 "Permission to stop and resume denied"));
25100 break;
25101 case 99:
25102 SEND_TO_CLIENT_OR_FAIL
25103 (XML_ERROR_SYNTAX ("move_task",
25104 "Permission denied"));
25105 break;
25106 default: /* Programming error. */
25107 SEND_TO_CLIENT_OR_FAIL
25108 (XML_INTERNAL_ERROR ("move_task"));
25109 assert (0);
25110 break;
25111 }
25112 move_task_data_reset (move_task_data);
25113 set_client_state (CLIENT_AUTHENTIC);
25114 break;
25115
25116 case CLIENT_TEST_ALERT:
25117 if (test_alert_data->alert_id)
25118 {
25119 gchar *script_message = NULL;
25120 switch (manage_test_alert (test_alert_data->alert_id,
25121 &script_message))
25122 {
25123 case 0:
25124 SEND_TO_CLIENT_OR_FAIL (XML_OK ("test_alert"));
25125 break;
25126 case 1:
25127 if (send_find_error_to_client
25128 ("test_alert", "alert", test_alert_data->alert_id,
25129 gmp_parser))
25130 {
25131 error_send_to_client (error);
25132 return;
25133 }
25134 break;
25135 case 99:
25136 SEND_TO_CLIENT_OR_FAIL
25137 (XML_ERROR_SYNTAX ("test_alert",
25138 "Permission denied"));
25139 break;
25140 case 2:
25141 case -1:
25142 SEND_TO_CLIENT_OR_FAIL
25143 (XML_INTERNAL_ERROR ("test_alert"));
25144 break;
25145 case -2:
25146 SEND_TO_CLIENT_OR_FAIL
25147 (XML_ERROR_SYNTAX ("test_alert",
25148 "Failed to find report format for"
25149 " alert"));
25150 break;
25151 case -3:
25152 SEND_TO_CLIENT_OR_FAIL
25153 (XML_ERROR_SYNTAX ("test_alert",
25154 "Failed to find filter for alert"));
25155 break;
25156 case -4:
25157 SEND_TO_CLIENT_OR_FAIL
25158 (XML_ERROR_SYNTAX ("test_alert",
25159 "Failed to find credential for alert"));
25160 break;
25161 case -5:
25162 if (script_message)
25163 {
25164 gchar *msg;
25165 msg = g_markup_printf_escaped
25166 ("<test_alert_response status=\"400\""
25167 " status_text=\"Alert script failed\">"
25168 "<status_details>%s</status_details>"
25169 "</test_alert_response>",
25170 script_message);
25171
25172 if (send_to_client (msg, gmp_parser->client_writer,
25173 gmp_parser->client_writer_data))
25174 {
25175 error_send_to_client (error);
25176 g_free (msg);
25177 return;
25178 }
25179 g_free (msg);
25180 }
25181 else
25182 {
25183 SEND_TO_CLIENT_OR_FAIL
25184 (XML_ERROR_SYNTAX ("test_alert",
25185 "Alert script failed"));
25186 }
25187 break;
25188 default: /* Programming error. */
25189 assert (0);
25190 SEND_TO_CLIENT_OR_FAIL
25191 (XML_INTERNAL_ERROR ("test_alert"));
25192 break;
25193 }
25194 }
25195 else
25196 SEND_TO_CLIENT_OR_FAIL
25197 (XML_ERROR_SYNTAX ("test_alert",
25198 "An alert_id"
25199 " attribute is required"));
25200 test_alert_data_reset (test_alert_data);
25201 set_client_state (CLIENT_AUTHENTIC);
25202 break;
25203
25204 case CLIENT_RESTORE:
25205 if (restore_data->id)
25206 {
25207 switch (manage_restore (restore_data->id))
25208 {
25209 case 0:
25210 SEND_TO_CLIENT_OR_FAIL (XML_OK ("restore"));
25211 log_event ("resource", "Resource", restore_data->id,
25212 "restored");
25213 break;
25214 case 1:
25215 SEND_TO_CLIENT_OR_FAIL
25216 (XML_ERROR_SYNTAX ("restore",
25217 "Resource refers into trashcan"));
25218 break;
25219 case 2:
25220 if (send_find_error_to_client ("restore", "resource",
25221 restore_data->id, gmp_parser))
25222 {
25223 error_send_to_client (error);
25224 return;
25225 }
25226 break;
25227 case 3:
25228 SEND_TO_CLIENT_OR_FAIL
25229 (XML_ERROR_SYNTAX ("restore",
25230 "A resource with this name exists"
25231 " already"));
25232 break;
25233 case 4:
25234 SEND_TO_CLIENT_OR_FAIL
25235 (XML_ERROR_SYNTAX ("restore",
25236 "A resource with this UUID exists"
25237 " already"));
25238 break;
25239 case 99:
25240 SEND_TO_CLIENT_OR_FAIL
25241 (XML_ERROR_SYNTAX ("restore",
25242 "Permission denied"));
25243 break;
25244 default: /* Programming error. */
25245 assert (0);
25246 case -1:
25247 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("restore"));
25248 break;
25249 }
25250 }
25251 else
25252 SEND_TO_CLIENT_OR_FAIL
25253 (XML_ERROR_SYNTAX ("restore",
25254 "An id attribute is required"));
25255 restore_data_reset (restore_data);
25256 set_client_state (CLIENT_AUTHENTIC);
25257 break;
25258
25259 case CLIENT_RESUME_TASK:
25260 if (resume_task_data->task_id)
25261 {
25262 char *report_id;
25263 switch (resume_task (resume_task_data->task_id, &report_id))
25264 {
25265 case 0:
25266 {
25267 gchar *msg;
25268 msg = g_strdup_printf
25269 ("<resume_task_response"
25270 " status=\"" STATUS_OK_REQUESTED "\""
25271 " status_text=\""
25272 STATUS_OK_REQUESTED_TEXT
25273 "\">"
25274 "<report_id>%s</report_id>"
25275 "</resume_task_response>",
25276 report_id);
25277 free (report_id);
25278 if (send_to_client (msg,
25279 write_to_client,
25280 write_to_client_data))
25281 {
25282 g_free (msg);
25283 error_send_to_client (error);
25284 return;
25285 }
25286 g_free (msg);
25287 }
25288 log_event ("task", "Task",
25289 resume_task_data->task_id,
25290 "resumed");
25291 break;
25292 case 1:
25293 SEND_TO_CLIENT_OR_FAIL
25294 (XML_ERROR_SYNTAX ("resume_task",
25295 "Task is active already"));
25296 log_event_fail ("task", "Task",
25297 resume_task_data->task_id,
25298 "resumed");
25299 break;
25300 case 22:
25301 SEND_TO_CLIENT_OR_FAIL
25302 (XML_ERROR_SYNTAX ("resume_task",
25303 "Task must be in Stopped or Interrupted state"));
25304 log_event_fail ("task", "Task",
25305 resume_task_data->task_id,
25306 "resumed");
25307 break;
25308 case 4:
25309 SEND_TO_CLIENT_OR_FAIL
25310 (XML_ERROR_SYNTAX ("resume_task",
25311 "Resuming not supported"));
25312 log_event_fail ("task", "Task",
25313 resume_task_data->task_id,
25314 "resumed");
25315 break;
25316 case 3: /* Find failed. */
25317 if (send_find_error_to_client
25318 ("resume_task", "task", resume_task_data->task_id,
25319 gmp_parser))
25320 {
25321 error_send_to_client (error);
25322 return;
25323 }
25324 break;
25325 case 99:
25326 SEND_TO_CLIENT_OR_FAIL
25327 (XML_ERROR_SYNTAX ("resume_task",
25328 "Permission denied"));
25329 log_event_fail ("task", "Task",
25330 resume_task_data->task_id,
25331 "resumed");
25332 break;
25333 case -6:
25334 SEND_TO_CLIENT_OR_FAIL
25335 (XML_ERROR_SYNTAX ("resume_task",
25336 "There is already a task running in"
25337 " this process"));
25338 log_event_fail ("task", "Task",
25339 resume_task_data->task_id,
25340 "resumed");
25341 break;
25342 case -2:
25343 /* Task target lacks hosts. This is checked when the
25344 * target is created. */
25345 assert (0);
25346 /* fallthrough */
25347 case -4:
25348 /* Task lacks target. This is checked when the task is
25349 * created anyway. */
25350 assert (0);
25351 /* fallthrough */
25352 case -1:
25353 case -3: /* Failed to create report. */
25354 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("resume_task"));
25355 log_event_fail ("task", "Task",
25356 resume_task_data->task_id,
25357 "resumed");
25358 break;
25359 case -5:
25360 SEND_XML_SERVICE_DOWN ("resume_task");
25361 log_event_fail ("task", "Task",
25362 resume_task_data->task_id,
25363 "resumed");
25364 break;
25365 case -7:
25366 SEND_TO_CLIENT_OR_FAIL
25367 (XML_ERROR_SYNTAX ("resume_task", "No CA certificate"));
25368 log_event_fail ("task", "Task",
25369 resume_task_data->task_id,
25370 "resumed");
25371 break;
25372 default: /* Programming error. */
25373 assert (0);
25374 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("resume_task"));
25375 log_event_fail ("task", "Task",
25376 resume_task_data->task_id,
25377 "resumed");
25378 break;
25379 }
25380 }
25381 else
25382 SEND_TO_CLIENT_OR_FAIL
25383 (XML_ERROR_SYNTAX ("resume_task",
25384 "A task_id"
25385 " attribute is required"));
25386 resume_task_data_reset (resume_task_data);
25387 set_client_state (CLIENT_AUTHENTIC);
25388 break;
25389
25390 case CLIENT_RUN_WIZARD:
25391 if (run_wizard_data->name)
25392 {
25393 gchar *command_error, *command_error_code;
25394 gchar *response = NULL;
25395 int read_only;
25396
25397 read_only = (run_wizard_data->read_only
25398 && strcmp (run_wizard_data->read_only, "")
25399 && strcmp (run_wizard_data->read_only, "0"));
25400
25401 switch (manage_run_wizard (run_wizard_data->name,
25402 (int (*) (void *, gchar *, gchar **))
25403 process_gmp,
25404 gmp_parser,
25405 run_wizard_data->params,
25406 read_only,
25407 run_wizard_data->mode,
25408 &command_error,
25409 &command_error_code,
25410 &response))
25411 {
25412 case 0:
25413 {
25414 gchar *msg;
25415 msg = g_strdup_printf
25416 ("<run_wizard_response"
25417 " status=\"%s\""
25418 " status_text=\"%s\">"
25419 "%s%s%s"
25420 "</run_wizard_response>",
25421 command_error_code ? command_error_code
25422 : STATUS_OK_REQUESTED,
25423 command_error ? command_error
25424 : STATUS_OK_REQUESTED_TEXT,
25425 response ? "<response>" : "",
25426 response ? response : "",
25427 response ? "</response>" : "");
25428 if (send_to_client (msg,
25429 write_to_client,
25430 write_to_client_data))
25431 {
25432 g_free (msg);
25433 g_free (response);
25434 error_send_to_client (error);
25435 return;
25436 }
25437 g_free (msg);
25438 g_free (response);
25439 if (run_wizard_data->read_only == 0)
25440 log_event ("wizard", "Wizard", run_wizard_data->name,
25441 "run");
25442 break;
25443 }
25444
25445 case 1:
25446 {
25447 SEND_TO_CLIENT_OR_FAIL
25448 (XML_ERROR_SYNTAX ("run_wizard",
25449 "NAME characters must be alphanumeric"
25450 " or underscore"));
25451 run_wizard_data_reset (run_wizard_data);
25452 set_client_state (CLIENT_AUTHENTIC);
25453 break;
25454 }
25455
25456 case 4:
25457 case 6:
25458 {
25459 gchar *msg;
25460 msg = g_strdup_printf
25461 ("<run_wizard_response"
25462 " status=\"%s\""
25463 " status_text=\"%s\"/>",
25464 command_error_code ? command_error_code
25465 : STATUS_ERROR_SYNTAX,
25466 command_error ? command_error : "Internal Error");
25467 if (command_error)
25468 g_free (command_error);
25469 if (send_to_client (msg,
25470 write_to_client,
25471 write_to_client_data))
25472 {
25473 g_free (msg);
25474 error_send_to_client (error);
25475 return;
25476 }
25477 g_free (msg);
25478 log_event_fail ("wizard", "Wizard", run_wizard_data->name,
25479 "run");
25480 break;
25481 }
25482
25483 case 5:
25484 {
25485 SEND_TO_CLIENT_OR_FAIL
25486 (XML_ERROR_SYNTAX ("run_wizard",
25487 "Wizard is not marked as read only"));
25488 break;
25489 }
25490
25491 case 99:
25492 {
25493 SEND_TO_CLIENT_OR_FAIL
25494 (XML_ERROR_SYNTAX ("run_wizard",
25495 "Permission denied"));
25496 break;
25497 }
25498
25499 case -1:
25500 {
25501 /* Internal error. */
25502 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("run_wizard"));
25503 log_event_fail ("wizard", "Wizard", run_wizard_data->name,
25504 "run");
25505 break;
25506 }
25507 }
25508 }
25509 else
25510 SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX ("run_wizard",
25511 "A NAME"
25512 " element is required"));
25513 run_wizard_data_reset (run_wizard_data);
25514 set_client_state (CLIENT_AUTHENTIC);
25515 break;
25516
25517 CLOSE (CLIENT_RUN_WIZARD, MODE);
25518 CLOSE (CLIENT_RUN_WIZARD, NAME);
25519 CLOSE (CLIENT_RUN_WIZARD, PARAMS);
25520 CLOSE (CLIENT_RUN_WIZARD_PARAMS_PARAM, NAME);
25521 CLOSE (CLIENT_RUN_WIZARD_PARAMS_PARAM, VALUE);
25522
25523 case CLIENT_RUN_WIZARD_PARAMS_PARAM:
25524 array_add (run_wizard_data->params, run_wizard_data->param);
25525 run_wizard_data->param = NULL;
25526 set_client_state (CLIENT_RUN_WIZARD_PARAMS);
25527 break;
25528
25529 case CLIENT_START_TASK:
25530 if (start_task_data->task_id)
25531 {
25532 char *report_id = NULL;
25533
25534 switch (start_task (start_task_data->task_id, &report_id))
25535 {
25536 case 0:
25537 {
25538 gchar *msg;
25539 msg = g_strdup_printf
25540 ("<start_task_response"
25541 " status=\"" STATUS_OK_REQUESTED "\""
25542 " status_text=\""
25543 STATUS_OK_REQUESTED_TEXT
25544 "\">"
25545 "<report_id>%s</report_id>"
25546 "</start_task_response>",
25547 report_id ?: "0");
25548 g_free (report_id);
25549 if (send_to_client (msg,
25550 write_to_client,
25551 write_to_client_data))
25552 {
25553 g_free (msg);
25554 error_send_to_client (error);
25555 return;
25556 }
25557 g_free (msg);
25558 log_event ("task", "Task", start_task_data->task_id,
25559 "requested to start");
25560 }
25561 break;
25562 case 1:
25563 SEND_TO_CLIENT_OR_FAIL
25564 (XML_ERROR_SYNTAX ("start_task",
25565 "Task is active already"));
25566 log_event_fail ("task", "Task",
25567 start_task_data->task_id,
25568 "started");
25569 break;
25570 case 3: /* Find failed. */
25571 if (send_find_error_to_client ("start_task", "task",
25572 start_task_data->task_id,
25573 gmp_parser))
25574 {
25575 error_send_to_client (error);
25576 return;
25577 }
25578 break;
25579 case 99:
25580 SEND_TO_CLIENT_OR_FAIL
25581 (XML_ERROR_SYNTAX ("start_task",
25582 "Permission denied"));
25583 log_event_fail ("task", "Task",
25584 start_task_data->task_id,
25585 "started");
25586 break;
25587 case -2:
25588 /* Task lacks target. This is true for container
25589 * tasks. */
25590 SEND_TO_CLIENT_OR_FAIL
25591 (XML_ERROR_SYNTAX ("start_task",
25592 "Task must have a target"));
25593 log_event_fail ("task", "Task",
25594 start_task_data->task_id,
25595 "started");
25596 break;
25597 case -4:
25598 /* Task target lacks hosts. This is checked when the
25599 * target is created. */
25600 assert (0);
25601 /* fallthrough */
25602 case -9:
25603 /* Fork failed. */
25604 /* fallthrough */
25605 case -3: /* Failed to create report. */
25606 case -1:
25607 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("start_task"));
25608 log_event_fail ("task", "Task",
25609 start_task_data->task_id,
25610 "started");
25611 break;
25612 case -5:
25613 SEND_XML_SERVICE_DOWN ("start_task");
25614 log_event_fail ("task", "Task",
25615 start_task_data->task_id,
25616 "started");
25617 break;
25618 case -6:
25619 SEND_TO_CLIENT_OR_FAIL
25620 (XML_ERROR_SYNTAX ("start_task",
25621 "There is already a task running in"
25622 " this process"));
25623 log_event_fail ("task", "Task",
25624 start_task_data->task_id,
25625 "started");
25626 break;
25627 case -7:
25628 SEND_TO_CLIENT_OR_FAIL
25629 (XML_ERROR_SYNTAX ("start_task", "No CA certificate"));
25630 log_event_fail ("task", "Task",
25631 start_task_data->task_id,
25632 "started");
25633 break;
25634 default: /* Programming error. */
25635 assert (0);
25636 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("start_task"));
25637 log_event_fail ("task", "Task",
25638 start_task_data->task_id,
25639 "started");
25640 break;
25641 }
25642 }
25643 else
25644 SEND_TO_CLIENT_OR_FAIL
25645 (XML_ERROR_SYNTAX ("start_task",
25646 "A task_id attribute is required"));
25647 start_task_data_reset (start_task_data);
25648 set_client_state (CLIENT_AUTHENTIC);
25649 break;
25650
25651 case CLIENT_STOP_TASK:
25652 if (stop_task_data->task_id)
25653 {
25654 switch (stop_task (stop_task_data->task_id))
25655 {
25656 case 0: /* Stopped. */
25657 SEND_TO_CLIENT_OR_FAIL (XML_OK ("stop_task"));
25658 log_event ("task", "Task", stop_task_data->task_id,
25659 "stopped");
25660 break;
25661 case 1: /* Stop requested. */
25662 SEND_TO_CLIENT_OR_FAIL (XML_OK_REQUESTED ("stop_task"));
25663 log_event ("task", "Task", stop_task_data->task_id,
25664 "requested to stop");
25665 break;
25666 case 3: /* Find failed. */
25667 if (send_find_error_to_client ("stop_task", "task",
25668 stop_task_data->task_id,
25669 gmp_parser))
25670 {
25671 error_send_to_client (error);
25672 return;
25673 }
25674 break;
25675 case 99:
25676 SEND_TO_CLIENT_OR_FAIL
25677 (XML_ERROR_SYNTAX ("stop_task",
25678 "Permission denied"));
25679 log_event_fail ("task", "Task",
25680 stop_task_data->task_id,
25681 "stopped");
25682 break;
25683 default: /* Programming error. */
25684 assert (0);
25685 case -1:
25686 /* Some other error occurred. */
25687 /** @todo Should respond with internal error. */
25688 abort ();
25689 }
25690 }
25691 else
25692 SEND_TO_CLIENT_OR_FAIL
25693 (XML_ERROR_SYNTAX ("stop_task",
25694 "A task_id attribute is required"));
25695 stop_task_data_reset (stop_task_data);
25696 set_client_state (CLIENT_AUTHENTIC);
25697 break;
25698
25699 case CLIENT_SYNC_CONFIG:
25700 handle_sync_config (gmp_parser, error);
25701 break;
25702
25703 case CLIENT_VERIFY_REPORT_FORMAT:
25704 if (verify_report_format_data->report_format_id)
25705 {
25706 switch (verify_report_format
25707 (verify_report_format_data->report_format_id))
25708 {
25709 case 0:
25710 SEND_TO_CLIENT_OR_FAIL (XML_OK ("verify_report_format"));
25711 break;
25712 case 1:
25713 if (send_find_error_to_client
25714 ("verify_report_format", "report format",
25715 verify_report_format_data->report_format_id,
25716 gmp_parser))
25717 {
25718 error_send_to_client (error);
25719 return;
25720 }
25721 break;
25722 case 99:
25723 SEND_TO_CLIENT_OR_FAIL
25724 (XML_ERROR_SYNTAX ("verify_report_format",
25725 "Permission denied"));
25726 break;
25727 default:
25728 SEND_TO_CLIENT_OR_FAIL
25729 (XML_INTERNAL_ERROR ("verify_report_format"));
25730 break;
25731 }
25732 }
25733 else
25734 SEND_TO_CLIENT_OR_FAIL
25735 (XML_ERROR_SYNTAX ("verify_report_format",
25736 "A report_format_id"
25737 " attribute is required"));
25738 verify_report_format_data_reset (verify_report_format_data);
25739 set_client_state (CLIENT_AUTHENTIC);
25740 break;
25741
25742 case CLIENT_VERIFY_SCANNER:
25743 if (verify_scanner_data->scanner_id)
25744 {
25745 char *version = NULL;
25746 switch (verify_scanner (verify_scanner_data->scanner_id, &version))
25747 {
25748 case 0:
25749 SENDF_TO_CLIENT_OR_FAIL
25750 ("<verify_scanner_response status=\"" STATUS_OK "\""
25751 " status_text=\"" STATUS_OK_TEXT "\">"
25752 "<version>%s</version>"
25753 "</verify_scanner_response>", version);
25754 break;
25755 case 1:
25756 if (send_find_error_to_client
25757 ("verify_scanner", "scanner",
25758 verify_scanner_data->scanner_id, gmp_parser))
25759 {
25760 error_send_to_client (error);
25761 return;
25762 }
25763 break;
25764 case 2:
25765 SEND_TO_CLIENT_OR_FAIL
25766 (XML_ERROR_UNAVAILABLE ("verify_scanner",
25767 "Service unavailable"));
25768 break;
25769 case 3:
25770 SENDF_TO_CLIENT_OR_FAIL
25771 ("<verify_scanner_response status=\"%s\""
25772 " status_text=\"Failed to authenticate\">"
25773 "<version>%s</version>"
25774 "</verify_scanner_response>",
25775 STATUS_SERVICE_UNAVAILABLE,
25776 version);
25777 break;
25778 case 99:
25779 SEND_TO_CLIENT_OR_FAIL
25780 (XML_ERROR_SYNTAX ("verify_scanner", "Permission denied"));
25781 break;
25782 default:
25783 SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR
25784 ("verify_scanner"));
25785 break;
25786 }
25787 }
25788 else
25789 SEND_TO_CLIENT_OR_FAIL
25790 (XML_ERROR_SYNTAX ("verify_scanner",
25791 "A scanner_id attribute is required"));
25792 verify_scanner_data_reset (verify_scanner_data);
25793 set_client_state (CLIENT_AUTHENTIC);
25794 break;
25795
25796 default:
25797 assert (0);
25798 break;
25799 }
25800 }
25801
25802 /**
25803 * @brief Append text to a var for a case in gmp_xml_hand_text.
25804 *
25805 * @param[in] state Parser state.
25806 * @param[in] dest Append destination.
25807 */
25808 #define APPEND(state, dest) \
25809 case state: \
25810 gvm_append_text (dest, text, text_len); \
25811 break;
25812
25813 /**
25814 * @brief Handle the addition of text to a GMP XML element.
25815 *
25816 * React to the addition of text to the value of an XML element.
25817 * React according to the current value of \ref client_state,
25818 * usually appending the text to some part of the current task
25819 * with functions like gvm_append_text and \ref append_to_task_comment.
25820 *
25821 * @param[in] context Parser context.
25822 * @param[in] text The text.
25823 * @param[in] text_len Length of the text.
25824 * @param[in] user_data Dummy parameter.
25825 * @param[in] error Error parameter.
25826 */
25827 static void
gmp_xml_handle_text(GMarkupParseContext * context,const gchar * text,gsize text_len,gpointer user_data,GError ** error)25828 gmp_xml_handle_text (/* unused */ GMarkupParseContext* context,
25829 const gchar *text,
25830 gsize text_len,
25831 /* unused */ gpointer user_data,
25832 /* unused */ GError **error)
25833 {
25834 if (text_len == 0) return;
25835 g_debug (" XML text: %s", text);
25836 switch (client_state)
25837 {
25838 case CLIENT_AUTHENTICATE_CREDENTIALS_USERNAME:
25839 append_to_credentials_username (¤t_credentials, text, text_len);
25840 break;
25841
25842 case CLIENT_AUTHENTICATE_CREDENTIALS_PASSWORD:
25843 append_to_credentials_password (¤t_credentials, text, text_len);
25844 break;
25845
25846
25847 case CLIENT_MODIFY_CONFIG:
25848 modify_config_element_text (text, text_len);
25849 break;
25850
25851
25852 APPEND (CLIENT_MODIFY_CREDENTIAL_ALLOW_INSECURE,
25853 &modify_credential_data->allow_insecure);
25854
25855 APPEND (CLIENT_MODIFY_CREDENTIAL_AUTH_ALGORITHM,
25856 &modify_credential_data->auth_algorithm);
25857
25858 APPEND (CLIENT_MODIFY_CREDENTIAL_CERTIFICATE,
25859 &modify_credential_data->certificate);
25860
25861 APPEND (CLIENT_MODIFY_CREDENTIAL_COMMENT,
25862 &modify_credential_data->comment);
25863
25864 APPEND (CLIENT_MODIFY_CREDENTIAL_COMMUNITY,
25865 &modify_credential_data->community);
25866
25867 APPEND (CLIENT_MODIFY_CREDENTIAL_KEY_PHRASE,
25868 &modify_credential_data->key_phrase);
25869
25870 APPEND (CLIENT_MODIFY_CREDENTIAL_KEY_PRIVATE,
25871 &modify_credential_data->key_private);
25872
25873 APPEND (CLIENT_MODIFY_CREDENTIAL_KEY_PUBLIC,
25874 &modify_credential_data->key_public);
25875
25876 APPEND (CLIENT_MODIFY_CREDENTIAL_LOGIN,
25877 &modify_credential_data->login);
25878
25879 APPEND (CLIENT_MODIFY_CREDENTIAL_NAME,
25880 &modify_credential_data->name);
25881
25882 APPEND (CLIENT_MODIFY_CREDENTIAL_PASSWORD,
25883 &modify_credential_data->password);
25884
25885 APPEND (CLIENT_MODIFY_CREDENTIAL_PRIVACY_ALGORITHM,
25886 &modify_credential_data->privacy_algorithm);
25887
25888 APPEND (CLIENT_MODIFY_CREDENTIAL_PRIVACY_PASSWORD,
25889 &modify_credential_data->privacy_password);
25890
25891
25892
25893 APPEND (CLIENT_MODIFY_REPORT_FORMAT_ACTIVE,
25894 &modify_report_format_data->active);
25895
25896 APPEND (CLIENT_MODIFY_REPORT_FORMAT_NAME,
25897 &modify_report_format_data->name);
25898
25899 APPEND (CLIENT_MODIFY_REPORT_FORMAT_SUMMARY,
25900 &modify_report_format_data->summary);
25901
25902 APPEND (CLIENT_MODIFY_REPORT_FORMAT_PARAM_NAME,
25903 &modify_report_format_data->param_name);
25904
25905 APPEND (CLIENT_MODIFY_REPORT_FORMAT_PARAM_VALUE,
25906 &modify_report_format_data->param_value);
25907
25908
25909 APPEND (CLIENT_MODIFY_SETTING_NAME,
25910 &modify_setting_data->name);
25911
25912 APPEND (CLIENT_MODIFY_SETTING_VALUE,
25913 &modify_setting_data->value);
25914
25915
25916 APPEND (CLIENT_MODIFY_TASK_ALTERABLE,
25917 &modify_task_data->alterable);
25918
25919 APPEND (CLIENT_MODIFY_TASK_COMMENT,
25920 &modify_task_data->comment);
25921
25922 APPEND (CLIENT_MODIFY_TASK_HOSTS_ORDERING,
25923 &modify_task_data->hosts_ordering);
25924
25925 APPEND (CLIENT_MODIFY_TASK_NAME,
25926 &modify_task_data->name);
25927
25928 APPEND (CLIENT_MODIFY_TASK_OBSERVERS,
25929 &modify_task_data->observers);
25930
25931 APPEND (CLIENT_MODIFY_TASK_FILE,
25932 &modify_task_data->file);
25933
25934 APPEND (CLIENT_MODIFY_TASK_SCHEDULE_PERIODS,
25935 &modify_task_data->schedule_periods);
25936
25937
25938 APPEND (CLIENT_MODIFY_TASK_PREFERENCES_PREFERENCE_NAME,
25939 &modify_task_data->preference->name);
25940
25941 APPEND (CLIENT_MODIFY_TASK_PREFERENCES_PREFERENCE_VALUE,
25942 &modify_task_data->preference->value);
25943
25944 APPEND (CLIENT_MODIFY_USER_COMMENT,
25945 &modify_user_data->comment);
25946
25947 APPEND (CLIENT_MODIFY_USER_HOSTS,
25948 &modify_user_data->hosts);
25949
25950 APPEND (CLIENT_MODIFY_USER_IFACES,
25951 &modify_user_data->ifaces);
25952
25953 APPEND (CLIENT_MODIFY_USER_NAME,
25954 &modify_user_data->name);
25955
25956 APPEND (CLIENT_MODIFY_USER_NEW_NAME,
25957 &modify_user_data->new_name);
25958
25959 APPEND (CLIENT_MODIFY_USER_PASSWORD,
25960 &modify_user_data->password);
25961
25962 APPEND (CLIENT_MODIFY_USER_SOURCES_SOURCE,
25963 &modify_user_data->current_source);
25964
25965
25966 APPEND (CLIENT_CREATE_ASSET_ASSET_COMMENT,
25967 &create_asset_data->comment);
25968
25969 APPEND (CLIENT_CREATE_ASSET_ASSET_NAME,
25970 &create_asset_data->name);
25971
25972 APPEND (CLIENT_CREATE_ASSET_ASSET_TYPE,
25973 &create_asset_data->type);
25974
25975 APPEND (CLIENT_CREATE_ASSET_REPORT_FILTER_TERM,
25976 &create_asset_data->filter_term);
25977
25978
25979 APPEND (CLIENT_CREATE_CREDENTIAL_ALLOW_INSECURE,
25980 &create_credential_data->allow_insecure);
25981
25982 APPEND (CLIENT_CREATE_CREDENTIAL_AUTH_ALGORITHM,
25983 &create_credential_data->auth_algorithm);
25984
25985 APPEND (CLIENT_CREATE_CREDENTIAL_CERTIFICATE,
25986 &create_credential_data->certificate);
25987
25988 APPEND (CLIENT_CREATE_CREDENTIAL_COMMENT,
25989 &create_credential_data->comment);
25990
25991 APPEND (CLIENT_CREATE_CREDENTIAL_COMMUNITY,
25992 &create_credential_data->community);
25993
25994 APPEND (CLIENT_CREATE_CREDENTIAL_COPY,
25995 &create_credential_data->copy);
25996
25997 APPEND (CLIENT_CREATE_CREDENTIAL_KEY_PHRASE,
25998 &create_credential_data->key_phrase);
25999
26000 APPEND (CLIENT_CREATE_CREDENTIAL_KEY_PRIVATE,
26001 &create_credential_data->key_private);
26002
26003 APPEND (CLIENT_CREATE_CREDENTIAL_KEY_PUBLIC,
26004 &create_credential_data->key_public);
26005
26006 APPEND (CLIENT_CREATE_CREDENTIAL_LOGIN,
26007 &create_credential_data->login);
26008
26009 APPEND (CLIENT_CREATE_CREDENTIAL_NAME,
26010 &create_credential_data->name);
26011
26012 APPEND (CLIENT_CREATE_CREDENTIAL_PASSWORD,
26013 &create_credential_data->password);
26014
26015 APPEND (CLIENT_CREATE_CREDENTIAL_PRIVACY_ALGORITHM,
26016 &create_credential_data->privacy_algorithm);
26017
26018 APPEND (CLIENT_CREATE_CREDENTIAL_PRIVACY_PASSWORD,
26019 &create_credential_data->privacy_password);
26020
26021 APPEND (CLIENT_CREATE_CREDENTIAL_TYPE,
26022 &create_credential_data->type);
26023
26024
26025 APPEND (CLIENT_CREATE_ALERT_ACTIVE,
26026 &create_alert_data->active);
26027
26028 APPEND (CLIENT_CREATE_ALERT_COMMENT,
26029 &create_alert_data->comment);
26030
26031 APPEND (CLIENT_CREATE_ALERT_COPY,
26032 &create_alert_data->copy);
26033
26034 APPEND (CLIENT_CREATE_ALERT_CONDITION,
26035 &create_alert_data->condition);
26036
26037 APPEND (CLIENT_CREATE_ALERT_EVENT,
26038 &create_alert_data->event);
26039
26040 APPEND (CLIENT_CREATE_ALERT_METHOD,
26041 &create_alert_data->method);
26042
26043 APPEND (CLIENT_CREATE_ALERT_NAME,
26044 &create_alert_data->name);
26045
26046
26047 APPEND (CLIENT_CREATE_ALERT_CONDITION_DATA,
26048 &create_alert_data->part_data);
26049
26050 APPEND (CLIENT_CREATE_ALERT_EVENT_DATA,
26051 &create_alert_data->part_data);
26052
26053 APPEND (CLIENT_CREATE_ALERT_METHOD_DATA,
26054 &create_alert_data->part_data);
26055
26056
26057 APPEND (CLIENT_CREATE_ALERT_CONDITION_DATA_NAME,
26058 &create_alert_data->part_name);
26059
26060 APPEND (CLIENT_CREATE_ALERT_EVENT_DATA_NAME,
26061 &create_alert_data->part_name);
26062
26063 APPEND (CLIENT_CREATE_ALERT_METHOD_DATA_NAME,
26064 &create_alert_data->part_name);
26065
26066
26067 case CLIENT_CREATE_CONFIG:
26068 create_config_element_text (text, text_len);
26069 break;
26070
26071
26072 APPEND (CLIENT_CREATE_FILTER_COMMENT,
26073 &create_filter_data->comment);
26074
26075 APPEND (CLIENT_CREATE_FILTER_COPY,
26076 &create_filter_data->copy);
26077
26078 APPEND (CLIENT_CREATE_FILTER_NAME,
26079 &create_filter_data->name);
26080
26081 APPEND (CLIENT_CREATE_FILTER_TERM,
26082 &create_filter_data->term);
26083
26084 APPEND (CLIENT_CREATE_FILTER_TYPE,
26085 &create_filter_data->type);
26086
26087
26088 APPEND (CLIENT_CREATE_GROUP_COMMENT,
26089 &create_group_data->comment);
26090
26091 APPEND (CLIENT_CREATE_GROUP_COPY,
26092 &create_group_data->copy);
26093
26094 APPEND (CLIENT_CREATE_GROUP_NAME,
26095 &create_group_data->name);
26096
26097 APPEND (CLIENT_CREATE_GROUP_USERS,
26098 &create_group_data->users);
26099
26100
26101 APPEND (CLIENT_CREATE_NOTE_ACTIVE,
26102 &create_note_data->active);
26103
26104 APPEND (CLIENT_CREATE_NOTE_COPY,
26105 &create_note_data->copy);
26106
26107 APPEND (CLIENT_CREATE_NOTE_HOSTS,
26108 &create_note_data->hosts);
26109
26110 APPEND (CLIENT_CREATE_NOTE_PORT,
26111 &create_note_data->port);
26112
26113 APPEND (CLIENT_CREATE_NOTE_SEVERITY,
26114 &create_note_data->severity);
26115
26116 APPEND (CLIENT_CREATE_NOTE_TEXT,
26117 &create_note_data->text);
26118
26119 APPEND (CLIENT_CREATE_NOTE_THREAT,
26120 &create_note_data->threat);
26121
26122
26123 APPEND (CLIENT_CREATE_OVERRIDE_ACTIVE,
26124 &create_override_data->active);
26125
26126 APPEND (CLIENT_CREATE_OVERRIDE_COPY,
26127 &create_override_data->copy);
26128
26129 APPEND (CLIENT_CREATE_OVERRIDE_HOSTS,
26130 &create_override_data->hosts);
26131
26132 APPEND (CLIENT_CREATE_OVERRIDE_NEW_SEVERITY,
26133 &create_override_data->new_severity);
26134
26135 APPEND (CLIENT_CREATE_OVERRIDE_NEW_THREAT,
26136 &create_override_data->new_threat);
26137
26138 APPEND (CLIENT_CREATE_OVERRIDE_PORT,
26139 &create_override_data->port);
26140
26141 APPEND (CLIENT_CREATE_OVERRIDE_SEVERITY,
26142 &create_override_data->severity);
26143
26144 APPEND (CLIENT_CREATE_OVERRIDE_TEXT,
26145 &create_override_data->text);
26146
26147 APPEND (CLIENT_CREATE_OVERRIDE_THREAT,
26148 &create_override_data->threat);
26149
26150
26151 APPEND (CLIENT_CREATE_PERMISSION_COMMENT,
26152 &create_permission_data->comment);
26153
26154 APPEND (CLIENT_CREATE_PERMISSION_COPY,
26155 &create_permission_data->copy);
26156
26157 APPEND (CLIENT_CREATE_PERMISSION_NAME,
26158 &create_permission_data->name);
26159
26160 APPEND (CLIENT_CREATE_PERMISSION_RESOURCE_TYPE,
26161 &create_permission_data->resource_type);
26162
26163 APPEND (CLIENT_CREATE_PERMISSION_SUBJECT_TYPE,
26164 &create_permission_data->subject_type);
26165
26166
26167 case CLIENT_CREATE_PORT_LIST:
26168 create_port_list_element_text (text, text_len);
26169 break;
26170
26171
26172 APPEND (CLIENT_CREATE_PORT_RANGE_COMMENT,
26173 &create_port_range_data->comment);
26174
26175 APPEND (CLIENT_CREATE_PORT_RANGE_END,
26176 &create_port_range_data->end);
26177
26178 APPEND (CLIENT_CREATE_PORT_RANGE_START,
26179 &create_port_range_data->start);
26180
26181 APPEND (CLIENT_CREATE_PORT_RANGE_TYPE,
26182 &create_port_range_data->type);
26183
26184
26185 APPEND (CLIENT_CREATE_REPORT_IN_ASSETS,
26186 &create_report_data->in_assets);
26187
26188 APPEND (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_DESCRIPTION,
26189 &create_report_data->result_description);
26190
26191 APPEND (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_HOST,
26192 &create_report_data->result_host);
26193
26194 APPEND (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_HOST_HOSTNAME,
26195 &create_report_data->result_hostname);
26196
26197 APPEND (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_SCAN_NVT_VERSION,
26198 &create_report_data->result_scan_nvt_version);
26199
26200 APPEND (CLIENT_CREATE_REPORT_RR_ERRORS_ERROR_PORT,
26201 &create_report_data->result_port);
26202
26203 APPEND (CLIENT_CREATE_REPORT_RR_HOST_END,
26204 &create_report_data->host_end);
26205
26206 APPEND (CLIENT_CREATE_REPORT_RR_HOST_END_HOST,
26207 &create_report_data->host_end_host);
26208
26209 APPEND (CLIENT_CREATE_REPORT_RR_HOST_START,
26210 &create_report_data->host_start);
26211
26212 APPEND (CLIENT_CREATE_REPORT_RR_HOST_START_HOST,
26213 &create_report_data->host_start_host);
26214
26215
26216 APPEND (CLIENT_CREATE_REPORT_RR_SCAN_END,
26217 &create_report_data->scan_end);
26218
26219 APPEND (CLIENT_CREATE_REPORT_RR_SCAN_START,
26220 &create_report_data->scan_start);
26221
26222
26223 APPEND (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DESCRIPTION,
26224 &create_report_data->result_description);
26225
26226 APPEND (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_HOST,
26227 &create_report_data->result_host);
26228
26229 APPEND (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_HOST_HOSTNAME,
26230 &create_report_data->result_hostname);
26231
26232 APPEND (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_SCAN_NVT_VERSION,
26233 &create_report_data->result_scan_nvt_version);
26234
26235 APPEND (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_PORT,
26236 &create_report_data->result_port);
26237
26238 APPEND (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_QOD_TYPE,
26239 &create_report_data->result_qod_type);
26240
26241 APPEND (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_QOD_VALUE,
26242 &create_report_data->result_qod);
26243
26244 APPEND (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_SEVERITY,
26245 &create_report_data->result_severity);
26246
26247 APPEND (CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_THREAT,
26248 &create_report_data->result_threat);
26249
26250 case CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION_RESULT_DETAILS_DETAIL_NAME:
26251 gvm_append_text (&create_report_data->result_detection_name, text, text_len);
26252 break;
26253 case CLIENT_CREATE_REPORT_RR_RESULTS_RESULT_DETECTION_RESULT_DETAILS_DETAIL_VALUE:
26254 if (create_report_data->result_detection_name != NULL)
26255 {
26256 if (strcmp("product", create_report_data->result_detection_name) == 0)
26257 {
26258 gvm_append_text (&create_report_data->result_detection_product, text, text_len);
26259 }
26260 else if (strcmp("location", create_report_data->result_detection_name) == 0)
26261 {
26262 gvm_append_text (&create_report_data->result_detection_location, text, text_len);
26263 }
26264 else if (strcmp("source_oid", create_report_data->result_detection_name) == 0)
26265 {
26266 gvm_append_text (&create_report_data->result_detection_source_oid, text, text_len);
26267 }
26268 else if (strcmp("source_name", create_report_data->result_detection_name) == 0)
26269 {
26270 gvm_append_text (&create_report_data->result_detection_source_name, text, text_len);
26271 }
26272 free(create_report_data->result_detection_name);
26273 create_report_data->result_detection_name = NULL;
26274
26275 if (create_report_data->result_detection_product &&
26276 create_report_data->result_detection_location &&
26277 create_report_data->result_detection_source_oid &&
26278 create_report_data->result_detection_source_name)
26279 {
26280
26281 detection_detail_t *detail =
26282 (detection_detail_t*) g_malloc (sizeof (detection_detail_t));
26283 if (detail)
26284 {
26285 detail->product = create_report_data->result_detection_product;
26286 create_report_data->result_detection_product = NULL;
26287 detail->location = create_report_data->result_detection_location;
26288 create_report_data->result_detection_location = NULL;
26289 detail->source_oid = create_report_data->result_detection_source_oid;
26290 create_report_data->result_detection_source_oid = NULL;
26291 detail->source_name = create_report_data->result_detection_source_name;
26292 create_report_data->result_detection_source_name = NULL;
26293 array_add(create_report_data->result_detection, detail);
26294 }
26295 }
26296
26297
26298
26299 }
26300 break;
26301
26302 APPEND (CLIENT_CREATE_REPORT_RR_H_DETAIL_NAME,
26303 &create_report_data->detail_name);
26304
26305 APPEND (CLIENT_CREATE_REPORT_RR_H_DETAIL_VALUE,
26306 &create_report_data->detail_value);
26307
26308 APPEND (CLIENT_CREATE_REPORT_RR_H_DETAIL_SOURCE_DESC,
26309 &create_report_data->detail_source_desc);
26310
26311 APPEND (CLIENT_CREATE_REPORT_RR_H_DETAIL_SOURCE_NAME,
26312 &create_report_data->detail_source_name);
26313
26314 APPEND (CLIENT_CREATE_REPORT_RR_H_DETAIL_SOURCE_TYPE,
26315 &create_report_data->detail_source_type);
26316
26317 APPEND (CLIENT_CREATE_REPORT_RR_H_END,
26318 &create_report_data->host_end);
26319
26320 APPEND (CLIENT_CREATE_REPORT_RR_H_IP,
26321 &create_report_data->ip);
26322
26323 APPEND (CLIENT_CREATE_REPORT_RR_H_START,
26324 &create_report_data->host_start);
26325
26326
26327 case CLIENT_CREATE_REPORT_FORMAT:
26328 create_report_format_element_text (text, text_len);
26329 break;
26330
26331
26332 APPEND (CLIENT_CREATE_ROLE_COMMENT,
26333 &create_role_data->comment);
26334
26335 APPEND (CLIENT_CREATE_ROLE_COPY,
26336 &create_role_data->copy);
26337
26338 APPEND (CLIENT_CREATE_ROLE_NAME,
26339 &create_role_data->name);
26340
26341 APPEND (CLIENT_CREATE_ROLE_USERS,
26342 &create_role_data->users);
26343
26344 APPEND (CLIENT_CREATE_SCANNER_NAME,
26345 &create_scanner_data->name);
26346
26347 APPEND (CLIENT_CREATE_SCANNER_COMMENT,
26348 &create_scanner_data->comment);
26349
26350 APPEND (CLIENT_CREATE_SCANNER_COPY,
26351 &create_scanner_data->copy);
26352
26353 APPEND (CLIENT_CREATE_SCANNER_HOST,
26354 &create_scanner_data->host);
26355
26356 APPEND (CLIENT_CREATE_SCANNER_PORT,
26357 &create_scanner_data->port);
26358
26359 APPEND (CLIENT_CREATE_SCANNER_TYPE,
26360 &create_scanner_data->type);
26361
26362 APPEND (CLIENT_CREATE_SCANNER_CA_PUB,
26363 &create_scanner_data->ca_pub);
26364
26365
26366 APPEND (CLIENT_CREATE_SCHEDULE_COMMENT,
26367 &create_schedule_data->comment);
26368
26369 APPEND (CLIENT_CREATE_SCHEDULE_COPY,
26370 &create_schedule_data->copy);
26371
26372 APPEND (CLIENT_CREATE_SCHEDULE_ICALENDAR,
26373 &create_schedule_data->icalendar);
26374
26375 APPEND (CLIENT_CREATE_SCHEDULE_NAME,
26376 &create_schedule_data->name);
26377
26378 APPEND (CLIENT_CREATE_SCHEDULE_TIMEZONE,
26379 &create_schedule_data->timezone);
26380
26381
26382 APPEND (CLIENT_CREATE_TAG_ACTIVE,
26383 &create_tag_data->active);
26384
26385 APPEND (CLIENT_CREATE_TAG_RESOURCES_TYPE,
26386 &create_tag_data->resource_type);
26387
26388 APPEND (CLIENT_CREATE_TAG_COPY,
26389 &create_tag_data->copy);
26390
26391 APPEND (CLIENT_CREATE_TAG_COMMENT,
26392 &create_tag_data->comment);
26393
26394 APPEND (CLIENT_CREATE_TAG_NAME,
26395 &create_tag_data->name);
26396
26397 APPEND (CLIENT_CREATE_TAG_VALUE,
26398 &create_tag_data->value);
26399
26400
26401 APPEND (CLIENT_CREATE_TARGET_EXCLUDE_HOSTS,
26402 &create_target_data->exclude_hosts);
26403
26404 APPEND (CLIENT_CREATE_TARGET_REVERSE_LOOKUP_ONLY,
26405 &create_target_data->reverse_lookup_only);
26406
26407 APPEND (CLIENT_CREATE_TARGET_REVERSE_LOOKUP_UNIFY,
26408 &create_target_data->reverse_lookup_unify);
26409
26410 APPEND (CLIENT_CREATE_TARGET_ALIVE_TESTS,
26411 &create_target_data->alive_tests);
26412
26413 APPEND (CLIENT_CREATE_TARGET_ALLOW_SIMULTANEOUS_IPS,
26414 &create_target_data->allow_simultaneous_ips);
26415
26416 APPEND (CLIENT_CREATE_TARGET_COMMENT,
26417 &create_target_data->comment);
26418
26419 APPEND (CLIENT_CREATE_TARGET_COPY,
26420 &create_target_data->copy);
26421
26422 APPEND (CLIENT_CREATE_TARGET_HOSTS,
26423 &create_target_data->hosts);
26424
26425 APPEND (CLIENT_CREATE_TARGET_NAME,
26426 &create_target_data->name);
26427
26428 APPEND (CLIENT_CREATE_TARGET_PORT_RANGE,
26429 &create_target_data->port_range);
26430
26431 APPEND (CLIENT_CREATE_TARGET_SSH_CREDENTIAL_PORT,
26432 &create_target_data->ssh_port);
26433
26434 APPEND (CLIENT_CREATE_TARGET_SSH_LSC_CREDENTIAL_PORT,
26435 &create_target_data->ssh_lsc_port);
26436
26437
26438 APPEND (CLIENT_CREATE_TASK_ALTERABLE,
26439 &create_task_data->alterable);
26440
26441 case CLIENT_CREATE_TASK_COMMENT:
26442 append_to_task_comment (create_task_data->task, text, text_len);
26443 break;
26444
26445 APPEND (CLIENT_CREATE_TASK_HOSTS_ORDERING,
26446 &create_task_data->hosts_ordering);
26447
26448 APPEND (CLIENT_CREATE_TASK_COPY,
26449 &create_task_data->copy);
26450
26451 APPEND (CLIENT_CREATE_TASK_NAME,
26452 &create_task_data->name);
26453
26454 APPEND (CLIENT_CREATE_TASK_OBSERVERS,
26455 &create_task_data->observers);
26456
26457 APPEND (CLIENT_CREATE_TASK_PREFERENCES_PREFERENCE_NAME,
26458 &create_task_data->preference->name);
26459
26460 APPEND (CLIENT_CREATE_TASK_PREFERENCES_PREFERENCE_VALUE,
26461 &create_task_data->preference->value);
26462
26463 APPEND (CLIENT_CREATE_TASK_SCHEDULE_PERIODS,
26464 &create_task_data->schedule_periods);
26465
26466 APPEND (CLIENT_CREATE_TASK_USAGE_TYPE,
26467 &create_task_data->usage_type);
26468
26469 case CLIENT_CREATE_TICKET:
26470 create_ticket_element_text (text, text_len);
26471 break;
26472
26473 case CLIENT_CREATE_TLS_CERTIFICATE:
26474 create_tls_certificate_element_text (text, text_len);
26475 break;
26476
26477
26478 APPEND (CLIENT_CREATE_USER_COMMENT,
26479 &create_user_data->comment);
26480
26481 APPEND (CLIENT_CREATE_USER_COPY,
26482 &create_user_data->copy);
26483
26484 APPEND (CLIENT_CREATE_USER_HOSTS,
26485 &create_user_data->hosts);
26486
26487 APPEND (CLIENT_CREATE_USER_IFACES,
26488 &create_user_data->ifaces);
26489
26490 APPEND (CLIENT_CREATE_USER_NAME,
26491 &create_user_data->name);
26492
26493 APPEND (CLIENT_CREATE_USER_PASSWORD,
26494 &create_user_data->password);
26495
26496 APPEND (CLIENT_CREATE_USER_SOURCES_SOURCE,
26497 &create_user_data->current_source);
26498
26499
26500 case CLIENT_GET_AGGREGATES_DATA_COLUMN:
26501 {
26502 GList *last = g_list_last (get_aggregates_data->data_columns);
26503 gchar *data_column = last->data;
26504 gvm_append_text (&data_column, text, text_len);
26505 last->data = data_column;
26506 break;
26507 }
26508
26509 case CLIENT_GET_AGGREGATES_TEXT_COLUMN:
26510 {
26511 GList *last = g_list_last (get_aggregates_data->text_columns);
26512 gchar *text_column = last->data;
26513 gvm_append_text (&text_column, text, text_len);
26514 last->data = text_column;
26515 break;
26516 }
26517
26518
26519 APPEND (CLIENT_MODIFY_ALERT_NAME,
26520 &modify_alert_data->name);
26521
26522 APPEND (CLIENT_MODIFY_ALERT_COMMENT,
26523 &modify_alert_data->comment);
26524
26525 APPEND (CLIENT_MODIFY_ALERT_ACTIVE,
26526 &modify_alert_data->active);
26527
26528 APPEND (CLIENT_MODIFY_ALERT_EVENT,
26529 &modify_alert_data->event);
26530
26531 APPEND (CLIENT_MODIFY_ALERT_CONDITION,
26532 &modify_alert_data->condition);
26533
26534 APPEND (CLIENT_MODIFY_ALERT_METHOD,
26535 &modify_alert_data->method);
26536
26537
26538 APPEND (CLIENT_MODIFY_ALERT_EVENT_DATA,
26539 &modify_alert_data->part_data);
26540
26541 APPEND (CLIENT_MODIFY_ALERT_CONDITION_DATA,
26542 &modify_alert_data->part_data);
26543
26544 APPEND (CLIENT_MODIFY_ALERT_METHOD_DATA,
26545 &modify_alert_data->part_data);
26546
26547
26548 APPEND (CLIENT_MODIFY_ALERT_EVENT_DATA_NAME,
26549 &modify_alert_data->part_name);
26550
26551 APPEND (CLIENT_MODIFY_ALERT_CONDITION_DATA_NAME,
26552 &modify_alert_data->part_name);
26553
26554 APPEND (CLIENT_MODIFY_ALERT_METHOD_DATA_NAME,
26555 &modify_alert_data->part_name);
26556
26557
26558 APPEND (CLIENT_MODIFY_ASSET_COMMENT,
26559 &modify_asset_data->comment);
26560
26561
26562 APPEND (CLIENT_MODIFY_AUTH_GROUP_AUTH_CONF_SETTING_KEY,
26563 &modify_auth_data->key);
26564
26565 APPEND (CLIENT_MODIFY_AUTH_GROUP_AUTH_CONF_SETTING_VALUE,
26566 &modify_auth_data->value);
26567
26568
26569 APPEND (CLIENT_MODIFY_FILTER_COMMENT,
26570 &modify_filter_data->comment);
26571
26572 APPEND (CLIENT_MODIFY_FILTER_NAME,
26573 &modify_filter_data->name);
26574
26575 APPEND (CLIENT_MODIFY_FILTER_TERM,
26576 &modify_filter_data->term);
26577
26578 APPEND (CLIENT_MODIFY_FILTER_TYPE,
26579 &modify_filter_data->type);
26580
26581
26582 APPEND (CLIENT_MODIFY_GROUP_COMMENT,
26583 &modify_group_data->comment);
26584
26585 APPEND (CLIENT_MODIFY_GROUP_NAME,
26586 &modify_group_data->name);
26587
26588 APPEND (CLIENT_MODIFY_GROUP_USERS,
26589 &modify_group_data->users);
26590
26591
26592 APPEND (CLIENT_MODIFY_NOTE_ACTIVE,
26593 &modify_note_data->active);
26594
26595 APPEND (CLIENT_MODIFY_NOTE_HOSTS,
26596 &modify_note_data->hosts);
26597
26598 APPEND (CLIENT_MODIFY_NOTE_PORT,
26599 &modify_note_data->port);
26600
26601 APPEND (CLIENT_MODIFY_NOTE_SEVERITY,
26602 &modify_note_data->severity);
26603
26604 APPEND (CLIENT_MODIFY_NOTE_TEXT,
26605 &modify_note_data->text);
26606
26607 APPEND (CLIENT_MODIFY_NOTE_THREAT,
26608 &modify_note_data->threat);
26609
26610 APPEND (CLIENT_MODIFY_NOTE_NVT,
26611 &modify_note_data->nvt_oid);
26612
26613
26614 APPEND (CLIENT_MODIFY_OVERRIDE_ACTIVE,
26615 &modify_override_data->active);
26616
26617 APPEND (CLIENT_MODIFY_OVERRIDE_HOSTS,
26618 &modify_override_data->hosts);
26619
26620 APPEND (CLIENT_MODIFY_OVERRIDE_NEW_SEVERITY,
26621 &modify_override_data->new_severity);
26622
26623 APPEND (CLIENT_MODIFY_OVERRIDE_NEW_THREAT,
26624 &modify_override_data->new_threat);
26625
26626 APPEND (CLIENT_MODIFY_OVERRIDE_PORT,
26627 &modify_override_data->port);
26628
26629 APPEND (CLIENT_MODIFY_OVERRIDE_SEVERITY,
26630 &modify_override_data->severity);
26631
26632 APPEND (CLIENT_MODIFY_OVERRIDE_TEXT,
26633 &modify_override_data->text);
26634
26635 APPEND (CLIENT_MODIFY_OVERRIDE_THREAT,
26636 &modify_override_data->threat);
26637
26638
26639 APPEND (CLIENT_MODIFY_PERMISSION_COMMENT,
26640 &modify_permission_data->comment);
26641
26642 APPEND (CLIENT_MODIFY_PERMISSION_NAME,
26643 &modify_permission_data->name);
26644
26645 APPEND (CLIENT_MODIFY_PERMISSION_RESOURCE_TYPE,
26646 &modify_permission_data->resource_type);
26647
26648 APPEND (CLIENT_MODIFY_PERMISSION_SUBJECT_TYPE,
26649 &modify_permission_data->subject_type);
26650
26651
26652 APPEND (CLIENT_MODIFY_PORT_LIST_COMMENT,
26653 &modify_port_list_data->comment);
26654
26655 APPEND (CLIENT_MODIFY_PORT_LIST_NAME,
26656 &modify_port_list_data->name);
26657
26658
26659 APPEND (CLIENT_MODIFY_ROLE_COMMENT,
26660 &modify_role_data->comment);
26661
26662 APPEND (CLIENT_MODIFY_ROLE_NAME,
26663 &modify_role_data->name);
26664
26665 APPEND (CLIENT_MODIFY_ROLE_USERS,
26666 &modify_role_data->users);
26667
26668 APPEND (CLIENT_MODIFY_SCANNER_COMMENT,
26669 &modify_scanner_data->comment);
26670
26671 APPEND (CLIENT_MODIFY_SCANNER_NAME,
26672 &modify_scanner_data->name);
26673
26674 APPEND (CLIENT_MODIFY_SCANNER_HOST,
26675 &modify_scanner_data->host);
26676
26677 APPEND (CLIENT_MODIFY_SCANNER_PORT,
26678 &modify_scanner_data->port);
26679
26680 APPEND (CLIENT_MODIFY_SCANNER_TYPE,
26681 &modify_scanner_data->type);
26682
26683 APPEND (CLIENT_MODIFY_SCANNER_CA_PUB,
26684 &modify_scanner_data->ca_pub);
26685
26686
26687 APPEND (CLIENT_MODIFY_SCHEDULE_COMMENT,
26688 &modify_schedule_data->comment);
26689
26690 APPEND (CLIENT_MODIFY_SCHEDULE_ICALENDAR,
26691 &modify_schedule_data->icalendar);
26692
26693 APPEND (CLIENT_MODIFY_SCHEDULE_NAME,
26694 &modify_schedule_data->name);
26695
26696 APPEND (CLIENT_MODIFY_SCHEDULE_TIMEZONE,
26697 &modify_schedule_data->timezone);
26698
26699
26700 APPEND (CLIENT_MODIFY_TAG_ACTIVE,
26701 &modify_tag_data->active);
26702
26703 APPEND (CLIENT_MODIFY_TAG_RESOURCES_TYPE,
26704 &modify_tag_data->resource_type);
26705
26706 APPEND (CLIENT_MODIFY_TAG_COMMENT,
26707 &modify_tag_data->comment);
26708
26709 APPEND (CLIENT_MODIFY_TAG_NAME,
26710 &modify_tag_data->name);
26711
26712 APPEND (CLIENT_MODIFY_TAG_VALUE,
26713 &modify_tag_data->value);
26714
26715
26716 APPEND (CLIENT_MODIFY_TARGET_EXCLUDE_HOSTS,
26717 &modify_target_data->exclude_hosts);
26718
26719 APPEND (CLIENT_MODIFY_TARGET_REVERSE_LOOKUP_ONLY,
26720 &modify_target_data->reverse_lookup_only);
26721
26722 APPEND (CLIENT_MODIFY_TARGET_REVERSE_LOOKUP_UNIFY,
26723 &modify_target_data->reverse_lookup_unify);
26724
26725 APPEND (CLIENT_MODIFY_TARGET_ALIVE_TESTS,
26726 &modify_target_data->alive_tests);
26727
26728 APPEND (CLIENT_MODIFY_TARGET_ALLOW_SIMULTANEOUS_IPS,
26729 &modify_target_data->allow_simultaneous_ips);
26730
26731 APPEND (CLIENT_MODIFY_TARGET_COMMENT,
26732 &modify_target_data->comment);
26733
26734 APPEND (CLIENT_MODIFY_TARGET_HOSTS,
26735 &modify_target_data->hosts);
26736
26737 APPEND (CLIENT_MODIFY_TARGET_NAME,
26738 &modify_target_data->name);
26739
26740 APPEND (CLIENT_MODIFY_TARGET_SSH_CREDENTIAL_PORT,
26741 &modify_target_data->ssh_port);
26742
26743 APPEND (CLIENT_MODIFY_TARGET_SSH_LSC_CREDENTIAL_PORT,
26744 &modify_target_data->ssh_lsc_port);
26745
26746
26747 case CLIENT_MODIFY_TICKET:
26748 modify_ticket_element_text (text, text_len);
26749 break;
26750
26751 case CLIENT_MODIFY_TLS_CERTIFICATE:
26752 modify_tls_certificate_element_text (text, text_len);
26753 break;
26754
26755 APPEND (CLIENT_RUN_WIZARD_MODE,
26756 &run_wizard_data->mode);
26757
26758 APPEND (CLIENT_RUN_WIZARD_NAME,
26759 &run_wizard_data->name);
26760
26761 APPEND (CLIENT_RUN_WIZARD_PARAMS_PARAM_NAME,
26762 &run_wizard_data->param->name);
26763
26764 APPEND (CLIENT_RUN_WIZARD_PARAMS_PARAM_VALUE,
26765 &run_wizard_data->param->value);
26766
26767
26768 default:
26769 /* Just pass over the text. */
26770 break;
26771 }
26772 }
26773
26774 /**
26775 * @brief Handle a GMP XML parsing error.
26776 *
26777 * Simply leave the error for the caller of the parser to handle.
26778 *
26779 * @param[in] context Parser context.
26780 * @param[in] error The error.
26781 * @param[in] user_data Dummy parameter.
26782 */
26783 static void
gmp_xml_handle_error(GMarkupParseContext * context,GError * error,gpointer user_data)26784 gmp_xml_handle_error (/* unused */ GMarkupParseContext* context,
26785 GError *error,
26786 /* unused */ gpointer user_data)
26787 {
26788 g_debug (" XML ERROR %s", error->message);
26789 }
26790
26791
26792 /* GMP input processor. */
26793
26794 /** @todo Most likely the client should get these from init_gmp_process
26795 * inside an gmp_parser_t and should pass the gmp_parser_t to
26796 * process_gmp_client_input. process_gmp_client_input can pass then
26797 * pass them on to the other Manager "libraries". */
26798 extern char from_client[];
26799 extern buffer_size_t from_client_start;
26800 extern buffer_size_t from_client_end;
26801
26802 /**
26803 * @brief Initialise GMP library.
26804 *
26805 * @param[in] log_config Logging configuration list.
26806 * @param[in] database Location of manage database.
26807 * @param[in] max_ips_per_target Max number of IPs per target.
26808 * @param[in] max_email_attachment_size Max size of email attachments.
26809 * @param[in] max_email_include_size Max size of email inclusions.
26810 * @param[in] max_email_message_size Max size of email user message text.
26811 * @param[in] fork_connection Function to fork a connection to the GMP
26812 * daemon layer, or NULL.
26813 * @param[in] skip_db_check Skip DB check.
26814 *
26815 * @return 0 success, -1 error, -2 database is wrong version,
26816 * -4 max_ips_per_target out of range.
26817 */
26818 int
init_gmp(GSList * log_config,const db_conn_info_t * database,int max_ips_per_target,int max_email_attachment_size,int max_email_include_size,int max_email_message_size,manage_connection_forker_t fork_connection,int skip_db_check)26819 init_gmp (GSList *log_config, const db_conn_info_t *database,
26820 int max_ips_per_target, int max_email_attachment_size,
26821 int max_email_include_size, int max_email_message_size,
26822 manage_connection_forker_t fork_connection, int skip_db_check)
26823 {
26824 g_log_set_handler (G_LOG_DOMAIN,
26825 ALL_LOG_LEVELS,
26826 (GLogFunc) gvm_log_func,
26827 log_config);
26828 command_data_init (&command_data);
26829 return init_manage (log_config, database, max_ips_per_target,
26830 max_email_attachment_size, max_email_include_size,
26831 max_email_message_size,
26832 fork_connection, skip_db_check);
26833 }
26834
26835 /**
26836 * @brief Initialise GMP library data for a process.
26837 *
26838 * @param[in] database Location of manage database.
26839 * @param[in] write_to_client Function to write to client.
26840 * @param[in] write_to_client_data Argument to \p write_to_client.
26841 * @param[in] disable Commands to disable.
26842 *
26843 * This should run once per process, before the first call to \ref
26844 * process_gmp_client_input.
26845 */
26846 void
init_gmp_process(const db_conn_info_t * database,int (* write_to_client)(const char *,void *),void * write_to_client_data,gchar ** disable)26847 init_gmp_process (const db_conn_info_t *database,
26848 int (*write_to_client) (const char*, void*),
26849 void* write_to_client_data, gchar **disable)
26850 {
26851 client_state = CLIENT_TOP;
26852 command_data_init (&command_data);
26853 init_manage_process (database);
26854 manage_reset_currents ();
26855 /* Create the XML parser. */
26856 xml_parser.start_element = gmp_xml_handle_start_element;
26857 xml_parser.end_element = gmp_xml_handle_end_element;
26858 xml_parser.text = gmp_xml_handle_text;
26859 xml_parser.passthrough = NULL;
26860 xml_parser.error = gmp_xml_handle_error;
26861 /* Don't free xml_context because we likely are inside the parser that is
26862 * the context, which would cause Glib to freak out. Just leak, the process
26863 * is going to exit after this anyway. */
26864 xml_context = g_markup_parse_context_new
26865 (&xml_parser,
26866 0,
26867 gmp_parser_new (write_to_client, write_to_client_data,
26868 disable),
26869 (GDestroyNotify) gmp_parser_free);
26870 }
26871
26872 /**
26873 * @brief Process any XML available in \ref from_client.
26874 *
26875 * \if STATIC
26876 *
26877 * Call the XML parser and let the callback functions do the work
26878 * (\ref gmp_xml_handle_start_element, \ref gmp_xml_handle_end_element,
26879 * \ref gmp_xml_handle_text and \ref gmp_xml_handle_error).
26880 *
26881 * The callback functions will queue any replies for
26882 * the client in \ref to_client (using \ref send_to_client).
26883 *
26884 * \endif
26885 *
26886 * @return 0 success,
26887 * -1 error,
26888 * -4 XML syntax error.
26889 */
26890 int
process_gmp_client_input()26891 process_gmp_client_input ()
26892 {
26893 gboolean success;
26894 GError* error = NULL;
26895
26896 /* Terminate any pending transaction. (force close = TRUE). */
26897 manage_transaction_stop (TRUE);
26898
26899 if (xml_context == NULL) return -1;
26900
26901 success = g_markup_parse_context_parse (xml_context,
26902 from_client + from_client_start,
26903 from_client_end - from_client_start,
26904 &error);
26905 if (success == FALSE)
26906 {
26907 int err;
26908 if (error)
26909 {
26910 err = -4;
26911 if (g_error_matches (error,
26912 G_MARKUP_ERROR,
26913 G_MARKUP_ERROR_UNKNOWN_ELEMENT))
26914 g_debug (" client error: G_MARKUP_ERROR_UNKNOWN_ELEMENT");
26915 else if (g_error_matches (error,
26916 G_MARKUP_ERROR,
26917 G_MARKUP_ERROR_INVALID_CONTENT))
26918 g_debug (" client error: G_MARKUP_ERROR_INVALID_CONTENT");
26919 else if (g_error_matches (error,
26920 G_MARKUP_ERROR,
26921 G_MARKUP_ERROR_UNKNOWN_ATTRIBUTE))
26922 g_debug (" client error: G_MARKUP_ERROR_UNKNOWN_ATTRIBUTE");
26923 else
26924 err = -1;
26925 g_info (" Failed to parse client XML: %s", error->message);
26926 g_error_free (error);
26927 }
26928 else
26929 err = -1;
26930 /* In all error cases the caller must cease to call this function as it
26931 * would be too hard, if possible at all, to figure out the position of
26932 * start of the next command. */
26933 return err;
26934 }
26935 from_client_end = from_client_start = 0;
26936 return 0;
26937 }
26938
26939 /**
26940 * @brief Buffer the response for process_gmp.
26941 *
26942 * @param[in] msg GMP response.
26943 * @param[in] buffer Buffer.
26944 *
26945 * @return TRUE if failed, else FALSE.
26946 */
26947 static int
process_gmp_write(const char * msg,void * buffer)26948 process_gmp_write (const char* msg, void* buffer)
26949 {
26950 g_debug ("-> client internal: %s", msg);
26951 g_string_append ((GString*) buffer, msg);
26952 return FALSE;
26953 }
26954
26955 /**
26956 * @brief Process an XML string.
26957 *
26958 * \if STATIC
26959 *
26960 * Call the XML parser and let the callback functions do the work
26961 * (\ref gmp_xml_handle_start_element, \ref gmp_xml_handle_end_element,
26962 * \ref gmp_xml_handle_text and \ref gmp_xml_handle_error).
26963 *
26964 * The callback functions will queue any replies for
26965 * the client in \ref to_client (using \ref send_to_client).
26966 *
26967 * \endif
26968 *
26969 * @param[in] parser Parser.
26970 * @param[in] command Command.
26971 * @param[in] response Response.
26972 *
26973 * @return 0 success,
26974 * -4 XML syntax error.
26975 * -1 error.
26976 */
26977 static int
process_gmp(gmp_parser_t * parser,const gchar * command,gchar ** response)26978 process_gmp (gmp_parser_t *parser, const gchar *command, gchar **response)
26979 {
26980 gboolean success;
26981 GError* error = NULL;
26982 GString *buffer;
26983 int (*client_writer) (const char*, void*);
26984 void* client_writer_data;
26985 GMarkupParseContext *old_xml_context;
26986 client_state_t old_client_state;
26987 command_data_t old_command_data;
26988
26989 /* Terminate any pending transaction. (force close = TRUE). */
26990 manage_transaction_stop (TRUE);
26991
26992 if (response) *response = NULL;
26993
26994 old_xml_context = xml_context;
26995 xml_context = g_markup_parse_context_new (&xml_parser, 0, parser, NULL);
26996 if (xml_context == NULL)
26997 {
26998 xml_context = old_xml_context;
26999 return -1;
27000 }
27001
27002 old_command_data = command_data;
27003 command_data_init (&command_data);
27004 old_client_state = client_state;
27005 client_state = CLIENT_AUTHENTIC;
27006 buffer = g_string_new ("");
27007 client_writer = parser->client_writer;
27008 client_writer_data = parser->client_writer_data;
27009 parser->client_writer = process_gmp_write;
27010 parser->client_writer_data = buffer;
27011 success = g_markup_parse_context_parse (xml_context,
27012 command,
27013 strlen (command),
27014 &error);
27015 parser->client_writer = client_writer;
27016 parser->client_writer_data = client_writer_data;
27017 xml_context = old_xml_context;
27018 client_state = old_client_state;
27019 command_data = old_command_data;
27020 if (success == FALSE)
27021 {
27022 int err;
27023 if (error)
27024 {
27025 err = -4;
27026 if (g_error_matches (error,
27027 G_MARKUP_ERROR,
27028 G_MARKUP_ERROR_UNKNOWN_ELEMENT))
27029 g_debug (" client error: G_MARKUP_ERROR_UNKNOWN_ELEMENT");
27030 else if (g_error_matches (error,
27031 G_MARKUP_ERROR,
27032 G_MARKUP_ERROR_INVALID_CONTENT))
27033 g_debug (" client error: G_MARKUP_ERROR_INVALID_CONTENT");
27034 else if (g_error_matches (error,
27035 G_MARKUP_ERROR,
27036 G_MARKUP_ERROR_UNKNOWN_ATTRIBUTE))
27037 g_debug (" client error: G_MARKUP_ERROR_UNKNOWN_ATTRIBUTE");
27038 else
27039 err = -1;
27040 g_info (" Failed to parse client XML: %s", error->message);
27041 g_error_free (error);
27042 }
27043 else
27044 err = -1;
27045 return err;
27046 }
27047
27048 if (response)
27049 *response = g_string_free (buffer, FALSE);
27050 else
27051 g_string_free (buffer, TRUE);
27052
27053 return 0;
27054 }
27055