36 #include "../misc/plugutils.h"
37 #include "../misc/vendorversion.h"
49 #include <gvm/base/logging.h>
50 #include <gvm/base/nvti.h>
51 #include <gvm/base/prefs.h>
52 #include <gvm/base/proctitle.h>
53 #include <gvm/base/version.h>
54 #include <gvm/util/kb.h>
55 #include <gvm/util/nvticache.h>
56 #include <gvm/util/uuidutils.h>
67 #ifdef GIT_REV_AVAILABLE
68 #include "gitrevision.h"
71 #if GNUTLS_VERSION_NUMBER < 0x030300
72 #include "../misc/network.h"
79 #define G_LOG_DOMAIN "sd main"
81 #define PROCTITLE_WAITING "openvas: Waiting for incoming connections"
82 #define PROCTITLE_LOADING "openvas: Loading Handler"
83 #define PROCTITLE_RELOADING "openvas: Reloading"
84 #define PROCTITLE_SERVING "openvas: Serving %s"
111 {
"plugins_folder", OPENVAS_NVT_DIR},
112 {
"include_folders", OPENVAS_NVT_DIR},
114 {
"max_checks",
"10"},
115 {
"log_whole_attack",
"no"},
116 {
"log_plugins_name_at_load",
"no"},
117 {
"optimize_test",
"yes"},
118 {
"network_scan",
"no"},
119 {
"non_simult_ports",
"139, 445, 3389, Services/irc"},
120 {
"plugins_timeout", G_STRINGIFY (NVT_TIMEOUT)},
121 {
"scanner_plugins_timeout", G_STRINGIFY (SCANNER_NVT_TIMEOUT)},
122 {
"safe_checks",
"yes"},
123 {
"auto_enable_dependencies",
"yes"},
124 {
"drop_privileges",
"no"},
127 {
"report_host_details",
"yes"},
128 {
"db_address", KB_PATH_DEFAULT},
129 {
"vendor_version",
"\0"},
137 if ((str = prefs_get (
"max_hosts")) != NULL)
144 if ((str = prefs_get (
"max_checks")) != NULL)
185 static gchar *rc_name = NULL;
186 const char *config_file;
194 rc_name = g_build_filename (OPENVAS_SYSCONF_DIR,
"openvas_log.conf", NULL);
195 if (g_file_test (rc_name, G_FILE_TEST_EXISTS))
196 log_config = load_log_configuration (rc_name);
199 g_message (
"Reloading the scanner.\n");
202 config_file = prefs_get (
"config_file");
205 prefs_config (config_file);
211 g_message (
"Finished reloading the scanner.");
230 struct kb_item *res = NULL;
232 g_debug (
"Start loading scan preferences.");
236 snprintf (key,
sizeof (key),
"internal/%s/scanprefs", globals->
scan_id);
237 kb = kb_find (prefs_get (
"db_address"), key);
241 res = kb_item_get_all (kb, key);
247 gchar **pref = g_strsplit (res->v_str,
"|||", 2);
250 gchar **pref_name = g_strsplit (pref[0],
":", 3);
251 if (pref_name[1] && pref_name[2] && !strncmp (pref_name[2],
"file", 4)
252 && strcmp (pref[1],
""))
254 char *file_hash = gvm_uuid_make ();
256 prefs_set (pref[0], file_hash);
257 ret =
store_file (globals, pref[1], file_hash);
259 g_debug (
"Load preference: Failed to upload file "
260 "for nvt %s preference.",
266 prefs_set (pref[0], pref[1] ?:
"");
267 g_strfreev (pref_name);
273 snprintf (key,
sizeof (key),
"internal/%s", globals->
scan_id);
274 kb_item_set_str (kb, key,
"ready", 0);
275 kb_item_set_int (kb,
"internal/ovas_pid", getpid ());
277 g_debug (
"End loading scan preferences.");
291 g_warning (
"No preferences found for the scan %s", globals->
scan_id);
323 static gchar *rc_name = NULL;
328 prefs_config (config_file);
331 rc_name = g_build_filename (OPENVAS_SYSCONF_DIR,
"openvas_log.conf", NULL);
332 if (g_file_test (rc_name, G_FILE_TEST_EXISTS))
333 log_config = load_log_configuration (rc_name);
347 rc = kb_new (&kb, prefs_get (
"db_address"));
351 rc = kb_flush (kb, NVTICACHE_STR);
358 if (gcry_control (GCRYCTL_ANY_INITIALIZATION_P))
360 gcry_check_version (NULL);
361 gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
362 gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0);
363 gcry_control (GCRYCTL_RESUME_SECMEM_WARN);
364 gcry_control (GCRYCTL_INITIALIZATION_FINISHED);
372 #if GNUTLS_VERSION_NUMBER < 0x030300
374 g_message (
"Could not initialize openvas SSL!");
377 #ifdef OPENVAS_GIT_REVISION
378 g_message (
"openvas %s (GIT revision %s) started", OPENVAS_VERSION,
379 OPENVAS_GIT_REVISION);
381 g_message (
"openvas %s started", OPENVAS_VERSION);
386 g_message (
"Failed to initialize nvti cache.");
413 kb = kb_find (prefs_get (
"db_address"), key);
417 pid = kb_item_get_int (kb,
"internal/ovas_pid");
433 proctitle_init (argc, argv);
436 static gboolean display_version = FALSE;
437 static gchar *config_file = NULL;
439 static gchar *stop_scan_id = NULL;
440 static gboolean print_specs = FALSE;
441 static gboolean print_sysconfdir = FALSE;
442 static gboolean update_vt_info = FALSE;
443 GError *error = NULL;
444 GOptionContext *option_context;
445 static GOptionEntry entries[] = {
446 {
"version",
'V', 0, G_OPTION_ARG_NONE, &display_version,
447 "Display version information", NULL},
448 {
"config-file",
'c', 0, G_OPTION_ARG_FILENAME, &config_file,
449 "Configuration file",
"<filename>"},
450 {
"cfg-specs",
's', 0, G_OPTION_ARG_NONE, &print_specs,
451 "Print configuration settings", NULL},
452 {
"sysconfdir",
'y', 0, G_OPTION_ARG_NONE, &print_sysconfdir,
453 "Print system configuration directory (set at compile time)", NULL},
454 {
"update-vt-info",
'u', 0, G_OPTION_ARG_NONE, &update_vt_info,
455 "Updates VT info into redis store from VT files", NULL},
456 {
"scan-start",
'\0', 0, G_OPTION_ARG_STRING, &
scan_id,
457 "ID of scan to start. ID and related data must be stored into redis "
460 {
"scan-stop",
'\0', 0, G_OPTION_ARG_STRING, &stop_scan_id,
461 "ID of scan to stop",
"<string>"},
463 {NULL, 0, 0, 0, NULL, NULL, NULL}};
466 g_option_context_new (
"- Open Vulnerability Assessment Scanner");
467 g_option_context_add_main_entries (option_context, entries, NULL);
468 if (!g_option_context_parse (option_context, &argc, &argv, &error))
470 g_print (
"%s\n\n", error->message);
473 g_option_context_free (option_context);
476 if (print_sysconfdir)
478 g_print (
"%s\n", SYSCONFDIR);
485 printf (
"OpenVAS %s\n", OPENVAS_VERSION);
486 #ifdef OPENVAS_GIT_REVISION
487 printf (
"GIT revision %s\n", OPENVAS_GIT_REVISION);
489 printf (
"gvm-libs %s\n", gvm_libs_version ());
490 printf (
"Most new code since 2005: (C) 2019 Greenbone Networks GmbH\n");
492 "Nessus origin: (C) 2004 Renaud Deraison <deraison@nessus.org>\n");
493 printf (
"License GPLv2: GNU GPL version 2\n");
495 "This is free software: you are free to change and redistribute it.\n"
496 "There is NO WARRANTY, to the extent permitted by law.\n\n");
501 if (setenv (
"TZ",
"utc 0", 1) == -1)
503 g_print (
"%s\n\n", strerror (errno));
509 config_file = OPENVAS_CONF;
522 if (prefs_get (
"vendor_version") != NULL)
548 #if GNUTLS_VERSION_NUMBER < 0x030300
550 g_message (
"Could not initialize openvas SSL!");