36 #include "../misc/plugutils.h"
37 #include "../misc/vendorversion.h"
49 #include <gvm/base/logging.h>
50 #include <gvm/base/nvti.h>
51 #include <gvm/base/prefs.h>
52 #include <gvm/base/proctitle.h>
53 #include <gvm/util/kb.h>
54 #include <gvm/util/nvticache.h>
55 #include <gvm/util/uuidutils.h>
66 #ifdef GIT_REV_AVAILABLE
67 #include "gitrevision.h"
70 #if GNUTLS_VERSION_NUMBER < 0x030300
71 #include "../misc/network.h"
78 #define G_LOG_DOMAIN "sd main"
80 #define PROCTITLE_WAITING "openvas: Waiting for incoming connections"
81 #define PROCTITLE_LOADING "openvas: Loading Handler"
82 #define PROCTITLE_RELOADING "openvas: Reloading"
83 #define PROCTITLE_SERVING "openvas: Serving %s"
110 {
"plugins_folder", OPENVAS_NVT_DIR},
111 {
"include_folders", OPENVAS_NVT_DIR},
113 {
"max_checks",
"10"},
114 {
"log_whole_attack",
"no"},
115 {
"log_plugins_name_at_load",
"no"},
116 {
"optimize_test",
"yes"},
117 {
"network_scan",
"no"},
118 {
"non_simult_ports",
"139, 445, 3389, Services/irc"},
119 {
"plugins_timeout", G_STRINGIFY (NVT_TIMEOUT)},
120 {
"scanner_plugins_timeout", G_STRINGIFY (SCANNER_NVT_TIMEOUT)},
121 {
"safe_checks",
"yes"},
122 {
"auto_enable_dependencies",
"yes"},
123 {
"drop_privileges",
"no"},
126 {
"report_host_details",
"yes"},
127 {
"db_address", KB_PATH_DEFAULT},
128 {
"vendor_version",
"\0"},
136 if ((str = prefs_get (
"max_hosts")) != NULL)
143 if ((str = prefs_get (
"max_checks")) != NULL)
184 static gchar *rc_name = NULL;
185 const char *config_file;
193 rc_name = g_build_filename (OPENVAS_SYSCONF_DIR,
"openvas_log.conf", NULL);
194 if (g_file_test (rc_name, G_FILE_TEST_EXISTS))
195 log_config = load_log_configuration (rc_name);
198 g_message (
"Reloading the scanner.\n");
201 config_file = prefs_get (
"config_file");
204 prefs_config (config_file);
210 g_message (
"Finished reloading the scanner.");
229 struct kb_item *res = NULL;
231 g_debug (
"Start loading scan preferences.");
235 snprintf (key,
sizeof (key),
"internal/%s/scanprefs", globals->
scan_id);
236 kb = kb_find (prefs_get (
"db_address"), key);
240 res = kb_item_get_all (kb, key);
246 gchar **pref = g_strsplit (res->v_str,
"|||", 2);
249 gchar **pref_name = g_strsplit (pref[0],
":", 3);
250 if (pref_name[1] && pref_name[2]
251 && !strncmp (pref_name[2],
"file", 4))
253 char *file_hash = gvm_uuid_make ();
255 prefs_set (pref[0], file_hash);
256 ret =
store_file (globals, pref[1], file_hash);
258 g_debug (
"Load preference: Failed to upload file "
259 "for nvt %s preference.",
265 prefs_set (pref[0], pref[1] ?:
"");
266 g_strfreev (pref_name);
272 snprintf (key,
sizeof (key),
"internal/%s", globals->
scan_id);
273 kb_item_set_str (kb, key,
"ready", 0);
274 kb_item_set_int (kb,
"internal/ovas_pid", getpid ());
276 g_debug (
"End loading scan preferences.");
290 g_warning (
"No preferences found for the scan %s", globals->
scan_id);
322 static gchar *rc_name = NULL;
327 prefs_config (config_file);
330 rc_name = g_build_filename (OPENVAS_SYSCONF_DIR,
"openvas_log.conf", NULL);
331 if (g_file_test (rc_name, G_FILE_TEST_EXISTS))
332 log_config = load_log_configuration (rc_name);
346 rc = kb_new (&kb, prefs_get (
"db_address"));
350 rc = kb_flush (kb, NVTICACHE_STR);
357 if (gcry_control (GCRYCTL_ANY_INITIALIZATION_P))
359 gcry_check_version (NULL);
360 gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
361 gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0);
362 gcry_control (GCRYCTL_RESUME_SECMEM_WARN);
363 gcry_control (GCRYCTL_INITIALIZATION_FINISHED);
372 #if GNUTLS_VERSION_NUMBER < 0x030300
374 g_message (
"Could not initialize openvas SSL!");
377 #ifdef OPENVAS_GIT_REVISION
378 g_message (
"openvas %s (GIT revision %s) started", OPENVAS_VERSION,
379 OPENVAS_GIT_REVISION);
381 g_message (
"openvas %s started", OPENVAS_VERSION);
412 kb = kb_find (prefs_get (
"db_address"), key);
416 pid = kb_item_get_int (kb,
"internal/ovas_pid");
432 proctitle_init (argc, argv);
435 static gboolean display_version = FALSE;
436 static gchar *config_file = NULL;
438 static gchar *stop_scan_id = NULL;
439 static gboolean print_specs = FALSE;
440 static gboolean print_sysconfdir = FALSE;
441 static gboolean update_vt_info = FALSE;
442 GError *error = NULL;
443 GOptionContext *option_context;
444 static GOptionEntry entries[] = {
445 {
"version",
'V', 0, G_OPTION_ARG_NONE, &display_version,
446 "Display version information", NULL},
447 {
"config-file",
'c', 0, G_OPTION_ARG_FILENAME, &config_file,
448 "Configuration file",
"<filename>"},
449 {
"cfg-specs",
's', 0, G_OPTION_ARG_NONE, &print_specs,
450 "Print configuration settings", NULL},
451 {
"sysconfdir",
'y', 0, G_OPTION_ARG_NONE, &print_sysconfdir,
452 "Print system configuration directory (set at compile time)", NULL},
453 {
"update-vt-info",
'u', 0, G_OPTION_ARG_NONE, &update_vt_info,
454 "Updates VT info into redis store from VT files", NULL},
455 {
"scan-start",
'\0', 0, G_OPTION_ARG_STRING, &
scan_id,
456 "ID of scan to start. ID and related data must be stored into redis "
459 {
"scan-stop",
'\0', 0, G_OPTION_ARG_STRING, &stop_scan_id,
460 "ID of scan to stop",
"<string>"},
462 {NULL, 0, 0, 0, NULL, NULL, NULL}};
465 g_option_context_new (
"- Open Vulnerability Assessment Scanner");
466 g_option_context_add_main_entries (option_context, entries, NULL);
467 if (!g_option_context_parse (option_context, &argc, &argv, &error))
469 g_print (
"%s\n\n", error->message);
472 g_option_context_free (option_context);
475 if (print_sysconfdir)
477 g_print (
"%s\n", SYSCONFDIR);
484 printf (
"OpenVAS %s\n", OPENVAS_VERSION);
485 #ifdef OPENVAS_GIT_REVISION
486 printf (
"GIT revision %s\n", OPENVAS_GIT_REVISION);
488 printf (
"Most new code since 2005: (C) 2019 Greenbone Networks GmbH\n");
490 "Nessus origin: (C) 2004 Renaud Deraison <deraison@nessus.org>\n");
491 printf (
"License GPLv2: GNU GPL version 2\n");
493 "This is free software: you are free to change and redistribute it.\n"
494 "There is NO WARRANTY, to the extent permitted by law.\n\n");
499 if (setenv (
"TZ",
"utc 0", 1) == -1)
501 g_print (
"%s\n\n", strerror (errno));
507 config_file = OPENVAS_CONF;
520 if (prefs_get (
"vendor_version") != NULL)
546 #if GNUTLS_VERSION_NUMBER < 0x030300
548 g_message (
"Could not initialize openvas SSL!");