[Openvas-commits] r6150 - in trunk/openvas-manager: . src

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Wed Dec 16 18:21:07 CET 2009


Author: mattm
Date: 2009-12-16 18:20:47 +0100 (Wed, 16 Dec 2009)
New Revision: 6150

Modified:
   trunk/openvas-manager/ChangeLog
   trunk/openvas-manager/src/manage.h
   trunk/openvas-manager/src/omp.c
   trunk/openvas-manager/src/tasks_sql.h
Log:
	Add filtered count to OMP GET_REPORT XML report.

	* src/tasks_sql.h (where_levels): New function.
	(init_result_iterator): Move levels WHERE calc to where_levels.
	(report_scan_result_count): Add a levels arg.

	* src/manage.h: Update header.

	* src/omp.c (omp_xml_handle_end_element): In the XML case of
	CLIENT_GET_REPORT add a filtered count to SCAN_RESULT_COUNT.

Modified: trunk/openvas-manager/ChangeLog
===================================================================
--- trunk/openvas-manager/ChangeLog	2009-12-16 13:39:08 UTC (rev 6149)
+++ trunk/openvas-manager/ChangeLog	2009-12-16 17:20:47 UTC (rev 6150)
@@ -1,5 +1,18 @@
 2009-12-16  Matthew Mundell <matthew.mundell at intevation.de>
 
+	Add filtered count to OMP GET_REPORT XML report.
+
+	* src/tasks_sql.h (where_levels): New function.
+	(init_result_iterator): Move levels WHERE calc to where_levels.
+	(report_scan_result_count): Add a levels arg.
+
+	* src/manage.h: Update header.
+
+	* src/omp.c (omp_xml_handle_end_element): In the XML case of
+	CLIENT_GET_REPORT add a filtered count to SCAN_RESULT_COUNT.
+
+2009-12-16  Matthew Mundell <matthew.mundell at intevation.de>
+
 	Add database migration from version 7 to 8.
 
 	* src/tasks_sql.h (migrate_7_to_8): New function.

Modified: trunk/openvas-manager/src/manage.h
===================================================================
--- trunk/openvas-manager/src/manage.h	2009-12-16 13:39:08 UTC (rev 6149)
+++ trunk/openvas-manager/src/manage.h	2009-12-16 17:20:47 UTC (rev 6150)
@@ -441,7 +441,7 @@
 report_scan_run_status (report_t, int*);
 
 int
-report_scan_result_count (report_t, int*);
+report_scan_result_count (report_t, const char*, int*);
 
 int
 report_counts (const char*, int*, int*, int*, int*, int*);

Modified: trunk/openvas-manager/src/omp.c
===================================================================
--- trunk/openvas-manager/src/omp.c	2009-12-16 13:39:08 UTC (rev 6149)
+++ trunk/openvas-manager/src/omp.c	2009-12-16 17:20:47 UTC (rev 6150)
@@ -3657,7 +3657,7 @@
               {
                 task_t task;
                 char *tsk_uuid = NULL, *start_time, *end_time;
-                int result_count, run_status;
+                int result_count, filtered_result_count, run_status;
                 const char *levels;
 
                 /* Attribute levels. */
@@ -3680,7 +3680,9 @@
                     break;
                   }
 
-                report_scan_result_count (report, &result_count);
+                report_scan_result_count (report, NULL, &result_count);
+                report_scan_result_count (report, levels,
+                                          &filtered_result_count);
                 report_scan_run_status (report, &run_status);
                 SENDF_TO_CLIENT_OR_FAIL
                  ("<get_report_response"
@@ -3710,11 +3712,15 @@
                 SENDF_TO_CLIENT_OR_FAIL
                  ("</filters>"
                   "<scan_run_status>%s</scan_run_status>"
-                  "<scan_result_count>%i</scan_result_count>",
+                  "<scan_result_count>"
+                  "%i"
+                  "<filtered>%i</filtered>"
+                  "</scan_result_count>",
                   run_status_name (run_status
                                    ? run_status
                                    : TASK_STATUS_INTERNAL_ERROR),
-                  result_count);
+                  result_count,
+                  filtered_result_count);
 
                 if (task && tsk_uuid)
                   {

Modified: trunk/openvas-manager/src/tasks_sql.h
===================================================================
--- trunk/openvas-manager/src/tasks_sql.h	2009-12-16 13:39:08 UTC (rev 6149)
+++ trunk/openvas-manager/src/tasks_sql.h	2009-12-16 17:20:47 UTC (rev 6150)
@@ -3434,6 +3434,91 @@
 }
 
 /**
+ * @brief Return SQL WHERE for restricting a SELECT to levels.
+ *
+ * @param[in]  levels        String describing threat levels (message types)
+ *                           to include in report (for example, "hmlgd" for
+ *                           High, Medium, Low, loG and Debug).  All levels if
+ *                           NULL.
+ *
+ * @return WHERE clause for levels.
+ */
+GString *
+where_levels (const char* levels)
+{
+  GString *levels_sql = NULL;
+
+  /* Generate SQL for constraints on message type, according to levels. */
+
+  if (strlen (levels))
+    {
+      int count = 0;
+
+      /* High. */
+      if (strchr (levels, 'h'))
+        {
+          count = 1;
+          levels_sql = g_string_new (" AND (type = 'Security Hole'");
+        }
+
+      /* Medium. */
+      if (strchr (levels, 'm'))
+        {
+          if (count == 0)
+            levels_sql = g_string_new (" AND (type = 'Security Warning'");
+          else
+            levels_sql = g_string_append (levels_sql,
+                                          " OR type = 'Security Warning'");
+          count++;
+        }
+
+      /* Low. */
+      if (strchr (levels, 'l'))
+        {
+          if (count == 0)
+            levels_sql = g_string_new (" AND (type = 'Security Note'");
+          else
+            levels_sql = g_string_append (levels_sql,
+                                          " OR type = 'Security Note'");
+          count++;
+        }
+
+      /* loG. */
+      if (strchr (levels, 'g'))
+        {
+          if (count == 0)
+            levels_sql = g_string_new (" AND (type = 'Log Message'");
+          else
+            levels_sql = g_string_append (levels_sql,
+                                          " OR type = 'Log Message'");
+          count++;
+        }
+
+      /* Debug. */
+      if (strchr (levels, 'd'))
+        {
+          if (count == 0)
+            levels_sql = g_string_new (" AND (type = 'Debug Message')");
+          else
+            levels_sql = g_string_append (levels_sql,
+                                          " OR type = 'Debug Message')");
+          count++;
+        }
+      else if (count)
+        levels_sql = g_string_append (levels_sql, ")");
+
+      if (count == 5)
+        {
+          /* All levels. */
+          g_string_free (levels_sql, TRUE);
+          levels_sql = NULL;
+        }
+    }
+  return levels_sql;
+}
+
+
+/**
  * @brief Initialise a result iterator.
  *
  * The results are ordered by host, then port and type (severity) according
@@ -3464,75 +3549,8 @@
   if (levels == NULL) levels = "hmlgd";
   if (report)
     {
-      GString *levels_sql = NULL;
+      GString *levels_sql = where_levels (levels);
 
-      /* Generate SQL for constraints on message type, according to levels. */
-
-      if (strlen (levels))
-        {
-          int count = 0;
-
-          /* High. */
-          if (strchr (levels, 'h'))
-            {
-              count = 1;
-              levels_sql = g_string_new (" AND (type = 'Security Hole'");
-            }
-
-          /* Medium. */
-          if (strchr (levels, 'm'))
-            {
-              if (count == 0)
-                levels_sql = g_string_new (" AND (type = 'Security Warning'");
-              else
-                levels_sql = g_string_append (levels_sql,
-                                              " OR type = 'Security Warning'");
-              count++;
-            }
-
-          /* Low. */
-          if (strchr (levels, 'l'))
-            {
-              if (count == 0)
-                levels_sql = g_string_new (" AND (type = 'Security Note'");
-              else
-                levels_sql = g_string_append (levels_sql,
-                                              " OR type = 'Security Note'");
-              count++;
-            }
-
-          /* loG. */
-          if (strchr (levels, 'g'))
-            {
-              if (count == 0)
-                levels_sql = g_string_new (" AND (type = 'Log Message'");
-              else
-                levels_sql = g_string_append (levels_sql,
-                                              " OR type = 'Log Message'");
-              count++;
-            }
-
-          /* Debug. */
-          if (strchr (levels, 'd'))
-            {
-              if (count == 0)
-                levels_sql = g_string_new (" AND (type = 'Debug Message')");
-              else
-                levels_sql = g_string_append (levels_sql,
-                                              " OR type = 'Debug Message')");
-              count++;
-            }
-          else if (count)
-            levels_sql = g_string_append (levels_sql, ")");
-
-          if (count == 5)
-            {
-              /* All levels. */
-              g_string_free (levels_sql, TRUE);
-              levels_sql = NULL;
-            }
-        }
-
       /* Allocate the query. */
 
       if (host)
@@ -3888,13 +3906,31 @@
  * @brief Get the number of results in the scan associated with a report.
  *
  * @param[in]   report  Report.
+ * @param[in]   levels  String describing threat levels (message types)
+ *                      to include in count (for example, "hmlgd" for
+ *                      High, Medium, Low, loG and Debug).  All levels if
+ *                      NULL.
  * @param[out]  count   Total number of results in the scan.
  *
  * @return 0 on success, -1 on error.
  */
 int
-report_scan_result_count (report_t report, int* count)
+report_scan_result_count (report_t report, const char* levels, int* count)
 {
+  if (levels)
+    {
+      GString *levels_sql = where_levels (levels);
+      *count = sql_int (0, 0,
+                        "SELECT count(*) FROM results, report_results"
+                        " WHERE results.ROWID = report_results.result"
+                        "%s"
+                        " AND report_results.report = %llu;",
+                        levels_sql ? levels_sql->str : "",
+                        report);
+      if (levels_sql) g_string_free (levels_sql, TRUE);
+      return 0;
+    }
+
   *count = sql_int (0, 0,
                     "SELECT count(*) FROM results, report_results"
                     " WHERE results.ROWID = report_results.result"



More information about the Openvas-commits mailing list