[Openvas-commits] r7437 - in trunk/openvas-manager: . src
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Tue Apr 27 11:52:18 CEST 2010
Author: felix
Date: 2010-04-27 11:51:59 +0200 (Tue, 27 Apr 2010)
New Revision: 7437
Modified:
trunk/openvas-manager/ChangeLog
trunk/openvas-manager/src/manage.c
trunk/openvas-manager/src/manage.h
trunk/openvas-manager/src/manage_sql.c
trunk/openvas-manager/src/openvasmd.c
Log:
Reviving formerly reverted changes (penultimate commit). The issue
was solved elsewhere, two minor additional changes.
* src/manage.h, src/manage.c, src/manage_sql.c, src/openvasmd.c:
Reverted to penultimate commit.
* src/manage.c (run_task): Added todo about possible code collapse.
(manage_schedule): Fixed setting of owner_uuid (second in list).
Modified: trunk/openvas-manager/ChangeLog
===================================================================
--- trunk/openvas-manager/ChangeLog 2010-04-27 09:05:22 UTC (rev 7436)
+++ trunk/openvas-manager/ChangeLog 2010-04-27 09:51:59 UTC (rev 7437)
@@ -1,3 +1,14 @@
+2010-04-27 Felix Wolfsteller <felix.wolfsteller at greenbone.net>
+
+ Reviving formerly reverted changes (penultimate commit). The issue
+ was solved elsewhere, two minor additional changes.
+
+ * src/manage.h, src/manage.c, src/manage_sql.c, src/openvasmd.c:
+ Reverted to penultimate commit.
+
+ * src/manage.c (run_task): Added todo about possible code collapse.
+ (manage_schedule): Fixed setting of owner_uuid (second in list).
+
2010-04-26 Felix Wolfsteller <felix.wolfsteller at greenbone.net>
Reverting last commit due to not yet identified bug that leads to
Modified: trunk/openvas-manager/src/manage.c
===================================================================
--- trunk/openvas-manager/src/manage.c 2010-04-27 09:05:22 UTC (rev 7436)
+++ trunk/openvas-manager/src/manage.c 2010-04-27 09:51:59 UTC (rev 7437)
@@ -764,7 +764,7 @@
/** @todo to discern two users with same username but authenticated
* differently, pass username + uuid, or username + passw or
* store the rules in memory at time of authentication. */
- if (openvas_auth_user_rules (current_credentials.username, &rules) == 0)
+ if (openvas_auth_user_uuid_rules (current_credentials.username, current_credentials.uuid, &rules) == 0)
{
tracef (" failed to get rules.");
return -1;
@@ -1078,6 +1078,7 @@
reset_task (task);
/* Send the preferences header. */
+ /** @todo collapse/OR-connect code, nearly all -10 returners do the same if failed. */
if (send_to_server ("CLIENT <|> PREFERENCES <|>\n"))
{
@@ -1771,6 +1772,12 @@
int authenticate_allow_all = 0;
/**
+ * @brief UUID of user whose scheduled task is to be started (in connection
+ * with authenticate_allow_all).
+ */
+gchar* schedule_user_uuid = 0;
+
+/**
* @brief Ensure that any subsequent authentications succeed.
*/
void
@@ -1780,6 +1787,28 @@
}
/**
+ * @brief Access UUID of user that scheduled the current task.
+ *
+ * @return UUID of user that scheduled the current task.
+ */
+gchar*
+get_scheduled_user_uuid ()
+{
+ return schedule_user_uuid;
+}
+
+/**
+ * @brief Set UUID of user that scheduled the current task.
+ *
+ * @param user_uuid UUID of user that scheduled the current task.
+ */
+void
+set_scheduled_user_uuid (gchar* user_uuid)
+{
+ schedule_user_uuid = user_uuid;
+}
+
+/**
* @brief Schedule any actions that are due.
*
* In openvasmd, periodically called from the main daemon loop.
@@ -1793,7 +1822,8 @@
int
manage_schedule (int (*fork_connection) (int *,
gnutls_session_t *,
- gnutls_certificate_credentials_t *))
+ gnutls_certificate_credentials_t *,
+ gchar*))
{
iterator_t schedules;
GSList *starts = NULL, *stops = NULL;
@@ -1872,24 +1902,30 @@
set_task_schedule_next_time
(task_schedule_iterator_task (&schedules), 0);
- /* Add task and owner UUIDs to the list. */
+ /* Add task UUID and owner name and UUID to the list. */
starts = g_slist_prepend
(starts,
g_strdup (task_schedule_iterator_task_uuid (&schedules)));
starts = g_slist_prepend
(starts,
+ g_strdup (task_schedule_iterator_owner_uuid (&schedules)));
+ starts = g_slist_prepend
+ (starts,
g_strdup (task_schedule_iterator_owner_name (&schedules)));
}
else if (task_schedule_iterator_stop_due (&schedules))
{
- /* Add task and owner UUIDs to the list. */
+ /* Add task UUID and owner name and UUID to the list. */
stops = g_slist_prepend
(stops,
g_strdup (task_schedule_iterator_task_uuid (&schedules)));
stops = g_slist_prepend
(stops,
+ g_strdup (task_schedule_iterator_owner_uuid (&schedules)));
+ stops = g_slist_prepend
+ (stops,
g_strdup (task_schedule_iterator_owner_name (&schedules)));
}
cleanup_task_schedule_iterator (&schedules);
@@ -1901,26 +1937,30 @@
int socket;
gnutls_session_t session;
gnutls_certificate_credentials_t credentials;
- gchar *task_uuid, *owner;
+ gchar *task_uuid, *owner, *owner_uuid;
GSList *head;
owner = starts->data;
assert (starts->next);
- task_uuid = starts->next->data;
+ owner_uuid = starts->next->data;
+ assert (starts->next->next);
+ task_uuid = starts->next->next->data;
head = starts;
- starts = starts->next->next;
+ starts = starts->next->next->next;
+ g_slist_free_1 (head->next->next);
g_slist_free_1 (head->next);
g_slist_free_1 (head);
/* Run the callback to fork a child connected to the Manager. */
- switch (fork_connection (&socket, &session, &credentials))
+ switch (fork_connection (&socket, &session, &credentials, owner_uuid))
{
case 0:
/* Parent. Continue to next task. */
g_free (task_uuid);
g_free (owner);
+ g_free (owner_uuid);
continue;
break;
@@ -1928,6 +1968,7 @@
/* Parent on error. */
g_free (task_uuid);
g_free (owner);
+ g_free (owner_uuid);
while (starts)
{
g_free (starts->data);
@@ -1952,6 +1993,7 @@
{
g_free (task_uuid);
g_free (owner);
+ g_free (owner_uuid);
openvas_server_free (socket, session, credentials);
exit (EXIT_FAILURE);
}
@@ -1960,12 +2002,14 @@
{
g_free (task_uuid);
g_free (owner);
+ g_free (owner_uuid);
openvas_server_free (socket, session, credentials);
exit (EXIT_FAILURE);
}
g_free (task_uuid);
g_free (owner);
+ g_free (owner_uuid);
openvas_server_free (socket, session, credentials);
exit (EXIT_SUCCESS);
}
@@ -1977,26 +2021,30 @@
int socket;
gnutls_session_t session;
gnutls_certificate_credentials_t credentials;
- gchar *task_uuid, *owner;
+ gchar *task_uuid, *owner, *owner_uuid;
GSList *head;
owner = stops->data;
assert (stops->next);
- task_uuid = stops->next->data;
+ owner_uuid = stops->next->data;
+ assert (stops->next->next);
+ task_uuid = stops->next->next->data;
head = stops;
- stops = stops->next->next;
+ stops = stops->next->next->next;
+ g_slist_free_1 (head->next->next);
g_slist_free_1 (head->next);
g_slist_free_1 (head);
/* Run the callback to fork a child connected to the Manager. */
- switch (fork_connection (&socket, &session, &credentials))
+ switch (fork_connection (&socket, &session, &credentials, owner_uuid))
{
case 0:
/* Parent. Continue to next task. */
g_free (task_uuid);
g_free (owner);
+ g_free (owner_uuid);
continue;
break;
@@ -2004,6 +2052,7 @@
/* Parent on error. */
g_free (task_uuid);
g_free (owner);
+ g_free (owner_uuid);
while (stops)
{
g_free (stops->data);
@@ -2028,6 +2077,7 @@
{
g_free (task_uuid);
g_free (owner);
+ g_free (owner_uuid);
openvas_server_free (socket, session, credentials);
exit (EXIT_FAILURE);
}
@@ -2036,12 +2086,14 @@
{
g_free (task_uuid);
g_free (owner);
+ g_free (owner_uuid);
openvas_server_free (socket, session, credentials);
exit (EXIT_FAILURE);
}
g_free (task_uuid);
g_free (owner);
+ g_free (owner_uuid);
openvas_server_free (socket, session, credentials);
exit (EXIT_SUCCESS);
}
Modified: trunk/openvas-manager/src/manage.h
===================================================================
--- trunk/openvas-manager/src/manage.h 2010-04-27 09:05:22 UTC (rev 7436)
+++ trunk/openvas-manager/src/manage.h 2010-04-27 09:51:59 UTC (rev 7437)
@@ -6,7 +6,7 @@
* Matthew Mundell <matt at mundell.ukfsn.org>
*
* Copyright:
- * Copyright (C) 2009 Greenbone Networks GmbH
+ * Copyright (C) 2009.2010 Greenbone Networks GmbH
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2,
@@ -1218,10 +1218,17 @@
void
manage_auth_allow_all ();
+gchar*
+get_scheduled_user_uuid ();
+
+void
+set_scheduled_user_uuid (gchar* uuid);
+
int
manage_schedule (int (*) (int *,
gnutls_session_t *,
- gnutls_certificate_credentials_t *));
+ gnutls_certificate_credentials_t *,
+ gchar*));
char *
schedule_uuid (schedule_t);
Modified: trunk/openvas-manager/src/manage_sql.c
===================================================================
--- trunk/openvas-manager/src/manage_sql.c 2010-04-27 09:05:22 UTC (rev 7436)
+++ trunk/openvas-manager/src/manage_sql.c 2010-04-27 09:51:59 UTC (rev 7437)
@@ -4375,8 +4375,10 @@
if (authenticate_allow_all)
{
- /** @todo overcome this by storing the users uuid at fork time. */
- credentials->uuid = openvas_user_uuid (credentials->username);
+ /* This flag is set for scheduled tasks only. Take the stored uuid
+ * to be able to tell apart locally authenticated vs remotely
+ * authenticated users (in order to fetch the correct rules). */
+ credentials->uuid = get_scheduled_user_uuid ();
if (*credentials->uuid)
return 0;
return -1;
Modified: trunk/openvas-manager/src/openvasmd.c
===================================================================
--- trunk/openvas-manager/src/openvasmd.c 2010-04-27 09:05:22 UTC (rev 7436)
+++ trunk/openvas-manager/src/openvasmd.c 2010-04-27 09:51:59 UTC (rev 7437)
@@ -6,7 +6,7 @@
* Matthew Mundell <matt at mundell.ukfsn.org>
*
* Copyright:
- * Copyright (C) 2009 Greenbone Networks GmbH
+ * Copyright (C) 2009,2010 Greenbone Networks GmbH
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2,
@@ -478,7 +478,7 @@
fork_connection_for_schedular (int *client_socket,
gnutls_session_t *client_session,
gnutls_certificate_credentials_t
- *client_credentials)
+ *client_credentials, gchar* uuid)
{
int pid, parent_client_socket, ret;
int sockets[2];
@@ -586,6 +586,7 @@
* enables the schedular to login as the owner of the scheduled
* task. */
manage_auth_allow_all ();
+ set_scheduled_user_uuid (uuid);
ret = serve_client (parent_client_socket);
/** @todo This should be done through libomp. */
More information about the Openvas-commits
mailing list