[Openvas-commits] r6744 - in trunk/gsa: . src src/html/src
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Mon Feb 15 23:15:18 CET 2010
Author: mattm
Date: 2010-02-15 23:15:16 +0100 (Mon, 15 Feb 2010)
New Revision: 6744
Modified:
trunk/gsa/ChangeLog
trunk/gsa/src/gsad.c
trunk/gsa/src/gsad_omp.c
trunk/gsa/src/gsad_omp.h
trunk/gsa/src/html/src/omp.xsl
Log:
Add note constraints.
* src/gsad.c (init_validator): Add "port", "result_id" and "threat"
validators.
(struct req_parms): Add params.
(free_resources): Add param freeing.
(serve_post): Pass contraint args to create_note_omp.
(exec_omp_get): Pass contraint args to new_note_omp.
* src/gsad_omp.c (new_note_omp): Add constraint args.
(create_note_omp): Add constraint args.
* src/gsad_omp.h: Update headers accordingly.
* src/omp.xsl (html-create-note-form): Add contraint input.
(new_note): Pass contraint values to new_note.
Modified: trunk/gsa/ChangeLog
===================================================================
--- trunk/gsa/ChangeLog 2010-02-15 15:07:49 UTC (rev 6743)
+++ trunk/gsa/ChangeLog 2010-02-15 22:15:16 UTC (rev 6744)
@@ -1,3 +1,22 @@
+2010-02-15 Matthew Mundell <matthew.mundell at intevation.de>
+
+ Add note constraints.
+
+ * src/gsad.c (init_validator): Add "port", "result_id" and "threat"
+ validators.
+ (struct req_parms): Add params.
+ (free_resources): Add param freeing.
+ (serve_post): Pass contraint args to create_note_omp.
+ (exec_omp_get): Pass contraint args to new_note_omp.
+
+ * src/gsad_omp.c (new_note_omp): Add constraint args.
+ (create_note_omp): Add constraint args.
+
+ * src/gsad_omp.h: Update headers accordingly.
+
+ * src/omp.xsl (html-create-note-form): Add contraint input.
+ (new_note): Pass contraint values to new_note.
+
2010-02-12 Matthew Mundell <matthew.mundell at intevation.de>
Add adding of notes.
@@ -2,3 +21,3 @@
- * src/gsad.c (init_validator): Add creeate_note and new_note commands.
+ * src/gsad.c (init_validator): Add create_note and new_note commands.
Add "max_results" and "text" validators.
Modified: trunk/gsa/src/gsad.c
===================================================================
--- trunk/gsa/src/gsad.c 2010-02-15 15:07:49 UTC (rev 6743)
+++ trunk/gsa/src/gsad.c 2010-02-15 22:15:16 UTC (rev 6744)
@@ -250,14 +250,17 @@
openvas_validator_add (validator, "page", "^[_[:alnum:] ]{1,40}$");
openvas_validator_add (validator, "package_format", "^(key)|(rpm)|(deb)|(exe)$");
openvas_validator_add (validator, "password", "^[[:alnum:], \\./]{0,40}$");
+ openvas_validator_add (validator, "port", "^[[:alnum:]_/]{1,400}$");
/** @todo Better regex. */
openvas_validator_add (validator, "preference_name", "^(.*){0,400}$");
openvas_validator_add (validator, "pw", "^[[:alnum:]]{1,10}$");
openvas_validator_add (validator, "xml_file", NULL);
openvas_validator_add (validator, "report_id", "^[a-z0-9\\-]+$");
+ openvas_validator_add (validator, "result_id", "^[a-z0-9\\-]+$");
openvas_validator_add (validator, "role", "^[[:alnum:] ]{1,40}$");
openvas_validator_add (validator, "task_id", "^[a-z0-9\\-]+$");
openvas_validator_add (validator, "text", "^.{0,1000}");
+ openvas_validator_add (validator, "threat", "^(High|Medium|Low|Log|)$");
openvas_validator_add (validator, "search_phrase", "^[-_[:alnum:], \\./]{0,400}$");
openvas_validator_add (validator, "sort_field", "^[_[:alnum:] ]{1,20}$");
openvas_validator_add (validator, "sort_order", "^(ascending)|(descending)$");
@@ -431,8 +434,12 @@
char *oid; ///< Value of "oid" parameter.
char *pw; ///< Value of "pw" parameter.
char *password; ///< Value of "password" parameter.
+ char *port; ///< Value of "port" parameter.
char *timeout; ///< Value of "timeout" parameter.
+ char *threat; ///< Value of "threat" parameter.
char *text; ///< Value of "text" parameter.
+ char *task_id; ///< Value of "task_id" parameter.
+ char *result_id; ///< Value of "result_id" parameter.
char *report_id; ///< Value of "report_id" parameter.
char *first_result; ///< Value of "first_result" parameter.
char *max_results; ///< Value of "max_results" parameter.
@@ -613,11 +620,15 @@
free (con_info->req_parms.login);
free (con_info->req_parms.pw);
free (con_info->req_parms.password);
+ free (con_info->req_parms.port);
free (con_info->req_parms.oid);
free (con_info->req_parms.sort_field);
free (con_info->req_parms.sort_order);
free (con_info->req_parms.timeout);
+ free (con_info->req_parms.threat);
free (con_info->req_parms.text);
+ free (con_info->req_parms.task_id);
+ free (con_info->req_parms.result_id);
free (con_info->req_parms.report_id);
free (con_info->req_parms.first_result);
free (con_info->req_parms.max_results);
@@ -1206,9 +1217,21 @@
return MHD_YES;
}
+ if (!strcmp (key, "port"))
+ return append_chunk_string (con_info, data, size, off,
+ &con_info->req_parms.port);
+ if (!strcmp (key, "threat"))
+ return append_chunk_string (con_info, data, size, off,
+ &con_info->req_parms.threat);
if (!strcmp (key, "text"))
return append_chunk_string (con_info, data, size, off,
&con_info->req_parms.text);
+ if (!strcmp (key, "task_id"))
+ return append_chunk_string (con_info, data, size, off,
+ &con_info->req_parms.task_id);
+ if (!strcmp (key, "result_id"))
+ return append_chunk_string (con_info, data, size, off,
+ &con_info->req_parms.result_id);
if (!strcmp (key, "report_id"))
return append_chunk_string (con_info, data, size, off,
&con_info->req_parms.report_id);
@@ -1803,22 +1826,57 @@
free (con_info->req_parms.oid);
con_info->req_parms.oid = NULL;
}
-#if 0
- if (openvas_validate (validator,
- "hosts",
- con_info->req_parms.hosts)
- || validate_hosts_parameter (con_info->req_parms.hosts) == FALSE)
+
+ if (openvas_validate (validator, "text", con_info->req_parms.text))
{
+ free (con_info->req_parms.text);
+ con_info->req_parms.text = NULL;
+ }
+
+ if (strcmp (con_info->req_parms.port, "")
+ && openvas_validate (validator, "port", con_info->req_parms.port))
+ {
+ free (con_info->req_parms.port);
+ con_info->req_parms.port = NULL;
+ }
+
+ if (strcmp (con_info->req_parms.threat, "")
+ && openvas_validate (validator,
+ "threat",
+ con_info->req_parms.threat))
+ {
+ free (con_info->req_parms.threat);
+ con_info->req_parms.threat = NULL;
+ }
+
+ if (strcmp (con_info->req_parms.hosts, "")
+ && (openvas_validate (validator,
+ "hosts",
+ con_info->req_parms.hosts)
+ || validate_hosts_parameter (con_info->req_parms.hosts) == FALSE))
+ {
free (con_info->req_parms.hosts);
con_info->req_parms.hosts = NULL;
}
-#endif
- if (openvas_validate (validator, "text", con_info->req_parms.text))
+
+ if (strcmp (con_info->req_parms.task_id, "")
+ && openvas_validate (validator,
+ "task_id",
+ con_info->req_parms.task_id))
{
- free (con_info->req_parms.text);
- con_info->req_parms.text = NULL;
+ free (con_info->req_parms.task_id);
+ con_info->req_parms.task_id = NULL;
}
+ if (strcmp (con_info->req_parms.result_id, "")
+ && openvas_validate (validator,
+ "result_id",
+ con_info->req_parms.result_id))
+ {
+ free (con_info->req_parms.result_id);
+ con_info->req_parms.result_id = NULL;
+ }
+
/* Check parameters for requesting the report. */
if (openvas_validate (validator,
@@ -1885,6 +1943,11 @@
create_note_omp (credentials,
con_info->req_parms.oid,
con_info->req_parms.text,
+ con_info->req_parms.hosts,
+ con_info->req_parms.port,
+ con_info->req_parms.threat,
+ con_info->req_parms.task_id,
+ con_info->req_parms.result_id,
con_info->req_parms.report_id,
first,
max,
@@ -2075,6 +2138,7 @@
char *cmd = NULL;
const char *agent_format = NULL;
const char *task_id = NULL;
+ const char *result_id = NULL;
const char *report_id = NULL;
const char *note_id = NULL;
const char *format = NULL;
@@ -2082,12 +2146,15 @@
const char *name = NULL;
const char *family = NULL;
const char *first_result = NULL;
+ const char *hosts = NULL;
const char *max_results = NULL;
const char *oid = NULL;
const char *sort_field = NULL;
const char *sort_order = NULL;
const char *levels = NULL;
const char *search_phrase = NULL;
+ const char *port = NULL;
+ const char *threat = NULL;
const char *refresh_interval = NULL;
const char *duration = NULL;
int high = 0, medium = 0, low = 0, log = 0;
@@ -2120,6 +2187,12 @@
if (openvas_validate (validator, "task_id", task_id))
task_id = NULL;
+ result_id = MHD_lookup_connection_value (connection,
+ MHD_GET_ARGUMENT_KIND,
+ "result_id");
+ if (openvas_validate (validator, "result_id", result_id))
+ result_id = NULL;
+
report_id = MHD_lookup_connection_value (connection,
MHD_GET_ARGUMENT_KIND,
"report_id");
@@ -2262,6 +2335,30 @@
}
else
search_phrase = "";
+
+ hosts = MHD_lookup_connection_value (connection,
+ MHD_GET_ARGUMENT_KIND,
+ "hosts");
+ if (openvas_validate (validator, "hosts", hosts))
+ hosts = NULL;
+
+ port = MHD_lookup_connection_value (connection,
+ MHD_GET_ARGUMENT_KIND,
+ "port");
+ if (port)
+ {
+ if (openvas_validate (validator, "port", port))
+ port = NULL;
+ }
+
+ threat = MHD_lookup_connection_value (connection,
+ MHD_GET_ARGUMENT_KIND,
+ "threat");
+ if (threat)
+ {
+ if (openvas_validate (validator, "threat", threat))
+ threat = NULL;
+ }
}
else
return gsad_message ("Internal error", __FUNCTION__, __LINE__,
@@ -2521,7 +2618,14 @@
return test_escalator_omp (credentials, name, sort_field, sort_order);
else if ((!strcmp (cmd, "new_note"))
+ /* Note params. */
&& (oid != NULL)
+ && (hosts != NULL)
+ && (port != NULL)
+ && (threat != NULL)
+ && (task_id != NULL)
+ && (result_id != NULL)
+ /* Report passthrough params. */
&& (report_id != NULL)
&& (first_result != NULL)
&& (max_results != NULL)
@@ -2529,8 +2633,10 @@
&& (sort_order != NULL)
&& (levels != NULL)
&& (search_phrase != NULL))
- return new_note_omp (credentials, oid, report_id, first_result, max_results,
- sort_field, sort_order, levels, search_phrase);
+ return new_note_omp (credentials, oid, hosts, port, threat, task_id,
+ name, result_id, report_id, first_result,
+ max_results, sort_field, sort_order, levels,
+ search_phrase);
else
return gsad_message ("Internal error", __FUNCTION__, __LINE__,
Modified: trunk/gsa/src/gsad_omp.c
===================================================================
--- trunk/gsa/src/gsad_omp.c 2010-02-15 15:07:49 UTC (rev 6743)
+++ trunk/gsa/src/gsad_omp.c 2010-02-15 22:15:16 UTC (rev 6744)
@@ -3801,6 +3801,10 @@
*
* @param[in] credentials Username and password for authentication.
* @param[in] oid OID of NVT associated with note.
+ * @param[in] port Port to limit note to, "" for all.
+ * @param[in] threat Threat to limit note to, "" for all.
+ * @param[in] task_id ID of task to limit note to, "" for all.
+ * @param[in] task_name Name of task to limit note to, task_id given.
* @param[in] report_id ID of report.
* @param[in] first_result Number of first result in report.
* @param[in] max_results Number of results in report.
@@ -3813,14 +3817,32 @@
*/
char *
new_note_omp (credentials_t *credentials, const char *oid,
+ const char *hosts, const char *port, const char *threat,
+ const char *task_id, const char *task_name,
+ const char *result_id,
const char *report_id, const char *first_result,
const char *max_results, const char *sort_field,
const char *sort_order, const char *levels,
const char *search_phrase)
{
+ if (hosts == NULL || port == NULL || threat == NULL || task_id == NULL
+ || report_id == NULL) // FIX
+ {
+ GString *xml = g_string_new (GSAD_MESSAGE_INVALID_PARAM ("Get Report"));
+ return xsl_transform_omp (credentials, g_string_free (xml, FALSE));
+ }
+
return xsl_transform_omp (credentials,
g_strdup_printf ("<new_note>"
"<nvt id=\"%s\"/>"
+ "<hosts>%s</hosts>"
+ "<port>%s</port>"
+ "<threat>%s</threat>"
+ "<task id=\"%s\">"
+ "<name>%s</name>"
+ "</task>"
+ "<result id=\"%s\"/>"
+ /* Passthroughs. */
"<report id=\"%s\"/>"
"<first_result>%s</first_result>"
"<max_results>%s</max_results>"
@@ -3830,6 +3852,12 @@
"<search_phrase>%s</search_phrase>"
"</new_note>",
oid,
+ hosts,
+ port,
+ threat,
+ task_id,
+ task_name,
+ result_id,
report_id,
first_result,
max_results,
@@ -3844,8 +3872,12 @@
*
* @param[in] credentials Username and password for authentication.
* @param[in] oid OID of NVT associated with note.
- * @param[in] hosts Hosts associated with note.
- * @param[out] text Text of note.
+ * @param[in] text Text of note.
+ * @param[in] hosts Hosts note applied to, "" for all.
+ * @param[in] port Port note applies to, "" for all.
+ * @param[in] threat Threat note applies to, "" for all.
+ * @param[in] task_id ID of task to limit note to, "" for all.
+ * @param[in] result_id ID of result to limit note to, "" for all.
* @param[in] report_id ID of report.
* @param[in] first_result Number of first result in report.
* @param[in] max_results Number of results in report.
@@ -3858,7 +3890,9 @@
*/
char *
create_note_omp (credentials_t *credentials, const char *oid,
- const char *text, const char *report_id,
+ const char *text, const char *hosts, const char *port,
+ const char *threat, const char *task_id, const char *result_id,
+ const char *report_id,
const unsigned int first_result,
const unsigned int max_results,
const char *sort_field, const char *sort_order,
@@ -3882,6 +3916,13 @@
"Diagnostics: OID was NULL.",
"/omp?cmd=get_notes");
+ if (threat == NULL || port == NULL || hosts == NULL)
+ return gsad_message ("Internal error", __FUNCTION__, __LINE__,
+ "An internal error occurred while creating a new note. "
+ "No new note was created. "
+ "Diagnostics: A required parameter was NULL.",
+ "/omp?cmd=get_notes");
+
if (manager_connect (credentials, &socket, &session))
return gsad_message ("Internal error", __FUNCTION__, __LINE__,
"An internal error occurred while creating a new note. "
@@ -3902,10 +3943,20 @@
ret = openvas_server_sendf (&session,
"<create_note>"
"<nvt>%s</nvt>"
+ "<hosts>%s</hosts>"
+ "<port>%s</port>"
+ "<threat>%s</threat>"
"<text>%s</text>"
+ "<task>%s</task>"
+ "<result>%s</result>"
"</create_note>",
oid,
- text);
+ hosts,
+ port,
+ threat,
+ text,
+ task_id,
+ result_id);
if (ret == -1)
{
Modified: trunk/gsa/src/gsad_omp.h
===================================================================
--- trunk/gsa/src/gsad_omp.h 2010-02-15 15:07:49 UTC (rev 6743)
+++ trunk/gsa/src/gsad_omp.h 2010-02-15 22:15:16 UTC (rev 6744)
@@ -109,10 +109,12 @@
char * export_config_omp (credentials_t *, const char *, enum content_type*,
char **, gsize *);
-char * new_note_omp (credentials_t *, const char *, const char *,
+char * new_note_omp (credentials_t *, const char *, const char *, const char *,
const char *, const char *, const char *, const char *,
- const char *, const char *);
-char * create_note_omp (credentials_t *, const char *, const char *,
+ const char *, const char *, const char *, const char *,
+ const char *, const char *, const char *);
+char * create_note_omp (credentials_t *, const char *, const char *, const char *,
+ const char *, const char *, const char *, const char *,
const char *, const unsigned int, const unsigned int,
const char *, const char *, const char *, const char *);
char * delete_note_omp (credentials_t *, const char *, const char *,
Modified: trunk/gsa/src/html/src/omp.xsl
===================================================================
--- trunk/gsa/src/html/src/omp.xsl 2010-02-15 15:07:49 UTC (rev 6743)
+++ trunk/gsa/src/html/src/omp.xsl 2010-02-15 22:15:16 UTC (rev 6744)
@@ -3907,6 +3907,61 @@
<input type="hidden" name="search_phrase" value="{search_phrase}"/>
<table border="0" cellspacing="0" cellpadding="3" width="100%">
<tr>
+ <td valign="top" width="125">
+ Hosts
+ </td>
+ <td>
+ <input type="radio" name="hosts" value="" checked="1"/>
+ All
+ <input type="radio" name="hosts" value="{hosts}"/>
+ <xsl:value-of select="hosts"/>
+ </td>
+ </tr>
+ <tr>
+ <td valign="top" width="125">
+ Port
+ </td>
+ <td>
+ <input type="radio" name="port" value="" checked="1"/>
+ All
+ <input type="radio" name="port" value="{port}"/>
+ <xsl:value-of select="port"/>
+ </td>
+ </tr>
+ <tr>
+ <td valign="top" width="125">
+ Threat
+ </td>
+ <td>
+ <input type="radio" name="threat" value="" checked="1"/>
+ All
+ <input type="radio" name="threat" value="{threat}"/>
+ <xsl:value-of select="threat"/>
+ </td>
+ </tr>
+ <tr>
+ <td valign="top" width="125">
+ Task
+ </td>
+ <td>
+ <input type="radio" name="task_id" value="" checked="1"/>
+ All
+ <input type="radio" name="task_id" value="{task/@id}"/>
+ <xsl:value-of select="task/name"/>
+ </td>
+ </tr>
+ <tr>
+ <td valign="top" width="125">
+ Result
+ </td>
+ <td>
+ <input type="radio" name="result_id" value="" checked="1"/>
+ All
+ <input type="radio" name="result_id" value="{result/@id}"/>
+ <xsl:value-of select="result/@id"/>
+ </td>
+ </tr>
+ <tr>
<td valign="top" width="125">Text</td>
<td>
<textarea name="text" rows="10" cols="60"/>
@@ -4070,7 +4125,7 @@
<div class="issue_box_box">
<div style="float:right; text-align:right">
<!-- FIX max_results -->
- <a href="/omp?cmd=new_note&result_id={@id}&oid={nvt/@oid}&task_id={../../task/@id}&report_id={../../@id}&first_result={../../results/@start}&max_results={../../results/@start+1000}&levels={../../filters/text()}&sort_field={../../sort/field/text()}&sort_order={../../sort/field/order}&search_phrase={../../filters/phrase}"
+ <a href="/omp?cmd=new_note&result_id={@id}&oid={nvt/@oid}&task_id={../../task/@id}&name={../../task/name}&report_id={../../@id}&first_result={../../results/@start}&max_results={../../results/@start+1000}&levels={../../filters/text()}&sort_field={../../sort/field/text()}&sort_order={../../sort/field/order}&search_phrase={../../filters/phrase}&threat={threat}&port={port}&hosts={host/text()}"
title="Add Note" style="margin-left:3px;">
<img src="/img/new.png" border="0" alt="Add Note"/>
</a>
More information about the Openvas-commits
mailing list