[Openvas-discuss] ID/OID scheme for OpenVAS NASL scripts?
bh at intevation.de
Thu Jan 3 21:47:47 CET 2008
On Thursday 03 January 2008 12:00, Jan-Oliver Wagner wrote:
> Using OIDs for NASL scripts:
> Could be based on families, e.g.
> 22.214.171.124.4.1.25623.1 = iso.org.dod.internet.private.enterprise.OpenVAS.DSA
> 126.96.36.199.4.1.25623.1.1157 =
> 188.8.131.52.4.1.25623.0 =
> 184.108.40.206.4.1.25623.0.1 =
> (note: I do not know whether 0 is allowed as number and which characters
> for the name (e.g. "-"))
> Please let me know wether I am all wrong with my guesses.
> If not, is the above example to way to go?
Sounds good in principle. I wonder, though, whether there should be
additional intermediate levels of OIDs and a way to simply map the old nessus
plugin ID to an OID during a transition phase:
...25623.1 = OpenVAS.NASL
...25623.1.1 = OpenVAS.NASL.legacy
...256220.127.116.11 = OpenVAS.NASL.legacy.123 (old nessus ID 123 as OID)
...25623.1.2 = OpenVAS.NASL.libraries
...25623.1.3 = OpenVAS.NASL.DSA
...25623.2 = OpenVAS.SomeOtherPluginSpace
This would leave the OID space a little cleaner if we ever need OIDs for other
purposes such as LDAP attributes.
> This would mean in practice to have something like:
> instead of
> which apparently will cause trouble (integer vs string),
> as you can see in openvas-libraries/libopenvas/plugutils.c:
> void plug_set_id(desc, id)
> struct arglist * desc;
> int id;
> arg_add_value(desc, "ID", ARG_INT, sizeof(int), (void*)id);
> So we would have to go through all the code and do changes
> accordingly. It is doable (I will do) if we think it is worth it.
This will need to be done in the client, too, of course. There's plenty of
code in openvas-client that assumes the ID is an int. Also, the protocol
would need to be changed, too.
> Alternatively it is possible to introduce
> and add corresponding processing though all of the code.
> Also doable, maybe less overall efford than to change int to str for ID.
> Open question is what to do with the old ID, just try to have no conflicts
> among the various contributores via some simple rules? Leave empty?
I'd say we switch to using OIDs. script_id(1157) would be equivalent to
script_oid("18.104.22.168.4.1.25622.214.171.1247") using the legacy OIDs from above.
Bernhard Herzog Intevation GmbH, Osnabrück
Amtsgericht Osnabrück, HR B 18998 http://www.intevation.de/
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the Openvas-discuss