From 559a7cc8941c1f7d11ed112706ac2d3720575103 Mon Sep 17 00:00:00 2001 From: Johannes Helmold Date: Fri, 17 May 2024 09:44:55 +0200 Subject: [PATCH 1/3] Add: Added report config options to alerts. Alert methods that use a report format should have an option to also choose an optional report config. I added the report config option to the methods: Email, SCP, Send to host, SMB and verinice.PRO Connector. The Alemba vFire method is even more complex and will be handled separately. --- src/gsad_gmp.c | 96 +++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 91 insertions(+), 5 deletions(-) diff --git a/src/gsad_gmp.c b/src/gsad_gmp.c index 4b0d75473..636b36389 100644 --- a/src/gsad_gmp.c +++ b/src/gsad_gmp.c @@ -4136,6 +4136,47 @@ new_alert (gvm_connection_t *connection, credentials_t *credentials, g_free (response); free_entity (entity); + /* Get Report Configs. */ + + ret = gmp (connection, credentials, &response, &entity, response_data, + ""); + switch (ret) + { + case 0: + case -1: + break; + case 1: + cmd_response_data_set_status_code (response_data, + MHD_HTTP_INTERNAL_SERVER_ERROR); + return gsad_message ( + credentials, "Internal error", __func__, __LINE__, + "An internal error occurred while getting Report " + "Configs for new alert. " + "Diagnostics: Failure to send command to manager daemon.", + response_data); + case 2: + cmd_response_data_set_status_code (response_data, + MHD_HTTP_INTERNAL_SERVER_ERROR); + return gsad_message ( + credentials, "Internal error", __func__, __LINE__, + "An internal error occurred while getting Report " + "Configs for new alert. " + "Diagnostics: Failure to receive response from manager daemon.", + response_data); + default: + cmd_response_data_set_status_code (response_data, + MHD_HTTP_INTERNAL_SERVER_ERROR); + return gsad_message (credentials, "Internal error", __func__, __LINE__, + "An internal error occurred while getting Report " + "Configs for new alert. It is unclear whether" + " the alert has been saved or not. " + "Diagnostics: Internal Error.", + response_data); + } + g_string_append (xml, response); + g_free (response); + free_entity (entity); + /* Get Report Filters. */ ret = gmp (connection, credentials, &response, &entity, response_data, @@ -4387,7 +4428,7 @@ append_alert_condition_data (GString *xml, params_t *data, */ static void append_alert_method_data (GString *xml, params_t *data, const char *method, - params_t *report_formats) + params_t *report_formats, params_t *report_configs) { params_iterator_t iter; char *name; @@ -4445,6 +4486,7 @@ append_alert_method_data (GString *xml, params_t *data, const char *method, || (strcmp (method, "Send") == 0 && (strcmp (name, "send_host") == 0 || strcmp (name, "send_port") == 0 + || strcmp (name, "send_report_config") == 0 || strcmp (name, "send_report_format") == 0)) || (strcmp (method, "SCP") == 0 && (strcmp (name, "scp_credential") == 0 @@ -4452,11 +4494,13 @@ append_alert_method_data (GString *xml, params_t *data, const char *method, || strcmp (name, "scp_known_hosts") == 0 || strcmp (name, "scp_path") == 0 || strcmp (name, "scp_port") == 0 + || strcmp (name, "scp_report_config") == 0 || strcmp (name, "scp_report_format") == 0)) || (strcmp (method, "SMB") == 0 && (strcmp (name, "smb_credential") == 0 || strcmp (name, "smb_file_path") == 0 || strcmp (name, "smb_max_protocol") == 0 + || strcmp (name, "smb_report_config") == 0 || strcmp (name, "smb_report_format") == 0 || strcmp (name, "smb_share_path") == 0)) || (strcmp (method, "SNMP") == 0 @@ -4471,6 +4515,7 @@ append_alert_method_data (GString *xml, params_t *data, const char *method, || (strcmp (method, "verinice Connector") == 0 && (strcmp (name, "verinice_server_credential") == 0 || strcmp (name, "verinice_server_url") == 0 + || strcmp (name, "verinice_server_report_config") == 0 || strcmp (name, "verinice_server_report_format") == 0)) || (strcmp (method, "Alemba vFire") == 0 && (strcmp (name, "vfire_base_url") == 0 @@ -4490,8 +4535,12 @@ append_alert_method_data (GString *xml, params_t *data, const char *method, || strcmp (name, "notice") == 0 || (strcmp (name, "notice_report_format") == 0 && notice == 0) + || (strcmp (name, "notice_report_config") == 0 + && notice == 0) || (strcmp (name, "notice_attach_format") == 0 && notice == 2) + || (strcmp (name, "notice_attach_config") == 0 + && notice == 2) || (str_equal (name, "recipient_credential") && !str_equal (param->value, "0")))) || (strcmp (method, "Syslog") == 0 @@ -4504,8 +4553,10 @@ append_alert_method_data (GString *xml, params_t *data, const char *method, || strcmp (name, "composer_include_notes") == 0 || strcmp (name, "composer_include_overrides") == 0 || strcmp (name, "composer_ignore_pagination") == 0) + { xml_string_append (xml, "%s%s", name, param->value ? param->value : ""); + } else if (strcmp (method, "Email") == 0 && notice == 0 && strcmp (name, "message") == 0) xml_string_append (xml, "message%s", @@ -4561,7 +4612,7 @@ create_alert_gmp (gvm_connection_t *connection, credentials_t *credentials, int ret; gchar *html, *response; const char *name, *comment, *active, *condition, *event, *method, *filter_id; - params_t *method_data, *event_data, *condition_data, *report_formats; + params_t *method_data, *event_data, *condition_data, *report_formats, *report_configs; entity_t entity; GString *xml; @@ -4586,6 +4637,7 @@ create_alert_gmp (gvm_connection_t *connection, credentials_t *credentials, event_data = params_values (params, "event_data:"); condition_data = params_values (params, "condition_data:"); report_formats = params_values (params, "report_format_ids:"); + report_configs = params_values (params, "report_config_ids:"); xml = g_string_new (""); @@ -4622,7 +4674,7 @@ create_alert_gmp (gvm_connection_t *connection, credentials_t *credentials, "%s", method); - append_alert_method_data (xml, method_data, method, report_formats); + append_alert_method_data (xml, method_data, method, report_formats, report_configs); xml_string_append (xml, "" @@ -4870,6 +4922,39 @@ edit_alert (gvm_connection_t *connection, credentials_t *credentials, } } + if (command_enabled (credentials, "GET_REPORT_CONFIGS")) + { + /* Get the report configs. */ + + if (gvm_connection_sendf (connection, "") + == -1) + { + g_string_free (xml, TRUE); + cmd_response_data_set_status_code (response_data, + MHD_HTTP_INTERNAL_SERVER_ERROR); + return gsad_message ( + credentials, "Internal error", __func__, __LINE__, + "An internal error occurred while getting report configs. " + "The current list of report configs is not available. " + "Diagnostics: Failure to send command to manager daemon.", + response_data); + } + + if (read_string_c (connection, &xml)) + { + g_string_free (xml, TRUE); + cmd_response_data_set_status_code (response_data, + MHD_HTTP_INTERNAL_SERVER_ERROR); + return gsad_message ( + credentials, "Internal error", __func__, __LINE__, + "An internal error occurred while getting report configs. " + "The current list of report configs is not available. " + "Diagnostics: Failure to receive response from manager daemon.", + response_data); + } + } + if (command_enabled (credentials, "GET_FILTERS")) { /* Get filters. */ @@ -5023,7 +5108,7 @@ save_alert_gmp (gvm_connection_t *connection, credentials_t *credentials, const char *name, *comment, *alert_id; const char *event, *condition, *method; const char *filter_id, *active; - params_t *event_data, *condition_data, *method_data, *report_formats; + params_t *event_data, *condition_data, *method_data, *report_formats, *report_configs; entity_t entity; name = params_value (params, "name"); @@ -5056,6 +5141,7 @@ save_alert_gmp (gvm_connection_t *connection, credentials_t *credentials, condition_data = params_values (params, "condition_data:"); method_data = params_values (params, "method_data:"); report_formats = params_values (params, "report_format_ids:"); + report_configs = params_values (params, "report_config_ids:"); if (str_equal (event, EVENT_TYPE_NEW_SECINFO) && event_data) { @@ -5090,7 +5176,7 @@ save_alert_gmp (gvm_connection_t *connection, credentials_t *credentials, "%s", method); - append_alert_method_data (xml, method_data, method, report_formats); + append_alert_method_data (xml, method_data, method, report_formats, report_configs); xml_string_append (xml, "" From 17f2e1674151b89b418ee4f1d2579443bc3d0247 Mon Sep 17 00:00:00 2001 From: Johannes Helmold Date: Fri, 17 May 2024 09:58:38 +0200 Subject: [PATCH 2/3] Fixed some formatting issues. --- src/gsad_gmp.c | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/src/gsad_gmp.c b/src/gsad_gmp.c index 636b36389..efd8354d1 100644 --- a/src/gsad_gmp.c +++ b/src/gsad_gmp.c @@ -4553,10 +4553,10 @@ append_alert_method_data (GString *xml, params_t *data, const char *method, || strcmp (name, "composer_include_notes") == 0 || strcmp (name, "composer_include_overrides") == 0 || strcmp (name, "composer_ignore_pagination") == 0) - { - xml_string_append (xml, "%s%s", name, - param->value ? param->value : ""); - } + { + xml_string_append (xml, "%s%s", name, + param->value ? param->value : ""); + } else if (strcmp (method, "Email") == 0 && notice == 0 && strcmp (name, "message") == 0) xml_string_append (xml, "message%s", @@ -4612,7 +4612,8 @@ create_alert_gmp (gvm_connection_t *connection, credentials_t *credentials, int ret; gchar *html, *response; const char *name, *comment, *active, *condition, *event, *method, *filter_id; - params_t *method_data, *event_data, *condition_data, *report_formats, *report_configs; + params_t *method_data, *event_data, *condition_data, *report_formats, + *report_configs; entity_t entity; GString *xml; @@ -4674,7 +4675,8 @@ create_alert_gmp (gvm_connection_t *connection, credentials_t *credentials, "%s", method); - append_alert_method_data (xml, method_data, method, report_formats, report_configs); + append_alert_method_data (xml, method_data, method, report_formats, + report_configs); xml_string_append (xml, "" @@ -5108,7 +5110,8 @@ save_alert_gmp (gvm_connection_t *connection, credentials_t *credentials, const char *name, *comment, *alert_id; const char *event, *condition, *method; const char *filter_id, *active; - params_t *event_data, *condition_data, *method_data, *report_formats, *report_configs; + params_t *event_data, *condition_data, *method_data, *report_formats, + *report_configs; entity_t entity; name = params_value (params, "name"); @@ -5176,7 +5179,8 @@ save_alert_gmp (gvm_connection_t *connection, credentials_t *credentials, "%s", method); - append_alert_method_data (xml, method_data, method, report_formats, report_configs); + append_alert_method_data (xml, method_data, method, report_formats, + report_configs); xml_string_append (xml, "" From ce211d93bd3e95ea1fdc3991945bcd283015cafc Mon Sep 17 00:00:00 2001 From: Johannes Helmold Date: Tue, 28 May 2024 11:12:57 +0200 Subject: [PATCH 3/3] Small amendments. --- src/gsad_gmp.c | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/src/gsad_gmp.c b/src/gsad_gmp.c index efd8354d1..f79266a12 100644 --- a/src/gsad_gmp.c +++ b/src/gsad_gmp.c @@ -4428,7 +4428,7 @@ append_alert_condition_data (GString *xml, params_t *data, */ static void append_alert_method_data (GString *xml, params_t *data, const char *method, - params_t *report_formats, params_t *report_configs) + params_t *report_formats) { params_iterator_t iter; char *name; @@ -4612,8 +4612,7 @@ create_alert_gmp (gvm_connection_t *connection, credentials_t *credentials, int ret; gchar *html, *response; const char *name, *comment, *active, *condition, *event, *method, *filter_id; - params_t *method_data, *event_data, *condition_data, *report_formats, - *report_configs; + params_t *method_data, *event_data, *condition_data, *report_formats; entity_t entity; GString *xml; @@ -4638,7 +4637,6 @@ create_alert_gmp (gvm_connection_t *connection, credentials_t *credentials, event_data = params_values (params, "event_data:"); condition_data = params_values (params, "condition_data:"); report_formats = params_values (params, "report_format_ids:"); - report_configs = params_values (params, "report_config_ids:"); xml = g_string_new (""); @@ -4675,8 +4673,7 @@ create_alert_gmp (gvm_connection_t *connection, credentials_t *credentials, "%s", method); - append_alert_method_data (xml, method_data, method, report_formats, - report_configs); + append_alert_method_data (xml, method_data, method, report_formats); xml_string_append (xml, "" @@ -5110,8 +5107,7 @@ save_alert_gmp (gvm_connection_t *connection, credentials_t *credentials, const char *name, *comment, *alert_id; const char *event, *condition, *method; const char *filter_id, *active; - params_t *event_data, *condition_data, *method_data, *report_formats, - *report_configs; + params_t *event_data, *condition_data, *method_data, *report_formats; entity_t entity; name = params_value (params, "name"); @@ -5144,7 +5140,6 @@ save_alert_gmp (gvm_connection_t *connection, credentials_t *credentials, condition_data = params_values (params, "condition_data:"); method_data = params_values (params, "method_data:"); report_formats = params_values (params, "report_format_ids:"); - report_configs = params_values (params, "report_config_ids:"); if (str_equal (event, EVENT_TYPE_NEW_SECINFO) && event_data) { @@ -5179,8 +5174,7 @@ save_alert_gmp (gvm_connection_t *connection, credentials_t *credentials, "%s", method); - append_alert_method_data (xml, method_data, method, report_formats, - report_configs); + append_alert_method_data (xml, method_data, method, report_formats); xml_string_append (xml, ""