Hello community,
here is the log from the commit of package openvas-manager for openSUSE:Factory
checked in at Mon Jun 6 13:36:04 CEST 2011.
--------
--- openvas-manager/openvas-manager.changes 2011-04-22 13:26:13.000000000 +0200
+++ /mounts/work_src_done/STABLE/openvas-manager/openvas-manager.changes 2011-05-31 19:45:06.000000000 +0200
@@ -1,0 +2,16 @@
+Tue May 31 17:16:16 UTC 2011 - bitshuffler@opensuse.org
+
+- Updated to 2.0.4
+ * Compiler warnings from gcc 4.6 discovered by Stephan Kleine were addressed.
+ * The mail addresses supplied for an email escalator are now used in the correct
+ order.
+ * Privilege dropping is now done directly and not via the shell.
+ * A bug which caused the Manager to fail to start when launched without a
+ database has been fixed.
+ * A race condition which caused empty reports from the slave when running in
+ master-slave mode under certain conditions has been fixed.
+ * A bug which caused the timestamp of the scan end not to be written to the
+ Manager database when running a task with an escalator under certain
+ conditions has been fixed.
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
debian.series
openvas-manager-2.0.3-install.patch
openvas-manager-2.0.3.tar.gz
New:
----
openvas-manager-2.0.4.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ openvas-manager.spec ++++++
--- /var/tmp/diff_new_pack.yCnJWS/_old 2011-06-06 13:35:43.000000000 +0200
+++ /var/tmp/diff_new_pack.yCnJWS/_new 2011-06-06 13:35:43.000000000 +0200
@@ -19,7 +19,7 @@
Name: openvas-manager
-Version: 2.0.3
+Version: 2.0.4
Release: 1
License: GPLv2+
Group: Productivity/Networking/Security
@@ -30,7 +30,6 @@
Source3: openvasmd.init.suse
Source4: openvasmd.init.fedora
Source5: openvasmd.init.mandriva
-Patch0: openvas-manager-2.0.3-install.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%if 0%{?fedora_version} || 0%{?scientificlinux_version}
@@ -65,7 +64,6 @@
%prep
%setup -q
-%patch0
%build
%if 0%{?mandriva_version}
++++++ debian.changelog ++++++
--- /var/tmp/diff_new_pack.yCnJWS/_old 2011-06-06 13:35:43.000000000 +0200
+++ /var/tmp/diff_new_pack.yCnJWS/_new 2011-06-06 13:35:43.000000000 +0200
@@ -1,3 +1,20 @@
+openvas-manager (2.0.4-1) UNRELEASED; urgency=low
+
+ * New upstream release.
+ - Compiler warnings from gcc 4.6 discovered by Stephan Kleine were addressed.
+ - The mail addresses supplied for an email escalator are now used in the correct
+ order.
+ - Privilege dropping is now done directly and not via the shell.
+ - A bug which caused the Manager to fail to start when launched without a
+ database has been fixed.
+ - A race condition which caused empty reports from the slave when running in
+ master-slave mode under certain conditions has been fixed.
+ - A bug which caused the timestamp of the scan end not to be written to the
+ Manager database when running a task with an escalator under certain
+ conditions has been fixed.
+
+ -- Stephan Kleine Tue, 31 May 2011 19:18:27 +0200
+
openvas-manager (2.0.3-1) UNRELEASED; urgency=low
* New upstream release.
++++++ openvas-manager-2.0.3.tar.gz -> openvas-manager-2.0.4.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.3/CHANGES new/openvas-manager-2.0.4/CHANGES
--- old/openvas-manager-2.0.3/CHANGES 2011-04-15 15:30:03.000000000 +0200
+++ new/openvas-manager-2.0.4/CHANGES 2011-05-30 15:59:05.000000000 +0200
@@ -1,3 +1,30 @@
+openvas-manager 2.0.4 (2011-05-30)
+
+This is the fourth maintenance release of the openvas-manager 2.0 module for the
+Open Vulnerability Assessment System release 4 (OpenVAS-4). The OpenVAS Manager
+is the central management service between the actual security scanner and
+various user clients.
+
+This release fixes a number of issues discovered after the release of
+openvas-manager 2.0.3.
+
+Many thanks to everyone who has contributed to this release:
+Stephan Kleine, Matthew Mundell and Michael Wiegand.
+
+Main changes since 2.0.3:
+* Compiler warnings from gcc 4.6 discovered by Stephan Kleine were addressed.
+* The mail addresses supplied for an email escalator are now used in the correct
+ order.
+* Privilege dropping is now done directly and not via the shell.
+* A bug which caused the Manager to fail to start when launched without a
+ database has been fixed.
+* A race condition which caused empty reports from the slave when running in
+ master-slave mode under certain conditions has been fixed.
+* A bug which caused the timestamp of the scan end not to be written to the
+ Manager database when running a task with an escalator under certain
+ conditions has been fixed.
+
+
openvas-manager 2.0.3 (2011-04-15)
This is the third maintenance release of the openvas-manager 2.0 module for the
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.3/CMakeLists.txt new/openvas-manager-2.0.4/CMakeLists.txt
--- old/openvas-manager-2.0.3/CMakeLists.txt 2011-04-15 15:30:03.000000000 +0200
+++ new/openvas-manager-2.0.4/CMakeLists.txt 2011-05-30 15:59:05.000000000 +0200
@@ -78,7 +78,7 @@
set (CPACK_TOPLEVEL_TAG "")
set (CPACK_PACKAGE_VERSION_MAJOR "2")
set (CPACK_PACKAGE_VERSION_MINOR "0")
-set (CPACK_PACKAGE_VERSION_PATCH "3${SVN_REVISION}")
+set (CPACK_PACKAGE_VERSION_PATCH "4${SVN_REVISION}")
set (CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}")
set (CPACK_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}")
set (CPACK_SOURCE_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}")
@@ -257,7 +257,7 @@
## Install
-install (CODE "file (MAKE_DIRECTORY ${OPENVAS_STATE_DIR}/openvasmd/report_formats/)")
+install (CODE "file (MAKE_DIRECTORY \$ENV{DESTDIR}${OPENVAS_STATE_DIR}/openvasmd/report_formats)")
install (FILES ${CMAKE_BINARY_DIR}/src/openvasmd_log.conf
DESTINATION ${OPENVAS_SYSCONF_DIR})
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.3/ChangeLog new/openvas-manager-2.0.4/ChangeLog
--- old/openvas-manager-2.0.3/ChangeLog 2011-04-15 15:30:03.000000000 +0200
+++ new/openvas-manager-2.0.4/ChangeLog 2011-05-30 15:59:05.000000000 +0200
@@ -1,3 +1,77 @@
+2011-05-30 Michael Wiegand
+
+ Preparing the openvas-manager 2.0.4 release.
+
+ * CHANGES: Updated.
+
+2011-05-30 Matthew Mundell
+
+ * src/manage_sql.c (manage_report, manage_send_report): Clear parent state
+ in child. Backport from trunk r10906.
+
+2011-05-30 Matthew Mundell
+
+ Backport trunk r10949.
+
+ * src/manage_sql.c (print_report_xml): Add full count as text, to preserve
+ compatibility with OMP 1. Some of the report formats use this value.
+
+ * src/schema_formats/XML/OMP.xml (report): Add result_count text.
+
+ * doc/omp.rnc, doc/omp.html: Update from source.
+
+2011-05-26 Matthew Mundell
+
+ * src/manage_sql.c (manage_report): Wait on the child PID, just to be
+ sure. Backport from trunk r10997.
+
+2011-05-26 Matthew Mundell
+
+ * src/manage_sql.c (manage_send_report): Wait on the child PID, just to be
+ sure. Backport from trunk r10996.
+
+2011-04-25 Matthew Mundell
+
+ * src/manage_sql.c (manage_report, manage_send_report): Drop privileges
+ directly instead of with su via the shell. Backport from trunk r10825.
+
+2011-04-25 Matthew Mundell
+
+ * src/manage_sql.c (init_manage_process): Check stat return in permission
+ check. Backport from trunk r10804.
+
+2011-05-24 Matthew Mundell
+
+ Quiet compiler warnings. Thanks to Stephan Kleine for original patch.
+ Backport from trunk. Originally committed in r10991.
+
+ * src/manage_sql.c (manage_report, manage_send_report): Remove old
+ variable.
+ (months_between): Remove stray variable.
+
+ * src/omp.c (omp_xml_handle_end_element): In CLIENT_MODIFY_TASK remove
+ variable "first" which is only used by an assertion.
+
+2011-05-04 Matthew Mundell
+
+ * src/manage_sql.c (email): Put the To address in the sendmail command
+ instead of the From address. Backport from trunk; initially committed in
+ r10875.
+
+2011-04-22 Stephan Kleine
+
+ * CMakeLists.txt: Fix formatting.
+
+2011-04-22 Stephan Kleine
+
+ * CMakeLists.txt: Fix installation with DESTDIR.
+
+2011-04-15 Michael Wiegand
+
+ Post release version bump.
+
+ * CMakeLists.txt: Updated version number.
+
2011-04-15 Michael Wiegand
Preparing the openvas-manager 2.0.3 release.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.3/doc/omp.html new/openvas-manager-2.0.4/doc/omp.html
--- old/openvas-manager-2.0.3/doc/omp.html 2011-04-15 15:30:00.000000000 +0200
+++ new/openvas-manager-2.0.4/doc/omp.html 2011-05-30 15:59:04.000000000 +0200
@@ -7799,7 +7799,8 @@
</li>
<li>
<<b>result_count</b>>
- <ul style="list-style: none">
+ <div style="margin-left: 15px; display: inline;">Counts of results produced by scan.</div>
+<ul style="list-style: none">
<li>
<<b>full</b>>
<div style="margin-left: 15px; display: inline;">Total number of results produced by scan.</div>
@@ -8175,7 +8176,8 @@
get_reports_response_report_report_result_count
= element result_count
{
- get_reports_response_report_report_result_count_full
+ text
+ & get_reports_response_report_report_result_count_full
& get_reports_response_report_report_result_count_filtered
& get_reports_response_report_report_result_count_debug
& get_reports_response_report_report_result_count_hole
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.3/doc/omp.rnc new/openvas-manager-2.0.4/doc/omp.rnc
--- old/openvas-manager-2.0.3/doc/omp.rnc 2011-04-15 15:30:00.000000000 +0200
+++ new/openvas-manager-2.0.4/doc/omp.rnc 2011-05-30 15:59:04.000000000 +0200
@@ -3838,10 +3838,12 @@
task_status
}
+# Counts of results produced by scan.
get_reports_response_report_report_result_count
= element result_count
{
- get_reports_response_report_report_result_count_full
+ text
+ & get_reports_response_report_report_result_count_full
& get_reports_response_report_report_result_count_filtered
& get_reports_response_report_report_result_count_debug
& get_reports_response_report_report_result_count_hole
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.3/src/manage_sql.c new/openvas-manager-2.0.4/src/manage_sql.c
--- old/openvas-manager-2.0.3/src/manage_sql.c 2011-04-15 15:30:00.000000000 +0200
+++ new/openvas-manager-2.0.4/src/manage_sql.c 2011-05-30 15:59:05.000000000 +0200
@@ -5356,11 +5356,11 @@
email (const char *to_address, const char *from_address, const char *subject,
const char *body)
{
- int ret, content_fd, from_fd;
+ int ret, content_fd, to_fd;
gchar *command, *content;
GError *error = NULL;
char content_file[] = "/tmp/openvasmd-content-XXXXXX";
- char from_file[] = "/tmp/openvasmd-from-XXXXXX";
+ char to_file[] = "/tmp/openvasmd-to-XXXXXX";
content_fd = mkstemp (content_file);
if (content_fd == -1)
@@ -5393,28 +5393,28 @@
return -1;
}
- from_fd = mkstemp (from_file);
- if (from_fd == -1)
+ to_fd = mkstemp (to_file);
+ if (to_fd == -1)
{
g_warning ("%s: mkstemp: %s\n", __FUNCTION__, strerror (errno));
close (content_fd);
return -1;
}
- g_file_set_contents (from_file, from_address, strlen (from_address), &error);
+ g_file_set_contents (to_file, to_address, strlen (to_address), &error);
if (error)
{
g_warning ("%s", error->message);
g_error_free (error);
close (content_fd);
- close (from_fd);
+ close (to_fd);
return -1;
}
command = g_strdup_printf ("xargs -a %s -I XXX"
" /usr/sbin/sendmail XXX < %s"
" > /dev/null 2>&1",
- from_file,
+ to_file,
content_file);
tracef (" command: %s\n", command);
@@ -5431,16 +5431,16 @@
command);
g_free (command);
close (content_fd);
- close (from_fd);
+ close (to_fd);
unlink (content_file);
- unlink (from_file);
+ unlink (to_file);
return -1;
}
g_free (command);
close (content_fd);
- close (from_fd);
+ close (to_fd);
unlink (content_file);
- unlink (from_file);
+ unlink (to_file);
return 0;
}
@@ -6270,8 +6270,22 @@
{
struct stat state;
- stat (database ? database : OPENVAS_STATE_DIR "/mgr/tasks.db", &state);
- if (state.st_mode & (S_IXUSR | S_IRWXG | S_IRWXO))
+ int err;
+
+ err = stat (database ? database : OPENVAS_STATE_DIR "/mgr/tasks.db",
+ &state);
+ if (err)
+ switch (errno)
+ {
+ case ENOENT:
+ break;
+ default:
+ g_warning ("%s: failed to stat database: %s\n",
+ __FUNCTION__,
+ strerror (errno));
+ abort ();
+ }
+ else if (state.st_mode & (S_IXUSR | S_IRWXG | S_IRWXO))
{
g_warning ("%s: database permissions are too loose, repairing\n",
__FUNCTION__);
@@ -11844,6 +11858,7 @@
PRINT (out,
""
+ "%i"
"<full>%i</full>"
"<filtered>%i</filtered>"
"<debug><full>%i</full><filtered>%i</filtered></debug>"
@@ -11857,6 +11872,7 @@
""
"",
result_count,
+ result_count,
filtered_result_count,
debugs,
(strchr (levels, 'd') ? f_debugs : 0),
@@ -12061,12 +12077,10 @@
{
iterator_t formats;
const char *uuid_format;
- char *uuid_report;
gchar *script, *script_dir;
/* Setup file names. */
- uuid_report = report_uuid (report);
init_report_format_iterator (&formats, report_format, 1, NULL);
if (next (&formats) == FALSE)
{
@@ -12157,10 +12171,22 @@
/* Call the script. */
+ command = g_strdup_printf ("/bin/sh %s %s > %s"
+ " 2> /dev/null",
+ script,
+ xml_file,
+ output_file);
+ g_free (script);
+
+ g_debug (" command: %s\n", command);
+
if (getuid () == 0)
{
+ pid_t pid;
struct passwd *nobody;
+ /* Run the command with lower privileges in a fork. */
+
nobody = getpwnam ("nobody");
if ((nobody == NULL)
|| chown (xml_dir, nobody->pw_uid, nobody->pw_gid)
@@ -12170,52 +12196,181 @@
__FUNCTION__,
strerror (errno));
g_free (previous_dir);
- g_free (script);
+ g_free (output_file);
g_free (xml_file);
if (extension) g_free (*extension);
if (content_type) g_free (*content_type);
return NULL;
}
+ g_free (xml_file);
+
+ pid = fork ();
+ switch (pid)
+ {
+ case 0:
+ {
+ /* Child. Drop privileges, run command, exit. */
+
+ /* Clear parent state, because these affect
+ * cleanup_manage_process. */
+ current_scanner_task = 0;
+ current_report = 0;
+
+ if (setgid (nobody->pw_gid))
+ {
+ g_warning ("%s (child): setgid: %s\n",
+ __FUNCTION__,
+ strerror (errno));
+ exit (EXIT_FAILURE);
+ }
+ if (setuid (nobody->pw_uid))
+ {
+ g_warning ("%s (child): setuid: %s\n",
+ __FUNCTION__,
+ strerror (errno));
+ exit (EXIT_FAILURE);
+ }
+
+ /* RATS: ignore, command is defined above. */
+ if (ret = system (command),
+ /** @todo ret is always -1. */
+ 0 && ((ret) == -1
+ || WEXITSTATUS (ret)))
+ {
+ g_warning ("%s (child):"
+ " system failed with ret %i, %i, %s\n",
+ __FUNCTION__,
+ ret,
+ WEXITSTATUS (ret),
+ command);
+ exit (EXIT_FAILURE);
+ }
- command = g_strdup_printf ("/bin/sh -c \"su nobody"
- " -c \\\"/bin/sh %s %s > %s"
- " 2> /dev/null\\\""
- " > /dev/null 2>&1\""
- " > /dev/null 2>&1",
- script,
- xml_file,
- output_file);
+ exit (EXIT_SUCCESS);
+ break;
+ }
+
+ case -1:
+ /* Parent when error. */
+
+ g_warning ("%s: Failed to fork: %s\n",
+ __FUNCTION__,
+ strerror (errno));
+ if (chdir (previous_dir))
+ g_warning ("%s: and chdir failed\n",
+ __FUNCTION__);
+ g_free (previous_dir);
+ g_free (output_file);
+ g_free (command);
+ if (extension) g_free (*extension);
+ if (content_type) g_free (*content_type);
+ return NULL;
+ break;
+
+ default:
+ {
+ int status;
+
+ /* Parent on success. Wait for child, and check result. */
+
+ g_free (command);
+
+ while (waitpid (pid, &status, 0) < 0)
+ {
+ if (errno == ECHILD)
+ {
+ g_warning ("%s: Failed to get child exit status",
+ __FUNCTION__);
+ if (chdir (previous_dir))
+ g_warning ("%s: and chdir failed\n",
+ __FUNCTION__);
+ g_free (previous_dir);
+ g_free (output_file);
+ if (extension) g_free (*extension);
+ if (content_type) g_free (*content_type);
+ return NULL;
+ }
+ if (errno == EINTR)
+ continue;
+ g_warning ("%s: wait: %s",
+ __FUNCTION__,
+ strerror (errno));
+ if (chdir (previous_dir))
+ g_warning ("%s: and chdir failed\n",
+ __FUNCTION__);
+ g_free (previous_dir);
+ g_free (output_file);
+ if (extension) g_free (*extension);
+ if (content_type) g_free (*content_type);
+ return NULL;
+ }
+ if (WIFEXITED (status))
+ switch (WEXITSTATUS (status))
+ {
+ case EXIT_SUCCESS:
+ break;
+ case EXIT_FAILURE:
+ default:
+ g_warning ("%s: child failed, %s\n",
+ __FUNCTION__,
+ command);
+ if (chdir (previous_dir))
+ g_warning ("%s: and chdir failed\n",
+ __FUNCTION__);
+ g_free (previous_dir);
+ g_free (output_file);
+ if (extension) g_free (*extension);
+ if (content_type) g_free (*content_type);
+ return NULL;
+ }
+ else
+ {
+ g_warning ("%s: child failed, %s\n",
+ __FUNCTION__,
+ command);
+ if (chdir (previous_dir))
+ g_warning ("%s: and chdir failed\n",
+ __FUNCTION__);
+ g_free (previous_dir);
+ g_free (output_file);
+ if (extension) g_free (*extension);
+ if (content_type) g_free (*content_type);
+ return NULL;
+ }
+
+ /* Child succeeded, continue to process result. */
+
+ break;
+ }
+ }
}
else
- command = g_strdup_printf ("/bin/sh %s %s > %s"
- " 2> /dev/null",
- script,
- xml_file,
- output_file);
- g_free (script);
+ {
+ /* Just run the command as the current user. */
- g_debug (" command: %s\n", command);
+ /* RATS: ignore, command is defined above. */
+ if (ret = system (command),
+ /** @todo ret is always -1. */
+ 0 && ((ret) == -1
+ || WEXITSTATUS (ret)))
+ {
+ g_warning ("%s: system failed with ret %i, %i, %s\n",
+ __FUNCTION__,
+ ret,
+ WEXITSTATUS (ret),
+ command);
+ if (chdir (previous_dir))
+ g_warning ("%s: and chdir failed\n",
+ __FUNCTION__);
+ g_free (previous_dir);
+ g_free (output_file);
+ g_free (command);
+ if (extension) g_free (*extension);
+ if (content_type) g_free (*content_type);
+ return NULL;
+ }
- /* RATS: ignore, command is defined above. */
- if (ret = system (command),
- /** @todo ret is always -1. */
- 0 && ((ret) == -1
- || WEXITSTATUS (ret)))
- {
- g_warning ("%s: system failed with ret %i, %i, %s\n",
- __FUNCTION__,
- ret,
- WEXITSTATUS (ret),
- command);
- if (chdir (previous_dir))
- g_warning ("%s: and chdir failed\n",
- __FUNCTION__);
- g_free (previous_dir);
g_free (command);
- g_free (output_file);
- if (extension) g_free (*extension);
- if (content_type) g_free (*content_type);
- return NULL;
}
{
@@ -12223,8 +12378,6 @@
gchar *output;
gsize output_len;
- g_free (command);
-
/* Change back to the previous directory. */
if (chdir (previous_dir))
@@ -12233,7 +12386,7 @@
__FUNCTION__,
strerror (errno));
g_free (previous_dir);
- g_free (xml_file);
+ g_free (output_file);
if (extension) g_free (*extension);
if (content_type) g_free (*content_type);
return NULL;
@@ -12361,12 +12514,10 @@
{
iterator_t formats;
const char *uuid_format;
- char *uuid_report;
gchar *script, *script_dir;
/* Setup file names. */
- uuid_report = report_uuid (report);
init_report_format_iterator (&formats, report_format, 1, NULL);
if (next (&formats) == FALSE)
{
@@ -12443,10 +12594,22 @@
/* Call the script. */
+ command = g_strdup_printf ("/bin/sh %s %s > %s"
+ " 2> /dev/null",
+ script,
+ xml_file,
+ output_file);
+ g_free (script);
+
+ g_debug (" command: %s\n", command);
+
if (getuid () == 0)
{
+ pid_t pid;
struct passwd *nobody;
+ /* Run the command with lower privileges in a fork. */
+
nobody = getpwnam ("nobody");
if ((nobody == NULL)
|| chown (xml_dir, nobody->pw_uid, nobody->pw_gid)
@@ -12456,57 +12619,176 @@
__FUNCTION__,
strerror (errno));
g_free (previous_dir);
- g_free (script);
g_free (xml_file);
+ g_free (output_file);
return -1;
}
- command = g_strdup_printf ("/bin/sh -c \"su nobody"
- " -c \\\"/bin/sh %s %s > %s"
- " 2> /dev/null\\\""
- " > /dev/null 2>&1\""
- " > /dev/null 2>&1",
- script,
- xml_file,
- output_file);
+ g_free (xml_file);
+
+ pid = fork ();
+ switch (pid)
+ {
+ case 0:
+ {
+ /* Child. Drop privileges, run command, exit. */
+
+ /* Clear parent state, because these affect
+ * cleanup_manage_process. */
+ current_scanner_task = 0;
+ current_report = 0;
+
+ if (setgid (nobody->pw_gid))
+ {
+ g_warning ("%s (child): setgid: %s\n",
+ __FUNCTION__,
+ strerror (errno));
+ exit (EXIT_FAILURE);
+ }
+ if (setuid (nobody->pw_uid))
+ {
+ g_warning ("%s (child): setuid: %s\n",
+ __FUNCTION__,
+ strerror (errno));
+ exit (EXIT_FAILURE);
+ }
+
+ /* RATS: ignore, command is defined above. */
+ if (ret = system (command),
+ /** @todo ret is always -1. */
+ 0 && ((ret) == -1
+ || WEXITSTATUS (ret)))
+ {
+ g_warning ("%s (child):"
+ " system failed with ret %i, %i, %s\n",
+ __FUNCTION__,
+ ret,
+ WEXITSTATUS (ret),
+ command);
+ exit (EXIT_FAILURE);
+ }
+
+ exit (EXIT_SUCCESS);
+ break;
+ }
+
+ case -1:
+ /* Parent when error. */
+
+ g_warning ("%s: Failed to fork: %s\n",
+ __FUNCTION__,
+ strerror (errno));
+ if (chdir (previous_dir))
+ g_warning ("%s: and chdir failed\n",
+ __FUNCTION__);
+ g_free (previous_dir);
+ g_free (output_file);
+ g_free (command);
+ return -1;
+ break;
+
+ default:
+ {
+ int status;
+
+ /* Parent on success. Wait for child, and check result. */
+
+ g_free (command);
+
+ while (waitpid (pid, &status, 0) < 0)
+ {
+ if (errno == ECHILD)
+ {
+ g_warning ("%s: Failed to get child exit status",
+ __FUNCTION__);
+ if (chdir (previous_dir))
+ g_warning ("%s: and chdir failed\n",
+ __FUNCTION__);
+ g_free (previous_dir);
+ g_free (output_file);
+ return -1;
+ }
+ if (errno == EINTR)
+ continue;
+ g_warning ("%s: wait: %s",
+ __FUNCTION__,
+ strerror (errno));
+ if (chdir (previous_dir))
+ g_warning ("%s: and chdir failed\n",
+ __FUNCTION__);
+ g_free (previous_dir);
+ g_free (output_file);
+ return -1;
+ }
+ if (WIFEXITED (status))
+ switch (WEXITSTATUS (status))
+ {
+ case EXIT_SUCCESS:
+ break;
+ case EXIT_FAILURE:
+ default:
+ g_warning ("%s: child failed, %s\n",
+ __FUNCTION__,
+ command);
+ if (chdir (previous_dir))
+ g_warning ("%s: and chdir failed\n",
+ __FUNCTION__);
+ g_free (previous_dir);
+ g_free (output_file);
+ return -1;
+ }
+ else
+ {
+ g_warning ("%s: child failed, %s\n",
+ __FUNCTION__,
+ command);
+ if (chdir (previous_dir))
+ g_warning ("%s: and chdir failed\n",
+ __FUNCTION__);
+ g_free (previous_dir);
+ g_free (output_file);
+ return -1;
+ }
+
+ /* Child succeeded, continue to process result. */
+
+ break;
+ }
+ }
}
else
- command = g_strdup_printf ("/bin/sh %s %s > %s"
- " 2> /dev/null",
- script,
- xml_file,
- output_file);
- g_free (script);
- g_free (xml_file);
+ {
+ /* Just run the command as the current user. */
- g_debug (" command: %s\n", command);
+ g_free (xml_file);
+
+ /* RATS: ignore, command is defined above. */
+ if (ret = system (command),
+ /** @todo ret is always -1. */
+ 0 && ((ret) == -1
+ || WEXITSTATUS (ret)))
+ {
+ g_warning ("%s: system failed with ret %i, %i, %s\n",
+ __FUNCTION__,
+ ret,
+ WEXITSTATUS (ret),
+ command);
+ if (chdir (previous_dir))
+ g_warning ("%s: and chdir failed\n",
+ __FUNCTION__);
+ g_free (previous_dir);
+ g_free (command);
+ g_free (output_file);
+ return -1;
+ }
- /* RATS: ignore, command is defined above. */
- if (ret = system (command),
- /** @todo ret is always -1. */
- 0 && ((ret) == -1
- || WEXITSTATUS (ret)))
- {
- g_warning ("%s: system failed with ret %i, %i, %s\n",
- __FUNCTION__,
- ret,
- WEXITSTATUS (ret),
- command);
- if (chdir (previous_dir))
- g_warning ("%s: and chdir failed\n",
- __FUNCTION__);
- g_free (previous_dir);
g_free (command);
- g_free (output_file);
- return -1;
}
{
char chunk[MANAGE_SEND_REPORT_CHUNK_SIZE + 1];
FILE *stream;
- g_free (command);
-
/* Change back to the previous directory. */
if (chdir (previous_dir))
@@ -21061,7 +21343,7 @@
{
struct tm broken1, *broken2;
int same_year, same_month, same_day, same_hour, same_minute, same_second;
- int year1_less, month1_less, day1_less, hour1_less, minute1_less;
+ int month1_less, day1_less, hour1_less, minute1_less;
int second1_less;
assert (time1 < time2);
@@ -21076,7 +21358,6 @@
same_minute = (broken1.tm_min == broken2->tm_min);
same_second = (broken1.tm_sec == broken2->tm_sec);
- year1_less = (broken1.tm_year < broken2->tm_year);
month1_less = (broken1.tm_mon < broken2->tm_mon);
day1_less = (broken1.tm_mday < broken2->tm_mday);
hour1_less = (broken1.tm_hour < broken2->tm_hour);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.3/src/omp.c new/openvas-manager-2.0.4/src/omp.c
--- old/openvas-manager-2.0.3/src/omp.c 2011-04-15 15:30:03.000000000 +0200
+++ new/openvas-manager-2.0.4/src/omp.c 2011-05-30 15:59:05.000000000 +0200
@@ -10092,7 +10092,7 @@
}
else
{
- int fail = 0, first = 1;
+ int fail = 0;
/** @todo It'd probably be better to allow only one
* modification at a time, that is, one parameter or one of
@@ -10115,8 +10115,6 @@
"Task %s could not be modified",
modify_task_data->task_id);
}
- else
- first = 0;
}
if (fail == 0 && modify_task_data->name)
@@ -10133,8 +10131,6 @@
"Task %s could not be modified",
modify_task_data->task_id);
}
- else
- first = 0;
}
if (fail == 0 && modify_task_data->comment)
@@ -10151,8 +10147,6 @@
"Task %s could not be modified",
modify_task_data->task_id);
}
- else
- first = 0;
}
if (fail == 0 && modify_task_data->escalator_id)
@@ -10162,7 +10156,6 @@
if (strcmp (modify_task_data->escalator_id, "0") == 0)
{
set_task_escalator (task, 0);
- first = 0;
}
else if ((fail = find_escalator
(modify_task_data->escalator_id,
@@ -10186,7 +10179,6 @@
else
{
set_task_escalator (task, escalator);
- first = 0;
}
}
@@ -10197,7 +10189,6 @@
if (strcmp (modify_task_data->schedule_id, "0") == 0)
{
set_task_schedule (task, 0);
- first = 0;
}
else if ((fail = find_schedule
(modify_task_data->schedule_id,
@@ -10221,7 +10212,6 @@
else
{
set_task_schedule (task, schedule);
- first = 0;
}
}
@@ -10232,7 +10222,6 @@
if (strcmp (modify_task_data->slave_id, "0") == 0)
{
set_task_slave (task, 0);
- first = 0;
}
else if ((fail = find_slave
(modify_task_data->slave_id,
@@ -10256,13 +10245,11 @@
else
{
set_task_slave (task, slave);
- first = 0;
}
}
if (fail == 0)
{
- assert (first == 0);
g_log ("event task", G_LOG_LEVEL_MESSAGE,
"Task %s has been modified",
modify_task_data->task_id);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.3/src/schema_formats/XML/OMP.xml new/openvas-manager-2.0.4/src/schema_formats/XML/OMP.xml
--- old/openvas-manager-2.0.3/src/schema_formats/XML/OMP.xml 2011-04-15 15:30:00.000000000 +0200
+++ new/openvas-manager-2.0.4/src/schema_formats/XML/OMP.xml 2011-05-30 15:59:05.000000000 +0200
@@ -4851,7 +4851,15 @@
</ele>
<ele>
<name>result_count</name>
+ <summary>Counts of results produced by scan</summary>
+ <description>
+ <p>
+ The text contains the full count -- the total number of results
+ produced by scan.
+ </p>
+ </description>
<pattern>
+ text
<e>full</e>
<e>filtered</e>
<e>debug</e>
++++++ openvas-manager.dsc ++++++
--- /var/tmp/diff_new_pack.yCnJWS/_old 2011-06-06 13:35:43.000000000 +0200
+++ /var/tmp/diff_new_pack.yCnJWS/_new 2011-06-06 13:35:43.000000000 +0200
@@ -2,12 +2,12 @@
Source: openvas-manager
Binary: openvas-manager
Architecture: any
-Version: 2.0.3-1
+Version: 2.0.4-1
Maintainer: Stephan Kleine
Homepage: http://www.openvas.org/
Standards-Version: 3.8.0
Build-Depends: debhelper (>= 5), cmake, doxygen, dpatch, hardening-wrapper, libopenvas4-dev, libsqlite3-dev, pkg-config
Files:
- 776ce4e1000137c9aec7863372c8c876 373800 openvas-manager-2.0.3.orig.tar.gz
- 131e6720b0526ade9405eade0d9150ac 56625 openvas-manager-2.0.3.diff.gz
+ 776ce4e1000137c9aec7863372c8c876 373800 openvas-manager-2.0.4.orig.tar.gz
+ 131e6720b0526ade9405eade0d9150ac 56625 openvas-manager-2.0.4.diff.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org