diff --git a/.circleci/config.yml b/.circleci/config.yml
deleted file mode 100644
index 260503dc9..000000000
--- a/.circleci/config.yml
+++ /dev/null
@@ -1,152 +0,0 @@
-version: 2
-jobs:
- check_format:
- docker:
- - image: greenbone/build-env-gvm-libs-master-debian-buster-clang-core
- steps:
- - checkout
- - run:
- name: Check Source Format
- command: clang-format -i -style=file src/gmp.h src/gmp_base.h src/gmp_delete.h src/gmp_get.h src/gmp_tickets.h src/gmpd.h src/iterator.h src/manage_utils.h src/sql.h src/types.h src/utils.h && git diff --exit-code
- test_units:
- docker:
- - image: greenbone/build-env-gvm-master-debian-stretch-gcc-postgresql
- steps:
- - run:
- working_directory: ~/gvm-libs
- name: Checkout gvm-libs
- command: git clone --depth 1 https://github.com/greenbone/gvm-libs.git
- - run:
- working_directory: ~/gvm-libs
- name: Configure and compile gvm-libs (Release)
- command: pushd gvm-libs && mkdir build && cd build/ && cmake -DCMAKE_BUILD_TYPE=Release .. && make install && popd
- - checkout
- - run:
- name: Configure and run unit tests
- command: mkdir build && cd build/ && cmake -DBACKEND=POSTGRESQL -DCMAKE_BUILD_TYPE=Release -DENABLE_COVERAGE=1 .. && make && make tests && CTEST_OUTPUT_ON_FAILURE=1 make test && lcov --directory . --capture --output-file coverage.info && genhtml -o coverage coverage.info
- build_postgresql_debug:
- docker:
- - image: greenbone/build-env-gvm-master-debian-stretch-gcc-postgresql
- steps:
- - run:
- working_directory: ~/gvm-libs
- name: Checkout gvm-libs
- command: git clone --depth 1 https://github.com/greenbone/gvm-libs.git
- - run:
- working_directory: ~/gvm-libs
- name: Configure and compile gvm-libs (Debug)
- command: pushd gvm-libs && mkdir build && cd build/ && cmake -DCMAKE_BUILD_TYPE=Debug .. && make install && popd
- - checkout
- - run:
- name: Configure and Compile (Debug)
- command: mkdir build && cd build/ && cmake -DBACKEND=POSTGRESQL -DCMAKE_BUILD_TYPE=Debug .. && make install
- build_postgresql_release:
- docker:
- - image: greenbone/build-env-gvm-master-debian-stretch-gcc-postgresql
- steps:
- - run:
- working_directory: ~/gvm-libs
- name: Checkout gvm-libs
- command: git clone --depth 1 https://github.com/greenbone/gvm-libs.git
- - run:
- working_directory: ~/gvm-libs
- name: Configure and compile gvm-libs (Release)
- command: pushd gvm-libs && mkdir build && cd build/ && cmake -DCMAKE_BUILD_TYPE=Release .. && make install && popd
- - checkout
- - run:
- name: Configure and Compile (Release)
- command: mkdir build && cd build/ && cmake -DBACKEND=POSTGRESQL -DCMAKE_BUILD_TYPE=Release .. && make install
- build_postgresql_debug_clang:
- docker:
- - image: greenbone/build-env-gvm-master-debian-stretch-clang-postgresql
- steps:
- - run:
- working_directory: ~/gvm-libs
- name: Checkout gvm-libs
- command: git clone --depth 1 https://github.com/greenbone/gvm-libs.git
- - run:
- working_directory: ~/gvm-libs
- name: Configure and compile gvm-libs (Release)
- command: pushd gvm-libs && mkdir build && cd build/ && cmake -DCMAKE_BUILD_TYPE=Release .. && make install && popd
- - checkout
- - run:
- name: Configure and Compile with Clang (Debug, PostgreSQL)
- command: mkdir build && cd build/ && cmake -DCMAKE_C_COMPILER=clang -DCMAKE_C_FLAGS="-Wno-ignored-attributes" -DBACKEND=POSTGRESQL -DCMAKE_BUILD_TYPE=Debug .. && make install
- scan_build_postgresql_debug:
- docker:
- - image: greenbone/build-env-gvm-master-debian-stretch-clang-postgresql
- steps:
- - run:
- working_directory: ~/gvm-libs
- name: Checkout gvm-libs
- command: git clone --depth 1 https://github.com/greenbone/gvm-libs.git
- - run:
- working_directory: ~/gvm-libs
- name: Configure and compile gvm-libs (Release)
- command: pushd gvm-libs && mkdir build && cd build/ && cmake -DCMAKE_BUILD_TYPE=Release .. && make install && popd
- - checkout
- - run:
- name: Configure and Scan Build (Debug, PostgreSQL)
- command: mkdir build && cd build/ && scan-build cmake -DBACKEND=POSTGRESQL -DCMAKE_BUILD_TYPE=Debug .. && scan-build -o ~/scan-build-report-postgresql make && [ -z "$(ls -A ~/scan-build-report-postgresql/)" ]
- - store_artifacts:
- path: ~/scan-build-report-postgresql
- build_doc:
- docker:
- - image: greenbone/code-metrics-doxygen-debian-stretch
- steps:
- - checkout
- - run:
- name: Build standard documentation, failing if there are warnings
- command: mkdir build && cd build/ && cmake -DSKIP_SRC=1 .. && make doc 2>&1 1>/dev/null | { ! grep --invert-match "CGI::Pretty"; }
- gen_xml_doc:
- docker:
- - image: greenbone/code-metrics-doxygen-debian-stretch
- steps:
- - checkout
- - run:
- name: Generate documentation (XML)
- command: mkdir build && cd build/ && cmake -DSKIP_SRC=1 .. && make doc-xml 2> ~/doxygen-stderr.txt
- - store_artifacts:
- path: ~/doxygen-stderr.txt
- - persist_to_workspace:
- root: ~/project/build/doc/generated/
- paths:
- - xml
- doc_coverage:
- docker:
- - image: circleci/python:3.6
- steps:
- - attach_workspace:
- at: /tmp/workspace
- - checkout
- - run:
- name: Install coverxygen and codecov
- command: |
- python3 -m venv venv
- . venv/bin/activate
- pip install 'coverxygen>=1.3.1' codecov
- - run:
- name: Establish documentation coverage
- command: |
- . venv/bin/activate
- python -m coverxygen --src-dir /root/project --xml-dir /tmp/workspace/xml --output lcov.info
- - run:
- name: Upload coverage to Codecov
- command: |
- . venv/bin/activate
- codecov -F documentation -X gcov -f lcov.info
-workflows:
- version: 2
- build:
- jobs:
- - check_format
- - test_units
- - build_postgresql_debug
- - build_postgresql_release
- - build_postgresql_debug_clang
- - scan_build_postgresql_debug
- - build_doc
- - gen_xml_doc
- - doc_coverage:
- requires:
- - gen_xml_doc
diff --git a/.docker/build.Dockerfile b/.docker/build.Dockerfile
new file mode 100644
index 000000000..e9e53c04b
--- /dev/null
+++ b/.docker/build.Dockerfile
@@ -0,0 +1,35 @@
+# Define ARG we use through the build
+ARG VERSION=edge
+
+# We want gvm-libs to be ready so we use the build docker image of gvm-libs
+FROM greenbone/gvm-libs:$VERSION
+
+# This will make apt-get install without question
+ARG DEBIAN_FRONTEND=noninteractive
+
+# Redefine ARG we use through the build
+ARG VERSION
+
+WORKDIR /usr/local/src
+
+# Install Debian core dependencies required for building gvm with PostgreSQL
+# support and not yet installed as dependencies of gvm-libs-core
+RUN apt-get update && \
+ apt-get install -y --no-install-recommends \
+ build-essential \
+ cmake \
+ gcc \
+ libglib2.0-dev \
+ libgnutls28-dev \
+ libpq-dev \
+ postgresql-server-dev-13 \
+ pkg-config \
+ libical-dev \
+ xsltproc \
+ libcgreen1-dev \
+ lcov \
+ libbsd-dev \
+ libgpgme-dev && \
+ rm -rf /var/lib/apt/lists/*
+
+RUN ldconfig
diff --git a/.docker/entrypoint.sh b/.docker/entrypoint.sh
new file mode 100644
index 000000000..4063de001
--- /dev/null
+++ b/.docker/entrypoint.sh
@@ -0,0 +1,21 @@
+#!/bin/sh
+# Copyright (C) 2022 Greenbone AG
+#
+# SPDX-License-Identifier: GPL-3.0-or-later
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see .
+
+#!/bin/bash
+
+exec gosu gvmd "$@"
diff --git a/.docker/prod.Dockerfile b/.docker/prod.Dockerfile
new file mode 100644
index 000000000..f9a586ce2
--- /dev/null
+++ b/.docker/prod.Dockerfile
@@ -0,0 +1,122 @@
+ARG VERSION=unstable
+ARG GVM_LIBS_VERSION=edge
+ARG DEBIAN_FRONTEND=noninteractive
+
+FROM greenbone/gvmd-build:${VERSION} as builder
+
+COPY . /source
+WORKDIR /source
+
+RUN mkdir /build && \
+ mkdir /install && \
+ cd /build && \
+ cmake -DCMAKE_BUILD_TYPE=Release /source && \
+ make DESTDIR=/install install
+
+FROM greenbone/gvm-libs:${GVM_LIBS_VERSION}
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+# Runtime dependencies
+
+# PDF Report
+# texlive-fonts-recommended
+# texlive-latex-extra
+
+# HTML Reports, cert data and scan data details
+# xsltproc
+
+# verinice report
+# xsltproc
+# xmlstarlet
+# zip
+
+# RPM credential packages
+# rpm
+# fakeroot
+
+# DEB credential packages
+# dpkg
+# fakeroot
+
+# Windows Executable (.exe) credential installer
+# nsis
+
+# signature verification
+# gnupg
+
+# HTTP alerts
+# wget
+
+# SCP alert
+# sshpass
+# openssh-client
+
+# Send alert
+# socat
+
+# SNMP alert
+# snmp
+
+# SMB alert
+# python3
+# smbclient
+
+# s/mime email encryption
+# gpgsm
+
+# Loading scap and cert data
+# xml-twig-tools
+
+RUN apt-get update && \
+ apt-get install -y --no-install-recommends \
+ dpkg \
+ fakeroot \
+ nsis \
+ gosu \
+ gnupg \
+ gpgsm \
+ libbsd0 \
+ libgpgme11 \
+ libical3 \
+ libpq5 \
+ openssh-client \
+ postgresql-client-13 \
+ postgresql-client-common \
+ python3 \
+ rpm \
+ rsync \
+ socat \
+ smbclient \
+ snmp \
+ sshpass \
+ texlive-fonts-recommended \
+ texlive-latex-extra \
+ wget \
+ xml-twig-tools \
+ xmlstarlet \
+ xsltproc \
+ zip && \
+ rm -rf /var/lib/apt/lists/*
+
+COPY --from=builder /install/ /
+
+COPY .docker/start-gvmd.sh /usr/local/bin/start-gvmd
+COPY .docker/entrypoint.sh /usr/local/bin/entrypoint
+
+RUN addgroup --gid 1001 --system gvmd && \
+ adduser --no-create-home --shell /bin/false --disabled-password --uid 1001 --system --group gvmd
+
+RUN mkdir -p /run/gvmd && \
+ mkdir -p /var/lib/gvm && \
+ mkdir -p /var/log/gvm && \
+ chown -R gvmd:gvmd /etc/gvm && \
+ chown -R gvmd:gvmd /run/gvmd && \
+ chown -R gvmd:gvmd /var/lib/gvm && \
+ chown -R gvmd:gvmd /var/log/gvm && \
+ chmod 755 /usr/local/bin/entrypoint && \
+ chmod 755 /usr/local/bin/start-gvmd
+
+ENTRYPOINT [ "/usr/local/bin/entrypoint" ]
+
+CMD [ "/usr/local/bin/start-gvmd" ]
diff --git a/.docker/start-gvmd.sh b/.docker/start-gvmd.sh
new file mode 100644
index 000000000..695e4d51b
--- /dev/null
+++ b/.docker/start-gvmd.sh
@@ -0,0 +1,51 @@
+#!/bin/sh
+# Copyright (C) 2022 Greenbone AG
+#
+# SPDX-License-Identifier: GPL-3.0-or-later
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see .
+
+#!/bin/sh
+
+[ -z "$USER" ] && USER="admin"
+[ -z "$PASSWORD" ] && PASSWORD="admin"
+[ -z "$GVMD_ARGS" ] && GVMD_ARGS="--listen-mode=666"
+[ -z "$GVMD_USER" ] && GVMD_USER="gvmd"
+[ -z "$PGRES_DATA"] && PGRES_DATA="/var/lib/postgresql"
+
+# check for psql connection
+FILE=$PGRES_DATA/started
+until test -f "$FILE"; do
+ echo "waiting 1 second for ready postgres container"
+ sleep 1
+done
+until psql -U "$GVMD_USER" -d gvmd -c "SELECT 'connected' as connection"; do
+ echo "waiting 1 second to retry psql connection"
+ sleep 1
+done
+
+# migrate db if necessary
+gvmd --migrate || true
+
+gvmd --create-user=$USER --password=$PASSWORD || true
+
+# set the feed import owner
+uid=$(gvmd --get-users --verbose | grep $USER | awk '{print $2}')
+gvmd --modify-setting 78eceaec-3385-11ea-b237-28d24461215b --value "$uid"
+
+echo "starting gvmd"
+gvmd $GVMD_ARGS ||
+ (cat /var/log/gvm/gvmd.log && exit 1)
+
+tail -f /var/log/gvm/gvmd.log
diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 000000000..8f8871184
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,4 @@
+.git
+.github
+.vscode
+build
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 8717d5a8d..2277decec 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -1,2 +1,6 @@
# default reviewers
-* @timopollmeier @mattmundell
+* @greenbone/gvmd-maintainers @mattmundell
+
+# dev ops
+.github/ @greenbone/devops @greenbone/gvmd-maintainers @mattmundell
+.docker/ @greenbone/devops @greenbone/gvmd-maintainers @mattmundell
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
deleted file mode 100644
index 4ab5da0de..000000000
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ /dev/null
@@ -1,31 +0,0 @@
-**What**:
-
-
-
-**Why**:
-
-
-
-**How**:
-
-
-
-**Checklist**:
-
-
-
-
-
-- [ ] Tests
-- [ ] [CHANGELOG](https://github.com/greenbone/gvmd/blob/master/CHANGELOG.md) Entry
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 000000000..5ace4600a
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,6 @@
+version: 2
+updates:
+ - package-ecosystem: "github-actions"
+ directory: "/"
+ schedule:
+ interval: "weekly"
diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml
new file mode 100644
index 000000000..f04cb5078
--- /dev/null
+++ b/.github/workflows/build-and-test.yml
@@ -0,0 +1,58 @@
+name: 'Build and Test'
+
+on:
+ push:
+ branches: [ main, stable, oldstable ]
+ pull_request:
+ branches: [ main, stable, oldstable ]
+
+jobs:
+ check-format:
+ name: Check formatting
+ runs-on: ubuntu-latest
+ steps:
+ - name: Check out gvmd
+ uses: actions/checkout@v3
+ - name: Check Source Format
+ run: |
+ clang-format -i -style=file src/gmp_{base,delete,get,tickets}.h \
+ src/{gmp,gmpd,iterator,sql,types,utils,manage_utils}.h
+ git diff --exit-code
+
+ scan-build:
+ name: scan-build (clang static analyzer)
+ runs-on: ubuntu-latest
+ container: greenbone/gvmd-build:unstable
+ steps:
+ - name: Check out gvmd
+ uses: actions/checkout@v3
+ - name: Install clang tools
+ run: |
+ apt update
+ apt install --no-install-recommends -y clang clang-format clang-tools
+ rm -rf /var/lib/apt/lists/*
+ - name: Configure scan build
+ run: |
+ scan-build cmake -B build -DCMAKE_BUILD_TYPE=Debug
+ scan-build -o ~/scan-build-report cmake --build build
+ - name: Upload scan-build report
+ if: failure()
+ uses: actions/upload-artifact@v3
+ with:
+ name: scan-build-report
+ path: ~/scan-build-report/
+ retention-days: 7
+
+ test-units:
+ name: Unit Tests
+ runs-on: ubuntu-latest
+ container: greenbone/gvmd-build:unstable
+ steps:
+ - name: Check out gvmd
+ uses: actions/checkout@v3
+ - name: Build gvmd
+ run: |
+ cmake -B build -DCMAKE_BUILD_TYPE=Debug -DENABLE_COVERAGE=1
+ cmake --build build
+ - name: Configure and run tests
+ run: CTEST_OUTPUT_ON_FAILURE=1 cmake --build build -- tests test
diff --git a/.github/workflows/build-container.yml b/.github/workflows/build-container.yml
new file mode 100644
index 000000000..b72900665
--- /dev/null
+++ b/.github/workflows/build-container.yml
@@ -0,0 +1,73 @@
+name: Build Container Image Builds
+
+on:
+ push:
+ branches: [ main, stable, oldstable ]
+ tags: ["v*"]
+ paths:
+ - .github/workflows/build-container.yml
+ - .docker/build.Dockerfile
+ pull_request:
+ branches: [ main, stable, oldstable ]
+ paths:
+ - .github/workflows/build-container.yml
+ - .docker/build.Dockerfile
+ workflow_dispatch:
+ repository_dispatch:
+ schedule:
+ # rebuild image every sunday
+ - cron: "0 0 * * 0"
+
+jobs:
+ build-images:
+ name: "Build Images"
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ - name: Setup container meta information
+ id: meta
+ uses: docker/metadata-action@v4
+ with:
+ images: ${{ github.repository }}-build
+ labels: |
+ org.opencontainers.image.vendor=Greenbone
+ org.opencontainers.image.base.name=debian/stable-slim
+ flavor: latest=false # no latest container tag for git tags
+ tags: |
+ # create container tag for git tags
+ type=ref,event=tag
+ type=ref,event=pr
+ # use latest for stable branch
+ type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'stable') }}
+ type=raw,value=stable,enable=${{ github.ref == format('refs/heads/{0}', 'stable') }}
+ type=raw,value=oldstable,enable=${{ github.ref == format('refs/heads/{0}', 'oldstable') }}
+ # use unstable for main branch
+ type=raw,value=unstable,enable={{is_default_branch}}
+ - name: Login to DockerHub
+ if: github.event_name != 'pull_request'
+ uses: docker/login-action@v2
+ with:
+ username: ${{ secrets.DOCKERHUB_USERNAME }}
+ password: ${{ secrets.DOCKERHUB_TOKEN }}
+ - run: echo "Build and push ${{ steps.meta.outputs.tags }}"
+ - name: Set up QEMU
+ uses: docker/setup-qemu-action@v2
+ - name: Set up Docker Buildx
+ uses: docker/setup-buildx-action@v2
+ - name: Build and push
+ uses: docker/build-push-action@v4
+ with:
+ context: .
+ push: ${{ github.event_name != 'pull_request' }}
+ file: .docker/build.Dockerfile
+ platforms: linux/amd64,linux/arm64
+ tags: ${{ steps.meta.outputs.tags }}
+ labels: ${{ steps.meta.outputs.labels }}
+ - name: Trigger libtheia container build
+ if: github.event_name != 'pull_request'
+ run: |
+ curl -X POST https://api.github.com/repos/greenbone/libtheia/actions/workflows/container.yml/dispatches \
+ -H "Accept: application/vnd.github.v3+json" \
+ -u greenbonebot:${{ secrets.GREENBONE_BOT_TOKEN }} \
+ -d '{"ref":"main"}'
diff --git a/.github/workflows/build-docs.yml b/.github/workflows/build-docs.yml
new file mode 100644
index 000000000..b12a1e991
--- /dev/null
+++ b/.github/workflows/build-docs.yml
@@ -0,0 +1,34 @@
+name: 'Build Documentation'
+
+on:
+ push:
+ branches: [ main, stable, oldstable ]
+
+jobs:
+ generate-doc-and-upload-coverage:
+ name: Build XML documentation and upload coverage
+ runs-on: ubuntu-latest
+ container: greenbone/doxygen
+ steps:
+ - name: Run the c lang coverage action
+ uses: greenbone/actions/doc-coverage-clang@v2
+
+ build-gmp-doc:
+ name: Build GMP documentation
+ runs-on: ubuntu-latest
+ container: greenbone/gvmd-build:latest
+ steps:
+ - name: Check out gvmd
+ uses: actions/checkout@v3
+ - name: Generate GMP documentation (HTML)
+ run: |
+ mkdir build
+ cd build
+ cmake -DSKIP_SRC=1 ..
+ make doc-gmp
+ - name: Upload GMP documentation artifact
+ uses: actions/upload-artifact@v3
+ with:
+ name: gmp.html
+ path: build/doc/gmp.html
+ retention-days: 14
diff --git a/.github/workflows/codeql-analysis-c.yml b/.github/workflows/codeql-analysis-c.yml
new file mode 100644
index 000000000..45085db6f
--- /dev/null
+++ b/.github/workflows/codeql-analysis-c.yml
@@ -0,0 +1,45 @@
+name: "CodeQL"
+
+on:
+ push:
+ branches: [ main, stable, oldstable ]
+ pull_request:
+ branches: [ main, stable, oldstable ]
+ paths-ignore:
+ - '**/*.md'
+ - '**/*.txt'
+ schedule:
+ - cron: '30 5 * * 0' # 5:30h on Sundays
+
+jobs:
+ analyze:
+ name: Analyze
+ runs-on: ubuntu-latest
+ permissions:
+ actions: read
+ contents: read
+ security-events: write
+ container: greenbone/gvmd-build:unstable
+
+ strategy:
+ fail-fast: false
+ matrix:
+ language: [ 'c' ]
+
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@v3
+
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@v2
+ with:
+ languages: ${{ matrix.language }}
+ # build between init and analyze ...
+ - name: Configure and compile gvmd
+ run: |
+ mkdir build
+ cd build/
+ cmake -DCMAKE_BUILD_TYPE=Debug ..
+ make install
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze@v2
diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml
new file mode 100644
index 000000000..b122911a5
--- /dev/null
+++ b/.github/workflows/container.yml
@@ -0,0 +1,61 @@
+name: Container Image Builds
+
+on:
+ push:
+ branches: [main, stable, oldstable]
+ tags: ["v*"]
+ pull_request:
+ branches: [main, stable, oldstable]
+ workflow_dispatch:
+ repository_dispatch:
+
+jobs:
+ images:
+ name: Production Images
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@v3
+ - name: Setup container meta information
+ id: meta
+ uses: docker/metadata-action@v4
+ with:
+ images: ${{ github.repository }}
+ labels: |
+ org.opencontainers.image.vendor=Greenbone
+ org.opencontainers.image.base.name=debian/stable-slim
+ flavor: latest=false # no latest container tag for git tags
+ tags: |
+ # use container tag for git tags
+ type=match,pattern=v(.*),group=1
+ # use latest for latest tag from stable branch
+ type=raw,value=latest,enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v22.4') }}
+ # use stable for latest 22.4 tag
+ type=raw,value=stable,enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v22.4') }}
+ # use oldstable for latest 21.4 tag
+ type=raw,value=oldstable,enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v21.4') }}
+ # use edge for default branch
+ type=edge
+ # use branch-sha otherwise for pushes to branches other then main (will not be uploaded)
+ type=raw,value={{branch}}-{{sha}},enable=${{ github.ref_type == 'branch' && github.event_name == 'push' && github.ref_name != 'main' }}
+ # use pr-$PR_ID for pull requests (will not be uploaded)
+ type=ref,event=pr
+ - name: Login to Docker Registry
+ if: github.event_name != 'pull_request'
+ uses: docker/login-action@v2
+ with:
+ username: ${{ secrets.DOCKERHUB_USERNAME }}
+ password: ${{ secrets.DOCKERHUB_TOKEN }}
+ - name: Set up QEMU
+ uses: docker/setup-qemu-action@v2
+ - name: Set up Docker Buildx
+ uses: docker/setup-buildx-action@v2
+ - name: Build and push Container image
+ uses: docker/build-push-action@v4
+ with:
+ context: .
+ push: ${{ github.event_name != 'pull_request' && (github.ref_type == 'tag' || github.ref_name == 'main') }}
+ file: .docker/prod.Dockerfile
+ platforms: linux/amd64,linux/arm64
+ tags: ${{ steps.meta.outputs.tags }}
+ labels: ${{ steps.meta.outputs.labels }}
diff --git a/.github/workflows/conventional-commits.yml b/.github/workflows/conventional-commits.yml
new file mode 100644
index 000000000..9b631f60e
--- /dev/null
+++ b/.github/workflows/conventional-commits.yml
@@ -0,0 +1,15 @@
+name: Conventional Commits
+
+on:
+ pull_request:
+
+permissions:
+ pull-requests: write
+
+jobs:
+ conventional-commits:
+ name: Conventional Commits
+ runs-on: ubuntu-latest
+ steps:
+ - name: Report Conventional Commits
+ uses: greenbone/actions/conventional-commits@v2
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
new file mode 100644
index 000000000..bbc5a50d9
--- /dev/null
+++ b/.github/workflows/dependency-review.yml
@@ -0,0 +1,12 @@
+name: 'Dependency Review'
+on: [pull_request]
+
+permissions:
+ contents: read
+
+jobs:
+ dependency-review:
+ runs-on: ubuntu-latest
+ steps:
+ - name: 'Dependency Review'
+ uses: greenbone/actions/dependency-review@v2
diff --git a/.github/workflows/release-pontos.yml b/.github/workflows/release-pontos.yml
new file mode 100644
index 000000000..85da7c555
--- /dev/null
+++ b/.github/workflows/release-pontos.yml
@@ -0,0 +1,34 @@
+name: Release gvmd with pontos
+
+on:
+ pull_request:
+ types: [closed]
+ workflow_dispatch:
+
+jobs:
+ build-and-release:
+ name: Create a new release with pontos
+ # If the event is a workflow_dispatch or the label 'make release' is set and PR is closed because of a merge
+ if: (github.event_name == 'workflow_dispatch') || (contains( github.event.pull_request.labels.*.name, 'make release') && github.event.pull_request.merged == true)
+ runs-on: "ubuntu-latest"
+ steps:
+ - name: Setting the Reference
+ run: |
+ if [[ "${{ github.event_name }}" = "workflow_dispatch" ]]; then
+ echo "RELEASE_REF=${{ github.ref_name }}" >> $GITHUB_ENV
+ else
+ echo "RELEASE_REF=${{ github.base_ref }}" >> $GITHUB_ENV
+ fi
+ - name: Release with release action
+ uses: greenbone/actions/release@v2
+ with:
+ python-version: "3.10"
+ conventional-commits: true
+ github-user: ${{ secrets.GREENBONE_BOT }}
+ github-user-mail: ${{ secrets.GREENBONE_BOT_MAIL }}
+ github-user-token: ${{ secrets.GREENBONE_BOT_TOKEN }}
+ gpg-key: ${{ secrets.GPG_KEY }}
+ gpg-fingerprint: ${{ secrets.GPG_FINGERPRINT }}
+ gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }}
+ strategy: calendar
+ ref: ${{ env.RELEASE_REF }}
diff --git a/.github/workflows/sbom-upload.yml b/.github/workflows/sbom-upload.yml
new file mode 100644
index 000000000..28289bdfe
--- /dev/null
+++ b/.github/workflows/sbom-upload.yml
@@ -0,0 +1,14 @@
+name: SBOM upload
+on:
+ workflow_dispatch:
+ push:
+ branches: ["main"]
+jobs:
+ SBOM-upload:
+ runs-on: ubuntu-latest
+ permissions:
+ id-token: write
+ contents: write
+ steps:
+ - name: 'SBOM upload'
+ uses: greenbone/actions/sbom-upload@v2
diff --git a/.gitignore b/.gitignore
index 567609b12..4a7968117 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,4 @@
build/
+tags
+.ccls
+.vscode
diff --git a/.mergify.yml b/.mergify.yml
new file mode 100644
index 000000000..70037f949
--- /dev/null
+++ b/.mergify.yml
@@ -0,0 +1,57 @@
+pull_request_rules:
+ # backports from main branch
+ - name: backport main patches to stable branch
+ conditions:
+ - base=main
+ - label=backport-to-stable
+ actions:
+ backport:
+ branches:
+ - stable
+
+ - name: backport main patches to oldstable branch
+ conditions:
+ - base=main
+ - label=backport-to-oldstable
+ actions:
+ backport:
+ branches:
+ - oldstable
+
+ # backports from upcoming release branch
+ - name: backport stable patches to main branch
+ conditions:
+ - base=stable
+ - label=backport-to-main
+ actions:
+ backport:
+ branches:
+ - main
+
+ - name: backport stable patches to oldstable branch
+ conditions:
+ - base=stable
+ - label=backport-to-oldstable
+ actions:
+ backport:
+ branches:
+ - oldstable
+
+ # backports from current release branch
+ - name: backport oldstable patches to main branch
+ conditions:
+ - base=oldstable
+ - label=backport-to-main
+ actions:
+ backport:
+ branches:
+ - main
+
+ - name: backport oldstable patches to stable branch
+ conditions:
+ - base=oldstable
+ - label=backport-to-stable
+ actions:
+ backport:
+ branches:
+ - stable
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9ace03cfb..adf04ab77 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,33 +4,232 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
-## [21.4] (unreleased)
+## [22.4] (unreleased)
+
+### Added
+- Add a new modification_time column to reports [#1513](https://github.com/greenbone/gvmd/pull/1513), [#1519](https://github.com/greenbone/gvmd/pull/1519), [#1590](https://github.com/greenbone/gvmd/pull/1590)
+- Add basic Sentry integration and logging [#1550](https://github.com/greenbone/gvmd/pull/1550)
+- Add GMP get_license and modify_license [#1642](https://github.com/greenbone/gvmd/pull/1642), [#1692](https://github.com/greenbone/gvmd/pull/1692), [#1696](https://github.com/greenbone/gvmd/pull/1696)
+### Changed
+- Use pg-gvm extension for C PostgreSQL functions [#1400](https://github.com/greenbone/gvmd/pull/1400), [#1453](https://github.com/greenbone/gvmd/pull/1453)
+- Change report timestamp filter and iterator columns [#1512](https://github.com/greenbone/gvmd/pull/1512)
+- Rename the date column of reports to creation_time [#1520](https://github.com/greenbone/gvmd/pull/1520)
+- Send the script timeout to the scanner as script preferences [#1670](https://github.com/greenbone/gvmd/pull/1670)
+
+### Fixed
+- Improve VT version handling for CVE & OVAL results [#1496](https://github.com/greenbone/gvmd/pull/1496)
+- Fix migration to DB version 242 from gvmd 20.08 [#1498](https://github.com/greenbone/gvmd/pull/1498)
+- Update subject alternative name in certificate generation [#1503](https://github.com/greenbone/gvmd/pull/1503)
+
+### Removed
+- Remove Network Source Interface from gvmd [#1511](https://github.com/greenbone/gvmd/pull/1511)
+- Removed OVAL definitions from gvmd [#1525](https://github.com/greenbone/gvmd/pull/1525)
+- Removed OVAL definitions from GMP and gvmd documentation [1551](https://github.com/greenbone/gvmd/pull/1551)
+- Removed the Business Process Map from gvmd [1627](https://github.com/greenbone/gvmd/pull/1627)
+- Removed ifaces element from users [#1676](https://github.com/greenbone/gvmd/pull/1676)
+- Removed OSP scanners from gvmd [#1689](https://github.com/greenbone/gvmd/pull/1689) [#1691](https://github.com/greenbone/gvmd/pull/1691) [#1694](https://github.com/greenbone/gvmd/pull/1694) [#1701](https://github.com/greenbone/gvmd/pull/1701)
+
+[Unreleased]: https://github.com/greenbone/gvmd/compare/stable...main
+
+## [21.4.4] (unreleased)
+### Added
+- Add --rebuild-gvmd-data command line option [#1680](https://github.com/greenbone/gvmd/pull/1680) [#1683](https://github.com/greenbone/gvmd/pull/1683)
+
+### Changed
+### Deprecated
+### Removed
+### Fixed
+- Ensure gvmd sends error messages if gvmcg fails [#1682](https://github.com/greenbone/gvmd/pull/1682)
+- Fix resume task.
+ [#1679](https://github.com/greenbone/gvmd/pull/1679)
+ [#1695](https://github.com/greenbone/gvmd/pull/1695)
+- Added a dedicated error message for the create ticket dialogue when the create permission permission is missing [#1686](https://github.com/greenbone/gvmd/pull/1686)
+- Fix import of report results / errors without host [#1687](https://github.com/greenbone/gvmd/pull/1687)
+
+[Unreleased]: https://github.com/greenbone/gvmd/compare/v21.4.3...HEAD
+
+
+## [21.4.3] - 2021-08-03
+### Fixed
+- Fix sending prefs for whole, growing VT families [#1603](https://github.com/greenbone/gvmd/pull/1603)
+- Add trash columns for target "elevate" credential [#1636](https://github.com/greenbone/gvmd/pull/1636)
+
+[21.4.3]: https://github.com/greenbone/gvmd/compare/v21.4.2...stable
+
+## [21.4.2] - 2021-06-28
+### Fixed
+- Amended Test, if the ssh elevate credential is different from the ssh credential [#1586](https://github.com/greenbone/gvmd/pull/1586)
+- Added the missing GMP documentation for the ssh elevate credential [#1591](https://github.com/greenbone/gvmd/pull/1591)
+
+[21.4.2]: https://github.com/greenbone/gvmd/compare/v21.4.1...v21.4.2
+
+## [21.4.1] - 2021-06-23
+
+### Added
+- Add NVT tag "deprecated" [#1536](https://github.com/greenbone/gvmd/pull/1536)
+- Extend GMP for new privilege escalation credential [#1535](https://github.com/greenbone/gvmd/pull/1535)
+- Include new ssh elevate (escalation) credential in OSP request [#1539](https://github.com/greenbone/gvmd/pull/1539)
+- Add test if the ssh elevate credential is different from the ssh credential [#1582](https://github.com/greenbone/gvmd/pull/1582)
+
+### Changed
+- Update default log config [#1501](https://github.com/greenbone/gvmd/pull/1501)
+
+### Fixed
+- Improve VT version handling for CVE & OVAL results [#1496](https://github.com/greenbone/gvmd/pull/1496)
+- Fix migration to DB version 242 from gvmd 20.08 [#1498](https://github.com/greenbone/gvmd/pull/1498)
+- Update subject alternative name in certificate generation [#1503](https://github.com/greenbone/gvmd/pull/1503)
+- Fix whole-only config family selection [#1517](https://github.com/greenbone/gvmd/pull/1517)
+- Migrate GMP Scanners to OSP Sensors [#1533](https://github.com/greenbone/gvmd/pull/1533)
+- Solved a peformance problem for tasks after scanning lots of hosts [#1567](https://github.com/greenbone/gvmd/pull/1567)
+
+[21.4.1]: https://github.com/greenbone/gvmd/compare/v21.4.0...v21.4.1
+
+## [21.4.0] (2021-04-16)
+
+### Added
+- Extend GMP for extended severities [#1326](https://github.com/greenbone/gvmd/pull/1326) [#1329](https://github.com/greenbone/gvmd/pull/1329) [#1359](https://github.com/greenbone/gvmd/pull/1359) [#1371](https://github.com/greenbone/gvmd/pull/1371) [#1477](https://github.com/greenbone/gvmd/pull/1477) [#1488](https://github.com/greenbone/gvmd/pull/1488)
+- Parameter `--db-user` to set a database user [#1327](https://github.com/greenbone/gvmd/pull/1327)
+- Add `allow_simultaneous_ips` field for targets [#1346](https://github.com/greenbone/gvmd/pull/1346) [#1396](https://github.com/greenbone/gvmd/pull/1396)
+- Speed up GET_VULNS [#1354](https://github.com/greenbone/gvmd/pull/1354) [#1355](https://github.com/greenbone/gvmd/pull/1354)
+- Speed up result counting iterator [#1358](https://github.com/greenbone/gvmd/pull/1358) [#1361](https://github.com/greenbone/gvmd/pull/1361)
+- Speed up result iterator [#1370](https://github.com/greenbone/gvmd/pull/1358) [#1361](https://github.com/greenbone/gvmd/pull/1370)
+- Improve GMP docs around users [#1363](https://github.com/greenbone/gvmd/pull/1363)
+- Cache report counts when Dynamic Severity is enabled [#1389](https://github.com/greenbone/gvmd/pull/1389)
+- Detection entry detection while importing reports [#1405](https://github.com/greenbone/gvmd/pull/1405)
### Changed
- Move EXE credential generation to a Python script [#1260](https://github.com/greenbone/gvmd/pull/1260) [#1262](https://github.com/greenbone/gvmd/pull/1262)
- Clarify documentation for --scan-host parameter [#1277](https://github.com/greenbone/gvmd/pull/1277)
+- In result iterator access severity directly if possible [#1321](https://github.com/greenbone/gvmd/pull/1321)
+- Change SCAP and CERT data to use "severity" consistently [#1333](https://github.com/greenbone/gvmd/pull/1333) [#1357](https://github.com/greenbone/gvmd/pull/1357) [#1365](https://github.com/greenbone/gvmd/pull/1365) [#1457](https://github.com/greenbone/gvmd/pull/1457) [#1476](https://github.com/greenbone/gvmd/pull/1476)
+- Expect report format scripts to exit with code 0 [#1383](https://github.com/greenbone/gvmd/pull/1383)
+- Send entire families to ospd-openvas using VT_GROUP [#1384](https://github.com/greenbone/gvmd/pull/1384)
+- Limit "whole-only" config families to "growing" and "every nvt" [#1386](https://github.com/greenbone/gvmd/pull/1386)
+- Access current user with an SQL function [#1399](https://github.com/greenbone/gvmd/pull/1399)
+- Refactor modify_config, allowing multiple simultaneous changes [#1404](https://github.com/greenbone/gvmd/pull/1404)
+- Add retry on a deadlock within sql#sql [#1460](https://github.com/greenbone/gvmd/pull/1460)
+- Don't require report format plugin for XML report [#1466](https://github.com/greenbone/gvmd/pull/1466)
+- Wording of `Rebuilding NVTs because integrity check failed` [1475](https://github.com/greenbone/gvmd/pull/1475)
### Fixed
- Use GMP version with leading zero for feed dirs [#1287](https://github.com/greenbone/gvmd/pull/1287)
+- Check db version before creating SQL functions [#1304](https://github.com/greenbone/gvmd/pull/1304)
+- Fix severity_in_level SQL function [#1312](https://github.com/greenbone/gvmd/pull/1312)
+- Fix and simplify SecInfo migration [#1331](https://github.com/greenbone/gvmd/pull/1331)
+- Prevent CPE/NVD_ID from being "(null)" [#1369](https://github.com/greenbone/gvmd/pull/1369)
+- Check DB versions before CERT severity updates [#1376](https://github.com/greenbone/gvmd/pull/1376)
+- Add owner checks to report_count queries [#1397](https://github.com/greenbone/gvmd/pull/1397)
### Removed
+- Remove solution element from VT tags [#886](https://github.com/greenbone/gvmd/pull/886)
+- Drop GMP scanners [#1269](https://github.com/greenbone/gvmd/pull/1269)
- Reduce Severity Classes [#1285](https://github.com/greenbone/gvmd/pull/1285)
+- Removed Severity Classes [#1288](https://github.com/greenbone/gvmd/pull/1288)
+- Remove remaining use of "Severity Class" in where_levels_auto [#1311](https://github.com/greenbone/gvmd/pull/1311)
+- Remove the functionality "autofp" (Auto False Positives) [#1300](https://github.com/greenbone/gvmd/pull/1300)
+- Remove severity type "debug" [#1316](https://github.com/greenbone/gvmd/pull/1316)
+- Remove element "threat" of element "notes" [#1324](https://github.com/greenbone/gvmd/pull/1324)
+
+[21.4.0]: https://github.com/greenbone/gvmd/compare/oldstable...v21.4.0
+
+## [20.8.4] - Unreleased
+### Added
+### Changed
+* Changed defaults for installation locations [#1662](https://github.com/greenbone/gvmd/pull/1662) [#1665](https://github.com/greenbone/gvmd/pull/1665)
+ * SYSCONFDIR is /etc by default now
+ * LOCALSTATEDIR is /var by default now
+ * GVM_RUN_DIR is /run/gvm by default now
+ * OPENVAS_DEFAULT_SOCKET is /run/ospd/ospd-openvas.sock by default now
+ * SYSTEMD_SERVICE_DIR is /lib/systemd/system by default now
+ * Removed gvmd.default file and adjusted gvmd.service file accordingly
+ * GVM_FEED_LOCK_PATH is /var/lib/gvm/feed-update.lock by default now
+
+### Deprecated
+### Removed
+* Remove BID from GMP documentation [#1673](https://github.com/greenbone/gvmd/pull/1673)
+
+### Fixed
+- Fixed the lack of the severities in the display of the applications [#1666](https://github.com/greenbone/gvmd/pull/1666)
+
+[20.8.4]: https://github.com/greenbone/gvmd/compare/v20.8.3...oldstable
+
+
+## [20.8.3] - 2021-08-03
+
+### Added
+- Add --optimize add-/cleanup-feed-permissions [#1612](https://github.com/greenbone/gvmd/pull/1612)
+
+### Changed
+- Use less report cache SQL when adding results [#1618](https://github.com/greenbone/gvmd/pull/1618)
+
+### Fixed
+- Solved a performance problem when filtering results by tags [#1579](https://github.com/greenbone/gvmd/pull/1579)
+- Fix VTs hash check and add --dump-vt-verification
+ [#1611](https://github.com/greenbone/gvmd/pull/1611)
+ [#1629](https://github.com/greenbone/gvmd/pull/1629)
+ [#1641](https://github.com/greenbone/gvmd/pull/1651)
+ [#1643](https://github.com/greenbone/gvmd/pull/1643)
+ [#1655](https://github.com/greenbone/gvmd/pull/1655)
+- Fix memory errors in modify_permission [#1613](https://github.com/greenbone/gvmd/pull/1613)
+- Fix sensor connection for performance reports on failure [#1633](https://github.com/greenbone/gvmd/pull/1633)
+- Sort the "host" column by IPv4 address if possible [#1637](https://github.com/greenbone/gvmd/pull/1637)
+- Fix for parse_iso_time_tz error with musl library [#1644](https://github.com/greenbone/gvmd/pull/1644)
+
+[20.8.3]: https://github.com/greenbone/gvmd/compare/v20.8.2...oldstable
+
+## [20.8.2] - 2021-06-23
+
+### Added
+- Add standard info elem fields for NVTs in get_info [#1426](https://github.com/greenbone/gvmd/pull/1426)
+- Add --ldap-debug option [#1439](https://github.com/greenbone/gvmd/pull/1439)
+- Try to install PostgreSQL extensions automatically [#1444](https://github.com/greenbone/gvmd/pull/1444) [#1483](https://github.com/greenbone/gvmd/pull/1483)
+- Add auto retry on scanner connection lost during a running task [#1452](https://github.com/greenbone/gvmd/pull/1452)
+- Add --feed-lock-timeout option [#1472](https://github.com/greenbone/gvmd/pull/1472)
+- datetime parser for `%Y-%m-%dT%Hh%M` for keywords [1518](https://github.com/greenbone/gvmd/pull/1518)
+
+### Changed
+- Improve report counts performance [#1438](https://github.com/greenbone/gvmd/pull/1438)
+- Clean up log config, add gvm-libs log domains [#1502](https://github.com/greenbone/gvmd/pull/1502)
+- Sort missing severity as lowest value in GMP get [#1508](https://github.com/greenbone/gvmd/pull/1508)
+- Use passwordbasedauthentication of gvm-libs instead of auth_utils [#1505](https://github.com/greenbone/gvmd/pull/1505)
+- Set file permissions in greenbone-feed-sync [#1575](https://github.com/greenbone/gvmd/pull/1575)
+
+### Fixed
+- Also create owner WITH clause for single resources [#1406](https://github.com/greenbone/gvmd/pull/1406)
+- Fix SQL escaping when adding VT references [#1429](https://github.com/greenbone/gvmd/pull/1429)
+- Update report run status more consistently [#1434](https://github.com/greenbone/gvmd/pull/1434)
+- Improve modify_override errors, fix no NVT case [#1435](https://github.com/greenbone/gvmd/pull/1435)
+- Fix size calculation in `--optimize vacuum` [#1447](https://github.com/greenbone/gvmd/pull/1447)
+- Fix report host end time check in CVE scans [#1462](https://github.com/greenbone/gvmd/pull/1462)
+- Fix "not regexp ..." filters [#1482](https://github.com/greenbone/gvmd/pull/1482)
+- Escape TLS certificate DNs that are invalid UTF-8 [#1486](https://github.com/greenbone/gvmd/pull/1486)
+- Free alert get data in report_content_for_alert [#1526](https://github.com/greenbone/gvmd/pull/1526)
+- Fix erroneous freeing of ical timezone component [#1530](https://github.com/greenbone/gvmd/pull/1530)
+- Fixed the sorting / filter by username functionality for remediation tickets [#1546](https://github.com/greenbone/gvmd/pull/1546)
+- The alterable indicator is now copied when cloning a task [#1553](https://github.com/greenbone/gvmd/pull/1553)
+- Fix stop resume feature. [#1568](https://github.com/greenbone/gvmd/pull/1568)
### Removed
-- Drop GMP scanners [#1269](https://github.com/greenbone/gvmd/pull/1269)
-[21.4]: https://github.com/greenbone/gvmd/compare/gvmd-20.08...master
+[20.8.2]: https://github.com/greenbone/gvmd/compare/v20.8.1...oldstable
-## [20.8.1] (unreleased)
+## [20.8.1] (2021-02-02)
### Added
- Added ability to enter Subject Alternative Names (SAN) when generating a CSR [#1246](https://github.com/greenbone/gvmd/pull/1246)
- Add filter term 'predefined' [#1263](https://github.com/greenbone/gvmd/pull/1263)
+- Add missing elements in get_nvts and get_preferences GMP doc [#1307](https://github.com/greenbone/gvmd/pull/1307)
+- Add command line options db-host and db-port [#1308](https://github.com/greenbone/gvmd/pull/1308)
+- Add missing config and target to modify_task GMP doc [#1310](https://github.com/greenbone/gvmd/pull/1310)
+- Add version for NVTs and CVEs in make_osp_result [#1335](https://github.com/greenbone/gvmd/pull/1335)
+- Add check if gvmd data feed dir exists [#1360](https://github.com/greenbone/gvmd/pull/1360) [#1362](https://github.com/greenbone/gvmd/pull/1362)
### Changed
- Extended the output of invalid / missing --feed parameter given to greenbone-feed-sync [#1255](https://github.com/greenbone/gvmd/pull/1255)
- The xsltproc binary is now marked as mandatory [#1259](https://github.com/greenbone/gvmd/pull/1259)
- Check feed status without acquiring lock [#1266](https://github.com/greenbone/gvmd/pull/1266)
+- Use timestamp in automatic sensor task names [#1390](https://github.com/greenbone/gvmd/pull/1390)
+- Replace g_file_test with gvm-libs file tests [#1391](https://github.com/greenbone/gvmd/pull/1391)
### Fixed
- Add dummy functions to allow restoring old dumps [#1251](https://github.com/greenbone/gvmd/pull/1251)
@@ -41,11 +240,39 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Fix alternative options for radio type preferences when exporting a scan_config [#1278](http://github.com/greenbone/gvmd/pull/1278)
- Replace deprecated sys_siglist with strsignal [#1280](https://github.com/greenbone/gvmd/pull/1280)
- Copy instead of moving when migrating predefined report formats [#1286](https://github.com/greenbone/gvmd/pull/1286)
+- Skip DB check in helpers when main process is running [#1291](https://github.com/greenbone/gvmd/pull/1291)
+- Recreate vulns after sync [#1292](https://github.com/greenbone/gvmd/pull/1292)
+- Add SecInfo case to alert check in MODIFY_FILTER [#1293](https://github.com/greenbone/gvmd/pull/1293)
+- For radio prefs in GMP exclude value and include default [#1296](https://github.com/greenbone/gvmd/pull/1296)
+- Add permission check on host in OS host count [#1301](https://github.com/greenbone/gvmd/pull/1301)
+- Auto delete at the start of scheduling so it always runs [#1302](https://github.com/greenbone/gvmd/pull/1302)
+- Fix create_credential for snmpv3. [#1305](https://github.com/greenbone/gvmd/pull/1305)
+- Remove extra spaces when parsing report format param type [#1309](https://github.com/greenbone/gvmd/pull/1309)
+- Correct arg to alert_uuid [#1313](https://github.com/greenbone/gvmd/pull/1313)
+- Switch result filter column 'task' from task ID to name task name [#1317](https://github.com/greenbone/gvmd/pull/1317)
+- Correct check of get_certificate_info return [#1318](https://github.com/greenbone/gvmd/pull/1318)
+- Fix GMP doc text of `active` elem for notes and overrides [#1323](https://github.com/greenbone/gvmd/pull/1323)
+- Move feed object in trash checks to startup [#1325](https://github.com/greenbone/gvmd/pull/1325)
+- Do not inherit settings from deleted users [#1328](https://github.com/greenbone/gvmd/pull/1328)
+- Delete TLS certificate sources when deleting users [#1334](https://github.com/greenbone/gvmd/pull/1334)
+- Fix SQL errors in SCAP and CERT update [#1343](https://github.com/greenbone/gvmd/pull/1343)
+- Always check for 'All' when deleting selectors [#1342](https://github.com/greenbone/gvmd/pull/1342)
+- Account for -1 of orphans when deleting permission [#1345](https://github.com/greenbone/gvmd/pull/1345)
+- Allow config to sync even if NVT family is not available [#1347](https://github.com/greenbone/gvmd/pull/1347)
+- Check private key when modifying credential [#1351](https://github.com/greenbone/gvmd/pull/1351)
+- Clean up hosts strings before using them [#1352](https://github.com/greenbone/gvmd/pull/1352)
+- Improve SCP username and destination path handling [#1350](https://github.com/greenbone/gvmd/pull/1350)
+- Fix response memory handling in handle_osp_scan [#1364](https://github.com/greenbone/gvmd/pull/1364)
+- Allow config to sync even if NVT family is not available [#1366](https://github.com/greenbone/gvmd/pull/1366)
+- Delete report format dirs last when deleting a user [#1368](https://github.com/greenbone/gvmd/pull/1368)
+- Fix sorting in get_aggregates and its documentation [#1375](https://github.com/greenbone/gvmd/pull/1375)
+- Improve "Failed to find..." messages [#1395](https://github.com/greenbone/gvmd/pull/1395)
+- Memory handling in various occasions [#1417](https://github.com/greenbone/gvmd/pull/1417)
### Removed
- Remove DROP from vulns creation [#1281](http://github.com/greenbone/gvmd/pull/1281)
-[20.8.1]: https://github.com/greenbone/gvmd/compare/v20.8.0...gvmd-20.08
+[20.8.1]: https://github.com/greenbone/gvmd/compare/v20.8.0...gvmd-20.8.1
## [20.8.0] (2020-08-11)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 8143d5587..641416648 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1,4 +1,4 @@
-# Copyright (C) 2009-2019 Greenbone Networks GmbH
+# Copyright (C) 2009-2022 Greenbone AG
#
# SPDX-License-Identifier: AGPL-3.0-or-later
#
@@ -20,7 +20,7 @@ cmake_minimum_required (VERSION 3.0)
message ("-- Configuring Greenbone Vulnerability Manager...")
project (gvm
- VERSION 21.4.0
+ VERSION 22.4.1
LANGUAGES C)
if (POLICY CMP0005)
@@ -37,6 +37,8 @@ endif (NOT CMAKE_BUILD_TYPE)
OPTION (ENABLE_COVERAGE "Enable support for coverage analysis" OFF)
OPTION (DEBUG_FUNCTION_NAMES "Print function names on entry and exit" OFF)
+# the shell based scripts got replaced by https://github.com/greenbone/greenbone-feed-sync/
+OPTION (INSTALL_OLD_SYNC_SCRIPTS "Install shell based feed sync scripts" OFF)
## Retrieve git revision (at configure time)
include (GetGit)
@@ -85,7 +87,7 @@ set (CPACK_PACKAGE_VERSION "${PROJECT_VERSION_STRING}${PROJECT_VERSION_GIT}")
set (CPACK_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}")
set (CPACK_SOURCE_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}")
-set (CPACK_PACKAGE_VENDOR "Greenbone Networks GmbH")
+set (CPACK_PACKAGE_VENDOR "Greenbone AG")
set (CPACK_SOURCE_IGNORE_FILES
"${CMAKE_BINARY_DIR}"
"/.git/"
@@ -96,21 +98,21 @@ include (CPack)
## Variables
-set (GVMD_DATABASE_VERSION 234)
+set (GVMD_DATABASE_VERSION 253)
-set (GVMD_SCAP_DATABASE_VERSION 16)
+set (GVMD_SCAP_DATABASE_VERSION 20)
-set (GVMD_CERT_DATABASE_VERSION 6)
+set (GVMD_CERT_DATABASE_VERSION 8)
-set (GMP_VERSION "21.4")
-set (GMP_VERSION_FEED "21.04")
+set (GMP_VERSION "22.4")
+set (GMP_VERSION_FEED "22.04")
if (SYSCONF_INSTALL_DIR)
set (SYSCONFDIR "${SYSCONF_INSTALL_DIR}")
endif (SYSCONF_INSTALL_DIR)
if (NOT SYSCONFDIR)
- set (SYSCONFDIR "${CMAKE_INSTALL_PREFIX}/etc")
+ set (SYSCONFDIR "/etc")
endif (NOT SYSCONFDIR)
if (NOT EXEC_PREFIX)
@@ -130,7 +132,7 @@ if (NOT LIBDIR)
endif (NOT LIBDIR)
if (NOT LOCALSTATEDIR)
- set (LOCALSTATEDIR "${CMAKE_INSTALL_PREFIX}/var")
+ set (LOCALSTATEDIR "/var")
endif (NOT LOCALSTATEDIR)
if (NOT DATADIR)
@@ -180,17 +182,21 @@ set (GVM_CLIENT_CERTIFICATE "${GVM_STATE_DIR}/CA/clientcert.pem")
set (GVM_CLIENT_KEY "${GVM_STATE_DIR}/private/CA/clientkey.pem")
set (GVM_CA_CERTIFICATE "${GVM_STATE_DIR}/CA/cacert.pem")
-if (NOT GVM_RUN_DIR)
- set (GVM_RUN_DIR "${LOCALSTATEDIR}/run")
-endif (NOT GVM_RUN_DIR)
+if (NOT GVMD_RUN_DIR)
+ set (GVMD_RUN_DIR "/run/gvmd")
+endif (NOT GVMD_RUN_DIR)
+
+if (NOT GVMD_PID_PATH)
+ set (GVMD_PID_PATH "${GVMD_RUN_DIR}/gvmd.pid")
+endif (NOT GVMD_PID_PATH)
if (NOT GVM_FEED_LOCK_PATH)
- set (GVM_FEED_LOCK_PATH "${GVM_RUN_DIR}/feed-update.lock")
+ set (GVM_FEED_LOCK_PATH "${GVM_STATE_DIR}/feed-update.lock")
endif (NOT GVM_FEED_LOCK_PATH)
add_definitions (-DGVM_FEED_LOCK_PATH="${GVM_FEED_LOCK_PATH}")
if (NOT OPENVAS_DEFAULT_SOCKET)
- set (OPENVAS_DEFAULT_SOCKET "/var/run/ospd/ospd.sock")
+ set (OPENVAS_DEFAULT_SOCKET "/run/ospd/ospd-openvas.sock")
endif (NOT OPENVAS_DEFAULT_SOCKET)
add_definitions (-DOPENVAS_DEFAULT_SOCKET="${OPENVAS_DEFAULT_SOCKET}")
@@ -206,7 +212,7 @@ if (NOT DATA_OBJECTS_FEED_DIR)
endif (NOT DATA_OBJECTS_FEED_DIR)
if (NOT GVMD_FEED_DIR)
- set (GVMD_FEED_DIR "${DATA_OBJECTS_FEED_DIR}/gvmd")
+ set (GVMD_FEED_DIR "${DATA_OBJECTS_FEED_DIR}/gvmd/${GMP_VERSION_FEED}")
endif (NOT GVMD_FEED_DIR)
if (NOT GVM_ACCESS_KEY_DIR)
@@ -298,7 +304,7 @@ install (FILES ${CMAKE_SOURCE_DIR}/src/pwpolicy.conf
# Schema formats.
-install (FILES src/schema_formats/RNC/rnc.xsl
+install (FILES src/schema_formats/rnc.xsl
src/schema_formats/HTML/HTML.xsl
DESTINATION ${GVMD_DATA_DIR}/global_schema_formats/02052818-dab6-11df-9be4-002264764cea/
PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
@@ -307,7 +313,7 @@ install (FILES src/schema_formats/HTML/generate
DESTINATION ${GVMD_DATA_DIR}/global_schema_formats/02052818-dab6-11df-9be4-002264764cea/
PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
-install (FILES src/schema_formats/RNC/rnc.xsl
+install (FILES src/schema_formats/rnc.xsl
src/schema_formats/RNC/RNC.xsl
DESTINATION ${GVMD_DATA_DIR}/global_schema_formats/787a4a18-dabc-11df-9486-002264764cea/
PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
@@ -383,7 +389,6 @@ install (FILES src/wizards/quick_first_scan.xml
PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
install (FILES tools/cpe_getbyname.xsl tools/cve_getbyname.xsl
- tools/ovaldef_getbyname.xsl
DESTINATION ${GVM_SCAP_RES_DIR}
PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
@@ -391,20 +396,22 @@ install (FILES tools/cert_bund_getbyname.xsl tools/dfn_cert_getbyname.xsl
DESTINATION ${GVM_CERT_RES_DIR}
PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
-install (FILES ${CMAKE_BINARY_DIR}/tools/greenbone-feed-sync
- DESTINATION ${SBINDIR}
- PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE
- GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
-
-install (FILES ${CMAKE_BINARY_DIR}/tools/greenbone-scapdata-sync
- DESTINATION ${SBINDIR}
- PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE
- GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
-
-install (FILES ${CMAKE_BINARY_DIR}/tools/greenbone-certdata-sync
- DESTINATION ${SBINDIR}
- PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE
- GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+if (INSTALL_OLD_SYNC_SCRIPTS)
+ install (FILES ${CMAKE_BINARY_DIR}/tools/greenbone-feed-sync
+ DESTINATION ${SBINDIR}
+ PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE
+ GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+
+ install (FILES ${CMAKE_BINARY_DIR}/tools/greenbone-scapdata-sync
+ DESTINATION ${SBINDIR}
+ PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE
+ GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+
+ install (FILES ${CMAKE_BINARY_DIR}/tools/greenbone-certdata-sync
+ DESTINATION ${SBINDIR}
+ PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE
+ GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+endif (INSTALL_OLD_SYNC_SCRIPTS)
install (FILES ${CMAKE_SOURCE_DIR}/tools/gvm-lsc-deb-creator
${CMAKE_SOURCE_DIR}/tools/gvm-lsc-exe-creator
diff --git a/INSTALL.md b/INSTALL.md
index 0cdaf425c..5832a4fb9 100644
--- a/INSTALL.md
+++ b/INSTALL.md
@@ -16,10 +16,11 @@ Prerequisites:
* pkg-config (Debian package: pkg-config)
* libical >= 1.0.0 (Debian package: libical-dev)
* xsltproc (Debian package: xsltproc)
+* gpgme
Install these prerequisites on Debian GNU/Linux 'Buster' 10:
- apt-get install gcc cmake libglib2.0-dev libgnutls28-dev libpq-dev postgresql-server-dev-11 pkg-config libical-dev xsltproc
+ apt-get install gcc cmake libglib2.0-dev libgnutls28-dev libpq-dev postgresql-server-dev-11 pkg-config libical-dev xsltproc libgpgme-dev
Prerequisites for building documentation:
* Doxygen
@@ -125,9 +126,14 @@ Certificates`.
apt install postgresql postgresql-contrib postgresql-server-dev-all
```
-2. Run cmake and build gvmd as usual.
+2. Install the pg-gvm extension.
-3. Setup Postgres User and DB (`/usr/share/doc/postgresql-common/README.Debian.gz`)
+ Install the pg-gvm extension library (https://github.com/greenbone/pg-gvm).
+ For instructions on how to do this, see the README file there.
+
+3. Run cmake and build gvmd as usual.
+
+4. Setup Postgres User and DB (`/usr/share/doc/postgresql-common/README.Debian.gz`)
```sh
sudo -u postgres bash
@@ -135,22 +141,13 @@ Certificates`.
createdb -O mattm gvmd
```
-4. Setup permissions.
-
- ```sh
- sudo -u postgres bash # if you logged out after step 3
- psql gvmd
- create role dba with superuser noinherit;
- grant dba to mattm; # mattm is the user created in step 3
- ```
-
-5. Create DB extensions (also necessary when the database got dropped).
+5. Setup permissions.
```sh
sudo -u postgres bash # if you logged out after step 4
psql gvmd
- create extension "uuid-ossp";
- create extension "pgcrypto";
+ create role dba with superuser noinherit;
+ grant dba to mattm; # mattm is the user created in step 4
```
6. Make Postgres aware of the gvm libraries if not installed
@@ -159,7 +156,7 @@ Certificates`.
7. Run Manager as usual.
-8. To run SQL on the database.
+8. To run SQL on the database.
```sh
psql gvmd
@@ -276,6 +273,7 @@ The `gvmd Data`, `SCAP` and `CERT` Feeds should be kept up-to-date by calling th
Please note: The `CERT` feed sync depends on data provided by the `SCAP` feed
and should be called after syncing the latter.
+You will need the `rsync` tool for a successful synchronization.
## Configure the default OSPD scanner socket path
@@ -359,6 +357,16 @@ supported values for `` are:
For more information see the documentation for the `ANALYZE` command of the
database back-end you are using.
+- `add-feed-permissions`
+
+ This option adds new read permissions on all feed data objects for the roles
+ defined in the "Feed Import Roles" setting if they do not exist.
+ The new permissions will be owned by the same user as the data objects,
+ usually the feed import owner.
+
+ This does not affect the command permissions, any permissions created for
+ users or groups, or other types of permissions like modify or delete.
+
- `cleanup-config-prefs`
This option removes duplicate preferences from Scan Configs and corrects
@@ -366,6 +374,14 @@ supported values for `` are:
database must be up to date (if Manager and Scanner are both running, then
this should happen automatically).
+- `cleanup-feed-permissions`
+
+ This option removes permissions on all feed data objects for all roles
+ that are not defined in the "Feed Import Roles" setting.
+
+ This does not affect the command permissions, any permissions created for
+ users or groups, or other types of permissions like modify or delete.
+
- `cleanup-port-names`
This cleans up the ports of results as stored in the database by removing
@@ -393,6 +409,11 @@ supported values for `` are:
older versions, so this function can be used to correct missing severity
scores in older reports.
+- `cleanup-sequences`
+
+ This cleans up id sequences that are likely to run out due to regular feed
+ updates like the ids for config preferences.
+
- `migrate-relay-sensors`
If relays are active, this can be used to make sure all sensor type
diff --git a/README.md b/README.md
index 10e9b4d20..fbf1fb1ec 100644
--- a/README.md
+++ b/README.md
@@ -1,10 +1,13 @@
-![Greenbone Logo](https://www.greenbone.net/wp-content/uploads/gb_logo_resilience_horizontal.png)
+![Greenbone Logo](https://www.greenbone.net/wp-content/uploads/gb_new-logo_horizontal_rgb_small.png)
# Greenbone Vulnerability Manager
[![GitHub releases](https://img.shields.io/github/release/greenbone/gvmd.svg)](https://github.com/greenbone/gvmd/releases)
-[![Code Documentation Coverage](https://img.shields.io/codecov/c/github/greenbone/gvmd.svg?label=Doc%20Coverage&logo=codecov)](https://codecov.io/gh/greenbone/gvmd)
-[![CircleCI](https://circleci.com/gh/greenbone/gvmd/tree/master.svg?style=svg)](https://circleci.com/gh/greenbone/gvmd/tree/master)
+[![codecov](https://codecov.io/gh/greenbone/gvmd/branch/main/graph/badge.svg?token=y8cY3Pfn7P)](https://codecov.io/gh/greenbone/gvmd)
+[![Build and Test](https://github.com/greenbone/gvmd/actions/workflows/build-and-test.yml/badge.svg)](https://github.com/greenbone/gvmd/actions/workflows/build-and-test.yml)
+[![Docker Pulls](https://img.shields.io/docker/pulls/greenbone/gvmd.svg)](https://hub.docker.com/r/greenbone/gvmd/)
+[![Docker Image Size](https://img.shields.io/docker/image-size/greenbone/gvmd.svg?maxAge=2592000)](https://hub.docker.com/r/greenbone/gvmd/)
+[![Twitter Badge](https://badgen.net/badge/icon/twitter?icon=twitter&label)](https://twitter.com/openvas)
The Greenbone Vulnerability Manager is the central management service between
security scanners and the user clients.
@@ -16,7 +19,6 @@ XML-based Greenbone Management Protocol (GMP). Controlling scanners like
Protocol (OSP).
## Releases
-
All [release files](https://github.com/greenbone/gvmd/releases) are signed with
the [Greenbone Community Feed integrity key](https://community.greenbone.net/t/gcf-managing-the-digital-signatures/101).
This gpg key can be downloaded at https://www.greenbone.net/GBCommunitySigningKey.asc
@@ -50,21 +52,21 @@ gvmd --help
```
If you are not familiar or comfortable building from source code, we recommend
-that you use the Greenbone Community Edition, a prepared virtual machine with a
-readily available setup. Information regarding the virtual machine is available
-at .
+that you use the Greenbone Enterprise TRIAL, a prepared virtual
+machine with a readily available setup. Information regarding the virtual machine
+is available at .
## Support
For any question on the usage of `gvmd` please use the [Greenbone Community
-Portal](https://community.greenbone.net/c/gse). If you found a problem with the
+Portal](https://community.greenbone.net/). If you found a problem with the
software, please [create an issue](https://github.com/greenbone/gvmd/issues) on
GitHub. If you are a Greenbone customer you may alternatively or additionally
forward your issue to the Greenbone Support Portal.
## Maintainer
-This project is maintained by [Greenbone Networks GmbH](https://www.greenbone.net/).
+This project is maintained by [Greenbone AG](https://www.greenbone.net/).
## Contributing
@@ -75,6 +77,6 @@ GitHub](https://github.com/greenbone/gvmd/issues) first.
## License
-Copyright (C) 2009-2019 [Greenbone Networks GmbH](https://www.greenbone.net/)
+Copyright (C) 2009-2022 [Greenbone AG](https://www.greenbone.net/)
Licensed under the [GNU Affero General Public License v3.0 or later](COPYING).
diff --git a/changelog.toml b/changelog.toml
new file mode 100644
index 000000000..9461b83e4
--- /dev/null
+++ b/changelog.toml
@@ -0,0 +1,11 @@
+commit_types = [
+ { message = "^add", group = "Added"},
+ { message = "^remove", group = "Removed"},
+ { message = "^change", group = "Changed"},
+ { message = "^fix", group = "Bug Fixes"},
+ { message = "^doc", group = "Documentation"},
+ { message = "^refactor", group = "Refactor"},
+ { message = "^test", group = "Testing"},
+]
+
+changelog_dir = "changelog"
diff --git a/changelog/v22.4.md b/changelog/v22.4.md
new file mode 100644
index 000000000..8f1c7c1eb
--- /dev/null
+++ b/changelog/v22.4.md
@@ -0,0 +1,78 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+## [22.4] - 2022-07-18
+
+## Added
+* -optimize option "cleanup-sequences" [7e2be3138](https://github.com/greenbone/gvmd/commit/7e2be3138)
+* Added the appliance_status response field to the get_license command [c9affb52e](https://github.com/greenbone/gvmd/commit/c9affb52e)
+* package_unreliable QOD type translation [85f16f208](https://github.com/greenbone/gvmd/commit/85f16f208)
+* package_unreliable QOD type translation [3f438ce22](https://github.com/greenbone/gvmd/commit/3f438ce22)
+* Backtrace output when a sigsegv occurs. [8b30cd77f](https://github.com/greenbone/gvmd/commit/8b30cd77f)
+* Log failing xsltproc calls as warning #1756 [ef9b4228d](https://github.com/greenbone/gvmd/commit/ef9b4228d)
+* -broker-address command line option [ee6123207](https://github.com/greenbone/gvmd/commit/ee6123207)
+* -rebuild-gvmd-data to man page [d7a779b8a](https://github.com/greenbone/gvmd/commit/d7a779b8a)
+* -optimize add-/cleanup-feed-permissions [9e97c38d4](https://github.com/greenbone/gvmd/commit/9e97c38d4)
+* -feed-lock-timeout option [a932f70fb](https://github.com/greenbone/gvmd/commit/a932f70fb)
+* -ldap-debug option [b22171baf](https://github.com/greenbone/gvmd/commit/b22171baf)
+* Send the script timeout to the scanner as script preferences [#1670](https://github.com/greenbone/gvmd/pull/1670)
+* get_license and modify_license [#1642](https://github.com/greenbone/gvmd/pull/1642), [#1692](https://github.com/greenbone/gvmd/pull/1692), [#1696](https://github.com/greenbone/gvmd/pull/1696)
+* basic Sentry integration and logging [#1550](https://github.com/greenbone/gvmd/pull/1550)
+* new modification_time column for reports [#1513](https://github.com/greenbone/gvmd/pull/1513), [#1519](https://github.com/greenbone/gvmd/pull/1519), [#1590](https://github.com/greenbone/gvmd/pull/1590)
+
+## Changed
+* Allow overriding LOG_CMD for sync script [683b7e1a8](https://github.com/greenbone/gvmd/commit/683b7e1a8)
+* Don't create runtime directory with make install #1824 [198c356e3](https://github.com/greenbone/gvmd/commit/198c356e3)
+* Automatically update pg-gvm in check_db_extensions [4fbc79395](https://github.com/greenbone/gvmd/commit/4fbc79395)
+* Remove EnvironmentFile from gvmd.service file [f2228a320](https://github.com/greenbone/gvmd/commit/f2228a320)
+* Use $TMPACCESSKEY when syncing enterprise feed [b3f4c4bf4](https://github.com/greenbone/gvmd/commit/b3f4c4bf4)
+* Standardize rsync options [f6c9b66d9](https://github.com/greenbone/gvmd/commit/f6c9b66d9)
+* Disable table_driven_lsc in policies [9b15dc865](https://github.com/greenbone/gvmd/commit/9b15dc865)
+* Get NVT feed info via OSP [692e21c2a](https://github.com/greenbone/gvmd/commit/692e21c2a)
+* Update GVMD_FEED_DIR to /var/lib/gvm/data-objects/gvmd/22.04 [6aa4b2e7a](https://github.com/greenbone/gvmd/commit/6aa4b2e7a)
+* Load data objects from new feed paths [51716c88f](https://github.com/greenbone/gvmd/commit/51716c88f)
+* Use new feed dir structure in sync scripts [0a769ec3c](https://github.com/greenbone/gvmd/commit/0a769ec3c)
+* Improve log message for getting the feed version [0fdb01814](https://github.com/greenbone/gvmd/commit/0fdb01814)
+* Improve init_preference_iterator SQL query performance [5a5cbb945](https://github.com/greenbone/gvmd/commit/5a5cbb945)
+* Change some migration and OSP warnings to info [b3cced2bc](https://github.com/greenbone/gvmd/commit/b3cced2bc)
+* Use GVMD_RUN_DIR instead of GVM_RUN_DIR [e53ae5731](https://github.com/greenbone/gvmd/commit/e53ae5731)
+* Use full path GVMD_PID_PATH for PID files [3fea5a9f4](https://github.com/greenbone/gvmd/commit/3fea5a9f4)
+* Raise required gvm-libs version to 21.10 [299946bdf](https://github.com/greenbone/gvmd/commit/299946bdf)
+* Replace blocking table locks with a non-blocking retry loop [44a054ad3](https://github.com/greenbone/gvmd/commit/44a054ad3)
+* Rename the date column of reports to creation_time [#1520](https://github.com/greenbone/gvmd/pull/1520)
+* Change report timestamp filter and iterator columns [#1512](https://github.com/greenbone/gvmd/pull/1512)
+* Use pg-gvm extension for C PostgreSQL functions [#1400](https://github.com/greenbone/gvmd/pull/1400), [#1453](https://github.com/greenbone/gvmd/pull/1453)
+
+## Bug Fixes
+* Return the correct error message, when wrong severity input is send to overrides (#1843) [1a96ac530](https://github.com/greenbone/gvmd/commit/1a96ac530)
+* Fix logging in sync script if no syslog is available [a726dfdf1](https://github.com/greenbone/gvmd/commit/a726dfdf1)
+* Use g_memdup2 instead of the deprecated g_memdup [4ad2491fd](https://github.com/greenbone/gvmd/commit/4ad2491fd)
+* Fix handling of SSH keys in modify_credential [7b16d2e6f](https://github.com/greenbone/gvmd/commit/7b16d2e6f)
+* Trigger libtheia container build (#1817) [26bc13aa7](https://github.com/greenbone/gvmd/commit/26bc13aa7)
+* Fix iCal next time calculation, use new SQL func [aa4f9a925](https://github.com/greenbone/gvmd/commit/aa4f9a925)
+* Fix GMP doc for get_assets command [006c130be](https://github.com/greenbone/gvmd/commit/006c130be)
+* task status overwrite when a task is stopped and quickly restarted (not resumed) #1779 [a34fa7050](https://github.com/greenbone/gvmd/commit/a34fa7050)
+* Avoid closing manager socket FDs twice [12c700331](https://github.com/greenbone/gvmd/commit/12c700331)
+* Initialize roles with NULL [705ce8a51](https://github.com/greenbone/gvmd/commit/705ce8a51)
+* Test if location is null in cve_scan_host to prevent an assertion error [d979e4580](https://github.com/greenbone/gvmd/commit/d979e4580)
+* -dump-vt-verification error message [ca30e3856](https://github.com/greenbone/gvmd/commit/ca30e3856)
+* Update subject alternative name in certificate generation [#1503](https://github.com/greenbone/gvmd/pull/1503)
+* Fix migration to DB version 242 from gvmd 20.08 [#1498](https://github.com/greenbone/gvmd/pull/1498)
+* Improve VT version handling for CVE & OVAL results [#1496](https://github.com/greenbone/gvmd/pull/1496)
+
+## Refactor
+* move from gvm-lib proctitle-set to libbsd setproctitle [98b537078](https://github.com/greenbone/gvmd/commit/98b537078)
+* add lib version [85a1000f4](https://github.com/greenbone/gvmd/commit/85a1000f4)
+* switch from tab to space [0016553a0](https://github.com/greenbone/gvmd/commit/0016553a0)
+* Add libbsd to docker images [95f182dd2](https://github.com/greenbone/gvmd/commit/95f182dd2)
+
+### Removed
+* Remove Network Source Interface from gvmd [#1511](https://github.com/greenbone/gvmd/pull/1511)
+* Removed OVAL definitions from gvmd [#1525](https://github.com/greenbone/gvmd/pull/1525)
+* Removed OVAL definitions from GMP and gvmd documentation [1551](https://github.com/greenbone/gvmd/pull/1551)
+* Removed the Business Process Map from gvmd [1627](https://github.com/greenbone/gvmd/pull/1627)
+* Removed ifaces element from users [#1676](https://github.com/greenbone/gvmd/pull/1676)
+* Removed OSP scanners from gvmd [#1689](https://github.com/greenbone/gvmd/pull/1689) [#1691](https://github.com/greenbone/gvmd/pull/1691) [#1694](https://github.com/greenbone/gvmd/pull/1694) [#1701](https://github.com/greenbone/gvmd/pull/1701)
+
+[22.4]: https://github.com/greenbone/gvmd/compare/22.4...22.4
diff --git a/cmake/FindPackageHandleStandardArgs.cmake b/cmake/FindPackageHandleStandardArgs.cmake
new file mode 100644
index 000000000..4fb08259a
--- /dev/null
+++ b/cmake/FindPackageHandleStandardArgs.cmake
@@ -0,0 +1,466 @@
+# Distributed under the OSI-approved BSD 3-Clause License. See accompanying
+# file Copyright.txt or https://cmake.org/licensing for details.
+
+#[=======================================================================[.rst:
+FindPackageHandleStandardArgs
+-----------------------------
+
+This module provides a function intended to be used in :ref:`Find Modules`
+implementing :command:`find_package()` calls. It handles the
+``REQUIRED``, ``QUIET`` and version-related arguments of ``find_package``.
+It also sets the ``_FOUND`` variable. The package is
+considered found if all variables listed contain valid results, e.g.
+valid filepaths.
+
+.. command:: find_package_handle_standard_args
+
+ There are two signatures::
+
+ find_package_handle_standard_args(
+ (DEFAULT_MSG|)
+ ...
+ )
+
+ find_package_handle_standard_args(
+ [FOUND_VAR ]
+ [REQUIRED_VARS ...]
+ [VERSION_VAR ]
+ [HANDLE_COMPONENTS]
+ [CONFIG_MODE]
+ [NAME_MISMATCHED]
+ [REASON_FAILURE_MESSAGE ]
+ [FAIL_MESSAGE ]
+ )
+
+ The ``_FOUND`` variable will be set to ``TRUE`` if all
+ the variables ``...`` are valid and any optional
+ constraints are satisfied, and ``FALSE`` otherwise. A success or
+ failure message may be displayed based on the results and on
+ whether the ``REQUIRED`` and/or ``QUIET`` option was given to
+ the :command:`find_package` call.
+
+ The options are:
+
+ ``(DEFAULT_MSG|)``
+ In the simple signature this specifies the failure message.
+ Use ``DEFAULT_MSG`` to ask for a default message to be computed
+ (recommended). Not valid in the full signature.
+
+ ``FOUND_VAR ``
+ Obsolete. Specifies either ``_FOUND`` or
+ ``_FOUND`` as the result variable. This exists only
+ for compatibility with older versions of CMake and is now ignored.
+ Result variables of both names are always set for compatibility.
+
+ ``REQUIRED_VARS ...``
+ Specify the variables which are required for this package.
+ These may be named in the generated failure message asking the
+ user to set the missing variable values. Therefore these should
+ typically be cache entries such as ``FOO_LIBRARY`` and not output
+ variables like ``FOO_LIBRARIES``. This option is mandatory if
+ ``HANDLE_COMPONENTS`` is not specified.
+
+ ``VERSION_VAR ``
+ Specify the name of a variable that holds the version of the package
+ that has been found. This version will be checked against the
+ (potentially) specified required version given to the
+ :command:`find_package` call, including its ``EXACT`` option.
+ The default messages include information about the required
+ version and the version which has been actually found, both
+ if the version is ok or not.
+
+ ``HANDLE_COMPONENTS``
+ Enable handling of package components. In this case, the command
+ will report which components have been found and which are missing,
+ and the ``_FOUND`` variable will be set to ``FALSE``
+ if any of the required components (i.e. not the ones listed after
+ the ``OPTIONAL_COMPONENTS`` option of :command:`find_package`) are
+ missing.
+
+ ``CONFIG_MODE``
+ Specify that the calling find module is a wrapper around a
+ call to ``find_package( NO_MODULE)``. This implies
+ a ``VERSION_VAR`` value of ``_VERSION``. The command
+ will automatically check whether the package configuration file
+ was found.
+
+ ``REASON_FAILURE_MESSAGE ``
+ Specify a custom message of the reason for the failure which will be
+ appended to the default generated message.
+
+ ``FAIL_MESSAGE ``
+ Specify a custom failure message instead of using the default
+ generated message. Not recommended.
+
+ ``NAME_MISMATCHED``
+ Indicate that the ```` does not match
+ ``${CMAKE_FIND_PACKAGE_NAME}``. This is usually a mistake and raises a
+ warning, but it may be intentional for usage of the command for components
+ of a larger package.
+
+Example for the simple signature:
+
+.. code-block:: cmake
+
+ find_package_handle_standard_args(LibXml2 DEFAULT_MSG
+ LIBXML2_LIBRARY LIBXML2_INCLUDE_DIR)
+
+The ``LibXml2`` package is considered to be found if both
+``LIBXML2_LIBRARY`` and ``LIBXML2_INCLUDE_DIR`` are valid.
+Then also ``LibXml2_FOUND`` is set to ``TRUE``. If it is not found
+and ``REQUIRED`` was used, it fails with a
+:command:`message(FATAL_ERROR)`, independent whether ``QUIET`` was
+used or not. If it is found, success will be reported, including
+the content of the first ````. On repeated CMake runs,
+the same message will not be printed again.
+
+.. note::
+
+ If ```` does not match ``CMAKE_FIND_PACKAGE_NAME`` for the
+ calling module, a warning that there is a mismatch is given. The
+ ``FPHSA_NAME_MISMATCHED`` variable may be set to bypass the warning if using
+ the old signature and the ``NAME_MISMATCHED`` argument using the new
+ signature. To avoid forcing the caller to require newer versions of CMake for
+ usage, the variable's value will be used if defined when the
+ ``NAME_MISMATCHED`` argument is not passed for the new signature (but using
+ both is an error)..
+
+Example for the full signature:
+
+.. code-block:: cmake
+
+ find_package_handle_standard_args(LibArchive
+ REQUIRED_VARS LibArchive_LIBRARY LibArchive_INCLUDE_DIR
+ VERSION_VAR LibArchive_VERSION)
+
+In this case, the ``LibArchive`` package is considered to be found if
+both ``LibArchive_LIBRARY`` and ``LibArchive_INCLUDE_DIR`` are valid.
+Also the version of ``LibArchive`` will be checked by using the version
+contained in ``LibArchive_VERSION``. Since no ``FAIL_MESSAGE`` is given,
+the default messages will be printed.
+
+Another example for the full signature:
+
+.. code-block:: cmake
+
+ find_package(Automoc4 QUIET NO_MODULE HINTS /opt/automoc4)
+ find_package_handle_standard_args(Automoc4 CONFIG_MODE)
+
+In this case, a ``FindAutmoc4.cmake`` module wraps a call to
+``find_package(Automoc4 NO_MODULE)`` and adds an additional search
+directory for ``automoc4``. Then the call to
+``find_package_handle_standard_args`` produces a proper success/failure
+message.
+#]=======================================================================]
+
+include(${CMAKE_CURRENT_LIST_DIR}/FindPackageMessage.cmake)
+
+# internal helper macro
+macro(_FPHSA_FAILURE_MESSAGE _msg)
+ set (__msg "${_msg}")
+ if (FPHSA_REASON_FAILURE_MESSAGE)
+ string(APPEND __msg "\n Reason given by package: ${FPHSA_REASON_FAILURE_MESSAGE}\n")
+ endif()
+ if (${_NAME}_FIND_REQUIRED)
+ message(FATAL_ERROR "${__msg}")
+ else ()
+ if (NOT ${_NAME}_FIND_QUIETLY)
+ message(STATUS "${__msg}")
+ endif ()
+ endif ()
+endmacro()
+
+
+# internal helper macro to generate the failure message when used in CONFIG_MODE:
+macro(_FPHSA_HANDLE_FAILURE_CONFIG_MODE)
+ # _CONFIG is set, but FOUND is false, this means that some other of the REQUIRED_VARS was not found:
+ if(${_NAME}_CONFIG)
+ _FPHSA_FAILURE_MESSAGE("${FPHSA_FAIL_MESSAGE}: missing:${MISSING_VARS} (found ${${_NAME}_CONFIG} ${VERSION_MSG})")
+ else()
+ # If _CONSIDERED_CONFIGS is set, the config-file has been found, but no suitable version.
+ # List them all in the error message:
+ if(${_NAME}_CONSIDERED_CONFIGS)
+ set(configsText "")
+ list(LENGTH ${_NAME}_CONSIDERED_CONFIGS configsCount)
+ math(EXPR configsCount "${configsCount} - 1")
+ foreach(currentConfigIndex RANGE ${configsCount})
+ list(GET ${_NAME}_CONSIDERED_CONFIGS ${currentConfigIndex} filename)
+ list(GET ${_NAME}_CONSIDERED_VERSIONS ${currentConfigIndex} version)
+ string(APPEND configsText "\n ${filename} (version ${version})")
+ endforeach()
+ if (${_NAME}_NOT_FOUND_MESSAGE)
+ if (FPHSA_REASON_FAILURE_MESSAGE)
+ string(PREPEND FPHSA_REASON_FAILURE_MESSAGE "${${_NAME}_NOT_FOUND_MESSAGE}\n ")
+ else()
+ set(FPHSA_REASON_FAILURE_MESSAGE "${${_NAME}_NOT_FOUND_MESSAGE}")
+ endif()
+ else()
+ string(APPEND configsText "\n")
+ endif()
+ _FPHSA_FAILURE_MESSAGE("${FPHSA_FAIL_MESSAGE} ${VERSION_MSG}, checked the following files:${configsText}")
+
+ else()
+ # Simple case: No Config-file was found at all:
+ _FPHSA_FAILURE_MESSAGE("${FPHSA_FAIL_MESSAGE}: found neither ${_NAME}Config.cmake nor ${_NAME_LOWER}-config.cmake ${VERSION_MSG}")
+ endif()
+ endif()
+endmacro()
+
+
+function(FIND_PACKAGE_HANDLE_STANDARD_ARGS _NAME _FIRST_ARG)
+
+ # Set up the arguments for `cmake_parse_arguments`.
+ set(options CONFIG_MODE HANDLE_COMPONENTS NAME_MISMATCHED)
+ set(oneValueArgs FAIL_MESSAGE REASON_FAILURE_MESSAGE VERSION_VAR FOUND_VAR)
+ set(multiValueArgs REQUIRED_VARS)
+
+ # Check whether we are in 'simple' or 'extended' mode:
+ set(_KEYWORDS_FOR_EXTENDED_MODE ${options} ${oneValueArgs} ${multiValueArgs} )
+ list(FIND _KEYWORDS_FOR_EXTENDED_MODE "${_FIRST_ARG}" INDEX)
+
+ unset(FPHSA_NAME_MISMATCHED_override)
+ if (DEFINED FPHSA_NAME_MISMATCHED)
+ # If the variable NAME_MISMATCHED variable is set, error if it is passed as
+ # an argument. The former is for old signatures, the latter is for new
+ # signatures.
+ list(FIND ARGN "NAME_MISMATCHED" name_mismatched_idx)
+ if (NOT name_mismatched_idx EQUAL "-1")
+ message(FATAL_ERROR
+ "The `NAME_MISMATCHED` argument may only be specified by the argument or "
+ "the variable, not both.")
+ endif ()
+
+ # But use the variable if it is not an argument to avoid forcing minimum
+ # CMake version bumps for calling modules.
+ set(FPHSA_NAME_MISMATCHED_override "${FPHSA_NAME_MISMATCHED}")
+ endif ()
+
+ if(${INDEX} EQUAL -1)
+ set(FPHSA_FAIL_MESSAGE ${_FIRST_ARG})
+ set(FPHSA_REQUIRED_VARS ${ARGN})
+ set(FPHSA_VERSION_VAR)
+ else()
+ cmake_parse_arguments(FPHSA "${options}" "${oneValueArgs}" "${multiValueArgs}" ${_FIRST_ARG} ${ARGN})
+
+ if(FPHSA_UNPARSED_ARGUMENTS)
+ message(FATAL_ERROR "Unknown keywords given to FIND_PACKAGE_HANDLE_STANDARD_ARGS(): \"${FPHSA_UNPARSED_ARGUMENTS}\"")
+ endif()
+
+ if(NOT FPHSA_FAIL_MESSAGE)
+ set(FPHSA_FAIL_MESSAGE "DEFAULT_MSG")
+ endif()
+
+ # In config-mode, we rely on the variable _CONFIG, which is set by find_package()
+ # when it successfully found the config-file, including version checking:
+ if(FPHSA_CONFIG_MODE)
+ list(INSERT FPHSA_REQUIRED_VARS 0 ${_NAME}_CONFIG)
+ list(REMOVE_DUPLICATES FPHSA_REQUIRED_VARS)
+ set(FPHSA_VERSION_VAR ${_NAME}_VERSION)
+ endif()
+
+ if(NOT FPHSA_REQUIRED_VARS AND NOT FPHSA_HANDLE_COMPONENTS)
+ message(FATAL_ERROR "No REQUIRED_VARS specified for FIND_PACKAGE_HANDLE_STANDARD_ARGS()")
+ endif()
+ endif()
+
+ if (DEFINED FPHSA_NAME_MISMATCHED_override)
+ set(FPHSA_NAME_MISMATCHED "${FPHSA_NAME_MISMATCHED_override}")
+ endif ()
+
+ if (DEFINED CMAKE_FIND_PACKAGE_NAME
+ AND NOT FPHSA_NAME_MISMATCHED
+ AND NOT _NAME STREQUAL CMAKE_FIND_PACKAGE_NAME)
+ message(AUTHOR_WARNING
+ "The package name passed to `find_package_handle_standard_args` "
+ "(${_NAME}) does not match the name of the calling package "
+ "(${CMAKE_FIND_PACKAGE_NAME}). This can lead to problems in calling "
+ "code that expects `find_package` result variables (e.g., `_FOUND`) "
+ "to follow a certain pattern.")
+ endif ()
+
+# now that we collected all arguments, process them
+
+ if("x${FPHSA_FAIL_MESSAGE}" STREQUAL "xDEFAULT_MSG")
+ set(FPHSA_FAIL_MESSAGE "Could NOT find ${_NAME}")
+ endif()
+
+ if (FPHSA_REQUIRED_VARS)
+ list(GET FPHSA_REQUIRED_VARS 0 _FIRST_REQUIRED_VAR)
+ endif()
+
+ string(TOUPPER ${_NAME} _NAME_UPPER)
+ string(TOLOWER ${_NAME} _NAME_LOWER)
+
+ if(FPHSA_FOUND_VAR)
+ set(_FOUND_VAR_UPPER ${_NAME_UPPER}_FOUND)
+ set(_FOUND_VAR_MIXED ${_NAME}_FOUND)
+ if(FPHSA_FOUND_VAR STREQUAL _FOUND_VAR_MIXED OR FPHSA_FOUND_VAR STREQUAL _FOUND_VAR_UPPER)
+ set(_FOUND_VAR ${FPHSA_FOUND_VAR})
+ else()
+ message(FATAL_ERROR "The argument for FOUND_VAR is \"${FPHSA_FOUND_VAR}\", but only \"${_FOUND_VAR_MIXED}\" and \"${_FOUND_VAR_UPPER}\" are valid names.")
+ endif()
+ else()
+ set(_FOUND_VAR ${_NAME_UPPER}_FOUND)
+ endif()
+
+ # collect all variables which were not found, so they can be printed, so the
+ # user knows better what went wrong (#6375)
+ set(MISSING_VARS "")
+ set(DETAILS "")
+ # check if all passed variables are valid
+ set(FPHSA_FOUND_${_NAME} TRUE)
+ foreach(_CURRENT_VAR ${FPHSA_REQUIRED_VARS})
+ if(NOT ${_CURRENT_VAR})
+ set(FPHSA_FOUND_${_NAME} FALSE)
+ string(APPEND MISSING_VARS " ${_CURRENT_VAR}")
+ else()
+ string(APPEND DETAILS "[${${_CURRENT_VAR}}]")
+ endif()
+ endforeach()
+ if(FPHSA_FOUND_${_NAME})
+ set(${_NAME}_FOUND TRUE)
+ set(${_NAME_UPPER}_FOUND TRUE)
+ else()
+ set(${_NAME}_FOUND FALSE)
+ set(${_NAME_UPPER}_FOUND FALSE)
+ endif()
+
+ # component handling
+ unset(FOUND_COMPONENTS_MSG)
+ unset(MISSING_COMPONENTS_MSG)
+
+ if(FPHSA_HANDLE_COMPONENTS)
+ foreach(comp ${${_NAME}_FIND_COMPONENTS})
+ if(${_NAME}_${comp}_FOUND)
+
+ if(NOT DEFINED FOUND_COMPONENTS_MSG)
+ set(FOUND_COMPONENTS_MSG "found components:")
+ endif()
+ string(APPEND FOUND_COMPONENTS_MSG " ${comp}")
+
+ else()
+
+ if(NOT DEFINED MISSING_COMPONENTS_MSG)
+ set(MISSING_COMPONENTS_MSG "missing components:")
+ endif()
+ string(APPEND MISSING_COMPONENTS_MSG " ${comp}")
+
+ if(${_NAME}_FIND_REQUIRED_${comp})
+ set(${_NAME}_FOUND FALSE)
+ string(APPEND MISSING_VARS " ${comp}")
+ endif()
+
+ endif()
+ endforeach()
+ set(COMPONENT_MSG "${FOUND_COMPONENTS_MSG} ${MISSING_COMPONENTS_MSG}")
+ string(APPEND DETAILS "[c${COMPONENT_MSG}]")
+ endif()
+
+ # version handling:
+ set(VERSION_MSG "")
+ set(VERSION_OK TRUE)
+
+ # check with DEFINED here as the requested or found version may be "0"
+ if (DEFINED ${_NAME}_FIND_VERSION)
+ if(DEFINED ${FPHSA_VERSION_VAR})
+ set(_FOUND_VERSION ${${FPHSA_VERSION_VAR}})
+
+ if(${_NAME}_FIND_VERSION_EXACT) # exact version required
+ # count the dots in the version string
+ string(REGEX REPLACE "[^.]" "" _VERSION_DOTS "${_FOUND_VERSION}")
+ # add one dot because there is one dot more than there are components
+ string(LENGTH "${_VERSION_DOTS}." _VERSION_DOTS)
+ if (_VERSION_DOTS GREATER ${_NAME}_FIND_VERSION_COUNT)
+ # Because of the C++ implementation of find_package() ${_NAME}_FIND_VERSION_COUNT
+ # is at most 4 here. Therefore a simple lookup table is used.
+ if (${_NAME}_FIND_VERSION_COUNT EQUAL 1)
+ set(_VERSION_REGEX "[^.]*")
+ elseif (${_NAME}_FIND_VERSION_COUNT EQUAL 2)
+ set(_VERSION_REGEX "[^.]*\\.[^.]*")
+ elseif (${_NAME}_FIND_VERSION_COUNT EQUAL 3)
+ set(_VERSION_REGEX "[^.]*\\.[^.]*\\.[^.]*")
+ else ()
+ set(_VERSION_REGEX "[^.]*\\.[^.]*\\.[^.]*\\.[^.]*")
+ endif ()
+ string(REGEX REPLACE "^(${_VERSION_REGEX})\\..*" "\\1" _VERSION_HEAD "${_FOUND_VERSION}")
+ unset(_VERSION_REGEX)
+ if (NOT ${_NAME}_FIND_VERSION VERSION_EQUAL _VERSION_HEAD)
+ set(VERSION_MSG "Found unsuitable version \"${_FOUND_VERSION}\", but required is exact version \"${${_NAME}_FIND_VERSION}\"")
+ set(VERSION_OK FALSE)
+ else ()
+ set(VERSION_MSG "(found suitable exact version \"${_FOUND_VERSION}\")")
+ endif ()
+ unset(_VERSION_HEAD)
+ else ()
+ if (NOT ${_NAME}_FIND_VERSION VERSION_EQUAL _FOUND_VERSION)
+ set(VERSION_MSG "Found unsuitable version \"${_FOUND_VERSION}\", but required is exact version \"${${_NAME}_FIND_VERSION}\"")
+ set(VERSION_OK FALSE)
+ else ()
+ set(VERSION_MSG "(found suitable exact version \"${_FOUND_VERSION}\")")
+ endif ()
+ endif ()
+ unset(_VERSION_DOTS)
+
+ else() # minimum version specified:
+ if (${_NAME}_FIND_VERSION VERSION_GREATER _FOUND_VERSION)
+ set(VERSION_MSG "Found unsuitable version \"${_FOUND_VERSION}\", but required is at least \"${${_NAME}_FIND_VERSION}\"")
+ set(VERSION_OK FALSE)
+ else ()
+ set(VERSION_MSG "(found suitable version \"${_FOUND_VERSION}\", minimum required is \"${${_NAME}_FIND_VERSION}\")")
+ endif ()
+ endif()
+
+ else()
+
+ # if the package was not found, but a version was given, add that to the output:
+ if(${_NAME}_FIND_VERSION_EXACT)
+ set(VERSION_MSG "(Required is exact version \"${${_NAME}_FIND_VERSION}\")")
+ else()
+ set(VERSION_MSG "(Required is at least version \"${${_NAME}_FIND_VERSION}\")")
+ endif()
+
+ endif()
+ else ()
+ # Check with DEFINED as the found version may be 0.
+ if(DEFINED ${FPHSA_VERSION_VAR})
+ set(VERSION_MSG "(found version \"${${FPHSA_VERSION_VAR}}\")")
+ endif()
+ endif ()
+
+ if(VERSION_OK)
+ string(APPEND DETAILS "[v${${FPHSA_VERSION_VAR}}(${${_NAME}_FIND_VERSION})]")
+ else()
+ set(${_NAME}_FOUND FALSE)
+ endif()
+
+
+ # print the result:
+ if (${_NAME}_FOUND)
+ FIND_PACKAGE_MESSAGE(${_NAME} "Found ${_NAME}: ${${_FIRST_REQUIRED_VAR}} ${VERSION_MSG} ${COMPONENT_MSG}" "${DETAILS}")
+ else ()
+
+ if(FPHSA_CONFIG_MODE)
+ _FPHSA_HANDLE_FAILURE_CONFIG_MODE()
+ else()
+ if(NOT VERSION_OK)
+ set(RESULT_MSG)
+ if (_FIRST_REQUIRED_VAR)
+ string (APPEND RESULT_MSG "found ${${_FIRST_REQUIRED_VAR}}")
+ endif()
+ if (COMPONENT_MSG)
+ if (RESULT_MSG)
+ string (APPEND RESULT_MSG ", ")
+ endif()
+ string (APPEND RESULT_MSG "${FOUND_COMPONENTS_MSG}")
+ endif()
+ _FPHSA_FAILURE_MESSAGE("${FPHSA_FAIL_MESSAGE}: ${VERSION_MSG} (${RESULT_MSG})")
+ else()
+ _FPHSA_FAILURE_MESSAGE("${FPHSA_FAIL_MESSAGE} (missing:${MISSING_VARS}) ${VERSION_MSG}")
+ endif()
+ endif()
+
+ endif ()
+
+ set(${_NAME}_FOUND ${${_NAME}_FOUND} PARENT_SCOPE)
+ set(${_NAME_UPPER}_FOUND ${${_NAME}_FOUND} PARENT_SCOPE)
+endfunction()
diff --git a/cmake/FindPackageMessage.cmake b/cmake/FindPackageMessage.cmake
new file mode 100644
index 000000000..0628b9816
--- /dev/null
+++ b/cmake/FindPackageMessage.cmake
@@ -0,0 +1,48 @@
+# Distributed under the OSI-approved BSD 3-Clause License. See accompanying
+# file Copyright.txt or https://cmake.org/licensing for details.
+
+#[=======================================================================[.rst:
+FindPackageMessage
+------------------
+
+.. code-block:: cmake
+
+ find_package_message( "message for user" "find result details")
+
+This function is intended to be used in FindXXX.cmake modules files.
+It will print a message once for each unique find result. This is
+useful for telling the user where a package was found. The first
+argument specifies the name (XXX) of the package. The second argument
+specifies the message to display. The third argument lists details
+about the find result so that if they change the message will be
+displayed again. The macro also obeys the QUIET argument to the
+find_package command.
+
+Example:
+
+.. code-block:: cmake
+
+ if(X11_FOUND)
+ find_package_message(X11 "Found X11: ${X11_X11_LIB}"
+ "[${X11_X11_LIB}][${X11_INCLUDE_DIR}]")
+ else()
+ ...
+ endif()
+#]=======================================================================]
+
+function(find_package_message pkg msg details)
+ # Avoid printing a message repeatedly for the same find result.
+ if(NOT ${pkg}_FIND_QUIETLY)
+ string(REPLACE "\n" "" details "${details}")
+ set(DETAILS_VAR FIND_PACKAGE_MESSAGE_DETAILS_${pkg})
+ if(NOT "${details}" STREQUAL "${${DETAILS_VAR}}")
+ # The message has not yet been printed.
+ message(STATUS "${msg}")
+
+ # Save the find details in the cache to avoid printing the same
+ # message again.
+ set("${DETAILS_VAR}" "${details}"
+ CACHE INTERNAL "Details about finding ${pkg}")
+ endif()
+ endif()
+endfunction()
diff --git a/cmake/FindPostgreSQL.cmake b/cmake/FindPostgreSQL.cmake
new file mode 100644
index 000000000..a9f3fbc27
--- /dev/null
+++ b/cmake/FindPostgreSQL.cmake
@@ -0,0 +1,284 @@
+# Distributed under the OSI-approved BSD 3-Clause License. See accompanying
+# file Copyright.txt or https://cmake.org/licensing for details.
+
+#[=======================================================================[.rst:
+FindPostgreSQL
+--------------
+
+Find the PostgreSQL installation.
+
+IMPORTED Targets
+^^^^^^^^^^^^^^^^
+
+This module defines :prop_tgt:`IMPORTED` target ``PostgreSQL::PostgreSQL``
+if PostgreSQL has been found.
+
+Result Variables
+^^^^^^^^^^^^^^^^
+
+This module will set the following variables in your project:
+
+``PostgreSQL_FOUND``
+ True if PostgreSQL is found.
+``PostgreSQL_LIBRARIES``
+ the PostgreSQL libraries needed for linking
+``PostgreSQL_INCLUDE_DIRS``
+ the directories of the PostgreSQL headers
+``PostgreSQL_LIBRARY_DIRS``
+ the link directories for PostgreSQL libraries
+``PostgreSQL_VERSION_STRING``
+ the version of PostgreSQL found
+#]=======================================================================]
+
+# ----------------------------------------------------------------------------
+# History:
+# This module is derived from the module originally found in the VTK source tree.
+#
+# ----------------------------------------------------------------------------
+# Note:
+# PostgreSQL_ADDITIONAL_VERSIONS is a variable that can be used to set the
+# version number of the implementation of PostgreSQL.
+# In Windows the default installation of PostgreSQL uses that as part of the path.
+# E.g C:\Program Files\PostgreSQL\8.4.
+# Currently, the following version numbers are known to this module:
+# "11" "10" "9.6" "9.5" "9.4" "9.3" "9.2" "9.1" "9.0" "8.4" "8.3" "8.2" "8.1" "8.0"
+#
+# To use this variable just do something like this:
+# set(PostgreSQL_ADDITIONAL_VERSIONS "9.2" "8.4.4")
+# before calling find_package(PostgreSQL) in your CMakeLists.txt file.
+# This will mean that the versions you set here will be found first in the order
+# specified before the default ones are searched.
+#
+# ----------------------------------------------------------------------------
+# You may need to manually set:
+# PostgreSQL_INCLUDE_DIR - the path to where the PostgreSQL include files are.
+# PostgreSQL_LIBRARY_DIR - The path to where the PostgreSQL library files are.
+# If FindPostgreSQL.cmake cannot find the include files or the library files.
+#
+# ----------------------------------------------------------------------------
+# The following variables are set if PostgreSQL is found:
+# PostgreSQL_FOUND - Set to true when PostgreSQL is found.
+# PostgreSQL_INCLUDE_DIRS - Include directories for PostgreSQL
+# PostgreSQL_LIBRARY_DIRS - Link directories for PostgreSQL libraries
+# PostgreSQL_LIBRARIES - The PostgreSQL libraries.
+#
+# The ``PostgreSQL::PostgreSQL`` imported target is also created.
+#
+# ----------------------------------------------------------------------------
+# If you have installed PostgreSQL in a non-standard location.
+# (Please note that in the following comments, it is assumed that
+# points to the root directory of the include directory of PostgreSQL.)
+# Then you have three options.
+# 1) After CMake runs, set PostgreSQL_INCLUDE_DIR to /include and
+# PostgreSQL_LIBRARY_DIR to wherever the library pq (or libpq in windows) is
+# 2) Use CMAKE_INCLUDE_PATH to set a path to /PostgreSQL<-version>. This will allow find_path()
+# to locate PostgreSQL_INCLUDE_DIR by utilizing the PATH_SUFFIXES option. e.g. In your CMakeLists.txt file
+# set(CMAKE_INCLUDE_PATH ${CMAKE_INCLUDE_PATH} "/include")
+# 3) Set an environment variable called ${PostgreSQL_ROOT} that points to the root of where you have
+# installed PostgreSQL, e.g. .
+#
+# ----------------------------------------------------------------------------
+
+set(PostgreSQL_INCLUDE_PATH_DESCRIPTION "top-level directory containing the PostgreSQL include directories. E.g /usr/local/include/PostgreSQL/8.4 or C:/Program Files/PostgreSQL/8.4/include")
+set(PostgreSQL_INCLUDE_DIR_MESSAGE "Set the PostgreSQL_INCLUDE_DIR cmake cache entry to the ${PostgreSQL_INCLUDE_PATH_DESCRIPTION}")
+set(PostgreSQL_LIBRARY_PATH_DESCRIPTION "top-level directory containing the PostgreSQL libraries.")
+set(PostgreSQL_LIBRARY_DIR_MESSAGE "Set the PostgreSQL_LIBRARY_DIR cmake cache entry to the ${PostgreSQL_LIBRARY_PATH_DESCRIPTION}")
+set(PostgreSQL_ROOT_DIR_MESSAGE "Set the PostgreSQL_ROOT system variable to where PostgreSQL is found on the machine E.g C:/Program Files/PostgreSQL/8.4")
+
+
+set(PostgreSQL_KNOWN_VERSIONS ${PostgreSQL_ADDITIONAL_VERSIONS}
+ "14" "13" "12" "11" "10" "9.6" "9.5" "9.4" "9.3" "9.2" "9.1" "9.0" "8.4" "8.3" "8.2" "8.1" "8.0")
+
+# Define additional search paths for root directories.
+set( PostgreSQL_ROOT_DIRECTORIES
+ ENV PostgreSQL_ROOT
+ ${PostgreSQL_ROOT}
+)
+foreach(suffix ${PostgreSQL_KNOWN_VERSIONS})
+ if(WIN32)
+ list(APPEND PostgreSQL_LIBRARY_ADDITIONAL_SEARCH_SUFFIXES
+ "PostgreSQL/${suffix}/lib")
+ list(APPEND PostgreSQL_INCLUDE_ADDITIONAL_SEARCH_SUFFIXES
+ "PostgreSQL/${suffix}/include")
+ list(APPEND PostgreSQL_TYPE_ADDITIONAL_SEARCH_SUFFIXES
+ "PostgreSQL/${suffix}/include/server")
+ endif()
+ if(UNIX)
+ list(APPEND PostgreSQL_LIBRARY_ADDITIONAL_SEARCH_SUFFIXES
+ "postgresql${suffix}"
+ "pgsql-${suffix}/lib")
+ list(APPEND PostgreSQL_INCLUDE_ADDITIONAL_SEARCH_SUFFIXES
+ "postgresql${suffix}"
+ "postgresql/${suffix}"
+ "pgsql-${suffix}/include")
+ list(APPEND PostgreSQL_TYPE_ADDITIONAL_SEARCH_SUFFIXES
+ "postgresql${suffix}/server"
+ "postgresql/${suffix}/server"
+ "pgsql-${suffix}/include/server")
+ endif()
+endforeach()
+
+#
+# Look for an installation.
+#
+find_path(PostgreSQL_INCLUDE_DIR
+ NAMES libpq-fe.h
+ PATHS
+ # Look in other places.
+ ${PostgreSQL_ROOT_DIRECTORIES}
+ PATH_SUFFIXES
+ pgsql
+ postgresql
+ include
+ ${PostgreSQL_INCLUDE_ADDITIONAL_SEARCH_SUFFIXES}
+ # Help the user find it if we cannot.
+ DOC "The ${PostgreSQL_INCLUDE_DIR_MESSAGE}"
+)
+
+find_path(PostgreSQL_TYPE_INCLUDE_DIR
+ NAMES catalog/pg_type.h
+ PATHS
+ # Look in other places.
+ ${PostgreSQL_ROOT_DIRECTORIES}
+ PATH_SUFFIXES
+ postgresql
+ pgsql/server
+ postgresql/server
+ include/server
+ ${PostgreSQL_TYPE_ADDITIONAL_SEARCH_SUFFIXES}
+ # Help the user find it if we cannot.
+ DOC "The ${PostgreSQL_INCLUDE_DIR_MESSAGE}"
+)
+
+# The PostgreSQL library.
+set (PostgreSQL_LIBRARY_TO_FIND pq)
+# Setting some more prefixes for the library
+set (PostgreSQL_LIB_PREFIX "")
+if ( WIN32 )
+ set (PostgreSQL_LIB_PREFIX ${PostgreSQL_LIB_PREFIX} "lib")
+ set (PostgreSQL_LIBRARY_TO_FIND ${PostgreSQL_LIB_PREFIX}${PostgreSQL_LIBRARY_TO_FIND})
+endif()
+
+function(__postgresql_find_library _name)
+ find_library(${_name}
+ NAMES ${ARGN}
+ PATHS
+ ${PostgreSQL_ROOT_DIRECTORIES}
+ PATH_SUFFIXES
+ lib
+ ${PostgreSQL_LIBRARY_ADDITIONAL_SEARCH_SUFFIXES}
+ # Help the user find it if we cannot.
+ DOC "The ${PostgreSQL_LIBRARY_DIR_MESSAGE}"
+ )
+endfunction()
+
+# For compatibility with versions prior to this multi-config search, honor
+# any PostgreSQL_LIBRARY that is already specified and skip the search.
+if(PostgreSQL_LIBRARY)
+ set(PostgreSQL_LIBRARIES "${PostgreSQL_LIBRARY}")
+ get_filename_component(PostgreSQL_LIBRARY_DIR "${PostgreSQL_LIBRARY}" PATH)
+else()
+ __postgresql_find_library(PostgreSQL_LIBRARY_RELEASE ${PostgreSQL_LIBRARY_TO_FIND})
+ __postgresql_find_library(PostgreSQL_LIBRARY_DEBUG ${PostgreSQL_LIBRARY_TO_FIND}d)
+ include(${CMAKE_CURRENT_LIST_DIR}/SelectLibraryConfigurations.cmake)
+ select_library_configurations(PostgreSQL)
+ mark_as_advanced(PostgreSQL_LIBRARY_RELEASE PostgreSQL_LIBRARY_DEBUG)
+ if(PostgreSQL_LIBRARY_RELEASE)
+ get_filename_component(PostgreSQL_LIBRARY_DIR "${PostgreSQL_LIBRARY_RELEASE}" PATH)
+ elseif(PostgreSQL_LIBRARY_DEBUG)
+ get_filename_component(PostgreSQL_LIBRARY_DIR "${PostgreSQL_LIBRARY_DEBUG}" PATH)
+ else()
+ set(PostgreSQL_LIBRARY_DIR "")
+ endif()
+endif()
+
+if (PostgreSQL_INCLUDE_DIR)
+ # Some platforms include multiple pg_config.hs for multi-lib configurations
+ # This is a temporary workaround. A better solution would be to compile
+ # a dummy c file and extract the value of the symbol.
+ file(GLOB _PG_CONFIG_HEADERS "${PostgreSQL_INCLUDE_DIR}/pg_config*.h")
+ foreach(_PG_CONFIG_HEADER ${_PG_CONFIG_HEADERS})
+ if(EXISTS "${_PG_CONFIG_HEADER}")
+ file(STRINGS "${_PG_CONFIG_HEADER}" pgsql_version_str
+ REGEX "^#define[\t ]+PG_VERSION_NUM[\t ]+.*")
+ if(pgsql_version_str)
+ string(REGEX REPLACE "^#define[\t ]+PG_VERSION_NUM[\t ]+([0-9]*).*"
+ "\\1" _PostgreSQL_VERSION_NUM "${pgsql_version_str}")
+ break()
+ endif()
+ endif()
+ endforeach()
+ if (_PostgreSQL_VERSION_NUM)
+ # 9.x and older encoding
+ if (_PostgreSQL_VERSION_NUM LESS 100000)
+ math(EXPR _PostgreSQL_major_version "${_PostgreSQL_VERSION_NUM} / 10000")
+ math(EXPR _PostgreSQL_minor_version "${_PostgreSQL_VERSION_NUM} % 10000 / 100")
+ math(EXPR _PostgreSQL_patch_version "${_PostgreSQL_VERSION_NUM} % 100")
+ set(PostgreSQL_VERSION_STRING "${_PostgreSQL_major_version}.${_PostgreSQL_minor_version}.${_PostgreSQL_patch_version}")
+ unset(_PostgreSQL_major_version)
+ unset(_PostgreSQL_minor_version)
+ unset(_PostgreSQL_patch_version)
+ else ()
+ math(EXPR _PostgreSQL_major_version "${_PostgreSQL_VERSION_NUM} / 10000")
+ math(EXPR _PostgreSQL_minor_version "${_PostgreSQL_VERSION_NUM} % 10000")
+ set(PostgreSQL_VERSION_STRING "${_PostgreSQL_major_version}.${_PostgreSQL_minor_version}")
+ unset(_PostgreSQL_major_version)
+ unset(_PostgreSQL_minor_version)
+ endif ()
+ else ()
+ foreach(_PG_CONFIG_HEADER ${_PG_CONFIG_HEADERS})
+ if(EXISTS "${_PG_CONFIG_HEADER}")
+ file(STRINGS "${_PG_CONFIG_HEADER}" pgsql_version_str
+ REGEX "^#define[\t ]+PG_VERSION[\t ]+\".*\"")
+ if(pgsql_version_str)
+ string(REGEX REPLACE "^#define[\t ]+PG_VERSION[\t ]+\"([^\"]*)\".*"
+ "\\1" PostgreSQL_VERSION_STRING "${pgsql_version_str}")
+ break()
+ endif()
+ endif()
+ endforeach()
+ endif ()
+ unset(_PostgreSQL_VERSION_NUM)
+ unset(pgsql_version_str)
+endif()
+
+# Did we find anything?
+include(${CMAKE_CURRENT_LIST_DIR}/FindPackageHandleStandardArgs.cmake)
+find_package_handle_standard_args(PostgreSQL
+ REQUIRED_VARS PostgreSQL_LIBRARY PostgreSQL_INCLUDE_DIR PostgreSQL_TYPE_INCLUDE_DIR
+ VERSION_VAR PostgreSQL_VERSION_STRING)
+set(PostgreSQL_FOUND ${POSTGRESQL_FOUND})
+
+function(__postgresql_import_library _target _var _config)
+ if(_config)
+ set(_config_suffix "_${_config}")
+ else()
+ set(_config_suffix "")
+ endif()
+
+ set(_lib "${${_var}${_config_suffix}}")
+ if(EXISTS "${_lib}")
+ if(_config)
+ set_property(TARGET ${_target} APPEND PROPERTY
+ IMPORTED_CONFIGURATIONS ${_config})
+ endif()
+ set_target_properties(${_target} PROPERTIES
+ IMPORTED_LOCATION${_config_suffix} "${_lib}")
+ endif()
+endfunction()
+
+# Now try to get the include and library path.
+if(PostgreSQL_FOUND)
+ if (NOT TARGET PostgreSQL::PostgreSQL)
+ add_library(PostgreSQL::PostgreSQL UNKNOWN IMPORTED)
+ set_target_properties(PostgreSQL::PostgreSQL PROPERTIES
+ INTERFACE_INCLUDE_DIRECTORIES "${PostgreSQL_INCLUDE_DIR};${PostgreSQL_TYPE_INCLUDE_DIR}")
+ __postgresql_import_library(PostgreSQL::PostgreSQL PostgreSQL_LIBRARY "")
+ __postgresql_import_library(PostgreSQL::PostgreSQL PostgreSQL_LIBRARY "RELEASE")
+ __postgresql_import_library(PostgreSQL::PostgreSQL PostgreSQL_LIBRARY "DEBUG")
+ endif ()
+ set(PostgreSQL_INCLUDE_DIRS ${PostgreSQL_INCLUDE_DIR} ${PostgreSQL_TYPE_INCLUDE_DIR} )
+ set(PostgreSQL_LIBRARY_DIRS ${PostgreSQL_LIBRARY_DIR} )
+endif()
+
+mark_as_advanced(PostgreSQL_INCLUDE_DIR PostgreSQL_TYPE_INCLUDE_DIR)
diff --git a/cmake/GetGit.cmake b/cmake/GetGit.cmake
index ff4a4307d..3391fd3f2 100644
--- a/cmake/GetGit.cmake
+++ b/cmake/GetGit.cmake
@@ -1,4 +1,4 @@
-# Copyright (C) 2018 Greenbone Networks GmbH
+# Copyright (C) 2018-2022 Greenbone AG
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
diff --git a/cmake/SelectLibraryConfigurations.cmake b/cmake/SelectLibraryConfigurations.cmake
new file mode 100644
index 000000000..4c0e9a8c0
--- /dev/null
+++ b/cmake/SelectLibraryConfigurations.cmake
@@ -0,0 +1,80 @@
+# Distributed under the OSI-approved BSD 3-Clause License. See accompanying
+# file Copyright.txt or https://cmake.org/licensing for details.
+
+#[=======================================================================[.rst:
+SelectLibraryConfigurations
+---------------------------
+
+.. code-block:: cmake
+
+ select_library_configurations(basename)
+
+This macro takes a library base name as an argument, and will choose
+good values for the variables
+
+::
+
+ basename_LIBRARY
+ basename_LIBRARIES
+ basename_LIBRARY_DEBUG
+ basename_LIBRARY_RELEASE
+
+depending on what has been found and set.
+
+If only ``basename_LIBRARY_RELEASE`` is defined, ``basename_LIBRARY`` will
+be set to the release value, and ``basename_LIBRARY_DEBUG`` will be set
+to ``basename_LIBRARY_DEBUG-NOTFOUND``. If only ``basename_LIBRARY_DEBUG``
+is defined, then ``basename_LIBRARY`` will take the debug value, and
+``basename_LIBRARY_RELEASE`` will be set to ``basename_LIBRARY_RELEASE-NOTFOUND``.
+
+If the generator supports configuration types, then ``basename_LIBRARY``
+and ``basename_LIBRARIES`` will be set with debug and optimized flags
+specifying the library to be used for the given configuration. If no
+build type has been set or the generator in use does not support
+configuration types, then ``basename_LIBRARY`` and ``basename_LIBRARIES``
+will take only the release value, or the debug value if the release one
+is not set.
+#]=======================================================================]
+
+# This macro was adapted from the FindQt4 CMake module and is maintained by Will
+# Dicharry .
+
+macro(select_library_configurations basename)
+ if(NOT ${basename}_LIBRARY_RELEASE)
+ set(${basename}_LIBRARY_RELEASE "${basename}_LIBRARY_RELEASE-NOTFOUND" CACHE FILEPATH "Path to a library.")
+ endif()
+ if(NOT ${basename}_LIBRARY_DEBUG)
+ set(${basename}_LIBRARY_DEBUG "${basename}_LIBRARY_DEBUG-NOTFOUND" CACHE FILEPATH "Path to a library.")
+ endif()
+
+ get_property(_isMultiConfig GLOBAL PROPERTY GENERATOR_IS_MULTI_CONFIG)
+ if( ${basename}_LIBRARY_DEBUG AND ${basename}_LIBRARY_RELEASE AND
+ NOT ${basename}_LIBRARY_DEBUG STREQUAL ${basename}_LIBRARY_RELEASE AND
+ ( _isMultiConfig OR CMAKE_BUILD_TYPE ) )
+ # if the generator is multi-config or if CMAKE_BUILD_TYPE is set for
+ # single-config generators, set optimized and debug libraries
+ set( ${basename}_LIBRARY "" )
+ foreach( _libname IN LISTS ${basename}_LIBRARY_RELEASE )
+ list( APPEND ${basename}_LIBRARY optimized "${_libname}" )
+ endforeach()
+ foreach( _libname IN LISTS ${basename}_LIBRARY_DEBUG )
+ list( APPEND ${basename}_LIBRARY debug "${_libname}" )
+ endforeach()
+ elseif( ${basename}_LIBRARY_RELEASE )
+ set( ${basename}_LIBRARY ${${basename}_LIBRARY_RELEASE} )
+ elseif( ${basename}_LIBRARY_DEBUG )
+ set( ${basename}_LIBRARY ${${basename}_LIBRARY_DEBUG} )
+ else()
+ set( ${basename}_LIBRARY "${basename}_LIBRARY-NOTFOUND")
+ endif()
+
+ set( ${basename}_LIBRARIES "${${basename}_LIBRARY}" )
+
+ if( ${basename}_LIBRARY )
+ set( ${basename}_FOUND TRUE )
+ endif()
+
+ mark_as_advanced( ${basename}_LIBRARY_RELEASE
+ ${basename}_LIBRARY_DEBUG
+ )
+endmacro()
diff --git a/config/CMakeLists.txt b/config/CMakeLists.txt
index b0524aba8..a9c1ce686 100644
--- a/config/CMakeLists.txt
+++ b/config/CMakeLists.txt
@@ -1,4 +1,4 @@
-# Copyright (C) 2020 Greenbone Networks GmbH
+# Copyright (C) 2020-2022 Greenbone AG
#
# SPDX-License-Identifier: AGPL-3.0-or-later
#
@@ -17,26 +17,18 @@
if (NOT SYSTEMD_SERVICE_DIR)
- set (SYSTEMD_SERVICE_DIR "${CMAKE_INSTALL_PREFIX}/lib/systemd/system")
+ set (SYSTEMD_SERVICE_DIR "/lib/systemd/system")
endif (NOT SYSTEMD_SERVICE_DIR)
-if (NOT DEFAULT_CONFIG_DIR)
- set (DEFAULT_CONFIG_DIR "${CMAKE_INSTALL_PREFIX}/etc/default")
-endif (NOT DEFAULT_CONFIG_DIR)
-
if (NOT LOGROTATE_DIR)
- set (LOGROTATE_DIR "${CMAKE_INSTALL_PREFIX}/etc/logrotate.d")
+ set (LOGROTATE_DIR "${SYSCONFDIR}/logrotate.d")
endif (NOT LOGROTATE_DIR)
configure_file (gvmd.service.in gvmd.service)
configure_file (gvmd.logrotate.in gvmd.logrotate)
-configure_file (gvmd.default.in gvmd.default)
install (FILES ${CMAKE_CURRENT_BINARY_DIR}/gvmd.service
DESTINATION ${SYSTEMD_SERVICE_DIR}/)
-install (FILES ${CMAKE_CURRENT_BINARY_DIR}/gvmd.default
- DESTINATION ${DEFAULT_CONFIG_DIR}/ RENAME gvmd)
-
install (FILES ${CMAKE_CURRENT_BINARY_DIR}/gvmd.logrotate
DESTINATION ${LOGROTATE_DIR}/ RENAME gvmd)
diff --git a/config/gvmd.default.in b/config/gvmd.default.in
deleted file mode 100644
index 28c96744b..000000000
--- a/config/gvmd.default.in
+++ /dev/null
@@ -1,19 +0,0 @@
-#
-# The user for running the gvmd in the gvmd.service systemd file
-#
-GVMD_USER="gvm"
-
-#
-# The group for running the gvmd in the gvmd.service systemd file
-#
-GVMD_GROUP="gvm"
-
-#
-# Unix socket for OSP NVT update (--osp-vt-update)
-#
-OSP_VT_UPDATE="${OPENVAS_DEFAULT_SOCKET}"
-
-#
-# Additional options
-#
-OPTIONS=""
diff --git a/config/gvmd.service.in b/config/gvmd.service.in
index 3f47b8639..12f511625 100644
--- a/config/gvmd.service.in
+++ b/config/gvmd.service.in
@@ -7,11 +7,11 @@ ConditionKernelCommandLine=!recovery
[Service]
Type=forking
-User=$GVMD_USER
-Group=$GVMD_GROUP
-PIDFile=${GVM_RUN_DIR}/gvmd.pid
-EnvironmentFile=${DEFAULT_CONFIG_DIR}/gvmd
-ExecStart=${SBINDIR}/gvmd --osp-vt-update=$OSP_VT_UPDATE $OPTIONS
+User=gvm
+PIDFile=${GVMD_PID_PATH}
+RuntimeDirectory=gvmd
+RuntimeDirectoryMode=2775
+ExecStart=${SBINDIR}/gvmd --osp-vt-update=/run/ospd/ospd-openvas.sock --listen-group=gvm
Restart=always
TimeoutStopSec=10
diff --git a/doc/CMakeLists.txt b/doc/CMakeLists.txt
index 04a4fd4a6..88928c5f8 100644
--- a/doc/CMakeLists.txt
+++ b/doc/CMakeLists.txt
@@ -1,4 +1,4 @@
-# Copyright (C) 2009-2019 Greenbone Networks GmbH
+# Copyright (C) 2009-2022 Greenbone AG
#
# SPDX-License-Identifier: AGPL-3.0-or-later
#
@@ -92,7 +92,7 @@ else (NOT XSLTPROC_EXECUTABLE)
${CMAKE_BINARY_DIR}/src/schema_formats/XML/GMP.xml
${CMAKE_SOURCE_DIR}/src/schema_formats/RNC/generate
${CMAKE_SOURCE_DIR}/src/schema_formats/RNC/RNC.xsl
- ${CMAKE_SOURCE_DIR}/src/schema_formats/RNC/rnc.xsl)
+ ${CMAKE_SOURCE_DIR}/src/schema_formats/rnc.xsl)
add_custom_command (OUTPUT gmp.html
COMMAND sh
@@ -101,38 +101,23 @@ else (NOT XSLTPROC_EXECUTABLE)
${CMAKE_BINARY_DIR}/src/schema_formats/XML/GMP.xml
${CMAKE_SOURCE_DIR}/src/schema_formats/HTML/generate
${CMAKE_SOURCE_DIR}/src/schema_formats/HTML/HTML.xsl
- ${CMAKE_SOURCE_DIR}/src/schema_formats/HTML/rnc.xsl)
+ ${CMAKE_SOURCE_DIR}/src/schema_formats/rnc.xsl)
endif (NOT XSLTPROC_EXECUTABLE)
if (XMLTOMAN_EXECUTABLE)
add_custom_target (man COMMENT "Building manual page..."
- DEPENDS gvmd.8 greenbone-certdata-sync.8 greenbone-scapdata-sync.8)
+ DEPENDS gvmd.8)
add_custom_command (OUTPUT gvmd.8
COMMAND sh
ARGS -c \"${XMLTOMAN_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/gvmd.8.xml > ${CMAKE_CURRENT_BINARY_DIR}/gvmd.8\;\"
DEPENDS gvmd.8.xml)
- add_custom_command (OUTPUT greenbone-certdata-sync.8
- COMMAND sh
- ARGS -c \"${XMLTOMAN_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/greenbone-certdata-sync.8.xml > ${CMAKE_CURRENT_BINARY_DIR}/greenbone-certdata-sync.8\;\"
- DEPENDS greenbone-certdata-sync.8.xml)
-
- add_custom_command (OUTPUT greenbone-scapdata-sync.8
- COMMAND sh
- ARGS -c \"${XMLTOMAN_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/greenbone-scapdata-sync.8.xml > ${CMAKE_CURRENT_BINARY_DIR}/greenbone-scapdata-sync.8\;\"
- DEPENDS greenbone-scapdata-sync.8.xml)
else (XMLTOMAN_EXECUTABLE)
message (STATUS "WARNING: xmltoman is required to generate manpage.")
add_custom_command (OUTPUT gvmd.8
COMMAND echo "[Error: xmltoman required to see manpage here]"
> gvmd.8)
- add_custom_command (OUTPUT greenbone-certdata-sync.8
- COMMAND echo "[Error: xmltoman required to see manpage here]"
- > greenbone-certdata-sync.8)
- add_custom_command (OUTPUT greenbone-scapdata-sync.8
- COMMAND echo "[Error: xmltoman required to see manpage here]"
- > greenbone-scapdata-sync.8)
endif (XMLTOMAN_EXECUTABLE)
if (XMLMANTOHTML_EXECUTABLE)
@@ -158,6 +143,6 @@ if (XSLTPROC_EXECUTABLE)
COMPONENT doc)
endif (XSLTPROC_EXECUTABLE)
-install (FILES gvmd.8 greenbone-certdata-sync.8 greenbone-scapdata-sync.8
+install (FILES gvmd.8
DESTINATION share/man/man8/
COMPONENT doc)
diff --git a/doc/greenbone-certdata-sync.8.xml b/doc/greenbone-certdata-sync.8.xml
index fd1e1fd03..93e028876 100644
--- a/doc/greenbone-certdata-sync.8.xml
+++ b/doc/greenbone-certdata-sync.8.xml
@@ -3,7 +3,7 @@
0
-
+
@@ -427,6 +427,16 @@ along with this program. If not, see .
+
+ One of:
+
+
+
+
+
+
+
+
diff --git a/src/schema_formats/HTML/generate b/src/schema_formats/HTML/generate
index e58a13980..f22cffca8 100755
--- a/src/schema_formats/HTML/generate
+++ b/src/schema_formats/HTML/generate
@@ -1,5 +1,5 @@
#!/bin/sh
-# Copyright (C) 2010-2018 Greenbone Networks GmbH
+# Copyright (C) 2010-2022 Greenbone AG
#
# SPDX-License-Identifier: AGPL-3.0-or-later
#
diff --git a/src/schema_formats/HTML/rnc.xsl b/src/schema_formats/HTML/rnc.xsl
deleted file mode 100644
index 9ffa04000..000000000
--- a/src/schema_formats/HTML/rnc.xsl
+++ /dev/null
@@ -1,464 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- ↵
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- ↵
-
-
-
-
-
-
-
-
-
-
-
-
- ### Preamble
-
-start = command | response
-
-command
- =
-
-
-
-
- |
-
-
-
-
-response
- =
-
-
- _response
-
-
- |
-
-
-
-
-
-
-
-
-
-
-
-
-
- |
-
-
-
- |
-
- " }
-
-
- xsd:token { pattern = "
-
-
-
-
-
-
-
-
-
-
-
-
-
- #
-
- .
-
-
-
- attribute
-
- {
-
-
-
- }
-
-
- ?
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- _response
-
-
-
-
-
-
-
-
- |
-
-
-
- |
-
- " }
-
-
- xsd:token { pattern = "
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- *
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- (
-
-
-
- &
-
-
-
-
-
-
-
-
-
-
-
-
- )
-
-
-
-
-
-
-
-
- ?
-
-
- (
-
-
-
- |
-
-
-
-
-
-
-
-
-
-
-
-
- )
-
-
-
-
-
-
-
-
-
- ERROR
-
-
-
-
-
-
-
-
-
- ""
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text # RNC limitation:
-
-
-
-
-
-
-
-
-
-
-
-
- &
-
-
-
-
-
- &
-
-
-
-
-
-
-
-
-
-
-
-
-
- #
-
- .
-
-
-
-
-
-
-
- = element
-
- # type
-
-
- {
-
-
-
-
-
-
-
-
-
- }
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- = element
-
-
- {
-
-
-
-
-
-
-
- }
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- = element
-
-
- {
-
-
-
-
-
-
-
- }
-
-
-
-
-
-
-
-
-
-
diff --git a/src/schema_formats/RNC/RNC.xsl b/src/schema_formats/RNC/RNC.xsl
index b27538b89..29846804a 100644
--- a/src/schema_formats/RNC/RNC.xsl
+++ b/src/schema_formats/RNC/RNC.xsl
@@ -8,7 +8,7 @@
1
-
+
diff --git a/src/schema_formats/RNC/generate b/src/schema_formats/RNC/generate
index e36f767bf..84e6caaa8 100755
--- a/src/schema_formats/RNC/generate
+++ b/src/schema_formats/RNC/generate
@@ -1,5 +1,5 @@
#!/bin/sh
-# Copyright (C) 2010-2018 Greenbone Networks GmbH
+# Copyright (C) 2010-2022 Greenbone AG
#
# SPDX-License-Identifier: AGPL-3.0-or-later
#
diff --git a/src/schema_formats/XML-brief/GMP.xsl b/src/schema_formats/XML-brief/GMP.xsl
index e794e4077..9b0067546 100644
--- a/src/schema_formats/XML-brief/GMP.xsl
+++ b/src/schema_formats/XML-brief/GMP.xsl
@@ -7,7 +7,7 @@
extension-element-prefixes="str func">
@@ -3558,12 +3478,10 @@ along with this program. If not, see .
usage_typeUsage type (scan or policy) for the config. Can overwrite the one in get_configs_response
-
-
- scan
- policy
-
-
+
+ scan
+ policy
+
@@ -3751,12 +3669,10 @@ along with this program. If not, see .
auth_algorithmAuthentication algorithm for SNMP, either md5 or sha1
-
-
- md5
- sha1
-
-
+
+ md5
+ sha1
+
@@ -3769,12 +3685,10 @@ along with this program. If not, see .
algorithmThe SNMP privacy algorithm, either aes or des
-
-
- aes
- des
-
-
+
+ aes
+ des
+
@@ -3789,17 +3703,15 @@ along with this program. If not, see .
typeThe type of credential to create
-
-
- cc
- pgp
- pw
- smime
- snmp
- up
- usk
-
-
+
+ cc
+ pgp
+ pw
+ smime
+ snmp
+ up
+ usk
+
@@ -4093,7 +4005,7 @@ along with this program. If not, see .
active
- Seconds note will be active. -1 on always, 0 off
+ Days note will be active. -1 on always, 0 offinteger
@@ -4222,7 +4134,7 @@ along with this program. If not, see .
active
- Seconds override will be active. -1 on always, 0 off
+ Days override will be active. -1 on always, 0 offinteger
@@ -5201,6 +5113,11 @@ along with this program. If not, see .
If the list of hosts is empty, the command must also include a
target locator.
+
+ If the SSH elevate credential is set, the SSH credential must
+ also be set. The SSH elevate credential and the SSH credential
+ must differ.
+
name
@@ -5212,6 +5129,7 @@ along with this program. If not, see .
exclude_hostsssh_credential
+ ssh_elevate_credentialsmb_credentialesxi_credentialsnmp_credential
@@ -5219,6 +5137,7 @@ along with this program. If not, see .
smb_lsc_credentialesxi_lsc_credentialalive_tests
+ allow_simultaneous_ipsreverse_lookup_onlyreverse_lookup_unify
@@ -5290,6 +5209,17 @@ along with this program. If not, see .
text
+
+ ssh_elevate_credential
+ SSH elevate credentials for target
+
+
+ id
+ uuid
+ 1
+
+
+ smb_credentialSMB login credentials for target
@@ -5369,6 +5299,13 @@ along with this program. If not, see .
alive_test
+
+ allow_simultaneous_ips
+
+ Whether to scan multiple IPs of the same host simultaneously
+
+ boolean
+ reverse_lookup_onlyWhether to scan only hosts that have names
@@ -5502,12 +5439,10 @@ along with this program. If not, see .
usage_typeUsage type for the task (scan or audit), defaulting to scan
-
-
- scan
- audit
-
-
+
+ scan
+ audit
+
@@ -5868,7 +5803,6 @@ along with this program. If not, see .
copycommenthosts
- ifacespasswordrole
@@ -5901,18 +5835,6 @@ along with this program. If not, see .
text
-
- ifaces
- User access rules: a comma-separated list of ifaces
-
-
- allow
- If 1, allow only listed, otherwise forbid listed
- boolean
-
- text
-
- passwordThe password for the user
@@ -7288,7 +7210,7 @@ along with this program. If not, see .
details
- Whether to get config families, preferences, nvt selectors and tasks
+ Whether to get config families, preferences and nvt selectorsboolean
@@ -7433,24 +7355,20 @@ along with this program. If not, see .
typeThe type of the config (0 = OpenVAS, 1 OSP)
-
-
- 0
- 1
-
-
+
+ 0
+ 1
+ usage_typeThe usage type of the config (scan or policy)
-
-
- scan
- policy
-
-
+
+ scan
+ policy
+
@@ -7646,7 +7564,6 @@ along with this program. If not, see .
preferencenvt
- hr_namenameidtype
@@ -7671,11 +7588,6 @@ along with this program. If not, see .
name
-
- hr_name
- The full, more "human readable" name of the preference
- name
- nameThe compact name of the preference as used by the scanner
@@ -7829,12 +7741,10 @@ along with this program. If not, see .
order
-
-
- ascending
- descending
-
-
+
+ ascending
+ descending
+
@@ -8071,13 +7981,13 @@ along with this program. If not, see .
Optional tuples of sort criteria
- sort_field
+ fieldThe column to sort the aggregated rows by.
- With a subgroup column, groups will be sorted by the group_column first.
+ With a subgroup column, groups will be sorted by the group_column first
text
- sort_order
+ orderThe order to sort by
@@ -8087,7 +7997,7 @@ along with this program. If not, see .
- sort_stat
+ statThe statistic to sort the aggregated rows by
@@ -9022,12 +8932,10 @@ along with this program. If not, see .
order
-
-
- ascending
- descending
-
-
+
+ ascending
+ descending
+
@@ -9166,6 +9074,19 @@ along with this program. If not, see .
type is "host"
+
+
+ best_os_cpe
+ text
+ CPE-ID of best matching OS
+ severityseverity
@@ -9174,7 +9095,7 @@ along with this program. If not, see .
ostext
- Best matching OS
+ Best matching OS, either name or CPE-IDoss
@@ -9188,12 +9109,20 @@ along with this program. If not, see .
ip
- ip
+ textIP addresstype is "os"
+
+ all_hosts
+ integer
+
+ Number of all hosts using the asset, even if the OS
+ is not the best match
+
+ titletext
@@ -9202,7 +9131,7 @@ along with this program. If not, see .
hostsinteger
- Number of hosts using the asset
+ Number of hosts using the asset as best OS matchlatest_severity
@@ -9244,6 +9173,11 @@ along with this program. If not, see .
+
+ details
+ Whether to include additional information (e.g., tags)
+ boolean
+
@@ -9505,6 +9439,7 @@ along with this program. If not, see .
titleinstalls
+ all_installslatest_severityhighest_severityaverage_severity
@@ -9518,7 +9453,17 @@ along with this program. If not, see .
installs
- Number of hosts on which OS has been detected
+
+ Number of hosts on which OS has been detected as the best match
+
+ integer
+
+
+ all_installs
+
+ Number of hosts on which OS has been detected,
+ not necessarily as the best match
+ integer
@@ -9556,7 +9501,9 @@ along with this program. If not, see .
hosts
- Hosts on which this OS has been detected
+
+ Hosts on which this OS has been detected as the best match
+ asset
@@ -9740,12 +9687,10 @@ along with this program. If not, see .
order
-
-
- ascending
- descending
-
-
+
+ ascending
+ descending
+
@@ -10126,17 +10071,15 @@ along with this program. If not, see .
typeThe type of the credential
-
-
- cc
- pgp
- pw
- smime
- snmp
- up
- usk
-
-
+
+ cc
+ pgp
+ pw
+ smime
+ snmp
+ up
+ usk
+
@@ -10156,15 +10099,13 @@ along with this program. If not, see .
formatFormat as used in the command
-
-
- key
- rpm
- deb
- exe
- pem
-
-
+
+ key
+ rpm
+ deb
+ exe
+ pem
+
@@ -10172,12 +10113,10 @@ along with this program. If not, see .
auth_algorithmThe SNMP authentication algorithm
-
-
- md5
- sha1
-
-
+
+ md5
+ sha1
+
@@ -10189,12 +10128,10 @@ along with this program. If not, see .
algorithmThe SNMP privacy algorithm
-
-
- aes
- des
-
-
+
+ aes
+ des
+
@@ -10363,12 +10300,10 @@ along with this program. If not, see .
order
-
-
- ascending
- descending
-
-
+
+ ascending
+ descending
+
@@ -10972,12 +10907,10 @@ along with this program. If not, see .
order
-
-
- ascending
- descending
-
-
+
+ ascending
+ descending
+
@@ -11353,12 +11286,10 @@ along with this program. If not, see .
order
-
-
- ascending
- descending
-
-
+
+ ascending
+ descending
+
@@ -11454,7 +11385,7 @@ along with this program. If not, see .
type
- Type must be either CERT_BUND_ADV, CPE, CVE, DFN_CERT_ADV, OVALDEF or NVT
+ Type must be either CERT_BUND_ADV, CPE, CVE, DFN_CERT_ADV or NVTtext1
@@ -11506,7 +11437,7 @@ along with this program. If not, see .
severityseverity
- Severity of the SecInfo
+ CVSS severity score of the SecInfo
@@ -11649,55 +11580,7 @@ along with this program. If not, see .
- type is "ovaldef"
-
- version
- integer
- Version number of the OVAL Definition
-
-
- deprecated
- boolean
- Whether the OVAL Definition is deprecated
-
-
- class
- text
- Class of the OVAL Definition
-
-
- title
- text
- Title of the OVAL Definition
-
-
- description
- text
- Longer description of the OVAL Definition
-
-
- file
- text
- Name of the file containing the OVAL Definition
-
-
- status
- text
- Status of the OVAL Definition
-
-
- max_cvss
- severity
- Alias for severity
-
-
- cves
- integer
- Number of CVEs referencing this CPE
-
-
-
- type is either "cert_bund_adv" or "dfn_cert_adv"
+ type is either "cert_bund_adv" or "dfn_cert_adv"titletext
@@ -11770,7 +11653,6 @@ along with this program. If not, see .
cpecvedfn_cert_adv
- ovaldefnvt
@@ -11880,7 +11762,7 @@ along with this program. If not, see .
titlesummary
- max_cvss
+ severitycve_refsraw_data
@@ -11900,9 +11782,11 @@ along with this program. If not, see .
- max_cvss
- Highest CVSS score of CVEs referenced by the advisory
- text
+ severity
+ Highest CVSS severity score of CVEs referenced by the advisory
+
+ severity
+ cve_refs
@@ -11924,7 +11808,7 @@ along with this program. If not, see .
nvd_idtitle
- max_cvss
+ severitycve_refsstatuscves
@@ -11946,10 +11830,10 @@ along with this program. If not, see .
- max_cvss
- The highest CVSS recorder for this CPE
+ severity
+ The highest CVSS severity score recorded for this CPE
- integer
+ severity
@@ -11998,13 +11882,8 @@ along with this program. If not, see .
cve
- cvss
- vector
- complexity
- authentication
- confidentiality_impact
- integrity_impact
- availability_impact
+ severity
+ cvss_vectordescriptionproductsnvts
@@ -12013,50 +11892,15 @@ along with this program. If not, see .
A CVE info element
- cvss
- CVSS Base Score
-
- text
-
-
-
- vector
- CVSS Access Vector metric
-
- text
-
-
-
- complexity
- CVSS Attack Complexity metric
-
- text
-
-
-
- authentication
- CVSS Authentication metric
-
- text
-
-
-
- confidentiality_impact
- CVSS Confidentiality impact metric
-
- text
-
-
-
- integrity_impact
- CVSS Integrity impact metric
+ severity
+ CVSS severity score of the CVE
- text
+ severity
- availability_impact
- CVSS Availability impact metric
+ cvss_vector
+ CVSS base vector string
text
@@ -12155,7 +11999,7 @@ along with this program. If not, see .
titlesummary
- max_cvss
+ severitycve_refsraw_data
@@ -12175,97 +12019,17 @@ along with this program. If not, see .
- max_cvss
- Highest CVSS score of CVEs referenced by the advisory
- text
-
-
- cve_refs
- Number of CVEs referenced by this advisory
-
- integer
-
-
-
- raw_data
- Source representation of the information. Only when details were requested
-
- text
-
-
-
-
- ovaldef
-
- version
- deprecated
- status
- class
- title
- max_cvss
- cve_refs
- file
- description
- raw_data
-
- An OVAL definition info element
-
- version
- Version number of the OVAL definition
-
- integer
-
-
-
- deprecated
- Whether the definition is deprecated
-
- boolean
-
-
-
- status
- Lifecycle status text of the definition
-
- text
-
-
-
- class
- Definition class of the definition
-
- text
-
-
-
- title
- Title of the definition
+ severity
+ Highest CVSS severity score of CVEs referenced by the advisory
- text
+ severity
-
- max_cvss
- Highest CVSS score of CVEs referenced by the definition
- text
- cve_refs
- Number of CVEs referenced by the definition
- integer
-
-
- file
- Path to the source xml file, relative to the SCAP data directory
-
- text
-
-
-
- description
- Longer description of the definition. Only when details were requested
+ Number of CVEs referenced by this advisory
- text
+ integer
@@ -12351,12 +12115,10 @@ along with this program. If not, see .
order
-
-
- ascending
- descending
-
-
+
+ ascending
+ descending
+
@@ -12401,7 +12163,7 @@ along with this program. If not, see .
2012-10-26T13:18:00.000+0000GNU Gzip 1.3.3
- 10.0
+ 1005DRAFT
@@ -12526,18 +12288,14 @@ along with this program. If not, see .
CVE-2011-00182011-01-28T16:00:02Z
- 2011-02-05T07:01:22Z
+ 2018-10-10T20:09:00Z
+ 2020-11-13T02:30:00.000+0000002012-10-26T13:18:00.000+0000
- 9.0
- NETWORK
- LOW
- SINGLE_INSTANCE
- COMPLETE
- COMPLETE
- COMPLETE
+ 90
+ AV:N/AC:L/Au:S/C:C/I:C/A:CThe email function in manage_sql.c in ...(truncated for example)cpe:/a:openvas:openvas_manager:1.0.1 ...(truncated for example)
@@ -12767,12 +12525,10 @@ along with this program. If not, see .
order
-
-
- ascending
- descending
-
-
+
+ ascending
+ descending
+
@@ -12860,7 +12616,6 @@ along with this program. If not, see .
note fixed to result127.0.0.1general/tcp
- Mediumtest
@@ -12870,9 +12625,9 @@ along with this program. If not, see .
general/tcpTest NVT: control chars in report result
-
+ 5
+
- MediumWarning with control char between fullstops: . .
@@ -12883,6 +12638,211 @@ along with this program. If not, see .
+
+ get_license
+ Get the current license
+
+
+ The client uses the get_license command to get the current license.
+
+
+ This command is only available if gvmd is built with the licensing
+ library (libtheia).
+
+
+
+
+
+
+
+ status
+ status
+ 1
+
+
+ status_text
+ text
+ 1
+
+ license
+
+
+ license
+ The license information
+
+ status
+ content
+
+
+ status
+ Status of the license
+ text
+
+
+ content
+ The main content of the license file
+
+ meta
+ appliance
+ keys
+ signatures
+
+
+ meta
+ License metadata
+
+ version
+ id
+ comment
+ type
+ customer_name
+ created
+ begins
+ expires
+
+
+ version
+ Version of the license file schema
+ text
+
+
+ id
+ Unique Identifier of the license
+ text
+
+
+ comment
+ Short comment summarizing the license
+ text
+
+
+ type
+ License type, e.g. "trial" or "commercial"
+ text
+
+
+ customer_name
+ Name of the customer the license is issued for
+ text
+
+
+ created
+ Time the license was created
+ iso_time
+
+
+ begins
+ Time after which the license is valid
+ iso_time
+
+
+ expires
+ Time the license expires
+ iso_time
+
+
+
+ appliance
+ Hardware and appliance information
+
+ model
+ model_type
+
+
+ model
+ Appliance model, e.g. "one"
+ text
+
+
+ model_type
+ Appliance model type, e.g. "virtual" or "hardware"
+ text
+
+
+ sensor
+ Whether the license is applied to a sensor or not
+ boolean
+
+
+
+ keys
+ Base64 encoded access keys, e.g. feed keys
+
+ key
+
+
+ key
+ A Base64 encoded access key
+
+
+ name
+ Name of the key
+ text
+
+ text
+
+
+
+
+ signatures
+ Signatures of the license
+
+ signature
+
+
+ signature
+ A signature info item
+
+
+ name
+ Name of the signature
+ text
+
+ text
+
+
+
+
+
+
+
+ Get the current license
+
+
+
+
+
+
+
+ active
+
+
+ 4711
+ 1.0.0
+ Test License
+ trial
+ Jane Doe
+ 2021-08-27T06:05:21Z
+ 2021-08-27T07:05:21Z
+ 2021-09-04T07:05:21Z
+
+
+ trial
+ virtual
+ 0
+
+
+ *base64 GSF key*
+
+
+ *base64 signature*
+
+
+
+
+
+
+ get_nvtsGet one or many NVTs
@@ -13005,12 +12965,14 @@ along with this program. If not, see .
summaryfamilycvss_base
+ severitiesqodrefstagspreference_counttimeoutdefault_timeout
+ solutionpreferences
@@ -13096,6 +13058,11 @@ along with this program. If not, see .
CVSS base score of the NVTtext
+
+ severities
+ Severity information of the NVT
+ severities
+ qodThe quality of detection (QoD) of the NVT
@@ -13132,7 +13099,7 @@ along with this program. If not, see .
type
- Type of the reference, for example "cve", "bid", "dfn-cert", "cert-bund"
+ Type of the reference, for example "cve", "dfn-cert", "cert-bund"text
@@ -13165,6 +13132,23 @@ along with this program. If not, see .
The default_timeout of the NVTtext
+
+ solution
+ Solution for the vulnerability
+
+
+ type
+ The solution type, for example "VendorFix"
+ text
+
+
+ method
+ The solution method, for example "DebianAPTUpgrade"
+ text
+
+ text
+
+ preferencesList of preferences of the NVT
@@ -13189,6 +13173,7 @@ along with this program. If not, see .
nvtname
+ idtypevaluealt
@@ -13216,6 +13201,11 @@ along with this program. If not, see .
The name of the preferencetext
+
+ id
+ The ID of the preference
+ text
+ typeThe type of the preference
@@ -13256,6 +13246,7 @@ along with this program. If not, see .
Find what is listening on which portService detection
+ NOTAG-1
@@ -13602,12 +13593,10 @@ along with this program. If not, see .
order
-
-
- ascending
- descending
-
-
+
+ ascending
+ descending
+
@@ -14102,12 +14091,10 @@ along with this program. If not, see .
order
-
-
- ascending
- descending
-
-
+
+ ascending
+ descending
+
@@ -14602,12 +14589,10 @@ along with this program. If not, see .
order
-
-
- ascending
- descending
-
-
+
+ ascending
+ descending
+
@@ -14915,18 +14900,6 @@ along with this program. If not, see .
booleanWhether to apply Overrides
-
-
+
+ modify_license
+ Modify the existing license
+
+
+ The client uses the modify_license command to change the current
+ license.
+
+
+ The license has to be provided as a valid base64 encoded license
+ file.
+
+
+ This command is only available if gvmd is built with the licensing
+ library (libtheia).
+
+
+
+
+ allow_empty
+ Whether to allow an empty file
+ boolean
+ 0
+
+ file
+
+
+ file
+ The license file in base64 encoded form
+ text
+
+
+
+
+ status
+ status
+ 1
+
+
+ status_text
+ text
+ 1
+
+
+
+
+ Upload an new license file
+
+
+ [...]
+
+
+
+
+
+
+
+ modify_noteModify an existing note
@@ -23943,11 +23939,10 @@ along with this program. If not, see .
severitytasktext
- threatactive
- Seconds note will be active. -1 on always, 0 off
+ Days note will be active. -1 on always, 0 offinteger
@@ -23989,13 +23984,6 @@ along with this program. If not, see .
text
-
- threat
- Threat level to which note applies
-
- threat
-
- taskTask to which note applies
@@ -24080,7 +24068,7 @@ along with this program. If not, see .
active
- Seconds override will be active. -1 on always, 0 off
+ Days override will be active. -1 on always, 0 offinteger
@@ -24732,6 +24720,10 @@ along with this program. If not, see .
The client uses the modify_target command to change an existing target.
+
+ If the SSH elevate credential is set, the SSH credential must also be
+ set. The SSH elevate credential and the SSH credential must differ.
+
@@ -24746,6 +24738,7 @@ along with this program. If not, see .
hosts_orderingexclude_hostsssh_credential
+ ssh_elevate_credentialsmb_credentialesxi_credentialsnmp_credential
@@ -24756,6 +24749,7 @@ along with this program. If not, see .
alive_testsreverse_lookup_onlyreverse_lookup_unify
+ allow_simultaneous_ipscomment
@@ -24795,6 +24789,17 @@ along with this program. If not, see .
+
+ ssh_elevate_credential
+ SSH elevate credential to use on target
+
+
+ id
+ uuid
+ 1
+
+
+ smb_credentialSMB credential to use on target
@@ -24891,6 +24896,13 @@ along with this program. If not, see .
boolean
+
+ allow_simultaneous_ips
+
+ Whether to scan multiple IPs of the same host simultaneously
+
+ boolean
+
@@ -25049,12 +25061,14 @@ along with this program. If not, see .
commentalert
+ confignameobserverspreferencesscheduleschedule_periodsscanner
+ targetfile
@@ -25076,6 +25090,17 @@ along with this program. If not, see .
+
+ config
+ The scan configuration used by the task
+
+
+ id
+ uuid
+ 1
+
+
+ nameThe name of the task
@@ -25139,6 +25164,17 @@ along with this program. If not, see .
+
+ target
+ The hosts scanned by the task
+
+
+ id
+ uuid
+ 1
+
+
+ fileFile to attach to task
@@ -25381,7 +25417,6 @@ along with this program. If not, see .
passwordrolehosts
- ifacessources
@@ -25415,21 +25450,16 @@ along with this program. If not, see .
- ifaces
- User access rules: a comma-separated list of ifaces
+ password
+ The password for the user
- allow
- If 1, allow only listed, otherwise forbid listed
+ modify
+ If 0 then password is left alone, otherwise password is modifiedboolean
- text
-
-
-
- password
- The password for the user
- text
+ text
+
role
@@ -25445,7 +25475,20 @@ along with this program. If not, see .
sourcesList of authentication sources for this user (if omitted, no changes)
- sources
+
+ source
+
+
+ source
+ Authentication source
+
+
+ file
+ ldap_connect
+ radius_connect
+
+
+
@@ -25987,6 +26030,89 @@ along with this program. If not, see .
+
+ CREATE_TASK, CREATE_USER, GET_TASKS, GET_USERS, MODIFY_TASK, MODIFY_USER
+ Removed network interface (iface) options
+
+
+ The option to choose the source interface in the form of the task
+ preference "source_iface" has been removed as well as
+ the "ifaces" element of users to limit the allowed network
+ interfaces.
+
+
+ 22.4
+
+
+ GET_INFO
+ Removed the Secinfo-type OVALDEF from the GET_INFO command
+
+
+
+ The type OVALDEF is removed from the list of possible types for
+ the GET_INFO command.
+
+
+ OVAL Definitions are no longer supported.
+
+
+ 22.4
+
+
+ GET_INFO
+ Replaced CVSS score elements by integer score
+
+
+ The elements CVSS and MAX_CVSS of CPEs, CVEs, OVAL definitions and
+ CERT advisories are replaced by the SEVERITY element.
+
+
+ NVTs still contain the CVSS_BASE element for backward compatibility
+ of reports. However, the use of the CVSS_BASE element is deprecated
+ and the score attribute of the new SEVERITIES element should be used
+ instead.
+
+
+ 21.4
+
+
+ GET_INFO
+ Replaced CVSS vector components of CVEs with vector string
+
+
+ The elements VECTOR, COMPLEXITY, AUTHENTICATION,
+ CONFIDENTIALITY_IMPACT, INTEGRITY_IMPACT and AVAILABILITY_IMPACT
+ are replaced by the CVSS_VECTOR element that contains the CVSS base
+ vector in a shorter string representation.
+
+
+ This vector string can also use newer CVSS versions like 3.1 if
+ available.
+
+
+ 21.4
+
+
+ GET_REPORTS
+ Removed element SEVERITY_CLASS from element REPORT
+
+
+ The element SEVERITY_CLASS contained the range specification for the applied classification scheme.
+ There is only fixed scheme left, so the specificion is not needed anymore.
+
+
+ 21.4
+
+
+ GET_REPORTS, GET_RESULTS
+ Remove elements AUTOFP and AUTO_TYPE from element FILTERS
+
+
+ The element to specify the autofp value and the related auto_type for a filter is removed.
+
+
+ 21.4
+ CREATE_SCANNER, MODIFY_SCANNER, GET_REPORTSGMP scanners have been removed
@@ -26015,6 +26141,31 @@ along with this program. If not, see .
21.4
+
+ GET_REPORTS
+ Removed element RESULT_COUNT/DEBUG from element REPORT
+
+
+ The element DEBUG inside RESULT_COUNT is removed. Vulnerability tests do
+ not produce debug messages since 2012.
+
+
+ 21.4
+
+
+ GET_NOTES
+ Element THREAT has been removed
+
+
+ The element "THREAT" of element "NOTE" is removed.
+
+
+ This information is redundant with the element "SEVERITY".
+