openvas-cli 0.1.1 → 0.2.0

data/Gemfile

@@ -3,7 +3,9 @@ source "http://rubygems.org"
 # Example:
 gem "activesupport", ">= 3.0.5"
 gem 'activerecord', '>= 3.0.5'
+gem 'rails', '>=3.0.5'
 gem 'nokogiri', '>= 1.4.4'
+gem 'ipaddress', '>=0.7.0'
 
 # Add dependencies to develop your gem here.
 # Include everything needed to run rake, tests, features, etc.

data/Gemfile.lock

@@ -2,6 +2,20 @@ GEM
   remote: http://rubygems.org/
   specs:
     ZenTest (4.5.0)
+    abstract (1.0.0)
+    actionmailer (3.0.5)
+      actionpack (= 3.0.5)
+      mail (~> 2.2.15)
+    actionpack (3.0.5)
+      activemodel (= 3.0.5)
+      activesupport (= 3.0.5)
+      builder (~> 2.1.2)
+      erubis (~> 2.6.6)
+      i18n (~> 0.4)
+      rack (~> 1.2.1)
+      rack-mount (~> 0.6.13)
+      rack-test (~> 0.5.7)
+      tzinfo (~> 0.3.23)
     activemodel (3.0.5)
       activesupport (= 3.0.5)
       builder (~> 2.1.2)
@@ -11,18 +25,49 @@ GEM
       activesupport (= 3.0.5)
       arel (~> 2.0.2)
       tzinfo (~> 0.3.23)
+    activeresource (3.0.5)
+      activemodel (= 3.0.5)
+      activesupport (= 3.0.5)
     activesupport (3.0.5)
     arel (2.0.9)
     builder (2.1.2)
     diff-lcs (1.1.2)
+    erubis (2.6.6)
+      abstract (>= 1.0.0)
     git (1.2.5)
     i18n (0.5.0)
+    ipaddress (0.7.0)
     jeweler (1.5.2)
       bundler (~> 1.0.0)
       git (>= 1.2.5)
       rake
     log4r (1.1.9)
+    mail (2.2.15)
+      activesupport (>= 2.3.6)
+      i18n (>= 0.4.0)
+      mime-types (~> 1.16)
+      treetop (~> 1.4.8)
+    mime-types (1.16)
     nokogiri (1.4.4)
+    polyglot (0.3.1)
+    rack (1.2.2)
+    rack-mount (0.6.13)
+      rack (>= 1.0.0)
+    rack-test (0.5.7)
+      rack (>= 1.0)
+    rails (3.0.5)
+      actionmailer (= 3.0.5)
+      actionpack (= 3.0.5)
+      activerecord (= 3.0.5)
+      activeresource (= 3.0.5)
+      activesupport (= 3.0.5)
+      bundler (~> 1.0)
+      railties (= 3.0.5)
+    railties (3.0.5)
+      actionpack (= 3.0.5)
+      activesupport (= 3.0.5)
+      rake (>= 0.8.7)
+      thor (~> 0.14.4)
     rake (0.8.7)
     rcov (0.9.9)
     rspec (2.3.0)
@@ -33,6 +78,9 @@ GEM
     rspec-expectations (2.3.0)
       diff-lcs (~> 1.1.2)
     rspec-mocks (2.3.0)
+    thor (0.14.6)
+    treetop (1.4.9)
+      polyglot (>= 0.3.1)
     tzinfo (0.3.24)
 
 PLATFORMS
@@ -43,8 +91,10 @@ DEPENDENCIES
   activerecord (>= 3.0.5)
   activesupport (>= 3.0.5)
   bundler (~> 1.0.0)
+  ipaddress (>= 0.7.0)
   jeweler (~> 1.5.2)
   log4r
   nokogiri (>= 1.4.4)
+  rails (>= 3.0.5)
   rcov
   rspec (~> 2.3.0)

data/VERSION

@@ -1 +1 @@
-0.1.1
+0.2.0

data/lib/openvas-cli/configuration.rb

@@ -0,0 +1,25 @@
+module OpenvasCli
+  class Configuration
+    def initialize
+      config_opts = {
+        :username => "admin", 
+        :password => "", 
+        :host => "localhost", 
+        :port => 9390, 
+        :buffer_size => 512, 
+        :time_out => 60, 
+        :auto_login => true, 
+        :max_tries => 3
+      }
+      
+      config_opts.each { |key, value|
+        add_configuration(key, value)
+      }
+    end
+  
+    def add_configuration(name, default)
+      Configuration.send :attr_accessor, name.to_sym
+      instance_variable_set("@#{name.to_s}".to_sym, default)
+    end
+  end
+end

data/lib/openvas-cli/conn_addin.rb

@@ -0,0 +1,27 @@
+require 'vas_connection'
+module OpenvasCli
+  module ConnAddin
+    def self.included(base)
+      base.send :extend, ClassMethods
+    end
+    
+    module ClassMethods
+      def has_vas_connection(connection_type=:manager)
+        @@config = {:password => "Password"}
+        if connection_type == :manager
+          @@config[:port] = 9390
+        elsif connection_type == :administrator
+          @@config[:port] = 9393
+        end
+      end
+      
+      def establish_connection
+        VasConnection.new(@@config)
+      end
+      
+      def connection
+        @@connection ||= establish_connection
+      end
+    end
+  end
+end

data/lib/openvas-cli/immutable_children_validator.rb

@@ -0,0 +1,15 @@
+require 'active_model'
+
+module OpenvasCli
+  class ImmutableChildrenValidator < ActiveModel::Validator
+    def validate(record)
+      if record.id
+        record.errors[:base] << "Configuration cannot change after creation." \
+          if record.config_id_changed?
+          
+        record.errors[:base] << "Target cannot change after creation." \
+          if record.target_id_changed? || record.target.changed?
+      end
+    end
+  end
+end

data/lib/openvas-cli/vas_administrator.rb

@@ -0,0 +1,7 @@
+require 'vas_base'
+
+module OpenvasCli
+  class VasAdministrator < VasBase
+    
+  end
+end

data/lib/openvas-cli/vas_base.rb

@@ -1,40 +1,30 @@
 require 'active_model'
+require 'base64'
 Dir["#{File.dirname(__FILE__)}/*_validator.rb"].each {|f| require f}
+require 'vas_exceptions'
+require 'xml_addin'
+require 'conn_addin'
 
 # Provides a base from which to build objects that utilize the OpenvasCli object.
 # Includes support for ActiveModel validations and a helper method (extract_value_from)
 # to assist in OpenVAS object implementations.
-class VasBase
-  include ActiveModel::Validations
-  
-  # OpenvasCli object to be used for communications.  Initializes a new instance
-  # if one does not already exist.
-  def self.client
-    @@client ||= OpenvasCli.new
-  end
-  
-  # Helper method to extract a value from a Nokogiri::XML::Node object.  If the
-  # xpath provided contains an @, then the method assumes that the value resides
-  # in an attribute, otherwise it pulls the text of the last +text+ node.
-  def self.extract_value_from(x_str, n)
-    ret = ""
-    if x_str =~ /@/
-      ret = n.at_xpath(x_str).value  if n.at_xpath(x_str)
-    else
-      tn =  n.at_xpath(x_str)
-      if tn
-        if tn.children.count > 0
-          tn.children.each { |tnc|
-            if tnc.text?
-              ret = tnc.text
-            end
-          }
-        else
-          ret = tn.text
-        end
-      end
+module OpenvasCli
+  class VasBase
+    include ActiveModel::Validations
+    include ActiveModel::Dirty
+    include XmlAddin
+    include ConnAddin
+    
+    has_vas_connection(:manager)
+    
+    attr_accessor :id
+    
+    def new_record?
+      @id == nil || @id.empty?
     end
     
-    ret
+    def reset_changes
+      @changed_attributes.clear if @changed_attributes 
+    end
   end
 end

data/lib/openvas-cli/vas_config.rb

@@ -0,0 +1,127 @@
+require 'vas_base'
+require 'vas_task'
+require 'vas_nvt_family'
+require 'vas_preference'
+require 'vas_exceptions'
+
+module OpenvasCli
+  class VasConfig < VasBase
+    attr_accessor :name
+    attr_accessor :comment
+    attr_accessor :families_grow
+    attr_accessor :rules_grow
+    attr_accessor :in_use
+    
+    define_attribute_methods [:name, :comment, :families_grow, :in_use, :tasks,
+                              :preferences, :families]
+    
+    validates :id, :UUID => true, :if => Proc.new { |o| o.id }  
+    validates :name, :presence=>true, :length => {:minimum=>1, :maximum=>80}
+    
+    def initialize(attributes = {})
+      @id = attributes[:id] if attributes[:id]
+      @name = attributes[:name] if attributes[:name]
+      @comment = attributes[:comment] if attributes[:comment] 
+      @families_grow = attributes[:families_grow] if attributes[:families_grow]
+      @rules_grow = attributes[:rules_grow] if attributes[:rules_grow]
+    end
+    
+    def tasks
+      @tasks ||= []
+    end
+    
+    def preferences
+      @preferences ||= []
+    end
+    
+    def families
+      @families ||= []
+    end
+    
+    def self.get_all(options = {})
+      params = {:sort_field  => "name"}
+      if options[:show_details] && options[:show_details] == true
+        params.merge!({:families => "1", :preferences => "1"})
+      end    
+      params[:config_id] = options[:id] if options[:id]
+      req = Nokogiri::XML::Builder.new { |xml|
+        xml.get_configs(params)
+      }
+      
+      resp = connection.send_receive(req.doc)
+      
+      ret = []
+      resp.xpath("/get_configs_response/config").each { |xml|
+        cfg               = VasConfig.new
+        cfg.id            = extract_value_from("@id", xml)
+        cfg.name          = extract_value_from("name", xml)
+        cfg.comment       = extract_value_from("comment", xml)
+        cfg.families_grow = extract_value_from("family_count/growing", xml).to_i > 0
+        cfg.rules_grow    = extract_value_from("nvt_count/growing", xml).to_i > 0
+        cfg.in_use        = extract_value_from("in_use", xml).to_i > 0
+        
+        xml.xpath("tasks/task").each { |t| cfg.tasks << VasTask.from_xml_node(t) }
+        xml.xpath("families/family").each { |f| cfg.families << VasNVTFamily.from_xml_node(f) }
+        xml.xpath("preferences/preference").each { |p| 
+          p = VasPreference.from_xml_node(p) 
+          p.config_id = cfg.id
+          p.reset_changes
+          cfg.preferences << p
+        }
+        
+        cfg.reset_changes
+        
+        ret << cfg
+      }
+      
+      ret
+    end
+    
+    def self.copy_config(id, name)
+      begin
+        req = Nokogiri::XML::Builder.new { |xml|
+          xml.create_config {
+            xml.copy { xml.text(id) }
+            xml.name { xml.text(name) }
+          }
+        }
+        
+        resp = connection.send_receive(req.doc)
+        new_id = extract_value_from("/create_config_response/@id", resp)
+        
+        get_all(:id => new_id, :show_details => true)[0]
+      rescue VasExceptions::CommandException => e
+        nil
+      end
+    end
+
+    def save!
+      @previously_changed = changes
+      preferences.each{ |p| p.save! if p.changed? }
+      @changed_attributes.clear
+    end
+    
+    def destroy
+      begin
+        destroy!
+        
+        true
+      rescue Exception => e
+  #      logger = OpenvasCli.logger
+  #      logger.error("Could Not Destroy Configuration: (#{e.class})#{e.message}") if logger
+      
+        false
+      end
+    end
+    
+    def destroy!
+      tasks.each { |t| t.destroy! }
+      
+      req = Nokogiri::XML::Builder.new { |xml|
+        xml.delete_config(:config_id => @id)
+      }
+      
+      VasConfig.connection.send_receive(req.doc)
+    end
+  end
+end

data/lib/openvas-cli/vas_connection.rb

@@ -0,0 +1,140 @@
+require 'nokogiri'
+require 'vas_exceptions'
+require 'xml_addin'
+require 'openssl'
+require 'timeout'
+
+module OpenvasCli
+  class VasConnection
+    include XmlAddin
+    # Initializes the client, connectes to the OpenVas Managment service specified 
+    # by host & port, and unless auto_login is set to +false+, loggs in using 
+    # username and password.
+    def initialize(config={})
+      @logger = OpenvasCli.logger
+      @config = OpenvasCli.configuration 
+      
+      connect
+      if @config.auto_login == true
+        login
+      end
+    end
+    
+    # Closes the active connection and sets it up for re-connection.
+    def close
+      @socket.close if @socket
+      @socket = nil
+    end
+    
+    def config
+      @config ||= {}
+    end
+    
+    # Logs into the OpenVAS Management service using the specified username and
+    # passoword.  By default, this method is called by new unless auto_login is 
+    # set to +false+.
+    def login
+      log_message("Logging in: :user => #{@config.username}", :info)
+      areq = Nokogiri::XML::Builder.new { |xml|
+        xml.authenticate {
+          xml.credentials {
+            xml.username { xml.text(@config.username) }
+            xml.password { xml.text(@config.password) }
+          }
+        }
+      }
+      
+      send_receive(areq.doc)
+    end
+    
+    def state
+      @socket ? @socket.state : "closed"
+    end
+
+    def send_receive(request)
+      if request.kind_of? String
+        tosend = request
+      else
+        tosend = request.to_xml
+      end
+      
+      tries = 0
+
+      begin  
+        unless @socket && @socket.state =~ /sslok/i
+          log_message("Socket closed, Reconnecting", :info)
+          connect
+          login
+        end
+        log_message("Sending: #{tosend}", :debug)
+
+        @socket.puts(tosend)
+
+        rbuf=''
+        size=0
+        begin
+          timeout(@config.time_out) {
+              a    = @socket.sysread(@config.buffer_size)
+              size = a.length
+              rbuf << a
+          }
+        end while size >= @config.buffer_size
+      rescue Timeout::Error
+        msg = "Command Timed Out [#{tries}] (#{$!})\nCommand: #{tosend}"
+        log_message msg, :error
+        tries += 1
+        @socket = nil
+        retry if tries < @config.max_tries
+        raise VasExceptions::CommunicationException.new(msg)
+      rescue EOFError
+        msg = "EOFError [#{tries}] (#{$!})\nReceived: #{rbuf}\nCommand: #{tosend}"
+        log_message msg, :error
+        tries += 1
+        @socket = nil
+        retry if tries < @config.max_tries
+        raise VasExceptions::CommunicationException.new(msg)
+      end
+      
+      response = Nokogiri::XML(rbuf)
+      
+      log_message "RECEIVED: #{response.to_xml}", :debug
+      
+      unless VasConnection.extract_value_from("//@status", response) =~ /20\d/
+        msg = "Command Failed: #{VasConnection.extract_value_from("//@status_text", response)}\n" +
+              "Command Status: #{VasConnection.extract_value_from("//@status", response)}\n" +
+              "Command: #{tosend}\n" +
+              "Response: #{response.to_xml}"
+        log_message msg, :error
+        raise VasExceptions::CommandException.new(msg)
+      end
+      
+      response
+    end
+  private
+    def log_message(msg, level)
+      if @logger
+        case level
+        when :debug
+          @logger.debug msg
+        when :info
+          @logger.info msg
+        when :warn
+          @logger.warn msg
+        when :error
+          @logger.error msg
+        when :fatal
+          @logger.fatal msg
+        end
+      end
+    end
+    
+    def connect
+      log_message("Connecting: :host => #{@config.host}, :port => #{@config.port}", :info)
+      plain_socket       = TCPSocket.open(@config.host, @config.port)
+      ssl_context        = OpenSSL::SSL::SSLContext.new
+      @socket            = OpenSSL::SSL::SSLSocket.new(plain_socket, ssl_context)
+      @socket.sync_close = true
+      @socket.connect
+    end
+  end
+end