openvas-cli 0.1.1 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- data/Gemfile +2 -0
- data/Gemfile.lock +50 -0
- data/VERSION +1 -1
- data/lib/openvas-cli/configuration.rb +25 -0
- data/lib/openvas-cli/conn_addin.rb +27 -0
- data/lib/openvas-cli/immutable_children_validator.rb +15 -0
- data/lib/openvas-cli/vas_administrator.rb +7 -0
- data/lib/openvas-cli/vas_base.rb +20 -30
- data/lib/openvas-cli/vas_config.rb +127 -0
- data/lib/openvas-cli/vas_connection.rb +140 -0
- data/lib/openvas-cli/vas_exceptions.rb +9 -7
- data/lib/openvas-cli/vas_lsc_credential.rb +110 -0
- data/lib/openvas-cli/vas_nvt.rb +64 -64
- data/lib/openvas-cli/vas_nvt_family.rb +39 -30
- data/lib/openvas-cli/vas_override.rb +6 -4
- data/lib/openvas-cli/vas_period.rb +89 -0
- data/lib/openvas-cli/vas_preference.rb +139 -49
- data/lib/openvas-cli/vas_report.rb +110 -103
- data/lib/openvas-cli/vas_result.rb +90 -89
- data/lib/openvas-cli/vas_schedule.rb +163 -55
- data/lib/openvas-cli/vas_target.rb +200 -23
- data/lib/openvas-cli/vas_task.rb +229 -30
- data/lib/openvas-cli/vas_task_progress.rb +29 -0
- data/lib/openvas-cli/xml_addin.rb +34 -0
- data/lib/openvas_cli.rb +19 -0
- data/openvas-cli.gemspec +28 -6
- data/spec/openvas-cli/vas_administrator_spec.rb +6 -0
- data/spec/openvas-cli/vas_config_spec.rb +81 -0
- data/spec/openvas-cli/vas_lsc_credential_spec.rb +72 -0
- data/spec/openvas-cli/vas_nvt_family_spec.rb +7 -5
- data/spec/openvas-cli/vas_nvt_spec.rb +30 -26
- data/spec/openvas-cli/vas_period_spec.rb +7 -0
- data/spec/openvas-cli/vas_preference_spec.rb +23 -21
- data/spec/openvas-cli/vas_report_spec.rb +65 -63
- data/spec/openvas-cli/vas_result_spec.rb +94 -93
- data/spec/openvas-cli/vas_schedule_spec.rb +154 -57
- data/spec/openvas-cli/vas_target_spec.rb +140 -28
- data/spec/openvas-cli/vas_task_spec.rb +92 -11
- data/spec/spec_helper.rb +15 -5
- metadata +72 -24
- data/lib/openvas-cli/openvas-cli.rb +0 -273
- data/spec/openvas-cli/openvas-cli_spec.rb +0 -45
@@ -1,273 +0,0 @@
|
|
1
|
-
require 'rubygems'
|
2
|
-
require 'socket'
|
3
|
-
require 'timeout'
|
4
|
-
require 'openssl'
|
5
|
-
require 'base64'
|
6
|
-
require 'nokogiri'
|
7
|
-
require 'time'
|
8
|
-
|
9
|
-
require 'vas_exceptions'
|
10
|
-
|
11
|
-
|
12
|
-
# = OpenvasCli
|
13
|
-
#
|
14
|
-
# Provides connectivity to OpenVAS Management service.
|
15
|
-
#
|
16
|
-
# Author:: Reed Swenson (mailto:fleureed@gmail.com)
|
17
|
-
# Copyright:: Copyright (c) 2010 eBankSystems, Inc.
|
18
|
-
# License:: GPL v2.0
|
19
|
-
class OpenvasCli
|
20
|
-
|
21
|
-
# OpenVAS username.
|
22
|
-
#
|
23
|
-
# Will be used for all requests.
|
24
|
-
#
|
25
|
-
# Defaults to: +admin+
|
26
|
-
def self.user
|
27
|
-
@@user ||= "admin"
|
28
|
-
end
|
29
|
-
|
30
|
-
# See: user
|
31
|
-
def self.user=(val)
|
32
|
-
@@user = val
|
33
|
-
end
|
34
|
-
|
35
|
-
# OpenVAS passowrd
|
36
|
-
#
|
37
|
-
# Defaults to: ""
|
38
|
-
def self.password
|
39
|
-
@@password ||= ""
|
40
|
-
end
|
41
|
-
|
42
|
-
# See password
|
43
|
-
def self.password=(val)
|
44
|
-
@@password = val
|
45
|
-
end
|
46
|
-
|
47
|
-
# Hostname or IP that hosts the OpenVAS Management service.
|
48
|
-
#
|
49
|
-
# Defaults to: +localhost+
|
50
|
-
def self.host
|
51
|
-
@@host ||= "localhost"
|
52
|
-
end
|
53
|
-
|
54
|
-
# See: host
|
55
|
-
def self.host=(val)
|
56
|
-
@@host = val
|
57
|
-
end
|
58
|
-
|
59
|
-
# Port on which the OpenVAS Management Service is listening.
|
60
|
-
#
|
61
|
-
# Defaults to: 9390
|
62
|
-
def self.port
|
63
|
-
@@port ||= 9390
|
64
|
-
end
|
65
|
-
|
66
|
-
# See: port
|
67
|
-
def self.port=(val)
|
68
|
-
@@port = val
|
69
|
-
end
|
70
|
-
|
71
|
-
# Communications timeout in seconds.
|
72
|
-
#
|
73
|
-
# Defaults to: 5
|
74
|
-
def self.time_out
|
75
|
-
@@time_out ||= 5
|
76
|
-
end
|
77
|
-
|
78
|
-
# See: time_out
|
79
|
-
def self.time_out=(val)
|
80
|
-
@@time_out = val
|
81
|
-
end
|
82
|
-
|
83
|
-
# Communications buffer size in bytes.
|
84
|
-
#
|
85
|
-
# Defaults to: 512
|
86
|
-
def self.buffer_size
|
87
|
-
@@buffer_size ||= 512
|
88
|
-
end
|
89
|
-
|
90
|
-
# See: buffer_size
|
91
|
-
def self.buffer_size=(val)
|
92
|
-
@@buffer_size = val
|
93
|
-
end
|
94
|
-
|
95
|
-
# By default, new will attempt to log into the OpenVAS management service.
|
96
|
-
# If this is set to +false+, the client will bypas the login when initialized.
|
97
|
-
# Before the client can send or receive any messages, login must be called.
|
98
|
-
#
|
99
|
-
# Defaults to: +true+
|
100
|
-
def self.auto_login
|
101
|
-
@@auto_login ||= true
|
102
|
-
end
|
103
|
-
|
104
|
-
# See: auto_login
|
105
|
-
def self.auto_login=(val)
|
106
|
-
@@auto_login = val
|
107
|
-
end
|
108
|
-
|
109
|
-
# Log4r style Logger used by the client.
|
110
|
-
def self.logger
|
111
|
-
@@logger
|
112
|
-
end
|
113
|
-
|
114
|
-
# See: logger
|
115
|
-
def self.logger=(val)
|
116
|
-
@@logger = val
|
117
|
-
end
|
118
|
-
|
119
|
-
# Initializes the client, connectes to the OpenVas Managment service specified
|
120
|
-
# by host & port, and unless auto_login is set to +false+, loggs in using
|
121
|
-
# username and password.
|
122
|
-
def initialize()
|
123
|
-
connect
|
124
|
-
|
125
|
-
if OpenvasCli.auto_login == true
|
126
|
-
login
|
127
|
-
end
|
128
|
-
end
|
129
|
-
|
130
|
-
# Closes the active connection and sets it up for re-connection.
|
131
|
-
def close
|
132
|
-
@socket.close if @socket
|
133
|
-
@socket = nil
|
134
|
-
end
|
135
|
-
|
136
|
-
# Logs into the OpenVAS Management service using the specified username and
|
137
|
-
# passoword. By default, this method is called by new unless auto_login is
|
138
|
-
# set to +false+.
|
139
|
-
def login
|
140
|
-
log_message("Logging in: :user => #{OpenvasCli.user}", :info)
|
141
|
-
areq = Nokogiri::XML::Builder.new { |xml|
|
142
|
-
xml.authenticate {
|
143
|
-
xml.credentials {
|
144
|
-
xml.username { xml.text(OpenvasCli.user) }
|
145
|
-
xml.password { xml.text(OpenvasCli.password) }
|
146
|
-
}
|
147
|
-
}
|
148
|
-
}
|
149
|
-
|
150
|
-
send_receive(areq.doc)
|
151
|
-
end
|
152
|
-
|
153
|
-
# Sends a message to the OpenVAS Management service and receives a response.
|
154
|
-
# If, for some reaon, the connection has been severed, it will re-establish
|
155
|
-
# the connection and attempts to login again.
|
156
|
-
# ---
|
157
|
-
# Parameters:
|
158
|
-
# [request] an Nokogiri::XML::Document or String to send to the management service.
|
159
|
-
# ---
|
160
|
-
# Returns:
|
161
|
-
# * A Nokogiri::XML::Document that contains the response from the management service.
|
162
|
-
# ---
|
163
|
-
# Exceptions:
|
164
|
-
# [VasExceptions::CommunicationException] When the transmission times out or encounters an unexpected end of file.
|
165
|
-
# [VasExceptions::CommandException] When the management service does not send back a 20* response status.
|
166
|
-
# ---
|
167
|
-
# Usage:
|
168
|
-
# cli = OpenvasCli.new
|
169
|
-
# req = Nokogiri::XML::Builder.new{ |xml|
|
170
|
-
# xml.do_something
|
171
|
-
# }
|
172
|
-
# response = cli.send_receive(req.doc)
|
173
|
-
# #parse the response and do something meaningful
|
174
|
-
def send_receive (request)
|
175
|
-
if request.kind_of? String
|
176
|
-
tosend = request
|
177
|
-
else
|
178
|
-
tosend = request.to_xml
|
179
|
-
end
|
180
|
-
|
181
|
-
unless @socket && @socket.state !~ /closed/i
|
182
|
-
log_message("Socket closed, Reconnecting", :info)
|
183
|
-
connect
|
184
|
-
login
|
185
|
-
end
|
186
|
-
log_message("Sending: #{tosend}", :debug)
|
187
|
-
|
188
|
-
@socket.puts(tosend)
|
189
|
-
|
190
|
-
rbuf=''
|
191
|
-
size=0
|
192
|
-
begin
|
193
|
-
begin
|
194
|
-
timeout(OpenvasCli.time_out) {
|
195
|
-
a = @socket.sysread(OpenvasCli.buffer_size)
|
196
|
-
size=a.length
|
197
|
-
rbuf << a
|
198
|
-
}
|
199
|
-
rescue Timeout::Error
|
200
|
-
size=0
|
201
|
-
msg = "Command Timed Out (#{$!})\nCommand: #{tosend}"
|
202
|
-
log.message msg, :error
|
203
|
-
raise VasExceptions::CommunicationException.new(msg)
|
204
|
-
rescue EOFError
|
205
|
-
msg = "EOFError(#{$!})\nReceived: #{rbuf}\nCommand: #{tosend}"
|
206
|
-
log_message msg, :error
|
207
|
-
raise VasExceptions::CommunicationException.new(msg)
|
208
|
-
end
|
209
|
-
end while size>=OpenvasCli.buffer_size
|
210
|
-
response= Nokogiri::XML(rbuf)
|
211
|
-
|
212
|
-
log_message "RECEIVED: #{response.to_xml}", :debug
|
213
|
-
|
214
|
-
unless extract_value_from("//@status", response) =~ /20\d/
|
215
|
-
msg = "Command Failed: #{extract_value_from("//@status_text", response)}\n" +
|
216
|
-
"Command: #{tosend}"
|
217
|
-
log_message msg, :error
|
218
|
-
raise VasExceptions::CommandException.new(msg)
|
219
|
-
end
|
220
|
-
|
221
|
-
response
|
222
|
-
end
|
223
|
-
|
224
|
-
private
|
225
|
-
|
226
|
-
def log_message(msg, level)
|
227
|
-
if OpenvasCli.logger
|
228
|
-
case level
|
229
|
-
when :debug
|
230
|
-
OpenvasCli.logger.debug msg
|
231
|
-
when :info
|
232
|
-
OpenvasCli.logger.info msg
|
233
|
-
when :warn
|
234
|
-
OpenvasCli.logger.warn msg
|
235
|
-
when :error
|
236
|
-
OpenvasCli.logger.error msg
|
237
|
-
when :fatal
|
238
|
-
OpenvasCli.logger.fatal msg
|
239
|
-
end
|
240
|
-
end
|
241
|
-
end
|
242
|
-
|
243
|
-
def extract_value_from(x_str, n)
|
244
|
-
ret = ""
|
245
|
-
if x_str =~ /@/
|
246
|
-
ret = n.at_xpath(x_str).value if n.at_xpath(x_str)
|
247
|
-
else
|
248
|
-
tn = n.at_xpath(x_str)
|
249
|
-
if tn
|
250
|
-
if tn.children.count > 0
|
251
|
-
tn.children.each { |tnc|
|
252
|
-
if tnc.text?
|
253
|
-
ret = tnc.text
|
254
|
-
end
|
255
|
-
}
|
256
|
-
else
|
257
|
-
ret = tn.text
|
258
|
-
end
|
259
|
-
end
|
260
|
-
end
|
261
|
-
|
262
|
-
ret
|
263
|
-
end
|
264
|
-
|
265
|
-
def connect
|
266
|
-
log_message("Connecting: :host => #{OpenvasCli.host}, :port => #{OpenvasCli.port}", :info)
|
267
|
-
plain_socket = TCPSocket.open(OpenvasCli.host, OpenvasCli.port)
|
268
|
-
ssl_context = OpenSSL::SSL::SSLContext.new
|
269
|
-
@socket = OpenSSL::SSL::SSLSocket.new(plain_socket, ssl_context)
|
270
|
-
@socket.sync_close = true
|
271
|
-
@socket.connect
|
272
|
-
end
|
273
|
-
end
|
@@ -1,45 +0,0 @@
|
|
1
|
-
require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
|
2
|
-
require 'nokogiri'
|
3
|
-
|
4
|
-
|
5
|
-
describe "OpenvasCli" do
|
6
|
-
before(:all) do
|
7
|
-
@cli = OpenvasCli.new
|
8
|
-
end
|
9
|
-
|
10
|
-
after(:all) do
|
11
|
-
@cli.close
|
12
|
-
end
|
13
|
-
|
14
|
-
it 'should create a valid instance with the provided credentials' do
|
15
|
-
#handled in the before(:all) block
|
16
|
-
end
|
17
|
-
|
18
|
-
it 'should pull rule definitions', :slow => true do
|
19
|
-
defs = @cli.get_rule_defs
|
20
|
-
defs.count.should > 0
|
21
|
-
|
22
|
-
defs.each { |d|
|
23
|
-
d.oid.should_not be nil
|
24
|
-
d.name.should_not be nil
|
25
|
-
d.name.length.should > 0
|
26
|
-
}
|
27
|
-
|
28
|
-
end
|
29
|
-
|
30
|
-
it 'should throw a command exception' do
|
31
|
-
bad_msg = Nokogiri::XML::Builder.new { |xml|
|
32
|
-
xml.foo
|
33
|
-
}
|
34
|
-
|
35
|
-
lambda {@cli.send_receive(bad_msg.doc)}.should raise_error(VasExceptions::CommandException)
|
36
|
-
end
|
37
|
-
|
38
|
-
it 'should throw a CommunicationException' do
|
39
|
-
bad_msg = Nokogiri::XML::Builder.new { |xml|
|
40
|
-
xml.get_schedules(:details => '1', :sort_field => 'next_time')
|
41
|
-
}
|
42
|
-
|
43
|
-
lambda {@cli.send_receive(bad_msg.doc)}.should raise_error(VasExceptions::CommunicationException)
|
44
|
-
end
|
45
|
-
end
|