Hello community, here is the log from the commit of package openvas-manager for openSUSE:Factory checked in at Mon Jun 6 13:36:04 CEST 2011.
-------- --- openvas-manager/openvas-manager.changes 2011-04-22 13:26:13.000000000 +0200 +++ /mounts/work_src_done/STABLE/openvas-manager/openvas-manager.changes 2011-05-31 19:45:06.000000000 +0200 @@ -1,0 +2,16 @@ +Tue May 31 17:16:16 UTC 2011 - [email protected] + +- Updated to 2.0.4 + * Compiler warnings from gcc 4.6 discovered by Stephan Kleine were addressed. + * The mail addresses supplied for an email escalator are now used in the correct + order. + * Privilege dropping is now done directly and not via the shell. + * A bug which caused the Manager to fail to start when launched without a + database has been fixed. + * A race condition which caused empty reports from the slave when running in + master-slave mode under certain conditions has been fixed. + * A bug which caused the timestamp of the scan end not to be written to the + Manager database when running a task with an escalator under certain + conditions has been fixed. + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- debian.series openvas-manager-2.0.3-install.patch openvas-manager-2.0.3.tar.gz New: ---- openvas-manager-2.0.4.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openvas-manager.spec ++++++ --- /var/tmp/diff_new_pack.yCnJWS/_old 2011-06-06 13:35:43.000000000 +0200 +++ /var/tmp/diff_new_pack.yCnJWS/_new 2011-06-06 13:35:43.000000000 +0200 @@ -19,7 +19,7 @@ Name: openvas-manager -Version: 2.0.3 +Version: 2.0.4 Release: 1 License: GPLv2+ Group: Productivity/Networking/Security @@ -30,7 +30,6 @@ Source3: openvasmd.init.suse Source4: openvasmd.init.fedora Source5: openvasmd.init.mandriva -Patch0: openvas-manager-2.0.3-install.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %if 0%{?fedora_version} || 0%{?scientificlinux_version} @@ -65,7 +64,6 @@ %prep %setup -q -%patch0 %build %if 0%{?mandriva_version} ++++++ debian.changelog ++++++ --- /var/tmp/diff_new_pack.yCnJWS/_old 2011-06-06 13:35:43.000000000 +0200 +++ /var/tmp/diff_new_pack.yCnJWS/_new 2011-06-06 13:35:43.000000000 +0200 @@ -1,3 +1,20 @@ +openvas-manager (2.0.4-1) UNRELEASED; urgency=low + + * New upstream release. + - Compiler warnings from gcc 4.6 discovered by Stephan Kleine were addressed. + - The mail addresses supplied for an email escalator are now used in the correct + order. + - Privilege dropping is now done directly and not via the shell. + - A bug which caused the Manager to fail to start when launched without a + database has been fixed. + - A race condition which caused empty reports from the slave when running in + master-slave mode under certain conditions has been fixed. + - A bug which caused the timestamp of the scan end not to be written to the + Manager database when running a task with an escalator under certain + conditions has been fixed. + + -- Stephan Kleine <[email protected]> Tue, 31 May 2011 19:18:27 +0200 + openvas-manager (2.0.3-1) UNRELEASED; urgency=low * New upstream release. ++++++ openvas-manager-2.0.3.tar.gz -> openvas-manager-2.0.4.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.3/CHANGES new/openvas-manager-2.0.4/CHANGES --- old/openvas-manager-2.0.3/CHANGES 2011-04-15 15:30:03.000000000 +0200 +++ new/openvas-manager-2.0.4/CHANGES 2011-05-30 15:59:05.000000000 +0200 @@ -1,3 +1,30 @@ +openvas-manager 2.0.4 (2011-05-30) + +This is the fourth maintenance release of the openvas-manager 2.0 module for the +Open Vulnerability Assessment System release 4 (OpenVAS-4). The OpenVAS Manager +is the central management service between the actual security scanner and +various user clients. + +This release fixes a number of issues discovered after the release of +openvas-manager 2.0.3. + +Many thanks to everyone who has contributed to this release: +Stephan Kleine, Matthew Mundell and Michael Wiegand. + +Main changes since 2.0.3: +* Compiler warnings from gcc 4.6 discovered by Stephan Kleine were addressed. +* The mail addresses supplied for an email escalator are now used in the correct + order. +* Privilege dropping is now done directly and not via the shell. +* A bug which caused the Manager to fail to start when launched without a + database has been fixed. +* A race condition which caused empty reports from the slave when running in + master-slave mode under certain conditions has been fixed. +* A bug which caused the timestamp of the scan end not to be written to the + Manager database when running a task with an escalator under certain + conditions has been fixed. + + openvas-manager 2.0.3 (2011-04-15) This is the third maintenance release of the openvas-manager 2.0 module for the diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.3/CMakeLists.txt new/openvas-manager-2.0.4/CMakeLists.txt --- old/openvas-manager-2.0.3/CMakeLists.txt 2011-04-15 15:30:03.000000000 +0200 +++ new/openvas-manager-2.0.4/CMakeLists.txt 2011-05-30 15:59:05.000000000 +0200 @@ -78,7 +78,7 @@ set (CPACK_TOPLEVEL_TAG "") set (CPACK_PACKAGE_VERSION_MAJOR "2") set (CPACK_PACKAGE_VERSION_MINOR "0") -set (CPACK_PACKAGE_VERSION_PATCH "3${SVN_REVISION}") +set (CPACK_PACKAGE_VERSION_PATCH "4${SVN_REVISION}") set (CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}") set (CPACK_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") set (CPACK_SOURCE_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") @@ -257,7 +257,7 @@ ## Install -install (CODE "file (MAKE_DIRECTORY ${OPENVAS_STATE_DIR}/openvasmd/report_formats/)") +install (CODE "file (MAKE_DIRECTORY \$ENV{DESTDIR}${OPENVAS_STATE_DIR}/openvasmd/report_formats)") install (FILES ${CMAKE_BINARY_DIR}/src/openvasmd_log.conf DESTINATION ${OPENVAS_SYSCONF_DIR}) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.3/ChangeLog new/openvas-manager-2.0.4/ChangeLog --- old/openvas-manager-2.0.3/ChangeLog 2011-04-15 15:30:03.000000000 +0200 +++ new/openvas-manager-2.0.4/ChangeLog 2011-05-30 15:59:05.000000000 +0200 @@ -1,3 +1,77 @@ +2011-05-30 Michael Wiegand <[email protected]> + + Preparing the openvas-manager 2.0.4 release. + + * CHANGES: Updated. + +2011-05-30 Matthew Mundell <[email protected]> + + * src/manage_sql.c (manage_report, manage_send_report): Clear parent state + in child. Backport from trunk r10906. + +2011-05-30 Matthew Mundell <[email protected]> + + Backport trunk r10949. + + * src/manage_sql.c (print_report_xml): Add full count as text, to preserve + compatibility with OMP 1. Some of the report formats use this value. + + * src/schema_formats/XML/OMP.xml (report): Add result_count text. + + * doc/omp.rnc, doc/omp.html: Update from source. + +2011-05-26 Matthew Mundell <[email protected]> + + * src/manage_sql.c (manage_report): Wait on the child PID, just to be + sure. Backport from trunk r10997. + +2011-05-26 Matthew Mundell <[email protected]> + + * src/manage_sql.c (manage_send_report): Wait on the child PID, just to be + sure. Backport from trunk r10996. + +2011-04-25 Matthew Mundell <[email protected]> + + * src/manage_sql.c (manage_report, manage_send_report): Drop privileges + directly instead of with su via the shell. Backport from trunk r10825. + +2011-04-25 Matthew Mundell <[email protected]> + + * src/manage_sql.c (init_manage_process): Check stat return in permission + check. Backport from trunk r10804. + +2011-05-24 Matthew Mundell <[email protected]> + + Quiet compiler warnings. Thanks to Stephan Kleine for original patch. + Backport from trunk. Originally committed in r10991. + + * src/manage_sql.c (manage_report, manage_send_report): Remove old + variable. + (months_between): Remove stray variable. + + * src/omp.c (omp_xml_handle_end_element): In CLIENT_MODIFY_TASK remove + variable "first" which is only used by an assertion. + +2011-05-04 Matthew Mundell <[email protected]> + + * src/manage_sql.c (email): Put the To address in the sendmail command + instead of the From address. Backport from trunk; initially committed in + r10875. + +2011-04-22 Stephan Kleine + + * CMakeLists.txt: Fix formatting. + +2011-04-22 Stephan Kleine + + * CMakeLists.txt: Fix installation with DESTDIR. + +2011-04-15 Michael Wiegand <[email protected]> + + Post release version bump. + + * CMakeLists.txt: Updated version number. + 2011-04-15 Michael Wiegand <[email protected]> Preparing the openvas-manager 2.0.3 release. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.3/doc/omp.html new/openvas-manager-2.0.4/doc/omp.html --- old/openvas-manager-2.0.3/doc/omp.html 2011-04-15 15:30:00.000000000 +0200 +++ new/openvas-manager-2.0.4/doc/omp.html 2011-05-30 15:59:04.000000000 +0200 @@ -7799,7 +7799,8 @@ </li> <li> <<b>result_count</b>> - <ul style="list-style: none"> + <div style="margin-left: 15px; display: inline;">Counts of results produced by scan.</div> +<ul style="list-style: none"> <li> <<b>full</b>> <div style="margin-left: 15px; display: inline;">Total number of results produced by scan.</div> @@ -8175,7 +8176,8 @@ get_reports_response_report_report_result_count = element result_count { - get_reports_response_report_report_result_count_full + text + & get_reports_response_report_report_result_count_full & get_reports_response_report_report_result_count_filtered & get_reports_response_report_report_result_count_debug & get_reports_response_report_report_result_count_hole diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.3/doc/omp.rnc new/openvas-manager-2.0.4/doc/omp.rnc --- old/openvas-manager-2.0.3/doc/omp.rnc 2011-04-15 15:30:00.000000000 +0200 +++ new/openvas-manager-2.0.4/doc/omp.rnc 2011-05-30 15:59:04.000000000 +0200 @@ -3838,10 +3838,12 @@ task_status } +# Counts of results produced by scan. get_reports_response_report_report_result_count = element result_count { - get_reports_response_report_report_result_count_full + text + & get_reports_response_report_report_result_count_full & get_reports_response_report_report_result_count_filtered & get_reports_response_report_report_result_count_debug & get_reports_response_report_report_result_count_hole diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.3/src/manage_sql.c new/openvas-manager-2.0.4/src/manage_sql.c --- old/openvas-manager-2.0.3/src/manage_sql.c 2011-04-15 15:30:00.000000000 +0200 +++ new/openvas-manager-2.0.4/src/manage_sql.c 2011-05-30 15:59:05.000000000 +0200 @@ -5356,11 +5356,11 @@ email (const char *to_address, const char *from_address, const char *subject, const char *body) { - int ret, content_fd, from_fd; + int ret, content_fd, to_fd; gchar *command, *content; GError *error = NULL; char content_file[] = "/tmp/openvasmd-content-XXXXXX"; - char from_file[] = "/tmp/openvasmd-from-XXXXXX"; + char to_file[] = "/tmp/openvasmd-to-XXXXXX"; content_fd = mkstemp (content_file); if (content_fd == -1) @@ -5393,28 +5393,28 @@ return -1; } - from_fd = mkstemp (from_file); - if (from_fd == -1) + to_fd = mkstemp (to_file); + if (to_fd == -1) { g_warning ("%s: mkstemp: %s\n", __FUNCTION__, strerror (errno)); close (content_fd); return -1; } - g_file_set_contents (from_file, from_address, strlen (from_address), &error); + g_file_set_contents (to_file, to_address, strlen (to_address), &error); if (error) { g_warning ("%s", error->message); g_error_free (error); close (content_fd); - close (from_fd); + close (to_fd); return -1; } command = g_strdup_printf ("xargs -a %s -I XXX" " /usr/sbin/sendmail XXX < %s" " > /dev/null 2>&1", - from_file, + to_file, content_file); tracef (" command: %s\n", command); @@ -5431,16 +5431,16 @@ command); g_free (command); close (content_fd); - close (from_fd); + close (to_fd); unlink (content_file); - unlink (from_file); + unlink (to_file); return -1; } g_free (command); close (content_fd); - close (from_fd); + close (to_fd); unlink (content_file); - unlink (from_file); + unlink (to_file); return 0; } @@ -6270,8 +6270,22 @@ { struct stat state; - stat (database ? database : OPENVAS_STATE_DIR "/mgr/tasks.db", &state); - if (state.st_mode & (S_IXUSR | S_IRWXG | S_IRWXO)) + int err; + + err = stat (database ? database : OPENVAS_STATE_DIR "/mgr/tasks.db", + &state); + if (err) + switch (errno) + { + case ENOENT: + break; + default: + g_warning ("%s: failed to stat database: %s\n", + __FUNCTION__, + strerror (errno)); + abort (); + } + else if (state.st_mode & (S_IXUSR | S_IRWXG | S_IRWXO)) { g_warning ("%s: database permissions are too loose, repairing\n", __FUNCTION__); @@ -11844,6 +11858,7 @@ PRINT (out, "<result_count>" + "%i" "<full>%i</full>" "<filtered>%i</filtered>" "<debug><full>%i</full><filtered>%i</filtered></debug>" @@ -11857,6 +11872,7 @@ "</false_positive>" "</result_count>", result_count, + result_count, filtered_result_count, debugs, (strchr (levels, 'd') ? f_debugs : 0), @@ -12061,12 +12077,10 @@ { iterator_t formats; const char *uuid_format; - char *uuid_report; gchar *script, *script_dir; /* Setup file names. */ - uuid_report = report_uuid (report); init_report_format_iterator (&formats, report_format, 1, NULL); if (next (&formats) == FALSE) { @@ -12157,10 +12171,22 @@ /* Call the script. */ + command = g_strdup_printf ("/bin/sh %s %s > %s" + " 2> /dev/null", + script, + xml_file, + output_file); + g_free (script); + + g_debug (" command: %s\n", command); + if (getuid () == 0) { + pid_t pid; struct passwd *nobody; + /* Run the command with lower privileges in a fork. */ + nobody = getpwnam ("nobody"); if ((nobody == NULL) || chown (xml_dir, nobody->pw_uid, nobody->pw_gid) @@ -12170,52 +12196,181 @@ __FUNCTION__, strerror (errno)); g_free (previous_dir); - g_free (script); + g_free (output_file); g_free (xml_file); if (extension) g_free (*extension); if (content_type) g_free (*content_type); return NULL; } + g_free (xml_file); + + pid = fork (); + switch (pid) + { + case 0: + { + /* Child. Drop privileges, run command, exit. */ + + /* Clear parent state, because these affect + * cleanup_manage_process. */ + current_scanner_task = 0; + current_report = 0; + + if (setgid (nobody->pw_gid)) + { + g_warning ("%s (child): setgid: %s\n", + __FUNCTION__, + strerror (errno)); + exit (EXIT_FAILURE); + } + if (setuid (nobody->pw_uid)) + { + g_warning ("%s (child): setuid: %s\n", + __FUNCTION__, + strerror (errno)); + exit (EXIT_FAILURE); + } + + /* RATS: ignore, command is defined above. */ + if (ret = system (command), + /** @todo ret is always -1. */ + 0 && ((ret) == -1 + || WEXITSTATUS (ret))) + { + g_warning ("%s (child):" + " system failed with ret %i, %i, %s\n", + __FUNCTION__, + ret, + WEXITSTATUS (ret), + command); + exit (EXIT_FAILURE); + } - command = g_strdup_printf ("/bin/sh -c \"su nobody" - " -c \\\"/bin/sh %s %s > %s" - " 2> /dev/null\\\"" - " > /dev/null 2>&1\"" - " > /dev/null 2>&1", - script, - xml_file, - output_file); + exit (EXIT_SUCCESS); + break; + } + + case -1: + /* Parent when error. */ + + g_warning ("%s: Failed to fork: %s\n", + __FUNCTION__, + strerror (errno)); + if (chdir (previous_dir)) + g_warning ("%s: and chdir failed\n", + __FUNCTION__); + g_free (previous_dir); + g_free (output_file); + g_free (command); + if (extension) g_free (*extension); + if (content_type) g_free (*content_type); + return NULL; + break; + + default: + { + int status; + + /* Parent on success. Wait for child, and check result. */ + + g_free (command); + + while (waitpid (pid, &status, 0) < 0) + { + if (errno == ECHILD) + { + g_warning ("%s: Failed to get child exit status", + __FUNCTION__); + if (chdir (previous_dir)) + g_warning ("%s: and chdir failed\n", + __FUNCTION__); + g_free (previous_dir); + g_free (output_file); + if (extension) g_free (*extension); + if (content_type) g_free (*content_type); + return NULL; + } + if (errno == EINTR) + continue; + g_warning ("%s: wait: %s", + __FUNCTION__, + strerror (errno)); + if (chdir (previous_dir)) + g_warning ("%s: and chdir failed\n", + __FUNCTION__); + g_free (previous_dir); + g_free (output_file); + if (extension) g_free (*extension); + if (content_type) g_free (*content_type); + return NULL; + } + if (WIFEXITED (status)) + switch (WEXITSTATUS (status)) + { + case EXIT_SUCCESS: + break; + case EXIT_FAILURE: + default: + g_warning ("%s: child failed, %s\n", + __FUNCTION__, + command); + if (chdir (previous_dir)) + g_warning ("%s: and chdir failed\n", + __FUNCTION__); + g_free (previous_dir); + g_free (output_file); + if (extension) g_free (*extension); + if (content_type) g_free (*content_type); + return NULL; + } + else + { + g_warning ("%s: child failed, %s\n", + __FUNCTION__, + command); + if (chdir (previous_dir)) + g_warning ("%s: and chdir failed\n", + __FUNCTION__); + g_free (previous_dir); + g_free (output_file); + if (extension) g_free (*extension); + if (content_type) g_free (*content_type); + return NULL; + } + + /* Child succeeded, continue to process result. */ + + break; + } + } } else - command = g_strdup_printf ("/bin/sh %s %s > %s" - " 2> /dev/null", - script, - xml_file, - output_file); - g_free (script); + { + /* Just run the command as the current user. */ - g_debug (" command: %s\n", command); + /* RATS: ignore, command is defined above. */ + if (ret = system (command), + /** @todo ret is always -1. */ + 0 && ((ret) == -1 + || WEXITSTATUS (ret))) + { + g_warning ("%s: system failed with ret %i, %i, %s\n", + __FUNCTION__, + ret, + WEXITSTATUS (ret), + command); + if (chdir (previous_dir)) + g_warning ("%s: and chdir failed\n", + __FUNCTION__); + g_free (previous_dir); + g_free (output_file); + g_free (command); + if (extension) g_free (*extension); + if (content_type) g_free (*content_type); + return NULL; + } - /* RATS: ignore, command is defined above. */ - if (ret = system (command), - /** @todo ret is always -1. */ - 0 && ((ret) == -1 - || WEXITSTATUS (ret))) - { - g_warning ("%s: system failed with ret %i, %i, %s\n", - __FUNCTION__, - ret, - WEXITSTATUS (ret), - command); - if (chdir (previous_dir)) - g_warning ("%s: and chdir failed\n", - __FUNCTION__); - g_free (previous_dir); g_free (command); - g_free (output_file); - if (extension) g_free (*extension); - if (content_type) g_free (*content_type); - return NULL; } { @@ -12223,8 +12378,6 @@ gchar *output; gsize output_len; - g_free (command); - /* Change back to the previous directory. */ if (chdir (previous_dir)) @@ -12233,7 +12386,7 @@ __FUNCTION__, strerror (errno)); g_free (previous_dir); - g_free (xml_file); + g_free (output_file); if (extension) g_free (*extension); if (content_type) g_free (*content_type); return NULL; @@ -12361,12 +12514,10 @@ { iterator_t formats; const char *uuid_format; - char *uuid_report; gchar *script, *script_dir; /* Setup file names. */ - uuid_report = report_uuid (report); init_report_format_iterator (&formats, report_format, 1, NULL); if (next (&formats) == FALSE) { @@ -12443,10 +12594,22 @@ /* Call the script. */ + command = g_strdup_printf ("/bin/sh %s %s > %s" + " 2> /dev/null", + script, + xml_file, + output_file); + g_free (script); + + g_debug (" command: %s\n", command); + if (getuid () == 0) { + pid_t pid; struct passwd *nobody; + /* Run the command with lower privileges in a fork. */ + nobody = getpwnam ("nobody"); if ((nobody == NULL) || chown (xml_dir, nobody->pw_uid, nobody->pw_gid) @@ -12456,57 +12619,176 @@ __FUNCTION__, strerror (errno)); g_free (previous_dir); - g_free (script); g_free (xml_file); + g_free (output_file); return -1; } - command = g_strdup_printf ("/bin/sh -c \"su nobody" - " -c \\\"/bin/sh %s %s > %s" - " 2> /dev/null\\\"" - " > /dev/null 2>&1\"" - " > /dev/null 2>&1", - script, - xml_file, - output_file); + g_free (xml_file); + + pid = fork (); + switch (pid) + { + case 0: + { + /* Child. Drop privileges, run command, exit. */ + + /* Clear parent state, because these affect + * cleanup_manage_process. */ + current_scanner_task = 0; + current_report = 0; + + if (setgid (nobody->pw_gid)) + { + g_warning ("%s (child): setgid: %s\n", + __FUNCTION__, + strerror (errno)); + exit (EXIT_FAILURE); + } + if (setuid (nobody->pw_uid)) + { + g_warning ("%s (child): setuid: %s\n", + __FUNCTION__, + strerror (errno)); + exit (EXIT_FAILURE); + } + + /* RATS: ignore, command is defined above. */ + if (ret = system (command), + /** @todo ret is always -1. */ + 0 && ((ret) == -1 + || WEXITSTATUS (ret))) + { + g_warning ("%s (child):" + " system failed with ret %i, %i, %s\n", + __FUNCTION__, + ret, + WEXITSTATUS (ret), + command); + exit (EXIT_FAILURE); + } + + exit (EXIT_SUCCESS); + break; + } + + case -1: + /* Parent when error. */ + + g_warning ("%s: Failed to fork: %s\n", + __FUNCTION__, + strerror (errno)); + if (chdir (previous_dir)) + g_warning ("%s: and chdir failed\n", + __FUNCTION__); + g_free (previous_dir); + g_free (output_file); + g_free (command); + return -1; + break; + + default: + { + int status; + + /* Parent on success. Wait for child, and check result. */ + + g_free (command); + + while (waitpid (pid, &status, 0) < 0) + { + if (errno == ECHILD) + { + g_warning ("%s: Failed to get child exit status", + __FUNCTION__); + if (chdir (previous_dir)) + g_warning ("%s: and chdir failed\n", + __FUNCTION__); + g_free (previous_dir); + g_free (output_file); + return -1; + } + if (errno == EINTR) + continue; + g_warning ("%s: wait: %s", + __FUNCTION__, + strerror (errno)); + if (chdir (previous_dir)) + g_warning ("%s: and chdir failed\n", + __FUNCTION__); + g_free (previous_dir); + g_free (output_file); + return -1; + } + if (WIFEXITED (status)) + switch (WEXITSTATUS (status)) + { + case EXIT_SUCCESS: + break; + case EXIT_FAILURE: + default: + g_warning ("%s: child failed, %s\n", + __FUNCTION__, + command); + if (chdir (previous_dir)) + g_warning ("%s: and chdir failed\n", + __FUNCTION__); + g_free (previous_dir); + g_free (output_file); + return -1; + } + else + { + g_warning ("%s: child failed, %s\n", + __FUNCTION__, + command); + if (chdir (previous_dir)) + g_warning ("%s: and chdir failed\n", + __FUNCTION__); + g_free (previous_dir); + g_free (output_file); + return -1; + } + + /* Child succeeded, continue to process result. */ + + break; + } + } } else - command = g_strdup_printf ("/bin/sh %s %s > %s" - " 2> /dev/null", - script, - xml_file, - output_file); - g_free (script); - g_free (xml_file); + { + /* Just run the command as the current user. */ - g_debug (" command: %s\n", command); + g_free (xml_file); + + /* RATS: ignore, command is defined above. */ + if (ret = system (command), + /** @todo ret is always -1. */ + 0 && ((ret) == -1 + || WEXITSTATUS (ret))) + { + g_warning ("%s: system failed with ret %i, %i, %s\n", + __FUNCTION__, + ret, + WEXITSTATUS (ret), + command); + if (chdir (previous_dir)) + g_warning ("%s: and chdir failed\n", + __FUNCTION__); + g_free (previous_dir); + g_free (command); + g_free (output_file); + return -1; + } - /* RATS: ignore, command is defined above. */ - if (ret = system (command), - /** @todo ret is always -1. */ - 0 && ((ret) == -1 - || WEXITSTATUS (ret))) - { - g_warning ("%s: system failed with ret %i, %i, %s\n", - __FUNCTION__, - ret, - WEXITSTATUS (ret), - command); - if (chdir (previous_dir)) - g_warning ("%s: and chdir failed\n", - __FUNCTION__); - g_free (previous_dir); g_free (command); - g_free (output_file); - return -1; } { char chunk[MANAGE_SEND_REPORT_CHUNK_SIZE + 1]; FILE *stream; - g_free (command); - /* Change back to the previous directory. */ if (chdir (previous_dir)) @@ -21061,7 +21343,7 @@ { struct tm broken1, *broken2; int same_year, same_month, same_day, same_hour, same_minute, same_second; - int year1_less, month1_less, day1_less, hour1_less, minute1_less; + int month1_less, day1_less, hour1_less, minute1_less; int second1_less; assert (time1 < time2); @@ -21076,7 +21358,6 @@ same_minute = (broken1.tm_min == broken2->tm_min); same_second = (broken1.tm_sec == broken2->tm_sec); - year1_less = (broken1.tm_year < broken2->tm_year); month1_less = (broken1.tm_mon < broken2->tm_mon); day1_less = (broken1.tm_mday < broken2->tm_mday); hour1_less = (broken1.tm_hour < broken2->tm_hour); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.3/src/omp.c new/openvas-manager-2.0.4/src/omp.c --- old/openvas-manager-2.0.3/src/omp.c 2011-04-15 15:30:03.000000000 +0200 +++ new/openvas-manager-2.0.4/src/omp.c 2011-05-30 15:59:05.000000000 +0200 @@ -10092,7 +10092,7 @@ } else { - int fail = 0, first = 1; + int fail = 0; /** @todo It'd probably be better to allow only one * modification at a time, that is, one parameter or one of @@ -10115,8 +10115,6 @@ "Task %s could not be modified", modify_task_data->task_id); } - else - first = 0; } if (fail == 0 && modify_task_data->name) @@ -10133,8 +10131,6 @@ "Task %s could not be modified", modify_task_data->task_id); } - else - first = 0; } if (fail == 0 && modify_task_data->comment) @@ -10151,8 +10147,6 @@ "Task %s could not be modified", modify_task_data->task_id); } - else - first = 0; } if (fail == 0 && modify_task_data->escalator_id) @@ -10162,7 +10156,6 @@ if (strcmp (modify_task_data->escalator_id, "0") == 0) { set_task_escalator (task, 0); - first = 0; } else if ((fail = find_escalator (modify_task_data->escalator_id, @@ -10186,7 +10179,6 @@ else { set_task_escalator (task, escalator); - first = 0; } } @@ -10197,7 +10189,6 @@ if (strcmp (modify_task_data->schedule_id, "0") == 0) { set_task_schedule (task, 0); - first = 0; } else if ((fail = find_schedule (modify_task_data->schedule_id, @@ -10221,7 +10212,6 @@ else { set_task_schedule (task, schedule); - first = 0; } } @@ -10232,7 +10222,6 @@ if (strcmp (modify_task_data->slave_id, "0") == 0) { set_task_slave (task, 0); - first = 0; } else if ((fail = find_slave (modify_task_data->slave_id, @@ -10256,13 +10245,11 @@ else { set_task_slave (task, slave); - first = 0; } } if (fail == 0) { - assert (first == 0); g_log ("event task", G_LOG_LEVEL_MESSAGE, "Task %s has been modified", modify_task_data->task_id); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.3/src/schema_formats/XML/OMP.xml new/openvas-manager-2.0.4/src/schema_formats/XML/OMP.xml --- old/openvas-manager-2.0.3/src/schema_formats/XML/OMP.xml 2011-04-15 15:30:00.000000000 +0200 +++ new/openvas-manager-2.0.4/src/schema_formats/XML/OMP.xml 2011-05-30 15:59:05.000000000 +0200 @@ -4851,7 +4851,15 @@ </ele> <ele> <name>result_count</name> + <summary>Counts of results produced by scan</summary> + <description> + <p> + The text contains the full count -- the total number of results + produced by scan. + </p> + </description> <pattern> + text <e>full</e> <e>filtered</e> <e>debug</e> ++++++ openvas-manager.dsc ++++++ --- /var/tmp/diff_new_pack.yCnJWS/_old 2011-06-06 13:35:43.000000000 +0200 +++ /var/tmp/diff_new_pack.yCnJWS/_new 2011-06-06 13:35:43.000000000 +0200 @@ -2,12 +2,12 @@ Source: openvas-manager Binary: openvas-manager Architecture: any -Version: 2.0.3-1 +Version: 2.0.4-1 Maintainer: Stephan Kleine <[email protected]> Homepage: http://www.openvas.org/ Standards-Version: 3.8.0 Build-Depends: debhelper (>= 5), cmake, doxygen, dpatch, hardening-wrapper, libopenvas4-dev, libsqlite3-dev, pkg-config Files: - 776ce4e1000137c9aec7863372c8c876 373800 openvas-manager-2.0.3.orig.tar.gz - 131e6720b0526ade9405eade0d9150ac 56625 openvas-manager-2.0.3.diff.gz + 776ce4e1000137c9aec7863372c8c876 373800 openvas-manager-2.0.4.orig.tar.gz + 131e6720b0526ade9405eade0d9150ac 56625 openvas-manager-2.0.4.diff.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
