Re: [Openvas-discuss] Report format issue
I'm about at the end of my knowledge and am sure I'm missing something right in front of my face while trying to set up a new report format. I have set up keys on our Openvas server (as per http://www.openvas.org/trusted-nvts.html) created a new report format, grabbed the create_report_import from SVN and modified as seen below, ran it and uploaded the results as a new report, activated it with omp and everything seems fine, except openvas refuses to trust the report... Did you put the .asc file in your var/lib/openvas/plugins/report_formats directory? -- Greenbone Networks GmbH Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Report format issue
No change... #cp 039b4fe2-99ab-11e3-a53b-005056b800a5.asc /var/lib/openvas/plugins/report_formats/ #omp -X 'modify_report_format report_format_id=039b4fe2-99ab-11e3-a53b-005056b800a5active1/active/modify_report_format' modify_report_format_response status=200 status_text=OK/modify_report_format_response #omp -X 'verify_report_format report_format_id=039b4fe2-99ab-11e3-a53b-005056b800a5 /' verify_report_format_response status=200 status_text=OK/verify_report_format_response ...yet in the frontend it shows 'Trust (Last Verified): no (Feb 19 2014)' On Wed, Feb 19, 2014 at 6:23 PM, Matthew Mundell matthew.mund...@greenbone.net wrote: I'm about at the end of my knowledge and am sure I'm missing something right in front of my face while trying to set up a new report format. I have set up keys on our Openvas server (as per http://www.openvas.org/trusted-nvts.html) created a new report format, grabbed the create_report_import from SVN and modified as seen below, ran it and uploaded the results as a new report, activated it with omp and everything seems fine, except openvas refuses to trust the report... Did you put the .asc file in your var/lib/openvas/plugins/report_formats directory? -- Greenbone Networks GmbH Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner -- Greg Etling getl...@stern.nyu.edu getl...@stern.nyu.eduSystems Administrator Stern IT Enterprise Operations NYU Stern School of Business ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Report format issue
Is the clock on the machine skewed? Sent from a computer On Feb 19, 2014, at 4:34 PM, Greg Etling getl...@stern.nyu.edu wrote: No change... #cp 039b4fe2-99ab-11e3-a53b-005056b800a5.asc /var/lib/openvas/plugins/report_formats/ #omp -X 'modify_report_format report_format_id=039b4fe2-99ab-11e3-a53b-005056b800a5active1/active/modify_report_format' modify_report_format_response status=200 status_text=OK/modify_report_format_response #omp -X 'verify_report_format report_format_id=039b4fe2-99ab-11e3-a53b-005056b800a5 /' verify_report_format_response status=200 status_text=OK/verify_report_format_response ...yet in the frontend it shows 'Trust (Last Verified): no (Feb 19 2014)' On Wed, Feb 19, 2014 at 6:23 PM, Matthew Mundell matthew.mund...@greenbone.net wrote: I'm about at the end of my knowledge and am sure I'm missing something right in front of my face while trying to set up a new report format. I have set up keys on our Openvas server (as per http://www.openvas.org/trusted-nvts.html) created a new report format, grabbed the create_report_import from SVN and modified as seen below, ran it and uploaded the results as a new report, activated it with omp and everything seems fine, except openvas refuses to trust the report... Did you put the .asc file in your var/lib/openvas/plugins/report_formats directory? -- Greenbone Networks GmbH Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner -- Greg Etling getl...@stern.nyu.edu Systems Administrator Stern IT Enterprise Operations NYU Stern School of Business ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Report format issue
Nope. NTP synced, confirmed with the 'date' command. On Wed, Feb 19, 2014 at 5:48 PM, Brandon Perry bperry.volat...@gmail.comwrote: Is the clock on the machine skewed? Sent from a computer On Feb 19, 2014, at 4:34 PM, Greg Etling getl...@stern.nyu.edu wrote: No change... #cp 039b4fe2-99ab-11e3-a53b-005056b800a5.asc /var/lib/openvas/plugins/report_formats/ #omp -X 'modify_report_format report_format_id=039b4fe2-99ab-11e3-a53b-005056b800a5active1/active/modify_report_format' modify_report_format_response status=200 status_text=OK/modify_report_format_response #omp -X 'verify_report_format report_format_id=039b4fe2-99ab-11e3-a53b-005056b800a5 /' verify_report_format_response status=200 status_text=OK/verify_report_format_response ...yet in the frontend it shows 'Trust (Last Verified): no (Feb 19 2014)' On Wed, Feb 19, 2014 at 6:23 PM, Matthew Mundell matthew.mund...@greenbone.net wrote: I'm about at the end of my knowledge and am sure I'm missing something right in front of my face while trying to set up a new report format. I have set up keys on our Openvas server (as per http://www.openvas.org/trusted-nvts.html) created a new report format, grabbed the create_report_import from SVN and modified as seen below, ran it and uploaded the results as a new report, activated it with omp and everything seems fine, except openvas refuses to trust the report... Did you put the .asc file in your var/lib/openvas/plugins/report_formats directory? -- Greenbone Networks GmbH Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner -- Greg Etling getl...@stern.nyu.edu getl...@stern.nyu.eduSystems Administrator Stern IT Enterprise Operations NYU Stern School of Business ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss -- Greg Etling getl...@stern.nyu.edu getl...@stern.nyu.eduSystems Administrator Stern IT Enterprise Operations NYU Stern School of Business ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Report format issue
Definitely somewhere in the signing/keychain process. Found the debug logging items... From the log: md main: DEBUG:2014-02-19 19h10.12 EST:23632: verify_signature: Spawning in /tmp/: gpg --batch --quiet --no-tty --verify /tmp/openvasmd-signature-Si6E8L /tmp/openvasmd-installer-Or28Z0 Which I tried to run as root, and ran into two issues: #gpg --verify /tmp/openvasmd-signature-Si6E8L /tmp/openvasmd-installer-Or28Z0 gpg: Signature made Wed 19 Feb 2014 04:15:53 PM EST using RSA key ID XX gpg: Can't check signature: No public key #gpg --homedir=/etc/openvas/gnupg --verify /tmp/openvasmd-signature-Si6E8L /tmp/openvasmd-installer-Or28Z0 gpg: Signature made Wed 19 Feb 2014 04:15:53 PM EST using RSA key ID XX gpg: BAD signature from openvas-signer So A) I need to ensure the openvasmd process is using the same keychain as I'm expecting (is that set somewhere? /etc/sysconfig/openvas-manager?) and B) Fix the signature (I feel like there's something wrong with my create_report_import copied in my original email)... In the meantime I'll start looking at those temp files to see if I can glean where I went wrong on the signature... On Wed, Feb 19, 2014 at 6:21 PM, Greg Etling getl...@stern.nyu.edu wrote: Nope. NTP synced, confirmed with the 'date' command. On Wed, Feb 19, 2014 at 5:48 PM, Brandon Perry bperry.volat...@gmail.comwrote: Is the clock on the machine skewed? Sent from a computer On Feb 19, 2014, at 4:34 PM, Greg Etling getl...@stern.nyu.edu wrote: No change... #cp 039b4fe2-99ab-11e3-a53b-005056b800a5.asc /var/lib/openvas/plugins/report_formats/ #omp -X 'modify_report_format report_format_id=039b4fe2-99ab-11e3-a53b-005056b800a5active1/active/modify_report_format' modify_report_format_response status=200 status_text=OK/modify_report_format_response #omp -X 'verify_report_format report_format_id=039b4fe2-99ab-11e3-a53b-005056b800a5 /' verify_report_format_response status=200 status_text=OK/verify_report_format_response ...yet in the frontend it shows 'Trust (Last Verified): no (Feb 19 2014)' On Wed, Feb 19, 2014 at 6:23 PM, Matthew Mundell matthew.mund...@greenbone.net wrote: I'm about at the end of my knowledge and am sure I'm missing something right in front of my face while trying to set up a new report format. I have set up keys on our Openvas server (as per http://www.openvas.org/trusted-nvts.html) created a new report format, grabbed the create_report_import from SVN and modified as seen below, ran it and uploaded the results as a new report, activated it with omp and everything seems fine, except openvas refuses to trust the report... Did you put the .asc file in your var/lib/openvas/plugins/report_formats directory? -- Greenbone Networks GmbH Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner -- Greg Etling getl...@stern.nyu.edu getl...@stern.nyu.eduSystems Administrator Stern IT Enterprise Operations NYU Stern School of Business ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss -- Greg Etling getl...@stern.nyu.edu getl...@stern.nyu.eduSystems Administrator Stern IT Enterprise Operations NYU Stern School of Business -- Greg Etling getl...@stern.nyu.edu getl...@stern.nyu.eduSystems Administrator Stern IT Enterprise Operations NYU Stern School of Business ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Report format issue
Hi Greg,
I believe the beginning of your ${UUID} file is incorrect for the
current version of OpenVAS.
${UUID}${NAME}${EXTENSION}${CONTENT_TYPE}${SUMMARY}${DESCRIPTION}0 seems
to still be the format used with OpenVAS 4, as of OpenVAS 5 it was
changed to ${UUID}${EXTENSION}${CONTENT_TYPE}0
I attached the create_report_import.sh we use for one of our custom
reports, heope that helps you out. I remember having fun digging through
the debugging and temp files when that changed ;-)
Regards,
Ryan
---
On 2/19/2014 3:28 PM, Greg Etling wrote:
I'm about at the end of my knowledge and am sure I'm missing something
right in front of my face while trying to set up a new report format.
I have set up keys on our Openvas server (as per
http://www.openvas.org/trusted-nvts.html) created a new report format,
grabbed the create_report_import from SVN and modified as seen below,
ran it and uploaded the results as a new report, activated it with omp
and everything seems fine, except openvas refuses to trust the report...
I'm thinking its somewhere in the signing process that I am going
wrong, because gpg will verify (gpg --homedir=/etc/openvas/gnupg
--verify ${UUID}.asc ${UUID}) as created...but that signing procedure
seems off to me, I'm just not sure how.
---
NAME=PDF Detailed Report
UUID=`uuid`
EXTENSION=pdf
CONTENT_TYPE=application/pdf
SUMMARY=Customized PDF report to replace default
DESCRIPTION=Customized scan PDF report.
# Names must be in alphabetical order.
FNAME1=generate
FILE1=`base64 -w 0 generate`
FNAME2=latex.xsl
FILE2=`base64 -w 0 latex.xsl`
echo
${UUID}${NAME}${EXTENSION}${CONTENT_TYPE}${SUMMARY}${DESCRIPTION}0${FNAME1}${FILE1}${FNAME2}${FILE2}
${UUID}
gpg --homedir=/etc/openvas/gnupg --detach-sign --armor ${UUID}
rm ${UUID}
echo -n 'get_report_formats_response status=200
status_text=OKreport_format
id='$UUID'name'$NAME'/nameextension'$EXTENSION'/extensioncontent_type'$CONTENT_TYPE'/content_typesummary'$SUMMARY'/summarydescription'$DESCRIPTION'/descriptionfile
name='$FNAME1''$FILE1'/filefile
name='$FNAME2''$FILE2'/filesignature' custom_detail_pdf.xml
cat ${UUID}.asc custom_detail_pdf.xml
echo '/signature/report_format/get_report_formats_response'
custom_detail_pdf.xml
---
I'm grateful for any and all input that might help. Thanks,
Greg
--
Greg Etling
getl...@stern.nyu.edu mailto:getl...@stern.nyu.edu
Systems Administrator
Stern IT Enterprise Operations
NYU Stern School of Business
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
#!/bin/bash
#---
# Some basic information about the report
#---
NAME='HTML Plus'
EXTENSION='html'
CONTENT_TYPE='text/html'
SUMMARY='Extended HTML'
DESCRIPTION=Generate a nice HTML output better suited for stand-alone viewing
on wide monitors, uses some javascript and adds host information
# Files to include, add everything required to generate the report
FILELIST=generate extended-html.xsl fetch_ip_info.sh
# this is the file you will want to import into OpenVAS
IMPORTFILE=extended-html.xml
gpgopts='--homedir=/etc/openvas/gnupg'
#---
# base64 and xml voodoo happens here
#---
UUID=$(uuid)
{
# OpenVAS 4:
# echo -n
${UUID}${NAME}${EXTENSION}${CONTENT_TYPE}${SUMMARY}${DESCRIPTION}0
# OpenVAS 5:
echo -n ${UUID}${EXTENSION}${CONTENT_TYPE}0
for FILE in $(ls -1 ${FILELIST})
do
echo -n ${FILE}$(base64 -w 0 ${FILE})
done
echo
} ${UUID}
gpg ${gpgopts} --detach-sign --armor ${UUID}
{
echo -n 'get_report_formats_response status=200
status_text=OKreport_format
id='$UUID'name'$NAME'/nameextension'$EXTENSION'/extensioncontent_type'$CONTENT_TYPE'/content_typesummary'$SUMMARY'/summarydescription'$DESCRIPTION'/descriptionglobal0/global'
for FILE in $(ls -1 ${FILELIST})
do
echo -n file name=\${FILE}\$(base64 -w 0 ${FILE})/file
done
echo -n 'signature'
cat ${UUID}.asc
echo -n '/signature'
echo '/report_format/get_report_formats_response'
} ${IMPORTFILE}
gpg ${gpgopts} --verify ${UUID}.asc ${UUID}
rm ${UUID} ${UUID}.asc
smime.p7s
Description: S/MIME Cryptographic Signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Report format issue
Another thing I just though of that may or may not apply to you: check
if the certificate used to sign the report is trusted on the openvas
server (gpg --homedir=/etc/openvas/gnupg/ --check-sigs ; gpg
--homedir=/etc/openvas/gnupg/ --lsign KEY_ID ). Depends on where you are
signing the report and which key you are using for that.
and the content of create_report_import.sh from my last email since I
foolishly added it as an attachment and not inline
#!/bin/bash
#---
# Some basic information about the report
#---
NAME='HTML Plus'
EXTENSION='html'
CONTENT_TYPE='text/html'
SUMMARY='Extended HTML'
DESCRIPTION=Generate a nice HTML output better suited for stand-alone
viewing on wide monitors, uses some javascript and adds host information
# Files to include, add everything required to generate the report
FILELIST=generate extended-html.xsl fetch_ip_info.sh
# this is the file you will want to import into OpenVAS
IMPORTFILE=extended-html.xml
gpgopts='--homedir=/etc/openvas/gnupg'
#---
# base64 and xml voodoo happens here
#---
UUID=$(uuid)
{
# OpenVAS 4:
#echo -n
${UUID}${NAME}${EXTENSION}${CONTENT_TYPE}${SUMMARY}${DESCRIPTION}0
# OpenVAS 5:
echo -n ${UUID}${EXTENSION}${CONTENT_TYPE}0
for FILE in $(ls -1 ${FILELIST})
do
echo -n ${FILE}$(base64 -w 0 ${FILE})
done
echo
} ${UUID}
gpg ${gpgopts} --detach-sign --armor ${UUID}
{
echo -n 'get_report_formats_response status=200
status_text=OKreport_format
id='$UUID'name'$NAME'/nameextension'$EXTENSION'/extensioncontent_type'$CONTENT_TYPE'/content_typesummary'$SUMMARY'/summarydescription'$DESCRIPTION'/descriptionglobal0/global'
for FILE in $(ls -1 ${FILELIST})
do
echo -n file name=\${FILE}\$(base64 -w 0 ${FILE})/file
done
echo -n 'signature'
cat ${UUID}.asc
echo -n '/signature'
echo '/report_format/get_report_formats_response'
} ${IMPORTFILE}
gpg ${gpgopts} --verify ${UUID}.asc ${UUID}
rm ${UUID} ${UUID}.asc
On 2/19/2014 6:35 PM, Ryan Schulze wrote:
Hi Greg,
I believe the beginning of your ${UUID} file is incorrect for the
current version of OpenVAS.
${UUID}${NAME}${EXTENSION}${CONTENT_TYPE}${SUMMARY}${DESCRIPTION}0
seems to still be the format used with OpenVAS 4, as of OpenVAS 5 it
was changed to ${UUID}${EXTENSION}${CONTENT_TYPE}0
I attached the create_report_import.sh we use for one of our custom
reports, heope that helps you out. I remember having fun digging
through the debugging and temp files when that changed ;-)
Regards,
Ryan
---
On 2/19/2014 3:28 PM, Greg Etling wrote:
I'm about at the end of my knowledge and am sure I'm missing
something right in front of my face while trying to set up a new
report format.
I have set up keys on our Openvas server (as per
http://www.openvas.org/trusted-nvts.html) created a new report
format, grabbed the create_report_import from SVN and modified as
seen below, ran it and uploaded the results as a new report,
activated it with omp and everything seems fine, except openvas
refuses to trust the report...
I'm thinking its somewhere in the signing process that I am going
wrong, because gpg will verify (gpg --homedir=/etc/openvas/gnupg
--verify ${UUID}.asc ${UUID}) as created...but that signing procedure
seems off to me, I'm just not sure how.
---
NAME=PDF Detailed Report
UUID=`uuid`
EXTENSION=pdf
CONTENT_TYPE=application/pdf
SUMMARY=Customized PDF report to replace default
DESCRIPTION=Customized scan PDF report.
# Names must be in alphabetical order.
FNAME1=generate
FILE1=`base64 -w 0 generate`
FNAME2=latex.xsl
FILE2=`base64 -w 0 latex.xsl`
echo
${UUID}${NAME}${EXTENSION}${CONTENT_TYPE}${SUMMARY}${DESCRIPTION}0${FNAME1}${FILE1}${FNAME2}${FILE2}
${UUID}
gpg --homedir=/etc/openvas/gnupg --detach-sign --armor ${UUID}
rm ${UUID}
echo -n 'get_report_formats_response status=200
status_text=OKreport_format
id='$UUID'name'$NAME'/nameextension'$EXTENSION'/extensioncontent_type'$CONTENT_TYPE'/content_typesummary'$SUMMARY'/summarydescription'$DESCRIPTION'/descriptionfile
name='$FNAME1''$FILE1'/filefile
name='$FNAME2''$FILE2'/filesignature' custom_detail_pdf.xml
cat ${UUID}.asc custom_detail_pdf.xml
echo '/signature/report_format/get_report_formats_response'
custom_detail_pdf.xml
---
I'm grateful for any and all input that might help. Thanks,
Greg
--
Greg Etling
getl...@stern.nyu.edu mailto:getl...@stern.nyu.edu
Systems Administrator
Stern IT Enterprise Operations
NYU Stern School of Business
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Report format issue
Funny, turns out I had already made that change in the current version I
was using (I copied and pasted from a local copy that was out of sync).
However, the trust is fixed now. Not entirely sure what I did, but I'm
guessing it may have had to do with changing the 'global' parameter to 0,
and removing some additional info I tried to shoehorn into the XML?
Now to figure out (tomorrow) why it generated an empty PDF.
Thanks for all your help!
On Wed, Feb 19, 2014 at 7:48 PM, Ryan Schulze r...@dopefish.de wrote:
Another thing I just though of that may or may not apply to you: check if
the certificate used to sign the report is trusted on the openvas server
(gpg --homedir=/etc/openvas/gnupg/ --check-sigs ; gpg
--homedir=/etc/openvas/gnupg/ --lsign KEY_ID ). Depends on where you are
signing the report and which key you are using for that.
and the content of create_report_import.sh from my last email since I
foolishly added it as an attachment and not inline
#!/bin/bash
#---
# Some basic information about the report
#---
NAME='HTML Plus'
EXTENSION='html'
CONTENT_TYPE='text/html'
SUMMARY='Extended HTML'
DESCRIPTION=Generate a nice HTML output better suited for stand-alone
viewing on wide monitors, uses some javascript and adds host information
# Files to include, add everything required to generate the report
FILELIST=generate extended-html.xsl fetch_ip_info.sh
# this is the file you will want to import into OpenVAS
IMPORTFILE=extended-html.xml
gpgopts='--homedir=/etc/openvas/gnupg'
#---
# base64 and xml voodoo happens here
#---
UUID=$(uuid)
{
# OpenVAS 4:
#echo -n
${UUID}${NAME}${EXTENSION}${CONTENT_TYPE}${SUMMARY}${DESCRIPTION}0
# OpenVAS 5:
echo -n ${UUID}${EXTENSION}${CONTENT_TYPE}0
for FILE in $(ls -1 ${FILELIST})
do
echo -n ${FILE}$(base64 -w 0 ${FILE})
done
echo
} ${UUID}
gpg ${gpgopts} --detach-sign --armor ${UUID}
{
echo -n 'get_report_formats_response status=200
status_text=OKreport_format
id='$UUID'name'$NAME'/nameextension'$EXTENSION'/extensioncontent_type'$CONTENT_TYPE'/content_typesummary'$SUMMARY'/summarydescription'$DESCRIPTION'/descriptionglobal0/global'
for FILE in $(ls -1 ${FILELIST})
do
echo -n file name=\${FILE}\$(base64 -w 0 ${FILE})/file
done
echo -n 'signature'
cat ${UUID}.asc
echo -n '/signature'
echo '/report_format/get_report_formats_response'
} ${IMPORTFILE}
gpg ${gpgopts} --verify ${UUID}.asc ${UUID}
rm ${UUID} ${UUID}.asc
On 2/19/2014 6:35 PM, Ryan Schulze wrote:
Hi Greg,
I believe the beginning of your ${UUID} file is incorrect for the current
version of OpenVAS.
${UUID}${NAME}${EXTENSION}${CONTENT_TYPE}${SUMMARY}${DESCRIPTION}0 seems
to still be the format used with OpenVAS 4, as of OpenVAS 5 it was changed
to ${UUID}${EXTENSION}${CONTENT_TYPE}0
I attached the create_report_import.sh we use for one of our custom
reports, heope that helps you out. I remember having fun digging through
the debugging and temp files when that changed ;-)
Regards,
Ryan
---
On 2/19/2014 3:28 PM, Greg Etling wrote:
I'm about at the end of my knowledge and am sure I'm missing something
right in front of my face while trying to set up a new report format.
I have set up keys on our Openvas server (as per
http://www.openvas.org/trusted-nvts.html) created a new report format,
grabbed the create_report_import from SVN and modified as seen below, ran
it and uploaded the results as a new report, activated it with omp and
everything seems fine, except openvas refuses to trust the report...
I'm thinking its somewhere in the signing process that I am going wrong,
because gpg will verify (gpg --homedir=/etc/openvas/gnupg
--verify ${UUID}.asc ${UUID}) as created...but that signing procedure seems
off to me, I'm just not sure how.
---
NAME=PDF Detailed Report
UUID=`uuid`
EXTENSION=pdf
CONTENT_TYPE=application/pdf
SUMMARY=Customized PDF report to replace default
DESCRIPTION=Customized scan PDF report.
# Names must be in alphabetical order.
FNAME1=generate
FILE1=`base64 -w 0 generate`
FNAME2=latex.xsl
FILE2=`base64 -w 0 latex.xsl`
echo
${UUID}${NAME}${EXTENSION}${CONTENT_TYPE}${SUMMARY}${DESCRIPTION}0${FNAME1}${FILE1}${FNAME2}${FILE2}
${UUID}
gpg --homedir=/etc/openvas/gnupg --detach-sign --armor ${UUID}
rm ${UUID}
echo -n 'get_report_formats_response status=200
status_text=OKreport_format
id='$UUID'name'$NAME'/nameextension'$EXTENSION'/extensioncontent_type'$CONTENT_TYPE'/content_typesummary'$SUMMARY'/summarydescription'$DESCRIPTION'/descriptionfile
name='$FNAME1''$FILE1'/filefile
