Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Move alive detection (Boreas) to gvm-libs #346

Merged
merged 87 commits into from
Jun 8, 2020
Merged

Move alive detection (Boreas) to gvm-libs #346

merged 87 commits into from
Jun 8, 2020

Conversation

ArnoStiefvater
Copy link
Member

Move alive detection module Boreas into gvm-libs.

Checklist:

ArnoStiefvater and others added 30 commits February 26, 2020 19:45
@ArnoStiefvater
rename file
8db4c2b
@ArnoStiefvater
add license header
751616a
@ArnoStiefvater
add license header
1ef4cc9
@ArnoStiefvater
add alive_test_consider_alive
9f56bc3 
All hosts are put on queue of alive hosts even though they might actually be dead.
@ArnoStiefvater
use appropriate logging functions
981f1ce
@ArnoStiefvater
abort scan if no valid alive test was specified
bb8d61d
@ArnoStiefvater
do not raise SIGPIPE
f098d0d 
We do not handle SIGPIPE via signal handler.
EPIPE error is still returned. This way the program does not crash
on SIGPIPE signal.
@ArnoStiefvater
add max_scan_hosts and max_alive_hosts scan restrictions
7c3b808 
If max_scan_hosts number of alive hosts are reached no more alive
hosts are put on the alive detection queue. Instead the finish
signal is put on the queue.

If max_alive_hosts number of alive hosts are identified no more
alive hosts are identified and the sending of new pings is stopped.

If max_scan_hosts is reached we continue scanning for alive hosts
until max_alive_hosts was reached or no more hosts to scan.
@ArnoStiefvater
add max_scan_hosts and max_alive_hosts scan restrictions
ed9fb98 
If max_scan_hosts number of alive hosts are reached no more alive
hosts are put on the alive detection queue. Instead the finish
signal is put on the queue.

If max_alive_hosts number of alive hosts are identified no more
alive hosts are identified and the sending of new pings is stopped.

If max_scan_hosts is reached we continue scanning for alive hosts
until max_alive_hosts was reached or no more hosts to scan.
@ArnoStiefvater
send message about dead hosts to ospd-openvas
e1c69f3 
At the end of the alive detection send all the dead hosts in
chunks of 1000 hosts to ospd-openvas. ospd-openvas needs this
information for calculating the progress bar in gsa.
@ArnoStiefvater
delete arp related data from scanner struct
60a57f7 
We only use the src_mac, dst_max and sourcearpv4 variables in one function and the values always stay the same.
So we delete them from the scanner struct and make them static in the function they are used in.
@ArnoStiefvater
send all not vuln scanned hosts to ospd-openvas
c5791dd 
Previously only dead hosts were sent to ospd-openvas for calculating the progress bar.
Now dead hosts plus the hosts which are alive but were not vuln scanned by openvas are
included in the list of dead hosts to be sent to ospd-openvas as well.
Alive hosts may not be vuln scanned if max_scan_hosts is reached.
@ArnoStiefvater
do not use non blocking mode
e3a41e0 
Non blocking mode uses too much CPU. Documentation states non blocking
mode should not be used with pcap_loop().

When blocking mode is used pcap_breakloop() may not work as expected anymore.
Therefore the thread is canceled and joined afterwards.
@ArnoStiefvater
wait for sniffer thread to start up
0727b32 
Use conditional variable to signal the start of the sniffer thread.
@ArnoStiefvater
stop waiting for hosts on stop_scan command
308ee24 
We wait in a loop for new hosts. Every iteration the scan_status is
checked. If the scan was stopped we stop waiting for new hosts.
This way we won't get stuck in a waiting loop if we want to stop openvas.
@ArnoStiefvater
stop waiting for hosts on stop_scan command
ca3e3d7 
We wait in a loop for new hosts. Every iteration the scan_status is
checked. If the scan was stopped we stop waiting for new hosts.
This way we won't get stuck in a waiting loop if we want to stop openvas.
@ArnoStiefvater
use pthread clean-up handlers
7f434bc 
Set up 2 clean-up handlers. One for putting the finish signal
(a string) on the alive detection queue and one for freeing all
used resources and closing all socket.
Also make sure that the finish signal is only put once on the
alive detection queue.
@cfi-gb @ArnoStiefvater
Fix various typos.
1438cc2
@ArnoStiefvater
use target port lists
7c0761e 
Do not use hard coded port lists anymore.
@ArnoStiefvater
fix typo
8d7e796 
Fix typo in xml string and delete wrong debug message.
@ArnoStiefvater
log level
b04c79c
@ArnoStiefvater
Only use limited number of ports
ac306f2 
Only use ports 80, 137, 587, 3128, 8081 for alive detection.
Use global port range as fallback.
@jjnicola @ArnoStiefvater
Add log domain for alive detection. Also, set the defaul log level to…
7cd702a 
… 16 (warning).
@jjnicola @ArnoStiefvater
Use the function instead of accessing the global variable.
af58861
@janowagner @ArnoStiefvater
Fix formatting.
8b59e7e
@ArnoStiefvater
Add error type for Boreas
155a86f 
Add error type for Boreas and make minor changes to documentation.
@ArnoStiefvater
Better error handling and more
102b9ab 
Exit Boreas if invalid alive detection method was supplied.
Exit Boreas if initialisation of sockets was erroneous.
Only initialise sockets we need and not all types.
Remove some extensive logging.
@ArnoStiefvater
Add tests
9c8fee2 
Add tests for set_all_needed_sockets() and set_socket().
@ArnoStiefvater
Improve cleanup
e1a4c00 
Only close sockets which where opened. Previously all possible
sockets were opened and needed to be closed. Now only the needed
sockets are opened so we only need to close those.
Add boreas_error_t for clean up error.
@ArnoStiefvater
Improve cleanup
f1bc1d6 
Only close sockets which where opened. Previously all possible
sockets were opened and needed to be closed. Now only the needed
sockets are opened so we only need to close those.
Add boreas_error_t for clean up error.
@ArnoStiefvater
Add udpv6 socket
acf0ba4 
This socket is later to be used for getting the
source addr for a given destination addr.
@ArnoStiefvater
Add function for getting src addr to IPv6 dst
331d788
@ArnoStiefvater
Use new function for getting src addr
8ab0d86
@ArnoStiefvater
Add test for get_source_addr_v6
084abea
@ArnoStiefvater
Delete unused members of scanner struct
da4fe28
@ArnoStiefvater
Do not send ping if no src addr found
6583dcb
@ArnoStiefvater
Use alternative function for getting src addr
f272c86
@ArnoStiefvater
Fix tests
780bb4d
@ArnoStiefvater
Use int for ports
6bb41f5
@ArnoStiefvater
Fix burst timeout for ICMPv4 ping
62f727d
@ArnoStiefvater
Add header
c92c0cb
@ArnoStiefvater
rename file
6819521
@ArnoStiefvater
Add alive detection
41db2d1
@ArnoStiefvater
Add CMakeLists.txt file
73ab5bc
@ArnoStiefvater
Add pc.in file
aa52bcf
@ArnoStiefvater
Add test for fill_ports_array
4a2b59f
@ArnoStiefvater
Add test file
ce3f3a2
@ArnoStiefvater
Refactor tests
a1760e4
@ArnoStiefvater
Improve error handling
93fac1d
@ArnoStiefvater
Use correct includes
cd193aa
@ArnoStiefvater
Add test
87a63f1
@ArnoStiefvater
Add boreas
90b7a1f
@ArnoStiefvater
Add changelog entry
13362c0
@ArnoStiefvater
Add pcap to prerequisites
281bdde
@ArnoStiefvater ArnoStiefvater changed the title Move boreas with history Move alive detection (Boreas) to gvm-libs Jun 8, 2020
@mattmundell mattmundell merged commit 79416ca into greenbone:master Jun 8, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mattmundell mattmundell mattmundell approved these changes

@jjnicola jjnicola Awaiting requested review from jjnicola

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@ArnoStiefvater @mattmundell @cfi-gb @jjnicola @janowagner