pax_global_header00006660000000000000000000000064132571426620014522gustar00rootroot0000000000000052 comment=3c29cf8ab0fac5260bebdb71d8c331b9c2aed753 gvm-7.0.3/000077500000000000000000000000001325714266200123225ustar00rootroot00000000000000gvm-7.0.3/.circleci/000077500000000000000000000000001325714266200141555ustar00rootroot00000000000000gvm-7.0.3/.circleci/config.yml000066400000000000000000000030351325714266200161460ustar00rootroot00000000000000version: 2 jobs: build_sqlite: docker: - image: wiegandm/openvas-manager-7.0-sqlite-debian-jessie steps: - run: working_directory: ~/gvm-libs name: Checkout openvas-libraries-9.0 command: git clone --depth 1 https://github.com/greenbone/gvm-libs.git -b openvas-libraries-9.0 - run: working_directory: ~/gvm-libs name: Configure and compile openvas-libraries-9.0 command: pushd gvm-libs && mkdir build && cd build/ && cmake -DCMAKE_BUILD_TYPE=Release .. && make install && popd - checkout - run: name: Configure and Compile command: mkdir build && cd build/ && cmake -DCMAKE_BUILD_TYPE=Release .. && make install build_postgresql: docker: - image: wiegandm/openvas-manager-7.0-postgresql-debian-jessie steps: - run: working_directory: ~/gvm-libs name: Checkout openvas-libraries-9.0 command: git clone --depth 1 https://github.com/greenbone/gvm-libs.git -b openvas-libraries-9.0 - run: working_directory: ~/gvm-libs name: Configure and compile openvas-libraries-9.0 command: pushd gvm-libs && mkdir build && cd build/ && cmake -DCMAKE_BUILD_TYPE=Release .. && make install && popd - checkout - run: name: Configure and Compile command: mkdir build && cd build/ && cmake -DBACKEND=POSTGRESQL -DCMAKE_BUILD_TYPE=Release .. && make install workflows: version: 2 build: jobs: - build_sqlite - build_postgresql gvm-7.0.3/CHANGES000066400000000000000000003350331325714266200133240ustar00rootroot00000000000000SUMMARY OF RELEASE CHANGES FOR OPENVAS-MANAGER 7.0 ================================================== For detailed code changes, please visit https://github.com/greenbone/gvm/commits/openvas-manager-7.0 or get the entire source code repository and view log history: $ git clone https://github.com/greenbone/gvm.git $ cd gvm && git checkout openvas-manager-7.0 && git log openvas-manager 7.0.3 (2018-03-29) This is the third maintenance release of the openvas-manager 7.0 module for the Open Vulnerability Assessment System release 9 (OpenVAS-9). The OpenVAS Manager is the central management service between the actual security scanners and the user clients. This release fixes various issues, improves the migration routine and especially addresses performance issues. Many thanks to everyone who has contributed to this release: Matthew Mundell, Timo Pollmeier, Jan-Oliver Wagner, Michael Wiegand, Raphael Grewe, Christian Fischer and Juan Jose Nicola. Main changes since 7.0.2: * Performance when creating, deleting or modifying overrides and permissions has been improved. This includes rebuilding the reports cache only for affected users and reports. * SQL queries are now canceled if the connection is closed by a client to prevent abandoned requests like closed pages in GSA from keeping the database busy. * The loading of NVTs has been improved with SQL simplifications. * An issue where an invalid regular expression in a filter caused an error has been addressed. * An issue which caused processes to wait busily has been addressed. * The verify_scanner command can now be used to verify OMP Scanners. * An issue generating ISO time strings with zero or negative offsets has been addressed. * An issue which caused to not be possible for Superadmin to move a report format to trash has been addressed. * Handling of credentials has been improved. * Result list performance has been improved. * An issue which caused a problem in an Alert method has been addressed. * Password parameter to --create-user of openvasmd has been introduced. * An issue which caused an internal error when editing specific options and saving override has been addressed. * An issue which caused report counts not to include all results has been addressed. * Postgres start and stop speed has been improved. * An issue which prevented deleting orphaned permissions has been addressed. * An issue with XML escaping of targets and other resources referenced in tasks has been addressed so reserved characters can no longer cause errors in clients like GSA. * User password policy warning has been improved. * Performance of the report results counting has been improved. * Host details have been added to Host Report. * An issue with the SQL function current_severity being undefined in the SQLite backend has been addressed. * An issue with not being able to delete users due to the order the delete statements violating foreign key constraints has been addressed. * If resources of a deleted user are still in use, the command will now fail with a message saying so. * The SMB alert method has been added. * Documentation has been updated. * Several issues which caused problem after migrations have been addressed. * The running scan progress bar has been improved. * An issue with escaping dollar signs and backslashes in the LaTeX report has been addressed. * An issue which caused alerts to not work has been addressed. * An issue which caused timezone filter to have no effect on start and end time of the scan has been addressed. * An issue which caused the Manager to exit when the DB is down has been addressed. * An issue which caused user tags with read permissions to not be listed has been addressed. * An issue which caused blocks on all other user actions under certain circumstances has been addressed. * When a slave is unavailable get_system_reports will return a more specific error message. * A schedule timeout has been introduced. * Several issues which caused an internal error setting a report filter have been addressed. * An issue which caused a race condition when accessing manager socket too quickly has been addressed. * An issue which caused users not to be able to run tasks under certain circumstances has been addressed. * Result filtering of port summary in reports has been addressed. * An issue with delete commands returning wrong reasons for failures like wrong UUIDs or resources being predefined has been addressed. * An issue which caused sort-reverse filter to break delta reports has been addressed. * Several other performance improvements has been done. * An issue which caused errors when an invalid filt_id is given has been addressed. * An issue which caused users to not be able to access the vulnerability details in reports has been addressed. * Message text for mail alerts has been improved. * Wrong font in PDF report has been addressed. * The enable option Log whole attack has been removed from scan config. * An issue which caused a segfault in the PostgreSQL next_time function under certain circumstances has been addressed. * An issue with time calculations of schedules has been addressed. * An issue which caused permission problem because of deleted users has been addressed. * New alert method Tipping Point SMS has been added. * Details to --max-ips-per-target error message have been added. * An issue which would cause an error in a fresh DB under certain circumstances has been addressed. * An issue which caused a started task to hang in Requested status has been addressed. * An issue which caused overwriting of credentials under certain circumstances has been addressed. * Credentials which can not be created on slave are now ignored to avoid scans getting stuck in the requested status because of bad credentials. * An issue with creating SQL functions in a new PostgreSQL database has been addressed. openvas-manager 7.0.2 (2017-06-21) This is the second maintenance release of the openvas-manager 7.0 module for the Open Vulnerability Assessment System release 9 (OpenVAS-9). The OpenVAS Manager is the central management service between the actual security scanners and the user clients. This release addresses a serious issue which could cause preferences of unrelated tasks to be reset when deleting preferences associated with a task. Many thanks to everyone who has contributed to this release: Benoît Allard, Matthew Mundell, Timo Pollmeier, Björn Ricks and Michael Wiegand. Main changes since 7.0.1: * An issue which caused preferences of unrelated tasks to be reset when deleting preferences associated with a task. * An issue which caused deleting roles to fail under certain circumstances has been addressed. * An issue which caused credential type names to be migrated incorrectly has been addressed. * An issue which caused the 'Send to host' alert method to fail has been addressed. * An issue which caused hostname queries to fail for hosts with multiple hostnames has been addressed. * An issue which caused schedules to be triggered multiple times after a time shift (e.g. DST switch) has been addressed. * An issue which caused deleting roles to fail under certain circumstances has been addressed. * Handling of invalid time zones has been improved. * An issue which caused a crash when importing private keys without a trailing newline character has been addressed. * Support for increasing the IP limit per target via command line parameters has been reintroduced. * Performance improvements. openvas-manager 7.0.1 (2017-03-07) This is the first maintenance release of the openvas-manager 7.0 module for the Open Vulnerability Assessment System release 9 (OpenVAS-9). The OpenVAS Manager is the central management service between the actual security scanners and the user clients. This release fixes various issues and especially improves the migration routine from SQLite to PostgreSQL. Many thanks to everyone who has contributed to this release: Hani Benhabiles, Matthew Mundell, Timo Pollmeier, Björn Ricks, Michael Wiegand and Jan-Oliver Wagner. Main changes since 7.0.0: * Lowered minimum for automatic report removal from 5 to 2. * Bug fixes for long-duration schedules. * Add authentication cache for LDAP and Radius. * Improved cleanup of tmp directory upon errors. * Use global SSH known hosts for alert type "SCP". * Improved quoting for RFP "CSV Results". * Fix race condition for SecInfo-based alerts. * Updated migration routine from SQLite to PostgreSQL. * Internal code cleanups. openvas-manager 7.0.0 (2016-11-09) This is the first release of the openvas-manager 7.0 module for the Open Vulnerability Assessment System release 9 (OpenVAS-9). The OpenVAS Manager is the central management service between the actual security scanners and the user clients. OpenVAS Manager 7.0 introduces an explicit asset management and the built-in CVE scanner. It also replaces the 'Slaves' type by the new Scanner type 'OMP Slave'. Please see the comprehensive list below for more details. Please make sure to read the INSTALL file for important installation and migration information, even and especially if you have used OpenVAS Manager before. Many thanks to everyone who has contributed to this release: Benoît Allard, Hani Benhabiles, Sven Haardiek, Matthew Mundell, Timo Pollmeier, Jan-Oliver Wagner and Michael Wiegand. Main changes compared to the 6.0 series: * Added asset management for hosts and operating systems. * Added internal CVE Scanner. * Added SecInfo alerts. * The type 'Slaves' was replaced by the 'Scanner' type 'OMP Slave'. * The OMP protocol version is now OMP 7.0. * Added support for communicating via Unix domain sockets with OTP scanners and with clients. * GET_REPORTS now uses regular powerfilter. * Authentication configuration (for example LDAP) is now handled within the database and not in a separate file ('auth.conf') anymore. * Several new OMP commands and some changes/renaming to existing commands. Please refer to the OMP documentation for details about new and changed commands. * Consolidation of credentials into the the type Credentials. * New Alerts 'SCP' and TCP upload. * Improved OSP support, permissions management, QoD handling, built-in report formats, alerts. * Merging openvas-scapdata-sync into greenbone-scapdata-sync. * Merging openvas-certdata-sync into greenbone-certdata-sync. * Minimum required version GnuTLS raised to 3.2.15. * Minimum required version GLib raised to 2.32. * Minimum required version CMake raised to 2.8. Main changes since 6.1+beta3: * The concept of slaves has been replaced by OMP slaves. * The OMP protocol version is now OMP 7. * Support for grouping data by two columns has been added. * Support for the new 'SNMP' alert method has been added. * A new "Max Rows Per Page" setting has been introduced which defaults to 1000, please see the INSTALL file for details. * The handling of Internal Errors has been made more consistent. * A support scripts for gathering statistics on the SQLite3 back-end has been added. * Credentials are now consistently handled as credential objects. * Support for sorting by multiple fields in OMP command GET_AGGREGATES has been added. * The process title of processes handling scans will now contain the report UUID. * Resuming of scheduled slave scans has been improved. * Internal use of logging has been made more consistent. * Support for migrating data from an SQLite3 database to a PostgreSQL database has been improved. * Handling of slave scans has been improved. * The handling of report format plugins has been improved. * The LDAP CA certificate is now stored in the internal database instead as a separate file on disk. * The predefined target 'Localhost' has been removed. * Users are now allowed to access feed descriptions. * Support for including the result of one report format in the result of another report format has been added. * The 'Anonymous_XML' report format now strips even more potentially sensitive information. * Support for custom predefined report formats has been improved. * Support for communicating via Unix domain sockets has been added and now is the default for communication with OTP scanners and with clients. * NVTs in the ACT_SETTINGS family are no longer automatically enabled. * Log messages have been improved to include the resource name wherever possible. * The 'openvas-manage-certs' support script has been moved here from OpenVAS Scanner. * The minimum required version of the GnuTLS library has been raised to 3.2.15 in order to enforce the presence of newer (more secure) TLS and ciphers. * The minimum required version of the OpenVAS libraries has been raised to 9.0.0. * The minimum required version of the GLib library has been raised to 2.32 in order to allow the use of newer API elements. * The minimum required version of the CMake build framework has been raised to 2.8. * Numerous code cleanups. * The build process has been improved. * Code documentation has been updated. * Support for PostgreSQL has been improved. openvas-manager 6.1+beta3 (2016-04-14) This is the third beta version of the upcoming 6.1 release of the OpenVAS Manager. It will be part of the upcoming OpenVAS-9 release. This module is the central management service between security scanners and user clients. This release adds various alerts, consolidates credentials and applies the standard powerfilter now also for the report results to name just a few of the improvements. Many thanks to everyone who has contributed to this release: Benoît Allard, Hani Benhabiles, Sven Haardiek, Matthew Mundell, Timo Pollmeier, Jan-Oliver Wagner and Michael Wiegand. Main changes since 6.1+beta2: * Consolidation of credentials: Introduce various types of credentials and use these reseources whenever a credential is required. Also the migration will handle this properly. * Add task preference for auto deleting reports. * Add credential type "client certificate". * Add SNMP credential type. * Make login information of slaves a credentials resource. * Add SNMP credentials to targets. * Add new alert conditions "Filter count at least" and "Filter count changed". * Add alert method "Send", for sending the report to a TCP listener. * Add new alert method 'SCP'. * Add alert event "New NVTs arrived". * Add event type "Updated NVTs arrived". * Add support for SecInfo type in SecInfo alerts. * Add SYNC_CONFIG OMP command. * Introduce Scan Configs for OSP scanners. * Make GET_REPORTS command use the normal powerfilter and remove some redundant command attributes and now unused functions. * Prevent concurrent NVT cache updates from being initiated via SIGHUP. * Add "ISM Control Description" parameter to "Verinice ISM" report format. * Ensure sequences for automatically assigning primary key ids in PostgreSQL are consistent with table contents on startup. * Remove any special handling of a tag "risk_factor". * When using SQLite, ensure that all three databases are in WAL mode. * Merging openvas-certdata-sync into greenbone-certdata-sync in order to maintain only a single sync script instead of two mostly identical ones. * Merging openvas-scapdata-sync into greenbone-scapdata-sync in order to maintain only a single sync script instead of two mostly identical ones. * Add --check-alerts, which runs any SecInfo alerts that are due. * Various database performance improvements. * Various code improvements. openvas-manager 6.1+beta2 (2015-10-21) This is the second beta version of the upcoming 6.1 release of the OpenVAS Manager. It is the central management service between the actual security scanners and various user clients. This release adds explicit asset management for hosts and operating systems, first OSP 1.1 features, started consolidation of Credentials - to name just a few of the many improvements. Many thanks to everyone who has contributed to this release: Benoît Allard, Hani Benhabiles, Sven Haardiek, Matthew Mundell, Timo Pollmeier, Jan-Oliver Wagner and Michael Wiegand. Main changes since 6.1+beta1: * Add asset management for hosts and operating systems via new OMP commands CREATE_ASSET, GET_ASSETS, MODIFY_ASSET and DELETE_ASSET. * Make it possible to import OSP scan configs. * Allow specifying multiple data columns via elements in the OMP command GET_AGGREGATES and change the response to list statistics grouped for each data_column. * Add new alert method "Start Task". * Replace the LSC_CREDENTIAL type with CREDENTIAL type. * Handle free-form text in Postgres sorting of hosts, instead of requiring IPs. * Add new OMP command MOVE_TASK to move a task to a new slave, even when it is running. * Add support for some of the upcoming OSP 1.1 features. * Extend CREATE_GROUP with option to create "super on self" permission for the group, so that all member resources are shared. * Updated the HTML report format plugin with slightly lighter design and better performance. * Add "subject" and "message" method data for email alerts, so that the user can set these fields. Also add various variables for the message via various variables. * Add options to have a user inherit resources from a user being deleted. * Add new setting "Default Severity". * Record in each report in the db whether the task was started by the scheduler. Use this info to prevent the scheduler from stopping manually started tasks. * For slave tasks, add the host details of finished hosts, even if the task is still running. * Add a "word_counts" mode to the GET_AGGREGATES OMP command. * If NVT cannot be found for dynamic severity without overrides, use static severity instead. * Add host and result counts to task iterators and add "text columns" option to get_aggregates. * Allow dot (.) in username. * Give up when doing the nvti cache update check and the database is busy, because this is done in the main omp service loop, so it could delay the service of OMP clients. * Add params ignore_pagination and schedules_only for OMP GET_TASKS. * Improved certificate checks. * Simplify project version setting. Use SVN version at build time in binary instead of SVN version at configuration time. * Various code improvements. openvas-manager 6.1+beta1 (2015-07-17) This is the first beta version of the upcoming 6.1 release of the OpenVAS Manager. It is the central management service between the actual security scanners and various user clients. This release moves authentication configuration from file based function to the Manager database. It also adds support for CVE scanning and contains a number of other improvements. Please make sure to read the INSTALL file for important installation and migration information, even and especially if you have used OpenVAS Manager before. Many thanks to everyone who has contributed to this release: Benoît Allard, Hani Benhabiles, Sven Haardiek, Matthew Mundell, Timo Pollmeier and Michael Wiegand. Main changes since 6.0 series: * The required minimum version of OpenVAS Libraries has been raised to 8.1.0. * Authentication checks are now handled locally instead of file based OpenVAS Libraries functions. * Permission management has been improved. * OSP support has been improved. * Support for CVE scanning has been added. * Handling of QoD information has been improved. * PostgreSQL support has been improved. * Internal improvements. * The built-in LaTeX report format has been improved. * Support for running cppcheck from the build environment has been added. * A number of issues discovered through static code analysis have been addressed. * Documentation has been updated. openvas-manager 6.0.1 (2015-04-01) This is the first maintenance release of the openvas-manager 6.0 module for the Open Vulnerability Assessment System release 8 (OpenVAS-8). This release addresses various improvements and bug fixes of which none is particularly outstanding, but not all just minor either. Many thanks to everyone who contributed to this release: Matthew Mundell, Timo Pollmeier and Michael Wiegand. Main changes compared to 6.0.0: * Treat missing filter keywords owner and permission as if they had the value "any". The old default behavior can be reproduced by using the keywords with an empty value. * Task severity: Consider based on QoD default (70%) instead of 0%. This way the task severity matches the results severity when using defaults. * Allow the user to create a permission if the user has "modify" access to the subject. This allows users to create permissions on roles owned by other users, for example. * Bugfix to enable autoamtic update of CERT-Bund. * Bugfix to re-add the cvss base vector of NVTs. * Bugfixes/improvements about object managment for objects with dependencies dependencies (for example: target has credentials). * Always set trust as "yes" for predefined report formats. * Bugfix: Quote timezones as these can have multiple words. * Bugfix: Get results severity based on user, not based on owner. * Improved package config and build routine. * Various minor bugfixes. openvas-manager 6.0.0 (2015-03-17) This is the first release of the openvas-manager 6.0 module for the Open Vulnerability Assessment System release 8 (OpenVAS-8). The OpenVAS Manager is the central management service between the actual security scanner and various user clients. OpenVAS Manager 6.0 introduces a large number of new and improved features, for example scanner management, the alternative use of PostgreSQL as database back end and Quality of Detection (QoD) information. It also introduces the new roles "Guest", "Monitor" and "Super Admin". Please see the comprehensive list below for more details. Please make sure to read the INSTALL file for important installation and migration information, even and especially if you have used OpenVAS Manager before. Many thanks to everyone who has contributed to this release: Benoît Allard, Michal Ambroz, Hani Benhabiles, Henri Doreau, Michael Meyer, Matthew Mundell, Timo Pollmeier, Jan-Oliver Wagner and Michael Wiegand. Main changes compared to the 5.0 series: * OpenVAS Manager now supports the alternative use of PostgreSQL as database back end instead of SQLite3. * Support for Scanner Management has been added. This includes the configuration part for scanners accompanied with a new set of OMP commands (create_scanner, get_scanners, modify_scanner, delete_scanner and verity_scanner). Next, it covers the extensions of tasks with the selected scanner type and the extension of Scan Configurations to reflect different scanner types. * Support for the new SecInfo subtype CERT-Bund Advisory (CERT_BUND_ADV) has been added. * Support for QoD (Quality of Detection) information has been added. * Support for mixing objects owned by different users has been extended. * Support for a "Guest" role has been added. * Support for a "Monitor" role has been added. * Support for a "Super Admin" role has been added. * Support for associating ESXi credentials with targets has been added. * The new OMP command "GET_AGGREGATES" has been added in order to deliver data tables for use in diagrams. * Support for task charts has been added. * Support for filtering NVTs based on their script_tags has been added. * A new "Modify Task" wizard has been added. * Support for displaying solution type information has been added. * Support for internal database optimization has been added. * Support for ownership of users, roles, groups and permissions has been introduced. * Support for the changing of user names has been added. * Support for Once-off schedules has been added. * Support for limiting the number of times a task runs with a periodic schedule has been added. * Support for splitting the CPE dictionary has been added to the SCAP data synchronization script. * The "xml_split" helper script for splitting SCAP data is now installed by default. * Report powerfilters now support the "timezone" keyword. * The OMP version is now included in reports. * Tasks on slaves are now stopped when the controlling master is terminated. * Alterable task now stay alterable even when their last report has been removed. * Solution type information is now included in report formats. * OpenVAS Manager will no longer abort if previous attempts to the rebuild or update the database have failed. * The results table and the OMP results objects have been extended. * The "Anonymous XML" report format has been added. * Support for displaying host authentication results has been added to the LaTeX, PDF and HTML reports. * The GET_INFO command can now be used for NVTs as well. * Support for "openvasrc" files has been removed from OMP. * For SSH credentials, the certificate is now extracted from private key when needed. * Preemptive Scanner connecting has been removed. Manager now only connects on NVT cache update or task starting, resuming and stopping. This improves response time. * Support for the task pausing feature has been removed. This includes the removal of OMP commands "pause_task" and "resume_paused_task". * Support for the target locators feature has been removed. This includes the removal of the OMP command "get_target_locators". * The "--slisten" and "--sport" command line options have been removed as they are now part of the scanner properties. * An issue which caused individual NVT timeout values to not be transferred to slaves has been fixed. * The "--list-users" command line option has been renamed to "--get-users". * The "--role" command line option now applies to "--get-users" as well. * The "get_results" OMP command now behaves more consistent with other get_... OMP commands. * The task name is now included in more report formats. * The value of the NVT tag "affected" is now included in more report formats. * The performance has been improved in a number of places. * The strategy of SQL retries in high-load situation has been improved. * The handling of user groups when dropping privileges has been improved. * The manager will now retry starting of scheduled tasks when the start OMP fails. * Sorting of numerical values has been improved. * Library checks during package configuration have been improved and are now more comprehensive and consistent. * Signal handling has been improved. * The OMP protocol documentation has been updated. * Code cleanups. Main changes compared to 6.0+beta6: * Solution type information is now included in report formats. * An issue with empty scan end times has been fixed. * Performance of report result counting has been improved. * A check which resulted in scheduled tasks not starting at all if they could not start within a short interval has been removed. * Signal handling has been improved. * Support for splitting the CPE dictionary has been added to the SCAP data synchronization script. * OpenVAS Manager will no longer abort if previous attempts to the rebuild or update the database have failed. * The "Anonymous XML" report format has been added. * The OMP protocol documentation has been updated. * The GET_INFO command can now be used for NVTs as well. * Result in report results counting and caching functions now use a default minimum QoD of 70 for consistency. * Support for displaying host authentication results has been added to the LaTeX, PDF and HTML reports. * Support for CERT-Bund advisories has been improved. * An issues which caused a segmentation fault when rebuilding the database of 32 bit installations under certain circumstances has been fixed. * The "xml_split" helper script for splitting SCAP data is now installed by default. * Support for mixing of the current user's targets and tasks, with other people's targets and tasks has been added. * Support for mixing of the current user's configs and tasks, with other people's configs and tasks has been added. * Support for mixing of the current user's scanners and tasks, with other people's scanners and tasks has been added. * Support for mixing of the current user's port lists and targets, with other people's port lists and targets has been added. * Support for mixing of the current user's credentials and targets, with other people's credentials and targets has been added. * Support for mixing of the current user's report formats and alerts, with other people's report formats and alerts has been added. * Support for mixing of the current user's filters and alerts, with other people's filters and alerts has been added. * Code cleanups. openvas-manager 6.0+beta6 (2015-02-11) This is the sixth beta version of the upcoming 6.0 release of the OpenVAS Manager. It is the central management service between the actual security scanners and various user clients. This release improves support for OSP scanner and introduces support for Quality of Detection (QoD) information. It also adds support for once-off schedules, for limiting the number of times a task runs with a periodic schedule and for more resource mixing between users. It also contains a number of bug fixes and various other improvements. Many thanks to everyone who has contributed to this release: Hani Benhabiles, Matthew Mundell, Timo Pollmeier and Michael Wiegand. Main changes since 6.0+beta5: * Support for OSP host details has been added. * Support for modifying an existing scanner has been added. * Support for Once-off schedules has been added. * Support for limiting the number of times a task runs with a periodic schedule has been added. * Enable mixing of the current user's alerts, schedules and tasks, with other people's alerts, schedules and tasks, when permissions allow it. * Support for Quality of Detection (QoD) information has been introduced. * A segmentation fault which occurred when deleting users using the "--delete-user" parameter has been fixed. * An issue which caused individual NVT timeout values to not be transferred to slaves has been fixed. * An issue with NVT counting in scan configs has been fixed. * Incorrect column name in the SCAP database have been fixed. * An issue with result counting when using certain filters has been fixed. * An issue which prevented the Super Admin from cloning certain objects has been fixed. * An issue with running scheduled tasks with durations has been fixed. * Tasks on slaves are now stopped when the controlling master is terminated. * Alterable task now stay alterable even when their last report has been removed. * The default value for the "autofp" setting used for alerts has been changed to 0 for consistency with other views. * Report lists now ensure that a apply_overrides value is set. * Sorting of numerical values has been improved. * Handling of missing report format plugins for alerts has been made more consistent. * Library checks during package configuration have been improved and are now more comprehensive and consistent. * OSP support has been improved. * PostgreSQL support has been improved. * The OMP documentation has been updated. * Documentation of database optimization has been improved. * Code cleanups. openvas-manager 6.0+beta5 (2015-01-12) This is the fifth beta version of the upcoming 6.0 release of the OpenVAS Manager. It is the central management service between the actual security scanners and various user clients. This release improves support for the "Super Admin" permission, introduce ownership for users, roles and groups, allow sharing of sensors and task between users, adds a `--optimize` command line option, start work on consolidation of the different RESUME_* OMP commands as well as fixes various smaller issues. Many thanks to everyone who has contributed to this release: Timo Pollmeier, Jan-Oliver Wagner, Matthew Mundell, Michael Wiegand and Hani Benhabiles. Main changes since 6.0+beta4: * Add settings for default resource selections on the "New Task" and "New Target" pages in GSA and get settings in Advanced Task Wizard. * LaTeX report format improvement * Retry starting of scheduled tasks when the start OMP fails. * Add new "Modify Task" wizard. * Add RESOURCE/TYPE to CREATE_PERMISSION, so that Super permissions can be created on Roles, Groups and Users. * Add RESOURCE/TYPE to MODIFY_PERMISSION, so that editing of Super permissions works. * Allow severity to be null in CERT-Bund and DFN-CERT Advisories, CPEs and OVAL definitions if no severity is available from CVEs. * Performance improvement for GET_REPORTS. * Add solution_type column to NVTs. * Enable mixing of the current user's slaves and tasks, with other people's slaves and tasks, when permissions allow it. * Add command line option --optimize, with arguments "analyze" and "vacuum". * Add indices for NVTs, CVEs and CPEs and change init_aggregate_iterator to use them. Remove unused features from init_aggregate_iterator for simplicity. * Make --role apply to --get-users too. * Introduce ownership of users, roles and groups. * Major rewrite of the RESUME_* OMP commands. * Introduce ownership of permissions. * Account for Super permissions in asset reports. * Add NEW_NAME to OMP MODIFY_USER, to allow changing of user names. openvas-manager 6.0+beta4 (2014-11-21) This is the fourth beta version of the upcoming 6.0 release of the OpenVAS Manager. It is the central management service between the actual security scanners and various user clients. This release establishes support for PostgreSQL as an alternative database backend. It also adds support for a "Super Admin" role and contains a number of smaller improvements. Many thanks to everyone who has contributed to this release: Benoît Allard, Michal Ambroz, Hani Benhabiles, Henri Doreau, Michael Meyer, Matthew Mundell, Timo Pollmeier, Jan-Oliver Wagner and Michael Wiegand. Main changes since 6.0+beta3: * OpenVAS Manager now supports the alternative use of PostgreSQL as database backend instead of SQLite3. * Support for a "Super Admin" role has been added. * Performance for iterating over host details has been improved. * The handling of SIGABRT signals has been improved, ensuring an appropriate exit code if such a signal occurs. * The handling of task end times has been improved. * The strategy of SQL retries in high-load situation has been improved. * Support for filtering NVTs based on their script_tags has been added. * Logging has been improved. * The handling of user groups when dropping privileges has been improved. * Timezone usage has been improved. * The build process has been adjusted for changes in OpenVAS Libraries. * The OMP version is now included in reports. * Code cleanups. openvas-manager 6.0+beta3 (2014-10-14) This is the third beta version of the upcoming 6.0 release of the OpenVAS Manager. It is the central management service between the actual security scanners and various user clients. This release continues the efforts towards PostgreSQL support and support of multiple scanners. It also introduces support for a "Monitor" role and for the "timezone" keyword in report powerfilters and harmonizes the handling of the creation time for the different SecInfo object types. A workaround for an issue with SQLite versions before 3.8.3 is included as is support for task charts. Many thanks to everyone who has contributed to this release: Hani Benhabiles, Matthew Mundell, Timo Pollmeier and Michael Wiegand. Main changes since 6.0+beta2: * Further steps towards alternative use of PostgreSQL as database backend instead of SQLite3. The PostgreSQL support does not yet cover all of the OpenVAS Manager functionalities. * Further steps for Scanner Management. * Support for task charts has been added. * Report powerfilters now support the "timezone" keyword. * Handling of different SecInfo object creation times has been harmonized. * Support for a "Monitor" role has been added. * A workaround for an issue with concurrent SQLite processes when using SQLite versions older than 3.8.3 has been added. * PostgreSQL support has been added to the various support scripts. * Code cleanups. openvas-manager 6.0+beta2 (2014-09-23) This is the second beta version of the upcoming 6.0 release of the OpenVAS Manager. It is the central management service between the actual security scanners and various user clients. This release continues the efforts towards PostgreSQL support and support of multiple scanners. It also introduces support for a "Guest" role and for associating ESXi credentials with targets, along with a number of smaller improvements and code cleanup. Many thanks to everyone who has contributed to this release: Hani Benhabiles, Matthew Mundell, Timo Pollmeier, Jan-Oliver Wagner and Michael Wiegand. Main changes since 6.0+beta1 series: * Further steps towards alternative use of PostgreSQL as database backend instead of SQLite3. The PostgreSQL support does not yet cover all of the OpenVAS Manager functionalities. * Further steps for Scanner Management. * Support for a "Guest" role has been added. * Support for associating ESXi credentials with targets has been added. * The get_results command now behaves more consistent with other get_... OMP commands. * The task name is now included in more report formats. * The value of the NVT tag "affected" is now included in more report formats. * GPLv2+ licence notices now contain the exact wording suggested by the Free Software Foundation. * Code cleanups. openvas-manager 6.0+beta1 (2014-08-23) This is the first beta version of the upcoming 6.0 release of the OpenVAS Manager. It is the central management service between the actual security scanners and various user clients. This release introduces first steps towards multi-scanner support, adds support for SecInfo type "CERT-Bund" and extends the results object. Apart from this the alternative support for PostgreSQL works to some extend but is not complete yet. Please make sure to read the INSTALL file for important installation and migration information, even and especially if you have used OpenVAS Manager before. Many thanks to everyone who has contributed to this release: Hani Benhabiles, Matthew Mundell, Timo Pollmeier, Michael Wiegand Main changes since 5.0 series: * Added first steps for Scanner Management. This includes the configration part for scanners accompanied with a new set of OMP commands (create_scanner, get_scanners, modify_scanner, delete_scanner and verity_scanner). Next, it covers the extensions of tasks with the selected scanner type and the extension of Scan Configurations to reflect different scanner types. * First steps towards alternative use of PostgreSQL as database backend instead of SQLite3. The PostgreSQL support does not yet cover all of the OpenVAS Manager functionalities. * Added new SecInfo subtype CERT-Bund Advisory (CERT_BUND_ADV). * Added new OMP command GET_AGGREGATES in order to deliver data tables for use in diagrams. * Extended results table and OMP results objects. * Removed openvasrc file support from OMP. * For SSH credentials, the public part is now extracted from private key when needed. * Removed preemptive Scanner connecting. Connect only on NVT cache update or task starting, resuming and stopping. This improves response time. * Removed task pausing feature. This includes the removal of OMP commands pause_task and resume_paused_task. * Removed target locators feature. This includes the removal of the OMP command get_target_locators. * First steps towards a QoD (Quality of Detection) concept as an attribute of the results. * Rebuild CERT database as version 6 to apply fix for problems with CVEs in older DFN-CERT advisories. * Increased limit of max number of hosts specified in user Host Access Control to 16,777,216. * Removed --slisten and --sport options. * Renamed --list-users to --get-users. * Added --get-scanners. * Added --create-scanner with --scanner-host, --scanner-port and --scanner-type options. * Added --delete-scanner option. * Added --verify-scanner option. * Added --scanner-ca-pub, --scanner-key-pub and --scanner-key-priv command-line arguments. * Added options --max-email-attachment-size and --max-email-include-size. * Various minor improvements. * Code cleanups. openvas-manager 5.0.0 (2014-04-23) This is the first release of the openvas-manager 5.0 module for the Open Vulnerability Assessment System release 7 (OpenVAS-7). The OpenVAS Manager is the central management service between the actual security scanner and various user clients. OpenVAS Manager 5.0 introduces a large number of new and improved features, for example the entire user management is now done in OpenVAS Manager, tagging of objects, "Severity" concept to replace "Threat" concept, Alive-Test property of Targets, a number of new command line parameter, extended access control with groups, roles and permissions. For a complete list of changes, please refer to the list below. The whole functionality is available via the extended protocol OMP 5.0. Please make sure to read the INSTALL file for important installation and migration information, even and especially if you have used OpenVAS Manager before. Many thanks to everyone who has contributed to this release: Benoît Allard, Hani Benhabiles, Henri Doreau, Rodolfo Gouveia, Andre Heinecke, Werner Koch, Matthew Mundell, Timo Pollmeier, Stefan Schwarz, Stefan Sperling, Jan-Oliver Wagner and Michael Wiegand. Main changes since 4.0.x: * User management has been consolidated in OpenVAS Manager. It was moved from OpenVAS Scanner and OpenVAS Administrator into OpenVAS Manager. * New: Groups, Roles and Permissions. * New: Tags. * New: Default scan configurations "Discovery", "Host Discovery" and "System Discovery". * New: Support for searching in the complete SecInfo data. * New: Support for regular expression searching in the powerfilter. * New: New "Severity" concept to replace "Threat" concept. * Removed: OTP port forwarding. * Removed: Support for obsolete scanner preferences. * Improved: Support for the new host management offered by Scanner has been added. * Improved: Schedule handling during long running operations. * Changed: Simplified host access conrol replaces old rules-based concept. * New: Support for Alterable Tasks. * New: Support for Source Interface access control has been added. * New: Alive Test property to Targets, which can override the scan config settings. * Remove NVTs 810002 "CPE Inventory" and 810003 "Host Summary" from predefined configs. * Orphaned results are now removed from the database when starting. * The speed of retrieving a task details overview has been improved. * Database rebuild performance has been improved. * Performance with large databases has been improved. * Updated: Verinice ISM report format plugin. * Updated: The NBE report format plugin. * New: Predefined report format CSV Hosts. * New: Predefined report format CSV Results. * New: Report format plugin for exporting TLS mapping results into a CSV file. * New: User setting for preferred interface language. * Logging has been improved and made more consistent. * OpenVAS Manager will now attempt to reduce database fragmentation. * Use UTF-8 for OTP. * Report scanner loading progress to client/GSA. * New: Support for user defined OVAL repositories in private subdirectories. * The scripts for SCAP and CERT data synchronization have been improved. * Handling of NVT risk factors has been removed as this is handled via CVSS scores now. * The handling of the obsolete "subnet" element in the results has been removed. * NVT descriptions are no longer stored separately in the database and thus no longer duplicate information already present in the NVT tags. * The credential encryption keyring is now placed in var/lib/openvas/gnupg instead of etc/openvas/gnupg. * Support for changing a user password on the command line has been added. * New option --max-ips-per-target. * New option --delete-user. * New option --create-user. * Add option --role, which allows to set the role with --create-user. * The --migrate option now also migrates SCAP and CERT databases. * New option "--list-users". * Made --migrate succeed when the database has not yet been initialised. * Add --gnutls-priorities option. * Add --dh-params command-line option. * The command line parameter "--disable-scheduling" has been added. * The required minimum GnuTLS version has increased to 2.8. * The required minimum OpenVAS Libraries version has increased to 7.0.0. * Signature verification now uses the "gpgv" command. * Make --rebuild and --update wait for scanner when scanner is busy loading NVTs. This matches the behaviour when rebuild is called via SIGHUP. * Startup speed has been improved. * Add a utility to split huge xml files in a memory efficient way * The handling of missing, inaccessible or corrupt database files has been improved. * Moved some functions to openvas-libraries. * Large number of small fixes and speed improvements. * Code cleanup. And additionally changes compared to 5.0+beta13: * Added HELP permission check. * New: Role "Info". * Clean up of OMP and OMP documentation. openvas-manager 5.0+beta13 (2014-04-10) This is the thirteenth beta version of the upcoming 5.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and its various user clients. This release further improves role management and adds the MODIFY_ROLE OMP command. It also features an improved startup speed and an updated OMP documentation as well as improvements to the alive test and wizard functionalities. Many thanks to everyone who contributed to this release: Matthew Mundell, Timo Pollmeier and Michael Wiegand. Main changes since 5.0+beta12: * The OMP command MODIFY_ROLE has been added. * Role management has been improved. * The OMP documentation has been updated. * The handling of unavailable commands in the quick_task wizard has been improved. * The command line parameter "--disable-scheduling" has been added. * Startup speed has been improved. * The alive test "TCP Service Ping" has been renamed to "TCP-ACK Service Ping". * The alive test "TCP-SYN Service Ping" has been added. openvas-manager 5.0+beta12 (2014-03-28) This is the twelfth beta version of the upcoming 5.0 release of the OpenVAS Manager. it is the central management service between the actual security scanner and its various user clients. This release add an OMP DELETE_ROLE commands and a --dh-params command-line option to specify Diffie-Hellman ciphers parameters. Many thanks to everyone who contributed to this release: Hani Benhabiles, Matthew Mundell, Timo Pollmeier and Jan-Oliver Wagner Main changes since 5.0+beta11: * Add OMP DELETE_ROLE. * Add --dh-params command-line option. * code cleanup openvas-manager 5.0+beta11 (2014-03-26) This is the eleventh beta version of the upcoming 5.0 release of the OpenVAS Manager. it is the central management service between the actual security scanner and its various user clients. This release adds a --gnutls-priorities option to specify the cipher priority as well as adds a CREATE_ROLE OMP command and solve a number of small issues. Many thanks to everyone who contributed to this release: Hani Benhabiles, Matthew Mundell, Timo Pollmeier and Jan-Oliver Wagner Main changes since 5.0+beta10: * Get tags for resources by ROWID instead of UUID. Make iterator functions for active and orphan fields return int. * Rename "attach_id" to "resource_uuid", "attach_type" to "resource_type" add resource rowid "resource" and "resource_location" to tags tables. Hence increase database version to 117. Add database migration from version 116 to 117. * Change tag OMP elements accordingly and make them more consistent with the resource in permissions overall. Allow tags to be attached to resources in trash. Rename "orphaned" in tags to "orphan". * Add OMP CREATE_ROLE. * Remove NVTs 810002 "CPE Inventory" and 810003 "Host Summary" from predefined configs. Hence increase database version to 116. Add database migration from version 115 to 116. * Drop sign_key_ids column from nvts table. Hence increase database version to 115. Add database migration from version 114 to 115. * Add alive test "Consider Alive". * Add --gnutls-priorities option to Manager. * Report scanner loading progress to client/GSA. * Added regex-based parameter validation and support of alternative run modes, e.g. an init mode to get resource lists to display in the client, to wizards. * Switch the type check on the filters associated with alerts from "report" to "result". Alerts were migrated from "report" to "result" in db version 92. * Code cleanup. openvas-manager 5.0+beta10 (2014-03-18) This is the tenth beta version of the upcoming 5.0 release of the OpenVAS Manager. it is the central management service between the actual security scanner and its various user clients. This release Correct the behavior of the manager when called with --rebuild, --update or --migrate in order to produce a more consistent experience, as well as solve a number of small issues. Many thanks to everyone who has contributed to this release: Hani Benhabiles, Matthew Mundell and Jan-Oliver Wagner. Main changes since 5.0+beta9: * Remove handling of CERTIFICATES otp command. * Make --rebuild and --update wait for scanner when scanner is busy loading NVTs. This matches the behaviour when rebuild is called via SIGHUP. * Add scan-time record of slave and source interface to reports. * Remove handling of PLUGINS_DEPENDENCIES OTP command and get_dependencies OMP command. * Make --migrate succeed when the database has not yet been initialised. * Code cleanup. openvas-manager 5.0+beta9 (2014-03-12) This is the ninth beta version of the upcoming 5.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and its various user clients. This release introduces the new "System Discovery" config, improves handling of the OpenVAS Scanner connection and fixes two issues related to UTF-8 encoded text in overrides and notes and to result counts. Many thanks to everyone who has contributed to this release: Hani Benhabiles, Matthew Mundell and Michael Wiegand. Main changes since 5.0+beta8: * A new predefined "System Discovery" config has been added. * The handling of the connection to the OpenVAS Scanner has been improved. * An issue which caused a segmentation fault due to incorrect truncation of UTF-8 encoded text in overrides and notes has been fixed. * An issue which caused incorrect result counts has been fixed. openvas-manager 5.0+beta8 (2014-03-06) This is the eighth beta version of the upcoming 5.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and its various user clients. This release adjusts the built-in Report Format Plugins (RFPs) to expect NVT information to be in the new style. It also removes sections of unused code, improves Host Discovery handling and fixes a password generation issue. Many thanks to everyone who has contributed to this release: Hani Benhabiles, Matthew Mundell and Michael Wiegand. Main changes since 5.0+beta7: * NVTs are expected to be in the new style by the built-in RFPs. * Host Discovery will now fall back on more Ping Host defaults. * An issue which resulted in unusable passwords for LSC credentials being generated in rare circumstances has been fixed. openvas-manager 5.0+beta7 (2014-02-27) This is the seventh beta version of the upcoming 5.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and its various user clients. This release fixes a large number of small issues. Many thanks to everyone who has contributed to this release: Matthew Mundell, Timo Pollmeier and Hani Benhabiles. Main changes since 5.0+beta6: * Update documentation about the alive tests property. * Increase the OMP version to 5.0. * Prevent targets curently used to be modified. * Remove need for all elements to be given in MODIFY_TARGET. * Large number of small fixes and improvements. openvas-manager 5.0+beta6 (2014-02-16) This is the sixth beta version of the upcoming 5.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. This release adds user language setting, Alive Test property for Targets and fixes a large number of small bugs. Many thanks to everyone who has contributed to this release: Hani Benhabiles, Matthew Mundell, Timo Pollmeier, Michael Wiegand and Jan-Oliver Wagner Main changes since 5.0+beta5: * Add an Alive Test property to Targets, which can override the scan config settings. * Added user setting for preferred interface language. * Removed column "Most Severe Result(s)" from LaTeX/PDF report format plugin. * New option "--list-users". * Moved some functions to openvas-libraries. * Severity classes added to report XML. * Large number of small fixes and improvements. openvas-manager 5.0+beta5 (2014-01-28) This is the fifth beta version of the upcoming 5.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. This release improves the reports to include a new results section. Many thanks to everyone who has contributed to this release: Matthew Mundell, Timo Pollmeier, Michael Wiegand, Benoît Allard, and Jan-Oliver Wagner Main changes since 5.0+beta4: * Update reports to use the new results sections. * Add a utility to split huge xml files in a memory efficient way * Large number of small fixes and improvements openvas-manager 5.0+beta4 (2014-01-15) This is the fourth beta version of the upcoming 5.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. This release adds a couple of new command line options and report format plugins. Many thanks to everyone who has contributed to this release: Hani Benhabiles, Henri Doreau, Matthew Mundell Timo Pollmeier, Jan-Oliver Wagner and Michael Wiegand. Main changes since 5.0+beta3: * Use UTF-8 for OTP. * New option --max-ips-per-target. * New predefined report format CSV Hosts. * New predefined report format CSV Results. * Extended report format plugin for verinice. * New report format plugin for exporting TLS mapping results into a CSV file. * Add option --delete-user. * Rename option --first-user to --create-user. * Add option --role, which allows to set the role with --create-user. * New predefined config Host Discovery. * Large number of small fixes and improvements, especially regarding permissions. * The --migrate option now also migrates SCAP and CERT databases. openvas-manager 5.0+beta3 (2013-11-22) This is the third beta version of the upcoming 5.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. This release adds support for Alterable Tasks and Source Interface access control and features a reworked host access control concept replacing the old rules based concept. It also features further integration of the new concepts for severity and permission checks as well as numerous small improvements. Many thanks to everyone who has contributed to this release: Hani Benhabiles, Andre Heinecke, Matthew Mundell, Timo Pollmeier, Stefan Schwarz and Michael Wiegand. Main changes since 5.0+beta2: * Support for Alterable Tasks has been added. * Support for Source Interface access control has been added. * The host access control concept has been reworked, resulting in a removal of the old rules based concept. * Support for the new "Severity" concept has been added in more places. * Resource level permission checking has been improved. * An issue which caused new databases to be initialised improperly has been fixed. * NVT descriptions are no longer stored separately in the database and thus no longer duplicate information already present in the NVT tags. * OpenVAS Manager will now attempt to reduce database fragmentation. * The handling of the obsolete "subnet" element in the results has been removed. * The NBE report format plugin has been updated. * The verinice ISM report format plugin has been updated. * Support for changing a user password on the command line has been added. * Large number of small fixes and speed improvements. * Code cleanup. * Documentation has been updated. openvas-manager 5.0+beta2 (2013-09-30) This is the second beta version of the upcoming 5.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. This release fixes an issue with autogenerated credentials being unable to login. It adds support for new functionality added to OpenVAS Scanner since the last OpenVAS Manager release and features a number of internal improvements regarding performance, logging and scheduling. Many thanks to everyone who has contributed to this release: Hani Benhabiles, Andre Heinecke, Werner Koch, Matthew Mundell, Timo Pollmeier, Jan-Oliver Wagner and Michael Wiegand. Main changes since 5.0+beta1: * An issue which caused autogenerated credentials to fail to login has been fixed. * Support for regular expression searching has been added to the powerfilter. * Support for the new "Severity" concept has been added in a number of places. * The greenbone-scapdata-sync and greenbone-certdata-sync scripts have been updated. * Support for the new Scanner message type "Alarm" has been added. * Support for OTP port forwarding has been removed. * Support for obsolete scanner preferences has been removed. * Support for the new host management offered by Scanner has been added. * Logging has been improved and made more consistent. * Schedule handling during long running operations has been improved. * Orphaned results are now removed from the database when starting. * Database rebuild performance has been improved. * Performance with large databases has been improved. * The NBE report format plugin has been updated. * The verinice ISM report format plugin has been updated. * Code cleanup. * Documentation has been updated. openvas-manager 5.0+beta1 (2013-06-25) This is the first beta version of the upcoming 5.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. This release moves user management to OpenVAS Manager from OpenVAS Scanner and OpenVAS Administrator, introduces group and permissions management and tag management among other new features. Please note that this release changes the location of the credential encryption key. Please make sure to read the INSTALL file for important installation and migration information, even and especially if you have used OpenVAS Manager before. Many thanks to everyone who has contributed to this release: Hani Benhabiles, Rodolfo Gouveia, Andre Heinecke, Werner Koch, Matthew Mundell, Timo Pollmeier, Stefan Sperling, Jan-Oliver Wagner and Michael Wiegand. Main changes since 4.0 series: * The credential encryption keyring is now placed in var/lib/openvas/gnupg instead of etc/openvas/gnupg. * The required minimum GnuTLS version has increased to 2.8. * The required minimum OpenVAS Libraries version has increased to 7.0.0. * User management has been moved to OpenVAS Manager from OpenVAS Scanner and OpenVAS Administrator. * Support for group and permission management has been added. * Support for managing network service port names has been added. * Tag management has been added. * Handling of NVT risk factors has been removed as this is handled via CVSS scores now. * Handling of the OTP protocol has been updated to match the changes in OpenVAS Libraries and OpenVAS Scanner. * Support for user defined OVAL repositories in private subdirectories has been added. * The scripts for SCAP and CERT data synchronization have been improved. * Support for searching in the complete SecInfo data has been added. * The speed of retrieving a task details overview has been improved. * The handling of missing, inaccessible or corrupt database files has been improved. * A default "Discovery" scan configuration hase been added. * Signature verification now uses the "gpgv" command. * The verinice ISM report format plugin has been updated. * Code cleanup. * Documentation has been updated. openvas-manager 4.0+beta5 (2013-02-22) This is the fifth beta version of the upcoming 4.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. This release adds support for accessing OVAL and DFN-CERT SecInfo data, for encrypting credentials and for checking user passwords against a policy. It also features improvements to the report performance, Master-Slave communication and numerous smaller improvements. Many thanks to everyone who has contributed to this release: Hani Benhabiles, Andre Heinecke, Werner Koch, Matthew Mundell, Timo Pollmeier, Jan-Oliver Wagner and Michael Wiegand. Main changes since 4.0+beta4: * New: Support for accessing OVAL SecInfo data. * New: Support for accessing DFN-CERT SecInfo data. * New: The risk factor of an NVT is now calculated from the CVSS score. * New: Support for encrypted credentials has been added. * New: Support for checking user passwords against a policy has been added. * Extended: New object management now supports for schedules, tasks, * slaves, report formats, port lists and scan configs. * Improved: Override management now supports Powerfilter and Trashcan. * Improved: Additional parameters in SCAP synchronization script. * Improved: Handling of the SCAP database. * Improved: Classification in the report format plugin for ISMS tool "verinice". * Improved: Performance with large database. * Improved: Handling of client timeouts during very long operations. * Improved: Faster report format plugins LaTeX, TXT, HTML and PDF. * Improved: Master-Slave communication. * Improved: IPv6 address validation. * Some functionality has been moved to the openvas-libraries module. This means that openvas-manager 4.0.+beta5 requires openvas-libraries 6.0+beta5 or newer to build. openvas-manager 4.0+beta4 (2012-11-05) This is the fourth beta version of the upcoming 4.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. This release reveals a large number of new and improved features. Noteworthy are the new features Auto-FP, Wizard-Framework, Multiple Alerts and the extended Powerfilter that also was connected to more object classes. Many thanks to everyone who has contributed to this release: Sebastien Aucouturier, Andre Heinecke, Matthew Mundell, Jan-Oliver Wagner and Michael Wiegand. Main changes since 4.0+beta3: * New: Auto-FP feature to filter out likely false positives in a report. * New: Manage closed CVEs, as reported by the Scanner (trusted vendor updates). * New: Multiple alerts can now be attached to a task. * New: Wizard framework with first wizard "quick_first_scan" and user setting for wizard appearance. * New: Management for Filter objects. * New: Report format plugins for ISMS tool "verinice". * New: Alert for sending results to a verinice .PRO server. * Extended: Management for information such as CPE, including a extended SCAP data synchronization. * Extended: Powerfilter now available for Reports. * Extended: Powerfilters can now be attached to Alerts. * Improved: Task overview now faster via extra caching methods. * Improved: Handle daylight saving in schedules. * Improved: Extended features of Powerfilter such as sorting and result ranges. * Improved: When importing a report, now the host details are also imported. * Improved: Reduced database locking times during some operations so that less blocking happens. * Improved: Manager serves OMP even when the scanner is down. * Improved: Notes management now supports Powerfilter and Trashcan. * Improved: Added switch to control whether a task should contribute to asset management. * Improved: Report exports now also contain the comment of the respective task. * Improved: Report exports now also contain the family of NVTs. * Improved: Faster report format plugins LaTeX and PDF. * The ARF report format plugin is now a pre-defined format. * Added creation and modification times to the powerfilter. * Added handling of OTP 1.1. * Improved: Hostname validation. * Simplified Report Format Plugin handling for pre-defined plugins. * Various bug fixes and small improvements. openvas-manager 4.0+beta3 (2012-05-04) This is the third beta version of the upcoming 4.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. This release adds support for disabling OMP commands and extends object management. Many thanks to everyone who has contributed to this release: Matthew Mundell, Michael Wiegand. Main changes since 4.0+beta2: * Object management has been extended to support creation and modification times. * Support for disabling OMP commands via the command line has been added. openvas-manager 4.0+beta2 (2012-04-25) This is the second beta version of the upcoming 4.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. This release contains an improved powerfilter feature, updated protocol documentation and an improved target object management. It also fixes an issue with the port list selection. Many thanks to everyone who has contributed to this release: Matthew Mundell, Michael Wiegand. Main changes since 4.0+beta1: * Improvements to the target object management; targets can now be edited when they are associated with a task and the task has not yet run. * A bug which caused the port list selection to be empty has been fixed. * The protocol documentation has been updated. * The powerfilter now handles spaces in index filters. openvas-manager 4.0+beta1 (2012-04-16) This is the first beta version of the upcoming 4.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. This release introduces name change from Escalator to Alert and extended handling of Target object lists. Many thanks to everyone who has contributed to this release: Matthew Mundell, Michael Wiegand. Main changes since 3.0 series: * Renamed Escalator to Alert. * Added keyword filter, pagination and edit to Targets. * New command line options --listen2 and --port2 for a second OMP address. openvas-manager 3.0.0 (2012-03-26) This is the first release of the openvas-manager 3.0 module for the Open Vulnerability Assessment System release 5 (OpenVAS-5). The OpenVAS Manager is the central management service between the actual security scanner and various user clients. OpenVAS Manager 3.0 represents a significantly advanced feature set. Most notable is Asset Management, Port Lists, SecInfo Management with SCAP data, delta reports and prognostic reports. The whole functionality is available via the extended protocol: OMP 3.0. Many thanks to everyone who has contributed to this release: Henri Doreau, Stephan Kleine, Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller. Main changes since 2.0.x: * New: Configuration object 'Port Lists'. * New: Integrated Asset Management. * New: Security Information Database: Integrated SCAP data (CPE, CVE) including update method via feed service. * New: Delta reports to analyse differences between two scans. * New: Prognostic scans based on asset data and current SCAP data. * New: Support for individual time zones for users. * New: Tasks can be assigned "observes" for read-only access. * New: Role "Observer" for read-only access. * New: Support for notes/overrides lifetimes. * New: Trashcan. It is now possible to place some objects in a trashcan instead of deleting them directly. * New: Container tasks for importing reports. * New: SSH port for Local Security Checks configurable. * New: Product detections as reported by Scanner are handled to allow detailed cross-referenced detection information. * Updated builtin Report Format Plugins HTML, Text and LaTeX/PDF to reflect various new features that are already present in GSA, including delta and prognostic reports. * Improved product detection information in results XML. * Improved performance for massiv scanner results by using transaction groups. * Improved Import of Target lists to allow comma-separated, line-by-line lists. * Doubled entries in Target lists are now eliminated. * New optional Report Format Plugin for ARF. * OMP 3.0: All new functionalities form the new version 3.0 of the OpenVAS Management Protocol (OMP) * Changed: Report format signatures no longer contain user editable fields. * Support for large database files on 32-bit platforms has been improved. * A bug which caused the filter result count to be calculated incorrectly when searching for text phrases has been fixed. * Support for sorting results by CVSS score has been added. * Support for importing results sent through the XML escalator has been added. * The max_host and max_checks scan performance parameters have been moved from scan configs to tasks. * An issue which caused meta data for NVTs in the "Credentials" family to be not present in the database has been fixed. * A number of compiler warnings discovered by Stephan Kleine have been addressed. * Scan start and end times are now set for imported reports. * An issue which caused the import of very large reports to fail under certain circumstances has been fixed. * The handling of long host lists has been improved. * Security: Enforces strict permissions on sensitive OpenVAS Manager files. * Security: Drop privileges before executing report format plugins if running with elevated privileges. * Security: Ensures report formats are trusted before executing them. * Support for escalating result to a Sourcefire Defense Center has been added. * Support for using an SSH key pair for SSH authentication has been added. And additionally changes compared to last release candidate 3.0+rc1: * Extra report formats work standalone. * Observer lists now may also use ',' as separator. * Observers may now also create notes and overrides for observed tasks. * Opservers with with Role observer are now allowed to see single results of the observed tasks. * Added handling of ssh keys for authenticated tests for Master-Slave mode. * The PID file is created earlier to avoid daemon handling believe there is an error. * Build improvements for modern gcc. openvas-manager 3.0+rc1 (2012-03-15) This is the first release candidate of the upcoming 3.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. This release adds the Port Lists feature and updates the built-in reports to cover delta and prognostic results. Many thanks to everyone who has contributed to this release: Henri Doreau, Matthew Mundell and Michael Wiegand. Main changes since 3.0+beta8: * Support for Port Lists has been added. * Updated builtin Report Format Plugins HTML, Text and LaTeX/PDF to reflect various new features that are already present in GSA, including delta and prognostic reports. * Changed signing of Report Format Plugins to exclude comment. * Improved product detection information in results XML. * Improved performance for massiv scanner results by using transaction groups. * Improved Import of Target lists to allow comma-separated, line-by-line lists. * Doubled entries in Target lists are now eliminated. * New optional Report Format Plugin for ARF. * Updated OMP documentation. * Various little bugs fixed. openvas-manager 3.0+beta8 (2011-12-02) This is the eigth beta version of the upcoming 3.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. This release adds support for note lifetimes and for displaying additional information in the HTML, LaTeX and TXT report formats. It also fixes an incorrect result count for Asset Management results. Many thanks to everyone who has contributed to this release: Matthew Mundell and Michael Wiegand. Main changes since 3.0+beta7: * Support for note lifetimes has been added. * A bug which caused an incorrect result count in the Asset Management view has been fixed. * Support for displaying the hostname and the note and override lifetimes has been added to the following report formats: HTML, LaTeX and TXT. openvas-manager 3.0+beta7 (2011-11-23) This is the seventh beta version of the upcoming 3.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. This release improves the handling of timestamps in reports and uses report format signatures without the user editable fields, ensure the trust level stays correct if these fields have been changed. Many thanks to everyone who has contributed to this release: Matthew Mundell and Michael Wiegand. Main changes since 3.0+beta6: * The handling of timestamps in reports has been improved. * Report format signatures no longer contain user editable fields. openvas-manager 3.0+beta6 (2011-11-16) This is the sixth beta version of the upcoming 3.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. This release adds support for listing NVTs addressing a certain CVE and for override lifetimes. It fixes a bug in the threat level display and improves the handling of SCAP data. Many thanks to everyone who has contributed to this release: Henri Doreau, Matthew Mundell and Michael Wiegand. Main changes since 3.0+beta5: * Support for listing NVTs addressing a certain CVE has been added. * A bug which cause the wrong threat level to be displayed for tasks with multiple reports under rare circumstances has been fixed. * Support for override lifetimes has been added. * Support for displaying the SCAP update timestamp has been added. openvas-manager 3.0+beta5 (2011-10-10) This is the fifth beta version of the upcoming 3.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. This release adds support for a number of new features, including asset management, direct use of SCAP data, prognostic scans, task observers and individual time zones for users. It also improves support for large database files on 32-bit platforms. NOTE: The Manager now expects the OpenVAS Scanner to send timestamps based on the UTC time zone. Care must be take to use UTC for the Scanner or upgrade to OpenVAS Scanner >= 3.3+beta2, which enforces the use of UTC internally. Many thanks to everyone who has contributed to this release: Henri Doreau, Matthew Mundell and Michael Wiegand. Main changes since 3.0+beta4: * Support for asset management been added. * Support for using SCAP data directly has been added. * A support script for retrieving SCAP data has been added. * Support for prognostic scans has been added. * Support for large database files on 32-bit platforms has been improved. * Support for task observers has been added. * Support for individual time zones for users has been added. openvas-manager 3.0+beta4 (2011-07-21) This is the fourth beta version of the upcoming 3.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. This release resolves a minor issue discovered after the release of OpenVAS Manager 3.0+beta3 and adds support for sorting results by CVSS. For details, please refer to the list of changes below. Many thanks to everyone who has contributed to this release: Matthew Mundell and Michael Wiegand. Main changes since 3.0+beta3: * A bug which caused the filter result count to be calculated incorrectly when searching for text phrases has been fixed. * Support for sorting results by CVSS score has been added. * Support for importing results sent through the XML escalator has been added. * The max_host and max_checks scan performance parameters have been moved from scan configs to tasks. openvas-manager 3.0+beta3 (2011-06-24) This is the third beta version of the upcoming 3.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. This release resolves several minor issues discovered after the release of OpenVAS Manager 3.0+beta2 and adds support for delta reports. For details, please refer to the list of changes below. Many thanks to everyone who has contributed to this release: Henri Doreau, Stephan Kleine, Matthew Mundell and Michael Wiegand. Main changes since 3.0+beta2: * Support for delta reports has been added. * An issue which caused meta data for NVTs in the "Credentials" family to be not present in the database has been fixed. * A number of compiler warnings discovered by Stephan Kleine have been addressed. * A race condition which caused empty reports from the slave when running in master-slave mode under certain conditions has been fixed. * Scan start and end times are now set for imported reports. openvas-manager 3.0+beta2 (2011-05-19) This is the second beta version of the upcoming 3.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. This release resolves several minor issues discovered after the release of OpenVAS Manager 3.0+beta1. For details, please refer to the list of changes below. Many thanks to everyone who has contributed to this release: Matthew Mundell and Michael Wiegand. Main changes since 3.0+beta1: * An issue which caused the import of very large reports to fail under certain circumstances has been fixed. * An issue which caused the date of the scan end to be missing from scans if they were associated with an escalator created with an early Manager version has been fixed. * The handling of long host lists has been improved. openvas-manager 3.0+beta1 (2011-03-02) This is the first beta version of the upcoming 3.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. This release introduces a number of new features. For details, please refer to the list of changes below. Many thanks to everyone who has contributed to this release: Stephan, Kleine, Matthew Mundell, Michael Wiegand and Felix Wolfsteller. Main changes since 2.0 series: * New feature: Trashcan. It is now possible to place objects in a trashcan instead of deleting them directly. * Support for Host Details reported by OpenVAS Scanner has been added. * Support for container task (imported reports) has been added. * Support for specifying an SSH port for Local Security Checks has been added. * Security: Enforces strict permissions on sensitive OpenVAS Manager files. * Security: Drop privileges before executing report format plugins if running with elevated privileges. * Security: Ensures report formats are trusted before executing them. * Support for escalating result to a Sourcefire Defense Center has been added. * Support for using an SSH key pair for SSH authentication has been added. * The mail addresses supplied for an email escalator are now used in the correct order. openvas-manager 2.0.2 (2011-03-02) This is the second maintenance release of the openvas-manager 2.0 module for the Open Vulnerability Assessment System release 4 (OpenVAS-4). The OpenVAS Manager is the central management service between the actual security scanner and various user clients. This release closes a number of memory and resource leaks discovered after the release of OpenVAS Manager 2.0.1, fixes the host count calculation and fixes an issue which occurred when upgrading very old installations. Many thanks to everyone who has contributed to this release: Matthew Mundell, Michael Wiegand and Felix Wolfsteller. Main changes since 2.0.1: * The test infrastructure has been updated. * A bug which caused the host count to be calculated incorrectly under certain circumstances has been fixed. * A number of memory and resource leaks discovered by Felix Wolfsteller have been closed. * A bug which caused database migration to fail when upgrading very old installations has been fixed. openvas-manager 2.0.1 (2011-02-18) This is the first maintenance release of the openvas-manager 2.0 module for the Open Vulnerability Assessment System release 4 (OpenVAS-4). The OpenVAS Manager is the central management service between the actual security scanner and various user clients. This release adds support for fallback system reports, changes the default value of the "unscanned_closed" preference to "yes" for predefined configurations and fixes an issue with signature verification in the manager. It also contains improvements to report format signature infrastructure and fixes an issue with the host name validation. Many thanks to everyone who has contributed to this release: Stephan Kleine, Matthew Mundell and Michael Wiegand. Main changes since 2.0.0: * Support for fallback system reports has been added in case where a full system report is unavailable. * The expected location for signatures has been updated to match the FHS related changes in OpenVAS Scanner. * The "unscanned_closed" preference now defaults to "yes" for predefined configs. * The report format signature infrastructure has been improved. * A bug which caused valid host names to be reject under certain circumstances has been fixed. openvas-manager 2.0.0 (2011-02-08) This is the first release of the openvas-manager 2.0 module for the Open Vulnerability Assessment System release 4 (OpenVAS-4). The OpenVAS Manager is the central management service between the actual security scanner and various user clients. OpenVAS Manager 2.0 represents a significantly advanced feature set. Most notable is the new plugin-based report format framework which allows to produce arbitrary scan reports (text, graphs, maps, connectors etc.). The new master-slave mode allow to network multiple Manager instances. The whole functionality is available via the extended protocol: OMP 2.0. Many thanks to everyone who has contributed to this release: Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller. Main changes since 1.0.x: * Report Format plugin framework. All previous reporting features were converted to plugins. The XML representation of a report is now the base for any plugin and thus consistency of reports is improved. Report Format Plugins can be set active so that they appear in the selection lists. Selections can consider content types so that for example only the plugins with content type "text" are offered as email body. It is possible to use parameters for the plugins so the user can adjust the behaviour of the Report Format to the individual preferences or needs. A verification method allows to distribute signatures for valid plugins via the NVT Feed. * New default Report Format: TXT for simple text. * New default Report Format: LaTeX for LaTeX source. * New sample Report Format: Simple Bar Chart. Demonstrates how to use Gnuplot for graphical reports. * New sample Report Format: Simple Topo Plot. Demonstrates how to use Graphviz for graphical reports. * New sample Report Format: Simple Pie Chart. Demonstrates how to use PyChart for graphical reports. * New sample Report Format: Simple Map Plot. Demonstrates how to use MapServer and GDAL for graphical reports. * New sample Report Format: Sourcefire Host Input. Demonstrates that Report Formats can be used to build connectors. * Master-Slave feature. Any OpenVAS Manager can use one or many other OpenVAS Manager as slave to run scans. The whole scan task is transferred to the slave, results are continuously reported to the Master during scan process. After the scan is finished all data are removed from the slave. The master can also retrieve system reports from the slave and thus can collect the performance overview for all configured slaves. * New Escalator: HTTP GET. This allows for example to access text message (SMS) gateways or ticket management systems. * Extended Escalator: For email escalation it is now possible to select from configured Report Formats to be included in the email body. * Agents: A verification method was added. This allows to distribute signatures for valid agents via the NVT Feed. * Credentials: Can now be edited. This allows to change the login name or password without the need to create a new scan configuration. * Credentials: Auto-generated installer packages are now created on the fly. If the generators are improved, it is now easy to create an updated package for already existing credentials. * Credentials: Credentials for SMB and SSH are now separated. * OMP self-documentation: Part of the Managers' XML-based communication protocol OMP 2.0 is to deliver the full specification and documentation of the protocol itself (command "HELP"). It can be retrieved as XML-, RNC- or HTML representation. * Targets: Various opportunities have been added to specify and combine IP ranges and ports. * Tasks: The task overview is delivered much faster now. * Reports: The report filtering is much faster now. * Hardening flags are now enabled during compile time to increase code quality. * Compliance with the GNU Coding Standards and the Filesystem Hierarchy Standard has been improved. * A security-relevant bug has been fixed regarding email escalation methods. Configured OpenVAS users were able to damage installation and/or gain higher privileges. Main changes since 2.0+rc4: * The logging behaviour when started with --verbose has been improved. * The w3af NVT is no longer part of the Full and fast default scan config. * The build environment has been cleaned up. openvas-manager 2.0+rc4 (2011-02-04) This is the fourth release candidate for the upcoming 2.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. Release 2.0 is part of OpenVAS 4, the next generation of the Open Vulnerability Assessment System. It fixes an issue in override creation and feature an improved documentation and build environment and is now compliant to the Filesystem Hierarchy Standard (FHS), version 2.3. Many thanks to everyone who has contributed to this release: Matthew Mundell, Jan-Oliver Wagner and Michael Wiegand. Main changes since 2.0+rc2: * Documentation has been updated. * OpenVAS Manager now uses pkg-config to find required libraries. * An issue which caused the creation of overrides to fail under some circumstances has been fixed. * The installation is now compliant with Filesystem Hierarchy Standard (FHS 2.3). openvas-manager 2.0+rc3 (2011-01-21) This is the third release candidate for the upcoming 2.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. Release 2.0 is part of OpenVAS 4, the next generation of the Open Vulnerability Assessment System. It fixes a serious security bug and it is highly recommended to update any installation of OpenVAS Manager 2.0 with this release. It also fixes a database migration issue and introduces a better setting for the default logging. Many thanks to everyone who has contributed to this release: Matthew Mundell, Jan-Oliver Wagner and Michael Wiegand. Main changes since 2.0+rc2: * A security-relevant bug has been fixed regarding email escalation methods. Configured OpenVAS users were able to damage installation and/or gain higher privileges. * An issue which caused database migration to fail under certain circumstances has been fixed. * The default log level has been reduced to warning to prevent the logging of potentially sensitive information in the default configuration. openvas-manager 2.0+rc2 (2011-01-10) This is the second release candidate for the upcoming 2.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. Release 2.0 is part of OpenVAS 4, the next generation of the Open Vulnerability Assessment System. This release features updated protocol documentation, masks passwords when LSC package creation commands are logged and makes the output of --version compliant with the GNU Coding Standards. Many thanks to everyone who has contributed to this release: Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller. Main changes since 2.0+rc1: * The protocol documentation has been brought up to date. * The output of --version now complies with the GNU Coding Standards. * Passwords are now masked when loggings LSC package creation commands. openvas-manager 2.0+rc1 (2010-12-21) This is the first release candidate for the upcoming 2.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. Release 2.0 is part of OpenVAS 4, the next generation of the Open Vulnerability Assessment System. This release adds support for separate SMB and SSH credentials, for setting per-target port ranges and for retrieving the total number of results matching an applied filter. Many thanks to everyone who has contributed to this release: Matthew Mundell and Michael Wiegand. Main changes since 2.0+beta3: * The protocol documentation has been improved. * Target credentials for SMB and SSH are now separated. * Support for setting the port range for a target has been added. * Hardening flags are now enabled during compile time to increase code quality. * Support for retrieving the total number of results matching an applied filter has been added. openvas-manager 2.0+beta3 (2010-12-10) This is the third beta version of the upcoming 2.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. Release 2.0 is part of OpenVAS 4, the next generation of the Open Vulnerability Assessment System. This release includes further improvements to the protocol self-documentation and fixes two issues regarding internal links in PDF reports and downloads of LSC credential packages. It also enables NTLMSSP support for NVTs by default to improve LSC behaviour for Microsoft Windows, makes escalator messages more informational and LaTeX and PDF reports more consistent with other report formats. Many thanks to everyone who has contributed to this release: Matthew Mundell and Michael Wiegand. Main changes since 2.0+beta2: * The protocol self-documentation has been improved. * NTLMSSP is now enabled by default. * Escalator message now include more information. * The LaTeX and PDF reports have been made more consistent with the other report formats. * An issue which caused internal links in the PDF report to link to wrong results under certain circumstances has been fixed. * An issue which caused some existing LSC credential packages to be empty on subsequent downloads under certain circumstances has been fixed. openvas-manager 2.0+beta2 (2010-12-01) This is the second beta version of the upcoming 2.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. Release 2.0 is part of OpenVAS 4, the next generation of the Open Vulnerability Assessment System. This release includes a fix for incorrect counting in the ports overview and features an improved protocol self-documentation, an improved logging infrastructure and a speed up for LaTeX and PDF report generation. Many thanks to everyone who has contributed to this release: Matthew Mundell and Michael Wiegand. Main changes since 2.0+beta2: * The protocol self-documentation has been improved. * A number of superfluous log messages has been downgraded or removed. * A bug which caused issues to be counted incorrectly in the ports overview has been fixed. * The generation of PDF and LaTeX reports is now faster. openvas-manager 2.0+beta1 (2010-11-19) This is the first beta version of the upcoming 2.0 release of the OpenVAS Manager. It is the central management service between the actual security scanner and various user clients. Release 2.0 is part of OpenVAS 4, the next generation of the Open Vulnerability Assessment System. OpenVAS Manager 2.0 represents a significantly advanced feature set. Most notable is the new plugin-based report format framework which allows to produce arbitrary scan reports (text, graphs, maps, connectors etc). The new master-slave mode allow to network multiple Manager instances. The whole functionality is available via the extended protocol: OMP 2.0. Many thanks to everyone who has contributed to this release: Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller. Central new features of OpenVAS Manager 2.0: * Report Format plugin framework. All previous reporting features were converted to plugins. The XML representation of a report is now the base for any plugin and thus consistency of reports is improved. Report Format Plugins can be set active so that they appear in the selection lists. Selections can consider content types so that for example only the plugins with content type "text" are offered as Email body. It is possible to use parameters for the plugins so the user can adjust the behaviour of the Report Format to the individual preferences or needs. A verification method allows to distribute signatures for valid plugins via the NVT Feed. * New default Report Format: TXT for simple text. * New default Report Format: LaTeX for LaTeX source. * New sample Report Format: Simple Bar Chart. Demonstrates how to use Gnuplot for graphical reports. * New sample Report Format: Simple Topo Plot. Demonstrates how to use Graphviz for graphical reports. * New sample Report Format: Simple Pie Chart. Demonstrates how to use PyChart for graphical reports. * New sample Report Format: Simple Map Plot. Demonstrates how to use MapServer and GDAL for graphical reports. * New sample Report Format: Sourcefire Host Input. Demonstrates that Report Formats can be used to build connectors. * Master-Slave feature. Any OpenVAS Manager can use one or many other OpenVAS Manager as slave to run scans. The whole scan task is transferred to the slave, results are continuously reported to the Master during scan process. After the scan is finished all data are removed from the slave. The master can also retrieve system reports from the slave and thus can collect the performance overview for all configured slaves. * New Escalator: HTTP GET. This allows for example to access text message (SMS) gateways or ticket management systems. * Extended Escalator: For EMail escalation it is now possible to select from configured Report Formats to be included in the Email body. * Agents: A verification method was added. This allows to distribute signatures for valid agents via the NVT Feed. * Credentials: Can now be edited. This allows to change the login name or password without the need to create a new scan configuration. * Credentials: Auto-generated installer packages are now created on the fly. If the generators are improved, it is now easy to create an updated package for already existing credentials. * OMP self-documentation: Part of the Managers' XML-based communication protocol OMP 2.0 is to deliver the full specification and documentation of the protocol itself (command "HELP"). It can be retrieved as XML-, RNC- or HTML representation. * Targets: Various opportunities have been added to specify and combine IP ranges. * Tasks: The task overview is delivered much faster now. * Reports: The report filtering is much faster now. openvas-manager 1.0.0 (2010-07-29) This is the 1.0.0 release of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS). OpenVAS Manager 1.0 represents almost 2 years of intensive work. The mission of OpenVAS Manager is to offer powerful and comfortable vulnerability management on top of the actual vulnerability scanner, OpenVAS Scanner 3.1. The OpenVAS Manager is a layer between the OpenVAS Scanner and various client applications. The upcoming clients cover web, desktop and command line technology and will replace the classic OpenVAS Client. Central features of OpenVAS Manager are: * New XML-based protocol OMP (OpenVAS Management Protocol) which client tools use to control scans, results, etc. * SQL database where configurations, scan results etc. are stored. Thus, clients do not need to keep local storage anymore. * Full control of scan processes. This includes multiple concurrent scans as well as stopping, pausing, resuming and not at least the scheduling of scans. * Management of scan notes, false positives and result escalators (notification on finished scans). OpenVAS Manager is Free Software (Open Source), licensed under GNU General Public License Version 2 or any later version. The first compatible client application to be released will be the web client GSA (Greenbone Security Assistant), approximately next week. Beta- and alpha versions of various clients are already available for download. The OpenVAS development team offers support for any efforts to create binary packages for the various Linux distributions in order have this new server readily available for users as soon as possible. Please use our openvas-distro mailing list for this purpose. Many thanks to everyone who has contributed to this release since 1.0.0.rc1: Stephan Kleine, Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller. Main changes since 1.0.0.rc1: * A number of build issues has been addressed. * The code documentation has been updated. * Code cleanup: Internal error handling has been made more consistent. * A potential ressource leak identified by static analysis has been fixed. * A bug which caused NVT preferences to be displayed incorrectly has been fixed. openvas-manager 1.0.0.rc1 (2010-07-15) This is the first release candidate of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS) leading up to the upcoming openvas-manager 1.0. Many thanks to everyone who has contributed to this release: Matthew Mundell, Michael Wiegand and Felix Wolfsteller. Main changes since 1.0.0-beta7: * Code cleanup: Internal resource management has been improved to use UUIDs in more places. * Support for agents has been improved. * Support for external target sources has been added. * A bug which caused PDF exports to fail if the NVT description contained certain characters has been fixed. * A bug which caused hosts in the scan result to be sorted incorrectly under certain circumstances has been fixed. * Support for defining threat overrides has been added. * Some OMP commands have been renamed and adjusted to make the protocol more concise and useful. * Support for event logging has been added. * Support for syslog escalators has been added. * The documentation has been updated. openvas-manager 1.0.0-beta7 (2010-05-28) This is the seventh beta release of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS) leading up to the upcoming openvas-manager 1.0. IMPORTANT: Since version 1.0.0-beta6, the manager uses certificate based authentication to authenticate against an openvas-scanner. Please do read the INSTALL file provided with openvas-manager and make sure you have openvas-scanner 3.0.2 or higher before installing this manager version! Many thanks to everyone who has contributed to this release: Stephan Kleine, Matthew Mundell, Michael Wiegand and Felix Wolfsteller. Main changes since 1.0.0-beta6: * A large amount of code which was present in both openvas-manager and openvas-administrator has been moved to openvas-libraries. * An issue that caused started tasks to remain in the "Requested" stage indefinitely has been fixed. * An issue that caused incorrect values of the scan progress under certain conditions has been fixed. * A new escalator condition has been add: Threat Level Changed. * Open ports are now included in scan reports even if no vulnerability was detected on that port. * Support for CVSS scores and Risk Factors has been improved. * Support for excluding host without any results from the report has been added. openvas-manager 1.0.0-beta6 (2010-04-15) This is the sixth beta release of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS) leading up to the upcoming openvas-manager 1.0. IMPORTANT: The manager now uses certificate based authentication to authenticate against an openvas-scanner. Please do read the INSTALL file provided with openvas-manager and make sure you have openvas-scanner 3.0.2 or higher before installing this manager version! Many thanks to everyone who has contributed to this release: Hartmut Goebel, Stephan Kleine, Matthew Mundell, Joseph Sokol-Margolis, Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller. Main changes since 1.0.0-beta5: * A bug which caused incorrect NVT counts in the scan config under certain circumstances has been fixed. * The manager now uses certificate based authentication. * Support for resuming stopped tasks has been added. * Support for task scheduling has been added. * The openvasmd binary will now install into /usr/sbin instead of /usr/bin. openvas-manager 1.0.0-beta5 (2010-03-04) This is the fifth beta release of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS) leading up to the upcoming openvas-manager 1.0. Many thanks to everyone who has contributed to this release: Stephan Kleine, Matthew Mundell and Felix Wolfsteller. Main changes since 1.0.0-beta4: * More internal data structures are now identified by UUID and not by name. * Several build issues have been fixed. * Note management has been introduced. * Support for handling ITG and CPE reports has been added. * OTP forwarding is now disabled by default. openvas-manager 1.0.0-beta4 (2010-02-08) This is the fourth beta release of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS) leading up to the upcoming openvas-manager 1.0. Many thanks to everyone who has contributed to this release: Stephan Kleine and Matthew Mundell. Main changes since 1.0.0-beta3: * More internal data structures are now identified by UUID and not by name. * A bug which prevented PDF reports to be generated from certain results due to unescaped LaTeX characters has been fixed. * A number of formatting and casting issues found by Stephan Kleine have been fixed. * The man page has been updated. openvas-manager 1.0.0-beta3 (2010-02-05) This is the third beta release of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS) leading up to the upcoming openvas-manager 1.0. Many thanks to everyone who has contributed to this release: Matthew Mundell and Felix Wolfsteller. Main changes since 1.0.0-beta2: * Nmap is now the default port scanner for predefined configurations. * The man page has been updated. * LSC credential management has been improved. * A number of internal data structures are now identified by UUID and not by name. * The manager now converts all input from the scanner to UTF-8. * The encoding of the LaTeX report has been switch to UTF-8. * A bug that caused some settings to be ignored during scan configuration import has been fixed. openvas-manager 1.0.0-beta2 (2010-01-26) This is the second beta release of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS) leading up to the upcoming openvas-manager 1.0. Many thanks to everyone who has contributed to this release: Matthew Mundell and Felix Wolfsteller. Main changes since 1.0.0-beta1: * Deleting of active reports is prevented. * Introduced ownership for all objects. This makes objects (like a "target") not appear for other users anymore. * Improved ISO-8859-1 to UTF-8 conversion hacks. * Allowed "\" for login names (important for windows) * Send users host restrictions ("rules") via OTP when starting a scan. * Activated NSIS package generator for credentials management. * Filter out potentials passwords from logging. * Introduced UUIDs for users. * Improved PDF report generator. openvas-manager 1.0.0-beta1 (2010-01-12) This is the first beta release of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS) leading up to the upcoming openvas-manager 1.0. Many thanks to everyone who has contributed to this release: Matthew Mundell, Felix Wolfsteller and Michael Wiegand. Main changes since 0.9.8: * Agent support has been improved. * Escalation support has been added. * A bug in PDF generation which could cause the manager to stay in an infinite loop under certain conditions has been fixed. * Support for exporting scan configurations has been added. * Support for performance monitoring has been added. * An issue which could cause some preferences not to be sent to the scanner has been fixed. * Initial searching support has been added. openvas-manager 0.9.8 (2009-12-21) This is the fourteenth development release of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS). Many thanks to everyone who has contributed to this release: Matthew Mundell, Jan-Oliver Wagner, Felix Wolfsteller and Michael Wiegand. Main changes since 0.9.7: * Database performance has been improved. * Credential management has been improved. * Initial agent support has been added. * Support for cross-referencing in tasks, configs and targets has been added. openvas-manager 0.9.7 (2009-12-08) This is the thirteenth development release of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS). Many thanks to everyone who has contributed to this release: Michael Wiegand and Tim Brown. Main changes since 0.9.6: * A bug which caused the number of selected NVTs within a family to be wrongly calculated under certain circumstances has been fixed. openvas-manager 0.9.6 (2009-12-01) This is the twelfth development release of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS). Many thanks to everyone who has contributed to this release: Matthew Mundell and Felix Wolfsteller. Main changes since 0.9.5: * Support for empty scan config templates has been added. openvas-manager 0.9.5 (2009-11-30) This is the eleventh development release of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS). Many thanks to everyone who has contributed to this release: Matthew Mundell and Felix Wolfsteller. Main changes since 0.9.4: * Server preference handling has been improved. * The build environment has been made more robust. * Support for per-NVT timeouts has been added. * The database upgrade has been made more flexible. * The library used for UUID generation has been changed to a more widely available library. * Updating of the internal cache has been improved. * The layout of the PDF reports has been improved. * An issue with long task start times has been fixed. * Cache management has been improved. openvas-manager 0.9.4 (2009-11-23) This is the tenth development release of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS). Many thanks to everyone who has contributed to this release: Matthew Mundell and Felix Wolfsteller. Main changes since 0.9.3: * The layout of the PDF reports has been improved. * A bug which broke DB migration under certain circumstances has been fixed. * Support for NVT family retrieval and configuration management has been introduced. * Cache management has been improved. openvas-manager 0.9.3 (2009-11-09) This is the ninth development release of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS). Many thanks to everyone who has contributed to this release: Matthew Mundell, Felix Wolfsteller and Michael Wiegand. Main changes since 0.9.2: * Database handling and migration has been improved. * Code cleanup. * NVT selection based on the family attributed has been introduced. * Sorting parameters have been added to most data retrieval commands. * Support for retrieving NVT preferences has been introduced. * The NBE output has been harmonized with the NBE output of openvas-client. * Support for filtering results has been added. * The layout of the LaTeX reports has been improved. * The layout of the PDF reports has been improved. openvas-manager 0.9.2 (2009-10-26) This is the eigth development release of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS). Many thanks to everyone who has contributed to this release: Tim Brown, Matthew Mundell, Felix Wolfsteller, Jan-Oliver Wagner and Michael Wiegand. Main changes since 0.9.1: * Improved preference caching. * Support for migrating old openvas-manager databases has been added. * Pidfile management has been refactored. * LSC support has been improved. * The layout of the LaTeX reports has been improved. * Many more fixes and improvements. openvas-manager 0.9.1 (2009-10-19) This is the seventh development release of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS). Many thanks to everyone who has contributed to this release: Tim Brown, Matthew Mundell, Felix Wolfsteller, Jan-Oliver Wagner and Michael Wiegand. Main changes since 0.9.0: * NVT preferences are now cached in the database. * Support for storing and sending files has been added. * Parsing of the NVT category has been fixed. * Premature pidfile deletion has been fixed. * The START_TASK response now contains the id of the report for this scan. * Many more fixes and improvements. openvas-manager 0.9.0 (2009-09-30) This is the sixth development release of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS). Many thanks to everyone who has contributed to this release: Mattew Mundell, Felix Wolfsteller and Jan-Oliver Wagner. Main changes since 0.8.1: * Moved OMP library to openvas-libraries * openvas-libraries >= 3.0 now required * Add support of OMP commands CREATE_LSC_CREDENTIAL, DELETE_LSC_CREDENTIAL and GET_LSC_CREDENTIALS. * Many fixes and improvements openvas-manager 0.8.1 (2009-09-14) This is a maintenance release of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS). It contains a number of small improvements and bugfixes. openvas-manager 0.7.0 (2009-08-21) This is a maintenance release of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS). It contains considerable changes and vastly improved functionality. openvas-manager 0.6.1 (2009-06-22) This is a maintenance release of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS). It contains a few minor changes to improve compatibility with the Debian packaging system and other OpenVAS modules. openvas-manager 0.6.0 (2009-06-18) This is the second public release of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS). It offers improved support for the new OpenVAS Management Protocol (OMP) and new and improved functionality. The following areas have been added or significantly improved: - User authentication - Task ID assignment (UUIDs) - Retrieving checksums of the NVT collection - NVT information retrieval - Certificate handling In addition, the protocol implementation has been updated to match the specification more closely. openvas-manager 0.5.0 (2009-05-08) This is the first public release of the openvas-manager module for the Open Vulnerability Assessment System (OpenVAS). The OpenVAS Manager aims to be a layer between OpenVAS-Client and the actual OpenVAS Server. Basically it should be responsible for any tasks where no high system privileges are required. This module is in an early development stage and not yet intended for production use. It is not mandatory to have OpenVAS Manager for using OpenVAS 1.0 or 2.0. Usage example: If openvasd is running on port 7772, the following command starts the manager on port 1241. The client can then connect to port 1241 as though it was connecting to openvasd. # openvasmd --port 1241 --sport 7772 More information about the command line arguments can be obtained using: # openvasmd --help gvm-7.0.3/CMakeLists.txt000066400000000000000000000741721325714266200150750ustar00rootroot00000000000000# OpenVAS # $Id$ # Description: Top-level cmake control for the Manager. # # Authors: # Matthew Mundell # Timo Pollmeier # # Copyright: # Copyright (C) 2009-2016 Greenbone Networks GmbH # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. message ("-- Configuring the Manager...") project (openvas-manager C) cmake_minimum_required (VERSION 2.8) if (POLICY CMP0005) cmake_policy (SET CMP0005 OLD) endif (POLICY CMP0005) SET(CMAKE_MODULE_PATH ${PROJECT_SOURCE_DIR}/cmake) include (FindPkgConfig) if (NOT CMAKE_BUILD_TYPE) set (CMAKE_BUILD_TYPE Debug) endif (NOT CMAKE_BUILD_TYPE) if (NOT BACKEND STREQUAL POSTGRESQL) set (BACKEND SQLITE3) endif (NOT BACKEND STREQUAL POSTGRESQL) ## Retrieve git revision (at configure time) include (GetGit) if (NOT CMAKE_BUILD_TYPE MATCHES "Release") if (EXISTS "${CMAKE_SOURCE_DIR}/.git/") if (GIT_EXECUTABLE) Git_GET_REVISION(. ProjectRevision) set (GIT_REVISION "~git-${ProjectRevision}") endif (GIT_EXECUTABLE) endif (EXISTS "${CMAKE_SOURCE_DIR}/.git/") endif (NOT CMAKE_BUILD_TYPE MATCHES "Release") ## Project version # The following three variables should be set through the project command once # we require CMake >= 3.0 set (PROJECT_VERSION_MAJOR 7) set (PROJECT_VERSION_MINOR 0) set (PROJECT_VERSION_PATCH 3) # Set beta version if this is a beta release series, # unset if this is a stable release series. #set (PROJECT_BETA_RELEASE 1) if (GIT_REVISION) set (PROJECT_VERSION_GIT "${GIT_REVISION}") else (GIT_REVISION) set (PROJECT_VERSION_GIT "~git") endif (GIT_REVISION) # If PROJECT_BETA_RELEASE is set, the version string will be set to: # "major.minor+beta${PROJECT_BETA_RELEASE}" # If PROJECT_BETA_RELEASE is NOT set, the version string will be set to: # "major.minor.patch" if (PROJECT_BETA_RELEASE) set (PROJECT_VERSION_SUFFIX "+beta${PROJECT_BETA_RELEASE}") else (PROJECT_BETA_RELEASE) set (PROJECT_VERSION_SUFFIX ".${PROJECT_VERSION_PATCH}") endif (PROJECT_BETA_RELEASE) set (PROJECT_VERSION_STRING "${PROJECT_VERSION_MAJOR}.${PROJECT_VERSION_MINOR}${PROJECT_VERSION_SUFFIX}") ## CPack configuration set (CPACK_CMAKE_GENERATOR "Unix Makefiles") set (CPACK_GENERATOR "TGZ") set (CPACK_INSTALL_CMAKE_PROJECTS ".;openvas-manager;ALL;/") set (CPACK_MODULE_PATH "") set (CPACK_RESOURCE_FILE_LICENSE "${CMAKE_SOURCE_DIR}/COPYING") set (CPACK_RESOURCE_FILE_README "${CMAKE_SOURCE_DIR}/README") set (CPACK_RESOURCE_FILE_WELCOME "${CMAKE_SOURCE_DIR}/README") set (CPACK_SOURCE_GENERATOR "TGZ") set (CPACK_SOURCE_TOPLEVEL_TAG "") set (CPACK_SYSTEM_NAME "") set (CPACK_TOPLEVEL_TAG "") set (CPACK_PACKAGE_VERSION "${PROJECT_VERSION_STRING}${PROJECT_VERSION_GIT}") set (CPACK_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") set (CPACK_SOURCE_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") set (CPACK_PACKAGE_VENDOR "The OpenVAS Project") set (CPACK_SOURCE_IGNORE_FILES "${CMAKE_BINARY_DIR}" "/.git/" "swp$" ) include (CPack) ## Variables set (OPENVASMD_DATABASE_VERSION 184) set (OPENVASMD_SCAP_DATABASE_VERSION 15) set (OPENVASMD_CERT_DATABASE_VERSION 6) set (OMP_VERSION "7.0") if (SYSCONF_INSTALL_DIR) set (SYSCONFDIR "${SYSCONF_INSTALL_DIR}") endif (SYSCONF_INSTALL_DIR) if (NOT SYSCONFDIR) set (SYSCONFDIR "${CMAKE_INSTALL_PREFIX}/etc") endif (NOT SYSCONFDIR) if (NOT EXEC_PREFIX) set (EXEC_PREFIX "${CMAKE_INSTALL_PREFIX}") endif (NOT EXEC_PREFIX) if (NOT BINDIR) set (BINDIR "${EXEC_PREFIX}/bin") endif (NOT BINDIR) if (NOT SBINDIR) set (SBINDIR "${EXEC_PREFIX}/sbin") endif (NOT SBINDIR) if (NOT LIBDIR) set (LIBDIR "${EXEC_PREFIX}/lib") endif (NOT LIBDIR) if (NOT LOCALSTATEDIR) set (LOCALSTATEDIR "${CMAKE_INSTALL_PREFIX}/var") endif (NOT LOCALSTATEDIR) if (NOT DATADIR) set (DATADIR "${CMAKE_INSTALL_PREFIX}/share") endif (NOT DATADIR) if (NOT INCLUDEDIR) set (INCLUDEDIR "${CMAKE_INSTALL_PREFIX}/include") endif (NOT INCLUDEDIR) # The maximum number of seconds the SQLite backend will sleep # before retrying an SQL operation that is getting a busy response. # # 0 means to not sleep at all, and let the db/libsqlite do its own thing. # if (NOT DEFINED OPENVAS_SQLITE_SLEEP_MAX) set (OPENVAS_SQLITE_SLEEP_MAX 0) endif (NOT DEFINED OPENVAS_SQLITE_SLEEP_MAX) #if (NOT SYSCONFDIR) # set (SYSCONFDIR "${CMAKE_INSTALL_PREFIX}/etc") #endif (NOT SYSCONFDIR) set (OPENVAS_DATA_DIR "${DATADIR}/openvas") set (OPENVAS_STATE_DIR "${LOCALSTATEDIR}/lib/openvas") set (OPENVAS_LOG_DIR "${LOCALSTATEDIR}/log/openvas") set (OPENVAS_SYSCONF_DIR "${SYSCONFDIR}/openvas") set (OPENVAS_SCAP_RES_DIR "${OPENVAS_DATA_DIR}/scap") set (OPENVAS_CERT_RES_DIR "${OPENVAS_DATA_DIR}/cert") set (OPENVASMD_STATE_DIR "${OPENVAS_STATE_DIR}/openvasmd") set (OPENVAS_CA_DIR "${OPENVASMD_STATE_DIR}/trusted_certs") set (OPENVAS_LIB_INSTALL_DIR "${LIBDIR}") set (OPENVAS_SCANNER_CERTIFICATE "${OPENVAS_STATE_DIR}/CA/servercert.pem") set (OPENVAS_SCANNER_KEY "${OPENVAS_STATE_DIR}/private/CA/serverkey.pem") set (OPENVAS_CLIENT_CERTIFICATE "${OPENVAS_STATE_DIR}/CA/clientcert.pem") set (OPENVAS_CLIENT_KEY "${OPENVAS_STATE_DIR}/private/CA/clientkey.pem") set (OPENVAS_CA_CERTIFICATE "${OPENVAS_STATE_DIR}/CA/cacert.pem") if (NOT OPENVAS_RUN_DIR) set (OPENVAS_RUN_DIR "${LOCALSTATEDIR}/run") endif (NOT OPENVAS_RUN_DIR) if (NOT OPENVAS_NVT_DIR) set (OPENVAS_NVT_DIR "${OPENVAS_STATE_DIR}/plugins/") endif (NOT OPENVAS_NVT_DIR) if (NOT OPENVAS_CERT_DATA_DIR) set (OPENVAS_CERT_DATA_DIR "${OPENVAS_STATE_DIR}/cert-data") endif (NOT OPENVAS_CERT_DATA_DIR) if (NOT OPENVAS_SCAP_DATA_DIR) set (OPENVAS_SCAP_DATA_DIR "${OPENVAS_STATE_DIR}/scap-data") endif (NOT OPENVAS_SCAP_DATA_DIR) # System username to use when dropping privileges if (NOT OPENVAS_DEFAULT_DROP_USER) set (OPENVAS_DEFAULT_DROP_USER "") endif (NOT OPENVAS_DEFAULT_DROP_USER) message ("-- Install prefix: ${CMAKE_INSTALL_PREFIX}") ## Dependency checks ## ## TODO Also check for headers where needed. ## Improve for workflow: First collect list of missing libs, then print the ## list and throw an error, otherwise long install-cmake-install-cmake cycles ## might occur. pkg_check_modules (LIBOPENVAS_OMP REQUIRED libopenvas_omp>=9.0.0) pkg_check_modules (LIBOPENVAS_MISC REQUIRED libopenvas_misc>=9.0.0) pkg_check_modules (LIBOPENVAS_BASE REQUIRED libopenvas_base>=9.0.0) pkg_check_modules (LIBOPENVAS_OSP REQUIRED libopenvas_osp>=9.0.0) pkg_check_modules (GNUTLS REQUIRED gnutls>=3.2.15) pkg_check_modules (GLIB REQUIRED glib-2.0>=2.32) if (BACKEND STREQUAL SQLITE3) pkg_check_modules (SQLITE3 REQUIRED sqlite3) else (BACKEND STREQUAL SQLITE3) message (STATUS "Looking for PostgreSQL...") find_program (PG_CONFIG_EXECUTABLE pg_config DOC "pg_config") execute_process (COMMAND ${PG_CONFIG_EXECUTABLE} --includedir-server OUTPUT_VARIABLE PostgreSQL_SERVER_INCLUDE_DIRS OUTPUT_STRIP_TRAILING_WHITESPACE) set(PostgreSQL_ADDITIONAL_SEARCH_PATHS ${PostgreSQL_SERVER_INCLUDE_DIRS}) find_package (PostgreSQL REQUIRED) if (NOT PostgreSQL_FOUND) message (SEND_ERROR "The PostgreSQL library is required.") endif (NOT PostgreSQL_FOUND) endif (BACKEND STREQUAL SQLITE3) message (STATUS "Looking for libgcrypt...") find_library (LIBGCRYPT gcrypt) if (NOT LIBGCRYPT) message (SEND_ERROR "The libgcrypt library is required.") else (NOT LIBGCRYPT) message (STATUS "Looking for libgcrypt... ${LIBGCRYPT}") execute_process (COMMAND libgcrypt-config --cflags OUTPUT_VARIABLE GCRYPT_CFLAGS OUTPUT_STRIP_TRAILING_WHITESPACE) endif (NOT LIBGCRYPT) message (STATUS "Looking for gpgme...") find_library (GPGME gpgme) if (NOT GPGME) message (SEND_ERROR "The gpgme library is required.") else (NOT GPGME) message (STATUS "Looking for gpgme... ${GPGME}") execute_process (COMMAND gpgme-config --cflags OUTPUT_VARIABLE GPGME_CFLAGS OUTPUT_STRIP_TRAILING_WHITESPACE) execute_process (COMMAND gpgme-config --libs OUTPUT_VARIABLE GPGME_LDFLAGS OUTPUT_STRIP_TRAILING_WHITESPACE) endif (NOT GPGME) ## Version set (OPENVASMD_VERSION "${PROJECT_VERSION_STRING}") # Configure Doxyfile with version number configure_file (doc/Doxyfile.in doc/Doxyfile) configure_file (doc/Doxyfile_full.in doc/Doxyfile_full) configure_file (doc/example-openvas-manage-certs.conf.in doc/example-openvas-manage-certs.conf @ONLY) configure_file (VERSION.in VERSION) configure_file (src/openvasmd_log_conf.cmake_in src/openvasmd_log.conf) configure_file (src/schema_formats/XML/OMP.xml.in src/schema_formats/XML/OMP.xml @ONLY) configure_file (tools/greenbone-scapdata-sync.in tools/greenbone-scapdata-sync @ONLY) configure_file (tools/greenbone-certdata-sync.in tools/greenbone-certdata-sync @ONLY) configure_file (tools/openvas-portnames-update.in tools/openvas-portnames-update @ONLY) configure_file (tools/openvas-migrate-to-postgres.in tools/openvas-migrate-to-postgres @ONLY) configure_file (tools/openvas-manage-certs.in tools/openvas-manage-certs @ONLY) ## Program set (HARDENING_FLAGS "-Wformat -Wformat-security -O2 -D_FORTIFY_SOURCE=2 -fstack-protector") set (LINKER_HARDENING_FLAGS "-Wl,-z,relro -Wl,-z,now") set (CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -Werror") set (CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${HARDENING_FLAGS} -Wall -D_BSD_SOURCE -D_ISOC99_SOURCE -D_SVID_SOURCE -D_DEFAULT_SOURCE -D_FILE_OFFSET_BITS=64") add_subdirectory (src) ## Documentation add_subdirectory (doc) ## Install install (CODE "file (MAKE_DIRECTORY \$ENV{DESTDIR}${OPENVAS_DATA_DIR}/openvasmd/report_formats)") install (DIRECTORY DESTINATION ${OPENVASMD_STATE_DIR}) install (FILES ${CMAKE_BINARY_DIR}/src/openvasmd_log.conf ${CMAKE_SOURCE_DIR}/src/pwpolicy.conf DESTINATION ${OPENVAS_SYSCONF_DIR}) # Report formats. install (FILES src/report_formats/Anonymous_XML/report_format.xml DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/5057e5cc-b825-11e4-9d0e-28d24461215b PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/Anonymous_XML/Anonymous_XML.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/5057e5cc-b825-11e4-9d0e-28d24461215b PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/Anonymous_XML/generate DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/5057e5cc-b825-11e4-9d0e-28d24461215b PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/report_formats/ARF/report_format.xml DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/910200ca-dc05-11e1-954f-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/ARF/ARF.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/910200ca-dc05-11e1-954f-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/ARF/generate DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/910200ca-dc05-11e1-954f-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/report_formats/CPE/report_format.xml DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/5ceff8ba-1f62-11e1-ab9f-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/CPE/CPE.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/5ceff8ba-1f62-11e1-ab9f-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/CPE/generate DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/5ceff8ba-1f62-11e1-ab9f-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/report_formats/CSV_Results/report_format.xml DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/c1645568-627a-11e3-a660-406186ea4fc5 PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/CSV_Results/CSV_Results.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/c1645568-627a-11e3-a660-406186ea4fc5 PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/CSV_Results/generate DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/c1645568-627a-11e3-a660-406186ea4fc5 PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/report_formats/CSV_Hosts/report_format.xml DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/9087b18c-626c-11e3-8892-406186ea4fc5 PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/CSV_Hosts/CSV_Hosts.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/9087b18c-626c-11e3-8892-406186ea4fc5 PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/CSV_Hosts/generate DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/9087b18c-626c-11e3-8892-406186ea4fc5 PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/report_formats/HTML/report_format.xml DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/6c248850-1f62-11e1-b082-406186ea4fc5 PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/HTML/HTML.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/6c248850-1f62-11e1-b082-406186ea4fc5 PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/HTML/generate DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/6c248850-1f62-11e1-b082-406186ea4fc5 PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/report_formats/ITG/report_format.xml DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/77bd6c4a-1f62-11e1-abf0-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/ITG/ITG.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/77bd6c4a-1f62-11e1-abf0-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/ITG/generate DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/77bd6c4a-1f62-11e1-abf0-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/report_formats/LaTeX/report_format.xml DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/a684c02c-b531-11e1-bdc2-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/LaTeX/latex.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/a684c02c-b531-11e1-bdc2-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/LaTeX/generate DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/a684c02c-b531-11e1-bdc2-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/report_formats/NBE/report_format.xml DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/9ca6fe72-1f62-11e1-9e7c-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/NBE/NBE.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/9ca6fe72-1f62-11e1-9e7c-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/NBE/generate DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/9ca6fe72-1f62-11e1-9e7c-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/report_formats/LaTeX/latex.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/c402cc3e-b531-11e1-9163-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/PDF/report_format.xml DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/c402cc3e-b531-11e1-9163-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/PDF/generate DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/c402cc3e-b531-11e1-9163-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/report_formats/Topology/report_format.xml DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/9e5e5deb-879e-4ecc-8be6-a71cd0875cdd/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/Topology/hostvisdot-summary.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/9e5e5deb-879e-4ecc-8be6-a71cd0875cdd/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/Topology/generate DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/9e5e5deb-879e-4ecc-8be6-a71cd0875cdd/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/report_formats/TXT/report_format.xml DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/a3810a62-1f62-11e1-9219-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/TXT/TXT.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/a3810a62-1f62-11e1-9219-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/TXT/generate DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/a3810a62-1f62-11e1-9219-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/report_formats/XML/report_format.xml DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/a994b278-1f62-11e1-96ac-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/XML/generate DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/a994b278-1f62-11e1-96ac-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/report_formats/Verinice_ISM/report_format.xml DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/c15ad349-bd8d-457a-880a-c7056532ee15/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/Verinice_ISM/Verinice_ISM.xsl src/report_formats/Verinice_ISM/classification.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/c15ad349-bd8d-457a-880a-c7056532ee15/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/Verinice_ISM/generate DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/c15ad349-bd8d-457a-880a-c7056532ee15/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/report_formats/Verinice_ITG/report_format.xml DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/50c9950a-f326-11e4-800c-28d24461215b/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/Verinice_ITG/Verinice_ITG.xsl src/report_formats/Verinice_ITG/classification-helpers.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/50c9950a-f326-11e4-800c-28d24461215b/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/Verinice_ITG/generate DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/report_formats/50c9950a-f326-11e4-800c-28d24461215b/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) # Schema formats. install (FILES src/schema_formats/RNC/rnc.xsl src/schema_formats/HTML/HTML.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_schema_formats/02052818-dab6-11df-9be4-002264764cea/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/schema_formats/HTML/generate DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_schema_formats/02052818-dab6-11df-9be4-002264764cea/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/schema_formats/RNC/rnc.xsl src/schema_formats/RNC/RNC.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_schema_formats/787a4a18-dabc-11df-9486-002264764cea/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/schema_formats/RNC/generate DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_schema_formats/787a4a18-dabc-11df-9486-002264764cea/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES ${CMAKE_BINARY_DIR}/src/schema_formats/XML/OMP.xml DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_schema_formats/18e826fc-dab6-11df-b913-002264764cea/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/schema_formats/XML/generate DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_schema_formats/18e826fc-dab6-11df-b913-002264764cea/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/schema_formats/XML-brief/OMP.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_schema_formats/d6cf255e-947c-11e1-829a-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/schema_formats/XML-brief/generate DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_schema_formats/d6cf255e-947c-11e1-829a-406186ea4fc5/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) # Alert methods. install (FILES src/alert_methods/SCP/alert DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_alert_methods/2db07698-ec49-11e5-bcff-28d24461215b/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/alert_methods/Send/alert DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_alert_methods/4a398d42-87c0-11e5-a1c0-28d24461215b/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/alert_methods/SMB/alert DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_alert_methods/c427a688-b653-40ab-a9d0-d6ba842a9d63/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/alert_methods/SNMP/alert DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_alert_methods/9d435134-15d3-11e6-bf5c-28d24461215b/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/alert_methods/Sourcefire/alert DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_alert_methods/cd1f5a34-6bdc-11e0-9827-002264764cea/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/alert_methods/TippingPoint/alert DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_alert_methods/5b39c481-9137-4876-b734-263849dd96ce/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/alert_methods/TippingPoint/report-convert.py DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_alert_methods/5b39c481-9137-4876-b734-263849dd96ce/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES src/alert_methods/verinice/alert DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_alert_methods/f9d97653-f89b-41af-9ba1-0f6ee00e9c1a/ PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (CODE "file (MAKE_DIRECTORY \$ENV{DESTDIR}${OPENVAS_DATA_DIR}/openvasmd/wizards)") install (FILES src/wizards/quick_first_scan.xml src/wizards/get_tasks_deep.xml src/wizards/delete_task_deep.xml src/wizards/quick_auth_scan.xml src/wizards/quick_task.xml src/wizards/reset_task.xml src/wizards/modify_task.xml DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/wizards/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES tools/portnames_update.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES tools/cpe_youngerthan.xsl tools/cve_youngerthan.xsl tools/cpe_getbyname.xsl tools/cve_getbyname.xsl tools/oval_timestamp.xsl tools/ovaldef_getbyname.xsl tools/oval_verify.xsl tools/ovaldef_list_ids.xsl DESTINATION ${OPENVAS_SCAP_RES_DIR} PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) if (BACKEND STREQUAL SQLITE3) install (FILES tools/scap_db_init.sql tools/cpe_update.xsl tools/cve_update.xsl tools/oval_update.xsl DESTINATION ${OPENVAS_SCAP_RES_DIR} PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) else (BACKEND STREQUAL SQLITE3) install (FILES tools/scap_db_init_pg.sql RENAME scap_db_init.sql DESTINATION ${OPENVAS_SCAP_RES_DIR} PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES tools/cpe_update_pg.xsl RENAME cpe_update.xsl DESTINATION ${OPENVAS_SCAP_RES_DIR} PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES tools/cve_update_pg.xsl RENAME cve_update.xsl DESTINATION ${OPENVAS_SCAP_RES_DIR} PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES tools/oval_update_pg.xsl RENAME oval_update.xsl DESTINATION ${OPENVAS_SCAP_RES_DIR} PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) endif (BACKEND STREQUAL SQLITE3) install (FILES tools/cert_bund_getbyname.xsl tools/dfn_cert_getbyname.xsl DESTINATION ${OPENVAS_CERT_RES_DIR} PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) if (BACKEND STREQUAL SQLITE3) install (FILES tools/cert_db_init.sql tools/cert_bund_update.xsl tools/dfn_cert_update.xsl DESTINATION ${OPENVAS_CERT_RES_DIR} PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) else (BACKEND STREQUAL SQLITE3) install (FILES tools/cert_db_init_pg.sql RENAME cert_db_init.sql DESTINATION ${OPENVAS_CERT_RES_DIR} PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES tools/cert_bund_update_pg.xsl RENAME cert_bund_update.xsl DESTINATION ${OPENVAS_CERT_RES_DIR} PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES tools/dfn_cert_update_pg.xsl RENAME dfn_cert_update.xsl DESTINATION ${OPENVAS_CERT_RES_DIR} PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) endif (BACKEND STREQUAL SQLITE3) install (FILES ${CMAKE_BINARY_DIR}/tools/openvas-portnames-update DESTINATION ${SBINDIR} PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES ${CMAKE_BINARY_DIR}/tools/greenbone-scapdata-sync DESTINATION ${SBINDIR} PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES ${CMAKE_BINARY_DIR}/tools/greenbone-certdata-sync DESTINATION ${SBINDIR} PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES ${CMAKE_SOURCE_DIR}/tools/openvas-lsc-rpm-creator.sh DESTINATION ${OPENVAS_DATA_DIR} PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES ${CMAKE_BINARY_DIR}/tools/openvas-migrate-to-postgres DESTINATION ${SBINDIR} PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES ${CMAKE_SOURCE_DIR}/tools/extra/xml_split DESTINATION ${OPENVAS_SCAP_RES_DIR} PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) if (BACKEND STREQUAL SQLITE3) install (FILES ${CMAKE_SOURCE_DIR}/tools/database-statistics-sqlite DESTINATION ${SBINDIR} PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) endif (BACKEND STREQUAL SQLITE3) install (FILES ${CMAKE_BINARY_DIR}/tools/openvas-manage-certs DESTINATION ${BINDIR} PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) install (FILES ${CMAKE_SOURCE_DIR}/doc/openvas-manage-certs.1 DESTINATION ${DATADIR}/man/man1 ) install (FILES ${CMAKE_BINARY_DIR}/doc/example-openvas-manage-certs.conf DESTINATION ${DATADIR}/doc/openvas-manager/ ) ## End gvm-7.0.3/COPYING000066400000000000000000000431221325714266200133570ustar00rootroot00000000000000 GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Library General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. , 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Library General Public License instead of this License. gvm-7.0.3/INSTALL000066400000000000000000000454731325714266200133700ustar00rootroot00000000000000INSTALLATION INSTRUCTIONS FOR OPENVAS-MANAGER ============================================= Please note: The reference system used by most of the developers is Debian GNU/Linux 'Jessie' 8. The build might fail on any other systems. Also it is necessary to install dependent development packages. Prerequisites for openvas-manager --------------------------------- Prerequisites: * cmake >= 2.8 * glib-2.0 >= 2.32 * gnutls >= 3.2.15 * libopenvas_base, libopenvas_omp, libopenvas_misc, libopenvas_osp >= 9.0.0 * sqlite3 library or PostgreSQL database * pkg-config Prerequisites for certificate generation: * GnuTLS certtool Prerequisites for building documentation: * Doxygen * xmltoman (optional, for building man page) * sqlfairy (optional, for producing database diagram) Please see the section "Prerequisites for Optional Features" below additional optional prerequisites. Install prerequisites on Debian GNU/Linux 'Jessie' 8: # apt-get install libsqlite3-dev | libpq-dev Compiling openvas-manager ------------------------- If you have installed required libraries to a non-standard location, remember to set the PKG_CONFIG_PATH environment variable to the location of you pkg-config files before configuring: $ export PKG_CONFIG_PATH=/your/location/lib/pkgconfig:$PKG_CONFIG_PATH Create a build directory and change into it with $ mkdir build $ cd build Then configure the build with $ cmake -DCMAKE_INSTALL_PREFIX=/path/to/your/installation .. or (if you want to use the default installation path /usr/local) $ cmake .. This only needs to be done once. Note: It is assumed that the other OpenVAS components are installed to the same path. If not, you need to set some paths separately, see below for details. Thereafter, the following commands are useful. $ make # build the manager $ make doc # build the documentation $ make doc-full # build more developer-oriented documentation $ make install # install the build $ make rebuild_cache # rebuild the cmake cache Choosing the Connection Type ----------------------------- OpenVAS Manager can serve client connections on either a TCP socket or a UNIX domain socket. The default is a UNIX domain socket, at /var/run/openvas/openvasmd.sock This location can be overridden with the --unix-socket option, and the permissions of the socket can be specified with the --list-owner, --listen-group and --listen-mode options. To use a TCP socket, call openvasmd with the --listen option, for example openvasmd --listen=127.0.0.1 Certificate Generation ---------------------- All TCP-based communication with OpenVAS Manager uses the TLS protocol to establish secure connections and for authentication and authorization. This requires the presence of a certificate infrastructure consisting of a certificate authority (CA) and a server and client certificate signed by the CA. OpenVAS Manager uses a client certificate when connecting to a scanner via the OSP protocol. The easiest way to generate this certificate is to use the "openvas-manage-certs" script. A quick way to set up required certificates on the local system is to execute the command "openvas-manage-certs -a". If you intend to use OSP scanners and Manager on separate systems you need to make sure that the mutual trust is properly configured via the TLS certificates. The "openvas-manage-certs" script can assist you in setting up your infrastructure. Please refer to the documentation provided with the script for usage details. If certificates expired or in other ways there is need to update certificates for scanners, please see also section "Updating Scanner Certificates". Choosing the Database Backend ----------------------------- OpenVAS Manager can use either SQLite or PostgreSQL as the database backend. SQLite is the default and as a prerequisite you need to have the sqlite3 library installed. No further configuration is required, the database is created automatically. In order to use PostgreSQL as database backend, follow the instructions given in file doc/postgres-HOWTO. Initializing the Database ------------------------- Now you can initialize the OpenVAS Manager database. You need a running OpenVAS Scanner (openvassd) for this as the Manager will retrieve all NVT details from the Scanner. Run this command if you are using the default ports: $ openvasmd --rebuild This command can be repeated anytime to update the database with updated NVT data, regardless of whether openvasmd already runs as a service in the background or not. Migrating the Database ---------------------- If you have used Manager before, you might need to migrate the database to the current data model. Use this command to run the migration: $ openvasmd --migrate Creating an administrator user for OpenVAS ------------------------------------------ You can create an administrator user with the --create-user option of "openvasmd": $ openvasmd --create-user=myuser The new user's password is printed on success. An administrator user can later create further users or administrators via clients like the Greenbone Security Assistant (GSA). Also, the new user can change their password via GSA. Logging Configuration --------------------- By default Manager writes logs to the file /var/log/openvas/openvasmd.log Logging is configured entirely by the file /etc/openvas/openvasmd_log.conf The configuration is divided into domains like this one [md main] prepend=%t %p prepend_time_format=%Y-%m-%d %Hh%M.%S %Z file=/var/log/openvas/openvasmd.log level=128 The "level" field controls the amount of logging that is written. The value of "level" can be 4 Errors. 8 Critical situation. 16 Warnings. 32 Messages. 64 Information. 128 Debug. (Lots of output.) Enabling any level includes all the levels above it. So enabling Information will include Warnings, Critical situations and Errors. To get absolutely all logging, set the level to 128 for all domains in the configuration file. Optimizing the database ----------------------- OpenVAS Manager offers the command line option --optimize= to run various optimization of the database. The currently supported values for are: vacuum This option can reduce the file size by freeing some unused storage space in the database. For more information see the documentation for the VACUUM command of the database back-end you are using. analyze This option updates various internal statistics of the database used to optimize queries. For more information see the documentation for the ANALYZE command of the database back-end you are using. cleanup-config-prefs This option removes duplicate preferences from Scan Configs and corrects some broken preference values. For the latter, make sure the NVT preferences in the database are up to date, e.g. by running openvasmd --rebuild. remove-open-port-results This option removes results which were used in older versions of OpenVAS to indicate an open port. Since open ports are now part of the host details these results are now obsolete in most cases. cleanup-port-names This cleans up the ports of results as stored in the database by removing parts that do not conform to the format /. For example the application name will be removed from a port using the old format "telnet (23/tcp)", reducing it to the new format "23/tcp". This makes filtering results and delta reports more consistent. cleanup-result-severities This cleans up results with no severity by assigning the default severity set by the user owning the result. All new results should have a severity assigned but this was not ensured in older versions, so this function can be used to correct missing severity scores in older reports. rebuild-report-cache This clears the cache containing the unfiltered result counts of all reports and fully rebuilds it. update-report-cache This creates the cache containing the unfiltered result counts of all reports that are not cached yet. Import/Update IANA Services Names --------------------------------- If you want the Manager to resolve port names when outputing reports for instance, you need to import the information from a Services Names list. In order to update the database, download the port names list: $ wget http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xml Then provide it as an argument to openvas-portnames-update script: $ openvas-portnames-update service-names-port-numbers.xml You can safely delete the list after that as it is not needed and all relevant information has been imported into the database. $ rm service-names-port-numbers.xml Note that IANA updates this list frequently. The same steps could be followed to update the information in the database from a newer list. Currently, the helper tool supports only the official IANA Services Names list. Encrypted Credentials --------------------- By default the Manager stores private key and password parts of target credentials encrypted in the database. This voids leaking such keys via backups. To be able to do a proper restore of the data, it is important to also backup the encryption key. The easiest way to do this is to create backup of the entire directory tree /var/lib/openvas/openvasmd/gnupg and store it at a safe place independent from the database backups. This needs to be done only once after the key has been created or changed. The Manager creates the key at startup if it does not exist. To check whether the key has been generated you may use the command $ gpg --homedir /var/lib/openvas/openvasmd/gnupg --list-secret-keys An example output would be sec 2048R/1B55390F 2013-01-18 uid OpenVAS Credential Encryption Your key will have the same user ID ("OpenVAS Credential Encryption") but another keyid (1B55390F) and another creation date (2013-01-18). Older versions of the Manager didn't used encrypted credentials. Thus for old installations the database may hold a mix of cleartext and encrypted credentials. Note, that after changing a cleartext credential it will be saved encrypted. To encrypt all existing credentials you may use $ openvasmd --encrypt-all-credentials Key change: If you disable the current key (see also the gpg manual) and create a new key, this command will decrypt using the old but disabled key and then re-encrypt using the new key. The command --decrypt-all-credentials may be used to revert to plaintext credentials: $ gpg --homedir /var/lib/openvas/openvasmd/gnupg -K Look for the current key and remember its keyid. Then: $ gpg --homedir /var/lib/openvas/openvasmd/gnupg --edit-key KEYID At the prompt enter "disable" followed by "save" and "quit". Then create a new key and re-encrypt all passwords: $ openvasmd --create-credentials-encryption-key $ openvasmd --encrypt-all-credentials No encryption: If for backward compatibility reasons encrypted credentials are not desired, the manager must _always_ be started with the option --disable-encrypted-credentials. Resetting Credentials Encryption Key ------------------------------------ If you lost some part of the encryption key, neither a regular migration nor a simple creation might work. In this case you need to reset the encryption key with the following procedure. There is no way to get the encrypted credentials back. You will need to enter all of them anew afterwards. Get the key fingerprint: $ gpg --homedir /var/lib/openvas/openvasmd/gnupg --list-secret-keys Remove the secret key: $ gpg --homedir=/etc/openvas/gnupg --delete-secret-keys KEYID Remove the key: $ gpg --homedir=/etc/openvas/gnupg --delete-keys KEYID Create a new key: $ openvasmd --create-credentials-encryption-key Finally, reset all credentials, by hand. Migrating Encrypted Credentials from OpenVAS Manager 5.0 to 6.0 --------------------------------------------------------------- While OpenVAS Manager 5.0 initially placed the credential encryption key in /var/lib/openvas/gnupg, OpenVAS Manager 6.0 switched to using /var/lib/openvas/openvasmd/gnupg to make it easier to back up all Manager data. In order to continue using your encrypted credentials, please move the contents of /var/lib/openvas/gnupg to /var/lib/openvas/openvasmd/gnupg. Make sure the permissions on /var/lib/openvas/openvasmd/gnupg are suitable for the user OpenVAS Manager is running as. Migrating Encrypted Credentials from OpenVAS Manager 4.0 to 5.0 --------------------------------------------------------------- While OpenVAS Manager 4.0 initially place the credential encryption key in /etc/openvas/gnupg, OpenVAS Manager 5.0 switched to using /var/lib/openvas/gnupg for better FHS compliance and to set the key apart from the one used for signature verification. In order to continue using your encrypted credentials, please copy the contents of /etc/openvas/gnupg to /var/lib/openvas/gnupg. Make sure the permissions on /var/lib/openvas/gnupg are suitable for the user OpenVAS Manager is running as. Once your encrypted credentials are working again, feel free to remove the credential encryptions key from the keyring in /etc/openvas/gnupg and the signature verification key from the one in /var/lib/openvas/gnupg. Updating Scanner Certificates ----------------------------- If you have changed the CA certificate used to sign the server and client certificates or the client certificate itself you will need to update the certificates in Manager database as well. The database can be updated using the following command: $ openvasmd --modify-scanner \ --scanner-ca-pub \ --scanner-key-pub \ --scanner-key-priv Where: refers to the UUID used by OpenVAS Manager to identify the scanner; the UUID can be retrieved with "openvasmd --get-scanners" refers to the certificate of the CA used to sign the scanner certificate. Leaving this empty will delete the CA certificate of the scanner. This option can be dropped if the scanner uses a certificate that corresponds with the default CA certficate of Manager refers to the certificate Manager uses to authenticate when connecting to the scanner. For a default OSP scanner setup with self-signed certificates this would be /var/lib/openvas/CA/clientcert.pem refers to the private key Manager uses to authenticate when connecting to the scanner. For a default OSP scanner setup with self-signed certificates this would be /var/lib/openvas/private/CA/clientkey.pem To set just a new default CA certificate: $ openvasmd --modify-setting 9ac801ea-39f8-11e6-bbaa-28d24461215b \ --value "`cat /var/lib/openvas/CA/cacert.pem`" Replace the path to the pem-file with the one of your setup. The UUID is the fixed one of the immutable global setting for the default CA certificate and thus does not need to be changed. Changing the Maximum Number of Rows per Page -------------------------------------------- The maximum number of rows returned by the OMP "GET" commands, like GET_TARGETS, is controlled by the OMP setting "Max Rows Per Page". This setting is an upper limit on the number of resources returned by any GET command, regardless of the value given for "rows" in the command's filter. The default value for "Max Rows Per Page" is 1000. 0 indicates no limit. This setting can not be changed via OMP. However, the openvasmd option --modify-setting can be used to change it. $ openvasmd --modify-setting 76374a7a-0569-11e6-b6da-28d24461215b \ --value 100 This changes the global value of the setting, and so applies to all users. Adding --user to the command will set a value for maximum rows only for that user. Prerequisites for Optional Features ----------------------------------- Certain features of the Manager also require some programs at run time: Prerequisites for generating PDF reports: * pdflatex Prerequisites for generating HTML reports: * xsltproc Prerequisites for generating verinice reports: * xsltproc, xmlstarlet, zip Prerequisites for generating credentials RPM / DEB packages: * rpm * fakeroot * alien Prerequisites for generating credentials .exe packages: * makensis (usually distributed as part of nsis) Prerequisites for generating system reports: * A program in the PATH, with usage "openvasmr seconds type", where seconds is the number of seconds before now that the report covers, and type is the type of report. When called with type "titles" the script must print a list of possible types, where the name of the type is everything up to the first space and everything else is a title for the report. When called with one of these types openvasmr must print a PNG in base64 encoding. When called with the special type "blank", openvasmr must print a PNG in base64 for the Manager to use when a request for one of the titled types fails. openvasmr may indicate failure by simply refraining from printing. Prerequisites for signature verification: * gnupg Prerequisites for HTTP alerts: * wget Prerequisites for Sourcefire Connector alert: * A program in the PATH called greenbone_sourcefire_connector that takes args IP, port, PKCS12 file and report file in Sourcefire format. Prerequisites for verinice .PRO Connector alert: * A program in the PATH called greenbone_verinice_connector that takes args IP, port, username, password and report file in verinice .PRO format. Prerequisites for SCP alert: * sshpass * scp Prerequisites for Send alert: * socat Prerequisites for SNMP alert: * snmp Prerequisites for SMB alert: * smbclient Prerequisites for splitting large XML files (see tools/extra/README): * python Static code analysis with the Clang Static Analyzer --------------------------------------------------- If you want to use the Clang Static Analyzer (http://clang-analyzer.llvm.org/) to do a static code analysis, you can do so by adding the following parameter when configuring the build: -DCMAKE_C_COMPILER=/usr/share/clang/scan-build/ccc-analyzer Note that the example above uses the default location of ccc-analyzer in Debian GNU/Linux and may be different in other environments. To have the analysis results aggregated into a set of HTML files, use the following command: $ scan-build make The tool will provide a hint on how to launch a web browser with the results. It is recommended to do this analysis in a separate, empty build directory and to empty the build directory before "scan-build" call. gvm-7.0.3/README000066400000000000000000000027331325714266200132070ustar00rootroot00000000000000About OpenVAS Manager --------------------- The OpenVAS Manager is the central management service between security scanners and the user clients. It manages the storage of any vulnerability management configurations and of the scan results. Access to data, control commands and workflows is offered via the XML-based OpenVAS Management Protocol (OMP). The primary scanner 'OpenVAS Scanner' is controlled directly via OTP protocol while any other remote scanner is coupled with the OSP protocol. OpenVAS Manager is licensed under GNU General Public License Version 2 or any later version. Please see file COPYING for details. All parts of OpenVAS Manager are Copyright (C) by Greenbone Networks GmbH (see http://www.greenbone.net). Howto use --------- Starting OpenVAS Manager: In case everything was installed using the defaults, then starting the manager can be done with this simple command: openvasmd A command like openvasmd --update or openvasmd --rebuild will update the Manager's NVT cache, and then exit. The cache must be updated every time the OpenVAS Scanner syncs with the NVT feed. The --rebuild option is faster as it locks the database the entire time, whereas --update allows clients to access the Manager during the update. An update within a running Manager can also be invoked by sending the main Manager process the SIGHUP signal (signal number 1). To see all available command line options of openvasmd enter this command: openvasmd --help gvm-7.0.3/VERSION.in000066400000000000000000000000271325714266200137760ustar00rootroot00000000000000@CPACK_PACKAGE_VERSION@gvm-7.0.3/cmake/000077500000000000000000000000001325714266200134025ustar00rootroot00000000000000gvm-7.0.3/cmake/GetGit.cmake000066400000000000000000000036351325714266200155760ustar00rootroot00000000000000# getgit.cmake # This script attempts to determine the Git commit ID and writes or updates # a "gitrevision.h" file if successful. # # Authors: # Juan Jose Nicola # # Copyright: # Copyright (C) 2018 Greenbone Networks GmbH # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. find_package (Git) macro (Git_GET_REVISION dir variable) execute_process(COMMAND ${GIT_EXECUTABLE} rev-parse --abbrev-ref HEAD WORKING_DIRECTORY ${dir} OUTPUT_VARIABLE GIT_BRANCH OUTPUT_STRIP_TRAILING_WHITESPACE) execute_process(COMMAND ${GIT_EXECUTABLE} log -1 --format=%h WORKING_DIRECTORY ${dir} OUTPUT_VARIABLE GIT_COMMIT_HASH OUTPUT_STRIP_TRAILING_WHITESPACE) set (${variable} "${GIT_COMMIT_HASH}-${GIT_BRANCH}") endmacro (Git_GET_REVISION) if (EXISTS "${SOURCE_DIR}/.git/") if (GIT_FOUND) Git_GET_REVISION (${SOURCE_DIR} GIT_REVISION) endif (GIT_FOUND) endif (EXISTS "${SOURCE_DIR}/.git/") if (GIT_REVISION) file (WRITE gitrevision.h.in "#define OPENVASMD_GIT_REVISION \"${GIT_REVISION}\"\n") execute_process (COMMAND ${CMAKE_COMMAND} -E copy_if_different gitrevision.h.in gitrevision.h) file (REMOVE gitrevision.h.in) endif (GIT_REVISION)gvm-7.0.3/doc/000077500000000000000000000000001325714266200130675ustar00rootroot00000000000000gvm-7.0.3/doc/CMakeLists.txt000066400000000000000000000232121325714266200156270ustar00rootroot00000000000000# OpenVAS # $Id$ # Description: CMakefile for the OpenVAS Manager documentation # # Authors: # Matthew Mundell # # Copyright: # Copyright (C) 2009 Greenbone Networks GmbH # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ## Find xml2man message (STATUS "Looking for xmltoman...") find_program (XMLTOMAN_EXECUTABLE xmltoman PATHS /bin /usr/bin /usr/local/bin/ DOC "xmltoman location") message (STATUS "Looking for xmltoman... ${XMLTOMAN_EXECUTABLE}") find_program (XMLMANTOHTML_EXECUTABLE xmlmantohtml PATHS /bin /usr/bin /usr/local/bin/ DOC "xmlmantohtml location") message (STATUS "Looking for xmlmantohtml... ${XMLMANTOHTML_EXECUTABLE}") # FIX find_program seems to follow symlink if (XMLMANTOHTML_EXECUTABLE) set (XMLMANTOHTML_EXECUTABLE xmlmantohtml) endif (XMLMANTOHTML_EXECUTABLE) message (STATUS "Looking for SQLFairy...") find_program (SQLT-DIAGRAM_EXECUTABLE sqlt-diagram PATHS /bin /usr/bin /usr/local/bin/ DOC "sqlt-diagram location") find_program (SQLT_EXECUTABLE sqlt PATHS /bin /usr/bin /usr/local/bin/ DOC "sqlt location") message (STATUS "Looking for SQLFairy... ${SQLT-DIAGRAM_EXECUTABLE}, ${SQLT_EXECUTABLE}") ## build set_directory_properties (PROPERTIES CLEAN_NO_CUSTOM true) set_directory_properties (PROPERTIES ADDITIONAL_MAKE_CLEAN_FILES ".built-html;.built-html_full") include (FindDoxygen) if (NOT DOXYGEN_EXECUTABLE) message (STATUS "WARNING: Doxygen is required to build the HTML docs.") else (NOT DOXYGEN_EXECUTABLE) add_custom_target (doc COMMENT "Building documentation..." DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/openvasmd.8 ${CMAKE_CURRENT_BINARY_DIR}/Doxyfile ${CMAKE_CURRENT_BINARY_DIR}/.built-html ${CMAKE_CURRENT_BINARY_DIR}/.built-html_db ${CMAKE_CURRENT_BINARY_DIR}/db.png ${CMAKE_CURRENT_BINARY_DIR}/omp.rnc ${CMAKE_CURRENT_BINARY_DIR}/omp.html) add_custom_command (OUTPUT .built-html COMMAND sh ARGS -c \"${DOXYGEN_EXECUTABLE} ${CMAKE_CURRENT_BINARY_DIR}/Doxyfile && touch ${CMAKE_CURRENT_BINARY_DIR}/.built-html\;\" DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/openvasmd.html ${CMAKE_CURRENT_BINARY_DIR}/Doxyfile) add_custom_target (doc-full COMMENT "Building documentation..." DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/openvasmd.8 ${CMAKE_CURRENT_BINARY_DIR}/Doxyfile_full ${CMAKE_CURRENT_BINARY_DIR}/.built-html_full ${CMAKE_CURRENT_BINARY_DIR}/.built-html_db ${CMAKE_CURRENT_BINARY_DIR}/db.png ${CMAKE_CURRENT_BINARY_DIR}/omp.rnc ${CMAKE_CURRENT_BINARY_DIR}/omp.html) add_custom_command (OUTPUT .built-html_full COMMAND sh ARGS -c \"${DOXYGEN_EXECUTABLE} ${CMAKE_CURRENT_BINARY_DIR}/Doxyfile_full && touch ${CMAKE_CURRENT_BINARY_DIR}/.built-html_full\;\" DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/openvasmd.html ${CMAKE_CURRENT_BINARY_DIR}/Doxyfile_full) add_custom_target (doc-omp COMMENT "Building OMP documentation..." DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/omp.rnc ${CMAKE_CURRENT_BINARY_DIR}/omp.html) endif (NOT DOXYGEN_EXECUTABLE) if (XMLTOMAN_EXECUTABLE) add_custom_target (man COMMENT "Building manual page..." DEPENDS openvasmd.8 greenbone-certdata-sync.8 greenbone-scapdata-sync.8 database-statistics-sqlite.8 openvas-migrate-to-postgres.8 openvas-portnames-update.8) add_custom_command (OUTPUT openvasmd.8 COMMAND sh ARGS -c \"${XMLTOMAN_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/openvasmd.8.xml > ${CMAKE_CURRENT_BINARY_DIR}/openvasmd.8\;\" DEPENDS openvasmd.8.xml) add_custom_command (OUTPUT greenbone-certdata-sync.8 COMMAND sh ARGS -c \"${XMLTOMAN_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/greenbone-certdata-sync.8.xml > ${CMAKE_CURRENT_BINARY_DIR}/greenbone-certdata-sync.8\;\" DEPENDS greenbone-certdata-sync.8.xml) add_custom_command (OUTPUT greenbone-scapdata-sync.8 COMMAND sh ARGS -c \"${XMLTOMAN_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/greenbone-scapdata-sync.8.xml > ${CMAKE_CURRENT_BINARY_DIR}/greenbone-scapdata-sync.8\;\" DEPENDS greenbone-scapdata-sync.8.xml) add_custom_command (OUTPUT database-statistics-sqlite.8 COMMAND sh ARGS -c \"${XMLTOMAN_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/database-statistics-sqlite.8.xml > ${CMAKE_CURRENT_BINARY_DIR}/database-statistics-sqlite.8\;\" DEPENDS database-statistics-sqlite.8.xml) add_custom_command (OUTPUT openvas-migrate-to-postgres.8 COMMAND sh ARGS -c \"${XMLTOMAN_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/openvas-migrate-to-postgres.8.xml > ${CMAKE_CURRENT_BINARY_DIR}/openvas-migrate-to-postgres.8\;\" DEPENDS openvas-migrate-to-postgres.8.xml) add_custom_command (OUTPUT openvas-portnames-update.8 COMMAND sh ARGS -c \"${XMLTOMAN_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/openvas-portnames-update.8.xml > ${CMAKE_CURRENT_BINARY_DIR}/openvas-portnames-update.8\;\" DEPENDS openvas-portnames-update.8.xml) else (XMLTOMAN_EXECUTABLE) message (STATUS "WARNING: xmltoman is required to generate manpage.") add_custom_command (OUTPUT openvasmd.8 COMMAND echo "[Error: xmltoman required to see manpage here]" > openvasmd.8) add_custom_command (OUTPUT greenbone-certdata-sync.8 COMMAND echo "[Error: xmltoman required to see manpage here]" > greenbone-certdata-sync.8) add_custom_command (OUTPUT greenbone-scapdata-sync.8 COMMAND echo "[Error: xmltoman required to see manpage here]" > greenbone-scapdata-sync.8) add_custom_command (OUTPUT database-statistics-sqlite.8 COMMAND echo "[Error: xmltoman required to see manpage here]" > database-statistics-sqlite.8) add_custom_command (OUTPUT openvas-migrate-to-postgres.8 COMMAND echo "[Error: xmltoman required to see manpage here]" > openvas-migrate-to-postgres.8) add_custom_command (OUTPUT openvas-portnames-update.8 COMMAND echo "[Error: xmltoman required to see manpage here]" > openvas-portnames-update.8) endif (XMLTOMAN_EXECUTABLE) if (XMLMANTOHTML_EXECUTABLE) add_custom_target (man-html COMMENT "Building manual page HTML..." DEPENDS openvasmd.html) add_custom_command (OUTPUT openvasmd.html COMMAND sh ARGS -c \"${XMLMANTOHTML_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/openvasmd.8.xml > ${CMAKE_CURRENT_BINARY_DIR}/openvasmd.html\;\" DEPENDS openvasmd.8.xml) else (XMLMANTOHTML_EXECUTABLE) message (STATUS "WARNING: xmlmantohtml is required for manpage in HTML docs.") add_custom_command (OUTPUT openvasmd.html COMMAND echo "[Error: xmlmantohtml required to see manpage here]" > openvasmd.html) endif (XMLMANTOHTML_EXECUTABLE) if (SQLT-DIAGRAM_EXECUTABLE) add_custom_command (OUTPUT db.png COMMAND sh ARGS -c \"${SQLT-DIAGRAM_EXECUTABLE} --color --title=\\\"Manager database \(version ${OPENVASMD_DATABASE_VERSION}\)\\\" -d PostgreSQL ${CMAKE_CURRENT_SOURCE_DIR}/db_postgres.sql -o db.png\;\" DEPENDS db_postgres.sql) else (SQLT_EXECUTABLE) add_custom_command (OUTPUT db.png COMMAND sh ARGS -c \"touch db.png;\") endif (SQLT-DIAGRAM_EXECUTABLE) if (SQLT_EXECUTABLE) add_custom_command (OUTPUT .built-html_db COMMAND sh ARGS -c \"${SQLT_EXECUTABLE} --from PostgreSQL --to HTML --pretty --title=\\\"Manager database \(version ${OPENVASMD_DATABASE_VERSION}\)\\\" ${CMAKE_CURRENT_SOURCE_DIR}/db_postgres.sql > db.html && touch .built-html_db\;\" DEPENDS db_postgres.sql) else (SQLT_EXECUTABLE) add_custom_command (OUTPUT .built-html_db COMMAND sh ARGS -c \"echo \\\"[Error: sqlt, from SQLFairy, required to see database here]\\\" > db.html && touch .built-html_db\;\") endif (SQLT_EXECUTABLE) add_custom_command (OUTPUT omp.rnc COMMAND sh ARGS -c \"cd ${CMAKE_SOURCE_DIR}/src/schema_formats/RNC && xsltproc ./RNC.xsl ${CMAKE_BINARY_DIR}/src/schema_formats/XML/OMP.xml > ${CMAKE_BINARY_DIR}/doc/omp.rnc\;\" DEPENDS ${CMAKE_BINARY_DIR}/src/schema_formats/XML/OMP.xml ${CMAKE_SOURCE_DIR}/src/schema_formats/RNC/generate ${CMAKE_SOURCE_DIR}/src/schema_formats/RNC/RNC.xsl ${CMAKE_SOURCE_DIR}/src/schema_formats/RNC/rnc.xsl) add_custom_command (OUTPUT omp.html COMMAND sh ARGS -c \"cd ${CMAKE_SOURCE_DIR}/src/schema_formats/HTML && xsltproc ./HTML.xsl ${CMAKE_BINARY_DIR}/src/schema_formats/XML/OMP.xml > ${CMAKE_BINARY_DIR}/doc/omp.html\;\" DEPENDS ${CMAKE_BINARY_DIR}/src/schema_formats/XML/OMP.xml ${CMAKE_SOURCE_DIR}/src/schema_formats/HTML/generate ${CMAKE_SOURCE_DIR}/src/schema_formats/HTML/HTML.xsl ${CMAKE_SOURCE_DIR}/src/schema_formats/HTML/rnc.xsl) ## Install install (FILES omp.html DESTINATION share/doc/openvas-manager/html/ COMPONENT doc) install (FILES openvasmd.8 greenbone-certdata-sync.8 greenbone-scapdata-sync.8 database-statistics-sqlite.8 openvas-migrate-to-postgres.8 openvas-portnames-update.8 DESTINATION share/man/man8/ COMPONENT doc) gvm-7.0.3/doc/Doxyfile.in000066400000000000000000003110001325714266200151750ustar00rootroot00000000000000# Doxyfile 1.8.8 # This file describes the settings to be used by the documentation system # doxygen (www.doxygen.org) for a project. # # All text after a double hash (##) is considered a comment and is placed in # front of the TAG it is preceding. # # All text after a single hash (#) is considered a comment and will be ignored. # The format is: # TAG = value [value, ...] # For lists, items can also be appended using: # TAG += value [value, ...] # Values that contain spaces should be placed between quotes (\" \"). #--------------------------------------------------------------------------- # Project related configuration options #--------------------------------------------------------------------------- # This tag specifies the encoding used for all characters in the config file # that follow. The default is UTF-8 which is also the encoding used for all text # before the first occurrence of this tag. Doxygen uses libiconv (or the iconv # built into libc) for the transcoding. See http://www.gnu.org/software/libiconv # for the list of possible encodings. # The default value is: UTF-8. DOXYFILE_ENCODING = UTF-8 # The PROJECT_NAME tag is a single word (or a sequence of words surrounded by # double-quotes, unless you are using Doxywizard) that should identify the # project for which the documentation is generated. This name is used in the # title of most generated pages and in a few other places. # The default value is: My Project. PROJECT_NAME = "OpenVAS Manager" # The PROJECT_NUMBER tag can be used to enter a project or revision number. This # could be handy for archiving the generated documentation or if some version # control system is used. PROJECT_NUMBER = @CPACK_PACKAGE_VERSION@ # Using the PROJECT_BRIEF tag one can provide an optional one line description # for a project that appears at the top of each page and should give viewer a # quick idea about the purpose of the project. Keep the description short. PROJECT_BRIEF = # With the PROJECT_LOGO tag one can specify an logo or icon that is included in # the documentation. The maximum height of the logo should not exceed 55 pixels # and the maximum width should not exceed 200 pixels. Doxygen will copy the logo # to the output directory. PROJECT_LOGO = # The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) path # into which the generated documentation will be written. If a relative path is # entered, it will be relative to the location where doxygen was started. If # left blank the current directory will be used. OUTPUT_DIRECTORY = @CMAKE_BINARY_DIR@/doc/generated # If the CREATE_SUBDIRS tag is set to YES, then doxygen will create 4096 sub- # directories (in 2 levels) under the output directory of each output format and # will distribute the generated files over these directories. Enabling this # option can be useful when feeding doxygen a huge amount of source files, where # putting all generated files in the same directory would otherwise causes # performance problems for the file system. # The default value is: NO. CREATE_SUBDIRS = NO # If the ALLOW_UNICODE_NAMES tag is set to YES, doxygen will allow non-ASCII # characters to appear in the names of generated files. If set to NO, non-ASCII # characters will be escaped, for example _xE3_x81_x84 will be used for Unicode # U+3044. # The default value is: NO. ALLOW_UNICODE_NAMES = NO # The OUTPUT_LANGUAGE tag is used to specify the language in which all # documentation generated by doxygen is written. Doxygen will use this # information to generate all constant output in the proper language. # Possible values are: Afrikaans, Arabic, Armenian, Brazilian, Catalan, Chinese, # Chinese-Traditional, Croatian, Czech, Danish, Dutch, English (United States), # Esperanto, Farsi (Persian), Finnish, French, German, Greek, Hungarian, # Indonesian, Italian, Japanese, Japanese-en (Japanese with English messages), # Korean, Korean-en (Korean with English messages), Latvian, Lithuanian, # Macedonian, Norwegian, Persian (Farsi), Polish, Portuguese, Romanian, Russian, # Serbian, Serbian-Cyrillic, Slovak, Slovene, Spanish, Swedish, Turkish, # Ukrainian and Vietnamese. # The default value is: English. OUTPUT_LANGUAGE = English # If the BRIEF_MEMBER_DESC tag is set to YES doxygen will include brief member # descriptions after the members that are listed in the file and class # documentation (similar to Javadoc). Set to NO to disable this. # The default value is: YES. BRIEF_MEMBER_DESC = YES # If the REPEAT_BRIEF tag is set to YES doxygen will prepend the brief # description of a member or function before the detailed description # # Note: If both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the # brief descriptions will be completely suppressed. # The default value is: YES. REPEAT_BRIEF = YES # This tag implements a quasi-intelligent brief description abbreviator that is # used to form the text in various listings. Each string in this list, if found # as the leading text of the brief description, will be stripped from the text # and the result, after processing the whole list, is used as the annotated # text. Otherwise, the brief description is used as-is. If left blank, the # following values are used ($name is automatically replaced with the name of # the entity):The $name class, The $name widget, The $name file, is, provides, # specifies, contains, represents, a, an and the. ABBREVIATE_BRIEF = # If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then # doxygen will generate a detailed section even if there is only a brief # description. # The default value is: NO. ALWAYS_DETAILED_SEC = NO # If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show all # inherited members of a class in the documentation of that class as if those # members were ordinary class members. Constructors, destructors and assignment # operators of the base classes will not be shown. # The default value is: NO. INLINE_INHERITED_MEMB = NO # If the FULL_PATH_NAMES tag is set to YES doxygen will prepend the full path # before files name in the file list and in the header files. If set to NO the # shortest path that makes the file name unique will be used # The default value is: YES. FULL_PATH_NAMES = YES # The STRIP_FROM_PATH tag can be used to strip a user-defined part of the path. # Stripping is only done if one of the specified strings matches the left-hand # part of the path. The tag can be used to show relative paths in the file list. # If left blank the directory from which doxygen is run is used as the path to # strip. # # Note that you can specify absolute paths here, but also relative paths, which # will be relative from the directory where doxygen is started. # This tag requires that the tag FULL_PATH_NAMES is set to YES. STRIP_FROM_PATH = @CMAKE_SOURCE_DIR@ # The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of the # path mentioned in the documentation of a class, which tells the reader which # header file to include in order to use a class. If left blank only the name of # the header file containing the class definition is used. Otherwise one should # specify the list of include paths that are normally passed to the compiler # using the -I flag. STRIP_FROM_INC_PATH = # If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter (but # less readable) file names. This can be useful is your file systems doesn't # support long names like on DOS, Mac, or CD-ROM. # The default value is: NO. SHORT_NAMES = NO # If the JAVADOC_AUTOBRIEF tag is set to YES then doxygen will interpret the # first line (until the first dot) of a Javadoc-style comment as the brief # description. If set to NO, the Javadoc-style will behave just like regular Qt- # style comments (thus requiring an explicit @brief command for a brief # description.) # The default value is: NO. JAVADOC_AUTOBRIEF = NO # If the QT_AUTOBRIEF tag is set to YES then doxygen will interpret the first # line (until the first dot) of a Qt-style comment as the brief description. If # set to NO, the Qt-style will behave just like regular Qt-style comments (thus # requiring an explicit \brief command for a brief description.) # The default value is: NO. QT_AUTOBRIEF = NO # The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make doxygen treat a # multi-line C++ special comment block (i.e. a block of //! or /// comments) as # a brief description. This used to be the default behavior. The new default is # to treat a multi-line C++ comment block as a detailed description. Set this # tag to YES if you prefer the old behavior instead. # # Note that setting this tag to YES also means that rational rose comments are # not recognized any more. # The default value is: NO. MULTILINE_CPP_IS_BRIEF = NO # If the INHERIT_DOCS tag is set to YES then an undocumented member inherits the # documentation from any documented member that it re-implements. # The default value is: YES. INHERIT_DOCS = YES # If the SEPARATE_MEMBER_PAGES tag is set to YES, then doxygen will produce a # new page for each member. If set to NO, the documentation of a member will be # part of the file/class/namespace that contains it. # The default value is: NO. SEPARATE_MEMBER_PAGES = NO # The TAB_SIZE tag can be used to set the number of spaces in a tab. Doxygen # uses this value to replace tabs by spaces in code fragments. # Minimum value: 1, maximum value: 16, default value: 4. TAB_SIZE = 2 # This tag can be used to specify a number of aliases that act as commands in # the documentation. An alias has the form: # name=value # For example adding # "sideeffect=@par Side Effects:\n" # will allow you to put the command \sideeffect (or @sideeffect) in the # documentation, which will result in a user-defined paragraph with heading # "Side Effects:". You can put \n's in the value part of an alias to insert # newlines. ALIASES = "TODO=\todo" # This tag can be used to specify a number of word-keyword mappings (TCL only). # A mapping has the form "name=value". For example adding "class=itcl::class" # will allow you to use the command class in the itcl::class meaning. TCL_SUBST = # Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C sources # only. Doxygen will then generate output that is more tailored for C. For # instance, some of the names that are used will be different. The list of all # members will be omitted, etc. # The default value is: NO. OPTIMIZE_OUTPUT_FOR_C = YES # Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java or # Python sources only. Doxygen will then generate output that is more tailored # for that language. For instance, namespaces will be presented as packages, # qualified scopes will look different, etc. # The default value is: NO. OPTIMIZE_OUTPUT_JAVA = NO # Set the OPTIMIZE_FOR_FORTRAN tag to YES if your project consists of Fortran # sources. Doxygen will then generate output that is tailored for Fortran. # The default value is: NO. OPTIMIZE_FOR_FORTRAN = NO # Set the OPTIMIZE_OUTPUT_VHDL tag to YES if your project consists of VHDL # sources. Doxygen will then generate output that is tailored for VHDL. # The default value is: NO. OPTIMIZE_OUTPUT_VHDL = NO # Doxygen selects the parser to use depending on the extension of the files it # parses. With this tag you can assign which parser to use for a given # extension. Doxygen has a built-in mapping, but you can override or extend it # using this tag. The format is ext=language, where ext is a file extension, and # language is one of the parsers supported by doxygen: IDL, Java, Javascript, # C#, C, C++, D, PHP, Objective-C, Python, Fortran (fixed format Fortran: # FortranFixed, free formatted Fortran: FortranFree, unknown formatted Fortran: # Fortran. In the later case the parser tries to guess whether the code is fixed # or free formatted code, this is the default for Fortran type files), VHDL. For # instance to make doxygen treat .inc files as Fortran files (default is PHP), # and .f files as C (default is Fortran), use: inc=Fortran f=C. # # Note For files without extension you can use no_extension as a placeholder. # # Note that for custom extensions you also need to set FILE_PATTERNS otherwise # the files are not read by doxygen. EXTENSION_MAPPING = # If the MARKDOWN_SUPPORT tag is enabled then doxygen pre-processes all comments # according to the Markdown format, which allows for more readable # documentation. See http://daringfireball.net/projects/markdown/ for details. # The output of markdown processing is further processed by doxygen, so you can # mix doxygen, HTML, and XML commands with Markdown formatting. Disable only in # case of backward compatibilities issues. # The default value is: YES. MARKDOWN_SUPPORT = YES # When enabled doxygen tries to link words that correspond to documented # classes, or namespaces to their corresponding documentation. Such a link can # be prevented in individual cases by by putting a % sign in front of the word # or globally by setting AUTOLINK_SUPPORT to NO. # The default value is: YES. AUTOLINK_SUPPORT = YES # If you use STL classes (i.e. std::string, std::vector, etc.) but do not want # to include (a tag file for) the STL sources as input, then you should set this # tag to YES in order to let doxygen match functions declarations and # definitions whose arguments contain STL classes (e.g. func(std::string); # versus func(std::string) {}). This also make the inheritance and collaboration # diagrams that involve STL classes more complete and accurate. # The default value is: NO. BUILTIN_STL_SUPPORT = NO # If you use Microsoft's C++/CLI language, you should set this option to YES to # enable parsing support. # The default value is: NO. CPP_CLI_SUPPORT = NO # Set the SIP_SUPPORT tag to YES if your project consists of sip (see: # http://www.riverbankcomputing.co.uk/software/sip/intro) sources only. Doxygen # will parse them like normal C++ but will assume all classes use public instead # of private inheritance when no explicit protection keyword is present. # The default value is: NO. SIP_SUPPORT = NO # For Microsoft's IDL there are propget and propput attributes to indicate # getter and setter methods for a property. Setting this option to YES will make # doxygen to replace the get and set methods by a property in the documentation. # This will only work if the methods are indeed getting or setting a simple # type. If this is not the case, or you want to show the methods anyway, you # should set this option to NO. # The default value is: YES. IDL_PROPERTY_SUPPORT = YES # If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC # tag is set to YES, then doxygen will reuse the documentation of the first # member in the group (if any) for the other members of the group. By default # all members of a group must be documented explicitly. # The default value is: NO. DISTRIBUTE_GROUP_DOC = NO # Set the SUBGROUPING tag to YES to allow class member groups of the same type # (for instance a group of public functions) to be put as a subgroup of that # type (e.g. under the Public Functions section). Set it to NO to prevent # subgrouping. Alternatively, this can be done per class using the # \nosubgrouping command. # The default value is: YES. SUBGROUPING = YES # When the INLINE_GROUPED_CLASSES tag is set to YES, classes, structs and unions # are shown inside the group in which they are included (e.g. using \ingroup) # instead of on a separate page (for HTML and Man pages) or section (for LaTeX # and RTF). # # Note that this feature does not work in combination with # SEPARATE_MEMBER_PAGES. # The default value is: NO. INLINE_GROUPED_CLASSES = NO # When the INLINE_SIMPLE_STRUCTS tag is set to YES, structs, classes, and unions # with only public data fields or simple typedef fields will be shown inline in # the documentation of the scope in which they are defined (i.e. file, # namespace, or group documentation), provided this scope is documented. If set # to NO, structs, classes, and unions are shown on a separate page (for HTML and # Man pages) or section (for LaTeX and RTF). # The default value is: NO. INLINE_SIMPLE_STRUCTS = NO # When TYPEDEF_HIDES_STRUCT tag is enabled, a typedef of a struct, union, or # enum is documented as struct, union, or enum with the name of the typedef. So # typedef struct TypeS {} TypeT, will appear in the documentation as a struct # with name TypeT. When disabled the typedef will appear as a member of a file, # namespace, or class. And the struct will be named TypeS. This can typically be # useful for C code in case the coding convention dictates that all compound # types are typedef'ed and only the typedef is referenced, never the tag name. # The default value is: NO. TYPEDEF_HIDES_STRUCT = NO # The size of the symbol lookup cache can be set using LOOKUP_CACHE_SIZE. This # cache is used to resolve symbols given their name and scope. Since this can be # an expensive process and often the same symbol appears multiple times in the # code, doxygen keeps a cache of pre-resolved symbols. If the cache is too small # doxygen will become slower. If the cache is too large, memory is wasted. The # cache size is given by this formula: 2^(16+LOOKUP_CACHE_SIZE). The valid range # is 0..9, the default is 0, corresponding to a cache size of 2^16=65536 # symbols. At the end of a run doxygen will report the cache usage and suggest # the optimal cache size from a speed point of view. # Minimum value: 0, maximum value: 9, default value: 0. LOOKUP_CACHE_SIZE = 0 #--------------------------------------------------------------------------- # Build related configuration options #--------------------------------------------------------------------------- # If the EXTRACT_ALL tag is set to YES doxygen will assume all entities in # documentation are documented, even if no documentation was available. Private # class members and static file members will be hidden unless the # EXTRACT_PRIVATE respectively EXTRACT_STATIC tags are set to YES. # Note: This will also disable the warnings about undocumented members that are # normally produced when WARNINGS is set to YES. # The default value is: NO. EXTRACT_ALL = YES # If the EXTRACT_PRIVATE tag is set to YES all private members of a class will # be included in the documentation. # The default value is: NO. EXTRACT_PRIVATE = NO # If the EXTRACT_PACKAGE tag is set to YES all members with package or internal # scope will be included in the documentation. # The default value is: NO. EXTRACT_PACKAGE = NO # If the EXTRACT_STATIC tag is set to YES all static members of a file will be # included in the documentation. # The default value is: NO. EXTRACT_STATIC = NO # If the EXTRACT_LOCAL_CLASSES tag is set to YES classes (and structs) defined # locally in source files will be included in the documentation. If set to NO # only classes defined in header files are included. Does not have any effect # for Java sources. # The default value is: YES. EXTRACT_LOCAL_CLASSES = YES # This flag is only useful for Objective-C code. When set to YES local methods, # which are defined in the implementation section but not in the interface are # included in the documentation. If set to NO only methods in the interface are # included. # The default value is: NO. EXTRACT_LOCAL_METHODS = NO # If this flag is set to YES, the members of anonymous namespaces will be # extracted and appear in the documentation as a namespace called # 'anonymous_namespace{file}', where file will be replaced with the base name of # the file that contains the anonymous namespace. By default anonymous namespace # are hidden. # The default value is: NO. EXTRACT_ANON_NSPACES = NO # If the HIDE_UNDOC_MEMBERS tag is set to YES, doxygen will hide all # undocumented members inside documented classes or files. If set to NO these # members will be included in the various overviews, but no documentation # section is generated. This option has no effect if EXTRACT_ALL is enabled. # The default value is: NO. HIDE_UNDOC_MEMBERS = NO # If the HIDE_UNDOC_CLASSES tag is set to YES, doxygen will hide all # undocumented classes that are normally visible in the class hierarchy. If set # to NO these classes will be included in the various overviews. This option has # no effect if EXTRACT_ALL is enabled. # The default value is: NO. HIDE_UNDOC_CLASSES = NO # If the HIDE_FRIEND_COMPOUNDS tag is set to YES, doxygen will hide all friend # (class|struct|union) declarations. If set to NO these declarations will be # included in the documentation. # The default value is: NO. HIDE_FRIEND_COMPOUNDS = NO # If the HIDE_IN_BODY_DOCS tag is set to YES, doxygen will hide any # documentation blocks found inside the body of a function. If set to NO these # blocks will be appended to the function's detailed documentation block. # The default value is: NO. HIDE_IN_BODY_DOCS = NO # The INTERNAL_DOCS tag determines if documentation that is typed after a # \internal command is included. If the tag is set to NO then the documentation # will be excluded. Set it to YES to include the internal documentation. # The default value is: NO. INTERNAL_DOCS = NO # If the CASE_SENSE_NAMES tag is set to NO then doxygen will only generate file # names in lower-case letters. If set to YES upper-case letters are also # allowed. This is useful if you have classes or files whose names only differ # in case and if your file system supports case sensitive file names. Windows # and Mac users are advised to set this option to NO. # The default value is: system dependent. CASE_SENSE_NAMES = YES # If the HIDE_SCOPE_NAMES tag is set to NO then doxygen will show members with # their full class and namespace scopes in the documentation. If set to YES the # scope will be hidden. # The default value is: NO. HIDE_SCOPE_NAMES = NO # If the SHOW_INCLUDE_FILES tag is set to YES then doxygen will put a list of # the files that are included by a file in the documentation of that file. # The default value is: YES. SHOW_INCLUDE_FILES = YES # If the SHOW_GROUPED_MEMB_INC tag is set to YES then Doxygen will add for each # grouped member an include statement to the documentation, telling the reader # which file to include in order to use the member. # The default value is: NO. SHOW_GROUPED_MEMB_INC = NO # If the FORCE_LOCAL_INCLUDES tag is set to YES then doxygen will list include # files with double quotes in the documentation rather than with sharp brackets. # The default value is: NO. FORCE_LOCAL_INCLUDES = NO # If the INLINE_INFO tag is set to YES then a tag [inline] is inserted in the # documentation for inline members. # The default value is: YES. INLINE_INFO = YES # If the SORT_MEMBER_DOCS tag is set to YES then doxygen will sort the # (detailed) documentation of file and class members alphabetically by member # name. If set to NO the members will appear in declaration order. # The default value is: YES. SORT_MEMBER_DOCS = YES # If the SORT_BRIEF_DOCS tag is set to YES then doxygen will sort the brief # descriptions of file, namespace and class members alphabetically by member # name. If set to NO the members will appear in declaration order. Note that # this will also influence the order of the classes in the class list. # The default value is: NO. SORT_BRIEF_DOCS = NO # If the SORT_MEMBERS_CTORS_1ST tag is set to YES then doxygen will sort the # (brief and detailed) documentation of class members so that constructors and # destructors are listed first. If set to NO the constructors will appear in the # respective orders defined by SORT_BRIEF_DOCS and SORT_MEMBER_DOCS. # Note: If SORT_BRIEF_DOCS is set to NO this option is ignored for sorting brief # member documentation. # Note: If SORT_MEMBER_DOCS is set to NO this option is ignored for sorting # detailed member documentation. # The default value is: NO. SORT_MEMBERS_CTORS_1ST = NO # If the SORT_GROUP_NAMES tag is set to YES then doxygen will sort the hierarchy # of group names into alphabetical order. If set to NO the group names will # appear in their defined order. # The default value is: NO. SORT_GROUP_NAMES = NO # If the SORT_BY_SCOPE_NAME tag is set to YES, the class list will be sorted by # fully-qualified names, including namespaces. If set to NO, the class list will # be sorted only by class name, not including the namespace part. # Note: This option is not very useful if HIDE_SCOPE_NAMES is set to YES. # Note: This option applies only to the class list, not to the alphabetical # list. # The default value is: NO. SORT_BY_SCOPE_NAME = NO # If the STRICT_PROTO_MATCHING option is enabled and doxygen fails to do proper # type resolution of all parameters of a function it will reject a match between # the prototype and the implementation of a member function even if there is # only one candidate or it is obvious which candidate to choose by doing a # simple string match. By disabling STRICT_PROTO_MATCHING doxygen will still # accept a match between prototype and implementation in such cases. # The default value is: NO. STRICT_PROTO_MATCHING = NO # The GENERATE_TODOLIST tag can be used to enable ( YES) or disable ( NO) the # todo list. This list is created by putting \todo commands in the # documentation. # The default value is: YES. GENERATE_TODOLIST = YES # The GENERATE_TESTLIST tag can be used to enable ( YES) or disable ( NO) the # test list. This list is created by putting \test commands in the # documentation. # The default value is: YES. GENERATE_TESTLIST = YES # The GENERATE_BUGLIST tag can be used to enable ( YES) or disable ( NO) the bug # list. This list is created by putting \bug commands in the documentation. # The default value is: YES. GENERATE_BUGLIST = YES # The GENERATE_DEPRECATEDLIST tag can be used to enable ( YES) or disable ( NO) # the deprecated list. This list is created by putting \deprecated commands in # the documentation. # The default value is: YES. GENERATE_DEPRECATEDLIST= YES # The ENABLED_SECTIONS tag can be used to enable conditional documentation # sections, marked by \if ... \endif and \cond # ... \endcond blocks. ENABLED_SECTIONS = # The MAX_INITIALIZER_LINES tag determines the maximum number of lines that the # initial value of a variable or macro / define can have for it to appear in the # documentation. If the initializer consists of more lines than specified here # it will be hidden. Use a value of 0 to hide initializers completely. The # appearance of the value of individual variables and macros / defines can be # controlled using \showinitializer or \hideinitializer command in the # documentation regardless of this setting. # Minimum value: 0, maximum value: 10000, default value: 30. MAX_INITIALIZER_LINES = 30 # Set the SHOW_USED_FILES tag to NO to disable the list of files generated at # the bottom of the documentation of classes and structs. If set to YES the list # will mention the files that were used to generate the documentation. # The default value is: YES. SHOW_USED_FILES = YES # Set the SHOW_FILES tag to NO to disable the generation of the Files page. This # will remove the Files entry from the Quick Index and from the Folder Tree View # (if specified). # The default value is: YES. SHOW_FILES = YES # Set the SHOW_NAMESPACES tag to NO to disable the generation of the Namespaces # page. This will remove the Namespaces entry from the Quick Index and from the # Folder Tree View (if specified). # The default value is: YES. SHOW_NAMESPACES = YES # The FILE_VERSION_FILTER tag can be used to specify a program or script that # doxygen should invoke to get the current version for each file (typically from # the version control system). Doxygen will invoke the program by executing (via # popen()) the command command input-file, where command is the value of the # FILE_VERSION_FILTER tag, and input-file is the name of an input file provided # by doxygen. Whatever the program writes to standard output is used as the file # version. For an example see the documentation. FILE_VERSION_FILTER = # The LAYOUT_FILE tag can be used to specify a layout file which will be parsed # by doxygen. The layout file controls the global structure of the generated # output files in an output format independent way. To create the layout file # that represents doxygen's defaults, run doxygen with the -l option. You can # optionally specify a file name after the option, if omitted DoxygenLayout.xml # will be used as the name of the layout file. # # Note that if you run doxygen from a directory containing a file called # DoxygenLayout.xml, doxygen will parse it automatically even if the LAYOUT_FILE # tag is left empty. LAYOUT_FILE = # The CITE_BIB_FILES tag can be used to specify one or more bib files containing # the reference definitions. This must be a list of .bib files. The .bib # extension is automatically appended if omitted. This requires the bibtex tool # to be installed. See also http://en.wikipedia.org/wiki/BibTeX for more info. # For LaTeX the style of the bibliography can be controlled using # LATEX_BIB_STYLE. To use this feature you need bibtex and perl available in the # search path. See also \cite for info how to create references. CITE_BIB_FILES = #--------------------------------------------------------------------------- # Configuration options related to warning and progress messages #--------------------------------------------------------------------------- # The QUIET tag can be used to turn on/off the messages that are generated to # standard output by doxygen. If QUIET is set to YES this implies that the # messages are off. # The default value is: NO. QUIET = NO # The WARNINGS tag can be used to turn on/off the warning messages that are # generated to standard error ( stderr) by doxygen. If WARNINGS is set to YES # this implies that the warnings are on. # # Tip: Turn warnings on while writing the documentation. # The default value is: YES. WARNINGS = YES # If the WARN_IF_UNDOCUMENTED tag is set to YES, then doxygen will generate # warnings for undocumented members. If EXTRACT_ALL is set to YES then this flag # will automatically be disabled. # The default value is: YES. WARN_IF_UNDOCUMENTED = YES # If the WARN_IF_DOC_ERROR tag is set to YES, doxygen will generate warnings for # potential errors in the documentation, such as not documenting some parameters # in a documented function, or documenting parameters that don't exist or using # markup commands wrongly. # The default value is: YES. WARN_IF_DOC_ERROR = YES # This WARN_NO_PARAMDOC option can be enabled to get warnings for functions that # are documented, but have no documentation for their parameters or return # value. If set to NO doxygen will only warn about wrong or incomplete parameter # documentation, but not about the absence of documentation. # The default value is: NO. WARN_NO_PARAMDOC = YES # The WARN_FORMAT tag determines the format of the warning messages that doxygen # can produce. The string should contain the $file, $line, and $text tags, which # will be replaced by the file and line number from which the warning originated # and the warning text. Optionally the format may contain $version, which will # be replaced by the version of the file (if it could be obtained via # FILE_VERSION_FILTER) # The default value is: $file:$line: $text. WARN_FORMAT = "$file:$line: $text" # The WARN_LOGFILE tag can be used to specify a file to which warning and error # messages should be written. If left blank the output is written to standard # error (stderr). WARN_LOGFILE = #--------------------------------------------------------------------------- # Configuration options related to the input files #--------------------------------------------------------------------------- # The INPUT tag is used to specify the files and/or directories that contain # documented source files. You may enter file names like myfile.cpp or # directories like /usr/src/myproject. Separate the files or directories with # spaces. # Note: If this tag is empty the current directory is searched. INPUT = @CMAKE_SOURCE_DIR@/src # This tag can be used to specify the character encoding of the source files # that doxygen parses. Internally doxygen uses the UTF-8 encoding. Doxygen uses # libiconv (or the iconv built into libc) for the transcoding. See the libiconv # documentation (see: http://www.gnu.org/software/libiconv) for the list of # possible encodings. # The default value is: UTF-8. INPUT_ENCODING = UTF-8 # If the value of the INPUT tag contains directories, you can use the # FILE_PATTERNS tag to specify one or more wildcard patterns (like *.cpp and # *.h) to filter out the source-files in the directories. If left blank the # following patterns are tested:*.c, *.cc, *.cxx, *.cpp, *.c++, *.java, *.ii, # *.ixx, *.ipp, *.i++, *.inl, *.idl, *.ddl, *.odl, *.h, *.hh, *.hxx, *.hpp, # *.h++, *.cs, *.d, *.php, *.php4, *.php5, *.phtml, *.inc, *.m, *.markdown, # *.md, *.mm, *.dox, *.py, *.f90, *.f, *.for, *.tcl, *.vhd, *.vhdl, *.ucf, # *.qsf, *.as and *.js. FILE_PATTERNS = # The RECURSIVE tag can be used to specify whether or not subdirectories should # be searched for input files as well. # The default value is: NO. RECURSIVE = NO # The EXCLUDE tag can be used to specify files and/or directories that should be # excluded from the INPUT source files. This way you can easily exclude a # subdirectory from a directory tree whose root is specified with the INPUT tag. # # Note that relative paths are relative to the directory from which doxygen is # run. EXCLUDE = # The EXCLUDE_SYMLINKS tag can be used to select whether or not files or # directories that are symbolic links (a Unix file system feature) are excluded # from the input. # The default value is: NO. EXCLUDE_SYMLINKS = NO # If the value of the INPUT tag contains directories, you can use the # EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude # certain files from those directories. # # Note that the wildcards are matched against the file with absolute path, so to # exclude all test directories for example use the pattern */test/* EXCLUDE_PATTERNS = # The EXCLUDE_SYMBOLS tag can be used to specify one or more symbol names # (namespaces, classes, functions, etc.) that should be excluded from the # output. The symbol name can be a fully qualified name, a word, or if the # wildcard * is used, a substring. Examples: ANamespace, AClass, # AClass::ANamespace, ANamespace::*Test # # Note that the wildcards are matched against the file with absolute path, so to # exclude all test directories use the pattern */test/* EXCLUDE_SYMBOLS = DEF_ACCESS # The EXAMPLE_PATH tag can be used to specify one or more files or directories # that contain example code fragments that are included (see the \include # command). EXAMPLE_PATH = @CMAKE_SOURCE_DIR@ \ @CMAKE_SOURCE_DIR@/doc # If the value of the EXAMPLE_PATH tag contains directories, you can use the # EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp and # *.h) to filter out the source-files in the directories. If left blank all # files are included. EXAMPLE_PATTERNS = # If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be # searched for input files to be used with the \include or \dontinclude commands # irrespective of the value of the RECURSIVE tag. # The default value is: NO. EXAMPLE_RECURSIVE = NO # The IMAGE_PATH tag can be used to specify one or more files or directories # that contain images that are to be included in the documentation (see the # \image command). IMAGE_PATH = # The INPUT_FILTER tag can be used to specify a program that doxygen should # invoke to filter for each input file. Doxygen will invoke the filter program # by executing (via popen()) the command: # # # # where is the value of the INPUT_FILTER tag, and is the # name of an input file. Doxygen will then use the output that the filter # program writes to standard output. If FILTER_PATTERNS is specified, this tag # will be ignored. # # Note that the filter must not add or remove lines; it is applied before the # code is scanned, but not when the output code is generated. If lines are added # or removed, the anchors will not be placed correctly. INPUT_FILTER = # The FILTER_PATTERNS tag can be used to specify filters on a per file pattern # basis. Doxygen will compare the file name with each pattern and apply the # filter if there is a match. The filters are a list of the form: pattern=filter # (like *.cpp=my_cpp_filter). See INPUT_FILTER for further information on how # filters are used. If the FILTER_PATTERNS tag is empty or if none of the # patterns match the file name, INPUT_FILTER is applied. FILTER_PATTERNS = # If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using # INPUT_FILTER ) will also be used to filter the input files that are used for # producing the source files to browse (i.e. when SOURCE_BROWSER is set to YES). # The default value is: NO. FILTER_SOURCE_FILES = NO # The FILTER_SOURCE_PATTERNS tag can be used to specify source filters per file # pattern. A pattern will override the setting for FILTER_PATTERN (if any) and # it is also possible to disable source filtering for a specific pattern using # *.ext= (so without naming a filter). # This tag requires that the tag FILTER_SOURCE_FILES is set to YES. FILTER_SOURCE_PATTERNS = # If the USE_MDFILE_AS_MAINPAGE tag refers to the name of a markdown file that # is part of the input, its contents will be placed on the main page # (index.html). This can be useful if you have a project on for instance GitHub # and want to reuse the introduction page also for the doxygen output. USE_MDFILE_AS_MAINPAGE = #--------------------------------------------------------------------------- # Configuration options related to source browsing #--------------------------------------------------------------------------- # If the SOURCE_BROWSER tag is set to YES then a list of source files will be # generated. Documented entities will be cross-referenced with these sources. # # Note: To get rid of all source code in the generated output, make sure that # also VERBATIM_HEADERS is set to NO. # The default value is: NO. SOURCE_BROWSER = NO # Setting the INLINE_SOURCES tag to YES will include the body of functions, # classes and enums directly into the documentation. # The default value is: NO. INLINE_SOURCES = NO # Setting the STRIP_CODE_COMMENTS tag to YES will instruct doxygen to hide any # special comment blocks from generated source code fragments. Normal C, C++ and # Fortran comments will always remain visible. # The default value is: YES. STRIP_CODE_COMMENTS = YES # If the REFERENCED_BY_RELATION tag is set to YES then for each documented # function all documented functions referencing it will be listed. # The default value is: NO. REFERENCED_BY_RELATION = NO # If the REFERENCES_RELATION tag is set to YES then for each documented function # all documented entities called/used by that function will be listed. # The default value is: NO. REFERENCES_RELATION = NO # If the REFERENCES_LINK_SOURCE tag is set to YES and SOURCE_BROWSER tag is set # to YES, then the hyperlinks from functions in REFERENCES_RELATION and # REFERENCED_BY_RELATION lists will link to the source code. Otherwise they will # link to the documentation. # The default value is: YES. REFERENCES_LINK_SOURCE = YES # If SOURCE_TOOLTIPS is enabled (the default) then hovering a hyperlink in the # source code will show a tooltip with additional information such as prototype, # brief description and links to the definition and documentation. Since this # will make the HTML file larger and loading of large files a bit slower, you # can opt to disable this feature. # The default value is: YES. # This tag requires that the tag SOURCE_BROWSER is set to YES. SOURCE_TOOLTIPS = YES # If the USE_HTAGS tag is set to YES then the references to source code will # point to the HTML generated by the htags(1) tool instead of doxygen built-in # source browser. The htags tool is part of GNU's global source tagging system # (see http://www.gnu.org/software/global/global.html). You will need version # 4.8.6 or higher. # # To use it do the following: # - Install the latest version of global # - Enable SOURCE_BROWSER and USE_HTAGS in the config file # - Make sure the INPUT points to the root of the source tree # - Run doxygen as normal # # Doxygen will invoke htags (and that will in turn invoke gtags), so these # tools must be available from the command line (i.e. in the search path). # # The result: instead of the source browser generated by doxygen, the links to # source code will now point to the output of htags. # The default value is: NO. # This tag requires that the tag SOURCE_BROWSER is set to YES. USE_HTAGS = NO # If the VERBATIM_HEADERS tag is set the YES then doxygen will generate a # verbatim copy of the header file for each class for which an include is # specified. Set to NO to disable this. # See also: Section \class. # The default value is: YES. VERBATIM_HEADERS = YES # If the CLANG_ASSISTED_PARSING tag is set to YES, then doxygen will use the # clang parser (see: http://clang.llvm.org/) for more accurate parsing at the # cost of reduced performance. This can be particularly helpful with template # rich C++ code for which doxygen's built-in parser lacks the necessary type # information. # Note: The availability of this option depends on whether or not doxygen was # compiled with the --with-libclang option. # The default value is: NO. CLANG_ASSISTED_PARSING = NO # If clang assisted parsing is enabled you can provide the compiler with command # line options that you would normally use when invoking the compiler. Note that # the include paths will already be set by doxygen for the files and directories # specified with INPUT and INCLUDE_PATH. # This tag requires that the tag CLANG_ASSISTED_PARSING is set to YES. CLANG_OPTIONS = #--------------------------------------------------------------------------- # Configuration options related to the alphabetical class index #--------------------------------------------------------------------------- # If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index of all # compounds will be generated. Enable this if the project contains a lot of # classes, structs, unions or interfaces. # The default value is: YES. ALPHABETICAL_INDEX = YES # The COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns in # which the alphabetical index list will be split. # Minimum value: 1, maximum value: 20, default value: 5. # This tag requires that the tag ALPHABETICAL_INDEX is set to YES. COLS_IN_ALPHA_INDEX = 5 # In case all classes in a project start with a common prefix, all classes will # be put under the same header in the alphabetical index. The IGNORE_PREFIX tag # can be used to specify a prefix (or a list of prefixes) that should be ignored # while generating the index headers. # This tag requires that the tag ALPHABETICAL_INDEX is set to YES. IGNORE_PREFIX = #--------------------------------------------------------------------------- # Configuration options related to the HTML output #--------------------------------------------------------------------------- # If the GENERATE_HTML tag is set to YES doxygen will generate HTML output # The default value is: YES. GENERATE_HTML = YES # The HTML_OUTPUT tag is used to specify where the HTML docs will be put. If a # relative path is entered the value of OUTPUT_DIRECTORY will be put in front of # it. # The default directory is: html. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_OUTPUT = html # The HTML_FILE_EXTENSION tag can be used to specify the file extension for each # generated HTML page (for example: .htm, .php, .asp). # The default value is: .html. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_FILE_EXTENSION = .html # The HTML_HEADER tag can be used to specify a user-defined HTML header file for # each generated HTML page. If the tag is left blank doxygen will generate a # standard header. # # To get valid HTML the header file that includes any scripts and style sheets # that doxygen needs, which is dependent on the configuration options used (e.g. # the setting GENERATE_TREEVIEW). It is highly recommended to start with a # default header using # doxygen -w html new_header.html new_footer.html new_stylesheet.css # YourConfigFile # and then modify the file new_header.html. See also section "Doxygen usage" # for information on how to generate the default header that doxygen normally # uses. # Note: The header is subject to change so you typically have to regenerate the # default header when upgrading to a newer version of doxygen. For a description # of the possible markers and block names see the documentation. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_HEADER = # The HTML_FOOTER tag can be used to specify a user-defined HTML footer for each # generated HTML page. If the tag is left blank doxygen will generate a standard # footer. See HTML_HEADER for more information on how to generate a default # footer and what special commands can be used inside the footer. See also # section "Doxygen usage" for information on how to generate the default footer # that doxygen normally uses. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_FOOTER = # The HTML_STYLESHEET tag can be used to specify a user-defined cascading style # sheet that is used by each HTML page. It can be used to fine-tune the look of # the HTML output. If left blank doxygen will generate a default style sheet. # See also section "Doxygen usage" for information on how to generate the style # sheet that doxygen normally uses. # Note: It is recommended to use HTML_EXTRA_STYLESHEET instead of this tag, as # it is more robust and this tag (HTML_STYLESHEET) will in the future become # obsolete. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_STYLESHEET = # The HTML_EXTRA_STYLESHEET tag can be used to specify additional user-defined # cascading style sheets that are included after the standard style sheets # created by doxygen. Using this option one can overrule certain style aspects. # This is preferred over using HTML_STYLESHEET since it does not replace the # standard style sheet and is therefor more robust against future updates. # Doxygen will copy the style sheet files to the output directory. # Note: The order of the extra stylesheet files is of importance (e.g. the last # stylesheet in the list overrules the setting of the previous ones in the # list). For an example see the documentation. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_EXTRA_STYLESHEET = # The HTML_EXTRA_FILES tag can be used to specify one or more extra images or # other source files which should be copied to the HTML output directory. Note # that these files will be copied to the base HTML output directory. Use the # $relpath^ marker in the HTML_HEADER and/or HTML_FOOTER files to load these # files. In the HTML_STYLESHEET file, use the file name only. Also note that the # files will be copied as-is; there are no commands or markers available. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_EXTRA_FILES = # The HTML_COLORSTYLE_HUE tag controls the color of the HTML output. Doxygen # will adjust the colors in the stylesheet and background images according to # this color. Hue is specified as an angle on a colorwheel, see # http://en.wikipedia.org/wiki/Hue for more information. For instance the value # 0 represents red, 60 is yellow, 120 is green, 180 is cyan, 240 is blue, 300 # purple, and 360 is red again. # Minimum value: 0, maximum value: 359, default value: 220. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_COLORSTYLE_HUE = 220 # The HTML_COLORSTYLE_SAT tag controls the purity (or saturation) of the colors # in the HTML output. For a value of 0 the output will use grayscales only. A # value of 255 will produce the most vivid colors. # Minimum value: 0, maximum value: 255, default value: 100. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_COLORSTYLE_SAT = 100 # The HTML_COLORSTYLE_GAMMA tag controls the gamma correction applied to the # luminance component of the colors in the HTML output. Values below 100 # gradually make the output lighter, whereas values above 100 make the output # darker. The value divided by 100 is the actual gamma applied, so 80 represents # a gamma of 0.8, The value 220 represents a gamma of 2.2, and 100 does not # change the gamma. # Minimum value: 40, maximum value: 240, default value: 80. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_COLORSTYLE_GAMMA = 80 # If the HTML_TIMESTAMP tag is set to YES then the footer of each generated HTML # page will contain the date and time when the page was generated. Setting this # to NO can help when comparing the output of multiple runs. # The default value is: YES. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_TIMESTAMP = YES # If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML # documentation will contain sections that can be hidden and shown after the # page has loaded. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_DYNAMIC_SECTIONS = NO # With HTML_INDEX_NUM_ENTRIES one can control the preferred number of entries # shown in the various tree structured indices initially; the user can expand # and collapse entries dynamically later on. Doxygen will expand the tree to # such a level that at most the specified number of entries are visible (unless # a fully collapsed tree already exceeds this amount). So setting the number of # entries 1 will produce a full collapsed tree by default. 0 is a special value # representing an infinite number of entries and will result in a full expanded # tree by default. # Minimum value: 0, maximum value: 9999, default value: 100. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_INDEX_NUM_ENTRIES = 100 # If the GENERATE_DOCSET tag is set to YES, additional index files will be # generated that can be used as input for Apple's Xcode 3 integrated development # environment (see: http://developer.apple.com/tools/xcode/), introduced with # OSX 10.5 (Leopard). To create a documentation set, doxygen will generate a # Makefile in the HTML output directory. Running make will produce the docset in # that directory and running make install will install the docset in # ~/Library/Developer/Shared/Documentation/DocSets so that Xcode will find it at # startup. See http://developer.apple.com/tools/creatingdocsetswithdoxygen.html # for more information. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. GENERATE_DOCSET = NO # This tag determines the name of the docset feed. A documentation feed provides # an umbrella under which multiple documentation sets from a single provider # (such as a company or product suite) can be grouped. # The default value is: Doxygen generated docs. # This tag requires that the tag GENERATE_DOCSET is set to YES. DOCSET_FEEDNAME = "Doxygen generated docs" # This tag specifies a string that should uniquely identify the documentation # set bundle. This should be a reverse domain-name style string, e.g. # com.mycompany.MyDocSet. Doxygen will append .docset to the name. # The default value is: org.doxygen.Project. # This tag requires that the tag GENERATE_DOCSET is set to YES. DOCSET_BUNDLE_ID = org.doxygen.Project # The DOCSET_PUBLISHER_ID tag specifies a string that should uniquely identify # the documentation publisher. This should be a reverse domain-name style # string, e.g. com.mycompany.MyDocSet.documentation. # The default value is: org.doxygen.Publisher. # This tag requires that the tag GENERATE_DOCSET is set to YES. DOCSET_PUBLISHER_ID = org.doxygen.Publisher # The DOCSET_PUBLISHER_NAME tag identifies the documentation publisher. # The default value is: Publisher. # This tag requires that the tag GENERATE_DOCSET is set to YES. DOCSET_PUBLISHER_NAME = Publisher # If the GENERATE_HTMLHELP tag is set to YES then doxygen generates three # additional HTML index files: index.hhp, index.hhc, and index.hhk. The # index.hhp is a project file that can be read by Microsoft's HTML Help Workshop # (see: http://www.microsoft.com/en-us/download/details.aspx?id=21138) on # Windows. # # The HTML Help Workshop contains a compiler that can convert all HTML output # generated by doxygen into a single compiled HTML file (.chm). Compiled HTML # files are now used as the Windows 98 help format, and will replace the old # Windows help format (.hlp) on all Windows platforms in the future. Compressed # HTML files also contain an index, a table of contents, and you can search for # words in the documentation. The HTML workshop also contains a viewer for # compressed HTML files. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. GENERATE_HTMLHELP = NO # The CHM_FILE tag can be used to specify the file name of the resulting .chm # file. You can add a path in front of the file if the result should not be # written to the html output directory. # This tag requires that the tag GENERATE_HTMLHELP is set to YES. CHM_FILE = # The HHC_LOCATION tag can be used to specify the location (absolute path # including file name) of the HTML help compiler ( hhc.exe). If non-empty # doxygen will try to run the HTML help compiler on the generated index.hhp. # The file has to be specified with full path. # This tag requires that the tag GENERATE_HTMLHELP is set to YES. HHC_LOCATION = # The GENERATE_CHI flag controls if a separate .chi index file is generated ( # YES) or that it should be included in the master .chm file ( NO). # The default value is: NO. # This tag requires that the tag GENERATE_HTMLHELP is set to YES. GENERATE_CHI = NO # The CHM_INDEX_ENCODING is used to encode HtmlHelp index ( hhk), content ( hhc) # and project file content. # This tag requires that the tag GENERATE_HTMLHELP is set to YES. CHM_INDEX_ENCODING = # The BINARY_TOC flag controls whether a binary table of contents is generated ( # YES) or a normal table of contents ( NO) in the .chm file. Furthermore it # enables the Previous and Next buttons. # The default value is: NO. # This tag requires that the tag GENERATE_HTMLHELP is set to YES. BINARY_TOC = NO # The TOC_EXPAND flag can be set to YES to add extra items for group members to # the table of contents of the HTML help documentation and to the tree view. # The default value is: NO. # This tag requires that the tag GENERATE_HTMLHELP is set to YES. TOC_EXPAND = NO # If the GENERATE_QHP tag is set to YES and both QHP_NAMESPACE and # QHP_VIRTUAL_FOLDER are set, an additional index file will be generated that # can be used as input for Qt's qhelpgenerator to generate a Qt Compressed Help # (.qch) of the generated HTML documentation. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. GENERATE_QHP = NO # If the QHG_LOCATION tag is specified, the QCH_FILE tag can be used to specify # the file name of the resulting .qch file. The path specified is relative to # the HTML output folder. # This tag requires that the tag GENERATE_QHP is set to YES. QCH_FILE = # The QHP_NAMESPACE tag specifies the namespace to use when generating Qt Help # Project output. For more information please see Qt Help Project / Namespace # (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#namespace). # The default value is: org.doxygen.Project. # This tag requires that the tag GENERATE_QHP is set to YES. QHP_NAMESPACE = org.doxygen.Project # The QHP_VIRTUAL_FOLDER tag specifies the namespace to use when generating Qt # Help Project output. For more information please see Qt Help Project / Virtual # Folders (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#virtual- # folders). # The default value is: doc. # This tag requires that the tag GENERATE_QHP is set to YES. QHP_VIRTUAL_FOLDER = doc # If the QHP_CUST_FILTER_NAME tag is set, it specifies the name of a custom # filter to add. For more information please see Qt Help Project / Custom # Filters (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#custom- # filters). # This tag requires that the tag GENERATE_QHP is set to YES. QHP_CUST_FILTER_NAME = # The QHP_CUST_FILTER_ATTRS tag specifies the list of the attributes of the # custom filter to add. For more information please see Qt Help Project / Custom # Filters (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#custom- # filters). # This tag requires that the tag GENERATE_QHP is set to YES. QHP_CUST_FILTER_ATTRS = # The QHP_SECT_FILTER_ATTRS tag specifies the list of the attributes this # project's filter section matches. Qt Help Project / Filter Attributes (see: # http://qt-project.org/doc/qt-4.8/qthelpproject.html#filter-attributes). # This tag requires that the tag GENERATE_QHP is set to YES. QHP_SECT_FILTER_ATTRS = # The QHG_LOCATION tag can be used to specify the location of Qt's # qhelpgenerator. If non-empty doxygen will try to run qhelpgenerator on the # generated .qhp file. # This tag requires that the tag GENERATE_QHP is set to YES. QHG_LOCATION = # If the GENERATE_ECLIPSEHELP tag is set to YES, additional index files will be # generated, together with the HTML files, they form an Eclipse help plugin. To # install this plugin and make it available under the help contents menu in # Eclipse, the contents of the directory containing the HTML and XML files needs # to be copied into the plugins directory of eclipse. The name of the directory # within the plugins directory should be the same as the ECLIPSE_DOC_ID value. # After copying Eclipse needs to be restarted before the help appears. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. GENERATE_ECLIPSEHELP = NO # A unique identifier for the Eclipse help plugin. When installing the plugin # the directory name containing the HTML and XML files should also have this # name. Each documentation set should have its own identifier. # The default value is: org.doxygen.Project. # This tag requires that the tag GENERATE_ECLIPSEHELP is set to YES. ECLIPSE_DOC_ID = org.doxygen.Project # If you want full control over the layout of the generated HTML pages it might # be necessary to disable the index and replace it with your own. The # DISABLE_INDEX tag can be used to turn on/off the condensed index (tabs) at top # of each HTML page. A value of NO enables the index and the value YES disables # it. Since the tabs in the index contain the same information as the navigation # tree, you can set this option to YES if you also set GENERATE_TREEVIEW to YES. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. DISABLE_INDEX = NO # The GENERATE_TREEVIEW tag is used to specify whether a tree-like index # structure should be generated to display hierarchical information. If the tag # value is set to YES, a side panel will be generated containing a tree-like # index structure (just like the one that is generated for HTML Help). For this # to work a browser that supports JavaScript, DHTML, CSS and frames is required # (i.e. any modern browser). Windows users are probably better off using the # HTML help feature. Via custom stylesheets (see HTML_EXTRA_STYLESHEET) one can # further fine-tune the look of the index. As an example, the default style # sheet generated by doxygen has an example that shows how to put an image at # the root of the tree instead of the PROJECT_NAME. Since the tree basically has # the same information as the tab index, you could consider setting # DISABLE_INDEX to YES when enabling this option. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. GENERATE_TREEVIEW = NO # The ENUM_VALUES_PER_LINE tag can be used to set the number of enum values that # doxygen will group on one line in the generated HTML documentation. # # Note that a value of 0 will completely suppress the enum values from appearing # in the overview section. # Minimum value: 0, maximum value: 20, default value: 4. # This tag requires that the tag GENERATE_HTML is set to YES. ENUM_VALUES_PER_LINE = 4 # If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be used # to set the initial width (in pixels) of the frame in which the tree is shown. # Minimum value: 0, maximum value: 1500, default value: 250. # This tag requires that the tag GENERATE_HTML is set to YES. TREEVIEW_WIDTH = 250 # When the EXT_LINKS_IN_WINDOW option is set to YES doxygen will open links to # external symbols imported via tag files in a separate window. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. EXT_LINKS_IN_WINDOW = NO # Use this tag to change the font size of LaTeX formulas included as images in # the HTML documentation. When you change the font size after a successful # doxygen run you need to manually remove any form_*.png images from the HTML # output directory to force them to be regenerated. # Minimum value: 8, maximum value: 50, default value: 10. # This tag requires that the tag GENERATE_HTML is set to YES. FORMULA_FONTSIZE = 10 # Use the FORMULA_TRANPARENT tag to determine whether or not the images # generated for formulas are transparent PNGs. Transparent PNGs are not # supported properly for IE 6.0, but are supported on all modern browsers. # # Note that when changing this option you need to delete any form_*.png files in # the HTML output directory before the changes have effect. # The default value is: YES. # This tag requires that the tag GENERATE_HTML is set to YES. FORMULA_TRANSPARENT = YES # Enable the USE_MATHJAX option to render LaTeX formulas using MathJax (see # http://www.mathjax.org) which uses client side Javascript for the rendering # instead of using prerendered bitmaps. Use this if you do not have LaTeX # installed or if you want to formulas look prettier in the HTML output. When # enabled you may also need to install MathJax separately and configure the path # to it using the MATHJAX_RELPATH option. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. USE_MATHJAX = NO # When MathJax is enabled you can set the default output format to be used for # the MathJax output. See the MathJax site (see: # http://docs.mathjax.org/en/latest/output.html) for more details. # Possible values are: HTML-CSS (which is slower, but has the best # compatibility), NativeMML (i.e. MathML) and SVG. # The default value is: HTML-CSS. # This tag requires that the tag USE_MATHJAX is set to YES. MATHJAX_FORMAT = HTML-CSS # When MathJax is enabled you need to specify the location relative to the HTML # output directory using the MATHJAX_RELPATH option. The destination directory # should contain the MathJax.js script. For instance, if the mathjax directory # is located at the same level as the HTML output directory, then # MATHJAX_RELPATH should be ../mathjax. The default value points to the MathJax # Content Delivery Network so you can quickly see the result without installing # MathJax. However, it is strongly recommended to install a local copy of # MathJax from http://www.mathjax.org before deployment. # The default value is: http://cdn.mathjax.org/mathjax/latest. # This tag requires that the tag USE_MATHJAX is set to YES. MATHJAX_RELPATH = http://cdn.mathjax.org/mathjax/latest # The MATHJAX_EXTENSIONS tag can be used to specify one or more MathJax # extension names that should be enabled during MathJax rendering. For example # MATHJAX_EXTENSIONS = TeX/AMSmath TeX/AMSsymbols # This tag requires that the tag USE_MATHJAX is set to YES. MATHJAX_EXTENSIONS = # The MATHJAX_CODEFILE tag can be used to specify a file with javascript pieces # of code that will be used on startup of the MathJax code. See the MathJax site # (see: http://docs.mathjax.org/en/latest/output.html) for more details. For an # example see the documentation. # This tag requires that the tag USE_MATHJAX is set to YES. MATHJAX_CODEFILE = # When the SEARCHENGINE tag is enabled doxygen will generate a search box for # the HTML output. The underlying search engine uses javascript and DHTML and # should work on any modern browser. Note that when using HTML help # (GENERATE_HTMLHELP), Qt help (GENERATE_QHP), or docsets (GENERATE_DOCSET) # there is already a search function so this one should typically be disabled. # For large projects the javascript based search engine can be slow, then # enabling SERVER_BASED_SEARCH may provide a better solution. It is possible to # search using the keyboard; to jump to the search box use + S # (what the is depends on the OS and browser, but it is typically # , /