Commit 0ab8b06a authored by SZ Lin (林上智)'s avatar SZ Lin (林上智)

New upstream version 5.0.7

parent 48bf45da
This diff is collapsed.
......@@ -7,12 +7,12 @@
# Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
#
# Copyright:
# Copyright (C) 2011 Greenbone Networks GmbH
# Copyright (C) 2011-2015 Greenbone Networks GmbH
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# or, at your option, any later version as published by the Free
# Software Foundation
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
......@@ -35,6 +35,10 @@ endif (POLICY CMP0005)
include (FindPkgConfig)
if (NOT PKG_CONFIG_FOUND)
message(FATAL_ERROR "pkg-config executable not found. Aborting.")
endif (NOT PKG_CONFIG_FOUND)
if (NOT CMAKE_BUILD_TYPE)
set (CMAKE_BUILD_TYPE Debug)
endif (NOT CMAKE_BUILD_TYPE)
......@@ -52,14 +56,14 @@ macro (Subversion_GET_REVISION dir variable)
endmacro (Subversion_GET_REVISION)
if (NOT CMAKE_BUILD_TYPE MATCHES "Release")
if (EXISTS ".svn/")
if (EXISTS "${CMAKE_SOURCE_DIR}/.svn/")
if (SVN_EXECUTABLE)
Subversion_GET_REVISION(. ProjectRevision)
set (SVN_REVISION ".SVN.r${ProjectRevision}")
else (SVN_EXECUTABLE)
set (SVN_REVISION ".SVN")
endif (SVN_EXECUTABLE)
endif (EXISTS ".svn/")
endif (EXISTS "${CMAKE_SOURCE_DIR}/.svn/")
endif (NOT CMAKE_BUILD_TYPE MATCHES "Release")
# TODO: Check pkg-config (maybe with code like in gsa/CMakeLists.txt).
......@@ -77,10 +81,16 @@ set (CPACK_SOURCE_GENERATOR "TGZ")
set (CPACK_SOURCE_TOPLEVEL_TAG "")
set (CPACK_SYSTEM_NAME "")
set (CPACK_TOPLEVEL_TAG "")
set (CPACK_PACKAGE_VERSION_MAJOR "3")
set (CPACK_PACKAGE_VERSION_MINOR "2")
set (CPACK_PACKAGE_VERSION_PATCH "3${SVN_REVISION}")
set (CPACK_PACKAGE_VERSION_MAJOR "5")
set (CPACK_PACKAGE_VERSION_MINOR "0")
# Use this scheme for stable releases
set (CPACK_PACKAGE_VERSION_PATCH "7${SVN_REVISION}")
set (CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}")
# Use this scheme for +betaN and +rcN releases:
#set (CPACK_PACKAGE_VERSION_PATCH "+beta1${SVN_REVISION}")
#set (CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}${CPACK_PACKAGE_VERSION_PATCH}")
set (CPACK_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}")
set (CPACK_SOURCE_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}")
set (CPACK_PACKAGE_VENDOR "The OpenVAS Project")
......@@ -98,12 +108,14 @@ set (CPACK_SOURCE_IGNORE_FILES
"log.conf$"
"Doxyfile$"
"Doxyfile_full$"
"openvassd.8$"
"VERSION$"
"tools/openvas-adduser$"
"tools/openvas-mkcert$"
"tools/openvas-mkcert-client$"
"tools/openvas-rmuser$"
"tools/openvas-nvt-sync$"
"tools/greenbone-nvt-sync$"
"doc/example_redis_2_4.conf$"
"doc/example_redis_2_6.conf$"
)
include (CPack)
......@@ -153,7 +165,6 @@ set (OPENVAS_CACHE_DIR "${LOCALSTATEDIR}/cache/openvas")
set (OPENVAS_PID_DIR "${LOCALSTATEDIR}/run")
set (OPENVAS_SYSCONF_DIR "${SYSCONFDIR}/openvas")
set (OPENVAS_USERS_DIR "${OPENVAS_STATE_DIR}/users")
set (OPENVAS_NVT_DIR "${OPENVAS_STATE_DIR}/plugins")
set (OPENVAS_LIB_INSTALL_DIR "${LIBDIR}")
......@@ -166,50 +177,33 @@ set (OPENVAS_CA_CERTIFICATE "${OPENVAS_STATE_DIR}/CA/cacert.pem")
set (OPENVASSD_MESSAGES "${OPENVAS_LOG_DIR}/openvassd.messages")
set (OPENVASSD_DEBUGMSG "${OPENVAS_LOG_DIR}/openvassd.dump")
set (OPENVASSD_CONF "${OPENVAS_SYSCONF_DIR}/openvassd.conf")
set (OPENVASSD_RULES "${OPENVAS_DATA_DIR}/openvassd.rules")
set (NVT_TIMEOUT "320")
set (SCANNER_NVT_TIMEOUT "36000")
message ("-- Install prefix: ${CMAKE_INSTALL_PREFIX}")
## Dependency checks
##
## TODO Also check for headers where needed.
## Improve for workflow: First collect list of missing libs, then print the
## list and throw an error, otherwise long install-cmake-install-cmake cycles
## might occur.
pkg_check_modules (LIBOPENVAS REQUIRED libopenvas>=4.0.0)
pkg_check_modules (GNUTLS REQUIRED gnutls)
pkg_check_modules (GLIB REQUIRED glib-2.0)
message (STATUS "Looking for pcap...")
find_library (PCAP pcap)
message (STATUS "Looking for pcap... ${PCAP}")
if (NOT PCAP)
message (FATAL_ERROR "The pcap library is required.")
endif (NOT PCAP)
message (STATUS "Looking for gpgme...")
find_library (GPGME gpgme)
message (STATUS "Looking for gpgme... ${GPGME}")
if (NOT GPGME)
message (FATAL_ERROR "The gpgme library is required.")
endif (NOT GPGME)
execute_process (COMMAND pkg-config --cflags glib-2.0
OUTPUT_VARIABLE GLIB_CFLAGS
OUTPUT_STRIP_TRAILING_WHITESPACE)
execute_process (COMMAND pkg-config --libs glib-2.0
OUTPUT_VARIABLE GLIB_LDFLAGS
OUTPUT_STRIP_TRAILING_WHITESPACE)
execute_process (COMMAND pkg-config --cflags libopenvas
OUTPUT_VARIABLE OPENVAS_CFLAGS
OUTPUT_STRIP_TRAILING_WHITESPACE)
execute_process (COMMAND pkg-config --libs libopenvas
OUTPUT_VARIABLE OPENVAS_LDFLAGS
OUTPUT_STRIP_TRAILING_WHITESPACE)
pkg_check_modules (LIBOPENVAS_NASL REQUIRED libopenvas_nasl>=8.0.2)
pkg_check_modules (LIBOPENVAS_BASE REQUIRED libopenvas_base>=8.0.2)
pkg_check_modules (LIBOPENVAS_MISC REQUIRED libopenvas_misc>=8.0.2)
pkg_check_modules (LIBOPENVAS_OMP REQUIRED libopenvas_omp>=8.0.2)
pkg_check_modules (GLIB REQUIRED glib-2.0>=2.16)
message (STATUS "Looking for libgcrypt...")
find_library (GCRYPT gcrypt)
if (NOT GCRYPT)
message (SEND_ERROR "The libgcrypt library is required.")
else (NOT GCRYPT)
message (STATUS "Looking for libgcrypt... ${GCRYPT}")
execute_process (COMMAND libgcrypt-config --libs
OUTPUT_VARIABLE GCRYPT_LDFLAGS
OUTPUT_STRIP_TRAILING_WHITESPACE)
execute_process (COMMAND libgcrypt-config --cflags
OUTPUT_VARIABLE GCRYPT_CFLAGS
OUTPUT_STRIP_TRAILING_WHITESPACE)
endif (NOT GCRYPT)
## Version
......@@ -220,12 +214,13 @@ string (REPLACE "
configure_file (doc/Doxyfile.in doc/Doxyfile @ONLY)
configure_file (doc/Doxyfile_full.in doc/Doxyfile_full @ONLY)
configure_file (doc/openvassd.8.in doc/openvassd.8 @ONLY)
configure_file (doc/example_redis_2_4.conf.in doc/example_redis_2_4.conf @ONLY)
configure_file (doc/example_redis_2_6.conf.in doc/example_redis_2_6.conf @ONLY)
configure_file (VERSION.in VERSION @ONLY)
configure_file (tools/openvas-adduser.in tools/openvas-adduser @ONLY)
configure_file (tools/openvas-rmuser.in tools/openvas-rmuser @ONLY)
configure_file (tools/openvas-mkcert.in tools/openvas-mkcert @ONLY)
configure_file (tools/openvas-mkcert-client.in tools/openvas-mkcert-client @ONLY)
configure_file (tools/openvas-nvt-sync.in tools/openvas-nvt-sync @ONLY)
configure_file (tools/greenbone-nvt-sync.in tools/greenbone-nvt-sync @ONLY)
# TODO: Once Scanner has a proper logging mechanism like Manager.
#configure_file (src/openvassd_log_conf.cmake_in src/openvassd_log.conf)
......@@ -233,8 +228,8 @@ configure_file (tools/openvas-nvt-sync.in tools/openvas-nvt-sync @ONLY)
set (HARDENING_FLAGS "-Wformat -Wformat-security -O2 -D_FORTIFY_SOURCE=2 -fstack-protector -Wl,-z,relro -Wl,-z,now")
set (CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG}")
set (CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${HARDENING_FLAGS} -Wall -Werror -D_BSD_SOURCE -D_ISOC99_SOURCE -D_SVID_SOURCE")
set (CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -Werror")
set (CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${HARDENING_FLAGS} -Wall -D_BSD_SOURCE -D_ISOC99_SOURCE -D_SVID_SOURCE -D_DEFAULT_SOURCE")
add_subdirectory (src)
......@@ -247,7 +242,7 @@ add_subdirectory (doc)
## Install
install (FILES src/openvassd
install (FILES ${CMAKE_BINARY_DIR}/src/openvassd
DESTINATION ${SBINDIR}
PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE
GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
......@@ -256,23 +251,35 @@ install (FILES src/openvassd
#install (FILES openvassd_log.conf
# DESTINATION ${OPENVAS_SYSCONF_DIR})
install (FILES tools/openvas-adduser tools/openvas-rmuser
tools/openvas-mkcert tools/openvas-mkcert-client
tools/greenbone-nvt-sync tools/openvas-nvt-sync
install (FILES ${CMAKE_BINARY_DIR}/tools/openvas-mkcert
${CMAKE_BINARY_DIR}/tools/openvas-nvt-sync
${CMAKE_BINARY_DIR}/tools/greenbone-nvt-sync
DESTINATION ${SBINDIR}
PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE
GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
install (FILES doc/openvas-adduser.8 doc/openvas-mkcert.8
doc/openvas-nvt-sync.8 doc/openvas-rmuser.8 doc/openvassd.8
doc/greenbone-nvt-sync.8
install (FILES ${CMAKE_BINARY_DIR}/tools/openvas-mkcert-client
DESTINATION ${BINDIR}
PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE
GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
install (FILES ${CMAKE_SOURCE_DIR}/doc/openvas-mkcert-client.1
DESTINATION ${DATADIR}/man/man1 )
install (FILES ${CMAKE_BINARY_DIR}/doc/openvassd.8
DESTINATION ${DATADIR}/man/man8 )
install (FILES ${CMAKE_SOURCE_DIR}/doc/openvas-mkcert.8
${CMAKE_SOURCE_DIR}/doc/openvas-nvt-sync.8
${CMAKE_SOURCE_DIR}/doc/greenbone-nvt-sync.8
DESTINATION ${DATADIR}/man/man8 )
install (FILES ${CMAKE_BINARY_DIR}/doc/example_redis_2_4.conf
${CMAKE_BINARY_DIR}/doc/example_redis_2_6.conf
DESTINATION ${DATADIR}/doc/openvas-scanner/ )
install (DIRECTORY DESTINATION ${OPENVAS_NVT_DIR})
install (DIRECTORY DESTINATION ${OPENVAS_CACHE_DIR})
install (DIRECTORY
DESTINATION ${OPENVAS_SYSCONF_DIR}/gnupg
DIRECTORY_PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE)
## Tests
......
......@@ -4,45 +4,33 @@ License information about openvas-scanner
Th effective license of the modules as a whole
is the GNU General Public License Version 2 (GNU GPLv2).
Single files, however, are licensed under either
Single files, however, are licensed either
under GNU General Public License Version 2 (GNU GPLv2)
or under "GNU GPLv2 or any later version" (GNU GPLv2+).
GPLv2: See file COPYING.GPLv2
The following overview was collected 20100812 based
on the header of the respective files (last updated
20110114):
The following overview was initially collected 20100812 based
on the header of the respective files and since then updated
as changes were applied:
src/attack.[c|h]: GPLv2
src/auth.[c|h]: GPLv2
src/comm.[c|h]: GPLv2
src/hosts.[c|h]: GPLv2
src/locks.[c|h]: GPLv2
src/log.[c|h]: GPLv2
src/nasl_plugins.c: GPLv2
src/ntp_11.[c|h]: GPLv2
src/ntp.[c|h]: GPLv2
src/openvassd.c: GPLv2
src/otp_1_0.[c|h]: GPLv2+
src/oval_plugins.c: GPLv2+
src/parser.[c|h]: GPLv2
src/piic.[c|h]: GPLv2
src/otp.[c|h]: GPLv2+
src/pluginlaunch.[c|h]: GPLv2
src/pluginload.[c|h]: GPLv2
src/pluginscheduler.[c|h]: GPLv2
src/plugs_hash.[c|h]: GPLv2
src/plugs_req.[c|h]: GPLv2
src/preferences.[c|h]: GPLv2
src/processes.[c|h]: GPLv2
src/rules.[c|h]: GPLv2
src/save_kb.[c|h]: GPLv2
src/shared_socket.[c|h]: GPLv2
src/sighand.[c|h]: GPLv2
src/users.[c|h]: GPLv2
src/utils.[c|h]: GPLv2
tools/greenbone-nvt-sync: GPLv2
tools/openvas-adduser.in: GPLv2
tools/openvas-rmuser.in: GPLv2
tools/greenbone-nvt-sync: GPLv2+
tools/openvas-mkcert-client.in: GPLv2
tools/openvas-mkcert.in: GPLv2
tools/openvas-nvt-sync.in: GPLv2
This diff is collapsed.
......@@ -2,41 +2,50 @@ INSTALLATION INSTRUCTIONS FOR OPENVAS-SCANNER
=============================================
Please note: The reference system used by most of the developers is Debian
GNU/Linux 'Lenny' 5.0. The build might fail on any other systems. Also
it is necessary to install dependent development packages.
Debian GNU/Linux 'Wheezy' 7. The build might fail on any other systems.
Also it is necessary to install dependent development packages.
Compiling openvas-scanner
-------------------------
Prerequisites for openvas-scanner
---------------------------------
Prerequisites:
* cmake
* glib-2.0
* gnutls
* openvas-libraries (4.0.0 or later)
* glib-2.0 >= 2.16
* libgcrypt
* openvas-libraries >= 8.0.2
* pkg-config
* redis >= 2.4.0
Prerequisites for building documentation:
* Doxygen
* xmltoman (optional, for building man page)
* sqlfairy (optional, for producing database diagram)
Compiling openvas-scanner
-------------------------
If you have installed required libraries to a non-standard location, remember to
set the PKG_CONFIG_PATH environment variable to the location of you pkg-config
files before configuring:
$ export PKG_CONFIG_PATH=$PKG_CONFIG_PATH:/your/location/lib/pkgconfig
$ export PKG_CONFIG_PATH=/your/location/lib/pkgconfig:$PKG_CONFIG_PATH
Create a build directory and change into it with
$ mkdir build
$ cd build
Then configure the build with
$ cmake -DCMAKE_INSTALL_PREFIX=/path/to/your/installation .
$ cmake -DCMAKE_INSTALL_PREFIX=/path/to/your/installation ..
or (if you want to use the default installation path /usr/local)
$ cmake .
$ cmake ..
This only needs to be done once. Note: It is assumed that the other
OpenVAS components are installed to the same path. If not, you need to set
some paths separately, see below for details.
This only needs to be done once.
Thereafter, the following commands are useful.
......@@ -44,13 +53,13 @@ Thereafter, the following commands are useful.
$ make doc # build the documentation
$ make doc-full # build more developer-oriented documentation
$ make install # install the build
$ make rebuild_cache # rebuild the make system cache
$ make rebuild_cache # rebuild the cmake cache
$ make install
Please note that you may have to execute "make install" as root, especially if
you have specified a prefix for which your user does not have full permissions.
Please note that you may have to execute this command as root, especially if you
have specified a prefix for which your user does not have full permissions.
To clean up the build environment, simply remove the contents of the "build"
directory you created above.
Setting up openvas-scanner
......@@ -68,7 +77,15 @@ Setting up an openvas-scanner requires the following steps:
This command will guide you through the certificate creation and place the
certificates in the correct locations on your system.
2) In order to run vulnerability scans, you will need a collection of Network
2) (optional) You may decide to change the default scanner preferences
by setting them in the file $prefix/etc/openvassd.conf. If that file does
not exist (default), then the default settings are used. You can view
them with "openvassd -s". The output of that command is a valid configuration
file. The man page ("man openvassd") provides details about the available
settings, among these opportunities to restrict access of scanner regarding
scan targets and interfaces.
3) In order to run vulnerability scans, you will need a collection of Network
Vulnerability Tests (NVTs) that can be run by openvas-scanner. Initially,
your NVT collection will be empty. It is recommended that you synchronize
with an NVT feed service before starting openvas-scanner for the first time.
......@@ -90,7 +107,7 @@ Setting up an openvas-scanner requires the following steps:
Please visit the OpenVAS website for more information on available NVT feeds
and instructions for integrating feeds into your scanner installation.
3) You can launch openvas-scanner using the following command:
4) You can launch openvas-scanner using the following command:
$ openvassd
......@@ -99,6 +116,12 @@ Setting up an openvas-scanner requires the following steps:
the internal scanner cache has to be updated. Subsequent launches will be
much quicker.
Sending SIGHUP to the scanner main process will initiate a reload of the
feed content and of the scanner preferences. This will not affect running
scans. The NVT synchronisation routine will try to send the SIGHUP to the
scanner on its own. This works only if the pid-file of scanner is found
which is expected to be /var/run/openvas/openvassd.pid.
Please note that although you can start openvassd as a user without elevated
privileges, it is recommended that you start openvassd as root since a number
of Network Vulnerability Tests (NVTs) require root privileges to perform
......@@ -106,26 +129,28 @@ Setting up an openvas-scanner requires the following steps:
without permission to perform these operations, your scan results are very
likely to be incomplete.
4) Once the scanner has started, openvas-manager can act as a client and control
the scanner. The actual user interfaces (for example GSA, GSD or CLI-OMP)
will only interact with the manager, not the scanner.
5) The scanner needs a running redis server to temporarily store information
gathered on the scanned hosts. Redis 2.4 and newer is supported but 2.6
is recommended. See doc/redis_config.txt to see how to setup and run a redis
server.
It is still possible to use the latest version of the old OpenVAS-Client as
direct client application for the scanner but this will circumvent the whole
vulnerability management storage and processes.
Two examples are installed which you may use directly for a quick start:
5) [conditional]: If you do plan to use OpenVAS-Client as direct client and do
not plan to use OpenVAS Manager, then you need to create at least one user
for the openvas-scanner to be able to login. This can be done via the command:
$ redis-server /share/doc/openvas-scanner/example_redis_2_4.conf
$ openvas-adduser
or
The command will guide you through the user creation and allow you to specify
a name and authentication method for the user and to define rules restricting
the usage of the scanner by this user.
$ redis-server /share/doc/openvas-scanner/example_redis_2_6.conf
If you plan to use the OpenVAS Manager, you will be guided through
creation of user accounts by the INSTALL file of OpenVAS Manager.
or copy the example to another location, edit and use the copy instead.
6) Once the scanner has started, openvas-manager can act as a client and control
the scanner. The actual user interfaces (for example GSA or CLI-OMP)
will only interact with the manager, not the scanner.
You will be guided through creation of user accounts by the INSTALL file
of OpenVAS Manager.
If you encounter problems, the files /var/log/openvas/openvassd.messages and
......@@ -135,3 +160,26 @@ installation method.) Please have these files ready when contacting the OpenVAS
developers through the OpenVAS mailing list or the online chat or submitting bug
reports at http://bugs.openvas.org/ as they may help to pinpoint the source of
your issue.
Static code analysis with the Clang Static Analyzer
---------------------------------------------------
If you want to use the Clang Static Analyzer (http://clang-analyzer.llvm.org/)
to do a static code analysis, you can do so by adding the following parameter
when configuring the build:
-DCMAKE_C_COMPILER=/usr/share/clang/scan-build/ccc-analyzer
Note that the example above uses the default location of ccc-analyzer in Debian
GNU/Linux and may be different in other environments.
To have the analysis results aggregated into a set of HTML files, use the
following command:
$ scan-build make
The tool will provide a hint on how to launch a web browser with the results.
It is recommended to do this analysis in a separate, empty build directory and
to empty the build directory before "scan-build" call.
......@@ -11,9 +11,9 @@ Please see the file COPYING for the license information.
Please refer to the instructions provided in the file INSTALL if you want to
install and configure openvas-scanner. If you are not familiar or comfortable
with the procedure described there, we recommend that you use a binary package
provided by your distribution. Information regarding available binary packages
is available from the OpenVAS website.
with building from source code, we recommend that you use a install package or use
a prepared virtual machine. Information regarding available binary packages
and virtual machines is available from the download area of the OpenVAS website.
Note that you will need the openvas-libraries modules to compile
openvas-scanner. Further information about these modules is available
......
......@@ -9,15 +9,15 @@
# Copyright:
# Copyright (C) 2011 Greenbone Networks GmbH
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Library General Public
# License as published by the Free Software Foundation; either
# version 2 of the License, or (at your option) any later version.
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Library General Public License for more details.
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
......@@ -25,38 +25,24 @@
## build
set_directory_properties (PROPERTIES CLEAN_NO_CUSTOM true)
set_directory_properties (PROPERTIES ADDITIONAL_MAKE_CLEAN_FILES ".built-html;.built-html_full")
include (FindDoxygen)
if (NOT DOXYGEN_EXECUTABLE)
message (STATUS "WARNING: Doxygen is required to build the HTML docs.")
else (NOT DOXYGEN_EXECUTABLE)
set (DOC_FILES
../src/attack.c ../src/auth.c ../src/comm.c ../src/hosts.c
../src/locks.c ../src/log.c ../src/nasl_plugins.c ../src/ntp_11.c
../src/openvassd.c ../src/otp_1_0.c ../src/oval_plugins.c ../src/parser.c
../src/piic.c ../src/pluginlaunch.c ../src/pluginload.c
../src/pluginscheduler.c ../src/plugs_hash.c ../src/plugs_req.c
../src/preferences.c ../src/processes.c ../src/rules.c ../src/save_kb.c
../src/shared_socket.c ../src/sighand.c ../src/users.c ../src/utils.c
../README ../INSTALL)
add_custom_target (doc COMMENT "Building documentation..."
DEPENDS Doxyfile .built-html)
DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/Doxyfile ${CMAKE_CURRENT_BINARY_DIR}/.built-html)
add_custom_target (doc-full COMMENT "Building documentation..."
DEPENDS Doxyfile_full .built-html_full)
endif (NOT DOXYGEN_EXECUTABLE)
add_custom_command (OUTPUT .built-html
COMMAND sh
ARGS -c \"${DOXYGEN_EXECUTABLE} ${CMAKE_CURRENT_BINARY_DIR}/Doxyfile && touch ${CMAKE_CURRENT_BINARY_DIR}/.built-html\;\"
DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/Doxyfile)
add_custom_command (OUTPUT .built-html
COMMAND sh
ARGS -c \"cd .. && ${DOXYGEN_EXECUTABLE} doc/Doxyfile && touch doc/.built-html\;\"
DEPENDS Doxyfile ${DOC_FILES})
add_custom_command (OUTPUT .built-html_full
COMMAND sh
ARGS -c \"cd .. && ${DOXYGEN_EXECUTABLE} doc/Doxyfile_full && touch doc/.built-html_full\;\"
DEPENDS Doxyfile_full ${DOC_FILES})
add_custom_target (doc-full COMMENT "Building documentation..."
DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/Doxyfile_full ${CMAKE_CURRENT_BINARY_DIR}/.built-html_full)
add_custom_command (OUTPUT .built-html_full
COMMAND sh
ARGS -c \"${DOXYGEN_EXECUTABLE} ${CMAKE_CURRENT_BINARY_DIR}/Doxyfile_full && touch ${CMAKE_CURRENT_BINARY_DIR}/.built-html_full\;\"
DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/Doxyfile_full)
endif (NOT DOXYGEN_EXECUTABLE)
......@@ -30,7 +30,7 @@ PROJECT_NUMBER = @CPACK_PACKAGE_VERSION@
# If a relative path is entered, it will be relative to the location
# where doxygen was started. If left blank the current directory will be used.
OUTPUT_DIRECTORY = doc/generated
OUTPUT_DIRECTORY = @CMAKE_BINARY_DIR@/doc/generated
# If the CREATE_SUBDIRS tag is set to YES, then doxygen will create
# 4096 sub-directories (in 2 levels) under the output directory of each output
......@@ -115,7 +115,7 @@ FULL_PATH_NAMES = YES
# If left blank the directory from which doxygen is run is used as the
# path to strip.
STRIP_FROM_PATH =
STRIP_FROM_PATH = @CMAKE_SOURCE_DIR@
# The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of
# the path mentioned in the documentation of a class, which tells
......@@ -459,7 +459,7 @@ WARN_LOGFILE =
# directories like "/usr/src/myproject". Separate the files or directories
# with spaces.
INPUT = src
INPUT = @CMAKE_SOURCE_DIR@/src
# If the value of the INPUT tag contains directories, you can use the
# FILE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
......@@ -474,7 +474,7 @@ FILE_PATTERNS =
# should be searched for input files as well. Possible values are YES and NO.
# If left blank NO is used.
RECURSIVE = YES
RECURSIVE = NO
# The EXCLUDE tag can be used to specify files and/or directories that should
# excluded from the INPUT source files. This way you can easily exclude a
......@@ -500,7 +500,7 @@ EXCLUDE_PATTERNS =
# directories that contain example code fragments that are included (see
# the \include command).
EXAMPLE_PATH = .
EXAMPLE_PATH = @CMAKE_SOURCE_DIR@
# If the value of the EXAMPLE_PATH tag contains directories, you can use the
# EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
......@@ -744,7 +744,7 @@ TREEVIEW_WIDTH = 250
# If the GENERATE_LATEX tag is set to YES (the default) Doxygen will
# generate Latex output.
GENERATE_LATEX = YES
GENERATE_LATEX = NO
# The LATEX_OUTPUT tag is used to specify where the LaTeX docs will be put.
# If a relative path is entered the value of OUTPUT_DIRECTORY will be
......
......@@ -30,7 +30,7 @@ PROJECT_NUMBER = @CPACK_PACKAGE_VERSION@
# If a relative path is entered, it will be relative to the location
# where doxygen was started. If left blank the current directory will be used.
OUTPUT_DIRECTORY = doc/generated
OUTPUT_DIRECTORY = @CMAKE_BINARY_DIR@/doc/generated
# If the CREATE_SUBDIRS tag is set to YES, then doxygen will create
# 4096 sub-directories (in 2 levels) under the output directory of each output
......@@ -115,7 +115,7 @@ FULL_PATH_NAMES = YES
# If left blank the directory from which doxygen is run is used as the
# path to strip.
STRIP_FROM_PATH =
STRIP_FROM_PATH = @CMAKE_SOURCE_DIR@
# The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of
# the path mentioned in the documentation of a class, which tells
......@@ -459,7 +459,7 @@ WARN_LOGFILE =
# directories like "/usr/src/myproject". Separate the files or directories
# with spaces.
INPUT = src
INPUT = @CMAKE_SOURCE_DIR@/src
# If the value of the INPUT tag contains directories, you can use the
# FILE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
......@@ -474,7 +474,7 @@ FILE_PATTERNS =
# should be searched for input files as well. Possible values are YES and NO.
# If left blank NO is used.
RECURSIVE = YES
RECURSIVE = NO
# The EXCLUDE tag can be used to specify files and/or directories that should
# excluded from the INPUT source files. This way you can easily exclude a
......@@ -500,7 +500,7 @@ EXCLUDE_PATTERNS =
# directories that contain example code fragments that are included (see
# the \include command).
EXAMPLE_PATH = ./
EXAMPLE_PATH = @CMAKE_SOURCE_DIR@
# If the value of the EXAMPLE_PATH tag contains directories, you can use the
# EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
......@@ -600,7 +600,7 @@ USE_HTAGS = NO
# will generate a verbatim copy of the header file for each class for
# which an include is specified. Set to NO to disable this.
VERBATIM_HEADERS = NO
VERBATIM_HEADERS = YES
#---------------------------------------------------------------------------
# configuration options related to the alphabetical class index
......
This diff is collapsed.
This diff is collapsed.
$Id: kb_entries.txt 1246 2008-08-29 14:56:30Z jan $
ATTENTION: THIS LIST OF ENTRIES SEEMS TO NOT OCCUR (SET) in OPENVAS NVTS!
This means that these entries are probably set by proprietary scripts
or are hopelessly outdated.
Name Value Meaning
-----------------------------------------------------------------------------
cfingerd/version <version> Version of the remote cfingerd
finger/.@host 1 Fingering "." gives away the list of users
finger/0@host 1 Fingering "0" gives away the list of users
finger/active 1 The finger service works properly
finger/search.**@host 1 Fingering ".**" gives the list of users
finger/user@host1@host2 1 Finger can be used as a relay
ftp/anonymous 1 Anonymous FTP is enabled
ftp/ncftpd 1 The remote server is NcFTPd
ftp/no_mkdir 1 The remote server prevents the use of MKD
ftp/overflow 1 The remote server can be overflown
ftp/overflow_method <cmd> Command vulnerable to an overflow
ftp/pftp_login_problem 1 The remote pftp server allows " "/" " to log in
ftp/root_via_cwd 1 Wu-FTPd allows the becoming of root via CWD
ftp/root_via_site_exec 1 Wu-FTPd allows the becoming of root using SITE EXEC
ftp/wftp_login_problem 1 WFTP allows any login
ftp/writeable_dir <dir> Name of a user-writeable dir
ftp/wu_ftpd_overflow 1 Wu-FTPd vulnerable to an overflow
http/10 1 HTTP/1.0 is spoken here
http/11 1 HTTP/1.1 is spoken here
Proxy/usage 1 The remote proxy can be used
RPC/NIS/domain domainname NIS domain
rpc/bootparamd 1 Bootparamd is present
rpc/portmap 1 Portmap is reachable
rsh/active 1 rsh is working properly
SMB/Users/Enumerated 1 The SMB users have been enumerated (through sid2user or via SNMP)
SMB/Win2K/ServicePack <ServicePack> ServicePack applied on the remote W2K server
SMB/WinNT4/ServicePack <ServicePack> ServicePack applied on the remote WNT4
SMB/WindowsVersion <Version> Version of windows the remote host is running
SMB/browse <BrowseList> Browse list of the remote host
SMB/domain_sid <SID> SID of the host's domain
SMB/login <login> Login to use for the tests
SMB/password <password> Password that goes with the login
SMB/registry_access 1 We can access to the remote registry
SMB/registry_full_access 1 We can access any value in the remote registry
SMB/shares <shares> List of shares exported by the remote server
SMB/svcs <svcs> Services run by the remote server
SMB/Users/<num> <username> Name of SMB users
SMB/ValidUsers/<num>/Login <username> Name of a (working) SMB user
SMB/ValidUsers/<num>/Password <passwd> Password of a valid SMB user
Sawmill/method <string> Is Sawmill running as a CGI or in standalone mode ?
Sawmill/readline <string> Sawmill can read the first line of any remote file
Services/nntp <port> Port of the remote NNTP server
Services/swat <port> Port of the remore SWAT server
Services/vqServer-admin <port> Port of the remote vqServer admin
Services/www <port> Port of the remote web server
Services/realserver <port> Port of the remote real server
Services/smtp <port> Port of the remote SMTP server