diff --git a/src/gmp.c b/src/gmp.c
index 98a06c638..ad3be4eb6 100644
--- a/src/gmp.c
+++ b/src/gmp.c
@@ -918,28 +918,28 @@ create_schedule_data_reset (create_schedule_data_t *data)
*/
typedef struct
{
- char *alive_tests; ///< Alive tests.
- char *allow_simultaneous_ips; ///< Boolean. Whether to scan multiple IPs of a host simultaneously.
- char *asset_hosts_filter; ///< Asset hosts.
- char *comment; ///< Comment.
- char *exclude_hosts; ///< Hosts to exclude from set.
- char *reverse_lookup_only; ///< Boolean. Whether to consider only hosts that reverse lookup.
- char *reverse_lookup_unify; ///< Boolean. Whether to unify based on reverse lookup.
- char *copy; ///< UUID of resource to copy.
- char *hosts; ///< Hosts for new target.
- char *port_list_id; ///< Port list for new target.
- char *port_range; ///< Port range for new target.
- char *ssh_credential_id; ///< SSH credential for new target.
- char *ssh_lsc_credential_id; ///< SSH credential (deprecated).
- char *ssh_elevate_credential_id ; ///< SSH elevation credential.
- char *ssh_port; ///< Port for SSH.
- char *ssh_lsc_port; ///< Port for SSH (deprecated).
- char *smb_credential_id; ///< SMB credential for new target.
- char *smb_lsc_credential_id; ///< SMB credential (deprecated).
- char *esxi_credential_id; ///< ESXi credential for new target.
- char *esxi_lsc_credential_id; ///< ESXi credential (deprecated).
- char *snmp_credential_id; ///< SNMP credential for new target.
- char *name; ///< Name of new target.
+ char *alive_tests; ///< Alive tests.
+ char *allow_simultaneous_ips; ///< Boolean. Whether to scan multiple IPs of a host simultaneously.
+ char *asset_hosts_filter; ///< Asset hosts.
+ char *comment; ///< Comment.
+ char *exclude_hosts; ///< Hosts to exclude from set.
+ char *reverse_lookup_only; ///< Boolean. Whether to consider only hosts that reverse lookup.
+ char *reverse_lookup_unify; ///< Boolean. Whether to unify based on reverse lookup.
+ char *copy; ///< UUID of resource to copy.
+ char *hosts; ///< Hosts for new target.
+ char *port_list_id; ///< Port list for new target.
+ char *port_range; ///< Port range for new target.
+ char *ssh_credential_id; ///< SSH credential for new target.
+ char *ssh_lsc_credential_id; ///< SSH credential (deprecated).
+ char *ssh_elevate_credential_id; ///< SSH elevation credential.
+ char *ssh_port; ///< Port for SSH.
+ char *ssh_lsc_port; ///< Port for SSH (deprecated).
+ char *smb_credential_id; ///< SMB credential for new target.
+ char *smb_lsc_credential_id; ///< SMB credential (deprecated).
+ char *esxi_credential_id; ///< ESXi credential for new target.
+ char *esxi_lsc_credential_id; ///< ESXi credential (deprecated).
+ char *snmp_credential_id; ///< SNMP credential for new target.
+ char *name; ///< Name of new target.
} create_target_data_t;
/**
@@ -16314,16 +16314,19 @@ handle_get_targets (gmp_parser_t *gmp_parser, GError **error)
{
char *ssh_name, *ssh_uuid, *smb_name, *smb_uuid;
char *esxi_name, *esxi_uuid, *snmp_name, *snmp_uuid;
+ char *ssh_elevate_name, *ssh_elevate_uuid;
const char *port_list_uuid, *port_list_name, *ssh_port;
const char *hosts, *exclude_hosts, *reverse_lookup_only;
const char *reverse_lookup_unify, *allow_simultaneous_ips;
credential_t ssh_credential, smb_credential;
credential_t esxi_credential, snmp_credential;
+ credential_t ssh_elevate_credential;
int port_list_trash, max_hosts, port_list_available;
int ssh_credential_available;
int smb_credential_available;
int esxi_credential_available;
int snmp_credential_available;
+ int ssh_elevate_credential_available;
ret = get_next (&targets, &get_targets_data->get, &first,
&count, init_target_iterator);
@@ -16339,6 +16342,7 @@ handle_get_targets (gmp_parser_t *gmp_parser, GError **error)
smb_credential = target_iterator_smb_credential (&targets);
esxi_credential = target_iterator_esxi_credential (&targets);
snmp_credential = target_iterator_snmp_credential (&targets);
+ ssh_elevate_credential = target_iterator_ssh_elevate_credential (&targets);
ssh_credential_available = 1;
if (get_targets_data->get.trash
&& target_iterator_ssh_trash (&targets))
@@ -16451,6 +16455,35 @@ handle_get_targets (gmp_parser_t *gmp_parser, GError **error)
snmp_name = NULL;
snmp_uuid = NULL;
}
+ ssh_elevate_credential_available = 1;
+ if (get_targets_data->get.trash
+ && target_iterator_ssh_elevate_trash (&targets))
+ {
+ ssh_elevate_name
+ = trash_credential_name (ssh_elevate_credential);
+ ssh_elevate_uuid
+ = trash_credential_uuid (ssh_elevate_credential);
+ ssh_elevate_credential_available
+ = trash_credential_readable (ssh_elevate_credential);
+ }
+ else if (ssh_elevate_credential)
+ {
+ credential_t found;
+
+ ssh_elevate_name = credential_name (ssh_elevate_credential);
+ ssh_elevate_uuid = credential_uuid (ssh_elevate_credential);
+ if (find_credential_with_permission
+ (ssh_elevate_uuid,
+ &found,
+ "get_credentials"))
+ abort ();
+ ssh_elevate_credential_available = (found > 0);
+ }
+ else
+ {
+ ssh_elevate_name = NULL;
+ ssh_elevate_uuid = NULL;
+ }
port_list_uuid = target_iterator_port_list_uuid (&targets);
port_list_name = target_iterator_port_list_name (&targets);
port_list_trash = target_iterator_port_list_trash (&targets);
@@ -16549,6 +16582,18 @@ handle_get_targets (gmp_parser_t *gmp_parser, GError **error)
SEND_TO_CLIENT_OR_FAIL ("");
SENDF_TO_CLIENT_OR_FAIL (""
+ ""
+ "%s"
+ "%i",
+ ssh_elevate_uuid ? ssh_elevate_uuid : "",
+ ssh_elevate_name ? ssh_elevate_name : "",
+ (get_targets_data->get.trash
+ && target_iterator_ssh_elevate_trash (&targets)));
+
+ if (ssh_elevate_credential_available == 0)
+ SEND_TO_CLIENT_OR_FAIL ("");
+
+ SENDF_TO_CLIENT_OR_FAIL (""
""
"%s"
""
@@ -16604,6 +16649,8 @@ handle_get_targets (gmp_parser_t *gmp_parser, GError **error)
free (smb_uuid);
free (esxi_name);
free (esxi_uuid);
+ free (ssh_elevate_name);
+ free (ssh_elevate_uuid);
}
cleanup_iterator (&targets);
filtered = get_targets_data->get.id
diff --git a/src/manage.h b/src/manage.h
index 4552aaae4..9e79f7214 100644
--- a/src/manage.h
+++ b/src/manage.h
@@ -1643,6 +1643,9 @@ target_iterator_esxi_credential (iterator_t*);
int
target_iterator_snmp_credential (iterator_t*);
+int
+target_iterator_ssh_elevate_credential (iterator_t*);
+
int
target_iterator_ssh_trash (iterator_t*);
@@ -1655,6 +1658,9 @@ target_iterator_esxi_trash (iterator_t*);
int
target_iterator_snmp_trash (iterator_t*);
+int
+target_iterator_ssh_elevate_trash (iterator_t*);
+
const char*
target_iterator_allow_simultaneous_ips (iterator_t*);
diff --git a/src/manage_sql.c b/src/manage_sql.c
index 84a005ca3..aaeb6b736 100644
--- a/src/manage_sql.c
+++ b/src/manage_sql.c
@@ -31526,92 +31526,104 @@ modify_target (const char *target_id, const char *name, const char *hosts,
#define TARGET_ITERATOR_FILTER_COLUMNS \
{ GET_ITERATOR_FILTER_COLUMNS, "hosts", "exclude_hosts", "ips", "port_list", \
"ssh_credential", "smb_credential", "esxi_credential", "snmp_credential", \
- NULL }
+ "ssh_elevate_credential", NULL }
/**
* @brief Target iterator columns.
*/
-#define TARGET_ITERATOR_COLUMNS \
- { \
- GET_ITERATOR_COLUMNS (targets), \
- { "hosts", NULL, KEYWORD_TYPE_STRING }, \
- { "target_credential (id, 0, CAST ('ssh' AS text))", \
- NULL, \
- KEYWORD_TYPE_INTEGER }, \
- { "target_login_port (id, 0, CAST ('ssh' AS text))", \
- "ssh_port", \
- KEYWORD_TYPE_INTEGER }, \
- { "target_credential (id, 0, CAST ('smb' AS text))", \
- NULL, \
- KEYWORD_TYPE_INTEGER }, \
- { "port_list", NULL, KEYWORD_TYPE_INTEGER }, \
- { "0", NULL, KEYWORD_TYPE_INTEGER }, \
- { "0", NULL, KEYWORD_TYPE_INTEGER }, \
- { \
- "(SELECT uuid FROM port_lists" \
- " WHERE port_lists.id = port_list)", \
- NULL, \
- KEYWORD_TYPE_STRING \
- }, \
- { \
- "(SELECT name FROM port_lists" \
- " WHERE port_lists.id = port_list)", \
- "port_list", \
- KEYWORD_TYPE_STRING \
- }, \
- { "0", NULL, KEYWORD_TYPE_INTEGER }, \
- { "exclude_hosts", NULL, KEYWORD_TYPE_STRING }, \
- { "reverse_lookup_only", NULL, KEYWORD_TYPE_INTEGER }, \
- { "reverse_lookup_unify", NULL, KEYWORD_TYPE_INTEGER }, \
- { "alive_test", NULL, KEYWORD_TYPE_INTEGER }, \
- { "target_credential (id, 0, CAST ('esxi' AS text))", \
- NULL, \
- KEYWORD_TYPE_INTEGER }, \
- { "0", NULL, KEYWORD_TYPE_INTEGER }, \
- { "target_credential (id, 0, CAST ('snmp' AS text))", \
- NULL, \
- KEYWORD_TYPE_INTEGER }, \
- { "0", NULL, KEYWORD_TYPE_INTEGER }, \
- { "allow_simultaneous_ips", \
- NULL, \
- KEYWORD_TYPE_INTEGER }, \
- { \
- "(SELECT name FROM credentials" \
- " WHERE credentials.id" \
- " = target_credential (targets.id, 0," \
- " CAST ('ssh' AS text)))", \
- "ssh_credential", \
- KEYWORD_TYPE_STRING \
- }, \
- { \
- "(SELECT name FROM credentials" \
- " WHERE credentials.id" \
- " = target_credential (targets.id, 0," \
- " CAST ('smb' AS text)))", \
- "smb_credential", \
- KEYWORD_TYPE_STRING \
- }, \
- { \
- "(SELECT name FROM credentials" \
- " WHERE credentials.id" \
- " = target_credential (targets.id, 0," \
- " CAST ('esxi' AS text)))", \
- "esxi_credential", \
- KEYWORD_TYPE_STRING \
- }, \
- { \
- "(SELECT name FROM credentials" \
- " WHERE credentials.id" \
- " = target_credential (targets.id, 0," \
- " CAST ('snmp' AS text)))", \
- "snmp_credential", \
- KEYWORD_TYPE_STRING \
- }, \
- { "hosts", NULL, KEYWORD_TYPE_STRING }, \
- { "max_hosts (hosts, exclude_hosts)", \
- "ips", \
- KEYWORD_TYPE_INTEGER }, \
- { NULL, NULL, KEYWORD_TYPE_UNKNOWN } \
+#define TARGET_ITERATOR_COLUMNS \
+ { \
+ GET_ITERATOR_COLUMNS (targets), \
+ { "hosts", NULL, KEYWORD_TYPE_STRING }, \
+ { "target_credential (id, 0, CAST ('ssh' AS text))", \
+ NULL, \
+ KEYWORD_TYPE_INTEGER }, \
+ { "target_login_port (id, 0, CAST ('ssh' AS text))", \
+ "ssh_port", \
+ KEYWORD_TYPE_INTEGER }, \
+ { "target_credential (id, 0, CAST ('smb' AS text))", \
+ NULL, \
+ KEYWORD_TYPE_INTEGER }, \
+ { "port_list", NULL, KEYWORD_TYPE_INTEGER }, \
+ { "0", NULL, KEYWORD_TYPE_INTEGER }, \
+ { "0", NULL, KEYWORD_TYPE_INTEGER }, \
+ { \
+ "(SELECT uuid FROM port_lists" \
+ " WHERE port_lists.id = port_list)", \
+ NULL, \
+ KEYWORD_TYPE_STRING \
+ }, \
+ { \
+ "(SELECT name FROM port_lists" \
+ " WHERE port_lists.id = port_list)", \
+ "port_list", \
+ KEYWORD_TYPE_STRING \
+ }, \
+ { "0", NULL, KEYWORD_TYPE_INTEGER }, \
+ { "exclude_hosts", NULL, KEYWORD_TYPE_STRING }, \
+ { "reverse_lookup_only", NULL, KEYWORD_TYPE_INTEGER }, \
+ { "reverse_lookup_unify", NULL, KEYWORD_TYPE_INTEGER }, \
+ { "alive_test", NULL, KEYWORD_TYPE_INTEGER }, \
+ { "target_credential (id, 0, CAST ('esxi' AS text))", \
+ NULL, \
+ KEYWORD_TYPE_INTEGER }, \
+ { "0", NULL, KEYWORD_TYPE_INTEGER }, \
+ { "target_credential (id, 0, CAST ('snmp' AS text))", \
+ NULL, \
+ KEYWORD_TYPE_INTEGER }, \
+ { "0", NULL, KEYWORD_TYPE_INTEGER }, \
+ { "target_credential (id, 0, CAST ('elevate' AS text))", \
+ NULL, \
+ KEYWORD_TYPE_INTEGER }, \
+ { "0", NULL, KEYWORD_TYPE_INTEGER }, \
+ { "allow_simultaneous_ips", \
+ NULL, \
+ KEYWORD_TYPE_INTEGER }, \
+ { \
+ "(SELECT name FROM credentials" \
+ " WHERE credentials.id" \
+ " = target_credential (targets.id, 0," \
+ " CAST ('ssh' AS text)))", \
+ "ssh_credential", \
+ KEYWORD_TYPE_STRING \
+ }, \
+ { \
+ "(SELECT name FROM credentials" \
+ " WHERE credentials.id" \
+ " = target_credential (targets.id, 0," \
+ " CAST ('smb' AS text)))", \
+ "smb_credential", \
+ KEYWORD_TYPE_STRING \
+ }, \
+ { \
+ "(SELECT name FROM credentials" \
+ " WHERE credentials.id" \
+ " = target_credential (targets.id, 0," \
+ " CAST ('esxi' AS text)))", \
+ "esxi_credential", \
+ KEYWORD_TYPE_STRING \
+ }, \
+ { \
+ "(SELECT name FROM credentials" \
+ " WHERE credentials.id" \
+ " = target_credential (targets.id, 0," \
+ " CAST ('snmp' AS text)))", \
+ "snmp_credential", \
+ KEYWORD_TYPE_STRING \
+ }, \
+ { \
+ "(SELECT name FROM credentials" \
+ " WHERE credentials.id" \
+ " = target_credential (targets.id, 0," \
+ " CAST ('elevate' AS text)))", \
+ "ssh_elevate_credential", \
+ KEYWORD_TYPE_STRING \
+ }, \
+ { "hosts", NULL, KEYWORD_TYPE_STRING }, \
+ { "max_hosts (hosts, exclude_hosts)", \
+ "ips", \
+ KEYWORD_TYPE_INTEGER }, \
+ { NULL, NULL, KEYWORD_TYPE_UNKNOWN } \
}
/**
@@ -32000,6 +32012,38 @@ target_iterator_snmp_trash (iterator_t* iterator)
return ret;
}
+/**
+ * @brief Get the ELEVATE LSC credential from a target iterator.
+ *
+ * @param[in] iterator Iterator.
+ *
+ * @return ELEVATE LSC credential.
+ */
+int
+target_iterator_ssh_elevate_credential (iterator_t* iterator)
+{
+ int ret;
+ if (iterator->done) return -1;
+ ret = iterator_int (iterator, GET_ITERATOR_COLUMN_COUNT + 18);
+ return ret;
+}
+
+/**
+ * @brief Get the ELEVATE LSC credential location from a target iterator.
+ *
+ * @param[in] iterator Iterator.
+ *
+ * @return ELEVATE LSC credential.
+ */
+int
+target_iterator_ssh_elevate_trash (iterator_t* iterator)
+{
+ int ret;
+ if (iterator->done) return -1;
+ ret = iterator_int (iterator, GET_ITERATOR_COLUMN_COUNT + 19);
+ return ret;
+}
+
/**
* @brief Get the allow_simultaneous_ips value from a target iterator.
*
@@ -32008,7 +32052,7 @@ target_iterator_snmp_trash (iterator_t* iterator)
* @return allow_simult_ips_same_host or NULL if iteration is complete.
*/
DEF_ACCESS (target_iterator_allow_simultaneous_ips,
- GET_ITERATOR_COLUMN_COUNT + 18);
+ GET_ITERATOR_COLUMN_COUNT + 20);
/**
* @brief Return the UUID of a tag.
@@ -32258,6 +32302,19 @@ target_esxi_credential (target_t target)
return target_credential (target, "esxi");
}
+/**
+ * @brief Return the ELEVATE credential associated with a target, if any.
+ *
+ * @param[in] target Target.
+ *
+ * @return ELEVATE credential if any, else 0.
+ */
+credential_t
+target_ssh_elevate_credential (target_t target)
+{
+ return target_credential (target, "elevate");
+}
+
/**
* @brief Return the port list associated with a target, if any.
*
diff --git a/src/manage_sql.h b/src/manage_sql.h
index 76dd0b95b..519e9bbb1 100644
--- a/src/manage_sql.h
+++ b/src/manage_sql.h
@@ -316,6 +316,7 @@ port_list_t target_port_list (target_t);
credential_t target_ssh_credential (target_t);
credential_t target_smb_credential (target_t);
credential_t target_esxi_credential (target_t);
+credential_t target_ssh_elevate_credential (target_t);
int create_current_report (task_t, char **, task_status_t);