From fbae05b202840a09c3f0e5b4338f52976c83aec4 Mon Sep 17 00:00:00 2001 From: Johannes Helmold Date: Thu, 24 Jun 2021 07:52:59 +0200 Subject: [PATCH 1/6] Amended if clauses for ssh_elevate_credential/ssh_credential Test In manage_sql.c: Amended the if clause for the Test if the ssh_credential differs from the ssh_elevate_credential in functions "create_target(...)" and "modify_target(...)". --- src/manage_sql.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/manage_sql.c b/src/manage_sql.c index f43d4a305..60040e4d9 100644 --- a/src/manage_sql.c +++ b/src/manage_sql.c @@ -30669,7 +30669,7 @@ create_target (const char* name, const char* asset_hosts_filter, if (ssh_elevate_credential && (!ssh_credential)) return 14; - if (ssh_elevate_credential == ssh_credential) + if (ssh_credential && (ssh_elevate_credential == ssh_credential)) return 15; sql_begin_immediate (); @@ -31158,7 +31158,7 @@ modify_target (const char *target_id, const char *name, const char *hosts, return 24; } - if (ssh_elevate_credential_id == ssh_credential_id) + if (ssh_credential_id && (ssh_elevate_credential_id == ssh_credential_id)) { sql_rollback (); return 25; From fc25a57b90fb468275e3aec75bf5ccb0e25cd938 Mon Sep 17 00:00:00 2001 From: Johannes Helmold Date: Thu, 24 Jun 2021 08:22:14 +0200 Subject: [PATCH 2/6] CHANGELOG entry: Amendment ssh_elevate_credential / ssh_credential Test. --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e1a585693..6d9859bb0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,7 +10,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Add NVT tag "deprecated" [#1536](https://github.com/greenbone/gvmd/pull/1536) - Extend GMP for new privilege escalation credential [#1535](https://github.com/greenbone/gvmd/pull/1535) - Include new ssh elevate (escalation) credential in OSP request [#1539](https://github.com/greenbone/gvmd/pull/1539) -- Add test if the ssh elevate credential is different from the ssh credential [#1582](https://github.com/greenbone/gvmd/pull/1582) +- Add test if the ssh elevate credential is different from the ssh credential [#1582](https://github.com/greenbone/gvmd/pull/1582) [#1586](https://github.com/greenbone/gvmd/pull/1586) ### Changed - Update default log config [#1501](https://github.com/greenbone/gvmd/pull/1501) From 6c60daead1a8efcf178b04a877e2cf70886fe0b7 Mon Sep 17 00:00:00 2001 From: Johannes Helmold Date: Thu, 24 Jun 2021 09:15:30 +0200 Subject: [PATCH 3/6] Changed CHANGELOG entry : Amendment ssh_elevate_credential / ssh_credential Test. --- CHANGELOG.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a7f0d5a11..87080d87b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -20,7 +20,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Add NVT tag "deprecated" [#1536](https://github.com/greenbone/gvmd/pull/1536) - Extend GMP for new privilege escalation credential [#1535](https://github.com/greenbone/gvmd/pull/1535) - Include new ssh elevate (escalation) credential in OSP request [#1539](https://github.com/greenbone/gvmd/pull/1539) -- Add test if the ssh elevate credential is different from the ssh credential [#1582](https://github.com/greenbone/gvmd/pull/1582) [#1586](https://github.com/greenbone/gvmd/pull/1586) +- Add test if the ssh elevate credential is different from the ssh credential [#1582](https://github.com/greenbone/gvmd/pull/1582) ### Changed - Update default log config [#1501](https://github.com/greenbone/gvmd/pull/1501) @@ -33,6 +33,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Migrate GMP Scanners to OSP Sensors [#1533](https://github.com/greenbone/gvmd/pull/1533) - Solved a peformance problem for tasks after scanning lots of hosts [#1567](https://github.com/greenbone/gvmd/pull/1567) - Solved a performance problem when filtering results by tags [#1579](https://github.com/greenbone/gvmd/pull/1579) +- Amended Test, if the ssh elevate credential is different from the ssh credential [#1586](https://github.com/greenbone/gvmd/pull/1586) [21.4.0]: https://github.com/greenbone/gvmd/compare/v21.4.0...gvmd-21.04 From 7110683e1a59c6f6f251ec8f1ba20bff92136d65 Mon Sep 17 00:00:00 2001 From: Johannes Helmold Date: Thu, 24 Jun 2021 09:56:59 +0200 Subject: [PATCH 4/6] Changed CHANGELOG entry: Amendment ssh_elevate_credential / ssh_credential Test. --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index bac4beb2f..8d13d4605 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ### Deprecated ### Removed ### Fixed +- Amended Test, if the ssh elevate credential is different from the ssh credential [#1586](https://github.com/greenbone/gvmd/pull/1586) [Unreleased]: https://github.com/greenbone/gvmd/compare/v21.4.1...gvmd-21.04 @@ -33,7 +34,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Migrate GMP Scanners to OSP Sensors [#1533](https://github.com/greenbone/gvmd/pull/1533) - Solved a peformance problem for tasks after scanning lots of hosts [#1567](https://github.com/greenbone/gvmd/pull/1567) - Solved a performance problem when filtering results by tags [#1579](https://github.com/greenbone/gvmd/pull/1579) -- Amended Test, if the ssh elevate credential is different from the ssh credential [#1586](https://github.com/greenbone/gvmd/pull/1586) [21.4.1]: https://github.com/greenbone/gvmd/compare/v21.4.0...v21.4.1 From 6945200420e4675ad7c4e266515139a7e601446f Mon Sep 17 00:00:00 2001 From: Johannes Helmold Date: Thu, 24 Jun 2021 12:10:19 +0200 Subject: [PATCH 5/6] Changed if statement for ssh_elevate_credential/ssh_credential check. in manage_sql.c: Replaced the much to simple, erroneous if statement in function modify_target() by a more complex code. --- src/manage_sql.c | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) diff --git a/src/manage_sql.c b/src/manage_sql.c index 60040e4d9..364a25f19 100644 --- a/src/manage_sql.c +++ b/src/manage_sql.c @@ -31158,12 +31158,6 @@ modify_target (const char *target_id, const char *name, const char *hosts, return 24; } - if (ssh_credential_id && (ssh_elevate_credential_id == ssh_credential_id)) - { - sql_rollback (); - return 25; - } - target = 0; if (find_target_with_permission (target_id, &target, "modify_target")) { @@ -31341,6 +31335,7 @@ modify_target (const char *target_id, const char *name, const char *hosts, if (ssh_elevate_credential_id) { credential_t ssh_elevate_credential; + credential_t ssh_credential; if (target_in_use (target)) { @@ -31374,6 +31369,24 @@ modify_target (const char *target_id, const char *name, const char *hosts, } g_free (type); + ssh_credential = 0; + if (ssh_credential_id) + if (strcmp (ssh_credential_id, "0")) + { + if (find_credential_with_permission (ssh_credential_id, + &ssh_credential, + "get_credentials")) + { + sql_rollback (); + return -1; + } + if (ssh_elevate_credential == ssh_credential) + { + sql_rollback (); + return 25; + } + } + set_target_login_data (target, "elevate", ssh_elevate_credential, 0); } else From 566b77e0e4bb93500d37ae956e67a663fd265a72 Mon Sep 17 00:00:00 2001 From: Johannes Helmold Date: Fri, 25 Jun 2021 08:17:08 +0200 Subject: [PATCH 6/6] Changed if statement for ssh_elevate_credential/ssh_credential check again. In manage_sql.c, in function modify_target(...): Replaced the code for the check if the ssh_elevate_credential differs from the ssh_credential by a new one, that works in any case. Amended the check if there is a ssh_elevate_credential without a ssh_credential. --- src/manage_sql.c | 54 +++++++++++++++++++++--------------------------- 1 file changed, 24 insertions(+), 30 deletions(-) diff --git a/src/manage_sql.c b/src/manage_sql.c index 364a25f19..14d9e354f 100644 --- a/src/manage_sql.c +++ b/src/manage_sql.c @@ -31119,7 +31119,9 @@ delete_target (const char *target_id, int ultimate) * 18 invalid SSH credential type, 19 invalid SMB credential type, * 20 invalid ESXi credential type, 21 invalid SNMP credential type, * 22 failed to find SSH elevate cred, 23 invalid SSH elevate - * credential type, 99 permission denied, -1 error. + * credential type, 24 SSH elevate credential without SSH credential, + * 25 SSH elevate credential equals SSH credential, + * 99 permission denied, -1 error. */ int modify_target (const char *target_id, const char *name, const char *hosts, @@ -31133,6 +31135,8 @@ modify_target (const char *target_id, const char *name, const char *hosts, const char *allow_simultaneous_ips) { target_t target; + credential_t ssh_credential = 0; + credential_t ssh_elevate_credential = 0; assert (target_id); @@ -31152,12 +31156,6 @@ modify_target (const char *target_id, const char *name, const char *hosts, return 13; } - if (ssh_elevate_credential_id && (!ssh_credential_id)) - { - sql_rollback (); - return 24; - } - target = 0; if (find_target_with_permission (target_id, &target, "modify_target")) { @@ -31278,8 +31276,6 @@ modify_target (const char *target_id, const char *name, const char *hosts, if (ssh_credential_id) { - credential_t ssh_credential; - if (target_in_use (target)) { sql_rollback (); @@ -31334,9 +31330,6 @@ modify_target (const char *target_id, const char *name, const char *hosts, if (ssh_elevate_credential_id) { - credential_t ssh_elevate_credential; - credential_t ssh_credential; - if (target_in_use (target)) { sql_rollback (); @@ -31369,24 +31362,6 @@ modify_target (const char *target_id, const char *name, const char *hosts, } g_free (type); - ssh_credential = 0; - if (ssh_credential_id) - if (strcmp (ssh_credential_id, "0")) - { - if (find_credential_with_permission (ssh_credential_id, - &ssh_credential, - "get_credentials")) - { - sql_rollback (); - return -1; - } - if (ssh_elevate_credential == ssh_credential) - { - sql_rollback (); - return 25; - } - } - set_target_login_data (target, "elevate", ssh_elevate_credential, 0); } else @@ -31519,6 +31494,25 @@ modify_target (const char *target_id, const char *name, const char *hosts, set_target_login_data (target, "snmp", 0, 0); } + if (ssh_credential_id || ssh_elevate_credential_id) + { + if (!ssh_credential_id) + ssh_credential = target_ssh_credential (target); + if (!ssh_elevate_credential_id) + ssh_elevate_credential = target_ssh_elevate_credential (target); + + if (ssh_elevate_credential && !ssh_credential) + { + sql_rollback (); + return 24; + } + if (ssh_credential && (ssh_credential == ssh_elevate_credential)) + { + sql_rollback (); + return 25; + } + } + if (exclude_hosts) { gchar *quoted_exclude_hosts, *quoted_hosts, *clean, *clean_exclude;