Fix: configure different redis url within openvas and openvasd

When incorrectly configured it can happen that openvasd and openvas use different redis.url. To fix it there is a check on startup to verify both urls and when there is different the openvas is used instead of the configured one.
greenbone · Apr 8, 2024 · 5834881 · 5834881
1 parent 68eeeb1
commit 5834881
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 6 deletions.
diff --git a/rust/openvas/src/openvas.rs b/rust/openvas/src/openvas.rs
@@ -89,19 +89,19 @@ impl From<OpenvasPhase> for Phase {
 }
 
 impl Scanner {
-    pub fn with_sudo_enabled() -> Self {
+    pub fn with_sudo_enabled(url: String) -> Self {
         Self {
             running: Default::default(),
             sudo: true,
-            redis_socket: String::new(),
+            redis_socket: url,
         }
     }
 
-    pub fn with_sudo_disabled() -> Self {
+    pub fn with_sudo_disabled(url: String) -> Self {
         Self {
             running: Default::default(),
             sudo: false,
-            redis_socket: String::new(),
+            redis_socket: url,
         }
     }
     /// Removes a scan from init and add it to the list of running scans
@@ -122,6 +122,7 @@ impl Scanner {
             None => [NameSpaceSelector::Free],
         };
 
+        tracing::trace!(url = &self.redis_socket, "connecting to redis");
         let kbctx = Arc::new(Mutex::new(
             RedisCtx::open(&self.redis_socket, &namespace)
                 .expect("Not possible to connect to Redis"),

diff --git a/rust/openvasd/src/main.rs b/rust/openvasd/src/main.rs
@@ -133,7 +133,7 @@ where
 
 #[tokio::main]
 async fn main() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
-    let config = config::Config::load();
+    let mut config = config::Config::load();
     let filter = tracing_subscriber::EnvFilter::builder()
         .with_default_directive(tracing::metadata::LevelFilter::INFO.into())
         .parse_lossy(format!("{},rustls=info,h2=info", &config.log.level));
@@ -153,6 +153,13 @@ async fn main() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
             )
             .await
         }
-        config::ScannerType::Openvas => run(openvas::Scanner::default(), &config).await,
+        config::ScannerType::Openvas => {
+            let redis_url = openvas::cmd::get_redis_socket();
+            if redis_url != config.storage.redis.url {
+                tracing::warn!(openvas_redis=&redis_url, openvasd_redis=&config.storage.redis.url, "openvas and openvasd use different redis connection. Overriding openvasd#storage.redis.url");
+                config.storage.redis.url = redis_url;
+            }
+            run(openvas::Scanner::default(), &config).await
+        }
     }
 }