def check_feed(self):
"""Check if there is a feed update.
Wait until all the running scans finished. Set a flag to announce there
is a pending feed update, which avoids to start a new scan.
"""
if not self.vts.is_cache_available:
return
current_feed = self.nvti.get_feed_version()
is_outdated = self.feed_is_outdated(current_feed)
# Check if the nvticache in redis is outdated
if not current_feed or is_outdated:
with self.feed_lock as fl:
if fl.has_lock():
self.initialized = False
Openvas.load_vts_into_redis()
notushandler = NotusMetadataHandler(nvti=self.nvti)
notushandler.update_metadata()
current_feed = self.nvti.get_feed_version()
self.set_vts_version(vts_version=current_feed)
vthelper = VtHelper(self.nvti)
self.vts.sha256_hash = (
vthelper.calculate_vts_collection_hash())
self.initialized = True
else:
logger.debug("The feed was not upload or it is outdated, "
"but other process is locking the update. "
"Trying again later...")
return
def test_load_vts_into_redis(self, mock_check_call, mock_logger):
Openvas.load_vts_into_redis()
mock_check_call.assert_called_with(['openvas', '--update-vt-info'],
stdout=subprocess.DEVNULL)
mock_logger.error.assert_not_called()
def test_load_vts_into_redis_with_error(self, mock_check_call: MagicMock,
mock_logger: MagicMock):
mock_check_call.side_effect = subprocess.SubprocessError('foo')
Openvas.load_vts_into_redis()
mock_check_call.assert_called_with(['openvas', '--update-vt-info'],
stdout=subprocess.DEVNULL)
self.assertEqual(mock_logger.error.call_count, 1)
def init(self, server: BaseServer) -> None:
server.start(self.handle_client_stream)
self.scanner_info['version'] = Openvas.get_version()
self.set_params_from_openvas_settings()
if not self.nvti.ctx:
with self.feed_lock.wait_for_lock():
Openvas.load_vts_into_redis()
self.load_vts()
self.initialized = True
def init(self, server: BaseServer) -> None:
server.start(self.handle_client_stream)
self.scanner_info['version'] = Openvas.get_version()
self.set_params_from_openvas_settings()
with self.feed_lock.wait_for_lock():
Openvas.load_vts_into_redis()
current_feed = self.nvti.get_feed_version()
self.set_vts_version(vts_version=current_feed)
vthelper = VtHelper(self.nvti)
self.vts.sha256_hash = vthelper.calculate_vts_collection_hash()
self.initialized = True
def init(self, server: BaseServer) -> None:
notus_handler = NotusResultHandler(self.report_results)
if self._mqtt_broker_address:
try:
client = MQTTClient(self._mqtt_broker_address,
self._mqtt_broker_port, "ospd")
daemon = MQTTDaemon(client)
subscriber = MQTTSubscriber(client)
subscriber.subscribe(ResultMessage,
notus_handler.result_handler)
daemon.run()
except (ConnectionRefusedError, gaierror, ValueError) as e:
logger.error(
"Could not connect to MQTT broker at %s, error was: %s."
" Unable to get results from Notus.",
self._mqtt_broker_address,
e,
)
else:
logger.info(
"MQTT Broker Adress empty. MQTT disabled. Unable to get Notus"
" results.")
self.scan_collection.init()
server.start(self.handle_client_stream)
self.scanner_info['version'] = Openvas.get_version()
self.set_params_from_openvas_settings()
with self.feed_lock.wait_for_lock():
Openvas.load_vts_into_redis()
self.set_feed_info()
logger.debug("Calculating vts integrity check hash...")
vthelper = VtHelper(self.nvti)
self.vts.sha256_hash = vthelper.calculate_vts_collection_hash()
self.initialized = True
def init(self, server: BaseServer) -> None:
self.scan_collection.init()
server.start(self.handle_client_stream)
self.scanner_info['version'] = Openvas.get_version()
self.set_params_from_openvas_settings()
with self.feed_lock.wait_for_lock():
Openvas.load_vts_into_redis()
notushandler = NotusMetadataHandler(nvti=self.nvti)
notushandler.update_metadata()
current_feed = self.nvti.get_feed_version()
self.set_vts_version(vts_version=current_feed)
logger.debug("Calculating vts integrity check hash...")
vthelper = VtHelper(self.nvti)
self.vts.sha256_hash = vthelper.calculate_vts_collection_hash()
self.initialized = True
def check_feed(self):
""" Check if there is a feed update.
Wait until all the running scans finished. Set a flag to announce there
is a pending feed update, which avoids to start a new scan.
"""
current_feed = self.nvti.get_feed_version()
is_outdated = self.feed_is_outdated(current_feed)
# Check if the feed is already accessible from the disk.
if current_feed and is_outdated is None:
self.pending_feed = True
return
# Check if the nvticache in redis is outdated
if not current_feed or is_outdated:
self.pending_feed = True
with self.feed_lock as fl:
if fl.has_lock():
Openvas.load_vts_into_redis()
else:
logger.debug(
"The feed was not upload or it is outdated, "
"but other process is locking the update. "
"Trying again later..."
)
return
_running_scan = False
for scan_id in self.scan_processes:
if self.scan_processes[scan_id].is_alive():
_running_scan = True
# Check if the NVT dict is outdated
if self.pending_feed:
_pending_feed = True
else:
_pending_feed = (
self.get_vts_version() != self.nvti.get_feed_version()
)
_feed_is_healthy = self.feed_is_healthy()
if _running_scan and not _feed_is_healthy:
_pending_feed = True
with self.feed_lock as fl:
if fl.has_lock():
self.nvti.force_reload()
Openvas.load_vts_into_redis()
else:
logger.debug(
"The VT Cache in memory is not healthy "
"and other process is locking the update. "
"Trying again later..."
)
return
if _running_scan and _pending_feed:
if not self.pending_feed:
self.pending_feed = True
logger.info(
'There is a running scan process locking the feed update. '
'Therefore the feed update will be performed later.'
)
elif (
_pending_feed
and not _running_scan
and not self.feed_lock.is_locked()
):
self.vts.clear()
self.load_vts()
