Merge branch 'main' into single-crate

rust/src/models/host_info.rs

@@ -14,6 +14,7 @@ pub struct HostInfoBuilder {
     pub alive: u64,
     pub queued: u64,
     pub finished: u64,
+    pub scanning: Option<HashMap<String, i32>>,
 }
 
 impl HostInfoBuilder {
@@ -25,7 +26,8 @@ impl HostInfoBuilder {
             alive: self.alive,
             queued: self.queued,
             finished: self.finished,
-            scanning: HashMap::new(),
+            scanning: self.scanning,
+            remaining_vts_per_host: HashMap::new(),
         }
     }
 }
@@ -43,34 +45,41 @@ pub struct HostInfo {
     alive: u64,
     queued: u64,
     finished: u64,
+    // Hosts that are currently being scanned. The second entry is the host
+    // scan progress. Required for Openvas Scanner type
+    #[cfg_attr(
+        feature = "serde_support",
+        serde(skip_serializing_if = "Option::is_none")
+    )]
+    scanning: Option<HashMap<String, i32>>,
     // Hosts that are currently being scanned. The second entry is the number of
     // remaining VTs for this host.
-    scanning: HashMap<String, usize>,
+    remaining_vts_per_host: HashMap<String, usize>,
 }
 
 impl HostInfo {
     pub fn from_hosts_and_num_vts(hosts: &[Host], num_vts: usize) -> Self {
         Self {
             all: hosts.len() as u64,
             queued: hosts.len() as u64,
-            scanning: hosts.iter().map(|host| (host.clone(), num_vts)).collect(),
+            remaining_vts_per_host: hosts.iter().map(|host| (host.clone(), num_vts)).collect(),
             ..Default::default()
         }
     }
 
     pub fn register_finished_script(&mut self, target: &Host) {
-        if let Some(num_vts) = self.scanning.get_mut(target) {
+        if let Some(num_vts) = self.remaining_vts_per_host.get_mut(target) {
             *num_vts -= 1;
             if *num_vts == 0 {
                 self.finished += 1;
                 self.queued -= 1;
-                self.scanning.remove(target);
+                self.remaining_vts_per_host.remove(target);
             }
         }
     }
 
     pub fn finish(&mut self) {
-        self.scanning.clear();
+        self.remaining_vts_per_host.clear();
         assert_eq!(self.queued, 0);
     }
 
@@ -83,20 +92,33 @@ impl HostInfo {
     }
 
     pub fn update_with(mut self, other: &HostInfo) -> Self {
-        // total hosts value is sent once
+        // total hosts value is sent once and only once must be updated
         if other.all != 0 {
             self.all = other.all;
         }
-        // excluded hosts value is sent once
+        // excluded hosts value is sent once and only once must be updated
         if self.excluded == 0 {
             self.excluded = other.excluded;
         }
-        // if new dead/alive/finished hosts are found during the scan,
+        // new dead/alive/finished hosts are found during the scan.
         // the new count must be added to the previous one
         self.dead += other.dead;
         self.alive += other.alive;
         self.finished += other.finished;
-        self.scanning = other.scanning.clone();
+
+        // Update each single host status. Remove it if finished.
+        // Openvas doesn't keep the previous progress. Therefore
+        // the values already stored in Openvasd must be updated
+        // and never completely replaced.
+        let mut hs = other.scanning.clone().unwrap_or_default();
+        for (host, progress) in self.scanning.clone().unwrap_or_default().iter() {
+            if *progress == 100 || *progress == -1 {
+                hs.remove(host);
+            } else {
+                hs.insert(host.to_string(), *progress);
+            }
+        }
+        self.scanning = Some(hs);
         self
     }
 }

rust/src/openvas/openvas.rs

@@ -321,6 +321,7 @@ impl ScanResultFetcher for Scanner {
                     alive: all_results.count_alive as u64,
                     queued: 0,
                     finished: all_results.count_alive as u64,
+                    scanning: Some(all_results.host_status.clone()),
                 }
                 .build();
 
@@ -367,7 +368,6 @@ impl ScanResultFetcher for Scanner {
                         .map(|r| models::Result::from(r).clone())
                         .collect(),
                 };
-
                 // If the scan finished, release. Openvas "finished" status is translated todo
                 // Succeeded. It is necessary to read the exit code to know if it failed.
                 if status == Phase::Succeeded {

rust/src/openvasd/main.rs

@@ -19,6 +19,7 @@ use scannerlib::osp;
 use scannerlib::scanner::ScannerStackWithStorage;
 use scannerlib::storage::infisto::{ChaCha20IndexFileStorer, IndexedFileStorer};
 use storage::{FromConfigAndFeeds, Storage};
+use tls::tls_config;
 use tracing::{info, metadata::LevelFilter, warn};
 use tracing_subscriber::EnvFilter;
 
@@ -123,6 +124,7 @@ where
         .feed_config(config.feed.clone())
         .await
         .scanner(sh)
+        .tls_config(tls_config(config).unwrap_or(None))
         .api_key(config.endpoints.key.clone())
         .enable_get_scans(config.endpoints.enable_get_scans)
         .storage(db)
@@ -167,19 +169,27 @@ where
 }
 
 async fn run(config: &Config) -> Result<()> {
-    info!(mode = ?config.mode, storage_type=?config.storage.storage_type, "configuring storage devices");
+    info!(mode = ?config.mode, storage_type=?config.storage.storage_type, "Configuring storage devices");
     match config.storage.storage_type {
         StorageType::Redis => {
+            info!(url = config.storage.redis.url, "Using redis storage.");
             run_with_storage::<redis::Storage<inmemory::Storage<ChaCha20Crypt>>>(config).await
         }
-        StorageType::InMemory => run_with_storage::<inmemory::Storage<ChaCha20Crypt>>(config).await,
+        StorageType::InMemory => {
+            info!("Using in-memory storage. No sensitive data will be stored on disk.");
+            run_with_storage::<inmemory::Storage<ChaCha20Crypt>>(config).await
+        }
         StorageType::FileSystem => {
             if config.storage.fs.key.is_some() {
+                info!("Using in-file storage. Sensitive data will be encrypted stored on disk.");
                 run_with_storage::<file::Storage<ChaCha20IndexFileStorer<IndexedFileStorer>>>(
                     config,
                 )
                 .await
             } else {
+                warn!(
+                    "Using in-file storage. Sensitive data will be stored on disk without any encryption."
+                );
                 run_with_storage::<file::Storage<IndexedFileStorer>>(config).await
             }
         }

rust/src/openvasd/storage/file.rs

@@ -24,7 +24,6 @@ use scannerlib::{
     },
 };
 use tokio::task::spawn_blocking;
-use tracing::{info, warn};
 
 use super::{inmemory, *};
 
@@ -412,7 +411,6 @@ impl FromConfigAndFeeds for Storage<ChaCha20IndexFileStorer<IndexedFileStorer>>
         config: &Config,
         feeds: Vec<FeedHash>,
     ) -> Result<Self, Box<dyn std::error::Error + Sync + Send>> {
-        info!("using in file storage. Sensitive data will be encrypted stored on disk.");
         // If this is even being called, we can assume we have a key
         let key = config.storage.fs.key.as_ref().unwrap();
         Ok(file::encrypted(&config.storage.fs.path, key, feeds)?)
@@ -424,9 +422,6 @@ impl FromConfigAndFeeds for Storage<IndexedFileStorer> {
         config: &Config,
         feeds: Vec<FeedHash>,
     ) -> Result<Self, Box<dyn std::error::Error + Sync + Send>> {
-        warn!(
-            "using in file storage. Sensitive data will be stored on disk without any encryption."
-        );
         Ok(file::unencrypted(&config.storage.fs.path, feeds)?)
     }
 }

rust/src/openvasd/storage/inmemory.rs

@@ -10,7 +10,6 @@ use scannerlib::{
     storage::{item::Nvt, ContextKey, DefaultDispatcher, StorageError},
 };
 use tokio::task::JoinSet;
-use tracing::info;
 
 #[derive(Clone, Debug, Default)]
 struct Progress {
@@ -292,7 +291,6 @@ where
         _: &Config,
         feeds: Vec<FeedHash>,
     ) -> Result<Self, Box<dyn std::error::Error + Send + Sync>> {
-        info!("using in memory store. No sensitive data will be stored on disk.");
         Ok(inmemory::Storage::new(E::default(), feeds))
     }
 }

rust/src/openvasd/storage/redis.rs

@@ -19,7 +19,6 @@ use scannerlib::{
     notus::{AdvisoryLoader, HashsumAdvisoryLoader},
 };
 use tokio::{sync::RwLock, task::JoinSet};
-use tracing::info;
 
 use crate::{config::Config, controller::ClientHash, storage::FeedType};
 use scannerlib::models::scanner::ScanResults;
@@ -348,7 +347,6 @@ where
         config: &Config,
         feeds: Vec<FeedHash>,
     ) -> Result<Self, Box<dyn std::error::Error + Send + Sync>> {
-        info!(url = config.storage.redis.url, "using redis");
         Ok(Self::new(
             T::from_config_and_feeds(config, feeds.clone())?,
             config.storage.redis.url.clone(),

rust/src/osp/response.rs

@@ -3,7 +3,7 @@
 // SPDX-License-Identifier: GPL-2.0-or-later WITH x11vnc-openssl-exception
 
 //! # Responses of OSPD commands
-use std::fmt;
+use std::{collections::HashMap, fmt};
 
 use serde::{de::Visitor, Deserialize};
 
@@ -589,6 +589,12 @@ impl From<Scan> for crate::models::Status {
             ScanStatus::Interrupted => crate::models::Phase::Failed,
         };
 
+        let mut scanning: HashMap<String, i32> = HashMap::new();
+        if let Some(i) = &value.host_info {
+            for host in &i.host {
+                scanning.insert(host.name.clone(), 0);
+            }
+        }
         crate::models::Status {
             status: phase,
             start_time: value.start_time.map(|s| s.0),
@@ -604,6 +610,9 @@ impl From<Scan> for crate::models::Status {
                         - host_info.count_alive.content.0
                         - host_info.host.len() as u64,
                     finished: host_info.count_alive.content.0,
+                    // Not used by OSP but necessary for Openvas and Openvasd
+                    // scanner types respectively
+                    scanning: Some(scanning),
                 }
                 .build()
             }),