Changelog for openvas-manager-4.0.2-3.4.i586.rpm :
Sat Jul 27 14:00:00 2013 arxboxAATTarxcorp.com
- changed debian.compat file - it was empty and added 6. This will
allow it to complete the packaging process successfully on debian
based systems.

Mon Jul 8 14:00:00 2013 johann.luceAATTwanadoo.fr
- Update in 4.0.2
Backport for r16811. Patch by Hani Benhabiles.

* src/manage_sql.c (validate_results_port): Also try to validate results
in old format \"foo (123/bar)\"
Backport for r16224. Patch by Hani Benhabiles.

* src/manage.c (get_nvti_xml): Escape xrefs too as characters like
ampersand may be included in URLs.

* src/manage_sql.c (print_report_xml): Initialize result_count value.
Backport for r16657. Patch by Hani Benhabiles.

* src/manage_sql.c (validate_results_port): New function.
(create_note, modify_note, create_override, modify_override): Validate
port value.

* src/omp.c (omp_xml_handle_end_element): Handle invalid port case for
create_note, create_override, modify_note, modify_override calls.
Backport for r16196. Patch by Timo Pollmeier.

* src/omp.c (xml_handle_end_element): In case CLIENT_CREATE_CONFIG
check if copy parameter is NULL before calculating its string length.
Backport for r16653. Patch by Hani Benhabiles.

* src/manage_sql.c (where_search_phrase): Apply search on nvt cve value
too.
Backport for r16636. Patch by Hani Benhabiles.

* src/manage_sql.c (where_search_phrase): Apply search phrase matching
based on nvt tags content too.
Backport r16612.

* src/manage_sql.c (note_count, init_note_iterator, override_count)
(init_override_iterator): Use the task in the results table, instead of
looking up the task via the report. This drastically improves
performance of GET_NOTES when given a task, which was making the GSA Task
Details page load very slowly for big databases.
Post release version bump.
- Update 4.0.1

* CHANGES: Updated.
Revert Backport for r16518 as it affects values from report results page
and old results.
Backport for r16518. Patch by Hani Benhabiles.

* src/manage_sql.c (create_note, modify_note, create_override)
(modify_override): Validate port before writing in DB. Return adequate
error code when validation fails.

* src/omp.c (omp_xml_handle_end_element): Adequately Handle new return
codes for invalid port in create_note, create_override, modify_note and
modify_override.
Backport r16556.

* src/manage.c (run_slave_task): Give up if connection succeeds but
login fails.

* src/manage_sql.c (copy_task): Copy observers too.
Backport from r16547.

* src/manage_sql.c (copy_task): Copy alerts too.
Post release version bump.

Tue Apr 23 14:00:00 2013 johann.luceAATTwanadoo.fr
- Add openvas-certdata-sync to openvas-setup

Mon Apr 22 14:00:00 2013 johann.luceAATTwanadoo.fr
- Add openvas-scapdata-sync to openvas-setup

Mon Apr 22 14:00:00 2013 johann.luceAATTwanadoo.fr
- Add file openvas-setup for initial startup
fix duplicate files
fix liscence problem

Thu Apr 18 14:00:00 2013 johann.luceAATTwanadoo.fr
- Update in 4.0.0
+2013-04-17 Timo Pollmeier

* src/sql.c (sql_resource_exists, sql_resource_name): Change SQL
function to return null when at least one of the parameters is null
instead of treating it as an error, which caused problems with empty
tables.
2013-04-16 Timo Pollmeier

* src/manage.c (parse_tags): Change comment to \"Scanner Tags\".
(valid_db_resource_type): New function to test if a string is a valid
resource type.

* src/manage.h (tag_iterator_attach_name, tag_iterator_orphaned): New
iterator function prototypes.
(valid_db_resource_type): New function prototype.

* src/manage_sql.c (init_manage_process): Add creation of SQLite
functions resource_exists, resource_name.
(TAG_ITERATOR_FILTER_COLUMNS, TAG_ITERATOR_COLUMNS): Add columns
\"orphaned\" and \"attach_name\".
(tag_iterator_orphaned, tag_iterator_attach_name): New iterator
functions.

* src/omp.c (omp_xml_handle_end_element): In case CLIENT_GET_TAGS,
add \"name\" element to \"attach\", add \"orphaned\" element to \"tag\" to
response.
In case CLIENT_CREATE_TAG, remove a superfluous whitespace.
In cases CLIENT_CREATE_TAG, CLIENT_MODIFY_TAG add validation of
attach_type using valid_db_resource_type.

* src/sql.c (sql_resource_exists): New SQLite function to test if a
resource of arbitrary type exists.
(sql_resource_name): New SQLite function to get the name of a resource
or construct one from various info.

* src/sql.h (sql_resource_exists, sql_resource_name): New SQLite
function prototypes.

* src/schema_formats/XML/OMP.xml (get_tags): Add response elements
attach/name and orphaned and update example to include these.

* doc/omp.html, doc/omp.rnc: Update from source.
2013-04-15 Timo Pollmeier

* src/manage_sql.c (valid_type, type_pretty_name, type_db_name):
Add new resource type \"Tag\" for filters.
2013-04-11 Matthew Mundell

* src/omp.c (modify_task_data_t, modify_task_data_reset)
(client_state_t): Add target_id and config_id entries.
(omp_xml_handle_start_element, omp_xml_handle_end_element): Allow config
and target editing in MODIFY_TASK when the task status is New.
2013-04-11 Matthew Mundell

* src/schema_formats/XML/OMP.xml (delete_user): Add user_id and ultimate
attribs.
(get_users): Add user_id attrib. Add USER/AATTid to response.

* doc/omp.html, doc/omp.rnc: Update from source.
2013-04-11 Timo Pollmeier

* src/manage.h (copy_tag): New function prototype.

* src/manage_sql.c (copy_tag): New function to create copies of existing
tags.

* src/omp.c (create_tag_data_t, create_tag_data_reset): Add field
\"copy\".
(client_state_t): Add new state CLIENT_CREATE_TAG_COPY.
(omp_xml_handle_start_element, omp_xml_handle_end_element)
(omp_xml_handle_text): Add handling of new create_tag subelement \"copy\".

* src/schema_formats/XML/OMP.xml, doc/omp.html, doc/omp.rnc
(create_tag): Add optional subelement \"copy\" to command.
2013-04-11 Timo Pollmeier

* src/manage_sql.c (manage_empty_trashcan): Also clear tags_trash
table when trashcan is emptied.
2013-04-11 Matthew Mundell

* src/schema_formats/XML/OMP.xml (create_user, delete_user)
(describe_auth, get_users, modify_auth, modify_user): New commands.
From OAP schema in Administrator.
(help): Update to match help text.

* doc/omp.html, doc/omp.rnc: Update from source.
2013-04-11 Matthew Mundell

* src/schema_formats/XML/OMP.xml (create_user, delete_user)
(describe_auth, get_users, modify_auth, modify_user): New commands.
From OAP schema in Administrator.
(help): Update to match help text.

* doc/omp.html, doc/omp.rnc: Update from source.
2013-04-11 Timo Pollmeier

* src/manage_sql.c (modify_tag): Fix \"value\" parameter changing
name instead of value.
2013-04-10 Matthew Mundell

* src/omp.c (omp_xml_handle_end_element): In CLIENT_MODIFY_AUTH align
comment and remove FIX that was already covered.
2013-04-10 Matthew Mundell
Cleanup the MODIFY_AUTH implementation.

* src/omp.c (modify_auth_data_t, modify_auth_data_reset): Remove
curr_group_name.
(omp_xml_handle_start_element): Remove MODIFY_AUTH doc, this will be in
the OMP doc. Remove TODO, this is a general feature that applies to all
commands. Reformat CLIENT_MODIFY_AUTH to match others, using
ELSE_ERROR. In CLIENT_MODIFY_AUTH allocate the group instead of storing
the name separately. Remove FIX on
CLIENT_MODIFY_AUTH_GROUP_AUTHCONFSETTING because it\'s basically what the
the others do.
(omp_xml_handle_end_element): In CLIENT_MODIFY_AUTH add group name check
and move key_file declaration to top of block. In
CLIENT_MODIFY_AUTH_GROUP just add the settings, and leave the name
checking to the end handler.
2013-04-10 Jan-Oliver Wagner

* INSTALL: Adjusted formatting.

* tools/openvas-portnames-update.in: Use cmake variable instead of
fixed path to allow individual installation prefix.
Also added output of number of processed items.
2013-04-10 Timo Pollmeier

* src/manage_sql.c (manage_set_setting): Add Tags Filter.

* src/omp.c (omp_xml_handle_end_element): In case CLIENT_GET_TAGS,
add support for default filter (filt_id = -2) and ensure that generation
of normal response is only run if iterator is created correctly.
2013-04-10 Hani Benhabiles

* src/manage_sql.c: Remove make_port_names prototype.
(init_manage): Don\'t check and update port_names as it is done
externally now.

* src/manage_port_names.c: Remove file as it is not needed anymore.

* CMakeLists.txt: Remove reference to manage_port_names.c

* INSTALL: Update for steps to import port names from IANA service names
list.
2013-04-10 Matthew Mundell
Add MODIFY_AUTH to OMP. This is a direct copy from OAP in Administrator
with some slight changes to fit in Manager, mostly formatting.

* src/omp.c (auth_conf_setting_t): New type.
(auth_conf_setting_from_xml): New function.
(omp_commands): Add MODIFY_AUTH.
(auth_group_t, modify_auth_data_t): New types.
(modify_auth_data_reset): New function.
(command_data_t, client_state_t): Add MODIFY_AUTH entries.
(modify_auth_data): New variable.
(omp_xml_handle_start_element, omp_xml_handle_end_element): Add
MODIFY_AUTH handling.
2013-04-10 Timo Pollmeier

* src/manage.h (tag_in_use, trash_tag_in_use, tag_writable)
(trash_tag_writable): New function prototypes.

* src/manage_sql.c (tag_in_use, trash_tag_in_use): New functions
for compatibility with SEND_GET_COMMON macro.
(tag_writable, trash_tag_writable): New functions for compatibility with
SEND_GET_COMMON macro.

* src/omp.c (omp_xml_handle_end_element): In case CLIENT_GET_TAGS,
change to use SEND_GET_COMMON macro instead of send_get_common function.
2013-04-10 Timo Pollmeier

* src/omp.c (create_tag_data_t, modify_tag_data_t): Add attach_count.
Add missing periods in comment.
(omp_xml_handle_start_element): In cases CLIENT_MODIFY_TAG,
CLIENT_CREATE_TAG add incrementation of attach_count.
(omp_xml_handle_end_element): In case CLIENT_GET_TAGS fix indentation,
change to use send_get_common for common get elements.
In case CLIENT_DELETE_TAG, fix parameters of send_find_error_to_client.
In cases CLIENT_MODIFY_TAG, CLIENT_CREATE_TAG add new checks for attach
subelement and clarify error messages.
In cases CLIENT_MODIFY_TAG_ATTACH, CLIENT_CREATE_TAG_ATTACH remove value
checks, now handled by CLIENT_MODIFY_TAG and CLIENT_CREATE_TAG.

* src/schema_formats/XML/OMP.xml, doc/omp.html, doc/omp.rnc (get_tags):
Add writable and in_use elements in response.
2013-04-10 Hani Benhabiles

* src/omp.c (omp_xml_handle_end_element): Order iteration over families
descendingly in CLIENT_GET_CONFIGS case.
2013-04-10 Timo Pollmeier

* src/manage_sql.c (create_tables, create_tables_version_4): Reformat
SQL queries so lines are 80 or less characters long.
Move tag-related queries so they fit into the alphabetical order.
2013-04-09 Matthew Mundell

* src/manage_sql.c (create_schedule): Neaten formatting.
(create_tag, modify_tag): Format overhangs of ternaries like others.
2013-04-09 Matthew Mundell

* src/omp.c (omp_xml_handle_end_element): In CLIENT_GET_USERS free uuid
from openvas_user_uuid.
2013-04-09 Matthew Mundell

* src/manage_sql.c (openvas_admin_modify_user): Leave groups alone if
groups arg is NULL. If setting groups then clear before, otherwise the
old groups may remain.

* src/omp.c (omp_xml_handle_start_element): Init the MODIFY_USER groups
array only when a GROUPS element is given, so that the client has a way
to preserve the existing groups.
2013-04-09 Matthew Mundell

* src/omp.c (omp_xml_handle_end_element): Use CLOSE for MODIFY_USER
states.
2013-04-09 Matthew Mundell

* src/omp.c (omp_xml_handle_end_element): In CLIENT_CREATE_USER correct
log message, and add logs to all cases.
2013-04-09 Matthew Mundell

* src/manage_sql.c (openvas_admin_add_user): Add args for groups.

* src/omp.c (modify_user_data_t, client_state_t): Add groups entries.
(modify_user_data_reset): Free groups
(omp_xml_handle_start_element, omp_xml_handle_end_element): Add GROUPS
to MODIFY_USER.

* src/manage.h: Update header accordingly.
2013-04-09 Timo Pollmeier

* src/manage_sql.c (create_schedule): Clean up spacing and
braces/indentation.
2013-04-09 Timo Pollmeier

* src/manage_sql.c (create_schedule): Fix timezone default overwriting
existing value. Remove superfluous \"!= 0\" and braces.
2013-04-09 Timo Pollmeier

* CMakeLists.txt (OPENVASMD_DATABASE_VERSION): Set to 78.

* src/manage_sql.c (migrate_77_to_78): New function. Change duration
and period of schedules to 0 if they were -1.
(database_migrators): Add migrate_77_to_78.

* src/omp.c (omp_xml_handle_end_element): In cases
CLIENT_CREATE_SCHEDULE and CLIENT_MODIFY_SCHEDULE set period and
duration to 0 instead of -1 if they are not specified.
2013-04-09 Timo Pollmeier

* src/html/XML/OMP.xml, doc/omp.html, doc/omp.rnc (create_schedule): Add
timezone element. Mark all elements other than name as optional to make
consistent with actual behavior.
2013-04-09 Timo Pollmeier

* src/manage.h, src/manage_sql.c (create_schedule): Add timezone
parameter.

* src/omp.c (create_schedule_data_t, create_schedule_data_reset): Add
timezone.
(client_state_t): New state CLIENT_CREATE_SCHEDULE_TIMEZONE.
(omp_xml_handle_start_element, omp_xml_handle_end_element)
(omp_xml_handle_text): Add timezone element to create_schedule.
2013-04-08 Timo Pollmeier
Add tag management OMP commands (create_tag, delete_tag, get_tags,
modify_tag).

* src/manage.h (tag_t): New typedef.
(tag_uuid, create_tag, delete_tag, find_tag, modify_tag)
(init_tag_iterator, tag_count, tag_iterator_attach_type)
(tag_iterator_attach_id, tag_iterator_active, tag_iterator_active)
(tag_iterator_value): New function prototypes. See manage_sql.c.

* src/manage_sql.c (create_tables): Add definition of tables \"tags\" and
\"tags_trash\" as well as indexes.
(tag_uuid): New function, gets the UUID of a tag.
(manage_restore): Add restore of tags in trashcan.
(create_tag, delete_tag, find_tag, modify_tag): New functions for tag
management.
(TAG_ITERATOR_FILTER_COLUMNS, TAG_ITERATOR_COLUMNS)
(TAG_ITERATOR_TRASH_COLUMNS): New #defines for tag iterator columns.
(init_tag_iterator, tag_count, tag_iterator_attach_type)
(tag_iterator_attach_id, tag_iterator_active, tag_iterator_active)
(tag_iterator_value): New iterator functions for tags.

* src/omp.c (omp_commands): Add help text for new tag commands.
(create_tag_data_t, delete_tag_data_t, get_tags_data_t)
(modify_tag_data_t): New structs for command data of tag commands.
(create_tag_data_reset, delete_tag_data_reset, get_tags_data_reset)
(modify_tag_data_reset): New functions that reset tag command data.
(command_data_t): Add new command data types.
(create_tag_data, delete_tag_data, get_tags_data, modify_tag_data): New
variables for tag command data.
(client_state_t): Add new tag command client states.
(omp_xml_handle_start_element, omp_xml_handle_end_element)
(omp_xml_handle_text): Add handling of tag-related XML elements.

* src/schema_formats/XML/OMP.xml, doc/omp.html, doc/omp.rnc: Add
documentation of new commands (create_tag, delete_tag, get_tags,
modify_tag).
2013-04-08 Hani Benhabiles
Add script to update DB port names data from a port names xml file list.
Currently supports IANA service names official list.

* tools/openvas-portnames-update.in: New script to update

* tools/portnames_update.xsl: New template to generate SQL queries for
DB port names data creation.

* CMakeLists.txt: Install tools/portnames_update.xsl and
tools/openvas-portnames-update files.
2013-04-08 Matthew Mundell

* src/omp.c (omp_xml_handle_end_element): In CLIENT_GET_SCHEDULES use
\"UTC\" when the timezone is NULL, else \"(null)\" ends up in the response.
2013-04-07 Jan-Oliver Wagner

* src/manage_sql.c (setup_full_config_prefs): Remove handling
of \"silent_dependencies\".
2013-04-05 Hani Benhabiles

* src/manage_config_discovery.c (make_config_discovery): Remove tcp
timestamps from default discovery config scan as it has a cvss > 0.0.
2013-04-04 Matthew Mundell

* src/manage_sql.c (set_task_observers, group_add_users): Free
openvas_user_uuid return.
2013-04-04 Matthew Mundell

* src/manage_sql.c (copy_user): Add NULL check on role for now, to keep
it working.
2013-04-04 Hani Benhabiles
Add port_names to resolve Network services names and load content from
official IANA list.

* src/manage_port_names.c: New file.

* src/CMakeLists.txt: Add manage_port_names.c.

* src/manage_sql.c: Declare make_port_names prototype.
(create_tables): Create port_names table.
(manage_port_name): Return service name value from port_names table.
(init_manage): Call make_port_names if port_names table has few entries.
2013-04-03 Matthew Mundell
Add name attribute to DELETE_USER, to be compatible with Administrator.

* src/manage_sql.c (delete_user): Add name arg. Delete by name if given
user ID is NULL.

* src/manage.h: Update header accordingly.

* src/omp.c (delete_user_data_t, delete_user_data_reset): Add name.
(omp_xml_handle_start_element): Parse DELETE_USER name attribute.
(omp_xml_handle_end_element): In CLIENT_DELETE_USER pass name to delete
function.
2013-04-03 Matthew Mundell

* src/otp.c (process_otp_scanner_input): Get the length for g_convert
with strlen, because the strip and compress functions can change the
string length. Thanks to Rodolfo Gouveia and Stefan Sperling for
spotting this.
2013-04-03 Werner Koch

* src/ompd.c (serve_omp): Check for pending TLS records before the
main select.
2013-04-03 Matthew Mundell
Add MODIFY_USER to OMP. This is a direct copy from OAP in Administrator
with some slight changes to fit in Manager, mostly formatting.

* src/manage_sql.c (openvas_admin_modify_user): New function. From
Administrator.

* src/manage.h: Add header accordingly.

* src/omp.c (omp_commands, command_data_t, client_state_t): Add
MODIFY_USER entries.
(modify_user_data_t): New type.
(modify_user_data_reset): New function.
(modify_user_data): New variable.
(omp_xml_handle_start_element, omp_xml_handle_end_element)
(omp_xml_handle_text): Handle MODIFY_USER.
2013-04-03 Hani Benhabiles

* src/otp.c (process_otp_scanner_input): In SCANNER_HOLE_NUMBER,
SCANNER_INFO_NUMBER, SCANNER_NOTE_NUMBER, SCANNER_LOG_NUMBER,
SCANNER_ERRMSG_NUMBER cases, fix port number and protocol
extraction format string to match scanner changes and use
manage_port_name function to get port number associated name.

* src/manage_sql.c (manage_port_name): New function.

* src/manage.h: Add manage_port_name header.
2013-04-03 Matthew Mundell
Add DELETE_USER. This is the same command as in Administrator, but it
takes a uuid parameter instead of a name. Name parameter will follow,
for backward compatibility.

* src/manage_sql.c (find_user): Switch to finding by UUID like other
find functions.
(find_user_by_name): New function. Body from old find_user. Update
find_user callers to use this.
(openvas_admin_remove_user): New function. From Administrator.
(delete_user): New function.

* src/manage.h: Add header accordingly.

* src/omp.c (omp_commands, client_state_t, command_data_t): Add
DELETE_USER entries.
(delete_user_data_t): New type.
(delete_user_data_reset): New function.
(delete_user_data): New variable.
(omp_xml_handle_start_element, omp_xml_handle_end_element): Handle
DELETE_USER.
2013-04-02 Matthew Mundell
Add CREATE_USER/COPY for cloning, including new user columns. Hence
increase database version to 77. Add database migration from version 76
to 77.

* CMakeLists.txt (OPENVASMD_DATABASE_VERSION): Increase to 77.

* src/manage_sql.c (user_t): Remove. Now in manage.h.
(copy_resource): Use underscore instead of space in name for users.
(create_tables): Add standard columns. Add placeholder columns for info
stored on disk.
(migrate_76_to_77): New function.
(migrators): Add migrate_76_to_77.
(copy_user, user_uuid): New functions.

* src/manage.h: Add headers accordingly.
(user_t): New type. From manage_sql.c.

* src/omp.c (create_user_data_t, client_state_t): Add copy field.
(create_user_data_reset): Free copy.
(omp_xml_handle_start_element, omp_xml_handle_end_element)
(omp_xml_handle_text): Add COPY to CREATE_USER.

* src/sql.c (sql_uniquify): Use underscore instead of space in name for
users.

* doc/db_postgres.sql (users): Add new columns.

* doc/db.png: Update from source.
2013-03-29 Hani Benhabiles

* src/manage_ranges_all_tcp_nmap_5_51_top_100.c,
src/manage_ranges_all_tcp_nmap_5_51_top_1000.c,
src/manage_ranges_iana_tcp_2012.c,
src/manage_ranges_iana_tcp_udp_2012.c,
src/manage_ranges_nmap_5_51_top_2000_top_100.c: Wrap the insertions
bulks in sql transactions.
2013-03-29 Hani Benhabiles

* src/manage_sql.c (init_manage, config_in_use): Check empty scan config
by uuid instead of by name.
2013-03-28 Matthew Mundell

* src/manage_sql.c (escalate_1): Include note and override details, else
text element is truncated.
2013-03-28 Matthew Mundell

* src/manage.c (openvas_admin_list_users): Add uuid arg. Return
matching user if uuid given, as for name.

* src/manage.h: Update header accordingly.

* src/omp.c (get_users_data_t): Add get field. Doc name.
(get_users_data_reset): Reset get.
(omp_xml_handle_start_element): Parse GET_USERS GET attributes.
(omp_xml_handle_end_element): In CLIENT_GET_USERS find user by ID if
given, and add USER/AATTid.
2013-03-28 Matthew Mundell

* src/manage_sql.c (init_manage_process): Add SQL function user_uuid.
(init_user_group_iterator): Get the user via the UUID instead of via the
name, because the name is ambiguous in the db.

* src/sql.c (sql_user_uuid): New function.

* src/sql.h: Add header accordingly.
2013-03-28 Matthew Mundell

* src/manage_sql.c (print_report_xml): Cleanup report_hosts iterator in
assets case, otherwise the db is closed with open statements.
2013-03-28 Hani Benhabiles

* src/manage_config_discovery (make_config_discovery): Add uuid function
parameter. Use it instead of the fixed \'Discovery\' name value.

* src/manage_sql.c: Adjust make_config_discovery prototype.
(init_manage, config_in_use): Check for default Discovery config with
uuid instead of name.
2013-03-28 Hani Benhabiles

* src/openvasmd.c: Include misc/proctitle.h
(main.c): Set process title when initializing.
2013-03-28 Hani Benhabiles

* src/manage_sql.c (delete_config, config_in_use): Check for \'Discovery\'
predefined scan configuration too.
2013-03-28 Hani Benhabiles
Add default \"Discovery\" scan configuration.

* src/manage_sql.c: Add make_config_discovery prototype.
(CONFIG_UUID_DISCOVERY, MANAGE_NVT_SELECTOR_DISCOVERY): New defines.
(init_manage): Create Discovery scan configuration if not found.
(nvt_selector_nvt_count): Remove static qualifier.

* src/manage.h: Add nvt_selector_family_count prototype.

* src/manage_config_discovery.c: New file. Contains function to create
Discovery Scan configuration.

* src/CMakeLists.txt: Add manage_config_discovery.c
2013-03-27 Matthew Mundell

* src/omp.c (omp_xml_handle_end_element): Use CLOSE for CREATE_USER
states.
2013-03-27 Matthew Mundell

* src/manage_sql.c (init_user_group_iterator): Order by name.
2013-03-27 Timo Pollmeier

* src/manage_sql.c (lsc_credential_iterator_rpm)
(lsc_credential_iterator_deb, lsc_credential_iterator_exe): Change
creation of packages to use login instead of name, which caused
problems, for example when the credential name contained whitespaces.
2013-03-27 Matthew Mundell
Add groups to CREATE_USER.

* src/manage_sql.c (openvas_admin_add_user): Add groups args. Add user
to given groups. Add user to database.

* src/manage.h: Update header accordingly.

* src/omp.c (client_state_t): Add CREATE_USER group states.
(create_user_data_t): Add groups
(create_user_data_reset): Free groups.
(omp_xml_handle_start_element, omp_xml_handle_end_element): Add
CREATE_USER groups.
2013-03-26 Matthew Mundell
Add CREATE_USER to OMP. This is a direct copy from OAP in Administrator
with some slight changes to fit in Manager, mostly formatting.

* src/manage.c (validate_username): New function.

* src/manage_sql.c (openvas_admin_add_user): New function.

* src/manage.h: Add header accordingly.

* src/omp.c (omp_commands, client_state_t): Add new command.
(create_user_data_t): New type.
(create_user_data_reset): New function.
(create_user_data): New variable.
(omp_xml_handle_start_element, omp_xml_handle_end_element)
(omp_xml_handle_text): Handle new command.
2013-03-26 Matthew Mundell

* src/manage_sql.c (init_user_group_iterator, user_group_iterator_uuid)
(user_group_iterator_name): New functions.

* src/manage.h: Add headers accordingly.

* src/omp.c (omp_xml_handle_end_element): In GET_USERS add GROUPS.
2013-03-26 Matthew Mundell
Add DESCRIBE_AUTH and GET_USERS to OMP. These are direct copies from
OAP in Administrator with some slight changes to fit in Manager, mostly
formatting.

* src/manage.c (strcmp_desc, openvas_admin_list_users): New functions.
(RULES_HEADER): New define.
(openvas_admin_user_access, keyfile_to_auth_conf_settings_xml): New
functions.

* src/manage.h: Add headers accordingly.

* src/omp.c (omp_commands, client_state_t): Add new commands.
(get_users_data_t): New type.
(get_users_data_reset): New function.
(get_users_data): New variable.
(omp_xml_handle_start_element, omp_xml_handle_end_element): Handle new
commands.
2013-03-25 Matthew Mundell

* src/manage_sql.c (PERMISSION_ITERATOR_FILTER_COLUMNS): Match columns
to GSA.
(PERMISSION_ITERATOR_COLUMNS): Match columns to GSA, using underscore to
shadow existing column names. Remove resource and subject until they
are actually needed. Adjust accessor functions accordingly.
2013-03-25 Matthew Mundell

* src/manage_sql.c (vector_find_filter, underscore_sql_quote): New
functions.
(filter_clause): Use vector_find_filter instead of vector_find_string.
When a keyword matched a filter column with a leading underscore, then
add the underscore in the SQL. This allows a filter column to have a
name that is used by some other column in the table.
(filter_term_value): Add underscore check.
2013-03-25 Hani Benhabiles

* src/manage_sql.c (total_info_count): Code refactor.
(ALL_INFO_UNION_COLUMNS): Use UNION ALL instead of UNION as there are no
duplicate entries to remove.
2013-03-25 Timo Pollmeier

* doc/omp.html, doc/omp.rnc, src/schema_formats/XML/OMP.xml:
Rename def_class to class, xml_file to file for OVAL definitions.

* src/manage.h (ovaldef_info_iterator_def_class): Removed, renamed to
ovaldef_info_iterator_class.
(ovaldef_info_iterator_class): New. Renamed
ovaldef_info_iterator_def_class.
(ovaldef_info_iterator_xml_file): Removed, renamed to
ovaldef_info_iterator_file.
(ovaldef_info_iterator_file): New. Renamed
ovaldef_info_iterator_xml_file.

* src/manage_sql.c (OVALDEF_INFO_ITERATOR_FILTER_COLUMNS)
(OVALDEF_INFO_ITERATOR_COLUMNS): Rename def_class to class,
xml_file to file.
(ovaldef_info_iterator_def_class): Removed. Renamed to
ovaldef_info_iterator_class.
(ovaldef_info_iterator_class): New. Renamed
ovaldef_info_iterator_def_class.
(ovaldef_info_iterator_xml_file): Removed. Renamed to
ovaldef_info_iterator_file.
(ovaldef_info_iterator_file): New. Renamed
ovaldef_info_iterator_xml_file.

* src/omp.c (xml_handle_end_element): In case CLIENT_GET_INFO,
rename element def_class to class, xml_file to file.
2013-03-23 Matthew Mundell
Add permissions trashcan.

* src/manage_sql.c (create_tables): Add permissions_trash.
(delete_permission): Add trash case.
(manage_restore): Add permission restore.
2013-03-23 Matthew Mundell

* src/omp.c (omp_xml_handle_end_element): In CLIENT_GET_INFO format
ternary conditional like others.
2013-03-22 Matthew Mundell

* src/manage_sql.c (init_manage_process, manage_scap_loaded)
(manage_cert_loaded): Use access instead of stat to check for SCAP and
CERT databases. Just put a warning instead of aborting when the access
fails. Remove redundant manage_scap_loaded and manage_cert_loaded
calls.
2013-03-21 Timo Pollmeier

* tools/greenbone-scapdata-sync, tools/openvas-scapdata-sync.in: Make
formatting of log messages more consistent.
2013-03-21 Timo Pollmeier

* tools/greenbone-scapdata-sync (db_migrate_12, check_db_version): New
migration to SCAP database version 12.
(update_scap_db_private): Remove OVAL duplicate checks.

* tools/openvas-scapdata-sync.in (db_migrate_12, check_db_version): New
migration to SCAP database version 12.
(update_sec_db_private): Remove OVAL duplicate checks.

* tools/oval_update.xsl: Add file number suffix to uuids.
Add xml file name to table \"ovalfiles\".

* tools/scap_db_init.sql (ovaldefs, ovaldefs_idx): Remove UNIQUE
constraint for name.
(ovalfiles): New table for OVAL file names.
(ovalfiles_delete): New deletion trigger on ovalfiles.
2013-03-21 Timo Pollmeier

* src/omp.c (omp_xml_handle_end_element): In case CLIENT_GET_INFO,
output xml_file for OVALDEF even if details are not requested.

* src/schema_formats/XML/OMP.xml, doc/omp.html, doc/omp.rnc (get_info):
Move status and xml_file to reflect their real positions in OMP output.
Change xml_file to non-optional.
2013-03-21 Timo Pollmeier
Handle non-unique \"name\" and unique selection by \"info_id\" for get_info.

* src/manage.c (get_ovaldef_filename): Rename parameter from oval_id
to item_id and change comment to make clear that the OVAL ID with suffix
is to be passed as parameter.
(manage_read_info): New parameter uid (unique identifier), used to
look up files for CVE, OVALDEF, and DFN_CERT_ADV.

* src/manage.h (manage_read_info): Change prototype.
(info_name_count): New function prototype.

* src/manage_sql.c (info_name_count): New function, counts get_info
items with a given name by name.
(init_cpe_info_iterator, init_cve_info_iterator)
(init_ovaldef_info_iterator, init_dfn_cert_adv_info_iterator): Add
removal of filter if ID is supplies, as is done for name.
(get_ovaldef_short_filename): Rename parameter from oval_id
to item_id and change comment to make clear that the OVAL ID with suffix
is to be passed as parameter.

* src/omp.c (omp_xml_handle_end_element): In case CLIENT_GET_INFO,
pass ID to manage_read_info in addition to name.
Use info_count instead of assuming 1 when counting info selected by
name.
2013-03-20 Jan-Oliver Wagner

* INSTALL: Increased dependency note for gnutls to 2.8
and removed notes on openvas-adduser which is going
to be removed anyway.
2013-03-20 Matthew Mundell
Add OMP MODIFY_GROUP.

* src/manage_sql.c (group_add_users): New function. Body from
create_group.
(create_group): Call group_add_users to add users.
(modify_group): New function.

* src/manage.h: Add header accordingly.

* src/omp.c (omp_commands, command_data_t, client_state_t): Add
MODIFY_GROUP entries.
(modify_group_data_t): New type.
(modify_group_data_reset): New function.
(modify_group_data): New variable.
(omp_xml_handle_start_element, omp_xml_handle_end_element)
(omp_xml_handle_text): Add MODIFY_GROUP.
2013-03-20 Matthew Mundell

* src/manage_sql.c (valid_type, type_pretty_name, type_db_name): Add
permissions, so that creating permission filters works.
2013-03-20 Matthew Mundell
Add the copy part of OMP CREATE_PERMISSION, for cloning.

* src/manage_sql.c (copy_resource): Add make_name_unique flag arg.
Add to all callers.
(copy_permission): New function.

* src/omp.c (omp_commands): Add new command.
(create_permission_data_t): New type.
(create_permission_data_reset): New functions.
(command_data_t, client_state_t): Add new permission entries.
(create_permission_data): New variable.
(omp_xml_handle_start_element, omp_xml_handle_end_element): Add new
command.
2013-03-19 Matthew Mundell
Add OMP DELETE_PERMISSION and GET_PERMISSIONS.

* src/manage_sql.c (permission_uuid, permission_in_use)
(trash_permission_in_use, permission_writable)
(trash_permission_writable): New functions.
(PERMISSION_ITERATOR_FILTER_COLUMNS, PERMISSION_ITERATOR_COLUMNS): New
defines.
(permission_count, init_permission_iterator)
(permission_iterator_resource_type, permission_iterator_resource_uuid)
(permission_iterator_resource_name, permission_iterator_subject_type)
(permission_iterator_subject_uuid, permission_iterator_subject_name)
(find_permission_with_permission, delete_permission)
(find_permission): New

* src/manage.h: Add headers accordingly.
(permission_t): New type.

* src/omp.c (omp_commands): Add new commands.
(delete_permission_data_t, get_permissions_data_t): New types.
(delete_permission_data_reset, get_permissions_data_reset): New
functions.
(command_data_t, client_state_t): Add new permission entries.
(delete_permission_data, get_permissions_data): New variables.
(omp_xml_handle_start_element, omp_xml_handle_end_element): Add new
commands.
2013-03-19 Matthew Mundell

* src/manage_sql.c (init_task_user_iterator)
(init_task_group_iterator): Correct doc brief.
2013-03-19 Matthew Mundell

* src/manage_sql.c (set_task_observers): Delete only user permissions,
so that group permissions can be left the same.

* src/omp.c (omp_xml_handle_start_element): Move MODIFY_TASK groups init
into observers.
(omp_xml_handle_end_element): In MODIFY_TASK check groups existence
instead of length, to make it possible to remove all observer groups
from the task. Free owner after last use, instead of before.
2013-03-19 Matthew Mundell
Add observer groups to CREATE_TASK.

* src/omp.c (create_task_data_t, create_task_data_reset): Add groups.
(client_state_t): Add observer group state.
(omp_xml_handle_start_element, omp_xml_handle_end_element): Add observer
groups.
2013-03-18 Matthew Mundell

* src/manage_sql.c (user_has_access_uuid, user_may)
(init_get_iterator): Enable group permission checks.
2013-03-18 Matthew Mundell
Add observer groups to MODIFY_TASK and GET_TASKS.

* src/manage_sql.c (init_task_group_iterator, task_group_iterator_task)
(task_group_iterator_group, task_group_iterator_name)
(task_group_iterator_uuid, set_task_groups): New functions.

* src/manage.h: Update headers accordingly.

* src/omp.c (modify_task_data_t, modify_task_data_reset): Add groups.
(client_state_t): Add observer group state.
(omp_xml_handle_start_element, omp_xml_handle_end_element): Add observer
groups.
2013-03-18 Jan-Oliver Wagner

* CMakeLists.txt: Increased dependency to gnutls from 2.2 to 2.8.
2013-03-14 Hani Benhabiles
Migrate DB to version 76 for md5 checksum to feed version changes.

* src/manage_sql.c (migrate_75_to_76): New function. delete leftover
nvts_checksum value and rename nvts_md5sum to nvts_feed_version.
(migrators): Add migrate_75_to_76.

* CMakeLists.txt (OPENVASMD_DATABASE_VERSION): Increase to 76.
2013-03-14 Timo Pollmeier

* tools/greenbone-scapdata-sync, tools/openvas-scapdata-sync.in
(do_help): Add help text for --verbose option.
2013-03-14 Matthew Mundell

* src/manage_sql.c (init_group_iterator): Name variable more sensibly.
2013-03-14 Timo Pollmeier

* tools/greenbone-scapdata-sync (): Add --verbose option.
(update_scap_db): Add output of duplicate IDs in verbose mode.

* tools/openvas-scapdata-sync.in (): Add --verbose option.
(update_sec_db): Add output of duplicate IDs in verbose mode.
2013-03-14 Hani Benhabiles

* src/schema_formats/XML/OMP.xml, doc/proto_postgres.sql, doc/omp.html,
doc/omp.rnc: Update documentation for get_nvt_feed_version.
2013-03-14 Hani Benhabiles
Change Plugins MD5 Checksum to Feed version.

* src/manage.c (acknowledge_md5sum_info): Change function to
acknowledge_feed_version_info.

* src/manage.h: Update function headers accordingly.
(scanner_t): Rename plugins_md5 element to plugins_feed_version.

* src/manage_sql.c (init_manage_process): Remove unused delete
references to nvts_checksum.
(init_manage): Rename main.meta value name nvts_md5sum to
nvts_feed_version.
(nvts_md5sum, set_nvts_md5sum): Rename and update for feed version
changes.

* src/omp.c (command_t): Rename GET_NVT_FEED_CHECKSUM to
GET_NVT_FEED_VERSION.
(get_nvt_feed_checksum_data_t, get_nvt_feed_checksum_data_reset)
(get_nvt_feed_checksum_data): Remove as unused.
(client_state_t): Rename CLIENT_GET_NVT_FEED_CHECKSUM to
CLIENT_GET_NVT_FEED_VERSION.
(omp_xml_handle_start_element, omp_xml_handle_end_element): Update for
feed version changes.

* src/ompd.c (write_to_scanner, serve_omp): Update scanner init state
names.

* src/otp.c (init_otp_data, process_otp_scanner_input): Update function
and variables names and documentation accordingly.

* src/otp.h (scanner_init_state_t): Rename SCANNER_INIT_GOT_FEED_MD5SUM
to SCANNER_INIT_GOT_FEED_VERSION.
2013-03-14 Hani Benhabiles

* src/manage_sql.c (init_all_info_iterator): Clean code. Add order
clause in no filter clause case. Free allocated gchar\'s.
2013-03-13 Matthew Mundell

* src/ompd.c (serve_omp): In cache update/rebuild mode, exit if
connecting to the scanner fails.

* src/openvasmd.c (update_or_rebuild_nvt_cache): Log when connecting to
scanner fails.
2013-03-13 Matthew Mundell

* src/openvasmd.c (handle_sigabrt): Print backtrace when compiled with
debugging.
2013-03-12 Matthew Mundell

* src/manage_sql.c (init_get_iterator): Remove used_by arg. Recursive
access will be handled by explicit permissions. Update callers.
2013-03-12 Matthew Mundell

* src/manage_sql.c (migrate_74_to_75): Ensure table exists.
2013-03-12 Matthew Mundell
Add permissions table. Manage task observers via permissions instead of
via the task_users table. Hence increase database version to 75. Add
database migration from version 74 to 75.

* CMakeLists.txt (OPENVASMD_DATABASE_VERSION): Increase to 75.

* src/manage_sql.c (user_has_access_uuid): Add permission arg. If type
has permissions support (currently task and report) then do the check
using the new permissions table. Remove special case check for
lsc_credential because recursive access via task access will be removed
with the new permission system. Update callers.
(vector_find_filter, underscore_sql_quote): New functions. Helpers.
(user_may): Add #if 0 around already disabled code, for consistency.
(filter_clause): Add permissions arg. Return with array of permissions
filter terms, if arg given. Update callers.
(type_has_users): Remove.
(type_has_permissions): New function.
(init_get_iterator): Remove task_users based filtering. Add permission
based filtering, which affects only tasks and reports.
(count): Remove special case based on actions parameter. This was used
to control which tasks where visible. Now done via permissions
parameter.
(create_tables): Add permissions. Remove task_users.
(migrate_74_to_75): New function. Converts task_users to permissions.
(migrators): Add migrate_74_to_75.
(init_task_user_iterator): Remove action arg. Iterator over permissions
table instead of task_users.
(task_user_iterator_actions): Remove. Adjust name position accordingly.
(set_task_observer): Use new table.
(report_counts): Use permission version of find function.
(find_report_with_permission): New function.
2013-03-12 Matthew Mundell

* src/manage_sql.c (filter_clause): Correct SQL typo.
2013-03-12 Timo Pollmeier

* tools/oval_timestamp.xsl, tools/oval_verify.xsl: Add recognition of
OVAL root elements oval_variables, oval_system_charactersistics and
oval_results. Variables files are now considered valid.

* tools/oval_update.xsl: Add compatibility with oval_variables files.
2013-03-12 Timo Pollmeier

* src/schema_formats/XML/OMP.xml, doc/omp.html, doc/omp.rnc: Add
OVAL definitions \"status\" element to get_info documentation.
Change documentation of \"deprecated\" element in OVALDEF to boolean type.
2013-03-12 Hani Benhabiles

* src/omp.c (send_get_end): Don\'t printf filt_id when null.
2013-03-12 Hani Benhabiles

* src/schema_formats/XML/OMP.xml, doc/omp.html, doc/omp.rnc: Update
get_info documentation.
2013-03-12 Hani Benhabiles

* src/manage_sql.c (ALL_INFO_ITERATOR_FILTER_COLUMNS)
(ALL_INFO_UNION_COLUMNS, init_all_info_iterator): Add extra column
(all_info_iterator_extra): New function.

* src/omp.c (omp_xml_handle_end_element): Send allinfo extra element in
CLIENT_GET_INFO case.

* src/manage.h: Add all_info_iterator_extra header.
2013-03-11 Timo Pollmeier

* tools/greenbone-scapdata-sync (update_scap_db_private)
(update_scap_db): Fix skipping of OVAL timestamp filter for cases when
REBUILD_OVAL is set to 1. Add default value for REBUILD_OVAL.

* tools/openvas-scapdata-sync (update_sec_db_private)
(update_sec_db): Fixes analogous to Greenbone version.
2013-03-11 Timo Pollmeier

* tools/greenbone-certdata-sync (sync_certdata): Remove skipping of
rsync with previously nonexistent feed.
2013-03-11 Hani Benhabiles

* src/manage_sql.c (manage_set_setting): Add All SecInfo default filter
setting.

* src/omp.c (omp_xml_handle_end_element): Use All SecInfo as default
filter name instead of ALLINFO in CLIENT_GET_INFO case.
2013-03-11 Jan-Oliver Wagner

* CMakeLists.txt: Install greenbone-certdata-sync.
2013-03-11 Timo Pollmeier
Add \"status\" column to OVAL definitions in SCAP database.

* src/manage.h (ovaldef_info_iterator_status): New prototype.

* src/manage_sql.c (OVALDEF_INFO_ITERATOR_FILTER_COLUMNS)
(OVALDEF_INFO_ITERATOR_COLUMNS): Add \"status\" column.
(ovaldef_info_iterator_status): New function to get \"status\" from an
OVAL definition iterator.

* src/omp.c (omp_xml_handle_end_element): In ovaldef else if section,
add \"status\" to OMP output.

* tools/greenbone-scapdata-sync (db_migrate_11): New function to
migrate SCAP database to version 11.
(check_db_version): Add migration to version 11.
(update_scap_db_private, update_scap_db): Add selective rebuild of OVAL
data.

* tools/openvas-scapdata-sync.in (db_migrate_11, check_db_version): See
greenbone-scapdata-sync.
(update_sec_db_private, update_sec_db): See update_scap_db_private,
update_scap_db in greenbone-scapdata-sync.
(do_refresh_private): Set variable REFRESH_PRIVATE_ONLY to 1.

* tools/oval_update.xsl: Add insert of \"status\" data into SCAP database.

* tools/scap_db_init.sql (meta): Set version to 11.
(ovaldefs): Add column \"status\".
2013-03-11 Hani Benhabiles

* src/sql.c (cleanup_iterator): Check iterator pointer before
dereferencing it.
2013-03-11 Hani Benhabiles
Add search All SecInfo feature.

* src/manage_sql (all_info_count, total_info_count)
(init_all_info_iterator, all_info_iterator_type): New functions.
(ALL_INFO_ITERATOR_FILTER_COLUMNS, ALL_INFO_UNION_COLUMNS): New define.
(omp_xml_handle_end_element): Add allinfo handling in CLIENT_GET_INFO
case.

* src/manage.h: Add all_info_count, total_info_count,
init_all_info_iterator and all_info_iterator_type headers.
2013-03-07 Matthew Mundell
Move the observer checks for CREATE operations into the functions that
do the operations. This opens the way for controlling these permissions
via the database.

* src/manage_sql.c (user_may): New function.
(copy_resource, create_alert, copy_alert, create_report, copy_task)
(create_target, copy_target, create_config, create_config_rc)
(copy_config, create_lsc_credential, create_agent, create_note)
(create_override, create_report_format, copy_report_format, copy_group)
(create_group, create_port_list, copy_port_list, modify_port_list)
(create_port_range, create_filter): Add permission check.

* src/omp.c (omp_xml_handle_end_element): Handle permission return in
all CREATE commands.
2013-03-07 Jan-Oliver Wagner

* doc/user-scap-data-HOWTO: Slightly improved.
2013-03-06 Timo Pollmeier

* doc/user-scap-data-HOWTO: New file, documentation for user defined
SCAP data.
2013-03-06 Timo Pollmeier
Add updating of user (OVAL) data to greenbone-scapdata-sync.

* tools/greenbone-scapdata-sync (REFRESH_PRIVATE_ONLY): New variable.
(list_oval_files_sortable, list_oval_files_sorted): Change to output
only files with timestamps and use parameter for directory to search.
(do_help): Add help for new --refresh-private option.
(init_scap_db_update): New function to initialize database variables.
(update_scap_db_private): New function to update user data.
(update_scap_db): Change to support updating user data.
(): Add command line option --refresh-private.
2013-03-06 Timo Pollmeier

* tools/greenbone-scapdata-sync (sync_scapdata),
tools/greenbone-certdata-sync (sync_certdata): Add --chmod=D+x option
to rsync commands to fix problems with directories being created
without +x permissions.
2013-03-06 Hani Benhabiles

* src/schema_formats/XML/OMP.xml, doc/omp.html, doc/omp.rnc: Update
documentation for various results related commands.
2013-03-06 Hani Benhabiles

* src/manage_sql.c (update_nvt_cache): Set nvti tag.
(result_iterator_nvt_tag): New function.

* src/manage.h: Add result_iterator_nvt_tag header accordingly.

* src/omp.c (buffer_results_xml): Send nvt tags.
2013-03-05 Matthew Mundell

* src/manage_sql.c (update_all_config_caches): Use definition for
columns, so that the accessors will still work when the GET iterator
gets more columns.
2013-03-05 Timo Pollmeier
Add functions to synchronize SCAP database with user defined OVAL
repositories in private subdirectory.

* CMakeLists.txt: Add oval_verify.xsl, ovaldef_list_ids.xsl.

* tools/openvas-scapdata-sync.in (do_help): Add --refresh-private text.
(init_sec_db_update): New function, contains database checks and
variable inits from update_sec_db.
(list_oval_files_sorted, list_oval_files_sortable): Change to search
directory given as parameter instead of fixed directory and skip files
without valid OVAL timestamp.
(update_sec_db_private): New function to sync scap.db with user defined
files. Currently supports validating, adding and removing OVAL
definitions.
(update_sec_db): Remove database checks and variable inits, call
init_sec_db_update instead. Change handling of OVAL files list to new
version of list_oval_files_sorted and print warnings for file without
valid timestamps. Add call of update_sec_db_private near end.
(do_refresh_private): New function to refresh user defined data only.
(): New command line option --refresh-private.

* tools/ovaldef_list_ids.xsl: New stylesheet to get a list of all IDs
in an OVAL repository.

* tools/oval_timestamp, tools/oval_update.xsl: Fix selection of
timestamps failing when relevant elements contain extra whitespaces.

* tools/oval_verify.xsl: New stylesheet for basic verification of OVAL
repository files.
2013-03-04 Matthew Mundell
Add basic user groups.

* src/manage_sql.c (create_tables): Create groups tables.
(find_group, copy_group, create_group, delete_group, group_uuid)
(group_users, group_writable, trash_group_writable, group_in_use)
(trash_group_in_use): New functions.
(GROUP_ITERATOR_FILTER_COLUMNS, GROUP_ITERATOR_COLUMNS): New defines.
(group_count, init_group_iterator): New functions.

* src/manage.h: Add headers accordingly.
(group_t): New type.

* src/omp.c (omp_commands): Add group commands.
(create_group_data_t, delete_group_data_t, get_groups_data_t): New
types.
(create_group_data_reset, delete_group_data_reset)
(get_groups_data_reset: New functions.
(command_data_t): Add group commands.
(create_group_data, delete_group_data, get_groups_data): New variables.
(client_state_t): Add group states.
(omp_xml_handle_start_element, omp_xml_handle_end_element)
(omp_xml_handle_text_element): Handle group commands.
2013-03-04 Timo Pollmeier

* tools/greenbone-scapdata-sync (db_migrate_10): Fix sqlite3 call using
an undefined database file name parameter.
2013-03-04 Timo Pollmeier

* tools/greenbone-certdata-sync, tools/greenbone-scapdata-sync: Remove
bashisms not supported by dash like [[ ... ]] and (( ... )) and change
from #!/bin/bash to #!/bin/sh.
2013-03-01 Timo Pollmeier

* tools/greenbone-certdata-sync (RSYNC_DELETE): Remove quotes causing
exclude of private directory to be ignored.

* tools/greenbone-scapdata-sync (RSYNC_DELETE): Remove quotes causing
exclude of private directory to be ignored.
(update_scap_db): Fix recalculation of max_cvss being performed even if
no CVEs were updated.
2013-02-28 Jan-Oliver Wagner

* src/otp.c (process_otp_scanner_input): Rename OTP message
\"PLUGINS_MD5\" to \"NVT_INFO\".
Rename internal SCANNER_PLUGINS_MD5 to SCANNER_NVT_INFO.

* src/ompd.c (write_to_scanner): Update comment as MD5 does not play a
role anymore.
2013-02-28 Andre Heinecke

* report_formats/verinice-ism/gsm_verinice_ism.xsl,
report_formats/verinice-ism/generate:
Do not attach raw xml file of the report anymore
2013-02-28 Jan-Oliver Wagner
Post branch version bump.

* CMakeLists.txt: Updated version number.
2013-02-27 Jan-Oliver Wagner
Remove unused functions.

* src/manage.c (acknowledge_md5sum, acknowledge_md5sum_sums): Removed.

* src/manage.h: Removed proto accordingly.
2013-02-27 Timo Pollmeier

* src/manage.c (slave_setup, delete_slave_task): Delete slave resources
(task, config, target, credentials) instead of moving them to trashcan.
2013-02-27 Hani Benhabiles

* src/omp.c (convert_to_newlines): Rewrite conversion routine to be more
efficient with cleaner code.
2013-02-27 Timo Pollmeier
SCAP sync now updates max_cvss and most cve_refs of CPEs after updating
CVEs to reduce number of time consuming queries for updating max_cvss.

* tools/cve_update.xsl: Remove update of cve_refs and max_cvss.
Columns are now updated by recount in sync shell scripts.

* tools/greenbone-scapdata-sync (db_migrate_9): Change \"sqlite3\" to
\"$SQLITE3\".
(db_migrate_10, check_db_version): Add migration to version 10.
(update_scap_db): Add recalculation of max_cvss and cve_refs after CVEs
update.

* tools/openvas-scapdata-sync.in (db_migrate_10, check_db_version):
Add migration to version 10.
(update_scap_db): Add recalculation of max_cvss and cve_refs after CVEs
update.

* tools/scap_db_init.sql (meta): Change version to 10.
(affected_delete): Remove update of max_cvss. Replaced by recount in
sync scripts.
2013-02-27 Timo Pollmeier

* tools/greenbone-certdata-sync, tools/greenbone-scapdata-sync:
Update version number.
2013-02-27 Timo Pollmeier

* tools/greenbone-certdata-sync: New script to sync CERT data using
the Greenbone feed.
2013-02-27 Timo Pollmeier

* tools/greenbone-scapdata-sync:
Add PRIVATE_SUBDIR and private directory functionality to RSYNC_DELETE.
2013-02-27 Hani Benhabiles

* src/omp.c (omp_xml_handle_end_element): Check return value for
send_get_common() call in In CLIENT_GET_INFO case.
2013-02-25 Matthew Mundell

* src/report_formats/HTML/HTML.xsl (prognostic-description): New
template.
(result [issue]): For prognostic results, produce the description with
prognostic-description so that the browser does paragraph wrapping.
2013-02-25 Matthew Mundell

* src/omp.c (omp_xml_handle_end_element): In GET_REPORTS add checks
for -2 filt_id to the asset and prognostic cases.
2013-02-25 Andre Heinecke

* report_formats/verinice-ism/create_report_import:
Update version number to 1.1.7
2013-02-22 Michael Wiegand
Post release version bump.

* CMakeLists.txt: Updated version number to 4.0+beta6.
2013-02-22 Timo Pollmeier
Replace index on affected_products (cve, cpe) by two separate ones for
each column to speed up queries on that table slowing down updates.

* tools/greenbone-scapdata-sync (VERSION): Update.
(db_migrate_9): New database migration funcion.
(check_db_version): Migrate to version 9 from version 8.

* tools/openvas-scapdata-sync.in (db_migrate_9): New database migration
function.
(check_db_version): Migrate to version 9 from version 8.

* tools/scap_db_init.sql (afp_idx): Remove. Replaced by afp_cve_idx and
afp_cpe_idx.
(afp_cve_idx): New index on affected_products (cve).
(afp_cpe_idx): New index on affected_products (cpe).
2013-02-22 Michael Wiegand
Preparing the openvas-manager 4.0+beta5 release.

* CHANGES: Updated.

* INSTALL: Updated openvas-libraries dependency.
2013-02-21 Timo Pollmeier

* tools/greenbone-scapdata-sync, tools/openvas-scapdata-sync.in
(list_oval_files_sortable, update_sec_db): Add quotes to allow syncing
when $SCAP_DIR is the current directory.
2013-02-21 Werner Koch

* src/manage_sql.c (manage_set_setting): Re-word password
diagnostic.
2013-02-20 Werner Koch
Check password policy.

* src/openvasmd.c: Include openvas/base/pwpolicy.h.
(main): Add option --disable-password-policy.

* src/manage_sql.c: Include openvas/base/pwpolicy.h.
(manage_set_setting): Call openvas_validate_password and add new
arg R_ERRDESC.

* src/manage.h: Update prototype for this.

* src/omp.c (make_xml_error_syntax): New.
(omp_xml_handle_end_element) : Send back an
error string for an invalid password.
2013-02-20 Timo Pollmeier

* tools/openvas-certdata-sync.in: Enable rsync and add --refresh option.
(do_help): Add text for --refresh.
(do_rsync): Enable previously commented out rsync code, remove now
obsolete warning and add $RSYNC_DELETE.
(do_refresh): New function.
(): Add case for --refresh.
2013-02-20 Timo Pollmeier

* tools/openvas-scapdata-sync.in (do_refresh): Move to prevent possible
problems with shells not finding update_sec_db.
2013-02-20 Timo Pollmeier

* tools/openvas-scapdata-sync.in (): Add command line option --refresh
to update database without downloading feed data.
(do_help): Add text for new --refresh option.
(do_refresh): New function.
2013-02-20 Timo Pollmeier

* tools/openvas-scapdata-sync.in: Remove / disable http feed download.
(do_help): Remove text for --wget and --curl.
(CMD_WGET, CMD_CURL): Remove
(chk_system_tools): Remove wget and curl checks
(do_wget, do_curl): Change to exit with warning.
(do_sync): Change to only try rsync.
2013-02-20 Timo Pollmeier
Add private subdirectory functionality in OpenVAS sync scripts.

* tools/openvas-certdata-sync.in (PRIVATE_SUBDIR, RSYNC_DELETE): New.
(do_help): Add line for PRIVATE_SUBDIR as environment variable.

* tools/openvas-scapdata-sync.in (PRIVATE_SUBDIR): New.
(RSYNC_DELETE): Add --exclude for private subdirectory.
(do_help): Add line for PRIVATE_SUBDIR as environment variable.
2013-02-20 Michael Wiegand
Move \"-Werror\" flag to the \"Debug\" build type.

* CMakeLists.txt: Move \"-Werror\" from CMAKE_C_FLAGS to
CMAKE_C_FLAGS_DEBUG to keep it out of the \"Release\" build type.
2013-02-20 Matthew Mundell

* src/omp.c (omp_parser_new): Clear parser memory on allocation, so that
parent_state is 0 initially. This prevents the end handler from setting
the client state to some arbitrary number after reading over an element,
for example when importing a report.
2013-02-19 Matthew Mundell

* src/manage_sql.c (manage_empty_trashcan): Empty notes and overrides
too.
2013-02-19 Timo Pollmeier

* src/omp.c (client_state_t): Add client states for cert and cert_ref
elements in create_report.
(omp_xml_handle_start_element, omp_xml_handle_end_element): Add cert
and cert_ref elements in create_report.
2013-02-19 Hani Benhabiles

* src/manage_sql.c (manage_set_setting): Add Reports Filter setting.

* src/omp.c (omp_xml_handle_element): Check for settings default report
filter when no filter and filt_id are provided in GET_REPORTS case.
2013-02-19 Matthew Mundell

* src/omp.c (omp_xml_handle_start_element)
(omp_xml_handle_end_element): Set the importing flag around
CREATE_REPORT, to read-over new elements in reports.
2013-02-19 Andre Heinecke

* report_formats/verinice-ism/gsm_verinice_ism.xsl (control_details):
Add gsm_control_tag that is a comma seperated list of tags
based on the notes description. If a line in the description starts
with + it will be interpreted as a \"Tag\"
2013-02-19 Andre Heinecke

* report_formats/verinice-ism/gsm_verinice_ism.xsl (scenario_details):
Add cvss and fix cve and threat values
2013-02-18 Matthew Mundell

* tools/greenbone-scapdata-sync: Run sqlite3 via SQLITE3 variable, to
specify -noheader, because the user may have .headers on in .sqliterc.
(SCAP_RES_DIR): Skip /usr/ when there\'s a PREFIX.
2013-02-18 Timo Pollmeier

* src/manage.c (get_nvti_xml), src/omp.c (buffer_results_xml)
(omp_xml_handle_end_element): Add output of warning message in
CERT elements if CERT database is missing to fix errors when NVTs are
accessed in this case.

* src/schema_formats/XML/OMP.xml, doc/omp.html, doc/omp.rnc: Add
warning message elements for CERT reference elements.
2013-02-18 Timo Pollmeier

* tools/dfn_cert_update.xsl: Fix XSL select returning empty IDs for
dfn_cert_cves insert.
2013-02-18 Andre Heinecke

* report_formats/verinice-ism/gsm_verinice_ism.xsl: Add
gsm_ism_control_cpe based on result/detection value
2013-02-14 Jan-Oliver Wagner

* INSTALL: Added some more details on how to change the encryption key.
2013-02-14 Timo Pollmeier

* tools/dfn_cert_getbyname.xsl, tools/dfn_cert_update.xsl: Change to
get ID from new element instead of extracting it from