Merge branch 'main' into scan-progress

Author: ozgen

.github/workflows/changelog.yml

@@ -0,0 +1,29 @@
+name: Show changelog since last release
+
+on:
+  workflow_dispatch:
+
+jobs:
+  changelog:
+    name: Show changelog since last release
+    runs-on: 'ubuntu-latest'
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0 # for conventional commits and getting all git tags
+          persist-credentials: false
+      - name: Install git-cliff
+        uses: greenbone/actions/uv@v3
+        with:
+          install: git-cliff
+      - name: Determine changelog
+        env:
+          GITHUB_REPO: ${{ github.repository }}
+          GITHUB_TOKEN: ${{ github.token }}
+        run: |
+          git-cliff -v --strip header --unreleased -o /tmp/changelog.md
+      - name: Show changelog
+        run: |
+          cat /tmp/changelog.md
+          cat /tmp/changelog.md >> $GITHUB_STEP_SUMMARY

.github/workflows/release.yml

@@ -32,14 +32,38 @@ jobs:
           contains(github.event.pull_request.labels.*.name, 'minor release') ||
           contains(github.event.pull_request.labels.*.name, 'major release')) &&
           github.event.pull_request.merged == true )
-    runs-on: 'ubuntu-latest'
+    runs-on: "ubuntu-latest"
     steps:
       - name: Selecting the Release type
         id: release-type
         uses: greenbone/actions/release-type@v3
         with:
           release-type-input: ${{ inputs.release-type }}
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0 # for conventional commits and getting all git tags
+          persist-credentials: false
+          ref: ${{ steps.release-type.outputs.release-ref }}
+      - name: Determine release version
+        id: release-version
+        uses: greenbone/actions/release-version@v3
+        with:
+          release-type: ${{ steps.release-type.outputs.release-type }}
+          release-version: ${{ inputs.release-version }}
+          versioning-scheme: "semver"
+      - name: Install git-cliff
+        uses: greenbone/actions/uv@v3
+        with:
+          install: git-cliff
+      - name: Determine changelog
+        env:
+          GITHUB_REPO: ${{ github.repository }}
+          GITHUB_TOKEN: ${{ github.token }}
+        run: |
+          git-cliff -v --strip header -o /tmp/changelog.md --unreleased --tag ${{ steps.release-version.outputs.release-version }} ${{ steps.release-version.outputs.last-release-version }}..HEAD
       - name: Release with release action
+        id: release
         uses: greenbone/actions/release@v3
         with:
           github-user: ${{ secrets.GREENBONE_BOT }}
@@ -48,7 +72,7 @@ jobs:
           gpg-key: ${{ secrets.GPG_KEY }}
           gpg-fingerprint: ${{ secrets.GPG_FINGERPRINT }}
           gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }}
-          release-type: ${{ steps.release-type.outputs.release-type }}
-          release-version: ${{ inputs.release-version }}
+          release-version: ${{ steps.release-version.outputs.release-version }}
+          changelog: /tmp/changelog.md
           ref: ${{ steps.release-type.outputs.release-ref }}
           versioning-scheme: "semver"

CMakeLists.txt

@@ -8,7 +8,7 @@ message ("-- Configuring the Greenbone Vulnerability Management Libraries...")
 
 # VERSION: Always include major, minor and patch level.
 project (gvm-libs
-  VERSION 22.18.1
+  VERSION 22.18.2
   LANGUAGES C)
 
 if (POLICY CMP0005)

boreas/alivedetection.c

@@ -331,16 +331,17 @@ alive_detection_init (gvm_hosts_t *hosts, alive_test_t alive_test)
   /* Scanner */
 
   /* Sockets */
-  if ((error = set_all_needed_sockets (&scanner, alive_test)) != 0)
+  error = set_all_needed_sockets (&scanner, alive_test);
+  if (error != 0)
     return error;
 
   /* Do not print results in stdout. Only set for command line clients*/
   scanner.print_results = 0;
 
   /* kb_t redis connection */
   int scandb_id = atoi (prefs_get ("ov_maindbid"));
-  if ((scanner.main_kb = kb_direct_conn (prefs_get ("db_address"), scandb_id))
-      == NULL)
+  scanner.main_kb = kb_direct_conn (prefs_get ("db_address"), scandb_id);
+  if (scanner.main_kb == NULL)
     return -7;
   /* TODO: pcap handle */
   // scanner.pcap_handle = open_live (NULL, FILTER_STR); //
@@ -398,7 +399,8 @@ alive_detection_init (gvm_hosts_t *hosts, alive_test_t alive_test)
   int max_scan_hosts = INT_MAX, pref_value;
 
   /* Check that the max_scan_hosts is set and it is greater than 0 */
-  if ((pref_str = prefs_get ("max_scan_hosts")) != NULL)
+  pref_str = prefs_get ("max_scan_hosts");
+  if (pref_str != NULL)
     {
       pref_value = atoi (pref_str);
       if (pref_value > 0)
@@ -482,7 +484,8 @@ start_alive_detection (void *hosts_to_test)
   gvm_hosts_t *hosts;
   alive_test_t alive_test;
 
-  if ((alive_test_err = get_alive_test_methods (&alive_test)) != 0)
+  alive_test_err = get_alive_test_methods (&alive_test);
+  if (alive_test_err != 0)
     {
       g_warning ("%s: %s. Exit Boreas.", __func__,
                  str_boreas_error (alive_test_err));
@@ -495,7 +498,8 @@ start_alive_detection (void *hosts_to_test)
     }
 
   hosts = (gvm_hosts_t *) hosts_to_test;
-  if ((init_err = alive_detection_init (hosts, alive_test)) != 0)
+  init_err = alive_detection_init (hosts, alive_test);
+  if (init_err != 0)
     {
       g_warning (
         "%s. Boreas could not initialise alive detection. %s. Exit Boreas.",

boreas/arp.c

@@ -329,7 +329,8 @@ send_arp_v4 (const char *dst_str)
 
   if (srcip == INADDR_ANY)
     {
-      if ((uint32_t) -1 == (srcip = libnet_get_ipaddr4 (libnet)))
+      srcip = libnet_get_ipaddr4 (libnet);
+      if ((uint32_t) -1 == srcip)
         {
           g_warning ("%s: Unable to get the IPv4 address of default "
                      "interface %s: %s. Address '%s' will be skipped.",

boreas/boreas_io.c

@@ -94,7 +94,8 @@ send_limit_msg (int num_not_scanned_hosts)
     return -1;
 
   dbid = atoi (prefs_get ("ov_maindbid"));
-  if ((main_kb = kb_direct_conn (prefs_get ("db_address"), dbid)))
+  main_kb = kb_direct_conn (prefs_get ("db_address"), dbid);
+  if (main_kb)
     {
       char buf[256];
       g_snprintf (buf, 256,
@@ -439,9 +440,11 @@ send_dead_hosts_to_ospd_openvas (int count_dead_hosts)
 gchar *
 get_openvas_scan_id (const gchar *db_address, int db_id)
 {
-  kb_t main_kb = NULL;
+  kb_t main_kb;
   gchar *scan_id;
-  if ((main_kb = kb_direct_conn (db_address, db_id)))
+
+  main_kb = kb_direct_conn (db_address, db_id);
+  if (main_kb)
     {
       scan_id = kb_item_get_str (main_kb, ("internal/scanid"));
       kb_lnk_reset (main_kb);

boreas/cli.c

@@ -50,7 +50,8 @@ init_cli (scanner_t *scanner, gvm_hosts_t *hosts, alive_test_t alive_test,
                          gvm_host_value_str (host), host);
 
   /* Sockets. */
-  if ((error = set_all_needed_sockets (scanner, alive_test)) != 0)
+  error = set_all_needed_sockets (scanner, alive_test);
+  if (error != 0)
     return error;
 
   /* Only init portlist if either TCP-ACK or TCP-SYN ping is used. */
@@ -224,7 +225,8 @@ is_host_alive (const char *ip_str, int *count)
   const gchar *port_list = NULL;
 
   hosts = gvm_hosts_new (ip_str);
-  if ((alive_test_err = get_alive_test_methods (&alive_test)) != 0)
+  alive_test_err = get_alive_test_methods (&alive_test);
+  if (alive_test_err != 0)
     {
       g_warning ("%s: %s. Exit Boreas.", __func__,
                  str_boreas_error (alive_test_err));

boreas/util.c

@@ -34,6 +34,11 @@ set_socket (socket_type_t, int *);
  *
  * From W.Richard Stevens "UNIX NETWORK PROGRAMMING" book. libfree/in_cksum.c
  * TODO: Section 8.7 of TCPv2 has more efficient implementation
+ *
+ * @param[in]  addr  Data to checksum over.
+ * @param[in]  len   Length of data in bytes.
+ *
+ * @return Checksum in bytes.
  **/
 uint16_t
 in_cksum (uint16_t *addr, int len)
@@ -65,7 +70,7 @@ in_cksum (uint16_t *addr, int len)
   sum = (sum >> 16) + (sum & 0xffff); /* add hi 16 to low 16 */
   sum += (sum >> 16);                 /* add carry */
   answer = ~sum;                      /* truncate to 16 bits */
-  return (answer);
+  return answer;
 }
 
 /**
@@ -520,7 +525,8 @@ set_socket (socket_type_t socket_type, int *scanner_socket)
    * on pinging broadcast address */
   if (!error)
     {
-      if ((error = set_broadcast (soc)) != 0)
+      error = set_broadcast (soc);
+      if (error != 0)
         return error;
     }
 
@@ -542,30 +548,38 @@ set_all_needed_sockets (scanner_t *scanner, alive_test_t alive_test)
   boreas_error_t error = NO_ERROR;
   if (alive_test & ALIVE_TEST_ICMP)
     {
-      if ((error = set_socket (ICMPV4, &(scanner->icmpv4soc))) != 0)
+      error = set_socket (ICMPV4, &(scanner->icmpv4soc));
+      if (error != 0)
         return error;
-      if ((error = set_socket (ICMPV6, &(scanner->icmpv6soc))) != 0)
+      error = set_socket (ICMPV6, &(scanner->icmpv6soc));
+      if (error != 0)
         return error;
     }
 
   if ((alive_test & ALIVE_TEST_TCP_ACK_SERVICE)
       || (alive_test & ALIVE_TEST_TCP_SYN_SERVICE))
     {
-      if ((error = set_socket (TCPV4, &(scanner->tcpv4soc))) != 0)
+      error = set_socket (TCPV4, &(scanner->tcpv4soc));
+      if (error != 0)
         return error;
-      if ((error = set_socket (TCPV6, &(scanner->tcpv6soc))) != 0)
+      error = set_socket (TCPV6, &(scanner->tcpv6soc));
+      if (error != 0)
         return error;
-      if ((error = set_socket (UDPV4, &(scanner->udpv4soc))) != 0)
+      error = set_socket (UDPV4, &(scanner->udpv4soc));
+      if (error != 0)
         return error;
-      if ((error = set_socket (UDPV6, &(scanner->udpv6soc))) != 0)
+      error = set_socket (UDPV6, &(scanner->udpv6soc));
+      if (error != 0)
         return error;
     }
 
   if ((alive_test & ALIVE_TEST_ARP))
     {
-      if ((error = set_socket (ARPV4, &(scanner->arpv4soc))) != 0)
+      error = set_socket (ARPV4, &(scanner->arpv4soc));
+      if (error != 0)
         return error;
-      if ((error = set_socket (ARPV6, &(scanner->arpv6soc))) != 0)
+      error = set_socket (ARPV6, &(scanner->arpv6soc));
+      if (error != 0)
         return error;
     }
 

boreas/util_tests.c

@@ -65,6 +65,31 @@ __wrap_setsockopt (__attribute__ ((unused)) int sockfd,
   return (int) mock (sockfd, level, optname, optval, optlen);
 }
 
+/* in_cksum */
+
+Ensure (util, in_cksum_small)
+{
+  int len;
+  // https://web.archive.org/web/20020916085726/http://www.netfor2.com/checksum.html
+  uint16_t data[] = {0x0100, 0xF203, 0xF4F5, 0xF6F7};
+
+  len = sizeof (data); // len is in bytes
+  assert_that (in_cksum ((uint16_t *) data, len), is_equal_to (0x210E));
+}
+
+Ensure (util, in_cksum_bigger)
+{
+  int len;
+  // https://en.wikipedia.org/wiki/Internet_checksum
+  uint16_t data[] = {0x4500, 0x0073, 0x0000, 0x4000, 0x4011,
+                     0xC0A8, 0x0001, 0xC0A8, 0x00C7};
+
+  len = sizeof (data); // len is in bytes
+  assert_that (in_cksum ((uint16_t *) data, len), is_equal_to (0xB861));
+}
+
+/* set_all_needed_sockets */
+
 Ensure (util, set_all_needed_sockets)
 {
   g_socket_use_real = false;
@@ -214,6 +239,8 @@ main (int argc, char **argv)
 
   suite = create_test_suite ();
 
+  add_test_with_context (suite, util, in_cksum_small);
+  add_test_with_context (suite, util, in_cksum_bigger);
   add_test_with_context (suite, util, fill_ports_array);
   add_test_with_context (suite, util, set_all_needed_sockets);
   add_test_with_context (suite, util, set_socket);