English | Deutsch
Home »

OpenVAS Change Request #45: OpenVAS-Scanner: add pausing of scans

Status: Voted +7. Done (completed with SVN revision 7236).

Purpose

Add "soft" pausing to the Scanner, which allows a client to pause a running scan.

References

Rationale

A planned feature of the Manager is scheduling of tasks. Scheduling would allow the user to run a task during a certain time period, for example for three hours every night.

To implement this type of task scheduling the Manager needs to be able to pause the scan at the end of the time period.

This CR proposes to add "soft" pausing to the Scanner.

In response to a pause command the Scanner will stop scheduling new NVTs until it receives a resume command. Any scheduled or running NVTs will continue to completion.

As a consequence of this design, stopping the entire Scanner will stop the paused scan, as if the client had sent a STOP_WHOLE_TEST. This is simpler, and easier to implement, than trying to store scan state across invocations of the Scanner.

Effects

OTP gains two new commands, PAUSE_WHOLE_TEST and RESUME_WHOLE_TEST.

The OTP STATUS message gains two new actions, "pause" and "resume".

Design and Implementation

Please see the mailing list patch for the proposed implementation.

The patch makes the process controlling the scan send a USR1 signal to the host processes when it receives a PAUSE_WHOLE_TEST from the client. The signal handlers in the host processes set a variable which causes the NVT launching loops in these processes to idle.

Similarly, the patch makes the process controlling the scan send a USR2 signal to the host processes when it receives a RESUME_WHOLE_TEST from the client. The signal handlers clear the variable and the host processes continue launching NVTs.

Each host process sends a STATUS message with action "pause" or "resume" when pausing or resuming.

Here's the ChangeLog from the proposed patch.

2010-03-11  Matthew Mundell 

    Add soft pausing of scans.  Implementation of Change Request #45:
    OpenVAS-Scanner: add pausing of scans,
    http://www.openvas.org/openvas-cr-44.html.

    * openvassd/otp_1_0.h (client_request_t): Add CREQ_PAUSE_WHOLE_TEST and
    CREQ_RESUME_WHOLE_TEST.

    * openvassd/otp_1_0.c (otp_1_0_get_client_request): Add PAUSE_WHOLE_TEST
    and RESUME_WHOLE_TEST commands.

    * openvassd/ntp_11.h (NTP_PAUSE_WHOLE_TEST, NTP_RESUME_WHOLE_TEST): New
    defines.

    * openvassd/ntp_11.c (ntp_11_parse_input): Add CREQ_PAUSE_WHOLE_TEST and
    CREQ_RESUME_WHOLE_TEST handling.

    * openvassd/attack.c (pause_whole_test): New variable.
    (attack_handle_sigusr1, attack_handle_sigusr2): New functions.  Set and
    clear pause_whole_test.
    (attack_host): Check pause_whole_test between plugins and pause if set.
    (attack_start): Set attack_handle_sigusr1 and attack_handle_sigusr2 as
    SIGUSR1 and SIGUSR2 handlers.

    * openvassd/hosts.c (hosts_pause_all, hosts_resume_all): New functions.
    Send pause and resume signal to host process.
    (hosts_read_client): Pause or resume if client gave associated command.

    * openvassd/hosts.h: Add headers accordingly.

History