Builtin notus

doc/manual/nasl/built-in-functions/glue-functions/notus.md

@@ -19,7 +19,7 @@ product: identifier for the notus scanner to get list of vulnerable packages
 In contrast to **[update_table_driven_lsc_data(3)](update_table_driven_lsc_data.md)**
 this function does not publish results by itself, but returns a json like structure,
 so information can be adjusted and must be published using
-**[security_lsc(3)](../report-functions/security_lsc.md)**. The json like format depends
+**[security_notus(3)](../report-functions/security_notus.md)**. The json like format depends
 one the scanner that is used. There are currently 2 scanner types available: Notus and
 Skiron. Their response have different formats and also will be parsed differently. The
 format for Notus has the following structure:
@@ -54,11 +54,18 @@ The elements can be accessed by using the normal NASL array handling. For more i
 
 The format for Skiron has the following structure:
 ```json
-{
-  "[oid1]": "some message",
-  "[oid2]": "some message"
-}
-It is just a dictionary with the OID of the result as key and the result message as value.
+[
+  {
+    "oid": "[oid1]",
+    "message": "[message1]"
+  },
+  {
+    "oid": "[oid2]",
+    "message": "[message2]"
+  }
+]
+```
+It is a list of dictionaries. Each dictionary has the key `oid` and `message`.
 
 To determine which format is used, the builtin function **[notus_type(3)](notus_type.md)** can be used.
 

doc/manual/nasl/built-in-functions/glue-functions/update_table_driven_lsc_data.md

@@ -2,6 +2,8 @@
 
 ## NAME
 
+DEPRECATED
+
 **update_table_driven_lsc_data** - Set information, so that openvas can start a table driven lsc
 
 ## SYNOPSIS
@@ -19,10 +21,16 @@ os_release: identifier for the operating system of the target system
 After the KB items are set, these information is also transferred to the main process and a notus scan is triggered. The
 results of the notus scan are then directly published.
 
+## DEPRECATED
+
+This function is deprecated and **[notus(3)](notus.md)** and **[security_notus(3)](security_notus.md)** should be used instead.
+
 ## RETURN VALUE
 
 This function returns nothing.
 
 ## SEE ALSO
 
-**[log_message(3)](log_message.md)**
+**[log_message(3)](log_message.md)**,
+**[notus(3)](notus.md)**,
+**[security_notus(3)](security_notus.md)**

rust/Cargo.toml

@@ -84,6 +84,7 @@ rand_core = "0.6.4"
 rc4 = "0.1.0"
 redis = "0.32.5"
 regex = "1.10.6"
+reqwest = { version = "0.12", features = ["json", "blocking"] }
 ripemd = "0.1.3"
 rsa = { version = "0.9.8", features = ["hazmat"] }
 russh = "0.54.2"

rust/benches/interpreter.rs

@@ -27,6 +27,7 @@ pub fn run_interpreter_in_description_mode(c: &mut Criterion) {
                     loader: &Loader::test_empty(),
                     scan_preferences: ScanPrefs::new(),
                     alive_test_methods: Vec::new(),
+                    notus: None,
                 };
                 let context = cb.build();
                 let code = Code::from_string(code)

rust/data/notus/sha256sums

@@ -0,0 +1 @@
+98b0943d0ed58ef00b7ae838bbcb22728475bc910527e1f7f0001d52d7651e96  debian_10.notus

rust/examples/openvasd/config.example.toml

@@ -18,6 +18,8 @@ check_interval = "3600s"
 products_path = "/var/lib/notus/products/"
 # path to the notus advisories feed. This is required for the /vts endpoint
 advisories_path = "/var/lib/notus/advisories/"
+# Address to reach notus on. If not set, internal notus implementation is used.
+# address = "127.0.0.1:3001"
 
 [endpoints]
 # Enables GET /scans endpoint
@@ -102,4 +104,3 @@ max_scanning = 10
 batch_size = 2
 # How long openvasd should pause before retrying
 retry_timeout = "1s"
-

rust/src/feed/update/mod.rs

@@ -70,6 +70,7 @@ pub async fn feed_version(
         scan_id,
         scan_preferences: scan_params,
         alive_test_methods,
+        notus: None,
     };
     let context = cb.build();
     let mut interpreter = ForkingInterpreter::new(
@@ -170,6 +171,7 @@ where
             executor: &self.executor,
             scan_preferences: scan_params,
             alive_test_methods,
+            notus: None,
         };
         let context = context.build();
         let file = code.source_file();

rust/src/nasl/builtin/error.rs

@@ -6,6 +6,7 @@ use thiserror::Error;
 
 use crate::nasl::prelude::*;
 use crate::nasl::utils::error::FnErrorKind;
+use crate::notus::NotusError;
 
 use super::KBError;
 use super::cert::CertError;
@@ -27,6 +28,8 @@ pub enum BuiltinError {
     #[error("{0}")]
     Http(HttpError),
     #[error("{0}")]
+    Notus(NotusError),
+    #[error("{0}")]
     String(StringError),
     #[error("{0}")]
     Misc(MiscError),
@@ -99,4 +102,5 @@ builtin_error_variant!(CertError, Cert);
 builtin_error_variant!(SysError, Sys);
 builtin_error_variant!(FindServiceError, FindService);
 builtin_error_variant!(SnmpError, Snmp);
+builtin_error_variant!(NotusError, Notus);
 builtin_error_variant!(RawIpError, RawIp);

rust/src/nasl/builtin/mod.rs

@@ -16,12 +16,12 @@ mod isotime;
 mod knowledge_base;
 pub mod misc;
 pub mod network;
-mod snmp;
-
+mod notus;
 mod preferences;
 pub mod raw_ip;
 mod regex;
 mod report_functions;
+mod snmp;
 mod ssh;
 mod string;
 mod sys;
@@ -63,7 +63,8 @@ pub fn nasl_std_functions() -> Executor {
         .add_set(find_service::FindService)
         .add_set(wmi::Wmi)
         .add_set(snmp::Snmp)
-        .add_set(cert::NaslCerts::default());
+        .add_set(cert::NaslCerts::default())
+        .add_set(notus::NaslNotus::default());
 
     executor.add_set(raw_ip::RawIp);
     executor.add_global_vars(raw_ip::RawIp);