We leverage gvmd functionality via the GMP API, as we have a custom user interface instead of gsad.
The vast majority of time, API queries happen without issue. For example, when calling <start_task>
or <get_report_formats>
Occasionally, we get issues calling <get_report>
. The error that we see is: sql_close: attempt to close db with open statement(s)
We connect to GMP via PHP stream_socket_client
method, send the request via fwrite
to the socket, and retrieve the contents via stream_get_contents()
.
We have a custom timeout of 30 seconds for the socket, at which point we close and look at the response (if any). If we have not had a suitable response, we retry the connection with a incrementally longer timeout, up to 90 seconds.
In these cases, the results
table is populated with data from the scan, and the reports
table has the report for the associated task that was created. So it should ājustā be an exercise of gvmd converting the data in SQLite -> XML and outputting it - however we get an empty response, and the sqlite errors logged.
GVM versions
gsa: (āgsad --versionā) N/A - we don't use this
gvm: (āgvmd --versionā) Greenbone Vulnerability Manager 8.0.0 (GIT revision c0577eb-gvmd-8.0)
openvas-scanner: (āopenvassd --versionā) OpenVAS Scanner 6.0.0 (GIT revision 2ae62ab-openvas-scanner-6.0)
gvm-libs: v10.0.0
Environment
Operating system: Debian stretch-slim
docker container
Kernel: (āuname -aā) Linux REDACTED 4.15.0-55-generic #60-Ubuntu SMP Tue Jul 2 18:22:20 UTC 2019 x86_64 GNU/Linux
Installation method / source: Relevant *-8.0 branch from GitHub, for each application