Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var BrokerApiVersion = scanUtils.Version{
Major: 1,
Minor: 1,
Patch: 0,
}
BrokerApiVersion defines the current compatibility level required between broker and agent. This hardcoded value allows newly built broker versions to exclude older scan agent builds, which might not be compatible with broker-side or agent-side upgrades. If an agent version does not suffice, the broker will return an invalid version error, visible on the agent side to act (log, terminate, etc.).
Functions ¶
func RegisterGobs ¶
func RegisterGobs()
RegisterGobs registers data structs for RPC to make them transferable as interface variables
func RpcSubmitScanResult ¶
func RpcSubmitScanResult( logger scanUtils.Logger, rpc *utils.Client, ctx context.Context, wg *sync.WaitGroup, chThrottle chan struct{}, rpcArgs interface{}, )
RpcSubmitScanResult sends scan results to the broker via RPC
Types ¶
type AgentInfo ¶
type AgentInfo struct {
BuildCommit string // Debug information about the agent executable
BuildTimestamp string // Debug information about the agent executable
ApiVersion scanUtils.Version // API version compiled into the binaries, allowing the broker to reject outdated incompatible agents
Name string // Instance name of the scan agent. There may be multiple scan agents running on the same system (e.g. to target different scan scopes).
Host string // Host used during scanning. Logged by the broker. Decided by scan agent, because only it knows the IP address of it's scanning interface.
Ip string // Ip address used during scanning. Logged by the broker. Decided by scan agent, because only it knows the IP address of it's scanning interface.
Limits bool // Whether the agent has dedicated limits configured in the config
}
AgentInfo contains agent identifying metadata to describe the origin of the request ATTENTION: Do not use this data for security checks, it can be crafted!
type ArgsGetScanTask ¶
type ArgsGetScanTask struct {
AgentInfo // Identifying scan agent information to distinguish scan agent instances for informational purposes
ScopeSecret string // Scan scope secret to authenticate/associate this scan result to
ModuleData []ModuleData // List of already running modules/tasks on the agent
SystemData utils.SystemData // Some system information, like CPU load,...
}
ArgsGetScanTask contains metadata of a scan agent requesting scan targets
type ArgsSaveScanResult ¶
type ArgsSaveScanResult struct {
AgentInfo // Identifying scan agent information to distinguish scan agent instances for informational purposes
ScopeSecret string // Scan scope secret to authenticate/associate this scan result to
Id uint64 // Id is passed back to allow the broker associating this result set with the original request. The Id might be either the t_discovery entry ID from the scope db or the t_sub_input entry ID from the brokerdb.
Result interface{} // Generic interface that holds structure for different scan results
}
ArgsSaveScanResult contains metadata about a scan result and the result data itself, sent by a scan agent
type Broker ¶
type Broker struct{}
Broker is used to implement the broker's RPC interfaces
func (*Broker) RequestScanTasks ¶
func (b *Broker) RequestScanTasks(rpcArgs *ArgsGetScanTask, rpcReply *ReplyGetScanTask) error
RequestScanTasks processes scan task requests received from agents
func (*Broker) SubmitScanResult ¶
func (b *Broker) SubmitScanResult(rpcArgs *ArgsSaveScanResult, rpcReply *struct{}) error
SubmitScanResult processes scan results received from agents
type ModuleData ¶
type ModuleData struct {
Label string // Name of the respective module, as used by the scan module itself
MaxInstances int // Maximum total amount of instances the agent wants to handle, as configured in its config
TotalInstances int // Total amount of instances currently running on the scan agent, across all scan scopes
ScopeInstances int // Amount of instances currently running on the scan agent, in the current scan scope
}
ModuleData contains metadata of a scan module on an agent (e.g. how many of its kind are running,...)
type ReplyGetScanTask ¶
type ReplyGetScanTask struct {
ScanTasks []ScanTask
}
ReplyGetScanTask contains a list of scan tasks to be returned to a scan agent after requesting
type ScanTask ¶
type ScanTask struct {
Secret string // Scope secret identifying the scan scope this scan tasks belongs to
Label string // Name of the respective module to use these arguments with
Id uint64 // PK from the source table (might be a t_discovery ID (scope db) or a sub scan target ID (broker db)
Target string
Protocol string
Port int
OtherNames []string
Service string
ServiceProduct string
ScanSettings managerdb.T_scan_setting // Current scan settings taken from the scan scope
}
ScanTask contains data of a single scan task used by the agent to start a scan. This struct is held generic to fit all scan modules and to simplify broker-side code. Required information is picked from this struct by the agent. This struct will contain copied data from a cached scan target struct.
Source Files