Connecting to gvmd listening on port instead of unix socket path (Premature end of file)

[maxproske]

Hi there! Is there any way to run MixewayOpenVASRestAPI using a port or ospd.sock instead of gvmd.sock? I can't seem to find any modern OpenVAS Docker images that create a gvmd.sock.

I'm trying to run MixewayOpenVASRestAPI with the immauss/openvas Docker image, but it has GVM 21.4.4 listening on port 9390 instead of a unix socket. securecompliance/gvm also has this issue.

I have tried replacing gvmd --listen=0.0.0.0 --port=9390 with gvmd --unix-socket=/var/run/gvmd/gvmd.sock in start.sh to create the socket myself, but GVM stops responding.

When I try to use the OSPd socket I get the following error: [Fatal Error] :-1:-1: Premature end of file.. But I don't have verbose logging, so I can't see what's causing this error.

Thank you!

Similar issues:

• missing openvasmd.sock  immauss/openvas#68

java -jar MixewayOpenVasRestAPI-1.2.0-SNAPSHOT.jar \
    --server.port=8443 \
    --allowed.users=localhost \
    --spring.profiles.active=noauth \
    --server.ssl.key-store=/app/pki/certificate.p12 \
    --server.ssl.key-store-password=changeit \
    --server.ssl.key-alias=localhost \
    --server.ssl.trust-store=/usr/local/openjdk-8/lib/security/cacerts \ 
    --server.ssl.trust-store-password=changeit \
    --openvasmd.socket=/var/run/ospd/ospd.sock

curl --insecure --request POST \
  --url https://localhost:8443/initialize \
  --header 'Content-Type: application/json' \
  --data '{"username":"admin","password":"test"}'

root@0c9c54974878:/# ps axjf
   PPID     PID    PGID     SID TTY        TPGID STAT   UID   TIME COMMAND
      0     230     230     230 pts/0        250 Ss       0   0:00 bash
    230     250     250     230 pts/0        250 R+       0   0:00  \_ ps axjf
      0       1       1       1 ?             -1 Ss       0   0:00 /bin/bash /start.sh
      1       8       8       8 ?             -1 Ssl      0   0:00 redis-server 127.0.0.1:6379
      1      19      19      19 ?             -1 Ss     103   0:00 /usr/lib/postgresql/12/bin/postgres -D /data/database
     19      21      21      21 ?             -1 Ss     103   0:00  \_ postgres: checkpointer   
     19      22      22      22 ?             -1 Ss     103   0:00  \_ postgres: background writer   
     19      23      23      23 ?             -1 Ss     103   0:00  \_ postgres: walwriter   
     19      24      24      24 ?             -1 Ss     103   0:00  \_ postgres: autovacuum launcher   
     19      25      25      25 ?             -1 Ss     103   0:00  \_ postgres: stats collector   
     19      26      26      26 ?             -1 Ss     103   0:00  \_ postgres: logical replication launcher   
     19      80      80      80 ?             -1 SLs    103   0:00  \_ postgres: gvm gvmd [local] idle
      1      54      52      52 ?             -1 S     1000   0:00 gvmd: Waiting for incoming connections
      1     217     215     215 ?             -1 Sl    1000   0:00 gsad --mlisten 127.0.0.1 -m 9390 --verbose --timeout=15 --http-only --no-redirect --port=9392
      1     223       1       1 ?             -1 S        0   0:00 tail -F /usr/local/var/log/gvm/gsad.log /usr/local/var/log/gvm/gvmd.log /usr/local/var/log/gvm/openvas.log /usr/local/var/log/gvm/ospd-openvas.log /usr/local/var/log/gvm/redis-server.log
      ```

[immauss]

gvm-cli can use the tcp connection to gvmd , so it should be possible

[AlexTudurean]

I am sure this is completely irrelevant by now but if someone (like me for example) happens to stumble across this here's what I did to fix it:
If you look at the APIs code, you will see that it builds a command and launches a process (using ProcessBuilder) along the lines of bash -c "gvm-cli --username=.. --password=.. --socketpath ... --xml <.....>"
What i did was i replaced the socketpath part that expected a standard unix socket with "tls --port=9390".
You can check that it worked with this command so you dont have to debug like me for days:

Original command: gvm-cli --timeout 600 --gmp-username=admin --gmp-password=admin socket --socketpath /run/gvmd/gvmd.sock --xml  '<get_configs/>'

Working command: gvm-cli --timeout 600 --gmp-username=admin --gmp-password=admin tls --port=9390 --xml  '<get_configs/>'

Your username and password may vary so take that into account :)