OpenVAS Change Request #12: Replace NTP with OTP
Status: Voted +2. Done; OTP has replaced NTP starting with the 2.0-beta1 releases.Purpose
To facilitate improvements to the communication protocol between client and server.
References
Discussion on openvas-devel mailing list.
Rationale
OpenVAS still uses NTP, the communication protocol inherited from Nessus. This prevents improvements to the communication between client and server that require changes to the protocol as those changes would break compatibility with Nessus servers/clients and the NTP protocol.
Since OpenVAS is a fork of the Nessus project, implementing these changes in a new protocol version is not an option; a NTP 1.3 protocol created by OpenVAS would probably differ from a NTP 1.3 protocol created by Nessus. This would lead to unnecessary confusion for users of this protocol. To avoid this confusion and to reflect the changes to the protocol it has been proposed to change the protocol name to OTP (OpenVAS Transfer Protocol).
The OpenVAS-Server already no longer fully implements the NTP specification; for example, the NESSUS_VERSION command was removed and an OPENVAS_VERSION command added. To clarify this and to avoid confusion with communication partners expecting a pure implementation of NTP in OpenVAS, the communication protocol should be renamed to signify these changes.
Effects
- It should be noted that this will not break compatibility with clients which are using the NTP protocol for communication with OpenVAS-Server. Since the client proposes the communication protocol, OpenVAS-Server could continue to provide legacy NTP support for older clients while at the same time offering improved capabilities to clients supporting OTP.
- It will however break compatibility between OpenVAS-Client and servers not supporting OTP as the client is only able to propose one protocol version at the start of the communication. If this compatibility is desired it could be implemented by providing an option to set the desired protocol in the client.
Design and Implementation
- Write a specification for OTP explaining the changes made since NTP 1.2. The initial set of changes would
consist of:
- Changing NESSUS_VERSION to OPENVAS_VERSION
- Removing the handling of ATTACHED_PLUGINS
- Adding message classes LOG and DEBUG
- Change communication implementation in both client and server; OpenVAS-Client should now request the communication protocol "OTP/1.0". The OpenVAS-Server should be able to understand this request and to communicate with the client using OTP.
History
- 2008-10-21 Michael Wiegand <michael.wiegand@intevation.de>:
Updated status. - 2008-06-24 Michael Wiegand <michael.wiegand@intevation.de>:
Updated status. - 2008-06-18 Jan-Oliver Wagner <jan-oliver.wagner@intevation.de>:
Added voting result. - 2008-06-12 Michael Wiegand <michael.wiegand@intevation.de>:
Initial text.