OpenVAS Scanner  22.7.9
nasl_http.c File Reference
#include "nasl_http.h"
#include "../misc/plugutils.h"
#include "../misc/user_agent.h"
#include "exec.h"
#include "nasl_debug.h"
#include "nasl_func.h"
#include "nasl_global_ctxt.h"
#include "nasl_lex_ctxt.h"
#include "nasl_socket.h"
#include "nasl_tree.h"
#include "nasl_var.h"
#include <ctype.h>
#include <glib.h>
#include <gvm/base/prefs.h>
#include <gvm/util/kb.h>
#include <string.h>
Include dependency graph for nasl_http.c:

Go to the source code of this file.

Macros

#define G_LOG_DOMAIN   "lib nasl"
 GLib log domain. More...
 

Functions

tree_cellhttp_open_socket (lex_ctxt *lexic)
 
tree_cellhttp_close_socket (lex_ctxt *lexic)
 
static char * build_encode_URL (char *method, char *path, char *name, char *httpver)
 
static tree_cell_http_req (lex_ctxt *lexic, char *keyword)
 
tree_cellhttp_get (lex_ctxt *lexic)
 
tree_cellhttp_head (lex_ctxt *lexic)
 
tree_cellhttp_post (lex_ctxt *lexic)
 
tree_cellhttp_delete (lex_ctxt *lexic)
 
tree_cellhttp_put (lex_ctxt *lexic)
 
tree_cellcgibin (lex_ctxt *lexic)
 

Macro Definition Documentation

◆ G_LOG_DOMAIN

#define G_LOG_DOMAIN   "lib nasl"

GLib log domain.

Definition at line 30 of file nasl_http.c.

Function Documentation

◆ _http_req()

static tree_cell* _http_req ( lex_ctxt lexic,
char *  keyword 
)
static

Definition at line 63 of file nasl_http.c.

64 {
65  tree_cell *retc;
66  char *request, *auth, tmp[32];
67  char *item = get_str_var_by_name (lexic, "item");
68  char *data = get_str_var_by_name (lexic, "data");
69  int port = get_int_var_by_name (lexic, "port", -1);
70  struct script_infos *script_infos = lexic->script_infos;
71  int ver;
72  kb_t kb;
73 
74  if (item == NULL || port < 0)
75  {
76  nasl_perror (lexic,
77  "Error : http_* functions have the following syntax :\n");
78  nasl_perror (lexic, "http_*(port:<port>, item:<item> [, data:<data>]\n");
79  return NULL;
80  }
81 
82  if (port <= 0 || port > 65535)
83  {
84  nasl_perror (lexic, "http_req: invalid value %d for port parameter\n",
85  port);
86  return NULL;
87  }
88 
90 
91  g_snprintf (tmp, sizeof (tmp), "http/%d", port);
92  ver = kb_item_get_int (kb, tmp);
93 
94  if ((ver <= 0) || (ver == 11))
95  {
96  char *hostname, *ua, *hostheader, *url;
97 
99  if (hostname == NULL)
100  return NULL;
101 
102  ua = g_strdup (user_agent_get (lexic->script_infos->ipc_context));
103  /* Servers should not have a problem with port 80 or 443 appended.
104  * RFC2616 allows to omit the port in which case the default port for
105  * that service is assumed.
106  * However, some servers like IIS/OWA wrongly respond with a "404"
107  * instead of a "200" in case the port is appended. Because of this,
108  * ports 80 and 443 are not appended.
109  */
110  if (port == 80 || port == 443)
111  hostheader = g_strdup (hostname);
112  else
113  hostheader = g_strdup_printf ("%s:%d", hostname, port);
114 
115  url = build_encode_URL (keyword, NULL, item, "HTTP/1.1");
116  request = g_strdup_printf ("%s\r\n\
117 Connection: Close\r\n\
118 Host: %s\r\n\
119 Pragma: no-cache\r\n\
120 Cache-Control: no-cache\r\n\
121 User-Agent: %s\r\n\
122 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*\r\n\
123 Accept-Language: en\r\n\
124 Accept-Charset: iso-8859-1,*,utf-8\r\n",
125  url, hostheader, ua);
126  g_free (hostname);
127  g_free (hostheader);
128  g_free (ua);
129  g_free (url);
130  }
131  else
132  request = build_encode_URL (keyword, NULL, item, "HTTP/1.0\r\n");
133 
134  g_snprintf (tmp, sizeof (tmp), "/tmp/http/auth/%d", port);
135  auth = kb_item_get_str (kb, tmp);
136  if (!auth)
137  auth = kb_item_get_str (kb, "http/auth");
138 
139  if (auth)
140  {
141  char *authntmp = g_strconcat (request, auth, "\r\n", NULL);
142  g_free (request);
143  g_free (auth);
144  request = authntmp;
145  }
146  if (data)
147  {
148  char content_length[128], *data_tmp;
149 
150  g_snprintf (content_length, sizeof (content_length),
151  "Content-Length: %zu\r\n\r\n", strlen (data));
152  data_tmp = g_strconcat (request, content_length, data, NULL);
153  g_free (request);
154  request = data_tmp;
155  }
156  else
157  {
158  char *no_data_tmp = g_strconcat (request, "\r\n", NULL);
159  g_free (request);
160  request = no_data_tmp;
161  }
162 
163  retc = alloc_typed_cell (CONST_DATA);
164  retc->size = strlen (request);
165  retc->x.str_val = request;
166  return retc;
167 }

References alloc_typed_cell(), build_encode_URL(), CONST_DATA, get_int_var_by_name(), get_str_var_by_name(), hostname, script_infos::ipc_context, nasl_perror(), plug_get_host_fqdn(), plug_get_kb(), struct_lex_ctxt::script_infos, TC::size, TC::str_val, user_agent_get(), and TC::x.

Referenced by http_delete(), http_get(), http_head(), http_post(), and http_put().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ build_encode_URL()

static char* build_encode_URL ( char *  method,
char *  path,
char *  name,
char *  httpver 
)
static

Definition at line 47 of file nasl_http.c.

48 {
49  char *ret, *ret2;
50 
51  if (path == NULL)
52  ret = g_strdup (name);
53  else
54  ret = g_strdup_printf ("%s/%s", path, name);
55 
56  g_debug ("Request => %s", ret);
57  ret2 = g_strdup_printf ("%s %s %s", method, ret, httpver);
58  g_free (ret);
59  return ret2;
60 }

References name.

Referenced by _http_req().

Here is the caller graph for this function:

◆ cgibin()

tree_cell* cgibin ( lex_ctxt lexic)

Definition at line 224 of file nasl_http.c.

225 {
226  const char *path = prefs_get ("cgi_path");
227  tree_cell *retc;
228 
229  (void) lexic;
230  if (path == NULL)
231  path = "/cgi-bin:/scripts";
232  retc = alloc_typed_cell (CONST_DATA);
233  retc->x.str_val = g_strdup (path);
234  retc->size = strlen (path);
235 
236  return retc;
237 }

References alloc_typed_cell(), CONST_DATA, TC::size, TC::str_val, and TC::x.

Here is the call graph for this function:

◆ http_close_socket()

tree_cell* http_close_socket ( lex_ctxt lexic)

Definition at line 41 of file nasl_http.c.

42 {
43  return nasl_close_socket (lexic);
44 }

References nasl_close_socket().

Here is the call graph for this function:

◆ http_delete()

tree_cell* http_delete ( lex_ctxt lexic)

Definition at line 207 of file nasl_http.c.

208 {
209  return _http_req (lexic, "DELETE");
210 }

References _http_req().

Here is the call graph for this function:

◆ http_get()

tree_cell* http_get ( lex_ctxt lexic)

Definition at line 176 of file nasl_http.c.

177 {
178  return _http_req (lexic, "GET");
179 }

References _http_req().

Referenced by plugin_do_run().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ http_head()

tree_cell* http_head ( lex_ctxt lexic)

Definition at line 188 of file nasl_http.c.

189 {
190  return _http_req (lexic, "HEAD");
191 }

References _http_req().

Here is the call graph for this function:

◆ http_open_socket()

tree_cell* http_open_socket ( lex_ctxt lexic)

Definition at line 35 of file nasl_http.c.

36 {
37  return nasl_open_sock_tcp_bufsz (lexic, 65536);
38 }

References nasl_open_sock_tcp_bufsz().

Here is the call graph for this function:

◆ http_post()

tree_cell* http_post ( lex_ctxt lexic)

Definition at line 198 of file nasl_http.c.

199 {
200  return _http_req (lexic, "POST");
201 }

References _http_req().

Here is the call graph for this function:

◆ http_put()

tree_cell* http_put ( lex_ctxt lexic)

Definition at line 216 of file nasl_http.c.

217 {
218  return _http_req (lexic, "PUT");
219 }

References _http_req().

Here is the call graph for this function:
nasl_close_socket
tree_cell * nasl_close_socket(lex_ctxt *lexic)
Definition: nasl_socket.c:1012
script_infos
Definition: scanneraux.h:29
CONST_DATA
@ CONST_DATA
Definition: nasl_tree.h:82
plug_get_kb
kb_t plug_get_kb(struct script_infos *args)
Definition: plugutils.c:1055
TC::str_val
char * str_val
Definition: nasl_tree.h:103
script_infos::ipc_context
struct ipc_context * ipc_context
Definition: scanneraux.h:31
plug_get_host_fqdn
char * plug_get_host_fqdn(struct script_infos *args)
Definition: plugutils.c:242
TC::x
union TC::@5 x
get_str_var_by_name
char * get_str_var_by_name(lex_ctxt *, const char *)
Definition: nasl_var.c:1118
name
const char * name
Definition: nasl_init.c:411
nasl_perror
void nasl_perror(lex_ctxt *lexic, char *msg,...)
Definition: nasl_debug.c:111
TC::size
int size
Definition: nasl_tree.h:99
build_encode_URL
static char * build_encode_URL(char *method, char *path, char *name, char *httpver)
Definition: nasl_http.c:47
get_int_var_by_name
long int get_int_var_by_name(lex_ctxt *, const char *, int)
Definition: nasl_var.c:1104
nasl_open_sock_tcp_bufsz
tree_cell * nasl_open_sock_tcp_bufsz(lex_ctxt *lexic, int bufsz)
Definition: nasl_socket.c:409
struct_lex_ctxt::script_infos
struct script_infos * script_infos
Definition: nasl_lex_ctxt.h:30
TC
Definition: nasl_tree.h:94
_http_req
static tree_cell * _http_req(lex_ctxt *lexic, char *keyword)
Definition: nasl_http.c:63
hostname
const char * hostname
Definition: pluginlaunch.c:68
user_agent_get
const gchar * user_agent_get(struct ipc_context *ipc_context)
Get user-agent.
Definition: user_agent.c:106
alloc_typed_cell
tree_cell * alloc_typed_cell(int typ)
Definition: nasl_tree.c:28