OpenVAS Scanner  22.7.9
nasl_plugins.c File Reference

The nasl - plugin class. Loads or launches nasl- plugins. More...

#include "../misc/kb_cache.h"
#include "../misc/network.h"
#include "../misc/plugutils.h"
#include "../nasl/nasl.h"
#include "pluginlaunch.h"
#include "pluginload.h"
#include "pluginscheduler.h"
#include "processes.h"
#include <bsd/unistd.h>
#include <errno.h>
#include <glib.h>
#include <gvm/base/drop_privileges.h>
#include <gvm/base/networking.h>
#include <gvm/base/prefs.h>
#include <gvm/util/nvticache.h>
#include <stdio.h>
#include <string.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
#include <utime.h>
Include dependency graph for nasl_plugins.c:

Go to the source code of this file.

Macros

#define G_LOG_DOMAIN   "sd main"
 GLib log domain. More...
 

Functions

static int check_nvti (const char *filename, nvti_t *nvt)
 Check that the nvt's data is valid. More...
 
int nasl_file_check (const char *folder, const char *filename)
 Check a single .nasl/.inc file. More...
 
int nasl_plugin_add (const char *folder, char *filename)
 Add one .nasl plugin to the plugin list. More...
 
static void nasl_thread (struct ipc_context *, struct script_infos *)
 
int nasl_plugin_launch (struct scan_globals *globals, struct in6_addr *ip, GSList *vhosts, kb_t kb, const char *oid)
 Launch a NASL plugin. More...
 

Detailed Description

The nasl - plugin class. Loads or launches nasl- plugins.

Definition in file nasl_plugins.c.

Macro Definition Documentation

◆ G_LOG_DOMAIN

#define G_LOG_DOMAIN   "sd main"

GLib log domain.

Definition at line 40 of file nasl_plugins.c.

Function Documentation

◆ check_nvti()

static int check_nvti ( const char *  filename,
nvti_t *  nvt 
)
static

Check that the nvt's data is valid.

Parameters
filenameFilename of the NVT.
nvtNVT to check.
Returns
0 on success, -1 on error.

Definition at line 51 of file nasl_plugins.c.

52 {
53  assert (filename);
54  assert (nvt);
55 
56  if (!nvti_oid (nvt))
57  {
58  g_warning ("%s: Missing OID", filename);
59  return -1;
60  }
61  else if (!nvti_name (nvt))
62  {
63  g_warning ("%s: Missing name", filename);
64  return -1;
65  }
66  else if (!nvti_family (nvt))
67  {
68  g_warning ("%s: Missing family", filename);
69  return -1;
70  }
71  return 0;
72 }

Referenced by nasl_plugin_add().

Here is the caller graph for this function:

◆ nasl_file_check()

int nasl_file_check ( const char *  folder,
const char *  filename 
)

Check a single .nasl/.inc file.

Parameters
folderPath to the plugin folder.
filenameFile-name of the plugin
Returns
0 on success, -1 on error.

Definition at line 83 of file nasl_plugins.c.

84 {
85  char fullname[PATH_MAX + 1];
86  int nasl_mode;
87  struct script_infos *args;
88 
89  snprintf (fullname, sizeof (fullname), "%s/%s", folder, filename);
90  nasl_mode = NASL_EXEC_DESCR;
91  if (prefs_get_bool ("nasl_no_signature_check"))
92  nasl_mode |= NASL_ALWAYS_SIGNED;
93 
94  args = g_malloc0 (sizeof (struct script_infos));
95  args->key = nvticache_get_kb ();
96  args->nvti = NULL;
97  args->name = fullname;
98  if (exec_nasl_script (args, nasl_mode) < 0)
99  {
100  g_debug ("%s: Checksum check failed", fullname);
101  g_free (args);
102  return -1;
103  }
104  g_free (args);
105 
106  return 0;
107 }

References exec_nasl_script(), script_infos::key, script_infos::name, NASL_ALWAYS_SIGNED, NASL_EXEC_DESCR, and script_infos::nvti.

Referenced by plugins_cache_init().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ nasl_plugin_add()

int nasl_plugin_add ( const char *  folder,
char *  filename 
)

Add one .nasl plugin to the plugin list.

It is parsed (via exec_nasl_script) and added to the cache

Parameters
folderPath to the plugin folder.
filenameFile-name of the plugin
Returns
0 on success, -1 on error.

Definition at line 120 of file nasl_plugins.c.

121 {
122  char fullname[PATH_MAX + 1];
123  int nasl_mode;
124  nvti_t *new_nvti;
125  struct script_infos *args;
126  time_t now;
127  struct utimbuf updated_timestamp;
128 
129  snprintf (fullname, sizeof (fullname), "%s/%s", folder, filename);
130  nasl_mode = NASL_EXEC_DESCR;
131  if (prefs_get_bool ("nasl_no_signature_check"))
132  nasl_mode |= NASL_ALWAYS_SIGNED;
133 
134  args = g_malloc0 (sizeof (struct script_infos));
135  args->key = nvticache_get_kb ();
136  new_nvti = nvti_new ();
137  args->nvti = new_nvti;
138  args->name = fullname;
139  if (exec_nasl_script (args, nasl_mode) < 0)
140  {
141  g_debug ("%s: Could not be loaded", fullname);
142  g_free (args);
143  return -1;
144  }
145  g_free (args);
146 
147  now = time (NULL) - 1;
148  updated_timestamp.actime = now;
149  updated_timestamp.modtime = now;
150  utime (fullname, &updated_timestamp);
151 
152  if (!check_nvti (filename, new_nvti))
153  nvticache_add (new_nvti, filename);
154  nvti_free (new_nvti);
155 
156  return 0;
157 }

References check_nvti(), exec_nasl_script(), script_infos::key, script_infos::name, NASL_ALWAYS_SIGNED, NASL_EXEC_DESCR, and script_infos::nvti.

Referenced by plugins_reload_from_dir().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ nasl_plugin_launch()

int nasl_plugin_launch ( struct scan_globals globals,
struct in6_addr *  ip,
GSList *  vhosts,
kb_t  kb,
const char *  oid 
)

Launch a NASL plugin.

Definition at line 166 of file nasl_plugins.c.

168 {
169  int module;
170  struct script_infos infos;
171 
172  memset (&infos, '\0', sizeof (infos));
173  // extend here, maybe create struct to simplify calls
174  infos.ip = ip;
175  infos.vhosts = vhosts;
176  infos.globals = globals;
177  infos.key = kb;
178  infos.oid = (char *) oid;
179  infos.name = nvticache_get_src (oid);
180  infos.ipc_context = NULL;
181 
182  module = create_ipc_process ((ipc_process_func) nasl_thread, &infos);
183  g_free (infos.name);
184  return module;
185 }

References create_ipc_process(), script_infos::globals, script_infos::ip, script_infos::ipc_context, script_infos::key, script_infos::name, nasl_thread(), script_infos::oid, oid, and script_infos::vhosts.

Referenced by plugin_launch().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ nasl_thread()

static void nasl_thread ( struct ipc_context ipcc,
struct script_infos args 
)
static

Definition at line 188 of file nasl_plugins.c.

189 {
190  char ip_str[INET6_ADDRSTRLEN];
191  int nasl_mode = 0;
192  kb_t kb;
193  GError *error = NULL;
194  args->ipc_context = ipcc;
195 
196  /* Make plugin process a group leader, to make it easier to cleanup forked
197  * processes & their children. */
198  setpgid (0, 0);
199  nvticache_reset ();
200  kb = args->key;
201  kb_lnk_reset (kb);
202  kb_lnk_reset (get_main_kb ());
203  addr6_to_str (args->ip, ip_str);
204  // TODO extend sript_infos here
205 
206  setproctitle ("openvas: testing %s (%s)", ip_str,
207  g_path_get_basename (args->name));
208 
209  if (prefs_get_bool ("nasl_no_signature_check"))
210  nasl_mode |= NASL_ALWAYS_SIGNED;
211 
212  if (prefs_get_bool ("drop_privileges"))
213  {
214  int drop_priv_res = drop_privileges (NULL, &error);
215  if (drop_priv_res != GVM_DROP_PRIVILEGES_OK)
216  {
217  if (drop_priv_res != GVM_DROP_PRIVILEGES_FAIL_NOT_ROOT)
218  g_debug ("Failed to drop privileges for %s", args->name);
219  g_error_free (error);
220  }
221  }
222 
223  if (exec_nasl_script (args, nasl_mode))
224  g_debug ("exec_nasl_script: %s error", args->name);
225 }

References exec_nasl_script(), get_main_kb(), script_infos::ip, script_infos::ipc_context, ipcc, script_infos::key, script_infos::name, and NASL_ALWAYS_SIGNED.

Referenced by nasl_plugin_launch().

Here is the call graph for this function:
Here is the caller graph for this function:
script_infos::ip
struct in6_addr * ip
Definition: scanneraux.h:37
script_infos
Definition: scanneraux.h:29
script_infos::key
kb_t key
Definition: scanneraux.h:32
script_infos::ipc_context
struct ipc_context * ipc_context
Definition: scanneraux.h:31
ipcc
static struct ipc_contexts * ipcc
Definition: processes.c:39
script_infos::name
char * name
Definition: scanneraux.h:35
script_infos::nvti
nvti_t * nvti
Definition: scanneraux.h:33
NASL_EXEC_DESCR
#define NASL_EXEC_DESCR
Definition: nasl.h:45
oid
const char * oid
Definition: nasl_builtin_find_service.c:51
create_ipc_process
pid_t create_ipc_process(ipc_process_func func, void *args)
initializes a communication channels and calls a function with a new process
Definition: processes.c:195
script_infos::globals
struct scan_globals * globals
Definition: scanneraux.h:30
ipc_process_func
void(* ipc_process_func)(struct ipc_context *, void *)
Definition: ipc.h:47
script_infos::vhosts
GSList * vhosts
Definition: scanneraux.h:38
NASL_ALWAYS_SIGNED
#define NASL_ALWAYS_SIGNED
Definition: nasl.h:47
nasl_thread
static void nasl_thread(struct ipc_context *, struct script_infos *)
Definition: nasl_plugins.c:188
exec_nasl_script
int exec_nasl_script(struct script_infos *script_infos, int mode)
Execute a NASL script.
Definition: exec.c:1614
check_nvti
static int check_nvti(const char *filename, nvti_t *nvt)
Check that the nvt's data is valid.
Definition: nasl_plugins.c:51
get_main_kb
kb_t get_main_kb(void)
gets the main_kb. @description returns the previously set main_kb; when asserts are enabled it will a...
Definition: kb_cache.c:41