OpenVAS Scanner  22.7.9
plugs_req.c File Reference

Performs various checks for requirements set in a given plugin. More...

#include "plugs_req.h"
#include "pluginscheduler.h"
#include <gvm/base/prefs.h>
#include <gvm/util/nvticache.h>
#include <regex.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
Include dependency graph for plugs_req.c:

Go to the source code of this file.

Functions

int kb_get_port_state_proto (kb_t, int, char *)
 
static int get_closed_ports (kb_t kb, char *ports_list, char *proto)
 Returns whether a port in a port list is closed or not. More...
 
static int kb_missing_keyname_of_namelist (kb_t kb, char *keys, char **keyname)
 Returns the name of the first key which is not present in the kb. More...
 
static int kb_present_keyname_of_namelist (kb_t kb, char *keys, char **keyname)
 Returns the name of the first key which is present in the kb. More...
 
static int check_mandatory_keys (kb_t kb, char *keys)
 Checks mandatory keys presence and value in the KB. More...
 
int mandatory_requirements_met (kb_t kb, nvti_t *nvti)
 Check whether mandatory requirements for plugin are met. More...
 
char * requirements_plugin (kb_t kb, nvti_t *nvti)
 Determine if the plugin requirements are met. More...
 

Detailed Description

Performs various checks for requirements set in a given plugin.

Definition in file plugs_req.c.

Function Documentation

◆ check_mandatory_keys()

static int check_mandatory_keys ( kb_t  kb,
char *  keys 
)
static

Checks mandatory keys presence and value in the KB.

Parameters
[in]kbKB handle where to search for the keys.
[in]keysComma separated list of mandatory keys.
Returns
1 if a key is missing or not matching its value, 0 otherwise.

Definition at line 160 of file plugs_req.c.

161 {
162  int i;
163  char **keynames;
164 
165  if (!kb || !keys || !*keys)
166  return 0;
167  keynames = g_strsplit (keys, ", ", 0);
168  if (!keynames)
169  return 0;
170  for (i = 0; keynames[i] != NULL; i++)
171  {
172  struct kb_item *kbi;
173  char *re_str = NULL, *pos;
174 
175  /* Split, if key requires RE matching. */
176  if ((pos = strstr (keynames[i], "=")))
177  {
178  re_str = pos + 1;
179  *pos = '\0';
180  }
181 
182  kbi = kb_item_get_single (kb, keynames[i], KB_TYPE_UNSPEC);
183  if (!kbi)
184  {
185  g_strfreev (keynames);
186  return 1;
187  }
188 
189  if (re_str)
190  {
191  regex_t re;
192 
193  /* Check if RE matches. */
194  if (kbi->type != KB_TYPE_STR || !kbi->v_str)
195  {
196  g_strfreev (keynames);
197  kb_item_free (kbi);
198  return 1;
199  }
200  if (regcomp (&re, re_str, REG_EXTENDED | REG_NOSUB | REG_ICASE))
201  {
202  g_warning ("Couldn't compile regex %s", re_str);
203  g_strfreev (keynames);
204  kb_item_free (kbi);
205  return 1;
206  }
207  if (regexec (&re, kbi->v_str, 0, NULL, 0) == REG_NOMATCH)
208  {
209  g_strfreev (keynames);
210  kb_item_free (kbi);
211  regfree (&re);
212  return 1;
213  }
214  regfree (&re);
215  }
216  kb_item_free (kbi);
217  }
218 
219  g_strfreev (keynames);
220  return 0;
221 }

Referenced by mandatory_requirements_met().

Here is the caller graph for this function:

◆ get_closed_ports()

static int get_closed_ports ( kb_t  kb,
char *  ports_list,
char *  proto 
)
static

Returns whether a port in a port list is closed or not.

Returns
Whether a port in a port list is closed or not.

Definition at line 39 of file plugs_req.c.

40 {
41  int i;
42  char **ports;
43 
44  if (!ports_list)
45  return -1;
46  ports = g_strsplit (ports_list, ", ", 0);
47  for (i = 0; ports[i] != NULL; i++)
48  {
49  int iport = atoi (ports[i]);
50  if (iport > 0 && kb_get_port_state_proto (kb, iport, proto) != 0)
51  {
52  g_strfreev (ports);
53  return iport;
54  }
55  else
56  {
57  if (kb_item_get_int (kb, ports[i]) > 0)
58  {
59  g_strfreev (ports);
60  return 1; /* should be the actual value indeed ! */
61  }
62  }
63  }
64  g_strfreev (ports);
65  return 0; /* found nothing */
66 }

References kb_get_port_state_proto().

Referenced by requirements_plugin().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ kb_get_port_state_proto()

int kb_get_port_state_proto ( kb_t  kb,
int  portnum,
char *  proto 
)
Parameters
protoProtocol (udp/tcp). If NULL, "tcp" will be used.

Definition at line 100 of file plugutils.c.

101 {
102  char port_s[255], *kbstr;
103  const char *prange = prefs_get ("port_range");
104  port_protocol_t port_type;
105  array_t *port_ranges;
106 
107  if (!proto)
108  proto = "tcp";
109  if (!strcmp (proto, "udp"))
110  {
111  port_type = PORT_PROTOCOL_UDP;
112  kbstr = "Host/udp_scanned";
113  }
114  else
115  {
116  port_type = PORT_PROTOCOL_TCP;
117  kbstr = "Host/scanned";
118  }
119 
120  /* Check that we actually scanned the port */
121  if (kb_item_get_int (kb, kbstr) <= 0)
122  return unscanned_ports_as_closed (port_type);
123 
124  port_ranges = port_range_ranges (prange);
125  if (!port_in_port_ranges (portnum, port_type, port_ranges))
126  {
127  array_free (port_ranges);
128  return unscanned_ports_as_closed (port_type);
129  }
130  array_free (port_ranges);
131 
132  /* Ok, we scanned it. What is its state ? */
133  snprintf (port_s, sizeof (port_s), "Ports/%s/%d", proto, portnum);
134  return kb_item_get_int (kb, port_s) > 0;
135 }

Referenced by get_closed_ports().

Here is the caller graph for this function:

◆ kb_missing_keyname_of_namelist()

static int kb_missing_keyname_of_namelist ( kb_t  kb,
char *  keys,
char **  keyname 
)
static

Returns the name of the first key which is not present in the kb.

Parameters
[in]kbKB handle where to search for the keys.
[in]keysComma separated list of keys.
[out]keynameKey that was missing. Free with g_free().
Returns
1 if a key is missing in KB, 0 otherwise.

Definition at line 83 of file plugs_req.c.

84 {
85  int i;
86  char **keynames;
87  if (!kb || !keys || !*keys)
88  return 0;
89 
90  keynames = g_strsplit (keys, ", ", 0);
91  if (!keynames)
92  return 0;
93  for (i = 0; keynames[i] != NULL; i++)
94  {
95  struct kb_item *kbi =
96  kb_item_get_single (kb, keynames[i], KB_TYPE_UNSPEC);
97 
98  if (kbi == NULL)
99  {
100  if (keyname)
101  *keyname = g_strdup (keynames[i]);
102  g_strfreev (keynames);
103  return 1;
104  }
105 
106  kb_item_free (kbi);
107  }
108 
109  g_strfreev (keynames);
110  return 0; /* All of the keys are present in the kb */
111 }

Referenced by requirements_plugin().

Here is the caller graph for this function:

◆ kb_present_keyname_of_namelist()

static int kb_present_keyname_of_namelist ( kb_t  kb,
char *  keys,
char **  keyname 
)
static

Returns the name of the first key which is present in the kb.

Parameters
[in]kbKB handle where to search for the keys.
[in]keysComma separated list of keys.
[out]keynameKey that was found. Free with g_free().
Returns
1 if a key is present in KB, 0 otherwise.

Definition at line 122 of file plugs_req.c.

123 {
124  int i;
125  char **keynames;
126 
127  if (!kb || !keys || !*keys)
128  return 0;
129 
130  keynames = g_strsplit (keys, ", ", 0);
131  if (!keynames)
132  return 0;
133  for (i = 0; keynames[i] != NULL; i++)
134  {
135  struct kb_item *kbi =
136  kb_item_get_single (kb, keynames[i], KB_TYPE_UNSPEC);
137 
138  if (kbi != NULL)
139  {
140  if (keyname)
141  *keyname = g_strdup (keynames[i]);
142  kb_item_free (kbi);
143  g_strfreev (keynames);
144  return 1;
145  }
146  }
147 
148  g_strfreev (keynames);
149  return 0;
150 }

Referenced by requirements_plugin().

Here is the caller graph for this function:

◆ mandatory_requirements_met()

int mandatory_requirements_met ( kb_t  kb,
nvti_t *  nvti 
)

Check whether mandatory requirements for plugin are met.

Parameters
kbThe knowledge base with all keys.
pluginThe scheduler plugin.
Returns
1 if all mandatory requirements for the plugin are met. 0 if it is not the case.

Definition at line 234 of file plugs_req.c.

235 {
236  int ret;
237 
238  ret = check_mandatory_keys (kb, nvti_mandatory_keys (nvti));
239 
240  if (ret)
241  return 0;
242  return 1;
243 }

References check_mandatory_keys().

Referenced by launch_plugin().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ requirements_plugin()

char* requirements_plugin ( kb_t  kb,
nvti_t *  nvti 
)

Determine if the plugin requirements are met.

Returns
Returns NULL is everything is ok, else an error message.

Definition at line 251 of file plugs_req.c.

252 {
253  static char error[64];
254  char *errkey = NULL, *keys, *tcp, *udp;
255  const char *opti = prefs_get ("optimization_level");
256 
257  /*
258  * Check whether the good ports are open
259  */
260  error[sizeof (error) - 1] = '\0';
261  tcp = nvti_required_ports (nvti);
262  if (tcp && *tcp && (get_closed_ports (kb, tcp, "tcp")) == 0)
263  {
264  strncpy (error, "none of the required tcp ports are open",
265  sizeof (error) - 1);
266  return error;
267  }
268 
269  udp = nvti_required_udp_ports (nvti);
270  if (udp && *udp && (get_closed_ports (kb, udp, "udp")) == 0)
271  {
272  strncpy (error, "none of the required udp ports are open",
273  sizeof (error) - 1);
274  return error;
275  }
276 
277  if (opti != NULL && (strcmp (opti, "open_ports") == 0 || atoi (opti) == 1))
278  return NULL;
279 
280  /*
281  * Check whether a key we wanted is missing
282  */
283  keys = nvti_required_keys (nvti);
284  if (kb_missing_keyname_of_namelist (kb, keys, &errkey))
285  {
286  snprintf (error, sizeof (error), "because the key %s is missing", errkey);
287  g_free (errkey);
288  return error;
289  }
290 
291  if (opti != NULL && (strcmp (opti, "required_keys") == 0 || atoi (opti) == 2))
292  return NULL;
293 
294  /*
295  * Check whether a key we do not want is present
296  */
297  keys = nvti_excluded_keys (nvti);
298  if (kb_present_keyname_of_namelist (kb, keys, &errkey))
299  {
300  snprintf (error, sizeof (error), "because the key %s is present", errkey);
301  g_free (errkey);
302  return error;
303  }
304  return NULL;
305 }

References get_closed_ports(), kb_missing_keyname_of_namelist(), and kb_present_keyname_of_namelist().

Referenced by launch_plugin().

Here is the call graph for this function:
Here is the caller graph for this function:
get_closed_ports
static int get_closed_ports(kb_t kb, char *ports_list, char *proto)
Returns whether a port in a port list is closed or not.
Definition: plugs_req.c:39
check_mandatory_keys
static int check_mandatory_keys(kb_t kb, char *keys)
Checks mandatory keys presence and value in the KB.
Definition: plugs_req.c:160
kb_missing_keyname_of_namelist
static int kb_missing_keyname_of_namelist(kb_t kb, char *keys, char **keyname)
Returns the name of the first key which is not present in the kb.
Definition: plugs_req.c:83
unscanned_ports_as_closed
static int unscanned_ports_as_closed(port_protocol_t ptype)
Report state of preferences "unscanned_closed".
Definition: plugutils.c:88
kb_present_keyname_of_namelist
static int kb_present_keyname_of_namelist(kb_t kb, char *keys, char **keyname)
Returns the name of the first key which is present in the kb.
Definition: plugs_req.c:122
kb_get_port_state_proto
int kb_get_port_state_proto(kb_t, int, char *)
Definition: plugutils.c:100