OpenVAS Scanner  22.7.9
nasl_socket.c
Go to the documentation of this file.
1 /* SPDX-FileCopyrightText: 2023 Greenbone AG
2  * SPDX-FileCopyrightText: 2002-2004 Tenable Network Security
3  *
4  * SPDX-License-Identifier: GPL-2.0-only
5  */
6 
16 /*--------------------------------------------------------------------------*/
17 #include "nasl_socket.h"
18 
19 #include "../misc/network.h"
20 #include "../misc/pcap_openvas.h" // for routethrough
21 #include "../misc/plugutils.h" /* for plug_get_host_ip */
22 #include "../misc/support.h" /* for the g_memdup2 workaround */
23 #include "exec.h"
24 #include "nasl.h"
25 #include "nasl_debug.h"
26 #include "nasl_func.h"
27 #include "nasl_global_ctxt.h"
28 #include "nasl_lex_ctxt.h"
29 #include "nasl_packet_forgery.h"
30 #include "nasl_tree.h"
31 #include "nasl_var.h"
32 
33 #include <arpa/inet.h> /* for inet_aton */
34 #include <errno.h> /* for errno */
35 #include <fcntl.h> /* for fnctl */
36 #include <gnutls/gnutls.h>
37 #include <gvm/base/logging.h>
38 #include <gvm/base/networking.h> /* for gvm_source_set_socket */
39 #include <gvm/base/prefs.h> /* for prefs_get */
40 #include <net/if.h>
41 #include <netinet/in.h> /* for sockaddr_in */
42 #include <stdlib.h> /* for atoi() */
43 #include <string.h> /* for bzero */
44 #include <sys/ioctl.h>
45 #include <sys/time.h>
46 #include <unistd.h> /* for close */
47 
48 #ifndef EADDRNOTAVAIL
49 #define EADDRNOTAVAIL EADDRINUSE
50 #endif
51 
52 #undef G_LOG_DOMAIN
53 
56 #define G_LOG_DOMAIN "lib nasl"
57 
58 /*----------------------- Private functions ---------------------------*/
59 
60 static int
61 unblock_socket (int soc)
62 {
63  int flags = fcntl (soc, F_GETFL, 0);
64  if (flags < 0)
65  {
66  perror ("fcntl(F_GETFL)");
67  return -1;
68  }
69  if (fcntl (soc, F_SETFL, O_NONBLOCK | flags) < 0)
70  {
71  perror ("fcntl(F_SETFL,O_NONBLOCK)");
72  return -1;
73  }
74  return 0;
75 }
76 
77 static int
78 block_socket (int soc)
79 {
80  int flags = fcntl (soc, F_GETFL, 0);
81  if (flags < 0)
82  {
83  perror ("fcntl(F_GETFL)");
84  return -1;
85  }
86  if (fcntl (soc, F_SETFL, (~O_NONBLOCK) & flags) < 0)
87  {
88  perror ("fcntl(F_SETFL,~O_NONBLOCK)");
89  return -1;
90  }
91  return 0;
92 }
93 
94 static void
96 {
97  const char *time_between_request;
98  int minwaittime = 0;
99 
100  time_between_request = prefs_get ("time_between_request");
101  if (time_between_request)
102  minwaittime = atoi (time_between_request);
103 
104  if (minwaittime > 0)
105  {
106  static double lastprobesec = 0;
107  static double lastprobeusec = 0;
108  struct timeval tvnow, tvdiff;
109  double diff_msec;
110  int time2wait = 0;
111 
112  gettimeofday (&tvnow, NULL);
113  if (lastprobesec <= 0)
114  {
115  lastprobesec = tvnow.tv_sec - 10;
116  lastprobeusec = tvnow.tv_usec;
117  }
118 
119  tvdiff.tv_sec = tvnow.tv_sec - lastprobesec;
120  tvdiff.tv_usec = tvnow.tv_usec - lastprobeusec;
121  if (tvdiff.tv_usec <= 0)
122  {
123  tvdiff.tv_sec += 1;
124  tvdiff.tv_usec *= -1;
125  }
126 
127  diff_msec = tvdiff.tv_sec * 1000 + tvdiff.tv_usec / 1000;
128  time2wait = (minwaittime - diff_msec) * 1000;
129  if (time2wait > 0)
130  usleep (time2wait);
131 
132  gettimeofday (&tvnow, NULL);
133  lastprobesec = tvnow.tv_sec;
134  lastprobeusec = tvnow.tv_usec;
135  }
136 }
137 
138 /*
139  * NASL automatically re-send data when a recv() on a UDP packet
140  * fails. The point is to take care of packets lost en route.
141  *
142  * To do this, we store a copy of the data sent by a given socket
143  * each time send() is called, and we re-send() it each time
144  * recv() is called and fails
145  *
146  */
147 
149 {
150  int len;
151  char *data;
152 };
153 
154 /* add udp data in our cache */
155 static int
156 add_udp_data (struct script_infos *script_infos, int soc, char *data, int len)
157 {
158  GHashTable *udp_data = script_infos->udp_data;
159  struct udp_record *data_record = g_malloc0 (sizeof (struct udp_record));
160  int *key = g_memdup2 (&soc, sizeof (int));
161 
162  data_record->len = len;
163  data_record->data = g_memdup2 ((gconstpointer) data, (guint) len);
164 
165  if (udp_data == NULL)
166  {
167  udp_data =
168  g_hash_table_new_full (g_int_hash, g_int_equal, g_free, g_free);
169  script_infos->udp_data = udp_data;
170  }
171 
172  g_hash_table_replace (udp_data, (gpointer) key, (gpointer) data_record);
173 
174  return 0;
175 }
176 
177 /* get the udp data for socket <soc> */
178 static char *
179 get_udp_data (struct script_infos *script_infos, int soc, int *len)
180 {
181  GHashTable *udp_data;
182  struct udp_record *data_record;
183 
184  if ((udp_data = script_infos->udp_data) == NULL)
185  {
186  udp_data =
187  g_hash_table_new_full (g_int_hash, g_int_equal, g_free, g_free);
188  script_infos->udp_data = udp_data;
189  return NULL;
190  }
191  data_record = g_hash_table_lookup (udp_data, (gconstpointer) &soc);
192 
193  if (!data_record)
194  return NULL;
195 
196  *len = data_record->len;
197  return data_record->data;
198 }
199 
200 /* remove the udp data for socket <soc> */
201 static void
203 {
204  GHashTable *udp_data = script_infos->udp_data;
205 
206  if (udp_data)
207  g_hash_table_remove (udp_data, (gconstpointer) &soc);
208 }
209 
210 /*-------------------------------------------------------------------*/
211 
213 
214 static tree_cell *
216 {
217  struct script_infos *script_infos = lexic->script_infos;
218  int sport, current_sport = -1;
219  int dport;
220  int sock;
221  int e;
222  struct sockaddr_in addr, daddr;
223  struct sockaddr_in6 addr6, daddr6;
224  struct in6_addr *p;
225  int to = get_int_var_by_name (lexic, "timeout", lexic->recv_timeout);
226  tree_cell *retc;
227  struct timeval tv;
228  fd_set rd;
229  int opt;
230  unsigned int opt_sz;
231  int family;
232 
233  sport = get_int_var_by_name (lexic, "sport", -1);
234  dport = get_int_var_by_name (lexic, "dport", -1);
235  if (dport <= 0)
236  {
237  nasl_perror (
238  lexic, "open_private_socket: missing or undefined parameter dport!\n");
239  return NULL;
240  }
241 
242  if (sport < 0)
243  current_sport = 1023;
244 
245 restart:
246  if (proto == IPPROTO_TCP)
249  if (IN6_IS_ADDR_V4MAPPED (p))
250  {
251  family = AF_INET;
252  bzero (&addr, sizeof (addr));
253  if (proto == IPPROTO_TCP)
254  sock = socket (AF_INET, SOCK_STREAM, IPPROTO_TCP);
255  else
256  sock = socket (AF_INET, SOCK_DGRAM, IPPROTO_UDP);
257  }
258  else
259  {
260  family = AF_INET6;
261  bzero (&addr6, sizeof (addr6));
262  if (proto == IPPROTO_TCP)
263  sock = socket (AF_INET6, SOCK_STREAM, IPPROTO_TCP);
264  else
265  sock = socket (AF_INET6, SOCK_DGRAM, IPPROTO_UDP);
266  }
267 
268  /*
269  * We will bind to a privileged port. Let's declare
270  * our socket ready for reuse
271  */
272 
273  if (sock < 0)
274  return NULL;
275 
276 tryagain:
277  if (current_sport < 128 && sport < 0)
278  {
279  close (sock);
280  return NULL;
281  }
282  e = gvm_source_set_socket (sock, sport > 0 ? sport : current_sport--, family);
283 
284  /*
285  * bind() failed - try again on a lower port
286  */
287  if (e < 0)
288  {
289  if (sport > 0)
290  {
291  close (sock);
292  return NULL;
293  }
294  else
295  goto tryagain;
296  }
297 
298  /*
299  * Connect to the other end
300  */
302 
303  if (IN6_IS_ADDR_V4MAPPED (p))
304  {
305  bzero (&daddr, sizeof (daddr));
306  daddr.sin_addr.s_addr = p->s6_addr32[3];
307  daddr.sin_family = AF_INET;
308  daddr.sin_port = htons (dport);
309  unblock_socket (sock);
310  e = connect (sock, (struct sockaddr *) &daddr, sizeof (daddr));
311  }
312  else
313  {
314  bzero (&daddr6, sizeof (daddr6));
315  memcpy (&daddr6.sin6_addr, p, sizeof (struct in6_addr));
316  daddr6.sin6_family = AF_INET6;
317  daddr6.sin6_port = htons (dport);
318  unblock_socket (sock);
319  e = connect (sock, (struct sockaddr *) &daddr6, sizeof (daddr6));
320  }
321 
322  if (e < 0)
323  {
324  if (errno == EADDRINUSE || errno == EADDRNOTAVAIL)
325  {
326  close (sock);
327  if (sport < 0)
328  goto restart;
329  else
330  return NULL;
331  }
332  else if (errno != EINPROGRESS)
333  {
334  close (sock);
335  return NULL;
336  }
337  }
338 
339  do
340  {
341  tv.tv_sec = to;
342  tv.tv_usec = 0;
343  FD_ZERO (&rd);
344  FD_SET (sock, &rd);
345  e = select (sock + 1, NULL, &rd, NULL, to > 0 ? &tv : NULL);
346  }
347  while (e < 0 && errno == EINTR);
348 
349  if (e <= 0)
350  {
351  close (sock);
352  return FAKE_CELL;
353  }
354 
355  block_socket (sock);
356  opt_sz = sizeof (opt);
357 
358  if (getsockopt (sock, SOL_SOCKET, SO_ERROR, &opt, &opt_sz) < 0)
359  {
360  g_message ("[%d] open_priv_sock()->getsockopt() failed : %s", getpid (),
361  strerror (errno));
362  close (sock);
363  return NULL;
364  }
365 
366  switch (opt)
367  {
368  case EADDRINUSE:
369  case EADDRNOTAVAIL:
370  close (sock);
371  if (sport < 0)
372  goto restart;
373  else
374  return FAKE_CELL;
375 
376  case 0:
377  break;
378  default:
379  close (sock);
380  return FAKE_CELL;
381  break;
382  }
383 
384  if (lowest_socket == 0)
385  lowest_socket = sock;
386  if (proto == IPPROTO_TCP)
387  sock = openvas_register_connection (sock, NULL, NULL, OPENVAS_ENCAPS_IP);
388 
389  retc = alloc_typed_cell (CONST_INT);
390  retc->x.i_val = sock < 0 ? 0 : sock;
391  return retc;
392 }
393 
394 tree_cell *
396 {
397  return nasl_open_privileged_socket (lexic, IPPROTO_TCP);
398 }
399 
400 tree_cell *
402 {
403  return nasl_open_privileged_socket (lexic, IPPROTO_UDP);
404 }
405 
406 /*--------------------------------------------------------------------------*/
407 
408 tree_cell *
410 {
411  int soc = -1;
412  struct script_infos *script_infos = lexic->script_infos;
413  int to, port;
414  int transport = -1;
415  const char *priority;
416  tree_cell *retc;
417 
418  to = get_int_var_by_name (lexic, "timeout", lexic->recv_timeout * 2);
419  if (to < 0)
420  to = 10;
421 
422  transport = get_int_var_by_name (lexic, "transport", -1);
423 
424  if (transport == OPENVAS_ENCAPS_TLScustom)
425  {
426  int type;
427  priority = get_str_var_by_name (lexic, "priority");
428  if (!priority)
429  priority = NULL;
430  type = get_var_type_by_name (lexic, "priority");
431  if (type != VAR2_STRING && type != VAR2_DATA)
432  priority = NULL;
433  }
434  else
435  priority = NULL;
436 
437  if (bufsz < 0)
438  bufsz = get_int_var_by_name (lexic, "bufsz", 0);
439 
440  port = get_int_var_by_num (lexic, 0, -1);
441  if (port < 0)
442  return NULL;
443 
445 
446  /* If "transport" has not been given, use auto detection if enabled
447  in the KB. if "transport" has been given with a value of 0 force
448  autodetection reagardless of what the KB tells. */
449  if (transport < 0)
450  soc = open_stream_auto_encaps_ext (script_infos, port, to, 0);
451  else if (transport == 0)
452  soc = open_stream_auto_encaps_ext (script_infos, port, to, 1);
453  else
454  soc = open_stream_connection_ext (script_infos, port, transport, to,
455  priority, NO_PRIORITY_FLAGS);
456  if (bufsz > 0 && soc >= 0)
457  {
458  if (stream_set_buffer (soc, bufsz) < 0)
459  nasl_perror (lexic, "stream_set_buffer: soc=%d,bufsz=%d\n", soc, bufsz);
460  }
461 
462  retc = alloc_typed_cell (CONST_INT);
463  retc->x.i_val = soc < 0 ? 0 : soc;
464 
465  return retc;
466 }
467 
508 tree_cell *
510 {
511  return nasl_open_sock_tcp_bufsz (lexic, -1);
512 }
513 
514 /*
515  * Opening a UDP socket is a little more tricky, since
516  * UDP works in a way which is different from TCP...
517  *
518  * Our goal is to hide this difference for the end-user
519  */
520 tree_cell *
522 {
523  int soc;
524  tree_cell *retc;
525  int port;
526  struct sockaddr_in soca;
527  struct sockaddr_in6 soca6;
528  struct script_infos *script_infos = lexic->script_infos;
529  struct in6_addr *ia;
530 
531  port = get_int_var_by_num (lexic, 0, -1);
532  if (port < 0)
533  return NULL;
534 
536  if (ia == NULL)
537  return NULL;
538  if (IN6_IS_ADDR_V4MAPPED (ia))
539  {
540  bzero (&soca, sizeof (soca));
541  soca.sin_addr.s_addr = ia->s6_addr32[3];
542  soca.sin_port = htons (port);
543  soca.sin_family = AF_INET;
544 
545  soc = socket (AF_INET, SOCK_DGRAM, 0);
546  if (soc < 0)
547  return NULL;
548  gvm_source_set_socket (soc, 0, AF_INET);
549  if (connect (soc, (struct sockaddr *) &soca, sizeof (soca)) < 0)
550  {
551  close (soc);
552  return NULL;
553  }
554  }
555  else
556  {
557  bzero (&soca6, sizeof (soca6));
558  memcpy (&soca6.sin6_addr, ia, sizeof (struct in6_addr));
559  soca6.sin6_port = htons (port);
560  soca6.sin6_family = AF_INET6;
561 
562  soc = socket (AF_INET6, SOCK_DGRAM, 0);
563  if (soc < 0)
564  return NULL;
565  gvm_source_set_socket (soc, 0, AF_INET6);
566  if (connect (soc, (struct sockaddr *) &soca6, sizeof (soca6)) < 0)
567  {
568  close (soc);
569  return NULL;
570  }
571  }
572 
573  if (soc > 0 && lowest_socket == 0)
574  lowest_socket = soc;
575 
576  retc = alloc_typed_cell (CONST_INT);
577  retc->x.i_val = soc;
578  return retc;
579 }
580 
581 tree_cell *
583 {
584  int soc, transport, ret;
585  tree_cell *retc;
586 
587  soc = get_int_var_by_name (lexic, "socket", -1);
588  transport =
589  get_int_var_by_name (lexic, "transport", OPENVAS_ENCAPS_TLScustom);
590  if (soc < 0)
591  {
592  nasl_perror (lexic, "socket_ssl_negotiate: Erroneous socket value %d\n",
593  soc);
594  return NULL;
595  }
596  if (transport == -1)
597  transport = OPENVAS_ENCAPS_TLScustom;
598  else if (!IS_ENCAPS_SSL (transport))
599  {
600  nasl_perror (lexic,
601  "socket_ssl_negotiate: Erroneous transport value %d\n",
602  transport);
603  return NULL;
604  }
605  ret = socket_negotiate_ssl (soc, transport, lexic->script_infos);
606  if (ret < 0)
607  return NULL;
608 
609  retc = alloc_typed_cell (CONST_INT);
610  retc->x.i_val = ret;
611  return retc;
612 }
613 
625 tree_cell *
627 {
628  int soc, ret;
629  tree_cell *retc;
630  soc = get_int_var_by_name (lexic, "socket", -1);
631  if (soc < 0)
632  {
633  nasl_perror (lexic, "socket_get_cert: Erroneous socket value %d\n", soc);
634  return NULL;
635  }
637 
638  retc = alloc_typed_cell (CONST_INT);
639  retc->x.i_val = ret;
640  return retc;
641 }
642 
657 tree_cell *
659 {
660  int soc, ret;
661  tree_cell *retc;
662  soc = get_int_var_by_name (lexic, "socket", -1);
663  if (soc < 0)
664  {
665  nasl_perror (lexic, "socket_get_cert: Erroneous socket value %d\n", soc);
666  return NULL;
667  }
668  ret = socket_ssl_do_handshake (soc);
669 
670  retc = alloc_typed_cell (CONST_INT);
671  retc->x.i_val = ret;
672  return retc;
673 }
674 
675 tree_cell *
677 {
678  int soc, cert_len = 0;
679  tree_cell *retc;
680  void *cert;
681 
682  soc = get_int_var_by_name (lexic, "socket", -1);
683  if (soc < 0)
684  {
685  nasl_perror (lexic, "socket_get_cert: Erroneous socket value %d\n", soc);
686  return NULL;
687  }
688  socket_get_cert (soc, &cert, &cert_len);
689  if (cert_len <= 0)
690  return NULL;
691  retc = alloc_typed_cell (CONST_DATA);
692  retc->x.str_val = cert;
693  retc->size = cert_len;
694  return retc;
695 }
696 
697 tree_cell *
699 {
700  int soc;
701  size_t sid_len = 0;
702  tree_cell *retc;
703  void *sid;
704 
705  soc = get_int_var_by_name (lexic, "socket", -1);
706  if (soc < 0)
707  {
708  nasl_perror (lexic, "socket_get_cert: Erroneous socket value %d\n", soc);
709  return NULL;
710  }
711  socket_get_ssl_session_id (soc, &sid, &sid_len);
712  if (sid == NULL || sid_len == 0)
713  return NULL;
714  retc = alloc_typed_cell (CONST_DATA);
715  retc->x.str_val = sid;
716  retc->size = sid_len;
717  return retc;
718 }
719 
720 tree_cell *
722 {
723  int soc;
724  int version;
725  tree_cell *retc;
726 
727  soc = get_int_var_by_name (lexic, "socket", -1);
728  version = socket_get_ssl_version (soc);
729  if (version < 0)
730  return NULL;
731  retc = alloc_typed_cell (CONST_INT);
732  retc->x.i_val = version;
733  return retc;
734 }
735 
736 tree_cell *
738 {
739  int soc, result;
740  tree_cell *retc;
741 
742  soc = get_int_var_by_name (lexic, "socket", -1);
743  result = socket_get_ssl_ciphersuite (soc);
744  if (result < 0)
745  return NULL;
746  retc = alloc_typed_cell (CONST_INT);
747  retc->x.i_val = result;
748  return retc;
749 }
750 
751 /*---------------------------------------------------------------------*/
752 
753 tree_cell *
755 {
756  char *data, *resend_data;
757  int rd_len;
758  int len = get_int_var_by_name (lexic, "length", -1);
759  int min_len = get_int_var_by_name (lexic, "min", -1);
760  int soc = get_int_var_by_name (lexic, "socket", 0);
761  int to = get_int_var_by_name (lexic, "timeout", lexic->recv_timeout);
762  fd_set rd;
763  struct timeval tv;
764  int new_len = 0;
765  int type = -1;
766  unsigned int opt_len = sizeof (type);
767  int e;
768 
769  if (len <= 0 || soc <= 0)
770  return NULL;
771 
772  tv.tv_sec = to;
773  tv.tv_usec = 0;
774 
775  data = g_malloc0 (len);
776  if (!fd_is_stream (soc))
777  e = getsockopt (soc, SOL_SOCKET, SO_TYPE, &type, &opt_len);
778  else
779  e = -1;
780 
781  if (e == 0 && type == SOCK_DGRAM)
782  {
783  /* As UDP packets may be lost, we retry up to 5 times */
784  int retries = 5;
785  int i;
786 
787  tv.tv_sec = to / retries;
788  tv.tv_usec = (to % retries) * 100000;
789 
790  for (i = 0; i < retries; i++)
791  {
792  FD_ZERO (&rd);
793  FD_SET (soc, &rd);
794 
795  if (select (soc + 1, &rd, NULL, NULL, &tv) > 0)
796  {
797  int alen;
798  alen = recv (soc, data + new_len, len - new_len, 0);
799 
800  if (alen <= 0)
801  {
802  if (!new_len)
803  {
804  g_free (data);
805  return NULL;
806  }
807  }
808  else
809  new_len += alen;
810 
811  break; /* UDP data is never fragmented */
812  }
813  else
814  {
815  /* The packet may have been lost en route - we resend it */
816 
817  resend_data = get_udp_data (lexic->script_infos, soc, &rd_len);
818  if (resend_data != NULL)
819  send (soc, resend_data, rd_len, 0);
820  tv.tv_sec = to / retries;
821  tv.tv_usec = (to % retries) * 100000;
822  }
823  }
824  }
825  else
826  {
827  int old = stream_set_timeout (soc, tv.tv_sec);
828  new_len = read_stream_connection_min (soc, data, min_len, len);
829  stream_set_timeout (soc, old);
830  }
831  if (new_len > 0)
832  {
834  retc->x.str_val = g_memdup2 (data, new_len);
835  retc->size = new_len;
836  g_free (data);
837  return retc;
838  }
839  else
840  {
841  g_free (data);
842  return NULL;
843  }
844 }
845 
846 tree_cell *
848 {
849  int len = get_int_var_by_name (lexic, "length", -1);
850  int soc = get_int_var_by_name (lexic, "socket", 0);
851  int timeout = get_int_var_by_name (lexic, "timeout", -1);
852  char *data;
853  int new_len = 0;
854  int n = 0;
855  tree_cell *retc;
856  time_t t1 = 0;
857 
858  if (len == -1 || soc <= 0)
859  {
860  nasl_perror (lexic, "recv_line: missing or undefined parameter"
861  " length or socket\n");
862  return NULL;
863  }
864 
865  if (timeout >= 0) /* sycalls are much more expensive than simple tests */
866  t1 = time (NULL);
867 
868  if (fd_is_stream (soc) != 0)
869  {
870  int bufsz = stream_get_buffer_sz (soc);
871  if (bufsz <= 0)
872  stream_set_buffer (soc, len + 1);
873  }
874 
875  data = g_malloc0 (len + 1);
876  for (;;)
877  {
878  int e = read_stream_connection_min (soc, data + n, 1, 1);
879  if (e < 0)
880  break;
881  if (e == 0)
882  {
883  if (timeout >= 0 && time (NULL) - t1 < timeout)
884  continue;
885  else
886  break;
887  }
888  n++;
889  if ((data[n - 1] == '\n') || (n >= len))
890  break;
891  }
892 
893  if (n <= 0)
894  {
895  g_free (data);
896  return NULL;
897  }
898 
899  new_len = n;
900 
901  retc = alloc_typed_cell (CONST_DATA);
902  retc->size = new_len;
903  retc->x.str_val = g_memdup2 (data, new_len + 1);
904  g_free (data);
905 
906  return retc;
907 }
908 
909 /*---------------------------------------------------------------------*/
910 
911 static int
912 get_mtu (struct in6_addr *dst)
913 {
914  char *device;
915  int r = -1;
916  struct ifreq ifr;
917  int sd;
918  if ((device = v6_routethrough (dst, NULL)) == NULL)
919  goto exit;
920  memcpy (ifr.ifr_name, device, sizeof (ifr.ifr_name));
921  if ((sd = socket (AF_INET, SOCK_DGRAM, 0)) < 0)
922  goto exit;
923  if (ioctl (sd, SIOCGIFMTU, &ifr) < 0)
924  goto cexit;
925  r = ifr.ifr_mtu;
926 cexit:
927  close (sd);
928 exit:
929  return r;
930 }
931 
932 static int
933 get_udp_payload_size (struct in6_addr *dst)
934 {
935  int r = 0;
936  // the ip header maximum size is 60 and a UDP header contains 8 bytes
937  if ((r = get_mtu (dst) - 60 - 8) < 0)
938  return -1;
939  return r;
940 }
941 
942 tree_cell *
944 {
945  int mtu;
946  if ((mtu = get_mtu (plug_get_host_ip (lexic->script_infos))) == -1)
947  {
948  nasl_perror (
949  lexic,
950  "Unable to get MTU of used interface. get_mtu is not available.\n");
951  }
952  tree_cell *retc;
953  retc = alloc_typed_cell (CONST_INT);
954  retc->x.i_val = mtu;
955 
956  return retc;
957 }
958 
959 tree_cell *
961 {
962  int soc = get_int_var_by_name (lexic, "socket", 0);
963  char *data = get_str_var_by_name (lexic, "data");
964  int option = get_int_var_by_name (lexic, "option", 0);
965  int length = get_int_var_by_name (lexic, "length", 0);
966  int data_length = get_var_size_by_name (lexic, "data");
967  int n;
968  int mtu = -1;
969  tree_cell *retc;
970  int type;
971  unsigned int type_len = sizeof (type);
972 
973  if (soc <= 0 || data == NULL)
974  {
975  nasl_perror (lexic, "Syntax error with the send() function\n");
976  nasl_perror (lexic,
977  "Correct syntax is : send(socket:<soc>, data:<data>\n");
978  return NULL;
979  }
980 
981  if (length <= 0 || length > data_length)
982  length = data_length;
983 
984  if (!fd_is_stream (soc)
985  && getsockopt (soc, SOL_SOCKET, SO_TYPE, &type, &type_len) == 0
986  && type == SOCK_DGRAM)
987  {
988  if ((mtu = get_udp_payload_size (plug_get_host_ip (lexic->script_infos)))
989  > 0
990  && mtu < length)
991  nasl_perror (lexic,
992  "data payload is larger (%d) than max udp payload (%d)\n",
993  length, mtu);
994 
995  n = send (soc, data, length, option);
996  add_udp_data (lexic->script_infos, soc, data, length);
997  }
998  else
999  {
1001  n = nsend (soc, data, length, option);
1002  }
1003 
1004  retc = alloc_typed_cell (CONST_INT);
1005  retc->x.i_val = n;
1006 
1007  return retc;
1008 }
1009 
1010 /*---------------------------------------------------------------------*/
1011 tree_cell *
1013 {
1014  int soc;
1015  int type;
1016  unsigned int opt_len = sizeof (type);
1017  int e;
1018 
1019  soc = get_int_var_by_num (lexic, 0, -1);
1020  if (fd_is_stream (soc))
1021  {
1023  return close_stream_connection (soc) < 0 ? NULL : FAKE_CELL;
1024  }
1025  if (lowest_socket == 0 || soc < lowest_socket)
1026  {
1027  nasl_perror (lexic, "close(%d): Invalid socket value\n", soc);
1028  return NULL;
1029  }
1030 
1031  e = getsockopt (soc, SOL_SOCKET, SO_TYPE, &type, &opt_len);
1032  if (e == 0)
1033  {
1034  if (type == SOCK_DGRAM)
1035  {
1036  rm_udp_data (lexic->script_infos, soc);
1037  return FAKE_CELL;
1038  }
1039  close (soc);
1040  return FAKE_CELL;
1041  }
1042  else
1043  nasl_perror (lexic, "close(%d): %s\n", soc, strerror (errno));
1044 
1045  return NULL;
1046 }
1047 
1048 static struct jmg
1049 {
1050  struct in_addr in;
1051  int count;
1052  int s;
1053 } *jmg_desc = NULL;
1054 static int jmg_max = 0;
1055 
1056 tree_cell *
1058 {
1059  char *a;
1060  int i, j;
1061  struct ip_mreq m;
1062  tree_cell *retc = NULL;
1063 
1064  a = get_str_var_by_num (lexic, 0);
1065  if (a == NULL)
1066  {
1067  nasl_perror (lexic, "join_multicast_group: missing parameter\n");
1068  return NULL;
1069  }
1070  if (!inet_aton (a, &m.imr_multiaddr))
1071  {
1072  nasl_perror (lexic, "join_multicast_group: invalid parameter '%s'\n", a);
1073  return NULL;
1074  }
1075  m.imr_interface.s_addr = INADDR_ANY;
1076 
1077  j = -1;
1078  for (i = 0; i < jmg_max; i++)
1079  if (jmg_desc[i].in.s_addr == m.imr_multiaddr.s_addr
1080  && jmg_desc[i].count > 0)
1081  {
1082  jmg_desc[i].count++;
1083  break;
1084  }
1085  else if (jmg_desc[i].count <= 0)
1086  j = i;
1087 
1088  if (i >= jmg_max)
1089  {
1090  int s = socket (AF_INET, SOCK_DGRAM, 0);
1091  if (s < 0)
1092  {
1093  nasl_perror (lexic, "join_multicast_group: socket: %s\n",
1094  strerror (errno));
1095  return NULL;
1096  }
1097 
1098  if (setsockopt (s, IPPROTO_IP, IP_ADD_MEMBERSHIP, &m, sizeof (m)) < 0)
1099  {
1100  nasl_perror (
1101  lexic, "join_multicast_group: setsockopt(IP_ADD_MEMBERSHIP): %s\n",
1102  strerror (errno));
1103  close (s);
1104  return NULL;
1105  }
1106 
1107  if (j < 0)
1108  {
1109  jmg_desc = g_realloc (jmg_desc, sizeof (*jmg_desc) * (jmg_max + 1));
1110  j = jmg_max++;
1111  }
1112  jmg_desc[j].s = s;
1113  jmg_desc[j].in = m.imr_multiaddr;
1114  jmg_desc[j].count = 1;
1115  }
1116 
1117  retc = alloc_typed_cell (CONST_INT);
1118  retc->x.i_val = 1;
1119  return retc;
1120 }
1121 
1122 tree_cell *
1124 {
1125  char *a;
1126  struct in_addr ia;
1127  int i;
1128 
1129  a = get_str_var_by_num (lexic, 0);
1130  if (a == NULL)
1131  {
1132  nasl_perror (lexic, "leave_multicast_group: missing parameter\n");
1133  return NULL;
1134  }
1135  if (!inet_aton (a, &ia))
1136  {
1137  nasl_perror (lexic, "leave_multicast_group: invalid parameter '%s'\n", a);
1138  return NULL;
1139  }
1140 
1141  for (i = 0; i < jmg_max; i++)
1142  if (jmg_desc[i].count > 0 && jmg_desc[i].in.s_addr == ia.s_addr)
1143  {
1144  if (--jmg_desc[i].count <= 0)
1145  close (jmg_desc[i].s);
1146  return FAKE_CELL;
1147  }
1148 
1149  nasl_perror (lexic, "leave_multicast_group: never joined group %s\n", a);
1150  return NULL;
1151 }
1152 
1153 /* Fixme: Merge this into nasl_get_sock_info. */
1154 tree_cell *
1156 {
1157  struct sockaddr_in ia;
1158  int s, fd;
1159  unsigned int l;
1160  tree_cell *retc;
1161  int type;
1162  unsigned int type_len = sizeof (type);
1163 
1164  s = get_int_var_by_num (lexic, 0, -1);
1165  if (s < 0)
1166  {
1167  nasl_perror (lexic, "get_source_port: missing socket parameter\n");
1168  return NULL;
1169  }
1170  if (!fd_is_stream (s)
1171  && getsockopt (s, SOL_SOCKET, SO_TYPE, &type, &type_len) == 0
1172  && type == SOCK_DGRAM)
1173  fd = s;
1174  else
1176 
1177  if (fd < 0)
1178  {
1179  nasl_perror (lexic, "get_source_port: invalid socket parameter %d\n", s);
1180  return NULL;
1181  }
1182  l = sizeof (ia);
1183  if (getsockname (fd, (struct sockaddr *) &ia, &l) < 0)
1184  {
1185  nasl_perror (lexic, "get_source_port: getsockname(%d): %s\n", fd,
1186  strerror (errno));
1187  return NULL;
1188  }
1189  retc = alloc_typed_cell (CONST_INT);
1190  retc->x.i_val = ntohs (ia.sin_port);
1191  return retc;
1192 }
1193 
1194 tree_cell *
1196 {
1197  int soc = get_int_var_by_num (lexic, 0, -1);
1198  tree_cell *retc;
1199  int err;
1200 
1201  if (soc < 0 || !fd_is_stream (soc))
1202  return NULL;
1203 
1204  err = stream_get_err (soc);
1205  retc = alloc_typed_cell (CONST_INT);
1206 
1207  switch (err)
1208  {
1209  case 0:
1210  retc->x.i_val = NASL_ERR_NOERR;
1211  break;
1212  case ETIMEDOUT:
1213  retc->x.i_val = NASL_ERR_ETIMEDOUT;
1214  break;
1215  case EBADF:
1216  case EPIPE:
1217  case ECONNRESET:
1218  case ENOTSOCK:
1219  retc->x.i_val = NASL_ERR_ECONNRESET;
1220  break;
1221 
1222  case ENETUNREACH:
1223  case EHOSTUNREACH:
1224  retc->x.i_val = NASL_ERR_EUNREACH;
1225  break;
1226  case -1:
1227  g_message ("socket_get_error: Erroneous socket value %d", soc);
1228  break;
1229 
1230  default:
1231  g_message ("Unknown error %d %s", err, strerror (err));
1232  }
1233 
1234  return retc;
1235 }
1236 
1296 tree_cell *
1298 {
1299  int sock;
1300  int type;
1301  int err;
1302  const char *keyword, *s;
1303  tree_cell *retc;
1304  int as_string;
1305  int transport;
1306  gnutls_session_t tls_session;
1307  char *strval;
1308  int intval;
1309 
1310  sock = get_int_var_by_num (lexic, 0, -1);
1311  if (sock <= 0)
1312  {
1313  nasl_perror (lexic, "error: socket %d is not valid\n");
1314  return NULL;
1315  }
1316 
1317  keyword = get_str_var_by_num (lexic, 1);
1318  if (!keyword
1319  || !((type = get_var_type_by_num (lexic, 1)) == VAR2_STRING
1320  || type == VAR2_DATA))
1321  {
1322  nasl_perror (lexic, "error: second argument is not of type string\n");
1323  return NULL;
1324  }
1325 
1326  as_string = !!get_int_var_by_name (lexic, "asstring", 0);
1327 
1328  transport = 0;
1329  strval = NULL;
1330  intval = 0;
1331  retc = FAKE_CELL; /* Dummy value to detect retc == NULL. */
1332 
1333  {
1334  void *tmp = NULL;
1335  err = get_sock_infos (sock, &transport, &tmp);
1336  tls_session = tmp;
1337  }
1338  if (err)
1339  {
1340  nasl_perror (lexic, "error retrieving infos for socket %d: %s\n", sock,
1341  strerror (err));
1342  retc = NULL;
1343  }
1344  else if (!strcmp (keyword, "encaps"))
1345  {
1346  if (as_string)
1347  strval = g_strdup (get_encaps_name (transport));
1348  else
1349  intval = transport;
1350  }
1351  else if (!strcmp (keyword, "tls-proto"))
1352  {
1353  if (!tls_session)
1354  s = "n/a";
1355  else
1356  s =
1357  gnutls_protocol_get_name (gnutls_protocol_get_version (tls_session));
1358  strval = g_strdup (s ? s : "[?]");
1359  }
1360  else if (!strcmp (keyword, "tls-kx"))
1361  {
1362  if (!tls_session)
1363  s = "n/a";
1364  else
1365  s = gnutls_kx_get_name (gnutls_kx_get (tls_session));
1366  strval = g_strdup (s ? s : "");
1367  }
1368  else if (!strcmp (keyword, "tls-certtype"))
1369  {
1370  if (!tls_session)
1371  s = "n/a";
1372  else
1373  s = gnutls_certificate_type_get_name (
1374  gnutls_certificate_type_get (tls_session));
1375  strval = g_strdup (s ? s : "");
1376  }
1377  else if (!strcmp (keyword, "tls-cipher"))
1378  {
1379  if (!tls_session)
1380  s = "n/a";
1381  else
1382  s = gnutls_cipher_get_name (gnutls_cipher_get (tls_session));
1383  strval = g_strdup (s ? s : "");
1384  }
1385  else if (!strcmp (keyword, "tls-mac"))
1386  {
1387  if (!tls_session)
1388  s = "n/a";
1389  else
1390  s = gnutls_mac_get_name (gnutls_mac_get (tls_session));
1391  strval = g_strdup (s ? s : "");
1392  }
1393  else if (!strcmp (keyword, "tls-auth"))
1394  {
1395  if (!tls_session)
1396  s = "n/a";
1397  else
1398  {
1399  switch (gnutls_auth_get_type (tls_session))
1400  {
1401  case GNUTLS_CRD_ANON:
1402  s = "ANON";
1403  break;
1404  case GNUTLS_CRD_CERTIFICATE:
1405  s = "CERT";
1406  break;
1407  case GNUTLS_CRD_PSK:
1408  s = "PSK";
1409  break;
1410  case GNUTLS_CRD_SRP:
1411  s = "SRP";
1412  break;
1413  default:
1414  s = "[?]";
1415  break;
1416  }
1417  }
1418  strval = g_strdup (s);
1419  }
1420  else if (!strcmp (keyword, "tls-cert"))
1421  {
1422  /* We only support X.509 for now. GNUTLS also allows for
1423  OpenPGP, but we are not prepared for that. */
1424  if (tls_session
1425  && gnutls_certificate_type_get (tls_session) == GNUTLS_CRT_X509)
1426  {
1427  const gnutls_datum_t *list;
1428  unsigned int nlist = 0;
1429  nasl_array *a;
1430  anon_nasl_var v;
1431 
1432  list = gnutls_certificate_get_peers (tls_session, &nlist);
1433  if (!list)
1434  retc = NULL; /* No certificate or other error. */
1435  else
1436  {
1437  unsigned int i;
1438  retc = alloc_typed_cell (DYN_ARRAY);
1439  retc->x.ref_val = a = g_malloc0 (sizeof *a);
1440 
1441  for (i = 0; i < nlist; i++)
1442  {
1443  memset (&v, 0, sizeof v);
1444  v.var_type = VAR2_DATA;
1445  v.v.v_str.s_val = list[i].data;
1446  v.v.v_str.s_siz = list[i].size;
1447  add_var_to_list (a, i, &v);
1448  }
1449  }
1450  }
1451  }
1452  else
1453  {
1454  nasl_perror (lexic, "unknown keyword '%s'\n", keyword);
1455  retc = NULL;
1456  }
1457 
1458  if (!retc)
1459  ;
1460  else if (retc != FAKE_CELL)
1461  ; /* Already allocated. */
1462  else if (strval)
1463  {
1464  retc = alloc_typed_cell (CONST_STR);
1465  retc->x.str_val = strval;
1466  retc->size = strlen (strval);
1467  }
1468  else
1469  {
1470  retc = alloc_typed_cell (CONST_INT);
1471  retc->x.i_val = intval;
1472  }
1473 
1474  return retc;
1475 }
1476 
1495 tree_cell *
1497 {
1498  int soc, err;
1499  int ret;
1500  tree_cell *retc;
1501  gnutls_x509_crt_t *cert = NULL;
1502  gnutls_x509_trust_list_t ca_list;
1503  unsigned int ca_list_size = 0;
1504  unsigned int i, cert_n = 0;
1505  unsigned int voutput;
1506  const gnutls_datum_t *certs;
1507 
1508  int transport;
1509  gnutls_session_t tls_session;
1510 
1511  soc = get_int_var_by_name (lexic, "socket", -1);
1512  if (soc < 0)
1513  {
1514  nasl_perror (lexic, "socket_get_cert: Erroneous socket value %d\n", soc);
1515  return NULL;
1516  }
1517 
1518  {
1519  void *tmp = NULL;
1520  err = get_sock_infos (soc, &transport, &tmp);
1521  tls_session = tmp;
1522  }
1523  if (err)
1524  {
1525  nasl_perror (lexic, "error retrieving tls_session for socket %d: %s\n",
1526  soc, strerror (err));
1527  return NULL;
1528  }
1529 
1530  /* We only support X.509 for now. GNUTLS also allows for
1531  OpenPGP, but we are not prepared for that. */
1532  if (tls_session
1533  && gnutls_certificate_type_get (tls_session) == GNUTLS_CRT_X509)
1534  {
1535  certs = gnutls_certificate_get_peers (tls_session, &cert_n);
1536  if (!certs)
1537  return NULL; /* No certificate or other error. */
1538  }
1539  else
1540  return NULL;
1541 
1542  cert = g_malloc0 (sizeof (*cert) * cert_n);
1543  for (i = 0; i < cert_n; i++)
1544  {
1545  if (gnutls_x509_crt_init (&cert[i]) != GNUTLS_E_SUCCESS)
1546  {
1547  g_free (cert);
1548  return NULL;
1549  }
1550  if (gnutls_x509_crt_import (cert[i], &certs[i], GNUTLS_X509_FMT_DER)
1551  != GNUTLS_E_SUCCESS)
1552  {
1553  g_free (cert);
1554  return NULL;
1555  }
1556  }
1557 
1558  /* Init ca_list and load system CA trust list */
1559  ret = gnutls_x509_trust_list_init (&ca_list, ca_list_size);
1560  if (ret < 0)
1561  {
1562  g_free (cert);
1563  return NULL;
1564  }
1565  ret = gnutls_x509_trust_list_add_system_trust (ca_list, 0, 0);
1566  if (ret < 0)
1567  {
1568  g_free (cert);
1569  return NULL;
1570  }
1571 
1572  /* Certificate verification against a trust list*/
1573  if (gnutls_x509_trust_list_verify_crt (ca_list, cert, cert_n, 0, &voutput,
1574  NULL)
1575  != GNUTLS_E_SUCCESS)
1576  {
1577  g_free (cert);
1578  return NULL;
1579  }
1580  g_free (cert);
1581 
1582  ret = voutput;
1583 
1584  retc = alloc_typed_cell (CONST_INT);
1585  retc->x.i_val = ret;
1586  return retc;
1587 }
st_a_nasl_var
Definition: nasl_var.h:40
daddr
struct in_addr daddr
Definition: nasl_packet_forgery.c:1
nasl_close_socket
tree_cell * nasl_close_socket(lex_ctxt *lexic)
Definition: nasl_socket.c:1012
socket_ssl_do_handshake
int socket_ssl_do_handshake(int fd)
Do a re-handshake of the TLS/SSL protocol.
Definition: network.c:737
script_infos
Definition: scanneraux.h:29
get_udp_data
static char * get_udp_data(struct script_infos *script_infos, int soc, int *len)
Definition: nasl_socket.c:179
CONST_DATA
@ CONST_DATA
Definition: nasl_tree.h:82
get_var_size_by_name
int get_var_size_by_name(lex_ctxt *, const char *)
Definition: nasl_var.c:1138
OPENVAS_ENCAPS_IP
@ OPENVAS_ENCAPS_IP
Definition: network.h:31
plug_get_host_ip
struct in6_addr * plug_get_host_ip(struct script_infos *args)
Definition: plugutils.c:316
nasl_recv
tree_cell * nasl_recv(lex_ctxt *lexic)
Definition: nasl_socket.c:754
TC::str_val
char * str_val
Definition: nasl_tree.h:103
nasl_join_multicast_group
tree_cell * nasl_join_multicast_group(lex_ctxt *lexic)
Definition: nasl_socket.c:1057
script_infos::udp_data
GHashTable * udp_data
Definition: scanneraux.h:36
nasl_socket_negotiate_ssl
tree_cell * nasl_socket_negotiate_ssl(lex_ctxt *lexic)
Definition: nasl_socket.c:582
CONST_STR
@ CONST_STR
Definition: nasl_tree.h:80
NO_PRIORITY_FLAGS
#define NO_PRIORITY_FLAGS
Definition: network.h:48
nasl_get_sock_info
tree_cell * nasl_get_sock_info(lex_ctxt *lexic)
Get info pertaining to a socket.
Definition: nasl_socket.c:1297
nasl_socket_get_cert
tree_cell * nasl_socket_get_cert(lex_ctxt *lexic)
Definition: nasl_socket.c:676
openvas_get_socket_from_connection
int openvas_get_socket_from_connection(int fd)
Definition: network.c:357
TC::x
union TC::@5 x
DYN_ARRAY
@ DYN_ARRAY
Definition: nasl_tree.h:90
v6_routethrough
char * v6_routethrough(struct in6_addr *dest, struct in6_addr *source)
An awesome function to determine what interface a packet to a given destination should be routed thro...
Definition: pcap.c:841
get_encaps_name
const char * get_encaps_name(openvas_encaps_t code)
Definition: network.c:1733
FAKE_CELL
#define FAKE_CELL
Definition: nasl_tree.h:110
openvas_register_connection
int openvas_register_connection(int soc, void *ssl, gnutls_certificate_credentials_t certcred, openvas_encaps_t encaps)
Definition: network.c:234
st_a_nasl_var::v
union st_a_nasl_var::@7 v
get_str_var_by_name
char * get_str_var_by_name(lex_ctxt *, const char *)
Definition: nasl_var.c:1118
st_a_nasl_var::v_str
nasl_string_t v_str
Definition: nasl_var.h:47
jmg
Definition: nasl_socket.c:1049
open_stream_connection_ext
int open_stream_connection_ext(struct script_infos *args, unsigned int port, int transport, int timeout, const char *priority, int flags)
Definition: network.c:1046
open_stream_auto_encaps_ext
int open_stream_auto_encaps_ext(struct script_infos *args, unsigned int port, int timeout, int force)
Definition: network.c:1185
VAR2_STRING
@ VAR2_STRING
Definition: nasl_var.h:17
socket_get_cert
void socket_get_cert(int fd, void **cert, int *certlen)
Definition: network.c:887
exec.h
nasl_open_sock_udp
tree_cell * nasl_open_sock_udp(lex_ctxt *lexic)
Definition: nasl_socket.c:521
NASL_ERR_NOERR
#define NASL_ERR_NOERR
Definition: nasl.h:51
udp_record
Definition: nasl_socket.c:149
socket_get_ssl_version
int socket_get_ssl_version(int fd)
Definition: network.c:923
st_nasl_string::s_siz
int s_siz
Definition: nasl_var.h:27
VAR2_DATA
@ VAR2_DATA
Definition: nasl_var.h:18
NASL_ERR_EUNREACH
#define NASL_ERR_EUNREACH
Definition: nasl.h:54
st_nasl_array
Definition: nasl_var.h:33
OPENVAS_ENCAPS_TLScustom
@ OPENVAS_ENCAPS_TLScustom
Definition: network.h:39
nasl_open_sock_tcp
tree_cell * nasl_open_sock_tcp(lex_ctxt *lexic)
Open a TCP socket to the target host.
Definition: nasl_socket.c:509
stream_set_buffer
int stream_set_buffer(int fd, int sz)
Definition: network.c:2168
nasl_debug.h
nasl_get_source_port
tree_cell * nasl_get_source_port(lex_ctxt *lexic)
Definition: nasl_socket.c:1155
socket_ssl_safe_renegotiation_status
int socket_ssl_safe_renegotiation_status(int fd)
Check if Secure Renegotiation is supported in the server side.
Definition: network.c:716
udp_record::data
char * data
Definition: nasl_socket.c:151
nasl_perror
void nasl_perror(lex_ctxt *lexic, char *msg,...)
Definition: nasl_debug.c:111
get_var_type_by_name
int get_var_type_by_name(lex_ctxt *, const char *)
Definition: nasl_var.c:1162
rm_udp_data
static void rm_udp_data(struct script_infos *script_infos, int soc)
Definition: nasl_socket.c:202
block_socket
static int block_socket(int soc)
Definition: nasl_socket.c:78
TC::size
int size
Definition: nasl_tree.h:99
stream_get_err
int stream_get_err(int fd)
Definition: network.c:132
nsend
int nsend(int fd, void *data, int length, int i_opt)
Definition: network.c:1589
option
#define option
add_udp_data
static int add_udp_data(struct script_infos *script_infos, int soc, char *data, int len)
Definition: nasl_socket.c:156
IS_ENCAPS_SSL
#define IS_ENCAPS_SSL(x)
Definition: network.h:43
nasl_lex_ctxt.h
nasl_leave_multicast_group
tree_cell * nasl_leave_multicast_group(lex_ctxt *lexic)
Definition: nasl_socket.c:1123
nasl_recv_line
tree_cell * nasl_recv_line(lex_ctxt *lexic)
Definition: nasl_socket.c:847
EADDRNOTAVAIL
#define EADDRNOTAVAIL
Definition: nasl_socket.c:49
len
uint8_t len
Definition: nasl_packet_forgery.c:1
jmg::s
int s
Definition: nasl_socket.c:1052
NASL_ERR_ECONNRESET
#define NASL_ERR_ECONNRESET
Definition: nasl.h:53
get_int_var_by_name
long int get_int_var_by_name(lex_ctxt *, const char *, int)
Definition: nasl_var.c:1104
socket_get_ssl_ciphersuite
int socket_get_ssl_ciphersuite(int fd)
Definition: network.c:1006
nasl.h
read_stream_connection_min
int read_stream_connection_min(int fd, void *buf0, int min_len, int max_len)
Definition: network.c:1397
nasl_open_sock_tcp_bufsz
tree_cell * nasl_open_sock_tcp_bufsz(lex_ctxt *lexic, int bufsz)
Definition: nasl_socket.c:409
fd_is_stream
int fd_is_stream(int fd)
Definition: network.c:2152
nasl_socket_get_ssl_version
tree_cell * nasl_socket_get_ssl_version(lex_ctxt *lexic)
Definition: nasl_socket.c:721
nasl_func.h
TC::ref_val
void * ref_val
Definition: nasl_tree.h:105
get_int_var_by_num
long int get_int_var_by_num(lex_ctxt *, int, int)
Definition: nasl_var.c:1097
get_str_var_by_num
char * get_str_var_by_num(lex_ctxt *, int)
Definition: nasl_var.c:1111
st_a_nasl_var::var_type
int var_type
Definition: nasl_var.h:41
nasl_socket_get_ssl_session_id
tree_cell * nasl_socket_get_ssl_session_id(lex_ctxt *lexic)
Definition: nasl_socket.c:698
timeval
static struct timeval timeval(unsigned long val)
Definition: nasl_builtin_synscan.c:94
struct_lex_ctxt::script_infos
struct script_infos * script_infos
Definition: nasl_lex_ctxt.h:30
nasl_socket_cert_verify
tree_cell * nasl_socket_cert_verify(lex_ctxt *lexic)
Verify a certificate.
Definition: nasl_socket.c:1496
get_mtu
static int get_mtu(struct in6_addr *dst)
Definition: nasl_socket.c:912
TC
Definition: nasl_tree.h:94
struct_lex_ctxt
Definition: nasl_lex_ctxt.h:23
stream_get_buffer_sz
int stream_get_buffer_sz(int fd)
Definition: network.c:2158
nasl_var.h
nasl_packet_forgery.h
wait_before_next_probe
static void wait_before_next_probe()
Definition: nasl_socket.c:95
nasl_socket_get_error
tree_cell * nasl_socket_get_error(lex_ctxt *lexic)
Definition: nasl_socket.c:1195
udp_record::len
int len
Definition: nasl_socket.c:150
jmg::count
int count
Definition: nasl_socket.c:1051
socket_get_ssl_session_id
void socket_get_ssl_session_id(int fd, void **sid, size_t *ssize)
Definition: network.c:966
socket_negotiate_ssl
int socket_negotiate_ssl(int fd, openvas_encaps_t transport, struct script_infos *args)
Upgrade an ENCAPS_IP socket to an SSL/TLS encapsulated one.
Definition: network.c:820
nasl_open_privileged_socket
static tree_cell * nasl_open_privileged_socket(lex_ctxt *lexic, int proto)
Definition: nasl_socket.c:215
nasl_global_ctxt.h
CONST_INT
@ CONST_INT
Definition: nasl_tree.h:79
jmg::in
struct in_addr in
Definition: nasl_socket.c:1050
struct_lex_ctxt::recv_timeout
int recv_timeout
Definition: nasl_lex_ctxt.h:32
nasl_send
tree_cell * nasl_send(lex_ctxt *lexic)
Definition: nasl_socket.c:960
unblock_socket
static int unblock_socket(int soc)
Definition: nasl_socket.c:61
jmg_desc
static struct jmg * jmg_desc
nasl_socket_ssl_do_handshake
tree_cell * nasl_socket_ssl_do_handshake(lex_ctxt *lexic)
Do a re-handshake of the TLS/SSL protocol.
Definition: nasl_socket.c:658
get_udp_payload_size
static int get_udp_payload_size(struct in6_addr *dst)
Definition: nasl_socket.c:933
nasl_open_priv_sock_tcp
tree_cell * nasl_open_priv_sock_tcp(lex_ctxt *lexic)
Definition: nasl_socket.c:395
get_var_type_by_num
int get_var_type_by_num(lex_ctxt *, int)
Returns NASL variable/cell type, VAR2_UNDEF if value is NULL.
Definition: nasl_var.c:1155
nasl_get_mtu
tree_cell * nasl_get_mtu(lex_ctxt *lexic)
Definition: nasl_socket.c:943
add_var_to_list
int add_var_to_list(nasl_array *a, int i, const anon_nasl_var *v)
Definition: nasl_var.c:1245
jmg_max
static int jmg_max
Definition: nasl_socket.c:1054
close_stream_connection
int close_stream_connection(int fd)
Definition: network.c:1705
nasl_socket_get_ssl_ciphersuite
tree_cell * nasl_socket_get_ssl_ciphersuite(lex_ctxt *lexic)
Definition: nasl_socket.c:737
get_sock_infos
int get_sock_infos(int sock, int *r_transport, void **r_tls_session)
Definition: network.c:2256
nasl_socket.h
alloc_typed_cell
tree_cell * alloc_typed_cell(int typ)
Definition: nasl_tree.c:28
NASL_ERR_ETIMEDOUT
#define NASL_ERR_ETIMEDOUT
Definition: nasl.h:52
lowest_socket
int lowest_socket
Definition: nasl_socket.c:212
nasl_tree.h
nasl_socket_check_ssl_safe_renegotiation
tree_cell * nasl_socket_check_ssl_safe_renegotiation(lex_ctxt *lexic)
Check if Secure Renegotiation is supported in the server side.
Definition: nasl_socket.c:626
length
u_short length
Definition: nasl_packet_forgery.c:4
list
Definition: nasl_builtin_synscan.c:249
st_nasl_string::s_val
unsigned char * s_val
Definition: nasl_var.h:26
nasl_open_priv_sock_udp
tree_cell * nasl_open_priv_sock_udp(lex_ctxt *lexic)
Definition: nasl_socket.c:401
TC::i_val
long int i_val
Definition: nasl_tree.h:104
stream_set_timeout
int stream_set_timeout(int fd, int timeout)
Definition: network.c:1216