OpenVAS Scanner  22.7.9
plugutils.c
Go to the documentation of this file.
1 /* SPDX-FileCopyrightText: 2023 Greenbone AG
2  * SPDX-FileCopyrightText: 1998-2003 Renaud Deraison
3  *
4  * SPDX-License-Identifier: GPL-2.0-or-later
5  */
6 
12 #include "plugutils.h"
13 
14 #include "kb_cache.h" // for get_main_kb
15 #include "network.h" // for OPENVAS_ENCAPS_IP
16 #include "scan_id.h"
17 #include "support.h" // for g_memdup2 workaround
18 
19 #include <errno.h> // for errno
20 #include <gvm/base/hosts.h> // for g_vhost_t
21 #include <gvm/base/networking.h> // for port_protocol_t
22 #include <gvm/base/prefs.h> // for prefs_get_bool
23 #include <gvm/util/mqtt.h> // for mqtt_reset
24 #include <gvm/util/nvticache.h> // for nvticache_initialized
25 #include <stdio.h> // for snprintf
26 #include <stdlib.h> // for exit
27 #include <string.h> // for strcmp
28 #include <sys/wait.h> // for wait
29 #include <unistd.h> // for fork
30 
31 #undef G_LOG_DOMAIN
32 
35 #define G_LOG_DOMAIN "lib misc"
36 
37 /* Used to allow debugging for openvas-nasl */
39 
40 /* In case of multiple vhosts fork, this holds the value of the current vhost
41  * we're scanning.
42  */
43 gvm_vhost_t *current_vhost = NULL;
44 
45 /* @brief: Return the currently scanned vhost. */
46 const char *
48 {
49  return current_vhost->value;
50 }
51 
52 static int plug_fork_child (kb_t);
53 
54 void
55 plug_set_dep (struct script_infos *args, const char *depname)
56 {
57  nvti_t *n = args->nvti;
58  gchar *old = nvti_dependencies (n);
59  gchar *new;
60 
61  if (!depname)
62  return;
63 
64  if (old)
65  {
66  new = g_strdup_printf ("%s, %s", old, depname);
67  nvti_set_dependencies (n, new);
68  g_free (new);
69  }
70  else
71  nvti_set_dependencies (n, depname);
72 }
73 
74 static void
75 host_add_port_proto (struct script_infos *args, int portnum, char *proto)
76 {
77  char port_s[255];
78  snprintf (port_s, sizeof (port_s), "Ports/%s/%d", proto, portnum);
79  plug_set_key (args, port_s, ARG_INT, (void *) 1);
80 }
81 
87 static int
88 unscanned_ports_as_closed (port_protocol_t ptype)
89 {
90  if (ptype == PORT_PROTOCOL_UDP)
91  return (prefs_get_bool ("unscanned_closed_udp") ? 0 : 1);
92 
93  return (prefs_get_bool ("unscanned_closed") ? 0 : 1);
94 }
95 
99 int
100 kb_get_port_state_proto (kb_t kb, int portnum, char *proto)
101 {
102  char port_s[255], *kbstr;
103  const char *prange = prefs_get ("port_range");
104  port_protocol_t port_type;
105  array_t *port_ranges;
106 
107  if (!proto)
108  proto = "tcp";
109  if (!strcmp (proto, "udp"))
110  {
111  port_type = PORT_PROTOCOL_UDP;
112  kbstr = "Host/udp_scanned";
113  }
114  else
115  {
116  port_type = PORT_PROTOCOL_TCP;
117  kbstr = "Host/scanned";
118  }
119 
120  /* Check that we actually scanned the port */
121  if (kb_item_get_int (kb, kbstr) <= 0)
122  return unscanned_ports_as_closed (port_type);
123 
124  port_ranges = port_range_ranges (prange);
125  if (!port_in_port_ranges (portnum, port_type, port_ranges))
126  {
127  array_free (port_ranges);
128  return unscanned_ports_as_closed (port_type);
129  }
130  array_free (port_ranges);
131 
132  /* Ok, we scanned it. What is its state ? */
133  snprintf (port_s, sizeof (port_s), "Ports/%s/%d", proto, portnum);
134  return kb_item_get_int (kb, port_s) > 0;
135 }
136 
137 static int
138 host_get_port_state_proto (struct script_infos *args, int portnum, char *proto)
139 {
140  return kb_get_port_state_proto (args->key, portnum, proto);
141 }
142 
143 int
144 host_get_port_state (struct script_infos *plugdata, int portnum)
145 {
146  return (host_get_port_state_proto (plugdata, portnum, "tcp"));
147 }
148 
149 int
150 host_get_port_state_udp (struct script_infos *plugdata, int portnum)
151 {
152  return (host_get_port_state_proto (plugdata, portnum, "udp"));
153 }
154 
163 static int
164 check_duplicated_vhost (struct script_infos *args, const char *hostname)
165 {
166  GSList *vhosts = NULL;
167  kb_t host_kb = NULL;
168  struct kb_item *current_vhosts = NULL;
169 
170  /* Check for duplicate vhost value in args. */
171  vhosts = args->vhosts;
172  while (vhosts)
173  {
174  gvm_vhost_t *tmp = vhosts->data;
175 
176  if (!strcmp (tmp->value, hostname))
177  {
178  g_warning ("%s: Value '%s' exists already", __func__, hostname);
179  return -1;
180  }
181  vhosts = vhosts->next;
182  }
183 
184  /* Check for duplicate vhost value already added by other forked child of the
185  * same plugin. */
186  host_kb = args->key;
187  current_vhosts = kb_item_get_all (host_kb, "internal/vhosts");
188  if (!current_vhosts)
189  return 0;
190 
191  while (current_vhosts)
192  {
193  if (!strcmp (current_vhosts->v_str, hostname))
194  {
195  g_warning ("%s: Value '%s' exists already", __func__, hostname);
196  kb_item_free (current_vhosts);
197 
198  return -1;
199  }
200  current_vhosts = current_vhosts->next;
201  }
202 
203  kb_item_free (current_vhosts);
204  return 0;
205 }
206 
207 int
208 plug_add_host_fqdn (struct script_infos *args, const char *hostname,
209  const char *source)
210 {
211  gvm_vhost_t *vhost;
212  char **excluded;
213 
214  if (!prefs_get_bool ("expand_vhosts") || !hostname || !source)
215  return -1;
216 
217  if (check_duplicated_vhost (args, hostname))
218  return -1;
219 
220  /* Check for excluded vhost value. */
221  if (prefs_get ("exclude_hosts"))
222  {
223  char **tmp = excluded = g_strsplit (prefs_get ("exclude_hosts"), ",", 0);
224 
225  while (*tmp)
226  {
227  if (!strcmp (g_strstrip (*tmp), hostname))
228  {
229  g_strfreev (excluded);
230  return -1;
231  }
232  tmp++;
233  }
234  g_strfreev (excluded);
235  }
236  vhost = gvm_vhost_new (g_strdup (hostname), g_strdup (source));
237  args->vhosts = g_slist_prepend (args->vhosts, vhost);
238  return 0;
239 }
240 
241 char *
243 {
244  GSList *vhosts = args->vhosts;
245 
246  if (!args->vhosts)
247  return addr6_as_str (args->ip);
248 
249  /* Workaround for rapid growth of forked processes ie. http_get() calls
250  * within foreach() loops. */
251  if (current_vhost)
252  return g_strdup (current_vhost->value);
253  while (vhosts)
254  {
255  int ret = plug_fork_child (args->key);
256 
257  if (ret == 0)
258  {
259  current_vhost = vhosts->data;
260  return g_strdup (current_vhost->value);
261  }
262  else if (ret == -1)
263  return NULL;
264  vhosts = vhosts->next;
265  }
266  _exit (0);
267 }
268 
269 GSList *
271 {
272  GSList *results = NULL, *vhosts = args->vhosts;
273 
274  if (!args->vhosts)
275  results = g_slist_prepend (results, addr6_as_str (args->ip));
276 
277  while (vhosts)
278  {
279  gvm_vhost_t *vhost = vhosts->data;
280 
281  results = g_slist_prepend (results, g_strdup (vhost->value));
282  vhosts = vhosts->next;
283  }
284  return results;
285 }
286 
287 char *
288 plug_get_host_source (struct script_infos *args, const char *hostname)
289 {
290  if (!args->vhosts)
291  return g_strdup ("IP-address");
292 
293  if (hostname)
294  {
295  GSList *vhosts = args->vhosts;
296 
297  /* Search for source of specified hostname/vhost. */
298  while (vhosts)
299  {
300  gvm_vhost_t *vhost = vhosts->data;
301 
302  if (!strcmp (vhost->value, hostname))
303  return g_strdup (vhost->source);
304  vhosts = vhosts->next;
305  }
306  return NULL;
307  }
308  /* Call plug_get_host_fqdn() to set current_vhost (and fork, in case of
309  * multiple vhosts.) */
310  if (!current_vhost)
311  g_free (plug_get_host_fqdn (args));
312  return g_strdup (current_vhost->source);
313 }
314 
315 struct in6_addr *
317 {
318  return args->ip;
319 }
320 
321 char *
323 {
324  return addr6_as_str (plug_get_host_ip (desc));
325 }
326 
334 static const char *
336 {
337  gchar *type_str;
338 
339  switch (type)
340  {
341  case ERRMSG:
342  type_str = "ERRMSG";
343  break;
344  case HOST_START:
345  type_str = "HOST_START";
346  break;
347  case HOST_END:
348  type_str = "HOST_END";
349  break;
350  case LOG:
351  type_str = "LOG";
352  break;
353  case HOST_DETAIL:
354  type_str = "HOST_DETAIL";
355  break;
356  case ALARM:
357  type_str = "ALARM";
358  break;
359  case DEADHOST:
360  type_str = "DEADHOST";
361  break;
362  default:
363  return NULL;
364  break;
365  }
366 
367  return type_str;
368 }
369 
386 int
388 {
389  const char *original_scan_id;
390  char *current_scan_id;
391 
392  original_scan_id = get_scan_id ();
393  if (original_scan_id == NULL)
394  return -1;
395  current_scan_id = kb_item_get_str (main_kb, ("internal/scanid"));
396  if (current_scan_id == NULL)
397  return -2;
398 
399  if (!g_strcmp0 (original_scan_id, current_scan_id))
400  {
401  g_free (current_scan_id);
402  return 0;
403  }
404 
405  g_warning ("KB inconsitency. %s writing into %s KB", original_scan_id,
406  current_scan_id);
407  g_free (current_scan_id);
408  return -3;
409 }
410 
425 static int
427 {
428  char *current_scan_id;
429  kb_t kb = get_main_kb ();
430  int result = check_kb_inconsistency (kb);
431  switch (result)
432  {
433  case -3:
434  current_scan_id = kb_item_get_str (kb, ("internal/scanid"));
435  g_warning (
436  "%s: scan_id (%s) does not match global scan_id (%s); abort to "
437  "prevent data corruption",
438  __func__, current_scan_id, get_scan_id ());
439  g_free (current_scan_id);
440  _exit (1);
441  break;
442  case -1:
443  // a call without global scan id can happen in e.g. nasl-lint or
444  // openvas-nasl calls
445  break;
446  case -2:
447  g_warning (
448  "%s: No internal/scanid found; abort to prevent data corruption.",
449  __func__);
450  _exit (1);
451  break;
452  default:
453  {
454  // nothing
455  }
456  }
457  return 0;
458 }
459 
477 int
479  const char *value)
480 {
481  int result = check_kb_inconsistency_log ();
482  return result == 0 ? kb_item_push_str (kb, name, value) : -1;
483 }
484 
502 int
504  const char *value, size_t len)
505 {
506  int result = check_kb_inconsistency_log ();
507  return result == 0 ? kb_item_set_str (kb, name, value, len) : -1;
508 }
509 
527 int
529  const char *value, size_t len,
530  int pos)
531 {
532  int result = check_kb_inconsistency_log ();
533  return result == 0 ? kb_item_add_str_unique (kb, name, value, len, pos) : -1;
534 }
535 
553 int
554 kb_item_set_int_with_main_kb_check (kb_t kb, const char *name, int value)
555 {
556  int result = check_kb_inconsistency_log ();
557  return result == 0 ? kb_item_set_int (kb, name, value) : -1;
558 }
559 
577 int
578 kb_item_add_int_with_main_kb_check (kb_t kb, const char *name, int value)
579 {
580  int result = check_kb_inconsistency_log ();
581  return result == 0 ? kb_item_add_int (kb, name, value) : -1;
582 }
583 
601 int
602 kb_item_add_int_unique_with_main_kb_check (kb_t kb, const char *name, int value)
603 {
604  int result = check_kb_inconsistency_log ();
605  return result == 0 ? kb_item_add_int_unique (kb, name, value) : -1;
606 }
607 
619 static void
620 proto_post_wrapped (const char *oid, struct script_infos *desc, int port,
621  const char *proto, const char *action, msg_t msg_type,
622  const char *uri)
623 {
624  const char *hostname = "";
625  char *buffer, *data, port_s[16] = "general";
626  char ip_str[INET6_ADDRSTRLEN];
627  GError *err = NULL;
628  GString *action_str;
629  gsize length;
630 
631  /* Should not happen, just to avoid trouble stop here if no NVTI found */
632  if (!oid)
633  return;
634 
635  if (action == NULL)
636  action_str = g_string_new ("");
637  else
638  {
639  action_str = g_string_new (action);
640  g_string_append (action_str, "\n");
641  }
642 
643  if (port > 0)
644  snprintf (port_s, sizeof (port_s), "%d", port);
645  if (current_vhost)
646  hostname = current_vhost->value;
647  else if (desc->vhosts)
648  hostname = ((gvm_vhost_t *) desc->vhosts->data)->value;
649  addr6_to_str (plug_get_host_ip (desc), ip_str);
650  buffer = g_strdup_printf ("%s|||%s|||%s|||%s/%s|||%s|||%s|||%s",
651  msg_type_to_str (msg_type), ip_str,
652  hostname ? hostname : " ", port_s, proto, oid,
653  action_str->str, uri ? uri : "");
654  /* Convert to UTF-8 before sending to Manager. */
655  data = g_convert (buffer, -1, "UTF-8", "ISO_8859-1", NULL, &length, &err);
656  if (!data)
657  {
658  g_warning ("%s: Error converting to UTF-8: %s\nOriginal string: %s",
659  __func__, err->message, buffer);
660  g_free (buffer);
661  g_string_free (action_str, TRUE);
662  return;
663  }
664 
665  kb_item_push_str_with_main_kb_check (get_main_kb (), "internal/results",
666  data);
667  g_free (data);
668  g_free (buffer);
669  g_string_free (action_str, TRUE);
670 }
671 
672 void
673 proto_post_alarm (const char *oid, struct script_infos *desc, int port,
674  const char *proto, const char *action, const char *uri)
675 {
676  proto_post_wrapped (oid, desc, port, proto, action, ALARM, uri);
677 }
678 
679 void
680 post_alarm (const char *oid, struct script_infos *desc, int port,
681  const char *action, const char *uri)
682 {
683  proto_post_alarm (oid, desc, port, "tcp", action, uri);
684 }
685 
689 void
690 proto_post_log (const char *oid, struct script_infos *desc, int port,
691  const char *proto, const char *action, const char *uri)
692 {
693  proto_post_wrapped (oid, desc, port, proto, action, LOG, uri);
694 }
695 
699 void
700 post_log (const char *oid, struct script_infos *desc, int port,
701  const char *action)
702 {
703  proto_post_log (oid, desc, port, "tcp", action, NULL);
704 }
705 
709 void
710 post_log_with_uri (const char *oid, struct script_infos *desc, int port,
711  const char *action, const char *uri)
712 {
713  proto_post_log (oid, desc, port, "tcp", action, uri);
714 }
715 
716 void
717 proto_post_error (const char *oid, struct script_infos *desc, int port,
718  const char *proto, const char *action, const char *uri)
719 {
720  proto_post_wrapped (oid, desc, port, proto, action, ERRMSG, uri);
721 }
722 
723 void
724 post_error (const char *oid, struct script_infos *desc, int port,
725  const char *action, const char *uri)
726 {
727  proto_post_error (oid, desc, port, "tcp", action, uri);
728 }
729 
742 char *
743 get_plugin_preference (const char *oid, const char *name, int pref_id)
744 {
745  GHashTable *prefs;
746  GHashTableIter iter;
747  char *cname = NULL, *retval = NULL;
748  void *itername, *itervalue;
749  char prefix[1024], suffix[1024];
750 
751  prefs = preferences_get ();
752  if (!prefs || !nvticache_initialized () || !oid || (!name && pref_id < 0))
753  return NULL;
754 
755  g_hash_table_iter_init (&iter, prefs);
756 
757  if (pref_id >= 0)
758  {
759  snprintf (prefix, sizeof (prefix), "%s:%d:", oid, pref_id);
760  while (g_hash_table_iter_next (&iter, &itername, &itervalue))
761  {
762  if (g_str_has_prefix (itername, prefix))
763  {
764  retval = g_strdup (itervalue);
765  break;
766  }
767  }
768  }
769  else
770  {
771  cname = g_strdup (name);
772  g_strchomp (cname);
773  snprintf (prefix, sizeof (prefix), "%s:", oid);
774  snprintf (suffix, sizeof (suffix), ":%s", cname);
775  /* NVT preferences received in OID:PrefID:PrefType:PrefName form */
776  while (g_hash_table_iter_next (&iter, &itername, &itervalue))
777  {
778  if (g_str_has_prefix (itername, prefix)
779  && g_str_has_suffix (itername, suffix))
780  {
781  retval = g_strdup (itervalue);
782  break;
783  }
784  }
785  }
786 
787  /* If no value set by the user, get the default one. */
788  if (!retval)
789  {
790  GSList *nprefs, *tmp;
791 
792  tmp = nprefs = nvticache_get_prefs (oid);
793  while (tmp)
794  {
795  if ((cname && !strcmp (cname, nvtpref_name (tmp->data)))
796  || (pref_id >= 0 && pref_id == nvtpref_id (tmp->data)))
797  {
798  if (!strcmp (nvtpref_type (tmp->data), "radio"))
799  {
800  char **opts =
801  g_strsplit (nvtpref_default (tmp->data), ";", -1);
802 
803  retval = g_strdup (opts[0]);
804  g_strfreev (opts);
805  }
806  else
807  retval = g_strdup (nvtpref_default (tmp->data));
808 
809  break;
810  }
811  tmp = tmp->next;
812  }
813  g_slist_free_full (nprefs, (void (*) (void *)) nvtpref_free);
814  }
815  if (cname)
816  g_free (cname);
817  return retval;
818 }
819 
830 const char *
831 get_plugin_preference_fname (struct script_infos *desc, const char *filename)
832 {
833  const char *content;
834  long contentsize = 0;
835  gint tmpfile;
836  gchar *tmpfilename;
837  GError *error = NULL;
838 
839  content = get_plugin_preference_file_content (desc, filename);
840  if (content == NULL)
841  {
842  return NULL;
843  }
844  contentsize = get_plugin_preference_file_size (desc, filename);
845  if (contentsize <= 0)
846  return NULL;
847 
848  tmpfile =
849  g_file_open_tmp ("openvas-file-upload.XXXXXX", &tmpfilename, &error);
850  if (tmpfile == -1)
851  {
852  g_message ("get_plugin_preference_fname: Could not open temporary"
853  " file for %s: %s",
854  filename, error->message);
855  g_error_free (error);
856  return NULL;
857  }
858  close (tmpfile);
859 
860  if (!g_file_set_contents (tmpfilename, content, contentsize, &error))
861  {
862  g_message ("get_plugin_preference_fname: could set contents of"
863  " temporary file for %s: %s",
864  filename, error->message);
865  g_error_free (error);
866  return NULL;
867  }
868 
869  return tmpfilename;
870 }
871 
885 char *
887  const char *identifier)
888 {
889  struct scan_globals *globals = desc->globals;
890  GHashTable *trans;
891 
892  if (!globals)
893  return NULL;
894 
895  trans = globals->files_translation;
896  if (!trans)
897  return NULL;
898 
899  return g_hash_table_lookup (trans, identifier);
900 }
901 
916 long
918  const char *identifier)
919 {
920  struct scan_globals *globals = desc->globals;
921  GHashTable *trans;
922  gchar *filesize_str;
923 
924  if (!globals)
925  return -1;
926 
927  trans = globals->files_size_translation;
928  if (!trans)
929  return -1;
930 
931  filesize_str = g_hash_table_lookup (trans, identifier);
932  if (filesize_str == NULL)
933  return -1;
934 
935  return atol (filesize_str);
936 }
937 
938 void
939 plug_set_key_len (struct script_infos *args, char *name, int type,
940  const void *value, size_t len)
941 {
942  kb_t kb = plug_get_kb (args);
943  int pos = 0; // Append the item on the right position of the list
944 
945  if (name == NULL || value == NULL)
946  return;
947 
948  if (type == ARG_STRING)
949  kb_item_add_str_unique (kb, name, value, len, pos);
950  else if (type == ARG_INT)
951  kb_item_add_int_unique (kb, name, GPOINTER_TO_SIZE (value));
952  if (global_nasl_debug == 1)
953  {
954  if (type == ARG_STRING)
955  g_message ("set key %s -> %s", name, (char *) value);
956  else if (type == ARG_INT)
957  g_message ("set key %s -> %d", name, (int) GPOINTER_TO_SIZE (value));
958  }
959 }
960 
961 void
962 plug_set_key (struct script_infos *args, char *name, int type,
963  const void *value)
964 {
965  plug_set_key_len (args, name, type, value, 0);
966 }
967 
978 void
979 plug_set_key_len_volatile (struct script_infos *args, char *name, int type,
980  const void *value, int expire, size_t len)
981 {
982  kb_t kb = plug_get_kb (args);
983  int pos = 0; // Append the item on the right position of the list
984 
985  if (name == NULL || value == NULL || expire == -1)
986  return;
987 
988  if (type == ARG_STRING)
989  kb_add_str_unique_volatile (kb, name, value, expire, len, pos);
990  else if (type == ARG_INT)
991  kb_add_int_unique_volatile (kb, name, GPOINTER_TO_SIZE (value),
992  GPOINTER_TO_SIZE (expire));
993  if (global_nasl_debug == 1)
994  {
995  if (type == ARG_STRING)
996  g_message ("set volatile key %s -> %s", name, (char *) value);
997  else if (type == ARG_INT)
998  g_message ("set volatile key %s -> %d", name,
999  (int) GPOINTER_TO_SIZE (value));
1000  }
1001 }
1002 
1012 void
1013 plug_set_key_volatile (struct script_infos *args, char *name, int type,
1014  const void *value, int expire)
1015 {
1016  plug_set_key_len_volatile (args, name, type, value, expire, 0);
1017 }
1018 
1019 void
1020 plug_replace_key_len (struct script_infos *args, char *name, int type,
1021  void *value, size_t len)
1022 {
1023  kb_t kb = plug_get_kb (args);
1024 
1025  if (name == NULL || value == NULL)
1026  return;
1027 
1028  if (type == ARG_STRING)
1029  kb_item_set_str (kb, name, value, len);
1030  else if (type == ARG_INT)
1031  kb_item_set_int (kb, name, GPOINTER_TO_SIZE (value));
1032  if (global_nasl_debug == 1)
1033  {
1034  if (type == ARG_STRING)
1035  g_message ("replace key %s -> %s", name, (char *) value);
1036  else if (type == ARG_INT)
1037  g_message ("replace key %s -> %d", name,
1038  (int) GPOINTER_TO_SIZE (value));
1039  }
1040 }
1041 
1042 void
1043 plug_replace_key (struct script_infos *args, char *name, int type, void *value)
1044 {
1045  plug_replace_key_len (args, name, type, value, 0);
1046 }
1047 
1048 void
1049 scanner_add_port (struct script_infos *args, int port, char *proto)
1050 {
1051  host_add_port_proto (args, port, proto);
1052 }
1053 
1054 kb_t
1056 {
1057  return args->key;
1058 }
1059 
1060 static void
1062 {
1063  int status;
1064  (void) s;
1065 
1066  wait (&status);
1067 }
1068 
1069 static void
1070 sig_n (int signo, void (*fnc) (int))
1071 {
1072  struct sigaction sa;
1073 
1074  sa.sa_handler = fnc;
1075  sa.sa_flags = 0;
1076  sigemptyset (&sa.sa_mask);
1077  sigaction (signo, &sa, (struct sigaction *) 0);
1078 }
1079 
1088 static int
1090 {
1091  pid_t pid;
1092 
1093  // TODO change forking to official channels
1094  if ((pid = fork ()) == 0)
1095  {
1096  sig_n (SIGTERM, _exit);
1097  mqtt_reset ();
1098  kb_lnk_reset (kb);
1099  kb_lnk_reset (get_main_kb ());
1100  nvticache_reset ();
1101  srand48 (getpid () + getppid () + time (NULL));
1102  return 0;
1103  }
1104  else if (pid < 0)
1105  {
1106  g_warning ("%s(): fork() failed (%s)", __func__, strerror (errno));
1107  return -1;
1108  }
1109  else
1110  // the parent waits for the spawned process to finish to prevent DDOS on a
1111  // host when multiple vhosts got spawned
1112  waitpid (pid, NULL, 0);
1113  return 1;
1114 }
1115 
1128 void *
1129 plug_get_key (struct script_infos *args, char *name, int *type, size_t *len,
1130  int single)
1131 {
1132  kb_t kb = args->key;
1133  struct kb_item *res = NULL, *res_list;
1134 
1135  if (type != NULL && *type != KB_TYPE_INT)
1136  *type = -1;
1137 
1138  if (kb == NULL)
1139  return NULL;
1140 
1141  if (single && type != NULL && *type != KB_TYPE_INT)
1142  res = kb_item_get_single (kb, name, KB_TYPE_UNSPEC);
1143  else if (type != NULL && *type == KB_TYPE_INT)
1144  res = kb_item_get_single (kb, name, KB_TYPE_INT);
1145  else
1146  res = kb_item_get_all (kb, name);
1147 
1148  if (res == NULL)
1149  return NULL;
1150 
1151  if (!res->next) /* No fork - good */
1152  {
1153  void *ret;
1154  if (res->type == KB_TYPE_INT)
1155  {
1156  if (type != NULL)
1157  *type = KB_TYPE_INT;
1158  ret = g_memdup2 (&res->v_int, sizeof (res->v_int));
1159  }
1160  else
1161  {
1162  if (type != NULL)
1163  *type = KB_TYPE_STR;
1164  if (len)
1165  *len = res->len;
1166 
1167  ret = g_malloc0 (res->len + 1);
1168  memcpy (ret, res->v_str, res->len + 1);
1169  }
1170  kb_item_free (res);
1171  return ret;
1172  }
1173 
1174  /* More than one value - we will fork() then */
1175  sig_n (SIGCHLD, plug_get_key_sigchld);
1176  res_list = res;
1177  while (res)
1178  {
1179  int pret = plug_fork_child (kb);
1180 
1181  if (pret == 0)
1182  {
1183  /* Forked child. */
1184  void *ret;
1185 
1186  if (res->type == KB_TYPE_INT)
1187  {
1188  if (type != NULL)
1189  *type = KB_TYPE_INT;
1190  ret = g_memdup2 (&res->v_int, sizeof (res->v_int));
1191  }
1192  else
1193  {
1194  if (type != NULL)
1195  *type = KB_TYPE_STR;
1196  if (len)
1197  *len = res->len;
1198 
1199  ret = g_malloc0 (res->len + 1);
1200  memcpy (ret, res->v_str, res->len + 1);
1201  }
1202  kb_item_free (res_list);
1203  return ret;
1204  }
1205  else if (pret == -1)
1206  return NULL;
1207  res = res->next;
1208  }
1209  kb_item_free (res_list);
1210  _exit (0);
1211 }
1212 
1219 unsigned int
1221 {
1222  kb_t kb = plug_get_kb (desc);
1223  struct kb_item *res, *k;
1224  int open21 = 0, open80 = 0;
1225 #define MAX_CANDIDATES 16
1226  u_short candidates[MAX_CANDIDATES];
1227  int num_candidates = 0;
1228 
1229  k = res = kb_item_get_pattern (kb, "Ports/tcp/*");
1230  if (res == NULL)
1231  return 0;
1232  else
1233  {
1234  int ret;
1235  char *s;
1236 
1237  for (;;)
1238  {
1239  s = res->name + sizeof ("Ports/tcp/") - 1;
1240  ret = atoi (s);
1241  if (ret == 21)
1242  open21 = 1;
1243  else if (ret == 80)
1244  open80 = 1;
1245  else
1246  {
1247  candidates[num_candidates++] = ret;
1248  if (num_candidates >= MAX_CANDIDATES)
1249  break;
1250  }
1251  res = res->next;
1252  if (res == NULL)
1253  break;
1254  }
1255 
1256  kb_item_free (k);
1257  if (num_candidates != 0)
1258  return candidates[lrand48 () % num_candidates];
1259  else if (open21)
1260  return 21;
1261  else if (open80)
1262  return 80;
1263  }
1264 
1265  /* Not reachable */
1266  return 0;
1267 }
1268 
1274 void
1275 plug_set_port_transport (struct script_infos *args, int port, int tr)
1276 {
1277  char s[256];
1278 
1279  snprintf (s, sizeof (s), "Transports/TCP/%d", port);
1280  plug_set_key (args, s, ARG_INT, GSIZE_TO_POINTER (tr));
1281 }
1282 
1283 /* Return the transport encapsulation mode (OPENVAS_ENCAPS_*) for the
1284  given PORT. If no such encapsulation mode has been stored in the
1285  knowledge base (or its value is < 0), OPENVAS_ENCAPS_IP is
1286  currently returned. */
1287 int
1288 plug_get_port_transport (struct script_infos *args, int port)
1289 {
1290  char s[256];
1291  int trp;
1292 
1293  snprintf (s, sizeof (s), "Transports/TCP/%d", port);
1294  trp = kb_item_get_int (plug_get_kb (args), s);
1295  if (trp >= 0)
1296  return trp;
1297  else
1298  return OPENVAS_ENCAPS_IP; /* Change this to 0 for ultra smart SSL
1299  negotiation, at the expense of possibly
1300  breaking stuff */
1301 }
1302 
1303 static void
1304 plug_set_ssl_item (struct script_infos *args, char *item, char *itemfname)
1305 {
1306  char s[256];
1307  snprintf (s, sizeof (s), "SSL/%s", item);
1308  plug_set_key (args, s, ARG_STRING, itemfname);
1309 }
1310 
1311 void
1312 plug_set_ssl_cert (struct script_infos *args, char *cert)
1313 {
1314  plug_set_ssl_item (args, "cert", cert);
1315 }
1316 
1317 void
1318 plug_set_ssl_key (struct script_infos *args, char *key)
1319 {
1320  plug_set_ssl_item (args, "key", key);
1321 }
1322 
1323 void
1324 plug_set_ssl_pem_password (struct script_infos *args, char *key)
1325 {
1326  plug_set_ssl_item (args, "password", key);
1327 }
1328 
1333 void
1334 plug_set_ssl_CA_file (struct script_infos *args, char *key)
1335 {
1336  plug_set_ssl_item (args, "CA", key);
1337 }
post_log_with_uri
void post_log_with_uri(const char *oid, struct script_infos *desc, int port, const char *action, const char *uri)
Post a log message about a tcp port with a uri.
Definition: plugutils.c:710
check_duplicated_vhost
static int check_duplicated_vhost(struct script_infos *args, const char *hostname)
Check for duplicated vhosts before inserting a new one.
Definition: plugutils.c:164
plug_set_key_len_volatile
void plug_set_key_len_volatile(struct script_infos *args, char *name, int type, const void *value, int expire, size_t len)
Set volatile key with expire.
Definition: plugutils.c:979
script_infos::ip
struct in6_addr * ip
Definition: scanneraux.h:37
check_kb_inconsistency
int check_kb_inconsistency(kb_t main_kb)
Check if the current main kb corresponds to the original scan main kb. @description Compares the scan...
Definition: plugutils.c:387
get_scan_id
const char * get_scan_id()
Definition: scan_id.c:22
plug_set_dep
void plug_set_dep(struct script_infos *args, const char *depname)
Definition: plugutils.c:55
script_infos
Definition: scanneraux.h:29
plug_get_host_source
char * plug_get_host_source(struct script_infos *args, const char *hostname)
Definition: plugutils.c:288
host_get_port_state
int host_get_port_state(struct script_infos *plugdata, int portnum)
Definition: plugutils.c:144
plug_get_port_transport
int plug_get_port_transport(struct script_infos *args, int port)
Definition: plugutils.c:1288
plug_replace_key
void plug_replace_key(struct script_infos *args, char *name, int type, void *value)
Definition: plugutils.c:1043
plug_get_key
void * plug_get_key(struct script_infos *args, char *name, int *type, size_t *len, int single)
Get values from a kb under the given key name.
Definition: plugutils.c:1129
OPENVAS_ENCAPS_IP
@ OPENVAS_ENCAPS_IP
Definition: network.h:31
plug_get_host_ip
struct in6_addr * plug_get_host_ip(struct script_infos *args)
Definition: plugutils.c:316
scan_globals::files_size_translation
GHashTable * files_size_translation
Definition: scanneraux.h:21
plug_get_kb
kb_t plug_get_kb(struct script_infos *args)
Definition: plugutils.c:1055
plug_fork_child
static int plug_fork_child(kb_t)
Spawns a new child process. Setups everything that is needed for a new process. Child must be handled...
Definition: plugutils.c:1089
script_infos::key
kb_t key
Definition: scanneraux.h:32
msg_type_to_str
static const char * msg_type_to_str(msg_t type)
Return string representation of the given msg_t.
Definition: plugutils.c:335
main_kb
kb_t main_kb
Definition: kb_cache.c:15
plug_get_host_fqdn
char * plug_get_host_fqdn(struct script_infos *args)
Definition: plugutils.c:242
plug_set_ssl_key
void plug_set_ssl_key(struct script_infos *args, char *key)
Definition: plugutils.c:1318
script_infos::nvti
nvti_t * nvti
Definition: scanneraux.h:33
plug_set_ssl_CA_file
void plug_set_ssl_CA_file(struct script_infos *args, char *key)
Definition: plugutils.c:1334
HOST_START
@ HOST_START
Definition: plugutils.h:78
get_plugin_preference_file_content
char * get_plugin_preference_file_content(struct script_infos *desc, const char *identifier)
Get the file contents of a plugins preference that is of type "file".
Definition: plugutils.c:886
plug_replace_key_len
void plug_replace_key_len(struct script_infos *args, char *name, int type, void *value, size_t len)
Definition: plugutils.c:1020
post_log
void post_log(const char *oid, struct script_infos *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:700
host_add_port_proto
static void host_add_port_proto(struct script_infos *args, int portnum, char *proto)
Definition: plugutils.c:75
proto_post_wrapped
static void proto_post_wrapped(const char *oid, struct script_infos *desc, int port, const char *proto, const char *action, msg_t msg_type, const char *uri)
Post a security message (e.g. LOG, NOTE, WARNING ...).
Definition: plugutils.c:620
name
const char * name
Definition: nasl_init.c:411
ERRMSG
@ ERRMSG
Definition: plugutils.h:77
plug_add_host_fqdn
int plug_add_host_fqdn(struct script_infos *args, const char *hostname, const char *source)
Definition: plugutils.c:208
LOG
@ LOG
Definition: plugutils.h:80
plug_current_vhost
const char * plug_current_vhost(void)
Definition: plugutils.c:47
plug_set_key_len
void plug_set_key_len(struct script_infos *args, char *name, int type, const void *value, size_t len)
Definition: plugutils.c:939
scan_globals::files_translation
GHashTable * files_translation
Definition: scanneraux.h:20
kb_item_add_int_with_main_kb_check
int kb_item_add_int_with_main_kb_check(kb_t kb, const char *name, int value)
Check if the current kb corresponds to the original scanid, if it matches it call kb_item_add_int....
Definition: plugutils.c:578
sig_n
static void sig_n(int signo, void(*fnc)(int))
Definition: plugutils.c:1070
oid
const char * oid
Definition: nasl_builtin_find_service.c:51
kb_get_port_state_proto
int kb_get_port_state_proto(kb_t kb, int portnum, char *proto)
Definition: plugutils.c:100
plug_get_host_open_port
unsigned int plug_get_host_open_port(struct script_infos *desc)
Definition: plugutils.c:1220
proto_post_error
void proto_post_error(const char *oid, struct script_infos *desc, int port, const char *proto, const char *action, const char *uri)
Definition: plugutils.c:717
kb_item_set_str_with_main_kb_check
int kb_item_set_str_with_main_kb_check(kb_t kb, const char *name, const char *value, size_t len)
Check if the current kb corresponds to the original scanid, if it matches it call kb_item_set_str....
Definition: plugutils.c:503
script_infos::globals
struct scan_globals * globals
Definition: scanneraux.h:30
plug_set_key_volatile
void plug_set_key_volatile(struct script_infos *args, char *name, int type, const void *value, int expire)
Set volatile key with expire.
Definition: plugutils.c:1013
plug_set_port_transport
void plug_set_port_transport(struct script_infos *args, int port, int tr)
Definition: plugutils.c:1275
host_get_port_state_proto
static int host_get_port_state_proto(struct script_infos *args, int portnum, char *proto)
Definition: plugutils.c:138
current_vhost
gvm_vhost_t * current_vhost
Definition: plugutils.c:43
support.h
Support macros for special platforms.
pid
static pid_t pid
Definition: nasl_cmd_exec.c:39
host_get_port_state_udp
int host_get_port_state_udp(struct script_infos *plugdata, int portnum)
Definition: plugutils.c:150
plug_get_key_sigchld
static void plug_get_key_sigchld(int s)
Definition: plugutils.c:1061
kb_item_set_int_with_main_kb_check
int kb_item_set_int_with_main_kb_check(kb_t kb, const char *name, int value)
Check if the current kb corresponds to the original scanid, if it matches it call kb_item_set_int....
Definition: plugutils.c:554
len
uint8_t len
Definition: nasl_packet_forgery.c:1
get_plugin_preference
char * get_plugin_preference(const char *oid, const char *name, int pref_id)
Get the a plugins preference.
Definition: plugutils.c:743
HOST_END
@ HOST_END
Definition: plugutils.h:79
msg_t
msg_t
Definition: plugutils.h:76
post_error
void post_error(const char *oid, struct script_infos *desc, int port, const char *action, const char *uri)
Definition: plugutils.c:724
scanner_add_port
void scanner_add_port(struct script_infos *args, int port, char *proto)
Definition: plugutils.c:1049
prefix
static void prefix(int n, int i)
Definition: nasl_tree.c:222
scan_globals
Definition: scanneraux.h:19
post_alarm
void post_alarm(const char *oid, struct script_infos *desc, int port, const char *action, const char *uri)
Definition: plugutils.c:680
unscanned_ports_as_closed
static int unscanned_ports_as_closed(port_protocol_t ptype)
Report state of preferences "unscanned_closed".
Definition: plugutils.c:88
kb_cache.h
Header file to cache main_kb.
host_kb
static kb_t host_kb
Definition: attack.c:289
HOST_DETAIL
@ HOST_DETAIL
Definition: plugutils.h:81
kb_item_add_str_unique_with_main_kb_check
int kb_item_add_str_unique_with_main_kb_check(kb_t kb, const char *name, const char *value, size_t len, int pos)
Check if the current kb corresponds to the original scanid, if it matches it call kb_item_add_str_uni...
Definition: plugutils.c:528
scan_id.h
get_plugin_preference_fname
const char * get_plugin_preference_fname(struct script_infos *desc, const char *filename)
Get the file name of a plugins preference that is of type "file".
Definition: plugutils.c:831
check_kb_inconsistency_log
static int check_kb_inconsistency_log(void)
calls check_kb_inconsistency and logs as debug when local scan_id is missing.
Definition: plugutils.c:426
proto_post_log
void proto_post_log(const char *oid, struct script_infos *desc, int port, const char *proto, const char *action, const char *uri)
Post a log message.
Definition: plugutils.c:690
ARG_INT
#define ARG_INT
Definition: plugutils.h:20
script_infos::vhosts
GSList * vhosts
Definition: scanneraux.h:38
DEADHOST
@ DEADHOST
Definition: plugutils.h:83
hostname
const char * hostname
Definition: pluginlaunch.c:68
network.h
Header file for module network.
ALARM
@ ALARM
Definition: plugutils.h:82
plug_set_ssl_cert
void plug_set_ssl_cert(struct script_infos *args, char *cert)
Definition: plugutils.c:1312
plug_set_ssl_pem_password
void plug_set_ssl_pem_password(struct script_infos *args, char *key)
Definition: plugutils.c:1324
global_nasl_debug
int global_nasl_debug
Definition: plugutils.c:38
plug_set_key
void plug_set_key(struct script_infos *args, char *name, int type, const void *value)
Definition: plugutils.c:962
proto_post_alarm
void proto_post_alarm(const char *oid, struct script_infos *desc, int port, const char *proto, const char *action, const char *uri)
Definition: plugutils.c:673
get_plugin_preference_file_size
long get_plugin_preference_file_size(struct script_infos *desc, const char *identifier)
Get the file size of a plugins preference that is of type "file".
Definition: plugutils.c:917
plugutils.h
Header file for module plugutils.
kb_item_push_str_with_main_kb_check
int kb_item_push_str_with_main_kb_check(kb_t kb, const char *name, const char *value)
Check if the current kb corresponds to the original scanid, if it matches it kb_item_push_str....
Definition: plugutils.c:478
get_main_kb
kb_t get_main_kb(void)
gets the main_kb. @description returns the previously set main_kb; when asserts are enabled it will a...
Definition: kb_cache.c:41
plug_set_ssl_item
static void plug_set_ssl_item(struct script_infos *args, char *item, char *itemfname)
Definition: plugutils.c:1304
plug_get_host_ip_str
char * plug_get_host_ip_str(struct script_infos *desc)
Definition: plugutils.c:322
plug_get_host_fqdn_list
GSList * plug_get_host_fqdn_list(struct script_infos *args)
Definition: plugutils.c:270
ARG_STRING
#define ARG_STRING
Definition: plugutils.h:19
length
u_short length
Definition: nasl_packet_forgery.c:4
MAX_CANDIDATES
#define MAX_CANDIDATES
kb_item_add_int_unique_with_main_kb_check
int kb_item_add_int_unique_with_main_kb_check(kb_t kb, const char *name, int value)
Check if the current kb corresponds to the original scanid, if it matches it call kb_item_add_int_uni...
Definition: plugutils.c:602