13#include "../base/hosts.h"
14#include "../util/serverutils.h"
17#include <gnutls/gnutls.h>
22#include <sys/socket.h>
30#define G_LOG_DOMAIN "libgvm osp"
127 const
char *cert, const
char *key)
131 if (host && *host ==
'/')
133 struct sockaddr_un addr;
136 if (strlen (host) >=
sizeof (addr.sun_path))
138 g_warning (
"%s: given host / socket path too long (%zu > %zu bytes)",
139 __func__, strlen (host),
sizeof (addr.sun_path) - 1);
143 connection = g_malloc0 (
sizeof (*connection));
144 connection->
socket = socket (AF_UNIX, SOCK_STREAM, 0);
145 if (connection->
socket == -1)
151 addr.sun_family = AF_UNIX;
152 memset (addr.sun_path, 0, sizeof (addr.sun_path));
153 memcpy (addr.sun_path, host, strlen (host));
154 #pragma GCC diagnostic push
155 #pragma GCC diagnostic ignored "-Wstringop-overread"
156 len = strlen (addr.sun_path) +
sizeof (addr.sun_family);
157 #pragma GCC diagnostic pop
158 if (connect (connection->
socket, (
struct sockaddr *) &addr, len) == -1)
160 close (connection->
socket);
167 if (port <= 0 || port > 65535)
171 if (!cert || !key || !cacert)
174 connection = g_malloc0 (
sizeof (*connection));
176 &connection->
session, host, port, cacert, cert, key);
178 if (connection->
socket == -1)
184 connection->
host = g_strdup (host);
185 connection->
port = port;
200 const char *fmt, ...)
207 if (!connection || !fmt || !response)
210 if (*connection->
host ==
'/')
244 const char *fmt, ...)
255 if (!connection || !fmt)
258 if (*connection->
host ==
'/')
298 if (*connection->
host ==
'/')
299 close (connection->
socket);
302 g_free (connection->
host);
322 int *self_test_exit_error,
char **self_test_error_msg,
325 entity_t entity, feed, lockfile_entity, exit_error_entity, error_msg_entity;
326 const char *status, *status_text;
336 if (status != NULL && !strcmp (status,
"400"))
339 g_debug (
"%s: %s - %s.", __func__, status, status_text);
341 *cmd_error = g_strdup (status_text);
349 g_warning (
"%s: element FEED missing.", __func__);
354 lockfile_entity =
entity_child (feed,
"lockfile_in_use");
355 exit_error_entity =
entity_child (feed,
"self_test_exit_error");
356 error_msg_entity =
entity_child (feed,
"self_test_error_msg");
361 *lockfile_in_use = atoi (
entity_text (lockfile_entity));
364 g_warning (
"%s: element LOCKFILE_IN_USE missing.", __func__);
365 *lockfile_in_use = -1;
369 if (self_test_exit_error)
371 if (exit_error_entity)
372 *self_test_exit_error = atoi (
entity_text (exit_error_entity));
375 g_warning (
"%s: element SELF_TEST_EXIT_ERROR missing.", __func__);
376 *self_test_exit_error = -1;
380 if (self_test_error_msg)
382 if (self_test_error_msg)
385 *self_test_error_msg = g_strdup (
entity_text (error_msg_entity));
387 *self_test_error_msg = NULL;
391 g_warning (
"%s: element SELF_TEST_ERROR_MSG missing.", __func__);
392 *self_test_error_msg = NULL;
415 char **d_name,
char **d_version,
char **p_name,
428 goto err_get_version;
431 goto err_get_version;
436 goto err_get_version;
442 goto err_get_version;
445 goto err_get_version;
450 goto err_get_version;
456 goto err_get_version;
459 goto err_get_version;
464 goto err_get_version;
472 g_warning (
"Erroneous OSP <get_version/> response.");
504 const char *status, *status_text;
517 if (status != NULL && !strcmp (status,
"400"))
520 g_debug (
"%s: %s - %s.", __func__, status, status_text);
522 *error = g_strdup (status_text);
530 g_warning (
"%s: element VTS missing.", __func__);
538 *vts_version = g_strdup (version);
558 char **feed_name,
char **feed_vendor,
char **feed_home,
562 const char *version, *name, *vendor, *home;
563 const char *status, *status_text;
576 if (status != NULL && !strcmp (status,
"400"))
579 g_debug (
"%s: %s - %s.", __func__, status, status_text);
581 *error = g_strdup (status_text);
589 g_warning (
"%s: element VTS missing.", __func__);
600 *vts_version = version ? g_strdup (version) : NULL;
602 *feed_name = name ? g_strdup (name) : NULL;
604 *feed_vendor = vendor ? g_strdup (vendor) : NULL;
606 *feed_home = home ? g_strdup (home) : NULL;
739 if (strcmp (status,
"200"))
768 *error = g_strdup (
"Couldn't send get_performance command "
769 "to scanner. Not valid connection");
776 || opts.
start > now || opts.
end < 0 || opts.
end > now)
779 *error = g_strdup (
"Couldn't send get_performance command "
780 "to scanner. Bad or missing parameters.");
785 "<get_performance start='%d' "
786 "end='%d' titles='%s'/>",
792 *error = g_strdup (
"Couldn't send get_performance command to scanner");
804 *error = g_strdup (text);
833 *error = g_strdup (
"Couldn't send get_scans command "
834 "to scanner. Not valid connection");
840 "<get_scans scan_id='%s'"
842 " pop_results='0'/>",
848 *error = g_strdup (
"Couldn't send get_scans command to scanner");
859 *error = g_strdup (text);
895 char **report_xml,
int details,
int pop_results,
char **error)
904 *error = g_strdup (
"Couldn't send get_scan command "
905 "to scanner. Not valid connection");
910 "<get_scans scan_id='%s'"
912 " pop_results='%d'/>",
913 scan_id, pop_results ? 1 : 0, details ? 1 : 0);
917 *error = g_strdup (
"Couldn't send get_scans command to scanner");
928 *error = g_strdup (text);
937 string = g_string_new (
"");
939 *report_xml = g_string_free (
string, FALSE);
958 char **report_xml,
int details,
char **error)
960 return osp_get_scan_pop (connection, scan_id, report_xml, details, 0, error);
981 *error = g_strdup (
"Couldn't send stop_scan command "
982 "to scanner. Not valid connection");
991 *error = g_strdup (
"Couldn't send stop_scan command to scanner");
1007 *error = g_strdup (text);
1024 char *options_str, *tmp, *key_escaped, *value_escaped;
1026 options_str = *(
char **) pstr;
1028 key_escaped = g_markup_escape_text ((
char *) key, -1);
1029 value_escaped = g_markup_escape_text ((
char *) value, -1);
1030 tmp = g_strdup_printf (
"%s<%s>%s</%s>", options_str ? options_str :
"",
1031 key_escaped, value_escaped, key_escaped);
1033 g_free (options_str);
1034 g_free (key_escaped);
1035 g_free (value_escaped);
1036 *(
char **) pstr = tmp;
1053 const char *ports, GHashTable *options,
const char *scan_id,
1057 char *options_str = NULL;
1064 *error = g_strdup (
"Couldn't send start_scan command "
1065 "to scanner. Not valid connection");
1075 "<start_scan target='%s' ports='%s' scan_id='%s'>"
1076 "<scanner_params>%s</scanner_params></start_scan>",
1077 target, ports ? ports :
"", scan_id ? scan_id :
"",
1078 options_str ? options_str :
"");
1079 g_free (options_str);
1083 *error = g_strdup (
"Couldn't send start_scan command to scanner");
1099 *error = g_strdup (text);
1116 GHashTableIter auth_data_iter;
1117 gchar *auth_data_name, *auth_data_value;
1120 "<credential type=\"%s\" service=\"%s\" port=\"%s\">",
1121 credential->
type ? credential->
type :
"",
1123 credential->
port ? credential->
port :
"");
1125 g_hash_table_iter_init (&auth_data_iter, credential->
auth_data);
1126 while (g_hash_table_iter_next (&auth_data_iter, (gpointer *) &auth_data_name,
1127 (gpointer *) &auth_data_value))
1130 auth_data_value, auth_data_name);
1149 "<exclude_hosts>%s</exclude_hosts>"
1150 "<finished_hosts>%s</finished_hosts>"
1151 "<ports>%s</ports>",
1163 else if (target->
icmp == TRUE || target->
tcp_syn == TRUE
1164 || target->
tcp_ack == TRUE || target->
arp == TRUE
1168 "<alive_test_methods>"
1170 "<tcp_syn>%d</tcp_syn>"
1171 "<tcp_ack>%d</tcp_ack>"
1173 "<consider_alive>%d</consider_alive>"
1174 "</alive_test_methods>",
1181 "<reverse_lookup_unify>%d</reverse_lookup_unify>",
1185 "<reverse_lookup_only>%d</reverse_lookup_only>",
1190 g_string_append (xml_string,
"<credentials>");
1193 g_string_append (xml_string,
"</credentials>");
1222 id ?
id :
"", value ? value :
"");
1253 gchar *scanner_params_xml = NULL;
1260 char filename[] =
"/tmp/osp-cmd-XXXXXX";
1266 *error = g_strdup (
"Couldn't send start_scan command "
1267 "to scanner. Not valid connection");
1271 fd = mkstemp (filename);
1272 FILE *file = fdopen (fd,
"w");
1274 xml = g_string_sized_new (10240);
1275 g_string_append (xml,
"<start_scan");
1278 g_string_append (xml,
"<targets>");
1280 g_string_append (xml,
"</targets>");
1282 g_string_append (xml,
"<scanner_params>");
1285 scanner_params_xml = NULL;
1287 &scanner_params_xml);
1288 if (scanner_params_xml)
1289 g_string_append (xml, scanner_params_xml);
1290 g_free (scanner_params_xml);
1292 g_string_append (xml,
"</scanner_params>");
1294 g_string_append (xml,
"<vt_selection>");
1297 fprintf (file,
"%s", xml->str);
1299 g_string_free (xml, TRUE);
1301 xml = g_string_new (
"");
1302 list_item = opts.
vts;
1309 list_item = list_item->next;
1311 if (list_count == 1000)
1313 fprintf (file,
"%s", xml->str);
1315 g_string_free (xml, TRUE);
1316 xml = g_string_new (
"");
1321 g_string_append (xml,
"</vt_selection>");
1322 g_string_append (xml,
"</start_scan>");
1324 fprintf (file,
"%s", xml->str);
1327 g_string_free (xml, TRUE);
1329 g_file_get_contents (filename, &cmd, NULL, NULL);
1339 *error = g_strdup (
"Could not send start_scan command to scanner");
1355 *error = g_strdup (text);
1377 if (!strcmp (str,
"integer"))
1379 else if (!strcmp (str,
"string"))
1381 else if (!strcmp (str,
"password"))
1383 else if (!strcmp (str,
"file"))
1385 else if (!strcmp (str,
"boolean"))
1387 else if (!strcmp (str,
"ovaldef_file"))
1389 else if (!strcmp (str,
"selection"))
1391 else if (!strcmp (str,
"credential_up"))
1422 return "ovaldef_file";
1426 return "credential_up";
1447 assert (connection);
1464 child = entities->data;
1476 *params = g_slist_append (*params, param);
1588 g_free (param->
name);
1589 g_free (param->
desc);
1590 g_free (param->
def);
1610 new_credential->
type = type ? g_strdup (type) : NULL;
1611 new_credential->
service = service ? g_strdup (service) : NULL;
1612 new_credential->
port = port ? g_strdup (port) : NULL;
1614 g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free);
1616 return new_credential;
1630 g_free (credential->
type);
1632 g_free (credential->
port);
1633 g_hash_table_destroy (credential->
auth_data);
1634 g_free (credential);
1648 if (credential == NULL || name == NULL)
1650 return g_hash_table_lookup (credential->
auth_data, name);
1664 if (credential == NULL || name == NULL)
1667 if (g_regex_match_simple (
"^[[:alpha:]][[:alnum:]_]*$", name, 0, 0))
1670 g_hash_table_replace (credential->
auth_data, g_strdup (name),
1673 g_hash_table_remove (credential->
auth_data, name);
1677 g_warning (
"%s: Invalid auth data name: %s", __func__, name);
1695 int alive_test,
int reverse_lookup_unify,
1696 int reverse_lookup_only)
1701 new_target->
exclude_hosts = exclude_hosts ? g_strdup (exclude_hosts) : NULL;
1702 new_target->
hosts = hosts ? g_strdup (hosts) : NULL;
1703 new_target->
ports = ports ? g_strdup (ports) : NULL;
1705 new_target->
alive_test = alive_test ? alive_test : 0;
1707 reverse_lookup_unify ? reverse_lookup_unify : 0;
1709 reverse_lookup_only ? reverse_lookup_only : 0;
1724 target->
finished_hosts = finished_hosts ? g_strdup (finished_hosts) : NULL;
1740 g_free (target->
hosts);
1741 g_free (target->
ports);
1757 gboolean tcp_syn, gboolean tcp_ack,
1758 gboolean arp, gboolean consider_alive)
1763 target->
icmp = icmp;
1779 if (!target || !credential)
1798 new_vt_group->
filter = filter ? g_strdup (filter) : NULL;
1800 return new_vt_group;
1814 g_free (vt_group->
filter);
1831 new_vt_single->
vt_id = vt_id ? g_strdup (vt_id) : NULL;
1833 g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free);
1835 return new_vt_single;
1849 g_hash_table_destroy (vt_single->
vt_values);
1851 g_free (vt_single->
vt_id);
1867 g_hash_table_replace (vt_single->
vt_values, g_strdup (name),
int gvm_get_host_type(const gchar *str_stripped)
Determines the host type in a buffer.
int osp_check_feed(osp_connection_t *connection, int *lockfile_in_use, int *self_test_exit_error, char **self_test_error_msg, char **cmd_error)
Gets additional status info about the feed.
void osp_credential_set_auth_data(osp_credential_t *credential, const char *name, const char *value)
Get authentication data from an OSP credential.
void osp_connection_close(osp_connection_t *connection)
Close a connection to an OSP server.
void osp_credential_free(osp_credential_t *credential)
Free an OSP credential.
int osp_get_vts_ext_str(osp_connection_t *connection, osp_get_vts_opts_t opts, gchar **str)
Get filtered set of VTs from an OSP server.
static int osp_send_command(osp_connection_t *, entity_t *, static intosp_send_command_str(osp_connection_t const char *,...)
int osp_start_scan_ext(osp_connection_t *connection, osp_start_scan_opts_t opts, char **error)
Start an OSP scan against a target.
void osp_vt_group_free(osp_vt_group_t *vt_group)
Free a OSP VT group.
void osp_target_add_alive_test_methods(osp_target_t *target, gboolean icmp, gboolean tcp_syn, gboolean tcp_ack, gboolean arp, gboolean consider_alive)
Add alive test methods to OSP target.
osp_vt_group_t * osp_vt_group_new(const char *filter)
Create a new OSP VT group.
int osp_get_vts_feed_info(osp_connection_t *connection, char **vts_version, char **feed_name, char **feed_vendor, char **feed_home, char **error)
Get the VTs version as well as other feed info from an OSP server.
void osp_target_set_finished_hosts(osp_target_t *target, const char *finished_hosts)
Set the finished hosts of an OSP target.
static osp_param_type_t osp_param_str_to_type(const char *str)
Get an OSP parameter's type from its string format.
int osp_get_vts(osp_connection_t *connection, entity_t *vts)
Get all VTs from an OSP server.
int osp_get_scanner_details(osp_connection_t *connection, char **desc, GSList **params)
Get an OSP scanner's details.
static void credential_append_as_xml(osp_credential_t *credential, GString *xml_string)
Concatenate a credential as XML.
const char * osp_param_desc(const osp_param_t *param)
Get an OSP parameter's description.
void osp_target_add_credential(osp_target_t *target, osp_credential_t *credential)
Add a credential to an OSP target.
int osp_delete_scan(osp_connection_t *connection, const char *scan_id)
Delete a scan from an OSP server.
void osp_target_free(osp_target_t *target)
Free an OSP target, including all added credentials.
int osp_get_vts_ext(osp_connection_t *connection, osp_get_vts_opts_t opts, entity_t *vts)
Get filtered set of VTs from an OSP server.
void osp_vt_single_add_value(osp_vt_single_t *vt_single, const char *name, const char *value)
Add a preference value to an OSP VT. This creates a copy of the name and value.
static void vt_single_append_as_xml(osp_vt_single_t *vt_single, GString *xml_string)
Append single VTs as XML to a string buffer.
osp_vt_single_t * osp_vt_single_new(const char *vt_id)
Create a new single OSP VT.
int osp_get_scan(osp_connection_t *connection, const char *scan_id, char **report_xml, int details, char **error)
Get a scan from an OSP server.
int osp_get_scan_pop(osp_connection_t *connection, const char *scan_id, char **report_xml, int details, int pop_results, char **error)
Get a scan from an OSP server, optionally removing the results.
static void vt_value_append_as_xml(gpointer id, gchar *value, GString *xml_string)
Append VT values as XML to a string buffer.
int osp_start_scan(osp_connection_t *connection, const char *target, const char *ports, GHashTable *options, const char *scan_id, char **error)
Start an OSP scan against a target.
static void target_append_as_xml(osp_target_t *target, GString *xml_string)
Concatenate a target as XML.
static void vt_group_append_as_xml(osp_vt_group_t *vt_group, GString *xml_string)
Append VT groups as XML to a string buffer.
void osp_vt_single_free(osp_vt_single_t *vt_single)
Free a single OSP VT, including all preference values.
static void option_concat_as_xml(gpointer key, gpointer value, gpointer pstr)
Concatenate options as xml.
osp_credential_t * osp_credential_new(const char *type, const char *service, const char *port)
Allocate and initialize a new OSP credential.
osp_param_t * osp_param_new(void)
Create a new OSP parameter.
osp_target_t * osp_target_new(const char *hosts, const char *ports, const char *exclude_hosts, int alive_test, int reverse_lookup_unify, int reverse_lookup_only)
Create a new OSP target.
int osp_get_version(osp_connection_t *connection, char **s_name, char **s_version, char **d_name, char **d_version, char **p_name, char **p_version)
Get the scanner version from an OSP server.
const gchar * osp_credential_get_auth_data(osp_credential_t *credential, const char *name)
Get authentication data from an OSP credential.
const char * osp_param_type_str(const osp_param_t *param)
Get an OSP parameter in string format form its type.
static int osp_send_command_str(osp_connection_t *connection, gchar **str, const char *fmt,...)
Send a command to an OSP server.
int osp_stop_scan(osp_connection_t *connection, const char *scan_id, char **error)
Stop a scan on an OSP server.
int osp_get_performance_ext(osp_connection_t *connection, osp_get_performance_opts_t opts, char **graph, char **error)
Get performance graphics from an OSP server.
const char * osp_param_name(const osp_param_t *param)
Get an OSP parameter's name.
int osp_param_mandatory(const osp_param_t *param)
Get an OSP parameter's mandatory value.
void osp_param_free(osp_param_t *param)
Free an OSP parameter.
int osp_get_vts_version(osp_connection_t *connection, char **vts_version, char **error)
Get the VTs version from an OSP server.
osp_scan_status_t osp_get_scan_status_ext(osp_connection_t *connection, osp_get_scan_status_opts_t opts, char **error)
Get a scan status from an OSP server.
const char * osp_param_id(const osp_param_t *param)
Get an OSP parameter's id.
const char * osp_param_default(const osp_param_t *param)
Get an OSP parameter's default value.
API for Open Scanner Protocol communication.
static const osp_get_vts_opts_t osp_get_vts_opts_default
Sensible default values for osp_get_vts_opts_t.
osp_scan_status_t
OSP scan status.
@ OSP_SCAN_STATUS_STOPPED
@ OSP_SCAN_STATUS_INTERRUPTED
@ OSP_SCAN_STATUS_FINISHED
@ OSP_SCAN_STATUS_RUNNING
osp_connection_t * osp_connection_new(const char *, int, const char *, const char *, const char *)
osp_param_type_t
OSP parameter types.
@ OSP_PARAM_TYPE_SELECTION
@ OSP_PARAM_TYPE_PASSWORD
@ OSP_PARAM_TYPE_OVALDEF_FILE
int gvm_server_open_with_cert(gnutls_session_t *session, const char *host, int port, const char *ca_mem, const char *pub_mem, const char *priv_mem)
Connect to the server using a given host, port and cert.
int gvm_server_vsendf(gnutls_session_t *session, const char *fmt, va_list ap)
Send a string to the server.
int gvm_server_close(int socket, gnutls_session_t session)
Close a server connection and its socket.
int gvm_socket_vsendf(int socket, const char *fmt, va_list ap)
Send a string to the server.
entities_t entities
Children.
int tls
Whether uses TCP-TLS (vs UNIX socket).
gchar * host_string
Server host string.
gnutls_session_t session
Session.
Struct holding options for OSP connection.
Struct credential information for OSP.
const char * scan_id
UUID of the scan which get the status from.
char * filter
the filter to apply for a vt sub-selection.
int version_only
if get only feed info or the vt collection
Struct holding options for OSP parameters.
GSList * targets
Target hosts to scan.
GSList * vts
Single VTs to use for the scan.
GSList * vt_groups
VT groups to use for the scan.
GHashTable * scanner_params
Table of scanner parameters.
const char * scan_id
UUID to set for scan, null otherwise.
Struct holding target information.
Struct holding vt_group information.
Struct holding vt_group information.
const char * entity_attribute(entity_t entity, const char *name)
Get an attribute of an entity.
char * entity_text(entity_t entity)
Get the text an entity.
int read_entity(gnutls_session_t *session, entity_t *entity)
Read an XML entity tree from the manager.
entities_t next_entities(entities_t entities)
Return all the entities from an entities_t after the first.
void free_entity(entity_t entity)
Free an entity, recursively.
int read_text_c(gvm_connection_t *connection, char **text)
Read text from the server.
entity_t entity_child(entity_t entity, const char *name)
Get a child of an entity.
int read_entity_s(int socket, entity_t *entity)
Read an XML entity tree from the socket.
void xml_string_append(GString *xml, const char *format,...)
Append formatted escaped XML to a string.
void print_entity_to_string(entity_t entity, GString *string)
Print an XML entity tree to a GString, appending it if string is not.
GSList * entities_t
Entities.
1.9.6