OpenVAS Scanner 22.7.9
plugutils.c
Go to the documentation of this file.
1/* SPDX-FileCopyrightText: 2023 Greenbone AG
2 * SPDX-FileCopyrightText: 1998-2003 Renaud Deraison
3 *
4 * SPDX-License-Identifier: GPL-2.0-or-later
5 */
6
12#include "plugutils.h"
13
14#include "kb_cache.h" // for get_main_kb
15#include "network.h" // for OPENVAS_ENCAPS_IP
16#include "scan_id.h"
17#include "support.h" // for g_memdup2 workaround
18
19#include <errno.h> // for errno
20#include <gvm/base/hosts.h> // for g_vhost_t
21#include <gvm/base/networking.h> // for port_protocol_t
22#include <gvm/base/prefs.h> // for prefs_get_bool
23#include <gvm/util/mqtt.h> // for mqtt_reset
24#include <gvm/util/nvticache.h> // for nvticache_initialized
25#include <stdio.h> // for snprintf
26#include <stdlib.h> // for exit
27#include <string.h> // for strcmp
28#include <sys/wait.h> // for wait
29#include <unistd.h> // for fork
30
31#undef G_LOG_DOMAIN
35#define G_LOG_DOMAIN "lib misc"
36
37/* Used to allow debugging for openvas-nasl */
38int global_nasl_debug = 0;
39
40/* In case of multiple vhosts fork, this holds the value of the current vhost
41 * we're scanning.
42 */
43gvm_vhost_t *current_vhost = NULL;
44
45/* @brief: Return the currently scanned vhost. */
46const char *
47plug_current_vhost (void)
48{
49 return current_vhost->value;
50}
51
52static int plug_fork_child (kb_t);
53
54void
55plug_set_dep (struct script_infos *args, const char *depname)
56{
57 nvti_t *n = args->nvti;
58 gchar *old = nvti_dependencies (n);
59 gchar *new;
60
61 if (!depname)
62 return;
63
64 if (old)
65 {
66 new = g_strdup_printf ("%s, %s", old, depname);
67 nvti_set_dependencies (n, new);
68 g_free (new);
69 }
70 else
71 nvti_set_dependencies (n, depname);
72}
73
74static void
75host_add_port_proto (struct script_infos *args, int portnum, char *proto)
76{
77 char port_s[255];
78 snprintf (port_s, sizeof (port_s), "Ports/%s/%d", proto, portnum);
79 plug_set_key (args, port_s, ARG_INT, (void *) 1);
80}
81
87static int
88unscanned_ports_as_closed (port_protocol_t ptype)
89{
90 if (ptype == PORT_PROTOCOL_UDP)
91 return (prefs_get_bool ("unscanned_closed_udp") ? 0 : 1);
92
93 return (prefs_get_bool ("unscanned_closed") ? 0 : 1);
94}
95
99int
100kb_get_port_state_proto (kb_t kb, int portnum, char *proto)
101{
102 char port_s[255], *kbstr;
103 const char *prange = prefs_get ("port_range");
104 port_protocol_t port_type;
105 array_t *port_ranges;
106
107 if (!proto)
108 proto = "tcp";
109 if (!strcmp (proto, "udp"))
110 {
111 port_type = PORT_PROTOCOL_UDP;
112 kbstr = "Host/udp_scanned";
113 }
114 else
115 {
116 port_type = PORT_PROTOCOL_TCP;
117 kbstr = "Host/scanned";
118 }
119
120 /* Check that we actually scanned the port */
121 if (kb_item_get_int (kb, kbstr) <= 0)
122 return unscanned_ports_as_closed (port_type);
123
124 port_ranges = port_range_ranges (prange);
125 if (!port_in_port_ranges (portnum, port_type, port_ranges))
126 {
127 array_free (port_ranges);
128 return unscanned_ports_as_closed (port_type);
129 }
130 array_free (port_ranges);
131
132 /* Ok, we scanned it. What is its state ? */
133 snprintf (port_s, sizeof (port_s), "Ports/%s/%d", proto, portnum);
134 return kb_item_get_int (kb, port_s) > 0;
135}
136
137static int
138host_get_port_state_proto (struct script_infos *args, int portnum, char *proto)
139{
140 return kb_get_port_state_proto (args->key, portnum, proto);
141}
142
143int
144host_get_port_state (struct script_infos *plugdata, int portnum)
145{
146 return (host_get_port_state_proto (plugdata, portnum, "tcp"));
147}
148
149int
150host_get_port_state_udp (struct script_infos *plugdata, int portnum)
151{
152 return (host_get_port_state_proto (plugdata, portnum, "udp"));
153}
154
163static int
164check_duplicated_vhost (struct script_infos *args, const char *hostname)
165{
166 GSList *vhosts = NULL;
167 kb_t host_kb = NULL;
168 struct kb_item *current_vhosts = NULL;
169
170 /* Check for duplicate vhost value in args. */
171 vhosts = args->vhosts;
172 while (vhosts)
173 {
174 gvm_vhost_t *tmp = vhosts->data;
175
176 if (!strcmp (tmp->value, hostname))
177 {
178 g_warning ("%s: Value '%s' exists already", __func__, hostname);
179 return -1;
180 }
181 vhosts = vhosts->next;
182 }
183
184 /* Check for duplicate vhost value already added by other forked child of the
185 * same plugin. */
186 host_kb = args->key;
187 current_vhosts = kb_item_get_all (host_kb, "internal/vhosts");
188 if (!current_vhosts)
189 return 0;
190
191 while (current_vhosts)
192 {
193 if (!strcmp (current_vhosts->v_str, hostname))
194 {
195 g_warning ("%s: Value '%s' exists already", __func__, hostname);
196 kb_item_free (current_vhosts);
197
198 return -1;
199 }
200 current_vhosts = current_vhosts->next;
201 }
202
203 kb_item_free (current_vhosts);
204 return 0;
205}
206
207int
208plug_add_host_fqdn (struct script_infos *args, const char *hostname,
209 const char *source)
210{
211 gvm_vhost_t *vhost;
212 char **excluded;
213
214 if (!prefs_get_bool ("expand_vhosts") || !hostname || !source)
215 return -1;
216
217 if (check_duplicated_vhost (args, hostname))
218 return -1;
219
220 /* Check for excluded vhost value. */
221 if (prefs_get ("exclude_hosts"))
222 {
223 char **tmp = excluded = g_strsplit (prefs_get ("exclude_hosts"), ",", 0);
224
225 while (*tmp)
226 {
227 if (!strcmp (g_strstrip (*tmp), hostname))
228 {
229 g_strfreev (excluded);
230 return -1;
231 }
232 tmp++;
233 }
234 g_strfreev (excluded);
235 }
236 vhost = gvm_vhost_new (g_strdup (hostname), g_strdup (source));
237 args->vhosts = g_slist_prepend (args->vhosts, vhost);
238 return 0;
239}
240
241char *
242plug_get_host_fqdn (struct script_infos *args)
243{
244 GSList *vhosts = args->vhosts;
245
246 if (!args->vhosts)
247 return addr6_as_str (args->ip);
248
249 /* Workaround for rapid growth of forked processes ie. http_get() calls
250 * within foreach() loops. */
251 if (current_vhost)
252 return g_strdup (current_vhost->value);
253 while (vhosts)
254 {
255 int ret = plug_fork_child (args->key);
256
257 if (ret == 0)
258 {
259 current_vhost = vhosts->data;
260 return g_strdup (current_vhost->value);
261 }
262 else if (ret == -1)
263 return NULL;
264 vhosts = vhosts->next;
265 }
266 _exit (0);
267}
268
269GSList *
270plug_get_host_fqdn_list (struct script_infos *args)
271{
272 GSList *results = NULL, *vhosts = args->vhosts;
273
274 if (!args->vhosts)
275 results = g_slist_prepend (results, addr6_as_str (args->ip));
276
277 while (vhosts)
278 {
279 gvm_vhost_t *vhost = vhosts->data;
280
281 results = g_slist_prepend (results, g_strdup (vhost->value));
282 vhosts = vhosts->next;
283 }
284 return results;
285}
286
287char *
288plug_get_host_source (struct script_infos *args, const char *hostname)
289{
290 if (!args->vhosts)
291 return g_strdup ("IP-address");
292
293 if (hostname)
294 {
295 GSList *vhosts = args->vhosts;
296
297 /* Search for source of specified hostname/vhost. */
298 while (vhosts)
299 {
300 gvm_vhost_t *vhost = vhosts->data;
301
302 if (!strcmp (vhost->value, hostname))
303 return g_strdup (vhost->source);
304 vhosts = vhosts->next;
305 }
306 return NULL;
307 }
308 /* Call plug_get_host_fqdn() to set current_vhost (and fork, in case of
309 * multiple vhosts.) */
310 if (!current_vhost)
311 g_free (plug_get_host_fqdn (args));
312 return g_strdup (current_vhost->source);
313}
314
315struct in6_addr *
316plug_get_host_ip (struct script_infos *args)
317{
318 return args->ip;
319}
320
321char *
322plug_get_host_ip_str (struct script_infos *desc)
323{
324 return addr6_as_str (plug_get_host_ip (desc));
325}
326
334static const char *
335msg_type_to_str (msg_t type)
336{
337 gchar *type_str;
338
339 switch (type)
340 {
341 case ERRMSG:
342 type_str = "ERRMSG";
343 break;
344 case HOST_START:
345 type_str = "HOST_START";
346 break;
347 case HOST_END:
348 type_str = "HOST_END";
349 break;
350 case LOG:
351 type_str = "LOG";
352 break;
353 case HOST_DETAIL:
354 type_str = "HOST_DETAIL";
355 break;
356 case ALARM:
357 type_str = "ALARM";
358 break;
359 case DEADHOST:
360 type_str = "DEADHOST";
361 break;
362 default:
363 return NULL;
364 break;
365 }
366
367 return type_str;
368}
369
386int
387check_kb_inconsistency (kb_t main_kb)
388{
389 const char *original_scan_id;
390 char *current_scan_id;
391
392 original_scan_id = get_scan_id ();
393 if (original_scan_id == NULL)
394 return -1;
395 current_scan_id = kb_item_get_str (main_kb, ("internal/scanid"));
396 if (current_scan_id == NULL)
397 return -2;
398
399 if (!g_strcmp0 (original_scan_id, current_scan_id))
400 {
401 g_free (current_scan_id);
402 return 0;
403 }
404
405 g_warning ("KB inconsitency. %s writing into %s KB", original_scan_id,
406 current_scan_id);
407 g_free (current_scan_id);
408 return -3;
409}
410
425static int
426check_kb_inconsistency_log (void)
427{
428 char *current_scan_id;
429 kb_t kb = get_main_kb ();
430 int result = check_kb_inconsistency (kb);
431 switch (result)
432 {
433 case -3:
434 current_scan_id = kb_item_get_str (kb, ("internal/scanid"));
435 g_warning (
436 "%s: scan_id (%s) does not match global scan_id (%s); abort to "
437 "prevent data corruption",
438 __func__, current_scan_id, get_scan_id ());
439 g_free (current_scan_id);
440 _exit (1);
441 break;
442 case -1:
443 // a call without global scan id can happen in e.g. nasl-lint or
444 // openvas-nasl calls
445 break;
446 case -2:
447 g_warning (
448 "%s: No internal/scanid found; abort to prevent data corruption.",
449 __func__);
450 _exit (1);
451 break;
452 default:
453 {
454 // nothing
455 }
456 }
457 return 0;
458}
459
477int
478kb_item_push_str_with_main_kb_check (kb_t kb, const char *name,
479 const char *value)
480{
481 int result = check_kb_inconsistency_log ();
482 return result == 0 ? kb_item_push_str (kb, name, value) : -1;
483}
484
502int
503kb_item_set_str_with_main_kb_check (kb_t kb, const char *name,
504 const char *value, size_t len)
505{
506 int result = check_kb_inconsistency_log ();
507 return result == 0 ? kb_item_set_str (kb, name, value, len) : -1;
508}
509
527int
528kb_item_add_str_unique_with_main_kb_check (kb_t kb, const char *name,
529 const char *value, size_t len,
530 int pos)
531{
532 int result = check_kb_inconsistency_log ();
533 return result == 0 ? kb_item_add_str_unique (kb, name, value, len, pos) : -1;
534}
535
553int
554kb_item_set_int_with_main_kb_check (kb_t kb, const char *name, int value)
555{
556 int result = check_kb_inconsistency_log ();
557 return result == 0 ? kb_item_set_int (kb, name, value) : -1;
558}
559
577int
578kb_item_add_int_with_main_kb_check (kb_t kb, const char *name, int value)
579{
580 int result = check_kb_inconsistency_log ();
581 return result == 0 ? kb_item_add_int (kb, name, value) : -1;
582}
583
601int
602kb_item_add_int_unique_with_main_kb_check (kb_t kb, const char *name, int value)
603{
604 int result = check_kb_inconsistency_log ();
605 return result == 0 ? kb_item_add_int_unique (kb, name, value) : -1;
606}
607
619static void
620proto_post_wrapped (const char *oid, struct script_infos *desc, int port,
621 const char *proto, const char *action, msg_t msg_type,
622 const char *uri)
623{
624 const char *hostname = "";
625 char *buffer, *data, port_s[16] = "general";
626 char ip_str[INET6_ADDRSTRLEN];
627 GError *err = NULL;
628 GString *action_str;
629 gsize length;
630
631 /* Should not happen, just to avoid trouble stop here if no NVTI found */
632 if (!oid)
633 return;
634
635 if (action == NULL)
636 action_str = g_string_new ("");
637 else
638 {
639 action_str = g_string_new (action);
640 g_string_append (action_str, "\n");
641 }
642
643 if (port > 0)
644 snprintf (port_s, sizeof (port_s), "%d", port);
645 if (current_vhost)
646 hostname = current_vhost->value;
647 else if (desc->vhosts)
648 hostname = ((gvm_vhost_t *) desc->vhosts->data)->value;
649 addr6_to_str (plug_get_host_ip (desc), ip_str);
650 buffer = g_strdup_printf ("%s|||%s|||%s|||%s/%s|||%s|||%s|||%s",
651 msg_type_to_str (msg_type), ip_str,
652 hostname ? hostname : " ", port_s, proto, oid,
653 action_str->str, uri ? uri : "");
654 /* Convert to UTF-8 before sending to Manager. */
655 data = g_convert (buffer, -1, "UTF-8", "ISO_8859-1", NULL, &length, &err);
656 if (!data)
657 {
658 g_warning ("%s: Error converting to UTF-8: %s\nOriginal string: %s",
659 __func__, err->message, buffer);
660 g_free (buffer);
661 g_string_free (action_str, TRUE);
662 return;
663 }
664
665 kb_item_push_str_with_main_kb_check (get_main_kb (), "internal/results",
666 data);
667 g_free (data);
668 g_free (buffer);
669 g_string_free (action_str, TRUE);
670}
671
672void
673proto_post_alarm (const char *oid, struct script_infos *desc, int port,
674 const char *proto, const char *action, const char *uri)
675{
676 proto_post_wrapped (oid, desc, port, proto, action, ALARM, uri);
677}
678
679void
680post_alarm (const char *oid, struct script_infos *desc, int port,
681 const char *action, const char *uri)
682{
683 proto_post_alarm (oid, desc, port, "tcp", action, uri);
684}
685
689void
690proto_post_log (const char *oid, struct script_infos *desc, int port,
691 const char *proto, const char *action, const char *uri)
692{
693 proto_post_wrapped (oid, desc, port, proto, action, LOG, uri);
694}
695
699void
700post_log (const char *oid, struct script_infos *desc, int port,
701 const char *action)
702{
703 proto_post_log (oid, desc, port, "tcp", action, NULL);
704}
705
709void
710post_log_with_uri (const char *oid, struct script_infos *desc, int port,
711 const char *action, const char *uri)
712{
713 proto_post_log (oid, desc, port, "tcp", action, uri);
714}
715
716void
717proto_post_error (const char *oid, struct script_infos *desc, int port,
718 const char *proto, const char *action, const char *uri)
719{
720 proto_post_wrapped (oid, desc, port, proto, action, ERRMSG, uri);
721}
722
723void
724post_error (const char *oid, struct script_infos *desc, int port,
725 const char *action, const char *uri)
726{
727 proto_post_error (oid, desc, port, "tcp", action, uri);
728}
729
742char *
743get_plugin_preference (const char *oid, const char *name, int pref_id)
744{
745 GHashTable *prefs;
746 GHashTableIter iter;
747 char *cname = NULL, *retval = NULL;
748 void *itername, *itervalue;
749 char prefix[1024], suffix[1024];
750
751 prefs = preferences_get ();
752 if (!prefs || !nvticache_initialized () || !oid || (!name && pref_id < 0))
753 return NULL;
754
755 g_hash_table_iter_init (&iter, prefs);
756
757 if (pref_id >= 0)
758 {
759 snprintf (prefix, sizeof (prefix), "%s:%d:", oid, pref_id);
760 while (g_hash_table_iter_next (&iter, &itername, &itervalue))
761 {
762 if (g_str_has_prefix (itername, prefix))
763 {
764 retval = g_strdup (itervalue);
765 break;
766 }
767 }
768 }
769 else
770 {
771 cname = g_strdup (name);
772 g_strchomp (cname);
773 snprintf (prefix, sizeof (prefix), "%s:", oid);
774 snprintf (suffix, sizeof (suffix), ":%s", cname);
775 /* NVT preferences received in OID:PrefID:PrefType:PrefName form */
776 while (g_hash_table_iter_next (&iter, &itername, &itervalue))
777 {
778 if (g_str_has_prefix (itername, prefix)
779 && g_str_has_suffix (itername, suffix))
780 {
781 retval = g_strdup (itervalue);
782 break;
783 }
784 }
785 }
786
787 /* If no value set by the user, get the default one. */
788 if (!retval)
789 {
790 GSList *nprefs, *tmp;
791
792 tmp = nprefs = nvticache_get_prefs (oid);
793 while (tmp)
794 {
795 if ((cname && !strcmp (cname, nvtpref_name (tmp->data)))
796 || (pref_id >= 0 && pref_id == nvtpref_id (tmp->data)))
797 {
798 if (!strcmp (nvtpref_type (tmp->data), "radio"))
799 {
800 char **opts =
801 g_strsplit (nvtpref_default (tmp->data), ";", -1);
802
803 retval = g_strdup (opts[0]);
804 g_strfreev (opts);
805 }
806 else
807 retval = g_strdup (nvtpref_default (tmp->data));
808
809 break;
810 }
811 tmp = tmp->next;
812 }
813 g_slist_free_full (nprefs, (void (*) (void *)) nvtpref_free);
814 }
815 if (cname)
816 g_free (cname);
817 return retval;
818}
819
830const char *
831get_plugin_preference_fname (struct script_infos *desc, const char *filename)
832{
833 const char *content;
834 long contentsize = 0;
835 gint tmpfile;
836 gchar *tmpfilename;
837 GError *error = NULL;
838
839 content = get_plugin_preference_file_content (desc, filename);
840 if (content == NULL)
841 {
842 return NULL;
843 }
844 contentsize = get_plugin_preference_file_size (desc, filename);
845 if (contentsize <= 0)
846 return NULL;
847
848 tmpfile =
849 g_file_open_tmp ("openvas-file-upload.XXXXXX", &tmpfilename, &error);
850 if (tmpfile == -1)
851 {
852 g_message ("get_plugin_preference_fname: Could not open temporary"
853 " file for %s: %s",
854 filename, error->message);
855 g_error_free (error);
856 return NULL;
857 }
858 close (tmpfile);
859
860 if (!g_file_set_contents (tmpfilename, content, contentsize, &error))
861 {
862 g_message ("get_plugin_preference_fname: could set contents of"
863 " temporary file for %s: %s",
864 filename, error->message);
865 g_error_free (error);
866 return NULL;
867 }
868
869 return tmpfilename;
870}
871
885char *
886get_plugin_preference_file_content (struct script_infos *desc,
887 const char *identifier)
888{
889 struct scan_globals *globals = desc->globals;
890 GHashTable *trans;
891
892 if (!globals)
893 return NULL;
894
895 trans = globals->files_translation;
896 if (!trans)
897 return NULL;
898
899 return g_hash_table_lookup (trans, identifier);
900}
901
916long
917get_plugin_preference_file_size (struct script_infos *desc,
918 const char *identifier)
919{
920 struct scan_globals *globals = desc->globals;
921 GHashTable *trans;
922 gchar *filesize_str;
923
924 if (!globals)
925 return -1;
926
927 trans = globals->files_size_translation;
928 if (!trans)
929 return -1;
930
931 filesize_str = g_hash_table_lookup (trans, identifier);
932 if (filesize_str == NULL)
933 return -1;
934
935 return atol (filesize_str);
936}
937
938void
939plug_set_key_len (struct script_infos *args, char *name, int type,
940 const void *value, size_t len)
941{
942 kb_t kb = plug_get_kb (args);
943 int pos = 0; // Append the item on the right position of the list
944
945 if (name == NULL || value == NULL)
946 return;
947
948 if (type == ARG_STRING)
949 kb_item_add_str_unique (kb, name, value, len, pos);
950 else if (type == ARG_INT)
951 kb_item_add_int_unique (kb, name, GPOINTER_TO_SIZE (value));
952 if (global_nasl_debug == 1)
953 {
954 if (type == ARG_STRING)
955 g_message ("set key %s -> %s", name, (char *) value);
956 else if (type == ARG_INT)
957 g_message ("set key %s -> %d", name, (int) GPOINTER_TO_SIZE (value));
958 }
959}
960
961void
962plug_set_key (struct script_infos *args, char *name, int type,
963 const void *value)
964{
965 plug_set_key_len (args, name, type, value, 0);
966}
967
978void
979plug_set_key_len_volatile (struct script_infos *args, char *name, int type,
980 const void *value, int expire, size_t len)
981{
982 kb_t kb = plug_get_kb (args);
983 int pos = 0; // Append the item on the right position of the list
984
985 if (name == NULL || value == NULL || expire == -1)
986 return;
987
988 if (type == ARG_STRING)
989 kb_add_str_unique_volatile (kb, name, value, expire, len, pos);
990 else if (type == ARG_INT)
991 kb_add_int_unique_volatile (kb, name, GPOINTER_TO_SIZE (value),
992 GPOINTER_TO_SIZE (expire));
993 if (global_nasl_debug == 1)
994 {
995 if (type == ARG_STRING)
996 g_message ("set volatile key %s -> %s", name, (char *) value);
997 else if (type == ARG_INT)
998 g_message ("set volatile key %s -> %d", name,
999 (int) GPOINTER_TO_SIZE (value));
1000 }
1001}
1002
1012void
1013plug_set_key_volatile (struct script_infos *args, char *name, int type,
1014 const void *value, int expire)
1015{
1016 plug_set_key_len_volatile (args, name, type, value, expire, 0);
1017}
1018
1019void
1020plug_replace_key_len (struct script_infos *args, char *name, int type,
1021 void *value, size_t len)
1022{
1023 kb_t kb = plug_get_kb (args);
1024
1025 if (name == NULL || value == NULL)
1026 return;
1027
1028 if (type == ARG_STRING)
1029 kb_item_set_str (kb, name, value, len);
1030 else if (type == ARG_INT)
1031 kb_item_set_int (kb, name, GPOINTER_TO_SIZE (value));
1032 if (global_nasl_debug == 1)
1033 {
1034 if (type == ARG_STRING)
1035 g_message ("replace key %s -> %s", name, (char *) value);
1036 else if (type == ARG_INT)
1037 g_message ("replace key %s -> %d", name,
1038 (int) GPOINTER_TO_SIZE (value));
1039 }
1040}
1041
1042void
1043plug_replace_key (struct script_infos *args, char *name, int type, void *value)
1044{
1045 plug_replace_key_len (args, name, type, value, 0);
1046}
1047
1048void
1049scanner_add_port (struct script_infos *args, int port, char *proto)
1050{
1051 host_add_port_proto (args, port, proto);
1052}
1053
1054kb_t
1055plug_get_kb (struct script_infos *args)
1056{
1057 return args->key;
1058}
1059
1060static void
1061plug_get_key_sigchld (int s)
1062{
1063 int status;
1064 (void) s;
1065
1066 wait (&status);
1067}
1068
1069static void
1070sig_n (int signo, void (*fnc) (int))
1071{
1072 struct sigaction sa;
1073
1074 sa.sa_handler = fnc;
1075 sa.sa_flags = 0;
1076 sigemptyset (&sa.sa_mask);
1077 sigaction (signo, &sa, (struct sigaction *) 0);
1078}
1079
1088static int
1089plug_fork_child (kb_t kb)
1090{
1091 pid_t pid;
1092
1093 // TODO change forking to official channels
1094 if ((pid = fork ()) == 0)
1095 {
1096 sig_n (SIGTERM, _exit);
1097 mqtt_reset ();
1098 kb_lnk_reset (kb);
1099 kb_lnk_reset (get_main_kb ());
1100 nvticache_reset ();
1101 srand48 (getpid () + getppid () + time (NULL));
1102 return 0;
1103 }
1104 else if (pid < 0)
1105 {
1106 g_warning ("%s(): fork() failed (%s)", __func__, strerror (errno));
1107 return -1;
1108 }
1109 else
1110 // the parent waits for the spawned process to finish to prevent DDOS on a
1111 // host when multiple vhosts got spawned
1112 waitpid (pid, NULL, 0);
1113 return 1;
1114}
1115
1128void *
1129plug_get_key (struct script_infos *args, char *name, int *type, size_t *len,
1130 int single)
1131{
1132 kb_t kb = args->key;
1133 struct kb_item *res = NULL, *res_list;
1134
1135 if (type != NULL && *type != KB_TYPE_INT)
1136 *type = -1;
1137
1138 if (kb == NULL)
1139 return NULL;
1140
1141 if (single && type != NULL && *type != KB_TYPE_INT)
1142 res = kb_item_get_single (kb, name, KB_TYPE_UNSPEC);
1143 else if (type != NULL && *type == KB_TYPE_INT)
1144 res = kb_item_get_single (kb, name, KB_TYPE_INT);
1145 else
1146 res = kb_item_get_all (kb, name);
1147
1148 if (res == NULL)
1149 return NULL;
1150
1151 if (!res->next) /* No fork - good */
1152 {
1153 void *ret;
1154 if (res->type == KB_TYPE_INT)
1155 {
1156 if (type != NULL)
1157 *type = KB_TYPE_INT;
1158 ret = g_memdup2 (&res->v_int, sizeof (res->v_int));
1159 }
1160 else
1161 {
1162 if (type != NULL)
1163 *type = KB_TYPE_STR;
1164 if (len)
1165 *len = res->len;
1166
1167 ret = g_malloc0 (res->len + 1);
1168 memcpy (ret, res->v_str, res->len + 1);
1169 }
1170 kb_item_free (res);
1171 return ret;
1172 }
1173
1174 /* More than one value - we will fork() then */
1175 sig_n (SIGCHLD, plug_get_key_sigchld);
1176 res_list = res;
1177 while (res)
1178 {
1179 int pret = plug_fork_child (kb);
1180
1181 if (pret == 0)
1182 {
1183 /* Forked child. */
1184 void *ret;
1185
1186 if (res->type == KB_TYPE_INT)
1187 {
1188 if (type != NULL)
1189 *type = KB_TYPE_INT;
1190 ret = g_memdup2 (&res->v_int, sizeof (res->v_int));
1191 }
1192 else
1193 {
1194 if (type != NULL)
1195 *type = KB_TYPE_STR;
1196 if (len)
1197 *len = res->len;
1198
1199 ret = g_malloc0 (res->len + 1);
1200 memcpy (ret, res->v_str, res->len + 1);
1201 }
1202 kb_item_free (res_list);
1203 return ret;
1204 }
1205 else if (pret == -1)
1206 return NULL;
1207 res = res->next;
1208 }
1209 kb_item_free (res_list);
1210 _exit (0);
1211}
1212
1219unsigned int
1220plug_get_host_open_port (struct script_infos *desc)
1221{
1222 kb_t kb = plug_get_kb (desc);
1223 struct kb_item *res, *k;
1224 int open21 = 0, open80 = 0;
1225#define MAX_CANDIDATES 16
1226 u_short candidates[MAX_CANDIDATES];
1227 int num_candidates = 0;
1228
1229 k = res = kb_item_get_pattern (kb, "Ports/tcp/*");
1230 if (res == NULL)
1231 return 0;
1232 else
1233 {
1234 int ret;
1235 char *s;
1236
1237 for (;;)
1238 {
1239 s = res->name + sizeof ("Ports/tcp/") - 1;
1240 ret = atoi (s);
1241 if (ret == 21)
1242 open21 = 1;
1243 else if (ret == 80)
1244 open80 = 1;
1245 else
1246 {
1247 candidates[num_candidates++] = ret;
1248 if (num_candidates >= MAX_CANDIDATES)
1249 break;
1250 }
1251 res = res->next;
1252 if (res == NULL)
1253 break;
1254 }
1255
1256 kb_item_free (k);
1257 if (num_candidates != 0)
1258 return candidates[lrand48 () % num_candidates];
1259 else if (open21)
1260 return 21;
1261 else if (open80)
1262 return 80;
1263 }
1264
1265 /* Not reachable */
1266 return 0;
1267}
1268
1274void
1275plug_set_port_transport (struct script_infos *args, int port, int tr)
1276{
1277 char s[256];
1278
1279 snprintf (s, sizeof (s), "Transports/TCP/%d", port);
1280 plug_set_key (args, s, ARG_INT, GSIZE_TO_POINTER (tr));
1281}
1282
1283/* Return the transport encapsulation mode (OPENVAS_ENCAPS_*) for the
1284 given PORT. If no such encapsulation mode has been stored in the
1285 knowledge base (or its value is < 0), OPENVAS_ENCAPS_IP is
1286 currently returned. */
1287int
1288plug_get_port_transport (struct script_infos *args, int port)
1289{
1290 char s[256];
1291 int trp;
1292
1293 snprintf (s, sizeof (s), "Transports/TCP/%d", port);
1294 trp = kb_item_get_int (plug_get_kb (args), s);
1295 if (trp >= 0)
1296 return trp;
1297 else
1298 return OPENVAS_ENCAPS_IP; /* Change this to 0 for ultra smart SSL
1299 negotiation, at the expense of possibly
1300 breaking stuff */
1301}
1302
1303static void
1304plug_set_ssl_item (struct script_infos *args, char *item, char *itemfname)
1305{
1306 char s[256];
1307 snprintf (s, sizeof (s), "SSL/%s", item);
1308 plug_set_key (args, s, ARG_STRING, itemfname);
1309}
1310
1311void
1312plug_set_ssl_cert (struct script_infos *args, char *cert)
1313{
1314 plug_set_ssl_item (args, "cert", cert);
1315}
1316
1317void
1318plug_set_ssl_key (struct script_infos *args, char *key)
1319{
1320 plug_set_ssl_item (args, "key", key);
1321}
1322
1323void
1324plug_set_ssl_pem_password (struct script_infos *args, char *key)
1325{
1326 plug_set_ssl_item (args, "password", key);
1327}
1328
1333void
1334plug_set_ssl_CA_file (struct script_infos *args, char *key)
1335{
1336 plug_set_ssl_item (args, "CA", key);
1337}
host_kb
static kb_t host_kb
Definition: attack.c:289
get_main_kb
kb_t get_main_kb(void)
gets the main_kb. @description returns the previously set main_kb; when asserts are enabled it will a...
Definition: kb_cache.c:41
main_kb
kb_t main_kb
Definition: kb_cache.c:15
kb_cache.h
Header file to cache main_kb.
oid
const char * oid
Definition: nasl_builtin_find_service.c:51
pid
static pid_t pid
Definition: nasl_cmd_exec.c:39
name
const char * name
Definition: nasl_init.c:411
len
uint8_t len
Definition: nasl_packet_forgery.c:1
length
u_short length
Definition: nasl_packet_forgery.c:4
prefix
static void prefix(int n, int i)
Definition: nasl_tree.c:222
network.h
Header file for module network.
OPENVAS_ENCAPS_IP
@ OPENVAS_ENCAPS_IP
Definition: network.h:31
hostname
const char * hostname
Definition: pluginlaunch.c:68
plug_replace_key_len
void plug_replace_key_len(struct script_infos *args, char *name, int type, void *value, size_t len)
Definition: plugutils.c:1020
kb_item_set_str_with_main_kb_check
int kb_item_set_str_with_main_kb_check(kb_t kb, const char *name, const char *value, size_t len)
Check if the current kb corresponds to the original scanid, if it matches it call kb_item_set_str....
Definition: plugutils.c:503
check_duplicated_vhost
static int check_duplicated_vhost(struct script_infos *args, const char *hostname)
Check for duplicated vhosts before inserting a new one.
Definition: plugutils.c:164
post_alarm
void post_alarm(const char *oid, struct script_infos *desc, int port, const char *action, const char *uri)
Definition: plugutils.c:680
plug_set_key_volatile
void plug_set_key_volatile(struct script_infos *args, char *name, int type, const void *value, int expire)
Set volatile key with expire.
Definition: plugutils.c:1013
host_get_port_state_udp
int host_get_port_state_udp(struct script_infos *plugdata, int portnum)
Definition: plugutils.c:150
host_get_port_state_proto
static int host_get_port_state_proto(struct script_infos *args, int portnum, char *proto)
Definition: plugutils.c:138
host_get_port_state
int host_get_port_state(struct script_infos *plugdata, int portnum)
Definition: plugutils.c:144
plug_fork_child
static int plug_fork_child(kb_t)
Spawns a new child process. Setups everything that is needed for a new process. Child must be handled...
Definition: plugutils.c:1089
scanner_add_port
void scanner_add_port(struct script_infos *args, int port, char *proto)
Definition: plugutils.c:1049
proto_post_alarm
void proto_post_alarm(const char *oid, struct script_infos *desc, int port, const char *proto, const char *action, const char *uri)
Definition: plugutils.c:673
global_nasl_debug
int global_nasl_debug
Definition: plugutils.c:38
plug_set_ssl_cert
void plug_set_ssl_cert(struct script_infos *args, char *cert)
Definition: plugutils.c:1312
plug_set_ssl_CA_file
void plug_set_ssl_CA_file(struct script_infos *args, char *key)
Definition: plugutils.c:1334
plug_set_key_len
void plug_set_key_len(struct script_infos *args, char *name, int type, const void *value, size_t len)
Definition: plugutils.c:939
plug_set_dep
void plug_set_dep(struct script_infos *args, const char *depname)
Definition: plugutils.c:55
check_kb_inconsistency_log
static int check_kb_inconsistency_log(void)
calls check_kb_inconsistency and logs as debug when local scan_id is missing.
Definition: plugutils.c:426
MAX_CANDIDATES
#define MAX_CANDIDATES
plug_get_port_transport
int plug_get_port_transport(struct script_infos *args, int port)
Definition: plugutils.c:1288
plug_get_host_open_port
unsigned int plug_get_host_open_port(struct script_infos *desc)
Definition: plugutils.c:1220
proto_post_error
void proto_post_error(const char *oid, struct script_infos *desc, int port, const char *proto, const char *action, const char *uri)
Definition: plugutils.c:717
kb_get_port_state_proto
int kb_get_port_state_proto(kb_t kb, int portnum, char *proto)
Definition: plugutils.c:100
kb_item_add_str_unique_with_main_kb_check
int kb_item_add_str_unique_with_main_kb_check(kb_t kb, const char *name, const char *value, size_t len, int pos)
Check if the current kb corresponds to the original scanid, if it matches it call kb_item_add_str_uni...
Definition: plugutils.c:528
proto_post_log
void proto_post_log(const char *oid, struct script_infos *desc, int port, const char *proto, const char *action, const char *uri)
Post a log message.
Definition: plugutils.c:690
plug_set_key_len_volatile
void plug_set_key_len_volatile(struct script_infos *args, char *name, int type, const void *value, int expire, size_t len)
Set volatile key with expire.
Definition: plugutils.c:979
plug_current_vhost
const char * plug_current_vhost(void)
Definition: plugutils.c:47
msg_type_to_str
static const char * msg_type_to_str(msg_t type)
Return string representation of the given msg_t.
Definition: plugutils.c:335
plug_set_port_transport
void plug_set_port_transport(struct script_infos *args, int port, int tr)
Definition: plugutils.c:1275
host_add_port_proto
static void host_add_port_proto(struct script_infos *args, int portnum, char *proto)
Definition: plugutils.c:75
plug_get_host_fqdn_list
GSList * plug_get_host_fqdn_list(struct script_infos *args)
Definition: plugutils.c:270
plug_replace_key
void plug_replace_key(struct script_infos *args, char *name, int type, void *value)
Definition: plugutils.c:1043
plug_get_host_source
char * plug_get_host_source(struct script_infos *args, const char *hostname)
Definition: plugutils.c:288
kb_item_add_int_with_main_kb_check
int kb_item_add_int_with_main_kb_check(kb_t kb, const char *name, int value)
Check if the current kb corresponds to the original scanid, if it matches it call kb_item_add_int....
Definition: plugutils.c:578
plug_get_host_fqdn
char * plug_get_host_fqdn(struct script_infos *args)
Definition: plugutils.c:242
plug_set_ssl_item
static void plug_set_ssl_item(struct script_infos *args, char *item, char *itemfname)
Definition: plugutils.c:1304
get_plugin_preference
char * get_plugin_preference(const char *oid, const char *name, int pref_id)
Get the a plugins preference.
Definition: plugutils.c:743
kb_item_push_str_with_main_kb_check
int kb_item_push_str_with_main_kb_check(kb_t kb, const char *name, const char *value)
Check if the current kb corresponds to the original scanid, if it matches it kb_item_push_str....
Definition: plugutils.c:478
unscanned_ports_as_closed
static int unscanned_ports_as_closed(port_protocol_t ptype)
Report state of preferences "unscanned_closed".
Definition: plugutils.c:88
sig_n
static void sig_n(int signo, void(*fnc)(int))
Definition: plugutils.c:1070
kb_item_add_int_unique_with_main_kb_check
int kb_item_add_int_unique_with_main_kb_check(kb_t kb, const char *name, int value)
Check if the current kb corresponds to the original scanid, if it matches it call kb_item_add_int_uni...
Definition: plugutils.c:602
proto_post_wrapped
static void proto_post_wrapped(const char *oid, struct script_infos *desc, int port, const char *proto, const char *action, msg_t msg_type, const char *uri)
Post a security message (e.g. LOG, NOTE, WARNING ...).
Definition: plugutils.c:620
post_error
void post_error(const char *oid, struct script_infos *desc, int port, const char *action, const char *uri)
Definition: plugutils.c:724
plug_get_host_ip_str
char * plug_get_host_ip_str(struct script_infos *desc)
Definition: plugutils.c:322
plug_set_ssl_key
void plug_set_ssl_key(struct script_infos *args, char *key)
Definition: plugutils.c:1318
plug_set_key
void plug_set_key(struct script_infos *args, char *name, int type, const void *value)
Definition: plugutils.c:962
plug_add_host_fqdn
int plug_add_host_fqdn(struct script_infos *args, const char *hostname, const char *source)
Definition: plugutils.c:208
plug_get_key
void * plug_get_key(struct script_infos *args, char *name, int *type, size_t *len, int single)
Get values from a kb under the given key name.
Definition: plugutils.c:1129
get_plugin_preference_fname
const char * get_plugin_preference_fname(struct script_infos *desc, const char *filename)
Get the file name of a plugins preference that is of type "file".
Definition: plugutils.c:831
check_kb_inconsistency
int check_kb_inconsistency(kb_t main_kb)
Check if the current main kb corresponds to the original scan main kb. @description Compares the scan...
Definition: plugutils.c:387
plug_get_host_ip
struct in6_addr * plug_get_host_ip(struct script_infos *args)
Definition: plugutils.c:316
current_vhost
gvm_vhost_t * current_vhost
Definition: plugutils.c:43
kb_item_set_int_with_main_kb_check
int kb_item_set_int_with_main_kb_check(kb_t kb, const char *name, int value)
Check if the current kb corresponds to the original scanid, if it matches it call kb_item_set_int....
Definition: plugutils.c:554
plug_set_ssl_pem_password
void plug_set_ssl_pem_password(struct script_infos *args, char *key)
Definition: plugutils.c:1324
plug_get_key_sigchld
static void plug_get_key_sigchld(int s)
Definition: plugutils.c:1061
post_log_with_uri
void post_log_with_uri(const char *oid, struct script_infos *desc, int port, const char *action, const char *uri)
Post a log message about a tcp port with a uri.
Definition: plugutils.c:710
get_plugin_preference_file_content
char * get_plugin_preference_file_content(struct script_infos *desc, const char *identifier)
Get the file contents of a plugins preference that is of type "file".
Definition: plugutils.c:886
post_log
void post_log(const char *oid, struct script_infos *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:700
plug_get_kb
kb_t plug_get_kb(struct script_infos *args)
Definition: plugutils.c:1055
get_plugin_preference_file_size
long get_plugin_preference_file_size(struct script_infos *desc, const char *identifier)
Get the file size of a plugins preference that is of type "file".
Definition: plugutils.c:917
plugutils.h
Header file for module plugutils.
ARG_STRING
#define ARG_STRING
Definition: plugutils.h:19
ARG_INT
#define ARG_INT
Definition: plugutils.h:20
msg_t
msg_t
Definition: plugutils.h:76
HOST_DETAIL
@ HOST_DETAIL
Definition: plugutils.h:81
HOST_END
@ HOST_END
Definition: plugutils.h:79
ALARM
@ ALARM
Definition: plugutils.h:82
DEADHOST
@ DEADHOST
Definition: plugutils.h:83
LOG
@ LOG
Definition: plugutils.h:80
ERRMSG
@ ERRMSG
Definition: plugutils.h:77
HOST_START
@ HOST_START
Definition: plugutils.h:78
get_scan_id
const char * get_scan_id()
Definition: scan_id.c:22
scan_id.h
scan_globals
Definition: scanneraux.h:19
scan_globals::files_size_translation
GHashTable * files_size_translation
Definition: scanneraux.h:21
scan_globals::files_translation
GHashTable * files_translation
Definition: scanneraux.h:20
script_infos
Definition: scanneraux.h:29
script_infos::nvti
nvti_t * nvti
Definition: scanneraux.h:33
script_infos::globals
struct scan_globals * globals
Definition: scanneraux.h:30
script_infos::key
kb_t key
Definition: scanneraux.h:32
script_infos::vhosts
GSList * vhosts
Definition: scanneraux.h:38
script_infos::ip
struct in6_addr * ip
Definition: scanneraux.h:37
support.h
Support macros for special platforms.