OpenVAS Scanner 23.23.1
plugutils.c File Reference

Plugin-specific stuff. More...

#include "plugutils.h"
#include "kb_cache.h"
#include "network.h"
#include "scan_id.h"
#include "support.h"
#include <errno.h>
#include <gvm/base/hosts.h>
#include <gvm/base/networking.h>
#include <gvm/base/prefs.h>
#include <gvm/util/mqtt.h>
#include <gvm/util/nvticache.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/wait.h>
#include <unistd.h>

Macros

#define G_LOG_DOMAIN   "lib misc"
 GLib logging domain.
#define MAX_CANDIDATES   16

Functions

void init_kb_usage (void)
static int add_kb_usage (struct script_infos *args, size_t size)
const char * plug_current_vhost (void)
static int plug_fork_child (kb_t kb)
 Spawns a new child process. Setups everything that is needed for a new process. Child must be handled by caller.
void plug_set_dep (struct script_infos *args, const char *depname)
static void host_add_port_proto (struct script_infos *args, int portnum, char *proto)
static int unscanned_ports_as_closed (port_protocol_t ptype)
 Report state of preferences "unscanned_closed".
int kb_get_port_state_proto (kb_t kb, int portnum, char *proto)
static int host_get_port_state_proto (struct script_infos *args, int portnum, char *proto)
int host_get_port_state (struct script_infos *plugdata, int portnum)
int host_get_port_state_udp (struct script_infos *plugdata, int portnum)
static int check_duplicated_vhost (struct script_infos *args, const char *hostname)
 Check for duplicated vhosts before inserting a new one.
int plug_add_host_fqdn (struct script_infos *args, const char *hostname, const char *source)
char * plug_get_host_fqdn (struct script_infos *args)
GSList * plug_get_host_fqdn_list (struct script_infos *args)
char * plug_get_host_source (struct script_infos *args, const char *hostname)
struct in6_addr * plug_get_host_ip (struct script_infos *args)
char * plug_get_host_ip_str (struct script_infos *desc)
static const char * msg_type_to_str (msg_t type)
 Return string representation of the given msg_t.
int check_kb_inconsistency (kb_t main_kb)
 Check if the current main kb corresponds to the original scan main kb. @description Compares the scan id in get_scan_id, set at the beginning of the scan, with the one found in the main kb. Therefore it is mandatory that the global main_kb variable to be set. It helps to detect that the kb was not taken by another task/scan, and that the current plugins does not stores results in a wrong kb.
static int check_kb_inconsistency_log (void)
 calls check_kb_inconsistency and logs as debug when local scan_id is missing.
int kb_item_push_str_with_main_kb_check (kb_t kb, const char *name, const char *value)
 Check if the current kb corresponds to the original scanid, if it matches it kb_item_push_str. @description Compares the scan id in get_scan_id, set at the beginning of the scan, with the one found in the main kb. Therefore it is mandatory that the global main_kb variable to be set. It helps to detect that the kb was not taken by another task/scan, and that the current plugins does not stores results in a wrong kb.
int kb_item_set_str_with_main_kb_check (kb_t kb, const char *name, const char *value, size_t len)
 Check if the current kb corresponds to the original scanid, if it matches it call kb_item_set_str. @description Compares the scan id in get_scan_id, set at the beginning of the scan, with the one found in the main kb. Therefore it is mandatory that the global main_kb variable to be set. It helps to detect that the kb was not taken by another task/scan, and that the current plugins does not stores results in a wrong kb.
int kb_item_add_str_unique_with_main_kb_check (kb_t kb, const char *name, const char *value, size_t len, int pos)
 Check if the current kb corresponds to the original scanid, if it matches it call kb_item_add_str_unique. @description Compares the scan id in get_scan_id, set at the beginning of the scan, with the one found in the main kb. Therefore it is mandatory that the global main_kb variable to be set. It helps to detect that the kb was not taken by another task/scan, and that the current plugins does not stores results in a wrong kb.
int kb_item_set_int_with_main_kb_check (kb_t kb, const char *name, int value)
 Check if the current kb corresponds to the original scanid, if it matches it call kb_item_set_int. @description Compares the scan id in get_scan_id, set at the beginning of the scan, with the one found in the main kb. Therefore it is mandatory that the global main_kb variable to be set. It helps to detect that the kb was not taken by another task/scan, and that the current plugins does not stores results in a wrong kb.
int kb_item_add_int_with_main_kb_check (kb_t kb, const char *name, int value)
 Check if the current kb corresponds to the original scanid, if it matches it call kb_item_add_int. @description Compares the scan id in get_scan_id, add at the beginning of the scan, with the one found in the main kb. Therefore it is mandatory that the global main_kb variable to be set. It helps to detect that the kb was not taken by another task/scan, and that the current plugins does not stores results in a wrong kb.
int kb_item_add_int_unique_with_main_kb_check (kb_t kb, const char *name, int value)
 Check if the current kb corresponds to the original scanid, if it matches it call kb_item_add_int_unique. @description Compares the scan id in get_scan_id, add at the beginning of the scan, with the one found in the main kb. Therefore it is mandatory that the global main_kb variable to be set. It helps to detect that the kb was not taken by another task/scan, and that the current plugins does not stores results in a wrong kb.
static void proto_post_wrapped (const char *oid, struct script_infos *desc, int port, const char *proto, const char *action, msg_t msg_type, const char *uri)
 Post a security message (e.g. LOG, NOTE, WARNING ...).
void proto_post_alarm (const char *oid, struct script_infos *desc, int port, const char *proto, const char *action, const char *uri)
void post_alarm (const char *oid, struct script_infos *desc, int port, const char *action, const char *uri)
void proto_post_log (const char *oid, struct script_infos *desc, int port, const char *proto, const char *action, const char *uri)
 Post a log message.
void post_log (const char *oid, struct script_infos *desc, int port, const char *action)
 Post a log message about a tcp port.
void post_log_with_uri (const char *oid, struct script_infos *desc, int port, const char *action, const char *uri)
 Post a log message about a tcp port with a uri.
void proto_post_error (const char *oid, struct script_infos *desc, int port, const char *proto, const char *action, const char *uri)
void post_error (const char *oid, struct script_infos *desc, int port, const char *action, const char *uri)
char * get_plugin_preference (const char *oid, const char *name, int pref_id)
 Get the a plugins preference.
const char * get_plugin_preference_fname (struct script_infos *desc, const char *filename)
 Get the file name of a plugins preference that is of type "file".
char * get_plugin_preference_file_content (struct script_infos *desc, const char *identifier)
 Get the file contents of a plugins preference that is of type "file".
long get_plugin_preference_file_size (struct script_infos *desc, const char *identifier)
 Get the file size of a plugins preference that is of type "file".
void plug_set_key_len (struct script_infos *args, char *name, int type, const void *value, size_t len)
void plug_set_key (struct script_infos *args, char *name, int type, const void *value)
void plug_set_key_len_volatile (struct script_infos *args, char *name, int type, const void *value, int expire, size_t len)
 Set volatile key with expire.
void plug_set_key_volatile (struct script_infos *args, char *name, int type, const void *value, int expire)
 Set volatile key with expire.
void plug_replace_key_len (struct script_infos *args, char *name, int type, void *value, size_t len)
void plug_replace_key (struct script_infos *args, char *name, int type, void *value)
void scanner_add_port (struct script_infos *args, int port, char *proto)
kb_t plug_get_kb (struct script_infos *args)
static void plug_get_key_sigchld (int s)
static void sig_n (int signo, void(*fnc)(int))
void * plug_get_key (struct script_infos *args, char *name, int *type, size_t *len, int single)
 Get values from a kb under the given key name.
unsigned int plug_get_host_open_port (struct script_infos *desc)
void plug_set_port_transport (struct script_infos *args, int port, int tr)
int plug_get_port_transport (struct script_infos *args, int port)
static void plug_set_ssl_item (struct script_infos *args, char *item, char *itemfname)
void plug_set_ssl_cert (struct script_infos *args, char *cert)
void plug_set_ssl_key (struct script_infos *args, char *key)
void plug_set_ssl_pem_password (struct script_infos *args, char *key)
void plug_set_ssl_CA_file (struct script_infos *args, char *key)

Variables

int global_nasl_debug = 0
static size_t kb_usage = 0
static size_t max_kb_usage
gvm_vhost_t * current_vhost = NULL

Detailed Description

Plugin-specific stuff.

Macro Definition Documentation

◆ G_LOG_DOMAIN

#define G_LOG_DOMAIN   "lib misc"

GLib logging domain.

◆ MAX_CANDIDATES

#define MAX_CANDIDATES   16

Function Documentation

◆ add_kb_usage()

int add_kb_usage ( struct script_infos * args,
size_t size )
static

◆ check_duplicated_vhost()

int check_duplicated_vhost ( struct script_infos * args,
const char * hostname )
static

Check for duplicated vhosts before inserting a new one.

Parameters
argsscript info structure
hostnamehostname to check
Returns
0 if the vhosts was still not added. -1 if the vhosts already exists.

◆ check_kb_inconsistency()

int check_kb_inconsistency ( kb_t main_kb)

Check if the current main kb corresponds to the original scan main kb. @description Compares the scan id in get_scan_id, set at the beginning of the scan, with the one found in the main kb. Therefore it is mandatory that the global main_kb variable to be set. It helps to detect that the kb was not taken by another task/scan, and that the current plugins does not stores results in a wrong kb.

Parameters
main_kbCurrent main kb.
Returns
0 on success, -1 on missing global scan_id, -2 on missing current_scan_id, -3 when inconsistent.

◆ check_kb_inconsistency_log()

int check_kb_inconsistency_log ( void )
static

calls check_kb_inconsistency and logs as debug when local scan_id is missing.

@description Compares the scan id in get_scan_id, set at the beginning of the scan, with the one found in the main kb. Therefore it is mandatory that the global main_kb variable to be set. It helps to detect that the kb was not taken by another task/scan, and that the current plugins does not stores results in a wrong kb.

Returns
0 on success, -1 on inconsistency.

◆ get_plugin_preference()

char * get_plugin_preference ( const char * oid,
const char * name,
int pref_id )

Get the a plugins preference.

Search in the preferences set by the client. If it is not present, search in redis cache for the default.

Parameters
[in]oidScript OID to get the preference from
[in]nameName of the preference to get
[in]pref_idId of the preferences to get
Returns
script preference on success, Null otherwise.

◆ get_plugin_preference_file_content()

char * get_plugin_preference_file_content ( struct script_infos * desc,
const char * identifier )

Get the file contents of a plugins preference that is of type "file".

As files sent to the scanner (e.g. as plugin preference) are stored in a hash table with an identifier supplied by the client as the key, the contents have to be looked up here.

Parameters
identifierIdentifier that was supplied by the client when the file was uploaded.
Returns
Contents of the file identified by identifier, NULL if not found or setup broken.

◆ get_plugin_preference_file_size()

long get_plugin_preference_file_size ( struct script_infos * desc,
const char * identifier )

Get the file size of a plugins preference that is of type "file".

Files sent to the scanner (e.g. as plugin preference) are stored in a hash table with an identifier supplied by the client as the key. The size of the file is stored in a separate hash table with the same identifier as key, which can be looked up here.

Parameters
identifierIdentifier that was supplied by the client when the file was uploaded.
Returns
Size of the file identified by identifier, -1 if not found or setup broken.

◆ get_plugin_preference_fname()

const char * get_plugin_preference_fname ( struct script_infos * desc,
const char * filename )

Get the file name of a plugins preference that is of type "file".

As files sent to the server (e.g. as plugin preference) are stored at pseudo-random locations with different names, the "real" file name has to be looked up in a hashtable.

Returns
Filename on disc for filename, NULL if not found or setup broken.

◆ host_add_port_proto()

void host_add_port_proto ( struct script_infos * args,
int portnum,
char * proto )
static

◆ host_get_port_state()

int host_get_port_state ( struct script_infos * plugdata,
int portnum )

◆ host_get_port_state_proto()

int host_get_port_state_proto ( struct script_infos * args,
int portnum,
char * proto )
static

◆ host_get_port_state_udp()

int host_get_port_state_udp ( struct script_infos * plugdata,
int portnum )

◆ init_kb_usage()

void init_kb_usage ( void )

◆ kb_get_port_state_proto()

int kb_get_port_state_proto ( kb_t kb,
int portnum,
char * proto )
Parameters
protoProtocol (udp/tcp). If NULL, "tcp" will be used.

◆ kb_item_add_int_unique_with_main_kb_check()

int kb_item_add_int_unique_with_main_kb_check ( kb_t kb,
const char * name,
int value )

Check if the current kb corresponds to the original scanid, if it matches it call kb_item_add_int_unique. @description Compares the scan id in get_scan_id, add at the beginning of the scan, with the one found in the main kb. Therefore it is mandatory that the global main_kb variable to be set. It helps to detect that the kb was not taken by another task/scan, and that the current plugins does not stores results in a wrong kb.

Parameters
kbKb where to store the item into.
namekey for the given value.
valueto store under key within kb.
Returns
0 on success, -1 on inconsistency.

◆ kb_item_add_int_with_main_kb_check()

int kb_item_add_int_with_main_kb_check ( kb_t kb,
const char * name,
int value )

Check if the current kb corresponds to the original scanid, if it matches it call kb_item_add_int. @description Compares the scan id in get_scan_id, add at the beginning of the scan, with the one found in the main kb. Therefore it is mandatory that the global main_kb variable to be set. It helps to detect that the kb was not taken by another task/scan, and that the current plugins does not stores results in a wrong kb.

Parameters
kbKb where to store the item into.
namekey for the given value.
valueto store under key within kb.
Returns
0 on success, -1 on inconsistency.

◆ kb_item_add_str_unique_with_main_kb_check()

int kb_item_add_str_unique_with_main_kb_check ( kb_t kb,
const char * name,
const char * value,
size_t len,
int pos )

Check if the current kb corresponds to the original scanid, if it matches it call kb_item_add_str_unique. @description Compares the scan id in get_scan_id, set at the beginning of the scan, with the one found in the main kb. Therefore it is mandatory that the global main_kb variable to be set. It helps to detect that the kb was not taken by another task/scan, and that the current plugins does not stores results in a wrong kb.

Parameters
kbKb where to store the item into.
namekey for the given value.
valueto store under key within kb.
Returns
0 on success, -1 on inconsistency.

◆ kb_item_push_str_with_main_kb_check()

int kb_item_push_str_with_main_kb_check ( kb_t kb,
const char * name,
const char * value )

Check if the current kb corresponds to the original scanid, if it matches it kb_item_push_str. @description Compares the scan id in get_scan_id, set at the beginning of the scan, with the one found in the main kb. Therefore it is mandatory that the global main_kb variable to be set. It helps to detect that the kb was not taken by another task/scan, and that the current plugins does not stores results in a wrong kb.

Parameters
kbKb where to store the item into.
namekey for the given value.
valueto store under key within kb.
Returns
0 on success, -1 on inconsistency.

◆ kb_item_set_int_with_main_kb_check()

int kb_item_set_int_with_main_kb_check ( kb_t kb,
const char * name,
int value )

Check if the current kb corresponds to the original scanid, if it matches it call kb_item_set_int. @description Compares the scan id in get_scan_id, set at the beginning of the scan, with the one found in the main kb. Therefore it is mandatory that the global main_kb variable to be set. It helps to detect that the kb was not taken by another task/scan, and that the current plugins does not stores results in a wrong kb.

Parameters
kbKb where to store the item into.
namekey for the given value.
valueto store under key within kb.
Returns
0 on success, -1 on inconsistency.

◆ kb_item_set_str_with_main_kb_check()

int kb_item_set_str_with_main_kb_check ( kb_t kb,
const char * name,
const char * value,
size_t len )

Check if the current kb corresponds to the original scanid, if it matches it call kb_item_set_str. @description Compares the scan id in get_scan_id, set at the beginning of the scan, with the one found in the main kb. Therefore it is mandatory that the global main_kb variable to be set. It helps to detect that the kb was not taken by another task/scan, and that the current plugins does not stores results in a wrong kb.

Parameters
kbKb where to store the item into.
namekey for the given value.
valueto store under key within kb.
Returns
0 on success, -1 on inconsistency.

◆ msg_type_to_str()

const char * msg_type_to_str ( msg_t type)
static

Return string representation of the given msg_t.

Parameters
msgmsg_t to transform
Returns
string representation of the given msg_t if successful, else NULL.

◆ plug_add_host_fqdn()

int plug_add_host_fqdn ( struct script_infos * args,
const char * hostname,
const char * source )

◆ plug_current_vhost()

const char * plug_current_vhost ( void )

◆ plug_fork_child()

int plug_fork_child ( kb_t kb)
static

Spawns a new child process. Setups everything that is needed for a new process. Child must be handled by caller.

Parameters
kbfor redis connection
Returns
int 0 for the child process, 1 for the parent process and -1 on failure

◆ plug_get_host_fqdn()

char * plug_get_host_fqdn ( struct script_infos * args)

◆ plug_get_host_fqdn_list()

GSList * plug_get_host_fqdn_list ( struct script_infos * args)

◆ plug_get_host_ip()

struct in6_addr * plug_get_host_ip ( struct script_infos * args)

◆ plug_get_host_ip_str()

char * plug_get_host_ip_str ( struct script_infos * desc)

◆ plug_get_host_open_port()

unsigned int plug_get_host_open_port ( struct script_infos * desc)

Don't always return the first open port, otherwise we might get bitten by OSes doing active SYN flood countermeasures. Also, avoid returning 80 and 21 as open ports, as many transparent proxies are acting for these...

◆ plug_get_host_source()

char * plug_get_host_source ( struct script_infos * args,
const char * hostname )

◆ plug_get_kb()

kb_t plug_get_kb ( struct script_infos * args)

◆ plug_get_key()

void * plug_get_key ( struct script_infos * args,
char * name,
int * type,
size_t * len,
int single )

Get values from a kb under the given key name.

Parameters
[in]argsThe script infos where to get the kb from.
[in]nameKey name to search in the kb.
[in/out]type If 1 is given, the answer is forced to be KB_TYPE_INT type. Otherwise it returns the fetched type.
[in]lenDesired string length to be returned.
[in]singleIn case of a list, fetch only the last element
Returns
Null if no result, or a void pointer to the result in success.

◆ plug_get_key_sigchld()

void plug_get_key_sigchld ( int s)
static

◆ plug_get_port_transport()

int plug_get_port_transport ( struct script_infos * args,
int port )

◆ plug_replace_key()

void plug_replace_key ( struct script_infos * args,
char * name,
int type,
void * value )

◆ plug_replace_key_len()

void plug_replace_key_len ( struct script_infos * args,
char * name,
int type,
void * value,
size_t len )

◆ plug_set_dep()

void plug_set_dep ( struct script_infos * args,
const char * depname )

◆ plug_set_key()

void plug_set_key ( struct script_infos * args,
char * name,
int type,
const void * value )

◆ plug_set_key_len()

void plug_set_key_len ( struct script_infos * args,
char * name,
int type,
const void * value,
size_t len )

◆ plug_set_key_len_volatile()

void plug_set_key_len_volatile ( struct script_infos * args,
char * name,
int type,
const void * value,
int expire,
size_t len )

Set volatile key with expire.

Parameters
argsScript infos.
nameKey name.
typeKey type.
valueKey value.
expireKey expire in seconds.
lenLen of value.

◆ plug_set_key_volatile()

void plug_set_key_volatile ( struct script_infos * args,
char * name,
int type,
const void * value,
int expire )

Set volatile key with expire.

Parameters
argsScript infos.
nameKey name.
typeKey type.
valueKey value.
expireKey expire in seconds.

◆ plug_set_port_transport()

void plug_set_port_transport ( struct script_infos * args,
int port,
int tr )
Todo
Those brain damaged functions should probably be in another file They are use to remember who speaks SSL or not

◆ plug_set_ssl_CA_file()

void plug_set_ssl_CA_file ( struct script_infos * args,
char * key )
Todo
Also, all plug_set_ssl*-functions set values that are only accessed in network.c:open_stream_connection under specific conditions. Check whether these conditions can actually occur. Document the functions on the way.

◆ plug_set_ssl_cert()

void plug_set_ssl_cert ( struct script_infos * args,
char * cert )

◆ plug_set_ssl_item()

void plug_set_ssl_item ( struct script_infos * args,
char * item,
char * itemfname )
static

◆ plug_set_ssl_key()

void plug_set_ssl_key ( struct script_infos * args,
char * key )

◆ plug_set_ssl_pem_password()

void plug_set_ssl_pem_password ( struct script_infos * args,
char * key )

◆ post_alarm()

void post_alarm ( const char * oid,
struct script_infos * desc,
int port,
const char * action,
const char * uri )

◆ post_error()

void post_error ( const char * oid,
struct script_infos * desc,
int port,
const char * action,
const char * uri )

◆ post_log()

void post_log ( const char * oid,
struct script_infos * desc,
int port,
const char * action )

Post a log message about a tcp port.

◆ post_log_with_uri()

void post_log_with_uri ( const char * oid,
struct script_infos * desc,
int port,
const char * action,
const char * uri )

Post a log message about a tcp port with a uri.

◆ proto_post_alarm()

void proto_post_alarm ( const char * oid,
struct script_infos * desc,
int port,
const char * proto,
const char * action,
const char * uri )

◆ proto_post_error()

void proto_post_error ( const char * oid,
struct script_infos * desc,
int port,
const char * proto,
const char * action,
const char * uri )

◆ proto_post_log()

void proto_post_log ( const char * oid,
struct script_infos * desc,
int port,
const char * proto,
const char * action,
const char * uri )

Post a log message.

◆ proto_post_wrapped()

void proto_post_wrapped ( const char * oid,
struct script_infos * desc,
int port,
const char * proto,
const char * action,
msg_t msg_type,
const char * uri )
static

Post a security message (e.g. LOG, NOTE, WARNING ...).

Parameters
oidThe oid of the NVT
descThe script infos where to get settings.
portPort number related to the issue.
protoProtocol related to the issue (tcp or udp).
actionThe actual result text
msg_typeThe message type.
uriLocation like file path or webservice URL.

◆ scanner_add_port()

void scanner_add_port ( struct script_infos * args,
int port,
char * proto )

◆ sig_n()

void sig_n ( int signo,
void(* fnc )(int) )
static

◆ unscanned_ports_as_closed()

int unscanned_ports_as_closed ( port_protocol_t ptype)
static

Report state of preferences "unscanned_closed".

Returns
0 if pref is "yes", 1 otherwise.

Variable Documentation

◆ current_vhost

gvm_vhost_t* current_vhost = NULL

◆ global_nasl_debug

int global_nasl_debug = 0

◆ kb_usage

size_t kb_usage = 0
static

◆ max_kb_usage

size_t max_kb_usage
static