OpenVAS Scanner  7.0.1~git
network.h File Reference

Header file for module network. More...

#include "scanneraux.h"
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
#include <netinet/in.h>
#include <sys/select.h>
Include dependency graph for network.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Macros

#define IS_ENCAPS_SSL(x)   ((x) >= OPENVAS_ENCAPS_SSLv23 && (x) <= OPENVAS_ENCAPS_TLScustom)
 

Typedefs

typedef enum openvas_encaps openvas_encaps_t
 

Enumerations

enum  openvas_encaps {
  OPENVAS_ENCAPS_AUTO = 0, OPENVAS_ENCAPS_IP, OPENVAS_ENCAPS_SSLv23, OPENVAS_ENCAPS_SSLv2,
  OPENVAS_ENCAPS_SSLv3, OPENVAS_ENCAPS_TLSv1, OPENVAS_ENCAPS_TLSv11, OPENVAS_ENCAPS_TLSv12,
  OPENVAS_ENCAPS_TLScustom, OPENVAS_ENCAPS_MAX
}
 

Functions

int open_sock_tcp (struct script_infos *, unsigned int, int)
 
int open_sock_option (struct script_infos *, unsigned int, int, int, int)
 
int recv_line (int, char *, size_t)
 Reads a text from the socket stream into the argument buffer, always. More...
 
int nrecv (int, void *, int, int)
 
int socket_close (int)
 
int get_sock_infos (int sock, int *r_transport, void **r_tls_session)
 
unsigned short * getpts (char *, int *)
 Converts a string like "-100,200-1024,3000-4000,60000-" into an array. More...
 
int open_stream_connection (struct script_infos *, unsigned int, int, int)
 
int open_stream_connection_ext (struct script_infos *, unsigned int, int, int, const char *)
 
int open_stream_auto_encaps_ext (struct script_infos *, unsigned int port, int timeout, int force)
 
int write_stream_connection (int, void *buf, int n)
 
int read_stream_connection (int, void *, int)
 
int read_stream_connection_min (int, void *, int, int)
 
int nsend (int, void *, int, int)
 
void add_close_stream_connection_hook (int(*)(int))
 
int close_stream_connection (int)
 
const char * get_encaps_name (openvas_encaps_t)
 
const char * get_encaps_through (openvas_encaps_t)
 
int open_sock_opt_hn (const char *, unsigned int, int, int, int)
 
int openvas_SSL_init (void)
 Initializes SSL support. More...
 
int stream_set_buffer (int, int)
 
int stream_get_buffer_sz (int)
 
int stream_get_err (int)
 
int openvas_register_connection (int s, void *ssl, gnutls_certificate_credentials_t certcred, openvas_encaps_t encaps)
 
int openvas_deregister_connection (int)
 
int openvas_get_socket_from_connection (int)
 
gnutls_session_t ovas_get_tlssession_from_connection (int)
 
int stream_zero (fd_set *)
 
int stream_set (int, fd_set *)
 
int os_send (int, void *, int, int)
 
int os_recv (int, void *, int, int)
 
int fd_is_stream (int)
 
int stream_set_timeout (int, int)
 
int socket_negotiate_ssl (int, openvas_encaps_t, struct script_infos *)
 
void socket_get_cert (int, void **, int *)
 
int socket_get_ssl_version (int)
 
void socket_get_ssl_session_id (int, void **, size_t *)
 
int socket_get_ssl_compression (int)
 
int socket_get_ssl_ciphersuite (int)
 

Detailed Description

Header file for module network.

Definition in file network.h.

Macro Definition Documentation

◆ IS_ENCAPS_SSL

#define IS_ENCAPS_SSL (   x)    ((x) >= OPENVAS_ENCAPS_SSLv23 && (x) <= OPENVAS_ENCAPS_TLScustom)

Definition at line 56 of file network.h.

Referenced by nasl_socket_negotiate_ssl(), and plugin_do_run().

Typedef Documentation

◆ openvas_encaps_t

Enumeration Type Documentation

◆ openvas_encaps

Enumerator
OPENVAS_ENCAPS_AUTO 
OPENVAS_ENCAPS_IP 
OPENVAS_ENCAPS_SSLv23 
OPENVAS_ENCAPS_SSLv2 
OPENVAS_ENCAPS_SSLv3 
OPENVAS_ENCAPS_TLSv1 
OPENVAS_ENCAPS_TLSv11 
OPENVAS_ENCAPS_TLSv12 
OPENVAS_ENCAPS_TLScustom 
OPENVAS_ENCAPS_MAX 

Definition at line 42 of file network.h.

Function Documentation

◆ add_close_stream_connection_hook()

void add_close_stream_connection_hook ( int(*)(int)  )

◆ close_stream_connection()

int close_stream_connection ( int  )

Definition at line 1518 of file network.c.

References OPENVAS_STREAM, OVAS_CONNECTION_FROM_FD, openvas_connection::port, release_connection_fd(), run_csc_hooks(), and socket_close().

Referenced by nasl_close_socket(), nasl_end_denial(), nasl_start_denial(), and plugin_do_run().

1519 {
1520  openvas_connection *fp;
1521  if (!OPENVAS_STREAM (fd))
1522  {
1523  errno = EINVAL;
1524  return -1;
1525  }
1526  fp = OVAS_CONNECTION_FROM_FD (fd);
1527  g_debug ("close_stream_connection TCP:%d (fd=%d)", fp->port, fd);
1528 
1529  if (!OPENVAS_STREAM (fd)) /* Will never happen if debug is on! */
1530  {
1531  if (fd < 0 || fd > 1024)
1532  {
1533  errno = EINVAL;
1534  return -1;
1535  }
1536  shutdown (fd, 2);
1537  return socket_close (fd);
1538  }
1539  if (!run_csc_hooks (fd))
1540  return release_connection_fd (fd, 1);
1541  else
1542  return release_connection_fd (fd, 0);
1543 }
static int release_connection_fd(int fd, int already_closed)
Definition: network.c:183
#define OVAS_CONNECTION_FROM_FD(fd)
Definition: network.c:132
static int run_csc_hooks(int fd)
Run the hooks for close_stream_connection.
Definition: network.c:1507
#define OPENVAS_STREAM(x)
Definition: network.c:126
int socket_close(int soc)
Definition: network.c:1949
Here is the call graph for this function:
Here is the caller graph for this function:

◆ fd_is_stream()

int fd_is_stream ( int  )

Definition at line 1959 of file network.c.

References OPENVAS_STREAM.

Referenced by nasl_close_socket(), nasl_get_source_port(), nasl_recv(), nasl_recv_line(), nasl_send(), nasl_socket_get_error(), socket_get_cert(), socket_get_ssl_ciphersuite(), socket_get_ssl_session_id(), socket_get_ssl_version(), and socket_negotiate_ssl().

1960 {
1961  return OPENVAS_STREAM (fd); /* Should probably be smarter... */
1962 }
#define OPENVAS_STREAM(x)
Definition: network.c:126
Here is the caller graph for this function:

◆ get_encaps_name()

const char* get_encaps_name ( openvas_encaps_t  )

Definition at line 1546 of file network.c.

References code, OPENVAS_ENCAPS_AUTO, OPENVAS_ENCAPS_IP, OPENVAS_ENCAPS_SSLv2, OPENVAS_ENCAPS_SSLv23, OPENVAS_ENCAPS_SSLv3, OPENVAS_ENCAPS_TLScustom, OPENVAS_ENCAPS_TLSv1, OPENVAS_ENCAPS_TLSv11, and OPENVAS_ENCAPS_TLSv12.

Referenced by get_port_transport(), nasl_get_sock_info(), and plugin_do_run().

1547 {
1548  static char str[100];
1549  switch (code)
1550  {
1551  case OPENVAS_ENCAPS_AUTO:
1552  return "auto";
1553  case OPENVAS_ENCAPS_IP:
1554  return "IP";
1555  case OPENVAS_ENCAPS_SSLv2:
1556  return "SSLv2";
1557  case OPENVAS_ENCAPS_SSLv23:
1558  return "SSLv23";
1559  case OPENVAS_ENCAPS_SSLv3:
1560  return "SSLv3";
1561  case OPENVAS_ENCAPS_TLSv1:
1562  return "TLSv1";
1563  case OPENVAS_ENCAPS_TLSv11:
1564  return "TLSv11";
1565  case OPENVAS_ENCAPS_TLSv12:
1566  return "TLSv12";
1568  return "TLScustom";
1569  default:
1570  snprintf (str, sizeof (str), "[unknown transport layer - code %d (0x%x)]",
1571  code, code);
1572  return str;
1573  }
1574 }
#define code
Here is the caller graph for this function:

◆ get_encaps_through()

const char* get_encaps_through ( openvas_encaps_t  )

Definition at line 1577 of file network.c.

References code, OPENVAS_ENCAPS_IP, OPENVAS_ENCAPS_SSLv2, OPENVAS_ENCAPS_SSLv23, OPENVAS_ENCAPS_SSLv3, OPENVAS_ENCAPS_TLScustom, OPENVAS_ENCAPS_TLSv1, OPENVAS_ENCAPS_TLSv11, and OPENVAS_ENCAPS_TLSv12.

Referenced by mark_acap_server(), mark_adsgone(), mark_avotus_mm_server(), mark_BitTorrent_server(), mark_citrix_server(), mark_dameware_server(), mark_dictd_server(), mark_direct_connect_hub(), mark_eggdrop_server(), mark_ens_server(), mark_exchg_routing_server(), mark_finger_server(), mark_fssniffer(), mark_ftp_server(), mark_fw1(), mark_giop_server(), mark_gnocatan_server(), mark_gnome14_server(), mark_http_proxy(), mark_http_server(), mark_imap_server(), mark_interscan_viruswall(), mark_ircxpro_admin_server(), mark_jabber_server(), mark_LISa_server(), mark_listserv_server(), mark_locked_adsubtract_server(), mark_lpd_server(), mark_lyskom_server(), mark_mon_server(), mark_nagiosd_server(), mark_nntp_server(), mark_ofa_express_server(), mark_pblocald_server(), mark_pbmaster_server(), mark_ph_server(), mark_pnsclient(), mark_pop3pw_server(), mark_ppp_daemon(), mark_psybnc(), mark_quicktime_streaming_server(), mark_remote_nc_server(), mark_rmserver(), mark_shoutcast_server(), mark_smppd_server(), mark_smtp_server(), mark_smux_server(), mark_snpp_server(), mark_spamd_server(), mark_stonegate_auth_server(), mark_sub7_server(), mark_tcpmux_server(), mark_teamspeak2_server(), mark_telnet_server(), mark_time_server(), mark_unknown_svc(), mark_upsmon_server(), mark_uucp_server(), mark_veritas_backup(), mark_vmware_auth(), mark_vtun_server(), mark_websm_server(), mark_whois_plus2_server(), and mark_zebra_server().

1578 {
1579  static char str[100];
1580  switch (code)
1581  {
1582  case OPENVAS_ENCAPS_IP:
1583  return "";
1584  case OPENVAS_ENCAPS_SSLv2:
1585  case OPENVAS_ENCAPS_SSLv23:
1586  case OPENVAS_ENCAPS_SSLv3:
1587  case OPENVAS_ENCAPS_TLSv1:
1588  case OPENVAS_ENCAPS_TLSv11:
1589  case OPENVAS_ENCAPS_TLSv12:
1591  return " through SSL";
1592  default:
1593  snprintf (str, sizeof (str),
1594  " through unknown transport layer - code %d (0x%x)", code,
1595  code);
1596  return str;
1597  }
1598 }
#define code

◆ get_sock_infos()

int get_sock_infos ( int  sock,
int *  r_transport,
void **  r_tls_session 
)

Definition at line 2063 of file network.c.

References connections, OPENVAS_FD_OFF, OPENVAS_STREAM, openvas_connection::tls_session, and openvas_connection::transport.

Referenced by nasl_get_sock_info(), and nasl_socket_cert_verify().

2064 {
2065  openvas_connection *fp;
2066 
2067  if (!OPENVAS_STREAM (sock))
2068  return ENOTSOCK;
2069  fp = &(connections[sock - OPENVAS_FD_OFF]);
2070 
2071  *r_transport = fp->transport;
2072  *r_tls_session = fp->tls_session;
2073  return 0;
2074 }
#define OPENVAS_FD_OFF
Definition: network.c:105
gnutls_session_t tls_session
Definition: network.c:88
static openvas_connection connections[OPENVAS_FD_MAX]
Definition: network.c:107
openvas_encaps_t transport
Definition: network.c:82
#define OPENVAS_STREAM(x)
Definition: network.c:126
Here is the caller graph for this function:

◆ getpts()

unsigned short* getpts ( char *  origexpr,
int *  len 
)

Converts a string like "-100,200-1024,3000-4000,60000-" into an array.

of port numbers

This function is (c) Fyodor fyodo.nosp@m.r@dh.nosp@m.p.com and was taken from his excellent and outstanding scanner Nmap See http://www.insecure.org/nmap/ for details about Nmap

Definition at line 2103 of file network.c.

References qsort_compar().

Referenced by nasl_scanner_get_port(), and scan().

2104 {
2105  int exlen;
2106  char *p, *q;
2107  unsigned short *tmp, *ports;
2108  int i = 0, j = 0, start, end;
2109  char *expr;
2110  char *mem;
2111  char *s_start, *s_end;
2112  static unsigned short *last_ret = NULL;
2113  static char *last_expr = NULL;
2114  static int last_num;
2115 
2116  expr = g_strdup (origexpr);
2117  exlen = strlen (origexpr);
2118  mem = expr;
2119 
2120  if (last_expr != NULL)
2121  {
2122  if (strcmp (last_expr, expr) == 0)
2123  {
2124  if (len != NULL)
2125  *len = last_num;
2126  g_free (mem);
2127  return last_ret;
2128  }
2129  else
2130  {
2131  g_free (last_expr);
2132  last_expr = NULL;
2133  g_free (&last_ret);
2134  last_ret = NULL;
2135  }
2136  }
2137 
2138  ports = g_malloc0 (65536 * sizeof (short));
2139  for (; j < exlen; j++)
2140  if (expr[j] != ' ')
2141  expr[i++] = expr[j];
2142  expr[i] = '\0';
2143 
2144  if ((s_start = strstr (expr, "T:")) != NULL)
2145  expr = &(s_start[2]);
2146 
2147  if ((s_end = strstr (expr, "U:")) != NULL)
2148  {
2149  if (s_end[-1] == ',')
2150  s_end--;
2151  s_end[0] = '\0';
2152  }
2153 
2154  i = 0;
2155  while ((p = strchr (expr, ',')))
2156  {
2157  *p = '\0';
2158  if (*expr == '-')
2159  {
2160  start = 1;
2161  end = atoi (expr + 1);
2162  }
2163  else
2164  {
2165  start = end = atoi (expr);
2166  if ((q = strchr (expr, '-')) && *(q + 1))
2167  end = atoi (q + 1);
2168  else if (q && !*(q + 1))
2169  end = 65535;
2170  }
2171  if (start < 1)
2172  start = 1;
2173  if (start > end)
2174  {
2175  g_free (mem);
2176  g_free (ports);
2177  return NULL;
2178  }
2179  for (j = start; j <= end; j++)
2180  ports[i++] = j;
2181  expr = p + 1;
2182  }
2183  if (*expr == '-')
2184  {
2185  start = 1;
2186  end = atoi (expr + 1);
2187  }
2188  else
2189  {
2190  start = end = atoi (expr);
2191  if ((q = strchr (expr, '-')) && *(q + 1))
2192  end = atoi (q + 1);
2193  else if (q && !*(q + 1))
2194  end = 65535;
2195  }
2196  if (start < 1)
2197  start = 1;
2198  if (start > end)
2199  {
2200  g_free (mem);
2201  g_free (ports);
2202  return NULL;
2203  }
2204  for (j = start; j <= end; j++)
2205  ports[i++] = j;
2206  ports[i++] = 0;
2207 
2208  qsort (ports, i, sizeof (u_short), qsort_compar);
2209  tmp = g_realloc (ports, i * sizeof (short));
2210  if (len != NULL)
2211  *len = i - 1;
2212  g_free (mem);
2213 
2214  last_ret = tmp;
2215  last_expr = g_strdup (origexpr);
2216  last_num = i - 1;
2217  return tmp;
2218 }
static int qsort_compar(const void *a, const void *b)
Definition: network.c:2081
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nrecv()

int nrecv ( int  ,
void *  ,
int  ,
int   
)

Definition at line 1441 of file network.c.

References block_socket(), connections, OPENVAS_FD_OFF, OPENVAS_STREAM, and read_stream_connection().

1442 {
1443  int e;
1444  if (OPENVAS_STREAM (fd))
1445  {
1446  if (connections[fd - OPENVAS_FD_OFF].fd < 0)
1447  g_message ("OpenVAS file descriptor %d closed ?!", fd);
1448  else
1449  return read_stream_connection (fd, data, length);
1450  }
1451  /* Trying OS's recv()
1452  *
1453  * Do *NOT* use os_recv() here, as it will be blocking until the exact
1454  * amount of requested data arrives
1455  */
1456  block_socket (fd);
1457  do
1458  {
1459  e = recv (fd, data, length, i_opt);
1460  }
1461  while (e < 0 && errno == EINTR);
1462  return e;
1463 }
#define OPENVAS_FD_OFF
Definition: network.c:105
static openvas_connection connections[OPENVAS_FD_MAX]
Definition: network.c:107
int read_stream_connection(int fd, void *buf0, int len)
Definition: network.c:1272
#define OPENVAS_STREAM(x)
Definition: network.c:126
static int block_socket(int soc)
Definition: network.c:313
Here is the call graph for this function:

◆ nsend()

int nsend ( int  ,
void *  ,
int  ,
int   
)

Definition at line 1402 of file network.c.

References block_socket(), connections, OPENVAS_FD_OFF, OPENVAS_STREAM, os_send(), timeval(), and write_stream_connection4().

Referenced by nasl_end_denial(), and nasl_send().

1403 {
1404  int n = 0;
1405 
1406  if (OPENVAS_STREAM (fd))
1407  {
1408  if (connections[fd - OPENVAS_FD_OFF].fd < 0)
1409  g_message ("OpenVAS file descriptor %d closed ?!", fd);
1410  else
1411  return write_stream_connection4 (fd, data, length, i_opt);
1412  }
1413  /* Trying OS's send() */
1414  block_socket (fd); /* ??? */
1415  do
1416  {
1417  struct timeval tv = {0, 5};
1418  fd_set wr;
1419  int e;
1420 
1421  FD_ZERO (&wr);
1422  FD_SET (fd, &wr);
1423 
1424  errno = 0;
1425  e = select (fd + 1, NULL, &wr, NULL, &tv);
1426  if (e > 0)
1427  n = os_send (fd, data, length, i_opt);
1428  else if (e < 0 && errno == EINTR)
1429  continue;
1430  else
1431  break;
1432  }
1433  while (n <= 0 && errno == EINTR);
1434  if (n < 0)
1435  g_message ("[%d] nsend():send %s", getpid (), strerror (errno));
1436 
1437  return n;
1438 }
#define OPENVAS_FD_OFF
Definition: network.c:105
int os_send(int soc, void *buf, int len, int opt)
Definition: network.c:2023
static openvas_connection connections[OPENVAS_FD_MAX]
Definition: network.c:107
#define OPENVAS_STREAM(x)
Definition: network.c:126
static int block_socket(int soc)
Definition: network.c:313
struct timeval timeval(unsigned long val)
static int write_stream_connection4(int fd, void *buf0, int n, int i_opt)
Definition: network.c:1278
Here is the call graph for this function:
Here is the caller graph for this function:

◆ open_sock_opt_hn()

int open_sock_opt_hn ( const char *  ,
unsigned  int,
int  ,
int  ,
int   
)

Definition at line 1700 of file network.c.

References hostname, and open_socket().

Referenced by nasl_open_sock_kdc().

1702 {
1703  struct sockaddr_in addr;
1704  struct sockaddr_in6 addr6;
1705  struct in6_addr in6addr;
1706 
1707  gvm_resolve_as_addr6 (hostname, &in6addr);
1708  if (IN6_IS_ADDR_V4MAPPED (&in6addr))
1709  {
1710  bzero ((void *) &addr, sizeof (addr));
1711  addr.sin_family = AF_INET;
1712  addr.sin_port = htons ((unsigned short) port);
1713  addr.sin_addr.s_addr = in6addr.s6_addr32[3];
1714  return open_socket ((struct sockaddr *) &addr, type, protocol, timeout,
1715  sizeof (struct sockaddr_in));
1716  }
1717  else
1718  {
1719  bzero ((void *) &addr6, sizeof (addr6));
1720  addr6.sin6_family = AF_INET6;
1721  addr6.sin6_port = htons ((unsigned short) port);
1722  memcpy (&addr6.sin6_addr, &in6addr, sizeof (struct in6_addr));
1723  return open_socket ((struct sockaddr *) &addr6, type, protocol, timeout,
1724  sizeof (struct sockaddr_in6));
1725  }
1726 }
static int open_socket(struct sockaddr *paddr, int type, int protocol, int timeout, int len)
Definition: network.c:1601
const char * hostname
Definition: pluginlaunch.c:76
Here is the call graph for this function:
Here is the caller graph for this function:

◆ open_sock_option()

int open_sock_option ( struct script_infos ,
unsigned  int,
int  ,
int  ,
int   
)

Definition at line 1802 of file network.c.

References open_socket(), and plug_get_host_ip().

Referenced by open_sock_tcp().

1804 {
1805  struct sockaddr_in addr;
1806  struct sockaddr_in6 addr6;
1807  struct in6_addr *t;
1808 
1809  t = plug_get_host_ip (args);
1810  if (!t)
1811  {
1812  g_message ("ERROR ! NO ADDRESS ASSOCIATED WITH NAME");
1813  return -1;
1814  }
1815  if (IN6_ARE_ADDR_EQUAL (t, &in6addr_any))
1816  return -1;
1817  if (IN6_IS_ADDR_V4MAPPED (t))
1818  {
1819  bzero ((void *) &addr, sizeof (addr));
1820  addr.sin_family = AF_INET;
1821  addr.sin_port = htons ((unsigned short) port);
1822  addr.sin_addr.s_addr = t->s6_addr32[3];
1823  return open_socket ((struct sockaddr *) &addr, type, protocol, timeout,
1824  sizeof (struct sockaddr_in));
1825  }
1826  else
1827  {
1828  bzero ((void *) &addr6, sizeof (addr6));
1829  addr6.sin6_family = AF_INET6;
1830  addr6.sin6_port = htons ((unsigned short) port);
1831  memcpy (&addr6.sin6_addr, t, sizeof (struct in6_addr));
1832  return open_socket ((struct sockaddr *) &addr6, type, protocol, timeout,
1833  sizeof (struct sockaddr_in6));
1834  }
1835 }
static int open_socket(struct sockaddr *paddr, int type, int protocol, int timeout, int len)
Definition: network.c:1601
struct in6_addr * plug_get_host_ip(struct script_infos *args)
Definition: plugutils.c:285
Here is the call graph for this function:
Here is the caller graph for this function:

◆ open_sock_tcp()

int open_sock_tcp ( struct script_infos ,
unsigned  int,
int   
)

Definition at line 1729 of file network.c.

References host_get_port_state(), script_infos::ip, script_infos::key, open_sock_option(), plug_current_vhost(), plug_get_host_ip_str(), and plug_get_kb().

Referenced by open_stream_connection_ext().

1730 {
1731  int ret, retry = 0;
1732  const char *timeout_retry;
1733 
1734  timeout_retry = prefs_get ("timeout_retry");
1735  if (timeout_retry)
1736  retry = atoi (timeout_retry);
1737  if (retry < 0)
1738  retry = 0;
1739 
1740  while (retry >= 0)
1741  {
1742  errno = 0;
1743  ret = open_sock_option (args, port, SOCK_STREAM, IPPROTO_TCP, timeout);
1744  if (ret >= 0 || errno != ETIMEDOUT)
1745  break;
1746  retry--;
1747  }
1748  if (ret < 0 && errno == ETIMEDOUT)
1749  {
1750  int log_count, attempts = 0;
1751  char *ip_str = plug_get_host_ip_str (args), buffer[1024];
1752  kb_t kb = plug_get_kb (args);
1753  const char *max_attempts;
1754 
1755  max_attempts = prefs_get ("open_sock_max_attempts");
1756  if (max_attempts)
1757  attempts = atoi (max_attempts);
1758  if (attempts < 0)
1759  attempts = 0;
1760 
1761  g_snprintf (buffer, sizeof (buffer), "ConnectTimeout/%s/%d", ip_str,
1762  port);
1763  log_count = kb_item_get_int (kb, buffer);
1764  if (log_count == -1)
1765  log_count = 0;
1766  if (log_count < 3)
1767  {
1768  g_message ("open_sock_tcp: %s:%d time-out.", ip_str, port);
1769  log_count++;
1770  kb_item_set_int (kb, buffer, log_count);
1771  }
1772  if ((log_count >= attempts) && (attempts != 0))
1773  {
1774  /* After some unsuccessfully attempts, the port is set to closed to
1775  * avoid new attempts from other plugins.
1776  */
1777  if (host_get_port_state (args, port) > 0)
1778  {
1779  char ip_str[INET6_ADDRSTRLEN];
1780 
1781  g_snprintf (buffer, sizeof (buffer), "Ports/tcp/%d", port);
1782  g_message ("open_sock_tcp: %s:%d too many timeouts. "
1783  "This port will be set to closed.",
1784  ip_str, port);
1785  kb_item_set_int (kb, buffer, 0);
1786 
1787  addr6_to_str (args->ip, ip_str);
1788  snprintf (buffer, sizeof (buffer),
1789  "ERRMSG|||%s|||%d/tcp||| |||Too many timeouts. The port"
1790  " was set to closed.",
1791  plug_current_vhost () ?: " ", port);
1792  kb_item_push_str (args->key, "internal/results", buffer);
1793  }
1794  }
1795  g_free (ip_str);
1796  }
1797 
1798  return ret;
1799 }
kb_t plug_get_kb(struct script_infos *args)
Definition: plugutils.c:658
const char * plug_current_vhost(void)
Definition: plugutils.c:57
int host_get_port_state(struct script_infos *plugdata, int portnum)
Definition: plugutils.c:154
int open_sock_option(struct script_infos *args, unsigned int port, int type, int protocol, int timeout)
Definition: network.c:1802
char * plug_get_host_ip_str(struct script_infos *desc)
Definition: plugutils.c:291
Here is the call graph for this function:
Here is the caller graph for this function:

◆ open_stream_auto_encaps_ext()

int open_stream_auto_encaps_ext ( struct script_infos ,
unsigned int  port,
int  timeout,
int  force 
)

Definition at line 1002 of file network.c.

References open_stream_connection(), OPENVAS_ENCAPS_IP, OPENVAS_ENCAPS_TLScustom, plug_get_port_transport(), and plug_set_port_transport().

Referenced by nasl_open_sock_tcp_bufsz().

1004 {
1005  int fd, transport;
1006 
1007  if (force)
1008  {
1009  /* Try SSL/TLS first */
1010  transport = OPENVAS_ENCAPS_TLScustom;
1011  fd = open_stream_connection (args, port, transport, timeout);
1012  if (fd < 0)
1013  {
1014  transport = OPENVAS_ENCAPS_IP;
1015  fd = open_stream_connection (args, port, OPENVAS_ENCAPS_IP, timeout);
1016  if (fd < 0)
1017  return -1;
1018  }
1019  /* Store that encapsulation mode in the KB. */
1020  plug_set_port_transport (args, port, transport);
1021  return fd;
1022  }
1023  else
1024  {
1025  transport = plug_get_port_transport (args, port);
1026  fd = open_stream_connection (args, port, transport, timeout);
1027  return fd;
1028  }
1029  /*NOTREACHED*/
1030 }
int plug_get_port_transport(struct script_infos *args, int port)
Definition: plugutils.c:885
void plug_set_port_transport(struct script_infos *args, int port, int tr)
Definition: plugutils.c:872
int open_stream_connection(struct script_infos *args, unsigned int port, int transport, int timeout)
Definition: network.c:992
Here is the call graph for this function:
Here is the caller graph for this function:

◆ open_stream_connection()

int open_stream_connection ( struct script_infos ,
unsigned  int,
int  ,
int   
)

Definition at line 992 of file network.c.

References open_stream_connection_ext().

Referenced by nasl_end_denial(), nasl_start_denial(), open_stream_auto_encaps_ext(), and plugin_do_run().

994 {
995  return open_stream_connection_ext (args, port, transport, timeout,
996  "NORMAL:+ARCFOUR-128:%COMPAT");
997 }
int open_stream_connection_ext(struct script_infos *args, unsigned int port, int transport, int timeout, const char *priority)
Definition: network.c:886
Here is the call graph for this function:
Here is the caller graph for this function:

◆ open_stream_connection_ext()

int open_stream_connection_ext ( struct script_infos ,
unsigned  int,
int  ,
int  ,
const char *   
)

Definition at line 886 of file network.c.

References openvas_connection::fd, get_connection_fd(), hostname, openvas_connection::last_err, script_infos::name, open_sock_tcp(), open_SSL_connection(), OPENVAS_ENCAPS_IP, OPENVAS_ENCAPS_SSLv2, OPENVAS_ENCAPS_SSLv23, OPENVAS_ENCAPS_SSLv3, OPENVAS_ENCAPS_TLScustom, OPENVAS_ENCAPS_TLSv1, OPENVAS_ENCAPS_TLSv11, OPENVAS_ENCAPS_TLSv12, OVAS_CONNECTION_FROM_FD, plug_get_host_fqdn(), plug_get_kb(), openvas_connection::port, openvas_connection::priority, release_connection_fd(), TIMEOUT, openvas_connection::timeout, and openvas_connection::transport.

Referenced by nasl_open_sock_tcp_bufsz(), and open_stream_connection().

888 {
889  int fd;
890  openvas_connection *fp;
891  char *cert = NULL;
892  char *key = NULL;
893  char *passwd = NULL;
894  char *cafile = NULL;
895  char *hostname = NULL;
896 
897  if (!priority)
898  priority = ""; /* To us an empty string is equivalent to NULL. */
899 
900  g_debug ("[%d] open_stream_connection: TCP:%d transport:%d timeout:%d "
901  " priority: '%s'",
902  getpid (), port, transport, timeout, priority);
903 
904  if (timeout == -2)
905  timeout = TIMEOUT;
906 
907  switch (transport)
908  {
909  case OPENVAS_ENCAPS_IP:
910 
918  break;
919 
920  default:
921  g_message ("open_stream_connection_ext(): unsupported transport"
922  " layer %d passed by %s",
923  transport, args->name);
924  errno = EINVAL;
925  return -1;
926  }
927 
928  if ((fd = get_connection_fd ()) < 0)
929  return -1;
930  fp = OVAS_CONNECTION_FROM_FD (fd);
931 
932  fp->transport = transport;
933  g_free (fp->priority);
934  if (*priority)
935  fp->priority = g_strdup (priority);
936  else
937  fp->priority = NULL;
938  fp->timeout = timeout;
939  fp->port = port;
940  fp->last_err = 0;
941 
942  fp->fd = open_sock_tcp (args, port, timeout);
943  if (fp->fd < 0)
944  goto failed;
945 
946  kb_t kb = plug_get_kb (args);
947  switch (transport)
948  {
949  int ret;
950  char buf[1024];
951 
952  case OPENVAS_ENCAPS_IP:
953  break;
960  cert = kb_item_get_str (kb, "SSL/cert");
961  key = kb_item_get_str (kb, "SSL/key");
962  passwd = kb_item_get_str (kb, "SSL/password");
963 
964  cafile = kb_item_get_str (kb, "SSL/CA");
965 
966  /* fall through */
967 
969  /* We do not need a client certificate in this case */
970  snprintf (buf, sizeof (buf), "Host/SNI/%d/force_disable", fp->port);
971  if (kb_item_get_int (kb, buf) <= 0)
972  hostname = plug_get_host_fqdn (args);
973  ret = open_SSL_connection (fp, cert, key, passwd, cafile, hostname);
974  g_free (hostname);
975  g_free (cert);
976  g_free (key);
977  g_free (passwd);
978  g_free (cafile);
979  if (ret <= 0)
980  goto failed;
981  break;
982  }
983 
984  return fd;
985 
986 failed:
987  release_connection_fd (fd, 0);
988  return -1;
989 }
static int get_connection_fd(void)
Returns a free file descriptor.
Definition: network.c:163
char * plug_get_host_fqdn(struct script_infos *args)
Definition: plugutils.c:211
static int release_connection_fd(int fd, int already_closed)
Definition: network.c:183
#define OVAS_CONNECTION_FROM_FD(fd)
Definition: network.c:132
kb_t plug_get_kb(struct script_infos *args)
Definition: plugutils.c:658
openvas_encaps_t transport
Definition: network.c:82
int open_sock_tcp(struct script_infos *args, unsigned int port, int timeout)
Definition: network.c:1729
#define TIMEOUT
Definition: network.c:58
static int open_SSL_connection(openvas_connection *fp, const char *cert, const char *key, const char *passwd, const char *cafile, const char *hostname)
Definition: network.c:561
const char * hostname
Definition: pluginlaunch.c:76
char * priority
Definition: network.c:83
Here is the call graph for this function:
Here is the caller graph for this function:

◆ openvas_deregister_connection()

int openvas_deregister_connection ( int  )

Definition at line 269 of file network.c.

References connections, OPENVAS_FD_OFF, OPENVAS_STREAM, openvas_connection::priority, and openvas_connection::transport.

270 {
272  if (!OPENVAS_STREAM (fd))
273  {
274  errno = EINVAL;
275  return -1;
276  }
277 
278  p = connections + (fd - OPENVAS_FD_OFF);
279  /* Fixme: Code duplicated from release_connection_fd. Check usage
280  of this function make sure that TLS stuff is also released in
281  case it is used here. */
282  g_free (p->priority);
283  p->priority = NULL;
284  bzero (p, sizeof (*p));
285  p->transport = -1;
286  return 0;
287 }
#define OPENVAS_FD_OFF
Definition: network.c:105
static openvas_connection connections[OPENVAS_FD_MAX]
Definition: network.c:107
openvas_encaps_t transport
Definition: network.c:82
#define OPENVAS_STREAM(x)
Definition: network.c:126
char * priority
Definition: network.c:83

◆ openvas_get_socket_from_connection()

int openvas_get_socket_from_connection ( int  )

Definition at line 367 of file network.c.

References connections, openvas_connection::fd, OPENVAS_FD_OFF, OPENVAS_STREAM, and openvas_connection::transport.

Referenced by nasl_get_source_port(), nasl_ssh_connect(), and plugin_do_run().

368 {
369  openvas_connection *fp;
370 
371  if (!OPENVAS_STREAM (fd))
372  {
373  g_message ("[%d] openvas_get_socket_from_connection: bad fd <%d>",
374  getpid (), fd);
375  return fd;
376  }
377  fp = connections + (fd - OPENVAS_FD_OFF);
378  if (fp->transport <= 0)
379  {
380  g_message ("openvas_get_socket_from_connection: fd <%d> is closed", fd);
381  return -1;
382  }
383  return fp->fd;
384 }
#define OPENVAS_FD_OFF
Definition: network.c:105
static openvas_connection connections[OPENVAS_FD_MAX]
Definition: network.c:107
openvas_encaps_t transport
Definition: network.c:82
#define OPENVAS_STREAM(x)
Definition: network.c:126
Here is the caller graph for this function:

◆ openvas_register_connection()

int openvas_register_connection ( int  soc,
void *  ssl,
gnutls_certificate_credentials_t  certcred,
openvas_encaps_t  encaps 
)
Todo:
TLS FIXME: migrate this to TLS
Todo:
Fix the voidness of the ssl parameter (problematic in 64bit env.) here or on caller-side
Parameters
socSocket to use.

Definition at line 244 of file network.c.

References openvas_connection::fd, get_connection_fd(), openvas_connection::last_err, OVAS_CONNECTION_FROM_FD, openvas_connection::port, openvas_connection::priority, TIMEOUT, openvas_connection::timeout, openvas_connection::tls_cred, openvas_connection::tls_session, and openvas_connection::transport.

Referenced by nasl_open_privileged_socket().

247 {
248  int fd;
250 
251  if ((fd = get_connection_fd ()) < 0)
252  return -1;
253  p = OVAS_CONNECTION_FROM_FD (fd);
254 
255  p->tls_session = ssl;
256  p->tls_cred = certcred;
257 
258  p->timeout = TIMEOUT; /* default value */
259  p->port = 0; /* just used for debug */
260  p->fd = soc;
261  p->transport = encaps;
262  p->priority = NULL;
263  p->last_err = 0;
264 
265  return fd;
266 }
static int get_connection_fd(void)
Returns a free file descriptor.
Definition: network.c:163
gnutls_session_t tls_session
Definition: network.c:88
#define OVAS_CONNECTION_FROM_FD(fd)
Definition: network.c:132
openvas_encaps_t transport
Definition: network.c:82
gnutls_certificate_credentials_t tls_cred
Definition: network.c:89
#define TIMEOUT
Definition: network.c:58
char * priority
Definition: network.c:83
Here is the call graph for this function:
Here is the caller graph for this function:

◆ openvas_SSL_init()

int openvas_SSL_init ( void  )

Initializes SSL support.

Definition at line 351 of file network.c.

References log_message_gnutls(), and tlserror().

Referenced by main(), openvas(), and start_single_task_scan().

352 {
353  gnutls_global_set_log_level (2);
354  gnutls_global_set_log_function (log_message_gnutls);
355 
356  int ret = gnutls_global_init ();
357  if (ret < 0)
358  {
359  tlserror ("gnutls_global_init", ret);
360  return -1;
361  }
362 
363  return 0;
364 }
static void log_message_gnutls(int level, const char *msg)
Definition: network.c:342
void tlserror(char *txt, int err)
Definition: network.c:336
Here is the call graph for this function:
Here is the caller graph for this function:

◆ os_recv()

int os_recv ( int  ,
void *  ,
int  ,
int   
)

Definition at line 2042 of file network.c.

2043 {
2044  char *buf0 = (char *) buf;
2045  int e, n;
2046  for (n = 0; n < len;)
2047  {
2048  errno = 0;
2049  e = recv (soc, buf0 + n, len - n, opt);
2050  if (e < 0 && errno == EINTR)
2051  continue;
2052  else if (e <= 0)
2053  return -1;
2054  else
2055  n += e;
2056  }
2057  return n;
2058 }

◆ os_send()

int os_send ( int  ,
void *  ,
int  ,
int   
)

Definition at line 2023 of file network.c.

Referenced by nsend().

2024 {
2025  char *buf0 = (char *) buf;
2026  int e, n;
2027  for (n = 0; n < len;)
2028  {
2029  errno = 0;
2030  e = send (soc, buf0 + n, len - n, opt);
2031  if (e < 0 && errno == EINTR)
2032  continue;
2033  else if (e <= 0)
2034  return -1;
2035  else
2036  n += e;
2037  }
2038  return n;
2039 }
Here is the caller graph for this function:

◆ ovas_get_tlssession_from_connection()

gnutls_session_t ovas_get_tlssession_from_connection ( int  )

Definition at line 387 of file network.c.

References connections, OPENVAS_FD_OFF, OPENVAS_STREAM, and openvas_connection::tls_session.

Referenced by socket_get_cert(), socket_get_ssl_ciphersuite(), socket_get_ssl_session_id(), and socket_get_ssl_version().

388 {
389  openvas_connection *fp;
390 
391  if (!OPENVAS_STREAM (fd))
392  return NULL;
393 
394  fp = connections + (fd - OPENVAS_FD_OFF);
395  return fp->tls_session;
396 }
#define OPENVAS_FD_OFF
Definition: network.c:105
gnutls_session_t tls_session
Definition: network.c:88
static openvas_connection connections[OPENVAS_FD_MAX]
Definition: network.c:107
#define OPENVAS_STREAM(x)
Definition: network.c:126
Here is the caller graph for this function:

◆ read_stream_connection()

int read_stream_connection ( int  ,
void *  ,
int   
)

Definition at line 1272 of file network.c.

References read_stream_connection_min().

Referenced by nasl_telnet_init(), nrecv(), and plugin_do_run().

1273 {
1274  return read_stream_connection_min (fd, buf0, -1, len);
1275 }
int read_stream_connection_min(int fd, void *buf0, int min_len, int max_len)
Definition: network.c:1212
Here is the call graph for this function:
Here is the caller graph for this function:

◆ read_stream_connection_min()

int read_stream_connection_min ( int  ,
void *  ,
int  ,
int   
)

Definition at line 1212 of file network.c.

References openvas_connection::buf, openvas_connection::bufcnt, openvas_connection::bufptr, openvas_connection::bufsz, OPENVAS_STREAM, OVAS_CONNECTION_FROM_FD, and read_stream_connection_unbuffered().

Referenced by nasl_recv(), nasl_recv_line(), nasl_telnet_init(), plugin_do_run(), read_stream_connection(), and recv_line().

1213 {
1214  openvas_connection *fp;
1215 
1216  if (OPENVAS_STREAM (fd))
1217  {
1218  fp = OVAS_CONNECTION_FROM_FD (fd);
1219  if (fp->buf != NULL)
1220  {
1221  int l1, l2;
1222 
1223  if (max_len == 1)
1224  min_len = 1; /* avoid "magic read" later */
1225  l2 = max_len > fp->bufcnt ? fp->bufcnt : max_len;
1226  if (l2 > 0)
1227  {
1228  memcpy (buf0, fp->buf + fp->bufptr, l2);
1229  fp->bufcnt -= l2;
1230  if (fp->bufcnt == 0)
1231  {
1232  fp->bufptr = 0;
1233  fp->buf[0] = '\0'; /* debug */
1234  }
1235  else
1236  fp->bufptr += l2;
1237  if (l2 >= min_len || l2 >= max_len)
1238  return l2;
1239  max_len -= l2;
1240  min_len -= l2;
1241  }
1242  if (min_len > fp->bufsz)
1243  {
1244  l1 = read_stream_connection_unbuffered (fd, (char *) buf0 + l2,
1245  min_len, max_len);
1246  if (l1 > 0)
1247  return l1 + l2;
1248  else
1249  return l2;
1250  }
1251  /* Fill buffer */
1252  l1 =
1253  read_stream_connection_unbuffered (fd, fp->buf, min_len, fp->bufsz);
1254  if (l1 <= 0)
1255  return l2;
1256 
1257  fp->bufcnt = l1;
1258  l1 = max_len > fp->bufcnt ? fp->bufcnt : max_len;
1259  memcpy ((char *) buf0 + l2, fp->buf + fp->bufptr, l1);
1260  fp->bufcnt -= l1;
1261  if (fp->bufcnt == 0)
1262  fp->bufptr = 0;
1263  else
1264  fp->bufptr += l1;
1265  return l1 + l2;
1266  }
1267  }
1268  return read_stream_connection_unbuffered (fd, buf0, min_len, max_len);
1269 }
#define OVAS_CONNECTION_FROM_FD(fd)
Definition: network.c:132
#define OPENVAS_STREAM(x)
Definition: network.c:126
static int read_stream_connection_unbuffered(int fd, void *buf0, int min_len, int max_len)
Definition: network.c:1049
Here is the call graph for this function:
Here is the caller graph for this function:

◆ recv_line()

int recv_line ( int  soc,
char *  buf,
size_t  bufsiz 
)

Reads a text from the socket stream into the argument buffer, always.

appending a '\0' byte.

Parameters
bufBuffer to read into.
Returns
Number of bytes read, without the trailing '\0'.

Definition at line 1846 of file network.c.

References OPENVAS_STREAM, and read_stream_connection_min().

Referenced by ftp_get_pasv_address(), and ftp_log_in().

1847 {
1848  int n;
1849  unsigned int ret = 0;
1850 
1851  /* Dirty SSL hack */
1852  if (OPENVAS_STREAM (soc))
1853  {
1854  unsigned int ret = 0;
1855  buf[0] = '\0';
1856 
1857  do
1858  {
1859  n = read_stream_connection_min (soc, buf + ret, 1, 1);
1860  switch (n)
1861  {
1862  case -1:
1863  if (ret == 0)
1864  return -1;
1865  else
1866  return ret;
1867  break;
1868 
1869  case 0:
1870  return ret;
1871  break;
1872 
1873  default:
1874  ret++;
1875  }
1876  }
1877  while (buf[ret - 1] != '\0' && buf[ret - 1] != '\n' && ret < bufsiz);
1878 
1879  if (ret > 0)
1880  {
1881  if (buf[ret - 1] != '\0')
1882  {
1883  if (ret < bufsiz)
1884  buf[ret] = '\0';
1885  else
1886  buf[bufsiz - 1] = '\0';
1887  }
1888  }
1889 
1890  return ret;
1891  }
1892  else
1893  {
1894  fd_set rd;
1895 
1896  do
1897  {
1898  int e;
1899  again:
1900  errno = 0;
1901  FD_ZERO (&rd);
1902  FD_SET (soc, &rd);
1903  e = select (soc + 1, &rd, NULL, NULL, NULL);
1904  if (e == 0 && !FD_ISSET (soc, &rd))
1905  return -1;
1906  if (e < 0 && errno == EINTR)
1907  goto again;
1908  if (e > 0)
1909  {
1910  n = recv (soc, buf + ret, 1, 0);
1911  switch (n)
1912  {
1913  case -1:
1914  if (errno == EINTR)
1915  continue;
1916  if (ret == 0)
1917  return -1;
1918  else
1919  return ret;
1920  break;
1921  case 0:
1922  return ret;
1923  break;
1924  default:
1925  ret++;
1926  }
1927  }
1928  else
1929  break;
1930  }
1931  while (buf[ret - 1] != '\0' && buf[ret - 1] != '\n' && ret < bufsiz);
1932 
1933  if (ret > 0)
1934  {
1935  if (buf[ret - 1] != '\0')
1936  {
1937  if (ret < bufsiz)
1938  buf[ret] = '\0';
1939  else
1940  buf[bufsiz - 1] = '\0';
1941  }
1942  }
1943  }
1944 
1945  return ret;
1946 }
#define OPENVAS_STREAM(x)
Definition: network.c:126
int read_stream_connection_min(int fd, void *buf0, int min_len, int max_len)
Definition: network.c:1212
Here is the call graph for this function:
Here is the caller graph for this function:

◆ socket_close()

int socket_close ( int  )

Definition at line 1949 of file network.c.

Referenced by close_stream_connection(), open_socket(), and release_connection_fd().

1950 {
1951  return close (soc);
1952 }
Here is the caller graph for this function:

◆ socket_get_cert()

void socket_get_cert ( int  ,
void **  ,
int *   
)

Definition at line 730 of file network.c.

References fd_is_stream(), and ovas_get_tlssession_from_connection().

Referenced by nasl_socket_get_cert().

731 {
732  gnutls_session_t session;
733  const gnutls_datum_t *cert_list;
734  unsigned int cert_list_len = 0;
735 
736  if (!cert || !certlen)
737  return;
738  if (!fd_is_stream (fd))
739  {
740  g_message ("Socket %d is not stream", fd);
741  return;
742  }
744  if (!session)
745  {
746  g_message ("Socket %d is not SSL/TLS encapsulated", fd);
747  return;
748  }
749  if (gnutls_certificate_type_get (session) != GNUTLS_CRT_X509)
750  return;
751  cert_list = gnutls_certificate_get_peers (session, &cert_list_len);
752  if (cert_list_len == 0)
753  return;
754  *certlen = cert_list[0].size;
755  *cert = g_memdup (cert_list[0].data, *certlen);
756 }
gnutls_session_t ovas_get_tlssession_from_connection(int fd)
Definition: network.c:387
int fd_is_stream(int fd)
Definition: network.c:1959
Here is the call graph for this function:
Here is the caller graph for this function:

◆ socket_get_ssl_ciphersuite()

int socket_get_ssl_ciphersuite ( int  )

Definition at line 847 of file network.c.

References fd_is_stream(), and ovas_get_tlssession_from_connection().

Referenced by nasl_socket_get_ssl_ciphersuite().

848 {
849  gnutls_session_t session;
850  gnutls_kx_algorithm_t kx, kx2;
851  gnutls_cipher_algorithm_t cipher, cipher2;
852  gnutls_mac_algorithm_t mac, mac2;
853  size_t idx = 0;
854  unsigned char cs_id[2];
855 
856  if (!fd_is_stream (fd))
857  {
858  g_message ("Socket %d is not stream", fd);
859  return -1;
860  }
862  if (!session)
863  {
864  g_message ("Socket %d is not SSL/TLS encapsulated", fd);
865  return -1;
866  }
867 
868  kx = gnutls_kx_get (session);
869  cipher = gnutls_cipher_get (session);
870  mac = gnutls_mac_get (session);
871  while (
872  gnutls_cipher_suite_info (idx, (void *) cs_id, &kx2, &cipher2, &mac2, NULL))
873  {
874  if (kx == kx2 && cipher == cipher2 && mac == mac2)
875  return cs_id[0] + cs_id[1];
876  idx++;
877  }
878  return -1;
879 }
gnutls_session_t ovas_get_tlssession_from_connection(int fd)
Definition: network.c:387
int fd_is_stream(int fd)
Definition: network.c:1959
Here is the call graph for this function:
Here is the caller graph for this function:

◆ socket_get_ssl_compression()

int socket_get_ssl_compression ( int  )

◆ socket_get_ssl_session_id()

void socket_get_ssl_session_id ( int  ,
void **  ,
size_t *   
)

Definition at line 807 of file network.c.

References fd_is_stream(), ovas_get_tlssession_from_connection(), and tlserror().

Referenced by nasl_socket_get_ssl_session_id().

808 {
809  gnutls_session_t session;
810  void *tmp;
811  *ssize = GNUTLS_MAX_SESSION_ID;
812  int ret;
813 
814  if (!sid)
815  return;
816  if (!fd_is_stream (fd))
817  {
818  g_message ("Socket %d is not stream", fd);
819  return;
820  }
822  if (!session)
823  {
824  g_message ("Socket %d is not SSL/TLS encapsulated", fd);
825  return;
826  }
827  tmp = g_malloc0 (*ssize);
828  ret = gnutls_session_get_id (session, tmp, ssize);
829  if (ret == GNUTLS_E_SUCCESS)
830  *sid = tmp;
831  else
832  {
833  g_free (tmp);
834  *ssize = 0;
835  tlserror ("gnutls_session_id", ret);
836  }
837 }
gnutls_session_t ovas_get_tlssession_from_connection(int fd)
Definition: network.c:387
int fd_is_stream(int fd)
Definition: network.c:1959
void tlserror(char *txt, int err)
Definition: network.c:336
Here is the call graph for this function:
Here is the caller graph for this function:

◆ socket_get_ssl_version()

int socket_get_ssl_version ( int  )

Definition at line 766 of file network.c.

References fd_is_stream(), OPENVAS_ENCAPS_SSLv3, OPENVAS_ENCAPS_TLSv1, OPENVAS_ENCAPS_TLSv11, OPENVAS_ENCAPS_TLSv12, and ovas_get_tlssession_from_connection().

Referenced by nasl_socket_get_ssl_version().

767 {
768  gnutls_session_t session;
769  gnutls_protocol_t version;
770 
771  if (!fd_is_stream (fd))
772  {
773  g_message ("Socket %d is not stream", fd);
774  return -1;
775  }
777  if (!session)
778  {
779  g_message ("Socket %d is not SSL/TLS encapsulated", fd);
780  return -1;
781  }
782 
783  version = gnutls_protocol_get_version (session);
784  switch (version)
785  {
786  case GNUTLS_SSL3:
787  return OPENVAS_ENCAPS_SSLv3;
788  case GNUTLS_TLS1:
789  return OPENVAS_ENCAPS_TLSv1;
790  case GNUTLS_TLS1_1:
791  return OPENVAS_ENCAPS_TLSv11;
792  case GNUTLS_TLS1_2:
793  return OPENVAS_ENCAPS_TLSv12;
794  default:
795  return -1;
796  }
797 }
gnutls_session_t ovas_get_tlssession_from_connection(int fd)
Definition: network.c:387
int fd_is_stream(int fd)
Definition: network.c:1959
Here is the call graph for this function:
Here is the caller graph for this function:

◆ socket_negotiate_ssl()

int socket_negotiate_ssl ( int  ,
openvas_encaps_t  ,
struct script_infos  
)

Definition at line 683 of file network.c.

References fd_is_stream(), hostname, nasl_get_plugin_filename(), open_SSL_connection(), OVAS_CONNECTION_FROM_FD, plug_get_host_fqdn(), plug_get_kb(), openvas_connection::port, openvas_connection::priority, release_connection_fd(), and openvas_connection::transport.

Referenced by nasl_socket_negotiate_ssl().

685 {
686  char *cert = NULL, *key = NULL, *passwd = NULL, *cafile = NULL;
687  char *hostname = NULL;
688  openvas_connection *fp;
689  kb_t kb;
690  char buf[1024];
691 
692  if (!fd_is_stream (fd))
693  {
694  g_message ("Socket %d is not stream", fd);
695  return -1;
696  }
697  fp = OVAS_CONNECTION_FROM_FD (fd);
698  kb = plug_get_kb (args);
699  cert = kb_item_get_str (kb, "SSL/cert");
700  key = kb_item_get_str (kb, "SSL/key");
701  passwd = kb_item_get_str (kb, "SSL/password");
702  cafile = kb_item_get_str (kb, "SSL/CA");
703  snprintf (buf, sizeof (buf), "Host/SNI/%d/force_disable", fp->port);
704  if (kb_item_get_int (kb, buf) <= 0)
705  hostname = plug_get_host_fqdn (args);
706 
707  fp->transport = transport;
708  fp->priority = NULL;
709  if (open_SSL_connection (fp, cert, key, passwd, cafile, hostname) <= 0)
710  {
711  g_free (hostname);
712  g_message ("Function socket_negotiate_ssl called from %s: "
713  "SSL/TLS connection failed.",
715  release_connection_fd (fd, 0);
716  return -1;
717  }
718  g_free (hostname);
719  return fd;
720 }
char * plug_get_host_fqdn(struct script_infos *args)
Definition: plugutils.c:211
static int release_connection_fd(int fd, int already_closed)
Definition: network.c:183
#define OVAS_CONNECTION_FROM_FD(fd)
Definition: network.c:132
kb_t plug_get_kb(struct script_infos *args)
Definition: plugutils.c:658
const char * nasl_get_plugin_filename()
Get the current launched plugin filename.
Definition: nasl_debug.c:52
int fd_is_stream(int fd)
Definition: network.c:1959
openvas_encaps_t transport
Definition: network.c:82
static int open_SSL_connection(openvas_connection *fp, const char *cert, const char *key, const char *passwd, const char *cafile, const char *hostname)
Definition: network.c:561
const char * hostname
Definition: pluginlaunch.c:76
char * priority
Definition: network.c:83
Here is the call graph for this function:
Here is the caller graph for this function:

◆ stream_get_buffer_sz()

int stream_get_buffer_sz ( int  )

Definition at line 1965 of file network.c.

References openvas_connection::bufsz, OPENVAS_STREAM, and OVAS_CONNECTION_FROM_FD.

Referenced by nasl_recv_line().

1966 {
1967  openvas_connection *p;
1968  if (!OPENVAS_STREAM (fd))
1969  return -1;
1970  p = OVAS_CONNECTION_FROM_FD (fd);
1971  return p->bufsz;
1972 }
#define OVAS_CONNECTION_FROM_FD(fd)
Definition: network.c:132
#define OPENVAS_STREAM(x)
Definition: network.c:126
Here is the caller graph for this function:

◆ stream_get_err()

int stream_get_err ( int  )

Definition at line 145 of file network.c.

References openvas_connection::last_err, OPENVAS_STREAM, and OVAS_CONNECTION_FROM_FD.

Referenced by nasl_socket_get_error().

146 {
148 
149  if (!OPENVAS_STREAM (fd))
150  {
151  errno = EINVAL;
152  return -1;
153  }
154 
155  p = OVAS_CONNECTION_FROM_FD (fd);
156  return p->last_err;
157 }
#define OVAS_CONNECTION_FROM_FD(fd)
Definition: network.c:132
#define OPENVAS_STREAM(x)
Definition: network.c:126
Here is the caller graph for this function:

◆ stream_set()

int stream_set ( int  ,
fd_set *   
)

◆ stream_set_buffer()

int stream_set_buffer ( int  ,
int   
)

Definition at line 1975 of file network.c.

References openvas_connection::buf, openvas_connection::bufcnt, openvas_connection::bufptr, openvas_connection::bufsz, OPENVAS_STREAM, and OVAS_CONNECTION_FROM_FD.

Referenced by nasl_open_sock_tcp_bufsz(), and nasl_recv_line().

1976 {
1977  openvas_connection *p;
1978  char *b;
1979 
1980  if (!OPENVAS_STREAM (fd))
1981  return -1;
1982 
1983  p = OVAS_CONNECTION_FROM_FD (fd);
1984  if (sz < p->bufcnt)
1985  return -1; /* Do not want to lose data */
1986 
1987  if (sz == 0)
1988  {
1989  g_free (p->buf);
1990  p->buf = NULL;
1991  p->bufsz = 0;
1992  return 0;
1993  }
1994  else if (p->buf == 0)
1995  {
1996  p->buf = g_malloc0 (sz);
1997  if (p->buf == NULL)
1998  return -1;
1999  p->bufsz = sz;
2000  p->bufptr = 0;
2001  p->bufcnt = 0;
2002  return 0;
2003  }
2004  else
2005  {
2006  if (p->bufcnt > 0)
2007  {
2008  memmove (p->buf, p->buf + p->bufptr, p->bufcnt);
2009  p->bufptr = 0;
2010  }
2011  b = g_realloc (p->buf, sz);
2012  if (b == NULL)
2013  return -1;
2014  p->buf = b;
2015  p->bufsz = sz;
2016  return 0;
2017  }
2018 }
#define OVAS_CONNECTION_FROM_FD(fd)
Definition: network.c:132
#define OPENVAS_STREAM(x)
Definition: network.c:126
Here is the caller graph for this function:

◆ stream_set_timeout()

int stream_set_timeout ( int  ,
int   
)

Definition at line 1033 of file network.c.

References OPENVAS_STREAM, OVAS_CONNECTION_FROM_FD, and openvas_connection::timeout.

Referenced by nasl_recv(), and plugin_do_run().

1034 {
1035  int old;
1036  openvas_connection *fp;
1037  if (!OPENVAS_STREAM (fd))
1038  {
1039  errno = EINVAL;
1040  return 0;
1041  }
1042  fp = OVAS_CONNECTION_FROM_FD (fd);
1043  old = fp->timeout;
1044  fp->timeout = timeout;
1045  return old;
1046 }
#define OVAS_CONNECTION_FROM_FD(fd)
Definition: network.c:132
#define OPENVAS_STREAM(x)
Definition: network.c:126
Here is the caller graph for this function:

◆ stream_zero()

int stream_zero ( fd_set *  )

◆ write_stream_connection()

int write_stream_connection ( int  ,
void *  buf,
int  n 
)

Definition at line 1396 of file network.c.

References write_stream_connection4().

Referenced by ftp_get_pasv_address(), ftp_log_in(), nasl_telnet_init(), and plugin_do_run().

1397 {
1398  return write_stream_connection4 (fd, buf0, n, 0);
1399 }
static int write_stream_connection4(int fd, void *buf0, int n, int i_opt)
Definition: network.c:1278
Here is the call graph for this function:
Here is the caller graph for this function: