OpenVAS Scanner  7.0.1~git
nasl_plugins.c
Go to the documentation of this file.
1 /* Portions Copyright (C) 2009-2019 Greenbone Networks GmbH
2  * Portions Copyright (C) 2006 Software in the Public Interest, Inc.
3  * Based on work Copyright (C) 1998 - 2006 Tenable Network Security, Inc.
4  *
5  * SPDX-License-Identifier: GPL-2.0-only
6  *
7  * This program is free software; you can redistribute it and/or
8  * modify it under the terms of the GNU General Public License
9  * version 2 as published by the Free Software Foundation.
10  *
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14  * GNU General Public License for more details.
15  *
16  * You should have received a copy of the GNU General Public License
17  * along with this program; if not, write to the Free Software
18  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
19  */
20 
26 #include "../misc/network.h"
27 #include "../misc/plugutils.h" /* for plug_set_launch */
28 #include "../nasl/nasl.h"
29 #include "pluginlaunch.h"
30 #include "pluginload.h"
31 #include "pluginscheduler.h"
32 #include "processes.h"
33 
34 #include <errno.h> /* for errno */
35 #include <glib.h>
36 #include <gvm/base/drop_privileges.h> /* for drop_privileges */
37 #include <gvm/base/networking.h>
38 #include <gvm/base/prefs.h> /* for prefs_get_bool */
39 #include <gvm/base/proctitle.h>
40 #include <gvm/util/nvticache.h> /* for nvticache_add */
41 #include <stdio.h> /* for snprintf() */
42 #include <string.h> /* for strlen() */
43 #include <sys/stat.h>
44 #include <sys/types.h>
45 #include <unistd.h> /* for close() */
46 #include <utime.h>
47 
48 #undef G_LOG_DOMAIN
49 
52 #define G_LOG_DOMAIN "sd main"
53 
62 static int
63 check_nvti (const char *filename, nvti_t *nvt)
64 {
65  assert (filename);
66  assert (nvt);
67 
68  if (!nvti_oid (nvt))
69  {
70  g_warning ("%s: Missing OID", filename);
71  return -1;
72  }
73  else if (!nvti_name (nvt))
74  {
75  g_warning ("%s: Missing name", filename);
76  return -1;
77  }
78  else if (!nvti_family (nvt))
79  {
80  g_warning ("%s: Missing family", filename);
81  return -1;
82  }
83  return 0;
84 }
85 
98 int
99 nasl_plugin_add (char *folder, char *filename)
100 {
101  char fullname[PATH_MAX + 1];
102  int nasl_mode;
103  nasl_mode = NASL_EXEC_DESCR;
104 
105  snprintf (fullname, sizeof (fullname), "%s/%s", folder, filename);
106 
107  if (prefs_get_bool ("nasl_no_signature_check"))
108  {
109  nasl_mode |= NASL_ALWAYS_SIGNED;
110  }
111 
112  if (!nvticache_check (filename))
113  {
114  nvti_t *new_nvti;
115  struct script_infos *args;
116  time_t now;
117  struct utimbuf updated_timestamp;
118 
119  args = g_malloc0 (sizeof (struct script_infos));
120  args->key = nvticache_get_kb ();
121  new_nvti = nvti_new ();
122  args->nvti = new_nvti;
123  args->name = fullname;
124  if (exec_nasl_script (args, nasl_mode) < 0)
125  {
126  g_debug ("%s: Could not be loaded", fullname);
127  g_free (args);
128  return -1;
129  }
130  g_free (args);
131 
132  now = time (NULL) - 1;
133  updated_timestamp.actime = now;
134  updated_timestamp.modtime = now;
135  utime (fullname, &updated_timestamp);
136 
137  if (!check_nvti (filename, new_nvti))
138  nvticache_add (new_nvti, filename);
139  nvti_free (new_nvti);
140  }
141  return 0;
142 }
143 
144 static void
145 nasl_thread (struct script_infos *);
146 
150 int
151 nasl_plugin_launch (struct scan_globals *globals, struct in6_addr *ip,
152  GSList *vhosts, kb_t kb, const char *oid)
153 {
154  int module;
155  struct script_infos infos;
156 
157  memset (&infos, '\0', sizeof (infos));
158  infos.ip = ip;
159  infos.vhosts = vhosts;
160  infos.globals = globals;
161  infos.key = kb;
162  infos.oid = (char *) oid;
163  infos.name = nvticache_get_src (oid);
164 
165  module = create_process ((process_func_t) nasl_thread, &infos);
166  g_free (infos.name);
167  return module;
168 }
169 
170 static void
171 nasl_thread (struct script_infos *args)
172 {
173  char ip_str[INET6_ADDRSTRLEN];
174  int nasl_mode = 0;
175  kb_t kb;
176  GError *error = NULL;
177 
178  /* Make plugin process a group leader, to make it easier to cleanup forked
179  * processes & their children. */
180  setpgid (0, 0);
181  nvticache_reset ();
182  kb = args->key;
183  kb_lnk_reset (kb);
184  addr6_to_str (args->ip, ip_str);
185  proctitle_set ("openvas: testing %s (%s)", ip_str, args->name);
186 
187  if (prefs_get_bool ("nasl_no_signature_check"))
188  nasl_mode |= NASL_ALWAYS_SIGNED;
189 
190  if (prefs_get_bool ("drop_privileges"))
191  {
192  int drop_priv_res = drop_privileges (NULL, &error);
193  if (drop_priv_res != GVM_DROP_PRIVILEGES_OK)
194  {
195  if (drop_priv_res != GVM_DROP_PRIVILEGES_FAIL_NOT_ROOT)
196  g_debug ("Failed to drop privileges for %s", args->name);
197  g_error_free (error);
198  }
199  }
200 
201  if (exec_nasl_script (args, nasl_mode))
202  g_debug ("exec_nasl_script: %s error", args->name);
203 }
int exec_nasl_script(struct script_infos *script_infos, int mode)
Execute a NASL script.
Definition: exec.c:1624
struct scan_globals * globals
Definition: scanneraux.h:45
char * oid
Definition: scanneraux.h:48
processes.c header.
const char * oid
char * name
Definition: scanneraux.h:49
int nasl_plugin_add(char *folder, char *filename)
Add one .nasl plugin to the plugin list.
Definition: nasl_plugins.c:99
#define NASL_EXEC_DESCR
Definition: nasl.h:57
struct in6_addr * ip
Definition: scanneraux.h:51
pluginlaunch.c header.
static void nasl_thread(struct script_infos *)
Definition: nasl_plugins.c:171
void(* process_func_t)(void *)
Definition: processes.h:31
#define NASL_ALWAYS_SIGNED
Definition: nasl.h:59
static int check_nvti(const char *filename, nvti_t *nvt)
Check that the nvt&#39;s data is valid.
Definition: nasl_plugins.c:63
int nasl_plugin_launch(struct scan_globals *globals, struct in6_addr *ip, GSList *vhosts, kb_t kb, const char *oid)
Launch a NASL plugin.
Definition: nasl_plugins.c:151
pluginload.c header.
header for pluginscheduler.c
pid_t create_process(process_func_t function, void *argument)
Create a new process (fork).
Definition: processes.c:97
GSList * vhosts
Definition: scanneraux.h:52