Main of the standalone nasl interpreter.
159 static gchar *target = NULL;
160 gchar *default_target =
"127.0.0.1";
161 int mode = 0, err = 0;
165 static gboolean display_version = FALSE;
166 static gboolean nasl_debug = FALSE;
167 static gboolean description_only = FALSE;
168 static gboolean both_modes = FALSE;
169 static gboolean parse_only = FALSE;
170 static gboolean do_lint = FALSE;
171 static gchar *trace_file = NULL;
172 static gchar *config_file = NULL;
173 static gchar *source_iface = NULL;
174 static gboolean with_safe_checks = FALSE;
175 static gboolean signing_mode = FALSE;
176 static gchar *include_dir = NULL;
177 static gchar **nasl_filenames = NULL;
178 static gchar **kb_values = NULL;
179 static int debug_tls = 0;
180 GError *error = NULL;
181 GOptionContext *option_context;
182 static GOptionEntry entries[] = {
183 {
"version",
'V', 0, G_OPTION_ARG_NONE, &display_version,
184 "Display version information", NULL},
185 {
"debug",
'd', 0, G_OPTION_ARG_NONE, &nasl_debug,
186 "Output debug information to stderr.", NULL},
187 {
"description",
'D', 0, G_OPTION_ARG_NONE, &description_only,
188 "Only run the 'description' part of the script", NULL},
189 {
"both",
'B', 0, G_OPTION_ARG_NONE, &both_modes,
190 "Run in description mode before running the script.", NULL},
191 {
"parse",
'p', 0, G_OPTION_ARG_NONE, &parse_only,
192 "Only parse the script, don't execute it", NULL},
193 {
"lint",
'L', 0, G_OPTION_ARG_NONE, &do_lint,
194 "'lint' the script (extended checks)", NULL},
195 {
"target",
't', 0, G_OPTION_ARG_STRING, &target,
196 "Execute the scripts against <target>",
"<target>"},
197 {
"trace",
'T', 0, G_OPTION_ARG_FILENAME, &trace_file,
198 "Log actions to <file> (or '-' for stderr)",
"<file>"},
199 {
"config-file",
'c', 0, G_OPTION_ARG_FILENAME, &config_file,
200 "Configuration file",
"<filename>"},
201 {
"source-iface",
'e', 0, G_OPTION_ARG_STRING, &source_iface,
202 "Source network interface for established connections.",
"<iface_name>"},
203 {
"safe",
's', 0, G_OPTION_ARG_NONE, &with_safe_checks,
204 "Specifies that the script should be run with 'safe checks' enabled",
206 {
"disable-signing",
'X', 0, G_OPTION_ARG_NONE, &signing_mode,
207 "Run the script with disabled signature verification", NULL},
208 {
"include-dir",
'i', 0, G_OPTION_ARG_STRING, &include_dir,
209 "Search for includes in <dir>",
"<dir>"},
210 {
"debug-tls", 0, 0, G_OPTION_ARG_INT, &debug_tls,
211 "Enable TLS debugging at <level>",
"<level>"},
212 {
"kb",
'k', 0, G_OPTION_ARG_STRING_ARRAY, &kb_values,
213 "Set KB key to value. Can be used multiple times",
"<key=value>"},
214 {G_OPTION_REMAINING, 0, 0, G_OPTION_ARG_FILENAME_ARRAY, &nasl_filenames,
215 "Absolute path to one or more nasl scripts",
"NASL_FILE..."},
216 {NULL, 0, 0, 0, NULL, NULL, NULL}};
219 g_option_context_new (
"- standalone NASL interpreter for OpenVAS");
220 g_option_context_add_main_entries (option_context, entries, NULL);
221 if (!g_option_context_parse (option_context, &argc, &argv, &error))
223 g_print (
"%s\n\n", error->message);
226 g_option_context_free (option_context);
236 printf (
"gnutls %s\n", gnutls_check_version (NULL));
237 printf (
"libssh %s\n", ssh_version (0));
238 printf (
"gpgme %s\n", gpgme_check_version (NULL));
242 printf (
"Copyright (C) 2002 - 2004 Tenable Network Security\n");
243 printf (
"Copyright (C) 2013 Greenbone Networks GmbH\n\n");
251 if (description_only)
259 if (!strcmp (trace_file,
"-"))
263 FILE *fp = fopen (trace_file,
"w");
269 setvbuf (fp, NULL, _IOLBF, BUFSIZ);
273 if (with_safe_checks)
274 prefs_set (
"safe_checks",
"yes");
280 fprintf (stderr,
"Error. No input file(s) specified !\n");
286 fprintf (stderr,
"** WARNING : packet forgery will not work\n");
287 fprintf (stderr,
"** as NASL is not running as root\n");
291 signal (SIGPIPE, SIG_IGN);
293 if (source_iface && gvm_source_iface_init (source_iface))
295 fprintf (stderr,
"Erroneous network source interface: %s\n",
302 gnutls_global_set_log_level (debug_tls);
306 target = g_strdup (default_target);
308 hosts = gvm_hosts_new (target);
311 fprintf (stderr,
"Erroneous target %s\n", target);
314 unresolved = gvm_hosts_resolve (
hosts);
317 g_warning (
"Couldn't resolve hostname '%s'", (
char *) unresolved->data);
318 unresolved = unresolved->next;
320 g_slist_free_full (unresolved, g_free);
325 if (include_dir != NULL)
330 prefs_config (config_file ?: OPENVAS_CONF);
332 if (prefs_get (
"vendor_version") != NULL)
341 if (prefs_get_bool (
"expand_vhosts"))
342 gvm_host_add_reverse_lookup (
host);
343 gvm_vhosts_exclude (
host, prefs_get (
"exclude_hosts"));
344 gvm_host_get_addr6 (
host, &ip6);
345 rc = kb_new (&kb, prefs_get (
"db_address") ?: KB_PATH_DEFAULT);
350 while (nasl_filenames[i])
355 if (both_modes || with_safe_checks)
364 else if (with_safe_checks
367 printf (
"%s isn't safe\n", nasl_filenames[i]);
379 gchar **splits = g_strsplit (*kb_values,
"=", -1);
380 if (splits[2] || !splits[1])
382 fprintf (stderr,
"Erroneous --kb entry %s\n", *kb_values);
385 kb_item_add_str_unique (kb, splits[0], splits[1], 0);
391 if ((
pid = fork ()) == 0)
400 fprintf (stderr,
"fork(): %s\n", strerror (errno));
406 waitpid (
pid, &status, 0);
420 gvm_hosts_free (
hosts);
int exec_nasl_script(struct script_infos *script_infos, int mode)
Execute a NASL script.
struct scan_globals * globals
#define NASL_EXEC_PARSE_ONLY
struct script_infos * init(struct in6_addr *ip, GSList *vhosts, kb_t kb)
static struct host * hosts
static void gcrypt_init()
Initialize Gcrypt.
char * nasl_version(void)
int openvas_SSL_init()
Initializes SSL support.
static nvti_t * parse_script_infos(struct script_infos *infos)
#define NASL_COMMAND_LINE
static void my_gnutls_log_func(int level, const char *text)
Host information, implemented as doubly linked list.
#define NASL_ALWAYS_SIGNED
static int nvti_category_is_safe(int category)
Checks that an NVT category is safe.
void vendor_version_set(const gchar *version)
Set vendor version.
int add_nasl_inc_dir(const char *)
Adds the given string as directory for searching for includes.