OpenVAS Libraries  9.0.3
nasl_builtin_openvas_tcp_scanner.c File Reference
#include <unistd.h>
#include <fcntl.h>
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <errno.h>
#include <sys/time.h>
#include <sys/resource.h>
#include <netdb.h>
#include <glib.h>
#include "../misc/arglists.h"
#include "../misc/plugutils.h"
#include "../misc/prefs.h"
#include "../misc/openvas_logging.h"
#include "../misc/network.h"
#include "nasl_lex_ctxt.h"
#include <limits.h>
#include <math.h>
Include dependency graph for nasl_builtin_openvas_tcp_scanner.c:

Go to the source code of this file.

Data Structures

struct  grab_socket_t
 

Macros

#define GRAB_MAX_SOCK   1024
 
#define GRAB_MIN_SOCK   32
 
#define GRAB_MAX_SOCK_SAFE   128
 
#define MAX_PASS_NB   16
 
#define MAXINT   0x7fffffffL
 
#define DIFFTV(t1, t2)   (t1.tv_sec - t2.tv_sec + (t1.tv_usec - t2.tv_usec) / 1000000)
 
#define DIFFTVu(t1, t2)   ((t1.tv_sec - t2.tv_sec) * 1000000.0 + (t1.tv_usec - t2.tv_usec))
 
#define GRAB_SOCKET_UNUSED   0
 
#define GRAB_SOCKET_OPENING   1
 
#define GRAB_SOCKET_OPEN   2
 
#define GRAB_PORT_UNKNOWN   0
 
#define GRAB_PORT_CLOSED   1
 
#define GRAB_PORT_OPEN   2
 
#define GRAB_PORT_SILENT   3
 
#define GRAB_PORT_REJECTED   4
 
#define GRAB_PORT_NOT_TESTED   254
 
#define GRAB_PORT_TESTING   255
 
#define DEBUG   0
 
#define COMPUTE_RTT
 
#define MAX_SANE_RTT   2000000 /* micro-seconds */
 

Functions

tree_cellplugin_run_openvas_tcp_scanner (lex_ctxt *lexic)
 

Macro Definition Documentation

◆ COMPUTE_RTT

#define COMPUTE_RTT

Definition at line 102 of file nasl_builtin_openvas_tcp_scanner.c.

◆ DEBUG

#define DEBUG   0

Definition at line 97 of file nasl_builtin_openvas_tcp_scanner.c.

◆ DIFFTV

#define DIFFTV (   t1,
  t2 
)    (t1.tv_sec - t2.tv_sec + (t1.tv_usec - t2.tv_usec) / 1000000)

Definition at line 81 of file nasl_builtin_openvas_tcp_scanner.c.

◆ DIFFTVu

#define DIFFTVu (   t1,
  t2 
)    ((t1.tv_sec - t2.tv_sec) * 1000000.0 + (t1.tv_usec - t2.tv_usec))

Definition at line 82 of file nasl_builtin_openvas_tcp_scanner.c.

◆ GRAB_MAX_SOCK

#define GRAB_MAX_SOCK   1024

Definition at line 49 of file nasl_builtin_openvas_tcp_scanner.c.

◆ GRAB_MAX_SOCK_SAFE

#define GRAB_MAX_SOCK_SAFE   128

Definition at line 62 of file nasl_builtin_openvas_tcp_scanner.c.

◆ GRAB_MIN_SOCK

#define GRAB_MIN_SOCK   32

Definition at line 55 of file nasl_builtin_openvas_tcp_scanner.c.

◆ GRAB_PORT_CLOSED

#define GRAB_PORT_CLOSED   1

Definition at line 89 of file nasl_builtin_openvas_tcp_scanner.c.

◆ GRAB_PORT_NOT_TESTED

#define GRAB_PORT_NOT_TESTED   254

Definition at line 93 of file nasl_builtin_openvas_tcp_scanner.c.

◆ GRAB_PORT_OPEN

#define GRAB_PORT_OPEN   2

Definition at line 90 of file nasl_builtin_openvas_tcp_scanner.c.

◆ GRAB_PORT_REJECTED

#define GRAB_PORT_REJECTED   4

Definition at line 92 of file nasl_builtin_openvas_tcp_scanner.c.

◆ GRAB_PORT_SILENT

#define GRAB_PORT_SILENT   3

Definition at line 91 of file nasl_builtin_openvas_tcp_scanner.c.

◆ GRAB_PORT_TESTING

#define GRAB_PORT_TESTING   255

Definition at line 94 of file nasl_builtin_openvas_tcp_scanner.c.

◆ GRAB_PORT_UNKNOWN

#define GRAB_PORT_UNKNOWN   0

Definition at line 88 of file nasl_builtin_openvas_tcp_scanner.c.

◆ GRAB_SOCKET_OPEN

#define GRAB_SOCKET_OPEN   2

Definition at line 86 of file nasl_builtin_openvas_tcp_scanner.c.

◆ GRAB_SOCKET_OPENING

#define GRAB_SOCKET_OPENING   1

Definition at line 85 of file nasl_builtin_openvas_tcp_scanner.c.

◆ GRAB_SOCKET_UNUSED

#define GRAB_SOCKET_UNUSED   0

Definition at line 84 of file nasl_builtin_openvas_tcp_scanner.c.

◆ MAX_PASS_NB

#define MAX_PASS_NB   16

Definition at line 68 of file nasl_builtin_openvas_tcp_scanner.c.

◆ MAX_SANE_RTT

#define MAX_SANE_RTT   2000000 /* micro-seconds */

Definition at line 111 of file nasl_builtin_openvas_tcp_scanner.c.

◆ MAXINT

#define MAXINT   0x7fffffffL

Definition at line 71 of file nasl_builtin_openvas_tcp_scanner.c.

Function Documentation

◆ plugin_run_openvas_tcp_scanner()

tree_cell* plugin_run_openvas_tcp_scanner ( lex_ctxt lexic)

Definition at line 1269 of file nasl_builtin_openvas_tcp_scanner.c.

1270 {
1271  struct arglist *desc = lexic->script_infos;
1272  struct host_info *hostinfo = arg_get_value(desc, "HOSTNAME");
1273  const char * port_range = prefs_get ("port_range");
1274  const char * p;
1275  struct in6_addr *p_addr;
1276  int timeout = 0, max_cnx, min_cnx, x;
1277  int safe_checks = prefs_get_bool ("safe_checks");
1278 
1279  p = prefs_get ("checks_read_timeout");
1280  if (p != NULL) timeout = atoi(p);
1281  if (timeout <= 0)
1282  timeout = 5;
1283 #if DEBUG > 0
1284  log_legacy_write ("openvas_tcp_scanner: safe_checks=%d checks_read_timeout=%d\n", safe_checks, timeout);
1285 #endif
1286 
1287  {
1288  int max_host = 0, max_checks = 0, cur_sys_fd = 0, max_sys_fd = 0;
1289  struct rlimit rlim;
1290  FILE *fp;
1291  int i;
1292  double loadavg[3], maxloadavg = -1.0;
1293 #if DEBUG == 0
1294  int stderr_fd = dup(2);
1295  int devnull_fd = open("/dev/null", O_WRONLY);
1296  /* Avoid error messages from sysctl */
1297  dup2(devnull_fd, 2);
1298 #endif
1299 
1300  p = prefs_get ("max_hosts");
1301  if (p != NULL) max_host = atoi(p);
1302  if (max_host <= 0) max_host = 15;
1303 
1304  p = prefs_get ("max_checks");
1305  if (p != NULL) max_checks = atoi(p);
1306  if (max_checks <= 0 || max_checks > 5)
1307  {
1308  max_checks = 5; /* bigger values do not make sense */
1309 #if DEBUG > 0
1310  log_legacy_write ("openvas_tcp_scanner: max_checks forced to %d\n", max_checks);
1311 #endif
1312  }
1313 
1314  min_cnx = 8 * max_checks;
1315  if (safe_checks)
1316  max_cnx = 24 * max_checks;
1317  else
1318  max_cnx = 80 * max_checks;
1319 
1320  getloadavg(loadavg, 3);
1321  for (i = 0; i < 3; i ++)
1322  if (loadavg[i] > maxloadavg) maxloadavg = loadavg[i];
1323 
1324  if (max_sys_fd <= 0)
1325  {
1326  if ( find_in_path("sysctl", 0) != NULL )
1327  fp = popen("sysctl fs.file-nr", "r");
1328  else
1329  fp = NULL;
1330 
1331  if (fp != NULL)
1332  {
1333  if (fscanf(fp, "%*s = %*d %d %d", &cur_sys_fd, &max_sys_fd) == 1)
1334  max_sys_fd -= cur_sys_fd;
1335  else
1336  max_sys_fd = 0;
1337  pclose(fp);
1338  }
1339  }
1340  if (max_sys_fd <= 0)
1341  {
1342  if ( find_in_path("sysctl", 0) )
1343  fp = popen("sysctl fs.file-max", "r");
1344  else
1345  fp = NULL;
1346 
1347  if (fp != NULL)
1348  {
1349  if (fscanf(fp, "%*s = %d", &max_sys_fd) < 1)
1350  max_sys_fd = 0;
1351  pclose(fp);
1352  }
1353  }
1354 
1355  if (max_sys_fd <= 0)
1356  {
1357  if ( find_in_path("sysctl", 0) )
1358  fp = popen("sysctl kern.maxfiles", "r");
1359  else
1360  fp = NULL;
1361 
1362  if (fp != NULL)
1363  {
1364  if (fscanf(fp, "%*s = %d", &max_sys_fd) < 1)
1365  max_sys_fd = 0;
1366  pclose(fp);
1367  }
1368  }
1369 
1370  /* Restore stderr */
1371 #if DEBUG == 0
1372  close(devnull_fd);
1373  dup2(stderr_fd, 2);
1374  close(stderr_fd);
1375 #endif
1376 
1377  if (maxloadavg >= 0.0)
1378  {
1379 #if DEBUG > 0
1380  int x = max_cnx;
1381 #endif
1382  max_cnx /= (1.0 + maxloadavg);
1383 #if DEBUG > 0
1384  /* Useless, as stderr is temporarily closed */
1385  log_legacy_write ("openvas_tcp_scanner: max_cnx reduced from %d to %d because of maxloadavg=%f\n", x, max_cnx, maxloadavg);
1386 #endif
1387  }
1388 
1389 
1390 
1391 #if DEBUG > 0
1392  log_legacy_write ("openvas_tcp_scanner: max_sys_fd=%d\n", max_sys_fd);
1393 #endif
1394  if (max_sys_fd <= 0) max_sys_fd = 16384; /* reasonable default */
1395  /* Let's leave at least 1024 FD for other processes */
1396  if (max_sys_fd < 1024)
1397  x = GRAB_MIN_SOCK;
1398  else
1399  {
1400  max_sys_fd -= 1024;
1401  x = max_sys_fd / max_host;
1402  }
1403  if (max_cnx > x) max_cnx = x;
1404 #if 0
1405  log_legacy_write ("min_cnx = %d ; max_cnx = %d\n", min_cnx, max_cnx);
1406 #endif
1407  if (max_cnx > GRAB_MAX_SOCK) max_cnx = GRAB_MAX_SOCK;
1408  if (max_cnx < GRAB_MIN_SOCK) max_cnx = GRAB_MIN_SOCK;
1409 
1410  if (safe_checks && max_cnx > GRAB_MAX_SOCK_SAFE)
1411  max_cnx = GRAB_MAX_SOCK_SAFE;
1412 
1413  if (getrlimit(RLIMIT_NOFILE, &rlim) < 0)
1414  perror("getrlimit(RLIMIT_NOFILE)");
1415  else
1416  {
1417  /* value = one greater than the maximum file descriptor number */
1418  if (rlim.rlim_cur != RLIM_INFINITY && max_cnx >= rlim.rlim_cur)
1419  max_cnx = rlim.rlim_cur - 1;
1420  }
1421  x = max_cnx / 2;
1422  if (min_cnx > x) min_cnx = x > 0 ? x : 1;
1423 #if DEBUG > 0
1424  log_legacy_write ("openvas_tcp_scanner: min_cnx = %d ; max_cnx = %d\n", min_cnx, max_cnx);
1425 #endif
1426  }
1427 
1428  p_addr = hostinfo->ip;
1429  if( p_addr == NULL )
1430  return NULL; // TODO: before it returned "1";
1431  if (banner_grab(p_addr, port_range, timeout, min_cnx, max_cnx, desc) < 0)
1432  return NULL; // TODO: before it returned "1";
1433  plug_set_key(desc, "Host/scanned", ARG_INT, (void*)1);
1434  plug_set_key(desc, "Host/scanners/openvas_tcp_scanner", ARG_INT, (void*)1);
1435  return NULL;
1436 }
#define ARG_INT
Definition: arglists.h:40
#define RLIM_INFINITY
Definition: popen.c:32
void plug_set_key(struct arglist *args, char *name, int type, const void *value)
Definition: plugutils.c:658
#define GRAB_MAX_SOCK_SAFE
void log_legacy_write(const char *format,...)
Legacy function to write a log message.
const gchar * prefs_get(const gchar *key)
Get a string preference value via a key.
Definition: prefs.c:86
struct in6_addr * ip
Definition: network.h:61
tree_cell * safe_checks(lex_ctxt *lexic)
char * find_in_path(char *name, int safe)
Definition: plugutils.c:1041
struct arglist * script_infos
Definition: nasl_lex_ctxt.h:39
void * arg_get_value(struct arglist *args, const char *name)
Definition: arglists.c:252
int prefs_get_bool(const gchar *key)
Get a boolean expression of a preference value via a key.
Definition: prefs.c:109

References arg_get_value(), find_in_path(), GRAB_MAX_SOCK, GRAB_MAX_SOCK_SAFE, GRAB_MIN_SOCK, host_info::ip, log_legacy_write(), prefs_get(), prefs_get_bool(), RLIM_INFINITY, safe_checks(), and struct_lex_ctxt::script_infos.

Here is the call graph for this function: