OpenVAS Scanner  7.0.1~git
nasl_plugins.c File Reference

The nasl - plugin class. Loads or launches nasl- plugins. More...

#include "../misc/network.h"
#include "../misc/plugutils.h"
#include "../nasl/nasl.h"
#include "pluginlaunch.h"
#include "pluginload.h"
#include "pluginscheduler.h"
#include "processes.h"
#include <errno.h>
#include <glib.h>
#include <gvm/base/drop_privileges.h>
#include <gvm/base/networking.h>
#include <gvm/base/prefs.h>
#include <gvm/base/proctitle.h>
#include <gvm/util/nvticache.h>
#include <stdio.h>
#include <string.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
#include <utime.h>
Include dependency graph for nasl_plugins.c:

Go to the source code of this file.

Macros

#define G_LOG_DOMAIN   "sd main"
 GLib log domain. More...
 

Functions

static int check_nvti (const char *filename, nvti_t *nvt)
 Check that the nvt's data is valid. More...
 
int nasl_plugin_add (char *folder, char *filename)
 Add one .nasl plugin to the plugin list. More...
 
static void nasl_thread (struct script_infos *)
 
int nasl_plugin_launch (struct scan_globals *globals, struct in6_addr *ip, GSList *vhosts, kb_t kb, const char *oid)
 Launch a NASL plugin. More...
 

Detailed Description

The nasl - plugin class. Loads or launches nasl- plugins.

Definition in file nasl_plugins.c.

Macro Definition Documentation

◆ G_LOG_DOMAIN

#define G_LOG_DOMAIN   "sd main"

GLib log domain.

Definition at line 52 of file nasl_plugins.c.

Function Documentation

◆ check_nvti()

static int check_nvti ( const char *  filename,
nvti_t *  nvt 
)
static

Check that the nvt's data is valid.

Parameters
filenameFilename of the NVT.
nvtNVT to check.
Returns
0 on success, -1 on error.

Definition at line 63 of file nasl_plugins.c.

64 {
65  assert (filename);
66  assert (nvt);
67 
68  if (!nvti_oid (nvt))
69  {
70  g_warning ("%s: Missing OID", filename);
71  return -1;
72  }
73  else if (!nvti_name (nvt))
74  {
75  g_warning ("%s: Missing name", filename);
76  return -1;
77  }
78  else if (!nvti_family (nvt))
79  {
80  g_warning ("%s: Missing family", filename);
81  return -1;
82  }
83  return 0;
84 }

Referenced by nasl_plugin_add().

Here is the caller graph for this function:

◆ nasl_plugin_add()

int nasl_plugin_add ( char *  folder,
char *  filename 
)

Add one .nasl plugin to the plugin list.

The plugin is first attempted to be loaded from the cache. If that fails, it is parsed (via exec_nasl_script) and added to the cache.

Parameters
folderPath to the plugin folder.
filenameFile-name of the plugin
Returns
0 on success, -1 on error.

Definition at line 99 of file nasl_plugins.c.

100 {
101  char fullname[PATH_MAX + 1];
102  int nasl_mode;
103  nasl_mode = NASL_EXEC_DESCR;
104 
105  snprintf (fullname, sizeof (fullname), "%s/%s", folder, filename);
106 
107  if (prefs_get_bool ("nasl_no_signature_check"))
108  {
109  nasl_mode |= NASL_ALWAYS_SIGNED;
110  }
111 
112  if (!nvticache_check (filename))
113  {
114  nvti_t *new_nvti;
115  struct script_infos *args;
116  time_t now;
117  struct utimbuf updated_timestamp;
118 
119  args = g_malloc0 (sizeof (struct script_infos));
120  args->key = nvticache_get_kb ();
121  new_nvti = nvti_new ();
122  args->nvti = new_nvti;
123  args->name = fullname;
124  if (exec_nasl_script (args, nasl_mode) < 0)
125  {
126  g_debug ("%s: Could not be loaded", fullname);
127  g_free (args);
128  return -1;
129  }
130  g_free (args);
131 
132  now = time (NULL) - 1;
133  updated_timestamp.actime = now;
134  updated_timestamp.modtime = now;
135  utime (fullname, &updated_timestamp);
136 
137  if (!check_nvti (filename, new_nvti))
138  nvticache_add (new_nvti, filename);
139  nvti_free (new_nvti);
140  }
141  return 0;
142 }

References check_nvti(), exec_nasl_script(), NASL_ALWAYS_SIGNED, and NASL_EXEC_DESCR.

Referenced by plugins_reload_from_dir().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ nasl_plugin_launch()

int nasl_plugin_launch ( struct scan_globals globals,
struct in6_addr *  ip,
GSList *  vhosts,
kb_t  kb,
const char *  oid 
)

Launch a NASL plugin.

Definition at line 151 of file nasl_plugins.c.

153 {
154  int module;
155  struct script_infos infos;
156 
157  memset (&infos, '\0', sizeof (infos));
158  infos.ip = ip;
159  infos.vhosts = vhosts;
160  infos.globals = globals;
161  infos.key = kb;
162  infos.oid = (char *) oid;
163  infos.name = nvticache_get_src (oid);
164 
165  module = create_process ((process_func_t) nasl_thread, &infos);
166  g_free (infos.name);
167  return module;
168 }

References create_process(), script_infos::globals, script_infos::ip, script_infos::key, script_infos::name, nasl_thread(), script_infos::oid, oid, and script_infos::vhosts.

Referenced by plugin_launch().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ nasl_thread()

static void nasl_thread ( struct script_infos args)
static

Definition at line 171 of file nasl_plugins.c.

172 {
173  char ip_str[INET6_ADDRSTRLEN];
174  int nasl_mode = 0;
175  kb_t kb;
176  GError *error = NULL;
177 
178  /* Make plugin process a group leader, to make it easier to cleanup forked
179  * processes & their children. */
180  setpgid (0, 0);
181  nvticache_reset ();
182  kb = args->key;
183  kb_lnk_reset (kb);
184  addr6_to_str (args->ip, ip_str);
185  proctitle_set ("openvas: testing %s (%s)", ip_str, args->name);
186 
187  if (prefs_get_bool ("nasl_no_signature_check"))
188  nasl_mode |= NASL_ALWAYS_SIGNED;
189 
190  if (prefs_get_bool ("drop_privileges"))
191  {
192  int drop_priv_res = drop_privileges (NULL, &error);
193  if (drop_priv_res != GVM_DROP_PRIVILEGES_OK)
194  {
195  if (drop_priv_res != GVM_DROP_PRIVILEGES_FAIL_NOT_ROOT)
196  g_debug ("Failed to drop privileges for %s", args->name);
197  g_error_free (error);
198  }
199  }
200 
201  if (exec_nasl_script (args, nasl_mode))
202  g_debug ("exec_nasl_script: %s error", args->name);
203 }

References exec_nasl_script(), script_infos::ip, script_infos::key, script_infos::name, and NASL_ALWAYS_SIGNED.

Referenced by nasl_plugin_launch().

Here is the call graph for this function:
Here is the caller graph for this function:
script_infos::ip
struct in6_addr * ip
Definition: scanneraux.h:51
script_infos
Definition: scanneraux.h:43
script_infos::key
kb_t key
Definition: scanneraux.h:46
script_infos::name
char * name
Definition: scanneraux.h:49
NASL_EXEC_DESCR
#define NASL_EXEC_DESCR
Definition: nasl.h:57
oid
const char * oid
Definition: nasl_builtin_find_service.c:57
script_infos::globals
struct scan_globals * globals
Definition: scanneraux.h:45
create_process
pid_t create_process(process_func_t function, void *argument)
Create a new process (fork).
Definition: processes.c:97
process_func_t
void(* process_func_t)(void *)
Definition: processes.h:31
nasl_thread
static void nasl_thread(struct script_infos *)
Definition: nasl_plugins.c:171
script_infos::vhosts
GSList * vhosts
Definition: scanneraux.h:52
NASL_ALWAYS_SIGNED
#define NASL_ALWAYS_SIGNED
Definition: nasl.h:59
exec_nasl_script
int exec_nasl_script(struct script_infos *script_infos, int mode)
Execute a NASL script.
Definition: exec.c:1624
check_nvti
static int check_nvti(const char *filename, nvti_t *nvt)
Check that the nvt's data is valid.
Definition: nasl_plugins.c:63