40 #include <arpa/inet.h> 43 #include <netinet/in.h> 49 #include <gnutls/gnutls.h> 51 #include "../misc/network.h" 52 #include "../base/openvas_networking.h" 53 #include "../misc/plugutils.h" 54 #include "../misc/openvas_logging.h" 55 #include "../misc/prefs.h" 70 #define EADDRNOTAVAIL EADDRINUSE 75 unblock_socket (
int soc)
77 int flags = fcntl (soc, F_GETFL, 0);
80 perror (
"fcntl(F_GETFL)");
83 if (fcntl (soc, F_SETFL, O_NONBLOCK | flags) < 0)
85 perror (
"fcntl(F_SETFL,O_NONBLOCK)");
92 block_socket (
int soc)
94 int flags = fcntl (soc, F_GETFL, 0);
97 perror (
"fcntl(F_GETFL)");
100 if (fcntl (soc, F_SETFL, (~O_NONBLOCK) & flags) < 0)
102 perror (
"fcntl(F_SETFL,~O_NONBLOCK)");
109 wait_before_next_probe ()
111 const char *time_between_request;
114 time_between_request =
prefs_get (
"time_between_request");
115 if (time_between_request)
116 minwaittime = atoi (time_between_request);
120 static double lastprobesec = 0;
121 static double lastprobeusec = 0;
126 gettimeofday (&tvnow, NULL);
127 if (lastprobesec <= 0)
129 lastprobesec = tvnow.tv_sec - 10;
130 lastprobeusec = tvnow.tv_usec;
133 tvdiff.tv_sec = tvnow.tv_sec - lastprobesec;
134 tvdiff.tv_usec = tvnow.tv_usec - lastprobeusec;
135 if (tvdiff.tv_usec <= 0)
138 tvdiff.tv_usec *= -1;
141 diff_msec = tvdiff.tv_sec * 1000 + tvdiff.tv_usec / 1000;
142 time2wait = (minwaittime - diff_msec) * 1000;
146 gettimeofday (&tvnow, NULL);
147 lastprobesec = tvnow.tv_sec;
148 lastprobeusec = tvnow.tv_usec;
169 add_udp_data (
struct arglist *script_infos,
int soc,
char *data,
int len)
171 GHashTable * udp_data =
arg_get_value (script_infos,
"udp_data");
173 int * key = g_memdup (&soc,
sizeof(
int));
176 data_record->
data = g_memdup ((gconstpointer)
data, (guint)
len);
178 if (udp_data == NULL)
180 udp_data = g_hash_table_new_full (g_int_hash, g_int_equal, g_free, g_free);
184 g_hash_table_replace (udp_data, (gpointer)key, (gpointer)data_record);
191 get_udp_data (
struct arglist *script_infos,
int soc,
int *
len)
193 GHashTable *udp_data;
196 if ((udp_data =
arg_get_value (script_infos,
"udp_data")) == NULL)
198 udp_data = g_hash_table_new_full (g_int_hash, g_int_equal, g_free, g_free);
202 data_record = g_hash_table_lookup (udp_data, (gconstpointer)&soc);
204 if (!data_record)
return NULL;
207 return data_record->
data;
212 rm_udp_data (
struct arglist *script_infos,
int soc)
214 GHashTable * udp_data =
arg_get_value (script_infos,
"udp_data");
217 g_hash_table_remove (udp_data, (gconstpointer)&soc);
226 nasl_open_privileged_socket (
lex_ctxt * lexic,
int proto)
229 int sport, current_sport = -1;
233 struct sockaddr_in addr, daddr;
234 struct sockaddr_in6 addr6, daddr6;
251 "open_private_socket: missing or undefined parameter dport!\n");
256 current_sport = 1023;
260 if (proto == IPPROTO_TCP)
261 wait_before_next_probe ();
263 if (IN6_IS_ADDR_V4MAPPED (p))
266 bzero (&addr,
sizeof (addr));
267 if (proto == IPPROTO_TCP)
268 sock = socket (AF_INET, SOCK_STREAM, IPPROTO_TCP);
270 sock = socket (AF_INET, SOCK_DGRAM, IPPROTO_UDP);
275 bzero (&addr6,
sizeof (addr6));
276 if (proto == IPPROTO_TCP)
277 sock = socket (AF_INET6, SOCK_STREAM, IPPROTO_TCP);
279 sock = socket (AF_INET6, SOCK_DGRAM, IPPROTO_UDP);
292 if (current_sport < 128 && sport < 0)
315 if (IN6_IS_ADDR_V4MAPPED (p))
317 bzero (&daddr,
sizeof (daddr));
318 daddr.sin_addr.s_addr = p->s6_addr32[3];
319 daddr.sin_family = AF_INET;
320 daddr.sin_port = htons (dport);
321 unblock_socket (sock);
322 e = connect (sock, (
struct sockaddr *) &daddr,
sizeof (daddr));
326 bzero (&daddr6,
sizeof (daddr6));
327 memcpy (&daddr6.sin6_addr, p, sizeof (
struct in6_addr));
328 daddr6.sin6_family = AF_INET6;
329 daddr6.sin6_port = htons (dport);
330 unblock_socket (sock);
331 e = connect (sock, (
struct sockaddr *) &daddr6,
sizeof (daddr6));
345 else if (errno != EINPROGRESS)
358 e = select (sock + 1, NULL, &rd, NULL, to > 0 ? &tv : NULL);
360 while (e < 0 && errno == EINTR);
369 opt_sz =
sizeof (opt);
371 if (getsockopt (sock, SOL_SOCKET, SO_ERROR, &opt, &opt_sz) < 0)
374 getpid (), strerror (errno));
400 if (proto == IPPROTO_TCP)
405 retc->
x.
i_val = sock < 0 ? 0 : sock;
413 return nasl_open_privileged_socket (lexic, IPPROTO_TCP);
419 return nasl_open_privileged_socket (lexic, IPPROTO_UDP);
432 const char *priority;
461 wait_before_next_probe ();
468 else if (transport == 0)
473 if (bufsz > 0 && soc >= 0)
476 nasl_perror (lexic,
"stream_set_buffer: soc=%d,bufsz=%d\n", soc, bufsz);
481 retc->
x.
i_val = soc < 0 ? 0 : soc;
544 struct sockaddr_in soca;
545 struct sockaddr_in6 soca6;
556 if (IN6_IS_ADDR_V4MAPPED (ia))
558 bzero (&soca,
sizeof (soca));
559 soca.sin_addr.s_addr = ia->s6_addr32[3];
560 soca.sin_port = htons (port);
561 soca.sin_family = AF_INET;
563 soc = socket (AF_INET, SOCK_DGRAM, 0);
565 connect (soc, (
struct sockaddr *) &soca,
sizeof (soca));
569 bzero (&soca6,
sizeof (soca6));
570 memcpy (&soca6.sin6_addr, ia, sizeof (
struct in6_addr));
571 soca6.sin6_port = htons (port);
572 soca6.sin6_family = AF_INET6;
574 soc = socket (AF_INET6, SOCK_DGRAM, 0);
576 connect (soc, (
struct sockaddr *) &soca6,
sizeof (soca6));
584 retc->
x.
i_val = soc < 0 ? 0 : soc;
591 int soc, transport, ret;
600 nasl_perror (lexic,
"socket_ssl_negotiate: Erroneous socket value %d\n",
608 nasl_perror (lexic,
"socket_ssl_negotiate: Erroneous transport value %d\n",
625 int soc, cert_len = 0;
632 nasl_perror (lexic,
"socket_get_cert: Erroneous socket value %d\n",
642 retc->
size = cert_len;
657 nasl_perror (lexic,
"socket_get_cert: Erroneous socket value %d\n",
662 if (sid == NULL || sid_len == 0)
667 retc->
size = sid_len;
680 nasl_perror (lexic,
"socket_get_cert: Erroneous socket value %d\n",
737 unsigned int opt_len =
sizeof (type);
740 if (len <= 0 || soc <= 0)
746 data = g_malloc0 (len);
748 e = getsockopt (soc, SOL_SOCKET, SO_TYPE, &type, &opt_len);
752 if (e == 0 && type == SOCK_DGRAM)
758 tv.tv_sec = to / retries;
759 tv.tv_usec = (to % retries) * 100000;
761 for (i = 0; i < retries; i++)
766 if (select (soc + 1, &rd, NULL, NULL, &tv) > 0)
769 e = recv (soc, data + new_len, len - new_len, 0);
797 send (soc, data, len, 0);
798 tv.tv_sec = to / retries;
799 tv.tv_usec = (to % retries) * 100000;
813 retc->
x.
str_val = g_memdup (data, new_len);
814 retc->
size = new_len;
839 if (len == -1 || soc <= 0)
841 nasl_perror (lexic,
"recv_line: missing or undefined parameter" 842 " length or socket\n");
856 data = g_malloc0 (len + 1);
864 if (timeout >= 0 && time (NULL) - t1 < timeout)
870 if ((data[n - 1] ==
'\n') || (n >= len))
888 retc->
size = new_len;
889 retc->
x.
str_val = g_memdup (data, new_len + 1);
909 unsigned int type_len =
sizeof (type);
912 if (soc <= 0 || data == NULL)
914 nasl_perror (lexic,
"Syntax error with the send() function\n");
916 "Correct syntax is : send(socket:<soc>, data:<data>\n");
920 if (length <= 0 || length > data_length)
921 length = data_length;
925 && getsockopt (soc, SOL_SOCKET, SO_TYPE, &type, &type_len) == 0
926 && type == SOCK_DGRAM)
928 n = send (soc, data, length,
option);
933 wait_before_next_probe ();
951 unsigned int opt_len =
sizeof (type);
957 wait_before_next_probe ();
962 nasl_perror (lexic,
"close(%d): Invalid socket value\n", soc);
966 e = getsockopt (soc, SOL_SOCKET, SO_TYPE, &type, &opt_len);
969 if (type == SOCK_DGRAM)
978 nasl_perror (lexic,
"close(%d): %s\n", soc, strerror (errno));
990 static int jmg_max = 0;
1003 nasl_perror (lexic,
"join_multicast_group: missing parameter\n");
1006 if (!inet_aton (a, &m.imr_multiaddr))
1008 nasl_perror (lexic,
"join_multicast_group: invalid parameter '%s'\n", a);
1011 m.imr_interface.s_addr = INADDR_ANY;
1014 for (i = 0; i < jmg_max; i++)
1015 if (jmg_desc[i].in.s_addr == m.imr_multiaddr.s_addr
1016 && jmg_desc[i].count > 0)
1018 jmg_desc[i].count++;
1021 else if (jmg_desc[i].count <= 0)
1027 int s = socket (AF_INET, SOCK_DGRAM, 0);
1030 nasl_perror (lexic,
"join_multicast_group: socket: %s\n",
1035 if (setsockopt (s, IPPROTO_IP, IP_ADD_MEMBERSHIP, &m,
sizeof (m)) < 0)
1038 "join_multicast_group: setsockopt(IP_ADD_MEMBERSHIP): %s\n",
1046 jmg_desc = g_realloc (jmg_desc,
sizeof (*jmg_desc) * (jmg_max + 1));
1050 jmg_desc[j].in = m.imr_multiaddr;
1051 jmg_desc[j].count = 1;
1070 nasl_perror (lexic,
"leave_multicast_group: missing parameter\n");
1073 if (!inet_aton (a, &ia))
1075 nasl_perror (lexic,
"leave_multicast_group: invalid parameter '%s'\n", a);
1079 for (i = 0; i < jmg_max; i++)
1080 if (jmg_desc[i].count > 0 && jmg_desc[i].in.s_addr == ia.s_addr)
1082 if (--jmg_desc[i].count <= 0)
1083 close (jmg_desc[i].s);
1087 nasl_perror (lexic,
"leave_multicast_group: never joined group %s\n", a);
1096 struct sockaddr_in ia;
1101 unsigned int type_len =
sizeof (type);
1106 nasl_perror (lexic,
"get_source_port: missing socket parameter\n");
1110 && getsockopt (s, SOL_SOCKET, SO_TYPE, &type, &type_len) == 0
1111 && type == SOCK_DGRAM)
1119 nasl_perror (lexic,
"get_source_port: invalid socket parameter %d\n", s);
1123 if (getsockname (fd, (
struct sockaddr *) &ia, &l) < 0)
1125 nasl_perror (lexic,
"get_source_port: getsockname(%d): %s\n", fd,
1130 retc->
x.
i_val = ntohs (ia.sin_port);
1245 const char *keyword, *s;
1249 gnutls_session_t tls_session;
1256 nasl_perror (lexic,
"error: socket %d is not valid\n");
1264 nasl_perror (lexic,
"error: second argument is not of type string\n");
1282 nasl_perror (lexic,
"error retrieving infos for socket %d: %s\n",
1283 sock, strerror (
err));
1286 else if (!strcmp (keyword,
"encaps"))
1293 else if (!strcmp (keyword,
"tls-proto"))
1298 s = gnutls_protocol_get_name
1299 (gnutls_protocol_get_version (tls_session));
1300 strval = g_strdup (s?s:
"[?]");
1302 else if (!strcmp (keyword,
"tls-kx"))
1307 s = gnutls_kx_get_name (gnutls_kx_get (tls_session));
1308 strval = g_strdup (s?s:
"");
1310 else if (!strcmp (keyword,
"tls-certtype"))
1315 s = gnutls_certificate_type_get_name
1316 (gnutls_certificate_type_get (tls_session));
1317 strval = g_strdup (s?s:
"");
1319 else if (!strcmp (keyword,
"tls-cipher"))
1324 s = gnutls_cipher_get_name (gnutls_cipher_get (tls_session));
1325 strval = g_strdup (s?s:
"");
1327 else if (!strcmp (keyword,
"tls-mac"))
1332 s = gnutls_mac_get_name (gnutls_mac_get (tls_session));
1333 strval = g_strdup (s?s:
"");
1335 else if (!strcmp (keyword,
"tls-comp"))
1340 s = gnutls_compression_get_name
1341 (gnutls_compression_get (tls_session));
1342 strval = g_strdup (s?s:
"");
1344 else if (!strcmp (keyword,
"tls-auth"))
1350 switch (gnutls_auth_get_type (tls_session))
1352 case GNUTLS_CRD_ANON: s =
"ANON";
break;
1353 case GNUTLS_CRD_CERTIFICATE: s =
"CERT";
break;
1354 case GNUTLS_CRD_PSK: s =
"PSK";
break;
1355 case GNUTLS_CRD_SRP: s =
"SRP";
break;
1356 default: s =
"[?]";
break;
1359 strval = g_strdup (s?s:
"");
1361 else if (!strcmp (keyword,
"tls-cert"))
1366 && gnutls_certificate_type_get (tls_session) == GNUTLS_CRT_X509)
1368 const gnutls_datum_t *
list;
1369 unsigned int nlist = 0;
1373 list = gnutls_certificate_get_peers (tls_session, &nlist);
1381 retc->
x.
ref_val = a = g_malloc0 (
sizeof *a);
1383 for (i=0; i < nlist; i++)
1385 memset (&v, 0,
sizeof v);
1396 nasl_perror (lexic,
"unknown keyword '%s'\n", keyword);
1408 retc->
size = strlen (strval);
int open_stream_connection_ext(struct arglist *args, unsigned int port, int transport, int timeout, const char *priority)
tree_cell * nasl_open_sock_tcp_bufsz(lex_ctxt *lexic, int bufsz)
tree_cell * nasl_socket_get_ssl_version(lex_ctxt *lexic)
tree_cell * nasl_leave_multicast_group(lex_ctxt *lexic)
#define NASL_ERR_ETIMEDOUT
tree_cell * nasl_socket_get_ssl_session_id(lex_ctxt *lexic)
const char * get_encaps_name(openvas_encaps_t code)
#define NASL_ERR_ECONNRESET
tree_cell * nasl_socket_get_error(lex_ctxt *lexic)
#define NASL_ERR_EUNREACH
union st_a_nasl_var::@9 v
int open_stream_auto_encaps_ext(struct arglist *args, unsigned int port, int timeout, int force)
int openvas_get_socket_from_connection(int fd)
tree_cell * nasl_send(lex_ctxt *lexic)
int openvas_register_connection(int soc, void *ssl, gnutls_certificate_credentials_t certcred, openvas_encaps_t encaps)
void log_legacy_write(const char *format,...)
Legacy function to write a log message.
int stream_set_buffer(int fd, int sz)
long int get_int_local_var_by_name(lex_ctxt *, const char *, int)
const gchar * prefs_get(const gchar *key)
Get a string preference value via a key.
tree_cell * nasl_open_priv_sock_tcp(lex_ctxt *lexic)
char * get_str_local_var_by_name(lex_ctxt *, const char *)
int nsend(int fd, void *data, int length, int i_opt)
int add_var_to_list(nasl_array *a, int i, const anon_nasl_var *v)
tree_cell * nasl_socket_get_ssl_ciphersuite(lex_ctxt *lexic)
tree_cell * alloc_typed_cell(int typ)
tree_cell * nasl_open_priv_sock_udp(lex_ctxt *lexic)
int socket_get_ssl_version(int fd)
int socket_get_ssl_compression(int fd)
void socket_get_cert(int fd, void **cert, int *certlen)
int read_stream_connection_min(int fd, void *buf0, int min_len, int max_len)
void arg_add_value(struct arglist *arglst, const char *name, int type, void *value)
int stream_get_buffer_sz(int fd)
tree_cell * nasl_recv(lex_ctxt *lexic)
struct in6_addr * plug_get_host_ip(struct arglist *desc)
tree_cell * nasl_close_socket(lex_ctxt *lexic)
tree_cell * nasl_join_multicast_group(lex_ctxt *lexic)
int socket_get_ssl_ciphersuite(int fd)
int stream_get_err(int fd)
tree_cell * nasl_socket_get_cert(lex_ctxt *lexic)
int get_local_var_type_by_name(lex_ctxt *, const char *)
long int get_int_var_by_num(lex_ctxt *, int, int)
void nasl_perror(lex_ctxt *lexic, char *msg,...)
int socket_negotiate_ssl(int fd, openvas_encaps_t transport, struct arglist *args)
tree_cell * nasl_socket_negotiate_ssl(lex_ctxt *lexic)
char * get_str_var_by_num(lex_ctxt *, int)
struct timeval timeval(unsigned long val)
tree_cell * nasl_get_sock_info(lex_ctxt *lexic)
Get info pertaining to a socket.
int openvas_source_set_socket(int socket, int port, int family)
Binds a socket to use the global source address.
tree_cell * alloc_tree_cell(int lnb, char *s)
tree_cell * nasl_socket_get_ssl_compression(lex_ctxt *lexic)
void socket_get_ssl_session_id(int fd, void **sid, size_t *ssize)
int get_sock_infos(int sock, int *r_transport, void **r_tls_session)
tree_cell * nasl_open_sock_udp(lex_ctxt *lexic)
struct arglist * script_infos
tree_cell * nasl_open_sock_tcp(lex_ctxt *lexic)
Open a TCP socket to the target host.
void * arg_get_value(struct arglist *args, const char *name)
tree_cell * nasl_get_source_port(lex_ctxt *lexic)
int stream_set_timeout(int fd, int timeout)
int get_var_size_by_name(lex_ctxt *, const char *)
tree_cell * nasl_recv_line(lex_ctxt *lexic)
int get_var_type_by_num(lex_ctxt *, int)
Returns NASL variable/cell type, VAR2_UNDEF if value is NULL.
int close_stream_connection(int fd)