Greenbone Vulnerability Management Libraries 22.32.0
nvticache.c
Go to the documentation of this file.
1/* SPDX-FileCopyrightText: 2009-2023 Greenbone AG
2 *
3 * SPDX-License-Identifier: GPL-2.0-or-later
4 */
5
16
17#include "nvticache.h"
18
19#include "kb.h" /* for kb_del_items, kb_item_get_str, kb_item_add_int */
20
21#include <assert.h> /* for assert */
22#include <errno.h>
23#include <stdio.h> /* for fopen */
24#include <stdlib.h> /* for atoi */
25#include <string.h> /* for strcmp */
26#include <sys/stat.h> /* for stat, st_mtime */
27#include <time.h> /* for time, time_t */
28
29#undef G_LOG_DOMAIN
33#define G_LOG_DOMAIN "libgvm util"
34
35char *src_path = NULL;
36kb_t cache_kb = NULL;
37int cache_saved = 1;
38
44int
45nvticache_initialized (void)
46{
47 return !!cache_kb;
48}
49
58int
59nvticache_init (const char *src, const char *kb_path)
60{
61 assert (src);
62
63 if (src_path)
64 g_free (src_path);
65 src_path = g_strdup (src);
66 if (cache_kb)
67 kb_lnk_reset (cache_kb);
68 cache_kb = kb_find (kb_path, NVTICACHE_STR);
69 if (cache_kb)
70 return 0;
71
72 if (kb_new (&cache_kb, kb_path)
73 || kb_item_set_str (cache_kb, NVTICACHE_STR, "0", 0))
74 return -1;
75 return 0;
76}
77
83kb_t
84nvticache_get_kb (void)
85{
86 assert (cache_kb);
87 return cache_kb;
88}
89
100int
101nvticache_check (const gchar *filename)
102{
103 assert (cache_kb);
104 char *src_file, *time_s;
105 struct stat src_stat;
106 int ret = 0;
107
108 src_file = g_build_filename (src_path, filename, NULL);
109 time_s = kb_nvt_get (cache_kb, filename, NVT_TIMESTAMP_POS);
110 if (time_s && src_file && stat (src_file, &src_stat) >= 0
111 && atoi (time_s) > src_stat.st_mtime)
112 ret = 1;
113 g_free (time_s);
114 g_free (src_file);
115 return ret;
116}
117
121void
122nvticache_reset (void)
123{
124 if (cache_kb)
125 kb_lnk_reset (cache_kb);
126}
127
133static char *
134nvt_feed_version ()
135{
136 char filename[2048], *fcontent = NULL, *plugin_set;
137 GError *error = NULL;
138 static int msg_shown = 0;
139
140 g_snprintf (filename, sizeof (filename), "%s/plugin_feed_info.inc", src_path);
141 if (!g_file_get_contents (filename, &fcontent, NULL, &error))
142 {
143 if (error && msg_shown == 0)
144 {
145 g_warning ("nvt_feed_version: %s", error->message);
146 msg_shown = 1;
147 }
148 g_error_free (error);
149 return NULL;
150 }
151 plugin_set = g_strrstr (fcontent, "PLUGIN_SET = ");
152 if (!plugin_set)
153 {
154 g_warning ("nvt_feed_version: Erroneous %s format", filename);
155 g_free (fcontent);
156 return NULL;
157 }
158 msg_shown = 0;
159 plugin_set = g_strndup (plugin_set + 14, 12);
160 if (g_strstr_len (plugin_set, -1, "\"") || g_strstr_len (plugin_set, -1, ";"))
161 {
162 g_warning ("nvt_feed_version: Erroneous %s format. Format of PLUGIN_SET "
163 "has to be yyyymmddhhmm. It has to be exactly 12 chars long.",
164 filename);
165 g_free (plugin_set);
166 g_free (fcontent);
167 return NULL;
168 }
169
170 g_free (fcontent);
171 return plugin_set;
172}
173
177void
178nvticache_save (void)
179{
180 char *feed_version, *old_version;
181
182 old_version = nvticache_feed_version ();
183 feed_version = nvt_feed_version ();
184 if (feed_version && g_strcmp0 (old_version, feed_version))
185 {
186 kb_item_set_str (cache_kb, NVTICACHE_STR, feed_version, 0);
187 g_message ("Updated NVT cache from version %s to %s", old_version,
188 feed_version);
189 }
190 g_free (old_version);
191 g_free (feed_version);
192}
193
206int
207nvticache_add (const nvti_t *nvti, const char *filename)
208{
209 char *oid, *dummy;
210
211 assert (cache_kb);
212 /* Check for duplicate OID. */
213 oid = nvti_oid (nvti);
214 dummy = nvticache_get_filename (oid);
215 if (dummy && strcmp (filename, dummy))
216 {
217 struct stat src_stat;
218 char *src_file = g_build_filename (src_path, dummy, NULL);
219
220 /* If .nasl file was duplicated, not moved. */
221 if (src_file && stat (src_file, &src_stat) >= 0)
222 g_warning ("NVT %s with duplicate OID %s will be replaced with %s",
223 src_file, oid, filename);
224 g_free (src_file);
225 }
226 if (dummy)
227 nvticache_delete (oid);
228
229 g_free (dummy);
230
231 if (kb_nvt_add (cache_kb, nvti, filename))
232 goto kb_fail;
233 cache_saved = 0;
234
235 return 0;
236kb_fail:
237 return -1;
238}
239
247char *
248nvticache_get_src (const char *oid)
249{
250 char *filename, *src;
251
252 assert (cache_kb);
253
254 filename = kb_nvt_get (cache_kb, oid, NVT_FILENAME_POS);
255 if (!filename)
256 return NULL;
257 src = g_build_filename (src_path, filename, NULL);
258 g_free (filename);
259 return src;
260}
261
269char *
270nvticache_get_oid (const char *filename)
271{
272 assert (cache_kb);
273
274 return kb_nvt_get (cache_kb, filename, NVT_OID_POS);
275}
276
284char *
285nvticache_get_filename (const char *oid)
286{
287 assert (cache_kb);
288 return kb_nvt_get (cache_kb, oid, NVT_FILENAME_POS);
289}
290
298char *
299nvticache_get_required_keys (const char *oid)
300{
301 assert (cache_kb);
302 return kb_nvt_get (cache_kb, oid, NVT_REQUIRED_KEYS_POS);
303}
304
312char *
313nvticache_get_mandatory_keys (const char *oid)
314{
315 assert (cache_kb);
316 return kb_nvt_get (cache_kb, oid, NVT_MANDATORY_KEYS_POS);
317}
318
326char *
327nvticache_get_excluded_keys (const char *oid)
328{
329 assert (cache_kb);
330 return kb_nvt_get (cache_kb, oid, NVT_EXCLUDED_KEYS_POS);
331}
332
340char *
341nvticache_get_required_udp_ports (const char *oid)
342{
343 assert (cache_kb);
344 return kb_nvt_get (cache_kb, oid, NVT_REQUIRED_UDP_PORTS_POS);
345}
346
354char *
355nvticache_get_required_ports (const char *oid)
356{
357 assert (cache_kb);
358 return kb_nvt_get (cache_kb, oid, NVT_REQUIRED_PORTS_POS);
359}
360
368char *
369nvticache_get_dependencies (const char *oid)
370{
371 assert (cache_kb);
372 return kb_nvt_get (cache_kb, oid, NVT_DEPENDENCIES_POS);
373}
374
382int
383nvticache_get_category (const char *oid)
384{
385 int category;
386 char *category_s;
387
388 assert (cache_kb);
389 category_s = kb_nvt_get (cache_kb, oid, NVT_CATEGORY_POS);
390 category = atoi (category_s);
391 g_free (category_s);
392 return category;
393}
394
402char *
403nvticache_get_name (const char *oid)
404{
405 assert (cache_kb);
406 return kb_nvt_get (cache_kb, oid, NVT_NAME_POS);
407}
408
416char *
417nvticache_get_cves (const char *oid)
418{
419 assert (cache_kb);
420 return kb_nvt_get (cache_kb, oid, NVT_CVES_POS);
421}
422
430char *
431nvticache_get_bids (const char *oid)
432{
433 assert (cache_kb);
434 return kb_nvt_get (cache_kb, oid, NVT_BIDS_POS);
435}
436
444char *
445nvticache_get_xrefs (const char *oid)
446{
447 assert (cache_kb);
448 return kb_nvt_get (cache_kb, oid, NVT_XREFS_POS);
449}
450
458char *
459nvticache_get_family (const char *oid)
460{
461 assert (cache_kb);
462 return kb_nvt_get (cache_kb, oid, NVT_FAMILY_POS);
463}
464
472char *
473nvticache_get_tags (const char *oid)
474{
475 assert (cache_kb);
476 return kb_nvt_get (cache_kb, oid, NVT_TAGS_POS);
477}
478
486nvti_t *
487nvticache_get_nvt (const char *oid)
488{
489 assert (cache_kb);
490 return kb_nvt_get_all (cache_kb, oid);
491}
492
500GSList *
501nvticache_get_prefs (const char *oid)
502{
503 char pattern[4096];
504 struct kb_item *prefs, *element;
505 GSList *list = NULL;
506
507 assert (cache_kb);
508
509 g_snprintf (pattern, sizeof (pattern), "oid:%s:prefs", oid);
510 prefs = element = kb_item_get_all (cache_kb, pattern);
511 while (element)
512 {
513 nvtpref_t *np;
514 char **array = g_strsplit (element->v_str, "|||", -1);
515
516 assert (array[3]);
517 assert (!array[4]);
518 np = nvtpref_new (atoi (array[0]), array[1], array[2], array[3]);
519 g_strfreev (array);
520 list = g_slist_append (list, np);
521 element = element->next;
522 }
523 kb_item_free (prefs);
524
525 return list;
526}
527
533GSList *
534nvticache_get_oids ()
535{
536 assert (cache_kb);
537
538 return kb_nvt_get_oids (cache_kb);
539}
540
546size_t
547nvticache_count ()
548{
549 assert (cache_kb);
550
551 return kb_item_count (cache_kb, "nvt:*");
552}
553
559void
560nvticache_delete (const char *oid)
561{
562 char pattern[4096];
563 char *filename;
564
565 assert (cache_kb);
566 assert (oid);
567
568 filename = nvticache_get_filename (oid);
569 g_snprintf (pattern, sizeof (pattern), "oid:%s:prefs", oid);
570 kb_del_items (cache_kb, pattern);
571 g_snprintf (pattern, sizeof (pattern), "nvt:%s", oid);
572 kb_del_items (cache_kb, pattern);
573
574 if (filename)
575 {
576 g_snprintf (pattern, sizeof (pattern), "filename:%s", filename);
577 kb_del_items (cache_kb, pattern);
578 }
579 g_free (filename);
580}
581
587char *
592
598int
599nvticache_check_feed (void)
600{
601 char *cached, *current;
602 int ret;
603
604 if (!(current = nvt_feed_version ()))
605 return 0;
606 cached = kb_item_get_str (cache_kb, NVTICACHE_STR);
607 ret = strcmp (cached, current);
608 g_free (cached);
609 g_free (current);
610 return ret;
611}
kb_item_free
void kb_item_free(struct kb_item *item)
Release a KB item (or a list).
Definition kb.c:642
kb.h
Knowledge base management API - Redis backend.
kb_del_items
static int kb_del_items(kb_t kb, const char *name)
Delete all entries under a given name.
Definition kb.h:708
kb_nvt_add
static int kb_nvt_add(kb_t kb, const nvti_t *nvt, const char *filename)
Insert a new nvt.
Definition kb.h:636
NVT_FAMILY_POS
@ NVT_FAMILY_POS
Definition kb.h:58
NVT_CATEGORY_POS
@ NVT_CATEGORY_POS
Definition kb.h:57
NVT_TIMESTAMP_POS
@ NVT_TIMESTAMP_POS
Definition kb.h:60
NVT_NAME_POS
@ NVT_NAME_POS
Definition kb.h:59
NVT_TAGS_POS
@ NVT_TAGS_POS
Definition kb.h:53
NVT_BIDS_POS
@ NVT_BIDS_POS
Definition kb.h:55
NVT_EXCLUDED_KEYS_POS
@ NVT_EXCLUDED_KEYS_POS
Definition kb.h:49
NVT_REQUIRED_PORTS_POS
@ NVT_REQUIRED_PORTS_POS
Definition kb.h:51
NVT_REQUIRED_UDP_PORTS_POS
@ NVT_REQUIRED_UDP_PORTS_POS
Definition kb.h:50
NVT_FILENAME_POS
@ NVT_FILENAME_POS
Definition kb.h:46
NVT_OID_POS
@ NVT_OID_POS
Definition kb.h:61
NVT_DEPENDENCIES_POS
@ NVT_DEPENDENCIES_POS
Definition kb.h:52
NVT_CVES_POS
@ NVT_CVES_POS
Definition kb.h:54
NVT_REQUIRED_KEYS_POS
@ NVT_REQUIRED_KEYS_POS
Definition kb.h:47
NVT_XREFS_POS
@ NVT_XREFS_POS
Definition kb.h:56
NVT_MANDATORY_KEYS_POS
@ NVT_MANDATORY_KEYS_POS
Definition kb.h:48
kb_new
static int kb_new(kb_t *kb, const char *kb_path)
Initialize a new Knowledge Base object.
Definition kb.h:243
kb_item_count
static size_t kb_item_count(kb_t kb, const char *pattern)
Count all items stored under a given pattern.
Definition kb.h:448
kb_t
struct kb * kb_t
type abstraction to hide KB internals.
Definition kb.h:98
kb_nvt_get_all
static nvti_t * kb_nvt_get_all(kb_t kb, const char *oid)
Get a full NVT.
Definition kb.h:673
kb_find
static kb_t kb_find(const char *kb_path, const char *key)
Find an existing Knowledge Base object with key.
Definition kb.h:280
kb_nvt_get_oids
static GSList * kb_nvt_get_oids(kb_t kb)
Get list of NVT OIDs.
Definition kb.h:690
kb_item_set_str
static int kb_item_set_str(kb_t kb, const char *name, const char *str, size_t len)
Set (replace) a new entry under a given name.
Definition kb.h:538
kb_nvt_get
static char * kb_nvt_get(kb_t kb, const char *oid, enum kb_nvt_pos position)
Get field of a NVT.
Definition kb.h:655
kb_lnk_reset
static int kb_lnk_reset(kb_t kb)
Reset connection to the KB. This is called after each fork() to make.
Definition kb.h:747
kb_item_get_all
static struct kb_item * kb_item_get_all(kb_t kb, const char *name)
Get all items stored under a given name.
Definition kb.h:371
kb_item_get_str
static char * kb_item_get_str(kb_t kb, const char *name)
Get a single KB string item.
Definition kb.h:334
nvti_t
struct nvti nvti_t
The structure of a information record that corresponds to a NVT.
nvtpref_t
struct nvtpref nvtpref_t
The structure for a preference of a NVT.
nvti_oid
gchar * nvti_oid(const nvti_t *n)
Get the OID string.
Definition nvti.c:611
nvtpref_new
nvtpref_t * nvtpref_new(int id, const gchar *name, const gchar *type, const gchar *dflt)
Create a new nvtpref structure filled with the given values.
Definition nvti.c:463
cache_saved
int cache_saved
Definition nvticache.c:37
nvticache_check
int nvticache_check(const gchar *filename)
Check if the nvt for the given filename exists in cache.
Definition nvticache.c:101
nvticache_get_dependencies
char * nvticache_get_dependencies(const char *oid)
Get the Dependencies from a plugin OID.
Definition nvticache.c:369
nvticache_get_src
char * nvticache_get_src(const char *oid)
Get the full source filename of an OID.
Definition nvticache.c:248
nvticache_get_filename
char * nvticache_get_filename(const char *oid)
Get the filename from a plugin OID.
Definition nvticache.c:285
nvticache_init
int nvticache_init(const char *src, const char *kb_path)
Initializes the nvti cache.
Definition nvticache.c:59
nvticache_delete
void nvticache_delete(const char *oid)
Delete NVT from the cache.
Definition nvticache.c:560
src_path
char * src_path
Definition nvticache.c:35
nvticache_add
int nvticache_add(const nvti_t *nvti, const char *filename)
Add a NVT Information to the cache.
Definition nvticache.c:207
nvticache_count
size_t nvticache_count()
Get the number of nvt's in the cache.
Definition nvticache.c:547
nvticache_get_xrefs
char * nvticache_get_xrefs(const char *oid)
Get the xrefs from a plugin OID.
Definition nvticache.c:445
nvticache_get_required_keys
char * nvticache_get_required_keys(const char *oid)
Get the Required Keys from a plugin OID.
Definition nvticache.c:299
nvticache_get_tags
char * nvticache_get_tags(const char *oid)
Get the tags from a plugin OID.
Definition nvticache.c:473
nvticache_get_bids
char * nvticache_get_bids(const char *oid)
Get the bids from a plugin OID.
Definition nvticache.c:431
nvticache_get_prefs
GSList * nvticache_get_prefs(const char *oid)
Get the prefs from a plugin OID.
Definition nvticache.c:501
nvticache_get_kb
kb_t nvticache_get_kb(void)
Return the nvticache kb.
Definition nvticache.c:84
nvticache_get_mandatory_keys
char * nvticache_get_mandatory_keys(const char *oid)
Get the Mandatory Keys from a plugin OID.
Definition nvticache.c:313
nvticache_save
void nvticache_save(void)
Save the nvticache to disk.
Definition nvticache.c:178
nvticache_reset
void nvticache_reset(void)
Reset connection to KB. To be called after a fork().
Definition nvticache.c:122
nvticache_get_excluded_keys
char * nvticache_get_excluded_keys(const char *oid)
Get the Excluded Keys from a plugin OID.
Definition nvticache.c:327
nvticache_get_oids
GSList * nvticache_get_oids()
Get the list of nvti OIDs.
Definition nvticache.c:534
nvticache_get_required_ports
char * nvticache_get_required_ports(const char *oid)
Get the Required ports from a plugin OID.
Definition nvticache.c:355
nvticache_get_family
char * nvticache_get_family(const char *oid)
Get the family from a plugin OID.
Definition nvticache.c:459
nvticache_get_category
int nvticache_get_category(const char *oid)
Get the Category from a plugin OID.
Definition nvticache.c:383
nvticache_get_nvt
nvti_t * nvticache_get_nvt(const char *oid)
Get the nvti from a plugin OID.
Definition nvticache.c:487
cache_kb
kb_t cache_kb
Definition nvticache.c:36
nvticache_get_name
char * nvticache_get_name(const char *oid)
Get the name from a plugin OID.
Definition nvticache.c:403
nvticache_feed_version
char * nvticache_feed_version(void)
Get the NVT feed version.
Definition nvticache.c:588
nvt_feed_version
static char * nvt_feed_version()
Determine the version of the NVT feed.
Definition nvticache.c:134
nvticache_get_cves
char * nvticache_get_cves(const char *oid)
Get the cves from a plugin OID.
Definition nvticache.c:417
nvticache_check_feed
int nvticache_check_feed(void)
Check if the plugins feed was newer than cached feed.
Definition nvticache.c:599
nvticache_initialized
int nvticache_initialized(void)
Return whether the nvt cache is initialized.
Definition nvticache.c:45
nvticache_get_required_udp_ports
char * nvticache_get_required_udp_ports(const char *oid)
Get the Required udp ports from a plugin OID.
Definition nvticache.c:341
nvticache_get_oid
char * nvticache_get_oid(const char *filename)
Get the OID from a plugin filename.
Definition nvticache.c:270
nvticache.h
Protos and data structures for NVT Information Cache.
NVTICACHE_STR
#define NVTICACHE_STR
Definition nvticache.h:22
kb_item
Knowledge base item (defined by name, type (int/char*) and value). Implemented as a singly linked lis...
Definition kb.h:69
kb_item::v_str
char * v_str
Definition kb.h:74
kb_item::next
struct kb_item * next
Definition kb.h:79
nvti
The structure of a information record that corresponds to a NVT.
Definition nvti.c:358