17#include <gnutls/gnutls.h>
22#include <sys/socket.h>
30#define G_LOG_DOMAIN "libgvm osp"
127 const
char *cert, const
char *key)
131 if (host && *host ==
'/')
133 struct sockaddr_un addr;
136 if (strlen (host) >=
sizeof (addr.sun_path))
138 g_warning (
"%s: given host / socket path too long (%zu > %zu bytes)",
139 __func__, strlen (host),
sizeof (addr.sun_path) - 1);
143 connection = g_malloc0 (
sizeof (*connection));
144 connection->
socket = socket (AF_UNIX, SOCK_STREAM, 0);
145 if (connection->
socket == -1)
151 addr.sun_family = AF_UNIX;
152 memset (addr.sun_path, 0, sizeof (addr.sun_path));
153 memcpy (addr.sun_path, host, strlen (host));
154 len = strlen (addr.sun_path) +
sizeof (addr.sun_family);
155 if (connect (connection->
socket, (
struct sockaddr *) &addr, len) == -1)
157 close (connection->
socket);
164 if (port <= 0 || port > 65535)
168 if (!cert || !key || !cacert)
171 connection = g_malloc0 (
sizeof (*connection));
173 &connection->
session, host, port, cacert, cert, key);
175 if (connection->
socket == -1)
181 connection->
host = g_strdup (host);
182 connection->
port = port;
197 const char *fmt, ...)
204 if (!connection || !fmt || !response)
207 if (*connection->
host ==
'/')
241 const char *fmt, ...)
252 if (!connection || !fmt)
255 if (*connection->
host ==
'/')
295 if (*connection->
host ==
'/')
296 close (connection->
socket);
299 g_free (connection->
host);
319 int *self_test_exit_error,
char **self_test_error_msg,
322 entity_t entity, feed, lockfile_entity, exit_error_entity, error_msg_entity;
323 const char *status, *status_text;
333 if (status != NULL && !strcmp (status,
"400"))
336 g_debug (
"%s: %s - %s.", __func__, status, status_text);
338 *cmd_error = g_strdup (status_text);
346 g_warning (
"%s: element FEED missing.", __func__);
351 lockfile_entity =
entity_child (feed,
"lockfile_in_use");
352 exit_error_entity =
entity_child (feed,
"self_test_exit_error");
353 error_msg_entity =
entity_child (feed,
"self_test_error_msg");
358 *lockfile_in_use = atoi (
entity_text (lockfile_entity));
361 g_warning (
"%s: element LOCKFILE_IN_USE missing.", __func__);
362 *lockfile_in_use = -1;
366 if (self_test_exit_error)
368 if (exit_error_entity)
369 *self_test_exit_error = atoi (
entity_text (exit_error_entity));
372 g_warning (
"%s: element SELF_TEST_EXIT_ERROR missing.", __func__);
373 *self_test_exit_error = -1;
377 if (self_test_error_msg)
379 if (error_msg_entity)
382 *self_test_error_msg = g_strdup (
entity_text (error_msg_entity));
384 *self_test_error_msg = NULL;
388 g_warning (
"%s: element SELF_TEST_ERROR_MSG missing.", __func__);
389 *self_test_error_msg = NULL;
412 char **d_name,
char **d_version,
char **p_name,
425 goto err_get_version;
428 goto err_get_version;
433 goto err_get_version;
439 goto err_get_version;
442 goto err_get_version;
447 goto err_get_version;
453 goto err_get_version;
456 goto err_get_version;
461 goto err_get_version;
469 g_warning (
"Erroneous OSP <get_version/> response.");
501 const char *status, *status_text;
514 if (status != NULL && !strcmp (status,
"400"))
517 g_debug (
"%s: %s - %s.", __func__, status, status_text);
519 *error = g_strdup (status_text);
527 g_warning (
"%s: element VTS missing.", __func__);
535 *vts_version = g_strdup (version);
555 char **feed_name,
char **feed_vendor,
char **feed_home,
559 const char *version, *name, *vendor, *home;
560 const char *status, *status_text;
573 if (status != NULL && !strcmp (status,
"400"))
576 g_debug (
"%s: %s - %s.", __func__, status, status_text);
578 *error = g_strdup (status_text);
586 g_warning (
"%s: element VTS missing.", __func__);
597 *vts_version = version ? g_strdup (version) : NULL;
599 *feed_name = name ? g_strdup (name) : NULL;
601 *feed_vendor = vendor ? g_strdup (vendor) : NULL;
603 *feed_home = home ? g_strdup (home) : NULL;
736 if (strcmp (status,
"200"))
765 *error = g_strdup (
"Couldn't send get_performance command "
766 "to scanner. Not valid connection");
773 || opts.
start > now || opts.
end < 0 || opts.
end > now)
776 *error = g_strdup (
"Couldn't send get_performance command "
777 "to scanner. Bad or missing parameters.");
782 "<get_performance start='%d' "
783 "end='%d' titles='%s'/>",
789 *error = g_strdup (
"Couldn't send get_performance command to scanner");
801 *error = g_strdup (text);
830 *error = g_strdup (
"Couldn't send get_scans command "
831 "to scanner. Not valid connection");
837 "<get_scans scan_id='%s'"
839 " pop_results='0'/>",
845 *error = g_strdup (
"Couldn't send get_scans command to scanner");
856 *error = g_strdup (text);
892 char **report_xml,
int details,
int pop_results,
char **error)
901 *error = g_strdup (
"Couldn't send get_scan command "
902 "to scanner. Not valid connection");
907 "<get_scans scan_id='%s'"
909 " pop_results='%d'/>",
910 scan_id, pop_results ? 1 : 0, details ? 1 : 0);
914 *error = g_strdup (
"Couldn't send get_scans command to scanner");
925 *error = g_strdup (text);
934 string = g_string_new (
"");
936 *report_xml = g_string_free (
string, FALSE);
955 char **report_xml,
int details,
char **error)
957 return osp_get_scan_pop (connection, scan_id, report_xml, details, 0, error);
978 *error = g_strdup (
"Couldn't send stop_scan command "
979 "to scanner. Not valid connection");
988 *error = g_strdup (
"Couldn't send stop_scan command to scanner");
1004 *error = g_strdup (text);
1021 char *options_str, *tmp, *key_escaped, *value_escaped;
1023 options_str = *(
char **) pstr;
1025 key_escaped = g_markup_escape_text ((
char *) key, -1);
1026 value_escaped = g_markup_escape_text ((
char *) value, -1);
1027 tmp = g_strdup_printf (
"%s<%s>%s</%s>", options_str ? options_str :
"",
1028 key_escaped, value_escaped, key_escaped);
1030 g_free (options_str);
1031 g_free (key_escaped);
1032 g_free (value_escaped);
1033 *(
char **) pstr = tmp;
1050 const char *ports, GHashTable *options,
const char *scan_id,
1054 char *options_str = NULL;
1061 *error = g_strdup (
"Couldn't send start_scan command "
1062 "to scanner. Not valid connection");
1072 "<start_scan target='%s' ports='%s' scan_id='%s'>"
1073 "<scanner_params>%s</scanner_params></start_scan>",
1074 target, ports ? ports :
"", scan_id ? scan_id :
"",
1075 options_str ? options_str :
"");
1076 g_free (options_str);
1080 *error = g_strdup (
"Couldn't send start_scan command to scanner");
1096 *error = g_strdup (text);
1113 GHashTableIter auth_data_iter;
1114 gchar *auth_data_name, *auth_data_value;
1117 "<credential type=\"%s\" service=\"%s\" port=\"%s\">",
1118 credential->
type ? credential->
type :
"",
1120 credential->
port ? credential->
port :
"");
1122 g_hash_table_iter_init (&auth_data_iter, credential->
auth_data);
1123 while (g_hash_table_iter_next (&auth_data_iter, (gpointer *) &auth_data_name,
1124 (gpointer *) &auth_data_value))
1127 auth_data_value, auth_data_name);
1146 "<exclude_hosts>%s</exclude_hosts>"
1147 "<finished_hosts>%s</finished_hosts>"
1148 "<ports>%s</ports>",
1160 else if (target->
icmp == TRUE || target->
tcp_syn == TRUE
1161 || target->
tcp_ack == TRUE || target->
arp == TRUE
1165 "<alive_test_methods>"
1167 "<tcp_syn>%d</tcp_syn>"
1168 "<tcp_ack>%d</tcp_ack>"
1170 "<consider_alive>%d</consider_alive>"
1171 "</alive_test_methods>",
1178 "<reverse_lookup_unify>%d</reverse_lookup_unify>",
1182 "<reverse_lookup_only>%d</reverse_lookup_only>",
1187 g_string_append (xml_string,
"<credentials>");
1190 g_string_append (xml_string,
"</credentials>");
1219 id ?
id :
"", value ? value :
"");
1250 gchar *scanner_params_xml = NULL;
1257 char filename[] =
"/tmp/osp-cmd-XXXXXX";
1263 *error = g_strdup (
"Couldn't send start_scan command "
1264 "to scanner. Not valid connection");
1268 fd = mkstemp (filename);
1269 FILE *file = fdopen (fd,
"w");
1271 xml = g_string_sized_new (10240);
1272 g_string_append (xml,
"<start_scan");
1275 g_string_append (xml,
"<targets>");
1277 g_string_append (xml,
"</targets>");
1279 g_string_append (xml,
"<scanner_params>");
1282 scanner_params_xml = NULL;
1284 &scanner_params_xml);
1285 if (scanner_params_xml)
1286 g_string_append (xml, scanner_params_xml);
1287 g_free (scanner_params_xml);
1289 g_string_append (xml,
"</scanner_params>");
1291 g_string_append (xml,
"<vt_selection>");
1294 fprintf (file,
"%s", xml->str);
1296 g_string_free (xml, TRUE);
1298 xml = g_string_new (
"");
1299 list_item = opts.
vts;
1306 list_item = list_item->next;
1308 if (list_count == 1000)
1310 fprintf (file,
"%s", xml->str);
1312 g_string_free (xml, TRUE);
1313 xml = g_string_new (
"");
1318 g_string_append (xml,
"</vt_selection>");
1319 g_string_append (xml,
"</start_scan>");
1321 fprintf (file,
"%s", xml->str);
1324 g_string_free (xml, TRUE);
1326 g_file_get_contents (filename, &cmd, NULL, NULL);
1336 *error = g_strdup (
"Could not send start_scan command to scanner");
1352 *error = g_strdup (text);
1374 if (!strcmp (str,
"integer"))
1376 else if (!strcmp (str,
"string"))
1378 else if (!strcmp (str,
"password"))
1380 else if (!strcmp (str,
"file"))
1382 else if (!strcmp (str,
"boolean"))
1384 else if (!strcmp (str,
"ovaldef_file"))
1386 else if (!strcmp (str,
"selection"))
1388 else if (!strcmp (str,
"credential_up"))
1419 return "ovaldef_file";
1423 return "credential_up";
1444 assert (connection);
1461 child = entities->data;
1473 *params = g_slist_append (*params, param);
1585 g_free (param->
name);
1586 g_free (param->
desc);
1587 g_free (param->
def);
1607 new_credential->
type = type ? g_strdup (type) : NULL;
1608 new_credential->
service = service ? g_strdup (service) : NULL;
1609 new_credential->
port = port ? g_strdup (port) : NULL;
1611 g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free);
1613 return new_credential;
1627 g_free (credential->
type);
1629 g_free (credential->
port);
1630 g_hash_table_destroy (credential->
auth_data);
1631 g_free (credential);
1645 if (credential == NULL || name == NULL)
1647 return g_hash_table_lookup (credential->
auth_data, name);
1661 if (credential == NULL || name == NULL)
1664 if (g_regex_match_simple (
"^[[:alpha:]][[:alnum:]_]*$", name, 0, 0))
1667 g_hash_table_replace (credential->
auth_data, g_strdup (name),
1670 g_hash_table_remove (credential->
auth_data, name);
1674 g_warning (
"%s: Invalid auth data name: %s", __func__, name);
1692 int alive_test,
int reverse_lookup_unify,
1693 int reverse_lookup_only)
1698 new_target->
exclude_hosts = exclude_hosts ? g_strdup (exclude_hosts) : NULL;
1699 new_target->
hosts = hosts ? g_strdup (hosts) : NULL;
1700 new_target->
ports = ports ? g_strdup (ports) : NULL;
1702 new_target->
alive_test = alive_test ? alive_test : 0;
1704 reverse_lookup_unify ? reverse_lookup_unify : 0;
1706 reverse_lookup_only ? reverse_lookup_only : 0;
1721 target->
finished_hosts = finished_hosts ? g_strdup (finished_hosts) : NULL;
1737 g_free (target->
hosts);
1738 g_free (target->
ports);
1754 gboolean tcp_syn, gboolean tcp_ack,
1755 gboolean arp, gboolean consider_alive)
1760 target->
icmp = icmp;
1776 if (!target || !credential)
1795 new_vt_group->
filter = filter ? g_strdup (filter) : NULL;
1797 return new_vt_group;
1811 g_free (vt_group->
filter);
1828 new_vt_single->
vt_id = vt_id ? g_strdup (vt_id) : NULL;
1830 g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free);
1832 return new_vt_single;
1846 g_hash_table_destroy (vt_single->
vt_values);
1848 g_free (vt_single->
vt_id);
1864 g_hash_table_replace (vt_single->
vt_values, g_strdup (name),
int gvm_get_host_type(const gchar *str_stripped)
Determines the host type in a buffer.
Protos and data structures for Hosts collections and single hosts objects.
int osp_check_feed(osp_connection_t *connection, int *lockfile_in_use, int *self_test_exit_error, char **self_test_error_msg, char **cmd_error)
Gets additional status info about the feed.
void osp_credential_set_auth_data(osp_credential_t *credential, const char *name, const char *value)
Get authentication data from an OSP credential.
void osp_connection_close(osp_connection_t *connection)
Close a connection to an OSP server.
void osp_credential_free(osp_credential_t *credential)
Free an OSP credential.
int osp_get_vts_ext_str(osp_connection_t *connection, osp_get_vts_opts_t opts, gchar **str)
Get filtered set of VTs from an OSP server.
static int osp_send_command(osp_connection_t *, entity_t *, static intosp_send_command_str(osp_connection_t const char *,...)
int osp_start_scan_ext(osp_connection_t *connection, osp_start_scan_opts_t opts, char **error)
Start an OSP scan against a target.
void osp_vt_group_free(osp_vt_group_t *vt_group)
Free a OSP VT group.
void osp_target_add_alive_test_methods(osp_target_t *target, gboolean icmp, gboolean tcp_syn, gboolean tcp_ack, gboolean arp, gboolean consider_alive)
Add alive test methods to OSP target.
osp_vt_group_t * osp_vt_group_new(const char *filter)
Create a new OSP VT group.
int osp_get_vts_feed_info(osp_connection_t *connection, char **vts_version, char **feed_name, char **feed_vendor, char **feed_home, char **error)
Get the VTs version as well as other feed info from an OSP server.
void osp_target_set_finished_hosts(osp_target_t *target, const char *finished_hosts)
Set the finished hosts of an OSP target.
static osp_param_type_t osp_param_str_to_type(const char *str)
Get an OSP parameter's type from its string format.
int osp_get_vts(osp_connection_t *connection, entity_t *vts)
Get all VTs from an OSP server.
int osp_get_scanner_details(osp_connection_t *connection, char **desc, GSList **params)
Get an OSP scanner's details.
static void credential_append_as_xml(osp_credential_t *credential, GString *xml_string)
Concatenate a credential as XML.
const char * osp_param_desc(const osp_param_t *param)
Get an OSP parameter's description.
void osp_target_add_credential(osp_target_t *target, osp_credential_t *credential)
Add a credential to an OSP target.
int osp_delete_scan(osp_connection_t *connection, const char *scan_id)
Delete a scan from an OSP server.
void osp_target_free(osp_target_t *target)
Free an OSP target, including all added credentials.
int osp_get_vts_ext(osp_connection_t *connection, osp_get_vts_opts_t opts, entity_t *vts)
Get filtered set of VTs from an OSP server.
void osp_vt_single_add_value(osp_vt_single_t *vt_single, const char *name, const char *value)
Add a preference value to an OSP VT. This creates a copy of the name and value.
static void vt_single_append_as_xml(osp_vt_single_t *vt_single, GString *xml_string)
Append single VTs as XML to a string buffer.
osp_vt_single_t * osp_vt_single_new(const char *vt_id)
Create a new single OSP VT.
int osp_get_scan(osp_connection_t *connection, const char *scan_id, char **report_xml, int details, char **error)
Get a scan from an OSP server.
int osp_get_scan_pop(osp_connection_t *connection, const char *scan_id, char **report_xml, int details, int pop_results, char **error)
Get a scan from an OSP server, optionally removing the results.
static void vt_value_append_as_xml(gpointer id, gchar *value, GString *xml_string)
Append VT values as XML to a string buffer.
int osp_start_scan(osp_connection_t *connection, const char *target, const char *ports, GHashTable *options, const char *scan_id, char **error)
Start an OSP scan against a target.
static void target_append_as_xml(osp_target_t *target, GString *xml_string)
Concatenate a target as XML.
static void vt_group_append_as_xml(osp_vt_group_t *vt_group, GString *xml_string)
Append VT groups as XML to a string buffer.
void osp_vt_single_free(osp_vt_single_t *vt_single)
Free a single OSP VT, including all preference values.
static void option_concat_as_xml(gpointer key, gpointer value, gpointer pstr)
Concatenate options as xml.
osp_credential_t * osp_credential_new(const char *type, const char *service, const char *port)
Allocate and initialize a new OSP credential.
osp_param_t * osp_param_new(void)
Create a new OSP parameter.
osp_target_t * osp_target_new(const char *hosts, const char *ports, const char *exclude_hosts, int alive_test, int reverse_lookup_unify, int reverse_lookup_only)
Create a new OSP target.
int osp_get_version(osp_connection_t *connection, char **s_name, char **s_version, char **d_name, char **d_version, char **p_name, char **p_version)
Get the scanner version from an OSP server.
const gchar * osp_credential_get_auth_data(osp_credential_t *credential, const char *name)
Get authentication data from an OSP credential.
const char * osp_param_type_str(const osp_param_t *param)
Get an OSP parameter in string format form its type.
static int osp_send_command_str(osp_connection_t *connection, gchar **str, const char *fmt,...)
Send a command to an OSP server.
int osp_stop_scan(osp_connection_t *connection, const char *scan_id, char **error)
Stop a scan on an OSP server.
int osp_get_performance_ext(osp_connection_t *connection, osp_get_performance_opts_t opts, char **graph, char **error)
Get performance graphics from an OSP server.
const char * osp_param_name(const osp_param_t *param)
Get an OSP parameter's name.
int osp_param_mandatory(const osp_param_t *param)
Get an OSP parameter's mandatory value.
void osp_param_free(osp_param_t *param)
Free an OSP parameter.
int osp_get_vts_version(osp_connection_t *connection, char **vts_version, char **error)
Get the VTs version from an OSP server.
osp_scan_status_t osp_get_scan_status_ext(osp_connection_t *connection, osp_get_scan_status_opts_t opts, char **error)
Get a scan status from an OSP server.
const char * osp_param_id(const osp_param_t *param)
Get an OSP parameter's id.
const char * osp_param_default(const osp_param_t *param)
Get an OSP parameter's default value.
API for Open Scanner Protocol communication.
struct osp_connection osp_connection_t
struct osp_target osp_target_t
static const osp_get_vts_opts_t osp_get_vts_opts_default
Sensible default values for osp_get_vts_opts_t.
struct osp_vt_group osp_vt_group_t
osp_scan_status_t
OSP scan status.
@ OSP_SCAN_STATUS_STOPPED
@ OSP_SCAN_STATUS_INTERRUPTED
@ OSP_SCAN_STATUS_FINISHED
@ OSP_SCAN_STATUS_RUNNING
struct osp_vt_single osp_vt_single_t
osp_connection_t * osp_connection_new(const char *, int, const char *, const char *, const char *)
struct osp_param osp_param_t
struct osp_credential osp_credential_t
osp_param_type_t
OSP parameter types.
@ OSP_PARAM_TYPE_SELECTION
@ OSP_PARAM_TYPE_PASSWORD
@ OSP_PARAM_TYPE_OVALDEF_FILE
int gvm_server_open_with_cert(gnutls_session_t *session, const char *host, int port, const char *ca_mem, const char *pub_mem, const char *priv_mem)
Connect to the server using a given host, port and cert.
int gvm_server_vsendf(gnutls_session_t *session, const char *fmt, va_list ap)
Send a string to the server.
int gvm_server_close(int socket, gnutls_session_t session)
Close a server connection and its socket.
int gvm_socket_vsendf(int socket, const char *fmt, va_list ap)
Send a string to the server.
GnuTLS based functions for server communication - header file.
entities_t entities
Children.
int tls
Whether uses TCP-TLS (vs UNIX socket).
gchar * host_string
Server host string.
gnutls_session_t session
Session.
Struct holding options for OSP connection.
Struct credential information for OSP.
const char * scan_id
UUID of the scan which get the status from.
char * filter
the filter to apply for a vt sub-selection.
int version_only
if get only feed info or the vt collection
Struct holding options for OSP parameters.
GSList * targets
Target hosts to scan.
GSList * vts
Single VTs to use for the scan.
GSList * vt_groups
VT groups to use for the scan.
GHashTable * scanner_params
Table of scanner parameters.
const char * scan_id
UUID to set for scan, null otherwise.
Struct holding target information.
Struct holding vt_group information.
Struct holding vt_group information.
const char * entity_attribute(entity_t entity, const char *name)
Get an attribute of an entity.
char * entity_text(entity_t entity)
Get the text an entity.
int read_entity(gnutls_session_t *session, entity_t *entity)
Read an XML entity tree from the manager.
entities_t next_entities(entities_t entities)
Return all the entities from an entities_t after the first.
void free_entity(entity_t entity)
Free an entity, recursively.
int read_text_c(gvm_connection_t *connection, char **text)
Read text from the server.
entity_t entity_child(entity_t entity, const char *name)
Get a child of an entity.
int read_entity_s(int socket, entity_t *entity)
Read an XML entity tree from the socket.
void xml_string_append(GString *xml, const char *format,...)
Append formatted escaped XML to a string.
void print_entity_to_string(entity_t entity, GString *string)
Print an XML entity tree to a GString, appending it if string is not.
struct entity_s * entity_t
GSList * entities_t
Entities.
1.15.0