nasl_global_ctxt.h File Reference

#include "nasl_tree.h"
#include <gvm/util/kb.h>
#include <stdio.h>

Include dependency graph for nasl_global_ctxt.h:

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures
struct	naslctxt

Functions
int	init_nasl_ctx (naslctxt *, const char *, const char *)
	Initialize a NASL context for a NASL file.
void	nasl_clean_ctx (naslctxt *)

Function Documentation

init_nasl_ctx()

int init_nasl_ctx	(	naslctxt *	pc,
		const char *	parent,
		const char *	name )

Initialize a NASL context for a NASL file.

Parameters

pc	The NASL context handler.
name	The filename of the NASL script.

Returns

0 in case of success. Then, file content is set in pc->buffer. -1 if either the filename was not found/accessible or the signature verification failed (provided signature checking is enabled. In any case, various elements of pc are modified (initialized);

Definition at line 2723 of file nasl_grammar.tab.c.

{
  char *full_name = NULL, key_path[2048], *checksum;
  const char *filename;
  GSList * inc_dir = inc_dirs; // iterator for include directories
  size_t flen = 0;
  time_t timestamp;
 
  // initialize if not yet done (for openvas-server < 2.0.1)
  if (! inc_dirs) add_nasl_inc_dir("");
 
  pc->line_nb = 1;
  pc->name = (char *) name;
  pc->include_order = include_order++;
  pc->tree = NULL;
  if (!parse_len)
    {
      parse_len = 9092;
      parse_buffer = g_malloc0 (parse_len);
    }
  else
    parse_buffer[0] = '\0';
 
 
  nasl_set_filename (name);
  while (inc_dir != NULL) {
    if (full_name)
      g_free (full_name);
    full_name = g_build_filename(inc_dir->data, name, NULL);
 
    if ((g_file_get_contents (full_name, &pc->buffer, &flen, NULL)))
      break;
 
    inc_dir = g_slist_next(inc_dir);
  }
 
 
verify:
  if (!full_name || !pc->buffer) {
    g_message ("%s: Not able to open nor to locate it in include paths",
               name);
    g_free(full_name);
    return -1;
  }
 
  if (pc->always_signed)
    {
      g_free(full_name);
      return 0;
    }
  /* Cache the checksum of signature verified files, so that commonly included
   * files are not verified multiple times per scan. */
  // filename should be always without base as we store everything as defined in sha256sums
  filename = remove_base(full_name);
 
 
  snprintf (key_path, sizeof (key_path), "signaturecheck:%s", filename);
  timestamp = kb_item_get_int (pc->kb, key_path);
 
  /* We never use the mtime of a .nasl/.inc file as integrity check during
   * the script load up. A complete verification is done in this case.
   * Once it has been uploaded in the nvticache it is enough to just check
   * the mtime. */
  if (timestamp > 0 && pc->exec_descr == 0)
    {
      struct stat file_stat;
 
      if (stat (full_name, &file_stat) >= 0 && timestamp > file_stat.st_mtime)
        {
          /* Already checked. No need to check again. */
          g_free (full_name);
          return 0;
        }
    }
 
  load_checksums (pc->kb);
  if (checksum_algorithm == GCRY_MD_NONE)
    return -1;
  else if (checksum_algorithm == GCRY_MD_SHA256)
    snprintf (key_path, sizeof (key_path), "sha256sums:%s", filename);
  else
    abort ();
  checksum = kb_item_get_str (pc->kb, key_path);
  if (!checksum)
    {
      // try one more time, but set the parent dir as a base
      // this can happen when shorthand includes are used for an example:
      // in a nasl file of a/test.nasl -> include("test.inc")
      // to include a/test.inc instead of writing include("a/test.inc");
      if (parent == NULL) {
          g_warning ("No checksum for %s (%s)", full_name, filename);
          g_free(full_name);
          return -1;
      } 
      g_free(full_name);
      full_name = fullname_based_on_parent(parent, name);
      parent = NULL;
      goto verify;
    }
  else
    {
      int ret;
      char *check = file_checksum (full_name, checksum_algorithm);
 
      snprintf (key_path, sizeof (key_path), "signaturecheck:%s", filename);
      ret = strcmp (check, checksum);
      if (ret)
        {
          kb_del_items (pc->kb, key_path);
          g_warning ("checksum for %s not matching (%s)", full_name, key_path);
        }
      else
        {
          kb_del_items (pc->kb, key_path);
          kb_item_add_int (pc->kb, key_path, time (NULL));
        }
 
      g_free (full_name);
      g_free (checksum);
      g_free (check);
      return ret;
    }
}

References add_nasl_inc_dir(), naslctxt::always_signed, naslctxt::buffer, checksum_algorithm, naslctxt::exec_descr, file_checksum(), fullname_based_on_parent(), inc_dirs, include_order, naslctxt::include_order, naslctxt::kb, naslctxt::line_nb, load_checksums(), name, naslctxt::name, nasl_set_filename(), parse_buffer, parse_len, remove_base(), and naslctxt::tree.

Referenced by exec_nasl_script(), and yyparse().

Here is the call graph for this function:

Here is the caller graph for this function:

nasl_clean_ctx()

void nasl_clean_ctx

(

naslctxt *

c

)

Definition at line 2848 of file nasl_grammar.tab.c.

{
  deref_cell(c->tree);
  g_free (c->buffer);
}

References naslctxt::buffer, deref_cell(), and naslctxt::tree.

Referenced by exec_nasl_script().

Here is the call graph for this function:

Here is the caller graph for this function: