OpenVAS Scanner 23.40.3
nasl_krb5.h File Reference
#include "nasl_lex_ctxt.h"
#include "nasl_tree.h"
Include dependency graph for nasl_krb5.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions

tree_cellnasl_okrb5_find_kdc (lex_ctxt *lexic)
 Returns the defined KDC of a given Realm.
tree_cellnasl_okrb5_add_realm (lex_ctxt *lexic)
 Adds the given KDC to the given Realm.
tree_cellnasl_okrb5_is_success (lex_ctxt *lexic)
 Returns 1 if the krb5 function was successful 0 otherwise.
tree_cellnasl_okrb5_is_failure (lex_ctxt *lexic)
 Returns 0 if the krb5 function was successful and 1 if it failed.
tree_cellnasl_okrb5_gss_init (lex_ctxt *lexic)
tree_cellnasl_okrb5_gss_prepare_context (lex_ctxt *lexic)
tree_cellnasl_okrb5_gss_update_context (lex_ctxt *lexic)
tree_cellnasl_okrb5_gss_update_context_needs_more (lex_ctxt *lexic)
tree_cellnasl_okrb5_gss_update_context_out (lex_ctxt *lexic)
tree_cellnasl_okrb5_gss_session_key_context (lex_ctxt *lexic)
tree_cellnasl_okrb5_error_code_to_string (lex_ctxt *lexic)
void nasl_okrb5_clean (void)

Function Documentation

◆ nasl_okrb5_add_realm()

tree_cell * nasl_okrb5_add_realm ( lex_ctxt * lexic)

Adds the given KDC to the given Realm.

This function returns 0 on success. To retrieve a human readable error message, the function okrb5_result can be used.

The nasl function has three optional parameter:

  • realm: The realm for which the KDC should be returned. If the realm is not defined, then the env parameter KRB5_REALM is used.
  • kdc: The realm for which the KDC should be returned. If the realm is not defined, then the env parameter KRB5_KDC is used.
  • config_path: The path to the krb5.conf file. If the path is not defined, then the env parameter KRB5_CONFIG is used.

This function should only be used for debug purposes.

Parameters
[in]lexicNASL lexer.
Returns
lex cell containing a number indicating success or failure.

Definition at line 172 of file nasl_krb5.c.

173{
174 tree_cell *retc;
175 OKrb5Credential credential;
176 char *kdc = get_str_var_by_name (lexic, "kdc");
177 if (kdc == NULL)
178 {
179 kdc = getenv ("KRB5_KDC");
180 if (kdc == NULL)
181 {
182 last_okrb5_result = O_KRB5_EXPECTED_NOT_NULL;
183 NASL_PRINT_KRB_ERROR (lexic, credential, last_okrb5_result);
184 goto exit;
185 }
186 }
187
188 credential = build_krb5_credential (lexic);
189
190 if ((last_okrb5_result = o_krb5_add_realm (&credential, kdc)))
191 {
192 NASL_PRINT_KRB_ERROR (lexic, credential, last_okrb5_result);
193 }
194
195exit:
196 retc = alloc_typed_cell (CONST_INT);
197 retc->x.i_val = last_okrb5_result;
198 return retc;
199}
last_okrb5_result
static OKrb5ErrorCode last_okrb5_result
Definition nasl_krb5.c:33
NASL_PRINT_KRB_ERROR
#define NASL_PRINT_KRB_ERROR(lexic, credential, result)
Definition nasl_krb5.c:17
build_krb5_credential
static OKrb5Credential build_krb5_credential(lex_ctxt *lexic)
Definition nasl_krb5.c:76
get_str_var_by_name
char * get_str_var_by_name(lex_ctxt *, const char *)
Definition nasl_var.c:1118
alloc_typed_cell
tree_cell * alloc_typed_cell(int typ)
Definition nasl_tree.c:25
CONST_INT
@ CONST_INT
Definition nasl_tree.h:79
tree_cell
struct TC tree_cell
o_krb5_add_realm
OKrb5ErrorCode o_krb5_add_realm(const OKrb5Credential *creds, const char *kdc)
Definition openvas-krb5.c:247
O_KRB5_EXPECTED_NOT_NULL
@ O_KRB5_EXPECTED_NOT_NULL
Definition openvas-krb5.h:26
TC::i_val
long int i_val
Definition nasl_tree.h:104
TC::x
union TC::@332262321161220155002104006201360276211317150140 x

References alloc_typed_cell(), build_krb5_credential(), CONST_INT, get_str_var_by_name(), TC::i_val, last_okrb5_result, NASL_PRINT_KRB_ERROR, o_krb5_add_realm(), O_KRB5_EXPECTED_NOT_NULL, and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_clean()

void nasl_okrb5_clean ( void )

Definition at line 314 of file nasl_krb5.c.

315{
316 if (to_application != NULL)
317 {
318 free (to_application->data);
319 free (to_application);
320 to_application = NULL;
321 }
322 if (cached_gss_context != NULL)
323 {
324 okrb5_gss_free_context (cached_gss_context);
325 }
326}
free
void free(void *)
to_application
static struct OKrb5Slice * to_application
Definition nasl_krb5.c:45
cached_gss_context
static struct OKrb5GSSContext * cached_gss_context
Definition nasl_krb5.c:41
okrb5_gss_free_context
void okrb5_gss_free_context(struct OKrb5GSSContext *context)
Definition openvas-krb5.c:405

References cached_gss_context, free(), okrb5_gss_free_context(), and to_application.

Referenced by openvas().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ nasl_okrb5_error_code_to_string()

tree_cell * nasl_okrb5_error_code_to_string ( lex_ctxt * lexic)

Definition at line 381 of file nasl_krb5.c.

382{
383 (void) lexic;
384 tree_cell *retc = alloc_typed_cell (CONST_STR);
385 retc->x.str_val = okrb5_error_code_to_string (last_okrb5_result);
386 retc->size = strlen (retc->x.str_val);
387 return retc;
388}
CONST_STR
@ CONST_STR
Definition nasl_tree.h:80
okrb5_error_code_to_string
char * okrb5_error_code_to_string(const OKrb5ErrorCode code)
Definition openvas-krb5.c:600
TC::size
long int size
Definition nasl_tree.h:99
TC::str_val
char * str_val
Definition nasl_tree.h:103

References alloc_typed_cell(), CONST_STR, last_okrb5_result, okrb5_error_code_to_string(), TC::size, TC::str_val, and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_find_kdc()

tree_cell * nasl_okrb5_find_kdc ( lex_ctxt * lexic)

Returns the defined KDC of a given Realm.

This function returns the KDC of a given Realm. The Realm is defined in the krb5.conf file. If there is no KDC for the given Realm, the function returns NULL within the tree_cell to the script.

The nasl function has two optional parameter:

  • realm: The realm for which the KDC should be returned. If the realm is not defined, then the env parameter KRB5_REALM is used.
  • config_path: The path to the krb5.conf file. If the path is not defined, then the env parameter KRB5_CONFIG is used.

This function should only be used for debug purposes.

Parameters
[in]lexicNASL lexer.
Returns
lex cell containing the KDC as a string.

Definition at line 151 of file nasl_krb5.c.

152{
153 tree_cell *retc;
154 char *kdc = NULL;
155 OKrb5Credential credential;
156
157 credential = build_krb5_credential (lexic);
158
159 if ((last_okrb5_result = o_krb5_find_kdc (&credential, &kdc)))
160 {
161 NASL_PRINT_KRB_ERROR (lexic, credential, last_okrb5_result);
162 return FAKE_CELL;
163 }
164
165 retc = alloc_typed_cell (CONST_DATA);
166 retc->x.str_val = kdc;
167 retc->size = strlen (kdc);
168 return retc;
169}
CONST_DATA
@ CONST_DATA
Definition nasl_tree.h:82
FAKE_CELL
#define FAKE_CELL
Definition nasl_tree.h:110
o_krb5_find_kdc
OKrb5ErrorCode o_krb5_find_kdc(const OKrb5Credential *creds, char **kdc)
Definition openvas-krb5.c:85

References alloc_typed_cell(), build_krb5_credential(), CONST_DATA, FAKE_CELL, last_okrb5_result, NASL_PRINT_KRB_ERROR, o_krb5_find_kdc(), TC::size, TC::str_val, and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_gss_init()

tree_cell * nasl_okrb5_gss_init ( lex_ctxt * lexic)

Definition at line 245 of file nasl_krb5.c.

246{
247 (void) lexic;
248 cached_gss_context = okrb5_gss_init_context ();
249 if (cached_gss_context == NULL)
250 {
251 last_okrb5_result = O_KRB5_EXPECTED_NOT_NULL;
252 }
253 else
254 {
255 last_okrb5_result = O_KRB5_SUCCESS;
256 };
257 tree_cell *retc = alloc_typed_cell (CONST_INT);
258 retc->x.i_val = last_okrb5_result;
259 return retc;
260}
okrb5_gss_init_context
struct OKrb5GSSContext * okrb5_gss_init_context(void)
Definition openvas-krb5.c:392
O_KRB5_SUCCESS
@ O_KRB5_SUCCESS
Definition openvas-krb5.h:18

References alloc_typed_cell(), cached_gss_context, CONST_INT, TC::i_val, last_okrb5_result, O_KRB5_EXPECTED_NOT_NULL, O_KRB5_SUCCESS, okrb5_gss_init_context(), and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_gss_prepare_context()

tree_cell * nasl_okrb5_gss_prepare_context ( lex_ctxt * lexic)

Definition at line 262 of file nasl_krb5.c.

263{
264 (void) lexic;
265
266 OKrb5Credential credential;
267 credential = build_krb5_credential (lexic);
268 OKrb5ErrorCode result = O_KRB5_SUCCESS;
269 if (cached_gss_context == NULL)
270 {
271 cached_gss_context = okrb5_gss_init_context ();
272 }
273 result = o_krb5_gss_prepare_context (&credential, cached_gss_context);
274 tree_cell *retc = alloc_typed_cell (CONST_INT);
275 retc->x.i_val = result;
276 last_okrb5_result = result;
277 return retc;
278}
o_krb5_gss_prepare_context
OKrb5ErrorCode o_krb5_gss_prepare_context(const OKrb5Credential *creds, struct OKrb5GSSContext *gss_context)
Definition openvas-krb5.c:445
OKrb5ErrorCode
OKrb5ErrorCode
Definition openvas-krb5.h:17

References alloc_typed_cell(), build_krb5_credential(), cached_gss_context, CONST_INT, TC::i_val, last_okrb5_result, o_krb5_gss_prepare_context(), O_KRB5_SUCCESS, okrb5_gss_init_context(), and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_gss_session_key_context()

tree_cell * nasl_okrb5_gss_session_key_context ( lex_ctxt * lexic)

Definition at line 362 of file nasl_krb5.c.

363{
364 (void) lexic;
365 struct OKrb5Slice *session_key = NULL;
366 if (cached_gss_context == NULL)
367 {
368 last_okrb5_result = O_KRB5_EXPECTED_NOT_NULL;
369 return FAKE_CELL;
370 }
371 if ((last_okrb5_result =
372 o_krb5_gss_session_key_context (cached_gss_context, &session_key))
373 != O_KRB5_SUCCESS)
374 {
375 return FAKE_CELL;
376 }
377 return okrb5_slice_to_tree_cell (session_key);
378}
okrb5_slice_to_tree_cell
static tree_cell * okrb5_slice_to_tree_cell(struct OKrb5Slice *slice)
Definition nasl_krb5.c:338
o_krb5_gss_session_key_context
OKrb5ErrorCode o_krb5_gss_session_key_context(struct OKrb5GSSContext *gss_context, struct OKrb5Slice **out)
Definition openvas-krb5.c:563

References cached_gss_context, FAKE_CELL, last_okrb5_result, O_KRB5_EXPECTED_NOT_NULL, o_krb5_gss_session_key_context(), O_KRB5_SUCCESS, and okrb5_slice_to_tree_cell().

Here is the call graph for this function:

◆ nasl_okrb5_gss_update_context()

tree_cell * nasl_okrb5_gss_update_context ( lex_ctxt * lexic)

Definition at line 282 of file nasl_krb5.c.

283{
284 OKrb5ErrorCode result = O_KRB5_SUCCESS;
285 tree_cell *retc;
286 struct OKrb5Slice from_application;
287
288 if (to_application != NULL)
289 {
290 free (to_application->data);
291 free (to_application);
292 to_application = NULL;
293 }
294
295 from_application.data = (void *) get_str_var_by_num (lexic, 0);
296 from_application.len = get_var_size_by_num (lexic, 0);
297
298 if (cached_gss_context == NULL)
299 {
300 last_okrb5_result = O_KRB5_EXPECTED_NOT_NULL;
301 goto result;
302 }
303 result =
304 o_krb5_gss_update_context (cached_gss_context, &from_application,
305 &to_application, &gss_update_context_more);
306result:
307 retc = alloc_typed_cell (CONST_INT);
308 retc->x.i_val = result;
309 last_okrb5_result = result;
310 return retc;
311}
gss_update_context_more
static bool gss_update_context_more
Definition nasl_krb5.c:49
get_var_size_by_num
long int get_var_size_by_num(lex_ctxt *, int)
Definition nasl_var.c:1145
get_str_var_by_num
char * get_str_var_by_num(lex_ctxt *, int)
Definition nasl_var.c:1108
o_krb5_gss_update_context
OKrb5ErrorCode o_krb5_gss_update_context(struct OKrb5GSSContext *gss_context, const struct OKrb5Slice *in_data, struct OKrb5Slice **out_data, bool *more)
Definition openvas-krb5.c:521
OKrb5Slice::data
void * data
Definition openvas-krb5.h:40

References alloc_typed_cell(), cached_gss_context, CONST_INT, OKrb5Slice::data, free(), get_str_var_by_num(), get_var_size_by_num(), gss_update_context_more, TC::i_val, last_okrb5_result, OKrb5Slice::len, O_KRB5_EXPECTED_NOT_NULL, o_krb5_gss_update_context(), O_KRB5_SUCCESS, to_application, and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_gss_update_context_needs_more()

tree_cell * nasl_okrb5_gss_update_context_needs_more ( lex_ctxt * lexic)

Definition at line 329 of file nasl_krb5.c.

330{
331 (void) lexic;
332 tree_cell *retc = alloc_typed_cell (CONST_INT);
333 retc->x.i_val = gss_update_context_more;
334 return retc;
335}

References alloc_typed_cell(), CONST_INT, gss_update_context_more, TC::i_val, and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_gss_update_context_out()

tree_cell * nasl_okrb5_gss_update_context_out ( lex_ctxt * lexic)

Definition at line 347 of file nasl_krb5.c.

348{
349 (void) lexic;
350 if (to_application == NULL)
351 {
352 return FAKE_CELL;
353 }
354 tree_cell *out = okrb5_slice_to_tree_cell (to_application);
355 // we need to prevent accidental free it as it is freed when the tree_cell is
356 // cleaned up
357 to_application = NULL;
358 return out;
359}

References FAKE_CELL, okrb5_slice_to_tree_cell(), and to_application.

Here is the call graph for this function:

◆ nasl_okrb5_is_failure()

tree_cell * nasl_okrb5_is_failure ( lex_ctxt * lexic)

Returns 0 if the krb5 function was successful and 1 if it failed.

The nasl function has one optional parameter:

  • retval: the return value of the krb5 function. If the value is not defined, the return value of the last krb5 function is used.
Parameters
[in]lexicNASL lexer.
Returns
lex cell containing a number indicating success.

Definition at line 235 of file nasl_krb5.c.

236{
237 OKrb5ErrorCode result = get_int_var_by_num (lexic, 0, last_okrb5_result);
238 tree_cell *retc = alloc_typed_cell (CONST_INT);
239 retc->x.i_val = result != O_KRB5_SUCCESS;
240 return retc;
241}
get_int_var_by_num
long int get_int_var_by_num(lex_ctxt *, int, int)
Definition nasl_var.c:1094

References alloc_typed_cell(), CONST_INT, get_int_var_by_num(), TC::i_val, last_okrb5_result, O_KRB5_SUCCESS, and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_is_success()

tree_cell * nasl_okrb5_is_success ( lex_ctxt * lexic)

Returns 1 if the krb5 function was successful 0 otherwise.

The nasl function has one optional parameter:

  • retval: the return value of the krb5 function. If the value is not defined, the return value of the last krb5 function is used.
Parameters
[in]lexicNASL lexer.
Returns
lex cell containing a number indicating success.

Definition at line 214 of file nasl_krb5.c.

215{
216 OKrb5ErrorCode result = get_int_var_by_num (lexic, 0, last_okrb5_result);
217 tree_cell *retc = alloc_typed_cell (CONST_INT);
218 retc->x.i_val = result == O_KRB5_SUCCESS;
219 return retc;
220}

References alloc_typed_cell(), CONST_INT, get_int_var_by_num(), TC::i_val, last_okrb5_result, O_KRB5_SUCCESS, and TC::x.

Here is the call graph for this function: