table_driven_lsc.c File Reference
#include "table_driven_lsc.h"#include "base/networking.h"#include "kb_cache.h"#include "plugutils.h"#include <ctype.h>#include <curl/curl.h>#include <gnutls/gnutls.h>#include <gvm/base/prefs.h>#include <gvm/util/mqtt.h>#include <gvm/util/uuidutils.h>#include <json-glib/json-glib.h>#include <stddef.h>
Include dependency graph for table_driven_lsc.c:
This graph shows which files directly or indirectly include this file:
Go to the source code of this file.
Data Structures | |
| struct | notus_info |
| Struct to hold necessary information to call and run notus. More... | |
| struct | string |
| Define a string struct for storing the response. More... | |
Macros | |
| #define | G_LOG_DOMAIN "lib misc" |
| GLib logging domain. | |
| #define | RSNOTUS |
Typedefs | |
| typedef struct notus_info * | notus_info_t |
Functions | |
| void | set_lsc_flag (void) |
| Set lsc_flag to 1. | |
| int | lsc_has_run (void) |
| Get lsc_flag value. | |
| static JsonBuilder * | add_packages_str_to_list (JsonBuilder *builder, const gchar *packages) |
| Split the package list string and creates a json array. | |
| static gchar * | make_table_driven_lsc_info_json_str (const char *scan_id, const char *ip_str, const char *hostname, const char *os_release, const char *package_list) |
| Build a json object with data necessary to start a table drive LSC. | |
| static gchar * | get_status_of_table_driven_lsc_from_json (const char *scan_id, const char *host_ip, const char *json, int len) |
| Get the status of table driven lsc from json object. | |
| static notus_info_t | init_notus_info (const char *server) |
| Initialize a notus info struct and stores the server URL. | |
| static void | free_notus_info (notus_info_t notusdata) |
| Free notus info structure. | |
| static char * | help_tolower (char *s) |
| helper function to lower case | |
| static gchar * | make_package_list_as_json_str (const char *packages) |
| Build a json array from the package list to start a table drive LSC. | |
| static int | parse_server (notus_info_t *notusdata) |
| Parse the server URL. | |
| static advisories_t * | advisories_new_notus () |
| Initialize a new advisories struct with 100 slots. | |
| static advisories_t * | advisories_new_skiron () |
| Initialize a new advisories struct with 100 slots. | |
| static void | advisories_add (advisories_t *advisories_list, advisory_t *notus_advisory) |
| Initialize a new advisories struct with 100 slots. | |
| static advisory_t * | advisory_new (char *oid) |
| Initialize a new notus_advisory. | |
| static skiron_advisory_t * | skiron_advisory_new (char *oid, char *message) |
| static void | advisory_add_vuln_pkg (advisory_t *adv, vuln_pkg_t *vuln) |
| Add a new vulnerability to the notus_advisory. | |
| static void | advisory_free (advisory_t *notus_advisory) |
| Free()'s an notus_advisory. | |
| static void | skiron_advisory_free (skiron_advisory_t *skiron_advisory) |
| void | advisories_free (advisories_t *advisories) |
| Free()'s an advisories. | |
| static vuln_pkg_t * | vulnerable_pkg_new (const char *pkg_name, const char *install_version, enum fixed_type type, char *item1, char *item2) |
| Creates a new Vulnerable packages which belongs to an notus_advisory. | |
| static advisories_t * | lsc_process_response_notus (JsonReader *reader) |
| static advisories_t * | lsc_process_response_skiron (JsonReader *reader) |
| advisories_t * | lsc_process_response (const gchar *resp, const size_t len) |
| Process a json object which contains advisories and vulnerable packages. | |
| static void | init_string (struct string *s) |
| Initialize the string struct to hold the response. | |
| static size_t | response_callback_fn (void *ptr, size_t size, size_t nmemb, void *struct_string) |
| Call back function to stored the response. | |
| static long | send_request (notus_info_t notusdata, const char *os, const char *pkg_list, char **response) |
| Send a request to the server. | |
| char * | lsc_get_response (const char *pkg_list, const char *os) |
| Sent the installed package list and OS to notus. | |
| static int | call_rs_notus (const char *ip_str, const char *hostname, const char *pkg_list, const char *os) |
| Call notus and stores the results. | |
| int | run_table_driven_lsc (const char *scan_id, const char *ip_str, const char *hostname, const char *package_list, const char *os_release) |
| Publish the necessary data to start a Table driven LSC scan. | |
Variables | |
| static int | lsc_flag = 0 |
| LSC ran or didn't 0 didn't run. 1 ran. | |
Macro Definition Documentation
◆ G_LOG_DOMAIN
| #define G_LOG_DOMAIN "lib misc" |
GLib logging domain.
Definition at line 30 of file table_driven_lsc.c.
◆ RSNOTUS
| #define RSNOTUS |
Definition at line 236 of file table_driven_lsc.c.
Typedef Documentation
◆ notus_info_t
| typedef struct notus_info* notus_info_t |
Definition at line 252 of file table_driven_lsc.c.
Function Documentation
◆ add_packages_str_to_list()
|
static |
Split the package list string and creates a json array.
JSON result consists of scan_id, message type, host ip, hostname, port together with proto, OID, result message and uri.
- Parameters
-
[in/out] builder The Json builder to add the array to. [in] packages The installed package list as string
- Returns
- JSON builder including the package list as array.
Definition at line 65 of file table_driven_lsc.c.
66{
67 gchar **package_list = NULL;
68
69 json_builder_set_member_name (builder, "package_list");
70 json_builder_begin_array (builder);
71
72 package_list = g_strsplit (packages, "\n", 0);
73 if (package_list && package_list[0])
74 {
75 int i;
76 for (i = 0; package_list[i]; i++)
77 json_builder_add_string_value (builder, package_list[i]);
78 }
79
80 json_builder_end_array (builder);
81 g_strfreev (package_list);
82
83 return builder;
84}
Referenced by make_table_driven_lsc_info_json_str().
Here is the caller graph for this function:
◆ advisories_add()
|
static |
Initialize a new advisories struct with 100 slots.
- Parameters
-
advisories_list[in/out] An advisories holder to add new advisories into. notus_advisory[in] the new notus_advisory to add in the list
Definition at line 472 of file table_driven_lsc.c.
473{
474 // Reallocate more memory if the list is full
476 {
477 advisories_list->max_size *= 2;
478 advisories_list->advisories =
480 sizeof (advisory_t));
483 * sizeof (advisory_t *));
484 }
486 advisories_list->count++;
487}
Definition table_driven_lsc.h:71
References advisories::advisories, advisories::count, and advisories::max_size.
Referenced by lsc_process_response_notus(), and lsc_process_response_skiron().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ advisories_free()
| void advisories_free | ( | advisories_t * | advisories | ) |
Free()'s an advisories.
- Parameters
-
notus_advisory The advisories holder to be free()'ed. It free()'s all advisories members.
Definition at line 589 of file table_driven_lsc.c.
590{
592 return;
594 {
597 else
599 }
600 advisories = NULL;
601}
Definition table_driven_lsc.h:90
static void advisory_free(advisory_t *notus_advisory)
Free()'s an notus_advisory.
Definition table_driven_lsc.c:545
static void skiron_advisory_free(skiron_advisory_t *skiron_advisory)
Definition table_driven_lsc.c:573
References advisories::advisories, advisory_free(), advisories::count, NOTUS, advisories::skiron_advisories, skiron_advisory_free(), and advisories::type.
Referenced by call_rs_notus(), Ensure(), lsc_process_response_notus(), parse_notus(), and parse_skiron().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ advisories_new_notus()
|
static |
Initialize a new advisories struct with 100 slots.
- Returns
- initialized advisories_t struct. It must be free by the caller with advisories_free()
Definition at line 436 of file table_driven_lsc.c.
437{
439 advisories_list->max_size = 100;
440 advisories_list->advisories =
443
444 return advisories_list;
445}
References advisories::advisories, advisories::max_size, NOTUS, and advisories::type.
Referenced by lsc_process_response_notus().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ advisories_new_skiron()
|
static |
Initialize a new advisories struct with 100 slots.
- Returns
- initialized advisories_t struct. It must be free by the caller with advisories_free()
Definition at line 453 of file table_driven_lsc.c.
454{
456 advisories_list->max_size = 100;
457 advisories_list->skiron_advisories =
460
461 return advisories_list;
462}
References advisories::max_size, SKIRON, advisories::skiron_advisories, and advisories::type.
Referenced by lsc_process_response_skiron().
Here is the caller graph for this function:
◆ advisory_add_vuln_pkg()
|
static |
Add a new vulnerability to the notus_advisory.
@description Each notus_advisory can have multiple vulnerable packages This structure can hold up to 100 packages.
- Parameters
-
adv[in/out] The notus_advisory to add the vulnerable package into vuln[in] The vulnerable package to add.
Definition at line 524 of file table_driven_lsc.c.
525{
527 {
528 g_warning (
529 "%s: Failed adding new vulnerable package to the notus_advisory %s. "
530 "No more free slots",
531 __func__, adv->oid);
532 return;
533 }
534
536 adv->count++;
537}
References notus_advisory::count, notus_advisory::oid, and notus_advisory::pkgs.
Referenced by lsc_process_response_notus().
Here is the caller graph for this function:
◆ advisory_free()
|
static |
Free()'s an notus_advisory.
- Parameters
-
notus_advisory The notus_advisory to be free()'ed. It free()'s all vulnerable packages that belong to this notus_advisory.
Definition at line 545 of file table_driven_lsc.c.
546{
548 return;
549
552 {
554 {
558 {
561 }
563 {
566 }
567 }
568 }
569 notus_advisory = NULL;
570}
References notus_advisory::count, vulnerable_pkg::install_version, notus_advisory::oid, vulnerable_pkg::pkg_name, notus_advisory::pkgs, RANGE, vulnerable_pkg::range, SINGLE, fixed_version::specifier, version_range::start, version_range::stop, vulnerable_pkg::type, fixed_version::version, and vulnerable_pkg::version.
Referenced by advisories_free(), and lsc_process_response_notus().
Here is the caller graph for this function:
◆ advisory_new()
|
static |
Initialize a new notus_advisory.
- Parameters
-
oid The notus_advisory's OID
- Returns
- initialized advisory_t struct
Definition at line 496 of file table_driven_lsc.c.
References notus_advisory::count, notus_advisory::oid, and oid.
Referenced by lsc_process_response_notus().
Here is the caller graph for this function:
◆ call_rs_notus()
|
static |
Call notus and stores the results.
- Parameters
-
ip_str Target's IP address. hostname Target's hostname. pkg_list List of packages installed in the target. The packages are "\n" separated. os Name of the target's operating system.
- Returns
- Count of stored results. -1 on error.
Definition at line 1060 of file table_driven_lsc.c.
1062{
1063 char *body = NULL;
1065 int res_count = 0;
1067 return -1;
1068
1070 g_free (body);
1071
1073 {
1074 g_message ("%s: Unable to process response", __func__);
1075 return -1;
1076 }
1077
1078 // Process the advisories, generate results and store them in the kb
1080 {
1082 gchar *buffer;
1083 GString *result = g_string_new (NULL);
1084
1086 {
1087 g_message ("%s: Unable to process response. No notus advisories",
1088 __func__);
1089 g_string_free (result, TRUE);
1091 return -1;
1092 }
1094 {
1096 GString *res = g_string_new (NULL);
1097
1099 {
1100 g_string_printf (res,
1101 "\n"
1102 "Vulnerable package: %s\n"
1103 "Installed version: %s-%s\n"
1104 "Fixed version: < %s-%s\n"
1105 "Fixed version: >=%s-%s\n",
1110 }
1112 {
1113 g_string_printf (res,
1114 "\n"
1115 "Vulnerable package: %s\n"
1116 "Installed version: %s-%s\n"
1117 "Fixed version: %2s%s-%s\n",
1121 }
1122 else
1123 {
1124 g_warning ("%s: Unknown fixed version type for notus_advisory %s",
1126 g_string_free (result, TRUE);
1128 return -1;
1129 }
1130 g_string_append (result, res->str);
1131 g_string_free (res, TRUE);
1132 }
1133
1134 // type|||IP|||HOSTNAME|||package|||OID|||the result message|||URI
1135 buffer = g_strdup_printf ("%s|||%s|||%s|||%s|||%s|||%s|||%s", "ALARM",
1138 g_string_free (result, TRUE);
1140 buffer);
1141 res_count++;
1142 g_free (buffer);
1143 }
1144
1146 return res_count;
1147}
kb_t get_main_kb(void)
gets the main_kb. @description returns the previously set main_kb; when asserts are enabled it will a...
Definition kb_cache.c:41
int kb_item_push_str_with_main_kb_check(kb_t kb, const char *name, const char *value)
Check if the current kb corresponds to the original scanid, if it matches it kb_item_push_str....
Definition plugutils.c:533
char * lsc_get_response(const char *pkg_list, const char *os)
Sent the installed package list and OS to notus.
Definition table_driven_lsc.c:1012
void advisories_free(advisories_t *advisories)
Free()'s an advisories.
Definition table_driven_lsc.c:589
advisories_t * lsc_process_response(const gchar *resp, const size_t len)
Process a json object which contains advisories and vulnerable packages.
Definition table_driven_lsc.c:821
References advisories::advisories, advisories_free(), advisories::count, notus_advisory::count, get_main_kb(), hostname, vulnerable_pkg::install_version, kb_item_push_str_with_main_kb_check(), lsc_get_response(), lsc_process_response(), notus_advisory::oid, vulnerable_pkg::pkg_name, notus_advisory::pkgs, RANGE, vulnerable_pkg::range, SINGLE, fixed_version::specifier, version_range::start, version_range::stop, vulnerable_pkg::type, fixed_version::version, and vulnerable_pkg::version.
Referenced by run_table_driven_lsc().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ free_notus_info()
|
static |
Free notus info structure.
- Parameters
-
notusdata The data to free()
Definition at line 276 of file table_driven_lsc.c.
277{
278 if (notusdata)
279 {
280 g_free (notusdata->server);
281 g_free (notusdata->schema);
282 g_free (notusdata->host);
283 g_free (notusdata->alpn);
284 g_free (notusdata->http_version);
285 }
286}
References notus_info::alpn, notus_info::host, notus_info::http_version, notus_info::schema, and notus_info::server.
Referenced by lsc_get_response().
Here is the caller graph for this function:
◆ get_status_of_table_driven_lsc_from_json()
|
static |
Get the status of table driven lsc from json object.
Checks for the corresponding status inside the JSON. If the status does not belong the the scan or host, NULL is returned instead. NULL is also returned if message JSON cannot be parsed correctly. Return value has to be freed by caller.
- Returns
- gchar* Status of table driven lsc or NULL
Definition at line 175 of file table_driven_lsc.c.
178{
179 JsonParser *parser;
180 JsonReader *reader = NULL;
181
182 GError *err = NULL;
183 gchar *ret = NULL;
184
185 parser = json_parser_new ();
187 {
188 goto cleanup;
189 }
190
191 reader = json_reader_new (json_parser_get_root (parser));
192
193 // Check for Scan ID
194 if (!json_reader_read_member (reader, "scan_id"))
195 {
196 goto cleanup;
197 }
199 {
200 goto cleanup;
201 }
202 json_reader_end_member (reader);
203
204 // Check Host IP
205 if (!json_reader_read_member (reader, "host_ip"))
206 {
207 goto cleanup;
208 }
209 if (g_strcmp0 (json_reader_get_string_value (reader), host_ip))
210 {
211 goto cleanup;
212 }
213 json_reader_end_member (reader);
214
215 // Check Status
216 if (!json_reader_read_member (reader, "status"))
217 {
218 goto cleanup;
219 }
220 ret = g_strdup (json_reader_get_string_value (reader));
221
222 json_reader_end_member (reader);
223
224cleanup:
225 if (reader)
226 g_object_unref (reader);
227 g_object_unref (parser);
228 if (err != NULL)
229 {
230 g_warning ("%s: Unable to parse json. Reason: %s", __func__,
231 err->message);
232 }
233 return ret;
234}
Referenced by run_table_driven_lsc().
Here is the caller graph for this function:
◆ help_tolower()
|
static |
helper function to lower case
- Parameters
-
s the string to lower case
- Returns
- pointer to the modified string.
Definition at line 295 of file table_driven_lsc.c.
296{
297 for (char *p = s; *p; p++)
298 *p = tolower (*p);
299 return s;
300}
Referenced by parse_server(), and send_request().
Here is the caller graph for this function:
◆ init_notus_info()
|
static |
Initialize a notus info struct and stores the server URL.
- Parameters
-
server Original server to store and to get the info from
- Returns
- the initialized struct. NULL on error.
Definition at line 261 of file table_driven_lsc.c.
262{
263 notus_info_t notusdata;
265 if (!notusdata)
266 return NULL;
267 notusdata->server = g_strdup (server);
268 return notusdata;
269}
Struct to hold necessary information to call and run notus.
Definition table_driven_lsc.c:242
References notus_info::server.
Referenced by lsc_get_response().
Here is the caller graph for this function:
◆ init_string()
|
static |
Initialize the string struct to hold the response.
- Parameters
-
s[in/out] The string struct to be initialized
Definition at line 870 of file table_driven_lsc.c.
871{
872 s->len = 0;
875 {
876 g_warning ("%s: Error allocating memory for response", __func__);
877 return;
878 }
880}
References string::len, and string::ptr.
Referenced by send_request().
Here is the caller graph for this function:
◆ lsc_get_response()
| char * lsc_get_response | ( | const char * | pkg_list, |
| const char * | os ) |
Sent the installed package list and OS to notus.
- Parameters
-
pkg_list Installed package list os The target's OS
- Returns
- String containing the server response or NULL Must be free()'ed by the caller.
Definition at line 1012 of file table_driven_lsc.c.
1013{
1014 const char *server = NULL;
1015 char *json_pkglist;
1016 char *response = NULL;
1017 notus_info_t notusdata;
1018 long ret;
1019
1020 // Parse the server and get the port, host, schema
1021 // and necessary information to build the message
1022 server = prefs_get ("openvasd_server");
1023 notusdata = init_notus_info (server);
1024
1026 {
1027 free_notus_info (notusdata);
1028 return NULL;
1029 }
1030
1031 // Convert the package list string into a string containing json
1032 // array of packages
1034 {
1035 free_notus_info (notusdata);
1036 return NULL;
1037 }
1038
1039 ret = send_request (notusdata, os, json_pkglist, &response);
1040 if (ret != 200)
1041 g_warning ("%ld: Error sending request to openvasd: %s", ret, response);
1042
1043 free_notus_info (notusdata);
1044 g_free (json_pkglist);
1045
1046 return response;
1047}
static notus_info_t init_notus_info(const char *server)
Initialize a notus info struct and stores the server URL.
Definition table_driven_lsc.c:261
static void free_notus_info(notus_info_t notusdata)
Free notus info structure.
Definition table_driven_lsc.c:276
static long send_request(notus_info_t notusdata, const char *os, const char *pkg_list, char **response)
Send a request to the server.
Definition table_driven_lsc.c:917
static int parse_server(notus_info_t *notusdata)
Parse the server URL.
Definition table_driven_lsc.c:359
static gchar * make_package_list_as_json_str(const char *packages)
Build a json array from the package list to start a table drive LSC.
Definition table_driven_lsc.c:312
References free_notus_info(), init_notus_info(), make_package_list_as_json_str(), parse_server(), and send_request().
Referenced by call_rs_notus(), and nasl_notus().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ lsc_has_run()
| int lsc_has_run | ( | void | ) |
Get lsc_flag value.
Definition at line 48 of file table_driven_lsc.c.
49{
51}
References lsc_flag.
Referenced by attack_host().
Here is the caller graph for this function:
◆ lsc_process_response()
| advisories_t * lsc_process_response | ( | const gchar * | resp, |
| const size_t | len ) |
Process a json object which contains advisories and vulnerable packages.
@description This is the body string in response get from an openvasd server
- Parameters
-
resp String containing the json object to be processed. len String length.
- Returns
- a advisories_t struct containing all advisories and vulnerable packages. After usage must be free()'ed with advisories_free().
Definition at line 821 of file table_driven_lsc.c.
822{
823 JsonParser *parser = NULL;
824 JsonReader *reader = NULL;
825 GError *err = NULL;
826
828
829 parser = json_parser_new ();
831 {
832 g_message ("Error parsing");
833 }
834
835 reader = json_reader_new (json_parser_get_root (parser));
836
837 if (json_reader_is_object (reader))
838 {
840 }
841 else if (json_reader_is_array (reader))
842 {
844 }
845 else
846 {
847 g_debug ("Unknown JSON response format");
848 }
849
850 if (reader)
851 g_object_unref (reader);
852 g_object_unref (parser);
853
855}
static advisories_t * lsc_process_response_skiron(JsonReader *reader)
Definition table_driven_lsc.c:779
static advisories_t * lsc_process_response_notus(JsonReader *reader)
Definition table_driven_lsc.c:648
References len, lsc_process_response_notus(), and lsc_process_response_skiron().
Referenced by call_rs_notus(), Ensure(), and nasl_notus().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ lsc_process_response_notus()
|
static |
Definition at line 648 of file table_driven_lsc.c.
649{
652 char **members = json_reader_list_members (reader);
653
654 if (!members || !members[0])
655 {
657 }
658
659 for (int i = 0; members[i]; i++)
660 {
662
663 if (!json_reader_read_member (reader, members[i]))
664 {
665 g_debug ("No member oid");
666 return NULL;
667 }
668 if (!json_reader_is_array (reader))
669 {
670 g_debug ("Is not an array");
671 return NULL;
672 }
673
675
676 int count_pkgs = json_reader_count_elements (reader);
677 g_debug ("There are %d packages for notus_advisory %s", count_pkgs,
678 members[i]);
679 for (int j = 0; j < count_pkgs; j++)
680 {
681 vuln_pkg_t *pkg = NULL;
683 char *installed_version = NULL;
684 char *start = NULL;
685 char *stop = NULL;
686 char *version = NULL;
687 char *specifier = NULL;
689
690 json_reader_read_element (reader, j);
691 if (!json_reader_is_object (reader))
692 {
693 g_warning ("%s: Package %d of notus_advisory %s is not an object",
694 __func__, j, members[i]);
696 return NULL;
697 }
698
699 json_reader_read_member (reader, "name");
700 name = g_strdup (json_reader_get_string_value (reader));
701 json_reader_end_member (reader);
703
704 json_reader_read_member (reader, "installed_version");
705 installed_version = g_strdup (json_reader_get_string_value (reader));
706 json_reader_end_member (reader);
707 g_debug ("installed_version: %s", installed_version);
708
709 json_reader_read_member (reader, "fixed_version");
710 g_debug ("Fixed_version has %d members",
711 json_reader_count_members (reader));
712
713 // Version Range
714 json_reader_read_member (reader, "start");
715 start = g_strdup (json_reader_get_string_value (reader));
716 json_reader_end_member (reader);
717 json_reader_read_member (reader, "end");
718 stop = g_strdup (json_reader_get_string_value (reader));
719 json_reader_end_member (reader);
720 g_debug ("start %s, end: %s", start, stop);
721
722 // version and specifier
723 json_reader_read_member (reader, "version");
724 version = g_strdup (json_reader_get_string_value (reader));
725 json_reader_end_member (reader);
726 json_reader_read_member (reader, "specifier");
727 specifier = g_strdup (json_reader_get_string_value (reader));
728 json_reader_end_member (reader);
729 g_debug ("version %s, specifier: %s", version, specifier);
730
731 // end read fixes version member
732 json_reader_end_member (reader);
733
734 // end package element
735 json_reader_end_element (reader);
736
737 char *item1 = NULL, *item2 = NULL;
738 if (start && stop)
739 {
740 type = RANGE;
741 item1 = start;
742 item2 = stop;
743 }
744 else if (version && specifier)
745 {
746 type = SINGLE;
747 item1 = version;
748 item2 = specifier;
749 }
750 else
751 {
752 g_warning ("%s: Error parsing json element", __func__);
753 g_free (name);
754 g_free (installed_version);
755 g_free (item1);
756 g_free (item2);
759 return NULL;
760 }
761
762 pkg =
764 g_free (name);
765 g_free (installed_version);
766 g_free (item1);
767 g_free (item2);
768
770 }
771 // end notus_advisory
772 json_reader_end_member (reader);
774 }
776}
static advisory_t * advisory_new(char *oid)
Initialize a new notus_advisory.
Definition table_driven_lsc.c:496
static advisories_t * advisories_new_notus()
Initialize a new advisories struct with 100 slots.
Definition table_driven_lsc.c:436
static void advisories_add(advisories_t *advisories_list, advisory_t *notus_advisory)
Initialize a new advisories struct with 100 slots.
Definition table_driven_lsc.c:472
static vuln_pkg_t * vulnerable_pkg_new(const char *pkg_name, const char *install_version, enum fixed_type type, char *item1, char *item2)
Creates a new Vulnerable packages which belongs to an notus_advisory.
Definition table_driven_lsc.c:618
static void advisory_add_vuln_pkg(advisory_t *adv, vuln_pkg_t *vuln)
Add a new vulnerability to the notus_advisory.
Definition table_driven_lsc.c:524
References advisories_add(), advisories_free(), advisories_new_notus(), advisory_add_vuln_pkg(), advisory_free(), advisory_new(), name, NOTUS, RANGE, SINGLE, advisories::type, UNKNOWN, and vulnerable_pkg_new().
Referenced by lsc_process_response().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ lsc_process_response_skiron()
|
static |
Definition at line 779 of file table_driven_lsc.c.
780{
782
783 for (int i = 0; json_reader_read_element (reader, i); i++)
784 {
787 char *message = NULL;
788
789 json_reader_read_member (reader, "oid");
791 json_reader_end_member (reader);
792
793 json_reader_read_member (reader, "message");
794 message = (char *) json_reader_get_string_value (reader);
795 json_reader_end_member (reader);
796
798
800
801 // end element
802 json_reader_end_element (reader);
803 }
804
806}
Definition table_driven_lsc.h:80
static advisories_t * advisories_new_skiron()
Initialize a new advisories struct with 100 slots.
Definition table_driven_lsc.c:453
static skiron_advisory_t * skiron_advisory_new(char *oid, char *message)
Definition table_driven_lsc.c:506
References advisories_add(), advisories_new_skiron(), oid, and skiron_advisory_new().
Referenced by lsc_process_response().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ make_package_list_as_json_str()
|
static |
Build a json array from the package list to start a table drive LSC.
- Parameters
-
packages The installed package list in the target system to be evaluated
- Returns
- String in json format on success. Must be freed by caller. NULL on error.
Definition at line 312 of file table_driven_lsc.c.
313{
314 JsonBuilder *builder;
315 JsonGenerator *gen;
316 JsonNode *root;
317 gchar *json_str = NULL;
318 gchar **package_list = NULL;
319 builder = json_builder_new ();
320
321 json_builder_begin_array (builder);
322
323 package_list = g_strsplit (packages, "\n", 0);
324 if (package_list && package_list[0])
325 {
326 int i;
327 for (i = 0; package_list[i]; i++)
328 json_builder_add_string_value (builder, package_list[i]);
329 }
330
331 json_builder_end_array (builder);
332 g_strfreev (package_list);
333
334 gen = json_generator_new ();
335 root = json_builder_get_root (builder);
336 json_generator_set_root (gen, root);
337 json_str = json_generator_to_data (gen, NULL);
338
339 json_node_free (root);
340 g_object_unref (gen);
341 g_object_unref (builder);
342
343 if (json_str == NULL)
344 g_warning ("%s: Error while creating JSON.", __func__);
345
346 return json_str;
347}
Referenced by Ensure(), and lsc_get_response().
Here is the caller graph for this function:
◆ make_table_driven_lsc_info_json_str()
|
static |
Build a json object with data necessary to start a table drive LSC.
JSON result consists of scan_id, message type, host ip, hostname, port together with proto, OID, result message and uri.
- Parameters
-
scan_id Scan Id. ip_str IP string of host. hostname Name of host. os_release OS release package_list The installed package list in the target system to be evaluated
- Returns
- JSON string on success. Must be freed by caller. NULL on error.
Definition at line 102 of file table_driven_lsc.c.
106{
107 JsonBuilder *builder;
108 JsonGenerator *gen;
109 JsonNode *root;
110 gchar *json_str;
111
112 /* Build the message in json format to be published. */
113 builder = json_builder_new ();
114
115 json_builder_begin_object (builder);
116
117 json_builder_set_member_name (builder, "message_id");
118 builder = json_builder_add_string_value (builder, gvm_uuid_make ());
119
120 json_builder_set_member_name (builder, "group_id");
121 builder = json_builder_add_string_value (builder, gvm_uuid_make ());
122
123 json_builder_set_member_name (builder, "message_type");
124 builder = json_builder_add_string_value (builder, "scan.start");
125
126 json_builder_set_member_name (builder, "created");
127 builder = json_builder_add_int_value (builder, time (NULL));
128
129 json_builder_set_member_name (builder, "scan_id");
130 builder = json_builder_add_string_value (builder, scan_id);
131
132 json_builder_set_member_name (builder, "host_ip");
133 json_builder_add_string_value (builder, ip_str);
134
135 json_builder_set_member_name (builder, "host_name");
136 json_builder_add_string_value (builder, hostname);
137
138 json_builder_set_member_name (builder, "os_release");
139 json_builder_add_string_value (builder, os_release);
140
141 add_packages_str_to_list (builder, package_list);
142
143 json_builder_end_object (builder);
144
145 gen = json_generator_new ();
146 root = json_builder_get_root (builder);
147 json_generator_set_root (gen, root);
148 json_str = json_generator_to_data (gen, NULL);
149
150 json_node_free (root);
151 g_object_unref (gen);
152 g_object_unref (builder);
153
154 if (json_str == NULL)
155 g_warning ("%s: Error while creating JSON.", __func__);
156
157 return json_str;
158}
static JsonBuilder * add_packages_str_to_list(JsonBuilder *builder, const gchar *packages)
Split the package list string and creates a json array.
Definition table_driven_lsc.c:65
References add_packages_str_to_list(), hostname, and scan_id.
Referenced by run_table_driven_lsc().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ parse_server()
|
static |
Parse the server URL.
- Parameters
-
[in] server String containing the server URL Valid is http://example.com:1234 or https://example.com.1234. @notusdata[out] Structure to store information from the URL
- Returns
- 0 on success, -1 on error.
Definition at line 359 of file table_driven_lsc.c.
360{
361 CURLU *h = curl_url ();
362 char *schema = NULL;
364 char *port = NULL;
365
366 if (!notusdata)
367 return -1;
368
369 if (curl_url_set (h, CURLUPART_URL, (*notusdata)->server, 0) > 0)
370 {
371 g_warning ("%s: Error parsing URL %s", __func__, (*notusdata)->server);
372 return -1;
373 }
374
375 curl_url_get (h, CURLUPART_SCHEME, &schema, 0);
376 curl_url_get (h, CURLUPART_HOST, &host, 0);
377 curl_url_get (h, CURLUPART_PORT, &port, 0);
378
380 {
381 g_warning ("%s: Invalid URL %s. It must be in format: "
382 "schema://host:port. E.g. http://localhost:8080",
383 __func__, (*notusdata)->server);
384 curl_url_cleanup (h);
385 curl_free (schema);
386 curl_free (host);
387 curl_free (port);
388 return -1;
389 }
390
391 (*notusdata)->host = g_strdup (host);
392 if (port)
393 (*notusdata)->port = atoi (port);
394 else if (g_strcmp0 (schema, "https"))
395 (*notusdata)->port = 443;
396 else
397 (*notusdata)->port = 80;
398
399 (*notusdata)->schema = g_strdup (help_tolower (schema));
400 if (g_strrstr ((*notusdata)->schema, "https"))
401 {
402 (*notusdata)->tls = 1;
403 (*notusdata)->http_version = g_strdup ("2");
404 (*notusdata)->alpn = g_strdup ("h2");
405 }
406 else if (g_strrstr ((*notusdata)->schema, "http"))
407 {
408 (*notusdata)->tls = 0;
409 (*notusdata)->http_version = g_strdup ("1.1");
410 (*notusdata)->alpn = g_strdup ("http/1.1");
411 }
412 else
413 {
414 g_warning ("%s: Invalid openvasd server schema", (*notusdata)->server);
415 curl_url_cleanup (h);
416 curl_free (schema);
417 curl_free (host);
418 curl_free (port);
419 return -1;
420 }
421
422 curl_url_cleanup (h);
423 curl_free (schema);
424 curl_free (host);
425 curl_free (port);
426
427 return 0;
428}
References help_tolower(), notus_info::port, and notus_info::schema.
Referenced by lsc_get_response().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ response_callback_fn()
|
static |
Call back function to stored the response.
@description The function signature is the necessary to work with libcurl. It stores the response in s. It reallocate memory if necessary.
Definition at line 888 of file table_driven_lsc.c.
889{
893 s->ptr = ptr_aux;
895 {
896 g_warning ("%s: Error allocating memory for response", __func__);
897 return 0; // no memory left
898 }
901 s->len = new_len;
902
903 return size * nmemb;
904}
References string::len, and string::ptr.
Referenced by _http2_req(), and send_request().
Here is the caller graph for this function:
◆ run_table_driven_lsc()
| int run_table_driven_lsc | ( | const char * | scan_id, |
| const char * | ip_str, | ||
| const char * | hostname, | ||
| const char * | package_list, | ||
| const char * | os_release ) |
Publish the necessary data to start a Table driven LSC scan.
If the gather-package-list.nasl plugin was launched, and it generated a valid package list for a supported OS, the table driven LSC scan which is subscribed to the topic will perform a scan an publish the the results to be handle by the sensor/client.
- Returns
- 0 on success, less than 0 on error.
Definition at line 1167 of file table_driven_lsc.c.
1170{
1171 int err = 0;
1172 if (!os_release || !package_list)
1173 return 0;
1174
1175 if (prefs_get ("openvasd_server"))
1176 {
1177 g_message ("Running Notus for %s via openvasd", ip_str);
1179
1180 return err;
1181 }
1182 else
1183 {
1184 gchar *json_str;
1185 gchar *topic;
1186 gchar *payload;
1187 gchar *status = NULL;
1188 int topic_len;
1189 int payload_len;
1190
1191 // Subscribe to status topic
1192 err = mqtt_subscribe ("scanner/status");
1193 if (err)
1194 {
1195 g_warning ("%s: Error starting lsc. Unable to subscribe", __func__);
1196 return -1;
1197 }
1198 /* Get the OS release. TODO: have a list with supported OS. */
1199
1201 os_release, package_list);
1202
1203 // Run table driven lsc
1204 if (json_str == NULL)
1205 return -1;
1206
1207 g_message ("Running Notus for %s", ip_str);
1208 err = mqtt_publish ("scanner/package/cmd/notus", json_str);
1209 if (err)
1210 {
1211 g_warning ("%s: Error publishing message for Notus.", __func__);
1212 g_free (json_str);
1213 return -1;
1214 }
1215
1216 g_free (json_str);
1217
1218 // Wait for Notus scanner to start or interrupt
1219 while (!status)
1220 {
1221 err = mqtt_retrieve_message (&topic, &topic_len, &payload,
1222 &payload_len, 60000);
1223 if (err == -1 || err == 1)
1224 {
1225 g_warning ("%s: Unable to retrieve status message from notus. %s",
1226 __func__, err == 1 ? "Timeout after 60 s." : "");
1227 return -1;
1228 }
1229
1230 // Get status if it belongs to corresponding scan and host
1231 // Else wait for next status message
1232 status = get_status_of_table_driven_lsc_from_json (
1234
1235 g_free (topic);
1236 g_free (payload);
1237 }
1238 // If started wait for it to finish or interrupt
1239 if (!g_strcmp0 (status, "running"))
1240 {
1241 g_debug ("%s: table driven LSC with scan id %s successfully started "
1242 "for host %s",
1243 __func__, scan_id, ip_str);
1244 g_free (status);
1245 status = NULL;
1246 while (!status)
1247 {
1248 err = mqtt_retrieve_message (&topic, &topic_len, &payload,
1249 &payload_len, 60000);
1250 if (err == -1)
1251 {
1252 g_warning (
1253 "%s: Unable to retrieve status message from notus.",
1254 __func__);
1255 return -1;
1256 }
1257 if (err == 1)
1258 {
1259 g_warning (
1260 "%s: Unable to retrieve message. Timeout after 60s.",
1261 __func__);
1262 return -1;
1263 }
1264
1265 status = get_status_of_table_driven_lsc_from_json (
1267 g_free (topic);
1268 g_free (payload);
1269 }
1270 }
1271 else
1272 {
1273 g_warning ("%s: Unable to start lsc. Got status: %s", __func__,
1274 status);
1275 g_free (status);
1276 return -1;
1277 }
1278
1279 if (g_strcmp0 (status, "finished"))
1280 {
1281 g_warning (
1282 "%s: table driven lsc with scan id %s did not finish successfully "
1283 "for host %s. Last status was %s",
1284 __func__, scan_id, ip_str, status);
1285 err = -1;
1286 }
1287 else
1288 g_debug ("%s: table driven lsc with scan id %s successfully finished "
1289 "for host %s",
1290 __func__, scan_id, ip_str);
1291 g_free (status);
1292 }
1293 return err;
1294}
static gchar * make_table_driven_lsc_info_json_str(const char *scan_id, const char *ip_str, const char *hostname, const char *os_release, const char *package_list)
Build a json object with data necessary to start a table drive LSC.
Definition table_driven_lsc.c:102
static gchar * get_status_of_table_driven_lsc_from_json(const char *scan_id, const char *host_ip, const char *json, int len)
Get the status of table driven lsc from json object.
Definition table_driven_lsc.c:175
static int call_rs_notus(const char *ip_str, const char *hostname, const char *pkg_list, const char *os)
Call notus and stores the results.
Definition table_driven_lsc.c:1060
References call_rs_notus(), get_status_of_table_driven_lsc_from_json(), hostname, make_table_driven_lsc_info_json_str(), payload, and scan_id.
Referenced by call_lsc().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ send_request()
|
static |
Send a request to the server.
- Parameters
-
[in] notusdata Structure containing information necessary for the request [in] os Target's operative system. Necessary for the URL path part. [in] pkg_list The package list installed in the target, to be checked [out] response The string containing the results in json format.
- Returns
- the http code or -1 on error
Definition at line 917 of file table_driven_lsc.c.
919{
920 CURL *curl;
921 GString *url = NULL;
922 long http_code = -1;
924 struct curl_slist *customheader = NULL;
925 char *os_aux;
926 GString *xapikey = NULL;
927
928 if ((curl = curl_easy_init ()) == NULL)
929 {
930 g_warning ("Not possible to initialize curl library");
931 return http_code;
932 }
933
934 url = g_string_new (notusdata->server);
935 g_string_append (url, "/notus/");
936
937 //
938 os_aux = help_tolower (g_strdup (os));
939 for (size_t i = 0; i < strlen (os_aux); i++)
940 {
941 if (os_aux[i] == ' ')
942 os_aux[i] = '_';
943 }
944
945 g_string_append (url, os_aux);
946 g_free (os_aux);
947
948 g_debug ("%s: URL: %s", __func__, url->str);
949 // Set URL
950 if (curl_easy_setopt (curl, CURLOPT_URL, g_strdup (url->str)) != CURLE_OK)
951 {
952 g_warning ("Not possible to set the URL");
953 curl_easy_cleanup (curl);
954 return http_code;
955 }
956 g_string_free (url, TRUE);
957
958 // Accept an insecure connection. Don't verify the server certificate
959 curl_easy_setopt (curl, CURLOPT_SSL_VERIFYPEER, 0L);
960 curl_easy_setopt (curl, CURLOPT_SSL_VERIFYHOST, 0L);
961
962 // Set API KEY
963 if (prefs_get ("x-apikey"))
964 {
965 xapikey = g_string_new ("X-APIKEY: ");
966 g_string_append (xapikey, prefs_get ("x-apikey"));
967 customheader = curl_slist_append (customheader, g_strdup (xapikey->str));
968 g_string_free (xapikey, TRUE);
969 }
970 // SET Content type
971 customheader =
972 curl_slist_append (customheader, "Content-Type: application/json");
973 curl_easy_setopt (curl, CURLOPT_HTTPHEADER, customheader);
974 // Set body
975 curl_easy_setopt (curl, CURLOPT_POSTFIELDS, pkg_list);
976 curl_easy_setopt (curl, CURLOPT_POSTFIELDSIZE, strlen (pkg_list));
977
978 // Init the struct where the response is stored and set the callback function
979 init_string (&resp);
980 curl_easy_setopt (curl, CURLOPT_WRITEFUNCTION, response_callback_fn);
981 curl_easy_setopt (curl, CURLOPT_WRITEDATA, &resp);
982
983 int ret = CURLE_OK;
984 if ((ret = curl_easy_perform (curl)) != CURLE_OK)
985 {
986 g_warning ("%s: Error sending request: %d", __func__, ret);
987 curl_easy_cleanup (curl);
988 g_free (resp.ptr);
989 return http_code;
990 }
991
992 curl_easy_getinfo (curl, CURLINFO_RESPONSE_CODE, &http_code);
993
994 curl_easy_cleanup (curl);
995 g_debug ("Server response %s", resp.ptr);
996 *response = g_strdup (resp.ptr);
997 g_free (resp.ptr);
998 // already free()'ed with curl_easy_cleanup().
999
1000 return http_code;
1001}
static size_t response_callback_fn(void *ptr, size_t size, size_t nmemb, void *struct_string)
Call back function to stored the response.
Definition table_driven_lsc.c:888
static void init_string(struct string *s)
Initialize the string struct to hold the response.
Definition table_driven_lsc.c:870
References help_tolower(), init_string(), string::ptr, response_callback_fn(), and notus_info::server.
Referenced by lsc_get_response().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ set_lsc_flag()
| void set_lsc_flag | ( | void | ) |
Set lsc_flag to 1.
Definition at line 40 of file table_driven_lsc.c.
References lsc_flag.
Referenced by process_ipc_data().
Here is the caller graph for this function:
◆ skiron_advisory_free()
|
static |
Definition at line 573 of file table_driven_lsc.c.
References skiron_advisory::message, and skiron_advisory::oid.
Referenced by advisories_free().
Here is the caller graph for this function:
◆ skiron_advisory_new()
|
static |
Definition at line 506 of file table_driven_lsc.c.
References skiron_advisory::message, oid, and skiron_advisory::oid.
Referenced by lsc_process_response_skiron().
Here is the caller graph for this function:
◆ vulnerable_pkg_new()
|
static |
Creates a new Vulnerable packages which belongs to an notus_advisory.
- Parameters
-
pkg_name install_version type Data type specifying how the fixed version is stored. Can be RANGE or SINGLE item1 Depending on the type is the "version" for SINGLE type, or the "less than" for RANGE type item2 Depending on the type is the "specifier" for SINGLE type, or the "greater than" for RANGE type
- Returns
- a vulnerable packages struct. Members are a copy of the passed parameters. They must be free separately.
Definition at line 618 of file table_driven_lsc.c.
620{
621 vuln_pkg_t *vuln = NULL;
622 version_range_t *range = NULL;
623 fixed_version_t *fixed_ver = NULL;
624
626 vuln->pkg_name = g_strdup (pkg_name);
627 vuln->install_version = g_strdup (install_version);
628 vuln->type = type;
630 {
631 range = g_malloc0 (sizeof (range_t));
632 range->start = g_strdup (item1);
633 range->stop = g_strdup (item2);
634 vuln->range = range;
635 }
636 else
637 {
639 fixed_ver->version = g_strdup (item1);
640 fixed_ver->specifier = g_strdup (item2);
641 vuln->version = fixed_ver;
642 }
643
644 return vuln;
645}
References vulnerable_pkg::install_version, vulnerable_pkg::pkg_name, RANGE, vulnerable_pkg::range, fixed_version::specifier, version_range::start, version_range::stop, vulnerable_pkg::type, fixed_version::version, and vulnerable_pkg::version.
Referenced by lsc_process_response_notus().
Here is the caller graph for this function:
Variable Documentation
◆ lsc_flag
|
static |
LSC ran or didn't 0 didn't run. 1 ran.
Definition at line 35 of file table_driven_lsc.c.
Referenced by lsc_has_run(), and set_lsc_flag().
