table_driven_lsc.h File Reference
#include <glib.h>#include <gvm/util/kb.h>
Include dependency graph for table_driven_lsc.h:
This graph shows which files directly or indirectly include this file:
Go to the source code of this file.
Data Structures | |
| struct | fixed_version |
| Fixed version. More... | |
| struct | version_range |
| Specify a version range. More... | |
| struct | vulnerable_pkg |
| Define a vulnerable package. More... | |
| struct | notus_advisory |
| struct | skiron_advisory |
| struct | advisories |
Typedefs | |
| typedef enum advisory_type | advisory_type_t |
| typedef struct fixed_version | fixed_version_t |
| typedef struct version_range | version_range_t |
| typedef struct vulnerable_pkg | vuln_pkg_t |
| typedef struct notus_advisory | advisory_t |
| typedef struct skiron_advisory | skiron_advisory_t |
| typedef struct advisories | advisories_t |
Enumerations | |
| enum | fixed_type { UNKNOWN , RANGE , SINGLE } |
| Fixed version format. More... | |
| enum | advisory_type { NOTUS , SKIRON } |
Functions | |
| void | advisories_free (advisories_t *advisories) |
| Free()'s an advisories. | |
| void | set_lsc_flag (void) |
| Set lsc_flag to 1. | |
| int | lsc_has_run (void) |
| Get lsc_flag value. | |
| int | run_table_driven_lsc (const char *, const char *, const char *, const char *, const char *) |
| Publish the necessary data to start a Table driven LSC scan. | |
| char * | lsc_get_response (const char *pkg_list, const char *os) |
| Sent the installed package list and OS to notus. | |
| advisories_t * | lsc_process_response (const gchar *resp, const size_t len) |
| Process a json object which contains advisories and vulnerable packages. | |
Typedef Documentation
◆ advisories_t
| typedef struct advisories advisories_t |
Definition at line 100 of file table_driven_lsc.h.
◆ advisory_t
| typedef struct notus_advisory advisory_t |
Definition at line 77 of file table_driven_lsc.h.
◆ advisory_type_t
| typedef enum advisory_type advisory_type_t |
Definition at line 32 of file table_driven_lsc.h.
◆ fixed_version_t
| typedef struct fixed_version fixed_version_t |
Definition at line 41 of file table_driven_lsc.h.
◆ skiron_advisory_t
| typedef struct skiron_advisory skiron_advisory_t |
Definition at line 85 of file table_driven_lsc.h.
◆ version_range_t
| typedef struct version_range version_range_t |
Definition at line 50 of file table_driven_lsc.h.
◆ vuln_pkg_t
| typedef struct vulnerable_pkg vuln_pkg_t |
Definition at line 66 of file table_driven_lsc.h.
Enumeration Type Documentation
◆ advisory_type
| enum advisory_type |
| Enumerator | |
|---|---|
| NOTUS | |
| SKIRON | |
Definition at line 26 of file table_driven_lsc.h.
◆ fixed_type
| enum fixed_type |
Fixed version format.
| Enumerator | |
|---|---|
| UNKNOWN | |
| RANGE | |
| SINGLE | |
Definition at line 19 of file table_driven_lsc.h.
20{
24};
Function Documentation
◆ advisories_free()
| void advisories_free | ( | advisories_t * | advisories | ) |
Free()'s an advisories.
- Parameters
-
notus_advisory The advisories holder to be free()'ed. It free()'s all advisories members.
Definition at line 589 of file table_driven_lsc.c.
590{
592 return;
594 {
597 else
599 }
600 advisories = NULL;
601}
Definition table_driven_lsc.h:90
static void advisory_free(advisory_t *notus_advisory)
Free()'s an notus_advisory.
Definition table_driven_lsc.c:545
static void skiron_advisory_free(skiron_advisory_t *skiron_advisory)
Definition table_driven_lsc.c:573
References advisories::advisories, advisory_free(), advisories::count, NOTUS, advisories::skiron_advisories, skiron_advisory_free(), and advisories::type.
Referenced by call_rs_notus(), Ensure(), lsc_process_response_notus(), parse_notus(), and parse_skiron().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ lsc_get_response()
| char * lsc_get_response | ( | const char * | pkg_list, |
| const char * | os ) |
Sent the installed package list and OS to notus.
- Parameters
-
pkg_list Installed package list os The target's OS
- Returns
- String containing the server response or NULL Must be free()'ed by the caller.
Definition at line 1012 of file table_driven_lsc.c.
1013{
1014 const char *server = NULL;
1015 char *json_pkglist;
1016 char *response = NULL;
1017 notus_info_t notusdata;
1018 long ret;
1019
1020 // Parse the server and get the port, host, schema
1021 // and necessary information to build the message
1022 server = prefs_get ("openvasd_server");
1023 notusdata = init_notus_info (server);
1024
1026 {
1027 free_notus_info (notusdata);
1028 return NULL;
1029 }
1030
1031 // Convert the package list string into a string containing json
1032 // array of packages
1034 {
1035 free_notus_info (notusdata);
1036 return NULL;
1037 }
1038
1039 ret = send_request (notusdata, os, json_pkglist, &response);
1040 if (ret != 200)
1041 g_warning ("%ld: Error sending request to openvasd: %s", ret, response);
1042
1043 free_notus_info (notusdata);
1044 g_free (json_pkglist);
1045
1046 return response;
1047}
static notus_info_t init_notus_info(const char *server)
Initialize a notus info struct and stores the server URL.
Definition table_driven_lsc.c:261
static void free_notus_info(notus_info_t notusdata)
Free notus info structure.
Definition table_driven_lsc.c:276
static long send_request(notus_info_t notusdata, const char *os, const char *pkg_list, char **response)
Send a request to the server.
Definition table_driven_lsc.c:917
static int parse_server(notus_info_t *notusdata)
Parse the server URL.
Definition table_driven_lsc.c:359
static gchar * make_package_list_as_json_str(const char *packages)
Build a json array from the package list to start a table drive LSC.
Definition table_driven_lsc.c:312
References free_notus_info(), init_notus_info(), make_package_list_as_json_str(), parse_server(), and send_request().
Referenced by call_rs_notus(), and nasl_notus().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ lsc_has_run()
| int lsc_has_run | ( | void | ) |
Get lsc_flag value.
Definition at line 48 of file table_driven_lsc.c.
49{
51}
References lsc_flag.
Referenced by attack_host().
Here is the caller graph for this function:
◆ lsc_process_response()
| advisories_t * lsc_process_response | ( | const gchar * | resp, |
| const size_t | len ) |
Process a json object which contains advisories and vulnerable packages.
@description This is the body string in response get from an openvasd server
- Parameters
-
resp String containing the json object to be processed. len String length.
- Returns
- a advisories_t struct containing all advisories and vulnerable packages. After usage must be free()'ed with advisories_free().
Definition at line 821 of file table_driven_lsc.c.
822{
823 JsonParser *parser = NULL;
824 JsonReader *reader = NULL;
825 GError *err = NULL;
826
828
829 parser = json_parser_new ();
831 {
832 g_message ("Error parsing");
833 }
834
835 reader = json_reader_new (json_parser_get_root (parser));
836
837 if (json_reader_is_object (reader))
838 {
840 }
841 else if (json_reader_is_array (reader))
842 {
844 }
845 else
846 {
847 g_debug ("Unknown JSON response format");
848 }
849
850 if (reader)
851 g_object_unref (reader);
852 g_object_unref (parser);
853
855}
static advisories_t * lsc_process_response_skiron(JsonReader *reader)
Definition table_driven_lsc.c:779
static advisories_t * lsc_process_response_notus(JsonReader *reader)
Definition table_driven_lsc.c:648
References len, lsc_process_response_notus(), and lsc_process_response_skiron().
Referenced by call_rs_notus(), Ensure(), and nasl_notus().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ run_table_driven_lsc()
| int run_table_driven_lsc | ( | const char * | scan_id, |
| const char * | ip_str, | ||
| const char * | hostname, | ||
| const char * | package_list, | ||
| const char * | os_release ) |
Publish the necessary data to start a Table driven LSC scan.
If the gather-package-list.nasl plugin was launched, and it generated a valid package list for a supported OS, the table driven LSC scan which is subscribed to the topic will perform a scan an publish the the results to be handle by the sensor/client.
- Returns
- 0 on success, less than 0 on error.
Definition at line 1167 of file table_driven_lsc.c.
1170{
1171 int err = 0;
1172 if (!os_release || !package_list)
1173 return 0;
1174
1175 if (prefs_get ("openvasd_server"))
1176 {
1177 g_message ("Running Notus for %s via openvasd", ip_str);
1179
1180 return err;
1181 }
1182 else
1183 {
1184 gchar *json_str;
1185 gchar *topic;
1186 gchar *payload;
1187 gchar *status = NULL;
1188 int topic_len;
1189 int payload_len;
1190
1191 // Subscribe to status topic
1192 err = mqtt_subscribe ("scanner/status");
1193 if (err)
1194 {
1195 g_warning ("%s: Error starting lsc. Unable to subscribe", __func__);
1196 return -1;
1197 }
1198 /* Get the OS release. TODO: have a list with supported OS. */
1199
1201 os_release, package_list);
1202
1203 // Run table driven lsc
1204 if (json_str == NULL)
1205 return -1;
1206
1207 g_message ("Running Notus for %s", ip_str);
1208 err = mqtt_publish ("scanner/package/cmd/notus", json_str);
1209 if (err)
1210 {
1211 g_warning ("%s: Error publishing message for Notus.", __func__);
1212 g_free (json_str);
1213 return -1;
1214 }
1215
1216 g_free (json_str);
1217
1218 // Wait for Notus scanner to start or interrupt
1219 while (!status)
1220 {
1221 err = mqtt_retrieve_message (&topic, &topic_len, &payload,
1222 &payload_len, 60000);
1223 if (err == -1 || err == 1)
1224 {
1225 g_warning ("%s: Unable to retrieve status message from notus. %s",
1226 __func__, err == 1 ? "Timeout after 60 s." : "");
1227 return -1;
1228 }
1229
1230 // Get status if it belongs to corresponding scan and host
1231 // Else wait for next status message
1232 status = get_status_of_table_driven_lsc_from_json (
1234
1235 g_free (topic);
1236 g_free (payload);
1237 }
1238 // If started wait for it to finish or interrupt
1239 if (!g_strcmp0 (status, "running"))
1240 {
1241 g_debug ("%s: table driven LSC with scan id %s successfully started "
1242 "for host %s",
1243 __func__, scan_id, ip_str);
1244 g_free (status);
1245 status = NULL;
1246 while (!status)
1247 {
1248 err = mqtt_retrieve_message (&topic, &topic_len, &payload,
1249 &payload_len, 60000);
1250 if (err == -1)
1251 {
1252 g_warning (
1253 "%s: Unable to retrieve status message from notus.",
1254 __func__);
1255 return -1;
1256 }
1257 if (err == 1)
1258 {
1259 g_warning (
1260 "%s: Unable to retrieve message. Timeout after 60s.",
1261 __func__);
1262 return -1;
1263 }
1264
1265 status = get_status_of_table_driven_lsc_from_json (
1267 g_free (topic);
1268 g_free (payload);
1269 }
1270 }
1271 else
1272 {
1273 g_warning ("%s: Unable to start lsc. Got status: %s", __func__,
1274 status);
1275 g_free (status);
1276 return -1;
1277 }
1278
1279 if (g_strcmp0 (status, "finished"))
1280 {
1281 g_warning (
1282 "%s: table driven lsc with scan id %s did not finish successfully "
1283 "for host %s. Last status was %s",
1284 __func__, scan_id, ip_str, status);
1285 err = -1;
1286 }
1287 else
1288 g_debug ("%s: table driven lsc with scan id %s successfully finished "
1289 "for host %s",
1290 __func__, scan_id, ip_str);
1291 g_free (status);
1292 }
1293 return err;
1294}
static gchar * make_table_driven_lsc_info_json_str(const char *scan_id, const char *ip_str, const char *hostname, const char *os_release, const char *package_list)
Build a json object with data necessary to start a table drive LSC.
Definition table_driven_lsc.c:102
static gchar * get_status_of_table_driven_lsc_from_json(const char *scan_id, const char *host_ip, const char *json, int len)
Get the status of table driven lsc from json object.
Definition table_driven_lsc.c:175
static int call_rs_notus(const char *ip_str, const char *hostname, const char *pkg_list, const char *os)
Call notus and stores the results.
Definition table_driven_lsc.c:1060
References call_rs_notus(), get_status_of_table_driven_lsc_from_json(), hostname, make_table_driven_lsc_info_json_str(), payload, and scan_id.
Referenced by call_lsc().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ set_lsc_flag()
| void set_lsc_flag | ( | void | ) |
Set lsc_flag to 1.
Definition at line 40 of file table_driven_lsc.c.
References lsc_flag.
Referenced by process_ipc_data().
Here is the caller graph for this function:
