OpenVAS Scanner 23.43.1
nasl_krb5.h File Reference
#include "nasl_lex_ctxt.h"
#include "nasl_tree.h"
Include dependency graph for nasl_krb5.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions

tree_cellnasl_okrb5_find_kdc (lex_ctxt *lexic)
 Returns the defined KDC of a given Realm.
tree_cellnasl_okrb5_add_realm (lex_ctxt *lexic)
 Adds the given KDC to the given Realm.
tree_cellnasl_okrb5_is_success (lex_ctxt *lexic)
 Returns 1 if the krb5 function was successful 0 otherwise.
tree_cellnasl_okrb5_is_failure (lex_ctxt *lexic)
 Returns 0 if the krb5 function was successful and 1 if it failed.
tree_cellnasl_okrb5_gss_init (lex_ctxt *lexic)
tree_cellnasl_okrb5_gss_prepare_context (lex_ctxt *lexic)
tree_cellnasl_okrb5_gss_update_context (lex_ctxt *lexic)
tree_cellnasl_okrb5_gss_update_context_needs_more (lex_ctxt *lexic)
tree_cellnasl_okrb5_gss_update_context_out (lex_ctxt *lexic)
tree_cellnasl_okrb5_gss_session_key_context (lex_ctxt *lexic)
tree_cellnasl_okrb5_error_code_to_string (lex_ctxt *lexic)
void nasl_okrb5_clean (void)

Function Documentation

◆ nasl_okrb5_add_realm()

tree_cell * nasl_okrb5_add_realm ( lex_ctxt * lexic)

Adds the given KDC to the given Realm.

This function returns 0 on success. To retrieve a human readable error message, the function okrb5_result can be used.

The nasl function has three optional parameter:

  • realm: The realm for which the KDC should be returned. If the realm is not defined, then the env parameter KRB5_REALM is used.
  • kdc: The realm for which the KDC should be returned. If the realm is not defined, then the env parameter KRB5_KDC is used.
  • config_path: The path to the krb5.conf file. If the path is not defined, then the env parameter KRB5_CONFIG is used.

This function should only be used for debug purposes.

Parameters
[in]lexicNASL lexer.
Returns
lex cell containing a number indicating success or failure.

Definition at line 200 of file nasl_krb5.c.

201{
202 tree_cell *retc;
203 OKrb5Credential credential;
204 char *kdc = get_str_var_by_name (lexic, "kdc");
205 if (kdc == NULL)
206 {
207 kdc = getenv ("KRB5_KDC");
208 if (kdc == NULL)
209 {
210 last_okrb5_result = O_KRB5_EXPECTED_NOT_NULL;
211 NASL_PRINT_KRB_ERROR (lexic, credential, last_okrb5_result);
212 goto exit;
213 }
214 }
215
216 credential = build_krb5_credential (lexic);
217
218 if ((last_okrb5_result = o_krb5_add_realm (&credential, kdc)))
219 {
220 NASL_PRINT_KRB_ERROR (lexic, credential, last_okrb5_result);
221 }
222
223exit:
224 retc = alloc_typed_cell (CONST_INT);
225 retc->x.i_val = last_okrb5_result;
226 return retc;
227}
last_okrb5_result
static OKrb5ErrorCode last_okrb5_result
Definition nasl_krb5.c:37
NASL_PRINT_KRB_ERROR
#define NASL_PRINT_KRB_ERROR(lexic, credential, result)
Definition nasl_krb5.c:21
build_krb5_credential
static OKrb5Credential build_krb5_credential(lex_ctxt *lexic)
Definition nasl_krb5.c:86
get_str_var_by_name
char * get_str_var_by_name(lex_ctxt *, const char *)
Definition nasl_var.c:1118
alloc_typed_cell
tree_cell * alloc_typed_cell(int typ)
Definition nasl_tree.c:25
CONST_INT
@ CONST_INT
Definition nasl_tree.h:79
tree_cell
struct TC tree_cell
o_krb5_add_realm
OKrb5ErrorCode o_krb5_add_realm(const OKrb5Credential *creds, const char *kdc)
Definition openvas-krb5.c:247
O_KRB5_EXPECTED_NOT_NULL
@ O_KRB5_EXPECTED_NOT_NULL
Definition openvas-krb5.h:26
TC::i_val
long int i_val
Definition nasl_tree.h:104
TC::x
union TC::@332262321161220155002104006201360276211317150140 x

References alloc_typed_cell(), build_krb5_credential(), CONST_INT, get_str_var_by_name(), TC::i_val, last_okrb5_result, NASL_PRINT_KRB_ERROR, o_krb5_add_realm(), O_KRB5_EXPECTED_NOT_NULL, and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_clean()

void nasl_okrb5_clean ( void )

Definition at line 340 of file nasl_krb5.c.

341{
342 if (to_application != NULL)
343 {
344 free (to_application->data);
345 free (to_application);
346 to_application = NULL;
347 }
348 if (cached_gss_context != NULL)
349 {
350 okrb5_gss_free_context (cached_gss_context);
351 cached_gss_context = NULL;
352 }
353 if (generated_config_path != NULL)
354 {
355 unlink (generated_config_path);
356 free (generated_config_path);
357 generated_config_path = NULL;
358 }
359}
free
void free(void *)
generated_config_path
static char * generated_config_path
Definition nasl_krb5.c:56
to_application
static struct OKrb5Slice * to_application
Definition nasl_krb5.c:49
cached_gss_context
static struct OKrb5GSSContext * cached_gss_context
Definition nasl_krb5.c:45
okrb5_gss_free_context
void okrb5_gss_free_context(struct OKrb5GSSContext *context)
Definition openvas-krb5.c:405

References cached_gss_context, free(), generated_config_path, okrb5_gss_free_context(), and to_application.

Referenced by exec_nasl_script().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ nasl_okrb5_error_code_to_string()

tree_cell * nasl_okrb5_error_code_to_string ( lex_ctxt * lexic)

Definition at line 414 of file nasl_krb5.c.

415{
416 (void) lexic;
417 tree_cell *retc = alloc_typed_cell (CONST_STR);
418 retc->x.str_val = okrb5_error_code_to_string (last_okrb5_result);
419 retc->size = strlen (retc->x.str_val);
420 return retc;
421}
CONST_STR
@ CONST_STR
Definition nasl_tree.h:80
okrb5_error_code_to_string
char * okrb5_error_code_to_string(const OKrb5ErrorCode code)
Definition openvas-krb5.c:608
TC::size
long int size
Definition nasl_tree.h:99
TC::str_val
char * str_val
Definition nasl_tree.h:103

References alloc_typed_cell(), CONST_STR, last_okrb5_result, okrb5_error_code_to_string(), TC::size, TC::str_val, and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_find_kdc()

tree_cell * nasl_okrb5_find_kdc ( lex_ctxt * lexic)

Returns the defined KDC of a given Realm.

This function returns the KDC of a given Realm. The Realm is defined in the krb5.conf file. If there is no KDC for the given Realm, the function returns NULL within the tree_cell to the script.

The nasl function has two optional parameter:

  • realm: The realm for which the KDC should be returned. If the realm is not defined, then the env parameter KRB5_REALM is used.
  • config_path: The path to the krb5.conf file. If the path is not defined, then the env parameter KRB5_CONFIG is used.

This function should only be used for debug purposes.

Parameters
[in]lexicNASL lexer.
Returns
lex cell containing the KDC as a string.

Definition at line 179 of file nasl_krb5.c.

180{
181 tree_cell *retc;
182 char *kdc = NULL;
183 OKrb5Credential credential;
184
185 credential = build_krb5_credential (lexic);
186
187 if ((last_okrb5_result = o_krb5_find_kdc (&credential, &kdc)))
188 {
189 NASL_PRINT_KRB_ERROR (lexic, credential, last_okrb5_result);
190 return FAKE_CELL;
191 }
192
193 retc = alloc_typed_cell (CONST_DATA);
194 retc->x.str_val = kdc;
195 retc->size = strlen (kdc);
196 return retc;
197}
CONST_DATA
@ CONST_DATA
Definition nasl_tree.h:82
FAKE_CELL
#define FAKE_CELL
Definition nasl_tree.h:110
o_krb5_find_kdc
OKrb5ErrorCode o_krb5_find_kdc(const OKrb5Credential *creds, char **kdc)
Definition openvas-krb5.c:85

References alloc_typed_cell(), build_krb5_credential(), CONST_DATA, FAKE_CELL, last_okrb5_result, NASL_PRINT_KRB_ERROR, o_krb5_find_kdc(), TC::size, TC::str_val, and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_gss_init()

tree_cell * nasl_okrb5_gss_init ( lex_ctxt * lexic)

Definition at line 272 of file nasl_krb5.c.

273{
274 (void) lexic;
275 cached_gss_context = okrb5_gss_init_context ();
276 if (cached_gss_context == NULL)
277 {
278 last_okrb5_result = O_KRB5_EXPECTED_NOT_NULL;
279 }
280 else
281 {
282 last_okrb5_result = O_KRB5_SUCCESS;
283 };
284 tree_cell *retc = alloc_typed_cell (CONST_INT);
285 retc->x.i_val = last_okrb5_result;
286 return retc;
287}
okrb5_gss_init_context
struct OKrb5GSSContext * okrb5_gss_init_context(void)
Definition openvas-krb5.c:392
O_KRB5_SUCCESS
@ O_KRB5_SUCCESS
Definition openvas-krb5.h:18

References alloc_typed_cell(), cached_gss_context, CONST_INT, TC::i_val, last_okrb5_result, O_KRB5_EXPECTED_NOT_NULL, O_KRB5_SUCCESS, okrb5_gss_init_context(), and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_gss_prepare_context()

tree_cell * nasl_okrb5_gss_prepare_context ( lex_ctxt * lexic)

Definition at line 289 of file nasl_krb5.c.

290{
291 (void) lexic;
292
293 OKrb5Credential credential;
294 credential = build_krb5_credential (lexic);
295 OKrb5ErrorCode result = O_KRB5_SUCCESS;
296 if (cached_gss_context == NULL)
297 {
298 cached_gss_context = okrb5_gss_init_context ();
299 }
300 result = o_krb5_gss_prepare_context (&credential, cached_gss_context);
301 tree_cell *retc = alloc_typed_cell (CONST_INT);
302 retc->x.i_val = result;
303 last_okrb5_result = result;
304 return retc;
305}
o_krb5_gss_prepare_context
OKrb5ErrorCode o_krb5_gss_prepare_context(const OKrb5Credential *creds, struct OKrb5GSSContext *gss_context)
Definition openvas-krb5.c:446
OKrb5ErrorCode
OKrb5ErrorCode
Definition openvas-krb5.h:17

References alloc_typed_cell(), build_krb5_credential(), cached_gss_context, CONST_INT, TC::i_val, last_okrb5_result, o_krb5_gss_prepare_context(), O_KRB5_SUCCESS, okrb5_gss_init_context(), and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_gss_session_key_context()

tree_cell * nasl_okrb5_gss_session_key_context ( lex_ctxt * lexic)

Definition at line 395 of file nasl_krb5.c.

396{
397 (void) lexic;
398 struct OKrb5Slice *session_key = NULL;
399 if (cached_gss_context == NULL)
400 {
401 last_okrb5_result = O_KRB5_EXPECTED_NOT_NULL;
402 return FAKE_CELL;
403 }
404 if ((last_okrb5_result =
405 o_krb5_gss_session_key_context (cached_gss_context, &session_key))
406 != O_KRB5_SUCCESS)
407 {
408 return FAKE_CELL;
409 }
410 return okrb5_slice_to_tree_cell (session_key);
411}
okrb5_slice_to_tree_cell
static tree_cell * okrb5_slice_to_tree_cell(struct OKrb5Slice *slice)
Definition nasl_krb5.c:371
o_krb5_gss_session_key_context
OKrb5ErrorCode o_krb5_gss_session_key_context(struct OKrb5GSSContext *gss_context, struct OKrb5Slice **out)
Definition openvas-krb5.c:571

References cached_gss_context, FAKE_CELL, last_okrb5_result, O_KRB5_EXPECTED_NOT_NULL, o_krb5_gss_session_key_context(), O_KRB5_SUCCESS, and okrb5_slice_to_tree_cell().

Here is the call graph for this function:

◆ nasl_okrb5_gss_update_context()

tree_cell * nasl_okrb5_gss_update_context ( lex_ctxt * lexic)

Definition at line 308 of file nasl_krb5.c.

309{
310 OKrb5ErrorCode result = O_KRB5_SUCCESS;
311 tree_cell *retc;
312 struct OKrb5Slice from_application;
313
314 if (to_application != NULL)
315 {
316 free (to_application->data);
317 free (to_application);
318 to_application = NULL;
319 }
320
321 from_application.data = (void *) get_str_var_by_num (lexic, 0);
322 from_application.len = get_var_size_by_num (lexic, 0);
323
324 if (cached_gss_context == NULL)
325 {
326 last_okrb5_result = O_KRB5_EXPECTED_NOT_NULL;
327 goto result;
328 }
329 result =
330 o_krb5_gss_update_context (cached_gss_context, &from_application,
331 &to_application, &gss_update_context_more);
332result:
333 retc = alloc_typed_cell (CONST_INT);
334 retc->x.i_val = result;
335 last_okrb5_result = result;
336 return retc;
337}
gss_update_context_more
static bool gss_update_context_more
Definition nasl_krb5.c:53
get_var_size_by_num
long int get_var_size_by_num(lex_ctxt *, int)
Definition nasl_var.c:1145
get_str_var_by_num
char * get_str_var_by_num(lex_ctxt *, int)
Definition nasl_var.c:1108
o_krb5_gss_update_context
OKrb5ErrorCode o_krb5_gss_update_context(struct OKrb5GSSContext *gss_context, const struct OKrb5Slice *in_data, struct OKrb5Slice **out_data, bool *more)
Definition openvas-krb5.c:529
OKrb5Slice::data
void * data
Definition openvas-krb5.h:40

References alloc_typed_cell(), cached_gss_context, CONST_INT, OKrb5Slice::data, free(), get_str_var_by_num(), get_var_size_by_num(), gss_update_context_more, TC::i_val, last_okrb5_result, OKrb5Slice::len, O_KRB5_EXPECTED_NOT_NULL, o_krb5_gss_update_context(), O_KRB5_SUCCESS, to_application, and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_gss_update_context_needs_more()

tree_cell * nasl_okrb5_gss_update_context_needs_more ( lex_ctxt * lexic)

Definition at line 362 of file nasl_krb5.c.

363{
364 (void) lexic;
365 tree_cell *retc = alloc_typed_cell (CONST_INT);
366 retc->x.i_val = gss_update_context_more;
367 return retc;
368}

References alloc_typed_cell(), CONST_INT, gss_update_context_more, TC::i_val, and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_gss_update_context_out()

tree_cell * nasl_okrb5_gss_update_context_out ( lex_ctxt * lexic)

Definition at line 380 of file nasl_krb5.c.

381{
382 (void) lexic;
383 if (to_application == NULL)
384 {
385 return FAKE_CELL;
386 }
387 tree_cell *out = okrb5_slice_to_tree_cell (to_application);
388 // we need to prevent accidental free it as it is freed when the tree_cell is
389 // cleaned up
390 to_application = NULL;
391 return out;
392}

References FAKE_CELL, okrb5_slice_to_tree_cell(), and to_application.

Here is the call graph for this function:

◆ nasl_okrb5_is_failure()

tree_cell * nasl_okrb5_is_failure ( lex_ctxt * lexic)

Returns 0 if the krb5 function was successful and 1 if it failed.

The nasl function has one optional parameter:

  • retval: the return value of the krb5 function. If the value is not defined, the return value of the last krb5 function is used.
Parameters
[in]lexicNASL lexer.
Returns
lex cell containing a number indicating success.

Definition at line 263 of file nasl_krb5.c.

264{
265 OKrb5ErrorCode result = get_int_var_by_num (lexic, 0, last_okrb5_result);
266 tree_cell *retc = alloc_typed_cell (CONST_INT);
267 retc->x.i_val = result != O_KRB5_SUCCESS;
268 return retc;
269}
get_int_var_by_num
long int get_int_var_by_num(lex_ctxt *, int, int)
Definition nasl_var.c:1094

References alloc_typed_cell(), CONST_INT, get_int_var_by_num(), TC::i_val, last_okrb5_result, O_KRB5_SUCCESS, and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_is_success()

tree_cell * nasl_okrb5_is_success ( lex_ctxt * lexic)

Returns 1 if the krb5 function was successful 0 otherwise.

The nasl function has one optional parameter:

  • retval: the return value of the krb5 function. If the value is not defined, the return value of the last krb5 function is used.
Parameters
[in]lexicNASL lexer.
Returns
lex cell containing a number indicating success.

Definition at line 242 of file nasl_krb5.c.

243{
244 OKrb5ErrorCode result = get_int_var_by_num (lexic, 0, last_okrb5_result);
245 tree_cell *retc = alloc_typed_cell (CONST_INT);
246 retc->x.i_val = result == O_KRB5_SUCCESS;
247 return retc;
248}

References alloc_typed_cell(), CONST_INT, get_int_var_by_num(), TC::i_val, last_okrb5_result, O_KRB5_SUCCESS, and TC::x.

Here is the call graph for this function: