OpenVAS Libraries  9.0.3
network.h File Reference
#include <sys/select.h>
#include <netinet/in.h>
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
#include "arglists.h"
#include "../base/openvas_networking.h"
Include dependency graph for network.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  host_info
 

Macros

#define IS_ENCAPS_SSL(x)   ((x) >= OPENVAS_ENCAPS_SSLv23 && (x) <= OPENVAS_ENCAPS_TLScustom)
 

Typedefs

typedef enum openvas_encaps openvas_encaps_t
 

Enumerations

enum  openvas_encaps {
  OPENVAS_ENCAPS_AUTO = 0, OPENVAS_ENCAPS_IP, OPENVAS_ENCAPS_SSLv23, OPENVAS_ENCAPS_SSLv2,
  OPENVAS_ENCAPS_SSLv3, OPENVAS_ENCAPS_TLSv1, OPENVAS_ENCAPS_TLSv11, OPENVAS_ENCAPS_TLSv12,
  OPENVAS_ENCAPS_TLScustom, OPENVAS_ENCAPS_MAX
}
 

Functions

int open_sock_tcp (struct arglist *, unsigned int, int)
 
int open_sock_option (struct arglist *, unsigned int, int, int, int)
 
int recv_line (int, char *, size_t)
 Reads a text from the socket stream into the argument buffer, always. More...
 
int nrecv (int, void *, int, int)
 
int socket_close (int)
 
int get_sock_infos (int sock, int *r_transport, void **r_tls_session)
 
unsigned short * getpts (char *, int *)
 Converts a string like "-100,200-1024,3000-4000,60000-" into an array. More...
 
int open_stream_connection (struct arglist *, unsigned int, int, int)
 
int open_stream_connection_ext (struct arglist *, unsigned int, int, int, const char *)
 
int open_stream_auto_encaps_ext (struct arglist *args, unsigned int port, int timeout, int force)
 
int write_stream_connection (int, void *buf, int n)
 
int read_stream_connection (int, void *, int)
 
int read_stream_connection_min (int, void *, int, int)
 
int nsend (int, void *, int, int)
 
void add_close_stream_connection_hook (int(*)(int))
 
int close_stream_connection (int)
 
const char * get_encaps_name (openvas_encaps_t)
 
const char * get_encaps_through (openvas_encaps_t)
 
int open_sock_opt_hn (const char *, unsigned int, int, int, int)
 
struct host_infohost_info_init (const char *name, const struct in6_addr *, const char *, const char *)
 Initializes a host_info. More...
 
void host_info_free (struct host_info *)
 Free a host_info struct. More...
 
int openvas_SSL_init (void)
 Initializes SSL support. More...
 
int stream_set_buffer (int, int)
 
int stream_get_buffer_sz (int)
 
int stream_get_err (int)
 
int openvas_register_connection (int s, void *ssl, gnutls_certificate_credentials_t certcred, openvas_encaps_t encaps)
 
int openvas_deregister_connection (int)
 
int openvas_get_socket_from_connection (int)
 
gnutls_session_t ovas_get_tlssession_from_connection (int)
 
int stream_zero (fd_set *)
 
int stream_set (int, fd_set *)
 
int os_send (int, void *, int, int)
 
int os_recv (int, void *, int, int)
 
int internal_send (int, char *, int)
 
int internal_recv (int, char **, int *, int *)
 
int fd_is_stream (int)
 
int stream_set_timeout (int, int)
 
int socket_negotiate_ssl (int, openvas_encaps_t, struct arglist *)
 
void socket_get_cert (int, void **, int *)
 
int socket_get_ssl_version (int)
 
void socket_get_ssl_session_id (int, void **, size_t *)
 
int socket_get_ssl_compression (int)
 
int socket_get_ssl_ciphersuite (int)
 

Macro Definition Documentation

◆ IS_ENCAPS_SSL

#define IS_ENCAPS_SSL (   x)    ((x) >= OPENVAS_ENCAPS_SSLv23 && (x) <= OPENVAS_ENCAPS_TLScustom)

Definition at line 64 of file network.h.

Referenced by nasl_socket_negotiate_ssl().

Typedef Documentation

◆ openvas_encaps_t

Enumeration Type Documentation

◆ openvas_encaps

Enumerator
OPENVAS_ENCAPS_AUTO 
OPENVAS_ENCAPS_IP 
OPENVAS_ENCAPS_SSLv23 
OPENVAS_ENCAPS_SSLv2 
OPENVAS_ENCAPS_SSLv3 
OPENVAS_ENCAPS_TLSv1 
OPENVAS_ENCAPS_TLSv11 
OPENVAS_ENCAPS_TLSv12 
OPENVAS_ENCAPS_TLScustom 
OPENVAS_ENCAPS_MAX 

Definition at line 44 of file network.h.

Function Documentation

◆ add_close_stream_connection_hook()

void add_close_stream_connection_hook ( int(*)(int)  )

◆ close_stream_connection()

int close_stream_connection ( int  )

Definition at line 1699 of file network.c.

References log_legacy_write(), OPENVAS_STREAM, OVAS_CONNECTION_FROM_FD, openvas_connection::port, and socket_close().

Referenced by nasl_end_denial(), and nasl_start_denial().

1700 {
1701 #if DEBUG_SSL > 2
1702  openvas_connection *fp;
1703  if (!OPENVAS_STREAM (fd))
1704  {
1705  errno = EINVAL;
1706  return -1;
1707  }
1708  fp = OVAS_CONNECTION_FROM_FD (fd);
1709  log_legacy_write ("close_stream_connection TCP:%d (fd=%d)\n", fp->port, fd);
1710 #endif
1711 
1712  if (!OPENVAS_STREAM (fd)) /* Will never happen if debug is on! */
1713  {
1714  if (fd < 0 || fd > 1024)
1715  {
1716  errno = EINVAL;
1717  return -1;
1718  }
1719  shutdown (fd, 2);
1720  return socket_close (fd);
1721  }
1722  if (!run_csc_hooks (fd))
1723  return release_connection_fd (fd, 1);
1724  else
1725  return release_connection_fd (fd, 0);
1726 }
#define OVAS_CONNECTION_FROM_FD(fd)
Definition: network.c:127
void log_legacy_write(const char *format,...)
Legacy function to write a log message.
#define OPENVAS_STREAM(x)
Definition: network.c:122
int socket_close(int soc)
Definition: network.c:2120
Here is the call graph for this function:
Here is the caller graph for this function:

◆ fd_is_stream()

int fd_is_stream ( int  )

Definition at line 2146 of file network.c.

References OPENVAS_STREAM.

Referenced by nasl_close_socket(), nasl_get_source_port(), nasl_recv(), nasl_recv_line(), nasl_send(), nasl_socket_get_error(), socket_get_cert(), socket_get_ssl_ciphersuite(), socket_get_ssl_compression(), socket_get_ssl_session_id(), socket_get_ssl_version(), and socket_negotiate_ssl().

2147 {
2148  return OPENVAS_STREAM (fd); /* Should probably be smarter... */
2149 }
#define OPENVAS_STREAM(x)
Definition: network.c:122
Here is the caller graph for this function:

◆ get_encaps_name()

const char* get_encaps_name ( openvas_encaps_t  )

Definition at line 1729 of file network.c.

References code, OPENVAS_ENCAPS_AUTO, OPENVAS_ENCAPS_IP, OPENVAS_ENCAPS_SSLv2, OPENVAS_ENCAPS_SSLv23, OPENVAS_ENCAPS_SSLv3, OPENVAS_ENCAPS_TLScustom, OPENVAS_ENCAPS_TLSv1, OPENVAS_ENCAPS_TLSv11, and OPENVAS_ENCAPS_TLSv12.

Referenced by get_port_transport(), and nasl_get_sock_info().

1730 {
1731  static char str[100];
1732  switch (code)
1733  {
1734  case OPENVAS_ENCAPS_AUTO:
1735  return "auto";
1736  case OPENVAS_ENCAPS_IP:
1737  return "IP";
1738  case OPENVAS_ENCAPS_SSLv2:
1739  return "SSLv2";
1740  case OPENVAS_ENCAPS_SSLv23:
1741  return "SSLv23";
1742  case OPENVAS_ENCAPS_SSLv3:
1743  return "SSLv3";
1744  case OPENVAS_ENCAPS_TLSv1:
1745  return "TLSv1";
1746  case OPENVAS_ENCAPS_TLSv11:
1747  return "TLSv11";
1748  case OPENVAS_ENCAPS_TLSv12:
1749  return "TLSv12";
1751  return "TLScustom";
1752  default:
1753  snprintf (str, sizeof (str), "[unknown transport layer - code %d (0x%x)]", code, code);
1754  return str;
1755  }
1756 }
#define code
Here is the caller graph for this function:

◆ get_encaps_through()

const char* get_encaps_through ( openvas_encaps_t  )

Definition at line 1759 of file network.c.

References code, OPENVAS_ENCAPS_IP, OPENVAS_ENCAPS_SSLv2, OPENVAS_ENCAPS_SSLv23, OPENVAS_ENCAPS_SSLv3, OPENVAS_ENCAPS_TLScustom, OPENVAS_ENCAPS_TLSv1, OPENVAS_ENCAPS_TLSv11, and OPENVAS_ENCAPS_TLSv12.

1760 {
1761  static char str[100];
1762  switch (code)
1763  {
1764  case OPENVAS_ENCAPS_IP:
1765  return "";
1766  case OPENVAS_ENCAPS_SSLv2:
1767  case OPENVAS_ENCAPS_SSLv23:
1768  case OPENVAS_ENCAPS_SSLv3:
1769  case OPENVAS_ENCAPS_TLSv1:
1770  case OPENVAS_ENCAPS_TLSv11:
1771  case OPENVAS_ENCAPS_TLSv12:
1773  return " through SSL";
1774  default:
1775  snprintf (str, sizeof (str), " through unknown transport layer - code %d (0x%x)", code, code);
1776  return str;
1777  }
1778 }
#define code

◆ get_sock_infos()

int get_sock_infos ( int  sock,
int *  r_transport,
void **  r_tls_session 
)

Definition at line 2376 of file network.c.

References OPENVAS_STREAM.

Referenced by nasl_get_sock_info().

2377 {
2378  openvas_connection *fp;
2379 
2380  if (!OPENVAS_STREAM (sock))
2381  return ENOTSOCK;
2382  fp = &(connections[sock - OPENVAS_FD_OFF]);
2383 
2384  *r_transport = fp->transport;
2385  *r_tls_session = fp->tls_session;
2386  return 0;
2387 }
#define OPENVAS_FD_OFF
Definition: network.c:100
gnutls_session_t tls_session
Definition: network.c:83
openvas_encaps_t transport
Definition: network.c:76
#define OPENVAS_STREAM(x)
Definition: network.c:122
Here is the caller graph for this function:

◆ getpts()

unsigned short* getpts ( char *  origexpr,
int *  len 
)

Converts a string like "-100,200-1024,3000-4000,60000-" into an array.

of port numbers

This function is (c) Fyodor fyodo.nosp@m.r@dh.nosp@m.p.com and was taken from his excellent and outstanding scanner Nmap See http://www.insecure.org/nmap/ for details about Nmap

Definition at line 2416 of file network.c.

Referenced by nasl_scanner_get_port(), and scan().

2417 {
2418  int exlen;
2419  char *p, *q;
2420  unsigned short *tmp, *ports;
2421  int i = 0, j = 0, start, end;
2422  char *expr;
2423  char *mem;
2424  char *s_start, *s_end;
2425  static unsigned short *last_ret = NULL;
2426  static char *last_expr = NULL;
2427  static int last_num;
2428 
2429  expr = g_strdup (origexpr);
2430  exlen = strlen (origexpr);
2431  mem = expr;
2432 
2433  if (last_expr != NULL)
2434  {
2435  if (strcmp (last_expr, expr) == 0)
2436  {
2437  if (len != NULL)
2438  *len = last_num;
2439  g_free (mem);
2440  return last_ret;
2441  }
2442  else
2443  {
2444  g_free (last_expr);
2445  last_expr = NULL;
2446  g_free (&last_ret);
2447  last_ret = NULL;
2448  }
2449  }
2450 
2451  ports = g_malloc0 (65536 * sizeof (short));
2452  for (; j < exlen; j++)
2453  if (expr[j] != ' ')
2454  expr[i++] = expr[j];
2455  expr[i] = '\0';
2456 
2457  if ((s_start = strstr (expr, "T:")) != NULL)
2458  expr = &(s_start[2]);
2459 
2460  if ((s_end = strstr (expr, "U:")) != NULL)
2461  {
2462  if (s_end[-1] == ',')
2463  s_end--;
2464  s_end[0] = '\0';
2465  }
2466 
2467  i = 0;
2468  while ((p = strchr (expr, ',')))
2469  {
2470  *p = '\0';
2471  if (*expr == '-')
2472  {
2473  start = 1;
2474  end = atoi (expr + 1);
2475  }
2476  else
2477  {
2478  start = end = atoi (expr);
2479  if ((q = strchr (expr, '-')) && *(q + 1))
2480  end = atoi (q + 1);
2481  else if (q && !*(q + 1))
2482  end = 65535;
2483  }
2484  if (start < 1)
2485  start = 1;
2486  if (start > end)
2487  {
2488  g_free (mem);
2489  g_free (ports);
2490  return NULL;
2491  }
2492  for (j = start; j <= end; j++)
2493  ports[i++] = j;
2494  expr = p + 1;
2495  }
2496  if (*expr == '-')
2497  {
2498  start = 1;
2499  end = atoi (expr + 1);
2500  }
2501  else
2502  {
2503  start = end = atoi (expr);
2504  if ((q = strchr (expr, '-')) && *(q + 1))
2505  end = atoi (q + 1);
2506  else if (q && !*(q + 1))
2507  end = 65535;
2508  }
2509  if (start < 1)
2510  start = 1;
2511  if (start > end)
2512  {
2513  g_free (mem);
2514  g_free (ports);
2515  return NULL;
2516  }
2517  for (j = start; j <= end; j++)
2518  ports[i++] = j;
2519  ports[i++] = 0;
2520 
2521  qsort (ports, i, sizeof (u_short), qsort_compar);
2522  tmp = g_realloc (ports, i * sizeof (short));
2523  if (len != NULL)
2524  *len = i - 1;
2525  g_free (mem);
2526 
2527  last_ret = tmp;
2528  last_expr = g_strdup (origexpr);
2529  last_num = i - 1;
2530  return tmp;
2531 }
Here is the caller graph for this function:

◆ host_info_free()

void host_info_free ( struct host_info hostinfo)

Free a host_info struct.

Parameters
[in]hostinfoHost info to free.

Definition at line 2567 of file network.c.

References host_info::fqdn, host_info::ip, host_info::name, and host_info::vhosts.

2568 {
2569  if (!hostinfo)
2570  return;
2571  g_free (hostinfo->name);
2572  g_free (hostinfo->fqdn);
2573  g_free (hostinfo->vhosts);
2574  g_free (hostinfo->ip);
2575 }
char * vhosts
Definition: network.h:60
char * name
Definition: network.h:58
struct in6_addr * ip
Definition: network.h:61
char * fqdn
Definition: network.h:59

◆ host_info_init()

struct host_info* host_info_init ( const char *  name,
const struct in6_addr *  ip,
const char *  vhosts,
const char *  fqdn 
)

Initializes a host_info.

Parameters
[in]nameHostname.
[in]ipIP address.
[in]vhostsVhosts list.
[in]fqdnFully qualified domain name.
Returns
host_info pointer.

Definition at line 2544 of file network.c.

References host_info::fqdn, host_info::ip, host_info::name, name, and host_info::vhosts.

Referenced by init().

2546 {
2547  struct host_info *hostinfo;
2548 
2549  hostinfo = g_malloc0 (sizeof (struct host_info));
2550  hostinfo->name = g_strdup (name);
2551  hostinfo->fqdn = g_strdup (fqdn);
2552  hostinfo->vhosts = g_strdup (vhosts);
2553  if (ip)
2554  {
2555  hostinfo->ip = g_malloc0 (sizeof (struct in6_addr));
2556  memcpy (hostinfo->ip, ip, sizeof (struct in6_addr));
2557  }
2558  return hostinfo;
2559 }
char * vhosts
Definition: network.h:60
char * name
Definition: network.h:58
struct in6_addr * ip
Definition: network.h:61
const char * name
Definition: nasl_init.c:524
char * fqdn
Definition: network.h:59
Here is the caller graph for this function:

◆ internal_recv()

int internal_recv ( int  soc,
char **  data,
int *  data_sz,
int *  msg_type 
)

internal_send() / internal_recv() :

When processes are passing messages to each other, the format is <length><msg>, with <length> being a long integer. The functions internal_send() and internal_recv() encapsulate and decapsulate the messages themselves.

Parameters
[in]socThe socket from which to receive message.
[out]dataWhere to allocate the reception buffer. Has to be set to NULL, and left untouched on failure or zero-length messages.
[out]data_szSize of the received message.
[out]msg_typeType of the message which was received.
Return values
Lengthof the received message on success (can be zero).
Negativevalue on error.

Definition at line 2318 of file network.c.

References INTERNAL_COMM_CTRL_ACK, INTERNAL_COMM_MSG_TYPE_CTRL, log_legacy_write(), os_recv(), and os_send().

2319 {
2320  int len = 0;
2321  int e;
2322  char *buf = NULL;
2323  int sz = 0;
2324  int type;
2325  int ack;
2326 
2327  if (*data != NULL)
2328  {
2329  log_legacy_write("%s doesn't support buffer pre-alloc anymore.", __func__);
2330  return -1;
2331  }
2332 
2333  e = os_recv (soc, &type, sizeof (type), 0);
2334  if (e < 0)
2335  goto error;
2336 
2337  if ((type & INTERNAL_COMM_MSG_TYPE_CTRL) == 0)
2338  {
2339  e = os_recv (soc, &len, sizeof (len), 0);
2340  if (e < 0 || len < 0)
2341  goto error;
2342 
2343  /* length == 0 is perfectly valid though */
2344  if (len > 0)
2345  {
2346  sz = len + 1;
2347  buf = g_malloc0 (sz);
2348 
2349  e = os_recv (soc, buf, len, 0);
2350  if (e < 0)
2351  goto error;
2352  }
2353  }
2354 
2355  *data = buf;
2356  *data_sz = sz;
2357  *msg_type = type;
2358 
2360  e = os_send (soc, &ack, sizeof (ack), 0);
2361  if (e < 0)
2362  goto error;
2363 
2364  return len;
2365 
2366 error:
2367  g_free (buf);
2368  *data = NULL;
2369  *data_sz = 0;
2370  return -1;
2371 }
int os_send(int soc, void *buf, int len, int opt)
Definition: network.c:2214
#define INTERNAL_COMM_CTRL_ACK
Definition: internal_com.h:34
void log_legacy_write(const char *format,...)
Legacy function to write a log message.
#define INTERNAL_COMM_MSG_TYPE_CTRL
Definition: internal_com.h:30
int os_recv(int soc, void *buf, int len, int opt)
Definition: network.c:2233
Here is the call graph for this function:

◆ internal_send()

int internal_send ( int  soc,
char *  data,
int  msg_type 
)
Todo:
internal_send and internal_recv. could make an own module (ipc), in which the type constants could be moved, too.

internal_send() / internal_recv() :

When processes are passing messages to each other, the format is <length><msg>, with <length> being a long integer. The functions internal_send() and internal_recv() encapsulate and decapsulate the messages themselves.

Definition at line 2263 of file network.c.

References INTERNAL_COMM_MSG_TYPE_CTRL, log_legacy_write(), os_recv(), and os_send().

2264 {
2265  int len;
2266  int e;
2267  int ack;
2268 
2269  if (data == NULL)
2270  data = "";
2271 
2272  e = os_send (soc, &msg_type, sizeof (msg_type), 0);
2273  if (e < 0)
2274  return -1;
2275 
2276  if ((msg_type & INTERNAL_COMM_MSG_TYPE_CTRL) == 0)
2277  {
2278  len = strlen (data);
2279 
2280  e = os_send (soc, &len, sizeof (len), 0);
2281  if (e < 0)
2282  return -1;
2283  e = os_send (soc, data, len, 0);
2284  if (e < 0)
2285  return -1;
2286  }
2287 
2288  e = os_recv (soc, &ack, sizeof (ack), 0);
2289  if (e < 0)
2290  {
2291  log_legacy_write ("internal_send->os_recv(%d): %s\n", soc,
2292  strerror (errno));
2293  return -1;
2294  }
2295 
2296  return 0;
2297 }
int os_send(int soc, void *buf, int len, int opt)
Definition: network.c:2214
void log_legacy_write(const char *format,...)
Legacy function to write a log message.
#define INTERNAL_COMM_MSG_TYPE_CTRL
Definition: internal_com.h:30
int os_recv(int soc, void *buf, int len, int opt)
Definition: network.c:2233
Here is the call graph for this function:

◆ nrecv()

int nrecv ( int  ,
void *  ,
int  ,
int   
)

Definition at line 1618 of file network.c.

References log_legacy_write(), and OPENVAS_STREAM.

1619 {
1620  int e;
1621 #if DEBUG_SSL > 8
1622  log_legacy_write ("nrecv: fd=%d len=%d\n", fd, length);
1623 #endif
1624  if (OPENVAS_STREAM (fd))
1625  {
1626  if (connections[fd - OPENVAS_FD_OFF].fd < 0)
1627  log_legacy_write ("OpenVAS file descriptor %d closed ?!\n", fd);
1628  else
1629  return read_stream_connection (fd, data, length);
1630  }
1631  /* Trying OS's recv()
1632  *
1633  * Do *NOT* use os_recv() here, as it will be blocking until the exact
1634  * amount of requested data arrives
1635  */
1636  block_socket (fd);
1637  do
1638  {
1639  e = recv (fd, data, length, i_opt);
1640  }
1641  while (e < 0 && errno == EINTR);
1642  return e;
1643 }
#define OPENVAS_FD_OFF
Definition: network.c:100
void log_legacy_write(const char *format,...)
Legacy function to write a log message.
int read_stream_connection(int fd, void *buf0, int len)
Definition: network.c:1421
#define OPENVAS_STREAM(x)
Definition: network.c:122
Here is the call graph for this function:

◆ nsend()

int nsend ( int  ,
void *  ,
int  ,
int   
)

Definition at line 1577 of file network.c.

References OPENVAS_STREAM.

Referenced by nasl_end_denial().

1578 {
1579  int n = 0;
1580 
1581  if (OPENVAS_STREAM (fd))
1582  {
1583  if (connections[fd - OPENVAS_FD_OFF].fd < 0)
1584  log_legacy_write ("OpenVAS file descriptor %d closed ?!\n", fd);
1585  else
1586  return write_stream_connection4 (fd, data, length, i_opt);
1587  }
1588  /* Trying OS's send() */
1589  block_socket (fd); /* ??? */
1590  do
1591  {
1592  struct timeval tv = {
1593  0, 5
1594  };
1595  fd_set wr;
1596  int e;
1597 
1598  FD_ZERO (&wr);
1599  FD_SET (fd, &wr);
1600 
1601  errno = 0;
1602  e = select (fd + 1, NULL, &wr, NULL, &tv);
1603  if (e > 0)
1604  n = os_send (fd, data, length, i_opt);
1605  else if (e < 0 && errno == EINTR)
1606  continue;
1607  else
1608  break;
1609  }
1610  while (n <= 0 && errno == EINTR);
1611  if (n < 0)
1612  log_legacy_write ("[%d] nsend():send %s\n", getpid (), strerror (errno));
1613 
1614  return n;
1615 }
#define OPENVAS_FD_OFF
Definition: network.c:100
int os_send(int soc, void *buf, int len, int opt)
Definition: network.c:2214
void log_legacy_write(const char *format,...)
Legacy function to write a log message.
#define OPENVAS_STREAM(x)
Definition: network.c:122
struct timeval timeval(unsigned long val)
Here is the caller graph for this function:

◆ open_sock_opt_hn()

int open_sock_opt_hn ( const char *  ,
unsigned  int,
int  ,
int  ,
int   
)

Definition at line 1888 of file network.c.

References openvas_resolve_as_addr6().

Referenced by nasl_open_sock_kdc().

1890 {
1891  struct sockaddr_in addr;
1892  struct sockaddr_in6 addr6;
1893  struct in6_addr in6addr;
1894 
1895  openvas_resolve_as_addr6 (hostname, &in6addr);
1896  if (IN6_IS_ADDR_V4MAPPED (&in6addr))
1897  {
1898  bzero ((void *) &addr, sizeof (addr));
1899  addr.sin_family = AF_INET;
1900  addr.sin_port = htons ((unsigned short) port);
1901  addr.sin_addr.s_addr = in6addr.s6_addr32[3];
1902  return open_socket ((struct sockaddr *) &addr, type, protocol,
1903  timeout, sizeof (struct sockaddr_in));
1904  }
1905  else
1906  {
1907  bzero ((void *) &addr6, sizeof (addr6));
1908  addr6.sin6_family = AF_INET6;
1909  addr6.sin6_port = htons ((unsigned short) port);
1910  memcpy (&addr6.sin6_addr, &in6addr, sizeof (struct in6_addr));
1911  return open_socket ((struct sockaddr *) &addr6, type, protocol,
1912  timeout, sizeof (struct sockaddr_in6));
1913  }
1914 
1915 }
int openvas_resolve_as_addr6(const char *name, struct in6_addr *ip6)
Resolves a hostname to an IPv4-mapped IPv6 or IPv6 address.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ open_sock_option()

int open_sock_option ( struct arglist ,
unsigned  int,
int  ,
int  ,
int   
)

Definition at line 1960 of file network.c.

References arg_dump(), host_get_port_state(), log_legacy_write(), and plug_get_host_ip().

Referenced by open_sock_tcp().

1962 {
1963  struct sockaddr_in addr;
1964  struct sockaddr_in6 addr6;
1965  struct in6_addr *t;
1966 
1967 #if 0
1968  /*
1969  * MA 2004-08-15: IMHO, as this is often (always?) tested in the NASL scripts
1970  * this should not be here.
1971  * If it has to be somewhere else, I'd rather put it in libnasl (and add
1972  * a parameter to "force" the connection)
1973  */
1974  if (host_get_port_state (args, port) <= 0)
1975  return (-1);
1976 #endif
1977  t = plug_get_host_ip (args);
1978  if (!t)
1979  {
1980  log_legacy_write ("ERROR ! NO ADDRESS ASSOCIATED WITH NAME\n");
1981  arg_dump (args, 0);
1982  return (-1);
1983  }
1984  if (IN6_ARE_ADDR_EQUAL (t, &in6addr_any))
1985  return (-1);
1986  if (IN6_IS_ADDR_V4MAPPED (t))
1987  {
1988  bzero ((void *) &addr, sizeof (addr));
1989  addr.sin_family = AF_INET;
1990  addr.sin_port = htons ((unsigned short) port);
1991  addr.sin_addr.s_addr = t->s6_addr32[3];
1992  return open_socket ((struct sockaddr *) &addr, type, protocol,
1993  timeout, sizeof (struct sockaddr_in));
1994  }
1995  else
1996  {
1997  bzero ((void *) &addr6, sizeof (addr6));
1998  addr6.sin6_family = AF_INET6;
1999  addr6.sin6_port = htons ((unsigned short) port);
2000  memcpy (&addr6.sin6_addr, t, sizeof (struct in6_addr));
2001  return open_socket ((struct sockaddr *) &addr6, type, protocol,
2002  timeout, sizeof (struct sockaddr_in6));
2003  }
2004 
2005 }
int host_get_port_state(struct arglist *plugdata, int portnum)
Definition: plugutils.c:177
void log_legacy_write(const char *format,...)
Legacy function to write a log message.
void arg_dump(struct arglist *args, int level)
Definition: arglists.c:280
struct in6_addr * plug_get_host_ip(struct arglist *desc)
Definition: plugutils.c:216
Here is the call graph for this function:
Here is the caller graph for this function:

◆ open_sock_tcp()

int open_sock_tcp ( struct arglist ,
unsigned  int,
int   
)

Definition at line 1918 of file network.c.

References open_sock_option(), plug_get_host_ip_str(), plug_get_kb(), and prefs_get().

Referenced by ids_open_sock_tcp().

1919 {
1920  int ret, retry = 0;
1921  const char *timeout_retry;
1922 
1923  timeout_retry = prefs_get ("timeout_retry");
1924  if (timeout_retry)
1925  retry = atoi (timeout_retry);
1926  if (retry < 0)
1927  retry = 0;
1928 
1929  while (retry >= 0)
1930  {
1931  errno = 0;
1932  ret = open_sock_option (args, port, SOCK_STREAM, IPPROTO_TCP, timeout);
1933  if (ret >= 0 || errno != ETIMEDOUT)
1934  break;
1935  retry--;
1936  }
1937  if (ret < 0 && errno == ETIMEDOUT)
1938  {
1939  int log_count;
1940  char *ip_str = plug_get_host_ip_str (args), buffer[1024];
1941  kb_t kb = plug_get_kb (args);
1942 
1943  g_snprintf (buffer, sizeof (buffer), "ConnectTimeout/%s/%d", ip_str,
1944  port);
1945  log_count = kb_item_get_int (kb, buffer);
1946  if (log_count == -1)
1947  log_count = 0;
1948  if (log_count < 3)
1949  log_legacy_write ("open_sock_tcp: %s:%d time-out.", ip_str, port);
1950  log_count++;
1951  kb_item_set_int (kb, buffer, log_count);
1952  g_free (ip_str);
1953  }
1954 
1955  return ret;
1956 }
int open_sock_option(struct arglist *args, unsigned int port, int type, int protocol, int timeout)
Definition: network.c:1960
void log_legacy_write(const char *format,...)
Legacy function to write a log message.
const gchar * prefs_get(const gchar *key)
Get a string preference value via a key.
Definition: prefs.c:86
char * plug_get_host_ip_str(struct arglist *desc)
Definition: plugutils.c:225
kb_t plug_get_kb(struct arglist *args)
Definition: plugutils.c:710
Top-level KB. This is to be inherited by KB implementations.
Definition: kb.h:102
Here is the call graph for this function:
Here is the caller graph for this function:

◆ open_stream_auto_encaps_ext()

int open_stream_auto_encaps_ext ( struct arglist args,
unsigned int  port,
int  timeout,
int  force 
)

Definition at line 1127 of file network.c.

References open_stream_connection(), OPENVAS_ENCAPS_IP, OPENVAS_ENCAPS_TLScustom, plug_get_port_transport(), and plug_set_port_transport().

1129 {
1130  int fd, transport;
1131 
1132  if (force)
1133  {
1134  /* Try SSL/TLS first */
1135  transport = OPENVAS_ENCAPS_TLScustom;
1136  fd = open_stream_connection (args, port, transport, timeout);
1137  if (fd < 0)
1138  {
1139  transport = OPENVAS_ENCAPS_IP;
1140  fd = open_stream_connection (args, port, OPENVAS_ENCAPS_IP, timeout);
1141  if (fd < 0)
1142  return -1;
1143  }
1144  /* Store that encapsulation mode in the KB. */
1145  plug_set_port_transport (args, port, transport);
1146  return fd;
1147  }
1148  else
1149  {
1150  transport = plug_get_port_transport (args, port);
1151  fd = open_stream_connection (args, port, transport, timeout);
1152  return fd;
1153  }
1154  /*NOTREACHED*/
1155 }
int open_stream_connection(struct arglist *args, unsigned int port, int transport, int timeout)
Definition: network.c:1117
void plug_set_port_transport(struct arglist *args, int port, int tr)
Definition: plugutils.c:976
int plug_get_port_transport(struct arglist *args, int port)
Definition: plugutils.c:990
Here is the call graph for this function:

◆ open_stream_connection()

int open_stream_connection ( struct arglist ,
unsigned  int,
int  ,
int   
)

Definition at line 1117 of file network.c.

References open_stream_connection_ext().

Referenced by nasl_end_denial(), nasl_start_denial(), and open_stream_auto_encaps_ext().

1119 {
1120  return open_stream_connection_ext (args, port, transport, timeout,
1121  "NORMAL:+ARCFOUR-128");
1122 }
int open_stream_connection_ext(struct arglist *args, unsigned int port, int transport, int timeout, const char *priority)
Definition: network.c:1004
Here is the call graph for this function:
Here is the caller graph for this function:

◆ open_stream_connection_ext()

int open_stream_connection_ext ( struct arglist ,
unsigned  int,
int  ,
int  ,
const char *   
)

Definition at line 1004 of file network.c.

References log_legacy_write(), OPENVAS_ENCAPS_IP, OPENVAS_ENCAPS_SSLv2, OPENVAS_ENCAPS_SSLv23, OPENVAS_ENCAPS_SSLv3, OPENVAS_ENCAPS_TLScustom, OPENVAS_ENCAPS_TLSv1, OPENVAS_ENCAPS_TLSv11, OPENVAS_ENCAPS_TLSv12, and TIMEOUT.

Referenced by open_stream_connection().

1006 {
1007  int fd;
1008  openvas_connection *fp;
1009  char *cert = NULL;
1010  char *key = NULL;
1011  char *passwd = NULL;
1012  char *cafile = NULL;
1013  char *hostname = NULL;
1014 
1015  if (!priority)
1016  priority = ""; /* To us an empty string is equivalent to NULL. */
1017 
1018 #if DEBUG_SSL > 2
1020  "[%d] open_stream_connection: TCP:%d transport:%d timeout:%d "
1021  " priority: '%s'\n",
1022  getpid (), port, transport, timeout, priority);
1023 #endif
1024 
1025  if (timeout == -2)
1026  timeout = TIMEOUT;
1027 
1028  switch (transport)
1029  {
1030  case OPENVAS_ENCAPS_IP:
1031 
1032  case OPENVAS_ENCAPS_SSLv23:
1033  case OPENVAS_ENCAPS_SSLv3:
1034  case OPENVAS_ENCAPS_TLSv1:
1035  case OPENVAS_ENCAPS_TLSv11:
1036  case OPENVAS_ENCAPS_TLSv12:
1038  case OPENVAS_ENCAPS_SSLv2:
1039  break;
1040 
1041  default:
1042  log_legacy_write ("open_stream_connection_ext(): unsupported transport"
1043  " layer %d\n", transport);
1044  errno = EINVAL;
1045  return -1;
1046  }
1047 
1048  if ((fd = get_connection_fd ()) < 0)
1049  return -1;
1050  fp = OVAS_CONNECTION_FROM_FD (fd);
1051 
1052  fp->transport = transport;
1053  g_free (fp->priority);
1054  if (*priority)
1055  fp->priority = g_strdup (priority);
1056  else
1057  fp->priority = NULL;
1058  fp->timeout = timeout;
1059  fp->port = port;
1060  fp->last_err = 0;
1061  set_ids_evasion_mode (args, fp);
1062 
1064  fp->fd = ids_open_sock_tcp (args, port, fp->options, timeout);
1065  else
1066  fp->fd = open_sock_tcp (args, port, timeout);
1067 
1068  if (fp->fd < 0)
1069  goto failed;
1070 
1071  kb_t kb = plug_get_kb (args);
1072  switch (transport)
1073  {
1074  int ret;
1075  char buf[1024];
1076  case OPENVAS_ENCAPS_IP:
1077  break;
1078  case OPENVAS_ENCAPS_SSLv23:
1079  case OPENVAS_ENCAPS_SSLv3:
1080  case OPENVAS_ENCAPS_TLSv1:
1081  case OPENVAS_ENCAPS_TLSv11:
1082  case OPENVAS_ENCAPS_TLSv12:
1084  renice_myself ();
1085  cert = kb_item_get_str (kb, "SSL/cert");
1086  key = kb_item_get_str (kb, "SSL/key");
1087  passwd = kb_item_get_str (kb, "SSL/password");
1088 
1089  cafile = kb_item_get_str (kb, "SSL/CA");
1090 
1091  /* fall through */
1092 
1093  case OPENVAS_ENCAPS_SSLv2:
1094  /* We do not need a client certificate in this case */
1095  snprintf (buf, sizeof (buf), "Host/SNI/%d/force_disable", fp->port);
1096  if (kb_item_get_int (kb, buf) <= 0)
1097  hostname = plug_get_host_fqdn (args);
1098  ret = open_SSL_connection (fp, cert, key, passwd, cafile, hostname);
1099  g_free (cert);
1100  g_free (key);
1101  g_free (passwd);
1102  g_free (cafile);
1103  if (ret <= 0)
1104  goto failed;
1105  break;
1106  }
1107 
1108  return fd;
1109 
1110 failed:
1111  release_connection_fd (fd, 0);
1112  return -1;
1113 }
#define OVAS_CONNECTION_FROM_FD(fd)
Definition: network.c:127
int ids_open_sock_tcp(struct arglist *args, int port, int method, int timeout)
Definition: ids_send.c:688
void log_legacy_write(const char *format,...)
Legacy function to write a log message.
char * plug_get_host_fqdn(struct arglist *desc)
Definition: plugutils.c:200
openvas_encaps_t transport
Definition: network.c:76
int open_sock_tcp(struct arglist *args, unsigned int port, int timeout)
Definition: network.c:1918
kb_t plug_get_kb(struct arglist *args)
Definition: plugutils.c:710
#define TIMEOUT
Definition: network.c:58
Top-level KB. This is to be inherited by KB implementations.
Definition: kb.h:102
#define OPENVAS_CNX_IDS_EVASION_FAKE_RST
Definition: ids_send.h:48
char * priority
Definition: network.c:77
Here is the call graph for this function:
Here is the caller graph for this function:

◆ openvas_deregister_connection()

int openvas_deregister_connection ( int  )

Definition at line 292 of file network.c.

References OPENVAS_STREAM.

293 {
295  if (!OPENVAS_STREAM (fd))
296  {
297  errno = EINVAL;
298  return -1;
299  }
300 
301  p = connections + (fd - OPENVAS_FD_OFF);
302  /* Fixme: Code duplicated from release_connection_fd. Check usage
303  of this function make sure that TLS stuff is also released in
304  case it is used here. */
305  g_free (p->priority);
306  p->priority = NULL;
307  bzero (p, sizeof (*p));
308  p->transport = -1;
309  return 0;
310 }
#define OPENVAS_FD_OFF
Definition: network.c:100
openvas_encaps_t transport
Definition: network.c:76
#define OPENVAS_STREAM(x)
Definition: network.c:122
char * priority
Definition: network.c:77

◆ openvas_get_socket_from_connection()

int openvas_get_socket_from_connection ( int  )

Definition at line 395 of file network.c.

References log_legacy_fflush(), log_legacy_write(), and OPENVAS_STREAM.

Referenced by nasl_get_source_port(), and stream_set().

396 {
397  openvas_connection *fp;
398 
399  if (!OPENVAS_STREAM (fd))
400  {
402  "[%d] openvas_get_socket_from_connection: bad fd <%d>\n",
403  getpid (), fd);
405  return fd;
406  }
407  fp = connections + (fd - OPENVAS_FD_OFF);
408  if (fp->transport <= 0)
409  {
411  "openvas_get_socket_from_connection: fd <%d> is closed\n", fd);
412  return -1;
413  }
414  return fp->fd;
415 }
#define OPENVAS_FD_OFF
Definition: network.c:100
void log_legacy_write(const char *format,...)
Legacy function to write a log message.
openvas_encaps_t transport
Definition: network.c:76
void log_legacy_fflush(void)
Legacy function to flush a log message.
#define OPENVAS_STREAM(x)
Definition: network.c:122
Here is the call graph for this function:
Here is the caller graph for this function:

◆ openvas_register_connection()

int openvas_register_connection ( int  soc,
void *  ssl,
gnutls_certificate_credentials_t  certcred,
openvas_encaps_t  encaps 
)
Todo:
TLS FIXME: migrate this to TLS
Todo:
Fix the voidness of the ssl parameter (problematic in 64bit env.) here or on caller-side
Parameters
socSocket to use.

Definition at line 267 of file network.c.

270 {
271  int fd;
273 
274  if ((fd = get_connection_fd ()) < 0)
275  return -1;
276  p = OVAS_CONNECTION_FROM_FD (fd);
277 
278  p->tls_session = ssl;
279  p->tls_cred = certcred;
280 
281  p->timeout = TIMEOUT; /* default value */
282  p->port = 0; /* just used for debug */
283  p->fd = soc;
284  p->transport = encaps;
285  p->priority = NULL;
286  p->last_err = 0;
287 
288  return fd;
289 }
gnutls_session_t tls_session
Definition: network.c:83
#define OVAS_CONNECTION_FROM_FD(fd)
Definition: network.c:127
openvas_encaps_t transport
Definition: network.c:76
gnutls_certificate_credentials_t tls_cred
Definition: network.c:84
#define TIMEOUT
Definition: network.c:58
char * priority
Definition: network.c:77

◆ openvas_SSL_init()

int openvas_SSL_init ( void  )

Initializes SSL support.

Definition at line 376 of file network.c.

References tlserror().

377 {
378 #ifdef DEBUG_SSL
379  gnutls_global_set_log_level (2);
380  gnutls_global_set_log_function (log_message_gnutls);
381 #endif
382 
383  int ret = gnutls_global_init ();
384  if (ret < 0)
385  {
386  tlserror ("gnutls_global_init", ret);
387  return -1;
388  }
389 
390  return 0;
391 }
void tlserror(char *txt, int err)
Definition: network.c:359
Here is the call graph for this function:

◆ os_recv()

int os_recv ( int  ,
void *  ,
int  ,
int   
)

Definition at line 2233 of file network.c.

Referenced by internal_recv(), and internal_send().

2234 {
2235  char *buf0 = (char *) buf;
2236  int e, n;
2237  for (n = 0; n < len;)
2238  {
2239  errno = 0;
2240  e = recv (soc, buf0 + n, len - n, opt);
2241  if (e < 0 && errno == EINTR)
2242  continue;
2243  else if (e <= 0)
2244  return -1;
2245  else
2246  n += e;
2247  }
2248  return n;
2249 }
Here is the caller graph for this function:

◆ os_send()

int os_send ( int  ,
void *  ,
int  ,
int   
)

Definition at line 2214 of file network.c.

Referenced by internal_recv(), and internal_send().

2215 {
2216  char *buf0 = (char *) buf;
2217  int e, n;
2218  for (n = 0; n < len;)
2219  {
2220  errno = 0;
2221  e = send (soc, buf0 + n, len - n, opt);
2222  if (e < 0 && errno == EINTR)
2223  continue;
2224  else if (e <= 0)
2225  return -1;
2226  else
2227  n += e;
2228  }
2229  return n;
2230 }
Here is the caller graph for this function:

◆ ovas_get_tlssession_from_connection()

gnutls_session_t ovas_get_tlssession_from_connection ( int  )

Definition at line 418 of file network.c.

References OPENVAS_STREAM.

Referenced by socket_get_cert(), socket_get_ssl_ciphersuite(), socket_get_ssl_compression(), socket_get_ssl_session_id(), and socket_get_ssl_version().

419 {
420  openvas_connection *fp;
421 
422  if (!OPENVAS_STREAM (fd))
423  return NULL;
424 
425  fp = connections + (fd - OPENVAS_FD_OFF);
426  return fp->tls_session;
427 }
#define OPENVAS_FD_OFF
Definition: network.c:100
gnutls_session_t tls_session
Definition: network.c:83
#define OPENVAS_STREAM(x)
Definition: network.c:122
Here is the caller graph for this function:

◆ read_stream_connection()

int read_stream_connection ( int  ,
void *  ,
int   
)

Definition at line 1421 of file network.c.

References read_stream_connection_min().

Referenced by nasl_telnet_init().

1422 {
1423  return read_stream_connection_min (fd, buf0, -1, len);
1424 }
int read_stream_connection_min(int fd, void *buf0, int min_len, int max_len)
Definition: network.c:1360
Here is the call graph for this function:
Here is the caller graph for this function:

◆ read_stream_connection_min()

int read_stream_connection_min ( int  ,
void *  ,
int  ,
int   
)

Definition at line 1360 of file network.c.

References openvas_connection::buf, openvas_connection::bufcnt, openvas_connection::bufptr, openvas_connection::bufsz, OPENVAS_STREAM, and OVAS_CONNECTION_FROM_FD.

Referenced by nasl_recv_line(), nasl_telnet_init(), read_stream_connection(), and recv_line().

1361 {
1362  openvas_connection *fp;
1363 
1364  if (OPENVAS_STREAM (fd))
1365  {
1366  fp = OVAS_CONNECTION_FROM_FD (fd);
1367  if (fp->buf != NULL)
1368  {
1369  int l1, l2;
1370 
1371  if (max_len == 1)
1372  min_len = 1; /* avoid "magic read" later */
1373  l2 = max_len > fp->bufcnt ? fp->bufcnt : max_len;
1374  if (l2 > 0)
1375  {
1376  memcpy (buf0, fp->buf + fp->bufptr, l2);
1377  fp->bufcnt -= l2;
1378  if (fp->bufcnt == 0)
1379  {
1380  fp->bufptr = 0;
1381  fp->buf[0] = '\0'; /* debug */
1382  }
1383  else
1384  fp->bufptr += l2;
1385  if (l2 >= min_len || l2 >= max_len)
1386  return l2;
1387  max_len -= l2;
1388  min_len -= l2;
1389  }
1390  if (min_len > fp->bufsz)
1391  {
1392  l1 =
1393  read_stream_connection_unbuffered (fd, (char *) buf0 + l2,
1394  min_len, max_len);
1395  if (l1 > 0)
1396  return l1 + l2;
1397  else
1398  return l2;
1399  }
1400  /* Fill buffer */
1401  l1 =
1402  read_stream_connection_unbuffered (fd, fp->buf, min_len, fp->bufsz);
1403  if (l1 <= 0)
1404  return l2;
1405 
1406  fp->bufcnt = l1;
1407  l1 = max_len > fp->bufcnt ? fp->bufcnt : max_len;
1408  memcpy ((char *) buf0 + l2, fp->buf + fp->bufptr, l1);
1409  fp->bufcnt -= l1;
1410  if (fp->bufcnt == 0)
1411  fp->bufptr = 0;
1412  else
1413  fp->bufptr += l1;
1414  return l1 + l2;
1415  }
1416  }
1417  return read_stream_connection_unbuffered (fd, buf0, min_len, max_len);
1418 }
#define OVAS_CONNECTION_FROM_FD(fd)
Definition: network.c:127
#define OPENVAS_STREAM(x)
Definition: network.c:122
Here is the caller graph for this function:

◆ recv_line()

int recv_line ( int  soc,
char *  buf,
size_t  bufsiz 
)

Reads a text from the socket stream into the argument buffer, always.

appending a '\0' byte.

Parameters
bufBuffer to read into.
Returns
Number of bytes read, without the trailing '\0'.

Definition at line 2017 of file network.c.

References OPENVAS_STREAM, and read_stream_connection_min().

Referenced by ftp_get_pasv_address().

2018 {
2019  int n;
2020  unsigned int ret = 0;
2021 
2022  /* Dirty SSL hack */
2023  if (OPENVAS_STREAM (soc))
2024  {
2025  unsigned int ret = 0;
2026  buf[0] = '\0';
2027 
2028  do
2029  {
2030  n = read_stream_connection_min (soc, buf + ret, 1, 1);
2031  switch (n)
2032  {
2033  case -1:
2034  if (ret == 0)
2035  return -1;
2036  else
2037  return ret;
2038  break;
2039 
2040  case 0:
2041  return ret;
2042  break;
2043 
2044  default:
2045  ret++;
2046  }
2047  }
2048  while (buf[ret - 1] != '\0' && buf[ret - 1] != '\n' && ret < bufsiz);
2049 
2050  if (ret > 0)
2051  {
2052  if (buf[ret - 1] != '\0')
2053  {
2054  if (ret < bufsiz)
2055  buf[ret] = '\0';
2056  else
2057  buf[bufsiz - 1] = '\0';
2058  }
2059  }
2060 
2061  return ret;
2062  }
2063  else
2064  {
2065  fd_set rd;
2066 
2067  do
2068  {
2069  int e;
2070  again:
2071  errno = 0;
2072  FD_ZERO (&rd);
2073  FD_SET (soc, &rd);
2074  e = select (soc + 1, &rd, NULL, NULL, NULL);
2075  if (e == 0 && !FD_ISSET (soc, &rd))
2076  return -1;
2077  if (e < 0 && errno == EINTR)
2078  goto again;
2079  if (e > 0)
2080  {
2081  n = recv (soc, buf + ret, 1, 0);
2082  switch (n)
2083  {
2084  case -1:
2085  if (errno == EINTR)
2086  continue;
2087  if (ret == 0)
2088  return -1;
2089  else
2090  return ret;
2091  break;
2092  case 0:
2093  return ret;
2094  break;
2095  default:
2096  ret++;
2097  }
2098  }
2099  else
2100  break;
2101  }
2102  while (buf[ret - 1] != '\0' && buf[ret - 1] != '\n' && ret < bufsiz);
2103 
2104  if (ret > 0)
2105  {
2106  if (buf[ret - 1] != '\0')
2107  {
2108  if (ret < bufsiz)
2109  buf[ret] = '\0';
2110  else
2111  buf[bufsiz - 1] = '\0';
2112  }
2113  }
2114  }
2115 
2116  return ret;
2117 }
#define OPENVAS_STREAM(x)
Definition: network.c:122
int read_stream_connection_min(int fd, void *buf0, int min_len, int max_len)
Definition: network.c:1360
Here is the call graph for this function:
Here is the caller graph for this function:

◆ socket_close()

int socket_close ( int  )

Definition at line 2120 of file network.c.

Referenced by close_stream_connection().

2121 {
2122  return close (soc);
2123 }
Here is the caller graph for this function:

◆ socket_get_cert()

void socket_get_cert ( int  ,
void **  ,
int *   
)

Definition at line 813 of file network.c.

References fd_is_stream(), log_legacy_write(), and ovas_get_tlssession_from_connection().

Referenced by nasl_socket_get_cert().

814 {
815  gnutls_session_t session;
816  const gnutls_datum_t *cert_list;
817  unsigned int cert_list_len = 0;
818 
819  if (!cert || !certlen)
820  return;
821  if (!fd_is_stream (fd))
822  {
823  log_legacy_write ("Socket %d is not stream\n", fd);
824  return;
825  }
827  if (!session)
828  {
829  log_legacy_write ("Socket %d is not SSL/TLS encapsulated\n", fd);
830  return;
831  }
832  if (gnutls_certificate_type_get (session) != GNUTLS_CRT_X509)
833  return;
834  cert_list = gnutls_certificate_get_peers (session, &cert_list_len);
835  if (cert_list_len == 0)
836  return;
837  *certlen = cert_list[0].size;
838  *cert = g_memdup (cert_list[0].data, *certlen);
839 }
void log_legacy_write(const char *format,...)
Legacy function to write a log message.
gnutls_session_t ovas_get_tlssession_from_connection(int fd)
Definition: network.c:418
int fd_is_stream(int fd)
Definition: network.c:2146
Here is the call graph for this function:
Here is the caller graph for this function:

◆ socket_get_ssl_ciphersuite()

int socket_get_ssl_ciphersuite ( int  )

Definition at line 965 of file network.c.

References fd_is_stream(), log_legacy_write(), and ovas_get_tlssession_from_connection().

Referenced by nasl_socket_get_ssl_ciphersuite().

966 {
967  gnutls_session_t session;
968  gnutls_kx_algorithm_t kx, kx2;
969  gnutls_cipher_algorithm_t cipher, cipher2;
970  gnutls_mac_algorithm_t mac, mac2;
971  size_t idx = 0;
972  unsigned char cs_id[2];
973 
974  if (!fd_is_stream (fd))
975  {
976  log_legacy_write ("Socket %d is not stream\n", fd);
977  return -1;
978  }
980  if (!session)
981  {
982  log_legacy_write ("Socket %d is not SSL/TLS encapsulated\n", fd);
983  return -1;
984  }
985 
986  kx = gnutls_kx_get (session);
987  cipher = gnutls_cipher_get (session);
988  mac = gnutls_mac_get (session);
989  while (gnutls_cipher_suite_info (idx, (void *) cs_id, &kx2, &cipher2, &mac2,
990  NULL))
991  {
992  if (kx == kx2 && cipher == cipher2 && mac == mac2)
993  return cs_id[0] + cs_id[1];
994  idx++;
995  }
996  return -1;
997 }
void log_legacy_write(const char *format,...)
Legacy function to write a log message.
gnutls_session_t ovas_get_tlssession_from_connection(int fd)
Definition: network.c:418
int fd_is_stream(int fd)
Definition: network.c:2146
Here is the call graph for this function:
Here is the caller graph for this function:

◆ socket_get_ssl_compression()

int socket_get_ssl_compression ( int  )

Definition at line 930 of file network.c.

References fd_is_stream(), log_legacy_write(), and ovas_get_tlssession_from_connection().

Referenced by nasl_socket_get_ssl_compression().

931 {
932  gnutls_session_t session;
933 
934  if (!fd_is_stream (fd))
935  {
936  log_legacy_write ("Socket %d is not stream\n", fd);
937  return -1;
938  }
940  if (!session)
941  {
942  log_legacy_write ("Socket %d is not SSL/TLS encapsulated\n", fd);
943  return -1;
944  }
945 
946  switch (gnutls_compression_get (session))
947  {
948  case GNUTLS_COMP_NULL:
949  return 0;
950  case GNUTLS_COMP_DEFLATE:
951  return 1;
952  default:
953  return -1;
954  }
955 }
void log_legacy_write(const char *format,...)
Legacy function to write a log message.
gnutls_session_t ovas_get_tlssession_from_connection(int fd)
Definition: network.c:418
int fd_is_stream(int fd)
Definition: network.c:2146
Here is the call graph for this function:
Here is the caller graph for this function:

◆ socket_get_ssl_session_id()

void socket_get_ssl_session_id ( int  ,
void **  ,
size_t *   
)

Definition at line 890 of file network.c.

References fd_is_stream(), log_legacy_write(), ovas_get_tlssession_from_connection(), and tlserror().

Referenced by nasl_socket_get_ssl_session_id().

891 {
892  gnutls_session_t session;
893  void *tmp;
894  *ssize = GNUTLS_MAX_SESSION_ID;
895  int ret;
896 
897  if (!sid)
898  return;
899  if (!fd_is_stream (fd))
900  {
901  log_legacy_write ("Socket %d is not stream\n", fd);
902  return;
903  }
905  if (!session)
906  {
907  log_legacy_write ("Socket %d is not SSL/TLS encapsulated\n", fd);
908  return;
909  }
910  tmp = g_malloc0 (*ssize);
911  ret = gnutls_session_get_id (session, tmp, ssize);
912  if (ret == GNUTLS_E_SUCCESS)
913  *sid = tmp;
914  else
915  {
916  g_free (tmp);
917  *ssize = 0;
918  tlserror ("gnutls_session_id", ret);
919  }
920 }
void log_legacy_write(const char *format,...)
Legacy function to write a log message.
gnutls_session_t ovas_get_tlssession_from_connection(int fd)
Definition: network.c:418
int fd_is_stream(int fd)
Definition: network.c:2146
void tlserror(char *txt, int err)
Definition: network.c:359
Here is the call graph for this function:
Here is the caller graph for this function:

◆ socket_get_ssl_version()

int socket_get_ssl_version ( int  )

Definition at line 849 of file network.c.

References fd_is_stream(), log_legacy_write(), OPENVAS_ENCAPS_SSLv3, OPENVAS_ENCAPS_TLSv1, OPENVAS_ENCAPS_TLSv11, OPENVAS_ENCAPS_TLSv12, and ovas_get_tlssession_from_connection().

Referenced by nasl_socket_get_ssl_version().

850 {
851  gnutls_session_t session;
852  gnutls_protocol_t version;
853 
854  if (!fd_is_stream (fd))
855  {
856  log_legacy_write ("Socket %d is not stream\n", fd);
857  return -1;
858  }
860  if (!session)
861  {
862  log_legacy_write ("Socket %d is not SSL/TLS encapsulated\n", fd);
863  return -1;
864  }
865 
866  version = gnutls_protocol_get_version (session);
867  switch (version)
868  {
869  case GNUTLS_SSL3:
870  return OPENVAS_ENCAPS_SSLv3;
871  case GNUTLS_TLS1:
872  return OPENVAS_ENCAPS_TLSv1;
873  case GNUTLS_TLS1_1:
874  return OPENVAS_ENCAPS_TLSv11;
875  case GNUTLS_TLS1_2:
876  return OPENVAS_ENCAPS_TLSv12;
877  default:
878  return -1;
879  }
880 }
void log_legacy_write(const char *format,...)
Legacy function to write a log message.
gnutls_session_t ovas_get_tlssession_from_connection(int fd)
Definition: network.c:418
int fd_is_stream(int fd)
Definition: network.c:2146
Here is the call graph for this function:
Here is the caller graph for this function:

◆ socket_negotiate_ssl()

int socket_negotiate_ssl ( int  ,
openvas_encaps_t  ,
struct arglist  
)

Definition at line 771 of file network.c.

References fd_is_stream(), log_legacy_write(), OVAS_CONNECTION_FROM_FD, and plug_get_kb().

Referenced by nasl_socket_negotiate_ssl().

772 {
773  char *cert = NULL, *key = NULL, *passwd = NULL, *cafile = NULL;
774  char *hostname = NULL;
775  openvas_connection *fp;
776  kb_t kb;
777  char buf[1024];
778 
779  if (!fd_is_stream (fd))
780  {
781  log_legacy_write ("Socket %d is not stream\n", fd);
782  return -1;
783  }
784  fp = OVAS_CONNECTION_FROM_FD(fd);
785  kb = plug_get_kb (args);
786  cert = kb_item_get_str (kb, "SSL/cert");
787  key = kb_item_get_str (kb, "SSL/key");
788  passwd = kb_item_get_str (kb, "SSL/password");
789  cafile = kb_item_get_str (kb, "SSL/CA");
790  snprintf (buf, sizeof (buf), "Host/SNI/%d/force_disable", fp->port);
791  if (kb_item_get_int (kb, buf) <= 0)
792  hostname = plug_get_host_fqdn (args);
793 
794  fp->transport = transport;
795  fp->priority = NULL;
796  if (open_SSL_connection (fp, cert, key, passwd, cafile, hostname) <= 0)
797  {
798  log_legacy_write ("socket_negotiate_ssl: SSL connection failed.\n");
799  release_connection_fd (fd, 0);
800  return -1;
801  }
802  return fd;
803 }
#define OVAS_CONNECTION_FROM_FD(fd)
Definition: network.c:127
void log_legacy_write(const char *format,...)
Legacy function to write a log message.
char * plug_get_host_fqdn(struct arglist *desc)
Definition: plugutils.c:200
int fd_is_stream(int fd)
Definition: network.c:2146
openvas_encaps_t transport
Definition: network.c:76
kb_t plug_get_kb(struct arglist *args)
Definition: plugutils.c:710
Top-level KB. This is to be inherited by KB implementations.
Definition: kb.h:102
char * priority
Definition: network.c:77
Here is the call graph for this function:
Here is the caller graph for this function:

◆ stream_get_buffer_sz()

int stream_get_buffer_sz ( int  )

Definition at line 2153 of file network.c.

References openvas_connection::bufsz, OPENVAS_STREAM, and OVAS_CONNECTION_FROM_FD.

Referenced by nasl_recv_line().

2154 {
2155  openvas_connection *p;
2156  if (!OPENVAS_STREAM (fd))
2157  return -1;
2158  p = OVAS_CONNECTION_FROM_FD (fd);
2159  return p->bufsz;
2160 }
#define OVAS_CONNECTION_FROM_FD(fd)
Definition: network.c:127
#define OPENVAS_STREAM(x)
Definition: network.c:122
Here is the caller graph for this function:

◆ stream_get_err()

int stream_get_err ( int  )

Definition at line 161 of file network.c.

References openvas_connection::last_err, OPENVAS_STREAM, and OVAS_CONNECTION_FROM_FD.

Referenced by nasl_socket_get_error().

162 {
164 
165  if (!OPENVAS_STREAM (fd))
166  {
167  errno = EINVAL;
168  return -1;
169  }
170 
171  p = OVAS_CONNECTION_FROM_FD (fd);
172  return p->last_err;
173 }
#define OVAS_CONNECTION_FROM_FD(fd)
Definition: network.c:127
#define OPENVAS_STREAM(x)
Definition: network.c:122
Here is the caller graph for this function:

◆ stream_set()

int stream_set ( int  ,
fd_set *   
)

Definition at line 2137 of file network.c.

References openvas_get_socket_from_connection().

2138 {
2139  int soc = openvas_get_socket_from_connection (fd);
2140  if (soc >= 0)
2141  FD_SET (soc, set);
2142  return soc;
2143 }
int openvas_get_socket_from_connection(int fd)
Definition: network.c:395
Here is the call graph for this function:

◆ stream_set_buffer()

int stream_set_buffer ( int  ,
int   
)

Definition at line 2163 of file network.c.

References openvas_connection::buf, openvas_connection::bufcnt, openvas_connection::bufptr, openvas_connection::bufsz, OPENVAS_STREAM, and OVAS_CONNECTION_FROM_FD.

Referenced by nasl_recv_line().

2164 {
2165  openvas_connection *p;
2166  char *b;
2167 
2168  if (!OPENVAS_STREAM (fd))
2169  return -1;
2170 
2171  p = OVAS_CONNECTION_FROM_FD (fd);
2172  if (sz < p->bufcnt)
2173  return -1; /* Do not want to lose data */
2174 
2175  if (sz == 0)
2176  {
2177  g_free (p->buf);
2178  p->buf = NULL;
2179  p->bufsz = 0;
2180  return 0;
2181  }
2182  else if (p->buf == 0)
2183  {
2184  p->buf = g_malloc0 (sz);
2185  if (p->buf == NULL)
2186  return -1;
2187  p->bufsz = sz;
2188  p->bufptr = 0;
2189  p->bufcnt = 0;
2190  return 0;
2191  }
2192  else
2193  {
2194  if (p->bufcnt > 0)
2195  {
2196  memmove (p->buf, p->buf + p->bufptr, p->bufcnt);
2197  p->bufptr = 0;
2198  }
2199  b = g_realloc (p->buf, sz);
2200  if (b == NULL)
2201  return -1;
2202  p->buf = b;
2203  p->bufsz = sz;
2204  return 0;
2205  }
2206  /*NOTREACHED*/}
#define OVAS_CONNECTION_FROM_FD(fd)
Definition: network.c:127
#define OPENVAS_STREAM(x)
Definition: network.c:122
Here is the caller graph for this function:

◆ stream_set_timeout()

int stream_set_timeout ( int  ,
int   
)

Definition at line 1158 of file network.c.

References OPENVAS_STREAM, OVAS_CONNECTION_FROM_FD, and openvas_connection::timeout.

1159 {
1160  int old;
1161  openvas_connection *fp;
1162  if (!OPENVAS_STREAM (fd))
1163  {
1164  errno = EINVAL;
1165  return 0;
1166  }
1167  fp = OVAS_CONNECTION_FROM_FD (fd);
1168  old = fp->timeout;
1169  fp->timeout = timeout;
1170  return old;
1171 }
#define OVAS_CONNECTION_FROM_FD(fd)
Definition: network.c:127
#define OPENVAS_STREAM(x)
Definition: network.c:122

◆ stream_zero()

int stream_zero ( fd_set *  )

Definition at line 2130 of file network.c.

2131 {
2132  FD_ZERO (set);
2133  return 0;
2134 }

◆ write_stream_connection()

int write_stream_connection ( int  ,
void *  buf,
int  n 
)

Definition at line 1571 of file network.c.

Referenced by ftp_get_pasv_address(), and nasl_telnet_init().

1572 {
1573  return write_stream_connection4 (fd, buf0, n, 0);
1574 }
Here is the caller graph for this function: