OpenVAS Scanner  7.0.0~git
plugs_req.c
Go to the documentation of this file.
1 /* Portions Copyright (C) 2009-2019 Greenbone Networks GmbH
2  * Portions Copyright (C) 2006 Software in the Public Interest, Inc.
3  * Based on work Copyright (C) 1998 - 2006 Tenable Network Security, Inc.
4  *
5  * SPDX-License-Identifier: GPL-2.0-only
6  *
7  * This program is free software; you can redistribute it and/or
8  * modify it under the terms of the GNU General Public License
9  * version 2 as published by the Free Software Foundation.
10  *
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14  * GNU General Public License for more details.
15  *
16  * You should have received a copy of the GNU General Public License
17  * along with this program; if not, write to the Free Software
18  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
19  */
20 
26 #include "plugs_req.h"
27 
28 #include "pluginscheduler.h"
29 
30 #include <gvm/base/prefs.h> /* for prefs_get() */
31 #include <gvm/util/nvticache.h>
32 #include <regex.h> /* for regcomp() */
33 #include <stdio.h> /* for snprintf() */
34 #include <stdlib.h> /* for atoi() */
35 #include <string.h> /* for strcmp() */
36 
37 /**********************************************************
38 
39  Private Functions
40 
41 ***********************************************************/
42 
43 extern int
44 kb_get_port_state_proto (kb_t, int, char *);
45 
51 static int
52 get_closed_ports (kb_t kb, char *ports_list, char *proto)
53 {
54  int i;
55  char **ports;
56 
57  if (!ports_list)
58  return -1;
59  ports = g_strsplit (ports_list, ", ", 0);
60  for (i = 0; ports[i] != NULL; i++)
61  {
62  int iport = atoi (ports[i]);
63  if (iport > 0 && kb_get_port_state_proto (kb, iport, proto) != 0)
64  {
65  g_strfreev (ports);
66  return iport;
67  }
68  else
69  {
70  if (kb_item_get_int (kb, ports[i]) > 0)
71  {
72  g_strfreev (ports);
73  return 1; /* should be the actual value indeed ! */
74  }
75  }
76  }
77  g_strfreev (ports);
78  return 0; /* found nothing */
79 }
80 
81 /**********************************************************
82 
83  Public Functions
84 
85 ***********************************************************/
86 
95 static int
96 kb_missing_keyname_of_namelist (kb_t kb, char *keys, char **keyname)
97 {
98  int i;
99  char **keynames;
100  if (!kb || !keys || !*keys)
101  return 0;
102 
103  keynames = g_strsplit (keys, ", ", 0);
104  if (!keynames)
105  return 0;
106  for (i = 0; keynames[i] != NULL; i++)
107  {
108  struct kb_item *kbi =
109  kb_item_get_single (kb, keynames[i], KB_TYPE_UNSPEC);
110 
111  if (kbi == NULL)
112  {
113  if (keyname)
114  *keyname = g_strdup (keynames[i]);
115  g_strfreev (keynames);
116  return 1;
117  }
118 
119  kb_item_free (kbi);
120  }
121 
122  g_strfreev (keynames);
123  return 0; /* All of the keys are present in the kb */
124 }
125 
134 static int
135 kb_present_keyname_of_namelist (kb_t kb, char *keys, char **keyname)
136 {
137  int i;
138  char **keynames;
139 
140  if (!kb || !keys || !*keys)
141  return 0;
142 
143  keynames = g_strsplit (keys, ", ", 0);
144  if (!keynames)
145  return 0;
146  for (i = 0; keynames[i] != NULL; i++)
147  {
148  struct kb_item *kbi =
149  kb_item_get_single (kb, keynames[i], KB_TYPE_UNSPEC);
150 
151  if (kbi != NULL)
152  {
153  if (keyname)
154  *keyname = g_strdup (keynames[i]);
155  kb_item_free (kbi);
156  g_strfreev (keynames);
157  return 1;
158  }
159  }
160 
161  g_strfreev (keynames);
162  return 0;
163 }
164 
172 static int
173 check_mandatory_keys (kb_t kb, char *keys)
174 {
175  int i;
176  char **keynames;
177 
178  if (!kb || !keys || !*keys)
179  return 0;
180  keynames = g_strsplit (keys, ", ", 0);
181  if (!keynames)
182  return 0;
183  for (i = 0; keynames[i] != NULL; i++)
184  {
185  struct kb_item *kbi;
186  char *re_str = NULL, *pos;
187 
188  /* Split, if key requires RE matching. */
189  if ((pos = strstr (keynames[i], "=")))
190  {
191  re_str = pos + 1;
192  *pos = '\0';
193  }
194 
195  kbi = kb_item_get_single (kb, keynames[i], KB_TYPE_UNSPEC);
196  if (!kbi)
197  {
198  g_strfreev (keynames);
199  return 1;
200  }
201 
202  if (re_str)
203  {
204  regex_t re;
205 
206  /* Check if RE matches. */
207  if (kbi->type != KB_TYPE_STR || !kbi->v_str)
208  {
209  g_strfreev (keynames);
210  kb_item_free (kbi);
211  return 1;
212  }
213  if (regcomp (&re, re_str, REG_EXTENDED | REG_NOSUB | REG_ICASE))
214  {
215  g_warning ("Couldn't compile regex %s", re_str);
216  g_strfreev (keynames);
217  kb_item_free (kbi);
218  return 1;
219  }
220  if (regexec (&re, kbi->v_str, 0, NULL, 0) == REG_NOMATCH)
221  {
222  g_strfreev (keynames);
223  kb_item_free (kbi);
224  regfree (&re);
225  return 1;
226  }
227  regfree (&re);
228  }
229  kb_item_free (kbi);
230  }
231 
232  g_strfreev (keynames);
233  return 0;
234 }
235 
246 int
247 mandatory_requirements_met (kb_t kb, nvti_t *nvti)
248 {
249  int ret;
250 
251  ret = check_mandatory_keys (kb, nvti_mandatory_keys (nvti));
252 
253  if (ret)
254  return 0;
255  return 1;
256 }
257 
263 char *
264 requirements_plugin (kb_t kb, nvti_t *nvti)
265 {
266  static char error[64];
267  char *errkey = NULL, *keys, *tcp, *udp;
268  const char *opti = prefs_get ("optimization_level");
269 
270  /*
271  * Check whether the good ports are open
272  */
273  error[sizeof (error) - 1] = '\0';
274  tcp = nvti_required_ports (nvti);
275  if (tcp && *tcp && (get_closed_ports (kb, tcp, "tcp")) == 0)
276  {
277  strncpy (error, "none of the required tcp ports are open",
278  sizeof (error) - 1);
279  return error;
280  }
281 
282  udp = nvti_required_udp_ports (nvti);
283  if (udp && *udp && (get_closed_ports (kb, udp, "udp")) == 0)
284  {
285  strncpy (error, "none of the required udp ports are open",
286  sizeof (error) - 1);
287  return error;
288  }
289 
290  if (opti != NULL && (strcmp (opti, "open_ports") == 0 || atoi (opti) == 1))
291  return NULL;
292 
293  /*
294  * Check whether a key we wanted is missing
295  */
296  keys = nvti_required_keys (nvti);
297  if (kb_missing_keyname_of_namelist (kb, keys, &errkey))
298  {
299  snprintf (error, sizeof (error), "because the key %s is missing", errkey);
300  g_free (errkey);
301  return error;
302  }
303 
304  if (opti != NULL && (strcmp (opti, "required_keys") == 0 || atoi (opti) == 2))
305  return NULL;
306 
307  /*
308  * Check whether a key we do not want is present
309  */
310  keys = nvti_excluded_keys (nvti);
311  if (kb_present_keyname_of_namelist (kb, keys, &errkey))
312  {
313  snprintf (error, sizeof (error), "because the key %s is present", errkey);
314  g_free (errkey);
315  return error;
316  }
317  return NULL;
318 }
get_closed_ports
static int get_closed_ports(kb_t kb, char *ports_list, char *proto)
Returns whether a port in a port list is closed or not.
Definition: plugs_req.c:52
requirements_plugin
char * requirements_plugin(kb_t kb, nvti_t *nvti)
Determine if the plugin requirements are met.
Definition: plugs_req.c:264
check_mandatory_keys
static int check_mandatory_keys(kb_t kb, char *keys)
Checks mandatory keys presence and value in the KB.
Definition: plugs_req.c:173
kb_missing_keyname_of_namelist
static int kb_missing_keyname_of_namelist(kb_t kb, char *keys, char **keyname)
Returns the name of the first key which is not present in the kb.
Definition: plugs_req.c:96
kb_present_keyname_of_namelist
static int kb_present_keyname_of_namelist(kb_t kb, char *keys, char **keyname)
Returns the name of the first key which is present in the kb.
Definition: plugs_req.c:135
mandatory_requirements_met
int mandatory_requirements_met(kb_t kb, nvti_t *nvti)
Check whether mandatory requirements for plugin are met.
Definition: plugs_req.c:247
pluginscheduler.h
header for pluginscheduler.c
plugs_req.h
plugs_req.c header.
kb_get_port_state_proto
int kb_get_port_state_proto(kb_t, int, char *)
Definition: plugutils.c:110