31 #include <sys/types.h> 44 #include <gnutls/gnutls.h> 45 #include <gnutls/x509.h> 48 #include "../base/kb.h" 61 #define INADDR_NONE 0xffffffff 99 #define OPENVAS_FD_MAX 1024 100 #define OPENVAS_FD_OFF 1000000 122 #define OPENVAS_STREAM(x) (((x - OPENVAS_FD_OFF) < OPENVAS_FD_MAX) && ((x - OPENVAS_FD_OFF) >=0)) 127 #define OVAS_CONNECTION_FROM_FD(fd) (connections + ((fd) - OPENVAS_FD_OFF)) 132 static pid_t pid = 0;
133 pid_t cpid = getpid ();
142 renice_result = nice (1);
143 if (renice_result == -1 && errno != 0)
154 pid_perror (
const char *error)
179 get_connection_fd (
void)
185 if (connections[i].pid == 0)
187 bzero (&(connections[i]),
sizeof (connections[i]));
188 connections[i].
pid = getpid ();
193 getpid (), __FILE__, __LINE__);
201 release_connection_fd (
int fd,
int already_closed)
226 "[%d] release_connection_fd: fd > 0 fd=%d\n", getpid (), p->
fd);
228 if (shutdown (p->
fd, 2) < 0)
236 pid_perror (
"release_connection_fd: shutdown()");
240 pid_perror (
"release_connection_fd: close()");
246 gnutls_certificate_free_credentials (p->
tls_cred);
251 bzero (p,
sizeof (*p));
268 gnutls_certificate_credentials_t certcred,
274 if ((fd = get_connection_fd ()) < 0)
307 bzero (p,
sizeof (*p));
316 static int __port_closed;
319 unblock_socket (
int soc)
321 int flags = fcntl (soc, F_GETFL, 0);
324 pid_perror (
"fcntl(F_GETFL)");
327 if (fcntl (soc, F_SETFL, O_NONBLOCK | flags) < 0)
329 pid_perror (
"fcntl(F_SETFL,O_NONBLOCK)");
336 block_socket (
int soc)
338 int flags = fcntl (soc, F_GETFL, 0);
341 pid_perror (
"fcntl(F_GETFL)");
344 if (fcntl (soc, F_SETFL, (~O_NONBLOCK) & flags) < 0)
346 pid_perror (
"fcntl(F_SETFL,~O_NONBLOCK)");
366 log_message_gnutls (
int level,
const char *msg)
379 gnutls_global_set_log_level (2);
380 gnutls_global_set_log_function (log_message_gnutls);
383 int ret = gnutls_global_init ();
386 tlserror (
"gnutls_global_init", ret);
402 "[%d] openvas_get_socket_from_connection: bad fd <%d>\n",
411 "openvas_get_socket_from_connection: fd <%d> is closed\n", fd);
436 const char *priority)
438 const char * priorities;
445 priorities =
"NORMAL:-VERS-TLS-ALL:+VERS-SSL3.0";
448 priorities =
"NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0";
451 priorities =
"NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1";
454 priorities =
"NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2";
457 priorities =
"NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0:+VERS-SSL3.0";
465 priorities = priority;
469 if ((
err = gnutls_priority_set_direct (session, priorities, &errloc)))
472 getpid (), errloc, gnutls_strerror (
err));
488 load_cert_and_key (gnutls_certificate_credentials_t xcred,
const char *cert,
489 const char *key,
const char *passwd)
491 gnutls_x509_crt_t x509_crt = NULL;
492 gnutls_x509_privkey_t x509_key = NULL;
504 ret = gnutls_x509_crt_init (&x509_crt);
507 tlserror (
"gnutls_x509_crt_init", ret);
513 ret = gnutls_x509_crt_import (x509_crt, &data, GNUTLS_X509_FMT_PEM);
516 tlserror (
"gnutls_x509_crt_import", ret);
529 ret = gnutls_x509_privkey_init (&x509_key);
532 tlserror (
"gnutls_x509_privkey_init", ret);
541 gnutls_x509_privkey_import_pkcs8 (x509_key, &data, GNUTLS_X509_FMT_PEM,
545 tlserror (
"gnutls_x509_privkey_import_pkcs8", ret);
552 ret = gnutls_x509_privkey_import (x509_key, &data, GNUTLS_X509_FMT_PEM);
555 tlserror (
"gnutls_x509_privkey_import", ret);
562 ret = gnutls_certificate_set_x509_key (xcred, &x509_crt, 1, x509_key);
565 tlserror (
"gnutls_certificate_set_x509_key", ret);
573 gnutls_x509_crt_deinit (x509_crt);
575 gnutls_x509_privkey_deinit (x509_key);
581 is_ip_address (
const char *str)
583 struct sockaddr_in sa;
584 struct sockaddr_in6 sa6;
586 if (inet_pton (AF_INET, str, &(sa.sin_addr)) == 1)
589 return inet_pton (AF_INET6, str, &(sa6.sin6_addr)) == 1;
594 const char *key,
const char *passwd,
const char *cafile,
595 const char *hostname)
602 ret = gnutls_init (&(fp->
tls_session), GNUTLS_CLIENT);
619 if (hostname && !is_ip_address (hostname))
620 gnutls_server_name_set (fp->
tls_session, GNUTLS_NAME_DNS, hostname,
623 ret = gnutls_certificate_allocate_credentials (&(fp->
tls_cred));
626 tlserror (
"gnutls_certificate_allocate_credentials", ret);
630 gnutls_credentials_set (fp->
tls_session, GNUTLS_CRD_CERTIFICATE,
634 tlserror (
"gnutls_credentials_set", ret);
638 if (cert != NULL && key != NULL)
640 if (load_cert_and_key (fp->
tls_cred, cert, key, passwd) < 0)
647 gnutls_certificate_set_x509_trust_file (fp->
tls_cred, cafile,
648 GNUTLS_X509_FMT_PEM);
651 tlserror (
"gnutls_certificate_set_x509_trust_file", ret);
656 unblock_socket (fp->
fd);
659 (gnutls_transport_ptr_t) GSIZE_TO_POINTER (fp->
fd));
661 tictac = time (NULL);
670 if (
err != GNUTLS_E_INTERRUPTED &&
err != GNUTLS_E_AGAIN
671 &&
err != GNUTLS_E_WARNING_ALERT_RECEIVED)
680 FD_SET (fp->
fd, &fdr);
682 FD_SET (fp->
fd, &fdw);
686 d = tictac + fp->
timeout - time (NULL);
695 if ((ret = select (fp->
fd + 1, &fdr, &fdw, NULL, &to)) <= 0)
698 pid_perror (
"select");
702 while (ret < 0 && errno == EINTR);
717 char *ids_evasion_split, *ids_evasion_inject, *ids_evasion_short_ttl;
718 char *ids_evasion_fake_rst;
721 if (kb_item_get_int (
kb,
"NIDS/TCP/enabled") != 1)
724 ids_evasion_split = kb_item_get_str (
kb,
"NIDS/TCP/split");
725 ids_evasion_inject = kb_item_get_str (
kb,
"NIDS/TCP/inject");
726 ids_evasion_short_ttl = kb_item_get_str (
kb,
"NIDS/TCP/short_ttl");
727 ids_evasion_fake_rst = kb_item_get_str (
kb,
"NIDS/TCP/fake_rst");
731 if (ids_evasion_split != NULL && strcmp (ids_evasion_split,
"yes") == 0)
734 if (ids_evasion_inject != NULL && strcmp (ids_evasion_inject,
"yes") == 0)
737 if (ids_evasion_short_ttl != NULL
738 && strcmp (ids_evasion_short_ttl,
"yes") == 0)
745 if (ids_evasion_fake_rst != NULL && strcmp (ids_evasion_fake_rst,
"yes") == 0)
751 (void) setsockopt (fp->
fd, SOL_SOCKET, SO_SNDLOWAT, (
void *) &n,
755 g_free (ids_evasion_split);
756 g_free (ids_evasion_inject);
757 g_free (ids_evasion_short_ttl);
758 g_free (ids_evasion_fake_rst);
773 char *cert = NULL, *key = NULL, *passwd = NULL, *cafile = NULL;
774 char *hostname = NULL;
786 cert = kb_item_get_str (
kb,
"SSL/cert");
787 key = kb_item_get_str (
kb,
"SSL/key");
788 passwd = kb_item_get_str (
kb,
"SSL/password");
789 cafile = kb_item_get_str (
kb,
"SSL/CA");
790 snprintf (buf,
sizeof (buf),
"Host/SNI/%d/force_disable", fp->
port);
791 if (kb_item_get_int (
kb, buf) <= 0)
796 if (open_SSL_connection (fp, cert, key, passwd, cafile, hostname) <= 0)
799 release_connection_fd (fd, 0);
815 gnutls_session_t session;
816 const gnutls_datum_t *cert_list;
817 unsigned int cert_list_len = 0;
819 if (!cert || !certlen)
832 if (gnutls_certificate_type_get (session) != GNUTLS_CRT_X509)
834 cert_list = gnutls_certificate_get_peers (session, &cert_list_len);
835 if (cert_list_len == 0)
837 *certlen = cert_list[0].size;
838 *cert = g_memdup (cert_list[0].data, *certlen);
851 gnutls_session_t session;
852 gnutls_protocol_t version;
866 version = gnutls_protocol_get_version (session);
892 gnutls_session_t session;
894 *ssize = GNUTLS_MAX_SESSION_ID;
910 tmp = g_malloc0 (*ssize);
911 ret = gnutls_session_get_id (session, tmp, ssize);
912 if (ret == GNUTLS_E_SUCCESS)
918 tlserror (
"gnutls_session_id", ret);
932 gnutls_session_t session;
946 switch (gnutls_compression_get (session))
948 case GNUTLS_COMP_NULL:
950 case GNUTLS_COMP_DEFLATE:
967 gnutls_session_t session;
968 gnutls_kx_algorithm_t kx, kx2;
969 gnutls_cipher_algorithm_t cipher, cipher2;
970 gnutls_mac_algorithm_t mac, mac2;
972 unsigned char cs_id[2];
986 kx = gnutls_kx_get (session);
987 cipher = gnutls_cipher_get (session);
988 mac = gnutls_mac_get (session);
989 while (gnutls_cipher_suite_info (idx, (
void *) cs_id, &kx2, &cipher2, &mac2,
992 if (kx == kx2 && cipher == cipher2 && mac == mac2)
993 return cs_id[0] + cs_id[1];
1005 int transport,
int timeout,
const char *priority)
1011 char *passwd = NULL;
1012 char *cafile = NULL;
1013 char *hostname = NULL;
1020 "[%d] open_stream_connection: TCP:%d transport:%d timeout:%d " 1021 " priority: '%s'\n",
1022 getpid (), port, transport, timeout, priority);
1043 " layer %d\n", transport);
1048 if ((fd = get_connection_fd ()) < 0)
1055 fp->
priority = g_strdup (priority);
1061 set_ids_evasion_mode (args, fp);
1085 cert = kb_item_get_str (
kb,
"SSL/cert");
1086 key = kb_item_get_str (
kb,
"SSL/key");
1087 passwd = kb_item_get_str (
kb,
"SSL/password");
1089 cafile = kb_item_get_str (
kb,
"SSL/CA");
1095 snprintf (buf,
sizeof (buf),
"Host/SNI/%d/force_disable", fp->
port);
1096 if (kb_item_get_int (
kb, buf) <= 0)
1098 ret = open_SSL_connection (fp, cert, key, passwd, cafile, hostname);
1111 release_connection_fd (fd, 0);
1118 int transport,
int timeout)
1121 "NORMAL:+ARCFOUR-128");
1128 int timeout,
int force)
1174 read_stream_connection_unbuffered (
int fd,
void *buf0,
int min_len,
int max_len)
1176 int ret, realfd, trp, t;
1177 int total = 0, flag = 0, timeout =
TIMEOUT, waitall = 0;
1178 unsigned char *buf = (
unsigned char *) buf0;
1187 log_lecacy_write (
"read_stream_connection(%d, 0x%x, %d, %d)\n", fd, buf,
1203 log_lecacy_write (
"read_stream_connection[%d] : supposedly bad fd %d\n",
1207 if (fd < 0 || fd > 1024)
1215 #ifndef INCR_TIMEOUT 1216 # define INCR_TIMEOUT 1 1219 if (min_len == max_len || timeout <= 0)
1220 waitall = MSG_WAITALL;
1223 for (t = 0; total < max_len && (timeout <= 0 || t < timeout);)
1228 FD_SET (realfd, &fdr);
1229 if (select (realfd + 1, &fdr, NULL, NULL, timeout > 0 ? &tv : NULL) <=
1234 if (total > 0 && flag)
1236 else if (total >= min_len)
1242 ret = recv (realfd, buf + total, max_len - total, waitall);
1258 if (min_len > 0 && total >= min_len)
1279 if (getpid () != fp->
pid)
1281 log_lecacy_write (
"PID %d tries to use a SSL connection established " 1283 getpid (), fp->
pid);
1290 for (t = 0; timeout <= 0 || t < timeout; t = now - then)
1297 FD_SET (realfd, &fdr);
1298 FD_SET (realfd, &fdw);
1300 select_status = select (realfd + 1, &fdr, &fdw, NULL, &tv);
1302 if (select_status > 0)
1311 if (total >= max_len)
1314 else if (ret != GNUTLS_E_INTERRUPTED && ret != GNUTLS_E_AGAIN)
1325 tlserror (
"gnutls_record_recv", ret);
1329 log_lecacy_write (
"gnutls_record_recv[%d]: EOF\n",
1338 if (min_len > 0 && total >= min_len)
1351 "fd=%d is closed\n",
1367 if (fp->
buf != NULL)
1376 memcpy (buf0, fp->
buf + fp->
bufptr, l2);
1385 if (l2 >= min_len || l2 >= max_len)
1390 if (min_len > fp->
bufsz)
1393 read_stream_connection_unbuffered (fd, (
char *) buf0 + l2,
1402 read_stream_connection_unbuffered (fd, fp->
buf, min_len, fp->
bufsz);
1408 memcpy ((
char *) buf0 + l2, fp->
buf + fp->
bufptr, l1);
1417 return read_stream_connection_unbuffered (fd, buf0, min_len, max_len);
1427 write_stream_connection4 (
int fd,
void *buf0,
int n,
int i_opt)
1430 unsigned char *buf = (
unsigned char *) buf0;
1439 log_lecacy_write (
"write_stream_connection: fd <%d> invalid\n", fd);
1453 "> write_stream_connection(%d, %s, %d, 0x%x) \tE=%d 0=0x%x\n", fd,
1460 for (count = 0; count < n;)
1466 ret = send (fp->
fd, buf + count, 1, i_opt);
1472 ret = send (fp->
fd, buf + count, n - count, i_opt);
1496 for (count = 0; count < n;)
1498 ret = gnutls_record_send (fp->
tls_session, buf + count, n - count);
1504 else if (ret != GNUTLS_E_INTERRUPTED && ret != GNUTLS_E_AGAIN)
1514 tlserror (
"gnutls_record_send", ret);
1518 log_lecacy_write (
"gnutls_record_send[%d]: EOF\n", getpid ());
1536 FD_SET (fp->
fd, &fdr);
1537 FD_SET (fp->
fd, &fdw);
1538 e = select (fp->
fd + 1, &fdr, &fdw, NULL, &tv);
1540 while (e < 0 && errno == EINTR);
1545 pid_perror (
"select");
1564 if (count == 0 && n > 0)
1573 return write_stream_connection4 (fd, buf0, n, 0);
1577 nsend (
int fd,
void *data,
int length,
int i_opt)
1586 return write_stream_connection4 (fd, data, length, i_opt);
1602 e = select (fd + 1, NULL, &wr, NULL, &tv);
1604 n =
os_send (fd, data, length, i_opt);
1605 else if (e < 0 && errno == EINTR)
1610 while (n <= 0 && errno == EINTR);
1618 nrecv (
int fd,
void *data,
int length,
int i_opt)
1639 e = recv (fd, data, length, i_opt);
1641 while (e < 0 && errno == EINTR);
1664 for (hook = csc_hooks; hook; hook = hook->
next)
1668 hook = g_malloc0 (
sizeof *hook);
1670 hook->
next = csc_hooks;
1688 run_csc_hooks (
int fd)
1692 for (hook = csc_hooks; hook; hook = hook->
next)
1693 if (hook->
fnc && !hook->
fnc (fd))
1714 if (fd < 0 || fd > 1024)
1722 if (!run_csc_hooks (fd))
1723 return release_connection_fd (fd, 1);
1725 return release_connection_fd (fd, 0);
1731 static char str[100];
1753 snprintf (str,
sizeof (str),
"[unknown transport layer - code %d (0x%x)]",
code,
code);
1761 static char str[100];
1773 return " through SSL";
1775 snprintf (str,
sizeof (str),
" through unknown transport layer - code %d (0x%x)",
code,
code);
1781 open_socket (
struct sockaddr *paddr,
int type,
int protocol,
1782 int timeout,
int len)
1788 unsigned int opt_sz;
1793 if (paddr->sa_family == AF_INET)
1796 if ((soc = socket (AF_INET, type, protocol)) < 0)
1798 pid_perror (
"socket");
1805 if ((soc = socket (AF_INET6, type, protocol)) < 0)
1807 pid_perror (
"socket");
1816 if (unblock_socket (soc) < 0)
1824 if (connect (soc, paddr, len) < 0)
1827 pid_perror (
"connect");
1835 FD_SET (soc, &fd_w);
1836 to.tv_sec = timeout;
1838 x = select (soc + 1, NULL, &fd_w, NULL, &to);
1842 pid_perror (
"connect->select: timeout");
1855 pid_perror (
"select");
1861 opt_sz =
sizeof (opt);
1862 if (getsockopt (soc, SOL_SOCKET, SO_ERROR, &opt, &opt_sz) < 0)
1864 pid_perror (
"getsockopt");
1872 pid_perror (
"SO_ERROR");
1889 int protocol,
int timeout)
1891 struct sockaddr_in addr;
1892 struct sockaddr_in6 addr6;
1893 struct in6_addr in6addr;
1896 if (IN6_IS_ADDR_V4MAPPED (&in6addr))
1898 bzero ((
void *) &addr,
sizeof (addr));
1899 addr.sin_family = AF_INET;
1900 addr.sin_port = htons ((
unsigned short) port);
1901 addr.sin_addr.s_addr = in6addr.s6_addr32[3];
1902 return open_socket ((
struct sockaddr *) &addr, type, protocol,
1903 timeout,
sizeof (
struct sockaddr_in));
1907 bzero ((
void *) &addr6,
sizeof (addr6));
1908 addr6.sin6_family = AF_INET6;
1909 addr6.sin6_port = htons ((
unsigned short) port);
1910 memcpy (&addr6.sin6_addr, &in6addr, sizeof (
struct in6_addr));
1911 return open_socket ((
struct sockaddr *) &addr6, type, protocol,
1912 timeout,
sizeof (
struct sockaddr_in6));
1921 const char *timeout_retry;
1923 timeout_retry =
prefs_get (
"timeout_retry");
1925 retry = atoi (timeout_retry);
1933 if (ret >= 0 || errno != ETIMEDOUT)
1937 if (ret < 0 && errno == ETIMEDOUT)
1943 g_snprintf (buffer,
sizeof (buffer),
"ConnectTimeout/%s/%d", ip_str,
1945 log_count = kb_item_get_int (
kb, buffer);
1946 if (log_count == -1)
1951 kb_item_set_int (
kb, buffer, log_count);
1961 int protocol,
int timeout)
1963 struct sockaddr_in addr;
1964 struct sockaddr_in6 addr6;
1984 if (IN6_ARE_ADDR_EQUAL (t, &in6addr_any))
1986 if (IN6_IS_ADDR_V4MAPPED (t))
1988 bzero ((
void *) &addr,
sizeof (addr));
1989 addr.sin_family = AF_INET;
1990 addr.sin_port = htons ((
unsigned short) port);
1991 addr.sin_addr.s_addr = t->s6_addr32[3];
1992 return open_socket ((
struct sockaddr *) &addr, type, protocol,
1993 timeout,
sizeof (
struct sockaddr_in));
1997 bzero ((
void *) &addr6,
sizeof (addr6));
1998 addr6.sin6_family = AF_INET6;
1999 addr6.sin6_port = htons ((
unsigned short) port);
2000 memcpy (&addr6.sin6_addr, t, sizeof (
struct in6_addr));
2001 return open_socket ((
struct sockaddr *) &addr6, type, protocol,
2002 timeout,
sizeof (
struct sockaddr_in6));
2020 unsigned int ret = 0;
2025 unsigned int ret = 0;
2048 while (buf[ret - 1] !=
'\0' && buf[ret - 1] !=
'\n' && ret < bufsiz);
2052 if (buf[ret - 1] !=
'\0')
2057 buf[bufsiz - 1] =
'\0';
2074 e = select (soc + 1, &rd, NULL, NULL, NULL);
2075 if (e == 0 && !FD_ISSET (soc, &rd))
2077 if (e < 0 && errno == EINTR)
2081 n = recv (soc, buf + ret, 1, 0);
2102 while (buf[ret - 1] !=
'\0' && buf[ret - 1] !=
'\n' && ret < bufsiz);
2106 if (buf[ret - 1] !=
'\0')
2111 buf[bufsiz - 1] =
'\0';
2182 else if (p->
buf == 0)
2184 p->
buf = g_malloc0 (sz);
2199 b = g_realloc (p->
buf, sz);
2216 char *buf0 = (
char *) buf;
2218 for (n = 0; n < len;)
2221 e = send (soc, buf0 + n, len - n, opt);
2222 if (e < 0 && errno == EINTR)
2235 char *buf0 = (
char *) buf;
2237 for (n = 0; n < len;)
2240 e = recv (soc, buf0 + n, len - n, opt);
2241 if (e < 0 && errno == EINTR)
2272 e =
os_send (soc, &msg_type,
sizeof (msg_type), 0);
2278 len = strlen (data);
2280 e =
os_send (soc, &len,
sizeof (len), 0);
2283 e =
os_send (soc, data, len, 0);
2288 e =
os_recv (soc, &ack,
sizeof (ack), 0);
2329 log_legacy_write(
"%s doesn't support buffer pre-alloc anymore.", __func__);
2333 e =
os_recv (soc, &type,
sizeof (type), 0);
2339 e =
os_recv (soc, &len,
sizeof (len), 0);
2340 if (e < 0 || len < 0)
2347 buf = g_malloc0 (sz);
2349 e =
os_recv (soc, buf, len, 0);
2360 e =
os_send (soc, &ack,
sizeof (ack), 0);
2394 qsort_compar (
const void *a,
const void *b)
2396 u_short *aa = (u_short *) a;
2397 u_short *bb = (u_short *) b;
2420 unsigned short *tmp, *ports;
2421 int i = 0, j = 0, start, end;
2424 char *s_start, *s_end;
2425 static unsigned short *last_ret = NULL;
2426 static char *last_expr = NULL;
2427 static int last_num;
2429 expr = g_strdup (origexpr);
2430 exlen = strlen (origexpr);
2433 if (last_expr != NULL)
2435 if (strcmp (last_expr, expr) == 0)
2451 ports = g_malloc0 (65536 *
sizeof (
short));
2452 for (; j < exlen; j++)
2454 expr[i++] = expr[j];
2457 if ((s_start = strstr (expr,
"T:")) != NULL)
2458 expr = &(s_start[2]);
2460 if ((s_end = strstr (expr,
"U:")) != NULL)
2462 if (s_end[-1] ==
',')
2468 while ((p = strchr (expr,
',')))
2474 end = atoi (expr + 1);
2478 start = end = atoi (expr);
2479 if ((q = strchr (expr,
'-')) && *(q + 1))
2481 else if (q && !*(q + 1))
2492 for (j = start; j <= end; j++)
2499 end = atoi (expr + 1);
2503 start = end = atoi (expr);
2504 if ((q = strchr (expr,
'-')) && *(q + 1))
2506 else if (q && !*(q + 1))
2517 for (j = start; j <= end; j++)
2521 qsort (ports, i,
sizeof (u_short), qsort_compar);
2522 tmp = g_realloc (ports, i *
sizeof (
short));
2528 last_expr = g_strdup (origexpr);
2549 hostinfo = g_malloc0 (
sizeof (
struct host_info));
2555 hostinfo->
ip = g_malloc0 (
sizeof (
struct in6_addr));
2556 memcpy (hostinfo->
ip,
ip, sizeof (
struct in6_addr));
2571 g_free (hostinfo->
name);
2572 g_free (hostinfo->
fqdn);
2573 g_free (hostinfo->
vhosts);
2574 g_free (hostinfo->
ip);
int open_stream_connection_ext(struct arglist *args, unsigned int port, int transport, int timeout, const char *priority)
Object to store a list of hooks for close_stream_connection.
int open_sock_option(struct arglist *args, unsigned int port, int type, int protocol, int timeout)
const char * get_encaps_name(openvas_encaps_t code)
gnutls_session_t tls_session
int os_send(int soc, void *buf, int len, int opt)
void host_info_free(struct host_info *hostinfo)
Free a host_info struct.
#define OVAS_CONNECTION_FROM_FD(fd)
void unload_gnutls_file(gnutls_datum_t *data)
Unloads a gnutls_datum_t struct's data.
int open_stream_auto_encaps_ext(struct arglist *args, unsigned int port, int timeout, int force)
int openvas_deregister_connection(int fd)
int host_get_port_state(struct arglist *plugdata, int portnum)
int openvas_get_socket_from_connection(int fd)
#define OPENVAS_CNX_IDS_EVASION_SHORT_TTL
int open_stream_connection(struct arglist *args, unsigned int port, int transport, int timeout)
enum openvas_encaps openvas_encaps_t
Protos and data structures for NVT Information data sets.
int ids_open_sock_tcp(struct arglist *args, int port, int method, int timeout)
int stream_set(int fd, fd_set *set)
#define INTERNAL_COMM_CTRL_ACK
int openvas_register_connection(int soc, void *ssl, gnutls_certificate_credentials_t certcred, openvas_encaps_t encaps)
#define OPENVAS_CNX_IDS_EVASION_SEND_MASK
int recv_line(int soc, char *buf, size_t bufsiz)
Reads a text from the socket stream into the argument buffer, always.
void log_legacy_write(const char *format,...)
Legacy function to write a log message.
char * plug_get_host_fqdn(struct arglist *desc)
int stream_set_buffer(int fd, int sz)
int openvas_SSL_init()
Initializes SSL support.
const gchar * prefs_get(const gchar *key)
Get a string preference value via a key.
gnutls_session_t ovas_get_tlssession_from_connection(int fd)
int nsend(int fd, void *data, int length, int i_opt)
openvas_encaps_t transport
char * plug_get_host_ip_str(struct arglist *desc)
int read_stream_connection(int fd, void *buf0, int len)
#define OPENVAS_CNX_IDS_EVASION_INJECT
void plug_set_port_transport(struct arglist *args, int port, int tr)
int open_sock_tcp(struct arglist *args, unsigned int port, int timeout)
void arg_dump(struct arglist *args, int level)
gnutls_certificate_credentials_t tls_cred
void add_close_stream_connection_hook(int(*fnc)(int fd))
Register a hook function for close_stream_connection.
kb_t plug_get_kb(struct arglist *args)
int socket_get_ssl_version(int fd)
int socket_get_ssl_compression(int fd)
void socket_get_cert(int fd, void **cert, int *certlen)
unsigned short * getpts(char *origexpr, int *len)
Converts a string like "-100,200-1024,3000-4000,60000-" into an array.
void log_legacy_fflush(void)
Legacy function to flush a log message.
#define OPENVAS_STREAM(x)
int read_stream_connection_min(int fd, void *buf0, int min_len, int max_len)
int internal_recv(int soc, char **data, int *data_sz, int *msg_type)
Top-level KB. This is to be inherited by KB implementations.
int ids_send(int fd, void *buf0, int n, int method)
int stream_get_buffer_sz(int fd)
GnuTLS based functions for communication with an OpenVAS server - header file.
struct in6_addr * plug_get_host_ip(struct arglist *desc)
int nrecv(int fd, void *data, int length, int i_opt)
int socket_get_ssl_ciphersuite(int fd)
int stream_zero(fd_set *set)
int stream_get_err(int fd)
#define INTERNAL_COMM_MSG_TYPE_CTRL
int socket_negotiate_ssl(int fd, openvas_encaps_t transport, struct arglist *args)
struct timeval timeval(unsigned long val)
int write_stream_connection(int fd, void *buf0, int n)
int openvas_source_set_socket(int socket, int port, int family)
Binds a socket to use the global source address.
int open_sock_opt_hn(const char *hostname, unsigned int port, int type, int protocol, int timeout)
const char * get_encaps_through(openvas_encaps_t code)
#define OPENVAS_CNX_IDS_EVASION_FAKE_RST
int internal_send(int soc, char *data, int msg_type)
int openvas_resolve_as_addr6(const char *name, struct in6_addr *ip6)
Resolves a hostname to an IPv4-mapped IPv6 or IPv6 address.
void socket_get_ssl_session_id(int fd, void **sid, size_t *ssize)
int get_sock_infos(int sock, int *r_transport, void **r_tls_session)
int os_recv(int soc, void *buf, int len, int opt)
int socket_close(int soc)
int plug_get_port_transport(struct arglist *args, int port)
#define OPENVAS_CNX_IDS_EVASION_SPLIT
int stream_set_timeout(int fd, int timeout)
struct host_info * host_info_init(const char *name, const struct in6_addr *ip, const char *vhosts, const char *fqdn)
Initializes a host_info.
int load_gnutls_file(const char *file, gnutls_datum_t *loaded_file)
Loads a file's data into gnutls_datum_t struct.
void tlserror(char *txt, int err)
int close_stream_connection(int fd)