tree_cell* script_get_preference_file_location(lex_ctxt* lexic) { struct arglist *script_infos = lexic->script_infos; tree_cell *retc; char *pref = get_str_var_by_num(lexic, 0); const char *value, *local; int len; /* * Getting the local file name is not dangerous, but * only signed scripts can access files uploaded by the user */ if (check_authenticated(lexic) < 0) { nasl_perror(lexic, "script_get_preference_file_location: script is not authenticated!\n"); return NULL; } if(pref == NULL) { nasl_perror(lexic, "script_get_preference_file_location: no preference name!\n"); return NULL; } value = get_plugin_preference(script_infos, pref); if(value == NULL) { nasl_perror(lexic, "script_get_preference_file_location: could not get preference %s\n", pref); return NULL; } local = get_plugin_preference_fname(script_infos, value); if(local == NULL) { nasl_perror(lexic, "script_get_preference_file_location: could not get local file name from preference %s\n", pref); return NULL; } len = strlen(local); retc = alloc_typed_cell(CONST_DATA); retc->size = len; retc->x.str_val = emalloc(len+1); memcpy(retc->x.str_val, local, len+1); return retc; }
tree_cell * nasl_shared_socket_release( lex_ctxt * lexic ) { char * name = get_str_var_by_num(lexic, 0); int fd; struct arglist * script_infos = lexic->script_infos; if ( name == NULL ) { fprintf(stderr, "Usage: shared_socket_release(<name>)\n"); return NULL; } if ( strncmp(name, SECRET_SOCKET_PREFIX, strlen(SECRET_SOCKET_PREFIX)) == 0 && check_authenticated(lexic) < 0 ) return NULL; shared_socket_release(script_infos, name); return NULL; }
tree_cell * nasl_shared_socket_register( lex_ctxt * lexic ) { char * name = get_str_local_var_by_name(lexic, "name"); int soc = get_int_local_var_by_name(lexic, "socket", -1); struct arglist * script_infos = lexic->script_infos; int type, opt_len = sizeof(type); if ( name == NULL || soc < 0 ) { fprintf(stderr, "Usage: shared_socket_register(name:<name>, socket:<soc>)\n"); return NULL; } if ( strncmp(name, SECRET_SOCKET_PREFIX, strlen(SECRET_SOCKET_PREFIX)) == 0 && check_authenticated(lexic) < 0 ) return NULL; shared_socket_register(script_infos, soc, name); return FAKE_CELL; }
tree_cell * nasl_shared_socket_acquire( lex_ctxt * lexic ) { char * name = get_str_var_by_num(lexic, 0); int fd; tree_cell * retc; struct arglist * script_infos = lexic->script_infos; if ( name == NULL ) { fprintf(stderr, "Usage: shared_socket_acquire(<name>)\n"); return NULL; } if ( strncmp(name, SECRET_SOCKET_PREFIX, strlen(SECRET_SOCKET_PREFIX)) == 0 && check_authenticated(lexic) < 0 ) return NULL; fd = shared_socket_acquire(script_infos, name); if ( fd < 0 ) return NULL; retc = alloc_tree_cell(0, NULL); retc->type = CONST_INT; retc->x.i_val = fd; return retc; }
tree_cell * script_get_preference_file_content(lex_ctxt * lexic) { struct arglist * script_infos = lexic->script_infos; tree_cell * retc; char * pref = get_str_var_by_num(lexic, 0); char * value; int fd, n; struct stat st; char * buffer; /* * Only signed scripts can access files uploaded by the user */ if (check_authenticated(lexic) < 0) { nasl_perror(lexic, "script_get_preference_file_content: script is not authenticated!\n"); return NULL; } if(pref == NULL){ nasl_perror(lexic, "Argument error in the function script_get_preference()\n"); nasl_perror(lexic, "Function usage is : pref = script_get_preference_file_content(<name>)\n"); return NULL; } value = get_plugin_preference(script_infos, pref); if(value == NULL) return NULL; value = (char*)get_plugin_preference_fname(script_infos, value); if ( value == NULL ) return FAKE_CELL; fd = open(value, O_RDONLY); if (fd < 0) { nasl_perror(lexic, "script_get_preference_file_content: open(%s): %s\n", value, strerror(errno)); return NULL; } if (fstat(fd, &st) < 0) { nasl_perror(lexic, "script_get_preference_file_content: fstat(%s): %s\n", value, strerror(errno)); return NULL; } buffer = emalloc ( st.st_size ); n = 0; while ( n < (int)st.st_size ) { int e; errno = 0; e = read(fd, buffer + n , (int)st.st_size - n); if (e > 0) n+= e; else if (e == 0) /* EOF */ { nasl_perror(lexic, "script_get_preference_file_content: unexpected EOF on %s\n", value); break; } else /* error */ if (errno == EINTR) continue; else { nasl_perror(lexic, "script_get_preference_file_content: read(%s): %s", value, strerror(errno)); break; } } close(fd); retc = alloc_tree_cell(0, NULL); retc->type = CONST_DATA; retc->size = n; retc->x.str_val = buffer; return retc; }
tree_cell* nasl_same_host(lex_ctxt* lexic) { tree_cell *retc; struct hostent *h; char *hn[2], **names[2]; struct in_addr ia, *a[2]; int i, j, n[2], names_nb[2], flag; int cmp_hostname = get_int_local_var_by_name(lexic, "cmp_hostname", 0); if ( check_authenticated(lexic) < 0 ) return NULL; for (i = 0; i < 2; i ++) { hn[i] = get_str_var_by_num(lexic, i); if (hn[i] == NULL) { nasl_perror(lexic, "same_host needs two parameters!\n"); return NULL; } if ( strlen(hn[i]) >= 256 ) { nasl_perror(lexic, "same_host(): Too long hostname !\n"); return NULL; } } for (i = 0; i < 2; i ++) { if (! inet_aton(hn[i], &ia)) /* Not an IP address */ { h = gethostbyname(hn[i]); if (h == NULL) { nasl_perror("same_host: %s does not resolve\n", hn[i]); n[i] = 0; if (cmp_hostname) { names_nb[i] = 1; names[i] = emalloc(sizeof(char*)); names[i][0] = estrdup(hn[i]); } } else { for (names_nb[i] = 0; h->h_aliases[names_nb[i]] != NULL; names_nb[i]++) ; names_nb[i] ++; names[i] = emalloc(sizeof(char*) * names_nb[i]); names[i][0] = estrdup(h->h_name); for (j = 1; j < names_nb[i]; j ++) names[i][j] = estrdup(h->h_aliases[j-1]); /* Here, we should check that h_addrtype == AF_INET */ for (n[i] = 0; ((struct in_addr**) h->h_addr_list)[n[i]] != NULL; n[i] ++) ; a[i] = emalloc(h->h_length * n[i]); for (j = 0; j < n[i]; j ++) a[i][j] = *((struct in_addr**) h->h_addr_list)[j]; } } else { if (cmp_hostname) h = gethostbyaddr((const char *)&ia, sizeof(ia), AF_INET); else h = NULL; if (h == NULL) { a[i] = emalloc(sizeof(struct in_addr)); memcpy(a[i], &ia, sizeof(struct in_addr)); n[i] = 1; } else { for (names_nb[i] = 0; h->h_aliases[names_nb[i]] != NULL; names_nb[i]++) ; names_nb[i] ++; names[i] = emalloc(sizeof(char*) * names_nb[i]); names[i][0] = estrdup(h->h_name); for (j = 1; j < names_nb[i]; j ++) names[i][j] = estrdup(h->h_aliases[j-1]); /* Here, we should check that h_addrtype == AF_INET */ for (n[i] = 0; ((struct in_addr**) h->h_addr_list)[n[i]] != NULL; n[i] ++) ; a[i] = emalloc(h->h_length * n[i]); for (j = 0; j < n[i]; j ++) a[i][j] = *((struct in_addr**) h->h_addr_list)[j]; } } } #if 0 fprintf(stderr, "N1=%d\tN2=%d\n", n[0], n[1]); #endif flag = 0; for (i = 0; i < n[0] && ! flag; i ++) for (j = 0; j < n[1] && ! flag; j ++) if (a[0][i].s_addr == a[1][j].s_addr) { flag = 1; #if 0 fprintf(stderr, "%s == ", inet_ntoa(a[0][i])); fprintf(stderr, "%s\n", inet_ntoa(a[1][j])); #endif } #if 0 else { fprintf(stderr, "%s != ", inet_ntoa(a[0][i])); fprintf(stderr, "%s\n", inet_ntoa(a[1][j])); } #endif if (cmp_hostname) for (i = 0; i < names_nb[0] && ! flag; i ++) for (j = 0; j < names_nb[1] && ! flag; j ++) if(strcmp(names[0][i], names[1][j]) == 0) { #if 0 fprintf(stderr, "%s == %s\n", names[0][i], names[1][j]); #endif flag = 1; } #if 0 else fprintf(stderr, "%s != %s\n", names[0][i], names[1][j]); #endif retc = alloc_typed_cell(CONST_INT); retc->x.i_val = flag; for (i = 0; i < 2; i ++) efree(&a[i]); if (cmp_hostname) { for (i = 0; i < 2; i ++) for (j = 0; j < names_nb[i]; j ++) efree(&names[i][j]); efree(&names[i]); } return retc; }