26 #include "../misc/network.h"
27 #include "../misc/nvt_categories.h"
28 #include "../misc/vendorversion.h"
35 #include <gnutls/gnutls.h>
37 #include <gvm/base/hosts.h>
38 #include <gvm/base/networking.h>
39 #include <gvm/base/nvti.h>
40 #include <gvm/base/prefs.h>
41 #include <gvm/util/kb.h>
42 #include <libssh/libssh.h>
50 #define MAP_FAILED ((void *) -1)
57 #define G_LOG_DOMAIN "lib nasl"
71 fprintf (stderr,
"[%d] (%d) %s", getpid (), level, text);
72 if (*text && text[strlen (text) - 1] !=
'\n')
85 if (prefs_get_bool (
"test_empty_vhost"))
88 gvm_vhost_new (addr6_as_str (
ip), g_strdup (
"IP-address"));
108 printf (
"%s could not be loaded\n", infos->
name);
112 infos->
oid = g_strdup (nvti_oid (
nvti));
139 if (gcry_control (GCRYCTL_ANY_INITIALIZATION_P))
141 gcry_check_version (NULL);
142 gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
143 gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0);
144 gcry_control (GCRYCTL_RESUME_SECMEM_WARN);
145 gcry_control (GCRYCTL_INITIALIZATION_FINISHED);
159 static gchar *target = NULL;
160 gchar *default_target =
"127.0.0.1";
161 int mode = 0, err = 0;
165 static gboolean display_version = FALSE;
166 static gboolean nasl_debug = FALSE;
167 static gboolean description_only = FALSE;
168 static gboolean both_modes = FALSE;
169 static gboolean parse_only = FALSE;
170 static gboolean do_lint = FALSE;
171 static gchar *trace_file = NULL;
172 static gchar *config_file = NULL;
173 static gchar *source_iface = NULL;
174 static gboolean with_safe_checks = FALSE;
175 static gboolean signing_mode = FALSE;
176 static gchar *include_dir = NULL;
177 static gchar **nasl_filenames = NULL;
178 static gchar **kb_values = NULL;
179 static int debug_tls = 0;
180 GError *error = NULL;
181 GOptionContext *option_context;
182 static GOptionEntry entries[] = {
183 {
"version",
'V', 0, G_OPTION_ARG_NONE, &display_version,
184 "Display version information", NULL},
185 {
"debug",
'd', 0, G_OPTION_ARG_NONE, &nasl_debug,
186 "Output debug information to stderr.", NULL},
187 {
"description",
'D', 0, G_OPTION_ARG_NONE, &description_only,
188 "Only run the 'description' part of the script", NULL},
189 {
"both",
'B', 0, G_OPTION_ARG_NONE, &both_modes,
190 "Run in description mode before running the script.", NULL},
191 {
"parse",
'p', 0, G_OPTION_ARG_NONE, &parse_only,
192 "Only parse the script, don't execute it", NULL},
193 {
"lint",
'L', 0, G_OPTION_ARG_NONE, &do_lint,
194 "'lint' the script (extended checks)", NULL},
195 {
"target",
't', 0, G_OPTION_ARG_STRING, &target,
196 "Execute the scripts against <target>",
"<target>"},
197 {
"trace",
'T', 0, G_OPTION_ARG_FILENAME, &trace_file,
198 "Log actions to <file> (or '-' for stderr)",
"<file>"},
199 {
"config-file",
'c', 0, G_OPTION_ARG_FILENAME, &config_file,
200 "Configuration file",
"<filename>"},
201 {
"source-iface",
'e', 0, G_OPTION_ARG_STRING, &source_iface,
202 "Source network interface for established connections.",
"<iface_name>"},
203 {
"safe",
's', 0, G_OPTION_ARG_NONE, &with_safe_checks,
204 "Specifies that the script should be run with 'safe checks' enabled",
206 {
"disable-signing",
'X', 0, G_OPTION_ARG_NONE, &signing_mode,
207 "Run the script with disabled signature verification", NULL},
208 {
"include-dir",
'i', 0, G_OPTION_ARG_STRING, &include_dir,
209 "Search for includes in <dir>",
"<dir>"},
210 {
"debug-tls", 0, 0, G_OPTION_ARG_INT, &debug_tls,
211 "Enable TLS debugging at <level>",
"<level>"},
212 {
"kb",
'k', 0, G_OPTION_ARG_STRING_ARRAY, &kb_values,
213 "Set KB key to value. Can be used multiple times",
"<key=value>"},
214 {G_OPTION_REMAINING, 0, 0, G_OPTION_ARG_FILENAME_ARRAY, &nasl_filenames,
215 "Absolute path to one or more nasl scripts",
"NASL_FILE..."},
216 {NULL, 0, 0, 0, NULL, NULL, NULL}};
219 g_option_context_new (
"- standalone NASL interpreter for OpenVAS");
220 g_option_context_add_main_entries (option_context, entries, NULL);
221 if (!g_option_context_parse (option_context, &argc, &argv, &error))
223 g_print (
"%s\n\n", error->message);
226 g_option_context_free (option_context);
236 printf (
"gnutls %s\n", gnutls_check_version (NULL));
237 printf (
"libssh %s\n", ssh_version (0));
238 printf (
"gpgme %s\n", gpgme_check_version (NULL));
242 printf (
"Copyright (C) 2002 - 2004 Tenable Network Security\n");
243 printf (
"Copyright (C) 2013 Greenbone Networks GmbH\n\n");
251 if (description_only)
259 if (!strcmp (trace_file,
"-"))
263 FILE *fp = fopen (trace_file,
"w");
269 setvbuf (fp, NULL, _IOLBF, BUFSIZ);
273 if (with_safe_checks)
274 prefs_set (
"safe_checks",
"yes");
280 fprintf (stderr,
"Error. No input file(s) specified !\n");
286 fprintf (stderr,
"** WARNING : packet forgery will not work\n");
287 fprintf (stderr,
"** as NASL is not running as root\n");
291 signal (SIGPIPE, SIG_IGN);
293 if (source_iface && gvm_source_iface_init (source_iface))
295 fprintf (stderr,
"Erroneous network source interface: %s\n",
302 gnutls_global_set_log_level (debug_tls);
306 target = g_strdup (default_target);
308 hosts = gvm_hosts_new (target);
311 fprintf (stderr,
"Erroneous target %s\n", target);
314 unresolved = gvm_hosts_resolve (
hosts);
317 g_warning (
"Couldn't resolve hostname '%s'", (
char *) unresolved->data);
318 unresolved = unresolved->next;
320 g_slist_free_full (unresolved, g_free);
325 if (include_dir != NULL)
330 prefs_config (config_file ?: OPENVAS_CONF);
332 if (prefs_get (
"vendor_version") != NULL)
341 if (prefs_get_bool (
"expand_vhosts"))
342 gvm_host_add_reverse_lookup (
host);
343 gvm_vhosts_exclude (
host, prefs_get (
"exclude_hosts"));
344 gvm_host_get_addr6 (
host, &ip6);
345 rc = kb_new (&kb, prefs_get (
"db_address") ?: KB_PATH_DEFAULT);
350 while (nasl_filenames[i])
355 if (both_modes || with_safe_checks)
364 else if (with_safe_checks
367 printf (
"%s isn't safe\n", nasl_filenames[i]);
379 gchar **splits = g_strsplit (*kb_values,
"=", -1);
380 if (splits[2] || !splits[1])
382 fprintf (stderr,
"Erroneous --kb entry %s\n", *kb_values);
385 kb_item_add_str_unique (kb, splits[0], splits[1], 0);
391 if ((
pid = fork ()) == 0)
400 fprintf (stderr,
"fork(): %s\n", strerror (errno));
406 waitpid (
pid, &status, 0);
420 gvm_hosts_free (
hosts);