Add: Notus integration (#903)

* Add json support * Add functions for notus integration * Update INSTALL.md * Get the package list, prepare the json message and publish to the mqtt broker * Initialize mqtt. Also reset the mqtt connection where necessary * Fix format
greenbone · Oct 25, 2021 · 5343d87 · 5343d87
1 parent 641ab33
commit 5343d87
Show file tree

Hide file tree

Showing 10 changed files with 275 additions and 10 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -20,6 +20,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
   - [#862](https://github.com/greenbone/openvas/pull/862)
 - Add `find_all` to eregmatch() nasl function. Backport PR #875. [#876](https://github.com/greenbone/openvas/pull/876)
 - Add nasl functions for checking ssl/tls secure renegotiation and performing re-handshake. [#889](https://github.com/greenbone/openvas/pull/889)
+- Fix Segmentation fault when freeing hosts and alive hosts [#888](https://github.com/greenbone/openvas/pull/888)
 
 ### Changed
 - function script_bugtraq_id getting skipped, linter warns. [#724](https://github.com/greenbone/openvas/pull/724)

diff --git a/INSTALL.md b/INSTALL.md
@@ -14,6 +14,7 @@ Prerequisites:
 * libgvm_base, libgvm_util >= 21.10
 * glib-2.0 >= 2.42
 * gio-2.0
+* json-glib-1.0 >= 1.4.4
 * bison
 * flex
 * libgcrypt >= 1.6
@@ -44,8 +45,8 @@ Recommended to have improved SNMP support:
 Install prerequisites on Debian GNU/Linux 'Buster' 10:
 
     apt-get install gcc pkg-config libssh-gcrypt-dev libgnutls28-dev \
-    libglib2.0-dev libpcap-dev libgpgme-dev bison libksba-dev libsnmp-dev \
-    libgcrypt20-dev redis-server
+    libglib2.0-dev libjson-glib-dev libpcap-dev libgpgme-dev bison libksba-dev \
+    libsnmp-dev libgcrypt20-dev redis-server
 
 
 Compiling openvas

diff --git a/misc/CMakeLists.txt b/misc/CMakeLists.txt
@@ -26,6 +26,7 @@ if (NOT PKG_CONFIG_FOUND)
 endif (NOT PKG_CONFIG_FOUND)
 
 pkg_check_modules (GLIB REQUIRED glib-2.0>=2.42)
+pkg_check_modules (GLIB_JSON REQUIRED json-glib-1.0>=1.4.4)
 pkg_check_modules (GNUTLS REQUIRED gnutls>=3.6.4)
 
 pkg_check_modules (LIBGVM_BASE REQUIRED libgvm_base>=21.10)
@@ -77,14 +78,14 @@ set (CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -Werror")
 
 ## Pass-throughs
 
-include_directories (${GLIB_INCLUDE_DIRS}
+include_directories (${GLIB_INCLUDE_DIRS} ${GLIB_JSON_INCLUDE_DIRS}
                      ${LIBGVM_BASE_INCLUDE_DIRS}
                      ${GNUTLS_INCLUDE_DIRS})
 
 # Library
 
 set (FILES bpf_share.c ftp_funcs.c vendorversion.c network.c plugutils.c pcap.c
-     strutils.c)
+     strutils.c table_driven_lsc.c)
 
 
 # On windows we are always PIC and stack-protector is replaces by DEP
@@ -123,7 +124,7 @@ set_target_properties (openvas_misc_shared PROPERTIES SOVERSION "${PROJECT_VERSI
 set_target_properties (openvas_misc_shared PROPERTIES VERSION "${PROJECT_VERSION_STRING}")
 
 target_link_libraries (openvas_misc_shared LINK_PRIVATE ${GNUTLS_LDFLAGS} ${UUID_LDFLAGS}
-                       ${GLIB_LDFLAGS} ${PCAP_LDFLAGS}
+                       ${GLIB_LDFLAGS} ${GLIB_JSON_LDFLAGS} ${PCAP_LDFLAGS}
                        ${LINKER_HARDENING_FLAGS})
 
 if (OPENVAS_STATE_DIR)

diff --git a/misc/plugutils.c b/misc/plugutils.c
@@ -31,6 +31,7 @@
 #include <gvm/base/hosts.h>      // for g_vhost_t
 #include <gvm/base/networking.h> // for port_protocol_t
 #include <gvm/base/prefs.h>      // for prefs_get_bool
+#include <gvm/util/mqtt.h>       // for mqtt_reset
 #include <gvm/util/nvticache.h>  // for nvticache_initialized
 #include <stdio.h>               // for snprintf
 #include <stdlib.h>              // for exit
@@ -864,6 +865,7 @@ plug_fork_child (kb_t kb)
   if ((pid = fork ()) == 0)
     {
       sig_term (_exit);
+      mqtt_reset ();
       kb_lnk_reset (kb);
       nvticache_reset ();
       srand48 (getpid () + getppid () + time (NULL));

diff --git a/misc/table_driven_lsc.c b/misc/table_driven_lsc.c
@@ -0,0 +1,145 @@
+/* Portions Copyright (C) 2021 Greenbone Networks GmbH
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+/**
+ * @file table_drive_lsc.c
+ * @brief Function to start a table driven lsc.
+ */
+
+#include "table_driven_lsc.h"
+
+#include <gvm/util/mqtt.h>      // for mqtt_reset
+#include <gvm/util/uuidutils.h> // for gvm_uuid_make
+#include <json-glib/json-glib.h>
+
+#undef G_LOG_DOMAIN
+/**
+ * @brief GLib logging domain.
+ */
+#define G_LOG_DOMAIN "lib  misc"
+
+/**
+ * @brief Split the package list string and creates a json array.
+ *
+ * JSON result consists of scan_id, message type, host ip,  hostname, port
+ * together with proto, OID, result message and uri.
+ *
+ * @param[in/out] builder   The Json builder to add the array to.
+ * @param[in]     packages  The installed package list as string
+ *
+ * @return JSON builder including the package list as array.
+ */
+static JsonBuilder *
+add_packages_str_to_list (JsonBuilder *builder, const gchar *packages)
+{
+  gchar **package_list = NULL;
+
+  json_builder_set_member_name (builder, "package_list");
+  json_builder_begin_array (builder);
+
+  package_list = g_strsplit (packages, "\n", 0);
+  if (package_list && package_list[0])
+    {
+      int i;
+      for (i = 0; package_list[i]; i++)
+        json_builder_add_string_value (builder, package_list[i]);
+    }
+
+  json_builder_end_array (builder);
+  g_strfreev (package_list);
+
+  return builder;
+}
+
+/**
+ * @brief Build a json object with data necessary to start a table drive LSC
+ *
+ * JSON result consists of scan_id, message type, host ip,  hostname, port
+ * together with proto, OID, result message and uri.
+ *
+ * @param scan_id     Scan Id.
+ * @param kb
+ * @param ip_str      IP string of host.
+ * @param hostname    Name of host.
+ * @param module      Module to be used. The OS base name or package manager
+ * name
+ * @param os_release  OS release
+ * @param package_list The installed package list in the target system to be
+ * evaluated
+ *
+ * @return JSON string on success. Must be freed by caller. NULL on error.
+ */
+gchar *
+make_table_driven_lsc_info_json_str (const char *scan_id, const char *ip_str,
+                                     const char *hostname,
+                                     const char *os_release,
+                                     const char *package_list)
+{
+  JsonBuilder *builder;
+  JsonGenerator *gen;
+  JsonNode *root;
+  gchar *json_str;
+
+  /* Build the message in json format to be published. */
+  builder = json_builder_new ();
+
+  json_builder_begin_object (builder);
+
+  json_builder_set_member_name (builder, "message_id");
+  builder = json_builder_add_string_value (builder, gvm_uuid_make ());
+
+  json_builder_set_member_name (builder, "group_id");
+  builder = json_builder_add_string_value (builder, gvm_uuid_make ());
+
+  json_builder_set_member_name (builder, "message_type");
+  builder = json_builder_add_string_value (builder, "scan.start");
+
+  json_builder_set_member_name (builder, "created");
+  builder = json_builder_add_int_value (builder, time (NULL));
+
+  json_builder_set_member_name (builder, "scan_id");
+  builder = json_builder_add_string_value (builder, scan_id);
+
+  json_builder_set_member_name (builder, "host_ip");
+  json_builder_add_string_value (builder, ip_str);
+
+  json_builder_set_member_name (builder, "host_name");
+  json_builder_add_string_value (builder, hostname);
+
+  json_builder_set_member_name (builder, "os_release");
+  json_builder_add_string_value (builder, os_release);
+
+  add_packages_str_to_list (builder, package_list);
+
+  json_builder_end_object (builder);
+
+  gen = json_generator_new ();
+  root = json_builder_get_root (builder);
+  json_generator_set_root (gen, root);
+  json_str = json_generator_to_data (gen, NULL);
+
+  json_node_free (root);
+  g_object_unref (gen);
+  g_object_unref (builder);
+
+  if (json_str == NULL)
+    g_warning ("%s: Error while creating JSON.", __func__);
+
+  return json_str;
+}
diff --git a/misc/table_driven_lsc.h b/misc/table_driven_lsc.h
@@ -0,0 +1,34 @@
+/* Copyright (C) 2021 Greenbone Networks GmbH
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+/**
+ * @file table_drive_lsc.h
+ * @brief Header file for module table_driven_lsc.
+ */
+
+#ifndef TABLE_DRIVEN_LSC_H
+#define TABLE_DRIVEN_LSC_H
+
+#include <glib.h>
+
+gchar *
+make_table_driven_lsc_info_json_str (const char *, const char *, const char *,
+                                     const char *, const char *);
+
+#endif // TABLE_DRIVEN_LSC_H
diff --git a/nasl/nasl_builtin_find_service.c b/nasl/nasl_builtin_find_service.c
@@ -26,6 +26,7 @@
 #include <ctype.h> /* for tolower() */
 #include <errno.h> /* for errno() */
 #include <glib.h>
+#include <gvm/util/mqtt.h>
 #include <gvm/util/nvticache.h>
 #include <regex.h>     /* for regex_t */
 #include <signal.h>    /* for signal() */
@@ -2528,6 +2529,7 @@ plugin_run_find_service (lex_ctxt *lexic)
           if (sons[i] == 0)
             {
               kb_lnk_reset (kb);
+              mqtt_reset ();
               nvticache_reset ();
               signal (SIGTERM, _exit);
               plugin_do_run (desc, sons_args[i], test_ssl);

diff --git a/src/attack.c b/src/attack.c
@@ -25,10 +25,11 @@
 
 #include "attack.h"
 
-#include "../misc/network.h"        /* for auth_printf */
-#include "../misc/nvt_categories.h" /* for ACT_INIT */
-#include "../misc/pcap_openvas.h"   /* for v6_is_local_ip */
-#include "../nasl/nasl_debug.h"     /* for nasl_*_filename */
+#include "../misc/network.h"          /* for auth_printf */
+#include "../misc/nvt_categories.h"   /* for ACT_INIT */
+#include "../misc/pcap_openvas.h"     /* for v6_is_local_ip */
+#include "../misc/table_driven_lsc.h" /*for make_table_driven_lsc_info_json_str */
+#include "../nasl/nasl_debug.h"       /* for nasl_*_filename */
 #include "hosts.h"
 #include "pluginlaunch.h"
 #include "pluginload.h"
@@ -48,7 +49,8 @@
 #include <gvm/base/proctitle.h>
 #include <gvm/boreas/alivedetection.h> /* for start_alive_detection() */
 #include <gvm/boreas/boreas_io.h>      /* for get_host_from_queue() */
-#include <gvm/util/nvticache.h>        /* for nvticache_t */
+#include <gvm/util/mqtt.h>
+#include <gvm/util/nvticache.h> /* for nvticache_t */
 #include <pthread.h>
 #include <stdlib.h>   /* for exit() */
 #include <string.h>   /* for strlen() */
@@ -377,6 +379,56 @@ check_new_vhosts (void)
   unset_check_new_vhosts_flag ();
 }
 
+/**
+ * @brief Publish the necessary data to start a Table driven LSC scan.
+ *
+ * If the gather-package-list.nasl plugin was launched, and it generated
+ * a valid package list for a supported OS, the table driven LSC scan
+ * which is subscribed to the topic will perform a scan an publish the
+ * the results to be handle by the sensor/client.
+ *
+ * @param scan_id     Scan Id.
+ * @param kb
+ * @param ip_str      IP string of host.
+ * @param hostname    Name of host.
+ *
+ * @return 0 on success, less than 0 on error.
+ */
+static int
+run_table_driven_lsc (const char *scan_id, kb_t kb, const char *ip_str,
+                      const char *hostname)
+{
+  gchar *json_str;
+  gchar *package_list;
+  gchar *os_release;
+  int err = 0;
+
+  /* Get the OS release. TODO: have a list with supported OS. */
+  os_release = kb_item_get_str (kb, "ssh/login/release_notus");
+  if (NULL == os_release)
+    return err;
+
+  /* Get the package list. Currently only rpm support*/
+  package_list = kb_item_get_str (kb, "ssh/login/rpms_notus");
+  if (NULL == package_list)
+    return err;
+
+  json_str = make_table_driven_lsc_info_json_str (scan_id, ip_str, hostname,
+                                                  os_release, package_list);
+  g_free (package_list);
+  g_free (os_release);
+
+  if (json_str == NULL)
+    return -1;
+
+  err = mqtt_publish ("scanner/package/cmd/notus", json_str);
+  if (err != 0)
+    g_warning ("%s: Error publishing message for Notus.", __func__);
+
+  g_free (json_str);
+  return err;
+}
+
 /**
  * @brief Launches a nvt. Respects safe check preference (i.e. does not try
  * @brief destructive nvt if save_checks is yes).
@@ -605,6 +657,12 @@ attack_host (struct scan_globals *globals, struct in6_addr *ip, GSList *vhosts,
       pluginlaunch_wait_for_free_process (main_kb, kb);
     }
 
+  if (prefs_get_bool ("table_driven_lsc"))
+    {
+      g_message ("Running LSC via Notus for %s", ip_str);
+      run_table_driven_lsc (globals->scan_id, kb, ip_str, NULL);
+    }
+
   pluginlaunch_wait (main_kb, kb);
   if (!scan_is_stopped ())
     {