Merge branch 'main' into async-interpreter

CMakeLists.txt

@@ -8,7 +8,7 @@ message ("-- Configuring the Scanner...")
 
 # VERSION: Always include major, minor and patch level.
 project (openvas
-  VERSION 23.8.5
+  VERSION 23.9.0
   LANGUAGES C)
 
 if (POLICY CMP0005)

charts/openvasd/Chart.yaml

@@ -21,4 +21,4 @@ version: 0.1.0
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "23.8.5"
+appVersion: "23.9.0"

rust/Cargo.toml

@@ -12,6 +12,7 @@ members = [
   "nasl-builtin-network",
   "nasl-builtin-description",
   "nasl-builtin-utils",
+  "nasl-builtin-regex",
   "nasl-builtin-std",
   "nasl-syntax",
   "nasl-interpreter",

rust/doc/openapi.yml

@@ -70,6 +70,43 @@ paths:
               schema:
                 type: "string"
           description: "Header"
+  /scans:
+    head:
+      description: "Get the response header. It contains the API version, feed version and available authentication methods."
+      operationId: "get_info"
+      tags:
+        - "general"
+      responses:
+        "204":
+          headers:
+            api-version:
+              description: "Comma separated list of available API versions"
+              schema:
+                type: "string"
+            feed-version:
+              description: "The version of the VT feed"
+              schema:
+                type: "string"
+            authentication:
+              description: "Supported authentication methods"
+              schema:
+                type: "string"
+          description: "Authenticated and authorized"
+        "401":
+          headers:
+            api-version:
+              description: "Comma separated list of available API versions"
+              schema:
+                type: "string"
+            feed-version:
+              description: "The version of the VT feed"
+              schema:
+                type: "string"
+            authentication:
+              description: "Supported authentication methods"
+              schema:
+                type: "string"
+          description: "Unauthorized. Required or invalid client certificates"
 
   /health/alive:
     get:

rust/nasl-builtin-knowledge-base/README.md

@@ -2,9 +2,8 @@
 
 - set_kb_item
 - get_kp_item
-
-## Missing
-- get_host_kb_index
 - get_kb_list
-- index
 - replace_kb_item
+
+## Missing
+- get_host_kb_index: Do not apply. Redis specific and currently not used in any script

rust/nasl-builtin-knowledge-base/src/lib.rs

@@ -11,18 +11,30 @@ use storage::{Field, Kb, Retrieve};
 use nasl_builtin_utils::Context;
 use nasl_syntax::NaslValue;
 
-/// NASL function to set a knowledge base
+/// NASL function to set a value under name in a knowledge base
+/// Only pushes unique values for the given name.
 #[nasl_function(named(name, value, expires))]
 fn set_kb_item(
-    c: &Context,
-    name: &str,
+    name: NaslValue,
     value: NaslValue,
-    expires: Option<u64>,
+    expires: Option<NaslValue>,
+    c: &Context,
 ) -> Result<NaslValue, FunctionErrorKind> {
-    let expires = expires.map(|seconds| {
+    let expires = match expires {
+        Some(NaslValue::Number(x)) => Some(x),
+        Some(NaslValue::Exit(0)) => None,
+        None => None,
+        Some(x) => {
+            return Err(FunctionErrorKind::Diagnostic(
+                format!("expected expires to be a number but is {x}."),
+                None,
+            ))
+        }
+    }
+    .map(|seconds| {
         let start = SystemTime::now();
         match start.duration_since(UNIX_EPOCH) {
-            Ok(x) => x.as_secs() + seconds,
+            Ok(x) => x.as_secs() + seconds as u64,
             Err(_) => 0,
         }
     });
@@ -41,9 +53,9 @@ fn set_kb_item(
 
 /// NASL function to get a knowledge base
 #[nasl_function]
-fn get_kb_item(arg: &NaslValue, c: &Context) -> Result<NaslValue, FunctionErrorKind> {
+fn get_kb_item(key: &str, c: &Context) -> Result<NaslValue, FunctionErrorKind> {
     c.retriever()
-        .retrieve(c.key(), Retrieve::KB(arg.to_string()))
+        .retrieve(c.key(), Retrieve::KB(key.to_string()))
         .map(|r| {
             r.into_iter()
                 .filter_map(|x| match x {
@@ -56,10 +68,52 @@ fn get_kb_item(arg: &NaslValue, c: &Context) -> Result<NaslValue, FunctionErrorK
         .map_err(|e| e.into())
 }
 
+/// NASL function to replace a kb list
+#[nasl_function(named(name, value, expires))]
+fn replace_kb_item(
+    name: NaslValue,
+    value: NaslValue,
+    c: &Context,
+) -> Result<NaslValue, FunctionErrorKind> {
+    c.dispatcher()
+        .dispatch_replace(
+            c.key(),
+            Field::KB(Kb {
+                key: name.to_string(),
+                value: value.clone().as_primitive(),
+                expire: None,
+            }),
+        )
+        .map(|_| NaslValue::Null)
+        .map_err(|e| e.into())
+}
+
+/// NASL function to retrieve an item in a KB.
+#[nasl_function(named(name, value, expires))]
+fn get_kb_list(key: NaslValue, c: &Context) -> Result<NaslValue, FunctionErrorKind> {
+    c.retriever()
+        .retrieve(c.key(), Retrieve::KB(key.to_string()))
+        .map(|r| {
+            r.into_iter()
+                .filter_map(|x| match x {
+                    Field::NVT(_) | Field::NotusAdvisory(_) | Field::Result(_) => None,
+                    Field::KB(kb) => Some(kb.value.into()),
+                })
+                .collect::<Vec<_>>()
+        })
+        .map(NaslValue::Array)
+        .map_err(|e| e.into())
+}
+
 pub struct KnowledgeBase;
 
 function_set! {
     KnowledgeBase,
     sync_stateless,
-    (set_kb_item, get_kb_item)
+    (
+        set_kb_item,
+        get_kb_item,
+        get_kb_list,
+        replace_kb_item
+    )
 }

rust/nasl-builtin-knowledge-base/tests/kb.rs

@@ -31,4 +31,23 @@ mod tests {
             FunctionErrorKind::MissingPositionalArguments { .. }
         );
     }
+
+    #[test]
+    fn get_kb_list() {
+        let mut t = TestBuilder::default();
+        t.ok(r#"set_kb_item(name: "test", value: 1);"#, NaslValue::Null);
+        t.ok(r#"set_kb_item(name: "test", value: 2);"#, NaslValue::Null);
+        t.ok(r#"get_kb_list("test");"#, vec![1, 2]);
+    }
+
+    #[test]
+    fn replace_kb_item() {
+        let mut t = TestBuilder::default();
+        t.ok(r#"set_kb_item(name: "test", value: 1);"#, NaslValue::Null);
+        t.ok(
+            r#"replace_kb_item(name: "test", value: 2);"#,
+            NaslValue::Null,
+        );
+        t.ok(r#"get_kb_item("test");"#, 2);
+    }
 }

rust/nasl-builtin-network/Cargo.toml

@@ -11,6 +11,7 @@ nasl-function-proc-macro = { path = "../nasl-function-proc-macro" }
 nasl-syntax = { path = "../nasl-syntax" }
 storage = { path = "../storage" }
 
+dns-lookup = "2.0"
 libc = "0.2"
 rustls = "0.23.5"
 rustls-pemfile = "2.1"

rust/nasl-builtin-network/src/lib.rs

@@ -2,9 +2,9 @@
 //
 // SPDX-License-Identifier: GPL-2.0-or-later
 
-use std::fmt::Display;
+use std::{fmt::Display, net::IpAddr};
 
-use nasl_builtin_utils::{Context, FunctionErrorKind, Register};
+use nasl_builtin_utils::{Context, FunctionErrorKind};
 use nasl_syntax::NaslValue;
 use storage::Field;
 
@@ -14,14 +14,14 @@ pub mod socket;
 
 // 512 Bytes are typically supported by network devices. The ip header maximum size is 60 and a UDP
 // header contains 8 bytes, which must be subtracted from the max size for UDP packages.
-// TODO: Calculate the MTU dynamically
 const MTU: usize = 512 - 60 - 8;
 
 /// Standard port for networking functions
-/// @return none
 const DEFAULT_PORT: u16 = 33435;
 
-pub fn mtu() -> usize {
+// Get the max MTU possible for network communication
+// TODO: Calculate the MTU dynamically
+pub fn mtu(_: IpAddr) -> usize {
     MTU
 }
 
@@ -74,47 +74,6 @@ impl Display for OpenvasEncaps {
     }
 }
 
-fn get_named_value(r: &Register, name: &str) -> Result<NaslValue, FunctionErrorKind> {
-    match r.named(name) {
-        Some(x) => match x {
-            nasl_builtin_utils::ContextType::Function(_, _) => Err(
-                FunctionErrorKind::WrongArgument(format!("{name} is a function")),
-            ),
-            nasl_builtin_utils::ContextType::Value(val) => Ok(val.to_owned()),
-        },
-        None => Err(FunctionErrorKind::MissingArguments(vec![name.to_string()])),
-    }
-}
-
-fn get_usize(r: &Register, name: &str) -> Result<usize, FunctionErrorKind> {
-    match get_named_value(r, name)? {
-        NaslValue::Number(num) => {
-            if num < 0 {
-                return Err(FunctionErrorKind::WrongArgument(format!(
-                    "Argument {name} must be >= 0"
-                )));
-            }
-            Ok(num as usize)
-        }
-        _ => Err(FunctionErrorKind::WrongArgument(
-            "Wrong type for argument, expected a number".to_string(),
-        )),
-    }
-}
-
-fn get_data(r: &Register) -> Result<Vec<u8>, FunctionErrorKind> {
-    Ok((get_named_value(r, "data")?).into())
-}
-
-fn get_opt_int(r: &Register, name: &str) -> Option<i64> {
-    get_named_value(r, name)
-        .map(|val| match val {
-            NaslValue::Number(len) => Some(len),
-            _ => None,
-        })
-        .unwrap_or_default()
-}
-
 pub fn get_kb_item(context: &Context, name: &str) -> Result<Option<NaslValue>, FunctionErrorKind> {
     context
         .retriever()
@@ -129,30 +88,6 @@ pub fn get_kb_item(context: &Context, name: &str) -> Result<Option<NaslValue>, F
         .map_err(|e| e.into())
 }
 
-pub fn get_pos_port(r: &Register) -> Result<u16, FunctionErrorKind> {
-    match r
-        .positional()
-        .first()
-        .ok_or(FunctionErrorKind::MissingPositionalArguments {
-            expected: 1,
-            got: 0,
-        })? {
-        NaslValue::Number(port) => {
-            if *port < 0 || *port > 65535 {
-                return Err(FunctionErrorKind::WrongArgument(format!(
-                    "{} is not a valid port number",
-                    *port
-                )));
-            }
-            Ok(*port as u16)
-        }
-        x => Err(FunctionErrorKind::WrongArgument(format!(
-            "{} is not a valid port number",
-            x
-        ))),
-    }
-}
-
 pub fn verify_port(port: i64) -> Result<u16, FunctionErrorKind> {
     if !(0..=65535).contains(&port) {
         return Err(FunctionErrorKind::WrongArgument(format!(

rust/nasl-builtin-network/src/network.rs

@@ -42,8 +42,9 @@ fn this_host_name() -> String {
 
 /// get the maximum transition unit for the scanned host
 #[nasl_function]
-fn get_mtu() -> i64 {
-    mtu() as i64
+fn get_mtu(context: &Context) -> Result<i64, FunctionErrorKind> {
+    let target = ipstr2ipaddr(context.target())?;
+    Ok(mtu(target) as i64)
 }
 
 /// check if the currently scanned host is the localhost