29 #include <glib/gstdio.h> 35 #include <sys/types.h> 38 #include <openvas/base/openvas_file.h> 44 #define G_LOG_DOMAIN "md manage" 67 check_is_file (
const char *name)
77 return (S_ISREG (sb.st_mode));
98 create_ssh_key (
const char *comment,
const char *passphrase,
101 gchar *astdout = NULL;
102 gchar *astderr = NULL;
104 gint exit_status = 0;
110 if (!comment || comment[0] ==
'\0')
112 g_debug (
"%s: comment must be set", __FUNCTION__);
115 if (!passphrase || strlen (passphrase) < 5)
117 g_debug (
"%s: password must be longer than 4 characters", __FUNCTION__);
123 dir = g_path_get_dirname (privpath);
124 if (g_mkdir_with_parents (dir, 0755 ))
126 g_debug (
"%s: failed to access %s", __FUNCTION__, dir);
133 command = g_strconcat (
"ssh-keygen -t rsa -f ", privpath,
" -C \"", comment,
134 "\" -P \"", passphrase,
"\"", NULL);
135 g_debug (
"command: ssh-keygen -t rsa -f %s -C \"%s\" -P \"********\"",
138 if ((g_spawn_command_line_sync (command, &astdout, &astderr, &exit_status,
141 || (WIFEXITED (exit_status) == 0)
142 || WEXITSTATUS (exit_status))
146 g_debug (
"%s: failed to create private key: %s\n",
147 __FUNCTION__, err->message);
151 g_debug (
"%s: failed to create private key\n", __FUNCTION__);
152 g_debug (
"%s: key-gen failed with %d (WIF %i, WEX %i).\n",
153 __FUNCTION__, exit_status, WIFEXITED (exit_status),
154 WEXITSTATUS (exit_status));
155 g_debug (
"%s: stdout: %s", __FUNCTION__, astdout);
156 g_debug (
"%s: stderr: %s", __FUNCTION__, astderr);
182 char key_dir[] =
"/tmp/openvas_key_XXXXXX";
183 gchar *key_path = NULL;
188 if (mkdtemp (key_dir) == NULL)
192 key_path = g_build_filename (key_dir,
"key", NULL);
193 if (create_ssh_key (
"Key generated by OpenVAS Manager", password, key_path))
197 g_file_get_contents (key_path, private_key, &length, &error);
200 g_error_free (error);
207 openvas_file_remove_recurse (key_dir);
223 get_rpm_generator_path ()
225 static gchar *rpm_generator_path = NULL;
227 if (rpm_generator_path == NULL)
229 gchar *path_exec = g_build_filename (OPENVAS_DATA_DIR,
230 "openvas-lsc-rpm-creator.sh",
232 if (check_is_file (path_exec) == 0)
238 rpm_generator_path = g_strdup (OPENVAS_DATA_DIR);
241 return rpm_generator_path;
255 lsc_user_rpm_create (
const gchar *username,
256 const gchar *public_key_path,
257 const gchar *to_filename)
259 const gchar *generator_path;
260 gchar *rpm_path = NULL;
262 gchar *new_pubkey_filename = NULL;
263 gchar *pubkey_basename = NULL;
265 char tmpdir[] =
"/tmp/lsc_user_rpm_create_XXXXXX";
266 gboolean success = TRUE;
267 gchar *standard_out = NULL;
268 gchar *standard_err = NULL;
271 generator_path = get_rpm_generator_path ();
275 g_debug (
"%s: create temporary directory", __FUNCTION__);
276 if (mkdtemp (tmpdir) == NULL)
278 g_debug (
"%s: temporary directory: %s\n", __FUNCTION__, tmpdir);
282 g_debug (
"%s: copy key to temporary directory\n", __FUNCTION__);
283 pubkey_basename = g_strdup_printf (
"%s.pub", username);
284 new_pubkey_filename = g_build_filename (tmpdir, pubkey_basename, NULL);
285 if (openvas_file_copy (public_key_path, new_pubkey_filename)
288 g_debug (
"%s: failed to copy key file %s to %s",
289 __FUNCTION__, public_key_path, new_pubkey_filename);
290 g_free (pubkey_basename);
291 g_free (new_pubkey_filename);
298 g_debug (
"%s: Attempting RPM build\n", __FUNCTION__);
299 cmd = (gchar **) g_malloc (5 *
sizeof (gchar *));
300 cmd[0] = g_strdup (
"./openvas-lsc-rpm-creator.sh");
301 cmd[1] = g_strdup (
"--target");
302 cmd[2] = g_strdup (tmpdir);
303 cmd[3] = g_build_filename (tmpdir, pubkey_basename, NULL);
305 g_debug (
"%s: Spawning in %s: %s %s %s %s\n",
306 __FUNCTION__, generator_path, cmd[0], cmd[1], cmd[2], cmd[3]);
307 if ((g_spawn_sync (generator_path,
318 || (WIFEXITED (exit_status) == 0)
319 || WEXITSTATUS (exit_status))
321 g_debug (
"%s: failed to create the rpm: %d (WIF %i, WEX %i)",
324 WIFEXITED (exit_status),
325 WEXITSTATUS (exit_status));
326 g_debug (
"%s: stdout: %s\n", __FUNCTION__, standard_out);
327 g_debug (
"%s: stderr: %s\n", __FUNCTION__, standard_err);
337 g_free (pubkey_basename);
338 g_free (new_pubkey_filename);
339 g_free (standard_out);
340 g_free (standard_err);
346 rpmfile = g_strconcat (
"openvas-lsc-target-",
350 rpm_path = g_build_filename (tmpdir, rpmfile, NULL);
351 g_debug (
"%s: new filename (rpm_path): %s\n", __FUNCTION__, rpm_path);
355 if (openvas_file_move (rpm_path, to_filename) == FALSE && success == TRUE)
357 g_debug (
"%s: failed to move RPM %s to %s",
358 __FUNCTION__, rpm_path, to_filename);
364 if (openvas_file_remove_recurse (tmpdir) != 0 && success == TRUE)
366 g_debug (
"%s: failed to remove temporary directory %s",
367 __FUNCTION__, tmpdir);
387 static gboolean searched = FALSE;
388 static gboolean found = FALSE;
390 if (searched == FALSE)
393 gchar *alien_path = g_find_program_in_path (
"alien");
394 if (alien_path != NULL)
417 void **rpm, gsize *rpm_size)
420 char rpm_dir[] =
"/tmp/rpm_XXXXXX";
421 char key_dir[] =
"/tmp/key_XXXXXX";
422 gchar *rpm_path, *public_key_path;
425 if (alien_found () == FALSE)
427 g_warning (
"%s: Need \"alien\" to make RPMs\n", __FUNCTION__);
433 if (mkdtemp (key_dir) == NULL)
439 public_key_path = g_build_filename (key_dir,
"key.pub", NULL);
440 g_file_set_contents (public_key_path, public_key, strlen (public_key),
447 if (mkdtemp (rpm_dir) == NULL)
449 rpm_path = g_build_filename (rpm_dir,
"p.rpm", NULL);
450 g_debug (
"%s: rpm_path: %s", __FUNCTION__, rpm_path);
451 if (lsc_user_rpm_create (name, public_key_path, rpm_path) == FALSE)
460 g_file_get_contents (rpm_path, (gchar **) rpm, rpm_size, &error);
464 g_error_free (error);
474 openvas_file_remove_recurse (rpm_dir);
478 g_free (public_key_path);
480 openvas_file_remove_recurse (key_dir);
497 execute_alien (
const gchar *rpmdir,
const gchar *rpmfile)
502 gchar *standard_out = NULL;
503 gchar *standard_err = NULL;
505 cmd = (gchar **) g_malloc (7 *
sizeof (gchar *));
507 cmd[0] = g_strdup (
"fakeroot");
508 cmd[1] = g_strdup (
"--");
509 cmd[2] = g_strdup (
"alien");
510 cmd[3] = g_strdup (
"--scripts");
511 cmd[4] = g_strdup (
"--keep-version");
512 cmd[5] = g_strdup (rpmfile);
514 g_debug (
"--- executing alien.\n");
515 g_debug (
"%s: Spawning in %s: %s %s %s %s %s %s\n",
517 rpmdir, cmd[0], cmd[1], cmd[2], cmd[3], cmd[4], cmd[5]);
518 if ((g_spawn_sync (rpmdir,
528 || (WIFEXITED (exit_status) == 0)
529 || WEXITSTATUS (exit_status))
531 g_debug (
"%s: failed to create the deb: %d (WIF %i, WEX %i)",
534 WIFEXITED (exit_status),
535 WEXITSTATUS (exit_status));
536 g_debug (
"%s: stdout: %s\n", __FUNCTION__, standard_out);
537 g_debug (
"%s: stderr: %s\n", __FUNCTION__, standard_err);
549 g_free (standard_out);
550 g_free (standard_err);
566 gchar *dirname = g_path_get_dirname (rpm_file);
567 gchar *dir = g_strconcat (dirname,
"/", NULL);
568 gchar *basename = g_path_get_basename (rpm_file);
569 gchar *down_user = g_ascii_strdown (user ? user :
"user", -1);
570 gchar *deb_name = g_strdup_printf (
"%s/openvas-lsc-target-%s_0.5-1_all.deb",
576 if (execute_alien (dir, basename))
603 void **deb, gsize *deb_size)
606 char deb_dir[] =
"/tmp/deb_XXXXXX";
607 char rpm_dir[] =
"/tmp/rpm_XXXXXX";
608 gchar *deb_path, *rpm_path;
611 if (alien_found () == FALSE)
613 g_warning (
"%s: Need \"alien\" to make DEBs\n", __FUNCTION__);
619 if (mkdtemp (rpm_dir) == NULL)
625 rpm_path = g_build_filename (rpm_dir,
"p.rpm", NULL);
626 g_file_set_contents (rpm_path, rpm, rpm_size, &error);
632 if (mkdtemp (deb_dir) == NULL)
635 if (deb_path == NULL)
641 g_file_get_contents (deb_path, (gchar **) deb, deb_size, &error);
645 g_error_free (error);
655 openvas_file_remove_recurse (deb_dir);
661 openvas_file_remove_recurse (rpm_dir);
680 create_nsis_script (
const gchar *script_name,
const gchar *package_name,
681 const gchar *
user_name,
const gchar *password)
685 fd = fopen (script_name,
"w");
690 fprintf (fd,
"#Installer filename\n");
691 fprintf (fd,
"outfile ");
692 fprintf (fd,
"%s", package_name);
693 fprintf (fd,
"\n\n");
695 fprintf (fd,
"# Set desktop as install directory\n");
696 fprintf (fd,
"installDir $DESKTOP\n\n");
698 fprintf (fd,
"# Put some text\n");
699 fprintf (fd,
"BrandingText \"OpenVAS Local Security Checks User\"\n\n");
707 fprintf (fd,
"#\n# Default (installer) section.\n#\n");
708 fprintf (fd,
"section\n\n");
710 fprintf (fd,
"# Define output path\n");
711 fprintf (fd,
"setOutPath $INSTDIR\n\n");
713 fprintf (fd,
"# Uninstaller name\n");
714 fprintf (fd,
"writeUninstaller $INSTDIR\\openvas_lsc_remove_%s.exe\n\n",
719 fprintf (fd,
"# Create Thomas Rotters GetAdminGroupName.vb script\n");
720 fprintf (fd,
"ExecWait \"cmd /C Echo Set objWMIService = GetObject($\\\"winmgmts:\\\\.\\root\\cimv2$\\\") > $\\\"%%temp%%\\GetAdminGroupName.vbs$\\\" \"\n");
721 fprintf (fd,
"ExecWait \"cmd /C Echo Set colAccounts = objWMIService.ExecQuery ($\\\"Select * From Win32_Group Where SID = 'S-1-5-32-544'$\\\") >> $\\\"%%temp%%\\GetAdminGroupName.vbs$\\\"\"\n");
722 fprintf (fd,
"ExecWait \"cmd /C Echo For Each objAccount in colAccounts >> $\\\"%%temp%%\\GetAdminGroupName.vbs$\\\"\"\n");
723 fprintf (fd,
"ExecWait \"cmd /C Echo Wscript.Echo objAccount.Name >> $\\\"%%temp%%\\GetAdminGroupName.vbs$\\\"\"\n");
724 fprintf (fd,
"ExecWait \"cmd /C Echo Next >> $\\\"%%temp%%\\GetAdminGroupName.vbs$\\\"\"\n");
725 fprintf (fd,
"ExecWait \"cmd /C cscript //nologo $\\\"%%temp%%\\GetAdminGroupName.vbs$\\\" > $\\\"%%temp%%\\AdminGroupName.txt$\\\"\"\n\n");
728 fprintf (fd,
"# Create batch script that installs the user\n");
729 fprintf (fd,
"ExecWait \"cmd /C Echo Set /P AdminGroupName= ^<$\\\"%%temp%%\\AdminGroupName.txt$\\\" > $\\\"%%temp%%\\AddUser.bat$\\\"\" \n");
730 fprintf (fd,
"ExecWait \"cmd /C Echo net user %s %s /add /active:yes >> $\\\"%%temp%%\\AddUser.bat$\\\"\"\n",
733 fprintf (fd,
"ExecWait \"cmd /C Echo net localgroup %%AdminGroupName%% %%COMPUTERNAME%%\\%s /add >> $\\\"%%temp%%\\AddUser.bat$\\\"\"\n\n",
736 fprintf (fd,
"# Execute AddUser script\n");
737 fprintf (fd,
"ExecWait \"cmd /C $\\\"%%temp%%\\AddUser.bat$\\\"\"\n\n");
740 fprintf (fd,
"# Remove temporary files for localized admin group names\n");
741 fprintf (fd,
"ExecWait \"del $\\\"%%temp%%\\AdminGroupName.txt$\\\"\"\n");
742 fprintf (fd,
"ExecWait \"del $\\\"%%temp%%\\GetAdminGroupName.vbs$\\\"\"\n\n");
743 fprintf (fd,
"ExecWait \"del $\\\"%%temp%%\\AddUser.bat$\\\"\"\n\n");
746 fprintf (fd,
"# Display message that everything seems to be fine\n");
747 fprintf (fd,
"messageBox MB_OK \"A user has been added. An uninstaller is placed on your Desktop.\"\n\n");
749 fprintf (fd,
"# Default (install) section end\n");
750 fprintf (fd,
"sectionEnd\n\n");
753 fprintf (fd,
"#\n# Uninstaller section.\n#\n");
754 fprintf (fd,
"section \"Uninstall\"\n\n");
756 fprintf (fd,
"# Run cmd to remove user\n");
757 fprintf (fd,
"ExecWait \"net user %s /delete\"\n\n",
761 fprintf (fd,
"# Unistaller should remove itself (from desktop/installdir)\n\n");
763 fprintf (fd,
"# Display message that everything seems to be fine\n");
764 fprintf (fd,
"messageBox MB_OK \"A user has been removed. You can now savely remmove the uninstaller from your Desktop.\"\n\n");
766 fprintf (fd,
"# Uninstaller section end\n");
767 fprintf (fd,
"sectionEnd\n\n");
785 execute_makensis (
const gchar *nsis_script)
787 gchar *dirname = g_path_get_dirname (nsis_script);
791 gchar *standard_out = NULL;
792 gchar *standard_err = NULL;
794 cmd = (gchar **) g_malloc (3 *
sizeof (gchar *));
796 cmd[0] = g_strdup (
"makensis");
797 cmd[1] = g_strdup (nsis_script);
799 g_debug (
"--- executing makensis.\n");
800 g_debug (
"%s: Spawning in %s: %s %s\n",
802 dirname, cmd[0], cmd[1]);
803 if ((g_spawn_sync (dirname,
813 || (WIFEXITED (exit_status) == 0)
814 || WEXITSTATUS (exit_status))
816 g_debug (
"%s: failed to create the exe: %d (WIF %i, WEX %i)",
819 WIFEXITED (exit_status),
820 WEXITSTATUS (exit_status));
821 g_debug (
"%s: stdout: %s\n", __FUNCTION__, standard_out);
822 g_debug (
"%s: stderr: %s\n", __FUNCTION__, standard_err);
830 g_free (standard_out);
831 g_free (standard_err);
846 lsc_user_exe_create (
const gchar *
user_name,
const gchar *password,
847 const gchar *to_filename)
849 gchar *dirname = g_path_get_dirname (to_filename);
850 gchar *nsis_script = g_build_filename (dirname,
"p.nsis", NULL);
854 if (create_nsis_script (nsis_script, to_filename,
user_name, password))
856 g_warning (
"%s: Failed to create NSIS script\n", __FUNCTION__);
857 g_free (nsis_script);
861 if (execute_makensis (nsis_script))
863 g_warning (
"%s: Failed to execute makensis\n", __FUNCTION__);
864 g_free (nsis_script);
868 g_free (nsis_script);
884 void **exe, gsize *exe_size)
887 char exe_dir[] =
"/tmp/exe_XXXXXX";
891 if (alien_found () == FALSE)
893 g_warning (
"%s: Need \"alien\" to make EXEs\n", __FUNCTION__);
899 if (mkdtemp (exe_dir) == NULL)
901 exe_path = g_build_filename (exe_dir,
"p.nsis", NULL);
902 if (lsc_user_exe_create (name, password, exe_path))
908 g_file_get_contents (exe_path, (gchar **) exe, exe_size, &error);
911 g_error_free (error);
921 openvas_file_remove_recurse (exe_dir);
int lsc_user_deb_recreate(const gchar *name, const char *rpm, gsize rpm_size, void **deb, gsize *deb_size)
Recreate Debian package.
gchar * user_name(const char *)
int lsc_user_rpm_recreate(const gchar *name, const char *public_key, void **rpm, gsize *rpm_size)
Recreate RPM package.
gchar * lsc_user_deb_create(const gchar *user, const gchar *rpm_file)
Create a Debian package from an LSC user RPM package.
int lsc_user_exe_recreate(const gchar *name, const gchar *password, void **exe, gsize *exe_size)
Recreate NSIS package.
int lsc_user_keys_create(const gchar *password, gchar **private_key)
Create local security check (LSC) keys.