Add: Notus related built-in functions

This includes:
- security_notus
- notus_error
- notus
- notus_type

Author: Kraemii

doc/manual/nasl/built-in-functions/glue-functions/update_table_driven_lsc_data.md

@@ -2,6 +2,8 @@
 
 ## NAME
 
+DEPRECATED
+
 **update_table_driven_lsc_data** - Set information, so that openvas can start a table driven lsc
 
 ## SYNOPSIS
@@ -19,10 +21,16 @@ os_release: identifier for the operating system of the target system
 After the KB items are set, these information is also transferred to the main process and a notus scan is triggered. The
 results of the notus scan are then directly published.
 
+## DEPRECATED
+
+This function is deprecated and **[notus(3)](notus.md)** and **[security_notus(3)](security_notus.md)** should be used instead.
+
 ## RETURN VALUE
 
 This function returns nothing.
 
 ## SEE ALSO
 
-**[log_message(3)](log_message.md)**
+**[log_message(3)](log_message.md)**,
+**[notus(3)](notus.md)**,
+**[security_notus(3)](security_notus.md)**

rust/src/nasl/builtin/error.rs

@@ -6,6 +6,7 @@ use thiserror::Error;
 
 use crate::nasl::prelude::*;
 use crate::nasl::utils::error::FnErrorKind;
+use crate::notus::NotusError;
 
 use super::KBError;
 use super::cert::CertError;
@@ -28,6 +29,8 @@ pub enum BuiltinError {
     #[error("{0}")]
     Http(HttpError),
     #[error("{0}")]
+    Notus(NotusError),
+    #[error("{0}")]
     String(StringError),
     #[error("{0}")]
     Misc(MiscError),
@@ -101,6 +104,6 @@ builtin_error_variant!(CertError, Cert);
 builtin_error_variant!(SysError, Sys);
 builtin_error_variant!(FindServiceError, FindService);
 builtin_error_variant!(SnmpError, Snmp);
-
+builtin_error_variant!(NotusError, Notus);
 #[cfg(feature = "nasl-builtin-raw-ip")]
 builtin_error_variant!(RawIpError, RawIp);

rust/src/nasl/builtin/mod.rs

@@ -16,13 +16,13 @@ mod isotime;
 mod knowledge_base;
 pub mod misc;
 pub mod network;
-mod snmp;
-
+mod notus;
 mod preferences;
 #[cfg(feature = "nasl-builtin-raw-ip")]
 pub mod raw_ip;
 mod regex;
 mod report_functions;
+mod snmp;
 mod ssh;
 mod string;
 mod sys;
@@ -64,7 +64,8 @@ pub fn nasl_std_functions() -> Executor {
         .add_set(find_service::FindService)
         .add_set(wmi::Wmi)
         .add_set(snmp::Snmp)
-        .add_set(cert::NaslCerts::default());
+        .add_set(cert::NaslCerts::default())
+        .add_set(notus::NaslNotus::default());
 
     #[cfg(feature = "nasl-builtin-raw-ip")]
     executor.add_set(raw_ip::RawIp);

rust/src/nasl/builtin/notus/mod.rs

@@ -0,0 +1,159 @@
+// SPDX-FileCopyrightText: 2026 Greenbone AG
+//
+// SPDX-License-Identifier: GPL-2.0-or-later WITH x11vnc-openssl-exception
+
+use std::{
+    collections::HashMap,
+    io::{Read, Write},
+    net::{SocketAddr, TcpStream},
+};
+
+use greenbone_scanner_framework::models::FixedVersion;
+use nasl_function_proc_macro::nasl_function;
+use serde::{Deserialize, Serialize};
+use serde_json;
+
+use crate::{
+    function_set,
+    nasl::{
+        ArgumentError, FnError, NaslValue, ScanCtx, builtin::http::HttpError,
+        utils::scan_ctx::NotusCtx,
+    },
+    notus::{HashsumProductLoader, Notus},
+};
+
+#[nasl_function]
+fn notus_type() -> i64 {
+    1
+}
+
+#[derive(Serialize, Deserialize, Debug)]
+struct NotusResult {
+    oid: String,
+    message: String,
+}
+
+impl NaslNotus {
+    fn notus_self(
+        &self,
+        notus: &mut Notus<HashsumProductLoader>,
+        pkg_list: &[String],
+        product: &str,
+    ) -> Result<NaslValue, FnError> {
+        let res = notus.scan(product, pkg_list)?;
+
+        let mut ret = HashMap::new();
+        for (oid, vuls) in res {
+            let message = vuls.into_iter().map(|vul| match vul.fixed_version {
+                FixedVersion::Single { version, specifier } => format!("Vulnerable package:   {}\nInstalled version:    {}\nFixed version:       {:2}{}", vul.name, vul.installed_version, specifier.to_string(), version),
+                FixedVersion::Range { start, end } => format!("Vulnerable package:   {}\nInstalled version:    {}\nFixed version:       < {}\nFixed version:       >={}", vul.name, vul.installed_version, start, end),
+            }).collect::<Vec<String>>().join("\n\n");
+            ret.insert(oid, NaslValue::String(message));
+        }
+
+        Ok(NaslValue::Dict(ret))
+    }
+
+    fn notus_extern(
+        &self,
+        addr: &SocketAddr,
+        pkg_list: &[String],
+        product: &str,
+    ) -> Result<NaslValue, FnError> {
+        let mut sock = TcpStream::connect(addr).map_err(|e| HttpError::IO(e.kind()))?;
+        let pkg_json = serde_json::to_string(pkg_list).unwrap();
+
+        let request = format!(
+            "POST /notus/{} HTTP/1.1\r\nContent-Length: {}\r\n\r\n{}",
+            product,
+            pkg_json.len(),
+            pkg_json
+        );
+        sock.write_all(request.as_bytes())
+            .map_err(|e| HttpError::IO(e.kind()))?;
+        let mut response = Vec::new();
+        sock.read_to_end(&mut response)
+            .map_err(|e| HttpError::IO(e.kind()))?;
+        let response_str = String::from_utf8(response).unwrap();
+
+        // Split headers and body
+        let parts: Vec<&str> = response_str.split("\r\n\r\n").collect();
+        let body = if parts.len() > 1 {
+            parts[1]
+        } else {
+            &response_str
+        };
+
+        // Parse JSON array of results
+        let results: Vec<NotusResult> = serde_json::from_str(body).unwrap();
+
+        // Convert to NaslValue (Dict mapping oid -> message)
+        let mut ret = HashMap::new();
+        for result in results {
+            ret.insert(result.oid, NaslValue::String(result.message));
+        }
+
+        Ok(NaslValue::Dict(ret))
+    }
+
+    #[nasl_function]
+    fn notus_error(&self) -> Option<String> {
+        self.last_error.clone()
+    }
+
+    #[nasl_function(named(pkg_list, product))]
+    fn notus(
+        &mut self,
+        context: &ScanCtx,
+        pkg_list: NaslValue,
+        product: &str,
+    ) -> Result<NaslValue, FnError> {
+        let notus = if let Some(notus) = &context.notus {
+            notus
+        } else {
+            self.last_error = Some("Configuration Error: Notus context not found".to_string());
+            return Ok(NaslValue::Null);
+        };
+        let pkg_list: Vec<String> = match pkg_list {
+            NaslValue::String(s) => s.split(',').map(|s| s.trim().to_string()).collect(),
+            NaslValue::Array(arr) => arr.iter().map(|v| v.to_string()).collect(),
+            x => {
+                return Err(ArgumentError::wrong_argument(
+                    "pkg_list",
+                    "String as Comma Separated List or Array of Strings",
+                    &format!("{:?}", x),
+                )
+                .into());
+            }
+        };
+        let ret = match notus {
+            NotusCtx::Direct(notus) => {
+                self.notus_self(&mut notus.lock().unwrap(), &pkg_list, product)
+            }
+            NotusCtx::Address(addr) => self.notus_extern(addr, &pkg_list, product),
+        };
+        match ret {
+            Err(e) => {
+                self.last_error = Some(e.to_string());
+                Ok(NaslValue::Null)
+            }
+            Ok(ret) => {
+                self.last_error = None;
+                Ok(ret)
+            }
+        }
+    }
+}
+
+#[derive(Default)]
+pub struct NaslNotus {
+    last_error: Option<String>,
+}
+
+function_set! {
+    NaslNotus,
+    (
+        NaslNotus::notus_error,
+        NaslNotus::notus,
+    )
+}

rust/src/nasl/builtin/report_functions/mod.rs

@@ -111,6 +111,48 @@ impl Reporting {
     fn error_message(&self, register: &Register, context: &ScanCtx) -> Result<NaslValue, FnError> {
         self.store_result(ResultType::Error, register, context)
     }
+
+    #[nasl_function(named(result))]
+    fn security_notus(&self, context: &ScanCtx, result: NaslValue) -> Result<(), FnError> {
+        match result {
+            NaslValue::Dict(dict) => {
+                if let (Some(NaslValue::String(oid)), Some(NaslValue::String(message))) =
+                    (dict.get("oid"), dict.get("message"))
+                {
+                    let result = models::Result {
+                        id: self.id(),
+                        r_type: ResultType::Alarm,
+                        ip_address: Some(context.target().ip_addr().to_string()),
+                        hostname: None,
+                        oid: Some(oid.to_owned()),
+                        port: None,
+                        protocol: None, // TODO: This field is set to "package" in the c scanner result
+                        message: Some(message.to_owned()),
+                        detail: None,
+                    };
+                    context
+                        .storage()
+                        .retry_dispatch(context.scan().clone(), result, 5)?;
+                } else {
+                    return Err(ArgumentError::wrong_argument(
+                        "result",
+                        "Dict with 'oid' and 'message' as String values",
+                        &format!("{:?}", dict),
+                    )
+                    .into());
+                }
+                Ok(())
+            }
+            x => {
+                return Err(ArgumentError::wrong_argument(
+                    "result",
+                    "Dict with 'oid' and 'message' as String values",
+                    &format!("{:?}", x),
+                )
+                .into());
+            }
+        }
+    }
 }
 
 function_set! {
@@ -119,5 +161,6 @@ function_set! {
         (Reporting::log_message, "log_message"),
         (Reporting::security_message, "security_message"),
         (Reporting::error_message, "error_message"),
+        (Reporting::security_notus, "security_notus"),
     )
 }

rust/src/nasl/builtin/report_functions/tests.rs

@@ -71,3 +71,35 @@ fn security_message() {
 fn error_message() {
     verify("error_message", ResultType::Error)
 }
+
+#[test]
+fn security_notus() {
+    let mut t = TestBuilder::default();
+    t.run_all(
+        r###"
+        result["oid"] = "1.2.3.4.5";
+        result["message"] = "test message";
+        security_notus(result: result);
+        "###,
+    );
+    t.check_no_errors();
+    let (results, context) = t.results_and_context();
+    assert_eq!(results.len(), 3);
+    let result = context
+        .storage()
+        .retrieve(&(context.scan().clone(), 0))
+        .unwrap()
+        .unwrap();
+    assert_eq!(result.id, 0);
+    assert_eq!(result.r_type, ResultType::Alarm);
+    assert_eq!(
+        result.ip_address,
+        Some(context.target().ip_addr().to_string())
+    );
+    assert_eq!(result.hostname, None);
+    assert_eq!(result.oid, Some("1.2.3.4.5".to_string()));
+    assert_eq!(result.port, None);
+    assert_eq!(result.protocol, None);
+    assert_eq!(result.message, Some("test message".into()));
+    assert_eq!(result.detail, None);
+}

rust/src/nasl/test_utils.rs

@@ -8,14 +8,10 @@ use std::{
     fmt::{self, Display, Formatter},
     panic::Location,
     path::PathBuf,
-    sync::Mutex,
 };
 
+use crate::storage::{ScanID, inmemory::InMemoryStorage};
 use crate::{nasl::prelude::*, scanner::preferences::preference::ScanPrefs};
-use crate::{
-    notus::{HashsumProductLoader, Notus},
-    storage::{ScanID, inmemory::InMemoryStorage},
-};
 use futures::{Stream, StreamExt};
 
 use super::{

rust/src/storage/items/kb.rs

@@ -17,6 +17,8 @@ pub enum KbKey {
     /// Contains SSL/TLS Kb keys
     Ssl(Ssl),
 
+    Ssh(Ssh),
+
     /// Contains Port related Kb keys
     Port(Port),
 
@@ -73,6 +75,19 @@ pub enum Ssl {
     Ca,
 }
 
+#[derive(Debug, Clone, serde::Serialize, serde::Deserialize)]
+#[serde(rename_all = "snake_case")]
+pub enum Ssh {
+    Login(Login),
+}
+
+#[derive(Debug, Clone, serde::Serialize, serde::Deserialize)]
+#[serde(rename_all = "snake_case")]
+pub enum Login {
+    PackageListNotus,
+    ReleaseNotus,
+}
+
 #[derive(Debug, Clone, serde::Serialize, serde::Deserialize)]
 #[serde(rename_all = "snake_case")]
 pub enum Port {
@@ -175,6 +190,13 @@ impl Display for KbKey {
             KbKey::Ssl(Ssl::Password) => write!(f, "SSL/password"),
             KbKey::Ssl(Ssl::Ca) => write!(f, "SSL/ca"),
 
+            KbKey::Ssh(Ssh::Login(Login::PackageListNotus)) => {
+                write!(f, "ssh/login/package_list_notus")
+            }
+            KbKey::Ssh(Ssh::Login(Login::ReleaseNotus)) => {
+                write!(f, "ssh/login/release_notus")
+            }
+
             KbKey::Port(Port::Tcp(port)) => write!(f, "Ports/tcp/{port}"),
             KbKey::Port(Port::Udp(port)) => write!(f, "Ports/udp/{port}"),