OpenVAS Libraries
9.0.1
|
GnuTLS based functions for communication with an OpenVAS server. More...
#include <arpa/inet.h>
#include <errno.h>
#include <fcntl.h>
#include <netdb.h>
#include <signal.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <unistd.h>
#include <gcrypt.h>
#include <glib.h>
#include <string.h>
#include <stdio.h>
#include "openvas_server.h"
Macros | |
#define | _GNU_SOURCE |
#define | G_LOG_DOMAIN "lib serv" |
GLib log domain. More... | |
Functions | |
void | openvas_connection_free (openvas_connection_t *client_connection) |
Free connection. More... | |
int | openvas_server_verify (gnutls_session_t session) |
Verify certificate. More... | |
int | load_gnutls_file (const char *file, gnutls_datum_t *loaded_file) |
Loads a file's data into gnutls_datum_t struct. More... | |
void | unload_gnutls_file (gnutls_datum_t *data) |
Unloads a gnutls_datum_t struct's data. More... | |
int | openvas_server_open_verify (gnutls_session_t *session, const char *host, int port, const char *ca_mem, const char *pub_mem, const char *priv_mem, int verify) |
Connect to the server using a given host, port and cert. More... | |
int | openvas_server_open_with_cert (gnutls_session_t *session, const char *host, int port, const char *ca_mem, const char *pub_mem, const char *priv_mem) |
Connect to the server using a given host, port and cert. More... | |
int | openvas_server_open (gnutls_session_t *session, const char *host, int port) |
Connect to the server using a given host and port. More... | |
int | openvas_server_close (int socket, gnutls_session_t session) |
Close a server connection and its socket. More... | |
void | openvas_connection_close (openvas_connection_t *connection) |
Close a server connection and its socket. More... | |
int | openvas_server_connect (int server_socket, struct sockaddr_in *server_address, gnutls_session_t *server_session) |
Connect to a server. More... | |
int | openvas_server_attach (int socket, gnutls_session_t *session) |
Attach a socket to a session, and shake hands with the peer. More... | |
int | openvas_server_vsendf (gnutls_session_t *session, const char *fmt, va_list ap) |
Send a string to the server. More... | |
int | openvas_connection_vsendf (openvas_connection_t *connection, const char *fmt, va_list ap) |
Send a string to the server. More... | |
int | openvas_server_vsendf_quiet (gnutls_session_t *session, const char *fmt, va_list ap) |
Send a string to the server, refraining from logging besides warnings. More... | |
int | openvas_connection_vsendf_quiet (openvas_connection_t *connection, const char *fmt, va_list ap) |
Send a string to the server, refraining from logging besides warnings. More... | |
int | openvas_server_sendf (gnutls_session_t *session, const char *format,...) |
Format and send a string to the server. More... | |
int | openvas_connection_sendf (openvas_connection_t *connection, const char *format,...) |
Format and send a string to the server. More... | |
int | openvas_server_sendf_quiet (gnutls_session_t *session, const char *format,...) |
Format and send a string to the server. More... | |
int | openvas_connection_sendf_quiet (openvas_connection_t *connection, const char *format,...) |
Format and send a string to the server. More... | |
int | openvas_server_sendf_xml (gnutls_session_t *session, const char *format,...) |
Format and send an XML string to the server. More... | |
int | openvas_connection_sendf_xml (openvas_connection_t *connection, const char *format,...) |
Format and send an XML string to the server. More... | |
int | openvas_server_sendf_xml_quiet (gnutls_session_t *session, const char *format,...) |
Format and send an XML string to the server. More... | |
int | openvas_connection_sendf_xml_quiet (openvas_connection_t *connection, const char *format,...) |
Format and send an XML string to the server. More... | |
int | openvas_server_new (unsigned int end_type, gchar *ca_cert_file, gchar *cert_file, gchar *key_file, gnutls_session_t *server_session, gnutls_certificate_credentials_t *server_credentials) |
Make a session for connecting to a server. More... | |
int | openvas_server_new_mem (unsigned int end_type, const char *ca_cert, const char *pub_key, const char *priv_key, gnutls_session_t *session, gnutls_certificate_credentials_t *credentials) |
Make a session for connecting to a server, with certificates stored in memory. More... | |
int | set_gnutls_dhparams (gnutls_certificate_credentials_t creds, const char *dhparams_file) |
Set a gnutls session's Diffie-Hellman parameters. More... | |
int | openvas_server_free (int server_socket, gnutls_session_t server_session, gnutls_certificate_credentials_t server_credentials) |
Cleanup a server session. More... | |
Variables | |
struct sockaddr_in | address |
Server address. More... | |
GnuTLS based functions for communication with an OpenVAS server.
GnuTLS based functions for communication with an OpenVAS server. Copyright (C) 2009, 2012 Greenbone Networks GmbH
Authors: Matthew Mundell matt@ Jan-Oliver Wagner mund ell.u kfsn .orgjan-o Michael Wiegand live r.wag ner@ green bone .netmicha Werner Koch el.w iegan d@gr eenbo ne.n etwk@gn upg. org
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
This library supplies low-level communication functions for communication with an OpenVAS server over GnuTLS.
#define _GNU_SOURCE |
#define G_LOG_DOMAIN "lib serv" |
GLib log domain.
int load_gnutls_file | ( | const char * | file, |
gnutls_datum_t * | loaded_file | ||
) |
Loads a file's data into gnutls_datum_t struct.
[in] | file | File to load. |
[out] | loaded_file | Destination to load file into. |
void openvas_connection_close | ( | openvas_connection_t * | connection | ) |
Close a server connection and its socket.
[in] | connection | Connection. |
void openvas_connection_free | ( | openvas_connection_t * | client_connection | ) |
Free connection.
[in] | client_connection | Connection. |
int openvas_connection_sendf | ( | openvas_connection_t * | connection, |
const char * | format, | ||
... | |||
) |
Format and send a string to the server.
[in] | session | Pointer to GNUTLS session. |
[in] | format | printf-style format string for message. |
int openvas_connection_sendf_quiet | ( | openvas_connection_t * | connection, |
const char * | format, | ||
... | |||
) |
Format and send a string to the server.
[in] | session | Pointer to GNUTLS session. |
[in] | format | printf-style format string for message. |
int openvas_connection_sendf_xml | ( | openvas_connection_t * | connection, |
const char * | format, | ||
... | |||
) |
Format and send an XML string to the server.
Escape XML in string and character args.
[in] | connection | Connection. |
[in] | format | printf-style format string for message. |
int openvas_connection_sendf_xml_quiet | ( | openvas_connection_t * | connection, |
const char * | format, | ||
... | |||
) |
Format and send an XML string to the server.
Escape XML in string and character args.
Quiet version, only logs warnings.
[in] | session | Pointer to GNUTLS session. |
[in] | format | printf-style format string for message. |
int openvas_connection_vsendf | ( | openvas_connection_t * | connection, |
const char * | fmt, | ||
va_list | ap | ||
) |
Send a string to the server.
[in] | connection | Connection. |
[in] | fmt | Format of string to send. |
[in] | ap | Args for fmt. |
int openvas_connection_vsendf_quiet | ( | openvas_connection_t * | connection, |
const char * | fmt, | ||
va_list | ap | ||
) |
Send a string to the server, refraining from logging besides warnings.
[in] | session | Pointer to GNUTLS session. |
[in] | fmt | Format of string to send. |
[in] | ap | Args for fmt. |
int openvas_server_attach | ( | int | socket, |
gnutls_session_t * | session | ||
) |
Attach a socket to a session, and shake hands with the peer.
[in] | socket | Socket. |
[in] | session | Pointer to GNUTLS session. FIXME: Why is this a pointer to a session? |
int openvas_server_close | ( | int | socket, |
gnutls_session_t | session | ||
) |
Close a server connection and its socket.
[in] | socket | Socket connected to server (from connect_to_server). |
[in] | session | GNUTLS session with server. |
int openvas_server_connect | ( | int | server_socket, |
struct sockaddr_in * | server_address, | ||
gnutls_session_t * | server_session | ||
) |
Connect to a server.
[in] | server_socket | Socket to connect to server. |
[in] | server_address | Server address. |
[in] | server_session | Session to connect to server. |
int openvas_server_free | ( | int | server_socket, |
gnutls_session_t | server_session, | ||
gnutls_certificate_credentials_t | server_credentials | ||
) |
Cleanup a server session.
This shuts down the TLS session, closes the socket and releases the TLS resources.
[in] | server_socket | The socket connected to the server. |
[in] | server_session | The session with the server. |
[in] | server_credentials | Credentials or NULL. |
int openvas_server_new | ( | unsigned int | end_type, |
gchar * | ca_cert_file, | ||
gchar * | cert_file, | ||
gchar * | key_file, | ||
gnutls_session_t * | server_session, | ||
gnutls_certificate_credentials_t * | server_credentials | ||
) |
Make a session for connecting to a server.
[in] | end_type | Connection end type (GNUTLS_SERVER or GNUTLS_CLIENT). |
[in] | ca_cert_file | Certificate authority file. |
[in] | cert_file | Certificate file. |
[in] | key_file | Key file. |
[out] | server_session | The session with the server. |
[out] | server_credentials | Server credentials. |
int openvas_server_new_mem | ( | unsigned int | end_type, |
const char * | ca_cert, | ||
const char * | pub_key, | ||
const char * | priv_key, | ||
gnutls_session_t * | session, | ||
gnutls_certificate_credentials_t * | credentials | ||
) |
Make a session for connecting to a server, with certificates stored in memory.
[in] | end_type | Connecton end type: GNUTLS_SERVER or GNUTLS_CLIENT. |
[in] | ca_cert | Certificate authority public key. |
[in] | pub_key | Public key. |
[in] | priv_key | Private key. |
[out] | session | The session with the server. |
[out] | credentials | Server credentials. |
int openvas_server_open | ( | gnutls_session_t * | session, |
const char * | host, | ||
int | port | ||
) |
Connect to the server using a given host and port.
[in] | session | Pointer to GNUTLS session. |
[in] | host | Host to connect to. |
[in] | port | Port to connect to. |
int openvas_server_open_verify | ( | gnutls_session_t * | session, |
const char * | host, | ||
int | port, | ||
const char * | ca_mem, | ||
const char * | pub_mem, | ||
const char * | priv_mem, | ||
int | verify | ||
) |
Connect to the server using a given host, port and cert.
[in] | session | Pointer to GNUTLS session. |
[in] | host | Host to connect to. |
[in] | port | Port to connect to. |
[in] | ca_mem | CA cert. |
[in] | pub_mem | Public key. |
[in] | priv_mem | Private key. |
[in] | verify | Whether to verify. |
int openvas_server_open_with_cert | ( | gnutls_session_t * | session, |
const char * | host, | ||
int | port, | ||
const char * | ca_mem, | ||
const char * | pub_mem, | ||
const char * | priv_mem | ||
) |
Connect to the server using a given host, port and cert.
Verify if all cert args are given.
[in] | session | Pointer to GNUTLS session. |
[in] | host | Host to connect to. |
[in] | port | Port to connect to. |
[in] | ca_mem | CA cert. |
[in] | pub_mem | Public key. |
[in] | priv_mem | Private key. |
int openvas_server_sendf | ( | gnutls_session_t * | session, |
const char * | format, | ||
... | |||
) |
Format and send a string to the server.
[in] | session | Pointer to GNUTLS session. |
[in] | format | printf-style format string for message. |
int openvas_server_sendf_quiet | ( | gnutls_session_t * | session, |
const char * | format, | ||
... | |||
) |
Format and send a string to the server.
[in] | session | Pointer to GNUTLS session. |
[in] | format | printf-style format string for message. |
int openvas_server_sendf_xml | ( | gnutls_session_t * | session, |
const char * | format, | ||
... | |||
) |
Format and send an XML string to the server.
Escape XML in string and character args.
[in] | session | Pointer to GNUTLS session. |
[in] | format | printf-style format string for message. |
int openvas_server_sendf_xml_quiet | ( | gnutls_session_t * | session, |
const char * | format, | ||
... | |||
) |
Format and send an XML string to the server.
Escape XML in string and character args.
Quiet version, only logs warnings.
[in] | session | Pointer to GNUTLS session. |
[in] | format | printf-style format string for message. |
int openvas_server_verify | ( | gnutls_session_t | session | ) |
Verify certificate.
[in] | session | Pointer to GNUTLS session. |
int openvas_server_vsendf | ( | gnutls_session_t * | session, |
const char * | fmt, | ||
va_list | ap | ||
) |
Send a string to the server.
[in] | session | Pointer to GNUTLS session. |
[in] | fmt | Format of string to send. |
[in] | ap | Args for fmt. |
int openvas_server_vsendf_quiet | ( | gnutls_session_t * | session, |
const char * | fmt, | ||
va_list | ap | ||
) |
Send a string to the server, refraining from logging besides warnings.
[in] | session | Pointer to GNUTLS session. |
[in] | fmt | Format of string to send. |
[in] | ap | Args for fmt. |
int set_gnutls_dhparams | ( | gnutls_certificate_credentials_t | creds, |
const char * | dhparams_file | ||
) |
Set a gnutls session's Diffie-Hellman parameters.
[in] | creds | GnuTLS credentials. |
[in] | dhparams_file | Path to PEM file containing the DH parameters. |
void unload_gnutls_file | ( | gnutls_datum_t * | data | ) |
Unloads a gnutls_datum_t struct's data.
[in] | data | Pointer to gnutls_datum_t struct to be unloaded. |
struct sockaddr_in address |
Server address.