|
Greenbone Vulnerability Management Libraries 22.26.0
|
GnuTLS based functions for server communication. More...
#include "serverutils.h"#include "../base/hosts.h"#include <arpa/inet.h>#include <errno.h>#include <fcntl.h>#include <gcrypt.h>#include <glib.h>#include <gnutls/x509.h>#include <netdb.h>#include <signal.h>#include <stdio.h>#include <string.h>#include <sys/socket.h>#include <sys/types.h>#include <unistd.h>Go to the source code of this file.
Macros | |
| #define | _GNU_SOURCE |
| #define | G_LOG_DOMAIN "libgvm util" |
| GLib logging domain. | |
Functions | |
| static int | server_attach_internal (int socket, gnutls_session_t *session, const char *host, int port) |
| Attach a socket to a session, and shake hands with the peer. | |
| static int | server_new_internal (unsigned int end_type, const char *priority, const gchar *ca_cert_file, const gchar *cert_file, const gchar *key_file, gnutls_session_t *server_session, gnutls_certificate_credentials_t *server_credentials) |
| Make a session for connecting to a server. | |
| static int | close_unix (gvm_connection_t *client_connection) |
| Close UNIX socket connection. | |
| void | gvm_connection_free (gvm_connection_t *client_connection) |
| Free connection. | |
| int | gvm_server_verify (gnutls_session_t session) |
| Verify certificate. | |
| int | load_gnutls_file (const char *file, gnutls_datum_t *loaded_file) |
| Loads a file's data into gnutls_datum_t struct. | |
| void | unload_gnutls_file (gnutls_datum_t *data) |
| Unloads a gnutls_datum_t struct's data. | |
| static void | set_cert_pub_mem (const char *data) |
| Save cert_pub_mem with public certificate. | |
| static void | set_cert_priv_mem (const char *data) |
| Save cert_priv_mem with private certificate. | |
| static const char * | get_cert_priv_mem () |
| Get private certificate from cert_priv_mem. | |
| static const char * | get_cert_pub_mem () |
| Get public certificate from cert_pub_mem. | |
| static int | client_cert_callback (gnutls_session_t session, const gnutls_datum_t *req_ca_rdn, int nreqs, const gnutls_pk_algorithm_t *sign_algos, int sign_algos_length, gnutls_retr2_st *st) |
| Callback function to be called in order to retrieve the certificate to be used in the handshake. | |
| int | gvm_server_open_verify (gnutls_session_t *session, const char *host, int port, const char *ca_mem, const char *pub_mem, const char *priv_mem, int verify) |
| Connect to the server using a given host, port and cert. | |
| int | gvm_server_open_with_cert (gnutls_session_t *session, const char *host, int port, const char *ca_mem, const char *pub_mem, const char *priv_mem) |
| Connect to the server using a given host, port and cert. | |
| int | gvm_server_open (gnutls_session_t *session, const char *host, int port) |
| Connect to the server using a given host and port. | |
| int | gvm_server_close (int socket, gnutls_session_t session) |
| Close a server connection and its socket. | |
| void | gvm_connection_close (gvm_connection_t *connection) |
| Close a server connection and its socket. | |
| int | gvm_server_attach (int socket, gnutls_session_t *session) |
| Attach a socket to a session, and shake hands with the peer. | |
| static int | gvm_server_vsendf_internal (gnutls_session_t *session, const char *fmt, va_list ap, int quiet) |
| Send a string to the server. | |
| static int | unix_vsendf_internal (int socket, const char *fmt, va_list ap, int quiet) |
| Send a string to the server. | |
| static int | gvm_connection_vsendf_internal (gvm_connection_t *connection, const char *fmt, va_list ap, int quiet) |
| Send a string to the connection. | |
| int | gvm_server_vsendf (gnutls_session_t *session, const char *fmt, va_list ap) |
| Send a string to the server. | |
| int | gvm_socket_vsendf (int socket, const char *fmt, va_list ap) |
| Send a string to the server. | |
| static int | gvm_connection_vsendf (gvm_connection_t *connection, const char *fmt, va_list ap) |
| Send a string to the server. | |
| static int | gvm_server_vsendf_quiet (gnutls_session_t *session, const char *fmt, va_list ap) |
| Send a string to the server, refraining from logging besides warnings. | |
| static int | gvm_connection_vsendf_quiet (gvm_connection_t *connection, const char *fmt, va_list ap) |
| Send a string to the server, refraining from logging besides warnings. | |
| int | gvm_server_sendf (gnutls_session_t *session, const char *format,...) |
| Format and send a string to the server. | |
| int | gvm_connection_sendf (gvm_connection_t *connection, const char *format,...) |
| Format and send a string to the server. | |
| static int | gvm_server_sendf_quiet (gnutls_session_t *session, const char *format,...) |
| Format and send a string to the server. | |
| static int | gvm_connection_sendf_quiet (gvm_connection_t *connection, const char *format,...) |
| Format and send a string to the server. | |
| int | gvm_server_sendf_xml (gnutls_session_t *session, const char *format,...) |
| Format and send an XML string to the server. | |
| int | gvm_connection_sendf_xml (gvm_connection_t *connection, const char *format,...) |
| Format and send an XML string to the server. | |
| int | gvm_server_sendf_xml_quiet (gnutls_session_t *session, const char *format,...) |
| Format and send an XML string to the server. | |
| int | gvm_connection_sendf_xml_quiet (gvm_connection_t *connection, const char *format,...) |
| Format and send an XML string to the server. | |
| static int | server_new_gnutls_init (gnutls_certificate_credentials_t *server_credentials) |
| Initialize a server session. | |
| static int | server_new_gnutls_set (unsigned int end_type, const char *priority, gnutls_session_t *server_session, gnutls_certificate_credentials_t *server_credentials) |
| Set the server credentials. | |
| int | gvm_server_new (unsigned int end_type, gchar *ca_cert_file, gchar *cert_file, gchar *key_file, gnutls_session_t *server_session, gnutls_certificate_credentials_t *server_credentials) |
| Make a session for connecting to a server. | |
| int | gvm_server_new_mem (unsigned int end_type, const char *ca_cert, const char *pub_key, const char *priv_key, gnutls_session_t *session, gnutls_certificate_credentials_t *credentials) |
| Make a session for connecting to a server, with certificates stored in memory. | |
| int | set_gnutls_dhparams (gnutls_certificate_credentials_t creds, const char *dhparams_file) |
| Set a gnutls session's Diffie-Hellman parameters. | |
| int | gvm_server_free (int server_socket, gnutls_session_t server_session, gnutls_certificate_credentials_t server_credentials) |
| Cleanup a server session. | |
Variables | |
| static char * | cert_pub_mem = NULL |
| static char * | cert_priv_mem = NULL |
GnuTLS based functions for server communication.
This library supplies low-level communication functions for communication with a server over GnuTLS.
| #define _GNU_SOURCE |
| #define G_LOG_DOMAIN "libgvm util" |
GLib logging domain.
|
static |
Callback function to be called in order to retrieve the certificate to be used in the handshake.
| [in] | session | Pointer to GNUTLS session. Not in used. Can be NULL. |
| [in] | req_ca_rdn | Contains a list with the CA names that the server considers trusted. Not in used. Can be NULL. |
| [in] | nreqs | Number of CA requested. Not in used. Can be NULL. |
| [in] | sign_algos | contains a list with server's acceptable public key algorithms. Not in used. Can be NULL. |
| [in] | sign_algos_length | Algos list length. Not in used. Can be NULL. |
| [out] | st | Should contain the certificates and private keys |
|
static |
Close UNIX socket connection.
| [in] | client_connection | Client connection. |
|
static |
Get private certificate from cert_priv_mem.
|
static |
Get public certificate from cert_pub_mem.
| void gvm_connection_close | ( | gvm_connection_t * | connection | ) |
Close a server connection and its socket.
| [in] | connection | Connection. |
| void gvm_connection_free | ( | gvm_connection_t * | client_connection | ) |
Free connection.
| [in] | client_connection | Connection. |
| int gvm_connection_sendf | ( | gvm_connection_t * | connection, |
| const char * | format, | ||
| ... ) |
Format and send a string to the server.
| [in] | connection | Connection. |
| [in] | format | printf-style format string for message. |
|
static |
Format and send a string to the server.
| [in] | connection | Connection. |
| [in] | format | printf-style format string for message. |
| int gvm_connection_sendf_xml | ( | gvm_connection_t * | connection, |
| const char * | format, | ||
| ... ) |
Format and send an XML string to the server.
Escape XML in string and character args.
| [in] | connection | Connection. |
| [in] | format | printf-style format string for message. |
| int gvm_connection_sendf_xml_quiet | ( | gvm_connection_t * | connection, |
| const char * | format, | ||
| ... ) |
Format and send an XML string to the server.
Escape XML in string and character args.
Quiet version, only logs warnings.
| [in] | connection | Connection. |
| [in] | format | printf-style format string for message. |
|
static |
Send a string to the server.
| [in] | connection | Connection. |
| [in] | fmt | Format of string to send. |
| [in] | ap | Args for fmt. |
|
static |
Send a string to the connection.
| [in] | connection | Connection. |
| [in] | fmt | Format of string to send. |
| [in] | ap | Args for fmt. |
| [in] | quiet | Whether to log debug and info messages. Useful for hiding passwords. |
|
static |
Send a string to the server, refraining from logging besides warnings.
| [in] | connection | Connection. |
| [in] | fmt | Format of string to send. |
| [in] | ap | Args for fmt. |
| int gvm_server_attach | ( | int | socket, |
| gnutls_session_t * | session ) |
Attach a socket to a session, and shake hands with the peer.
| [in] | socket | Socket. |
| [in] | session | Pointer to GNUTLS session. FIXME: Why is this a pointer to a session? |
| int gvm_server_close | ( | int | socket, |
| gnutls_session_t | session ) |
Close a server connection and its socket.
| [in] | socket | Socket connected to server. |
| [in] | session | GNUTLS session with server. |
| int gvm_server_free | ( | int | server_socket, |
| gnutls_session_t | server_session, | ||
| gnutls_certificate_credentials_t | server_credentials ) |
Cleanup a server session.
This shuts down the TLS session, closes the socket and releases the TLS resources.
| [in] | server_socket | The socket connected to the server. |
| [in] | server_session | The session with the server. |
| [in] | server_credentials | Credentials or NULL. |
| int gvm_server_new | ( | unsigned int | end_type, |
| gchar * | ca_cert_file, | ||
| gchar * | cert_file, | ||
| gchar * | key_file, | ||
| gnutls_session_t * | server_session, | ||
| gnutls_certificate_credentials_t * | server_credentials ) |
Make a session for connecting to a server.
| [in] | end_type | Connection end type (GNUTLS_SERVER or GNUTLS_CLIENT). |
| [in] | ca_cert_file | Certificate authority file. |
| [in] | cert_file | Certificate file. |
| [in] | key_file | Key file. |
| [out] | server_session | The session with the server. |
| [out] | server_credentials | Server credentials. |
| int gvm_server_new_mem | ( | unsigned int | end_type, |
| const char * | ca_cert, | ||
| const char * | pub_key, | ||
| const char * | priv_key, | ||
| gnutls_session_t * | session, | ||
| gnutls_certificate_credentials_t * | credentials ) |
Make a session for connecting to a server, with certificates stored in memory.
| [in] | end_type | Connection end type: GNUTLS_SERVER or GNUTLS_CLIENT. |
| [in] | ca_cert | Certificate authority public key. |
| [in] | pub_key | Public key. |
| [in] | priv_key | Private key. |
| [out] | session | The session with the server. |
| [out] | credentials | Server credentials. |
| int gvm_server_open | ( | gnutls_session_t * | session, |
| const char * | host, | ||
| int | port ) |
Connect to the server using a given host and port.
| [in] | session | Pointer to GNUTLS session. |
| [in] | host | Host to connect to. |
| [in] | port | Port to connect to. |
| int gvm_server_open_verify | ( | gnutls_session_t * | session, |
| const char * | host, | ||
| int | port, | ||
| const char * | ca_mem, | ||
| const char * | pub_mem, | ||
| const char * | priv_mem, | ||
| int | verify ) |
Connect to the server using a given host, port and cert.
| [in] | session | Pointer to GNUTLS session. |
| [in] | host | Host to connect to. |
| [in] | port | Port to connect to. |
| [in] | ca_mem | CA cert. |
| [in] | pub_mem | Public key. |
| [in] | priv_mem | Private key. |
| [in] | verify | Whether to verify. |
| int gvm_server_open_with_cert | ( | gnutls_session_t * | session, |
| const char * | host, | ||
| int | port, | ||
| const char * | ca_mem, | ||
| const char * | pub_mem, | ||
| const char * | priv_mem ) |
Connect to the server using a given host, port and cert.
Verify if all cert args are given.
| [in] | session | Pointer to GNUTLS session. |
| [in] | host | Host to connect to. |
| [in] | port | Port to connect to. |
| [in] | ca_mem | CA cert. |
| [in] | pub_mem | Public key. |
| [in] | priv_mem | Private key. |
| int gvm_server_sendf | ( | gnutls_session_t * | session, |
| const char * | format, | ||
| ... ) |
Format and send a string to the server.
| [in] | session | Pointer to GNUTLS session. |
| [in] | format | printf-style format string for message. |
|
static |
Format and send a string to the server.
| [in] | session | Pointer to GNUTLS session. |
| [in] | format | printf-style format string for message. |
| int gvm_server_sendf_xml | ( | gnutls_session_t * | session, |
| const char * | format, | ||
| ... ) |
Format and send an XML string to the server.
Escape XML in string and character args.
| [in] | session | Pointer to GNUTLS session. |
| [in] | format | printf-style format string for message. |
| int gvm_server_sendf_xml_quiet | ( | gnutls_session_t * | session, |
| const char * | format, | ||
| ... ) |
Format and send an XML string to the server.
Escape XML in string and character args.
Quiet version, only logs warnings.
| [in] | session | Pointer to GNUTLS session. |
| [in] | format | printf-style format string for message. |
| int gvm_server_verify | ( | gnutls_session_t | session | ) |
Verify certificate.
| [in] | session | Pointer to GNUTLS session. |
| int gvm_server_vsendf | ( | gnutls_session_t * | session, |
| const char * | fmt, | ||
| va_list | ap ) |
Send a string to the server.
| [in] | session | Pointer to GNUTLS session. |
| [in] | fmt | Format of string to send. |
| [in] | ap | Args for fmt. |
|
static |
Send a string to the server.
| [in] | session | Pointer to GNUTLS session. |
| [in] | fmt | Format of string to send. |
| [in] | ap | Args for fmt. |
| [in] | quiet | Whether to log debug and info messages. Useful for hiding passwords. |
|
static |
Send a string to the server, refraining from logging besides warnings.
| [in] | session | Pointer to GNUTLS session. |
| [in] | fmt | Format of string to send. |
| [in] | ap | Args for fmt. |
| int gvm_socket_vsendf | ( | int | socket, |
| const char * | fmt, | ||
| va_list | ap ) |
Send a string to the server.
| [in] | socket | Socket to send string through. |
| [in] | fmt | Format of string to send. |
| [in] | ap | Args for fmt. |
| int load_gnutls_file | ( | const char * | file, |
| gnutls_datum_t * | loaded_file ) |
Loads a file's data into gnutls_datum_t struct.
| [in] | file | File to load. |
| [out] | loaded_file | Destination to load file into. |
|
static |
Attach a socket to a session, and shake hands with the peer.
| [in] | socket | Socket. |
| [in] | session | Pointer to GNUTLS session. |
| [in] | host | NULL or the name of the host for diagnostics |
| [in] | port | Port number for diagnostics; only used if host is not NULL |
|
static |
Initialize a server session.
| [in] | server_credentials | Credentials to be allocated. |
|
static |
Set the server credentials.
| [in] | end_type | Connection end type. |
| [in] | priority | TLS priority to be set. If no one is given, NORMAL is default. |
| [in] | server_session | GNUTLS session. |
| [in] | server_credentials | Credentials to be set. |
|
static |
Make a session for connecting to a server.
| [in] | end_type | Connection end type (GNUTLS_SERVER or GNUTLS_CLIENT). |
| [in] | priority | Custom priority string or NULL. |
| [in] | ca_cert_file | Certificate authority file. |
| [in] | cert_file | Certificate file. |
| [in] | key_file | Key file. |
| [out] | server_session | The session with the server. |
| [out] | server_credentials | Server credentials. |
|
static |
Save cert_priv_mem with private certificate.
| [in] | data | The DER or PEM encoded certificate. |
|
static |
Save cert_pub_mem with public certificate.
| [in] | data | The DER or PEM encoded certificate. |
| int set_gnutls_dhparams | ( | gnutls_certificate_credentials_t | creds, |
| const char * | dhparams_file ) |
Set a gnutls session's Diffie-Hellman parameters.
| [in] | creds | GnuTLS credentials. |
| [in] | dhparams_file | Path to PEM file containing the DH parameters. |
|
static |
Send a string to the server.
| [in] | socket | Socket. |
| [in] | fmt | Format of string to send. |
| [in] | ap | Args for fmt. |
| [in] | quiet | Whether to log debug and info messages. Useful for hiding passwords. |
| void unload_gnutls_file | ( | gnutls_datum_t * | data | ) |
Unloads a gnutls_datum_t struct's data.
| [in] | data | Pointer to gnutls_datum_t struct to be unloaded. |
|
static |
|
static |