OpenVAS Libraries  8.0.3
Functions
openvas_server.h File Reference

GnuTLS based functions for communication with an OpenVAS server - header file. More...

#include <stdarg.h>
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
#include <netinet/ip.h>

Go to the source code of this file.

Functions

int openvas_server_verify (gnutls_session_t)
 Verify certificate. More...
 
int openvas_server_open (gnutls_session_t *, const char *, int)
 Connect to the server using a given host and port. More...
 
int openvas_server_open_with_cert (gnutls_session_t *, const char *, int, const char *, const char *, const char *)
 
int openvas_server_close (int, gnutls_session_t)
 Close a server connection and its socket. More...
 
int openvas_server_connect (int, struct sockaddr_in *, gnutls_session_t *)
 Connect to a server. More...
 
int openvas_server_attach (int, gnutls_session_t *)
 Attach a socket to a session, and shake hands with the peer. More...
 
int openvas_server_sendf (gnutls_session_t *, const char *,...)
 Format and send a string to the server. More...
 
int openvas_server_vsendf (gnutls_session_t *, const char *, va_list)
 Send a string to the server. More...
 
int openvas_server_sendf_xml (gnutls_session_t *, const char *,...)
 Format and send an XML string to the server. More...
 
int openvas_server_sendf_xml_quiet (gnutls_session_t *, const char *,...)
 Format and send an XML string to the server. More...
 
int openvas_server_new (unsigned int, gchar *, gchar *, gchar *, gnutls_session_t *, gnutls_certificate_credentials_t *)
 Make a session for connecting to a server. More...
 
int openvas_server_new_mem (unsigned int, const char *, const char *, const char *, gnutls_session_t *, gnutls_certificate_credentials_t *)
 Make a session for connecting to a server, with certificates stored in memory. More...
 
int openvas_server_free (int, gnutls_session_t, gnutls_certificate_credentials_t)
 Cleanup a server session. More...
 
int openvas_server_session_free (gnutls_session_t, gnutls_certificate_credentials_t)
 
int load_gnutls_file (const char *, gnutls_datum_t *)
 Loads a file's data into gnutls_datum_t struct. More...
 
void unload_gnutls_file (gnutls_datum_t *)
 Unloads a gnutls_datum_t struct's data. More...
 
int set_gnutls_dhparams (gnutls_certificate_credentials_t, const char *)
 Set a gnutls session's Diffie-Hellman parameters. More...
 

Detailed Description

GnuTLS based functions for communication with an OpenVAS server - header file.

GnuTLS based functions for communication with an OpenVAS server - header. Copyright (C) 2009 Greenbone Networks GmbH

Authors: Matthew Mundell matt@.nosp@m.mund.nosp@m.ell.u.nosp@m.kfsn.nosp@m..org Michael Wiegand micha.nosp@m.el.w.nosp@m.iegan.nosp@m.d@gr.nosp@m.eenbo.nosp@m.ne.n.nosp@m.et

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

This library supplies low-level communication functions for communication with an OpenVAS server over GnuTLS.

Function Documentation

int load_gnutls_file ( const char *  file,
gnutls_datum_t *  loaded_file 
)

Loads a file's data into gnutls_datum_t struct.

Parameters
[in]fileFile to load.
[out]load_fileDestination to load file into.
Returns
0 if success, -1 if error.
int openvas_server_attach ( int  socket,
gnutls_session_t *  session 
)

Attach a socket to a session, and shake hands with the peer.

Parameters
[in]socketSocket.
[in]sessionPointer to GNUTLS session. FIXME: Why is this a pointer to a session?
Returns
0 on success, -1 on error.
int openvas_server_close ( int  socket,
gnutls_session_t  session 
)

Close a server connection and its socket.

Parameters
[in]socketSocket connected to server (from connect_to_server).
[in]sessionGNUTLS session with server.
Returns
0 on success, -1 on error.
int openvas_server_connect ( int  server_socket,
struct sockaddr_in *  server_address,
gnutls_session_t *  server_session 
)

Connect to a server.

Parameters
[in]server_socketSocket to connect to server.
[in]server_addressServer address.
[in]server_sessionSession to connect to server.
Returns
0 on success, -1 on error.
int openvas_server_free ( int  server_socket,
gnutls_session_t  server_session,
gnutls_certificate_credentials_t  server_credentials 
)

Cleanup a server session.

This shuts down the TLS session, closes the socket and releases the TLS resources.

Parameters
[in]server_socketThe socket connected to the server.
[in]server_sessionThe session with the server.
[in]server_credentialsCredentials or NULL.
Returns
0 success, -1 error.
int openvas_server_new ( unsigned int  end_type,
gchar *  ca_cert_file,
gchar *  cert_file,
gchar *  key_file,
gnutls_session_t *  server_session,
gnutls_certificate_credentials_t *  server_credentials 
)

Make a session for connecting to a server.

Parameters
[in]end_typeConnecton end type (GNUTLS_SERVER or GNUTLS_CLIENT).
[in]ca_fileCertificate authority file.
[in]cert_fileCertificate file.
[in]key_fileKey file.
[out]server_sessionThe session with the server.
[out]server_credentialsServer credentials.
Returns
0 on success, -1 on error.
int openvas_server_new_mem ( unsigned int  end_type,
const char *  ca_cert,
const char *  pub_key,
const char *  priv_key,
gnutls_session_t *  session,
gnutls_certificate_credentials_t *  credentials 
)

Make a session for connecting to a server, with certificates stored in memory.

Parameters
[in]end_typeConnecton end type: GNUTLS_SERVER or GNUTLS_CLIENT.
[in]ca_certCertificate authority public key.
[in]pub_keyPublic key.
[in]priv_keyPrivate key.
[out]sessionThe session with the server.
[out]credentialsServer credentials.
Returns
0 on success, -1 on error.
int openvas_server_open ( gnutls_session_t *  session,
const char *  host,
int  port 
)

Connect to the server using a given host and port.

Parameters
[in]sessionPointer to GNUTLS session.
[in]hostHost to connect to.
[in]portPort to connect to.
Returns
0 on success, -1 on error.
int openvas_server_open_with_cert ( gnutls_session_t *  ,
const char *  ,
int  ,
const char *  ,
const char *  ,
const char *   
)
Todo:
Ensure that host and port have sane values.
Todo:
Improve logging.
Todo:
On success we are leaking the credentials. We can't free them because the session only makes a shallow copy. A solution would be to lookup already created credentials and reuse them.
Todo:
Use openvas_server_connect.
int openvas_server_sendf ( gnutls_session_t *  session,
const char *  format,
  ... 
)

Format and send a string to the server.

Parameters
[in]sessionPointer to GNUTLS session.
[in]formatprintf-style format string for message.
Returns
0 on success, -1 on error.
int openvas_server_sendf_xml ( gnutls_session_t *  session,
const char *  format,
  ... 
)

Format and send an XML string to the server.

Escape XML in string and character args.

Parameters
[in]sessionPointer to GNUTLS session.
[in]formatprintf-style format string for message.
Returns
0 on success, -1 on error.
int openvas_server_sendf_xml_quiet ( gnutls_session_t *  session,
const char *  format,
  ... 
)

Format and send an XML string to the server.

Escape XML in string and character args.

Quiet version, only logs warnings.

Parameters
[in]sessionPointer to GNUTLS session.
[in]formatprintf-style format string for message.
Returns
0 on success, -1 on error.
int openvas_server_session_free ( gnutls_session_t  ,
gnutls_certificate_credentials_t   
)
int openvas_server_verify ( gnutls_session_t  session)

Verify certificate.

Parameters
[in]sessionPointer to GNUTLS session.
Returns
0 on success, 1 on failure, -1 on error.
int openvas_server_vsendf ( gnutls_session_t *  session,
const char *  fmt,
va_list  ap 
)

Send a string to the server.

Parameters
[in]sessionPointer to GNUTLS session.
[in]fmtFormat of string to send.
[in]apArgs for fmt.
[in]quietWhether to log debug and info messages. Useful for hiding passwords.
Returns
0 on success, 1 if server closed connection, -1 on error.
int set_gnutls_dhparams ( gnutls_certificate_credentials_t  creds,
const char *  dhparams_file 
)

Set a gnutls session's Diffie-Hellman parameters.

Parameters
[in]credsGnuTLS credentials.
[in]dhparams_filePath to PEM file containing the DH parameters.
Returns
0 on success, -1 on error.
void unload_gnutls_file ( gnutls_datum_t *  data)

Unloads a gnutls_datum_t struct's data.

Parameters
[in]dataPointer to gnutls_datum_t struct to be unloaded.