Greenbone Vulnerability Management Libraries  11.0.1
serverutils.h File Reference

GnuTLS based functions for server communication - header file. More...

#include <glib.h>
#include <gnutls/gnutls.h>
#include <stdarg.h>
#include <sys/param.h>
#include <netinet/ip.h>
Include dependency graph for serverutils.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  gvm_connection_t
 Connection. More...
 

Functions

void gvm_connection_free (gvm_connection_t *)
 Free connection. More...
 
void gvm_connection_close (gvm_connection_t *)
 Close a server connection and its socket. More...
 
int gvm_server_verify (gnutls_session_t)
 Verify certificate. More...
 
int gvm_server_open (gnutls_session_t *, const char *, int)
 Connect to the server using a given host and port. More...
 
int gvm_server_open_verify (gnutls_session_t *, const char *, int, const char *, const char *, const char *, int)
 Connect to the server using a given host, port and cert. More...
 
int gvm_server_open_with_cert (gnutls_session_t *, const char *, int, const char *, const char *, const char *)
 Connect to the server using a given host, port and cert. More...
 
int gvm_server_close (int, gnutls_session_t)
 Close a server connection and its socket. More...
 
int gvm_server_attach (int, gnutls_session_t *)
 Attach a socket to a session, and shake hands with the peer. More...
 
int gvm_server_sendf (gnutls_session_t *, const char *,...) __attribute__((format(printf
 
int int gvm_server_vsendf (gnutls_session_t *, const char *, va_list)
 Send a string to the server. More...
 
int gvm_socket_vsendf (int, const char *, va_list)
 Send a string to the server. More...
 
int gvm_server_sendf_xml (gnutls_session_t *, const char *,...)
 Format and send an XML string to the server. More...
 
int gvm_server_sendf_xml_quiet (gnutls_session_t *, const char *,...)
 Format and send an XML string to the server. More...
 
int gvm_connection_sendf_xml (gvm_connection_t *, const char *,...)
 Format and send an XML string to the server. More...
 
int gvm_connection_sendf_xml_quiet (gvm_connection_t *, const char *,...)
 Format and send an XML string to the server. More...
 
int gvm_connection_sendf (gvm_connection_t *, const char *,...)
 Format and send a string to the server. More...
 
int gvm_server_new (unsigned int, gchar *, gchar *, gchar *, gnutls_session_t *, gnutls_certificate_credentials_t *)
 Make a session for connecting to a server. More...
 
int gvm_server_new_mem (unsigned int, const char *, const char *, const char *, gnutls_session_t *, gnutls_certificate_credentials_t *)
 Make a session for connecting to a server, with certificates stored in memory. More...
 
int gvm_server_free (int, gnutls_session_t, gnutls_certificate_credentials_t)
 Cleanup a server session. More...
 
int gvm_server_session_free (gnutls_session_t, gnutls_certificate_credentials_t)
 
int load_gnutls_file (const char *, gnutls_datum_t *)
 Loads a file's data into gnutls_datum_t struct. More...
 
void unload_gnutls_file (gnutls_datum_t *)
 Unloads a gnutls_datum_t struct's data. More...
 
int set_gnutls_dhparams (gnutls_certificate_credentials_t, const char *)
 Set a gnutls session's Diffie-Hellman parameters. More...
 

Detailed Description

GnuTLS based functions for server communication - header file.

This module supplies low-level communication functions for communication with a server over GnuTLS.

Definition in file serverutils.h.

Function Documentation

◆ gvm_connection_close()

void gvm_connection_close ( gvm_connection_t connection)

Close a server connection and its socket.

Parameters
[in]connectionConnection.
Returns
0 on success, -1 on error.

Definition at line 526 of file serverutils.c.

527 {
528  gvm_connection_free (connection);
529 }

References gvm_connection_free().

Here is the call graph for this function:

◆ gvm_connection_free()

void gvm_connection_free ( gvm_connection_t client_connection)

Free connection.

Parameters
[in]client_connectionConnection.

Definition at line 111 of file serverutils.c.

112 {
113  if (client_connection->tls)
114  gvm_server_free (client_connection->socket, client_connection->session,
115  client_connection->credentials);
116  else
117  close_unix (client_connection);
118 }

References close_unix(), gvm_connection_t::credentials, gvm_server_free(), gvm_connection_t::session, gvm_connection_t::socket, and gvm_connection_t::tls.

Referenced by gvm_connection_close().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ gvm_connection_sendf()

int gvm_connection_sendf ( gvm_connection_t connection,
const char *  format,
  ... 
)

Format and send a string to the server.

Parameters
[in]connectionConnection.
[in]formatprintf-style format string for message.
Returns
0 on success, -1 on error.

Definition at line 845 of file serverutils.c.

846 {
847  va_list ap;
848  int rc;
849 
850  va_start (ap, format);
851  rc = gvm_connection_vsendf (connection, format, ap);
852  va_end (ap);
853  return rc;
854 }

References gvm_connection_vsendf().

Referenced by gmp_ping_c(), gmp_resume_task_report_c(), gmp_start_task_report_c(), gmp_stop_task_c(), and gvm_connection_sendf_xml().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ gvm_connection_sendf_xml()

int gvm_connection_sendf_xml ( gvm_connection_t connection,
const char *  format,
  ... 
)

Format and send an XML string to the server.

Escape XML in string and character args.

Parameters
[in]connectionConnection.
[in]formatprintf-style format string for message.
Returns
0 on success, -1 on error.

Definition at line 933 of file serverutils.c.

934 {
935  va_list ap;
936  gchar *msg;
937  int rc;
938 
939  va_start (ap, format);
940  msg = g_markup_vprintf_escaped (format, ap);
941  rc = gvm_connection_sendf (connection, "%s", msg);
942  g_free (msg);
943  va_end (ap);
944  return rc;
945 }

References gvm_connection_sendf().

Here is the call graph for this function:

◆ gvm_connection_sendf_xml_quiet()

int gvm_connection_sendf_xml_quiet ( gvm_connection_t connection,
const char *  format,
  ... 
)

Format and send an XML string to the server.

Escape XML in string and character args.

Quiet version, only logs warnings.

Parameters
[in]connectionConnection.
[in]formatprintf-style format string for message.
Returns
0 on success, -1 on error.

Definition at line 987 of file serverutils.c.

989 {
990  va_list ap;
991  gchar *msg;
992  int rc;
993 
994  va_start (ap, format);
995  msg = g_markup_vprintf_escaped (format, ap);
996  rc = gvm_connection_sendf_quiet (connection, "%s", msg);
997  g_free (msg);
998  va_end (ap);
999  return rc;
1000 }

References gvm_connection_sendf_quiet().

Referenced by gmp_authenticate_info_ext_c().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ gvm_server_attach()

int gvm_server_attach ( int  socket,
gnutls_session_t *  session 
)

Attach a socket to a session, and shake hands with the peer.

Parameters
[in]socketSocket.
[in]sessionPointer to GNUTLS session. FIXME: Why is this a pointer to a session?
Returns
0 on success, -1 on error.

Definition at line 591 of file serverutils.c.

592 {
593  int ret;
594 
595  ret = server_attach_internal (socket, session, NULL, 0);
596  return ret ? -1 : 0;
597 }

References server_attach_internal().

Here is the call graph for this function:

◆ gvm_server_close()

int gvm_server_close ( int  socket,
gnutls_session_t  session 
)

Close a server connection and its socket.

Parameters
[in]socketSocket connected to server.
[in]sessionGNUTLS session with server.
Returns
0 on success, -1 on error.

Definition at line 513 of file serverutils.c.

514 {
515  return gvm_server_free (socket, session, NULL);
516 }

References gvm_server_free().

Referenced by osp_connection_close().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ gvm_server_free()

int gvm_server_free ( int  server_socket,
gnutls_session_t  server_session,
gnutls_certificate_credentials_t  server_credentials 
)

Cleanup a server session.

This shuts down the TLS session, closes the socket and releases the TLS resources.

Parameters
[in]server_socketThe socket connected to the server.
[in]server_sessionThe session with the server.
[in]server_credentialsCredentials or NULL.
Returns
0 success, -1 error.

Definition at line 1283 of file serverutils.c.

1285 {
1286  /* Turn off blocking. */
1287  // FIX get flags first
1288  if (fcntl (server_socket, F_SETFL, O_NONBLOCK) == -1)
1289  {
1290  g_warning ("%s: failed to set server socket flag: %s\n", __FUNCTION__,
1291  strerror (errno));
1292  return -1;
1293  }
1294 
1295  while (1)
1296  {
1297  int ret = gnutls_bye (server_session, GNUTLS_SHUT_WR);
1298  if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED)
1299  {
1300  continue;
1301  }
1302  if (ret)
1303  {
1304  g_debug (" Failed to gnutls_bye: %s\n",
1305  gnutls_strerror ((int) ret));
1306  /* Carry on successfully anyway, as this often fails, perhaps
1307  * because the server is closing the connection first. */
1308  break;
1309  }
1310  break;
1311  }
1312 
1313  /* The former separate code in gvm_server_close and here
1314  differed in the order the TLS session and socket was closed. The
1315  way we do it here seems to be the right thing but for full
1316  backward compatibility we do it for calls from
1317  gvm_server_close in the old way. We can distinguish the two
1318  modes by the existence of server_credentials. */
1319  if (server_credentials)
1320  {
1321  if (close (server_socket) == -1)
1322  {
1323  g_warning ("%s: failed to close server socket: %s\n", __FUNCTION__,
1324  strerror (errno));
1325  return -1;
1326  }
1327  gnutls_deinit (server_session);
1328  gnutls_certificate_free_credentials (server_credentials);
1329  }
1330  else
1331  {
1332  gnutls_deinit (server_session);
1333  close (server_socket);
1334  }
1335 
1336  gnutls_global_deinit ();
1337 
1338  return 0;
1339 }

Referenced by gvm_connection_free(), and gvm_server_close().

Here is the caller graph for this function:

◆ gvm_server_new()

int gvm_server_new ( unsigned int  end_type,
gchar *  ca_cert_file,
gchar *  cert_file,
gchar *  key_file,
gnutls_session_t *  server_session,
gnutls_certificate_credentials_t *  server_credentials 
)

Make a session for connecting to a server.

Parameters
[in]end_typeConnection end type (GNUTLS_SERVER or GNUTLS_CLIENT).
[in]ca_cert_fileCertificate authority file.
[in]cert_fileCertificate file.
[in]key_fileKey file.
[out]server_sessionThe session with the server.
[out]server_credentialsServer credentials.
Returns
0 on success, -1 on error.

Definition at line 1165 of file serverutils.c.

1168 {
1169  return server_new_internal (end_type, NULL, ca_cert_file, cert_file, key_file,
1170  server_session, server_credentials);
1171 }

References server_new_internal().

Here is the call graph for this function:

◆ gvm_server_new_mem()

int gvm_server_new_mem ( unsigned int  end_type,
const char *  ca_cert,
const char *  pub_key,
const char *  priv_key,
gnutls_session_t *  session,
gnutls_certificate_credentials_t *  credentials 
)

Make a session for connecting to a server, with certificates stored in memory.

Parameters
[in]end_typeConnecton end type: GNUTLS_SERVER or GNUTLS_CLIENT.
[in]ca_certCertificate authority public key.
[in]pub_keyPublic key.
[in]priv_keyPrivate key.
[out]sessionThe session with the server.
[out]credentialsServer credentials.
Returns
0 on success, -1 on error.

Definition at line 1187 of file serverutils.c.

1191 {
1192  if (server_new_gnutls_init (credentials))
1193  return -1;
1194 
1195  if (pub_key && priv_key)
1196  {
1197  int ret;
1198  gnutls_datum_t pub, priv;
1199 
1200  pub.data = (void *) pub_key;
1201  pub.size = strlen (pub_key);
1202  priv.data = (void *) priv_key;
1203  priv.size = strlen (priv_key);
1204 
1205  ret = gnutls_certificate_set_x509_key_mem (*credentials, &pub, &priv,
1206  GNUTLS_X509_FMT_PEM);
1207  if (ret < 0)
1208  {
1209  g_warning ("%s: %s\n", __FUNCTION__, gnutls_strerror (ret));
1210  return -1;
1211  }
1212  }
1213 
1214  if (ca_cert)
1215  {
1216  int ret;
1217  gnutls_datum_t data;
1218 
1219  data.data = (void *) ca_cert;
1220  data.size = strlen (ca_cert);
1221  ret = gnutls_certificate_set_x509_trust_mem (*credentials, &data,
1222  GNUTLS_X509_FMT_PEM);
1223  if (ret < 0)
1224  {
1225  g_warning ("%s: %s\n", __FUNCTION__, gnutls_strerror (ret));
1226  gnutls_certificate_free_credentials (*credentials);
1227  return -1;
1228  }
1229  }
1230 
1231  if (server_new_gnutls_set (end_type, NULL, session, credentials))
1232  {
1233  gnutls_certificate_free_credentials (*credentials);
1234  return -1;
1235  }
1236 
1237  return 0;
1238 }

References server_new_gnutls_init(), and server_new_gnutls_set().

Referenced by gvm_server_open_verify().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ gvm_server_open()

int gvm_server_open ( gnutls_session_t *  session,
const char *  host,
int  port 
)

Connect to the server using a given host and port.

Parameters
[in]sessionPointer to GNUTLS session.
[in]hostHost to connect to.
[in]portPort to connect to.
Returns
0 on success, -1 on error.

Definition at line 499 of file serverutils.c.

500 {
501  return gvm_server_open_with_cert (session, host, port, NULL, NULL, NULL);
502 }

References gvm_server_open_with_cert().

Here is the call graph for this function:

◆ gvm_server_open_verify()

int gvm_server_open_verify ( gnutls_session_t *  session,
const char *  host,
int  port,
const char *  ca_mem,
const char *  pub_mem,
const char *  priv_mem,
int  verify 
)

Connect to the server using a given host, port and cert.

Parameters
[in]sessionPointer to GNUTLS session.
[in]hostHost to connect to.
[in]portPort to connect to.
[in]ca_memCA cert.
[in]pub_memPublic key.
[in]priv_memPrivate key.
[in]verifyWhether to verify.
Returns
0 on success, -1 on error.
Warning
On success we are leaking the credentials. We can't free them because the session only makes a shallow copy.

Definition at line 333 of file serverutils.c.

336 {
337  int ret;
338  int server_socket;
339  struct addrinfo address_hints;
340  struct addrinfo *addresses, *address;
341  gchar *port_string;
342  int host_type;
343 
344  gnutls_certificate_credentials_t credentials;
345 
346  /* Ensure that host and port have sane values. */
347  if (port < 1 || port > 65535)
348  {
349  g_warning ("Failed to create client TLS session. "
350  "Invalid port %d",
351  port);
352  return -1;
353  }
354  host_type = gvm_get_host_type (host);
356  || host_type == HOST_TYPE_IPV6))
357  {
358  g_warning ("Failed to create client TLS session. Invalid host %s", host);
359  return -1;
360  }
361 
365  if (gvm_server_new_mem (GNUTLS_CLIENT, ca_mem, pub_mem, priv_mem, session,
366  &credentials))
367  {
368  g_warning ("Failed to create client TLS session.");
369  return -1;
370  }
371 
372  if (ca_mem && pub_mem && priv_mem)
373  {
374  set_cert_pub_mem (pub_mem);
375  set_cert_priv_mem (priv_mem);
376 
377  gnutls_certificate_set_retrieve_function (credentials,
379  }
380 
381  /* Create the port string. */
382 
383  port_string = g_strdup_printf ("%i", port);
384 
385  /* Get all possible addresses. */
386 
387  memset (&address_hints, 0, sizeof (address_hints));
388  address_hints.ai_family = AF_UNSPEC; /* IPv4 or IPv6. */
389  address_hints.ai_socktype = SOCK_STREAM;
390  address_hints.ai_protocol = 0;
391 
392  if (getaddrinfo (host, port_string, &address_hints, &addresses))
393  {
394  g_free (port_string);
395  g_warning ("Failed to get server addresses for %s: %s", host,
396  gai_strerror (errno));
397  gnutls_deinit (*session);
398  gnutls_certificate_free_credentials (credentials);
399  return -1;
400  }
401  g_free (port_string);
402 
403  /* Try to connect to each address in turn. */
404 
405  for (address = addresses; address; address = address->ai_next)
406  {
407  /* Make server socket. */
408 
409  if (address->ai_family == AF_INET6)
410  server_socket = socket (PF_INET6, SOCK_STREAM, 0);
411  else
412  server_socket = socket (PF_INET, SOCK_STREAM, 0);
413  if (server_socket == -1)
414  {
415  g_warning ("Failed to create server socket");
416  freeaddrinfo (addresses);
417  gnutls_deinit (*session);
418  gnutls_certificate_free_credentials (credentials);
419  return -1;
420  }
421 
422  /* Connect to server. */
423 
424  if (connect (server_socket, address->ai_addr, address->ai_addrlen) == -1)
425  {
426  close (server_socket);
427  continue;
428  }
429  break;
430  }
431 
432  freeaddrinfo (addresses);
433 
434  if (address == NULL)
435  {
436  g_warning ("Failed to connect to server");
437  gnutls_deinit (*session);
438  gnutls_certificate_free_credentials (credentials);
439  return -1;
440  }
441 
442  g_debug (" Connected to server '%s' port %d.", host, port);
443 
444  /* Complete setup of server session. */
445  ret = server_attach_internal (server_socket, session, host, port);
446  if (ret)
447  {
448  if (ret == -2)
449  {
450  close (server_socket);
451  gnutls_deinit (*session);
452  gnutls_certificate_free_credentials (credentials);
453  }
454  close (server_socket);
455  return -1;
456  }
457  if (verify && gvm_server_verify (*session))
458  {
459  close (server_socket);
460  return -1;
461  }
462 
463  return server_socket;
464 }

References address, client_cert_callback(), gvm_get_host_type(), gvm_server_new_mem(), gvm_server_verify(), HOST_TYPE_IPV4, HOST_TYPE_IPV6, HOST_TYPE_NAME, server_attach_internal(), set_cert_priv_mem(), and set_cert_pub_mem().

Referenced by gvm_server_open_with_cert().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ gvm_server_open_with_cert()

int gvm_server_open_with_cert ( gnutls_session_t *  session,
const char *  host,
int  port,
const char *  ca_mem,
const char *  pub_mem,
const char *  priv_mem 
)

Connect to the server using a given host, port and cert.

Verify if all cert args are given.

Parameters
[in]sessionPointer to GNUTLS session.
[in]hostHost to connect to.
[in]portPort to connect to.
[in]ca_memCA cert.
[in]pub_memPublic key.
[in]priv_memPrivate key.
Returns
0 on success, -1 on error.

Definition at line 481 of file serverutils.c.

484 {
485  return gvm_server_open_verify (session, host, port, ca_mem, pub_mem, priv_mem,
486  ca_mem && pub_mem && priv_mem);
487 }

References gvm_server_open_verify().

Referenced by gvm_server_open(), and osp_send_command().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ gvm_server_sendf()

int gvm_server_sendf ( gnutls_session_t *  ,
const char *  ,
  ... 
)

◆ gvm_server_sendf_xml()

int gvm_server_sendf_xml ( gnutls_session_t *  session,
const char *  format,
  ... 
)

Format and send an XML string to the server.

Escape XML in string and character args.

Parameters
[in]sessionPointer to GNUTLS session.
[in]formatprintf-style format string for message.
Returns
0 on success, -1 on error.

Definition at line 908 of file serverutils.c.

909 {
910  va_list ap;
911  gchar *msg;
912  int rc;
913 
914  va_start (ap, format);
915  msg = g_markup_vprintf_escaped (format, ap);
916  rc = gvm_server_sendf (session, "%s", msg);
917  g_free (msg);
918  va_end (ap);
919  return rc;
920 }

References gvm_server_sendf().

Referenced by gmp_create_lsc_credential(), gmp_create_lsc_credential_key(), and gmp_create_task().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ gvm_server_sendf_xml_quiet()

int gvm_server_sendf_xml_quiet ( gnutls_session_t *  session,
const char *  format,
  ... 
)

Format and send an XML string to the server.

Escape XML in string and character args.

Quiet version, only logs warnings.

Parameters
[in]sessionPointer to GNUTLS session.
[in]formatprintf-style format string for message.
Returns
0 on success, -1 on error.

Definition at line 960 of file serverutils.c.

961 {
962  va_list ap;
963  gchar *msg;
964  int rc;
965 
966  va_start (ap, format);
967  msg = g_markup_vprintf_escaped (format, ap);
968  rc = gvm_server_sendf_quiet (session, "%s", msg);
969  g_free (msg);
970  va_end (ap);
971  return rc;
972 }

References gvm_server_sendf_quiet().

Referenced by gmp_authenticate(), gmp_authenticate_info_ext(), and gmp_create_lsc_credential().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ gvm_server_session_free()

int gvm_server_session_free ( gnutls_session_t  ,
gnutls_certificate_credentials_t   
)

◆ gvm_server_verify()

int gvm_server_verify ( gnutls_session_t  session)

Verify certificate.

Parameters
[in]sessionPointer to GNUTLS session.
Returns
0 on success, 1 on failure, -1 on error.

Definition at line 130 of file serverutils.c.

131 {
132  unsigned int status;
133  int ret;
134 
135  ret = gnutls_certificate_verify_peers2 (session, &status);
136  if (ret < 0)
137  {
138  g_warning ("%s: failed to verify peers: %s", __FUNCTION__,
139  gnutls_strerror (ret));
140  return -1;
141  }
142 
143  if (status & GNUTLS_CERT_INVALID)
144  g_warning ("%s: the certificate is not trusted", __FUNCTION__);
145 
146  if (status & GNUTLS_CERT_SIGNER_NOT_CA)
147  g_warning ("%s: the certificate's issuer is not a CA", __FUNCTION__);
148 
149  if (status & GNUTLS_CERT_INSECURE_ALGORITHM)
150  g_warning ("%s: the certificate was signed using an insecure algorithm",
151  __FUNCTION__);
152 
153  if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
154  g_warning ("%s: the certificate hasn't got a known issuer", __FUNCTION__);
155 
156  if (status & GNUTLS_CERT_REVOKED)
157  g_warning ("%s: the certificate has been revoked", __FUNCTION__);
158 
159  if (status & GNUTLS_CERT_EXPIRED)
160  g_warning ("%s: the certificate has expired", __FUNCTION__);
161 
162  if (status & GNUTLS_CERT_NOT_ACTIVATED)
163  g_warning ("%s: the certificate is not yet activated", __FUNCTION__);
164 
165  if (status)
166  return 1;
167 
168  return 0;
169 }

Referenced by gvm_server_open_verify().

Here is the caller graph for this function:

◆ gvm_server_vsendf()

int int gvm_server_vsendf ( gnutls_session_t *  session,
const char *  fmt,
va_list  ap 
)

Send a string to the server.

Parameters
[in]sessionPointer to GNUTLS session.
[in]fmtFormat of string to send.
[in]apArgs for fmt.
Returns
0 on success, 1 if server closed connection, -1 on error.

Definition at line 749 of file serverutils.c.

750 {
751  return gvm_server_vsendf_internal (session, fmt, ap, 0);
752 }

References gvm_server_vsendf_internal().

Referenced by gvm_server_sendf().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ gvm_socket_vsendf()

int gvm_socket_vsendf ( int  socket,
const char *  fmt,
va_list  ap 
)

Send a string to the server.

Parameters
[in]socketSocket to send string through.
[in]fmtFormat of string to send.
[in]apArgs for fmt.
Returns
0 on success, 1 if server closed connection, -1 on error.

Definition at line 764 of file serverutils.c.

765 {
766  return unix_vsendf_internal (socket, fmt, ap, 0);
767 }

References unix_vsendf_internal().

Here is the call graph for this function:

◆ load_gnutls_file()

int load_gnutls_file ( const char *  file,
gnutls_datum_t *  loaded_file 
)

Loads a file's data into gnutls_datum_t struct.

Parameters
[in]fileFile to load.
[out]loaded_fileDestination to load file into.
Returns
0 if success, -1 if error.

Definition at line 180 of file serverutils.c.

181 {
182  FILE *f = NULL;
183  int64_t filelen;
184  void *ptr;
185 
186  if (!(f = fopen (file, "r")) || fseek (f, 0, SEEK_END) != 0
187  || (filelen = ftell (f)) < 0 || fseek (f, 0, SEEK_SET) != 0
188  || !(ptr = g_malloc0 ((size_t) filelen))
189  || fread (ptr, 1, (size_t) filelen, f) < (size_t) filelen)
190  {
191  if (f)
192  fclose (f);
193  return -1;
194  }
195 
196  loaded_file->data = ptr;
197  loaded_file->size = filelen;
198  fclose (f);
199  return 0;
200 }

Referenced by set_gnutls_dhparams().

Here is the caller graph for this function:

◆ set_gnutls_dhparams()

int set_gnutls_dhparams ( gnutls_certificate_credentials_t  creds,
const char *  dhparams_file 
)

Set a gnutls session's Diffie-Hellman parameters.

Parameters
[in]credsGnuTLS credentials.
[in]dhparams_filePath to PEM file containing the DH parameters.
Returns
0 on success, -1 on error.

Definition at line 1249 of file serverutils.c.

1251 {
1252  int ret;
1253  gnutls_datum_t data;
1254 
1255  if (!creds || !dhparams_file)
1256  return -1;
1257 
1258  if (load_gnutls_file (dhparams_file, &data))
1259  return -1;
1260  gnutls_dh_params_t params = g_malloc0 (sizeof (gnutls_dh_params_t));
1261  ret = gnutls_dh_params_import_pkcs3 (params, &data, GNUTLS_X509_FMT_PEM);
1262  unload_gnutls_file (&data);
1263  if (ret)
1264  return -1;
1265  else
1266  gnutls_certificate_set_dh_params (creds, params);
1267  return 0;
1268 }

References load_gnutls_file(), and unload_gnutls_file().

Here is the call graph for this function:

◆ unload_gnutls_file()

void unload_gnutls_file ( gnutls_datum_t *  data)

Unloads a gnutls_datum_t struct's data.

Parameters
[in]dataPointer to gnutls_datum_t struct to be unloaded.

Definition at line 208 of file serverutils.c.

209 {
210  if (data)
211  g_free (data->data);
212 }

Referenced by set_gnutls_dhparams().

Here is the caller graph for this function:
gvm_server_new_mem
int gvm_server_new_mem(unsigned int end_type, const char *ca_cert, const char *pub_key, const char *priv_key, gnutls_session_t *session, gnutls_certificate_credentials_t *credentials)
Make a session for connecting to a server, with certificates stored in memory.
Definition: serverutils.c:1187
gvm_server_verify
int gvm_server_verify(gnutls_session_t session)
Verify certificate.
Definition: serverutils.c:130
unload_gnutls_file
void unload_gnutls_file(gnutls_datum_t *data)
Unloads a gnutls_datum_t struct's data.
Definition: serverutils.c:208
gvm_connection_sendf
int gvm_connection_sendf(gvm_connection_t *connection, const char *format,...)
Format and send a string to the server.
Definition: serverutils.c:845
server_new_internal
static int server_new_internal(unsigned int, const char *, const gchar *, const gchar *, const gchar *, gnutls_session_t *, gnutls_certificate_credentials_t *)
Make a session for connecting to a server.
Definition: serverutils.c:1100
HOST_TYPE_IPV6
@ HOST_TYPE_IPV6
Definition: hosts.h:43
server_attach_internal
static int server_attach_internal(int, gnutls_session_t *, const char *, int)
Attach a socket to a session, and shake hands with the peer.
Definition: serverutils.c:543
close_unix
static int close_unix(gvm_connection_t *client_connection)
Close UNIX socket connection.
Definition: serverutils.c:76
unix_vsendf_internal
static int unix_vsendf_internal(int socket, const char *fmt, va_list ap, int quiet)
Send a string to the server.
Definition: serverutils.c:679
server_new_gnutls_init
static int server_new_gnutls_init(gnutls_certificate_credentials_t *server_credentials)
Initialize a server session.
Definition: serverutils.c:1010
HOST_TYPE_IPV4
@ HOST_TYPE_IPV4
Definition: hosts.h:39
gvm_get_host_type
int gvm_get_host_type(const gchar *str_stripped)
Determines the host type in a buffer.
Definition: hosts.c:771
gvm_server_open_with_cert
int gvm_server_open_with_cert(gnutls_session_t *session, const char *host, int port, const char *ca_mem, const char *pub_mem, const char *priv_mem)
Connect to the server using a given host, port and cert.
Definition: serverutils.c:481
gvm_connection_t::socket
int socket
Socket.
Definition: serverutils.h:46
gvm_server_vsendf_internal
static int gvm_server_vsendf_internal(gnutls_session_t *session, const char *fmt, va_list ap, int quiet)
Send a string to the server.
Definition: serverutils.c:611
gvm_connection_t::tls
int tls
Whether uses TCP-TLS (vs UNIX socket).
Definition: serverutils.h:45
load_gnutls_file
int load_gnutls_file(const char *file, gnutls_datum_t *loaded_file)
Loads a file's data into gnutls_datum_t struct.
Definition: serverutils.c:180
gvm_server_free
int gvm_server_free(int server_socket, gnutls_session_t server_session, gnutls_certificate_credentials_t server_credentials)
Cleanup a server session.
Definition: serverutils.c:1283
gvm_server_open_verify
int gvm_server_open_verify(gnutls_session_t *session, const char *host, int port, const char *ca_mem, const char *pub_mem, const char *priv_mem, int verify)
Connect to the server using a given host, port and cert.
Definition: serverutils.c:333
client_cert_callback
static int client_cert_callback(gnutls_session_t session, const gnutls_datum_t *req_ca_rdn, int nreqs, const gnutls_pk_algorithm_t *sign_algos, int sign_algos_length, gnutls_retr2_st *st)
Callback function to be called in order to retrieve the certificate to be used in the handshake.
Definition: serverutils.c:281
gvm_connection_t::credentials
gnutls_certificate_credentials_t credentials
Credentials.
Definition: serverutils.h:48
gvm_connection_free
void gvm_connection_free(gvm_connection_t *client_connection)
Free connection.
Definition: serverutils.c:111
host_type
host_type
Definition: hosts.h:36
server_new_gnutls_set
static int server_new_gnutls_set(unsigned int end_type, const char *priority, gnutls_session_t *server_session, gnutls_certificate_credentials_t *server_credentials)
Set the server credencials.
Definition: serverutils.c:1042
gvm_server_sendf
int gvm_server_sendf(gnutls_session_t *session, const char *format,...)
Format and send a string to the server.
Definition: serverutils.c:825
gvm_server_sendf_quiet
int gvm_server_sendf_quiet(gnutls_session_t *session, const char *format,...)
Format and send a string to the server.
Definition: serverutils.c:865
gvm_connection_sendf_quiet
int gvm_connection_sendf_quiet(gvm_connection_t *connection, const char *format,...)
Format and send a string to the server.
Definition: serverutils.c:885
HOST_TYPE_NAME
@ HOST_TYPE_NAME
Definition: hosts.h:38
address
struct sockaddr_in address
Server address.
Definition: serverutils.c:57
gvm_connection_t::session
gnutls_session_t session
Session.
Definition: serverutils.h:47
gvm_connection_vsendf
int gvm_connection_vsendf(gvm_connection_t *connection, const char *fmt, va_list ap)
Send a string to the server.
Definition: serverutils.c:779
set_cert_priv_mem
static void set_cert_priv_mem(const char *data)
Save cert_priv_mem with private certificate.
Definition: serverutils.c:236
set_cert_pub_mem
static void set_cert_pub_mem(const char *data)
Save cert_pub_mem with public certificate.
Definition: serverutils.c:223