Greenbone Vulnerability Management Libraries  11.0.0
serverutils.h File Reference

GnuTLS based functions for server communication - header file. More...

#include <glib.h>
#include <gnutls/gnutls.h>
#include <stdarg.h>
#include <sys/param.h>
#include <netinet/ip.h>
Include dependency graph for serverutils.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  gvm_connection_t
 Connection. More...
 

Functions

void gvm_connection_free (gvm_connection_t *)
 Free connection. More...
 
void gvm_connection_close (gvm_connection_t *)
 Close a server connection and its socket. More...
 
int gvm_server_verify (gnutls_session_t)
 Verify certificate. More...
 
int gvm_server_open (gnutls_session_t *, const char *, int)
 Connect to the server using a given host and port. More...
 
int gvm_server_open_verify (gnutls_session_t *, const char *, int, const char *, const char *, const char *, int)
 Connect to the server using a given host, port and cert. More...
 
int gvm_server_open_with_cert (gnutls_session_t *, const char *, int, const char *, const char *, const char *)
 Connect to the server using a given host, port and cert. More...
 
int gvm_server_close (int, gnutls_session_t)
 Close a server connection and its socket. More...
 
int gvm_server_attach (int, gnutls_session_t *)
 Attach a socket to a session, and shake hands with the peer. More...
 
int gvm_server_sendf (gnutls_session_t *, const char *,...) __attribute__((format(printf
 
int int gvm_server_vsendf (gnutls_session_t *, const char *, va_list)
 Send a string to the server. More...
 
int gvm_socket_vsendf (int, const char *, va_list)
 Send a string to the server. More...
 
int gvm_server_sendf_xml (gnutls_session_t *, const char *,...)
 Format and send an XML string to the server. More...
 
int gvm_server_sendf_xml_quiet (gnutls_session_t *, const char *,...)
 Format and send an XML string to the server. More...
 
int gvm_connection_sendf_xml (gvm_connection_t *, const char *,...)
 Format and send an XML string to the server. More...
 
int gvm_connection_sendf_xml_quiet (gvm_connection_t *, const char *,...)
 Format and send an XML string to the server. More...
 
int gvm_connection_sendf (gvm_connection_t *, const char *,...)
 Format and send a string to the server. More...
 
int gvm_server_new (unsigned int, gchar *, gchar *, gchar *, gnutls_session_t *, gnutls_certificate_credentials_t *)
 Make a session for connecting to a server. More...
 
int gvm_server_new_mem (unsigned int, const char *, const char *, const char *, gnutls_session_t *, gnutls_certificate_credentials_t *)
 Make a session for connecting to a server, with certificates stored in memory. More...
 
int gvm_server_free (int, gnutls_session_t, gnutls_certificate_credentials_t)
 Cleanup a server session. More...
 
int gvm_server_session_free (gnutls_session_t, gnutls_certificate_credentials_t)
 
int load_gnutls_file (const char *, gnutls_datum_t *)
 Loads a file's data into gnutls_datum_t struct. More...
 
void unload_gnutls_file (gnutls_datum_t *)
 Unloads a gnutls_datum_t struct's data. More...
 
int set_gnutls_dhparams (gnutls_certificate_credentials_t, const char *)
 Set a gnutls session's Diffie-Hellman parameters. More...
 

Detailed Description

GnuTLS based functions for server communication - header file.

This module supplies low-level communication functions for communication with a server over GnuTLS.

Definition in file serverutils.h.

Function Documentation

◆ gvm_connection_close()

void gvm_connection_close ( gvm_connection_t connection)

Close a server connection and its socket.

Parameters
[in]connectionConnection.
Returns
0 on success, -1 on error.

Definition at line 520 of file serverutils.c.

521 {
522  gvm_connection_free (connection);
523 }

References gvm_connection_free().

Here is the call graph for this function:

◆ gvm_connection_free()

void gvm_connection_free ( gvm_connection_t client_connection)

Free connection.

Parameters
[in]client_connectionConnection.

Definition at line 111 of file serverutils.c.

112 {
113  if (client_connection->tls)
114  gvm_server_free (client_connection->socket, client_connection->session,
115  client_connection->credentials);
116  else
117  close_unix (client_connection);
118 }

References close_unix(), gvm_connection_t::credentials, gvm_server_free(), gvm_connection_t::session, gvm_connection_t::socket, and gvm_connection_t::tls.

Referenced by gvm_connection_close().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ gvm_connection_sendf()

int gvm_connection_sendf ( gvm_connection_t connection,
const char *  format,
  ... 
)

Format and send a string to the server.

Parameters
[in]connectionConnection.
[in]formatprintf-style format string for message.
Returns
0 on success, -1 on error.

Definition at line 839 of file serverutils.c.

840 {
841  va_list ap;
842  int rc;
843 
844  va_start (ap, format);
845  rc = gvm_connection_vsendf (connection, format, ap);
846  va_end (ap);
847  return rc;
848 }

References gvm_connection_vsendf().

Referenced by gmp_ping_c(), gmp_resume_task_report_c(), gmp_start_task_report_c(), gmp_stop_task_c(), and gvm_connection_sendf_xml().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ gvm_connection_sendf_xml()

int gvm_connection_sendf_xml ( gvm_connection_t connection,
const char *  format,
  ... 
)

Format and send an XML string to the server.

Escape XML in string and character args.

Parameters
[in]connectionConnection.
[in]formatprintf-style format string for message.
Returns
0 on success, -1 on error.

Definition at line 927 of file serverutils.c.

928 {
929  va_list ap;
930  gchar *msg;
931  int rc;
932 
933  va_start (ap, format);
934  msg = g_markup_vprintf_escaped (format, ap);
935  rc = gvm_connection_sendf (connection, "%s", msg);
936  g_free (msg);
937  va_end (ap);
938  return rc;
939 }

References gvm_connection_sendf().

Here is the call graph for this function:

◆ gvm_connection_sendf_xml_quiet()

int gvm_connection_sendf_xml_quiet ( gvm_connection_t connection,
const char *  format,
  ... 
)

Format and send an XML string to the server.

Escape XML in string and character args.

Quiet version, only logs warnings.

Parameters
[in]connectionConnection.
[in]formatprintf-style format string for message.
Returns
0 on success, -1 on error.

Definition at line 981 of file serverutils.c.

983 {
984  va_list ap;
985  gchar *msg;
986  int rc;
987 
988  va_start (ap, format);
989  msg = g_markup_vprintf_escaped (format, ap);
990  rc = gvm_connection_sendf_quiet (connection, "%s", msg);
991  g_free (msg);
992  va_end (ap);
993  return rc;
994 }

References gvm_connection_sendf_quiet().

Referenced by gmp_authenticate_info_ext_c().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ gvm_server_attach()

int gvm_server_attach ( int  socket,
gnutls_session_t *  session 
)

Attach a socket to a session, and shake hands with the peer.

Parameters
[in]socketSocket.
[in]sessionPointer to GNUTLS session. FIXME: Why is this a pointer to a session?
Returns
0 on success, -1 on error.

Definition at line 585 of file serverutils.c.

586 {
587  int ret;
588 
589  ret = server_attach_internal (socket, session, NULL, 0);
590  return ret ? -1 : 0;
591 }

References server_attach_internal().

Here is the call graph for this function:

◆ gvm_server_close()

int gvm_server_close ( int  socket,
gnutls_session_t  session 
)

Close a server connection and its socket.

Parameters
[in]socketSocket connected to server.
[in]sessionGNUTLS session with server.
Returns
0 on success, -1 on error.

Definition at line 507 of file serverutils.c.

508 {
509  return gvm_server_free (socket, session, NULL);
510 }

References gvm_server_free().

Referenced by osp_connection_close().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ gvm_server_free()

int gvm_server_free ( int  server_socket,
gnutls_session_t  server_session,
gnutls_certificate_credentials_t  server_credentials 
)

Cleanup a server session.

This shuts down the TLS session, closes the socket and releases the TLS resources.

Parameters
[in]server_socketThe socket connected to the server.
[in]server_sessionThe session with the server.
[in]server_credentialsCredentials or NULL.
Returns
0 success, -1 error.

Definition at line 1273 of file serverutils.c.

1275 {
1276  /* Turn off blocking. */
1277  // FIX get flags first
1278  if (fcntl (server_socket, F_SETFL, O_NONBLOCK) == -1)
1279  {
1280  g_warning ("%s: failed to set server socket flag: %s\n", __FUNCTION__,
1281  strerror (errno));
1282  return -1;
1283  }
1284 
1285  while (1)
1286  {
1287  int ret = gnutls_bye (server_session, GNUTLS_SHUT_WR);
1288  if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED)
1289  {
1290  continue;
1291  }
1292  if (ret)
1293  {
1294  g_debug (" Failed to gnutls_bye: %s\n",
1295  gnutls_strerror ((int) ret));
1296  /* Carry on successfully anyway, as this often fails, perhaps
1297  * because the server is closing the connection first. */
1298  break;
1299  }
1300  break;
1301  }
1302 
1303  /* The former separate code in gvm_server_close and here
1304  differed in the order the TLS session and socket was closed. The
1305  way we do it here seems to be the right thing but for full
1306  backward compatibility we do it for calls from
1307  gvm_server_close in the old way. We can distinguish the two
1308  modes by the existence of server_credentials. */
1309  if (server_credentials)
1310  {
1311  if (close (server_socket) == -1)
1312  {
1313  g_warning ("%s: failed to close server socket: %s\n", __FUNCTION__,
1314  strerror (errno));
1315  return -1;
1316  }
1317  gnutls_deinit (server_session);
1318  gnutls_certificate_free_credentials (server_credentials);
1319  }
1320  else
1321  {
1322  gnutls_deinit (server_session);
1323  close (server_socket);
1324  }
1325 
1326  gnutls_global_deinit ();
1327 
1328  return 0;
1329 }

Referenced by gvm_connection_free(), and gvm_server_close().

Here is the caller graph for this function:

◆ gvm_server_new()

int gvm_server_new ( unsigned int  end_type,
gchar *  ca_cert_file,
gchar *  cert_file,
gchar *  key_file,
gnutls_session_t *  server_session,
gnutls_certificate_credentials_t *  server_credentials 
)

Make a session for connecting to a server.

Parameters
[in]end_typeConnection end type (GNUTLS_SERVER or GNUTLS_CLIENT).
[in]ca_cert_fileCertificate authority file.
[in]cert_fileCertificate file.
[in]key_fileKey file.
[out]server_sessionThe session with the server.
[out]server_credentialsServer credentials.
Returns
0 on success, -1 on error.

Definition at line 1155 of file serverutils.c.

1158 {
1159  return server_new_internal (end_type, NULL, ca_cert_file, cert_file, key_file,
1160  server_session, server_credentials);
1161 }

References server_new_internal().

Here is the call graph for this function:

◆ gvm_server_new_mem()

int gvm_server_new_mem ( unsigned int  end_type,
const char *  ca_cert,
const char *  pub_key,
const char *  priv_key,
gnutls_session_t *  session,
gnutls_certificate_credentials_t *  credentials 
)

Make a session for connecting to a server, with certificates stored in memory.

Parameters
[in]end_typeConnecton end type: GNUTLS_SERVER or GNUTLS_CLIENT.
[in]ca_certCertificate authority public key.
[in]pub_keyPublic key.
[in]priv_keyPrivate key.
[out]sessionThe session with the server.
[out]credentialsServer credentials.
Returns
0 on success, -1 on error.

Definition at line 1177 of file serverutils.c.

1181 {
1182  if (server_new_gnutls_init (credentials))
1183  return -1;
1184 
1185  if (pub_key && priv_key)
1186  {
1187  int ret;
1188  gnutls_datum_t pub, priv;
1189 
1190  pub.data = (void *) pub_key;
1191  pub.size = strlen (pub_key);
1192  priv.data = (void *) priv_key;
1193  priv.size = strlen (priv_key);
1194 
1195  ret = gnutls_certificate_set_x509_key_mem (*credentials, &pub, &priv,
1196  GNUTLS_X509_FMT_PEM);
1197  if (ret < 0)
1198  {
1199  g_warning ("%s: %s\n", __FUNCTION__, gnutls_strerror (ret));
1200  return -1;
1201  }
1202  }
1203 
1204  if (ca_cert)
1205  {
1206  int ret;
1207  gnutls_datum_t data;
1208 
1209  data.data = (void *) ca_cert;
1210  data.size = strlen (ca_cert);
1211  ret = gnutls_certificate_set_x509_trust_mem (*credentials, &data,
1212  GNUTLS_X509_FMT_PEM);
1213  if (ret < 0)
1214  {
1215  g_warning ("%s: %s\n", __FUNCTION__, gnutls_strerror (ret));
1216  gnutls_certificate_free_credentials (*credentials);
1217  return -1;
1218  }
1219  }
1220 
1221  if (server_new_gnutls_set (end_type, NULL, session, credentials))
1222  {
1223  gnutls_certificate_free_credentials (*credentials);
1224  return -1;
1225  }
1226 
1227  return 0;
1228 }

References server_new_gnutls_init(), and server_new_gnutls_set().

Referenced by gvm_server_open_verify().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ gvm_server_open()

int gvm_server_open ( gnutls_session_t *  session,
const char *  host,
int  port 
)

Connect to the server using a given host and port.

Parameters
[in]sessionPointer to GNUTLS session.
[in]hostHost to connect to.
[in]portPort to connect to.
Returns
0 on success, -1 on error.

Definition at line 493 of file serverutils.c.

494 {
495  return gvm_server_open_with_cert (session, host, port, NULL, NULL, NULL);
496 }

References gvm_server_open_with_cert().

Here is the call graph for this function:

◆ gvm_server_open_verify()

int gvm_server_open_verify ( gnutls_session_t *  session,
const char *  host,
int  port,
const char *  ca_mem,
const char *  pub_mem,
const char *  priv_mem,
int  verify 
)

Connect to the server using a given host, port and cert.

Parameters
[in]sessionPointer to GNUTLS session.
[in]hostHost to connect to.
[in]portPort to connect to.
[in]ca_memCA cert.
[in]pub_memPublic key.
[in]priv_memPrivate key.
[in]verifyWhether to verify.
Returns
0 on success, -1 on error.
Warning
On success we are leaking the credentials. We can't free them because the session only makes a shallow copy.

Definition at line 327 of file serverutils.c.

330 {
331  int ret;
332  int server_socket;
333  struct addrinfo address_hints;
334  struct addrinfo *addresses, *address;
335  gchar *port_string;
336  int host_type;
337 
338  gnutls_certificate_credentials_t credentials;
339 
340  /* Ensure that host and port have sane values. */
341  if (port < 1 || port > 65535)
342  {
343  g_warning ("Failed to create client TLS session. "
344  "Invalid port %d",
345  port);
346  return -1;
347  }
348  host_type = gvm_get_host_type (host);
350  || host_type == HOST_TYPE_IPV6))
351  {
352  g_warning ("Failed to create client TLS session. Invalid host %s", host);
353  return -1;
354  }
355 
359  if (gvm_server_new_mem (GNUTLS_CLIENT, ca_mem, pub_mem, priv_mem, session,
360  &credentials))
361  {
362  g_warning ("Failed to create client TLS session.");
363  return -1;
364  }
365 
366  if (ca_mem && pub_mem && priv_mem)
367  {
368  set_cert_pub_mem (pub_mem);
369  set_cert_priv_mem (priv_mem);
370 
371  gnutls_certificate_set_retrieve_function (credentials,
373  }
374 
375  /* Create the port string. */
376 
377  port_string = g_strdup_printf ("%i", port);
378 
379  /* Get all possible addresses. */
380 
381  memset (&address_hints, 0, sizeof (address_hints));
382  address_hints.ai_family = AF_UNSPEC; /* IPv4 or IPv6. */
383  address_hints.ai_socktype = SOCK_STREAM;
384  address_hints.ai_protocol = 0;
385 
386  if (getaddrinfo (host, port_string, &address_hints, &addresses))
387  {
388  g_free (port_string);
389  g_warning ("Failed to get server addresses for %s: %s", host,
390  gai_strerror (errno));
391  gnutls_deinit (*session);
392  gnutls_certificate_free_credentials (credentials);
393  return -1;
394  }
395  g_free (port_string);
396 
397  /* Try to connect to each address in turn. */
398 
399  for (address = addresses; address; address = address->ai_next)
400  {
401  /* Make server socket. */
402 
403  if (address->ai_family == AF_INET6)
404  server_socket = socket (PF_INET6, SOCK_STREAM, 0);
405  else
406  server_socket = socket (PF_INET, SOCK_STREAM, 0);
407  if (server_socket == -1)
408  {
409  g_warning ("Failed to create server socket");
410  freeaddrinfo (addresses);
411  gnutls_deinit (*session);
412  gnutls_certificate_free_credentials (credentials);
413  return -1;
414  }
415 
416  /* Connect to server. */
417 
418  if (connect (server_socket, address->ai_addr, address->ai_addrlen) == -1)
419  {
420  close (server_socket);
421  continue;
422  }
423  break;
424  }
425 
426  freeaddrinfo (addresses);
427 
428  if (address == NULL)
429  {
430  g_warning ("Failed to connect to server");
431  gnutls_deinit (*session);
432  gnutls_certificate_free_credentials (credentials);
433  return -1;
434  }
435 
436  g_debug (" Connected to server '%s' port %d.", host, port);
437 
438  /* Complete setup of server session. */
439  ret = server_attach_internal (server_socket, session, host, port);
440  if (ret)
441  {
442  if (ret == -2)
443  {
444  close (server_socket);
445  gnutls_deinit (*session);
446  gnutls_certificate_free_credentials (credentials);
447  }
448  close (server_socket);
449  return -1;
450  }
451  if (verify && gvm_server_verify (*session))
452  {
453  close (server_socket);
454  return -1;
455  }
456 
457  return server_socket;
458 }

References address, client_cert_callback(), gvm_get_host_type(), gvm_server_new_mem(), gvm_server_verify(), HOST_TYPE_IPV4, HOST_TYPE_IPV6, HOST_TYPE_NAME, server_attach_internal(), set_cert_priv_mem(), and set_cert_pub_mem().

Referenced by gvm_server_open_with_cert().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ gvm_server_open_with_cert()

int gvm_server_open_with_cert ( gnutls_session_t *  session,
const char *  host,
int  port,
const char *  ca_mem,
const char *  pub_mem,
const char *  priv_mem 
)

Connect to the server using a given host, port and cert.

Verify if all cert args are given.

Parameters
[in]sessionPointer to GNUTLS session.
[in]hostHost to connect to.
[in]portPort to connect to.
[in]ca_memCA cert.
[in]pub_memPublic key.
[in]priv_memPrivate key.
Returns
0 on success, -1 on error.

Definition at line 475 of file serverutils.c.

478 {
479  return gvm_server_open_verify (session, host, port, ca_mem, pub_mem, priv_mem,
480  ca_mem && pub_mem && priv_mem);
481 }

References gvm_server_open_verify().

Referenced by gvm_server_open(), and osp_send_command().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ gvm_server_sendf()

int gvm_server_sendf ( gnutls_session_t *  ,
const char *  ,
  ... 
)

◆ gvm_server_sendf_xml()

int gvm_server_sendf_xml ( gnutls_session_t *  session,
const char *  format,
  ... 
)

Format and send an XML string to the server.

Escape XML in string and character args.

Parameters
[in]sessionPointer to GNUTLS session.
[in]formatprintf-style format string for message.
Returns
0 on success, -1 on error.

Definition at line 902 of file serverutils.c.

903 {
904  va_list ap;
905  gchar *msg;
906  int rc;
907 
908  va_start (ap, format);
909  msg = g_markup_vprintf_escaped (format, ap);
910  rc = gvm_server_sendf (session, "%s", msg);
911  g_free (msg);
912  va_end (ap);
913  return rc;
914 }

References gvm_server_sendf().

Referenced by gmp_create_lsc_credential(), gmp_create_lsc_credential_key(), and gmp_create_task().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ gvm_server_sendf_xml_quiet()

int gvm_server_sendf_xml_quiet ( gnutls_session_t *  session,
const char *  format,
  ... 
)

Format and send an XML string to the server.

Escape XML in string and character args.

Quiet version, only logs warnings.

Parameters
[in]sessionPointer to GNUTLS session.
[in]formatprintf-style format string for message.
Returns
0 on success, -1 on error.

Definition at line 954 of file serverutils.c.

955 {
956  va_list ap;
957  gchar *msg;
958  int rc;
959 
960  va_start (ap, format);
961  msg = g_markup_vprintf_escaped (format, ap);
962  rc = gvm_server_sendf_quiet (session, "%s", msg);
963  g_free (msg);
964  va_end (ap);
965  return rc;
966 }

References gvm_server_sendf_quiet().

Referenced by gmp_authenticate(), gmp_authenticate_info_ext(), and gmp_create_lsc_credential().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ gvm_server_session_free()

int gvm_server_session_free ( gnutls_session_t  ,
gnutls_certificate_credentials_t   
)

◆ gvm_server_verify()

int gvm_server_verify ( gnutls_session_t  session)

Verify certificate.

Parameters
[in]sessionPointer to GNUTLS session.
Returns
0 on success, 1 on failure, -1 on error.

Definition at line 130 of file serverutils.c.

131 {
132  unsigned int status;
133  int ret;
134 
135  ret = gnutls_certificate_verify_peers2 (session, &status);
136  if (ret < 0)
137  {
138  g_warning ("%s: failed to verify peers: %s", __FUNCTION__,
139  gnutls_strerror (ret));
140  return -1;
141  }
142 
143  if (status & GNUTLS_CERT_INVALID)
144  g_warning ("%s: the certificate is not trusted", __FUNCTION__);
145 
146  if (status & GNUTLS_CERT_SIGNER_NOT_CA)
147  g_warning ("%s: the certificate's issuer is not a CA", __FUNCTION__);
148 
149  if (status & GNUTLS_CERT_INSECURE_ALGORITHM)
150  g_warning ("%s: the certificate was signed using an insecure algorithm",
151  __FUNCTION__);
152 
153  if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
154  g_warning ("%s: the certificate hasn't got a known issuer", __FUNCTION__);
155 
156  if (status & GNUTLS_CERT_REVOKED)
157  g_warning ("%s: the certificate has been revoked", __FUNCTION__);
158 
159  if (status & GNUTLS_CERT_EXPIRED)
160  g_warning ("%s: the certificate has expired", __FUNCTION__);
161 
162  if (status & GNUTLS_CERT_NOT_ACTIVATED)
163  g_warning ("%s: the certificate is not yet activated", __FUNCTION__);
164 
165  if (status)
166  return 1;
167 
168  return 0;
169 }

Referenced by gvm_server_open_verify().

Here is the caller graph for this function:

◆ gvm_server_vsendf()

int int gvm_server_vsendf ( gnutls_session_t *  session,
const char *  fmt,
va_list  ap 
)

Send a string to the server.

Parameters
[in]sessionPointer to GNUTLS session.
[in]fmtFormat of string to send.
[in]apArgs for fmt.
Returns
0 on success, 1 if server closed connection, -1 on error.

Definition at line 743 of file serverutils.c.

744 {
745  return gvm_server_vsendf_internal (session, fmt, ap, 0);
746 }

References gvm_server_vsendf_internal().

Referenced by gvm_server_sendf().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ gvm_socket_vsendf()

int gvm_socket_vsendf ( int  socket,
const char *  fmt,
va_list  ap 
)

Send a string to the server.

Parameters
[in]socketSocket to send string through.
[in]fmtFormat of string to send.
[in]apArgs for fmt.
Returns
0 on success, 1 if server closed connection, -1 on error.

Definition at line 758 of file serverutils.c.

759 {
760  return unix_vsendf_internal (socket, fmt, ap, 0);
761 }

References unix_vsendf_internal().

Here is the call graph for this function:

◆ load_gnutls_file()

int load_gnutls_file ( const char *  file,
gnutls_datum_t *  loaded_file 
)

Loads a file's data into gnutls_datum_t struct.

Parameters
[in]fileFile to load.
[out]loaded_fileDestination to load file into.
Returns
0 if success, -1 if error.

Definition at line 180 of file serverutils.c.

181 {
182  FILE *f = NULL;
183  int64_t filelen;
184  void *ptr;
185 
186  if (!(f = fopen (file, "r")) || fseek (f, 0, SEEK_END) != 0
187  || (filelen = ftell (f)) < 0 || fseek (f, 0, SEEK_SET) != 0
188  || !(ptr = g_malloc0 ((size_t) filelen))
189  || fread (ptr, 1, (size_t) filelen, f) < (size_t) filelen)
190  {
191  if (f)
192  fclose (f);
193  return -1;
194  }
195 
196  loaded_file->data = ptr;
197  loaded_file->size = filelen;
198  fclose (f);
199  return 0;
200 }

Referenced by set_gnutls_dhparams().

Here is the caller graph for this function:

◆ set_gnutls_dhparams()

int set_gnutls_dhparams ( gnutls_certificate_credentials_t  creds,
const char *  dhparams_file 
)

Set a gnutls session's Diffie-Hellman parameters.

Parameters
[in]credsGnuTLS credentials.
[in]dhparams_filePath to PEM file containing the DH parameters.
Returns
0 on success, -1 on error.

Definition at line 1239 of file serverutils.c.

1241 {
1242  int ret;
1243  gnutls_datum_t data;
1244 
1245  if (!creds || !dhparams_file)
1246  return -1;
1247 
1248  if (load_gnutls_file (dhparams_file, &data))
1249  return -1;
1250  gnutls_dh_params_t params = g_malloc0 (sizeof (gnutls_dh_params_t));
1251  ret = gnutls_dh_params_import_pkcs3 (params, &data, GNUTLS_X509_FMT_PEM);
1252  unload_gnutls_file (&data);
1253  if (ret)
1254  return -1;
1255  else
1256  gnutls_certificate_set_dh_params (creds, params);
1257  return 0;
1258 }

References load_gnutls_file(), and unload_gnutls_file().

Here is the call graph for this function:

◆ unload_gnutls_file()

void unload_gnutls_file ( gnutls_datum_t *  data)

Unloads a gnutls_datum_t struct's data.

Parameters
[in]dataPointer to gnutls_datum_t struct to be unloaded.

Definition at line 208 of file serverutils.c.

209 {
210  if (data)
211  g_free (data->data);
212 }

Referenced by set_gnutls_dhparams().

Here is the caller graph for this function:
gvm_server_new_mem
int gvm_server_new_mem(unsigned int end_type, const char *ca_cert, const char *pub_key, const char *priv_key, gnutls_session_t *session, gnutls_certificate_credentials_t *credentials)
Make a session for connecting to a server, with certificates stored in memory.
Definition: serverutils.c:1177
gvm_server_verify
int gvm_server_verify(gnutls_session_t session)
Verify certificate.
Definition: serverutils.c:130
unload_gnutls_file
void unload_gnutls_file(gnutls_datum_t *data)
Unloads a gnutls_datum_t struct's data.
Definition: serverutils.c:208
gvm_connection_sendf
int gvm_connection_sendf(gvm_connection_t *connection, const char *format,...)
Format and send a string to the server.
Definition: serverutils.c:839
server_new_internal
static int server_new_internal(unsigned int, const char *, const gchar *, const gchar *, const gchar *, gnutls_session_t *, gnutls_certificate_credentials_t *)
Make a session for connecting to a server.
Definition: serverutils.c:1090
HOST_TYPE_IPV6
@ HOST_TYPE_IPV6
Definition: hosts.h:43
server_attach_internal
static int server_attach_internal(int, gnutls_session_t *, const char *, int)
Attach a socket to a session, and shake hands with the peer.
Definition: serverutils.c:537
close_unix
static int close_unix(gvm_connection_t *client_connection)
Close UNIX socket connection.
Definition: serverutils.c:76
unix_vsendf_internal
static int unix_vsendf_internal(int socket, const char *fmt, va_list ap, int quiet)
Send a string to the server.
Definition: serverutils.c:673
server_new_gnutls_init
static int server_new_gnutls_init(gnutls_certificate_credentials_t *server_credentials)
Initialize a server session.
Definition: serverutils.c:1002
HOST_TYPE_IPV4
@ HOST_TYPE_IPV4
Definition: hosts.h:39
gvm_get_host_type
int gvm_get_host_type(const gchar *str_stripped)
Determines the host type in a buffer.
Definition: hosts.c:768
gvm_server_open_with_cert
int gvm_server_open_with_cert(gnutls_session_t *session, const char *host, int port, const char *ca_mem, const char *pub_mem, const char *priv_mem)
Connect to the server using a given host, port and cert.
Definition: serverutils.c:475
gvm_connection_t::socket
int socket
Socket.
Definition: serverutils.h:46
gvm_server_vsendf_internal
static int gvm_server_vsendf_internal(gnutls_session_t *session, const char *fmt, va_list ap, int quiet)
Send a string to the server.
Definition: serverutils.c:605
gvm_connection_t::tls
int tls
Whether uses TCP-TLS (vs UNIX socket).
Definition: serverutils.h:45
load_gnutls_file
int load_gnutls_file(const char *file, gnutls_datum_t *loaded_file)
Loads a file's data into gnutls_datum_t struct.
Definition: serverutils.c:180
gvm_server_free
int gvm_server_free(int server_socket, gnutls_session_t server_session, gnutls_certificate_credentials_t server_credentials)
Cleanup a server session.
Definition: serverutils.c:1273
gvm_server_open_verify
int gvm_server_open_verify(gnutls_session_t *session, const char *host, int port, const char *ca_mem, const char *pub_mem, const char *priv_mem, int verify)
Connect to the server using a given host, port and cert.
Definition: serverutils.c:327
client_cert_callback
static int client_cert_callback(gnutls_session_t session, const gnutls_datum_t *req_ca_rdn, int nreqs, const gnutls_pk_algorithm_t *sign_algos, int sign_algos_length, gnutls_retr2_st *st)
Callback function to be called in order to retrieve the certificate to be used in the handshake.
Definition: serverutils.c:275
gvm_connection_t::credentials
gnutls_certificate_credentials_t credentials
Credentials.
Definition: serverutils.h:48
gvm_connection_free
void gvm_connection_free(gvm_connection_t *client_connection)
Free connection.
Definition: serverutils.c:111
host_type
host_type
Definition: hosts.h:36
server_new_gnutls_set
static int server_new_gnutls_set(unsigned int end_type, const char *priority, gnutls_session_t *server_session, gnutls_certificate_credentials_t *server_credentials)
Set the server credencials.
Definition: serverutils.c:1032
gvm_server_sendf
int gvm_server_sendf(gnutls_session_t *session, const char *format,...)
Format and send a string to the server.
Definition: serverutils.c:819
gvm_server_sendf_quiet
int gvm_server_sendf_quiet(gnutls_session_t *session, const char *format,...)
Format and send a string to the server.
Definition: serverutils.c:859
gvm_connection_sendf_quiet
int gvm_connection_sendf_quiet(gvm_connection_t *connection, const char *format,...)
Format and send a string to the server.
Definition: serverutils.c:879
HOST_TYPE_NAME
@ HOST_TYPE_NAME
Definition: hosts.h:38
address
struct sockaddr_in address
Server address.
Definition: serverutils.c:57
gvm_connection_t::session
gnutls_session_t session
Session.
Definition: serverutils.h:47
gvm_connection_vsendf
int gvm_connection_vsendf(gvm_connection_t *connection, const char *fmt, va_list ap)
Send a string to the server.
Definition: serverutils.c:773
set_cert_priv_mem
static void set_cert_priv_mem(const char *data)
Save cert_priv_mem with private certificate.
Definition: serverutils.c:234
set_cert_pub_mem
static void set_cert_pub_mem(const char *data)
Save cert_pub_mem with public certificate.
Definition: serverutils.c:222