[Openvas-commits] r1704 - in trunk/openvas-client: . nessus src src/openvas-lib
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Wed Nov 12 14:59:49 CET 2008
Author: felix
Date: 2008-11-12 14:59:42 +0100 (Wed, 12 Nov 2008)
New Revision: 1704
Added:
trunk/openvas-client/src/openvas-lib/
trunk/openvas-client/src/openvas-lib/Makefile
trunk/openvas-client/src/openvas-lib/openvas_certificates.c
trunk/openvas-client/src/openvas-lib/openvas_certificates.h
Modified:
trunk/openvas-client/ChangeLog
trunk/openvas-client/MANIFEST
trunk/openvas-client/Makefile
trunk/openvas-client/nessus/Makefile
trunk/openvas-client/nessus/comm.c
trunk/openvas-client/nessus/context.c
trunk/openvas-client/nessus/context.h
trunk/openvas-client/nessus/plugin_infos.c
Log:
* src/openvas-libraries : new folder for local copy of
openvas_certificate struct added.
* src/openvas-libraries/Makefile : added.
* src/openvas-libraries/openvas_certificates.c : New file with
openvas_certitificate struct, ~new and ~free added.
* src/openvas-libraries/openvas_certificates.h : New file with
protos added.
* MANIFEST : updated
* Makefile : added new dir to the clean target.
* nessus/plugin_infos.c (plugin_info_window_setup) : include added,
showing certificate information for a nvt with a button to show the
full certificate.
* nessus/plugin_infos.c (showcert): Added functionality to show a
certificate.
* nessus/Makefile : Changed to include the new files.
* nessus/context.h : Removed hashtables from first implementation plan,
added single signer_fp_certificates hashtable.
* nessus/context.c (context_init, context_new) : Inits the
hashtable signer_fp_certificates hashtable.
* nessus/comm.c (parse_certificate, get_certificates) : corrected
and updated.
* ChangeLog : shamefully changed typos with my own email adress.
Modified: trunk/openvas-client/ChangeLog
===================================================================
--- trunk/openvas-client/ChangeLog 2008-11-12 13:52:41 UTC (rev 1703)
+++ trunk/openvas-client/ChangeLog 2008-11-12 13:59:42 UTC (rev 1704)
@@ -1,3 +1,44 @@
+2008-11-12 Felix Wolfsteller <felix.wolfsteller at intevation.de>
+
+ Work on Change Request #17 (http://www.openvas.org/openvas-cr-17.html -
+ "OTP: Make NVT signatures available to OpenVAS-Client").
+ Now shows certificate information.
+
+ * src/openvas-libraries : new folder for local copy of
+ openvas_certificate struct added.
+
+ * src/openvas-libraries/Makefile : added.
+
+ * src/openvas-libraries/openvas_certificates.c : New file with
+ openvas_certitificate struct, ~new and ~free added.
+
+ * src/openvas-libraries/openvas_certificates.h : New file with
+ protos added.
+
+ * MANIFEST : updated
+
+ * Makefile : added new dir to the clean target.
+
+ * nessus/plugin_infos.c (plugin_info_window_setup) : include added,
+ showing certificate information for a nvt with a button to show the
+ full certificate.
+
+ * nessus/plugin_infos.c (showcert): Added functionality to show a
+ certificate.
+
+ * nessus/Makefile : Changed to include the new files.
+
+ * nessus/context.h : Removed hashtables from first implementation plan,
+ added single signer_fp_certificates hashtable.
+
+ * nessus/context.c (context_init, context_new) : Inits the
+ hashtable signer_fp_certificates hashtable.
+
+ * nessus/comm.c (parse_certificate, get_certificates) : corrected
+ and updated.
+
+ * ChangeLog : shamefully changed typos with my own email adress.
+
2008-11-12 Michael Wiegand <michael.wiegand at intevation.de>
* configure.in: Added AC_PREREQ directive to tell autoconf to generate
@@ -31,13 +72,13 @@
* libnessus/harglists.c, libnessus/arglists.c,
libnessus/network.c, libnessus/Makefile:: added glib header
-2008-11-07 Felix Wolfsteller <felix.wolfstelller at intevation.de>
+2008-11-07 Felix Wolfsteller <felix.wolfsteller at intevation.de>
* nessus/comm.c (comm_parse_certificate): (New) method stub.
* nessus/comm.c (comm_get_certificates): Fixed and eased loop.
-2008-11-05 Felix Wolfsteller <felix.wolfstelller at intevation.de>
+2008-11-05 Felix Wolfsteller <felix.wolfsteller at intevation.de>
Work on Change Request #17 (http://www.openvas.org/openvas-cr-17.html -
"OTP: Make NVT signatures available to OpenVAS-Client").
@@ -51,7 +92,7 @@
* nessus/comm.c (comm_get_certificates): Reads in the OTP "certificates"
element.
-2008-10-31 Felix Wolfsteller <felix.wolfstelller at intevation.de>
+2008-10-31 Felix Wolfsteller <felix.wolfsteller at intevation.de>
Steps to an implementation of Change Request #17
(http://www.openvas.org/openvas-cr-17.html - "Make NVT signatures
Modified: trunk/openvas-client/MANIFEST
===================================================================
--- trunk/openvas-client/MANIFEST 2008-11-12 13:52:41 UTC (rev 1703)
+++ trunk/openvas-client/MANIFEST 2008-11-12 13:59:42 UTC (rev 1704)
@@ -218,6 +218,9 @@
src/gui/treeview_support.h
src/gui/treeview_support.c
src/gui/Makefile
+src/openvas-libraries/Makefile
+src/openvas-libraries/openvas_certificates.c
+src/openvas-libraries/openvas_certificates.h
src/README
src/xpm/logo_bsi_de.xpm
src/xpm/logo_bsi.xpm
Modified: trunk/openvas-client/Makefile
===================================================================
--- trunk/openvas-client/Makefile 2008-11-12 13:52:41 UTC (rev 1703)
+++ trunk/openvas-client/Makefile 2008-11-12 13:59:42 UTC (rev 1704)
@@ -53,6 +53,7 @@
cd libnessus && $(MAKE) clean
cd ssl && $(MAKE) clean
cd src/gui && $(MAKE) clean
+ cd src/openvas-lib && $(MAKE) clean
distclean: clean
[ -z "${rootdir}" ] || rm -f ${rootdir}/include/config.h ${rootdir}/include/corevers.h
Modified: trunk/openvas-client/nessus/Makefile
===================================================================
--- trunk/openvas-client/nessus/Makefile 2008-11-12 13:52:41 UTC (rev 1703)
+++ trunk/openvas-client/nessus/Makefile 2008-11-12 13:59:42 UTC (rev 1704)
@@ -1,7 +1,7 @@
include ../nessus.tmpl
GTKLIBS= $(GTKCONFIG_LIBS)
-INCLUDE = ${include} $(GTKCONFIG_CFLAGS) $(GLIB_CFLAGS) -I../src/gui
+INCLUDE = ${include} $(GTKCONFIG_CFLAGS) $(GLIB_CFLAGS) -I../src/gui -I../src/openvas-lib
LIBS = $(X_LIBS) $(X_CFLAGS) $(GTKLIBS) $(GLIB_LIBS) $(GDC_LIB) \
$(RUN_LIBS) $(C_R_LIB) -lm -L../libnessus -lnessus-client -lssl -lcrypto $(DL_LIB) -lz $(SOCKET_LIB)
@@ -60,6 +60,7 @@
regex.o \
filter.o \
dirutils.o \
+ openvas_certificates.o \
sslui.o \
nessus.o
@@ -143,6 +144,10 @@
plugin_infos.h families.h xpm/warning_small.xpm
$(CC) $(CFLAGS) $(NESSUS_INCLUDE) -c prefs_dialog/prefs_plugins_tree.c
+openvas_certificates.o : cflags ../src/openvas-lib/openvas_certificates.c \
+ ../src/openvas-lib/openvas_certificates.c
+ $(CC) $(CFLAGS) $(NESSUS_INCLUDE) -c ../src/openvas-lib/openvas_certificates.c
+
error_dlg.o : cflags ../src/gui/error_dlg.c ../src/gui/error_dlg.h globals.h
$(CC) $(CFLAGS) $(NESSUS_INCLUDE) -c ../src/gui/error_dlg.c
Modified: trunk/openvas-client/nessus/comm.c
===================================================================
--- trunk/openvas-client/nessus/comm.c 2008-11-12 13:52:41 UTC (rev 1703)
+++ trunk/openvas-client/nessus/comm.c 2008-11-12 13:59:42 UTC (rev 1704)
@@ -45,6 +45,7 @@
#include "parser.h"
#include "globals.h"
#include "error_dlg.h"
+#include "openvas_certificates.h"
#include "plugin_cache.h"
#ifndef MIN
@@ -1560,29 +1561,73 @@
/**
- * Will parse a certificate string sent by the server and adds the respective
- * fields to HashTables of the context.
+ * Parse a certificate command sent by the server and adds the respective
+ * pointers to the signer_fp_certificates hashtable of the context.
+ * Will return 0 on success, 1 when buffer is "<|> SERVER\n", -1 on errors.
* @param buffer The OTP "certificate" element sent by the server.
* @param context The local context to add the certificate information to.
- * @return Always 0, as its a stub.
+ * @return 0 on success, 1 on the servers announcement of the end of certificate
+ * list, -1 on error.
*/
int comm_parse_certificate(char* buffer, struct context* context)
{
- //Parse.
- //Add infos to context, e.g.
- //context->signer_fp_public_keys = g_hash_table_new(g_str_hash, g_str_equal);
- //g_hash_table_insert(context->signer_fp_public_keys, "a", "Y");
+ if( strcmp(buffer, "<|> SERVER\n") == 0 )
+ return 1;
+
+ // Initialize the hashtable if not yet done.
+ if(context->signer_fp_certificates == NULL)
+ context->signer_fp_certificates = g_hash_table_new(g_str_hash, g_str_equal);
+
+ char* sep = strstr(buffer, "<|>");
+ if (sep == NULL)
+ return -1;
+
+ // Read in tokens
+ char* fpr = strtok(buffer," <|>");
+ char* name = strtok(NULL,"<|>");
+ char* trust_level = strtok(NULL," <|>");
+ gboolean trusted = ( strcmp(trust_level, "trusted") == 0 )? TRUE : FALSE;
+ char* nbytes = strtok(NULL,"<|>");
+ long pkey_length = atol(nbytes);
+ if(pkey_length < 1)
+ return -1;
+ char* pubkey = strtok(NULL,"<|>");
+
+ // Not enough tokens
+ if(fpr == NULL || name == NULL || trust_level == NULL || pkey_length < 1
+ || pubkey == NULL)
+ return -1;
+
+ // Key incomplete
+ if( strlen(pubkey)-2 != pkey_length )
+ return -1;
+
+ // Replace semicolons by newlines
+ char* pos = pubkey;
+ while (pos[0] != '\0')
+ {
+ if (pos[0] == ';') pos[0] = '\n';
+ pos++;
+ }
+
+ // Create and index certificate
+ openvas_certificate* cert = openvas_certificate_new( estrdup(fpr), estrdup(name), trusted, estrdup(pubkey));
+ g_hash_table_insert(context->signer_fp_certificates, cert->fpr , cert );
+
return 0;
}
/**
* Request certificates used for NVTs signatures.
+ * Certificates are then stored in the contexts hashtable signer_fp_certificates
+ * where a fingerprint points to a certificate structure.
* Returns 0 on success, != 0 on error.
+ * @param context The Context to use (e.g. a specific scope).
+ * @return 0 on success; != 0 on error.
*/
int comm_get_certificates(struct context* context)
{
- // TODO: Felix CR#17 (protocol not fully specified yet)
char buffer[32768];
int response_length = 25; /* expected response: "SERVER <|> CERTIFICATES\n" */
network_printf(context->socket, "CLIENT <|> CERTIFICATES <|> CLIENT\n");
@@ -1593,19 +1638,16 @@
// If certificate list starts
if( strcmp(buffer, "SERVER <|> CERTIFICATES\n") == 0)
{
- buffer[0] = '\0';
- // fingerprint(max 48) <|> owner(max 120) <|> trusted|notrust(7) <|>
- // key size in bytes to come <|> key itself (ascii- armored)
- network_gets(context->socket, buffer, 48 + 5 + 120 + 5 + 7);
-
- while ( strcmp(buffer, "<|> SERVER\n") != 0)
- {
- //printf("Certificate information received: -%s-", buffer);
- buffer[0] = '\0';
- network_gets(context->socket, buffer, 48 + 5 + 120 + 5 + 7);
- //Parse:
- // if comm_parse_certificate(buffer) != 0
- }
+ int parsing_status = 0;
+ do
+ {
+ buffer[0] = '\0';
+ network_gets(context->socket, buffer, 16348);
+ parsing_status = comm_parse_certificate(buffer, context);
+ if(parsing_status == -1)
+ show_error(_("Could not parse certificate: %s"), buffer);
+ }
+ while ( parsing_status == 0);
}
// else respond is invalid
else
@@ -1614,6 +1656,7 @@
buffer);
return -1;
}
+
// Success
return 0;
}
Modified: trunk/openvas-client/nessus/context.c
===================================================================
--- trunk/openvas-client/nessus/context.c 2008-11-12 13:52:41 UTC (rev 1703)
+++ trunk/openvas-client/nessus/context.c 2008-11-12 13:59:42 UTC (rev 1704)
@@ -62,6 +62,7 @@
(*context)->plugin_tree_model = NULL;
#endif
(*context)->plugin_cache_loaded = 0;
+ (*context)->signer_fp_certificates = NULL;
}
struct context *
@@ -504,6 +505,8 @@
preferences_generate_new_file(context, name);
+ context->signer_fp_certificates = g_hash_table_new(g_str_hash, g_str_equal);
+
return context;
}
@@ -555,6 +558,7 @@
arg_free_all(context->dependencies);
context->dependencies = NULL;
context_delete_directory(context->dir);
+ // FIXME: felix free signer_fp_certificates hashtable and entries
context_remove_child(context->parent, context);
if(context == Context)
{
Modified: trunk/openvas-client/nessus/context.h
===================================================================
--- trunk/openvas-client/nessus/context.h 2008-11-12 13:52:41 UTC (rev 1703)
+++ trunk/openvas-client/nessus/context.h 2008-11-12 13:59:42 UTC (rev 1704)
@@ -74,8 +74,7 @@
GtkTreeStore *plugin_tree_store;
GtkTreeModel *plugin_tree_model;
#endif
- GHashTable* signer_fp_public_keys;
- GHashTable* signer_fp_trust_level;
+ GHashTable* signer_fp_certificates;
/* reports may have plugin information too. They can be quite large,
* so we avoid loading them. This flag indicates whether the plugin
* information has been loaded.
Modified: trunk/openvas-client/nessus/plugin_infos.c
===================================================================
--- trunk/openvas-client/nessus/plugin_infos.c 2008-11-12 13:52:41 UTC (rev 1703)
+++ trunk/openvas-client/nessus/plugin_infos.c 2008-11-12 13:59:42 UTC (rev 1704)
@@ -39,6 +39,7 @@
#include "nessus_plugin.h"
#include "nessus_i18n.h"
#include "globals.h"
+#include "openvas_certificates.h"
static void
show_deps(foo, name)
@@ -243,8 +244,71 @@
+static void
+showcert(GtkWidget* parent, char* fpr)
+{
+ openvas_certificate* cert = g_hash_table_lookup(Context->signer_fp_certificates, fpr);
+ // dummy, showing the pub key here
+ GtkWidget * win;
+ GtkWidget * vbox, *hbox;
+ GtkWidget * label, *text, *table, *vsb, *sep,*button;
+ GtkAdjustment * vadj;
+ win = gtk_window_new(GTK_WINDOW_TOPLEVEL);
+ gtk_window_set_default_size(GTK_WINDOW(win), 640, 480);
+ gtk_window_set_position(GTK_WINDOW(win), GTK_WIN_POS_CENTER);
+ gtk_widget_realize(win);
+ //arg_add_value(ctrls, "WINDOW", ARG_PTR, -1, w);
+
+ vbox = gtk_vbox_new(FALSE, 5);
+ gtk_container_add(GTK_CONTAINER(win), vbox);
+ gtk_widget_show(vbox);
+
+ label = gtk_label_new(_("Public key of:"));
+ gtk_box_pack_start(GTK_BOX(vbox), label, FALSE, FALSE, 5);
+ gtk_widget_show(label);
+ label = gtk_label_new(cert->ownername);
+ gtk_box_pack_start(GTK_BOX(vbox), label, FALSE, FALSE, 5);
+ gtk_widget_show(label);
+ label = gtk_label_new(_("Fingerprint:"));
+ gtk_box_pack_start(GTK_BOX(vbox), label, FALSE, FALSE, 5);
+ gtk_widget_show(label);
+
+ label = gtk_label_new(cert->fpr);
+ gtk_box_pack_start(GTK_BOX(vbox), label, FALSE, FALSE, 5);
+ gtk_widget_show(label);
+
+ vadj = GTK_ADJUSTMENT (gtk_adjustment_new (0.0, 0.0, 0.0, 0.0, 0.0, 0.0));
+ vsb = gtk_vscrollbar_new(vadj);
+ table = gtk_table_new(1,2,FALSE);
+ gtk_box_pack_start(GTK_BOX(vbox), table, TRUE, TRUE, 0);
+ gtk_widget_show(table);
+
+ text = gtk_text_new(NULL, vadj);
+ gtk_table_attach(GTK_TABLE(table), vsb, 1, 2, 0, 1, 0,
+ GTK_EXPAND | GTK_SHRINK | GTK_FILL, 0, 0);
+ gtk_table_attach(GTK_TABLE(table), text, 0,1,0,1,
+ GTK_EXPAND | GTK_SHRINK | GTK_FILL,
+ GTK_EXPAND | GTK_SHRINK | GTK_FILL, 0, 0);
+
+ gtk_container_border_width(GTK_CONTAINER(table), 2);
+ gtk_widget_show(vsb);
+ gtk_widget_realize(text);
+ gtk_text_set_editable(GTK_TEXT(text), FALSE);
+ gtk_text_set_word_wrap(GTK_TEXT(text), TRUE);
+ gtk_text_insert(GTK_TEXT(text), NULL, NULL, NULL, cert->full_public_key, -1);
+ gtk_widget_show(text);
+
+ sep = gtk_hseparator_new();
+ gtk_box_pack_start(GTK_BOX(vbox), sep, FALSE, FALSE, 0);
+ gtk_widget_show(sep);
+
+ gtk_widget_show(win);
+ gtk_window_set_modal(GTK_WINDOW(win), TRUE);
+}
+
+
/*
* plugin_info_window_setup
*
@@ -408,13 +472,36 @@
gtk_widget_show(hbox);
/* Server trust level information */
+
+ // TODO: felix handle multiple signatures
txt = plugin->sign_key_ids;
- snprintf(buf, sizeof(buf), _("Trust Information: %s"), txt);
+ openvas_certificate* cert = g_hash_table_lookup(Context->signer_fp_certificates, txt);
+ if(cert == NULL)
+ {
+ snprintf(buf, sizeof(buf), _("Trust: NVT is not signed"));
+ }
+ else
+ {
+ char* trusted = (cert->trusted == TRUE)?_("trusted"):_("untrusted");
+ snprintf(buf, sizeof(buf), _("Trust: NVT is signed by %s (%s)"),
+ cert->ownername, trusted);
+ }
+
label = gtk_label_new(buf);
gtk_box_pack_start(GTK_BOX(hbox), label, FALSE, FALSE,0);
gtk_misc_set_alignment((GtkMisc *)label, 0, 1);
gtk_widget_show(label);
+ // Button to show pubkey
+ if (cert != NULL )
+ {
+ button = gtk_button_new_with_label(_("Show"));
+ g_signal_connect(GTK_OBJECT(button), "clicked", GTK_SIGNAL_FUNC(showcert),
+ cert->fpr);
+ gtk_box_pack_start(GTK_BOX(hbox), button, FALSE, FALSE, 5);
+ gtk_widget_show(button);
+ }
+
/* A hbox for the buttons */
hbox = gtk_hbox_new(FALSE,10);
gtk_box_pack_start(GTK_BOX(vbox), hbox, FALSE,FALSE,10);
@@ -422,7 +509,7 @@
/* The button for setting the plugin timeout */
button = gtk_button_new_with_label(_("Set plugin timeout..."));
- g_signal_connect(GTK_OBJECT(button), "clicked",GTK_SIGNAL_FUNC(set_timeout),
+ g_signal_connect(GTK_OBJECT(button), "clicked", GTK_SIGNAL_FUNC(set_timeout),
(void*)plugin->oid);
gtk_box_pack_start(GTK_BOX(hbox), button, FALSE, FALSE, 5);
gtk_widget_show(button);
Added: trunk/openvas-client/src/openvas-lib/Makefile
===================================================================
--- trunk/openvas-client/src/openvas-lib/Makefile 2008-11-12 13:52:41 UTC (rev 1703)
+++ trunk/openvas-client/src/openvas-lib/Makefile 2008-11-12 13:59:42 UTC (rev 1704)
@@ -0,0 +1,65 @@
+# OpenVAS-Client
+# $Id$
+# Description: Makefile for clients local copy of openvas-librarie module
+#
+# Authors:
+# Jan-Oliver Wagner <felix.wolfsteller at intevation.de>
+#
+# Copyright:
+# Copyright (C) 2008 Intevation GmbH
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or, at your option, any later version as published by the Free
+# Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# In addition, as a special exception, you have
+# permission to link the code of this program with the OpenSSL
+# library (or with modified versions of OpenSSL that use the same
+# license as OpenSSL), and distribute linked combinations including
+# the two. You must obey the GNU General Public License in all
+# respects for all of the code used other than OpenSSL. If you
+# modify this file, you may extend this exception to your version
+# of the file, but you are not obligated to do so. If you do not
+# wish to do so, delete this exception statement from your version.
+#/
+
+include ../../nessus.tmpl
+
+GTKLIBS= $(GTKCONFIG_LIBS)
+INCLUDE = ${include} $(GTKCONFIG_CFLAGS) -I../../nessus -I..
+
+NESSUS_INCLUDE=`sh ./cflags`
+CFLAGS+=-Wall
+
+# Add some specific Windows compile options for Cygwin
+SYSTEM:=$(shell uname -o)
+ifeq ($(SYSTEM), Cygwin)
+CFLAGS+=-mms-bitfields
+LDFLAGS+=-mwindows
+endif
+
+OBJS=openvas_certificates.o
+
+all : cflags $(OBJS)
+
+cflags : Makefile
+ @echo "$(NESSUS_CFLAGS) $(NESSUS_DEFS) -DPACKAGE=\"OpenVAS-Client\" $(INCLUDE)" | sed 's/\"/\\\"/g' > cflags.tmp
+ @echo "echo \"`cat cflags.tmp`\"" > cflags
+ @rm cflags.tmp
+ @chmod +x cflags
+
+openvas_certificate.o : cflags openvas_certificates.h
+ $(CC) $(CFLAGS) $(NESSUS_INCLUDE) -c openvas_certificates.c
+
+clean :
+ rm -f *.o cflags
Added: trunk/openvas-client/src/openvas-lib/openvas_certificates.c
===================================================================
--- trunk/openvas-client/src/openvas-lib/openvas_certificates.c 2008-11-12 13:52:41 UTC (rev 1703)
+++ trunk/openvas-client/src/openvas-lib/openvas_certificates.c 2008-11-12 13:59:42 UTC (rev 1704)
@@ -0,0 +1,83 @@
+/* OpenVAS-Client
+ * $Id$
+ * Description: Certificate structure holding information about certificates
+ * like trust level and a copy of the public key.
+ *
+ * Authors:
+ * Felix Wolfsteller <felix.wolfsteller at intevation.de>
+ *
+ * Copyright:
+ * Copyright (C) 2008 Intevation GmbH
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2,
+ * or, at your option, any later version as published by the Free
+ * Software Foundation
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * In addition, as a special exception, you have
+ * permission to link the code of this program with the OpenSSL
+ * library (or with modified versions of OpenSSL that use the same
+ * license as OpenSSL), and distribute linked combinations including
+ * the two. You must obey the GNU General Public License in all
+ * respects for all of the code used other than OpenSSL. If you
+ * modify this file, you may extend this exception to your version
+ * of the file, but you are not obligated to do so. If you do not
+ * wish to do so, delete this exception statement from your version.
+ */
+
+/*!********************************************
+ * This file is basically a copy of *
+ * openvas-libnasl/nasl/nasl_signature.h *
+ * (will in turn be moved to libraries after *
+ * cleanup ) *
+ * Once openvas-libraries and openvas-libnasl *
+ * are cleaned up and a dependency client->lib*
+ * is introduced, this local copy is obsolete.*
+ *******************************************!*/
+
+#include "openvas_certificates.h"
+
+/**
+ * Returns pointer to freshly allocated and initialized openvas_certificate.
+ * @param fingerpr ingerprint of certificate.
+ * @param owner Certificate owners name.
+ * @param istrusted Whether this certificate is trustworthy or not.
+ * @param pubkey Full public key.
+ * @return Pointer to fresh openvas_certificate.
+ */
+openvas_certificate* openvas_certificate_new(char* fingerpr, char* owner,
+ gboolean istrusted, char* pubkey)
+{
+ openvas_certificate* cert = emalloc(sizeof(openvas_certificate));
+ cert->fpr = fingerpr;
+ cert->ownername = owner;
+ cert->trusted = istrusted;
+ cert->full_public_key = pubkey;
+ return cert;
+}
+
+/**
+ * Frees the openvas_certificate and all associated data.
+ * @param cert Certificate which holds pointers to the data.
+ */
+void openvas_certificate_free(openvas_certificate* cert)
+{
+ if(cert->fpr != NULL)
+ efree(& (cert->fpr) );
+ if( cert->ownername != NULL)
+ efree(& (cert->ownername) );
+ if(cert->trusted != NULL)
+ efree(& (cert->trusted) );
+ if(cert->full_public_key != NULL)
+ efree(& (cert->full_public_key) );
+ efree(&cert);
+}
\ No newline at end of file
Added: trunk/openvas-client/src/openvas-lib/openvas_certificates.h
===================================================================
--- trunk/openvas-client/src/openvas-lib/openvas_certificates.h 2008-11-12 13:52:41 UTC (rev 1703)
+++ trunk/openvas-client/src/openvas-lib/openvas_certificates.h 2008-11-12 13:59:42 UTC (rev 1704)
@@ -0,0 +1,65 @@
+/* OpenVAS-Client
+ * $Id$
+ * Description: Certificate structure holding information about certificates
+ * like trust level and a copy of the public key.
+ *
+ * Authors:
+ * Felix Wolfsteller <felix.wolfsteller at intevation.de>
+ *
+ * Copyright:
+ * Copyright (C) 2008 Intevation GmbH
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2,
+ * or, at your option, any later version as published by the Free
+ * Software Foundation
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * In addition, as a special exception, you have
+ * permission to link the code of this program with the OpenSSL
+ * library (or with modified versions of OpenSSL that use the same
+ * license as OpenSSL), and distribute linked combinations including
+ * the two. You must obey the GNU General Public License in all
+ * respects for all of the code used other than OpenSSL. If you
+ * modify this file, you may extend this exception to your version
+ * of the file, but you are not obligated to do so. If you do not
+ * wish to do so, delete this exception statement from your version.
+ */
+
+/*!********************************************
+ * This file is basically a copy of *
+ * openvas-libnasl/nasl/nasl_signature.h *
+ * (will in turn be moved to libraries after *
+ * cleanup ) *
+ * Once openvas-libraries and openvas-libnasl *
+ * are cleaned up and a dependency client->lib*
+ * is introduced, this local copy is obsolete.*
+ *******************************************!*/
+
+#ifndef _OPENVAS_CERTIFICATES_H
+#define _OPENVAS_CERTIFICATES_H
+
+#include <includes.h>
+
+#include <glib.h>
+
+typedef struct {
+ char* fpr;
+ char* ownername;
+ gboolean trusted;
+ char* full_public_key;
+} openvas_certificate;
+
+openvas_certificate* openvas_certificate_new(char*, char*, gboolean,
+ char*);
+void openvas_certificate_free(openvas_certificate*);
+
+#endif
More information about the Openvas-commits
mailing list