[Openvas-commits] r413 - in trunk/openvas-libnasl: . nasl

Fri, 05 Oct 2007 12:03:45 -0700 

Author: bh
Date: 2007-10-05 21:03:33 +0200 (Fri, 05 Oct 2007)
New Revision: 413

Modified:
   trunk/openvas-libnasl/ChangeLog
   trunk/openvas-libnasl/nasl/nasl.c
   trunk/openvas-libnasl/nasl/nasl_crypto2.c
Log:
* nasl/nasl.c (usage, main): Remove the option to sign a
script (-S).  It's not needed anymore in OpenVAS.

* nasl/nasl_crypto2.c (generate_signed_script): Remove.  Now
unused.


Modified: trunk/openvas-libnasl/ChangeLog
===================================================================
--- trunk/openvas-libnasl/ChangeLog     2007-10-05 18:52:04 UTC (rev 412)
+++ trunk/openvas-libnasl/ChangeLog     2007-10-05 19:03:33 UTC (rev 413)
@@ -1,5 +1,13 @@
 2007-10-05  Bernhard Herzog  <[EMAIL PROTECTED]>
 
+       * nasl/nasl.c (usage, main): Remove the option to sign a
+       script (-S).  It's not needed anymore in OpenVAS.
+
+       * nasl/nasl_crypto2.c (generate_signed_script): Remove.  Now
+       unused.
+
+2007-10-05  Bernhard Herzog  <[EMAIL PROTECTED]>
+
        * test/README: New.  Some information about the test suite,
        especially the signature tests.
 

Modified: trunk/openvas-libnasl/nasl/nasl.c
===================================================================
--- trunk/openvas-libnasl/nasl/nasl.c   2007-10-05 18:52:04 UTC (rev 412)
+++ trunk/openvas-libnasl/nasl/nasl.c   2007-10-05 19:03:33 UTC (rev 413)
@@ -108,7 +108,6 @@
  printf("\t-T file : Trace actions into the file (or '-' for stderr)\n");
  printf("\t-s : specifies that the script should be run with 'safe checks' 
enabled\n");
  printf("\t-v : shows the version number\n");
- printf("\t-S : sign the script\n");
  printf("\t-X : Run the script in 'authenticated' mode\n");
 }
 
@@ -133,19 +132,9 @@
   ---------------------------------------------*/
   
  mode |= NASL_COMMAND_LINE;
- while((i = getopt(argc, argv, "hvt:k:T:spS:XDL"))!=EOF)
+ while((i = getopt(argc, argv, "hvt:k:T:spXDL"))!=EOF)
   switch(i)
   {
-   case 'S' :
-       if ( optarg == NULL ) {
-               usage();
-               exit(1);
-               }
-
-       nessus_SSL_init(NULL);
-       generate_signed_script(optarg);
-       exit(0);
-       break;  
    case 'X' :
        mode |= NASL_ALWAYS_SIGNED;
        break;

Modified: trunk/openvas-libnasl/nasl/nasl_crypto2.c
===================================================================
--- trunk/openvas-libnasl/nasl/nasl_crypto2.c   2007-10-05 18:52:04 UTC (rev 
412)
+++ trunk/openvas-libnasl/nasl/nasl_crypto2.c   2007-10-05 19:03:33 UTC (rev 
413)
@@ -1199,101 +1199,3 @@
     close(fd);
   return contents;
 }
-
-
-/*----------------------------- Script signature management 
------------------------------------------*/
-
-/* 
- * Signs a given script
- */
-int
-generate_signed_script(char * filename)
-{
-  const char * pemfilename = NESSUS_STATE_DIR "/openvas/openvas_org.priv.pem";
-  int result = -1;
-  int i;
-  int be_len;
-  gnutls_datum_t pem = {NULL, 0};
-  gnutls_datum_t script = {NULL, 0};
-  gnutls_x509_privkey_t privkey = NULL;
-  unsigned char* signature = NULL;
-  size_t signature_size = 0;
-  int err;
-
-  err = gnutls_x509_privkey_init(&privkey);
-  if (err)
-    {
-      print_tls_error(NULL, "gnutls_x509_privkey_init", err);
-      goto fail;
-    }
-
-  pem = map_file(pemfilename);
-  if (!pem.data)
-    goto fail;
-
-  err = gnutls_x509_privkey_import(privkey, &pem, GNUTLS_X509_FMT_PEM);
-  if (err)
-    {
-      print_tls_error(NULL, "gnutls_x509_privkey_import", err);
-      goto fail;
-    }
-
-  script = map_file(filename);
-  if (!script.data)
-    {
-      goto fail;
-    }
-
-  /* append the size of the file at the end of the script */
-  script.data = erealloc(script.data, script.size + sizeof(be_len));
-  be_len = htonl(script.size);
-  memcpy(script.data + script.size, &be_len, sizeof(be_len));
-  script.size += sizeof(be_len);
-
-  /* call gnutls_x509_privkey_sign_data twice: once to determine the
-   * size of the signature and then again to actually create the
-   * signature */
-  err = gnutls_x509_privkey_sign_data(privkey, GNUTLS_DIG_SHA1, 0, &script,
-                                     signature, &signature_size);
-  if (err != GNUTLS_E_SHORT_MEMORY_BUFFER)
-    {
-      print_tls_error(NULL, "gnutls_x509_privkey_sign_data", err);
-      goto fail;
-    }
-
-  signature = emalloc(signature_size);
-  err = gnutls_x509_privkey_sign_data(privkey, GNUTLS_DIG_SHA1, 0, &script,
-                                     signature, &signature_size);
-  if (err)
-    {
-      print_tls_error(NULL, "gnutls_x509_privkey_sign_data", err);
-      goto fail;
-    }
-
-  /* print the header with the signature */
-  printf("#TRUSTED ");
-  for (i = 0; i < signature_size; i++)
-    {
-      printf("%.2x", signature[i]);
-    }
-  printf("\n");
-
-  /* strip the size from the end of the script again */
-  script.size -= sizeof(be_len);
-  memset(script.data + script.size, 0, sizeof(be_len));
-
-  /* print the script itself */
-  printf("%s", script.data);
-  fflush(stdout);
-
-  result = 0;
-
- fail:
-  efree(&pem.data);
-  efree(&script.data);
-  efree(&signature);
-  gnutls_x509_privkey_deinit(privkey);
-
-  return result;
-}
-

_______________________________________________
Openvas-commits mailing list
[email protected]
http://lists.wald.intevation.org/mailman/listinfo/openvas-commits

Reply via email to