Merge pull request #585 from timopollmeier/tls-certificate-assets

Add TLS certificate assets

src/CMakeLists.txt

@@ -168,12 +168,13 @@ add_executable (${BINARY_NAME}
                 manage_acl.c manage_config_discovery.c
                 manage_config_host_discovery.c manage_config_system_discovery.c
                 manage_sql.c manage_sql_nvts.c manage_sql_secinfo.c
-                manage_sql_tickets.c
+                manage_sql_tickets.c manage_sql_tls_certificates.c
                 manage_migrators.c scanner.c
                 ${BACKEND_FILES}
                 lsc_user.c lsc_crypt.c utils.c comm.c
                 otp.c
-                gmp.c gmp_base.c gmp_delete.c gmp_get.c gmp_tickets.c)
+                gmp.c gmp_base.c gmp_delete.c gmp_get.c gmp_tickets.c
+                gmp_tls_certificates.c)
 
 if (BACKEND STREQUAL SQLITE3)
   target_link_libraries (${BINARY_NAME} m
@@ -368,6 +369,7 @@ set (C_FILES "${CMAKE_CURRENT_SOURCE_DIR}/gvmd.c"
   "${CMAKE_CURRENT_SOURCE_DIR}/gmp_delete.c"
   "${CMAKE_CURRENT_SOURCE_DIR}/gmp_get.c"
   "${CMAKE_CURRENT_SOURCE_DIR}/gmp_tickets.c"
+  "${CMAKE_CURRENT_SOURCE_DIR}/gmp_tls_certificates.c"
   "${CMAKE_CURRENT_SOURCE_DIR}/otp.c"
   "${CMAKE_CURRENT_SOURCE_DIR}/manage.c"
   "${CMAKE_CURRENT_SOURCE_DIR}/manage_utils.c"
@@ -385,6 +387,7 @@ set (C_FILES "${CMAKE_CURRENT_SOURCE_DIR}/gvmd.c"
   "${CMAKE_CURRENT_SOURCE_DIR}/manage_sql_nvts.c"
   "${CMAKE_CURRENT_SOURCE_DIR}/manage_sql_secinfo.c"
   "${CMAKE_CURRENT_SOURCE_DIR}/manage_sql_tickets.c"
+  "${CMAKE_CURRENT_SOURCE_DIR}/manage_sql_tls_certificates.c"
   "${CMAKE_CURRENT_SOURCE_DIR}/manage_sqlite3.c"
   "${CMAKE_CURRENT_SOURCE_DIR}/manage_migrators.c"
   "${CMAKE_CURRENT_SOURCE_DIR}/comm.c"

src/gmp.c

@@ -89,6 +89,7 @@
 #include "gmp_delete.h"
 #include "gmp_get.h"
 #include "gmp_tickets.h"
+#include "gmp_tls_certificates.h"
 #include "manage.h"
 #include "manage_acl.h"
 #include "utils.h"
@@ -5199,6 +5200,7 @@ typedef enum
   CLIENT_CREATE_TASK_SCHEDULE_PERIODS,
   CLIENT_CREATE_TASK_TARGET,
   CLIENT_CREATE_TICKET,
+  CLIENT_CREATE_TLS_CERTIFICATE,
   CLIENT_CREATE_USER,
   CLIENT_CREATE_USER_COMMENT,
   CLIENT_CREATE_USER_COPY,
@@ -5232,6 +5234,7 @@ typedef enum
   CLIENT_DELETE_TARGET,
   CLIENT_DELETE_TASK,
   CLIENT_DELETE_TICKET,
+  CLIENT_DELETE_TLS_CERTIFICATE,
   CLIENT_DELETE_USER,
   CLIENT_DESCRIBE_AUTH,
   CLIENT_EMPTY_TRASHCAN,
@@ -5267,6 +5270,7 @@ typedef enum
   CLIENT_GET_TARGETS,
   CLIENT_GET_TASKS,
   CLIENT_GET_TICKETS,
+  CLIENT_GET_TLS_CERTIFICATES,
   CLIENT_GET_USERS,
   CLIENT_GET_VERSION,
   CLIENT_GET_VERSION_AUTHENTIC,
@@ -5456,6 +5460,7 @@ typedef enum
   CLIENT_MODIFY_TASK_HOSTS_ORDERING,
   CLIENT_MODIFY_TASK_SCANNER,
   CLIENT_MODIFY_TICKET,
+  CLIENT_MODIFY_TLS_CERTIFICATE,
   CLIENT_MODIFY_USER,
   CLIENT_MODIFY_USER_COMMENT,
   CLIENT_MODIFY_USER_GROUPS,
@@ -5810,6 +5815,12 @@ gmp_xml_handle_start_element (/* unused */ GMarkupParseContext* context,
                                  attribute_values);
             set_client_state (CLIENT_CREATE_TICKET);
           }
+        else if (strcasecmp ("CREATE_TLS_CERTIFICATE", element_name) == 0)
+          {
+            create_tls_certificate_start (gmp_parser, attribute_names,
+                                          attribute_values);
+            set_client_state (CLIENT_CREATE_TLS_CERTIFICATE);
+          }
         else if (strcasecmp ("CREATE_USER", element_name) == 0)
           {
             set_client_state (CLIENT_CREATE_USER);
@@ -6053,6 +6064,12 @@ gmp_xml_handle_start_element (/* unused */ GMarkupParseContext* context,
                           attribute_names, attribute_values);
             set_client_state (CLIENT_DELETE_TICKET);
           }
+        else if (strcasecmp ("DELETE_TLS_CERTIFICATE", element_name) == 0)
+          {
+            delete_start ("tls_certificate", "TLS Certificate",
+                          attribute_names, attribute_values);
+            set_client_state (CLIENT_DELETE_TLS_CERTIFICATE);
+          }
         else if (strcasecmp ("DELETE_USER", element_name) == 0)
           {
             const gchar* attribute;
@@ -6704,6 +6721,7 @@ gmp_xml_handle_start_element (/* unused */ GMarkupParseContext* context,
             set_client_state (CLIENT_GET_TASKS);
           }
         ELSE_GET_START (tickets, TICKETS)
+        ELSE_GET_START (tls_certificates, TLS_CERTIFICATES)
         else if (strcasecmp ("GET_USERS", element_name) == 0)
           {
             get_data_parse_attributes (&get_users_data->get, "user",
@@ -6894,6 +6912,12 @@ gmp_xml_handle_start_element (/* unused */ GMarkupParseContext* context,
                                  attribute_values);
             set_client_state (CLIENT_MODIFY_TICKET);
           }
+        else if (strcasecmp ("MODIFY_TLS_CERTIFICATE", element_name) == 0)
+          {
+            modify_tls_certificate_start (gmp_parser, attribute_names,
+                                          attribute_values);
+            set_client_state (CLIENT_MODIFY_TLS_CERTIFICATE);
+          }
         else if (strcasecmp ("MODIFY_USER", element_name) == 0)
           {
             append_attribute (attribute_names, attribute_values, "user_id",
@@ -7853,6 +7877,12 @@ gmp_xml_handle_start_element (/* unused */ GMarkupParseContext* context,
                                      attribute_values);
         break;
 
+      case CLIENT_MODIFY_TLS_CERTIFICATE:
+        modify_tls_certificate_element_start (gmp_parser, element_name,
+                                              attribute_names,
+                                              attribute_values);
+        break;
+
       case CLIENT_MODIFY_USER:
         if (strcasecmp ("COMMENT", element_name) == 0)
           set_client_state (CLIENT_MODIFY_USER_COMMENT);
@@ -9248,6 +9278,12 @@ gmp_xml_handle_start_element (/* unused */ GMarkupParseContext* context,
                                      attribute_values);
         break;
 
+      case CLIENT_CREATE_TLS_CERTIFICATE:
+        create_tls_certificate_element_start (gmp_parser, element_name,
+                                              attribute_names,
+                                              attribute_values);
+        break;
+
       case CLIENT_CREATE_USER:
         if (strcasecmp ("COMMENT", element_name) == 0)
           set_client_state (CLIENT_CREATE_USER_COMMENT);
@@ -13690,9 +13726,9 @@ handle_get_credentials (gmp_parser_t *gmp_parser, GError **error)
           time_t activation_time, expiration_time;
           gchar *activation_time_str, *expiration_time_str;
           gchar *fingerprint, *issuer;
-          get_certificate_info (cert,
+          get_certificate_info (cert, -1,
                                 &activation_time, &expiration_time,
-                                &fingerprint, &issuer);
+                                &fingerprint, NULL, &issuer, NULL);
           activation_time_str = certificate_iso_time (activation_time);
           expiration_time_str = certificate_iso_time (expiration_time);
           SENDF_TO_CLIENT_OR_FAIL
@@ -17051,9 +17087,9 @@ handle_get_scanners (gmp_parser_t *gmp_parser, GError **error)
             {
               /* CA Certificate */
               gchar *fingerprint, *issuer;
-              get_certificate_info (scanner_iterator_ca_pub (&scanners),
+              get_certificate_info (scanner_iterator_ca_pub (&scanners), -1,
                                     &activation_time, &expiration_time,
-                                    &fingerprint, &issuer);
+                                    &fingerprint, NULL, &issuer, NULL);
               activation_time_str = certificate_iso_time (activation_time);
               expiration_time_str = certificate_iso_time (expiration_time);
               SENDF_TO_CLIENT_OR_FAIL
@@ -17096,9 +17132,9 @@ handle_get_scanners (gmp_parser_t *gmp_parser, GError **error)
             {
               /* Certificate */
               gchar *fingerprint, *issuer;
-              get_certificate_info (scanner_iterator_key_pub (&scanners),
+              get_certificate_info (scanner_iterator_key_pub (&scanners), -1,
                                     &activation_time, &expiration_time,
-                                    &fingerprint, &issuer);
+                                    &fingerprint, NULL, &issuer, NULL);
               activation_time_str = certificate_iso_time (activation_time);
               expiration_time_str = certificate_iso_time (expiration_time);
               SENDF_TO_CLIENT_OR_FAIL
@@ -17974,10 +18010,10 @@ handle_get_settings (gmp_parser_t *gmp_parser, GError **error)
           gchar *activation_time_str, *expiration_time_str, *fingerprint;
           gchar *issuer;
 
-          get_certificate_info (setting_iterator_value (&settings),
+          get_certificate_info (setting_iterator_value (&settings), -1,
                                 &activation_time,
                                 &expiration_time, &fingerprint,
-                                &issuer);
+                                NULL, &issuer, NULL);
           activation_time_str = certificate_iso_time (activation_time);
           expiration_time_str = certificate_iso_time (expiration_time);
           SENDF_TO_CLIENT_OR_FAIL
@@ -20559,6 +20595,7 @@ gmp_xml_handle_end_element (/* unused */ GMarkupParseContext* context,
         break;
 
       case CLIENT_DELETE_TICKET:
+      case CLIENT_DELETE_TLS_CERTIFICATE:
         delete_run (gmp_parser, error);
         set_client_state (CLIENT_AUTHENTIC);
         break;
@@ -20726,9 +20763,9 @@ gmp_xml_handle_end_element (/* unused */ GMarkupParseContext* context,
                     "<value>%s</value>",
                     ldap_cacert);
 
-                  get_certificate_info (ldap_cacert, &activation_time,
+                  get_certificate_info (ldap_cacert, -1, &activation_time,
                                         &expiration_time, &fingerprint,
-                                        &issuer);
+                                        NULL, &issuer, NULL);
                   activation_time_str = certificate_iso_time (activation_time);
                   expiration_time_str = certificate_iso_time (expiration_time);
                   SENDF_TO_CLIENT_OR_FAIL
@@ -20907,6 +20944,8 @@ gmp_xml_handle_end_element (/* unused */ GMarkupParseContext* context,
 
       CASE_GET_END (TICKETS, tickets);
 
+      CASE_GET_END (TLS_CERTIFICATES, tls_certificates);
+
       case CLIENT_GET_USERS:
         handle_get_users (gmp_parser, error);
         break;
@@ -25107,6 +25146,12 @@ gmp_xml_handle_end_element (/* unused */ GMarkupParseContext* context,
           set_client_state (CLIENT_AUTHENTIC);
         break;
 
+      case CLIENT_CREATE_TLS_CERTIFICATE:
+        if (create_tls_certificate_element_end (gmp_parser, error,
+                                                element_name))
+          set_client_state (CLIENT_AUTHENTIC);
+        break;
+
       case CLIENT_CREATE_USER:
         {
           gchar *errdesc;
@@ -27839,6 +27884,13 @@ gmp_xml_handle_end_element (/* unused */ GMarkupParseContext* context,
           set_client_state (CLIENT_AUTHENTIC);
         break;
 
+      case CLIENT_MODIFY_TLS_CERTIFICATE:
+        if (modify_tls_certificate_element_end (gmp_parser,
+                                                error,
+                                                element_name))
+          set_client_state (CLIENT_AUTHENTIC);
+        break;
+
       case CLIENT_MODIFY_USER:
         {
           if ((modify_user_data->name == NULL
@@ -29752,6 +29804,10 @@ gmp_xml_handle_text (/* unused */ GMarkupParseContext* context,
         create_ticket_element_text (text, text_len);
         break;
 
+      case CLIENT_CREATE_TLS_CERTIFICATE:
+        create_tls_certificate_element_text (text, text_len);
+        break;
+
 
       APPEND (CLIENT_CREATE_USER_COMMENT,
               &create_user_data->comment);
@@ -30059,6 +30115,9 @@ gmp_xml_handle_text (/* unused */ GMarkupParseContext* context,
         modify_ticket_element_text (text, text_len);
         break;
 
+      case CLIENT_MODIFY_TLS_CERTIFICATE:
+        modify_tls_certificate_element_text (text, text_len);
+        break;
 
       APPEND (CLIENT_RUN_WIZARD_MODE,
               &run_wizard_data->mode);