On Monday 10 August 2009 10:51:00 Chandrashekhar B wrote: > Hello, > > >* ssl_ciphers - SSL implementation missing, basic SSLv2 implementation > >in ssl_funcs.inc, but for this we need SSLv2 and SSLv3 implementation. > >Should we implement SSL in NASL or use openssl/gnutls and export useful > >f() to NASL? > > I think preference should be to export useful functions from external > libraries.
The problem will be that not all ciphers supported by any one library, GNU TLS particularly is notorious for only exposing "secure" cipher suites. A friend of mine did some work on testing SSL via raw packets (not dependant on using libraries), I will ask him for his opinion/source code. > >Also here's something that was discovered during C plugins replacement > >development: > >- openvas NASL is missing layer 2 functions (in order to implement > >3com_hub fully in NASL, it is required to have layer 2 functions) > >- openvas NASL is missing network info functions (what mac addres, what > >subnet, what interface packet will go through, ...). It could be done > >using pread and parsing output from ifconfig/route/, but it seems clumsy > >and not portable. Agreed. Tim -- Tim Brown <mailto:t...@openvas.org> <http://www.openvas.org/> _______________________________________________ Openvas-devel mailing list Openvas-devel@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
