OpenVAS Libraries  9.0.1
Macros | Functions
openvas_auth.c File Reference
#include "openvas_auth.h"
#include "openvas_uuid.h"
#include "../base/openvas_file.h"
#include "../base/array.h"
#include <errno.h>
#include <gcrypt.h>
#include <glib/gstdio.h>

Macros

#define G_LOG_DOMAIN   "lib auth"
 GLib logging domain. More...
 

Functions

int openvas_auth_ldap_enabled ()
 Return whether libraries has been compiled with LDAP support. More...
 
int openvas_auth_radius_enabled ()
 Return whether libraries has been compiled with RADIUS support. More...
 
const gchar * auth_method_name (auth_method_t method)
 Return name of auth_method_t. More...
 
int openvas_auth_init ()
 Initializes Gcrypt. More...
 
void openvas_auth_tear_down (void)
 Free memory associated to authentication configuration. More...
 
gchar * digest_hex (int gcrypt_algorithm, const guchar *digest)
 Generate a hexadecimal representation of a message digest. More...
 
gchar * get_password_hashes (int digest_algorithm, const gchar *password)
 Generate a pair of hashes to be used in the OpenVAS "auth/hash" file for the user. More...
 
int openvas_authenticate_classic (const gchar *username, const gchar *password, const gchar *hash_arg)
 Authenticate a credential pair against openvas user file contents. More...
 

Macro Definition Documentation

◆ G_LOG_DOMAIN

#define G_LOG_DOMAIN   "lib auth"

GLib logging domain.

Function Documentation

◆ auth_method_name()

const gchar* auth_method_name ( auth_method_t  method)

Return name of auth_method_t.

Keep in sync with authentication_methods and authentication_method .

Parameters
methodAuth method.
Returns
Name of auth method.

◆ digest_hex()

gchar* digest_hex ( int  gcrypt_algorithm,
const guchar *  digest 
)

Generate a hexadecimal representation of a message digest.

Parameters
gcrypt_algorithmThe libgcrypt message digest algorithm used to create the digest (e.g. GCRY_MD_MD5; see the enum gcry_md_algos in gcrypt.h).
digestThe binary representation of the digest.
Returns
A pointer to the hexadecimal representation of the message digest or NULL if an unavailable message digest algorithm was selected.

◆ get_password_hashes()

gchar* get_password_hashes ( int  digest_algorithm,
const gchar *  password 
)

Generate a pair of hashes to be used in the OpenVAS "auth/hash" file for the user.

The "auth/hash" file consist of two hashes, h_1 and h_2. h_2 (the "seed") is the message digest of (currently) 256 bytes of random data. h_1 is the message digest of h_2 concatenated with the password in plaintext.

The current implementation was taken from the openvas-adduser shell script provided with openvas-server.

Parameters
digest_algorithmThe libgcrypt message digest algorithm used to create the digest (e.g. GCRY_MD_MD5; see the enum gcry_md_algos in gcrypt.h)
passwordThe password in plaintext.
Returns
A pointer to a gchar containing the two hashes separated by a space or NULL if an unavailable message digest algorithm was selected.

◆ openvas_auth_init()

int openvas_auth_init ( )

Initializes Gcrypt.

Returns
0 success, -1 error.

◆ openvas_auth_ldap_enabled()

int openvas_auth_ldap_enabled ( )

Return whether libraries has been compiled with LDAP support.

Returns
1 if enabled, else 0.

◆ openvas_auth_radius_enabled()

int openvas_auth_radius_enabled ( )

Return whether libraries has been compiled with RADIUS support.

Returns
1 if enabled, else 0.

◆ openvas_auth_tear_down()

void openvas_auth_tear_down ( void  )

Free memory associated to authentication configuration.

This will have no effect if openvas_auth_init was not called.

Todo:
Close memleak, destroy list and content.

◆ openvas_authenticate_classic()

int openvas_authenticate_classic ( const gchar *  username,
const gchar *  password,
const gchar *  hash_arg 
)

Authenticate a credential pair against openvas user file contents.

Parameters
usernameUsername.
passwordPassword.
hash_argHash.
Returns
0 authentication success, 1 authentication failure, -1 error.