OpenVAS Libraries  9.0.1
Typedefs | Enumerations | Functions
openvas_auth.h File Reference
#include <glib.h>
#include "../base/array.h"

Go to the source code of this file.

Typedefs

typedef enum authentication_method auth_method_t
 Type for the numerical representation of the supported. More...
 

Enumerations

enum  authentication_method { AUTHENTICATION_METHOD_FILE = 0, AUTHENTICATION_METHOD_LDAP_CONNECT, AUTHENTICATION_METHOD_RADIUS_CONNECT, AUTHENTICATION_METHOD_LAST }
 Numerical representation of the supported authentication methods. More...
 

Functions

const gchar * auth_method_name (auth_method_t)
 Return name of auth_method_t. More...
 
int openvas_auth_init ()
 Initializes Gcrypt. More...
 
void openvas_auth_tear_down (void)
 Free memory associated to authentication configuration. More...
 
int openvas_authenticate_classic (const gchar *, const gchar *, const gchar *)
 Authenticate a credential pair against openvas user file contents. More...
 
gchar * get_password_hashes (int, const gchar *)
 Generate a pair of hashes to be used in the OpenVAS "auth/hash" file for the user. More...
 
gchar * digest_hex (int, const guchar *)
 Generate a hexadecimal representation of a message digest. More...
 
int openvas_auth_ldap_enabled ()
 Return whether libraries has been compiled with LDAP support. More...
 
int openvas_auth_radius_enabled ()
 Return whether libraries has been compiled with RADIUS support. More...
 

Typedef Documentation

◆ auth_method_t

Type for the numerical representation of the supported.

authentication methods.

Enumeration Type Documentation

◆ authentication_method

Numerical representation of the supported authentication methods.

Beware to have it in sync with authentication_methods.

Enumerator
AUTHENTICATION_METHOD_FILE 
AUTHENTICATION_METHOD_LDAP_CONNECT 
AUTHENTICATION_METHOD_RADIUS_CONNECT 
AUTHENTICATION_METHOD_LAST 

Function Documentation

◆ auth_method_name()

const gchar* auth_method_name ( auth_method_t  method)

Return name of auth_method_t.

Keep in sync with authentication_methods and authentication_method .

Parameters
methodAuth method.
Returns
Name of auth method.

◆ digest_hex()

gchar* digest_hex ( int  gcrypt_algorithm,
const guchar *  digest 
)

Generate a hexadecimal representation of a message digest.

Parameters
gcrypt_algorithmThe libgcrypt message digest algorithm used to create the digest (e.g. GCRY_MD_MD5; see the enum gcry_md_algos in gcrypt.h).
digestThe binary representation of the digest.
Returns
A pointer to the hexadecimal representation of the message digest or NULL if an unavailable message digest algorithm was selected.

◆ get_password_hashes()

gchar* get_password_hashes ( int  digest_algorithm,
const gchar *  password 
)

Generate a pair of hashes to be used in the OpenVAS "auth/hash" file for the user.

The "auth/hash" file consist of two hashes, h_1 and h_2. h_2 (the "seed") is the message digest of (currently) 256 bytes of random data. h_1 is the message digest of h_2 concatenated with the password in plaintext.

The current implementation was taken from the openvas-adduser shell script provided with openvas-server.

Parameters
digest_algorithmThe libgcrypt message digest algorithm used to create the digest (e.g. GCRY_MD_MD5; see the enum gcry_md_algos in gcrypt.h)
passwordThe password in plaintext.
Returns
A pointer to a gchar containing the two hashes separated by a space or NULL if an unavailable message digest algorithm was selected.

◆ openvas_auth_init()

int openvas_auth_init ( )

Initializes Gcrypt.

Returns
0 success, -1 error.

◆ openvas_auth_ldap_enabled()

int openvas_auth_ldap_enabled ( )

Return whether libraries has been compiled with LDAP support.

Returns
1 if enabled, else 0.

◆ openvas_auth_radius_enabled()

int openvas_auth_radius_enabled ( )

Return whether libraries has been compiled with RADIUS support.

Returns
1 if enabled, else 0.

◆ openvas_auth_tear_down()

void openvas_auth_tear_down ( void  )

Free memory associated to authentication configuration.

This will have no effect if openvas_auth_init was not called.

Todo:
Close memleak, destroy list and content.

◆ openvas_authenticate_classic()

int openvas_authenticate_classic ( const gchar *  username,
const gchar *  password,
const gchar *  hash_arg 
)

Authenticate a credential pair against openvas user file contents.

Parameters
usernameUsername.
passwordPassword.
hash_argHash.
Returns
0 authentication success, 1 authentication failure, -1 error.