20#define G_LOG_DOMAIN "libgvm util"
28 "radius_connect", NULL};
43#ifdef ENABLE_LDAP_AUTH
58#ifdef ENABLE_RADIUS_AUTH
94 for (i = 0; i < 1000; i++)
112 g_warning (
"gvm_auth_init called a second time.");
119 if (gcry_control (GCRYCTL_ANY_INITIALIZATION_P))
129 if (!gcry_check_version (NULL))
131 g_critical (
"%s: libgcrypt version check failed\n", __func__);
137 gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
145 gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0);
149 gcry_control (GCRYCTL_RESUME_SECMEM_WARN);
154 gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
178 gcry_error_t err = gcry_md_test_algo (gcrypt_algorithm);
181 g_warning (
"Could not select gcrypt algorithm: %s", gcry_strerror (err));
185 hex = g_malloc0 (gcry_md_get_algo_dlen (gcrypt_algorithm) * 2 + 1);
186 for (i = 0; i < gcry_md_get_algo_dlen (gcrypt_algorithm); i++)
188 g_snprintf (hex + i * 2, 3,
"%02x", digest[i]);
212 unsigned char *nonce_buffer[256];
213 guchar *seed = g_malloc0 (gcry_md_get_algo_dlen (GCRY_MD_MD5));
214 gchar *seed_hex = NULL;
215 gchar *seed_pass = NULL;
216 guchar *hash = g_malloc0 (gcry_md_get_algo_dlen (GCRY_MD_MD5));
217 gchar *hash_hex = NULL;
218 gchar *hashes_out = NULL;
220 gcry_create_nonce (nonce_buffer, 256);
221 gcry_md_hash_buffer (GCRY_MD_MD5, seed, nonce_buffer, 256);
223 seed_pass = g_strconcat (seed_hex, password, NULL);
224 gcry_md_hash_buffer (GCRY_MD_MD5, hash, seed_pass, strlen (seed_pass));
227 hashes_out = g_strjoin (
" ", hash_hex, seed_hex, NULL);
251 gchar *hash_hex = NULL;
252 guchar *hash = g_malloc0 (gcry_md_get_algo_dlen (GCRY_MD_MD5));
254 gcry_md_hash_buffer (GCRY_MD_MD5, hash,
string, strlen (
string));
273 const gchar *hash_arg)
275 int gcrypt_algorithm = GCRY_MD_MD5;
277 gchar *actual, *expect, *seed_pass;
279 gchar *hash_hex, **seed_hex, **split;
282 if (hash_arg == NULL)
284 actual = g_strdup (hash_arg);
286 split = g_strsplit_set (g_strchomp (actual),
" ", 2);
287 seed_hex = split + 1;
288 if (*split == NULL || *seed_hex == NULL)
290 g_warning (
"Failed to split auth contents.");
296 seed_pass = g_strconcat (*seed_hex, password, NULL);
297 hash = g_malloc0 (gcry_md_get_algo_dlen (gcrypt_algorithm));
298 gcry_md_hash_buffer (GCRY_MD_MD5, hash, seed_pass, strlen (seed_pass));
301 expect = g_strjoin (
" ", hash_hex, *seed_hex, NULL);
308 ret = strcmp (expect, actual) ? 1 : 0;
int auth_method_name_valid(const gchar *name)
Check if name is a valid auth method name.
Definition authutils.c:91
int gvm_auth_radius_enabled(void)
Return whether libraries has been compiled with RADIUS support.
Definition authutils.c:56
gchar * get_md5_hash_from_string(const gchar *string)
Calculate the MD5 hash value for a given string.
Definition authutils.c:247
int gvm_authenticate_classic(const gchar *username, const gchar *password, const gchar *hash_arg)
Authenticate a credential pair against user file contents.
Definition authutils.c:272
static const gchar * authentication_methods[]
Array of string representations of the supported authentication methods.
Definition authutils.c:27
int gvm_auth_init(void)
Initializes Gcrypt.
Definition authutils.c:108
gchar * digest_hex(int gcrypt_algorithm, const guchar *digest)
Generate a hexadecimal representation of a message digest.
Definition authutils.c:173
gchar * get_password_hashes(const gchar *password)
Generate a pair of md5 hashes to be used in the "auth/hash" file for the user.
Definition authutils.c:208
static gboolean initialized
Flag whether the config file was read.
Definition authutils.c:33
int gvm_auth_ldap_enabled(void)
Return whether libraries has been compiled with LDAP support.
Definition authutils.c:41
const gchar * auth_method_name(auth_method_t method)
Return name of auth_method_t.
Definition authutils.c:76
Authentication mechanism(s).
enum authentication_method auth_method_t
Type for the numerical representation of the supported authentication methods.
Definition authutils.h:31
@ AUTHENTICATION_METHOD_LAST
Definition authutils.h:26