20#define G_LOG_DOMAIN "libgvm util"
28 "radius_connect", NULL};
43#ifdef ENABLE_LDAP_AUTH
58#ifdef ENABLE_RADIUS_AUTH
93 g_warning (
"gvm_auth_init called a second time.");
100 if (gcry_control (GCRYCTL_ANY_INITIALIZATION_P))
110 if (!gcry_check_version (NULL))
112 g_critical (
"%s: libgcrypt version check failed\n", __func__);
118 gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
126 gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0);
130 gcry_control (GCRYCTL_RESUME_SECMEM_WARN);
135 gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
159 gcry_error_t err = gcry_md_test_algo (gcrypt_algorithm);
162 g_warning (
"Could not select gcrypt algorithm: %s", gcry_strerror (err));
166 hex = g_malloc0 (gcry_md_get_algo_dlen (gcrypt_algorithm) * 2 + 1);
167 for (i = 0; i < gcry_md_get_algo_dlen (gcrypt_algorithm); i++)
169 g_snprintf (hex + i * 2, 3,
"%02x", digest[i]);
193 unsigned char *nonce_buffer[256];
194 guchar *seed = g_malloc0 (gcry_md_get_algo_dlen (GCRY_MD_MD5));
195 gchar *seed_hex = NULL;
196 gchar *seed_pass = NULL;
197 guchar *hash = g_malloc0 (gcry_md_get_algo_dlen (GCRY_MD_MD5));
198 gchar *hash_hex = NULL;
199 gchar *hashes_out = NULL;
201 gcry_create_nonce (nonce_buffer, 256);
202 gcry_md_hash_buffer (GCRY_MD_MD5, seed, nonce_buffer, 256);
204 seed_pass = g_strconcat (seed_hex, password, NULL);
205 gcry_md_hash_buffer (GCRY_MD_MD5, hash, seed_pass, strlen (seed_pass));
208 hashes_out = g_strjoin (
" ", hash_hex, seed_hex, NULL);
232 gchar *hash_hex = NULL;
233 guchar *hash = g_malloc0 (gcry_md_get_algo_dlen (GCRY_MD_MD5));
235 gcry_md_hash_buffer (GCRY_MD_MD5, hash,
string, strlen (
string));
254 const gchar *hash_arg)
256 int gcrypt_algorithm = GCRY_MD_MD5;
258 gchar *actual, *expect, *seed_pass;
260 gchar *hash_hex, **seed_hex, **split;
263 if (hash_arg == NULL)
265 actual = g_strdup (hash_arg);
267 split = g_strsplit_set (g_strchomp (actual),
" ", 2);
268 seed_hex = split + 1;
269 if (*split == NULL || *seed_hex == NULL)
271 g_warning (
"Failed to split auth contents.");
277 seed_pass = g_strconcat (*seed_hex, password, NULL);
278 hash = g_malloc0 (gcry_md_get_algo_dlen (gcrypt_algorithm));
279 gcry_md_hash_buffer (GCRY_MD_MD5, hash, seed_pass, strlen (seed_pass));
282 expect = g_strjoin (
" ", hash_hex, *seed_hex, NULL);
289 ret = strcmp (expect, actual) ? 1 : 0;
int gvm_auth_radius_enabled(void)
Return whether libraries has been compiled with RADIUS support.
Definition authutils.c:56
gchar * get_md5_hash_from_string(const gchar *string)
Calculate the MD5 hash value for a given string.
Definition authutils.c:228
int gvm_authenticate_classic(const gchar *username, const gchar *password, const gchar *hash_arg)
Authenticate a credential pair against user file contents.
Definition authutils.c:253
static const gchar * authentication_methods[]
Array of string representations of the supported authentication methods.
Definition authutils.c:27
int gvm_auth_init(void)
Initializes Gcrypt.
Definition authutils.c:89
gchar * digest_hex(int gcrypt_algorithm, const guchar *digest)
Generate a hexadecimal representation of a message digest.
Definition authutils.c:154
gchar * get_password_hashes(const gchar *password)
Generate a pair of md5 hashes to be used in the "auth/hash" file for the user.
Definition authutils.c:189
static gboolean initialized
Flag whether the config file was read.
Definition authutils.c:33
int gvm_auth_ldap_enabled(void)
Return whether libraries has been compiled with LDAP support.
Definition authutils.c:41
const gchar * auth_method_name(auth_method_t method)
Return name of auth_method_t.
Definition authutils.c:76
Authentication mechanism(s).
enum authentication_method auth_method_t
Type for the numerical representation of the supported authentication methods.
Definition authutils.h:31
@ AUTHENTICATION_METHOD_LAST
Definition authutils.h:26