#include <glib.h>
#include "../base/array.h"
Go to the source code of this file.
|
| const gchar * | auth_method_name (auth_method_t) |
| | Return name of auth_method_t. More...
|
| |
| int | openvas_auth_init_funcs (gchar *(*)(const gchar *), int(*)(const gchar *, const gchar *, const gchar *), int(*)(const gchar *, auth_method_t), gchar *(*)(const gchar *, auth_method_t)) |
| |
| void | openvas_auth_tear_down (void) |
| | Free memory associated to authentication configuration. More...
|
| |
| int | openvas_auth_write_config (GKeyFile *keyfile) |
| | Writes the authentication mechanism configuration, merging with. More...
|
| |
| gchar * | get_password_hashes (int, const gchar *) |
| | Generate a pair of hashes to be used in the OpenVAS "auth/hash" file for the user. More...
|
| |
| gchar * | digest_hex (int, const guchar *) |
| | Generate a hexadecimal representation of a message digest. More...
|
| |
| int | openvas_authenticate_method (const gchar *, const gchar *, auth_method_t *) |
| | Authenticate a credential pair and expose the method used. More...
|
| |
| int | openvas_authenticate_uuid (const gchar *, const gchar *, gchar **uuid) |
| |
| int | openvas_user_exists (const char *) |
| | Check whether a user exists. More...
|
| |
| gchar * | openvas_user_uuid (const char *name) |
| | Return the UUID of a user from the OpenVAS user UUID file. More...
|
| |
| int | openvas_auth_radius_enabled () |
| | Return whether libraries has been compiled with RADIUS support. More...
|
| |
◆ auth_method_t
Type for the numerical representation of the supported.
authentication methods.
◆ authentication_method
Numerical representation of the supported authentication methods.
Beware to have it in sync with authentication_methods.
| Enumerator |
|---|
| AUTHENTICATION_METHOD_FILE | |
| AUTHENTICATION_METHOD_LDAP_CONNECT | |
| AUTHENTICATION_METHOD_RADIUS_CONNECT | |
| AUTHENTICATION_METHOD_LAST | |
◆ auth_method_name()
Return name of auth_method_t.
Keep in sync with authentication_methods and authentication_method .
- Parameters
-
- Returns
- Name of auth method.
◆ digest_hex()
| gchar* digest_hex |
( |
int |
gcrypt_algorithm, |
|
|
const guchar * |
digest |
|
) |
| |
Generate a hexadecimal representation of a message digest.
- Parameters
-
| gcrypt_algorithm | The libgcrypt message digest algorithm used to create the digest (e.g. GCRY_MD_MD5; see the enum gcry_md_algos in gcrypt.h). |
| digest | The binary representation of the digest. |
- Returns
- A pointer to the hexadecimal representation of the message digest or NULL if an unavailable message digest algorithm was selected.
◆ get_password_hashes()
| gchar* get_password_hashes |
( |
int |
digest_algorithm, |
|
|
const gchar * |
password |
|
) |
| |
Generate a pair of hashes to be used in the OpenVAS "auth/hash" file for the user.
The "auth/hash" file consist of two hashes, h_1 and h_2. h_2 (the "seed") is the message digest of (currently) 256 bytes of random data. h_1 is the message digest of h_2 concatenated with the password in plaintext.
The current implementation was taken from the openvas-adduser shell script provided with openvas-server.
- Parameters
-
| gcrypt_algorithm | The libgcrypt message digest algorithm used to create the digest (e.g. GCRY_MD_MD5; see the enum gcry_md_algos in gcrypt.h) |
| password | The password in plaintext. |
- Returns
- A pointer to a gchar containing the two hashes separated by a space or NULL if an unavailable message digest algorithm was selected.
◆ openvas_auth_init_funcs()
| int openvas_auth_init_funcs |
( |
gchar * |
*)(const gchar *, |
|
|
int(*)(const gchar *, const gchar *, const gchar *) |
, |
|
|
int(*)(const gchar *, auth_method_t) |
, |
|
|
gchar * |
*)(const gchar *, auth_method_t |
|
) |
| |
◆ openvas_auth_radius_enabled()
| int openvas_auth_radius_enabled |
( |
| ) |
|
Return whether libraries has been compiled with RADIUS support.
- Returns
- 1 if enabled, else 0.
◆ openvas_auth_tear_down()
| void openvas_auth_tear_down |
( |
void |
| ) |
|
Free memory associated to authentication configuration.
This will have no effect if openvas_auth_init was not called.
- Todo:
- Close memleak, destroy list and content.
◆ openvas_auth_write_config()
| int openvas_auth_write_config |
( |
GKeyFile * |
key_file | ) |
|
Writes the authentication mechanism configuration, merging with.
defaults and existing configuration.
If the passed key-file contains just method:ldap_connect, do not write the defaults of any other group.
- Parameters
-
| [in] | keyfile | The KeyFile to merge and write. Can be NULL, in which case just the default will be written. |
- Returns
- 0 if file has been written successfully, 1 authdn validation failed, -1 error.
- Todo:
- Preserve comments in file.
◆ openvas_authenticate_method()
| int openvas_authenticate_method |
( |
const gchar * |
username, |
|
|
const gchar * |
password, |
|
|
auth_method_t * |
method |
|
) |
| |
Authenticate a credential pair and expose the method used.
Uses the configurable authenticators list, if available. Defaults to file-based (openvas users directory) authentication otherwise.
- Parameters
-
| username | Username. |
| password | Password. |
| method[out] | Return location for the method that was used to authenticate the credential pair. |
- Returns
- 0 authentication success, otherwise the result of the last authentication trial: 1 authentication failure, -1 error.
◆ openvas_authenticate_uuid()
| int openvas_authenticate_uuid |
( |
const gchar * |
, |
|
|
const gchar * |
, |
|
|
gchar ** |
uuid |
|
) |
| |
◆ openvas_user_exists()
| int openvas_user_exists |
( |
const char * |
name | ) |
|
Check whether a user exists.
- Parameters
-
- Returns
- 1 yes, 0 no, -1 error.
◆ openvas_user_uuid()
| gchar* openvas_user_uuid |
( |
const char * |
name | ) |
|
Return the UUID of a user from the OpenVAS user UUID file.
If the user exists, ensure that the user has a UUID (create that file).
- Parameters
-
- Returns
- UUID of given user if (locally authenticated) user exists, else NULL.
