OpenVAS Libraries  8.0.3
Typedefs | Enumerations | Functions
openvas_auth.h File Reference
#include <glib.h>
#include "../base/array.h"

Go to the source code of this file.

Typedefs

typedef enum authentication_method auth_method_t
 Type for the numerical representation of the supported. More...
 

Enumerations

enum  authentication_method { AUTHENTICATION_METHOD_FILE = 0, AUTHENTICATION_METHOD_LDAP_CONNECT, AUTHENTICATION_METHOD_LAST }
 Numerical representation of the supported authentication methods. More...
 

Functions

const gchar * auth_method_name (auth_method_t)
 Return name of auth_method_t. More...
 
int openvas_auth_init_funcs (gchar *(*)(const gchar *), int(*)(const gchar *, const gchar *, const gchar *), int(*)(const gchar *, auth_method_t), gchar *(*)(const gchar *, auth_method_t))
 
void openvas_auth_tear_down (void)
 Free memory associated to authentication configuration. More...
 
int openvas_auth_write_config (GKeyFile *keyfile)
 Writes the authentication mechanism configuration, merging with. More...
 
gchar * get_password_hashes (int, const gchar *)
 Generate a pair of hashes to be used in the OpenVAS "auth/hash" file for the user. More...
 
gchar * digest_hex (int, const guchar *)
 Generate a hexadecimal representation of a message digest. More...
 
int openvas_authenticate_method (const gchar *, const gchar *, auth_method_t *)
 Authenticate a credential pair and expose the method used. More...
 
int openvas_authenticate_uuid (const gchar *, const gchar *, gchar **uuid)
 
int openvas_user_exists (const char *)
 Check whether a user exists. More...
 
gchar * openvas_user_uuid (const char *name)
 Return the UUID of a user from the OpenVAS user UUID file. More...
 

Typedef Documentation

Type for the numerical representation of the supported.

authentication methods.

Enumeration Type Documentation

Numerical representation of the supported authentication methods.

Beware to have it in sync with authentication_methods.

Enumerator
AUTHENTICATION_METHOD_FILE 
AUTHENTICATION_METHOD_LDAP_CONNECT 
AUTHENTICATION_METHOD_LAST 

Function Documentation

const gchar* auth_method_name ( auth_method_t  method)

Return name of auth_method_t.

Keep in sync with authentication_methods and authentication_method .

Parameters
methodAuth method.
Returns
Name of auth method.
gchar* digest_hex ( int  gcrypt_algorithm,
const guchar *  digest 
)

Generate a hexadecimal representation of a message digest.

Parameters
gcrypt_algorithmThe libgcrypt message digest algorithm used to create the digest (e.g. GCRY_MD_MD5; see the enum gcry_md_algos in gcrypt.h).
digestThe binary representation of the digest.
Returns
A pointer to the hexadecimal representation of the message digest or NULL if an unavailable message digest algorithm was selected.
gchar* get_password_hashes ( int  digest_algorithm,
const gchar *  password 
)

Generate a pair of hashes to be used in the OpenVAS "auth/hash" file for the user.

The "auth/hash" file consist of two hashes, h_1 and h_2. h_2 (the "seed") is the message digest of (currently) 256 bytes of random data. h_1 is the message digest of h_2 concatenated with the password in plaintext.

The current implementation was taken from the openvas-adduser shell script provided with openvas-server.

Parameters
gcrypt_algorithmThe libgcrypt message digest algorithm used to create the digest (e.g. GCRY_MD_MD5; see the enum gcry_md_algos in gcrypt.h)
passwordThe password in plaintext.
Returns
A pointer to a gchar containing the two hashes separated by a space or NULL if an unavailable message digest algorithm was selected.
int openvas_auth_init_funcs ( gchar *  *)(const gchar *,
int(*)(const gchar *, const gchar *, const gchar *)  ,
int(*)(const gchar *, auth_method_t ,
gchar *  *)(const gchar *, auth_method_t 
)
void openvas_auth_tear_down ( void  )

Free memory associated to authentication configuration.

This will have no effect if openvas_auth_init was not called.

Todo:
Close memleak, destroy list and content.
int openvas_auth_write_config ( GKeyFile *  key_file)

Writes the authentication mechanism configuration, merging with.

defaults and existing configuration.

If the passed key-file contains just method:ldap_connect, do not write the defaults of any other group.

Parameters
[in]keyfileThe KeyFile to merge and write. Can be NULL, in which case just the default will be written.
Returns
0 if file has been written successfully, 1 authdn validation failed, -1 error.
Todo:
Preserve comments in file.
int openvas_authenticate_method ( const gchar *  username,
const gchar *  password,
auth_method_t method 
)

Authenticate a credential pair and expose the method used.

Uses the configurable authenticators list, if available. Defaults to file-based (openvas users directory) authentication otherwise.

Parameters
usernameUsername.
passwordPassword.
method[out]Return location for the method that was used to authenticate the credential pair.
Returns
0 authentication success, otherwise the result of the last authentication trial: 1 authentication failure, -1 error.
int openvas_authenticate_uuid ( const gchar *  ,
const gchar *  ,
gchar **  uuid 
)
int openvas_user_exists ( const char *  name)

Check whether a user exists.

Parameters
[in]nameUser name.
Returns
1 yes, 0 no, -1 error.
gchar* openvas_user_uuid ( const char *  name)

Return the UUID of a user from the OpenVAS user UUID file.

If the user exists, ensure that the user has a UUID (create that file).

Parameters
[in]nameUser name.
Returns
UUID of given user if (locally authenticated) user exists, else NULL.