26 #ifdef ENABLE_RADIUS_AUTH 28 #if defined(RADIUS_AUTH_FREERADIUS) 29 #include <freeradius-client.h> 30 #ifndef RC_CONFIG_FILE 31 #define RC_DICTIONARY_FILE "/etc/radiusclient/dictionary" 33 #elif defined(RADIUS_AUTH_RADCLI) 35 #include <radcli/radcli.h> 36 #ifndef RC_CONFIG_FILE 37 #define RC_DICTIONARY_FILE "/etc/radcli/dictionary" 41 #include "../base/openvas_networking.h" 44 #ifndef PW_MAX_MSG_SIZE 45 #define PW_MAX_MSG_SIZE 4096 57 radius_init (
const char *hostname,
const char *secret)
60 char authserver[4096];
61 struct sockaddr_in6 ip6;
65 if (inet_pton (AF_INET6, hostname, &(ip6.sin6_addr)) == 1)
66 snprintf (authserver,
sizeof (authserver),
"[%s]::%s", hostname, secret);
68 snprintf (authserver,
sizeof (authserver),
"%s::%s", hostname, secret);
70 #if defined(RADIUS_AUTH_RADCLI) 72 FILE *config_file = NULL;
73 char config_filename[35] =
"/tmp/openvas_radius_conf_XXXXXX";
74 int config_fd = mkstemp (config_filename);
78 g_warning (
"%s: Couldn't create temp radius config file: %s\n",
79 __FUNCTION__, strerror (errno));
80 goto radius_init_fail;
83 config_file = fdopen (config_fd,
"w");
84 if (config_file == NULL)
87 g_warning (
"%s: Couldn't open temp radius config file %s: %s\n",
88 __FUNCTION__, config_filename, strerror (errno));
89 goto radius_init_fail;
92 if (fprintf (config_file,
96 "seqfile /var/run/radius.seq\n" 106 fclose (config_file);
107 g_warning (
"%s: Couldn't write to temp radius config file %s:%s\n",
108 __FUNCTION__, config_filename, strerror (errno));
109 unlink (config_filename);
110 goto radius_init_fail;
112 fclose (config_file);
114 rh = rc_read_config (config_filename);
117 g_warning (
"%s: Couldn't read temp radius config file %s\n",
118 __FUNCTION__, config_filename);
119 unlink (config_filename);
120 goto radius_init_fail;
122 unlink (config_filename);
123 #else // defined(RADIUS_AUTH_RADCLI) 124 if ((rh = rc_new ()) == NULL)
126 g_warning (
"radius_init: Couldn't allocate memory");
129 if (!rc_config_init (rh))
131 g_warning(
"radius_init: Couldn't initialize the config");
136 if (rc_add_config (rh,
"auth_order",
"radius",
"config", 0))
138 g_warning(
"radius_init: Couldn't set auth_order");
139 goto radius_init_fail;
141 if (rc_add_config (rh,
"login_tries",
"4",
"config", 0))
143 g_warning(
"radius_init: Couldn't set login_tries");
144 goto radius_init_fail;
146 if (rc_add_config (rh,
"dictionary", RC_DICTIONARY_FILE,
"config", 0))
148 g_warning(
"radius_init: Couldn't set dictionary");
149 goto radius_init_fail;
151 if (rc_add_config (rh,
"seqfile",
"/var/run/radius.seq",
"config", 0))
153 g_warning(
"radius_init: Couldn't set seqfile");
154 goto radius_init_fail;
156 if (rc_add_config (rh,
"radius_retries",
"3",
"config", 0))
158 g_warning(
"radius_init: Couldn't set radius_retries");
159 goto radius_init_fail;
161 if (rc_add_config (rh,
"radius_timeout",
"5",
"config", 0))
163 g_warning(
"radius_init: Couldn't set radius_timeout");
164 goto radius_init_fail;
166 if (rc_add_config (rh,
"radius_deadtime",
"0",
"config", 0))
168 g_warning(
"radius_init: Couldn't set radius_deadtime");
169 goto radius_init_fail;
171 if (rc_add_config (rh,
"authserver", authserver,
"config", 0) != 0)
173 g_warning (
"radius_init: Couldn't set authserver %s", authserver);
174 goto radius_init_fail;
176 if (rc_read_dictionary (rh, RC_DICTIONARY_FILE) != 0)
178 g_warning (
"radius_init: Couldn't read the dictionary file %s",
180 goto radius_init_fail;
182 #endif // defined(RADIUS_AUTH_RADCLI) 203 const char *username,
const char *password)
205 uint32_t service = PW_AUTHENTICATE_ONLY;
206 char msg[PW_MAX_MSG_SIZE];
207 VALUE_PAIR *send = NULL, *received = NULL;
210 struct sockaddr_in ip4;
211 struct sockaddr_in6 ip6;
213 rh = radius_init (hostname, secret);
216 if (rc_avpair_add (rh, &send, PW_USER_NAME, (
char *) username, -1, 0) == NULL)
218 g_warning (
"radius_authenticate: Couldn't set the username");
219 goto authenticate_leave;
221 if (rc_avpair_add (rh, &send, PW_USER_PASSWORD, (
char *) password, -1, 0)
224 g_warning (
"radius_authenticate: Couldn't set the password");
225 goto authenticate_leave;
227 if (rc_avpair_add (rh, &send, PW_SERVICE_TYPE, &service, -1, 0) == NULL)
229 g_warning (
"radius_authenticate: Couldn't set the service type");
230 goto authenticate_leave;
235 g_warning (
"radius_authenticate: Couldn't resolve %s", hostname);
236 goto authenticate_leave;
240 if (rc_auth (rh, 0, send, &received, msg) == OK_RC)
246 rc_avpair_free (send);
248 rc_avpair_free (received);
266 const char *username,
const char *password)
int radius_authenticate(const char *hostname, const char *secret, const char *username, const char *password)
Dummy function for manager.
int openvas_resolve(const char *name, void *dst, int family)
Resolves a hostname to an IPv4 or IPv6 address.