[Openvas-commits] r3431 - in trunk/openvas-config-manager: . src
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Tue May 19 19:51:08 CEST 2009
Author: mattm
Date: 2009-05-19 19:51:08 +0200 (Tue, 19 May 2009)
New Revision: 3431
Modified:
trunk/openvas-config-manager/ChangeLog
trunk/openvas-config-manager/src/CMakeLists.txt
trunk/openvas-config-manager/src/openvascd.c
Log:
Move authentication facilities to libopenvas.
* src/openvascd.c: Include openvas/openvas_auth.h.
(digest_hex, get_password_hashes): Remove. Now in libopenvas.
* CMakeList.txt (openvascd): Link to libopenvas.
Modified: trunk/openvas-config-manager/ChangeLog
===================================================================
--- trunk/openvas-config-manager/ChangeLog 2009-05-19 17:45:49 UTC (rev 3430)
+++ trunk/openvas-config-manager/ChangeLog 2009-05-19 17:51:08 UTC (rev 3431)
@@ -1,3 +1,12 @@
+2009-05-19 Matthew Mundell <mmundell at intevation.de>
+
+ Move authentication facilities to libopenvas.
+
+ * src/openvascd.c: Include openvas/openvas_auth.h.
+ (digest_hex, get_password_hashes): Remove. Now in libopenvas.
+
+ * CMakeList.txt (openvascd): Link to libopenvas.
+
2009-05-11 Michael Wiegand <michael.wiegand at intevation.de>
Added source code documentation infrastructure.
Modified: trunk/openvas-config-manager/src/CMakeLists.txt
===================================================================
--- trunk/openvas-config-manager/src/CMakeLists.txt 2009-05-19 17:45:49 UTC (rev 3430)
+++ trunk/openvas-config-manager/src/CMakeLists.txt 2009-05-19 17:51:08 UTC (rev 3431)
@@ -72,7 +72,7 @@
endif (OPENVAS_LIB_INSTALL_DIR)
set_target_properties (openvascd PROPERTIES LINK_FLAGS
- "${TEMP} -lgnutls ${GLIB_LDFLAGS}")
+ "${TEMP} -lopenvas -lgnutls ${GLIB_LDFLAGS}")
if (OPENVAS_HEADER_INSTALL_DIR)
set (TEMP "-I${OPENVAS_HEADER_INSTALL_DIR}")
Modified: trunk/openvas-config-manager/src/openvascd.c
===================================================================
--- trunk/openvas-config-manager/src/openvascd.c 2009-05-19 17:45:49 UTC (rev 3430)
+++ trunk/openvas-config-manager/src/openvascd.c 2009-05-19 17:51:08 UTC (rev 3431)
@@ -54,6 +54,7 @@
#include <unistd.h>
#include <gnutls/gnutls.h>
#include <gcrypt.h>
+#include <openvas/openvas_auth.h>
#define OPENVASCD_DEFAULT_PORT 9392
@@ -88,12 +89,6 @@
openvas_config_add_user (const gchar *, const gchar *, const gchar *,
const gchar *);
-gchar *
-digest_hex (int, const guchar *);
-
-gchar *
-get_password_hashes (int, const gchar *);
-
gboolean
openvas_config_remove_user (const gchar *, const gchar *);
@@ -368,7 +363,7 @@
socket_error = listen (server_socket, 1024);
SOCKET_ERR (socket_error, "listen");
- g_debug ("Daemon setup finished, server ready. Listening to port '%d'.", port);
+ g_debug ("Daemon setup finished, server ready. Listening on port '%d'.", port);
client_len = sizeof (sockaddr_client);
for (;;)
@@ -767,97 +762,6 @@
}
/**
- * @brief Generate a hexadecimal representation of a message digest.
- *
- * @param gcrypt_algorithm The libgcrypt message digest algorithm used to
- * create the digest (e.g. GCRY_MD_MD5; see the enum gcry_md_algos in
- * gcrypt.h).
- * @param digest The binary representation of the digest.
- *
- * @return A pointer to the hexadecimal representation of the message digest
- * or NULL if an unavailable message digest algorithm was selected.
- */
-gchar *
-digest_hex (int gcrypt_algorithm, const guchar * digest)
-{
- gcry_error_t err = gcry_md_test_algo (gcrypt_algorithm);
- if (err != 0)
- {
- g_warning ("Could not select gcrypt algorithm: %s",
- gcry_strerror (err));
- return NULL;
- }
-
- gchar *hex = g_malloc0(gcry_md_get_algo_dlen (gcrypt_algorithm) * 2 + 1);
- int i;
-
- for (i = 0; i < gcry_md_get_algo_dlen (gcrypt_algorithm); i++)
- {
- g_snprintf(hex + i * 2, 3, "%02x", digest[i]);
- }
-
- return hex;
-}
-
-/**
- * @brief Generate a pair of hashes to be used in the OpenVAS "auth/hash" file
- * for the user.
- *
- * The "auth/hash" file consist of two hashes, h_1 and h_2. h_2 (the "seed")
- * is the message digest of (currently) 256 bytes of random data. h_1 is the
- * message digest of h_2 concatenated with the password in plaintext.
- *
- * The current implementation was taken from the openvas-adduser shell script
- * provided with openvas-server.
- *
- * @param gcrypt_algorithm The libgcrypt message digest algorithm used to
- * create the digest (e.g. GCRY_MD_MD5; see the enum gcry_md_algos in
- * gcrypt.h)
- * @param password The password in plaintext.
- *
- * @return A pointer to a gchar containing the two hashes separated by a
- * space or NULL if an unavailable message digest algorithm was selected.
- */
-gchar *
-get_password_hashes (int gcrypt_algorithm, const gchar * password)
-{
- gcry_error_t err = gcry_md_test_algo (gcrypt_algorithm);
- if (err != 0)
- {
- g_warning ("Could not select gcrypt algorithm: %s",
- gcry_strerror (err));
- return NULL;
- }
-
- g_assert (password);
-
- unsigned char *nonce_buffer[256];
- guchar *seed = g_malloc0 (gcry_md_get_algo_dlen (gcrypt_algorithm));
- gchar *seed_hex = NULL;
- gchar *seed_pass = NULL;
- guchar *hash = g_malloc0 (gcry_md_get_algo_dlen (gcrypt_algorithm));
- gchar *hash_hex = NULL;
- gchar *hashes_out = NULL;
-
- gcry_create_nonce (nonce_buffer, 256);
- gcry_md_hash_buffer (GCRY_MD_MD5, seed, nonce_buffer, 256);
- seed_hex = digest_hex (GCRY_MD_MD5, seed);
- seed_pass = g_strconcat (seed_hex, password, NULL);
- gcry_md_hash_buffer (GCRY_MD_MD5, hash, seed_pass, strlen (seed_pass));
- hash_hex = digest_hex (GCRY_MD_MD5, hash);
-
- hashes_out = g_strjoin (" ", hash_hex, seed_hex, NULL);
-
- g_free (seed);
- g_free (seed_hex);
- g_free (seed_pass);
- g_free (hash);
- g_free (hash_hex);
-
- return hashes_out;
-}
-
-/**
* @brief Removes an user from the OpenVAS installation.
*
* @param name The name of the user to be removed.
More information about the Openvas-commits
mailing list