[Openvas-commits] r3431 - in trunk/openvas-config-manager: . src

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Tue May 19 19:51:08 CEST 2009


Author: mattm
Date: 2009-05-19 19:51:08 +0200 (Tue, 19 May 2009)
New Revision: 3431

Modified:
   trunk/openvas-config-manager/ChangeLog
   trunk/openvas-config-manager/src/CMakeLists.txt
   trunk/openvas-config-manager/src/openvascd.c
Log:
	Move authentication facilities to libopenvas.

	* src/openvascd.c: Include openvas/openvas_auth.h.
	(digest_hex, get_password_hashes): Remove.  Now in libopenvas.

	* CMakeList.txt (openvascd): Link to libopenvas.

Modified: trunk/openvas-config-manager/ChangeLog
===================================================================
--- trunk/openvas-config-manager/ChangeLog	2009-05-19 17:45:49 UTC (rev 3430)
+++ trunk/openvas-config-manager/ChangeLog	2009-05-19 17:51:08 UTC (rev 3431)
@@ -1,3 +1,12 @@
+2009-05-19  Matthew Mundell <mmundell at intevation.de>
+
+	Move authentication facilities to libopenvas.
+
+	* src/openvascd.c: Include openvas/openvas_auth.h.
+	(digest_hex, get_password_hashes): Remove.  Now in libopenvas.
+
+	* CMakeList.txt (openvascd): Link to libopenvas.
+
 2009-05-11  Michael Wiegand <michael.wiegand at intevation.de>
 
 	Added source code documentation infrastructure.

Modified: trunk/openvas-config-manager/src/CMakeLists.txt
===================================================================
--- trunk/openvas-config-manager/src/CMakeLists.txt	2009-05-19 17:45:49 UTC (rev 3430)
+++ trunk/openvas-config-manager/src/CMakeLists.txt	2009-05-19 17:51:08 UTC (rev 3431)
@@ -72,7 +72,7 @@
 endif (OPENVAS_LIB_INSTALL_DIR)
 
 set_target_properties (openvascd PROPERTIES LINK_FLAGS
-                       "${TEMP} -lgnutls ${GLIB_LDFLAGS}")
+                       "${TEMP} -lopenvas -lgnutls ${GLIB_LDFLAGS}")
 
 if (OPENVAS_HEADER_INSTALL_DIR)
   set (TEMP "-I${OPENVAS_HEADER_INSTALL_DIR}")

Modified: trunk/openvas-config-manager/src/openvascd.c
===================================================================
--- trunk/openvas-config-manager/src/openvascd.c	2009-05-19 17:45:49 UTC (rev 3430)
+++ trunk/openvas-config-manager/src/openvascd.c	2009-05-19 17:51:08 UTC (rev 3431)
@@ -54,6 +54,7 @@
 #include <unistd.h>
 #include <gnutls/gnutls.h>
 #include <gcrypt.h>
+#include <openvas/openvas_auth.h>
 
 #define OPENVASCD_DEFAULT_PORT 9392
 
@@ -88,12 +89,6 @@
 openvas_config_add_user (const gchar *, const gchar *, const gchar *,
                          const gchar *);
 
-gchar *
-digest_hex (int, const guchar *);
-
-gchar *
-get_password_hashes (int, const gchar *);
-
 gboolean
 openvas_config_remove_user (const gchar *, const gchar *);
 
@@ -368,7 +363,7 @@
       socket_error = listen (server_socket, 1024);
       SOCKET_ERR (socket_error, "listen");
 
-      g_debug ("Daemon setup finished, server ready. Listening to port '%d'.", port);
+      g_debug ("Daemon setup finished, server ready. Listening on port '%d'.", port);
 
       client_len = sizeof (sockaddr_client);
       for (;;)
@@ -767,97 +762,6 @@
 }
 
 /**
- * @brief Generate a hexadecimal representation of a message digest.
- *
- * @param gcrypt_algorithm The libgcrypt message digest algorithm used to
- * create the digest (e.g. GCRY_MD_MD5; see the enum gcry_md_algos in
- * gcrypt.h).
- * @param digest The binary representation of the digest.
- *
- * @return A pointer to the hexadecimal representation of the message digest
- * or NULL if an unavailable message digest algorithm was selected.
- */
-gchar *
-digest_hex (int gcrypt_algorithm, const guchar * digest)
-{
-  gcry_error_t err = gcry_md_test_algo (gcrypt_algorithm);
-  if (err != 0)
-    {
-      g_warning ("Could not select gcrypt algorithm: %s",
-               gcry_strerror (err));
-      return NULL;
-    }
-
-  gchar *hex = g_malloc0(gcry_md_get_algo_dlen (gcrypt_algorithm) * 2 + 1);
-  int i;
-
-  for (i = 0; i < gcry_md_get_algo_dlen (gcrypt_algorithm); i++)
-    {
-      g_snprintf(hex + i * 2, 3, "%02x", digest[i]);
-    }
-
-  return hex;
-}
-
-/**
- * @brief Generate a pair of hashes to be used in the OpenVAS "auth/hash" file
- * for the user.
- *
- * The "auth/hash" file consist of two hashes, h_1 and h_2. h_2 (the "seed")
- * is the message digest of (currently) 256 bytes of random data. h_1 is the
- * message digest of h_2 concatenated with the password in plaintext.
- *
- * The current implementation was taken from the openvas-adduser shell script
- * provided with openvas-server.
- *
- * @param gcrypt_algorithm The libgcrypt message digest algorithm used to
- * create the digest (e.g. GCRY_MD_MD5; see the enum gcry_md_algos in
- * gcrypt.h)
- * @param password The password in plaintext.
- *
- * @return A pointer to a gchar containing the two hashes separated by a
- * space or NULL if an unavailable message digest algorithm was selected.
- */
-gchar *
-get_password_hashes (int gcrypt_algorithm, const gchar * password)
-{
-  gcry_error_t err = gcry_md_test_algo (gcrypt_algorithm);
-  if (err != 0)
-    {
-      g_warning ("Could not select gcrypt algorithm: %s",
-               gcry_strerror (err));
-      return NULL;
-    }
-
-  g_assert (password);
-
-  unsigned char *nonce_buffer[256];
-  guchar *seed = g_malloc0 (gcry_md_get_algo_dlen (gcrypt_algorithm));
-  gchar *seed_hex = NULL;
-  gchar *seed_pass = NULL;
-  guchar *hash = g_malloc0 (gcry_md_get_algo_dlen (gcrypt_algorithm));
-  gchar *hash_hex = NULL;
-  gchar *hashes_out = NULL;
-
-  gcry_create_nonce (nonce_buffer, 256);
-  gcry_md_hash_buffer (GCRY_MD_MD5, seed, nonce_buffer, 256);
-  seed_hex = digest_hex (GCRY_MD_MD5, seed);
-  seed_pass = g_strconcat (seed_hex, password, NULL);
-  gcry_md_hash_buffer (GCRY_MD_MD5, hash, seed_pass, strlen (seed_pass));
-  hash_hex = digest_hex (GCRY_MD_MD5, hash);
-
-  hashes_out = g_strjoin (" ", hash_hex, seed_hex, NULL);
-
-  g_free (seed);
-  g_free (seed_hex);
-  g_free (seed_pass);
-  g_free (hash);
-  g_free (hash_hex);
-
-  return hashes_out;
-}
-
-/**
  * @brief Removes an user from the OpenVAS installation.
  *
  * @param name The name of the user to be removed.



More information about the Openvas-commits mailing list