[Openvas-commits] r11741 - in trunk/openvas-libraries: . misc

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Wed Oct 5 21:48:03 CEST 2011 

Author: mattm
Date: 2011-10-05 21:48:01 +0200 (Wed, 05 Oct 2011)
New Revision: 11741

Modified:
   trunk/openvas-libraries/ChangeLog
   trunk/openvas-libraries/misc/openvas_auth.c
   trunk/openvas-libraries/misc/openvas_auth.h
Log:
	* src/openvas_auth.c (openvas_user_modify): New function.  Body from
	openvas-administrator openvas_admin_modify_user.

	* misc/openvas_auth.h: Add header accordingly.

Modified: trunk/openvas-libraries/ChangeLog
===================================================================
--- trunk/openvas-libraries/ChangeLog	2011-10-05 14:56:01 UTC (rev 11740)
+++ trunk/openvas-libraries/ChangeLog	2011-10-05 19:48:01 UTC (rev 11741)
@@ -1,3 +1,10 @@
+2011-10-05  Matthew Mundell <matthew.mundell at greenbone.net>
+
+	* src/openvas_auth.c (openvas_user_modify): New function.  Body from
+	openvas-administrator openvas_admin_modify_user.
+
+	* misc/openvas_auth.h: Add header accordingly.
+
 2011-09-27  Matthew Mundell <matthew.mundell at greenbone.net>
 
 	* omp/omp.c (omp_authenticate_info): New function.

Modified: trunk/openvas-libraries/misc/openvas_auth.c
===================================================================
--- trunk/openvas-libraries/misc/openvas_auth.c	2011-10-05 14:56:01 UTC (rev 11740)
+++ trunk/openvas-libraries/misc/openvas_auth.c	2011-10-05 19:48:01 UTC (rev 11741)
@@ -1176,7 +1176,90 @@
   return file_exists;
 }
 
+/** @todo handle remotely authenticated users. */
 /**
+ * @brief Modify a user.
+ *
+ * @param[in]  name         The name of the new user.
+ * @param[in]  password     The password of the new user.  NULL to leave as is.
+ * @param[in]  role         The role of the user.  NULL to leave as is.
+ * @param[in]  hosts        The host the user is allowed/forbidden to scan.
+ *                          NULL to leave as is.
+ * @param[in]  hosts_allow  Whether hosts is allow or forbid.
+ * @param[in]  directory    The directory containing the user directories.  It
+ *                          will be created if it does not exist already.
+ *
+ * @return 0 if the user has been added successfully, -1 on error, -2 for an
+ *         unknown role, -3 if user exists already.
+ */
+int
+openvas_user_modify (const gchar * name, const gchar * password,
+                     const gchar * role, const gchar * hosts,
+                     int hosts_allow, const gchar * directory)
+{
+  g_assert (name != NULL);
+
+  if (directory == NULL)
+    directory = OPENVAS_USERS_DIR;
+
+  if (strcmp (name, "om") == 0)
+    {
+      g_warning ("Attempt to modify special \"om\" user!");
+      return -1;
+    }
+
+  if (g_file_test (directory, G_FILE_TEST_IS_DIR))
+    {
+      GError *error = NULL;
+      gchar *user_hash_file_name, *hashes_out;
+
+      /* Put the password hashes in auth/hash. */
+
+      if (password)
+        {
+          hashes_out = get_password_hashes (GCRY_MD_MD5, password);
+          user_hash_file_name =
+            g_build_filename (directory, name, "auth", "hash", NULL);
+          if (!g_file_set_contents
+              (user_hash_file_name, hashes_out, -1, &error))
+            {
+              g_warning ("%s", error->message);
+              g_error_free (error);
+              g_free (hashes_out);
+              g_free (user_hash_file_name);
+              return -1;
+            }
+          g_free (hashes_out);
+          g_free (user_hash_file_name);
+        }
+
+      /* Create rules according to hosts. */
+      if (hosts)
+        {
+          gchar *user_dir_name = g_build_filename (directory, name, NULL);
+          if (openvas_auth_store_user_rules (user_dir_name, hosts, hosts_allow)
+              == -1)
+            {
+              g_free (user_dir_name);
+              return -1;
+            }
+
+          g_free (user_dir_name);
+        }
+
+      /* Set the role of the user. */
+
+      if (role)
+        return openvas_set_user_role (name, role, NULL);
+
+      return 0;
+    }
+
+  g_warning ("Could not access %s!", directory);
+  return -1;
+}
+
+/**
  * @brief Set the role of a user.
  *
  * @param username      Username.

Modified: trunk/openvas-libraries/misc/openvas_auth.h
===================================================================
--- trunk/openvas-libraries/misc/openvas_auth.h	2011-10-05 14:56:01 UTC (rev 11740)
+++ trunk/openvas-libraries/misc/openvas_auth.h	2011-10-05 19:48:01 UTC (rev 11741)
@@ -56,6 +56,9 @@
 int openvas_set_user_role (const gchar *, const gchar *,
                            const gchar * user_dir_name);
 
+int openvas_user_modify (const gchar *, const gchar *, const gchar *,
+                         const gchar *, int, const gchar *);
+
 int openvas_auth_mkrulesdir (const gchar * user_dir_name);
 
 int openvas_auth_user_rules (const gchar * username, gchar ** rules);

More information about the Openvas-commits mailing list