34 #define G_LOG_DOMAIN "lib auth"
42 "radius_connect", NULL};
57 #ifdef ENABLE_LDAP_AUTH
72 #ifdef ENABLE_RADIUS_AUTH
107 g_warning (
"gvm_auth_init called a second time.");
114 if (gcry_control (GCRYCTL_ANY_INITIALIZATION_P))
124 if (!gcry_check_version (NULL))
126 g_critical (
"%s: libgcrypt version check failed\n", __FUNCTION__);
132 gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
140 gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0);
144 gcry_control (GCRYCTL_RESUME_SECMEM_WARN);
149 gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
173 gcry_error_t err = gcry_md_test_algo (gcrypt_algorithm);
176 g_warning (
"Could not select gcrypt algorithm: %s", gcry_strerror (err));
180 hex = g_malloc0 (gcry_md_get_algo_dlen (gcrypt_algorithm) * 2 + 1);
181 for (i = 0; i < gcry_md_get_algo_dlen (gcrypt_algorithm); i++)
183 g_snprintf (hex + i * 2, 3,
"%02x", digest[i]);
207 unsigned char *nonce_buffer[256];
208 guchar *seed = g_malloc0 (gcry_md_get_algo_dlen (GCRY_MD_MD5));
209 gchar *seed_hex = NULL;
210 gchar *seed_pass = NULL;
211 guchar *hash = g_malloc0 (gcry_md_get_algo_dlen (GCRY_MD_MD5));
212 gchar *hash_hex = NULL;
213 gchar *hashes_out = NULL;
215 gcry_create_nonce (nonce_buffer, 256);
216 gcry_md_hash_buffer (GCRY_MD_MD5, seed, nonce_buffer, 256);
218 seed_pass = g_strconcat (seed_hex, password, NULL);
219 gcry_md_hash_buffer (GCRY_MD_MD5, hash, seed_pass, strlen (seed_pass));
222 hashes_out = g_strjoin (
" ", hash_hex, seed_hex, NULL);
244 const gchar *hash_arg)
246 int gcrypt_algorithm = GCRY_MD_MD5;
248 gchar *actual, *expect, *seed_pass;
250 gchar *hash_hex, **seed_hex, **split;
253 if (hash_arg == NULL)
255 actual = g_strdup (hash_arg);
257 split = g_strsplit_set (g_strchomp (actual),
" ", 2);
258 seed_hex = split + 1;
259 if (*split == NULL || *seed_hex == NULL)
261 g_warning (
"Failed to split auth contents.");
267 seed_pass = g_strconcat (*seed_hex, password, NULL);
268 hash = g_malloc0 (gcry_md_get_algo_dlen (gcrypt_algorithm));
269 gcry_md_hash_buffer (GCRY_MD_MD5, hash, seed_pass, strlen (seed_pass));
272 expect = g_strjoin (
" ", hash_hex, *seed_hex, NULL);
279 ret = strcmp (expect, actual) ? 1 : 0;