diff --git a/src/gsad_gmp.c b/src/gsad_gmp.c
index b1f06bed8..bd7dd2fb9 100644
--- a/src/gsad_gmp.c
+++ b/src/gsad_gmp.c
@@ -3034,6 +3034,7 @@ create_credential_gmp (gvm_connection_t *connection, credentials_t *credentials,
const char *private_key, *public_key, *certificate, *community;
const char *privacy_password, *auth_algorithm, *privacy_algorithm;
const char *autogenerate, *allow_insecure;
+ const char *kdc, *realm;
entity_t entity;
name = params_value (params, "name");
@@ -3051,6 +3052,8 @@ create_credential_gmp (gvm_connection_t *connection, credentials_t *credentials,
privacy_algorithm = params_value (params, "privacy_algorithm");
allow_insecure = params_value (params, "allow_insecure");
autogenerate = params_value (params, "autogenerate");
+ kdc = params_value (params, "kdc");
+ realm = params_value (params, "realm");
CHECK_VARIABLE_INVALID (name, "Create Credential");
CHECK_VARIABLE_INVALID (comment, "Create Credential");
@@ -3112,6 +3115,29 @@ create_credential_gmp (gvm_connection_t *connection, credentials_t *credentials,
credential_login ? credential_login : "",
password ? password : "", allow_insecure);
}
+ else if (str_equal (type, "krb5"))
+ {
+ CHECK_VARIABLE_INVALID (credential_login, "Create Credential");
+ CHECK_VARIABLE_INVALID (password, "Create Credential");
+ CHECK_VARIABLE_INVALID (kdc, "Create Credential");
+ CHECK_VARIABLE_INVALID (realm, "Create Credential");
+
+ ret = gmpf (
+ connection, credentials, &response, &entity, response_data,
+ ""
+ "%s"
+ "%s"
+ "%s"
+ "%s"
+ "%s"
+ "%s"
+ "%s"
+ "%s"
+ "",
+ name, comment ? comment : "", type,
+ credential_login ? credential_login : "", password ? password : "",
+ kdc ? kdc : "", realm ? realm : "", allow_insecure);
+ }
else if (str_equal (type, "usk"))
{
CHECK_VARIABLE_INVALID (credential_login, "Create Credential");
@@ -3637,6 +3663,7 @@ save_credential_gmp (gvm_connection_t *connection, credentials_t *credentials,
const char *credential_id, *public_key;
const char *name, *comment, *credential_login, *password, *passphrase, *type;
const char *private_key, *certificate, *community, *privacy_password;
+ const char *kdc, *realm;
const char *auth_algorithm, *privacy_algorithm, *allow_insecure;
GString *command;
entity_t entity;
@@ -3654,6 +3681,8 @@ save_credential_gmp (gvm_connection_t *connection, credentials_t *credentials,
privacy_password = params_value (params, "privacy_password");
auth_algorithm = params_value (params, "auth_algorithm");
privacy_algorithm = params_value (params, "privacy_algorithm");
+ kdc = params_value (params, "kdc");
+ realm = params_value (params, "realm");
allow_insecure = params_value (params, "allow_insecure");
public_key = params_value (params, "public_key");
@@ -3674,6 +3703,14 @@ save_credential_gmp (gvm_connection_t *connection, credentials_t *credentials,
if (params_given (params, "change_passphrase"))
CHECK_VARIABLE_INVALID (passphrase, "Save Credential");
}
+ else if (str_equal (type, "krb5"))
+ {
+ if (params_given (params, "kdc"))
+ CHECK_VARIABLE_INVALID (kdc, "Save Credential");
+
+ if (params_given (params, "realm"))
+ CHECK_VARIABLE_INVALID (realm, "Save Credential");
+ }
else if (str_equal (type, "snmp"))
{
if (params_given (params, "auth_algorithm"))
@@ -3749,6 +3786,17 @@ save_credential_gmp (gvm_connection_t *connection, credentials_t *credentials,
xml_string_append (command, "");
}
}
+ else if (str_equal (type, "krb5"))
+ {
+ if (kdc && strcmp (kdc, ""))
+ {
+ xml_string_append (command, "%s", kdc);
+ }
+ if (realm && strcmp (realm, ""))
+ {
+ xml_string_append (command, "%s", realm);
+ }
+ }
else if (str_equal (type, "cc"))
{
change_passphrase = params_value_bool (params, "change_passphrase");
@@ -5354,12 +5402,14 @@ create_target_gmp (gvm_connection_t *connection, credentials_t *credentials,
const char *name, *hosts, *exclude_hosts, *comment;
const char *target_ssh_credential, *port, *target_smb_credential;
const char *target_ssh_elevate_credential;
+ const char *target_krb5_credential;
const char *target_esxi_credential, *target_snmp_credential, *target_source;
const char *target_exclude_source;
const char *port_list_id, *reverse_lookup_only, *reverse_lookup_unify;
const char *alive_tests, *hosts_filter, *file, *exclude_file;
const char *allow_simultaneous_ips;
gchar *ssh_credentials_element, *smb_credentials_element;
+ gchar *krb5_credentials_element;
gchar *esxi_credentials_element, *snmp_credentials_element;
gchar *ssh_elevate_credentials_element;
gchar *asset_hosts_element;
@@ -5382,6 +5432,7 @@ create_target_gmp (gvm_connection_t *connection, credentials_t *credentials,
port = params_value (params, "port");
target_smb_credential = params_value (params, "smb_credential_id");
target_esxi_credential = params_value (params, "esxi_credential_id");
+ target_krb5_credential = params_value (params, "krb5_credential_id");
target_snmp_credential = params_value (params, "snmp_credential_id");
alive_tests = params_value (params, "alive_tests");
hosts_filter = params_value (params, "hosts_filter");
@@ -5419,6 +5470,8 @@ create_target_gmp (gvm_connection_t *connection, credentials_t *credentials,
CHECK_VARIABLE_INVALID (target_ssh_elevate_credential, "Create Target");
CHECK_VARIABLE_INVALID (target_smb_credential, "Create Target");
CHECK_VARIABLE_INVALID (target_esxi_credential, "Create Target");
+ if (params_given (params, "krb5_credential_id"))
+ CHECK_VARIABLE_INVALID (target_krb5_credential, "Create Target");
CHECK_VARIABLE_INVALID (target_snmp_credential, "Create Target");
CHECK_VARIABLE_INVALID (alive_tests, "Create Target");
CHECK_VARIABLE_INVALID (allow_simultaneous_ips, "Create Target");
@@ -5459,6 +5512,17 @@ create_target_gmp (gvm_connection_t *connection, credentials_t *credentials,
esxi_credentials_element =
g_strdup_printf ("", target_esxi_credential);
+ if (target_krb5_credential)
+ {
+ if (strcmp (target_krb5_credential, "0") == 0)
+ krb5_credentials_element = g_strdup ("");
+ else
+ krb5_credentials_element = g_strdup_printf (
+ "", target_krb5_credential);
+ }
+ else
+ krb5_credentials_element = NULL;
+
if (strcmp (target_snmp_credential, "0") == 0)
snmp_credentials_element = g_strdup ("");
else
@@ -5497,12 +5561,12 @@ create_target_gmp (gvm_connection_t *connection, credentials_t *credentials,
command = g_strdup_printf (
""
- "%s%s%s%s%s%s%s%s"
+ "%s%s%s%s%s%s%s%s%s"
"",
xml->str, comment_element, ssh_credentials_element,
ssh_elevate_credentials_element ? ssh_elevate_credentials_element : "",
smb_credentials_element, esxi_credentials_element, snmp_credentials_element,
- asset_hosts_element);
+ krb5_credentials_element ?: "", asset_hosts_element);
g_string_free (xml, TRUE);
g_free (comment_element);
@@ -5510,6 +5574,8 @@ create_target_gmp (gvm_connection_t *connection, credentials_t *credentials,
g_free (ssh_elevate_credentials_element);
g_free (smb_credentials_element);
g_free (esxi_credentials_element);
+ g_free (krb5_credentials_element);
+ g_free (asset_hosts_element);
ret =
gmp (connection, credentials, &response, &entity, response_data, command);
@@ -6267,6 +6333,7 @@ save_target_gmp (gvm_connection_t *connection, credentials_t *credentials,
const char *target_ssh_credential, *port, *target_smb_credential;
const char *target_ssh_elevate_credential;
const char *target_esxi_credential, *target_snmp_credential;
+ const char *target_krb5_credential;
const char *target_source, *target_exclude_source;
const char *target_id, *port_list_id, *reverse_lookup_only;
const char *reverse_lookup_unify, *alive_tests, *in_use;
@@ -6362,6 +6429,7 @@ save_target_gmp (gvm_connection_t *connection, credentials_t *credentials,
port = params_value (params, "port");
target_smb_credential = params_value (params, "smb_credential_id");
target_esxi_credential = params_value (params, "esxi_credential_id");
+ target_krb5_credential = params_value (params, "krb5_credential_id");
target_snmp_credential = params_value (params, "snmp_credential_id");
allow_simultaneous_ips = params_value (params, "allow_simultaneous_ips");
@@ -6371,6 +6439,8 @@ save_target_gmp (gvm_connection_t *connection, credentials_t *credentials,
CHECK_VARIABLE_INVALID (target_ssh_credential, "Save Target");
CHECK_VARIABLE_INVALID (target_smb_credential, "Save Target");
CHECK_VARIABLE_INVALID (target_esxi_credential, "Save Target");
+ if (params_given (params, "krb5_credential_id"))
+ CHECK_VARIABLE_INVALID (target_krb5_credential, "Save Target");
CHECK_VARIABLE_INVALID (target_snmp_credential, "Save Target");
CHECK_VARIABLE_INVALID (allow_simultaneous_ips, "Save Target");
@@ -6392,6 +6462,7 @@ save_target_gmp (gvm_connection_t *connection, credentials_t *credentials,
gchar *ssh_credentials_element, *smb_credentials_element;
gchar *ssh_elevate_credentials_element;
gchar *esxi_credentials_element, *snmp_credentials_element;
+ gchar *krb5_credentials_element;
gchar *comment_element;
entity_t entity;
@@ -6432,6 +6503,17 @@ save_target_gmp (gvm_connection_t *connection, credentials_t *credentials,
esxi_credentials_element = g_strdup_printf (
"", target_esxi_credential);
+ if (target_krb5_credential)
+ {
+ if (str_equal (target_krb5_credential, "--"))
+ krb5_credentials_element = g_strdup ("");
+ else
+ krb5_credentials_element = g_strdup_printf (
+ "", target_krb5_credential);
+ }
+ else
+ krb5_credentials_element = NULL;
+
if (str_equal (target_snmp_credential, "--"))
snmp_credentials_element = g_strdup ("");
else
@@ -6461,18 +6543,19 @@ save_target_gmp (gvm_connection_t *connection, credentials_t *credentials,
g_string_append_printf (
command,
- "%s%s%s%s%s%s"
+ "%s%s%s%s%s%s%s"
"",
comment_element, ssh_credentials_element,
ssh_elevate_credentials_element ? ssh_elevate_credentials_element : "",
smb_credentials_element, esxi_credentials_element,
- snmp_credentials_element);
+ krb5_credentials_element ?: "", snmp_credentials_element);
g_free (comment_element);
g_free (ssh_credentials_element);
g_free (ssh_elevate_credentials_element);
g_free (smb_credentials_element);
g_free (esxi_credentials_element);
+ g_free (krb5_credentials_element);
g_free (snmp_credentials_element);
/* Modify the target. */
diff --git a/src/gsad_validator.c b/src/gsad_validator.c
index a7e158f73..68a2ef9ad 100644
--- a/src/gsad_validator.c
+++ b/src/gsad_validator.c
@@ -311,7 +311,7 @@ init_validator ()
gvm_validator_add (validator, "credential_id", "^[a-z0-9\\-]+$");
gvm_validator_add (validator, "create_credentials_type", "^(gen|pass|key)$");
gvm_validator_add (validator, "credential_type",
- "^(cc|up|usk|smime|pgp|snmp|pw)$");
+ "^(cc|up|usk|smime|pgp|snmp|krb5|pw)$");
gvm_validator_add (validator, "credential_login", "^[-_[:alnum:]\\.@\\\\]*$");
gvm_validator_add (validator, "condition_data:name", "^.*$");
gvm_validator_add (validator, "condition_data:value", "(?s)^.*$");
@@ -703,6 +703,7 @@ init_validator ()
gvm_validator_alias (validator, "show_all", "boolean");
gvm_validator_alias (validator, "slave_id", "id");
gvm_validator_alias (validator, "smb_credential_id", "credential_id");
+ gvm_validator_alias (validator, "krb5_credential_id", "credential_id");
gvm_validator_alias (validator, "snmp_credential_id", "credential_id");
gvm_validator_alias (validator, "ssh_credential_id", "credential_id");
gvm_validator_alias (validator, "ssh_elevate_credential_id", "credential_id");