Implement Kerberos in Rust NASL using existing C code by Kraemii · Pull Request #2133 · greenbone/openvas-scanner

Kraemii · 2026-02-12T15:21:35Z

In the first step I just did a tidy up of the build scripts already in use for building C code, we already depend on. This includes:

Move all build artifacts to target directory, so they will be cleaned with a cargo clean
Remove shell script for building libgcrypt and libgpg-error. Instead building it within build.rs
Build c files in the sys crate
Provide bindings in sys crate
Re-export sys crate in nas-c-lib to make bindings available

Next I implemented libopenvas-krb5-sys, which includes a build script to:

Download krb5 source
Build krb5 libs from source
Compile openvas-krb5 implementation
Generate bindings

Finally I added all Nasl builtin functions for Kerberos:

krb5_error_code_to_string
krb5_find_kdc
krb5_gss_init
krb5_gss_prepare_context
krb5_gss_session_key
krb5_gss_update_context
krb5_gss_update_context_needs_more
krb5_gss_update_context_out
krb5_is_failure
krb5_is_success

Jira: SC-1136

For testing I provide a small and simple test script. Please use environment variables to fill all the necessary parameters for the Krb5 credentials. Here a template:

KRB5_CONFIG=/etc/openvasd/krb5.conf \
    KRB5_KDC=KDC \
    KRB5_TARGET_HOST=Hostname \
    KRB5_REALM=REALM \
    KRB5_USER=User \
    KRB5_PASSWORD=Password \
    target/release/scannerctl execute script -t <IP> examples/feed/krb5/login.nasl

github-actions · 2026-02-12T15:23:04Z

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA c563c9a.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

Scorecard details

Package

Version

Score

Details

cargo/keccak

0.1.5

🟢 4.8

Details

Check	Score	Reason
Code-Review	🟢 3	Found 10/28 approved changesets -- score normalized to 3
Binary-Artifacts	🟢 10	no binaries found in the repo
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Maintained	🟢 10	14 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
License	⚠️ 0	license file not detected
Fuzzing	⚠️ 0	project is not fuzzed
Packaging	🟢 10	packaging workflow detected
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
Signed-Releases	⚠️ -1	no releases found
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

cargo/autotools

0.2.7

🟢 3.2

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Maintained	⚠️ 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Code-Review	🟢 4	Found 11/24 approved changesets -- score normalized to 4
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	⚠️ 0	security policy file not detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

cargo/bindgen

0.72.1

🟢 5.4

Details

Check	Score	Reason
Maintained	🟢 10	16 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 9	Found 23/24 approved changesets -- score normalized to 9
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Packaging	⚠️ -1	packaging workflow not detected
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Security-Policy	🟢 10	security policy file detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

cargo/bitflags

2.10.0

🟢 7.1

Details

Check	Score	Reason
Binary-Artifacts	🟢 10	no binaries found in the repo
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
CI-Tests	🟢 8	10 out of 12 merged PRs checked by a CI test -- score normalized to 8
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Code-Review	🟢 5	found 6 unreviewed changesets out of 12 -- score normalized to 5
Contributors	🟢 10	22 different organizations found -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Dependency-Update-Tool	⚠️ 0	no update tool detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Maintained	🟢 10	21 commit(s) out of 30 and 3 issue activity out of 30 found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	no published package detected
Pinned-Dependencies	🟢 9	dependency not pinned by hash detected -- score normalized to 9
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Security-Policy	🟢 10	security policy file detected
Signed-Releases	⚠️ -1	no releases found
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	🟢 10	no vulnerabilities detected

cargo/core-foundation

0.9.4

🟢 4.5

Details

Check	Score	Reason
Code-Review	🟢 10	all changesets reviewed
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Maintained	🟢 3	3 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 3
Packaging	⚠️ -1	packaging workflow not detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Binary-Artifacts	🟢 10	no binaries found in the repo
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Security-Policy	⚠️ 0	security policy file not detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
License	🟢 9	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

cargo/futures

0.3.31

🟢 7.1

Details

Check	Score	Reason
Code-Review	🟢 8	Found 16/20 approved changesets -- score normalized to 8
Maintained	🟢 10	11 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy	🟢 10	security policy file detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

cargo/futures-channel

0.3.31

🟢 7.1

Details

Check	Score	Reason
Code-Review	🟢 8	Found 16/20 approved changesets -- score normalized to 8
Maintained	🟢 10	11 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy	🟢 10	security policy file detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

cargo/futures-core

0.3.31

🟢 7.1

Details

Check	Score	Reason
Code-Review	🟢 8	Found 16/20 approved changesets -- score normalized to 8
Maintained	🟢 10	11 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy	🟢 10	security policy file detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

cargo/futures-executor

0.3.31

🟢 7.1

Details

Check	Score	Reason
Code-Review	🟢 8	Found 16/20 approved changesets -- score normalized to 8
Maintained	🟢 10	11 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy	🟢 10	security policy file detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

cargo/futures-io

0.3.31

🟢 7.1

Details

Check	Score	Reason
Code-Review	🟢 8	Found 16/20 approved changesets -- score normalized to 8
Maintained	🟢 10	11 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy	🟢 10	security policy file detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

cargo/futures-macro

0.3.31

🟢 7.1

Details

Check	Score	Reason
Code-Review	🟢 8	Found 16/20 approved changesets -- score normalized to 8
Maintained	🟢 10	11 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy	🟢 10	security policy file detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

cargo/futures-sink

0.3.31

🟢 7.1

Details

Check	Score	Reason
Code-Review	🟢 8	Found 16/20 approved changesets -- score normalized to 8
Maintained	🟢 10	11 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy	🟢 10	security policy file detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

cargo/futures-task

0.3.31

🟢 7.1

Details

Check	Score	Reason
Code-Review	🟢 8	Found 16/20 approved changesets -- score normalized to 8
Maintained	🟢 10	11 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy	🟢 10	security policy file detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

cargo/futures-util

0.3.31

🟢 7.1

Details

Check	Score	Reason
Code-Review	🟢 8	Found 16/20 approved changesets -- score normalized to 8
Maintained	🟢 10	11 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy	🟢 10	security policy file detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

cargo/native-tls

0.2.15

Unknown

cargo/openssl-probe

0.1.6

Unknown

cargo/security-framework

2.11.1

🟢 3.8

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Code-Review	⚠️ 0	Found 0/23 approved changesets -- score normalized to 0
Maintained	🟢 10	23 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Binary-Artifacts	🟢 10	no binaries found in the repo
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Security-Policy	⚠️ 0	security policy file not detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

cargo/security-framework

3.5.1

🟢 3.8

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Code-Review	⚠️ 0	Found 0/23 approved changesets -- score normalized to 0
Maintained	🟢 10	23 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Binary-Artifacts	🟢 10	no binaries found in the repo
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Security-Policy	⚠️ 0	security policy file not detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

cargo/security-framework-sys

2.15.0

🟢 3.8

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Code-Review	⚠️ 0	Found 0/23 approved changesets -- score normalized to 0
Maintained	🟢 10	23 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Binary-Artifacts	🟢 10	no binaries found in the repo
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Security-Policy	⚠️ 0	security policy file not detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

cargo/syn

2.0.115

🟢 5.7

Details

Check	Score	Reason
Maintained	🟢 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Code-Review	⚠️ 0	Found 0/26 approved changesets -- score normalized to 0
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Packaging	⚠️ -1	packaging workflow not detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
License	🟢 10	license file detected
Fuzzing	🟢 10	project is fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
Security-Policy	🟢 3	security policy file detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

cargo/unicode-ident

1.0.23

🟢 5

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Code-Review	⚠️ 0	Found 2/25 approved changesets -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Packaging	⚠️ -1	packaging workflow not detected
Maintained	🟢 10	20 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
Security-Policy	🟢 3	security policy file detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

cargo/uuid

1.20.0

🟢 6.8

Details

Check	Score	Reason
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	24 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 4	Found 5/12 approved changesets -- score normalized to 4
Binary-Artifacts	🟢 10	no binaries found in the repo
Packaging	⚠️ -1	packaging workflow not detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies	🟢 8	dependency not pinned by hash detected -- score normalized to 8
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
License	🟢 9	license file detected
Fuzzing	🟢 10	project is fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

Scanned Files

rust/Cargo.lock

rust/crates/nasl-c-lib/libgcrypt-sys/build.rs

rust/crates/nasl-c-lib/libcrypt-sys/build.rs

This includes: - Move all build artifacts to target directory, so they will be cleaned with a `cargo clean` - Remove shell script for building `libgcrypt` and `libgpg-error`. Instead building it within `build.rs` - Compile needed c functions in sys crate - Provide bindings in sys crate - Re-export sys crate in nas-c-lib to make bindings available

This will now automatically: - download krb5 source - build static krb5 libs from source - compile openvas-krb5 implementation - generate bindings to use openvas-krb5 implementation

This includes: - krb5_error_code_to_string - krb5_find_kdc - krb5_gss_init - krb5_gss_prepare_context - krb5_gss_session_key - krb5_gss_update_context - krb5_gss_update_context_needs_more - krb5_gss_update_context_out - krb5_is_failure - krb5_is_success

Kraemii force-pushed the builtin-kerberos branch from 311d93a to 7455805 Compare February 12, 2026 15:22

Kraemii force-pushed the builtin-kerberos branch from 7455805 to d5dbcca Compare February 12, 2026 17:57

Kraemii commented Feb 12, 2026

View reviewed changes

rust/crates/nasl-c-lib/libgcrypt-sys/build.rs Outdated Show resolved Hide resolved

Kraemii commented Feb 12, 2026

View reviewed changes

rust/crates/nasl-c-lib/libcrypt-sys/build.rs Show resolved Hide resolved

Kraemii force-pushed the builtin-kerberos branch from d5dbcca to 983ebb7 Compare February 12, 2026 19:29

github-actions bot added the minor_release creates a minor release label Feb 13, 2026

Kraemii force-pushed the builtin-kerberos branch from d809781 to 4c451d6 Compare February 13, 2026 15:59

github-actions bot added minor_release creates a minor release and removed minor_release creates a minor release labels Feb 13, 2026

Kraemii force-pushed the builtin-kerberos branch from 4c451d6 to b53e08e Compare February 16, 2026 10:54

github-actions bot added minor_release creates a minor release and removed minor_release creates a minor release labels Feb 16, 2026

Kraemii force-pushed the builtin-kerberos branch from b53e08e to 0928e40 Compare February 16, 2026 12:00

github-actions bot added minor_release creates a minor release and removed minor_release creates a minor release labels Feb 16, 2026

Kraemii force-pushed the builtin-kerberos branch from 0928e40 to d07bd9e Compare February 16, 2026 17:31

github-actions bot added minor_release creates a minor release and removed minor_release creates a minor release labels Feb 16, 2026

Kraemii force-pushed the builtin-kerberos branch from d07bd9e to 651e126 Compare February 17, 2026 16:54

github-actions bot added minor_release creates a minor release and removed minor_release creates a minor release labels Feb 17, 2026

Kraemii force-pushed the builtin-kerberos branch from 651e126 to 8fd0847 Compare February 23, 2026 10:41

Kraemii marked this pull request as ready for review February 23, 2026 10:41

Kraemii requested a review from a team as a code owner February 23, 2026 10:41

github-actions bot added minor_release creates a minor release and removed minor_release creates a minor release labels Feb 23, 2026

Kraemii force-pushed the builtin-kerberos branch from 8fd0847 to 26494b3 Compare February 27, 2026 11:12

github-actions bot added minor_release creates a minor release and removed minor_release creates a minor release labels Feb 27, 2026

github-actions bot added minor_release creates a minor release and removed minor_release creates a minor release labels Mar 2, 2026

Kraemii force-pushed the builtin-kerberos branch from 56cae26 to ecd3d51 Compare March 4, 2026 10:41

github-actions bot added minor_release creates a minor release and removed minor_release creates a minor release labels Mar 4, 2026

Kraemii force-pushed the builtin-kerberos branch from ecd3d51 to c6fef61 Compare March 5, 2026 13:52

github-actions bot added minor_release creates a minor release and removed minor_release creates a minor release labels Mar 5, 2026

Kraemii force-pushed the builtin-kerberos branch from c6fef61 to c32b639 Compare March 6, 2026 10:28

github-actions bot added minor_release creates a minor release and removed minor_release creates a minor release labels Mar 6, 2026

Kraemii force-pushed the builtin-kerberos branch from c32b639 to 7a6707e Compare March 10, 2026 11:47

github-actions bot added minor_release creates a minor release and removed minor_release creates a minor release labels Mar 10, 2026

Kraemii added 10 commits March 11, 2026 10:59

Add: static krb5 lib and openvas implementation

3617ee3

This will now automatically: - download krb5 source - build static krb5 libs from source - compile openvas-krb5 implementation - generate bindings to use openvas-krb5 implementation

Add test script for Kerberos authentication

edf5533

Satisfy clippy

69e1e24

Fix: issue with freeing static krb5 OID

e8732d9

Resolve conflicts

75af02b

Use c_char instead of i8

b52e352

Create temporary krb5 config per target as default

05755ae

Cleanup

c563c9a

Kraemii force-pushed the builtin-kerberos branch from 55e764c to c563c9a Compare March 11, 2026 09:59

github-actions bot added minor_release creates a minor release and removed minor_release creates a minor release labels Mar 11, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Implement Kerberos in Rust NASL using existing C code#2133

Implement Kerberos in Rust NASL using existing C code#2133
Kraemii wants to merge 10 commits intomainfrom
builtin-kerberos

Kraemii commented Feb 12, 2026 •

edited

Loading

Uh oh!

github-actions bot commented Feb 12, 2026 •

edited

Loading

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

Kraemii commented Feb 12, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

github-actions bot commented Feb 12, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Dependency Review

Snapshot Warnings

OpenSSF Scorecard

Scanned Files

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Kraemii commented Feb 12, 2026 •

edited

Loading

github-actions bot commented Feb 12, 2026 •

edited

Loading