[PATCH 1/3] security: add the subject entry to peap and ttls
- From: Gary Ching-Pang Lin <chingpang gmail com>
- To: NetworkManager-list gnome org
- Subject: [PATCH 1/3] security: add the subject entry to peap and ttls
- Date: Mon, 21 Nov 2011 15:59:40 +0800
Since PEAP and TTLS use both the subject and CA certificate to
verify the RADIUS server, the subject entry was added to fill
the possible security hole.
https://bugzilla.gnome.org/show_bug.cgi?id=341323
---
src/wireless-security/eap-method-peap.c | 17 +++++++++
src/wireless-security/eap-method-peap.ui | 59 ++++++++++++++++++++++--------
src/wireless-security/eap-method-ttls.c | 17 +++++++++
src/wireless-security/eap-method-ttls.ui | 51 ++++++++++++++++++++------
4 files changed, 118 insertions(+), 26 deletions(-)
diff --git a/src/wireless-security/eap-method-peap.c b/src/wireless-security/eap-method-peap.c
index c53eb71..e379e93 100644
--- a/src/wireless-security/eap-method-peap.c
+++ b/src/wireless-security/eap-method-peap.c
@@ -141,6 +141,12 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
if (text && strlen (text))
g_object_set (s_8021x, NM_SETTING_802_1X_ANONYMOUS_IDENTITY, text, NULL);
+ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_subject_entry"));
+ g_assert (widget);
+ text = gtk_entry_get_text (GTK_ENTRY (widget));
+ if (text && strlen (text))
+ g_object_set (s_8021x, NM_SETTING_802_1X_SUBJECT_MATCH, text, NULL);
+
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_ca_cert_button"));
g_assert (widget);
filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
@@ -383,6 +389,13 @@ eap_method_peap_new (WirelessSecurity *ws_parent,
(GCallback) wireless_security_changed_cb,
ws_parent);
+ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_subject_entry"));
+ if (s_8021x && nm_setting_802_1x_get_subject_match (s_8021x))
+ gtk_entry_set_text (GTK_ENTRY (widget), nm_setting_802_1x_get_subject_match (s_8021x));
+ g_signal_connect (G_OBJECT (widget), "changed",
+ (GCallback) wireless_security_changed_cb,
+ ws_parent);
+
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_anon_identity_entry"));
if (s_8021x && nm_setting_802_1x_get_anonymous_identity (s_8021x))
gtk_entry_set_text (GTK_ENTRY (widget), nm_setting_802_1x_get_anonymous_identity (s_8021x));
@@ -395,6 +408,10 @@ eap_method_peap_new (WirelessSecurity *ws_parent,
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_anon_identity_entry"));
gtk_widget_hide (widget);
+ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_subject_label"));
+ gtk_widget_hide (widget);
+ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_subject_entry"));
+ gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_ca_cert_label"));
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_ca_cert_button"));
diff --git a/src/wireless-security/eap-method-peap.ui b/src/wireless-security/eap-method-peap.ui
index 04d0a0a..f38fc83 100644
--- a/src/wireless-security/eap-method-peap.ui
+++ b/src/wireless-security/eap-method-peap.ui
@@ -35,7 +35,7 @@
<child>
<object class="GtkTable" id="table13">
<property name="visible">True</property>
- <property name="n_rows">5</property>
+ <property name="n_rows">6</property>
<property name="n_columns">2</property>
<property name="column_spacing">12</property>
<property name="row_spacing">6</property>
@@ -65,6 +65,35 @@
</packing>
</child>
<child>
+ <object class="GtkLabel" id="eap_peap_subject_label">
+ <property name="visible">True</property>
+ <property name="xalign">0</property>
+ <property name="label" translatable="yes">_Subject:</property>
+ <property name="use_underline">True</property>
+ <property name="mnemonic_widget">eap_peap_subject_entry</property>
+ </object>
+ <packing>
+ <property name="top_attach">1</property>
+ <property name="bottom_attach">2</property>
+ <property name="x_options">GTK_FILL</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkEntry" id="eap_peap_subject_entry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="activates_default">True</property>
+ </object>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">1</property>
+ <property name="bottom_attach">2</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+ <child>
<object class="GtkLabel" id="eap_peap_ca_cert_label">
<property name="visible">True</property>
<property name="xalign">0</property>
@@ -73,8 +102,8 @@
<property name="mnemonic_widget">eap_peap_ca_cert_button</property>
</object>
<packing>
- <property name="top_attach">1</property>
- <property name="bottom_attach">2</property>
+ <property name="top_attach">2</property>
+ <property name="bottom_attach">3</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options"/>
</packing>
@@ -86,8 +115,8 @@
<packing>
<property name="left_attach">1</property>
<property name="right_attach">2</property>
- <property name="top_attach">1</property>
- <property name="bottom_attach">2</property>
+ <property name="top_attach">2</property>
+ <property name="bottom_attach">3</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options">GTK_FILL</property>
</packing>
@@ -102,8 +131,8 @@
</object>
<packing>
<property name="right_attach">2</property>
- <property name="top_attach">4</property>
- <property name="bottom_attach">5</property>
+ <property name="top_attach">5</property>
+ <property name="bottom_attach">6</property>
<property name="x_options">GTK_FILL</property>
</packing>
</child>
@@ -116,8 +145,8 @@
<property name="mnemonic_widget">eap_peap_inner_auth_combo</property>
</object>
<packing>
- <property name="top_attach">3</property>
- <property name="bottom_attach">4</property>
+ <property name="top_attach">4</property>
+ <property name="bottom_attach">5</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options"/>
</packing>
@@ -136,8 +165,8 @@
<packing>
<property name="left_attach">1</property>
<property name="right_attach">2</property>
- <property name="top_attach">3</property>
- <property name="bottom_attach">4</property>
+ <property name="top_attach">4</property>
+ <property name="bottom_attach">5</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options">GTK_FILL</property>
</packing>
@@ -151,8 +180,8 @@
<property name="mnemonic_widget">eap_peap_version_combo</property>
</object>
<packing>
- <property name="top_attach">2</property>
- <property name="bottom_attach">3</property>
+ <property name="top_attach">3</property>
+ <property name="bottom_attach">4</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options"/>
</packing>
@@ -171,8 +200,8 @@
<packing>
<property name="left_attach">1</property>
<property name="right_attach">2</property>
- <property name="top_attach">2</property>
- <property name="bottom_attach">3</property>
+ <property name="top_attach">3</property>
+ <property name="bottom_attach">4</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options">GTK_FILL</property>
</packing>
diff --git a/src/wireless-security/eap-method-ttls.c b/src/wireless-security/eap-method-ttls.c
index 1a4d6e8..bea8741 100644
--- a/src/wireless-security/eap-method-ttls.c
+++ b/src/wireless-security/eap-method-ttls.c
@@ -136,6 +136,12 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
if (text && strlen (text))
g_object_set (s_8021x, NM_SETTING_802_1X_ANONYMOUS_IDENTITY, text, NULL);
+ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_subject_entry"));
+ g_assert (widget);
+ text = gtk_entry_get_text (GTK_ENTRY (widget));
+ if (text && strlen (text))
+ g_object_set (s_8021x, NM_SETTING_802_1X_SUBJECT_MATCH, text, NULL);
+
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_ca_cert_button"));
g_assert (widget);
filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
@@ -361,6 +367,13 @@ eap_method_ttls_new (WirelessSecurity *ws_parent,
}
}
+ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_subject_entry"));
+ if (s_8021x && nm_setting_802_1x_get_subject_match (s_8021x))
+ gtk_entry_set_text (GTK_ENTRY (widget), nm_setting_802_1x_get_subject_match (s_8021x));
+ g_signal_connect (G_OBJECT (widget), "changed",
+ (GCallback) wireless_security_changed_cb,
+ ws_parent);
+
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_anon_identity_entry"));
if (s_8021x && nm_setting_802_1x_get_anonymous_identity (s_8021x))
gtk_entry_set_text (GTK_ENTRY (widget), nm_setting_802_1x_get_anonymous_identity (s_8021x));
@@ -376,6 +389,10 @@ eap_method_ttls_new (WirelessSecurity *ws_parent,
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_anon_identity_entry"));
gtk_widget_hide (widget);
+ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_subject_label"));
+ gtk_widget_hide (widget);
+ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_subject_entry"));
+ gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_ca_cert_label"));
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_ca_cert_button"));
diff --git a/src/wireless-security/eap-method-ttls.ui b/src/wireless-security/eap-method-ttls.ui
index d77fcb4..4a82630 100644
--- a/src/wireless-security/eap-method-ttls.ui
+++ b/src/wireless-security/eap-method-ttls.ui
@@ -19,7 +19,7 @@
<child>
<object class="GtkTable" id="table10">
<property name="visible">True</property>
- <property name="n_rows">4</property>
+ <property name="n_rows">5</property>
<property name="n_columns">2</property>
<property name="column_spacing">12</property>
<property name="row_spacing">6</property>
@@ -49,6 +49,35 @@
</packing>
</child>
<child>
+ <object class="GtkLabel" id="eap_ttls_subject_label">
+ <property name="visible">True</property>
+ <property name="xalign">0</property>
+ <property name="label" translatable="yes">_Subject:</property>
+ <property name="use_underline">True</property>
+ <property name="mnemonic_widget">eap_ttls_subject_entry</property>
+ </object>
+ <packing>
+ <property name="top_attach">1</property>
+ <property name="bottom_attach">2</property>
+ <property name="x_options">GTK_FILL</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkEntry" id="eap_ttls_subject_entry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="activates_default">True</property>
+ </object>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">1</property>
+ <property name="bottom_attach">2</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+ <child>
<object class="GtkLabel" id="eap_ttls_ca_cert_label">
<property name="visible">True</property>
<property name="xalign">0</property>
@@ -57,8 +86,8 @@
<property name="mnemonic_widget">eap_ttls_ca_cert_button</property>
</object>
<packing>
- <property name="top_attach">1</property>
- <property name="bottom_attach">2</property>
+ <property name="top_attach">2</property>
+ <property name="bottom_attach">3</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options"/>
</packing>
@@ -70,8 +99,8 @@
<packing>
<property name="left_attach">1</property>
<property name="right_attach">2</property>
- <property name="top_attach">1</property>
- <property name="bottom_attach">2</property>
+ <property name="top_attach">2</property>
+ <property name="bottom_attach">3</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options">GTK_FILL</property>
</packing>
@@ -85,8 +114,8 @@
<property name="mnemonic_widget">eap_ttls_inner_auth_combo</property>
</object>
<packing>
- <property name="top_attach">2</property>
- <property name="bottom_attach">3</property>
+ <property name="top_attach">3</property>
+ <property name="bottom_attach">4</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options"/>
</packing>
@@ -105,8 +134,8 @@
<packing>
<property name="left_attach">1</property>
<property name="right_attach">2</property>
- <property name="top_attach">2</property>
- <property name="bottom_attach">3</property>
+ <property name="top_attach">3</property>
+ <property name="bottom_attach">4</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options">GTK_FILL</property>
</packing>
@@ -122,8 +151,8 @@
</object>
<packing>
<property name="right_attach">2</property>
- <property name="top_attach">3</property>
- <property name="bottom_attach">4</property>
+ <property name="top_attach">4</property>
+ <property name="bottom_attach">5</property>
<property name="x_options">GTK_FILL</property>
</packing>
</child>
--
1.7.3.4
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
